@astrasyncai/verification-gateway 2.4.8 → 2.4.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (89) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +29 -15
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +29 -15
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/mcp.d.mts +1 -1
  10. package/dist/adapters/mcp.d.ts +1 -1
  11. package/dist/adapters/mcp.js +30 -14
  12. package/dist/adapters/mcp.js.map +1 -1
  13. package/dist/adapters/mcp.mjs +30 -14
  14. package/dist/adapters/mcp.mjs.map +1 -1
  15. package/dist/adapters/nextjs.d.mts +2 -2
  16. package/dist/adapters/nextjs.d.ts +2 -2
  17. package/dist/adapters/nextjs.js +37 -16
  18. package/dist/adapters/nextjs.js.map +1 -1
  19. package/dist/adapters/nextjs.mjs +37 -16
  20. package/dist/adapters/nextjs.mjs.map +1 -1
  21. package/dist/adapters/sdk.d.mts +2 -2
  22. package/dist/adapters/sdk.d.ts +2 -2
  23. package/dist/adapters/sdk.js +31 -13
  24. package/dist/adapters/sdk.js.map +1 -1
  25. package/dist/adapters/sdk.mjs +31 -13
  26. package/dist/adapters/sdk.mjs.map +1 -1
  27. package/dist/agent/index.d.mts +2 -2
  28. package/dist/agent/index.d.ts +2 -2
  29. package/dist/browser/background.js +25 -12
  30. package/dist/browser/background.js.map +1 -1
  31. package/dist/browser/background.mjs +25 -12
  32. package/dist/browser/background.mjs.map +1 -1
  33. package/dist/browser/browser-adapter.d.mts +2 -2
  34. package/dist/browser/browser-adapter.d.ts +2 -2
  35. package/dist/cli/index.d.mts +2 -2
  36. package/dist/cli/index.d.ts +2 -2
  37. package/dist/cursor/cursor-adapter.d.mts +2 -2
  38. package/dist/cursor/cursor-adapter.d.ts +2 -2
  39. package/dist/cursor/extension.d.mts +2 -2
  40. package/dist/cursor/extension.d.ts +2 -2
  41. package/dist/cursor/extension.js +25 -12
  42. package/dist/cursor/extension.js.map +1 -1
  43. package/dist/cursor/extension.mjs +25 -12
  44. package/dist/cursor/extension.mjs.map +1 -1
  45. package/dist/{express-DvVjR2H4.d.mts → express-4WStX3PV.d.mts} +1 -1
  46. package/dist/{express-714gJbaW.d.ts → express-C1ePFB7n.d.ts} +1 -1
  47. package/dist/gateway/gateway.d.mts +2 -2
  48. package/dist/gateway/gateway.d.ts +2 -2
  49. package/dist/gateway/gateway.js +25 -12
  50. package/dist/gateway/gateway.js.map +1 -1
  51. package/dist/gateway/gateway.mjs +25 -12
  52. package/dist/gateway/gateway.mjs.map +1 -1
  53. package/dist/git-trigger/git-hooks.d.mts +2 -2
  54. package/dist/git-trigger/git-hooks.d.ts +2 -2
  55. package/dist/{index-DYFS9QVb.d.mts → index-ChPX4WHl.d.mts} +1 -1
  56. package/dist/{index-DO0oG8ED.d.ts → index-Cjm-zBeZ.d.ts} +1 -1
  57. package/dist/{index-2WAlxs2G.d.ts → index-CzJMCgEy.d.ts} +1 -1
  58. package/dist/{index-P9t7M_dJ.d.mts → index-D8IEntil.d.mts} +1 -1
  59. package/dist/index.d.mts +22 -11
  60. package/dist/index.d.ts +22 -11
  61. package/dist/index.js +80 -25
  62. package/dist/index.js.map +1 -1
  63. package/dist/index.mjs +79 -25
  64. package/dist/index.mjs.map +1 -1
  65. package/dist/local-evaluator/evaluator.d.mts +2 -2
  66. package/dist/local-evaluator/evaluator.d.ts +2 -2
  67. package/dist/{nextjs-CZ-MwSOT.d.ts → nextjs-BIORS__0.d.ts} +1 -1
  68. package/dist/{nextjs-BCoH7EqF.d.mts → nextjs-CjzHdaXA.d.mts} +1 -1
  69. package/dist/registration/index.d.mts +76 -1
  70. package/dist/registration/index.d.ts +76 -1
  71. package/dist/registration/index.js +27 -2
  72. package/dist/registration/index.js.map +1 -1
  73. package/dist/registration/index.mjs +25 -1
  74. package/dist/registration/index.mjs.map +1 -1
  75. package/dist/{sdk-wwhFDXWX.d.mts → sdk-Chhz-FcT.d.mts} +9 -4
  76. package/dist/{sdk-kiA49vqJ.d.ts → sdk-CqTEQAc6.d.ts} +9 -4
  77. package/dist/transport/index.d.mts +2 -2
  78. package/dist/transport/index.d.ts +2 -2
  79. package/dist/{types-DOAb89cm.d.mts → types-DNK2BgIf.d.mts} +1 -1
  80. package/dist/{types-aucqzfUa.d.ts → types-DoWIuzfj.d.ts} +1 -1
  81. package/dist/{types-BwDmjIdr.d.mts → types-L15pYd2c.d.mts} +21 -4
  82. package/dist/{types-BwDmjIdr.d.ts → types-L15pYd2c.d.ts} +21 -4
  83. package/dist/ui/index.d.mts +1 -1
  84. package/dist/ui/index.d.ts +1 -1
  85. package/dist/ui/index.js +1 -1
  86. package/dist/ui/index.js.map +1 -1
  87. package/dist/ui/index.mjs +1 -1
  88. package/dist/ui/index.mjs.map +1 -1
  89. package/package.json +1 -1
package/dist/browser/browser-adapter.d.mts CHANGED
@@ -1,7 +1,7 @@
1
1
  import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.mjs';
2
- import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DOAb89cm.mjs';
2
+ import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DNK2BgIf.mjs';
3
3
  import '../gateway/gateway.mjs';
4
- import '../types-BwDmjIdr.mjs';
4
+ import '../types-L15pYd2c.mjs';
5
5
 
