ai-testing-swarm 0.1.15__tar.gz → 0.1.16__tar.gz

{ai_testing_swarm-0.1.15/src/ai_testing_swarm.egg-info → ai_testing_swarm-0.1.16}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ai-testing-swarm
-Version: 0.1.15
+Version: 0.1.16
 Summary: AI-powered testing swarm
 Author-email: Arif Shah <ashah7775@gmail.com>
 License: MIT
@@ -10,6 +10,8 @@ Requires-Dist: requests>=2.28
 Requires-Dist: PyYAML>=6.0
 Provides-Extra: openapi
 Requires-Dist: jsonschema>=4.0; extra == "openapi"
+Provides-Extra: dev
+Requires-Dist: pytest>=8.0; extra == "dev"
 
 # AI Testing Swarm
 
@@ -70,7 +72,9 @@ A report is written under:
 - `./ai_swarm_reports/<METHOD>_<endpoint>/<METHOD>_<endpoint>_<timestamp>.<json|md|html>`
 
 Reports include:
-- per-test results
+- per-test results (including deterministic `risk_score` 0..100)
+- endpoint-level risk gate (`PASS`/`WARN`/`BLOCK`)
+- trend vs previous run for the same endpoint (risk delta + regressions)
 - summary counts by status code / failure type
 - optional AI summary (if enabled)
 
@@ -140,6 +144,28 @@ Then generates broad coverage across:
 
 ---
 
+## Auth matrix runner (multiple tokens/headers)
+
+To run the *same* request under multiple auth contexts (e.g., user/admin tokens), create `auth_matrix.yaml`:
+
+```yaml
+cases:
+  - name: user
+    headers:
+      Authorization: "Bearer USER_TOKEN"
+  - name: admin
+    headers:
+      Authorization: "Bearer ADMIN_TOKEN"
+```
+
+Run:
+
+```bash
+ai-test --input request.json --auth-matrix auth_matrix.yaml
+```
+
+Each auth case is written as a separate report using a `run_label` suffix (e.g. `__auth-user`).
+
 ## Safety mode (recommended for CI/demos)
 
 Mutation testing can be noisy and may accidentally stress a real environment.
@@ -191,6 +217,11 @@ Reports include:
 - `summary.counts_by_failure_type`
 - `summary.counts_by_status_code`
 - `summary.slow_tests` (based on SLA)
+- `meta.endpoint_risk_score` + `meta.gate_status`
+- `trend.*` (previous comparison if a prior report exists)
+
+A static dashboard index is generated at:
+- `./ai_swarm_reports/index.html` (latest JSON report per endpoint, sorted by regressions/risk)
 
 SLA threshold:
 - `AI_SWARM_SLA_MS` (default: `2000`)

ai_testing_swarm-0.1.15/PKG-INFO → ai_testing_swarm-0.1.16/README.md

@@ -1,16 +1,3 @@
-Metadata-Version: 2.4
-Name: ai-testing-swarm
-Version: 0.1.15
-Summary: AI-powered testing swarm
-Author-email: Arif Shah <ashah7775@gmail.com>
-License: MIT
-Requires-Python: >=3.9
-Description-Content-Type: text/markdown
-Requires-Dist: requests>=2.28
-Requires-Dist: PyYAML>=6.0
-Provides-Extra: openapi
-Requires-Dist: jsonschema>=4.0; extra == "openapi"
-
 # AI Testing Swarm
 
 AI Testing Swarm is a **super-advanced, mutation-driven API testing framework** (with optional OpenAPI + OpenAI augmentation) built on top of **pytest**.
@@ -70,7 +57,9 @@ A report is written under:
 - `./ai_swarm_reports/<METHOD>_<endpoint>/<METHOD>_<endpoint>_<timestamp>.<json|md|html>`
 
 Reports include:
-- per-test results
+- per-test results (including deterministic `risk_score` 0..100)
+- endpoint-level risk gate (`PASS`/`WARN`/`BLOCK`)
+- trend vs previous run for the same endpoint (risk delta + regressions)
 - summary counts by status code / failure type
 - optional AI summary (if enabled)
 
@@ -140,6 +129,28 @@ Then generates broad coverage across:
 
