@astrasyncai/verification-gateway 2.5.1 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (93) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +123 -33
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +123 -33
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/mcp.d.mts +20 -7
  10. package/dist/adapters/mcp.d.ts +20 -7
  11. package/dist/adapters/mcp.js +6 -3
  12. package/dist/adapters/mcp.js.map +1 -1
  13. package/dist/adapters/mcp.mjs +6 -3
  14. package/dist/adapters/mcp.mjs.map +1 -1
  15. package/dist/adapters/nextjs.d.mts +2 -2
  16. package/dist/adapters/nextjs.d.ts +2 -2
  17. package/dist/adapters/nextjs.js +107 -28
  18. package/dist/adapters/nextjs.js.map +1 -1
  19. package/dist/adapters/nextjs.mjs +107 -28
  20. package/dist/adapters/nextjs.mjs.map +1 -1
  21. package/dist/adapters/sdk.d.mts +2 -2
  22. package/dist/adapters/sdk.d.ts +2 -2
  23. package/dist/adapters/sdk.js +1 -1
  24. package/dist/adapters/sdk.js.map +1 -1
  25. package/dist/adapters/sdk.mjs +1 -1
  26. package/dist/adapters/sdk.mjs.map +1 -1
  27. package/dist/agent/index.d.mts +2 -2
  28. package/dist/agent/index.d.ts +2 -2
  29. package/dist/agent/index.js +3 -0
  30. package/dist/agent/index.js.map +1 -1
  31. package/dist/agent/index.mjs +3 -0
  32. package/dist/agent/index.mjs.map +1 -1
  33. package/dist/browser/background.js +1 -1
  34. package/dist/browser/background.js.map +1 -1
  35. package/dist/browser/background.mjs +1 -1
  36. package/dist/browser/background.mjs.map +1 -1
  37. package/dist/browser/browser-adapter.d.mts +2 -2
  38. package/dist/browser/browser-adapter.d.ts +2 -2
  39. package/dist/cli/index.d.mts +2 -2
  40. package/dist/cli/index.d.ts +2 -2
  41. package/dist/cursor/cursor-adapter.d.mts +2 -2
  42. package/dist/cursor/cursor-adapter.d.ts +2 -2
  43. package/dist/cursor/extension.d.mts +2 -2
  44. package/dist/cursor/extension.d.ts +2 -2
  45. package/dist/cursor/extension.js +1 -1
  46. package/dist/cursor/extension.js.map +1 -1
  47. package/dist/cursor/extension.mjs +1 -1
  48. package/dist/cursor/extension.mjs.map +1 -1
  49. package/dist/{express-ienhAXps.d.mts → express-DFVBlXr_.d.mts} +1 -1
  50. package/dist/{express-CrfwoNAR.d.ts → express-DavQ76oF.d.ts} +1 -1
  51. package/dist/gateway/gateway.d.mts +2 -2
  52. package/dist/gateway/gateway.d.ts +2 -2
  53. package/dist/gateway/gateway.js +1 -1
  54. package/dist/gateway/gateway.js.map +1 -1
  55. package/dist/gateway/gateway.mjs +1 -1
  56. package/dist/gateway/gateway.mjs.map +1 -1
  57. package/dist/git-trigger/git-hooks.d.mts +2 -2
  58. package/dist/git-trigger/git-hooks.d.ts +2 -2
  59. package/dist/{index-B5e2IDWU.d.mts → index-BVxantdv.d.mts} +1 -1
  60. package/dist/{index-DC5f8eoQ.d.ts → index-BhEgEiJL.d.ts} +1 -1
  61. package/dist/{index-CEg_WG6y.d.mts → index-BhL2R65s.d.mts} +1 -1
  62. package/dist/{index-CCdZxvAr.d.ts → index-Dk2nIA4w.d.ts} +1 -1
  63. package/dist/index.d.mts +7 -7
  64. package/dist/index.d.ts +7 -7
  65. package/dist/index.js +164 -72
  66. package/dist/index.js.map +1 -1
  67. package/dist/index.mjs +164 -72
  68. package/dist/index.mjs.map +1 -1
  69. package/dist/local-evaluator/evaluator.d.mts +2 -2
  70. package/dist/local-evaluator/evaluator.d.ts +2 -2
  71. package/dist/{nextjs-66R1KW8e.d.ts → nextjs-BXLH1hJj.d.ts} +1 -1
  72. package/dist/{nextjs-DSpisQst.d.mts → nextjs-D-maqrNz.d.mts} +1 -1
  73. package/dist/registration/index.d.mts +4 -3
  74. package/dist/registration/index.d.ts +4 -3
  75. package/dist/registration/index.js +4 -1
  76. package/dist/registration/index.js.map +1 -1
  77. package/dist/registration/index.mjs +4 -1
  78. package/dist/registration/index.mjs.map +1 -1
  79. package/dist/{sdk-5U_CBRpr.d.mts → sdk-767LaEP8.d.mts} +1 -1
  80. package/dist/{sdk-Bm8np66n.d.ts → sdk-K8IgssHI.d.ts} +1 -1
  81. package/dist/transport/index.d.mts +2 -2
  82. package/dist/transport/index.d.ts +2 -2
  83. package/dist/transport/index.js +10 -0
  84. package/dist/transport/index.js.map +1 -1
  85. package/dist/transport/index.mjs +10 -0
  86. package/dist/transport/index.mjs.map +1 -1
  87. package/dist/{types-B3USs-Kx.d.mts → types-Cuh7ELfr.d.mts} +25 -0
  88. package/dist/{types-B3USs-Kx.d.ts → types-Cuh7ELfr.d.ts} +25 -0
  89. package/dist/{types-CgDCUfo8.d.mts → types-CyFwZ_Yu.d.mts} +1 -1
  90. package/dist/{types-R5N4ET6x.d.ts → types-WIRp_BP_.d.ts} +1 -1
  91. package/dist/ui/index.d.mts +1 -1
  92. package/dist/ui/index.d.ts +1 -1
  93. package/package.json +1 -1
@@ -482,6 +482,22 @@ interface RouteAccessConfig {
482
482
  allowedJurisdictions?: string[];
483
483
  /** Maximum transaction value for this route */
484
484
  maxTransactionValue?: number;
485
+ /**
486
+ * Backend-evaluator strict mode (audit F-A1-09): when true AND
487
+ * `allowedPurposes` is non-empty, verify-access denies requests arriving
488
+ * WITHOUT a purpose. Configured in the dashboard; passed through here.
