api-tests-coverage 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/dashboard/assets/_basePickBy-DK6M9Uvz.js +1 -0
- package/dist/dashboard/assets/_baseUniq-BPCxdwlX.js +1 -0
- package/dist/dashboard/assets/arc-225azWF8.js +1 -0
- package/dist/dashboard/assets/architectureDiagram-VXUJARFQ-BW9j-2rE.js +36 -0
- package/dist/dashboard/assets/blockDiagram-VD42YOAC-CcWyVh_8.js +122 -0
- package/dist/dashboard/assets/c4Diagram-YG6GDRKO-Bq0y8Ms0.js +10 -0
- package/dist/dashboard/assets/channel-CPmdNASe.js +1 -0
- package/dist/dashboard/assets/chunk-4BX2VUAB-BrlBx_h4.js +1 -0
- package/dist/dashboard/assets/chunk-55IACEB6-BTGWaOkw.js +1 -0
- package/dist/dashboard/assets/chunk-B4BG7PRW-B-3Me5OV.js +165 -0
- package/dist/dashboard/assets/chunk-DI55MBZ5-BLZCyXU3.js +220 -0
- package/dist/dashboard/assets/chunk-FMBD7UC4-Bm9KRQE1.js +15 -0
- package/dist/dashboard/assets/chunk-QN33PNHL-DtWoo2Hn.js +1 -0
- package/dist/dashboard/assets/chunk-QZHKN3VN-DfaeFdsW.js +1 -0
- package/dist/dashboard/assets/chunk-TZMSLE5B-CM7Di7Gz.js +1 -0
- package/dist/dashboard/assets/classDiagram-2ON5EDUG-DTSnWk0q.js +1 -0
- package/dist/dashboard/assets/classDiagram-v2-WZHVMYZB-DTSnWk0q.js +1 -0
- package/dist/dashboard/assets/clone-DiFVAewv.js +1 -0
- package/dist/dashboard/assets/cose-bilkent-S5V4N54A-CI6S9tNC.js +1 -0
- package/dist/dashboard/assets/cytoscape.esm-CyJtwmzi.js +331 -0
- package/dist/dashboard/assets/dagre-6UL2VRFP-CD25jMwx.js +4 -0
- package/dist/dashboard/assets/diagram-PSM6KHXK-B2ziHyX_.js +24 -0
- package/dist/dashboard/assets/diagram-QEK2KX5R-DpPMBb2T.js +43 -0
- package/dist/dashboard/assets/diagram-S2PKOQOG-BplBVLaZ.js +24 -0
- package/dist/dashboard/assets/erDiagram-Q2GNP2WA-C6Kdrqa_.js +60 -0
- package/dist/dashboard/assets/flowDiagram-NV44I4VS-CBo4bgv8.js +162 -0
- package/dist/dashboard/assets/ganttDiagram-JELNMOA3-DL8oIX3C.js +267 -0
- package/dist/dashboard/assets/gitGraphDiagram-V2S2FVAM-5oPGxe6l.js +65 -0
- package/dist/dashboard/assets/graph-DWVIsnRu.js +1 -0
- package/dist/dashboard/assets/index-B2mS1bcV.js +522 -0
- package/dist/dashboard/assets/index-DBTGeaha.css +1 -0
- package/dist/dashboard/assets/infoDiagram-HS3SLOUP-D-bnjqH3.js +2 -0
- package/dist/dashboard/assets/journeyDiagram-XKPGCS4Q-DkT7QyWQ.js +139 -0
- package/dist/dashboard/assets/kanban-definition-3W4ZIXB7-CSO8OAdK.js +89 -0
- package/dist/dashboard/assets/katex-O9d3_IXG.js +261 -0
- package/dist/dashboard/assets/layout-BRUlIe_x.js +1 -0
- package/dist/dashboard/assets/mindmap-definition-VGOIOE7T-DabWpbNO.js +68 -0
- package/dist/dashboard/assets/pieDiagram-ADFJNKIX-x6W4JfPL.js +30 -0
- package/dist/dashboard/assets/quadrantDiagram-AYHSOK5B-Cs_QHGFN.js +7 -0
- package/dist/dashboard/assets/requirementDiagram-UZGBJVZJ-Y6IeHRvx.js +64 -0
- package/dist/dashboard/assets/sankeyDiagram-TZEHDZUN-CZT51ITh.js +10 -0
- package/dist/dashboard/assets/sequenceDiagram-WL72ISMW-DyAQKRQ-.js +145 -0
- package/dist/dashboard/assets/stateDiagram-FKZM4ZOC-DeadfBBo.js +1 -0
- package/dist/dashboard/assets/stateDiagram-v2-4FDKWEC3-D58eQQQS.js +1 -0
- package/dist/dashboard/assets/timeline-definition-IT6M3QCI-DYmeeClO.js +61 -0
- package/dist/dashboard/assets/treemap-GDKQZRPO-CKPSdFAX.js +162 -0
- package/dist/dashboard/assets/xychartDiagram-PRI3JC2R-Ch7ZZyVX.js +7 -0
- package/dist/dashboard/dist/assets/_basePickBy-DK6M9Uvz.js +1 -0
- package/dist/dashboard/dist/assets/_basePickBy-P9JMLvtQ.js +1 -0
- package/dist/dashboard/dist/assets/_baseUniq-BLr5OOl5.js +1 -0
- package/dist/dashboard/dist/assets/_baseUniq-BPCxdwlX.js +1 -0
- package/dist/dashboard/dist/assets/arc-225azWF8.js +1 -0
- package/dist/dashboard/dist/assets/arc-FwwTLzl4.js +1 -0
- package/dist/dashboard/dist/assets/architectureDiagram-VXUJARFQ-BW9j-2rE.js +36 -0
- package/dist/dashboard/dist/assets/architectureDiagram-VXUJARFQ-C7QAcrIt.js +36 -0
- package/dist/dashboard/dist/assets/blockDiagram-VD42YOAC-BYvjSDpK.js +122 -0
- package/dist/dashboard/dist/assets/blockDiagram-VD42YOAC-CcWyVh_8.js +122 -0