 ---
 
+## Auth matrix runner (multiple tokens/headers)
+
+To run the *same* request under multiple auth contexts (e.g., user/admin tokens), create `auth_matrix.yaml`:
+
+```yaml
+cases:
+  - name: user
+    headers:
+      Authorization: "Bearer USER_TOKEN"
+  - name: admin
+    headers:
+      Authorization: "Bearer ADMIN_TOKEN"
+```
+
+Run:
+
+```bash
+ai-test --input request.json --auth-matrix auth_matrix.yaml
+```
+
+Each auth case is written as a separate report using a `run_label` suffix (e.g. `__auth-user`).
+
 ## Safety mode (recommended for CI/demos)
 
 Mutation testing can be noisy and may accidentally stress a real environment.
@@ -191,6 +202,11 @@ Reports include:
 - `summary.counts_by_failure_type`
 - `summary.counts_by_status_code`
 - `summary.slow_tests` (based on SLA)
+- `meta.endpoint_risk_score` + `meta.gate_status`
+- `trend.*` (previous comparison if a prior report exists)
+
+A static dashboard index is generated at:
+- `./ai_swarm_reports/index.html` (latest JSON report per endpoint, sorted by regressions/risk)
 
 SLA threshold:
 - `AI_SWARM_SLA_MS` (default: `2000`)

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "ai-testing-swarm"
-version = "0.1.15"
+version = "0.1.16"
 description = "AI-powered testing swarm"
 readme = "README.md"
 requires-python = ">=3.9"
@@ -22,6 +22,9 @@ dependencies = [
 openapi = [
   "jsonschema>=4.0",
 ]
+dev = [
+  "pytest>=8.0",
+]
 
 [project.scripts]
 ai-test = "ai_testing_swarm.cli:main"

ai_testing_swarm-0.1.16/src/ai_testing_swarm/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.1.16"

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/src/ai_testing_swarm/cli.py

@@ -107,6 +107,15 @@ def main():
         help="Report format to write (default: json)",
     )
 
+    parser.add_argument(
+        "--auth-matrix",
+        default="",
+        help=(
+            "Optional path to auth_matrix.yaml/json to run the same endpoint under multiple auth headers. "
+            "Each case is reported separately via a run label suffix."
+        ),
+    )
+
     # Batch1: risk gate thresholds (backward compatible defaults)
     parser.add_argument(
         "--gate-warn",
@@ -141,29 +150,41 @@ def main():
         import os
         os.environ["AI_SWARM_PUBLIC_ONLY"] = "1"
 
-    decision, results = SwarmOrchestrator().run(
-        request,
-        report_format=args.report_format,
-        gate_warn=args.gate_warn,
-        gate_block=args.gate_block,
-    )
-
-    # ------------------------------------------------------------
-    # Console output
-    # ------------------------------------------------------------
-    print("\n=== RELEASE DECISION ===")
-    print(decision)
-
-    print("\n=== TEST RESULTS ===")
-    for r in results:
-        response = r.get("response", {})
-        status_code = response.get("status_code")
-
-        print(
-            f"{r.get('name'):25} "
-            f"{str(status_code):5} "
-            f"{r.get('reason')}"
+    orch = SwarmOrchestrator()
+
+    def _print_console(decision, results, *, label: str = ""):
+        if label:
+            print(f"\n=== AUTH CASE: {label} ===")
+        print("\n=== RELEASE DECISION ===")
+        print(decision)
+        print("\n=== TEST RESULTS ===")
+        for r in results:
+            response = r.get("response", {})
+            status_code = response.get("status_code")
+            print(f"{r.get('name'):25} {str(status_code):5} {r.get('reason')}")
+
+    if args.auth_matrix:
+        from ai_testing_swarm.core.auth_matrix import load_auth_matrix, merge_auth_headers
+
+        cases = load_auth_matrix(args.auth_matrix)
+        for c in cases:
+            req2 = merge_auth_headers(request, c)
+            decision, results = orch.run(
+                req2,
+                report_format=args.report_format,
+                gate_warn=args.gate_warn,
+                gate_block=args.gate_block,
+                run_label=f"auth-{c.name}",
+            )
+            _print_console(decision, results, label=c.name)
+    else:
+        decision, results = orch.run(
+            request,
+            report_format=args.report_format,
+            gate_warn=args.gate_warn,
+            gate_block=args.gate_block,
         )
+        _print_console(decision, results)
 
 
 if __name__ == "__main__":

