@axtary/actionpass 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +88 -6
- package/dist/caep.d.ts +89 -0
- package/dist/caep.d.ts.map +1 -0
- package/dist/caep.js +258 -0
- package/dist/caep.js.map +1 -0
- package/dist/dev-key.d.ts +50 -0
- package/dist/dev-key.d.ts.map +1 -0
- package/dist/dev-key.js +103 -0
- package/dist/dev-key.js.map +1 -0
- package/dist/explain.d.ts +12 -0
- package/dist/explain.d.ts.map +1 -0
- package/dist/explain.js +147 -0
- package/dist/explain.js.map +1 -0
- package/dist/index.d.ts +1007 -5
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1709 -62
- package/dist/index.js.map +1 -1
- package/dist/postgres.d.ts +21 -0
- package/dist/postgres.d.ts.map +1 -0
- package/dist/postgres.js +112 -0
- package/dist/postgres.js.map +1 -0
- package/dist/provenance.d.ts +59 -0
- package/dist/provenance.d.ts.map +1 -0
- package/dist/provenance.js +67 -0
- package/dist/provenance.js.map +1 -0
- package/dist/status-list.d.ts +158 -0
- package/dist/status-list.d.ts.map +1 -0
- package/dist/status-list.js +447 -0
- package/dist/status-list.js.map +1 -0
- package/package.json +3 -1
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,18 @@
|
|
|
1
1
|
import { type CryptoKey, type JWK, type KeyObject } from "jose";
|
|
2
2
|
import { z } from "zod";
|
|
3
|
+
import { type ActionPassStatusClaim } from "./status-list.js";
|
|
4
|
+
import { type ActionProvenance } from "./provenance.js";
|
|
5
|
+
import { type PolicyDecisionExplanation } from "./explain.js";
|
|
6
|
+
export * from "./caep.js";
|
|
7
|
+
export * from "./dev-key.js";
|
|
8
|
+
export * from "./explain.js";
|
|
9
|
+
export * from "./postgres.js";
|
|
10
|
+
export * from "./provenance.js";
|
|
11
|
+
export * from "./status-list.js";
|
|
3
12
|
export declare const ACTION_SCHEMA_VERSION = "axtary.action.v0";
|
|
13
|
+
export declare const ACTIONPASS_V0_VERSION = "axtary.actionpass.v0";
|
|
14
|
+
export declare const ACTIONPASS_V1_VERSION = "axtary.actionpass.v1";
|
|
15
|
+
export declare const ACTIONPASS_V2_VERSION = "axtary.actionpass.v2";
|
|
4
16
|
export declare const ACTIONPASS_VERSION = "axtary.actionpass.v0";
|
|
5
17
|
export declare const APPROVAL_ARTIFACT_VERSION = "axtary.approval.v0";
|
|
6
18
|
export declare const ACTIONPASS_REVOCATION_VERSION = "axtary.actionpass_revocation.v0";
|
|
@@ -10,9 +22,25 @@ export declare const LEDGER_PROVIDER_EVIDENCE_VERSION = "axtary.ledger_provider_
|
|
|
10
22
|
export declare const LEDGER_EXECUTION_OUTCOME_VERSION = "axtary.ledger_execution_outcome.v0";
|
|
11
23
|
export declare const DEFAULT_EXPIRES_IN_SECONDS = 600;
|
|
12
24
|
export declare const DEFAULT_SIGNING_ALGORITHM = "ES256";
|
|
25
|
+
export declare const DPOP_PROOF_TYP = "dpop+jwt";
|
|
26
|
+
export declare const DEFAULT_DPOP_MAX_AGE_SECONDS = 60;
|
|
27
|
+
export declare const DEFAULT_DPOP_CLOCK_SKEW_SECONDS = 5;
|
|
13
28
|
export type JsonValue = string | number | boolean | null | JsonValue[] | {
|
|
14
29
|
[key: string]: JsonValue;
|
|
15
30
|
};
|
|
31
|
+
export declare const BudgetAmountSchema: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
32
|
+
export type BudgetAmount = z.infer<typeof BudgetAmountSchema>;
|
|
33
|
+
export declare const ActionBudgetSchema: z.ZodObject<{
|
|
34
|
+
reservationId: z.ZodString;
|
|
35
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
36
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
37
|
+
commitStatus: z.ZodEnum<{
|
|
38
|
+
pending: "pending";
|
|
39
|
+
committed: "committed";
|
|
40
|
+
rolled_back: "rolled_back";
|
|
41
|
+
}>;
|
|
42
|
+
}, z.core.$strip>;
|
|
43
|
+
export type ActionBudget = z.infer<typeof ActionBudgetSchema>;
|
|
16
44
|
export declare const AxtaryDecisionSchema: z.ZodEnum<{
|
|
17
45
|
allow: "allow";
|
|
18
46
|
deny: "deny";
|
|
@@ -42,15 +70,45 @@ export declare const NormalizedActionSchema: z.ZodObject<{
|
|
|
42
70
|
serverIdentity: z.ZodString;
|
|
43
71
|
schemaVersion: z.ZodString;
|
|
44
72
|
definitionHash: z.ZodString;
|
|
73
|
+
publisher: z.ZodOptional<z.ZodString>;
|
|
74
|
+
publisherKeyId: z.ZodOptional<z.ZodString>;
|
|
75
|
+
semver: z.ZodOptional<z.ZodString>;
|
|
76
|
+
priorDefinitionHash: z.ZodOptional<z.ZodString>;
|
|
77
|
+
}, z.core.$strip>>;
|
|
78
|
+
provenance: z.ZodOptional<z.ZodObject<{
|
|
79
|
+
schemaVersion: z.ZodDefault<z.ZodLiteral<"axtary.provenance.v0">>;
|
|
80
|
+
sources: z.ZodArray<z.ZodObject<{
|
|
81
|
+
id: z.ZodString;
|
|
82
|
+
kind: z.ZodEnum<{
|
|
83
|
+
unknown: "unknown";
|
|
84
|
+
task: "task";
|
|
85
|
+
operator: "operator";
|
|
86
|
+
document: "document";
|
|
87
|
+
tool_output: "tool_output";
|
|
88
|
+
connector: "connector";
|
|
89
|
+
}>;
|
|
90
|
+
integrity: z.ZodEnum<{
|
|
91
|
+
unknown: "unknown";
|
|
92
|
+
trusted: "trusted";
|
|
93
|
+
untrusted: "untrusted";
|
|
94
|
+
}>;
|
|
95
|
+
resource: z.ZodOptional<z.ZodString>;
|
|
96
|
+
observedAt: z.ZodOptional<z.ZodString>;
|
|
97
|
+
}, z.core.$strip>>;
|
|
98
|
+
bindings: z.ZodArray<z.ZodObject<{
|
|
99
|
+
path: z.ZodString;
|
|
100
|
+
sourceIds: z.ZodArray<z.ZodString>;
|
|
101
|
+
}, z.core.$strip>>;
|
|
45
102
|
}, z.core.$strip>>;
|
|
46
103
|
budget: z.ZodOptional<z.ZodObject<{
|
|
47
|
-
reservationId: z.
|
|
48
|
-
|
|
49
|
-
|
|
104
|
+
reservationId: z.ZodString;
|
|
105
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
106
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
107
|
+
commitStatus: z.ZodEnum<{
|
|
50
108
|
pending: "pending";
|
|
51
109
|
committed: "committed";
|
|
52
110
|
rolled_back: "rolled_back";
|
|
53
|
-
}
|
|
111
|
+
}>;
|
|
54
112
|
}, z.core.$strip>>;
|
|
55
113
|
}, z.core.$strip>;
|
|
56
114
|
export type NormalizedAction = z.infer<typeof NormalizedActionSchema>;
|
|
@@ -72,6 +130,29 @@ export declare const PolicyDecisionSchema: z.ZodObject<{
|
|
|
72
130
|
maxFilesChanged: z.ZodNumber;
|
|
73
131
|
blockedPaths: z.ZodArray<z.ZodString>;
|
|
74
132
|
}, z.core.$strip>;
|
|
133
|
+
rule: z.ZodOptional<z.ZodObject<{
|
|
134
|
+
id: z.ZodString;
|
|
135
|
+
matchedRuleIds: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
136
|
+
}, z.core.$strip>>;
|
|
137
|
+
obligations: z.ZodOptional<z.ZodObject<{
|
|
138
|
+
requiredApproverRoles: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
139
|
+
timeWindow: z.ZodOptional<z.ZodObject<{
|
|
140
|
+
startHourUtc: z.ZodNumber;
|
|
141
|
+
endHourUtc: z.ZodNumber;
|
|
142
|
+
daysOfWeek: z.ZodDefault<z.ZodArray<z.ZodNumber>>;
|
|
143
|
+
}, z.core.$strip>>;
|
|
144
|
+
rateLimit: z.ZodOptional<z.ZodObject<{
|
|
145
|
+
ruleId: z.ZodString;
|
|
146
|
+
maxActions: z.ZodNumber;
|
|
147
|
+
windowSeconds: z.ZodNumber;
|
|
148
|
+
scope: z.ZodEnum<{
|
|
149
|
+
resource: "resource";
|
|
150
|
+
actor: "actor";
|
|
151
|
+
tenant: "tenant";
|
|
152
|
+
tool: "tool";
|
|
153
|
+
}>;
|
|
154
|
+
}, z.core.$strip>>;
|
|
155
|
+
}, z.core.$strip>>;
|
|
75
156
|
}, z.core.$strip>;
|
|
76
157
|
export type PolicyDecision = z.infer<typeof PolicyDecisionSchema>;
|
|
77
158
|
export type ActionPassDecision = PolicyDecision;
|
|
@@ -82,6 +163,7 @@ export declare const ApprovalSchema: z.ZodObject<{
|
|
|
82
163
|
policy_override: "policy_override";
|
|
83
164
|
}>;
|
|
84
165
|
approvedBy: z.ZodOptional<z.ZodString>;
|
|
166
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
85
167
|
approvalArtifact: z.ZodOptional<z.ZodString>;
