@connexum/ai-governance 1.0.0-beta.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2917) hide show
  1. package/LICENSE.md +78 -0
  2. package/README.md +582 -0
  3. package/dist/adapters/cursor.d.ts +85 -0
  4. package/dist/adapters/cursor.d.ts.map +1 -0
  5. package/dist/adapters/cursor.js +188 -0
  6. package/dist/adapters/cursor.js.map +1 -0
  7. package/dist/adapters/index.d.ts +250 -0
  8. package/dist/adapters/index.d.ts.map +1 -0
  9. package/dist/adapters/index.js +377 -0
  10. package/dist/adapters/index.js.map +1 -0
  11. package/dist/agents/compliance-agent-templates/dora.d.ts +53 -0
  12. package/dist/agents/compliance-agent-templates/dora.d.ts.map +1 -0
  13. package/dist/agents/compliance-agent-templates/dora.js +947 -0
  14. package/dist/agents/compliance-agent-templates/dora.js.map +1 -0
  15. package/dist/agents/compliance-agent-templates/eu-ai-act.d.ts +27 -0
  16. package/dist/agents/compliance-agent-templates/eu-ai-act.d.ts.map +1 -0
  17. package/dist/agents/compliance-agent-templates/eu-ai-act.js +721 -0
  18. package/dist/agents/compliance-agent-templates/eu-ai-act.js.map +1 -0
  19. package/dist/agents/compliance-agent-templates/gdpr.d.ts +25 -0
  20. package/dist/agents/compliance-agent-templates/gdpr.d.ts.map +1 -0
  21. package/dist/agents/compliance-agent-templates/gdpr.js +688 -0
  22. package/dist/agents/compliance-agent-templates/gdpr.js.map +1 -0
  23. package/dist/agents/compliance-agent-templates/hipaa.d.ts +23 -0
  24. package/dist/agents/compliance-agent-templates/hipaa.d.ts.map +1 -0
  25. package/dist/agents/compliance-agent-templates/hipaa.js +640 -0
  26. package/dist/agents/compliance-agent-templates/hipaa.js.map +1 -0
  27. package/dist/agents/compliance-agent-templates/iso27001.d.ts +30 -0
  28. package/dist/agents/compliance-agent-templates/iso27001.d.ts.map +1 -0
  29. package/dist/agents/compliance-agent-templates/iso27001.js +805 -0
  30. package/dist/agents/compliance-agent-templates/iso27001.js.map +1 -0
  31. package/dist/agents/compliance-agent-templates/iso42001.d.ts +42 -0
  32. package/dist/agents/compliance-agent-templates/iso42001.d.ts.map +1 -0
  33. package/dist/agents/compliance-agent-templates/iso42001.js +898 -0
  34. package/dist/agents/compliance-agent-templates/iso42001.js.map +1 -0
  35. package/dist/agents/compliance-agent-templates/nist-ai-rmf.d.ts +37 -0
  36. package/dist/agents/compliance-agent-templates/nist-ai-rmf.d.ts.map +1 -0
  37. package/dist/agents/compliance-agent-templates/nist-ai-rmf.js +819 -0
  38. package/dist/agents/compliance-agent-templates/nist-ai-rmf.js.map +1 -0
  39. package/dist/agents/compliance-agent-templates/pci-dss.d.ts +25 -0
  40. package/dist/agents/compliance-agent-templates/pci-dss.d.ts.map +1 -0
  41. package/dist/agents/compliance-agent-templates/pci-dss.js +658 -0
  42. package/dist/agents/compliance-agent-templates/pci-dss.js.map +1 -0
  43. package/dist/agents/compliance-agent-templates/soc2.d.ts +24 -0
  44. package/dist/agents/compliance-agent-templates/soc2.d.ts.map +1 -0
  45. package/dist/agents/compliance-agent-templates/soc2.js +643 -0
  46. package/dist/agents/compliance-agent-templates/soc2.js.map +1 -0
  47. package/dist/agents/compliance-agent-templates/types.d.ts +93 -0
  48. package/dist/agents/compliance-agent-templates/types.d.ts.map +1 -0
  49. package/dist/agents/compliance-agent-templates/types.js +34 -0
  50. package/dist/agents/compliance-agent-templates/types.js.map +1 -0
  51. package/dist/audit/audit-integrity.d.ts +88 -0
  52. package/dist/audit/audit-integrity.d.ts.map +1 -0
  53. package/dist/audit/audit-integrity.js +284 -0
  54. package/dist/audit/audit-integrity.js.map +1 -0
  55. package/dist/audit/chain-tamper-detector.d.ts +115 -0
  56. package/dist/audit/chain-tamper-detector.d.ts.map +1 -0
  57. package/dist/audit/chain-tamper-detector.js +256 -0
  58. package/dist/audit/chain-tamper-detector.js.map +1 -0
  59. package/dist/audit/compliance-reporter.d.ts +91 -0
  60. package/dist/audit/compliance-reporter.d.ts.map +1 -0
  61. package/dist/audit/compliance-reporter.js +471 -0
  62. package/dist/audit/compliance-reporter.js.map +1 -0
  63. package/dist/audit/destinations/custom-webhook.d.ts +189 -0
  64. package/dist/audit/destinations/custom-webhook.d.ts.map +1 -0
  65. package/dist/audit/destinations/custom-webhook.js +477 -0
  66. package/dist/audit/destinations/custom-webhook.js.map +1 -0
  67. package/dist/audit/destinations/datadog-logs.d.ts +241 -0
  68. package/dist/audit/destinations/datadog-logs.d.ts.map +1 -0
  69. package/dist/audit/destinations/datadog-logs.js +576 -0
  70. package/dist/audit/destinations/datadog-logs.js.map +1 -0
  71. package/dist/audit/destinations/sentinel.d.ts +336 -0
  72. package/dist/audit/destinations/sentinel.d.ts.map +1 -0
  73. package/dist/audit/destinations/sentinel.js +927 -0
  74. package/dist/audit/destinations/sentinel.js.map +1 -0
  75. package/dist/audit/destinations/sumo-logic.d.ts +227 -0
  76. package/dist/audit/destinations/sumo-logic.d.ts.map +1 -0
  77. package/dist/audit/destinations/sumo-logic.js +572 -0
  78. package/dist/audit/destinations/sumo-logic.js.map +1 -0
  79. package/dist/audit/event-bus.d.ts +79 -0
  80. package/dist/audit/event-bus.d.ts.map +1 -0
  81. package/dist/audit/event-bus.js +256 -0
  82. package/dist/audit/event-bus.js.map +1 -0
  83. package/dist/audit/narrative-generator.d.ts +91 -0
  84. package/dist/audit/narrative-generator.d.ts.map +1 -0
  85. package/dist/audit/narrative-generator.js +538 -0
  86. package/dist/audit/narrative-generator.js.map +1 -0
  87. package/dist/audit/narrative-types.d.ts +274 -0
  88. package/dist/audit/narrative-types.d.ts.map +1 -0
  89. package/dist/audit/narrative-types.js +115 -0
  90. package/dist/audit/narrative-types.js.map +1 -0
  91. package/dist/audit/provenance-signer.d.ts +158 -0
  92. package/dist/audit/provenance-signer.d.ts.map +1 -0
  93. package/dist/audit/provenance-signer.js +315 -0
  94. package/dist/audit/provenance-signer.js.map +1 -0
  95. package/dist/audit/redis-event-bus.d.ts +103 -0
  96. package/dist/audit/redis-event-bus.d.ts.map +1 -0
  97. package/dist/audit/redis-event-bus.js +310 -0
  98. package/dist/audit/redis-event-bus.js.map +1 -0
  99. package/dist/audit/report-templates/disclosure-accounting.d.ts +131 -0
  100. package/dist/audit/report-templates/disclosure-accounting.d.ts.map +1 -0
  101. package/dist/audit/report-templates/disclosure-accounting.js +195 -0
  102. package/dist/audit/report-templates/disclosure-accounting.js.map +1 -0
  103. package/dist/audit/report-templates/dora-ict-major-incident.d.ts +39 -0
  104. package/dist/audit/report-templates/dora-ict-major-incident.d.ts.map +1 -0
  105. package/dist/audit/report-templates/dora-ict-major-incident.js +227 -0
  106. package/dist/audit/report-templates/dora-ict-major-incident.js.map +1 -0
  107. package/dist/audit/report-templates/eu-ai-act-annex-iv.d.ts +38 -0
  108. package/dist/audit/report-templates/eu-ai-act-annex-iv.d.ts.map +1 -0
  109. package/dist/audit/report-templates/eu-ai-act-annex-iv.js +267 -0
  110. package/dist/audit/report-templates/eu-ai-act-annex-iv.js.map +1 -0
  111. package/dist/audit/report-templates/gdpr-data-subject-rights.d.ts +37 -0
  112. package/dist/audit/report-templates/gdpr-data-subject-rights.d.ts.map +1 -0
  113. package/dist/audit/report-templates/gdpr-data-subject-rights.js +235 -0
  114. package/dist/audit/report-templates/gdpr-data-subject-rights.js.map +1 -0
  115. package/dist/audit/report-templates/hipaa-breach-notification.d.ts +27 -0
  116. package/dist/audit/report-templates/hipaa-breach-notification.d.ts.map +1 -0
  117. package/dist/audit/report-templates/hipaa-breach-notification.js +197 -0
  118. package/dist/audit/report-templates/hipaa-breach-notification.js.map +1 -0
  119. package/dist/audit/report-templates/hipaa-security-incident.d.ts +28 -0
  120. package/dist/audit/report-templates/hipaa-security-incident.d.ts.map +1 -0
  121. package/dist/audit/report-templates/hipaa-security-incident.js +172 -0
  122. package/dist/audit/report-templates/hipaa-security-incident.js.map +1 -0
  123. package/dist/audit/report-templates/index.d.ts +86 -0
  124. package/dist/audit/report-templates/index.d.ts.map +1 -0
  125. package/dist/audit/report-templates/index.js +114 -0
  126. package/dist/audit/report-templates/index.js.map +1 -0
  127. package/dist/audit/report-templates/iso-42001-ams.d.ts +36 -0
  128. package/dist/audit/report-templates/iso-42001-ams.d.ts.map +1 -0
  129. package/dist/audit/report-templates/iso-42001-ams.js +262 -0
  130. package/dist/audit/report-templates/iso-42001-ams.js.map +1 -0
  131. package/dist/audit/report-templates/pci-dss-annual-attestation.d.ts +33 -0
  132. package/dist/audit/report-templates/pci-dss-annual-attestation.d.ts.map +1 -0
  133. package/dist/audit/report-templates/pci-dss-annual-attestation.js +211 -0
  134. package/dist/audit/report-templates/pci-dss-annual-attestation.js.map +1 -0
  135. package/dist/audit/report-templates/prompts/base.d.ts +94 -0
  136. package/dist/audit/report-templates/prompts/base.d.ts.map +1 -0
  137. package/dist/audit/report-templates/prompts/base.js +197 -0
  138. package/dist/audit/report-templates/prompts/base.js.map +1 -0
  139. package/dist/audit/report-templates/prompts/dora.d.ts +19 -0
  140. package/dist/audit/report-templates/prompts/dora.d.ts.map +1 -0
  141. package/dist/audit/report-templates/prompts/dora.js +121 -0
  142. package/dist/audit/report-templates/prompts/dora.js.map +1 -0
  143. package/dist/audit/report-templates/prompts/euaiact.d.ts +20 -0
  144. package/dist/audit/report-templates/prompts/euaiact.d.ts.map +1 -0
  145. package/dist/audit/report-templates/prompts/euaiact.js +126 -0
  146. package/dist/audit/report-templates/prompts/euaiact.js.map +1 -0
  147. package/dist/audit/report-templates/prompts/gdpr.d.ts +20 -0
  148. package/dist/audit/report-templates/prompts/gdpr.d.ts.map +1 -0
  149. package/dist/audit/report-templates/prompts/gdpr.js +126 -0
  150. package/dist/audit/report-templates/prompts/gdpr.js.map +1 -0
  151. package/dist/audit/report-templates/prompts/hipaa.d.ts +32 -0
  152. package/dist/audit/report-templates/prompts/hipaa.d.ts.map +1 -0
  153. package/dist/audit/report-templates/prompts/hipaa.js +98 -0
  154. package/dist/audit/report-templates/prompts/hipaa.js.map +1 -0
  155. package/dist/audit/report-templates/prompts/hitech.d.ts +20 -0
  156. package/dist/audit/report-templates/prompts/hitech.d.ts.map +1 -0
  157. package/dist/audit/report-templates/prompts/hitech.js +114 -0
  158. package/dist/audit/report-templates/prompts/hitech.js.map +1 -0
  159. package/dist/audit/report-templates/prompts/index.d.ts +24 -0
  160. package/dist/audit/report-templates/prompts/index.d.ts.map +1 -0
  161. package/dist/audit/report-templates/prompts/index.js +54 -0
  162. package/dist/audit/report-templates/prompts/index.js.map +1 -0
  163. package/dist/audit/report-templates/prompts/iso27001.d.ts +19 -0
  164. package/dist/audit/report-templates/prompts/iso27001.d.ts.map +1 -0
  165. package/dist/audit/report-templates/prompts/iso27001.js +110 -0
  166. package/dist/audit/report-templates/prompts/iso27001.js.map +1 -0
  167. package/dist/audit/report-templates/prompts/pcidss.d.ts +19 -0
  168. package/dist/audit/report-templates/prompts/pcidss.d.ts.map +1 -0
  169. package/dist/audit/report-templates/prompts/pcidss.js +111 -0
  170. package/dist/audit/report-templates/prompts/pcidss.js.map +1 -0
  171. package/dist/audit/report-templates/prompts/soc2.d.ts +19 -0
  172. package/dist/audit/report-templates/prompts/soc2.d.ts.map +1 -0
  173. package/dist/audit/report-templates/prompts/soc2.js +117 -0
  174. package/dist/audit/report-templates/prompts/soc2.js.map +1 -0
  175. package/dist/audit/report-templates/soc2-type-ii.d.ts +23 -0
  176. package/dist/audit/report-templates/soc2-type-ii.d.ts.map +1 -0
  177. package/dist/audit/report-templates/soc2-type-ii.js +187 -0
  178. package/dist/audit/report-templates/soc2-type-ii.js.map +1 -0
  179. package/dist/audit/reporting-exports.d.ts +20 -0
  180. package/dist/audit/reporting-exports.d.ts.map +1 -0
  181. package/dist/audit/reporting-exports.js +39 -0
  182. package/dist/audit/reporting-exports.js.map +1 -0
  183. package/dist/audit/webhook-delivery.d.ts +119 -0
  184. package/dist/audit/webhook-delivery.d.ts.map +1 -0
  185. package/dist/audit/webhook-delivery.js +381 -0
  186. package/dist/audit/webhook-delivery.js.map +1 -0
  187. package/dist/audit-bots/dora.d.ts +59 -0
  188. package/dist/audit-bots/dora.d.ts.map +1 -0
  189. package/dist/audit-bots/dora.js +417 -0
  190. package/dist/audit-bots/dora.js.map +1 -0
  191. package/dist/audit-bots/euaiact.d.ts +56 -0
  192. package/dist/audit-bots/euaiact.d.ts.map +1 -0
  193. package/dist/audit-bots/euaiact.js +372 -0
  194. package/dist/audit-bots/euaiact.js.map +1 -0
  195. package/dist/audit-bots/evidence.d.ts +60 -0
  196. package/dist/audit-bots/evidence.d.ts.map +1 -0
  197. package/dist/audit-bots/evidence.js +190 -0
  198. package/dist/audit-bots/evidence.js.map +1 -0
  199. package/dist/audit-bots/gdpr.d.ts +40 -0
  200. package/dist/audit-bots/gdpr.d.ts.map +1 -0
  201. package/dist/audit-bots/gdpr.js +271 -0
  202. package/dist/audit-bots/gdpr.js.map +1 -0
  203. package/dist/audit-bots/hipaa.d.ts +38 -0
  204. package/dist/audit-bots/hipaa.d.ts.map +1 -0
  205. package/dist/audit-bots/hipaa.js +236 -0
  206. package/dist/audit-bots/hipaa.js.map +1 -0
  207. package/dist/audit-bots/iso27001.d.ts +61 -0
  208. package/dist/audit-bots/iso27001.d.ts.map +1 -0
  209. package/dist/audit-bots/iso27001.js +448 -0
  210. package/dist/audit-bots/iso27001.js.map +1 -0
  211. package/dist/audit-bots/iso42001.d.ts +59 -0
  212. package/dist/audit-bots/iso42001.d.ts.map +1 -0
  213. package/dist/audit-bots/iso42001.js +450 -0
  214. package/dist/audit-bots/iso42001.js.map +1 -0
  215. package/dist/audit-bots/nist-ai-rmf.d.ts +62 -0
  216. package/dist/audit-bots/nist-ai-rmf.d.ts.map +1 -0
  217. package/dist/audit-bots/nist-ai-rmf.js +467 -0
  218. package/dist/audit-bots/nist-ai-rmf.js.map +1 -0
  219. package/dist/audit-bots/pcidss.d.ts +57 -0
  220. package/dist/audit-bots/pcidss.d.ts.map +1 -0
  221. package/dist/audit-bots/pcidss.js +399 -0
  222. package/dist/audit-bots/pcidss.js.map +1 -0
  223. package/dist/audit-bots/scheduler.d.ts +111 -0
  224. package/dist/audit-bots/scheduler.d.ts.map +1 -0
  225. package/dist/audit-bots/scheduler.js +175 -0
  226. package/dist/audit-bots/scheduler.js.map +1 -0
  227. package/dist/audit-bots/soc1.d.ts +67 -0
  228. package/dist/audit-bots/soc1.d.ts.map +1 -0
  229. package/dist/audit-bots/soc1.js +491 -0
  230. package/dist/audit-bots/soc1.js.map +1 -0
  231. package/dist/audit-bots/soc2.d.ts +41 -0
  232. package/dist/audit-bots/soc2.d.ts.map +1 -0
  233. package/dist/audit-bots/soc2.js +352 -0
  234. package/dist/audit-bots/soc2.js.map +1 -0
  235. package/dist/classification/pack-driven-classifier.d.ts +409 -0
  236. package/dist/classification/pack-driven-classifier.d.ts.map +1 -0
  237. package/dist/classification/pack-driven-classifier.js +565 -0
  238. package/dist/classification/pack-driven-classifier.js.map +1 -0
  239. package/dist/cli/agent-dir-scanner.d.ts +35 -0
  240. package/dist/cli/agent-dir-scanner.d.ts.map +1 -0
  241. package/dist/cli/agent-dir-scanner.js +269 -0
  242. package/dist/cli/agent-dir-scanner.js.map +1 -0
  243. package/dist/cli/agent-signatures.d.ts +28 -0
  244. package/dist/cli/agent-signatures.d.ts.map +1 -0
  245. package/dist/cli/agent-signatures.js +241 -0
  246. package/dist/cli/agent-signatures.js.map +1 -0
  247. package/dist/cli/audit-chain-append.d.ts +47 -0
  248. package/dist/cli/audit-chain-append.d.ts.map +1 -0
  249. package/dist/cli/audit-chain-append.js +277 -0
  250. package/dist/cli/audit-chain-append.js.map +1 -0
  251. package/dist/cli/discover.d.ts +24 -0
  252. package/dist/cli/discover.d.ts.map +1 -0
  253. package/dist/cli/discover.js +179 -0
  254. package/dist/cli/discover.js.map +1 -0
  255. package/dist/cli/discover.test.d.ts +12 -0
  256. package/dist/cli/discover.test.d.ts.map +1 -0
  257. package/dist/cli/discover.test.js +192 -0
  258. package/dist/cli/discover.test.js.map +1 -0
  259. package/dist/cli/index.d.ts +201 -0
  260. package/dist/cli/index.d.ts.map +1 -0
  261. package/dist/cli/index.js +2130 -0
  262. package/dist/cli/index.js.map +1 -0
  263. package/dist/cli/pack-enforcement-bridge.d.ts +39 -0
  264. package/dist/cli/pack-enforcement-bridge.d.ts.map +1 -0
  265. package/dist/cli/pack-enforcement-bridge.js +211 -0
  266. package/dist/cli/pack-enforcement-bridge.js.map +1 -0
  267. package/dist/cli/packs.d.ts +22 -0
  268. package/dist/cli/packs.d.ts.map +1 -0
  269. package/dist/cli/packs.js +299 -0
  270. package/dist/cli/packs.js.map +1 -0
  271. package/dist/cli/preflight-report.d.ts +51 -0
  272. package/dist/cli/preflight-report.d.ts.map +1 -0
  273. package/dist/cli/preflight-report.js +143 -0
  274. package/dist/cli/preflight-report.js.map +1 -0
  275. package/dist/cli/preflight.d.ts +57 -0
  276. package/dist/cli/preflight.d.ts.map +1 -0
  277. package/dist/cli/preflight.js +375 -0
  278. package/dist/cli/preflight.js.map +1 -0
  279. package/dist/cli/shim-templates/python-anthropic.template.py.txt +54 -0
  280. package/dist/cli/shim-templates/python-bedrock.template.py.txt +55 -0
  281. package/dist/cli/shim-templates/python-google.template.py.txt +55 -0
  282. package/dist/cli/shim-templates/python-huggingface.template.py.txt +142 -0
  283. package/dist/cli/shim-templates/python-langchain-anthropic.template.py.txt +61 -0
