tlc-claude-code 1.3.0 → 1.4.1

package/dashboard/dist/components/CompliancePane.test.js

@@ -0,0 +1,183 @@
+import { jsx as _jsx } from "react/jsx-runtime";
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { render } from 'ink-testing-library';
+import { CompliancePane } from './CompliancePane.js';
+describe('CompliancePane', () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+    });
+    afterEach(() => {
+        vi.useRealTimers();
+    });
+    const mockCategories = [
+        { name: 'Security', score: 92, gapCount: 2 },
+        { name: 'Availability', score: 88, gapCount: 3 },
+        { name: 'Confidentiality', score: 95, gapCount: 1 },
+        { name: 'Processing Integrity', score: 78, gapCount: 5 },
+        { name: 'Privacy', score: 85, gapCount: 4 },
+    ];
+    const mockEvidence = [
+        {
+            id: 'ev-1',
+            name: 'Access Control Policy',
+            collectedAt: '2024-01-15T10:30:00.000Z',
+            status: 'valid',
+        },
+        {
+            id: 'ev-2',
+            name: 'Encryption Audit',
+            collectedAt: '2024-01-14T14:00:00.000Z',
+            status: 'valid',
+        },
+        {
+            id: 'ev-3',
+            name: 'Network Security Scan',
+            collectedAt: '2024-01-13T09:00:00.000Z',
+            status: 'expired',
+        },
+    ];
+    const mockGaps = [
+        { id: 'gap-1', name: 'Missing encryption at rest', severity: 'high', status: 'open' },
+        { id: 'gap-2', name: 'Incomplete backup policy', severity: 'medium', status: 'in-progress' },
+        { id: 'gap-3', name: 'Outdated password policy', severity: 'low', status: 'open' },
+    ];
+    const mockTimeline = [
+        { id: 'tl-1', date: '2024-03-15', event: 'SOC 2 Type II Audit', status: 'upcoming' },
+        { id: 'tl-2', date: '2024-01-10', event: 'Internal Review', status: 'completed' },
+        { id: 'tl-3', date: '2023-09-20', event: 'SOC 2 Type I Certification', status: 'completed' },
+    ];
+    describe('renders compliance score correctly', () => {
+        it('renders compliance score correctly', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: [] }));
+            const output = lastFrame();
+            expect(output).toContain('Compliance');
+            expect(output).toContain('87');
+        });
+        it('shows score with progress bar', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 75, riskLevel: "medium", categories: [], evidence: [], gaps: [] }));
+            const output = lastFrame();
+            // Should have some kind of visual indicator
+            expect(output).toContain('75');
+        });
+    });
+    describe('renders category breakdown chart', () => {
+        it('renders category breakdown chart', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: mockCategories, evidence: [], gaps: [] }));
+            const output = lastFrame();
+            expect(output).toContain('Security');
+            expect(output).toContain('92');
+            expect(output).toContain('Availability');
+            expect(output).toContain('88');
+            expect(output).toContain('Privacy');
+            expect(output).toContain('85');
+        });
+        it('shows gap counts per category', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: mockCategories, evidence: [], gaps: [] }));
+            const output = lastFrame();
+            // Categories should show their gap counts
+            expect(output).toMatch(/Security.*2|2.*Security/);
+        });
+    });
+    describe('renders evidence collection list', () => {
+        it('renders evidence collection list', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: mockEvidence, gaps: [] }));
+            const output = lastFrame();
+            expect(output).toContain('Evidence');
+            expect(output).toContain('Access Control Policy');
+            expect(output).toContain('Encryption Audit');
+        });
+        it('shows evidence status', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: mockEvidence, gaps: [] }));
+            const output = lastFrame();
+            // Should indicate valid vs expired
+            expect(output).toMatch(/valid|expired/i);
+        });
