npm - @agentbouncr/core - Versions diffs - 0.1.0 - Mend

@agentbouncr/core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (95) hide show

package/LICENSE +93 -0
package/README.md +47 -0
package/dist/audit/hash-chain.d.ts +39 -0
package/dist/audit/hash-chain.d.ts.map +1 -0
package/dist/audit/hash-chain.js +63 -0
package/dist/audit/hash-chain.js.map +1 -0
package/dist/audit/index.d.ts +2 -0
package/dist/audit/index.d.ts.map +1 -0
package/dist/audit/index.js +2 -0
package/dist/audit/index.js.map +1 -0
package/dist/core/condition-evaluator.d.ts +20 -0
package/dist/core/condition-evaluator.d.ts.map +1 -0
package/dist/core/condition-evaluator.js +85 -0
package/dist/core/condition-evaluator.js.map +1 -0
package/dist/core/permission-layer.d.ts +24 -0
package/dist/core/permission-layer.d.ts.map +1 -0
package/dist/core/permission-layer.js +58 -0
package/dist/core/permission-layer.js.map +1 -0
package/dist/core/policy-engine.d.ts +35 -0
package/dist/core/policy-engine.d.ts.map +1 -0
package/dist/core/policy-engine.js +131 -0
package/dist/core/policy-engine.js.map +1 -0
package/dist/core/policy-schema.d.ts +50 -0
package/dist/core/policy-schema.d.ts.map +1 -0
package/dist/core/policy-schema.js +59 -0
package/dist/core/policy-schema.js.map +1 -0
package/dist/core/tool-registry.d.ts +31 -0
package/dist/core/tool-registry.d.ts.map +1 -0
package/dist/core/tool-registry.js +53 -0
package/dist/core/tool-registry.js.map +1 -0
package/dist/detection/injection-detector.d.ts +21 -0
package/dist/detection/injection-detector.d.ts.map +1 -0
package/dist/detection/injection-detector.js +61 -0
package/dist/detection/injection-detector.js.map +1 -0
package/dist/events/event-emitter.d.ts +44 -0
package/dist/events/event-emitter.d.ts.map +1 -0
package/dist/events/event-emitter.js +119 -0
package/dist/events/event-emitter.js.map +1 -0
package/dist/importers/json-schema-converter.d.ts +16 -0
package/dist/importers/json-schema-converter.d.ts.map +1 -0
package/dist/importers/json-schema-converter.js +95 -0
package/dist/importers/json-schema-converter.js.map +1 -0
package/dist/importers/mcp-importer.d.ts +30 -0
package/dist/importers/mcp-importer.d.ts.map +1 -0
package/dist/importers/mcp-importer.js +45 -0
package/dist/importers/mcp-importer.js.map +1 -0
package/dist/index.d.ts +27 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +43 -0
package/dist/index.js.map +1 -0
package/dist/lifecycle/governance-middleware.d.ts +105 -0
package/dist/lifecycle/governance-middleware.d.ts.map +1 -0
package/dist/lifecycle/governance-middleware.js +610 -0
package/dist/lifecycle/governance-middleware.js.map +1 -0
package/dist/lifecycle/kill-switch.d.ts +46 -0
package/dist/lifecycle/kill-switch.d.ts.map +1 -0
package/dist/lifecycle/kill-switch.js +119 -0
package/dist/lifecycle/kill-switch.js.map +1 -0
package/dist/lifecycle/middleware-schemas.d.ts +49 -0
package/dist/lifecycle/middleware-schemas.d.ts.map +1 -0
package/dist/lifecycle/middleware-schemas.js +33 -0
package/dist/lifecycle/middleware-schemas.js.map +1 -0
package/dist/providers/vercel-ai-adapter.d.ts +42 -0
package/dist/providers/vercel-ai-adapter.d.ts.map +1 -0
package/dist/providers/vercel-ai-adapter.js +96 -0
package/dist/providers/vercel-ai-adapter.js.map +1 -0
package/dist/schema/tool-schema.d.ts +62 -0
package/dist/schema/tool-schema.d.ts.map +1 -0
package/dist/schema/tool-schema.js +88 -0
package/dist/schema/tool-schema.js.map +1 -0
package/dist/tracing/index.d.ts +6 -0
package/dist/tracing/index.d.ts.map +1 -0
package/dist/tracing/index.js +6 -0
package/dist/tracing/index.js.map +1 -0
package/dist/tracing/trace-context.d.ts +37 -0
package/dist/tracing/trace-context.d.ts.map +1 -0
package/dist/tracing/trace-context.js +76 -0
package/dist/tracing/trace-context.js.map +1 -0
package/dist/tracing/trace-provider.d.ts +43 -0