  284. package/dist/cli/shim-templates/python-langchain-openai.template.py.txt +66 -0
  285. package/dist/cli/shim-templates/python-ollama.template.py.txt +75 -0
  286. package/dist/cli/shim-templates/python-openai.template.py.txt +54 -0
  287. package/dist/cli/shim-templates/typescript-anthropic.template.ts.txt +25 -0
  288. package/dist/cli/shim-templates/typescript-google.template.ts.txt +25 -0
  289. package/dist/cli/shim-templates/typescript-openai.template.ts.txt +25 -0
  290. package/dist/cli/wrap-shim-generator.d.ts +65 -0
  291. package/dist/cli/wrap-shim-generator.d.ts.map +1 -0
  292. package/dist/cli/wrap-shim-generator.js +245 -0
  293. package/dist/cli/wrap-shim-generator.js.map +1 -0
  294. package/dist/dashboard/api.d.ts +157 -0
  295. package/dist/dashboard/api.d.ts.map +1 -0
  296. package/dist/dashboard/api.js +347 -0
  297. package/dist/dashboard/api.js.map +1 -0
  298. package/dist/dashboard/theme.d.ts +80 -0
  299. package/dist/dashboard/theme.d.ts.map +1 -0
  300. package/dist/dashboard/theme.js +172 -0
  301. package/dist/dashboard/theme.js.map +1 -0
  302. package/dist/errors/index.d.ts +46 -0
  303. package/dist/errors/index.d.ts.map +1 -0
  304. package/dist/errors/index.js +93 -0
  305. package/dist/errors/index.js.map +1 -0
  306. package/dist/esm/adapters/cursor.js +184 -0
  307. package/dist/esm/adapters/cursor.js.map +1 -0
  308. package/dist/esm/adapters/index.js +335 -0
  309. package/dist/esm/adapters/index.js.map +1 -0
  310. package/dist/esm/agents/compliance-agent-templates/dora.js +943 -0
  311. package/dist/esm/agents/compliance-agent-templates/dora.js.map +1 -0
  312. package/dist/esm/agents/compliance-agent-templates/eu-ai-act.js +717 -0
  313. package/dist/esm/agents/compliance-agent-templates/eu-ai-act.js.map +1 -0
  314. package/dist/esm/agents/compliance-agent-templates/gdpr.js +684 -0
  315. package/dist/esm/agents/compliance-agent-templates/gdpr.js.map +1 -0
  316. package/dist/esm/agents/compliance-agent-templates/hipaa.js +636 -0
  317. package/dist/esm/agents/compliance-agent-templates/hipaa.js.map +1 -0
  318. package/dist/esm/agents/compliance-agent-templates/iso27001.js +801 -0
  319. package/dist/esm/agents/compliance-agent-templates/iso27001.js.map +1 -0
  320. package/dist/esm/agents/compliance-agent-templates/iso42001.js +894 -0
  321. package/dist/esm/agents/compliance-agent-templates/iso42001.js.map +1 -0
  322. package/dist/esm/agents/compliance-agent-templates/nist-ai-rmf.js +815 -0
  323. package/dist/esm/agents/compliance-agent-templates/nist-ai-rmf.js.map +1 -0
  324. package/dist/esm/agents/compliance-agent-templates/pci-dss.js +654 -0
  325. package/dist/esm/agents/compliance-agent-templates/pci-dss.js.map +1 -0
  326. package/dist/esm/agents/compliance-agent-templates/soc2.js +639 -0
  327. package/dist/esm/agents/compliance-agent-templates/soc2.js.map +1 -0
  328. package/dist/esm/agents/compliance-agent-templates/types.js +33 -0
  329. package/dist/esm/agents/compliance-agent-templates/types.js.map +1 -0
  330. package/dist/esm/audit/audit-integrity.js +247 -0
  331. package/dist/esm/audit/audit-integrity.js.map +1 -0
  332. package/dist/esm/audit/chain-tamper-detector.js +217 -0
  333. package/dist/esm/audit/chain-tamper-detector.js.map +1 -0
  334. package/dist/esm/audit/compliance-reporter.js +434 -0
  335. package/dist/esm/audit/compliance-reporter.js.map +1 -0
  336. package/dist/esm/audit/destinations/custom-webhook.js +436 -0
  337. package/dist/esm/audit/destinations/custom-webhook.js.map +1 -0
  338. package/dist/esm/audit/destinations/datadog-logs.js +533 -0
  339. package/dist/esm/audit/destinations/datadog-logs.js.map +1 -0
  340. package/dist/esm/audit/destinations/sentinel.js +881 -0
  341. package/dist/esm/audit/destinations/sentinel.js.map +1 -0
  342. package/dist/esm/audit/destinations/sumo-logic.js +529 -0
  343. package/dist/esm/audit/destinations/sumo-logic.js.map +1 -0
  344. package/dist/esm/audit/event-bus.js +219 -0
  345. package/dist/esm/audit/event-bus.js.map +1 -0
  346. package/dist/esm/audit/narrative-generator.js +498 -0
  347. package/dist/esm/audit/narrative-generator.js.map +1 -0
  348. package/dist/esm/audit/narrative-types.js +108 -0
  349. package/dist/esm/audit/narrative-types.js.map +1 -0
  350. package/dist/esm/audit/provenance-signer.js +273 -0
  351. package/dist/esm/audit/provenance-signer.js.map +1 -0
  352. package/dist/esm/audit/redis-event-bus.js +272 -0
  353. package/dist/esm/audit/redis-event-bus.js.map +1 -0
  354. package/dist/esm/audit/report-templates/disclosure-accounting.js +191 -0
  355. package/dist/esm/audit/report-templates/disclosure-accounting.js.map +1 -0
  356. package/dist/esm/audit/report-templates/dora-ict-major-incident.js +224 -0
  357. package/dist/esm/audit/report-templates/dora-ict-major-incident.js.map +1 -0
  358. package/dist/esm/audit/report-templates/eu-ai-act-annex-iv.js +264 -0
  359. package/dist/esm/audit/report-templates/eu-ai-act-annex-iv.js.map +1 -0
  360. package/dist/esm/audit/report-templates/gdpr-data-subject-rights.js +232 -0
  361. package/dist/esm/audit/report-templates/gdpr-data-subject-rights.js.map +1 -0
  362. package/dist/esm/audit/report-templates/hipaa-breach-notification.js +194 -0
  363. package/dist/esm/audit/report-templates/hipaa-breach-notification.js.map +1 -0
  364. package/dist/esm/audit/report-templates/hipaa-security-incident.js +169 -0
  365. package/dist/esm/audit/report-templates/hipaa-security-incident.js.map +1 -0
  366. package/dist/esm/audit/report-templates/index.js +93 -0
  367. package/dist/esm/audit/report-templates/index.js.map +1 -0
  368. package/dist/esm/audit/report-templates/iso-42001-ams.js +259 -0
  369. package/dist/esm/audit/report-templates/iso-42001-ams.js.map +1 -0
  370. package/dist/esm/audit/report-templates/pci-dss-annual-attestation.js +208 -0
  371. package/dist/esm/audit/report-templates/pci-dss-annual-attestation.js.map +1 -0
  372. package/dist/esm/audit/report-templates/prompts/base.js +189 -0
  373. package/dist/esm/audit/report-templates/prompts/base.js.map +1 -0
  374. package/dist/esm/audit/report-templates/prompts/dora.js +118 -0
  375. package/dist/esm/audit/report-templates/prompts/dora.js.map +1 -0
  376. package/dist/esm/audit/report-templates/prompts/euaiact.js +123 -0
  377. package/dist/esm/audit/report-templates/prompts/euaiact.js.map +1 -0
  378. package/dist/esm/audit/report-templates/prompts/gdpr.js +123 -0
  379. package/dist/esm/audit/report-templates/prompts/gdpr.js.map +1 -0
  380. package/dist/esm/audit/report-templates/prompts/hipaa.js +95 -0
  381. package/dist/esm/audit/report-templates/prompts/hipaa.js.map +1 -0
  382. package/dist/esm/audit/report-templates/prompts/hitech.js +111 -0
  383. package/dist/esm/audit/report-templates/prompts/hitech.js.map +1 -0
  384. package/dist/esm/audit/report-templates/prompts/index.js +43 -0
  385. package/dist/esm/audit/report-templates/prompts/index.js.map +1 -0
  386. package/dist/esm/audit/report-templates/prompts/iso27001.js +107 -0
  387. package/dist/esm/audit/report-templates/prompts/iso27001.js.map +1 -0
  388. package/dist/esm/audit/report-templates/prompts/pcidss.js +108 -0
  389. package/dist/esm/audit/report-templates/prompts/pcidss.js.map +1 -0
  390. package/dist/esm/audit/report-templates/prompts/soc2.js +114 -0
  391. package/dist/esm/audit/report-templates/prompts/soc2.js.map +1 -0
  392. package/dist/esm/audit/report-templates/soc2-type-ii.js +184 -0
  393. package/dist/esm/audit/report-templates/soc2-type-ii.js.map +1 -0
  394. package/dist/esm/audit/reporting-exports.js +19 -0
  395. package/dist/esm/audit/reporting-exports.js.map +1 -0
  396. package/dist/esm/audit/webhook-delivery.js +344 -0
  397. package/dist/esm/audit/webhook-delivery.js.map +1 -0
  398. package/dist/esm/audit-bots/dora.js +379 -0
  399. package/dist/esm/audit-bots/dora.js.map +1 -0
  400. package/dist/esm/audit-bots/euaiact.js +334 -0
  401. package/dist/esm/audit-bots/euaiact.js.map +1 -0
  402. package/dist/esm/audit-bots/evidence.js +153 -0
  403. package/dist/esm/audit-bots/evidence.js.map +1 -0
  404. package/dist/esm/audit-bots/gdpr.js +234 -0
  405. package/dist/esm/audit-bots/gdpr.js.map +1 -0
  406. package/dist/esm/audit-bots/hipaa.js +199 -0
  407. package/dist/esm/audit-bots/hipaa.js.map +1 -0
  408. package/dist/esm/audit-bots/iso27001.js +410 -0
  409. package/dist/esm/audit-bots/iso27001.js.map +1 -0
  410. package/dist/esm/audit-bots/iso42001.js +412 -0
  411. package/dist/esm/audit-bots/iso42001.js.map +1 -0
  412. package/dist/esm/audit-bots/nist-ai-rmf.js +429 -0
  413. package/dist/esm/audit-bots/nist-ai-rmf.js.map +1 -0
  414. package/dist/esm/audit-bots/pcidss.js +361 -0
  415. package/dist/esm/audit-bots/pcidss.js.map +1 -0
  416. package/dist/esm/audit-bots/scheduler.js +137 -0
  417. package/dist/esm/audit-bots/scheduler.js.map +1 -0
  418. package/dist/esm/audit-bots/soc1.js +453 -0
  419. package/dist/esm/audit-bots/soc1.js.map +1 -0
  420. package/dist/esm/audit-bots/soc2.js +315 -0
  421. package/dist/esm/audit-bots/soc2.js.map +1 -0
  422. package/dist/esm/classification/pack-driven-classifier.js +525 -0
  423. package/dist/esm/classification/pack-driven-classifier.js.map +1 -0
  424. package/dist/esm/cli/agent-dir-scanner.js +233 -0
  425. package/dist/esm/cli/agent-dir-scanner.js.map +1 -0
  426. package/dist/esm/cli/agent-signatures.js +238 -0
  427. package/dist/esm/cli/agent-signatures.js.map +1 -0
  428. package/dist/esm/cli/audit-chain-append.js +242 -0
  429. package/dist/esm/cli/audit-chain-append.js.map +1 -0
  430. package/dist/esm/cli/discover.js +143 -0
  431. package/dist/esm/cli/discover.js.map +1 -0
  432. package/dist/esm/cli/discover.test.js +157 -0
  433. package/dist/esm/cli/discover.test.js.map +1 -0
  434. package/dist/esm/cli/index.js +2083 -0
  435. package/dist/esm/cli/index.js.map +1 -0
  436. package/dist/esm/cli/pack-enforcement-bridge.js +176 -0
  437. package/dist/esm/cli/pack-enforcement-bridge.js.map +1 -0
  438. package/dist/esm/cli/packs.js +263 -0
  439. package/dist/esm/cli/packs.js.map +1 -0
  440. package/dist/esm/cli/preflight-report.js +135 -0
  441. package/dist/esm/cli/preflight-report.js.map +1 -0
  442. package/dist/esm/cli/preflight.js +339 -0
  443. package/dist/esm/cli/preflight.js.map +1 -0
  444. package/dist/esm/cli/wrap-shim-generator.js +205 -0
  445. package/dist/esm/cli/wrap-shim-generator.js.map +1 -0
  446. package/dist/esm/dashboard/api.js +310 -0
  447. package/dist/esm/dashboard/api.js.map +1 -0
  448. package/dist/esm/dashboard/theme.js +135 -0
  449. package/dist/esm/dashboard/theme.js.map +1 -0
  450. package/dist/esm/errors/index.js +84 -0
  451. package/dist/esm/errors/index.js.map +1 -0
  452. package/dist/esm/governance/action-classes.js +171 -0
  453. package/dist/esm/governance/action-classes.js.map +1 -0
  454. package/dist/esm/governance/action-isolation.js +582 -0
  455. package/dist/esm/governance/action-isolation.js.map +1 -0
  456. package/dist/esm/governance/agent-discovery.js +213 -0
  457. package/dist/esm/governance/agent-discovery.js.map +1 -0
  458. package/dist/esm/governance/agent-discovery.test.js +144 -0
  459. package/dist/esm/governance/agent-discovery.test.js.map +1 -0
  460. package/dist/esm/governance/agent-trust-report.js +149 -0
  461. package/dist/esm/governance/agent-trust-report.js.map +1 -0
  462. package/dist/esm/governance/agent-trust-report.test.js +259 -0
  463. package/dist/esm/governance/agent-trust-report.test.js.map +1 -0
  464. package/dist/esm/governance/approval-channel-adapters.js +134 -0
  465. package/dist/esm/governance/approval-channel-adapters.js.map +1 -0
  466. package/dist/esm/governance/approval-channel-adapters.test.js +163 -0
  467. package/dist/esm/governance/approval-channel-adapters.test.js.map +1 -0
  468. package/dist/esm/governance/approval-gate-enforcer.js +405 -0
  469. package/dist/esm/governance/approval-gate-enforcer.js.map +1 -0
  470. package/dist/esm/governance/approval-notifications.js +139 -0
  471. package/dist/esm/governance/approval-notifications.js.map +1 -0
  472. package/dist/esm/governance/approval-notifications.test.js +192 -0
  473. package/dist/esm/governance/approval-notifications.test.js.map +1 -0
  474. package/dist/esm/governance/approval-queue-store.js +112 -0
  475. package/dist/esm/governance/approval-queue-store.js.map +1 -0
  476. package/dist/esm/governance/approval-queue.js +291 -0
  477. package/dist/esm/governance/approval-queue.js.map +1 -0
  478. package/dist/esm/governance/approval-service.js +92 -0
  479. package/dist/esm/governance/approval-service.js.map +1 -0
  480. package/dist/esm/governance/audit-chain-emitter.js +178 -0
  481. package/dist/esm/governance/audit-chain-emitter.js.map +1 -0
  482. package/dist/esm/governance/audit-chain-emitter.test.js +190 -0
  483. package/dist/esm/governance/audit-chain-emitter.test.js.map +1 -0
  484. package/dist/esm/governance/auto-pack-generator.js +67 -0
  485. package/dist/esm/governance/auto-pack-generator.js.map +1 -0
  486. package/dist/esm/governance/auto-pack-generator.test.js +95 -0
  487. package/dist/esm/governance/auto-pack-generator.test.js.map +1 -0
  488. package/dist/esm/governance/autonomy-spectrum.js +652 -0
  489. package/dist/esm/governance/autonomy-spectrum.js.map +1 -0
  490. package/dist/esm/governance/batch-mode-governance.js +603 -0
  491. package/dist/esm/governance/batch-mode-governance.js.map +1 -0
  492. package/dist/esm/governance/bias-monitor.js +273 -0
  493. package/dist/esm/governance/bias-monitor.js.map +1 -0
  494. package/dist/esm/governance/blast-radius-enforcer.js +539 -0
  495. package/dist/esm/governance/blast-radius-enforcer.js.map +1 -0
  496. package/dist/esm/governance/build-structure-score.js +61 -0
  497. package/dist/esm/governance/build-structure-score.js.map +1 -0
  498. package/dist/esm/governance/build-structure-score.test.js +116 -0
  499. package/dist/esm/governance/build-structure-score.test.js.map +1 -0
  500. package/dist/esm/governance/capability-bundle.js +241 -0
  501. package/dist/esm/governance/capability-bundle.js.map +1 -0
  502. package/dist/esm/governance/capability-change-detector.js +701 -0
  503. package/dist/esm/governance/capability-change-detector.js.map +1 -0
  504. package/dist/esm/governance/capability-classes.js +123 -0
  505. package/dist/esm/governance/capability-classes.js.map +1 -0
  506. package/dist/esm/governance/capability-classes.test.js +171 -0
  507. package/dist/esm/governance/capability-classes.test.js.map +1 -0
  508. package/dist/esm/governance/company-pack-builder.js +71 -0
  509. package/dist/esm/governance/company-pack-builder.js.map +1 -0
  510. package/dist/esm/governance/confidence-gate.js +246 -0
  511. package/dist/esm/governance/confidence-gate.js.map +1 -0
  512. package/dist/esm/governance/council.js +268 -0
  513. package/dist/esm/governance/council.js.map +1 -0
  514. package/dist/esm/governance/cross-session-pseudonymizer.js +598 -0
  515. package/dist/esm/governance/cross-session-pseudonymizer.js.map +1 -0
  516. package/dist/esm/governance/cycle-timeout.js +212 -0
  517. package/dist/esm/governance/cycle-timeout.js.map +1 -0
  518. package/dist/esm/governance/cycle-token-budget.js +177 -0
  519. package/dist/esm/governance/cycle-token-budget.js.map +1 -0
  520. package/dist/esm/governance/data-subject-rights.js +455 -0
  521. package/dist/esm/governance/data-subject-rights.js.map +1 -0
  522. package/dist/esm/governance/demo-workspace.js +210 -0
  523. package/dist/esm/governance/demo-workspace.js.map +1 -0
  524. package/dist/esm/governance/demo-workspace.test.js +80 -0
  525. package/dist/esm/governance/demo-workspace.test.js.map +1 -0
  526. package/dist/esm/governance/discovery-cli.js +95 -0
  527. package/dist/esm/governance/discovery-cli.js.map +1 -0
  528. package/dist/esm/governance/discovery-cli.test.js +191 -0
  529. package/dist/esm/governance/discovery-cli.test.js.map +1 -0
  530. package/dist/esm/governance/gateguard.js +265 -0
  531. package/dist/esm/governance/gateguard.js.map +1 -0
  532. package/dist/esm/governance/governance-runtime.js +376 -0
  533. package/dist/esm/governance/governance-runtime.js.map +1 -0
  534. package/dist/esm/governance/hook-install-snippet.js +208 -0
  535. package/dist/esm/governance/hook-install-snippet.js.map +1 -0
  536. package/dist/esm/governance/hook-install-snippet.test.js +95 -0
  537. package/dist/esm/governance/hook-install-snippet.test.js.map +1 -0
  538. package/dist/esm/governance/hook-profile.js +474 -0
  539. package/dist/esm/governance/hook-profile.js.map +1 -0
  540. package/dist/esm/governance/improvement-recommendations.js +165 -0
  541. package/dist/esm/governance/improvement-recommendations.js.map +1 -0
  542. package/dist/esm/governance/improvement-recommendations.test.js +178 -0
  543. package/dist/esm/governance/improvement-recommendations.test.js.map +1 -0
  544. package/dist/esm/governance/incident-notifier.js +488 -0
  545. package/dist/esm/governance/incident-notifier.js.map +1 -0
  546. package/dist/esm/governance/index.js +33 -0
  547. package/dist/esm/governance/index.js.map +1 -0
  548. package/dist/esm/governance/info-action-separation.js +143 -0
  549. package/dist/esm/governance/info-action-separation.js.map +1 -0
  550. package/dist/esm/governance/info-action-separation.test.js +155 -0
  551. package/dist/esm/governance/info-action-separation.test.js.map +1 -0
  552. package/dist/esm/governance/instinct-system.js +351 -0
  553. package/dist/esm/governance/instinct-system.js.map +1 -0
  554. package/dist/esm/governance/insurance-certificate.js +116 -0
