@argosvix/sdk 0.4.1-alpha.1 → 0.4.3-alpha.1

package/README.md

@@ -103,6 +103,87 @@ export default {
 
 Long-running Node processes (Express, Next.js dev server, classic servers) do not need this — the buffer auto-flushes well before process exit.
 
+## Runtime control plane (ランタイム制御プレーン)
+
+Observability tells you what an agent *did*. The runtime control plane lets a human
+bound what an agent *can do* — enforced inside your process, configured from the
+dashboard / chat / MCP without touching agent code.
+
+There are three gates. The first two are enforced inside `wrap(...)` by evaluating
+cached backend config locally (no proxy, no per-call round trip). The third is an
+explicit request/await pair around a sensitive operation.
+
+A full runnable example lives in [`examples/headless-control-plane`](../../examples/headless-control-plane).
+
+### Budget gate
+
+Opt in with `budgetGate: true`. Before each wrapped LLM call, the SDK evaluates the
+account's monthly limit + spend (cached, TTL from the backend, default 60s). Over the
+limit throws `ArgosvixBudgetExceededError` *before* the provider request — so a runaway
+loop can't burn the budget.
+
+```typescript
+import { wrap, ArgosvixBudgetExceededError } from "@argosvix/sdk";
+
+const openai = wrap(new OpenAI(), {
+  apiKey: process.env.ARGOSVIX_API_KEY,
+  budgetGate: true,
+});
+
+try {
+  await openai.chat.completions.create({ model: "gpt-4o-mini", messages });
+} catch (err) {
+  if (err instanceof ArgosvixBudgetExceededError) {
+    // err.spentUsd / err.limitUsd — blocked before reaching the provider
+  }
+}
+```
+
+The gate is configured from the dashboard / chat ("月 $5 の予算ゲートを作成して"). On an
+account with no gate it's a complete no-op. `enforceMode: "fail_open"` (default) lets
+calls through when the backend is unreachable; `"fail_closed"` blocks while the cached
+state is stale (`ArgosvixBudgetGateUnavailableError`). Set `budgetGateFailClosed: true`
+to also block before the first successful fetch.
+
+### Policy gate
+
+Opt in with `policyGate: true` (shares the same config fetch). Before each call the SDK
+checks the request payload against the account's policy — model allowlist, PII block,
+secret block — and throws `ArgosvixPolicyViolationError` on a hit. The scan runs in your
+process; only the field path + a masked snippet are surfaced, never the plaintext.
+
+```typescript
+import { wrap, ArgosvixPolicyViolationError } from "@argosvix/sdk";
+
+const openai = wrap(new OpenAI(), {
+  apiKey: process.env.ARGOSVIX_API_KEY,
+  policyGate: true,
+});
+// err.reason is "model_not_allowed" | "pii_detected" | "secret_detected"
+```
+
+### Approval gate
+
+For destructive or irreversible operations (delete / refund / send), request a human
+approval and wait. The owner/admins get an email; a human approves in the dashboard
+`/approvals` or via the email link. **API keys cannot approve** — the agent can't
+self-approve. Anything other than `"approved"` (denied / expired / timeout) is
+default-deny.
+
+```typescript
+import { requestApproval, waitForApproval } from "@argosvix/sdk";
+
+const approval = await requestApproval({
+  apiKey: process.env.ARGOSVIX_API_KEY!,
+  action: "delete_user",
+  summary: "Delete inactive user usr_123 (90 days no login)",
+  timeoutSeconds: 3600,
+});
+const status = await waitForApproval({ apiKey, id: approval.id });
+if (status !== "approved") return; // default-deny
+// ...perform the operation...
+```
+
 ## Composite client / explicit provider
 
 When auto-detection is ambiguous (e.g. for composite or adapter clients), set `config.provider` explicitly:

