@axiastudio/aioc 0.2.3 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +31 -4
- package/package.json +13 -1
package/README.md
CHANGED
|
@@ -1,14 +1,29 @@
|
|
|
1
1
|
# @axiastudio/aioc
|
|
2
2
|
|
|
3
|
-
AIOC is a governance
|
|
4
|
-
It
|
|
5
|
-
AIOC is designed for enterprise and public-sector contexts
|
|
3
|
+
AIOC is a deterministic governance kernel for LLM agents: models can propose actions, while application-owned policies and runtime controls decide what is actually allowed to happen.
|
|
4
|
+
It is built around default-deny gates for tools and handoffs, portable audit artifacts (`RunRecord`, prompt snapshots, request fingerprints), and replay/compare workflows for verifiable iteration on prompts and policies.
|
|
5
|
+
AIOC is designed for enterprise and public-sector contexts where governance cannot be outsourced to an observability dashboard, hosted trace store, or framework-owned approval workflow.
|
|
6
6
|
|
|
7
7
|
Project home and documentation: [https://axiastudio.github.io/aioc](https://axiastudio.github.io/aioc)
|
|
8
8
|
|
|
9
|
+
## Positioning
|
|
10
|
+
|
|
11
|
+
AIOC does not try to be a full agent platform, hosted tracing product, evaluation suite, or human-review workflow engine.
|
|
12
|
+
Those systems are useful, but they make governance-sensitive decisions about storage, retention, access, escalation, and audit semantics.
|
|
13
|
+
|
|
14
|
+
AIOC keeps the enforcement boundary inside the application instead:
|
|
15
|
+
|
|
16
|
+
- the model proposes; deterministic policy code authorizes or denies
|
|
17
|
+
- execution-impacting capabilities are deny-by-default
|
|
18
|
+
- audit evidence is emitted as portable records rather than owned by a required control plane
|
|
19
|
+
- persistence, approvals, retention, access control, monitoring, and deployment remain host-application responsibilities
|
|
20
|
+
|
|
21
|
+
In short: AIOC treats observability as evidence, not as governance itself.
|
|
22
|
+
Its core job is to make agent execution boundaries explicit, testable, auditable, and hard to bypass.
|
|
23
|
+
|
|
9
24
|
## Release Status
|
|
10
25
|
|
|
11
|
-
Current stable release: `0.2.
|
|
26
|
+
Current stable release: `0.2.4`.
|
|
12
27
|
The stable line started with `0.1.0`.
|
|
13
28
|
The core runtime surface is compatibility-managed. Breaking changes to the stable surface should ship only with explicit migration guidance and release notes.
|
|
14
29
|
|
|
@@ -22,6 +37,17 @@ AIOC `0.2.0` adds implemented runtime utilities and the Agent Harness Descriptor
|
|
|
22
37
|
AIOC `0.2.1` realigns the `0.2.x` package line with the current `main` history after `0.2.0` was published from the descriptor release branch.
|
|
23
38
|
AIOC `0.2.2` completes the descriptor instruction-composition surface with reusable `instruction_parts`, ordered `instructions_sequence`, and boolean `where` gates.
|
|
24
39
|
AIOC `0.2.3` adds RFC-0010 policy composition helpers for exact-name tool and handoff policy dispatch without changing runtime enforcement semantics.
|
|
40
|
+
AIOC `0.2.4` adds experimental governance-event packages and an OpenTelemetry Logs exporter for reduced, operational observability events derived from `RunRecord` values.
|
|
41
|
+
|
|
42
|
+
### Experimental Packages
|
|
43
|
+
|
|
44
|
+
`@axiastudio/aioc-governance-events` implements the RFC-0009 governance-event
|
|
45
|
+
mapper outside the core runtime package. It derives reduced, redacted,
|
|
46
|
+
event-shaped records from `RunRecord` values.
|
|
47
|
+
|
|
48
|
+
`@axiastudio/aioc-export-otel` maps those governance events to OpenTelemetry
|
|
49
|
+
Logs. Both packages remain experimental while real exporter usage validates the
|
|
50
|
+
schema and operational shape.
