npm - atlas-pipeline-mcp - Versions diffs - 1.0.23 → 1.0.25 - Mend

atlas-pipeline-mcp 1.0.23 → 1.0.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

package/README.md +71 -4
package/dist/common/error-handling.d.ts +86 -0
package/dist/common/error-handling.d.ts.map +1 -0
package/dist/common/error-handling.js +226 -0
package/dist/common/error-handling.js.map +1 -0
package/dist/mcp.js +50 -0
package/dist/mcp.js.map +1 -1
package/dist/tools/api-design-consultant.d.ts +92 -0
package/dist/tools/api-design-consultant.d.ts.map +1 -0
package/dist/tools/api-design-consultant.js +374 -0
package/dist/tools/api-design-consultant.js.map +1 -0
package/dist/tools/debug/error-classifier.d.ts +14 -0
package/dist/tools/debug/error-classifier.d.ts.map +1 -0
package/dist/tools/debug/error-classifier.js +40 -0
package/dist/tools/debug/error-classifier.js.map +1 -0
package/dist/tools/debug/language-detector.d.ts +16 -0
package/dist/tools/debug/language-detector.d.ts.map +1 -0
package/dist/tools/debug/language-detector.js +67 -0
package/dist/tools/debug/language-detector.js.map +1 -0
package/dist/tools/debug/stack-parser.d.ts +25 -0
package/dist/tools/debug/stack-parser.d.ts.map +1 -0
package/dist/tools/debug/stack-parser.js +122 -0
package/dist/tools/debug/stack-parser.js.map +1 -0
package/dist/tools/dependencies.d.ts.map +1 -1
package/dist/tools/dependencies.js +50 -25
package/dist/tools/dependencies.js.map +1 -1
package/dist/tools/performance-optimizer.d.ts +97 -0
package/dist/tools/performance-optimizer.d.ts.map +1 -0
package/dist/tools/performance-optimizer.js +295 -0
package/dist/tools/performance-optimizer.js.map +1 -0
package/dist/tools/security-scanner.d.ts +74 -0
package/dist/tools/security-scanner.d.ts.map +1 -0
package/dist/tools/security-scanner.js +290 -0
package/dist/tools/security-scanner.js.map +1 -0
package/dist/tools/senior-mentor.d.ts +81 -0
package/dist/tools/senior-mentor.d.ts.map +1 -0
package/dist/tools/senior-mentor.js +308 -0
package/dist/tools/senior-mentor.js.map +1 -0
package/dist/tools/state-management-architect.d.ts +77 -0
package/dist/tools/state-management-architect.d.ts.map +1 -0
package/dist/tools/state-management-architect.js +323 -0
package/dist/tools/state-management-architect.js.map +1 -0
package/dist/tools/test-utils.d.ts.map +1 -1
package/dist/tools/test-utils.js +109 -56
package/dist/tools/test-utils.js.map +1 -1
package/dist/tools/ui-ux-designer.d.ts +91 -0
package/dist/tools/ui-ux-designer.d.ts.map +1 -0
package/dist/tools/ui-ux-designer.js +907 -0
package/dist/tools/ui-ux-designer.js.map +1 -0
package/package.json +3 -2

package/dist/tools/performance-optimizer.js ADDED Viewed

@@ -0,0 +1,295 @@
+/**
+ * Atlas Server - Advanced Performance Optimization Tool
+ *
+ * Deep performance analysis and optimization strategies
+ * - Performance profiling and bottleneck detection
+ * - Memory leak identification
+ * - Bundle size optimization
+ * - Rendering performance optimization
+ * - Network optimization strategies
+ *
+ * @module performance-optimizer
+ * @author Nishant Unavane
+ * @version 1.0.0
+ */
+import { getActiveProvider, isNoLLMMode } from '../providers/index.js';
+import { logger, createTimer } from '../utils.js';
+import { z } from 'zod';
+// ============================================================================
+// Validation Schema
+// ============================================================================
+const PerformanceRequestSchema = z.object({
+    problemDescription: z.string().min(20),
+    metrics: z.object({
+        firstContentfulPaint: z.number().optional(),
+        largestContentfulPaint: z.number().optional(),
+        interactionToNextPaint: z.number().optional(),
+        cumulativeLayoutShift: z.number().optional(),
+        domContentLoaded: z.number().optional(),
+        loadTime: z.number().optional(),
+        memoryUsage: z.number().optional(),
+        bundleSize: z.number().optional(),
+        renderTime: z.number().optional(),
+    }).optional(),
+    code: z.string().optional(),
+    profileData: z.string().optional(),
+    targetMetrics: z.object({
+        fcp: z.number().optional(),
+        lcp: z.number().optional(),
+        inp: z.number().optional(),
+        cls: z.number().optional(),
+        memoryUsage: z.number().optional(),
+        bundleSize: z.number().optional(),
+    }).optional(),
+    constraints: z.array(z.string()).optional(),
+});
+// ============================================================================
+// Performance Analysis