package/dist/approvals.d.ts

@@ -0,0 +1,84 @@
+/**
+ * 人間承認ゲートの SDK API (= ランタイム制御プレーン Phase 3)。
+ *
+ * agent の危険操作 (= 削除 / 送金 / 退会等) の前に呼ぶと、 Argosvix backend に
+ * 承認依頼が作られ、 account owner へ email 通知が飛ぶ。 人間が dashboard
+ * (/approvals) か email link で承認 / 否認するまで `waitForApproval()` が待つ。
+ *
+ * 設計:
+ *   - wrap() とは独立した明示 API (= LLM 呼び出し単位ではなく操作単位)
+ *   - timeout 切れ / waitForApproval の待ち時間超過は "expired" / "denied"
+ *     扱いで返す = default-deny。 呼び出し側は approved 以外で操作を中止する
+ *   - polling は default 5 秒間隔 + jitter。 backend の read rate limit は
+ *     account 単位 60/分 のため、 同時に待てる approval は実質 ~5 件
+ *     (= 超過分は 429 → 次 poll で再試行されるので安全側だが遅くなる)
+ *
+ * @example
+ * import { requestApproval, waitForApproval } from "@argosvix/sdk";
+ *
+ * const approval = await requestApproval({
+ *   apiKey: "argk_...",
+ *   action: "delete_user",
+ *   summary: "user usr_123 を削除します (LTV $0、90 日 inactive)",
+ * });
+ * const status = await waitForApproval({ apiKey: "argk_...", id: approval.id });
+ * if (status !== "approved") throw new Error(`not approved: ${status}`);
+ */
+export type ApprovalStatus = "pending" | "approved" | "denied" | "expired";
+export interface ApprovalRequestShape {
+    id: string;
+    action: string;
+    summary: string;
+    metadata: unknown;
+    status: ApprovalStatus;
+    expiresAt: string;
+    decidedAt: string | null;
+    decidedBy: string | null;
+    createdAt: string;
+}
+export declare class ArgosvixApprovalError extends Error {
+    readonly status: number | null;
+    constructor(message: string, status?: number | null);
+}
+export interface ApprovalClientOptions {
+    /** Argosvix API key (= 必須)。 */
+    apiKey: string;
+    /**
+     * API base の override (= self-host / test 用)。 未指定は
+     * https://ingest.argosvix.com。 ArgosvixConfig.endpoint (= .../v1/ingest)
+     * を渡した場合は prefix を導出する。
+     */
+    endpoint?: string;
+}
+export interface RequestApprovalParams extends ApprovalClientOptions {
+    /** 操作の識別子 (= 1-128 文字、 [A-Za-z0-9._: -])。 例: "delete_user" */
+    action: string;
+    /** 人間が読む 1 行説明 (= 1-500 文字)。 承認 email にそのまま載る。 */
+    summary: string;
+    /** 補足 JSON object (= 4KB まで、 任意)。 */
+    metadata?: Record<string, unknown>;
+    /** 承認期限秒 (= 60-86400、 default 3600)。 期限切れ = expired = deny 扱い。 */
+    timeoutSeconds?: number;
+}
+/** 承認依頼を作成する。 account owner へ email 通知が飛ぶ。 */
+export declare function requestApproval(params: RequestApprovalParams): Promise<ApprovalRequestShape>;
+/** 承認依頼の現在状態を 1 回取得する。 */
+export declare function getApproval(params: ApprovalClientOptions & {
+    id: string;
+}): Promise<ApprovalRequestShape>;
+export interface WaitForApprovalParams extends ApprovalClientOptions {
+    id: string;
+    /** polling 間隔 ms (= default 5000、 最小 1000)。 */
+    pollIntervalMs?: number;
+    /**
+     * 待機の上限 ms (= default 1 時間)。 超過時は "expired" を返す = default-deny。
+     * backend 側の依頼 timeout とは独立 (= 短い方が先に効く)。
+     */
+    timeoutMs?: number;
+}
+/**
+ * 承認 / 否認 / 期限切れまで polling して最終 status を返す。
+ * "approved" 以外が返ったら呼び出し側は操作を実行しないこと (= default-deny)。
+ */
+export declare function waitForApproval(params: WaitForApprovalParams): Promise<Exclude<ApprovalStatus, "pending">>;
+//# sourceMappingURL=approvals.d.ts.map

