@astrasyncai/verification-gateway 3.3.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (83) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +9 -4
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +9 -4
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/mcp.d.mts +1 -1
  10. package/dist/adapters/mcp.d.ts +1 -1
  11. package/dist/adapters/mcp.js +9 -4
  12. package/dist/adapters/mcp.js.map +1 -1
  13. package/dist/adapters/mcp.mjs +9 -4
  14. package/dist/adapters/mcp.mjs.map +1 -1
  15. package/dist/adapters/nextjs.d.mts +2 -2
  16. package/dist/adapters/nextjs.d.ts +2 -2
  17. package/dist/adapters/nextjs.js +9 -4
  18. package/dist/adapters/nextjs.js.map +1 -1
  19. package/dist/adapters/nextjs.mjs +9 -4
  20. package/dist/adapters/nextjs.mjs.map +1 -1
  21. package/dist/adapters/sdk.d.mts +2 -2
  22. package/dist/adapters/sdk.d.ts +2 -2
  23. package/dist/adapters/sdk.js +6 -2
  24. package/dist/adapters/sdk.js.map +1 -1
  25. package/dist/adapters/sdk.mjs +6 -2
  26. package/dist/adapters/sdk.mjs.map +1 -1
  27. package/dist/agent/index.d.mts +2 -2
  28. package/dist/agent/index.d.ts +2 -2
  29. package/dist/browser/background.js +2813 -2342
  30. package/dist/browser/background.js.map +1 -1
  31. package/dist/browser/background.mjs +2813 -2342
  32. package/dist/browser/background.mjs.map +1 -1
  33. package/dist/browser/browser-adapter.d.mts +2 -2
  34. package/dist/browser/browser-adapter.d.ts +2 -2
  35. package/dist/cli/index.d.mts +2 -2
  36. package/dist/cli/index.d.ts +2 -2
  37. package/dist/cli/index.js +2813 -2346
  38. package/dist/cli/index.js.map +1 -1
  39. package/dist/cli/index.mjs +2813 -2346
  40. package/dist/cli/index.mjs.map +1 -1
  41. package/dist/cursor/cursor-adapter.d.mts +2 -2
  42. package/dist/cursor/cursor-adapter.d.ts +2 -2
  43. package/dist/cursor/extension.d.mts +2 -2
  44. package/dist/cursor/extension.d.ts +2 -2
  45. package/dist/cursor/extension.js +2814 -2343
  46. package/dist/cursor/extension.js.map +1 -1
  47. package/dist/cursor/extension.mjs +2816 -2345
  48. package/dist/cursor/extension.mjs.map +1 -1
  49. package/dist/{express-DAOTESQo.d.mts → express-CeFvNWDD.d.mts} +1 -1
  50. package/dist/{express-Lb8-Ybio.d.ts → express-RIh05wW2.d.ts} +1 -1
  51. package/dist/gateway/gateway.d.mts +2 -2
  52. package/dist/gateway/gateway.d.ts +2 -2
  53. package/dist/gateway/gateway.js +2813 -2342
  54. package/dist/gateway/gateway.js.map +1 -1
  55. package/dist/gateway/gateway.mjs +2815 -2344
  56. package/dist/gateway/gateway.mjs.map +1 -1
  57. package/dist/git-trigger/git-hooks.d.mts +2 -2
  58. package/dist/git-trigger/git-hooks.d.ts +2 -2
  59. package/dist/{index-DFwfHOGj.d.ts → index-BYu1FKMy.d.ts} +1 -1
  60. package/dist/{index-kxLJ873R.d.mts → index-Bw4FeHMY.d.mts} +1 -1
  61. package/dist/{index-E3fAidVt.d.ts → index-C-K0WCrk.d.ts} +1 -1
  62. package/dist/{index-BLeiWFLu.d.mts → index-DgVBEiwI.d.mts} +1 -1
  63. package/dist/index.d.mts +11 -9
  64. package/dist/index.d.ts +11 -9
  65. package/dist/index.js +16 -8
  66. package/dist/index.js.map +1 -1
  67. package/dist/index.mjs +16 -8
  68. package/dist/index.mjs.map +1 -1
  69. package/dist/local-evaluator/evaluator.d.mts +2 -2
  70. package/dist/local-evaluator/evaluator.d.ts +2 -2
  71. package/dist/{nextjs-BXK0nD73.d.ts → nextjs--xR9zbSJ.d.ts} +1 -1
  72. package/dist/{nextjs-CFQ_KDFf.d.mts → nextjs-xciaMpsZ.d.mts} +1 -1
  73. package/dist/{sdk-D1MuiiNz.d.mts → sdk-CJYCLMI0.d.mts} +1 -1
  74. package/dist/{sdk-C7qAfpGB.d.ts → sdk-FP7xT9F8.d.ts} +1 -1
  75. package/dist/transport/index.d.mts +2 -2
  76. package/dist/transport/index.d.ts +2 -2
  77. package/dist/{types-ClvUqrEm.d.mts → types-Cj92yKeA.d.mts} +1 -1
  78. package/dist/{types-B_wnd7ZX.d.mts → types-Cwrvo30g.d.mts} +30 -1
  79. package/dist/{types-B_wnd7ZX.d.ts → types-Cwrvo30g.d.ts} +30 -1
  80. package/dist/{types-B6uD4jAI.d.ts → types-DOeL-dIw.d.ts} +1 -1
  81. package/dist/ui/index.d.mts +1 -1
  82. package/dist/ui/index.d.ts +1 -1
  83. package/package.json +1 -1
@@ -1,6 +1,6 @@
1
1
  import { AstraSyncGateway } from '../gateway/gateway.mjs';
2
- import { V as VerificationDecision, P as PDLSSContext } from '../types-ClvUqrEm.mjs';
3
- import '../types-B_wnd7ZX.mjs';
2
+ import { V as VerificationDecision, P as PDLSSContext } from '../types-Cj92yKeA.mjs';
3
+ import '../types-Cwrvo30g.mjs';
4
4
 
