npm - tlc-claude-code - Versions diffs - 1.2.29 → 1.4.0 - Mend

tlc-claude-code 1.2.29 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (182) hide show

package/dashboard/dist/components/AuditPane.d.ts +30 -0
package/dashboard/dist/components/AuditPane.js +127 -0
package/dashboard/dist/components/AuditPane.test.d.ts +1 -0
package/dashboard/dist/components/AuditPane.test.js +339 -0
package/dashboard/dist/components/CompliancePane.d.ts +39 -0
package/dashboard/dist/components/CompliancePane.js +96 -0
package/dashboard/dist/components/CompliancePane.test.d.ts +1 -0
package/dashboard/dist/components/CompliancePane.test.js +183 -0
package/dashboard/dist/components/SSOPane.d.ts +36 -0
package/dashboard/dist/components/SSOPane.js +71 -0
package/dashboard/dist/components/SSOPane.test.d.ts +1 -0
package/dashboard/dist/components/SSOPane.test.js +155 -0
package/dashboard/dist/components/UsagePane.d.ts +13 -0
package/dashboard/dist/components/UsagePane.js +51 -0
package/dashboard/dist/components/UsagePane.test.d.ts +1 -0
package/dashboard/dist/components/UsagePane.test.js +142 -0
package/dashboard/dist/components/WorkspaceDocsPane.d.ts +19 -0
package/dashboard/dist/components/WorkspaceDocsPane.js +130 -0
package/dashboard/dist/components/WorkspaceDocsPane.test.d.ts +1 -0
package/dashboard/dist/components/WorkspaceDocsPane.test.js +242 -0
package/dashboard/dist/components/WorkspacePane.d.ts +18 -0
package/dashboard/dist/components/WorkspacePane.js +17 -0
package/dashboard/dist/components/WorkspacePane.test.d.ts +1 -0
package/dashboard/dist/components/WorkspacePane.test.js +84 -0
package/dashboard/dist/components/ZeroRetentionPane.d.ts +44 -0
package/dashboard/dist/components/ZeroRetentionPane.js +83 -0
package/dashboard/dist/components/ZeroRetentionPane.test.d.ts +1 -0
package/dashboard/dist/components/ZeroRetentionPane.test.js +160 -0
package/package.json +1 -1
package/server/lib/access-control-doc.js +541 -0
package/server/lib/access-control-doc.test.js +672 -0
package/server/lib/adr-generator.js +423 -0
package/server/lib/adr-generator.test.js +586 -0
package/server/lib/agent-progress-monitor.js +223 -0
package/server/lib/agent-progress-monitor.test.js +202 -0
package/server/lib/architecture-command.js +450 -0
package/server/lib/architecture-command.test.js +754 -0
package/server/lib/ast-analyzer.js +324 -0
package/server/lib/ast-analyzer.test.js +437 -0
package/server/lib/audit-attribution.js +191 -0
package/server/lib/audit-attribution.test.js +359 -0
package/server/lib/audit-classifier.js +202 -0
package/server/lib/audit-classifier.test.js +209 -0
package/server/lib/audit-command.js +275 -0
package/server/lib/audit-command.test.js +325 -0
package/server/lib/audit-exporter.js +380 -0
package/server/lib/audit-exporter.test.js +464 -0
package/server/lib/audit-logger.js +236 -0
package/server/lib/audit-logger.test.js +364 -0
package/server/lib/audit-query.js +257 -0
package/server/lib/audit-query.test.js +352 -0
package/server/lib/audit-storage.js +269 -0
package/server/lib/audit-storage.test.js +272 -0
package/server/lib/auth-system.test.js +4 -1
package/server/lib/boundary-detector.js +427 -0
package/server/lib/boundary-detector.test.js +320 -0
package/server/lib/budget-alerts.js +138 -0
package/server/lib/budget-alerts.test.js +235 -0
package/server/lib/bulk-repo-init.js +342 -0
package/server/lib/bulk-repo-init.test.js +388 -0
package/server/lib/candidates-tracker.js +210 -0
package/server/lib/candidates-tracker.test.js +300 -0
package/server/lib/checkpoint-manager.js +251 -0
package/server/lib/checkpoint-manager.test.js +474 -0
package/server/lib/circular-detector.js +337 -0
package/server/lib/circular-detector.test.js +353 -0
package/server/lib/cohesion-analyzer.js +310 -0
package/server/lib/cohesion-analyzer.test.js +447 -0
package/server/lib/compliance-checklist.js +866 -0
package/server/lib/compliance-checklist.test.js +476 -0
package/server/lib/compliance-command.js +616 -0
package/server/lib/compliance-command.test.js +551 -0
