@agentproto/governance 0.1.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTGOVERNANCE.md +489 -0
- package/LICENSE +21 -0
- package/README.md +113 -0
- package/dist/chunk-5G463T6C.mjs +3 -0
- package/dist/chunk-5G463T6C.mjs.map +1 -0
- package/dist/chunk-7GHDRKSD.mjs +3 -0
- package/dist/chunk-7GHDRKSD.mjs.map +1 -0
- package/dist/chunk-J2DX2WOA.mjs +266 -0
- package/dist/chunk-J2DX2WOA.mjs.map +1 -0
- package/dist/chunk-UVBFLWSG.mjs +137 -0
- package/dist/chunk-UVBFLWSG.mjs.map +1 -0
- package/dist/chunk-VWEBMWO2.mjs +149 -0
- package/dist/chunk-VWEBMWO2.mjs.map +1 -0
- package/dist/doctypes/index.d.ts +167 -0
- package/dist/doctypes/index.mjs +4 -0
- package/dist/doctypes/index.mjs.map +1 -0
- package/dist/hash-chain/index.d.ts +40 -0
- package/dist/hash-chain/index.mjs +4 -0
- package/dist/hash-chain/index.mjs.map +1 -0
- package/dist/index.d.ts +31 -0
- package/dist/index.mjs +19 -0
- package/dist/index.mjs.map +1 -0
- package/dist/policy/index.d.ts +104 -0
- package/dist/policy/index.mjs +82 -0
- package/dist/policy/index.mjs.map +1 -0
- package/dist/policy-YqpSg3Ep.d.ts +146 -0
- package/dist/renderers/index.d.ts +73 -0
- package/dist/renderers/index.mjs +64 -0
- package/dist/renderers/index.mjs.map +1 -0
- package/dist/validators/index.d.ts +61 -0
- package/dist/validators/index.mjs +5 -0
- package/dist/validators/index.mjs.map +1 -0
- package/dist/verify-e_UfVr02.d.ts +50 -0
- package/package.json +97 -0
- package/src/spec/canvakit-templates/governance.signing-portal/template.canvakit.html +100 -0
|
@@ -0,0 +1,167 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
export { P as POLICY_THRESHOLD, a as Policy, b as PolicyAppliesTo, c as PolicyCap, d as PolicyEscalation, e as PolicyFrontmatter, f as PolicyThreshold, R as RequiredSigner, p as policyAppliesToSchema, g as policyCapSchema, h as policyDirname, i as policyEscalationSchema, j as policyFrontmatterSchema, k as policyThresholdSchema, r as requiredSignerSchema } from '../policy-YqpSg3Ep.js';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* agentgovernance/v1 — `signature.json` doctype.
|
|
6
|
+
*
|
|
7
|
+
* Universal approval primitive. Every approval — of an agreement, deliverable,
|
|
8
|
+
* invoice, policy override, agent-issued action, etc. — is a signature on an
|
|
9
|
+
* artifact, recorded as a `<artifact-path>/../signatures/<signer>-<isoDate>.signature.json`
|
|
10
|
+
* file alongside the artifact being signed.
|
|
11
|
+
*
|
|
12
|
+
* One file = one signature event. Signatures are append-only; revocation
|
|
13
|
+
* writes a new file (or updates `revokedAt` if same signer re-issues).
|
|
14
|
+
*/
|
|
15
|
+
declare const SIGNER_KIND: readonly ["operator", "user", "counterparty", "agent", "external"];
|
|
16
|
+
declare const signerKindSchema: z.ZodEnum<{
|
|
17
|
+
operator: "operator";
|
|
18
|
+
user: "user";
|
|
19
|
+
counterparty: "counterparty";
|
|
20
|
+
agent: "agent";
|
|
21
|
+
external: "external";
|
|
22
|
+
}>;
|
|
23
|
+
type SignerKind = z.infer<typeof signerKindSchema>;
|
|
24
|
+
declare const SIGNING_METHOD: readonly ["typed_name", "agent_confirm", "click_through", "esign_external"];
|
|
25
|
+
declare const signingMethodSchema: z.ZodEnum<{
|
|
26
|
+
typed_name: "typed_name";
|
|
27
|
+
agent_confirm: "agent_confirm";
|
|
28
|
+
click_through: "click_through";
|
|
29
|
+
esign_external: "esign_external";
|
|
30
|
+
}>;
|
|
31
|
+
type SigningMethod = z.infer<typeof signingMethodSchema>;
|
|
32
|
+
declare const evidenceSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
33
|
+
kind: z.ZodLiteral<"typed_name">;
|
|
34
|
+
signerName: z.ZodString;
|
|
35
|
+
ipAddress: z.ZodString;
|
|
36
|
+
userAgent: z.ZodString;
|
|
37
|
+
nonce: z.ZodString;
|
|
38
|
+
signedUrlToken: z.ZodOptional<z.ZodString>;
|
|
39
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
40
|
+
kind: z.ZodLiteral<"agent_confirm">;
|
|
41
|
+
modelId: z.ZodString;
|
|
42
|
+
promptContextHash: z.ZodString;
|
|
43
|
+
reasoningSummary: z.ZodOptional<z.ZodString>;
|
|
44
|
+
conversationTurnId: z.ZodOptional<z.ZodString>;
|
|
45
|
+
authorizedByPolicy: z.ZodOptional<z.ZodString>;
|
|
46
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
47
|
+
kind: z.ZodLiteral<"click_through">;
|
|
48
|
+
ipAddress: z.ZodString;
|
|
49
|
+
userAgent: z.ZodString;
|
|
50
|
+
signedUrlToken: z.ZodString;
|
|
51
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
52
|
+
kind: z.ZodLiteral<"esign_external">;
|
|
53
|
+
provider: z.ZodString;
|
|
54
|
+
externalRef: z.ZodString;
|
|
55
|
+
signedPdfRef: z.ZodOptional<z.ZodString>;
|
|
56
|
+
}, z.core.$strip>], "kind">;
|
|
57
|
+
type SignatureEvidence = z.infer<typeof evidenceSchema>;
|
|
58
|
+
declare const signatureSchema: z.ZodObject<{
|
|
59
|
+
schema: z.ZodLiteral<"agentgovernance/v1">;
|
|
60
|
+
doctype: z.ZodLiteral<"signature">;
|
|
61
|
+
signer: z.ZodString;
|
|
62
|
+
signerKind: z.ZodEnum<{
|
|
63
|
+
operator: "operator";
|
|
64
|
+
user: "user";
|
|
65
|
+
counterparty: "counterparty";
|
|
66
|
+
agent: "agent";
|
|
67
|
+
external: "external";
|
|
68
|
+
}>;
|
|
69
|
+
signerEmail: z.ZodOptional<z.ZodEmail>;
|
|
70
|
+
artifactPath: z.ZodString;
|
|
71
|
+
documentHash: z.ZodString;
|
|
72
|
+
method: z.ZodEnum<{
|
|
73
|
+
typed_name: "typed_name";
|
|
74
|
+
agent_confirm: "agent_confirm";
|
|
75
|
+
click_through: "click_through";
|
|
76
|
+
esign_external: "esign_external";
|
|
77
|
+
}>;
|
|
78
|
+
evidence: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
79
|
+
kind: z.ZodLiteral<"typed_name">;
|
|
80
|
+
signerName: z.ZodString;
