@cldmv/slothlet 3.2.1 → 3.3.0

package/dist/lib/helpers/config.mjs

@@ -18,6 +18,7 @@
 
 
 import { ComponentBase } from "@cldmv/slothlet/factories/component-base";
+import { SlothletError } from "@cldmv/slothlet/errors";
 
 
 export class Config extends ComponentBase {
@@ -98,7 +99,7 @@ export class Config extends ComponentBase {
 
 	
 	normalizeMutations(mutations) {
-		const defaults = { add: true, remove: true, reload: true };
+		const defaults = { add: true, remove: true, reload: true, permissions: true };
 
 		
 		if (!mutations || typeof mutations !== "object") {
@@ -109,7 +110,8 @@ export class Config extends ComponentBase {
 		return {
 			add: mutations.add === false ? false : true,
 			remove: mutations.remove === false ? false : true,
-			reload: mutations.reload === false ? false : true
+			reload: mutations.reload === false ? false : true,
+			permissions: mutations.permissions === false ? false : true
 		};
 	}
 
@@ -126,7 +128,8 @@ export class Config extends ComponentBase {
 				context: false,
 				initialization: false,
 				materialize: false,
-				versioning: false
+				versioning: false,
+				permissions: false
 			};
 		}
 
@@ -142,7 +145,8 @@ export class Config extends ComponentBase {
 				context: true,
 				initialization: true,
 				materialize: true,
-				versioning: true
+				versioning: true,
+				permissions: true
 			};
 		}
 
@@ -158,7 +162,8 @@ export class Config extends ComponentBase {
 				context: debug.context || false,
 				initialization: debug.initialization || false,
 				materialize: debug.materialize || false,
-				versioning: debug.versioning || false
+				versioning: debug.versioning || false,
+				permissions: debug.permissions || false
 			};
 		}
 
@@ -173,7 +178,8 @@ export class Config extends ComponentBase {
 			context: false,
 			initialization: false,
 			materialize: false,
-			versioning: false
+			versioning: false,
+			permissions: false
 		};
 	}
 
@@ -284,6 +290,9 @@ export class Config extends ComponentBase {
 		}
 
 		
+		const permissionsConfig = this.normalizePermissions(config.permissions);
+
+		
 		let i18nConfig = null;
 		if (config.i18n && typeof config.i18n === "object") {
 			i18nConfig = {
@@ -315,7 +324,8 @@ export class Config extends ComponentBase {
 			silent: config.silent === true,
 			typescript: this.normalizeTypeScript(config.typescript),
 			env: this.normalizeEnv(config.env),
-			versionDispatcher: config.versionDispatcher ?? null
+			versionDispatcher: config.versionDispatcher ?? null,
+			permissions: permissionsConfig
 		};
 	}
 
@@ -368,4 +378,78 @@ export class Config extends ComponentBase {
 		}
 		return null; 
 	}
+
+	
+	normalizePermissions(permissions) {
+		if (!permissions || typeof permissions !== "object") {
+			return null;
+		}
+
+		
+		let defaultPolicy;
+		if (permissions.defaultPolicy === "deny") {
+			defaultPolicy = "deny";
+		} else if (permissions.defaultPolicy === "allow" || permissions.defaultPolicy === undefined) {
+			defaultPolicy = "allow";
+		} else {
+			throw new SlothletError(
+				"INVALID_CONFIG",
+				{
+					option: "permissions.defaultPolicy",
+					value: permissions.defaultPolicy,
+					expected: '"allow" or "deny"',
+					hint: "HINT_INVALID_CONFIG"
+				},
+				null,
+				{ validationError: true }
+			);
+		}
+
+		const enabled = permissions.enabled !== false;
+
+		
+		let audit;
+		if (permissions.audit === "verbose") {
+			audit = "verbose";
+		} else if (permissions.audit === "default" || permissions.audit === undefined) {
+			audit = "default";
+		} else if (permissions.audit === true) {
+			
+			audit = "default";
+		} else if (permissions.audit === false) {
+			
+			audit = "default";
+		} else {
+			throw new SlothletError(
+				"INVALID_CONFIG",
+				{
+					option: "permissions.audit",
+					value: permissions.audit,
+					expected: '"default" or "verbose"',
+					hint: "HINT_INVALID_CONFIG"
+				},
+				null,
+				{ validationError: true }
+			);
+		}
+
+		
+		if (permissions.rules !== undefined && !Array.isArray(permissions.rules)) {
+			throw new SlothletError(
+				"INVALID_CONFIG",
+				{
+					option: "permissions.rules",
+					value: permissions.rules,
+					expected: "array",
+					hint: "HINT_INVALID_CONFIG"
+				},
+				null,
+				{ validationError: true }
+			);
+		}
+
+		const rules = Array.isArray(permissions.rules) ? permissions.rules : [];
+
+		return { defaultPolicy, enabled, audit, rules };
+	}
 }