package/server/lib/compliance-reporter.js +692 -0
package/server/lib/compliance-reporter.test.js +707 -0
package/server/lib/contract-testing.js +625 -0
package/server/lib/contract-testing.test.js +342 -0
package/server/lib/conversion-planner.js +469 -0
package/server/lib/conversion-planner.test.js +361 -0
package/server/lib/convert-command.js +351 -0
package/server/lib/convert-command.test.js +608 -0
package/server/lib/coupling-calculator.js +189 -0
package/server/lib/coupling-calculator.test.js +509 -0
package/server/lib/data-flow-doc.js +665 -0
package/server/lib/data-flow-doc.test.js +659 -0
package/server/lib/dependency-graph.js +367 -0
package/server/lib/dependency-graph.test.js +516 -0
package/server/lib/duplication-detector.js +349 -0
package/server/lib/duplication-detector.test.js +401 -0
package/server/lib/ephemeral-storage.js +249 -0
package/server/lib/ephemeral-storage.test.js +254 -0
package/server/lib/evidence-collector.js +627 -0
package/server/lib/evidence-collector.test.js +901 -0
package/server/lib/example-service.js +616 -0
package/server/lib/example-service.test.js +397 -0
package/server/lib/flow-diagram-generator.js +474 -0
package/server/lib/flow-diagram-generator.test.js +446 -0
package/server/lib/idp-manager.js +626 -0
package/server/lib/idp-manager.test.js +587 -0
package/server/lib/impact-scorer.js +184 -0
package/server/lib/impact-scorer.test.js +211 -0
package/server/lib/memory-exclusion.js +326 -0
package/server/lib/memory-exclusion.test.js +241 -0
package/server/lib/mermaid-generator.js +358 -0
package/server/lib/mermaid-generator.test.js +301 -0
package/server/lib/messaging-patterns.js +750 -0
package/server/lib/messaging-patterns.test.js +213 -0
package/server/lib/mfa-handler.js +452 -0
package/server/lib/mfa-handler.test.js +490 -0
package/server/lib/microservice-template.js +386 -0
package/server/lib/microservice-template.test.js +325 -0
package/server/lib/new-project-microservice.js +450 -0
package/server/lib/new-project-microservice.test.js +600 -0
package/server/lib/oauth-flow.js +375 -0
package/server/lib/oauth-flow.test.js +487 -0
package/server/lib/oauth-registry.js +190 -0
package/server/lib/oauth-registry.test.js +306 -0
package/server/lib/readme-generator.js +490 -0
package/server/lib/readme-generator.test.js +493 -0
package/server/lib/refactor-command.js +326 -0
package/server/lib/refactor-command.test.js +528 -0
package/server/lib/refactor-executor.js +254 -0
package/server/lib/refactor-executor.test.js +305 -0
package/server/lib/refactor-observer.js +292 -0
package/server/lib/refactor-observer.test.js +422 -0
package/server/lib/refactor-progress.js +193 -0
package/server/lib/refactor-progress.test.js +251 -0
package/server/lib/refactor-reporter.js +237 -0
package/server/lib/refactor-reporter.test.js +247 -0
package/server/lib/repo-dependency-tracker.js +261 -0
package/server/lib/repo-dependency-tracker.test.js +350 -0
package/server/lib/retention-policy.js +281 -0
package/server/lib/retention-policy.test.js +486 -0
package/server/lib/role-mapper.js +236 -0
package/server/lib/role-mapper.test.js +395 -0
package/server/lib/saml-provider.js +765 -0
package/server/lib/saml-provider.test.js +643 -0
package/server/lib/security-policy-generator.js +682 -0
package/server/lib/security-policy-generator.test.js +544 -0
package/server/lib/semantic-analyzer.js +198 -0
package/server/lib/semantic-analyzer.test.js +474 -0
package/server/lib/sensitive-detector.js +112 -0
package/server/lib/sensitive-detector.test.js +209 -0
package/server/lib/service-interaction-diagram.js +700 -0
package/server/lib/service-interaction-diagram.test.js +638 -0
package/server/lib/service-scaffold.js +486 -0
package/server/lib/service-scaffold.test.js +373 -0
package/server/lib/service-summary.js +553 -0
package/server/lib/service-summary.test.js +619 -0
package/server/lib/session-purge.js +460 -0
package/server/lib/session-purge.test.js +312 -0
package/server/lib/shared-kernel.js +578 -0
package/server/lib/shared-kernel.test.js +255 -0
