@astrasyncai/verification-gateway 3.2.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (79) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +24 -1
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +24 -1
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/mcp.d.mts +1 -1
  10. package/dist/adapters/mcp.d.ts +1 -1
  11. package/dist/adapters/mcp.js +24 -1
  12. package/dist/adapters/mcp.js.map +1 -1
  13. package/dist/adapters/mcp.mjs +24 -1
  14. package/dist/adapters/mcp.mjs.map +1 -1
  15. package/dist/adapters/nextjs.d.mts +2 -2
  16. package/dist/adapters/nextjs.d.ts +2 -2
  17. package/dist/adapters/nextjs.js +19 -3
  18. package/dist/adapters/nextjs.js.map +1 -1
  19. package/dist/adapters/nextjs.mjs +19 -3
  20. package/dist/adapters/nextjs.mjs.map +1 -1
  21. package/dist/adapters/sdk.d.mts +2 -2
  22. package/dist/adapters/sdk.d.ts +2 -2
  23. package/dist/adapters/sdk.js +1 -1
  24. package/dist/adapters/sdk.js.map +1 -1
  25. package/dist/adapters/sdk.mjs +1 -1
  26. package/dist/adapters/sdk.mjs.map +1 -1
  27. package/dist/agent/index.d.mts +2 -2
  28. package/dist/agent/index.d.ts +2 -2
  29. package/dist/browser/background.js +1 -1
  30. package/dist/browser/background.js.map +1 -1
  31. package/dist/browser/background.mjs +1 -1
  32. package/dist/browser/background.mjs.map +1 -1
  33. package/dist/browser/browser-adapter.d.mts +2 -2
  34. package/dist/browser/browser-adapter.d.ts +2 -2
  35. package/dist/cli/index.d.mts +2 -2
  36. package/dist/cli/index.d.ts +2 -2
  37. package/dist/cursor/cursor-adapter.d.mts +2 -2
  38. package/dist/cursor/cursor-adapter.d.ts +2 -2
  39. package/dist/cursor/extension.d.mts +2 -2
  40. package/dist/cursor/extension.d.ts +2 -2
  41. package/dist/cursor/extension.js +1 -1
  42. package/dist/cursor/extension.js.map +1 -1
  43. package/dist/cursor/extension.mjs +1 -1
  44. package/dist/cursor/extension.mjs.map +1 -1
  45. package/dist/{express-CeoSdOAZ.d.mts → express-DAOTESQo.d.mts} +1 -1
  46. package/dist/{express-BowlMHQF.d.ts → express-Lb8-Ybio.d.ts} +1 -1
  47. package/dist/gateway/gateway.d.mts +2 -2
  48. package/dist/gateway/gateway.d.ts +2 -2
  49. package/dist/gateway/gateway.js +1 -1
  50. package/dist/gateway/gateway.js.map +1 -1
  51. package/dist/gateway/gateway.mjs +1 -1
  52. package/dist/gateway/gateway.mjs.map +1 -1
  53. package/dist/git-trigger/git-hooks.d.mts +2 -2
  54. package/dist/git-trigger/git-hooks.d.ts +2 -2
  55. package/dist/{index-DtGziFEm.d.mts → index-BLeiWFLu.d.mts} +1 -1
  56. package/dist/{index-DBmlycVm.d.ts → index-DFwfHOGj.d.ts} +1 -1
  57. package/dist/{index-DzXXBuLm.d.ts → index-E3fAidVt.d.ts} +1 -1
  58. package/dist/{index-B51W8gn8.d.mts → index-kxLJ873R.d.mts} +1 -1
  59. package/dist/index.d.mts +55 -8
  60. package/dist/index.d.ts +55 -8
  61. package/dist/index.js +89 -3
  62. package/dist/index.js.map +1 -1
  63. package/dist/index.mjs +88 -3
  64. package/dist/index.mjs.map +1 -1
  65. package/dist/local-evaluator/evaluator.d.mts +2 -2
  66. package/dist/local-evaluator/evaluator.d.ts +2 -2
  67. package/dist/{nextjs-V_K0qlAQ.d.ts → nextjs-BXK0nD73.d.ts} +1 -1
  68. package/dist/{nextjs-BW1rzr1I.d.mts → nextjs-CFQ_KDFf.d.mts} +1 -1
  69. package/dist/{sdk-ZYgI7G9f.d.ts → sdk-C7qAfpGB.d.ts} +1 -1
  70. package/dist/{sdk-e5jg7sqW.d.mts → sdk-D1MuiiNz.d.mts} +1 -1
  71. package/dist/transport/index.d.mts +2 -2
  72. package/dist/transport/index.d.ts +2 -2
  73. package/dist/{types-DJi-u3fz.d.ts → types-B6uD4jAI.d.ts} +1 -1
  74. package/dist/{types-rFh4VMH4.d.mts → types-B_wnd7ZX.d.mts} +1 -1
  75. package/dist/{types-rFh4VMH4.d.ts → types-B_wnd7ZX.d.ts} +1 -1
  76. package/dist/{types-BNiLZY0i.d.mts → types-ClvUqrEm.d.mts} +1 -1
  77. package/dist/ui/index.d.mts +1 -1
  78. package/dist/ui/index.d.ts +1 -1
  79. package/package.json +1 -1
@@ -1,3 +1,3 @@
1
1
  import 'next/server';
2
- import '../types-rFh4VMH4.mjs';
3
- export { c as createMatcherConfig, a as createMiddleware } from '../nextjs-BW1rzr1I.mjs';
2
+ import '../types-B_wnd7ZX.mjs';
3
+ export { c as createMatcherConfig, a as createMiddleware } from '../nextjs-CFQ_KDFf.mjs';
@@ -1,3 +1,3 @@
1
1
  import 'next/server';
2
- import '../types-rFh4VMH4.js';
3
- export { c as createMatcherConfig, a as createMiddleware } from '../nextjs-V_K0qlAQ.js';
2
+ import '../types-B_wnd7ZX.js';
3
+ export { c as createMatcherConfig, a as createMiddleware } from '../nextjs-BXK0nD73.js';
@@ -44,7 +44,7 @@ function getTrustLevel(score) {
44
44
  }
45
45
 
