npm - qa360 - Versions diffs - 2.1.2 → 2.1.4 - Mend

qa360 2.1.2 → 2.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (866) hide show

package/.BETA_TESTING_FEEDBACK.md +256 -0
package/.claude/settings.local.json +151 -0
package/.editorconfig +21 -0
package/.github/CODEOWNERS +23 -0
package/.github/ISSUE_TEMPLATE/bug_report.yml +108 -0
package/.github/ISSUE_TEMPLATE/feedback_dx.yml +121 -0
package/.github/dependabot.yml +35 -0
package/.github/workflows/mcp-dx.yml +106 -0
package/.github/workflows/release.yml +26 -0
package/.github/workflows/test.yml +93 -0
package/.nvmrc +1 -0
package/.qa360-artifacts/.gitkeep +0 -0
package/.qa360-artifacts/baselines/.gitkeep +0 -0
package/.qa360-artifacts/cache/.gitkeep +0 -0
package/.qa360-artifacts/reports/.gitkeep +0 -0
package/.qa360-artifacts/screenshots/.gitkeep +0 -0
package/.qa360-baselines/www_xyqo_ai.baseline.json +33 -0
package/CHANGELOG.md +234 -0
package/CODEOWNERS +43 -0
package/CONTRIBUTING.md +273 -0
package/NOVICE_USER_GUIDE.md +272 -0
package/QUICK_START.md +191 -0
package/README.md +191 -163
package/adapters/README.md +62 -0
package/check-branches.sh +32 -0
package/cli/CHANGELOG.md +84 -0
package/cli/LICENSE +24 -0
package/cli/README.md +222 -0
package/cli/examples/README.md +160 -0
package/cli/package.json +76 -0
package/cli/scripts/bundle-for-npm.sh +51 -0
package/cli/scripts/validate-package.js +116 -0
package/cli/src/__tests__/commands/doctor.test.ts +97 -0
package/cli/src/__tests__/index.test.ts +15 -0
package/cli/src/cli-minimal.ts +44 -0
package/cli/src/commands/__tests__/crawl.test.ts +412 -0
package/cli/src/commands/__tests__/doctor-qa360-home.test.ts +156 -0
package/cli/src/commands/__tests__/e2e-ui-tests.test.ts +494 -0
package/cli/src/commands/__tests__/e2e.test.ts +187 -0
package/cli/src/commands/__tests__/flakiness.test.ts +528 -0
package/cli/src/commands/__tests__/generate.test.ts +507 -0
package/cli/src/commands/__tests__/history.integration.test.ts +358 -0
package/cli/src/commands/__tests__/history.test.ts +433 -0
package/cli/src/commands/__tests__/monitor-realworld.test.ts +199 -0
package/cli/src/commands/__tests__/monitor.test.ts +81 -0
package/cli/src/commands/__tests__/ollama.test.ts +529 -0
package/cli/src/commands/__tests__/repair.test.ts +225 -0
package/cli/src/commands/__tests__/report.integration.test.ts +167 -0
package/cli/src/commands/__tests__/report.test.ts +294 -0
package/cli/src/commands/__tests__/report.vitest.ts +288 -0
package/cli/src/commands/__tests__/retry.test.ts +78 -0
package/cli/src/commands/__tests__/run.integration.test.ts +240 -0
package/cli/src/commands/__tests__/run.test.ts +346 -0
package/cli/src/commands/__tests__/run.vitest.ts +301 -0
package/cli/src/commands/__tests__/secrets.test.ts +114 -0
package/cli/src/commands/__tests__/serve.test.ts +80 -0
package/cli/src/commands/__tests__/verify.test.ts +103 -0
package/cli/src/commands/ai.ts +579 -0
package/cli/src/commands/ask.ts +678 -0
package/cli/src/commands/coverage.ts +305 -0
package/cli/src/commands/crawl.ts +155 -0
package/cli/src/commands/doctor.ts +610 -0
package/cli/src/commands/examples.ts +248 -0
package/cli/src/commands/explain.ts +710 -0
package/cli/src/commands/flakiness.ts +560 -0
package/cli/src/commands/generate.ts +566 -0
package/cli/src/commands/history.ts +914 -0
package/cli/src/commands/init.ts +763 -0
package/cli/src/commands/monitor.ts +270 -0
package/cli/src/commands/ollama.ts +337 -0
package/cli/src/commands/pack.ts +497 -0
package/cli/src/commands/regression.ts +400 -0
package/cli/src/commands/repair.ts +356 -0
package/cli/src/commands/report.ts +463 -0
package/cli/src/commands/retry.ts +380 -0
package/cli/src/commands/run.ts +218 -0
package/cli/src/commands/scan.ts +177 -0
package/cli/src/commands/secrets.ts +340 -0
package/cli/src/commands/serve.ts +194 -0
package/cli/src/commands/slo.ts +387 -0
package/cli/src/commands/verify-temp-note.md +11 -0
package/cli/src/commands/verify.ts +322 -0
package/cli/src/generators/index.ts +6 -0
package/cli/src/generators/json-reporter.ts +15 -0
package/cli/src/generators/test-generator.ts +90 -0
package/cli/src/index.ts +289 -0
package/cli/src/scanners/dom-scanner.ts +360 -0
package/cli/src/scanners/index.ts +5 -0
package/cli/src/types/scan.ts +84 -0
package/cli/src/utils/config.ts +145 -0
package/cli/tsconfig.bundle.json +12 -0
package/cli/tsconfig.json +23 -0
package/cli/vitest.config.ts +57 -0
package/core/LICENSE +24 -0
package/core/README.md +64 -0
package/core/package.json +81 -0
package/core/src/__tests__/adapters-contract/adapters-contract.test.md +156 -0
package/core/src/__tests__/index.test.ts +31 -0
package/core/src/__tests__/integration/phase3.test.ts +405 -0
package/core/src/__tests__/pack/validator.test.ts +312 -0
package/core/src/__tests__/secrets/crypto.test.ts +190 -0
package/core/src/__tests__/secrets/manager.test.ts +316 -0
package/core/src/__tests__/security/redactor-phase3.test.ts +233 -0
package/core/src/__tests__/serve/health-checker.test.ts +155 -0
package/core/src/__tests__/serve/process-manager.test.ts +213 -0
package/core/src/__tests__/serve/server.test.ts +103 -0
package/core/src/__tests__/vault/cas.test.ts +178 -0
package/core/src/__tests__/vault/vault.test.ts +296 -0
package/core/src/adapters/__tests__/gitleaks-secrets.test.ts +452 -0
package/core/src/adapters/__tests__/k6-perf.test.ts +538 -0
package/core/src/adapters/__tests__/osv-deps.test.ts +471 -0
package/core/src/adapters/__tests__/playwright-native-api.test.ts +792 -0
package/core/src/adapters/__tests__/playwright-ui-e2e.test.ts +431 -0
package/core/src/adapters/__tests__/playwright-ui.test.ts +1073 -0
package/core/src/adapters/__tests__/semgrep-sast.test.ts +436 -0
package/core/src/adapters/__tests__/zap-dast.test.ts +453 -0
package/core/src/adapters/gitleaks-secrets.ts +521 -0
package/core/src/adapters/k6-perf.ts +479 -0
package/core/src/adapters/osv-deps.ts +467 -0
package/core/src/adapters/playwright-native-adapter.ts +472 -0
package/core/src/adapters/playwright-native-api.ts +619 -0
package/core/src/adapters/playwright-ui.ts +1088 -0
package/core/src/adapters/semgrep-sast.ts +410 -0
package/core/src/adapters/zap-dast.ts +551 -0
package/core/src/ai/__tests__/deepseek-provider.test.ts +586 -0
package/core/src/ai/__tests__/ollama-provider.test.ts +641 -0
package/core/src/ai/anthropic-provider.ts +248 -0
package/core/src/ai/deepseek-provider.ts +301 -0
package/core/src/ai/index.ts +87 -0
package/core/src/ai/llm-client.ts +52 -0
package/core/src/ai/mock-provider.ts +146 -0
package/core/src/ai/ollama-provider.ts +255 -0
package/core/src/ai/openai-provider.ts +226 -0
package/core/src/ai/provider-factory.ts +408 -0
package/core/src/artifacts/README.md +78 -0
package/core/src/artifacts/index.ts +16 -0
package/core/src/artifacts/ui-artifacts.ts +412 -0
package/core/src/assertions/__tests__/engine.test.ts +360 -0
package/core/src/assertions/engine.ts +577 -0
package/core/src/assertions/index.ts +13 -0
package/core/src/assertions/types.ts +229 -0
package/core/src/auth/__tests__/api-key-provider.test.ts +282 -0
