@blamejs/core 0.8.8 → 0.8.10

package/lib/gdpr-ropa.js

@@ -0,0 +1,261 @@
+"use strict";
+/**
+ * b.gdpr.ropa — GDPR Article 30 Records of Processing Activities.
+ *
+ * Article 30 §1 (controller) + §2 (processor) require a written
+ * record of processing activities. The framework's existing audit
+ * chain captures *what happened* on each request; the RoPA captures
+ * *what processing the operator does in general* — purposes, data
+ * categories, retention periods, recipients, transfers outside the
+ * EEA, security measures.
+ *
+ * The primitive is a registry + exporter:
+ *   - register(activity)          — add a processing-activity record
+ *   - update(id, patch)           — modify an existing record
+ *   - remove(id)                  — soft-delete (operator audit trail)
+ *   - export({ format })          — emit RoPA as JSON / CSV / Markdown
+ *
+ *   var ropa = b.gdpr.ropa.create({
+ *     audit:        b.audit,
+ *     controller:   { name: "Acme Co", contact: "dpo@acme.example" },
+ *   });
+ *   ropa.register({
+ *     id:                  "sales-funnel-tracking",
+ *     name:                "Sales-funnel CRM tracking",
+ *     purposes:            ["lead-tracking", "sales-attribution"],
+ *     legalBasis:          "legitimate-interests",
+ *     dataCategories:      ["contact-info", "engagement-history"],
+ *     dataSubjectCategories: ["prospects", "customers"],
+ *     recipients:          ["analytics-vendor", "sales-team"],
+ *     thirdCountryTransfers: [{ country: "US", safeguard: "scc-2021" }],
+ *     retentionPeriod:     "5 years post-relationship",
+ *     securityMeasures:    ["encrypted-at-rest", "tls-13", "access-control"],
+ *   });
+ *   var json = ropa.export({ format: "json" });
+ */
+
+var defineClass = require("./framework-error").defineClass;
+var lazyRequire = require("./lazy-require");
+var validateOpts = require("./validate-opts");
+
+var audit = lazyRequire(function () { return require("./audit"); });
+
+var GdprRopaError = defineClass("GdprRopaError", { alwaysPermanent: true });
+
+var REQUIRED_ACTIVITY_FIELDS = Object.freeze([
+  "id", "name", "purposes", "legalBasis", "dataCategories",
+]);
+
+var VALID_LEGAL_BASES = Object.freeze({
+  "consent":               1,                                                            // Art 6(1)(a)
+  "contract":              1,                                                            // Art 6(1)(b)
+  "legal-obligation":      1,                                                            // Art 6(1)(c)
+  "vital-interests":       1,                                                            // Art 6(1)(d)
+  "public-task":           1,                                                            // Art 6(1)(e)
+  "legitimate-interests":  1,                                                            // Art 6(1)(f)
+});
+
+function create(opts) {
+  opts = opts || {};
+  validateOpts(opts, [
+    "audit", "controller", "dpo", "supervisoryAuthority", "now",
+  ], "gdpr.ropa");
+
+  if (!opts.controller || typeof opts.controller !== "object") {
+    throw new GdprRopaError("gdpr-ropa/bad-controller",
+      "gdpr.ropa.create: opts.controller is required (Article 30 §1(a) requires controller name + contact)");
+  }
+  var controller = opts.controller;
+  var dpo = opts.dpo || null;
+  var supervisoryAuthority = opts.supervisoryAuthority || null;
+  var auditOn = opts.audit !== false;
+  var now = typeof opts.now === "function" ? opts.now : function () { return Date.now(); };
+
+  var activities = new Map();
+
+  function _emitAudit(action, outcome, metadata) {
+    if (!auditOn) return;