+// ============================================================================
+/**
+ * Analyze and optimize performance
+ */
+export async function optimizePerformance(request) {
+    const timer = createTimer();
+    PerformanceRequestSchema.parse(request);
+    logger.info({ problem: request.problemDescription.substring(0, 100) }, 'Starting performance optimization analysis');
+    const analysis = await analyzePerformance(request);
+    const optimizations = generateOptimizationStrategies(analysis, request);
+    const immediateActions = prioritizeActions(optimizations);
+    const longTermStrategy = createLongTermPlan(analysis, optimizations);
+    const impact = estimateImpact(optimizations, request.targetMetrics);
+    logger.info({ analysisTimeMs: timer.elapsed() }, 'Performance analysis complete');
+    return {
+        analysis,
+        optimizations,
+        immediateActions,
+        longTermStrategy,
+        expectedImpact: impact,
+        generatedAt: new Date().toISOString(),
+    };
+}
+/**
+ * Analyze performance bottlenecks
+ */
+async function analyzePerformance(request) {
+    if (!isNoLLMMode()) {
+        try {
+            return await analyzeWithAI(request);
+        }
+        catch (error) {
+            logger.warn({ error }, 'AI analysis failed, using heuristic analysis');
+            return generateHeuristicAnalysis(request);
+        }
+    }
+    return generateHeuristicAnalysis(request);
+}
+/**
+ * AI-powered performance analysis
+ */
+async function analyzeWithAI(request) {
+    const provider = await getActiveProvider();
+    const metricsContext = request.metrics
+        ? `Current metrics:\n${Object.entries(request.metrics)
+            .map(([k, v]) => `${k}: ${v}`)
+            .join('\n')}`
+        : '';
+    const prompt = `You are a performance optimization expert. Analyze this performance issue:
+${request.problemDescription}
+${metricsContext}
+${request.code ? `Code:\n${request.code}` : ''}
+Identify:
+1. Primary bottlenecks
+2. Root causes
+3. Severity level
+4. Affected users
+Focus on:
+- Web Vitals (FCP, LCP, INP, CLS)
+- Memory leaks
+- Rendering performance
+- Network requests
+- Bundle size`;
+    const result = await provider.completeJson(prompt);
+    if (result.data) {
+        return result.data;
+    }
+    return generateHeuristicAnalysis(request);
+}
+/**
+ * Heuristic-based performance analysis
+ */
+function generateHeuristicAnalysis(request) {
+    const bottlenecks = [];
+    if (request.metrics?.largestContentfulPaint && request.metrics.largestContentfulPaint > 2500) {
+        bottlenecks.push({
+            area: 'rendering',
+            issue: 'Large Contentful Paint is slow',
+            impact: 'critical',
+            currentValue: request.metrics.largestContentfulPaint,
+            targetValue: 2500,
+            unit: 'ms',
+            estimatedUsers: '40-50%',
+        });
+    }
+    if (request.metrics?.bundleSize && request.metrics.bundleSize > 200000) {
+        bottlenecks.push({
+            area: 'bundle',
+            issue: 'Bundle size is excessive',
+            impact: 'high',
+            currentValue: request.metrics.bundleSize / 1000,
+            targetValue: 150,
+            unit: 'KB',
+        });
+    }
+    if (request.problemDescription.toLowerCase().includes('re-render')) {
+        bottlenecks.push({
+            area: 'rendering',
+            issue: 'Unnecessary re-renders',
+            impact: 'high',
+        });
+    }
+    return {
+        currentState: 'Performance issues detected',
+        bottlenecks: bottlenecks.length > 0 ? bottlenecks : [
+            {
+                area: 'rendering',
+                issue: 'General performance degradation',
+                impact: 'medium',
+            },
+        ],
+        rootCauses: ['Unoptimized components', 'Heavy dependencies', 'Poor caching strategy'],
+        severityLevel: bottlenecks.some(b => b.impact === 'critical') ? 'critical' : 'high',
+    };
+}
+/**
+ * Generate optimization strategies
+ */
+function generateOptimizationStrategies(analysis, request) {
+    return [
+        {
+            name: 'Code Splitting & Lazy Loading',
+            description: 'Split code into chunks and load only what is needed',
+            implementation: 'Use React.lazy() or dynamic imports for route-based splitting',
+            difficulty: 'easy',
+            effort: '2-4 hours',
+            impact: 'high',
+            priority: 9,
+            tools: ['webpack', 'vite', 'next.js'],