package/dist/lib/helpers/pattern-matcher.mjs

@@ -0,0 +1,141 @@
+/*
+	Copyright 2026 CLDMV/Shinrai
+
+	Licensed under the Apache License, Version 2.0 (the "License");
+	you may not use this file except in compliance with the License.
+	You may obtain a copy of the License at
+
+		http://www.apache.org/licenses/LICENSE-2.0
+
+	Unless required by applicable law or agreed to in writing, software
+	distributed under the License is distributed on an "AS IS" BASIS,
+	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	See the License for the specific language governing permissions and
+	limitations under the License.
+*/
+
+
+
+
+
+import { SlothletError } from "@cldmv/slothlet/errors";
+
+
+export function compilePattern(pattern, options = {}) {
+	
+	const isNegation = pattern.startsWith("!");
+	if (isNegation) {
+		pattern = pattern.slice(1);
+		const matcher = compilePattern(pattern, options);
+		return (path) => !matcher(path);
+	}
+
+	
+	const expanded = expandBraces(pattern, 0, 10, options);
+	if (expanded.length > 1) {
+		
+		const matchers = expanded.map((p) => compilePattern(p, options));
+		return (path) => matchers.some((m) => m(path));
+	}
+
+	
+	pattern = expanded[0];
+
+	
+	let regexPattern = pattern
+		.replace(/[.+^$()|[\]\\]/g, "\\$&") 
+		.replace(/\*\*/g, "__DOUBLESTAR__") 
+		.replace(/\*/g, "[^.]*") 
+		.replace(/__DOUBLESTAR__/g, ".*") 
+		.replace(/\?/g, "."); 
+
+	regexPattern = `^${regexPattern}$`;
+	const regex = new RegExp(regexPattern);
+
+	return (path) => regex.test(path);
+}
+
+
+export function expandBraces(pattern, depth = 0, maxDepth = 10, options = {}) {
+	
+	if (depth >= maxDepth) {
+		if (options.onMaxDepth) {
+			options.onMaxDepth(maxDepth);
+		}
+		
+		throw new SlothletError("BRACE_EXPANSION_MAX_DEPTH", { maxDepth, validationError: true });
+	}
+
+	
+	const braceStart = pattern.indexOf("{");
+	if (braceStart === -1) {
+		return [pattern]; 
+	}
+
+	
+	let braceEnd = -1;
+	let depthCount = 1;
+	for (let i = braceStart + 1; i < pattern.length; i++) {
+		if (pattern[i] === "{") depthCount++;
+		if (pattern[i] === "}") {
+			depthCount--;
+			if (depthCount === 0) {
+				braceEnd = i;
+				break;
+			}
+		}
+	}
+
+	if (braceEnd === -1) {
+		return [pattern]; 
+	}
+
+	
+	const prefix = pattern.slice(0, braceStart);
+	const braceContent = pattern.slice(braceStart + 1, braceEnd);
+	const suffix = pattern.slice(braceEnd + 1);
+
+	
+	const alternatives = splitBraceAlternatives(braceContent);
+
+	
+	const expanded = [];
+	for (const alt of alternatives) {
+		const combined = prefix + alt + suffix;
+		
+		const recursiveExpanded = expandBraces(combined, depth + 1, maxDepth, options);
+		expanded.push(...recursiveExpanded);
+	}
+
+	return expanded;
+}
+
+
+export function splitBraceAlternatives(content) {
+	const alternatives = [];
+	let current = "";
+	let depth = 0;
+
+	for (let i = 0; i < content.length; i++) {
+		const char = content[i];
+
+		if (char === "{") {
+			depth++;
+			current += char;
+		} else if (char === "}") {
+			depth--;
+			current += char;
+		} else if (char === "," && depth === 0) {
+			alternatives.push(current);
+			current = "";
+		} else {
+			current += char;
+		}
+	}
+
+	if (current) {
+		alternatives.push(current);
+	}
+
+	return alternatives;
+}