  555. package/dist/esm/governance/insurance-certificate.js.map +1 -0
  556. package/dist/esm/governance/insurance-certificate.test.js +205 -0
  557. package/dist/esm/governance/insurance-certificate.test.js.map +1 -0
  558. package/dist/esm/governance/manifest-push-emitter.js +107 -0
  559. package/dist/esm/governance/manifest-push-emitter.js.map +1 -0
  560. package/dist/esm/governance/manifest-push-emitter.test.js +215 -0
  561. package/dist/esm/governance/manifest-push-emitter.test.js.map +1 -0
  562. package/dist/esm/governance/memory/cross-session-memory.js +283 -0
  563. package/dist/esm/governance/memory/cross-session-memory.js.map +1 -0
  564. package/dist/esm/governance/memory/index.js +14 -0
  565. package/dist/esm/governance/memory/index.js.map +1 -0
  566. package/dist/esm/governance/memory/memory-chain.js +183 -0
  567. package/dist/esm/governance/memory/memory-chain.js.map +1 -0
  568. package/dist/esm/governance/memory/retrieval-allowlist.js +172 -0
  569. package/dist/esm/governance/memory/retrieval-allowlist.js.map +1 -0
  570. package/dist/esm/governance/memory/session-memory.js +215 -0
  571. package/dist/esm/governance/memory/session-memory.js.map +1 -0
  572. package/dist/esm/governance/memory-audit-chain.js +361 -0
  573. package/dist/esm/governance/memory-audit-chain.js.map +1 -0
  574. package/dist/esm/governance/memory-integrity.js +267 -0
  575. package/dist/esm/governance/memory-integrity.js.map +1 -0
  576. package/dist/esm/governance/multi-store-deletion-worker.js +263 -0
  577. package/dist/esm/governance/multi-store-deletion-worker.js.map +1 -0
  578. package/dist/esm/governance/multi-tenant.js +273 -0
  579. package/dist/esm/governance/multi-tenant.js.map +1 -0
  580. package/dist/esm/governance/onboarding-tier-router.js +109 -0
  581. package/dist/esm/governance/onboarding-tier-router.js.map +1 -0
  582. package/dist/esm/governance/onboarding-tier-router.test.js +106 -0
  583. package/dist/esm/governance/onboarding-tier-router.test.js.map +1 -0
  584. package/dist/esm/governance/org-reputation.js +88 -0
  585. package/dist/esm/governance/org-reputation.js.map +1 -0
  586. package/dist/esm/governance/org-reputation.test.js +155 -0
  587. package/dist/esm/governance/org-reputation.test.js.map +1 -0
  588. package/dist/esm/governance/owasp-agentic-scanner.js +314 -0
  589. package/dist/esm/governance/owasp-agentic-scanner.js.map +1 -0
  590. package/dist/esm/governance/owasp-agentic-scanner.test.js +128 -0
  591. package/dist/esm/governance/owasp-agentic-scanner.test.js.map +1 -0
  592. package/dist/esm/governance/pack-diff.js +78 -0
  593. package/dist/esm/governance/pack-diff.js.map +1 -0
  594. package/dist/esm/governance/pack-diff.test.js +207 -0
  595. package/dist/esm/governance/pack-diff.test.js.map +1 -0
  596. package/dist/esm/governance/pack-evaluator-prewarm.js +102 -0
  597. package/dist/esm/governance/pack-evaluator-prewarm.js.map +1 -0
  598. package/dist/esm/governance/pack-evaluator.js +324 -0
  599. package/dist/esm/governance/pack-evaluator.js.map +1 -0
  600. package/dist/esm/governance/pack-evaluator.test.js +244 -0
  601. package/dist/esm/governance/pack-evaluator.test.js.map +1 -0
  602. package/dist/esm/governance/pack-inheritance.js +173 -0
  603. package/dist/esm/governance/pack-inheritance.js.map +1 -0
  604. package/dist/esm/governance/pack-inheritance.test.js +172 -0
  605. package/dist/esm/governance/pack-inheritance.test.js.map +1 -0
  606. package/dist/esm/governance/pack-publish-workflow.js +80 -0
  607. package/dist/esm/governance/pack-publish-workflow.js.map +1 -0
  608. package/dist/esm/governance/pack-publish-workflow.test.js +176 -0
  609. package/dist/esm/governance/pack-publish-workflow.test.js.map +1 -0
  610. package/dist/esm/governance/pack-rule-validator.js +139 -0
  611. package/dist/esm/governance/pack-rule-validator.js.map +1 -0
  612. package/dist/esm/governance/pack-rule-validator.test.js +118 -0
  613. package/dist/esm/governance/pack-rule-validator.test.js.map +1 -0
  614. package/dist/esm/governance/pack-versioning.js +188 -0
  615. package/dist/esm/governance/pack-versioning.js.map +1 -0
  616. package/dist/esm/governance/pack-versioning.test.js +137 -0
  617. package/dist/esm/governance/pack-versioning.test.js.map +1 -0
  618. package/dist/esm/governance/partner-manager.js +221 -0
  619. package/dist/esm/governance/partner-manager.js.map +1 -0
  620. package/dist/esm/governance/paste-your-agent.js +151 -0
  621. package/dist/esm/governance/paste-your-agent.js.map +1 -0
  622. package/dist/esm/governance/paste-your-agent.test.js +105 -0
  623. package/dist/esm/governance/paste-your-agent.test.js.map +1 -0
  624. package/dist/esm/governance/per-agent-daily-budget.js +658 -0
  625. package/dist/esm/governance/per-agent-daily-budget.js.map +1 -0
  626. package/dist/esm/governance/per-agent-override.test.js +239 -0
  627. package/dist/esm/governance/per-agent-override.test.js.map +1 -0
  628. package/dist/esm/governance/plugin-system.js +925 -0
  629. package/dist/esm/governance/plugin-system.js.map +1 -0
  630. package/dist/esm/governance/policy-tuning.js +322 -0
  631. package/dist/esm/governance/policy-tuning.js.map +1 -0
  632. package/dist/esm/governance/post-market-monitor.js +242 -0
  633. package/dist/esm/governance/post-market-monitor.js.map +1 -0
  634. package/dist/esm/governance/post-tool-audit-enrichment.js +466 -0
  635. package/dist/esm/governance/post-tool-audit-enrichment.js.map +1 -0
  636. package/dist/esm/governance/prohibited-practices.js +230 -0
  637. package/dist/esm/governance/prohibited-practices.js.map +1 -0
  638. package/dist/esm/governance/proxy-onboarding.js +302 -0
  639. package/dist/esm/governance/proxy-onboarding.js.map +1 -0
  640. package/dist/esm/governance/proxy-onboarding.test.js +100 -0
  641. package/dist/esm/governance/proxy-onboarding.test.js.map +1 -0
  642. package/dist/esm/governance/rag-citation-enforcement.js +527 -0
  643. package/dist/esm/governance/rag-citation-enforcement.js.map +1 -0
  644. package/dist/esm/governance/rag-confidence-threshold.js +409 -0
  645. package/dist/esm/governance/rag-confidence-threshold.js.map +1 -0
  646. package/dist/esm/governance/rag-retrieval-audit.js +478 -0
  647. package/dist/esm/governance/rag-retrieval-audit.js.map +1 -0
  648. package/dist/esm/governance/rag-source-allowlist.js +495 -0
  649. package/dist/esm/governance/rag-source-allowlist.js.map +1 -0
  650. package/dist/esm/governance/rag-source-output-chain.js +641 -0
  651. package/dist/esm/governance/rag-source-output-chain.js.map +1 -0
  652. package/dist/esm/governance/replay-player.js +85 -0
  653. package/dist/esm/governance/replay-player.js.map +1 -0
  654. package/dist/esm/governance/replay-player.test.js +157 -0
  655. package/dist/esm/governance/replay-player.test.js.map +1 -0
  656. package/dist/esm/governance/retention-manager.js +529 -0
  657. package/dist/esm/governance/retention-manager.js.map +1 -0
  658. package/dist/esm/governance/runtime-event-renderer.js +129 -0
  659. package/dist/esm/governance/runtime-event-renderer.js.map +1 -0
  660. package/dist/esm/governance/runtime-event-renderer.test.js +160 -0
  661. package/dist/esm/governance/runtime-event-renderer.test.js.map +1 -0
  662. package/dist/esm/governance/sandbox-replay.js +184 -0
  663. package/dist/esm/governance/sandbox-replay.js.map +1 -0
  664. package/dist/esm/governance/sandbox-replay.test.js +82 -0
  665. package/dist/esm/governance/sandbox-replay.test.js.map +1 -0
  666. package/dist/esm/governance/self-registration-hook.js +112 -0
  667. package/dist/esm/governance/self-registration-hook.js.map +1 -0
  668. package/dist/esm/governance/self-registration-hook.test.js +114 -0
  669. package/dist/esm/governance/self-registration-hook.test.js.map +1 -0
  670. package/dist/esm/governance/session-persistence.js +339 -0
  671. package/dist/esm/governance/session-persistence.js.map +1 -0
  672. package/dist/esm/governance/signed-manifest.js +119 -0
  673. package/dist/esm/governance/signed-manifest.js.map +1 -0
  674. package/dist/esm/governance/signed-manifest.test.js +114 -0
  675. package/dist/esm/governance/signed-manifest.test.js.map +1 -0
  676. package/dist/esm/governance/skip-api-empty-queue.js +458 -0
  677. package/dist/esm/governance/skip-api-empty-queue.js.map +1 -0
  678. package/dist/esm/governance/state-manager.js +249 -0
  679. package/dist/esm/governance/state-manager.js.map +1 -0
  680. package/dist/esm/governance/tenant-provider-agreements.js +398 -0
  681. package/dist/esm/governance/tenant-provider-agreements.js.map +1 -0
  682. package/dist/esm/governance/tool-provider-health.js +650 -0
  683. package/dist/esm/governance/tool-provider-health.js.map +1 -0
  684. package/dist/esm/governance/tool-rate-limit.js +140 -0
  685. package/dist/esm/governance/tool-rate-limit.js.map +1 -0
  686. package/dist/esm/governance/transparency-injector.js +158 -0
  687. package/dist/esm/governance/transparency-injector.js.map +1 -0
  688. package/dist/esm/governance/trust-score-snapshot.js +94 -0
  689. package/dist/esm/governance/trust-score-snapshot.js.map +1 -0
  690. package/dist/esm/governance/trust-score-snapshot.test.js +152 -0
  691. package/dist/esm/governance/trust-score-snapshot.test.js.map +1 -0
  692. package/dist/esm/governance/trust-score-three-dim.js +171 -0
  693. package/dist/esm/governance/trust-score-three-dim.js.map +1 -0
  694. package/dist/esm/governance/trust-score-three-dim.test.js +186 -0
  695. package/dist/esm/governance/trust-score-three-dim.test.js.map +1 -0
  696. package/dist/esm/governance-config.js +308 -0
  697. package/dist/esm/governance-config.js.map +1 -0
  698. package/dist/esm/governed-agent.js +1278 -0
  699. package/dist/esm/governed-agent.js.map +1 -0
  700. package/dist/esm/hooks/data-classifier-bridge.js +78 -0
  701. package/dist/esm/hooks/data-classifier-bridge.js.map +1 -0
  702. package/dist/esm/ide-adapters/aider.js +706 -0
  703. package/dist/esm/ide-adapters/aider.js.map +1 -0
  704. package/dist/esm/ide-adapters/amazon-q-developer.js +682 -0
  705. package/dist/esm/ide-adapters/amazon-q-developer.js.map +1 -0
  706. package/dist/esm/ide-adapters/base.js +229 -0
  707. package/dist/esm/ide-adapters/base.js.map +1 -0
  708. package/dist/esm/ide-adapters/claude-code.js +188 -0
  709. package/dist/esm/ide-adapters/claude-code.js.map +1 -0
  710. package/dist/esm/ide-adapters/cody.js +763 -0
  711. package/dist/esm/ide-adapters/cody.js.map +1 -0
  712. package/dist/esm/ide-adapters/continue-dev.js +355 -0
  713. package/dist/esm/ide-adapters/continue-dev.js.map +1 -0
  714. package/dist/esm/ide-adapters/copilot-studio.js +1093 -0
  715. package/dist/esm/ide-adapters/copilot-studio.js.map +1 -0
  716. package/dist/esm/ide-adapters/copilot-workspace.js +372 -0
  717. package/dist/esm/ide-adapters/copilot-workspace.js.map +1 -0
  718. package/dist/esm/ide-adapters/cursor.js +269 -0
  719. package/dist/esm/ide-adapters/cursor.js.map +1 -0
  720. package/dist/esm/ide-adapters/exports.js +52 -0
  721. package/dist/esm/ide-adapters/exports.js.map +1 -0
  722. package/dist/esm/ide-adapters/gemini-code-assist.js +746 -0
  723. package/dist/esm/ide-adapters/gemini-code-assist.js.map +1 -0
  724. package/dist/esm/ide-adapters/github-copilot.js +543 -0
  725. package/dist/esm/ide-adapters/github-copilot.js.map +1 -0
  726. package/dist/esm/ide-adapters/index.js +96 -0
  727. package/dist/esm/ide-adapters/index.js.map +1 -0
  728. package/dist/esm/ide-adapters/jetbrains-ai.js +714 -0
  729. package/dist/esm/ide-adapters/jetbrains-ai.js.map +1 -0
  730. package/dist/esm/ide-adapters/notebook-ai.js +854 -0
  731. package/dist/esm/ide-adapters/notebook-ai.js.map +1 -0
  732. package/dist/esm/ide-adapters/replit-agent.js +1018 -0
  733. package/dist/esm/ide-adapters/replit-agent.js.map +1 -0
  734. package/dist/esm/ide-adapters/reviewer-tier.js +15 -0
  735. package/dist/esm/ide-adapters/reviewer-tier.js.map +1 -0
  736. package/dist/esm/ide-adapters/shared.js +267 -0
  737. package/dist/esm/ide-adapters/shared.js.map +1 -0
  738. package/dist/esm/ide-adapters/tabnine.js +717 -0
  739. package/dist/esm/ide-adapters/tabnine.js.map +1 -0
  740. package/dist/esm/ide-adapters/windsurf.js +808 -0
  741. package/dist/esm/ide-adapters/windsurf.js.map +1 -0
  742. package/dist/esm/ide-adapters/zed-ai.js +618 -0
  743. package/dist/esm/ide-adapters/zed-ai.js.map +1 -0
  744. package/dist/esm/index.js +182 -0
  745. package/dist/esm/index.js.map +1 -0
  746. package/dist/esm/license/entitlement-client.js +264 -0
  747. package/dist/esm/license/entitlement-client.js.map +1 -0
  748. package/dist/esm/license/index.js +8 -0
  749. package/dist/esm/license/index.js.map +1 -0
  750. package/dist/esm/license/jwt-issuer.js +107 -0
  751. package/dist/esm/license/jwt-issuer.js.map +1 -0
  752. package/dist/esm/license/jwt-validator.js +460 -0
  753. package/dist/esm/license/jwt-validator.js.map +1 -0
  754. package/dist/esm/license/keygen.js +65 -0
  755. package/dist/esm/license/keygen.js.map +1 -0
  756. package/dist/esm/license/subscription-gate.js +251 -0
  757. package/dist/esm/license/subscription-gate.js.map +1 -0
  758. package/dist/esm/llm-adapters/azure-openai.js +665 -0
  759. package/dist/esm/llm-adapters/azure-openai.js.map +1 -0
  760. package/dist/esm/llm-adapters/base.js +258 -0
  761. package/dist/esm/llm-adapters/base.js.map +1 -0
  762. package/dist/esm/llm-adapters/bedrock.js +713 -0
  763. package/dist/esm/llm-adapters/bedrock.js.map +1 -0
  764. package/dist/esm/llm-adapters/claude.js +236 -0
  765. package/dist/esm/llm-adapters/claude.js.map +1 -0
  766. package/dist/esm/llm-adapters/deepseek.js +716 -0
  767. package/dist/esm/llm-adapters/deepseek.js.map +1 -0
  768. package/dist/esm/llm-adapters/exports.js +36 -0
  769. package/dist/esm/llm-adapters/exports.js.map +1 -0
  770. package/dist/esm/llm-adapters/gemini.js +197 -0
  771. package/dist/esm/llm-adapters/gemini.js.map +1 -0
  772. package/dist/esm/llm-adapters/gemma.js +260 -0
  773. package/dist/esm/llm-adapters/gemma.js.map +1 -0
  774. package/dist/esm/llm-adapters/google.js +1136 -0
  775. package/dist/esm/llm-adapters/google.js.map +1 -0
  776. package/dist/esm/llm-adapters/huggingface.js +618 -0
  777. package/dist/esm/llm-adapters/huggingface.js.map +1 -0
  778. package/dist/esm/llm-adapters/index.js +87 -0
  779. package/dist/esm/llm-adapters/index.js.map +1 -0
  780. package/dist/esm/llm-adapters/ollama.js +587 -0
  781. package/dist/esm/llm-adapters/ollama.js.map +1 -0
  782. package/dist/esm/llm-adapters/openai.js +359 -0
  783. package/dist/esm/llm-adapters/openai.js.map +1 -0
  784. package/dist/esm/llm-adapters/replicate-llama.js +596 -0
  785. package/dist/esm/llm-adapters/replicate-llama.js.map +1 -0
  786. package/dist/esm/llm-adapters/shared.js +330 -0
  787. package/dist/esm/llm-adapters/shared.js.map +1 -0
  788. package/dist/esm/llm-adapters/supported-models-catalog.js +741 -0
  789. package/dist/esm/llm-adapters/supported-models-catalog.js.map +1 -0
  790. package/dist/esm/observability/destination-health-monitor.js +239 -0
  791. package/dist/esm/observability/destination-health-monitor.js.map +1 -0
  792. package/dist/esm/observability/health-metrics-store.js +124 -0
  793. package/dist/esm/observability/health-metrics-store.js.map +1 -0
  794. package/dist/esm/orchestrator-adapters/autogen.js +484 -0
  795. package/dist/esm/orchestrator-adapters/autogen.js.map +1 -0
  796. package/dist/esm/orchestrator-adapters/base.js +366 -0
  797. package/dist/esm/orchestrator-adapters/base.js.map +1 -0
  798. package/dist/esm/orchestrator-adapters/bedrock-agentcore.js +812 -0
  799. package/dist/esm/orchestrator-adapters/bedrock-agentcore.js.map +1 -0
  800. package/dist/esm/orchestrator-adapters/claude-agent-sdk.js +701 -0
  801. package/dist/esm/orchestrator-adapters/claude-agent-sdk.js.map +1 -0
  802. package/dist/esm/orchestrator-adapters/crewai.js +470 -0
  803. package/dist/esm/orchestrator-adapters/crewai.js.map +1 -0
  804. package/dist/esm/orchestrator-adapters/deepagents.js +345 -0
  805. package/dist/esm/orchestrator-adapters/deepagents.js.map +1 -0
  806. package/dist/esm/orchestrator-adapters/exports.js +34 -0
  807. package/dist/esm/orchestrator-adapters/exports.js.map +1 -0
  808. package/dist/esm/orchestrator-adapters/google-adk.js +775 -0
  809. package/dist/esm/orchestrator-adapters/google-adk.js.map +1 -0
  810. package/dist/esm/orchestrator-adapters/haystack.js +811 -0
  811. package/dist/esm/orchestrator-adapters/haystack.js.map +1 -0
  812. package/dist/esm/orchestrator-adapters/index.js +106 -0
  813. package/dist/esm/orchestrator-adapters/index.js.map +1 -0
  814. package/dist/esm/orchestrator-adapters/langchain.js +457 -0
  815. package/dist/esm/orchestrator-adapters/langchain.js.map +1 -0
  816. package/dist/esm/orchestrator-adapters/langgraph.js +464 -0
  817. package/dist/esm/orchestrator-adapters/langgraph.js.map +1 -0
  818. package/dist/esm/orchestrator-adapters/llamaindex.js +819 -0
  819. package/dist/esm/orchestrator-adapters/llamaindex.js.map +1 -0
  820. package/dist/esm/orchestrator-adapters/openai-agents.js +494 -0
  821. package/dist/esm/orchestrator-adapters/openai-agents.js.map +1 -0
  822. package/dist/esm/orchestrator-adapters/openclaw.js +866 -0
  823. package/dist/esm/orchestrator-adapters/openclaw.js.map +1 -0
  824. package/dist/esm/orchestrator-adapters/orchestrator-adapter.js +30 -0
  825. package/dist/esm/orchestrator-adapters/orchestrator-adapter.js.map +1 -0
  826. package/dist/esm/orchestrator-adapters/paperclip-adapter.js +366 -0
  827. package/dist/esm/orchestrator-adapters/paperclip-adapter.js.map +1 -0
