FRE-4471: Scaffold DarkWatch MVP — monorepo, schema, services, API routes, tests

- Turborepo monorepo structure (packages: api, db, types, jobs; services: darkwatch) - Prisma schema: User, WatchListItem, Exposure, Alert, ScanJob models - WatchListService: CRUD with normalization, dedup, tier-based limits - HIBPService: API integration with severity scoring - MatchingEngine: exact-match with content hash dedup - AlertPipeline: dedup window, email notifications - ScanService: orchestrates watch list -> HIBP -> match -> alert flow - BullMQ job workers for scan and alert processing - Fastify API routes: watchlist, exposures, alerts, scan - Docker Compose: PostgreSQL 16 + Redis 7 - 15 unit tests passing - Implementation plan document uploaded
2026-04-29 09:47:45 -04:00
parent f8f90502fa
commit 218de3b03b
40 changed files with 5225 additions and 0 deletions
--- a/services/darkwatch/test/hibp.test.ts
+++ b/services/darkwatch/test/hibp.test.ts
@@ -0,0 +1,62 @@
+import { describe, it, expect } from "vitest";
+import { HIBPService } from "../src/hibp/HIBPService";
+import { Severity } from "@shieldai/types";
+
+describe("HIBPService", () => {
+  const hibp = new HIBPService();
+
+  it("computes severity for critical data classes", () => {
+    const breach = {
+      name: "TestBreach",
+      title: "Test Breach",
+      domain: "test.com",
+      loginCount: 0,
+      passwordCount: 0,
+      date: new Date(),
+      breachDate: new Date(),
+      addedDate: new Date(),
+      pwnCount: 1000,
+      dataClasses: ["Password", "Email Address"],
+      logo: "",
+    };
+    expect(hibp.getSeverity(breach)).toBe(Severity.CRITICAL);
+  });
+
+  it("computes severity for warning data classes", () => {
+    const breach = {
+      name: "TestBreach",
+      title: "Test Breach",
+      domain: "test.com",
+      loginCount: 0,
+      passwordCount: 0,
+      date: new Date(),
+      breachDate: new Date(),
+      addedDate: new Date(),
+      pwnCount: 1000,
+      dataClasses: ["Phone Number"],
+      logo: "",
+    };
+    expect(hibp.getSeverity(breach)).toBe(Severity.WARNING);
+  });
+
+  it("computes INFO for old non-critical breaches", () => {
+    const breach = {
+      name: "OldBreach",
+      title: "Old Breach",
+      domain: "old.com",
+      loginCount: 0,
+      passwordCount: 0,
+      date: new Date(),
+      breachDate: new Date(Date.now() - 400 * 24 * 60 * 60 * 1000),
+      addedDate: new Date(),
+      pwnCount: 1000,
+      dataClasses: ["Name"],
+      logo: "",
+    };
+    expect(hibp.getSeverity(breach)).toBe(Severity.INFO);
+  });
+
+  it("maps to HIBP data source", () => {
+    expect(hibp.mapToDataSource()).toBe("HIBP");
+  });
+});