@attestry/sdk 0.6.0

package/dist/client.d.ts

@@ -0,0 +1,58 @@
+import { AbacPoliciesResource } from "./resources/abac-policies.js";
+import { AuditLogResource } from "./resources/audit-log.js";
+import { BatchResource } from "./resources/batch.js";
+import { ChatResource } from "./resources/chat.js";
+import { CheckResource } from "./resources/check.js";
+import { ComplianceCheckResource } from "./resources/compliance-check.js";
+import { DecisionsResource } from "./resources/decisions.js";
+import { EvidencePackResource } from "./resources/evidence-pack.js";
+import { GateResource } from "./resources/gate.js";
+import { IncidentsResource } from "./resources/incidents.js";
+import { RegulatoryChangesResource } from "./resources/regulatory-changes.js";
+import { ShipGateResource } from "./resources/ship-gate.js";
+import { VisionResource } from "./resources/vision.js";
+import type { AttestryClientOptions, RequestOptions } from "./types.js";
+interface InternalRequestArgs {
+    method: "GET" | "POST" | "PATCH" | "DELETE";
+    path: string;
+    body?: unknown;
+    query?: Record<string, string | number | boolean | undefined | null>;
+    options?: RequestOptions;
+}
+export declare class AttestryClient {
+    readonly incidents: IncidentsResource;
+    readonly decisions: DecisionsResource;
+    readonly chat: ChatResource;
+    readonly auditLog: AuditLogResource;
+    readonly regulatoryChanges: RegulatoryChangesResource;
+    readonly complianceCheck: ComplianceCheckResource;
+    readonly check: CheckResource;
+    readonly gate: GateResource;
+    readonly batch: BatchResource;
+    readonly shipGate: ShipGateResource;
+    readonly abacPolicies: AbacPoliciesResource;
+    readonly evidencePack: EvidencePackResource;
+    readonly vision: VisionResource;
+    private readonly _config;
+    constructor(options: AttestryClientOptions);
+    /** Internal — resources call this to dispatch HTTP requests. */
+    _request<T>(args: InternalRequestArgs): Promise<T>;
+    /**
+     * Internal — resources call this to dispatch streaming requests (SSE
+     * or NDJSON). Returns the un-consumed `Response` so the caller can
+     * attach the appropriate parser to `response.body`. Non-2xx responses
+     * throw `AttestryAPIError` exactly like `_request`. See `streamRequest`
+     * in transport for the full contract — including the
+     * `expectedContentType` parameter that drives both the `Accept:`
+     * request header and the response content-type fail-fast guard.
+     */
+    _streamRequest(args: {
+        path: string;
+        query?: Record<string, string | number | boolean | undefined | null>;
+        headers?: Record<string, string>;
+        options?: RequestOptions;
+        expectedContentType?: string;
+    }): Promise<Response>;
+}
+export {};
+//# sourceMappingURL=client.d.ts.map

package/dist/client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAUA,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAMvD,OAAO,KAAK,EAAE,qBAAqB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAExE,UAAU,mBAAmB;IAC3B,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,OAAO,GAAG,QAAQ,CAAC;IAC5C,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,GAAG,IAAI,CAAC,CAAC;IACrE,OAAO,CAAC,EAAE,cAAc,CAAC;CAC1B;AAED,qBAAa,cAAc;IACzB,QAAQ,CAAC,SAAS,EAAE,iBAAiB,CAAC;IACtC,QAAQ,CAAC,SAAS,EAAE,iBAAiB,CAAC;IACtC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,gBAAgB,CAAC;IACpC,QAAQ,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;IACtD,QAAQ,CAAC,eAAe,EAAE,uBAAuB,CAAC;IAClD,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC;IAC9B,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC;IAC5B,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,gBAAgB,CAAC;IACpC,QAAQ,CAAC,YAAY,EAAE,oBAAoB,CAAC;IAE5C,QAAQ,CAAC,YAAY,EAAE,oBAAoB,CAAC;IAC5C,QAAQ,CAAC,MAAM,EAAE,cAAc,CAAC;IAGhC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAyC;gBAErD,OAAO,EAAE,qBAAqB;IAiB1C,gEAAgE;IAChE,QAAQ,CAAC,CAAC,EAAE,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,CAAC,CAAC;IAIlD;;;;;;;;OAQG;IACH,cAAc,CAAC,IAAI,EAAE;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,SAAS,GAAG,IAAI,CAAC,CAAC;QACrE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACjC,OAAO,CAAC,EAAE,cAAc,CAAC;QACzB,mBAAmB,CAAC,EAAE,MAAM,CAAC;KAC9B,GAAG,OAAO,CAAC,QAAQ,CAAC;CAGtB"}

