lean-claudient-core 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.reports/detailed-analysis_2026-06-20_01ed326b.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_08d39381.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_0a331144.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_0d54ffef.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_14bfa31c.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_211feac4.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_22381bc2.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_29b4ea0a.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_2df0ad14.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_343ec84c.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_3a01030d.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_3b4c99ec.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_3d368827.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_53544d3d.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_5721164a.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_57caf5e7.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_624302f5.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_62456384.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_636a52f1.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_63d1ad41.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_7451ccd7.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_74da4e9a.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_83a90083.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_867fbdd9.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_974c3299.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_a04639a2.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_a8e23d6d.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_aa9150f0.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_acbeee08.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_c4ffa0e2.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_c5f7684b.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_c963b1fa.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_d4bde41f.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_d6eb2497.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_ea6f7f58.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_ebf4e060.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_ec4313a9.html +200 -0
- package/.reports/detailed-analysis_2026-06-20_fc65d18e.html +200 -0
- package/.reports/executive-summary_2026-06-20_00406d50.html +109 -0
- package/.reports/executive-summary_2026-06-20_0bb202d3.html +109 -0
- package/.reports/executive-summary_2026-06-20_0bcd7481.html +109 -0
- package/.reports/executive-summary_2026-06-20_11506445.html +109 -0
- package/.reports/executive-summary_2026-06-20_13616cda.html +109 -0
- package/.reports/executive-summary_2026-06-20_19d41c2f.html +109 -0
- package/.reports/executive-summary_2026-06-20_1b0d6e96.html +109 -0
- package/.reports/executive-summary_2026-06-20_1e38670b.html +109 -0
- package/.reports/executive-summary_2026-06-20_1f32f793.html +109 -0
- package/.reports/executive-summary_2026-06-20_1f40f7d3.html +109 -0
- package/.reports/executive-summary_2026-06-20_25a40a7e.html +109 -0
- package/.reports/executive-summary_2026-06-20_26d11818.html +109 -0
- package/.reports/executive-summary_2026-06-20_26ed4593.html +109 -0
- package/.reports/executive-summary_2026-06-20_291b90a8.html +109 -0
- package/.reports/executive-summary_2026-06-20_2957a848.html +109 -0
- package/.reports/executive-summary_2026-06-20_2a04eb77.html +109 -0
- package/.reports/executive-summary_2026-06-20_2fa701f9.html +109 -0
- package/.reports/executive-summary_2026-06-20_327af8f5.html +109 -0
- package/.reports/executive-summary_2026-06-20_3418c729.html +109 -0
- package/.reports/executive-summary_2026-06-20_3571763d.html +109 -0
- package/.reports/executive-summary_2026-06-20_36225353.html +109 -0
- package/.reports/executive-summary_2026-06-20_3b2de891.html +109 -0
- package/.reports/executive-summary_2026-06-20_45b980c2.html +109 -0
- package/.reports/executive-summary_2026-06-20_46fcbf17.html +109 -0
- package/.reports/executive-summary_2026-06-20_48c8fa5e.html +109 -0
- package/.reports/executive-summary_2026-06-20_4ba55c43.html +109 -0
- package/.reports/executive-summary_2026-06-20_4f4498e6.html +109 -0
- package/.reports/executive-summary_2026-06-20_54c33bf0.html +109 -0
- package/.reports/executive-summary_2026-06-20_54cc7077.html +109 -0
- package/.reports/executive-summary_2026-06-20_5a12912e.html +109 -0
- package/.reports/executive-summary_2026-06-20_636fac87.html +109 -0
- package/.reports/executive-summary_2026-06-20_6587faaf.html +109 -0
- package/.reports/executive-summary_2026-06-20_6adbdd03.html +109 -0
- package/.reports/executive-summary_2026-06-20_6bf344ec.html +109 -0
- package/.reports/executive-summary_2026-06-20_7142aeed.html +109 -0
- package/.reports/executive-summary_2026-06-20_72bc0ceb.html +109 -0
- package/.reports/executive-summary_2026-06-20_775752ac.html +109 -0
- package/.reports/executive-summary_2026-06-20_7a9c3223.html +109 -0
- package/.reports/executive-summary_2026-06-20_808e6376.html +109 -0
- package/.reports/executive-summary_2026-06-20_8de9142d.html +109 -0
- package/.reports/executive-summary_2026-06-20_91981fbe.html +109 -0
- package/.reports/executive-summary_2026-06-20_93191c8c.html +109 -0
- package/.reports/executive-summary_2026-06-20_9be48a87.html +109 -0
- package/.reports/executive-summary_2026-06-20_9c127198.html +109 -0
- package/.reports/executive-summary_2026-06-20_9ee303ac.html +109 -0
- package/.reports/executive-summary_2026-06-20_9ee52709.html +109 -0
