npm - @agentlensai/server - Versions diffs - 0.11.0 → 0.13.0 - Mend

@agentlensai/server 0.11.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (633) hide show

package/LICENSE +21 -0
package/dist/cloud/auth/rbac.d.ts +1 -1
package/dist/cloud/auth/rbac.d.ts.map +1 -1
package/dist/cloud/auth/rbac.js +2 -2
package/dist/cloud/auth/rbac.js.map +1 -1
package/dist/cloud/billing/stripe-client.d.ts.map +1 -1
package/dist/cloud/billing/stripe-client.js +6 -1
package/dist/cloud/billing/stripe-client.js.map +1 -1
package/dist/cloud/ingestion/gateway.d.ts.map +1 -1
package/dist/cloud/ingestion/gateway.js +0 -1
package/dist/cloud/ingestion/gateway.js.map +1 -1
package/dist/cloud/middleware/validate-org-access.d.ts +14 -0
package/dist/cloud/middleware/validate-org-access.d.ts.map +1 -0
package/dist/cloud/middleware/validate-org-access.js +38 -0
package/dist/cloud/middleware/validate-org-access.js.map +1 -0
package/dist/cloud/routes/index.d.ts +13 -0
package/dist/cloud/routes/index.d.ts.map +1 -0
package/dist/cloud/routes/index.js +98 -0
package/dist/cloud/routes/index.js.map +1 -0
package/dist/config.d.ts +33 -1
package/dist/config.d.ts.map +1 -1
package/dist/config.js +71 -1
package/dist/config.js.map +1 -1
package/dist/db/api-key-lookup.d.ts +25 -0
package/dist/db/api-key-lookup.d.ts.map +1 -0
package/dist/db/api-key-lookup.js +38 -0
package/dist/db/api-key-lookup.js.map +1 -0
package/dist/db/connection.postgres.d.ts +44 -0
package/dist/db/connection.postgres.d.ts.map +1 -0
package/dist/db/connection.postgres.js +79 -0
package/dist/db/connection.postgres.js.map +1 -0
package/dist/db/cost-budget-store.d.ts +30 -0
package/dist/db/cost-budget-store.d.ts.map +1 -0
package/dist/db/cost-budget-store.js +201 -0
package/dist/db/cost-budget-store.js.map +1 -0
package/dist/db/drizzle/0000_initial.sql +336 -0
package/dist/db/drizzle/0001_indexes.sql +20 -0
package/dist/db/drizzle/0002_pgvector.sql +19 -0
package/dist/db/drizzle/drizzle/0000_initial.sql +336 -0
package/dist/db/drizzle/drizzle/0001_indexes.sql +20 -0
package/dist/db/drizzle/drizzle/0002_pgvector.sql +19 -0
package/dist/db/drizzle/drizzle/meta/0000_snapshot.json +2593 -0
package/dist/db/drizzle/drizzle/meta/_journal.json +27 -0
package/dist/db/drizzle/meta/0000_snapshot.json +2593 -0
package/dist/db/drizzle/meta/_journal.json +27 -0
package/dist/db/embedding-store.d.ts +2 -1
package/dist/db/embedding-store.d.ts.map +1 -1
package/dist/db/embedding-store.interface.d.ts +19 -0
package/dist/db/embedding-store.interface.d.ts.map +1 -0
package/dist/db/embedding-store.interface.js +7 -0
package/dist/db/embedding-store.interface.js.map +1 -0
package/dist/db/embedding-store.js +3 -1
package/dist/db/embedding-store.js.map +1 -1
package/dist/db/eval-store.d.ts +88 -0
package/dist/db/eval-store.d.ts.map +1 -0
package/dist/db/eval-store.js +408 -0
package/dist/db/eval-store.js.map +1 -0
package/dist/db/guardrail-store.d.ts +9 -0
package/dist/db/guardrail-store.d.ts.map +1 -1
package/dist/db/guardrail-store.js +57 -3
package/dist/db/guardrail-store.js.map +1 -1
package/dist/db/index.d.ts +7 -0
package/dist/db/index.d.ts.map +1 -1
package/dist/db/index.js +4 -12
package/dist/db/index.js.map +1 -1
package/dist/db/migrate.d.ts +5 -22
package/dist/db/migrate.d.ts.map +1 -1
package/dist/db/migrate.js +7 -637
package/dist/db/migrate.js.map +1 -1
package/dist/db/migrate.postgres.d.ts +16 -0
package/dist/db/migrate.postgres.d.ts.map +1 -0
package/dist/db/migrate.postgres.js +23 -0
package/dist/db/migrate.postgres.js.map +1 -0
package/dist/db/migrate.sqlite.d.ts +26 -0
package/dist/db/migrate.sqlite.d.ts.map +1 -0
package/dist/db/migrate.sqlite.js +920 -0
package/dist/db/migrate.sqlite.js.map +1 -0
package/dist/db/postgres-embedding-store.d.ts +23 -0
package/dist/db/postgres-embedding-store.d.ts.map +1 -0
package/dist/db/postgres-embedding-store.js +218 -0
package/dist/db/postgres-embedding-store.js.map +1 -0
package/dist/db/postgres-store.d.ts +80 -0
package/dist/db/postgres-store.d.ts.map +1 -0
package/dist/db/postgres-store.js +910 -0
package/dist/db/postgres-store.js.map +1 -0
package/dist/db/prompt-store.d.ts +57 -0
package/dist/db/prompt-store.d.ts.map +1 -0
package/dist/db/prompt-store.js +300 -0
package/dist/db/prompt-store.js.map +1 -0
package/dist/db/repositories/agent-repository.d.ts +21 -0
package/dist/db/repositories/agent-repository.d.ts.map +1 -0
package/dist/db/repositories/agent-repository.js +142 -0
package/dist/db/repositories/agent-repository.js.map +1 -0
package/dist/db/repositories/alert-repository.d.ts +27 -0
package/dist/db/repositories/alert-repository.d.ts.map +1 -0
package/dist/db/repositories/alert-repository.js +164 -0
package/dist/db/repositories/alert-repository.js.map +1 -0
package/dist/db/repositories/analytics-repository.d.ts +24 -0
package/dist/db/repositories/analytics-repository.d.ts.map +1 -0
package/dist/db/repositories/analytics-repository.js +147 -0
package/dist/db/repositories/analytics-repository.js.map +1 -0
package/dist/db/repositories/event-repository.d.ts +81 -0
package/dist/db/repositories/event-repository.d.ts.map +1 -0
package/dist/db/repositories/event-repository.js +331 -0
package/dist/db/repositories/event-repository.js.map +1 -0
package/dist/db/repositories/notification-channel-repository.d.ts +28 -0
package/dist/db/repositories/notification-channel-repository.d.ts.map +1 -0
package/dist/db/repositories/notification-channel-repository.js +151 -0
package/dist/db/repositories/notification-channel-repository.js.map +1 -0
package/dist/db/repositories/session-repository.d.ts +26 -0
package/dist/db/repositories/session-repository.d.ts.map +1 -0
package/dist/db/repositories/session-repository.js +240 -0
package/dist/db/repositories/session-repository.js.map +1 -0
package/dist/db/schema.postgres.d.ts +4681 -0
package/dist/db/schema.postgres.d.ts.map +1 -0
package/dist/db/schema.postgres.js +458 -0
package/dist/db/schema.postgres.js.map +1 -0
package/dist/db/schema.sqlite.d.ts +2221 -671
package/dist/db/schema.sqlite.d.ts.map +1 -1
package/dist/db/schema.sqlite.js +137 -2
package/dist/db/schema.sqlite.js.map +1 -1
package/dist/db/services/retention-service.d.ts +13 -0
package/dist/db/services/retention-service.d.ts.map +1 -0
package/dist/db/services/retention-service.js +48 -0
package/dist/db/services/retention-service.js.map +1 -0
package/dist/db/shared/query-helpers.d.ts +32 -0
package/dist/db/shared/query-helpers.d.ts.map +1 -0
package/dist/db/shared/query-helpers.js +180 -0
package/dist/db/shared/query-helpers.js.map +1 -0
package/dist/db/sqlite-store.d.ts +48 -55
package/dist/db/sqlite-store.d.ts.map +1 -1
package/dist/db/sqlite-store.js +78 -945
package/dist/db/sqlite-store.js.map +1 -1
package/dist/db/tenant-scoped-store.d.ts +18 -1
package/dist/db/tenant-scoped-store.d.ts.map +1 -1
package/dist/db/tenant-scoped-store.js +6 -0
package/dist/db/tenant-scoped-store.js.map +1 -1
package/dist/index.d.ts +28 -14
package/dist/index.d.ts.map +1 -1
package/dist/index.js +432 -97
package/dist/index.js.map +1 -1
package/dist/lib/alert-engine.d.ts +10 -0
package/dist/lib/alert-engine.d.ts.map +1 -1
package/dist/lib/alert-engine.js +73 -20
package/dist/lib/alert-engine.js.map +1 -1
package/dist/lib/audit-verify.d.ts +40 -0
package/dist/lib/audit-verify.d.ts.map +1 -0
package/dist/lib/audit-verify.js +128 -0
package/dist/lib/audit-verify.js.map +1 -0
package/dist/lib/audit.d.ts +37 -0
package/dist/lib/audit.d.ts.map +1 -0
package/dist/lib/audit.js +59 -0
package/dist/lib/audit.js.map +1 -0
package/dist/lib/budget-engine.d.ts +26 -0
package/dist/lib/budget-engine.d.ts.map +1 -0
package/dist/lib/budget-engine.js +201 -0
package/dist/lib/budget-engine.js.map +1 -0
package/dist/lib/compliance-export.d.ts +41 -0
package/dist/lib/compliance-export.d.ts.map +1 -0
package/dist/lib/compliance-export.js +124 -0
package/dist/lib/compliance-export.js.map +1 -0
package/dist/lib/compliance-report.d.ts +87 -0
package/dist/lib/compliance-report.d.ts.map +1 -0
package/dist/lib/compliance-report.js +148 -0
package/dist/lib/compliance-report.js.map +1 -0
package/dist/lib/context/retrieval.d.ts +5 -3
