@astrasyncai/verification-gateway 2.4.4 → 2.4.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (80) hide show
  1. package/README.md +160 -0
  2. package/dist/adapter-interface/interface.d.mts +2 -2
  3. package/dist/adapter-interface/interface.d.ts +2 -2
  4. package/dist/adapters/express.d.mts +2 -2
  5. package/dist/adapters/express.d.ts +2 -2
  6. package/dist/adapters/express.js +4 -0
  7. package/dist/adapters/express.js.map +1 -1
  8. package/dist/adapters/express.mjs +4 -0
  9. package/dist/adapters/express.mjs.map +1 -1
  10. package/dist/adapters/mcp.d.mts +54 -18
  11. package/dist/adapters/mcp.d.ts +54 -18
  12. package/dist/adapters/mcp.js +76 -23
  13. package/dist/adapters/mcp.js.map +1 -1
  14. package/dist/adapters/mcp.mjs +76 -23
  15. package/dist/adapters/mcp.mjs.map +1 -1
  16. package/dist/adapters/nextjs.d.mts +2 -2
  17. package/dist/adapters/nextjs.d.ts +2 -2
  18. package/dist/adapters/nextjs.js +4 -0
  19. package/dist/adapters/nextjs.js.map +1 -1
  20. package/dist/adapters/nextjs.mjs +4 -0
  21. package/dist/adapters/nextjs.mjs.map +1 -1
  22. package/dist/adapters/sdk.d.mts +2 -2
  23. package/dist/adapters/sdk.d.ts +2 -2
  24. package/dist/adapters/sdk.js +4 -0
  25. package/dist/adapters/sdk.js.map +1 -1
  26. package/dist/adapters/sdk.mjs +4 -0
  27. package/dist/adapters/sdk.mjs.map +1 -1
  28. package/dist/agent/index.d.mts +2 -2
  29. package/dist/agent/index.d.ts +2 -2
  30. package/dist/browser/background.js +4 -0
  31. package/dist/browser/background.js.map +1 -1
  32. package/dist/browser/background.mjs +4 -0
  33. package/dist/browser/background.mjs.map +1 -1
  34. package/dist/browser/browser-adapter.d.mts +2 -2
  35. package/dist/browser/browser-adapter.d.ts +2 -2
  36. package/dist/cli/index.d.mts +2 -2
  37. package/dist/cli/index.d.ts +2 -2
  38. package/dist/cursor/cursor-adapter.d.mts +2 -2
  39. package/dist/cursor/cursor-adapter.d.ts +2 -2
  40. package/dist/cursor/extension.d.mts +2 -2
  41. package/dist/cursor/extension.d.ts +2 -2
  42. package/dist/cursor/extension.js +4 -0
  43. package/dist/cursor/extension.js.map +1 -1
  44. package/dist/cursor/extension.mjs +4 -0
  45. package/dist/cursor/extension.mjs.map +1 -1
  46. package/dist/{express-Ck2RHZLT.d.mts → express-D5hAJ2Gv.d.mts} +1 -1
  47. package/dist/{express-DZmEzCgo.d.ts → express-XCkk7BsJ.d.ts} +1 -1
  48. package/dist/gateway/gateway.d.mts +2 -2
  49. package/dist/gateway/gateway.d.ts +2 -2
  50. package/dist/gateway/gateway.js +4 -0
  51. package/dist/gateway/gateway.js.map +1 -1
  52. package/dist/gateway/gateway.mjs +4 -0
  53. package/dist/gateway/gateway.mjs.map +1 -1
  54. package/dist/git-trigger/git-hooks.d.mts +2 -2
  55. package/dist/git-trigger/git-hooks.d.ts +2 -2
  56. package/dist/{index-6Jus6yWU.d.ts → index-Bstl43HI.d.ts} +1 -1
  57. package/dist/{index-BgKghi19.d.ts → index-CH4TfcbL.d.ts} +1 -1
