@atlasent/sdk 2.12.0 → 2.13.0

package/README.md

@@ -27,6 +27,15 @@ if (!gate.allowed) {
 
 That's it. `deployGate()` performs the V1 Deploy Gate sequence against `production.deploy`: `evaluate()` calls `POST /v1-evaluate`, receives a permit when allowed, then `verifyPermit()` calls `POST /v1-verify-permit` before your deployment can run. A clean `deny` is returned as a block result — network / server / auth failures are thrown.
 
+## Why two calls? (the mental model)
+
+AtlaSent is **authorize-before-execute**, not after-the-fact logging. The two-step pattern is intentional:
+
+1. **`evaluate()`** asks the policy engine: "should this action run?" Returns a decision and, when allowed, a single-use **permit token** — a cryptographic proof that evaluation happened.
+2. **`verifyPermit()`** consumes the permit server-side *before* the action executes. This is what makes the audit chain tamper-evident: every execution is hash-linked to the evaluation that authorized it, and no permit can be replayed.
+
+**You rarely call them separately.** `deployGate()` wraps both steps for deploy workflows. The Python SDK's `protect()` wraps them for arbitrary actions. Use the raw two-step form only when something external — a human approval, a change-window check — needs to happen *between* evaluate and execute (evaluate → wait → verify → run).
+
 ## Simple V1 surface
 
 ```ts

package/dist/hono.cjs

@@ -1943,6 +1943,48 @@ var AtlaSentClient = class {
       break;
     }
   }
+  // ── License verification (self-hosted / air-gapped) ──────────────────────
+  /**
+   * Retrieve the license status of this self-hosted or air-gapped deployment.
+   *
+   * Calls `GET /v1/license`. Returns the current validity state, expiry,
+   * enabled feature flags, and optional capacity limits for the installed
+   * license key.
+   *
+   * Callers should check `result.status === "active"` before proceeding.
+   * A `"grace"` status means the license has lapsed but a grace window
+   * (`grace_until`) is still open — the deployment continues to function
+   * but the license should be renewed immediately.
+   *
+   * Throws {@link AtlaSentError} on transport / auth failures.
+   */
+  async getLicense() {
+    const { body, rateLimit } = await this.get("/v1/license");
+    return { ...body, rateLimit };
+  }
+  /**
+   * Validate a signed license blob against this deployment's installed
+   * public key.
+   *
+   * Calls `POST /v1/license/verify`. Use this when onboarding a new license
+   * key or rotating an expiring one — submit the blob received from AtlaSent
+   * and check `result.valid` before applying the new license.
+   *
+   * A `valid: false` response is **not** thrown — inspect the returned
+   * object. Only transport / server errors throw {@link AtlaSentError}.
+   *
+   * @param blob — The signed license blob string provided by AtlaSent.
+   */
+  async verifyLicense(blob) {
+    if (!blob || typeof blob !== "string") {
+      throw new AtlaSentError("blob is required", { code: "bad_request" });
+    }
+    const { body, rateLimit } = await this.post(
+      "/v1/license/verify",
+      { blob }
+    );
+    return { ...body, rateLimit };
+  }
   async post(path, body, query) {
     return this.request(path, "POST", body, query);
   }