@aikdna/kdna-core 0.4.0 → 0.6.0

package/src/types.d.ts

@@ -203,15 +203,29 @@ export interface KDNAFileDataMap {
 }
 
 export interface KDNAManifest {
-  kdna_spec: string;
+  format: 'kdna';
+  format_version: '1.0';
+  spec_version: string;
   name: string;
   version: string;
-  status: 'experimental' | 'basic' | 'stable' | 'pro';
+  judgment_version: string;
+  status: 'draft' | 'experimental' | 'stable' | 'deprecated' | 'staging';
+  quality_badge: 'untested' | 'tested' | 'validated' | 'expert_reviewed' | 'production_ready';
   access: 'open' | 'licensed' | 'runtime';
-  language: string;
-  author: { name: string; id?: string };
+  language?: string;
+  default_language: string;
+  languages: string[];
+  author: { name: string; id?: string; pubkey?: string; public_key_pem?: string };
   license: { type: string; url?: string };
   description: string;
+  keywords?: string[];
+  encryption?: {
+    profile?: string;
+    encrypted_entries?: string[];
+    [key: string]: any;
+  };
+  content_digest?: string;
+  signature?: string;
 }
 
 export interface LintResult {
@@ -241,6 +255,235 @@ export function formatContext(domain: LoadedDomain): string;
 
 export const FILE_MAP: Record<string, string>;
 