ai_testing_swarm-0.1.16/src/ai_testing_swarm/core/auth_matrix.py

@@ -0,0 +1,93 @@
+from __future__ import annotations
+
+import json
+from dataclasses import dataclass
+from pathlib import Path
+
+import yaml
+
+
+@dataclass(frozen=True)
+class AuthCase:
+    name: str
+    headers: dict[str, str]
+
+
+def _sanitize_case_name(name: str) -> str:
+    name = str(name or "").strip()
+    if not name:
+        return "case"
+    # Keep it filesystem-friendly.
+    out = []
+    for ch in name:
+        if ch.isalnum() or ch in ("-", "_", "."):
+            out.append(ch)
+        else:
+            out.append("-")
+    return "".join(out).strip("-") or "case"
+
+
+def load_auth_matrix(path: str | Path) -> list[AuthCase]:
+    """Load an auth matrix config (yaml/json).
+
+    Schema:
+      {
+        "cases": [
+          {"name": "user", "headers": {"Authorization": "Bearer ..."}},
+          {"name": "admin", "headers": {"Authorization": "Bearer ..."}}
+        ]
+      }
+
+    Notes:
+      - This is intentionally minimal and explicit.
+      - Headers are merged into the base request headers (case wins).
+    """
+
+    p = Path(path)
+    raw = p.read_text(encoding="utf-8")
+    if p.suffix.lower() in {".yaml", ".yml"}:
+        data = yaml.safe_load(raw) or {}
+    else:
+        data = json.loads(raw)
+
+    cases = data.get("cases") if isinstance(data, dict) else None
+    if not isinstance(cases, list) or not cases:
+        raise ValueError("auth matrix must contain a non-empty 'cases' list")
+
+    out: list[AuthCase] = []
+    for i, c in enumerate(cases):
+        if not isinstance(c, dict):
+            raise ValueError(f"auth case #{i} must be an object")
+        name = _sanitize_case_name(c.get("name") or f"case{i+1}")
+        headers = c.get("headers") or {}
+        if not isinstance(headers, dict):
+            raise ValueError(f"auth case '{name}' headers must be an object")
+        # stringify values (avoid accidental ints)
+        headers2 = {str(k): str(v) for k, v in headers.items() if v is not None}
+        out.append(AuthCase(name=name, headers=headers2))
+
+    # Ensure unique names
+    seen: set[str] = set()
+    uniq: list[AuthCase] = []
+    for c in out:
+        nm = c.name
+        if nm not in seen:
+            uniq.append(c)
+            seen.add(nm)
+        else:
+            j = 2
+            while f"{nm}-{j}" in seen:
+                j += 1
+            new = f"{nm}-{j}"
+            uniq.append(AuthCase(name=new, headers=c.headers))
+            seen.add(new)
+
+    return uniq
+
+
+def merge_auth_headers(request: dict, auth_case: AuthCase) -> dict:
+    req = dict(request)
+    base_headers = dict(req.get("headers") or {})
+    base_headers.update(auth_case.headers or {})
+    req["headers"] = base_headers
+    return req

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/src/ai_testing_swarm/core/risk.py

@@ -67,15 +67,22 @@ def compute_test_risk_score(result: dict, *, sla_ms: int | None = None) -> int:
     Inputs expected (best-effort):
       - result['failure_type']
       - result['status']
+      - result['mutation']['strategy'] (optional)
       - result['response']['status_code']
       - result['response']['elapsed_ms']
       - result['response']['openapi_validation'] (list)
 
     Returns: int in range 0..100.
+
+    Batch2: strategy-aware weighting.
+    The same failure_type can be more/less severe depending on the test strategy.
     """
 
     ft = str(result.get("failure_type") or "unknown")
     status = str(result.get("status") or "")
+    mutation = result.get("mutation") or {}
+    strategy = str(mutation.get("strategy") or "").strip().lower()
+
     resp = result.get("response") or {}
     sc = resp.get("status_code")
 
@@ -90,6 +97,21 @@ def compute_test_risk_score(result: dict, *, sla_ms: int | None = None) -> int:
         # Unknown failure types are treated as high risk but not always a hard blocker.
         base = 60
 