package/dist/lib/context/retrieval.d.ts.map +1 -1
package/dist/lib/context/retrieval.js +5 -2
package/dist/lib/context/retrieval.js.map +1 -1
package/dist/lib/cost-anomaly-detector.d.ts +23 -0
package/dist/lib/cost-anomaly-detector.d.ts.map +1 -0
package/dist/lib/cost-anomaly-detector.js +108 -0
package/dist/lib/cost-anomaly-detector.js.map +1 -0
package/dist/lib/db-resilience.d.ts +15 -0
package/dist/lib/db-resilience.d.ts.map +1 -0
package/dist/lib/db-resilience.js +49 -0
package/dist/lib/db-resilience.js.map +1 -0
package/dist/lib/diagnostics/cache.d.ts +29 -0
package/dist/lib/diagnostics/cache.d.ts.map +1 -0
package/dist/lib/diagnostics/cache.js +88 -0
package/dist/lib/diagnostics/cache.js.map +1 -0
package/dist/lib/diagnostics/context-builder.d.ts +41 -0
package/dist/lib/diagnostics/context-builder.d.ts.map +1 -0
package/dist/lib/diagnostics/context-builder.js +135 -0
package/dist/lib/diagnostics/context-builder.js.map +1 -0
package/dist/lib/diagnostics/index.d.ts +34 -0
package/dist/lib/diagnostics/index.d.ts.map +1 -0
package/dist/lib/diagnostics/index.js +223 -0
package/dist/lib/diagnostics/index.js.map +1 -0
package/dist/lib/diagnostics/llm-client.d.ts +24 -0
package/dist/lib/diagnostics/llm-client.d.ts.map +1 -0
package/dist/lib/diagnostics/llm-client.js +42 -0
package/dist/lib/diagnostics/llm-client.js.map +1 -0
package/dist/lib/diagnostics/prompt-templates.d.ts +18 -0
package/dist/lib/diagnostics/prompt-templates.d.ts.map +1 -0
package/dist/lib/diagnostics/prompt-templates.js +144 -0
package/dist/lib/diagnostics/prompt-templates.js.map +1 -0
package/dist/lib/diagnostics/providers/anthropic.d.ts +8 -0
package/dist/lib/diagnostics/providers/anthropic.d.ts.map +1 -0
package/dist/lib/diagnostics/providers/anthropic.js +79 -0
package/dist/lib/diagnostics/providers/anthropic.js.map +1 -0
package/dist/lib/diagnostics/providers/openai.d.ts +8 -0
package/dist/lib/diagnostics/providers/openai.d.ts.map +1 -0
package/dist/lib/diagnostics/providers/openai.js +70 -0
package/dist/lib/diagnostics/providers/openai.js.map +1 -0
package/dist/lib/diagnostics/providers/types.d.ts +23 -0
package/dist/lib/diagnostics/providers/types.d.ts.map +1 -0
package/dist/lib/diagnostics/providers/types.js +5 -0
package/dist/lib/diagnostics/providers/types.js.map +1 -0
package/dist/lib/diagnostics/response-parser.d.ts +60 -0
package/dist/lib/diagnostics/response-parser.d.ts.map +1 -0
package/dist/lib/diagnostics/response-parser.js +55 -0
package/dist/lib/diagnostics/response-parser.js.map +1 -0
package/dist/lib/diagnostics/types.d.ts +60 -0
package/dist/lib/diagnostics/types.d.ts.map +1 -0
package/dist/lib/diagnostics/types.js +7 -0
package/dist/lib/diagnostics/types.js.map +1 -0
package/dist/lib/embeddings/index.d.ts +6 -3
package/dist/lib/embeddings/index.d.ts.map +1 -1
package/dist/lib/embeddings/index.js +7 -15
package/dist/lib/embeddings/index.js.map +1 -1
package/dist/lib/embeddings/worker.d.ts +2 -2
package/dist/lib/embeddings/worker.d.ts.map +1 -1
package/dist/lib/embeddings/worker.js +3 -1
package/dist/lib/embeddings/worker.js.map +1 -1
package/dist/lib/error-sanitizer.d.ts +28 -0
package/dist/lib/error-sanitizer.d.ts.map +1 -0
package/dist/lib/error-sanitizer.js +106 -0
package/dist/lib/error-sanitizer.js.map +1 -0
package/dist/lib/eval/index.d.ts +15 -0
package/dist/lib/eval/index.d.ts.map +1 -0
package/dist/lib/eval/index.js +24 -0
package/dist/lib/eval/index.js.map +1 -0
package/dist/lib/eval/runner.d.ts +28 -0
package/dist/lib/eval/runner.d.ts.map +1 -0
package/dist/lib/eval/runner.js +260 -0
package/dist/lib/eval/runner.js.map +1 -0
package/dist/lib/eval/scorers/contains.d.ts +10 -0
package/dist/lib/eval/scorers/contains.d.ts.map +1 -0
package/dist/lib/eval/scorers/contains.js +33 -0
package/dist/lib/eval/scorers/contains.js.map +1 -0
package/dist/lib/eval/scorers/exact-match.d.ts +10 -0
package/dist/lib/eval/scorers/exact-match.d.ts.map +1 -0
package/dist/lib/eval/scorers/exact-match.js +33 -0
package/dist/lib/eval/scorers/exact-match.js.map +1 -0
package/dist/lib/eval/scorers/index.d.ts +20 -0
package/dist/lib/eval/scorers/index.d.ts.map +1 -0
package/dist/lib/eval/scorers/index.js +19 -0
package/dist/lib/eval/scorers/index.js.map +1 -0
package/dist/lib/eval/scorers/llm-judge.d.ts +22 -0
package/dist/lib/eval/scorers/llm-judge.d.ts.map +1 -0
package/dist/lib/eval/scorers/llm-judge.js +79 -0
package/dist/lib/eval/scorers/llm-judge.js.map +1 -0
package/dist/lib/eval/scorers/regex.d.ts +10 -0
package/dist/lib/eval/scorers/regex.d.ts.map +1 -0
package/dist/lib/eval/scorers/regex.js +36 -0
package/dist/lib/eval/scorers/regex.js.map +1 -0
package/dist/lib/guardrails/actions.d.ts +6 -0
package/dist/lib/guardrails/actions.d.ts.map +1 -1
package/dist/lib/guardrails/actions.js +82 -0
package/dist/lib/guardrails/actions.js.map +1 -1
package/dist/lib/guardrails/conditions.d.ts +47 -0
package/dist/lib/guardrails/conditions.d.ts.map +1 -1
package/dist/lib/guardrails/conditions.js +55 -10
package/dist/lib/guardrails/conditions.js.map +1 -1
package/dist/lib/guardrails/content-engine.d.ts +19 -0
package/dist/lib/guardrails/content-engine.d.ts.map +1 -0
package/dist/lib/guardrails/content-engine.js +154 -0
package/dist/lib/guardrails/content-engine.js.map +1 -0
package/dist/lib/guardrails/engine.d.ts +33 -0
package/dist/lib/guardrails/engine.d.ts.map +1 -1
package/dist/lib/guardrails/engine.js +37 -2
package/dist/lib/guardrails/engine.js.map +1 -1
package/dist/lib/guardrails/scanners/base-scanner.d.ts +23 -0
package/dist/lib/guardrails/scanners/base-scanner.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/base-scanner.js +7 -0
package/dist/lib/guardrails/scanners/base-scanner.js.map +1 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.d.ts +13 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.js +49 -0
package/dist/lib/guardrails/scanners/patterns/pii-patterns.js.map +1 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.d.ts +6 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.js +69 -0
package/dist/lib/guardrails/scanners/patterns/secret-patterns.js.map +1 -0
package/dist/lib/guardrails/scanners/pii-scanner.d.ts +10 -0
package/dist/lib/guardrails/scanners/pii-scanner.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/pii-scanner.js +57 -0
package/dist/lib/guardrails/scanners/pii-scanner.js.map +1 -0
package/dist/lib/guardrails/scanners/scanner-registry.d.ts +14 -0
package/dist/lib/guardrails/scanners/scanner-registry.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/scanner-registry.js +51 -0
package/dist/lib/guardrails/scanners/scanner-registry.js.map +1 -0
package/dist/lib/guardrails/scanners/secrets-scanner.d.ts +9 -0
package/dist/lib/guardrails/scanners/secrets-scanner.d.ts.map +1 -0
package/dist/lib/guardrails/scanners/secrets-scanner.js +47 -0
package/dist/lib/guardrails/scanners/secrets-scanner.js.map +1 -0
package/dist/lib/logger.d.ts +8 -0
package/dist/lib/logger.d.ts.map +1 -0
package/dist/lib/logger.js +31 -0
package/dist/lib/logger.js.map +1 -0
package/dist/lib/lore-client.d.ts +128 -0
package/dist/lib/lore-client.d.ts.map +1 -0
package/dist/lib/lore-client.js +188 -0
package/dist/lib/lore-client.js.map +1 -0
package/dist/lib/mesh-client.d.ts +31 -0
package/dist/lib/mesh-client.d.ts.map +1 -0
package/dist/lib/mesh-client.js +72 -0
package/dist/lib/mesh-client.js.map +1 -0
package/dist/lib/notifications/grouping-buffer.d.ts +25 -0
package/dist/lib/notifications/grouping-buffer.d.ts.map +1 -0
package/dist/lib/notifications/grouping-buffer.js +73 -0
package/dist/lib/notifications/grouping-buffer.js.map +1 -0
package/dist/lib/notifications/provider.d.ts +10 -0
package/dist/lib/notifications/provider.d.ts.map +1 -0
package/dist/lib/notifications/provider.js +5 -0
package/dist/lib/notifications/provider.js.map +1 -0
package/dist/lib/notifications/providers/email.d.ts +14 -0
package/dist/lib/notifications/providers/email.d.ts.map +1 -0
package/dist/lib/notifications/providers/email.js +88 -0
package/dist/lib/notifications/providers/email.js.map +1 -0
package/dist/lib/notifications/providers/pagerduty.d.ts +16 -0
