@agentproto/governance-engine 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,132 @@
1
+ import { G as GovernanceConfig, I as IGovernanceFilesystem } from './workspace-config-vgR1Ieoo.js';
2
+ export { A as AnchorPayload, a as AnchorSink, D as DEFAULT_ANCHOR_EVERY_LINES, b as DirectoryEntry, N as NodeGovernanceFilesystem, d as defaultGovernanceFilesystem } from './workspace-config-vgR1Ieoo.js';
3
+ import { ActorKind, AuditEvent, SignerKind, SigningMethod, SignatureEvidence, Signature } from '@agentproto/governance/doctypes';
4
+ export { P as PendingSignatureEntry, a as PendingSignaturesIndex, b as addPendingSignatures, l as listPendingSignatures, c as loadPendingSignaturesIndex, r as removePendingSignature } from './pending-signatures-index-x8H36e9h.js';
5
+
6
+ /**
7
+ * `recordAuditEvent` — append a hash-chained audit event to the workspace's
8
+ * audit log.
9
+ *
10
+ * Scope is workspace-relative; defaults to the workspace-level log
11
+ * (`audit/audit-log.jsonl`). Per-engagement scope is the typical alternative
12
+ * (`engagements/<slug>/audit/audit-log.jsonl`).
13
+ *
14
+ * The function:
15
+ * 1. Reads the current log to find the last signature (or uses genesisSeed for the first line).
16
+ * 2. Composes the row, computes the chain signature.
17
+ * 3. Appends the JSONL line.
18
+ * 4. Optionally invokes the anchor sink if the line index crosses the cadence.
19
+ *
20
+ * Returns the recorded event with `prevSignature` and `signature` populated.
21
+ */
22
+ interface RecordAuditEventInput {
23
+ /**
24
+ * Where the log lives. Workspace-relative folder; the file is
25
+ * `<scope>/audit-log.jsonl`. Default: `audit` (workspace-level log).
26
+ *
27
+ * Example for engagement-scoped: `engagements/2026-acme/audit`
28
+ */
29
+ scopeDir?: string;
30
+ actorKind: ActorKind;
31
+ actorId: string | null;
32
+ entityType: string;
33
+ entityId: string;
34
+ /** "<entity>.<verb>" lowercase (e.g., `signature.created`). */
35
+ action: string;
36
+ payload?: Record<string, unknown>;
37
+ requestId?: string;
38
+ traceId?: string;
39
+ ipAddress?: string;
40
+ userAgent?: string;
41
+ /**
42
+ * Idempotency key. v1 stores it in `metadata.idempotencyKey` for inspection
43
+ * but does not yet dedup automatically (TODO: `_index/dispatched-keys.json`).
44
+ */
45
+ idempotencyKey?: string;
46
+ /** Override the timestamp; default is `new Date().toISOString()`. */
47
+ createdAt?: string;
48
+ /** Vendor extensions under metadata.<vendor>.* */
49
+ metadata?: Record<string, unknown>;
50
+ }
51
+ interface RecordAuditEventResult {
52
+ event: AuditEvent;
53
+ /** Workspace-relative path to the log file. */
54
+ logPath: string;
55
+ /** 0-based line index of the appended event. */
56
+ lineIndex: number;
57
+ /** True if an anchor was emitted on this append. */
58
+ anchored: boolean;
59
+ }
60
+ declare function recordAuditEvent(config: GovernanceConfig, input: RecordAuditEventInput): Promise<RecordAuditEventResult>;
61
+
62
+ /**
63
+ * `signArtifact` — write a signature.json file alongside an artifact and
64
+ * append a hash-chained audit-log entry.
65
+ *
66
+ * The signing method's evidence shape MUST match the top-level method.
67
+ * The document hash is ALWAYS computed from the artifact bytes on disk.
68
+ * Callers MAY supply `expectedDocumentHash` to assert what they believe
69
+ * the bytes are; if it doesn't match what we actually read, we reject.
70
+ * This closes the forgery primitive in earlier drafts where a caller
71
+ * could dictate the hash and produce a signature that didn't match the
72
+ * underlying file.
73
+ */
74
+ interface SignArtifactInput {
75
+ /** Workspace-relative path to the artifact being signed. */
76
+ artifactPath: string;
77
+ /** Canonical signer "<kind>:<slug>" (e.g., `operator:jeremy`, `counterparty:acme-corp`). */
78
+ signer: string;
79
+ signerKind: SignerKind;
80
+ signerEmail?: string;
81
+ method: SigningMethod;
82
+ evidence: SignatureEvidence;
83
+ /**
84
+ * Optional caller-asserted document hash. When provided, MUST equal the
85
+ * SHA-256 of the artifact bytes — otherwise `signArtifact` rejects.
86
+ * The recorded `documentHash` is always the value computed from bytes,
87
+ * never the caller-supplied assertion.
88
+ */
89
+ expectedDocumentHash?: string;
90
+ /** Override timestamp; default = now. */
91
+ signedAt?: string;
92
+ /** Idempotency key (recorded in audit-log entry). */
93
+ idempotencyKey?: string;
94
+ /** Vendor extensions under metadata.<vendor>.* */
95
+ metadata?: Record<string, unknown>;
96
+ }
97
+ interface SignArtifactResult {
98
+ signature: Signature;
99
+ /** Workspace-relative path to the signature.json file written. */
100
+ signaturePath: string;
101
+ /** Audit log entry summary. */
102
+ auditLogPath: string;
103
+ auditLineIndex: number;
104
+ }
105
+ declare function signArtifact(config: GovernanceConfig, input: SignArtifactInput): Promise<SignArtifactResult>;
106
+
107
+ /**
108
+ * Pure helpers (no FS) + thin adapter shims.
109
+ *
110
+ * The FS-bound legacy exports (`ensureDir`, `readFileIfExists`, `atomicWrite`,
111
+ * `appendLine`) are kept as thin wrappers over the default Node filesystem so
112
+ * external consumers continue to work; new code should prefer
113
+ * `getFilesystem(config)` from `./filesystem.js` and call the adapter directly.
114
+ */
115
+ /** Resolve the filesystem adapter from a GovernanceConfig (default = Node fs). */
116
+ declare function getFilesystem(config: GovernanceConfig): IGovernanceFilesystem;
117
+ /** Compute SHA-256 of UTF-8 string content, hex lowercase. */
118
+ declare function sha256Hex(content: string | Uint8Array): string;
119
+ /**
120
+ * Resolve a path against a root directory, rejecting paths that escape the
121
+ * root. The "root" is any base directory string — workspace, engagement
122
+ * subdir, external mount, etc. — not coupled to the workspace entity notion.
