npm - @astrasyncai/verification-gateway - Versions diffs - 1.1.0 → 2.0.0 - Mend

@astrasyncai/verification-gateway 1.1.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (101) hide show

package/dist/adapter-interface/interface.d.mts +71 -0
package/dist/adapter-interface/interface.d.ts +71 -0
package/dist/adapter-interface/interface.js +36 -0
package/dist/adapter-interface/interface.js.map +1 -0
package/dist/adapter-interface/interface.mjs +10 -0
package/dist/adapter-interface/interface.mjs.map +1 -0
package/dist/adapter-interface/purpose-mapping.d.mts +28 -0
package/dist/adapter-interface/purpose-mapping.d.ts +28 -0
package/dist/adapter-interface/purpose-mapping.js +117 -0
package/dist/adapter-interface/purpose-mapping.js.map +1 -0
package/dist/adapter-interface/purpose-mapping.mjs +89 -0
package/dist/adapter-interface/purpose-mapping.mjs.map +1 -0
package/dist/adapters/express.d.mts +2 -2
package/dist/adapters/express.d.ts +2 -2
package/dist/adapters/express.js +6 -7
package/dist/adapters/express.js.map +1 -1
package/dist/adapters/express.mjs +6 -7
package/dist/adapters/express.mjs.map +1 -1
package/dist/adapters/nextjs.d.mts +2 -2
package/dist/adapters/nextjs.d.ts +2 -2
package/dist/adapters/nextjs.js +5 -7
package/dist/adapters/nextjs.js.map +1 -1
package/dist/adapters/nextjs.mjs +5 -7
package/dist/adapters/nextjs.mjs.map +1 -1
package/dist/adapters/sdk.d.mts +2 -2
package/dist/adapters/sdk.d.ts +2 -2
package/dist/adapters/sdk.js +6 -2
package/dist/adapters/sdk.js.map +1 -1
package/dist/adapters/sdk.mjs +6 -2
package/dist/adapters/sdk.mjs.map +1 -1
package/dist/agent/index.d.mts +2 -0
package/dist/agent/index.d.ts +2 -0
package/dist/agent/index.js +354 -0
package/dist/agent/index.js.map +1 -0
package/dist/agent/index.mjs +323 -0
package/dist/agent/index.mjs.map +1 -0
package/dist/browser/browser-adapter.d.mts +106 -0
package/dist/browser/browser-adapter.d.ts +106 -0
package/dist/browser/browser-adapter.js +286 -0
package/dist/browser/browser-adapter.js.map +1 -0
package/dist/browser/browser-adapter.mjs +259 -0
package/dist/browser/browser-adapter.mjs.map +1 -0
package/dist/cli/index.d.mts +241 -0
package/dist/cli/index.d.ts +241 -0
package/dist/cli/index.js +3734 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/index.mjs +3688 -0
package/dist/cli/index.mjs.map +1 -0
package/dist/cursor/cursor-adapter.d.mts +92 -0
package/dist/cursor/cursor-adapter.d.ts +92 -0
package/dist/cursor/cursor-adapter.js +273 -0
package/dist/cursor/cursor-adapter.js.map +1 -0
package/dist/cursor/cursor-adapter.mjs +246 -0
package/dist/cursor/cursor-adapter.mjs.map +1 -0
package/dist/{express-BoayLpqq.d.mts → express-Cp4eg77F.d.mts} +1 -1
package/dist/{express-BGZiLINd.d.ts → express-DIEyq1Tz.d.ts} +1 -1
package/dist/gateway/gateway.d.mts +70 -0
package/dist/gateway/gateway.d.ts +70 -0
package/dist/gateway/gateway.js +3726 -0
package/dist/gateway/gateway.js.map +1 -0
package/dist/gateway/gateway.mjs +3706 -0
package/dist/gateway/gateway.mjs.map +1 -0
package/dist/git-trigger/git-hooks.d.mts +69 -0
package/dist/git-trigger/git-hooks.d.ts +69 -0
package/dist/git-trigger/git-hooks.js +244 -0
package/dist/git-trigger/git-hooks.js.map +1 -0
package/dist/git-trigger/git-hooks.mjs +221 -0
package/dist/git-trigger/git-hooks.mjs.map +1 -0