|
|
86
168
|
approvalArtifactHash: z.ZodOptional<z.ZodString>;
|
|
87
169
|
actionHash: z.ZodOptional<z.ZodString>;
|
|
@@ -97,6 +179,7 @@ export declare const ApprovalArtifactSchema: z.ZodObject<{
|
|
|
97
179
|
policy_override: "policy_override";
|
|
98
180
|
}>;
|
|
99
181
|
approvedBy: z.ZodString;
|
|
182
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
100
183
|
approvedAt: z.ZodString;
|
|
101
184
|
actionHash: z.ZodString;
|
|
102
185
|
payloadHash: z.ZodString;
|
|
@@ -107,8 +190,159 @@ export declare const ApprovalArtifactSchema: z.ZodObject<{
|
|
|
107
190
|
expiresAt: z.ZodOptional<z.ZodString>;
|
|
108
191
|
}, z.core.$strip>;
|
|
109
192
|
export type ApprovalArtifact = z.infer<typeof ApprovalArtifactSchema>;
|
|
110
|
-
export declare const
|
|
193
|
+
export declare const ActionPassV0ClaimsSchema: z.ZodObject<{
|
|
194
|
+
iss: z.ZodString;
|
|
195
|
+
sub: z.ZodString;
|
|
196
|
+
aud: z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>;
|
|
197
|
+
exp: z.ZodNumber;
|
|
198
|
+
nbf: z.ZodNumber;
|
|
199
|
+
iat: z.ZodNumber;
|
|
200
|
+
jti: z.ZodString;
|
|
201
|
+
tenant: z.ZodString;
|
|
202
|
+
humanOwner: z.ZodString;
|
|
203
|
+
agentRuntime: z.ZodString;
|
|
204
|
+
intent: z.ZodObject<{
|
|
205
|
+
taskId: z.ZodString;
|
|
206
|
+
declaredGoal: z.ZodString;
|
|
207
|
+
maxDelegationDepth: z.ZodOptional<z.ZodNumber>;
|
|
208
|
+
}, z.core.$strip>;
|
|
209
|
+
capability: z.ZodObject<{
|
|
210
|
+
tool: z.ZodString;
|
|
211
|
+
resource: z.ZodString;
|
|
212
|
+
constraints: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodType<JsonValue, unknown, z.core.$ZodTypeInternals<JsonValue, unknown>>>>;
|
|
213
|
+
}, z.core.$strip>;
|
|
214
|
+
decision: z.ZodEnum<{
|
|
215
|
+
allow: "allow";
|
|
216
|
+
deny: "deny";
|
|
217
|
+
step_up: "step_up";
|
|
218
|
+
}>;
|
|
219
|
+
reasons: z.ZodArray<z.ZodString>;
|
|
220
|
+
policy: z.ZodObject<{
|
|
221
|
+
nativeRule: z.ZodString;
|
|
222
|
+
version: z.ZodString;
|
|
223
|
+
cedarCompatible: z.ZodBoolean;
|
|
224
|
+
opaCompatible: z.ZodBoolean;
|
|
225
|
+
}, z.core.$strip>;
|
|
226
|
+
payloadHash: z.ZodString;
|
|
227
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
228
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
229
|
+
reservationId: z.ZodString;
|
|
230
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
231
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
232
|
+
commitStatus: z.ZodEnum<{
|
|
233
|
+
pending: "pending";
|
|
234
|
+
committed: "committed";
|
|
235
|
+
rolled_back: "rolled_back";
|
|
236
|
+
}>;
|
|
237
|
+
}, z.core.$strip>>;
|
|
238
|
+
approval: z.ZodOptional<z.ZodObject<{
|
|
239
|
+
mode: z.ZodEnum<{
|
|
240
|
+
none: "none";
|
|
241
|
+
human: "human";
|
|
242
|
+
policy_override: "policy_override";
|
|
243
|
+
}>;
|
|
244
|
+
approvedBy: z.ZodOptional<z.ZodString>;
|
|
245
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
246
|
+
approvalArtifact: z.ZodOptional<z.ZodString>;
|
|
247
|
+
approvalArtifactHash: z.ZodOptional<z.ZodString>;
|
|
248
|
+
actionHash: z.ZodOptional<z.ZodString>;
|
|
249
|
+
payloadHash: z.ZodOptional<z.ZodString>;
|
|
250
|
+
approvedAt: z.ZodOptional<z.ZodString>;
|
|
251
|
+
}, z.core.$strip>>;
|
|
252
|
+
audit: z.ZodObject<{
|
|
253
|
+
traceId: z.ZodString;
|
|
254
|
+
parentPassId: z.ZodNullable<z.ZodString>;
|
|
255
|
+
ledgerHash: z.ZodNullable<z.ZodString>;
|
|
256
|
+
}, z.core.$strip>;
|
|
111
257
|
apv: z.ZodLiteral<"axtary.actionpass.v0">;
|
|
258
|
+
}, z.core.$strip>;
|
|
259
|
+
export declare const ActionPassV1ClaimsSchema: z.ZodObject<{
|
|
260
|
+
cnf: z.ZodObject<{
|
|
261
|
+
jkt: z.ZodString;
|
|
262
|
+
}, z.core.$strip>;
|
|
263
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
264
|
+
depth: z.ZodNumber;
|
|
265
|
+
rootPassId: z.ZodString;
|
|
266
|
+
}, z.core.$strip>>;
|
|
267
|
+
iss: z.ZodString;
|
|
268
|
+
sub: z.ZodString;
|
|
269
|
+
aud: z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>;
|
|
270
|
+
exp: z.ZodNumber;
|
|
271
|
+
nbf: z.ZodNumber;
|
|
272
|
+
iat: z.ZodNumber;
|
|
273
|
+
jti: z.ZodString;
|
|
274
|
+
tenant: z.ZodString;
|
|
275
|
+
humanOwner: z.ZodString;
|
|
276
|
+
agentRuntime: z.ZodString;
|
|
277
|
+
intent: z.ZodObject<{
|
|
278
|
+
taskId: z.ZodString;
|
|
279
|
+
declaredGoal: z.ZodString;
|
|
280
|
+
maxDelegationDepth: z.ZodOptional<z.ZodNumber>;
|
|
281
|
+
}, z.core.$strip>;
|
|
282
|
+
capability: z.ZodObject<{
|
|
283
|
+
tool: z.ZodString;
|
|
284
|
+
resource: z.ZodString;
|
|
285
|
+
constraints: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodType<JsonValue, unknown, z.core.$ZodTypeInternals<JsonValue, unknown>>>>;
|
|
286
|
+
}, z.core.$strip>;
|
|
287
|
+
decision: z.ZodEnum<{
|
|
288
|
+
allow: "allow";
|
|
289
|
+
deny: "deny";
|
|
290
|
+
step_up: "step_up";
|
|
291
|
+
}>;
|
|
292
|
+
reasons: z.ZodArray<z.ZodString>;
|
|
293
|
+
policy: z.ZodObject<{
|
|
294
|
+
nativeRule: z.ZodString;
|
|
295
|
+
version: z.ZodString;
|
|
296
|
+
cedarCompatible: z.ZodBoolean;
|
|
297
|
+
opaCompatible: z.ZodBoolean;
|
|
298
|
+
}, z.core.$strip>;
|
|
299
|
+
payloadHash: z.ZodString;
|
|
300
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
301
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
302
|
+
reservationId: z.ZodString;
|
|
303
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
304
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
305
|
+
commitStatus: z.ZodEnum<{
|
|
306
|
+
pending: "pending";
|
|
307
|
+
committed: "committed";
|
|
308
|
+
rolled_back: "rolled_back";
|
|
309
|
+
}>;
|
|
310
|
+
}, z.core.$strip>>;
|
|
311
|
+
approval: z.ZodOptional<z.ZodObject<{
|
|
312
|
+
mode: z.ZodEnum<{
|
|
313
|
+
none: "none";
|
|
314
|
+
human: "human";
|
|
315
|
+
policy_override: "policy_override";
|
|
316
|
+
}>;
|
|
317
|
+
approvedBy: z.ZodOptional<z.ZodString>;
|
|
318
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
319
|
+
approvalArtifact: z.ZodOptional<z.ZodString>;
|
|
320
|
+
approvalArtifactHash: z.ZodOptional<z.ZodString>;
|
|
321
|
+
actionHash: z.ZodOptional<z.ZodString>;
|
|
322
|
+
payloadHash: z.ZodOptional<z.ZodString>;
|
|
323
|
+
approvedAt: z.ZodOptional<z.ZodString>;
|
|
324
|
+
}, z.core.$strip>>;
|
|
325
|
+
audit: z.ZodObject<{
|
|
326
|
+
traceId: z.ZodString;
|
|
327
|
+
parentPassId: z.ZodNullable<z.ZodString>;
|
|
328
|
+
ledgerHash: z.ZodNullable<z.ZodString>;
|
|
329
|
+
}, z.core.$strip>;
|
|
330
|
+
apv: z.ZodLiteral<"axtary.actionpass.v1">;
|
|
331
|
+
}, z.core.$strip>;
|
|
332
|
+
export declare const ActionPassV2ClaimsSchema: z.ZodObject<{
|
|
333
|
+
cnf: z.ZodObject<{
|
|
334
|
+
jkt: z.ZodString;
|
|
335
|
+
}, z.core.$strip>;
|
|
336
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
337
|
+
depth: z.ZodNumber;
|
|
338
|
+
rootPassId: z.ZodString;
|
|
339
|
+
}, z.core.$strip>>;
|
|
340
|
+
status: z.ZodObject<{
|
|
341
|
+
status_list: z.ZodObject<{
|
|
342
|
+
idx: z.ZodNumber;
|
|
343
|
+
uri: z.ZodString;
|
|
344
|
+
}, z.core.$strip>;
|
|
345
|
+
}, z.core.$strip>;
|
|
112
346
|
iss: z.ZodString;
|
|
113
347
|
sub: z.ZodString;
|
|
114
348
|
aud: z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>;
|
|
@@ -142,6 +376,17 @@ export declare const ActionPassClaimsSchema: z.ZodObject<{
|
|
|
142
376
|
opaCompatible: z.ZodBoolean;
|
|
143
377
|
}, z.core.$strip>;
|
|
144
378
|
payloadHash: z.ZodString;
|
|
