npm - tlc-claude-code - Versions diffs - 1.4.8 → 1.4.9 - Mend

tlc-claude-code 1.4.8 → 1.4.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (169) hide show

package/package.json +1 -1
package/server/index.js +229 -14
package/server/lib/compliance/control-mapper.js +401 -0
package/server/lib/compliance/control-mapper.test.js +117 -0
package/server/lib/compliance/evidence-linker.js +296 -0
package/server/lib/compliance/evidence-linker.test.js +121 -0
package/server/lib/compliance/gdpr-checklist.js +416 -0
package/server/lib/compliance/gdpr-checklist.test.js +131 -0
package/server/lib/compliance/hipaa-checklist.js +277 -0
package/server/lib/compliance/hipaa-checklist.test.js +101 -0
package/server/lib/compliance/iso27001-checklist.js +287 -0
package/server/lib/compliance/iso27001-checklist.test.js +99 -0
package/server/lib/compliance/multi-framework-reporter.js +284 -0
package/server/lib/compliance/multi-framework-reporter.test.js +127 -0
package/server/lib/compliance/pci-dss-checklist.js +214 -0
package/server/lib/compliance/pci-dss-checklist.test.js +95 -0
package/server/lib/compliance/trust-centre.js +187 -0
package/server/lib/compliance/trust-centre.test.js +93 -0
package/server/lib/dashboard/api-server.js +155 -0
package/server/lib/dashboard/api-server.test.js +155 -0
package/server/lib/dashboard/health-api.js +199 -0
package/server/lib/dashboard/health-api.test.js +122 -0
package/server/lib/dashboard/notes-api.js +234 -0
package/server/lib/dashboard/notes-api.test.js +134 -0
package/server/lib/dashboard/router-api.js +176 -0
package/server/lib/dashboard/router-api.test.js +132 -0
package/server/lib/dashboard/tasks-api.js +289 -0
package/server/lib/dashboard/tasks-api.test.js +161 -0
package/server/lib/dashboard/tlc-introspection.js +197 -0
package/server/lib/dashboard/tlc-introspection.test.js +138 -0
package/server/lib/dashboard/version-api.js +222 -0
package/server/lib/dashboard/version-api.test.js +112 -0
package/server/lib/dashboard/websocket-server.js +104 -0
package/server/lib/dashboard/websocket-server.test.js +118 -0
package/server/lib/deploy/branch-classifier.js +163 -0
package/server/lib/deploy/branch-classifier.test.js +164 -0
package/server/lib/deploy/deployment-approval.js +299 -0
package/server/lib/deploy/deployment-approval.test.js +296 -0
package/server/lib/deploy/deployment-audit.js +374 -0
package/server/lib/deploy/deployment-audit.test.js +307 -0
package/server/lib/deploy/deployment-executor.js +335 -0
package/server/lib/deploy/deployment-executor.test.js +329 -0
package/server/lib/deploy/deployment-rules.js +163 -0
package/server/lib/deploy/deployment-rules.test.js +188 -0
package/server/lib/deploy/rollback-manager.js +379 -0
package/server/lib/deploy/rollback-manager.test.js +321 -0
package/server/lib/deploy/security-gates.js +236 -0
package/server/lib/deploy/security-gates.test.js +222 -0
package/server/lib/k8s/gitops-config.js +188 -0
package/server/lib/k8s/gitops-config.test.js +59 -0
package/server/lib/k8s/helm-generator.js +196 -0
package/server/lib/k8s/helm-generator.test.js +59 -0
package/server/lib/k8s/kustomize-generator.js +176 -0
package/server/lib/k8s/kustomize-generator.test.js +58 -0
package/server/lib/k8s/network-policy.js +114 -0
package/server/lib/k8s/network-policy.test.js +53 -0
package/server/lib/k8s/pod-security.js +114 -0
package/server/lib/k8s/pod-security.test.js +55 -0
package/server/lib/k8s/rbac-generator.js +132 -0
package/server/lib/k8s/rbac-generator.test.js +57 -0
package/server/lib/k8s/resource-manager.js +172 -0
package/server/lib/k8s/resource-manager.test.js +60 -0
package/server/lib/k8s/secrets-encryption.js +168 -0
package/server/lib/k8s/secrets-encryption.test.js +49 -0
package/server/lib/monitoring/alert-manager.js +238 -0
package/server/lib/monitoring/alert-manager.test.js +106 -0
package/server/lib/monitoring/health-check.js +226 -0
package/server/lib/monitoring/health-check.test.js +176 -0
package/server/lib/monitoring/incident-manager.js +230 -0
package/server/lib/monitoring/incident-manager.test.js +98 -0