package/dist/client.js

@@ -0,0 +1,74 @@
+// ─── AttestryClient ─────────────────────────────────────────────────────────
+//
+// The single entry point. Construct with `new AttestryClient({ apiKey })`,
+// then access resource sub-clients on `client.<resource>` (Stripe-style).
+//
+// Resources call back into the client via `_request<T>(args)`. The
+// underscore prefix signals "internal — don't call from consumer code";
+// it's not literally private because TypeScript class-private fields
+// would also hide it from the resource modules in this codebase.
+import { AbacPoliciesResource } from "./resources/abac-policies.js";
+import { AuditLogResource } from "./resources/audit-log.js";
+import { BatchResource } from "./resources/batch.js";
+import { ChatResource } from "./resources/chat.js";
+import { CheckResource } from "./resources/check.js";
+import { ComplianceCheckResource } from "./resources/compliance-check.js";
+import { DecisionsResource } from "./resources/decisions.js";
+import { EvidencePackResource } from "./resources/evidence-pack.js";
+import { GateResource } from "./resources/gate.js";
+import { IncidentsResource } from "./resources/incidents.js";
+import { RegulatoryChangesResource } from "./resources/regulatory-changes.js";
+import { ShipGateResource } from "./resources/ship-gate.js";
+import { VisionResource } from "./resources/vision.js";
+import { request as transportRequest, resolveClientConfig, streamRequest as transportStreamRequest, } from "./transport.js";
+export class AttestryClient {
+    incidents;
+    decisions;
+    chat;
+    auditLog;
+    regulatoryChanges;
+    complianceCheck;
+    check;
+    gate;
+    batch;
+    shipGate;
+    abacPolicies;
+    // 2.0 flagship resources (the ≥0.6.0 union — W1 deliverable 5)
+    evidencePack;
+    vision;
+    // Frozen at construction time; resources read this through `_request`.
+    _config;
+    constructor(options) {
+        this._config = resolveClientConfig(options);
+        this.incidents = new IncidentsResource(this);
+        this.decisions = new DecisionsResource(this);
+        this.chat = new ChatResource(this);
+        this.auditLog = new AuditLogResource(this);
+        this.regulatoryChanges = new RegulatoryChangesResource(this);
+        this.complianceCheck = new ComplianceCheckResource(this);
+        this.check = new CheckResource(this);
+        this.gate = new GateResource(this);
+        this.batch = new BatchResource(this);
+        this.shipGate = new ShipGateResource(this);
+        this.abacPolicies = new AbacPoliciesResource(this);
+        this.evidencePack = new EvidencePackResource(this);
+        this.vision = new VisionResource(this);
+    }
+    /** Internal — resources call this to dispatch HTTP requests. */
+    _request(args) {
+        return transportRequest({ config: this._config, ...args });
+    }
+    /**
+     * Internal — resources call this to dispatch streaming requests (SSE
+     * or NDJSON). Returns the un-consumed `Response` so the caller can
+     * attach the appropriate parser to `response.body`. Non-2xx responses
+     * throw `AttestryAPIError` exactly like `_request`. See `streamRequest`
+     * in transport for the full contract — including the
+     * `expectedContentType` parameter that drives both the `Accept:`
+     * request header and the response content-type fail-fast guard.
+     */
+    _streamRequest(args) {
+        return transportStreamRequest({ config: this._config, ...args });
+    }
+}
+//# sourceMappingURL=client.js.map

package/dist/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../src/client.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,2EAA2E;AAC3E,0EAA0E;AAC1E,EAAE;AACF,mEAAmE;AACnE,wEAAwE;AACxE,qEAAqE;AACrE,iEAAiE;AAEjE,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,uBAAuB,EAAE,MAAM,iCAAiC,CAAC;AAC1E,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,8BAA8B,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,yBAAyB,EAAE,MAAM,mCAAmC,CAAC;AAC9E,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EACL,OAAO,IAAI,gBAAgB,EAC3B,mBAAmB,EACnB,aAAa,IAAI,sBAAsB,GACxC,MAAM,gBAAgB,CAAC;AAWxB,MAAM,OAAO,cAAc;IAChB,SAAS,CAAoB;IAC7B,SAAS,CAAoB;IAC7B,IAAI,CAAe;IACnB,QAAQ,CAAmB;IAC3B,iBAAiB,CAA4B;IAC7C,eAAe,CAA0B;IACzC,KAAK,CAAgB;IACrB,IAAI,CAAe;IACnB,KAAK,CAAgB;IACrB,QAAQ,CAAmB;IAC3B,YAAY,CAAuB;IAC5C,+DAA+D;IACtD,YAAY,CAAuB;IACnC,MAAM,CAAiB;IAEhC,uEAAuE;IACtD,OAAO,CAAyC;IAEjE,YAAY,OAA8B;QACxC,IAAI,CAAC,OAAO,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;QAC5C,IAAI,CAAC,SAAS,GAAG,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,SAAS,GAAG,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,CAAC,IAAI,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC;QACnC,IAAI,CAAC,QAAQ,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC3C,IAAI,CAAC,iBAAiB,GAAG,IAAI,yBAAyB,CAAC,IAAI,CAAC,CAAC;QAC7D,IAAI,CAAC,eAAe,GAAG,IAAI,uBAAuB,CAAC,IAAI,CAAC,CAAC;QACzD,IAAI,CAAC,KAAK,GAAG,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC;QACrC,IAAI,CAAC,IAAI,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,GAAG,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC;QACrC,IAAI,CAAC,QAAQ,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC3C,IAAI,CAAC,YAAY,GAAG,IAAI,oBAAoB,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,CAAC,YAAY,GAAG,IAAI,oBAAoB,CAAC,IAAI,CAAC,CAAC;QACnD,IAAI,CAAC,MAAM,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,gEAAgE;IAChE,QAAQ,CAAI,IAAyB;QACnC,OAAO,gBAAgB,CAAI,EAAE,MAAM,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;IAChE,CAAC;IAED;;;;;;;;OAQG;IACH,cAAc,CAAC,IAMd;QACC,OAAO,sBAAsB,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,EAAE,CAAC,CAAC;IACnE,CAAC;CACF"}

package/dist/constants.d.ts

@@ -0,0 +1,7 @@
+export declare const INCIDENT_TYPES: readonly ["prompt_injection", "jailbreak", "tool_misuse", "compliance_violation", "data_leak", "hallucination", "bias_detected", "safety_bypass", "other"];
+export type IncidentType = (typeof INCIDENT_TYPES)[number];
+export declare const SEVERITIES: readonly ["low", "medium", "high", "critical"];
+export type Severity = (typeof SEVERITIES)[number];
+export declare const FRAMEWORK_CODES: readonly ["eu_ai_act", "colorado_ai_act", "nyc_local_law_144", "nist_ai_rmf", "iso_42001", "soc_2", "hipaa", "gdpr"];
+export type FrameworkCode = (typeof FRAMEWORK_CODES)[number];
+//# sourceMappingURL=constants.d.ts.map

