@aexhq/sdk 0.13.6

package/dist/_contracts/run-record.d.ts

@@ -0,0 +1,127 @@
+import type { RunCostTelemetry } from "./run-cost.js";
+import { type CustodyManifestV1, type CustodyRedactionFinding } from "./run-custody.js";
+import type { Run, RunEvent, Output } from "./runtime-types.js";
+import type { PlatformSubmission } from "./submission.js";
+export declare const RUN_RECORD_SCHEMA_VERSION: "aex.run-record.v1";
+export declare const RUN_RECORD_MANIFEST_SCHEMA_VERSION: "aex.run-record.manifest.v1";
+export type RunRecordArchiveNamespaceV1 = "metadata" | "events" | "outputs" | "logs";
+export type RunRecordFileStatusV1 = "present" | "absent" | "pending" | "unavailable" | "not_applicable" | "error";
+export type RunRecordArchiveFileRoleV1 = "run_metadata" | "submission_snapshot" | "cost" | "custody" | "typed_events" | "log_events" | "all_events" | "coordinator_events_manifest" | "output" | "log";
+export interface RunRecordSubmissionSnapshotV1 {
+    readonly submission: PlatformSubmission;
+}
+export interface RunRecordCostV1 {
+    readonly status: RunRecordFileStatusV1;
+    readonly telemetry?: RunCostTelemetry;
+}
+export interface RunRecordMetadataV1 {
+    readonly run: Run;
+    readonly submission?: RunRecordSubmissionSnapshotV1;
+    readonly cost?: RunRecordCostV1;
+    readonly custody?: CustodyManifestV1;
+}
+export interface RunRecordEventsV1 {
+    /**
+     * Typed `channel: "event"` records. This is the current SDK
+     * `events/events.jsonl` export. Log-channel records are not mixed into this
+     * file.
+     */
+    readonly typed: readonly RunEvent[];
+    readonly logs?: readonly RunEvent[];
+    readonly all?: readonly RunEvent[];
+}
+export interface RunRecordV1 {
+    readonly schemaVersion: typeof RUN_RECORD_SCHEMA_VERSION;
+    readonly runId: string;
+    readonly metadata: RunRecordMetadataV1;
+    readonly events: RunRecordEventsV1;
+    readonly outputs: readonly Output[];
+    readonly logs: readonly Output[];
+    readonly manifest: RunRecordManifestV1;
+}
+export interface RunRecordNamespaceV1 {
+    readonly name: RunRecordArchiveNamespaceV1;
+    readonly prefix: `${RunRecordArchiveNamespaceV1}/`;
+    readonly status: RunRecordFileStatusV1;
+    readonly description: string;
+}
+export interface RunRecordArchiveFileV1 {
+    readonly namespace: RunRecordArchiveNamespaceV1;
+    readonly path: string;
+    readonly role: RunRecordArchiveFileRoleV1;
+    readonly status: RunRecordFileStatusV1;
+    readonly id?: string;
+    readonly filename?: string | null;
+    readonly sizeBytes?: number;
+    readonly contentType?: string;
+    readonly recordCount?: number;
+}
+export interface RunRecordArtifactSummaryV1 {
+    readonly id: string;
+    readonly filename: string | null;
+    readonly sizeBytes?: number;
+    readonly contentType?: string;
+}
+export interface RunRecordDownloadErrorV1 {
+    readonly namespace: "outputs" | "logs";
+    readonly id: string;
+    readonly filename: string | null;
+    readonly message: string;
+}
+export interface RunRecordManifestV1 {
+    readonly schemaVersion: typeof RUN_RECORD_MANIFEST_SCHEMA_VERSION;
+    readonly runRecordSchemaVersion: typeof RUN_RECORD_SCHEMA_VERSION;
+    readonly runId: string;
+    readonly namespaces: readonly RunRecordNamespaceV1[];
+    readonly files: readonly RunRecordArchiveFileV1[];
+    /**
+     * Compatibility aliases for existing consumers of `manifest.json`.
+     * Prefer `files[]` for new code because it carries namespace, role, and
+     * presence state for optional run-record members.