  58. package/dist/{index-D698fDOk.d.mts → index-TS4SGvf4.d.mts} +1 -1
  59. package/dist/{index-BZZTOfrI.d.mts → index-u08qcXq9.d.mts} +1 -1
  60. package/dist/index.d.mts +7 -7
  61. package/dist/index.d.ts +7 -7
  62. package/dist/index.js +4 -0
  63. package/dist/index.js.map +1 -1
  64. package/dist/index.mjs +4 -0
  65. package/dist/index.mjs.map +1 -1
  66. package/dist/local-evaluator/evaluator.d.mts +2 -2
  67. package/dist/local-evaluator/evaluator.d.ts +2 -2
  68. package/dist/{nextjs-93PHcE-i.d.mts → nextjs-CFA0J_4x.d.mts} +1 -1
  69. package/dist/{nextjs-t_ix2zQZ.d.ts → nextjs-DP2EpI-4.d.ts} +1 -1
  70. package/dist/{sdk-BFwzjYjl.d.mts → sdk-C8W54WZS.d.mts} +1 -1
  71. package/dist/{sdk-Chq02d82.d.ts → sdk-CwwCGDzK.d.ts} +1 -1
  72. package/dist/transport/index.d.mts +2 -2
  73. package/dist/transport/index.d.ts +2 -2
  74. package/dist/{types-CVT-sorC.d.mts → types-CbZOkIr-.d.mts} +21 -15
  75. package/dist/{types-CVT-sorC.d.ts → types-CbZOkIr-.d.ts} +21 -15
  76. package/dist/{types-CLP_TDu5.d.ts → types-DXNkr61h.d.ts} +1 -1
  77. package/dist/{types-y13mmzbA.d.mts → types-tBNFSbw_.d.mts} +1 -1
  78. package/dist/ui/index.d.mts +1 -1
  79. package/dist/ui/index.d.ts +1 -1
  80. package/package.json +1 -1
package/dist/local-evaluator/evaluator.d.mts CHANGED
@@ -1,5 +1,5 @@
1
- import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, a as LocalPurposeRule } from '../types-y13mmzbA.mjs';
2
- import '../types-CVT-sorC.mjs';
1
+ import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, a as LocalPurposeRule } from '../types-tBNFSbw_.mjs';
2
+ import '../types-CbZOkIr-.mjs';
3
3
 
4
4
  /**
5
5
  * Local PDLSS Evaluator
package/dist/local-evaluator/evaluator.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, a as LocalPurposeRule } from '../types-CLP_TDu5.js';
2
- import '../types-CVT-sorC.js';
1
+ import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, a as LocalPurposeRule } from '../types-DXNkr61h.js';
2
+ import '../types-CbZOkIr-.js';
3
3
 
4
4
  /**
5
5
  * Local PDLSS Evaluator
package/dist/{nextjs-93PHcE-i.d.mts → nextjs-CFA0J_4x.d.mts} RENAMED
@@ -1,6 +1,6 @@
1
1
  import * as next_server from 'next/server';
2
2
  import { NextRequest } from 'next/server';
3
- import { N as NextJsMiddlewareOptions } from './types-CVT-sorC.mjs';
3
+ import { N as NextJsMiddlewareOptions } from './types-CbZOkIr-.mjs';
4
4
 
5
5
  /**
6
6
  * Create Next.js middleware for agent verification.
package/dist/{nextjs-t_ix2zQZ.d.ts → nextjs-DP2EpI-4.d.ts} RENAMED
@@ -1,6 +1,6 @@
1
1
  import * as next_server from 'next/server';
2
2
  import { NextRequest } from 'next/server';
3
- import { N as NextJsMiddlewareOptions } from './types-CVT-sorC.js';
3
+ import { N as NextJsMiddlewareOptions } from './types-CbZOkIr-.js';
4
4
 
5
5
  /**
6
6
  * Create Next.js middleware for agent verification.