package/dist/lib/notifications/providers/pagerduty.d.ts.map +1 -0
package/dist/lib/notifications/providers/pagerduty.js +94 -0
package/dist/lib/notifications/providers/pagerduty.js.map +1 -0
package/dist/lib/notifications/providers/slack.d.ts +14 -0
package/dist/lib/notifications/providers/slack.d.ts.map +1 -0
package/dist/lib/notifications/providers/slack.js +106 -0
package/dist/lib/notifications/providers/slack.js.map +1 -0
package/dist/lib/notifications/providers/webhook.d.ts +16 -0
package/dist/lib/notifications/providers/webhook.d.ts.map +1 -0
package/dist/lib/notifications/providers/webhook.js +78 -0
package/dist/lib/notifications/providers/webhook.js.map +1 -0
package/dist/lib/notifications/router.d.ts +30 -0
package/dist/lib/notifications/router.d.ts.map +1 -0
package/dist/lib/notifications/router.js +137 -0
package/dist/lib/notifications/router.js.map +1 -0
package/dist/lib/notifications/ssrf.d.ts +13 -0
package/dist/lib/notifications/ssrf.d.ts.map +1 -0
package/dist/lib/notifications/ssrf.js +37 -0
package/dist/lib/notifications/ssrf.js.map +1 -0
package/dist/lib/optimization/analyzers/model-downgrade.d.ts +15 -0
package/dist/lib/optimization/analyzers/model-downgrade.d.ts.map +1 -0
package/dist/lib/optimization/analyzers/model-downgrade.js +58 -0
package/dist/lib/optimization/analyzers/model-downgrade.js.map +1 -0
package/dist/lib/optimization/analyzers/prompt-optimization.d.ts +17 -0
package/dist/lib/optimization/analyzers/prompt-optimization.d.ts.map +1 -0
package/dist/lib/optimization/analyzers/prompt-optimization.js +160 -0
package/dist/lib/optimization/analyzers/prompt-optimization.js.map +1 -0
package/dist/lib/optimization/analyzers/types.d.ts +23 -0
package/dist/lib/optimization/analyzers/types.d.ts.map +1 -0
package/dist/lib/optimization/analyzers/types.js +5 -0
package/dist/lib/optimization/analyzers/types.js.map +1 -0
package/dist/lib/optimization/classifier.d.ts +4 -3
package/dist/lib/optimization/classifier.d.ts.map +1 -1
package/dist/lib/optimization/classifier.js +15 -9
package/dist/lib/optimization/classifier.js.map +1 -1
package/dist/lib/optimization/cost-optimizer.d.ts +21 -0
package/dist/lib/optimization/cost-optimizer.d.ts.map +1 -0
package/dist/lib/optimization/cost-optimizer.js +114 -0
package/dist/lib/optimization/cost-optimizer.js.map +1 -0
package/dist/lib/optimization/engine.d.ts.map +1 -1
package/dist/lib/optimization/engine.js +45 -6
package/dist/lib/optimization/engine.js.map +1 -1
package/dist/lib/optimization/forecast.d.ts +39 -0
package/dist/lib/optimization/forecast.d.ts.map +1 -0
package/dist/lib/optimization/forecast.js +128 -0
package/dist/lib/optimization/forecast.js.map +1 -0
package/dist/lib/secrets.d.ts +30 -0
package/dist/lib/secrets.d.ts.map +1 -0
package/dist/lib/secrets.js +103 -0
package/dist/lib/secrets.js.map +1 -0
package/dist/lib/threshold-monitor.d.ts +53 -0
package/dist/lib/threshold-monitor.d.ts.map +1 -0
package/dist/lib/threshold-monitor.js +112 -0
package/dist/lib/threshold-monitor.js.map +1 -0
package/dist/middleware/audit.d.ts +16 -0
package/dist/middleware/audit.d.ts.map +1 -0
package/dist/middleware/audit.js +16 -0
package/dist/middleware/audit.js.map +1 -0
package/dist/middleware/auth-errors.d.ts +67 -0
package/dist/middleware/auth-errors.d.ts.map +1 -0
package/dist/middleware/auth-errors.js +84 -0
package/dist/middleware/auth-errors.js.map +1 -0
package/dist/middleware/auth.d.ts +5 -2
package/dist/middleware/auth.d.ts.map +1 -1
package/dist/middleware/auth.js +44 -17
package/dist/middleware/auth.js.map +1 -1
package/dist/middleware/body-limit.d.ts +9 -0
package/dist/middleware/body-limit.d.ts.map +1 -0
package/dist/middleware/body-limit.js +15 -0
package/dist/middleware/body-limit.js.map +1 -0
package/dist/middleware/cors-config.d.ts +30 -0
package/dist/middleware/cors-config.d.ts.map +1 -0
package/dist/middleware/cors-config.js +55 -0
package/dist/middleware/cors-config.js.map +1 -0
package/dist/middleware/rate-limit.d.ts +9 -0
package/dist/middleware/rate-limit.d.ts.map +1 -0
package/dist/middleware/rate-limit.js +56 -0
package/dist/middleware/rate-limit.js.map +1 -0
package/dist/middleware/rbac.d.ts +30 -0
package/dist/middleware/rbac.d.ts.map +1 -0
package/dist/middleware/rbac.js +87 -0
package/dist/middleware/rbac.js.map +1 -0
package/dist/middleware/security-headers.d.ts +12 -0
package/dist/middleware/security-headers.d.ts.map +1 -0
package/dist/middleware/security-headers.js +57 -0
package/dist/middleware/security-headers.js.map +1 -0
package/dist/middleware/unified-auth.d.ts +49 -0
package/dist/middleware/unified-auth.d.ts.map +1 -0
package/dist/middleware/unified-auth.js +246 -0
package/dist/middleware/unified-auth.js.map +1 -0
package/dist/middleware/validation.d.ts +31 -0
package/dist/middleware/validation.d.ts.map +1 -0
package/dist/middleware/validation.js +45 -0
package/dist/middleware/validation.js.map +1 -0
package/dist/routes/alerts.d.ts.map +1 -1
package/dist/routes/alerts.js +4 -3
package/dist/routes/alerts.js.map +1 -1
package/dist/routes/analytics.d.ts +2 -1
package/dist/routes/analytics.d.ts.map +1 -1
package/dist/routes/analytics.js +175 -95
package/dist/routes/analytics.js.map +1 -1
package/dist/routes/api-keys.d.ts +5 -0
package/dist/routes/api-keys.d.ts.map +1 -1
package/dist/routes/api-keys.js +89 -8
package/dist/routes/api-keys.js.map +1 -1
package/dist/routes/audit-verify.d.ts +12 -0
package/dist/routes/audit-verify.d.ts.map +1 -0
package/dist/routes/audit-verify.js +73 -0
package/dist/routes/audit-verify.js.map +1 -0
package/dist/routes/audit.d.ts +4 -6
package/dist/routes/audit.d.ts.map +1 -1
package/dist/routes/audit.js +54 -157
package/dist/routes/audit.js.map +1 -1
package/dist/routes/auth.d.ts +21 -0
package/dist/routes/auth.d.ts.map +1 -0
package/dist/routes/auth.js +235 -0
package/dist/routes/auth.js.map +1 -0
package/dist/routes/benchmarks.d.ts.map +1 -1
package/dist/routes/benchmarks.js +63 -11
package/dist/routes/benchmarks.js.map +1 -1
package/dist/routes/capabilities-top.d.ts.map +1 -1
package/dist/routes/capabilities-top.js +1 -4
package/dist/routes/capabilities-top.js.map +1 -1
package/dist/routes/capabilities.d.ts.map +1 -1
package/dist/routes/capabilities.js +1 -7
package/dist/routes/capabilities.js.map +1 -1
package/dist/routes/compliance.d.ts +17 -0
package/dist/routes/compliance.d.ts.map +1 -0
package/dist/routes/compliance.js +151 -0
package/dist/routes/compliance.js.map +1 -0
package/dist/routes/config.d.ts +1 -13
package/dist/routes/config.d.ts.map +1 -1
package/dist/routes/context.d.ts.map +1 -1
package/dist/routes/context.js +6 -5
package/dist/routes/context.js.map +1 -1
package/dist/routes/cost-budgets.d.ts +20 -0
package/dist/routes/cost-budgets.d.ts.map +1 -0
package/dist/routes/cost-budgets.js +194 -0
package/dist/routes/cost-budgets.js.map +1 -0
package/dist/routes/delegation.d.ts.map +1 -1
package/dist/routes/delegation.js +67 -41
package/dist/routes/delegation.js.map +1 -1
package/dist/routes/delegations-top.d.ts.map +1 -1
package/dist/routes/delegations-top.js +1 -3
package/dist/routes/delegations-top.js.map +1 -1
package/dist/routes/diagnose.d.ts +16 -0
package/dist/routes/diagnose.d.ts.map +1 -0
package/dist/routes/diagnose.js +82 -0
package/dist/routes/diagnose.js.map +1 -0
package/dist/routes/discovery.d.ts.map +1 -1
package/dist/routes/discovery.js +50 -38
package/dist/routes/discovery.js.map +1 -1
package/dist/routes/eval.d.ts +24 -0
package/dist/routes/eval.d.ts.map +1 -0
package/dist/routes/eval.js +281 -0
package/dist/routes/eval.js.map +1 -0
package/dist/routes/events.d.ts.map +1 -1
package/dist/routes/events.js +11 -6
package/dist/routes/events.js.map +1 -1
package/dist/routes/guardrails.d.ts +2 -1
package/dist/routes/guardrails.d.ts.map +1 -1
package/dist/routes/guardrails.js +85 -14
package/dist/routes/guardrails.js.map +1 -1
package/dist/routes/health.d.ts +14 -11
package/dist/routes/health.d.ts.map +1 -1
package/dist/routes/health.js +181 -61
package/dist/routes/health.js.map +1 -1
package/dist/routes/lore-proxy.d.ts +13 -0
package/dist/routes/lore-proxy.d.ts.map +1 -0
package/dist/routes/lore-proxy.js +229 -0