package/dist/tracing/trace-provider.d.ts.map +1 -0
package/dist/tracing/trace-provider.js +89 -0
package/dist/tracing/trace-provider.js.map +1 -0
package/dist/types/index.d.ts +248 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +20 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/external-content.d.ts +9 -0
package/dist/utils/external-content.d.ts.map +1 -0
package/dist/utils/external-content.js +11 -0
package/dist/utils/external-content.js.map +1 -0
package/dist/utils/logger.d.ts +4 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +13 -0
package/dist/utils/logger.js.map +1 -0
package/package.json +45 -0

package/dist/importers/mcp-importer.js ADDED Viewed

@@ -0,0 +1,45 @@
+/**
+ * @agentbouncr/core — MCP Import Adapter
+ *
+ * Converts MCP tool definitions (from tools/list response) to GovernanceTool[].
+ * MCP = Model Context Protocol — emerging standard for agent tool definitions.
+ *
+ * Import priority: MCP first.
+ */
+import { jsonSchemaToParameters } from './json-schema-converter.js';
+/**
+ * Convert MCP tool definitions to GovernanceTool[].
+ *
+ * Invalid tools (missing/empty name) are skipped with a warning.
+ * Empty input returns empty array.
+ */
+export function importMCPTools(toolList, options) {
+    if (!Array.isArray(toolList)) {
+        options?.logger?.warn({ input: typeof toolList }, 'importMCPTools: input is not an array — returning empty');
+        return [];
+    }
+    const riskLevel = options?.defaultRiskLevel ?? 'medium';
+    const result = [];
+    for (const entry of toolList) {
+        if (!entry || typeof entry !== 'object') {
+            options?.logger?.warn({ entry }, 'importMCPTools: skipping non-object entry');
+            continue;
+        }
+        if (!entry.name || typeof entry.name !== 'string' || entry.name.trim().length === 0) {
+            options?.logger?.warn({ entry }, 'importMCPTools: skipping tool with missing or empty name');
+            continue;
+        }
+        const parameters = entry.inputSchema
+            ? jsonSchemaToParameters(entry.inputSchema)
+            : [];
+        result.push({
+            name: entry.name,
+            description: typeof entry.description === 'string' ? entry.description : undefined,
+            parameters,
+            riskLevel,
+            source: 'mcp',
+        });
+    }
+    return result;
+}
+//# sourceMappingURL=mcp-importer.js.map

package/dist/importers/mcp-importer.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mcp-importer.js","sourceRoot":"","sources":["../../src/importers/mcp-importer.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,EAAE,sBAAsB,EAAE,MAAM,4BAA4B,CAAC;AAiBpE;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAC5B,QAA6B,EAC7B,OAA0B;IAE1B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,QAAQ,EAAE,EAAE,yDAAyD,CAAC,CAAC;QAC7G,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,SAAS,GAAG,OAAO,EAAE,gBAAgB,IAAI,QAAQ,CAAC;IACxD,MAAM,MAAM,GAAqB,EAAE,CAAC;IAEpC,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;QAC7B,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACxC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,2CAA2C,CAAC,CAAC;YAC9E,SAAS;QACX,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpF,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,KAAK,EAAE,EAAE,0DAA0D,CAAC,CAAC;YAC7F,SAAS;QACX,CAAC;QAED,MAAM,UAAU,GAAG,KAAK,CAAC,WAAW;YAClC,CAAC,CAAC,sBAAsB,CAAC,KAAK,CAAC,WAAW,CAAC;YAC3C,CAAC,CAAC,EAAE,CAAC;QAEP,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,WAAW,EAAE,OAAO,KAAK,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAClF,UAAU;YACV,SAAS;YACT,MAAM,EAAE,KAAK;SACd,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,27 @@
+/**
+ * @agentbouncr/core — Agent Governance Framework
+ *
+ * The governance layer for AI agents.
