@bryti/agent 0.0.1 → 0.1.0

package/dist/trust/store.d.ts

@@ -0,0 +1,118 @@
+/**
+ * Trust levels and runtime permissions.
+ *
+ * Three capability levels: Safe (local data the agent owns), Guarded
+ * (external content processed through worker isolation), and Elevated
+ * (direct external access: network, shell, unreviewed extensions).
+ *
+ * Elevated tools require explicit user approval on first use. Approvals
+ * are persisted to disk so they survive restarts.
+ */
+/**
+ * Capability levels, ordered from least to most privileged.
+ *
+ * - `safe`: local data the agent owns outright (core memory, SQLite, session
+ *   files). No user approval needed.
+ * - `guarded`: external content that arrives through the worker isolation
+ *   boundary. The worker runs in a separate session with scoped tools, so
+ *   untrusted content never reaches the main agent directly. No explicit
+ *   approval needed, but the boundary itself is the protection.
+ * - `elevated`: direct external access without isolation — network requests,
+ *   shell execution, unreviewed extension code. Requires explicit user approval
+ *   before the tool may run.
+ */
+export type CapabilityLevel = "safe" | "guarded" | "elevated";
+/**
+ * Specific capabilities a tool may require. Used in permission prompts
+ * to tell the user *what* the tool wants access to.
+ */
+export type Capability = "network" | "filesystem" | "shell";
+/**
+ * Tool capability declaration. Tools that need elevated access declare
+ * their capabilities here.
+ */
+export interface ToolCapabilities {
+    /** Overall trust level required */
+    level: CapabilityLevel;
+    /** Specific capabilities needed (for elevated tools) */
+    capabilities?: Capability[];
+    /** Human-readable reason shown in the permission prompt */
+    reason?: string;
+}
+export interface TrustStore {
+    /** Check if a tool is approved for elevated access. */
+    isApproved(toolName: string): boolean;
+    /** Grant approval for a tool. "always" persists to disk; "once" is session-only. */
+    approve(toolName: string, duration: "always" | "once"): void;
+    /** Revoke approval for a tool. */
+    revoke(toolName: string): void;
+    /** List all approved tools. */
+    listApproved(): Array<{
+        tool: string;
+        duration: "always" | "once";
+    }>;
+    /** Consume a one-time approval (returns true if it existed). */
+    consumeOnce(toolName: string): boolean;
+}
+/**
+ * Create a trust store backed by a JSON file. Pre-approved tools from config
+ * are always allowed; runtime approvals are stored in trust-approvals.json.
+ */
+export declare function createTrustStore(dataDir: string, preApproved?: string[]): TrustStore;
+/**
+ * Register a tool's capability requirements.
+ */
+export declare function registerToolCapabilities(toolName: string, capabilities: ToolCapabilities): void;
+/**
+ * Get a tool's declared capabilities. Returns Safe if not registered.
+ */
+export declare function getToolCapabilities(toolName: string): ToolCapabilities;
+export interface PermissionCheckResult {
+    allowed: boolean;
+    /** If not allowed, a message to show the user via the agent. */
+    blockReason?: string;
+}
+/**
+ * Check whether a tool call should be allowed. Safe and guarded tools always
+ * pass; elevated tools require explicit user approval.
+ */
+export declare function checkPermission(toolName: string, trustStore: TrustStore): PermissionCheckResult;
+/**
+ * Mark a tool as pending approval for `userId`.
+ *
+ * This is a text-based approval handshake for channels that don't support
+ * inline buttons: the agent tells the user what it wants to do, sets a
+ * pending entry here, and the next message from that user is tested against
+ * an affirmative word list by checkPendingApproval().
+ *
+ * The key lives only in the in-process `pendingApprovals` Map. It is
+ * intentionally not persisted to disk: if the process restarts between the
+ * agent's request and the user's reply, the pending state is lost and the
+ * user simply needs to ask again. This avoids stale approval prompts
+ * surviving across restarts.
+ */
+export declare function setPendingApproval(userId: string, toolName: string): void;
+/**
+ * Check whether the user's message completes a pending approval handshake.
+ *
+ * Returns the tool name that was approved if `userMessage` is an affirmative
+ * word and there is a pending entry for `userId`; returns null if the message
+ * is negative (clears the pending state), or if it is neither (leaves the
+ * pending state intact so the conversation can continue).
+ *
+ * The affirmative and negative word lists are intentionally short to avoid
+ * false positives: only unambiguous single-word replies are treated as
+ * approval signals.