+    # Strategy-aware overrides (only when the strategy is known).
+    # These are designed to stay deterministic and explainable.
+    if strategy == "security" and ft == "security_risk":
+        base = max(base, 100)
+    if strategy in {"missing_param", "null_param", "invalid_param"} and ft.endswith("_accepted"):
+        # Validation bypass signals.
+        base = max(base, 80)
+    if strategy == "headers" and ft == "headers_accepted":
+        base = max(base, 55)
+    if strategy == "method_misuse" and ft == "method_risk":
+        base = max(base, 85)
+    if strategy == "auth" and ft == "auth_issue":
+        # Often indicates environment/config drift rather than product risk.
+        base = min(base, 70)
+
     # Status-code adjustments (defense in depth)
     if isinstance(sc, int):
         if 500 <= sc:

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/src/ai_testing_swarm/orchestrator.py

@@ -53,6 +53,7 @@ class SwarmOrchestrator:
         report_format: str = "json",
         gate_warn: int = 30,
         gate_block: int = 80,
+        run_label: str | None = None,
     ):
         """Runs the full AI testing swarm and returns (decision, results).
 
@@ -145,6 +146,8 @@ class SwarmOrchestrator:
             "gate_thresholds": {"warn": thresholds.warn, "block": thresholds.block},
             "endpoint_risk_score": endpoint_risk_score,
         }
+        if run_label:
+            meta["run_label"] = str(run_label)
 
         # Optional AI summary for humans (best-effort)
         try:

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/src/ai_testing_swarm/reporting/dashboard.py

@@ -26,6 +26,8 @@ class EndpointRow:
     decision: str
     report_relpath: str
     top_risks: list[dict]
+    risk_delta: int | None = None
+    regression_count: int = 0
 
 
 def _latest_json_report(endpoint_dir: Path) -> Path | None:
@@ -65,6 +67,19 @@ def write_dashboard_index(reports_dir: Path) -> str:
         if endpoint_risk is None:
             endpoint_risk = summary.get("endpoint_risk_score", 0)
 
+        trend = rpt.get("trend") or {}
+        risk_delta = trend.get("endpoint_risk_delta") if isinstance(trend, dict) else None
+        try:
+            risk_delta = int(risk_delta) if risk_delta is not None else None
+        except Exception:
+            risk_delta = None
+
+        regression_count = 0
+        try:
+            regression_count = int(trend.get("regression_count") or 0) if isinstance(trend, dict) else 0
+        except Exception:
+            regression_count = 0
+
         row = EndpointRow(
             endpoint_dir=child.name,
             endpoint=str(rpt.get("endpoint") or child.name),
@@ -74,11 +89,13 @@ def write_dashboard_index(reports_dir: Path) -> str:
             decision=str(meta.get("decision") or ""),
             report_relpath=str(child.name + "/" + latest.name),
             top_risks=list(summary.get("top_risks") or []),
+            risk_delta=risk_delta,
+            regression_count=regression_count,
         )
         rows.append(row)
 
-    # Sort by risk (desc) then recent
-    rows.sort(key=lambda r: (r.endpoint_risk_score, r.run_time), reverse=True)
+    # Batch2: surface regressions first, then risk (desc), then recency.
+    rows.sort(key=lambda r: (int(r.regression_count or 0), r.endpoint_risk_score, r.run_time), reverse=True)
 
     # Global top risks across endpoints
     global_risks = []
@@ -102,16 +119,24 @@ def write_dashboard_index(reports_dir: Path) -> str:
         cls = {"PASS": "pass", "WARN": "warn", "BLOCK": "block"}.get(gate, "")
         return f"<span class='gate {cls}'>{_html_escape(gate)}</span>"
 
+    def _delta_badge(d: int | None) -> str:
+        if d is None:
+            return ""
+        cls = "pos" if d > 0 else "neg" if d < 0 else "zero"
+        sign = "+" if d > 0 else ""
+        return f"<span class='delta {cls}'>{sign}{_html_escape(d)}</span>"
+
     endpoint_rows_html = "".join(
         "<tr>"
         f"<td>{badge(r.gate_status)}</td>"
-        f"<td><code>{_html_escape(r.endpoint_risk_score)}</code></td>"
+        f"<td><code>{_html_escape(r.endpoint_risk_score)}</code> {_delta_badge(r.risk_delta)}</td>"
+        f"<td><code>{_html_escape(r.regression_count)}</code></td>"
         f"<td><a href='{_html_escape(r.report_relpath)}'>{_html_escape(r.endpoint)}</a></td>"
         f"<td><code>{_html_escape(r.run_time)}</code></td>"
         f"<td><code>{_html_escape(r.decision)}</code></td>"
         "</tr>"
         for r in rows
-    ) or "<tr><td colspan='5'>(no JSON reports found)</td></tr>"
+    ) or "<tr><td colspan='6'>(no JSON reports found)</td></tr>"
 
