scriptgini 1.4.0__tar.gz → 1.5.2__tar.gz

{scriptgini-1.4.0 → scriptgini-1.5.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scriptgini
-Version: 1.4.0
+Version: 1.5.2
 Summary: Agentic AI system that converts functional test cases into automation test scripts.
 Author: ScriptGini Team
 License: Proprietary
@@ -16,7 +16,7 @@ Description-Content-Type: text/markdown
 
 > **Enterprise-grade Agentic AI system that converts functional test cases into high-quality, review-ready automation test scripts.**
 
-Current release: v1.3.1 (Sprint 4 hardening increment)
+Current release: v1.5.2 (Sprint 6 hardening + API key audit/revocation patch)
 
 ---
 
@@ -39,8 +39,10 @@ ScriptGini is an AI-powered test automation engine built for Quality Engineering
 - **Hardened execution sandbox** — Script runs use isolated Python mode, static safety validation, and restricted environment variables
 - **Bulk job orchestration** — Project-level bulk generate and bulk run with pollable job status
 - **Run analytics dashboard** — Project-level pass/fail/timeout metrics and recent failure feed
+- **Coverage analytics** — Module-level coverage and execution visibility for test cases
 - **Richer test case intake** — Import `.txt`, `.md`, `.json`, `.csv`, `.feature`, `.yml/.yaml`, and `.xlsx`
 - **Import preview mapping** — Preview parsed scenarios in the UI before creating a project workspace
+- **Script lifecycle tracking** — Refactor, version history, diff, and rollback support
 - **REST API** — FastAPI with auto-generated Swagger UI
 - **Alembic migrations** — Safe, versioned schema management over SQLite
 
@@ -442,9 +444,9 @@ The project follows an **enterprise-grade development roadmap** with 6 sprints c
 | **Sprint 1** | IAM Core | 30-36pts | 🟡 Core delivered (auth hardening pending) |
 | **Sprint 2** | RBAC + Multi-Tenancy | 32-38pts | 🟡 Core delivered (RBAC hardening pending) |
 | **Sprint 3** | Durable Execution | 34-40pts | ✅ Completed (Redis + Celery queue foundation) |
-| **Sprint 4** | Security & Hardening | 30-36pts | 🟡 In progress (isolation boundary + breakout tests pending) |
+| **Sprint 4** | Security & Hardening | 30-36pts | ✅ Hardening increment completed (isolation + negative tests + audit controls) |
 | **Sprint 5** | Reporting & Analytics | 28-34pts | ✅ Completed (Reports APIs, trends/flakiness, retention cleanup) |
-| **Sprint 6** | Advanced Features | 24-30pts | 🔲 Pending (Webhooks, defect sync, versioning) |
+| **Sprint 6** | Coverage Analytics, Script Lifecycle, and DX | 24-30pts | ✅ Completed (coverage analytics, refactor/version history/diff/rollback, 100% quality gate) |
 
 ---
 

{scriptgini-1.4.0 → scriptgini-1.5.2}/README.md

@@ -2,7 +2,7 @@
 
 > **Enterprise-grade Agentic AI system that converts functional test cases into high-quality, review-ready automation test scripts.**
 
-Current release: v1.3.1 (Sprint 4 hardening increment)
+Current release: v1.5.2 (Sprint 6 hardening + API key audit/revocation patch)
 
 ---
 
@@ -25,8 +25,10 @@ ScriptGini is an AI-powered test automation engine built for Quality Engineering
 - **Hardened execution sandbox** — Script runs use isolated Python mode, static safety validation, and restricted environment variables
 - **Bulk job orchestration** — Project-level bulk generate and bulk run with pollable job status
 - **Run analytics dashboard** — Project-level pass/fail/timeout metrics and recent failure feed
+- **Coverage analytics** — Module-level coverage and execution visibility for test cases
 - **Richer test case intake** — Import `.txt`, `.md`, `.json`, `.csv`, `.feature`, `.yml/.yaml`, and `.xlsx`
 - **Import preview mapping** — Preview parsed scenarios in the UI before creating a project workspace
+- **Script lifecycle tracking** — Refactor, version history, diff, and rollback support
 - **REST API** — FastAPI with auto-generated Swagger UI
 - **Alembic migrations** — Safe, versioned schema management over SQLite
 