5
5
  /**
6
6
  * Git Trigger — Enterprise git push / PR verification
@@ -1,6 +1,6 @@
1
1
  import { AstraSyncGateway } from '../gateway/gateway.js';
2
- import { V as VerificationDecision, P as PDLSSContext } from '../types-B6uD4jAI.js';
3
- import '../types-B_wnd7ZX.js';
2
+ import { V as VerificationDecision, P as PDLSSContext } from '../types-DOeL-dIw.js';
3
+ import '../types-Cwrvo30g.js';
4
4
 
5
5
  /**
6
6
  * Git Trigger — Enterprise git push / PR verification
@@ -1,4 +1,4 @@
1
- import { c as AstraSyncCredentials, g as ProtocolTransport, G as GatewayConfig } from './types-B_wnd7ZX.js';
1
+ import { c as AstraSyncCredentials, g as ProtocolTransport, G as GatewayConfig } from './types-Cwrvo30g.js';
2
2
 
3
3
  /**
4
4
  * AgentClient — Credential Presentation
@@ -1,4 +1,4 @@
1
- import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-B_wnd7ZX.mjs';
1
+ import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-Cwrvo30g.mjs';
2
2
  import { JWK } from 'jose';
3
3
 
4
4
  /**
@@ -1,4 +1,4 @@
1
- import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-B_wnd7ZX.js';
1
+ import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-Cwrvo30g.js';
2
2
  import { JWK } from 'jose';
3
3
 
4
4
  /**
@@ -1,4 +1,4 @@
1
- import { c as AstraSyncCredentials, g as ProtocolTransport, G as GatewayConfig } from './types-B_wnd7ZX.mjs';
1
+ import { c as AstraSyncCredentials, g as ProtocolTransport, G as GatewayConfig } from './types-Cwrvo30g.mjs';
2
2
 