|
|
81
|
+
ipAddress: z.ZodString;
|
|
82
|
+
userAgent: z.ZodString;
|
|
83
|
+
nonce: z.ZodString;
|
|
84
|
+
signedUrlToken: z.ZodOptional<z.ZodString>;
|
|
85
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
86
|
+
kind: z.ZodLiteral<"agent_confirm">;
|
|
87
|
+
modelId: z.ZodString;
|
|
88
|
+
promptContextHash: z.ZodString;
|
|
89
|
+
reasoningSummary: z.ZodOptional<z.ZodString>;
|
|
90
|
+
conversationTurnId: z.ZodOptional<z.ZodString>;
|
|
91
|
+
authorizedByPolicy: z.ZodOptional<z.ZodString>;
|
|
92
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
93
|
+
kind: z.ZodLiteral<"click_through">;
|
|
94
|
+
ipAddress: z.ZodString;
|
|
95
|
+
userAgent: z.ZodString;
|
|
96
|
+
signedUrlToken: z.ZodString;
|
|
97
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
98
|
+
kind: z.ZodLiteral<"esign_external">;
|
|
99
|
+
provider: z.ZodString;
|
|
100
|
+
externalRef: z.ZodString;
|
|
101
|
+
signedPdfRef: z.ZodOptional<z.ZodString>;
|
|
102
|
+
}, z.core.$strip>], "kind">;
|
|
103
|
+
signedAt: z.ZodISODateTime;
|
|
104
|
+
revokedAt: z.ZodOptional<z.ZodISODateTime>;
|
|
105
|
+
revokedReason: z.ZodOptional<z.ZodString>;
|
|
106
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
107
|
+
}, z.core.$strip>;
|
|
108
|
+
type Signature = z.infer<typeof signatureSchema>;
|
|
109
|
+
/** Filename helper: `<signer-kind>-<signer-slug>-<isoDate>.signature.json` */
|
|
110
|
+
declare function signatureFilename(signer: string, signedAt: string): string;
|
|
111
|
+
|
|
112
|
+
/**
|
|
113
|
+
* agentgovernance/v1 — audit-log.jsonl line doctype.
|
|
114
|
+
*
|
|
115
|
+
* Each line of `<scope>/audit/audit-log.jsonl` is one audit event, encoded as
|
|
116
|
+
* a single JSON object on one line (no embedded newlines).
|
|
117
|
+
*
|
|
118
|
+
* Scope is whatever folder hosts the log: per-engagement
|
|
119
|
+
* (`engagements/<slug>/audit/audit-log.jsonl`) or per-workspace/guild
|
|
120
|
+
* (`audit/audit-log.jsonl` for cross-engagement events).
|
|
121
|
+
*
|
|
122
|
+
* Hash chain protocol:
|
|
123
|
+
* signature_n = HMAC-SHA256(secret, signature_{n-1} ‖ canonical(row_n))
|
|
124
|
+
*
|
|
125
|
+
* The first line's `prevSignature` is the workspace genesis seed (vault-backed).
|
|
126
|
+
* See `../hash-chain/protocol.md` for the canonical-bytes specification.
|
|
127
|
+
*/
|
|
128
|
+
declare const ACTOR_KIND: readonly ["operator", "user", "counterparty", "agent", "system"];
|
|
129
|
+
declare const actorKindSchema: z.ZodEnum<{
|
|
130
|
+
operator: "operator";
|
|
131
|
+
user: "user";
|
|
132
|
+
counterparty: "counterparty";
|
|
133
|
+
agent: "agent";
|
|
134
|
+
system: "system";
|
|
135
|
+
}>;
|
|
136
|
+
type ActorKind = z.infer<typeof actorKindSchema>;
|
|
137
|
+
/** Common entity types. Apps may extend via metadata or contributing entries. */
|
|
138
|
+
declare const KNOWN_ENTITY_TYPES: readonly ["signature", "audit-event", "policy", "approval", "engagement", "agreement", "deliverable", "invoice", "service", "counterparty", "routine", "procedure", "task", "project", "company", "agent"];
|
|
139
|
+
declare const auditEventSchema: z.ZodObject<{
|
|
140
|
+
schema: z.ZodLiteral<"agentgovernance/v1">;
|
|
141
|
+
doctype: z.ZodLiteral<"audit-event">;
|
|
142
|
+
actorKind: z.ZodEnum<{
|
|
143
|
+
operator: "operator";
|
|
144
|
+
user: "user";
|
|
145
|
+
counterparty: "counterparty";
|
|
146
|
+
agent: "agent";
|
|
147
|
+
system: "system";
|
|
148
|
+
}>;
|
|
149
|
+
actorId: z.ZodNullable<z.ZodString>;
|
|
150
|
+
entityType: z.ZodString;
|
|
151
|
+
entityId: z.ZodString;
|
|
152
|
+
action: z.ZodString;
|
|
153
|
+
payload: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
154
|
+
prevSignature: z.ZodString;
|
|
155
|
+
signature: z.ZodString;
|
|
156
|
+
requestId: z.ZodOptional<z.ZodString>;
|
|
157
|
+
traceId: z.ZodOptional<z.ZodString>;
|
|
158
|
+
ipAddress: z.ZodOptional<z.ZodString>;
|
|
159
|
+
userAgent: z.ZodOptional<z.ZodString>;
|
|
160
|
+
createdAt: z.ZodISODateTime;
|
|
161
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
162
|
+
}, z.core.$strip>;
|
|
163
|
+
type AuditEvent = z.infer<typeof auditEventSchema>;
|
|
164
|
+
/** Convenience: parse a single JSONL line. Returns parsed event or throws. */
|
|
165
|
+
declare function parseAuditLine(line: string): AuditEvent;
|
|
166
|
+
|
|
167
|
+
export { ACTOR_KIND, type ActorKind, type AuditEvent, KNOWN_ENTITY_TYPES, SIGNER_KIND, SIGNING_METHOD, type Signature, type SignatureEvidence, type SignerKind, type SigningMethod, actorKindSchema, auditEventSchema, evidenceSchema, parseAuditLine, signatureFilename, signatureSchema, signerKindSchema, signingMethodSchema };
|
|
@@ -0,0 +1,4 @@
|
|
|
1
|
+
import '../chunk-7GHDRKSD.mjs';
|
|
2
|
+
export { ACTOR_KIND, KNOWN_ENTITY_TYPES, POLICY_THRESHOLD, SIGNER_KIND, SIGNING_METHOD, actorKindSchema, auditEventSchema, evidenceSchema, parseAuditLine, policyAppliesToSchema, policyCapSchema, policyDirname, policyEscalationSchema, policyFrontmatterSchema, policyThresholdSchema, requiredSignerSchema, signatureFilename, signatureSchema, signerKindSchema, signingMethodSchema } from '../chunk-J2DX2WOA.mjs';
|
|
3
|
+
//# sourceMappingURL=index.mjs.map
|
|
4
|
+
//# sourceMappingURL=index.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":[],"names":[],"mappings":"","file":"index.mjs"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
export { V as VerifyChainOptions, a as VerifyChainResult, v as verifyChain } from '../verify-e_UfVr02.js';
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Canonicalize a row to deterministic UTF-8 bytes.
