@adcp/sdk 8.1.0-beta.6 → 8.1.0-beta.8

package/dist/lib/types/get-plan-audit-logs.d.ts

@@ -0,0 +1,455 @@
+// AUTO-GENERATED — DO NOT EDIT.
+// Per-tool .d.ts slice for `get_plan_audit_logs`. Built from the published
+// `tools.generated.d.ts` + `core.generated.d.ts` + `enums.generated.d.ts`
+// by `scripts/generate-per-tool-types.ts`.
+//
+// Self-contained: imports nothing from the broader SDK. Adopters who
+// import only this slice pay a fraction of the tsc cost of pulling in
+// `@adcp/sdk` root — useful when strict + skipLibCheck:false adopters
+// hit memory pressure on the full surface.
+
+/**
+ * Retrieve governance state and audit trail for one or more plans.
+ */
+export type GetPlanAuditLogsRequest = {
+    [k: string]: unknown | undefined;
+} & {
+    /**
+     * Release-precision AdCP version (VERSION.RELEASE, e.g. "3.0", "3.1", "3.1-beta"). On a request: the buyer's release pin — the seller validates against its supported_versions and returns VERSION_UNSUPPORTED on cross-major mismatch, or downshifts to the highest supported release within the same major. On a response: the release the seller actually served — clients SHOULD validate the response against that release's schema, not against their pin. Patches are not negotiated; surface them as build_version on capabilities for operational visibility. When omitted, falls back to adcp_major_version (deprecated) or server default. Buyers SHOULD emit both adcp_version and adcp_major_version through 3.x to remain compatible with sellers that only read the legacy field. NORMALIZATION: SDKs that read full-semver values from bundle metadata (e.g. ComplianceIndex.published_version = "3.1.0-beta.1") MUST normalize to release-precision ("3.1-beta.1") before emitting on the wire — meta-field values are NOT valid wire values.
+     */
+    adcp_version?: string;
+    /**
+     * DEPRECATED in favor of adcp_version (release-precision string). Servers MUST continue to honor this field through 3.x. Removed in 4.0. Original semantics: the AdCP major version the buyer's payloads conform to. Sellers validate against their supported major_versions and return VERSION_UNSUPPORTED if unsupported. When omitted, the seller assumes its highest supported version.
+     */
+    adcp_major_version?: number;
+    /**
+     * Plan IDs to retrieve. For a single plan, pass a one-element array. Plans uniquely scope account and operator; do not include a separate `account` field — the governance agent resolves account from each plan. Including `account` is rejected by `additionalProperties: false`.
+     */
+    plan_ids?: string[];
+    /**
+     * Portfolio plan IDs. The governance agent expands each to its member_plan_ids and returns combined audit data.
+     */
+    portfolio_plan_ids?: string[];
+    /**
+     * Filter audit entries by governance context. Returns only checks and outcomes that share these governance contexts, enabling lifecycle tracing across purchase types.
+     */
+    governance_contexts?: string[];
+    /**
+     * Filter audit entries by purchase type. Returns only checks and outcomes matching these purchase types (e.g., ['rights_license'] to see all rights activity).
+     */
+    purchase_types?: PurchaseType[];
+    /**
+     * Include the full audit trail. Default: false.
+     */
+    include_entries?: boolean;
+    context?: ContextObject;
+    ext?: ExtensionObject;
+};
+
+/**
+ * Governance state and audit trail for one or more plans.
+ */
+export interface GetPlanAuditLogsResponse {
+    /**
+     * Session/conversation identifier for tracking related operations across multiple task invocations. Managed by the protocol layer to maintain conversational context. Distinct from `context` (per-request opaque echo, see below).
+     */
+    context_id?: string;
+    context?: ContextObject;
+    /**
+     * Unique identifier for tracking asynchronous operations. Present when a task requires extended processing time. Used to query task status and retrieve results when complete.
