@attestry/sdk 0.6.0

package/dist/transport.js

@@ -0,0 +1,455 @@
+// ─── HTTP transport ─────────────────────────────────────────────────────────
+//
+// `request` is the single-entry point for every API call. Resources call
+// it via the client. Behavior:
+//
+//   - Adds `x-api-key` header from the client's options.
+//   - Adds `Content-Type: application/json` when sending a body.
+//   - Adds `Accept: application/json` always.
+//   - Composes the final URL from `baseUrl + path` with safe slash handling.
+//   - Times out via `AbortController` after `timeoutMs` (default 30s);
+//     caller can also pass their own `signal` which is composed with the
+//     timeout signal.
+//   - Decodes 2xx JSON responses to `T`. 204 / empty body returns `null
+//     as T` — caller types tell the truth.
+//   - Unwraps the kernel's `successResponse` envelope (`{success:true, data}`)
+//     when present; bare bodies pass through.
+//   - Throws `AttestryAPIError` for any non-2xx status with the parsed
+//     body (or `null` if the body wasn't JSON / was empty).
+//   - Throws `AttestryError` for fetch failures (network down, DNS fail,
+//     timeout). The original error is attached as `cause`.
+//   - Automatically retries on HTTP 429 (default 3 retries, exponential
+//     backoff with full jitter, honors `Retry-After` header). Configurable
+//     via `AttestryClientOptions.retry` and `RequestOptions.retry`. See
+//     `retry.ts` and `audit-prompt-F.1-retry-middleware.md` for design.
+//     Retry on other transient statuses (5xx) is NOT implemented — adding
+//     it requires HTTP-level idempotency-key support on the kernel side
+//     to safely re-send POSTs.
+import { AttestryAPIError, AttestryError } from "./errors.js";
+import { attachRetryAfter, isRetryableError, computeRetryDelay, resolveRetryOptions, sleepWithSignal, } from "./retry.js";
+const DEFAULT_BASE_URL = "https://app.attestry.ai";
+const DEFAULT_TIMEOUT_MS = 30_000;
+/**
+ * Validates options at construction time. Surfaces every misconfiguration
+ * as `AttestryError` BEFORE any request is made — fail-fast beats failing
+ * deep in the resource methods. Used by `AttestryClient` constructor.
+ */
+export function resolveClientConfig(options) {
+    if (typeof options.apiKey !== "string" || options.apiKey.length === 0) {
+        throw new AttestryError("AttestryClient: `apiKey` is required");
+    }
+    const baseUrl = (options.baseUrl ?? DEFAULT_BASE_URL).replace(/\/+$/, "");
+    if (baseUrl.length === 0) {
+        throw new AttestryError("AttestryClient: `baseUrl` cannot be empty");
+    }
+    const fetchImpl = options.fetch ?? globalThis.fetch;
+    if (typeof fetchImpl !== "function") {
+        throw new AttestryError("AttestryClient: no `fetch` implementation available — pass `options.fetch` or run on Node 18+");
+    }
+    const timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+    if (!Number.isFinite(timeoutMs) || timeoutMs < 0) {
+        throw new AttestryError("AttestryClient: `timeoutMs` must be a non-negative finite number");
+    }
+    // Validate retry option at construction time too — `resolveRetryOptions`
+    // throws on invalid values (negative maxRetries, non-finite delay, etc.).
+    // Calling it here means a misconfigured client surfaces fast, not on
+    // first request. We discard the result; per-call `resolveRetryOptions`
+    // re-merges with any RequestOptions.retry override.
+    if (options.retry !== undefined) {
+        resolveRetryOptions(options.retry, undefined);
+    }
+    return {
+        apiKey: options.apiKey,
+        baseUrl,
+        fetchImpl,
+        timeoutMs,
+        retry: options.retry,
+    };
+}
+/**
+ * Internal — exported for tests. Composes a URL safely from baseUrl + path.
+ * Caller-supplied `path` may or may not start with `/`; either way works.
+ */
+export function composeUrl(baseUrl, path) {
+    const sep = path.startsWith("/") ? "" : "/";
+    return baseUrl + sep + path;
+}
+/**
+ * Public request runner. Wraps the single-attempt `requestOnce` with the
+ * retry loop. Resources should NOT import this directly — they go
+ * through `AttestryClient._request`.
+ *
+ * Retry behavior: on 429 only (today). The retry loop honors the caller's
+ * abort signal — `signal.abort()` during the backoff sleep rejects with
+ * `AttestryError("request aborted by caller")` rather than completing
+ * the wait.
+ */
+export async function request(args) {
+    const retry = resolveRetryOptions(args.config.retry, args.options?.retry);
+    const callerSignal = args.options?.signal;
+    let attempt = 0;
+    // Loop bounded by retry.maxRetries (validated 0-100 at construction).