+ */
+export declare function checkPendingApproval(userId: string, userMessage: string): string | null;
+/**
+ * Check whether the user's message is an "always approve" grant rather than
+ * a one-time "yes".
+ *
+ * Only exact matches of "always" or "always allow" qualify. Phrases like
+ * "yes always" or "sure always" do NOT match here; they fall through to the
+ * normal affirmative check in checkPendingApproval() and result in a one-time
+ * approval. This keeps the always-grant intentional and explicit.
+ */
+export declare function isAlwaysApproval(userMessage: string): boolean;
+//# sourceMappingURL=store.d.ts.map

package/dist/trust/store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/trust/store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AASH;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,eAAe,GAAG,MAAM,GAAG,SAAS,GAAG,UAAU,CAAC;AAE9D;;;GAGG;AACH,MAAM,MAAM,UAAU,GAAG,SAAS,GAAG,YAAY,GAAG,OAAO,CAAC;AAE5D;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,mCAAmC;IACnC,KAAK,EAAE,eAAe,CAAC;IACvB,wDAAwD;IACxD,YAAY,CAAC,EAAE,UAAU,EAAE,CAAC;IAC5B,2DAA2D;IAC3D,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAkBD,MAAM,WAAW,UAAU;IACzB,uDAAuD;IACvD,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;IAEtC,oFAAoF;IACpF,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,MAAM,GAAG,IAAI,CAAC;IAE7D,kCAAkC;IAClC,MAAM,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IAE/B,+BAA+B;IAC/B,YAAY,IAAI,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,QAAQ,GAAG,MAAM,CAAA;KAAE,CAAC,CAAC;IAErE,gEAAgE;IAChE,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;CACxC;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,GAAE,MAAM,EAAO,GAAG,UAAU,CA6ExF;AASD;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,QAAQ,EAAE,MAAM,EAAE,YAAY,EAAE,gBAAgB,GAAG,IAAI,CAE/F;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,gBAAgB,CAEtE;AAMD,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,gEAAgE;IAChE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAC7B,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,UAAU,GACrB,qBAAqB,CAwBvB;AAgBD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAEzE;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAwBvF;AAED;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAG7D"}

package/dist/trust/store.js

@@ -0,0 +1,209 @@
+/**
+ * Trust levels and runtime permissions.
+ *
+ * Three capability levels: Safe (local data the agent owns), Guarded
+ * (external content processed through worker isolation), and Elevated
+ * (direct external access: network, shell, unreviewed extensions).
+ *
+ * Elevated tools require explicit user approval on first use. Approvals
+ * are persisted to disk so they survive restarts.
+ */
+import fs from "node:fs";
+import path from "node:path";
+/**
+ * Create a trust store backed by a JSON file. Pre-approved tools from config
+ * are always allowed; runtime approvals are stored in trust-approvals.json.
+ */
+export function createTrustStore(dataDir, preApproved = []) {
+    const filePath = path.join(dataDir, "trust-approvals.json");
+    const preApprovedSet = new Set(preApproved);
+    const onceApprovals = new Set();
+    function loadPersistedApprovals() {
+        if (!fs.existsSync(filePath))
+            return new Map();
+        try {
+            const data = JSON.parse(fs.readFileSync(filePath, "utf-8"));
+            return new Map(data.map((r) => [r.tool, r]));
+        }
+        catch {
+            return new Map();
+        }
+    }
+    function savePersistedApprovals(approvals) {
+        const data = [...approvals.values()];
+        fs.writeFileSync(filePath, JSON.stringify(data, null, 2), "utf-8");
+    }
+    return {
+        isApproved(toolName) {
+            if (preApprovedSet.has(toolName))
+                return true;
+            if (onceApprovals.has(toolName))
+                return true;
+            const persisted = loadPersistedApprovals();
+            return persisted.has(toolName);
+        },
+        approve(toolName, duration) {
+            if (duration === "once") {
+                onceApprovals.add(toolName);
+                return;
+            }
+            const persisted = loadPersistedApprovals();
+            persisted.set(toolName, {
+                tool: toolName,
+                grantedAt: new Date().toISOString(),
+                duration: "always",
+            });
+            savePersistedApprovals(persisted);
+        },
+        revoke(toolName) {
+            onceApprovals.delete(toolName);
+            const persisted = loadPersistedApprovals();
+            if (persisted.delete(toolName)) {
+                savePersistedApprovals(persisted);
+            }
+        },
+        listApproved() {
+            const result = [];
+            for (const tool of preApprovedSet) {
+                result.push({ tool, duration: "always" });
+            }
+            for (const tool of onceApprovals) {
+                if (!preApprovedSet.has(tool)) {
+                    result.push({ tool, duration: "once" });
+                }
+            }
+            const persisted = loadPersistedApprovals();
+            for (const [tool, record] of persisted) {
+                if (!preApprovedSet.has(tool) && !onceApprovals.has(tool)) {
+                    result.push({ tool, duration: record.duration });
+                }
+            }
+            return result;
+        },
+        consumeOnce(toolName) {
+            if (onceApprovals.has(toolName)) {
+                onceApprovals.delete(toolName);
+                return true;
+            }
+            return false;
+        },
+    };
+}
+// ---------------------------------------------------------------------------
+// Capability registry
+// ---------------------------------------------------------------------------
+/** Map of tool name -> capabilities. Tools not in the registry are Safe. */
+const toolCapabilityRegistry = new Map();
+/**
+ * Register a tool's capability requirements.