package/dist/lib/i18n/languages/de-de.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "Version aufgelöst: {version} für Pfad {apiPath} (Aufrufer: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "Keine Discriminator-Übereinstimmung für Pfad {apiPath}; Standardversion {version} wird verwendet.",
 		"DEBUG_VERSION_REGISTERED": "Version {version} unter {logicalPath} registriert (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "Version {version} von {logicalPath} abgemeldet"
+		"DEBUG_VERSION_UNREGISTERED": "Version {version} von {logicalPath} abgemeldet",
+
+		"PERMISSION_DENIED": "Zugriff verweigert: Aufrufer '{caller}' darf nicht auf '{target}' zugreifen",
+		"HINT_PERMISSION_DENIED": "Prüfen Sie die Berechtigungsregeln für dieses Aufrufer/Ziel-Paar. Verwenden Sie api.slothlet.permissions.global.rulesForPath('{target}'), um die aktiven Regeln einzusehen.",
+		"PERMISSION_SELF_MODIFY": "Modul '{moduleID}' kann seine eigene Berechtigungsregel '{ruleId}' nicht entfernen",
+		"HINT_PERMISSION_SELF_MODIFY": "Berechtigungsregeln sind für das besitzende Modul unveränderlich. Ein anderes Modul muss diese Regel entfernen.",
+		"INVALID_PERMISSION_RULE": "Ungültige Berechtigungsregel: {reason} (erhalten: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "Berechtigungsregeln erfordern: caller (String-Glob), target (String-Glob) und effect ('allow' oder 'deny').",
+		"DEBUG_PERMISSION_DENIED": "Berechtigung verweigert: Aufrufer '{caller}' -> Ziel '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "Berechtigung erteilt: Aufrufer '{caller}' -> Ziel '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "Berechtigungs-Self-Bypass: Aufrufer und Ziel teilen sich moduleID '{moduleID}'",
+		"DEBUG_PERMISSION_DEFAULT": "Standard-Berechtigungsrichtlinie angewendet: Aufrufer '{caller}' -> Ziel '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "Berechtigungsregel hinzugefügt: {ruleId} ({caller} -> {target}: {effect}, Besitzer: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "Berechtigungsregel entfernt: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "Regel muss ein nicht-leeres Objekt sein",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller muss eine nicht-leere Zeichenkette sein",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target muss eine nicht-leere Zeichenkette sein",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect muss 'allow' oder 'deny' sein",
+		"BRACE_EXPANSION_MAX_DEPTH": "Klammerauflösung hat die maximale Tiefe von {maxDepth} überschritten",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "Verringern Sie die Verschachtelung in Ihren Klammermustern oder erhöhen Sie die maxDepth-Option.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "Berechtigungsmanager ist nicht in dieser Slothlet-Instanz verfügbar"
 	},
 	"metadata": {
 		"code": "de-de",

package/dist/lib/i18n/languages/en-gb.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "Version resolved: {version} for path {apiPath} (caller: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "No discriminator match for path {apiPath}; using default version {version}",
 		"DEBUG_VERSION_REGISTERED": "Version {version} registered at {logicalPath} (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "Version {version} unregistered from {logicalPath}"
+		"DEBUG_VERSION_UNREGISTERED": "Version {version} unregistered from {logicalPath}",
+
+		"PERMISSION_DENIED": "Access denied: caller '{caller}' is not permitted to access '{target}'",
+		"HINT_PERMISSION_DENIED": "Check permission rules for this caller/target pair. Use api.slothlet.permissions.global.rulesForPath('{target}') to inspect active rules.",
+		"PERMISSION_SELF_MODIFY": "Module '{moduleID}' cannot remove its own permission rule '{ruleId}'",
+		"HINT_PERMISSION_SELF_MODIFY": "Permission rules are immutable for the owning module. Another module must remove this rule.",
+		"INVALID_PERMISSION_RULE": "Invalid permission rule: {reason} (received: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "Permission rules require: caller (string glob), target (string glob), and effect ('allow' or 'deny').",
+		"DEBUG_PERMISSION_DENIED": "Permission denied: caller '{caller}' -> target '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "Permission allowed: caller '{caller}' -> target '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "Permission self-bypass: caller and target share moduleID '{moduleID}'",
+		"DEBUG_PERMISSION_DEFAULT": "Permission default policy applied: caller '{caller}' -> target '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "Permission rule added: {ruleId} ({caller} -> {target}: {effect}, owner: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "Permission rule removed: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "rule must be a non-null object",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller must be a non-empty string",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target must be a non-empty string",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect must be 'allow' or 'deny'",
+		"BRACE_EXPANSION_MAX_DEPTH": "Brace expansion exceeded maximum depth of {maxDepth}",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "Reduce nesting in your brace patterns or increase the maxDepth option.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "Permission manager is not available in this Slothlet instance"
 	},
 	"metadata": {
 		"code": "en-gb",

