@astrasyncai/verification-gateway 3.2.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (79) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +24 -1
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +24 -1
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/mcp.d.mts +1 -1
  10. package/dist/adapters/mcp.d.ts +1 -1
  11. package/dist/adapters/mcp.js +24 -1
  12. package/dist/adapters/mcp.js.map +1 -1
  13. package/dist/adapters/mcp.mjs +24 -1
  14. package/dist/adapters/mcp.mjs.map +1 -1
  15. package/dist/adapters/nextjs.d.mts +2 -2
  16. package/dist/adapters/nextjs.d.ts +2 -2
  17. package/dist/adapters/nextjs.js +19 -3
  18. package/dist/adapters/nextjs.js.map +1 -1
  19. package/dist/adapters/nextjs.mjs +19 -3
  20. package/dist/adapters/nextjs.mjs.map +1 -1
  21. package/dist/adapters/sdk.d.mts +2 -2
  22. package/dist/adapters/sdk.d.ts +2 -2
  23. package/dist/adapters/sdk.js +1 -1
  24. package/dist/adapters/sdk.js.map +1 -1
  25. package/dist/adapters/sdk.mjs +1 -1
  26. package/dist/adapters/sdk.mjs.map +1 -1
  27. package/dist/agent/index.d.mts +2 -2
  28. package/dist/agent/index.d.ts +2 -2
  29. package/dist/browser/background.js +1 -1
  30. package/dist/browser/background.js.map +1 -1
  31. package/dist/browser/background.mjs +1 -1
  32. package/dist/browser/background.mjs.map +1 -1
  33. package/dist/browser/browser-adapter.d.mts +2 -2
  34. package/dist/browser/browser-adapter.d.ts +2 -2
  35. package/dist/cli/index.d.mts +2 -2
  36. package/dist/cli/index.d.ts +2 -2
  37. package/dist/cursor/cursor-adapter.d.mts +2 -2
  38. package/dist/cursor/cursor-adapter.d.ts +2 -2
  39. package/dist/cursor/extension.d.mts +2 -2
  40. package/dist/cursor/extension.d.ts +2 -2
  41. package/dist/cursor/extension.js +1 -1
  42. package/dist/cursor/extension.js.map +1 -1
  43. package/dist/cursor/extension.mjs +1 -1
  44. package/dist/cursor/extension.mjs.map +1 -1
  45. package/dist/{express-CeoSdOAZ.d.mts → express-DAOTESQo.d.mts} +1 -1
  46. package/dist/{express-BowlMHQF.d.ts → express-Lb8-Ybio.d.ts} +1 -1
  47. package/dist/gateway/gateway.d.mts +2 -2
  48. package/dist/gateway/gateway.d.ts +2 -2
  49. package/dist/gateway/gateway.js +1 -1
  50. package/dist/gateway/gateway.js.map +1 -1
  51. package/dist/gateway/gateway.mjs +1 -1
  52. package/dist/gateway/gateway.mjs.map +1 -1
  53. package/dist/git-trigger/git-hooks.d.mts +2 -2
  54. package/dist/git-trigger/git-hooks.d.ts +2 -2
  55. package/dist/{index-DtGziFEm.d.mts → index-BLeiWFLu.d.mts} +1 -1
  56. package/dist/{index-DBmlycVm.d.ts → index-DFwfHOGj.d.ts} +1 -1
  57. package/dist/{index-DzXXBuLm.d.ts → index-E3fAidVt.d.ts} +1 -1
  58. package/dist/{index-B51W8gn8.d.mts → index-kxLJ873R.d.mts} +1 -1
  59. package/dist/index.d.mts +55 -8
  60. package/dist/index.d.ts +55 -8
  61. package/dist/index.js +89 -3
  62. package/dist/index.js.map +1 -1
  63. package/dist/index.mjs +88 -3
  64. package/dist/index.mjs.map +1 -1
  65. package/dist/local-evaluator/evaluator.d.mts +2 -2
  66. package/dist/local-evaluator/evaluator.d.ts +2 -2
  67. package/dist/{nextjs-V_K0qlAQ.d.ts → nextjs-BXK0nD73.d.ts} +1 -1
  68. package/dist/{nextjs-BW1rzr1I.d.mts → nextjs-CFQ_KDFf.d.mts} +1 -1
  69. package/dist/{sdk-ZYgI7G9f.d.ts → sdk-C7qAfpGB.d.ts} +1 -1
  70. package/dist/{sdk-e5jg7sqW.d.mts → sdk-D1MuiiNz.d.mts} +1 -1
  71. package/dist/transport/index.d.mts +2 -2
  72. package/dist/transport/index.d.ts +2 -2
  73. package/dist/{types-DJi-u3fz.d.ts → types-B6uD4jAI.d.ts} +1 -1
  74. package/dist/{types-rFh4VMH4.d.mts → types-B_wnd7ZX.d.mts} +1 -1
  75. package/dist/{types-rFh4VMH4.d.ts → types-B_wnd7ZX.d.ts} +1 -1
  76. package/dist/{types-BNiLZY0i.d.mts → types-ClvUqrEm.d.mts} +1 -1
  77. package/dist/ui/index.d.mts +1 -1
  78. package/dist/ui/index.d.ts +1 -1
  79. package/package.json +1 -1
@@ -7,7 +7,7 @@ function getTrustLevel(score) {
7
7
  }
8
8
 
9
9
  // src/version.ts
10
- var SDK_VERSION = "3.2.0";
10
+ var SDK_VERSION = "3.3.0";
11
11
 
12
12
  // src/well-known.ts
13
13
  var CACHE_TTL_MS = 60 * 60 * 1e3;
@@ -613,6 +613,19 @@ function resolveHttpPdlss(input) {
613
613
  return { purpose, action, purposeSource, actionSource };
614
614
  }
615
615
 
616
+ // src/adapters/approval-gate.ts
617
+ var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval, which is not yet available - it cannot be completed automatically.";
618
+ function requiresHumanApproval(result) {
619
+ return result.requiresStepUp === true || result.requiresApproval === true;
620
+ }
621
+ function annotateApprovalRequired(result) {
622
+ result.failures = [
623
+ ...result.failures ?? [],
624
+ { dimension: "commerce.intent.approval_required", message: APPROVAL_REASON }
625
+ ];
626
+ result.denialReasons = [APPROVAL_REASON, ...result.denialReasons ?? []];
627
+ }
628
+
616
629
  // src/adapters/nextjs.ts
617
630
  function escapeHtml(value) {
618
631
  return value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
@@ -972,7 +985,9 @@ function createMiddleware(options) {
972
985
  agentCardUrl: request.headers.get("x-astrasync-agent-card") || void 0
973
986
  }
974
987
  });
975
- if (!result.identityVerified || !result.policyAllowed) {
988
+ const approvalRequired = result.identityVerified && result.policyAllowed && requiresHumanApproval(result);
989
+ if (approvalRequired) annotateApprovalRequired(result);
990
+ if (!result.identityVerified || !result.policyAllowed || approvalRequired) {
976
991
  if (pathname.startsWith("/api/")) {
977
992
  return NextResponse.json(
978
993
  {
@@ -982,7 +997,8 @@ function createMiddleware(options) {
982
997
  // OK, policy denied (update PDLSS / step up).
983
998
  code: !result.identityVerified ? "UNAUTHORIZED" : "POLICY_DENIED",
984
999
  message: result.denialReasons?.[0] || "Access denied",
985
- guidance: result.guidance
1000
+ guidance: result.guidance,
1001
+ failures: result.failures
986
1002
  }
987
1003
  },
988
1004
  { status: !result.identityVerified ? 401 : 403 }