+    // No-retry case: max=0, body runs once, errors throw out of the catch.
+    while (true) {
+        try {
+            return await requestOnce(args);
+        }
+        catch (err) {
+            if (isRetryableError(err) &&
+                attempt < retry.maxRetries) {
+                const delay = computeRetryDelay(err, attempt, retry);
+                await sleepWithSignal(delay, callerSignal);
+                attempt++;
+                continue;
+            }
+            throw err;
+        }
+    }
+}
+/**
+ * Internal single-attempt request runner. Exposed under `__test__` for
+ * unit pinning.
+ */
+export async function requestOnce(args) {
+    const { config, method, path, body, query, options } = args;
+    const callerSignal = options?.signal;
+    // Reject upfront on a pre-aborted caller signal. Real `fetch` rejects
+    // synchronously in this case but mock / alternative fetch impls often
+    // do not — making this explicit keeps the SDK contract uniform across
+    // transports.
+    if (callerSignal?.aborted) {
+        throw new AttestryError("request aborted by caller", {
+            cause: callerSignal.reason,
+        });
+    }
+    const queryString = encodeQuery(query);
+    const url = composeUrl(config.baseUrl, path) + queryString;
+    const headers = new Headers();
+    headers.set("x-api-key", config.apiKey);
+    headers.set("Accept", "application/json");
+    if (body !== undefined) {
+        headers.set("Content-Type", "application/json");
+    }
+    const abort = new AbortController();
+    const timeoutHandle = config.timeoutMs > 0
+        ? setTimeout(() => abort.abort(new Error("request timed out")), config.timeoutMs)
+        : null;
+    // Compose caller signal with our timeout signal: abort if either fires.
+    const onCallerAbort = () => abort.abort(callerSignal?.reason);
+    if (callerSignal) {
+        callerSignal.addEventListener("abort", onCallerAbort, { once: true });
+    }
+    // Serialize the body up front so a circular-ref / BigInt throw doesn't
+    // get masked as "network error" by the catch around fetchImpl. Hostile-
+    // review L2.
+    let serializedBody;
+    if (body !== undefined) {
+        try {
+            serializedBody = JSON.stringify(body);
+        }
+        catch (err) {
+            throw new AttestryError(
+            // JSON.stringify throws TypeError (Error subclass) for circular
+            // refs / BigInts, so the String(err) branch is unreachable.
+            // Defense-in-depth marker for the v8 coverage tool.
+            /* v8 ignore next */
+            `invalid request body: ${err instanceof Error ? err.message : String(err)}`, { cause: err });
+        }
+    }
+    let response;
+    try {
+        response = await config.fetchImpl(url, {
+            method,
+            headers,
+            body: serializedBody,
+            signal: abort.signal,
+        });
+    }
+    catch (err) {
+        throw new AttestryError(describeFetchFailure(err, abort.signal.aborted, callerSignal?.aborted ?? false), { cause: err });
+    }
+    finally {
+        // Single cleanup site — finally always runs even after a throw in
+        // catch, so the prior catch-block duplicates were dead code.
+        if (timeoutHandle !== null)
+            clearTimeout(timeoutHandle);
+        if (callerSignal)
+            callerSignal.removeEventListener("abort", onCallerAbort);
+    }
+    if (response.ok) {
+        // P3 hardening: content-type guard for sync GET. Symmetric with
+        // streamRequest's expectedContentType guard. Skipped for 204 (No
+        // Content) — has no body to validate. (304 Not Modified is also
+        // bodyless but `response.ok` is false for 304 (status range
+        // 200-299), so it never reaches this branch — handled by the
+        // error path instead.) Without this guard, a proxy / LB that
+        // wraps a 200 OK around an HTML error page would silently
+        // produce `null` (JSON.parse fails → readBody returns parsed:null
+        // → consumer gets null cast as T). Pre-P3 G6 documented this
+        // soft-fail surface; P3 replaces it with a clear AttestryAPIError
+        // naming the expected vs actual content-type.
+        if (response.status !== 204) {
+            const expectedContentType = args.expectedContentType ?? "application/json";
+            // `?? ""` defends against a null Content-Type header — defense-in-
+            // depth (the kernel always sets it, so the null branch is exotic).
+            /* v8 ignore next */
+            const contentType = response.headers.get("content-type") ?? "";
+            const semicolonIdx = contentType.indexOf(";");
+            const contentTypeMime = (semicolonIdx === -1 ? contentType : contentType.slice(0, semicolonIdx))
+                .trim()
+                .toLowerCase();
+            const expectedMime = expectedContentType.trim().toLowerCase();
+            if (contentTypeMime !== expectedMime) {
+                throw new AttestryAPIError(`expected ${expectedContentType} response, got "${contentType}"`, response.status, null);
+            }
+        }
+        const { parsed } = await readBody(response);
+        // Kernel routes use successResponse() which emits {success:true, data}.