379
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
380
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
381
|
+
reservationId: z.ZodString;
|
|
382
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
383
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
384
|
+
commitStatus: z.ZodEnum<{
|
|
385
|
+
pending: "pending";
|
|
386
|
+
committed: "committed";
|
|
387
|
+
rolled_back: "rolled_back";
|
|
388
|
+
}>;
|
|
389
|
+
}, z.core.$strip>>;
|
|
145
390
|
approval: z.ZodOptional<z.ZodObject<{
|
|
146
391
|
mode: z.ZodEnum<{
|
|
147
392
|
none: "none";
|
|
@@ -149,6 +394,7 @@ export declare const ActionPassClaimsSchema: z.ZodObject<{
|
|
|
149
394
|
policy_override: "policy_override";
|
|
150
395
|
}>;
|
|
151
396
|
approvedBy: z.ZodOptional<z.ZodString>;
|
|
397
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
152
398
|
approvalArtifact: z.ZodOptional<z.ZodString>;
|
|
153
399
|
approvalArtifactHash: z.ZodOptional<z.ZodString>;
|
|
154
400
|
actionHash: z.ZodOptional<z.ZodString>;
|
|
@@ -160,8 +406,236 @@ export declare const ActionPassClaimsSchema: z.ZodObject<{
|
|
|
160
406
|
parentPassId: z.ZodNullable<z.ZodString>;
|
|
161
407
|
ledgerHash: z.ZodNullable<z.ZodString>;
|
|
162
408
|
}, z.core.$strip>;
|
|
409
|
+
apv: z.ZodLiteral<"axtary.actionpass.v2">;
|
|
163
410
|
}, z.core.$strip>;
|
|
411
|
+
export declare const ActionPassClaimsSchema: z.ZodUnion<readonly [z.ZodObject<{
|
|
412
|
+
iss: z.ZodString;
|
|
413
|
+
sub: z.ZodString;
|
|
414
|
+
aud: z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>;
|
|
415
|
+
exp: z.ZodNumber;
|
|
416
|
+
nbf: z.ZodNumber;
|
|
417
|
+
iat: z.ZodNumber;
|
|
418
|
+
jti: z.ZodString;
|
|
419
|
+
tenant: z.ZodString;
|
|
420
|
+
humanOwner: z.ZodString;
|
|
421
|
+
agentRuntime: z.ZodString;
|
|
422
|
+
intent: z.ZodObject<{
|
|
423
|
+
taskId: z.ZodString;
|
|
424
|
+
declaredGoal: z.ZodString;
|
|
425
|
+
maxDelegationDepth: z.ZodOptional<z.ZodNumber>;
|
|
426
|
+
}, z.core.$strip>;
|
|
427
|
+
capability: z.ZodObject<{
|
|
428
|
+
tool: z.ZodString;
|
|
429
|
+
resource: z.ZodString;
|
|
430
|
+
constraints: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodType<JsonValue, unknown, z.core.$ZodTypeInternals<JsonValue, unknown>>>>;
|
|
431
|
+
}, z.core.$strip>;
|
|
432
|
+
decision: z.ZodEnum<{
|
|
433
|
+
allow: "allow";
|
|
434
|
+
deny: "deny";
|
|
435
|
+
step_up: "step_up";
|
|
436
|
+
}>;
|
|
437
|
+
reasons: z.ZodArray<z.ZodString>;
|
|
438
|
+
policy: z.ZodObject<{
|
|
439
|
+
nativeRule: z.ZodString;
|
|
440
|
+
version: z.ZodString;
|
|
441
|
+
cedarCompatible: z.ZodBoolean;
|
|
442
|
+
opaCompatible: z.ZodBoolean;
|
|
443
|
+
}, z.core.$strip>;
|
|
444
|
+
payloadHash: z.ZodString;
|
|
445
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
446
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
447
|
+
reservationId: z.ZodString;
|
|
448
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
449
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
450
|
+
commitStatus: z.ZodEnum<{
|
|
451
|
+
pending: "pending";
|
|
452
|
+
committed: "committed";
|
|
453
|
+
rolled_back: "rolled_back";
|
|
454
|
+
}>;
|
|
455
|
+
}, z.core.$strip>>;
|
|
456
|
+
approval: z.ZodOptional<z.ZodObject<{
|
|
457
|
+
mode: z.ZodEnum<{
|
|
458
|
+
none: "none";
|
|
459
|
+
human: "human";
|
|
460
|
+
policy_override: "policy_override";
|
|
461
|
+
}>;
|
|
462
|
+
approvedBy: z.ZodOptional<z.ZodString>;
|
|
463
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
464
|
+
approvalArtifact: z.ZodOptional<z.ZodString>;
|
|
465
|
+
approvalArtifactHash: z.ZodOptional<z.ZodString>;
|
|
466
|
+
actionHash: z.ZodOptional<z.ZodString>;
|
|
467
|
+
payloadHash: z.ZodOptional<z.ZodString>;
|
|
468
|
+
approvedAt: z.ZodOptional<z.ZodString>;
|
|
469
|
+
}, z.core.$strip>>;
|
|
470
|
+
audit: z.ZodObject<{
|
|
471
|
+
traceId: z.ZodString;
|
|
472
|
+
parentPassId: z.ZodNullable<z.ZodString>;
|
|
473
|
+
ledgerHash: z.ZodNullable<z.ZodString>;
|
|
474
|
+
}, z.core.$strip>;
|
|
475
|
+
apv: z.ZodLiteral<"axtary.actionpass.v0">;
|
|
476
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
477
|
+
cnf: z.ZodObject<{
|
|
478
|
+
jkt: z.ZodString;
|
|
479
|
+
}, z.core.$strip>;
|
|
480
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
481
|
+
depth: z.ZodNumber;
|
|
482
|
+
rootPassId: z.ZodString;
|
|
483
|
+
}, z.core.$strip>>;
|
|
484
|
+
iss: z.ZodString;
|
|
485
|
+
sub: z.ZodString;
|
|
486
|
+
aud: z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>;
|
|
487
|
+
exp: z.ZodNumber;
|
|
488
|
+
nbf: z.ZodNumber;
|
|
489
|
+
iat: z.ZodNumber;
|
|
490
|
+
jti: z.ZodString;
|
|
491
|
+
tenant: z.ZodString;
|
|
492
|
+
humanOwner: z.ZodString;
|
|
493
|
+
agentRuntime: z.ZodString;
|
|
494
|
+
intent: z.ZodObject<{
|
|
495
|
+
taskId: z.ZodString;
|
|
496
|
+
declaredGoal: z.ZodString;
|
|
497
|
+
maxDelegationDepth: z.ZodOptional<z.ZodNumber>;
|
|
498
|
+
}, z.core.$strip>;
|
|
499
|
+
capability: z.ZodObject<{
|
|
500
|
+
tool: z.ZodString;
|
|
501
|
+
resource: z.ZodString;
|
|
502
|
+
constraints: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodType<JsonValue, unknown, z.core.$ZodTypeInternals<JsonValue, unknown>>>>;
|
|
503
|
+
}, z.core.$strip>;
|
|
504
|
+
decision: z.ZodEnum<{
|
|
505
|
+
allow: "allow";
|
|
506
|
+
deny: "deny";
|
|
507
|
+
step_up: "step_up";
|
|
508
|
+
}>;
|
|
509
|
+
reasons: z.ZodArray<z.ZodString>;
|
|
510
|
+
policy: z.ZodObject<{
|
|
511
|
+
nativeRule: z.ZodString;
|
|
512
|
+
version: z.ZodString;
|
|
513
|
+
cedarCompatible: z.ZodBoolean;
|
|
514
|
+
opaCompatible: z.ZodBoolean;
|
|
515
|
+
}, z.core.$strip>;
|
|
516
|
+
payloadHash: z.ZodString;
|
|
517
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
518
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
519
|
+
reservationId: z.ZodString;
|
|
520
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
521
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
522
|
+
commitStatus: z.ZodEnum<{
|
|
523
|
+
pending: "pending";
|
|
524
|
+
committed: "committed";
|
|
525
|
+
rolled_back: "rolled_back";
|
|
526
|
+
}>;
|
|
527
|
+
}, z.core.$strip>>;
|
|
528
|
+
approval: z.ZodOptional<z.ZodObject<{
|
|
529
|
+
mode: z.ZodEnum<{
|
|
530
|
+
none: "none";
|
|
531
|
+
human: "human";
|
|
532
|
+
policy_override: "policy_override";
|
|
533
|
+
}>;
|
|
534
|
+
approvedBy: z.ZodOptional<z.ZodString>;
|
|
535
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
536
|
+
approvalArtifact: z.ZodOptional<z.ZodString>;
|
|
537
|
+
approvalArtifactHash: z.ZodOptional<z.ZodString>;
|
|
538
|
+
actionHash: z.ZodOptional<z.ZodString>;
|
|
539
|
+
payloadHash: z.ZodOptional<z.ZodString>;
|
|
540
|
+
approvedAt: z.ZodOptional<z.ZodString>;
|
|
541
|
+
}, z.core.$strip>>;
|
|
542
|
+
audit: z.ZodObject<{
|
|
543
|
+
traceId: z.ZodString;
|
|
544
|
+
parentPassId: z.ZodNullable<z.ZodString>;
|
|
545
|
+
ledgerHash: z.ZodNullable<z.ZodString>;
|
|
546
|
+
}, z.core.$strip>;
|
|
547
|
+
apv: z.ZodLiteral<"axtary.actionpass.v1">;
|
|
548
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
549
|
+
cnf: z.ZodObject<{
|
|
550
|
+
jkt: z.ZodString;
|
|
551
|
+
}, z.core.$strip>;
|
|
552
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
553
|
+
depth: z.ZodNumber;
|
|
554
|
+
rootPassId: z.ZodString;
|
|
555
|
+
}, z.core.$strip>>;
|
|
556
|
+
status: z.ZodObject<{
|
|
557
|
+