     top_risks_html = "".join(
         "<tr>"
@@ -135,6 +160,10 @@ def write_dashboard_index(reports_dir: Path) -> str:
     .gate.warn{background:#fff7e6; border-color:#ffab00;}
     .gate.block{background:#ffebe6; border-color:#ff5630;}
     .muted{color:#555}
+    .delta{display:inline-block; margin-left:6px; padding:1px 8px; border-radius:999px; font-size:12px; border:1px solid #bbb;}
+    .delta.pos{background:#ffebe6; border-color:#ff5630;}
+    .delta.neg{background:#e6ffed; border-color:#36b37e;}
+    .delta.zero{background:#f1f2f4; border-color:#bbb;}
     """
 
     html = f"""<!doctype html>
@@ -153,7 +182,8 @@ def write_dashboard_index(reports_dir: Path) -> str:
   <thead>
     <tr>
       <th>Gate</th>
-      <th>Risk</th>
+      <th>Risk (Δ)</th>
+      <th>Regressions</th>
       <th>Endpoint</th>
       <th>Run time</th>
       <th>Decision</th>

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/src/ai_testing_swarm/reporting/report_writer.py

@@ -113,6 +113,26 @@ def _render_markdown(report: dict) -> str:
 
     lines.append("")
 
+    # Batch2: trend
+    trend = report.get("trend") or {}
+    if trend.get("has_previous"):
+        lines.append("## Trend vs previous run")
+        lines.append("")
+        lines.append(f"- **Endpoint risk delta:** `{trend.get('endpoint_risk_delta')}` (prev={trend.get('endpoint_risk_prev')})")
+        lines.append(f"- **Regressions:** `{trend.get('regression_count')}`")
+        regs = trend.get("regressions") or []
+        if regs:
+            lines.append("")
+            lines.append("### Regressed tests")
+            for x in regs[:10]:
+                lines.append(
+                    "- "
+                    f"`{_markdown_escape(x.get('name'))}`: "
+                    f"{_markdown_escape(x.get('prev_status'))}→{_markdown_escape(x.get('curr_status'))} "
+                    f"(risk {x.get('prev_risk_score')}→{x.get('curr_risk_score')})"
+                )
+        lines.append("")
+
     summary = report.get("summary") or {}
     counts_ft = summary.get("counts_by_failure_type") or {}
     counts_sc = summary.get("counts_by_status_code") or {}
@@ -174,6 +194,28 @@ def _render_html(report: dict) -> str:
     failed = [r for r in results if str(r.get("status")) == "FAILED"]
     top_risky = (risky + failed)[:10]
 
+    trend = report.get("trend") or {}
+    trend_html = ""
+    if trend.get("has_previous"):
+        regs = trend.get("regressions") or []
+        items = "".join(
+            "<li><code>{}</code>: {}→{} (risk {}→{})</li>".format(
+                _html_escape(x.get("name")),
+                _html_escape(x.get("prev_status")),
+                _html_escape(x.get("curr_status")),
+                _html_escape(x.get("prev_risk_score")),
+                _html_escape(x.get("curr_risk_score")),
+            )
+            for x in regs[:10]
+        ) or "<li>(none)</li>"
+        trend_html = (
+            "<h2>Trend vs previous run</h2>"
+            f"<div class='meta'><div><b>Endpoint risk delta:</b> <code>{_html_escape(trend.get('endpoint_risk_delta'))}</code> "
+            f"(prev <code>{_html_escape(trend.get('endpoint_risk_prev'))}</code>)</div>"
+            f"<div><b>Regressions:</b> <code>{_html_escape(trend.get('regression_count'))}</code></div></div>"
+            f"<ul>{items}</ul>"
+        )
+
     def _kv_list(d: dict) -> str:
         items = sorted((d or {}).items(), key=lambda kv: (-kv[1], kv[0]))
         return "".join(f"<li><b>{_html_escape(k)}</b>: {v}</li>" for k, v in items) or "<li>(none)</li>"
@@ -251,6 +293,8 @@ def _render_html(report: dict) -> str:
   <div><b>Endpoint risk:</b> <code>{_html_escape(meta.get('endpoint_risk_score'))}</code></div>
 </div>
 
