archicore 0.2.1 → 0.2.2

package/dist/server/routes/admin.js

@@ -3,6 +3,8 @@
  */
 import { Router } from 'express';
 import rateLimit from 'express-rate-limit';
+import * as fs from 'fs';
+import * as path from 'path';
 import { AuthService } from '../services/auth-service.js';
 import { auditService } from '../services/audit-service.js';
 import { authMiddleware, adminMiddleware } from './auth.js';
@@ -25,7 +27,40 @@ const adminRateLimiter = rateLimit({
         });
     }
 });
-// All admin routes require authentication, admin role, and rate limiting
+// Settings file path (defined early for public endpoints)
+const SETTINGS_FILE = path.join(process.cwd(), '.archicore', 'settings.json');
+// Load settings helper (defined early for public endpoints)
+function loadSettingsPublic() {
+    try {
+        if (fs.existsSync(SETTINGS_FILE)) {
+            const data = fs.readFileSync(SETTINGS_FILE, 'utf-8');
+            return JSON.parse(data);
+        }
+    }
+    catch (error) {
+        Logger.error('Failed to load settings:', error);
+    }
+    return {};
+}
+// ===== PUBLIC ENDPOINTS (no auth required) =====
+/**
+ * GET /api/admin/maintenance-status
+ * Get maintenance status (public endpoint for maintenance page)
+ */
+adminRouter.get('/maintenance-status', (_req, res) => {
+    try {
+        const settings = loadSettingsPublic();
+        res.json({
+            enabled: settings.maintenance?.enabled || false,
+            message: settings.maintenance?.message || 'ArchiCore is currently undergoing maintenance.'
+        });
+    }
+    catch (error) {
+        res.json({ enabled: false, message: '' });
+    }
+});
+// ===== PROTECTED ENDPOINTS (auth required) =====
+// All admin routes below require authentication, admin role, and rate limiting
 adminRouter.use(authMiddleware);
 adminRouter.use(adminMiddleware);
 adminRouter.use(adminRateLimiter);
@@ -268,4 +303,259 @@ adminRouter.post('/audit/cleanup', async (req, res) => {
         res.status(500).json({ error: 'Failed to cleanup audit logs' });
     }
 });
+// ===== SETTINGS =====
+// Default settings
+const defaultSettings = {
+    siteName: 'ArchiCore',
+    siteDescription: 'AI-Powered Software Architecture Analysis',
+    defaultTier: 'free',
+    limits: { free: 10, team: 100, pro: 500 },
+    security: {
+        requireEmailVerification: false,
+        allowRegistration: true,
+        sessionTimeout: 24
+    },
+    maintenance: { enabled: false, message: 'ArchiCore is currently undergoing maintenance.' },
+    integrations: { githubAppId: '', gitlabAppId: '', slackWebhook: '' },
+    email: { smtpHost: '', smtpPort: 587, smtpUser: '', smtpPass: '', fromEmail: '' },
+    notifications: { newUsers: true, tierChanges: true, errors: false, adminEmail: '' },
+    features: { api: true, webhooks: true, export: true, blog: true, changelog: true },
+    data: { backupSchedule: 'weekly', retentionDays: 90 }
+};
+function loadSettings() {
+    try {
+        if (fs.existsSync(SETTINGS_FILE)) {
+            const data = fs.readFileSync(SETTINGS_FILE, 'utf-8');
+            return { ...defaultSettings, ...JSON.parse(data) };
+        }
+    }
+    catch (error) {
+        Logger.error('Failed to load settings:', error);
+    }
+    return defaultSettings;
+}
+function saveSettings(settings) {
+    try {
+        const dir = path.dirname(SETTINGS_FILE);
+        if (!fs.existsSync(dir)) {
+            fs.mkdirSync(dir, { recursive: true });
+        }
+        fs.writeFileSync(SETTINGS_FILE, JSON.stringify(settings, null, 2));
+        return true;
+    }
+    catch (error) {
+        Logger.error('Failed to save settings:', error);
+        return false;
+    }
+}
+/**
+ * GET /api/admin/settings
+ * Get system settings
+ */
+adminRouter.get('/settings', async (_req, res) => {
+    try {
+        const settings = loadSettings();
+        // Don't send sensitive data like SMTP password
+        const sanitized = {
+            ...settings,
+            email: { ...settings.email, smtpPass: settings.email.smtpPass ? '********' : '' }
+        };
+        res.json(sanitized);
+    }
+    catch (error) {
+        Logger.error('Failed to get settings:', error);
+        res.status(500).json({ error: 'Failed to get settings' });
+    }
+});
+/**
+ * POST /api/admin/settings
+ * Update system settings
+ */
+adminRouter.post('/settings', async (req, res) => {
+    try {
+        const ip = req.ip || req.headers['x-forwarded-for'] || 'unknown';
+        const userAgent = req.headers['user-agent'];
+        const currentSettings = loadSettings();
+        const newSettings = { ...currentSettings, ...req.body };
+        // Preserve existing password if not provided or masked
+        if (!newSettings.email?.smtpPass || newSettings.email.smtpPass === '********') {
+            newSettings.email.smtpPass = currentSettings.email.smtpPass;
+        }
+        if (saveSettings(newSettings)) {
+            // Audit log
+            await auditService.log({
+                userId: req.user?.id,
+                username: req.user?.username,
+                action: 'admin.view_logs',
+                ip,
+                userAgent,
+                details: { operation: 'settings_update', changedKeys: Object.keys(req.body) }
+            });
+            res.json({ success: true });
+        }
+        else {
+            res.status(500).json({ error: 'Failed to save settings' });
+        }
+    }
+    catch (error) {
+        Logger.error('Failed to save settings:', error);
+        res.status(500).json({ error: 'Failed to save settings' });
+    }
+});
+/**