|
|
5
|
+
*
|
|
6
|
+
* Sorts object keys, drops `undefined` values, and emits whitespace-free JSON.
|
|
7
|
+
*/
|
|
8
|
+
declare function canonicalize(value: unknown): Uint8Array;
|
|
9
|
+
/** Internal: canonical JSON string. */
|
|
10
|
+
declare function canonicalJsonString(value: unknown): string;
|
|
11
|
+
interface ChainComputeOptions {
|
|
12
|
+
/** Workspace genesis seed (hex) — used as prev_signature for the first line. */
|
|
13
|
+
genesisSeed: string;
|
|
14
|
+
/** HMAC secret key (utf-8 string or hex). */
|
|
15
|
+
secret: string;
|
|
16
|
+
}
|
|
17
|
+
interface ComputedChainSignature {
|
|
18
|
+
/** Hex-encoded HMAC-SHA256. */
|
|
19
|
+
signature: string;
|
|
20
|
+
/** Hex-encoded prevSignature carried into this row. */
|
|
21
|
+
prevSignature: string;
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Compute the chain signature for a row given the previous signature.
|
|
25
|
+
*
|
|
26
|
+
* @param row - The audit-event row (the `signature` field, if present, is excluded from the canonical bytes).
|
|
27
|
+
* @param prevSignature - The previous line's signature (or the workspace genesis seed for the first line). Hex-encoded.
|
|
28
|
+
* @param secret - HMAC secret (passed verbatim as the HMAC key).
|
|
29
|
+
* @returns Hex-encoded SHA-256 HMAC.
|
|
30
|
+
*/
|
|
31
|
+
declare function computeChainSignature(row: Record<string, unknown>, prevSignature: string, secret: string): string;
|
|
32
|
+
/**
|
|
33
|
+
* Compute the signature and produce a ready-to-write row with `prevSignature` and `signature` populated.
|
|
34
|
+
*/
|
|
35
|
+
declare function chainRow(rowWithoutChainFields: Record<string, unknown>, prevSignature: string, secret: string): Record<string, unknown> & {
|
|
36
|
+
prevSignature: string;
|
|
37
|
+
signature: string;
|
|
38
|
+
};
|
|
39
|
+
|
|
40
|
+
export { type ChainComputeOptions, type ComputedChainSignature, canonicalJsonString, canonicalize, chainRow, computeChainSignature };
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":[],"names":[],"mappings":"","file":"index.mjs"}
|
package/dist/index.d.ts
ADDED
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
export { ACTOR_KIND, ActorKind, AuditEvent, KNOWN_ENTITY_TYPES, SIGNER_KIND, SIGNING_METHOD, Signature, SignatureEvidence, SignerKind, SigningMethod, actorKindSchema, auditEventSchema, evidenceSchema, parseAuditLine, signatureFilename, signatureSchema, signerKindSchema, signingMethodSchema } from './doctypes/index.js';
|
|
2
|
+
export { P as POLICY_THRESHOLD, a as Policy, b as PolicyAppliesTo, c as PolicyCap, d as PolicyEscalation, e as PolicyFrontmatter, f as PolicyThreshold, R as RequiredSigner, p as policyAppliesToSchema, g as policyCapSchema, h as policyDirname, i as policyEscalationSchema, j as policyFrontmatterSchema, k as policyThresholdSchema, r as requiredSignerSchema } from './policy-YqpSg3Ep.js';
|
|
3
|
+
export { ValidationError, ValidationResult, validateAuditEvent, validateAuditLog, validatePolicy, validateSignature, validateSignatureAgainstArtifact } from './validators/index.js';
|
|
4
|
+
export { ChainComputeOptions, ComputedChainSignature, canonicalJsonString, canonicalize, chainRow, computeChainSignature } from './hash-chain/index.js';
|
|
5
|
+
export { V as VerifyChainOptions, a as VerifyChainResult, v as verifyChain } from './verify-e_UfVr02.js';
|
|
6
|
+
import 'zod';
|
|
7
|
+
|
|
8
|
+
/**
|
|
9
|
+
* @agentproto/governance — agentgovernance/v1 spec implementation.
|
|
10
|
+
*
|
|
11
|
+
* Universal contractual approval framework: signatures, audit logs, policies.
|
|
12
|
+
* All doctypes are workspace files; this package is filesystem-first and
|
|
13
|
+
* vendor-neutral (no Mastra, LangChain, Temporal imports).
|
|
14
|
+
*
|
|
15
|
+
* Subpath exports:
|
|
16
|
+
* - "./doctypes" — zod schemas + inferred types for signature, audit-event, policy
|
|
17
|
+
* - "./hash-chain" — canonical row hashing + chain compute/verify
|
|
18
|
+
* - "./validators" — per-doctype validators
|
|
19
|
+
*
|
|
20
|
+
* Reference runtime (audit-chain writer, sign-artifact orchestrator, _index
|
|
21
|
+
* helpers) lives in the sibling package `@agentproto/governance-engine`. Spec
|
|
22
|
+
* stays pure: zero I/O, zero filesystem deps. Consumers needing only types +
|
|
23
|
+
* validators (CI validators, third-party language ports) avoid pulling node:fs.
|
|
24
|
+
*
|
|
25
|
+
* Spec doc: ./AGENTGOVERNANCE.md (canonical)
|
|
26
|
+
* src/spec/agentgovernance-v1.md (source of truth)
|
|
27
|
+
*/
|
|
28
|
+
declare const SPEC_NAME: "agentgovernance/v1";
|
|
29
|
+
declare const SPEC_VERSION: "1.0.0-alpha";
|
|
30
|
+
|
|
31
|
+
export { SPEC_NAME, SPEC_VERSION };
|
package/dist/index.mjs
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import './chunk-7GHDRKSD.mjs';
|
|
2
|
+
import './chunk-5G463T6C.mjs';
|
|
3
|
+
export { validateAuditEvent, validateAuditLog, validatePolicy, validateSignature, validateSignatureAgainstArtifact } from './chunk-UVBFLWSG.mjs';
|
|
4
|
+
export { canonicalJsonString, canonicalize, chainRow, computeChainSignature, verifyChain } from './chunk-VWEBMWO2.mjs';
|
|
5
|
+
export { ACTOR_KIND, KNOWN_ENTITY_TYPES, POLICY_THRESHOLD, SIGNER_KIND, SIGNING_METHOD, actorKindSchema, auditEventSchema, evidenceSchema, parseAuditLine, policyAppliesToSchema, policyCapSchema, policyDirname, policyEscalationSchema, policyFrontmatterSchema, policyThresholdSchema, requiredSignerSchema, signatureFilename, signatureSchema, signerKindSchema, signingMethodSchema } from './chunk-J2DX2WOA.mjs';
|
|
6
|
+
|
|
7
|
+
/**
|
|
8
|
+
* @agentproto/governance v0.1.0-alpha
|
|
9
|
+
* agentgovernance/v1 — universal contractual approval framework.