+     */
+    readonly outputs: readonly RunRecordArtifactSummaryV1[];
+    readonly logs: readonly RunRecordArtifactSummaryV1[];
+    readonly errors: readonly RunRecordDownloadErrorV1[];
+}
+export interface BuildRunRecordDownloadManifestV1Input {
+    readonly runId: string;
+    readonly outputs: readonly RunRecordArtifactSummaryV1[];
+    readonly logs: readonly RunRecordArtifactSummaryV1[];
+    readonly errors?: readonly RunRecordDownloadErrorV1[];
+    readonly typedEventCount?: number;
+    readonly submission?: RunRecordFileManifestInputV1;
+    readonly cost?: RunRecordFileManifestInputV1;
+    readonly custody?: RunRecordFileManifestInputV1;
+    readonly logEvents?: RunRecordFileManifestInputV1;
+    readonly allEvents?: RunRecordFileManifestInputV1;
+    readonly coordinatorEventsManifest?: RunRecordFileManifestInputV1;
+}
+export interface RunRecordFileManifestInputV1 {
+    readonly status: RunRecordFileStatusV1;
+    readonly recordCount?: number;
+}
+export interface RunRecordArchiveEntryForRedactionV1 {
+    readonly path: string;
+    readonly bytes: Uint8Array;
+    readonly contentType?: string;
+    /**
+     * Customer-authored output bytes are intentionally outside the public-record
+     * redaction guarantee. Metadata, event exports, manifests, and platform logs
+     * remain scanned.
+     */
+    readonly customerContent?: boolean;
+}
+export interface RunRecordArchiveRedactionFindingV1 {
+    readonly entryPath: string;
+    readonly path: string;
+    readonly reason: CustodyRedactionFinding["reason"];
+    readonly valueLength?: number;
+}
+export declare class RunRecordArchiveRedactionError extends Error {
+    readonly code = "run_record_archive_not_public_safe";
+    readonly findings: readonly RunRecordArchiveRedactionFindingV1[];
+    constructor(findings: readonly RunRecordArchiveRedactionFindingV1[]);
+}
+export declare function buildRunRecordDownloadManifestV1(input: BuildRunRecordDownloadManifestV1Input): RunRecordManifestV1;
+export declare function scanRunRecordArchiveEntriesV1(entries: readonly RunRecordArchiveEntryForRedactionV1[]): readonly RunRecordArchiveRedactionFindingV1[];
+export declare function assertRunRecordArchivePublicSafeV1(entries: readonly RunRecordArchiveEntryForRedactionV1[]): void;

package/dist/_contracts/run-record.js

@@ -0,0 +1,177 @@
+import { scanCustodyPayloadForSensitiveValues } from "./run-custody.js";
+export const RUN_RECORD_SCHEMA_VERSION = "aex.run-record.v1";
+export const RUN_RECORD_MANIFEST_SCHEMA_VERSION = "aex.run-record.manifest.v1";
+export class RunRecordArchiveRedactionError extends Error {
+    code = "run_record_archive_not_public_safe";
+    findings;
+    constructor(findings) {
+        super(`run record archive contains non-public data at ${formatArchiveFindingPaths(findings)}`);
+        this.name = "RunRecordArchiveRedactionError";
+        this.findings = Object.freeze([...findings]);
+    }
+}
+export function buildRunRecordDownloadManifestV1(input) {
+    const outputs = input.outputs.map((file) => normalizeArtifactSummary(file));
+    const logs = input.logs.map((file) => normalizeArtifactSummary(file));
+    const errors = (input.errors ?? []).map((error) => Object.freeze({ ...error }));
+    return Object.freeze({
+        schemaVersion: RUN_RECORD_MANIFEST_SCHEMA_VERSION,
+        runRecordSchemaVersion: RUN_RECORD_SCHEMA_VERSION,
+        runId: input.runId,
+        namespaces: Object.freeze([
+            namespace("metadata", "Run metadata, submission snapshot, custody, and cost files."),
+            namespace("events", "Typed event-channel exports and optional full-stream/log-channel exports."),
+            namespace("outputs", "Captured deliverables produced by the run."),
+            namespace("logs", "Platform diagnostics and runtime log artifacts.")