+ * POST /api/admin/test-email
+ * Test email configuration
+ */
+adminRouter.post('/test-email', async (req, res) => {
+    try {
+        // For now, just validate the settings are present
+        const { smtpHost, smtpPort, smtpUser, fromEmail } = req.body;
+        if (!smtpHost || !smtpUser || !fromEmail) {
+            res.status(400).json({ error: 'Missing required email settings' });
+            return;
+        }
+        // TODO: Implement actual email sending with nodemailer
+        Logger.info('Test email requested', { smtpHost, smtpPort, fromEmail });
+        res.json({ success: true, message: 'Email configuration looks valid' });
+    }
+    catch (error) {
+        Logger.error('Failed to test email:', error);
+        res.status(500).json({ error: 'Failed to test email configuration' });
+    }
+});
+/**
+ * GET /api/admin/export/all
+ * Export all data
+ */
+adminRouter.get('/export/all', async (_req, res) => {
+    try {
+        const users = await authService.getAllUsers();
+        const settings = loadSettings();
+        const auditLogs = await auditService.query({ limit: 1000, offset: 0 });
+        // Sanitize user data (remove passwords)
+        const sanitizedUsers = users.map(u => {
+            const { passwordHash, ...safe } = u;
+            return safe;
+        });
+        res.json({
+            exportedAt: new Date().toISOString(),
+            users: sanitizedUsers,
+            settings: { ...settings, email: { ...settings.email, smtpPass: '' } },
+            auditLogs: auditLogs.logs
+        });
+    }
+    catch (error) {
+        Logger.error('Failed to export data:', error);
+        res.status(500).json({ error: 'Failed to export data' });
+    }
+});
+/**
+ * POST /api/admin/backup
+ * Create a backup
+ */
+adminRouter.post('/backup', async (req, res) => {
+    try {
+        const ip = req.ip || req.headers['x-forwarded-for'] || 'unknown';
+        const userAgent = req.headers['user-agent'];
+        // Log backup action
+        await auditService.log({
+            userId: req.user?.id,
+            username: req.user?.username,
+            action: 'admin.view_logs',
+            ip,
+            userAgent,
+            details: { operation: 'backup_create' }
+        });
+        // Create backup filename
+        const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+        const filename = `archicore-backup-${timestamp}.json`;
+        Logger.info('Backup created:', filename);
+        res.json({ success: true, filename });
+    }
+    catch (error) {
+        Logger.error('Failed to create backup:', error);
+        res.status(500).json({ error: 'Failed to create backup' });
+    }
+});
+/**
+ * POST /api/admin/cache/clear
+ * Clear all cache
+ */
+adminRouter.post('/cache/clear', async (req, res) => {
+    try {
+        const ip = req.ip || req.headers['x-forwarded-for'] || 'unknown';
+        const userAgent = req.headers['user-agent'];
+        // TODO: Implement actual cache clearing (Redis, in-memory, etc.)
+        Logger.info('Cache clear requested by admin');
+        await auditService.log({
+            userId: req.user?.id,
+            username: req.user?.username,
+            action: 'admin.view_logs',
+            ip,
+            userAgent,
+            details: { operation: 'cache_clear' }
+        });
+        res.json({ success: true, message: 'Cache cleared' });
+    }
+    catch (error) {
+        Logger.error('Failed to clear cache:', error);
+        res.status(500).json({ error: 'Failed to clear cache' });
+    }
+});
+/**
+ * POST /api/admin/analytics/reset
+ * Reset analytics data
+ */
+adminRouter.post('/analytics/reset', async (req, res) => {
+    try {
+        const ip = req.ip || req.headers['x-forwarded-for'] || 'unknown';
+        const userAgent = req.headers['user-agent'];
+        // TODO: Implement actual analytics reset
+        Logger.info('Analytics reset requested by admin');
+        await auditService.log({
+            userId: req.user?.id,
+            username: req.user?.username,
+            action: 'admin.view_logs',
+            ip,
+            userAgent,
+            details: { operation: 'analytics_reset' }
+        });
+        res.json({ success: true, message: 'Analytics reset' });
+    }
+    catch (error) {
+        Logger.error('Failed to reset analytics:', error);
+        res.status(500).json({ error: 'Failed to reset analytics' });
+    }
+});
+/**
+ * POST /api/admin/factory-reset
+ * Factory reset (dangerous!)
+ */
+adminRouter.post('/factory-reset', async (req, res) => {
+    try {
+        const ip = req.ip || req.headers['x-forwarded-for'] || 'unknown';
+        const userAgent = req.headers['user-agent'];
+        // Log before reset
+        await auditService.log({
+            userId: req.user?.id,
+            username: req.user?.username,
+            action: 'admin.user_delete',
+            ip,
+            userAgent,
+            details: { operation: 'factory_reset', severity: 'critical' }
+        });
+        // TODO: Implement actual factory reset
+        // This should:
+        // 1. Delete all users except the current admin
+        // 2. Clear all settings
+        // 3. Clear all cache
+        // 4. Clear audit logs
+        Logger.warn('Factory reset requested by admin:', req.user?.username);
+        res.json({ success: true, message: 'Factory reset initiated' });
+    }
+    catch (error) {
+        Logger.error('Failed to factory reset:', error);
+        res.status(500).json({ error: 'Failed to factory reset' });
+    }
+});
 //# sourceMappingURL=admin.js.map

