npm - tlc-claude-code - Versions diffs - 1.4.9 → 1.5.2 - Mend

tlc-claude-code 1.4.9 → 1.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (122) hide show

package/CLAUDE.md +23 -0
package/CODING-STANDARDS.md +408 -0
package/bin/install.js +2 -0
package/dashboard/dist/components/QualityGatePane.d.ts +38 -0
package/dashboard/dist/components/QualityGatePane.js +31 -0
package/dashboard/dist/components/QualityGatePane.test.d.ts +1 -0
package/dashboard/dist/components/QualityGatePane.test.js +147 -0
package/dashboard/dist/components/orchestration/AgentCard.d.ts +26 -0
package/dashboard/dist/components/orchestration/AgentCard.js +60 -0
package/dashboard/dist/components/orchestration/AgentCard.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/AgentCard.test.js +63 -0
package/dashboard/dist/components/orchestration/AgentControls.d.ts +11 -0
package/dashboard/dist/components/orchestration/AgentControls.js +20 -0
package/dashboard/dist/components/orchestration/AgentControls.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/AgentControls.test.js +52 -0
package/dashboard/dist/components/orchestration/AgentDetail.d.ts +35 -0
package/dashboard/dist/components/orchestration/AgentDetail.js +37 -0
package/dashboard/dist/components/orchestration/AgentDetail.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/AgentDetail.test.js +79 -0
package/dashboard/dist/components/orchestration/AgentList.d.ts +31 -0
package/dashboard/dist/components/orchestration/AgentList.js +47 -0
package/dashboard/dist/components/orchestration/AgentList.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/AgentList.test.js +64 -0
package/dashboard/dist/components/orchestration/CostMeter.d.ts +11 -0
package/dashboard/dist/components/orchestration/CostMeter.js +28 -0
package/dashboard/dist/components/orchestration/CostMeter.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/CostMeter.test.js +50 -0
package/dashboard/dist/components/orchestration/ModelSelector.d.ts +20 -0
package/dashboard/dist/components/orchestration/ModelSelector.js +12 -0
package/dashboard/dist/components/orchestration/ModelSelector.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/ModelSelector.test.js +56 -0
package/dashboard/dist/components/orchestration/OrchestrationDashboard.d.ts +28 -0
package/dashboard/dist/components/orchestration/OrchestrationDashboard.js +28 -0
package/dashboard/dist/components/orchestration/OrchestrationDashboard.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/OrchestrationDashboard.test.js +56 -0
package/dashboard/dist/components/orchestration/QualityIndicator.d.ts +11 -0
package/dashboard/dist/components/orchestration/QualityIndicator.js +37 -0
package/dashboard/dist/components/orchestration/QualityIndicator.test.d.ts +1 -0
package/dashboard/dist/components/orchestration/QualityIndicator.test.js +52 -0
package/dashboard/dist/components/orchestration/index.d.ts +8 -0
package/dashboard/dist/components/orchestration/index.js +8 -0
package/package.json +1 -1
package/server/lib/access-control.js +352 -0
package/server/lib/access-control.test.js +322 -0
package/server/lib/agents-cancel-command.js +139 -0
package/server/lib/agents-cancel-command.test.js +180 -0
package/server/lib/agents-get-command.js +159 -0
package/server/lib/agents-get-command.test.js +167 -0
package/server/lib/agents-list-command.js +150 -0
package/server/lib/agents-list-command.test.js +149 -0
package/server/lib/agents-logs-command.js +126 -0
package/server/lib/agents-logs-command.test.js +198 -0
package/server/lib/agents-retry-command.js +117 -0
package/server/lib/agents-retry-command.test.js +192 -0
package/server/lib/budget-limits.js +222 -0
package/server/lib/budget-limits.test.js +214 -0
package/server/lib/code-generator.js +291 -0
package/server/lib/code-generator.test.js +307 -0
package/server/lib/cost-command.js +290 -0
package/server/lib/cost-command.test.js +202 -0
package/server/lib/cost-optimizer.js +404 -0
package/server/lib/cost-optimizer.test.js +232 -0