package/dist/index-BhTbGU-o.d.mts +206 -0
package/dist/index-Bhfxq9xI.d.ts +206 -0
package/dist/index-CNkmHmpi.d.ts +89 -0
package/dist/index-CoLebmwv.d.mts +89 -0
package/dist/index.d.mts +8 -295
package/dist/index.d.ts +8 -295
package/dist/index.js +17 -16
package/dist/index.js.map +1 -1
package/dist/index.mjs +17 -16
package/dist/index.mjs.map +1 -1
package/dist/local-evaluator/evaluator.d.mts +55 -0
package/dist/local-evaluator/evaluator.d.ts +55 -0
package/dist/local-evaluator/evaluator.js +272 -0
package/dist/local-evaluator/evaluator.js.map +1 -0
package/dist/local-evaluator/evaluator.mjs +244 -0
package/dist/local-evaluator/evaluator.mjs.map +1 -0
package/dist/{nextjs-DTCS5Sw8.d.ts → nextjs-Cag7libc.d.ts} +1 -1
package/dist/{nextjs-BNbHm5Ui.d.mts → nextjs-_C_FcJY5.d.mts} +1 -1
package/dist/{sdk-9TKZzhxE.d.ts → sdk-CMPDFUjo.d.ts} +3 -1
package/dist/{sdk-VAFRmdt7.d.mts → sdk-DAJahT3p.d.mts} +3 -1
package/dist/transport/index.d.mts +2 -0
package/dist/transport/index.d.ts +2 -0
package/dist/transport/index.js +211 -0
package/dist/transport/index.js.map +1 -0
package/dist/transport/index.mjs +176 -0
package/dist/transport/index.mjs.map +1 -0
package/dist/{types-cA_xfFU7.d.mts → types-Bf8pML07.d.mts} +1 -1
package/dist/{types-cA_xfFU7.d.ts → types-Bf8pML07.d.ts} +1 -1
package/dist/types-BvpGdsv1.d.mts +153 -0
package/dist/types-Ce2mFJkO.d.ts +153 -0
package/dist/ui/index.d.mts +1 -1
package/dist/ui/index.d.ts +1 -1
package/package.json +46 -1

package/dist/cli/index.d.mts ADDED Viewed

@@ -0,0 +1,241 @@
+import { a as LocalPurposeRule, b as LocalScope, c as LocalRiskThresholds, L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-BvpGdsv1.mjs';
+import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.mjs';
+import '../types-Bf8pML07.mjs';
+import '../gateway/gateway.mjs';
+/**
+ * Interactive Setup Wizard
+ *
+ * Generates a PDLSS-compliant local policy YAML file through
+ * plain-language questions with explainers for non-technical users.
+ *
+ * Usage:
+ *   const wizard = new SetupWizard(readline);
+ *   const policy = await wizard.run();
+ *   // policy is a LocalPolicy ready to serialize to YAML
+ */
+interface PromptInterface {
+    question(prompt: string): Promise<string>;
+    close(): void;
+}
+interface PurposeCategory {
+    id: string;
+    label: string;
+    explainer: string;
+    readId?: string;
+    writeId?: string;
+    deleteId?: string;
+    createId?: string;
+    modifyId?: string;
+    subActions?: {
+        id: string;
+        label: string;
+        explainer: string;
+        recommended: string;
+    }[];
+    recommendedDefault: string;
+}
+declare const PURPOSE_CATEGORIES: PurposeCategory[];
+interface BlockedCommand {
+    pattern: string;
+    label: string;
+    recommended: boolean;
+}
+declare const DEFAULT_BLOCKED_COMMANDS: BlockedCommand[];
+interface BlockedPath {
+    pattern: string;
+    label: string;
+    recommended: boolean;
+}
+declare const DEFAULT_BLOCKED_PATHS: BlockedPath[];
+interface RiskPreset {
+    name: string;
+    label: string;
+    thresholds: LocalRiskThresholds;
+}
+declare const RISK_PRESETS: RiskPreset[];
+declare class SetupWizard {
+    private prompt;
+    constructor(prompt: PromptInterface);
+    /**
+     * Run the full interactive wizard and return a validated LocalPolicy.