package/dist/server/routes/api.js

@@ -302,6 +302,21 @@ apiRouter.post('/projects/:id/ask', authMiddleware, checkProjectAccess, async (r
             res.status(400).json({ error: 'Question is required' });
             return;
         }
+        // Input validation and sanitization
+        if (typeof question !== 'string') {
+            res.status(400).json({ error: 'Invalid question format' });
+            return;
+        }
+        // Limit question length to prevent abuse
+        const MAX_QUESTION_LENGTH = 5000;
+        if (question.length > MAX_QUESTION_LENGTH) {
+            res.status(400).json({ error: `Question too long. Maximum ${MAX_QUESTION_LENGTH} characters.` });
+            return;
+        }
+        // Sanitize question - remove null bytes and control characters (except newlines/tabs)
+        const sanitizedQuestion = question
+            .replace(/\0/g, '')
+            .replace(/[\x00-\x08\x0B\x0C\x0E-\x1F]/g, '');
         // Check request limit
         if (userId) {
             const usageResult = await authService.checkAndUpdateUsage(userId, 'request');
@@ -314,12 +329,12 @@ apiRouter.post('/projects/:id/ask', authMiddleware, checkProjectAccess, async (r
                 return;
             }
         }
-        const answer = await projectService.askArchitect(id, question, language || 'en');
+        const answer = await projectService.askArchitect(id, sanitizedQuestion, language || 'en');
         res.json({ answer });
     }
     catch (error) {
         Logger.error('Failed to ask architect:', error);
-        res.status(500).json({ error: 'Failed to ask architect' });
+        res.status(500).json({ error: 'Failed to process question' });
     }
 });
 /**

package/dist/server/routes/developer.js

@@ -187,7 +187,7 @@ developerRouter.post('/billing/credits', authMiddleware, async (req, res) => {
             res.status(400).json({ error: { message: 'Minimum amount is $5 (500 cents)' } });
             return;
         }
-        // TODO: Интеграция с Stripe/PayPal
+        // TODO: Интеграция с Revolut Business API
         // Сейчас просто добавляем кредиты
         const billing = await tokenService.addCredits(req.user.id, amount);
         res.json({