package/dist/lib/i18n/languages/en-us.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "Version resolved: {version} for path {apiPath} (caller: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "No discriminator match for path {apiPath}; using default version {version}",
 		"DEBUG_VERSION_REGISTERED": "Version {version} registered at {logicalPath} (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "Version {version} unregistered from {logicalPath}"
+		"DEBUG_VERSION_UNREGISTERED": "Version {version} unregistered from {logicalPath}",
+
+		"PERMISSION_DENIED": "Access denied: caller '{caller}' is not permitted to access '{target}'",
+		"HINT_PERMISSION_DENIED": "Check permission rules for this caller/target pair. Use api.slothlet.permissions.global.rulesForPath('{target}') to inspect active rules.",
+		"PERMISSION_SELF_MODIFY": "Module '{moduleID}' cannot remove its own permission rule '{ruleId}'",
+		"HINT_PERMISSION_SELF_MODIFY": "Permission rules are immutable for the owning module. Another module must remove this rule.",
+		"INVALID_PERMISSION_RULE": "Invalid permission rule: {reason} (received: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "Permission rules require: caller (string glob), target (string glob), and effect ('allow' or 'deny').",
+		"DEBUG_PERMISSION_DENIED": "Permission denied: caller '{caller}' -> target '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "Permission allowed: caller '{caller}' -> target '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "Permission self-bypass: caller and target share moduleID '{moduleID}'",
+		"DEBUG_PERMISSION_DEFAULT": "Permission default policy applied: caller '{caller}' -> target '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "Permission rule added: {ruleId} ({caller} -> {target}: {effect}, owner: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "Permission rule removed: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "rule must be a non-null object",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller must be a non-empty string",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target must be a non-empty string",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect must be 'allow' or 'deny'",
+		"BRACE_EXPANSION_MAX_DEPTH": "Brace expansion exceeded maximum depth of {maxDepth}",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "Reduce nesting in your brace patterns or increase the maxDepth option.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "Permission manager is not available in this Slothlet instance"
 	},
 	"metadata": {
 		"code": "en-us",

package/dist/lib/i18n/languages/es-mx.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "Versión resuelta: {version} para la ruta {apiPath} (llamador: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "Sin coincidencia del discriminador para la ruta {apiPath}; se usa la versión predeterminada {version}.",
 		"DEBUG_VERSION_REGISTERED": "Versión {version} registrada en {logicalPath} (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "Versión {version} dada de baja de {logicalPath}"
+		"DEBUG_VERSION_UNREGISTERED": "Versión {version} dada de baja de {logicalPath}",
+
+		"PERMISSION_DENIED": "Acceso denegado: el llamador '{caller}' no tiene permiso para acceder a '{target}'",
+		"HINT_PERMISSION_DENIED": "Verifique las reglas de permisos para este par llamador/objetivo. Use api.slothlet.permissions.global.rulesForPath('{target}') para inspeccionar las reglas activas.",
+		"PERMISSION_SELF_MODIFY": "El módulo '{moduleID}' no puede eliminar su propia regla de permiso '{ruleId}'",
+		"HINT_PERMISSION_SELF_MODIFY": "Las reglas de permisos son inmutables para el módulo propietario. Otro módulo debe eliminar esta regla.",
+		"INVALID_PERMISSION_RULE": "Regla de permiso inválida: {reason} (recibido: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "Las reglas de permisos requieren: caller (string glob), target (string glob) y effect ('allow' o 'deny').",
+		"DEBUG_PERMISSION_DENIED": "Permiso denegado: llamador '{caller}' -> objetivo '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "Permiso concedido: llamador '{caller}' -> objetivo '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "Auto-bypass de permisos: llamador y objetivo comparten moduleID '{moduleID}'",
+		"DEBUG_PERMISSION_DEFAULT": "Política de permisos predeterminada aplicada: llamador '{caller}' -> objetivo '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "Regla de permiso agregada: {ruleId} ({caller} -> {target}: {effect}, propietario: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "Regla de permiso eliminada: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "la regla debe ser un objeto no nulo",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller debe ser una cadena no vacía",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target debe ser una cadena no vacía",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect debe ser 'allow' o 'deny'",
+		"BRACE_EXPANSION_MAX_DEPTH": "La expansión de llaves superó la profundidad máxima de {maxDepth}",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "Reduce el anidamiento en tus patrones de llaves o aumenta la opción maxDepth.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "El administrador de permisos no está disponible en esta instancia de Slothlet"
 	},
 	"metadata": {
 		"code": "es-mx",

