aura-security 0.4.0

package/dist/integrations/config.d.ts

@@ -0,0 +1,69 @@
+export interface ModuleConfig {
+    id: string;
+    name: string;
+    description?: string;
+    critical_paths?: string[];
+    connections?: string[];
+}
+export interface IntegrationConfig {
+    github?: {
+        enabled: boolean;
+        token?: string;
+        webhook_secret?: string;
+    };
+    gitlab?: {
+        enabled: boolean;
+        token?: string;
+        api_url?: string;
+    };
+    scanners?: {
+        snyk?: {
+            enabled: boolean;
+        };
+        trivy?: {
+            enabled: boolean;
+        };
+        semgrep?: {
+            enabled: boolean;
+        };
+        npm_audit?: {
+            enabled: boolean;
+        };
+    };
+}
+export interface AuditorConfig {
+    version: string;
+    name?: string;
+    description?: string;
+    server: {
+        port: number;
+        host?: string;
+    };
+    webhook?: {
+        enabled: boolean;
+        port: number;
+        secret?: string;
+    };
+    visualizer?: {
+        enabled: boolean;
+        port: number;
+    };
+    modules: ModuleConfig[];
+    policy: {
+        critical_assets: string[];
+        risk_tolerance: 'low' | 'medium' | 'high';
+    };
+    integrations?: IntegrationConfig;
+}
+export declare class ConfigLoader {
+    private config;
+    constructor();
+    loadFromFile(filePath: string): AuditorConfig;
+    loadFromEnv(): AuditorConfig;
+    autoLoad(basePath?: string): AuditorConfig;
+    getConfig(): AuditorConfig;
+    validate(): string[];
+    private parseSimpleYaml;
+    private mergeConfig;
+}
+export declare const configLoader: ConfigLoader;