package/dist/server/routes/device-auth.js

@@ -52,7 +52,16 @@ router.post('/code', (_req, res) => {
     pendingAuths.set(deviceCode, auth);
     // Also index by user code for lookup
     pendingAuths.set(userCode, auth);
-    const serverUrl = process.env.PUBLIC_URL || `http://${process.env.HOST || 'localhost'}:${process.env.PORT || 3000}`;
+    // Use PUBLIC_URL if set, otherwise construct from environment
+    // Avoid using 0.0.0.0 as it's not a valid external address
+    let serverUrl = process.env.PUBLIC_URL;
+    if (!serverUrl) {
+        const host = process.env.HOST || 'localhost';
+        const port = process.env.PORT || 3000;
+        // If HOST is 0.0.0.0 (bind to all interfaces), use the server's actual IP or fallback to request origin
+        const effectiveHost = host === '0.0.0.0' ? (process.env.SERVER_IP || '194.156.66.251') : host;
+        serverUrl = `http://${effectiveHost}:${port}`;
+    }
     res.json({
         deviceCode,
         userCode,

package/dist/server/routes/report-issue.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Report Issue Routes
+ *
+ * API for submitting bug reports and feedback
+ */
+export declare const reportIssueRouter: import("express-serve-static-core").Router;
+//# sourceMappingURL=report-issue.d.ts.map