+     */
+    run(): Promise<LocalPolicy>;
+    /**
+     * Run the wizard and write the result to a YAML file.
+     */
+    runAndSave(outputPath: string): Promise<LocalPolicy>;
+    private askPurposeQuestion;
+    private askBlockedCommands;
+    private askBlockedPaths;
+    private askRiskPreset;
+    private askCommaSeparated;
+    private parseYesNoApproval;
+    private parseYesNo;
+    private ask;
+    private print;
+}
+interface ImportResult {
+    purposes: LocalPurposeRule[];
+    scope?: LocalScope;
+    source: string;
+    rulesImported: number;
+}
+/**
+ * Parse a .cursorrules file and extract PDLSS-compatible rules.
+ * Returns partial policy rules that can be merged with wizard output.
+ */
+declare function importFromCursorRules(content: string): ImportResult;
+/**
+ * Parse a .gitignore file to infer sensitive file patterns.
+ * These become blockedPatterns for file.read purposes.
+ */
+declare function inferFromGitignore(content: string): string[];
+/**
+ * AstraSync Guard Upgrade CLI
+ *
+ * Handles the free -> Developer tier upgrade flow:
+ * 1. Validate existing setup and check for prior upgrade
+ * 2. Open browser for KYD registration
+ * 3. Validate API key before proceeding
+ * 4. Upload local policy to cloud (YAML -> cloud PDLSS, 1:1 mapping)
+ * 5. Register agent and receive ASTRA-ID
+ * 6. Choose mode (online or hybrid) and switch gateway
+ *
+ * Also supports event-triggered upgrade prompts when counterparties
+ * reject unverified agents.
+ */
+interface UpgradeConfig {
+    /** Path to local policy YAML file */
+    policyPath: string;
+    /** Loaded policy object */
+    policy: LocalPolicy;
+    /** AstraSync platform base URL */
+    platformUrl?: string;
+    /** Config directory for storing credentials (default: .astrasync/) */
+    configDir?: string;
+}
+interface UpgradeResult {
+    success: boolean;
+    kydId?: string;
+    agentId?: string;
+    apiKey?: string;
+    mode?: 'online' | 'hybrid';
+    error?: string;
+}
+interface UpgradeCallbacks {
+    /** Open a URL in the user's browser */
+    openBrowser: (url: string) => Promise<void>;
+    /** Prompt user for text input */
+    prompt: (message: string) => Promise<string>;
+    /** Display message to user */
+    print: (message: string) => void;
+    /** Write config file */
+    writeConfig: (path: string, content: string) => Promise<void>;
+    /** Read config file */
+    readConfig: (path: string) => Promise<string | null>;
+}
+/**
+ * Trigger context — why the upgrade was initiated.
+ * Used for event-triggered upgrade prompts.
+ */
+interface UpgradeTrigger {
+    /** What triggered the upgrade prompt */
+    reason: 'cli' | 'counterparty-rejection' | 'deployment' | 'git-push';
+    /** Details from the triggering event */
+    details?: {
+        /** Counterparty that rejected the agent */
+        counterpartyUrl?: string;
+        /** Rejection message from counterparty */
+        rejectionMessage?: string;
+        /** Guidance URL from counterparty */
+        guidanceUrl?: string;
+    };
+}
+declare class UpgradeFlow {
+    private config;
+    private callbacks;
+    private platformUrl;
+    private configDir;
+    private trigger;
+    constructor(config: UpgradeConfig, callbacks: UpgradeCallbacks, trigger?: UpgradeTrigger);
+    /**
+     * Run the full upgrade flow.
