npm - @aigrc/core - Versions diffs - 0.1.0 → 0.2.0 - Mend

@aigrc/core 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/dist/air/index.d.mts +1669 -0
package/dist/air/index.d.ts +1669 -0
package/dist/air/index.js +450 -0
package/dist/air/index.js.map +1 -0
package/dist/air/index.mjs +410 -0
package/dist/air/index.mjs.map +1 -0
package/dist/governance-lock/index.d.mts +903 -0
package/dist/governance-lock/index.d.ts +903 -0
package/dist/governance-lock/index.js +444 -0
package/dist/governance-lock/index.js.map +1 -0
package/dist/governance-lock/index.mjs +389 -0
package/dist/governance-lock/index.mjs.map +1 -0
package/dist/index.d.mts +467 -4
package/dist/index.d.ts +467 -4
package/dist/index.js +2213 -3
package/dist/index.js.map +1 -1
package/dist/index.mjs +2114 -2
package/dist/index.mjs.map +1 -1
package/dist/schemas/index.d.mts +1950 -29
package/dist/schemas/index.d.ts +1950 -29
package/dist/schemas/index.js +354 -1
package/dist/schemas/index.js.map +1 -1
package/dist/schemas/index.mjs +332 -1
package/dist/schemas/index.mjs.map +1 -1
package/package.json +11 -1

package/dist/index.d.mts CHANGED Viewed

@@ -1,8 +1,9 @@
-import { RiskFactors, Trustworthiness, AssetCard, JurisdictionClassification, Intent, Technical } from './schemas/index.mjs';
-export { ApprovalSchema, AssetCardSchema, Classification, ClassificationSchema, Constraints, ConstraintsSchema, ControlStatus, ControlStatusSchema, Governance, GovernanceSchema, IntentSchema, JurisdictionClassificationSchema, Owner, OwnerSchema, RiskFactorsSchema, TechnicalSchema, TrustworthinessCharacteristic, TrustworthinessCharacteristicSchema, TrustworthinessSchema } from './schemas/index.mjs';
+import { RiskLevel, RiskFactors, Trustworthiness, AssetCard, JurisdictionClassification, GoldenThread, Intent, Technical, AigrcConfig, PolicyFile, OperatingMode, PolicyRule, PolicyCapabilities } from './schemas/index.mjs';
+export { AigrcConfigSchema, AigrcIntegrationsConfig, AigrcIntegrationsConfigSchema, AigrcRuntimeConfig, AigrcRuntimeConfigSchema, ApprovalSchema, AssetCardRuntime, AssetCardRuntimeSchema, AssetCardSchema, CapabilitiesManifest, CapabilitiesManifestSchema, Classification, ClassificationSchema, Constraints, ConstraintsSchema, ControlStatus, ControlStatusSchema, GoldenThreadSchema, Governance, GovernanceSchema, GovernanceTokenCapabilityClaims, GovernanceTokenCapabilityClaimsSchema, GovernanceTokenControlClaims, GovernanceTokenControlClaimsSchema, GovernanceTokenGovernanceClaims, GovernanceTokenGovernanceClaimsSchema, GovernanceTokenIdentityClaims, GovernanceTokenIdentityClaimsSchema, GovernanceTokenLineageClaims, GovernanceTokenLineageClaimsSchema, GovernanceTokenPayload, GovernanceTokenPayloadSchema, IntentSchema, JurisdictionClassificationSchema, KillSwitchCommand, KillSwitchCommandSchema, KillSwitchCommandType, KillSwitchCommandTypeSchema, Lineage, LineageSchema, OperatingModeSchema, Owner, OwnerSchema, PolicyCapabilitiesSchema, PolicyFileSchema, PolicyRuleEffect, PolicyRuleEffectSchema, PolicyRuleSchema, RiskFactorsSchema, RiskLevelSchema, RuntimeIdentity, RuntimeIdentitySchema, TechnicalSchema, TrustworthinessCharacteristic, TrustworthinessCharacteristicSchema, TrustworthinessSchema } from './schemas/index.mjs';
 import { z } from 'zod';
+export { AIR, AIRBuildConstraints, AIRBuildConstraintsSchema, AIRMetadata, AIRMetadataSchema, AIRModel, AIRModelSchema, AIRPIIFilterConfig, AIRPIIFilterConfigSchema, AIRPolicySource, AIRPolicySourceSchema, AIRRegion, AIRRegionSchema, AIRRegistryConstraints, AIRRegistryConstraintsSchema, AIRRuntimeConstraints, AIRRuntimeConstraintsSchema, AIRSchema, AIRToxicityFilterConfig, AIRToxicityFilterConfigSchema, AIRVendor, AIRVendorSchema, createEmptyAIR, isModelAllowed, isRegionAllowed, isVendorAllowed, validateAIR } from './air/index.mjs';
