npm - tlc-claude-code - Versions diffs - 1.4.8 → 1.4.9 - Mend

tlc-claude-code 1.4.8 → 1.4.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/package.json +1 -1
package/server/index.js +229 -14
package/server/lib/compliance/control-mapper.js +401 -0
package/server/lib/compliance/control-mapper.test.js +117 -0
package/server/lib/compliance/evidence-linker.js +296 -0
package/server/lib/compliance/evidence-linker.test.js +121 -0
package/server/lib/compliance/gdpr-checklist.js +416 -0
package/server/lib/compliance/gdpr-checklist.test.js +131 -0
package/server/lib/compliance/hipaa-checklist.js +277 -0
package/server/lib/compliance/hipaa-checklist.test.js +101 -0
package/server/lib/compliance/iso27001-checklist.js +287 -0
package/server/lib/compliance/iso27001-checklist.test.js +99 -0
package/server/lib/compliance/multi-framework-reporter.js +284 -0
package/server/lib/compliance/multi-framework-reporter.test.js +127 -0
package/server/lib/compliance/pci-dss-checklist.js +214 -0
package/server/lib/compliance/pci-dss-checklist.test.js +95 -0
package/server/lib/compliance/trust-centre.js +187 -0
package/server/lib/compliance/trust-centre.test.js +93 -0
package/server/lib/dashboard/api-server.js +155 -0
package/server/lib/dashboard/api-server.test.js +155 -0
package/server/lib/dashboard/health-api.js +199 -0
package/server/lib/dashboard/health-api.test.js +122 -0
package/server/lib/dashboard/notes-api.js +234 -0
package/server/lib/dashboard/notes-api.test.js +134 -0
package/server/lib/dashboard/router-api.js +176 -0
package/server/lib/dashboard/router-api.test.js +132 -0
package/server/lib/dashboard/tasks-api.js +289 -0
package/server/lib/dashboard/tasks-api.test.js +161 -0
package/server/lib/dashboard/tlc-introspection.js +197 -0
package/server/lib/dashboard/tlc-introspection.test.js +138 -0
package/server/lib/dashboard/version-api.js +222 -0
package/server/lib/dashboard/version-api.test.js +112 -0
package/server/lib/dashboard/websocket-server.js +104 -0
package/server/lib/dashboard/websocket-server.test.js +118 -0
package/server/lib/deploy/branch-classifier.js +163 -0
package/server/lib/deploy/branch-classifier.test.js +164 -0
package/server/lib/deploy/deployment-approval.js +299 -0
package/server/lib/deploy/deployment-approval.test.js +296 -0
package/server/lib/deploy/deployment-audit.js +374 -0
package/server/lib/deploy/deployment-audit.test.js +307 -0
package/server/lib/deploy/deployment-executor.js +335 -0
package/server/lib/deploy/deployment-executor.test.js +329 -0
package/server/lib/deploy/deployment-rules.js +163 -0
package/server/lib/deploy/deployment-rules.test.js +188 -0
package/server/lib/deploy/rollback-manager.js +379 -0
package/server/lib/deploy/rollback-manager.test.js +321 -0
package/server/lib/deploy/security-gates.js +236 -0
package/server/lib/deploy/security-gates.test.js +222 -0
package/server/lib/k8s/gitops-config.js +188 -0
package/server/lib/k8s/gitops-config.test.js +59 -0
package/server/lib/k8s/helm-generator.js +196 -0
package/server/lib/k8s/helm-generator.test.js +59 -0
package/server/lib/k8s/kustomize-generator.js +176 -0
package/server/lib/k8s/kustomize-generator.test.js +58 -0
package/server/lib/k8s/network-policy.js +114 -0
package/server/lib/k8s/network-policy.test.js +53 -0
package/server/lib/k8s/pod-security.js +114 -0
package/server/lib/k8s/pod-security.test.js +55 -0
package/server/lib/k8s/rbac-generator.js +132 -0
package/server/lib/k8s/rbac-generator.test.js +57 -0
package/server/lib/k8s/resource-manager.js +172 -0
package/server/lib/k8s/resource-manager.test.js +60 -0
package/server/lib/k8s/secrets-encryption.js +168 -0
package/server/lib/k8s/secrets-encryption.test.js +49 -0
package/server/lib/monitoring/alert-manager.js +238 -0
package/server/lib/monitoring/alert-manager.test.js +106 -0
package/server/lib/monitoring/health-check.js +226 -0
