api-tests-coverage 1.0.21 → 1.0.22

package/dist/src/index.js

@@ -2114,6 +2114,160 @@ program
         // Keep the process alive — the HTTP server holds the event loop open
     }
 });
+// ─── event-coverage command ───────────────────────────────────────────────────
+program
+    .command('event-coverage')
+    .description('Analyze how thoroughly tests cover event/message-driven interactions (Kafka, RabbitMQ, SNS, SQS, etc.)')
+    .option('--source <glob>', 'Glob pattern for source files to scan for event patterns', 'src/**/*.ts')
+    .option('--tests <glob>', 'Glob pattern for test files', 'tests/**/*.ts')
+    .option('--format <formats>', 'Comma-separated list of report formats: json,html,csv,junit (default: json,html)', 'json,html')
+    .option('--threshold-event <percent>', 'Minimum required event coverage percentage (0-100)', parseFloat, 0)
+    .action(async (options) => {
+    var _a, _b;
+    const { metricsPort, serviceName } = setupObservability();
+    const logger = (0, observability_1.getLogger)();
+    const parentOpts = program.opts();
+    const config = loadCoverageConfig(parentOpts.config, {
+        event: options.thresholdEvent,
+    });
+    const sourceGlob = options.source;
+    const testsGlob = (config.testPatterns && config.testPatterns.length > 0)
+        ? config.testPatterns[0]
+        : options.tests;
+    const reportsDir = path.resolve('reports');
+    const formats = (0, reporting_1.parseFormats)(options.format);
+    const span = (0, observability_1.startSpan)('event-coverage', { sourceGlob, testsGlob });
+    logger.info({ event: 'analysis_start', coverageType: 'event', sourceGlob }, `Scanning events in: ${sourceGlob}`);
+    console.log(`Scanning events in: ${sourceGlob}`);
+    const { analyzeEventCoverage, writeEventReport } = await Promise.resolve().then(() => __importStar(require('./streaming/eventCoverage')));
+    const eventResult = analyzeEventCoverage(sourceGlob, testsGlob);
+    writeEventReport(eventResult, reportsDir);
+    const result = {
+        type: 'event',
+        totalItems: eventResult.totalItems,
+        coveredItems: eventResult.coveredItems,
+        coveragePercent: eventResult.coveragePercent,
+        details: eventResult.details,
+    };
+    const thresholds = { ...((_a = config.thresholds) !== null && _a !== void 0 ? _a : {}) };
+    // Run plugins
+    const pluginContext = {
+        testPatterns: (_b = config.testPatterns) !== null && _b !== void 0 ? _b : [],
+        results: [result],
+        config,
+    };
+    const pluginResults = await (0, pluginLoader_1.runPlugins)(config, pluginContext);
+    const allResults = [result, ...pluginResults];
+    const observabilityInfo = (0, observability_1.buildObservabilityInfo)(metricsPort);
+    (0, reporting_1.generateMultiFormatReports)(allResults, formats, reportsDir, thresholds, observabilityInfo);
+    console.log(`Event coverage: ${eventResult.coveredItems}/${eventResult.totalItems} events covered (${eventResult.coveragePercent}%)`);
+    if (eventResult.details.unresolvedCount > 0) {
+        console.log(`  Unresolved topics: ${eventResult.details.unresolvedCount}`);
+    }
+    for (const [broker, count] of Object.entries(eventResult.details.brokerBreakdown)) {
+        if (count > 0)
+            console.log(`  ${broker}: ${count} nodes`);
+    }
+    console.log(`Reports written to: ${reportsDir}`);
+    span.end({ totalItems: eventResult.totalItems, coveredItems: eventResult.coveredItems, coveragePercent: eventResult.coveragePercent });
+    logger.info({ event: 'analysis_complete', coverageType: 'event' }, 'Event coverage analysis complete');
+    await finaliseObservability(allResults, thresholds, metricsPort, serviceName);
+    // Threshold check
+    const failures = (0, reporting_1.checkThresholds)(allResults, thresholds);
+    if (failures.length > 0) {
+        for (const msg of failures) {
+            console.error(`THRESHOLD FAILURE: ${msg}`);
+        }
+        process.exitCode = 1;
+    }
+});
+// ─── generate-tests command ──────────────────────────────────────────────────
+program
+    .command('generate-tests')
+    .description('Generate test files for coverage gaps detected in reports/')
+    .option('--source <glob>', 'Glob pattern for source files', 'src/**/*.ts')
+    .option('--tests <glob>', 'Glob pattern for existing test files', 'tests/**/*.ts')
+    .option('--out-dir <dir>', 'Output directory for generated tests')
+    .option('--base-url <url>', 'Base URL for API requests', 'http://localhost:3000')
+    .option('--dry-run', 'Show what would be generated without writing files', false)
+    .action(async (options) => {
+    const logger = (0, observability_1.getLogger)();
+    const reportsDir = path.resolve('reports');