+export { GovernanceLock, GovernanceLockBuildConstraints, GovernanceLockBuildConstraintsSchema, GovernanceLockConstraints, GovernanceLockConstraintsSchema, GovernanceLockPolicySource, GovernanceLockPolicySourceSchema, GovernanceLockRegistryConstraints, GovernanceLockRegistryConstraintsSchema, GovernanceLockRuntimeConstraints, GovernanceLockRuntimeConstraintsSchema, GovernanceLockSchema, GovernanceLockSignature, GovernanceLockSignatureSchema, GovernanceLockValidationResult, addSignature, computeHash, createGovernanceLock, createSigningPayload, getDaysUntilExpiration, isGovernanceLockExpired, isModelAllowedByLock, isRegionAllowedByLock, isVendorAllowedByLock, parseGovernanceLockJSON, parseGovernanceLockYAML, serializeGovernanceLockJSON, serializeGovernanceLockYAML, validateGovernanceLock } from './governance-lock/index.mjs';
-type RiskLevel = "minimal" | "limited" | "high" | "unacceptable";
 interface ClassificationResult {
     riskLevel: RiskLevel;
     reasons: string[];
@@ -12,6 +13,57 @@ interface ClassificationResult {
 declare function classifyRisk(factors: RiskFactors): ClassificationResult;
 declare function validateRiskFactors(factors: RiskFactors): boolean;
+/**
+ * Risk Level Utility Functions (AIGOS-105)
+ * Provides consistent operations for comparing and mapping risk levels
+ */
+/**
+ * Compare two risk levels
+ * @returns -1 if a < b, 0 if a == b, 1 if a > b
+ */
+declare function compareRiskLevels(a: RiskLevel, b: RiskLevel): -1 | 0 | 1;
+/**
+ * Check if a risk level is at least as severe as a threshold
+ */
+declare function isRiskLevelAtLeast(level: RiskLevel, threshold: RiskLevel): boolean;
+/**
+ * Check if a risk level is at most as severe as a threshold
+ */
+declare function isRiskLevelAtMost(level: RiskLevel, threshold: RiskLevel): boolean;
+/**
+ * Get the ordinal value (0-3) of a risk level
+ */
+declare function getRiskLevelOrdinal(level: RiskLevel): number;
+/**
+ * Get the maximum (most severe) risk level from an array
+ */
+declare function getMaxRiskLevel(levels: RiskLevel[]): RiskLevel;
+/**
+ * Get the minimum (least severe) risk level from an array
+ */
+declare function getMinRiskLevel(levels: RiskLevel[]): RiskLevel;
+/**
+ * Map an AIGOS risk level to EU AI Act category
+ */
+declare function mapToEuAiActCategory(level: RiskLevel): string;
+/**
+ * Get all risk levels at or above a threshold
+ */
+declare function getRiskLevelsAtLeast(threshold: RiskLevel): RiskLevel[];
+/**
+ * Get all risk levels at or below a threshold
+ */
+declare function getRiskLevelsAtMost(threshold: RiskLevel): RiskLevel[];
+/**
+ * Parse a string to a RiskLevel, returning undefined if invalid
+ */
+declare function parseRiskLevel(value: string): RiskLevel | undefined;
+/**
+ * Check if a value is a valid RiskLevel
+ */
+declare function isValidRiskLevel(value: unknown): value is RiskLevel;
 interface CreateAssetCardOptions {
     name: string;
     description?: string;
@@ -66,6 +118,65 @@ interface TicketInfo {
     businessJustification?: string;
     riskTolerance?: "low" | "medium" | "high";
 }
+interface GoldenThreadComponents {
+    ticket_id: string;
+    approved_by: string;
+    approved_at: string;
+}
+interface GoldenThreadHashResult {
+    canonical_string: string;
+    hash: string;
+}
+interface GoldenThreadVerificationResult {
+    verified: boolean;
+    computed: string;
+    expected: string;
+    mismatch_reason?: string;
+}
+/**
+ * Compute the canonical string for Golden Thread hashing.