+     */
+    task_id?: string;
+    status: TaskStatus;
+    /**
+     * Human-readable summary of the task result. Provides natural language explanation of what happened, suitable for display to end users or for AI agent comprehension. Generated by the protocol layer based on the task response.
+     */
+    message?: string;
+    /**
+     * ISO 8601 timestamp when the response was generated. Useful for debugging, logging, cache validation, and tracking async operation progress.
+     */
+    timestamp?: string;
+    /**
+     * Set to true when this response was returned from the idempotency cache rather than from a fresh execution. Set to false (or omitted) when the request was executed fresh. Buyers use this to distinguish cached replays from new executions — matters for billing reconciliation, audit logs, state-machine routing (cached state-tracking fields are historical snapshots, not current state — re-read via the resource's read endpoint), and any downstream system that assumes exactly-once event semantics. From 3.1 onward, `replayed` MAY appear on responses to any request that resolved via the idempotency cache, including read tools — universal `idempotency_key` (see security.mdx §Idempotency) means the cache holds read responses too.
+     */
+    replayed?: boolean;
+    adcp_error?: Error;
+    push_notification_config?: PushNotificationConfig;
+    /**
+     * Governance context token issued by the account's governance agent during check_governance. Buyers attach it to governed purchase requests (media buys, rights acquisitions, signal activations, creative services); sellers persist it and include it on all subsequent governance calls for that action's lifecycle. An account binds to one governance agent (see sync_governance); governance is phased across `purchase` / `modification` / `delivery`, not partitioned across specialist agents, so the envelope carries a single token for the full lifecycle.
+     *
+     * Value format: governance agents MUST emit a compact JWS per the AdCP JWS profile (see Security — Signed Governance Context). Sellers MAY verify; sellers that do not verify MUST persist and forward the token unchanged. In 3.1 all sellers MUST verify. Non-JWS values from pre-3.0 governance agents are deprecated.
+     *
+     * This is the primary correlation key for audit and reporting across the governance lifecycle.
+     */
+    governance_context?: string;
+    /**
+     * Conceptual grouping for the task-specific response data defined by individual task response schemas (e.g., get-products-response.json, create-media-buy-response.json). `payload` is a documentary construct — it is NOT a required wire field, and its on-the-wire shape depends on transport (see Transport serialization below). Task response schemas declare body fields without wrapping them in a `payload` object; the wire representation places those body fields per transport convention. On MCP the body fields appear as siblings of envelope fields at the root of the tool response; on A2A they appear inside `task.artifacts[0].parts[].DataPart`; on REST they appear at the root of the JSON body.
+     */
+    payload?: {};
+    /**
+     * Release-precision AdCP version (VERSION.RELEASE, e.g. "3.0", "3.1", "3.1-beta"). On a request: the buyer's release pin — the seller validates against its supported_versions and returns VERSION_UNSUPPORTED on cross-major mismatch, or downshifts to the highest supported release within the same major. On a response: the release the seller actually served — clients SHOULD validate the response against that release's schema, not against their pin. Patches are not negotiated; surface them as build_version on capabilities for operational visibility. When omitted, falls back to adcp_major_version (deprecated) or server default. Buyers SHOULD emit both adcp_version and adcp_major_version through 3.x to remain compatible with sellers that only read the legacy field. NORMALIZATION: SDKs that read full-semver values from bundle metadata (e.g. ComplianceIndex.published_version = "3.1.0-beta.1") MUST normalize to release-precision ("3.1-beta.1") before emitting on the wire — meta-field values are NOT valid wire values.
+     */
+    adcp_version?: string;
+    /**
+     * DEPRECATED in favor of adcp_version (release-precision string). Servers MUST continue to honor this field through 3.x. Removed in 4.0. Original semantics: the AdCP major version the buyer's payloads conform to. Sellers validate against their supported major_versions and return VERSION_UNSUPPORTED if unsupported. When omitted, the seller assumes its highest supported version.
