npm - tlc-claude-code - Versions diffs - 1.3.0 → 1.4.1 - Mend

tlc-claude-code 1.3.0 → 1.4.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (105) hide show

package/dashboard/dist/components/AuditPane.d.ts +30 -0
package/dashboard/dist/components/AuditPane.js +127 -0
package/dashboard/dist/components/AuditPane.test.d.ts +1 -0
package/dashboard/dist/components/AuditPane.test.js +339 -0
package/dashboard/dist/components/CompliancePane.d.ts +39 -0
package/dashboard/dist/components/CompliancePane.js +96 -0
package/dashboard/dist/components/CompliancePane.test.d.ts +1 -0
package/dashboard/dist/components/CompliancePane.test.js +183 -0
package/dashboard/dist/components/SSOPane.d.ts +36 -0
package/dashboard/dist/components/SSOPane.js +71 -0
package/dashboard/dist/components/SSOPane.test.d.ts +1 -0
package/dashboard/dist/components/SSOPane.test.js +155 -0
package/dashboard/dist/components/WorkspaceDocsPane.js +0 -16
package/dashboard/dist/components/WorkspacePane.d.ts +1 -1
package/dashboard/dist/components/ZeroRetentionPane.d.ts +44 -0
package/dashboard/dist/components/ZeroRetentionPane.js +83 -0
package/dashboard/dist/components/ZeroRetentionPane.test.d.ts +1 -0
package/dashboard/dist/components/ZeroRetentionPane.test.js +160 -0
package/package.json +1 -1
package/server/lib/access-control-doc.js +541 -0
package/server/lib/access-control-doc.test.js +672 -0
package/server/lib/adr-generator.js +423 -0
package/server/lib/adr-generator.test.js +586 -0
package/server/lib/agent-progress-monitor.js +223 -0
package/server/lib/agent-progress-monitor.test.js +202 -0
package/server/lib/audit-attribution.js +191 -0
package/server/lib/audit-attribution.test.js +359 -0
package/server/lib/audit-classifier.js +202 -0
package/server/lib/audit-classifier.test.js +209 -0
package/server/lib/audit-command.js +275 -0
package/server/lib/audit-command.test.js +325 -0
package/server/lib/audit-exporter.js +380 -0
package/server/lib/audit-exporter.test.js +464 -0
package/server/lib/audit-logger.js +236 -0
package/server/lib/audit-logger.test.js +364 -0
package/server/lib/audit-query.js +257 -0
package/server/lib/audit-query.test.js +352 -0
package/server/lib/audit-storage.js +269 -0
package/server/lib/audit-storage.test.js +272 -0
package/server/lib/bulk-repo-init.js +342 -0
package/server/lib/bulk-repo-init.test.js +388 -0
package/server/lib/compliance-checklist.js +866 -0
package/server/lib/compliance-checklist.test.js +476 -0
package/server/lib/compliance-command.js +616 -0
package/server/lib/compliance-command.test.js +551 -0
package/server/lib/compliance-reporter.js +692 -0
package/server/lib/compliance-reporter.test.js +707 -0
package/server/lib/data-flow-doc.js +665 -0
package/server/lib/data-flow-doc.test.js +659 -0
package/server/lib/ephemeral-storage.js +249 -0
package/server/lib/ephemeral-storage.test.js +254 -0
package/server/lib/evidence-collector.js +627 -0
package/server/lib/evidence-collector.test.js +901 -0
package/server/lib/flow-diagram-generator.js +474 -0
package/server/lib/flow-diagram-generator.test.js +446 -0
package/server/lib/idp-manager.js +626 -0
package/server/lib/idp-manager.test.js +587 -0
package/server/lib/memory-exclusion.js +326 -0
package/server/lib/memory-exclusion.test.js +241 -0
package/server/lib/mfa-handler.js +452 -0
package/server/lib/mfa-handler.test.js +490 -0
package/server/lib/oauth-flow.js +375 -0
package/server/lib/oauth-flow.test.js +487 -0
package/server/lib/oauth-registry.js +190 -0
package/server/lib/oauth-registry.test.js +306 -0
package/server/lib/readme-generator.js +490 -0
package/server/lib/readme-generator.test.js +493 -0
package/server/lib/repo-dependency-tracker.js +261 -0
package/server/lib/repo-dependency-tracker.test.js +350 -0
package/server/lib/retention-policy.js +281 -0
package/server/lib/retention-policy.test.js +486 -0
package/server/lib/role-mapper.js +236 -0
package/server/lib/role-mapper.test.js +395 -0
package/server/lib/saml-provider.js +765 -0
package/server/lib/saml-provider.test.js +643 -0
package/server/lib/security-policy-generator.js +682 -0