package/server/lib/cost-projections.js +302 -0
package/server/lib/cost-projections.test.js +217 -0
package/server/lib/cost-reports.js +277 -0
package/server/lib/cost-reports.test.js +254 -0
package/server/lib/cost-tracker.js +216 -0
package/server/lib/cost-tracker.test.js +302 -0
package/server/lib/crypto-patterns.js +433 -0
package/server/lib/crypto-patterns.test.js +346 -0
package/server/lib/design-command.js +385 -0
package/server/lib/design-command.test.js +249 -0
package/server/lib/design-parser.js +237 -0
package/server/lib/design-parser.test.js +290 -0
package/server/lib/gemini-vision.js +377 -0
package/server/lib/gemini-vision.test.js +282 -0
package/server/lib/input-validator.js +360 -0
package/server/lib/input-validator.test.js +295 -0
package/server/lib/litellm-client.js +232 -0
package/server/lib/litellm-client.test.js +267 -0
package/server/lib/litellm-command.js +291 -0
package/server/lib/litellm-command.test.js +260 -0
package/server/lib/litellm-config.js +273 -0
package/server/lib/litellm-config.test.js +212 -0
package/server/lib/model-pricing.js +189 -0
package/server/lib/model-pricing.test.js +178 -0
package/server/lib/models-command.js +223 -0
package/server/lib/models-command.test.js +193 -0
package/server/lib/optimize-command.js +197 -0
package/server/lib/optimize-command.test.js +193 -0
package/server/lib/orchestration-integration.js +206 -0
package/server/lib/orchestration-integration.test.js +235 -0
package/server/lib/output-encoder.js +308 -0
package/server/lib/output-encoder.test.js +312 -0
package/server/lib/quality-evaluator.js +396 -0
package/server/lib/quality-evaluator.test.js +337 -0
package/server/lib/quality-gate-command.js +340 -0
package/server/lib/quality-gate-command.test.js +321 -0
package/server/lib/quality-gate-scorer.js +378 -0
package/server/lib/quality-gate-scorer.test.js +376 -0
package/server/lib/quality-history.js +265 -0
package/server/lib/quality-history.test.js +359 -0
package/server/lib/quality-presets.js +288 -0
package/server/lib/quality-presets.test.js +269 -0
package/server/lib/quality-retry.js +323 -0
package/server/lib/quality-retry.test.js +325 -0
package/server/lib/quality-thresholds.js +255 -0
package/server/lib/quality-thresholds.test.js +237 -0
package/server/lib/secure-auth.js +333 -0
package/server/lib/secure-auth.test.js +288 -0
package/server/lib/secure-code-command.js +540 -0
package/server/lib/secure-code-command.test.js +309 -0
package/server/lib/secure-errors.js +521 -0
package/server/lib/secure-errors.test.js +298 -0
package/server/lib/vision-command.js +372 -0
package/server/lib/vision-command.test.js +255 -0
package/server/lib/visual-command.js +350 -0
package/server/lib/visual-command.test.js +256 -0
package/server/lib/visual-testing.js +315 -0
package/server/lib/visual-testing.test.js +357 -0
package/server/package-lock.json +2 -2
package/server/package.json +1 -1

package/server/lib/crypto-patterns.test.js ADDED Viewed

@@ -0,0 +1,346 @@
+/**
+ * Crypto Patterns Tests
+ *
+ * Secure cryptography patterns for code generation
+ */
+const { describe, it, beforeEach } = require('node:test');
+const assert = require('node:assert');
+const {
+  createCryptoPatterns,
+  detectHardcodedSecrets,
+  generateSecureRandom,
+  generateTlsConfig,
+  generateKeyRotation,
+  generateEncryptionCode,
+  generateSecretManagement,
+} = require('./crypto-patterns.js');
+describe('Crypto Patterns', () => {
+  let patterns;
+  beforeEach(() => {
+    patterns = createCryptoPatterns();
+  });
+  describe('createCryptoPatterns', () => {
+    it('creates patterns with default config', () => {
+      assert.ok(patterns);
+      assert.ok(patterns.algorithms);
+    });
+    it('includes modern algorithms', () => {
+      assert.ok(patterns.algorithms.includes('aes-256-gcm'));
+    });
+    it('excludes weak algorithms', () => {
+      assert.ok(!patterns.algorithms.includes('des'));
+      assert.ok(!patterns.algorithms.includes('md5'));