- package/dist/dashboard/dist/assets/c4Diagram-YG6GDRKO-Bq0y8Ms0.js +10 -0
- package/dist/dashboard/dist/assets/c4Diagram-YG6GDRKO-dUTtO4_k.js +10 -0
- package/dist/dashboard/dist/assets/channel-CPmdNASe.js +1 -0
- package/dist/dashboard/dist/assets/channel-DRY_ja-e.js +1 -0
- package/dist/dashboard/dist/assets/chunk-4BX2VUAB-BrlBx_h4.js +1 -0
- package/dist/dashboard/dist/assets/chunk-4BX2VUAB-NmyQ9Lvf.js +1 -0
- package/dist/dashboard/dist/assets/chunk-55IACEB6-BTGWaOkw.js +1 -0
- package/dist/dashboard/dist/assets/chunk-55IACEB6-GAN8BMbh.js +1 -0
- package/dist/dashboard/dist/assets/chunk-B4BG7PRW-B-3Me5OV.js +165 -0
- package/dist/dashboard/dist/assets/chunk-B4BG7PRW-CKtaL90X.js +165 -0
- package/dist/dashboard/dist/assets/chunk-DI55MBZ5-BLZCyXU3.js +220 -0
- package/dist/dashboard/dist/assets/chunk-DI55MBZ5-GokZ0alw.js +220 -0
- package/dist/dashboard/dist/assets/chunk-FMBD7UC4-Bm9KRQE1.js +15 -0
- package/dist/dashboard/dist/assets/chunk-FMBD7UC4-D8tBTVUA.js +15 -0
- package/dist/dashboard/dist/assets/chunk-QN33PNHL-C59bvcTc.js +1 -0
- package/dist/dashboard/dist/assets/chunk-QN33PNHL-DtWoo2Hn.js +1 -0
- package/dist/dashboard/dist/assets/chunk-QZHKN3VN-DfaeFdsW.js +1 -0
- package/dist/dashboard/dist/assets/chunk-QZHKN3VN-E7ncuJVt.js +1 -0
- package/dist/dashboard/dist/assets/chunk-TZMSLE5B-BcLpi7P1.js +1 -0
- package/dist/dashboard/dist/assets/chunk-TZMSLE5B-CM7Di7Gz.js +1 -0
- package/dist/dashboard/dist/assets/classDiagram-2ON5EDUG-DTSnWk0q.js +1 -0
- package/dist/dashboard/dist/assets/classDiagram-2ON5EDUG-Dy8_C5lE.js +1 -0
- package/dist/dashboard/dist/assets/classDiagram-v2-WZHVMYZB-DTSnWk0q.js +1 -0
- package/dist/dashboard/dist/assets/classDiagram-v2-WZHVMYZB-Dy8_C5lE.js +1 -0
- package/dist/dashboard/dist/assets/clone-B0_qHCw2.js +1 -0
- package/dist/dashboard/dist/assets/clone-DiFVAewv.js +1 -0
- package/dist/dashboard/dist/assets/cose-bilkent-S5V4N54A-BYK-qqpA.js +1 -0
- package/dist/dashboard/dist/assets/cose-bilkent-S5V4N54A-CI6S9tNC.js +1 -0
- package/dist/dashboard/dist/assets/cytoscape.esm-CyJtwmzi.js +331 -0
- package/dist/dashboard/dist/assets/dagre-6UL2VRFP-CD25jMwx.js +4 -0
- package/dist/dashboard/dist/assets/dagre-6UL2VRFP-CNIXE38x.js +4 -0
- package/dist/dashboard/dist/assets/diagram-PSM6KHXK-B2ziHyX_.js +24 -0
- package/dist/dashboard/dist/assets/diagram-PSM6KHXK-Dza_WM04.js +24 -0
- package/dist/dashboard/dist/assets/diagram-QEK2KX5R-175MJwNN.js +43 -0
- package/dist/dashboard/dist/assets/diagram-QEK2KX5R-DpPMBb2T.js +43 -0
- package/dist/dashboard/dist/assets/diagram-S2PKOQOG-BplBVLaZ.js +24 -0
- package/dist/dashboard/dist/assets/diagram-S2PKOQOG-DpUYqpiH.js +24 -0
- package/dist/dashboard/dist/assets/erDiagram-Q2GNP2WA-C6Kdrqa_.js +60 -0
- package/dist/dashboard/dist/assets/erDiagram-Q2GNP2WA-YGhaTIGv.js +60 -0
- package/dist/dashboard/dist/assets/flowDiagram-NV44I4VS-CBo4bgv8.js +162 -0
- package/dist/dashboard/dist/assets/flowDiagram-NV44I4VS-D9XX51TY.js +162 -0
- package/dist/dashboard/dist/assets/ganttDiagram-JELNMOA3-BnlL2FL1.js +267 -0
- package/dist/dashboard/dist/assets/ganttDiagram-JELNMOA3-DL8oIX3C.js +267 -0
- package/dist/dashboard/dist/assets/gitGraphDiagram-V2S2FVAM-5oPGxe6l.js +65 -0
- package/dist/dashboard/dist/assets/gitGraphDiagram-V2S2FVAM-IqGQHaKk.js +65 -0
- package/dist/dashboard/dist/assets/graph-DOoKbdQ6.js +1 -0
- package/dist/dashboard/dist/assets/graph-DWVIsnRu.js +1 -0
- package/dist/dashboard/dist/assets/index-B2mS1bcV.js +522 -0
- package/dist/dashboard/dist/assets/index-CTnNA-vP.js +522 -0
- package/dist/dashboard/dist/assets/index-DBTGeaha.css +1 -0
- package/dist/dashboard/dist/assets/infoDiagram-HS3SLOUP-D-PYXUrg.js +2 -0
- package/dist/dashboard/dist/assets/infoDiagram-HS3SLOUP-D-bnjqH3.js +2 -0
- package/dist/dashboard/dist/assets/journeyDiagram-XKPGCS4Q-DIxnZShx.js +139 -0
- package/dist/dashboard/dist/assets/journeyDiagram-XKPGCS4Q-DkT7QyWQ.js +139 -0
- package/dist/dashboard/dist/assets/kanban-definition-3W4ZIXB7-CSO8OAdK.js +89 -0
- package/dist/dashboard/dist/assets/kanban-definition-3W4ZIXB7-DIQJ-dLy.js +89 -0
