Skip to content

Add Trusted Server audit command#800

Open
ChristianPavilonis wants to merge 2 commits into
feature/ts-cli-basefrom
feature/ts-cli-audit
Open

Add Trusted Server audit command#800
ChristianPavilonis wants to merge 2 commits into
feature/ts-cli-basefrom
feature/ts-cli-audit

Conversation

@ChristianPavilonis

@ChristianPavilonis ChristianPavilonis commented Jun 22, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Adds ts audit as a Trusted Server-specific page audit command on top of the base CLI.
  • Collects rendered page/script evidence with Chrome/Chromium and writes draft audit/config artifacts.
  • Adds audit-specific docs, specs, tests, and host dependencies.

Changes

File Change
crates/trusted-server-cli/src/audit.rs Adds audit orchestration, output planning, artifact writing, and draft config generation.
crates/trusted-server-cli/src/audit/analyzer.rs Detects JS assets, first/third-party classification, redirects, titles, and known integrations.
crates/trusted-server-cli/src/audit/browser_collector.rs Adds headless Chrome/Chromium collection for DOM scripts and network requests.
crates/trusted-server-cli/src/audit/collector.rs Defines audit collection traits/data shapes for testability.
crates/trusted-server-cli/src/args.rs, src/run.rs, src/lib.rs Wires ts audit into CLI parsing and dispatch.
Cargo.toml, crates/trusted-server-cli/Cargo.toml, Cargo.lock Adds audit-only dependencies.
README.md, docs/guide/cli.md, docs/guide/getting-started.md Documents audit workflow and Chrome/Chromium prerequisite.
docs/superpowers/...audit... Adds audit design and implementation plan artifacts.

Closes

No issue provided; this PR is split out from the combined feature/ts-cli-next branch.

Test plan

  • cargo test --workspace
  • cargo clippy --workspace --all-targets --all-features -- -D warnings
  • cargo fmt --all -- --check
  • JS tests: cd crates/js/lib && npx vitest run
  • JS format: cd crates/js/lib && npm run format
  • Docs format: cd docs && npm run format
  • WASM build: cargo build --package trusted-server-adapter-fastly --release --target wasm32-wasip1
  • Manual testing via fastly compute serve
  • Other: cargo test --package trusted-server-cli --target aarch64-apple-darwin — 42 passed

Checklist

  • Changes follow CLAUDE.md conventions
  • No unwrap() in production code — use expect("should ...")
  • Uses tracing/log macros (not println!)
  • New code has tests
  • No secrets or credentials committed

@ChristianPavilonis ChristianPavilonis mentioned this pull request Jun 22, 2026
Closed
17 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aram356 aram356 Awaiting requested review from aram356

@prk-Jr prk-Jr Awaiting requested review from prk-Jr

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ChristianPavilonis