123
+ */
124
+ declare function resolveFromRoot(root: string, relPath: string): string;
125
+ /** Inverse of `resolveFromRoot`: forward-slash relative path, no leading "./". */
126
+ declare function toRelativePath(root: string, absPath: string): string;
127
+ declare function ensureDir(dirPath: string): Promise<void>;
128
+ declare function readFileIfExists(filePath: string): Promise<string | null>;
129
+ declare function atomicWrite(filePath: string, content: string): Promise<void>;
130
+ declare function appendLine(filePath: string, line: string): Promise<void>;
131
+
132
+ export { GovernanceConfig, IGovernanceFilesystem, type RecordAuditEventInput, type RecordAuditEventResult, type SignArtifactInput, type SignArtifactResult, appendLine, atomicWrite, ensureDir, getFilesystem, readFileIfExists, recordAuditEvent, resolveFromRoot, sha256Hex, signArtifact, toRelativePath };
package/dist/index.mjs ADDED
@@ -0,0 +1,4 @@
1
+ export { NodeGovernanceFilesystem, addPendingSignatures, appendLine, atomicWrite, defaultGovernanceFilesystem, ensureDir, getFilesystem, listPendingSignatures, loadPendingSignaturesIndex, readFileIfExists, recordAuditEvent, removePendingSignature, resolveFromRoot, sha256Hex, signArtifact, toRelativePath } from './chunk-P7TDNF2H.mjs';
2
+ export { DEFAULT_ANCHOR_EVERY_LINES } from './chunk-M7I5HTGN.mjs';
3
+ //# sourceMappingURL=index.mjs.map
4
+ //# sourceMappingURL=index.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":[],"names":[],"mappings":"","file":"index.mjs"}
@@ -0,0 +1,52 @@
1
+ import { G as GovernanceConfig } from './workspace-config-vgR1Ieoo.js';
2
+
3
+ /**
4
+ * `_index/pending-signatures.json` — regeneratable index keyed by signer.
5
+ *
6
+ * Source of truth: artifact frontmatter / sidecar files declaring
7
+ * `requiredSignatures`. This index is a cache for fast "what is awaiting
8
+ * my signature" queries; it can be rebuilt at any time by walking the
9
+ * workspace.
10
+ *
11
+ * Shape:
12
+ * ```json
13
+ * {
14
+ * "version": "1",
15
+ * "updatedAt": "2026-04-26T15:00:00.000Z",
16
+ * "bySigner": {
17
+ * "operator:founder": [
18
+ * {
19
+ * "artifactPath": "engagements/2026-acme/INVOICE.md",
20
+ * "deadline": "2026-05-15T17:00:00.000Z",
21
+ * "requestedAt": "2026-04-26T14:00:00.000Z"
22
+ * }
23
+ * ]
24
+ * }
25
+ * }
26
+ * ```
27
+ */
28
+ interface PendingSignatureEntry {
29
+ artifactPath: string;
30
+ deadline?: string;
31
+ requestedAt: string;
32
+ /** Method preferred for this signer. */
33
+ method?: string;
34
+ /** Optional weight (for weighted_threshold policies). */
35
+ weight?: number;
36
+ }
37
+ interface PendingSignaturesIndex {
38
+ version: "1";
39
+ updatedAt: string;
40
+ bySigner: Record<string, PendingSignatureEntry[]>;
41
+ }
42
+ declare function loadPendingSignaturesIndex(config: GovernanceConfig): Promise<PendingSignaturesIndex>;
43
+ declare function addPendingSignatures(config: GovernanceConfig, artifactPath: string, required: {
44
+ signer: string;
45
+ method?: string;
46
+ weight?: number;
47
+ deadline?: string;
48
+ }[], requestedAt?: string): Promise<PendingSignaturesIndex>;
49
+ declare function removePendingSignature(config: GovernanceConfig, signer: string, artifactPath: string): Promise<PendingSignaturesIndex>;
50
+ declare function listPendingSignatures(config: GovernanceConfig, signer: string): Promise<PendingSignatureEntry[]>;
51
+
52
+ export { type PendingSignatureEntry as P, type PendingSignaturesIndex as a, addPendingSignatures as b, loadPendingSignaturesIndex as c, listPendingSignatures as l, removePendingSignature as r };
@@ -0,0 +1,107 @@
1
+ import * as _agentproto_driver from '@agentproto/driver';
2
+ import { G as GovernanceConfig } from '../workspace-config-vgR1Ieoo.js';
3
+ import { P as PendingSignatureEntry } from '../pending-signatures-index-x8H36e9h.js';
4
+
5
+ /**
6
+ * AIP-30 PROVIDER for the four `governance.*` TOOL contracts.
7
+ *
8
+ * `kind: "builtin"` — runs in-process against `governanceConfig`
9
+ * injected via per-call context. No subprocess, no SDK package load,
10
+ * no network hop. Bodies are typed via `implementTool` — the compiler
11
+ * enforces shape match between each body and its contract's
12
+ * input/output/context generics, the same way Solidity's
13
+ * `MyToken is IERC20` enforces interface conformance.
14
+ *
15
+ * Each implementation here can be re-adapted to AI SDK or Mastra
16
+ * surfaces via `toAiSdkTool(impl, { context })` / `toMastraTool(...)`,
17
+ * so the same body powers `runTool({ candidates: [...] })` AND
18
+ * `streamText({ tools: { ... } })` AND `agent.stream({ tools: ... })`
19
+ * with no duplication.
20
+ */
21
+ declare const governanceProvider: _agentproto_driver.DriverHandle;
22
+
23
+ /**
24
+ * Provider body for the `governance.sign-artifact` TOOL contract.
25
+ *
26
+ * Bound to `signArtifactTool` via `implementTool` — input/context types
27
+ * flow from the contract handle's generics, so the body needs no manual
28
+ * casts. The matching `defineTool` handle in
29
+ * `tools/sign-artifact.tool.ts` carries only the contract (id, schemas,
30
+ * mutates, approval, riskLevel) per AIP-14.
31
+ */
32
+ declare const signArtifactBuiltin: _agentproto_driver.ToolImplementation<{
33
+ artifact: string;
34
+ signer: string;
35
+ signerKind: "external" | "operator" | "user" | "counterparty" | "agent";
36
+ method: "typed_name" | "agent_confirm" | "click_through" | "esign_external";
37
+ evidence: unknown;
38
+ signerEmail?: string | undefined;
39
+ expectedDocumentHash?: string | undefined;
40
+ idempotencyKey?: string | undefined;
41
+ }, {
42
+ signaturePath: string;
43
+ auditLogPath: string;
44
+ auditLineIndex: number;
45
+ documentHash: string;
46
+ }, {
47
+ governanceConfig: GovernanceConfig;
48
+ }>;
49
+
50
+ /**
51
+ * Provider body for the `governance.record-audit-event` TOOL contract.
52
+ * Bound via `implementTool` — typed input/context flow from the
53
+ * contract handle.