489
+ */
490
+ requirePurpose?: boolean;
491
+ /**
492
+ * SEND-mapping (Bug 14, §4.6) — not an allow-list: the PDLSS tokens the
493
+ * middleware STAMPS on verify-access calls matching this route, replacing
494
+ * the generic `data`/`data.*` method-table fallback. `purpose` = bare
495
+ * category noun (`shopping`, `trading`); `action` = dotted verb
496
+ * (`shopping.search`, `trading.execute`). Authoritative over agent-supplied
497
+ * headers — the dashboard is merchant policy, the way MCP toolGates are.
498
+ */
499
+ purpose?: string;
500
+ action?: string;
485
501
  }
486
502
  /**
487
503
  * Express middleware options.
@@ -500,6 +516,15 @@ interface ExpressMiddlewareOptions extends GatewayConfig {
500
516
  extractCredentials?: (req: unknown) => AgentCredentials;
501
517
  /** Function to extract purpose from request */
502
518
  extractPurpose?: (req: unknown) => string | undefined;
519
+ /**
520
+ * Function to extract the PDLSS action from a request — symmetric with
521
+ * `extractPurpose` (Bug 14, §4.6: the action axis previously had NO
522
+ * override and hardwired the HTTP verb). When configured it masks the
523
+ * `X-Astra-Action` header step; returning undefined falls through to the
524
+ * pinned method→action table (GET→data.read, POST/PUT/PATCH→data.write,
525
+ * DELETE→data.delete). Dashboard route mapping still outranks it.
526
+ */
527
+ extractAction?: (req: unknown) => string | undefined;
503
528
  /** Skip verification for certain paths */
504
529
  skipPaths?: string[];
505
530
  /** Custom response for denied requests */
@@ -482,6 +482,22 @@ interface RouteAccessConfig {
482
482
  allowedJurisdictions?: string[];
483
483
  /** Maximum transaction value for this route */
484
484
  maxTransactionValue?: number;
485
+ /**
486
+ * Backend-evaluator strict mode (audit F-A1-09): when true AND
487
+ * `allowedPurposes` is non-empty, verify-access denies requests arriving
488
+ * WITHOUT a purpose. Configured in the dashboard; passed through here.
489
+ */
490
+ requirePurpose?: boolean;
491
+ /**
492
+ * SEND-mapping (Bug 14, §4.6) — not an allow-list: the PDLSS tokens the
493
+ * middleware STAMPS on verify-access calls matching this route, replacing
494
+ * the generic `data`/`data.*` method-table fallback. `purpose` = bare
495
+ * category noun (`shopping`, `trading`); `action` = dotted verb
496
+ * (`shopping.search`, `trading.execute`). Authoritative over agent-supplied
497
+ * headers — the dashboard is merchant policy, the way MCP toolGates are.
498
+ */
499
+ purpose?: string;
500
+ action?: string;
485
501
  }
486
502
  /**
487
503
  * Express middleware options.
@@ -500,6 +516,15 @@ interface ExpressMiddlewareOptions extends GatewayConfig {
500
516
  extractCredentials?: (req: unknown) => AgentCredentials;
501
517
  /** Function to extract purpose from request */
502
518
  extractPurpose?: (req: unknown) => string | undefined;
519
+ /**
520
+ * Function to extract the PDLSS action from a request — symmetric with
521
+ * `extractPurpose` (Bug 14, §4.6: the action axis previously had NO
522
+ * override and hardwired the HTTP verb). When configured it masks the
523
+ * `X-Astra-Action` header step; returning undefined falls through to the
524
+ * pinned method→action table (GET→data.read, POST/PUT/PATCH→data.write,
525
+ * DELETE→data.delete). Dashboard route mapping still outranks it.
526
+ */
527
+ extractAction?: (req: unknown) => string | undefined;
503
528
  /** Skip verification for certain paths */
504
529
  skipPaths?: string[];
505
530
  /** Custom response for denied requests */
@@ -1,4 +1,4 @@
1
- import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-B3USs-Kx.mjs';
1
+ import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-Cuh7ELfr.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
@@ -1,4 +1,4 @@
1
- import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-B3USs-Kx.js';
1
+ import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-Cuh7ELfr.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
@@ -1,4 +1,4 @@
1
- import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-B3USs-Kx.mjs';
1
+ import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-Cuh7ELfr.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Commerce Shield Component
@@ -1,4 +1,4 @@
1
- import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-B3USs-Kx.js';
1
+ import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-Cuh7ELfr.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Commerce Shield Component
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@astrasyncai/verification-gateway",
3
- "version": "2.5.1",
3
+ "version": "3.1.0",
4
4
  "description": "AstraSync KYA Platform SDK — counterparty verification gateway (verify incoming requests) + agent registration (register AI agents with the KYA backend).",
5
5
  "main": "./dist/index.js",
6
6
  "module": "./dist/index.mjs",