api-tests-coverage 1.0.0

package/dist/src/inference/businessRuleInference.d.ts

@@ -0,0 +1,63 @@
+/**
+ * Business Rule Inference Engine
+ *
+ * When no `business-rules.yaml` file is present, this engine analyzes service
+ * source code to infer business constraints automatically.
+ *
+ * Inference sources:
+ *  - Throw / raise statements gated on a condition   (e.g. throw InsufficientFundsException)
+ *  - Validation checks that return 4xx HTTP responses
+ *  - Authorization logic (isAdmin, hasRole, etc.)
+ *  - Null / empty guards
+ *
+ * Inferred rules are labeled `rule_source: "inferred"` and include a
+ * `source_location` field pointing back to the originating code.
+ *
+ * Generated artifact: reports/inferred-business-rules.json
+ */
+export type RuleSource = 'inferred' | 'explicit';
+export type RuleType = 'validation' | 'authorization' | 'business_logic' | 'error_flow';
+export interface InferredBusinessRule {
+    /** Stable identifier derived from location + condition */
+    id: string;
+    /** Short human-readable name */
+    name: string;
+    rule_source: RuleSource;
+    type: RuleType;
+    /** Best-guess endpoint this rule applies to */
+    endpoint?: string;
+    /** The condition expression as a string */
+    condition: string;
+    /** Human-readable description of expected behavior */
+    expected_behavior: string;
+    /** File path + line number */
+    source_location: string;
+    /** Raw matched code snippet */
+    code_snippet: string;
+}
+export interface BusinessRuleInferenceResult {
+    rules: InferredBusinessRule[];
+    /** Number of service files analyzed */
+    filesAnalyzed: number;
+    /** Whether inference was used (true) or explicit files found (false) */
+    inferred: boolean;
+    /** Warnings emitted during analysis */
+    warnings: string[];
+}
+/**
+ * Infer business rules from a single service source file.
+ */
+export declare function inferRulesFromFile(filePath: string): InferredBusinessRule[];
+/**
+ * Run inference across all provided service source files.
+ *
+ * @param serviceFiles - Paths to service/application source files
+ * @param warnings     - Mutable array; warnings are pushed here
+ */
+export declare function inferBusinessRules(serviceFiles: string[], warnings?: string[]): BusinessRuleInferenceResult;
+/**
+ * Write inferred business rules to the reports directory.
+ * Returns the path of the written file.
+ */
+export declare function writeInferredBusinessRules(result: BusinessRuleInferenceResult, reportsDir: string): string;
+//# sourceMappingURL=businessRuleInference.d.ts.map

package/dist/src/inference/businessRuleInference.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"businessRuleInference.d.ts","sourceRoot":"","sources":["../../../src/inference/businessRuleInference.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAOH,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,UAAU,CAAC;AACjD,MAAM,MAAM,QAAQ,GAChB,YAAY,GACZ,eAAe,GACf,gBAAgB,GAChB,YAAY,CAAC;AAEjB,MAAM,WAAW,oBAAoB;IACnC,0DAA0D;IAC1D,EAAE,EAAE,MAAM,CAAC;IACX,gCAAgC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,UAAU,CAAC;IACxB,IAAI,EAAE,QAAQ,CAAC;IACf,+CAA+C;IAC/C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,sDAAsD;IACtD,iBAAiB,EAAE,MAAM,CAAC;IAC1B,8BAA8B;IAC9B,eAAe,EAAE,MAAM,CAAC;IACxB,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,2BAA2B;IAC1C,KAAK,EAAE,oBAAoB,EAAE,CAAC;IAC9B,uCAAuC;IACvC,aAAa,EAAE,MAAM,CAAC;IACtB,wEAAwE;IACxE,QAAQ,EAAE,OAAO,CAAC;IAClB,uCAAuC;IACvC,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AA2ID;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,oBAAoB,EAAE,CA2C3E;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,YAAY,EAAE,MAAM,EAAE,EACtB,QAAQ,GAAE,MAAM,EAAO,GACtB,2BAA2B,CAuB7B;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,2BAA2B,EACnC,UAAU,EAAE,MAAM,GACjB,MAAM,CAYR"}

package/dist/src/inference/businessRuleInference.js

@@ -0,0 +1,268 @@
+"use strict";
+/**
+ * Business Rule Inference Engine
+ *
+ * When no `business-rules.yaml` file is present, this engine analyzes service
+ * source code to infer business constraints automatically.