46
46
  // src/version.ts
47
- var SDK_VERSION = "3.2.0";
47
+ var SDK_VERSION = "3.3.0";
48
48
 
49
49
  // src/well-known.ts
50
50
  var CACHE_TTL_MS = 60 * 60 * 1e3;
@@ -650,6 +650,19 @@ function resolveHttpPdlss(input) {
650
650
  return { purpose, action, purposeSource, actionSource };
651
651
  }
652
652
 
653
+ // src/adapters/approval-gate.ts
654
+ var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval, which is not yet available - it cannot be completed automatically.";
655
+ function requiresHumanApproval(result) {
656
+ return result.requiresStepUp === true || result.requiresApproval === true;
657
+ }
658
+ function annotateApprovalRequired(result) {
659
+ result.failures = [
660
+ ...result.failures ?? [],
661
+ { dimension: "commerce.intent.approval_required", message: APPROVAL_REASON }
662
+ ];
663
+ result.denialReasons = [APPROVAL_REASON, ...result.denialReasons ?? []];
664
+ }
665
+
653
666
  // src/adapters/nextjs.ts
654
667
  function escapeHtml(value) {
655
668
  return value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
@@ -1009,7 +1022,9 @@ function createMiddleware(options) {
1009
1022
  agentCardUrl: request.headers.get("x-astrasync-agent-card") || void 0
1010
1023
  }
1011
1024
  });
1012
- if (!result.identityVerified || !result.policyAllowed) {
1025
+ const approvalRequired = result.identityVerified && result.policyAllowed && requiresHumanApproval(result);
1026
+ if (approvalRequired) annotateApprovalRequired(result);
1027
+ if (!result.identityVerified || !result.policyAllowed || approvalRequired) {
1013
1028
  if (pathname.startsWith("/api/")) {
1014
1029
  return NextResponse.json(
1015
1030
  {
@@ -1019,7 +1034,8 @@ function createMiddleware(options) {
1019
1034
  // OK, policy denied (update PDLSS / step up).
1020
1035
  code: !result.identityVerified ? "UNAUTHORIZED" : "POLICY_DENIED",
1021
1036
  message: result.denialReasons?.[0] || "Access denied",
1022
- guidance: result.guidance
1037
+ guidance: result.guidance,
1038
+ failures: result.failures
1023
1039
  }
1024
1040
  },
1025
1041
  { status: !result.identityVerified ? 401 : 403 }