+ * Format: approved_at={ISO8601}|approved_by={email}|ticket_id={id}
+ * Fields are sorted alphabetically with pipe delimiters.
+ *
+ * Test Vector:
+ * Input: ticket_id=FIN-1234, approved_by=ciso@corp.com, approved_at=2025-01-15T10:30:00Z
+ * Output: "approved_at=2025-01-15T10:30:00Z|approved_by=ciso@corp.com|ticket_id=FIN-1234"
+ */
+declare function computeCanonicalString(components: GoldenThreadComponents): string;
+/**
+ * Compute SHA-256 hash of the Golden Thread canonical string.
+ * Output format: sha256:{64 lowercase hex chars}
+ *
+ * Test Vector:
+ * Input: FIN-1234 | ciso@corp.com | 2025-01-15T10:30:00Z
+ * Output: sha256:7d865e959b2466918c9863afca942d0fb89d7c9ac0c99bafc3749504ded97730
+ */
+declare function computeGoldenThreadHash(components: GoldenThreadComponents): Promise<GoldenThreadHashResult>;
+/**
+ * Synchronous hash computation using Node.js crypto (for Node environments)
+ */
+declare function computeGoldenThreadHashSync(components: GoldenThreadComponents): GoldenThreadHashResult;
+/**
+ * Verify a Golden Thread hash against computed value.
+ * Uses constant-time comparison for security.
+ */
+declare function verifyGoldenThreadHash(components: GoldenThreadComponents, expectedHash: string): Promise<GoldenThreadVerificationResult>;
+/**
+ * Synchronous hash verification
+ */
+declare function verifyGoldenThreadHashSync(components: GoldenThreadComponents, expectedHash: string): GoldenThreadVerificationResult;
+/**
+ * Extract Golden Thread components from an Asset Card
+ */
+declare function extractGoldenThreadComponents(asset: AssetCard): GoldenThreadComponents | null;
+/**
+ * Create a complete Golden Thread object with computed hash
+ */
+declare function createGoldenThread(components: GoldenThreadComponents): Promise<GoldenThread>;
+/**
+ * Synchronous version of createGoldenThread
+ */
+declare function createGoldenThreadSync(components: GoldenThreadComponents): GoldenThread;
 interface LinkResult {
     success: boolean;
     intent: Intent;
@@ -77,6 +188,53 @@ declare function validateGoldenThread(asset: AssetCard): {
     healthScore: number;
     issues: string[];
 };
+/** Supported signature algorithms */
+type SignatureAlgorithm = "RSA-SHA256" | "ECDSA-P256";
+/** Result of signature verification */
+interface SignatureVerificationResult {
+    /** Whether signature is valid */
+    verified: boolean;
+    /** Algorithm used */
+    algorithm: SignatureAlgorithm | null;
+    /** Error message if verification failed */
+    error?: string;
+    /** The data that was signed (canonical string) */
+    signedData?: string;
+}
+/** Public key for signature verification */
+interface SignaturePublicKey {
+    /** Algorithm this key is for */
+    algorithm: SignatureAlgorithm;
+    /** PEM-encoded public key or JWK */
+    key: string;
+    /** Key ID for key rotation */
+    keyId?: string;
+}
+/**
+ * Parse a signature string in format: {ALGORITHM}:{BASE64_SIGNATURE}
+ */
+declare function parseSignature(signature: string): {
+    algorithm: SignatureAlgorithm;
+    data: Uint8Array;
+} | null;
+/**
+ * Verify a Golden Thread signature using Web Crypto API.