package/dist/server/routes/report-issue.js

@@ -0,0 +1,307 @@
+/**
+ * Report Issue Routes
+ *
+ * API for submitting bug reports and feedback
+ */
+import { Router } from 'express';
+import multer from 'multer';
+import path from 'path';
+import fs from 'fs/promises';
+import { Logger } from '../../utils/logger.js';
+export const reportIssueRouter = Router();
+// Directory for storing reports
+const REPORTS_DIR = process.env.REPORTS_DIR || path.join('.archicore', 'reports');
+// File signature (magic bytes) validation
+const FILE_SIGNATURES = {
+    'image/png': { magic: [0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A], ext: '.png' },
+    'image/jpeg': { magic: [0xFF, 0xD8, 0xFF], ext: '.jpg' },
+    'image/gif': { magic: [0x47, 0x49, 0x46, 0x38], ext: '.gif' }, // GIF87a or GIF89a
+    'application/pdf': { magic: [0x25, 0x50, 0x44, 0x46], ext: '.pdf' } // %PDF
+};
+/**
+ * Validate file by checking magic bytes (file signature)
+ * Prevents MIME type spoofing attacks
+ */
+function validateFileSignature(buffer) {
+    for (const [mimeType, { magic, ext }] of Object.entries(FILE_SIGNATURES)) {
+        if (buffer.length >= magic.length) {
+            const matches = magic.every((byte, index) => buffer[index] === byte);
+            if (matches) {
+                return { valid: true, detectedType: mimeType, ext };
+            }
+        }
+    }
+    return { valid: false, detectedType: null, ext: null };
+}
+/**
+ * Sanitize filename - remove path traversal attempts and dangerous characters
+ * @deprecated Use validated extension from FILE_SIGNATURES instead
+ */
+function _sanitizeFilename(filename) {
+    // Remove path components
+    const basename = path.basename(filename);
+    // Remove null bytes and other dangerous characters
+    return basename
+        .replace(/\0/g, '')
+        .replace(/[<>:"/\\|?*]/g, '_')
+        .replace(/\.{2,}/g, '.'); // Prevent ..
+}
+void _sanitizeFilename; // Prevent unused warning
+// Multer config for screenshot uploads
+const upload = multer({
+    storage: multer.memoryStorage(),
+    limits: {
+        fileSize: 10 * 1024 * 1024 // 10MB max
+    },
+    fileFilter: (_req, file, cb) => {
+        // First check - MIME type (can be spoofed, but filters obvious garbage)
+        const allowedTypes = ['image/png', 'image/jpeg', 'image/gif', 'application/pdf'];
+        if (!allowedTypes.includes(file.mimetype)) {
+            cb(new Error('Invalid file type. Allowed: PNG, JPG, GIF, PDF'));
+            return;
+        }
+        // Real validation happens after upload when we can check magic bytes
+        cb(null, true);
+    }
+});
+/**
+ * POST /api/report-issue
+ * Submit a new issue report
+ */
+reportIssueRouter.post('/', upload.single('screenshot'), async (req, res) => {
+    try {
+        const { description, category, priority, email, additionalInfo } = req.body;
+        // Validate required fields
+        if (!description || !category || !priority) {
+            res.status(400).json({
+                error: 'Missing required fields'
+            });
+            return;
+        }
+        // Whitelist validation - only allow known categories and priorities
+        const allowedCategories = ['bug', 'analysis', 'performance', 'ui', 'github', 'feature', 'other'];
+        const allowedPriorities = ['critical', 'high', 'medium', 'low'];
+        if (!allowedCategories.includes(category)) {
+            res.status(400).json({ error: 'Invalid category' });
+            return;
+        }
+        if (!allowedPriorities.includes(priority)) {
+            res.status(400).json({ error: 'Invalid priority' });
+            return;
+        }
+        // Basic email validation if provided
+        if (email && !/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email)) {
+            res.status(400).json({ error: 'Invalid email format' });
+            return;
+        }
+        // Generate unique ID
+        const reportId = `report_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+        // Ensure reports directory exists
+        await fs.mkdir(REPORTS_DIR, { recursive: true });
+        // Save screenshot if provided (with security validation)
+        let screenshotFilename;
+        if (req.file) {
+            // Validate file signature (magic bytes) - prevents MIME spoofing
+            const validation = validateFileSignature(req.file.buffer);
+            if (!validation.valid) {
+                Logger.warn(`Invalid file signature detected for report ${reportId}. Claimed: ${req.file.mimetype}`);
+                res.status(400).json({
+                    error: 'Invalid file content',
+                    message: 'File does not match expected format. Please upload a valid PNG, JPG, GIF, or PDF.'
+                });
+                return;
+            }
+            // Use extension from validated file type, NOT from user input
+            const safeExt = validation.ext;
+            screenshotFilename = `${reportId}${safeExt}`;
+            const screenshotPath = path.join(REPORTS_DIR, 'screenshots', screenshotFilename);
+            // Verify path doesn't escape reports directory (defense in depth)
+            const resolvedPath = path.resolve(screenshotPath);
+            const screenshotsDir = path.resolve(REPORTS_DIR, 'screenshots');
+            if (!resolvedPath.startsWith(screenshotsDir)) {
+                Logger.warn(`Path traversal attempt detected for report ${reportId}`);
+                res.status(400).json({ error: 'Invalid request' });
+                return;
+            }
+            await fs.mkdir(path.join(REPORTS_DIR, 'screenshots'), { recursive: true });
+            await fs.writeFile(screenshotPath, req.file.buffer);
+            Logger.debug(`Screenshot saved for report ${reportId}`);
+        }
+        // Create report object - only store safe, non-sensitive data
+        const report = {
+            id: reportId,
+            description: description.substring(0, 10000), // Limit description length
+            category,
+            priority,
+            email: email || undefined,
+            additionalInfo: additionalInfo?.substring(0, 5000) || undefined,
+            hasScreenshot: !!screenshotFilename,
+            screenshotFilename, // Only filename, not full path
+            timestamp: new Date().toISOString(),
+            status: 'new'