+    });
+    describe('renders gap count with severity', () => {
+        it('renders gap count with severity', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: mockGaps }));
+            const output = lastFrame();
+            expect(output).toContain('Gap');
+            expect(output).toContain('Missing encryption at rest');
+        });
+        it('shows severity indicators', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: mockGaps }));
+            const output = lastFrame();
+            expect(output).toMatch(/high|medium|low/i);
+        });
+        it('shows gap status', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: mockGaps }));
+            const output = lastFrame();
+            expect(output).toMatch(/open|in-progress/i);
+        });
+    });
+    describe('download report button works', () => {
+        it('download report button shows when handler provided', () => {
+            const onDownloadReport = vi.fn();
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: [], onDownloadReport: onDownloadReport, isActive: true }));
+            const output = lastFrame();
+            expect(output).toMatch(/\[d\]|download|report/i);
+        });
+    });
+    describe('shows audit timeline', () => {
+        it('shows audit timeline', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: [], auditTimeline: mockTimeline }));
+            const output = lastFrame();
+            expect(output).toContain('Timeline');
+            expect(output).toContain('SOC 2 Type II Audit');
+            expect(output).toContain('Internal Review');
+        });
+        it('shows timeline event status', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: [], auditTimeline: mockTimeline }));
+            const output = lastFrame();
+            expect(output).toMatch(/upcoming|completed/i);
+        });
+    });
+    describe('handles loading state', () => {
+        it('handles loading state', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 0, riskLevel: "low", categories: [], evidence: [], gaps: [], loading: true }));
+            const output = lastFrame();
+            expect(output).toMatch(/loading|fetching/i);
+        });
+    });
+    describe('handles error state', () => {
+        it('handles error state', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 0, riskLevel: "low", categories: [], evidence: [], gaps: [], error: "Failed to fetch compliance data" }));
+            const output = lastFrame();
+            expect(output).toMatch(/error|failed/i);
+            expect(output).toContain('Failed to fetch compliance data');
+        });
+    });
+    describe('refresh button reloads data', () => {
+        it('refresh button shows when handler provided', () => {
+            const onRefresh = vi.fn();
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: [], onRefresh: onRefresh, isActive: true }));
+            const output = lastFrame();
+            expect(output).toMatch(/\[r\]|refresh|reload/i);
+        });
+    });
+    describe('shows last report date', () => {
+        it('shows last report date', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 87, riskLevel: "low", categories: [], evidence: [], gaps: [], lastReportDate: "2024-01-15" }));
+            const output = lastFrame();
+            expect(output).toContain('2024-01-15');
+        });
+    });
+    describe('risk level indicator', () => {
+        it('shows risk level low', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 90, riskLevel: "low", categories: [], evidence: [], gaps: [] }));
+            const output = lastFrame();
+            expect(output).toMatch(/low/i);
+        });
+        it('shows risk level high', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 45, riskLevel: "high", categories: [], evidence: [], gaps: [] }));
+            const output = lastFrame();
+            expect(output).toMatch(/high/i);
+        });
+        it('shows risk level critical', () => {
+            const { lastFrame } = render(_jsx(CompliancePane, { score: 25, riskLevel: "critical", categories: [], evidence: [], gaps: [] }));
+            const output = lastFrame();
+            expect(output).toMatch(/critical/i);
+        });
+    });
+});

