scriptgini 1.5.1__tar.gz → 1.5.2__tar.gz

{scriptgini-1.5.1 → scriptgini-1.5.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scriptgini
-Version: 1.5.1
+Version: 1.5.2
 Summary: Agentic AI system that converts functional test cases into automation test scripts.
 Author: ScriptGini Team
 License: Proprietary
@@ -16,7 +16,7 @@ Description-Content-Type: text/markdown
 
 > **Enterprise-grade Agentic AI system that converts functional test cases into high-quality, review-ready automation test scripts.**
 
-Current release: v1.5.1 (Sprint 6 coverage-complete patch)
+Current release: v1.5.2 (Sprint 6 hardening + API key audit/revocation patch)
 
 ---
 
@@ -444,9 +444,9 @@ The project follows an **enterprise-grade development roadmap** with 6 sprints c
 | **Sprint 1** | IAM Core | 30-36pts | 🟡 Core delivered (auth hardening pending) |
 | **Sprint 2** | RBAC + Multi-Tenancy | 32-38pts | 🟡 Core delivered (RBAC hardening pending) |
 | **Sprint 3** | Durable Execution | 34-40pts | ✅ Completed (Redis + Celery queue foundation) |
-| **Sprint 4** | Security & Hardening | 30-36pts | 🟡 In progress (isolation boundary + breakout tests pending) |
+| **Sprint 4** | Security & Hardening | 30-36pts | ✅ Hardening increment completed (isolation + negative tests + audit controls) |
 | **Sprint 5** | Reporting & Analytics | 28-34pts | ✅ Completed (Reports APIs, trends/flakiness, retention cleanup) |
-| **Sprint 6** | Advanced Features | 24-30pts | 🔲 Pending (Webhooks, defect sync, versioning) |
+| **Sprint 6** | Coverage Analytics, Script Lifecycle, and DX | 24-30pts | ✅ Completed (coverage analytics, refactor/version history/diff/rollback, 100% quality gate) |
 
 ---
 

{scriptgini-1.5.1 → scriptgini-1.5.2}/README.md

@@ -2,7 +2,7 @@
 
 > **Enterprise-grade Agentic AI system that converts functional test cases into high-quality, review-ready automation test scripts.**
 
-Current release: v1.5.1 (Sprint 6 coverage-complete patch)
+Current release: v1.5.2 (Sprint 6 hardening + API key audit/revocation patch)
 
 ---
 
@@ -430,9 +430,9 @@ The project follows an **enterprise-grade development roadmap** with 6 sprints c
 | **Sprint 1** | IAM Core | 30-36pts | 🟡 Core delivered (auth hardening pending) |
 | **Sprint 2** | RBAC + Multi-Tenancy | 32-38pts | 🟡 Core delivered (RBAC hardening pending) |
 | **Sprint 3** | Durable Execution | 34-40pts | ✅ Completed (Redis + Celery queue foundation) |
-| **Sprint 4** | Security & Hardening | 30-36pts | 🟡 In progress (isolation boundary + breakout tests pending) |
+| **Sprint 4** | Security & Hardening | 30-36pts | ✅ Hardening increment completed (isolation + negative tests + audit controls) |
 | **Sprint 5** | Reporting & Analytics | 28-34pts | ✅ Completed (Reports APIs, trends/flakiness, retention cleanup) |
-| **Sprint 6** | Advanced Features | 24-30pts | 🔲 Pending (Webhooks, defect sync, versioning) |
+| **Sprint 6** | Coverage Analytics, Script Lifecycle, and DX | 24-30pts | ✅ Completed (coverage analytics, refactor/version history/diff/rollback, 100% quality gate) |
 
 ---
 

scriptgini-1.5.2/app/__init__.py

@@ -0,0 +1,3 @@
+__version__ = "1.5.2"
+__api_version__ = "v1.5.2"
+

{scriptgini-1.5.1 → scriptgini-1.5.2}/app/routers/api_key.py

@@ -1,6 +1,9 @@
+import logging
+
 from fastapi import APIRouter, Depends, HTTPException, status
 from sqlalchemy.orm import Session
 
+from app.config import settings
 from app.database import get_db
 from app.services import api_key as api_key_service
 from app.services.auth_dependencies import get_current_user
@@ -13,6 +16,26 @@ from app.schemas.api_key import (
 from app.models.api_key import APIKey
 
 router = APIRouter(prefix="/auth/api-keys", tags=["auth"])
+logger = logging.getLogger(__name__)
+
+
+def _audit_api_key_event(
+    event: str,
+    actor_user_id: int,
+    api_key_id: int | None,
+    api_key_prefix: str | None,
+    result: str,
+) -> None:
+    if not settings.SECURITY_AUDIT_LOG_ENABLED:
+        return
+    logger.info(
+        "security_audit event=%s actor_user_id=%s api_key_id=%s api_key_prefix=%s result=%s",
+        event,
+        actor_user_id,
+        api_key_id,
+        api_key_prefix,
+        result,
+    )
 
