qa360 2.0.11 → 2.0.13

package/examples/complete.yml

@@ -1,54 +1,146 @@
 # QA360 Example: Complete Test Suite
 # All quality gates enabled - comprehensive quality assurance
 
-version: 1
+version: 2
 name: complete-qa-suite
+description: Comprehensive QA suite with all quality gates
 
 gates:
-  - api_smoke  # API health checks
-  - ui         # Browser E2E tests
-  - a11y       # Accessibility (WCAG)
-  - perf       # Performance testing
-  - sast       # Static security analysis
-  - dast       # Dynamic security testing
-
-targets:
-  api:
-    baseUrl: "https://api.example.com"
-    smoke:
-      - "GET /health -> 200"
-      - "GET /status -> 200"
-      - "POST /login -> 200"
-
-  web:
-    baseUrl: "https://example.com"
-    pages:
-      - "https://example.com"
-      - "https://example.com/dashboard"
-
-# Quality budgets
-budgets:
-  perf_p95_ms: 2000  # P95 latency budget
-  a11y_min: 90       # Minimum accessibility score
-
-# Security thresholds
-security:
-  sast_max_high: 3  # Maximum high-severity SAST findings
-  secrets_leak: 0   # Must be zero
-
-# Docker Compose integration (optional - remove if not using Docker)
+  api-health:
+    adapter: playwright-api
+    enabled: true
+    config:
+      baseUrl: "https://api.example.com"
+      smoke:
+        - "GET /health -> 200"
+        - "GET /status -> 200"
+        - "POST /login -> 200"
+
+  api-crud:
+    adapter: playwright-api
+    enabled: true
+    config:
+      baseUrl: "https://api.example.com"
+      smoke:
+        - "GET /api/v1/users -> 200"
+        - "POST /api/v1/users -> 201"
+        - "PUT /api/v1/users/1 -> 200"
+        - "DELETE /api/v1/users/1 -> 204"
+    budgets:
+      p95_ms: 1000
+
+  ui-smoke:
+    adapter: playwright-ui
+    enabled: true
+    config:
+      baseUrl: "https://example.com"
+      pages:
+        - url: "/"
+          expectedElements: ["body", "main"]
+        - url: "/dashboard"
+          expectedElements: ["body", ".dashboard"]
+
+  a11y:
+    adapter: playwright-ui
+    enabled: true
+    config:
+      baseUrl: "https://example.com"
+      pages:
+        - url: "/"
+          a11yRules:
+            - wcag2a
+            - wcag2aa
+    budgets:
+      violations: 10
+      a11y_score: 90
+
+  perf:
+    adapter: k6-perf
+    enabled: true
+    config:
+      script: |
+        import http from 'k6/http';
+        import { check } from 'k6';
+
+        export const options = {
+          stages: [
+            { duration: '10s', target: 10 },
+            { duration: '20s', target: 50 },
+            { duration: '10s', target: 0 },
+          ],
+        };
+
+        export default function () {
+          const res = http.get('https://api.example.com/health');
+          check(res, {
+            'status is 200': (r) => r.status === 200,
+            'response time < 500ms': (r) => r.timings.duration < 500,
+          });
+        }
+    budgets:
+      p95_ms: 2000
+      p99_ms: 5000
+
+  sast:
+    adapter: semgrep-sast
+    enabled: true
+    config:
+      rules:
+        - security
+        - owasp-top-10
+      paths:
+        - src/
+        - lib/
+    budgets:
+      high_findings: 3
+      medium_findings: 10
+
+  dast:
+    adapter: zap-dast
+    enabled: true
+    config:
+      target: api
+      profile: baseline
+      url: "https://api.example.com"
+      scanType: baseline
+    budgets:
+      high_findings: 5
+      medium_findings: 20
+
+  secrets:
+    adapter: gitleaks-secrets
+    enabled: true
+    config:
+      paths:
+        - .
+        - src/
+        - config/
+    budgets:
+      critical_findings: 0
+
+execution:
+  default_timeout: 120000
+  default_retries: 2
+  on_failure: continue
+  parallel: true
+  max_concurrency: 3
+
+# Optional: Docker Compose integration (uncomment if using Docker)
 # hooks:
 #   beforeAll:
-#     - run: "docker compose up -d"
-#       timeout: 30000
-#     - run: "npx wait-on http://localhost:3000"
+#     - type: docker
+#       compose:
+#         file: docker-compose.yml
+#         command: up -d
 #       timeout: 30000
+#     - type: wait_on
+#       wait_for:
+#         resource: http://localhost:3000
+#         timeout: 30000
 #
 #   afterAll:
-#     - run: "docker compose down"
+#     - type: docker
+#       compose:
+#         file: docker-compose.yml
+#         command: down
 #       timeout: 30000
-
-# Execution settings
-execution:
-  timeout: 120000     # 2 minutes
-  max_retries: 2

package/examples/fullstack.yml

@@ -1,43 +1,78 @@
 # QA360 Example: Full Stack
 # Complete testing suite with API, UI, and Performance
 