package/dist/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAgBA,eAAO,MAAM,cAAc,4JAUhB,CAAC;AAEZ,MAAM,MAAM,YAAY,GAAG,CAAC,OAAO,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC;AAE3D,eAAO,MAAM,UAAU,gDAKZ,CAAC;AAEZ,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC;AAEnD,eAAO,MAAM,eAAe,sHASjB,CAAC;AAEZ,MAAM,MAAM,aAAa,GAAG,CAAC,OAAO,eAAe,CAAC,CAAC,MAAM,CAAC,CAAC"}

package/dist/constants.js

@@ -0,0 +1,43 @@
+// ─── Public enums mirrored from the kernel's incident schema ────────────────
+//
+// Duplicated here on purpose: the SDK is a public API and must not import
+// from the kernel's internal `src/lib/incidents/schema.ts`. Drift is caught
+// by a server-side test in the kernel that reads this file and asserts
+// the arrays match.
+//
+// **Object.freeze (P1 hardening)**: each export is runtime-frozen so a
+// hostile or buggy npm dependency cannot mutate the array between SDK
+// import and method call. Without freeze, a `(SEVERITIES as
+// any).push("evil")` from a misbehaving dependency would bypass the
+// SDK's `.includes()` validation on closed-enum input fields. The
+// drift extractor in `src/lib/incidents/__tests__/sdk-drift.test.ts`
+// accepts both `as const` forms (bare and `Object.freeze`-wrapped) so
+// kernel-side route-local consts continue to extract cleanly.
+export const INCIDENT_TYPES = Object.freeze([
+    "prompt_injection",
+    "jailbreak",
+    "tool_misuse",
+    "compliance_violation",
+    "data_leak",
+    "hallucination",
+    "bias_detected",
+    "safety_bypass",
+    "other",
+]);
+export const SEVERITIES = Object.freeze([
+    "low",
+    "medium",
+    "high",
+    "critical",
+]);
+export const FRAMEWORK_CODES = Object.freeze([
+    "eu_ai_act",
+    "colorado_ai_act",
+    "nyc_local_law_144",
+    "nist_ai_rmf",
+    "iso_42001",
+    "soc_2",
+    "hipaa",
+    "gdpr",
+]);
+//# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,0EAA0E;AAC1E,4EAA4E;AAC5E,uEAAuE;AACvE,oBAAoB;AACpB,EAAE;AACF,uEAAuE;AACvE,sEAAsE;AACtE,4DAA4D;AAC5D,oEAAoE;AACpE,kEAAkE;AAClE,qEAAqE;AACrE,sEAAsE;AACtE,8DAA8D;AAE9D,MAAM,CAAC,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,CAAC;IAC1C,kBAAkB;IAClB,WAAW;IACX,aAAa;IACb,sBAAsB;IACtB,WAAW;IACX,eAAe;IACf,eAAe;IACf,eAAe;IACf,OAAO;CACC,CAAC,CAAC;AAIZ,MAAM,CAAC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC;IACtC,KAAK;IACL,QAAQ;IACR,MAAM;IACN,UAAU;CACF,CAAC,CAAC;AAIZ,MAAM,CAAC,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,CAAC;IAC3C,WAAW;IACX,iBAAiB;IACjB,mBAAmB;IACnB,aAAa;IACb,WAAW;IACX,OAAO;IACP,OAAO;IACP,MAAM;CACE,CAAC,CAAC"}

package/dist/errors.d.ts

@@ -0,0 +1,16 @@
+export declare class AttestryError extends Error {
+    constructor(message: string, options?: {
+        cause?: unknown;
+    });
+}
+/**
+ * Thrown when the API returns a non-2xx HTTP response. Always carries the
+ * `status` code; `details` holds the parsed response body (when JSON) or
+ * `null` (when the body wasn't valid JSON or was empty).
+ */
+export declare class AttestryAPIError extends AttestryError {
+    readonly status: number;
+    readonly details: unknown;
+    constructor(message: string, status: number, details?: unknown);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAaA,qBAAa,aAAc,SAAQ,KAAK;gBAC1B,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,OAAO,CAAA;KAAE;CAU3D;AAED;;;;GAIG;AACH,qBAAa,gBAAiB,SAAQ,aAAa;IACjD,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;gBAEd,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,GAAE,OAAc;CAOrE"}

package/dist/errors.js

@@ -0,0 +1,41 @@
+// ─── SDK error hierarchy ────────────────────────────────────────────────────
+//
+// Two error classes:
+//   - `AttestryError` — non-API errors (network failure, invalid client
+//     configuration, request timeout). Always indicates the request did
+//     not reach the API.
+//   - `AttestryAPIError` — the API returned a non-2xx response. Carries
+//     `status` (HTTP status code), normalized `code` from the response
+//     body when present, and the raw response shape under `details`.
+//
+// Both extend the standard `Error` so consumer code can `instanceof` test
+// each layer separately.
+export class AttestryError extends Error {
+    constructor(message, options) {
+        super(message);
+        this.name = "AttestryError";
+        if (options?.cause !== undefined) {
+            // Preserve native ES2022 cause chain when available.
+            this.cause = options.cause;
+        }
+        // Restore prototype chain across compile targets that drop it.
+        Object.setPrototypeOf(this, new.target.prototype);
+    }
+}
+/**
+ * Thrown when the API returns a non-2xx HTTP response. Always carries the
+ * `status` code; `details` holds the parsed response body (when JSON) or
+ * `null` (when the body wasn't valid JSON or was empty).
+ */
+export class AttestryAPIError extends AttestryError {
+    status;
+    details;
+    constructor(message, status, details = null) {
+        super(message);
+        this.name = "AttestryAPIError";
+        this.status = status;
+        this.details = details;
+        Object.setPrototypeOf(this, new.target.prototype);
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,qBAAqB;AACrB,wEAAwE;AACxE,wEAAwE;AACxE,yBAAyB;AACzB,wEAAwE;AACxE,uEAAuE;AACvE,qEAAqE;AACrE,EAAE;AACF,0EAA0E;AAC1E,yBAAyB;AAEzB,MAAM,OAAO,aAAc,SAAQ,KAAK;IACtC,YAAY,OAAe,EAAE,OAA6B;QACxD,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;QAC5B,IAAI,OAAO,EAAE,KAAK,KAAK,SAAS,EAAE,CAAC;YACjC,qDAAqD;YACpD,IAAoC,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC9D,CAAC;QACD,+DAA+D;QAC/D,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;CACF;AAED;;;;GAIG;AACH,MAAM,OAAO,gBAAiB,SAAQ,aAAa;IACxC,MAAM,CAAS;IACf,OAAO,CAAU;IAE1B,YAAY,OAAe,EAAE,MAAc,EAAE,UAAmB,IAAI;QAClE,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;QAC/B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACpD,CAAC;CACF"}