package/server/lib/monitoring/health-check.test.js +176 -0
package/server/lib/monitoring/incident-manager.js +230 -0
package/server/lib/monitoring/incident-manager.test.js +98 -0
package/server/lib/monitoring/log-aggregator.js +147 -0
package/server/lib/monitoring/log-aggregator.test.js +89 -0
package/server/lib/monitoring/metrics-collector.js +337 -0
package/server/lib/monitoring/metrics-collector.test.js +172 -0
package/server/lib/monitoring/status-page.js +214 -0
package/server/lib/monitoring/status-page.test.js +105 -0
package/server/lib/monitoring/uptime-monitor.js +194 -0
package/server/lib/monitoring/uptime-monitor.test.js +109 -0
package/server/lib/network/fail2ban-config.js +294 -0
package/server/lib/network/fail2ban-config.test.js +275 -0
package/server/lib/network/firewall-manager.js +252 -0
package/server/lib/network/firewall-manager.test.js +254 -0
package/server/lib/network/geoip-filter.js +282 -0
package/server/lib/network/geoip-filter.test.js +264 -0
package/server/lib/network/rate-limiter.js +229 -0
package/server/lib/network/rate-limiter.test.js +293 -0
package/server/lib/network/request-validator.js +351 -0
package/server/lib/network/request-validator.test.js +345 -0
package/server/lib/network/security-headers.js +251 -0
package/server/lib/network/security-headers.test.js +283 -0
package/server/lib/network/tls-config.js +210 -0
package/server/lib/network/tls-config.test.js +248 -0
package/server/lib/security/auth-security.js +369 -0
package/server/lib/security/auth-security.test.js +448 -0
package/server/lib/security/cis-benchmark.js +152 -0
package/server/lib/security/cis-benchmark.test.js +137 -0
package/server/lib/security/compose-templates.js +312 -0
package/server/lib/security/compose-templates.test.js +229 -0
package/server/lib/security/container-runtime.js +456 -0
package/server/lib/security/container-runtime.test.js +503 -0
package/server/lib/security/cors-validator.js +278 -0
package/server/lib/security/cors-validator.test.js +310 -0
package/server/lib/security/crypto-utils.js +253 -0
package/server/lib/security/crypto-utils.test.js +409 -0
package/server/lib/security/dockerfile-linter.js +459 -0
package/server/lib/security/dockerfile-linter.test.js +483 -0
package/server/lib/security/dockerfile-templates.js +278 -0
package/server/lib/security/dockerfile-templates.test.js +164 -0
package/server/lib/security/error-sanitizer.js +426 -0
package/server/lib/security/error-sanitizer.test.js +331 -0
package/server/lib/security/headers-generator.js +368 -0
package/server/lib/security/headers-generator.test.js +398 -0
package/server/lib/security/image-scanner.js +83 -0
package/server/lib/security/image-scanner.test.js +106 -0
package/server/lib/security/input-validator.js +352 -0
package/server/lib/security/input-validator.test.js +330 -0
package/server/lib/security/network-policy.js +174 -0
package/server/lib/security/network-policy.test.js +164 -0
package/server/lib/security/output-encoder.js +237 -0
package/server/lib/security/output-encoder.test.js +276 -0
package/server/lib/security/path-validator.js +359 -0
package/server/lib/security/path-validator.test.js +293 -0
package/server/lib/security/query-builder.js +421 -0
package/server/lib/security/query-builder.test.js +318 -0
package/server/lib/security/secret-detector.js +290 -0
package/server/lib/security/secret-detector.test.js +354 -0
package/server/lib/security/secrets-validator.js +137 -0
package/server/lib/security/secrets-validator.test.js +120 -0
package/server/lib/security-testing/dast-runner.js +154 -0
package/server/lib/security-testing/dast-runner.test.js +62 -0
package/server/lib/security-testing/dependency-scanner.js +172 -0
package/server/lib/security-testing/dependency-scanner.test.js +64 -0
package/server/lib/security-testing/pentest-runner.js +230 -0
