feat: pentest onboarding — streaming, browser automation, reports, user cleanup (#16)

Complete pentest feature overhaul: SSE streaming, session-persistent browser tool (CDP), AES-256 credential encryption, auto-screenshots in reports, code-level remediation correlation, SAST triage chunking, context window optimization, test user cleanup (Keycloak/Auth0/Okta), wizard dropdowns, attack chain improvements, architecture docs with Mermaid diagrams. Co-authored-by: Sharang Parnerkar <parnerkarsharang@gmail.com> Reviewed-on: #16
2026-03-17 20:32:20 +00:00
parent 11e1c5f438
commit c461faa2fb
57 changed files with 8844 additions and 2423 deletions
--- a/compliance-core/src/models/mod.rs
+++ b/compliance-core/src/models/mod.rs
@@ -28,8 +28,9 @@ pub use graph::{
 pub use issue::{IssueStatus, TrackerIssue, TrackerType};
 pub use mcp::{McpServerConfig, McpServerStatus, McpTransport};
 pub use pentest::{
-    AttackChainNode, AttackNodeStatus, CodeContextHint, PentestEvent, PentestMessage,
-    PentestSession, PentestStats, PentestStatus, PentestStrategy, SeverityDistribution,
+    AttackChainNode, AttackNodeStatus, AuthMode, CodeContextHint, Environment, IdentityProvider,
+    PentestAuthConfig, PentestConfig, PentestEvent, PentestMessage, PentestSession, PentestStats,
+    PentestStatus, PentestStrategy, SeverityDistribution, TestUserRecord, TesterInfo,
    ToolCallRecord,
 };
 pub use repository::{ScanTrigger, TrackedRepository};