  828. package/dist/esm/orchestrator-adapters/semantic-kernel.js +487 -0
  829. package/dist/esm/orchestrator-adapters/semantic-kernel.js.map +1 -0
  830. package/dist/esm/orchestrator-adapters/shared.js +121 -0
  831. package/dist/esm/orchestrator-adapters/shared.js.map +1 -0
  832. package/dist/esm/package.json +3 -0
  833. package/dist/esm/packs/_base-classifiers.js +160 -0
  834. package/dist/esm/packs/_base-classifiers.js.map +1 -0
  835. package/dist/esm/packs/aba.js +297 -0
  836. package/dist/esm/packs/aba.js.map +1 -0
  837. package/dist/esm/packs/as-9100.js +814 -0
  838. package/dist/esm/packs/as-9100.js.map +1 -0
  839. package/dist/esm/packs/au-act-hrpaa.js +290 -0
  840. package/dist/esm/packs/au-act-hrpaa.js.map +1 -0
  841. package/dist/esm/packs/au-aiethics-framework.js +341 -0
  842. package/dist/esm/packs/au-aiethics-framework.js.map +1 -0
  843. package/dist/esm/packs/au-aml-ctf.js +346 -0
  844. package/dist/esm/packs/au-aml-ctf.js.map +1 -0
  845. package/dist/esm/packs/au-asic-rg-271.js +268 -0
  846. package/dist/esm/packs/au-asic-rg-271.js.map +1 -0
  847. package/dist/esm/packs/au-asic-rg-274.js +268 -0
  848. package/dist/esm/packs/au-asic-rg-274.js.map +1 -0
  849. package/dist/esm/packs/au-cdr.js +305 -0
  850. package/dist/esm/packs/au-cdr.js.map +1 -0
  851. package/dist/esm/packs/au-cps230.js +264 -0
  852. package/dist/esm/packs/au-cps230.js.map +1 -0
  853. package/dist/esm/packs/au-cps234.js +297 -0
  854. package/dist/esm/packs/au-cps234.js.map +1 -0
  855. package/dist/esm/packs/au-mandatory-ai-guardrails.js +271 -0
  856. package/dist/esm/packs/au-mandatory-ai-guardrails.js.map +1 -0
  857. package/dist/esm/packs/au-nsw-hripa.js +363 -0
  858. package/dist/esm/packs/au-nsw-hripa.js.map +1 -0
  859. package/dist/esm/packs/au-online-safety.js +297 -0
  860. package/dist/esm/packs/au-online-safety.js.map +1 -0
  861. package/dist/esm/packs/au-privacy-act.js +361 -0
  862. package/dist/esm/packs/au-privacy-act.js.map +1 -0
  863. package/dist/esm/packs/au-soci-act.js +251 -0
  864. package/dist/esm/packs/au-soci-act.js.map +1 -0
  865. package/dist/esm/packs/au-spam-act.js +284 -0
  866. package/dist/esm/packs/au-spam-act.js.map +1 -0
  867. package/dist/esm/packs/au-tga-saimd.js +341 -0
  868. package/dist/esm/packs/au-tga-saimd.js.map +1 -0
  869. package/dist/esm/packs/au-vic-hra.js +345 -0
  870. package/dist/esm/packs/au-vic-hra.js.map +1 -0
  871. package/dist/esm/packs/bipa.js +268 -0
  872. package/dist/esm/packs/bipa.js.map +1 -0
  873. package/dist/esm/packs/bsa-aml.js +410 -0
  874. package/dist/esm/packs/bsa-aml.js.map +1 -0
  875. package/dist/esm/packs/ca-pipeda.js +217 -0
  876. package/dist/esm/packs/ca-pipeda.js.map +1 -0
  877. package/dist/esm/packs/ca-qc-law25.js +188 -0
  878. package/dist/esm/packs/ca-qc-law25.js.map +1 -0
  879. package/dist/esm/packs/caldicott-principles.js +441 -0
  880. package/dist/esm/packs/caldicott-principles.js.map +1 -0
  881. package/dist/esm/packs/california-ab2930.js +410 -0
  882. package/dist/esm/packs/california-ab2930.js.map +1 -0
  883. package/dist/esm/packs/ccpa.js +396 -0
  884. package/dist/esm/packs/ccpa.js.map +1 -0
  885. package/dist/esm/packs/cfpb-2023-03.js +282 -0
  886. package/dist/esm/packs/cfpb-2023-03.js.map +1 -0
  887. package/dist/esm/packs/check-registry.js +3337 -0
  888. package/dist/esm/packs/check-registry.js.map +1 -0
  889. package/dist/esm/packs/cjis.js +342 -0
  890. package/dist/esm/packs/cjis.js.map +1 -0
  891. package/dist/esm/packs/cma-ai-foundation-models.js +394 -0
  892. package/dist/esm/packs/cma-ai-foundation-models.js.map +1 -0
  893. package/dist/esm/packs/cmmc2.js +347 -0
  894. package/dist/esm/packs/cmmc2.js.map +1 -0
  895. package/dist/esm/packs/cms-interoperability.js +387 -0
  896. package/dist/esm/packs/cms-interoperability.js.map +1 -0
  897. package/dist/esm/packs/cn-dsl-csl.js +134 -0
  898. package/dist/esm/packs/cn-dsl-csl.js.map +1 -0
  899. package/dist/esm/packs/colorado-ai.js +376 -0
  900. package/dist/esm/packs/colorado-ai.js.map +1 -0
  901. package/dist/esm/packs/common-rule.js +470 -0
  902. package/dist/esm/packs/common-rule.js.map +1 -0
  903. package/dist/esm/packs/coppa.js +406 -0
  904. package/dist/esm/packs/coppa.js.map +1 -0
  905. package/dist/esm/packs/cyber-essentials.js +404 -0
  906. package/dist/esm/packs/cyber-essentials.js.map +1 -0
  907. package/dist/esm/packs/de-bdsg.js +413 -0
  908. package/dist/esm/packs/de-bdsg.js.map +1 -0
  909. package/dist/esm/packs/do-178c.js +723 -0
  910. package/dist/esm/packs/do-178c.js.map +1 -0
  911. package/dist/esm/packs/dora.js +358 -0
  912. package/dist/esm/packs/dora.js.map +1 -0
  913. package/dist/esm/packs/ecoa.js +386 -0
  914. package/dist/esm/packs/ecoa.js.map +1 -0
  915. package/dist/esm/packs/eu-ai-liability.js +300 -0
  916. package/dist/esm/packs/eu-ai-liability.js.map +1 -0
  917. package/dist/esm/packs/eu-cra.js +140 -0
  918. package/dist/esm/packs/eu-cra.js.map +1 -0
  919. package/dist/esm/packs/eu-data-act.js +138 -0
  920. package/dist/esm/packs/eu-data-act.js.map +1 -0
  921. package/dist/esm/packs/eu-dma.js +185 -0
  922. package/dist/esm/packs/eu-dma.js.map +1 -0
  923. package/dist/esm/packs/eu-dsa.js +176 -0
  924. package/dist/esm/packs/eu-dsa.js.map +1 -0
  925. package/dist/esm/packs/eu-lpp.js +342 -0
  926. package/dist/esm/packs/eu-lpp.js.map +1 -0
  927. package/dist/esm/packs/eu-mdr-ivdr.js +417 -0
  928. package/dist/esm/packs/eu-mdr-ivdr.js.map +1 -0
  929. package/dist/esm/packs/euaiact.js +341 -0
  930. package/dist/esm/packs/euaiact.js.map +1 -0
  931. package/dist/esm/packs/fca-consumer-duty.js +409 -0
  932. package/dist/esm/packs/fca-consumer-duty.js.map +1 -0
  933. package/dist/esm/packs/fca-op-resilience.js +350 -0
  934. package/dist/esm/packs/fca-op-resilience.js.map +1 -0
  935. package/dist/esm/packs/fcra.js +441 -0
  936. package/dist/esm/packs/fcra.js.map +1 -0
  937. package/dist/esm/packs/fda-21-cfr-820.js +606 -0
  938. package/dist/esm/packs/fda-21-cfr-820.js.map +1 -0
  939. package/dist/esm/packs/fda-samd-precert.js +863 -0
  940. package/dist/esm/packs/fda-samd-precert.js.map +1 -0
  941. package/dist/esm/packs/fda-samd.js +314 -0
  942. package/dist/esm/packs/fda-samd.js.map +1 -0
  943. package/dist/esm/packs/fedramp.js +318 -0
  944. package/dist/esm/packs/fedramp.js.map +1 -0
  945. package/dist/esm/packs/ferpa.js +309 -0
  946. package/dist/esm/packs/ferpa.js.map +1 -0
  947. package/dist/esm/packs/finra-3110.js +351 -0
  948. package/dist/esm/packs/finra-3110.js.map +1 -0
  949. package/dist/esm/packs/florida-student-privacy.js +448 -0
  950. package/dist/esm/packs/florida-student-privacy.js.map +1 -0
  951. package/dist/esm/packs/foia.js +394 -0
  952. package/dist/esm/packs/foia.js.map +1 -0
  953. package/dist/esm/packs/frcp26.js +294 -0
  954. package/dist/esm/packs/frcp26.js.map +1 -0
  955. package/dist/esm/packs/ftc5.js +290 -0
  956. package/dist/esm/packs/ftc5.js.map +1 -0
  957. package/dist/esm/packs/gdpr.js +487 -0
  958. package/dist/esm/packs/gdpr.js.map +1 -0
  959. package/dist/esm/packs/glba.js +421 -0
  960. package/dist/esm/packs/glba.js.map +1 -0
  961. package/dist/esm/packs/gxp.js +350 -0
  962. package/dist/esm/packs/gxp.js.map +1 -0
  963. package/dist/esm/packs/hipaa.js +381 -0
  964. package/dist/esm/packs/hipaa.js.map +1 -0
  965. package/dist/esm/packs/hitech.js +289 -0
  966. package/dist/esm/packs/hitech.js.map +1 -0
  967. package/dist/esm/packs/hitrust-csf.js +119 -0
  968. package/dist/esm/packs/hitrust-csf.js.map +1 -0
  969. package/dist/esm/packs/hk-pdpo.js +122 -0
  970. package/dist/esm/packs/hk-pdpo.js.map +1 -0
  971. package/dist/esm/packs/hmda.js +379 -0
  972. package/dist/esm/packs/hmda.js.map +1 -0
  973. package/dist/esm/packs/iec-62304.js +585 -0
  974. package/dist/esm/packs/iec-62304.js.map +1 -0
  975. package/dist/esm/packs/iec-62443.js +686 -0
  976. package/dist/esm/packs/iec-62443.js.map +1 -0
  977. package/dist/esm/packs/illinois-aivia.js +348 -0
  978. package/dist/esm/packs/illinois-aivia.js.map +1 -0
  979. package/dist/esm/packs/in-dpdp.js +429 -0
  980. package/dist/esm/packs/in-dpdp.js.map +1 -0
  981. package/dist/esm/packs/index.js +664 -0
  982. package/dist/esm/packs/index.js.map +1 -0
  983. package/dist/esm/packs/iso-15189.js +944 -0
  984. package/dist/esm/packs/iso-15189.js.map +1 -0
  985. package/dist/esm/packs/iso-23894.js +442 -0
  986. package/dist/esm/packs/iso-23894.js.map +1 -0
  987. package/dist/esm/packs/iso-26262.js +734 -0
  988. package/dist/esm/packs/iso-26262.js.map +1 -0
  989. package/dist/esm/packs/iso-iec-80001.js +993 -0
  990. package/dist/esm/packs/iso-iec-80001.js.map +1 -0
  991. package/dist/esm/packs/iso20022.js +344 -0
  992. package/dist/esm/packs/iso20022.js.map +1 -0
  993. package/dist/esm/packs/iso27001.js +388 -0
  994. package/dist/esm/packs/iso27001.js.map +1 -0
  995. package/dist/esm/packs/iso27701.js +390 -0
  996. package/dist/esm/packs/iso27701.js.map +1 -0
  997. package/dist/esm/packs/iso42001.js +288 -0
  998. package/dist/esm/packs/iso42001.js.map +1 -0
  999. package/dist/esm/packs/jp-appi.js +438 -0
  1000. package/dist/esm/packs/jp-appi.js.map +1 -0
  1001. package/dist/esm/packs/kr-pipa.js +442 -0
  1002. package/dist/esm/packs/kr-pipa.js.map +1 -0
  1003. package/dist/esm/packs/lgpd.js +350 -0
  1004. package/dist/esm/packs/lgpd.js.map +1 -0
  1005. package/dist/esm/packs/lpo2024.js +307 -0
  1006. package/dist/esm/packs/lpo2024.js.map +1 -0
  1007. package/dist/esm/packs/maryland-hb1202.js +338 -0
  1008. package/dist/esm/packs/maryland-hb1202.js.map +1 -0
  1009. package/dist/esm/packs/mhra-samd-ukca.js +473 -0
  1010. package/dist/esm/packs/mhra-samd-ukca.js.map +1 -0
  1011. package/dist/esm/packs/mifid2.js +381 -0
  1012. package/dist/esm/packs/mifid2.js.map +1 -0
  1013. package/dist/esm/packs/migration-manifest.js +55 -0
  1014. package/dist/esm/packs/migration-manifest.js.map +1 -0
  1015. package/dist/esm/packs/naic-mdl.js +315 -0
  1016. package/dist/esm/packs/naic-mdl.js.map +1 -0
  1017. package/dist/esm/packs/ncsc-ai-security.js +626 -0
  1018. package/dist/esm/packs/ncsc-ai-security.js.map +1 -0
  1019. package/dist/esm/packs/ncsc-caf.js +381 -0
  1020. package/dist/esm/packs/ncsc-caf.js.map +1 -0
  1021. package/dist/esm/packs/nhs-dcb0129-dcb0160.js +470 -0
  1022. package/dist/esm/packs/nhs-dcb0129-dcb0160.js.map +1 -0
  1023. package/dist/esm/packs/nhs-dspt.js +434 -0
  1024. package/dist/esm/packs/nhs-dspt.js.map +1 -0
  1025. package/dist/esm/packs/nhs-dtac.js +399 -0
  1026. package/dist/esm/packs/nhs-dtac.js.map +1 -0
  1027. package/dist/esm/packs/nhs-psirf.js +414 -0
  1028. package/dist/esm/packs/nhs-psirf.js.map +1 -0
  1029. package/dist/esm/packs/ni-equality.js +436 -0
  1030. package/dist/esm/packs/ni-equality.js.map +1 -0
  1031. package/dist/esm/packs/ni-hscni.js +415 -0
  1032. package/dist/esm/packs/ni-hscni.js.map +1 -0
  1033. package/dist/esm/packs/ni-mental-capacity.js +130 -0
  1034. package/dist/esm/packs/ni-mental-capacity.js.map +1 -0
  1035. package/dist/esm/packs/nice-esf-dht.js +404 -0
  1036. package/dist/esm/packs/nice-esf-dht.js.map +1 -0
  1037. package/dist/esm/packs/nis2.js +422 -0
  1038. package/dist/esm/packs/nis2.js.map +1 -0
  1039. package/dist/esm/packs/nist-800-53.js +126 -0
  1040. package/dist/esm/packs/nist-800-53.js.map +1 -0
  1041. package/dist/esm/packs/nist-ai-rmf.js +367 -0
  1042. package/dist/esm/packs/nist-ai-rmf.js.map +1 -0
  1043. package/dist/esm/packs/nist-csf.js +131 -0
  1044. package/dist/esm/packs/nist-csf.js.map +1 -0
  1045. package/dist/esm/packs/nist-sp-800-82.js +721 -0
  1046. package/dist/esm/packs/nist-sp-800-82.js.map +1 -0
  1047. package/dist/esm/packs/nyc-ll-144.js +288 -0
  1048. package/dist/esm/packs/nyc-ll-144.js.map +1 -0
  1049. package/dist/esm/packs/nydfs500.js +285 -0
  1050. package/dist/esm/packs/nydfs500.js.map +1 -0
  1051. package/dist/esm/packs/nz-privacy.js +465 -0
  1052. package/dist/esm/packs/nz-privacy.js.map +1 -0
  1053. package/dist/esm/packs/part11.js +329 -0
  1054. package/dist/esm/packs/part11.js.map +1 -0
  1055. package/dist/esm/packs/part2.js +355 -0
  1056. package/dist/esm/packs/part2.js.map +1 -0
  1057. package/dist/esm/packs/pcidss.js +466 -0
  1058. package/dist/esm/packs/pcidss.js.map +1 -0
  1059. package/dist/esm/packs/pipl.js +205 -0
  1060. package/dist/esm/packs/pipl.js.map +1 -0
  1061. package/dist/esm/packs/reg-e.js +359 -0
  1062. package/dist/esm/packs/reg-e.js.map +1 -0
  1063. package/dist/esm/packs/registry-expanded.js +2347 -0
  1064. package/dist/esm/packs/registry-expanded.js.map +1 -0
  1065. package/dist/esm/packs/scotland-awi.js +405 -0
  1066. package/dist/esm/packs/scotland-awi.js.map +1 -0
  1067. package/dist/esm/packs/scotland-procurement-reform.js +122 -0
  1068. package/dist/esm/packs/scotland-procurement-reform.js.map +1 -0
  1069. package/dist/esm/packs/scotland-psed.js +369 -0
  1070. package/dist/esm/packs/scotland-psed.js.map +1 -0
  1071. package/dist/esm/packs/sg-model-ai-gov.js +393 -0
  1072. package/dist/esm/packs/sg-model-ai-gov.js.map +1 -0
  1073. package/dist/esm/packs/soc1.js +305 -0
  1074. package/dist/esm/packs/soc1.js.map +1 -0
  1075. package/dist/esm/packs/soc2.js +337 -0
  1076. package/dist/esm/packs/soc2.js.map +1 -0
  1077. package/dist/esm/packs/sox404.js +295 -0
  1078. package/dist/esm/packs/sox404.js.map +1 -0
  1079. package/dist/esm/packs/sr117.js +342 -0
  1080. package/dist/esm/packs/sr117.js.map +1 -0
  1081. package/dist/esm/packs/stateramp.js +324 -0
  1082. package/dist/esm/packs/stateramp.js.map +1 -0
  1083. package/dist/esm/packs/tennessee-elvis.js +417 -0
  1084. package/dist/esm/packs/tennessee-elvis.js.map +1 -0
  1085. package/dist/esm/packs/texas-hb4.js +393 -0
  1086. package/dist/esm/packs/texas-hb4.js.map +1 -0
  1087. package/dist/esm/packs/th-pdpa.js +125 -0
  1088. package/dist/esm/packs/th-pdpa.js.map +1 -0
  1089. package/dist/esm/packs/title-ix.js +444 -0
  1090. package/dist/esm/packs/title-ix.js.map +1 -0
  1091. package/dist/esm/packs/uk-ai-framework.js +352 -0
  1092. package/dist/esm/packs/uk-ai-framework.js.map +1 -0
  1093. package/dist/esm/packs/uk-cma-1990.js +403 -0
  1094. package/dist/esm/packs/uk-cma-1990.js.map +1 -0
  1095. package/dist/esm/packs/uk-equality-act-ai-bias.js +681 -0
  1096. package/dist/esm/packs/uk-equality-act-ai-bias.js.map +1 -0
  1097. package/dist/esm/packs/uk-equality-act.js +406 -0
  1098. package/dist/esm/packs/uk-equality-act.js.map +1 -0
  1099. package/dist/esm/packs/uk-future-ai-legislation.js +209 -0
  1100. package/dist/esm/packs/uk-future-ai-legislation.js.map +1 -0
  1101. package/dist/esm/packs/uk-gdpr.js +374 -0
  1102. package/dist/esm/packs/uk-gdpr.js.map +1 -0
  1103. package/dist/esm/packs/uk-ico-open-case.js +396 -0
  1104. package/dist/esm/packs/uk-ico-open-case.js.map +1 -0
  1105. package/dist/esm/packs/uk-nis-regs.js +363 -0
  1106. package/dist/esm/packs/uk-nis-regs.js.map +1 -0
  1107. package/dist/esm/packs/uk-online-safety-act.js +410 -0
  1108. package/dist/esm/packs/uk-online-safety-act.js.map +1 -0
  1109. package/dist/esm/packs/uk-procurement-act.js +431 -0
  1110. package/dist/esm/packs/uk-procurement-act.js.map +1 -0
  1111. package/dist/esm/packs/us-fda-21cfr56.js +364 -0
  1112. package/dist/esm/packs/us-fda-21cfr56.js.map +1 -0
  1113. package/dist/esm/packs/us-nih-coc.js +203 -0
  1114. package/dist/esm/packs/us-nih-coc.js.map +1 -0
  1115. package/dist/esm/packs/us-nih-dms.js +241 -0
  1116. package/dist/esm/packs/us-nih-dms.js.map +1 -0
  1117. package/dist/esm/packs/us-nih-gds.js +355 -0
  1118. package/dist/esm/packs/us-nih-gds.js.map +1 -0
  1119. package/dist/esm/packs/us-nih-it-security.js +203 -0
  1120. package/dist/esm/packs/us-nih-it-security.js.map +1 -0
  1121. package/dist/esm/packs/us-respa.js +361 -0
  1122. package/dist/esm/packs/us-respa.js.map +1 -0
  1123. package/dist/esm/packs/us-tila.js +350 -0
  1124. package/dist/esm/packs/us-tila.js.map +1 -0
  1125. package/dist/esm/packs/us-trid.js +342 -0
  1126. package/dist/esm/packs/us-trid.js.map +1 -0
  1127. package/dist/esm/packs/utah-ai-policy.js +337 -0
  1128. package/dist/esm/packs/utah-ai-policy.js.map +1 -0
  1129. package/dist/esm/packs/vn-pdpd.js +122 -0
  1130. package/dist/esm/packs/vn-pdpd.js.map +1 -0
  1131. package/dist/esm/packs/wales-future-generations.js +393 -0
  1132. package/dist/esm/packs/wales-future-generations.js.map +1 -0
  1133. package/dist/esm/reporting/governance-reporter.js +405 -0
  1134. package/dist/esm/reporting/governance-reporter.js.map +1 -0
  1135. package/dist/esm/retention/backup-retention-adapter.js +66 -0
  1136. package/dist/esm/retention/backup-retention-adapter.js.map +1 -0
  1137. package/dist/esm/retention/classification-rules.js +182 -0
  1138. package/dist/esm/retention/classification-rules.js.map +1 -0
  1139. package/dist/esm/retention/classifier.js +243 -0
  1140. package/dist/esm/retention/classifier.js.map +1 -0
  1141. package/dist/esm/retention/data-class.js +44 -0
  1142. package/dist/esm/retention/data-class.js.map +1 -0
  1143. package/dist/esm/retention/enforcement-log-store.js +145 -0
  1144. package/dist/esm/retention/enforcement-log-store.js.map +1 -0
  1145. package/dist/esm/retention/index.js +31 -0
  1146. package/dist/esm/retention/index.js.map +1 -0
  1147. package/dist/esm/retention/ingest-classifier.js +123 -0
  1148. package/dist/esm/retention/ingest-classifier.js.map +1 -0
  1149. package/dist/esm/retention/legal-hold-errors.js +92 -0
  1150. package/dist/esm/retention/legal-hold-errors.js.map +1 -0
  1151. package/dist/esm/retention/legal-hold-store.js +394 -0