package/dist/integrations/config.js

@@ -0,0 +1,212 @@
+// Configuration System - Load and validate auditor configuration
+// Supports: JSON, YAML (with js-yaml), and environment variables
+import { readFileSync, existsSync } from 'fs';
+import { join } from 'path';
+const DEFAULT_CONFIG = {
+    version: '1.0',
+    server: {
+        port: 3000,
+        host: '127.0.0.1'
+    },
+    webhook: {
+        enabled: false,
+        port: 3001
+    },
+    visualizer: {
+        enabled: true,
+        port: 8080
+    },
+    modules: [
+        { id: 'auth', name: 'AUTH', description: 'Authentication & Identity', critical_paths: ['**/auth/**', '**/login/**', '**/oauth/**'] },
+        { id: 'database', name: 'DATABASE', description: 'Data Storage', critical_paths: ['**/db/**', '**/database/**', '**/models/**'] },
+        { id: 'api', name: 'API', description: 'External Endpoints', critical_paths: ['**/api/**', '**/routes/**', '**/controllers/**'] },
+        { id: 'infra', name: 'INFRA', description: 'Infrastructure', critical_paths: ['**/*.tf', '**/terraform/**', '**/k8s/**', '**/docker/**'] },
+        { id: 'billing', name: 'BILLING', description: 'Payment Processing', critical_paths: ['**/billing/**', '**/payment/**', '**/stripe/**'] },
+        { id: 'secrets', name: 'SECRETS', description: 'Credentials & Keys', critical_paths: ['**/.env*', '**/secrets/**', '**/config/**'] }
+    ],
+    policy: {
+        critical_assets: ['auth', 'billing', 'database', 'secrets'],
+        risk_tolerance: 'medium'
+    },
+    integrations: {
+        github: { enabled: false },
+        gitlab: { enabled: false },
+        scanners: {
+            snyk: { enabled: false },
+            trivy: { enabled: false },
+            semgrep: { enabled: false },
+            npm_audit: { enabled: true }
+        }
+    }
+};
+export class ConfigLoader {
+    config;
+    constructor() {
+        this.config = { ...DEFAULT_CONFIG };
+    }
+    // Load from file
+    loadFromFile(filePath) {
+        if (!existsSync(filePath)) {
+            console.warn(`[Config] File not found: ${filePath}, using defaults`);
+            return this.config;
+        }
+        const content = readFileSync(filePath, 'utf-8');
+        const ext = filePath.split('.').pop()?.toLowerCase();
+        let parsed;
+        if (ext === 'json') {
+            parsed = JSON.parse(content);
+        }
+        else if (ext === 'yaml' || ext === 'yml') {
+            // Simple YAML parsing (key: value format)
+            parsed = this.parseSimpleYaml(content);
+        }
+        else {
+            throw new Error(`Unsupported config format: ${ext}`);
+        }
+        this.config = this.mergeConfig(this.config, parsed);
+        return this.config;
+    }
+    // Load from environment variables
+    loadFromEnv() {
+        const env = process.env;
+        if (env.AURA_PORT) {
+            this.config.server.port = parseInt(env.AURA_PORT, 10);
+        }
+        if (env.AURA_HOST) {
+            this.config.server.host = env.AURA_HOST;
+        }
+        if (env.WEBHOOK_PORT) {
+            this.config.webhook = { ...this.config.webhook, enabled: true, port: parseInt(env.WEBHOOK_PORT, 10) };
+        }
+        if (env.WEBHOOK_SECRET) {
+            this.config.webhook = { ...this.config.webhook, secret: env.WEBHOOK_SECRET };
+        }
+        if (env.VISUALIZER_PORT) {
+            this.config.visualizer = { ...this.config.visualizer, port: parseInt(env.VISUALIZER_PORT, 10) };
+        }
+        if (env.GITHUB_TOKEN) {
+            this.config.integrations = {
+                ...this.config.integrations,
+                github: { enabled: true, token: env.GITHUB_TOKEN }
+            };
+        }
+        if (env.GITLAB_TOKEN) {
+            this.config.integrations = {
+                ...this.config.integrations,
+                gitlab: { enabled: true, token: env.GITLAB_TOKEN }
+            };
+        }
+        if (env.RISK_TOLERANCE) {
+            this.config.policy.risk_tolerance = env.RISK_TOLERANCE;
+        }
+        return this.config;
+    }
+    // Auto-detect and load config
+    autoLoad(basePath = process.cwd()) {
+        const configFiles = [
+            'aura.config.json',
+            'aura.config.yaml',
+            'aura.config.yml',
+            '.aurarc.json',
+            '.aurarc'
+        ];
+        for (const file of configFiles) {
+            const fullPath = join(basePath, file);
+            if (existsSync(fullPath)) {
+                console.log(`[Config] Loading from ${file}`);
+                this.loadFromFile(fullPath);
+                break;
+            }
+        }
+        // Override with env vars
+        this.loadFromEnv();
+        return this.config;
+    }
+    getConfig() {
+        return this.config;
+    }
+    // Validate configuration
+    validate() {
+        const errors = [];
+        if (!this.config.server?.port) {
+            errors.push('server.port is required');
+        }
+        if (this.config.server.port < 1 || this.config.server.port > 65535) {
+            errors.push('server.port must be between 1 and 65535');
+        }
+        if (!this.config.modules || this.config.modules.length === 0) {
+            errors.push('At least one module must be configured');
+        }
+        if (!this.config.policy?.critical_assets) {
+            errors.push('policy.critical_assets is required');
+        }
+        return errors;
+    }
+    parseSimpleYaml(content) {
+        // Very basic YAML parser for simple configs
+        const result = {};
+        const lines = content.split('\n');
+        let currentSection = result;
+        let sectionStack = [result];
+        let indentStack = [0];
+        for (const line of lines) {
+            if (line.trim() === '' || line.trim().startsWith('#'))
+                continue;
+            const indent = line.search(/\S/);
+            const trimmed = line.trim();
+            // Handle section end
+            while (indent <= indentStack[indentStack.length - 1] && indentStack.length > 1) {
+                sectionStack.pop();
+                indentStack.pop();
+                currentSection = sectionStack[sectionStack.length - 1];
+            }
+            if (trimmed.endsWith(':')) {
+                // New section
+                const key = trimmed.slice(0, -1);
+                currentSection[key] = {};
+                sectionStack.push(currentSection[key]);
+                indentStack.push(indent);
+                currentSection = currentSection[key];
+            }
+            else if (trimmed.includes(':')) {
+                // Key-value pair
+                const [key, ...valueParts] = trimmed.split(':');
+                let value = valueParts.join(':').trim();
+                // Parse value type
+                if (value === 'true')
+                    value = true;
+                else if (value === 'false')
+                    value = false;
+                else if (!isNaN(Number(value)))
+                    value = Number(value);
+                else if (value.startsWith('[')) {
+                    // Simple array
+                    value = value.slice(1, -1).split(',').map(v => v.trim().replace(/['"]/g, ''));
+                }
+                currentSection[key.trim()] = value;
+            }
+        }
+        return result;
+    }
+    mergeConfig(base, override) {
+        return {
+            version: override.version || base.version,
+            name: override.name || base.name,
+            description: override.description || base.description,
+            server: { ...base.server, ...override.server },
+            webhook: base.webhook && override.webhook
+                ? { ...base.webhook, ...override.webhook }
+                : (override.webhook || base.webhook),
+            visualizer: base.visualizer && override.visualizer
+                ? { ...base.visualizer, ...override.visualizer }
+                : (override.visualizer || base.visualizer),
+            modules: override.modules || base.modules,
+            policy: { ...base.policy, ...override.policy },
+            integrations: override.integrations
+                ? { ...base.integrations, ...override.integrations }
+                : base.integrations
+        };
+    }
+}
+// Export singleton loader
+export const configLoader = new ConfigLoader();