package/dist/{sdk-BFwzjYjl.d.mts → sdk-C8W54WZS.d.mts} RENAMED
@@ -1,4 +1,4 @@
1
- import { a as AccessLevel, i as TrustLevel, S as SDKOptions, V as VerificationResult } from './types-CVT-sorC.mjs';
1
+ import { a as AccessLevel, i as TrustLevel, S as SDKOptions, V as VerificationResult } from './types-CbZOkIr-.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Universal Verification Gateway - Access Level Definitions
package/dist/{sdk-Chq02d82.d.ts → sdk-CwwCGDzK.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { a as AccessLevel, i as TrustLevel, S as SDKOptions, V as VerificationResult } from './types-CVT-sorC.js';
1
+ import { a as AccessLevel, i as TrustLevel, S as SDKOptions, V as VerificationResult } from './types-CbZOkIr-.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Universal Verification Gateway - Access Level Definitions
package/dist/transport/index.d.mts CHANGED
@@ -1,3 +1,3 @@
1
- import '../types-CVT-sorC.mjs';
2
- export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, j as AP2ChainResult, k as AP2IntentMandateClaims, l as AP2MandateClaims, m as AP2MandateTriple, n as AP2MandateTripleInput, o as AP2MandateType, p as AP2PaymentDetailsTotal, q as AP2PaymentMandateClaims, r as AP2PaymentMandateForValue, s as AP2VerifyInput, C as CommerceContext, t as CommercePipelineInput, u as CommerceProtocol, v as CommercePurpose, w as CommerceSignatureStack, x as ConstraintEvalResult, y as ConstraintKey, z as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, B as IdentityClaim, D as IdentityResolver, M as MPPChallengeForValue, F as MPPChallengeSummary, G as MPPCredentialSummary, H as MPPIntent, J as MPPKind, K as MPPReceiptSummary, L as MPPRequestContext, N as MPPRequestLike, O as MPPResponseLike, P as MPPVerifyInput, Q as MPPVerifyResult, R as ParsedRFC9421, S as PaymentMethodAllowlistInput, T as RFC9421SignatureParams, U as RFC9421Tag, V as RFC9421VerifyOptions, W as RFC9421VerifyRequest, X as RFC9421VerifyResult, Y as RegistryName, Z as RegistryResolver, _ as ResolveContext, $ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, a0 as SpendingLimitInput, a1 as StripeWebhookInformationalEvent, a2 as TransactionContext, a3 as TransactionValueContext, a4 as TransportExtractor, a5 as UCPCheckoutContext, a6 as UCPManifestValidationResult, a7 as UCPRequestLike, a8 as UCPTotal, a9 as VIAllowedParty, aa as VIBudgetLimit, ab as VIClaimsForValue, ac as VIConstraintEvalInput, ad as VIConstraints, ae as VIExecutionMode, af as VIExtractedClaims, ag as VILayer, ah as VILineItem, ai as VIMandateType, aj as VIPaymentAmount, ak as VIRecurrence, al as VIVerifyInput, am as VIVerifyResult, an as VerifyStripeWebhookOptions, ao as VerifyStripeWebhookResult, ap as X402Kind, aq as X402RequestContext, ar as X402RequestForValue, as as X402RequestLike, at as X402RequirementsSummary, au as X402ResponseLike, av as applyCredentials, aw as bindIdentity, ax as claim, ay as clearTransportExtractors, az as createMastercardRegistry, aA as createVisaRegistry, aB as createWebBotAuthRegistry, aC as detectProtocol, aD as evaluatePaymentMethodAllowlist, aE as evaluateSpendingLimit, aF as evaluateVIConstraints, aG as extractA2ACredentials, aH as extractACPContext, aI as extractACPTransactionValue, aJ as extractAP2Mandate, aK as extractAP2Mandates, aL as extractAP2TransactionValue, aM as extractCredentialsFromProtocol, aN as extractHttpCredentials, aO as extractMPPContext, aP as extractMPPFromRequest, aQ as extractMPPFromResponse, aR as extractMPPTransactionValue, aS as extractMcpCredentials, aT as extractUCPContext, aU as extractUCPTransactionValue, aV as extractVIClaims, aW as extractVITransactionValue, aX as extractX402Context, aY as extractX402FromRequest, aZ as extractX402FromResponse, a_ as extractX402TransactionValue, a$ as fetchUCPManifest, b0 as getTransportExtractor, b1 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-D698fDOk.mjs';
