npm - webguardx - Versions diffs - 0.1.0 - Mend

webguardx 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/CHANGELOG.md +18 -0
package/LICENSE +21 -0
package/README.md +289 -0
package/dist/bin/cli.cjs +1944 -0
package/dist/bin/cli.cjs.map +1 -0
package/dist/bin/cli.d.cts +2 -0
package/dist/bin/cli.d.ts +2 -0
package/dist/bin/cli.js +1919 -0
package/dist/bin/cli.js.map +1 -0
package/dist/index.cjs +1641 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +658 -0
package/dist/index.d.ts +658 -0
package/dist/index.js +1583 -0
package/dist/index.js.map +1 -0
package/package.json +89 -0
package/templates/init/.env.example +6 -0
package/templates/init/webguard.config.ts +34 -0

package/dist/bin/cli.js ADDED Viewed

@@ -0,0 +1,1919 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+// node_modules/tsup/assets/esm_shims.js
+import path from "path";
+import { fileURLToPath } from "url";
+var init_esm_shims = __esm({
+  "node_modules/tsup/assets/esm_shims.js"() {
+    "use strict";
+  }
+});
+// src/utils/logger.ts
+import chalk from "chalk";
+var log;
+var init_logger = __esm({
+  "src/utils/logger.ts"() {
+    "use strict";
+    init_esm_shims();
+    log = {
+      info(msg) {
+        console.log(chalk.blue("i"), msg);
+      },
+      success(msg) {
+        console.log(chalk.green("\u2713"), msg);
+      },
+      warn(msg) {
+        console.log(chalk.yellow("\u26A0"), msg);
+      },
+      error(msg) {
+        console.log(chalk.red("\u2717"), msg);
+      },
+      dim(msg) {
+        console.log(chalk.dim(msg));
+      },
+      plain(msg) {
+        console.log(msg);
+      }
+    };
+  }
+});
+// src/utils/fs.ts
+import fs2 from "fs";
+import path3 from "path";
+function ensureDir(dir) {
+  if (!fs2.existsSync(dir)) {
+    fs2.mkdirSync(dir, { recursive: true });
+  }
+}
+function cleanDir(dir) {
+  if (fs2.existsSync(dir)) {
+    fs2.rmSync(dir, { recursive: true, force: true });
+  }
+}
+function writeJson(filePath, data) {
+  ensureDir(path3.dirname(filePath));
+  fs2.writeFileSync(filePath, JSON.stringify(data, null, 2));
+}
+var init_fs = __esm({
+  "src/utils/fs.ts"() {
+    "use strict";
+    init_esm_shims();
+  }
+});
+// src/reporters/html.ts
+var html_exports = {};
+__export(html_exports, {
+  reportHtml: () => reportHtml
+});
+import fs5 from "fs";
+import path13 from "path";
+function escapeHtml(str) {
+  return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
+}
+function severityIcon(severity) {
+  switch (severity) {
+    case "pass":
+      return "&#x2713;";
+    case "fail":
+      return "&#x2717;";
+    case "warning":
+      return "&#x26A0;";
+    case "skip":
+      return "&#x25CB;";
+    default:
+      return "?";
+  }
+}
+function severityClass(severity) {
+  return `severity-${severity}`;
+}
+function renderAuditRow(audit) {
+  return `
+    <tr class="${severityClass(audit.severity)}">
+      <td class="icon">${severityIcon(audit.severity)}</td>
+      <td>${escapeHtml(audit.audit)}</td>
+      <td>${escapeHtml(audit.message)}</td>
+      <td class="duration">${audit.duration ? `${audit.duration}ms` : "\u2014"}</td>
+    </tr>`;
+}
+function renderPageSection(page) {
+  const failCount = page.audits.filter((a) => a.severity === "fail").length;
+  const status = failCount > 0 ? "fail" : "pass";
+  return `
+    <div class="page-section">
+      <h2 class="page-header ${status}">
+        <span class="page-name">${escapeHtml(page.page)}</span>
+        <span class="page-path">${escapeHtml(page.path)}</span>
+        <span class="page-duration">${(page.duration / 1e3).toFixed(1)}s</span>
+      </h2>
+      <table class="audit-table">
+        <thead>
+          <tr>
+            <th class="icon-col"></th>
+            <th>Audit</th>
+            <th>Result</th>
+            <th>Duration</th>
+          </tr>
+        </thead>
+        <tbody>
+          ${page.audits.map(renderAuditRow).join("")}
+        </tbody>
+      </table>
+    </div>`;
+}
+function buildHtml(result) {
+  const { summary } = result;
+  const overallStatus = summary.failed > 0 ? "FAIL" : summary.warnings > 0 ? "PASS (with warnings)" : "PASS";
+  const statusClass = summary.failed > 0 ? "fail" : summary.warnings > 0 ? "warning" : "pass";
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Webguardx Report \u2014 ${escapeHtml(result.config.baseURL)}</title>
+  <style>
+    :root {
+      --pass: #22c55e;
+      --fail: #ef4444;
+      --warning: #f59e0b;
+      --skip: #94a3b8;
+      --bg: #0f172a;
+      --surface: #1e293b;
+      --text: #e2e8f0;
+      --text-dim: #94a3b8;
+      --border: #334155;
+    }
+    * { box-sizing: border-box; margin: 0; padding: 0; }
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+      background: var(--bg);
+      color: var(--text);
+      line-height: 1.6;
+      padding: 2rem;
+    }
+    .container { max-width: 900px; margin: 0 auto; }
+    header {
+      text-align: center;
+      margin-bottom: 2rem;
+      padding-bottom: 1.5rem;
+      border-bottom: 1px solid var(--border);
+    }
+    header h1 {
+      font-size: 1.75rem;
+      font-weight: 700;
+      margin-bottom: 0.5rem;
+    }
+    header .meta {
+      color: var(--text-dim);
+      font-size: 0.875rem;
+    }
+    .summary-grid {
+      display: grid;
+      grid-template-columns: repeat(auto-fit, minmax(140px, 1fr));
+      gap: 1rem;
+      margin-bottom: 2rem;
+    }
+    .summary-card {
+      background: var(--surface);
+      border-radius: 8px;
+      padding: 1rem;
+      text-align: center;
+      border: 1px solid var(--border);
+    }
+    .summary-card .value {
+      font-size: 2rem;
+      font-weight: 700;
+    }
+    .summary-card .label {
+      font-size: 0.75rem;
+      color: var(--text-dim);
+      text-transform: uppercase;
+      letter-spacing: 0.05em;
+    }
+    .summary-card.pass .value { color: var(--pass); }
+    .summary-card.fail .value { color: var(--fail); }
+    .summary-card.warning .value { color: var(--warning); }
+    .summary-card.skip .value { color: var(--skip); }
+    .overall-status {
+      text-align: center;
+      font-size: 1.25rem;
+      font-weight: 700;
+      padding: 0.75rem;
+      border-radius: 8px;
+      margin-bottom: 2rem;
+    }
+    .overall-status.pass { background: rgba(34,197,94,0.15); color: var(--pass); }
+    .overall-status.fail { background: rgba(239,68,68,0.15); color: var(--fail); }
+    .overall-status.warning { background: rgba(245,158,11,0.15); color: var(--warning); }
+    .page-section {
+      background: var(--surface);
+      border-radius: 8px;
+      margin-bottom: 1.5rem;
+      border: 1px solid var(--border);
+      overflow: hidden;
+    }
+    .page-header {
+      padding: 1rem 1.25rem;
+      display: flex;
+      align-items: center;
+      gap: 0.75rem;
+      border-bottom: 1px solid var(--border);
+    }
+    .page-header.fail { border-left: 4px solid var(--fail); }
+    .page-header.pass { border-left: 4px solid var(--pass); }
+    .page-name { font-weight: 600; }
+    .page-path { color: var(--text-dim); font-size: 0.875rem; }
+    .page-duration { margin-left: auto; color: var(--text-dim); font-size: 0.875rem; }
+    .audit-table {
+      width: 100%;
+      border-collapse: collapse;
+    }
+    .audit-table th {
+      text-align: left;
+      padding: 0.5rem 1rem;
+      font-size: 0.75rem;
+      text-transform: uppercase;
+      color: var(--text-dim);
+      border-bottom: 1px solid var(--border);
+    }
+    .audit-table td {
+      padding: 0.6rem 1rem;
+      border-bottom: 1px solid var(--border);
+    }
+    .audit-table tr:last-child td { border-bottom: none; }