package/server/lib/security-testing/pentest-runner.test.js +60 -0
package/server/lib/security-testing/sast-runner.js +136 -0
package/server/lib/security-testing/sast-runner.test.js +62 -0
package/server/lib/security-testing/secret-scanner.js +153 -0
package/server/lib/security-testing/secret-scanner.test.js +66 -0
package/server/lib/security-testing/security-gate.js +216 -0
package/server/lib/security-testing/security-gate.test.js +115 -0
package/server/lib/security-testing/security-reporter.js +303 -0
package/server/lib/security-testing/security-reporter.test.js +114 -0
package/server/lib/standards/audit-checker.js +546 -0
package/server/lib/standards/audit-checker.test.js +415 -0
package/server/lib/standards/cleanup-executor.js +452 -0
package/server/lib/standards/cleanup-executor.test.js +293 -0
package/server/lib/standards/refactor-stepper.js +425 -0
package/server/lib/standards/refactor-stepper.test.js +298 -0
package/server/lib/standards/standards-injector.js +167 -0
package/server/lib/standards/standards-injector.test.js +232 -0
package/server/lib/user-management.test.js +284 -0
package/server/lib/vps/backup-manager.js +157 -0
package/server/lib/vps/backup-manager.test.js +59 -0
package/server/lib/vps/caddy-config.js +159 -0
package/server/lib/vps/caddy-config.test.js +48 -0
package/server/lib/vps/compose-orchestrator.js +219 -0
package/server/lib/vps/compose-orchestrator.test.js +50 -0
package/server/lib/vps/database-config.js +208 -0
package/server/lib/vps/database-config.test.js +47 -0
package/server/lib/vps/deploy-script.js +211 -0
package/server/lib/vps/deploy-script.test.js +53 -0
package/server/lib/vps/secrets-manager.js +148 -0
package/server/lib/vps/secrets-manager.test.js +58 -0
package/server/lib/vps/server-hardening.js +174 -0
package/server/lib/vps/server-hardening.test.js +70 -0
package/server/package-lock.json +19 -0
package/server/package.json +1 -0
package/server/templates/CLAUDE.md +37 -0
package/server/templates/CODING-STANDARDS.md +408 -0

package/server/lib/monitoring/health-check.js ADDED Viewed

@@ -0,0 +1,226 @@
+/**
+ * Health Check Manager
+ * Liveness/readiness probes for container orchestration
+ */
+export const HEALTH_STATUS = {
+  HEALTHY: 'healthy',
+  UNHEALTHY: 'unhealthy',
+  DEGRADED: 'degraded',
+};
+/**
+ * Create a liveness probe that checks if the process is running
+ * @param {Object} options - Configuration options
+ * @param {boolean} options.includeMemory - Include memory usage in response
+ * @returns {Object} Liveness probe with check method
+ */
+export function createLivenessProbe(options = {}) {
+  const { includeMemory = false } = options;
+  return {
+    async check() {
+      const result = {
+        status: HEALTH_STATUS.HEALTHY,
+        pid: process.pid,
+        uptime: process.uptime(),
+      };
+      if (includeMemory) {
+        result.memory = process.memoryUsage();
+      }
+      return result;
+    },
+  };
+}
+/**
+ * Create a readiness probe that checks dependencies
+ * @param {Object} options - Configuration options
+ * @param {Array} options.checks - Array of { name, check } objects
+ * @param {number} options.timeout - Timeout for each check in ms
+ * @returns {Object} Readiness probe with check method
+ */
+export function createReadinessProbe(options = {}) {
+  const { checks = [], timeout = 5000 } = options;
+  return {
+    async check() {
+      const failed = [];
+      const results = {};
+      for (const { name, check } of checks) {
+        try {
+          const checkPromise = check();
+          const timeoutPromise = new Promise((_, reject) =>
+            setTimeout(() => reject(new Error('timeout')), timeout)
+          );
+          const result = await Promise.race([checkPromise, timeoutPromise]);
+          results[name] = result;
+          if (!result) {
+            failed.push(name);