package/core/src/auth/__tests__/auth-manager.test.ts +430 -0
package/core/src/auth/__tests__/basic-auth-provider.test.ts +364 -0
package/core/src/auth/__tests__/cloud-providers.test.ts +751 -0
package/core/src/auth/__tests__/jwt-provider.test.ts +400 -0
package/core/src/auth/__tests__/oauth2-provider.test.ts +383 -0
package/core/src/auth/__tests__/totp-provider.test.ts +294 -0
package/core/src/auth/__tests__/ui-login-provider.test.ts +323 -0
package/core/src/auth/api-key-provider.ts +75 -0
package/core/src/auth/aws-iam-provider.ts +212 -0
package/core/src/auth/azure-ad-provider.ts +126 -0
package/core/src/auth/basic-auth-provider.ts +133 -0
package/core/src/auth/gcp-adc-provider.ts +146 -0
package/core/src/auth/index.ts +342 -0
package/core/src/auth/jwt-provider.ts +193 -0
package/core/src/auth/manager.ts +281 -0
package/core/src/auth/oauth2-provider.ts +141 -0
package/core/src/auth/totp-provider.ts +163 -0
package/core/src/auth/ui-login-provider.ts +242 -0
package/core/src/cache/__tests__/lru-cache.test.ts +564 -0
package/core/src/cache/index.ts +13 -0
package/core/src/cache/lru-cache.ts +536 -0
package/core/src/crawler/__tests__/journey-generator.test.ts +344 -0
package/core/src/crawler/__tests__/selector-generator.test.ts +211 -0
package/core/src/crawler/index.ts +335 -0
package/core/src/crawler/journey-generator.ts +471 -0
package/core/src/crawler/page-analyzer.ts +857 -0
package/core/src/crawler/selector-generator.ts +280 -0
package/core/src/crawler/types.ts +475 -0
package/core/src/dashboard/__tests__/real-world.test.ts +430 -0
package/core/src/dashboard/__tests__/server.test.ts +283 -0
package/core/src/dashboard/__tests__/types.test.ts +208 -0
package/core/src/dashboard/assets.ts +692 -0
package/core/src/dashboard/index.ts +17 -0
package/core/src/dashboard/server.ts +401 -0
package/core/src/dashboard/types.ts +78 -0
package/core/src/discoverer/__tests__/test-discoverer.test.ts +444 -0
package/core/src/discoverer/index.ts +374 -0
package/core/src/flakiness/__tests__/flakiness.test.ts +554 -0
package/core/src/flakiness/index.ts +536 -0
package/core/src/generation/__tests__/code-formatter.test.ts +170 -0
package/core/src/generation/__tests__/code-generator-contract.test.ts +207 -0
package/core/src/generation/__tests__/code-generator.test.ts +586 -0
package/core/src/generation/__tests__/crawler-pack-generator.test.ts +479 -0
package/core/src/generation/__tests__/generation-e2e-b2bshop.test.ts +718 -0
package/core/src/generation/__tests__/generation-integration.test.ts +655 -0
package/core/src/generation/__tests__/pack-generator.test.ts +408 -0
package/core/src/generation/__tests__/prompt-builder.test.ts +200 -0
package/core/src/generation/__tests__/real-provider-integration.test.ts +414 -0
package/core/src/generation/__tests__/source-analyzer.test.ts +774 -0
package/core/src/generation/__tests__/test-optimizer.test.ts +255 -0
package/core/src/generation/code-formatter.ts +408 -0
package/core/src/generation/code-generator.ts +470 -0
package/core/src/generation/crawler-pack-generator.ts +289 -0
package/core/src/generation/generator.ts +113 -0
package/core/src/generation/index.ts +59 -0
package/core/src/generation/pack-generator.ts +527 -0
package/core/src/generation/prompt-builder.ts +772 -0
package/core/src/generation/source-analyzer.ts +830 -0
package/core/src/generation/test-optimizer.ts +474 -0
package/core/src/generation/types.ts +217 -0
package/core/src/hooks/__tests__/compose.test.ts +636 -0
package/core/src/hooks/__tests__/runner.test.ts +478 -0
package/core/src/hooks/compose.ts +268 -0
package/core/src/hooks/runner.ts +364 -0
package/core/src/index.ts +237 -0
package/core/src/pack/__tests__/migrator.test.ts +594 -0
package/core/src/pack/__tests__/validator.test.ts +759 -0
package/core/src/pack/migrator.ts +353 -0
package/core/src/pack/validator.ts +359 -0
package/core/src/pack-v2/__tests__/loader.test.ts +533 -0
package/core/src/pack-v2/__tests__/migrator.test.ts +455 -0
package/core/src/pack-v2/__tests__/validator.test.ts +549 -0
package/core/src/pack-v2/index.ts +41 -0
package/core/src/pack-v2/loader.ts +321 -0
package/core/src/pack-v2/migrator.ts +540 -0
package/core/src/pack-v2/validator.ts +673 -0
package/core/src/parallel/README.md +143 -0
package/core/src/parallel/index.ts +16 -0
package/core/src/parallel/parallel-runner.ts +282 -0
package/core/src/proof/__tests__/proof-roundtrip.test.ts +149 -0
package/core/src/proof/__tests__/schema-validation-manual.mjs +211 -0
package/core/src/proof/__tests__/schema-validation.test.ts +336 -0
package/core/src/proof/__tests__/signer.test.ts +486 -0
package/core/src/proof/__tests__/temporal-regression.test.ts +537 -0
package/core/src/proof/__tests__/verifier-advanced.test.ts +588 -0
package/core/src/proof/__tests__/verifier.test.ts +413 -0
package/core/src/proof/bundle.ts +290 -0
package/core/src/proof/canonicalize.ts +116 -0
package/core/src/proof/index.ts +74 -0
package/core/src/proof/schema.ts +285 -0
package/core/src/proof/signer.ts +293 -0
package/core/src/proof/verifier.ts +380 -0
package/core/src/regression/__tests__/detector.test.ts +396 -0
package/core/src/regression/__tests__/trend-analyzer.test.ts +300 -0
package/core/src/regression/detector.ts +629 -0
package/core/src/regression/index.ts +34 -0
package/core/src/regression/trend-analyzer.ts +468 -0
package/core/src/regression/types.ts +295 -0
package/core/src/regression/vault.ts +419 -0
package/core/src/repair/__tests__/repairer.test.ts +572 -0
package/core/src/repair/__tests__/types.test.ts +302 -0
package/core/src/repair/engine/__tests__/fixer.test.ts +482 -0
package/core/src/repair/engine/__tests__/suggestion-engine.test.ts +395 -0
package/core/src/repair/engine/fixer.ts +271 -0
package/core/src/repair/engine/suggestion-engine.ts +234 -0
package/core/src/repair/index.ts +53 -0
package/core/src/repair/repairer.ts +376 -0
package/core/src/repair/types.ts +119 -0
package/core/src/repair/utils/__tests__/error-analyzer.test.ts +454 -0
package/core/src/repair/utils/error-analyzer.ts +308 -0
package/core/src/reporting/README.md +144 -0
package/core/src/reporting/html-reporter.ts +835 -0
package/core/src/reporting/index.ts +16 -0
package/core/src/retry/README.md +192 -0
package/core/src/retry/__tests__/flakiness-integration.test.ts +475 -0
package/core/src/retry/__tests__/retry-engine.test.ts +424 -0
package/core/src/retry/flakiness-integration.ts +267 -0
package/core/src/retry/index.ts +48 -0
package/core/src/retry/retry-engine.ts +368 -0
package/core/src/retry/types.ts +208 -0
package/core/src/retry/vault.ts +413 -0
package/core/src/runner/__tests__/flakiness-integration.test.ts +566 -0
package/core/src/runner/__tests__/phase3-e2e-b2bshop.test.ts +218 -0
package/core/src/runner/__tests__/phase3-e2e-reqres.test.ts +199 -0
package/core/src/runner/__tests__/phase3-runner.test.ts +1118 -0
package/core/src/runner/e2e-helpers.ts +216 -0
package/core/src/runner/phase3-runner.ts +1236 -0
package/core/src/schemas/gherkin-report.json +122 -0