package/server/lib/monitoring/log-aggregator.js +147 -0
package/server/lib/monitoring/log-aggregator.test.js +89 -0
package/server/lib/monitoring/metrics-collector.js +337 -0
package/server/lib/monitoring/metrics-collector.test.js +172 -0
package/server/lib/monitoring/status-page.js +214 -0
package/server/lib/monitoring/status-page.test.js +105 -0
package/server/lib/monitoring/uptime-monitor.js +194 -0
package/server/lib/monitoring/uptime-monitor.test.js +109 -0
package/server/lib/network/fail2ban-config.js +294 -0
package/server/lib/network/fail2ban-config.test.js +275 -0
package/server/lib/network/firewall-manager.js +252 -0
package/server/lib/network/firewall-manager.test.js +254 -0
package/server/lib/network/geoip-filter.js +282 -0
package/server/lib/network/geoip-filter.test.js +264 -0
package/server/lib/network/rate-limiter.js +229 -0
package/server/lib/network/rate-limiter.test.js +293 -0
package/server/lib/network/request-validator.js +351 -0
package/server/lib/network/request-validator.test.js +345 -0
package/server/lib/network/security-headers.js +251 -0
package/server/lib/network/security-headers.test.js +283 -0
package/server/lib/network/tls-config.js +210 -0
package/server/lib/network/tls-config.test.js +248 -0
package/server/lib/security/auth-security.js +369 -0
package/server/lib/security/auth-security.test.js +448 -0
package/server/lib/security/cis-benchmark.js +152 -0
package/server/lib/security/cis-benchmark.test.js +137 -0
package/server/lib/security/compose-templates.js +312 -0
package/server/lib/security/compose-templates.test.js +229 -0
package/server/lib/security/container-runtime.js +456 -0
package/server/lib/security/container-runtime.test.js +503 -0
package/server/lib/security/cors-validator.js +278 -0
package/server/lib/security/cors-validator.test.js +310 -0
package/server/lib/security/crypto-utils.js +253 -0
package/server/lib/security/crypto-utils.test.js +409 -0
package/server/lib/security/dockerfile-linter.js +459 -0
package/server/lib/security/dockerfile-linter.test.js +483 -0
package/server/lib/security/dockerfile-templates.js +278 -0
package/server/lib/security/dockerfile-templates.test.js +164 -0
package/server/lib/security/error-sanitizer.js +426 -0
package/server/lib/security/error-sanitizer.test.js +331 -0
package/server/lib/security/headers-generator.js +368 -0
package/server/lib/security/headers-generator.test.js +398 -0
package/server/lib/security/image-scanner.js +83 -0
package/server/lib/security/image-scanner.test.js +106 -0
package/server/lib/security/input-validator.js +352 -0
package/server/lib/security/input-validator.test.js +330 -0
package/server/lib/security/network-policy.js +174 -0
package/server/lib/security/network-policy.test.js +164 -0
package/server/lib/security/output-encoder.js +237 -0
package/server/lib/security/output-encoder.test.js +276 -0
package/server/lib/security/path-validator.js +359 -0
package/server/lib/security/path-validator.test.js +293 -0
package/server/lib/security/query-builder.js +421 -0
package/server/lib/security/query-builder.test.js +318 -0
package/server/lib/security/secret-detector.js +290 -0
package/server/lib/security/secret-detector.test.js +354 -0
package/server/lib/security/secrets-validator.js +137 -0
package/server/lib/security/secrets-validator.test.js +120 -0
package/server/lib/security-testing/dast-runner.js +154 -0
package/server/lib/security-testing/dast-runner.test.js +62 -0
package/server/lib/security-testing/dependency-scanner.js +172 -0
package/server/lib/security-testing/dependency-scanner.test.js +64 -0
package/server/lib/security-testing/pentest-runner.js +230 -0
package/server/lib/security-testing/pentest-runner.test.js +60 -0
package/server/lib/security-testing/sast-runner.js +136 -0
package/server/lib/security-testing/sast-runner.test.js +62 -0
package/server/lib/security-testing/secret-scanner.js +153 -0
package/server/lib/security-testing/secret-scanner.test.js +66 -0
package/server/lib/security-testing/security-gate.js +216 -0