1
+ import '../types-CbZOkIr-.mjs';
2
+ export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, j as AP2ChainResult, k as AP2IntentMandateClaims, l as AP2MandateClaims, m as AP2MandateTriple, n as AP2MandateTripleInput, o as AP2MandateType, p as AP2PaymentDetailsTotal, q as AP2PaymentMandateClaims, r as AP2PaymentMandateForValue, s as AP2VerifyInput, C as CommerceContext, t as CommercePipelineInput, u as CommerceProtocol, v as CommercePurpose, w as CommerceSignatureStack, x as ConstraintEvalResult, y as ConstraintKey, z as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, B as IdentityClaim, D as IdentityResolver, M as MPPChallengeForValue, F as MPPChallengeSummary, G as MPPCredentialSummary, H as MPPIntent, J as MPPKind, K as MPPReceiptSummary, L as MPPRequestContext, N as MPPRequestLike, O as MPPResponseLike, P as MPPVerifyInput, Q as MPPVerifyResult, R as ParsedRFC9421, S as PaymentMethodAllowlistInput, T as RFC9421SignatureParams, U as RFC9421Tag, V as RFC9421VerifyOptions, W as RFC9421VerifyRequest, X as RFC9421VerifyResult, Y as RegistryName, Z as RegistryResolver, _ as ResolveContext, $ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, a0 as SpendingLimitInput, a1 as StripeWebhookInformationalEvent, a2 as TransactionContext, a3 as TransactionValueContext, a4 as TransportExtractor, a5 as UCPCheckoutContext, a6 as UCPManifestValidationResult, a7 as UCPRequestLike, a8 as UCPTotal, a9 as VIAllowedParty, aa as VIBudgetLimit, ab as VIClaimsForValue, ac as VIConstraintEvalInput, ad as VIConstraints, ae as VIExecutionMode, af as VIExtractedClaims, ag as VILayer, ah as VILineItem, ai as VIMandateType, aj as VIPaymentAmount, ak as VIRecurrence, al as VIVerifyInput, am as VIVerifyResult, an as VerifyStripeWebhookOptions, ao as VerifyStripeWebhookResult, ap as X402Kind, aq as X402RequestContext, ar as X402RequestForValue, as as X402RequestLike, at as X402RequirementsSummary, au as X402ResponseLike, av as applyCredentials, aw as bindIdentity, ax as claim, ay as clearTransportExtractors, az as createMastercardRegistry, aA as createVisaRegistry, aB as createWebBotAuthRegistry, aC as detectProtocol, aD as evaluatePaymentMethodAllowlist, aE as evaluateSpendingLimit, aF as evaluateVIConstraints, aG as extractA2ACredentials, aH as extractACPContext, aI as extractACPTransactionValue, aJ as extractAP2Mandate, aK as extractAP2Mandates, aL as extractAP2TransactionValue, aM as extractCredentialsFromProtocol, aN as extractHttpCredentials, aO as extractMPPContext, aP as extractMPPFromRequest, aQ as extractMPPFromResponse, aR as extractMPPTransactionValue, aS as extractMcpCredentials, aT as extractUCPContext, aU as extractUCPTransactionValue, aV as extractVIClaims, aW as extractVITransactionValue, aX as extractX402Context, aY as extractX402FromRequest, aZ as extractX402FromResponse, a_ as extractX402TransactionValue, a$ as fetchUCPManifest, b0 as getTransportExtractor, b1 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-TS4SGvf4.mjs';
3
3
  import 'jose';
package/dist/transport/index.d.ts CHANGED
@@ -1,3 +1,3 @@
1
- import '../types-CVT-sorC.js';
2
- export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, j as AP2ChainResult, k as AP2IntentMandateClaims, l as AP2MandateClaims, m as AP2MandateTriple, n as AP2MandateTripleInput, o as AP2MandateType, p as AP2PaymentDetailsTotal, q as AP2PaymentMandateClaims, r as AP2PaymentMandateForValue, s as AP2VerifyInput, C as CommerceContext, t as CommercePipelineInput, u as CommerceProtocol, v as CommercePurpose, w as CommerceSignatureStack, x as ConstraintEvalResult, y as ConstraintKey, z as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, B as IdentityClaim, D as IdentityResolver, M as MPPChallengeForValue, F as MPPChallengeSummary, G as MPPCredentialSummary, H as MPPIntent, J as MPPKind, K as