package/dist/approvals.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"approvals.d.ts","sourceRoot":"","sources":["../src/approvals.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AASH,MAAM,MAAM,cAAc,GAAG,SAAS,GAAG,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAC;AAE3E,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,OAAO,CAAC;IAClB,MAAM,EAAE,cAAc,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,qBAAa,qBAAsB,SAAQ,KAAK;IAC9C,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;gBACnB,OAAO,EAAE,MAAM,EAAE,MAAM,GAAE,MAAM,GAAG,IAAW;CAK1D;AAED,MAAM,WAAW,qBAAqB;IACpC,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf;;;;OAIG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAkDD,MAAM,WAAW,qBAAsB,SAAQ,qBAAqB;IAClE,8DAA8D;IAC9D,MAAM,EAAE,MAAM,CAAC;IACf,kDAAkD;IAClD,OAAO,EAAE,MAAM,CAAC;IAChB,qCAAqC;IACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,kEAAkE;IAClE,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,8CAA8C;AAC9C,wBAAsB,eAAe,CACnC,MAAM,EAAE,qBAAqB,GAC5B,OAAO,CAAC,oBAAoB,CAAC,CAe/B;AAED,0BAA0B;AAC1B,wBAAsB,WAAW,CAC/B,MAAM,EAAE,qBAAqB,GAAG;IAAE,EAAE,EAAE,MAAM,CAAA;CAAE,GAC7C,OAAO,CAAC,oBAAoB,CAAC,CAS/B;AAED,MAAM,WAAW,qBAAsB,SAAQ,qBAAqB;IAClE,EAAE,EAAE,MAAM,CAAC;IACX,+CAA+C;IAC/C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;;GAGG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,qBAAqB,GAC5B,OAAO,CAAC,OAAO,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC,CA4B7C"}

package/dist/approvals.js

@@ -0,0 +1,143 @@
+/**
+ * 人間承認ゲートの SDK API (= ランタイム制御プレーン Phase 3)。
+ *
+ * agent の危険操作 (= 削除 / 送金 / 退会等) の前に呼ぶと、 Argosvix backend に
+ * 承認依頼が作られ、 account owner へ email 通知が飛ぶ。 人間が dashboard
+ * (/approvals) か email link で承認 / 否認するまで `waitForApproval()` が待つ。
+ *
+ * 設計:
+ *   - wrap() とは独立した明示 API (= LLM 呼び出し単位ではなく操作単位)
+ *   - timeout 切れ / waitForApproval の待ち時間超過は "expired" / "denied"
+ *     扱いで返す = default-deny。 呼び出し側は approved 以外で操作を中止する
+ *   - polling は default 5 秒間隔 + jitter。 backend の read rate limit は
+ *     account 単位 60/分 のため、 同時に待てる approval は実質 ~5 件
+ *     (= 超過分は 429 → 次 poll で再試行されるので安全側だが遅くなる)
+ *
+ * @example
+ * import { requestApproval, waitForApproval } from "@argosvix/sdk";
+ *
+ * const approval = await requestApproval({
+ *   apiKey: "argk_...",
+ *   action: "delete_user",
+ *   summary: "user usr_123 を削除します (LTV $0、90 日 inactive)",
+ * });
+ * const status = await waitForApproval({ apiKey: "argk_...", id: approval.id });
+ * if (status !== "approved") throw new Error(`not approved: ${status}`);
+ */
+const DEFAULT_API_BASE = "https://ingest.argosvix.com";
+const INGEST_SUFFIX = "/v1/ingest";
+const DEFAULT_POLL_INTERVAL_MS = 5_000;
+const MIN_POLL_INTERVAL_MS = 1_000;
+const DEFAULT_WAIT_TIMEOUT_MS = 3_600_000;
+const REQUEST_TIMEOUT_MS = 10_000;
+export class ArgosvixApprovalError extends Error {
+    status;
+    constructor(message, status = null) {
+        super(`[argosvix] approval: ${message}`);
+        this.name = "ArgosvixApprovalError";
+        this.status = status;
+    }
+}
+function apiBase(opts) {
+    const ep = opts.endpoint;
+    if (!ep)
+        return DEFAULT_API_BASE;
+    if (ep.endsWith(INGEST_SUFFIX))
+        return ep.slice(0, -INGEST_SUFFIX.length);
+    return ep.replace(/\/$/, "");
+}
+async function callApi(opts, path, init = {}) {