package/server/lib/security-policy-generator.test.js +544 -0
package/server/lib/sensitive-detector.js +112 -0
package/server/lib/sensitive-detector.test.js +209 -0
package/server/lib/service-interaction-diagram.js +700 -0
package/server/lib/service-interaction-diagram.test.js +638 -0
package/server/lib/service-summary.js +553 -0
package/server/lib/service-summary.test.js +619 -0
package/server/lib/session-purge.js +460 -0
package/server/lib/session-purge.test.js +312 -0
package/server/lib/sso-command.js +544 -0
package/server/lib/sso-command.test.js +552 -0
package/server/lib/sso-session.js +492 -0
package/server/lib/sso-session.test.js +670 -0
package/server/lib/workspace-command.js +249 -0
package/server/lib/workspace-command.test.js +264 -0
package/server/lib/workspace-config.js +270 -0
package/server/lib/workspace-config.test.js +312 -0
package/server/lib/workspace-docs-command.js +547 -0
package/server/lib/workspace-docs-command.test.js +692 -0
package/server/lib/workspace-memory.js +451 -0
package/server/lib/workspace-memory.test.js +403 -0
package/server/lib/workspace-scanner.js +452 -0
package/server/lib/workspace-scanner.test.js +677 -0
package/server/lib/workspace-test-runner.js +315 -0
package/server/lib/workspace-test-runner.test.js +294 -0
package/server/lib/zero-retention-command.js +439 -0
package/server/lib/zero-retention-command.test.js +448 -0
package/server/lib/zero-retention.js +322 -0
package/server/lib/zero-retention.test.js +258 -0

package/server/lib/oauth-registry.test.js ADDED Viewed

@@ -0,0 +1,306 @@
+import { describe, it, expect, beforeEach, vi } from 'vitest';
+import {
+  createOAuthRegistry,
+  PROVIDER_DEFAULTS,
+  validateProviderConfig,
+} from './oauth-registry.js';
+describe('oauth-registry', () => {
+  let registry;
+  beforeEach(() => {
+    registry = createOAuthRegistry();
+  });
+  describe('PROVIDER_DEFAULTS', () => {
+    it('supports GitHub provider defaults', () => {
+      expect(PROVIDER_DEFAULTS.github).toBeDefined();
+      expect(PROVIDER_DEFAULTS.github.authUrl).toBe('https://github.com/login/oauth/authorize');
+      expect(PROVIDER_DEFAULTS.github.tokenUrl).toBe('https://github.com/login/oauth/access_token');
+      expect(PROVIDER_DEFAULTS.github.userInfoUrl).toBe('https://api.github.com/user');
+      expect(PROVIDER_DEFAULTS.github.scopes).toContain('read:user');
+      expect(PROVIDER_DEFAULTS.github.scopes).toContain('user:email');
+    });
+    it('supports Google provider defaults', () => {
+      expect(PROVIDER_DEFAULTS.google).toBeDefined();
+      expect(PROVIDER_DEFAULTS.google.authUrl).toBe('https://accounts.google.com/o/oauth2/v2/auth');
+      expect(PROVIDER_DEFAULTS.google.tokenUrl).toBe('https://oauth2.googleapis.com/token');
+      expect(PROVIDER_DEFAULTS.google.userInfoUrl).toBe('https://www.googleapis.com/oauth2/v2/userinfo');
+      expect(PROVIDER_DEFAULTS.google.scopes).toContain('openid');
+      expect(PROVIDER_DEFAULTS.google.scopes).toContain('email');
+      expect(PROVIDER_DEFAULTS.google.scopes).toContain('profile');
+    });
+    it('supports Azure AD provider defaults', () => {
+      expect(PROVIDER_DEFAULTS.azuread).toBeDefined();
+      expect(PROVIDER_DEFAULTS.azuread.authUrl).toBe('https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize');
+      expect(PROVIDER_DEFAULTS.azuread.tokenUrl).toBe('https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token');
+      expect(PROVIDER_DEFAULTS.azuread.userInfoUrl).toBe('https://graph.microsoft.com/v1.0/me');
+      expect(PROVIDER_DEFAULTS.azuread.scopes).toContain('openid');
+      expect(PROVIDER_DEFAULTS.azuread.scopes).toContain('email');
+      expect(PROVIDER_DEFAULTS.azuread.scopes).toContain('profile');
+    });
+  });
+  describe('registerProvider', () => {
+    it('adds provider to registry', () => {
+      const config = {
+        clientId: 'test-client-id',
+        clientSecret: 'test-client-secret',
+        authUrl: 'https://auth.example.com/authorize',
+        tokenUrl: 'https://auth.example.com/token',
+      };