- package/dist/dashboard/dist/assets/katex-O9d3_IXG.js +261 -0
- package/dist/dashboard/dist/assets/layout-BRUlIe_x.js +1 -0
- package/dist/dashboard/dist/assets/layout-Dx_sC6cU.js +1 -0
- package/dist/dashboard/dist/assets/mindmap-definition-VGOIOE7T-BWOv2jfH.js +68 -0
- package/dist/dashboard/dist/assets/mindmap-definition-VGOIOE7T-DabWpbNO.js +68 -0
- package/dist/dashboard/dist/assets/pieDiagram-ADFJNKIX-B-ZMfN-z.js +30 -0
- package/dist/dashboard/dist/assets/pieDiagram-ADFJNKIX-x6W4JfPL.js +30 -0
- package/dist/dashboard/dist/assets/quadrantDiagram-AYHSOK5B-Cs_QHGFN.js +7 -0
- package/dist/dashboard/dist/assets/quadrantDiagram-AYHSOK5B-lHEZJOJ6.js +7 -0
- package/dist/dashboard/dist/assets/requirementDiagram-UZGBJVZJ-Dmgv7ZrT.js +64 -0
- package/dist/dashboard/dist/assets/requirementDiagram-UZGBJVZJ-Y6IeHRvx.js +64 -0
- package/dist/dashboard/dist/assets/sankeyDiagram-TZEHDZUN-CZT51ITh.js +10 -0
- package/dist/dashboard/dist/assets/sankeyDiagram-TZEHDZUN-DYnsmtzq.js +10 -0
- package/dist/dashboard/dist/assets/sequenceDiagram-WL72ISMW-Cp0y_3Co.js +145 -0
- package/dist/dashboard/dist/assets/sequenceDiagram-WL72ISMW-DyAQKRQ-.js +145 -0
- package/dist/dashboard/dist/assets/stateDiagram-FKZM4ZOC-CmJ3FBc_.js +1 -0
- package/dist/dashboard/dist/assets/stateDiagram-FKZM4ZOC-DeadfBBo.js +1 -0
- package/dist/dashboard/dist/assets/stateDiagram-v2-4FDKWEC3-D58eQQQS.js +1 -0
- package/dist/dashboard/dist/assets/stateDiagram-v2-4FDKWEC3-DBJHmcPu.js +1 -0
- package/dist/dashboard/dist/assets/timeline-definition-IT6M3QCI-CnYcftUT.js +61 -0
- package/dist/dashboard/dist/assets/timeline-definition-IT6M3QCI-DYmeeClO.js +61 -0
- package/dist/dashboard/dist/assets/treemap-GDKQZRPO-B-4BtJ8O.js +162 -0
- package/dist/dashboard/dist/assets/treemap-GDKQZRPO-CKPSdFAX.js +162 -0
- package/dist/dashboard/dist/assets/xychartDiagram-PRI3JC2R-Ch7ZZyVX.js +7 -0
- package/dist/dashboard/dist/assets/xychartDiagram-PRI3JC2R-jiOJ2YB4.js +7 -0
- package/dist/dashboard/dist/index.html +14 -0
- package/dist/dashboard/dist/reports/business-coverage.json +201 -0
- package/dist/dashboard/dist/reports/coverage-intelligence.json +728 -0
- package/dist/dashboard/dist/reports/coverage-summary.json +763 -0
- package/dist/dashboard/dist/reports/endpoint-coverage.json +336 -0
- package/dist/dashboard/dist/reports/error-coverage.json +367 -0
- package/dist/dashboard/dist/reports/missing-tests-recommendations.json +285 -0
- package/dist/dashboard/dist/reports/risk-prioritization.json +312 -0
- package/dist/dashboard/dist/reports/security-coverage.json +299 -0
- package/dist/dashboard/dist/vite.svg +1 -0
- package/dist/dashboard/index.html +14 -0
- package/dist/dashboard/reports/business-coverage.json +201 -0
- package/dist/dashboard/reports/coverage-intelligence.json +728 -0
- package/dist/dashboard/reports/coverage-summary.json +763 -0
- package/dist/dashboard/reports/endpoint-coverage.json +336 -0
- package/dist/dashboard/reports/error-coverage.json +367 -0
- package/dist/dashboard/reports/missing-tests-recommendations.json +285 -0
- package/dist/dashboard/reports/risk-prioritization.json +312 -0
- package/dist/dashboard/reports/security-coverage.json +299 -0
- package/dist/dashboard/vite.svg +1 -0
- package/dist/src/index.js +34 -1
- package/dist/src/serveDashboard.d.ts +30 -0
- package/dist/src/serveDashboard.d.ts.map +1 -0
- package/dist/src/serveDashboard.js +191 -0
- package/package.json +3 -2
|
@@ -0,0 +1,299 @@
|
|
|
1
|
+
{
|
|
2
|
+
"total": 27,
|
|
3
|
+
"covered": 7,
|
|
4
|
+
"percentage": 23.08,
|
|
5
|
+
"scanFindings": 0,
|
|
6
|
+
"categorySummary": {
|
|
7
|
+
"authentication": {
|
|
8
|
+
"total": 1,
|
|
9
|
+
"covered": 1
|
|
10
|
+
},
|
|
11
|
+
"authorization": {
|
|
12
|
+
"total": 13,
|
|
13
|
+
"covered": 0
|
|
14
|
+
},
|
|
15
|
+
"input-validation": {
|
|
16
|
+
"total": 11,
|
|
17
|
+
"covered": 5
|
|
18
|
+
},
|
|
19
|
+
"cryptography": {
|
|
20
|
+
"total": 1,
|
|
21
|
+
"covered": 0
|
|
22
|
+
},
|
|
23
|
+
"session-management": {
|
|
24
|