package/dist/routes/lore-proxy.js.map +1 -0
package/dist/routes/mesh-proxy.d.ts +7 -0
package/dist/routes/mesh-proxy.d.ts.map +1 -0
package/dist/routes/mesh-proxy.js +94 -0
package/dist/routes/mesh-proxy.js.map +1 -0
package/dist/routes/notifications.d.ts +19 -0
package/dist/routes/notifications.d.ts.map +1 -0
package/dist/routes/notifications.js +129 -0
package/dist/routes/notifications.js.map +1 -0
package/dist/routes/optimize.d.ts.map +1 -1
package/dist/routes/optimize.js +44 -0
package/dist/routes/optimize.js.map +1 -1
package/dist/routes/otlp.d.ts +17 -0
package/dist/routes/otlp.d.ts.map +1 -0
package/dist/routes/otlp.js +544 -0
package/dist/routes/otlp.js.map +1 -0
package/dist/routes/prompts.d.ts +21 -0
package/dist/routes/prompts.d.ts.map +1 -0
package/dist/routes/prompts.js +173 -0
package/dist/routes/prompts.js.map +1 -0
package/dist/routes/recall.d.ts.map +1 -1
package/dist/routes/recall.js +6 -4
package/dist/routes/recall.js.map +1 -1
package/dist/routes/replay.d.ts.map +1 -1
package/dist/routes/replay.js +2 -1
package/dist/routes/replay.js.map +1 -1
package/dist/routes/server-info.d.ts +9 -0
package/dist/routes/server-info.d.ts.map +1 -0
package/dist/routes/server-info.js +18 -0
package/dist/routes/server-info.js.map +1 -0
package/dist/routes/sessions.d.ts +7 -7
package/dist/routes/sessions.d.ts.map +1 -1
package/dist/routes/sessions.js +112 -35
package/dist/routes/sessions.js.map +1 -1
package/dist/routes/stats.d.ts.map +1 -1
package/dist/routes/stats.js +40 -0
package/dist/routes/stats.js.map +1 -1
package/dist/routes/stream.d.ts +2 -2
package/dist/routes/stream.d.ts.map +1 -1
package/dist/routes/stream.js +7 -11
package/dist/routes/stream.js.map +1 -1
package/dist/routes/tenant-helper.d.ts +15 -10
package/dist/routes/tenant-helper.d.ts.map +1 -1
package/dist/routes/tenant-helper.js +36 -22
package/dist/routes/tenant-helper.js.map +1 -1
package/dist/routes/trust.d.ts.map +1 -1
package/dist/routes/trust.js +1 -3
package/dist/routes/trust.js.map +1 -1
package/dist/schemas/api-keys.d.ts +11 -0
package/dist/schemas/api-keys.d.ts.map +1 -0
package/dist/schemas/api-keys.js +10 -0
package/dist/schemas/api-keys.js.map +1 -0
package/dist/schemas/common.d.ts +34 -0
package/dist/schemas/common.d.ts.map +1 -0
package/dist/schemas/common.js +43 -0
package/dist/schemas/common.js.map +1 -0
package/dist/schemas/delegation.d.ts +23 -0
package/dist/schemas/delegation.d.ts.map +1 -0
package/dist/schemas/delegation.js +22 -0
package/dist/schemas/delegation.js.map +1 -0
package/dist/schemas/discovery.d.ts +17 -0
package/dist/schemas/discovery.d.ts.map +1 -0
package/dist/schemas/discovery.js +15 -0
package/dist/schemas/discovery.js.map +1 -0
package/dist/schemas/health.d.ts +75 -0
package/dist/schemas/health.d.ts.map +1 -0
package/dist/schemas/health.js +55 -0
package/dist/schemas/health.js.map +1 -0
package/dist/schemas/index.d.ts +6 -0
package/dist/schemas/index.d.ts.map +1 -0
package/dist/schemas/index.js +6 -0
package/dist/schemas/index.js.map +1 -0
package/dist/schemas/sessions.d.ts +67 -0
package/dist/schemas/sessions.d.ts.map +1 -0
package/dist/schemas/sessions.js +58 -0
package/dist/schemas/sessions.js.map +1 -0
package/dist/services/delegation-service.d.ts +1 -4
package/dist/services/delegation-service.d.ts.map +1 -1
package/dist/services/delegation-service.js +5 -31
package/dist/services/delegation-service.js.map +1 -1
package/package.json +29 -19
package/dist/db/lesson-store.d.ts +0 -57
package/dist/db/lesson-store.d.ts.map +0 -1
package/dist/db/lesson-store.js +0 -217
package/dist/db/lesson-store.js.map +0 -1
package/dist/lib/embeddings/local.d.ts +0 -15
package/dist/lib/embeddings/local.d.ts.map +0 -1
package/dist/lib/embeddings/local.js +0 -65
package/dist/lib/embeddings/local.js.map +0 -1
package/dist/lib/redaction/human-review-layer.d.ts +0 -37
package/dist/lib/redaction/human-review-layer.d.ts.map +0 -1
package/dist/lib/redaction/human-review-layer.js +0 -62
package/dist/lib/redaction/human-review-layer.js.map +0 -1
package/dist/lib/redaction/index.d.ts +0 -12
package/dist/lib/redaction/index.d.ts.map +0 -1
package/dist/lib/redaction/index.js +0 -12
package/dist/lib/redaction/index.js.map +0 -1
package/dist/lib/redaction/pii-detection-layer.d.ts +0 -30
package/dist/lib/redaction/pii-detection-layer.d.ts.map +0 -1
package/dist/lib/redaction/pii-detection-layer.js +0 -183
package/dist/lib/redaction/pii-detection-layer.js.map +0 -1
package/dist/lib/redaction/pipeline.d.ts +0 -26
package/dist/lib/redaction/pipeline.d.ts.map +0 -1
package/dist/lib/redaction/pipeline.js +0 -91
package/dist/lib/redaction/pipeline.js.map +0 -1
package/dist/lib/redaction/secret-detection-layer.d.ts +0 -10
package/dist/lib/redaction/secret-detection-layer.d.ts.map +0 -1
package/dist/lib/redaction/secret-detection-layer.js +0 -79
package/dist/lib/redaction/secret-detection-layer.js.map +0 -1
package/dist/lib/redaction/secret-patterns.d.ts +0 -29
package/dist/lib/redaction/secret-patterns.d.ts.map +0 -1
package/dist/lib/redaction/secret-patterns.js +0 -133
package/dist/lib/redaction/secret-patterns.js.map +0 -1
package/dist/lib/redaction/semantic-denylist-layer.d.ts +0 -10
package/dist/lib/redaction/semantic-denylist-layer.d.ts.map +0 -1
package/dist/lib/redaction/semantic-denylist-layer.js +0 -64
package/dist/lib/redaction/semantic-denylist-layer.js.map +0 -1
package/dist/lib/redaction/tenant-deidentification-layer.d.ts +0 -10
package/dist/lib/redaction/tenant-deidentification-layer.d.ts.map +0 -1
package/dist/lib/redaction/tenant-deidentification-layer.js +0 -64
package/dist/lib/redaction/tenant-deidentification-layer.js.map +0 -1
package/dist/lib/redaction/url-path-scrubbing-layer.d.ts +0 -14
package/dist/lib/redaction/url-path-scrubbing-layer.d.ts.map +0 -1
package/dist/lib/redaction/url-path-scrubbing-layer.js +0 -156
package/dist/lib/redaction/url-path-scrubbing-layer.js.map +0 -1
package/dist/routes/community.d.ts +0 -24
package/dist/routes/community.d.ts.map +0 -1
package/dist/routes/community.js +0 -272
package/dist/routes/community.js.map +0 -1
package/dist/routes/lessons.d.ts +0 -19
package/dist/routes/lessons.d.ts.map +0 -1
package/dist/routes/lessons.js +0 -164
package/dist/routes/lessons.js.map +0 -1
package/dist/routes/redaction-test.d.ts +0 -14
package/dist/routes/redaction-test.d.ts.map +0 -1
package/dist/routes/redaction-test.js +0 -33
package/dist/routes/redaction-test.js.map +0 -1
package/dist/services/community-service.d.ts +0 -283
package/dist/services/community-service.d.ts.map +0 -1
package/dist/services/community-service.js +0 -816
package/dist/services/community-service.js.map +0 -1

package/dist/services/community-service.js DELETED Viewed

@@ -1,816 +0,0 @@
-/**
- * Community Sharing Service (Stories 4.1–4.3)
- *
- * Handles lesson sharing, search, configuration, and deny-list management.
- * Enforces hierarchical toggles: tenant OFF overrides agent ON.
- * Rate limiting: 50/hr per tenant. Audit log on every operation.
- */
-import { randomUUID, createHash } from 'node:crypto';
-import { eq, and } from 'drizzle-orm';
-import * as schema from '../db/schema.sqlite.js';
-import { AnonymousIdManager } from '../db/anonymous-id-manager.js';
-import { RedactionPipeline } from '../lib/redaction/pipeline.js';
-import { LessonStore } from '../db/lesson-store.js';
-import { LESSON_SHARING_CATEGORIES, createRawLessonContent } from '@agentlensai/core';
-/** In-memory transport for testing */
-export class LocalCommunityPoolTransport {
-    shared = [];
-    purgeTokens = new Map();
-    reputationEvents = [];
-    flags = [];
-    async share(data) {
-        const id = randomUUID();
-        this.shared.push({ id, ...data, reputationScore: 50, flagCount: 0, hidden: false });
-        return { id };
-    }
-    async search(data) {
-        let results = this.shared
-            .filter((l) => !l.hidden)
-            .map((lesson) => ({
-            lesson: {
-                id: lesson.id,
-                category: lesson.category,
-                title: lesson.title,
-                content: lesson.content,
-                reputationScore: lesson.reputationScore,