+    .icon-col { width: 40px; }
+    .icon { text-align: center; font-size: 1.1rem; }
+    .duration { color: var(--text-dim); font-size: 0.875rem; }
+    .severity-pass .icon { color: var(--pass); }
+    .severity-fail .icon { color: var(--fail); }
+    .severity-warning .icon { color: var(--warning); }
+    .severity-skip .icon { color: var(--skip); }
+    footer {
+      text-align: center;
+      margin-top: 2rem;
+      padding-top: 1rem;
+      border-top: 1px solid var(--border);
+      color: var(--text-dim);
+      font-size: 0.75rem;
+    }
+    footer a { color: var(--text-dim); }
+  </style>
+</head>
+<body>
+  <div class="container">
+    <header>
+      <h1>Webguardx Report</h1>
+      <div class="meta">
+        ${escapeHtml(result.config.baseURL)} &bull;
+        ${escapeHtml(result.timestamp)} &bull;
+        ${result.config.auditsEnabled.join(", ")}
+      </div>
+    </header>
+    <div class="overall-status ${statusClass}">${overallStatus}</div>
+    <div class="summary-grid">
+      <div class="summary-card">
+        <div class="value">${summary.totalAudits}</div>
+        <div class="label">Total</div>
+      </div>
+      <div class="summary-card pass">
+        <div class="value">${summary.passed}</div>
+        <div class="label">Passed</div>
+      </div>
+      <div class="summary-card fail">
+        <div class="value">${summary.failed}</div>
+        <div class="label">Failed</div>
+      </div>
+      <div class="summary-card warning">
+        <div class="value">${summary.warnings}</div>
+        <div class="label">Warnings</div>
+      </div>
+      <div class="summary-card skip">
+        <div class="value">${summary.skipped}</div>
+        <div class="label">Skipped</div>
+      </div>
+      <div class="summary-card">
+        <div class="value">${(summary.duration / 1e3).toFixed(1)}s</div>
+        <div class="label">Duration</div>
+      </div>
+    </div>
+    ${result.pages.map(renderPageSection).join("")}
+    <footer>
+      Generated by <a href="https://github.com/user/webguardx">webguardx</a>
+    </footer>
+  </div>
+</body>
+</html>`;
+}
+function reportHtml(result, runDir) {
+  const filePath = path13.join(runDir, "report.html");
+  ensureDir(runDir);
+  fs5.writeFileSync(filePath, buildHtml(result), "utf-8");
+  log.dim(`  HTML report: ${filePath}`);
+}
+var init_html = __esm({
+  "src/reporters/html.ts"() {
+    "use strict";
+    init_esm_shims();
+    init_fs();
+    init_logger();
+  }
+});
+// src/bin/cli.ts
+init_esm_shims();
+import { Command } from "commander";
+import path16 from "path";
+import fs8 from "fs";
+import chalk3 from "chalk";
+// src/config/loader.ts
+init_esm_shims();
+import path2 from "path";
+import fs from "fs";
+// src/config/schema.ts
+init_esm_shims();
+import { z } from "zod";
+var AuthApiLoginSchema = z.object({
+  method: z.literal("api-login"),
+  loginUrl: z.string().url(),
+  payload: z.record(z.string()),
+  headers: z.record(z.string()).optional()
+});
+var AuthFormLoginSchema = z.object({
+  method: z.literal("form-login"),
+  loginUrl: z.string().url(),
+  fields: z.array(
+    z.object({
+      selector: z.string(),
+      value: z.string()
+    })
+  ),
+  submitSelector: z.string(),
+  waitAfterLogin: z.string().optional()
+});
+var AuthCookieSchema = z.object({
+  method: z.literal("cookie"),
+  cookies: z.array(
+    z.object({
+      name: z.string(),
+      value: z.string(),
+      domain: z.string(),
+      path: z.string().default("/")
+    })
+  )
+});
+var AuthBearerSchema = z.object({
+  method: z.literal("bearer-token"),
+  token: z.string()
+});
+var AuthNoneSchema = z.object({
+  method: z.literal("none")
+});
+var AuthSchema = z.discriminatedUnion("method", [
+  AuthApiLoginSchema,
+  AuthFormLoginSchema,
+  AuthCookieSchema,
+  AuthBearerSchema,
+  AuthNoneSchema
+]);
+var PageSchema = z.object({
+  name: z.string(),
+  path: z.string(),
+  expectedStatus: z.number().default(200),
+  skipAudits: z.array(z.string()).optional()
+});
+var LighthouseThresholdsSchema = z.object({
+  performance: z.number().min(0).max(100).default(50),
+  accessibility: z.number().min(0).max(100).default(90),
+  bestPractices: z.number().min(0).max(100).default(80),
+  seo: z.number().min(0).max(100).default(80)
+}).partial();
+var WebguardConfigSchema = z.object({
+  baseURL: z.string().url(),
+  pages: z.array(PageSchema).min(1),
+  auth: AuthSchema.default({ method: "none" }),
+  // Open record — built-in keys have defaults, custom audit keys are allowed
+  audits: z.record(z.string(), z.boolean()).default({
+    httpStatus: true,
+    contentVisibility: true,
+    accessibility: true,
+    lighthouse: false,
+    brokenLinks: false,
+    consoleErrors: true
+  }),
+  // Custom audits defined inline in config
+  customAudits: z.array(z.any()).default([]),
+  // Plugins — objects or string paths to npm packages / local files
+  plugins: z.array(z.any()).default([]),
+  wcagTags: z.array(z.string()).default(["wcag2a", "wcag2aa", "wcag21a", "wcag21aa"]),
+  lighthouseThresholds: LighthouseThresholdsSchema.default({}),
+  retry: z.object({
+    maxRetries: z.number().min(1).default(3),
+    delayMs: z.number().min(0).default(5e3)
+  }).default({}),
+  runner: z.object({
+    concurrency: z.number().min(1).default(1),
+    failFast: z.boolean().default(false)
+  }).default({}),
+  browser: z.object({
+    headless: z.boolean().default(true),
+    timeout: z.number().default(6e4),
+    viewport: z.object({
+      width: z.number().default(1280),
+      height: z.number().default(720)
+    }).default({})
+  }).default({}),
+  output: z.object({
+    dir: z.string().default("./webguard-results"),
+    formats: z.array(z.enum(["terminal", "html", "json", "junit"])).default(["terminal", "html", "json"]),
+    screenshots: z.boolean().default(true),
+    screenshotOnFailOnly: z.boolean().default(false)
+  }).default({}),
+  baseline: z.object({
+    enabled: z.boolean().default(false),
+    updateOnPass: z.boolean().default(true)
+  }).default({}),
+  notifications: z.array(z.any()).default([])
+});
+// src/config/loader.ts
+init_logger();
+var CONFIG_NAMES = [
+  "webguard.config.ts",
+  "webguard.config.js",
+  "webguard.config.mjs",
+  "webguard.config.json"
+];
+async function loadConfig(configPath) {
+  const resolvedPath = configPath ? path2.resolve(configPath) : findConfigFile();
+  if (!resolvedPath) {
+    throw new Error(
+      `No webguard config found. Run "webguardx init" to create one, or specify --config <path>.`
+    );
+  }
+  log.info(`Loading config from ${path2.relative(process.cwd(), resolvedPath)}`);
+  let rawConfig;
+  if (resolvedPath.endsWith(".json")) {
+    const content = fs.readFileSync(resolvedPath, "utf-8");
+    rawConfig = JSON.parse(content);
+  } else {
+    const { createJiti } = await import("jiti");
+    const jiti = createJiti(import.meta.url);
+    const mod = await jiti.import(resolvedPath);
+    rawConfig = mod.default ?? mod;
+  }
+  const result = WebguardConfigSchema.safeParse(rawConfig);
+  if (!result.success) {
+    const errors = result.error.issues.map((i) => `  - ${i.path.join(".")}: ${i.message}`).join("\n");
+    throw new Error(`Invalid webguard config:
+${errors}`);
+  }
+  return result.data;
+}
+function findConfigFile() {
+  const cwd = process.cwd();
+  for (const name of CONFIG_NAMES) {
+    const fullPath = path2.join(cwd, name);
+    if (fs.existsSync(fullPath)) {
+      return fullPath;
+    }
+  }
+  return null;
+}
+// src/runner/index.ts
+init_esm_shims();
+import { chromium as chromium2 } from "playwright";