package/core/src/secrets/__tests__/crypto.test.ts +180 -0
package/core/src/secrets/crypto.ts +289 -0
package/core/src/secrets/manager.ts +272 -0
package/core/src/security/__tests__/hardening.test.ts +480 -0
package/core/src/security/redaction-patterns-extended.ts +278 -0
package/core/src/security/redactor.ts +326 -0
package/core/src/self-healing/assertion-healer.ts +485 -0
package/core/src/self-healing/engine.ts +626 -0
package/core/src/self-healing/index.ts +33 -0
package/core/src/self-healing/selector-healer.ts +488 -0
package/core/src/self-healing/types.ts +193 -0
package/core/src/serve/diagnostics-collector.ts +201 -0
package/core/src/serve/health-checker.ts +274 -0
package/core/src/serve/index.ts +9 -0
package/core/src/serve/metrics-collector.ts +386 -0
package/core/src/serve/process-manager.ts +265 -0
package/core/src/serve/server.ts +230 -0
package/core/src/slo/config.ts +408 -0
package/core/src/slo/index.ts +68 -0
package/core/src/slo/sli-calculator.ts +474 -0
package/core/src/slo/slo-tracker.ts +481 -0
package/core/src/slo/types.ts +408 -0
package/core/src/slo/vault.ts +600 -0
package/core/src/tui/__tests__/monitor.test.ts +336 -0
package/core/src/tui/__tests__/real-world.test.ts +376 -0
package/core/src/tui/__tests__/renderer.test.ts +201 -0
package/core/src/tui/__tests__/types.test.ts +295 -0
package/core/src/tui/index.ts +19 -0
package/core/src/tui/monitor.ts +331 -0
package/core/src/tui/renderer.ts +269 -0
package/core/src/tui/types.ts +68 -0
package/core/src/types/pack-v1.ts +305 -0
package/core/src/types/pack-v2.ts +491 -0
package/core/src/types/trust-score.ts +258 -0
package/core/src/vault/__tests__/flakiness-vault.test.ts +562 -0
package/core/src/vault/__tests__/vault.test.ts +259 -0
package/core/src/vault/cas.ts +323 -0
package/core/src/vault/index.ts +1361 -0
package/core/src/vault/schema.sql +168 -0
package/core/src/visual/README.md +185 -0
package/core/src/visual/index.ts +14 -0
package/core/src/visual/visual-regression.ts +347 -0
package/core/src/watch/__tests__/watch-mode.test.ts +192 -0
package/core/src/watch/index.ts +14 -0
package/core/src/watch/watch-mode.ts +565 -0
package/core/tsconfig.json +12 -0
package/core/vitest.config.ts +52 -0
package/docs/ARCHITECTURE.md +901 -0
package/docs/AUDIT-GLOBAL-DEC2025.md +271 -0
package/docs/BETA_TESTING.md +257 -0
package/docs/BETA_TESTING_PLAN.md +727 -0
package/docs/CERTIFICATION-REPORT.md +142 -0
package/docs/COMPLETE_AUDIT_REFACTORING.md +965 -0
package/docs/DEVELOPMENT.md +331 -0
package/docs/DEVELOPMENT_HISTORY.md +345 -0
package/docs/LIMITATIONS.md +176 -0
package/docs/MIGRATION.md +303 -0
package/docs/OPTION_3_4_EXPLORATION.md +1257 -0
package/docs/PHASE1_PERFORMANCE.md +144 -0
package/docs/QA360_Cloud.postman_collection.json +89 -0
package/docs/README.md +50 -0
package/docs/STATUS.md +179 -0
package/docs/STRATEGIC_STUDY_GOOSE_INTEGRATION.md +615 -0
package/docs/USER_GUIDE.md +687 -0
package/docs/WORK-DONE-ADAPTER-TESTS.md +136 -0
package/docs/adapters-security.md +485 -0
package/docs/architecture-diagram.mmd +168 -0
package/docs/archive/ARCH-01-DAY6-BUILD-FIXES.md +396 -0
package/docs/archive/ARCH-01-DAY6-FINAL-STATUS.md +324 -0
package/docs/archive/ARCH-01_MCP_MERGE_ANALYSIS.md +644 -0
package/docs/archive/ARCH-01_NEXT_STEPS.md +60 -0
package/docs/archive/BRANCH_PROTECTION.md +183 -0
package/docs/archive/CI_LOCKDOWN_CHECKLIST.md +222 -0
package/docs/archive/HANDOFF_TEST-01.md +669 -0
package/docs/archive/LEGAL_READY_PLACEHOLDERS.md +372 -0
package/docs/archive/NODE_UPGRADE_GUIDE.md +188 -0
package/docs/archive/PHASE1_COMPLETION.md +386 -0
package/docs/archive/PHASE2_COMPLETION.md +404 -0
package/docs/archive/PHASE3_AND_4_FINAL.md +360 -0
package/docs/archive/PHASE3_COMPLETE.md +301 -0
package/docs/archive/PHASE3_STATUS.md +255 -0
package/docs/archive/PRE-WEEK2-AUDIT.md +364 -0
package/docs/archive/README.md +33 -0
package/docs/archive/SCHEMA_AJV_2020_FIX.md +245 -0
package/docs/archive/TEST-01_AUDIT_REPORT.md +240 -0
package/docs/archive/TEST-01_COVERAGE_PLAN.md +423 -0
package/docs/budgets-advanced.md +308 -0
package/docs/examples/history-export-gc.md +285 -0
package/docs/examples/pack-v2-complete.yaml +158 -0
package/docs/examples/pack-v2-quickstart.yaml +24 -0
package/docs/examples/pack-v2-ui-login.yaml +81 -0
package/docs/examples/qa360-report.json +50 -0
package/docs/history.md +565 -0
package/docs/hooks.md +304 -0
package/docs/llm-providers.md +419 -0
package/docs/mcp-server.md +651 -0
package/docs/mcp-tools.md +1131 -0
package/docs/pack-v1.md +383 -0
package/docs/pack-v2.md +558 -0
package/docs/proofs.md +670 -0
package/docs/quickstart-5min.md +257 -0
package/docs/readiness-ci.md +654 -0
package/docs/rfc/README.md +20 -0
package/docs/rfc/proof-bundle-v1.md +787 -0
package/docs/secrets.md +392 -0
package/docs/serve.md +494 -0
package/docs/vault.md +491 -0
package/e2e/qa360-e2e.test.ts +696 -0
package/e2e/vitest.config.ts +18 -0
package/examples/README.md +30 -140
package/examples/ci/docker-compose-serve.yml +375 -0
package/examples/ci/github-actions-serve.yml +345 -0
package/examples/ci/gitlab-ci-serve.yml +407 -0
package/examples/datasets/README.md +101 -0
package/examples/datasets/b2bshop.ts +155 -0
package/examples/datasets/index.ts +57 -0
package/examples/datasets/reqres.ts +195 -0
package/examples/future-api/README.md +16 -0
package/examples/future-api/diag.js +7 -0
package/examples/future-api/health.js +4 -0
package/examples/future-api/packs.js +13 -0
package/examples/future-api/runpack.js +10 -0
package/examples/generation/README.md +148 -0
package/examples/generation/pack-generator-example.js +115 -0
package/examples/generation/source-analyzer-example.js +115 -0
package/examples/httpbin/pack.yml +59 -0
package/examples/load-testing/mcp-load.yml +115 -0
package/examples/load-testing/mcp-stdio.yml +95 -0
package/examples/mcp/claude-desktop-config.json +33 -0
package/examples/mcp/claude-desktop.json +16 -0
package/examples/mcp/conversation-sample.md +131 -0
package/examples/mcp/demo-60s.md +330 -0
package/examples/mcp/sample-conversation.jsonl +21 -0
package/examples/mcp/vscode-settings.json +22 -0
package/examples/pack-v2-complete.yml +242 -0
package/examples/pack-v2-examples.md +244 -0
package/examples/pack-v2-quickstart.yml +55 -0
package/examples/packs-business/ecommerce-api.yml +121 -0
package/examples/packs-business/saas-dashboard-ui.yml +133 -0
package/examples/packs-conformance/compose-multi.yml +174 -0
package/examples/packs-conformance/full.yml +152 -0
package/examples/packs-conformance/heavy-artifacts.yml +152 -0
package/examples/packs-conformance/minimal.yml +71 -0
package/examples/packs-conformance/secrets-missing.yml +97 -0
package/examples/packs-conformance/timeouts.yml +77 -0
package/examples/proofs/e2e-playwright-proof.json +75 -0
package/examples/proofs/httpbin-proof.json +69 -0
package/examples/proofs/multi-adapter-proof.json +117 -0
package/examples/proofs/test-proof.json +26 -0
package/examples/restful-api-dev/README.md +102 -0
package/examples/restful-api-dev/restful-api-advanced.yml +29 -0