package/dist/integrations/github.d.ts

@@ -0,0 +1,45 @@
+import type { AuditorInput, AuditorOutput } from '../types/events.js';
+export interface GitHubConfig {
+    token: string;
+    apiUrl?: string;
+}
+export interface PullRequest {
+    number: number;
+    title: string;
+    body: string;
+    head: {
+        sha: string;
+        ref: string;
+    };
+    base: {
+        ref: string;
+    };
+    user: {
+        login: string;
+    };
+    changed_files: number;
+    additions: number;
+    deletions: number;
+}
+export interface ChangedFile {
+    filename: string;
+    status: string;
+    additions: number;
+    deletions: number;
+    patch?: string;
+}
+export declare class GitHubIntegration {
+    private token;
+    private apiUrl;
+    constructor(config: GitHubConfig);
+    private fetch;
+    getPullRequest(owner: string, repo: string, prNumber: number): Promise<PullRequest>;
+    getPullRequestFiles(owner: string, repo: string, prNumber: number): Promise<ChangedFile[]>;
+    getPullRequestDiff(owner: string, repo: string, prNumber: number): Promise<string>;
+    createAuditInput(owner: string, repo: string, prNumber: number, criticalAssets?: string[]): Promise<AuditorInput>;
+    createCheckRun(owner: string, repo: string, headSha: string, output: AuditorOutput): Promise<void>;
+    createPRComment(owner: string, repo: string, prNumber: number, output: AuditorOutput): Promise<void>;
+    private formatCheckSummary;
+    private formatAnnotations;
+    private formatCommentBody;
+}