status_list: z.ZodObject<{
|
|
558
|
+
idx: z.ZodNumber;
|
|
559
|
+
uri: z.ZodString;
|
|
560
|
+
}, z.core.$strip>;
|
|
561
|
+
}, z.core.$strip>;
|
|
562
|
+
iss: z.ZodString;
|
|
563
|
+
sub: z.ZodString;
|
|
564
|
+
aud: z.ZodUnion<readonly [z.ZodString, z.ZodArray<z.ZodString>]>;
|
|
565
|
+
exp: z.ZodNumber;
|
|
566
|
+
nbf: z.ZodNumber;
|
|
567
|
+
iat: z.ZodNumber;
|
|
568
|
+
jti: z.ZodString;
|
|
569
|
+
tenant: z.ZodString;
|
|
570
|
+
humanOwner: z.ZodString;
|
|
571
|
+
agentRuntime: z.ZodString;
|
|
572
|
+
intent: z.ZodObject<{
|
|
573
|
+
taskId: z.ZodString;
|
|
574
|
+
declaredGoal: z.ZodString;
|
|
575
|
+
maxDelegationDepth: z.ZodOptional<z.ZodNumber>;
|
|
576
|
+
}, z.core.$strip>;
|
|
577
|
+
capability: z.ZodObject<{
|
|
578
|
+
tool: z.ZodString;
|
|
579
|
+
resource: z.ZodString;
|
|
580
|
+
constraints: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodType<JsonValue, unknown, z.core.$ZodTypeInternals<JsonValue, unknown>>>>;
|
|
581
|
+
}, z.core.$strip>;
|
|
582
|
+
decision: z.ZodEnum<{
|
|
583
|
+
allow: "allow";
|
|
584
|
+
deny: "deny";
|
|
585
|
+
step_up: "step_up";
|
|
586
|
+
}>;
|
|
587
|
+
reasons: z.ZodArray<z.ZodString>;
|
|
588
|
+
policy: z.ZodObject<{
|
|
589
|
+
nativeRule: z.ZodString;
|
|
590
|
+
version: z.ZodString;
|
|
591
|
+
cedarCompatible: z.ZodBoolean;
|
|
592
|
+
opaCompatible: z.ZodBoolean;
|
|
593
|
+
}, z.core.$strip>;
|
|
594
|
+
payloadHash: z.ZodString;
|
|
595
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
596
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
597
|
+
reservationId: z.ZodString;
|
|
598
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
599
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
600
|
+
commitStatus: z.ZodEnum<{
|
|
601
|
+
pending: "pending";
|
|
602
|
+
committed: "committed";
|
|
603
|
+
rolled_back: "rolled_back";
|
|
604
|
+
}>;
|
|
605
|
+
}, z.core.$strip>>;
|
|
606
|
+
approval: z.ZodOptional<z.ZodObject<{
|
|
607
|
+
mode: z.ZodEnum<{
|
|
608
|
+
none: "none";
|
|
609
|
+
human: "human";
|
|
610
|
+
policy_override: "policy_override";
|
|
611
|
+
}>;
|
|
612
|
+
approvedBy: z.ZodOptional<z.ZodString>;
|
|
613
|
+
approverRoles: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
614
|
+
approvalArtifact: z.ZodOptional<z.ZodString>;
|
|
615
|
+
approvalArtifactHash: z.ZodOptional<z.ZodString>;
|
|
616
|
+
actionHash: z.ZodOptional<z.ZodString>;
|
|
617
|
+
payloadHash: z.ZodOptional<z.ZodString>;
|
|
618
|
+
approvedAt: z.ZodOptional<z.ZodString>;
|
|
619
|
+
}, z.core.$strip>>;
|
|
620
|
+
audit: z.ZodObject<{
|
|
621
|
+
traceId: z.ZodString;
|
|
622
|
+
parentPassId: z.ZodNullable<z.ZodString>;
|
|
623
|
+
ledgerHash: z.ZodNullable<z.ZodString>;
|
|
624
|
+
}, z.core.$strip>;
|
|
625
|
+
apv: z.ZodLiteral<"axtary.actionpass.v2">;
|
|
626
|
+
}, z.core.$strip>]>;
|
|
164
627
|
export type ActionPassClaims = z.infer<typeof ActionPassClaimsSchema>;
|
|
628
|
+
export type ActionPassV1Claims = z.infer<typeof ActionPassV1ClaimsSchema>;
|
|
629
|
+
export type ActionPassV2Claims = z.infer<typeof ActionPassV2ClaimsSchema>;
|
|
630
|
+
export declare const DpopProofClaimsSchema: z.ZodObject<{
|
|
631
|
+
htm: z.ZodString;
|
|
632
|
+
htu: z.ZodString;
|
|
633
|
+
iat: z.ZodNumber;
|
|
634
|
+
jti: z.ZodString;
|
|
635
|
+
ath: z.ZodString;
|
|
636
|
+
nonce: z.ZodOptional<z.ZodString>;
|
|
637
|
+
}, z.core.$strip>;
|
|
638
|
+
export type DpopProofClaims = z.infer<typeof DpopProofClaimsSchema>;
|
|
165
639
|
export declare const ActionPassRevocationSchema: z.ZodObject<{
|
|
166
640
|
schemaVersion: z.ZodLiteral<"axtary.actionpass_revocation.v0">;
|
|
167
641
|
passId: z.ZodString;
|
|
@@ -251,10 +725,12 @@ export declare const LedgerProviderSchema: z.ZodEnum<{
|
|
|
251
725
|
slack: "slack";
|
|
252
726
|
linear: "linear";
|
|
253
727
|
docs: "docs";
|
|
728
|
+
drive: "drive";
|
|
254
729
|
mcp: "mcp";
|
|
255
730
|
aws: "aws";
|
|
256
731
|
gcp: "gcp";
|
|
257
732
|
jira: "jira";
|
|
733
|
+
postgres: "postgres";
|
|
258
734
|
}>;
|
|
259
735
|
export type LedgerProvider = z.infer<typeof LedgerProviderSchema>;
|
|
260
736
|
export declare const LedgerProviderEvidenceDiffSchema: z.ZodObject<{
|
|
@@ -263,10 +739,12 @@ export declare const LedgerProviderEvidenceDiffSchema: z.ZodObject<{
|
|
|
263
739
|
slack: "slack";
|
|
264
740
|
linear: "linear";
|
|
265
741
|
docs: "docs";
|
|
742
|
+
drive: "drive";
|
|
266
743
|
mcp: "mcp";
|
|
267
744
|
aws: "aws";
|
|
268
745
|
gcp: "gcp";
|
|
269
746
|
jira: "jira";
|
|
747
|
+
postgres: "postgres";
|
|
270
748
|
}>;
|
|
271
749
|
summary: z.ZodOptional<z.ZodString>;
|
|
272
750
|
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
@@ -309,10 +787,12 @@ export declare const LedgerProviderEvidenceSchema: z.ZodObject<{
|
|
|
309
787
|
slack: "slack";
|
|
310
788
|
linear: "linear";
|
|
311
789
|
docs: "docs";
|
|
790
|
+
drive: "drive";
|
|
312
791
|
mcp: "mcp";
|
|
313
792
|
aws: "aws";
|
|
314
793
|
gcp: "gcp";
|
|
315
794
|
jira: "jira";
|
|
795
|
+
postgres: "postgres";
|
|
316
796
|
}>;
|
|
317
797
|
tool: z.ZodString;
|
|
318
798
|
operation: z.ZodString;
|
|
@@ -322,10 +802,12 @@ export declare const LedgerProviderEvidenceSchema: z.ZodObject<{
|
|
|
322
802
|
slack: "slack";
|
|
323
803
|
linear: "linear";
|
|
324
804
|
docs: "docs";
|
|
805
|
+
drive: "drive";
|
|
325
806
|
mcp: "mcp";
|
|
326
807
|
aws: "aws";
|
|
327
808
|
gcp: "gcp";
|
|
328
809
|
jira: "jira";
|
|
810
|
+
postgres: "postgres";
|
|
329
811
|
}>;
|
|
330
812
|
kind: z.ZodString;
|
|
331
813
|
id: z.ZodString;
|
|
@@ -344,10 +826,12 @@ export declare const LedgerProviderEvidenceSchema: z.ZodObject<{
|
|
|
344
826
|
slack: "slack";
|
|
345
827
|
linear: "linear";
|
|
346
828
|
docs: "docs";
|
|
829
|
+
drive: "drive";
|
|
347
830
|
mcp: "mcp";
|
|
348
831
|
aws: "aws";
|
|
349
832
|
gcp: "gcp";
|
|
350
833
|
jira: "jira";
|
|
834
|
+
postgres: "postgres";
|
|
351
835
|
}>;
|
|
352
836
|
summary: z.ZodOptional<z.ZodString>;
|
|
353
837
|
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
@@ -378,6 +862,113 @@ export declare const LedgerProviderEvidenceSchema: z.ZodObject<{
|
|
|
378
862
|
}, z.core.$strip>>;
|
|
379
863
|
}, z.core.$strip>;
|
|
380
864
|
export type LedgerProviderEvidence = z.infer<typeof LedgerProviderEvidenceSchema>;
|
|
865
|
+
export type ConnectorProvider = "github" | "slack" | "linear" | "jira" | "aws" | "gcp" | "mcp" | "docs" | "drive" | "postgres";
|
|
866
|
+
export type ConnectorCapabilityOperation = "read" | "write" | "external_message" | "identity_read" | "identity_mutation";
|
|
867
|
+
export type ConnectorCapabilityStatus = "supported" | "demo_only" | "planned";
|
|
868
|
+
export type ConnectorCapability = {
|
|
869
|
+
id: string;
|
|
870
|
+
provider: ConnectorProvider;
|
|
871
|
+
connector: string;
|
|
872
|
+
label: string;
|
|
873
|
+
tool: string;
|
|
874
|
+
operation: ConnectorCapabilityOperation;
|
|
875
|
+
status: ConnectorCapabilityStatus;
|
|
876
|
+
supportedModes: string[];
|
|
877
|
+
requiresActionPass: boolean;
|
|
878
|
+
defaultPolicy: "allow" | "deny" | "step_up" | "deny_until_scoped";
|
|
879
|
+
payloadFields: string[];
|
|
880
|
+
approvalTriggers: string[];
|
|
881
|
+
credentialBoundary: string;
|
|
882
|
+
smokeCheck: string | null;
|
|
883
|
+
};
|
|
884
|
+
export type ConnectorProviderMode = "fake" | "rest" | "app" | "web" | "graphql" | "local" | "local-wrapper" | "postgres" | "off" | "planned";