|
|
10
|
+
* Vendor-neutral. Filesystem-first. Third-party verifiable.
|
|
11
|
+
*/
|
|
12
|
+
|
|
13
|
+
// src/index.ts
|
|
14
|
+
var SPEC_NAME = "agentgovernance/v1";
|
|
15
|
+
var SPEC_VERSION = "1.0.0-alpha";
|
|
16
|
+
|
|
17
|
+
export { SPEC_NAME, SPEC_VERSION };
|
|
18
|
+
//# sourceMappingURL=index.mjs.map
|
|
19
|
+
//# sourceMappingURL=index.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;AAqBO,IAAM,SAAA,GAAY;AAClB,IAAM,YAAA,GAAe","file":"index.mjs","sourcesContent":["/**\n * @agentproto/governance — agentgovernance/v1 spec implementation.\n *\n * Universal contractual approval framework: signatures, audit logs, policies.\n * All doctypes are workspace files; this package is filesystem-first and\n * vendor-neutral (no Mastra, LangChain, Temporal imports).\n *\n * Subpath exports:\n * - \"./doctypes\" — zod schemas + inferred types for signature, audit-event, policy\n * - \"./hash-chain\" — canonical row hashing + chain compute/verify\n * - \"./validators\" — per-doctype validators\n *\n * Reference runtime (audit-chain writer, sign-artifact orchestrator, _index\n * helpers) lives in the sibling package `@agentproto/governance-engine`. Spec\n * stays pure: zero I/O, zero filesystem deps. Consumers needing only types +\n * validators (CI validators, third-party language ports) avoid pulling node:fs.\n *\n * Spec doc: ./AGENTGOVERNANCE.md (canonical)\n * src/spec/agentgovernance-v1.md (source of truth)\n */\n\nexport const SPEC_NAME = \"agentgovernance/v1\" as const\nexport const SPEC_VERSION = \"1.0.0-alpha\" as const\n\nexport * from \"./spec/doctypes/index.js\"\nexport * from \"./spec/validators/index.js\"\nexport * from \"./spec/hash-chain/index.js\"\n"]}
|
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
import { b as PolicyAppliesTo, c as PolicyCap, f as PolicyThreshold, R as RequiredSigner, d as PolicyEscalation, e as PolicyFrontmatter } from '../policy-YqpSg3Ep.js';
|
|
2
|
+
import 'zod';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* AIP-7 POLICY.md — `definePolicy` constructor + `policyFromManifest`
|
|
6
|
+
* markdown-authored entry. Built on `@agentproto/define-doctype`.
|
|
7
|
+
*
|
|
8
|
+
* Policies are the AIP-7 doctype that declares "what an autonomous
|
|
9
|
+
* actor may do without further approval, and what threshold of
|
|
10
|
+
* signatures it needs when a cap is exceeded". Authoring path A
|
|
11
|
+
* (`definePolicy({...})`) covers the in-process / TS-authored case;
|
|
12
|
+
* authoring path B (`policyFromManifest(parsed)`) covers the
|
|
13
|
+
* filesystem-authored case where the policy ships as a `POLICY.md`
|
|
14
|
+
* under a workspace's `policies/<slug>/` folder.
|
|
15
|
+
*
|
|
16
|
+
* Both paths land in the same `createDoctype` pipeline as `defineTool`
|
|
17
|
+
* and `defineDriver`: identity is regex-validated, the produced handle
|
|
18
|
+
* is `Object.freeze`-d, errors carry the canonical `definePolicy
|
|
19
|
+
* (AIP-7): …` prefix, and spec-specific invariants run after the
|
|
20
|
+
* shared ones.
|
|
21
|
+
*
|
|
22
|
+
* Departs from the AIP-14/AIP-30 default shape on three axes — which
|
|
23
|
+
* is what makes this a useful test of the meta-factory's flexibility:
|
|
24
|
+
* - identity field is `slug`, not `id`
|
|
25
|
+
* - identity pattern is stricter (no dots, no underscores): `^[a-z0-9][a-z0-9-]*$`
|
|
26
|
+
* - `description` is OPTIONAL on the doctype; the LLM-facing copy
|
|
27
|
+
* lives in `name`. We skip the description length check entirely.
|
|
28
|
+
*/
|
|
29
|
+
|
|
30
|
+
declare const POLICY_SLUG_PATTERN: RegExp;
|
|
31
|
+
/**
|
|
32
|
+
* Input to `definePolicy`. Mirrors `PolicyFrontmatter` minus the
|
|
33
|
+
* spec-fixed `schema` and `doctype` fields (which the runtime fills).
|
|
34
|
+
* Every other field is preserved verbatim.
|
|
35
|
+
*/
|
|
36
|
+
interface PolicyDefinition {
|
|
37
|
+
slug: string;
|
|
38
|
+
name: string;
|
|
39
|
+
description?: string;
|
|
40
|
+
appliesTo?: readonly PolicyAppliesTo[];
|
|
41
|
+
caps?: readonly PolicyCap[];
|
|
42
|
+
threshold?: PolicyThreshold;
|
|
43
|
+
/** Required when `threshold === "weighted_threshold"`. */
|
|
44
|
+
requiredWeight?: number;
|
|
45
|
+
requiredSignatures?: readonly RequiredSigner[];
|
|
46
|
+
/** ISO-8601 duration. */
|
|
47
|
+
deadline?: string;
|
|
48
|
+
escalation?: PolicyEscalation;
|
|
49
|
+
metadata?: Record<string, unknown>;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* The host-registrable handle returned by `definePolicy`. Frozen,
|
|
53
|
+
* with array/object fields shallow-frozen to lock the wire shape.
|
|
54
|
+
*/
|
|
55
|
+
interface PolicyHandle {
|
|
56
|
+
readonly schema: "agentgovernance/v1";
|
|
57
|
+
readonly doctype: "policy";
|
|
58
|
+
readonly slug: string;
|
|
59
|
+
readonly name: string;
|
|
60
|
+
readonly description?: string;
|
|
61
|
+
readonly appliesTo: readonly PolicyAppliesTo[];
|
|
62
|
+
readonly caps: readonly PolicyCap[];
|
|
63
|
+
readonly threshold: PolicyThreshold;
|
|
64
|
+
readonly requiredWeight?: number;
|
|
65
|
+
readonly requiredSignatures: readonly RequiredSigner[];
|
|
66
|
+
readonly deadline?: string;
|
|
67
|
+
readonly escalation?: PolicyEscalation;
|
|
68
|
+
readonly metadata: Record<string, unknown>;
|
|
69
|
+
}
|
|
70
|
+
/**
|
|
71
|
+
* AIP-7 reference implementation of `definePolicy`. Goes through
|
|
72
|
+
* `createDoctype` so the cross-AIP invariants (slug pattern check,
|
|
73
|
+
* top-level freeze, `definePolicy (AIP-7): …` error prefix) run
|
|
74
|
+
* uniformly with `defineTool` / `defineDriver`.