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), REQUEST_TIMEOUT_MS);
+    let res;
+    try {
+        res = await fetch(`${apiBase(opts)}${path}`, {
+            method: init.method ?? "GET",
+            headers: {
+                Authorization: `Bearer ${opts.apiKey}`,
+                ...(init.body !== undefined ? { "Content-Type": "application/json" } : {}),
+            },
+            ...(init.body !== undefined ? { body: JSON.stringify(init.body) } : {}),
+            signal: controller.signal,
+        });
+    }
+    catch (err) {
+        throw new ArgosvixApprovalError(`network error: ${err instanceof Error ? err.message : String(err)}`);
+    }
+    finally {
+        clearTimeout(timer);
+    }
+    let body = null;
+    try {
+        body = await res.json();
+    }
+    catch {
+        body = null;
+    }
+    if (!res.ok) {
+        const message = body && typeof body === "object" && typeof body.error === "string"
+            ? (body.error)
+            : `HTTP ${res.status}`;
+        throw new ArgosvixApprovalError(message, res.status);
+    }
+    return body;
+}
+/** 承認依頼を作成する。 account owner へ email 通知が飛ぶ。 */
+export async function requestApproval(params) {
+    const body = {
+        action: params.action,
+        summary: params.summary,
+    };
+    if (params.metadata !== undefined)
+        body["metadata"] = params.metadata;
+    if (params.timeoutSeconds !== undefined)
+        body["timeoutSeconds"] = params.timeoutSeconds;
+    const res = (await callApi(params, "/v1/gate/approvals", {
+        method: "POST",
+        body,
+    }));
+    if (!res || !res.approval) {
+        throw new ArgosvixApprovalError("unexpected response shape");
+    }
+    return res.approval;
+}
+/** 承認依頼の現在状態を 1 回取得する。 */
+export async function getApproval(params) {
+    const res = (await callApi(params, `/v1/gate/approvals/${encodeURIComponent(params.id)}`));
+    if (!res || !res.approval) {
+        throw new ArgosvixApprovalError("unexpected response shape");
+    }
+    return res.approval;
+}
+/**
+ * 承認 / 否認 / 期限切れまで polling して最終 status を返す。
+ * "approved" 以外が返ったら呼び出し側は操作を実行しないこと (= default-deny)。
+ */
+export async function waitForApproval(params) {
+    const baseInterval = Math.max(MIN_POLL_INTERVAL_MS, params.pollIntervalMs ?? DEFAULT_POLL_INTERVAL_MS);
+    const deadline = Date.now() + (params.timeoutMs ?? DEFAULT_WAIT_TIMEOUT_MS);
+    for (;;) {
+        let status = null;
+        try {
+            const approval = await getApproval(params);
+            status = approval.status;
+        }
+        catch (err) {
+            // 一時的な network / 429 は次の poll で再試行 (= 4xx の恒久 error は throw)
+            if (err instanceof ArgosvixApprovalError &&
+                err.status !== null &&
+                err.status !== 429 &&
+                err.status < 500) {
+                throw err;
+            }
+        }
+        if (status && status !== "pending")
+            return status;
+        if (Date.now() >= deadline)
+            return "expired";
+        // jitter (= 0-20%) で複数 agent の poll が同期して rate limit に張り付くのを防ぐ
+        const jitter = baseInterval * 0.2 * Math.random();
+        await new Promise((resolve) => setTimeout(resolve, baseInterval + jitter));
+    }
+}
+//# sourceMappingURL=approvals.js.map