-                qualitySignals: lesson.qualitySignals ?? {},
-            },
-            similarity: cosineSimilarity(data.embedding, lesson.embedding),
-        }));
-        if (data.category) {
-            results = results.filter((r) => r.lesson.category === data.category);
-        }
-        if (data.minReputation !== undefined) {
-            results = results.filter((r) => r.lesson.reputationScore >= data.minReputation);
-        }
-        results.sort((a, b) => b.similarity - a.similarity);
-        return { results: results.slice(0, data.limit ?? 50) };
-    }
-    async registerPurgeToken(data) {
-        this.purgeTokens.set(data.anonymousContributorId, data.token);
-    }
-    async purge(data) {
-        // C2 FIX: Validate purge token before deleting
-        const storedToken = this.purgeTokens.get(data.anonymousContributorId);
-        if (!storedToken || storedToken !== data.token) {
-            throw new Error('Invalid purge token');
-        }
-        let deleted = 0;
-        for (let i = this.shared.length - 1; i >= 0; i--) {
-            if (this.shared[i].anonymousContributorId === data.anonymousContributorId) {
-                this.shared.splice(i, 1);
-                deleted++;
-            }
-        }
-        this.purgeTokens.delete(data.anonymousContributorId);
-        return { deleted };
-    }
-    async count(contributorId) {
-        return { count: this.shared.filter((l) => l.anonymousContributorId === contributorId).length };
-    }
-    async rate(data) {
-        // Check daily cap
-        const todayStart = Math.floor(Date.now() / 86400000) * 86400;
-        const todayVotes = this.reputationEvents.filter((e) => e.voterAnonymousId === data.voterAnonymousId && e.createdEpoch >= todayStart);
-        if (todayVotes.length >= 5) {
-            throw new Error('Daily rating cap exceeded');
-        }
-        this.reputationEvents.push({ ...data, createdEpoch: Math.floor(Date.now() / 1000) });
-        const lesson = this.shared.find((l) => l.id === data.lessonId);
-        if (!lesson)
-            throw new Error('Lesson not found');
-        const lessonEvents = this.reputationEvents.filter((e) => e.lessonId === data.lessonId);
-        const totalDelta = lessonEvents.reduce((sum, e) => sum + e.delta, 0);
-        lesson.reputationScore = 50 + totalDelta;
-        // Auto-hide below threshold
-        if (lesson.reputationScore < 20) {
-            lesson.hidden = true;
-        }
-        else {
-            lesson.hidden = false;
-        }
-        return { reputationScore: lesson.reputationScore };
-    }
-    async flag(data) {
-        // Check duplicate
-        if (this.flags.some((f) => f.lessonId === data.lessonId && f.reporterAnonymousId === data.reporterAnonymousId)) {
-            throw new Error('Already flagged');
-        }
-        this.flags.push({ ...data, createdEpoch: Math.floor(Date.now() / 1000) });
-        const lesson = this.shared.find((l) => l.id === data.lessonId);
-        if (!lesson)
-            throw new Error('Lesson not found');
-        const distinctReporters = new Set(this.flags.filter((f) => f.lessonId === data.lessonId).map((f) => f.reporterAnonymousId));
-        lesson.flagCount = distinctReporters.size;
-        if (distinctReporters.size >= 3) {
-            lesson.hidden = true;
-        }
-        return { flagCount: distinctReporters.size };
-    }
-    async getModerationQueue() {
-        return this.shared
-            .filter((l) => l.hidden || l.flagCount >= 3)
-            .map((l) => ({
-            lesson: {
-                id: l.id,
-                category: l.category,
-                title: l.title,
-                content: l.content,
-                reputationScore: l.reputationScore,
-                flagCount: l.flagCount,
-                hidden: l.hidden,
-            },
-        }));
-    }
-    async moderateLesson(lessonId, action) {
-        const lesson = this.shared.find((l) => l.id === lessonId);
-        if (!lesson)
-            return { success: false };
-        if (action === 'approve') {
-            lesson.hidden = false;
-            lesson.flagCount = 0;
-        }
-        else {
-            lesson.hidden = true;
-        }
-        return { success: true };
-    }
-}
-function cosineSimilarity(a, b) {
-    if (a.length !== b.length || a.length === 0)
-        return 0;
-    let dot = 0, magA = 0, magB = 0;
-    for (let i = 0; i < a.length; i++) {
-        dot += a[i] * b[i];
-        magA += a[i] * a[i];
-        magB += b[i] * b[i];
-    }
-    const denom = Math.sqrt(magA) * Math.sqrt(magB);
-    return denom === 0 ? 0 : dot / denom;
-}
-// ─── Simple TF-IDF Embedding ─────────────────────────────
-/** Compute a lightweight hash-based embedding for text */
-export function computeSimpleEmbedding(text, dimensions = 64) {
-    const words = text.toLowerCase().replace(/[^\w\s]/g, '').split(/\s+/).filter(Boolean);
-    const vec = new Float64Array(dimensions);
-    for (const word of words) {
-        const hash = createHash('md5').update(word).digest();
-        for (let i = 0; i < dimensions; i++) {
-            vec[i] += (hash[i % hash.length] - 128) / 128;
-        }
-    }
-    // Normalize
-    let mag = 0;
-    for (let i = 0; i < dimensions; i++)
-        mag += vec[i] * vec[i];
-    mag = Math.sqrt(mag);
-    if (mag > 0)
-        for (let i = 0; i < dimensions; i++)
-            vec[i] /= mag;
-    return Array.from(vec);
-}
-const RATE_WINDOW_MS = 3_600_000; // 1 hour
-const DEFAULT_RATE_LIMIT = 50;
-class SharingRateLimiter {
-    buckets = new Map();
-    check(key, limit = DEFAULT_RATE_LIMIT) {
-        const now = Date.now();
-        const bucket = this.buckets.get(key);
-        if (!bucket || now - bucket.windowStart >= RATE_WINDOW_MS) {
-            this.buckets.set(key, { count: 1, windowStart: now });
-            return true;
-        }
-        if (bucket.count >= limit)
-            return false;
-        bucket.count++;
-        return true;
-    }
-    reset() {
-        this.buckets.clear();
-    }
-}
-export class CommunityService {
-    db;
-    transport;
-    anonIdManager;
-    lessonStore;
-    redactionPipeline;
-    rateLimiter = new SharingRateLimiter();
-    now;
-    constructor(db, options) {
-        this.db = db;
-        this.transport = options.transport;
-        this.anonIdManager = new AnonymousIdManager(db, { now: options.now });
-        this.lessonStore = new LessonStore(db);
-        this.redactionPipeline = new RedactionPipeline(options.redactionConfig);
-        this.now = options.now ?? (() => new Date());
-    }
-    // ─── Sharing Config (tenant-level) ─────────────────
-    getSharingConfig(tenantId) {
-        const row = this.db
-            .select()
-            .from(schema.sharingConfig)
-            .where(eq(schema.sharingConfig.tenantId, tenantId))
-            .get();
-        if (row) {
-            return {
-                tenantId: row.tenantId,
-                enabled: row.enabled,
-                humanReviewEnabled: row.humanReviewEnabled,
-                poolEndpoint: row.poolEndpoint,
-                anonymousContributorId: row.anonymousContributorId,
-                purgeToken: row.purgeToken,
-                rateLimitPerHour: row.rateLimitPerHour,
-                volumeAlertThreshold: row.volumeAlertThreshold,
-                updatedAt: row.updatedAt,
-            };
-        }
-        return {
-            tenantId,
-            enabled: false,
-            humanReviewEnabled: false,
-            poolEndpoint: null,
-            anonymousContributorId: null,
-            purgeToken: null,
-            rateLimitPerHour: 50,
-            volumeAlertThreshold: 100,
-            updatedAt: new Date().toISOString(),
-        };
-    }
-    updateSharingConfig(tenantId, updates) {
-        const now = this.now().toISOString();
-        const existing = this.db
-            .select()
-            .from(schema.sharingConfig)
-            .where(eq(schema.sharingConfig.tenantId, tenantId))
-            .get();
-        if (existing) {