+     */
+    adcp_major_version?: number;
+    /**
+     * Audit data for each requested plan.
+     */
+    plans: {
+        /**
+         * Plan identifier.
+         */
+        plan_id: string;
+        /**
+         * Current plan version.
+         */
+        plan_version: number;
+        /**
+         * Plan lifecycle status.
+         */
+        status: 'active' | 'suspended' | 'completed';
+        /**
+         * Budget state.
+         */
+        budget: {
+            /**
+             * Total authorized budget from the plan.
+             */
+            authorized?: number;
+            /**
+             * Total budget committed from confirmed outcomes.
+             */
+            committed?: number;
+            /**
+             * Authorized minus committed.
+             */
+            remaining?: number;
+            /**
+             * Committed as a percentage of authorized.
+             */
+            utilization_pct?: number;
+        };
+        /**
+         * Current channel mix. Keyed by channel ID.
+         */
+        channel_allocation?: {
+            [k: string]: {
+                /**
+                 * Budget committed to this channel.
+                 */
+                committed?: number;
+                /**
+                 * Channel's share of the authorized total budget.
+                 */
+                pct?: number;
+            } | undefined;
+        };
+        /**
+         * Aggregate validation and outcome statistics.
+         */
+        summary: {
+            /**
+             * Total governance checks performed.
+             */
+            checks_performed?: number;
+            /**
+             * Total outcomes reported.
+             */
+            outcomes_reported?: number;
+            /**
+             * Count of each governance check status.
+             */
+            statuses?: {
+                approved?: number;
+                denied?: number;
+                conditions?: number;
+                /**
+                 * Supplementary count of checks that went through internal human review. These checks are also counted in approved or denied.
+                 */
+                human_reviewed?: number;
+            };
+            /**
+             * Total findings across all checks and outcomes.
+             */
+            findings_count?: number;
+            /**
+             * All escalations and their resolutions.
+             */
+            escalations?: {
+                /**
+                 * The escalated governance check.
+                 */
+                check_id: string;
+                /**
+                 * Why it was escalated.
+                 */
+                reason: string;
+                /**
+                 * How it was resolved (e.g., 'approved_by_human', 'rejected_by_human').
+                 */
+                resolution?: string;
+                /**
+                 * ISO 8601 resolution timestamp.
+                 * @format date-time
+                 */
+                resolved_at?: string;
+            }[];
+            /**
+             * Aggregate governance metrics for detecting oversight drift. A declining escalation rate may indicate well-calibrated governance or eroding human oversight -- surfacing the trend lets the organization make that judgment.
+             */
+            drift_metrics?: {
+                /**
+                 * Fraction of checks that resulted in escalation.
+                 * @minimum 0
+                 * @maximum 1
+                 */
+                escalation_rate?: number;
+                /**
+                 * Direction of escalation rate over the plan's lifetime.
+                 */
+                escalation_rate_trend?: 'increasing' | 'stable' | 'declining';
+                /**
+                 * Fraction of checks approved without human intervention.
+                 * @minimum 0
+                 * @maximum 1
+                 */
+                auto_approval_rate?: number;
+                /**
+                 * Fraction of escalations where the human overrode the governance agent's recommendation.
+                 * @minimum 0
+                 * @maximum 1
+                 */
+                human_override_rate?: number;
+                /**
+                 * Average confidence score across all findings. Present when findings include confidence scores.
+                 * @minimum 0
+                 * @maximum 1
+                 */
+                mean_confidence?: number;
+                /**
+                 * Organization-defined thresholds for drift metrics. When a metric crosses its threshold, the governance agent SHOULD include a finding on the next check. Set by the organization in governance agent configuration, echoed here for visibility.
+                 */
+                thresholds?: {
+                    /**
+                     * Maximum acceptable escalation rate. A rate above this suggests policy miscalibration.