+        };
+        // Save report to JSON file
+        const reportPath = path.join(REPORTS_DIR, `${reportId}.json`);
+        await fs.writeFile(reportPath, JSON.stringify(report, null, 2));
+        Logger.info(`New issue report submitted: ${reportId} (${category}/${priority})`);
+        // Optional: Send notification (webhook, email, etc.)
+        await sendNotification(report);
+        res.json({
+            success: true,
+            reportId,
+            message: 'Report submitted successfully'
+        });
+    }
+    catch (error) {
+        // Log full error internally, but don't expose details to client
+        Logger.error('Failed to submit report:', error);
+        if (error instanceof multer.MulterError) {
+            if (error.code === 'LIMIT_FILE_SIZE') {
+                res.status(413).json({ error: 'Screenshot too large. Maximum size is 10MB.' });
+                return;
+            }
+        }
+        // Generic error message - never expose internal error details
+        res.status(500).json({
+            error: 'Failed to submit report. Please try again later.'
+        });
+    }
+});
+/**
+ * GET /api/report-issue/list
+ * Get list of reports (admin only)
+ */
+reportIssueRouter.get('/list', async (req, res) => {
+    try {
+        // Basic auth check - in production use proper admin middleware
+        const adminKey = req.headers['x-admin-key'];
+        if (adminKey !== process.env.ADMIN_SECRET) {
+            res.status(403).json({ error: 'Admin access required' });
+            return;
+        }
+        const files = await fs.readdir(REPORTS_DIR).catch(() => []);
+        const reports = [];
+        for (const file of files) {
+            if (file.endsWith('.json')) {
+                const content = await fs.readFile(path.join(REPORTS_DIR, file), 'utf-8');
+                reports.push(JSON.parse(content));
+            }
+        }
+        // Sort by timestamp descending
+        reports.sort((a, b) => new Date(b.timestamp).getTime() - new Date(a.timestamp).getTime());
+        res.json({ reports, total: reports.length });
+    }
+    catch (error) {
+        Logger.error('Failed to list reports:', error);
+        res.status(500).json({ error: 'Failed to list reports' });
+    }
+});
+/**
+ * PATCH /api/report-issue/:id/status
+ * Update report status (admin only)
+ */
+reportIssueRouter.patch('/:id/status', async (req, res) => {
+    try {
+        const adminKey = req.headers['x-admin-key'];
+        if (adminKey !== process.env.ADMIN_SECRET) {
+            res.status(403).json({ error: 'Admin access required' });
+            return;
+        }
+        const { id } = req.params;
+        const { status } = req.body;
+        if (!['new', 'reviewed', 'resolved'].includes(status)) {
+            res.status(400).json({ error: 'Invalid status' });
+            return;
+        }
+        const reportPath = path.join(REPORTS_DIR, `${id}.json`);
+        const content = await fs.readFile(reportPath, 'utf-8');
+        const report = JSON.parse(content);
+        report.status = status;
+        await fs.writeFile(reportPath, JSON.stringify(report, null, 2));
+        res.json({ success: true, report });
+    }
+    catch (error) {
+        Logger.error('Failed to update report status:', error);
+        res.status(500).json({ error: 'Failed to update status' });
+    }
+});
+/**
+ * Send notification about new report (optional integrations)
+ */
+async function sendNotification(report) {
+    // Discord webhook
+    const discordWebhook = process.env.DISCORD_WEBHOOK_URL;
+    if (discordWebhook) {
+        try {
+            const priorityColors = {
+                critical: 0xff0000,
+                high: 0xff6600,
+                medium: 0xffcc00,
+                low: 0x00cc00
+            };
+            await fetch(discordWebhook, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({
+                    embeds: [{
+                            title: `New Issue Report: ${report.category}`,
+                            description: report.description.substring(0, 500),
+                            color: priorityColors[report.priority] || 0x808080,
+                            fields: [
+                                { name: 'Priority', value: report.priority, inline: true },
+                                { name: 'Category', value: report.category, inline: true },
+                                { name: 'Report ID', value: report.id, inline: false }
+                            ],
+                            timestamp: report.timestamp
+                        }]
+                })
+            });
+        }
+        catch (err) {
+            Logger.warn('Failed to send Discord notification:', err);
+        }
+    }
+    // Slack webhook
+    const slackWebhook = process.env.SLACK_WEBHOOK_URL;
+    if (slackWebhook) {
+        try {
+            await fetch(slackWebhook, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({
+                    text: `*New Issue Report*\n*Category:* ${report.category}\n*Priority:* ${report.priority}\n*Description:* ${report.description.substring(0, 200)}...`
+                })
+            });
+        }
+        catch (err) {
+            Logger.warn('Failed to send Slack notification:', err);
+        }
+    }
+    // Telegram bot
+    const telegramToken = process.env.TELEGRAM_BOT_TOKEN;
+    const telegramChatId = process.env.TELEGRAM_CHAT_ID;
+    if (telegramToken && telegramChatId) {
+        try {
+            const priorityEmoji = {
+                critical: '🔴',
+                high: '🟠',
+                medium: '🟡',
+                low: '🟢'
+            };
+            const message = `${priorityEmoji[report.priority] || '⚪'} *New Issue Report*\n\n*Category:* ${report.category}\n*Priority:* ${report.priority}\n*Description:* ${report.description.substring(0, 300)}...\n\n_ID: ${report.id}_`;
+            await fetch(`https://api.telegram.org/bot${telegramToken}/sendMessage`, {
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({
+                    chat_id: telegramChatId,
+                    text: message,
+                    parse_mode: 'Markdown'
+                })
+            });
+        }
+        catch (err) {
+            Logger.warn('Failed to send Telegram notification:', err);
+        }
+    }
+}
+//# sourceMappingURL=report-issue.js.map