+ */
+export function registerToolCapabilities(toolName, capabilities) {
+    toolCapabilityRegistry.set(toolName, capabilities);
+}
+/**
+ * Get a tool's declared capabilities. Returns Safe if not registered.
+ */
+export function getToolCapabilities(toolName) {
+    return toolCapabilityRegistry.get(toolName) ?? { level: "safe" };
+}
+/**
+ * Check whether a tool call should be allowed. Safe and guarded tools always
+ * pass; elevated tools require explicit user approval.
+ */
+export function checkPermission(toolName, trustStore) {
+    const caps = getToolCapabilities(toolName);
+    if (caps.level === "safe" || caps.level === "guarded") {
+        return { allowed: true };
+    }
+    // Elevated: check approval
+    if (trustStore.isApproved(toolName)) {
+        // Consume one-time approvals
+        trustStore.consumeOnce(toolName);
+        return { allowed: true };
+    }
+    const capList = caps.capabilities?.join(", ") ?? "elevated access";
+    const reason = caps.reason ?? `This tool requires ${capList}.`;
+    return {
+        allowed: false,
+        blockReason: `Permission required: "${toolName}" needs ${capList}. ${reason} ` +
+            `Ask the user: "Can I use ${toolName}? It needs ${capList}." ` +
+            `If they approve, I'll remember the permission.`,
+    };
+}
+// ---------------------------------------------------------------------------
+// Pending approval tracking
+// ---------------------------------------------------------------------------
+// File-backed approvals (trust-approvals.json) persist across restarts because
+// they represent deliberate, considered user decisions: "always allow this tool".
+// Pending approvals, by contrast, are transient per-session state: the agent
+// asked for permission in this conversation, the user hasn't replied yet. There
+// is no value in carrying that half-finished handshake across a restart, and
+// doing so could surface stale permission prompts after an unrelated restart.
+// The in-process Map is therefore intentional and correct for pending state.
+/** Tools waiting for user approval. Set by the agent when a tool is blocked. */
+const pendingApprovals = new Map();
+/**
+ * Mark a tool as pending approval for `userId`.
+ *
+ * This is a text-based approval handshake for channels that don't support
+ * inline buttons: the agent tells the user what it wants to do, sets a
+ * pending entry here, and the next message from that user is tested against
+ * an affirmative word list by checkPendingApproval().
+ *
+ * The key lives only in the in-process `pendingApprovals` Map. It is
+ * intentionally not persisted to disk: if the process restarts between the
+ * agent's request and the user's reply, the pending state is lost and the
+ * user simply needs to ask again. This avoids stale approval prompts
+ * surviving across restarts.
+ */
+export function setPendingApproval(userId, toolName) {
+    pendingApprovals.set(userId, toolName);
+}
+/**
+ * Check whether the user's message completes a pending approval handshake.
+ *
+ * Returns the tool name that was approved if `userMessage` is an affirmative
+ * word and there is a pending entry for `userId`; returns null if the message
+ * is negative (clears the pending state), or if it is neither (leaves the
+ * pending state intact so the conversation can continue).
+ *
+ * The affirmative and negative word lists are intentionally short to avoid
+ * false positives: only unambiguous single-word replies are treated as
+ * approval signals.