package/dashboard/dist/components/SSOPane.d.ts

@@ -0,0 +1,36 @@
+export interface Provider {
+    name: string;
+    type: 'oauth' | 'saml';
+    status: 'connected' | 'error';
+    lastSync?: string;
+    error?: string;
+}
+export interface RoleMapping {
+    providerGroup: string;
+    localRole: string;
+}
+export interface SessionSummary {
+    active: number;
+    total: number;
+    byProvider: Record<string, number>;
+}
+export interface MfaStats {
+    enrolled: number;
+    total: number;
+    pending: number;
+    methods: string[];
+}
+export interface SSOPaneProps {
+    providers: Provider[];
+    roleMappings: RoleMapping[];
+    sessions: SessionSummary;
+    mfaStats: MfaStats;
+    onAddProvider?: () => void;
+    onRemoveProvider?: (name: string) => void;
+    onRefresh?: () => void;
+    loading?: boolean;
+    error?: string | null;
+    isActive?: boolean;
+}
+export declare function SSOPane({ providers, roleMappings, sessions, mfaStats, onAddProvider, onRemoveProvider, onRefresh, loading, error, isActive, }: SSOPaneProps): import("react/jsx-runtime").JSX.Element;
+export default SSOPane;

package/dashboard/dist/components/SSOPane.js

@@ -0,0 +1,71 @@
+import { jsx as _jsx, jsxs as _jsxs, Fragment as _Fragment } from "react/jsx-runtime";
+import { Box, Text, useInput } from 'ink';
+function formatTimestamp(ts) {
+    if (!ts)
+        return '';
+    try {
+        const date = new Date(ts);
+        if (isNaN(date.getTime()))
+            return '';
+        const hours = String(date.getUTCHours()).padStart(2, '0');
+        const minutes = String(date.getUTCMinutes()).padStart(2, '0');
+        const seconds = String(date.getUTCSeconds()).padStart(2, '0');
+        return `${hours}:${minutes}:${seconds}`;
+    }
+    catch {
+        return '';
+    }
+}
+function ProvidersList({ providers }) {
+    if (providers.length === 0) {
+        return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "Identity Providers:" }), _jsx(Text, { color: "gray", children: "  No providers configured" })] }));
+    }
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "Identity Providers:" }), providers.map((provider) => {
+                const statusColor = provider.status === 'connected' ? 'green' : 'red';
+                const statusLabel = provider.status === 'connected' ? 'connected' : 'error';
+                const timestamp = formatTimestamp(provider.lastSync);
+                return (_jsxs(Box, { flexDirection: "column", children: [_jsxs(Box, { children: [_jsx(Text, { children: "  " }), _jsx(Text, { bold: true, children: provider.name }), _jsxs(Text, { dimColor: true, children: [" (", provider.type, ") "] }), _jsxs(Text, { color: statusColor, children: ["[", statusLabel, "]"] }), timestamp && _jsxs(Text, { dimColor: true, children: [" Last sync: ", timestamp] })] }), provider.error && (_jsx(Box, { marginLeft: 4, children: _jsx(Text, { color: "red", children: provider.error }) }))] }, provider.name));
+            })] }));
+}
+function RoleMappingTable({ mappings }) {
+    if (mappings.length === 0) {
+        return null;
+    }
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "Role Mapping:" }), mappings.map((mapping, idx) => (_jsxs(Box, { children: [_jsx(Text, { dimColor: true, children: "  " }), _jsx(Text, { children: mapping.providerGroup }), _jsx(Text, { dimColor: true, children: " -> " }), _jsx(Text, { color: "cyan", children: mapping.localRole })] }, idx)))] }));
+}
+function SessionsDisplay({ sessions }) {
