@claudelaw/taichu 0.6.0

package/packages/server/src/middleware/cors.js

@@ -0,0 +1,15 @@
+/**
+ * CORS Middleware
+ */
+
+const DEFAULT_ORIGIN = '*';
+const DEFAULT_METHODS = 'GET,POST,PUT,PATCH,DELETE,OPTIONS';
+const DEFAULT_HEADERS = 'Content-Type,Authorization,X-Taichu-Agent-Key,X-Taichu-Agent-Id';
+const DEFAULT_MAX_AGE = '86400';
+
+export function corsMiddleware(req, res) {
+  res.setHeader('Access-Control-Allow-Origin', DEFAULT_ORIGIN);
+  res.setHeader('Access-Control-Allow-Methods', DEFAULT_METHODS);
+  res.setHeader('Access-Control-Allow-Headers', DEFAULT_HEADERS);
+  res.setHeader('Access-Control-Max-Age', DEFAULT_MAX_AGE);
+}

package/packages/server/src/middleware/error-handler.js

@@ -0,0 +1,49 @@
+/**
+ * Error Handler — 统一错误响应
+ */
+
+import { TaichuError } from '../../../core/src/errors.js';
+
+export function errorHandler(res, err) {
+  // Already sent headers?
+  if (res.headersSent) {
+    if (!res.writableEnded) res.end();
+    return;
+  }
+
+  // Body parser errors
+  if (err.code === 'PAYLOAD_TOO_LARGE') {
+    res.writeHead(413, { 'Content-Type': 'application/json' });
+    res.end(JSON.stringify({
+      error: 'PAYLOAD_TOO_LARGE',
+      message: `Request body exceeds limit of ${(err.maxSize / 1024 / 1024).toFixed(1)}MB`,
+      status: 413
+    }));
+    return;
+  }
+
+  if (err.code === 'INVALID_JSON') {
+    res.writeHead(400, { 'Content-Type': 'application/json' });
+    res.end(JSON.stringify({
+      error: 'INVALID_JSON',
+      message: 'Request body must be valid JSON',
+      status: 400
+    }));
+    return;
+  }
+
+  if (err instanceof TaichuError) {
+    res.writeHead(err.status, { 'Content-Type': 'application/json' });
+    res.end(JSON.stringify(err.toJSON()));
+    return;
+  }
+
+  // Unknown error — log and return 500
+  console.error('[Taichu] Unhandled error:', err);
+  res.writeHead(500, { 'Content-Type': 'application/json' });
+  res.end(JSON.stringify({
+    error: 'INTERNAL_ERROR',
+    message: process.env.NODE_ENV === 'development' ? err.message : 'Internal server error',
+    status: 500
+  }));
+}