+ */
+export function checkPendingApproval(userId, userMessage) {
+    const toolName = pendingApprovals.get(userId);
+    if (!toolName)
+        return null;
+    const lower = userMessage.toLowerCase().trim();
+    const affirmative = [
+        "yes", "y", "yep", "yeah", "sure", "ok", "okay", "allow",
+        "allow it", "go ahead", "do it", "approved", "ja", "oke",
+        "always", "always allow",
+    ];
+    if (affirmative.includes(lower)) {
+        pendingApprovals.delete(userId);
+        return toolName;
+    }
+    const negative = ["no", "n", "nope", "deny", "cancel", "nee"];
+    if (negative.includes(lower)) {
+        pendingApprovals.delete(userId);
+        return null;
+    }
+    // Not a clear yes/no; leave the pending state but don't block conversation
+    return null;
+}
+/**
+ * Check whether the user's message is an "always approve" grant rather than
+ * a one-time "yes".
+ *
+ * Only exact matches of "always" or "always allow" qualify. Phrases like
+ * "yes always" or "sure always" do NOT match here; they fall through to the
+ * normal affirmative check in checkPendingApproval() and result in a one-time
+ * approval. This keeps the always-grant intentional and explicit.
+ */
+export function isAlwaysApproval(userMessage) {
+    const lower = userMessage.toLowerCase().trim();
+    return lower === "always" || lower === "always allow";
+}
+//# sourceMappingURL=store.js.map

package/dist/trust/store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.js","sourceRoot":"","sources":["../../src/trust/store.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAyE7B;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAe,EAAE,cAAwB,EAAE;IAC1E,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC;IAC5D,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;IAC5C,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAC;IAExC,SAAS,sBAAsB;QAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC;YAAE,OAAO,IAAI,GAAG,EAAE,CAAC;QAC/C,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAqB,CAAC;YAChF,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,GAAG,EAAE,CAAC;QACnB,CAAC;IACH,CAAC;IAED,SAAS,sBAAsB,CAAC,SAAsC;QACpE,MAAM,IAAI,GAAG,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;QACrC,EAAE,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IACrE,CAAC;IAED,OAAO;QACL,UAAU,CAAC,QAAgB;YACzB,IAAI,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC;gBAAE,OAAO,IAAI,CAAC;YAC9C,IAAI,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC;gBAAE,OAAO,IAAI,CAAC;YAC7C,MAAM,SAAS,GAAG,sBAAsB,EAAE,CAAC;YAC3C,OAAO,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QACjC,CAAC;QAED,OAAO,CAAC,QAAgB,EAAE,QAA2B;YACnD,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;gBACxB,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBAC5B,OAAO;YACT,CAAC;YACD,MAAM,SAAS,GAAG,sBAAsB,EAAE,CAAC;YAC3C,SAAS,CAAC,GAAG,CAAC,QAAQ,EAAE;gBACtB,IAAI,EAAE,QAAQ;gBACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,QAAQ,EAAE,QAAQ;aACnB,CAAC,CAAC;YACH,sBAAsB,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC;QAED,MAAM,CAAC,QAAgB;YACrB,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC/B,MAAM,SAAS,GAAG,sBAAsB,EAAE,CAAC;YAC3C,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/B,sBAAsB,CAAC,SAAS,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;QAED,YAAY;YACV,MAAM,MAAM,GAAyD,EAAE,CAAC;YACxE,KAAK,MAAM,IAAI,IAAI,cAAc,EAAE,CAAC;gBAClC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;YAC5C,CAAC;YACD,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;gBACjC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC9B,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YACD,MAAM,SAAS,GAAG,sBAAsB,EAAE,CAAC;YAC3C,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;gBACvC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1D,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,WAAW,CAAC,QAAgB;YAC1B,IAAI,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAChC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBAC/B,OAAO,IAAI,CAAC;YACd,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;KACF,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,sBAAsB;AACtB,8EAA8E;AAE9E,4EAA4E;AAC5E,MAAM,sBAAsB,GAAG,IAAI,GAAG,EAA4B,CAAC;AAEnE;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,QAAgB,EAAE,YAA8B;IACvF,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;AACrD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAgB;IAClD,OAAO,sBAAsB,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;AACnE,CAAC;AAYD;;;GAGG;AACH,MAAM,UAAU,eAAe,CAC7B,QAAgB,EAChB,UAAsB;IAEtB,MAAM,IAAI,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAE3C,IAAI,IAAI,CAAC,KAAK,KAAK,MAAM,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;QACtD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,2BAA2B;IAC3B,IAAI,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpC,6BAA6B;QAC7B,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QACjC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,iBAAiB,CAAC;IACnE,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,sBAAsB,OAAO,GAAG,CAAC;IAE/D,OAAO;QACL,OAAO,EAAE,KAAK;QACd,WAAW,EACT,yBAAyB,QAAQ,WAAW,OAAO,KAAK,MAAM,GAAG;YACjE,4BAA4B,QAAQ,cAAc,OAAO,KAAK;YAC9D,gDAAgD;KACnD,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,4BAA4B;AAC5B,8EAA8E;AAE9E,+EAA+E;AAC/E,kFAAkF;AAClF,6EAA6E;AAC7E,gFAAgF;AAChF,6EAA6E;AAC7E,8EAA8E;AAC9E,6EAA6E;AAC7E,gFAAgF;AAChF,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAEnD;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAc,EAAE,QAAgB;IACjE,gBAAgB,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AACzC,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAAc,EAAE,WAAmB;IACtE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9C,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,KAAK,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IAC/C,MAAM,WAAW,GAAG;QAClB,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO;QACxD,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK;QACxD,QAAQ,EAAE,cAAc;KACzB,CAAC;IAEF,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAChC,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC9D,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QAC7B,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,2EAA2E;IAC3E,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAAC,WAAmB;IAClD,MAAM,KAAK,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IAC/C,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,cAAc,CAAC;AACxD,CAAC"}

package/dist/trust/wrapper.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Trust-aware tool wrapper.