package/dist/approvals.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"approvals.js","sourceRoot":"","sources":["../src/approvals.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,MAAM,gBAAgB,GAAG,6BAA6B,CAAC;AACvD,MAAM,aAAa,GAAG,YAAY,CAAC;AACnC,MAAM,wBAAwB,GAAG,KAAK,CAAC;AACvC,MAAM,oBAAoB,GAAG,KAAK,CAAC;AACnC,MAAM,uBAAuB,GAAG,SAAS,CAAC;AAC1C,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAgBlC,MAAM,OAAO,qBAAsB,SAAQ,KAAK;IACrC,MAAM,CAAgB;IAC/B,YAAY,OAAe,EAAE,SAAwB,IAAI;QACvD,KAAK,CAAC,wBAAwB,OAAO,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,IAAI,GAAG,uBAAuB,CAAC;QACpC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;CACF;AAaD,SAAS,OAAO,CAAC,IAA2B;IAC1C,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;IACzB,IAAI,CAAC,EAAE;QAAE,OAAO,gBAAgB,CAAC;IACjC,IAAI,EAAE,CAAC,QAAQ,CAAC,aAAa,CAAC;QAAE,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;IAC1E,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AAC/B,CAAC;AAED,KAAK,UAAU,OAAO,CACpB,IAA2B,EAC3B,IAAY,EACZ,OAA4C,EAAE;IAE9C,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,kBAAkB,CAAC,CAAC;IACvE,IAAI,GAAa,CAAC;IAClB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,EAAE,EAAE;YAC3C,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,KAAK;YAC5B,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE;gBACtC,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC3E;YACD,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,qBAAqB,CAC7B,kBAAkB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CACrE,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IACD,IAAI,IAAI,GAAY,IAAI,CAAC;IACzB,IAAI,CAAC;QACH,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,GAAG,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,OAAO,GACX,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,OAAQ,IAA4B,CAAC,KAAK,KAAK,QAAQ;YACzF,CAAC,CAAC,CAAE,IAA0B,CAAC,KAAK,CAAC;YACrC,CAAC,CAAC,QAAQ,GAAG,CAAC,MAAM,EAAE,CAAC;QAC3B,MAAM,IAAI,qBAAqB,CAAC,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAaD,8CAA8C;AAC9C,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,MAA6B;IAE7B,MAAM,IAAI,GAA4B;QACpC,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC;IACF,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS;QAAE,IAAI,CAAC,UAAU,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC;IACtE,IAAI,MAAM,CAAC,cAAc,KAAK,SAAS;QAAE,IAAI,CAAC,gBAAgB,CAAC,GAAG,MAAM,CAAC,cAAc,CAAC;IACxF,MAAM,GAAG,GAAG,CAAC,MAAM,OAAO,CAAC,MAAM,EAAE,oBAAoB,EAAE;QACvD,MAAM,EAAE,MAAM;QACd,IAAI;KACL,CAAC,CAAwC,CAAC;IAC3C,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,IAAI,qBAAqB,CAAC,2BAA2B,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC;AACtB,CAAC;AAED,0BAA0B;AAC1B,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,MAA8C;IAE9C,MAAM,GAAG,GAAG,CAAC,MAAM,OAAO,CACxB,MAAM,EACN,sBAAsB,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CACtD,CAAwC,CAAC;IAC1C,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,IAAI,qBAAqB,CAAC,2BAA2B,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,GAAG,CAAC,QAAQ,CAAC;AACtB,CAAC;AAaD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,MAA6B;IAE7B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAC3B,oBAAoB,EACpB,MAAM,CAAC,cAAc,IAAI,wBAAwB,CAClD,CAAC;IACF,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,IAAI,uBAAuB,CAAC,CAAC;IAC5E,SAAS,CAAC;QACR,IAAI,MAAM,GAA0B,IAAI,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,MAAM,CAAC,CAAC;YAC3C,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC3B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,6DAA6D;YAC7D,IACE,GAAG,YAAY,qBAAqB;gBACpC,GAAG,CAAC,MAAM,KAAK,IAAI;gBACnB,GAAG,CAAC,MAAM,KAAK,GAAG;gBAClB,GAAG,CAAC,MAAM,GAAG,GAAG,EAChB,CAAC;gBACD,MAAM,GAAG,CAAC;YACZ,CAAC;QACH,CAAC;QACD,IAAI,MAAM,IAAI,MAAM,KAAK,SAAS;YAAE,OAAO,MAAM,CAAC;QAClD,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,QAAQ;YAAE,OAAO,SAAS,CAAC;QAC7C,+DAA+D;QAC/D,MAAM,MAAM,GAAG,YAAY,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC;QAClD,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC;IAC7E,CAAC;AACH,CAAC"}