package/server/lib/sso-command.js +544 -0
package/server/lib/sso-command.test.js +552 -0
package/server/lib/sso-session.js +492 -0
package/server/lib/sso-session.test.js +670 -0
package/server/lib/traefik-config.js +282 -0
package/server/lib/traefik-config.test.js +312 -0
package/server/lib/usage-command.js +218 -0
package/server/lib/usage-command.test.js +391 -0
package/server/lib/usage-formatter.js +192 -0
package/server/lib/usage-formatter.test.js +267 -0
package/server/lib/usage-history.js +122 -0
package/server/lib/usage-history.test.js +206 -0
package/server/lib/workspace-command.js +249 -0
package/server/lib/workspace-command.test.js +264 -0
package/server/lib/workspace-config.js +270 -0
package/server/lib/workspace-config.test.js +312 -0
package/server/lib/workspace-docs-command.js +547 -0
package/server/lib/workspace-docs-command.test.js +692 -0
package/server/lib/workspace-memory.js +451 -0
package/server/lib/workspace-memory.test.js +403 -0
package/server/lib/workspace-scanner.js +452 -0
package/server/lib/workspace-scanner.test.js +677 -0
package/server/lib/workspace-test-runner.js +315 -0
package/server/lib/workspace-test-runner.test.js +294 -0
package/server/lib/zero-retention-command.js +439 -0
package/server/lib/zero-retention-command.test.js +448 -0
package/server/lib/zero-retention.js +322 -0
package/server/lib/zero-retention.test.js +258 -0
package/server/package-lock.json +14 -0
package/server/package.json +1 -0

package/server/lib/sensitive-detector.js ADDED Viewed

@@ -0,0 +1,112 @@
+/**
+ * Sensitive Data Detector Module
+ * Detects and classifies sensitive data types like API keys, PII, and secrets
+ */
+/**
+ * Patterns for detecting sensitive data
+ */
+const PATTERNS = {
+  // API Keys and Tokens
+  openai_api_key: /sk-[a-zA-Z0-9]{32,}/g,
+  aws_access_key: /AKIA[0-9A-Z]{16}/g,
+  github_token: /ghp_[a-zA-Z0-9]{36,}/g,
+  github_pat: /github_pat_[a-zA-Z0-9_]{22,}/g,
+  // Private Keys
+  private_key: /-----BEGIN (RSA |OPENSSH |EC |DSA |PGP )?PRIVATE KEY-----/g,
+  // Passwords in config files
+  password: /(?:password|passwd|pwd|secret|api_key|apikey|auth_token|access_token)[=:]\s*["']?([^"'\s\n]+)["']?/gi,
+  // PII
+  ssn: /\b\d{3}-\d{2}-\d{4}\b/g,
+  credit_card: /\b(?:\d{4}[-\s]?){3}\d{4}\b/g,
+  email: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b/g,
+  phone_number: /(?:\(\d{3}\)\s*|\b\d{3}[-.])\d{3}[-.]?\d{4}\b/g,
+};
+/**
+ * Sensitivity levels for different data types
+ */
+const SENSITIVITY_LEVELS = {
+  // Critical - secrets that can lead to unauthorized access
+  openai_api_key: 'critical',
+  aws_access_key: 'critical',
+  github_token: 'critical',
+  github_pat: 'critical',
+  private_key: 'critical',
+  password: 'critical',
+  // High - sensitive PII
+  ssn: 'high',
+  credit_card: 'high',
+  // Medium - contact information
+  email: 'medium',
+  phone_number: 'medium',
+};
+/**
+ * Detect sensitive data in content
+ * @param {string} content - The content to scan
+ * @returns {Array<{type: string, match: string, index: number}>} Array of detected sensitive items
+ */
+function detectSensitive(content) {
+  const results = [];
+  for (const [type, pattern] of Object.entries(PATTERNS)) {
+    // Reset regex lastIndex for global patterns
+    pattern.lastIndex = 0;
+    let match;
+    while ((match = pattern.exec(content)) !== null) {
+      results.push({
+        type,
+        match: match[0],
+        index: match.index,
+      });
+    }
+  }
+  // Sort by index for consistent ordering
+  results.sort((a, b) => a.index - b.index);
+  return results;
+}
+/**
+ * Get the sensitivity level for a given data type
+ * @param {string} type - The type of sensitive data
+ * @returns {string} Sensitivity level: 'critical', 'high', 'medium', or 'low'
+ */
+function getSensitivityLevel(type) {
+  return SENSITIVITY_LEVELS[type] || 'low';
+}
+/**
+ * Classify a string to determine its sensitive data type
+ * @param {string} value - The string to classify