@@ -428,9 +430,9 @@ The project follows an **enterprise-grade development roadmap** with 6 sprints c
 | **Sprint 1** | IAM Core | 30-36pts | 🟡 Core delivered (auth hardening pending) |
 | **Sprint 2** | RBAC + Multi-Tenancy | 32-38pts | 🟡 Core delivered (RBAC hardening pending) |
 | **Sprint 3** | Durable Execution | 34-40pts | ✅ Completed (Redis + Celery queue foundation) |
-| **Sprint 4** | Security & Hardening | 30-36pts | 🟡 In progress (isolation boundary + breakout tests pending) |
+| **Sprint 4** | Security & Hardening | 30-36pts | ✅ Hardening increment completed (isolation + negative tests + audit controls) |
 | **Sprint 5** | Reporting & Analytics | 28-34pts | ✅ Completed (Reports APIs, trends/flakiness, retention cleanup) |
-| **Sprint 6** | Advanced Features | 24-30pts | 🔲 Pending (Webhooks, defect sync, versioning) |
+| **Sprint 6** | Coverage Analytics, Script Lifecycle, and DX | 24-30pts | ✅ Completed (coverage analytics, refactor/version history/diff/rollback, 100% quality gate) |
 
 ---
 

scriptgini-1.5.2/app/__init__.py

@@ -0,0 +1,3 @@
+__version__ = "1.5.2"
+__api_version__ = "v1.5.2"
+

{scriptgini-1.4.0 → scriptgini-1.5.2}/app/main.py

@@ -10,6 +10,8 @@ from fastapi.responses import JSONResponse
 from fastapi.responses import FileResponse
 from fastapi.middleware.cors import CORSMiddleware
 from fastapi.staticfiles import StaticFiles
+from fastapi.exceptions import RequestValidationError
+from starlette.exceptions import HTTPException as StarletteHTTPException
 
 from app import __version__
 from app.config import settings
@@ -114,6 +116,50 @@ app.add_middleware(
 )
 
 
+def _error_envelope(request: Request, code: str, message: str, context: dict | None = None, status_code: int = 500) -> JSONResponse:
+    request_id = getattr(request.state, "request_id", None) or request.headers.get("X-Request-ID", "unknown")
+    return JSONResponse(
+        status_code=status_code,
+        content={
+            "error": {
+                "code": code,
+                "message": message,
+                "context": context or {},
+                "request_id": request_id,
+            }
+        },
+        headers={"X-Request-ID": request_id},
+    )
+
+
+@app.exception_handler(StarletteHTTPException)
+async def http_exception_handler(request: Request, exc: StarletteHTTPException) -> JSONResponse:
+    code = {
+        400: "bad_request",
+        401: "unauthorized",
+        403: "forbidden",
+        404: "not_found",
+        409: "conflict",
+        422: "unprocessable_entity",
+        429: "rate_limit_exceeded",
+        500: "internal_server_error",
+        503: "service_unavailable",
+        504: "gateway_timeout",
+    }.get(exc.status_code, f"http_{exc.status_code}")
+    return _error_envelope(request, code, str(exc.detail), status_code=exc.status_code)
+
+
+@app.exception_handler(RequestValidationError)
+async def validation_exception_handler(request: Request, exc: RequestValidationError) -> JSONResponse:
+    return _error_envelope(
+        request,
+        "validation_error",
+        "Request validation failed",
+        context={"errors": exc.errors()},
+        status_code=422,
+    )
+
+
 @app.middleware("http")
 async def apply_security_controls(request: Request, call_next):
     request_id = request.headers.get("X-Request-ID") or str(uuid4())