 
 @router.post("", response_model=APIKeyRevealResponse, status_code=status.HTTP_201_CREATED)
@@ -36,6 +59,7 @@ def create_api_key(
         request.scopes,
         request.expires_at,
     )
+    _audit_api_key_event("api_key_created", current_user.id, api_key.id, api_key.prefix, "success")
     
     return APIKeyRevealResponse(
         id=api_key.id,
@@ -89,6 +113,7 @@ def update_api_key(
     existing_key = api_key_service.get_api_key_by_id(db, key_id)
     
     if not existing_key:
+        _audit_api_key_event("api_key_revoked", current_user.id, key_id, None, "not_found")
         raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="API key not found")
     
     # Check that the key belongs to the current user
@@ -120,7 +145,9 @@ def delete_api_key(
     
     # Check that the key belongs to the current user
     if existing_key.user_id != current_user.id:
+        _audit_api_key_event("api_key_revoked", current_user.id, existing_key.id, existing_key.prefix, "forbidden")
         raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Not authorized to delete this API key")
     
-    api_key_service.delete_api_key(db, key_id)
+    api_key_service.revoke_api_key(db, key_id)
+    _audit_api_key_event("api_key_revoked", current_user.id, existing_key.id, existing_key.prefix, "success")
     return None

{scriptgini-1.5.1 → scriptgini-1.5.2}/app/routers/scripts.py

@@ -37,16 +37,58 @@ from app.tasks import process_script_generation_job
 
 logger = logging.getLogger(__name__)
 
-_BLOCKED_IMPORT_ROOTS = {
-    "subprocess",
-    "socket",
-    "shutil",
-    "requests",
-    "httpx",
-    "ftplib",
-    "paramiko",
+_ALLOWED_IMPORT_ROOTS = {
+    "collections",
+    "dataclasses",
+    "datetime",
+    "decimal",
+    "functools",
+    "itertools",
+    "json",
+    "math",
+    "pathlib",
+    "playwright",
+    "pytest",
+    "random",
+    "re",
+    "selenium",
+    "string",
+    "time",
+    "traceback",
+    "typing",
+    "urllib",
+    "uuid",
+}
+_BLOCKED_BUILTIN_CALLS = {"exec", "eval", "compile", "__import__", "open", "input"}
+_BLOCKED_ATTRIBUTE_CALLS = {
+    "__subclasses__",
+    "connect",
+    "execv",
+    "execve",
+    "kill",
+    "listen",
+    "popen",
+    "recv",
+    "send",
+    "spawnv",
+    "spawnve",
+    "startfile",
+    "system",
+}
+_BLOCKED_SYMBOL_NAMES = {
+    "__builtins__",
+    "__globals__",
+    "__loader__",
+    "__spec__",
+}
+_BLOCKED_STRING_TOKENS = {
+    "__builtins__",
+    "__globals__",
+    "__import__",
+    "__loader__",
+    "__spec__",
+    "__subclasses__",
 }
-_BLOCKED_BUILTIN_CALLS = {"exec", "eval", "compile", "__import__"}
 _MAX_OUTPUT_CHARS = 20_000
 
 
@@ -195,11 +237,21 @@ def _run_python_script(script_content: str) -> dict:
 
 def _build_script_command(script_path: Path, script_content: str) -> list[str]:
     if _uses_pytest_playwright(script_content):
-        command = [sys.executable, "-m", "pytest", script_path.name, "-s", "--browser", "chromium"]
+        command = [
+            sys.executable,
+            "-I",
+            "-B",
+            "-m",
+            "pytest",
+            script_path.name,
+            "-s",
+            "--browser",
+            "chromium",
+        ]
         if settings.PLAYWRIGHT_RUN_HEADED:
             command.append("--headed")
         return command
-    return [sys.executable, "-I", str(script_path)]
+    return [sys.executable, "-I", "-B", str(script_path)]
 