+            codeExample: `const HeavyComponent = lazy(() => import('./Heavy'));
+export default () => <Suspense fallback={<div>Loading...</div>}>
+  <HeavyComponent />
+</Suspense>`,
+            potentialIssues: ['User sees loading spinner', 'Increased network requests'],
+        },
+        {
+            name: 'Memoization & React.memo()',
+            description: 'Prevent unnecessary re-renders of components',
+            implementation: 'Wrap expensive components with React.memo() and optimize props',
+            difficulty: 'medium',
+            effort: '4-8 hours',
+            impact: 'high',
+            priority: 8,
+            tools: ['react'],
+            codeExample: `const MyComponent = memo(({ data }) => {
+  return <div>{data.value}</div>;
+}, (prev, next) => prev.data.id === next.data.id);`,
+        },
+        {
+            name: 'Bundle Size Reduction',
+            description: 'Remove unused code and dependencies',
+            implementation: 'Audit dependencies, use tree-shaking, replace heavy libraries',
+            difficulty: 'medium',
+            effort: '8-16 hours',
+            impact: 'high',
+            priority: 9,
+            tools: ['webpack-bundle-analyzer', 'bundlesize', 'esbuild'],
+            potentialIssues: ['Breaking changes in refactored code'],
+        },
+        {
+            name: 'Image Optimization',
+            description: 'Optimize images for web performance',
+            implementation: 'Use modern formats (WebP), responsive images, lazy loading',
+            difficulty: 'easy',
+            effort: '2-4 hours',
+            impact: 'medium',
+            priority: 7,
+            tools: ['next/image', 'sharp', 'imagemin'],
+            codeExample: `<Image
+  src="/img.jpg"
+  alt="test"
+  width={800}
+  height={600}
+  priority={false}
+/>`,
+        },
+        {
+            name: 'Caching Strategy',
+            description: 'Implement proper HTTP caching',
+            implementation: 'Set cache headers, use service workers, implement client-side caching',
+            difficulty: 'medium',
+            effort: '6-10 hours',
+            impact: 'medium',
+            priority: 6,
+        },
+    ];
+}
+/**
+ * Prioritize immediate actions
+ */
+function prioritizeActions(strategies) {
+    return strategies
+        .filter(s => s.priority >= 7)
+        .map((strategy, index) => {
+        const priorityMap = {
+            0: 'critical',
+            1: 'high',
+        };
+        return {
+            priority: (priorityMap[index] || 'medium'),
+            action: `Implement: ${strategy.name}`,
+            expectedGain: Math.max(5, 30 - index * 5),
+            effort: strategy.effort,
+            timeline: index === 0 ? 'This week' : `Next ${index + 1} weeks`,
+        };
+    })
+        .slice(0, 5);
+}
+/**
+ * Create long-term performance strategy
+ */
+function createLongTermPlan(analysis, strategies) {
+    return `Performance Strategy:
+1. Immediate: Focus on critical bottlenecks (${analysis.bottlenecks.filter(b => b.impact === 'critical').length} found)
+2. Short-term: Implement high-impact optimizations (code splitting, memoization)
+3. Medium-term: Build monitoring and alerting for performance
+4. Long-term: Establish performance budget and continuous optimization culture
+Success Metrics:
+- Track Web Vitals (FCP < 1.8s, LCP < 2.5s, INP < 200ms, CLS < 0.1)
+- Monitor bundle size trends
+- Set performance budgets per route
+- Regular performance audits (bi-weekly)`;
+}
+/**
+ * Estimate performance impact
+ */
+function estimateImpact(strategies, targets) {
+    const highImpactCount = strategies.filter(s => s.impact === 'high').length;
+    return {
+        expectedFcpImprovement: highImpactCount * 15,
+        expectedLcpImprovement: highImpactCount * 20,
+        expectedBundleSizeReduction: 30,
+        expectedMemorySavings: 25,
+        estimatedUserImpact: '35-45% of users will experience measurable improvements',
+        expectedRevenue: '2-5% increase in conversion rate (based on industry benchmarks)',
+    };
+}
+// ============================================================================
+// Export
+// ============================================================================
+export default optimizePerformance;
+//# sourceMappingURL=performance-optimizer.js.map