3
3
  /**
4
4
  * AgentClient — Credential Presentation
package/dist/index.d.mts CHANGED
@@ -1,12 +1,12 @@
1
- import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest, j as VerificationResult, E as EnhancedVerificationResult, A as AccessFailure } from './types-B_wnd7ZX.mjs';
2
- export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance, i as TrustLevel, k as VerifiedAgent, l as VerifiedDeveloper, m as VerifiedOrganization } from './types-B_wnd7ZX.mjs';
3
- export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-D1MuiiNz.mjs';
4
- export { e as express } from './express-DAOTESQo.mjs';
5
- export { n as nextjs } from './nextjs-CFQ_KDFf.mjs';
6
- export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-kxLJ873R.mjs';
1
+ import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest, l as VerificationResult, E as EnhancedVerificationResult, A as AccessFailure, j as StepUpApprovalInfo } from './types-Cwrvo30g.mjs';
2
+ export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, i as SettlementArtifact, T as TokenGuidance, k as TrustLevel, m as VerifiedAgent, n as VerifiedDeveloper, o as VerifiedOrganization } from './types-Cwrvo30g.mjs';
3
+ export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-CJYCLMI0.mjs';
4
+ export { e as express } from './express-CeFvNWDD.mjs';
5
+ export { n as nextjs } from './nextjs-xciaMpsZ.mjs';
6
+ export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-Bw4FeHMY.mjs';
7
7
  export { McpMiddlewareOptions, ToolGateConfig, createMcpMiddleware } from './adapters/mcp.mjs';
8
8
  export { AgentProtocol, AgentRecord, AstraSync, AstraSyncConfig, AstraSyncError, AuthenticationError, BuildGuidanceParams, FrameworkConfig, GuidanceEnvelope, HealthResponse, KYDRequiredError, ModelConfig, PDLSSConfig, PDLSSDuration, PDLSSLimits, PDLSSPurpose, PDLSSScope, PDLSSSelfInstantiation, PendingRegistrationResponse, PollRegistrationResult, RegisterOptions, RegisterResult, RegistrationDeniedError, RegistrationExpiredError, RegistrationResponse, RegistrationTimeoutError, VerifyResponse, WaitForApprovalOptions, buildGuidance } from './registration/index.mjs';
9
- export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-BLeiWFLu.mjs';
9
+ export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-DgVBEiwI.mjs';
10
10
  import 'express';
11
11
  import 'next/server';
12
12
  import 'jose';
@@ -87,6 +87,8 @@ interface SettlementDecision {
87
87
  reason?: string;
88
88
  failures?: AccessFailure[];
89
89
  correlationId?: string;
90
+ /** Present when the transaction is in the human-approval band — the owner can approve via the poll URL. */
91
+ stepUpApproval?: StepUpApprovalInfo;
90
92
  }
91
93
  /**
92
94
  * Authorize a settlement of `value` for `agentId` against the agent's PDLSS
@@ -152,6 +154,6 @@ declare function getCachedWellKnownUrls(apiBaseUrl: string): WellKnownAgenticCom
152
154
  * @packageDocumentation
153
155
  */
154
156
 
155
- declare const VERSION = "2.0.0";
157
+ declare const VERSION = "3.4.0";
156
158
 
157
- export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
159
+ export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, StepUpApprovalInfo, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
package/dist/index.d.ts CHANGED
@@ -1,12 +1,12 @@
1
- import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest, j as VerificationResult, E as EnhancedVerificationResult, A as AccessFailure } from './types-B_wnd7ZX.js';
2
- export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance, i as TrustLevel, k as VerifiedAgent, l as VerifiedDeveloper, m as VerifiedOrganization } from './types-B_wnd7ZX.js';
3
- export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-C7qAfpGB.js';
4
- export { e as express } from './express-Lb8-Ybio.js';
5
- export { n as nextjs } from './nextjs-BXK0nD73.js';
6
- export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-E3fAidVt.js';
1
+ import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest, l as VerificationResult, E as EnhancedVerificationResult, A as AccessFailure, j as StepUpApprovalInfo } from './types-Cwrvo30g.js';
2
+ export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, i as SettlementArtifact, T as TokenGuidance, k as TrustLevel, m as VerifiedAgent, n as VerifiedDeveloper, o as VerifiedOrganization } from './types-Cwrvo30g.js';
3
+ export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-FP7xT9F8.js';
4
+ export { e as express } from './express-RIh05wW2.js';
5
+ export { n as nextjs } from './nextjs--xR9zbSJ.js';
6
+ export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-C-K0WCrk.js';
7
7
  export { McpMiddlewareOptions, ToolGateConfig, createMcpMiddleware } from './adapters/mcp.js';
8
8
  export { AgentProtocol, AgentRecord, AstraSync, AstraSyncConfig, AstraSyncError, AuthenticationError, BuildGuidanceParams, FrameworkConfig, GuidanceEnvelope, HealthResponse, KYDRequiredError, ModelConfig, PDLSSConfig, PDLSSDuration, PDLSSLimits, PDLSSPurpose, PDLSSScope, PDLSSSelfInstantiation, PendingRegistrationResponse, PollRegistrationResult, RegisterOptions, RegisterResult, RegistrationDeniedError, RegistrationExpiredError, RegistrationResponse, RegistrationTimeoutError, VerifyResponse, WaitForApprovalOptions, buildGuidance } from './registration/index.js';
9
- export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-DFwfHOGj.js';
9
+ export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-BYu1FKMy.js';
10
10
  import 'express';
11
11
  import 'next/server';
12
12
  import 'jose';
@@ -87,6 +87,8 @@ interface SettlementDecision {
87
87
  reason?: string;
88
88
  failures?: AccessFailure[];
89
89
  correlationId?: string;
90
+ /** Present when the transaction is in the human-approval band — the owner can approve via the poll URL. */
91
+ stepUpApproval?: StepUpApprovalInfo;
90
92
  }
91
93
  /**
92
94
  * Authorize a settlement of `value` for `agentId` against the agent's PDLSS
@@ -152,6 +154,6 @@ declare function getCachedWellKnownUrls(apiBaseUrl: string): WellKnownAgenticCom
152
154
  * @packageDocumentation
153
155
  */
154
156
 