54
+ */
55
+ declare const recordAuditEventBuiltin: _agentproto_driver.ToolImplementation<{
56
+ actorKind: "operator" | "user" | "counterparty" | "agent" | "system";
57
+ actor: string | null;
58
+ entityType: string;
59
+ entity: string;
60
+ action: string;
61
+ scopeDir?: string | undefined;
62
+ payload?: Record<string, unknown> | undefined;
63
+ requestId?: string | undefined;
64
+ traceId?: string | undefined;
65
+ idempotencyKey?: string | undefined;
66
+ }, {
67
+ logPath: string;
68
+ lineIndex: number;
69
+ anchored: boolean;
70
+ signature: string;
71
+ }, {
72
+ governanceConfig: GovernanceConfig;
73
+ }>;
74
+
75
+ /**
76
+ * Provider body for the `governance.request-signatures` TOOL contract.
77
+ * Bound via `implementTool` — typed input/context flow from the
78
+ * contract handle.
79
+ */
80
+ declare const requestSignaturesBuiltin: _agentproto_driver.ToolImplementation<{
81
+ artifact: string;
82
+ requiredSignatures: {
83
+ signer: string;
84
+ method?: "typed_name" | "agent_confirm" | "click_through" | "esign_external" | undefined;
85
+ weight?: number | undefined;
86
+ deadline?: string | undefined;
87
+ }[];
88
+ }, {
89
+ added: number;
90
+ }, {
91
+ governanceConfig: GovernanceConfig;
92
+ }>;
93
+
94
+ /**
95
+ * Provider body for the `governance.list-pending-signatures` TOOL contract.
96
+ * Bound via `implementTool` — typed input/context flow from the
97
+ * contract handle.
98
+ */
99
+ declare const listPendingSignaturesBuiltin: _agentproto_driver.ToolImplementation<{
100
+ signer: string;
101
+ }, {
102
+ pending: PendingSignatureEntry[];
103
+ }, {
104
+ governanceConfig: GovernanceConfig;
105
+ }>;
106
+
107
+ export { governanceProvider, listPendingSignaturesBuiltin, recordAuditEventBuiltin, requestSignaturesBuiltin, signArtifactBuiltin };
@@ -0,0 +1,232 @@
1
+ import { listPendingSignatures, recordAuditEvent, addPendingSignatures, signArtifact } from '../chunk-P7TDNF2H.mjs';
2
+ import { listPendingSignaturesTool, recordAuditEventTool, requestSignaturesTool, signArtifactTool } from '../chunk-NXMY54BX.mjs';
3
+ import '../chunk-M7I5HTGN.mjs';
4
+ import { implementTool, defineDriver } from '@agentproto/driver';
5
+ import { defineRef, refMatchesCollection } from '@agentproto/ref';
6
+ import { ToolError } from '@agentproto/tool';
7
+
8
+ /**
9
+ * @agentproto/governance-engine v0.1.0-alpha
10
+ * Reference engine for agentgovernance/v1 — audit chain + sign artifact +
11
+ * pending-signatures index, all routed through IGovernanceFilesystem so the
12
+ * same code runs against Node fs, Supabase Storage, S3, or in-memory.
13
+ */
14
+ var listPendingSignaturesBuiltin = implementTool(
15
+ listPendingSignaturesTool,
16
+ async ({ input, context }) => {
17
+ if (!context?.governanceConfig) {
18
+ throw new ToolError({
19
+ code: "input_invalid",
20
+ message: "context.governanceConfig is required",
21
+ cause: { field: "context" }
22
+ });
23
+ }
24
+ let parsed;
25
+ try {
26
+ parsed = defineRef(input.signer);
27
+ } catch (err) {
28
+ throw new ToolError({
29
+ code: "input_invalid",
30
+ message: `signer: ${err.message}`,
31
+ cause: err
32
+ });
33
+ }
34
+ if (!refMatchesCollection(parsed.value, "identity")) {
35
+ throw new ToolError({
36
+ code: "input_invalid",
37
+ message: `signer: ref kind '${parsed.kind}' is not in the 'identity' collection`
38
+ });
39
+ }
40
+ const pending = await listPendingSignatures(
41
+ context.governanceConfig,
42
+ parsed.compact
43
+ );
44
+ return { pending };
45
+ }
46
+ );
47
+ function parseAndAssertCollection(refString, collection, field) {
48
+ let parsed;
49
+ try {
50
+ parsed = defineRef(refString);
51
+ } catch (err) {
52
+ throw new ToolError({
53
+ code: "input_invalid",
54
+ message: `${field}: ${err.message}`,
55
+ cause: err
56
+ });
57
+ }
58
+ if (!refMatchesCollection(parsed.value, collection)) {
59
+ throw new ToolError({
60
+ code: "input_invalid",
61
+ message: `${field}: ref kind '${parsed.kind}' is not in the '${collection}' collection`
62
+ });
63
+ }
64
+ return parsed;
65
+ }
66
+ function legacyArtifactPath(ref) {
67
+ if (ref.kind === "local" && typeof ref.path === "string") return ref.path;
68
+ throw new ToolError({
69
+ code: "input_invalid",
70
+ message: `artifact: only 'local' refs are supported by the v0.1 runtime \u2014 got '${ref.kind}'`
71
+ });
72
+ }
73
+ function legacySignerString(ref) {
74
+ if (ref.kind === "operator" && typeof ref.slug === "string")
75
+ return `operator:${ref.slug}`;
76
+ if (ref.kind === "user" && typeof ref.id === "string") return `user:${ref.id}`;
77
+ if (ref.kind === "persona" && typeof ref.id === "string")
78
+ return `persona:${ref.id}`;
79
+ if (ref.kind === "email" && typeof ref.address === "string")
80
+ return `counterparty:${ref.address}`;
81
+ throw new ToolError({
82
+ code: "input_invalid",
83
+ message: `signer: ref kind '${ref.kind}' has no legacy string mapping`
84
+ });
85
+ }
86
+ function parseLegacyIdentity(refString, field) {
87
+ const parsed = parseAndAssertCollection(refString, "identity", field);