+    logger.info({ event: 'generation_start' }, 'Starting test generation...');
+    console.log('Starting test generation...');
+    const { TestGenerationEngine } = await Promise.resolve().then(() => __importStar(require('./generation/engine')));
+    const engine = new TestGenerationEngine(process.cwd(), reportsDir);
+    const generated = engine.generateTests({
+        dryRun: options.dryRun,
+        outDir: options.outDir,
+        baseUrl: options.baseUrl,
+    });
+    console.log(`Generated ${generated.length} test file(s)`);
+    for (const f of generated) {
+        console.log(`  ${options.dryRun ? '[dry-run] ' : ''}${f.outputPath} (${f.gapId})`);
+    }
+    if (options.dryRun) {
+        console.log('\nDry run complete — no files were written.');
+    }
+});
+// ─── score-tests command ─────────────────────────────────────────────────────
+program
+    .command('score-tests')
+    .description('Score existing test files for quality (status assertions, error paths, matchers)')
+    .option('--tests <glob>', 'Glob pattern for test files', 'tests/**/*.ts')
+    .option('--threshold-quality <percent>', 'Minimum average quality score (0-100)', parseFloat, 0)
+    .action(async (options) => {
+    const logger = (0, observability_1.getLogger)();
+    const testsGlob = options.tests;
+    logger.info({ event: 'scoring_start' }, 'Scoring test quality...');
+    console.log(`Scoring test quality for: ${testsGlob}`);
+    const { TestGenerationEngine } = await Promise.resolve().then(() => __importStar(require('./generation/engine')));
+    const engine = new TestGenerationEngine(process.cwd());
+    const reports = engine.scoreTests(testsGlob);
+    const avgScore = reports.length > 0
+        ? Math.round(reports.reduce((s, r) => s + r.overallScore, 0) / reports.length)
+        : 0;
+    console.log(`\nScored ${reports.length} test file(s)`);
+    console.log(`Average quality score: ${avgScore}/100`);
+    const lowQuality = reports.filter((r) => r.overallScore < 60);
+    if (lowQuality.length > 0) {
+        console.log(`\nFiles below 60 quality:`);
+        for (const r of lowQuality) {
+            console.log(`  ${r.file}: ${r.overallScore}/100`);
+            for (const v of r.violations) {
+                console.log(`    - ${v}`);
+            }
+        }
+    }
+    const thresholdQuality = options.thresholdQuality;
+    if (thresholdQuality > 0 && avgScore < thresholdQuality) {
+        console.error(`THRESHOLD FAILURE: Average quality ${avgScore}% < ${thresholdQuality}%`);
+        process.exitCode = 1;
+    }
+});
+// ─── export-ai-flows command ─────────────────────────────────────────────────
+program
+    .command('export-ai-flows')
+    .description('Export AI-ready test generation flows for Copilot / LLM consumption')
+    .option('--source <glob>', 'Glob pattern for source files', 'src/**/*.ts')
+    .option('--tests <glob>', 'Glob pattern for test files', 'tests/**/*.ts')
+    .action(async (options) => {
+    const logger = (0, observability_1.getLogger)();
+    const reportsDir = path.resolve('reports');
+    logger.info({ event: 'ai_flows_start' }, 'Exporting AI-ready flows...');
+    console.log('Exporting AI-ready flows...');
+    const { TestGenerationEngine } = await Promise.resolve().then(() => __importStar(require('./generation/engine')));
+    const engine = new TestGenerationEngine(process.cwd(), reportsDir);
+    const manifest = engine.exportAiFlows({
+        sourceGlob: options.source,
+        testsGlob: options.tests,
+    });
+    console.log(`Exported ${manifest.totalFlows} AI-ready flow(s)`);
+    for (const [type, count] of Object.entries(manifest.byType)) {
+        console.log(`  ${type}: ${count}`);
+    }
+    console.log(`\nReports written to: ${reportsDir}`);
+});
 // ─── serve command ────────────────────────────────────────────────────────────
 program
     .command('serve')

package/dist/src/pipeline/detectors/expressMiddlewareDetector.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Express middleware-as-auth detector (Feature 27)
+ *
+ * Detects from raw JavaScript/TypeScript file content:
+ * 1. router.use(path, [auth.required | auth.optional], subRouter) →
+ *    router-mount nodes with middleware classification
+ * 2. jwt({ credentialsRequired: false }) → security: { optional: true }
+ * 3. jwt({ secret, ... }) (no credentialsRequired: false) → security: { required: true }
+ * 4. 4-argument Express error handlers (err, req, res, next) → error-handler nodes
+ * 5. if (err.name === '...') branches inside error handlers → exception-branch nodes
+ *
+ * Auth middleware inheritance rule: when auth.required / auth.optional appears in
+ * router.use(), ALL routes in the mounted sub-router inherit that security classification.