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "Sessions:" }), _jsxs(Box, { children: [_jsx(Text, { dimColor: true, children: "  Active: " }), _jsx(Text, { color: "green", children: sessions.active }), _jsx(Text, { dimColor: true, children: " / Total: " }), _jsx(Text, { children: sessions.total })] }), Object.keys(sessions.byProvider).length > 0 && (_jsxs(Box, { children: [_jsx(Text, { dimColor: true, children: "  By provider: " }), _jsx(Text, { children: Object.entries(sessions.byProvider)
+                            .map(([name, count]) => `${name}: ${count}`)
+                            .join(', ') })] }))] }));
+}
+function MfaDisplay({ stats }) {
+    const percentage = stats.total > 0 ? Math.round((stats.enrolled / stats.total) * 100) : 0;
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "MFA Enrollment:" }), _jsxs(Box, { children: [_jsx(Text, { dimColor: true, children: "  Enrolled: " }), _jsx(Text, { color: percentage >= 80 ? 'green' : percentage >= 50 ? 'yellow' : 'red', children: stats.enrolled }), _jsx(Text, { dimColor: true, children: " / " }), _jsx(Text, { children: stats.total }), _jsxs(Text, { dimColor: true, children: [" (", percentage, "%)"] })] }), stats.pending > 0 && (_jsxs(Box, { children: [_jsx(Text, { dimColor: true, children: "  Pending: " }), _jsx(Text, { color: "yellow", children: stats.pending })] })), stats.methods.length > 0 && (_jsxs(Box, { children: [_jsx(Text, { dimColor: true, children: "  Methods: " }), _jsx(Text, { children: stats.methods.join(', ') })] }))] }));
+}
+function LoadingIndicator() {
+    return (_jsx(Box, { marginTop: 1, children: _jsx(Text, { color: "cyan", children: "Loading SSO configuration..." }) }));
+}
+function ErrorDisplay({ error }) {
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, borderStyle: "round", borderColor: "red", paddingX: 1, children: [_jsx(Text, { color: "red", bold: true, children: "Error" }), _jsx(Text, { color: "red", children: error })] }));
+}
+export function SSOPane({ providers, roleMappings, sessions, mfaStats, onAddProvider, onRemoveProvider, onRefresh, loading = false, error = null, isActive = false, }) {
+    useInput((input, _key) => {
+        if (!isActive)
+            return;
+        // Add provider with 'a'
+        if (input === 'a' && onAddProvider) {
+            onAddProvider();
+        }
+        // Delete/remove provider with 'd'
+        if (input === 'd' && onRemoveProvider && providers.length > 0) {
+            // Remove first provider for simplicity; in real app would have selection
+            onRemoveProvider(providers[0].name);
+        }
+        // Refresh with 'r'
+        if (input === 'r' && onRefresh) {
+            onRefresh();
+        }
+    }, { isActive });
+    return (_jsxs(Box, { padding: 1, flexDirection: "column", children: [_jsxs(Box, { marginBottom: 1, children: [_jsx(Text, { bold: true, children: "SSO Management" }), providers.length > 0 && (_jsxs(Text, { dimColor: true, children: [" (", providers.length, " provider", providers.length !== 1 ? 's' : '', ")"] }))] }), loading && _jsx(LoadingIndicator, {}), error && _jsx(ErrorDisplay, { error: error }), !loading && (_jsxs(_Fragment, { children: [_jsx(ProvidersList, { providers: providers }), _jsx(RoleMappingTable, { mappings: roleMappings }), _jsx(SessionsDisplay, { sessions: sessions }), _jsx(MfaDisplay, { stats: mfaStats })] })), isActive && (_jsx(Box, { marginTop: 1, children: _jsxs(Text, { dimColor: true, children: [onAddProvider && '[a] Add provider  ', onRemoveProvider && providers.length > 0 && '[d] Remove provider  ', onRefresh && '[r] Refresh'] }) }))] }));
+}
+export default SSOPane;

