@blamejs/core 0.13.42 → 0.13.44

package/CHANGELOG.md

@@ -8,6 +8,10 @@ upgrading across more than a few patches at a time.
 
 ## v0.13.x
 
+- v0.13.44 (2026-05-29) — **Error codes on the consent, compliance, and protocol namespaces now follow the namespace/kebab-case contract.** The framework's error contract is `err.code = "namespace/kebab-case"`, and the vast majority of namespaces already followed it. This release normalizes the holdouts: fifteen namespaces that threw bare UPPER_SNAKE codes with no namespace, and nine that used a camelCase namespace prefix. After this release every error these namespaces throw carries a `namespace/kebab-case` code, so an operator switching on `err.code` no longer has to special-case them. This is a breaking change for code that matches the old strings — pre-1.0, there is no compatibility shim, so update any `err.code` comparisons against the listed namespaces. A codebase check now enforces the convention so it cannot regress. A small set of older codes (the cluster, scheduler, circuit-breaker, object-store, and upload subsystems) is intentionally left for the 1.0 release, where it will carry a deprecation cycle. **Changed:** *Bare UPPER_SNAKE error codes are now namespaced (breaking)* — Fifteen namespaces threw bare UPPER_SNAKE error codes with no namespace prefix (for example `mcp` threw `BAD_JSON`, `BAD_ENVELOPE`, `BAD_METHOD`). Their `err.code` values are now `namespace/kebab-case` — `mcp/bad-json`, `mcp/bad-envelope`, and so on. The affected namespaces are `b.a2a`, `b.aiInput`, `b.aiPref`, `b.budr`, `b.contentCredentials`, `b.darkPatterns`, `b.fapi2`, `b.fdx`, `b.graphqlFederation`, `b.iabTcf`, `b.iabMspa`, `b.mcp`, `b.secCyber`, `b.sse`, and `b.tcpa10dlc`. Operators matching the old bare codes on `err.code` must update those comparisons; the error message text is unchanged. · *camelCase error-code namespaces are now kebab-case (breaking)* — Nine namespaces emitted error codes whose namespace segment was camelCase (for example `aiDp/bad-bound`, `argParser/flag-duplicate`). The namespace segment is now kebab-case to match every other code: `ai-dp/`, `ai-capability/`, `ai-quota/`, `arg-parser/`, `audit-sign/`, `auth-step-up/`, `ddl-change-control/`, `dr-runbook/`, `tenant-quota/`, and `boot-gates/`. The `b.*` API namespace keys themselves are unchanged (those remain camelCase, e.g. `b.argParser`); only the `err.code` string changed. Operators matching these `err.code` strings must update them. **Detectors:** *Error-code shape is enforced* — A codebase check now flags any error code constructed via `new XError(...)` or the per-class `factory(...)` whose value is a bare UPPER_SNAKE string or carries a camelCase namespace segment, so the `namespace/kebab-case` contract cannot silently regress. It correctly ignores native error constructors (whose first argument is the message, not a code).
+
+- v0.13.43 (2026-05-29) — **LTS window stated consistently as 24 months, experimental primitives declared semver-exempt, and stale version references cleaned up.** Documentation and operator-facing string hygiene ahead of the 1.0 stability contract. The LTS support window is now stated as 24 months everywhere (GOVERNANCE.md and the LTS calendar previously disagreed — 24 vs 18). The LTS calendar gains an explicit clause that primitives marked experimental are exempt from the stability/LTS contract, so operators can tell at a glance which surfaces may change between minors. Several error messages and doc blocks that pinned to long-past version numbers ("lands in v0.10.9", "not supported in v0.12.7", "ships in v0.6.45+") are restated version-agnostically with their escape hatch, and the S/MIME module now points operators at the live PGP encrypt/decrypt path for confidentiality today. No API or behavior changes. **Changed:** *LTS support window is consistently 24 months* — `GOVERNANCE.md` promised a 24-month LTS window while `LTS-CALENDAR.md` and `SECURITY.md` stated 18 — a six-month contradiction in the single most load-bearing number of the support contract. All three now state 24 months of security-only patches per major. The calendar table and the supported-versions prose are aligned. · *Experimental primitives are declared exempt from the stability contract* — `LTS-CALENDAR.md` now states explicitly that primitives documented as experimental (shown as "experimental" on their wiki page, and via the `experimental` segment in namespaces like `b.jose.jwe.experimental`) are not covered by the stability contract or the LTS window — they may change signature, behavior, or wire format, or be removed, in any minor without a deprecation cycle. This lets the framework ship primitives that track in-flight standards without freezing an unsettled format, and tells operators precisely which surfaces are not yet frozen. **Fixed:** *Stale version references removed from operator-facing errors and docs* — Error messages and documentation that pinned to long-past versions are restated version-agnostically with the relevant escape hatch: ZIP64 and unsupported-compression errors in archive reading, the CMS AuthEnvelopedData / fielded-decoder notes, the mTLS CRL-engine error, the safe-archive format-detection summary (which also now correctly lists the supported zip / tar / tar.gz set rather than claiming only zip), and the AI-content IPTC-reader note. None changed behavior; they no longer read as broken promises against the published version history. · *S/MIME confidentiality deferral points to the working PGP path* — `b.mail.crypto.smime` ships sign + verify; encrypt/decrypt is deferred. The deferral note previously cited an open-ended internal condition; it now names the escape hatch directly — use `b.mail.crypto.pgp.encrypt` / `decrypt` for mail confidentiality today — and states the concrete trigger that would re-open S/MIME-specific (X.509-recipient) encryption. · *Governance doc no longer references an internal file operators cannot see* — `GOVERNANCE.md` cited a rule number in a contributor-only file that does not ship in the repository. The deprecation-policy statement is now self-contained.
+
 - v0.13.42 (2026-05-29) — **S/MIME trust-chain validation binds the leaf to the key that verified the signature.** When b.mail.crypto.smime.verify is given trust anchors, it validates the supplied certificate chain — but it picked the chain leaf unconditionally (the first cert) and never tied it to signerPublicKey, the key that actually verified the signature. A SignedData blob could therefore carry a validly-chained certificate for one identity while the signature was verified under an unrelated key, and the chain-validated result would imply a cert↔signer binding the code never made. Chain validation now selects the leaf as the certificate whose public key matches signerPublicKey, and refuses (signer-not-in-chain) when no certificate in the chain carries that key — so a chain-validated signature is bound to the cert it claims. **Security:** *Trust-chain leaf is bound to the verified signer key* — `smime.verify({ trustAnchorCertsPem })` validated the supplied chain starting from `chain[0]` without checking that the leaf's public key was the one that verified the signature (the operator-supplied `signerPublicKey`). A crafted `SignedData` could pair a validly-chained certificate for identity A with a signature verified under an unrelated key, and the chain-valid result would assert a binding that didn't hold. The chain walk now selects the leaf as the certificate whose public key equals `signerPublicKey` (matched against the certificate's SPKI, raw key or full-encoding form), and throws `mail-crypto/smime/signer-not-in-chain` when no certificate in `SignedData.certificates` carries that key. A certificate whose key cannot be extracted is treated as a non-match, so validation fails closed rather than trusting an unverifiable binding.
 