-            const setObj = { updatedAt: now };
-            if (updates.enabled !== undefined)
-                setObj.enabled = updates.enabled;
-            if (updates.humanReviewEnabled !== undefined)
-                setObj.humanReviewEnabled = updates.humanReviewEnabled;
-            if (updates.poolEndpoint !== undefined)
-                setObj.poolEndpoint = updates.poolEndpoint;
-            if (updates.anonymousContributorId !== undefined)
-                setObj.anonymousContributorId = updates.anonymousContributorId;
-            if (updates.purgeToken !== undefined)
-                setObj.purgeToken = updates.purgeToken;
-            if (updates.rateLimitPerHour !== undefined)
-                setObj.rateLimitPerHour = updates.rateLimitPerHour;
-            if (updates.volumeAlertThreshold !== undefined)
-                setObj.volumeAlertThreshold = updates.volumeAlertThreshold;
-            this.db.update(schema.sharingConfig).set(setObj).where(eq(schema.sharingConfig.tenantId, tenantId)).run();
-        }
-        else {
-            this.db.insert(schema.sharingConfig).values({
-                tenantId,
-                enabled: updates.enabled ?? false,
-                humanReviewEnabled: updates.humanReviewEnabled ?? false,
-                poolEndpoint: updates.poolEndpoint ?? null,
-                anonymousContributorId: updates.anonymousContributorId ?? null,
-                purgeToken: updates.purgeToken ?? null,
-                rateLimitPerHour: updates.rateLimitPerHour ?? 50,
-                volumeAlertThreshold: updates.volumeAlertThreshold ?? 100,
-                updatedAt: now,
-            }).run();
-        }
-        return this.getSharingConfig(tenantId);
-    }
-    // ─── Agent Sharing Config ──────────────────────────
-    getAgentSharingConfigs(tenantId) {
-        const rows = this.db
-            .select()
-            .from(schema.agentSharingConfig)
-            .where(eq(schema.agentSharingConfig.tenantId, tenantId))
-            .all();
-        return rows.map((row) => ({
-            tenantId: row.tenantId,
-            agentId: row.agentId,
-            enabled: row.enabled,
-            categories: JSON.parse(row.categories),
-            updatedAt: row.updatedAt,
-        }));
-    }
-    getStats(tenantId) {
-        const rows = this.db
-            .select()
-            .from(schema.sharingAuditLog)
-            .where(eq(schema.sharingAuditLog.tenantId, tenantId))
-            .all();
-        const shareEvents = rows.filter((r) => r.eventType === 'share');
-        const countShared = shareEvents.length;
-        const lastShared = shareEvents.length > 0
-            ? shareEvents.sort((a, b) => b.timestamp.localeCompare(a.timestamp))[0].timestamp
-            : null;
-        const auditSummary = {};
-        for (const row of rows) {
-            auditSummary[row.eventType] = (auditSummary[row.eventType] ?? 0) + 1;
-        }
-        return { countShared, lastShared, auditSummary };
-    }
-    getAgentSharingConfig(tenantId, agentId) {
-        const row = this.db
-            .select()
-            .from(schema.agentSharingConfig)
-            .where(and(eq(schema.agentSharingConfig.tenantId, tenantId), eq(schema.agentSharingConfig.agentId, agentId)))
-            .get();
-        if (row) {
-            return {
-                tenantId: row.tenantId,
-                agentId: row.agentId,
-                enabled: row.enabled,
-                categories: JSON.parse(row.categories),
-                updatedAt: row.updatedAt,
-            };
-        }
-        return {
-            tenantId,
-            agentId,
-            enabled: false,
-            categories: [],
-            updatedAt: new Date().toISOString(),
-        };
-    }
-    updateAgentSharingConfig(tenantId, agentId, updates) {
-        const now = this.now().toISOString();
-        const existing = this.db
-            .select()
-            .from(schema.agentSharingConfig)
-            .where(and(eq(schema.agentSharingConfig.tenantId, tenantId), eq(schema.agentSharingConfig.agentId, agentId)))
-            .get();
-        if (existing) {
-            const setObj = { updatedAt: now };
-            if (updates.enabled !== undefined)
-                setObj.enabled = updates.enabled;
-            if (updates.categories !== undefined)
-                setObj.categories = JSON.stringify(updates.categories);
-            this.db.update(schema.agentSharingConfig)
-                .set(setObj)
-                .where(and(eq(schema.agentSharingConfig.tenantId, tenantId), eq(schema.agentSharingConfig.agentId, agentId)))
-                .run();
-        }
-        else {
-            this.db.insert(schema.agentSharingConfig).values({
-                tenantId,
-                agentId,
-                enabled: updates.enabled ?? false,
-                categories: JSON.stringify(updates.categories ?? []),
-                updatedAt: now,
-            }).run();
-        }
-        return this.getAgentSharingConfig(tenantId, agentId);
-    }
-    // ─── Deny List CRUD ────────────────────────────────
-    getDenyList(tenantId) {
-        return this.db
-            .select()
-            .from(schema.denyListRules)
-            .where(eq(schema.denyListRules.tenantId, tenantId))
-            .all()
-            .map((r) => ({
-            id: r.id,
-            tenantId: r.tenantId,
-            pattern: r.pattern,
-            isRegex: r.isRegex,
-            reason: r.reason,
-            createdAt: r.createdAt,
-        }));
-    }
-    addDenyListRule(tenantId, pattern, isRegex, reason) {
-        const id = randomUUID();
-        const now = this.now().toISOString();
-        // Validate regex if isRegex
-        if (isRegex) {
-            try {
-                new RegExp(pattern);
-            }
-            catch {
-                throw new Error(`Invalid regex pattern: ${pattern}`);
-            }
-        }
-        this.db.insert(schema.denyListRules).values({
-            id,
-            tenantId,
-            pattern,
-            isRegex,
-            reason,
-            createdAt: now,
-        }).run();
-        return { id, tenantId, pattern, isRegex, reason, createdAt: now };
-    }
-    deleteDenyListRule(tenantId, ruleId) {
-        const result = this.db
-            .delete(schema.denyListRules)
-            .where(and(eq(schema.denyListRules.id, ruleId), eq(schema.denyListRules.tenantId, tenantId)))
-            .run();
-        return result.changes > 0;
-    }
-    // ─── Share (Story 4.1) ─────────────────────────────
-    async share(tenantId, lessonId, initiatedBy = 'system') {
-        // 1. Check tenant-level toggle (NO CACHING — always read from DB)
-        const tenantConfig = this.getSharingConfig(tenantId);
-        if (!tenantConfig.enabled) {
-            return { status: 'disabled', reason: 'Tenant sharing is disabled' };
-        }
-        // 2. Load lesson
-        const lesson = this.lessonStore.get(tenantId, lessonId);
-        if (!lesson) {
-            return { status: 'error', error: 'Lesson not found' };
-        }
-        // 3. Check agent-level toggle (hierarchical enforcement)
-        if (lesson.agentId) {
-            const agentConfig = this.getAgentSharingConfig(tenantId, lesson.agentId);
-            if (!agentConfig.enabled) {
-                return { status: 'disabled', reason: 'Agent sharing is disabled' };
-            }
-            // Check category-level toggle
-            const category = lesson.category;
-            if (agentConfig.categories.length > 0 && !agentConfig.categories.includes(category)) {
-                return { status: 'disabled', reason: `Category '${category}' is not enabled for this agent` };
-            }
-        }
-        // 4. Rate limiting
-        const rateLimit = tenantConfig.rateLimitPerHour || DEFAULT_RATE_LIMIT;
-        if (!this.rateLimiter.check(tenantId, rateLimit)) {
-            this.writeAuditLog(tenantId, {
-                eventType: 'rate',
-                lessonId,
-                initiatedBy,