package/dashboard/dist/components/SSOPane.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dashboard/dist/components/SSOPane.test.js

@@ -0,0 +1,155 @@
+import { jsx as _jsx } from "react/jsx-runtime";
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { render } from 'ink-testing-library';
+import { SSOPane } from './SSOPane.js';
+describe('SSOPane', () => {
+    beforeEach(() => {
+        vi.useFakeTimers();
+    });
+    afterEach(() => {
+        vi.useRealTimers();
+    });
+    const mockProviders = [
+        {
+            name: 'GitHub',
+            type: 'oauth',
+            status: 'connected',
+            lastSync: '2024-01-15T10:30:00.000Z',
+        },
+        {
+            name: 'Okta',
+            type: 'saml',
+            status: 'connected',
+            lastSync: '2024-01-15T09:00:00.000Z',
+        },
+    ];
+    const mockRoleMappings = [
+        { providerGroup: 'admins', localRole: 'admin' },
+        { providerGroup: 'developers', localRole: 'developer' },
+        { providerGroup: 'viewers', localRole: 'viewer' },
+    ];
+    const mockSessions = {
+        active: 15,
+        total: 42,
+        byProvider: {
+            GitHub: 10,
+            Okta: 5,
+        },
+    };
+    const mockMfaStats = {
+        enrolled: 38,
+        total: 42,
+        pending: 4,
+        methods: ['totp', 'webauthn'],
+    };
+    describe('renders provider list correctly', () => {
+        it('renders provider list correctly', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: mockProviders, roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] } }));
+            const output = lastFrame();
+            expect(output).toContain('SSO');
+            expect(output).toContain('GitHub');
+            expect(output).toContain('Okta');
+            expect(output).toMatch(/oauth/i);
+            expect(output).toMatch(/saml/i);
+        });
+    });
+    describe('renders empty state when no providers', () => {
+        it('renders empty state when no providers', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: [], roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] } }));
+            const output = lastFrame();
+            expect(output).toContain('SSO');
+            expect(output).toMatch(/no.*provider|empty|none configured/i);
+        });
+    });
+    describe('shows connected status for working providers', () => {
+        it('shows connected status for working providers', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: mockProviders, roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] } }));
+            const output = lastFrame();
+            expect(output).toMatch(/connected|active|ok/i);
+        });
+    });
+    describe('shows error status for failing providers', () => {
+        it('shows error status for failing providers', () => {
+            const errorProviders = [
+                {
+                    name: 'BrokenIdP',
+                    type: 'saml',
+                    status: 'error',
+                    error: 'Certificate expired',
+                },
+            ];
+            const { lastFrame } = render(_jsx(SSOPane, { providers: errorProviders, roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] } }));
+            const output = lastFrame();
+            expect(output).toContain('BrokenIdP');
+            expect(output).toMatch(/error|failed|certificate/i);
+        });
+    });
+    describe('add provider button opens modal', () => {
+        it('add provider button shows when handler provided', () => {
+            const onAddProvider = vi.fn();
+            const { lastFrame } = render(_jsx(SSOPane, { providers: [], roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] }, onAddProvider: onAddProvider, isActive: true }));
+            const output = lastFrame();
+            expect(output).toMatch(/\[a\]|add.*provider/i);
+        });
+    });
+    describe('remove provider shows confirmation', () => {
+        it('remove provider control shows when handler provided', () => {
+            const onRemoveProvider = vi.fn();
+            const { lastFrame } = render(_jsx(SSOPane, { providers: mockProviders, roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] }, onRemoveProvider: onRemoveProvider, isActive: true }));
+            const output = lastFrame();
+            expect(output).toMatch(/\[d\]|remove|delete/i);
+        });
+    });
+    describe('shows role mapping table', () => {
+        it('shows role mapping table', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: mockProviders, roleMappings: mockRoleMappings, sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] } }));
+            const output = lastFrame();
+            expect(output).toMatch(/role.*mapping|mapping/i);
+            expect(output).toContain('admins');
+            expect(output).toContain('admin');
+            expect(output).toContain('developers');
+            expect(output).toContain('developer');
+        });
+    });
+    describe('shows active sessions count', () => {
+        it('shows active sessions count', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: mockProviders, roleMappings: [], sessions: mockSessions, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] } }));
+            const output = lastFrame();
+            expect(output).toMatch(/session/i);
+            expect(output).toContain('15');
+            expect(output).toContain('42');
+        });
+    });
+    describe('shows MFA enrollment stats', () => {
+        it('shows MFA enrollment stats', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: mockProviders, roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: mockMfaStats }));
+            const output = lastFrame();
+            expect(output).toMatch(/mfa|multi-factor/i);
+            expect(output).toContain('38');
+            expect(output).toContain('42');
+        });
+    });
+    describe('handles loading state', () => {
+        it('handles loading state', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: [], roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] }, loading: true }));
+            const output = lastFrame();
+            expect(output).toMatch(/loading|fetching/i);
+        });
+    });
+    describe('handles error state', () => {
+        it('handles error state', () => {
+            const { lastFrame } = render(_jsx(SSOPane, { providers: [], roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] }, error: "Failed to fetch SSO configuration" }));
+            const output = lastFrame();
+            expect(output).toMatch(/error|failed/i);
+            expect(output).toContain('Failed to fetch SSO configuration');
+        });
+    });
+    describe('refresh button reloads data', () => {
+        it('refresh button shows when handler provided', () => {
+            const onRefresh = vi.fn();
+            const { lastFrame } = render(_jsx(SSOPane, { providers: mockProviders, roleMappings: [], sessions: { active: 0, total: 0, byProvider: {} }, mfaStats: { enrolled: 0, total: 0, pending: 0, methods: [] }, onRefresh: onRefresh, isActive: true }));
+            const output = lastFrame();
+            expect(output).toMatch(/\[r\]|refresh|reload/i);
+        });
+    });
+});

package/dashboard/dist/components/WorkspaceDocsPane.js

@@ -1,22 +1,6 @@
 import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
 import { Box, Text, useInput } from 'ink';
 import { useState } from 'react';
-/**
- * Parse markdown content and render as terminal-friendly text
- */
-function renderMarkdownLine(line) {
-    // Heading detection
-    if (line.startsWith('# ')) {
-        return { text: line.slice(2), bold: true, dimColor: false, color: 'cyan' };
-    }
-    if (line.startsWith('## ')) {
-        return { text: line.slice(3), bold: true, dimColor: false, color: 'cyan' };
-    }
-    if (line.startsWith('### ')) {
-        return { text: line.slice(4), bold: true, dimColor: false };
-    }
-    return { text: line, bold: false, dimColor: false };
-}
 function parseMarkdown(content) {
     const blocks = [];
     const lines = content.split('\n');