+                     * @minimum 0
+                     * @maximum 1
+                     */
+                    escalation_rate_max?: number;
+                    /**
+                     * Minimum acceptable escalation rate. A rate below this may indicate eroding oversight.
+                     * @minimum 0
+                     * @maximum 1
+                     */
+                    escalation_rate_min?: number;
+                    /**
+                     * Maximum acceptable auto-approval rate.
+                     * @minimum 0
+                     * @maximum 1
+                     */
+                    auto_approval_rate_max?: number;
+                    /**
+                     * Maximum acceptable human override rate. A high rate suggests the governance agent's recommendations are poorly calibrated.
+                     * @minimum 0
+                     * @maximum 1
+                     */
+                    human_override_rate_max?: number;
+                };
+            };
+        };
+        /**
+         * Ordered audit trail. Only present when include_entries is true.
+         */
+        entries?: {
+            /**
+             * Entry identifier.
+             */
+            id: string;
+            /**
+             * Entry type.
+             */
+            type: 'check' | 'outcome';
+            /**
+             * ISO 8601 timestamp.
+             * @format date-time
+             */
+            timestamp: string;
+            /**
+             * Plan this entry belongs to. Present when querying multiple plans or a portfolio.
+             */
+            plan_id?: string;
+            /**
+             * URL of the agent that made the request. Resolved from the credentials used on the governance callback.
+             */
+            caller?: string;
+            /**
+             * The AdCP tool (present for check entries).
+             */
+            tool?: string;
+            verdict?: GovernanceDecision;
+            /**
+             * Whether the check was an intent check (orchestrator) or execution check (seller). Inferred from the fields present on the original check request. Present for check entries.
+             */
+            check_type?: 'intent' | 'execution';
+            mode?: GovernanceMode;
+            /**
+             * Human-readable explanation of the governance decision (present for check entries).
+             */
+            explanation?: string;
+            /**
+             * Policy IDs evaluated during this check. Includes registry policy IDs (resolved via the policy registry) and any inline `policy_id`s declared in the plan's `custom_policies`. Present for check entries.
+             */
+            policies_evaluated?: string[];
+            /**
+             * Governance categories evaluated (e.g., 'budget_authority', 'regulatory_compliance'). Present for check entries.
+             */
+            categories_evaluated?: string[];
+            /**
+             * Findings from this check or outcome. Same structure as check_governance response findings.
+             */
+            findings?: {
+                category_id: string;
+                policy_id?: string;
+                severity: EscalationSeverity;
+                explanation: string;
+                /**
+                 * @minimum 0
+                 * @maximum 1
+                 */
+                confidence?: number;
+            }[];
+            outcome?: OutcomeType;
+            /**
+             * Budget committed (present for completed outcome entries).
+             */
+            committed_budget?: number;
+            /**
+             * Governance context for this entry (present for check and outcome entries).
+             */
+            governance_context?: string;
+            /**
+             * Audit-layer binding to the plan revision this attestation was evaluated over — base64url_no_pad(SHA-256(JCS(plan_payload))) per Plan binding and audit in the campaign-governance specification. Present on check entries. Auditors and buyer-side compliance verify by recomputing over the retained plan revision and byte-comparing the decoded 32-byte digests.
+             * @pattern ^[A-Za-z0-9_-]{43}$
+             */
+            plan_hash?: string;
+            purchase_type?: PurchaseType;
+            /**
+             * Outcome status (present for outcome entries).
+             */
+            outcome_status?: string;
+        }[];
+        /**
+         * Per-action breakdown grouped by governance context.
+         */
+        governed_actions: {
+            /**
+             * Governance context correlating this action's lifecycle.
+             */
+            governance_context: string;
+            purchase_type: PurchaseType;
+            /**
+             * Action status.
+             */
+            status: 'active' | 'suspended' | 'completed';
+            /**
+             * Budget committed for this action.
+             */
+            committed: number;
+            /**
+             * Number of governance checks performed for this action.