+ *
+ * @param components - The Golden Thread components that were signed
+ * @param signature - The signature in format {ALGORITHM}:{BASE64_SIGNATURE}
+ * @param publicKey - The public key for verification
+ * @returns Verification result
+ */
+declare function verifyGoldenThreadSignature(components: GoldenThreadComponents, signature: string, publicKey: SignaturePublicKey): Promise<SignatureVerificationResult>;
+/**
+ * Synchronous signature verification using Node.js crypto
+ */
+declare function verifyGoldenThreadSignatureSync(components: GoldenThreadComponents, signature: string, publicKeyPem: string): SignatureVerificationResult;
+/**
+ * Sign Golden Thread components (for testing/tooling)
+ * Note: privateKey should be a CryptoKey from Web Crypto API
+ */
+declare function signGoldenThread(components: GoldenThreadComponents, privateKey: unknown, algorithm: SignatureAlgorithm): Promise<string>;
 declare const ConfidenceLevelSchema: z.ZodEnum<["high", "medium", "low"]>;
 type ConfidenceLevel = z.infer<typeof ConfidenceLevelSchema>;
@@ -219,8 +377,313 @@ declare function isModelFile(filePath: string): boolean;
 declare function detectAnnotations(filePath: string, lines: string[], patterns: PatternDefinition[]): DetectionResult[];
+/** Configuration file names to search for (in order of precedence) */
+declare const CONFIG_FILE_NAMES: readonly [".aigrc.yaml", ".aigrc.yml", "aigrc.yaml", "aigrc.yml"];
+/** Environment variable for config path override */
+declare const CONFIG_ENV_VAR = "AIGRC_CONFIG_PATH";
+/** Result of configuration discovery */
+interface ConfigDiscoveryResult {
+    /** The discovered configuration */
+    config: AigrcConfig;
+    /** Absolute path to the configuration file */
+    configPath: string;
+    /** Directory containing the configuration */
+    configDir: string;
+    /** Whether this was loaded from environment variable */
+    fromEnv: boolean;
+}
+/** Options for configuration discovery */
+interface DiscoverConfigOptions {
+    /** Starting directory for search (defaults to cwd) */
+    startDir?: string;
+    /** Maximum directories to traverse upward (default: 10) */
+    maxDepth?: number;
+    /** Override config path (equivalent to AIGRC_CONFIG_PATH) */
+    configPath?: string;
+}
+/**
+ * Discovers and loads the AIGRC configuration file.
+ *
+ * Search order:
+ * 1. Explicit configPath option
+ * 2. AIGRC_CONFIG_PATH environment variable
+ * 3. Walking up from startDir looking for config files
+ *
+ * @param options Discovery options
+ * @returns Configuration result or null if not found
+ */
+declare function discoverConfig(options?: DiscoverConfigOptions): ConfigDiscoveryResult | null;
+/**
+ * Synchronously discovers configuration
+ */
+declare function discoverConfigSync(options?: DiscoverConfigOptions): ConfigDiscoveryResult | null;
+/** Result of policy discovery */
+interface PolicyDiscoveryResult {
+    /** Loaded policies indexed by ID */
+    policies: Map<string, PolicyFile>;
+    /** Paths of loaded policy files */
+    loadedPaths: string[];
+    /** Errors encountered during loading */
+    errors: PolicyLoadError[];
+}
+/** Error during policy loading */
+interface PolicyLoadError {
+    path: string;
+    error: string;
+}
+/** Options for policy discovery */
+interface DiscoverPoliciesOptions {
+    /** Configuration to use for policy paths */
+    config?: AigrcConfig;
+    /** Base directory for relative paths */
+    baseDir?: string;
+    /** Additional paths to search */
+    additionalPaths?: string[];
+}
+/**
+ * Discovers and loads all policy files.
+ *
+ * @param options Discovery options
+ * @returns Map of policy ID to PolicyFile
+ */
+declare function discoverPolicies(options?: DiscoverPoliciesOptions): PolicyDiscoveryResult;
+/**
+ * Loads a specific policy by ID
+ */
+declare function loadPolicy(policyId: string, options?: DiscoverPoliciesOptions): PolicyFile | null;
+/** Result of asset card discovery */
+interface AssetDiscoveryResult {
+    /** Loaded asset cards indexed by ID */
+    assets: Map<string, AssetCard>;
+    /** Paths of loaded asset files */
+    loadedPaths: string[];
+    /** Errors encountered during loading */
+    errors: AssetLoadError[];
+}
+/** Error during asset loading */
+interface AssetLoadError {
+    path: string;
+    error: string;
+}
+/** Options for asset discovery */
+interface DiscoverAssetsOptions {
+    /** Configuration to use for asset paths */
+    config?: AigrcConfig;
+    /** Base directory for relative paths */
+    baseDir?: string;
+    /** Additional paths to search */
+    additionalPaths?: string[];
+}
+/**
+ * Discovers and loads all asset cards.