package/dist/tools/performance-optimizer.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"performance-optimizer.js","sourceRoot":"","sources":["../../src/tools/performance-optimizer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AA4FxB,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E,MAAM,wBAAwB,GAAG,CAAC,CAAC,MAAM,CAAC;IACxC,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;IACtC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;QAChB,oBAAoB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC3C,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC7C,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC7C,qBAAqB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC5C,gBAAgB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC/B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAClC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QACjC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAClC,CAAC,CAAC,QAAQ,EAAE;IACb,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC3B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,aAAa,EAAE,CAAC,CAAC,MAAM,CAAC;QACtB,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC1B,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAC1B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;QAClC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;KAClC,CAAC,CAAC,QAAQ,EAAE;IACb,WAAW,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAC5C,CAAC,CAAC;AAEH,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,OAAuC;IAEvC,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;IAE5B,wBAAwB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAExC,MAAM,CAAC,IAAI,CACT,EAAE,OAAO,EAAE,OAAO,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EACzD,4CAA4C,CAC7C,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,aAAa,GAAG,8BAA8B,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACxE,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,aAAa,CAAC,CAAC;IAC1D,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;IACrE,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAEpE,MAAM,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,KAAK,CAAC,OAAO,EAAE,EAAE,EAAE,+BAA+B,CAAC,CAAC;IAElF,OAAO;QACL,QAAQ;QACR,aAAa;QACb,gBAAgB;QAChB,gBAAgB;QAChB,cAAc,EAAE,MAAM;QACtB,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACtC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,kBAAkB,CAC/B,OAAuC;IAEvC,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACnB,IAAI,CAAC;YACH,OAAO,MAAM,aAAa,CAAC,OAAO,CAAC,CAAC;QACtC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,8CAA8C,CAAC,CAAC;YACvE,OAAO,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,OAAO,yBAAyB,CAAC,OAAO,CAAC,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,aAAa,CAC1B,OAAuC;IAEvC,MAAM,QAAQ,GAAG,MAAM,iBAAiB,EAAE,CAAC;IAE3C,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO;QACpC,CAAC,CAAC,qBAAqB,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;aACjD,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;aAC7B,IAAI,CAAC,IAAI,CAAC,EAAE;QACjB,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,MAAM,GAAG;;EAEf,OAAO,CAAC,kBAAkB;;EAE1B,cAAc;;EAEd,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE;;;;;;;;;;;;;cAahC,CAAC;IAEb,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAsB,MAAM,CAAC,CAAC;IAExE,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAChB,OAAO,MAAM,CAAC,IAAI,CAAC;IACrB,CAAC;IAED,OAAO,yBAAyB,CAAC,OAAO,CAAC,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAChC,OAAuC;IAEvC,MAAM,WAAW,GAAiB,EAAE,CAAC;IAErC,IAAI,OAAO,CAAC,OAAO,EAAE,sBAAsB,IAAI,OAAO,CAAC,OAAO,CAAC,sBAAsB,GAAG,IAAI,EAAE,CAAC;QAC7F,WAAW,CAAC,IAAI,CAAC;YACf,IAAI,EAAE,WAAW;YACjB,KAAK,EAAE,gCAAgC;YACvC,MAAM,EAAE,UAAU;YAClB,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,sBAAsB;YACpD,WAAW,EAAE,IAAI;YACjB,IAAI,EAAE,IAAI;YACV,cAAc,EAAE,QAAQ;SACzB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,OAAO,CAAC,OAAO,EAAE,UAAU,IAAI,OAAO,CAAC,OAAO,CAAC,UAAU,GAAG,MAAM,EAAE,CAAC;QACvE,WAAW,CAAC,IAAI,CAAC;YACf,IAAI,EAAE,QAAQ;YACd,KAAK,EAAE,0BAA0B;YACjC,MAAM,EAAE,MAAM;YACd,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,UAAU,GAAG,IAAI;YAC/C,WAAW,EAAE,GAAG;YAChB,IAAI,EAAE,IAAI;SACX,CAAC,CAAC;IACL,CAAC;IAED,IAAI,OAAO,CAAC,kBAAkB,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QACnE,WAAW,CAAC,IAAI,CAAC;YACf,IAAI,EAAE,WAAW;YACjB,KAAK,EAAE,wBAAwB;YAC/B,MAAM,EAAE,MAAM;SACf,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,YAAY,EAAE,6BAA6B;QAC3C,WAAW,EAAE,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;YAClD;gBACE,IAAI,EAAE,WAAW;gBACjB,KAAK,EAAE,iCAAiC;gBACxC,MAAM,EAAE,QAAQ;aACjB;SACF;QACD,UAAU,EAAE,CAAC,wBAAwB,EAAE,oBAAoB,EAAE,uBAAuB,CAAC;QACrF,aAAa,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM;KACpF