|
|
885
|
+
export declare const GitHubNativeConnectorConfigSchema: z.ZodObject<{
|
|
886
|
+
mode: z.ZodDefault<z.ZodEnum<{
|
|
887
|
+
fake: "fake";
|
|
888
|
+
rest: "rest";
|
|
889
|
+
app: "app";
|
|
890
|
+
}>>;
|
|
891
|
+
tokenEnv: z.ZodDefault<z.ZodString>;
|
|
892
|
+
apiBaseUrl: z.ZodDefault<z.ZodString>;
|
|
893
|
+
userAgent: z.ZodDefault<z.ZodString>;
|
|
894
|
+
appId: z.ZodOptional<z.ZodString>;
|
|
895
|
+
appIdEnv: z.ZodDefault<z.ZodString>;
|
|
896
|
+
installationId: z.ZodOptional<z.ZodString>;
|
|
897
|
+
installationIdEnv: z.ZodDefault<z.ZodString>;
|
|
898
|
+
privateKeyEnv: z.ZodDefault<z.ZodString>;
|
|
899
|
+
}, z.core.$strip>;
|
|
900
|
+
export type GitHubNativeConnectorConfig = z.infer<typeof GitHubNativeConnectorConfigSchema>;
|
|
901
|
+
export declare const DEFAULT_GITHUB_NATIVE_CONNECTOR_CONFIG: GitHubNativeConnectorConfig;
|
|
902
|
+
export declare const LinearNativeConnectorConfigSchema: z.ZodObject<{
|
|
903
|
+
mode: z.ZodDefault<z.ZodEnum<{
|
|
904
|
+
fake: "fake";
|
|
905
|
+
graphql: "graphql";
|
|
906
|
+
}>>;
|
|
907
|
+
tokenEnv: z.ZodDefault<z.ZodString>;
|
|
908
|
+
apiUrl: z.ZodDefault<z.ZodString>;
|
|
909
|
+
}, z.core.$strip>;
|
|
910
|
+
export type LinearNativeConnectorConfig = z.infer<typeof LinearNativeConnectorConfigSchema>;
|
|
911
|
+
export declare const DEFAULT_LINEAR_NATIVE_CONNECTOR_CONFIG: LinearNativeConnectorConfig;
|
|
912
|
+
export declare const JiraNativeConnectorConfigSchema: z.ZodObject<{
|
|
913
|
+
mode: z.ZodDefault<z.ZodEnum<{
|
|
914
|
+
fake: "fake";
|
|
915
|
+
rest: "rest";
|
|
916
|
+
}>>;
|
|
917
|
+
auth: z.ZodDefault<z.ZodEnum<{
|
|
918
|
+
api_token: "api_token";
|
|
919
|
+
oauth: "oauth";
|
|
920
|
+
}>>;
|
|
921
|
+
tokenEnv: z.ZodDefault<z.ZodString>;
|
|
922
|
+
emailEnv: z.ZodDefault<z.ZodString>;
|
|
923
|
+
siteUrl: z.ZodDefault<z.ZodString>;
|
|
924
|
+
cloudId: z.ZodOptional<z.ZodString>;
|
|
925
|
+
cloudIdEnv: z.ZodDefault<z.ZodString>;
|
|
926
|
+
}, z.core.$strip>;
|
|
927
|
+
export type JiraNativeConnectorConfig = z.infer<typeof JiraNativeConnectorConfigSchema>;
|
|
928
|
+
export declare const DEFAULT_JIRA_NATIVE_CONNECTOR_CONFIG: JiraNativeConnectorConfig;
|
|
929
|
+
export declare const PostgresNativeConnectorConfigSchema: z.ZodObject<{
|
|
930
|
+
mode: z.ZodDefault<z.ZodEnum<{
|
|
931
|
+
postgres: "postgres";
|
|
932
|
+
off: "off";
|
|
933
|
+
}>>;
|
|
934
|
+
dsnEnv: z.ZodDefault<z.ZodString>;
|
|
935
|
+
allowedTables: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
936
|
+
allowedFunctions: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
937
|
+
requireRls: z.ZodDefault<z.ZodBoolean>;
|
|
938
|
+
maxRows: z.ZodDefault<z.ZodNumber>;
|
|
939
|
+
statementTimeoutMs: z.ZodDefault<z.ZodNumber>;
|
|
940
|
+
lockTimeoutMs: z.ZodDefault<z.ZodNumber>;
|
|
941
|
+
idleTransactionTimeoutMs: z.ZodDefault<z.ZodNumber>;
|
|
942
|
+
}, z.core.$strip>;
|
|
943
|
+
export type PostgresNativeConnectorConfig = z.infer<typeof PostgresNativeConnectorConfigSchema>;
|
|
944
|
+
export declare const DEFAULT_POSTGRES_NATIVE_CONNECTOR_CONFIG: PostgresNativeConnectorConfig;
|
|
945
|
+
export declare const DriveNativeConnectorConfigSchema: z.ZodObject<{
|
|
946
|
+
mode: z.ZodDefault<z.ZodEnum<{
|
|
947
|
+
rest: "rest";
|
|
948
|
+
off: "off";
|
|
949
|
+
}>>;
|
|
950
|
+
tokenEnv: z.ZodDefault<z.ZodString>;
|
|
951
|
+
selectedFileId: z.ZodOptional<z.ZodString>;
|
|
952
|
+
apiBaseUrl: z.ZodDefault<z.ZodString>;
|
|
953
|
+
allowedMimeTypes: z.ZodDefault<z.ZodArray<z.ZodString>>;
|
|
954
|
+
maxReadBytes: z.ZodDefault<z.ZodNumber>;
|
|
955
|
+
}, z.core.$strip>;
|
|
956
|
+
export type DriveNativeConnectorConfig = z.infer<typeof DriveNativeConnectorConfigSchema>;
|
|
957
|
+
export declare const DEFAULT_DRIVE_NATIVE_CONNECTOR_CONFIG: DriveNativeConnectorConfig;
|
|
958
|
+
export type NativeConnectorToolDescriptor = {
|
|
959
|
+
capability: ConnectorCapability;
|
|
960
|
+
normalizeEvidence: (action: NormalizedAction, payload: Record<string, JsonValue>) => LedgerProviderEvidence;
|
|
961
|
+
};
|
|
962
|
+
export type NativeConnectorGovernanceDescriptor<TConfig> = {
|
|
963
|
+
provider: ConnectorProvider;
|
|
964
|
+
connector: string;
|
|
965
|
+
mode: ConnectorProviderMode;
|
|
966
|
+
configSchema: z.ZodType<TConfig>;
|
|
967
|
+
defaultConfig: TConfig;
|
|
968
|
+
requiredScopes: readonly string[];
|
|
969
|
+
smokeCheck: string;
|
|
970
|
+
tools: readonly NativeConnectorToolDescriptor[];
|
|
971
|
+
};
|
|
381
972
|
export declare const LedgerExecutionOutcomeSchema: z.ZodObject<{
|
|
382
973
|
schemaVersion: z.ZodLiteral<"axtary.ledger_execution_outcome.v0">;
|
|
383
974
|
status: z.ZodEnum<{
|
|
@@ -389,10 +980,12 @@ export declare const LedgerExecutionOutcomeSchema: z.ZodObject<{
|
|
|
389
980
|
slack: "slack";
|
|
390
981
|
linear: "linear";
|
|
391
982
|
docs: "docs";
|
|
983
|
+
drive: "drive";
|
|
392
984
|
mcp: "mcp";
|
|
393
985
|
aws: "aws";
|
|
394
986
|
gcp: "gcp";
|
|
395
987
|
jira: "jira";
|
|
988
|
+
postgres: "postgres";
|
|
396
989
|
}>>;
|
|
397
990
|
resultId: z.ZodOptional<z.ZodString>;
|
|
398
991
|
resultUrl: z.ZodOptional<z.ZodString>;
|
|
@@ -403,12 +996,54 @@ export declare const LedgerExecutionOutcomeSchema: z.ZodObject<{
|
|
|
403
996
|
sideEffectProof: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<JsonValue, unknown, z.core.$ZodTypeInternals<JsonValue, unknown>>>>;
|
|
404
997
|
}, z.core.$strict>;
|
|
405
998
|
export type LedgerExecutionOutcome = z.infer<typeof LedgerExecutionOutcomeSchema>;
|
|
999
|
+
export declare const DelegationLedgerEdgeSchema: z.ZodObject<{
|
|
1000
|
+
parentPassId: z.ZodString;
|
|
1001
|
+
childPassId: z.ZodString;
|
|
1002
|
+
depth: z.ZodNumber;
|
|
1003
|
+
rootPassId: z.ZodString;
|
|
1004
|
+
}, z.core.$strip>;
|
|
1005
|
+
export type DelegationLedgerEdge = z.infer<typeof DelegationLedgerEdgeSchema>;
|
|
1006
|
+
export declare const BudgetLedgerEventSchema: z.ZodObject<{
|
|
1007
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
1008
|
+
scope: z.ZodString;
|
|
1009
|
+
status: z.ZodEnum<{
|
|
1010
|
+
pending: "pending";
|
|
1011
|
+
committed: "committed";
|
|
1012
|
+
rolled_back: "rolled_back";
|
|
1013
|
+
denied: "denied";
|
|
1014
|
+
}>;
|
|
1015
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
1016
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1017
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1018
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1019
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1020
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1021
|
+
}, z.core.$strip>;
|
|
1022
|
+
export type BudgetLedgerEvent = z.infer<typeof BudgetLedgerEventSchema>;
|
|
1023
|
+
export declare const LedgerAuditContextSchema: z.ZodObject<{
|
|
1024
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
1025
|
+
agentId: z.ZodString;
|
|
1026
|
+
humanOwner: z.ZodString;
|
|
1027
|
+
taskId: z.ZodString;
|
|
1028
|
+
tool: z.ZodString;
|
|
1029
|
+
resource: z.ZodString;
|
|
1030
|
+
}, z.core.$strip>;
|
|
1031
|
+
export type LedgerAuditContext = z.infer<typeof LedgerAuditContextSchema>;
|
|
406
1032
|
export declare const LedgerRecordSchema: z.ZodObject<{
|
|
407
1033
|
schemaVersion: z.ZodLiteral<"axtary.ledger.v0">;
|
|
408
1034
|