MPPReceiptSummary, L as MPPRequestContext, N as MPPRequestLike, O as MPPResponseLike, P as MPPVerifyInput, Q as MPPVerifyResult, R as ParsedRFC9421, S as PaymentMethodAllowlistInput, T as RFC9421SignatureParams, U as RFC9421Tag, V as RFC9421VerifyOptions, W as RFC9421VerifyRequest, X as RFC9421VerifyResult, Y as RegistryName, Z as RegistryResolver, _ as ResolveContext, $ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, a0 as SpendingLimitInput, a1 as StripeWebhookInformationalEvent, a2 as TransactionContext, a3 as TransactionValueContext, a4 as TransportExtractor, a5 as UCPCheckoutContext, a6 as UCPManifestValidationResult, a7 as UCPRequestLike, a8 as UCPTotal, a9 as VIAllowedParty, aa as VIBudgetLimit, ab as VIClaimsForValue, ac as VIConstraintEvalInput, ad as VIConstraints, ae as VIExecutionMode, af as VIExtractedClaims, ag as VILayer, ah as VILineItem, ai as VIMandateType, aj as VIPaymentAmount, ak as VIRecurrence, al as VIVerifyInput, am as VIVerifyResult, an as VerifyStripeWebhookOptions, ao as VerifyStripeWebhookResult, ap as X402Kind, aq as X402RequestContext, ar as X402RequestForValue, as as X402RequestLike, at as X402RequirementsSummary, au as X402ResponseLike, av as applyCredentials, aw as bindIdentity, ax as claim, ay as clearTransportExtractors, az as createMastercardRegistry, aA as createVisaRegistry, aB as createWebBotAuthRegistry, aC as detectProtocol, aD as evaluatePaymentMethodAllowlist, aE as evaluateSpendingLimit, aF as evaluateVIConstraints, aG as extractA2ACredentials, aH as extractACPContext, aI as extractACPTransactionValue, aJ as extractAP2Mandate, aK as extractAP2Mandates, aL as extractAP2TransactionValue, aM as extractCredentialsFromProtocol, aN as extractHttpCredentials, aO as extractMPPContext, aP as extractMPPFromRequest, aQ as extractMPPFromResponse, aR as extractMPPTransactionValue, aS as extractMcpCredentials, aT as extractUCPContext, aU as extractUCPTransactionValue, aV as extractVIClaims, aW as extractVITransactionValue, aX as extractX402Context, aY as extractX402FromRequest, aZ as extractX402FromResponse, a_ as extractX402TransactionValue, a$ as fetchUCPManifest, b0 as getTransportExtractor, b1 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-6Jus6yWU.js';
1
+ import '../types-CbZOkIr-.js';
2
+ export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, j as AP2ChainResult, k as AP2IntentMandateClaims, l as AP2MandateClaims, m as AP2MandateTriple, n as AP2MandateTripleInput, o as AP2MandateType, p as AP2PaymentDetailsTotal, q as AP2PaymentMandateClaims, r as AP2PaymentMandateForValue, s as AP2VerifyInput, C as CommerceContext, t as CommercePipelineInput, u as CommerceProtocol, v as CommercePurpose, w as CommerceSignatureStack, x as ConstraintEvalResult, y as ConstraintKey, z as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, B as IdentityClaim, D as IdentityResolver, M as MPPChallengeForValue, F as MPPChallengeSummary, G as MPPCredentialSummary, H as MPPIntent, J as MPPKind, K as MPPReceiptSummary, L as MPPRequestContext, N as MPPRequestLike, O as MPPResponseLike, P as MPPVerifyInput, Q as MPPVerifyResult, R as ParsedRFC9421, S as PaymentMethodAllowlistInput, T as RFC9421SignatureParams, U as RFC9421Tag, V as RFC9421VerifyOptions, W as RFC9421VerifyRequest, X as RFC9421VerifyResult, Y as RegistryName, Z as RegistryResolver, _ as ResolveContext, $ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, a0 as SpendingLimitInput, a1 as StripeWebhookInformationalEvent, a2 as TransactionContext, a3 as TransactionValueContext, a4 as TransportExtractor, a5 as UCPCheckoutContext, a6 as UCPManifestValidationResult, a7 as UCPRequestLike, a8 as UCPTotal, a9 as VIAllowedParty, aa as VIBudgetLimit, ab as VIClaimsForValue, ac as VIConstraintEvalInput, ad as VIConstraints, ae as VIExecutionMode, af as VIExtractedClaims, ag as VILayer, ah as VILineItem, ai as