@agenshield/broker 0.1.0

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,141 @@
+# @agenshield/broker
+
+Core broker daemon for AgenShield. It enforces security policies and performs privileged operations on behalf of sandboxed agents.
+
+## Purpose
+- Enforce policy decisions for network, file, and exec operations.
+- Provide a Unix socket JSON-RPC API for local, privileged actions.
+- Offer a restricted HTTP fallback for environments that cannot use Unix sockets.
+- Emit auditable logs for every operation.
+
+## Key Components
+- `src/main.ts` - Broker daemon entry point.
+- `src/server.ts` - Unix socket JSON-RPC server (newline-delimited JSON).
+- `src/http-fallback.ts` - Restricted HTTP JSON-RPC server (`/rpc`).
+- `src/handlers/*` - Operation handlers (`http_request`, `file_*`, `exec`, etc.).
+- `src/policies/*` - Policy enforcement and built-in rules.
+- `src/audit/logger.ts` - JSONL audit log with rotation.
+- `src/secrets/vault.ts` - Encrypted secret storage for `secret_inject`.
+- `src/client/broker-client.ts` - Type-safe client for code integrations.
+- `src/client/shield-client.ts` - CLI client (`shield-client`).
+
+## Operations (JSON-RPC methods)
+- `http_request` - Proxy HTTP requests.
+- `file_read`, `file_write`, `file_list` - File system operations.
+- `exec` - Execute a command.
+- `open_url` - Open a URL in the default browser (macOS `open`).
+- `secret_inject` - Read a secret from the vault (socket-only).
+- `ping` - Health check.
+
+## Usage
+### Run the broker
+```bash
+agenshield-broker
+
+# Custom socket path
+AGENSHIELD_SOCKET=/tmp/agenshield.sock agenshield-broker
+
+# Disable HTTP fallback
+AGENSHIELD_HTTP_ENABLED=false agenshield-broker
+```
+
+### Use the client library
+```ts
+import { BrokerClient } from '@agenshield/broker/client';
+
+const client = new BrokerClient({
+  socketPath: '/var/run/agenshield.sock',
+});
+
+const response = await client.httpRequest({
+  url: 'https://api.example.com/data',
+  method: 'GET',
+});
+
+const file = await client.fileRead({ path: '/path/to/file.txt' });
+const execResult = await client.exec({ command: 'ls', args: ['-la'] });
+```
+
+### Use the CLI client
+```bash
+shield-client ping
+shield-client http GET https://api.example.com/data
+shield-client file read /path/to/file.txt
+shield-client exec ls -la
+```
+
+## Configuration
+The broker loads configuration from a file (default: `/opt/agenshield/config/shield.json`) and overlays environment variables.
+
+Environment variables:
+- `AGENSHIELD_CONFIG` - Config file path.
+- `AGENSHIELD_SOCKET` - Unix socket path (default: `/var/run/agenshield.sock`).
+- `AGENSHIELD_HTTP_ENABLED` - `true`/`false` to enable HTTP fallback.
+- `AGENSHIELD_HTTP_HOST` - HTTP fallback host (default: `localhost`).
+- `AGENSHIELD_HTTP_PORT` - HTTP fallback port (default: `5200`).
+- `AGENSHIELD_POLICIES` - Policies directory (default: `/opt/agenshield/policies`).
+- `AGENSHIELD_AUDIT_LOG` - Audit log path (default: `/var/log/agenshield/audit.log`).
+- `AGENSHIELD_LOG_LEVEL` - `debug|info|warn|error`.
+- `AGENSHIELD_FAIL_OPEN` - `true` to allow on policy-check failure.
+
+Config file fields (subset):
+```json
+{
+  "socketPath": "/var/run/agenshield.sock",
+  "httpEnabled": true,
+  "httpHost": "localhost",
+  "httpPort": 5200,
+  "policiesPath": "/opt/agenshield/policies",
+  "auditLogPath": "/var/log/agenshield/audit.log",
+  "logLevel": "info",
+  "failOpen": false,
+  "socketMode": 504
+}
+```
+
+## Policy Model
+- Policies are loaded from `policiesPath/default.json` plus any JSON files in `policiesPath/custom/`.
+- Rules are allowlist/denylist with glob-style matching and priority ordering.
+- File and network constraints can enforce allowed paths/hosts/ports.
+- Policies are reloaded on a timer (every 60 seconds).
+
+## HTTP Fallback Constraints
+The HTTP fallback server is intentionally restricted:
+- Allowed: `http_request`, `file_read`, `file_list`, `open_url`, `ping`.
+- Denied: `exec`, `file_write`, `secret_inject`.
+- Only accepts `POST /rpc` from localhost.
+- `GET /health` returns a simple health response.
+
+## Limitations and Caveats
+- No authentication layer; security relies on Unix socket permissions and policy rules.
+- HTTP fallback is localhost-only and still policy-enforced but should be treated as a last resort.
+- `open_url` is macOS-specific (uses `open`).
+- `exec` output is capped at 10MB and does not stream.
+- The secret vault stores a `.key` file alongside the encrypted vault; it does not integrate with OS keychains.
+- Policy reload is timer-based; updates are not immediate.
+
+## Roadmap (Ideas)
+- Per-client identity from socket credentials and scoped policies.
+- Optional auth and mTLS for the HTTP fallback.
+- Streaming responses for large outputs.
+- Cross-platform URL opening.
+
+## Development
+```bash
+# Build
+npx nx build shield-broker
+```
+
+## Contribution Guide
+- When adding a new operation, update:
+  - `src/handlers/*` (handler implementation)
+  - `src/server.ts` and `src/http-fallback.ts` (method routing + HTTP allowlist)
+  - `@agenshield/ipc` operation types and schemas
+- Keep all handler errors mapped to a stable error code.
+- Audit entries should include a deterministic `target` field for policy visibility.
+
+## Agent Notes
+- `BrokerClient` enforces socket-only channels for `exec`, `file_write`, and `secret_inject`.
+- The policy enforcer merges built-in rules with user rules; custom policies are additive.
+- `AuditLogger` is append-only JSONL with rotation; use it for operational forensics.
+- Any changes to JSON-RPC method names must be mirrored in `@agenshield/ipc`.