+ * This is flagged in the node metadata so the cross-file resolver can propagate it.
+ */
+import type { DetectedNode, Detector } from './types';
+export declare class ExpressMiddlewareDetector implements Detector {
+    readonly name = "express-middleware";
+    detect(fileContent: string, filePath: string): DetectedNode[];
+}
+//# sourceMappingURL=expressMiddlewareDetector.d.ts.map

package/dist/src/pipeline/detectors/expressMiddlewareDetector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"expressMiddlewareDetector.d.ts","sourceRoot":"","sources":["../../../../src/pipeline/detectors/expressMiddlewareDetector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAItD,qBAAa,yBAA0B,YAAW,QAAQ;IACxD,QAAQ,CAAC,IAAI,wBAAwB;IAErC,MAAM,CAAC,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,YAAY,EAAE;CAyL9D"}

package/dist/src/pipeline/detectors/expressMiddlewareDetector.js

@@ -0,0 +1,201 @@
+"use strict";
+/**
+ * Express middleware-as-auth detector (Feature 27)
+ *
+ * Detects from raw JavaScript/TypeScript file content:
+ * 1. router.use(path, [auth.required | auth.optional], subRouter) →
+ *    router-mount nodes with middleware classification
+ * 2. jwt({ credentialsRequired: false }) → security: { optional: true }
+ * 3. jwt({ secret, ... }) (no credentialsRequired: false) → security: { required: true }
+ * 4. 4-argument Express error handlers (err, req, res, next) → error-handler nodes
+ * 5. if (err.name === '...') branches inside error handlers → exception-branch nodes
+ *
+ * Auth middleware inheritance rule: when auth.required / auth.optional appears in
+ * router.use(), ALL routes in the mounted sub-router inherit that security classification.
+ * This is flagged in the node metadata so the cross-file resolver can propagate it.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ExpressMiddlewareDetector = void 0;
+const types_1 = require("./types");
+class ExpressMiddlewareDetector {
+    constructor() {
+        this.name = 'express-middleware';
+    }
+    detect(fileContent, filePath) {
+        var _a, _b, _c;
+        if (!filePath.endsWith('.js') && !filePath.endsWith('.ts') &&
+            !filePath.endsWith('.mjs') && !filePath.endsWith('.cjs')) {
+            return [];
+        }
+        // Quick bail: skip files with no router/app patterns
+        if (!fileContent.includes('router') &&
+            !fileContent.includes('app.use') &&
+            !fileContent.includes('express')) {
+            return [];
+        }
+        const nodes = [];
+        const lines = fileContent.split('\n');
+        // ── Detect jwt middleware definitions ─────────────────────────────────
+        // const auth = { required: jwt({...}), optional: jwt({ credentialsRequired: false, ...}) }
+        const authVarPattern = /const\s+auth\s*=\s*\{([^}]+)\}/s;
+        const authVarMatch = fileContent.match(authVarPattern);
+        const authObjectDefs = new Map();
+        if (authVarMatch) {
+            const body = authVarMatch[1];
+            // required: jwt({...}) without credentialsRequired: false
+            if (/required\s*:.*?jwt\s*\(/.test(body) && !/credentialsRequired\s*:\s*false/.test((_a = body.split('optional')[0]) !== null && _a !== void 0 ? _a : '')) {
+                authObjectDefs.set('auth.required', { type: 'jwt', required: true, optional: false, sourcePattern: 'auth.required' });
+            }
+            // optional: jwt({ credentialsRequired: false, ...})
+            if (/optional\s*:.*?credentialsRequired\s*:\s*false/.test(body)) {
+                authObjectDefs.set('auth.optional', { type: 'jwt', required: false, optional: true, sourcePattern: 'auth.optional' });
+            }
+        }
+        // Also detect standalone: jwt({ credentialsRequired: false })
+        const jwtOptionalPattern = /jwt\s*\(\s*\{[^}]*credentialsRequired\s*:\s*false[^}]*\}\s*\)/;
+        const jwtRequiredPattern = /jwt\s*\(\s*\{[^}]*secret[^}]*\}\s*\)/;
+        // ── Detect router.use(path, [middleware], subRouter) ─────────────────
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            // router.use('/path', middleware, require('./sub'))
+            // router.use('/path', require('./sub'))
+            const routerUsePattern = /(?:router|app)\s*\.\s*use\s*\(\s*['"`]([^'"`]+)['"`]\s*,\s*(.*?)\)/;