+ * @returns {string|null} The type of sensitive data, or null if not sensitive
+ */
+function classifyType(value) {
+  // Check each pattern to find a match
+  for (const [type, pattern] of Object.entries(PATTERNS)) {
+    // Reset regex lastIndex
+    pattern.lastIndex = 0;
+    if (pattern.test(value)) {
+      return type;
+    }
+  }
+  return null;
+}
+module.exports = {
+  detectSensitive,
+  getSensitivityLevel,
+  classifyType,
+  PATTERNS,
+  SENSITIVITY_LEVELS,
+};

package/server/lib/sensitive-detector.test.js ADDED Viewed

@@ -0,0 +1,209 @@
+import { describe, it, expect } from 'vitest';
+import {
+  detectSensitive,
+  getSensitivityLevel,
+  classifyType,
+} from './sensitive-detector.js';
+describe('sensitive-detector', () => {
+  describe('detectSensitive', () => {
+    it('identifies OpenAI API keys (sk-...)', () => {
+      const content = 'OPENAI_KEY=sk-1234567890abcdefghijklmnopqrstuvwxyz12345678';
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(1);
+      expect(result[0].type).toBe('openai_api_key');
+      expect(result[0].match).toContain('sk-');
+    });
+    it('identifies AWS credentials (AKIA...)', () => {
+      const content = 'aws_access_key_id = AKIAIOSFODNN7EXAMPLE';
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(1);
+      expect(result[0].type).toBe('aws_access_key');
+      expect(result[0].match).toContain('AKIA');
+    });
+    it('identifies GitHub tokens (ghp_...)', () => {
+      const content = 'GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(1);
+      expect(result[0].type).toBe('github_token');
+      expect(result[0].match).toContain('ghp_');
+    });
+    it('identifies GitHub personal access tokens (github_pat_...)', () => {
+      const content = 'TOKEN=github_pat_11ABCDEFG_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(1);
+      expect(result[0].type).toBe('github_pat');
+      expect(result[0].match).toContain('github_pat_');
+    });
+    it('identifies passwords in config', () => {
+      const content = `
+        db_password: "super_secret_123"
+        password=mysecretpassword
+        MYSQL_ROOT_PASSWORD=rootpass
+      `;
+      const result = detectSensitive(content);
+      expect(result.length).toBeGreaterThanOrEqual(3);
+      const passwordMatches = result.filter(r => r.type === 'password');
+      expect(passwordMatches.length).toBeGreaterThanOrEqual(3);
+    });
+    it('identifies email addresses', () => {
+      const content = 'Contact us at user@example.com or support@company.org';
+      const result = detectSensitive(content);
+      expect(result.length).toBeGreaterThanOrEqual(2);
+      const emails = result.filter(r => r.type === 'email');
+      expect(emails.length).toBeGreaterThanOrEqual(2);
+      expect(emails.some(e => e.match.includes('user@example.com'))).toBe(true);
+      expect(emails.some(e => e.match.includes('support@company.org'))).toBe(true);
+    });
+    it('identifies phone numbers', () => {
+      const content = 'Call us at 555-123-4567 or (555) 987-6543';
+      const result = detectSensitive(content);
+      expect(result.length).toBeGreaterThanOrEqual(2);
+      const phones = result.filter(r => r.type === 'phone_number');
+      expect(phones.length).toBeGreaterThanOrEqual(2);
+    });
+    it('identifies SSN patterns (XXX-XX-XXXX)', () => {
+      const content = 'SSN: 123-45-6789';
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(1);
+      expect(result[0].type).toBe('ssn');
+      expect(result[0].match).toContain('123-45-6789');
+    });
+    it('identifies credit card numbers', () => {
+      const content = 'Card: 4111-1111-1111-1111 or 5500 0000 0000 0004';
+      const result = detectSensitive(content);
+      expect(result.length).toBeGreaterThanOrEqual(2);
+      const cards = result.filter(r => r.type === 'credit_card');
+      expect(cards.length).toBeGreaterThanOrEqual(2);
+    });
+    it('identifies RSA private keys', () => {
+      const content = `
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAx...