+        ]),
+        files: Object.freeze([
+            file("metadata", "metadata/run.json", "run_metadata", "present"),
+            file("metadata", "metadata/submission.json", "submission_snapshot", input.submission?.status ?? "unavailable"),
+            file("metadata", "metadata/cost.json", "cost", input.cost?.status ?? "pending"),
+            file("metadata", "metadata/custody.json", "custody", input.custody?.status ?? "pending"),
+            file("events", "events/events.jsonl", "typed_events", "present", {
+                recordCount: input.typedEventCount ?? 0
+            }),
+            file("events", "events/logs.jsonl", "log_events", input.logEvents?.status ?? "unavailable", recordCountExtra(input.logEvents)),
+            file("events", "events/all.jsonl", "all_events", input.allEvents?.status ?? "unavailable", recordCountExtra(input.allEvents)),
+            file("events", "events/manifest.json", "coordinator_events_manifest", input.coordinatorEventsManifest?.status ?? "unavailable"),
+            ...outputs.map((output) => artifactFile("outputs", "output", "outputs/", output)),
+            ...logs.map((log) => artifactFile("logs", "log", "logs/", log))
+        ]),
+        outputs: Object.freeze(outputs),
+        logs: Object.freeze(logs),
+        errors: Object.freeze(errors)
+    });
+}
+function namespace(name, description) {
+    return Object.freeze({
+        name,
+        prefix: `${name}/`,
+        status: "present",
+        description
+    });
+}
+function file(namespaceName, path, role, status, extra) {
+    return Object.freeze({
+        namespace: namespaceName,
+        path,
+        role,
+        status,
+        ...(extra?.recordCount !== undefined ? { recordCount: extra.recordCount } : {})
+    });
+}
+function recordCountExtra(input) {
+    return input?.status === "present" && input.recordCount !== undefined
+        ? { recordCount: input.recordCount }
+        : undefined;
+}
+function artifactFile(namespaceName, role, prefix, artifact) {
+    return Object.freeze({
+        namespace: namespaceName,
+        path: `${prefix}${artifact.filename ?? artifact.id}`,
+        role,
+        status: "present",
+        id: artifact.id,
+        filename: artifact.filename,
+        ...(artifact.sizeBytes !== undefined ? { sizeBytes: artifact.sizeBytes } : {}),
+        ...(artifact.contentType !== undefined ? { contentType: artifact.contentType } : {})
+    });
+}
+function normalizeArtifactSummary(input) {
+    return Object.freeze({
+        id: input.id,
+        filename: input.filename,
+        ...(input.sizeBytes !== undefined ? { sizeBytes: input.sizeBytes } : {}),
+        ...(input.contentType !== undefined ? { contentType: input.contentType } : {})
+    });
+}
+export function scanRunRecordArchiveEntriesV1(entries) {
+    const findings = [];
+    for (const entry of entries) {
+        if (entry.customerContent || !shouldScanArchiveEntry(entry)) {
+            continue;
+        }
+        for (const finding of scanArchiveEntry(entry)) {
+            findings.push(finding);
+        }
+    }
+    return Object.freeze(findings);
+}
+export function assertRunRecordArchivePublicSafeV1(entries) {
+    const findings = scanRunRecordArchiveEntriesV1(entries);
+    if (findings.length > 0) {
+        throw new RunRecordArchiveRedactionError(findings);
+    }
+}
+function shouldScanArchiveEntry(entry) {
+    if (entry.path.startsWith("outputs/")) {
+        return false;
+    }
+    const contentType = entry.contentType?.toLowerCase() ?? "";
+    if (contentType.startsWith("text/") ||
+        contentType.includes("json") ||
+        contentType.includes("xml") ||
+        contentType.includes("yaml")) {
+        return true;
+    }
+    return /\.(?:json|jsonl|ndjson|txt|log|md|csv|tsv|ya?ml)$/i.test(entry.path);
+}
+function scanArchiveEntry(entry) {
+    const text = new TextDecoder().decode(entry.bytes);
+    const parsedValues = parseArchiveTextValues(entry.path, text);
+    const rawFindings = parsedValues.length > 0
+        ? parsedValues.flatMap((value) => [...scanCustodyPayloadForSensitiveValues(value.value)].map((finding) => ({
+            ...finding,
+            path: `${value.path}${finding.path === "$" ? "" : finding.path.slice(1)}`