+// src/auth/index.ts
+init_esm_shims();
+// src/auth/strategies/api-login.ts
+init_esm_shims();
+init_fs();
+import { request } from "playwright";
+import path4 from "path";
+async function apiLogin(config, outputDir) {
+  const authDir = path4.join(outputDir, ".auth");
+  ensureDir(authDir);
+  const storagePath = path4.join(authDir, "storageState.json");
+  const origin = new URL(config.loginUrl).origin;
+  const context = await request.newContext({ baseURL: origin });
+  const response = await context.post(config.loginUrl, {
+    data: config.payload,
+    headers: {
+      "content-type": "application/json",
+      accept: "application/json",
+      ...config.headers
+    }
+  });
+  if (!response.ok()) {
+    const body = await response.text();
+    await context.dispose();
+    throw new Error(`Login failed (HTTP ${response.status()}): ${body}`);
+  }
+  await context.storageState({ path: storagePath });
+  await context.dispose();
+  return { storageStatePath: storagePath };
+}
+// src/auth/strategies/form-login.ts
+init_esm_shims();
+init_fs();
+import { chromium } from "playwright";
+import path5 from "path";
+async function formLogin(config, outputDir) {
+  const authDir = path5.join(outputDir, ".auth");
+  ensureDir(authDir);
+  const storagePath = path5.join(authDir, "storageState.json");
+  const browser = await chromium.launch({ headless: true });
+  const context = await browser.newContext();
+  const page = await context.newPage();
+  await page.goto(config.loginUrl);
+  for (const field of config.fields) {
+    await page.fill(field.selector, field.value);
+  }
+  await page.click(config.submitSelector);
+  if (config.waitAfterLogin) {
+    if (config.waitAfterLogin.startsWith("http")) {
+      await page.waitForURL(config.waitAfterLogin);
+    } else {
+      await page.waitForSelector(config.waitAfterLogin);
+    }
+  } else {
+    await page.waitForLoadState("networkidle");
+  }
+  await context.storageState({ path: storagePath });
+  await browser.close();
+  return { storageStatePath: storagePath };
+}
+// src/auth/strategies/cookie-inject.ts
+init_esm_shims();
+init_fs();
+import fs3 from "fs";
+import path6 from "path";
+async function cookieInject(config, outputDir) {
+  const authDir = path6.join(outputDir, ".auth");
+  ensureDir(authDir);
+  const storagePath = path6.join(authDir, "storageState.json");
+  const storageState = {
+    cookies: config.cookies.map((c) => ({
+      name: c.name,
+      value: c.value,
+      domain: c.domain,
+      path: c.path || "/",
+      expires: -1,
+      httpOnly: false,
+      secure: true,
+      sameSite: "Lax"
+    })),
+    origins: []
+  };
+  fs3.writeFileSync(storagePath, JSON.stringify(storageState, null, 2));
+  return { storageStatePath: storagePath };
+}
+// src/auth/strategies/bearer-token.ts
+init_esm_shims();
+init_fs();
+import fs4 from "fs";
+import path7 from "path";
+async function bearerToken(config, outputDir) {
+  const authDir = path7.join(outputDir, ".auth");
+  ensureDir(authDir);
+  const storagePath = path7.join(authDir, "storageState.json");
+  fs4.writeFileSync(
+    storagePath,
+    JSON.stringify({ cookies: [], origins: [] })
+  );
+  return {
+    storageStatePath: storagePath,
+    extraHeaders: { Authorization: `Bearer ${config.token}` }
+  };
+}
+// src/auth/index.ts
+init_logger();
+async function authenticate(authConfig, outputDir) {
+  if (authConfig.method === "none") {
+    return null;
+  }
+  log.info(`Authenticating via ${authConfig.method}...`);
+  let result;
+  switch (authConfig.method) {
+    case "api-login":
+      result = await apiLogin(authConfig, outputDir);
+      break;
+    case "form-login":
+      result = await formLogin(authConfig, outputDir);
+      break;
+    case "cookie":
+      result = await cookieInject(authConfig, outputDir);
+      break;
+    case "bearer-token":
+      result = await bearerToken(authConfig, outputDir);
+      break;
+  }
+  log.success("Authenticated successfully");
+  return result;
+}
+// src/audits/index.ts
+init_esm_shims();
+// src/audits/http-status.ts
+init_esm_shims();
+var HttpStatusAudit = {
+  name: "httpStatus",
+  description: "Verify the page returns the expected HTTP status code",
+  async run(ctx) {
+    const status = ctx.navigationResponse?.status() ?? 0;
+    const expected = ctx.pageEntry.expectedStatus ?? 200;
+    return {
+      audit: this.name,
+      page: ctx.pageEntry.name,
+      passed: status === expected,
+      severity: status === expected ? "pass" : "fail",
+      message: status === expected ? `HTTP ${status} OK` : `Expected HTTP ${expected}, got ${status}`,
+      details: { status, expected }
+    };
+  }
+};
+// src/audits/content-visibility.ts
+init_esm_shims();
+var ContentVisibilityAudit = {
+  name: "contentVisibility",
+  description: "Verify the page has visible rendered content",
+  async run(ctx) {
+    const { page } = ctx;
+    const bodyVisible = await page.locator("body").isVisible().catch(() => false);
+    if (!bodyVisible) {
+      return {
+        audit: this.name,
+        page: ctx.pageEntry.name,
+        passed: false,
+        severity: "fail",
+        message: "Page body is not visible",
+        details: { bodyVisible: false, textLength: 0, elementCount: 0 }
+      };
+    }
+    const bodyText = await page.locator("body").innerText().catch(() => "");
+    const textLength = bodyText.trim().length;
+    const elementCount = await page.locator(
+      "body h1, body h2, body p, body main, body div, body section, body nav, body header"
+    ).count();
+    const passed = textLength > 0 && elementCount > 0;
+    return {
+      audit: this.name,
+      page: ctx.pageEntry.name,
+      passed,
+      severity: passed ? "pass" : "fail",
+      message: passed ? `${elementCount} elements visible` : `Content check failed (text: ${textLength} chars, elements: ${elementCount})`,
+      details: { bodyVisible: true, textLength, elementCount }
+    };
+  }
+};
+// src/audits/accessibility.ts
+init_esm_shims();
+import AxeBuilder from "@axe-core/playwright";
+import path8 from "path";
+// src/utils/sanitize.ts
+init_esm_shims();
+function sanitize(name) {
+  return name.replace(/[^a-zA-Z0-9_-]/g, "_");
+}
+// src/audits/accessibility.ts
+init_fs();
+var AccessibilityAudit = {
+  name: "accessibility",
+  description: "WCAG accessibility audit via axe-core",
+  async run(ctx) {
+    const results = await new AxeBuilder({ page: ctx.page }).withTags(ctx.config.wcagTags).analyze();
+    const violations = results.violations;
+    if (violations.length > 0) {
+      const summary = violations.map((v) => ({
+        rule: v.id,
+        impact: v.impact,
+        description: v.description,
+        helpUrl: v.helpUrl,
+        elements: v.nodes.length
+      }));
+      const pageDir = path8.join(
+        ctx.runDir,
+        "screenshots",
+        sanitize(ctx.pageEntry.name)
+      );
+      writeJson(path8.join(pageDir, "a11y-violations.json"), summary);
+    }
+    return {
+      audit: this.name,
+      page: ctx.pageEntry.name,
+      passed: violations.length === 0,
+      severity: violations.length === 0 ? "pass" : "warning",
+      message: violations.length === 0 ? "0 violations" : `${violations.length} violation(s)`,
+      details: {
+        violationCount: violations.length,
+        violations: violations.map((v) => ({
+          rule: v.id,
+          impact: v.impact,
+          description: v.description,
+          elements: v.nodes.length
+        }))
+      }
+    };
+  }
+};
+// src/audits/lighthouse.ts
+init_esm_shims();