package/dist/lib/i18n/languages/fr-fr.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "Version résolue : {version} pour le chemin {apiPath} (appelant : {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "Aucune correspondance de discriminateur pour le chemin {apiPath} ; utilisation de la version par défaut {version}.",
 		"DEBUG_VERSION_REGISTERED": "Version {version} enregistrée à {logicalPath} (moduleID : {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "Version {version} désinscrite de {logicalPath}"
+		"DEBUG_VERSION_UNREGISTERED": "Version {version} désinscrite de {logicalPath}",
+
+		"PERMISSION_DENIED": "Accès refusé : l'appelant '{caller}' n'est pas autorisé à accéder à '{target}'",
+		"HINT_PERMISSION_DENIED": "Vérifiez les règles d'autorisation pour ce couple appelant/cible. Utilisez api.slothlet.permissions.global.rulesForPath('{target}') pour inspecter les règles actives.",
+		"PERMISSION_SELF_MODIFY": "Le module '{moduleID}' ne peut pas supprimer sa propre règle d'autorisation '{ruleId}'",
+		"HINT_PERMISSION_SELF_MODIFY": "Les règles d'autorisation sont immuables pour le module propriétaire. Un autre module doit supprimer cette règle.",
+		"INVALID_PERMISSION_RULE": "Règle d'autorisation invalide : {reason} (reçu : {received})",
+		"HINT_INVALID_PERMISSION_RULE": "Les règles d'autorisation nécessitent : caller (string glob), target (string glob) et effect ('allow' ou 'deny').",
+		"DEBUG_PERMISSION_DENIED": "Autorisation refusée : appelant '{caller}' -> cible '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "Autorisation accordée : appelant '{caller}' -> cible '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "Auto-bypass d'autorisation : l'appelant et la cible partagent le moduleID '{moduleID}'",
+		"DEBUG_PERMISSION_DEFAULT": "Politique d'autorisation par défaut appliquée : appelant '{caller}' -> cible '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "Règle d'autorisation ajoutée : {ruleId} ({caller} -> {target} : {effect}, propriétaire : {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "Règle d'autorisation supprimée : {ruleId} ({caller} -> {target} : {effect})",
+		"PERM_RULE_NOT_OBJECT": "la règle doit être un objet non nul",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller doit être une chaîne non vide",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target doit être une chaîne non vide",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect doit être 'allow' ou 'deny'",
+		"BRACE_EXPANSION_MAX_DEPTH": "L'expansion des accolades a dépassé la profondeur maximale de {maxDepth}",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "Réduisez le niveau d'imbrication dans vos motifs d'accolades ou augmentez l'option maxDepth.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "Le gestionnaire de permissions n'est pas disponible dans cette instance Slothlet"
 	},
 	"metadata": {
 		"code": "fr-fr",

package/dist/lib/i18n/languages/hi-in.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "संस्करण हल किया गया: {version}, पथ: {apiPath} (कॉलर: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "पथ {apiPath} के लिए कोई Discriminator मिलान नहीं; डिफ़ॉल्ट संस्करण {version} का उपयोग किया जा रहा है।",
 		"DEBUG_VERSION_REGISTERED": "संस्करण {version} को {logicalPath} पर पंजीकृत किया गया (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "संस्करण {version} को {logicalPath} से हटाया गया"
+		"DEBUG_VERSION_UNREGISTERED": "संस्करण {version} को {logicalPath} से हटाया गया",
+
+		"PERMISSION_DENIED": "पहुँच अस्वीकृत: कॉलर '{caller}' को '{target}' तक पहुँचने की अनुमति नहीं है",
+		"HINT_PERMISSION_DENIED": "इस कॉलर/लक्ष्य जोड़ी के लिए अनुमति नियम जाँचें। सक्रिय नियमों का निरीक्षण करने के लिए api.slothlet.permissions.global.rulesForPath('{target}') का उपयोग करें।",
+		"PERMISSION_SELF_MODIFY": "मॉड्यूल '{moduleID}' अपना स्वयं का अनुमति नियम '{ruleId}' नहीं हटा सकता",
+		"HINT_PERMISSION_SELF_MODIFY": "अनुमति नियम स्वामी मॉड्यूल के लिए अपरिवर्तनीय हैं। किसी अन्य मॉड्यूल को यह नियम हटाना होगा।",
+		"INVALID_PERMISSION_RULE": "अमान्य अनुमति नियम: {reason} (प्राप्त: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "अनुमति नियमों के लिए आवश्यक: caller (string glob), target (string glob) और effect ('allow' या 'deny')।",
+		"DEBUG_PERMISSION_DENIED": "अनुमति अस्वीकृत: कॉलर '{caller}' -> लक्ष्य '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "अनुमति स्वीकृत: कॉलर '{caller}' -> लक्ष्य '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "अनुमति सेल्फ-बाइपास: कॉलर और लक्ष्य moduleID '{moduleID}' साझा करते हैं",
+		"DEBUG_PERMISSION_DEFAULT": "डिफ़ॉल्ट अनुमति नीति लागू: कॉलर '{caller}' -> लक्ष्य '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "अनुमति नियम जोड़ा गया: {ruleId} ({caller} -> {target}: {effect}, स्वामी: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "अनुमति नियम हटाया गया: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "नियम एक गैर-शून्य ऑब्जेक्ट होना चाहिए",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller एक गैर-रिक्त स्ट्रिंग होना चाहिए",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target एक गैर-रिक्त स्ट्रिंग होना चाहिए",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect 'allow' या 'deny' होना चाहिए",
+		"BRACE_EXPANSION_MAX_DEPTH": "ब्रेस विस्तार ने {maxDepth} की अधिकतम गहराई पार कर दी",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "अपने ब्रेस पैटर्न में नेस्टिंग कम करें या maxDepth विकल्प बढ़ाएं।",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "अनुमति प्रबंधक इस Slothlet इंस्टेंस में उपलब्ध नहीं है"
 	},
 	"metadata": {
 		"code": "hi-in",