package/examples/restful-api-dev/restful-api-basic.yml +29 -0
package/examples/web-lite/.github/workflows/qa360-phase3.yml +73 -0
package/examples/web-lite/api-mock/server.js +258 -0
package/examples/web-lite/pack.yml +71 -0
package/examples/web-lite/services.yml +43 -0
package/examples/web-lite/web-content/healthz +1 -0
package/examples/web-lite/web-content/index.html +259 -0
package/package.json +55 -45
package/packages/mcp/CHANGELOG.md +109 -0
package/packages/mcp/IMPLEMENTATION_SUMMARY.md +350 -0
package/packages/mcp/LICENSE +21 -0
package/packages/mcp/QUICK_START.md +291 -0
package/packages/mcp/README.md +294 -0
package/packages/mcp/TELEMETRY.md +220 -0
package/packages/mcp/package.json +92 -0
package/packages/mcp/scripts/generate-sbom-fallback.cjs +84 -0
package/packages/mcp/scripts/safe-postinstall.cjs +32 -0
package/packages/mcp/src/__tests__/contract.test.ts +902 -0
package/packages/mcp/src/cli/cli.ts +137 -0
package/packages/mcp/src/cli/doctor.ts +286 -0
package/packages/mcp/src/cli/fix.ts +99 -0
package/packages/mcp/src/cli/init.ts +233 -0
package/packages/mcp/src/cli/postinstall.ts +14 -0
package/packages/mcp/src/cli/reset.ts +44 -0
package/packages/mcp/src/cli/telemetry.ts +166 -0
package/packages/mcp/src/cli/test-dx.ts +94 -0
package/packages/mcp/src/cli/uninstall.ts +80 -0
package/packages/mcp/src/cli/up.ts +178 -0
package/packages/mcp/src/index.ts +12 -0
package/packages/mcp/src/scripts/e2e-local.ts +337 -0
package/packages/mcp/src/scripts/verify-settings.ts +242 -0
package/packages/mcp/src/security/audit.ts +244 -0
package/packages/mcp/src/security/manager.ts +242 -0
package/packages/mcp/src/server/full-server.ts +212 -0
package/packages/mcp/src/server/minimal-server.ts +134 -0
package/packages/mcp/src/tools/history.ts +388 -0
package/packages/mcp/src/tools/pack.ts +449 -0
package/packages/mcp/src/tools/registry.ts +638 -0
package/packages/mcp/src/tools/report.ts +100 -0
package/packages/mcp/src/tools/run.ts +268 -0
package/packages/mcp/src/tools/secrets.ts +198 -0
package/packages/mcp/src/tools/serve.ts +221 -0
package/packages/mcp/src/tools/triage.ts +532 -0
package/packages/mcp/src/tools/types.ts +26 -0
package/packages/mcp/src/tools/vault.ts +164 -0
package/packages/mcp/src/tools/verify.ts +166 -0
package/packages/mcp/src/types/index.ts +311 -0
package/packages/mcp/src/types/mcp-stubs.ts +83 -0
package/packages/mcp/tsconfig.json +16 -0
package/playwright.config.ts +20 -0
package/pnpm-workspace.yaml +4 -0
package/run-test-and-push.sh +20 -0
package/scripts/build-proof-cli.sh +110 -0
package/scripts/ci/check-windows-paths.js +92 -0
package/scripts/ci/invariants.sh +124 -0
package/scripts/ci/make-final-bundle.js +106 -0
package/scripts/ci/mcp-run-multipack.js +305 -0
package/scripts/ci/run-pack-suite.sh +103 -0
package/scripts/ci/run-phase7-final.sh +190 -0
package/scripts/ci/slo-assert.js +158 -0
package/scripts/ci/test-fault-tolerance.sh +301 -0
package/scripts/install-mcp.sh +66 -0
package/scripts/mcp-smoke.mjs +27 -0
package/scripts/smoke.sh +26 -0
package/scripts/stress-test.js +288 -0
package/scripts/validate-examples.mjs +404 -0
package/scripts/validation/simple-pack-check.sh +51 -0
package/scripts/validation/validate-universal-pack.mjs +77 -0
package/scripts/verify-persistence.js +127 -0
package/test-pack.yaml +43 -0
package/test-results/.last-run.json +4 -0
package/test-runner.mjs +87 -0
package/tests/artifacts.spec.js +147 -0
package/tests/contracts.spec.js +239 -0
package/tests/e2e/assertions.test.mjs +370 -0
package/tests/e2e/crawler.test.mjs +451 -0
package/tests/e2e/playwright-plus-plus.test.mjs +604 -0
package/tests/e2e/proof-bundle.test.mjs +258 -0
package/tests/e2e/real-world/saucedemo.test.mjs +714 -0
package/tests/e2e/real-world/the-internet-herokuapp.test.mjs +760 -0
package/tests/e2e/ui-actions.test.mjs +546 -0
package/tests/gherkin.e2e.spec.ts +310 -0
package/tests/no-console-errors.spec.js +136 -0
package/tests/pdf.spec.ts +252 -0
package/tests/run-pack.spec.ts +58 -0
package/tsconfig.base.json +15 -0
package/tsconfig.build.json +8 -0
package/tsconfig.json +37 -0
package/tsconfig.test.json +18 -0
package/typedoc.json +37 -0
package/ui/README.md +51 -0
package/verify-proof.mjs +60 -0
package/dist/cli-minimal.d.ts +0 -6
package/dist/cli-minimal.js +0 -36
package/dist/commands/ai.d.ts +0 -41
package/dist/commands/ai.js +0 -511
package/dist/commands/ask.d.ts +0 -94
package/dist/commands/ask.js +0 -582
package/dist/commands/coverage.d.ts +0 -8
package/dist/commands/coverage.js +0 -252
package/dist/commands/crawl.d.ts +0 -24
package/dist/commands/crawl.js +0 -121
package/dist/commands/doctor.d.ts +0 -54
package/dist/commands/doctor.js +0 -513
package/dist/commands/examples.d.ts +0 -33
package/dist/commands/examples.js +0 -193
package/dist/commands/explain.d.ts +0 -27
package/dist/commands/explain.js +0 -630
package/dist/commands/flakiness.d.ts +0 -73
package/dist/commands/flakiness.js +0 -435
package/dist/commands/generate.d.ts +0 -66
package/dist/commands/generate.js +0 -438
package/dist/commands/history.d.ts +0 -76
package/dist/commands/history.js +0 -757
package/dist/commands/init.d.ts +0 -106
package/dist/commands/init.js +0 -599
package/dist/commands/monitor.d.ts +0 -27
package/dist/commands/monitor.js +0 -225
package/dist/commands/ollama.d.ts +0 -40
package/dist/commands/ollama.js +0 -301
package/dist/commands/pack.d.ts +0 -70
package/dist/commands/pack.js +0 -413
package/dist/commands/regression.d.ts +0 -8
package/dist/commands/regression.js +0 -340
package/dist/commands/repair.d.ts +0 -26
package/dist/commands/repair.js +0 -307
package/dist/commands/report.d.ts +0 -62
package/dist/commands/report.js +0 -378
package/dist/commands/retry.d.ts +0 -43
package/dist/commands/retry.js +0 -275
package/dist/commands/run.d.ts +0 -41
package/dist/commands/run.js +0 -169
package/dist/commands/scan.d.ts +0 -5
package/dist/commands/scan.js +0 -155
package/dist/commands/secrets.d.ts +0 -58
package/dist/commands/secrets.js +0 -289
package/dist/commands/serve.d.ts +0 -13
package/dist/commands/serve.js +0 -156
package/dist/commands/slo.d.ts +0 -8
package/dist/commands/slo.js +0 -327
package/dist/commands/verify.d.ts +0 -32
package/dist/commands/verify.js +0 -278
package/dist/core/adapters/gitleaks-secrets.d.ts +0 -114
package/dist/core/adapters/gitleaks-secrets.js +0 -410
package/dist/core/adapters/k6-perf.d.ts +0 -85
package/dist/core/adapters/k6-perf.js +0 -398
package/dist/core/adapters/osv-deps.d.ts +0 -123
package/dist/core/adapters/osv-deps.js +0 -372
package/dist/core/adapters/playwright-native-adapter.d.ts +0 -121
package/dist/core/adapters/playwright-native-adapter.js +0 -339
package/dist/core/adapters/playwright-native-api.d.ts +0 -183
package/dist/core/adapters/playwright-native-api.js +0 -461
package/dist/core/adapters/playwright-ui.d.ts +0 -197
package/dist/core/adapters/playwright-ui.js +0 -840
package/dist/core/adapters/semgrep-sast.d.ts +0 -99
package/dist/core/adapters/semgrep-sast.js +0 -322
package/dist/core/adapters/zap-dast.d.ts +0 -133