+    try {
+      audit().safeEmit({
+        action:   "gdpr.ropa." + action,
+        outcome:  outcome,
+        metadata: metadata || {},
+      });
+    } catch (_e) { /* drop-silent */ }
+  }
+
+  function _validateActivity(activity, op) {
+    if (!activity || typeof activity !== "object") {
+      throw new GdprRopaError("gdpr-ropa/bad-activity",
+        "gdpr.ropa." + op + ": activity must be an object");
+    }
+    for (var i = 0; i < REQUIRED_ACTIVITY_FIELDS.length; i++) {
+      var f = REQUIRED_ACTIVITY_FIELDS[i];
+      if (activity[f] === undefined) {
+        throw new GdprRopaError("gdpr-ropa/missing-field",
+          "gdpr.ropa." + op + ": activity is missing required field '" + f + "' (per Article 30 §1)");
+      }
+    }
+    if (typeof activity.id !== "string" || activity.id.length === 0) {
+      throw new GdprRopaError("gdpr-ropa/bad-id",
+        "gdpr.ropa." + op + ": activity.id must be a non-empty string");
+    }
+    if (!VALID_LEGAL_BASES[activity.legalBasis]) {
+      throw new GdprRopaError("gdpr-ropa/bad-legal-basis",
+        "gdpr.ropa." + op + ": activity.legalBasis must be one of " + Object.keys(VALID_LEGAL_BASES).join(", "));
+    }
+  }
+
+  function register(activity) {
+    _validateActivity(activity, "register");
+    if (activities.has(activity.id)) {
+      throw new GdprRopaError("gdpr-ropa/duplicate-id",
+        "gdpr.ropa.register: activity '" + activity.id + "' already registered");
+    }
+    var rec = Object.assign({}, activity, {
+      registeredAt: now(),
+      lastUpdatedAt: now(),
+    });
+    activities.set(activity.id, rec);
+    _emitAudit("registered", "success", { id: activity.id, purposes: activity.purposes });
+    return rec;
+  }
+
+  function update(id, patch) {
+    var existing = activities.get(id);
+    if (!existing) {
+      throw new GdprRopaError("gdpr-ropa/not-found",
+        "gdpr.ropa.update: no activity with id '" + id + "'");
+    }
+    if (!patch || typeof patch !== "object") {
+      throw new GdprRopaError("gdpr-ropa/bad-patch",
+        "gdpr.ropa.update: patch must be an object");
+    }
+    var merged = Object.assign({}, existing, patch, {
+      id: id,                                                                            // id is immutable on update
+      registeredAt: existing.registeredAt,
+      lastUpdatedAt: now(),
+    });
+    if (patch.legalBasis && !VALID_LEGAL_BASES[merged.legalBasis]) {
+      throw new GdprRopaError("gdpr-ropa/bad-legal-basis",
+        "gdpr.ropa.update: legalBasis must be one of " + Object.keys(VALID_LEGAL_BASES).join(", "));
+    }
+    activities.set(id, merged);
+    _emitAudit("updated", "success", { id: id, fields: Object.keys(patch) });
+    return merged;
+  }
+
+  function remove(id, info) {
+    var existing = activities.get(id);
+    if (!existing) {
+      throw new GdprRopaError("gdpr-ropa/not-found",
+        "gdpr.ropa.remove: no activity with id '" + id + "'");
+    }
+    activities.delete(id);
+    _emitAudit("removed", "success", {
+      id: id,
+      reason: (info && info.reason) || null,
+      actor:  (info && info.actor) || null,
+    });
+    return { removed: true, id: id };
+  }
+
+  function get(id) { return activities.get(id) || null; }
+  function list() {
+    var out = [];
+    activities.forEach(function (rec) { out.push(rec); });
+    return out;
+  }
+
+  // Operator-facing exporter — JSON for API integrations / SCC, CSV
+  // for spreadsheet handoff to legal, Markdown for human-readable
+  // operator documentation. Each shape carries the same fields per
+  // Article 30 §1(a-h) / §2(a-d).