 
 def _uses_pytest_playwright(script_content: str) -> bool:
@@ -238,15 +290,23 @@ def _validate_script_safety(script_content: str) -> None:
         if isinstance(node, ast.Import):
             for alias in node.names:
                 root = alias.name.split(".")[0]
-                if root in _BLOCKED_IMPORT_ROOTS:
-                    raise ValueError(f"Unsafe import detected: {root}")
+                if root not in _ALLOWED_IMPORT_ROOTS:
+                    raise ValueError(f"Disallowed import detected: {root}")
         if isinstance(node, ast.ImportFrom):
             module_root = (node.module or "").split(".")[0]
-            if module_root in _BLOCKED_IMPORT_ROOTS:
-                raise ValueError(f"Unsafe import detected: {module_root}")
+            if module_root and module_root not in _ALLOWED_IMPORT_ROOTS:
+                raise ValueError(f"Disallowed import detected: {module_root}")
         if isinstance(node, ast.Call) and isinstance(node.func, ast.Name):
             if node.func.id in _BLOCKED_BUILTIN_CALLS:
                 raise ValueError(f"Unsafe builtin call detected: {node.func.id}")
+        if isinstance(node, ast.Call) and isinstance(node.func, ast.Attribute):
+            if node.func.attr in _BLOCKED_ATTRIBUTE_CALLS:
+                raise ValueError(f"Unsafe runtime call detected: {node.func.attr}")
+        if isinstance(node, ast.Name) and node.id in _BLOCKED_SYMBOL_NAMES:
+            raise ValueError(f"Unsafe symbol usage detected: {node.id}")
+        if isinstance(node, ast.Constant) and isinstance(node.value, str):
+            if node.value in _BLOCKED_STRING_TOKENS:
+                raise ValueError(f"Unsafe introspection token detected: {node.value}")
 
 
 def _create_script_run(db: Session, script: GeneratedScript, run_result: dict, status: ScriptRunStatus) -> ScriptRun:

{scriptgini-1.5.1 → scriptgini-1.5.2}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "scriptgini"
-version = "1.5.1"
+version = "1.5.2"
 description = "Agentic AI system that converts functional test cases into automation test scripts."
 readme = "README.md"
 requires-python = ">=3.11"

{scriptgini-1.5.1 → scriptgini-1.5.2}/scriptgini.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: scriptgini
-Version: 1.5.1
+Version: 1.5.2
 Summary: Agentic AI system that converts functional test cases into automation test scripts.
 Author: ScriptGini Team
 License: Proprietary
@@ -16,7 +16,7 @@ Description-Content-Type: text/markdown
 
 > **Enterprise-grade Agentic AI system that converts functional test cases into high-quality, review-ready automation test scripts.**
 
-Current release: v1.5.1 (Sprint 6 coverage-complete patch)
+Current release: v1.5.2 (Sprint 6 hardening + API key audit/revocation patch)
 
 ---
 
@@ -444,9 +444,9 @@ The project follows an **enterprise-grade development roadmap** with 6 sprints c
 | **Sprint 1** | IAM Core | 30-36pts | 🟡 Core delivered (auth hardening pending) |
 | **Sprint 2** | RBAC + Multi-Tenancy | 32-38pts | 🟡 Core delivered (RBAC hardening pending) |
 | **Sprint 3** | Durable Execution | 34-40pts | ✅ Completed (Redis + Celery queue foundation) |
-| **Sprint 4** | Security & Hardening | 30-36pts | 🟡 In progress (isolation boundary + breakout tests pending) |
+| **Sprint 4** | Security & Hardening | 30-36pts | ✅ Hardening increment completed (isolation + negative tests + audit controls) |
 | **Sprint 5** | Reporting & Analytics | 28-34pts | ✅ Completed (Reports APIs, trends/flakiness, retention cleanup) |
-| **Sprint 6** | Advanced Features | 24-30pts | 🔲 Pending (Webhooks, defect sync, versioning) |
+| **Sprint 6** | Coverage Analytics, Script Lifecycle, and DX | 24-30pts | ✅ Completed (coverage analytics, refactor/version history/diff/rollback, 100% quality gate) |
 
 ---
 

{scriptgini-1.5.1 → scriptgini-1.5.2}/tests/test_auth.py

@@ -240,6 +240,21 @@ class TestLogout:
 
 
 class TestAPIKeyManagement:
+    def test_api_key_audit_helper_disabled_branch(self, monkeypatch):
+        """Audit helper should not log when security audit logging is disabled."""
+        from app.routers import api_key as api_key_router
+
+        called = {"ok": False}
+        monkeypatch.setattr("app.routers.api_key.logger.info", lambda *a, **k: called.update(ok=True))
+
+        old_enabled = api_key_router.settings.SECURITY_AUDIT_LOG_ENABLED
+        api_key_router.settings.SECURITY_AUDIT_LOG_ENABLED = False
+        try:
+            api_key_router._audit_api_key_event("api_key_created", 1, 2, "sg_test", "success")
+            assert called["ok"] is False
+        finally:
+            api_key_router.settings.SECURITY_AUDIT_LOG_ENABLED = old_enabled
+
     def test_create_api_key(self, db_session, test_user, auth_headers):
         """Test creating an API key."""
         response = client.post(
@@ -325,6 +340,23 @@ class TestAPIKeyManagement:
         )
         assert response.status_code == 404
 