-version: 1
+version: 2
 name: fullstack-tests
+description: Full stack testing with API, UI and performance gates
 
 gates:
-  - api_smoke
-  - ui
-  - perf
-
-targets:
-  api:
-    baseUrl: "https://httpbin.org"
-    smoke:
-      - "GET /status/200 -> 200"
-      - "GET /json -> 200"
-      - "POST /post -> 200"
-
-  web:
-    baseUrl: "https://example.com"
-    pages:
-      - "https://example.com"
-
-# Performance budgets
-budgets:
-  perf_p95_ms: 2000  # P95 latency must be < 2000ms
-
-# Hooks for local development (optional - remove if not using Docker)
+  api-health:
+    adapter: playwright-api
+    enabled: true
+    config:
+      baseUrl: "https://httpbin.org"
+      smoke:
+        - "GET /status/200 -> 200"
+        - "GET /json -> 200"
+        - "POST /post -> 200"
+
+  ui-smoke:
+    adapter: playwright-ui
+    enabled: true
+    config:
+      baseUrl: "https://example.com"
+      pages:
+        - url: "/"
+          expectedElements: ["body", "main"]
+
+  perf:
+    adapter: k6-perf
+    enabled: true
+    config:
+      script: |
+        import http from 'k6/http';
+        import { check } from 'k6';
+
+        export const options = {
+          stages: [
+            { duration: '10s', target: 10 },
+            { duration: '20s', target: 50 },
+            { duration: '10s', target: 0 },
+          ],
+        };
+
+        export default function () {
+          const res = http.get('https://httpbin.org/status/200');
+          check(res, {
+            'status is 200': (r) => r.status === 200,
+            'response time < 500ms': (r) => r.timings.duration < 500,
+          });
+        }
+    budgets:
+      p95_ms: 2000
+
+execution:
+  default_timeout: 60000
+  default_retries: 2
+  on_failure: continue
+  parallel: true
+
+# Optional: Docker Compose integration (uncomment if using Docker)
 # hooks:
 #   beforeAll:
-#     - run: "docker compose up -d"
-#       timeout: 30000
-#     - run: "npx wait-on http://localhost:3000"
+#     - type: docker
+#       compose:
+#         file: docker-compose.yml
+#         command: up -d
 #       timeout: 30000
+#     - type: wait_on
+#       wait_for:
+#         resource: http://localhost:3000
+#         timeout: 30000
 #
 #   afterAll:
-#     - run: "docker compose down"
+#     - type: docker
+#       compose:
+#         file: docker-compose.yml
+#         command: down
 #       timeout: 30000
-
-execution:
-  timeout: 60000
-  max_retries: 2

package/examples/security.yml

@@ -1,26 +1,58 @@
 # QA360 Example: Security Suite
 # Comprehensive security testing (SAST, DAST)
 
-version: 1
+version: 2
 name: security-test-suite
+description: Security testing with SAST and DAST scans
 
 gates:
-  - sast     # Static Application Security Testing
-  - dast     # Dynamic Application Security Testing
+  api-health:
+    adapter: playwright-api
+    enabled: true
+    config:
+      baseUrl: "https://api.example.com"
+      smoke:
+        - "GET /health -> 200"
 
-targets:
-  api:
-    baseUrl: "https://api.example.com"
+  sast:
+    adapter: semgrep-sast
+    enabled: true
+    config:
+      rules:
+        - security
+        - owasp-top-10
+      paths:
+        - src/
+        - lib/
+    budgets:
+      high_findings: 3
+      medium_findings: 10
 
-  web:
-    baseUrl: "https://example.com"
+  dast:
+    adapter: zap-dast
+    enabled: true
+    config:
+      target: api
+      profile: baseline
+      url: "https://api.example.com"
+      scanType: baseline
+    budgets:
+      high_findings: 5
+      medium_findings: 20
 
-# Security thresholds
-security:
-  sast_max_high: 3  # Maximum high-severity SAST findings
-  secrets_leak: 0   # Must be zero
+  secrets:
+    adapter: gitleaks-secrets
+    enabled: true
+    config:
+      paths:
+        - .
+        - src/
+        - config/
+    budgets:
+      critical_findings: 0
 
-# Execution settings
 execution:
-  timeout: 120000  # Security scans can take longer
-  max_retries: 1
+  default_timeout: 120000
+  default_retries: 1
+  on_failure: continue
+  parallel: false

package/examples/ui-basic.yml

@@ -1,20 +1,24 @@
 # QA360 Example: UI Basic
 # Basic UI/E2E browser tests
 
-version: 1
+version: 2
 name: ui-browser-tests
+description: Basic UI smoke tests for web applications
 
 gates:
-  - ui
+  ui-smoke:
+    adapter: playwright-ui
+    enabled: true
+    config:
+      baseUrl: "https://example.com"
+      pages:
+        - url: "/"
+          expectedElements: ["body", "main"]
+        - url: "/about"
+          expectedElements: ["body"]
 
-targets:
-  web:
-    baseUrl: "https://example.com"
-    pages:
-      - "https://example.com"
-      - "https://example.com/about"
-
-# Optional: Browser configuration
 execution:
-  timeout: 60000
-  max_retries: 1
+  default_timeout: 60000
+  default_retries: 1
+  on_failure: continue
+  parallel: false

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "qa360",
-  "version": "2.0.11",
+  "version": "2.0.13",
   "description": "QA360 Proof CLI - Quality as Cryptographic Proof",
   "type": "module",
   "main": "dist/index.js",
@@ -45,6 +45,7 @@
     "ollama": "^0.5.1",
     "ora": "^5.4.1",
     "playwright": "^1.57.0",
+    
     "sqlite3": "^5.1.6",
     "tweetnacl": "^1.0.3"
   },
@@ -72,4 +73,4 @@
   "bugs": {
     "url": "https://github.com/xyqotech/qa360/issues"
   }
-}
+}