+import path9 from "path";
+init_fs();
+var LighthouseAudit = {
+  name: "lighthouse",
+  description: "Lighthouse performance, accessibility, best practices, and SEO audit",
+  async run(ctx) {
+    let lighthouse;
+    let chromeLauncher;
+    try {
+      lighthouse = await import("lighthouse");
+      chromeLauncher = await import("chrome-launcher");
+    } catch {
+      return {
+        audit: this.name,
+        page: ctx.pageEntry.name,
+        passed: false,
+        severity: "skip",
+        message: "Lighthouse not installed. Run: npm install lighthouse chrome-launcher"
+      };
+    }
+    const chrome = await chromeLauncher.launch({
+      chromeFlags: ["--headless", "--no-sandbox"]
+    });
+    const url = `${ctx.config.baseURL}${ctx.pageEntry.path}`;
+    const thresholds = ctx.config.lighthouseThresholds;
+    try {
+      const result = await lighthouse.default(url, {
+        port: chrome.port,
+        output: "json",
+        logLevel: "error",
+        onlyCategories: [
+          "performance",
+          "accessibility",
+          "best-practices",
+          "seo"
+        ]
+      });
+      await chrome.kill();
+      if (!result?.lhr) {
+        return {
+          audit: this.name,
+          page: ctx.pageEntry.name,
+          passed: false,
+          severity: "fail",
+          message: "Lighthouse failed to produce results"
+        };
+      }
+      const scores = {
+        performance: Math.round(
+          (result.lhr.categories.performance?.score ?? 0) * 100
+        ),
+        accessibility: Math.round(
+          (result.lhr.categories.accessibility?.score ?? 0) * 100
+        ),
+        bestPractices: Math.round(
+          (result.lhr.categories["best-practices"]?.score ?? 0) * 100
+        ),
+        seo: Math.round((result.lhr.categories.seo?.score ?? 0) * 100)
+      };
+      const failures = [];
+      if (thresholds.performance && scores.performance < thresholds.performance)
+        failures.push(
+          `Performance: ${scores.performance} < ${thresholds.performance}`
+        );
+      if (thresholds.accessibility && scores.accessibility < thresholds.accessibility)
+        failures.push(
+          `Accessibility: ${scores.accessibility} < ${thresholds.accessibility}`
+        );
+      if (thresholds.bestPractices && scores.bestPractices < thresholds.bestPractices)
+        failures.push(
+          `Best Practices: ${scores.bestPractices} < ${thresholds.bestPractices}`
+        );
+      if (thresholds.seo && scores.seo < thresholds.seo)
+        failures.push(`SEO: ${scores.seo} < ${thresholds.seo}`);
+      const pageDir = path9.join(
+        ctx.runDir,
+        "screenshots",
+        sanitize(ctx.pageEntry.name)
+      );
+      ensureDir(pageDir);
+      writeJson(path9.join(pageDir, "lighthouse-report.json"), result.lhr);
+      return {
+        audit: this.name,
+        page: ctx.pageEntry.name,
+        passed: failures.length === 0,
+        severity: failures.length > 0 ? "fail" : "pass",
+        message: failures.length > 0 ? `Failed: ${failures.join("; ")}` : `perf=${scores.performance} a11y=${scores.accessibility} bp=${scores.bestPractices} seo=${scores.seo}`,
+        details: { scores, thresholds, failures }
+      };
+    } catch (err) {
+      await chrome.kill().catch(() => {
+      });
+      return {
+        audit: this.name,
+        page: ctx.pageEntry.name,
+        passed: false,
+        severity: "fail",
+        message: `Lighthouse error: ${err.message}`
+      };
+    }
+  }
+};
+// src/audits/broken-links.ts
+init_esm_shims();
+var BrokenLinksAudit = {
+  name: "brokenLinks",
+  description: "Find broken links (4xx/5xx) on the page",
+  async run(ctx) {
+    const links = await ctx.page.$$eval(
+      "a[href]",
+      (anchors) => anchors.map((a) => a.getAttribute("href")).filter((href) => !!href)
+    );
+    const baseOrigin = new URL(ctx.config.baseURL).origin;
+    const uniqueLinks = [
+      ...new Set(
+        links.map((href) => {
+          try {
+            return new URL(href, ctx.config.baseURL).href;
+          } catch {
+            return null;
+          }
+        }).filter(
+          (url) => !!url && (url.startsWith("http://") || url.startsWith("https://"))
+        )
+      )
+    ];
+    const broken = [];
+    for (const url of uniqueLinks) {
+      try {
+        const response = await ctx.page.request.head(url, { timeout: 1e4 });
+        if (response.status() >= 400) {
+          broken.push({ url, status: response.status() });
+        }
+      } catch {
+        broken.push({ url, status: 0 });
+      }
+    }
+    return {
+      audit: this.name,
+      page: ctx.pageEntry.name,
+      passed: broken.length === 0,
+      severity: broken.length > 0 ? "warning" : "pass",
+      message: broken.length === 0 ? `All ${uniqueLinks.length} links valid` : `${broken.length} broken link(s) of ${uniqueLinks.length}`,
+      details: { totalLinks: uniqueLinks.length, broken }
+    };
+  }
+};
+// src/audits/console-errors.ts
+init_esm_shims();
+var ConsoleErrorsAudit = {
+  name: "consoleErrors",
+  description: "Capture browser console errors and warnings",
+  async run(ctx) {
+    const messages = ctx.consoleMessages;
+    const errors = messages.filter((m) => m.type === "error");
+    const warnings = messages.filter((m) => m.type === "warning");
+    return {
+      audit: this.name,
+      page: ctx.pageEntry.name,
+      passed: errors.length === 0,
+      severity: errors.length > 0 ? "fail" : warnings.length > 0 ? "warning" : "pass",
+      message: errors.length === 0 && warnings.length === 0 ? "0 errors" : `${errors.length} error(s), ${warnings.length} warning(s)`,
+      details: {
+        errors: errors.map((e) => e.text),
+        warnings: warnings.map((w) => w.text)
+      }
+    };
+  }
+};
+// src/audits/index.ts
+var BUILTIN_AUDITS = {
+  httpStatus: HttpStatusAudit,
+  contentVisibility: ContentVisibilityAudit,
+  accessibility: AccessibilityAudit,
+  lighthouse: LighthouseAudit,
+  brokenLinks: BrokenLinksAudit,
+  consoleErrors: ConsoleErrorsAudit
+};
+function getEnabledAudits(auditsConfig, pluginAudits = [], customAudits = []) {
+  const allAudits = { ...BUILTIN_AUDITS };
+  for (const audit of [...pluginAudits, ...customAudits]) {
+    allAudits[audit.name] = audit;
+  }
+  const enabled = [];
+  for (const [name, audit] of Object.entries(allAudits)) {
+    const isEnabled = auditsConfig[name] ?? true;
+    if (isEnabled) {
+      enabled.push(audit);
+    }
+  }
+  return enabled;
+}
+// src/runner/page-runner.ts
+init_esm_shims();
+import path10 from "path";
+// src/runner/retry.ts
+init_esm_shims();
+// src/utils/sleep.ts
+init_esm_shims();
+function sleep(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+// src/runner/retry.ts
+init_logger();
+async function navigateWithRetry(page, url, retry, waitUntil = "domcontentloaded") {
+  let lastError = null;
+  for (let attempt = 1; attempt <= retry.maxRetries; attempt++) {
+    try {
+      const response = await page.goto(url, {
+        waitUntil,
+        timeout: 3e4
+      });
+      if (response && response.ok()) {
+        return response;
+      }
+      if (attempt < retry.maxRetries) {
+        log.warn(
+          `Attempt ${attempt}/${retry.maxRetries} for ${url} returned ${response?.status()}. Retrying in ${retry.delayMs / 1e3}s...`
+        );
+        await sleep(retry.delayMs);
+      }
+      if (attempt === retry.maxRetries) return response;
+    } catch (error) {
+      lastError = error;
+      if (attempt < retry.maxRetries) {
+        log.warn(