package/packages/server/src/middleware/rate-limit.js

@@ -0,0 +1,118 @@
+/**
+ * Rate Limiter — Token Bucket 算法，零依赖
+ *
+ * 三种监控维度（按优先级）：
+ *   1. API Key   → 按 Agent 限制
+ *   2. JWT User  → 按人类用户限制
+ *   3. IP        → 匿名请求兜底
+ *
+ * 环境变量：
+ *   TAICHU_RATE_LIMIT_WINDOW_MS  — 时间窗口（默认 60000ms = 1分钟）
+ *   TAICHU_RATE_LIMIT_MAX         — 窗口内最大请求数（默认 100）
+ *   TAICHU_RATE_LIMIT_AUTH_MAX    — 认证用户窗口内最大请求数（默认 300）
+ *   TAICHU_RATE_LIMIT_LOGIN_MAX   — 登录端点窗口内最大请求数（默认 10）
+ *
+ * 响应：429 Too Many Requests + Retry-After 头
+ */
+
+const DEFAULT_WINDOW = parseInt(process.env.TAICHU_RATE_LIMIT_WINDOW_MS) || 60000;
+const DEFAULT_MAX = parseInt(process.env.TAICHU_RATE_LIMIT_MAX) || 100;
+const AUTH_MAX = parseInt(process.env.TAICHU_RATE_LIMIT_AUTH_MAX) || 300;
+const LOGIN_MAX = parseInt(process.env.TAICHU_RATE_LIMIT_LOGIN_MAX) || 10;
+
+/** @type {Map<string, { tokens: number, lastRefill: number }>} */
+const buckets = new Map();
+
+// Periodic cleanup (every 5 minutes)
+setInterval(() => {
+  const now = Date.now();
+  for (const [key, b] of buckets) {
+    if (now - b.lastRefill > DEFAULT_WINDOW * 2) {
+      buckets.delete(key);
+    }
+  }
+}, 300000).unref();
+
+/**
+ * Get client identifier for rate limiting.
+ * Priority: API Key → JWT User → IP
+ */
+function getClientId(ctx) {
+  // API Key header
+  const agentKey = ctx.req.headers['x-taichu-agent-key'];
+  if (agentKey) return `ak:${agentKey}`;
+
+  // JWT (via actor if already authenticated)
+  if (ctx.actor?.id) return `user:${ctx.actor.id}`;
+
+  // IP fallback
+  const ip = ctx.req.headers['x-forwarded-for']?.split(',')[0]?.trim()
+    || ctx.req.socket?.remoteAddress
+    || 'unknown';
+  return `ip:${ip}`;
+}
+
+/**
+ * Determine the max tokens for a given request.
+ */
+function getMaxTokens(ctx, clientId) {
+  // Login/register endpoints — strict limit
+  const path = ctx.url?.pathname || '';
+  if (path.startsWith('/api/auth/login') || path.startsWith('/api/auth/register')) {
+    return LOGIN_MAX;
+  }
+  // Authenticated users — higher limit
+  if (clientId.startsWith('ak:') || clientId.startsWith('user:')) {
+    return AUTH_MAX;
+  }
+  return DEFAULT_MAX;
+}
+
+/**
+ * Rate limit middleware. Returns true if allowed, false if blocked.
+ * If blocked, it will have already written the 429 response.
+ *
+ * @param {object} ctx — request context
+ * @returns {boolean} — true = allowed, false = blocked
+ */
+export function rateLimit(ctx) {
+  const clientId = getClientId(ctx);
+  const maxTokens = getMaxTokens(ctx, clientId);
+  const now = Date.now();
+
+  let bucket = buckets.get(clientId);
+  if (!bucket) {
+    bucket = { tokens: maxTokens, lastRefill: now };
+    buckets.set(clientId, bucket);
+  }
+
+  // Refill tokens
+  const elapsed = now - bucket.lastRefill;
+  const refill = Math.floor((elapsed / DEFAULT_WINDOW) * maxTokens);
+  if (refill > 0) {
+    bucket.tokens = Math.min(maxTokens, bucket.tokens + refill);
+    bucket.lastRefill = now;
+  }
+
+  // Consume a token
+  if (bucket.tokens > 0) {
+    bucket.tokens--;
+    return true;
+  }
+
+  // Rate limited — write 429 response
+  const retryAfter = Math.ceil((DEFAULT_WINDOW - elapsed) / 1000);
+  ctx.res.writeHead(429, {
+    'Content-Type': 'application/json',
+    'Retry-After': String(retryAfter),
+    'X-RateLimit-Limit': String(maxTokens),
+    'X-RateLimit-Remaining': '0',
+    'X-RateLimit-Reset': String(Math.ceil((bucket.lastRefill + DEFAULT_WINDOW) / 1000))
+  });
+  ctx.res.end(JSON.stringify({
+    error: 'RATE_LIMITED',
+    message: `Too many requests. Try again in ${retryAfter} seconds.`,
+    retryAfter
+  }));
+  return false;
+}