+        })))
+        : scanCustodyPayloadForSensitiveValues(text);
+    return Object.freeze(rawFindings
+        .filter((finding) => !isAllowedArchiveHighEntropyField(entry.path, finding))
+        .map((finding) => Object.freeze({
+        entryPath: entry.path,
+        path: finding.path,
+        reason: finding.reason,
+        ...(finding.valueLength !== undefined ? { valueLength: finding.valueLength } : {})
+    })));
+}
+function isAllowedArchiveHighEntropyField(entryPath, finding) {
+    if (finding.reason !== "high_entropy_token" || !entryPath.endsWith("manifest.json")) {
+        return false;
+    }
+    return /^\$(?:\.files\[\d+\]|\.outputs\[\d+\]|\.logs\[\d+\])\.id$/.test(finding.path);
+}
+function parseArchiveTextValues(path, text) {
+    if (/\.json$/i.test(path)) {
+        const parsed = tryParseJson(text);
+        return parsed.ok ? Object.freeze([{ path: "$", value: parsed.value }]) : Object.freeze([]);
+    }
+    if (/\.(?:jsonl|ndjson)$/i.test(path)) {
+        const values = [];
+        const lines = text.split(/\r?\n/);
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            if (!line?.trim()) {
+                continue;
+            }
+            const parsed = tryParseJson(line);
+            if (!parsed.ok) {
+                return Object.freeze([]);
+            }
+            values.push({ path: `$[${i}]`, value: parsed.value });
+        }
+        return Object.freeze(values);
+    }
+    return Object.freeze([]);
+}
+function tryParseJson(text) {
+    try {
+        return { ok: true, value: JSON.parse(text) };
+    }
+    catch {
+        return { ok: false };
+    }
+}
+function formatArchiveFindingPaths(findings) {
+    return findings.map((finding) => `${finding.entryPath}${finding.path} (${finding.reason})`).join(", ");
+}
+//# sourceMappingURL=run-record.js.map

package/dist/_contracts/run-retention.d.ts

@@ -0,0 +1,213 @@
+import type { RunStatus } from "./status.js";
+export declare const RUN_RETENTION_SCHEMA_VERSION = 1;
+export declare const RUN_DELETION_MANIFEST_KIND = "aex.run_deletion_manifest.v1";
+export declare const RUN_DELETION_JOB_KIND = "aex.run_deletion_job.v1";
+export declare const RUN_DELETION_MANIFEST_CONTENT_TYPE = "application/json; charset=utf-8";
+export declare const RUN_RETENTION_REDACTION_SCANNER_VERSION = 1;
+export declare const RUN_DELETION_REASONS: readonly ["manual_delete", "retention_gc"];
+export type RunDeletionReason = (typeof RUN_DELETION_REASONS)[number];
+export declare const RUN_DELETION_MANIFEST_MODES: readonly ["dry_run", "final"];
+export type RunDeletionManifestMode = (typeof RUN_DELETION_MANIFEST_MODES)[number];
+export declare const RUN_DELETION_CANDIDATE_STATUSES: readonly ["selected", "blocked"];
+export type RunDeletionCandidateStatus = (typeof RUN_DELETION_CANDIDATE_STATUSES)[number];
+export declare const RUN_DELETION_BLOCKERS: readonly ["non_terminal", "already_deleted", "concurrent_delete", "retention_policy_disabled", "unexpired", "held", "retention_exempt", "unresolved_cleanup", "unresolved_custody"];
+export type RunDeletionBlocker = (typeof RUN_DELETION_BLOCKERS)[number];
+export declare const RUN_DELETION_COUNT_CLASSES: readonly ["r2_objects", "outputs", "logs", "events", "assets", "db_event_rows", "db_output_rows", "capture_failures", "storage_samples", "custody_manifests"];
+export type RunDeletionCountClass = (typeof RUN_DELETION_COUNT_CLASSES)[number];
+export declare const RUN_DELETION_COUNT_STATUSES: readonly ["counted", "not_counted", "partial", "failed"];
+export type RunDeletionCountStatus = (typeof RUN_DELETION_COUNT_STATUSES)[number];
+export declare const RUN_DELETION_JOB_STATUSES: readonly ["queued", "planning", "blocked", "manifest_written", "deleting", "delete_failed", "completed", "failed"];
+export type RunDeletionJobStatus = (typeof RUN_DELETION_JOB_STATUSES)[number];
+export declare const RUN_DELETION_PROOF_STATUSES: readonly ["not_started", "running", "completed", "failed"];
+export type RunDeletionProofStatus = (typeof RUN_DELETION_PROOF_STATUSES)[number];
+export declare const RUN_DELETION_WRITE_STATUSES: readonly ["not_written", "written", "write_failed"];
+export type RunDeletionWriteStatus = (typeof RUN_DELETION_WRITE_STATUSES)[number];