id: z.ZodString;
|
|
409
1035
|
occurredAt: z.ZodString;
|
|
1036
|
+
auditContext: z.ZodOptional<z.ZodObject<{
|
|
1037
|
+
tenant: z.ZodNullable<z.ZodString>;
|
|
1038
|
+
agentId: z.ZodString;
|
|
1039
|
+
humanOwner: z.ZodString;
|
|
1040
|
+
taskId: z.ZodString;
|
|
1041
|
+
tool: z.ZodString;
|
|
1042
|
+
resource: z.ZodString;
|
|
1043
|
+
}, z.core.$strip>>;
|
|
410
1044
|
actionHash: z.ZodString;
|
|
411
1045
|
payloadHash: z.ZodString;
|
|
1046
|
+
provenanceHash: z.ZodOptional<z.ZodString>;
|
|
412
1047
|
decision: z.ZodEnum<{
|
|
413
1048
|
allow: "allow";
|
|
414
1049
|
deny: "deny";
|
|
@@ -428,10 +1063,12 @@ export declare const LedgerRecordSchema: z.ZodObject<{
|
|
|
428
1063
|
slack: "slack";
|
|
429
1064
|
linear: "linear";
|
|
430
1065
|
docs: "docs";
|
|
1066
|
+
drive: "drive";
|
|
431
1067
|
mcp: "mcp";
|
|
432
1068
|
aws: "aws";
|
|
433
1069
|
gcp: "gcp";
|
|
434
1070
|
jira: "jira";
|
|
1071
|
+
postgres: "postgres";
|
|
435
1072
|
}>;
|
|
436
1073
|
tool: z.ZodString;
|
|
437
1074
|
operation: z.ZodString;
|
|
@@ -441,10 +1078,12 @@ export declare const LedgerRecordSchema: z.ZodObject<{
|
|
|
441
1078
|
slack: "slack";
|
|
442
1079
|
linear: "linear";
|
|
443
1080
|
docs: "docs";
|
|
1081
|
+
drive: "drive";
|
|
444
1082
|
mcp: "mcp";
|
|
445
1083
|
aws: "aws";
|
|
446
1084
|
gcp: "gcp";
|
|
447
1085
|
jira: "jira";
|
|
1086
|
+
postgres: "postgres";
|
|
448
1087
|
}>;
|
|
449
1088
|
kind: z.ZodString;
|
|
450
1089
|
id: z.ZodString;
|
|
@@ -463,10 +1102,12 @@ export declare const LedgerRecordSchema: z.ZodObject<{
|
|
|
463
1102
|
slack: "slack";
|
|
464
1103
|
linear: "linear";
|
|
465
1104
|
docs: "docs";
|
|
1105
|
+
drive: "drive";
|
|
466
1106
|
mcp: "mcp";
|
|
467
1107
|
aws: "aws";
|
|
468
1108
|
gcp: "gcp";
|
|
469
1109
|
jira: "jira";
|
|
1110
|
+
postgres: "postgres";
|
|
470
1111
|
}>;
|
|
471
1112
|
summary: z.ZodOptional<z.ZodString>;
|
|
472
1113
|
files: z.ZodDefault<z.ZodArray<z.ZodObject<{
|
|
@@ -507,10 +1148,12 @@ export declare const LedgerRecordSchema: z.ZodObject<{
|
|
|
507
1148
|
slack: "slack";
|
|
508
1149
|
linear: "linear";
|
|
509
1150
|
docs: "docs";
|
|
1151
|
+
drive: "drive";
|
|
510
1152
|
mcp: "mcp";
|
|
511
1153
|
aws: "aws";
|
|
512
1154
|
gcp: "gcp";
|
|
513
1155
|
jira: "jira";
|
|
1156
|
+
postgres: "postgres";
|
|
514
1157
|
}>>;
|
|
515
1158
|
resultId: z.ZodOptional<z.ZodString>;
|
|
516
1159
|
resultUrl: z.ZodOptional<z.ZodString>;
|
|
@@ -522,6 +1165,28 @@ export declare const LedgerRecordSchema: z.ZodObject<{
|
|
|
522
1165
|
}, z.core.$strict>>;
|
|
523
1166
|
traceId: z.ZodOptional<z.ZodString>;
|
|
524
1167
|
actionPassId: z.ZodNullable<z.ZodString>;
|
|
1168
|
+
delegation: z.ZodOptional<z.ZodObject<{
|
|
1169
|
+
parentPassId: z.ZodString;
|
|
1170
|
+
childPassId: z.ZodString;
|
|
1171
|
+
depth: z.ZodNumber;
|
|
1172
|
+
rootPassId: z.ZodString;
|
|
1173
|
+
}, z.core.$strip>>;
|
|
1174
|
+
budget: z.ZodOptional<z.ZodObject<{
|
|
1175
|
+
reservationId: z.ZodNullable<z.ZodString>;
|
|
1176
|
+
scope: z.ZodString;
|
|
1177
|
+
status: z.ZodEnum<{
|
|
1178
|
+
pending: "pending";
|
|
1179
|
+
committed: "committed";
|
|
1180
|
+
rolled_back: "rolled_back";
|
|
1181
|
+
denied: "denied";
|
|
1182
|
+
}>;
|
|
1183
|
+
expiresAt: z.ZodNullable<z.ZodString>;
|
|
1184
|
+
cost: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1185
|
+
limit: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1186
|
+
committedBefore: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1187
|
+
committedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1188
|
+
reservedAfter: z.ZodRecord<z.ZodString, z.ZodNumber>;
|
|
1189
|
+
}, z.core.$strip>>;
|
|
525
1190
|
correlationId: z.ZodOptional<z.ZodString>;
|
|
526
1191
|
previousLedgerHash: z.ZodNullable<z.ZodString>;
|
|
527
1192
|
ledgerHash: z.ZodString;
|
|
@@ -554,11 +1219,30 @@ export type IssueActionPassInput = {
|
|
|
554
1219
|
parentPassId?: string | null;
|
|
555
1220
|
ledgerHash?: string | null;
|
|
556
1221
|
traceId?: string;
|
|
1222
|
+
passId?: string;
|
|
1223
|
+
};
|
|
1224
|
+
export type IssueActionPassV1Input = IssueActionPassInput & {
|
|
1225
|
+
holderPublicJwk: JWK;
|
|
1226
|
+
delegation?: {
|
|
1227
|
+
depth: number;
|
|
1228
|
+
rootPassId: string;
|
|
1229
|
+
};
|
|
1230
|
+
};
|
|
1231
|
+
export type IssueActionPassV2Input = IssueActionPassV1Input & {
|
|
1232
|
+
status: ActionPassStatusClaim;
|
|
557
1233
|
};
|
|
558
1234
|
export type IssueActionPassResult = {
|
|
559
1235
|
token: string;
|
|
560
1236
|
claims: ActionPassClaims;
|
|
561
1237
|
};
|
|
1238
|
+
export type IssueActionPassV1Result = {
|
|
1239
|
+
token: string;
|
|
1240
|
+
claims: ActionPassV1Claims;
|
|
1241
|
+
};
|
|
1242
|
+
export type IssueActionPassV2Result = {
|
|
1243
|
+
token: string;
|
|
1244
|
+
claims: ActionPassV2Claims;
|
|
1245
|
+
};
|
|
562
1246
|
export type AuthorizeInput = {
|
|
563
1247
|
action: unknown;
|
|
564
1248
|
issuer: string;
|
|
@@ -590,9 +1274,38 @@ export type VerifyActionPassInput = {
|
|
|
590
1274
|
algorithms?: SigningAlgorithm[];
|
|
591
1275
|
clockTolerance?: string | number;
|
|
592
1276
|
currentDate?: Date;
|
|
1277
|
+
dpopProof?: string;
|
|
1278
|
+
dpopMethod?: string;
|
|
1279
|
+
dpopUri?: string;
|
|
1280
|
+
dpopNonce?: string;
|
|
1281
|
+
dpopAlgorithms?: SigningAlgorithm[];
|
|
1282
|
+
dpopMaxAgeSeconds?: number;
|
|
1283
|
+
dpopClockSkewSeconds?: number;
|
|
1284
|
+
dpopReplayStore?: DpopReplayStore;
|
|
593
1285
|
revokedPassIds?: Iterable<string>;
|
|
594
1286
|
revocations?: Iterable<ActionPassRevocation>;
|
|
595
1287
|
isRevoked?: (claims: ActionPassClaims) => boolean | string | Promise<boolean | string>;
|
|
1288
|
+
getStatus?: (claims: ActionPassV2Claims) => number | string | Promise<number | string>;
|
|
1289
|
+
};
|
|
1290
|
+
export type ActionPassRevocationSource = Pick<VerifyActionPassInput, "revokedPassIds" | "revocations" | "isRevoked" | "getStatus">;
|
|
1291
|
+
export type CreateDpopProofInput = {
|
|
1292
|
+
actionPass: string;
|
|
1293
|
+
method: string;
|
|
1294
|
+
uri: string;
|
|
1295
|
+
signingKey: SigningKey;
|
|
1296
|
+
publicJwk: JWK;
|
|
1297
|
+
algorithm?: SigningAlgorithm;
|
|
1298
|
+
now?: Date;
|
|
1299
|
+
proofId?: string;
|
|
1300
|
+
nonce?: string;
|
|
1301
|
+
};
|
|
1302
|
+
export type CreateDpopProofResult = {
|
|
1303
|
+
proof: string;
|
|
1304
|
+
claims: DpopProofClaims;
|
|
1305
|
+
jkt: string;
|
|
1306
|
+
};
|
|
1307
|
+
export type DpopReplayStore = {
|
|
1308
|
+
consume(proofId: string, expiresAt: Date, now?: Date): boolean | Promise<boolean>;
|
|
596
1309
|
};
|
|
597
1310
|
export type VerifyActionPassResult = {
|
|
598
1311
|
valid: true;
|
|
@@ -602,10 +1315,53 @@ export type VerifyActionPassResult = {
|
|
|
602
1315
|
valid: false;
|
|
603
1316
|
reason: string;
|
|
604
1317
|
};
|
|
1318
|
+
export type VerifyDelegationChainInput = {
|
|
1319
|
+
/**
|
|
1320
|
+
* Root-to-leaf chain. Every entry is signature/content verified; the leaf
|
|
1321
|
+
* entry must additionally carry a fresh DPoP proof.
|
|
1322
|
+
*/
|
|
1323
|
+
chain: VerifyActionPassInput[];
|
|
1324
|
+
currentDate?: Date;
|
|
1325
|
+
/**
|
|
1326
|
+
* One authority-owned source applied to every root-to-leaf member. This is
|
|
1327
|
+
* what makes revoking any ancestor invalidate all descendant presentations.