+        // Unwrap when the envelope is present; pass through bare for forward-
+        // compat with hypothetical non-conforming endpoints (none currently
+        // exist). 204 / empty 200 keeps returning null — readBody already
+        // short-circuits parsed:null in that case.
+        if (parsed !== null &&
+            typeof parsed === "object" &&
+            parsed.success === true &&
+            "data" in parsed) {
+            return parsed.data;
+        }
+        return parsed;
+    }
+    // Hostile-review H1: non-JSON error bodies (LB 502 HTML, plain-text
+    // proxy errors) used to surface as `details: null`, leaving consumers
+    // no way to debug. Fall back to the raw text when the body can't be
+    // parsed as JSON.
+    const { parsed, raw } = await readBody(response);
+    const detail = parsed ?? (raw.length > 0 ? raw : null);
+    const apiErr = new AttestryAPIError(extractMessage(detail) ?? `Attestry API returned ${response.status}`, response.status, detail);
+    // Attach Retry-After header (if any) for the retry middleware. Stored
+    // as a non-enumerable property — doesn't pollute JSON.stringify or
+    // user-facing console.log of the error.
+    attachRetryAfter(apiErr, response.headers.get("retry-after"));
+    throw apiErr;
+}
+/**
+ * Streaming-response request — used for any long-lived streaming endpoint
+ * (SSE, NDJSON). Mirrors `request` for header / signal / URL composition
+ * but:
+ *
+ *   - Hardcodes `method: "GET"` (streaming endpoints today are read-only).
+ *   - Sends `Accept: <expectedContentType>` (default `text/event-stream`
+ *     for SSE backward-compat; NDJSON callers pass
+ *     `application/x-ndjson`).
+ *   - Does NOT arm an internal timeout — streams are long-lived; the
+ *     30s default would kill them after half a minute. Caller controls
+ *     duration via `options.signal`. (`decisions.export` runs up to
+ *     5 minutes server-side.)
+ *   - Returns the un-consumed `Response` so the resource can read
+ *     `response.body` as a stream of bytes (for an SSE / NDJSON parser).
+ *   - On non-2xx, drains the body and throws `AttestryAPIError` exactly
+ *     like the JSON path so consumers see the same error shape.
+ *   - On a 2xx with the WRONG content-type, throws with a clear message —
+ *     defensive against a misconfigured proxy returning `text/html` (LB
+ *     error page) or `text/plain`. The kernel always sets the right
+ *     content-type for each route, so this is a fail-fast guard. The
+ *     `expectedContentType` parameter (default `text/event-stream`)
+ *     drives both the `Accept:` request header AND this guard, so SSE
+ *     callers reject NDJSON responses and vice versa — a single source
+ *     of truth.
+ *
+ * Retry semantics: the INITIAL fetch goes through the retry wrapper
+ * (same 429 logic as `request<T>`). Once the response is open,
+ * mid-iteration errors do NOT retry — events would be lost or
+ * duplicated without per-event idempotency. Caller manages reconnection
+ * by passing the last seen cursor back (e.g., SSE `lastEventId`,
+ * NDJSON: re-issue with adjusted filters).
+ */
+export async function streamRequest(args) {
+    // Retry on the INITIAL fetch only. Once the response is open and
+    // we've started reading frames, any error (mid-stream 429 from a
+    // proxy, network drop, server timeout) bubbles to the consumer for
+    // them to decide whether to reconnect. Auto-retrying mid-stream
+    // would risk dropping or duplicating events.
+    const retry = resolveRetryOptions(args.config.retry, args.options?.retry);
+    const callerSignal = args.options?.signal;
+    let attempt = 0;
+    while (true) {
+        try {
+            return await streamRequestOnce(args);
+        }
+        catch (err) {
+            if (isRetryableError(err) &&
+                attempt < retry.maxRetries) {
+                const delay = computeRetryDelay(err, attempt, retry);
+                await sleepWithSignal(delay, callerSignal);
+                attempt++;
+                continue;
+            }
+            throw err;
+        }
+    }
+}
+/**
+ * Internal single-attempt streaming request. Same shape as `streamRequest`
+ * but runs exactly one fetch; the outer wrapper handles retry.
+ */
+async function streamRequestOnce(args) {
+    const { config, path, query, headers: extraHeaders, options } = args;
+    // Default for SSE backward-compat. NDJSON callers pass
+    // `"application/x-ndjson"`; future content-types slot in here too.