scriptgini-1.5.2/app/models/script_revision.py

@@ -0,0 +1,37 @@
+import enum
+from datetime import datetime, timezone
+
+from sqlalchemy import String, Text, DateTime, ForeignKey, Enum as SAEnum, Integer
+from sqlalchemy.orm import Mapped, mapped_column
+
+from app.database import Base
+
+
+class RevisionChangeType(str, enum.Enum):
+    generated = "generated"
+    refactored = "refactored"
+    rolled_back = "rolled_back"
+
+
+class ScriptRevision(Base):
+    __tablename__ = "script_revisions"
+
+    id: Mapped[int] = mapped_column(primary_key=True, index=True)
+    script_id: Mapped[int] = mapped_column(
+        ForeignKey("generated_scripts.id", ondelete="CASCADE"), nullable=False, index=True
+    )
+    project_id: Mapped[int] = mapped_column(
+        ForeignKey("projects.id", ondelete="CASCADE"), nullable=False, index=True
+    )
+    test_case_id: Mapped[int] = mapped_column(
+        ForeignKey("test_cases.id", ondelete="CASCADE"), nullable=False, index=True
+    )
+    revision_number: Mapped[int] = mapped_column(Integer, nullable=False, default=1)
+    script_content: Mapped[str] = mapped_column(Text, nullable=False)
+    change_type: Mapped[RevisionChangeType] = mapped_column(
+        SAEnum(RevisionChangeType), default=RevisionChangeType.generated, nullable=False
+    )
+    change_summary: Mapped[str | None] = mapped_column(String(1024), nullable=True)
+    created_at: Mapped[datetime] = mapped_column(
+        DateTime(timezone=True), default=lambda: datetime.now(timezone.utc)
+    )

{scriptgini-1.4.0 → scriptgini-1.5.2}/app/routers/analytics.py

@@ -8,7 +8,11 @@ from app.database import get_db
 from app.models.project import Project
 from app.models.script_run import ScriptRun, ScriptRunStatus
 from app.models.test_case import TestCase
+from app.models.generated_script import GeneratedScript
 from app.schemas.analytics import (
+    CoverageModuleItem,
+    CoverageResponse,
+    CoverageTestCaseItem,
     FlakinessItemResponse,
     FlakinessResponse,
     RecentFailureResponse,
@@ -196,3 +200,95 @@ def get_flakiness(
         min_runs=min_runs,
         items=items,
     )
+
+
+@insights_router.get("/coverage", response_model=CoverageResponse)
+def get_coverage(
+    project_id: int | None = None,
+    db: Session = Depends(get_db),
+):
+    """Map test cases to scripted/executed/passed state, grouped by project module (derived from test case title prefix)."""
+    if project_id is not None:
+        project = db.query(Project).filter(Project.id == project_id).first()
+        if not project:
+            raise HTTPException(status_code=404, detail="Project not found")
+
+    tc_query = db.query(TestCase)
+    if project_id is not None:
+        tc_query = tc_query.filter(TestCase.project_id == project_id)
+    test_cases = tc_query.all()
+
+    # Collect latest script per test_case_id
+    script_query = db.query(GeneratedScript).order_by(GeneratedScript.test_case_id, GeneratedScript.id.desc())
+    if project_id is not None:
+        script_query = script_query.filter(GeneratedScript.project_id == project_id)
+    scripted_by_tc: dict[int, GeneratedScript] = {}
+    for gs in script_query.all():
+        if gs.test_case_id not in scripted_by_tc:
+            scripted_by_tc[gs.test_case_id] = gs
+
+    # Collect latest run per test_case_id
+    run_query = db.query(ScriptRun).order_by(ScriptRun.test_case_id, ScriptRun.id.desc())
+    if project_id is not None:
+        run_query = run_query.filter(ScriptRun.project_id == project_id)
+    run_by_tc: dict[int, ScriptRun] = {}
+    for sr in run_query.all():
+        if sr.test_case_id not in run_by_tc:
+            run_by_tc[sr.test_case_id] = sr
+
+    # Group by module (first word of title or "General")
+    modules_map: dict[str, list[CoverageTestCaseItem]] = {}
+    for tc in test_cases:
+        parts = tc.title.split()
+        module = parts[0] if parts else "General"
+
+        has_script = tc.id in scripted_by_tc
+        has_run = tc.id in run_by_tc
+        last_run_success: bool | None = None
+        if has_run:
+            last_run_success = run_by_tc[tc.id].success
+
+        item = CoverageTestCaseItem(
+            test_case_id=tc.id,
+            title=tc.title,
+            format=tc.format.value,
+            has_script=has_script,
+            has_run=has_run,
+            last_run_success=last_run_success,
+        )
+        modules_map.setdefault(module, []).append(item)
+
+    module_items: list[CoverageModuleItem] = []
+    for module_name, cases in sorted(modules_map.items()):
+        total = len(cases)
+        scripted = sum(1 for c in cases if c.has_script)
+        executed = sum(1 for c in cases if c.has_run)
+        passed = sum(1 for c in cases if c.last_run_success is True)
+        module_items.append(
+            CoverageModuleItem(
+                module=module_name,
+                total_cases=total,
+                scripted_cases=scripted,
+                executed_cases=executed,
+                passed_cases=passed,
+                coverage_rate=round(scripted / total * 100, 2) if total else 0.0,
+                execution_rate=round(executed / total * 100, 2) if total else 0.0,
+                test_cases=cases,
+            )
+        )
+
+    total_cases = len(test_cases)
+    scripted_cases = sum(1 for tc in test_cases if tc.id in scripted_by_tc)
+    executed_cases = sum(1 for tc in test_cases if tc.id in run_by_tc)
+    passed_cases = sum(1 for tc in test_cases if run_by_tc.get(tc.id) and run_by_tc[tc.id].success)
+
+    return CoverageResponse(
+        project_id=project_id,
+        total_cases=total_cases,
+        scripted_cases=scripted_cases,
+        executed_cases=executed_cases,
+        passed_cases=passed_cases,
+        overall_coverage_rate=round(scripted_cases / total_cases * 100, 2) if total_cases else 0.0,
+        overall_execution_rate=round(executed_cases / total_cases * 100, 2) if total_cases else 0.0,
+        modules=module_items,
+    )