  1152. package/dist/esm/retention/legal-hold-store.js.map +1 -0
  1153. package/dist/esm/retention/legal-hold.js +17 -0
  1154. package/dist/esm/retention/legal-hold.js.map +1 -0
  1155. package/dist/esm/retention/log-aggregators/datadog.js +153 -0
  1156. package/dist/esm/retention/log-aggregators/datadog.js.map +1 -0
  1157. package/dist/esm/retention/log-aggregators/index.js +10 -0
  1158. package/dist/esm/retention/log-aggregators/index.js.map +1 -0
  1159. package/dist/esm/retention/log-aggregators/log-aggregator.js +20 -0
  1160. package/dist/esm/retention/log-aggregators/log-aggregator.js.map +1 -0
  1161. package/dist/esm/retention/log-aggregators/noop.js +26 -0
  1162. package/dist/esm/retention/log-aggregators/noop.js.map +1 -0
  1163. package/dist/esm/retention/log-aggregators/sentinel.js +216 -0
  1164. package/dist/esm/retention/log-aggregators/sentinel.js.map +1 -0
  1165. package/dist/esm/retention/log-aggregators/splunk.js +147 -0
  1166. package/dist/esm/retention/log-aggregators/splunk.js.map +1 -0
  1167. package/dist/esm/retention/policy-matrix-errors.js +127 -0
  1168. package/dist/esm/retention/policy-matrix-errors.js.map +1 -0
  1169. package/dist/esm/retention/policy-matrix.js +580 -0
  1170. package/dist/esm/retention/policy-matrix.js.map +1 -0
  1171. package/dist/esm/scanner/gap-report.js +333 -0
  1172. package/dist/esm/scanner/gap-report.js.map +1 -0
  1173. package/dist/esm/scanner/index.js +414 -0
  1174. package/dist/esm/scanner/index.js.map +1 -0
  1175. package/dist/esm/scanner/manifest-integrity.js +151 -0
  1176. package/dist/esm/scanner/manifest-integrity.js.map +1 -0
  1177. package/dist/esm/scanner/remediation.js +255 -0
  1178. package/dist/esm/scanner/remediation.js.map +1 -0
  1179. package/dist/esm/security/access-review.js +235 -0
  1180. package/dist/esm/security/access-review.js.map +1 -0
  1181. package/dist/esm/security/agent-auth.js +253 -0
  1182. package/dist/esm/security/agent-auth.js.map +1 -0
  1183. package/dist/esm/security/anomaly-auto-suspend.js +345 -0
  1184. package/dist/esm/security/anomaly-auto-suspend.js.map +1 -0
  1185. package/dist/esm/security/anomaly-correlator.js +279 -0
  1186. package/dist/esm/security/anomaly-correlator.js.map +1 -0
  1187. package/dist/esm/security/anomaly-detector.js +261 -0
  1188. package/dist/esm/security/anomaly-detector.js.map +1 -0
  1189. package/dist/esm/security/anomaly-self-reflection.js +292 -0
  1190. package/dist/esm/security/anomaly-self-reflection.js.map +1 -0
  1191. package/dist/esm/security/built-in-llm-providers.js +80 -0
  1192. package/dist/esm/security/built-in-llm-providers.js.map +1 -0
  1193. package/dist/esm/security/circuit-breaker.js +146 -0
  1194. package/dist/esm/security/circuit-breaker.js.map +1 -0
  1195. package/dist/esm/security/data-classifier.js +446 -0
  1196. package/dist/esm/security/data-classifier.js.map +1 -0
  1197. package/dist/esm/security/encrypted-storage.js +220 -0
  1198. package/dist/esm/security/encrypted-storage.js.map +1 -0
  1199. package/dist/esm/security/encryption-layer.js +337 -0
  1200. package/dist/esm/security/encryption-layer.js.map +1 -0
  1201. package/dist/esm/security/external-cross-check.js +451 -0
  1202. package/dist/esm/security/external-cross-check.js.map +1 -0
  1203. package/dist/esm/security/hash-manifest.js +229 -0
  1204. package/dist/esm/security/hash-manifest.js.map +1 -0
  1205. package/dist/esm/security/http-interceptor.js +594 -0
  1206. package/dist/esm/security/http-interceptor.js.map +1 -0
  1207. package/dist/esm/security/key-manager.js +289 -0
  1208. package/dist/esm/security/key-manager.js.map +1 -0
  1209. package/dist/esm/security/nonce-store.js +133 -0
  1210. package/dist/esm/security/nonce-store.js.map +1 -0
  1211. package/dist/esm/security/operator-roles.js +241 -0
  1212. package/dist/esm/security/operator-roles.js.map +1 -0
  1213. package/dist/esm/security/plugin-integrity.js +153 -0
  1214. package/dist/esm/security/plugin-integrity.js.map +1 -0
  1215. package/dist/esm/security/prompt-injection-detector.js +466 -0
  1216. package/dist/esm/security/prompt-injection-detector.js.map +1 -0
  1217. package/dist/esm/security/provider-compliance-boot.js +102 -0
  1218. package/dist/esm/security/provider-compliance-boot.js.map +1 -0
  1219. package/dist/esm/security/provider-compliance.js +707 -0
  1220. package/dist/esm/security/provider-compliance.js.map +1 -0
  1221. package/dist/esm/security/secret-leak-detector.js +176 -0
  1222. package/dist/esm/security/secret-leak-detector.js.map +1 -0
  1223. package/dist/esm/security/session-timeout.js +254 -0
  1224. package/dist/esm/security/session-timeout.js.map +1 -0
  1225. package/dist/esm/security/ssrf-guard.js +222 -0
  1226. package/dist/esm/security/ssrf-guard.js.map +1 -0
  1227. package/dist/esm/security/supply-chain.js +283 -0
  1228. package/dist/esm/security/supply-chain.js.map +1 -0
  1229. package/dist/esm/security/vendor-registry.js +256 -0
  1230. package/dist/esm/security/vendor-registry.js.map +1 -0
  1231. package/dist/esm/tenant/index.js +14 -0
  1232. package/dist/esm/tenant/index.js.map +1 -0
  1233. package/dist/esm/tenant/policy-inheritance.js +342 -0
  1234. package/dist/esm/tenant/policy-inheritance.js.map +1 -0
  1235. package/dist/esm/tenant/rbac.js +178 -0
  1236. package/dist/esm/tenant/rbac.js.map +1 -0
  1237. package/dist/esm/tenant/workspace.js +274 -0
  1238. package/dist/esm/tenant/workspace.js.map +1 -0
  1239. package/dist/esm/trust-passport/index.js +119 -0
  1240. package/dist/esm/trust-passport/index.js.map +1 -0
  1241. package/dist/esm/util/async-io.js +164 -0
  1242. package/dist/esm/util/async-io.js.map +1 -0
  1243. package/dist/esm/util/fs.js +165 -0
  1244. package/dist/esm/util/fs.js.map +1 -0
  1245. package/dist/esm/util/log-rotation.js +175 -0
  1246. package/dist/esm/util/log-rotation.js.map +1 -0
  1247. package/dist/esm/util/log.js +77 -0
  1248. package/dist/esm/util/log.js.map +1 -0
  1249. package/dist/esm/util/sigv4.js +113 -0
  1250. package/dist/esm/util/sigv4.js.map +1 -0
  1251. package/dist/esm/util/storage-backend.js +167 -0
  1252. package/dist/esm/util/storage-backend.js.map +1 -0
  1253. package/dist/governance/action-classes.d.ts +153 -0
  1254. package/dist/governance/action-classes.d.ts.map +1 -0
  1255. package/dist/governance/action-classes.js +177 -0
  1256. package/dist/governance/action-classes.js.map +1 -0
  1257. package/dist/governance/action-isolation.d.ts +317 -0
  1258. package/dist/governance/action-isolation.d.ts.map +1 -0
  1259. package/dist/governance/action-isolation.js +623 -0
  1260. package/dist/governance/action-isolation.js.map +1 -0
  1261. package/dist/governance/agent-discovery.d.ts +33 -0
  1262. package/dist/governance/agent-discovery.d.ts.map +1 -0
  1263. package/dist/governance/agent-discovery.js +249 -0
  1264. package/dist/governance/agent-discovery.js.map +1 -0
  1265. package/dist/governance/agent-discovery.test.d.ts +7 -0
  1266. package/dist/governance/agent-discovery.test.d.ts.map +1 -0
  1267. package/dist/governance/agent-discovery.test.js +179 -0
  1268. package/dist/governance/agent-discovery.test.js.map +1 -0
  1269. package/dist/governance/agent-trust-report.d.ts +124 -0
  1270. package/dist/governance/agent-trust-report.d.ts.map +1 -0
  1271. package/dist/governance/agent-trust-report.js +155 -0
  1272. package/dist/governance/agent-trust-report.js.map +1 -0
  1273. package/dist/governance/agent-trust-report.test.d.ts +7 -0
  1274. package/dist/governance/agent-trust-report.test.d.ts.map +1 -0
  1275. package/dist/governance/agent-trust-report.test.js +294 -0
  1276. package/dist/governance/agent-trust-report.test.js.map +1 -0
  1277. package/dist/governance/approval-channel-adapters.d.ts +45 -0
  1278. package/dist/governance/approval-channel-adapters.d.ts.map +1 -0
  1279. package/dist/governance/approval-channel-adapters.js +173 -0
  1280. package/dist/governance/approval-channel-adapters.js.map +1 -0
  1281. package/dist/governance/approval-channel-adapters.test.d.ts +7 -0
  1282. package/dist/governance/approval-channel-adapters.test.d.ts.map +1 -0
  1283. package/dist/governance/approval-channel-adapters.test.js +198 -0
  1284. package/dist/governance/approval-channel-adapters.test.js.map +1 -0
  1285. package/dist/governance/approval-gate-enforcer.d.ts +224 -0
  1286. package/dist/governance/approval-gate-enforcer.d.ts.map +1 -0
  1287. package/dist/governance/approval-gate-enforcer.js +443 -0
  1288. package/dist/governance/approval-gate-enforcer.js.map +1 -0
  1289. package/dist/governance/approval-notifications.d.ts +101 -0
  1290. package/dist/governance/approval-notifications.d.ts.map +1 -0
  1291. package/dist/governance/approval-notifications.js +143 -0
  1292. package/dist/governance/approval-notifications.js.map +1 -0
  1293. package/dist/governance/approval-notifications.test.d.ts +15 -0
  1294. package/dist/governance/approval-notifications.test.d.ts.map +1 -0
  1295. package/dist/governance/approval-notifications.test.js +227 -0
  1296. package/dist/governance/approval-notifications.test.js.map +1 -0
  1297. package/dist/governance/approval-queue-store.d.ts +114 -0
  1298. package/dist/governance/approval-queue-store.d.ts.map +1 -0
  1299. package/dist/governance/approval-queue-store.js +149 -0
  1300. package/dist/governance/approval-queue-store.js.map +1 -0
  1301. package/dist/governance/approval-queue.d.ts +172 -0
  1302. package/dist/governance/approval-queue.d.ts.map +1 -0
  1303. package/dist/governance/approval-queue.js +329 -0
  1304. package/dist/governance/approval-queue.js.map +1 -0
  1305. package/dist/governance/approval-service.d.ts +79 -0
  1306. package/dist/governance/approval-service.d.ts.map +1 -0
  1307. package/dist/governance/approval-service.js +129 -0
  1308. package/dist/governance/approval-service.js.map +1 -0
  1309. package/dist/governance/audit-chain-emitter.d.ts +103 -0
  1310. package/dist/governance/audit-chain-emitter.d.ts.map +1 -0
  1311. package/dist/governance/audit-chain-emitter.js +220 -0
  1312. package/dist/governance/audit-chain-emitter.js.map +1 -0
  1313. package/dist/governance/audit-chain-emitter.test.d.ts +7 -0
  1314. package/dist/governance/audit-chain-emitter.test.d.ts.map +1 -0
  1315. package/dist/governance/audit-chain-emitter.test.js +225 -0
  1316. package/dist/governance/audit-chain-emitter.test.js.map +1 -0
  1317. package/dist/governance/auto-pack-generator.d.ts +56 -0
  1318. package/dist/governance/auto-pack-generator.d.ts.map +1 -0
  1319. package/dist/governance/auto-pack-generator.js +70 -0
  1320. package/dist/governance/auto-pack-generator.js.map +1 -0
  1321. package/dist/governance/auto-pack-generator.test.d.ts +7 -0
  1322. package/dist/governance/auto-pack-generator.test.d.ts.map +1 -0
  1323. package/dist/governance/auto-pack-generator.test.js +130 -0
  1324. package/dist/governance/auto-pack-generator.test.js.map +1 -0
  1325. package/dist/governance/autonomy-spectrum.d.ts +253 -0
  1326. package/dist/governance/autonomy-spectrum.d.ts.map +1 -0
  1327. package/dist/governance/autonomy-spectrum.js +697 -0
  1328. package/dist/governance/autonomy-spectrum.js.map +1 -0
  1329. package/dist/governance/batch-mode-governance.d.ts +337 -0
  1330. package/dist/governance/batch-mode-governance.d.ts.map +1 -0
  1331. package/dist/governance/batch-mode-governance.js +651 -0
  1332. package/dist/governance/batch-mode-governance.js.map +1 -0
  1333. package/dist/governance/bias-monitor.d.ts +100 -0
  1334. package/dist/governance/bias-monitor.d.ts.map +1 -0
  1335. package/dist/governance/bias-monitor.js +310 -0
  1336. package/dist/governance/bias-monitor.js.map +1 -0
  1337. package/dist/governance/blast-radius-enforcer.d.ts +308 -0
  1338. package/dist/governance/blast-radius-enforcer.d.ts.map +1 -0
  1339. package/dist/governance/blast-radius-enforcer.js +579 -0
  1340. package/dist/governance/blast-radius-enforcer.js.map +1 -0
  1341. package/dist/governance/build-structure-score.d.ts +38 -0
  1342. package/dist/governance/build-structure-score.d.ts.map +1 -0
  1343. package/dist/governance/build-structure-score.js +64 -0
  1344. package/dist/governance/build-structure-score.js.map +1 -0
  1345. package/dist/governance/build-structure-score.test.d.ts +8 -0
  1346. package/dist/governance/build-structure-score.test.d.ts.map +1 -0
  1347. package/dist/governance/build-structure-score.test.js +151 -0
  1348. package/dist/governance/build-structure-score.test.js.map +1 -0
  1349. package/dist/governance/capability-bundle.d.ts +58 -0
  1350. package/dist/governance/capability-bundle.d.ts.map +1 -0
  1351. package/dist/governance/capability-bundle.js +277 -0
  1352. package/dist/governance/capability-bundle.js.map +1 -0
  1353. package/dist/governance/capability-change-detector.d.ts +335 -0
  1354. package/dist/governance/capability-change-detector.d.ts.map +1 -0
  1355. package/dist/governance/capability-change-detector.js +743 -0
  1356. package/dist/governance/capability-change-detector.js.map +1 -0
  1357. package/dist/governance/capability-classes.d.ts +42 -0
  1358. package/dist/governance/capability-classes.d.ts.map +1 -0
  1359. package/dist/governance/capability-classes.js +133 -0
  1360. package/dist/governance/capability-classes.js.map +1 -0
  1361. package/dist/governance/capability-classes.test.d.ts +23 -0
  1362. package/dist/governance/capability-classes.test.d.ts.map +1 -0
  1363. package/dist/governance/capability-classes.test.js +206 -0
  1364. package/dist/governance/capability-classes.test.js.map +1 -0
  1365. package/dist/governance/company-pack-builder.d.ts +46 -0
  1366. package/dist/governance/company-pack-builder.d.ts.map +1 -0
  1367. package/dist/governance/company-pack-builder.js +74 -0
  1368. package/dist/governance/company-pack-builder.js.map +1 -0
  1369. package/dist/governance/confidence-gate.d.ts +129 -0
  1370. package/dist/governance/confidence-gate.d.ts.map +1 -0
  1371. package/dist/governance/confidence-gate.js +253 -0
  1372. package/dist/governance/confidence-gate.js.map +1 -0
  1373. package/dist/governance/council.d.ts +99 -0
  1374. package/dist/governance/council.d.ts.map +1 -0
  1375. package/dist/governance/council.js +305 -0
  1376. package/dist/governance/council.js.map +1 -0
  1377. package/dist/governance/cross-session-pseudonymizer.d.ts +286 -0
  1378. package/dist/governance/cross-session-pseudonymizer.d.ts.map +1 -0
  1379. package/dist/governance/cross-session-pseudonymizer.js +639 -0
  1380. package/dist/governance/cross-session-pseudonymizer.js.map +1 -0
  1381. package/dist/governance/cycle-timeout.d.ts +120 -0
  1382. package/dist/governance/cycle-timeout.d.ts.map +1 -0
  1383. package/dist/governance/cycle-timeout.js +217 -0
  1384. package/dist/governance/cycle-timeout.js.map +1 -0
  1385. package/dist/governance/cycle-token-budget.d.ts +122 -0
  1386. package/dist/governance/cycle-token-budget.d.ts.map +1 -0
  1387. package/dist/governance/cycle-token-budget.js +182 -0
  1388. package/dist/governance/cycle-token-budget.js.map +1 -0
  1389. package/dist/governance/data-subject-rights.d.ts +155 -0
  1390. package/dist/governance/data-subject-rights.d.ts.map +1 -0
  1391. package/dist/governance/data-subject-rights.js +492 -0
  1392. package/dist/governance/data-subject-rights.js.map +1 -0
  1393. package/dist/governance/demo-workspace.d.ts +35 -0
  1394. package/dist/governance/demo-workspace.d.ts.map +1 -0
  1395. package/dist/governance/demo-workspace.js +214 -0
  1396. package/dist/governance/demo-workspace.js.map +1 -0
  1397. package/dist/governance/demo-workspace.test.d.ts +12 -0
  1398. package/dist/governance/demo-workspace.test.d.ts.map +1 -0
  1399. package/dist/governance/demo-workspace.test.js +115 -0
  1400. package/dist/governance/demo-workspace.test.js.map +1 -0
  1401. package/dist/governance/discovery-cli.d.ts +63 -0
  1402. package/dist/governance/discovery-cli.d.ts.map +1 -0
  1403. package/dist/governance/discovery-cli.js +99 -0
  1404. package/dist/governance/discovery-cli.js.map +1 -0
  1405. package/dist/governance/discovery-cli.test.d.ts +7 -0
  1406. package/dist/governance/discovery-cli.test.d.ts.map +1 -0
  1407. package/dist/governance/discovery-cli.test.js +226 -0
  1408. package/dist/governance/discovery-cli.test.js.map +1 -0
  1409. package/dist/governance/gateguard.d.ts +103 -0
  1410. package/dist/governance/gateguard.d.ts.map +1 -0
  1411. package/dist/governance/gateguard.js +302 -0
  1412. package/dist/governance/gateguard.js.map +1 -0
  1413. package/dist/governance/governance-runtime.d.ts +148 -0
  1414. package/dist/governance/governance-runtime.d.ts.map +1 -0
  1415. package/dist/governance/governance-runtime.js +414 -0
  1416. package/dist/governance/governance-runtime.js.map +1 -0
  1417. package/dist/governance/hook-install-snippet.d.ts +42 -0
  1418. package/dist/governance/hook-install-snippet.d.ts.map +1 -0
  1419. package/dist/governance/hook-install-snippet.js +212 -0
  1420. package/dist/governance/hook-install-snippet.js.map +1 -0
  1421. package/dist/governance/hook-install-snippet.test.d.ts +7 -0
  1422. package/dist/governance/hook-install-snippet.test.d.ts.map +1 -0
  1423. package/dist/governance/hook-install-snippet.test.js +130 -0
  1424. package/dist/governance/hook-install-snippet.test.js.map +1 -0
  1425. package/dist/governance/hook-profile.d.ts +215 -0
  1426. package/dist/governance/hook-profile.d.ts.map +1 -0
  1427. package/dist/governance/hook-profile.js +515 -0
  1428. package/dist/governance/hook-profile.js.map +1 -0
  1429. package/dist/governance/improvement-recommendations.d.ts +101 -0