+
"total": 0,
|
|
25
|
+
"covered": 0
|
|
26
|
+
}
|
|
27
|
+
},
|
|
28
|
+
"controls": [
|
|
29
|
+
{
|
|
30
|
+
"id": "authentication:bearerAuth",
|
|
31
|
+
"category": "authentication",
|
|
32
|
+
"description": "Authentication via security scheme \"bearerAuth\" (http/bearer)",
|
|
33
|
+
"covered": true,
|
|
34
|
+
"matchedTests": [
|
|
35
|
+
"returns 401 when no token",
|
|
36
|
+
"returns 401 when no token provided",
|
|
37
|
+
"returns 401 for invalid token",
|
|
38
|
+
"returns 401 without auth"
|
|
39
|
+
],
|
|
40
|
+
"coveredByScanReport": false
|
|
41
|
+
},
|
|
42
|
+
{
|
|
43
|
+
"id": "cryptography:https",
|
|
44
|
+
"category": "cryptography",
|
|
45
|
+
"description": "API servers include non-HTTPS URLs – cryptographic transport security may be missing",
|
|
46
|
+
"covered": false,
|
|
47
|
+
"matchedTests": [],
|
|
48
|
+
"coveredByScanReport": false
|
|
49
|
+
},
|
|
50
|
+
{
|
|
51
|
+
"id": "authorization:get:/wallets",
|
|
52
|
+
"category": "authorization",
|
|
53
|
+
"description": "Authorization check for GET /wallets",
|
|
54
|
+
"endpoint": "GET /wallets",
|
|
55
|
+
"covered": false,
|
|
56
|
+
"matchedTests": [],
|
|
57
|
+
"coveredByScanReport": false
|
|
58
|
+
},
|
|
59
|
+
{
|
|
60
|
+
"id": "authorization:post:/wallets",
|
|
61
|
+
"category": "authorization",
|
|
62
|
+
"description": "Authorization check for POST /wallets",
|
|
63
|
+
"endpoint": "POST /wallets",
|
|
64
|
+
"covered": false,
|
|
65
|
+
"matchedTests": [],
|
|
66
|
+
"coveredByScanReport": false
|
|
67
|
+
},
|
|
68
|
+
{
|
|
69
|
+
"id": "input-validation:post:/wallets",
|
|
70
|
+
"category": "input-validation",
|
|
71
|
+
"description": "Input validation for POST /wallets",
|
|
72
|
+
"endpoint": "POST /wallets",
|
|
73
|
+
"covered": true,
|
|
74
|
+
"matchedTests": [
|
|
75
|
+
"returns 400 when currency is missing",
|
|
76
|
+
"returns 400 for unsupported currency",
|
|
77
|
+
"returns 422 for insufficient funds",
|
|
78
|
+
"returns 401 for invalid token",
|
|
79
|
+
"returns 400 for invalid currency",
|
|
80
|
+
"returns 422 with insufficient funds"
|
|
81
|
+
],
|
|
82
|
+
"coveredByScanReport": false
|
|
83
|
+
},
|
|
84
|
+
{
|
|
85
|
+
"id": "authorization:get:/wallets/{id}",
|
|
86
|
+
"category": "authorization",
|
|
87
|
+
"description": "Authorization check for GET /wallets/{id}",
|
|
88
|
+
"endpoint": "GET /wallets/{id}",
|
|
89
|
+
"covered": false,
|
|
90
|
+
"matchedTests": [],
|
|
91
|
+
"coveredByScanReport": false
|
|
92
|
+
},
|
|
93
|
+
{
|
|
94
|
+
"id": "input-validation:get:/wallets/{id}",
|
|
95
|
+
"category": "input-validation",
|
|
96
|
+
"description": "Input validation for GET /wallets/{id}",
|
|
97
|
+
"endpoint": "GET /wallets/{id}",
|
|
98
|
+
"covered": true,
|
|
99
|
+
"matchedTests": [
|
|
100
|
+
"returns 422 for insufficient funds",
|
|
101
|
+
"returns 400 for invalid currency",
|
|
102
|
+
"returns 422 with insufficient funds"
|
|
103
|
+
],
|
|
104
|
+
"coveredByScanReport": false
|
|
105
|
+
},
|
|
106
|
+
{
|
|
107
|
+
"id": "authorization:delete:/wallets/{id}",
|
|
108
|
+
"category": "authorization",
|
|
109
|
+
"description": "Authorization check for DELETE /wallets/{id}",
|
|
110
|
+
"endpoint": "DELETE /wallets/{id}",
|
|
111
|
+
"covered": false,
|
|
112
|
+
"matchedTests": [],
|
|
113
|
+
"coveredByScanReport": false
|
|
114
|
+
},
|
|
115
|
+
{
|
|
116
|
+
"id": "input-validation:delete:/wallets/{id}",
|
|
117
|
+
"category": "input-validation",
|
|
118
|
+
"description": "Input validation for DELETE /wallets/{id}",
|
|
119
|
+
"endpoint": "DELETE /wallets/{id}",
|
|
120
|
+
"covered": true,
|
|
121
|
+
"matchedTests": [
|
|
122
|
+
"returns 422 for insufficient funds",
|
|
123
|
+
"returns 400 for invalid currency",
|
|
124
|
+
"returns 422 with insufficient funds"
|
|
125
|
+
],
|
|
126
|
+
"coveredByScanReport": false
|
|
127
|
+
},
|
|
128
|
+
{
|
|
129
|
+
"id": "authorization:patch:/wallets/{id}/freeze",
|
|
130
|
+
"category": "authorization",
|
|
131
|
+