package/dist/integrations/github.js

@@ -0,0 +1,201 @@
+// GitHub Integration - Fetch PR details, diffs, and create check runs
+// Requires: GITHUB_TOKEN environment variable
+export class GitHubIntegration {
+    token;
+    apiUrl;
+    constructor(config) {
+        this.token = config.token;
+        this.apiUrl = config.apiUrl || 'https://api.github.com';
+    }
+    async fetch(endpoint, options = {}) {
+        const res = await fetch(`${this.apiUrl}${endpoint}`, {
+            ...options,
+            headers: {
+                'Authorization': `Bearer ${this.token}`,
+                'Accept': 'application/vnd.github.v3+json',
+                'X-GitHub-Api-Version': '2022-11-28',
+                ...options.headers
+            }
+        });
+        if (!res.ok) {
+            throw new Error(`GitHub API error: ${res.status} ${res.statusText}`);
+        }
+        return res.json();
+    }
+    // Get pull request details
+    async getPullRequest(owner, repo, prNumber) {
+        return this.fetch(`/repos/${owner}/${repo}/pulls/${prNumber}`);
+    }
+    // Get files changed in PR
+    async getPullRequestFiles(owner, repo, prNumber) {
+        return this.fetch(`/repos/${owner}/${repo}/pulls/${prNumber}/files`);
+    }
+    // Get full diff
+    async getPullRequestDiff(owner, repo, prNumber) {
+        const res = await fetch(`${this.apiUrl}/repos/${owner}/${repo}/pulls/${prNumber}`, {
+            headers: {
+                'Authorization': `Bearer ${this.token}`,
+                'Accept': 'application/vnd.github.v3.diff'
+            }
+        });
+        if (!res.ok) {
+            throw new Error(`GitHub API error: ${res.status}`);
+        }
+        return res.text();
+    }
+    // Create audit input from PR
+    async createAuditInput(owner, repo, prNumber, criticalAssets = ['auth', 'billing', 'database', 'secrets', 'infra']) {
+        const [pr, files, diff] = await Promise.all([
+            this.getPullRequest(owner, repo, prNumber),
+            this.getPullRequestFiles(owner, repo, prNumber),
+            this.getPullRequestDiff(owner, repo, prNumber)
+        ]);
+        const isProd = pr.base.ref === 'main' || pr.base.ref === 'master';
+        return {
+            change_event: {
+                id: `github-${owner}-${repo}-pr-${prNumber}`,
+                type: 'pull_request',
+                environment: isProd ? 'prod' : 'staging',
+                repo: `${owner}/${repo}`,
+                commit: pr.head.sha,
+                files_changed: files.map(f => f.filename),
+                diff: diff
+            },
+            evidence_bundle: {
+            // Can be populated by scanner integrations
+            },
+            policy_context: {
+                critical_assets: criticalAssets,
+                risk_tolerance: isProd ? 'low' : 'medium'
+            }
+        };
+    }
+    // Create a check run for the PR
+    async createCheckRun(owner, repo, headSha, output) {
+        const criticalCount = output.events.filter(e => e.payload.severity === 'critical').length;
+        const highCount = output.events.filter(e => e.payload.severity === 'high').length;
+        const conclusion = criticalCount > 0 ? 'failure' :
+            highCount > 0 ? 'neutral' : 'success';
+        const summary = this.formatCheckSummary(output);
+        const annotations = this.formatAnnotations(output);
+        await this.fetch(`/repos/${owner}/${repo}/check-runs`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                name: 'aurasecurity Audit',
+                head_sha: headSha,
+                status: 'completed',
+                conclusion,
+                output: {
+                    title: `Security Audit: ${output.agent_state.toUpperCase()}`,
+                    summary,
+                    annotations: annotations.slice(0, 50) // GitHub limit
+                }
+            })
+        });
+    }
+    // Create a PR comment with audit results
+    async createPRComment(owner, repo, prNumber, output) {
+        const body = this.formatCommentBody(output);
+        await this.fetch(`/repos/${owner}/${repo}/issues/${prNumber}/comments`, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({ body })
+        });
+    }
+    formatCheckSummary(output) {
+        const counts = {
+            critical: output.events.filter(e => e.payload.severity === 'critical').length,
+            high: output.events.filter(e => e.payload.severity === 'high').length,
+            medium: output.events.filter(e => e.payload.severity === 'medium').length,
+            low: output.events.filter(e => e.payload.severity === 'low').length
+        };
+        return `## Security Audit Results
+
+**Agent State:** ${output.agent_state.toUpperCase()}
+
+### Findings Summary
+| Severity | Count |
+|----------|-------|
+| Critical | ${counts.critical} |
+| High | ${counts.high} |
+| Medium | ${counts.medium} |
+| Low | ${counts.low} |
+
+### Details
+${output.events.filter(e => e.event_type !== 'analysis_started').map(e => `
+#### ${e.payload.severity.toUpperCase()}: ${e.payload.claim}
+- **Confidence:** ${(e.payload.confidence * 100).toFixed(0)}%
+- **Affected:** ${e.payload.affected_assets.join(', ') || 'N/A'}
+- **Attack Path:**
+${e.payload.attack_path.map(p => `  1. ${p}`).join('\n')}
+`).join('\n')}
+`;
+    }
+    formatAnnotations(output) {
+        const annotations = [];
+        for (const event of output.events) {
+            if (event.event_type === 'analysis_started')
+                continue;
+            for (const ref of event.payload.evidence_refs) {
+                if (ref.type === 'diff') {
+                    const level = event.payload.severity === 'critical' ? 'failure' :
+                        event.payload.severity === 'high' ? 'warning' : 'notice';
+                    annotations.push({
+                        path: ref.pointer.includes('/') ? ref.pointer : 'unknown',
+                        start_line: 1,
+                        end_line: 1,
+                        annotation_level: level,
+                        message: event.payload.claim,
+                        title: `${event.payload.severity.toUpperCase()}: Security Finding`
+                    });
+                }
+            }
+        }
+        return annotations;
+    }
+    formatCommentBody(output) {
+        const emoji = output.agent_state === 'blocked' ? '🚨' :
+            output.agent_state === 'escalated' ? '⚠️' :
+                output.agent_state === 'conflict' ? '⚡' : '✅';
+        const counts = {
+            critical: output.events.filter(e => e.payload.severity === 'critical').length,
+            high: output.events.filter(e => e.payload.severity === 'high').length,
+            medium: output.events.filter(e => e.payload.severity === 'medium').length,
+            low: output.events.filter(e => e.payload.severity === 'low').length
+        };
+        let body = `## ${emoji} aurasecurity Audit
+
+**Status:** ${output.agent_state.toUpperCase()}
+
+| Critical | High | Medium | Low |
+|:--------:|:----:|:------:|:---:|
+| ${counts.critical} | ${counts.high} | ${counts.medium} | ${counts.low} |
+
+`;
+        if (output.events.length > 1) {
+            body += `### Findings\n\n`;
+            for (const event of output.events) {
+                if (event.event_type === 'analysis_started')
+                    continue;
+                const sevEmoji = event.payload.severity === 'critical' ? '🔴' :
+                    event.payload.severity === 'high' ? '🟠' :
+                        event.payload.severity === 'medium' ? '🟡' : '🟢';
+                body += `<details>
+<summary>${sevEmoji} <strong>${event.payload.severity.toUpperCase()}</strong>: ${event.payload.claim}</summary>
+
+**Confidence:** ${(event.payload.confidence * 100).toFixed(0)}%
+**Affected:** ${event.payload.affected_assets.join(', ') || 'N/A'}
+
+**Attack Path:**
+${event.payload.attack_path.map((p, i) => `${i + 1}. ${p}`).join('\n')}
+
+</details>
+
+`;
+            }
+        }
+        body += `\n---\n*Powered by aurasecurity*`;
+        return body;
+    }
+}