|
|
75
|
+
*
|
|
76
|
+
* Spec-specific validation enforced here:
|
|
77
|
+
* - `name` must be 1+ chars (zod-equivalent of `.min(1)`)
|
|
78
|
+
* - `threshold === "weighted_threshold"` requires `requiredWeight`
|
|
79
|
+
* to be set (matches the `.refine()` on the manifest schema).
|
|
80
|
+
*/
|
|
81
|
+
declare const definePolicy: (def: PolicyDefinition) => PolicyHandle;
|
|
82
|
+
/**
|
|
83
|
+
* Parsed POLICY.md manifest — frontmatter validated against the
|
|
84
|
+
* AIP-7 zod schema, body kept as-is for downstream consumers.
|
|
85
|
+
*/
|
|
86
|
+
interface PolicyManifest {
|
|
87
|
+
frontmatter: PolicyFrontmatter;
|
|
88
|
+
body: string;
|
|
89
|
+
}
|
|
90
|
+
/**
|
|
91
|
+
* Parse a POLICY.md source string. Throws on missing or schema-invalid
|
|
92
|
+
* frontmatter.
|
|
93
|
+
*/
|
|
94
|
+
declare function parsePolicyManifest(source: string): PolicyManifest;
|
|
95
|
+
/**
|
|
96
|
+
* Build a {@link PolicyHandle} from a parsed `POLICY.md` manifest.
|
|
97
|
+
* Same single-source-of-truth principle as `toolFromManifest` /
|
|
98
|
+
* `driverFromManifest`: the frontmatter is the source of truth for
|
|
99
|
+
* metadata; the handle ends up in `definePolicy` so AIP-7 invariants
|
|
100
|
+
* (and the meta-factory's shared invariants) run uniformly.
|
|
101
|
+
*/
|
|
102
|
+
declare function policyFromManifest(manifest: PolicyManifest): PolicyHandle;
|
|
103
|
+
|
|
104
|
+
export { POLICY_SLUG_PATTERN, type PolicyDefinition, type PolicyHandle, type PolicyManifest, definePolicy, parsePolicyManifest, policyFromManifest };
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
import { policyFrontmatterSchema } from '../chunk-J2DX2WOA.mjs';
|
|
2
|
+
import { createDoctype } from '@agentproto/define-doctype';
|
|
3
|
+
import matter from 'gray-matter';
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* @agentproto/governance v0.1.0-alpha
|
|
7
|
+
* agentgovernance/v1 — universal contractual approval framework.
|
|
8
|
+
* Vendor-neutral. Filesystem-first. Third-party verifiable.
|
|
9
|
+
*/
|
|
10
|
+
var POLICY_SLUG_PATTERN = /^[a-z0-9][a-z0-9-]*$/;
|
|
11
|
+
var definePolicy = createDoctype({
|
|
12
|
+
aip: 7,
|
|
13
|
+
name: "policy",
|
|
14
|
+
readIdentity: (def) => def.slug,
|
|
15
|
+
idPattern: POLICY_SLUG_PATTERN,
|
|
16
|
+
// POLICY.md treats `description` as optional and uses `name` as the
|
|
17
|
+
// human-readable label. Skip the cross-AIP description check; let
|
|
18
|
+
// spec-7 validate `name` itself in `validate()`.
|
|
19
|
+
readDescription: false,
|
|
20
|
+
validate(def) {
|
|
21
|
+
if (typeof def.name !== "string" || def.name.length === 0) {
|
|
22
|
+
throw new Error(
|
|
23
|
+
`definePolicy (AIP-7): slug='${def.slug}' name must be a non-empty string`
|
|
24
|
+
);
|
|
25
|
+
}
|
|
26
|
+
if (def.threshold === "weighted_threshold" && typeof def.requiredWeight !== "number") {
|
|
27
|
+
throw new Error(
|
|
28
|
+
`definePolicy (AIP-7): slug='${def.slug}' threshold='weighted_threshold' requires requiredWeight to be set`
|
|
29
|
+
);
|
|
30
|
+
}
|
|
31
|
+
},
|
|
32
|
+
build(def) {
|
|
33
|
+
return {
|
|
34
|
+
schema: "agentgovernance/v1",
|
|
35
|
+
doctype: "policy",
|
|
36
|
+
slug: def.slug,
|
|
37
|
+
name: def.name,
|
|
38
|
+
description: def.description,
|
|
39
|
+
appliesTo: Object.freeze([...def.appliesTo ?? []]),
|
|
40
|
+
caps: Object.freeze([...def.caps ?? []]),
|
|
41
|
+
threshold: def.threshold ?? "single",
|
|
42
|
+
requiredWeight: def.requiredWeight,
|
|
43
|
+
requiredSignatures: Object.freeze([...def.requiredSignatures ?? []]),
|
|
44
|
+
deadline: def.deadline,
|
|
45
|
+
escalation: def.escalation,
|
|
46
|
+
metadata: Object.freeze({ ...def.metadata ?? {} })
|
|
47
|
+
};
|
|
48
|
+
}
|
|
49
|
+
});
|
|
50
|
+
function parsePolicyManifest(source) {
|
|
51
|
+
const parsed = matter(source);
|
|
52
|
+
if (Object.keys(parsed.data).length === 0) {
|
|
53
|
+
throw new Error("parsePolicyManifest: missing or empty frontmatter");
|
|
54
|
+
}
|
|
55
|
+
const result = policyFrontmatterSchema.safeParse(parsed.data);
|
|
56
|
+
if (!result.success) {
|
|
57
|
+
throw new Error(
|
|
58
|
+
`parsePolicyManifest: invalid frontmatter \u2014 ${result.error.issues.map((i) => `${i.path.join(".")}: ${i.message}`).join("; ")}`
|
|
59
|
+
);
|
|
60
|
+
}
|
|
61
|
+
return { frontmatter: result.data, body: parsed.content };
|
|
62
|
+
}
|
|
63
|
+
function policyFromManifest(manifest) {
|
|
64
|
+
const fm = manifest.frontmatter;
|
|
65
|
+
return definePolicy({
|
|
66
|
+
slug: fm.slug,
|
|
67
|
+
name: fm.name,
|
|
68
|
+
description: fm.description,
|
|
69
|
+
appliesTo: fm.appliesTo,
|
|
70
|
+
caps: fm.caps,
|
|
71
|
+
threshold: fm.threshold,
|
|
72
|
+
requiredWeight: fm.requiredWeight,
|
|
73
|
+
requiredSignatures: fm.requiredSignatures,
|
|
74
|
+
deadline: fm.deadline,
|
|
75
|
+
escalation: fm.escalation,
|
|
76
|
+
metadata: fm.metadata
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