"description": "Authorization check for PATCH /wallets/{id}/freeze",
|
|
132
|
+
"endpoint": "PATCH /wallets/{id}/freeze",
|
|
133
|
+
"covered": false,
|
|
134
|
+
"matchedTests": [],
|
|
135
|
+
"coveredByScanReport": false
|
|
136
|
+
},
|
|
137
|
+
{
|
|
138
|
+
"id": "input-validation:patch:/wallets/{id}/freeze",
|
|
139
|
+
"category": "input-validation",
|
|
140
|
+
"description": "Input validation for PATCH /wallets/{id}/freeze",
|
|
141
|
+
"endpoint": "PATCH /wallets/{id}/freeze",
|
|
142
|
+
"covered": false,
|
|
143
|
+
"matchedTests": [],
|
|
144
|
+
"coveredByScanReport": false
|
|
145
|
+
},
|
|
146
|
+
{
|
|
147
|
+
"id": "authorization:patch:/wallets/{id}/unfreeze",
|
|
148
|
+
"category": "authorization",
|
|
149
|
+
"description": "Authorization check for PATCH /wallets/{id}/unfreeze",
|
|
150
|
+
"endpoint": "PATCH /wallets/{id}/unfreeze",
|
|
151
|
+
"covered": false,
|
|
152
|
+
"matchedTests": [],
|
|
153
|
+
"coveredByScanReport": false
|
|
154
|
+
},
|
|
155
|
+
{
|
|
156
|
+
"id": "input-validation:patch:/wallets/{id}/unfreeze",
|
|
157
|
+
"category": "input-validation",
|
|
158
|
+
"description": "Input validation for PATCH /wallets/{id}/unfreeze",
|
|
159
|
+
"endpoint": "PATCH /wallets/{id}/unfreeze",
|
|
160
|
+
"covered": false,
|
|
161
|
+
"matchedTests": [],
|
|
162
|
+
"coveredByScanReport": false
|
|
163
|
+
},
|
|
164
|
+
{
|
|
165
|
+
"id": "authorization:post:/wallets/{id}/fund",
|
|
166
|
+
"category": "authorization",
|
|
167
|
+
"description": "Authorization check for POST /wallets/{id}/fund",
|
|
168
|
+
"endpoint": "POST /wallets/{id}/fund",
|
|
169
|
+
"covered": false,
|
|
170
|
+
"matchedTests": [],
|
|
171
|
+
"coveredByScanReport": false
|
|
172
|
+
},
|
|
173
|
+
{
|
|
174
|
+
"id": "input-validation:post:/wallets/{id}/fund",
|
|
175
|
+
"category": "input-validation",
|
|
176
|
+
"description": "Input validation for POST /wallets/{id}/fund",
|
|
177
|
+
"endpoint": "POST /wallets/{id}/fund",
|
|
178
|
+
"covered": false,
|
|
179
|
+
"matchedTests": [],
|
|
180
|
+
"coveredByScanReport": false
|
|
181
|
+
},
|
|
182
|
+
{
|
|
183
|
+
"id": "authorization:post:/wallets/{id}/debit",
|
|
184
|
+
"category": "authorization",
|
|
185
|
+
"description": "Authorization check for POST /wallets/{id}/debit",
|
|
186
|
+
"endpoint": "POST /wallets/{id}/debit",
|
|
187
|
+
"covered": false,
|
|
188
|
+
"matchedTests": [],
|
|
189
|
+
"coveredByScanReport": false
|
|
190
|
+
},
|
|
191
|
+
{
|
|
192
|
+
"id": "input-validation:post:/wallets/{id}/debit",
|
|
193
|
+
"category": "input-validation",
|
|
194
|
+
"description": "Input validation for POST /wallets/{id}/debit",
|
|
195
|
+
"endpoint": "POST /wallets/{id}/debit",
|
|
196
|
+
"covered": false,
|
|
197
|
+
"matchedTests": [],
|
|
198
|
+
"coveredByScanReport": false
|
|
199
|
+
},
|
|
200
|
+
{
|
|
201
|
+
"id": "authorization:post:/wallets/{id}/transfer",
|
|
202
|
+
"category": "authorization",
|
|
203
|
+
"description": "Authorization check for POST /wallets/{id}/transfer",
|
|
204
|
+
"endpoint": "POST /wallets/{id}/transfer",
|
|
205
|
+
"covered": false,
|
|
206
|
+
"matchedTests": [],
|
|
207
|
+
"coveredByScanReport": false
|
|
208
|
+
},
|
|
209
|
+
{
|
|
210
|
+
"id": "input-validation:post:/wallets/{id}/transfer",
|
|
211
|
+
"category": "input-validation",
|
|
212
|
+
"description": "Input validation for POST /wallets/{id}/transfer",
|
|
213
|
+
"endpoint": "POST /wallets/{id}/transfer",
|
|
214
|
+
"covered": false,
|
|
215
|
+
"matchedTests": [],
|
|
216
|
+
"coveredByScanReport": false
|
|
217
|
+
},
|
|
218
|
+
{
|
|
219
|
+
"id": "authorization:post:/payments",
|
|
220
|
+
"category": "authorization",
|
|
221
|
+
"description": "Authorization check for POST /payments",
|
|
222
|
+
"endpoint": "POST /payments",
|
|
223
|
+
"covered": false,
|
|
224
|
+
"matchedTests": [],
|
|
225
|
+
"coveredByScanReport": false
|
|
226
|
+
},
|
|
227
|
+
{
|
|
228
|
+
"id": "input-validation:post:/payments",
|
|
229
|
+
"category": "input-validation",
|
|
230
|
+