package/dist/integrations/gitlab.d.ts

@@ -0,0 +1,36 @@
+import type { AuditorInput, AuditorOutput } from '../types/events.js';
+export interface GitLabConfig {
+    token: string;
+    apiUrl?: string;
+}
+export interface MergeRequest {
+    iid: number;
+    title: string;
+    description: string;
+    source_branch: string;
+    target_branch: string;
+    sha: string;
+    author: {
+        username: string;
+    };
+    changes_count: string;
+}
+export interface MergeRequestChange {
+    old_path: string;
+    new_path: string;
+    diff: string;
+}
+export declare class GitLabIntegration {
+    private token;
+    private apiUrl;
+    constructor(config: GitLabConfig);
+    private fetch;
+    getMergeRequest(projectId: string | number, mrIid: number): Promise<MergeRequest>;
+    getMergeRequestChanges(projectId: string | number, mrIid: number): Promise<{
+        changes: MergeRequestChange[];
+    }>;
+    createAuditInput(projectId: string | number, mrIid: number, criticalAssets?: string[]): Promise<AuditorInput>;
+    createMRComment(projectId: string | number, mrIid: number, output: AuditorOutput): Promise<void>;
+    updateCommitStatus(projectId: string | number, sha: string, output: AuditorOutput): Promise<void>;
+    private formatCommentBody;
+}