+             */
+            check_count: number;
+            /**
+             * The seller's identifier for the resource (e.g., media_buy_id, rights_grant_id). Present when reported via report_plan_outcome.
+             */
+            seller_reference?: string;
+        }[];
+    }[];
+    ext?: ExtensionObject;
+}
+
+/**
+ * Legacy authentication schemes for the webhook auth block. Bearer: token sent in Authorization header. HMAC-SHA256: legacy shared-secret signing. Both are deprecated; new integrations SHOULD omit the authentication block and use the RFC 9421 webhook signing profile (applicable on schemas where authentication is optional). Removed in AdCP 4.0.
+ */
+export type AuthenticationScheme = 'Bearer' | 'HMAC-SHA256';
+
+/**
+ * Opaque correlation data that is echoed unchanged in responses. Used for internal tracking, UI session IDs, trace IDs, and other caller-specific identifiers that don't affect protocol behavior. Context data is never parsed by AdCP agents - it's simply preserved and returned.
+ */
+export interface ContextObject {
+}
+
+/**
+ * Finding severity.
+ */
+export type EscalationSeverity = 'info' | 'warning' | 'critical';
+
+/**
+ * Extension object for platform-specific, vendor-namespaced parameters. Extensions are always optional and must be namespaced under a vendor/platform key (e.g., ext.gam, ext.roku). Used for custom capabilities, partner-specific configuration, and features being proposed for standardization.
+ */
+export interface ExtensionObject {
+}
+
+/**
+ * Governance verdict (present for check entries). Renamed from `status` in 3.1 alongside check-governance-response for vocabulary consistency.
+ */
+export type GovernanceDecision = 'approved' | 'denied' | 'conditions';
+
+/**
+ * Governance mode active at the moment this specific check was evaluated. Governance agents SHOULD populate this field on check entries, recording the mode from their runtime configuration at the moment check_governance was processed — not derived from a plan field. This is a per-check value: if the operator changes mode between checks for the same governed action, each entry records the mode active for that entry. A future `governed_actions[].mode` field would describe the action's current mode, which may differ from the most recent entry's `mode` if the plan has since been re-synced. Absent for outcome entries and for pre-3.1 governance agents that do not surface mode on audit responses.
+ */
+export type GovernanceMode = 'audit' | 'advisory' | 'enforce';
+
+/**
+ * Outcome type.
+ */
+export type OutcomeType = 'completed' | 'failed' | 'delivery';
+
+/**
+ * The type of financial commitment this outcome is for. Determines which budget allocation (if any) to charge against. Defaults to 'media_buy' when omitted.
+ */
+export type PurchaseType = 'media_buy' | 'rights_license' | 'signal_activation' | 'creative_services';
+
+/**
+ * Push notification configuration for async task updates (A2A and REST protocols). Echoed from the request to confirm webhook settings. Specifies URL, authentication scheme (Bearer or HMAC-SHA256), and credentials. MCP uses progress notifications instead of webhooks.
+ */
+export interface PushNotificationConfig {
+    /**
+     * Webhook endpoint URL for task status notifications. The wire contract is unconstrained beyond `format: "uri"` — in particular, publishers SHOULD NOT enforce a destination-port allowlist by default, since buyers legitimately host receivers on non-standard TLS ports (`:9443`, `:4443`, path-routed multi-tenant gateways). The SSRF guard the protocol relies on is the IP-range check + DNS-rebinding-resistant connect pin defined in [Webhook URL validation (SSRF)](/docs/building/by-layer/L1/security#webhook-url-validation-ssrf), not port filtering. Operators who want a hardened destination-port allowlist as defense-in-depth (e.g., locked-down enterprise egress) opt in explicitly — see [Destination port: permissive by default](/docs/building/by-layer/L1/security#destination-port-permissive-by-default).