package/dist/index.d.ts

@@ -0,0 +1,17 @@
+export { AttestryClient } from "./client.js";
+export { AttestryError, AttestryAPIError } from "./errors.js";
+export { INCIDENT_TYPES, SEVERITIES, FRAMEWORK_CODES, type IncidentType, type Severity, type FrameworkCode, } from "./constants.js";
+export type { AttestryClientOptions, FetchLike, RequestOptions, } from "./types.js";
+export { DEFAULT_RETRY_OPTIONS, type RetryOptions, } from "./retry.js";
+export { IncidentsResource, type Incident, type IncidentReportInput, type IncidentListInput, type IncidentListResponse, type IncidentPatchInput, type IncidentSearchInput, type IncidentSearchResponse, type IncidentCluster, type IncidentClusterSeverityCounts, } from "./resources/incidents.js";
+export { DecisionsResource, DECISION_STREAM_EVENT_TYPES, type DecisionRecord, type DecisionIngestInput, type FrameworkClaim, type ToolInvocation, type DelegationEntry, type ZkProof, type DecisionBulkInput, type BulkInsertedSummary, type BulkFailedSummary, type BulkIngestResult, type DecisionListItem, type DecisionsListInput, type DecisionsListResponse, type DecisionStreamEvent, type DecisionStreamEventType, type DecisionsStreamInput, type DecisionsExportInput, type DecisionExportRecord, type DecisionExportTrailer, type DecisionExportFrame, type ChainVerificationResult, } from "./resources/decisions.js";
+export { ChatResource, CHAT_MESSAGE_ROLES, type ChatMessage, type ChatMessageRole, type ChatContext, type ChatContextGap, type ChatSendInput, type ChatSendResponse, type ChatStreamChunk, } from "./resources/chat.js";
+export { AuditLogResource, AUDIT_LOG_EXPORT_FORMATS, type AuditLogExportFormat, type AuditLogRecord, type AuditLogExportInput, type AuditChainVerificationResult, } from "./resources/audit-log.js";
+export { RegulatoryChangesResource, REGULATORY_CHANGE_SEVERITIES, REGULATORY_CHANGE_STATUSES, type RegulatoryChangeSeverity, type RegulatoryChangeStatus, type RegulatoryChange, type RegulatoryChangesListInput, } from "./resources/regulatory-changes.js";
+export { ComplianceCheckResource, type ComplianceCheckInput, type ComplianceCheckResult, type ComplianceCheckResponse, type ComplianceCheckFrameworkCoverage, } from "./resources/compliance-check.js";
+export { CheckResource, type CheckInput, type CheckResponse, } from "./resources/check.js";
+export { GateResource, type GateInput, type GateGap, type GateResponse, } from "./resources/gate.js";
+export { BatchResource, BATCH_JOB_TYPES, BATCH_JOB_STATUSES, type BatchJobType, type BatchJobStatusValue, type BatchSystemResult, type BatchConfig, type BatchSubmitInput, type BatchSubmitResponse, type BatchJobStatus, } from "./resources/batch.js";
+export { ShipGateResource, type ShipGateInput, type ShipGateCheckResponse, type ShipGateReasonCode, type ShipGateState, } from "./resources/ship-gate.js";
+export { AbacPoliciesResource, ABAC_POLICY_RESOURCES, ABAC_POLICY_ACTIONS, ABAC_POLICY_EFFECTS, type AbacPolicy, type AbacPoliciesListResponse, type AbacPolicyCreateInput, type AbacPolicyUpdateInput, type AbacPolicyEffect, type AbacPolicyResource, type AbacPolicyAction, type AbacAttrRoot, type AbacAttrPath, type AbacAttrValue, type AbacLeafCondition, type AbacCompoundCondition, type AbacCondition, } from "./resources/abac-policies.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE9D,OAAO,EACL,cAAc,EACd,UAAU,EACV,eAAe,EACf,KAAK,YAAY,EACjB,KAAK,QAAQ,EACb,KAAK,aAAa,GACnB,MAAM,gBAAgB,CAAC;AAExB,YAAY,EACV,qBAAqB,EACrB,SAAS,EACT,cAAc,GACf,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,qBAAqB,EACrB,KAAK,YAAY,GAClB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,iBAAiB,EACjB,KAAK,QAAQ,EACb,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,KAAK,oBAAoB,EACzB,KAAK,kBAAkB,EACvB,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,EAC3B,KAAK,eAAe,EACpB,KAAK,6BAA6B,GACnC,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,iBAAiB,EACjB,2BAA2B,EAC3B,KAAK,cAAc,EACnB,KAAK,mBAAmB,EACxB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,eAAe,EACpB,KAAK,OAAO,EACZ,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACvB,KAAK,qBAAqB,EAC1B,KAAK,mBAAmB,EACxB,KAAK,uBAAuB,EAC5B,KAAK,oBAAoB,EACzB,KAAK,oBAAoB,EACzB,KAAK,oBAAoB,EACzB,KAAK,qBAAqB,EAC1B,KAAK,mBAAmB,EACxB,KAAK,uBAAuB,GAC7B,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,WAAW,EAChB,KAAK,cAAc,EACnB,KAAK,aAAa,EAClB,KAAK,gBAAgB,EACrB,KAAK,eAAe,GACrB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,gBAAgB,EAChB,wBAAwB,EACxB,KAAK,oBAAoB,EACzB,KAAK,cAAc,EACnB,KAAK,mBAAmB,EACxB,KAAK,4BAA4B,GAClC,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,yBAAyB,EACzB,4BAA4B,EAC5B,0BAA0B,EAC1B,KAAK,wBAAwB,EAC7B,KAAK,sBAAsB,EAC3B,KAAK,gBAAgB,EACrB,KAAK,0BAA0B,GAChC,MAAM,mCAAmC,CAAC;AAE3C,OAAO,EACL,uBAAuB,EACvB,KAAK,oBAAoB,EACzB,KAAK,qBAAqB,EAC1B,KAAK,uBAAuB,EAC5B,KAAK,gCAAgC,GACtC,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EACL,aAAa,EACb,KAAK,UAAU,EACf,KAAK,aAAa,GACnB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,YAAY,EACZ,KAAK,SAAS,EACd,KAAK,OAAO,EACZ,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,KAAK,YAAY,EACjB,KAAK,mBAAmB,EACxB,KAAK,iBAAiB,EACtB,KAAK,WAAW,EAChB,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,KAAK,cAAc,GACpB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,gBAAgB,EAChB,KAAK,aAAa,EAClB,KAAK,qBAAqB,EAC1B,KAAK,kBAAkB,EACvB,KAAK,aAAa,GACnB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,mBAAmB,EACnB,mBAAmB,EACnB,KAAK,UAAU,EACf,KAAK,wBAAwB,EAC7B,KAAK,qBAAqB,EAC1B,KAAK,qBAAqB,EAC1B,KAAK,gBAAgB,EACrB,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,KAAK,YAAY,EACjB,KAAK,YAAY,EACjB,KAAK,aAAa,EAClB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,EAC1B,KAAK,aAAa,GACnB,MAAM,8BAA8B,CAAC"}