package/dist/budgetGate.d.ts

@@ -0,0 +1,67 @@
+import type { ArgosvixConfig } from "./types.js";
+/**
+ * model 名の canonical form (= R72b MEDIUM 3)。 Gemini 系 SDK が保持する
+ * "models/gemini-pro" の provider prefix を除去し、 allowlist 比較を
+ * TS / Python 両 SDK で同一にする。 export = test + Python 側と並走 verify 用。
+ */
+export declare function canonicalizeModelName(model: string): string;
+export declare class ArgosvixBudgetExceededError extends Error {
+    readonly spentUsd: number;
+    readonly limitUsd: number;
+    constructor(spentUsd: number, limitUsd: number);
+}
+export declare class ArgosvixBudgetGateUnavailableError extends Error {
+    constructor();
+}
+export type PolicyViolationReason = "model_not_allowed" | "pii_detected" | "secret_detected";
+export declare class ArgosvixPolicyViolationError extends Error {
+    readonly reason: PolicyViolationReason;
+    readonly detail: string;
+    constructor(reason: PolicyViolationReason, detail: string);
+}
+/** wrapper が check() に渡す呼び出し文脈。 */
+export interface GateCheckContext {
+    /** request の model 名 (= 取れない経路では payload から補完)。 */
+    model?: string | undefined;
+    /** provider に渡す request payload (= policy の PII / secret 検査対象)。 */
+    payload?: unknown;
+}
+export declare class RuntimeGate {
+    private readonly config;
+    private snapshot;
+    private inflight;
+    private lastAttemptMs;
+    private lastAttemptFailed;
+    private warnedEndpoint;
+    private warnedNoPolicy;
+    /** 直近の成功 fetch 以降にこのプロセスが record した消費の補正値。 */
+    private localSpendUsd;
+    constructor(config: ArgosvixConfig);
+    /** monotonic clock。wall clock の逆行 (NTP step / VM resume) に影響されない。 */
+    private now;
+    /** opt-in + 送信可能な構成のときだけ動く。それ以外は完全 no-op。 */
+    private get active();
+    /** recorder.record() から呼ばれる。TTL 窓内のローカル消費補正。 */
+    noteSpend(costUsd: number): void;
+    /**
+     * LLM 呼び出し直前の enforce。超過なら throw、それ以外は素通し。
+     * backend 障害は enforce mode に従って fail-open / fail-closed。
+     */
+    check(ctx?: GateCheckContext): Promise<void>;
+    private evaluate;
+    /** ポリシーゲートのローカル評価 (= モデル allowlist / PII / secret)。 */
+    private evaluatePolicy;
+    private isStale;
+    /** 直近 fetch が失敗していた場合、FAILURE_RETRY_MS 経過まで再試行しない。 */
+    private attemptAllowed;
+    private refresh;
+    /**
+     * gate endpoint の決定。 ingest endpoint を override している場合は同 prefix
+     * から導出し、 導出できない形 (= /v1/ingest で終わらない custom URL) なら
+     * gate を無効化する (= 他環境向け Bearer key を production に送らない、R65b M-2)。
+     */
+    private gateEndpoint;
+    private fetchOnce;
+}
+export { RuntimeGate as BudgetGate };
+//# sourceMappingURL=budgetGate.d.ts.map

package/dist/budgetGate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"budgetGate.d.ts","sourceRoot":"","sources":["../src/budgetGate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAgDjD;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAE3D;AAED,qBAAa,2BAA4B,SAAQ,KAAK;IACpD,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;gBACd,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM;CAQ/C;AAED,qBAAa,kCAAmC,SAAQ,KAAK;;CAO5D;AAED,MAAM,MAAM,qBAAqB,GAC7B,mBAAmB,GACnB,cAAc,GACd,iBAAiB,CAAC;AAEtB,qBAAa,4BAA6B,SAAQ,KAAK;IACrD,QAAQ,CAAC,MAAM,EAAE,qBAAqB,CAAC;IACvC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;gBACZ,MAAM,EAAE,qBAAqB,EAAE,MAAM,EAAE,MAAM;CAM1D;AAmBD,mCAAmC;AACnC,MAAM,WAAW,gBAAgB;IAC/B,mDAAmD;IACnD,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC3B,mEAAmE;IACnE,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAiB;IACxC,OAAO,CAAC,QAAQ,CAA6B;IAC7C,OAAO,CAAC,QAAQ,CAA8B;IAC9C,OAAO,CAAC,aAAa,CAAuB;IAC5C,OAAO,CAAC,iBAAiB,CAAS;IAClC,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,cAAc,CAAS;IAC/B,8CAA8C;IAC9C,OAAO,CAAC,aAAa,CAAK;gBAEd,MAAM,EAAE,cAAc;IAIlC,qEAAqE;IACrE,OAAO,CAAC,GAAG;IAIX,6CAA6C;IAC7C,OAAO,KAAK,MAAM,GAOjB;IAED,gDAAgD;IAChD,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;IAOhC;;;OAGG;IACG,KAAK,CAAC,GAAG,GAAE,gBAAqB,GAAG,OAAO,CAAC,IAAI,CAAC;IA2BtD,OAAO,CAAC,QAAQ;IAwChB,uDAAuD;IACvD,OAAO,CAAC,cAAc;IA4CtB,OAAO,CAAC,OAAO;IAKf,sDAAsD;IACtD,OAAO,CAAC,cAAc;IAKtB,OAAO,CAAC,OAAO;IAUf;;;;OAIG;IACH,OAAO,CAAC,YAAY;YAmBN,SAAS;CAuHxB;AAGD,OAAO,EAAE,WAAW,IAAI,UAAU,EAAE,CAAC"}