+          }
+        } catch (error) {
+          results[name] = false;
+          failed.push(name);
+        }
+      }
+      return {
+        status: failed.length === 0 ? HEALTH_STATUS.HEALTHY : HEALTH_STATUS.UNHEALTHY,
+        checks: results,
+        failed,
+      };
+    },
+  };
+}
+/**
+ * Create a deep health check for detailed verification
+ * @param {Object} options - Configuration options
+ * @param {Object} options.db - Database client
+ * @param {Object} options.cache - Cache client
+ * @param {Function} options.fetch - Fetch function for external services
+ * @returns {Object} Deep health check with various check methods
+ */
+export function createDeepHealthCheck(options = {}) {
+  const { db, cache, fetch: fetchFn } = options;
+  return {
+    async checkDatabase() {
+      if (!db) {
+        return { healthy: false, error: 'No database configured' };
+      }
+      try {
+        await db.query('SELECT 1');
+        return { healthy: true };
+      } catch (error) {
+        return { healthy: false, error: error.message };
+      }
+    },
+    async checkCache() {
+      if (!cache) {
+        return { healthy: false, error: 'No cache configured' };
+      }
+      try {
+        const result = await cache.ping();
+        return { healthy: result === 'PONG' };
+      } catch (error) {
+        return { healthy: false, error: error.message };
+      }
+    },
+    async checkExternal(url) {
+      if (!fetchFn) {
+        return { healthy: false, error: 'No fetch configured' };
+      }
+      try {
+        const response = await fetchFn(url);
+        return { healthy: response.ok };
+      } catch (error) {
+        return { healthy: false, error: error.message };
+      }
+    },
+    async getStatus() {
+      // Return status without sensitive info
+      return {
+        database: db ? 'configured' : 'not configured',
+        cache: cache ? 'configured' : 'not configured',
+      };
+    },
+  };
+}
+/**
+ * Run all configured health checks
+ * @param {Object} options - Configuration options
+ * @param {boolean} options.liveness - Include liveness check
+ * @param {boolean} options.readiness - Include readiness check
+ * @param {Array} options.checks - Additional checks to run
+ * @returns {Object} Health check results
+ */
+export async function runHealthCheck(options = {}) {
+  const { liveness = false, readiness = false, checks = [] } = options;
+  const result = {};
+  let allHealthy = true;
+  if (liveness) {
+    const livenessProbe = createLivenessProbe();
+    result.liveness = await livenessProbe.check();
+    if (result.liveness.status !== HEALTH_STATUS.HEALTHY) {
+      allHealthy = false;
+    }
+  }
+  if (readiness) {
+    const readinessProbe = createReadinessProbe({ checks });
+    result.readiness = await readinessProbe.check();
+    if (result.readiness.status !== HEALTH_STATUS.HEALTHY) {
+      allHealthy = false;
+    }
+  }
+  // Run individual checks if no liveness/readiness specified
+  if (!liveness && !readiness && checks.length > 0) {
+    for (const { name, check } of checks) {
+      try {
+        const checkResult = await check();
+        result[name] = checkResult;
+        if (!checkResult) {
+          allHealthy = false;
+        }
+      } catch (error) {
+        result[name] = false;
+        allHealthy = false;
+      }
+    }
+  }
+  result.overall = allHealthy ? HEALTH_STATUS.HEALTHY : HEALTH_STATUS.UNHEALTHY;
+  return result;
+}
+/**
+ * Create a health check manager
+ * @param {Object} options - Configuration options
+ * @param {number} options.interval - Check interval in ms
+ * @returns {Object} Health check manager
+ */
+export function createHealthCheckManager(options = {}) {
+  const { interval = 30000 } = options;
+  const checks = [];
+  const livenessProbe = createLivenessProbe();