package/dashboard/dist/components/WorkspacePane.d.ts

@@ -1,4 +1,4 @@
-interface RepoInfo {
+export interface RepoInfo {
     name: string;
     path: string;
     status: 'ready' | 'needs-init';

package/dashboard/dist/components/ZeroRetentionPane.d.ts

@@ -0,0 +1,44 @@
+export interface RetentionRule {
+    retention: string;
+    persist: boolean;
+}
+export interface RetentionPolicy {
+    retention?: string;
+    persist?: boolean;
+    sensitivityLevels?: Record<string, RetentionRule>;
+    dataTypes?: Record<string, RetentionRule>;
+}
+export interface PurgeEntry {
+    id: string;
+    timestamp: string;
+    itemCount: number;
+    dataTypes: string[];
+}
+export interface SensitiveDataInfo {
+    detected: boolean;
+    count: number;
+    types: string[];
+}
+export interface SubsystemStatus {
+    ephemeralStorage?: boolean;
+    sessionPurge?: boolean;
+    memoryExclusion?: boolean;
+}
+export interface ValidationResult {
+    valid: boolean;
+    conflicts: string[];
+    warnings: string[];
+}
+export interface ZeroRetentionPaneProps {
+    enabled?: boolean;
+    policy?: RetentionPolicy;
+    purgeHistory?: PurgeEntry[];
+    sensitiveDataDetected?: SensitiveDataInfo;
+    subsystems?: SubsystemStatus;
+    validation?: ValidationResult;
+    isActive?: boolean;
+    onToggle?: () => void;
+    onPurge?: () => void;
+}
+export declare function ZeroRetentionPane({ enabled, policy, purgeHistory, sensitiveDataDetected, subsystems, validation, isActive, onToggle, onPurge, }: ZeroRetentionPaneProps): import("react/jsx-runtime").JSX.Element;
+export default ZeroRetentionPane;