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,8BAA8B,CACrC,QAA6B,EAC7B,OAAuC;IAEvC,OAAO;QACL;YACE,IAAI,EAAE,+BAA+B;YACrC,WAAW,EAAE,qDAAqD;YAClE,cAAc,EAAE,+DAA+D;YAC/E,UAAU,EAAE,MAAM;YAClB,MAAM,EAAE,WAAW;YACnB,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,CAAC;YACrC,WAAW,EAAE;;;YAGP;YACN,eAAe,EAAE,CAAC,2BAA2B,EAAE,4BAA4B,CAAC;SAC7E;QACD;YACE,IAAI,EAAE,4BAA4B;YAClC,WAAW,EAAE,8CAA8C;YAC3D,cAAc,EAAE,gEAAgE;YAChF,UAAU,EAAE,QAAQ;YACpB,MAAM,EAAE,WAAW;YACnB,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,CAAC,OAAO,CAAC;YAChB,WAAW,EAAE;;mDAEgC;SAC9C;QACD;YACE,IAAI,EAAE,uBAAuB;YAC7B,WAAW,EAAE,qCAAqC;YAClD,cAAc,EAAE,+DAA+D;YAC/E,UAAU,EAAE,QAAQ;YACpB,MAAM,EAAE,YAAY;YACpB,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,CAAC,yBAAyB,EAAE,YAAY,EAAE,SAAS,CAAC;YAC3D,eAAe,EAAE,CAAC,qCAAqC,CAAC;SACzD;QACD;YACE,IAAI,EAAE,oBAAoB;YAC1B,WAAW,EAAE,qCAAqC;YAClD,cAAc,EAAE,4DAA4D;YAC5E,UAAU,EAAE,MAAM;YAClB,MAAM,EAAE,WAAW;YACnB,MAAM,EAAE,QAAQ;YAChB,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,UAAU,CAAC;YAC1C,WAAW,EAAE;;;;;;GAMhB;SACE;QACD;YACE,IAAI,EAAE,kBAAkB;YACxB,WAAW,EAAE,+BAA+B;YAC5C,cAAc,EAAE,uEAAuE;YACvF,UAAU,EAAE,QAAQ;YACpB,MAAM,EAAE,YAAY;YACpB,MAAM,EAAE,QAAQ;YAChB,QAAQ,EAAE,CAAC;SACZ;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,UAAkC;IAC3D,OAAO,UAAU;SACd,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC;SAC5B,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,EAAE;QACvB,MAAM,WAAW,GAAmD;YAClE,CAAC,EAAE,UAAU;YACb,CAAC,EAAE,MAAM;SACV,CAAC;QACF,OAAO;YACL,QAAQ,EAAE,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAmC;YAC5E,MAAM,EAAE,cAAc,QAAQ,CAAC,IAAI,EAAE;YACrC,YAAY,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,KAAK,GAAG,CAAC,CAAC;YACzC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,QAAQ,EAAE,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ;SAChE,CAAC;IACJ,CAAC,CAAC;SACD,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,QAA6B,EAC7B,UAAkC;IAElC,OAAO;+CACsC,QAAQ,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,MAAM;;;;;;;;;yCAStE,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CACrB,UAAkC,EAClC,OAAuB;IAEvB,MAAM,eAAe,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAE3E,OAAO;QACL,sBAAsB,EAAE,eAAe,GAAG,EAAE;QAC5C,sBAAsB,EAAE,eAAe,GAAG,EAAE;QAC5C,2BAA2B,EAAE,EAAE;QAC/B,qBAAqB,EAAE,EAAE;QACzB,mBAAmB,EAAE,yDAAyD;QAC9E,eAAe,EAAE,iEAAiE;KACnF,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,SAAS;AACT,+EAA+E;AAE/E,eAAe,mBAAmB,CAAC"}

package/dist/tools/security-scanner.d.ts ADDED Viewed

@@ -0,0 +1,74 @@
+/**
+ * Atlas Server - Advanced Security & Vulnerability Scanner\n *
+ * Enterprise-grade security analysis for frontend applications
+ * - Dependency vulnerability scanning
+ * - Code-level security vulnerabilities
+ * - XSS/CSRF/Injection prevention
+ * - Authentication/Authorization issues
+ * - API security recommendations
+ * - Data exposure risks
+ *
+ * @module security-scanner
+ * @author Nishant Unavane
+ * @version 1.0.0
+ */
+export interface SecurityScanRequest {
+    codeBase?: string;
+    dependencies?: string[];
+    apiEndpoints?: ApiEndpoint[];
+    authMethod?: string;
+    dataHandling?: string;
+    frameworks?: string[];
+    environmentVariables?: string[];
+}
+export interface ApiEndpoint {
+    method: string;
+    path: string;
+    authentication: string;
+    inputValidation?: string;
+    rateLimit?: string;
+}
+export interface SecurityScanResult {
+    vulnerabilities: Vulnerability[];
+    riskScore: number;
+    riskLevel: 'critical' | 'high' | 'medium' | 'low';
+    summary: string;
+    recommendations: SecurityRecommendation[];
+    complianceStatus: ComplianceStatus;
+    generatedAt: string;
+}
+export interface Vulnerability {
+    id: string;
+    title: string;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+    type: VulnerabilityType;
+    description: string;
+    affectedArea: string;
+    cveId?: string;
+    impact: string;
+    remediation: string;
+    exploitability: 'high' | 'medium' | 'low';
+    codeLocation?: string;
+}
+export type VulnerabilityType = 'xss' | 'csrf' | 'injection' | 'insecure-auth' | 'insecure-data-storage' | 'insecure-api' | 'dependency-vulnerability' | 'sensitive-data-exposure' | 'broken-access-control' | 'security-misconfiguration' | 'insecure-deserialization' | 'insufficient-logging';
+export interface SecurityRecommendation {
+    priority: 'critical' | 'high' | 'medium' | 'low';
+    category: string;
+    recommendation: string;
+    implementation: string;
+    effort: string;
+    benefit: string;
+}