+  return {
+    addCheck(check) {
+      checks.push(check);
+    },
+    async runAll() {
+      return runHealthCheck({ liveness: true, readiness: true, checks });
+    },
+    async getLiveness() {
+      return livenessProbe.check();
+    },
+    async getReadiness() {
+      const readinessProbe = createReadinessProbe({ checks });
+      return readinessProbe.check();
+    },
+    getInterval() {
+      return interval;
+    },
+  };
+}

package/server/lib/monitoring/health-check.test.js ADDED Viewed

@@ -0,0 +1,176 @@
+/**
+ * Health Check Manager Tests
+ */
+import { describe, it, expect, vi } from 'vitest';
+import {
+  createLivenessProbe,
+  createReadinessProbe,
+  createDeepHealthCheck,
+  runHealthCheck,
+  HEALTH_STATUS,
+  createHealthCheckManager,
+} from './health-check.js';
+describe('health-check', () => {
+  describe('HEALTH_STATUS', () => {
+    it('defines status constants', () => {
+      expect(HEALTH_STATUS.HEALTHY).toBe('healthy');
+      expect(HEALTH_STATUS.UNHEALTHY).toBe('unhealthy');
+      expect(HEALTH_STATUS.DEGRADED).toBe('degraded');
+    });
+  });
+  describe('createLivenessProbe', () => {
+    it('returns healthy when process is running', async () => {
+      const probe = createLivenessProbe();
+      const result = await probe.check();
+      expect(result.status).toBe('healthy');
+      expect(result.pid).toBeDefined();
+    });
+    it('includes uptime', async () => {
+      const probe = createLivenessProbe();
+      const result = await probe.check();
+      expect(result.uptime).toBeDefined();
+    });
+    it('includes memory usage', async () => {
+      const probe = createLivenessProbe({ includeMemory: true });
+      const result = await probe.check();
+      expect(result.memory).toBeDefined();
+    });
+  });
+  describe('createReadinessProbe', () => {
+    it('checks all dependencies', async () => {
+      const mockDbCheck = vi.fn().mockResolvedValue(true);
+      const mockCacheCheck = vi.fn().mockResolvedValue(true);
+      const probe = createReadinessProbe({
+        checks: [
+          { name: 'database', check: mockDbCheck },
+          { name: 'cache', check: mockCacheCheck },
+        ],
+      });
+      const result = await probe.check();
+      expect(result.status).toBe('healthy');
+      expect(mockDbCheck).toHaveBeenCalled();
+      expect(mockCacheCheck).toHaveBeenCalled();
+    });
+    it('returns unhealthy if any check fails', async () => {
+      const probe = createReadinessProbe({
+        checks: [
+          { name: 'database', check: vi.fn().mockResolvedValue(true) },
+          { name: 'cache', check: vi.fn().mockResolvedValue(false) },
+        ],
+      });
+      const result = await probe.check();
+      expect(result.status).toBe('unhealthy');
+      expect(result.failed).toContain('cache');
+    });
+    it('handles check timeout', async () => {
+      const slowCheck = () => new Promise((r) => setTimeout(() => r(true), 5000));
+      const probe = createReadinessProbe({
+        checks: [{ name: 'slow', check: slowCheck }],
+        timeout: 100,
+      });
+      const result = await probe.check();
+      expect(result.status).toBe('unhealthy');
+    });
+  });
+  describe('createDeepHealthCheck', () => {
+    it('verifies database connection', async () => {
+      const mockDb = { query: vi.fn().mockResolvedValue([{ result: 1 }]) };
+      const check = createDeepHealthCheck({ db: mockDb });
+      const result = await check.checkDatabase();
+      expect(result.healthy).toBe(true);
+      expect(mockDb.query).toHaveBeenCalled();
+    });
+    it('verifies cache connection', async () => {
+      const mockCache = { ping: vi.fn().mockResolvedValue('PONG') };
+      const check = createDeepHealthCheck({ cache: mockCache });
+      const result = await check.checkCache();