+            const routerUseMatch = line.match(routerUsePattern);
+            if (routerUseMatch) {
+                const mountPath = routerUseMatch[1];
+                const rest = routerUseMatch[2];
+                // Determine security from middleware args
+                let security;
+                if (/auth\.required/.test(rest)) {
+                    security = (_b = authObjectDefs.get('auth.required')) !== null && _b !== void 0 ? _b : { type: 'jwt', required: true, optional: false, sourcePattern: 'auth.required' };
+                }
+                else if (/auth\.optional/.test(rest)) {
+                    security = (_c = authObjectDefs.get('auth.optional')) !== null && _c !== void 0 ? _c : { type: 'jwt', required: false, optional: true, sourcePattern: 'auth.optional' };
+                }
+                else if (jwtOptionalPattern.test(rest)) {
+                    security = { type: 'jwt', required: false, optional: true, sourcePattern: 'jwt(credentialsRequired:false)' };
+                }
+                else if (jwtRequiredPattern.test(rest)) {
+                    security = { type: 'jwt', required: true, optional: false, sourcePattern: 'jwt(secret)' };
+                }
+                // Determine target module (require('./x') or just the last identifier)
+                const requireMatch = rest.match(/require\s*\(['"`]([^'"`]+)['"`]\)/);
+                const targetModule = requireMatch ? requireMatch[1] : extractLastIdentifier(rest);
+                nodes.push({
+                    id: (0, types_1.makeNodeId)(filePath, 'router-mount', mountPath, i + 1),
+                    kind: 'router-mount',
+                    name: mountPath,
+                    filePath,
+                    line: i + 1,
+                    httpPath: mountPath,
+                    urlPrefix: mountPath,
+                    targetModule,
+                    security,
+                    resolution: targetModule ? 'cross-file-unresolved' : 'resolved',
+                    diagnosticMessage: targetModule
+                        ? `Sub-router '${targetModule}' defined in another file`
+                        : undefined,
+                });
+            }
+            // router.use('/path', router) — no middleware between path and router
+            const simpleMountPattern = /(?:router|app)\s*\.\s*use\s*\(\s*['"`]([^'"`]+)['"`]\s*,\s*(require\s*\([^)]+\)|\w+)\s*\)/;
+            const simpleMountMatch = line.match(simpleMountPattern);
+            if (simpleMountMatch && !routerUseMatch) {
+                const mountPath = simpleMountMatch[1];
+                const targetExpr = simpleMountMatch[2];
+                const requireMatch2 = targetExpr.match(/require\s*\(['"`]([^'"`]+)['"`]\)/);
+                const targetModule = requireMatch2 ? requireMatch2[1] : targetExpr;
+                nodes.push({
+                    id: (0, types_1.makeNodeId)(filePath, 'router-mount', mountPath, i + 1),
+                    kind: 'router-mount',
+                    name: mountPath,
+                    filePath,
+                    line: i + 1,
+                    httpPath: mountPath,
+                    urlPrefix: mountPath,
+                    targetModule,
+                    resolution: 'cross-file-unresolved',
+                    diagnosticMessage: `Sub-router '${targetModule}' defined in another file`,
+                });
+            }
+        }
+        // ── Detect 4-argument error handlers ─────────────────────────────────
+        // function(err, req, res, next) { ... }
+        // (err, req, res, next) => { ... }
+        const errorHandlerPattern = /(?:function\s*\w*\s*\(|(?:\w+\s*,\s*){0,1}\()\s*err\s*,\s*\w+\s*,\s*\w+\s*,\s*next\s*[)]/;
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            if (!errorHandlerPattern.test(line))
+                continue;
+            // Find the end of this error handler block
+            const handlerStart = i;
+            const braceIdx = fileContent.indexOf('{', fileContent.split('\n').slice(0, i + 1).join('\n').length);
+            let handlerBody = '';
+            if (braceIdx >= 0) {
+                handlerBody = extractBraceBody(fileContent, braceIdx);
+            }
+            nodes.push({
+                id: (0, types_1.makeNodeId)(filePath, 'error-handler', `errorHandler:${i + 1}`, i + 1),