+ * The agent does not decide what it may do — the system decides.
+ */
+export declare const VERSION = "0.1.0";
+export { GovernanceError, type FailureCategory, type InjectionDetectionResult, type KillSwitchResult, type PermissionResult, type EvaluateRequest, type EvaluateResult, type AppliedRule, type ToolResult, type ToolExecutionContext, type AuditEvent, type AuditEventInput, type AuditFilter, type AuditChainVerificationResult, type ConditionOperator, type PolicyCondition, type Policy, type PolicyRule, type PolicyVersion, type AgentRunStatus, type AgentConfig, type AgentStatus, type TransactionClient, type DatabaseAdapter, type ToolFilter, type GovernanceEventRecord, type GovernanceEventFilter, type ApprovalStatus, type ApprovalRequest, type ApprovalRequestInput, type ApprovalFilter, type ApprovalResolution, } from './types/index.js';
+export { governanceToolSchema, governanceToolParameterSchema, toolParameterConstraintsSchema, riskLevelSchema, toolSourceSchema, parametersToJsonSchema, type GovernanceTool, type GovernanceToolParameter, type ToolParameterConstraints, type RiskLevel, type ToolSource, } from './schema/tool-schema.js';
+export { logger, securityLogger } from './utils/logger.js';
+export { wrapExternalContent, INJECTION_WARNING_START, INJECTION_WARNING_END, } from './utils/external-content.js';
+export { GovernanceEventEmitter, type GovernanceEventType, type GovernanceEvent, type GovernanceEventListener, } from './events/event-emitter.js';
+export { detectInjection, DEFAULT_INJECTION_PATTERNS, type InjectionDetectionOptions, type InjectionPattern, } from './detection/injection-detector.js';
+export { PermissionLayer } from './core/permission-layer.js';
+export { evaluateCondition } from './core/condition-evaluator.js';
+export { PolicyEngine } from './core/policy-engine.js';
+export { policySchema, policyRuleSchema, policyConditionSchema, validatePolicy, } from './core/policy-schema.js';
+export { ToolRegistry, type ProviderToolDefinition, } from './core/tool-registry.js';
+export { jsonSchemaToParameters } from './importers/json-schema-converter.js';
+export { importMCPTools, type MCPToolDefinition, type MCPImportOptions, } from './importers/mcp-importer.js';
+export { wrapToolsWithGovernance, type AITool, type AIToolSet, type GovernanceWrapOptions, } from './providers/vercel-ai-adapter.js';
+export { GovernanceMiddleware, type GovernanceMiddlewareOptions, } from './lifecycle/governance-middleware.js';
+export { KillSwitchManager, type KillSwitchStatus, } from './lifecycle/kill-switch.js';
+export { evaluateRequestSchema, agentConfigSchema, dryRunRequestSchema, } from './lifecycle/middleware-schemas.js';