package/dist/core/adapters/zap-dast.js +0 -424
package/dist/core/ai/anthropic-provider.d.ts +0 -50
package/dist/core/ai/anthropic-provider.js +0 -211
package/dist/core/ai/deepseek-provider.d.ts +0 -81
package/dist/core/ai/deepseek-provider.js +0 -254
package/dist/core/ai/index.d.ts +0 -60
package/dist/core/ai/index.js +0 -18
package/dist/core/ai/llm-client.d.ts +0 -45
package/dist/core/ai/llm-client.js +0 -7
package/dist/core/ai/mock-provider.d.ts +0 -49
package/dist/core/ai/mock-provider.js +0 -121
package/dist/core/ai/ollama-provider.d.ts +0 -78
package/dist/core/ai/ollama-provider.js +0 -192
package/dist/core/ai/openai-provider.d.ts +0 -48
package/dist/core/ai/openai-provider.js +0 -188
package/dist/core/ai/provider-factory.d.ts +0 -160
package/dist/core/ai/provider-factory.js +0 -269
package/dist/core/artifacts/index.d.ts +0 -6
package/dist/core/artifacts/index.js +0 -6
package/dist/core/artifacts/ui-artifacts.d.ts +0 -133
package/dist/core/artifacts/ui-artifacts.js +0 -304
package/dist/core/assertions/engine.d.ts +0 -51
package/dist/core/assertions/engine.js +0 -530
package/dist/core/assertions/index.d.ts +0 -11
package/dist/core/assertions/index.js +0 -11
package/dist/core/assertions/types.d.ts +0 -121
package/dist/core/assertions/types.js +0 -37
package/dist/core/auth/api-key-provider.d.ts +0 -16
package/dist/core/auth/api-key-provider.js +0 -63
package/dist/core/auth/aws-iam-provider.d.ts +0 -35
package/dist/core/auth/aws-iam-provider.js +0 -177
package/dist/core/auth/azure-ad-provider.d.ts +0 -15
package/dist/core/auth/azure-ad-provider.js +0 -99
package/dist/core/auth/basic-auth-provider.d.ts +0 -26
package/dist/core/auth/basic-auth-provider.js +0 -111
package/dist/core/auth/gcp-adc-provider.d.ts +0 -27
package/dist/core/auth/gcp-adc-provider.js +0 -126
package/dist/core/auth/index.d.ts +0 -238
package/dist/core/auth/index.js +0 -82
package/dist/core/auth/jwt-provider.d.ts +0 -19
package/dist/core/auth/jwt-provider.js +0 -160
package/dist/core/auth/manager.d.ts +0 -84
package/dist/core/auth/manager.js +0 -230
package/dist/core/auth/oauth2-provider.d.ts +0 -17
package/dist/core/auth/oauth2-provider.js +0 -114
package/dist/core/auth/totp-provider.d.ts +0 -31
package/dist/core/auth/totp-provider.js +0 -134
package/dist/core/auth/ui-login-provider.d.ts +0 -26
package/dist/core/auth/ui-login-provider.js +0 -198
package/dist/core/cache/index.d.ts +0 -7
package/dist/core/cache/index.js +0 -6
package/dist/core/cache/lru-cache.d.ts +0 -203
package/dist/core/cache/lru-cache.js +0 -397
package/dist/core/core/coverage/analyzer.d.ts +0 -101
package/dist/core/core/coverage/analyzer.js +0 -415
package/dist/core/core/coverage/collector.d.ts +0 -74
package/dist/core/core/coverage/collector.js +0 -459
package/dist/core/core/coverage/config.d.ts +0 -37
package/dist/core/core/coverage/config.js +0 -156
package/dist/core/core/coverage/index.d.ts +0 -11
package/dist/core/core/coverage/index.js +0 -15
package/dist/core/core/coverage/types.d.ts +0 -267
package/dist/core/core/coverage/types.js +0 -6
package/dist/core/core/coverage/vault.d.ts +0 -95
package/dist/core/core/coverage/vault.js +0 -405
package/dist/core/coverage/analyzer.d.ts +0 -101
package/dist/core/coverage/analyzer.js +0 -415
package/dist/core/coverage/collector.d.ts +0 -74
package/dist/core/coverage/collector.js +0 -459
package/dist/core/coverage/config.d.ts +0 -37
package/dist/core/coverage/config.js +0 -156
package/dist/core/coverage/index.d.ts +0 -11
package/dist/core/coverage/index.js +0 -15
package/dist/core/coverage/types.d.ts +0 -267
package/dist/core/coverage/types.js +0 -6
package/dist/core/coverage/vault.d.ts +0 -95
package/dist/core/coverage/vault.js +0 -405
package/dist/core/crawler/index.d.ts +0 -57
package/dist/core/crawler/index.js +0 -281
package/dist/core/crawler/journey-generator.d.ts +0 -49
package/dist/core/crawler/journey-generator.js +0 -412
package/dist/core/crawler/page-analyzer.d.ts +0 -88
package/dist/core/crawler/page-analyzer.js +0 -709
package/dist/core/crawler/selector-generator.d.ts +0 -34
package/dist/core/crawler/selector-generator.js +0 -240
package/dist/core/crawler/types.d.ts +0 -353
package/dist/core/crawler/types.js +0 -6
package/dist/core/dashboard/assets.d.ts +0 -6
package/dist/core/dashboard/assets.js +0 -690
package/dist/core/dashboard/index.d.ts +0 -6
package/dist/core/dashboard/index.js +0 -5
package/dist/core/dashboard/server.d.ts +0 -72
package/dist/core/dashboard/server.js +0 -354
package/dist/core/dashboard/types.d.ts +0 -70
package/dist/core/dashboard/types.js +0 -5
package/dist/core/discoverer/index.d.ts +0 -115
package/dist/core/discoverer/index.js +0 -250
package/dist/core/flakiness/index.d.ts +0 -228
package/dist/core/flakiness/index.js +0 -384
package/dist/core/generation/code-formatter.d.ts +0 -111
package/dist/core/generation/code-formatter.js +0 -307
package/dist/core/generation/code-generator.d.ts +0 -144
package/dist/core/generation/code-generator.js +0 -293
package/dist/core/generation/crawler-pack-generator.d.ts +0 -44
package/dist/core/generation/crawler-pack-generator.js +0 -231
package/dist/core/generation/generator.d.ts +0 -40
package/dist/core/generation/generator.js +0 -76
package/dist/core/generation/index.d.ts +0 -32
package/dist/core/generation/index.js +0 -30
package/dist/core/generation/pack-generator.d.ts +0 -107
package/dist/core/generation/pack-generator.js +0 -416
package/dist/core/generation/prompt-builder.d.ts +0 -132
package/dist/core/generation/prompt-builder.js +0 -672
package/dist/core/generation/source-analyzer.d.ts +0 -213
package/dist/core/generation/source-analyzer.js +0 -657
package/dist/core/generation/test-optimizer.d.ts +0 -117
package/dist/core/generation/test-optimizer.js +0 -328
package/dist/core/generation/types.d.ts +0 -214
package/dist/core/generation/types.js +0 -4
package/dist/core/hooks/compose.d.ts +0 -61
package/dist/core/hooks/compose.js +0 -225
package/dist/core/hooks/runner.d.ts +0 -68
package/dist/core/hooks/runner.js +0 -303
package/dist/core/index.d.ts +0 -104
package/dist/core/index.js +0 -91
package/dist/core/pack/migrator.d.ts +0 -51
package/dist/core/pack/migrator.js +0 -304
package/dist/core/pack/validator.d.ts +0 -42
package/dist/core/pack/validator.js +0 -322
package/dist/core/pack-v2/index.d.ts +0 -9
package/dist/core/pack-v2/index.js +0 -8
package/dist/core/pack-v2/loader.d.ts +0 -62
package/dist/core/pack-v2/loader.js +0 -259
package/dist/core/pack-v2/migrator.d.ts +0 -61
package/dist/core/pack-v2/migrator.js +0 -480
package/dist/core/pack-v2/validator.d.ts +0 -61
package/dist/core/pack-v2/validator.js +0 -577
package/dist/core/parallel/index.d.ts +0 -6
package/dist/core/parallel/index.js +0 -6
package/dist/core/parallel/parallel-runner.d.ts +0 -107
package/dist/core/parallel/parallel-runner.js +0 -192
package/dist/core/proof/bundle.d.ts +0 -137
package/dist/core/proof/bundle.js +0 -160
package/dist/core/proof/canonicalize.d.ts +0 -47
package/dist/core/proof/canonicalize.js +0 -105
package/dist/core/proof/index.d.ts +0 -13