+ *
+ * Wraps tool execute() with permission checks and the LLM guardrail.
+ * Elevated tools first need tool-level approval, then each invocation
+ * goes through the guardrail (ALLOW / ASK / BLOCK). Safe and guarded
+ * tools pass through without checks.
+ */
+import type { AgentTool } from "@mariozechner/pi-agent-core";
+import { type TrustStore } from "./store.js";
+import type { Config } from "../config.js";
+import type { ApprovalResult } from "../channels/types.js";
+/**
+ * Callback for interactive approval requests. Sends a prompt to the user
+ * (inline buttons or text) and resolves with their decision.
+ */
+export type ApprovalCallback = (prompt: string, approvalKey: string) => Promise<ApprovalResult>;
+/**
+ * Context needed for guardrail evaluation.
+ */
+export interface TrustWrapperContext {
+    config: Config;
+    /** The last user message (for guardrail context). */
+    getLastUserMessage: () => string | undefined;
+    /** If provided, approval requests use this instead of text-based blocking. */
+    onApprovalNeeded?: ApprovalCallback;
+}
+/**
+ * Wrap a tool's execute function with trust check + LLM guardrail.
+ */
+export declare function wrapToolWithTrustCheck<T extends AgentTool<any>>(tool: T, trustStore: TrustStore, userId: string, context?: TrustWrapperContext): T;
+/**
+ * Wrap all tools in an array with trust checks.
+ */
+export declare function wrapToolsWithTrustChecks(tools: AgentTool<any>[], trustStore: TrustStore, userId: string, context?: TrustWrapperContext): AgentTool<any>[];
+//# sourceMappingURL=wrapper.d.ts.map

package/dist/trust/wrapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wrapper.d.ts","sourceRoot":"","sources":["../../src/trust/wrapper.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAmB,MAAM,6BAA6B,CAAC;AAC9E,OAAO,EAIL,KAAK,UAAU,EAChB,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAE3D;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;AAEhG;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,MAAM,CAAC;IACf,qDAAqD;IACrD,kBAAkB,EAAE,MAAM,MAAM,GAAG,SAAS,CAAC;IAC7C,8EAA8E;IAC9E,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;CACrC;AAoCD;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,CAAC,SAAS,SAAS,CAAC,GAAG,CAAC,EAC7D,IAAI,EAAE,CAAC,EACP,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,mBAAmB,GAC5B,CAAC,CAwGH;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CACtC,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC,EAAE,EACvB,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,mBAAmB,GAC5B,SAAS,CAAC,GAAG,CAAC,EAAE,CAElB"}

package/dist/trust/wrapper.js

@@ -0,0 +1,142 @@
+/**
+ * Trust-aware tool wrapper.
+ *
+ * Wraps tool execute() with permission checks and the LLM guardrail.
+ * Elevated tools first need tool-level approval, then each invocation
+ * goes through the guardrail (ALLOW / ASK / BLOCK). Safe and guarded
+ * tools pass through without checks.
+ */
+import { checkPermission, setPendingApproval, getToolCapabilities, } from "./store.js";
+import { evaluateToolCall } from "./guardrail.js";
+function escapeHtml(text) {
+    return text
+        .replace(/&/g, "&")
+        .replace(/</g, "&lt;")
+        .replace(/>/g, "&gt;");
+}
+// TOOL_DESCRIPTIONS is shown to the user inside approval prompts so they see
+// plain English rather than internal tool names. It is NOT passed to the LLM
+// guardrail; the guardrail receives the tool's own `.description` property
+// from the tool definition instead.