{scriptgini-1.4.0 → scriptgini-1.5.2}/app/routers/api_key.py

@@ -1,6 +1,9 @@
+import logging
+
 from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
 
+from app.config import settings
 from app.database import get_db
 from app.services import api_key as api_key_service
 from app.services.auth_dependencies import get_current_user
@@ -13,6 +16,26 @@ from app.schemas.api_key import (
 from app.models.api_key import APIKey
 
 router = APIRouter(prefix="/auth/api-keys", tags=["auth"])
+logger = logging.getLogger(__name__)
+
+
+def _audit_api_key_event(
+    event: str,
+    actor_user_id: int,
+    api_key_id: int | None,
+    api_key_prefix: str | None,
+    result: str,
+) -> None:
+    if not settings.SECURITY_AUDIT_LOG_ENABLED:
+        return
+    logger.info(
+        "security_audit event=%s actor_user_id=%s api_key_id=%s api_key_prefix=%s result=%s",
+        event,
+        actor_user_id,
+        api_key_id,
+        api_key_prefix,
+        result,
+    )
 
 
 @router.post("", response_model=APIKeyRevealResponse, status_code=status.HTTP_201_CREATED)
@@ -36,6 +59,7 @@ def create_api_key(
         request.scopes,
         request.expires_at,
     )
+    _audit_api_key_event("api_key_created", current_user.id, api_key.id, api_key.prefix, "success")
     
     return APIKeyRevealResponse(
         id=api_key.id,
@@ -89,6 +113,7 @@ def update_api_key(
     existing_key = api_key_service.get_api_key_by_id(db, key_id)
     
     if not existing_key:
+        _audit_api_key_event("api_key_revoked", current_user.id, key_id, None, "not_found")
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="API key not found")
     
     # Check that the key belongs to the current user
@@ -120,7 +145,9 @@ def delete_api_key(
     
     # Check that the key belongs to the current user
     if existing_key.user_id != current_user.id:
+        _audit_api_key_event("api_key_revoked", current_user.id, existing_key.id, existing_key.prefix, "forbidden")
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Not authorized to delete this API key")
     
-    api_key_service.delete_api_key(db, key_id)
+    api_key_service.revoke_api_key(db, key_id)
+    _audit_api_key_event("api_key_revoked", current_user.id, existing_key.id, existing_key.prefix, "success")
     return None