+          `Attempt ${attempt}/${retry.maxRetries} for ${url} failed. Retrying in ${retry.delayMs / 1e3}s...`
+        );
+        await sleep(retry.delayMs);
+      }
+    }
+  }
+  throw lastError ?? new Error(`Failed to load ${url} after ${retry.maxRetries} attempts`);
+}
+// src/runner/page-runner.ts
+init_fs();
+init_logger();
+async function runPageAudits(pageEntry, config, browserContext, audits, runDir, registry) {
+  const start = Date.now();
+  const url = `${config.baseURL}${pageEntry.path}`;
+  const page = await browserContext.newPage();
+  if (registry) {
+    await registry.runHook("beforePage", { config, pageEntry, page });
+  }
+  const consoleMessages = [];
+  page.on("console", (msg) => {
+    consoleMessages.push({ type: msg.type(), text: msg.text() });
+  });
+  let navigationResponse = null;
+  try {
+    navigationResponse = await navigateWithRetry(
+      page,
+      url,
+      config.retry,
+      "domcontentloaded"
+    );
+  } catch (err) {
+    log.error(`Failed to navigate to ${url}: ${err.message}`);
+  }
+  const ctx = {
+    page,
+    browserContext,
+    pageEntry,
+    config,
+    runDir,
+    navigationResponse,
+    consoleMessages
+  };
+  const pageAudits = audits.filter(
+    (a) => !pageEntry.skipAudits?.includes(a.name)
+  );
+  const auditResults = [];
+  for (const audit of pageAudits) {
+    if (registry) {
+      await registry.runHook("beforeAudit", { audit, auditContext: ctx });
+    }
+    const auditStart = Date.now();
+    let result;
+    try {
+      result = await audit.run(ctx);
+      result.duration = Date.now() - auditStart;
+    } catch (err) {
+      result = {
+        audit: audit.name,
+        page: pageEntry.name,
+        passed: false,
+        severity: "fail",
+        message: `Audit error: ${err.message}`,
+        duration: Date.now() - auditStart
+      };
+    }
+    auditResults.push(result);
+    if (registry) {
+      await registry.runHook("afterAudit", { audit, result });
+    }
+  }
+  let screenshotPath;
+  if (config.output.screenshots) {
+    const anyFailed = auditResults.some((r) => !r.passed);
+    if (!config.output.screenshotOnFailOnly || anyFailed) {
+      try {
+        const pageDir = path10.join(runDir, "screenshots", sanitize(pageEntry.name));
+        ensureDir(pageDir);
+        const status = anyFailed ? "fail" : "pass";
+        screenshotPath = path10.join(pageDir, `page-${status}.png`);
+        await page.screenshot({ path: screenshotPath, fullPage: true });
+      } catch {
+      }
+    }
+  }
+  const pageResult = {
+    page: pageEntry.name,
+    path: pageEntry.path,
+    url,
+    audits: auditResults,
+    screenshotPath,
+    duration: Date.now() - start
+  };
+  if (registry) {
+    await registry.runHook("afterPage", { config, pageEntry, pageResult });
+  }
+  await page.close();
+  return pageResult;
+}
+// src/runner/parallel.ts
+init_esm_shims();
+init_logger();
+async function runPagesParallel(pages, config, browserContext, audits, runDir, registry, concurrency, failFast) {
+  const results = new Array(pages.length);
+  let currentIndex = 0;
+  let aborted = false;
+  async function worker() {
+    while (!aborted) {
+      const index = currentIndex++;
+      if (index >= pages.length) break;
+      const pageEntry = pages[index];
+      log.plain(`  [${index + 1}/${pages.length}] ${pageEntry.name} (${pageEntry.path})`);
+      const result = await runPageAudits(
+        pageEntry,
+        config,
+        browserContext,
+        audits,
+        runDir,
+        registry
+      );
+      results[index] = result;
+      for (const audit of result.audits) {
+        const icon = audit.passed ? "  \u2713" : audit.severity === "warning" ? "  \u26A0" : "  \u2717";
+        const duration = audit.duration ? `${audit.duration}ms` : "";
+        log.plain(
+          `${icon} ${audit.audit.padEnd(20)} ${audit.message.padEnd(30)} ${duration}`
+        );
+      }
+      log.plain("");
+      if (failFast && result.audits.some((a) => a.severity === "fail")) {
+        log.warn("Fail fast enabled \u2014 stopping after first failure");
+        aborted = true;
+      }
+    }
+  }
+  const workerCount = Math.min(concurrency, pages.length);
+  const workers = Array.from({ length: workerCount }, () => worker());
+  await Promise.all(workers);
+  return results.filter(Boolean);
+}
+// src/runner/setup.ts
+init_esm_shims();
+init_fs();
+import path11 from "path";
+function setupRunDirectory(outputBaseDir) {
+  const timestamp = (/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-");
+  const runDir = path11.join(outputBaseDir, `run-${timestamp}`);
+  const screenshotsDir = path11.join(runDir, "screenshots");
+  cleanDir(outputBaseDir);
+  ensureDir(screenshotsDir);
+  return { runDir, screenshotsDir };
+}
+// src/reporters/index.ts
+init_esm_shims();
+// src/reporters/json.ts
+init_esm_shims();
+init_fs();
+init_logger();
+import path12 from "path";
+function reportJson(result, runDir) {
+  const filePath = path12.join(runDir, "results.json");
+  writeJson(filePath, result);
+  log.dim(`  JSON report: ${filePath}`);
+}
+// src/reporters/terminal.ts
+init_esm_shims();
+import chalk2 from "chalk";
+function reportTerminal(result) {
+  const { summary } = result;
+  console.log("");
+  console.log(chalk2.bold("\u2500".repeat(60)));
+  console.log(chalk2.bold("  Summary"));
+  console.log(chalk2.bold("\u2500".repeat(60)));
+  console.log("");
+  console.log(`  Total audits:  ${summary.totalAudits}`);
+  console.log(
+    `  ${chalk2.green("\u2713 Passed:")}      ${summary.passed}`
+  );
+  if (summary.failed > 0) {
+    console.log(
+      `  ${chalk2.red("\u2717 Failed:")}      ${summary.failed}`
+    );
+  }
+  if (summary.warnings > 0) {
+    console.log(
+      `  ${chalk2.yellow("\u26A0 Warnings:")}    ${summary.warnings}`
+    );
+  }
+  if (summary.skipped > 0) {
+    console.log(
+      `  ${chalk2.dim("\u25CB Skipped:")}     ${summary.skipped}`
+    );
+  }
+  console.log(
+    `  Duration:      ${(summary.duration / 1e3).toFixed(1)}s`
+  );
+  console.log("");
+  const failedAudits = result.pages.flatMap(
+    (p) => p.audits.filter((a) => a.severity === "fail")
+  );
+  if (failedAudits.length > 0) {
+    console.log(chalk2.red.bold("  Failed Audits:"));
+    for (const audit of failedAudits) {
+      console.log(
+        chalk2.red(`    \u2717 ${audit.page} \u2192 ${audit.audit}: ${audit.message}`)
+      );
+    }
+    console.log("");
+  }
+  if (summary.failed > 0) {
+    console.log(
+      chalk2.red.bold(`  Result: FAIL (${summary.failed} failure(s))`)
+    );
+  } else if (summary.warnings > 0) {
+    console.log(
+      chalk2.yellow.bold(`  Result: PASS with ${summary.warnings} warning(s)`)
+    );
+  } else {
+    console.log(chalk2.green.bold("  Result: PASS"));
+  }
+  console.log("");
+}
+// src/reporters/index.ts
+init_html();
+// src/reporters/junit.ts
+init_esm_shims();
+init_fs();
+init_logger();
+import fs6 from "fs";
+import path14 from "path";
+function escapeXml(str) {
+  return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&apos;");
+}
+function buildTestCase(audit) {
+  const name = escapeXml(`${audit.page} - ${audit.audit}`);
+  const time = audit.duration ? (audit.duration / 1e3).toFixed(3) : "0.000";
+  if (audit.severity === "pass") {
+    return `    <testcase name="${name}" classname="${escapeXml(audit.page)}" time="${time}" />
+`;
+  }
+  if (audit.severity === "skip") {
+    return `    <testcase name="${name}" classname="${escapeXml(audit.page)}" time="${time}">
+      <skipped message="${escapeXml(audit.message)}" />