+  function _exportJson() {
+    return {
+      controller:           controller,
+      dpo:                  dpo,
+      supervisoryAuthority: supervisoryAuthority,
+      generatedAt:          new Date(now()).toISOString(),
+      article:              "30",
+      regulation:           "(EU) 2016/679 (GDPR)",
+      activities:           list(),
+    };
+  }
+  function _exportCsv() {
+    var headers = [
+      "id", "name", "purposes", "legalBasis", "dataCategories",
+      "dataSubjectCategories", "recipients", "thirdCountryTransfers",
+      "retentionPeriod", "securityMeasures",
+    ];
+    var rows = [headers.join(",")];
+    var entries = list();
+    for (var i = 0; i < entries.length; i++) {
+      var e = entries[i];
+      var row = headers.map(function (h) {
+        var v = e[h];
+        if (v === undefined || v === null) return "";
+        if (Array.isArray(v)) return JSON.stringify(v).replace(/"/g, "\"\"");
+        return String(v).replace(/"/g, "\"\"");
+      });
+      rows.push(row.map(function (c) { return '"' + c + '"'; }).join(","));
+    }
+    return rows.join("\n");
+  }
+  function _exportMarkdown() {
+    var entries = list();
+    var md = "# GDPR Article 30 Records of Processing Activities\n\n";
+    md += "Generated: " + new Date(now()).toISOString() + "\n\n";
+    md += "Controller: " + (controller.name || "(unspecified)") + "\n";
+    md += "Contact: " + (controller.contact || "(unspecified)") + "\n\n";
+    if (dpo) md += "DPO: " + (dpo.name || "(unspecified)") + " (" + (dpo.contact || "") + ")\n\n";
+    md += "## Activities (" + entries.length + ")\n\n";
+    for (var i = 0; i < entries.length; i++) {
+      var e = entries[i];
+      md += "### " + (e.name || e.id) + " (`" + e.id + "`)\n\n";
+      md += "- Purposes: " + (e.purposes || []).join(", ") + "\n";
+      md += "- Legal basis: " + e.legalBasis + "\n";
+      md += "- Data categories: " + (e.dataCategories || []).join(", ") + "\n";
+      if (e.dataSubjectCategories) md += "- Data subjects: " + e.dataSubjectCategories.join(", ") + "\n";
+      if (e.recipients) md += "- Recipients: " + e.recipients.join(", ") + "\n";
+      if (e.retentionPeriod) md += "- Retention: " + e.retentionPeriod + "\n";
+      if (e.securityMeasures) md += "- Security: " + e.securityMeasures.join(", ") + "\n";
+      if (e.thirdCountryTransfers && e.thirdCountryTransfers.length > 0) {
+        md += "- Third-country transfers:\n";
+        for (var ti = 0; ti < e.thirdCountryTransfers.length; ti++) {
+          var t = e.thirdCountryTransfers[ti];
+          md += "  - " + t.country + " (safeguard: " + (t.safeguard || "n/a") + ")\n";
+        }
+      }
+      md += "\n";
+    }
+    return md;
+  }
+  function exportRopa(eopts) {
+    eopts = eopts || {};
+    var format = (eopts.format || "json").toLowerCase();
+    _emitAudit("exported", "success", { format: format, count: activities.size });
+    if (format === "csv")      return _exportCsv();
+    if (format === "markdown") return _exportMarkdown();
+    if (format === "json")     return _exportJson();
+    throw new GdprRopaError("gdpr-ropa/bad-format",
+      "gdpr.ropa.export: format must be 'json' / 'csv' / 'markdown'");
+  }
+
+  return {
+    register: register,
+    update:   update,
+    remove:   remove,
+    get:      get,
+    list:     list,
+    "export": exportRopa,                                                                // explicit string-key — `export` is reserved
+    VALID_LEGAL_BASES: Object.keys(VALID_LEGAL_BASES),
+  };
+}
+
+module.exports = {
+  create:                  create,
+  GdprRopaError:           GdprRopaError,
+  VALID_LEGAL_BASES:       Object.keys(VALID_LEGAL_BASES),
+  REQUIRED_ACTIVITY_FIELDS: REQUIRED_ACTIVITY_FIELDS,
+};

package/lib/incident-report.js

@@ -0,0 +1,314 @@
+"use strict";
+/**
+ * b.incident.report — generic 3-stage incident-reporting primitive.
+ *
+ * The three stages mirror the deadline pattern that recurs across
+ * regulatory regimes (GDPR Article 33 / NIS2 Article 23 / DORA
+ * Article 19 / CRA Article 14 / HIPAA Breach Notification Rule):
+ *
+ *   1. Initial / early-warning notification — within 24 hours of
+ *      detection. Operators report what they know: scope, suspected
+ *      cause, immediate-mitigation plan.
+ *   2. Intermediate / status update — within 72 hours of detection.
+ *      Updated impact assessment, root-cause analysis progress,
+ *      operator's response posture.
+ *   3. Final report — within 30 days of detection (or per-regime
+ *      deadline). Full incident narrative, affected-data-subject
+ *      count, remediation, lessons learned.
