@astrasyncai/verification-gateway 2.5.1 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +123 -33
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +123 -33
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.d.mts +20 -7
- package/dist/adapters/mcp.d.ts +20 -7
- package/dist/adapters/mcp.js +6 -3
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +6 -3
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +107 -28
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +107 -28
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +1 -1
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +1 -1
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/agent/index.js +3 -0
- package/dist/agent/index.js.map +1 -1
- package/dist/agent/index.mjs +3 -0
- package/dist/agent/index.mjs.map +1 -1
- package/dist/browser/background.js +1 -1
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +1 -1
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +1 -1
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +1 -1
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-ienhAXps.d.mts → express-DFVBlXr_.d.mts} +1 -1
- package/dist/{express-CrfwoNAR.d.ts → express-DavQ76oF.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +1 -1
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +1 -1
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-B5e2IDWU.d.mts → index-BVxantdv.d.mts} +1 -1
- package/dist/{index-DC5f8eoQ.d.ts → index-BhEgEiJL.d.ts} +1 -1
- package/dist/{index-CEg_WG6y.d.mts → index-BhL2R65s.d.mts} +1 -1
- package/dist/{index-CCdZxvAr.d.ts → index-Dk2nIA4w.d.ts} +1 -1
- package/dist/index.d.mts +7 -7
- package/dist/index.d.ts +7 -7
- package/dist/index.js +164 -72
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +164 -72
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-66R1KW8e.d.ts → nextjs-BXLH1hJj.d.ts} +1 -1
- package/dist/{nextjs-DSpisQst.d.mts → nextjs-D-maqrNz.d.mts} +1 -1
- package/dist/registration/index.d.mts +4 -3
- package/dist/registration/index.d.ts +4 -3
- package/dist/registration/index.js +4 -1
- package/dist/registration/index.js.map +1 -1
- package/dist/registration/index.mjs +4 -1
- package/dist/registration/index.mjs.map +1 -1
- package/dist/{sdk-5U_CBRpr.d.mts → sdk-767LaEP8.d.mts} +1 -1
- package/dist/{sdk-Bm8np66n.d.ts → sdk-K8IgssHI.d.ts} +1 -1
- package/dist/transport/index.d.mts +2 -2
- package/dist/transport/index.d.ts +2 -2
- package/dist/transport/index.js +10 -0
- package/dist/transport/index.js.map +1 -1
- package/dist/transport/index.mjs +10 -0
- package/dist/transport/index.mjs.map +1 -1
- package/dist/{types-B3USs-Kx.d.mts → types-Cuh7ELfr.d.mts} +25 -0
- package/dist/{types-B3USs-Kx.d.ts → types-Cuh7ELfr.d.ts} +25 -0
- package/dist/{types-CgDCUfo8.d.mts → types-CyFwZ_Yu.d.mts} +1 -1
- package/dist/{types-R5N4ET6x.d.ts → types-WIRp_BP_.d.ts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +1 -1
|
@@ -482,6 +482,22 @@ interface RouteAccessConfig {
|
|
|
482
482
|
allowedJurisdictions?: string[];
|
|
483
483
|
/** Maximum transaction value for this route */
|
|
484
484
|
maxTransactionValue?: number;
|
|
485
|
+
/**
|
|
486
|
+
* Backend-evaluator strict mode (audit F-A1-09): when true AND
|
|
487
|
+
* `allowedPurposes` is non-empty, verify-access denies requests arriving
|
|
488
|
+
* WITHOUT a purpose. Configured in the dashboard; passed through here.
|
|
489
|
+
*/
|
|
490
|
+
requirePurpose?: boolean;
|
|
491
|
+
/**
|
|
492
|
+
* SEND-mapping (Bug 14, §4.6) — not an allow-list: the PDLSS tokens the
|
|
493
|
+
* middleware STAMPS on verify-access calls matching this route, replacing
|
|
494
|
+
* the generic `data`/`data.*` method-table fallback. `purpose` = bare
|
|
495
|
+
* category noun (`shopping`, `trading`); `action` = dotted verb
|
|
496
|
+
* (`shopping.search`, `trading.execute`). Authoritative over agent-supplied
|
|
497
|
+
* headers — the dashboard is merchant policy, the way MCP toolGates are.
|
|
498
|
+
*/
|
|
499
|
+
purpose?: string;
|
|
500
|
+
action?: string;
|
|
485
501
|
}
|
|
486
502
|
/**
|
|
487
503
|
* Express middleware options.