+    });
+  });
+  describe('detectHardcodedSecrets', () => {
+    it('detects API keys', () => {
+      const code = `
+        const apiKey = 'sk_live_abc123def456';
+        fetch(url, { headers: { Authorization: apiKey } });
+      `;
+      const result = detectHardcodedSecrets(code);
+      assert.ok(result.found);
+      assert.ok(result.secrets.length > 0);
+    });
+    it('detects AWS keys', () => {
+      const code = `
+        const accessKey = 'AKIAIOSFODNN7EXAMPLE';
+        const secretKey = 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY';
+      `;
+      const result = detectHardcodedSecrets(code);
+      assert.ok(result.found);
+    });
+    it('detects JWT secrets', () => {
+      const code = `
+        const jwtSecret = 'super-secret-key-12345';
+        jwt.sign(payload, jwtSecret);
+      `;
+      const result = detectHardcodedSecrets(code);
+      assert.ok(result.found);
+    });
+    it('detects database passwords', () => {
+      const code = `
+        const dbUrl = 'postgres://user:password123@localhost/db';
+      `;
+      const result = detectHardcodedSecrets(code);
+      assert.ok(result.found);
+    });
+    it('suggests environment variables', () => {
+      const code = `const apiKey = 'abc123';`;
+      const result = detectHardcodedSecrets(code);
+      assert.ok(result.suggestion);
+      assert.ok(result.suggestion.includes('env') || result.suggestion.includes('environment'));
+    });
+    it('ignores example placeholders', () => {
+      const code = `
+        const apiKey = 'YOUR_API_KEY_HERE';
+        const secret = '<insert-secret>';
+      `;
+      const result = detectHardcodedSecrets(code);
+      assert.strictEqual(result.found, false);
+    });
+    it('detects private keys', () => {
+      const code = `
+        const privateKey = '-----BEGIN RSA PRIVATE KEY-----\\nMIIE...';
+      `;
+      const result = detectHardcodedSecrets(code);
+      assert.ok(result.found);
+    });
+  });
+  describe('generateSecureRandom', () => {
+    it('uses crypto.randomBytes', () => {
+      const code = generateSecureRandom({
+        language: 'javascript',
+        length: 32,
+      });
+      assert.ok(code.includes('crypto') && code.includes('random'));
+    });
+    it('generates hex output', () => {
+      const code = generateSecureRandom({
+        language: 'javascript',
+        encoding: 'hex',
+      });
+      assert.ok(code.includes('hex'));
+    });
+    it('generates base64 output', () => {
+      const code = generateSecureRandom({
+        language: 'javascript',
+        encoding: 'base64',
+      });
+      assert.ok(code.includes('base64'));
+    });
+    it('generates UUID v4', () => {
+      const code = generateSecureRandom({
+        type: 'uuid',
+      });
+      assert.ok(code.includes('uuid') || code.includes('randomUUID'));
+    });
+    it('warns against Math.random', () => {
+      const result = generateSecureRandom({
+        validate: 'Math.random()',
+      });
+      assert.ok(result.warning);
+    });
+    it('generates Python secrets module', () => {
+      const code = generateSecureRandom({
+        language: 'python',
+      });
+      assert.ok(code.includes('secrets') || code.includes('os.urandom'));
+    });
+  });
+  describe('generateTlsConfig', () => {
+    it('requires TLS 1.3 minimum', () => {
+      const config = generateTlsConfig({});
+      assert.ok(config.minVersion === 'TLSv1.3' || config.minVersion === 'TLS1.3');
+    });
+    it('specifies secure cipher suites', () => {
+      const config = generateTlsConfig({});
+      assert.ok(config.ciphers);
+      assert.ok(config.ciphers.includes('GCM') || config.ciphers.includes('ECDHE'));
+    });
+    it('enables OCSP stapling', () => {
+      const config = generateTlsConfig({
+        ocspStapling: true,
+      });
+      assert.ok(config.ocspStapling);
+    });
+    it('sets HSTS header', () => {
+      const config = generateTlsConfig({