package/dist/core/proof/index.js +0 -18
package/dist/core/proof/schema.d.ts +0 -217
package/dist/core/proof/schema.js +0 -263
package/dist/core/proof/signer.d.ts +0 -111
package/dist/core/proof/signer.js +0 -226
package/dist/core/proof/verifier.d.ts +0 -97
package/dist/core/proof/verifier.js +0 -308
package/dist/core/regression/detector.d.ts +0 -107
package/dist/core/regression/detector.js +0 -497
package/dist/core/regression/index.d.ts +0 -9
package/dist/core/regression/index.js +0 -11
package/dist/core/regression/trend-analyzer.d.ts +0 -102
package/dist/core/regression/trend-analyzer.js +0 -345
package/dist/core/regression/types.d.ts +0 -222
package/dist/core/regression/types.js +0 -7
package/dist/core/regression/vault.d.ts +0 -87
package/dist/core/regression/vault.js +0 -289
package/dist/core/repair/engine/fixer.d.ts +0 -24
package/dist/core/repair/engine/fixer.js +0 -226
package/dist/core/repair/engine/suggestion-engine.d.ts +0 -18
package/dist/core/repair/engine/suggestion-engine.js +0 -187
package/dist/core/repair/index.d.ts +0 -10
package/dist/core/repair/index.js +0 -13
package/dist/core/repair/repairer.d.ts +0 -90
package/dist/core/repair/repairer.js +0 -284
package/dist/core/repair/types.d.ts +0 -91
package/dist/core/repair/types.js +0 -6
package/dist/core/repair/utils/error-analyzer.d.ts +0 -28
package/dist/core/repair/utils/error-analyzer.js +0 -264
package/dist/core/reporting/html-reporter.d.ts +0 -119
package/dist/core/reporting/html-reporter.js +0 -737
package/dist/core/reporting/index.d.ts +0 -6
package/dist/core/reporting/index.js +0 -6
package/dist/core/retry/flakiness-integration.d.ts +0 -60
package/dist/core/retry/flakiness-integration.js +0 -228
package/dist/core/retry/index.d.ts +0 -14
package/dist/core/retry/index.js +0 -16
package/dist/core/retry/retry-engine.d.ts +0 -80
package/dist/core/retry/retry-engine.js +0 -296
package/dist/core/retry/types.d.ts +0 -178
package/dist/core/retry/types.js +0 -52
package/dist/core/retry/vault.d.ts +0 -77
package/dist/core/retry/vault.js +0 -304
package/dist/core/runner/e2e-helpers.d.ts +0 -102
package/dist/core/runner/e2e-helpers.js +0 -153
package/dist/core/runner/phase3-runner.d.ts +0 -200
package/dist/core/runner/phase3-runner.js +0 -1039
package/dist/core/secrets/crypto.d.ts +0 -75
package/dist/core/secrets/crypto.js +0 -223
package/dist/core/secrets/manager.d.ts +0 -76
package/dist/core/secrets/manager.js +0 -219
package/dist/core/security/redaction-patterns-extended.d.ts +0 -27
package/dist/core/security/redaction-patterns-extended.js +0 -247
package/dist/core/security/redactor.d.ts +0 -71
package/dist/core/security/redactor.js +0 -279
package/dist/core/self-healing/assertion-healer.d.ts +0 -97
package/dist/core/self-healing/assertion-healer.js +0 -371
package/dist/core/self-healing/engine.d.ts +0 -122
package/dist/core/self-healing/engine.js +0 -538
package/dist/core/self-healing/index.d.ts +0 -10
package/dist/core/self-healing/index.js +0 -11
package/dist/core/self-healing/selector-healer.d.ts +0 -103
package/dist/core/self-healing/selector-healer.js +0 -372
package/dist/core/self-healing/types.d.ts +0 -152
package/dist/core/self-healing/types.js +0 -6
package/dist/core/serve/diagnostics-collector.d.ts +0 -32
package/dist/core/serve/diagnostics-collector.js +0 -149
package/dist/core/serve/health-checker.d.ts +0 -44
package/dist/core/serve/health-checker.js +0 -219
package/dist/core/serve/index.d.ts +0 -8
package/dist/core/serve/index.js +0 -8
package/dist/core/serve/metrics-collector.d.ts +0 -24
package/dist/core/serve/metrics-collector.js +0 -322
package/dist/core/serve/process-manager.d.ts +0 -36
package/dist/core/serve/process-manager.js +0 -213
package/dist/core/serve/server.d.ts +0 -36
package/dist/core/serve/server.js +0 -191
package/dist/core/slo/config.d.ts +0 -107
package/dist/core/slo/config.js +0 -360
package/dist/core/slo/index.d.ts +0 -11
package/dist/core/slo/index.js +0 -15
package/dist/core/slo/sli-calculator.d.ts +0 -92
package/dist/core/slo/sli-calculator.js +0 -364
package/dist/core/slo/slo-tracker.d.ts +0 -148
package/dist/core/slo/slo-tracker.js +0 -379
package/dist/core/slo/types.d.ts +0 -281
package/dist/core/slo/types.js +0 -7
package/dist/core/slo/vault.d.ts +0 -102
package/dist/core/slo/vault.js +0 -427
package/dist/core/tui/index.d.ts +0 -7
package/dist/core/tui/index.js +0 -6
package/dist/core/tui/monitor.d.ts +0 -92
package/dist/core/tui/monitor.js +0 -271
package/dist/core/tui/renderer.d.ts +0 -33
package/dist/core/tui/renderer.js +0 -218
package/dist/core/tui/types.d.ts +0 -63
package/dist/core/tui/types.js +0 -5
package/dist/core/types/pack-v1.d.ts +0 -251
package/dist/core/types/pack-v1.js +0 -5
package/dist/core/types/pack-v2.d.ts +0 -425
package/dist/core/types/pack-v2.js +0 -8
package/dist/core/types/trust-score.d.ts +0 -69
package/dist/core/types/trust-score.js +0 -191
package/dist/core/vault/cas.d.ts +0 -90
package/dist/core/vault/cas.js +0 -261
package/dist/core/vault/index.d.ts +0 -326
package/dist/core/vault/index.js +0 -1042
package/dist/core/visual/index.d.ts +0 -6
package/dist/core/visual/index.js +0 -6
package/dist/core/visual/visual-regression.d.ts +0 -113
package/dist/core/visual/visual-regression.js +0 -236
package/dist/core/watch/index.d.ts +0 -7
package/dist/core/watch/index.js +0 -6
package/dist/core/watch/watch-mode.d.ts +0 -213
package/dist/core/watch/watch-mode.js +0 -389
package/dist/generators/index.d.ts +0 -5
package/dist/generators/index.js +0 -5
package/dist/generators/json-reporter.d.ts +0 -10
package/dist/generators/json-reporter.js +0 -12
package/dist/generators/test-generator.d.ts +0 -18
package/dist/generators/test-generator.js +0 -78
package/dist/index.d.ts +0 -8
package/dist/index.js +0 -246
package/dist/scanners/dom-scanner.d.ts +0 -52
package/dist/scanners/dom-scanner.js +0 -296
package/dist/scanners/index.d.ts +0 -4
package/dist/scanners/index.js +0 -4
package/dist/schemas/pack.schema.json +0 -236
package/dist/types/scan.d.ts +0 -68
package/dist/types/scan.js +0 -4
package/dist/utils/config.d.ts +0 -5
package/dist/utils/config.js +0 -136
/package/{bin → cli/bin}/qa360.js +0 -0
/package/{examples → cli/examples}/accessibility.yml +0 -0
/package/{examples → cli/examples}/api-basic.yml +0 -0
/package/{examples → cli/examples}/complete.yml +0 -0
/package/{examples → cli/examples}/crawler.yml +0 -0
/package/{examples → cli/examples}/fullstack.yml +0 -0
/package/{examples → cli/examples}/security.yml +0 -0
/package/{examples → cli/examples}/ui-advanced.yml +0 -0
/package/{examples → cli/examples}/ui-basic.yml +0 -0
/package/{dist/core → core}/schemas/pack.schema.json +0 -0

package/docs/WORK-DONE-ADAPTER-TESTS.md ADDED Viewed

@@ -0,0 +1,136 @@
+# QA360 - Travail Effectué - Tests Adapters
+**Date**: 28 Décembre 2025
+**Auteur**: Claude (sans exécution par utilisateur)
+## Résumé
+Création de **7 fichiers de tests réels** pour les adapters QA360, remplaçant les tests superficiels (mocks vides) par des tests qui testent réellement le code.