+export interface ComplianceStatus {
+    gdpr: 'compliant' | 'partial' | 'non-compliant';
+    ccpa: 'compliant' | 'partial' | 'non-compliant';
+    hipaa: 'compliant' | 'partial' | 'non-compliant';
+    pciDss: 'compliant' | 'partial' | 'non-compliant';
+    owasp: string;
+}
+/**
+ * Perform comprehensive security scan
+ */
+export declare function scanSecurity(request: SecurityScanRequest): Promise<SecurityScanResult>;
+export default scanSecurity;
+//# sourceMappingURL=security-scanner.d.ts.map

package/dist/tools/security-scanner.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security-scanner.d.ts","sourceRoot":"","sources":["../../src/tools/security-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAUH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,YAAY,CAAC,EAAE,WAAW,EAAE,CAAC;IAC7B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;CACjC;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,aAAa,EAAE,CAAC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IAClD,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,sBAAsB,EAAE,CAAC;IAC1C,gBAAgB,EAAE,gBAAgB,CAAC;IACnC,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,IAAI,EAAE,iBAAiB,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IAC1C,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,MAAM,iBAAiB,GACzB,KAAK,GACL,MAAM,GACN,WAAW,GACX,eAAe,GACf,uBAAuB,GACvB,cAAc,GACd,0BAA0B,GAC1B,yBAAyB,GACzB,uBAAuB,GACvB,2BAA2B,GAC3B,0BAA0B,GAC1B,sBAAsB,CAAC;AAE3B,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,WAAW,GAAG,SAAS,GAAG,eAAe,CAAC;IAChD,IAAI,EAAE,WAAW,GAAG,SAAS,GAAG,eAAe,CAAC;IAChD,KAAK,EAAE,WAAW,GAAG,SAAS,GAAG,eAAe,CAAC;IACjD,MAAM,EAAE,WAAW,GAAG,SAAS,GAAG,eAAe,CAAC;IAClD,KAAK,EAAE,MAAM,CAAC;CACf;AA0BD;;GAEG;AACH,wBAAsB,YAAY,CAChC,OAAO,EAAE,mBAAmB,GAC3B,OAAO,CAAC,kBAAkB,CAAC,CA8B7B;AAsQD,eAAe,YAAY,CAAC"}

package/dist/tools/security-scanner.js ADDED Viewed

@@ -0,0 +1,290 @@
+/**
+ * Atlas Server - Advanced Security & Vulnerability Scanner\n *
+ * Enterprise-grade security analysis for frontend applications
+ * - Dependency vulnerability scanning
+ * - Code-level security vulnerabilities
+ * - XSS/CSRF/Injection prevention
+ * - Authentication/Authorization issues
+ * - API security recommendations
+ * - Data exposure risks
+ *
+ * @module security-scanner
+ * @author Nishant Unavane
+ * @version 1.0.0
+ */
+import { getActiveProvider, isNoLLMMode } from '../providers/index.js';
+import { logger, createTimer } from '../utils.js';
+import { z } from 'zod';
+// ============================================================================
+// Validation Schema
+// ============================================================================
+const SecurityScanRequestSchema = z.object({
+    codeBase: z.string().optional(),
+    dependencies: z.array(z.string()).optional(),
+    apiEndpoints: z.array(z.object({
+        method: z.string(),
+        path: z.string(),
+        authentication: z.string(),
+        inputValidation: z.string().optional(),
+        rateLimit: z.string().optional(),
+    })).optional(),
+    authMethod: z.string().optional(),
+    dataHandling: z.string().optional(),
+    frameworks: z.array(z.string()).optional(),
+    environmentVariables: z.array(z.string()).optional(),
+});
+// ============================================================================
+// Security Scanning
+// ============================================================================
+/**
+ * Perform comprehensive security scan
+ */
+export async function scanSecurity(request) {
+    const timer = createTimer();
+    SecurityScanRequestSchema.parse(request);
+    logger.info({ frameworks: request.frameworks }, 'Starting security scan');
+    const vulnerabilities = await findVulnerabilities(request);
+    const riskScore = calculateRiskScore(vulnerabilities);
+    const recommendations = generateRecommendations(vulnerabilities, request);
+    const compliance = assessCompliance(request);
+    logger.info({ vulnerabilityCount: vulnerabilities.length, riskScore, timeMs: timer.elapsed() }, 'Security scan complete');
+    return {
+        vulnerabilities,
+        riskScore,
+        riskLevel: riskScore >= 80 ? 'critical'
+            : riskScore >= 60 ? 'high'
+                : riskScore >= 40 ? 'medium'
+                    : 'low',
+        summary: generateScanSummary(vulnerabilities),
+        recommendations,
+        complianceStatus: compliance,
+        generatedAt: new Date().toISOString(),
+    };
+}
+/**
+ * Find vulnerabilities in codebase
+ */