+      expect(result.healthy).toBe(true);
+    });
+    it('verifies external service', async () => {
+      const mockFetch = vi.fn().mockResolvedValue({ ok: true });
+      const check = createDeepHealthCheck({ fetch: mockFetch });
+      const result = await check.checkExternal('https://api.example.com/health');
+      expect(result.healthy).toBe(true);
+    });
+    it('does not leak sensitive info', async () => {
+      const check = createDeepHealthCheck({
+        db: { connectionString: 'postgres://user:pass@host/db' },
+      });
+      const result = await check.getStatus();
+      expect(JSON.stringify(result)).not.toContain('pass');
+    });
+  });
+  describe('runHealthCheck', () => {
+    it('runs all configured checks', async () => {
+      const result = await runHealthCheck({
+        liveness: true,
+        readiness: true,
+        checks: [],
+      });
+      expect(result.liveness).toBeDefined();
+      expect(result.readiness).toBeDefined();
+    });
+    it('aggregates status', async () => {
+      const result = await runHealthCheck({
+        checks: [
+          { name: 'a', check: vi.fn().mockResolvedValue(true) },
+          { name: 'b', check: vi.fn().mockResolvedValue(true) },
+        ],
+      });
+      expect(result.overall).toBe('healthy');
+    });
+  });
+  describe('createHealthCheckManager', () => {
+    it('creates manager with methods', () => {
+      const manager = createHealthCheckManager();
+      expect(manager.addCheck).toBeDefined();
+      expect(manager.runAll).toBeDefined();
+      expect(manager.getLiveness).toBeDefined();
+      expect(manager.getReadiness).toBeDefined();
+    });
+    it('configures check intervals', () => {
+      const manager = createHealthCheckManager({
+        interval: 30000,
+      });
+      expect(manager.getInterval()).toBe(30000);
+    });
+  });
+});

package/server/lib/monitoring/incident-manager.js ADDED Viewed

@@ -0,0 +1,230 @@
+/**
+ * Incident Manager
+ * Manages incidents with timeline tracking and MTTR metrics
+ */
+import { randomUUID } from 'crypto';
+/**
+ * Incident status constants
+ */
+export const INCIDENT_STATUS = {
+  OPEN: 'open',
+  INVESTIGATING: 'investigating',
+  RESOLVED: 'resolved',
+};
+/**
+ * Creates a new incident from an alert or manual trigger
+ * @param {Object} options - Incident options
+ * @param {Object} options.alert - Source alert
+ * @param {string} options.title - Incident title
+ * @returns {Object} Created incident
+ */
+export function createIncident(options = {}) {
+  const { alert, title } = options;
+  const now = new Date();
+  return {
+    id: randomUUID(),
+    title: alert?.title || title || 'Untitled Incident',
+    status: INCIDENT_STATUS.OPEN,
+    alerts: alert ? [alert] : [],
+    createdAt: now,
+    updatedAt: now,
+    statusHistory: [
+      {
+        status: INCIDENT_STATUS.OPEN,
+        timestamp: now,
+      },
+    ],
+  };
+}
+/**
+ * Generates a timeline from incident events
+ * @param {Object} options - Timeline options
+ * @param {Array} options.events - Events to include
+ * @returns {Array} Sorted timeline entries
+ */
+export function generateTimeline(options) {
+  const { events } = options;
+  return events
+    .map(event => ({
+      ...event,
+      timestamp: new Date(event.timestamp),
+    }))
+    .sort((a, b) => a.timestamp - b.timestamp);
+}
+/**
+ * Links related alerts to an incident
+ * @param {Object} incident - Incident to link to
+ * @param {Array} alerts - Alerts to link
+ * @returns {Object} Updated incident
+ */
+export function linkAlerts(incident, alerts) {
+  return {
+    ...incident,
+    alerts: [...(incident.alerts || []), ...alerts],
+    updatedAt: new Date(),
+  };
+}
+/**
+ * Updates incident status
+ * @param {Object} incident - Incident to update
+ * @param {string} status - New status