+export declare const RUN_RETENTION_EXCLUDED_VALUE_CLASSES: readonly ["raw_paths", "object_keys", "filenames", "object_sizes", "hashes", "provider_ids", "vault_ids", "resource_ids", "resource_handles", "signed_urls"];
+export type RunRetentionExcludedValueClass = (typeof RUN_RETENTION_EXCLUDED_VALUE_CLASSES)[number];
+export interface RunRetentionPolicyV1 {
+    readonly mode: "retain_indefinitely" | "delete_after_days";
+    readonly manualDelete: "enabled";
+    readonly automaticDeletion: "disabled" | "enabled";
+    readonly retentionDays?: number;
+}
+export interface RunRetentionPolicyInput {
+    readonly automaticDeletion?: boolean;
+    readonly retentionDays?: number;
+}
+export interface RunDeletionCandidateRunV1 {
+    readonly runId: string;
+    readonly workspaceId: string;
+    readonly status: RunStatus | string;
+    readonly createdAt?: string;
+    readonly terminalAt?: string;
+    readonly pendingDeleteAt?: string;
+    readonly deletedAt?: string;
+    readonly held?: boolean;
+    readonly retentionExempt?: boolean;
+    readonly unresolvedCleanup?: boolean;
+    readonly unresolvedCustody?: boolean;
+}
+export interface RunDeletionBlockerV1 {
+    readonly code: RunDeletionBlocker;
+    readonly observedAt: string;
+}
+export interface RunDeletionCandidateV1 {
+    readonly status: RunDeletionCandidateStatus;
+    readonly reason: RunDeletionReason;
+    readonly evaluatedAt: string;
+    readonly eligibleAt?: string;
+    readonly blockers: readonly RunDeletionBlockerV1[];
+}
+export interface RunDeletionCandidateInput {
+    readonly run: RunDeletionCandidateRunV1;
+    readonly reason: RunDeletionReason;
+    readonly policy?: RunRetentionPolicyV1 | RunRetentionPolicyInput;
+    readonly now: string;
+}
+export interface RunDeletionCountV1 {
+    readonly class: RunDeletionCountClass | string;
+    readonly count: number;
+    readonly status: RunDeletionCountStatus;
+    readonly countedAt?: string;
+    readonly errorClass?: string;
+}
+export interface RunDeletionManifestRunV1 {
+    readonly runId: string;
+    readonly workspaceId: string;
+    readonly status: RunStatus | string;
+    readonly createdAt?: string;
+    readonly terminalAt?: string;
+    readonly eligibleAt?: string;
+    readonly pendingDeleteAt?: string;
+    readonly deletedAt?: string;
+}
+export interface RunDeletionManifestRequestV1 {
+    readonly reason: RunDeletionReason;
+    readonly actorClass: "user" | "api_token" | "system" | "operator";
+}
+export interface RunDeletionManifestSummaryV1 {
+    readonly totalCount: number;
+    readonly failedCountClasses: number;
+    readonly partialCountClasses: number;
+    readonly blockerCount: number;
+    readonly counts: readonly RunDeletionCountV1[];
+}
+export interface RunDeletionManifestRedactionV1 {
+    readonly policy: "counts_status_timestamps_only";
+    readonly scannerVersion: typeof RUN_RETENTION_REDACTION_SCANNER_VERSION;
+    readonly excludes: readonly RunRetentionExcludedValueClass[];
+}
+export interface RunDeletionManifestV1 {
+    readonly schemaVersion: typeof RUN_RETENTION_SCHEMA_VERSION;
+    readonly kind: typeof RUN_DELETION_MANIFEST_KIND;
+    readonly generatedAt: string;
+    readonly mode: RunDeletionManifestMode;
+    readonly run: RunDeletionManifestRunV1;
+    readonly request: RunDeletionManifestRequestV1;
+    readonly candidate: RunDeletionCandidateV1;
+    readonly summary: RunDeletionManifestSummaryV1;
+    readonly redaction: RunDeletionManifestRedactionV1;
+}
+export interface RunDeletionManifestInput {
+    readonly generatedAt: string;
+    readonly mode: RunDeletionManifestMode;
+    readonly run: RunDeletionCandidateRunV1;
+    readonly request: RunDeletionManifestRequestV1;
+    readonly candidate?: RunDeletionCandidateV1;
+    readonly policy?: RunRetentionPolicyV1 | RunRetentionPolicyInput;
+    readonly counts?: readonly RunDeletionCountV1[];
+}
+export interface RunDeletionManifestProofV1 {
+    readonly status: RunDeletionWriteStatus;
+    readonly mode?: RunDeletionManifestMode;
+    readonly writtenAt?: string;
+}
+export interface RunDeletionPurgeProofV1 {
+    readonly status: RunDeletionProofStatus;
+    readonly startedAt?: string;