export { POLICY_SLUG_PATTERN, definePolicy, parsePolicyManifest, policyFromManifest };
|
|
81
|
+
//# sourceMappingURL=index.mjs.map
|
|
82
|
+
//# sourceMappingURL=index.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/policy/index.ts"],"names":[],"mappings":";;;;;;;;;AAsCA,IAAM,mBAAA,GAAsB;AAsDrB,IAAM,eAAe,aAAA,CAA8C;AAAA,EACxE,GAAA,EAAK,CAAA;AAAA,EACL,IAAA,EAAM,QAAA;AAAA,EACN,YAAA,EAAc,CAAC,GAAA,KAAQ,GAAA,CAAI,IAAA;AAAA,EAC3B,SAAA,EAAW,mBAAA;AAAA;AAAA;AAAA;AAAA,EAIX,eAAA,EAAiB,KAAA;AAAA,EACjB,SAAS,GAAA,EAAK;AACZ,IAAA,IAAI,OAAO,GAAA,CAAI,IAAA,KAAS,YAAY,GAAA,CAAI,IAAA,CAAK,WAAW,CAAA,EAAG;AACzD,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,4BAAA,EAA+B,IAAI,IAAI,CAAA,iCAAA;AAAA,OACzC;AAAA,IACF;AACA,IAAA,IACE,IAAI,SAAA,KAAc,oBAAA,IAClB,OAAO,GAAA,CAAI,mBAAmB,QAAA,EAC9B;AACA,MAAA,MAAM,IAAI,KAAA;AAAA,QACR,CAAA,4BAAA,EAA+B,IAAI,IAAI,CAAA,kEAAA;AAAA,OACzC;AAAA,IACF;AAAA,EACF,CAAA;AAAA,EACA,MAAM,GAAA,EAAK;AACT,IAAA,OAAO;AAAA,MACL,MAAA,EAAQ,oBAAA;AAAA,MACR,OAAA,EAAS,QAAA;AAAA,MACT,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,aAAa,GAAA,CAAI,WAAA;AAAA,MACjB,SAAA,EAAW,OAAO,MAAA,CAAO,CAAC,GAAI,GAAA,CAAI,SAAA,IAAa,EAAG,CAAC,CAAA;AAAA,MACnD,IAAA,EAAM,OAAO,MAAA,CAAO,CAAC,GAAI,GAAA,CAAI,IAAA,IAAQ,EAAG,CAAC,CAAA;AAAA,MACzC,SAAA,EAAW,IAAI,SAAA,IAAa,QAAA;AAAA,MAC5B,gBAAgB,GAAA,CAAI,cAAA;AAAA,MACpB,kBAAA,EAAoB,OAAO,MAAA,CAAO,CAAC,GAAI,GAAA,CAAI,kBAAA,IAAsB,EAAG,CAAC,CAAA;AAAA,MACrE,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,YAAY,GAAA,CAAI,UAAA;AAAA,MAChB,QAAA,EAAU,OAAO,MAAA,CAAO,EAAE,GAAI,GAAA,CAAI,QAAA,IAAY,EAAC,EAAI;AAAA,KACrD;AAAA,EACF;AACF,CAAC;AAeM,SAAS,oBAAoB,MAAA,EAAgC;AAClE,EAAA,MAAM,MAAA,GAAS,OAAO,MAAM,CAAA;AAC5B,EAAA,IAAI,OAAO,IAAA,CAAK,MAAA,CAAO,IAAI,CAAA,CAAE,WAAW,CAAA,EAAG;AACzC,IAAA,MAAM,IAAI,MAAM,mDAAmD,CAAA;AAAA,EACrE;AACA,EAAA,MAAM,MAAA,GAAS,uBAAA,CAAwB,SAAA,CAAU,MAAA,CAAO,IAAI,CAAA;AAC5D,EAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACnB,IAAA,MAAM,IAAI,KAAA;AAAA,MACR,CAAA,gDAAA,EAA8C,OAAO,KAAA,CAAM,MAAA,CACxD,IAAI,CAAC,CAAA,KAAM,GAAG,CAAA,CAAE,IAAA,CAAK,KAAK,GAAG,CAAC,KAAK,CAAA,CAAE,OAAO,EAAE,CAAA,CAC9C,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KACf;AAAA,EACF;AACA,EAAA,OAAO,EAAE,WAAA,EAAa,MAAA,CAAO,IAAA,EAAM,IAAA,EAAM,OAAO,OAAA,EAAQ;AAC1D;AASO,SAAS,mBAAmB,QAAA,EAAwC;AACzE,EAAA,MAAM,KAAK,QAAA,CAAS,WAAA;AACpB,EAAA,OAAO,YAAA,CAAa;AAAA,IAClB,MAAM,EAAA,CAAG,IAAA;AAAA,IACT,MAAM,EAAA,CAAG,IAAA;AAAA,IACT,aAAa,EAAA,CAAG,WAAA;AAAA,IAChB,WAAW,EAAA,CAAG,SAAA;AAAA,IACd,MAAM,EAAA,CAAG,IAAA;AAAA,IACT,WAAW,EAAA,CAAG,SAAA;AAAA,IACd,gBAAgB,EAAA,CAAG,cAAA;AAAA,IACnB,oBAAoB,EAAA,CAAG,kBAAA;AAAA,IACvB,UAAU,EAAA,CAAG,QAAA;AAAA,IACb,YAAY,EAAA,CAAG,UAAA;AAAA,IACf,UAAU,EAAA,CAAG;AAAA,GACd,CAAA;AACH","file":"index.mjs","sourcesContent":["/**\n * AIP-7 POLICY.md — `definePolicy` constructor + `policyFromManifest`\n * markdown-authored entry. Built on `@agentproto/define-doctype`.\n *\n * Policies are the AIP-7 doctype that declares \"what an autonomous\n * actor may do without further approval, and what threshold of\n * signatures it needs when a cap is exceeded\". Authoring path A\n * (`definePolicy({...})`) covers the in-process / TS-authored case;\n * authoring path B (`policyFromManifest(parsed)`) covers the\n * filesystem-authored case where the policy ships as a `POLICY.md`\n * under a workspace's `policies/<slug>/` folder.\n *\n * Both paths land in the same `createDoctype` pipeline as `defineTool`\n * and `defineDriver`: identity is regex-validated, the produced handle\n * is `Object.freeze`-d, errors carry the canonical `definePolicy\n * (AIP-7): …` prefix, and spec-specific invariants run after the\n * shared ones.\n *\n * Departs from the AIP-14/AIP-30 default shape on three axes — which\n * is what makes this a useful test of the meta-factory's flexibility:\n * - identity field is `slug`, not `id`\n * - identity pattern is stricter (no dots, no underscores): `^[a-z0-9][a-z0-9-]*$`\n * - `description` is OPTIONAL on the doctype; the LLM-facing copy\n * lives in `name`. We skip the description length check entirely.\n */\n\nimport { createDoctype } from \"@agentproto/define-doctype\"\nimport matter from \"gray-matter\"\nimport {\n policyFrontmatterSchema,\n type PolicyAppliesTo,\n type PolicyCap,\n type PolicyEscalation,\n type PolicyFrontmatter,\n type PolicyThreshold,\n type RequiredSigner,\n} from \"../spec/doctypes/policy.js\"\n\nconst POLICY_SLUG_PATTERN = /^[a-z0-9][a-z0-9-]*$/\n\n/**\n * Input to `definePolicy`. Mirrors `PolicyFrontmatter` minus the\n * spec-fixed `schema` and `doctype` fields (which the runtime fills).\n * Every other field is preserved verbatim.\n */\nexport interface PolicyDefinition {\n slug: string\n name: string\n description?: string\n appliesTo?: readonly PolicyAppliesTo[]\n caps?: readonly PolicyCap[]\n threshold?: PolicyThreshold\n /** Required when `threshold === \"weighted_threshold\"`. */\n requiredWeight?: number\n requiredSignatures?: readonly RequiredSigner[]\n /** ISO-8601 duration. */\n deadline?: string\n escalation?: PolicyEscalation\n metadata?: Record<string, unknown>\n}\n\n/**\n * The host-registrable handle returned by `definePolicy`. Frozen,\n * with array/object fields shallow-frozen to lock the wire shape.