 - v0.13.41 (2026-05-29) — **Agent registry reads can be tenant-scoped; compliance-erasure docs clarify actor is an audit field.** The agent orchestrator's registry reads (list and lookup) gated only on the flat agent-registry:read scope, so any holder could enumerate every tenant's agents and resolve a handle to one — even though the event bus already scopes subscribe and delivery by tenant. The orchestrator now mirrors that: with the new tenantScope option enabled, list returns only the actor's own tenant's agents and lookup refuses a cross-tenant name, unless the actor holds the framework cross-tenant-admin scope. Off by default, so single-tenant deployments are unaffected. Separately, the subject-erasure docs now state explicitly that the recorded actor is an audit field, not authentication — the caller must be authorized upstream. **Added:** *Tenant-scoped agent registry reads (opts.tenantScope)* — `b.agent.orchestrator.create({ tenantScope: true })` now scopes `list` and `lookup` to the calling actor's tenant: `list` filters out agents in other tenants and `lookup` returns null for a cross-tenant name, unless the actor holds the cross-tenant-admin scope (`b.agent.tenant.CROSS_TENANT_ADMIN_SCOPE`). This closes a cross-tenant metadata-enumeration and handle-acquisition path — `agent-registry:read` alone no longer exposes other tenants' agents — and mirrors the tenant scoping the event bus enforces on subscribe and delivery. The option defaults off; existing single-tenant orchestrators behave exactly as before. The `tenantId` argument to `list` remains a convenience filter, distinct from this authorization boundary. **Changed:** *Subject-erasure docs clarify the actor is an audit field, not authentication* — `b.subject.erase` and `b.subject.eraseHard` gate the deletion on operator acknowledgements and the legal-hold registry, not on caller identity. Their documentation now states explicitly that the recorded `actor` is an audit-record field, not authentication — the caller MUST be authenticated and authorized by the route before invoking. No behavior change; this removes an implicit assumption that could otherwise be read as the primitive authorizing the call.

package/LTS-CALENDAR.md

@@ -1,13 +1,13 @@
 # LTS calendar
 
 `@blamejs/core` ships on a published major cadence. Each major receives
-**18 months of security-only patches** starting the day the next major is
+**24 months of security-only patches** starting the day the next major is
 published. Feature backports are not promised.
 
 | Version       | First release | Security patches through    | Node minimum  | KEM                  | Cipher                | KDF      | Sigs                  |
 |---------------|---------------|-----------------------------|---------------|----------------------|-----------------------|----------|-----------------------|
 | `v0.x` (pre-1.0) | 2026-04-25  | until v1.0 ships            | 24            | ML-KEM-1024 + P-384  | XChaCha20-Poly1305    | SHAKE256 | SLH-DSA-SHAKE-256f    |
-| `v1.x`        | TBD           | first release + 18 months   | current LTS   | ML-KEM-1024 + P-384  | XChaCha20-Poly1305    | SHAKE256 | SLH-DSA-SHAKE-256f    |
+| `v1.x`        | TBD           | first release + 24 months   | current LTS   | ML-KEM-1024 + P-384  | XChaCha20-Poly1305    | SHAKE256 | SLH-DSA-SHAKE-256f    |
 
 ## What "security patches" means
 
@@ -27,3 +27,7 @@ The "Node minimum" column is the lowest Node major the framework supports for th
 ## Pre-1.0 caveat
 