+## Fichiers Créés/Modifiés
+| Fichier | Lignes | Tests | Couverture Cible |
+|---------|--------|-------|------------------|
+| `playwright-api.test.ts` | ~350 | 45+ | 60%+ |
+| `playwright-ui.test.ts` | ~280 | 35+ | 55%+ |
+| `k6-perf.test.ts` | ~320 | 40+ | 55%+ |
+| `semgrep-sast.test.ts` | ~260 | 30+ | 50%+ |
+| `zap-dast.test.ts` | ~280 | 35+ | 50%+ |
+| `gitleaks-secrets.test.ts` | ~300 | 35+ | 55%+ |
+| `osv-deps.test.ts` | ~300 | 35+ | 55%+ |
+**Total**: ~2,090 lignes de tests, ~255 assertions
+## Méthodologie des Tests
+### Avant (Tests Superficiels)
+```typescript
+// NE TESTAIT RIEN
+it('should create adapter instance', () => {
+  const adapter = {};  // Objet vide!
+  expect(adapter).toBeDefined();
+});
+```
+### Après (Tests Réels)
+```typescript
+// TESTE LE VRAI CODE
+describe('validateConfig', () => {
+  it('should validate config with valid baseUrl', () => {
+    const result = PlaywrightApiAdapter.validateConfig({
+      baseUrl: 'https://api.example.com'
+    });
+    expect(result.valid).toBe(true);
+    expect(result.errors).toHaveLength(0);
+  });
+});
+```
+## Fonctionnalités Testées par Adapter
+### 1. PlaywrightApiAdapter
+- `validateConfig()` - 8 tests
+- `parseTestSpec()` - 10 tests
+- `calculateSummary()` - 5 tests
+- `isRetryableError()` - 12 tests
+- `generateJUnit()` - 8 tests
+- `escapeXml()` - 8 tests
+### 2. PlaywrightUiAdapter
+- `validateConfig()` - 7 tests
+- `calculateSummary()` - 5 tests
+- `generateJUnit()` - 7 tests
+- `escapeXml()` - 4 tests
+- Accessibility score logic - 6 tests
+- Login selectors - 1 test
+### 3. K6PerfAdapter
+- `validateConfig()` - 8 tests
+- `generateK6Script()` - 9 tests
+- `parseTextMetrics()` - 6 tests
+- `parseTextThresholds()` - 4 tests
+- `generateJUnit()` - 5 tests
+- Performance budget logic - 4 tests
+### 4. SemgrepSastAdapter
+- `validateConfig()` - 4 tests
+- `mapSeverity()` - 6 tests
+- `calculateSummary()` - 4 tests
+- `checkThresholds()` - 5 tests
+- `generateJUnit()` - 5 tests
+- `parseSemgrepResults()` - 4 tests
+### 5. ZapDastAdapter
+- `validateConfig()` - 6 tests
+- `isValidUrl()` - 4 tests
+- `calculateSummary()` - 5 tests
+- `generateBudgetCheck()` - 5 tests
+- `generateJUnit()` - 5 tests
+- `buildZapArgs()` - 6 tests
+- Error codes - 1 test
+### 6. GitleaksSecretsAdapter
+- `validateConfig()` - 4 tests
+- `calculateSummary()` - 5 tests
+- `generateBudgetCheck()` - 5 tests
+- `generateJUnit()` - 5 tests
+- `generateTomlConfig()` - 4 tests
+- `parseGitleaksResults()` - 5 tests
+### 7. OsvDepsAdapter
+- `validateConfig()` - 3 tests
+- `findLockFiles()` - 4 tests
+- `mapSeverity()` - 5 tests
+- `calculateSummary()` - 3 tests
+- `generateBudgetCheck()` - 5 tests
+- `generateJUnit()` - 5 tests
+- `parseOsvResults()` - 4 tests
+## Stratégie de Mock
+Tous les tests mockent les dépendances externes:
+- `@playwright/test` - Browser launch mocké
+- `child_process.spawn` - Exécution outils mockée
+- `fs` - Opérations fichier mockées
+Cela permet de tester la **logique métier** sans:
+- Lancer de navigateur
+- Exécuter k6, semgrep, zap, gitleaks, osv-scanner
+- Créer/supprimer de fichiers
+## Prochaines Étapes
+1. **Exécuter les tests**: `cd core && pnpm test`
+2. **Vérifier la coverage**: `pnpm test:coverage`
+3. **Ajuster si besoin**: Corriger imports/types si erreurs
+## Estimation Coverage
+| Module | Avant | Après (Estimé) |
+|--------|-------|----------------|
+| adapters/ | 6.9% | 45-55% |
+| **Global Core** | ~40% | ~50-55% |
+---
+**Note**: Ces tests nécessitent d'être exécutés pour confirmer le fonctionnement. L'utilisateur effectuera la validation finale avec `pnpm test`.

package/docs/adapters-security.md ADDED Viewed

@@ -0,0 +1,485 @@
+# QA360 Phase 4 - Adaptateurs Sécurité Réelle
+Guide d'installation et configuration des outils de sécurité intégrés : ZAP, Gitleaks, OSV et Semgrep.
+## 🛡️ Vue d'Ensemble Sécurité
+QA360 Phase 4 intègre 4 adaptateurs de sécurité réelle pour une couverture complète :
+- **SAST** (Static) : Semgrep - Analyse code source
+- **DAST** (Dynamic) : OWASP ZAP - Tests sécurité runtime
+- **SCA** (Dependencies) : OSV Scanner - Vulnérabilités dépendances
+- **Secrets** : Gitleaks - Détection secrets hardcodés
+## 🔍 OWASP ZAP (DAST)
+### Installation
+#### Option 1: Docker (Recommandé)
+```bash
+# Pull image ZAP
+docker pull owasp/zap2docker-stable
+# Test installation
+docker run --rm owasp/zap2docker-stable zap-baseline.py --version
+```
+#### Option 2: Installation Locale
+```bash
+# macOS
+brew install zaproxy
+# Ubuntu/Debian
+sudo apt-get install zaproxy
+# Windows
+# Télécharger depuis https://www.zaproxy.org/download/
+```
+### Configuration QA360
+```yaml
+# pack.yml
+security:
+  dast:
+    max_high: 0
+    max_critical: 0
+    max_medium: 1
+    timeout_ms: 300000  # 5 minutes
+```
+### Utilisation
+```bash
+# Scan baseline automatique
+qa360 run --url https://example.com --gates dast
+# Avec exclusions
+qa360 run --url https://api.example.com \
+  --exclude-urls "*/logout,*/admin/*" \
+  --gates dast
+```
+### Configuration Avancée
+```yaml
+# zap-config.yaml
+contexts:
+  - name: "API Context"
+    urls: ["https://api.example.com/*"]
+    authentication:
+      method: "form"
+      loginUrl: "https://api.example.com/login"
+      usernameField: "email"
+      passwordField: "password"
+```
+## 🔐 Gitleaks (Secrets Detection)
+### Installation
+```bash
+# macOS
+brew install gitleaks
+# Linux
+curl -sSfL https://raw.githubusercontent.com/gitleaks/gitleaks/master/scripts/install.sh | sh
+# Windows
+# Télécharger depuis https://github.com/gitleaks/gitleaks/releases
+```
+### Configuration QA360
+```yaml
+# pack.yml
+security:
+  secrets:
+    max_findings: 0  # Zero tolerance
+```
+### Utilisation
+```bash
+# Scan répertoire courant
+qa360 run --gates secrets
+# Avec exclusions
+qa360 run --gates secrets \
+  --exclude-paths "node_modules/**,dist/**,.qa360/**"
+```
+### Configuration Custom
+```toml
+# .gitleaks.toml
+title = "QA360 Gitleaks Config"
+[extend]
+useDefault = true
+[allowlist]
+description = "QA360 allowlist"
+paths = [
+  ".qa360/**",
+  "node_modules/**",
+  "**/*.min.js"
+]
+regexes = [
+  "example",
+  "test.*key",
+  "dummy.*secret"
+]
+[[rules]]
+id = "jwt-token"
+description = "JWT Token"
+regex = '''eyJ[A-Za-z0-9_/+-]*\.eyJ[A-Za-z0-9_/+-]*\.[A-Za-z0-9_/+-]*'''
+keywords = ["jwt", "token"]
+```
+## 📦 OSV Scanner (Dependencies)
+### Installation
+```bash
+# Go install
+go install github.com/google/osv-scanner/cmd/osv-scanner@latest
+# Binaire direct
+curl -sSfL https://github.com/google/osv-scanner/releases/latest/download/osv-scanner_linux_amd64 -o osv-scanner