package/dist/index.js

@@ -0,0 +1,20 @@
+// ─── Public API ─────────────────────────────────────────────────────────────
+//
+// Entry point of `@attestry/sdk`. Anything not re-exported here is internal
+// and not part of the public contract.
+export { AttestryClient } from "./client.js";
+export { AttestryError, AttestryAPIError } from "./errors.js";
+export { INCIDENT_TYPES, SEVERITIES, FRAMEWORK_CODES, } from "./constants.js";
+export { DEFAULT_RETRY_OPTIONS, } from "./retry.js";
+export { IncidentsResource, } from "./resources/incidents.js";
+export { DecisionsResource, DECISION_STREAM_EVENT_TYPES, } from "./resources/decisions.js";
+export { ChatResource, CHAT_MESSAGE_ROLES, } from "./resources/chat.js";
+export { AuditLogResource, AUDIT_LOG_EXPORT_FORMATS, } from "./resources/audit-log.js";
+export { RegulatoryChangesResource, REGULATORY_CHANGE_SEVERITIES, REGULATORY_CHANGE_STATUSES, } from "./resources/regulatory-changes.js";
+export { ComplianceCheckResource, } from "./resources/compliance-check.js";
+export { CheckResource, } from "./resources/check.js";
+export { GateResource, } from "./resources/gate.js";
+export { BatchResource, BATCH_JOB_TYPES, BATCH_JOB_STATUSES, } from "./resources/batch.js";
+export { ShipGateResource, } from "./resources/ship-gate.js";
+export { AbacPoliciesResource, ABAC_POLICY_RESOURCES, ABAC_POLICY_ACTIONS, ABAC_POLICY_EFFECTS, } from "./resources/abac-policies.js";
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,4EAA4E;AAC5E,uCAAuC;AAEvC,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE9D,OAAO,EACL,cAAc,EACd,UAAU,EACV,eAAe,GAIhB,MAAM,gBAAgB,CAAC;AAQxB,OAAO,EACL,qBAAqB,GAEtB,MAAM,YAAY,CAAC;AAEpB,OAAO,EACL,iBAAiB,GAUlB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,iBAAiB,EACjB,2BAA2B,GAsB5B,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,YAAY,EACZ,kBAAkB,GAQnB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,gBAAgB,EAChB,wBAAwB,GAKzB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,yBAAyB,EACzB,4BAA4B,EAC5B,0BAA0B,GAK3B,MAAM,mCAAmC,CAAC;AAE3C,OAAO,EACL,uBAAuB,GAKxB,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EACL,aAAa,GAGd,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,YAAY,GAIb,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EACL,aAAa,EACb,eAAe,EACf,kBAAkB,GAQnB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,gBAAgB,GAKjB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,mBAAmB,EACnB,mBAAmB,GAcpB,MAAM,8BAA8B,CAAC"}