+     */
+    run(): Promise<UpgradeResult>;
+    /**
+     * Continue the upgrade flow after API key validation.
+     */
+    private continueUpgrade;
+    /**
+     * Print the intro message based on what triggered the upgrade.
+     */
+    private printIntro;
+    /**
+     * Validate the API key by calling the platform.
+     */
+    private validateApiKey;
+    /**
+     * Upload local policy to the AstraSync cloud.
+     * YAML -> cloud PDLSS boundary, 1:1 mapping, no lossy transformation.
+     */
+    private uploadPolicy;
+    /**
+     * Write the config file for the chosen mode.
+     */
+    private writeLocalConfig;
+}
+/**
+ * Check if the project has already been upgraded.
+ */
+declare function isUpgraded(configDir: string, readFile: (path: string) => Promise<string | null>): Promise<boolean>;
+/**
+ * @astrasyncai/adapter-openclaw-cli
+ *
+ * Reference Layer 4 adapter for the OpenClaw CLI.
+ * Implements PlatformAdapter interface — proxy server that intercepts
+ * tool use requests before they reach the agent runtime.
+ *
+ * Configurable ports (defaults to OpenClaw conventions):
+ *   proxyPort: 18790  (this adapter listens)
+ *   targetPort: 18789  (OpenClaw CLI gateway)
+ */
+interface OpenClawAdapterOptions {
+    /** Port this adapter listens on (default: 18790) */
+    proxyPort?: number;
+    /** Port the OpenClaw CLI gateway runs on (default: 18789) */
+    targetPort?: number;
+    /** Target host (default: 127.0.0.1) */
+    targetHost?: string;
+    /** Show approval prompts in terminal for MANUAL_REVIEW (default: true) */
+    interactiveApproval?: boolean;
+    /** Callback for MANUAL_REVIEW decisions (if not interactive) */
+    onApprovalRequired?: (context: PDLSSContext, decision: VerificationDecision) => Promise<boolean>;
+}
+declare class OpenClawCliAdapter implements PlatformAdapter {
+    readonly interfaceVersion = 1;
+    private gateway;
+    private options;
+    private server;
+    private _isRunning;
+    constructor(options?: OpenClawAdapterOptions);
+    get isRunning(): boolean;
+    get proxyPort(): number;
+    get targetPort(): number;
+    initialize(config: AdapterConfig): Promise<void>;
+    shutdown(): Promise<void>;
+    interceptAction(action: AgentAction): Promise<InterceptResult>;
+    extractContext(action: AgentAction): PDLSSContext;
+    enforceDecision(decision: VerificationDecision): Promise<void>;
+    private startProxy;
+    private handleProxyRequest;
+    private forwardRequest;
+    private handleApproval;
+}
+export { type BlockedCommand, type BlockedPath, DEFAULT_BLOCKED_COMMANDS, DEFAULT_BLOCKED_PATHS, type ImportResult, type OpenClawAdapterOptions, OpenClawCliAdapter, PURPOSE_CATEGORIES, type PromptInterface, type PurposeCategory, RISK_PRESETS, type RiskPreset, SetupWizard, type UpgradeCallbacks, type UpgradeConfig, UpgradeFlow, type UpgradeResult, importFromCursorRules, inferFromGitignore, isUpgraded };

package/dist/cli/index.d.ts ADDED Viewed

@@ -0,0 +1,241 @@
+import { a as LocalPurposeRule, b as LocalScope, c as LocalRiskThresholds, L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-Ce2mFJkO.js';
+import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.js';
+import '../types-Bf8pML07.js';
+import '../gateway/gateway.js';
+/**
+ * Interactive Setup Wizard
+ *
+ * Generates a PDLSS-compliant local policy YAML file through
+ * plain-language questions with explainers for non-technical users.