+ *
+ * Inference sources:
+ *  - Throw / raise statements gated on a condition   (e.g. throw InsufficientFundsException)
+ *  - Validation checks that return 4xx HTTP responses
+ *  - Authorization logic (isAdmin, hasRole, etc.)
+ *  - Null / empty guards
+ *
+ * Inferred rules are labeled `rule_source: "inferred"` and include a
+ * `source_location` field pointing back to the originating code.
+ *
+ * Generated artifact: reports/inferred-business-rules.json
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.inferRulesFromFile = inferRulesFromFile;
+exports.inferBusinessRules = inferBusinessRules;
+exports.writeInferredBusinessRules = writeInferredBusinessRules;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const INFERENCE_PATTERNS = [
+    // ── throw / raise with an exception ──────────────────────────────────────
+    {
+        type: 'business_logic',
+        pattern: /throw\s+new\s+(\w+Exception|\w+Error)\s*\(([^)]*)\)/i,
+        nameTemplate: (m) => toSnakeCase(m[1]),
+        behaviorTemplate: (m) => `Operation rejected: ${m[1]}`,
+        conditionTemplate: (m) => `throws ${m[1]}(${m[2].trim()})`,
+    },
+    // Python raise
+    {
+        type: 'business_logic',
+        pattern: /raise\s+(\w+(?:Exception|Error))\s*(?:\(([^)]*)\))?/,
+        nameTemplate: (m) => toSnakeCase(m[1]),
+        behaviorTemplate: (m) => `Operation rejected: ${m[1]}`,
+        conditionTemplate: (m) => { var _a; return `raise ${m[1]}(${((_a = m[2]) !== null && _a !== void 0 ? _a : '').trim()})`; },
+    },
+    // Ruby raise
+    {
+        type: 'business_logic',
+        pattern: /raise\s+(\w+(?:Exception|Error))\s*(?:,\s*['"]([^'"]*)['"]\s*)?/,
+        nameTemplate: (m) => toSnakeCase(m[1]),
+        behaviorTemplate: (m) => `Operation rejected: ${m[1]}${m[2] ? ' — ' + m[2] : ''}`,
+        conditionTemplate: (m) => `raise ${m[1]}`,
+    },
+    // ── HTTP 4xx response returns ──────────────────────────────────────────────
+    {
+        type: 'validation',
+        pattern: /return\s+(?:ResponseEntity\.)?(?:status\s*\()?(4\d\d)(?:\))?/,
+        nameTemplate: (m) => `http_${m[1]}_response`,
+        behaviorTemplate: (m) => `Request rejected with HTTP ${m[1]}`,
+        conditionTemplate: (m) => `returns HTTP ${m[1]}`,
+    },
+    // Chained .status(4xx) calls: res.status(400).json(...)