  1430. package/dist/governance/improvement-recommendations.d.ts.map +1 -0
  1431. package/dist/governance/improvement-recommendations.js +171 -0
  1432. package/dist/governance/improvement-recommendations.js.map +1 -0
  1433. package/dist/governance/improvement-recommendations.test.d.ts +11 -0
  1434. package/dist/governance/improvement-recommendations.test.d.ts.map +1 -0
  1435. package/dist/governance/improvement-recommendations.test.js +213 -0
  1436. package/dist/governance/improvement-recommendations.test.js.map +1 -0
  1437. package/dist/governance/incident-notifier.d.ts +195 -0
  1438. package/dist/governance/incident-notifier.d.ts.map +1 -0
  1439. package/dist/governance/incident-notifier.js +527 -0
  1440. package/dist/governance/incident-notifier.js.map +1 -0
  1441. package/dist/governance/index.d.ts +24 -0
  1442. package/dist/governance/index.d.ts.map +1 -0
  1443. package/dist/governance/index.js +67 -0
  1444. package/dist/governance/index.js.map +1 -0
  1445. package/dist/governance/info-action-separation.d.ts +98 -0
  1446. package/dist/governance/info-action-separation.d.ts.map +1 -0
  1447. package/dist/governance/info-action-separation.js +148 -0
  1448. package/dist/governance/info-action-separation.js.map +1 -0
  1449. package/dist/governance/info-action-separation.test.d.ts +20 -0
  1450. package/dist/governance/info-action-separation.test.d.ts.map +1 -0
  1451. package/dist/governance/info-action-separation.test.js +190 -0
  1452. package/dist/governance/info-action-separation.test.js.map +1 -0
  1453. package/dist/governance/instinct-system.d.ts +141 -0
  1454. package/dist/governance/instinct-system.d.ts.map +1 -0
  1455. package/dist/governance/instinct-system.js +388 -0
  1456. package/dist/governance/instinct-system.js.map +1 -0
  1457. package/dist/governance/insurance-certificate.d.ts +88 -0
  1458. package/dist/governance/insurance-certificate.d.ts.map +1 -0
  1459. package/dist/governance/insurance-certificate.js +155 -0
  1460. package/dist/governance/insurance-certificate.js.map +1 -0
  1461. package/dist/governance/insurance-certificate.test.d.ts +7 -0
  1462. package/dist/governance/insurance-certificate.test.d.ts.map +1 -0
  1463. package/dist/governance/insurance-certificate.test.js +240 -0
  1464. package/dist/governance/insurance-certificate.test.js.map +1 -0
  1465. package/dist/governance/manifest-push-emitter.d.ts +51 -0
  1466. package/dist/governance/manifest-push-emitter.d.ts.map +1 -0
  1467. package/dist/governance/manifest-push-emitter.js +111 -0
  1468. package/dist/governance/manifest-push-emitter.js.map +1 -0
  1469. package/dist/governance/manifest-push-emitter.test.d.ts +7 -0
  1470. package/dist/governance/manifest-push-emitter.test.d.ts.map +1 -0
  1471. package/dist/governance/manifest-push-emitter.test.js +250 -0
  1472. package/dist/governance/manifest-push-emitter.test.js.map +1 -0
  1473. package/dist/governance/memory/cross-session-memory.d.ts +100 -0
  1474. package/dist/governance/memory/cross-session-memory.d.ts.map +1 -0
  1475. package/dist/governance/memory/cross-session-memory.js +319 -0
  1476. package/dist/governance/memory/cross-session-memory.js.map +1 -0
  1477. package/dist/governance/memory/index.d.ts +14 -0
  1478. package/dist/governance/memory/index.d.ts.map +1 -0
  1479. package/dist/governance/memory/index.js +27 -0
  1480. package/dist/governance/memory/index.js.map +1 -0
  1481. package/dist/governance/memory/memory-chain.d.ts +109 -0
  1482. package/dist/governance/memory/memory-chain.d.ts.map +1 -0
  1483. package/dist/governance/memory/memory-chain.js +221 -0
  1484. package/dist/governance/memory/memory-chain.js.map +1 -0
  1485. package/dist/governance/memory/retrieval-allowlist.d.ts +120 -0
  1486. package/dist/governance/memory/retrieval-allowlist.d.ts.map +1 -0
  1487. package/dist/governance/memory/retrieval-allowlist.js +177 -0
  1488. package/dist/governance/memory/retrieval-allowlist.js.map +1 -0
  1489. package/dist/governance/memory/session-memory.d.ts +105 -0
  1490. package/dist/governance/memory/session-memory.d.ts.map +1 -0
  1491. package/dist/governance/memory/session-memory.js +220 -0
  1492. package/dist/governance/memory/session-memory.js.map +1 -0
  1493. package/dist/governance/memory-audit-chain.d.ts +218 -0
  1494. package/dist/governance/memory-audit-chain.d.ts.map +1 -0
  1495. package/dist/governance/memory-audit-chain.js +400 -0
  1496. package/dist/governance/memory-audit-chain.js.map +1 -0
  1497. package/dist/governance/memory-integrity.d.ts +82 -0
  1498. package/dist/governance/memory-integrity.d.ts.map +1 -0
  1499. package/dist/governance/memory-integrity.js +304 -0
  1500. package/dist/governance/memory-integrity.js.map +1 -0
  1501. package/dist/governance/multi-store-deletion-worker.d.ts +163 -0
  1502. package/dist/governance/multi-store-deletion-worker.d.ts.map +1 -0
  1503. package/dist/governance/multi-store-deletion-worker.js +300 -0
  1504. package/dist/governance/multi-store-deletion-worker.js.map +1 -0
  1505. package/dist/governance/multi-tenant.d.ts +105 -0
  1506. package/dist/governance/multi-tenant.d.ts.map +1 -0
  1507. package/dist/governance/multi-tenant.js +312 -0
  1508. package/dist/governance/multi-tenant.js.map +1 -0
  1509. package/dist/governance/onboarding-tier-router.d.ts +51 -0
  1510. package/dist/governance/onboarding-tier-router.d.ts.map +1 -0
  1511. package/dist/governance/onboarding-tier-router.js +112 -0
  1512. package/dist/governance/onboarding-tier-router.js.map +1 -0
  1513. package/dist/governance/onboarding-tier-router.test.d.ts +7 -0
  1514. package/dist/governance/onboarding-tier-router.test.d.ts.map +1 -0
  1515. package/dist/governance/onboarding-tier-router.test.js +141 -0
  1516. package/dist/governance/onboarding-tier-router.test.js.map +1 -0
  1517. package/dist/governance/org-reputation.d.ts +54 -0
  1518. package/dist/governance/org-reputation.d.ts.map +1 -0
  1519. package/dist/governance/org-reputation.js +91 -0
  1520. package/dist/governance/org-reputation.js.map +1 -0
  1521. package/dist/governance/org-reputation.test.d.ts +7 -0
  1522. package/dist/governance/org-reputation.test.d.ts.map +1 -0
  1523. package/dist/governance/org-reputation.test.js +190 -0
  1524. package/dist/governance/org-reputation.test.js.map +1 -0
  1525. package/dist/governance/owasp-agentic-scanner.d.ts +100 -0
  1526. package/dist/governance/owasp-agentic-scanner.d.ts.map +1 -0
  1527. package/dist/governance/owasp-agentic-scanner.js +318 -0
  1528. package/dist/governance/owasp-agentic-scanner.js.map +1 -0
  1529. package/dist/governance/owasp-agentic-scanner.test.d.ts +8 -0
  1530. package/dist/governance/owasp-agentic-scanner.test.d.ts.map +1 -0
  1531. package/dist/governance/owasp-agentic-scanner.test.js +163 -0
  1532. package/dist/governance/owasp-agentic-scanner.test.js.map +1 -0
  1533. package/dist/governance/pack-diff.d.ts +61 -0
  1534. package/dist/governance/pack-diff.d.ts.map +1 -0
  1535. package/dist/governance/pack-diff.js +82 -0
  1536. package/dist/governance/pack-diff.js.map +1 -0
  1537. package/dist/governance/pack-diff.test.d.ts +7 -0
  1538. package/dist/governance/pack-diff.test.d.ts.map +1 -0
  1539. package/dist/governance/pack-diff.test.js +242 -0
  1540. package/dist/governance/pack-diff.test.js.map +1 -0
  1541. package/dist/governance/pack-evaluator-prewarm.d.ts +66 -0
  1542. package/dist/governance/pack-evaluator-prewarm.d.ts.map +1 -0
  1543. package/dist/governance/pack-evaluator-prewarm.js +139 -0
  1544. package/dist/governance/pack-evaluator-prewarm.js.map +1 -0
  1545. package/dist/governance/pack-evaluator.d.ts +110 -0
  1546. package/dist/governance/pack-evaluator.d.ts.map +1 -0
  1547. package/dist/governance/pack-evaluator.js +328 -0
  1548. package/dist/governance/pack-evaluator.js.map +1 -0
  1549. package/dist/governance/pack-evaluator.test.d.ts +7 -0
  1550. package/dist/governance/pack-evaluator.test.d.ts.map +1 -0
  1551. package/dist/governance/pack-evaluator.test.js +279 -0
  1552. package/dist/governance/pack-evaluator.test.js.map +1 -0
  1553. package/dist/governance/pack-inheritance.d.ts +121 -0
  1554. package/dist/governance/pack-inheritance.d.ts.map +1 -0
  1555. package/dist/governance/pack-inheritance.js +178 -0
  1556. package/dist/governance/pack-inheritance.js.map +1 -0
  1557. package/dist/governance/pack-inheritance.test.d.ts +17 -0
  1558. package/dist/governance/pack-inheritance.test.d.ts.map +1 -0
  1559. package/dist/governance/pack-inheritance.test.js +207 -0
  1560. package/dist/governance/pack-inheritance.test.js.map +1 -0
  1561. package/dist/governance/pack-publish-workflow.d.ts +60 -0
  1562. package/dist/governance/pack-publish-workflow.d.ts.map +1 -0
  1563. package/dist/governance/pack-publish-workflow.js +85 -0
  1564. package/dist/governance/pack-publish-workflow.js.map +1 -0
  1565. package/dist/governance/pack-publish-workflow.test.d.ts +7 -0
  1566. package/dist/governance/pack-publish-workflow.test.d.ts.map +1 -0
  1567. package/dist/governance/pack-publish-workflow.test.js +211 -0
  1568. package/dist/governance/pack-publish-workflow.test.js.map +1 -0
  1569. package/dist/governance/pack-rule-validator.d.ts +40 -0
  1570. package/dist/governance/pack-rule-validator.d.ts.map +1 -0
  1571. package/dist/governance/pack-rule-validator.js +142 -0
  1572. package/dist/governance/pack-rule-validator.js.map +1 -0
  1573. package/dist/governance/pack-rule-validator.test.d.ts +7 -0
  1574. package/dist/governance/pack-rule-validator.test.d.ts.map +1 -0
  1575. package/dist/governance/pack-rule-validator.test.js +153 -0
  1576. package/dist/governance/pack-rule-validator.test.js.map +1 -0
  1577. package/dist/governance/pack-versioning.d.ts +75 -0
  1578. package/dist/governance/pack-versioning.d.ts.map +1 -0
  1579. package/dist/governance/pack-versioning.js +192 -0
  1580. package/dist/governance/pack-versioning.js.map +1 -0
  1581. package/dist/governance/pack-versioning.test.d.ts +7 -0
  1582. package/dist/governance/pack-versioning.test.d.ts.map +1 -0
  1583. package/dist/governance/pack-versioning.test.js +172 -0
  1584. package/dist/governance/pack-versioning.test.js.map +1 -0
  1585. package/dist/governance/partner-manager.d.ts +185 -0
  1586. package/dist/governance/partner-manager.d.ts.map +1 -0
  1587. package/dist/governance/partner-manager.js +258 -0
  1588. package/dist/governance/partner-manager.js.map +1 -0
  1589. package/dist/governance/paste-your-agent.d.ts +30 -0
  1590. package/dist/governance/paste-your-agent.d.ts.map +1 -0
  1591. package/dist/governance/paste-your-agent.js +154 -0
  1592. package/dist/governance/paste-your-agent.js.map +1 -0
  1593. package/dist/governance/paste-your-agent.test.d.ts +7 -0
  1594. package/dist/governance/paste-your-agent.test.d.ts.map +1 -0
  1595. package/dist/governance/paste-your-agent.test.js +140 -0
  1596. package/dist/governance/paste-your-agent.test.js.map +1 -0
  1597. package/dist/governance/per-agent-daily-budget.d.ts +329 -0
  1598. package/dist/governance/per-agent-daily-budget.d.ts.map +1 -0
  1599. package/dist/governance/per-agent-daily-budget.js +699 -0
  1600. package/dist/governance/per-agent-daily-budget.js.map +1 -0
  1601. package/dist/governance/per-agent-override.test.d.ts +21 -0
  1602. package/dist/governance/per-agent-override.test.d.ts.map +1 -0
  1603. package/dist/governance/per-agent-override.test.js +274 -0
  1604. package/dist/governance/per-agent-override.test.js.map +1 -0
  1605. package/dist/governance/plugin-system.d.ts +519 -0
  1606. package/dist/governance/plugin-system.d.ts.map +1 -0
  1607. package/dist/governance/plugin-system.js +964 -0
  1608. package/dist/governance/plugin-system.js.map +1 -0
  1609. package/dist/governance/policy-tuning.d.ts +190 -0
  1610. package/dist/governance/policy-tuning.d.ts.map +1 -0
  1611. package/dist/governance/policy-tuning.js +359 -0
  1612. package/dist/governance/policy-tuning.js.map +1 -0
  1613. package/dist/governance/post-market-monitor.d.ts +114 -0
  1614. package/dist/governance/post-market-monitor.d.ts.map +1 -0
  1615. package/dist/governance/post-market-monitor.js +279 -0
  1616. package/dist/governance/post-market-monitor.js.map +1 -0
  1617. package/dist/governance/post-tool-audit-enrichment.d.ts +286 -0
  1618. package/dist/governance/post-tool-audit-enrichment.d.ts.map +1 -0
  1619. package/dist/governance/post-tool-audit-enrichment.js +504 -0
  1620. package/dist/governance/post-tool-audit-enrichment.js.map +1 -0
  1621. package/dist/governance/prohibited-practices.d.ts +85 -0
  1622. package/dist/governance/prohibited-practices.d.ts.map +1 -0
  1623. package/dist/governance/prohibited-practices.js +267 -0
  1624. package/dist/governance/prohibited-practices.js.map +1 -0
  1625. package/dist/governance/proxy-onboarding.d.ts +47 -0
  1626. package/dist/governance/proxy-onboarding.d.ts.map +1 -0
  1627. package/dist/governance/proxy-onboarding.js +306 -0
  1628. package/dist/governance/proxy-onboarding.js.map +1 -0
  1629. package/dist/governance/proxy-onboarding.test.d.ts +7 -0
  1630. package/dist/governance/proxy-onboarding.test.d.ts.map +1 -0
  1631. package/dist/governance/proxy-onboarding.test.js +135 -0
  1632. package/dist/governance/proxy-onboarding.test.js.map +1 -0
  1633. package/dist/governance/rag-citation-enforcement.d.ts +400 -0
  1634. package/dist/governance/rag-citation-enforcement.d.ts.map +1 -0
  1635. package/dist/governance/rag-citation-enforcement.js +568 -0
  1636. package/dist/governance/rag-citation-enforcement.js.map +1 -0
  1637. package/dist/governance/rag-confidence-threshold.d.ts +249 -0
  1638. package/dist/governance/rag-confidence-threshold.d.ts.map +1 -0
  1639. package/dist/governance/rag-confidence-threshold.js +449 -0
  1640. package/dist/governance/rag-confidence-threshold.js.map +1 -0
  1641. package/dist/governance/rag-retrieval-audit.d.ts +377 -0
  1642. package/dist/governance/rag-retrieval-audit.d.ts.map +1 -0
  1643. package/dist/governance/rag-retrieval-audit.js +517 -0
  1644. package/dist/governance/rag-retrieval-audit.js.map +1 -0
  1645. package/dist/governance/rag-source-allowlist.d.ts +273 -0
  1646. package/dist/governance/rag-source-allowlist.d.ts.map +1 -0
  1647. package/dist/governance/rag-source-allowlist.js +535 -0
  1648. package/dist/governance/rag-source-allowlist.js.map +1 -0
  1649. package/dist/governance/rag-source-output-chain.d.ts +420 -0
  1650. package/dist/governance/rag-source-output-chain.d.ts.map +1 -0
  1651. package/dist/governance/rag-source-output-chain.js +682 -0
  1652. package/dist/governance/rag-source-output-chain.js.map +1 -0
  1653. package/dist/governance/replay-player.d.ts +55 -0
  1654. package/dist/governance/replay-player.d.ts.map +1 -0
  1655. package/dist/governance/replay-player.js +89 -0
  1656. package/dist/governance/replay-player.js.map +1 -0
  1657. package/dist/governance/replay-player.test.d.ts +7 -0
  1658. package/dist/governance/replay-player.test.d.ts.map +1 -0
  1659. package/dist/governance/replay-player.test.js +192 -0
  1660. package/dist/governance/replay-player.test.js.map +1 -0
  1661. package/dist/governance/retention-manager.d.ts +189 -0
  1662. package/dist/governance/retention-manager.d.ts.map +1 -0
  1663. package/dist/governance/retention-manager.js +566 -0
  1664. package/dist/governance/retention-manager.js.map +1 -0
  1665. package/dist/governance/runtime-event-renderer.d.ts +55 -0
  1666. package/dist/governance/runtime-event-renderer.d.ts.map +1 -0
  1667. package/dist/governance/runtime-event-renderer.js +137 -0
  1668. package/dist/governance/runtime-event-renderer.js.map +1 -0
  1669. package/dist/governance/runtime-event-renderer.test.d.ts +7 -0
  1670. package/dist/governance/runtime-event-renderer.test.d.ts.map +1 -0
  1671. package/dist/governance/runtime-event-renderer.test.js +195 -0
  1672. package/dist/governance/runtime-event-renderer.test.js.map +1 -0
  1673. package/dist/governance/sandbox-replay.d.ts +52 -0
  1674. package/dist/governance/sandbox-replay.d.ts.map +1 -0
  1675. package/dist/governance/sandbox-replay.js +189 -0
  1676. package/dist/governance/sandbox-replay.js.map +1 -0
  1677. package/dist/governance/sandbox-replay.test.d.ts +7 -0
  1678. package/dist/governance/sandbox-replay.test.d.ts.map +1 -0
  1679. package/dist/governance/sandbox-replay.test.js +117 -0
  1680. package/dist/governance/sandbox-replay.test.js.map +1 -0
  1681. package/dist/governance/self-registration-hook.d.ts +65 -0
  1682. package/dist/governance/self-registration-hook.d.ts.map +1 -0
  1683. package/dist/governance/self-registration-hook.js +116 -0
  1684. package/dist/governance/self-registration-hook.js.map +1 -0
  1685. package/dist/governance/self-registration-hook.test.d.ts +7 -0
  1686. package/dist/governance/self-registration-hook.test.d.ts.map +1 -0
  1687. package/dist/governance/self-registration-hook.test.js +149 -0
  1688. package/dist/governance/self-registration-hook.test.js.map +1 -0
  1689. package/dist/governance/session-persistence.d.ts +153 -0
  1690. package/dist/governance/session-persistence.d.ts.map +1 -0
  1691. package/dist/governance/session-persistence.js +376 -0
  1692. package/dist/governance/session-persistence.js.map +1 -0
  1693. package/dist/governance/signed-manifest.d.ts +81 -0
  1694. package/dist/governance/signed-manifest.d.ts.map +1 -0
  1695. package/dist/governance/signed-manifest.js +161 -0
  1696. package/dist/governance/signed-manifest.js.map +1 -0
  1697. package/dist/governance/signed-manifest.test.d.ts +7 -0
  1698. package/dist/governance/signed-manifest.test.d.ts.map +1 -0
