@atlasent/sdk 2.12.0 → 2.13.0

package/dist/{protect-B6w-WQMB.d.cts → protect-Bk9q12ia.d.cts}

@@ -1389,6 +1389,80 @@ interface DecisionStreamEvent {
     previousHash?: string;
     occurredAt?: string;
 }
+/**
+ * License status for a self-hosted or air-gapped AtlaSent deployment.
+ *
+ * Returned by `GET /v1/license`. Describes the current validity, posture,
+ * features, and optional limits for the license key installed on this instance.
+ *
+ * Callers should check `status === "active"` before relying on `features`.
+ * A `"grace"` status means the license has expired but a grace period
+ * (`grace_until`) has not yet elapsed — enforcement is not yet suspended, but
+ * the license should be renewed immediately.
+ */
+interface LicenseStatus {
+    /**
+     * Current validity state of the license.
+     *
+     * - `"active"` — license is valid and within its expiry window.
+     * - `"grace"` — license has expired; a grace period (`grace_until`) applies.
+     * - `"expired"` — license has expired and the grace period has elapsed.
+     * - `"revoked"` — license has been explicitly revoked by AtlaSent.
+     */
+    status: "active" | "grace" | "expired" | "revoked";
+    /** Slug of the organization this license was issued to. */
+    org_slug: string;
+    /**
+     * Deployment posture the license was issued for.
+     *
+     * - `"self_hosted"` — customer-managed deployment with network access to the
+     *   AtlaSent license endpoint for periodic renewal checks.
+     * - `"air_gapped"` — fully offline deployment; license verification is
+     *   entirely local (signed blob checked against the embedded public key).
+     */
+    posture: "self_hosted" | "air_gapped";
+    /** ISO 8601 timestamp when the license expires. */
+    expires_at: string;
+    /**
+     * ISO 8601 timestamp when the grace period ends.
+     * Present only when `status === "grace"`.
+     */
+    grace_until?: string;
+    /**
+     * Feature flags enabled by this license (e.g. `"governance"`, `"bvs"`,
+     * `"federation"`). Check presence of a specific feature with
+     * `status.features.includes("feature_name")`.
+     */
+    features: string[];
+    /**
+     * Maximum evaluations per day allowed by this license.
+     * `undefined` means unlimited.
+     */
+    eval_limit?: number;
+    /**
+     * Maximum active seats (API key holders) allowed by this license.
+     * `undefined` means unlimited.
+     */
+    seat_limit?: number;
+}
+/**
+ * Result of submitting a license blob to `POST /v1/license/verify`.
+ *
+ * `valid` is the contract field — pin to it. When `valid` is `false`, the
+ * `error` field carries a machine-readable reason code such as
+ * `"SIGNATURE_INVALID"`, `"ORG_MISMATCH"`, `"LICENSE_EXPIRED"`, or
+ * `"LICENSE_REVOKED"`.
+ */
+interface LicenseVerifyResult {
+    /** `true` when the submitted blob passes all verification checks. */
+    valid: boolean;
+    /** Slug of the organization the submitted license was issued to. Present when `valid` is `true`. */
+    org_slug?: string;
+    /** ISO 8601 expiry of the submitted license. Present when `valid` is `true`. */
+    expires_at?: string;
+    /** Machine-readable error code when `valid` is `false`. */
+    error?: string;
+}
 
 /**
  * Override types — wire shapes for `/v1/overrides`.