+ *
+ * Usage:
+ *   const wizard = new SetupWizard(readline);
+ *   const policy = await wizard.run();
+ *   // policy is a LocalPolicy ready to serialize to YAML
+ */
+interface PromptInterface {
+    question(prompt: string): Promise<string>;
+    close(): void;
+}
+interface PurposeCategory {
+    id: string;
+    label: string;
+    explainer: string;
+    readId?: string;
+    writeId?: string;
+    deleteId?: string;
+    createId?: string;
+    modifyId?: string;
+    subActions?: {
+        id: string;
+        label: string;
+        explainer: string;
+        recommended: string;
+    }[];
+    recommendedDefault: string;
+}
+declare const PURPOSE_CATEGORIES: PurposeCategory[];
+interface BlockedCommand {
+    pattern: string;
+    label: string;
+    recommended: boolean;
+}
+declare const DEFAULT_BLOCKED_COMMANDS: BlockedCommand[];
+interface BlockedPath {
+    pattern: string;
+    label: string;
+    recommended: boolean;
+}
+declare const DEFAULT_BLOCKED_PATHS: BlockedPath[];
+interface RiskPreset {
+    name: string;
+    label: string;
+    thresholds: LocalRiskThresholds;
+}
+declare const RISK_PRESETS: RiskPreset[];
+declare class SetupWizard {
+    private prompt;
+    constructor(prompt: PromptInterface);
+    /**
+     * Run the full interactive wizard and return a validated LocalPolicy.
+     */
+    run(): Promise<LocalPolicy>;
+    /**
+     * Run the wizard and write the result to a YAML file.
+     */
+    runAndSave(outputPath: string): Promise<LocalPolicy>;
+    private askPurposeQuestion;
+    private askBlockedCommands;
+    private askBlockedPaths;
+    private askRiskPreset;
+    private askCommaSeparated;
+    private parseYesNoApproval;
+    private parseYesNo;
+    private ask;
+    private print;
+}
+interface ImportResult {
+    purposes: LocalPurposeRule[];
+    scope?: LocalScope;
+    source: string;
+    rulesImported: number;
+}
+/**
+ * Parse a .cursorrules file and extract PDLSS-compatible rules.
+ * Returns partial policy rules that can be merged with wizard output.
+ */
+declare function importFromCursorRules(content: string): ImportResult;
+/**
+ * Parse a .gitignore file to infer sensitive file patterns.
+ * These become blockedPatterns for file.read purposes.
+ */
+declare function inferFromGitignore(content: string): string[];
+/**
+ * AstraSync Guard Upgrade CLI
+ *
+ * Handles the free -> Developer tier upgrade flow:
+ * 1. Validate existing setup and check for prior upgrade
+ * 2. Open browser for KYD registration
+ * 3. Validate API key before proceeding
+ * 4. Upload local policy to cloud (YAML -> cloud PDLSS, 1:1 mapping)
+ * 5. Register agent and receive ASTRA-ID
+ * 6. Choose mode (online or hybrid) and switch gateway
+ *
+ * Also supports event-triggered upgrade prompts when counterparties
+ * reject unverified agents.
+ */
+interface UpgradeConfig {
+    /** Path to local policy YAML file */
+    policyPath: string;
+    /** Loaded policy object */
+    policy: LocalPolicy;
+    /** AstraSync platform base URL */
+    platformUrl?: string;
+    /** Config directory for storing credentials (default: .astrasync/) */
+    configDir?: string;
+}
+interface UpgradeResult {
+    success: boolean;
+    kydId?: string;
+    agentId?: string;
+    apiKey?: string;
+    mode?: 'online' | 'hybrid';
+    error?: string;
+}
+interface UpgradeCallbacks {
+    /** Open a URL in the user's browser */
+    openBrowser: (url: string) => Promise<void>;
+    /** Prompt user for text input */
+    prompt: (message: string) => Promise<string>;
+    /** Display message to user */
+    print: (message: string) => void;
+    /** Write config file */
+    writeConfig: (path: string, content: string) => Promise<void>;
+    /** Read config file */
+    readConfig: (path: string) => Promise<string | null>;
+}
+/**
+ * Trigger context — why the upgrade was initiated.
+ * Used for event-triggered upgrade prompts.