package/server/lib/security-testing/security-gate.test.js +115 -0
package/server/lib/security-testing/security-reporter.js +303 -0
package/server/lib/security-testing/security-reporter.test.js +114 -0
package/server/lib/standards/audit-checker.js +546 -0
package/server/lib/standards/audit-checker.test.js +415 -0
package/server/lib/standards/cleanup-executor.js +452 -0
package/server/lib/standards/cleanup-executor.test.js +293 -0
package/server/lib/standards/refactor-stepper.js +425 -0
package/server/lib/standards/refactor-stepper.test.js +298 -0
package/server/lib/standards/standards-injector.js +167 -0
package/server/lib/standards/standards-injector.test.js +232 -0
package/server/lib/user-management.test.js +284 -0
package/server/lib/vps/backup-manager.js +157 -0
package/server/lib/vps/backup-manager.test.js +59 -0
package/server/lib/vps/caddy-config.js +159 -0
package/server/lib/vps/caddy-config.test.js +48 -0
package/server/lib/vps/compose-orchestrator.js +219 -0
package/server/lib/vps/compose-orchestrator.test.js +50 -0
package/server/lib/vps/database-config.js +208 -0
package/server/lib/vps/database-config.test.js +47 -0
package/server/lib/vps/deploy-script.js +211 -0
package/server/lib/vps/deploy-script.test.js +53 -0
package/server/lib/vps/secrets-manager.js +148 -0
package/server/lib/vps/secrets-manager.test.js +58 -0
package/server/lib/vps/server-hardening.js +174 -0
package/server/lib/vps/server-hardening.test.js +70 -0
package/server/package-lock.json +19 -0
package/server/package.json +1 -0
package/server/templates/CLAUDE.md +37 -0
package/server/templates/CODING-STANDARDS.md +408 -0

package/server/lib/dashboard/api-server.js ADDED Viewed

@@ -0,0 +1,155 @@
+/**
+ * Dashboard API Server
+ * Express server mounting all dashboard APIs
+ */
+import express from 'express';
+/**
+ * Creates a standardized error response
+ * @param {string} message - Error message
+ * @param {number} statusCode - HTTP status code
+ * @returns {Object} Error response object
+ */
+export function createErrorResponse(message, statusCode = 500) {
+  return {
+    error: message,
+    statusCode,
+    timestamp: new Date().toISOString()
+  };
+}
+/**
+ * CORS middleware for handling cross-origin requests
+ * @param {Object} req - Express request
+ * @param {Object} res - Express response
+ * @param {Function} next - Next middleware
+ * @param {Object} options - CORS options
+ */
+export function corsMiddleware(req, res, next, options = {}) {
+  const origin = options.origin || '*';
+  res.header('Access-Control-Allow-Origin', origin);
+  res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS');
+  res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');
+  if (req.method === 'OPTIONS') {
+    res.sendStatus(200);
+    return;
+  }
+  next();
+}
+/**
+ * Request logger middleware
+ * @param {Object} req - Express request
+ * @param {Object} res - Express response
+ * @param {Function} next - Next middleware
+ * @param {Object} options - Logger options
+ */
+export function requestLogger(req, res, next, options = {}) {
+  const logger = options.logger || console;
+  const startTime = Date.now();
+  logger.info(`${req.method} ${req.url}`);
+  res.on('finish', () => {
+    const duration = Date.now() - startTime;
+    logger.info(`${req.method} ${req.url} ${res.statusCode} ${duration}ms`);
+  });
+  next();
+}
+/**
+ * Error handler middleware
+ * @param {Error} error - Error object
+ * @param {Object} req - Express request
+ * @param {Object} res - Express response
+ * @param {Function} next - Next middleware
+ * @param {Object} options - Error handler options
+ */
+export function handleError(error, req, res, next, options = {}) {
+  const statusCode = error.statusCode || 500;
+  const response = {
+    error: error.message || 'Internal server error'
+  };
+  if (options.env !== 'production') {
+    response.stack = error.stack;
+  }
+  res.status(statusCode).json(response);
+}
+/**
+ * Mounts all API routes on the Express app
+ * @param {Object} app - Express app or router