+ *
+ *   var ir = b.incident.report.create({
+ *     audit:    b.audit,
+ *     persist:  async function (record) { await db.run("INSERT ..."); },
+ *     onStage:  function (event) {
+ *       // event = { incidentId, stage: "initial"|"intermediate"|"final",
+ *       //           dueBy, regime, fields }
+ *     },
+ *     deadlines: {                                  // operator-overridable per regime
+ *       initial:      C.TIME.hours(24),
+ *       intermediate: C.TIME.hours(72),
+ *       final:        C.TIME.days(30),
+ *     },
+ *   });
+ *   var incident = await ir.open({
+ *     regime:       "gdpr",                         // identifies the regulatory regime
+ *     detectedAt:   Date.now(),
+ *     scope:        "data-confidentiality-breach",
+ *     summary:      "...",
+ *     impact:       { dataSubjects: 1200, categories: ["pii", "phi"] },
+ *   });
+ *   await ir.recordInitial(incident.id, { ... });
+ *   await ir.recordIntermediate(incident.id, { ... });
+ *   await ir.recordFinal(incident.id, { ... });
+ *
+ * Each stage records a tamper-evident audit event with the regime,
+ * incident ID, stage, due-by timestamp, and operator-supplied
+ * payload. The `persist` hook writes to the operator's incident
+ * registry (DB / SIEM / SOAR system); audits give regulator-friendly
+ * proof-of-process when the primitive is queried later.
+ *
+ * Late-stage detection (filing past the due-by) is recorded with a
+ * `lateBy` field on the audit metadata and `outcome: "late"`, so
+ * regulator audits can distinguish "filed on time" from "filed late
+ * but eventually". Refusing to record at all would lose the data;
+ * the framework's posture is "always record, always flag late".
+ */
+
+var C = require("./constants");
+var defineClass = require("./framework-error").defineClass;
+var lazyRequire = require("./lazy-require");
+var validateOpts = require("./validate-opts");
+
+var audit = lazyRequire(function () { return require("./audit"); });
+var observability = lazyRequire(function () { return require("./observability"); });
+
+var IncidentReportError = defineClass("IncidentReportError", { alwaysPermanent: true });
+
+var DEFAULT_DEADLINES = Object.freeze({
+  initial:      C.TIME.hours(24),
+  intermediate: C.TIME.hours(72),
+  final:        C.TIME.days(30),
+});
+
+var VALID_STAGES = Object.freeze({ initial: 1, intermediate: 1, final: 1 });
+
+// Regime defaults — operators select these via opts.regime so the
+// per-regime deadline shape is the framework default, not something
+// the operator has to redefine each time. Operators with mixed
+// regimes per incident pick the shortest deadline (the "first wall
+// to hit" rule). Per-regime overrides go on opts.deadlines and
+// override the regime defaults.
+var REGIME_DEADLINES = Object.freeze({
+  // GDPR Article 33 §1: notify within 72 hours of awareness.
+  // No formal "initial" stage — the framework adds an internal
+  // 24-hour initial-warning checkpoint as a practical posture.
+  gdpr: Object.freeze({
+    initial:      C.TIME.hours(24),
+    intermediate: C.TIME.hours(72),
+    final:        C.TIME.days(30),
+  }),
+  // NIS2 Directive Article 23 §4: early warning within 24h, full
+  // notification within 72h, final report within 1 month.
+  nis2: Object.freeze({
+    initial:      C.TIME.hours(24),
+    intermediate: C.TIME.hours(72),
+    final:        C.TIME.days(30),
+  }),
+  // DORA (EU Digital Operational Resilience Act) Article 19: initial
+  // within 4h of classification, intermediate within 24h, final
+  // within 1 month.
+  dora: Object.freeze({
+    initial:      C.TIME.hours(4),
+    intermediate: C.TIME.hours(24),
+    final:        C.TIME.days(30),
+  }),
+  // CRA (EU Cyber Resilience Act) Article 14: early warning within
+  // 24h, vulnerability/incident notification within 72h, final
+  // report within 14 days.
+  cra: Object.freeze({
+    initial:      C.TIME.hours(24),
+    intermediate: C.TIME.hours(72),
+    final:        C.TIME.days(14),
+  }),
+  // HIPAA Breach Notification Rule (45 CFR §164.404 etc.): notify
+  // affected individuals within 60 days; HHS within 60 days for
+  // breaches affecting 500+ individuals (annually otherwise). The
+  // initial / intermediate stages have no statutory deadline; we
+  // adopt the EU 24/72-hour internal checkpoints as good operator
+  // practice.