package/dist/lines-parser.d.ts

@@ -0,0 +1,50 @@
+/**
+ * Async generator: reads from a stream of UTF-8-encoded line-oriented
+ * bytes and yields each `\n`-delimited line as a raw string. Ends when
+ * the underlying reader signals `done`. Defensive: a caller that breaks
+ * early out of the for-await loop leaves the reader open — call
+ * `reader.cancel()` from your finally block (or use `parseLinesResponse`
+ * below which handles cleanup automatically).
+ *
+ * Mid-stream read errors are wrapped as
+ * `AttestryError("network error during stream: <reason>")` with the
+ * original error chained as `cause`. AbortError-shaped rejects (caller
+ * cancelled the underlying signal) are wrapped as
+ * `AttestryError("request aborted by caller")` for symmetry with the
+ * pre-fetch abort surface and with the ndjson-parser. The resource layer
+ * can rely on these wrappings — `runAuditLogExport`'s loop passes any
+ * `AttestryError` through verbatim.
+ *
+ * @throws AttestryError if the residual line buffer exceeds `maxLineBytes`
+ *         (defense against unbounded-line DoS), OR the underlying reader
+ *         rejects mid-iteration (network drop, abort).
+ */
+export declare function parseLines(reader: ReadableStreamDefaultReader<Uint8Array>, options?: {
+    maxLineBytes?: number;
+}): AsyncGenerator<string, void, unknown>;
+/**
+ * Convenience wrapper around `parseLines` that accepts a `Response`,
+ * derives the reader, and ALWAYS calls `reader.cancel()` in a `finally`
+ * block — including when a caller breaks out of the for-await loop
+ * early. Without this, an early `break` leaks the underlying connection.
+ *
+ * Resources should call this rather than `parseLines` directly.
+ *
+ * Symmetric to `parseNDJSONResponse` and `parseSSEResponse`.
+ */
+export declare function parseLinesResponse(response: Response, options?: {
+    maxLineBytes?: number;
+}): AsyncGenerator<string, void, unknown>;
+/**
+ * Trim a single trailing `\r` (CR). Defensive: line-oriented streaming
+ * formats mandate LF only, but a Windows-tooling artifact could leave
+ * a CR before the LF. Trimming exactly one CR keeps the parser permissive
+ * without treating CR alone as a line separator.
+ */
+declare function stripTrailingCR(s: string): string;
+export declare const __test__: {
+    DEFAULT_MAX_LINE_BYTES: number;
+    stripTrailingCR: typeof stripTrailingCR;
+};
+export {};
+//# sourceMappingURL=lines-parser.d.ts.map

package/dist/lines-parser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lines-parser.d.ts","sourceRoot":"","sources":["../src/lines-parser.ts"],"names":[],"mappings":"AA8CA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAuB,UAAU,CAC/B,MAAM,EAAE,2BAA2B,CAAC,UAAU,CAAC,EAC/C,OAAO,GAAE;IAAE,YAAY,CAAC,EAAE,MAAM,CAAA;CAAO,GACtC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CA2FvC;AAED;;;;;;;;;GASG;AACH,wBAAuB,kBAAkB,CACvC,QAAQ,EAAE,QAAQ,EAClB,OAAO,GAAE;IAAE,YAAY,CAAC,EAAE,MAAM,CAAA;CAAO,GACtC,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAmBvC;AAID;;;;;GAKG;AACH,iBAAS,eAAe,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAE1C;AAmBD,eAAO,MAAM,QAAQ;;;CAGpB,CAAC"}