@@ -2006,4 +2080,4 @@ interface ProtectWithEvidenceOptions {
  */
 declare function protectWithEvidence(request: ProtectRequest, opts?: ProtectWithEvidenceOptions): Promise<PermitWithEvidence>;
 
-export { BundleVerificationError as $, AtlaSentDeniedError as A, type BatchEvalItem as B, type ComplianceEvidenceRun as C, type DecisionCanonical as D, type EvaluateRequest as E, protect as F, type GetPermitResponse as G, deployGate as H, configure as I, type ActionEvidenceBundle as J, type AtlaSentDecision as K, type ListPermitsRequest as L, type AtlaSentDeniedErrorInit as M, type AtlaSentErrorCode as N, type OverrideV1 as O, type Permit as P, type AtlaSentErrorInit as Q, type RateLimitState as R, type SubscribeDecisionsOptions as S, AtlaSentEscalateError as T, type AtlaSentEscalateErrorInit as U, type VerifyPermitRequest as V, type AuditDecision as W, type AuditEvent as X, type AuditEventsPage as Y, type AuditExport as Z, type AuditExportSignatureStatus as _, AtlaSentError as a, protectWithEvidence as a$, type BvsSnapshot as a0, type CompletionProof as a1, type ComplianceControlCoverage as a2, type ComplianceEvidenceSummary as a3, type ComplianceFramework as a4, type ComplianceRunStatus as a5, type ConfigureOptions as a6, type ConsentClassProjection as a7, type ConstraintTrace as a8, type ConstraintTracePolicy as a9, type PermitRecord as aA, PermitRevoked as aB, type PermitStatus as aC, type PermitWithEvidence as aD, type ProtectWithEvidenceOptions as aE, type RetryPolicy as aF, type SOC2ControlId as aG, type StreamDecisionEvent as aH, StreamParseError as aI, type StreamProgressEvent as aJ, StreamTimeoutError as aK, type TriggerEvidenceRunRequest as aL, type TriggerEvidenceRunResponse as aM, type WhyPolicyEvaluation as aN, type WhyStage as aO, type WhyTrace as aP, buildDecisionReceiptPayload as aQ, buildWhyTrace as aR, computeBackoffMs as aS, computeBundleHash as aT, computeContextHash as aU, evidenceRunPasses as aV, hasAttemptsLeft as aW, isRetryable as aX, mergePolicy as aY, nonPassingControls as aZ, normalizePermitOutcome as a_, type ConstraintTraceStage as aa, type CreateOverrideRequest as ab, DEFAULT_RETRY_POLICY as ac, DEPLOYMENT_PRODUCTION_ACTION as ad, DEPLOY_GATE_CODES as ae, type Decision as af, type DecisionReceiptPayload as ag, type DeployGateContext as ah, type DeployGateDenyCode as ai, type DeployGateEvidence as aj, type DeployOverrideClaim as ak, type DeployPermitClaim as al, type EvaluateBatchResultItem as am, type EvaluateResponsePermit as an, type EvaluateRiskEnvelope as ao, type EvaluateRiskEnvelopeFactor as ap, type EvidenceControl as aq, type EvidenceControlStatus as ar, type ListEvidenceRunsResponse as as, type OverrideEvent as at, type OverrideEventType as au, type OverrideEventsResponse as av, type OverrideListResponse as aw, type OverrideStatus as ax, PRODUCTION_DEPLOY_ACTION as ay, type PermitOutcome as az, type ProtectRequest as b, signDecisionReceiptHmac as b0, soc2ControlCoverageForDecision as b1, verifyDecisionReceiptHmac as b2, type AtlaSentClientOptions as c, type EvaluateResponse as d, type BatchEvalResponse as e, type DecisionStreamEvent as f, type EvaluatePreflightResponse as g, type VerifyPermitResponse as h, type DeployGateRequest as i, type DeployGateResponse as j, type RevokePermitRequest as k, type RevokePermitResponse as l, type RevokePermitByIdInput as m, type RevokePermitByIdResponse as n, type VerifyPermitByIdResponse as o, type PermitValidResponse as p, type ListPermitsResponse as q, type ApiKeySelfResponse as r, type AuditEventsQuery as s, type AuditEventsResult as t, type AuditExportRequest as u, type AuditExportResult as v, type StreamOptions as w, type StreamEvent as x, type DecisionReceipt as y, type DecisionReceiptAlgorithm as z };