+    def test_update_api_key_not_found_emits_audit_log(self, auth_headers, monkeypatch):
+        """Missing API key updates should emit a structured audit event."""
+        captured: list[tuple] = []
+
+        def _capture_log(*args, **kwargs):
+            captured.append(args)
+
+        monkeypatch.setattr("app.routers.api_key.logger.info", _capture_log)
+
+        response = client.put(
+            "/api/v1/auth/api-keys/99999",
+            headers=auth_headers,
+            json={"name": "Updated Name", "scopes": ["read"]},
+        )
+        assert response.status_code == 404
+        assert any(len(entry) > 5 and entry[1] == "api_key_revoked" and entry[5] == "not_found" for entry in captured)
+
     def test_update_api_key_not_accessible_by_other_user(
         self, db_session, test_user, test_user_2, auth_headers
     ):
@@ -368,9 +400,49 @@ class TestAPIKeyManagement:
         response = client.delete(f"/api/v1/auth/api-keys/{key_id}", headers=auth_headers)
         assert response.status_code == 204
 
-        # Verify it's gone
+        # Verify it is revoked and retained for auditability
         response = client.get(f"/api/v1/auth/api-keys/{key_id}", headers=auth_headers)
-        assert response.status_code == 404
+        assert response.status_code == 200
+        assert response.json()["is_active"] is False
+
+    def test_delete_api_key_revokes_authentication(self, db_session, test_user, auth_headers):
+        """Revoked API key can no longer authenticate requests."""
+        create_response = client.post(
+            "/api/v1/auth/api-keys",
+            headers=auth_headers,
+            json={"name": "Key to Revoke", "scopes": ["read"]},
+        )
+        key_payload = create_response.json()
+
+        revoke_response = client.delete(f"/api/v1/auth/api-keys/{key_payload['id']}", headers=auth_headers)
+        assert revoke_response.status_code == 204
+
+        verified = verify_api_key(db_session, key_payload["prefix"], key_payload["secret_key"])
+        assert verified is None
+
+    def test_api_key_audit_logs_create_and_revoke(self, db_session, test_user, auth_headers, monkeypatch):
+        """API key lifecycle writes structured security audit logs."""
+        captured: list[tuple] = []
+
+        def _capture_log(*args, **kwargs):
+            captured.append(args)
+
+        monkeypatch.setattr("app.routers.api_key.logger.info", _capture_log)
+
+        create_response = client.post(
+            "/api/v1/auth/api-keys",
+            headers=auth_headers,
+            json={"name": "Audited Key", "scopes": ["read"]},
+        )
+        assert create_response.status_code == 201
+
+        key_id = create_response.json()["id"]
+        revoke_response = client.delete(f"/api/v1/auth/api-keys/{key_id}", headers=auth_headers)
+        assert revoke_response.status_code == 204
+
+        events = [entry[1] for entry in captured if len(entry) > 1]
+        assert "api_key_created" in events
+        assert "api_key_revoked" in events
 
     def test_delete_api_key_not_found(self, auth_headers):
         """Test deleting a missing API key returns 404."""

{scriptgini-1.5.1 → scriptgini-1.5.2}/tests/test_coverage.py

@@ -1606,15 +1606,30 @@ class TestBulkJobsRouter:
     def test_validate_script_safety_blocks_imports_and_builtin_calls(self):
         from app.routers.scripts import _validate_script_safety
 
-        with pytest.raises(ValueError, match="Unsafe import detected: subprocess"):
+        with pytest.raises(ValueError, match="Disallowed import detected: subprocess"):
             _validate_script_safety("import subprocess")
 
-        with pytest.raises(ValueError, match="Unsafe import detected: socket"):
+        with pytest.raises(ValueError, match="Disallowed import detected: socket"):
             _validate_script_safety("from socket import socket")
 
         with pytest.raises(ValueError, match="Unsafe builtin call detected: exec"):
             _validate_script_safety("exec('print(1)')")
 
+    def test_validate_script_safety_blocks_runtime_breakout_vectors(self):
+        from app.routers.scripts import _validate_script_safety
+
+        with pytest.raises(ValueError, match="Disallowed import detected: os"):
+            _validate_script_safety("import os\nos.system('whoami')")
+
+        with pytest.raises(ValueError, match="Unsafe symbol usage detected: __builtins__"):
+            _validate_script_safety("x = __builtins__")
+
+        with pytest.raises(ValueError, match="Unsafe introspection token detected: __subclasses__"):
+            _validate_script_safety("name = '__subclasses__'")
+
+        with pytest.raises(ValueError, match="Unsafe runtime call detected: system"):
+            _validate_script_safety("obj.system('echo hi')")
+
     def test_validate_script_safety_rejects_syntax_error(self):
         from app.routers.scripts import _validate_script_safety
 

scriptgini-1.5.1/app/__init__.py

@@ -1,3 +0,0 @@
-__version__ = "1.5.1"
-__api_version__ = "v1.5.1"
-