+export { TraceProvider, createTraceContext, generateTraceId, generateSpanId, isValidTraceId, isValidSpanId, parseTraceparent, type TraceContext, } from './tracing/index.js';
+export { computeAuditHash, verifyAuditEventHash, type HashInput, } from './audit/index.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,eAAO,MAAM,OAAO,UAAU,CAAC;AAG/B,OAAO,EACL,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,wBAAwB,EAC7B,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,WAAW,EAChB,KAAK,UAAU,EACf,KAAK,oBAAoB,EACzB,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,4BAA4B,EACjC,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,MAAM,EACX,KAAK,UAAU,EACf,KAAK,aAAa,EAClB,KAAK,cAAc,EACnB,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,UAAU,EACf,KAAK,qBAAqB,EAC1B,KAAK,qBAAqB,EAC1B,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,KAAK,oBAAoB,EACzB,KAAK,cAAc,EACnB,KAAK,kBAAkB,GACxB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,oBAAoB,EACpB,6BAA6B,EAC7B,8BAA8B,EAC9B,eAAe,EACf,gBAAgB,EAChB,sBAAsB,EACtB,KAAK,cAAc,EACnB,KAAK,uBAAuB,EAC5B,KAAK,wBAAwB,EAC7B,KAAK,SAAS,EACd,KAAK,UAAU,GAChB,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAG3D,OAAO,EACL,mBAAmB,EACnB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,6BAA6B,CAAC;AAGrC,OAAO,EACL,sBAAsB,EACtB,KAAK,mBAAmB,EACxB,KAAK,eAAe,EACpB,KAAK,uBAAuB,GAC7B,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EACL,eAAe,EACf,0BAA0B,EAC1B,KAAK,yBAAyB,EAC9B,KAAK,gBAAgB,GACtB,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAG7D,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAGlE,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAGvD,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,qBAAqB,EACrB,cAAc,GACf,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,YAAY,EACZ,KAAK,sBAAsB,GAC5B,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EACL,cAAc,EACd,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,GACtB,MAAM,6BAA6B,CAAC;AAGrC,OAAO,EACL,uBAAuB,EACvB,KAAK,MAAM,EACX,KAAK,SAAS,EACd,KAAK,qBAAqB,GAC3B,MAAM,kCAAkC,CAAC;AAG1C,OAAO,EACL,oBAAoB,EACpB,KAAK,2BAA2B,GACjC,MAAM,sCAAsC,CAAC;AAE9C,OAAO,EACL,iBAAiB,EACjB,KAAK,gBAAgB,GACtB,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,eAAe,EACf,cAAc,EACd,cAAc,EACd,aAAa,EACb,gBAAgB,EAChB,KAAK,YAAY,GAClB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,KAAK,SAAS,GACf,MAAM,kBAAkB,CAAC"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,43 @@
+/**
+ * @agentbouncr/core — Agent Governance Framework
+ *
+ * The governance layer for AI agents.
+ * The agent does not decide what it may do — the system decides.