+export { type AuditExport as $, AtlaSentDeniedError as A, type BatchEvalItem as B, type DecisionReceipt as C, type DecisionCanonical as D, type EvaluateRequest as E, type ComplianceEvidenceRun as F, type GetPermitResponse as G, type DecisionReceiptAlgorithm as H, protect as I, deployGate as J, configure as K, type ListPermitsRequest as L, type ActionEvidenceBundle as M, type AtlaSentDecision as N, type OverrideV1 as O, type Permit as P, type AtlaSentDeniedErrorInit as Q, type RateLimitState as R, type SubscribeDecisionsOptions as S, type AtlaSentErrorCode as T, type AtlaSentErrorInit as U, type VerifyPermitRequest as V, AtlaSentEscalateError as W, type AtlaSentEscalateErrorInit as X, type AuditDecision as Y, type AuditEvent as Z, type AuditEventsPage as _, AtlaSentError as a, nonPassingControls as a$, type AuditExportSignatureStatus as a0, BundleVerificationError as a1, type BvsSnapshot as a2, type CompletionProof as a3, type ComplianceControlCoverage as a4, type ComplianceEvidenceSummary as a5, type ComplianceFramework as a6, type ComplianceRunStatus as a7, type ConfigureOptions as a8, type ConsentClassProjection as a9, PRODUCTION_DEPLOY_ACTION as aA, type PermitOutcome as aB, type PermitRecord as aC, PermitRevoked as aD, type PermitStatus as aE, type PermitWithEvidence as aF, type ProtectWithEvidenceOptions as aG, type RetryPolicy as aH, type SOC2ControlId as aI, type StreamDecisionEvent as aJ, StreamParseError as aK, type StreamProgressEvent as aL, StreamTimeoutError as aM, type TriggerEvidenceRunRequest as aN, type TriggerEvidenceRunResponse as aO, type WhyPolicyEvaluation as aP, type WhyStage as aQ, type WhyTrace as aR, buildDecisionReceiptPayload as aS, buildWhyTrace as aT, computeBackoffMs as aU, computeBundleHash as aV, computeContextHash as aW, evidenceRunPasses as aX, hasAttemptsLeft as aY, isRetryable as aZ, mergePolicy as a_, type ConstraintTrace as aa, type ConstraintTracePolicy as ab, type ConstraintTraceStage as ac, type CreateOverrideRequest as ad, DEFAULT_RETRY_POLICY as ae, DEPLOYMENT_PRODUCTION_ACTION as af, DEPLOY_GATE_CODES as ag, type Decision as ah, type DecisionReceiptPayload as ai, type DeployGateContext as aj, type DeployGateDenyCode as ak, type DeployGateEvidence as al, type DeployOverrideClaim as am, type DeployPermitClaim as an, type EvaluateBatchResultItem as ao, type EvaluateResponsePermit as ap, type EvaluateRiskEnvelope as aq, type EvaluateRiskEnvelopeFactor as ar, type EvidenceControl as as, type EvidenceControlStatus as at, type ListEvidenceRunsResponse as au, type OverrideEvent as av, type OverrideEventType as aw, type OverrideEventsResponse as ax, type OverrideListResponse as ay, type OverrideStatus as az, type ProtectRequest as b, normalizePermitOutcome as b0, protectWithEvidence as b1, signDecisionReceiptHmac as b2, soc2ControlCoverageForDecision as b3, verifyDecisionReceiptHmac as b4, type AtlaSentClientOptions as c, type EvaluateResponse as d, type BatchEvalResponse as e, type DecisionStreamEvent as f, type EvaluatePreflightResponse as g, type VerifyPermitResponse as h, type DeployGateRequest as i, type DeployGateResponse as j, type RevokePermitRequest as k, type RevokePermitResponse as l, type RevokePermitByIdInput as m, type RevokePermitByIdResponse as n, type VerifyPermitByIdResponse as o, type PermitValidResponse as p, type ListPermitsResponse as q, type ApiKeySelfResponse as r, type AuditEventsQuery as s, type AuditEventsResult as t, type AuditExportRequest as u, type AuditExportResult as v, type StreamOptions as w, type StreamEvent as x, type LicenseStatus as y, type LicenseVerifyResult as z };

package/dist/{protect-B6w-WQMB.d.ts → protect-Bk9q12ia.d.ts}

@@ -1389,6 +1389,80 @@ interface DecisionStreamEvent {
     previousHash?: string;
     occurredAt?: string;
 }
+/**
+ * License status for a self-hosted or air-gapped AtlaSent deployment.