+    const expectedContentType = args.expectedContentType ?? "text/event-stream";
+    const callerSignal = options?.signal;
+    if (callerSignal?.aborted) {
+        throw new AttestryError("request aborted by caller", {
+            cause: callerSignal.reason,
+        });
+    }
+    const queryString = encodeQuery(query);
+    const url = composeUrl(config.baseUrl, path) + queryString;
+    const headers = new Headers();
+    headers.set("x-api-key", config.apiKey);
+    headers.set("Accept", expectedContentType);
+    if (extraHeaders) {
+        for (const [k, v] of Object.entries(extraHeaders))
+            headers.set(k, v);
+    }
+    let response;
+    try {
+        response = await config.fetchImpl(url, {
+            method: "GET",
+            headers,
+            // Pass the caller's signal through directly — no internal abort
+            // controller, no timeout. A stream lives until the server closes
+            // it OR the caller aborts.
+            signal: callerSignal,
+        });
+    }
+    catch (err) {
+        throw new AttestryError(describeFetchFailure(err, false, 
+        // `?? false` defends against an undefined caller signal — both
+        // branches reachable but the false-fallback only fires when no
+        // options.signal was passed AND the fetch rejected. Marginal
+        // pin value; defense-in-depth marker for v8.
+        /* v8 ignore next */
+        callerSignal?.aborted ?? false), { cause: err });
+    }
+    if (!response.ok) {
+        // Same body-extraction contract as the JSON path: parsed JSON if
+        // possible, raw text fallback. Non-JSON error bodies (LB 502 HTML,
+        // proxy text) surface as `details` rather than `null`.
+        const { parsed, raw } = await readBody(response);
+        // Defensive ?? fallbacks: `parsed` is null when the body isn't
+        // JSON; `raw.length > 0 ? raw : null` selects between the raw text
+        // and explicit null. `extractMessage(detail) ??` falls back to a
+        // generic "Attestry API returned N" when the body has no
+        // message/error field. All branches reachable in principle but a
+        // 4xx with neither JSON body nor extractable message is exotic —
+        // covered defensively.
+        /* v8 ignore next */
+        const detail = parsed ?? (raw.length > 0 ? raw : null);
+        const apiErr = new AttestryAPIError(
+        /* v8 ignore next */
+        extractMessage(detail) ?? `Attestry API returned ${response.status}`, response.status, detail);
+        attachRetryAfter(apiErr, response.headers.get("retry-after"));
+        throw apiErr;
+    }
+    // Defensive content-type check. The kernel always emits the
+    // expected content-type for each route. If a proxy / load balancer
+    // rewrites the response (e.g. an HTML error page wrapped at 200), the
+    // downstream parser would produce nonsense or hang. Fail-fast with a
+    // clear error class so consumers can branch on it.
+    //
+    // Hostile-review fix: parse the MIME type out of the header (per
+    // RFC 7231 §3.1.1.1, `media-type = type "/" subtype *( OWS ";" OWS
+    // parameter )`) and compare for exact equality with `expectedContentType`.
+    // The previous substring `includes()` match was bypassed by:
+    //   - superset attacks (`application/x-ndjson-evil` matches
+    //     `application/x-ndjson`),
+    //   - parameter-injection attacks (`text/html; x-real-content=
+    //     application/x-ndjson` matches), and
+    //   - structured-suffix attacks (`application/foo+x-ndjson`).
+    // Pulling the type/subtype before the first `;`, trimming OWS, and
+    // exact-matching closes all three while still accepting legitimate
+    // parameters such as `; charset=utf-8`.
+    // `?? ""` defends against a null Content-Type header — the kernel
+    // always sets it, so the null branch is exotic. Defense-in-depth.
+    /* v8 ignore next */
+    const contentType = response.headers.get("content-type") ?? "";
+    const semicolonIdx = contentType.indexOf(";");
+    const contentTypeMime = (semicolonIdx === -1 ? contentType : contentType.slice(0, semicolonIdx))
+        .trim()
+        .toLowerCase();
+    const expectedMime = expectedContentType.trim().toLowerCase();
+    if (contentTypeMime !== expectedMime) {
+        throw new AttestryAPIError(`expected ${expectedContentType} response, got "${contentType}"`, response.status, null);
+    }
+    return response;
+}
+function encodeQuery(q) {
+    if (!q)
+        return "";
+    const params = [];
+    for (const [key, value] of Object.entries(q)) {
+        if (value === undefined || value === null)
+            continue;
+        params.push(`${encodeURIComponent(key)}=${encodeURIComponent(String(value))}`);
+    }
+    return params.length > 0 ? `?${params.join("&")}` : "";
+}
+/**
+ * Reads the response body and tries to parse as JSON. Returns BOTH the
+ * parsed value (or null on parse failure / empty body) AND the raw text.
+ * Callers on the success path use only `parsed`; callers on the error
+ * path fall back to `raw` when `parsed` is null so non-JSON error bodies
+ * (LB 502 HTML, plain-text proxy errors) are surfaced as
+ * `AttestryAPIError.details` rather than silently lost. (Hostile-review
+ * H1.)