+// Asset reader — direct .kdna API
+export const STANDARD_ENTRIES: string[];
+
+export interface KdnaAsset {
+  path: string | null;
+  size: number;
+  asset_digest: string;
+  entries: Map<string, unknown>;
+  readEntry(name: string): Uint8Array;
+}
+
+export interface KdnaAssetVerifyResult {
+  ok: boolean;
+  errors: string[];
+  warnings: string[];
+  entries: string[];
+  manifest: KDNAManifest | null;
+  asset_digest: string;
+  content_digest: string;
+  signature_valid: boolean | null;
+}
+
+export interface KdnaAssetIndexProfile {
+  profile: 'index';
+  manifest: KDNAManifest;
+  asset_digest: string;
+  content_digest: string;
+  entries: string[];
+  name: string | null;
+  version: string | null;
+  judgment_version: string | null;
+  keywords: string[];
+}
+
+export interface KdnaAssetLoadProfile {
+  profile: string;
+  manifest: KDNAManifest;
+  domain: LoadedDomain | null;
+  context: string | null;
+}
+
+export interface KdnaAssetReader {
+  openSync(input: string | Uint8Array): KdnaAsset;
+  open(input: string | Uint8Array): Promise<KdnaAsset>;
+  listEntriesSync(asset: KdnaAsset): string[];
+  listEntries(asset: KdnaAsset): Promise<string[]>;
+  readEntrySync(asset: KdnaAsset, entryName: string): Uint8Array;
+  readEntrySync(asset: KdnaAsset, entryName: string, encoding: string): string;
+  readEntry(asset: KdnaAsset, entryName: string): Promise<Uint8Array>;
+  readEntry(asset: KdnaAsset, entryName: string, encoding: string): Promise<string>;
+  readJsonSync(asset: KdnaAsset, entryName: string, options?: KdnaDecryptOptions): any;
+  readJson(asset: KdnaAsset, entryName: string, options?: KdnaDecryptOptions): Promise<any>;
+  readManifestSync(asset: KdnaAsset): KDNAManifest;
+  readManifest(asset: KdnaAsset): Promise<KDNAManifest>;
+  readDataMapSync(
+    asset: KdnaAsset,
+    entries?: string[],
+    options?: KdnaDecryptOptions,
+  ): KDNAFileDataMap;
+  readDataMap(
+    asset: KdnaAsset,
+    entries?: string[],
+    options?: KdnaDecryptOptions,
+  ): Promise<KDNAFileDataMap>;
+  contentDigestSync(asset: KdnaAsset): string;
+  contentDigest(asset: KdnaAsset): Promise<string>;
+  verifySync(
+    asset: KdnaAsset,
+    options?: {
+      asset_digest?: string;
+      content_digest?: string;
+      requireSignature?: boolean;
+      requireDecryption?: boolean;
+    } & KdnaDecryptOptions,
+  ): KdnaAssetVerifyResult;
+  verify(
+    asset: KdnaAsset,
+    options?: {
+      asset_digest?: string;
+      content_digest?: string;
+      requireSignature?: boolean;
+      requireDecryption?: boolean;
+    } & KdnaDecryptOptions,
+  ): Promise<KdnaAssetVerifyResult>;
+  loadProfileSync(
+    asset: KdnaAsset,
+    profile: 'index',
+    options?: { input?: string; context?: boolean } & KdnaDecryptOptions,
+  ): KdnaAssetIndexProfile;
+  loadProfileSync(
+    asset: KdnaAsset,
+    profile?: 'compact' | 'scenario' | 'full' | string,
+    options?: { input?: string; context?: boolean } & KdnaDecryptOptions,
+  ): KdnaAssetLoadProfile;
+  loadProfile(
+    asset: KdnaAsset,
+    profile: 'index',
+    options?: { input?: string; context?: boolean } & KdnaDecryptOptions,
+  ): Promise<KdnaAssetIndexProfile>;
+  loadProfile(
+    asset: KdnaAsset,
+    profile?: 'compact' | 'scenario' | 'full' | string,
+    options?: { input?: string; context?: boolean } & KdnaDecryptOptions,
+  ): Promise<KdnaAssetLoadProfile>;
+}
+
+export interface KdnaDecryptOptions {
+  decryptEntry?: (args: {
+    asset: KdnaAsset;
+    manifest: KDNAManifest;
+    entryName: string;
+    ciphertext: Uint8Array;
+  }) => string | Uint8Array | Promise<string | Uint8Array>;
+}
+
+export function createKdnaAssetReader(): KdnaAssetReader;
+
+export const LICENSED_ENTRY_PROFILE: string;
+
+export interface LicensedEntryEnvelope {
+  profile: string;
+  alg: 'AES-256-GCM';
+  kdf: 'scrypt-sha256';
+  salt: string;
+  iv: string;
+  tag: string;
+  ciphertext: string;
+}
+
+export function deriveLicensedEntryKey(options: {
+  licenseKey: string;
+  machineFingerprint: string;
+  salt: string | Uint8Array;
+  keyLength?: number;
+}): Uint8Array;
+
+export function encryptLicensedEntry(
+  plaintext: string | Uint8Array,
+  options: {
+    entryName: string;
+    manifest?: KDNAManifest;
+    licenseKey: string;
+    machineFingerprint: string;
+  },
+): LicensedEntryEnvelope;
+
+export function decryptLicensedEntry(
+  envelope: string | Uint8Array | LicensedEntryEnvelope,
+  options: {
+    entryName: string;
+    manifest?: KDNAManifest;
+    licenseKey: string;
+    machineFingerprint: string;
+  },
+): Uint8Array;
+
+export function createLicensedDecryptEntry(options: {
+  licenseKey: string;
+  machineFingerprint: string;
+}): NonNullable<KdnaDecryptOptions['decryptEntry']>;
+
+// Stable public API — preferred entry points for third-party integrations.
+export type KDNAAssetInput = string | Uint8Array | KdnaAsset;
+
+export interface KDNAInspectResult {
+  name: string | null;
+  version: string | null;
+  judgment_version: string | null;
+  access: string;
+  status: string | null;
+  quality_badge: string | null;