6
6
  /**
7
7
  * @astrasyncai/adapter-openclaw-browser
package/dist/browser/browser-adapter.d.ts CHANGED
@@ -1,7 +1,7 @@
1
1
  import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.js';
2
- import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-aucqzfUa.js';
2
+ import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DoWIuzfj.js';
3
3
  import '../gateway/gateway.js';
4
- import '../types-BwDmjIdr.js';
4
+ import '../types-L15pYd2c.js';
5
5
 
6
6
  /**
7
7
  * @astrasyncai/adapter-openclaw-browser
package/dist/cli/index.d.mts CHANGED
@@ -1,6 +1,6 @@
1
- import { b as LocalPurposeRule, d as LocalScope, c as LocalRiskThresholds, L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DOAb89cm.mjs';
1
+ import { b as LocalPurposeRule, d as LocalScope, c as LocalRiskThresholds, L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DNK2BgIf.mjs';
2
2
  import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.mjs';
3
- import '../types-BwDmjIdr.mjs';
3
+ import '../types-L15pYd2c.mjs';
4
4
  import '../gateway/gateway.mjs';
5
5
 
6
6
  /**
package/dist/cli/index.d.ts CHANGED
@@ -1,6 +1,6 @@
1
- import { b as LocalPurposeRule, d as LocalScope, c as LocalRiskThresholds, L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-aucqzfUa.js';
1
+ import { b as LocalPurposeRule, d as LocalScope, c as LocalRiskThresholds, L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DoWIuzfj.js';
2
2
  import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.js';
3
- import '../types-BwDmjIdr.js';
3
+ import '../types-L15pYd2c.js';
4
4
  import '../gateway/gateway.js';
5
5
 
6
6
  /**
package/dist/cursor/cursor-adapter.d.mts CHANGED
@@ -1,7 +1,7 @@
1
1
  import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.mjs';
2
- import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DOAb89cm.mjs';
2
+ import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DNK2BgIf.mjs';
3
3
  import '../gateway/gateway.mjs';
4
- import '../types-BwDmjIdr.mjs';
4
+ import '../types-L15pYd2c.mjs';
5
5
 
6
6
  /**
7
7
  * @astrasyncai/adapter-cursor
package/dist/cursor/cursor-adapter.d.ts CHANGED
@@ -1,7 +1,7 @@
1
1
  import { PlatformAdapter, AdapterConfig } from '../adapter-interface/interface.js';
2
- import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-aucqzfUa.js';
2
+ import { P as PDLSSContext, V as VerificationDecision, A as AgentAction, I as InterceptResult } from '../types-DoWIuzfj.js';
3
3
  import '../gateway/gateway.js';
4
- import '../types-BwDmjIdr.js';
4
+ import '../types-L15pYd2c.js';
5
5
 
6
6
  /**
7
7
  * @astrasyncai/adapter-cursor
package/dist/cursor/extension.d.mts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { VSCodeAPI } from './cursor-adapter.mjs';
2
2
  import '../adapter-interface/interface.mjs';
3
3
  import '../gateway/gateway.mjs';
4
- import '../types-DOAb89cm.mjs';
5
- import '../types-BwDmjIdr.mjs';
4
+ import '../types-DNK2BgIf.mjs';
5
+ import '../types-L15pYd2c.mjs';
6
6
 
7
7
  /**
8
8
  * VS Code Extension entry point for AstraSync Local Guard (Cursor/VS Code).
package/dist/cursor/extension.d.ts CHANGED
@@ -1,8 +1,8 @@
1
1
  import { VSCodeAPI } from './cursor-adapter.js';
2
2
  import '../adapter-interface/interface.js';
3
3
  import '../gateway/gateway.js';
4
- import '../types-aucqzfUa.js';
5
- import '../types-BwDmjIdr.js';
4
+ import '../types-DoWIuzfj.js';
5
+ import '../types-L15pYd2c.js';
6
6
 