package/dist/integrations/gitlab.js

@@ -0,0 +1,110 @@
+// GitLab Integration - Fetch MR details and create pipeline comments
+// Requires: GITLAB_TOKEN environment variable
+export class GitLabIntegration {
+    token;
+    apiUrl;
+    constructor(config) {
+        this.token = config.token;
+        this.apiUrl = config.apiUrl || 'https://gitlab.com/api/v4';
+    }
+    async fetch(endpoint, options = {}) {
+        const res = await fetch(`${this.apiUrl}${endpoint}`, {
+            ...options,
+            headers: {
+                'PRIVATE-TOKEN': this.token,
+                'Content-Type': 'application/json',
+                ...options.headers
+            }
+        });
+        if (!res.ok) {
+            throw new Error(`GitLab API error: ${res.status} ${res.statusText}`);
+        }
+        return res.json();
+    }
+    // Get merge request details
+    async getMergeRequest(projectId, mrIid) {
+        return this.fetch(`/projects/${encodeURIComponent(projectId)}/merge_requests/${mrIid}`);
+    }
+    // Get MR changes/diff
+    async getMergeRequestChanges(projectId, mrIid) {
+        return this.fetch(`/projects/${encodeURIComponent(projectId)}/merge_requests/${mrIid}/changes`);
+    }
+    // Create audit input from MR
+    async createAuditInput(projectId, mrIid, criticalAssets = ['auth', 'billing', 'database', 'secrets', 'infra']) {
+        const [mr, changes] = await Promise.all([
+            this.getMergeRequest(projectId, mrIid),
+            this.getMergeRequestChanges(projectId, mrIid)
+        ]);
+        const isProd = mr.target_branch === 'main' || mr.target_branch === 'master';
+        const diff = changes.changes.map(c => c.diff).join('\n');
+        return {
+            change_event: {
+                id: `gitlab-${projectId}-mr-${mrIid}`,
+                type: 'pull_request',
+                environment: isProd ? 'prod' : 'staging',
+                repo: String(projectId),
+                commit: mr.sha,
+                files_changed: changes.changes.map(c => c.new_path),
+                diff
+            },
+            evidence_bundle: {},
+            policy_context: {
+                critical_assets: criticalAssets,
+                risk_tolerance: isProd ? 'low' : 'medium'
+            }
+        };
+    }
+    // Create MR comment with audit results
+    async createMRComment(projectId, mrIid, output) {
+        const body = this.formatCommentBody(output);
+        await this.fetch(`/projects/${encodeURIComponent(projectId)}/merge_requests/${mrIid}/notes`, {
+            method: 'POST',
+            body: JSON.stringify({ body })
+        });
+    }
+    // Update pipeline status
+    async updateCommitStatus(projectId, sha, output) {
+        const criticalCount = output.events.filter(e => e.payload.severity === 'critical').length;
+        const highCount = output.events.filter(e => e.payload.severity === 'high').length;
+        const state = criticalCount > 0 ? 'failed' :
+            highCount > 0 ? 'failed' : 'success';
+        await this.fetch(`/projects/${encodeURIComponent(projectId)}/statuses/${sha}`, {
+            method: 'POST',
+            body: JSON.stringify({
+                state,
+                name: 'aurasecurity Audit',
+                description: `${output.agent_state.toUpperCase()} - ${criticalCount} critical, ${highCount} high`,
+                context: 'security/aura-audit'
+            })
+        });
+    }
+    formatCommentBody(output) {
+        const emoji = output.agent_state === 'blocked' ? '🚨' :
+            output.agent_state === 'escalated' ? '⚠️' : '✅';
+        const counts = {
+            critical: output.events.filter(e => e.payload.severity === 'critical').length,
+            high: output.events.filter(e => e.payload.severity === 'high').length,
+            medium: output.events.filter(e => e.payload.severity === 'medium').length,
+            low: output.events.filter(e => e.payload.severity === 'low').length
+        };
+        let body = `## ${emoji} aurasecurity Audit
+
+**Status:** \`${output.agent_state.toUpperCase()}\`
+
+| Critical | High | Medium | Low |
+|:--------:|:----:|:------:|:---:|
+| ${counts.critical} | ${counts.high} | ${counts.medium} | ${counts.low} |
+
+`;
+        for (const event of output.events) {
+            if (event.event_type === 'analysis_started')
+                continue;
+            body += `### ${event.payload.severity.toUpperCase()}: ${event.payload.claim}
+- Confidence: ${(event.payload.confidence * 100).toFixed(0)}%
+- Affected: ${event.payload.affected_assets.join(', ') || 'N/A'}
+
+`;
+        }
+        return body;
+    }
+}

package/dist/integrations/index.d.ts

@@ -0,0 +1,11 @@
+export { WebhookServer, WebhookHandler } from './webhook.js';
+export { GitHubIntegration } from './github.js';
+export { GitLabIntegration } from './gitlab.js';
+export { ScannerParser, SnykParser, TrivyParser, SemgrepParser } from './scanners.js';
+export { ConfigLoader, AuditorConfig } from './config.js';
+export { LocalScanner, quickLocalScan } from './local-scanner.js';
+export type { LocalScanConfig, LocalScanResult, SecretFinding, PackageFinding, SastFinding, GitInfo, EnvFileFinding, SystemInfo, DiscoveredService, DiscoveredModule } from './local-scanner.js';
+export { NotificationService, createNotificationFromAudit } from './notifications.js';
+export { auraScan, getAuraState, getAvailableAgents, orchestrator } from './aura-scanner.js';
+export type { AuraScanConfig, AuraScanResult } from './aura-scanner.js';
+export type { NotificationConfig, NotificationPayload } from './notifications.js';