+    </testcase>
+`;
+  }
+  const tag = audit.severity === "fail" ? "failure" : "failure";
+  return `    <testcase name="${name}" classname="${escapeXml(audit.page)}" time="${time}">
+      <${tag} message="${escapeXml(audit.message)}" type="${escapeXml(audit.severity)}">${escapeXml(audit.message)}</${tag}>
+    </testcase>
+`;
+}
+function buildTestSuite(page, index) {
+  const tests = page.audits.length;
+  const failures = page.audits.filter((a) => a.severity === "fail").length;
+  const skipped = page.audits.filter((a) => a.severity === "skip").length;
+  const time = (page.duration / 1e3).toFixed(3);
+  let xml = `  <testsuite name="${escapeXml(page.page)}" tests="${tests}" failures="${failures}" skipped="${skipped}" time="${time}" id="${index}">
+`;
+  for (const audit of page.audits) {
+    xml += buildTestCase(audit);
+  }
+  xml += `  </testsuite>
+`;
+  return xml;
+}
+function reportJunit(result, runDir) {
+  const { summary } = result;
+  const time = (summary.duration / 1e3).toFixed(3);
+  let xml = `<?xml version="1.0" encoding="UTF-8"?>
+`;
+  xml += `<testsuites name="webguardx" tests="${summary.totalAudits}" failures="${summary.failed}" skipped="${summary.skipped}" time="${time}">
+`;
+  result.pages.forEach((page, i) => {
+    xml += buildTestSuite(page, i);
+  });
+  xml += `</testsuites>
+`;
+  const filePath = path14.join(runDir, "results.xml");
+  ensureDir(runDir);
+  fs6.writeFileSync(filePath, xml, "utf-8");
+  log.dim(`  JUnit report: ${filePath}`);
+}
+// src/reporters/screenshot.ts
+init_esm_shims();
+init_logger();
+function reportScreenshots(result) {
+  const captured = result.pages.filter((p) => p.screenshotPath);
+  if (captured.length > 0) {
+    log.dim(`  Screenshots:  ${captured.length} page(s) captured`);
+  }
+}
+// src/reporters/index.ts
+init_logger();
+async function runReporters(result, config, runDir, pluginReporters = []) {
+  const formats = config.output.formats;
+  if (formats.includes("terminal")) {
+    reportTerminal(result);
+  }
+  log.dim("  Output:");
+  if (formats.includes("json")) {
+    reportJson(result, runDir);
+  }
+  if (formats.includes("html")) {
+    reportHtml(result, runDir);
+  }
+  if (formats.includes("junit")) {
+    reportJunit(result, runDir);
+  }
+  if (config.output.screenshots) {
+    reportScreenshots(result);
+  }
+  for (const reporter of pluginReporters) {
+    try {
+      await reporter.run(result, runDir, config);
+      log.dim(`  ${reporter.name}: done`);
+    } catch (err) {
+      log.warn(`Reporter '${reporter.name}' failed: ${err.message}`);
+    }
+  }
+  log.plain("");
+}
+// src/plugins/index.ts
+init_esm_shims();
+// src/plugins/registry.ts
+init_esm_shims();
+init_logger();
+var PluginRegistry = class {
+  plugins = [];
+  register(plugin) {
+    this.plugins.push(plugin);
+  }
+  getPluginAudits() {
+    return this.plugins.flatMap((p) => p.audits ?? []);
+  }
+  getPluginReporters() {
+    return this.plugins.flatMap((p) => p.reporters ?? []);
+  }
+  async runHook(hookName, ctx) {
+    for (const plugin of this.plugins) {
+      const hook = plugin.hooks?.[hookName];
+      if (hook) {
+        try {
+          await hook(ctx);
+        } catch (err) {
+          log.warn(
+            `Plugin '${plugin.name}' hook '${hookName}' failed: ${err.message}`
+          );
+        }
+      }
+    }
+  }
+};
+// src/plugins/loader.ts
+init_esm_shims();
+init_logger();
+async function loadPlugins(pluginEntries) {
+  const plugins = [];
+  for (const entry of pluginEntries) {
+    if (typeof entry === "string") {
+      try {
+        const { createJiti } = await import("jiti");
+        const jiti = createJiti(import.meta.url);
+        const mod = await jiti.import(entry);
+        const plugin = mod.default ?? mod;
+        plugins.push(plugin);
+        log.dim(`  Loaded plugin: ${plugin.name ?? entry}`);
+      } catch (err) {
+        log.warn(`Failed to load plugin '${entry}': ${err.message}`);
+      }
+    } else {
+      plugins.push(entry);
+    }
+  }
+  return plugins;
+}
+// src/runner/index.ts
+init_logger();
+async function run(config, options = {}) {
+  const start = Date.now();
+  if (options.headed !== void 0) {
+    config.browser.headless = !options.headed;
+  }
+  const registry = new PluginRegistry();
+  if (config.plugins.length > 0) {
+    const plugins = await loadPlugins(config.plugins);
+    for (const plugin of plugins) {
+      registry.register(plugin);
+    }
+  }
+  const { runDir } = setupRunDirectory(config.output.dir);
+  const authResult = await authenticate(config.auth, runDir);
+  const browser = await chromium2.launch({
+    headless: config.browser.headless
+  });
+  const contextOptions = {
+    viewport: config.browser.viewport
+  };
+  if (authResult?.storageStatePath) {
+    contextOptions.storageState = authResult.storageStatePath;
+  }
+  if (authResult?.extraHeaders) {
+    contextOptions.extraHTTPHeaders = authResult.extraHeaders;
+  }
+  const browserContext = await browser.newContext(contextOptions);
+  await registry.runHook("beforeAll", { config, browserContext });
+  let audits = getEnabledAudits(
+    config.audits,
+    registry.getPluginAudits(),
+    config.customAudits
+  );
+  if (options.auditsFilter?.length) {
+    audits = audits.filter((a) => options.auditsFilter.includes(a.name));
+  }
+  const enabledAuditNames = audits.map((a) => a.name);
+  let pages = config.pages;
+  if (options.pagesFilter?.length) {
+    pages = pages.filter((p) => options.pagesFilter.includes(p.name));
+  }
+  log.plain("");
+  log.info(`Base URL: ${config.baseURL}`);
+  log.info(`Pages:    ${pages.length}`);
+  log.info(`Audits:   ${enabledAuditNames.join(", ")}`);
+  if (config.plugins.length > 0) {
+    log.info(`Plugins:  ${config.plugins.length}`);
+  }
+  if (config.runner.concurrency > 1) {
+    log.info(`Workers:  ${config.runner.concurrency}`);
+  }
+  log.plain("");
+  let pageResults;
+  if (config.runner.concurrency > 1) {
+    pageResults = await runPagesParallel(
+      pages,
+      config,
+      browserContext,
+      audits,
+      runDir,
+      registry,
+      config.runner.concurrency,
+      config.runner.failFast
+    );
+  } else {
+    pageResults = [];
+    for (let i = 0; i < pages.length; i++) {
+      const pageEntry = pages[i];
+      log.plain(`  [${i + 1}/${pages.length}] ${pageEntry.name} (${pageEntry.path})`);
+      const result = await runPageAudits(
+        pageEntry,
+        config,
+        browserContext,
+        audits,
+        runDir,
+        registry
+      );
+      pageResults.push(result);
+      for (const audit of result.audits) {
+        const icon = audit.passed ? "  \u2713" : audit.severity === "warning" ? "  \u26A0" : "  \u2717";
+        const duration = audit.duration ? `${audit.duration}ms` : "";
+        log.plain(`${icon} ${audit.audit.padEnd(20)} ${audit.message.padEnd(30)} ${duration}`);
+      }
+      log.plain("");
+      if (config.runner.failFast && result.audits.some((a) => a.severity === "fail")) {
+        log.warn("Fail fast enabled \u2014 stopping after first failure");
+        break;
+      }
+    }
+  }
+  await browserContext.close();
+  await browser.close();
+  const allAudits = pageResults.flatMap((p) => p.audits);
+  const runResult = {
+    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    config: {
+      baseURL: config.baseURL,
+      totalPages: pages.length,
+      auditsEnabled: enabledAuditNames
+    },
+    pages: pageResults,
+    summary: {
+      totalAudits: allAudits.length,
+      passed: allAudits.filter((a) => a.severity === "pass").length,