+async function findVulnerabilities(request) {
+    if (!isNoLLMMode()) {
+        try {
+            return await scanWithAI(request);
+        }
+        catch (error) {
+            logger.warn({ error }, 'AI scan failed, using heuristic scanning');
+            return heuristicScan(request);
+        }
+    }
+    return heuristicScan(request);
+}
+/**
+ * AI-powered security scanning
+ */
+async function scanWithAI(request) {
+    const provider = await getActiveProvider();
+    const prompt = `You are a senior security engineer. Scan this frontend application for vulnerabilities:
+${request.codeBase ? `Code:\n${request.codeBase}` : ''}
+${request.frameworks?.length ? `Frameworks: ${request.frameworks.join(', ')}` : ''}
+${request.authMethod ? `Auth: ${request.authMethod}` : ''}
+${request.dataHandling ? `Data Handling: ${request.dataHandling}` : ''}
+Identify:
+1. XSS vulnerabilities
+2. CSRF issues
+3. Injection attacks
+4. Insecure authentication
+5. Data exposure risks
+6. API security issues
+7. Dependency vulnerabilities
+For each, provide:
+- Severity level
+- Impact
+- Remediation steps
+- Exploitability`;
+    const result = await provider.completeJson(prompt);
+    return result.data || [];
+}
+/**
+ * Heuristic security scanning
+ */
+function heuristicScan(request) {
+    const vulnerabilities = [];
+    // Check for common vulnerabilities
+    if (request.codeBase) {
+        if (request.codeBase.includes('innerHTML') && !request.codeBase.includes('DOMPurify')) {
+            vulnerabilities.push({
+                id: 'XSS-001',
+                title: 'Potential XSS via innerHTML',
+                severity: 'high',
+                type: 'xss',
+                description: 'Using innerHTML without sanitization can lead to XSS attacks',
+                affectedArea: 'HTML rendering',
+                impact: 'Attackers can execute arbitrary JavaScript in user browsers',
+                remediation: 'Use textContent instead or use DOMPurify for sanitization',
+                exploitability: 'high',
+            });
+        }
+        if (request.codeBase.includes('eval(') || request.codeBase.includes('Function(')) {
+            vulnerabilities.push({
+                id: 'INJ-001',
+                title: 'Code Injection via eval()',
+                severity: 'critical',
+                type: 'injection',
+                description: 'Using eval() is extremely dangerous',
+                affectedArea: 'Dynamic code execution',
+                impact: 'Complete application compromise',
+                remediation: 'Never use eval(). Use JSON.parse() or alternatives.',
+                exploitability: 'high',
+            });
+        }
+        if (request.codeBase.includes('localStorage') && !request.codeBase.includes('secure')) {
+            vulnerabilities.push({
+                id: 'SEC-001',
+                title: 'Sensitive data in localStorage',
+                severity: 'high',
+                type: 'insecure-data-storage',
+                description: 'localStorage is not secure for sensitive data',
+                affectedArea: 'Data storage',
+                impact: 'User credentials and tokens can be stolen via XSS',
+                remediation: 'Use httpOnly cookies for auth tokens. Only store non-sensitive data.',
+                exploitability: 'high',
+            });
+        }
+    }
+    // Check dependencies for known vulnerabilities
+    if (request.dependencies?.includes('lodash@<4.17.21')) {
+        vulnerabilities.push({
+            id: 'DEP-001',
+            title: 'Vulnerable lodash version',
+            severity: 'medium',
+            type: 'dependency-vulnerability',
+            description: 'lodash < 4.17.21 has prototype pollution vulnerability',
+            affectedArea: 'Dependency',
+            cveId: 'CVE-2021-23337',
+            impact: 'Code execution, DoS',
+            remediation: 'Update lodash to >= 4.17.21',
+            exploitability: 'medium',
+        });
+    }
+    // Check API endpoints
+    if (request.apiEndpoints) {
+        for (const endpoint of request.apiEndpoints) {
+            if (endpoint.authentication === 'none' && endpoint.path.includes('admin')) {
+                vulnerabilities.push({
+                    id: 'API-001',
+                    title: 'Unprotected admin endpoint',
+                    severity: 'critical',
+                    type: 'broken-access-control',
+                    description: `Admin endpoint ${endpoint.path} has no authentication`,