+  risk_level: string | null;
+  keywords: string[];
+  entries: string[];
+  asset_digest: string;
+  content_digest: string;
+  signature_valid: boolean | null;
+  ok: boolean | null;
+  errors: string[];
+  warnings: string[];
+  manifest: KDNAManifest;
+}
+
+export interface KDNAValidationReport {
+  ok: boolean;
+  errors: string[];
+  warnings: string[];
+  asset: KdnaAssetVerifyResult;
+  lint: LintResult;
+  schema: ValidationResult;
+  cross_file: ValidationResult;
+}
+
+export interface KDNAMatchResult extends KDNAInspectResult {
+  score: number;
+  matched: string[];
+}
+
+export interface KDNAComposeResult {
+  domains: Array<LoadedDomain & { id?: string; name?: string; manifest?: KDNAManifest }>;
+  activeDomains: Array<LoadedDomain & { id?: string; name?: string; manifest?: KDNAManifest }>;
+  selected: Array<{ id: string; name?: string; role?: string; reason: string }>;
+  excluded: Array<{ id: string; name?: string; role?: string; reason: string }>;
+  conflicts: Array<{ type: string; domains: string[]; description: string }>;
+  context: string;
+  attributionMap: Record<string, any>;
+  trace: Record<string, any>;
+}
+
+export function openKDNA(input: KDNAAssetInput): Promise<KdnaAsset>;
+export function openKDNASync(input: KDNAAssetInput): KdnaAsset;
+export function inspectKDNA(input: KDNAAssetInput, options?: { verify?: boolean } & KdnaDecryptOptions): Promise<KDNAInspectResult>;
+export function inspectKDNASync(input: KDNAAssetInput, options?: { verify?: boolean } & KdnaDecryptOptions): KDNAInspectResult;
+export function loadKDNA(input: KDNAAssetInput, options?: { profile?: 'index' | 'compact' | 'scenario' | 'full' | string; input?: string; context?: boolean } & KdnaDecryptOptions): Promise<KdnaAssetIndexProfile | KdnaAssetLoadProfile>;
+export function loadKDNASync(input: KDNAAssetInput, options?: { profile?: 'index' | 'compact' | 'scenario' | 'full' | string; input?: string; context?: boolean } & KdnaDecryptOptions): KdnaAssetIndexProfile | KdnaAssetLoadProfile;
+export function validateKDNA(input: KDNAAssetInput, options?: { schemas?: Record<string, any>; requireSignature?: boolean; requireDecryption?: boolean } & KdnaDecryptOptions): Promise<KDNAValidationReport>;
+export function validateKDNASync(input: KDNAAssetInput, options?: { schemas?: Record<string, any>; requireSignature?: boolean; requireDecryption?: boolean } & KdnaDecryptOptions): KDNAValidationReport;
+export function renderForAgent(input: KDNAAssetInput, options?: { profile?: 'compact' | 'scenario' | 'full' | string; input?: string } & KdnaDecryptOptions): Promise<string>;
+export function renderForAgentSync(input: KDNAAssetInput, options?: { profile?: 'compact' | 'scenario' | 'full' | string; input?: string } & KdnaDecryptOptions): string;
+export function verifyAsset(input: KDNAAssetInput, options?: { asset_digest?: string; content_digest?: string; requireSignature?: boolean; requireDecryption?: boolean } & KdnaDecryptOptions): Promise<KdnaAssetVerifyResult>;
+export function verifyAssetSync(input: KDNAAssetInput, options?: { asset_digest?: string; content_digest?: string; requireSignature?: boolean; requireDecryption?: boolean } & KdnaDecryptOptions): KdnaAssetVerifyResult;
+export function verifyDigest(input: KDNAAssetInput, expectedDigest: string, options?: KdnaDecryptOptions): Promise<KdnaAssetVerifyResult>;
+export function verifyDigestSync(input: KDNAAssetInput, expectedDigest: string, options?: KdnaDecryptOptions): KdnaAssetVerifyResult;
+export function verifySignature(input: KDNAAssetInput, options?: KdnaDecryptOptions): Promise<KdnaAssetVerifyResult>;
+export function verifySignatureSync(input: KDNAAssetInput, options?: KdnaDecryptOptions): KdnaAssetVerifyResult;
+export function matchDomain(input: string, candidates: Array<KDNAAssetInput | KDNAInspectResult>, options?: KdnaDecryptOptions): Promise<KDNAMatchResult[]>;
+export function matchDomainSync(input: string, candidates: Array<KDNAAssetInput | KDNAInspectResult>, options?: KdnaDecryptOptions): KDNAMatchResult[];
+export function composeKDNA(inputs: KDNAAssetInput[], options?: { input?: string; profile?: 'compact' | 'scenario' | 'full' | string; separator?: string } & KdnaDecryptOptions): Promise<KDNAComposeResult>;
+
 // Lint
 export function lintDomain(dataMap: KDNAFileDataMap): LintResult;
 

package/src/validate-pure.js

@@ -45,9 +45,6 @@ function validateDomainSchema(dataMap, schemaMap) {
     return { valid: true, errors: [], warnings };
   }
 
-  let validCount = 0;
-  let failCount = 0;
-
   for (const [file, schemaFile] of Object.entries(FILE_TO_SCHEMA)) {
     if (!dataMap[file]) continue;
     if (!schemaMap[schemaFile]) {
@@ -69,10 +66,7 @@ function validateDomainSchema(dataMap, schemaMap) {
     const validate = ajvInstance.compile(schema);
     const valid = validate(dataMap[file]);
 
-    if (valid) {
-      validCount++;
-    } else {
-      failCount++;
+    if (!valid) {
       for (const err of validate.errors || []) {
         const instancePath = err.instancePath || '/';
         errors.push(`${file}${instancePath}: ${err.message} (${err.keyword})`);