+/**
+ * Human-readable labels for elevated tools, shown instead of raw tool names
+ * in user-facing approval prompts.
+ */
+const TOOL_DESCRIPTIONS = {
+    system_restart: "Restart to pick up changes",
+    shell_exec: "Run a shell command",
+    http_request: "Make a web request",
+};
+function humanToolDescription(toolName, reason) {
+    return TOOL_DESCRIPTIONS[toolName] ?? reason ?? "Perform an action that needs your permission";
+}
+function denied(toolName) {
+    return {
+        content: [{
+                type: "text",
+                text: `User denied permission for ${toolName}. Tell the user the action was not taken.`,
+            }],
+    };
+}
+/**
+ * Wrap a tool's execute function with trust check + LLM guardrail.
+ */
+export function wrapToolWithTrustCheck(tool, trustStore, userId, context) {
+    const originalExecute = tool.execute;
+    const wrappedExecute = async (toolCallId, params, signal, onUpdate) => {
+        const caps = getToolCapabilities(tool.name);
+        // Safe and guarded tools: always execute
+        if (caps.level === "safe" || caps.level === "guarded") {
+            return originalExecute.call(tool, toolCallId, params, signal, onUpdate);
+        }
+        // Elevated: first check if the tool itself is approved
+        const permResult = checkPermission(tool.name, trustStore);
+        if (!permResult.allowed) {
+            const description = humanToolDescription(tool.name, caps.reason);
+            const prompt = `⚡ <b>Permission request</b>\n\n` +
+                `${escapeHtml(description)}`;
+            if (context?.onApprovalNeeded) {
+                const approvalKey = `tool:${userId}:${tool.name}`;
+                const result = await context.onApprovalNeeded(prompt, approvalKey);
+                if (result === "deny") {
+                    return denied(tool.name);
+                }
+                const duration = result === "allow_always" ? "always" : "once";
+                trustStore.approve(tool.name, duration);
+                // Fall through to guardrail with the now-approved tool
+            }
+            else {
+                // No inline approval available — fall back to text-based flow
+                setPendingApproval(userId, tool.name);
+                return {
+                    content: [{
+                            type: "text",
+                            text: permResult.blockReason ?? `Permission denied for ${tool.name}.`,
+                        }],
+                };
+            }
+        }
+        // Tool is approved. Run the LLM guardrail on the specific arguments.
+        if (context?.config) {
+            const argsStr = typeof params === "string" ? params : JSON.stringify(params);
+            let guardrailResult;
+            try {
+                guardrailResult = await evaluateToolCall(context.config, {
+                    toolName: tool.name,
+                    args: argsStr,
+                    userMessage: context.getLastUserMessage?.(),
+                    toolDescription: tool.description,
+                });
+            }
+            catch {
+                // Guardrail failure: fail safe to ASK
+                guardrailResult = { verdict: "ASK", reason: "Guardrail unavailable." };
+            }
+            if (guardrailResult.verdict === "BLOCK") {
+                return {
+                    content: [{
+                            type: "text",
+                            text: `Blocked: ${guardrailResult.reason}. ` +
+                                `Tell the user this action was blocked for safety and explain why.`,
+                        }],
+                };
+            }
+            if (guardrailResult.verdict === "ASK") {
+                const description = humanToolDescription(tool.name, caps.reason);
+                const prompt = `⚠️ <b>Confirmation needed</b>\n\n` +
+                    `${escapeHtml(description)}\n` +
+                    `${escapeHtml(guardrailResult.reason)}`;
+                if (context?.onApprovalNeeded) {
+                    const approvalKey = `guardrail:${userId}:${toolCallId}`;
+                    const result = await context.onApprovalNeeded(prompt, approvalKey);
+                    if (result === "deny") {
+                        return denied(tool.name);
+                    }
+                    // allow or allow_always: fall through to execution
+                    // (guardrail "always allow" for a specific invocation isn't meaningful, treat same as once)
+                }
+                else {
+                    setPendingApproval(userId, `${tool.name}:${toolCallId}`);
+                    return {
+                        content: [{
+                                type: "text",
+                                text: `Guardrail flagged this action: ${guardrailResult.reason}. ` +
+                                    `Ask the user to confirm: describe what you're about to do and why, ` +
+                                    `then ask "Should I go ahead?"`,
+                            }],
+                    };
+                }
+            }
+            // ALLOW: fall through to execution
+        }
+        return originalExecute.call(tool, toolCallId, params, signal, onUpdate);
+    };
+    return { ...tool, execute: wrappedExecute };
+}
+/**
+ * Wrap all tools in an array with trust checks.