package/audit/logger.d.ts

@@ -0,0 +1,69 @@
+/**
+ * Audit Logger
+ *
+ * Logs all broker operations for security auditing.
+ */
+import type { AuditEntry } from '../types.js';
+export interface AuditLoggerOptions {
+    logPath: string;
+    logLevel: 'debug' | 'info' | 'warn' | 'error';
+    maxFileSize?: number;
+    maxFiles?: number;
+}
+export declare class AuditLogger {
+    private logPath;
+    private logLevel;
+    private maxFileSize;
+    private maxFiles;
+    private writeStream;
+    private currentSize;
+    private readonly levelPriority;
+    constructor(options: AuditLoggerOptions);
+    /**
+     * Initialize the write stream
+     */
+    private initializeStream;
+    /**
+     * Rotate log files if needed
+     */
+    private maybeRotate;
+    /**
+     * Log an audit entry
+     */
+    log(entry: AuditEntry): Promise<void>;
+    /**
+     * Check if we should log at the given level
+     */
+    private shouldLog;
+    /**
+     * Log a debug message
+     */
+    debug(message: string, data?: Record<string, unknown>): void;
+    /**
+     * Log an info message
+     */
+    info(message: string, data?: Record<string, unknown>): void;
+    /**
+     * Log a warning message
+     */
+    warn(message: string, data?: Record<string, unknown>): void;
+    /**
+     * Log an error message
+     */
+    error(message: string, data?: Record<string, unknown>): void;
+    /**
+     * Query audit logs
+     */
+    query(options: {
+        startTime?: Date;
+        endTime?: Date;
+        operation?: string;
+        allowed?: boolean;
+        limit?: number;
+    }): Promise<AuditEntry[]>;
+    /**
+     * Close the logger
+     */
+    close(): Promise<void>;
+}
+//# sourceMappingURL=logger.d.ts.map

package/audit/logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../../src/audit/logger.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAE9C,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAC9C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,QAAQ,CAAiC;IACjD,OAAO,CAAC,WAAW,CAAS;IAC5B,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,WAAW,CAA+B;IAClD,OAAO,CAAC,WAAW,CAAa;IAEhC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAK5B;gBAEU,OAAO,EAAE,kBAAkB;IASvC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAqBxB;;OAEG;YACW,WAAW;IAmCzB;;OAEG;IACG,GAAG,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IA2B3C;;OAEG;IACH,OAAO,CAAC,SAAS;IAIjB;;OAEG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAM5D;;OAEG;IACH,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAM3D;;OAEG;IACH,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAM3D;;OAEG;IACH,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI;IAM5D;;OAEG;IACG,KAAK,CAAC,OAAO,EAAE;QACnB,SAAS,CAAC,EAAE,IAAI,CAAC;QACjB,OAAO,CAAC,EAAE,IAAI,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAqCzB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;CAY7B"}