 `v0.x` has no LTS commitment. Every release may change something operators depend on; the algorithm posture is intentionally evolving. Read [CHANGELOG.md](CHANGELOG.md) before upgrading across more than a few patches at a time. The LTS calendar takes effect at v1.0.
+
+## Experimental primitives are exempt
+
+Primitives documented `@status experimental` (shown as "experimental" on each wiki page, and via the `experimental` segment in namespaces such as `b.jose.jwe.experimental`) are **not** covered by the stability contract or the LTS window. They may change signature, behavior, or wire format — or be removed — in any minor, without the deprecation cycle that stable primitives get. This applies on the LTS line too. The exemption exists so the framework can ship primitives that track in-flight standards (draft RFCs, pre-IANA codepoints, newly published W3C surfaces) without freezing an unsettled format for a major's full support window. A primitive graduates to stable by dropping the `@status experimental` marker in a release whose notes call out the graduation.

package/lib/a2a.js

@@ -48,52 +48,52 @@ var SEMVER_RE = /^[0-9]+\.[0-9]+(?:\.[0-9]+)?(?:-[A-Za-z0-9.-]+)?$/;
 
 function _validateCardShape(card, errorClass) {
   if (!card || typeof card !== "object" || Array.isArray(card)) {
-    throw errorClass.factory("BAD_CARD",
+    throw errorClass.factory("a2a/bad-card",
       "a2a: card must be an object");
   }
   for (var i = 0; i < REQUIRED_CARD_FIELDS.length; i += 1) {
     var f = REQUIRED_CARD_FIELDS[i];
     if (typeof card[f] === "undefined" || card[f] === null) {
-      throw errorClass.factory("MISSING_FIELD",
+      throw errorClass.factory("a2a/missing-field",
         "a2a: card." + f + " is required");
     }
   }
   if (typeof card.issuer !== "string" || card.issuer.length > ID_MAX || !ID_RE.test(card.issuer)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.issuer shape (must match " + ID_RE + ")");
   }
   if (typeof card.agentId !== "string" || card.agentId.length > ID_MAX || !ID_RE.test(card.agentId)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.agentId shape");
   }
   if (typeof card.version !== "string" || card.version.length > SEMVER_MAX || !SEMVER_RE.test(card.version)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.version must be semver");
   }
   if (!Array.isArray(card.capabilities)) {
-    throw errorClass.factory("BAD_FIELD",
+    throw errorClass.factory("a2a/bad-field",
       "a2a: card.capabilities must be an array");
   }
   for (var c = 0; c < card.capabilities.length; c += 1) {
     var cap = card.capabilities[c];
     if (typeof cap !== "string" || cap.length === 0 || cap.length > CAP_NAME_MAX) {
-      throw errorClass.factory("BAD_FIELD",
+      throw errorClass.factory("a2a/bad-field",
         "a2a: card.capabilities[" + c + "] must be 1-128 char string");
     }
   }
   if (card.endpoints !== undefined) {
     if (!Array.isArray(card.endpoints)) {
-      throw errorClass.factory("BAD_FIELD",
+      throw errorClass.factory("a2a/bad-field",
         "a2a: card.endpoints must be an array");
     }
     for (var e = 0; e < card.endpoints.length; e += 1) {
       var ep = card.endpoints[e];
       if (!ep || typeof ep !== "object" || typeof ep.url !== "string") {
-        throw errorClass.factory("BAD_FIELD",
+        throw errorClass.factory("a2a/bad-field",
           "a2a: card.endpoints[" + e + "] must have a string url");
       }
       if (!/^https:\/\//.test(ep.url) && !/^http:\/\/(localhost|127\.0\.0\.1|\[::1\])/.test(ep.url)) {
-        throw errorClass.factory("INSECURE_ENDPOINT",
+        throw errorClass.factory("a2a/insecure-endpoint",
           "a2a: card.endpoints[" + e + "].url must be HTTPS (or localhost)");
       }
     }
@@ -226,7 +226,7 @@ function signCard(card, privateKeyPem, opts) {
   _validateCardShape(card, errorClass);
 
   if (typeof privateKeyPem !== "string" || privateKeyPem.length === 0) {
-    throw errorClass.factory("BAD_KEY",
+    throw errorClass.factory("a2a/bad-key",
       "a2a.signCard: privateKeyPem required");
   }
 

package/lib/agent-snapshot.js

@@ -170,7 +170,7 @@ function _resolveSigner(ctx) {
   var as;
   try { as = auditSign(); } catch (_e) { as = null; }
   if (as && typeof as.sign === "function" && typeof as.verify === "function") {
-    // b.auditSign.sign throws "auditSign/not-initialized" when called
+    // b.auditSign.sign throws "audit-sign/not-initialized" when called
     // pre-init — surface that here as the snapshot's signer-not-wired
     // error so the caller's message is consistent regardless of which
     // dependency landed unwired.

package/lib/ai-capability.js

@@ -108,31 +108,31 @@ function _isStringArray(a) {
 // surfaces at config time rather than as a silent mis-route.
 function _normalizeDescriptor(modelId, d) {
   if (!d || typeof d !== "object" || Array.isArray(d)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: descriptor for '" + modelId + "' must be a plain object");
   }
   validateOpts(d, DESCRIPTOR_KEYS, "ai.capability descriptor['" + modelId + "']");
 
   if (!_isPositiveInt(d.maxContextTokens)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.maxContextTokens must be a positive integer");
   }
   var maxOut = (d.maxOutputTokens == null) ? d.maxContextTokens : d.maxOutputTokens;
   if (!_isPositiveInt(maxOut)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.maxOutputTokens must be a positive integer");
   }
 
   var modIn = (d.modalitiesIn == null) ? ["text"] : d.modalitiesIn;
   var modOut = (d.modalitiesOut == null) ? ["text"] : d.modalitiesOut;
   if (!_isStringArray(modIn) || !_isStringArray(modOut)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.modalitiesIn / modalitiesOut must be arrays of non-empty strings");
   }
 
   var tier = (d.reasoningTier == null) ? "standard" : d.reasoningTier;
   if (REASONING_TIERS.indexOf(tier) === -1) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.reasoningTier must be one of " + REASONING_TIERS.join(" / "));
   }
 