88
+ return parsed.compact;
89
+ }
90
+
91
+ // src/provider/bodies/record-audit-event.body.ts
92
+ var recordAuditEventBuiltin = implementTool(
93
+ recordAuditEventTool,
94
+ async ({ input, context }) => {
95
+ if (!context?.governanceConfig) {
96
+ throw new ToolError({
97
+ code: "input_invalid",
98
+ message: "context.governanceConfig is required",
99
+ cause: { field: "context" }
100
+ });
101
+ }
102
+ let actorId = null;
103
+ if (input.actor !== null) {
104
+ actorId = parseLegacyIdentity(input.actor, "actor");
105
+ }
106
+ try {
107
+ defineRef(input.entity);
108
+ } catch (err) {
109
+ throw new ToolError({
110
+ code: "input_invalid",
111
+ message: `entity: ${err.message}`,
112
+ cause: err
113
+ });
114
+ }
115
+ const result = await recordAuditEvent(context.governanceConfig, {
116
+ ...input.scopeDir !== void 0 ? { scopeDir: input.scopeDir } : {},
117
+ actorKind: input.actorKind,
118
+ actorId,
119
+ entityType: input.entityType,
120
+ entityId: input.entity,
121
+ action: input.action,
122
+ ...input.payload !== void 0 ? { payload: input.payload } : {},
123
+ ...input.requestId !== void 0 ? { requestId: input.requestId } : {},
124
+ ...input.traceId !== void 0 ? { traceId: input.traceId } : {},
125
+ ...input.idempotencyKey !== void 0 ? { idempotencyKey: input.idempotencyKey } : {}
126
+ });
127
+ return {
128
+ logPath: result.logPath,
129
+ lineIndex: result.lineIndex,
130
+ anchored: result.anchored,
131
+ signature: result.event.signature
132
+ };
133
+ }
134
+ );
135
+ var requestSignaturesBuiltin = implementTool(
136
+ requestSignaturesTool,
137
+ async ({ input, context }) => {
138
+ if (!context?.governanceConfig) {
139
+ throw new ToolError({
140
+ code: "input_invalid",
141
+ message: "context.governanceConfig is required",
142
+ cause: { field: "context" }
143
+ });
144
+ }
145
+ const artifactRef = parseAndAssertCollection(
146
+ input.artifact,
147
+ "file",
148
+ "artifact"
149
+ );
150
+ const artifactPath = legacyArtifactPath(artifactRef.value);
151
+ const required = input.requiredSignatures.map((r) => {
152
+ const sigRef = parseAndAssertCollection(r.signer, "identity", "signer");
153
+ return {
154
+ signer: sigRef.compact,
155
+ ...r.method !== void 0 ? { method: r.method } : {},
156
+ ...r.weight !== void 0 ? { weight: r.weight } : {},
157
+ ...r.deadline !== void 0 ? { deadline: r.deadline } : {}
158
+ };
159
+ });
160
+ await addPendingSignatures(context.governanceConfig, artifactPath, required);
161
+ return { added: required.length };
162
+ }
163
+ );
164
+ var signArtifactBuiltin = implementTool(
165
+ signArtifactTool,
166
+ async ({ input, context }) => {
167
+ if (!context?.governanceConfig) {
168
+ throw new ToolError({
169
+ code: "input_invalid",
170
+ message: "context.governanceConfig is required",
171
+ cause: { field: "context" }
172
+ });
173
+ }
174
+ const artifactRef = parseAndAssertCollection(
175
+ input.artifact,
176
+ "file",
177
+ "artifact"
178
+ );
179
+ const signerRef = parseAndAssertCollection(
180
+ input.signer,
181
+ "identity",
182
+ "signer"
183
+ );
184
+ const artifactPath = legacyArtifactPath(artifactRef.value);
185
+ const signerLegacy = legacySignerString(signerRef.value);
186
+ const result = await signArtifact(context.governanceConfig, {
187
+ artifactPath,
188
+ signer: signerLegacy,
189
+ signerKind: input.signerKind,
190
+ ...input.signerEmail !== void 0 ? { signerEmail: input.signerEmail } : {},
191
+ method: input.method,
192
+ evidence: input.evidence,
193
+ ...input.expectedDocumentHash !== void 0 ? { expectedDocumentHash: input.expectedDocumentHash } : {},
194
+ ...input.idempotencyKey !== void 0 ? { idempotencyKey: input.idempotencyKey } : {}
195
+ });
196
+ return {
197
+ signaturePath: result.signaturePath,
198
+ auditLogPath: result.auditLogPath,
199
+ auditLineIndex: result.auditLineIndex,
200
+ documentHash: result.signature.documentHash
201
+ };
202
+ }
203
+ );
204
+
205
+ // src/provider/governance-provider.ts
206
+ var governanceProvider = defineDriver({
207
+ id: "governance-engine-builtin",
208
+ name: "Governance Runtime (built-in)",
209
+ description: "In-process implementation of the four AIP-7 governance contracts \u2014 signature creation, audit logging, pending-signatures index. Operates on a workspace root via `governanceConfig` injected from per-call context. No subprocess, no network egress; the host owns the filesystem boundary.",
210
+ version: "0.1.0",
211
+ kind: "builtin",
212
+ implements: [
213
+ { tool: "governance.sign-artifact", version: "0.1.0" },
214
+ { tool: "governance.record-audit-event", version: "0.1.0" },
215
+ { tool: "governance.request-signatures", version: "0.1.0" },
216
+ { tool: "governance.list-pending-signatures", version: "0.1.0" }
217
+ ],
218
+ // Typed bindings — each impl carries its contract handle, so
219
+ // `defineDriver` derives the execute map keys from `impl.tool.id`
220
+ // without the author restating them as strings. Drift between a
221
+ // body and its contract is a compile error.