+{trend_html}
+
 <h2>Summary</h2>
 <div class='grid'>
   <div><h3>Counts by failure type</h3><ul>{_kv_list(summary.get('counts_by_failure_type') or {})}</ul></div>
@@ -287,6 +331,15 @@ def write_report(
     url = request.get("url", "")
 
     endpoint_name = extract_endpoint_name(method, url)
+
+    # Batch2: optional run label (auth-matrix case, environment label, etc.)
+    # This keeps reports for the same endpoint separated but still comparable.
+    run_label = str((meta or {}).get("run_label") or "").strip()
+    if run_label:
+        safe = re.sub(r"[^a-zA-Z0-9_.-]", "-", run_label).strip("-")
+        if safe:
+            endpoint_name = f"{endpoint_name}__{safe}"
+
     timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
 
     endpoint_dir = REPORTS_DIR / endpoint_name
@@ -294,6 +347,18 @@ def write_report(
 
     safe_results = _redact_results(results)
 
+    # Batch2: load the previous JSON report for trend comparison (best-effort)
+    previous_report = None
+    try:
+        from ai_testing_swarm.reporting.trend import compute_trend
+
+        json_candidates = sorted(endpoint_dir.glob("*.json"), key=lambda p: p.stat().st_mtime, reverse=True)
+        prev_path = json_candidates[0] if json_candidates else None
+        if prev_path and prev_path.exists():
+            previous_report = json.loads(prev_path.read_text(encoding="utf-8"))
+    except Exception:
+        previous_report = None
+
     summary = {
         "counts_by_failure_type": {},
         "counts_by_status_code": {},
@@ -346,6 +411,14 @@ def write_report(
         "results": safe_results,
     }
 
+    # Batch2: attach trend comparison (previous vs current)
+    try:
+        from ai_testing_swarm.reporting.trend import compute_trend
+
+        report["trend"] = compute_trend(report, previous_report)
+    except Exception:
+        report["trend"] = {"has_previous": False, "regressions": [], "regression_count": 0}
+
     report_format = (report_format or "json").lower().strip()
     if report_format not in {"json", "md", "html"}:
         report_format = "json"

ai_testing_swarm-0.1.16/src/ai_testing_swarm/reporting/trend.py

@@ -0,0 +1,110 @@
+from __future__ import annotations
+
+from dataclasses import dataclass
+
+
+@dataclass(frozen=True)
+class Regression:
+    name: str
+    prev_status: str
+    curr_status: str
+    prev_risk_score: int
+    curr_risk_score: int
+
+
+def _status_rank(s: str) -> int:
+    s = (s or "").upper()
+    return {"PASSED": 0, "RISK": 1, "FAILED": 2}.get(s, 1)
+
+
+def compute_trend(current_report: dict, previous_report: dict | None) -> dict:
+    """Compute a best-effort trend comparison.
+
+    Trend is designed to be resilient to older report shapes.
+
+    Returns a dict that can be embedded into report['trend'].
+    """
+
+    if not previous_report:
+        return {
+            "has_previous": False,
+            "regressions": [],
+            "regression_count": 0,
+            "endpoint_risk_prev": None,
+            "endpoint_risk_delta": None,
+        }
+
+    cur_meta = current_report.get("meta") or {}
+    prev_meta = previous_report.get("meta") or {}
+
+    cur_risk = cur_meta.get("endpoint_risk_score")
+    if cur_risk is None:
+        cur_risk = (current_report.get("summary") or {}).get("endpoint_risk_score")
+
+    prev_risk = prev_meta.get("endpoint_risk_score")
+    if prev_risk is None:
+        prev_risk = (previous_report.get("summary") or {}).get("endpoint_risk_score")
+
+    try:
+        cur_risk_i = int(cur_risk or 0)
+    except Exception:
+        cur_risk_i = 0
+    try:
+        prev_risk_i = int(prev_risk or 0)
+    except Exception:
+        prev_risk_i = 0
+
+    cur_results = current_report.get("results") or []
+    prev_results = previous_report.get("results") or []
+
+    prev_by_name = {str(r.get("name")): r for r in prev_results if r.get("name") is not None}
+
+    regressions: list[Regression] = []
+    for r in cur_results:
+        name = r.get("name")
+        if name is None:
+            continue
+        name = str(name)
+        prev = prev_by_name.get(name)
+        if not prev:
+            continue
+
+        prev_status = str(prev.get("status") or "")
+        cur_status = str(r.get("status") or "")
+        prev_score = prev.get("risk_score")
+        cur_score = r.get("risk_score")
+        prev_score_i = int(prev_score) if isinstance(prev_score, int) else 0
+        cur_score_i = int(cur_score) if isinstance(cur_score, int) else 0
+
+        worsened_status = _status_rank(cur_status) > _status_rank(prev_status)
+        worsened_score = cur_score_i > prev_score_i
+
+        if worsened_status or worsened_score:
+            regressions.append(
+                Regression(
+                    name=name,
+                    prev_status=prev_status,
+                    curr_status=cur_status,
+                    prev_risk_score=prev_score_i,
+                    curr_risk_score=cur_score_i,
+                )
+            )
+
+    regressions.sort(key=lambda x: (x.curr_risk_score - x.prev_risk_score, _status_rank(x.curr_status)), reverse=True)
+
+    return {
+        "has_previous": True,
+        "endpoint_risk_prev": prev_risk_i,
+        "endpoint_risk_delta": cur_risk_i - prev_risk_i,
+        "regression_count": len(regressions),
+        "regressions": [
+            {
+                "name": x.name,
+                "prev_status": x.prev_status,
+                "curr_status": x.curr_status,
+                "prev_risk_score": x.prev_risk_score,
+                "curr_risk_score": x.curr_risk_score,
+            }
+            for x in regressions[:50]
+        ],
+    }