- package/.reports/executive-summary_2026-06-20_a0fa27de.html +109 -0
- package/.reports/executive-summary_2026-06-20_a1813e47.html +109 -0
- package/.reports/executive-summary_2026-06-20_a974edc1.html +109 -0
- package/.reports/executive-summary_2026-06-20_aa711737.html +109 -0
- package/.reports/executive-summary_2026-06-20_aa752246.html +109 -0
- package/.reports/executive-summary_2026-06-20_ac6f0927.html +109 -0
- package/.reports/executive-summary_2026-06-20_b231b143.html +109 -0
- package/.reports/executive-summary_2026-06-20_b570a2bd.html +109 -0
- package/.reports/executive-summary_2026-06-20_b6fbf650.html +109 -0
- package/.reports/executive-summary_2026-06-20_b9f8ddf3.html +109 -0
- package/.reports/executive-summary_2026-06-20_bf95cc63.html +109 -0
- package/.reports/executive-summary_2026-06-20_c0d0aefe.html +109 -0
- package/.reports/executive-summary_2026-06-20_c1933c36.html +109 -0
- package/.reports/executive-summary_2026-06-20_c99bba8a.html +109 -0
- package/.reports/executive-summary_2026-06-20_cc3846ac.html +109 -0
- package/.reports/executive-summary_2026-06-20_d485993c.html +109 -0
- package/.reports/executive-summary_2026-06-20_d56f75f7.html +109 -0
- package/.reports/executive-summary_2026-06-20_d57660cc.html +109 -0
- package/.reports/executive-summary_2026-06-20_dc036f62.html +109 -0
- package/.reports/executive-summary_2026-06-20_df783f47.html +109 -0
- package/.reports/executive-summary_2026-06-20_e2191adb.html +109 -0
- package/.reports/executive-summary_2026-06-20_e9f1d504.html +109 -0
- package/.reports/executive-summary_2026-06-20_ea82f5e1.html +109 -0
- package/.reports/executive-summary_2026-06-20_ec3e70cb.html +109 -0
- package/.reports/executive-summary_2026-06-20_ee6cf902.html +109 -0
- package/.reports/executive-summary_2026-06-20_f6cb657c.html +109 -0
- package/.reports/executive-summary_2026-06-20_f8c60046.html +109 -0
- package/.reports/executive-summary_2026-06-20_fa184840.html +109 -0
- package/.reports/executive-summary_2026-06-20_fc88bcb4.html +109 -0
- package/.reports/executive-summary_2026-06-20_ffa79c4e.html +109 -0
- package/README.md +53 -0
- package/dist/automation/actionApprover.d.ts +89 -0
- package/dist/automation/actionApprover.d.ts.map +1 -0
- package/dist/automation/actionApprover.js +264 -0
- package/dist/automation/actionApprover.js.map +1 -0
- package/dist/automation/actionExecutor.d.ts +125 -0
- package/dist/automation/actionExecutor.d.ts.map +1 -0
- package/dist/automation/actionExecutor.js +304 -0
- package/dist/automation/actionExecutor.js.map +1 -0
- package/dist/automation/alertRules.d.ts +55 -0
- package/dist/automation/alertRules.d.ts.map +1 -0
- package/dist/automation/alertRules.js +70 -0
- package/dist/automation/alertRules.js.map +1 -0
- package/dist/automation/alertSystem.d.ts +109 -0
- package/dist/automation/alertSystem.d.ts.map +1 -0
- package/dist/automation/alertSystem.js +303 -0
- package/dist/automation/alertSystem.js.map +1 -0
- package/dist/automation/competitorResponse.d.ts +119 -0
- package/dist/automation/competitorResponse.d.ts.map +1 -0
- package/dist/automation/competitorResponse.js +343 -0
- package/dist/automation/competitorResponse.js.map +1 -0
- package/dist/automation/composioClient.d.ts +107 -0
- package/dist/automation/composioClient.d.ts.map +1 -0
- package/dist/automation/composioClient.js +286 -0
- package/dist/automation/composioClient.js.map +1 -0
- package/dist/automation/crmExport.d.ts +116 -0
- package/dist/automation/crmExport.d.ts.map +1 -0
- package/dist/automation/crmExport.js +282 -0
- package/dist/automation/crmExport.js.map +1 -0
- package/dist/automation/crmIntegration.d.ts +83 -0
- package/dist/automation/crmIntegration.d.ts.map +1 -0
- package/dist/automation/crmIntegration.js +207 -0
- package/dist/automation/crmIntegration.js.map +1 -0
- package/dist/automation/gmailIntegration.d.ts +73 -0
- package/dist/automation/gmailIntegration.d.ts.map +1 -0
- package/dist/automation/gmailIntegration.js +184 -0
- package/dist/automation/gmailIntegration.js.map +1 -0
- package/dist/automation/index.d.ts +17 -0
- package/dist/automation/index.d.ts.map +1 -0
- package/dist/automation/index.js +17 -0
- package/dist/automation/index.js.map +1 -0
- package/dist/automation/jiraIntegration.d.ts +103 -0
- package/dist/automation/jiraIntegration.d.ts.map +1 -0
- package/dist/automation/jiraIntegration.js +222 -0
- package/dist/automation/jiraIntegration.js.map +1 -0
- package/dist/automation/jobQueue.d.ts +98 -0
- package/dist/automation/jobQueue.d.ts.map +1 -0
- package/dist/automation/jobQueue.js +207 -0
- package/dist/automation/jobQueue.js.map +1 -0
- package/dist/automation/leadQualification.d.ts +60 -0
- package/dist/automation/leadQualification.d.ts.map +1 -0
- package/dist/automation/leadQualification.js +204 -0
- package/dist/automation/leadQualification.js.map +1 -0
- package/dist/automation/qualificationRules.d.ts +100 -0
- package/dist/automation/qualificationRules.d.ts.map +1 -0
- package/dist/automation/qualificationRules.js +202 -0
- package/dist/automation/qualificationRules.js.map +1 -0
- package/dist/automation/responseTemplates.d.ts +64 -0
- package/dist/automation/responseTemplates.d.ts.map +1 -0
- package/dist/automation/responseTemplates.js +374 -0
- package/dist/automation/responseTemplates.js.map +1 -0
- package/dist/automation/scheduler.d.ts +85 -0
- package/dist/automation/scheduler.d.ts.map +1 -0
- package/dist/automation/scheduler.js +194 -0
- package/dist/automation/scheduler.js.map +1 -0
- package/dist/automation/types.d.ts +223 -0
- package/dist/automation/types.d.ts.map +1 -0
- package/dist/automation/types.js +32 -0
- package/dist/automation/types.js.map +1 -0