|
|
1328
|
+
*/
|
|
1329
|
+
revocation?: ActionPassRevocationSource;
|
|
1330
|
+
};
|
|
1331
|
+
export type VerifyDelegationChainResult = {
|
|
1332
|
+
valid: true;
|
|
1333
|
+
claims: Array<ActionPassV1Claims | ActionPassV2Claims>;
|
|
1334
|
+
actions: NormalizedAction[];
|
|
1335
|
+
} | {
|
|
1336
|
+
valid: false;
|
|
1337
|
+
reason: string;
|
|
1338
|
+
};
|
|
1339
|
+
export type DelegateActionPassV1Input = Omit<IssueActionPassV1Input, "action" | "decision" | "holderPublicJwk" | "parentPassId" | "delegation"> & {
|
|
1340
|
+
parentChain: VerifyActionPassInput[];
|
|
1341
|
+
childAction: unknown;
|
|
1342
|
+
childDecision: PolicyDecision;
|
|
1343
|
+
childHolderPublicJwk: JWK;
|
|
1344
|
+
revocation?: ActionPassRevocationSource;
|
|
1345
|
+
};
|
|
1346
|
+
export type DelegateActionPassV1Result = IssueActionPassV1Result & {
|
|
1347
|
+
delegation: DelegationLedgerEdge;
|
|
1348
|
+
};
|
|
1349
|
+
export type DelegateActionPassV2Input = Omit<IssueActionPassV2Input, "action" | "decision" | "holderPublicJwk" | "parentPassId" | "delegation" | "status"> & {
|
|
1350
|
+
parentChain: VerifyActionPassInput[];
|
|
1351
|
+
childAction: unknown;
|
|
1352
|
+
childDecision: PolicyDecision;
|
|
1353
|
+
childHolderPublicJwk: JWK;
|
|
1354
|
+
childStatus: ActionPassStatusClaim;
|
|
1355
|
+
revocation?: ActionPassRevocationSource;
|
|
1356
|
+
};
|
|
1357
|
+
export type DelegateActionPassV2Result = IssueActionPassV2Result & {
|
|
1358
|
+
delegation: DelegationLedgerEdge;
|
|
1359
|
+
};
|
|
605
1360
|
export type CreateApprovalArtifactInput = {
|
|
606
1361
|
action: unknown;
|
|
607
1362
|
mode: "human" | "policy_override";
|
|
608
1363
|
approvedBy: string;
|
|
1364
|
+
approverRoles?: string[];
|
|
609
1365
|
approvedAt?: Date;
|
|
610
1366
|
reason?: string;
|
|
611
1367
|
expiresAt?: Date;
|
|
@@ -635,7 +1391,52 @@ export declare function evaluateAction(actionInput: unknown, options?: PolicyOpt
|
|
|
635
1391
|
export declare function authorize(input: AuthorizeInput): Promise<AuthorizeResult>;
|
|
636
1392
|
export declare function createApprovalArtifact(input: CreateApprovalArtifactInput): CreateApprovalArtifactResult;
|
|
637
1393
|
export declare function issueActionPass(input: IssueActionPassInput): Promise<IssueActionPassResult>;
|
|
1394
|
+
export declare function issueActionPassV1(input: IssueActionPassV1Input): Promise<IssueActionPassV1Result>;
|
|
1395
|
+
export declare function issueActionPassV2(input: IssueActionPassV2Input): Promise<IssueActionPassV2Result>;
|
|
1396
|
+
export declare function delegateActionPassV1(input: DelegateActionPassV1Input): Promise<DelegateActionPassV1Result>;
|
|
1397
|
+
export declare function delegateActionPassV2(input: DelegateActionPassV2Input): Promise<DelegateActionPassV2Result>;
|
|
1398
|
+
export declare function createDpopProof(input: CreateDpopProofInput): Promise<CreateDpopProofResult>;
|
|
1399
|
+
export declare class InMemoryDpopReplayStore implements DpopReplayStore {
|
|
1400
|
+
private readonly entries;
|
|
1401
|
+
consume(proofId: string, expiresAt: Date, currentDate?: Date): boolean;
|
|
1402
|
+
}
|
|
1403
|
+
export type FileDpopReplayStoreOptions = {
|
|
1404
|
+
lock?: {
|
|
1405
|
+
staleMs?: number;
|
|
1406
|
+
updateMs?: number;
|
|
1407
|
+
retries?: number;
|
|
1408
|
+
minTimeoutMs?: number;
|
|
1409
|
+
maxTimeoutMs?: number;
|
|
1410
|
+
};
|
|
1411
|
+
};
|
|
1412
|
+
/**
|
|
1413
|
+
* Durable, inter-process replay store for DPoP proof `jti`s. A proof captured
|
|
1414
|
+
* before a restart stays rejected after restart, for as long as it remains
|
|
1415
|
+
* inside its own time window. Entries live only until their proof expires, so
|
|
1416
|
+
* the on-disk set stays bounded to the in-flight window rather than growing
|
|
1417
|
+
* unboundedly.
|
|
1418
|
+
*
|
|
1419
|
+
* This is a single-file local store, not a cross-host distributed one: it
|
|
1420
|
+
* defends one machine's verifiers (shared across handlers/processes on that
|
|
1421
|
+
* host). Authenticated cross-host distribution is out of scope here.
|
|
1422
|
+
*
|
|
1423
|
+
* Durability mirrors the local ledger: a `proper-lockfile` lease serializes the
|
|
1424
|
+
* read-modify-write so `consume` is atomic across processes, appended lines are
|
|
1425
|
+
* `fsync`ed before the lease releases, and the file is compacted in place once
|
|
1426
|
+
* expired lines outnumber live ones so it cannot grow without bound.
|
|
1427
|
+
*/
|
|
1428
|
+
export declare class FileDpopReplayStore implements DpopReplayStore {
|
|
1429
|
+
readonly filePath: string;
|
|
1430
|
+
private readonly options;
|
|
1431
|
+
constructor(filePath: string, options?: FileDpopReplayStoreOptions);
|
|
1432
|
+
consume(proofId: string, expiresAt: Date, currentDate?: Date): Promise<boolean>;
|
|
1433
|
+
private acquireLock;
|
|
1434
|
+
private readLiveEntries;
|
|
1435
|
+
private append;
|
|
1436
|
+
private compact;
|
|
1437
|
+
}
|
|
638
1438
|
export declare function verifyActionPass(input: VerifyActionPassInput): Promise<VerifyActionPassResult>;
|
|
1439
|
+
export declare function verifyDelegationChain(input: VerifyDelegationChainInput): Promise<VerifyDelegationChainResult>;
|
|
639
1440
|
export declare function revokeActionPass(input: RevokeActionPassInput): ActionPassRevocation;
|
|
640
1441
|
export declare class LocalActionPassTrustStore implements ActionPassTrustStore {
|
|
641
1442
|
readonly filePath: string;
|
|
@@ -652,6 +1453,8 @@ export declare function recordDecision(input: {
|
|
|
652
1453
|
action: unknown;
|
|
653
1454
|
decision: PolicyDecision;
|
|
654
1455
|
actionPassId?: string | null;
|
|
1456
|
+
delegation?: DelegationLedgerEdge;
|
|
1457
|
+
budget?: BudgetLedgerEvent;
|
|
655
1458
|
previousLedgerHash?: string | null;
|
|
656
1459
|
occurredAt?: Date;
|
|
657
1460
|
traceId?: string;
|
|
@@ -659,10 +1462,209 @@ export declare function recordDecision(input: {
|
|
|
659
1462
|
executionOutcome?: LedgerExecutionOutcome;
|
|
660
1463
|
correlationId?: string | null;
|
|
661
1464
|
}): LedgerRecord;
|
|
1465
|
+
/**
|
|
1466
|
+
* Canonical reason token marking a ledger record as the tamper-evident
|
|
1467
|
+
* revocation event for its pass. Matches the forensics `cascade_containment`
|
|
1468
|
+
* convention (spec §9.5) and the trust-store revocation authority (spec §7).
|
|
1469
|
+
*/
|
|
1470
|
+
export declare const REVOCATION_LEDGER_REASON = "actionpass_revoked";
|
|
1471
|
+
/**
|
|
1472
|
+
* Build a tamper-evident revocation event for a previously recorded pass. The
|
|
1473
|
+
* event is a `deny` record naming the pass with `actionpass_revoked`, reusing
|
|
1474
|
+
* the revoked record's action/payload hashes, policy, and audit context so the
|
|
1475
|
+
* revocation is bound to the exact action it cancels. It carries no delegation
|
|
1476
|
+
* edge or budget event (those describe the original action, not the
|
|
1477
|
+
* revocation). The durable enforcement authority remains the trust store (§7);
|
|
1478
|
+
* this record is the auditable logbook entry, not the enforcement source.