+ * @returns {Object} Updated incident
+ */
+export function updateStatus(incident, status) {
+  const now = new Date();
+  return {
+    ...incident,
+    status,
+    updatedAt: now,
+    resolvedAt: status === INCIDENT_STATUS.RESOLVED ? now : incident.resolvedAt,
+    statusHistory: [
+      ...(incident.statusHistory || []),
+      {
+        status,
+        timestamp: now,
+      },
+    ],
+  };
+}
+/**
+ * Generates a post-mortem template for an incident
+ * @param {Object} options - Post-mortem options
+ * @param {Object} options.incident - Incident to generate post-mortem for
+ * @returns {string} Markdown post-mortem template
+ */
+export function generatePostMortem(options) {
+  const { incident } = options;
+  return `# Post-Mortem: ${incident.title}
+## Incident ID
+${incident.id}
+## Summary
+[Brief description of what happened]
+## Timeline
+[Key events and timestamps]
+## Root Cause
+[What caused the incident]
+## Impact
+[Who/what was affected]
+## Resolution
+[How the incident was resolved]
+## Action Items
+- [ ] [Action item 1]
+- [ ] [Action item 2]
+## Lessons Learned
+[Key takeaways]
+`;
+}
+/**
+ * Calculates mean time to resolve (MTTR) for incidents
+ * @param {Array} incidents - Resolved incidents with createdAt and resolvedAt
+ * @returns {number} MTTR in milliseconds
+ */
+export function calculateMttr(incidents) {
+  if (!incidents || incidents.length === 0) {
+    return 0;
+  }
+  const resolvedIncidents = incidents.filter(i => i.resolvedAt);
+  if (resolvedIncidents.length === 0) {
+    return 0;
+  }
+  const totalTime = resolvedIncidents.reduce((sum, incident) => {
+    const created = new Date(incident.createdAt).getTime();
+    const resolved = new Date(incident.resolvedAt).getTime();
+    return sum + (resolved - created);
+  }, 0);
+  return totalTime / resolvedIncidents.length;
+}
+/**
+ * Creates an incident manager instance
+ * @returns {Object} Incident manager with methods
+ */
+export function createIncidentManager() {
+  const incidents = new Map();
+  return {
+    /**
+     * Creates a new incident
+     * @param {Object} options - Incident options
+     * @returns {Object} Created incident
+     */
+    create(options) {
+      const incident = createIncident(options);
+      incidents.set(incident.id, incident);
+      return incident;
+    },
+    /**
+     * Updates an existing incident
+     * @param {string} id - Incident ID
+     * @param {Object} updates - Updates to apply
+     * @returns {Object} Updated incident
+     */
+    update(id, updates) {
+      const incident = incidents.get(id);
+      if (!incident) {
+        throw new Error(`Incident ${id} not found`);
+      }
+      const updated = {
+        ...incident,
+        ...updates,
+        updatedAt: new Date(),
+      };
+      incidents.set(id, updated);
+      return updated;
+    },
+    /**
+     * Resolves an incident
+     * @param {string} id - Incident ID
+     * @returns {Object} Resolved incident
+     */
+    resolve(id) {
+      const incident = incidents.get(id);
+      if (!incident) {
+        throw new Error(`Incident ${id} not found`);
+      }
+      const resolved = updateStatus(incident, INCIDENT_STATUS.RESOLVED);
+      incidents.set(id, resolved);
+      return resolved;
+    },
+    /**
+     * Gets incident metrics
+     * @returns {Object} Metrics including MTTR
+     */
+    getMetrics() {
+      const all = Array.from(incidents.values());
+      const resolved = all.filter(i => i.status === INCIDENT_STATUS.RESOLVED);
+      return {
+        total: all.length,
+        open: all.filter(i => i.status === INCIDENT_STATUS.OPEN).length,
+        investigating: all.filter(i => i.status === INCIDENT_STATUS.INVESTIGATING).length,
+        resolved: resolved.length,
+        mttr: calculateMttr(resolved),
+      };
+    },
+  };
+}