222
+ implementations: [
223
+ signArtifactBuiltin,
224
+ recordAuditEventBuiltin,
225
+ requestSignaturesBuiltin,
226
+ listPendingSignaturesBuiltin
227
+ ]
228
+ });
229
+
230
+ export { governanceProvider, listPendingSignaturesBuiltin, recordAuditEventBuiltin, requestSignaturesBuiltin, signArtifactBuiltin };
231
+ //# sourceMappingURL=index.mjs.map
232
+ //# sourceMappingURL=index.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/provider/bodies/list-pending-signatures.body.ts","../../src/provider/helpers.ts","../../src/provider/bodies/record-audit-event.body.ts","../../src/provider/bodies/request-signatures.body.ts","../../src/provider/bodies/sign-artifact.body.ts","../../src/provider/governance-provider.ts"],"names":["defineRef","ToolError","refMatchesCollection","implementTool"],"mappings":";;;;;;;;;;;;;AAaO,IAAM,4BAAA,GAA+B,aAAA;AAAA,EAC1C,yBAAA;AAAA,EACA,OAAO,EAAE,KAAA,EAAO,OAAA,EAAQ,KAAM;AAC5B,IAAA,IAAI,CAAC,SAAS,gBAAA,EAAkB;AAC9B,MAAA,MAAM,IAAI,SAAA,CAAU;AAAA,QAClB,IAAA,EAAM,eAAA;AAAA,QACN,OAAA,EAAS,sCAAA;AAAA,QACT,KAAA,EAAO,EAAE,KAAA,EAAO,SAAA;AAAU,OAC3B,CAAA;AAAA,IACH;AAEA,IAAA,IAAI,MAAA;AACJ,IAAA,IAAI;AACF,MAAA,MAAA,GAAS,SAAA,CAAU,MAAM,MAAM,CAAA;AAAA,IACjC,SAAS,GAAA,EAAK;AACZ,MAAA,MAAM,IAAI,SAAA,CAAU;AAAA,QAClB,IAAA,EAAM,eAAA;AAAA,QACN,OAAA,EAAS,CAAA,QAAA,EAAY,GAAA,CAAc,OAAO,CAAA,CAAA;AAAA,QAC1C,KAAA,EAAO;AAAA,OACR,CAAA;AAAA,IACH;AACA,IAAA,IAAI,CAAC,oBAAA,CAAqB,MAAA,CAAO,KAAA,EAAO,UAAU,CAAA,EAAG;AACnD,MAAA,MAAM,IAAI,SAAA,CAAU;AAAA,QAClB,IAAA,EAAM,eAAA;AAAA,QACN,OAAA,EAAS,CAAA,kBAAA,EAAqB,MAAA,CAAO,IAAI,CAAA,qCAAA;AAAA,OAC1C,CAAA;AAAA,IACH;AACA,IAAA,MAAM,UAAU,MAAM,qBAAA;AAAA,MACpB,OAAA,CAAQ,gBAAA;AAAA,MACR,MAAA,CAAO;AAAA,KACT;AACA,IAAA,OAAO,EAAE,OAAA,EAAQ;AAAA,EACnB;AACF;AClCO,SAAS,wBAAA,CACd,SAAA,EACA,UAAA,EACA,KAAA,EAC8B;AAC9B,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACF,IAAA,MAAA,GAASA,UAAU,SAAS,CAAA;AAAA,EAC9B,SAAS,GAAA,EAAK;AACZ,IAAA,MAAM,IAAIC,SAAAA,CAAU;AAAA,MAClB,IAAA,EAAM,eAAA;AAAA,MACN,OAAA,EAAS,CAAA,EAAG,KAAK,CAAA,EAAA,EAAM,IAAc,OAAO,CAAA,CAAA;AAAA,MAC5C,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,EACH;AACA,EAAA,IAAI,CAACC,oBAAAA,CAAqB,MAAA,CAAO,KAAA,EAAO,UAAU,CAAA,EAAG;AACnD,IAAA,MAAM,IAAID,SAAAA,CAAU;AAAA,MAClB,IAAA,EAAM,eAAA;AAAA,MACN,SAAS,CAAA,EAAG,KAAK,eAAe,MAAA,CAAO,IAAI,oBAAoB,UAAU,CAAA,YAAA;AAAA,KAC1E,CAAA;AAAA,EACH;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,mBAAmB,GAAA,EAGxB;AACT,EAAA,IAAI,GAAA,CAAI,SAAS,OAAA,IAAW,OAAO,IAAI,IAAA,KAAS,QAAA,SAAiB,GAAA,CAAI,IAAA;AACrE,EAAA,MAAM,IAAIA,SAAAA,CAAU;AAAA,IAClB,IAAA,EAAM,eAAA;AAAA,IACN,OAAA,EAAS,CAAA,0EAAA,EAAwE,GAAA,CAAI,IAAI,CAAA,CAAA;AAAA,GAC1F,CAAA;AACH;AAEO,SAAS,mBAAmB,GAAA,EAGxB;AACT,EAAA,IAAI,GAAA,CAAI,IAAA,KAAS,UAAA,IAAc,OAAO,IAAI,IAAA,KAAS,QAAA;AACjD,IAAA,OAAO,CAAA,SAAA,EAAY,IAAI,IAAI,CAAA,CAAA;AAC7B,EAAA,IAAI,GAAA,CAAI,IAAA,KAAS,MAAA,IAAU,OAAO,GAAA,CAAI,OAAO,QAAA,EAAU,OAAO,CAAA,KAAA,EAAQ,GAAA,CAAI,EAAE,CAAA,CAAA;AAC5E,EAAA,IAAI,GAAA,CAAI,IAAA,KAAS,SAAA,IAAa,OAAO,IAAI,EAAA,KAAO,QAAA;AAC9C,IAAA,OAAO,CAAA,QAAA,EAAW,IAAI,EAAE,CAAA,CAAA;AAC1B,EAAA,IAAI,GAAA,CAAI,IAAA,KAAS,OAAA,IAAW,OAAO,IAAI,OAAA,KAAY,QAAA;AACjD,IAAA,OAAO,CAAA,aAAA,EAAgB,IAAI,OAAO,CAAA,CAAA;AACpC,EAAA,MAAM,IAAIA,SAAAA,CAAU;AAAA,IAClB,IAAA,EAAM,eAAA;AAAA,IACN,OAAA,EAAS,CAAA,kBAAA,EAAqB,GAAA,CAAI,IAAI,CAAA,8BAAA;AAAA,GACvC,CAAA;AACH;AAEO,SAAS,mBAAA,CAAoB,WAAmB,KAAA,EAAuB;AAC5E,EAAA,MAAM,MAAA,GAAS,wBAAA,CAAyB,SAAA,EAAW,UAAA,EAAY,KAAK,CAAA;AACpE,EAAA,OAAO,MAAA,CAAO,OAAA;AAChB;;;ACrDO,IAAM,uBAAA,GAA0BE,aAAAA;AAAA,EACrC,oBAAA;AAAA,EACA,OAAO,EAAE,KAAA,EAAO,OAAA,EAAQ,KAAM;AAC5B,IAAA,IAAI,CAAC,SAAS,gBAAA,EAAkB;AAC9B,MAAA,MAAM,IAAIF,SAAAA,CAAU;AAAA,QAClB,IAAA,EAAM,eAAA;AAAA,QACN,OAAA,EAAS,sCAAA;AAAA,QACT,KAAA,EAAO,EAAE,KAAA,EAAO,SAAA;AAAU,OAC3B,CAAA;AAAA,IACH;AAEA,IAAA,IAAI,OAAA,GAAyB,IAAA;AAC7B,IAAA,IAAI,KAAA,CAAM,UAAU,IAAA,EAAM;AACxB,MAAA,OAAA,GAAU,mBAAA,CAAoB,KAAA,CAAM,KAAA,EAAO,OAAO,CAAA;AAAA,IACpD;AACA,IAAA,IAAI;AACF,MAAAD,SAAAA,CAAU,MAAM,MAAM,CAAA;AAAA,IACxB,SAAS,GAAA,EAAK;AACZ,MAAA,MAAM,IAAIC,SAAAA,CAAU;AAAA,QAClB,IAAA,EAAM,eAAA;AAAA,QACN,OAAA,EAAS,CAAA,QAAA,EAAY,GAAA,CAAc,OAAO,CAAA,CAAA;AAAA,QAC1C,KAAA,EAAO;AAAA,OACR,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,MAAA,GAAS,MAAM,gBAAA,CAAiB,OAAA,CAAQ,gBAAA,EAAkB;AAAA,MAC9D,GAAI,MAAM,QAAA,KAAa,MAAA,GAAY,EAAE,QAAA,EAAU,KAAA,CAAM,QAAA,EAAS,GAAI,EAAC;AAAA,MACnE,WAAW,KAAA,CAAM,SAAA;AAAA,MACjB,OAAA;AAAA,MACA,YAAY,KAAA,CAAM,UAAA;AAAA,MAClB,UAAU,KAAA,CAAM,MAAA;AAAA,MAChB,QAAQ,KAAA,CAAM,MAAA;AAAA,MACd,GAAI,MAAM,OAAA,KAAY,MAAA,GAAY,EAAE,OAAA,EAAS,KAAA,CAAM,OAAA,EAAQ,GAAI,EAAC;AAAA,MAChE,GAAI,MAAM,SAAA,KAAc,MAAA,GAAY,EAAE,SAAA,EAAW,KAAA,CAAM,SAAA,EAAU,GAAI,EAAC;AAAA,MACtE,GAAI,MAAM,OAAA,KAAY,MAAA,GAAY,EAAE,OAAA,EAAS,KAAA,CAAM,OAAA,EAAQ,GAAI,EAAC;AAAA,MAChE,GAAI,MAAM,cAAA,KAAmB,MAAA,GACzB,EAAE,cAAA,EAAgB,KAAA,CAAM,cAAA,EAAe,GACvC;AAAC,KACN,CAAA;AAED,IAAA,OAAO;AAAA,MACL,