+ */
+export const VERSION = '0.1.0';
+// Types
+export { GovernanceError, } from './types/index.js';
+// Canonical Tool Schema
+export { governanceToolSchema, governanceToolParameterSchema, toolParameterConstraintsSchema, riskLevelSchema, toolSourceSchema, parametersToJsonSchema, } from './schema/tool-schema.js';
+// Logger
+export { logger, securityLogger } from './utils/logger.js';
+// External Content
+export { wrapExternalContent, INJECTION_WARNING_START, INJECTION_WARNING_END, } from './utils/external-content.js';
+// Event System
+export { GovernanceEventEmitter, } from './events/event-emitter.js';
+// Injection Detection
+export { detectInjection, DEFAULT_INJECTION_PATTERNS, } from './detection/injection-detector.js';
+// Permission Layer
+export { PermissionLayer } from './core/permission-layer.js';
+// Condition Evaluator
+export { evaluateCondition } from './core/condition-evaluator.js';
+// Policy Engine
+export { PolicyEngine } from './core/policy-engine.js';
+// Policy Schema
+export { policySchema, policyRuleSchema, policyConditionSchema, validatePolicy, } from './core/policy-schema.js';
+// Tool Registry
+export { ToolRegistry, } from './core/tool-registry.js';
+// Importers
+export { jsonSchemaToParameters } from './importers/json-schema-converter.js';
+export { importMCPTools, } from './importers/mcp-importer.js';
+// Provider Adapter
+export { wrapToolsWithGovernance, } from './providers/vercel-ai-adapter.js';
+// Lifecycle
+export { GovernanceMiddleware, } from './lifecycle/governance-middleware.js';
+export { KillSwitchManager, } from './lifecycle/kill-switch.js';
+export { evaluateRequestSchema, agentConfigSchema, dryRunRequestSchema, } from './lifecycle/middleware-schemas.js';
+// Tracing (W3C Trace Context)
+export { TraceProvider, createTraceContext, generateTraceId, generateSpanId, isValidTraceId, isValidSpanId, parseTraceparent, } from './tracing/index.js';
+// Audit Trail (Hash-Chain)
+export { computeAuditHash, verifyAuditEventHash, } from './audit/index.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC;AAE/B,QAAQ;AACR,OAAO,EACL,eAAe,GAgChB,MAAM,kBAAkB,CAAC;AAE1B,wBAAwB;AACxB,OAAO,EACL,oBAAoB,EACpB,6BAA6B,EAC7B,8BAA8B,EAC9B,eAAe,EACf,gBAAgB,EAChB,sBAAsB,GAMvB,MAAM,yBAAyB,CAAC;AAEjC,SAAS;AACT,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAE3D,mBAAmB;AACnB,OAAO,EACL,mBAAmB,EACnB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,6BAA6B,CAAC;AAErC,eAAe;AACf,OAAO,EACL,sBAAsB,GAIvB,MAAM,2BAA2B,CAAC;AAEnC,sBAAsB;AACtB,OAAO,EACL,eAAe,EACf,0BAA0B,GAG3B,MAAM,mCAAmC,CAAC;AAE3C,mBAAmB;AACnB,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAE7D,sBAAsB;AACtB,OAAO,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAC;AAElE,gBAAgB;AAChB,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAEvD,gBAAgB;AAChB,OAAO,EACL,YAAY,EACZ,gBAAgB,EAChB,qBAAqB,EACrB,cAAc,GACf,MAAM,yBAAyB,CAAC;AAEjC,gBAAgB;AAChB,OAAO,EACL,YAAY,GAEb,MAAM,yBAAyB,CAAC;AAEjC,YAAY;AACZ,OAAO,EAAE,sBAAsB,EAAE,MAAM,sCAAsC,CAAC;AAC9E,OAAO,EACL,cAAc,GAGf,MAAM,6BAA6B,CAAC;AAErC,mBAAmB;AACnB,OAAO,EACL,uBAAuB,GAIxB,MAAM,kCAAkC,CAAC;AAE1C,YAAY;AACZ,OAAO,EACL,oBAAoB,GAErB,MAAM,sCAAsC,CAAC;AAE9C,OAAO,EACL,iBAAiB,GAElB,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,mCAAmC,CAAC;AAE3C,8BAA8B;AAC9B,OAAO,EACL,aAAa,EACb,kBAAkB,EAClB,eAAe,EACf,cAAc,EACd,cAAc,EACd,aAAa,EACb,gBAAgB,GAEjB,MAAM,oBAAoB,CAAC;AAE5B,2BAA2B;AAC3B,OAAO,EACL,gBAAgB,EAChB,oBAAoB,GAErB,MAAM,kBAAkB,CAAC"}

package/dist/lifecycle/governance-middleware.d.ts ADDED Viewed

@@ -0,0 +1,105 @@
+/**
+ * @agentbouncr/core — GovernanceMiddleware
+ *
+ * Main entry point for developers.
+ * Orchestrates PolicyEngine, EventEmitter, KillSwitch, and DatabaseAdapter.