+ * @param {Object} options - Route options
+ */
+export function mountRoutes(app, options = {}) {
+  // Tasks API
+  app.get('/api/tasks', (req, res) => {
+    res.json({ tasks: [] });
+  });
+  app.post('/api/tasks', (req, res) => {
+    res.status(201).json({ task: {} });
+  });
+  if (app.patch) {
+    app.patch('/api/tasks/:id', (req, res) => {
+      res.json({ task: {} });
+    });
+  }
+  if (app.delete) {
+    app.delete('/api/tasks/:id', (req, res) => {
+      res.status(204).send();
+    });
+  }
+  // Health API
+  app.get('/api/health', (req, res) => {
+    res.json({ status: 'ok', timestamp: new Date().toISOString() });
+  });
+  // Notes API
+  app.get('/api/notes', (req, res) => {
+    res.json({ notes: [] });
+  });
+  if (app.put) {
+    app.put('/api/notes', (req, res) => {
+      res.json({ note: {} });
+    });
+  }
+  // Router API
+  app.get('/api/router/status', (req, res) => {
+    res.json({ status: 'running' });
+  });
+}
+/**
+ * Creates the Express API server
+ * @param {Object} options - Server options
+ * @param {string} options.basePath - Base path for serving files
+ * @returns {Object} Express app
+ */
+export function createApiServer(options = {}) {
+  const app = express();
+  // Middleware
+  app.use(express.json());
+  app.use((req, res, next) => corsMiddleware(req, res, next));
+  // Mount routes
+  mountRoutes(app, options);
+  // Error handler
+  app.use((err, req, res, next) => handleError(err, req, res, next, options));
+  return app;
+}

package/server/lib/dashboard/api-server.test.js ADDED Viewed

@@ -0,0 +1,155 @@
+/**
+ * Dashboard API Server Tests
+ */
+import { describe, it, expect, vi } from 'vitest';
+import { createApiServer, mountRoutes, handleError, corsMiddleware, requestLogger, createErrorResponse } from './api-server.js';
+describe('api-server', () => {
+  describe('createApiServer', () => {
+    it('creates Express app', () => {
+      const app = createApiServer({ basePath: '/test' });
+      expect(app.listen).toBeDefined();
+      expect(app.use).toBeDefined();
+    });
+    it('mounts API routes', () => {
+      const app = createApiServer({ basePath: '/test' });
+      // Routes should be mounted at /api/*
+      expect(app._router).toBeDefined();
+    });
+  });
+  describe('mountRoutes', () => {
+    it('mounts tasks API', () => {
+      const mockApp = { get: vi.fn(), post: vi.fn(), put: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+      mountRoutes(mockApp, { basePath: '/test' });
+      expect(mockApp.get).toHaveBeenCalledWith('/api/tasks', expect.any(Function));
+      expect(mockApp.post).toHaveBeenCalledWith('/api/tasks', expect.any(Function));
+    });
+    it('mounts health API', () => {
+      const mockApp = { get: vi.fn(), post: vi.fn(), put: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+      mountRoutes(mockApp, { basePath: '/test' });
+      expect(mockApp.get).toHaveBeenCalledWith('/api/health', expect.any(Function));
+    });
+    it('mounts notes API', () => {
+      const mockApp = { get: vi.fn(), post: vi.fn(), put: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+      mountRoutes(mockApp, { basePath: '/test' });
+      expect(mockApp.get).toHaveBeenCalledWith('/api/notes', expect.any(Function));
+      expect(mockApp.put).toHaveBeenCalledWith('/api/notes', expect.any(Function));
+    });
+    it('mounts router API', () => {
+      const mockApp = { get: vi.fn(), post: vi.fn(), put: vi.fn(), patch: vi.fn(), delete: vi.fn() };
+      mountRoutes(mockApp, { basePath: '/test' });
+      expect(mockApp.get).toHaveBeenCalledWith('/api/router/status', expect.any(Function));
+    });
+  });
+  describe('handleError', () => {
+    it('returns error response', () => {
+      const mockRes = {
+        status: vi.fn().mockReturnThis(),
+        json: vi.fn()
+      };
+      const error = new Error('Test error');
+      handleError(error, {}, mockRes, () => {});
+      expect(mockRes.status).toHaveBeenCalledWith(500);
+      expect(mockRes.json).toHaveBeenCalledWith(