+      failed: allAudits.filter((a) => a.severity === "fail").length,
+      warnings: allAudits.filter((a) => a.severity === "warning").length,
+      skipped: allAudits.filter((a) => a.severity === "skip").length,
+      duration: Date.now() - start
+    }
+  };
+  await registry.runHook("afterAll", { config, result: runResult });
+  await runReporters(runResult, config, runDir, registry.getPluginReporters());
+  return runResult;
+}
+// src/baseline/index.ts
+init_esm_shims();
+// src/baseline/storage.ts
+init_esm_shims();
+init_logger();
+import path15 from "path";
+import fs7 from "fs";
+var BASELINE_FILENAME = "baseline.json";
+function saveBaseline(result, outputDir) {
+  const baselinePath = path15.join(outputDir, BASELINE_FILENAME);
+  fs7.writeFileSync(baselinePath, JSON.stringify(result, null, 2));
+  log.success(`Baseline saved: ${baselinePath}`);
+}
+function loadBaseline(outputDir) {
+  const baselinePath = path15.join(outputDir, BASELINE_FILENAME);
+  if (!fs7.existsSync(baselinePath)) return null;
+  try {
+    return JSON.parse(fs7.readFileSync(baselinePath, "utf-8"));
+  } catch {
+    log.warn("Failed to parse baseline file");
+    return null;
+  }
+}
+// src/baseline/diff.ts
+init_esm_shims();
+function compareRuns(baseline, current) {
+  const changes = [];
+  const baselineMap = /* @__PURE__ */ new Map();
+  for (const page of baseline.pages) {
+    for (const audit of page.audits) {
+      baselineMap.set(`${page.page}::${audit.audit}`, {
+        severity: audit.severity,
+        message: audit.message
+      });
+    }
+  }
+  const currentMap = /* @__PURE__ */ new Map();
+  for (const page of current.pages) {
+    for (const audit of page.audits) {
+      const key = `${page.page}::${audit.audit}`;
+      const entry = { severity: audit.severity, message: audit.message };
+      currentMap.set(key, entry);
+      const prev = baselineMap.get(key);
+      if (!prev) {
+        changes.push({
+          page: page.page,
+          audit: audit.audit,
+          type: "new",
+          current: entry
+        });
+      } else if (prev.severity !== audit.severity) {
+        const type = audit.severity === "pass" || audit.severity === "skip" ? "improvement" : "regression";
+        changes.push({
+          page: page.page,
+          audit: audit.audit,
+          type,
+          baseline: prev,
+          current: entry
+        });
+      } else {
+        changes.push({
+          page: page.page,
+          audit: audit.audit,
+          type: "unchanged",
+          baseline: prev,
+          current: entry
+        });
+      }
+    }
+  }
+  for (const [key, val] of baselineMap) {
+    if (!currentMap.has(key)) {
+      const [page, audit] = key.split("::");
+      changes.push({ page, audit, type: "removed", baseline: val });
+    }
+  }
+  return {
+    baselineTimestamp: baseline.timestamp,
+    currentTimestamp: current.timestamp,
+    changes,
+    summary: {
+      regressions: changes.filter((c) => c.type === "regression").length,
+      improvements: changes.filter((c) => c.type === "improvement").length,
+      unchanged: changes.filter((c) => c.type === "unchanged").length,
+      newAudits: changes.filter((c) => c.type === "new").length,
+      removedAudits: changes.filter((c) => c.type === "removed").length
+    }
+  };
+}
+// src/bin/cli.ts
+init_logger();
+var pkg = JSON.parse(
+  fs8.readFileSync(new URL("../../package.json", import.meta.url), "utf-8")
+);
+var program = new Command();
+program.name("webguardx").description("Full-page web audit framework").version(pkg.version);
+program.command("init").description("Scaffold a webguard config in the current directory").action(async () => {
+  const cwd = process.cwd();
+  const configPath = path16.join(cwd, "webguard.config.ts");
+  if (fs8.existsSync(configPath)) {
+    log.warn("webguard.config.ts already exists. Skipping.");
+    return;
+  }
+  const templatesDir = path16.resolve(
+    new URL("../../templates/init", import.meta.url).pathname
+  );
+  const templateConfig = path16.join(templatesDir, "webguard.config.ts");
+  if (fs8.existsSync(templateConfig)) {
+    fs8.copyFileSync(templateConfig, configPath);
+    log.success("Created webguard.config.ts");
+  } else {
+    fs8.writeFileSync(
+      configPath,
+      `import { defineConfig } from "webguardx";
+export default defineConfig({
+  baseURL: "https://example.com",
+  pages: [
+    { name: "Home", path: "/" },
+    { name: "About", path: "/about" },
+  ],
+  auth: {
+    method: "none",
+  },
+  audits: {
+    httpStatus: true,
+    contentVisibility: true,
+    accessibility: true,
+    lighthouse: false,
+    brokenLinks: false,
+    consoleErrors: true,
+  },
+  output: {
+    dir: "./webguard-results",
+    formats: ["terminal", "html", "json"],
+    screenshots: true,
+  },
+});
+`,
+      "utf-8"
+    );
+    log.success("Created webguard.config.ts");
+  }
+  const envExampleDest = path16.join(cwd, ".env.example");
+  if (!fs8.existsSync(envExampleDest)) {
+    const templateEnv = path16.join(templatesDir, ".env.example");
+    if (fs8.existsSync(templateEnv)) {
+      fs8.copyFileSync(templateEnv, envExampleDest);
+    } else {
+      fs8.writeFileSync(
+        envExampleDest,
+        `# Webguard environment variables
+# EMAIL=user@example.com
+# PASSWORD=your-password
+`,
+        "utf-8"
+      );
+    }
+    log.success("Created .env.example");
+  }
+  const gitignorePath = path16.join(cwd, ".gitignore");
+  const gitignoreEntries = ["webguard-results/", ".env"];
+  if (fs8.existsSync(gitignorePath)) {
+    const existing = fs8.readFileSync(gitignorePath, "utf-8");
+    const toAdd = gitignoreEntries.filter(
+      (e) => !existing.includes(e)
+    );
+    if (toAdd.length > 0) {
+      fs8.appendFileSync(
+        gitignorePath,
+        `
+# Webguard
+${toAdd.join("\n")}
+`
+      );
+      log.success("Updated .gitignore");
+    }
+  } else {
+    fs8.writeFileSync(
+      gitignorePath,
+      `node_modules/
+# Webguard
+${gitignoreEntries.join("\n")}
+`,
+      "utf-8"
+    );
+    log.success("Created .gitignore");
+  }
+  console.log("");
+  log.info("Next steps:");
+  log.plain("  1. Edit webguard.config.ts with your pages & auth");
+  log.plain("  2. Run: npx webguard run");
+  console.log("");
+});
+program.command("run").description("Run all audits").option("-c, --config <path>", "Path to config file").option("--headed", "Run browser in headed mode").option(
+  "--pages <names>",
+  "Comma-separated page names to audit",
+  (val) => val.split(",").map((s) => s.trim())
+).option(
+  "--audits <names>",
+  "Comma-separated audit names to run",
+  (val) => val.split(",").map((s) => s.trim())
+).option("--diff", "Compare results with saved baseline").action(async (opts) => {
+  try {
+    const dotenv = await import("dotenv");
+    dotenv.config();
+    console.log("");
+    console.log(
+      chalk3.bold(`  webguard ${chalk3.dim(`v${pkg.version}`)}`)
+    );
+    console.log("");
+    const config = await loadConfig(opts.config);
+    const result = await run(config, {
+      headed: opts.headed,
+      pagesFilter: opts.pages,
+      auditsFilter: opts.audits
+    });
+    if (opts.diff || config.baseline.enabled) {
+      const outputDir = path16.resolve(config.output.dir);
+      const baseline = loadBaseline(outputDir);
+      if (baseline) {
+        const comparison = compareRuns(baseline, result);
+        console.log(chalk3.bold("  Baseline Comparison:"));
+        if (comparison.summary.regressions > 0) {
+          console.log(chalk3.red(`    ${comparison.summary.regressions} regression(s)`));