+    {
+        type: 'validation',
+        pattern: /\.status\s*\(\s*(4\d\d)\s*\)/,
+        nameTemplate: (m) => `http_${m[1]}_response`,
+        behaviorTemplate: (m) => `Request rejected with HTTP ${m[1]}`,
+        conditionTemplate: (m) => `returns HTTP ${m[1]}`,
+    },
+    // Flask / FastAPI abort(4xx) or return 4xx
+    {
+        type: 'validation',
+        pattern: /abort\s*\(\s*(4\d\d)\s*\)/,
+        nameTemplate: (m) => `http_${m[1]}_abort`,
+        behaviorTemplate: (m) => `Request aborted with HTTP ${m[1]}`,
+        conditionTemplate: (m) => `abort(${m[1]})`,
+    },
+    // Rails render json: ..., status: :unprocessable_entity / :forbidden / :not_found
+    {
+        type: 'validation',
+        pattern: /render\s+json:.*,\s*status:\s*:(\w+)/,
+        nameTemplate: (m) => `rails_status_${m[1]}`,
+        behaviorTemplate: (m) => `Request rejected with status :${m[1]}`,
+        conditionTemplate: (m) => `render json with status :${m[1]}`,
+    },
+    // ── Null / blank guards ────────────────────────────────────────────────────
+    {
+        type: 'validation',
+        pattern: /if\s*\(?\s*([\w.]+)\s*(?:==\s*null|===\s*null|===\s*undefined|is\s+None|\.nil\?|\.blank\?|\.empty\?)\s*\)?/,
+        nameTemplate: (m) => `null_check_${toSnakeCase(m[1].replace(/\./g, '_'))}`,
+        behaviorTemplate: (m) => `${m[1]} must not be null/empty`,
+        conditionTemplate: (m) => `${m[1]} == null`,
+    },
+    // ── Authorization / permission guards ─────────────────────────────────────
+    {
+        type: 'authorization',
+        pattern: /if\s*\(?\s*!?\s*(?:user\.)?(?:isAdmin|hasRole|hasPermission|can|authorize|authenticated)\s*\(?([^)]*)\)?/i,
+        nameTemplate: (m) => `authorization_${toSnakeCase(m[1] || 'check')}`,
+        behaviorTemplate: (m) => `Access denied — insufficient permissions`,
+        conditionTemplate: (m) => { var _a; return `!isAuthorized(${((_a = m[1]) !== null && _a !== void 0 ? _a : '').trim()})`; },
+    },
+    // ── Balance / capacity / limit checks ─────────────────────────────────────
+    {
+        type: 'business_logic',
+        pattern: /if\s*\(?\s*(\w+)\s*>\s*(\w+)\s*\)?.*(?:throw|raise|return\s+4)/i,
+        nameTemplate: (m) => `limit_exceeded_${toSnakeCase(m[1])}`,
+        behaviorTemplate: (m) => `${m[1]} must not exceed ${m[2]}`,
+        conditionTemplate: (m) => `${m[1]} > ${m[2]}`,
+    },
+];
+// ─── Endpoint heuristics ──────────────────────────────────────────────────────
+/** Attempt to associate a rule with the nearest HTTP route/endpoint annotation. */
+function guessEndpoint(lines, ruleLineIdx) {
+    // Search up to 40 lines above for common routing patterns
+    const lookupLines = lines.slice(Math.max(0, ruleLineIdx - 40), ruleLineIdx);
+    // Spring: @GetMapping("/path") / @PostMapping / @RequestMapping
+    for (let i = lookupLines.length - 1; i >= 0; i--) {
+        const m = lookupLines[i].match(/@(Get|Post|Put|Patch|Delete|Request)Mapping\s*\(\s*["']([^"']+)["']/i);
+        if (m)
+            return `${m[1].toUpperCase()} ${m[2]}`;
+    }
+    // FastAPI: @router.get("/path") / @app.post
+    for (let i = lookupLines.length - 1; i >= 0; i--) {
+        const m = lookupLines[i].match(/@(?:router|app)\.(get|post|put|patch|delete)\s*\(\s*["']([^"']+)["']/i);
+        if (m)
+            return `${m[1].toUpperCase()} ${m[2]}`;
+    }
+    // Express: router.get('/path') / app.post('/path')
+    for (let i = lookupLines.length - 1; i >= 0; i--) {
+        const m = lookupLines[i].match(/(?:router|app)\.(get|post|put|patch|delete)\s*\(\s*["']([^"']+)["']/i);
+        if (m)
+            return `${m[1].toUpperCase()} ${m[2]}`;
+    }
+    // Rails: resources :name / get '/path'
+    for (let i = lookupLines.length - 1; i >= 0; i--) {
+        const m = lookupLines[i].match(/(?:get|post|put|patch|delete)\s*["']([^"']+)["']/i);
+        if (m)
+            return `${lookupLines[i].trim().split(/\s/)[0].toUpperCase()} ${m[1]}`;
+    }
+    return undefined;
+}
+// ─── Core inference function ─────────────────────────────────────────────────
+/**
+ * Infer business rules from a single service source file.