  1699. package/dist/governance/signed-manifest.test.js +149 -0
  1700. package/dist/governance/signed-manifest.test.js.map +1 -0
  1701. package/dist/governance/skip-api-empty-queue.d.ts +304 -0
  1702. package/dist/governance/skip-api-empty-queue.d.ts.map +1 -0
  1703. package/dist/governance/skip-api-empty-queue.js +499 -0
  1704. package/dist/governance/skip-api-empty-queue.js.map +1 -0
  1705. package/dist/governance/state-manager.d.ts +102 -0
  1706. package/dist/governance/state-manager.d.ts.map +1 -0
  1707. package/dist/governance/state-manager.js +286 -0
  1708. package/dist/governance/state-manager.js.map +1 -0
  1709. package/dist/governance/tenant-provider-agreements.d.ts +211 -0
  1710. package/dist/governance/tenant-provider-agreements.d.ts.map +1 -0
  1711. package/dist/governance/tenant-provider-agreements.js +440 -0
  1712. package/dist/governance/tenant-provider-agreements.js.map +1 -0
  1713. package/dist/governance/tool-provider-health.d.ts +299 -0
  1714. package/dist/governance/tool-provider-health.d.ts.map +1 -0
  1715. package/dist/governance/tool-provider-health.js +697 -0
  1716. package/dist/governance/tool-provider-health.js.map +1 -0
  1717. package/dist/governance/tool-rate-limit.d.ts +94 -0
  1718. package/dist/governance/tool-rate-limit.d.ts.map +1 -0
  1719. package/dist/governance/tool-rate-limit.js +145 -0
  1720. package/dist/governance/tool-rate-limit.js.map +1 -0
  1721. package/dist/governance/transparency-injector.d.ts +102 -0
  1722. package/dist/governance/transparency-injector.d.ts.map +1 -0
  1723. package/dist/governance/transparency-injector.js +162 -0
  1724. package/dist/governance/transparency-injector.js.map +1 -0
  1725. package/dist/governance/trust-score-snapshot.d.ts +61 -0
  1726. package/dist/governance/trust-score-snapshot.d.ts.map +1 -0
  1727. package/dist/governance/trust-score-snapshot.js +98 -0
  1728. package/dist/governance/trust-score-snapshot.js.map +1 -0
  1729. package/dist/governance/trust-score-snapshot.test.d.ts +7 -0
  1730. package/dist/governance/trust-score-snapshot.test.d.ts.map +1 -0
  1731. package/dist/governance/trust-score-snapshot.test.js +187 -0
  1732. package/dist/governance/trust-score-snapshot.test.js.map +1 -0
  1733. package/dist/governance/trust-score-three-dim.d.ts +122 -0
  1734. package/dist/governance/trust-score-three-dim.d.ts.map +1 -0
  1735. package/dist/governance/trust-score-three-dim.js +176 -0
  1736. package/dist/governance/trust-score-three-dim.js.map +1 -0
  1737. package/dist/governance/trust-score-three-dim.test.d.ts +7 -0
  1738. package/dist/governance/trust-score-three-dim.test.d.ts.map +1 -0
  1739. package/dist/governance/trust-score-three-dim.test.js +221 -0
  1740. package/dist/governance/trust-score-three-dim.test.js.map +1 -0
  1741. package/dist/governance-config.d.ts +201 -0
  1742. package/dist/governance-config.d.ts.map +1 -0
  1743. package/dist/governance-config.js +345 -0
  1744. package/dist/governance-config.js.map +1 -0
  1745. package/dist/governed-agent.d.ts +124 -0
  1746. package/dist/governed-agent.d.ts.map +1 -0
  1747. package/dist/governed-agent.js +1317 -0
  1748. package/dist/governed-agent.js.map +1 -0
  1749. package/dist/hooks/audit-dir-picker.sh +70 -0
  1750. package/dist/hooks/audit-logger.sh +325 -0
  1751. package/dist/hooks/cost-budget-gate.sh +74 -0
  1752. package/dist/hooks/data-classifier-bridge.d.ts +24 -0
  1753. package/dist/hooks/data-classifier-bridge.d.ts.map +1 -0
  1754. package/dist/hooks/data-classifier-bridge.js +80 -0
  1755. package/dist/hooks/data-classifier-bridge.js.map +1 -0
  1756. package/dist/hooks/destructive-command-guard.sh +200 -0
  1757. package/dist/hooks/file-boundary-guard.sh +159 -0
  1758. package/dist/hooks/file-change-tracker.sh +78 -0
  1759. package/dist/hooks/governance-file-shield.sh +102 -0
  1760. package/dist/hooks/governance-integrity-check.sh +109 -0
  1761. package/dist/hooks/hook-health-monitor.sh +189 -0
  1762. package/dist/hooks/hook-utils.sh +51 -0
  1763. package/dist/hooks/hook-wrapper.sh +77 -0
  1764. package/dist/hooks/install-hooks.sh +162 -0
  1765. package/dist/hooks/output-exfiltration-scanner.sh +112 -0
  1766. package/dist/hooks/powershell/audit-dir-picker.ps1 +72 -0
  1767. package/dist/hooks/powershell/audit-logger.ps1 +75 -0
  1768. package/dist/hooks/powershell/cost-budget-gate.ps1 +61 -0
  1769. package/dist/hooks/powershell/destructive-command-guard.ps1 +67 -0
  1770. package/dist/hooks/powershell/file-boundary-guard.ps1 +76 -0
  1771. package/dist/hooks/powershell/file-change-tracker.ps1 +74 -0
  1772. package/dist/hooks/powershell/governance-file-shield.ps1 +86 -0
  1773. package/dist/hooks/powershell/governance-integrity-check.ps1 +101 -0
  1774. package/dist/hooks/powershell/hook-health-monitor.ps1 +153 -0
  1775. package/dist/hooks/powershell/hook-utils.ps1 +44 -0
  1776. package/dist/hooks/powershell/hook-wrapper.ps1 +67 -0
  1777. package/dist/hooks/powershell/install-hooks.ps1 +142 -0
  1778. package/dist/hooks/powershell/output-exfiltration-scanner.ps1 +85 -0
  1779. package/dist/hooks/powershell/secret-leak-scanner.ps1 +105 -0
  1780. package/dist/hooks/powershell/token-tracker.ps1 +83 -0
  1781. package/dist/hooks/powershell/web-access-gate.ps1 +89 -0
  1782. package/dist/hooks/secret-leak-scanner.sh +293 -0
  1783. package/dist/hooks/token-tracker.sh +89 -0
  1784. package/dist/hooks/web-access-gate.sh +123 -0
  1785. package/dist/ide-adapters/aider.d.ts +213 -0
  1786. package/dist/ide-adapters/aider.d.ts.map +1 -0
  1787. package/dist/ide-adapters/aider.js +710 -0
  1788. package/dist/ide-adapters/aider.js.map +1 -0
  1789. package/dist/ide-adapters/amazon-q-developer.d.ts +124 -0
  1790. package/dist/ide-adapters/amazon-q-developer.d.ts.map +1 -0
  1791. package/dist/ide-adapters/amazon-q-developer.js +686 -0
  1792. package/dist/ide-adapters/amazon-q-developer.js.map +1 -0
  1793. package/dist/ide-adapters/base.d.ts +64 -0
  1794. package/dist/ide-adapters/base.d.ts.map +1 -0
  1795. package/dist/ide-adapters/base.js +233 -0
  1796. package/dist/ide-adapters/base.js.map +1 -0
  1797. package/dist/ide-adapters/claude-code.d.ts +43 -0
  1798. package/dist/ide-adapters/claude-code.d.ts.map +1 -0
  1799. package/dist/ide-adapters/claude-code.js +192 -0
  1800. package/dist/ide-adapters/claude-code.js.map +1 -0
  1801. package/dist/ide-adapters/cody.d.ts +150 -0
  1802. package/dist/ide-adapters/cody.d.ts.map +1 -0
  1803. package/dist/ide-adapters/cody.js +767 -0
  1804. package/dist/ide-adapters/cody.js.map +1 -0
  1805. package/dist/ide-adapters/continue-dev.d.ts +120 -0
  1806. package/dist/ide-adapters/continue-dev.d.ts.map +1 -0
  1807. package/dist/ide-adapters/continue-dev.js +359 -0
  1808. package/dist/ide-adapters/continue-dev.js.map +1 -0
  1809. package/dist/ide-adapters/copilot-studio.d.ts +310 -0
  1810. package/dist/ide-adapters/copilot-studio.d.ts.map +1 -0
  1811. package/dist/ide-adapters/copilot-studio.js +1097 -0
  1812. package/dist/ide-adapters/copilot-studio.js.map +1 -0
  1813. package/dist/ide-adapters/copilot-workspace.d.ts +167 -0
  1814. package/dist/ide-adapters/copilot-workspace.d.ts.map +1 -0
  1815. package/dist/ide-adapters/copilot-workspace.js +376 -0
  1816. package/dist/ide-adapters/copilot-workspace.js.map +1 -0
  1817. package/dist/ide-adapters/cursor.d.ts +74 -0
  1818. package/dist/ide-adapters/cursor.d.ts.map +1 -0
  1819. package/dist/ide-adapters/cursor.js +273 -0
  1820. package/dist/ide-adapters/cursor.js.map +1 -0
  1821. package/dist/ide-adapters/exports.d.ts +53 -0
  1822. package/dist/ide-adapters/exports.d.ts.map +1 -0
  1823. package/dist/ide-adapters/exports.js +115 -0
  1824. package/dist/ide-adapters/exports.js.map +1 -0
  1825. package/dist/ide-adapters/gemini-code-assist.d.ts +135 -0
  1826. package/dist/ide-adapters/gemini-code-assist.d.ts.map +1 -0
  1827. package/dist/ide-adapters/gemini-code-assist.js +750 -0
  1828. package/dist/ide-adapters/gemini-code-assist.js.map +1 -0
  1829. package/dist/ide-adapters/github-copilot.d.ts +166 -0
  1830. package/dist/ide-adapters/github-copilot.d.ts.map +1 -0
  1831. package/dist/ide-adapters/github-copilot.js +547 -0
  1832. package/dist/ide-adapters/github-copilot.js.map +1 -0
  1833. package/dist/ide-adapters/index.d.ts +271 -0
  1834. package/dist/ide-adapters/index.d.ts.map +1 -0
  1835. package/dist/ide-adapters/index.js +100 -0
  1836. package/dist/ide-adapters/index.js.map +1 -0
  1837. package/dist/ide-adapters/jetbrains-ai.d.ts +150 -0
  1838. package/dist/ide-adapters/jetbrains-ai.d.ts.map +1 -0
  1839. package/dist/ide-adapters/jetbrains-ai.js +718 -0
  1840. package/dist/ide-adapters/jetbrains-ai.js.map +1 -0
  1841. package/dist/ide-adapters/notebook-ai.d.ts +220 -0
  1842. package/dist/ide-adapters/notebook-ai.d.ts.map +1 -0
  1843. package/dist/ide-adapters/notebook-ai.js +858 -0
  1844. package/dist/ide-adapters/notebook-ai.js.map +1 -0
  1845. package/dist/ide-adapters/replit-agent.d.ts +269 -0
  1846. package/dist/ide-adapters/replit-agent.d.ts.map +1 -0
  1847. package/dist/ide-adapters/replit-agent.js +1022 -0
  1848. package/dist/ide-adapters/replit-agent.js.map +1 -0
  1849. package/dist/ide-adapters/reviewer-tier.d.ts +15 -0
  1850. package/dist/ide-adapters/reviewer-tier.d.ts.map +1 -0
  1851. package/dist/ide-adapters/reviewer-tier.js +16 -0
  1852. package/dist/ide-adapters/reviewer-tier.js.map +1 -0
  1853. package/dist/ide-adapters/shared.d.ts +116 -0
  1854. package/dist/ide-adapters/shared.d.ts.map +1 -0
  1855. package/dist/ide-adapters/shared.js +311 -0
  1856. package/dist/ide-adapters/shared.js.map +1 -0
  1857. package/dist/ide-adapters/tabnine.d.ts +189 -0
  1858. package/dist/ide-adapters/tabnine.d.ts.map +1 -0
  1859. package/dist/ide-adapters/tabnine.js +721 -0
  1860. package/dist/ide-adapters/tabnine.js.map +1 -0
  1861. package/dist/ide-adapters/windsurf.d.ts +216 -0
  1862. package/dist/ide-adapters/windsurf.d.ts.map +1 -0
  1863. package/dist/ide-adapters/windsurf.js +812 -0
  1864. package/dist/ide-adapters/windsurf.js.map +1 -0
  1865. package/dist/ide-adapters/zed-ai.d.ts +209 -0
  1866. package/dist/ide-adapters/zed-ai.d.ts.map +1 -0
  1867. package/dist/ide-adapters/zed-ai.js +622 -0
  1868. package/dist/ide-adapters/zed-ai.js.map +1 -0
  1869. package/dist/index.d.ts +104 -0
  1870. package/dist/index.d.ts.map +1 -0
  1871. package/dist/index.js +366 -0
  1872. package/dist/index.js.map +1 -0
  1873. package/dist/license/entitlement-client.d.ts +111 -0
  1874. package/dist/license/entitlement-client.d.ts.map +1 -0
  1875. package/dist/license/entitlement-client.js +306 -0
  1876. package/dist/license/entitlement-client.js.map +1 -0
  1877. package/dist/license/index.d.ts +10 -0
  1878. package/dist/license/index.d.ts.map +1 -0
  1879. package/dist/license/index.js +14 -0
  1880. package/dist/license/index.js.map +1 -0
  1881. package/dist/license/jwt-issuer.d.ts +64 -0
  1882. package/dist/license/jwt-issuer.d.ts.map +1 -0
  1883. package/dist/license/jwt-issuer.js +144 -0
  1884. package/dist/license/jwt-issuer.js.map +1 -0
  1885. package/dist/license/jwt-validator.d.ts +145 -0
  1886. package/dist/license/jwt-validator.d.ts.map +1 -0
  1887. package/dist/license/jwt-validator.js +498 -0
  1888. package/dist/license/jwt-validator.js.map +1 -0
  1889. package/dist/license/keygen.d.ts +16 -0
  1890. package/dist/license/keygen.d.ts.map +1 -0
  1891. package/dist/license/keygen.js +100 -0
  1892. package/dist/license/keygen.js.map +1 -0
  1893. package/dist/license/subscription-gate.d.ts +99 -0
  1894. package/dist/license/subscription-gate.d.ts.map +1 -0
  1895. package/dist/license/subscription-gate.js +293 -0
  1896. package/dist/license/subscription-gate.js.map +1 -0
  1897. package/dist/llm-adapters/azure-openai.d.ts +69 -0
  1898. package/dist/llm-adapters/azure-openai.d.ts.map +1 -0
  1899. package/dist/llm-adapters/azure-openai.js +702 -0
  1900. package/dist/llm-adapters/azure-openai.js.map +1 -0
  1901. package/dist/llm-adapters/base.d.ts +97 -0
  1902. package/dist/llm-adapters/base.d.ts.map +1 -0
  1903. package/dist/llm-adapters/base.js +265 -0
  1904. package/dist/llm-adapters/base.js.map +1 -0
  1905. package/dist/llm-adapters/bedrock.d.ts +67 -0
  1906. package/dist/llm-adapters/bedrock.d.ts.map +1 -0
  1907. package/dist/llm-adapters/bedrock.js +751 -0
  1908. package/dist/llm-adapters/bedrock.js.map +1 -0
  1909. package/dist/llm-adapters/claude.d.ts +84 -0
  1910. package/dist/llm-adapters/claude.d.ts.map +1 -0
  1911. package/dist/llm-adapters/claude.js +273 -0
  1912. package/dist/llm-adapters/claude.js.map +1 -0
  1913. package/dist/llm-adapters/deepseek.d.ts +113 -0
  1914. package/dist/llm-adapters/deepseek.d.ts.map +1 -0
  1915. package/dist/llm-adapters/deepseek.js +754 -0
  1916. package/dist/llm-adapters/deepseek.js.map +1 -0
  1917. package/dist/llm-adapters/exports.d.ts +40 -0
  1918. package/dist/llm-adapters/exports.d.ts.map +1 -0
  1919. package/dist/llm-adapters/exports.js +74 -0
  1920. package/dist/llm-adapters/exports.js.map +1 -0
  1921. package/dist/llm-adapters/gemini.d.ts +106 -0
  1922. package/dist/llm-adapters/gemini.d.ts.map +1 -0
  1923. package/dist/llm-adapters/gemini.js +201 -0
  1924. package/dist/llm-adapters/gemini.js.map +1 -0
  1925. package/dist/llm-adapters/gemma.d.ts +200 -0
  1926. package/dist/llm-adapters/gemma.d.ts.map +1 -0
  1927. package/dist/llm-adapters/gemma.js +270 -0
  1928. package/dist/llm-adapters/gemma.js.map +1 -0
  1929. package/dist/llm-adapters/google.d.ts +221 -0
  1930. package/dist/llm-adapters/google.d.ts.map +1 -0
  1931. package/dist/llm-adapters/google.js +1176 -0
  1932. package/dist/llm-adapters/google.js.map +1 -0
  1933. package/dist/llm-adapters/huggingface.d.ts +354 -0
  1934. package/dist/llm-adapters/huggingface.d.ts.map +1 -0
  1935. package/dist/llm-adapters/huggingface.js +622 -0
  1936. package/dist/llm-adapters/huggingface.js.map +1 -0
  1937. package/dist/llm-adapters/index.d.ts +331 -0
  1938. package/dist/llm-adapters/index.d.ts.map +1 -0
  1939. package/dist/llm-adapters/index.js +96 -0
  1940. package/dist/llm-adapters/index.js.map +1 -0
  1941. package/dist/llm-adapters/ollama.d.ts +90 -0
  1942. package/dist/llm-adapters/ollama.d.ts.map +1 -0
  1943. package/dist/llm-adapters/ollama.js +624 -0
  1944. package/dist/llm-adapters/ollama.js.map +1 -0
  1945. package/dist/llm-adapters/openai.d.ts +168 -0
  1946. package/dist/llm-adapters/openai.d.ts.map +1 -0
  1947. package/dist/llm-adapters/openai.js +363 -0
  1948. package/dist/llm-adapters/openai.js.map +1 -0
  1949. package/dist/llm-adapters/replicate-llama.d.ts +327 -0
  1950. package/dist/llm-adapters/replicate-llama.d.ts.map +1 -0
  1951. package/dist/llm-adapters/replicate-llama.js +600 -0
  1952. package/dist/llm-adapters/replicate-llama.js.map +1 -0
  1953. package/dist/llm-adapters/shared.d.ts +104 -0
  1954. package/dist/llm-adapters/shared.d.ts.map +1 -0
  1955. package/dist/llm-adapters/shared.js +341 -0
  1956. package/dist/llm-adapters/shared.js.map +1 -0
  1957. package/dist/llm-adapters/supported-models-catalog.d.ts +112 -0
  1958. package/dist/llm-adapters/supported-models-catalog.d.ts.map +1 -0
  1959. package/dist/llm-adapters/supported-models-catalog.js +748 -0
  1960. package/dist/llm-adapters/supported-models-catalog.js.map +1 -0
  1961. package/dist/observability/destination-health-monitor.d.ts +147 -0
  1962. package/dist/observability/destination-health-monitor.d.ts.map +1 -0
  1963. package/dist/observability/destination-health-monitor.js +244 -0
  1964. package/dist/observability/destination-health-monitor.js.map +1 -0
  1965. package/dist/observability/health-metrics-store.d.ts +112 -0
  1966. package/dist/observability/health-metrics-store.d.ts.map +1 -0
  1967. package/dist/observability/health-metrics-store.js +131 -0
  1968. package/dist/observability/health-metrics-store.js.map +1 -0
  1969. package/dist/orchestrator-adapters/autogen.d.ts +225 -0
  1970. package/dist/orchestrator-adapters/autogen.d.ts.map +1 -0
  1971. package/dist/orchestrator-adapters/autogen.js +522 -0
  1972. package/dist/orchestrator-adapters/autogen.js.map +1 -0
  1973. package/dist/orchestrator-adapters/base.d.ts +100 -0
  1974. package/dist/orchestrator-adapters/base.d.ts.map +1 -0
  1975. package/dist/orchestrator-adapters/base.js +403 -0
  1976. package/dist/orchestrator-adapters/base.js.map +1 -0
  1977. package/dist/orchestrator-adapters/bedrock-agentcore.d.ts +314 -0
  1978. package/dist/orchestrator-adapters/bedrock-agentcore.d.ts.map +1 -0
  1979. package/dist/orchestrator-adapters/bedrock-agentcore.js +845 -0
  1980. package/dist/orchestrator-adapters/bedrock-agentcore.js.map +1 -0
  1981. package/dist/orchestrator-adapters/claude-agent-sdk.d.ts +288 -0
  1982. package/dist/orchestrator-adapters/claude-agent-sdk.d.ts.map +1 -0
  1983. package/dist/orchestrator-adapters/claude-agent-sdk.js +732 -0
  1984. package/dist/orchestrator-adapters/claude-agent-sdk.js.map +1 -0
  1985. package/dist/orchestrator-adapters/crewai.d.ts +161 -0
  1986. package/dist/orchestrator-adapters/crewai.d.ts.map +1 -0
  1987. package/dist/orchestrator-adapters/crewai.js +507 -0
  1988. package/dist/orchestrator-adapters/crewai.js.map +1 -0
  1989. package/dist/orchestrator-adapters/deepagents.d.ts +218 -0
  1990. package/dist/orchestrator-adapters/deepagents.d.ts.map +1 -0
  1991. package/dist/orchestrator-adapters/deepagents.js +382 -0
  1992. package/dist/orchestrator-adapters/deepagents.js.map +1 -0
  1993. package/dist/orchestrator-adapters/exports.d.ts +30 -0
  1994. package/dist/orchestrator-adapters/exports.d.ts.map +1 -0
  1995. package/dist/orchestrator-adapters/exports.js +94 -0