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,WAAW,MAAA,CAAO,SAAA;AAAA,MAClB,UAAU,MAAA,CAAO,QAAA;AAAA,MACjB,SAAA,EAAW,OAAO,KAAA,CAAM;AAAA,KAC1B;AAAA,EACF;AACF;AChDO,IAAM,wBAAA,GAA2BE,aAAAA;AAAA,EACtC,qBAAA;AAAA,EACA,OAAO,EAAE,KAAA,EAAO,OAAA,EAAQ,KAAM;AAC5B,IAAA,IAAI,CAAC,SAAS,gBAAA,EAAkB;AAC9B,MAAA,MAAM,IAAIF,SAAAA,CAAU;AAAA,QAClB,IAAA,EAAM,eAAA;AAAA,QACN,OAAA,EAAS,sCAAA;AAAA,QACT,KAAA,EAAO,EAAE,KAAA,EAAO,SAAA;AAAU,OAC3B,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,WAAA,GAAc,wBAAA;AAAA,MAClB,KAAA,CAAM,QAAA;AAAA,MACN,MAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,YAAA,GAAe,kBAAA,CAAmB,WAAA,CAAY,KAAK,CAAA;AAEzD,IAAA,MAAM,QAAA,GAAW,KAAA,CAAM,kBAAA,CAAmB,GAAA,CAAI,CAAA,CAAA,KAAK;AACjD,MAAA,MAAM,MAAA,GAAS,wBAAA,CAAyB,CAAA,CAAE,MAAA,EAAQ,YAAY,QAAQ,CAAA;AACtE,MAAA,OAAO;AAAA,QACL,QAAQ,MAAA,CAAO,OAAA;AAAA,QACf,GAAI,EAAE,MAAA,KAAW,MAAA,GAAY,EAAE,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,GAAI,EAAC;AAAA,QACrD,GAAI,EAAE,MAAA,KAAW,MAAA,GAAY,EAAE,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,GAAI,EAAC;AAAA,QACrD,GAAI,EAAE,QAAA,KAAa,MAAA,GAAY,EAAE,QAAA,EAAU,CAAA,CAAE,QAAA,EAAS,GAAI;AAAC,OAC7D;AAAA,IACF,CAAC,CAAA;AAED,IAAA,MAAM,oBAAA,CAAqB,OAAA,CAAQ,gBAAA,EAAkB,YAAA,EAAc,QAAQ,CAAA;AAC3E,IAAA,OAAO,EAAE,KAAA,EAAO,QAAA,CAAS,MAAA,EAAO;AAAA,EAClC;AACF;ACvBO,IAAM,mBAAA,GAAsBE,aAAAA;AAAA,EACjC,gBAAA;AAAA,EACA,OAAO,EAAE,KAAA,EAAO,OAAA,EAAQ,KAAM;AAC5B,IAAA,IAAI,CAAC,SAAS,gBAAA,EAAkB;AAC9B,MAAA,MAAM,IAAIF,SAAAA,CAAU;AAAA,QAClB,IAAA,EAAM,eAAA;AAAA,QACN,OAAA,EAAS,sCAAA;AAAA,QACT,KAAA,EAAO,EAAE,KAAA,EAAO,SAAA;AAAU,OAC3B,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,WAAA,GAAc,wBAAA;AAAA,MAClB,KAAA,CAAM,QAAA;AAAA,MACN,MAAA;AAAA,MACA;AAAA,KACF;AACA,IAAA,MAAM,SAAA,GAAY,wBAAA;AAAA,MAChB,KAAA,CAAM,MAAA;AAAA,MACN,UAAA;AAAA,MACA;AAAA,KACF;AAGA,IAAA,MAAM,YAAA,GAAe,kBAAA,CAAmB,WAAA,CAAY,KAAK,CAAA;AACzD,IAAA,MAAM,YAAA,GAAe,kBAAA,CAAmB,SAAA,CAAU,KAAK,CAAA;AAEvD,IAAA,MAAM,MAAA,GAAS,MAAM,YAAA,CAAa,OAAA,CAAQ,gBAAA,EAAkB;AAAA,MAC1D,YAAA;AAAA,MACA,MAAA,EAAQ,YAAA;AAAA,MACR,YAAY,KAAA,CAAM,UAAA;AAAA,MAClB,GAAI,MAAM,WAAA,KAAgB,MAAA,GACtB,EAAE,WAAA,EAAa,KAAA,CAAM,WAAA,EAAY,GACjC,EAAC;AAAA,MACL,QAAQ,KAAA,CAAM,MAAA;AAAA,MACd,UAAU,KAAA,CAAM,QAAA;AAAA,MAChB,GAAI,MAAM,oBAAA,KAAyB,MAAA,GAC/B,EAAE,oBAAA,EAAsB,KAAA,CAAM,oBAAA,EAAqB,GACnD,EAAC;AAAA,MACL,GAAI,MAAM,cAAA,KAAmB,MAAA,GACzB,EAAE,cAAA,EAAgB,KAAA,CAAM,cAAA,EAAe,GACvC;AAAC,KACN,CAAA;AAED,IAAA,OAAO;AAAA,MACL,eAAe,MAAA,CAAO,aAAA;AAAA,MACtB,cAAc,MAAA,CAAO,YAAA;AAAA,MACrB,gBAAgB,MAAA,CAAO,cAAA;AAAA,MACvB,YAAA,EAAc,OAAO,SAAA,CAAU;AAAA,KACjC;AAAA,EACF;AACF;;;AC/CO,IAAM,qBAAqB,YAAA,CAAa;AAAA,EAC7C,EAAA,EAAI,2BAAA;AAAA,EACJ,IAAA,EAAM,+BAAA;AAAA,EACN,WAAA,EACE,mSAAA;AAAA,EAIF,OAAA,EAAS,OAAA;AAAA,EACT,IAAA,EAAM,SAAA;AAAA,EACN,UAAA,EAAY;AAAA,IACV,EAAE,IAAA,EAAM,0BAAA,EAA4B,OAAA,EAAS,OAAA,EAAQ;AAAA,IACrD,EAAE,IAAA,EAAM,+BAAA,EAAiC,OAAA,EAAS,OAAA,EAAQ;AAAA,IAC1D,EAAE,IAAA,EAAM,+BAAA,EAAiC,OAAA,EAAS,OAAA,EAAQ;AAAA,IAC1D,EAAE,IAAA,EAAM,oCAAA,EAAsC,OAAA,EAAS,OAAA;AAAQ,GACjE;AAAA;AAAA;AAAA;AAAA;AAAA,EAKA,eAAA,EAAiB;AAAA,IACf,mBAAA;AAAA,IACA,uBAAA;AAAA,IACA,wBAAA;AAAA,IACA;AAAA;AAEJ,CAAC","file":"index.mjs","sourcesContent":["/**\n * Provider body for the `governance.list-pending-signatures` TOOL contract.\n * Bound via `implementTool` — typed input/context flow from the\n * contract handle.\n */\n\nimport { defineRef, refMatchesCollection } from \"@agentproto/ref\"\nimport { ToolError } from \"@agentproto/tool\"\nimport { implementTool } from \"@agentproto/driver\"\n\nimport { listPendingSignatures } from \"../../pending-signatures-index.js\"\nimport { listPendingSignaturesTool } from \"../../tools/list-pending-signatures.tool.js\"\n\nexport const listPendingSignaturesBuiltin = implementTool(\n listPendingSignaturesTool,\n async ({ input, context }) => {\n if (!context?.governanceConfig) {\n throw new ToolError({\n code: \"input_invalid\",\n message: \"context.governanceConfig is required\",\n cause: { field: \"context\" },\n })\n }\n\n let parsed\n try {\n parsed = defineRef(input.signer)\n } catch (err) {\n throw new ToolError({\n code: \"input_invalid\",\n message: `signer: ${(err as Error).message}`,\n cause: err,\n })\n }\n if (!refMatchesCollection(parsed.value, \"identity\")) {\n throw new ToolError({\n code: \"input_invalid\",\n message: `signer: ref kind '${parsed.kind}' is not in the 'identity' collection`,\n })\n }\n const pending = await listPendingSignatures(\n context.governanceConfig,\n parsed.compact\n )\n return { pending }\n }\n)\n","/**\n * Shared Ref-parsing helpers used by every governance provider body.\n *\n * The bodies accept AIP-27 `Ref` compact strings on the contract surface\n * and bridge to the legacy string forms the v0.1 runtime helpers\n * (`signArtifact`, `recordAuditEvent`, …) still consume. The bridge\n * goes away when the doctype schemas migrate to native Ref objects (M1.5).