+ *
+ * Returned by `GET /v1/license`. Describes the current validity, posture,
+ * features, and optional limits for the license key installed on this instance.
+ *
+ * Callers should check `status === "active"` before relying on `features`.
+ * A `"grace"` status means the license has expired but a grace period
+ * (`grace_until`) has not yet elapsed — enforcement is not yet suspended, but
+ * the license should be renewed immediately.
+ */
+interface LicenseStatus {
+    /**
+     * Current validity state of the license.
+     *
+     * - `"active"` — license is valid and within its expiry window.
+     * - `"grace"` — license has expired; a grace period (`grace_until`) applies.
+     * - `"expired"` — license has expired and the grace period has elapsed.
+     * - `"revoked"` — license has been explicitly revoked by AtlaSent.
+     */
+    status: "active" | "grace" | "expired" | "revoked";
+    /** Slug of the organization this license was issued to. */
+    org_slug: string;
+    /**
+     * Deployment posture the license was issued for.
+     *
+     * - `"self_hosted"` — customer-managed deployment with network access to the
+     *   AtlaSent license endpoint for periodic renewal checks.
+     * - `"air_gapped"` — fully offline deployment; license verification is
+     *   entirely local (signed blob checked against the embedded public key).
+     */
+    posture: "self_hosted" | "air_gapped";
+    /** ISO 8601 timestamp when the license expires. */
+    expires_at: string;
+    /**
+     * ISO 8601 timestamp when the grace period ends.
+     * Present only when `status === "grace"`.
+     */
+    grace_until?: string;
+    /**
+     * Feature flags enabled by this license (e.g. `"governance"`, `"bvs"`,
+     * `"federation"`). Check presence of a specific feature with
+     * `status.features.includes("feature_name")`.
+     */
+    features: string[];
+    /**
+     * Maximum evaluations per day allowed by this license.
+     * `undefined` means unlimited.
+     */
+    eval_limit?: number;
+    /**
+     * Maximum active seats (API key holders) allowed by this license.
+     * `undefined` means unlimited.
+     */
+    seat_limit?: number;
+}
+/**
+ * Result of submitting a license blob to `POST /v1/license/verify`.
+ *
+ * `valid` is the contract field — pin to it. When `valid` is `false`, the
+ * `error` field carries a machine-readable reason code such as
+ * `"SIGNATURE_INVALID"`, `"ORG_MISMATCH"`, `"LICENSE_EXPIRED"`, or
+ * `"LICENSE_REVOKED"`.
+ */
+interface LicenseVerifyResult {
+    /** `true` when the submitted blob passes all verification checks. */
+    valid: boolean;
+    /** Slug of the organization the submitted license was issued to. Present when `valid` is `true`. */
+    org_slug?: string;
+    /** ISO 8601 expiry of the submitted license. Present when `valid` is `true`. */
+    expires_at?: string;
+    /** Machine-readable error code when `valid` is `false`. */
+    error?: string;
+}
 
 /**
  * Override types — wire shapes for `/v1/overrides`.