@@ -140,7 +140,7 @@ function _normalizeDescriptor(modelId, d) {
   var costIn = (d.costPer1kInputTokens == null) ? 0 : d.costPer1kInputTokens;
   var costOut = (d.costPer1kOutputTokens == null) ? 0 : d.costPer1kOutputTokens;
   if (!_isNonNegFinite(cachingMax) || !_isNonNegFinite(costIn) || !_isNonNegFinite(costOut)) {
-    throw new AiCapabilityError("aiCapability/bad-descriptor",
+    throw new AiCapabilityError("ai-capability/bad-descriptor",
       "ai.capability: '" + modelId + "'.promptCachingMaxTokens / costPer1kInputTokens / " +
       "costPer1kOutputTokens must be non-negative finite numbers");
   }
@@ -224,12 +224,12 @@ function create(opts) {
   validateOpts(opts, ["models", "audit"], "ai.capability.create");
 
   if (!opts.models || typeof opts.models !== "object" || Array.isArray(opts.models)) {
-    throw new AiCapabilityError("aiCapability/bad-models",
+    throw new AiCapabilityError("ai-capability/bad-models",
       "ai.capability.create: models must be a plain object { modelId: descriptor }");
   }
   var ids = Object.keys(opts.models);
   if (ids.length === 0) {
-    throw new AiCapabilityError("aiCapability/bad-models",
+    throw new AiCapabilityError("ai-capability/bad-models",
       "ai.capability.create: models must declare at least one model");
   }
 
@@ -249,7 +249,7 @@ function create(opts) {
   function describe(modelId) {
     var d = registry.get(modelId);
     if (!d) {
-      throw new AiCapabilityError("aiCapability/unknown-model",
+      throw new AiCapabilityError("ai-capability/unknown-model",
         "ai.capability.describe: unknown model '" + modelId + "'");
     }
     return d;
@@ -261,7 +261,7 @@ function create(opts) {
 
   function register(modelId, descriptor) {
     validateOpts.requireNonEmptyString(modelId,
-      "ai.capability.register: modelId", AiCapabilityError, "aiCapability/bad-model");
+      "ai.capability.register: modelId", AiCapabilityError, "ai-capability/bad-model");
     registry.set(modelId, _normalizeDescriptor(modelId, descriptor));
     return registry.get(modelId);
   }
@@ -323,21 +323,21 @@ function create(opts) {
   function _validateRequirements(requirements) {
     if (requirements == null) return {};
     if (typeof requirements !== "object" || Array.isArray(requirements)) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: requirements must be a plain object");
     }
     validateOpts(requirements, REQUIREMENT_KEYS, "ai.capability requirements");
     if (requirements.minReasoningTier != null &&
         REASONING_TIERS.indexOf(requirements.minReasoningTier) === -1) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: minReasoningTier must be one of " + REASONING_TIERS.join(" / "));
     }
     if (requirements.modalitiesIn != null && !_isStringArray(requirements.modalitiesIn)) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: requirements.modalitiesIn must be an array of non-empty strings");
     }
     if (requirements.modalitiesOut != null && !_isStringArray(requirements.modalitiesOut)) {
-      throw new AiCapabilityError("aiCapability/bad-requirements",
+      throw new AiCapabilityError("ai-capability/bad-requirements",
         "ai.capability: requirements.modalitiesOut must be an array of non-empty strings");
     }
     // Numeric minimums are compared with `<` against the descriptor; a
@@ -349,7 +349,7 @@ function create(opts) {
     for (var ni = 0; ni < numericMins.length; ni++) {
       var nk = numericMins[ni];
       if (requirements[nk] != null && !_isNonNegFinite(requirements[nk])) {
-        throw new AiCapabilityError("aiCapability/bad-requirements",
+        throw new AiCapabilityError("ai-capability/bad-requirements",
           "ai.capability: requirements." + nk + " must be a non-negative finite number");
       }
     }
@@ -360,7 +360,7 @@ function create(opts) {
     for (var bi = 0; bi < booleanReqs.length; bi++) {
       var bk = booleanReqs[bi];
       if (requirements[bk] != null && typeof requirements[bk] !== "boolean") {
-        throw new AiCapabilityError("aiCapability/bad-requirements",
+        throw new AiCapabilityError("ai-capability/bad-requirements",
           "ai.capability: requirements." + bk + " must be a boolean");
       }
     }
@@ -392,7 +392,7 @@ function create(opts) {
     var costBasis = null;
     if (routeOpts.costBasis != null) {
       if (typeof routeOpts.costBasis !== "object" || Array.isArray(routeOpts.costBasis)) {
-        throw new AiCapabilityError("aiCapability/bad-requirements",
+        throw new AiCapabilityError("ai-capability/bad-requirements",
           "ai.capability.route: costBasis must be a plain object { inputTokens, outputTokens }");
       }
       validateOpts(routeOpts.costBasis, ["inputTokens", "outputTokens"],
@@ -405,7 +405,7 @@ function create(opts) {
       for (var ci = 0; ci < cbFields.length; ci++) {
         var ck = cbFields[ci];
         if (routeOpts.costBasis[ck] != null && !_isNonNegFinite(routeOpts.costBasis[ck])) {
-          throw new AiCapabilityError("aiCapability/bad-requirements",
+          throw new AiCapabilityError("ai-capability/bad-requirements",
             "ai.capability.route: costBasis." + ck + " must be a non-negative finite number");
         }
       }
@@ -446,7 +446,7 @@ function create(opts) {
     if (routeOpts.fallback != null) {
       var fb = registry.get(routeOpts.fallback);
       if (!fb) {
-        throw new AiCapabilityError("aiCapability/unknown-model",
+        throw new AiCapabilityError("ai-capability/unknown-model",
           "ai.capability.route: fallback '" + routeOpts.fallback + "' is not a registered model");
       }
       _emitAudit("ai/capability-fallback", "allowed", {
@@ -461,7 +461,7 @@ function create(opts) {
     }
 