- package/dist/cli/index.d.ts +3 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +575 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/compression/caveman.d.ts +14 -0
- package/dist/compression/caveman.d.ts.map +1 -0
- package/dist/compression/caveman.js +188 -0
- package/dist/compression/caveman.js.map +1 -0
- package/dist/compression/caveman.test.d.ts +2 -0
- package/dist/compression/caveman.test.d.ts.map +1 -0
- package/dist/compression/caveman.test.js.map +1 -0
- package/dist/config/configManager.d.ts +6 -0
- package/dist/config/configManager.d.ts.map +1 -0
- package/dist/config/configManager.js +62 -0
- package/dist/config/configManager.js.map +1 -0
- package/dist/config/schema.d.ts +95 -0
- package/dist/config/schema.d.ts.map +1 -0
- package/dist/config/schema.js +19 -0
- package/dist/config/schema.js.map +1 -0
- package/dist/context/autoCompact.d.ts +19 -0
- package/dist/context/autoCompact.d.ts.map +1 -0
- package/dist/context/autoCompact.js +101 -0
- package/dist/context/autoCompact.js.map +1 -0
- package/dist/context/readDedup.d.ts +21 -0
- package/dist/context/readDedup.d.ts.map +1 -0
- package/dist/context/readDedup.js +55 -0
- package/dist/context/readDedup.js.map +1 -0
- package/dist/context/toolBudgets.d.ts +15 -0
- package/dist/context/toolBudgets.d.ts.map +1 -0
- package/dist/context/toolBudgets.js +35 -0
- package/dist/context/toolBudgets.js.map +1 -0
- package/dist/core/auditLogger.d.ts +30 -0
- package/dist/core/auditLogger.d.ts.map +1 -0
- package/dist/core/auditLogger.js +51 -0
- package/dist/core/auditLogger.js.map +1 -0
- package/dist/core/stateManager.d.ts +10 -0
- package/dist/core/stateManager.d.ts.map +1 -0
- package/dist/core/stateManager.js +59 -0
- package/dist/core/stateManager.js.map +1 -0
- package/dist/database/feedbackSchema.d.ts +80 -0
- package/dist/database/feedbackSchema.d.ts.map +1 -0
- package/dist/database/feedbackSchema.js +94 -0
- package/dist/database/feedbackSchema.js.map +1 -0
- package/dist/database/leadsSchema.d.ts +99 -0
- package/dist/database/leadsSchema.d.ts.map +1 -0
- package/dist/database/leadsSchema.js +136 -0
- package/dist/database/leadsSchema.js.map +1 -0
- package/dist/intelligence/competitorScoring.d.ts +25 -0
- package/dist/intelligence/competitorScoring.d.ts.map +1 -0
- package/dist/intelligence/competitorScoring.js +181 -0
- package/dist/intelligence/competitorScoring.js.map +1 -0
- package/dist/intelligence/competitorTracker.d.ts +36 -0
- package/dist/intelligence/competitorTracker.d.ts.map +1 -0
- package/dist/intelligence/competitorTracker.js +286 -0
- package/dist/intelligence/competitorTracker.js.map +1 -0
- package/dist/intelligence/competitorTypes.d.ts +93 -0
- package/dist/intelligence/competitorTypes.d.ts.map +1 -0
- package/dist/intelligence/competitorTypes.js +6 -0
- package/dist/intelligence/competitorTypes.js.map +1 -0
- package/dist/intelligence/competitors.json +76 -0
- package/dist/intelligence/feedbackLoop.d.ts +118 -0
- package/dist/intelligence/feedbackLoop.d.ts.map +1 -0
- package/dist/intelligence/feedbackLoop.js +368 -0
- package/dist/intelligence/feedbackLoop.js.map +1 -0
- package/dist/intelligence/gitHubTracker.d.ts +14 -0
- package/dist/intelligence/gitHubTracker.d.ts.map +1 -0
- package/dist/intelligence/gitHubTracker.js +153 -0
- package/dist/intelligence/gitHubTracker.js.map +1 -0
- package/dist/intelligence/hackerNewsScanner.d.ts +21 -0
- package/dist/intelligence/hackerNewsScanner.d.ts.map +1 -0
- package/dist/intelligence/hackerNewsScanner.js +88 -0
- package/dist/intelligence/hackerNewsScanner.js.map +1 -0
- package/dist/intelligence/hiringSignals.d.ts +16 -0
- package/dist/intelligence/hiringSignals.d.ts.map +1 -0
- package/dist/intelligence/hiringSignals.js +132 -0
- package/dist/intelligence/hiringSignals.js.map +1 -0
- package/dist/intelligence/index.d.ts +9 -0
- package/dist/intelligence/index.d.ts.map +1 -0
- package/dist/intelligence/index.js +9 -0
- package/dist/intelligence/index.js.map +1 -0
- package/dist/intelligence/leadEnrichment.d.ts +59 -0
- package/dist/intelligence/leadEnrichment.d.ts.map +1 -0
- package/dist/intelligence/leadEnrichment.js +209 -0
- package/dist/intelligence/leadEnrichment.js.map +1 -0
- package/dist/intelligence/leadEnrichmentTypes.d.ts +49 -0
- package/dist/intelligence/leadEnrichmentTypes.d.ts.map +1 -0
- package/dist/intelligence/leadEnrichmentTypes.js +7 -0
- package/dist/intelligence/leadEnrichmentTypes.js.map +1 -0
- package/dist/intelligence/marketScanner.d.ts +18 -0
- package/dist/intelligence/marketScanner.d.ts.map +1 -0
- package/dist/intelligence/marketScanner.js +225 -0
- package/dist/intelligence/marketScanner.js.map +1 -0
- package/dist/intelligence/polymarketScanner.d.ts +20 -0
- package/dist/intelligence/polymarketScanner.d.ts.map +1 -0
- package/dist/intelligence/polymarketScanner.js +88 -0
- package/dist/intelligence/polymarketScanner.js.map +1 -0
- package/dist/intelligence/redditScanner.d.ts +22 -0
- package/dist/intelligence/redditScanner.d.ts.map +1 -0
- package/dist/intelligence/redditScanner.js +89 -0
- package/dist/intelligence/redditScanner.js.map +1 -0
- package/dist/intelligence/signalAggregator.d.ts +10 -0
- package/dist/intelligence/signalAggregator.d.ts.map +1 -0
- package/dist/intelligence/signalAggregator.js +64 -0
- package/dist/intelligence/signalAggregator.js.map +1 -0
- package/dist/intelligence/trendAnalysis.d.ts +13 -0
- package/dist/intelligence/trendAnalysis.d.ts.map +1 -0
- package/dist/intelligence/trendAnalysis.js +106 -0
- package/dist/intelligence/trendAnalysis.js.map +1 -0
- package/dist/intelligence/twitterScanner.d.ts +22 -0
- package/dist/intelligence/twitterScanner.d.ts.map +1 -0
- package/dist/intelligence/twitterScanner.js +63 -0
- package/dist/intelligence/twitterScanner.js.map +1 -0
- package/dist/intelligence/types.d.ts +566 -0
- package/dist/intelligence/types.d.ts.map +1 -0
- package/dist/intelligence/types.js +87 -0
- package/dist/intelligence/types.js.map +1 -0
- package/dist/intelligence/userComplaints.d.ts +15 -0
- package/dist/intelligence/userComplaints.d.ts.map +1 -0
- package/dist/intelligence/userComplaints.js +193 -0
- package/dist/intelligence/userComplaints.js.map +1 -0
- package/dist/metrics/businessMetrics.d.ts +41 -0
- package/dist/metrics/businessMetrics.d.ts.map +1 -0
- package/dist/metrics/businessMetrics.js +120 -0
- package/dist/metrics/businessMetrics.js.map +1 -0
- package/dist/metrics/businessMetrics.test.d.ts +2 -0
- package/dist/metrics/businessMetrics.test.d.ts.map +1 -0
- package/dist/metrics/businessMetrics.test.js.map +1 -0
- package/dist/metrics/businessMetricsAgg.d.ts +85 -0
- package/dist/metrics/businessMetricsAgg.d.ts.map +1 -0
- package/dist/metrics/businessMetricsAgg.js +406 -0
- package/dist/metrics/businessMetricsAgg.js.map +1 -0
- package/dist/metrics/competitorMetrics.d.ts +57 -0
- package/dist/metrics/competitorMetrics.d.ts.map +1 -0
- package/dist/metrics/competitorMetrics.js +94 -0
- package/dist/metrics/competitorMetrics.js.map +1 -0
- package/dist/metrics/dashboardGenerator.d.ts +16 -0
- package/dist/metrics/dashboardGenerator.d.ts.map +1 -0
- package/dist/metrics/dashboardGenerator.js +313 -0
- package/dist/metrics/dashboardGenerator.js.map +1 -0
- package/dist/metrics/dashboardHTML.d.ts +18 -0
- package/dist/metrics/dashboardHTML.d.ts.map +1 -0
- package/dist/metrics/dashboardHTML.js +613 -0
- package/dist/metrics/dashboardHTML.js.map +1 -0
- package/dist/metrics/grafanaExport.d.ts +53 -0
- package/dist/metrics/grafanaExport.d.ts.map +1 -0
- package/dist/metrics/grafanaExport.js +277 -0
- package/dist/metrics/grafanaExport.js.map +1 -0
- package/dist/metrics/index.d.ts +17 -0
- package/dist/metrics/index.d.ts.map +1 -0
- package/dist/metrics/index.js +17 -0
- package/dist/metrics/index.js.map +1 -0
- package/dist/metrics/leadsMetrics.d.ts +48 -0
- package/dist/metrics/leadsMetrics.d.ts.map +1 -0
- package/dist/metrics/leadsMetrics.js +82 -0
- package/dist/metrics/leadsMetrics.js.map +1 -0
- package/dist/metrics/leadsMetrics.test.d.ts +2 -0
- package/dist/metrics/leadsMetrics.test.d.ts.map +1 -0
- package/dist/metrics/leadsMetrics.test.js.map +1 -0
- package/dist/metrics/metricsTypes.d.ts +114 -0
- package/dist/metrics/metricsTypes.d.ts.map +1 -0
- package/dist/metrics/metricsTypes.js +7 -0
- package/dist/metrics/metricsTypes.js.map +1 -0
- package/dist/metrics/revenueProjection.d.ts +44 -0
- package/dist/metrics/revenueProjection.d.ts.map +1 -0
- package/dist/metrics/revenueProjection.js +239 -0
- package/dist/metrics/revenueProjection.js.map +1 -0
- package/dist/metrics/revenueTypes.d.ts +62 -0
- package/dist/metrics/revenueTypes.d.ts.map +1 -0
- package/dist/metrics/revenueTypes.js +7 -0
- package/dist/metrics/revenueTypes.js.map +1 -0
- package/dist/metrics/roiCalculator.d.ts +39 -0
- package/dist/metrics/roiCalculator.d.ts.map +1 -0
- package/dist/metrics/roiCalculator.js +128 -0
- package/dist/metrics/roiCalculator.js.map +1 -0
- package/dist/metrics/roiCalculator.test.d.ts +2 -0
- package/dist/metrics/roiCalculator.test.d.ts.map +1 -0
- package/dist/metrics/roiCalculator.test.js.map +1 -0
- package/dist/metrics/trendMetrics.d.ts +51 -0
- package/dist/metrics/trendMetrics.d.ts.map +1 -0
- package/dist/metrics/trendMetrics.js +116 -0
- package/dist/metrics/trendMetrics.js.map +1 -0
- package/dist/modes/conservativeCTOMode.d.ts +32 -0
- package/dist/modes/conservativeCTOMode.d.ts.map +1 -0
- package/dist/modes/conservativeCTOMode.js +98 -0
- package/dist/modes/conservativeCTOMode.js.map +1 -0
- package/dist/modes/index.d.ts +3 -0
- package/dist/modes/index.d.ts.map +1 -0
- package/dist/modes/index.js +3 -0
- package/dist/modes/index.js.map +1 -0
- package/dist/modes/seniorDeveloperMode.d.ts +17 -0
- package/dist/modes/seniorDeveloperMode.d.ts.map +1 -0
- package/dist/modes/seniorDeveloperMode.js +77 -0
- package/dist/modes/seniorDeveloperMode.js.map +1 -0
- package/dist/recovery/contextRecovery.d.ts +28 -0
- package/dist/recovery/contextRecovery.d.ts.map +1 -0
- package/dist/recovery/contextRecovery.js +113 -0
- package/dist/recovery/contextRecovery.js.map +1 -0
- package/dist/repair/errorDiagnostics.d.ts +28 -0
- package/dist/repair/errorDiagnostics.d.ts.map +1 -0
- package/dist/repair/errorDiagnostics.js +158 -0
- package/dist/repair/errorDiagnostics.js.map +1 -0
- package/dist/repair/skillCapture.d.ts +22 -0
- package/dist/repair/skillCapture.d.ts.map +1 -0
- package/dist/repair/skillCapture.js +119 -0
- package/dist/repair/skillCapture.js.map +1 -0
- package/dist/reporting/reportGenerator.d.ts +117 -0
- package/dist/reporting/reportGenerator.d.ts.map +1 -0
- package/dist/reporting/reportGenerator.js +613 -0
- package/dist/reporting/reportGenerator.js.map +1 -0
- package/dist/reporting/templates.d.ts +68 -0
- package/dist/reporting/templates.d.ts.map +1 -0
- package/dist/reporting/templates.js +629 -0
- package/dist/reporting/templates.js.map +1 -0
- package/dist/security/owaspScanner.d.ts +74 -0
- package/dist/security/owaspScanner.d.ts.map +1 -0
- package/dist/security/owaspScanner.js +309 -0
- package/dist/security/owaspScanner.js.map +1 -0
- package/dist/security/piiRedaction.d.ts +67 -0
- package/dist/security/piiRedaction.d.ts.map +1 -0
- package/dist/security/piiRedaction.js +189 -0
- package/dist/security/piiRedaction.js.map +1 -0
- package/dist/security/secretsDetection.d.ts +47 -0
- package/dist/security/secretsDetection.d.ts.map +1 -0