\n */\nexport interface PolicyHandle {\n readonly schema: \"agentgovernance/v1\"\n readonly doctype: \"policy\"\n readonly slug: string\n readonly name: string\n readonly description?: string\n readonly appliesTo: readonly PolicyAppliesTo[]\n readonly caps: readonly PolicyCap[]\n readonly threshold: PolicyThreshold\n readonly requiredWeight?: number\n readonly requiredSignatures: readonly RequiredSigner[]\n readonly deadline?: string\n readonly escalation?: PolicyEscalation\n readonly metadata: Record<string, unknown>\n}\n\n/**\n * AIP-7 reference implementation of `definePolicy`. Goes through\n * `createDoctype` so the cross-AIP invariants (slug pattern check,\n * top-level freeze, `definePolicy (AIP-7): …` error prefix) run\n * uniformly with `defineTool` / `defineDriver`.\n *\n * Spec-specific validation enforced here:\n * - `name` must be 1+ chars (zod-equivalent of `.min(1)`)\n * - `threshold === \"weighted_threshold\"` requires `requiredWeight`\n * to be set (matches the `.refine()` on the manifest schema).\n */\nexport const definePolicy = createDoctype<PolicyDefinition, PolicyHandle>({\n aip: 7,\n name: \"policy\",\n readIdentity: (def) => def.slug,\n idPattern: POLICY_SLUG_PATTERN,\n // POLICY.md treats `description` as optional and uses `name` as the\n // human-readable label. Skip the cross-AIP description check; let\n // spec-7 validate `name` itself in `validate()`.\n readDescription: false,\n validate(def) {\n if (typeof def.name !== \"string\" || def.name.length === 0) {\n throw new Error(\n `definePolicy (AIP-7): slug='${def.slug}' name must be a non-empty string`,\n )\n }\n if (\n def.threshold === \"weighted_threshold\" &&\n typeof def.requiredWeight !== \"number\"\n ) {\n throw new Error(\n `definePolicy (AIP-7): slug='${def.slug}' threshold='weighted_threshold' requires requiredWeight to be set`,\n )\n }\n },\n build(def) {\n return {\n schema: \"agentgovernance/v1\",\n doctype: \"policy\",\n slug: def.slug,\n name: def.name,\n description: def.description,\n appliesTo: Object.freeze([...(def.appliesTo ?? [])]),\n caps: Object.freeze([...(def.caps ?? [])]),\n threshold: def.threshold ?? \"single\",\n requiredWeight: def.requiredWeight,\n requiredSignatures: Object.freeze([...(def.requiredSignatures ?? [])]),\n deadline: def.deadline,\n escalation: def.escalation,\n metadata: Object.freeze({ ...(def.metadata ?? {}) }),\n }\n },\n})\n\n/**\n * Parsed POLICY.md manifest — frontmatter validated against the\n * AIP-7 zod schema, body kept as-is for downstream consumers.\n */\nexport interface PolicyManifest {\n frontmatter: PolicyFrontmatter\n body: string\n}\n\n/**\n * Parse a POLICY.md source string. Throws on missing or schema-invalid\n * frontmatter.\n */\nexport function parsePolicyManifest(source: string): PolicyManifest {\n const parsed = matter(source)\n if (Object.keys(parsed.data).length === 0) {\n throw new Error(\"parsePolicyManifest: missing or empty frontmatter\")\n }\n const result = policyFrontmatterSchema.safeParse(parsed.data)\n if (!result.success) {\n throw new Error(\n `parsePolicyManifest: invalid frontmatter — ${result.error.issues\n .map((i) => `${i.path.join(\".\")}: ${i.message}`)\n .join(\"; \")}`,\n )\n }\n return { frontmatter: result.data, body: parsed.content }\n}\n\n/**\n * Build a {@link PolicyHandle} from a parsed `POLICY.md` manifest.\n * Same single-source-of-truth principle as `toolFromManifest` /\n * `driverFromManifest`: the frontmatter is the source of truth for\n * metadata; the handle ends up in `definePolicy` so AIP-7 invariants\n * (and the meta-factory's shared invariants) run uniformly.\n */\nexport function policyFromManifest(manifest: PolicyManifest): PolicyHandle {\n const fm = manifest.frontmatter\n return definePolicy({\n slug: fm.slug,\n name: fm.name,\n description: fm.description,\n appliesTo: fm.appliesTo,\n caps: fm.caps,\n threshold: fm.threshold,\n requiredWeight: fm.requiredWeight,\n requiredSignatures: fm.requiredSignatures,\n deadline: fm.deadline,\n escalation: fm.escalation,\n metadata: fm.metadata,\n })\n}\n\nexport { POLICY_SLUG_PATTERN }\n"]}
|
|
@@ -0,0 +1,146 @@
|
|
|
1
|
+
import { z } from 'zod';
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* agentgovernance/v1 — POLICY.md doctype.
|
|
5
|
+
*
|
|
6
|
+
* Declarative autonomy rule. Frontmatter declares scope (who/what the policy
|
|
7
|
+
* applies to), constraints (caps, thresholds), and what's required when those
|
|
8
|
+
* thresholds are exceeded (signatures, escalation). Body is human-readable
|
|
9
|
+
* narrative + edge cases.
|
|
10
|
+
*
|
|
11
|
+
* File location: `<scope>/policies/<slug>/POLICY.md` (e.g.,
|
|
12
|
+
* `policies/invoice-cap-500eur/POLICY.md`).