package/packages/server/src/multipart.js

@@ -0,0 +1,150 @@
+/**
+ * Multipart Parser — 零依赖的文件上传解析
+ *
+ * 支持 multipart/form-data，解析文件字段和普通字段。
+ * 仅解析第一个文件（单文件上传场景），返回 Buffer + metadata。
+ *
+ * 限制：单文件最大 50MB，请求体最大 55MB。
+ */
+
+import { randomUUID } from 'node:crypto';
+
+const MAX_FILE_SIZE = parseInt(process.env.TAICHU_MAX_FILE_SIZE) || 50 * 1024 * 1024;
+const MAX_TOTAL_SIZE = MAX_FILE_SIZE + 5 * 1024 * 1024;
+
+/**
+ * @typedef {object} MultipartFile
+ * @property {string} fieldname  — 表单字段名
+ * @property {string} filename   — 原始文件名
+ * @property {string} mimetype   — MIME 类型
+ * @property {Buffer} buffer     — 文件内容
+ * @property {number} size       — 文件大小（字节）
+ */
+
+/**
+ * Parse a multipart/form-data request body.
+ * @param {import('node:http').IncomingMessage} req
+ * @returns {Promise<{ files: MultipartFile[], fields: Record<string,string> }>}
+ */
+export function parseMultipart(req) {
+  return new Promise((resolve, reject) => {
+    const contentType = req.headers['content-type'] || '';
+    const boundaryMatch = contentType.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
+    if (!boundaryMatch) {
+      reject(Object.assign(new Error('Missing boundary in multipart request'), { code: 'BAD_REQUEST', status: 400 }));
+      return;
+    }
+
+    const boundary = boundaryMatch[1] || boundaryMatch[2];
+    const boundaryBuffer = Buffer.from(`--${boundary}`);
+    const finalBoundary = Buffer.from(`--${boundary}--`);
+    const crlf = Buffer.from('\r\n');
+    const doubleCrlf = Buffer.from('\r\n\r\n');
+
+    const chunks = [];
+    let totalSize = 0;
+
+    req.on('data', (chunk) => {
+      totalSize += chunk.length;
+      if (totalSize > MAX_TOTAL_SIZE) {
+        reject(Object.assign(new Error('Request too large'), { code: 'PAYLOAD_TOO_LARGE', status: 413 }));
+        req.destroy();
+        return;
+      }
+      chunks.push(chunk);
+    });
+
+    req.on('end', () => {
+      try {
+        const buffer = Buffer.concat(chunks);
+        const parts = splitParts(buffer, boundaryBuffer, finalBoundary);
+        const files = [];
+        const fields = {};
+
+        for (const part of parts) {
+          const parsed = parsePart(part, doubleCrlf);
+          if (!parsed) continue;
+
+          if (parsed.filename) {
+            if (parsed.data.length > MAX_FILE_SIZE) {
+              reject(Object.assign(new Error(`File exceeds ${MAX_FILE_SIZE / 1024 / 1024}MB limit`), { code: 'FILE_TOO_LARGE', status: 413 }));
+              return;
+            }
+            files.push({
+              fieldname: parsed.name,
+              filename: parsed.filename,
+              mimetype: parsed.contentType || 'application/octet-stream',
+              buffer: parsed.data,
+              size: parsed.data.length
+            });
+          } else {
+            fields[parsed.name] = parsed.data.toString('utf-8');
+          }
+        }
+
+        // Generate IDs for files
+        for (const f of files) {
+          f.id = randomUUID();
+        }
+
+        resolve({ files, fields });
+      } catch (err) {
+        reject(Object.assign(err, { code: 'PARSE_ERROR', status: 400 }));
+      }
+    });
+
+    req.on('error', reject);
+  });
+}
+
+function splitParts(buffer, boundary, finalBoundary) {
+  const parts = [];
+  let start = buffer.indexOf(boundary);
+  if (start === -1) return parts;
+
+  while (start !== -1) {
+    start += boundary.length;
+    // Skip the \r\n after boundary
+    if (buffer[start] === 0x0d && buffer[start + 1] === 0x0a) start += 2;
+
+    let end = buffer.indexOf(boundary, start);
+    if (end === -1) {
+      // Check for final boundary
+      end = buffer.indexOf(finalBoundary, start);
+      if (end === -1) break;
+    }
+
+    // Trim trailing \r\n before boundary
+    let partEnd = end;
+    if (partEnd > start && buffer[partEnd - 2] === 0x0d && buffer[partEnd - 1] === 0x0a) {
+      partEnd -= 2;
+    }
+
+    parts.push(buffer.subarray(start, partEnd));
+    start = end;
+    if (start + finalBoundary.length > buffer.length) break;
+  }
+
+  return parts;
+}
+
+function parsePart(part, doubleCrlf) {
+  const headerEnd = part.indexOf(doubleCrlf);
+  if (headerEnd === -1) return null;
+
+  const headerStr = part.subarray(0, headerEnd).toString('utf-8');
+  const data = part.subarray(headerEnd + doubleCrlf.length);
+
+  // Parse Content-Disposition
+  const cdMatch = headerStr.match(/Content-Disposition:\s*form-data;\s*name="([^"]+)"(?:;\s*filename="([^"]*)")?/i);
+  if (!cdMatch) return null;
+
+  const name = cdMatch[1];
+  const filename = cdMatch[2] || null;
+
+  // Parse Content-Type
+  const ctMatch = headerStr.match(/Content-Type:\s*([^\r\n]+)/i);
+  const contentType = ctMatch ? ctMatch[1].trim() : null;
+
+  return { name, filename, contentType, data };
+}