+        }
+        if (comparison.summary.improvements > 0) {
+          console.log(chalk3.green(`    ${comparison.summary.improvements} improvement(s)`));
+        }
+        console.log(chalk3.dim(`    ${comparison.summary.unchanged} unchanged`));
+        if (comparison.summary.newAudits > 0) {
+          console.log(chalk3.blue(`    ${comparison.summary.newAudits} new audit(s)`));
+        }
+        console.log("");
+      } else {
+        log.dim("  No baseline found. Run 'webguard baseline save' to create one.");
+      }
+      if (config.baseline.updateOnPass && result.summary.failed === 0) {
+        saveBaseline(result, path16.resolve(config.output.dir));
+      }
+    }
+    if (result.summary.failed > 0) {
+      process.exit(1);
+    }
+  } catch (err) {
+    log.error(err.message);
+    process.exit(1);
+  }
+});
+program.command("report").description("Open or regenerate the HTML report from the last run").option("-c, --config <path>", "Path to config file").option("--open", "Open the report in default browser").action(async (opts) => {
+  try {
+    const config = await loadConfig(opts.config);
+    const outputDir = path16.resolve(config.output.dir);
+    if (!fs8.existsSync(outputDir)) {
+      log.error(`No output directory found at ${outputDir}`);
+      process.exit(1);
+    }
+    const runs = fs8.readdirSync(outputDir).filter((d) => d.startsWith("run-")).sort().reverse();
+    if (runs.length === 0) {
+      log.error("No runs found. Run 'webguard run' first.");
+      process.exit(1);
+    }
+    const latestRun = path16.join(outputDir, runs[0]);
+    const htmlReport = path16.join(latestRun, "report.html");
+    const jsonReport = path16.join(latestRun, "results.json");
+    if (!fs8.existsSync(htmlReport) && fs8.existsSync(jsonReport)) {
+      const { reportHtml: reportHtml2 } = await Promise.resolve().then(() => (init_html(), html_exports));
+      const result = JSON.parse(fs8.readFileSync(jsonReport, "utf-8"));
+      reportHtml2(result, latestRun);
+      log.success("Regenerated HTML report");
+    }
+    if (fs8.existsSync(htmlReport)) {
+      log.info(`Report: ${htmlReport}`);
+      if (opts.open) {
+        const { exec } = await import("child_process");
+        const openCmd = process.platform === "darwin" ? "open" : process.platform === "win32" ? "start" : "xdg-open";
+        exec(`${openCmd} "${htmlReport}"`);
+      }
+    } else {
+      log.error("No HTML report found. Run 'webguard run' first.");
+      process.exit(1);
+    }
+  } catch (err) {
+    log.error(err.message);
+    process.exit(1);
+  }
+});
+program.command("validate").description("Validate config file without running audits").option("-c, --config <path>", "Path to config file").action(async (opts) => {
+  try {
+    const config = await loadConfig(opts.config);
+    log.success("Config is valid");
+    log.info(`Base URL: ${config.baseURL}`);
+    log.info(`Pages:    ${config.pages.length}`);
+    log.info(`Audits:   ${Object.entries(config.audits).filter(([, v]) => v).map(([k]) => k).join(", ")}`);
+    if (config.plugins.length > 0) {
+      log.info(`Plugins:  ${config.plugins.length}`);
+    }
+  } catch (err) {
+    log.error(err.message);
+    process.exit(1);
+  }
+});
+var baselineCmd = program.command("baseline").description("Manage baseline for regression comparison");
+baselineCmd.command("save").description("Save the latest run as baseline").option("-c, --config <path>", "Path to config file").action(async (opts) => {
+  try {
+    const config = await loadConfig(opts.config);
+    const outputDir = path16.resolve(config.output.dir);
+    const runs = fs8.readdirSync(outputDir).filter((d) => d.startsWith("run-")).sort().reverse();
+    if (runs.length === 0) {
+      log.error("No runs found. Run 'webguard run' first.");
+      process.exit(1);
+    }
+    const latestRun = path16.join(outputDir, runs[0]);
+    const jsonReport = path16.join(latestRun, "results.json");
+    if (!fs8.existsSync(jsonReport)) {
+      log.error("No results.json found in latest run.");
+      process.exit(1);
+    }
+    const result = JSON.parse(fs8.readFileSync(jsonReport, "utf-8"));
+    saveBaseline(result, outputDir);
+  } catch (err) {
+    log.error(err.message);
+    process.exit(1);
+  }
+});
+baselineCmd.command("show").description("Show current baseline summary").option("-c, --config <path>", "Path to config file").action(async (opts) => {
+  try {
+    const config = await loadConfig(opts.config);
+    const outputDir = path16.resolve(config.output.dir);
+    const baseline = loadBaseline(outputDir);
+    if (!baseline) {
+      log.info("No baseline saved yet.");
+      return;
+    }
+    log.info(`Baseline from: ${baseline.timestamp}`);
+    log.info(`Pages: ${baseline.pages.length}`);
+    log.info(
+      `Results: ${baseline.summary.passed} passed, ${baseline.summary.failed} failed, ${baseline.summary.warnings} warnings`
+    );
+  } catch (err) {
+    log.error(err.message);
+    process.exit(1);
+  }
+});
+program.command("diff").description("Compare the latest run with the baseline").option("-c, --config <path>", "Path to config file").action(async (opts) => {
+  try {
+    const config = await loadConfig(opts.config);
+    const outputDir = path16.resolve(config.output.dir);
+    const baseline = loadBaseline(outputDir);
+    if (!baseline) {
+      log.error("No baseline found. Run 'webguard baseline save' first.");
+      process.exit(1);
+    }
+    const runs = fs8.readdirSync(outputDir).filter((d) => d.startsWith("run-")).sort().reverse();
+    if (runs.length === 0) {
+      log.error("No runs found. Run 'webguard run' first.");
+      process.exit(1);
+    }
+    const latestRun = path16.join(outputDir, runs[0]);
+    const jsonReport = path16.join(latestRun, "results.json");
+    if (!fs8.existsSync(jsonReport)) {
+      log.error("No results.json found in latest run.");
+      process.exit(1);
+    }
+    const current = JSON.parse(fs8.readFileSync(jsonReport, "utf-8"));
+    const comparison = compareRuns(baseline, current);
+    console.log("");
+    console.log(chalk3.bold("  Baseline Comparison"));
+    console.log(chalk3.dim(`  ${comparison.baselineTimestamp} \u2192 ${comparison.currentTimestamp}`));
+    console.log("");
+    if (comparison.summary.regressions > 0) {
+      console.log(chalk3.red.bold(`  Regressions: ${comparison.summary.regressions}`));
+      for (const c of comparison.changes.filter((x) => x.type === "regression")) {
+        console.log(chalk3.red(`    \u2717 ${c.page} \u2192 ${c.audit}: ${c.baseline?.severity} \u2192 ${c.current?.severity}`));
+      }
+      console.log("");
+    }
+    if (comparison.summary.improvements > 0) {
+      console.log(chalk3.green.bold(`  Improvements: ${comparison.summary.improvements}`));
+      for (const c of comparison.changes.filter((x) => x.type === "improvement")) {
+        console.log(chalk3.green(`    \u2713 ${c.page} \u2192 ${c.audit}: ${c.baseline?.severity} \u2192 ${c.current?.severity}`));
+      }
+      console.log("");
+    }
+    console.log(chalk3.dim(`  Unchanged: ${comparison.summary.unchanged}`));
+    if (comparison.summary.newAudits > 0) {
+      console.log(chalk3.blue(`  New audits: ${comparison.summary.newAudits}`));
+    }
+    if (comparison.summary.removedAudits > 0) {
+      console.log(chalk3.yellow(`  Removed audits: ${comparison.summary.removedAudits}`));
+    }
+    console.log("");
+  } catch (err) {
+    log.error(err.message);
+    process.exit(1);
+  }
+});
+program.parse();
+//# sourceMappingURL=cli.js.map