|
|
13
|
+
*
|
|
14
|
+
* Example frontmatter:
|
|
15
|
+
*
|
|
16
|
+
* ```yaml
|
|
17
|
+
* schema: agentgovernance/v1
|
|
18
|
+
* doctype: policy
|
|
19
|
+
* slug: invoice-cap-500eur
|
|
20
|
+
* name: Invoice cap 500 EUR
|
|
21
|
+
* appliesTo:
|
|
22
|
+
* - actorKind: operator
|
|
23
|
+
* actionType: agency.issue_invoice
|
|
24
|
+
* caps:
|
|
25
|
+
* - field: amount
|
|
26
|
+
* max: 500
|
|
27
|
+
* currency: EUR
|
|
28
|
+
* threshold: single
|
|
29
|
+
* requiredSignatures:
|
|
30
|
+
* - signer: operator:founder
|
|
31
|
+
* method: typed_name
|
|
32
|
+
* deadline: PT24H
|
|
33
|
+
* escalation:
|
|
34
|
+
* leadTime: PT2H
|
|
35
|
+
* escalateTo: [operator:cofounder]
|
|
36
|
+
* ```
|
|
37
|
+
*/
|
|
38
|
+
declare const policyAppliesToSchema: z.ZodObject<{
|
|
39
|
+
actorKind: z.ZodOptional<z.ZodEnum<{
|
|
40
|
+
operator: "operator";
|
|
41
|
+
user: "user";
|
|
42
|
+
counterparty: "counterparty";
|
|
43
|
+
agent: "agent";
|
|
44
|
+
system: "system";
|
|
45
|
+
}>>;
|
|
46
|
+
actorId: z.ZodOptional<z.ZodString>;
|
|
47
|
+
teamId: z.ZodOptional<z.ZodString>;
|
|
48
|
+
actionType: z.ZodOptional<z.ZodString>;
|
|
49
|
+
}, z.core.$strip>;
|
|
50
|
+
type PolicyAppliesTo = z.infer<typeof policyAppliesToSchema>;
|
|
51
|
+
declare const policyCapSchema: z.ZodObject<{
|
|
52
|
+
field: z.ZodString;
|
|
53
|
+
max: z.ZodOptional<z.ZodNumber>;
|
|
54
|
+
min: z.ZodOptional<z.ZodNumber>;
|
|
55
|
+
currency: z.ZodOptional<z.ZodString>;
|
|
56
|
+
}, z.core.$strip>;
|
|
57
|
+
type PolicyCap = z.infer<typeof policyCapSchema>;
|
|
58
|
+
/** How collected signatures are evaluated. */
|
|
59
|
+
declare const POLICY_THRESHOLD: readonly ["auto", "single", "all_of", "any_of", "weighted_threshold"];
|
|
60
|
+
declare const policyThresholdSchema: z.ZodEnum<{
|
|
61
|
+
auto: "auto";
|
|
62
|
+
single: "single";
|
|
63
|
+
all_of: "all_of";
|
|
64
|
+
any_of: "any_of";
|
|
65
|
+
weighted_threshold: "weighted_threshold";
|
|
66
|
+
}>;
|
|
67
|
+
type PolicyThreshold = z.infer<typeof policyThresholdSchema>;
|
|
68
|
+
declare const requiredSignerSchema: z.ZodObject<{
|
|
69
|
+
signer: z.ZodString;
|
|
70
|
+
method: z.ZodEnum<{
|
|
71
|
+
typed_name: "typed_name";
|
|
72
|
+
agent_confirm: "agent_confirm";
|
|
73
|
+
click_through: "click_through";
|
|
74
|
+
esign_external: "esign_external";
|
|
75
|
+
}>;
|
|
76
|
+
weight: z.ZodOptional<z.ZodNumber>;
|
|
77
|
+
}, z.core.$strip>;
|
|
78
|
+
type RequiredSigner = z.infer<typeof requiredSignerSchema>;
|
|
79
|
+
declare const policyEscalationSchema: z.ZodObject<{
|
|
80
|
+
leadTime: z.ZodString;
|
|
81
|
+
escalateTo: z.ZodArray<z.ZodString>;
|
|
82
|
+
}, z.core.$strip>;
|
|
83
|
+
type PolicyEscalation = z.infer<typeof policyEscalationSchema>;
|
|
84
|
+
declare const policyFrontmatterSchema: z.ZodObject<{
|
|
85
|
+
schema: z.ZodLiteral<"agentgovernance/v1">;
|
|
86
|
+
doctype: z.ZodLiteral<"policy">;
|
|
87
|
+
slug: z.ZodString;
|
|
88
|
+
name: z.ZodString;
|
|
89
|
+
description: z.ZodOptional<z.ZodString>;
|
|
90
|
+
appliesTo: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
91
|
+
actorKind: z.ZodOptional<z.ZodEnum<{
|
|
92
|
+
operator: "operator";
|
|
93
|
+
user: "user";
|
|
94
|
+
counterparty: "counterparty";
|
|
95
|
+
agent: "agent";
|
|
96
|
+
system: "system";
|
|
97
|
+
}>>;
|
|
98
|
+
actorId: z.ZodOptional<z.ZodString>;
|
|
99
|
+
teamId: z.ZodOptional<z.ZodString>;
|
|
100
|
+
actionType: z.ZodOptional<z.ZodString>;
|
|
101
|
+
}, z.core.$strip>>>;
|
|
102
|
+
caps: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
103
|
+
field: z.ZodString;
|
|
104
|
+
max: z.ZodOptional<z.ZodNumber>;
|
|
105
|
+
min: z.ZodOptional<z.ZodNumber>;
|
|
106
|
+
currency: z.ZodOptional<z.ZodString>;
|
|
107
|
+
}, z.core.$strip>>>;
|
|
108
|
+
threshold: z.ZodDefault<z.ZodEnum<{
|
|
109
|
+
auto: "auto";
|
|
110
|
+
single: "single";
|
|
111
|
+
all_of: "all_of";
|
|
112
|
+
any_of: "any_of";
|
|
113
|
+
weighted_threshold: "weighted_threshold";
|
|
114
|
+
}>>;
|
|
115
|
+
requiredWeight: z.ZodOptional<z.ZodNumber>;
|
|
116
|
+
requiredSignatures: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
117
|
+
signer: z.ZodString;
|
|
118
|
+
method: z.ZodEnum<{
|
|
119
|
+
typed_name: "typed_name";
|
|
120
|
+
agent_confirm: "agent_confirm";
|
|
121
|
+
click_through: "click_through";
|
|
122
|
+
esign_external: "esign_external";
|
|
123
|
+
}>;
|
|
124
|
+
weight: z.ZodOptional<z.ZodNumber>;
|
|
125
|
+
}, z.core.$strip>>>;
|
|
126
|
+
deadline: z.ZodOptional<z.ZodString>;
|
|
127
|
+
escalation: z.ZodOptional<z.ZodObject<{
|
|
128
|
+
leadTime: z.ZodString;
|
|
129
|
+
escalateTo: z.ZodArray<z.ZodString>;
|
|
130
|
+
}, z.core.$strip>>;
|
|
131
|
+
metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
132
|
+
}, z.core.$strip>;
|
|
133
|
+
type PolicyFrontmatter = z.infer<typeof policyFrontmatterSchema>;
|
|
134
|
+
/**
|
|
135
|
+
* Parsed POLICY.md = frontmatter + markdown body.
|
|
136
|
+
* The body is informational (humans + agents can read it); it is NOT used by
|
|
137
|
+
* the policy engine for decisions.
|
|
138
|
+
*/
|
|
139
|
+
interface Policy {
|
|
140
|
+
frontmatter: PolicyFrontmatter;
|
|
141
|
+
body: string;
|
|
142
|
+
}
|
|
143
|
+
/** Convenience filename helper. */
|
|
144
|
+
declare function policyDirname(slug: string): string;
|
|
145
|
+
|
|
146
|
+
export { POLICY_THRESHOLD as P, type RequiredSigner as R, type Policy as a, type PolicyAppliesTo as b, type PolicyCap as c, type PolicyEscalation as d, type PolicyFrontmatter as e, type PolicyThreshold as f, policyCapSchema as g, policyDirname as h, policyEscalationSchema as i, policyFrontmatterSchema as j, policyThresholdSchema as k, policyAppliesToSchema as p, requiredSignerSchema as r };
|