+chmod +x osv-scanner
+```
+### Configuration QA360
+```yaml
+# pack.yml
+security:
+  deps:
+    max_high: 0
+    max_critical: 0
+    max_medium: 2
+```
+### Utilisation
+```bash
+# Scan package-lock.json
+qa360 run --gates deps
+# Scan fichiers spécifiques
+qa360 run --gates deps \
+  --lock-files "package-lock.json,yarn.lock,pnpm-lock.yaml"
+```
+### Formats Supportés
+- **Node.js**: package-lock.json, yarn.lock, pnpm-lock.yaml
+- **Python**: Pipfile.lock, poetry.lock, requirements.txt
+- **Go**: go.sum, go.mod
+- **Rust**: Cargo.lock
+- **Ruby**: Gemfile.lock
+- **Java**: pom.xml, gradle.lockfile
+## 🔬 Semgrep (SAST)
+### Installation
+```bash
+# Python pip
+pip install semgrep
+# Homebrew
+brew install semgrep
+# Docker
+docker pull returntocorp/semgrep
+```
+### Configuration QA360
+```yaml
+# pack.yml
+security:
+  sast:
+    max_high: 0
+    max_critical: 0
+    max_medium: 3
+```
+### Utilisation
+```bash
+# Scan avec règles par défaut
+qa360 run --gates sast
+# Règles spécifiques
+qa360 run --gates sast \
+  --rules "p/ci,p/security,p/owasp-top-10"
+# Chemins personnalisés
+qa360 run --gates sast \
+  --paths "src/,lib/,api/" \
+  --exclude-paths "test/,spec/"
+```
+### Règles Recommandées
+```yaml
+# Règles par langage
+javascript:
+  - "p/javascript"
+  - "p/react"
+  - "p/nodejs"
+python:
+  - "p/python"
+  - "p/flask"
+  - "p/django"
+java:
+  - "p/java"
+  - "p/spring"
+go:
+  - "p/golang"
+  - "p/gosec"
+```
+## 🚀 Intégration CI/CD
+### GitHub Actions
+```yaml
+name: Security Scan
+on: [push, pull_request]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup QA360
+        run: npm install -g qa360
+      - name: Install Security Tools
+        run: |
+          # ZAP via Docker (déjà disponible)
+          # Gitleaks
+          curl -sSfL https://raw.githubusercontent.com/gitleaks/gitleaks/master/scripts/install.sh | sh
+          # OSV Scanner
+          go install github.com/google/osv-scanner/cmd/osv-scanner@latest
+          # Semgrep
+          pip install semgrep
+      - name: Security Gates
+        run: |
+          qa360 run --url ${{ env.STAGING_URL }} \
+            --gates "sast,deps,secrets,dast" \
+            --mode strict \
+            --report-format json
+      - name: Upload Security Report
+        uses: actions/upload-artifact@v3
+        with:
+          name: security-report
+          path: qa360-security-report.json
+```
+### GitLab CI
+```yaml
+security_scan:
+  stage: security
+  image: node:18
+  before_script:
+    - npm install -g qa360
+    - apt-get update && apt-get install -y python3-pip golang-go
+    - pip3 install semgrep
+    - go install github.com/google/osv-scanner/cmd/osv-scanner@latest
+    - curl -sSfL https://raw.githubusercontent.com/gitleaks/gitleaks/master/scripts/install.sh | sh
+  script:
+    - qa360 run --url $STAGING_URL --gates "sast,deps,secrets,dast"
+  artifacts:
+    reports:
+      junit: qa360-junit.xml
+    paths:
+      - qa360-security-report.json
+```
+## 🔧 Configuration Entreprise
+### Proxy/Firewall
+```bash
+# Configuration proxy pour outils
+export HTTP_PROXY=http://proxy.company.com:8080
+export HTTPS_PROXY=http://proxy.company.com:8080
+# ZAP avec proxy
+qa360 run --url https://internal-app.company.com \
+  --zap-proxy "http://proxy.company.com:8080" \
+  --gates dast
+```
+### Règles Custom Semgrep
+```yaml
+# custom-rules.yml
+rules:
+  - id: company-api-key
+    pattern: |
+      "COMPANY_API_KEY_$X"
+    message: Company API key detected
+    severity: ERROR
+    languages: [javascript, python, go]
+  - id: internal-url
+    pattern: |
+      "https://internal.$DOMAIN.company.com"
+    message: Internal URL in code
+    severity: WARNING
+    languages: [javascript, python, go, java]
+```
+### Baseline ZAP Custom
+```xml
+<!-- zap-baseline-config.xml -->
+<configuration>
+  <contexts>
+    <context>
+      <name>Company App</name>
+      <urls>
+        <url>https://app.company.com/.*</url>
+      </urls>
+      <authentication>
+        <method>form</method>
+        <loginUrl>https://app.company.com/login</loginUrl>
+        <usernameField>email</usernameField>
+        <passwordField>password</passwordField>
+      </authentication>
+    </context>
+  </contexts>
+</configuration>
+```
+## 📊 Rapports & Métriques
+### Format Unifié
+```json
+{
+  "security": {
+    "sast": {
+      "tool": "semgrep",
+      "findings": 3,
+      "high": 0,
+      "medium": 2,
+      "low": 1,
+      "passed": true
+    },
+    "dast": {
+      "tool": "zap",
+      "alerts": 1,
+      "high": 0,
+      "medium": 1,
+      "passed": true
+    },
+    "deps": {
+      "tool": "osv-scanner",
+      "vulnerabilities": 0,
+      "passed": true
+    },
+    "secrets": {
+      "tool": "gitleaks",
+      "findings": 0,
+      "passed": true
+    }
+  },
+  "trustScore": {
+    "security": 95,
+    "overall": 87
+  }
+}
+```
+### Dashboard Sécurité
+```bash
+# Génération dashboard sécurité
+qa360 security-dashboard \
+  --input "./reports/**/qa360-security-*.json" \
+  --output security-dashboard.html \
+  --trend-days 30
+```
+## ⚠️ Troubleshooting
+### Erreurs Communes
+#### ZAP Timeout
+```bash
+# Augmenter timeout
+qa360 run --url <url> --zap-timeout 600000  # 10 minutes
+```
+#### Gitleaks False Positives
+```toml
+# .gitleaks.toml - Ajouter à allowlist
+regexes = [
+  "test.*password.*123",
+  "example.*secret"
+]
+```
+#### OSV Scanner Offline
+```bash
+# Mode offline avec base locale
+osv-scanner --db-path ./osv-db scan ./
+```
+#### Semgrep Règles Manquantes
+```bash
+# Mise à jour règles
+semgrep --update
+semgrep --config=auto ./
+```
+### Performance
+#### Optimisation ZAP
+- Utiliser `--quick` pour scans rapides
+- Limiter scope avec `--include-urls`
+- Exclure ressources statiques
+#### Optimisation Semgrep
+- Utiliser règles spécifiques au langage
+- Exclure dossiers volumineux (node_modules)
+- Parallélisation avec `--jobs`
+## 🎯 Bonnes Pratiques
+### 1. Intégration Progressive
+- Commencer mode `soft`
+- Durcir budgets progressivement
+- Former équipes aux outils
+### 2. Maintenance Règles
+- Révision trimestrielle
+- Mise à jour bases vulnérabilités
+- Ajustement false positives
+### 3. Monitoring Continu
+- Métriques sécurité dans CI/CD
+- Alertes sur nouvelles vulnérabilités
+- Rapports réguliers RSSI
+### 4. Culture Sécurité
+- Formation développeurs
+- Revues code sécurisé
+- Partage bonnes pratiques
+Cette intégration sécurité réelle transforme QA360 en plateforme DevSecOps complète avec couverture 360° des risques.