ai_testing_swarm-0.1.15/README.md → ai_testing_swarm-0.1.16/src/ai_testing_swarm.egg-info/PKG-INFO

@@ -1,3 +1,18 @@
+Metadata-Version: 2.4
+Name: ai-testing-swarm
+Version: 0.1.16
+Summary: AI-powered testing swarm
+Author-email: Arif Shah <ashah7775@gmail.com>
+License: MIT
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+Requires-Dist: requests>=2.28
+Requires-Dist: PyYAML>=6.0
+Provides-Extra: openapi
+Requires-Dist: jsonschema>=4.0; extra == "openapi"
+Provides-Extra: dev
+Requires-Dist: pytest>=8.0; extra == "dev"
+
 # AI Testing Swarm
 
 AI Testing Swarm is a **super-advanced, mutation-driven API testing framework** (with optional OpenAPI + OpenAI augmentation) built on top of **pytest**.
@@ -57,7 +72,9 @@ A report is written under:
 - `./ai_swarm_reports/<METHOD>_<endpoint>/<METHOD>_<endpoint>_<timestamp>.<json|md|html>`
 
 Reports include:
-- per-test results
+- per-test results (including deterministic `risk_score` 0..100)
+- endpoint-level risk gate (`PASS`/`WARN`/`BLOCK`)
+- trend vs previous run for the same endpoint (risk delta + regressions)
 - summary counts by status code / failure type
 - optional AI summary (if enabled)
 
@@ -127,6 +144,28 @@ Then generates broad coverage across:
 
 ---
 
+## Auth matrix runner (multiple tokens/headers)
+
+To run the *same* request under multiple auth contexts (e.g., user/admin tokens), create `auth_matrix.yaml`:
+
+```yaml
+cases:
+  - name: user
+    headers:
+      Authorization: "Bearer USER_TOKEN"
+  - name: admin
+    headers:
+      Authorization: "Bearer ADMIN_TOKEN"
+```
+
+Run:
+
+```bash
+ai-test --input request.json --auth-matrix auth_matrix.yaml
+```
+
+Each auth case is written as a separate report using a `run_label` suffix (e.g. `__auth-user`).
+
 ## Safety mode (recommended for CI/demos)
 
 Mutation testing can be noisy and may accidentally stress a real environment.
@@ -178,6 +217,11 @@ Reports include:
 - `summary.counts_by_failure_type`
 - `summary.counts_by_status_code`
 - `summary.slow_tests` (based on SLA)
+- `meta.endpoint_risk_score` + `meta.gate_status`
+- `trend.*` (previous comparison if a prior report exists)
+
+A static dashboard index is generated at:
+- `./ai_swarm_reports/index.html` (latest JSON report per endpoint, sorted by regressions/risk)
 
 SLA threshold:
 - `AI_SWARM_SLA_MS` (default: `2000`)