package/dist/lib/i18n/languages/ja-jp.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "バージョン解決済み: {version}、パス: {apiPath}（呼び出し元: {callerModule}）",
 		"DEBUG_VERSION_DEFAULT_USED": "パス {apiPath} の Discriminator に一致なし。デフォルトバージョン {version} を使用します。",
 		"DEBUG_VERSION_REGISTERED": "バージョン {version} が {logicalPath} に登録されました（moduleID: {moduleID}）",
-		"DEBUG_VERSION_UNREGISTERED": "バージョン {version} が {logicalPath} から登録解除されました"
+		"DEBUG_VERSION_UNREGISTERED": "バージョン {version} が {logicalPath} から登録解除されました",
+
+		"PERMISSION_DENIED": "アクセス拒否: 呼び出し元 '{caller}' は '{target}' へのアクセスが許可されていません",
+		"HINT_PERMISSION_DENIED": "この呼び出し元/ターゲットのペアのパーミッションルールを確認してください。api.slothlet.permissions.global.rulesForPath('{target}') を使用してアクティブなルールを検査できます。",
+		"PERMISSION_SELF_MODIFY": "モジュール '{moduleID}' は自身のパーミッションルール '{ruleId}' を削除できません",
+		"HINT_PERMISSION_SELF_MODIFY": "パーミッションルールは所有モジュールに対して不変です。別のモジュールがこのルールを削除する必要があります。",
+		"INVALID_PERMISSION_RULE": "無効なパーミッションルール: {reason}（受信値: {received}）",
+		"HINT_INVALID_PERMISSION_RULE": "パーミッションルールには caller（string glob）、target（string glob）、および effect（'allow' または 'deny'）が必要です。",
+		"DEBUG_PERMISSION_DENIED": "パーミッション拒否: 呼び出し元 '{caller}' -> ターゲット '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "パーミッション許可: 呼び出し元 '{caller}' -> ターゲット '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "パーミッション・セルフバイパス: 呼び出し元とターゲットが moduleID '{moduleID}' を共有しています",
+		"DEBUG_PERMISSION_DEFAULT": "デフォルトパーミッションポリシー適用: 呼び出し元 '{caller}' -> ターゲット '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "パーミッションルール追加: {ruleId}（{caller} -> {target}: {effect}、所有者: {ownerModuleID}）",
+		"DEBUG_PERMISSION_RULE_REMOVED": "パーミッションルール削除: {ruleId}（{caller} -> {target}: {effect}）",
+		"PERM_RULE_NOT_OBJECT": "ルールは非ヌルのオブジェクトである必要があります",
+		"PERM_RULE_CALLER_REQUIRED": "rule.callerは空でない文字列である必要があります",
+		"PERM_RULE_TARGET_REQUIRED": "rule.targetは空でない文字列である必要があります",
+		"PERM_RULE_EFFECT_INVALID": "rule.effectは'allow'または'deny'である必要があります",
+		"BRACE_EXPANSION_MAX_DEPTH": "ブレース展開が最大深度 {maxDepth} を超えました",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "波括弧パターンのネストを減らすか、maxDepthオプションを増やしてください。",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "権限マネージャーはこのSlothletインスタンスで利用できません"
 	},
 	"metadata": {
 		"code": "ja-jp",