- package/dist/security/secretsDetection.js +272 -0
- package/dist/security/secretsDetection.js.map +1 -0
- package/dist/subagents/builder.d.ts +33 -0
- package/dist/subagents/builder.d.ts.map +1 -0
- package/dist/subagents/builder.js +158 -0
- package/dist/subagents/builder.js.map +1 -0
- package/dist/subagents/investigator.d.ts +31 -0
- package/dist/subagents/investigator.d.ts.map +1 -0
- package/dist/subagents/investigator.js +166 -0
- package/dist/subagents/investigator.js.map +1 -0
- package/dist/subagents/orchestrator.d.ts +48 -0
- package/dist/subagents/orchestrator.d.ts.map +1 -0
- package/dist/subagents/orchestrator.js +151 -0
- package/dist/subagents/orchestrator.js.map +1 -0
- package/dist/subagents/reviewer.d.ts +31 -0
- package/dist/subagents/reviewer.d.ts.map +1 -0
- package/dist/subagents/reviewer.js +154 -0
- package/dist/subagents/reviewer.js.map +1 -0
- package/dist/telemetry/tokenCounter.d.ts +21 -0
- package/dist/telemetry/tokenCounter.d.ts.map +1 -0
- package/dist/telemetry/tokenCounter.js +49 -0
- package/dist/telemetry/tokenCounter.js.map +1 -0
- package/package.json +61 -0
- package/src/automation/actionApprover.ts +342 -0
- package/src/automation/actionExecutor.ts +399 -0
- package/src/automation/alertRules.ts +113 -0
- package/src/automation/alertSystem.ts +402 -0
- package/src/automation/competitorResponse.ts +511 -0
- package/src/automation/composioClient.ts +360 -0
- package/src/automation/crmExport.ts +407 -0
- package/src/automation/crmIntegration.ts +268 -0
- package/src/automation/gmailIntegration.ts +244 -0
- package/src/automation/index.ts +17 -0
- package/src/automation/jiraIntegration.ts +310 -0
- package/src/automation/jobQueue.ts +278 -0
- package/src/automation/leadQualification.ts +270 -0
- package/src/automation/qualificationRules.ts +304 -0
- package/src/automation/responseTemplates.ts +419 -0
- package/src/automation/scheduler.ts +254 -0
- package/src/automation/types.ts +270 -0
- package/src/cli/index.ts +646 -0
- package/src/compression/caveman.ts +257 -0
- package/src/config/configManager.ts +63 -0
- package/src/config/schema.ts +27 -0
- package/src/context/autoCompact.ts +123 -0
- package/src/context/readDedup.ts +84 -0
- package/src/context/toolBudgets.ts +43 -0
- package/src/core/auditLogger.ts +69 -0
- package/src/core/stateManager.ts +73 -0
- package/src/database/feedbackSchema.ts +168 -0
- package/src/database/leadsSchema.ts +205 -0
- package/src/intelligence/competitorScoring.ts +292 -0
- package/src/intelligence/competitorTracker.ts +362 -0
- package/src/intelligence/competitorTypes.ts +100 -0
- package/src/intelligence/competitors.json +76 -0
- package/src/intelligence/feedbackLoop.ts +538 -0
- package/src/intelligence/gitHubTracker.ts +204 -0
- package/src/intelligence/hackerNewsScanner.ts +121 -0
- package/src/intelligence/hiringSignals.ts +162 -0
- package/src/intelligence/index.ts +9 -0
- package/src/intelligence/leadEnrichment.ts +275 -0
- package/src/intelligence/leadEnrichmentTypes.ts +54 -0
- package/src/intelligence/marketScanner.ts +285 -0
- package/src/intelligence/polymarketScanner.ts +120 -0
- package/src/intelligence/redditScanner.ts +122 -0
- package/src/intelligence/signalAggregator.ts +94 -0
- package/src/intelligence/trendAnalysis.ts +140 -0
- package/src/intelligence/twitterScanner.ts +94 -0
- package/src/intelligence/types.ts +130 -0
- package/src/intelligence/userComplaints.ts +236 -0
- package/src/metrics/businessMetrics.ts +186 -0
- package/src/metrics/businessMetricsAgg.ts +554 -0
- package/src/metrics/competitorMetrics.ts +175 -0
- package/src/metrics/dashboardGenerator.ts +335 -0
- package/src/metrics/dashboardHTML.ts +637 -0
- package/src/metrics/grafanaExport.ts +347 -0
- package/src/metrics/index.ts +17 -0
- package/src/metrics/leadsMetrics.ts +145 -0
- package/src/metrics/metricsTypes.ts +129 -0
- package/src/metrics/revenueProjection.ts +319 -0
- package/src/metrics/revenueTypes.ts +67 -0
- package/src/metrics/roiCalculator.ts +199 -0
- package/src/metrics/trendMetrics.ts +190 -0
- package/src/modes/conservativeCTOMode.ts +124 -0
- package/src/modes/index.ts +6 -0
- package/src/modes/seniorDeveloperMode.ts +94 -0
- package/src/recovery/contextRecovery.ts +141 -0
- package/src/repair/errorDiagnostics.ts +198 -0
- package/src/repair/skillCapture.ts +157 -0
- package/src/reporting/reportGenerator.ts +802 -0
- package/src/reporting/templates.ts +677 -0
- package/src/security/owaspScanner.ts +390 -0
- package/src/security/phase8Hardening.ts +536 -0
- package/src/security/piiRedaction.ts +215 -0
- package/src/security/secretsDetection.js +271 -0
- package/src/security/secretsDetection.ts +318 -0
- package/src/subagents/builder.ts +277 -0
- package/src/subagents/investigator.ts +224 -0
- package/src/subagents/orchestrator.ts +212 -0
- package/src/subagents/reviewer.ts +215 -0
- package/src/telemetry/tokenCounter.ts +81 -0
|
@@ -0,0 +1,215 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* PII Redaction Module
|
|
3
|
+
* Masks personally identifiable information in logs and metrics
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
import { createHash } from 'crypto';
|
|
7
|
+
|
|
8
|
+
const PATTERNS = {
|
|
9
|
+
EMAIL: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/g,
|
|
10
|
+
PHONE: /(\d{3})[-.\s]?(\d{3})[-.\s]?(\d{4})/g,
|
|
11
|
+
SSN: /(\d{3})[-]?(\d{2})[-]?(\d{4})/g,
|
|
12
|
+
CREDIT_CARD: /\b(?:\d{4}[-\s]?){3}\d{4}\b/g,
|
|
13
|
+
IPV4: /\b(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b/g,
|
|
14
|
+
UUID: /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/gi,
|
|
15
|
+
SESSION_ID: /(?:sessionId|session_id|sid)['":\s=]*([a-zA-Z0-9-]{20,})/gi,
|
|
16
|
+
USER_ID: /(?:userId|user_id|uid)['":\s=]*(\d+|[a-f0-9-]{36})/gi,