+    readonly completedAt?: string;
+    readonly deletedObjectCount?: number;
+}
+export interface RunDeletionOrderProofV1 {
+    readonly manifest: RunDeletionManifestProofV1;
+    readonly purge: RunDeletionPurgeProofV1;
+}
+export interface RunDeletionJobV1 {
+    readonly schemaVersion: typeof RUN_RETENTION_SCHEMA_VERSION;
+    readonly kind: typeof RUN_DELETION_JOB_KIND;
+    readonly jobId: string;
+    readonly runId: string;
+    readonly workspaceId: string;
+    readonly reason: RunDeletionReason;
+    readonly mode: RunDeletionManifestMode;
+    readonly status: RunDeletionJobStatus;
+    readonly createdAt: string;
+    readonly updatedAt?: string;
+    readonly order: RunDeletionOrderProofV1;
+    readonly candidate?: RunDeletionCandidateV1;
+    readonly summary?: RunDeletionManifestSummaryV1;
+}
+export interface RunDeletionJobInput {
+    readonly jobId: string;
+    readonly runId: string;
+    readonly workspaceId: string;
+    readonly reason: RunDeletionReason;
+    readonly mode: RunDeletionManifestMode;
+    readonly status: RunDeletionJobStatus;
+    readonly createdAt: string;
+    readonly updatedAt?: string;
+    readonly order: RunDeletionOrderProofV1;
+    readonly candidate?: RunDeletionCandidateV1;
+    readonly summary?: RunDeletionManifestSummaryV1;
+}
+export interface RunDeletionManifestWriteObject {
+    readonly runId: string;
+    readonly workspaceId: string;
+    readonly contentType: typeof RUN_DELETION_MANIFEST_CONTENT_TYPE;
+    readonly manifest: RunDeletionManifestV1;
+}
+export interface RunDeletionManifestObjectStore {
+    putRunDeletionManifestObject(object: RunDeletionManifestWriteObject): Promise<void>;
+}
+export interface RunDeletionManifestWriteResult {
+    readonly status: "written";
+    readonly schemaVersion: typeof RUN_RETENTION_SCHEMA_VERSION;
+    readonly runId: string;
+    readonly workspaceId: string;
+    readonly writtenAt: string;
+    readonly mode: RunDeletionManifestMode;
+}
+export interface RunDeletionManifestWriter {
+    writeRunDeletionManifest(input: RunDeletionManifestInput): Promise<RunDeletionManifestWriteResult>;
+}
+export type RunRetentionRedactionReason = "forbidden_field_name" | "signed_url" | "r2_object_key" | "vault_id" | "private_resource_handle" | "hash_like_value";
+export interface RunRetentionRedactionFinding {
+    readonly path: string;
+    readonly reason: RunRetentionRedactionReason;
+    readonly valueLength?: number;
+}
+export declare class RunRetentionValidationError extends Error {
+    readonly code = "run_retention_contract_invalid";
+    constructor(message: string);
+}
+export declare class RunRetentionRedactionError extends Error {
+    readonly code = "run_retention_payload_not_public_safe";
+    readonly findings: readonly RunRetentionRedactionFinding[];
+    constructor(findings: readonly RunRetentionRedactionFinding[]);
+}
+export declare class FakeRunDeletionManifestObjectStore implements RunDeletionManifestObjectStore {
+    #private;
+    putRunDeletionManifestObject(object: RunDeletionManifestWriteObject): Promise<void>;
+    getByRunId(runId: string): RunDeletionManifestV1 | undefined;
+    get(runId: string): RunDeletionManifestV1 | undefined;
+    listRunIds(): readonly string[];
+}
+export declare function createRunDeletionManifestWriter(store: RunDeletionManifestObjectStore): RunDeletionManifestWriter;
+export declare function writeRunDeletionManifest(store: RunDeletionManifestObjectStore, input: RunDeletionManifestInput): Promise<RunDeletionManifestWriteResult>;
+export declare function buildRunRetentionPolicy(input?: RunRetentionPolicyInput): RunRetentionPolicyV1;
+export declare function evaluateRunDeletionCandidate(input: RunDeletionCandidateInput): RunDeletionCandidateV1;
+export declare function buildRunDeletionManifest(input: RunDeletionManifestInput): RunDeletionManifestV1;
+export declare function assertRunDeletionOrder(proof: RunDeletionOrderProofV1): void;
+export declare function buildRunDeletionJob(input: RunDeletionJobInput): RunDeletionJobV1;
+export declare function scanRunRetentionPayloadForSensitiveValues(input: unknown): readonly RunRetentionRedactionFinding[];
+export declare function assertPublicSafeRunRetentionPayload(input: unknown): void;