7
7
  /**
8
8
  * VS Code Extension entry point for AstraSync Local Guard (Cursor/VS Code).
package/dist/cursor/extension.js CHANGED
@@ -3299,7 +3299,7 @@ function getTrustLevel(score) {
3299
3299
  }
3300
3300
 
3301
3301
  // src/version.ts
3302
- var SDK_VERSION = "2.4.7";
3302
+ var SDK_VERSION = "2.4.9";
3303
3303
 
3304
3304
  // src/verify.ts
3305
3305
  var DEFAULT_CONFIG = {
@@ -3382,12 +3382,17 @@ function createGuidanceResponse(config, reason, options = {}) {
3382
3382
  ]
3383
3383
  };
3384
3384
  return {
3385
- verified: false,
3385
+ // Round-18 G4: createGuidanceResponse fires for unverified-agent path or
3386
+ // API-error fallback. Identity is not verified (no agent resolved);
3387
+ // policy is not evaluated (we never reached the gate).
3388
+ identityVerified: false,
3389
+ policyAllowed: false,
3386
3390
  // v2.3.9 (defect #30): denials grant `'none'`, NEVER a positive band.
3387
- // Adapters additionally short-circuit on `verified === false` before
3388
- // the gate check, but the access level still has to be honest at the
3389
- // data layer so downstream consumers (SDK adapters in other languages,
3390
- // custom integrations) inherit the correct semantics.
3391
+ // Adapters additionally short-circuit on `!identityVerified ||
3392
+ // !policyAllowed` before the gate check, but the access level still has
3393
+ // to be honest at the data layer so downstream consumers (SDK adapters
3394
+ // in other languages, custom integrations) inherit the correct
3395
+ // semantics.
3391
3396
  accessLevel: "none",
3392
3397
  guidance,
3393
3398
  denialReasons: reason ? [reason] : ["No valid agent credentials provided"],
@@ -3531,15 +3536,17 @@ async function verify(config, request) {
3531
3536
  }
3532
3537
  if (!apiResponse.access?.allowed) {
3533
3538
  const aggregatedFailures = apiResponse.access?.failures;
3539
+ const idVerifiedFromBackend = apiResponse.verificationContext?.idVerified === true;
3534
3540
  const result2 = {
3535
- verified: false,
3541
+ identityVerified: idVerifiedFromBackend,
3542
+ policyAllowed: false,
3536
3543
  // v2.3.9 (defect #30): denials grant `'none'`, NEVER a positive band.
3537
3544
  // Pre-rename this hardcoded `'guidance'`, which conflated with the
3538
3545
  // colocated `guidance: {...}` help-payload object below and let
3539
3546
  // denied requests pass any route gated at `'guidance'` because
3540
3547
  // `hasMinimumAccess('guidance', 'guidance') === true`. Adapters now
3541
- // ALSO short-circuit on `verified === false` before the gate check —
3542
- // belt-and-braces.
3548
+ // ALSO short-circuit on `!identityVerified || !policyAllowed` before
3549
+ // the gate check — belt-and-braces.
3543
3550
  accessLevel: "none",
3544
3551
  denialReasons: aggregatedFailures && aggregatedFailures.length > 0 ? aggregatedFailures.map((f) => f.message) : apiResponse.access?.reason ? [apiResponse.access.reason] : ["Access denied"],
3545
3552
  failures: aggregatedFailures,
@@ -3583,7 +3590,13 @@ async function verify(config, request) {
3583
3590
  const verificationContext = apiResponse.verificationContext;
3584
3591
  const accessLevel = apiResponse.access?.accessLevel ?? "standard";
3585
3592
  const result = {
3586
- verified: true,
3593
+ // Round-18 G4: backend allowed access. Identity is verified (we resolved
3594
+ // the caller to an agent) and policy passed all gates. Read idVerified
3595
+ // from verificationContext for symmetry with the deny branch; default true
3596
+ // on success path since `access.allowed === true` implies identity was
3597
+ // resolvable (anonymous-allow paths flow through createGuidanceResponse).
3598
+ identityVerified: apiResponse.verificationContext?.idVerified !== false,
3599
+ policyAllowed: true,
3587
3600
  accessLevel,
3588
3601
  agent,
3589
3602
  developer,
@@ -3606,7 +3619,7 @@ async function verify(config, request) {
3606
3619
  warningHeader: apiResponse.warningHeader
3607
3620
  };
3608
3621
  if (result.recommendation === "deny") {
3609
- result.verified = false;
3622
+ result.policyAllowed = false;
3610
3623
  result.accessLevel = "none";
3611
3624
  result.denialReasons = result.recommendationReasons || [
3612
3625
  "Access denied by AstraSync recommendation"
@@ -3698,7 +3711,7 @@ function toVerificationRequest(context, astraId) {
3698
3711
  };
3699
3712
  }
3700
3713
  function toDecision(result) {
3701
- if (result.verified) {
3714
+ if (result.identityVerified && result.policyAllowed) {
3702
3715
  return {
3703
3716
  recommendation: "ALLOW",
3704
3717
  reason: `Verified with access level: ${result.accessLevel}`,