+                    affectedArea: endpoint.path,
+                    impact: 'Unauthorized access to admin functions',
+                    remediation: 'Require authentication and authorization checks',
+                    exploitability: 'high',
+                });
+            }
+            if (!endpoint.rateLimit) {
+                vulnerabilities.push({
+                    id: 'API-002',
+                    title: 'Missing rate limiting',
+                    severity: 'medium',
+                    type: 'security-misconfiguration',
+                    description: `Endpoint ${endpoint.path} has no rate limiting`,
+                    affectedArea: endpoint.path,
+                    impact: 'Brute force attacks, DoS',
+                    remediation: 'Implement rate limiting per IP/user',
+                    exploitability: 'medium',
+                });
+            }
+        }
+    }
+    return vulnerabilities;
+}
+/**
+ * Calculate overall risk score
+ */
+function calculateRiskScore(vulnerabilities) {
+    let score = 0;
+    for (const vuln of vulnerabilities) {
+        const severityScore = vuln.severity === 'critical' ? 30
+            : vuln.severity === 'high' ? 20
+                : vuln.severity === 'medium' ? 10
+                    : 3;
+        const exploitabilityScore = vuln.exploitability === 'high' ? 1
+            : vuln.exploitability === 'medium' ? 0.7
+                : 0.3;
+        score += severityScore * exploitabilityScore;
+    }
+    return Math.min(score, 100);
+}
+/**
+ * Generate remediation recommendations
+ */
+function generateRecommendations(vulnerabilities, request) {
+    const recommendations = [];
+    // Add recommendations based on vulnerabilities
+    if (vulnerabilities.some(v => v.type === 'xss')) {
+        recommendations.push({
+            priority: 'critical',
+            category: 'XSS Prevention',
+            recommendation: 'Implement Content Security Policy (CSP) headers',
+            implementation: 'Set CSP headers that restrict script sources',
+            effort: '2-4 hours',
+            benefit: 'Blocks inline scripts and untrusted external scripts',
+        });
+    }
+    if (vulnerabilities.some(v => v.type === 'dependency-vulnerability')) {
+        recommendations.push({
+            priority: 'high',
+            category: 'Dependency Management',
+            recommendation: 'Implement automated dependency updates',
+            implementation: 'Use Dependabot or Renovate for automated PRs',
+            effort: '1 hour setup',
+            benefit: 'Stay ahead of known vulnerabilities',
+        });
+    }
+    recommendations.push({
+        priority: 'high',
+        category: 'Security Testing',
+        recommendation: 'Add SAST (Static Application Security Testing)',
+        implementation: 'Integrate tools like Snyk, SonarQube, or ESLint security plugins',
+        effort: '4-8 hours',
+        benefit: 'Catch vulnerabilities during development',
+    });
+    recommendations.push({
+        priority: 'medium',
+        category: 'Security Headers',
+        recommendation: 'Implement security headers',
+        implementation: 'Add X-Frame-Options, X-Content-Type-Options, Strict-Transport-Security',
+        effort: '2 hours',
+        benefit: 'Prevent clickjacking and MIME sniffing attacks',
+    });
+    return recommendations;
+}
+/**
+ * Assess compliance status
+ */
+function assessCompliance(request) {
+    return {
+        gdpr: 'partial',
+        ccpa: 'partial',
+        hipaa: 'non-compliant',
+        pciDss: 'partial',
+        owasp: 'Top 10 vulnerabilities may be present - full audit recommended',
+    };
+}
+/**
+ * Generate scan summary
+ */
+function generateScanSummary(vulnerabilities) {
+    const critical = vulnerabilities.filter(v => v.severity === 'critical').length;
+    const high = vulnerabilities.filter(v => v.severity === 'high').length;
+    const medium = vulnerabilities.filter(v => v.severity === 'medium').length;
+    return `Security scan found ${vulnerabilities.length} issues: ${critical} critical, ${high} high, ${medium} medium. ` +
+        (critical > 0 ? 'URGENT: Address critical vulnerabilities immediately.' : 'Review and remediate high-severity issues.');
+}
+// ============================================================================
+// Export
+// ============================================================================
+export default scanSecurity;
+//# sourceMappingURL=security-scanner.js.map