@@ -2006,4 +2080,4 @@ interface ProtectWithEvidenceOptions {
  */
 declare function protectWithEvidence(request: ProtectRequest, opts?: ProtectWithEvidenceOptions): Promise<PermitWithEvidence>;
 
-export { BundleVerificationError as $, AtlaSentDeniedError as A, type BatchEvalItem as B, type ComplianceEvidenceRun as C, type DecisionCanonical as D, type EvaluateRequest as E, protect as F, type GetPermitResponse as G, deployGate as H, configure as I, type ActionEvidenceBundle as J, type AtlaSentDecision as K, type ListPermitsRequest as L, type AtlaSentDeniedErrorInit as M, type AtlaSentErrorCode as N, type OverrideV1 as O, type Permit as P, type AtlaSentErrorInit as Q, type RateLimitState as R, type SubscribeDecisionsOptions as S, AtlaSentEscalateError as T, type AtlaSentEscalateErrorInit as U, type VerifyPermitRequest as V, type AuditDecision as W, type AuditEvent as X, type AuditEventsPage as Y, type AuditExport as Z, type AuditExportSignatureStatus as _, AtlaSentError as a, protectWithEvidence as a$, type BvsSnapshot as a0, type CompletionProof as a1, type ComplianceControlCoverage as a2, type ComplianceEvidenceSummary as a3, type ComplianceFramework as a4, type ComplianceRunStatus as a5, type ConfigureOptions as a6, type ConsentClassProjection as a7, type ConstraintTrace as a8, type ConstraintTracePolicy as a9, type PermitRecord as aA, PermitRevoked as aB, type PermitStatus as aC, type PermitWithEvidence as aD, type ProtectWithEvidenceOptions as aE, type RetryPolicy as aF, type SOC2ControlId as aG, type StreamDecisionEvent as aH, StreamParseError as aI, type StreamProgressEvent as aJ, StreamTimeoutError as aK, type TriggerEvidenceRunRequest as aL, type TriggerEvidenceRunResponse as aM, type WhyPolicyEvaluation as aN, type WhyStage as aO, type WhyTrace as aP, buildDecisionReceiptPayload as aQ, buildWhyTrace as aR, computeBackoffMs as aS, computeBundleHash as aT, computeContextHash as aU, evidenceRunPasses as aV, hasAttemptsLeft as aW, isRetryable as aX, mergePolicy as aY, nonPassingControls as aZ, normalizePermitOutcome as a_, type ConstraintTraceStage as aa, type CreateOverrideRequest as ab, DEFAULT_RETRY_POLICY as ac, DEPLOYMENT_PRODUCTION_ACTION as ad, DEPLOY_GATE_CODES as ae, type Decision as af, type DecisionReceiptPayload as ag, type DeployGateContext as ah, type DeployGateDenyCode as ai, type DeployGateEvidence as aj, type DeployOverrideClaim as ak, type DeployPermitClaim as al, type EvaluateBatchResultItem as am, type EvaluateResponsePermit as an, type EvaluateRiskEnvelope as ao, type EvaluateRiskEnvelopeFactor as ap, type EvidenceControl as aq, type EvidenceControlStatus as ar, type ListEvidenceRunsResponse as as, type OverrideEvent as at, type OverrideEventType as au, type OverrideEventsResponse as av, type OverrideListResponse as aw, type OverrideStatus as ax, PRODUCTION_DEPLOY_ACTION as ay, type PermitOutcome as az, type ProtectRequest as b, signDecisionReceiptHmac as b0, soc2ControlCoverageForDecision as b1, verifyDecisionReceiptHmac as b2, type AtlaSentClientOptions as c, type EvaluateResponse as d, type BatchEvalResponse as e, type DecisionStreamEvent as f, type EvaluatePreflightResponse as g, type VerifyPermitResponse as h, type DeployGateRequest as i, type DeployGateResponse as j, type RevokePermitRequest as k, type RevokePermitResponse as l, type RevokePermitByIdInput as m, type RevokePermitByIdResponse as n, type VerifyPermitByIdResponse as o, type PermitValidResponse as p, type ListPermitsResponse as q, type ApiKeySelfResponse as r, type AuditEventsQuery as s, type AuditEventsResult as t, type AuditExportRequest as u, type AuditExportResult as v, type StreamOptions as w, type StreamEvent as x, type DecisionReceipt as y, type DecisionReceiptAlgorithm as z };