+     */
+    url: string;
+    /**
+     * Buyer-supplied correlation identifier for the operation that will produce webhooks against this registration. The seller MUST echo this value verbatim into every webhook payload's `operation_id` field (see [`mcp-webhook-payload.json`](/schemas/core/mcp-webhook-payload.json) and [Webhooks — Operation IDs](/docs/building/by-layer/L3/webhooks#operation-ids-and-url-templates)). Buyers SHOULD generate a unique value per task invocation (UUID recommended). This field is the canonical registration channel for `operation_id`; buyers MAY additionally embed the same value in the URL path or query as a routing aid for their own HTTP server, but the URL is opaque to the seller and the wire-level source of truth is this field. Sellers MUST NOT parse the URL to recover `operation_id`. Sellers that receive a webhook registration without `operation_id` MAY reject the task with `INVALID_REQUEST`.
+     * @minLength 1
+     * @maxLength 255
+     * @pattern ^[A-Za-z0-9_.:-]{1,255}$
+     */
+    operation_id?: string;
+    /**
+     * Optional client-provided token for webhook validation. The seller MUST echo this value verbatim in every webhook payload's `token` field (see [`mcp-webhook-payload.json`](/schemas/core/mcp-webhook-payload.json) for the receiver-side validation obligation). Length bounds give receivers a defensive range check on the echoed value; senders SHOULD generate tokens with at least 128 bits of entropy (≥22 base64url characters). This is a complementary authenticity mechanism that can layer on top of the RFC 9421 webhook signature — unlike the `authentication` block below, it is not on the 4.0 removal track. Receivers that registered both a signing key (RFC 9421) and a `token` MUST NOT treat a valid token echo as authorization to skip signature verification; both checks remain independent obligations.
+     * @minLength 16
+     * @maxLength 4096
+     */
+    token?: string;
+    /**
+     * Legacy authentication configuration (A2A-compatible). Opts the seller into Bearer or HMAC-SHA256 signing instead of the default RFC 9421 webhook profile. Deprecated; removed in AdCP 4.0. **Precedence is a switch, not a fallback:** presence of this block selects the legacy scheme; absence selects 9421. A seller MUST NOT sign the same webhook both ways, and a buyer MUST NOT attempt 'try 9421 first, fall back to HMAC' verification — signature mode is determined solely by whether this block was present at registration time. The seller's baseline 9421 webhook-signing key published at its brand.json `agents[]` `jwks_uri` does not override this selector; it is always discoverable but only used when `authentication` is omitted. See docs/building/implementation/security.mdx#webhook-callbacks for the full precedence and downgrade-resistance rules (including the `webhook_mode_mismatch` rejection a buyer MUST apply when a received webhook's signing mode does not match the registered mode).
+     */
+    authentication?: {
+        /**
+         * Array of authentication schemes. Supported: ['Bearer'] for simple token auth, ['HMAC-SHA256'] for legacy shared-secret signing. Both are deprecated; new integrations SHOULD omit `authentication` and use the RFC 9421 webhook profile.
+         */
+        schemes: AuthenticationScheme[];
+        /**
+         * Credentials for the legacy scheme. For Bearer: token sent in Authorization header. For HMAC-SHA256: shared secret used to generate signature. Minimum 32 characters. Exchanged out-of-band during onboarding.
+         * @minLength 32
+         */
+        credentials: string;
+    };
+}
+
+/**
+ * Current task execution state. Indicates whether the task is completed, in progress (working), submitted for async processing, failed, or requires user input. REQUIRED on every task response envelope. Synchronous tasks (including read-only metadata calls like `get_adcp_capabilities`) MUST emit `status: "completed"`; async tasks emit `submitted`, `working`, `input-required`, etc. per their lifecycle. Agents MUST NOT emit the legacy task_status or response_status fields alongside this field — the status field is the single authoritative task state.
+ */
+export type TaskStatus = 'submitted' | 'working' | 'input-required' | 'completed' | 'canceled' | 'failed' | 'rejected' | 'auth-required' | 'unknown';