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/src/ai_testing_swarm.egg-info/SOURCES.txt

@@ -19,6 +19,7 @@ src/ai_testing_swarm/agents/test_writer_agent.py
 src/ai_testing_swarm/agents/ui_agent.py
 src/ai_testing_swarm/core/__init__.py
 src/ai_testing_swarm/core/api_client.py
+src/ai_testing_swarm/core/auth_matrix.py
 src/ai_testing_swarm/core/config.py
 src/ai_testing_swarm/core/curl_parser.py
 src/ai_testing_swarm/core/openai_client.py
@@ -29,6 +30,8 @@ src/ai_testing_swarm/core/safety.py
 src/ai_testing_swarm/reporting/__init__.py
 src/ai_testing_swarm/reporting/dashboard.py
 src/ai_testing_swarm/reporting/report_writer.py
+src/ai_testing_swarm/reporting/trend.py
+tests/test_batch2_trend_and_auth.py
 tests/test_openapi_loader.py
 tests/test_openapi_validator.py
 tests/test_policy_expected_negatives.py

{ai_testing_swarm-0.1.15 → ai_testing_swarm-0.1.16}/src/ai_testing_swarm.egg-info/requires.txt

@@ -1,5 +1,8 @@
 requests>=2.28
 PyYAML>=6.0
 
+[dev]
+pytest>=8.0
+
 [openapi]
 jsonschema>=4.0

ai_testing_swarm-0.1.16/tests/test_batch2_trend_and_auth.py

@@ -0,0 +1,73 @@
+import json
+from pathlib import Path
+
+import pytest
+
+from ai_testing_swarm.core.auth_matrix import load_auth_matrix, merge_auth_headers, AuthCase
+from ai_testing_swarm.core.risk import compute_test_risk_score
+from ai_testing_swarm.reporting.trend import compute_trend
+
+
+def test_strategy_aware_risk_security_risk_is_100():
+    r = {
+        "failure_type": "security_risk",
+        "status": "FAILED",
+        "mutation": {"strategy": "security"},
+        "response": {"status_code": 200, "elapsed_ms": 10, "openapi_validation": []},
+    }
+    assert compute_test_risk_score(r) == 100
+
+
+def test_strategy_aware_risk_validation_bypass_is_high():
+    r = {
+        "failure_type": "missing_param_accepted",
+        "status": "RISK",
+        "mutation": {"strategy": "missing_param"},
+        "response": {"status_code": 200, "elapsed_ms": 10, "openapi_validation": []},
+    }
+    assert compute_test_risk_score(r) >= 80
+
+
+def test_compute_trend_regressions_detected():
+    prev = {
+        "meta": {"endpoint_risk_score": 10},
+        "results": [
+            {"name": "happy_path", "status": "PASSED", "risk_score": 0},
+            {"name": "sec_probe", "status": "RISK", "risk_score": 35},
+        ],
+    }
+    cur = {
+        "meta": {"endpoint_risk_score": 90},
+        "results": [
+            {"name": "happy_path", "status": "FAILED", "risk_score": 70},
+            {"name": "sec_probe", "status": "RISK", "risk_score": 60},
+        ],
+    }
+    t = compute_trend(cur, prev)
+    assert t["has_previous"] is True
+    assert t["endpoint_risk_prev"] == 10
+    assert t["endpoint_risk_delta"] == 80
+    assert t["regression_count"] == 2
+
+
+def test_auth_matrix_load_and_merge(tmp_path: Path):
+    p = tmp_path / "auth.json"
+    p.write_text(
+        json.dumps(
+            {
+                "cases": [
+                    {"name": "user", "headers": {"Authorization": "Bearer U"}},
+                    {"name": "admin", "headers": {"Authorization": "Bearer A"}},
+                ]
+            }
+        ),
+        encoding="utf-8",
+    )
+
+    cases = load_auth_matrix(p)
+    assert [c.name for c in cases] == ["user", "admin"]
+
+    req = {"method": "GET", "url": "https://example.com", "headers": {"X": "1"}}
+    req2 = merge_auth_headers(req, cases[0])
+    assert req2["headers"]["X"] == "1"
+    assert req2["headers"]["Authorization"] == "Bearer U"

ai_testing_swarm-0.1.15/src/ai_testing_swarm/__init__.py

@@ -1 +0,0 @@
-__version__ = "0.1.15"