|
|
@@ -500,6 +516,15 @@ interface ExpressMiddlewareOptions extends GatewayConfig {
|
|
|
500
516
|
extractCredentials?: (req: unknown) => AgentCredentials;
|
|
501
517
|
/** Function to extract purpose from request */
|
|
502
518
|
extractPurpose?: (req: unknown) => string | undefined;
|
|
519
|
+
/**
|
|
520
|
+
* Function to extract the PDLSS action from a request — symmetric with
|
|
521
|
+
* `extractPurpose` (Bug 14, §4.6: the action axis previously had NO
|
|
522
|
+
* override and hardwired the HTTP verb). When configured it masks the
|
|
523
|
+
* `X-Astra-Action` header step; returning undefined falls through to the
|
|
524
|
+
* pinned method→action table (GET→data.read, POST/PUT/PATCH→data.write,
|
|
525
|
+
* DELETE→data.delete). Dashboard route mapping still outranks it.
|
|
526
|
+
*/
|
|
527
|
+
extractAction?: (req: unknown) => string | undefined;
|
|
503
528
|
/** Skip verification for certain paths */
|
|
504
529
|
skipPaths?: string[];
|
|
505
530
|
/** Custom response for denied requests */
|
|
@@ -482,6 +482,22 @@ interface RouteAccessConfig {
|
|
|
482
482
|
allowedJurisdictions?: string[];
|
|
483
483
|
/** Maximum transaction value for this route */
|
|
484
484
|
maxTransactionValue?: number;
|
|
485
|
+
/**
|
|
486
|
+
* Backend-evaluator strict mode (audit F-A1-09): when true AND
|
|
487
|
+
* `allowedPurposes` is non-empty, verify-access denies requests arriving
|
|
488
|
+
* WITHOUT a purpose. Configured in the dashboard; passed through here.
|
|
489
|
+
*/
|
|
490
|
+
requirePurpose?: boolean;
|
|
491
|
+
/**
|
|
492
|
+
* SEND-mapping (Bug 14, §4.6) — not an allow-list: the PDLSS tokens the
|
|
493
|
+
* middleware STAMPS on verify-access calls matching this route, replacing
|
|
494
|
+
* the generic `data`/`data.*` method-table fallback. `purpose` = bare
|
|
495
|
+
* category noun (`shopping`, `trading`); `action` = dotted verb
|
|
496
|
+
* (`shopping.search`, `trading.execute`). Authoritative over agent-supplied
|
|
497
|
+
* headers — the dashboard is merchant policy, the way MCP toolGates are.
|
|
498
|
+
*/
|
|
499
|
+
purpose?: string;
|
|
500
|
+
action?: string;
|
|
485
501
|
}
|
|
486
502
|
/**
|
|
487
503
|
* Express middleware options.
|
|
@@ -500,6 +516,15 @@ interface ExpressMiddlewareOptions extends GatewayConfig {
|
|
|
500
516
|
extractCredentials?: (req: unknown) => AgentCredentials;
|
|
501
517
|
/** Function to extract purpose from request */
|
|
502
518
|
extractPurpose?: (req: unknown) => string | undefined;
|
|
519
|
+
/**
|
|
520
|
+
* Function to extract the PDLSS action from a request — symmetric with
|
|
521
|
+
* `extractPurpose` (Bug 14, §4.6: the action axis previously had NO
|
|
522
|
+
* override and hardwired the HTTP verb). When configured it masks the
|
|
523
|
+
* `X-Astra-Action` header step; returning undefined falls through to the
|
|
524
|
+
* pinned method→action table (GET→data.read, POST/PUT/PATCH→data.write,
|
|
525
|
+
* DELETE→data.delete). Dashboard route mapping still outranks it.
|
|
526
|
+
*/
|
|
527
|
+
extractAction?: (req: unknown) => string | undefined;
|
|
503
528
|
/** Skip verification for certain paths */
|
|
504
529
|
skipPaths?: string[];
|
|
505
530
|
/** Custom response for denied requests */
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-
|
|
1
|
+
import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-Cuh7ELfr.mjs';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-
|
|
1
|
+
import { A as AccessLevel, c as CounterpartyType, T as TokenGuidance } from './types-Cuh7ELfr.js';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* AstraSync Gateway - Types for gateway modes, local evaluation, and adapter interface.
|
package/dist/ui/index.d.mts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-
|
|
1
|
+
import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-Cuh7ELfr.mjs';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* AstraSync Commerce Shield Component
|
package/dist/ui/index.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-
|
|
1
|
+
import { C as CommerceShieldProps, i as VerificationResult, a as AgentCredentials, e as GuidanceInfo, h as TrustLevel } from '../types-Cuh7ELfr.js';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* AstraSync Commerce Shield Component
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@astrasyncai/verification-gateway",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.1.0",
|
|
4
4
|
"description": "AstraSync KYA Platform SDK — counterparty verification gateway (verify incoming requests) + agent registration (register AI agents with the KYA backend).",
|
|
5
5
|
"main": "./dist/index.js",
|
|
6
6
|
"module": "./dist/index.mjs",
|