|
|
17
|
+
};
|
|
18
|
+
|
|
19
|
+
/**
|
|
20
|
+
* Mask email address
|
|
21
|
+
* user@example.com → user@***.com
|
|
22
|
+
*/
|
|
23
|
+
export function redactEmail(email: string): string {
|
|
24
|
+
return email.replace(PATTERNS.EMAIL, (match) => {
|
|
25
|
+
const [local, domain] = match.split('@');
|
|
26
|
+
return `${local}@***.${domain.split('.').pop()}`;
|
|
27
|
+
});
|
|
28
|
+
}
|
|
29
|
+
|
|
30
|
+
/**
|
|
31
|
+
* Mask phone number
|
|
32
|
+
* 555-123-4567 → ***-***-4567
|
|
33
|
+
*/
|
|
34
|
+
export function redactPhone(phone: string): string {
|
|
35
|
+
return phone.replace(PATTERNS.PHONE, '***-***-$3');
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
/**
|
|
39
|
+
* Mask SSN
|
|
40
|
+
* 123-45-6789 → ***-**-6789
|
|
41
|
+
*/
|
|
42
|
+
export function redactSSN(ssn: string): string {
|
|
43
|
+
return ssn.replace(PATTERNS.SSN, '***-**-$3');
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
/**
|
|
47
|
+
* Mask credit card
|
|
48
|
+
* 1234-5678-9012-3456 → **-3456
|
|
49
|
+
*/
|
|
50
|
+
export function redactCreditCard(text: string): string {
|
|
51
|
+
return text.replace(PATTERNS.CREDIT_CARD, (match) => {
|
|
52
|
+
const lastFour = match.replace(/\D/g, '').slice(-4);
|
|
53
|
+
return `**-${lastFour}`;
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
/**
|
|
58
|
+
* Mask IPv4 address
|
|
59
|
+
* 192.168.1.1 → 192.168.*.*
|
|
60
|
+
*/
|
|
61
|
+
export function redactIPv4(text: string): string {
|
|
62
|
+
return text.replace(PATTERNS.IPV4, (match) => {
|
|
63
|
+
const parts = match.split('.');
|
|
64
|
+
return `${parts[0]}.${parts[1]}.*.*`;
|
|
65
|
+
});
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
/**
|
|
69
|
+
* Hash session ID for logs
|
|
70
|
+
* Allows correlation without exposing the actual ID
|
|
71
|
+
*/
|
|
72
|
+
export function redactSessionId(sessionId: string): string {
|
|
73
|
+
if (!sessionId) return 'unknown';
|
|
74
|
+
const hash = createHash('sha256').update(sessionId).digest('hex');
|
|
75
|
+
return hash.substring(0, 8);
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
/**
|
|
79
|
+
* Hash user ID for logs
|
|
80
|
+
* Allows correlation without exposing the actual ID
|
|
81
|
+
*/
|
|
82
|
+
export function redactUserId(userId: string | number): string {
|
|
83
|
+
if (!userId) return 'unknown';
|
|
84
|
+
const str = String(userId);
|
|
85
|
+
const hash = createHash('sha256').update(str).digest('hex');
|
|
86
|
+
return hash.substring(0, 8);
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
/**
|
|
90
|
+
* Mask UUID
|
|
91
|
+
* a1b2c3d4-e5f6-7890-abcd-ef1234567890 → a1b2****-****-****-****-****34567890
|
|
92
|
+
*/
|
|
93
|
+
export function redactUUID(text: string): string {
|
|
94
|
+
return text.replace(PATTERNS.UUID, (match) => {
|
|
95
|
+
return `${match.substring(0, 4)}****-****-****-****-****${match.substring(32)}`;
|
|
96
|
+
});
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
/**
|
|
100
|
+
* Redact all PII from a string
|
|
101
|
+
*/
|
|
102
|
+
export function redactText(text: string): string {
|
|
103
|
+
if (!text || typeof text !== 'string') return text;
|
|
104
|
+
|
|
105
|
+
let result = text;
|
|
106
|
+
result = redactEmail(result);
|
|
107
|
+
result = redactPhone(result);
|
|
108
|
+
result = redactSSN(result);
|
|
109
|
+
result = redactCreditCard(result);
|
|
110
|
+
result = redactIPv4(result);
|
|
111
|
+
result = redactUUID(result);
|
|
112
|
+
|
|
113
|
+
return result;
|
|
114
|
+
}
|
|
115
|
+
|
|
116
|
+
/**
|
|
117
|
+
* Redact PII from metrics payload
|
|
118
|
+
*/
|
|
119
|
+
export function redactMetrics(metrics: any): any {
|
|
120
|
+
if (!metrics || typeof metrics !== 'object') return metrics;
|
|
121
|
+
|
|
122
|
+
const redacted = JSON.parse(JSON.stringify(metrics));
|
|
123
|
+
|
|
124
|
+
// Redact known PII fields
|
|
125
|
+
const piiFields = [
|
|
126
|
+
'email',
|
|
127
|
+
'phone',
|
|
128
|
+
'ssn',
|
|
129
|
+
'creditCard',
|
|
130
|
+
'userId',
|
|
131
|
+
'userName',
|
|
132
|
+
'sessionId',
|
|
133
|
+
'ipAddress',
|
|
134
|
+
'hostname',
|
|
135
|
+
];
|
|
136
|
+
|
|
137
|
+
for (const field of piiFields) {
|
|
138
|
+
if (redacted[field]) {
|
|
139
|
+
switch (field) {
|
|
140
|
+
case 'email':
|
|
141
|
+
redacted[field] = redactEmail(redacted[field]);
|
|
142
|
+
break;
|
|
143
|
+
case 'phone':
|
|
144
|
+
redacted[field] = redactPhone(redacted[field]);
|
|
145
|
+
break;
|
|
146
|
+
case 'ssn':
|
|
147
|
+
redacted[field] = redactSSN(redacted[field]);
|
|
148
|
+
break;
|
|
149
|
+
case 'creditCard':
|
|
150
|
+
redacted[field] = redactCreditCard(redacted[field]);
|
|
151
|
+
break;
|
|
152
|
+
case 'userId':
|
|
153
|
+
redacted[field] = redactUserId(redacted[field]);
|
|
154
|
+
break;
|
|
155
|
+
case 'sessionId':
|
|
156
|
+
redacted[field] = redactSessionId(redacted[field]);
|
|
157
|
+
break;
|
|
158
|
+
case 'ipAddress':
|
|
159
|
+
redacted[field] = redactIPv4(redacted[field]);
|
|
160
|
+
break;
|
|
161
|
+
case 'hostname':
|
|
162
|
+
redacted[field] = `***`;
|
|
163
|
+
break;
|
|
164
|
+
}
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
|
|
168
|
+
// Recursively redact nested objects
|
|
169
|
+
for (const key in redacted) {
|
|
170
|
+
if (typeof redacted[key] === 'string') {
|
|
171
|
+
redacted[key] = redactText(redacted[key]);
|
|
172
|
+
} else if (typeof redacted[key] === 'object' && redacted[key] !== null) {
|
|
173
|
+
redacted[key] = redactMetrics(redacted[key]);
|
|
174
|
+
}
|
|
175
|
+
}
|
|
176
|
+
|
|
177
|
+
return redacted;
|
|
178
|
+
}
|
|
179
|
+
|
|
180
|
+
/**
|
|
181
|
+
* Create a safe log entry with PII redacted
|
|
182
|
+
*/
|
|
183
|
+
export function createSafeLogEntry(