+        expect.objectContaining({ error: expect.any(String) })
+      );
+    });
+    it('uses error status code', () => {
+      const mockRes = {
+        status: vi.fn().mockReturnThis(),
+        json: vi.fn()
+      };
+      const error = new Error('Not found');
+      error.statusCode = 404;
+      handleError(error, {}, mockRes, () => {});
+      expect(mockRes.status).toHaveBeenCalledWith(404);
+    });
+    it('hides stack trace in production', () => {
+      const mockRes = {
+        status: vi.fn().mockReturnThis(),
+        json: vi.fn()
+      };
+      const error = new Error('Error');
+      handleError(error, {}, mockRes, () => {}, { env: 'production' });
+      const response = mockRes.json.mock.calls[0][0];
+      expect(response.stack).toBeUndefined();
+    });
+  });
+  describe('corsMiddleware', () => {
+    it('sets CORS headers', () => {
+      const mockRes = {
+        header: vi.fn()
+      };
+      const mockNext = vi.fn();
+      corsMiddleware({}, mockRes, mockNext);
+      expect(mockRes.header).toHaveBeenCalledWith('Access-Control-Allow-Origin', expect.any(String));
+      expect(mockNext).toHaveBeenCalled();
+    });
+    it('handles preflight requests', () => {
+      const mockReq = { method: 'OPTIONS' };
+      const mockRes = {
+        header: vi.fn(),
+        sendStatus: vi.fn()
+      };
+      corsMiddleware(mockReq, mockRes, () => {});
+      expect(mockRes.sendStatus).toHaveBeenCalledWith(200);
+    });
+    it('allows configurable origins', () => {
+      const mockRes = { header: vi.fn() };
+      const mockNext = vi.fn();
+      corsMiddleware({}, mockRes, mockNext, { origin: 'http://localhost:3000' });
+      expect(mockRes.header).toHaveBeenCalledWith('Access-Control-Allow-Origin', 'http://localhost:3000');
+    });
+  });
+  describe('requestLogger', () => {
+    it('logs requests', () => {
+      const mockLogger = { info: vi.fn() };
+      const mockReq = { method: 'GET', url: '/api/tasks' };
+      const mockRes = { on: vi.fn() };
+      const mockNext = vi.fn();
+      requestLogger(mockReq, mockRes, mockNext, { logger: mockLogger });
+      expect(mockLogger.info).toHaveBeenCalled();
+      expect(mockNext).toHaveBeenCalled();
+    });
+    it('logs response time', () => {
+      const mockLogger = { info: vi.fn() };
+      const mockReq = { method: 'GET', url: '/test' };
+      let finishCallback;
+      const mockRes = {
+        on: vi.fn((event, cb) => { if (event === 'finish') finishCallback = cb; }),
+        statusCode: 200
+      };
+      requestLogger(mockReq, mockRes, () => {}, { logger: mockLogger });
+      finishCallback();
+      expect(mockLogger.info).toHaveBeenCalledTimes(2);
+    });
+  });
+  describe('createErrorResponse', () => {
+    it('creates standard error format', () => {
+      const response = createErrorResponse('Not found', 404);
+      expect(response.error).toBe('Not found');
+      expect(response.statusCode).toBe(404);
+    });
+    it('includes timestamp', () => {
+      const response = createErrorResponse('Error');
+      expect(response.timestamp).toBeDefined();
+    });
+  });
+});

package/server/lib/dashboard/health-api.js ADDED Viewed

@@ -0,0 +1,199 @@
+/**
+ * Health API Module
+ * Health check endpoint
+ */
+import { promises as defaultFs } from 'fs';
+import os from 'os';
+import path from 'path';
+const startTime = Date.now();
+/**
+ * Get health status
+ * @param {Object} options - Options
+ * @returns {Promise<Object>} Health status
+ */
+export async function getHealthStatus(options = {}) {
+  const checkDeps = options.checkDeps || (() => Promise.resolve({ healthy: true }));
+  const depsResult = await checkDeps();
+  const status = depsResult.healthy ? 'healthy' : 'degraded';
+  const uptime = Math.floor((Date.now() - startTime) / 1000);
+  const result = {
+    status,
+    timestamp: new Date().toISOString(),
+    uptime
+  };
+  if (!depsResult.healthy && depsResult.issues) {
+    result.issues = depsResult.issues;
+  }