+        hsts: true,
+      });
+      assert.ok(config.hstsMaxAge >= 31536000); // 1 year minimum
+    });
+    it('generates Node.js TLS options', () => {
+      const config = generateTlsConfig({
+        platform: 'nodejs',
+      });
+      assert.ok(config.code.includes('tls') || config.code.includes('https'));
+    });
+    it('generates Nginx config', () => {
+      const config = generateTlsConfig({
+        platform: 'nginx',
+      });
+      assert.ok(config.code.includes('ssl_') || config.code.includes('server'));
+    });
+  });
+  describe('generateKeyRotation', () => {
+    it('generates rotation schedule', () => {
+      const config = generateKeyRotation({
+        rotationDays: 90,
+      });
+      assert.ok(config.schedule);
+      assert.strictEqual(config.rotationDays, 90);
+    });
+    it('supports multiple active keys', () => {
+      const config = generateKeyRotation({
+        maxActiveKeys: 2,
+      });
+      assert.strictEqual(config.maxActiveKeys, 2);
+    });
+    it('generates graceful transition', () => {
+      const config = generateKeyRotation({
+        gracePeriod: 86400000, // 24 hours
+      });
+      assert.ok(config.gracePeriod);
+    });
+    it('generates key versioning', () => {
+      const config = generateKeyRotation({
+        versioned: true,
+      });
+      assert.ok(config.versioned);
+    });
+    it('generates key derivation', () => {
+      const config = generateKeyRotation({
+        deriveKeys: true,
+      });
+      assert.ok(config.code.includes('derive') || config.code.includes('hkdf'));
+    });
+  });
+  describe('generateEncryptionCode', () => {
+    it('uses AES-256-GCM', () => {
+      const code = generateEncryptionCode({
+        language: 'javascript',
+      });
+      assert.ok(code.includes('aes-256-gcm') || code.includes('AES'));
+    });
+    it('generates authenticated encryption', () => {
+      const code = generateEncryptionCode({
+        authenticated: true,
+      });
+      assert.ok(code.includes('tag') || code.includes('auth') || code.includes('GCM'));
+    });
+    it('includes IV generation', () => {
+      const code = generateEncryptionCode({
+        language: 'javascript',
+      });
+      assert.ok(code.includes('iv') || code.includes('nonce'));
+    });
+    it('generates key from password', () => {
+      const code = generateEncryptionCode({
+        keyDerivation: 'password',
+      });
+      assert.ok(code.includes('pbkdf2') || code.includes('scrypt') || code.includes('argon'));
+    });
+    it('generates envelope encryption', () => {
+      const code = generateEncryptionCode({
+        envelope: true,
+      });
+      assert.ok(code.includes('data key') || code.includes('wrap') || code.includes('envelope'));
+    });
+  });
+  describe('generateSecretManagement', () => {
+    it('generates env var pattern', () => {
+      const code = generateSecretManagement({
+        method: 'env',
+      });
+      assert.ok(code.includes('process.env') || code.includes('os.environ'));
+    });
+    it('generates vault integration', () => {
+      const code = generateSecretManagement({
+        method: 'vault',
+      });
+      assert.ok(code.includes('vault') || code.includes('Vault'));
+    });
+    it('generates AWS Secrets Manager', () => {
+      const code = generateSecretManagement({
+        method: 'aws-secrets',
+      });
+      assert.ok(code.includes('SecretsManager') || code.includes('aws'));
+    });
+    it('includes secret caching', () => {
+      const code = generateSecretManagement({
+        cache: true,
+        cacheTtl: 300000,
+      });
+      assert.ok(code.includes('cache') || code.includes('Cache'));
+    });
+    it('generates secret validation', () => {
+      const code = generateSecretManagement({
+        validate: true,
+      });
+      assert.ok(code.includes('validate') || code.includes('check') || code.includes('required'));
+    });
+  });
+});