     _emitAudit("ai/capability-no-candidate", "denied", { requirements: requirements });
-    throw new AiCapabilityError("aiCapability/no-candidate",
+    throw new AiCapabilityError("ai-capability/no-candidate",
       "ai.capability.route: no registered model satisfies the requirements " +
       "and no fallback was supplied");
   }

package/lib/ai-content-detect.js

@@ -30,9 +30,10 @@
  *   IPTC `digitalSourceType` PhotoMetadata reading is forward-watch —
  *   the framework ships no XMP / EXIF parser yet, so operators that
  *   want IPTC detection pre-parse with their tool of choice and pass
- *   the field via `opts.ipmd`. AB-853 names C2PA as "widely adopted";
- *   IPTC PhotoMetadata reader lands in v0.10.9 once a vendoring
- *   decision is made.
+ *   the field via `opts.ipmd`. AB-853 names C2PA as "widely adopted".
+ *   A built-in IPTC PhotoMetadata reader is deferred pending a vendoring
+ *   decision for an XMP/EXIF parser; the `opts.ipmd` escape hatch covers
+ *   the gap until then.
  *
  * @card
  *   Inbound provenance detector — composes C2PA verify + CAC implicit-label parser + operator-supplied IPTC field, returns a normalized report for AB-853 / EU AI Act Art. 50 / CAC disclosure UIs.

package/lib/ai-dp.js

@@ -102,7 +102,7 @@ function _frGt(a, b)  { return a.num * b.den >  b.num * a.den; }       // a >  b
 // Uniform BigInt in [0, m) via rejection sampling on CSPRNG bytes —
 // no modulo bias.
 function _uniformBelow(m) {
-  if (m <= 0n) throw new AiDpError("aiDp/internal", "ai.dp: _uniformBelow needs m > 0");
+  if (m <= 0n) throw new AiDpError("ai-dp/internal", "ai.dp: _uniformBelow needs m > 0");
   if (m === 1n) return 0n;
   var bits = m.toString(2).length;
   var bytes = Math.ceil(bits / 8);                        // allow:raw-byte-literal — bits-per-byte divisor, not a size
@@ -296,23 +296,23 @@ function mechanism(opts) {
   validateOpts(opts, ["type", "sensitivity", "epsilon", "delta", "bound"], "ai.dp.mechanism");
 
   if (MECHANISMS.indexOf(opts.type) === -1) {
-    throw new AiDpError("aiDp/bad-mechanism",
+    throw new AiDpError("ai-dp/bad-mechanism",
       "ai.dp.mechanism: type must be one of " + MECHANISMS.join(" / ") +
       " (exponential / sparse-vector are deferred — their float-safe constructions " +
       "re-open on demand)");
   }
   if (typeof opts.sensitivity !== "number" || !isFinite(opts.sensitivity) || opts.sensitivity <= 0) {
-    throw new AiDpError("aiDp/bad-sensitivity",
+    throw new AiDpError("ai-dp/bad-sensitivity",
       "ai.dp.mechanism: sensitivity must be a positive finite number");
   }
   if (typeof opts.epsilon !== "number" || !isFinite(opts.epsilon) || opts.epsilon <= 0) {
-    throw new AiDpError("aiDp/bad-epsilon",
+    throw new AiDpError("ai-dp/bad-epsilon",
       "ai.dp.mechanism: epsilon must be a positive finite number");
   }
 
   if (opts.type === "laplace") {
     if (typeof opts.bound !== "number" || !isFinite(opts.bound) || opts.bound <= 0) {
-      throw new AiDpError("aiDp/bad-bound",
+      throw new AiDpError("ai-dp/bad-bound",
         "ai.dp.mechanism: laplace requires bound > 0 (the snapping clamp; the " +
         "privacy guarantee depends on it)");
     }
@@ -325,11 +325,11 @@ function mechanism(opts) {
 