|
|
1479
|
+
*/
|
|
1480
|
+
export declare function recordActionPassRevocationEvent(input: {
|
|
1481
|
+
revokedRecord: LedgerRecord;
|
|
1482
|
+
revokedBy?: string;
|
|
1483
|
+
reason?: string;
|
|
1484
|
+
occurredAt?: Date;
|
|
1485
|
+
previousLedgerHash?: string | null;
|
|
1486
|
+
}): LedgerRecord;
|
|
662
1487
|
export declare function hashPayload(payload: unknown): string;
|
|
1488
|
+
export declare function hashProvenance(provenance: ActionProvenance): string;
|
|
663
1489
|
export declare function hashAction(action: unknown): string;
|
|
1490
|
+
export declare const GITHUB_NATIVE_CONNECTOR_GOVERNANCE: NativeConnectorGovernanceDescriptor<GitHubNativeConnectorConfig>;
|
|
1491
|
+
export declare const LINEAR_NATIVE_CONNECTOR_GOVERNANCE: NativeConnectorGovernanceDescriptor<LinearNativeConnectorConfig>;
|
|
1492
|
+
export declare const JIRA_NATIVE_CONNECTOR_GOVERNANCE: NativeConnectorGovernanceDescriptor<JiraNativeConnectorConfig>;
|
|
1493
|
+
export declare const POSTGRES_NATIVE_CONNECTOR_GOVERNANCE: NativeConnectorGovernanceDescriptor<PostgresNativeConnectorConfig>;
|
|
1494
|
+
export declare const DRIVE_NATIVE_CONNECTOR_GOVERNANCE: NativeConnectorGovernanceDescriptor<DriveNativeConnectorConfig>;
|
|
1495
|
+
export declare const NATIVE_CONNECTOR_GOVERNANCE_REGISTRY: readonly [NativeConnectorGovernanceDescriptor<{
|
|
1496
|
+
mode: "fake" | "rest" | "app";
|
|
1497
|
+
tokenEnv: string;
|
|
1498
|
+
apiBaseUrl: string;
|
|
1499
|
+
userAgent: string;
|
|
1500
|
+
appIdEnv: string;
|
|
1501
|
+
installationIdEnv: string;
|
|
1502
|
+
privateKeyEnv: string;
|
|
1503
|
+
appId?: string | undefined;
|
|
1504
|
+
installationId?: string | undefined;
|
|
1505
|
+
}>, NativeConnectorGovernanceDescriptor<{
|
|
1506
|
+
mode: "fake" | "graphql";
|
|
1507
|
+
tokenEnv: string;
|
|
1508
|
+
apiUrl: string;
|
|
1509
|
+
}>, NativeConnectorGovernanceDescriptor<{
|
|
1510
|
+
mode: "fake" | "rest";
|
|
1511
|
+
auth: "api_token" | "oauth";
|
|
1512
|
+
tokenEnv: string;
|
|
1513
|
+
emailEnv: string;
|
|
1514
|
+
siteUrl: string;
|
|
1515
|
+
cloudIdEnv: string;
|
|
1516
|
+
cloudId?: string | undefined;
|
|
1517
|
+
}>, NativeConnectorGovernanceDescriptor<{
|
|
1518
|
+
mode: "postgres" | "off";
|
|
1519
|
+
dsnEnv: string;
|
|
1520
|
+
allowedTables: string[];
|
|
1521
|
+
allowedFunctions: string[];
|
|
1522
|
+
requireRls: boolean;
|
|
1523
|
+
maxRows: number;
|
|
1524
|
+
statementTimeoutMs: number;
|
|
1525
|
+
lockTimeoutMs: number;
|
|
1526
|
+
idleTransactionTimeoutMs: number;
|
|
1527
|
+
}>, NativeConnectorGovernanceDescriptor<{
|
|
1528
|
+
mode: "rest" | "off";
|
|
1529
|
+
tokenEnv: string;
|
|
1530
|
+
apiBaseUrl: string;
|
|
1531
|
+
allowedMimeTypes: string[];
|
|
1532
|
+
maxReadBytes: number;
|
|
1533
|
+
selectedFileId?: string | undefined;
|
|
1534
|
+
}>];
|
|
664
1535
|
export declare function providerEvidenceForAction(actionInput: unknown): LedgerProviderEvidence | undefined;
|
|
665
1536
|
export declare function hashJson(value: unknown): string;
|
|
666
1537
|
export declare function stableStringify(value: unknown): string;
|
|
1538
|
+
export declare function computeDpopAccessTokenHash(token: string): string;
|
|
1539
|
+
export declare function normalizeDpopMethod(method: string): string;
|
|
1540
|
+
export declare function normalizeDpopUri(uri: string): string;
|
|
1541
|
+
export declare function actionPassDpopTarget(actionInput: unknown): {
|
|
1542
|
+
method: "POST";
|
|
1543
|
+
uri: string;
|
|
1544
|
+
};
|
|
667
1545
|
export declare function validateApprovalArtifact(artifactInput: unknown, actionInput: unknown, now?: Date): string | null;
|
|
1546
|
+
export declare const AXTARY_DEFAULT_ISSUER = "axtary-dev";
|
|
1547
|
+
export declare const AXTARY_DEFAULT_TENANT = "local";
|
|
1548
|
+
export declare const AXTARY_DEFAULT_RUNTIME = "sdk";
|
|
1549
|
+
/** Flat authorization request — the shape from PRD §8.2. */
|
|
1550
|
+
export type AxtaryAuthorizeRequest = {
|
|
1551
|
+
agent: string;
|
|
1552
|
+
human: string;
|
|
1553
|
+
intent: string;
|
|
1554
|
+
tool: string;
|
|
1555
|
+
resource: string;
|
|
1556
|
+
payload?: Record<string, JsonValue>;
|
|
1557
|
+
/** Agent runtime label; defaults to the instance runtime ("sdk"). */
|
|
1558
|
+
runtime?: string;
|
|
1559
|
+
/** Stable task id for ledger correlation; generated when omitted. */
|
|
1560
|
+
task?: string;
|
|
1561
|
+
/** Tenant; defaults to the instance tenant. */
|
|
1562
|
+
tenant?: string;
|
|
1563
|
+
constraints?: Record<string, JsonValue>;
|
|
1564
|
+
budget?: ActionBudget;
|
|
1565
|
+
toolDefinition?: NormalizedAction["toolDefinition"];
|
|
1566
|
+
provenance?: ActionProvenance;
|
|
1567
|
+
maxDelegationDepth?: number;
|
|
1568
|
+
};
|
|
1569
|
+
export type AxtaryPass = IssueActionPassResult;
|
|
1570
|
+
export type AxtaryAuthorizeResult = {
|
|
1571
|
+
/** Alias of `decision.decision` so `result.status === "allow"` reads cleanly. */
|
|
1572
|
+
status: AxtaryDecision;
|
|
1573
|
+
decision: PolicyDecision;
|
|
1574
|
+
reasons: string[];
|
|
1575
|
+
explanation: PolicyDecisionExplanation;
|
|
1576
|
+
payloadHash: string;
|
|
1577
|
+
action: NormalizedAction;
|
|
1578
|
+
pass: AxtaryPass | null;
|
|
1579
|
+
ledger: LedgerRecord;
|
|
1580
|
+
};
|
|
1581
|
+
export type AxtaryAuthorizeOptions = {
|
|
1582
|
+
policy?: PolicyOptions;
|
|
1583
|
+
approval?: Approval;
|
|
1584
|
+
approvalArtifact?: ApprovalArtifact;
|
|
1585
|
+
now?: Date;
|
|
1586
|
+
};
|
|
1587
|
+
export type AxtaryExecutionOutcome = Omit<LedgerExecutionOutcome, "schemaVersion" | "sideEffectProof"> & {
|
|
1588
|
+
sideEffectProof?: Record<string, JsonValue>;
|
|
1589
|
+
};
|
|
1590
|
+
export type AxtaryRecordInput = {
|
|
1591
|
+
action: AxtaryAuthorizeRequest | NormalizedAction;
|
|
1592
|
+
decision: PolicyDecision;
|
|
1593
|
+
pass?: AxtaryPass | string | null;
|
|
1594
|
+
outcome?: AxtaryExecutionOutcome;
|
|
1595
|
+
correlationId?: string | null;
|
|
1596
|
+
previousLedgerHash?: string | null;
|
|
1597
|
+
};
|
|
1598
|
+
export type AxtaryRevokeOptions = {
|
|
1599
|
+
revokedBy?: string;
|
|
1600
|
+
reason?: string;
|
|
1601
|
+
revokedAt?: Date;
|
|
1602
|
+
};
|
|
1603
|
+
export type AxtaryConfig = {
|
|
1604
|
+
issuer?: string;
|
|
1605
|
+
tenant?: string;
|
|
1606
|
+
runtime?: string;
|
|
1607
|
+
/** Issuer signing key. Omit to use a persistent local dev key (see devKeypair). */
|
|
1608
|
+
signingKey?: SigningKey;
|
|
1609
|
+
signingKeyId?: string;
|
|
1610
|
+
/** Public verification key matching `signingKey`; required for `verify`. */
|
|
1611
|
+
verificationKey?: VerificationKey;
|
|
1612
|
+
algorithm?: SigningAlgorithm;
|
|
1613
|
+
/** Default policy options applied to every authorize call. */
|
|
1614
|
+
policy?: PolicyOptions;
|
|
1615
|
+
/** Override the dev keyring file path used when no signing key is configured. */
|
|
1616
|
+
keyPath?: string;
|
|
1617
|
+
/** Suppress the one-time dev-key warning. */
|
|
1618
|
+
quiet?: boolean;
|
|
1619
|
+
};
|
|
1620
|
+
export declare class Axtary {
|
|
1621
|
+
readonly issuer: string;
|
|
1622
|
+
readonly tenant: string;
|
|
1623
|
+
readonly runtime: string;
|
|
1624
|
+
private readonly defaultPolicy?;
|
|
1625
|
+
private readonly algorithm;
|
|
1626
|
+
private readonly quiet;
|
|
1627
|
+
private readonly configuredSigningKey?;
|
|
1628
|
+
private readonly configuredKeyId?;
|
|
1629
|
+
private readonly configuredVerificationKey?;
|
|
1630
|
+
private readonly keyPath?;
|
|
1631
|
+
private signerPromise?;
|
|
1632
|
+
private ledgerHead;
|
|
1633
|
+
private readonly revocations;
|
|
1634
|
+
constructor(config?: AxtaryConfig);
|
|
1635
|
+
/** Current local ledger head (hash of the last record this instance wrote). */
|
|
1636
|
+
get ledgerHash(): string | null;
|
|
1637
|
+
private resolveSigner;
|
|
1638
|
+
private toNormalizedAction;
|
|
1639
|
+
/**
|
|
1640
|
+
* Decide an action and, for an allow, issue an ActionPass. Always returns a
|
|
1641
|
+
* decision (the policy evaluation is keyless); a deny/step-up returns
|
|
1642
|
+
* `pass: null`. Threads the local ledger head so successive calls chain.
|
|
1643
|
+
*/
|
|
1644
|
+
authorize(request: AxtaryAuthorizeRequest | NormalizedAction, options?: AxtaryAuthorizeOptions): Promise<AxtaryAuthorizeResult>;
|
|
1645
|
+
/**
|
|
1646
|
+
* Verify a previously issued pass against an action. Accepts an authorize
|
|
1647
|
+
* result, a pass object, or a raw token; the action defaults to the result's
|
|
1648
|
+
* action when one is supplied. Fails closed for a pass this instance revoked.
|
|
1649
|
+
*/
|
|
1650
|
+
verify(pass: AxtaryAuthorizeResult | AxtaryPass | string, action?: AxtaryAuthorizeRequest | NormalizedAction): Promise<VerifyActionPassResult>;
|
|
1651
|
+
/**
|
|
1652
|
+
* Append an execution result to the local ledger, chained after the decision
|
|
1653
|
+
* record from `authorize`. Returns the tamper-evident record; durable
|
|
1654
|
+
* persistence is the proxy/CLI's responsibility.
|
|
1655
|
+
*/
|
|
1656
|
+
record(input: AxtaryRecordInput): LedgerRecord;
|
|
1657
|
+
/**
|
|
1658
|
+
* Revoke a pass by id. The revocation is held in this instance so a later
|
|
1659
|
+
* `verify` of that pass fails closed. Durable cross-process revocation is the
|
|
1660
|
+
* CLI/trust-store path (`axtary revoke`).
|
|
1661
|
+
*/
|
|
1662
|
+
revoke(passId: string, options?: AxtaryRevokeOptions): ActionPassRevocation;
|
|
1663
|
+
/** Deterministic, human-readable explanation of a decision (no model call). */
|
|
1664
|
+
explain(decision: PolicyDecision | AxtaryAuthorizeResult): PolicyDecisionExplanation;
|
|
1665
|
+
}
|
|
1666
|
+
/** Create an Axtary SDK instance. */
|
|
1667
|
+
export declare function createAxtary(config?: AxtaryConfig): Axtary;
|
|
1668
|
+
/** Default Axtary SDK instance (PRD §8.2 `import { axtary }`). */
|
|
1669
|
+
export declare const axtary: Axtary;
|
|
668
1670
|
//# sourceMappingURL=index.d.ts.map
|