+ */
+async function readBody(response) {
+    if (response.status === 204)
+        return { parsed: null, raw: "" };
+    const text = await response.text();
+    if (text.length === 0)
+        return { parsed: null, raw: "" };
+    try {
+        return { parsed: JSON.parse(text), raw: text };
+    }
+    catch {
+        return { parsed: null, raw: text };
+    }
+}
+function extractMessage(detail) {
+    if (detail && typeof detail === "object" && "error" in detail) {
+        const err = detail.error;
+        if (typeof err === "string")
+            return err;
+        if (err && typeof err === "object" && "message" in err) {
+            const m = err.message;
+            if (typeof m === "string")
+                return m;
+        }
+    }
+    if (detail && typeof detail === "object" && "message" in detail) {
+        const m = detail.message;
+        if (typeof m === "string")
+            return m;
+    }
+    return null;
+}
+function describeFetchFailure(err, abortFired, callerAborted) {
+    if (callerAborted)
+        return "request aborted by caller";
+    if (abortFired)
+        return "request timed out";
+    if (err instanceof Error)
+        return `network error: ${err.message}`;
+    return "network error";
+}
+// Test-only handles for direct pinning of internals.
+export const __test__ = {
+    DEFAULT_BASE_URL,
+    DEFAULT_TIMEOUT_MS,
+    encodeQuery,
+    readBody,
+    extractMessage,
+};
+//# sourceMappingURL=transport.js.map

package/dist/transport.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"transport.js","sourceRoot":"","sources":["../src/transport.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,EAAE;AACF,yEAAyE;AACzE,+BAA+B;AAC/B,EAAE;AACF,yDAAyD;AACzD,iEAAiE;AACjE,8CAA8C;AAC9C,6EAA6E;AAC7E,uEAAuE;AACvE,yEAAyE;AACzE,sBAAsB;AACtB,wEAAwE;AACxE,2CAA2C;AAC3C,+EAA+E;AAC/E,8CAA8C;AAC9C,uEAAuE;AACvE,4DAA4D;AAC5D,yEAAyE;AACzE,2DAA2D;AAC3D,wEAAwE;AACxE,2EAA2E;AAC3E,wEAAwE;AACxE,wEAAwE;AACxE,0EAA0E;AAC1E,wEAAwE;AACxE,+BAA+B;AAE/B,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,eAAe,GAEhB,MAAM,YAAY,CAAC;AAOpB,MAAM,gBAAgB,GAAG,yBAAyB,CAAC;AACnD,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAUlC;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CACjC,OAA8B;IAE9B,IAAI,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtE,MAAM,IAAI,aAAa,CAAC,sCAAsC,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,gBAAgB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC1E,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,aAAa,CAAC,2CAA2C,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,IAAK,UAAU,CAAC,KAA+B,CAAC;IAC/E,IAAI,OAAO,SAAS,KAAK,UAAU,EAAE,CAAC;QACpC,MAAM,IAAI,aAAa,CACrB,+FAA+F,CAChG,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,kBAAkB,CAAC;IAC1D,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,aAAa,CACrB,kEAAkE,CACnE,CAAC;IACJ,CAAC;IAED,yEAAyE;IACzE,0EAA0E;IAC1E,qEAAqE;IACrE,uEAAuE;IACvE,oDAAoD;IACpD,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;QAChC,mBAAmB,CAAC,OAAO,CAAC,KAAK,EAAE,SAAS,CAAC,CAAC;IAChD,CAAC;IAED,OAAO;QACL,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO;QACP,SAAS;QACT,SAAS;QACT,KAAK,EAAE,OAAO,CAAC,KAAK;KACrB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,UAAU,CAAC,OAAe,EAAE,IAAY;IACtD,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;IAC5C,OAAO,OAAO,GAAG,GAAG,GAAG,IAAI,CAAC;AAC9B,CAAC;AAmCD;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAI,IAAyB;IACxD,MAAM,KAAK,GAAG,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC1E,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;IAC1C,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,sEAAsE;IACtE,uEAAuE;IACvE,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,CAAC;YACH,OAAO,MAAM,WAAW,CAAI,IAAI,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IACE,gBAAgB,CAAC,GAAG,CAAC;gBACrB,OAAO,GAAG,KAAK,CAAC,UAAU,EAC1B,CAAC;gBACD,MAAM,KAAK,GAAG,iBAAiB,CAAC,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;gBACrD,MAAM,eAAe,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC;gBACV,SAAS;YACX,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAI,IAAyB;IAC5D,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IAE5D,MAAM,YAAY,GAAG,OAAO,EAAE,MAAM,CAAC;IACrC,sEAAsE;IACtE,sEAAsE;IACtE,sEAAsE;IACtE,cAAc;IACd,IAAI,YAAY,EAAE,OAAO,EAAE,CAAC;QAC1B,MAAM,IAAI,aAAa,CAAC,2BAA2B,EAAE;YACnD,KAAK,EAAE,YAAY,CAAC,MAAM;SAC3B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,WAAW,CAAC;IAE3D,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAC9B,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,kBAAkB,CAAC,CAAC;IAC1C,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,eAAe,EAAE,CAAC;IACpC,MAAM,aAAa,GACjB,MAAM,CAAC,SAAS,GAAG,CAAC;QAClB,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAC,EAAE,MAAM,CAAC,SAAS,CAAC;QACjF,CAAC,CAAC,IAAI,CAAC;IAEX,wEAAwE;IACxE,MAAM,aAAa,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAC9D,IAAI,YAAY,EAAE,CAAC;QACjB,YAAY,CAAC,gBAAgB,CAAC,OAAO,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,uEAAuE;IACvE,wEAAwE;IACxE,aAAa;IACb,IAAI,cAAkC,CAAC;IACvC,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QACvB,IAAI,CAAC;YACH,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACxC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,aAAa;YACrB,gEAAgE;YAChE,4DAA4D;YAC5D,oDAAoD;YACpD,oBAAoB;YACpB,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EAC3E,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,QAAkB,CAAC;IACvB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE;YACrC,MAAM;YACN,OAAO;YACP,IAAI,EAAE,cAAc;YACpB,MAAM,EAAE,KAAK,CAAC,MAAM;SACrB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,aAAa,CACrB,oBAAoB,CAAC,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,OAAO,EAAE,YAAY,EAAE,OAAO,IAAI,KAAK,CAAC,EAC/E,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,kEAAkE;QAClE,6DAA6D;QAC7D,IAAI,aAAa,KAAK,IAAI;YAAE,YAAY,CAAC,aAAa,CAAC,CAAC;QACxD,IAAI,YAAY;YAAE,YAAY,CAAC,mBAAmB,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAC7E,CAAC;IAED,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;QAChB,gEAAgE;QAChE,iEAAiE;QACjE,gEAAgE;QAChE,4DAA4D;QAC5D,6DAA6D;QAC7D,6DAA6D;QAC7D,0DAA0D;QAC1D,kEAAkE;QAClE,6DAA6D;QAC7D,kEAAkE;QAClE,8CAA8C;QAC9C,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,mBAAmB,GAAG,IAAI,CAAC,mBAAmB,IAAI,kBAAkB,CAAC;YAC3E,mEAAmE;YACnE,mEAAmE;YACnE,oBAAoB;YACpB,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;YAC/D,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC9C,MAAM,eAAe,GAAG,CACtB,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CACvE;iBACE,IAAI,EAAE;iBACN,WAAW,EAAE,CAAC;YACjB,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC9D,IAAI,eAAe,KAAK,YAAY,EAAE,CAAC;gBACrC,MAAM,IAAI,gBAAgB,CACxB,YAAY,mBAAmB,mBAAmB,WAAW,GAAG,EAChE,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAC5C,wEAAwE;QACxE,sEAAsE;QACtE,oEAAoE;QACpE,kEAAkE;QAClE,2CAA2C;QAC3C,IACE,MAAM,KAAK,IAAI;YACf,OAAO,MAAM,KAAK,QAAQ;YACzB,MAAgC,CAAC,OAAO,KAAK,IAAI;YAClD,MAAM,IAAI,MAAM,EAChB,CAAC;YACD,OAAQ,MAAsB,CAAC,IAAI,CAAC;QACtC,CAAC;QACD,OAAO,MAAW,CAAC;IACrB,CAAC;IAED,oEAAoE;IACpE,sEAAsE;IACtE,oEAAoE;IACpE,kBAAkB;IAClB,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACjD,MAAM,MAAM,GAAY,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAChE,MAAM,MAAM,GAAG,IAAI,gBAAgB,CACjC,cAAc,CAAC,MAAM,CAAC,IAAI,yBAAyB,QAAQ,CAAC,MAAM,EAAE,EACpE,QAAQ,CAAC,MAAM,EACf,MAAM,CACP,CAAC;IACF,sEAAsE;IACtE,mEAAmE;IACnE,wCAAwC;IACxC,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;IAC9D,MAAM,MAAM,CAAC;AACf,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,IAgBnC;IACC,iEAAiE;IACjE,iEAAiE;IACjE,mEAAmE;IACnE,gEAAgE;IAChE,6CAA6C;IAC7C,MAAM,KAAK,GAAG,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC1E,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC;IAC1C,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,CAAC;YACH,OAAO,MAAM,iBAAiB,CAAC,IAAI,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IACE,gBAAgB,CAAC,GAAG,CAAC;gBACrB,OAAO,GAAG,KAAK,CAAC,UAAU,EAC1B,CAAC;gBACD,MAAM,KAAK,GAAG,iBAAiB,CAAC,GAAG,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;gBACrD,MAAM,eAAe,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC;gBACV,SAAS;YACX,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,iBAAiB,CAAC,IAOhC;IACC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;IACrE,uDAAuD;IACvD,mEAAmE;IACnE,MAAM,mBAAmB,GACvB,IAAI,CAAC,mBAAmB,IAAI,mBAAmB,CAAC;IAElD,MAAM,YAAY,GAAG,OAAO,EAAE,MAAM,CAAC;IACrC,IAAI,YAAY,EAAE,OAAO,EAAE,CAAC;QAC1B,MAAM,IAAI,aAAa,CAAC,2BAA2B,EAAE;YACnD,KAAK,EAAE,YAAY,CAAC,MAAM;SAC3B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,GAAG,WAAW,CAAC;IAE3D,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAC9B,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;IAC3C,IAAI,YAAY,EAAE,CAAC;QACjB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;YAAE,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACvE,CAAC;IAED,IAAI,QAAkB,CAAC;IACvB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,GAAG,EAAE;YACrC,MAAM,EAAE,KAAK;YACb,OAAO;YACP,gEAAgE;YAChE,iEAAiE;YACjE,2BAA2B;YAC3B,MAAM,EAAE,YAAY;SACrB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,aAAa,CACrB,oBAAoB,CAClB,GAAG,EACH,KAAK;QACL,+DAA+D;QAC/D,+DAA+D;QAC/D,6DAA6D;QAC7D,6CAA6C;QAC7C,oBAAoB;QACpB,YAAY,EAAE,OAAO,IAAI,KAAK,CAC/B,EACD,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,iEAAiE;QACjE,mEAAmE;QACnE,uDAAuD;QACvD,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACjD,+DAA+D;QAC/D,mEAAmE;QACnE,iEAAiE;QACjE,yDAAyD;QACzD,iEAAiE;QACjE,iEAAiE;QACjE,uBAAuB;QACvB,oBAAoB;QACpB,MAAM,MAAM,GAAY,MAAM,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,IAAI,gBAAgB;QACjC,oBAAoB;QACpB,cAAc,CAAC,MAAM,CAAC,IAAI,yBAAyB,QAAQ,CAAC,MAAM,EAAE,EACpE,QAAQ,CAAC,MAAM,EACf,MAAM,CACP,CAAC;QACF,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC;QAC9D,MAAM,MAAM,CAAC;IACf,CAAC;IAED,4DAA4D;IAC5D,mEAAmE;IACnE,sEAAsE;IACtE,qEAAqE;IACrE,mDAAmD;IACnD,EAAE;IACF,iEAAiE;IACjE,mEAAmE;IACnE,2EAA2E;IAC3E,6DAA6D;IAC7D,4DAA4D;IAC5D,+BAA+B;IAC/B,+DAA+D;IAC/D,0CAA0C;IAC1C,8DAA8D;IAC9D,mEAAmE;IACnE,mEAAmE;IACnE,wCAAwC;IACxC,kEAAkE;IAClE,kEAAkE;IAClE,oBAAoB;IACpB,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IAC/D,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC9C,MAAM,eAAe,GAAG,CACtB,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CACvE;SACE,IAAI,EAAE;SACN,WAAW,EAAE,CAAC;IACjB,MAAM,YAAY,GAAG,mBAAmB,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9D,IAAI,eAAe,KAAK,YAAY,EAAE,CAAC;QACrC,MAAM,IAAI,gBAAgB,CACxB,YAAY,mBAAmB,mBAAmB,WAAW,GAAG,EAChE,QAAQ,CAAC,MAAM,EACf,IAAI,CACL,CAAC;IACJ,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,WAAW,CAClB,CAA2E;IAE3E,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,CAAC;IAClB,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI;YAAE,SAAS;QACpD,MAAM,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,kBAAkB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;IACjF,CAAC;IACD,OAAO,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;AACzD,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,UAAU,QAAQ,CACrB,QAAkB;IAElB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG;QAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC;IAC9D,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IACnC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC;IACxD,IAAI,CAAC;QACH,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC;IACrC,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,MAAe;IACrC,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;QAC9D,MAAM,GAAG,GAAI,MAA6B,CAAC,KAAK,CAAC;QACjD,IAAI,OAAO,GAAG,KAAK,QAAQ;YAAE,OAAO,GAAG,CAAC;QACxC,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,SAAS,IAAI,GAAG,EAAE,CAAC;YACvD,MAAM,CAAC,GAAI,GAA4B,CAAC,OAAO,CAAC;YAChD,IAAI,OAAO,CAAC,KAAK,QAAQ;gBAAE,OAAO,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IACD,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,SAAS,IAAI,MAAM,EAAE,CAAC;QAChE,MAAM,CAAC,GAAI,MAA+B,CAAC,OAAO,CAAC;QACnD,IAAI,OAAO,CAAC,KAAK,QAAQ;YAAE,OAAO,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,oBAAoB,CAC3B,GAAY,EACZ,UAAmB,EACnB,aAAsB;IAEtB,IAAI,aAAa;QAAE,OAAO,2BAA2B,CAAC;IACtD,IAAI,UAAU;QAAE,OAAO,mBAAmB,CAAC;IAC3C,IAAI,GAAG,YAAY,KAAK;QAAE,OAAO,kBAAkB,GAAG,CAAC,OAAO,EAAE,CAAC;IACjE,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,qDAAqD;AACrD,MAAM,CAAC,MAAM,QAAQ,GAAG;IACtB,gBAAgB;IAChB,kBAAkB;IAClB,WAAW;IACX,QAAQ;IACR,cAAc;CACf,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,61 @@
+import type { RetryOptions } from "./retry.js";
+/**
+ * Minimal subset of the standard `fetch` signature. The SDK accepts any
+ * implementation that matches this shape so consumers can inject a custom
+ * `fetch` (testing, retry middleware, observability instrumentation, etc.)