   // gaussian
   if (typeof opts.delta !== "number" || !isFinite(opts.delta) || opts.delta <= 0 || opts.delta >= 1) {
-    throw new AiDpError("aiDp/bad-delta",
+    throw new AiDpError("ai-dp/bad-delta",
       "ai.dp.mechanism: gaussian requires 0 < delta < 1");
   }
   if (opts.epsilon > 1) {
-    throw new AiDpError("aiDp/epsilon-too-large",
+    throw new AiDpError("ai-dp/epsilon-too-large",
       "ai.dp.mechanism: the classic Gaussian calibration is proven for epsilon <= 1; " +
       "split into multiple releases under an rdp budget, or the analytic Gaussian " +
       "mechanism (Balle-Wang 2018) re-opens this path on demand");
@@ -346,7 +346,7 @@ function mechanism(opts) {
 // budget wraps this).
 function _applyMechanism(m, value) {
   if (typeof value !== "number" || !isFinite(value)) {
-    throw new AiDpError("aiDp/bad-value", "ai.dp: value must be a finite number");
+    throw new AiDpError("ai-dp/bad-value", "ai.dp: value must be a finite number");
   }
   if (m.type === "laplace") {
     return _snappingLaplace(value, m.scale, m.bound);
@@ -403,22 +403,22 @@ function budget(opts) {
   validateOpts(opts, ["scope", "epsilon", "delta", "accounting", "audit"], "ai.dp.budget");
 
   validateOpts.requireNonEmptyString(opts.scope,
-    "ai.dp.budget: scope", AiDpError, "aiDp/bad-scope");
+    "ai.dp.budget: scope", AiDpError, "ai-dp/bad-scope");
   if (typeof opts.epsilon !== "number" || !isFinite(opts.epsilon) || opts.epsilon <= 0) {
-    throw new AiDpError("aiDp/bad-epsilon", "ai.dp.budget: epsilon must be a positive finite number");
+    throw new AiDpError("ai-dp/bad-epsilon", "ai.dp.budget: epsilon must be a positive finite number");
   }
   var totalEpsilon = opts.epsilon;
   var totalDelta = (opts.delta == null) ? 0 : opts.delta;
   if (typeof totalDelta !== "number" || !isFinite(totalDelta) || totalDelta < 0 || totalDelta >= 1) {
-    throw new AiDpError("aiDp/bad-delta", "ai.dp.budget: delta must be in [0, 1)");
+    throw new AiDpError("ai-dp/bad-delta", "ai.dp.budget: delta must be in [0, 1)");
   }
   var accounting = (opts.accounting == null) ? "basic" : opts.accounting;
   if (ACCOUNTINGS.indexOf(accounting) === -1) {
-    throw new AiDpError("aiDp/bad-accounting",
+    throw new AiDpError("ai-dp/bad-accounting",
       "ai.dp.budget: accounting must be one of " + ACCOUNTINGS.join(" / "));
   }
   if (accounting === "rdp" && totalDelta <= 0) {
-    throw new AiDpError("aiDp/bad-accounting",
+    throw new AiDpError("ai-dp/bad-accounting",
       "ai.dp.budget: rdp accounting requires delta > 0 (the RDP→(ε,δ) conversion is " +
       "undefined at delta = 0; use basic accounting for pure-ε budgets)");
   }
@@ -457,11 +457,11 @@ function budget(opts) {
 
   function consume(m, value) {
     if (!m || typeof m !== "object" || MECHANISMS.indexOf(m.type) === -1) {
-      throw new AiDpError("aiDp/bad-mechanism",
+      throw new AiDpError("ai-dp/bad-mechanism",
         "ai.dp.budget.consume: first argument must be a b.ai.dp.mechanism");
     }
     if (m.type === "gaussian" && totalDelta <= 0) {
-      throw new AiDpError("aiDp/bad-delta",
+      throw new AiDpError("ai-dp/bad-delta",
         "ai.dp.budget.consume: a gaussian mechanism needs a scope delta > 0");
     }
 
@@ -475,7 +475,7 @@ function budget(opts) {
           requestEpsilon: m.epsilon, requestDelta: m.delta,
           spentEpsilon: spentEpsilon, totalEpsilon: totalEpsilon,
         });
-        throw new AiDpError("aiDp/budget-exhausted",
+        throw new AiDpError("ai-dp/budget-exhausted",
           "ai.dp.budget.consume: scope '" + scope + "' would spend ε=" +
           (spentEpsilon + m.epsilon) + "/" + totalEpsilon + ", δ=" +
           (spentDelta + m.delta) + "/" + totalDelta + "; refused");
@@ -489,7 +489,7 @@ function budget(opts) {
           scope: scope, accounting: accounting, mechanism: m.type,
           projectedEpsilon: trialEps, totalEpsilon: totalEpsilon,
         });
-        throw new AiDpError("aiDp/budget-exhausted",
+        throw new AiDpError("ai-dp/budget-exhausted",
           "ai.dp.budget.consume: scope '" + scope + "' would reach ε=" +
           trialEps.toFixed(4) + " of " + totalEpsilon + " at δ=" + totalDelta + "; refused");
       }

package/lib/ai-input.js

@@ -104,12 +104,12 @@ function classify(input, opts) {
   var auditOn = opts.audit !== false;
 
   if (typeof input !== "string") {
-    throw errorClass.factory("BAD_INPUT",
+    throw errorClass.factory("ai-input/bad-input",
       "aiInput.classify: input must be a string");
   }
   var byteLen = Buffer.byteLength(input, "utf8");
   if (byteLen > maxBytes) {
-    throw errorClass.factory("INPUT_TOO_LARGE",
+    throw errorClass.factory("ai-input/input-too-large",
       "aiInput.classify: input exceeds " + maxBytes + " bytes (got " + byteLen + ")");
   }
 