package/packages/server/src/notify.js

@@ -0,0 +1,126 @@
+/**
+ * Notification — 多渠道通知（飞书/钉钉/企业微信 + 邮件）
+ *
+ * 通过 Webhook 发送 IM 消息 + SMTP 发送邮件。
+ * 环境变量：
+ *   TAICHU_NOTIFY_FEISHU     — 飞书机器人 Webhook URL
+ *   TAICHU_NOTIFY_DINGTALK   — 钉钉机器人 Webhook URL
+ *   TAICHU_NOTIFY_WECOM      — 企业微信机器人 Webhook URL
+ *   TAICHU_SMTP_HOST         — SMTP 服务器（启用邮件通知）
+ *   TAICHU_SMTP_PORT         — SMTP 端口（默认 587）
+ *   TAICHU_SMTP_USER         — SMTP 用户名
+ *   TAICHU_SMTP_PASS         — SMTP 密码
+ *   TAICHU_SMTP_FROM         — 发件人地址
+ *   TAICHU_SMTP_TO           — 默认收件人
+ */
+
+import { createLogger } from './logger.js';
+import { sendEmail, buildEmailHtml } from './email.js';
+
+const log = createLogger('notify');
+
+/**
+ * Send notification to all configured channels.
+ * @param {string} event — event type
+ * @param {object} data  — event payload
+ */
+export async function notify(event, data) {
+  const promises = [];
+
+  if (process.env.TAICHU_NOTIFY_FEISHU) {
+    promises.push(sendFeishu(process.env.TAICHU_NOTIFY_FEISHU, event, data));
+  }
+  if (process.env.TAICHU_NOTIFY_DINGTALK) {
+    promises.push(sendDingTalk(process.env.TAICHU_NOTIFY_DINGTALK, event, data));
+  }
+  if (process.env.TAICHU_NOTIFY_WECOM) {
+    promises.push(sendWecom(process.env.TAICHU_NOTIFY_WECOM, event, data));
+  }
+  if (process.env.TAICHU_SMTP_HOST) {
+    promises.push(sendEmailNotify(event, data));
+  }
+
+  await Promise.allSettled(promises);
+}
+
+/**
+ * Send email notification via configured SMTP.
+ */
+async function sendEmailNotify(event, data) {
+  const { title } = normalize(data);
+  const html = buildEmailHtml(event, data);
+
+  const result = await sendEmail({
+    subject: `[Taichu] ${eventLabel(event)}: ${title}`,
+    html
+  });
+
+  if (result.success) {
+    log.info(`Email sent: ${event} — ${title}`);
+  } else {
+    log.warn(`Email failed: ${result.error}`);
+  }
+}
+
+/** 飞书消息卡片 */
+async function sendFeishu(webhook, event, data) {
+  const { title, url, actor, summary } = normalize(data);
+  const body = {
+    msg_type: 'interactive',
+    card: {
+      header: { title: { tag: 'plain_text', content: `${icon(event)} ${eventLabel(event)}` }, template: 'green' },
+      elements: [
+        { tag: 'div', text: { tag: 'lark_md', content: `**${escapeMd(title)}**\n${summary}` } },
+        { tag: 'note', elements: [{ tag: 'plain_text', content: `${actor} · ${new Date().toLocaleString('zh-CN')}` }] }
+      ]
+    }
+  };
+  if (url) body.card.elements.push({ tag: 'action', actions: [{ tag: 'button', text: { tag: 'plain_text', content: '查看详情' }, type: 'default', url }] });
+
+  try {
+    await fetch(webhook, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(body) });
+  } catch (err) { log.error(`Feishu notify failed: ${err.message}`); }
+}
+
+/** 钉钉 Markdown 消息 */
+async function sendDingTalk(webhook, event, data) {
+  const { title, url, actor, summary } = normalize(data);
+  let text = `## ${icon(event)} ${eventLabel(event)}\n\n**${title}**\n${summary}\n\n> ${actor}`;
+  if (url) text += `\n\n[查看详情](${url})`;
+
+  try {
+    await fetch(webhook, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ msgtype: 'markdown', markdown: { title: `${eventLabel(event)}: ${title}`, text } }) });
+  } catch (err) { log.error(`DingTalk notify failed: ${err.message}`); }
+}
+
+/** 企业微信 Markdown 消息 */
+async function sendWecom(webhook, event, data) {
+  const { title, url, actor, summary } = normalize(data);
+  let content = `**${icon(event)} ${eventLabel(event)}**\n> ${title}\n${summary}\n> ${actor} · ${new Date().toLocaleString('zh-CN')}`;
+  if (url) content += `\n[查看详情](${url})`;
+
+  try {
+    await fetch(webhook, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ msgtype: 'markdown', markdown: { content } }) });
+  } catch (err) { log.error(`WeCom notify failed: ${err.message}`); }
+}
+
+function normalize(data) {
+  return {
+    title: data.doc?.data?.title || data.doc?.id || 'Untitled',
+    url: data.url || '',
+    actor: data.actor || data.doc?._meta?.createdBy?.label || 'System',
+    summary: data.summary || (typeof data.doc?.data?.body === 'string' ? data.doc.data.body.substring(0, 100) : '')
+  };
+}
+
+function eventLabel(e) {
+  return { content_created: '内容创建', content_updated: '内容更新', content_deleted: '内容删除', review_requested: '请求审核', agent_action: 'Agent 操作' }[e] || e;
+}
+
+function icon(e) {
+  return { content_created: '📝', content_updated: '✏️', content_deleted: '🗑️', review_requested: '👀', agent_action: '🤖' }[e] || '📌';
+}
+
+function escapeMd(text) {
+  return String(text).replace(/[*_~`>#[\]()\\]/g, '\\$&');
+}