+ *
+ * @param options Discovery options
+ * @returns Map of asset ID to AssetCard
+ */
+declare function discoverAssets(options?: DiscoverAssetsOptions): AssetDiscoveryResult;
+/**
+ * Loads a specific asset by ID
+ */
+declare function loadAsset(assetId: string, options?: DiscoverAssetsOptions): AssetCard | null;
+/**
+ * Loads an asset card from a specific file path
+ */
+declare function loadAssetFromPath(filePath: string): AssetCard | null;
+/**
+ * Gets the effective configuration for an environment.
+ * Merges base config with environment-specific overrides.
+ *
+ * @param config Base configuration
+ * @param environment Environment name (e.g., "production", "development")
+ * @returns Merged configuration
+ */
+declare function getEnvironmentConfig(config: AigrcConfig, environment: string): AigrcConfig;
+/**
+ * Gets the current environment name from environment variables.
+ * Checks NODE_ENV, AIGRC_ENV in order.
+ */
+declare function getCurrentEnvironment(): string;
+/**
+ * Creates a default configuration
+ */
+declare function createDefaultConfig(): AigrcConfig;
+/** Maximum inheritance depth to prevent infinite loops */
+declare const MAX_INHERITANCE_DEPTH = 10;
+/** Error thrown when policy resolution fails */
+declare class PolicyResolutionError extends Error {
+    readonly policyId: string;
+    readonly cause?: unknown | undefined;
+    constructor(message: string, policyId: string, cause?: unknown | undefined);
+}
+/** Result of policy resolution */
+interface ResolvedPolicy {
+    /** The fully resolved policy (all inheritance applied) */
+    policy: PolicyFile;
+    /** Chain of policy IDs from root to this policy */
+    inheritanceChain: string[];
+    /** Number of policies in the chain */
+    depth: number;
+}
+/** Policy repository for loading policies by ID */
+interface PolicyRepository {
+    /** Gets a policy by ID */
+    get(id: string): PolicyFile | undefined;
+    /** Checks if a policy exists */
+    has(id: string): boolean;
+}
+/**
+ * Creates a PolicyRepository from a Map
+ */
+declare function createPolicyRepository(policies: Map<string, PolicyFile>): PolicyRepository;
+/**
+ * Resolves a policy by ID, applying all inherited policies.
+ *
+ * @param policyId The ID of the policy to resolve
+ * @param repository Repository for loading policies
+ * @returns Resolved policy with all inheritance applied
+ */
+declare function resolvePolicy(policyId: string, repository: PolicyRepository): ResolvedPolicy;
+/**
+ * Merges two policies, with the child taking precedence.
+ *
+ * Merge rules:
+ * - Scalar values: child overrides parent
+ * - Arrays (rules): child's rules are appended after parent's
+ * - Capabilities: deep merge with child overriding
+ * - applies_to: replaced entirely by child if specified
+ */
+declare function mergePolicies(parent: PolicyFile, child: PolicyFile): PolicyFile;
+/** Context for policy evaluation */
+interface PolicyEvaluationContext {
+    /** Current risk level of the agent */
+    riskLevel: RiskLevel;
+    /** Current operating mode */
+    mode: OperatingMode;
+    /** Current timestamp (ISO 8601) */
+    timestamp?: string;
+    /** Custom context values */
+    custom?: Record<string, unknown>;
+}
+/** Result of evaluating a policy rule */
+interface PolicyEvaluationResult {
+    /** Whether the action is allowed */
+    allowed: boolean;
+    /** Effect that was applied */
+    effect: "allow" | "deny" | "audit";
+    /** Rule that matched, if any */
+    matchedRule?: PolicyRule;
+    /** Whether any rule matched */
+    matched: boolean;
+    /** Reason for the decision */
+    reason: string;
+}
+/**
+ * Evaluates a policy for a given action and resource.