+                kind: 'error-handler',
+                name: `errorHandler:${i + 1}`,
+                filePath,
+                line: i + 1,
+                resolution: 'resolved',
+            });
+            // Extract if (err.name === 'SomeName') branches
+            const errNamePattern = /err\.name\s*===?\s*['"`](\w+)['"`]/g;
+            let errMatch;
+            let bodyOffset = 0;
+            while ((errMatch = errNamePattern.exec(handlerBody)) !== null) {
+                const bodyLines = handlerBody.substring(0, errMatch.index).split('\n');
+                const branchLine = handlerStart + bodyLines.length;
+                // Find status code in the branch
+                const branchContext = handlerBody.substring(errMatch.index, errMatch.index + 200);
+                const statusMatch = branchContext.match(/\.status\s*\(\s*(\d{3})\s*\)/);
+                const statusCode = statusMatch ? parseInt(statusMatch[1], 10) : undefined;
+                nodes.push({
+                    id: (0, types_1.makeNodeId)(filePath, 'exception-branch', errMatch[1], branchLine),
+                    kind: 'exception-branch',
+                    name: errMatch[1],
+                    filePath,
+                    line: branchLine,
+                    errorName: errMatch[1],
+                    errorStatusCode: statusCode,
+                    resolution: 'resolved',
+                });
+            }
+        }
+        // ── Detect auth middleware object definitions ──────────────────────────
+        // Emit auth-middleware node for downstream use
+        if (authObjectDefs.size > 0) {
+            for (const [key, sec] of authObjectDefs) {
+                nodes.push({
+                    id: (0, types_1.makeNodeId)(filePath, 'auth-middleware', key, undefined),
+                    kind: 'auth-middleware',
+                    name: key,
+                    filePath,
+                    security: sec,
+                    resolution: 'resolved',
+                });
+            }
+        }
+        return nodes;
+    }
+}
+exports.ExpressMiddlewareDetector = ExpressMiddlewareDetector;
+function extractLastIdentifier(expr) {
+    const m = expr.match(/(\w+)\s*$/);
+    return m ? m[1] : undefined;
+}
+function extractBraceBody(source, openBrace) {
+    let depth = 1;
+    let i = openBrace + 1;
+    while (i < source.length && depth > 0) {
+        if (source[i] === '{')
+            depth++;
+        if (source[i] === '}')
+            depth--;
+        i++;
+    }
+    return source.substring(openBrace, i);
+}

package/dist/src/pipeline/detectors/flaskBlueprintDetector.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Flask Blueprint detector (Feature 27)
+ *
+ * Detects from raw Python file content:
+ * 1. Blueprint() constructor calls → blueprint-definition nodes
+ * 2. @blueprint.route() decorators with HTTP methods → endpoint nodes (marked
+ *    cross-file-unresolved until url_prefix is resolved by FlaskBlueprintResolver)
+ * 3. app.register_blueprint() calls → blueprint-registration nodes
+ * 4. @use_kwargs({...}) decorator → parameter nodes with location inference
+ * 5. @marshal_with(schema, code=N) → response-schema nodes
+ * 6. @jwt_required / @jwt_optional / @jwt_required(optional=True) → security nodes
+ *
+ * RULE-SA01: never infers role from directory — only from code content
+ * RULE-SA02: endpoint nodes are emitted with resolution: 'cross-file-unresolved'
+ *            when url_prefix is not visible in the same file
+ * RULE-SA04: @jwt_optional → security.optional = true — NEVER classified as public
+ */
+import type { DetectedNode, Detector } from './types';
+export declare class FlaskBlueprintDetector implements Detector {
+    readonly name = "flask-blueprint";
+    detect(fileContent: string, filePath: string): DetectedNode[];
+}
+//# sourceMappingURL=flaskBlueprintDetector.d.ts.map

package/dist/src/pipeline/detectors/flaskBlueprintDetector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"flaskBlueprintDetector.d.ts","sourceRoot":"","sources":["../../../../src/pipeline/detectors/flaskBlueprintDetector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAGtD,qBAAa,sBAAuB,YAAW,QAAQ;IACrD,QAAQ,CAAC,IAAI,qBAAqB;IAElC,MAAM,CAAC,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,YAAY,EAAE;CAyJ9D"}