\n */\n\nimport { defineRef, refMatchesCollection } from \"@agentproto/ref\"\nimport { ToolError } from \"@agentproto/tool\"\n\nexport function parseAndAssertCollection(\n refString: string,\n collection: string,\n field: string\n): ReturnType<typeof defineRef> {\n let parsed\n try {\n parsed = defineRef(refString)\n } catch (err) {\n throw new ToolError({\n code: \"input_invalid\",\n message: `${field}: ${(err as Error).message}`,\n cause: err,\n })\n }\n if (!refMatchesCollection(parsed.value, collection)) {\n throw new ToolError({\n code: \"input_invalid\",\n message: `${field}: ref kind '${parsed.kind}' is not in the '${collection}' collection`,\n })\n }\n return parsed\n}\n\nexport function legacyArtifactPath(ref: {\n kind: string\n [key: string]: unknown\n}): string {\n if (ref.kind === \"local\" && typeof ref.path === \"string\") return ref.path\n throw new ToolError({\n code: \"input_invalid\",\n message: `artifact: only 'local' refs are supported by the v0.1 runtime — got '${ref.kind}'`,\n })\n}\n\nexport function legacySignerString(ref: {\n kind: string\n [key: string]: unknown\n}): string {\n if (ref.kind === \"operator\" && typeof ref.slug === \"string\")\n return `operator:${ref.slug}`\n if (ref.kind === \"user\" && typeof ref.id === \"string\") return `user:${ref.id}`\n if (ref.kind === \"persona\" && typeof ref.id === \"string\")\n return `persona:${ref.id}`\n if (ref.kind === \"email\" && typeof ref.address === \"string\")\n return `counterparty:${ref.address}`\n throw new ToolError({\n code: \"input_invalid\",\n message: `signer: ref kind '${ref.kind}' has no legacy string mapping`,\n })\n}\n\nexport function parseLegacyIdentity(refString: string, field: string): string {\n const parsed = parseAndAssertCollection(refString, \"identity\", field)\n return parsed.compact\n}\n","/**\n * Provider body for the `governance.record-audit-event` TOOL contract.\n * Bound via `implementTool` — typed input/context flow from the\n * contract handle.\n */\n\nimport { defineRef } from \"@agentproto/ref\"\nimport { ToolError } from \"@agentproto/tool\"\nimport { implementTool } from \"@agentproto/driver\"\n\nimport { recordAuditEvent } from \"../../audit-chain.js\"\nimport { recordAuditEventTool } from \"../../tools/record-audit-event.tool.js\"\nimport { parseLegacyIdentity } from \"../helpers.js\"\n\nexport const recordAuditEventBuiltin = implementTool(\n recordAuditEventTool,\n async ({ input, context }) => {\n if (!context?.governanceConfig) {\n throw new ToolError({\n code: \"input_invalid\",\n message: \"context.governanceConfig is required\",\n cause: { field: \"context\" },\n })\n }\n\n let actorId: string | null = null\n if (input.actor !== null) {\n actorId = parseLegacyIdentity(input.actor, \"actor\")\n }\n try {\n defineRef(input.entity)\n } catch (err) {\n throw new ToolError({\n code: \"input_invalid\",\n message: `entity: ${(err as Error).message}`,\n cause: err,\n })\n }\n\n const result = await recordAuditEvent(context.governanceConfig, {\n ...(input.scopeDir !== undefined ? { scopeDir: input.scopeDir } : {}),\n actorKind: input.actorKind,\n actorId,\n entityType: input.entityType,\n entityId: input.entity,\n action: input.action,\n ...(input.payload !== undefined ? { payload: input.payload } : {}),\n ...(input.requestId !== undefined ? { requestId: input.requestId } : {}),\n ...(input.traceId !== undefined ? { traceId: input.traceId } : {}),\n ...(input.idempotencyKey !== undefined\n ? { idempotencyKey: input.idempotencyKey }\n : {}),\n })\n\n return {\n logPath: result.logPath,\n lineIndex: result.lineIndex,\n anchored: result.anchored,\n signature: result.event.signature,\n }\n }\n)\n","/**\n * Provider body for the `governance.request-signatures` TOOL contract.\n * Bound via `implementTool` — typed input/context flow from the\n * contract handle.\n */\n\nimport { ToolError } from \"@agentproto/tool\"\nimport { implementTool } from \"@agentproto/driver\"\n\nimport { addPendingSignatures } from \"../../pending-signatures-index.js\"\nimport { requestSignaturesTool } from \"../../tools/request-signatures.tool.js\"\nimport { legacyArtifactPath, parseAndAssertCollection } from \"../helpers.js\"\n\nexport const requestSignaturesBuiltin = implementTool(\n requestSignaturesTool,\n async ({ input, context }) => {\n if (!context?.governanceConfig) {\n throw new ToolError({\n code: \"input_invalid\",\n message: \"context.governanceConfig is required\",\n cause: { field: \"context\" },\n })\n }\n\n const artifactRef = parseAndAssertCollection(\n input.artifact,\n \"file\",\n \"artifact\"\n )\n const artifactPath = legacyArtifactPath(artifactRef.value)\n\n const required = input.requiredSignatures.map(r => {\n const sigRef = parseAndAssertCollection(r.signer, \"identity\", \"signer\")\n return {\n signer: sigRef.compact,\n ...