"description": "Input validation for POST /payments",
|
|
231
|
+
"endpoint": "POST /payments",
|
|
232
|
+
"covered": true,
|
|
233
|
+
"matchedTests": [
|
|
234
|
+
"returns 400 for missing required fields",
|
|
235
|
+
"returns 422 for invalid (non-existent) wallet",
|
|
236
|
+
"returns 422 when refunding a non-completed payment"
|
|
237
|
+
],
|
|
238
|
+
"coveredByScanReport": false
|
|
239
|
+
},
|
|
240
|
+
{
|
|
241
|
+
"id": "authorization:get:/payments/{id}",
|
|
242
|
+
"category": "authorization",
|
|
243
|
+
"description": "Authorization check for GET /payments/{id}",
|
|
244
|
+
"endpoint": "GET /payments/{id}",
|
|
245
|
+
"covered": false,
|
|
246
|
+
"matchedTests": [],
|
|
247
|
+
"coveredByScanReport": false
|
|
248
|
+
},
|
|
249
|
+
{
|
|
250
|
+
"id": "input-validation:get:/payments/{id}",
|
|
251
|
+
"category": "input-validation",
|
|
252
|
+
"description": "Input validation for GET /payments/{id}",
|
|
253
|
+
"endpoint": "GET /payments/{id}",
|
|
254
|
+
"covered": true,
|
|
255
|
+
"matchedTests": [
|
|
256
|
+
"returns 422 when refunding a non-completed payment"
|
|
257
|
+
],
|
|
258
|
+
"coveredByScanReport": false
|
|
259
|
+
},
|
|
260
|
+
{
|
|
261
|
+
"id": "authorization:post:/payments/{id}/refund",
|
|
262
|
+
"category": "authorization",
|
|
263
|
+
"description": "Authorization check for POST /payments/{id}/refund",
|
|
264
|
+
"endpoint": "POST /payments/{id}/refund",
|
|
265
|
+
"covered": false,
|
|
266
|
+
"matchedTests": [],
|
|
267
|
+
"coveredByScanReport": false
|
|
268
|
+
},
|
|
269
|
+
{
|
|
270
|
+
"id": "input-validation:post:/payments/{id}/refund",
|
|
271
|
+
"category": "input-validation",
|
|
272
|
+
"description": "Input validation for POST /payments/{id}/refund",
|
|
273
|
+
"endpoint": "POST /payments/{id}/refund",
|
|
274
|
+
"covered": false,
|
|
275
|
+
"matchedTests": [],
|
|
276
|
+
"coveredByScanReport": false
|
|
277
|
+
},
|
|
278
|
+
{
|
|
279
|
+
"id": "authorization:get:/transactions",
|
|
280
|
+
"category": "authorization",
|
|
281
|
+
"description": "Authorization check for GET /transactions",
|
|
282
|
+
"endpoint": "GET /transactions",
|
|
283
|
+
"covered": false,
|
|
284
|
+
"matchedTests": [],
|
|
285
|
+
"coveredByScanReport": false
|
|
286
|
+
},
|
|
287
|
+
{
|
|
288
|
+
"id": "authentication:JWT",
|
|
289
|
+
"category": "authentication",
|
|
290
|
+
"description": "JWT token signature and expiry validation",
|
|
291
|
+
"covered": true,
|
|
292
|
+
"matchedTests": [
|
|
293
|
+
"returns 401 for expired JWT",
|
|
294
|
+
"returns 401 for invalid JWT signature"
|
|
295
|
+
],
|
|
296
|
+
"coveredByScanReport": false
|
|
297
|
+
}
|
|
298
|
+
]
|
|
299
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="31.88" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 257"><defs><linearGradient id="IconifyId1813088fe1fbc01fb466" x1="-.828%" x2="57.636%" y1="7.652%" y2="78.411%"><stop offset="0%" stop-color="#41D1FF"></stop><stop offset="100%" stop-color="#BD34FE"></stop></linearGradient><linearGradient id="IconifyId1813088fe1fbc01fb467" x1="43.376%" x2="50.316%" y1="2.242%" y2="89.03%"><stop offset="0%" stop-color="#FFEA83"></stop><stop offset="8.333%" stop-color="#FFDD35"></stop><stop offset="100%" stop-color="#FFA800"></stop></linearGradient></defs><path fill="url(#IconifyId1813088fe1fbc01fb466)" d="M255.153 37.938L134.897 252.976c-2.483 4.44-8.862 4.466-11.382.048L.875 37.958c-2.746-4.814 1.371-10.646 6.827-9.67l120.385 21.517a6.537 6.537 0 0 0 2.322-.004l117.867-21.483c5.438-.991 9.574 4.796 6.877 9.62Z"></path><path fill="url(#IconifyId1813088fe1fbc01fb467)" d="M185.432.063L96.44 17.501a3.268 3.268 0 0 0-2.634 3.014l-5.474 92.456a3.268 3.268 0 0 0 3.997 3.378l24.777-5.718c2.318-.535 4.413 1.507 3.936 3.838l-7.361 36.047c-.495 2.426 1.782 4.5 4.151 3.78l15.304-4.649c2.372-.72 4.652 1.36 4.15 3.788l-11.698 56.621c-.732 3.542 3.979 5.473 5.943 2.437l1.313-2.028l72.516-144.72c1.215-2.423-.88-5.186-3.54-4.672l-25.505 4.922c-2.396.462-4.435-1.77-3.759-4.114l16.646-57.705c.677-2.35-1.37-4.583-3.769-4.113Z"></path></svg>