+-----END RSA PRIVATE KEY-----
+      `;
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(1);
+      expect(result[0].type).toBe('private_key');
+      expect(result[0].match).toContain('BEGIN RSA PRIVATE KEY');
+    });
+    it('identifies SSH private keys', () => {
+      const content = `
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAA...
+-----END OPENSSH PRIVATE KEY-----
+      `;
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(1);
+      expect(result[0].type).toBe('private_key');
+      expect(result[0].match).toContain('BEGIN OPENSSH PRIVATE KEY');
+    });
+    it('returns empty array for content with no sensitive data', () => {
+      const content = 'This is just regular text with no secrets.';
+      const result = detectSensitive(content);
+      expect(result).toHaveLength(0);
+    });
+    it('identifies multiple sensitive items in same content', () => {
+      const content = `
+        API_KEY=sk-1234567890abcdefghijklmnopqrstuvwxyz12345678
+        EMAIL=user@example.com
+        SSN: 123-45-6789
+      `;
+      const result = detectSensitive(content);
+      expect(result.length).toBeGreaterThanOrEqual(3);
+    });
+  });
+  describe('getSensitivityLevel', () => {
+    it("returns 'critical' for secrets", () => {
+      expect(getSensitivityLevel('openai_api_key')).toBe('critical');
+      expect(getSensitivityLevel('aws_access_key')).toBe('critical');
+      expect(getSensitivityLevel('github_token')).toBe('critical');
+      expect(getSensitivityLevel('github_pat')).toBe('critical');
+      expect(getSensitivityLevel('private_key')).toBe('critical');
+      expect(getSensitivityLevel('password')).toBe('critical');
+    });
+    it("returns 'high' for PII", () => {
+      expect(getSensitivityLevel('ssn')).toBe('high');
+      expect(getSensitivityLevel('credit_card')).toBe('high');
+    });
+    it("returns 'medium' for contact info", () => {
+      expect(getSensitivityLevel('email')).toBe('medium');
+      expect(getSensitivityLevel('phone_number')).toBe('medium');
+    });
+    it("returns 'low' for unknown types", () => {
+      expect(getSensitivityLevel('unknown_type')).toBe('low');
+    });
+  });
+  describe('classifyType', () => {
+    it('returns correct type for OpenAI API key', () => {
+      expect(classifyType('sk-1234567890abcdefghijklmnopqrstuvwxyz12345678')).toBe('openai_api_key');
+    });
+    it('returns correct type for AWS access key', () => {
+      expect(classifyType('AKIAIOSFODNN7EXAMPLE')).toBe('aws_access_key');
+    });
+    it('returns correct type for GitHub token', () => {
+      expect(classifyType('ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx')).toBe('github_token');
+    });
+    it('returns correct type for GitHub PAT', () => {
+      expect(classifyType('github_pat_11ABCDEFG_xxxxxxxxxxxxxxxx')).toBe('github_pat');
+    });
+    it('returns correct type for email', () => {
+      expect(classifyType('user@example.com')).toBe('email');
+    });
+    it('returns correct type for phone number', () => {
+      expect(classifyType('555-123-4567')).toBe('phone_number');
+    });
+    it('returns correct type for SSN', () => {
+      expect(classifyType('123-45-6789')).toBe('ssn');
+    });
+    it('returns correct type for credit card', () => {
+      expect(classifyType('4111-1111-1111-1111')).toBe('credit_card');
+    });
+    it('returns correct type for private key header', () => {
+      expect(classifyType('-----BEGIN RSA PRIVATE KEY-----')).toBe('private_key');
+      expect(classifyType('-----BEGIN OPENSSH PRIVATE KEY-----')).toBe('private_key');
+    });
+    it('returns null for non-sensitive content', () => {
+      expect(classifyType('just normal text')).toBeNull();
+    });
+  });
+});