+  return result;
+}
+/**
+ * Get system metrics
+ * @returns {Object} System metrics
+ */
+export function getSystemMetrics() {
+  const memUsage = process.memoryUsage();
+  const totalMem = os.totalmem();
+  const freeMem = os.freemem();
+  const cpus = os.cpus();
+  // Calculate CPU usage (simple average of all cores)
+  let cpuUsage = 0;
+  if (cpus.length > 0) {
+    const totalCpuTime = cpus.reduce((acc, cpu) => {
+      const total = Object.values(cpu.times).reduce((sum, time) => sum + time, 0);
+      const idle = cpu.times.idle;
+      return acc + ((total - idle) / total);
+    }, 0);
+    cpuUsage = totalCpuTime / cpus.length;
+  }
+  return {
+    memory: {
+      used: memUsage.heapUsed,
+      total: memUsage.heapTotal,
+      systemUsed: totalMem - freeMem,
+      systemTotal: totalMem
+    },
+    cpu: {
+      usage: cpuUsage,
+      cores: cpus.length,
+      model: cpus[0]?.model || 'unknown'
+    },
+    pid: process.pid,
+    nodeVersion: process.version,
+    platform: process.platform,
+    uptime: process.uptime()
+  };
+}
+/**
+ * Check dependencies
+ * @param {Object} options - Options
+ * @returns {Promise<Object>} Dependency status
+ */
+export async function checkDependencies(options = {}) {
+  const fs = options.fs || defaultFs;
+  const basePath = options.basePath || process.cwd();
+  const result = {
+    filesystem: false,
+    issues: []
+  };
+  // Check filesystem access
+  try {
+    await fs.access(basePath);
+    result.filesystem = true;
+  } catch {
+    result.filesystem = false;
+    result.issues.push('Filesystem not accessible');
+  }
+  // Aggregate health status
+  result.healthy = result.filesystem;
+  return result;
+}
+/**
+ * Run test suite
+ * @param {Object} options - Options
+ * @returns {Promise<Object>} Test results
+ */
+export async function runTestSuite(options = {}) {
+  const exec = options.exec;
+  if (!exec) {
+    return { error: 'No exec function provided' };
+  }
+  try {
+    const { stdout, stderr } = await exec('npm test');
+    // Parse test output
+    let passed = 0;
+    let failed = 0;
+    let total = 0;
+    // Try to parse different test output formats
+    // Format: "Tests: X passed | Y failed"
+    const testMatch = stdout.match(/Tests?:\s*(\d+)\s*passed(?:\s*\|\s*(\d+)\s*failed)?/i);
+    if (testMatch) {
+      passed = parseInt(testMatch[1], 10);
+      failed = testMatch[2] ? parseInt(testMatch[2], 10) : 0;
+      total = passed + failed;
+    } else {
+      // Format: "X passed"
+      const passedMatch = stdout.match(/(\d+)\s*passed/i);
+      if (passedMatch) {
+        passed = parseInt(passedMatch[1], 10);
+        total = passed;
+      }
+      const failedMatch = stdout.match(/(\d+)\s*failed/i);
+      if (failedMatch) {
+        failed = parseInt(failedMatch[1], 10);
+        total = passed + failed;
+      }
+    }
+    return {
+      passed,
+      failed,
+      total,
+      stdout,
+      stderr
+    };
+  } catch (error) {
+    return {
+      error: error.message,
+      passed: 0,
+      failed: 0,
+      total: 0
+    };
+  }
+}
+/**
+ * Create Health API handler
+ * @param {Object} options - Options
+ * @returns {Object} API handler
+ */
+export function createHealthApi(options = {}) {
+  const { basePath = process.cwd(), fs: fileSystem = defaultFs, cacheMs = 5000 } = options;
+  const checkDeps = options.checkDeps || (() => checkDependencies({ fs: fileSystem, basePath }));
+  let cachedStatus = null;
+  let cacheTime = 0;
+  return {
+    async get() {
+      const now = Date.now();
+      if (cachedStatus && (now - cacheTime) < cacheMs) {
+        return cachedStatus;
+      }
+      cachedStatus = await getHealthStatus({ checkDeps });
+      cacheTime = now;
+      return cachedStatus;
+    },
+    getMetrics() {
+      return getSystemMetrics();
+    },
+    async runTests(execFn) {
+      return runTestSuite({ exec: execFn });
+    }
+  };
+}

package/server/lib/dashboard/health-api.test.js ADDED Viewed

@@ -0,0 +1,122 @@
+/**
+ * Health API Module Tests