VIMandateType, aj as VIPaymentAmount, ak as VIRecurrence, al as VIVerifyInput, am as VIVerifyResult, an as VerifyStripeWebhookOptions, ao as VerifyStripeWebhookResult, ap as X402Kind, aq as X402RequestContext, ar as X402RequestForValue, as as X402RequestLike, at as X402RequirementsSummary, au as X402ResponseLike, av as applyCredentials, aw as bindIdentity, ax as claim, ay as clearTransportExtractors, az as createMastercardRegistry, aA as createVisaRegistry, aB as createWebBotAuthRegistry, aC as detectProtocol, aD as evaluatePaymentMethodAllowlist, aE as evaluateSpendingLimit, aF as evaluateVIConstraints, aG as extractA2ACredentials, aH as extractACPContext, aI as extractACPTransactionValue, aJ as extractAP2Mandate, aK as extractAP2Mandates, aL as extractAP2TransactionValue, aM as extractCredentialsFromProtocol, aN as extractHttpCredentials, aO as extractMPPContext, aP as extractMPPFromRequest, aQ as extractMPPFromResponse, aR as extractMPPTransactionValue, aS as extractMcpCredentials, aT as extractUCPContext, aU as extractUCPTransactionValue, aV as extractVIClaims, aW as extractVITransactionValue, aX as extractX402Context, aY as extractX402FromRequest, aZ as extractX402FromResponse, a_ as extractX402TransactionValue, a$ as fetchUCPManifest, b0 as getTransportExtractor, b1 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-Bstl43HI.js';
3
3
  import 'jose';
package/dist/{types-CVT-sorC.d.mts → types-CbZOkIr-.d.mts} RENAMED
@@ -128,6 +128,27 @@ interface GatewayConfig {
128
128
  * Defaults to `https://app.astrasync.ai`.
129
129
  */
130
130
  dashboardUrl?: string;
131
+ /**
132
+ * Round-12 (F9, express) / round-13 (R13-5, mcp parity): when true, the
133
+ * middleware calls verify-access for any request that presents
134
+ * AstraSync credentials, even on routes / MCP risk-tiers with
135
+ * `minAccessLevel: 'none'`. Populates `req.agentVerification` and
136
+ * records the verification event for the audit trail. Enforcement
137
+ * still respects route / tier policy — a `none` floor still grants
138
+ * regardless of access level. Default false to preserve existing
139
+ * behaviour.
140
+ *
141
+ * Use this when a single endpoint serves both anonymous and verified
142
+ * traffic with different response shapes (e.g. anonymous catalog vs
143
+ * verified catalog with agent-only SKUs; anonymous MCP tool listing
144
+ * vs verified tool-listing with restricted tools surfaced). Without
145
+ * the flag, anonymous-with-credentials passes are invisible to the
146
+ * merchant handler and to the AstraSync activity feed.
147
+ *
148
+ * Lives on `GatewayConfig` (not adapter-specific) so both express and
149
+ * MCP middlewares inherit it via their `extends GatewayConfig` chain.
150
+ */
151
+ evaluateAlwaysIfCredentialed?: boolean;
131
152
  }
132
153
  /**
133
154
  * Verified agent information
@@ -459,21 +480,6 @@ interface ExpressMiddlewareOptions extends GatewayConfig {
459
480
  recordDecisions?: boolean;
460
481
  /** Enable runtime challenge for all verify-access calls (default: true) */
461
482
  enableRuntimeChallenge?: boolean;
462
- /**
463
- * Round-12 (F9): when true, the middleware calls verify-access for any
464
- * request that presents AstraSync credentials, even on routes with
465
- * `minAccessLevel: 'none'`. Populates `req.agentVerification` and
466
- * records the verification event for the audit trail. Enforcement
467
- * still respects route policy — a 'none' floor still grants regardless
468
- * of access level. Default false to preserve existing behaviour.
469
- *
470
- * Use this when a single route serves both anonymous and verified
471
- * traffic with different response shapes (e.g. anonymous catalog vs
472
- * verified catalog with agent-only SKUs). Without the flag, anonymous
473
- * passes are invisible to the merchant handler and to the AstraSync
474
- * activity feed.