package/client/broker-client.d.ts

@@ -0,0 +1,91 @@
+/**
+ * Broker Client
+ *
+ * Client for communicating with the broker daemon via Unix socket or HTTP.
+ */
+import type { HttpRequestParams, HttpRequestResult, FileReadParams, FileReadResult, FileWriteParams, FileWriteResult, FileListParams, FileListResult, ExecParams, ExecResult, OpenUrlParams, OpenUrlResult, SecretInjectParams, SecretInjectResult, PingResult, SkillInstallParams, SkillInstallResult, SkillUninstallParams, SkillUninstallResult } from '../types.js';
+export interface BrokerClientOptions {
+    /** Unix socket path */
+    socketPath?: string;
+    /** HTTP fallback host */
+    httpHost?: string;
+    /** HTTP fallback port */
+    httpPort?: number;
+    /** Request timeout in ms */
+    timeout?: number;
+    /** Whether to prefer socket over HTTP */
+    preferSocket?: boolean;
+}
+export interface RequestOptions {
+    /** Request timeout override */
+    timeout?: number;
+    /** Force specific channel */
+    channel?: 'socket' | 'http';
+}
+export declare class BrokerClient {
+    private socketPath;
+    private httpHost;
+    private httpPort;
+    private timeout;
+    private preferSocket;
+    constructor(options?: BrokerClientOptions);
+    /**
+     * Make an HTTP request through the broker
+     */
+    httpRequest(params: HttpRequestParams, options?: RequestOptions): Promise<HttpRequestResult>;
+    /**
+     * Read a file through the broker
+     */
+    fileRead(params: FileReadParams, options?: RequestOptions): Promise<FileReadResult>;
+    /**
+     * Write a file through the broker
+     */
+    fileWrite(params: FileWriteParams, options?: RequestOptions): Promise<FileWriteResult>;
+    /**
+     * List files through the broker
+     */
+    fileList(params: FileListParams, options?: RequestOptions): Promise<FileListResult>;
+    /**
+     * Execute a command through the broker
+     */
+    exec(params: ExecParams, options?: RequestOptions): Promise<ExecResult>;
+    /**
+     * Open a URL through the broker
+     */
+    openUrl(params: OpenUrlParams, options?: RequestOptions): Promise<OpenUrlResult>;
+    /**
+     * Inject a secret through the broker
+     */
+    secretInject(params: SecretInjectParams, options?: RequestOptions): Promise<SecretInjectResult>;
+    /**
+     * Ping the broker
+     */
+    ping(echo?: string, options?: RequestOptions): Promise<PingResult>;
+    /**
+     * Install a skill through the broker
+     * Socket-only operation due to privileged file operations
+     */
+    skillInstall(params: SkillInstallParams, options?: RequestOptions): Promise<SkillInstallResult>;
+    /**
+     * Uninstall a skill through the broker
+     * Socket-only operation due to privileged file operations
+     */
+    skillUninstall(params: SkillUninstallParams, options?: RequestOptions): Promise<SkillUninstallResult>;
+    /**
+     * Check if the broker is available
+     */
+    isAvailable(): Promise<boolean>;
+    /**
+     * Make a request to the broker
+     */
+    private request;
+    /**
+     * Make a request via Unix socket
+     */
+    private socketRequest;
+    /**
+     * Make a request via HTTP
+     */
+    private httpRequest_internal;
+}
+//# sourceMappingURL=broker-client.d.ts.map

package/client/broker-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"broker-client.d.ts","sourceRoot":"","sources":["../../src/client/broker-client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAGV,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,cAAc,EACd,eAAe,EACf,eAAe,EACf,cAAc,EACd,cAAc,EACd,UAAU,EACV,UAAU,EACV,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,kBAAkB,EAClB,UAAU,EACV,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,EACpB,oBAAoB,EACrB,MAAM,aAAa,CAAC;AAErB,MAAM,WAAW,mBAAmB;IAClC,uBAAuB;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,yBAAyB;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,4BAA4B;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,yCAAyC;IACzC,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,cAAc;IAC7B,+BAA+B;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,6BAA6B;IAC7B,OAAO,CAAC,EAAE,QAAQ,GAAG,MAAM,CAAC;CAC7B;AAED,qBAAa,YAAY;IACvB,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,YAAY,CAAU;gBAElB,OAAO,GAAE,mBAAwB;IAQ7C;;OAEG;IACG,WAAW,CACf,MAAM,EAAE,iBAAiB,EACzB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,iBAAiB,CAAC;IAI7B;;OAEG;IACG,QAAQ,CACZ,MAAM,EAAE,cAAc,EACtB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,cAAc,CAAC;IAI1B;;OAEG;IACG,SAAS,CACb,MAAM,EAAE,eAAe,EACvB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,eAAe,CAAC;IAO3B;;OAEG;IACG,QAAQ,CACZ,MAAM,EAAE,cAAc,EACtB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,cAAc,CAAC;IAI1B;;OAEG;IACG,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,UAAU,CAAC;IAO7E;;OAEG;IACG,OAAO,CACX,MAAM,EAAE,aAAa,EACrB,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,aAAa,CAAC;IAIzB;;OAEG;IACG,YAAY,CAChB,MAAM,EAAE,kBAAkB,EAC1B,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAO9B;;OAEG;IACG,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,UAAU,CAAC;IAIxE;;;OAGG;IACG,YAAY,CAChB,MAAM,EAAE,kBAAkB,EAC1B,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,kBAAkB,CAAC;IAO9B;;;OAGG;IACG,cAAc,CAClB,MAAM,EAAE,oBAAoB,EAC5B,OAAO,CAAC,EAAE,cAAc,GACvB,OAAO,CAAC,oBAAoB,CAAC;IAOhC;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,OAAO,CAAC;IASrC;;OAEG;YACW,OAAO;IAuBrB;;OAEG;YACW,aAAa;IA+D3B;;OAEG;YACW,oBAAoB;CAqDnC"}

package/client/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Broker Client
+ *
+ * Client library for communicating with the broker daemon.
+ */
+export { BrokerClient } from './broker-client.js';
+export type { BrokerClientOptions, RequestOptions } from './broker-client.js';
+//# sourceMappingURL=index.d.ts.map

package/client/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/client/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,YAAY,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC"}