package/dist/lib/i18n/languages/ko-kr.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "버전 해석됨: {version}, 경로: {apiPath} (호출자: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "경로 {apiPath}에 대한 Discriminator 일치 없음; 기본 버전 {version}을(를) 사용합니다.",
 		"DEBUG_VERSION_REGISTERED": "버전 {version}이(가) {logicalPath}에 등록됨 (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "버전 {version}이(가) {logicalPath}에서 등록 취소됨"
+		"DEBUG_VERSION_UNREGISTERED": "버전 {version}이(가) {logicalPath}에서 등록 취소됨",
+
+		"PERMISSION_DENIED": "접근 거부: 호출자 '{caller}'은(는) '{target}'에 접근할 권한이 없습니다",
+		"HINT_PERMISSION_DENIED": "이 호출자/대상 쌍의 권한 규칙을 확인하세요. api.slothlet.permissions.global.rulesForPath('{target}')를 사용하여 활성 규칙을 검사할 수 있습니다.",
+		"PERMISSION_SELF_MODIFY": "모듈 '{moduleID}'은(는) 자신의 권한 규칙 '{ruleId}'을(를) 제거할 수 없습니다",
+		"HINT_PERMISSION_SELF_MODIFY": "권한 규칙은 소유 모듈에 대해 불변입니다. 다른 모듈이 이 규칙을 제거해야 합니다.",
+		"INVALID_PERMISSION_RULE": "잘못된 권한 규칙: {reason} (수신됨: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "권한 규칙에는 caller (string glob), target (string glob), effect ('allow' 또는 'deny')가 필요합니다.",
+		"DEBUG_PERMISSION_DENIED": "권한 거부: 호출자 '{caller}' -> 대상 '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "권한 허용: 호출자 '{caller}' -> 대상 '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "권한 셀프 바이패스: 호출자와 대상이 moduleID '{moduleID}'을(를) 공유합니다",
+		"DEBUG_PERMISSION_DEFAULT": "기본 권한 정책 적용: 호출자 '{caller}' -> 대상 '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "권한 규칙 추가됨: {ruleId} ({caller} -> {target}: {effect}, 소유자: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "권한 규칙 제거됨: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "규칙은 널이 아닌 객체여야 합니다",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller는 비어 있지 않은 문자열이어야 합니다",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target은 비어 있지 않은 문자열이어야 합니다",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect는 'allow' 또는 'deny'여야 합니다",
+		"BRACE_EXPANSION_MAX_DEPTH": "중괄호 확장이 최대 깊이 {maxDepth}을(를) 초과했습니다",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "중괄호 패턴의 중첩을 줄이거나 maxDepth 옵션을 늘리세요.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "권한 관리자가 이 Slothlet 인스턴스에서 사용할 수 없습니다"
 	},
 	"metadata": {
 		"code": "ko-kr",

package/dist/lib/i18n/languages/pt-br.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "Versão resolvida: {version} para o caminho {apiPath} (chamador: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "Nenhuma correspondência de discriminador para o caminho {apiPath}; usando versão padrão {version}.",
 		"DEBUG_VERSION_REGISTERED": "Versão {version} registrada em {logicalPath} (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "Versão {version} removida de {logicalPath}"
+		"DEBUG_VERSION_UNREGISTERED": "Versão {version} removida de {logicalPath}",
+
+		"PERMISSION_DENIED": "Acesso negado: o chamador '{caller}' não tem permissão para acessar '{target}'",
+		"HINT_PERMISSION_DENIED": "Verifique as regras de permissão para este par chamador/alvo. Use api.slothlet.permissions.global.rulesForPath('{target}') para inspecionar as regras ativas.",
+		"PERMISSION_SELF_MODIFY": "O módulo '{moduleID}' não pode remover sua própria regra de permissão '{ruleId}'",
+		"HINT_PERMISSION_SELF_MODIFY": "Regras de permissão são imutáveis para o módulo proprietário. Outro módulo deve remover esta regra.",
+		"INVALID_PERMISSION_RULE": "Regra de permissão inválida: {reason} (recebido: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "Regras de permissão requerem: caller (string glob), target (string glob) e effect ('allow' ou 'deny').",
+		"DEBUG_PERMISSION_DENIED": "Permissão negada: chamador '{caller}' -> alvo '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "Permissão concedida: chamador '{caller}' -> alvo '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "Auto-bypass de permissão: chamador e alvo compartilham moduleID '{moduleID}'",
+		"DEBUG_PERMISSION_DEFAULT": "Política de permissão padrão aplicada: chamador '{caller}' -> alvo '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "Regra de permissão adicionada: {ruleId} ({caller} -> {target}: {effect}, proprietário: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "Regra de permissão removida: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "a regra deve ser um objeto não nulo",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller deve ser uma string não vazia",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target deve ser uma string não vazia",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect deve ser 'allow' ou 'deny'",
+		"BRACE_EXPANSION_MAX_DEPTH": "Expansão de chaves excedeu a profundidade máxima de {maxDepth}",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "Reduza o aninhamento em seus padrões de chaves ou aumente a opção maxDepth.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "Gerenciador de permissões não está disponível nesta instância do Slothlet"
 	},
 	"metadata": {
 		"code": "pt-br",