package/dashboard/dist/components/ZeroRetentionPane.js

@@ -0,0 +1,83 @@
+import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { Box, Text, useInput } from 'ink';
+function formatTimestamp(ts) {
+    if (!ts)
+        return '';
+    try {
+        const date = new Date(ts);
+        if (isNaN(date.getTime()))
+            return '';
+        const hours = String(date.getUTCHours()).padStart(2, '0');
+        const minutes = String(date.getUTCMinutes()).padStart(2, '0');
+        const seconds = String(date.getUTCSeconds()).padStart(2, '0');
+        return `${hours}:${minutes}:${seconds}`;
+    }
+    catch {
+        return '';
+    }
+}
+function StatusIndicator({ enabled }) {
+    return (_jsxs(Box, { children: [_jsx(Text, { dimColor: true, children: "Status: " }), _jsx(Text, { color: enabled ? 'green' : 'gray', bold: true, children: enabled ? 'ENABLED' : 'DISABLED' })] }));
+}
+function SubsystemsList({ subsystems }) {
+    const items = [
+        { key: 'ephemeralStorage', label: 'Ephemeral Storage' },
+        { key: 'sessionPurge', label: 'Session Purge' },
+        { key: 'memoryExclusion', label: 'Memory Exclusion' },
+    ];
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "Subsystems:" }), items.map((item) => {
+                const active = subsystems[item.key];
+                return (_jsx(Box, { children: _jsxs(Text, { color: active ? 'green' : 'gray', children: [active ? '  [x]' : '  [ ]', " ", item.label] }) }, item.key));
+            })] }));
+}
+function PolicySummary({ policy }) {
+    const rules = [];
+    if (policy.retention) {
+        rules.push({ label: 'Default', value: policy.retention });
+    }
+    if (policy.sensitivityLevels) {
+        Object.entries(policy.sensitivityLevels).forEach(([level, rule]) => {
+            rules.push({ label: level, value: rule.retention });
+        });
+    }
+    if (policy.dataTypes) {
+        Object.entries(policy.dataTypes).forEach(([type, rule]) => {
+            rules.push({ label: type, value: rule.retention });
+        });
+    }
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "Policy:" }), rules.length === 0 ? (_jsx(Text, { color: "gray", children: "  No policy rules configured" })) : (rules.slice(0, 5).map((rule, idx) => (_jsxs(Box, { children: [_jsxs(Text, { dimColor: true, children: ["  ", rule.label, ": "] }), _jsx(Text, { color: rule.value === 'immediate' ? 'cyan' : 'white', children: rule.value })] }, idx)))), rules.length > 5 && (_jsxs(Text, { dimColor: true, children: ["  ... and ", rules.length - 5, " more rules"] }))] }));
+}
+function PurgeHistory({ entries }) {
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [_jsx(Text, { bold: true, dimColor: true, children: "Recent Purge Activity:" }), entries.length === 0 ? (_jsx(Text, { color: "gray", children: "  No purge history - none yet" })) : (entries.slice(0, 5).map((entry) => {
+                const timestamp = formatTimestamp(entry.timestamp);
+                return (_jsxs(Box, { children: [timestamp && _jsxs(Text, { dimColor: true, children: ["  [", timestamp, "] "] }), _jsxs(Text, { children: ["Purged ", entry.itemCount, " items "] }), _jsxs(Text, { dimColor: true, children: ["(", entry.dataTypes.join(', '), ")"] })] }, entry.id));
+            }))] }));
+}
+function SensitiveWarning({ info }) {
+    if (!info.detected || info.count === 0) {
+        return null;
+    }
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, borderStyle: "round", borderColor: "yellow", paddingX: 1, children: [_jsx(Box, { children: _jsx(Text, { color: "yellow", bold: true, children: "Warning: Sensitive Data Detected" }) }), _jsx(Box, { children: _jsxs(Text, { color: "yellow", children: ["Found ", info.count, " sensitive item(s): ", info.types.join(', ')] }) }), _jsx(Box, { children: _jsx(Text, { dimColor: true, children: "Enable zero-retention mode to protect this data" }) })] }));
+}
+function ValidationStatus({ validation }) {
+    if (validation.valid && validation.warnings.length === 0) {
+        return (_jsx(Box, { marginTop: 1, children: _jsx(Text, { color: "green", children: "Configuration: Valid and OK" }) }));
+    }
+    return (_jsxs(Box, { flexDirection: "column", marginTop: 1, children: [validation.conflicts.length > 0 && (_jsxs(Box, { flexDirection: "column", children: [_jsx(Text, { color: "red", bold: true, children: "Conflicts:" }), validation.conflicts.map((conflict, idx) => (_jsxs(Text, { color: "red", children: ["  - ", conflict] }, idx)))] })), validation.warnings.length > 0 && (_jsxs(Box, { flexDirection: "column", children: [_jsx(Text, { color: "yellow", bold: true, children: "Warnings:" }), validation.warnings.map((warning, idx) => (_jsxs(Text, { color: "yellow", children: ["  - ", warning] }, idx)))] }))] }));
+}
+export function ZeroRetentionPane({ enabled = false, policy, purgeHistory = [], sensitiveDataDetected, subsystems, validation, isActive = false, onToggle, onPurge, }) {
+    useInput((input, _key) => {
+        if (!isActive)
+            return;
+        // Toggle with 't'
+        if (input === 't' && onToggle) {
+            onToggle();
+        }
+        // Force purge with 'p'
+        if (input === 'p' && onPurge) {
+            onPurge();
+        }
+    }, { isActive });
+    return (_jsxs(Box, { padding: 1, flexDirection: "column", children: [_jsx(Box, { marginBottom: 1, children: _jsx(Text, { bold: true, children: "Zero-Retention Mode" }) }), _jsx(StatusIndicator, { enabled: enabled }), sensitiveDataDetected && (_jsx(SensitiveWarning, { info: sensitiveDataDetected })), validation && _jsx(ValidationStatus, { validation: validation }), subsystems && _jsx(SubsystemsList, { subsystems: subsystems }), policy && _jsx(PolicySummary, { policy: policy }), _jsx(PurgeHistory, { entries: purgeHistory }), isActive && (_jsx(Box, { marginTop: 1, children: _jsxs(Text, { dimColor: true, children: ["[t] Toggle ", enabled ? 'disable' : 'enable', enabled && '  [p] Force purge'] }) }))] }));
+}
+export default ZeroRetentionPane;

package/dashboard/dist/components/ZeroRetentionPane.test.d.ts

@@ -0,0 +1 @@
+export {};