package/packages/server/src/pipeline.js

@@ -0,0 +1,206 @@
+/**
+ * Pipeline Engine — Agent 内容编排管道
+ *
+ * 声明式定义多步骤内容操作（翻译→润色→SEO→审核→发布）。
+ * 基于现有 Hook 系统构建。
+ */
+
+import { createLogger } from './logger.js';
+
+const log = createLogger('pipeline');
+
+/**
+ * @typedef {object} PipelineStep
+ * @property {string} name — step name
+ * @property {string} action — "translate" | "polish" | "seo" | "review" | "publish" | custom
+ * @property {object} [config] — step-specific config
+ */
+
+/**
+ * @typedef {object} PipelineTemplate
+ * @property {string} name
+ * @property {string} label
+ * @property {PipelineStep[]} steps
+ */
+
+/** Built-in pipeline templates */
+const TEMPLATES = {
+  translation: {
+    name: 'translation',
+    label: '翻译管道',
+    steps: [
+      { name: 'detect-language', action: 'detect' },
+      { name: 'translate', action: 'translate', config: { targetLang: 'en' } },
+      { name: 'polish', action: 'polish' },
+      { name: 'publish', action: 'publish' }
+    ]
+  },
+  seo: {
+    name: 'seo',
+    label: 'SEO 优化管道',
+    steps: [
+      { name: 'analyze-keywords', action: 'seo_analyze' },
+      { name: 'optimize-title', action: 'seo_title' },
+      { name: 'optimize-body', action: 'seo_body' },
+      { name: 'add-meta', action: 'seo_meta' },
+      { name: 'publish', action: 'publish' }
+    ]
+  },
+  review: {
+    name: 'review',
+    label: '审核发布管道',
+    steps: [
+      { name: 'ai-review', action: 'review', config: { autoApprove: false } },
+      { name: 'publish', action: 'publish' }
+    ]
+  }
+};
+
+class PipelineEngine {
+  constructor(store, hooks) {
+    this.store = store;
+    this.hooks = hooks;
+    /** @type {Map<string, PipelineTemplate>} */
+    this.templates = new Map(Object.entries(TEMPLATES));
+  }
+
+  /**
+   * Register a custom pipeline template.
+   */
+  registerTemplate(template) {
+    this.templates.set(template.name, template);
+  }
+
+  /**
+   * List available templates.
+   */
+  listTemplates() {
+    return Array.from(this.templates.values());
+  }
+
+  /**
+   * Execute a pipeline on a document.
+   * @param {string} templateName
+   * @param {object} doc — the document to process
+   * @returns {Promise<{ steps: Array<{ name: string, status: string, result?: any }> }>}
+   */
+  async execute(templateName, doc) {
+    const template = this.templates.get(templateName);
+    if (!template) throw new Error(`Pipeline template "${templateName}" not found`);
+
+    const results = [];
+    const currentDoc = doc;
+
+    for (const step of template.steps) {
+      try {
+        // Fire before-step hook
+        await this.hooks.run(`pipeline:before:${step.action}`, { doc: currentDoc, step });
+
+        // Execute step (delegated to hook handlers or built-in logic)
+        const stepResult = await this.hooks.run(`pipeline:${step.action}`, {
+          doc: currentDoc,
+          config: step.config || {},
+          stepName: step.name
+        });
+
+        results.push({ name: step.name, status: 'completed', result: stepResult });
+