@@ -187,7 +187,7 @@ function refuseIfMalicious(input, opts) {
   var errorClass = opts.errorClass || AiInputError;
   var result = classify(input, opts);
   if (result.verdict === "malicious") {
-    throw errorClass.factory("MALICIOUS_INPUT",
+    throw errorClass.factory("ai-input/malicious-input",
       "aiInput: input flagged as malicious (signals: " +
       result.signals.map(function (s) { return s.id; }).join(", ") + ")");
   }

package/lib/ai-pref.js

@@ -38,25 +38,25 @@ var SNIPPET_VALUES = ["allow", "deny"];
 
 function _validate(opts) {
   if (!opts || typeof opts !== "object") {
-    throw AiPrefError.factory("BAD_OPTS",
+    throw AiPrefError.factory("ai-pref/bad-opts",
       "aiPref: opts required");
   }
   var train   = opts.train   || "deny";
   var infer   = opts.infer   || "allow";
   var snippet = opts.snippet || "allow";
   if (TRAIN_VALUES.indexOf(train) === -1) {
-    throw AiPrefError.factory("BAD_TRAIN", "aiPref: train must be one of " + TRAIN_VALUES.join(", "));
+    throw AiPrefError.factory("ai-pref/bad-train", "aiPref: train must be one of " + TRAIN_VALUES.join(", "));
   }
   if (INFER_VALUES.indexOf(infer) === -1) {
-    throw AiPrefError.factory("BAD_INFER", "aiPref: infer must be one of " + INFER_VALUES.join(", "));
+    throw AiPrefError.factory("ai-pref/bad-infer", "aiPref: infer must be one of " + INFER_VALUES.join(", "));
   }
   if (SNIPPET_VALUES.indexOf(snippet) === -1) {
-    throw AiPrefError.factory("BAD_SNIPPET", "aiPref: snippet must be one of " + SNIPPET_VALUES.join(", "));
+    throw AiPrefError.factory("ai-pref/bad-snippet", "aiPref: snippet must be one of " + SNIPPET_VALUES.join(", "));
   }
   if ((train === "paid" || infer === "paid") &&
       (!opts.price || typeof opts.price.amountUsd !== "number" ||
        !isFinite(opts.price.amountUsd) || opts.price.amountUsd <= 0)) {
-    throw AiPrefError.factory("BAD_PRICE",
+    throw AiPrefError.factory("ai-pref/bad-price",
       "aiPref: price.amountUsd (positive finite number) required when train or infer is 'paid'");
   }
   return { train: train, infer: infer, snippet: snippet, price: opts.price || null };
@@ -140,10 +140,10 @@ function serializeHeader(opts) {
  */
 function parseHeader(value) {
   if (typeof value !== "string" || value.length === 0) {
-    throw AiPrefError.factory("BAD_HEADER", "aiPref.parseHeader: value required");
+    throw AiPrefError.factory("ai-pref/bad-header", "aiPref.parseHeader: value required");
   }
   if (value.length > 1024) {                                                                   // allow:raw-byte-literal — header value cap, not bytes
-    throw AiPrefError.factory("HEADER_TOO_LARGE",
+    throw AiPrefError.factory("ai-pref/header-too-large",
       "aiPref.parseHeader: value exceeds 1024 chars");
   }
   structuredFields.refuseControlBytes(value, {
@@ -206,7 +206,7 @@ function robotsBlock(opts) {
   var v = _validate(opts);
   var ua = opts.userAgent || "*";
   if (typeof ua !== "string" || ua.length === 0 || ua.length > 256) {                          // allow:raw-byte-literal — UA-string cap, not bytes
-    throw AiPrefError.factory("BAD_USER_AGENT",
+    throw AiPrefError.factory("ai-pref/bad-user-agent",
       "aiPref.robotsBlock: userAgent must be 1-256 char string (or omit for *)");
   }
   return "User-agent: " + ua + "\n" +
@@ -298,7 +298,7 @@ function middleware(opts) {
  */
 function refusePaidCrawl(req, res, opts) {
   if (!opts || !opts.price || typeof opts.price.amountUsd !== "number") {
-    throw AiPrefError.factory("BAD_PRICE",
+    throw AiPrefError.factory("ai-pref/bad-price",
       "aiPref.refusePaidCrawl: opts.price.amountUsd required");
   }
   var body = JSON.stringify({

package/lib/ai-quota.js

@@ -257,20 +257,20 @@ function create(opts) {
 
   var dimension = opts.dimension;
   if (DIMENSIONS.indexOf(dimension) === -1) {
-    throw new AiQuotaError("aiQuota/bad-dimension",
+    throw new AiQuotaError("ai-quota/bad-dimension",
       "ai.quota.create: dimension must be one of " + DIMENSIONS.join(" / ") +
       " (got " + JSON.stringify(dimension) + ")");
   }
 
   var period = opts.period;
   if (PERIODS.indexOf(period) === -1) {
-    throw new AiQuotaError("aiQuota/bad-period",
+    throw new AiQuotaError("ai-quota/bad-period",
       "ai.quota.create: period must be one of " + PERIODS.join(" / ") +
       " (got " + JSON.stringify(period) + ")");
   }
 
   if (typeof opts.limit !== "number" || !isFinite(opts.limit) || opts.limit <= 0) {
-    throw new AiQuotaError("aiQuota/bad-limit",
+    throw new AiQuotaError("ai-quota/bad-limit",
       "ai.quota.create: limit must be a positive finite number");
   }
   var defaultLimit = opts.limit;
@@ -281,7 +281,7 @@ function create(opts) {
 