+ */
+function inferRulesFromFile(filePath) {
+    let content;
+    try {
+        content = fs.readFileSync(filePath, 'utf-8');
+    }
+    catch {
+        return [];
+    }
+    const lines = content.split('\n');
+    const rules = [];
+    const seen = new Set();
+    for (let lineIdx = 0; lineIdx < lines.length; lineIdx++) {
+        const line = lines[lineIdx];
+        for (const ip of INFERENCE_PATTERNS) {
+            const match = line.match(ip.pattern);
+            if (!match)
+                continue;
+            const condition = ip.conditionTemplate(match);
+            const sourceLocation = `${filePath}:${lineIdx + 1}`;
+            const dedupKey = `${filePath}:${lineIdx}:${condition}`;
+            if (seen.has(dedupKey))
+                continue;
+            seen.add(dedupKey);
+            const name = ip.nameTemplate(match);
+            const id = `${toSnakeCase(path.basename(filePath, path.extname(filePath)))}_${name}_${lineIdx + 1}`;
+            const endpoint = guessEndpoint(lines, lineIdx);
+            rules.push({
+                id,
+                name,
+                rule_source: 'inferred',
+                type: ip.type,
+                endpoint,
+                condition,
+                expected_behavior: ip.behaviorTemplate(match),
+                source_location: sourceLocation,
+                code_snippet: line.trim().slice(0, 200),
+            });
+        }
+    }
+    return rules;
+}
+/**
+ * Run inference across all provided service source files.
+ *
+ * @param serviceFiles - Paths to service/application source files
+ * @param warnings     - Mutable array; warnings are pushed here
+ */
+function inferBusinessRules(serviceFiles, warnings = []) {
+    if (serviceFiles.length === 0) {
+        warnings.push('No service source files provided; business rule inference skipped.');
+        return { rules: [], filesAnalyzed: 0, inferred: true, warnings };
+    }
+    const allRules = [];
+    let filesAnalyzed = 0;
+    for (const fp of serviceFiles) {
+        const fileRules = inferRulesFromFile(fp);
+        if (fileRules.length > 0) {
+            allRules.push(...fileRules);
+        }
+        filesAnalyzed++;
+    }
+    return {
+        rules: allRules,
+        filesAnalyzed,
+        inferred: true,
+        warnings,
+    };
+}
+/**
+ * Write inferred business rules to the reports directory.
+ * Returns the path of the written file.
+ */
+function writeInferredBusinessRules(result, reportsDir) {
+    fs.mkdirSync(reportsDir, { recursive: true });
+    const outputPath = path.join(reportsDir, 'inferred-business-rules.json');
+    const output = {
+        generated_at: new Date().toISOString(),
+        rule_source: 'inferred',
+        files_analyzed: result.filesAnalyzed,
+        rule_count: result.rules.length,
+        rules: result.rules,
+    };
+    fs.writeFileSync(outputPath, JSON.stringify(output, null, 2), 'utf-8');
+    return outputPath;
+}
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+function toSnakeCase(str) {
+    return str
+        .replace(/([A-Z])/g, '_$1')
+        .toLowerCase()
+        .replace(/^_/, '')
+        .replace(/[^a-z0-9_]/g, '_')
+        .replace(/__+/g, '_');
+}

package/dist/src/inference/integrationFlowInference.d.ts

@@ -0,0 +1,56 @@
+/**
+ * Integration Flow Inference Engine
+ *
+ * When no `integration-flows.yaml` file is present, this engine constructs
+ * integration flows automatically by analyzing:
+ *
+ *  - Sequences of HTTP calls within a single test function / scenario
+ *  - Cucumber scenario steps (Given / When / Then)
+ *  - Chained request helper calls (createUser → login → createPayment)
+ *
+ * Inferred flows are labeled and include source traceability.