+ */
+interface UpgradeTrigger {
+    /** What triggered the upgrade prompt */
+    reason: 'cli' | 'counterparty-rejection' | 'deployment' | 'git-push';
+    /** Details from the triggering event */
+    details?: {
+        /** Counterparty that rejected the agent */
+        counterpartyUrl?: string;
+        /** Rejection message from counterparty */
+        rejectionMessage?: string;
+        /** Guidance URL from counterparty */
+        guidanceUrl?: string;
+    };
+}
+declare class UpgradeFlow {
+    private config;
+    private callbacks;
+    private platformUrl;
+    private configDir;
+    private trigger;
+    constructor(config: UpgradeConfig, callbacks: UpgradeCallbacks, trigger?: UpgradeTrigger);
+    /**
+     * Run the full upgrade flow.
+     */
+    run(): Promise<UpgradeResult>;
+    /**
+     * Continue the upgrade flow after API key validation.
+     */
+    private continueUpgrade;
+    /**
+     * Print the intro message based on what triggered the upgrade.
+     */
+    private printIntro;
+    /**
+     * Validate the API key by calling the platform.
+     */
+    private validateApiKey;
+    /**
+     * Upload local policy to the AstraSync cloud.
+     * YAML -> cloud PDLSS boundary, 1:1 mapping, no lossy transformation.
+     */
+    private uploadPolicy;
+    /**
+     * Write the config file for the chosen mode.
+     */
+    private writeLocalConfig;
+}
+/**
+ * Check if the project has already been upgraded.
+ */
+declare function isUpgraded(configDir: string, readFile: (path: string) => Promise<string | null>): Promise<boolean>;
+/**
+ * @astrasyncai/adapter-openclaw-cli
+ *
+ * Reference Layer 4 adapter for the OpenClaw CLI.
+ * Implements PlatformAdapter interface — proxy server that intercepts
+ * tool use requests before they reach the agent runtime.
+ *
+ * Configurable ports (defaults to OpenClaw conventions):
+ *   proxyPort: 18790  (this adapter listens)
+ *   targetPort: 18789  (OpenClaw CLI gateway)
+ */
+interface OpenClawAdapterOptions {
+    /** Port this adapter listens on (default: 18790) */
+    proxyPort?: number;
+    /** Port the OpenClaw CLI gateway runs on (default: 18789) */
+    targetPort?: number;
+    /** Target host (default: 127.0.0.1) */
+    targetHost?: string;
+    /** Show approval prompts in terminal for MANUAL_REVIEW (default: true) */
+    interactiveApproval?: boolean;
+    /** Callback for MANUAL_REVIEW decisions (if not interactive) */
+    onApprovalRequired?: (context: PDLSSContext, decision: VerificationDecision) => Promise<boolean>;
+}
+declare class OpenClawCliAdapter implements PlatformAdapter {
+    readonly interfaceVersion = 1;
+    private gateway;
+    private options;
+    private server;
+    private _isRunning;
+    constructor(options?: OpenClawAdapterOptions);
+    get isRunning(): boolean;
+    get proxyPort(): number;
+    get targetPort(): number;
+    initialize(config: AdapterConfig): Promise<void>;
+    shutdown(): Promise<void>;
+    interceptAction(action: AgentAction): Promise<InterceptResult>;
+    extractContext(action: AgentAction): PDLSSContext;
+    enforceDecision(decision: VerificationDecision): Promise<void>;
+    private startProxy;
+    private handleProxyRequest;
+    private forwardRequest;
+    private handleApproval;
+}
+export { type BlockedCommand, type BlockedPath, DEFAULT_BLOCKED_COMMANDS, DEFAULT_BLOCKED_PATHS, type ImportResult, type OpenClawAdapterOptions, OpenClawCliAdapter, PURPOSE_CATEGORIES, type PromptInterface, type PurposeCategory, RISK_PRESETS, type RiskPreset, SetupWizard, type UpgradeCallbacks, type UpgradeConfig, UpgradeFlow, type UpgradeResult, importFromCursorRules, inferFromGitignore, isUpgraded };