+export { type AuditExport as $, AtlaSentDeniedError as A, type BatchEvalItem as B, type DecisionReceipt as C, type DecisionCanonical as D, type EvaluateRequest as E, type ComplianceEvidenceRun as F, type GetPermitResponse as G, type DecisionReceiptAlgorithm as H, protect as I, deployGate as J, configure as K, type ListPermitsRequest as L, type ActionEvidenceBundle as M, type AtlaSentDecision as N, type OverrideV1 as O, type Permit as P, type AtlaSentDeniedErrorInit as Q, type RateLimitState as R, type SubscribeDecisionsOptions as S, type AtlaSentErrorCode as T, type AtlaSentErrorInit as U, type VerifyPermitRequest as V, AtlaSentEscalateError as W, type AtlaSentEscalateErrorInit as X, type AuditDecision as Y, type AuditEvent as Z, type AuditEventsPage as _, AtlaSentError as a, nonPassingControls as a$, type AuditExportSignatureStatus as a0, BundleVerificationError as a1, type BvsSnapshot as a2, type CompletionProof as a3, type ComplianceControlCoverage as a4, type ComplianceEvidenceSummary as a5, type ComplianceFramework as a6, type ComplianceRunStatus as a7, type ConfigureOptions as a8, type ConsentClassProjection as a9, PRODUCTION_DEPLOY_ACTION as aA, type PermitOutcome as aB, type PermitRecord as aC, PermitRevoked as aD, type PermitStatus as aE, type PermitWithEvidence as aF, type ProtectWithEvidenceOptions as aG, type RetryPolicy as aH, type SOC2ControlId as aI, type StreamDecisionEvent as aJ, StreamParseError as aK, type StreamProgressEvent as aL, StreamTimeoutError as aM, type TriggerEvidenceRunRequest as aN, type TriggerEvidenceRunResponse as aO, type WhyPolicyEvaluation as aP, type WhyStage as aQ, type WhyTrace as aR, buildDecisionReceiptPayload as aS, buildWhyTrace as aT, computeBackoffMs as aU, computeBundleHash as aV, computeContextHash as aW, evidenceRunPasses as aX, hasAttemptsLeft as aY, isRetryable as aZ, mergePolicy as a_, type ConstraintTrace as aa, type ConstraintTracePolicy as ab, type ConstraintTraceStage as ac, type CreateOverrideRequest as ad, DEFAULT_RETRY_POLICY as ae, DEPLOYMENT_PRODUCTION_ACTION as af, DEPLOY_GATE_CODES as ag, type Decision as ah, type DecisionReceiptPayload as ai, type DeployGateContext as aj, type DeployGateDenyCode as ak, type DeployGateEvidence as al, type DeployOverrideClaim as am, type DeployPermitClaim as an, type EvaluateBatchResultItem as ao, type EvaluateResponsePermit as ap, type EvaluateRiskEnvelope as aq, type EvaluateRiskEnvelopeFactor as ar, type EvidenceControl as as, type EvidenceControlStatus as at, type ListEvidenceRunsResponse as au, type OverrideEvent as av, type OverrideEventType as aw, type OverrideEventsResponse as ax, type OverrideListResponse as ay, type OverrideStatus as az, type ProtectRequest as b, normalizePermitOutcome as b0, protectWithEvidence as b1, signDecisionReceiptHmac as b2, soc2ControlCoverageForDecision as b3, verifyDecisionReceiptHmac as b4, type AtlaSentClientOptions as c, type EvaluateResponse as d, type BatchEvalResponse as e, type DecisionStreamEvent as f, type EvaluatePreflightResponse as g, type VerifyPermitResponse as h, type DeployGateRequest as i, type DeployGateResponse as j, type RevokePermitRequest as k, type RevokePermitResponse as l, type RevokePermitByIdInput as m, type RevokePermitByIdResponse as n, type VerifyPermitByIdResponse as o, type PermitValidResponse as p, type ListPermitsResponse as q, type ApiKeySelfResponse as r, type AuditEventsQuery as s, type AuditEventsResult as t, type AuditExportRequest as u, type AuditExportResult as v, type StreamOptions as w, type StreamEvent as x, type LicenseStatus as y, type LicenseVerifyResult as z };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@atlasent/sdk",
-  "version": "2.12.0",
+  "version": "2.13.0",
   "description": "TypeScript SDK for the AtlaSent authorization API",
   "license": "Apache-2.0",
   "type": "module",