|
|
25
51
|
|
|
26
52
|
- Release notes: `CHANGELOG.md`
|
|
27
53
|
- Historical beta contract snapshot: `docs/BETA-CONTRACT.md`
|
|
@@ -243,6 +269,7 @@ This repository also contains `aioc-inspect`, a private reference example UI for
|
|
|
243
269
|
| `npm run example:approval-required` | Minimal approval-required tool + policy flow | Yes (`AIOC_EXAMPLE_PROVIDER` + matching provider API key) |
|
|
244
270
|
| `npm run example:approval-evidence` | Approval evidence passed through context and reevaluated by policy | Yes (`AIOC_EXAMPLE_PROVIDER` + matching provider API key) |
|
|
245
271
|
| `npm run example:tool-policy` | Straight tool + policy flow with allowed execution | Yes (`AIOC_EXAMPLE_PROVIDER` + matching provider API key) |
|
|
272
|
+
| `npm run example:policy-composition` | Exact-name tool policy dispatch with fallback deny | Yes (`AIOC_EXAMPLE_PROVIDER` + matching provider API key) |
|
|
246
273
|
| `npm run example:run-record` | Run-record persistence with redaction + audit | Yes (`AIOC_EXAMPLE_PROVIDER` + matching provider API key) |
|
|
247
274
|
| `npm run example:rru:01-extract` | Minimal `extractToolCalls(...)` | No |
|
|
248
275
|
| `npm run example:rru:02-compare` | Minimal `compareRunRecords(...)` | No |
|
package/package.json
CHANGED
|
@@ -1,11 +1,14 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@axiastudio/aioc",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.4",
|
|
4
4
|
"main": "dist/index.js",
|
|
5
5
|
"types": "dist/index.d.ts",
|
|
6
6
|
"files": [
|
|
7
7
|
"dist"
|
|
8
8
|
],
|
|
9
|
+
"workspaces": [
|
|
10
|
+
"packages/*"
|
|
11
|
+
],
|
|
9
12
|
"scripts": {
|
|
10
13
|
"test": "npm run test:ci",
|
|
11
14
|
"clean": "node -e \"require('fs').rmSync('dist',{recursive:true,force:true})\"",
|
|
@@ -22,6 +25,7 @@
|
|
|
22
25
|
"example:approval-required": "tsx src/examples/basic/approval-required.ts",
|
|
23
26
|
"example:approval-evidence": "tsx src/examples/basic/approval-evidence.ts",
|
|
24
27
|
"example:tool-policy": "tsx src/examples/basic/tools.ts",
|
|
28
|
+
"example:policy-composition": "tsx src/examples/basic/policy-composition.ts",
|
|
25
29
|
"example:harness": "tsx src/examples/harness-descriptor/customer-support.ts",
|
|
26
30
|
"example:run-record": "tsx src/examples/basic/run-record-sink.ts",
|
|
27
31
|
"example:rru:01-extract": "tsx src/examples/run-record-utils-minimal/01-extract-tool-calls.ts",
|
|
@@ -34,6 +38,14 @@
|
|
|
34
38
|
"docs:dev": "npm run docs:sync && cd apps/aioc-docs && zsh -lc 'npm run dev'",
|
|
35
39
|
"docs:build": "npm run docs:sync && cd apps/aioc-docs && zsh -lc 'npm run build'",
|
|
36
40
|
"docs:preview": "cd apps/aioc-docs && zsh -lc 'npm run preview'",
|
|
41
|
+
"packages:build": "npm run governance-events:build && npm run build -w @axiastudio/aioc-export-otel && npm run build -w @axiastudio/aioc-inspect-ui",
|
|
42
|
+
"packages:test": "npm run governance-events:test && npm run export-otel:test",
|
|
43
|
+
"governance-events:build": "npm run build && npm run build -w @axiastudio/aioc-governance-events",
|
|
44
|
+
"governance-events:test": "npm run build && npm test -w @axiastudio/aioc-governance-events",
|
|
45
|
+
"export-otel:build": "npm run governance-events:build && npm run build -w @axiastudio/aioc-export-otel",
|
|
46
|
+
"export-otel:test": "npm run governance-events:build && npm test -w @axiastudio/aioc-export-otel",
|
|
47
|
+
"export-otel:console": "npm run governance-events:build && npm run console -w @axiastudio/aioc-export-otel",
|
|
48
|
+
"export-otel:signoz": "npm run governance-events:build && npm run signoz -w @axiastudio/aioc-export-otel",
|
|
37
49
|
"test:mistral": "tsx src/examples/mistral-smoke.ts",
|
|
38
50
|
"prepack": "npm run build:package"
|
|
39
51
|
},
|