+      registry.registerProvider('custom', config);
+      const provider = registry.getProvider('custom');
+      expect(provider).not.toBeNull();
+      expect(provider.clientId).toBe('test-client-id');
+      expect(provider.clientSecret).toBe('test-client-secret');
+    });
+    it('validates required fields (clientId, clientSecret, authUrl, tokenUrl)', () => {
+      // Missing clientId
+      expect(() => registry.registerProvider('test', {
+        clientSecret: 'secret',
+        authUrl: 'https://auth.example.com/authorize',
+        tokenUrl: 'https://auth.example.com/token',
+      })).toThrow(/clientId/i);
+      // Missing clientSecret
+      expect(() => registry.registerProvider('test', {
+        clientId: 'id',
+        authUrl: 'https://auth.example.com/authorize',
+        tokenUrl: 'https://auth.example.com/token',
+      })).toThrow(/clientSecret/i);
+      // Missing authUrl
+      expect(() => registry.registerProvider('test', {
+        clientId: 'id',
+        clientSecret: 'secret',
+        tokenUrl: 'https://auth.example.com/token',
+      })).toThrow(/authUrl/i);
+      // Missing tokenUrl
+      expect(() => registry.registerProvider('test', {
+        clientId: 'id',
+        clientSecret: 'secret',
+        authUrl: 'https://auth.example.com/authorize',
+      })).toThrow(/tokenUrl/i);
+    });
+    it('merges with provider defaults when using known provider name', () => {
+      registry.registerProvider('github', {
+        clientId: 'my-github-client',
+        clientSecret: 'my-github-secret',
+      });
+      const provider = registry.getProvider('github');
+      expect(provider.clientId).toBe('my-github-client');
+      expect(provider.authUrl).toBe('https://github.com/login/oauth/authorize');
+      expect(provider.tokenUrl).toBe('https://github.com/login/oauth/access_token');
+      expect(provider.scopes).toContain('read:user');
+    });
+    it('allows overriding defaults', () => {
+      registry.registerProvider('github', {
+        clientId: 'my-github-client',
+        clientSecret: 'my-github-secret',
+        scopes: ['repo', 'user'],
+      });
+      const provider = registry.getProvider('github');
+      expect(provider.scopes).toContain('repo');
+      expect(provider.scopes).toContain('user');
+      expect(provider.scopes).not.toContain('read:user');
+    });
+  });
+  describe('getProvider', () => {
+    it('returns registered provider', () => {
+      registry.registerProvider('github', {
+        clientId: 'client-id',
+        clientSecret: 'client-secret',
+      });
+      const provider = registry.getProvider('github');
+      expect(provider).not.toBeNull();
+      expect(provider.clientId).toBe('client-id');
+    });
+    it('returns null for unknown provider', () => {
+      const provider = registry.getProvider('unknown');
+      expect(provider).toBeNull();
+    });
+    it('is case-insensitive for provider names', () => {
+      registry.registerProvider('GitHub', {
+        clientId: 'client-id',
+        clientSecret: 'client-secret',
+      });
+      expect(registry.getProvider('github')).not.toBeNull();
+      expect(registry.getProvider('GITHUB')).not.toBeNull();
+      expect(registry.getProvider('GitHub')).not.toBeNull();
+    });
+  });
+  describe('listProviders', () => {
+    it('returns all registered providers', () => {
+      registry.registerProvider('github', {
+        clientId: 'github-client',
+        clientSecret: 'github-secret',
+      });
+      registry.registerProvider('google', {
+        clientId: 'google-client',
+        clientSecret: 'google-secret',
+      });
+      const providers = registry.listProviders();
+      expect(providers).toHaveLength(2);
+      expect(providers.map(p => p.name)).toContain('github');
+      expect(providers.map(p => p.name)).toContain('google');
+    });
+    it('returns empty array when no providers registered', () => {
+      const providers = registry.listProviders();
+      expect(providers).toEqual([]);
+    });
+    it('does not expose client secrets in list', () => {