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
<!doctype html>
|
|
2
|
+
<html lang="en">
|
|
3
|
+
<head>
|
|
4
|
+
<meta charset="UTF-8" />
|
|
5
|
+
<link rel="icon" type="image/svg+xml" href="/vite.svg" />
|
|
6
|
+
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
7
|
+
<title>API Coverage Analyzer Dashboard</title>
|
|
8
|
+
<script type="module" crossorigin src="/assets/index-B2mS1bcV.js"></script>
|
|
9
|
+
<link rel="stylesheet" crossorigin href="/assets/index-DBTGeaha.css">
|
|
10
|
+
</head>
|
|
11
|
+
<body>
|
|
12
|
+
<div id="root"></div>
|
|
13
|
+
</body>
|
|
14
|
+
</html>
|
|
@@ -0,0 +1,201 @@
|
|
|
1
|
+
{
|
|
2
|
+
"total": 9,
|
|
3
|
+
"covered": 8,
|
|
4
|
+
"percentage": 88.89,
|
|
5
|
+
"uncoveredRules": [
|
|
6
|
+
{
|
|
7
|
+
"id": "daily-limit",
|
|
8
|
+
"description": "Daily transaction limit is $10,000"
|
|
9
|
+
}
|
|
10
|
+
],
|
|
11
|
+
"rules": [
|
|
12
|
+
{
|
|
13
|
+
"id": "min-fund-amount",
|
|
14
|
+
"description": "Minimum funding amount is $1",
|
|
15
|
+
"endpoints": [
|
|
16
|
+
"POST /wallets/{walletId}/fund"
|
|
17
|
+
],
|
|
18
|
+
"covered": true,
|
|
19
|
+
"testFiles": [
|
|
20
|
+
"tests/blackbox/payments.blackbox.test.ts",
|
|
21
|
+
"tests/blackbox/wallets.blackbox.test.ts",
|
|
22
|
+
"tests/integration/wallets.integration.test.ts"
|
|
23
|
+
],
|
|
24
|
+
"matchedTests": [
|
|
25
|
+
"returns 400 for missing required fields",
|
|
26
|
+
"returns 400 when currency is missing",
|
|
27
|
+
"returns 400 for unsupported currency",
|
|
28
|
+
"funds exactly $1 (minimum amount)",
|
|
29
|
+
"returns 400 for invalid currency"
|
|
30
|
+
],
|
|
31
|
+
"scenarios": []
|
|
32
|
+
},
|
|
33
|
+
{
|
|
34
|
+
"id": "insufficient-funds",
|
|
35
|
+
"description": "Debit cannot exceed balance",
|
|
36
|
+
"endpoints": [
|
|
37
|
+
"POST /wallets/{walletId}/debit"
|
|
38
|
+
],
|
|
39
|
+
"covered": true,
|
|
40
|
+
"testFiles": [
|
|
41
|
+
"tests/blackbox/payments.blackbox.test.ts",
|
|
42
|
+
"tests/blackbox/wallets.blackbox.test.ts",
|
|
43
|
+
"tests/integration/wallets.integration.test.ts",
|
|
44
|
+
"tests/unit/riskService.test.ts",
|
|
45
|
+
"tests/unit/walletService.test.ts"
|
|
46
|
+
],
|
|
47
|
+
"matchedTests": [
|
|
48
|
+
"returns 422 for invalid (non-existent) wallet",
|
|
49
|
+
"returns 422 when refunding a non-completed payment",
|
|
50
|
+
"returns 422 for insufficient funds",
|
|
51
|
+
"debits exactly the full balance",
|
|
52
|
+
"returns 422 with insufficient funds",
|
|
53
|
+
"passes when balance >= amount",
|
|
54
|
+
"throws for insufficient funds",
|
|
55
|
+
"adds to balance and returns transaction",
|
|
56
|
+
"reduces balance",
|
|
57
|
+
"fails with INSUFFICIENT_FUNDS when balance too low"
|
|
58
|
+
],
|
|
59
|
+
"scenarios": []
|
|
60
|
+
},
|
|
61
|
+
{
|
|
62
|
+
"id": "frozen-wallet-reject",
|
|
63
|
+
"description": "Frozen wallets reject all transactions",
|
|
64
|
+
"endpoints": [
|
|
65
|
+
"POST /wallets/{walletId}/debit",
|
|
66
|
+
"POST /wallets/{walletId}/fund",
|
|
67
|
+
"POST /wallets/{walletId}/transfer"
|
|
68
|
+
],
|
|
69
|
+
"covered": true,
|
|
70
|
+
"testFiles": [
|
|
71
|
+
"tests/blackbox/wallets.blackbox.test.ts",
|
|
72
|
+
"tests/integration/wallets.integration.test.ts",
|
|
73
|
+
"tests/unit/riskService.test.ts",
|
|
74
|
+
"tests/unit/walletService.test.ts"
|
|
75
|
+
],
|
|
76
|
+
"matchedTests": [
|
|
77
|
+
"full lifecycle: create, fund, debit, transfer, freeze, unfreeze, delete",
|
|
78
|
+
"freezes a wallet",
|
|
79
|
+
"unfreezes a wallet",
|
|
80
|
+
"throws for frozen wallet",
|
|
81
|
+
"freeze changes status to frozen",
|
|
82
|
+
"unfreeze changes status back to active",
|
|
83
|
+
"freeze throws RiskError on closed wallet"
|
|
84
|
+
],
|
|
85
|
+
"scenarios": []
|
|
86
|
+
},
|
|
87
|
+
{
|
|
88
|
+
"id": "daily-limit",
|
|
89
|
+
"description": "Daily transaction limit is $10,000",
|
|
90
|
+
"endpoints": [
|
|
91
|
+
"POST /wallets/{walletId}/debit",
|
|
92
|
+