+ */
+export function wrapToolsWithTrustChecks(tools, trustStore, userId, context) {
+    return tools.map((tool) => wrapToolWithTrustCheck(tool, trustStore, userId, context));
+}
+//# sourceMappingURL=wrapper.js.map

package/dist/trust/wrapper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wrapper.js","sourceRoot":"","sources":["../../src/trust/wrapper.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EACL,eAAe,EACf,kBAAkB,EAClB,mBAAmB,GAEpB,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,gBAAgB,EAAwB,MAAM,gBAAgB,CAAC;AAqBxE,SAAS,UAAU,CAAC,IAAY;IAC9B,OAAO,IAAI;SACR,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;SACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;AAC3B,CAAC;AAED,6EAA6E;AAC7E,6EAA6E;AAC7E,2EAA2E;AAC3E,oCAAoC;AACpC;;;GAGG;AACH,MAAM,iBAAiB,GAA2B;IAChD,cAAc,EAAE,4BAA4B;IAC5C,UAAU,EAAE,qBAAqB;IACjC,YAAY,EAAE,oBAAoB;CACnC,CAAC;AAEF,SAAS,oBAAoB,CAAC,QAAgB,EAAE,MAAe;IAC7D,OAAO,iBAAiB,CAAC,QAAQ,CAAC,IAAI,MAAM,IAAI,8CAA8C,CAAC;AACjG,CAAC;AAED,SAAS,MAAM,CAAC,QAAgB;IAC9B,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,8BAA8B,QAAQ,2CAA2C;aACxF,CAAC;KACyB,CAAC;AAChC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CACpC,IAAO,EACP,UAAsB,EACtB,MAAc,EACd,OAA6B;IAE7B,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC;IAErC,MAAM,cAAc,GAA2B,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;QAC5F,MAAM,IAAI,GAAG,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE5C,yCAAyC;QACzC,IAAI,IAAI,CAAC,KAAK,KAAK,MAAM,IAAI,IAAI,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;YACtD,OAAO,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;QAC1E,CAAC;QAED,uDAAuD;QACvD,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC1D,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;YACxB,MAAM,WAAW,GAAG,oBAAoB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;YACjE,MAAM,MAAM,GACV,iCAAiC;gBACjC,GAAG,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAE/B,IAAI,OAAO,EAAE,gBAAgB,EAAE,CAAC;gBAC9B,MAAM,WAAW,GAAG,QAAQ,MAAM,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAClD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;gBAEnE,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;oBACtB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC3B,CAAC;gBAED,MAAM,QAAQ,GAAG,MAAM,KAAK,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;gBAC/D,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;gBACxC,uDAAuD;YACzD,CAAC;iBAAM,CAAC;gBACN,8DAA8D;gBAC9D,kBAAkB,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACtC,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAe;4BACrB,IAAI,EAAE,UAAU,CAAC,WAAW,IAAI,yBAAyB,IAAI,CAAC,IAAI,GAAG;yBACtE,CAAC;iBACyB,CAAC;YAChC,CAAC;QACH,CAAC;QAED,qEAAqE;QACrE,IAAI,OAAO,EAAE,MAAM,EAAE,CAAC;YACpB,MAAM,OAAO,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC7E,IAAI,eAAgC,CAAC;YACrC,IAAI,CAAC;gBACH,eAAe,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,MAAM,EAAE;oBACvD,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,IAAI,EAAE,OAAO;oBACb,WAAW,EAAE,OAAO,CAAC,kBAAkB,EAAE,EAAE;oBAC3C,eAAe,EAAE,IAAI,CAAC,WAAW;iBAClC,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,sCAAsC;gBACtC,eAAe,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,wBAAwB,EAAE,CAAC;YACzE,CAAC;YAED,IAAI,eAAe,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;gBACxC,OAAO;oBACL,OAAO,EAAE,CAAC;4BACR,IAAI,EAAE,MAAe;4BACrB,IAAI,EAAE,YAAY,eAAe,CAAC,MAAM,IAAI;gCAC1C,mEAAmE;yBACtE,CAAC;iBACyB,CAAC;YAChC,CAAC;YAED,IAAI,eAAe,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;gBACtC,MAAM,WAAW,GAAG,oBAAoB,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;gBACjE,MAAM,MAAM,GACV,mCAAmC;oBACnC,GAAG,UAAU,CAAC,WAAW,CAAC,IAAI;oBAC9B,GAAG,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;gBAE1C,IAAI,OAAO,EAAE,gBAAgB,EAAE,CAAC;oBAC9B,MAAM,WAAW,GAAG,aAAa,MAAM,IAAI,UAAU,EAAE,CAAC;oBACxD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,gBAAgB,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;oBAEnE,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;