+      registry.registerProvider('github', {
+        clientId: 'github-client',
+        clientSecret: 'github-secret',
+      });
+      const providers = registry.listProviders();
+      expect(providers[0].clientSecret).toBeUndefined();
+      expect(providers[0].clientId).toBe('github-client');
+    });
+  });
+  describe('loadFromConfig', () => {
+    it('reads providers from .tlc.json config', () => {
+      const config = {
+        oauth: {
+          providers: {
+            github: {
+              clientId: 'config-github-client',
+              clientSecret: 'config-github-secret',
+            },
+            google: {
+              clientId: 'config-google-client',
+              clientSecret: 'config-google-secret',
+            },
+          },
+        },
+      };
+      registry.loadFromConfig(config);
+      expect(registry.getProvider('github')).not.toBeNull();
+      expect(registry.getProvider('github').clientId).toBe('config-github-client');
+      expect(registry.getProvider('google')).not.toBeNull();
+      expect(registry.getProvider('google').clientId).toBe('config-google-client');
+    });
+    it('handles missing oauth section', () => {
+      const config = {};
+      expect(() => registry.loadFromConfig(config)).not.toThrow();
+      expect(registry.listProviders()).toEqual([]);
+    });
+    it('handles missing providers section', () => {
+      const config = { oauth: {} };
+      expect(() => registry.loadFromConfig(config)).not.toThrow();
+      expect(registry.listProviders()).toEqual([]);
+    });
+    it('validates each provider config', () => {
+      const config = {
+        oauth: {
+          providers: {
+            github: {
+              clientId: 'github-client',
+              // Missing clientSecret - should fail
+            },
+          },
+        },
+      };
+      expect(() => registry.loadFromConfig(config)).toThrow(/clientSecret/i);
+    });
+  });
+  describe('validateConfig', () => {
+    it('returns errors for invalid config', () => {
+      const errors = validateProviderConfig({});
+      expect(errors).toContain('clientId is required');
+      expect(errors).toContain('clientSecret is required');
+    });
+    it('returns errors for missing auth URLs when no defaults', () => {
+      const errors = validateProviderConfig({
+        clientId: 'id',
+        clientSecret: 'secret',
+      });
+      expect(errors).toContain('authUrl is required');
+      expect(errors).toContain('tokenUrl is required');
+    });
+    it('returns empty array for valid config', () => {
+      const errors = validateProviderConfig({
+        clientId: 'id',
+        clientSecret: 'secret',
+        authUrl: 'https://auth.example.com/authorize',
+        tokenUrl: 'https://auth.example.com/token',
+      });
+      expect(errors).toEqual([]);
+    });
+    it('accepts config with known provider name (uses defaults)', () => {
+      const errors = validateProviderConfig({
+        clientId: 'id',
+        clientSecret: 'secret',
+      }, 'github');
+      expect(errors).toEqual([]);
+    });
+  });
+  describe('removeProvider', () => {
+    it('removes a registered provider', () => {
+      registry.registerProvider('github', {
+        clientId: 'client-id',
+        clientSecret: 'client-secret',
+      });
+      expect(registry.getProvider('github')).not.toBeNull();
+      registry.removeProvider('github');
+      expect(registry.getProvider('github')).toBeNull();
+    });
+    it('does nothing for unknown provider', () => {
+      expect(() => registry.removeProvider('unknown')).not.toThrow();
+    });
+  });
+  describe('hasProvider', () => {
+    it('returns true for registered provider', () => {
+      registry.registerProvider('github', {
+        clientId: 'client-id',
+        clientSecret: 'client-secret',
+      });
+      expect(registry.hasProvider('github')).toBe(true);
+    });
+    it('returns false for unknown provider', () => {
+      expect(registry.hasProvider('unknown')).toBe(false);
+    });
+  });
+});