package/dist/lines-parser.js

@@ -0,0 +1,211 @@
+// ─── Lines parser ───────────────────────────────────────────────────────────
+//
+// Parses a stream of UTF-8-encoded text bytes into newline-delimited line
+// strings. Symmetric to `ndjson-parser.ts` but does NOT JSON.parse — yields
+// each line raw. Used by streaming endpoints whose payload is line-oriented
+// but NOT JSON (today: `audit-log.export?format=cef`; future: any other
+// text/plain-line format such as CSV or syslog).
+//
+// Subset implemented (mirrors the strict ndjson subset for symmetry):
+//   - One value per line, separated by U+000A LINE FEED (`\n`).
+//   - UTF-8 decoded with `{stream: true}` so multibyte chars split across
+//     reads recombine correctly.
+//   - Leading BOM (U+FEFF) stripped once at stream start.
+//   - Blank lines silently skipped (lenient — the kernel's CEF path doesn't
+//     emit them but defensive parsers should tolerate whitespace artifacts).
+//   - Final unterminated line (no trailing `\n`) is emitted (lenient —
+//     handles HTTP/1.1 connection-close mid-line).
+//   - Buffer cap (1 MiB default) on the residual partial-line buffer,
+//     defending against an unbounded line attack.
+//   - Trailing `\r` (CRLF artifact) trimmed defensively before yielding.
+//   - Mid-stream reader rejections wrapped as `AttestryError` (`AbortError`
+//     becomes "request aborted by caller"; everything else becomes
+//     "network error during stream: ..."). Symmetric to ndjson-parser
+//     post hostile-fix.
+//
+// The parser yields raw strings; the resource-level caller decides how to
+// interpret each line (CEF lines start with "CEF:0|...", but this parser
+// doesn't enforce that — forward-compatible with future text formats).
+import { AttestryError } from "./errors.js";
+/**
+ * Maximum residual buffer size before the parser bails. Defends against
+ * a server / proxy emitting an unbounded line (no `\n` boundary) — the
+ * parser would otherwise accumulate until OOM.
+ *
+ * 1 MiB matches `ndjson-parser.ts`'s cap. The kernel's CEF emitter caps
+ * the `Name` field at 512 bytes and the structured extensions at a
+ * handful of KB total; a real audit-log row CEF line is ~1 KB. 1 MiB
+ * is ~1000× headroom.
+ *
+ * Configurable via `parseLines`'s `maxLineBytes` option for callers
+ * with legitimate large-line use cases (none today).
+ */
+const DEFAULT_MAX_LINE_BYTES = 1024 * 1024;
+/**
+ * Async generator: reads from a stream of UTF-8-encoded line-oriented
+ * bytes and yields each `\n`-delimited line as a raw string. Ends when
+ * the underlying reader signals `done`. Defensive: a caller that breaks
+ * early out of the for-await loop leaves the reader open — call
+ * `reader.cancel()` from your finally block (or use `parseLinesResponse`
+ * below which handles cleanup automatically).
+ *
+ * Mid-stream read errors are wrapped as
+ * `AttestryError("network error during stream: <reason>")` with the
+ * original error chained as `cause`. AbortError-shaped rejects (caller
+ * cancelled the underlying signal) are wrapped as
+ * `AttestryError("request aborted by caller")` for symmetry with the
+ * pre-fetch abort surface and with the ndjson-parser. The resource layer
+ * can rely on these wrappings — `runAuditLogExport`'s loop passes any
+ * `AttestryError` through verbatim.
+ *
+ * @throws AttestryError if the residual line buffer exceeds `maxLineBytes`
+ *         (defense against unbounded-line DoS), OR the underlying reader
+ *         rejects mid-iteration (network drop, abort).
+ */
+export async function* parseLines(reader, options = {}) {
+    const maxLineBytes = options.maxLineBytes ?? DEFAULT_MAX_LINE_BYTES;
+    const decoder = new TextDecoder("utf-8");
+    let buffer = "";
+    let bomStripped = false;
+    while (true) {
+        let result;
+        try {
+            result = await reader.read();
+        }
+        catch (err) {
+            // Mid-stream reader rejects: TCP RST, proxy hang-up, signal-
+            // aborted fetch. Wrap with a clear AttestryError so consumers
+            // can branch uniformly via `instanceof AttestryError` rather
+            // than having to type-narrow on raw DOMException / TypeError.
+            // Resource-layer wrapper passes AttestryError through verbatim.
+            if (isAbortErrorShape(err)) {
+                throw new AttestryError("request aborted by caller", { cause: err });
+            }
+            throw new AttestryError(`network error during stream: ${err instanceof Error ? err.message : String(err)}`, { cause: err });
+        }
+        const { value, done } = result;
+        if (done) {
+            // Flush any final bytes (no-op if value was always complete).
+            buffer += decoder.decode();
+            // The final newline is optional — emit any trailing partial line
+            // if non-empty after stripping CR. This handles HTTP/1.1
+            // connection-close mid-line: better to surface the partial line
+            // to the caller than silently drop it. Symmetric to ndjson-parser.
+            const stripped = stripTrailingCR(buffer);
+            if (stripped.length > 0)
+                yield stripped;
+            return;
+        }
+        if (value === undefined)
+            continue;
+        // `{stream: true}` carries multi-byte UTF-8 boundaries across chunks.
+        buffer += decoder.decode(value, { stream: true });
+        // Strip a leading BOM (U+FEFF) if present. Kernel doesn't emit a
+        // BOM today, but a misconfigured proxy / charset transcoder could
+        // prepend one. Without this strip, the first line's first char
+        // would be `CEF:0|...` and downstream consumers parsing the
+        // CEF prefix would silently fail. One-shot: only at the very first
+        // decoded codepoint of the stream.
+        //
+        // Mirror of ndjson-parser fix: `bomStripped` is only flipped once
+        // we've actually decoded at least one character. Otherwise an empty
+        // / partial-multibyte first read would set the flag prematurely; if
+        // the BOM bytes arrived in a later read, the strip-attempt would
+        // be skipped.
+        if (!bomStripped && buffer.length > 0) {
+            bomStripped = true;
+            // Defense-in-depth dead path: in Node 18+ / browsers,
+            // `TextDecoder("utf-8")` defaults to `ignoreBOM: false` and
+            // strips a stream-start BOM internally — by the time the byte
+            // reaches our buffer, the BOM is already gone. Marked for v8
+            // coverage to make the intentional defense visible.
+            /* v8 ignore next 3 */
+            if (buffer.charCodeAt(0) === 0xfeff) {
+                buffer = buffer.slice(1);
+            }
+        }
+        // Yield each complete line. We split on `\n` rather than using
+        // String.split to keep the indexing explicit (and to make the
+        // residual-buffer accounting visible). Symmetric to ndjson-parser.
+        while (true) {
+            const newlineIdx = buffer.indexOf("\n");
+            if (newlineIdx === -1)
+                break;
+            const line = buffer.slice(0, newlineIdx);
+            buffer = buffer.slice(newlineIdx + 1);
+            const stripped = stripTrailingCR(line);
+            if (stripped.length === 0)
+                continue; // blank line — skip silently
+            yield stripped;
+        }
+        // Defense in depth: after consuming all complete lines, the residual
+        // buffer holds at most a partial line. If THAT exceeds the cap, the
+        // server emitted an unbounded line (or omitted the delimiter) — bail
+        // before we OOM. Checking after the yield-loop avoids tripping on a
+        // single huge chunk that contains many small complete lines.
+        if (buffer.length > maxLineBytes) {
+            throw new AttestryError(`line exceeded maximum buffer size (${maxLineBytes} bytes) — server emitted an unbounded line or omitted the line delimiter`);
+        }
+    }
+}
+/**
+ * Convenience wrapper around `parseLines` that accepts a `Response`,
+ * derives the reader, and ALWAYS calls `reader.cancel()` in a `finally`
+ * block — including when a caller breaks out of the for-await loop
+ * early. Without this, an early `break` leaks the underlying connection.
+ *
+ * Resources should call this rather than `parseLines` directly.
+ *
+ * Symmetric to `parseNDJSONResponse` and `parseSSEResponse`.
+ */
+export async function* parseLinesResponse(response, options = {}) {
+    if (response.body === null) {
+        // 204 No Content / empty body — iterator ends with zero lines.
+        // (Throwing would be over-strict; the server may legitimately close
+        // before any data — symmetric to parseNDJSONResponse / parseSSEResponse.)
+        return;
+    }
+    const reader = response.body.getReader();
+    try {
+        yield* parseLines(reader, options);
+    }
+    finally {
+        // Release the lock + signal cancellation upstream. Wrapped in
+        // try/catch because cancel() on an already-closed reader rejects.
+        try {
+            await reader.cancel();
+        }
+        catch {
+            // Already canceled / closed — nothing to do.
+        }
+    }
+}
+// ─── Internals ──────────────────────────────────────────────────────────────
+/**
+ * Trim a single trailing `\r` (CR). Defensive: line-oriented streaming
+ * formats mandate LF only, but a Windows-tooling artifact could leave
+ * a CR before the LF. Trimming exactly one CR keeps the parser permissive
+ * without treating CR alone as a line separator.
+ */
+function stripTrailingCR(s) {
+    return s.length > 0 && s.charCodeAt(s.length - 1) === 0x0d ? s.slice(0, -1) : s;
+}
+/**
+ * True if `err` is an AbortError-shaped exception (DOMException or
+ * Error with `name === "AbortError"`). Both browsers and Node 18+
+ * produce this shape when `fetch` / `reader.read()` is aborted via
+ * `AbortController.abort()`. Same helper signature as the one in
+ * `ndjson-parser.ts`.
+ */
+function isAbortErrorShape(err) {
+    return (err !== null &&
+        typeof err === "object" &&
+        "name" in err &&
+        err.name === "AbortError");
+}
+// Test-only handles for direct pinning of internals.
+export const __test__ = {
+    DEFAULT_MAX_LINE_BYTES,
+    stripTrailingCR,
+};
+//# sourceMappingURL=lines-parser.js.map