+ */
+import { describe, it, expect, vi } from 'vitest';
+import { getHealthStatus, getSystemMetrics, checkDependencies, runTestSuite, createHealthApi } from './health-api.js';
+describe('health-api', () => {
+  describe('getHealthStatus', () => {
+    it('returns healthy status', async () => {
+      const status = await getHealthStatus({
+        checkDeps: vi.fn().mockResolvedValue({ healthy: true })
+      });
+      expect(status.status).toBe('healthy');
+      expect(status.timestamp).toBeDefined();
+    });
+    it('returns degraded on dependency issues', async () => {
+      const status = await getHealthStatus({
+        checkDeps: vi.fn().mockResolvedValue({ healthy: false, issues: ['db down'] })
+      });
+      expect(status.status).toBe('degraded');
+      expect(status.issues).toContain('db down');
+    });
+    it('includes uptime', async () => {
+      const status = await getHealthStatus({
+        checkDeps: vi.fn().mockResolvedValue({ healthy: true })
+      });
+      expect(status.uptime).toBeDefined();
+      expect(typeof status.uptime).toBe('number');
+    });
+  });
+  describe('getSystemMetrics', () => {
+    it('returns memory metrics', () => {
+      const metrics = getSystemMetrics();
+      expect(metrics.memory).toBeDefined();
+      expect(metrics.memory.used).toBeDefined();
+      expect(metrics.memory.total).toBeDefined();
+    });
+    it('returns cpu metrics', () => {
+      const metrics = getSystemMetrics();
+      expect(metrics.cpu).toBeDefined();
+    });
+    it('returns process info', () => {
+      const metrics = getSystemMetrics();
+      expect(metrics.pid).toBeDefined();
+      expect(metrics.nodeVersion).toBeDefined();
+    });
+  });
+  describe('checkDependencies', () => {
+    it('checks file system access', async () => {
+      const mockFs = {
+        access: vi.fn().mockResolvedValue(undefined)
+      };
+      const result = await checkDependencies({ fs: mockFs, basePath: '/test' });
+      expect(result.filesystem).toBe(true);
+    });
+    it('reports missing directories', async () => {
+      const mockFs = {
+        access: vi.fn().mockRejectedValue(new Error('ENOENT'))
+      };
+      const result = await checkDependencies({ fs: mockFs, basePath: '/test' });
+      expect(result.filesystem).toBe(false);
+    });
+    it('aggregates health status', async () => {
+      const mockFs = {
+        access: vi.fn().mockResolvedValue(undefined)
+      };
+      const result = await checkDependencies({ fs: mockFs, basePath: '/test' });
+      expect(result.healthy).toBe(true);
+    });
+  });
+  describe('runTestSuite', () => {
+    it('returns test results', async () => {
+      const mockExec = vi.fn().mockResolvedValue({
+        stdout: '5541 passed',
+        stderr: ''
+      });
+      const result = await runTestSuite({ exec: mockExec });
+      expect(result.passed).toBeDefined();
+      expect(result.total).toBeDefined();
+    });
+    it('parses test output', async () => {
+      const mockExec = vi.fn().mockResolvedValue({
+        stdout: 'Tests: 100 passed | 5 failed',
+        stderr: ''
+      });
+      const result = await runTestSuite({ exec: mockExec });
+      expect(result.passed).toBe(100);
+      expect(result.failed).toBe(5);
+    });
+    it('handles test errors', async () => {
+      const mockExec = vi.fn().mockRejectedValue(new Error('Command failed'));
+      const result = await runTestSuite({ exec: mockExec });
+      expect(result.error).toBeDefined();
+    });
+  });
+  describe('createHealthApi', () => {
+    it('creates API handler', () => {
+      const api = createHealthApi({ basePath: '/test' });
+      expect(api.get).toBeDefined();
+    });
+    it('caches health status briefly', async () => {
+      const mockCheck = vi.fn().mockResolvedValue({ healthy: true });
+      const api = createHealthApi({ checkDeps: mockCheck, cacheMs: 1000 });
+      await api.get();
+      await api.get();
+      expect(mockCheck).toHaveBeenCalledTimes(1);
+    });
+  });
+});