+ *
+ * Usage:
+ *   const governance = new GovernanceMiddleware();
+ *   const result = await governance.evaluate({ agentId: 'a', tool: 'x', params: {} });
+ *
+ * Zero-Config: Works without policy — defaults allow-all, logs all.
+ * Kill-Switch: emergencyStop() denies ALL evaluate() calls.
+ * Agent CRUD: registerAgent/start/stop/delete — requires DatabaseAdapter.
+ */
+import pino from 'pino';
+import type { DatabaseAdapter, EvaluateRequest, EvaluateResult, Policy, PolicyVersion, AgentConfig, AgentStatus, ApprovalRequest, ApprovalFilter, ApprovalResolution } from '../types/index.js';
+import type { KillSwitchStatus } from './kill-switch.js';
+import { type GovernanceEventType, type GovernanceEventListener } from '../events/event-emitter.js';
+export interface GovernanceMiddlewareOptions {
+    db?: DatabaseAdapter;
+    policy?: Policy;
+    logger?: pino.Logger;
+    approvalTimeoutSeconds?: number;
+}
+export declare class GovernanceMiddleware {
+    private readonly logger;
+    private readonly eventEmitter;
+    private readonly policyEngine;
+    private readonly killSwitch;
+    private readonly db?;
+    private readonly approvalTimeoutSeconds;
+    private readonly tenantId?;
+    private policy;
+    constructor(options?: GovernanceMiddlewareOptions);
+    /**
+     * Return a tenant-scoped middleware sharing EventEmitter, PolicyEngine, KillSwitch.
+     * Only the DatabaseAdapter is scoped to the given tenantId.
+     */
+    forTenant(tenantId: string): GovernanceMiddleware;
+    /**
+     * Evaluate a tool-call request against governance policies.
+     *
+     * Flow:
+     * 1. Kill-Switch check (immediate deny if active)
+     * 2. Policy resolution: inline > DB > default allow-all
+     * 3. PolicyEngine.evaluate()
+     * 4. Event emission (tool_call.allowed / tool_call.denied)
+     */
+    evaluate(request: EvaluateRequest): Promise<EvaluateResult>;
+    registerAgent(config: AgentConfig): Promise<string>;
+    startAgent(agentId: string): Promise<void>;
+    stopAgent(agentId: string, reason?: string): Promise<void>;
+    getAgentStatus(agentId: string): Promise<AgentStatus | null>;
+    listAgents(): Promise<AgentStatus[]>;
+    deleteAgent(agentId: string): Promise<boolean>;
+    emergencyStop(reason?: string): void;
+    resetKillSwitch(reason?: string): void;
+    isKillSwitchActive(): boolean;
+    on(type: GovernanceEventType, listener: GovernanceEventListener): void;
+    off(type: GovernanceEventType, listener: GovernanceEventListener): void;
+    getKillSwitchStatus(): KillSwitchStatus;
+    setPolicy(policy: Policy): void;
+    /**
+     * Clear the inline policy. Subsequent evaluate() calls will
+     * fall back to DB-based policy or default allow-all.
+     */
+    clearPolicy(): void;
+    writePolicy(policy: Policy): Promise<void>;
+    listPolicies(): Promise<Policy[]>;
+    getPolicyByName(name: string): Promise<Policy | null>;
+    deletePolicy(name: string): Promise<boolean>;
+    /**
+     * Evaluate a request against an inline policy without side effects.
+     * NO kill-switch check, NO events, NO DB interaction.
+     */
+    evaluateDryRun(request: EvaluateRequest, policy: Policy): EvaluateResult;
+    getPolicyHistory(policyName: string): Promise<PolicyVersion[]>;
+    getPolicyVersion(policyName: string, versionId: number): Promise<PolicyVersion | null>;
+    rollbackPolicy(policyName: string, versionId: number): Promise<Policy>;
+    /**
+     * Get a single approval request by ID.