package/dist/lines-parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lines-parser.js","sourceRoot":"","sources":["../src/lines-parser.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,0EAA0E;AAC1E,4EAA4E;AAC5E,4EAA4E;AAC5E,wEAAwE;AACxE,iDAAiD;AACjD,EAAE;AACF,sEAAsE;AACtE,gEAAgE;AAChE,0EAA0E;AAC1E,iCAAiC;AACjC,0DAA0D;AAC1D,4EAA4E;AAC5E,6EAA6E;AAC7E,uEAAuE;AACvE,mDAAmD;AACnD,sEAAsE;AACtE,kDAAkD;AAClD,yEAAyE;AACzE,4EAA4E;AAC5E,mEAAmE;AACnE,sEAAsE;AACtE,wBAAwB;AACxB,EAAE;AACF,0EAA0E;AAC1E,yEAAyE;AACzE,uEAAuE;AAEvE,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C;;;;;;;;;;;;GAYG;AACH,MAAM,sBAAsB,GAAG,IAAI,GAAG,IAAI,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,CAAC,KAAK,SAAS,CAAC,CAAC,UAAU,CAC/B,MAA+C,EAC/C,UAAqC,EAAE;IAEvC,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,sBAAsB,CAAC;IACpE,MAAM,OAAO,GAAG,IAAI,WAAW,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,WAAW,GAAG,KAAK,CAAC;IAExB,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,MAA4C,CAAC;QACjD,IAAI,CAAC;YACH,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QAC/B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,6DAA6D;YAC7D,8DAA8D;YAC9D,6DAA6D;YAC7D,8DAA8D;YAC9D,gEAAgE;YAChE,IAAI,iBAAiB,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3B,MAAM,IAAI,aAAa,CAAC,2BAA2B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,IAAI,aAAa,CACrB,gCACE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CACjD,EAAE,EACF,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC;QAC/B,IAAI,IAAI,EAAE,CAAC;YACT,8DAA8D;YAC9D,MAAM,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YAC3B,iEAAiE;YACjE,yDAAyD;YACzD,gEAAgE;YAChE,mEAAmE;YACnE,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;YACzC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC;gBAAE,MAAM,QAAQ,CAAC;YACxC,OAAO;QACT,CAAC;QACD,IAAI,KAAK,KAAK,SAAS;YAAE,SAAS;QAClC,sEAAsE;QACtE,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QAElD,iEAAiE;QACjE,kEAAkE;QAClE,+DAA+D;QAC/D,6DAA6D;QAC7D,mEAAmE;QACnE,mCAAmC;QACnC,EAAE;QACF,kEAAkE;QAClE,oEAAoE;QACpE,oEAAoE;QACpE,iEAAiE;QACjE,cAAc;QACd,IAAI,CAAC,WAAW,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtC,WAAW,GAAG,IAAI,CAAC;YACnB,sDAAsD;YACtD,4DAA4D;YAC5D,8DAA8D;YAC9D,6DAA6D;YAC7D,oDAAoD;YACpD,sBAAsB;YACtB,IAAI,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,MAAM,EAAE,CAAC;gBACpC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,8DAA8D;QAC9D,mEAAmE;QACnE,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACxC,IAAI,UAAU,KAAK,CAAC,CAAC;gBAAE,MAAM;YAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;YACzC,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;YACtC,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;YACvC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS,CAAC,6BAA6B;YAClE,MAAM,QAAQ,CAAC;QACjB,CAAC;QAED,qEAAqE;QACrE,oEAAoE;QACpE,qEAAqE;QACrE,oEAAoE;QACpE,6DAA6D;QAC7D,IAAI,MAAM,CAAC,MAAM,GAAG,YAAY,EAAE,CAAC;YACjC,MAAM,IAAI,aAAa,CACrB,sCAAsC,YAAY,0EAA0E,CAC7H,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,SAAS,CAAC,CAAC,kBAAkB,CACvC,QAAkB,EAClB,UAAqC,EAAE;IAEvC,IAAI,QAAQ,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;QAC3B,+DAA+D;QAC/D,oEAAoE;QACpE,0EAA0E;QAC1E,OAAO;IACT,CAAC;IACD,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;IACzC,IAAI,CAAC;QACH,KAAK,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,CAAC;YAAS,CAAC;QACT,8DAA8D;QAC9D,kEAAkE;QAClE,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC;QACxB,CAAC;QAAC,MAAM,CAAC;YACP,6CAA6C;QAC/C,CAAC;IACH,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E;;;;;GAKG;AACH,SAAS,eAAe,CAAC,CAAS;IAChC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAClF,CAAC;AAED;;;;;;GAMG;AACH,SAAS,iBAAiB,CAAC,GAAY;IACrC,OAAO,CACL,GAAG,KAAK,IAAI;QACZ,OAAO,GAAG,KAAK,QAAQ;QACvB,MAAM,IAAI,GAAG;QACZ,GAAyB,CAAC,IAAI,KAAK,YAAY,CACjD,CAAC;AACJ,CAAC;AAED,qDAAqD;AACrD,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,sBAAsB;IACtB,eAAe;CAChB,CAAC"}