475
- */
476
- evaluateAlwaysIfCredentialed?: boolean;
477
483
  /**
478
484
  * Refresh interval (ms) for the remote-fetched route policy. Default:
479
485
  * 5 minutes. Operators can shorten this to test policy edits faster, or
package/dist/{types-CVT-sorC.d.ts → types-CbZOkIr-.d.ts} RENAMED
@@ -128,6 +128,27 @@ interface GatewayConfig {
128
128
  * Defaults to `https://app.astrasync.ai`.
129
129
  */
130
130
  dashboardUrl?: string;
131
+ /**
132
+ * Round-12 (F9, express) / round-13 (R13-5, mcp parity): when true, the
133
+ * middleware calls verify-access for any request that presents
134
+ * AstraSync credentials, even on routes / MCP risk-tiers with
135
+ * `minAccessLevel: 'none'`. Populates `req.agentVerification` and
136
+ * records the verification event for the audit trail. Enforcement
137
+ * still respects route / tier policy — a `none` floor still grants
138
+ * regardless of access level. Default false to preserve existing
139
+ * behaviour.
140
+ *
141
+ * Use this when a single endpoint serves both anonymous and verified
142
+ * traffic with different response shapes (e.g. anonymous catalog vs
143
+ * verified catalog with agent-only SKUs; anonymous MCP tool listing
144
+ * vs verified tool-listing with restricted tools surfaced). Without
145
+ * the flag, anonymous-with-credentials passes are invisible to the
146
+ * merchant handler and to the AstraSync activity feed.
147
+ *
148
+ * Lives on `GatewayConfig` (not adapter-specific) so both express and
149
+ * MCP middlewares inherit it via their `extends GatewayConfig` chain.
150
+ */
151
+ evaluateAlwaysIfCredentialed?: boolean;
131
152
  }
132
153
  /**
133
154
  * Verified agent information
@@ -459,21 +480,6 @@ interface ExpressMiddlewareOptions extends GatewayConfig {
459
480
  recordDecisions?: boolean;
460
481
  /** Enable runtime challenge for all verify-access calls (default: true) */
461
482
  enableRuntimeChallenge?: boolean;
462
- /**
463
- * Round-12 (F9): when true, the middleware calls verify-access for any
464
- * request that presents AstraSync credentials, even on routes with
465
- * `minAccessLevel: 'none'`. Populates `req.agentVerification` and
466
- * records the verification event for the audit trail. Enforcement
467
- * still respects route policy — a 'none' floor still grants regardless
468
- * of access level. Default false to preserve existing behaviour.
469
- *
470
- * Use this when a single route serves both anonymous and verified
471
- * traffic with different response shapes (e.g. anonymous catalog vs
472
- * verified catalog with agent-only SKUs). Without the flag, anonymous
473
- * passes are invisible to the merchant handler and to the AstraSync
474
- * activity feed.
475
- */
476
- evaluateAlwaysIfCredentialed?: boolean;
477
483
  /**
478
484
  * Refresh interval (ms) for the remote-fetched route policy. Default:
479
485
  * 5 minutes. Operators can shorten this to test policy edits faster, or
package/dist/{types-CLP_TDu5.d.ts → types-DXNkr61h.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CVT-sorC.js';
1
+ import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CbZOkIr-.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
package/dist/{types-y13mmzbA.d.mts → types-tBNFSbw_.d.mts} RENAMED
@@ -1,4 +1,4 @@
1
- import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CVT-sorC.mjs';
1
+ import { a as AccessLevel, C as CounterpartyType, T as TokenGuidance } from './types-CbZOkIr-.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
package/dist/ui/index.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CVT-sorC.mjs';
1
+ import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CbZOkIr-.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Commerce Shield Component
package/dist/ui/index.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CVT-sorC.js';
1
+ import { d as CommerceShieldProps, V as VerificationResult, b as AgentCredentials, f as GuidanceInfo, i as TrustLevel } from '../types-CbZOkIr-.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Commerce Shield Component
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@astrasyncai/verification-gateway",
3
- "version": "2.4.4",
3
+ "version": "2.4.6",
4
4
  "description": "AstraSync KYA Platform SDK — counterparty verification gateway (verify incoming requests) + agent registration (register AI agents with the KYA backend).",
5
5
  "main": "./dist/index.js",
6
6
  "module": "./dist/index.mjs",