package/dist/lib/i18n/languages/ru-ru.json

@@ -381,7 +381,27 @@
 		"DEBUG_VERSION_RESOLVED": "Версия определена: {version} для пути {apiPath} (вызывающий: {callerModule})",
 		"DEBUG_VERSION_DEFAULT_USED": "Нет совпадения дискриминатора для пути {apiPath}; используется версия по умолчанию {version}.",
 		"DEBUG_VERSION_REGISTERED": "Версия {version} зарегистрирована в {logicalPath} (moduleID: {moduleID})",
-		"DEBUG_VERSION_UNREGISTERED": "Версия {version} удалена из {logicalPath}"
+		"DEBUG_VERSION_UNREGISTERED": "Версия {version} удалена из {logicalPath}",
+
+		"PERMISSION_DENIED": "Доступ запрещён: вызывающий '{caller}' не имеет права доступа к '{target}'",
+		"HINT_PERMISSION_DENIED": "Проверьте правила разрешений для этой пары вызывающий/цель. Используйте api.slothlet.permissions.global.rulesForPath('{target}') для просмотра активных правил.",
+		"PERMISSION_SELF_MODIFY": "Модуль '{moduleID}' не может удалить собственное правило разрешений '{ruleId}'",
+		"HINT_PERMISSION_SELF_MODIFY": "Правила разрешений неизменяемы для модуля-владельца. Другой модуль должен удалить это правило.",
+		"INVALID_PERMISSION_RULE": "Недопустимое правило разрешений: {reason} (получено: {received})",
+		"HINT_INVALID_PERMISSION_RULE": "Правила разрешений требуют: caller (string glob), target (string glob) и effect ('allow' или 'deny').",
+		"DEBUG_PERMISSION_DENIED": "Разрешение отклонено: вызывающий '{caller}' -> цель '{target}'",
+		"DEBUG_PERMISSION_ALLOWED": "Разрешение предоставлено: вызывающий '{caller}' -> цель '{target}'",
+		"DEBUG_PERMISSION_SELF_BYPASS": "Самообход разрешений: вызывающий и цель имеют общий moduleID '{moduleID}'",
+		"DEBUG_PERMISSION_DEFAULT": "Применена политика разрешений по умолчанию: вызывающий '{caller}' -> цель '{target}' -> {effect}",
+		"DEBUG_PERMISSION_RULE_ADDED": "Правило разрешений добавлено: {ruleId} ({caller} -> {target}: {effect}, владелец: {ownerModuleID})",
+		"DEBUG_PERMISSION_RULE_REMOVED": "Правило разрешений удалено: {ruleId} ({caller} -> {target}: {effect})",
+		"PERM_RULE_NOT_OBJECT": "правило должно быть ненулевым объектом",
+		"PERM_RULE_CALLER_REQUIRED": "rule.caller должно быть непустой строкой",
+		"PERM_RULE_TARGET_REQUIRED": "rule.target должно быть непустой строкой",
+		"PERM_RULE_EFFECT_INVALID": "rule.effect должно быть 'allow' или 'deny'",
+		"BRACE_EXPANSION_MAX_DEPTH": "Расширение фигурных скобок превысило максимальную глубину {maxDepth}",
+		"HINT_BRACE_EXPANSION_MAX_DEPTH": "Уменьшите вложенность в ваших шаблонах скобок или увеличьте параметр maxDepth.",
+		"PERMISSION_MANAGER_NOT_AVAILABLE": "Менеджер разрешений недоступен в этом экземпляре Slothlet"
 	},
 	"metadata": {
 		"code": "ru-ru",