|
|
184
|
+
level: string,
|
|
185
|
+
message: string,
|
|
186
|
+
context?: any
|
|
187
|
+
): {
|
|
188
|
+
level: string;
|
|
189
|
+
message: string;
|
|
190
|
+
timestamp: string;
|
|
191
|
+
context?: any;
|
|
192
|
+
} {
|
|
193
|
+
return {
|
|
194
|
+
level,
|
|
195
|
+
message: redactText(message),
|
|
196
|
+
timestamp: new Date().toISOString(),
|
|
197
|
+
context: context ? redactMetrics(context) : undefined,
|
|
198
|
+
};
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
/**
|
|
202
|
+
* Validate that no PII is present in the given text
|
|
203
|
+
* Returns true if PII is found, false if clean
|
|
204
|
+
*/
|
|
205
|
+
export function containsPII(text: string): boolean {
|
|
206
|
+
if (!text || typeof text !== 'string') return false;
|
|
207
|
+
|
|
208
|
+
return (
|
|
209
|
+
PATTERNS.EMAIL.test(text) ||
|
|
210
|
+
PATTERNS.PHONE.test(text) ||
|
|
211
|
+
PATTERNS.SSN.test(text) ||
|
|
212
|
+
PATTERNS.CREDIT_CARD.test(text) ||
|
|
213
|
+
PATTERNS.IPV4.test(text)
|
|
214
|
+
);
|
|
215
|
+
}
|
|
@@ -0,0 +1,271 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secrets Detection Module
|
|
3
|
+
* Scans for hardcoded credentials, API keys, tokens, and other sensitive data
|
|
4
|
+
*/
|
|
5
|
+
const PATTERNS = {
|
|
6
|
+
AWS_KEY: /AKIA[0-9A-Z]{16}/g,
|
|
7
|
+
GITHUB_PAT: /ghp_[A-Za-z0-9_]{36}/g,
|
|
8
|
+
ANTHROPIC_KEY: /sk-ant-[A-Za-z0-9_-]{48}/g,
|
|
9
|
+
OPENAI_KEY: /sk-[A-Za-z0-9]{20,}/g,
|
|
10
|
+
PRIVATE_KEY_RSA: /-----BEGIN RSA PRIVATE KEY-----[\s\S]*?-----END RSA PRIVATE KEY-----/g,
|
|
11
|
+
PRIVATE_KEY_EC: /-----BEGIN EC PRIVATE KEY-----[\s\S]*?-----END EC PRIVATE KEY-----/g,
|
|
12
|
+
PRIVATE_KEY_ED25519: /-----BEGIN PRIVATE KEY-----[\s\S]*?-----END PRIVATE KEY-----/g,
|
|
13
|
+
JWT_TOKEN: /eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/g,
|
|
14
|
+
PASSWORD_ASSIGNMENT: /(?:password|passwd|pwd)\s*[:=]\s*['"](.*?)['"]/gi,
|
|
15
|
+
DATABASE_URL: /(?:mongodb|mysql|postgresql|sqlite):[/\w:@.?#&=+-]*/gi,
|
|
16
|
+
SLACK_TOKEN: /xox[baprs]-[0-9a-zA-Z]{10,48}/g,
|
|
17
|
+
SLACK_WEBHOOK: /https:\/\/hooks\.slack\.com\/services\/[A-Z0-9]+\/[A-Z0-9]+\/[A-Za-z0-9]+/g,
|
|
18
|
+
STRIPE_KEY: /sk_(?:live|test)_[0-9a-zA-Z]{20,}/g,
|
|
19
|
+
TWILIO_AUTH: /AC[a-zA-Z0-9]{32}/g,
|
|
20
|
+
SENDGRID_KEY: /SG\.[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}/g,
|
|
21
|
+
};
|
|
22
|
+
/**
|
|
23
|
+
* Calculate Shannon entropy of a string
|
|
24
|
+
* Values > 4.0 indicate potential secrets
|
|
25
|
+
*/
|
|
26
|
+
export function calculateEntropy(text) {
|
|
27
|
+
if (!text || text.length === 0)
|
|
28
|
+
return 0;
|
|
29
|
+
const freq = {};
|
|
30
|
+
for (const char of text) {
|
|
31
|
+
freq[char] = (freq[char] || 0) + 1;
|
|
32
|
+
}
|
|
33
|
+
let entropy = 0;
|
|
34
|
+
for (const count of Object.values(freq)) {
|
|
35
|
+
const p = count / text.length;
|
|
36
|
+
entropy -= p * Math.log2(p);
|
|
37
|
+
}
|
|
38
|
+
return entropy;
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* Detect API keys in text
|
|
42
|
+
*/
|
|
43
|
+
export function detectAPIKey(text) {
|
|
44
|
+
const findings = [];
|
|
45
|
+
// AWS
|
|
46
|
+
for (const match of text.matchAll(PATTERNS.AWS_KEY)) {
|
|
47
|
+
findings.push({
|
|
48
|
+
type: 'AWS_ACCESS_KEY',
|
|
49
|
+
severity: 'CRITICAL',
|
|
50
|
+
pattern: match[0],
|
|
51
|
+
suggestion: 'Use AWS IAM roles or temporary credentials instead',
|
|
52
|
+
});
|
|
53
|
+
}
|
|
54
|
+
// GitHub
|
|
55
|
+
for (const match of text.matchAll(PATTERNS.GITHUB_PAT)) {
|
|
56
|
+
findings.push({
|
|
57
|
+
type: 'GITHUB_PAT',
|
|
58
|
+
severity: 'CRITICAL',
|
|
59
|
+
pattern: match[0],
|
|
60
|
+
suggestion: 'Use GitHub App or OAuth token with minimal scopes',
|
|
61
|
+
});
|
|
62
|
+
}
|
|
63
|
+
// Anthropic
|
|
64
|
+
for (const match of text.matchAll(PATTERNS.ANTHROPIC_KEY)) {
|
|
65
|
+
findings.push({
|
|
66
|
+
type: 'ANTHROPIC_API_KEY',
|
|
67
|
+
severity: 'CRITICAL',
|
|
68
|
+
pattern: match[0],
|
|
69
|
+
suggestion: 'Set ANTHROPIC_API_KEY as environment variable',
|
|
70
|
+
});
|
|
71
|
+
}
|
|
72
|
+
// OpenAI
|
|
73
|
+
for (const match of text.matchAll(PATTERNS.OPENAI_KEY)) {
|
|
74
|
+
findings.push({
|
|
75
|
+
type: 'OPENAI_API_KEY',
|
|
76
|
+
severity: 'CRITICAL',
|
|
77
|
+
pattern: match[0],
|
|
78
|
+
suggestion: 'Set OPENAI_API_KEY as environment variable',
|
|
79
|
+
});
|
|
80
|
+
}
|
|
81
|
+
// Slack
|
|
82
|
+
for (const match of text.matchAll(PATTERNS.SLACK_TOKEN)) {
|
|
83
|
+
findings.push({
|
|
84
|
+
type: 'SLACK_TOKEN',
|
|
85
|
+
severity: 'CRITICAL',
|
|
86
|
+
pattern: match[0],
|
|
87
|
+
suggestion: 'Use Slack token rotation and store in secrets manager',
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
// Stripe
|
|
91
|
+
for (const match of text.matchAll(PATTERNS.STRIPE_KEY)) {
|
|
92
|
+
findings.push({
|
|
93
|
+
type: 'STRIPE_API_KEY',
|
|
94
|
+
severity: 'CRITICAL',
|
|
95
|
+
pattern: match[0],
|
|
96
|
+
suggestion: 'Use environment variables for Stripe keys',
|
|
97
|
+
});
|
|
98
|
+
}
|
|
99
|
+
// Twilio
|
|
100
|
+
for (const match of text.matchAll(PATTERNS.TWILIO_AUTH)) {
|
|
101
|
+
findings.push({
|
|
102
|
+
type: 'TWILIO_AUTH_TOKEN',
|
|
103
|
+
severity: 'CRITICAL',
|
|
104
|
+
pattern: match[0],
|
|
105
|
+
suggestion: 'Store Twilio credentials in environment variables',
|
|
106
|
+
});
|
|
107
|
+
}
|
|
108
|
+
// SendGrid
|
|
109
|
+
for (const match of text.matchAll(PATTERNS.SENDGRID_KEY)) {
|
|
110
|
+
findings.push({
|
|
111
|
+
type: 'SENDGRID_API_KEY',
|
|
112
|
+
severity: 'CRITICAL',
|
|
113
|
+
pattern: match[0],
|
|
114
|
+
suggestion: 'Use environment variable for SendGrid API key',
|
|
115
|
+
});
|
|
116
|
+
}
|