   var enforcement = (opts.enforcement == null) ? "hard" : opts.enforcement;
   if (ENFORCEMENTS.indexOf(enforcement) === -1) {
-    throw new AiQuotaError("aiQuota/bad-enforcement",
+    throw new AiQuotaError("ai-quota/bad-enforcement",
       "ai.quota.create: enforcement must be one of " + ENFORCEMENTS.join(" / ") +
       " (got " + JSON.stringify(enforcement) + ")");
   }
@@ -353,11 +353,11 @@ function create(opts) {
 
   function consume(tenantId, model, amount, consumeOpts) {
     validateOpts.requireNonEmptyString(tenantId,
-      "ai.quota.consume: tenantId", AiQuotaError, "aiQuota/bad-tenant");
+      "ai.quota.consume: tenantId", AiQuotaError, "ai-quota/bad-tenant");
     validateOpts.requireNonEmptyString(model,
-      "ai.quota.consume: model", AiQuotaError, "aiQuota/bad-model");
+      "ai.quota.consume: model", AiQuotaError, "ai-quota/bad-model");
     if (typeof amount !== "number" || !isFinite(amount) || amount < 0) {
-      throw new AiQuotaError("aiQuota/bad-amount",
+      throw new AiQuotaError("ai-quota/bad-amount",
         "ai.quota.consume: amount must be a non-negative finite number");
     }
     consumeOpts = consumeOpts || {};
@@ -366,7 +366,7 @@ function create(opts) {
     // enforcer; still validated against the allowlist.
     var mode = (consumeOpts.enforcement == null) ? enforcement : consumeOpts.enforcement;
     if (ENFORCEMENTS.indexOf(mode) === -1) {
-      throw new AiQuotaError("aiQuota/bad-enforcement",
+      throw new AiQuotaError("ai-quota/bad-enforcement",
         "ai.quota.consume: enforcement override must be one of " + ENFORCEMENTS.join(" / "));
     }
 
@@ -401,7 +401,7 @@ function create(opts) {
         enforcement: mode, nodeId: _nodeId(),
       });
       _emitMetric("ai.quota.exceeded", 1);
-      throw new AiQuotaError("aiQuota/exceeded",
+      throw new AiQuotaError("ai-quota/exceeded",
         "ai.quota.consume: tenant '" + tenantId + "' model '" + model +
         "' is at " + rv.used + " of " + limit + " " + dimension +
         " this " + period + "; consuming " + amount + " would exceed the budget — call refused");
@@ -432,9 +432,9 @@ function create(opts) {
 
   function check(tenantId, model) {
     validateOpts.requireNonEmptyString(tenantId,
-      "ai.quota.check: tenantId", AiQuotaError, "aiQuota/bad-tenant");
+      "ai.quota.check: tenantId", AiQuotaError, "ai-quota/bad-tenant");
     validateOpts.requireNonEmptyString(model,
-      "ai.quota.check: model", AiQuotaError, "aiQuota/bad-model");
+      "ai.quota.check: model", AiQuotaError, "ai-quota/bad-model");
     var now = Date.now();
     var windowStart = _windowStartFor(period, now);
     var resetsAt = _resetsAtFor(period, windowStart);
@@ -454,10 +454,10 @@ function create(opts) {
       return;
     }
     validateOpts.requireNonEmptyString(tenantId,
-      "ai.quota.reset: tenantId", AiQuotaError, "aiQuota/bad-tenant");
+      "ai.quota.reset: tenantId", AiQuotaError, "ai-quota/bad-tenant");
     if (model !== undefined) {
       validateOpts.requireNonEmptyString(model,
-        "ai.quota.reset: model", AiQuotaError, "aiQuota/bad-model");
+        "ai.quota.reset: model", AiQuotaError, "ai-quota/bad-model");
       store.reset(_keyFor(tenantId, model, windowStart));
       return;
     }
@@ -470,7 +470,7 @@ function create(opts) {
       for (var i = 0; i < keys.length; i++) store.reset(keys[i]);
       return;
     }
-    throw new AiQuotaError("aiQuota/reset-unsupported",
+    throw new AiQuotaError("ai-quota/reset-unsupported",
       "ai.quota.reset: tenant-wide reset with an external store requires " +
       "an explicit model argument (per-key) or a store-side prefix delete");
   }
@@ -491,14 +491,14 @@ function create(opts) {
 function _validateLimitMap(map, label) {
   if (map == null) return {};
   if (typeof map !== "object" || Array.isArray(map)) {
-    throw new AiQuotaError("aiQuota/bad-override",
+    throw new AiQuotaError("ai-quota/bad-override",
       "ai.quota.create: " + label + " must be a plain object { key: limit }");
   }
   var keys = Object.keys(map);
   for (var i = 0; i < keys.length; i++) {
     var v = map[keys[i]];
     if (typeof v !== "number" || !isFinite(v) || v <= 0) {
-      throw new AiQuotaError("aiQuota/bad-override",
+      throw new AiQuotaError("ai-quota/bad-override",
         "ai.quota.create: " + label + "['" + keys[i] +
         "'] must be a positive finite number");
     }
@@ -512,7 +512,7 @@ function _validateStore(store) {
       typeof store.add !== "function" ||
       typeof store.get !== "function" ||
       typeof store.reset !== "function") {
-    throw new AiQuotaError("aiQuota/bad-store",
+    throw new AiQuotaError("ai-quota/bad-store",
       "ai.quota.create: store must expose reserve / add / get / reset functions");
   }
 }