+  hipaa: Object.freeze({
+    initial:      C.TIME.hours(24),
+    intermediate: C.TIME.hours(72),
+    final:        C.TIME.days(60),
+  }),
+});
+
+function _resolveDeadlines(regime, override) {
+  var base = (regime && REGIME_DEADLINES[regime]) || DEFAULT_DEADLINES;
+  if (!override || typeof override !== "object") return base;
+  return Object.freeze({
+    initial:      typeof override.initial      === "number" ? override.initial      : base.initial,
+    intermediate: typeof override.intermediate === "number" ? override.intermediate : base.intermediate,
+    final:        typeof override.final        === "number" ? override.final        : base.final,
+  });
+}
+
+function create(opts) {
+  opts = opts || {};
+  validateOpts(opts, [
+    "audit", "persist", "onStage", "deadlines", "now",
+  ], "incident.report");
+
+  var auditOn = opts.audit !== false;
+  var persist = typeof opts.persist === "function" ? opts.persist : null;
+  var onStage = typeof opts.onStage === "function" ? opts.onStage : null;
+  var deadlinesOverride = opts.deadlines || null;
+  var now = typeof opts.now === "function" ? opts.now : function () { return Date.now(); };
+
+  // In-memory registry — operators wire `persist` for durable
+  // storage. The in-memory map is for unit tests + small operator
+  // deployments that don't yet wire a DB-backed registry.
+  var incidents = new Map();
+  var seq = 0;
+
+  function _emitAudit(action, outcome, metadata) {
+    if (!auditOn) return;
+    try {
+      audit().safeEmit({
+        action:   "incident.report." + action,
+        outcome:  outcome,
+        metadata: metadata || {},
+      });
+    } catch (_e) { /* drop-silent */ }
+  }
+  function _emitMetric(verb, n, labels) {
+    try { observability().safeEvent("incident.report." + verb, n || 1, labels || {}); }
+    catch (_e) { /* drop-silent */ }
+  }
+
+  function _genIncidentId(regime, detectedAt) {
+    seq += 1;
+    var ts = new Date(detectedAt).toISOString().replace(/[:.]/g, "-");
+    return "incident-" + (regime || "generic") + "-" + ts + "-" + seq;
+  }
+
+  async function open(spec) {
+    if (!spec || typeof spec !== "object") {
+      throw new IncidentReportError("incident-report/bad-spec",
+        "incident.report.open: spec must be an object with { regime, detectedAt, scope, summary, impact }");
+    }
+    if (typeof spec.regime !== "string" || spec.regime.length === 0) {
+      throw new IncidentReportError("incident-report/bad-regime",
+        "incident.report.open: spec.regime must be a non-empty string (gdpr / nis2 / dora / cra / hipaa or operator-defined)");
+    }
+    if (typeof spec.detectedAt !== "number" || !isFinite(spec.detectedAt)) {
+      throw new IncidentReportError("incident-report/bad-detected-at",
+        "incident.report.open: spec.detectedAt must be a finite Unix-ms timestamp");
+    }
+    var deadlines = _resolveDeadlines(spec.regime, deadlinesOverride);
+    var id = _genIncidentId(spec.regime, spec.detectedAt);
+    var record = {
+      id:           id,
+      regime:       spec.regime,
+      detectedAt:   spec.detectedAt,
+      scope:        spec.scope || null,
+      summary:      spec.summary || null,
+      impact:       spec.impact || null,
+      deadlines:    deadlines,
+      dueBy: {
+        initial:      spec.detectedAt + deadlines.initial,
+        intermediate: spec.detectedAt + deadlines.intermediate,
+        final:        spec.detectedAt + deadlines.final,
+      },
+      stages:       {},                                                                  // populated by recordInitial / recordIntermediate / recordFinal
+      openedAt:     now(),
+      closedAt:     null,
+    };
+    incidents.set(id, record);
+    _emitAudit("opened", "success", {
+      incidentId: id, regime: spec.regime, detectedAt: spec.detectedAt,
+      dueByInitial:      record.dueBy.initial,
+      dueByIntermediate: record.dueBy.intermediate,