-            });
-            return { status: 'rate_limited' };
-        }
-        // 5. Get deny list patterns for redaction context
-        const denyListRules = this.getDenyList(tenantId);
-        const denyListPatterns = denyListRules.map((r) => r.isRegex ? r.pattern : r.pattern);
-        // 6. Run redaction pipeline
-        const rawContent = createRawLessonContent(lesson.title, lesson.content, lesson.context ?? {});
-        const redactionResult = await this.redactionPipeline.process(rawContent, {
-            tenantId,
-            agentId: lesson.agentId,
-            category: lesson.category,
-            denyListPatterns,
-            knownTenantTerms: [],
-        });
-        if (redactionResult.status === 'blocked') {
-            this.writeAuditLog(tenantId, {
-                eventType: 'share',
-                lessonId,
-                initiatedBy,
-            });
-            return { status: 'blocked', reason: redactionResult.reason };
-        }
-        if (redactionResult.status === 'pending_review') {
-            this.writeAuditLog(tenantId, {
-                eventType: 'share',
-                lessonId,
-                initiatedBy,
-            });
-            return { status: 'pending_review', reviewId: redactionResult.reviewId };
-        }
-        if (redactionResult.status === 'error') {
-            return { status: 'error', error: redactionResult.error };
-        }
-        // 7. Generate anonymous contributor ID
-        const anonymousContributorId = this.anonIdManager.getOrRotateContributorId(tenantId);
-        // 7b. C2 FIX: Ensure purge token is registered with pool on first share
-        await this.ensurePurgeTokenRegistered(tenantId, anonymousContributorId);
-        // 8. Compute embedding
-        const redactedContent = redactionResult.content;
-        const embedding = computeSimpleEmbedding(`${redactedContent.title} ${redactedContent.content}`);
-        // 9. Send to pool
-        let poolResult;
-        try {
-            poolResult = await this.transport.share({
-                anonymousContributorId,
-                category: lesson.category,
-                title: redactedContent.title,
-                content: redactedContent.content,
-                embedding,
-                // C1 FIX: Do NOT send qualitySignals to pool — lesson.context may contain
-                // unredacted tenant-specific data that bypasses the redaction pipeline.
-                redactionApplied: true,
-                redactionFindingsCount: redactionResult.findings.length,
-            });
-        }
-        catch (err) {
-            return { status: 'error', error: err instanceof Error ? err.message : String(err) };
-        }
-        // 10. Write audit log
-        this.writeAuditLog(tenantId, {
-            eventType: 'share',
-            lessonId,
-            anonymousLessonId: poolResult.id,
-            redactionFindings: redactionResult.findings,
-            initiatedBy,
-        });
-        return {
-            status: 'shared',
-            anonymousLessonId: poolResult.id,
-            redactionFindings: redactionResult.findings,
-        };
-    }
-    // ─── C2 FIX: Purge Token Registration ──────────────
-    /**
-     * Ensure a purge token is registered with the pool for the given contributor ID.
-     * Creates and stores the token if one doesn't exist yet.
-     */
-    async ensurePurgeTokenRegistered(tenantId, contributorId) {
-        const config = this.getSharingConfig(tenantId);
-        let purgeToken = config.purgeToken;
-        if (!purgeToken) {
-            purgeToken = randomUUID();
-            this.updateSharingConfig(tenantId, { purgeToken });
-        }
-        // Register with pool if transport supports it
-        if (this.transport.registerPurgeToken) {
-            try {
-                await this.transport.registerPurgeToken({
-                    anonymousContributorId: contributorId,
-                    token: purgeToken,
-                });
-            }
-            catch {
-                // Non-fatal: purge registration failure shouldn't block sharing
-            }
-        }
-    }
-    // ─── Search (Story 4.2) ────────────────────────────
-    async search(tenantId, query, options, initiatedBy = 'system') {
-        const limit = Math.min(options?.limit ?? 50, 50);
-        const embedding = computeSimpleEmbedding(query);
-        const poolResult = await this.transport.search({
-            embedding,
-            category: options?.category,
-            minReputation: options?.minReputation,
-            limit,
-        });
-        // Strip any identifying metadata from results
-        const lessons = poolResult.results.map((r) => ({
-            id: r.lesson.id,
-            category: r.lesson.category,
-            title: r.lesson.title,
-            content: r.lesson.content,
-            reputationScore: r.lesson.reputationScore,
-            qualitySignals: r.lesson.qualitySignals ?? {},
-        }));
-        // Write audit log
-        this.writeAuditLog(tenantId, {
-            eventType: 'query',
-            queryText: query,
-            resultIds: lessons.map((l) => l.id),
-            initiatedBy,
-        });
-        return { lessons, total: lessons.length, query };
-    }
-    // ─── Kill Switch: Purge (Story 4.4) ────────────────
-    async purge(tenantId, confirmation, initiatedBy = 'admin') {
-        if (confirmation !== 'CONFIRM_PURGE') {
-            return { status: 'error', error: 'Confirmation required: pass "CONFIRM_PURGE"' };
-        }
-        // Get contributor ID from anonymous ID manager (same source as share())
-        const contributorId = this.anonIdManager.getOrRotateContributorId(tenantId);
-        const config = this.getSharingConfig(tenantId);
-        let purgeToken = config.purgeToken;
-        if (!purgeToken) {
-            // No purge token means no shares have happened — create one now for the purge call
-            purgeToken = randomUUID();
-            this.updateSharingConfig(tenantId, { purgeToken });
-            // Register with pool
-            if (this.transport.registerPurgeToken) {
-                try {
-                    await this.transport.registerPurgeToken({
-                        anonymousContributorId: contributorId,
-                        token: purgeToken,
-                    });
-                }
-                catch {
-                    // Non-fatal
-                }
-            }
-        }
-        try {
-            const result = await this.transport.purge({
-                anonymousContributorId: contributorId,
-                token: purgeToken,
-            });
-            // Retire old contributor ID by invalidating it (set validUntil to past)
-            // The next call to getOrRotateContributorId will create a new one
-            const pastIso = new Date(this.now().getTime() - 1000).toISOString();
-            // H4 FIX: agentId is stored hashed in the DB
-            const hashedContributorKey = createHash('sha256')
-                .update(`agentlens-anon-id-salt-v1:${tenantId}:__contributor__`)
-                .digest('hex');
-            this.db
-                .update(schema.anonymousIdMap)
-                .set({ validUntil: pastIso })
-                .where(and(eq(schema.anonymousIdMap.tenantId, tenantId), eq(schema.anonymousIdMap.agentId, hashedContributorKey)))
-                .run();
-            // Generate new purge token
-            const newPurgeToken = randomUUID();
-            this.updateSharingConfig(tenantId, {
-                enabled: false,
-                purgeToken: newPurgeToken,
-            });
-            this.writeAuditLog(tenantId, {
-                eventType: 'purge',
-                initiatedBy,
-            });
-            return { status: 'purged', deleted: result.deleted };
-        }
-        catch (err) {
-            return { status: 'error', error: err instanceof Error ? err.message : String(err) };
-        }
-    }
-    async verifyPurge(tenantId) {