+ *
+ * @param policy The resolved policy to evaluate
+ * @param action The action being performed (e.g., "read_file")
+ * @param resource The resource being accessed (e.g., "/path/to/file")
+ * @param context Evaluation context
+ * @returns Evaluation result
+ */
+declare function evaluatePolicy(policy: PolicyFile, action: string, resource: string, context: PolicyEvaluationContext): PolicyEvaluationResult;
+/**
+ * Checks if an action is allowed by capability lists.
+ * Uses tool allow/deny lists for quick checks without full rule evaluation.
+ */
+declare function isToolAllowed(tool: string, capabilities?: PolicyCapabilities): boolean;
+/**
+ * Checks if a domain is allowed by capability lists.
+ */
+declare function isDomainAllowed(domain: string, capabilities?: PolicyCapabilities): boolean;
+/** Policy selection criteria */
+interface PolicySelectionCriteria {
+    /** Asset ID to match */
+    assetId: string;
+    /** Risk level of the agent */
+    riskLevel: RiskLevel;
+    /** Operating mode */
+    mode: OperatingMode;
+    /** Tags associated with the agent */
+    tags?: string[];
+    /** Environment (e.g., "production", "staging") */
+    environment?: string;
+}
+/** Policy selection result */
+interface PolicySelectionResult {
+    /** The selected policy (null if none found) */
+    policy: PolicyFile | null;
+    /** Policy ID */
+    policyId: string | null;
+    /** How the policy was selected */
+    selectionReason: PolicySelectionReason;
+    /** Policies that were considered */
+    candidatePolicies: string[];
+    /** Score breakdown for the selected policy */
+    score?: PolicyScore;
+}
+/** Reason for policy selection */
+type PolicySelectionReason = "explicit_match" | "risk_level_match" | "tag_match" | "wildcard_match" | "default_policy" | "no_policy_found";
+/** Score breakdown for policy selection */
+interface PolicyScore {
+    /** Total score */
+    total: number;
+    /** Explicit asset match bonus */
+    explicitMatch: number;
+    /** Risk level match bonus */
+    riskLevelMatch: number;
+    /** Tag match count */
+    tagMatches: number;
+    /** Priority from policy */
+    priority: number;
+}
+/**
+ * Selects the best policy for an agent based on criteria.
+ *
+ * Selection algorithm:
+ * 1. Filter policies by applies_to (asset ID or wildcard)
+ * 2. Score remaining policies:
+ *    - Explicit asset match: +100
+ *    - Risk level match: +50
+ *    - Each tag match: +10
+ *    - Policy priority: +priority value
+ * 3. Return highest scoring policy
+ *
+ * @param criteria Selection criteria
+ * @param repository Policy repository
+ * @param defaultPolicyId Optional default policy ID
+ * @returns Selected policy result
+ */
+declare function selectPolicy(criteria: PolicySelectionCriteria, repository: PolicyRepository, defaultPolicyId?: string): PolicySelectionResult;
+/**
+ * Creates a policy selector with caching for repeated lookups.
+ */
+interface PolicySelector {
+    /** Select a policy for given criteria */
+    select(criteria: PolicySelectionCriteria): PolicySelectionResult;
+    /** Clear the cache */
+    clearCache(): void;
+    /** Get cache statistics */
+    getCacheStats(): {
+        hits: number;
+        misses: number;
+        size: number;
+    };
+}
+/**
+ * Creates a policy selector with LRU caching.