|
117
|
+
return findings;
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Detect private keys in text
|
|
121
|
+
*/
|
|
122
|
+
export function detectPrivateKey(text) {
|
|
123
|
+
const findings = [];
|
|
124
|
+
// RSA
|
|
125
|
+
for (const match of text.matchAll(PATTERNS.PRIVATE_KEY_RSA)) {
|
|
126
|
+
findings.push({
|
|
127
|
+
type: 'RSA_PRIVATE_KEY',
|
|
128
|
+
severity: 'CRITICAL',
|
|
129
|
+
pattern: match[0].substring(0, 50) + '...',
|
|
130
|
+
suggestion: 'Move private key to separate .pem file, add to .gitignore',
|
|
131
|
+
});
|
|
132
|
+
}
|
|
133
|
+
// EC
|
|
134
|
+
for (const match of text.matchAll(PATTERNS.PRIVATE_KEY_EC)) {
|
|
135
|
+
findings.push({
|
|
136
|
+
type: 'EC_PRIVATE_KEY',
|
|
137
|
+
severity: 'CRITICAL',
|
|
138
|
+
pattern: match[0].substring(0, 50) + '...',
|
|
139
|
+
suggestion: 'Move private key to separate .pem file, add to .gitignore',
|
|
140
|
+
});
|
|
141
|
+
}
|
|
142
|
+
// Ed25519
|
|
143
|
+
for (const match of text.matchAll(PATTERNS.PRIVATE_KEY_ED25519)) {
|
|
144
|
+
findings.push({
|
|
145
|
+
type: 'ED25519_PRIVATE_KEY',
|
|
146
|
+
severity: 'CRITICAL',
|
|
147
|
+
pattern: match[0].substring(0, 50) + '...',
|
|
148
|
+
suggestion: 'Move private key to separate .pem file, add to .gitignore',
|
|
149
|
+
});
|
|
150
|
+
}
|
|
151
|
+
return findings;
|
|
152
|
+
}
|
|
153
|
+
/**
|
|
154
|
+
* Detect plaintext passwords in text
|
|
155
|
+
*/
|
|
156
|
+
export function detectPassword(text) {
|
|
157
|
+
const findings = [];
|
|
158
|
+
for (const match of text.matchAll(PATTERNS.PASSWORD_ASSIGNMENT)) {
|
|
159
|
+
const password = match[1];
|
|
160
|
+
if (password && password.length > 0) {
|
|
161
|
+
findings.push({
|
|
162
|
+
type: 'PLAINTEXT_PASSWORD',
|
|
163
|
+
severity: 'CRITICAL',
|
|
164
|
+
pattern: password.substring(0, 20) + '...',
|
|
165
|
+
suggestion: 'Use bcrypt or similar for password hashing, store in environment variables',
|
|
166
|
+
});
|
|
167
|
+
}
|
|
168
|
+
}
|
|
169
|
+
// Database URLs
|
|
170
|
+
for (const match of text.matchAll(PATTERNS.DATABASE_URL)) {
|
|
171
|
+
findings.push({
|
|
172
|
+
type: 'DATABASE_URL',
|
|
173
|
+
severity: 'HIGH',
|
|
174
|
+
pattern: match[0].substring(0, 40) + '...',
|
|
175
|
+
suggestion: 'Store database URLs in environment variables',
|
|
176
|
+
});
|
|
177
|
+
}
|
|
178
|
+
return findings;
|
|
179
|
+
}
|
|
180
|
+
/**
|
|
181
|
+
* Detect JWT tokens in text
|
|
182
|
+
*/
|
|
183
|
+
export function detectJWT(text) {
|
|
184
|
+
const findings = [];
|
|
185
|
+
for (const match of text.matchAll(PATTERNS.JWT_TOKEN)) {
|
|
186
|
+
const token = match[0];
|
|
187
|
+
try {
|
|
188
|
+
const parts = token.split('.');
|
|
189
|
+
if (parts.length === 3) {
|
|
190
|
+
const payload = JSON.parse(Buffer.from(parts[1], 'base64').toString('utf-8'));
|
|
191
|
+
findings.push({
|
|
192
|
+
type: 'JWT_TOKEN',
|
|
193
|
+
severity: 'HIGH',
|
|
194
|
+
pattern: token.substring(0, 30) + '...',
|
|
195
|
+
context: JSON.stringify(payload).substring(0, 100),
|
|
196
|
+
suggestion: 'Use short-lived tokens and refresh tokens, never hardcode',
|
|
197
|
+
});
|
|
198
|
+
}
|
|
199
|
+
}
|
|
200
|
+
catch {
|
|
201
|
+
findings.push({
|
|
202
|
+
type: 'JWT_TOKEN',
|
|
203
|
+
severity: 'HIGH',
|
|
204
|
+
pattern: token.substring(0, 30) + '...',
|
|
205
|
+
suggestion: 'Never hardcode JWT tokens, use session/environment',
|
|
206
|
+
});
|
|
207
|
+
}
|
|
208
|
+
}
|
|
209
|
+
return findings;
|
|
210
|
+
}
|
|
211
|
+
/**
|
|
212
|
+
* Detect high-entropy strings that may be secrets
|
|
213
|
+
*/
|
|
214
|
+
export function detectHighEntropyStrings(text, minLength = 20) {
|
|
215
|
+
const findings = [];
|
|
216
|
+
const lines = text.split('\n');
|
|
217
|
+
for (const line of lines) {
|
|
218
|
+
const tokens = line.split(/[\s=:"',;]/);
|
|
219
|
+
for (const token of tokens) {
|
|
220
|
+
if (token.length >= minLength && /^[a-zA-Z0-9_-]+$/.test(token)) {
|
|
221
|
+
const entropy = calculateEntropy(token);
|
|
222
|
+
if (entropy > 4.0) {
|
|
223
|
+
findings.push({
|
|
224
|
+
type: 'HIGH_ENTROPY_STRING',
|
|
225
|
+
severity: 'MEDIUM',
|
|
226
|
+
pattern: token.substring(0, 30) + '...',
|
|
227
|
+
entropy,
|
|
228
|
+
suggestion: 'Review this string - high entropy suggests it may be a secret or token',
|
|
229
|
+
});
|
|
230
|
+
}
|
|
231
|
+
}
|
|
232
|
+
}
|
|
233
|
+
}
|
|
234
|
+
return findings;
|
|
235
|
+
}
|
|
236
|
+
/**
|
|
237
|
+
* Main entry point: detect all secrets in text
|
|
238
|
+
*/
|
|
239
|
+
export function detectSecrets(text) {
|
|
240
|
+
if (!text || typeof text !== 'string') {
|
|
241
|
+
return [];
|
|
242
|
+
}
|
|
243
|
+
const findings = [
|
|
244
|
+
...detectPrivateKey(text),
|
|
245
|
+
...detectAPIKey(text),
|
|
246
|
+
...detectPassword(text),
|
|
247
|
+
...detectJWT(text),
|
|
248
|
+
...detectHighEntropyStrings(text),
|
|
249
|
+
];
|
|
250
|
+
// Deduplicate by pattern
|
|
251
|
+
const seen = new Set();
|
|
252
|
+
const unique = findings.filter((f) => {
|
|
253
|
+
if (seen.has(f.pattern))
|
|
254
|
+
return false;
|
|
255
|
+
seen.add(f.pattern);
|
|
256
|
+
return true;
|
|
257
|
+
});
|
|
258
|
+
// Sort by severity
|
|
259
|
+
const severityOrder = { CRITICAL: 0, HIGH: 1, MEDIUM: 2, LOW: 3 };
|
|
260
|
+
return unique.sort((a, b) => severityOrder[a.severity] - severityOrder[b.severity]);
|
|
261
|
+
}
|
|
262
|
+
/**
|
|
263
|
+
* Scan file content for secrets
|
|
264
|
+
*/
|
|
265
|
+
export async function scanFileForSecrets(filePath, content) {
|
|
266
|
+
const findings = detectSecrets(content);
|
|
267
|
+
return findings.map((f) => ({
|
|
268
|
+
...f,
|
|
269
|
+
location: filePath,
|
|
270
|
+
}));
|
|
271
|
+
}
|