-        const config = this.getSharingConfig(tenantId);
-        // Check with the OLD contributor ID — but since we retired it, we check the current one
-        // After purge, the config has a new ID, so we check the pool for lessons from this tenant
-        // The old ID is gone, new ID should have 0 lessons
-        const contributorId = config.anonymousContributorId;
-        if (!contributorId)
-            return { count: 0 };
-        return this.transport.count(contributorId);
-    }
-    // ─── Reputation: Rate (Story 4.4) ─────────────────
-    async rate(tenantId, lessonId, delta, reason, initiatedBy = 'system') {
-        // Get anonymous voter ID
-        const voterAnonymousId = this.anonIdManager.getOrRotateContributorId(tenantId);
-        try {
-            const result = await this.transport.rate({
-                lessonId,
-                voterAnonymousId,
-                delta,
-                reason,
-            });
-            this.writeAuditLog(tenantId, {
-                eventType: 'rate',
-                anonymousLessonId: lessonId,
-                initiatedBy,
-            });
-            return { status: 'rated', reputationScore: result.reputationScore };
-        }
-        catch (err) {
-            return { status: 'error', error: err instanceof Error ? err.message : String(err) };
-        }
-    }
-    // ─── Flagging (Story 4.5) ─────────────────────────
-    async flag(tenantId, lessonId, reason, initiatedBy = 'system') {
-        const reporterAnonymousId = this.anonIdManager.getOrRotateContributorId(tenantId);
-        try {
-            const result = await this.transport.flag({
-                lessonId,
-                reporterAnonymousId,
-                reason,
-            });
-            this.writeAuditLog(tenantId, {
-                eventType: 'flag',
-                anonymousLessonId: lessonId,
-                initiatedBy,
-            });
-            return { status: 'flagged', flagCount: result.flagCount };
-        }
-        catch (err) {
-            return { status: 'error', error: err instanceof Error ? err.message : String(err) };
-        }
-    }
-    // ─── Moderation (Story 4.5) ───────────────────────
-    async getModerationQueue() {
-        return this.transport.getModerationQueue();
-    }
-    async moderateLesson(lessonId, action) {
-        return this.transport.moderateLesson(lessonId, action);
-    }
-    // ─── Human Review Queue (Story 4.5) ───────────────
-    getReviewQueue(tenantId) {
-        const now = this.now().toISOString();
-        const rows = this.db
-            .select()
-            .from(schema.sharingReviewQueue)
-            .where(and(eq(schema.sharingReviewQueue.tenantId, tenantId), eq(schema.sharingReviewQueue.status, 'pending')))
-            .all();
-        // Filter out expired items and mark them expired
-        const result = [];
-        for (const row of rows) {
-            if (row.expiresAt <= now) {
-                // Mark as expired
-                this.db
-                    .update(schema.sharingReviewQueue)
-                    .set({ status: 'expired' })
-                    .where(eq(schema.sharingReviewQueue.id, row.id))
-                    .run();
-            }
-            else {
-                result.push({
-                    id: row.id,
-                    lessonId: row.lessonId,
-                    originalTitle: row.originalTitle,
-                    redactedTitle: row.redactedTitle,
-                    status: row.status,
-                    createdAt: row.createdAt,
-                    expiresAt: row.expiresAt,
-                });
-            }
-        }
-        return result;
-    }
-    async approveReviewItem(tenantId, reviewId, reviewedBy) {
-        const item = this.db
-            .select()
-            .from(schema.sharingReviewQueue)
-            .where(and(eq(schema.sharingReviewQueue.id, reviewId), eq(schema.sharingReviewQueue.tenantId, tenantId)))
-            .get();
-        if (!item)
-            return { status: 'error', error: 'Review item not found' };
-        if (item.status !== 'pending')
-            return { status: 'error', error: `Cannot approve item in status: ${item.status}` };
-        // Check expiry
-        if (item.expiresAt <= this.now().toISOString()) {
-            this.db
-                .update(schema.sharingReviewQueue)
-                .set({ status: 'expired' })
-                .where(eq(schema.sharingReviewQueue.id, reviewId))
-                .run();
-            return { status: 'error', error: 'Review item has expired' };
-        }
-        // Mark as approved
-        this.db
-            .update(schema.sharingReviewQueue)
-            .set({ status: 'approved', reviewedBy, reviewedAt: this.now().toISOString() })
-            .where(eq(schema.sharingReviewQueue.id, reviewId))
-            .run();
-        // Send to pool
-        const contributorId = this.anonIdManager.getOrRotateContributorId(tenantId);
-        const embedding = computeSimpleEmbedding(`${item.redactedTitle} ${item.redactedContent}`);
-        try {
-            await this.transport.share({
-                anonymousContributorId: contributorId,
-                category: 'general',
-                title: item.redactedTitle,
-                content: item.redactedContent,
-                embedding,
-            });
-        }
-        catch {
-            // Pool error shouldn't fail the approval
-        }
-        return { status: 'approved' };
-    }
-    async rejectReviewItem(tenantId, reviewId, reviewedBy) {
-        const item = this.db
-            .select()
-            .from(schema.sharingReviewQueue)
-            .where(and(eq(schema.sharingReviewQueue.id, reviewId), eq(schema.sharingReviewQueue.tenantId, tenantId)))
-            .get();
-        if (!item)
-            return { status: 'error', error: 'Review item not found' };
-        if (item.status !== 'pending')
-            return { status: 'error', error: `Cannot reject item in status: ${item.status}` };
-        this.db
-            .update(schema.sharingReviewQueue)
-            .set({ status: 'rejected', reviewedBy, reviewedAt: this.now().toISOString() })
-            .where(eq(schema.sharingReviewQueue.id, reviewId))
-            .run();
-        return { status: 'rejected' };
-    }
-    // ─── Audit Log ─────────────────────────────────────
-    writeAuditLog(tenantId, data) {
-        this.db.insert(schema.sharingAuditLog).values({
-            id: randomUUID(),
-            tenantId,
-            eventType: data.eventType,
-            lessonId: data.lessonId ?? null,
-            anonymousLessonId: data.anonymousLessonId ?? null,
-            lessonHash: null,
-            redactionFindings: data.redactionFindings ? JSON.stringify(data.redactionFindings) : null,
-            queryText: data.queryText ?? null,
-            resultIds: data.resultIds ? JSON.stringify(data.resultIds) : null,
-            poolEndpoint: null,
-            initiatedBy: data.initiatedBy,
-            timestamp: this.now().toISOString(),
-        }).run();
-    }
-    getAuditLog(tenantId, limit = 50) {
-        const rows = this.db
-            .select()
-            .from(schema.sharingAuditLog)
-            .where(eq(schema.sharingAuditLog.tenantId, tenantId))
-            .limit(limit)
-            .all();
-        return rows.map((r) => ({
-            id: r.id,
-            tenantId: r.tenantId,
-            eventType: r.eventType,
-            lessonId: r.lessonId ?? undefined,
-            anonymousLessonId: r.anonymousLessonId ?? undefined,
-            lessonHash: r.lessonHash ?? undefined,
-            redactionFindings: r.redactionFindings ? JSON.parse(r.redactionFindings) : undefined,
-            queryText: r.queryText ?? undefined,
-            resultIds: r.resultIds ? JSON.parse(r.resultIds) : undefined,
-            poolEndpoint: r.poolEndpoint ?? undefined,
-            initiatedBy: r.initiatedBy ?? 'system',
-            timestamp: r.timestamp,
-        }));
-    }
-}
-//# sourceMappingURL=community-service.js.map