"POST /wallets/{walletId}/transfer"
|
|
93
|
+
],
|
|
94
|
+
"covered": false,
|
|
95
|
+
"testFiles": [],
|
|
96
|
+
"matchedTests": [],
|
|
97
|
+
"scenarios": []
|
|
98
|
+
},
|
|
99
|
+
{
|
|
100
|
+
"id": "transfer-same-currency",
|
|
101
|
+
"description": "Transfer requires matching currencies",
|
|
102
|
+
"endpoints": [
|
|
103
|
+
"POST /wallets/{walletId}/transfer"
|
|
104
|
+
],
|
|
105
|
+
"covered": true,
|
|
106
|
+
"testFiles": [
|
|
107
|
+
"tests/blackbox/payments.blackbox.test.ts",
|
|
108
|
+
"tests/blackbox/wallets.blackbox.test.ts",
|
|
109
|
+
"tests/integration/wallets.integration.test.ts"
|
|
110
|
+
],
|
|
111
|
+
"matchedTests": [
|
|
112
|
+
"returns 422 for invalid (non-existent) wallet",
|
|
113
|
+
"returns 422 when refunding a non-completed payment",
|
|
114
|
+
"returns 400 when currency is missing",
|
|
115
|
+
"returns 400 for unsupported currency",
|
|
116
|
+
"returns 422 for insufficient funds",
|
|
117
|
+
"returns 400 for invalid currency",
|
|
118
|
+
"returns 422 with insufficient funds"
|
|
119
|
+
],
|
|
120
|
+
"scenarios": []
|
|
121
|
+
},
|
|
122
|
+
{
|
|
123
|
+
"id": "refund-window",
|
|
124
|
+
"description": "Refund allowed only within 30 days",
|
|
125
|
+
"endpoints": [
|
|
126
|
+
"POST /payments/{paymentId}/refund"
|
|
127
|
+
],
|
|
128
|
+
"covered": true,
|
|
129
|
+
"testFiles": [
|
|
130
|
+
"tests/blackbox/payments.blackbox.test.ts",
|
|
131
|
+
"tests/blackbox/wallets.blackbox.test.ts",
|
|
132
|
+
"tests/integration/payments.integration.test.ts",
|
|
133
|
+
"tests/integration/wallets.integration.test.ts"
|
|
134
|
+
],
|
|
135
|
+
"matchedTests": [
|
|
136
|
+
"returns 422 for invalid (non-existent) wallet",
|
|
137
|
+
"refunds a completed payment",
|
|
138
|
+
"returns 422 when refunding a non-completed payment",
|
|
139
|
+
"returns 422 for insufficient funds",
|
|
140
|
+
"refunds a completed payment",
|
|
141
|
+
"returns 422 with insufficient funds"
|
|
142
|
+
],
|
|
143
|
+
"scenarios": []
|
|
144
|
+
},
|
|
145
|
+
{
|
|
146
|
+
"id": "fraud-check",
|
|
147
|
+
"description": "Payments require fraud check approval",
|
|
148
|
+
"endpoints": [
|
|
149
|
+
"POST /payments"
|
|
150
|
+
],
|
|
151
|
+
"covered": true,
|
|
152
|
+
"testFiles": [
|
|
153
|
+
"tests/unit/paymentService.test.ts",
|
|
154
|
+
"tests/wiremock/fraudEngine.wiremock.test.ts"
|
|
155
|
+
],
|
|
156
|
+
"matchedTests": [
|
|
157
|
+
"returns completed payment when fraud approved and processor succeeds",
|
|
158
|
+
"returns failed payment when fraud engine blocks",
|
|
159
|
+
"fraud check returns approved: true",
|
|
160
|
+
"fraud check returns approved: false with reason",
|
|
161
|
+
"fraud engine returns 503 → error thrown",
|
|
162
|
+
"fraud engine connection error → error thrown"
|
|
163
|
+
],
|
|
164
|
+
"scenarios": []
|
|
165
|
+
},
|
|
166
|
+
{
|
|
167
|
+
"id": "idempotency",
|
|
168
|
+
"description": "Duplicate requests with same key return same result",
|
|
169
|
+
"endpoints": [
|
|
170
|
+
"POST /payments"
|
|
171
|
+
],
|
|
172
|
+
"covered": true,
|
|
173
|
+
"testFiles": [
|
|
174
|
+
"tests/blackbox/payments.blackbox.test.ts",
|
|
175
|
+
"tests/integration/payments.integration.test.ts"
|
|
176
|
+
],
|
|
177
|
+
"matchedTests": [
|
|
178
|
+
"creates payment with idempotency key",
|
|
179
|
+
"returns same payment id for duplicate key",
|
|
180
|
+
"returns same payment for duplicate idempotency key"
|
|
181
|
+
],
|
|
182
|
+
"scenarios": []
|
|
183
|
+
},
|
|
184
|
+
{
|
|
185
|
+
"id": "unique-email",
|
|
186
|
+
"description": "Unique email required for all user accounts",
|
|
187
|
+
"endpoints": [
|
|
188
|
+
"POST /api/users"
|
|
189
|
+
],
|
|
190
|
+
"covered": true,
|
|
191
|
+
"testFiles": [
|
|
192
|
+
"tests/integration/users.integration.test.ts"
|
|
193
|
+
],
|
|
194
|
+
"matchedTests": [
|
|
195
|
+
"returns 409 for duplicate email",
|
|
196
|
+
"rejects registration with existing email"
|
|
197
|
+
],
|
|
198
|
+
"scenarios": []
|
|
199
|
+
}
|
|
200
|
+
]
|
|
201
|
+
}
|