+ *
+ * Generated artifact: reports/inferred-integration-flows.json
+ */
+export type FlowSource = 'inferred' | 'explicit';
+export interface FlowStep {
+    /** HTTP method */
+    method: string;
+    /** URL path (may contain path params) */
+    path: string;
+    /** Step description */
+    description?: string;
+}
+export interface InferredIntegrationFlow {
+    /** Stable identifier */
+    id: string;
+    /** Human-readable flow name */
+    name: string;
+    flow_source: FlowSource;
+    /** Steps in execution order */
+    steps: FlowStep[];
+    /** File and line where the sequence was found */
+    source_location: string;
+    /** Test function / scenario name (if detectable) */
+    test_name?: string;
+}
+export interface IntegrationFlowInferenceResult {
+    flows: InferredIntegrationFlow[];
+    filesAnalyzed: number;
+    inferred: boolean;
+    warnings: string[];
+}
+/**
+ * Infer integration flows from a single test file.
+ */
+export declare function inferFlowsFromFile(filePath: string): InferredIntegrationFlow[];
+/**
+ * Run flow inference across all provided test files.
+ */
+export declare function inferIntegrationFlows(testFiles: string[], warnings?: string[]): IntegrationFlowInferenceResult;
+/**
+ * Write inferred integration flows to the reports directory.
+ * Returns the path of the written file.
+ */
+export declare function writeInferredIntegrationFlows(result: IntegrationFlowInferenceResult, reportsDir: string): string;
+//# sourceMappingURL=integrationFlowInference.d.ts.map

package/dist/src/inference/integrationFlowInference.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"integrationFlowInference.d.ts","sourceRoot":"","sources":["../../../src/inference/integrationFlowInference.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAOH,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,UAAU,CAAC;AAEjD,MAAM,WAAW,QAAQ;IACvB,kBAAkB;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,uBAAuB;IACtC,wBAAwB;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,+BAA+B;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,UAAU,CAAC;IACxB,+BAA+B;IAC/B,KAAK,EAAE,QAAQ,EAAE,CAAC;IAClB,iDAAiD;IACjD,eAAe,EAAE,MAAM,CAAC;IACxB,oDAAoD;IACpD,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,8BAA8B;IAC7C,KAAK,EAAE,uBAAuB,EAAE,CAAC;IACjC,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,OAAO,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AA4KD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,uBAAuB,EAAE,CAW9E;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,SAAS,EAAE,MAAM,EAAE,EACnB,QAAQ,GAAE,MAAM,EAAO,GACtB,8BAA8B,CA2BhC;AAED;;;GAGG;AACH,wBAAgB,6BAA6B,CAC3C,MAAM,EAAE,8BAA8B,EACtC,UAAU,EAAE,MAAM,GACjB,MAAM,CAYR"}

package/dist/src/inference/integrationFlowInference.js

@@ -0,0 +1,266 @@
+"use strict";
+/**
+ * Integration Flow Inference Engine
+ *
+ * When no `integration-flows.yaml` file is present, this engine constructs
+ * integration flows automatically by analyzing:
+ *
+ *  - Sequences of HTTP calls within a single test function / scenario
+ *  - Cucumber scenario steps (Given / When / Then)
+ *  - Chained request helper calls (createUser → login → createPayment)
+ *
+ * Inferred flows are labeled and include source traceability.