+     * Implements lazy timeout: if pending and past deadline, auto-resolves to 'timeout'.
+     */
+    getApprovalRequest(id: string): Promise<ApprovalRequest | null>;
+    /**
+     * List approval requests with optional filtering.
+     * Applies lazy timeout to all overdue pending items.
+     */
+    listApprovalRequests(filter?: ApprovalFilter): Promise<ApprovalRequest[]>;
+    /**
+     * Resolve an approval request (approve, reject, or timeout).
+     * Uses optimistic locking — returns { resolved, approval }.
+     */
+    resolveApproval(id: string, resolution: ApprovalResolution): Promise<{
+        resolved: boolean;
+        approval?: ApprovalRequest;
+    }>;
+    /**
+     * Handle a tool call that requires approval.
+     * Creates an approval request, emits event, returns requiresApproval result.
+     */
+    private handleApprovalRequired;
+    private requireDb;
+}
+//# sourceMappingURL=governance-middleware.d.ts.map

package/dist/lifecycle/governance-middleware.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"governance-middleware.d.ts","sourceRoot":"","sources":["../../src/lifecycle/governance-middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,KAAK,EACV,eAAe,EACf,eAAe,EACf,cAAc,EACd,MAAM,EACN,aAAa,EACb,WAAW,EACX,WAAW,EACX,eAAe,EACf,cAAc,EACd,kBAAkB,EACnB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGzD,OAAO,EAEL,KAAK,mBAAmB,EACxB,KAAK,uBAAuB,EAC7B,MAAM,4BAA4B,CAAC;AAQpC,MAAM,WAAW,2BAA2B;IAC1C,EAAE,CAAC,EAAE,eAAe,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC;IACrB,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AAmBD,qBAAa,oBAAoB;IAC/B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAc;IACrC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAyB;IACtD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAC5C,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAoB;IAC/C,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAkB;IACtC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAS;IAChD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAS;IACnC,OAAO,CAAC,MAAM,CAAgB;gBAElB,OAAO,CAAC,EAAE,2BAA2B;IAYjD;;;OAGG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,oBAAoB;IAYjD;;;;;;;;OAQG;IACG,QAAQ,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,cAAc,CAAC;IAgL3D,aAAa,CAAC,MAAM,EAAE,WAAW,GAAG,OAAO,CAAC,MAAM,CAAC;IA0BnD,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa1C,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAa1D,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IAK5D,UAAU,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;IAKpC,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAmBpD,aAAa,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;IAIpC,eAAe,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI;IAItC,kBAAkB,IAAI,OAAO;IAM7B,EAAE,CAAC,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,uBAAuB,GAAG,IAAI;IAItE,GAAG,CAAC,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,uBAAuB,GAAG,IAAI;IAMvE,mBAAmB,IAAI,gBAAgB;IAMvC,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI;IAa/B;;;OAGG;IACH,WAAW,IAAI,IAAI;IAIb,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAsB1C,YAAY,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAKjC,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAKrD,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAkBlD;;;OAGG;IACH,cAAc,CAAC,OAAO,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,GAAG,cAAc;IAiClE,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAK9D,gBAAgB,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAKtF,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAyC5E;;;OAGG;IACG,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC;IAsBrE;;;OAGG;IACG,oBAAoB,CAAC,MAAM,CAAC,EAAE,cAAc,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAwB/E;;;OAGG;IACG,eAAe,CACnB,EAAE,EAAE,MAAM,EACV,UAAU,EAAE,kBAAkB,GAC7B,OAAO,CAAC;QAAE,QAAQ,EAAE,OAAO,CAAC;QAAC,QAAQ,CAAC,EAAE,eAAe,CAAA;KAAE,CAAC;IAoE7D;;;OAGG;YACW,sBAAsB;IA6EpC,OAAO,CAAC,SAAS;CAUlB"}