+ * without depending on the global `fetch`.
+ */
+export type FetchLike = (input: string | URL, init?: RequestInit) => Promise<Response>;
+export interface AttestryClientOptions {
+    /**
+     * API key from the Attestry org settings page. Sent as the `x-api-key`
+     * header on every request. Required.
+     */
+    apiKey: string;
+    /**
+     * Base URL of the Attestry API. Defaults to `https://app.attestry.ai`.
+     * Override for self-hosted, EU residency, or local dev.
+     */
+    baseUrl?: string;
+    /**
+     * Custom fetch implementation. Defaults to the global `fetch`. Throws at
+     * construction time if neither is available.
+     */
+    fetch?: FetchLike;
+    /**
+     * Request timeout in milliseconds. Defaults to 30_000 (30s). Set `0` to
+     * disable. The SDK aborts via `AbortController` when the timeout elapses
+     * and surfaces the abort as `AttestryError` ("request timed out").
+     *
+     * Note: NOT applied to streaming requests (`*.stream()` methods).
+     * Streams are long-lived; the caller controls duration via `options.signal`.
+     */
+    timeoutMs?: number;
+    /**
+     * Automatic retry configuration for HTTP 429 responses. Per-call
+     * `RequestOptions.retry` overrides this. Set `{maxRetries: 0}` to
+     * disable retries client-wide.
+     *
+     * Defaults: `{maxRetries: 3, initialDelayMs: 1000, maxDelayMs: 30_000,
+     * honorRetryAfter: true}`.
+     *
+     * Applied to all JSON requests AND to the initial fetch of streaming
+     * requests. Mid-stream errors are NEVER retried (would risk lost or
+     * duplicated events).
+     */
+    retry?: Partial<RetryOptions>;
+}
+/**
+ * Per-request overrides.
+ */
+export interface RequestOptions {
+    /** Caller-provided abort signal — composed with the SDK's internal timeout. */
+    signal?: AbortSignal;
+    /**
+     * Per-call retry override. Same shape as `AttestryClientOptions.retry`
+     * but takes precedence. Useful for one-off "do not retry this" calls
+     * or for tightening retries on a latency-sensitive call.
+     */
+    retry?: Partial<RetryOptions>;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C;;;;;GAKG;AACH,MAAM,MAAM,SAAS,GAAG,CACtB,KAAK,EAAE,MAAM,GAAG,GAAG,EACnB,IAAI,CAAC,EAAE,WAAW,KACf,OAAO,CAAC,QAAQ,CAAC,CAAC;AAEvB,MAAM,WAAW,qBAAqB;IACpC;;;OAGG;IACH,MAAM,EAAE,MAAM,CAAC;IAEf;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,KAAK,CAAC,EAAE,SAAS,CAAC;IAElB;;;;;;;OAOG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,+EAA+E;IAC/E,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB;;;;OAIG;IACH,KAAK,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;CAC/B"}

package/dist/types.js

@@ -0,0 +1,3 @@
+// ─── Shared SDK types ───────────────────────────────────────────────────────
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,+EAA+E"}

package/package.json

@@ -0,0 +1,44 @@
+{
+  "name": "@attestry/sdk",
+  "version": "0.6.0",
+  "description": "Official TypeScript SDK for the Attestry compliance kernel \u2014 submit AI incidents, fetch decisions, query the cross-tenant pattern corpus.",
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/attestry-ai/attestry-sdk.git",
+    "directory": "packages/attestry-sdk"
+  },
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "keywords": [
+    "attestry",
+    "ai-compliance",
+    "eu-ai-act",
+    "colorado-ai-act",
+    "nist-ai-rmf",
+    "iso-42001",
+    "ai-incidents",
+    "compliance-sdk"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "dev": "tsc --watch",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "prepare": "npm run build"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "typescript": "^5.7.0",
+    "vitest": "^3.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}