+      dueByFinal:        record.dueBy.final,
+    });
+    _emitMetric("opened", 1, { regime: spec.regime });
+    if (persist) {
+      try { await persist(record); }
+      catch (e) { _emitAudit("persist_failed", "failure", { incidentId: id, error: (e && e.message) || String(e) }); }
+    }
+    return record;
+  }
+
+  async function _recordStage(incidentId, stage, payload) {
+    if (!VALID_STAGES[stage]) {
+      throw new IncidentReportError("incident-report/bad-stage",
+        "incident.report._recordStage: stage must be one of " + Object.keys(VALID_STAGES).join(", "));
+    }
+    var rec = incidents.get(incidentId);
+    if (!rec) {
+      throw new IncidentReportError("incident-report/unknown-incident",
+        "incident.report: no incident with id '" + incidentId + "'");
+    }
+    if (rec.stages[stage]) {
+      throw new IncidentReportError("incident-report/stage-already-filed",
+        "incident.report: incident '" + incidentId + "' already has a '" + stage + "' stage filing");
+    }
+    var nowMs = now();
+    var dueBy = rec.dueBy[stage];
+    var late = nowMs > dueBy;
+    var lateBy = late ? (nowMs - dueBy) : 0;
+    rec.stages[stage] = {
+      filedAt:  nowMs,
+      dueBy:    dueBy,
+      late:     late,
+      lateBy:   lateBy,
+      payload:  payload || {},
+    };
+    if (stage === "final") rec.closedAt = nowMs;
+
+    _emitAudit("stage_recorded", late ? "late" : "success", {
+      incidentId: incidentId, regime: rec.regime, stage: stage,
+      dueBy: dueBy, filedAt: nowMs, late: late, lateBy: lateBy,
+    });
+    _emitMetric("stage_recorded", 1, { regime: rec.regime, stage: stage, late: String(late) });
+    if (onStage) {
+      try { onStage({ incidentId: incidentId, stage: stage, dueBy: dueBy, late: late, regime: rec.regime, fields: payload }); }
+      catch (_e) { /* drop-silent — operator hook */ }
+    }
+    if (persist) {
+      try { await persist(rec); }
+      catch (e) { _emitAudit("persist_failed", "failure", { incidentId: incidentId, stage: stage, error: (e && e.message) || String(e) }); }
+    }
+    return rec;
+  }
+
+  function recordInitial(incidentId, payload)      { return _recordStage(incidentId, "initial",      payload); }
+  function recordIntermediate(incidentId, payload) { return _recordStage(incidentId, "intermediate", payload); }
+  function recordFinal(incidentId, payload)        { return _recordStage(incidentId, "final",        payload); }
+
+  function get(incidentId) { return incidents.get(incidentId) || null; }
+  function list() {
+    var out = [];
+    incidents.forEach(function (rec) { out.push(rec); });
+    return out;
+  }
+
+  // Operator-facing summary for dashboards / regulator-prep — counts
+  // open / late / closed across all tracked regimes.
+  function status() {
+    var nowMs = now();
+    var summary = {
+      total:  incidents.size,
+      open:   0,
+      closed: 0,
+      late:   { initial: 0, intermediate: 0, final: 0 },
+    };
+    incidents.forEach(function (rec) {
+      if (rec.closedAt) summary.closed += 1; else summary.open += 1;
+      ["initial", "intermediate", "final"].forEach(function (s) {
+        if (!rec.stages[s] && nowMs > rec.dueBy[s]) summary.late[s] += 1;
+        else if (rec.stages[s] && rec.stages[s].late) summary.late[s] += 1;
+      });
+    });
+    return summary;
+  }
+
+  return {
+    open:               open,
+    recordInitial:      recordInitial,
+    recordIntermediate: recordIntermediate,
+    recordFinal:        recordFinal,
+    get:                get,
+    list:               list,
+    status:             status,
+    REGIME_DEADLINES:   REGIME_DEADLINES,
+    DEFAULT_DEADLINES:  DEFAULT_DEADLINES,
+  };
+}
+
+module.exports = {
+  create:                create,
+  IncidentReportError:   IncidentReportError,
+  REGIME_DEADLINES:      REGIME_DEADLINES,
+  DEFAULT_DEADLINES:     DEFAULT_DEADLINES,
+  VALID_STAGES:          Object.keys(VALID_STAGES),
+};