+ *
+ * Generated artifact: reports/inferred-integration-flows.json
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.inferFlowsFromFile = inferFlowsFromFile;
+exports.inferIntegrationFlows = inferIntegrationFlows;
+exports.writeInferredIntegrationFlows = writeInferredIntegrationFlows;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const HTTP_CALL_PATTERNS = [
+    // Axios / fetch / supertest: axios.get('/path'), .post('/path'), request.get('/path')
+    { pattern: /(?:axios|request|client|api|http|supertest)\.(get|post|put|patch|delete|head)\s*\(\s*['"`]([^'"`]+)['"`]/i, methodGroup: 1, pathGroup: 2 },
+    // RestAssured / Spring MockMvc: given().when().get("/path")
+    { pattern: /\.(?:when\(\)\.)?(get|post|put|patch|delete)\s*\(\s*['"`]([^'"`]+)['"`]/i, methodGroup: 1, pathGroup: 2 },
+    // Python requests: requests.get('http://...', ...) / client.post('/path')
+    { pattern: /(?:requests|client|self\.client|self\.app\.test_client\(\))\.(get|post|put|patch|delete)\s*\(\s*['"`]([^'"`\s]+)['"`]/i, methodGroup: 1, pathGroup: 2 },
+    // Ruby HTTParty / Rails: get '/path', post '/path'
+    { pattern: /\b(get|post|put|patch|delete)\s+['"`]([^'"`\s]+)['"`]/i, methodGroup: 1, pathGroup: 2 },
+    // fetch('/path', { method: 'POST' })
+    { pattern: /fetch\s*\(\s*['"`]([^'"`]+)['"`]\s*,\s*\{[^}]*method\s*:\s*['"`](GET|POST|PUT|PATCH|DELETE|HEAD)['"`]/i, methodGroup: 2, pathGroup: 1 },
+];
+/** Patterns for test function / scenario boundaries */
+const TEST_FUNCTION_PATTERNS = [
+    // Jest / Mocha / RSpec: it('name', ...) / test('name', ...)
+    /(?:^|\s)(?:it|test|describe)\s*\(\s*['"`]([^'"`]+)['"`]/,
+    // JUnit: @Test ... void testSomething()
+    /@Test[\s\S]{0,200}void\s+(\w+)/,
+    // Python pytest: def test_something():
+    /def\s+(test_\w+)\s*\(/,
+    // Ruby RSpec: it "name do"
+    /it\s+['"]([^'"]+)['"]\s+do/,
+    // Cucumber scenario
+    /Scenario(?:\s+Outline)?:\s*(.+)/,
+];
+function extractHttpCallsFromLines(lines) {
+    const calls = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const p of HTTP_CALL_PATTERNS) {
+            const m = line.match(p.pattern);
+            if (m) {
+                const method = m[p.methodGroup].toUpperCase();
+                const rawPath = m[p.pathGroup];
+                // Skip unlikely paths (full URLs with domain, non-path values)
+                if (rawPath.startsWith('http') && !rawPath.includes('/api'))
+                    continue;
+                const cleanPath = extractPathFromUrl(rawPath);
+                if (!cleanPath)
+                    continue;
+                calls.push({ method, path: cleanPath, lineIdx: i });
+                break; // only first pattern match per line
+            }
+        }
+    }
+    return calls;
+}
+function extractPathFromUrl(raw) {
+    if (raw.startsWith('/'))
+        return raw;
+    try {
+        const u = new URL(raw);
+        return u.pathname || undefined;
+    }
+    catch {
+        // not a full URL — check plain path-like
+        if (/^[\w/{}._-]+$/.test(raw) && raw.includes('/'))
+            return raw;
+        return undefined;
+    }
+}
+// ─── Test boundary detection ──────────────────────────────────────────────────
+function detectTestName(lines, lineIdx) {
+    // Look up to 20 lines above for a test function boundary
+    const window = lines.slice(Math.max(0, lineIdx - 20), lineIdx + 1);
+    for (let i = window.length - 1; i >= 0; i--) {
+        for (const p of TEST_FUNCTION_PATTERNS) {
+            const m = window[i].match(p);
+            if (m)
+                return m[1].trim();
+        }
+    }
+    return undefined;
+}
+// ─── Flow grouping ────────────────────────────────────────────────────────────
+/**
+ * Group extracted HTTP calls into flows.
+ *
+ * Strategy: calls within the same test function (± 50 lines) form a flow.
+ * Calls with no shared context become single-step "isolated" flows.