+        // Fire after-step hook
+        await this.hooks.run(`pipeline:after:${step.action}`, { doc: currentDoc, result: stepResult });
+
+        log.info(`Pipeline step "${step.name}" completed for doc ${doc.id}`);
+      } catch (err) {
+        results.push({ name: step.name, status: 'failed', error: err.message });
+        log.error(`Pipeline step "${step.name}" failed: ${err.message}`);
+        break;
+      }
+    }
+
+    return { steps: results };
+  }
+}
+
+// ── Agent Metadata ─────────────────────────────────────────
+
+/**
+ * Attach agent metadata to a content document.
+ * Called automatically when an Agent (API Key) creates or modifies content.
+ *
+ * @param {object} doc — document being created/updated
+ * @param {object} actor — from auth middleware
+ * @param {string} action — "create" | "update"
+ * @returns {object} doc with metadata attached
+ */
+export function attachAgentMeta(doc, actor, action = 'create') {
+  if (actor?.type !== 'agent') return doc;
+
+  const meta = doc._meta || (doc._meta = {});
+  meta.createdBy = meta.createdBy || {
+    type: 'agent',
+    agentId: actor.keyPrefix || actor.id,
+    label: actor.label || 'Unknown Agent',
+    timestamp: new Date().toISOString()
+  };
+  meta.lastModifiedBy = {
+    type: 'agent',
+    agentId: actor.keyPrefix || actor.id,
+    label: actor.label || 'Unknown Agent',
+    action,
+    timestamp: new Date().toISOString()
+  };
+
+  return doc;
+}
+
+// ── Review Policy ─────────────────────────────────────────
+
+/**
+ * Review policy for Agent-generated content.
+ */
+class ReviewPolicy {
+  constructor(config = {}) {
+    this.requireHumanReview = config.requireHumanReview ?? true;
+    this.autoApproveThreshold = config.autoApproveThreshold ?? null;
+    this.blockedPatterns = config.blockedPatterns || [];
+    this.minConfidence = config.minConfidence ?? 0.7;
+  }
+
+  /**
+   * Evaluate content against the review policy.
+   * @returns {{ approved: boolean, reason?: string, score?: number }}
+   */
+  evaluate(doc) {
+    // Check blocked patterns
+    const text = JSON.stringify(doc.data || {}).toLowerCase();
+    for (const pattern of this.blockedPatterns) {
+      if (text.includes(pattern.toLowerCase())) {
+        return { approved: false, reason: `Blocked pattern: "${pattern}"` };
+      }
+    }
+
+    // Check if marked as AI-generated → require review
+    const isAgentContent = doc._meta?.createdBy?.type === 'agent';
+    if (isAgentContent && this.requireHumanReview) {
+      return { approved: false, reason: 'Agent-generated content requires human review' };
+    }
+
+    return { approved: true };
+  }
+
+  /** Serialize to JSON for storage */
+  toJSON() {
+    return {
+      requireHumanReview: this.requireHumanReview,
+      autoApproveThreshold: this.autoApproveThreshold,
+      blockedPatterns: this.blockedPatterns,
+      minConfidence: this.minConfidence
+    };
+  }
+
+  /** Create from stored JSON */
+  static fromJSON(json) {
+    return new ReviewPolicy(json);
+  }
+}
+
+export { PipelineEngine, ReviewPolicy, TEMPLATES };