wBACtB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAC3B,CAAC;oBACD,mDAAmD;oBACnD,4FAA4F;gBAC9F,CAAC;qBAAM,CAAC;oBACN,kBAAkB,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,IAAI,UAAU,EAAE,CAAC,CAAC;oBACzD,OAAO;wBACL,OAAO,EAAE,CAAC;gCACR,IAAI,EAAE,MAAe;gCACrB,IAAI,EAAE,kCAAkC,eAAe,CAAC,MAAM,IAAI;oCAChE,qEAAqE;oCACrE,+BAA+B;6BAClC,CAAC;qBACyB,CAAC;gBAChC,CAAC;YACH,CAAC;YAED,mCAAmC;QACrC,CAAC;QAED,OAAO,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC1E,CAAC,CAAC;IAEF,OAAO,EAAE,GAAG,IAAI,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB,CACtC,KAAuB,EACvB,UAAsB,EACtB,MAAc,EACd,OAA6B;IAE7B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,sBAAsB,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AACxF,CAAC"}

package/dist/usage.d.ts

@@ -0,0 +1,53 @@
+/**
+ * Per-message token usage tracking.
+ *
+ * Records input tokens, output tokens, model, cost in USD, and latency for
+ * every agent response. Entries are appended to daily JSONL files under
+ * data/usage/. Used for cost monitoring and operator visibility into model
+ * spending over time.
+ */
+import type { Config, ModelEntry } from "./config.js";
+export interface UsageRecord {
+    timestamp: string;
+    user_id: string;
+    model: string;
+    input_tokens: number;
+    output_tokens: number;
+    cost_usd: number;
+    latency_ms: number;
+}
+export interface UsageSummary {
+    date: string;
+    total_messages: number;
+    total_input_tokens: number;
+    total_output_tokens: number;
+    total_cost_usd: number;
+    by_user: Record<string, {
+        messages: number;
+        input_tokens: number;
+        output_tokens: number;
+        cost_usd: number;
+    }>;
+}
+export interface UsageTracker {
+    append(entry: Omit<UsageRecord, "timestamp">): Promise<void>;
+    summarize(date?: string): Promise<UsageSummary>;
+}
+export declare function calculateCostUsd(inputTokens: number, outputTokens: number, cost?: ModelEntry["cost"]): number;
+/**
+ * Look up a model's cost config using a three-step cascade.
+ *
+ * The model string returned by the SDK may differ from the config format in
+ * two ways: (1) it may carry an embedded "provider/model" prefix, or (2) the
+ * provider context may only be known separately. The cascade handles both:
+ *
+ * Step 1 — explicit provider + bare model id: use the provider hint (if any)
+ *   and strip any embedded prefix from the model string.
+ * Step 2 — embedded provider prefix: parse "provider/model" from the model
+ *   string itself and look up that pair.
+ * Step 3 — bare id across all providers: fall back to searching every
+ *   configured provider for a model whose id matches the full model string.
+ */
+export declare function resolveModelCost(config: Config, provider: string | undefined, model: string | undefined): ModelEntry["cost"] | undefined;
+export declare function createUsageTracker(dataDir: string): UsageTracker;
+//# sourceMappingURL=usage.d.ts.map

package/dist/usage.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"usage.d.ts","sourceRoot":"","sources":["../src/usage.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH,OAAO,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEtD,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE,MAAM,CAAC;IACvB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,OAAO,EAAE,MAAM,CACb,MAAM,EACN;QACE,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,EAAE,MAAM,CAAC;QACtB,QAAQ,EAAE,MAAM,CAAC;KAClB,CACF,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC7D,SAAS,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;CACjD;AAYD,wBAAgB,gBAAgB,CAC9B,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,IAAI,CAAC,EAAE,UAAU,CAAC,MAAM,CAAC,GACxB,MAAM,CAOR;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,gBAAgB,CAC9B,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,KAAK,EAAE,MAAM,GAAG,SAAS,GACxB,UAAU,CAAC,MAAM,CAAC,GAAG,SAAS,CA0BhC;AAED,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,YAAY,CA6DhE"}