+ */
+function groupCallsIntoFlows(calls, filePath, lines) {
+    if (calls.length === 0)
+        return [];
+    const flows = [];
+    let currentGroup = [];
+    let currentTestName;
+    for (let i = 0; i < calls.length; i++) {
+        const call = calls[i];
+        const tName = detectTestName(lines, call.lineIdx);
+        if (i === 0) {
+            currentTestName = tName;
+            currentGroup = [call];
+        }
+        else {
+            const prev = calls[i - 1];
+            // Same test or within 50 lines → same flow
+            if ((tName && tName === currentTestName) ||
+                (!tName && call.lineIdx - prev.lineIdx <= 50)) {
+                currentGroup.push(call);
+            }
+            else {
+                // Flush current group as a flow
+                if (currentGroup.length >= 2) {
+                    flows.push(buildFlow(currentGroup, currentTestName, filePath));
+                }
+                currentTestName = tName;
+                currentGroup = [call];
+            }
+        }
+    }
+    // Flush last group
+    if (currentGroup.length >= 2) {
+        flows.push(buildFlow(currentGroup, currentTestName, filePath));
+    }
+    return flows;
+}
+function buildFlow(calls, testName, filePath) {
+    const steps = calls.map((c) => ({
+        method: c.method,
+        path: c.path,
+    }));
+    const firstLine = calls[0].lineIdx + 1;
+    const baseName = path.basename(filePath, path.extname(filePath));
+    const flowLabel = testName !== null && testName !== void 0 ? testName : `flow_at_line_${firstLine}`;
+    const id = `${toSnakeCase(baseName)}_${toSnakeCase(flowLabel)}`;
+    return {
+        id,
+        name: testName ? humanize(testName) : `Flow in ${path.basename(filePath)}:${firstLine}`,
+        flow_source: 'inferred',
+        steps,
+        source_location: `${filePath}:${firstLine}`,
+        test_name: testName,
+    };
+}
+// ─── Core inference function ──────────────────────────────────────────────────
+/**
+ * Infer integration flows from a single test file.
+ */
+function inferFlowsFromFile(filePath) {
+    let content;
+    try {
+        content = fs.readFileSync(filePath, 'utf-8');
+    }
+    catch {
+        return [];
+    }
+    const lines = content.split('\n');
+    const calls = extractHttpCallsFromLines(lines);
+    return groupCallsIntoFlows(calls, filePath, lines);
+}
+/**
+ * Run flow inference across all provided test files.
+ */
+function inferIntegrationFlows(testFiles, warnings = []) {
+    if (testFiles.length === 0) {
+        warnings.push('No test files provided; integration flow inference skipped.');
+        return { flows: [], filesAnalyzed: 0, inferred: true, warnings };
+    }
+    const allFlows = [];
+    let filesAnalyzed = 0;
+    for (const fp of testFiles) {
+        const fileFlows = inferFlowsFromFile(fp);
+        if (fileFlows.length > 0) {
+            allFlows.push(...fileFlows);
+        }
+        filesAnalyzed++;
+    }
+    if (allFlows.length === 0) {
+        warnings.push('No multi-step HTTP call sequences detected in test files; integration flow inference produced no results.');
+    }
+    return {
+        flows: allFlows,
+        filesAnalyzed,
+        inferred: true,
+        warnings,
+    };
+}
+/**
+ * Write inferred integration flows to the reports directory.
+ * Returns the path of the written file.
+ */
+function writeInferredIntegrationFlows(result, reportsDir) {
+    fs.mkdirSync(reportsDir, { recursive: true });
+    const outputPath = path.join(reportsDir, 'inferred-integration-flows.json');
+    const output = {
+        generated_at: new Date().toISOString(),
+        flow_source: 'inferred',
+        files_analyzed: result.filesAnalyzed,
+        flow_count: result.flows.length,
+        flows: result.flows,
+    };
+    fs.writeFileSync(outputPath, JSON.stringify(output, null, 2), 'utf-8');
+    return outputPath;
+}
+// ─── Helpers ─────────────────────────────────────────────────────────────────
+function toSnakeCase(str) {
+    return str
+        .replace(/([A-Z])/g, '_$1')
+        .toLowerCase()
+        .replace(/^_/, '')
+        .replace(/[^a-z0-9_]/g, '_')
+        .replace(/__+/g, '_');
+}
+function humanize(str) {
+    return str
+        .replace(/_/g, ' ')
+        .replace(/([A-Z])/g, ' $1')
+        .replace(/\s+/g, ' ')
+        .trim()
+        .replace(/^./, (c) => c.toUpperCase());
+}