155
- declare const VERSION = "2.0.0";
157
+ declare const VERSION = "3.4.0";
156
158
 
157
- export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
159
+ export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, StepUpApprovalInfo, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
package/dist/index.js CHANGED
@@ -611,7 +611,9 @@ async function verify(config, request) {
611
611
  // linking key (the sessionId-equivalent for anonymous callers).
612
612
  correlationId: apiResponse.correlationId,
613
613
  recommendation: apiResponse.recommendation,
614
- recommendationReasons: apiResponse.recommendationReasons
614
+ recommendationReasons: apiResponse.recommendationReasons,
615
+ stepUpApproval: apiResponse.stepUpApproval,
616
+ settlement: apiResponse.settlement
615
617
  };
616
618
  return result2;
617
619
  }
@@ -663,7 +665,9 @@ async function verify(config, request) {
663
665
  tokenGuidance: apiResponse.tokenGuidance,
664
666
  recommendation: apiResponse.recommendation,
665
667
  recommendationReasons: apiResponse.recommendationReasons,
666
- warningHeader: apiResponse.warningHeader
668
+ warningHeader: apiResponse.warningHeader,
669
+ stepUpApproval: apiResponse.stepUpApproval,
670
+ settlement: apiResponse.settlement
667
671
  };
668
672
  if (result.recommendation === "deny") {
669
673
  result.policyAllowed = false;
@@ -744,7 +748,7 @@ async function quickVerify(config, credentials) {
744
748
  }
745
749
 
746
750
  // src/adapters/approval-gate.ts
747
- var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval, which is not yet available - it cannot be completed automatically.";
751
+ var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval. The agent owner can approve or deny this transaction in the AstraSync dashboard.";
748
752
  function requiresHumanApproval(result) {
749
753
  return result.requiresStepUp === true || result.requiresApproval === true;
750
754
  }
@@ -800,7 +804,8 @@ async function authorizeSettlement(config, req) {
800
804
  recommendation,
801
805
  reason: authorized ? void 0 : result.denialReasons?.[0] ?? (requiresHumanApproval(result) ? "Transaction is above the autonomous limit and requires human approval; settlement cannot be authorized automatically." : "Settlement not authorized by the agent's PDLSS limits."),
802
806
  failures: result.failures,
803
- correlationId: result.correlationId
807
+ correlationId: result.correlationId,
808
+ stepUpApproval: requiresHumanApproval(result) ? result.stepUpApproval : void 0
804
809
  };
805
810
  }
806
811
 
@@ -1087,7 +1092,8 @@ function defaultOnDenied(result, _req, res) {
1087
1092
  guidance: result.guidance,
1088
1093
  // Round-10: aggregated per-dimension detail + correlation handle.
1089
1094
  failures: result.failures,
1090
- correlationId: result.correlationId
1095
+ correlationId: result.correlationId,
1096
+ stepUpApproval: result.stepUpApproval
1091
1097
  }
1092
1098
  });
1093
1099
  }
@@ -1737,7 +1743,8 @@ function createMiddleware2(options) {
1737
1743
  code: !result.identityVerified ? "UNAUTHORIZED" : "POLICY_DENIED",
1738
1744
  message: result.denialReasons?.[0] || "Access denied",
1739
1745
  guidance: result.guidance,
1740
- failures: result.failures
1746
+ failures: result.failures,
1747
+ stepUpApproval: result.stepUpApproval
1741
1748
  }
1742
1749
  },
1743
1750
  { status: !result.identityVerified ? 401 : 403 }
@@ -4637,7 +4644,8 @@ function defaultMcpDenied(result, req, res) {
4637
4644
  guidance: result.guidance,
4638
4645
  // Round-10: aggregated per-dimension detail + correlation handle.
4639
4646
  failures: result.failures,
4640
- correlationId: result.correlationId
4647
+ correlationId: result.correlationId,
4648
+ stepUpApproval: result.stepUpApproval
4641
4649
  }
4642
4650
  }
4643
4651
  });
@@ -5565,7 +5573,7 @@ async function recordDecision2(config, params) {
5565
5573
  }
5566
5574
 
5567
5575
  // src/index.ts
5568
- var VERSION = "2.0.0";
5576
+ var VERSION = "3.4.0";
5569
5577
  // Annotate the CommonJS export names for ESM import in node:
5570
5578
  0 && (module.exports = {
5571
5579
  ACCESS_LEVEL_DESCRIPTIONS,