(r.method !== undefined ? { method: r.method } : {}),\n ...(r.weight !== undefined ? { weight: r.weight } : {}),\n ...(r.deadline !== undefined ? { deadline: r.deadline } : {}),\n }\n })\n\n await addPendingSignatures(context.governanceConfig, artifactPath, required)\n return { added: required.length }\n }\n)\n","/**\n * Provider body for the `governance.sign-artifact` TOOL contract.\n *\n * Bound to `signArtifactTool` via `implementTool` — input/context types\n * flow from the contract handle's generics, so the body needs no manual\n * casts. The matching `defineTool` handle in\n * `tools/sign-artifact.tool.ts` carries only the contract (id, schemas,\n * mutates, approval, riskLevel) per AIP-14.\n */\n\nimport { ToolError } from \"@agentproto/tool\"\nimport { implementTool } from \"@agentproto/driver\"\n\nimport { signArtifact } from \"../../sign-artifact.js\"\nimport { signArtifactTool } from \"../../tools/sign-artifact.tool.js\"\nimport {\n legacyArtifactPath,\n legacySignerString,\n parseAndAssertCollection,\n} from \"../helpers.js\"\n\nexport const signArtifactBuiltin = implementTool(\n signArtifactTool,\n async ({ input, context }) => {\n if (!context?.governanceConfig) {\n throw new ToolError({\n code: \"input_invalid\",\n message: \"context.governanceConfig is required\",\n cause: { field: \"context\" },\n })\n }\n\n const artifactRef = parseAndAssertCollection(\n input.artifact,\n \"file\",\n \"artifact\"\n )\n const signerRef = parseAndAssertCollection(\n input.signer,\n \"identity\",\n \"signer\"\n )\n\n // Bridge to legacy runtime input (string forms). M1.5 makes this go away.\n const artifactPath = legacyArtifactPath(artifactRef.value)\n const signerLegacy = legacySignerString(signerRef.value)\n\n const result = await signArtifact(context.governanceConfig, {\n artifactPath,\n signer: signerLegacy,\n signerKind: input.signerKind,\n ...(input.signerEmail !== undefined\n ? { signerEmail: input.signerEmail }\n : {}),\n method: input.method,\n evidence: input.evidence as never,\n ...(input.expectedDocumentHash !== undefined\n ? { expectedDocumentHash: input.expectedDocumentHash }\n : {}),\n ...(input.idempotencyKey !== undefined\n ? { idempotencyKey: input.idempotencyKey }\n : {}),\n })\n\n return {\n signaturePath: result.signaturePath,\n auditLogPath: result.auditLogPath,\n auditLineIndex: result.auditLineIndex,\n documentHash: result.signature.documentHash,\n }\n }\n)\n","/**\n * AIP-30 PROVIDER for the four `governance.*` TOOL contracts.\n *\n * `kind: \"builtin\"` — runs in-process against `governanceConfig`\n * injected via per-call context. No subprocess, no SDK package load,\n * no network hop. Bodies are typed via `implementTool` — the compiler\n * enforces shape match between each body and its contract's\n * input/output/context generics, the same way Solidity's\n * `MyToken is IERC20` enforces interface conformance.\n *\n * Each implementation here can be re-adapted to AI SDK or Mastra\n * surfaces via `toAiSdkTool(impl, { context })` / `toMastraTool(...)`,\n * so the same body powers `runTool({ candidates: [...] })` AND\n * `streamText({ tools: { ... } })` AND `agent.stream({ tools: ... })`\n * with no duplication.\n */\n\nimport { defineDriver } from \"@agentproto/driver\"\n\nimport { listPendingSignaturesBuiltin } from \"./bodies/list-pending-signatures.body.js\"\nimport { recordAuditEventBuiltin } from \"./bodies/record-audit-event.body.js\"\nimport { requestSignaturesBuiltin } from \"./bodies/request-signatures.body.js\"\nimport { signArtifactBuiltin } from \"./bodies/sign-artifact.body.js\"\n\nexport const governanceProvider = defineDriver({\n id: \"governance-engine-builtin\",\n name: \"Governance Runtime (built-in)\",\n description:\n \"In-process implementation of the four AIP-7 governance contracts — \" +\n \"signature creation, audit logging, pending-signatures index. Operates \" +\n \"on a workspace root via `governanceConfig` injected from per-call context. \" +\n \"No subprocess, no network egress; the host owns the filesystem boundary.\",\n version: \"0.1.0\",\n kind: \"builtin\",\n implements: [\n { tool: \"governance.sign-artifact\", version: \"0.1.0\" },\n { tool: \"governance.record-audit-event\", version: \"0.1.0\" },\n { tool: \"governance.request-signatures\", version: \"0.1.0\" },\n { tool: \"governance.list-pending-signatures\", version: \"0.1.0\" },\n ],\n // Typed bindings — each impl carries its contract handle, so\n // `defineDriver` derives the execute map keys from `impl.tool.id`\n // without the author restating them as strings. Drift between a\n // body and its contract is a compile error.\n implementations: [\n signArtifactBuiltin,\n recordAuditEventBuiltin,\n requestSignaturesBuiltin,\n listPendingSignaturesBuiltin,\n ],\n})\n"]}