+ *
+ * @param repository Policy repository
+ * @param defaultPolicyId Default policy ID
+ * @param cacheSize Maximum cache size (default: 100)
+ * @returns Policy selector
+ */
+declare function createPolicySelector(repository: PolicyRepository, defaultPolicyId?: string, cacheSize?: number): PolicySelector;
 declare function formatDate(date: Date): string;
 declare function parseDate(dateString: string): Date;
 declare function slugify(text: string): string;
-export { AssetCard, type AssetCardSuggestion, type ClassificationResult, type ConfidenceLevel, ConfidenceLevelSchema, type CreateAssetCardOptions, type DetectionResult, type DetectionStrategy, DetectionStrategySchema, type FrameworkCategory, FrameworkCategorySchema, Intent, JurisdictionClassification, type LinkResult, MODEL_EXTENSIONS, type PatternDefinition, type PatternLanguage, type PatternRule, type PatternRuleType, RiskFactors, type RiskImplication, type RiskLevel, type ScanError, type ScanOptions, type ScanProgress, type ScanProgressCallback, type ScanResult, type ScanSummary, Technical, type TicketInfo, Trustworthiness, addJurisdiction, analyzeImports, applyImplicationChains, classifyRisk, clearRegistry, createAssetCard, createImplication, detectAnnotations, formatDate, generateAssetId, getAllPatterns, getPattern, getPatternsByCategory, getPatternsByLanguage, inferRiskFactors, initializePatterns, isModelFile, isRegistryInitialized, javascriptPatterns, linkAssetToTicket, loadAssetCard, matchPatterns, modelFilePatterns, parseDate, pythonPatterns, registerPattern, resetPatterns, riskIndicatorPatterns, saveAssetCard, scan, scanFileExtension, scanSync, slugify, suggestAssetCard, updateJurisdictionCompliance, validateAssetCard, validateGoldenThread, validateRiskFactors };
+export { AigrcConfig, AssetCard, type AssetCardSuggestion, type AssetDiscoveryResult, type AssetLoadError, CONFIG_ENV_VAR, CONFIG_FILE_NAMES, type ClassificationResult, type ConfidenceLevel, ConfidenceLevelSchema, type ConfigDiscoveryResult, type CreateAssetCardOptions, type DetectionResult, type DetectionStrategy, DetectionStrategySchema, type DiscoverAssetsOptions, type DiscoverConfigOptions, type DiscoverPoliciesOptions, type FrameworkCategory, FrameworkCategorySchema, GoldenThread, type GoldenThreadComponents, type GoldenThreadHashResult, type GoldenThreadVerificationResult, Intent, JurisdictionClassification, type LinkResult, MAX_INHERITANCE_DEPTH, MODEL_EXTENSIONS, OperatingMode, type PatternDefinition, type PatternLanguage, type PatternRule, type PatternRuleType, PolicyCapabilities, type PolicyDiscoveryResult, type PolicyEvaluationContext, type PolicyEvaluationResult, PolicyFile, type PolicyLoadError, type PolicyRepository, PolicyResolutionError, PolicyRule, type PolicyScore, type PolicySelectionCriteria, type PolicySelectionReason, type PolicySelectionResult, type PolicySelector, type ResolvedPolicy, RiskFactors, type RiskImplication, RiskLevel, type ScanError, type ScanOptions, type ScanProgress, type ScanProgressCallback, type ScanResult, type ScanSummary, type SignatureAlgorithm, type SignaturePublicKey, type SignatureVerificationResult, Technical, type TicketInfo, Trustworthiness, addJurisdiction, analyzeImports, applyImplicationChains, classifyRisk, clearRegistry, compareRiskLevels, computeCanonicalString, computeGoldenThreadHash, computeGoldenThreadHashSync, createAssetCard, createDefaultConfig, createGoldenThread, createGoldenThreadSync, createImplication, createPolicyRepository, createPolicySelector, detectAnnotations, discoverAssets, discoverConfig, discoverConfigSync, discoverPolicies, evaluatePolicy, extractGoldenThreadComponents, formatDate, generateAssetId, getAllPatterns, getCurrentEnvironment, getEnvironmentConfig, getMaxRiskLevel, getMinRiskLevel, getPattern, getPatternsByCategory, getPatternsByLanguage, getRiskLevelOrdinal, getRiskLevelsAtLeast, getRiskLevelsAtMost, inferRiskFactors, initializePatterns, isDomainAllowed, isModelFile, isRegistryInitialized, isRiskLevelAtLeast, isRiskLevelAtMost, isToolAllowed, isValidRiskLevel, javascriptPatterns, linkAssetToTicket, loadAsset, loadAssetCard, loadAssetFromPath, loadPolicy, mapToEuAiActCategory, matchPatterns, mergePolicies, modelFilePatterns, parseDate, parseRiskLevel, parseSignature, pythonPatterns, registerPattern, resetPatterns, resolvePolicy, riskIndicatorPatterns, saveAssetCard, scan, scanFileExtension, scanSync, selectPolicy, signGoldenThread, slugify, suggestAssetCard, updateJurisdictionCompliance, validateAssetCard, validateGoldenThread, validateRiskFactors, verifyGoldenThreadHash, verifyGoldenThreadHashSync, verifyGoldenThreadSignature, verifyGoldenThreadSignatureSync };