  1996. package/dist/orchestrator-adapters/exports.js.map +1 -0
  1997. package/dist/orchestrator-adapters/google-adk.d.ts +306 -0
  1998. package/dist/orchestrator-adapters/google-adk.d.ts.map +1 -0
  1999. package/dist/orchestrator-adapters/google-adk.js +805 -0
  2000. package/dist/orchestrator-adapters/google-adk.js.map +1 -0
  2001. package/dist/orchestrator-adapters/haystack.d.ts +327 -0
  2002. package/dist/orchestrator-adapters/haystack.d.ts.map +1 -0
  2003. package/dist/orchestrator-adapters/haystack.js +841 -0
  2004. package/dist/orchestrator-adapters/haystack.js.map +1 -0
  2005. package/dist/orchestrator-adapters/index.d.ts +328 -0
  2006. package/dist/orchestrator-adapters/index.d.ts.map +1 -0
  2007. package/dist/orchestrator-adapters/index.js +117 -0
  2008. package/dist/orchestrator-adapters/index.js.map +1 -0
  2009. package/dist/orchestrator-adapters/langchain.d.ts +186 -0
  2010. package/dist/orchestrator-adapters/langchain.d.ts.map +1 -0
  2011. package/dist/orchestrator-adapters/langchain.js +495 -0
  2012. package/dist/orchestrator-adapters/langchain.js.map +1 -0
  2013. package/dist/orchestrator-adapters/langgraph.d.ts +234 -0
  2014. package/dist/orchestrator-adapters/langgraph.d.ts.map +1 -0
  2015. package/dist/orchestrator-adapters/langgraph.js +502 -0
  2016. package/dist/orchestrator-adapters/langgraph.js.map +1 -0
  2017. package/dist/orchestrator-adapters/llamaindex.d.ts +325 -0
  2018. package/dist/orchestrator-adapters/llamaindex.d.ts.map +1 -0
  2019. package/dist/orchestrator-adapters/llamaindex.js +850 -0
  2020. package/dist/orchestrator-adapters/llamaindex.js.map +1 -0
  2021. package/dist/orchestrator-adapters/openai-agents.d.ts +238 -0
  2022. package/dist/orchestrator-adapters/openai-agents.d.ts.map +1 -0
  2023. package/dist/orchestrator-adapters/openai-agents.js +532 -0
  2024. package/dist/orchestrator-adapters/openai-agents.js.map +1 -0
  2025. package/dist/orchestrator-adapters/openclaw.d.ts +327 -0
  2026. package/dist/orchestrator-adapters/openclaw.d.ts.map +1 -0
  2027. package/dist/orchestrator-adapters/openclaw.js +896 -0
  2028. package/dist/orchestrator-adapters/openclaw.js.map +1 -0
  2029. package/dist/orchestrator-adapters/orchestrator-adapter.d.ts +170 -0
  2030. package/dist/orchestrator-adapters/orchestrator-adapter.d.ts.map +1 -0
  2031. package/dist/orchestrator-adapters/orchestrator-adapter.js +34 -0
  2032. package/dist/orchestrator-adapters/orchestrator-adapter.js.map +1 -0
  2033. package/dist/orchestrator-adapters/paperclip-adapter.d.ts +91 -0
  2034. package/dist/orchestrator-adapters/paperclip-adapter.d.ts.map +1 -0
  2035. package/dist/orchestrator-adapters/paperclip-adapter.js +403 -0
  2036. package/dist/orchestrator-adapters/paperclip-adapter.js.map +1 -0
  2037. package/dist/orchestrator-adapters/semantic-kernel.d.ts +218 -0
  2038. package/dist/orchestrator-adapters/semantic-kernel.d.ts.map +1 -0
  2039. package/dist/orchestrator-adapters/semantic-kernel.js +525 -0
  2040. package/dist/orchestrator-adapters/semantic-kernel.js.map +1 -0
  2041. package/dist/orchestrator-adapters/shared.d.ts +49 -0
  2042. package/dist/orchestrator-adapters/shared.d.ts.map +1 -0
  2043. package/dist/orchestrator-adapters/shared.js +161 -0
  2044. package/dist/orchestrator-adapters/shared.js.map +1 -0
  2045. package/dist/packs/_base-classifiers.d.ts +73 -0
  2046. package/dist/packs/_base-classifiers.d.ts.map +1 -0
  2047. package/dist/packs/_base-classifiers.js +165 -0
  2048. package/dist/packs/_base-classifiers.js.map +1 -0
  2049. package/dist/packs/aba.d.ts +41 -0
  2050. package/dist/packs/aba.d.ts.map +1 -0
  2051. package/dist/packs/aba.js +300 -0
  2052. package/dist/packs/aba.js.map +1 -0
  2053. package/dist/packs/as-9100.d.ts +130 -0
  2054. package/dist/packs/as-9100.d.ts.map +1 -0
  2055. package/dist/packs/as-9100.js +817 -0
  2056. package/dist/packs/as-9100.js.map +1 -0
  2057. package/dist/packs/au-act-hrpaa.d.ts +68 -0
  2058. package/dist/packs/au-act-hrpaa.d.ts.map +1 -0
  2059. package/dist/packs/au-act-hrpaa.js +293 -0
  2060. package/dist/packs/au-act-hrpaa.js.map +1 -0
  2061. package/dist/packs/au-aiethics-framework.d.ts +68 -0
  2062. package/dist/packs/au-aiethics-framework.d.ts.map +1 -0
  2063. package/dist/packs/au-aiethics-framework.js +344 -0
  2064. package/dist/packs/au-aiethics-framework.js.map +1 -0
  2065. package/dist/packs/au-aml-ctf.d.ts +67 -0
  2066. package/dist/packs/au-aml-ctf.d.ts.map +1 -0
  2067. package/dist/packs/au-aml-ctf.js +349 -0
  2068. package/dist/packs/au-aml-ctf.js.map +1 -0
  2069. package/dist/packs/au-asic-rg-271.d.ts +50 -0
  2070. package/dist/packs/au-asic-rg-271.d.ts.map +1 -0
  2071. package/dist/packs/au-asic-rg-271.js +271 -0
  2072. package/dist/packs/au-asic-rg-271.js.map +1 -0
  2073. package/dist/packs/au-asic-rg-274.d.ts +51 -0
  2074. package/dist/packs/au-asic-rg-274.d.ts.map +1 -0
  2075. package/dist/packs/au-asic-rg-274.js +271 -0
  2076. package/dist/packs/au-asic-rg-274.js.map +1 -0
  2077. package/dist/packs/au-cdr.d.ts +49 -0
  2078. package/dist/packs/au-cdr.d.ts.map +1 -0
  2079. package/dist/packs/au-cdr.js +308 -0
  2080. package/dist/packs/au-cdr.js.map +1 -0
  2081. package/dist/packs/au-cps230.d.ts +50 -0
  2082. package/dist/packs/au-cps230.d.ts.map +1 -0
  2083. package/dist/packs/au-cps230.js +267 -0
  2084. package/dist/packs/au-cps230.js.map +1 -0
  2085. package/dist/packs/au-cps234.d.ts +56 -0
  2086. package/dist/packs/au-cps234.d.ts.map +1 -0
  2087. package/dist/packs/au-cps234.js +300 -0
  2088. package/dist/packs/au-cps234.js.map +1 -0
  2089. package/dist/packs/au-mandatory-ai-guardrails.d.ts +61 -0
  2090. package/dist/packs/au-mandatory-ai-guardrails.d.ts.map +1 -0
  2091. package/dist/packs/au-mandatory-ai-guardrails.js +274 -0
  2092. package/dist/packs/au-mandatory-ai-guardrails.js.map +1 -0
  2093. package/dist/packs/au-nsw-hripa.d.ts +78 -0
  2094. package/dist/packs/au-nsw-hripa.d.ts.map +1 -0
  2095. package/dist/packs/au-nsw-hripa.js +366 -0
  2096. package/dist/packs/au-nsw-hripa.js.map +1 -0
  2097. package/dist/packs/au-online-safety.d.ts +55 -0
  2098. package/dist/packs/au-online-safety.d.ts.map +1 -0
  2099. package/dist/packs/au-online-safety.js +300 -0
  2100. package/dist/packs/au-online-safety.js.map +1 -0
  2101. package/dist/packs/au-privacy-act.d.ts +54 -0
  2102. package/dist/packs/au-privacy-act.d.ts.map +1 -0
  2103. package/dist/packs/au-privacy-act.js +364 -0
  2104. package/dist/packs/au-privacy-act.js.map +1 -0
  2105. package/dist/packs/au-soci-act.d.ts +53 -0
  2106. package/dist/packs/au-soci-act.d.ts.map +1 -0
  2107. package/dist/packs/au-soci-act.js +254 -0
  2108. package/dist/packs/au-soci-act.js.map +1 -0
  2109. package/dist/packs/au-spam-act.d.ts +54 -0
  2110. package/dist/packs/au-spam-act.d.ts.map +1 -0
  2111. package/dist/packs/au-spam-act.js +287 -0
  2112. package/dist/packs/au-spam-act.js.map +1 -0
  2113. package/dist/packs/au-tga-saimd.d.ts +74 -0
  2114. package/dist/packs/au-tga-saimd.d.ts.map +1 -0
  2115. package/dist/packs/au-tga-saimd.js +344 -0
  2116. package/dist/packs/au-tga-saimd.js.map +1 -0
  2117. package/dist/packs/au-vic-hra.d.ts +70 -0
  2118. package/dist/packs/au-vic-hra.d.ts.map +1 -0
  2119. package/dist/packs/au-vic-hra.js +348 -0
  2120. package/dist/packs/au-vic-hra.js.map +1 -0
  2121. package/dist/packs/bipa.d.ts +30 -0
  2122. package/dist/packs/bipa.d.ts.map +1 -0
  2123. package/dist/packs/bipa.js +271 -0
  2124. package/dist/packs/bipa.js.map +1 -0
  2125. package/dist/packs/bsa-aml.d.ts +52 -0
  2126. package/dist/packs/bsa-aml.d.ts.map +1 -0
  2127. package/dist/packs/bsa-aml.js +413 -0
  2128. package/dist/packs/bsa-aml.js.map +1 -0
  2129. package/dist/packs/ca-pipeda.d.ts +48 -0
  2130. package/dist/packs/ca-pipeda.d.ts.map +1 -0
  2131. package/dist/packs/ca-pipeda.js +220 -0
  2132. package/dist/packs/ca-pipeda.js.map +1 -0
  2133. package/dist/packs/ca-qc-law25.d.ts +46 -0
  2134. package/dist/packs/ca-qc-law25.d.ts.map +1 -0
  2135. package/dist/packs/ca-qc-law25.js +191 -0
  2136. package/dist/packs/ca-qc-law25.js.map +1 -0
  2137. package/dist/packs/caldicott-principles.d.ts +86 -0
  2138. package/dist/packs/caldicott-principles.d.ts.map +1 -0
  2139. package/dist/packs/caldicott-principles.js +444 -0
  2140. package/dist/packs/caldicott-principles.js.map +1 -0
  2141. package/dist/packs/california-ab2930.d.ts +58 -0
  2142. package/dist/packs/california-ab2930.d.ts.map +1 -0
  2143. package/dist/packs/california-ab2930.js +413 -0
  2144. package/dist/packs/california-ab2930.js.map +1 -0
  2145. package/dist/packs/ccpa.d.ts +47 -0
  2146. package/dist/packs/ccpa.d.ts.map +1 -0
  2147. package/dist/packs/ccpa.js +399 -0
  2148. package/dist/packs/ccpa.js.map +1 -0
  2149. package/dist/packs/cfpb-2023-03.d.ts +32 -0
  2150. package/dist/packs/cfpb-2023-03.d.ts.map +1 -0
  2151. package/dist/packs/cfpb-2023-03.js +285 -0
  2152. package/dist/packs/cfpb-2023-03.js.map +1 -0
  2153. package/dist/packs/check-registry.d.ts +76 -0
  2154. package/dist/packs/check-registry.d.ts.map +1 -0
  2155. package/dist/packs/check-registry.js +3341 -0
  2156. package/dist/packs/check-registry.js.map +1 -0
  2157. package/dist/packs/cjis.d.ts +61 -0
  2158. package/dist/packs/cjis.d.ts.map +1 -0
  2159. package/dist/packs/cjis.js +345 -0
  2160. package/dist/packs/cjis.js.map +1 -0
  2161. package/dist/packs/cma-ai-foundation-models.d.ts +74 -0
  2162. package/dist/packs/cma-ai-foundation-models.d.ts.map +1 -0
  2163. package/dist/packs/cma-ai-foundation-models.js +397 -0
  2164. package/dist/packs/cma-ai-foundation-models.js.map +1 -0
  2165. package/dist/packs/cmmc2.d.ts +69 -0
  2166. package/dist/packs/cmmc2.d.ts.map +1 -0
  2167. package/dist/packs/cmmc2.js +350 -0
  2168. package/dist/packs/cmmc2.js.map +1 -0
  2169. package/dist/packs/cms-interoperability.d.ts +55 -0
  2170. package/dist/packs/cms-interoperability.d.ts.map +1 -0
  2171. package/dist/packs/cms-interoperability.js +390 -0
  2172. package/dist/packs/cms-interoperability.js.map +1 -0
  2173. package/dist/packs/cn-dsl-csl.d.ts +52 -0
  2174. package/dist/packs/cn-dsl-csl.d.ts.map +1 -0
  2175. package/dist/packs/cn-dsl-csl.js +137 -0
  2176. package/dist/packs/cn-dsl-csl.js.map +1 -0
  2177. package/dist/packs/colorado-ai.d.ts +77 -0
  2178. package/dist/packs/colorado-ai.d.ts.map +1 -0
  2179. package/dist/packs/colorado-ai.js +379 -0
  2180. package/dist/packs/colorado-ai.js.map +1 -0
  2181. package/dist/packs/common-rule.d.ts +91 -0
  2182. package/dist/packs/common-rule.d.ts.map +1 -0
  2183. package/dist/packs/common-rule.js +473 -0
  2184. package/dist/packs/common-rule.js.map +1 -0
  2185. package/dist/packs/coppa.d.ts +84 -0
  2186. package/dist/packs/coppa.d.ts.map +1 -0
  2187. package/dist/packs/coppa.js +409 -0
  2188. package/dist/packs/coppa.js.map +1 -0
  2189. package/dist/packs/cyber-essentials.d.ts +63 -0
  2190. package/dist/packs/cyber-essentials.d.ts.map +1 -0
  2191. package/dist/packs/cyber-essentials.js +407 -0
  2192. package/dist/packs/cyber-essentials.js.map +1 -0
  2193. package/dist/packs/de-bdsg.d.ts +66 -0
  2194. package/dist/packs/de-bdsg.d.ts.map +1 -0
  2195. package/dist/packs/de-bdsg.js +416 -0
  2196. package/dist/packs/de-bdsg.js.map +1 -0
  2197. package/dist/packs/do-178c.d.ts +98 -0
  2198. package/dist/packs/do-178c.d.ts.map +1 -0
  2199. package/dist/packs/do-178c.js +726 -0
  2200. package/dist/packs/do-178c.js.map +1 -0
  2201. package/dist/packs/dora.d.ts +48 -0
  2202. package/dist/packs/dora.d.ts.map +1 -0
  2203. package/dist/packs/dora.js +361 -0
  2204. package/dist/packs/dora.js.map +1 -0
  2205. package/dist/packs/ecoa.d.ts +46 -0
  2206. package/dist/packs/ecoa.d.ts.map +1 -0
  2207. package/dist/packs/ecoa.js +389 -0
  2208. package/dist/packs/ecoa.js.map +1 -0
  2209. package/dist/packs/eu-ai-liability.d.ts +39 -0
  2210. package/dist/packs/eu-ai-liability.d.ts.map +1 -0
  2211. package/dist/packs/eu-ai-liability.js +303 -0
  2212. package/dist/packs/eu-ai-liability.js.map +1 -0
  2213. package/dist/packs/eu-cra.d.ts +50 -0
  2214. package/dist/packs/eu-cra.d.ts.map +1 -0
  2215. package/dist/packs/eu-cra.js +143 -0
  2216. package/dist/packs/eu-cra.js.map +1 -0
  2217. package/dist/packs/eu-data-act.d.ts +49 -0
  2218. package/dist/packs/eu-data-act.d.ts.map +1 -0
  2219. package/dist/packs/eu-data-act.js +141 -0
  2220. package/dist/packs/eu-data-act.js.map +1 -0
  2221. package/dist/packs/eu-dma.d.ts +59 -0
  2222. package/dist/packs/eu-dma.d.ts.map +1 -0
  2223. package/dist/packs/eu-dma.js +188 -0
  2224. package/dist/packs/eu-dma.js.map +1 -0
  2225. package/dist/packs/eu-dsa.d.ts +54 -0
  2226. package/dist/packs/eu-dsa.d.ts.map +1 -0
  2227. package/dist/packs/eu-dsa.js +179 -0
  2228. package/dist/packs/eu-dsa.js.map +1 -0
  2229. package/dist/packs/eu-lpp.d.ts +61 -0
  2230. package/dist/packs/eu-lpp.d.ts.map +1 -0
  2231. package/dist/packs/eu-lpp.js +345 -0
  2232. package/dist/packs/eu-lpp.js.map +1 -0
  2233. package/dist/packs/eu-mdr-ivdr.d.ts +67 -0
  2234. package/dist/packs/eu-mdr-ivdr.d.ts.map +1 -0
  2235. package/dist/packs/eu-mdr-ivdr.js +420 -0
  2236. package/dist/packs/eu-mdr-ivdr.js.map +1 -0
  2237. package/dist/packs/euaiact.d.ts +51 -0
  2238. package/dist/packs/euaiact.d.ts.map +1 -0
  2239. package/dist/packs/euaiact.js +344 -0
  2240. package/dist/packs/euaiact.js.map +1 -0
  2241. package/dist/packs/fca-consumer-duty.d.ts +65 -0
  2242. package/dist/packs/fca-consumer-duty.d.ts.map +1 -0
  2243. package/dist/packs/fca-consumer-duty.js +412 -0
  2244. package/dist/packs/fca-consumer-duty.js.map +1 -0
  2245. package/dist/packs/fca-op-resilience.d.ts +53 -0
  2246. package/dist/packs/fca-op-resilience.d.ts.map +1 -0
  2247. package/dist/packs/fca-op-resilience.js +353 -0
  2248. package/dist/packs/fca-op-resilience.js.map +1 -0
  2249. package/dist/packs/fcra.d.ts +47 -0
  2250. package/dist/packs/fcra.d.ts.map +1 -0
  2251. package/dist/packs/fcra.js +444 -0
  2252. package/dist/packs/fcra.js.map +1 -0
  2253. package/dist/packs/fda-21-cfr-820.d.ts +53 -0
  2254. package/dist/packs/fda-21-cfr-820.d.ts.map +1 -0
  2255. package/dist/packs/fda-21-cfr-820.js +609 -0
  2256. package/dist/packs/fda-21-cfr-820.js.map +1 -0
  2257. package/dist/packs/fda-samd-precert.d.ts +122 -0
  2258. package/dist/packs/fda-samd-precert.d.ts.map +1 -0
  2259. package/dist/packs/fda-samd-precert.js +866 -0
  2260. package/dist/packs/fda-samd-precert.js.map +1 -0
  2261. package/dist/packs/fda-samd.d.ts +42 -0
  2262. package/dist/packs/fda-samd.d.ts.map +1 -0
  2263. package/dist/packs/fda-samd.js +317 -0
  2264. package/dist/packs/fda-samd.js.map +1 -0
  2265. package/dist/packs/fedramp.d.ts +51 -0
  2266. package/dist/packs/fedramp.d.ts.map +1 -0
  2267. package/dist/packs/fedramp.js +321 -0
  2268. package/dist/packs/fedramp.js.map +1 -0
  2269. package/dist/packs/ferpa.d.ts +57 -0
  2270. package/dist/packs/ferpa.d.ts.map +1 -0
  2271. package/dist/packs/ferpa.js +312 -0
  2272. package/dist/packs/ferpa.js.map +1 -0
  2273. package/dist/packs/finra-3110.d.ts +53 -0
  2274. package/dist/packs/finra-3110.d.ts.map +1 -0
  2275. package/dist/packs/finra-3110.js +354 -0
  2276. package/dist/packs/finra-3110.js.map +1 -0
  2277. package/dist/packs/florida-student-privacy.d.ts +104 -0
  2278. package/dist/packs/florida-student-privacy.d.ts.map +1 -0
  2279. package/dist/packs/florida-student-privacy.js +451 -0
  2280. package/dist/packs/florida-student-privacy.js.map +1 -0
  2281. package/dist/packs/foia.d.ts +46 -0
  2282. package/dist/packs/foia.d.ts.map +1 -0
  2283. package/dist/packs/foia.js +397 -0
  2284. package/dist/packs/foia.js.map +1 -0
  2285. package/dist/packs/frcp26.d.ts +52 -0
  2286. package/dist/packs/frcp26.d.ts.map +1 -0
  2287. package/dist/packs/frcp26.js +297 -0
  2288. package/dist/packs/frcp26.js.map +1 -0
  2289. package/dist/packs/ftc5.d.ts +35 -0
  2290. package/dist/packs/ftc5.d.ts.map +1 -0
  2291. package/dist/packs/ftc5.js +293 -0
  2292. package/dist/packs/ftc5.js.map +1 -0
  2293. package/dist/packs/gdpr.d.ts +41 -0
  2294. package/dist/packs/gdpr.d.ts.map +1 -0
  2295. package/dist/packs/gdpr.js +490 -0
  2296. package/dist/packs/gdpr.js.map +1 -0
  2297. package/dist/packs/glba.d.ts +34 -0
  2298. package/dist/packs/glba.d.ts.map +1 -0
  2299. package/dist/packs/glba.js +424 -0
  2300. package/dist/packs/glba.js.map +1 -0
  2301. package/dist/packs/gxp.d.ts +43 -0
  2302. package/dist/packs/gxp.d.ts.map +1 -0
  2303. package/dist/packs/gxp.js +353 -0
  2304. package/dist/packs/gxp.js.map +1 -0
  2305. package/dist/packs/hipaa.d.ts +47 -0
  2306. package/dist/packs/hipaa.d.ts.map +1 -0
  2307. package/dist/packs/hipaa.js +384 -0
  2308. package/dist/packs/hipaa.js.map +1 -0
  2309. package/dist/packs/hitech.d.ts +43 -0
  2310. package/dist/packs/hitech.d.ts.map +1 -0
  2311. package/dist/packs/hitech.js +292 -0
  2312. package/dist/packs/hitech.js.map +1 -0
  2313. package/dist/packs/hitrust-csf.d.ts +41 -0
  2314. package/dist/packs/hitrust-csf.d.ts.map +1 -0
  2315. package/dist/packs/hitrust-csf.js +122 -0
  2316. package/dist/packs/hitrust-csf.js.map +1 -0
  2317. package/dist/packs/hk-pdpo.d.ts +38 -0
  2318. package/dist/packs/hk-pdpo.d.ts.map +1 -0
  2319. package/dist/packs/hk-pdpo.js +125 -0
  2320. package/dist/packs/hk-pdpo.js.map +1 -0
  2321. package/dist/packs/hmda.d.ts +42 -0
  2322. package/dist/packs/hmda.d.ts.map +1 -0
  2323. package/dist/packs/hmda.js +382 -0
  2324. package/dist/packs/hmda.js.map +1 -0
  2325. package/dist/packs/iec-62304.d.ts +79 -0
  2326. package/dist/packs/iec-62304.d.ts.map +1 -0
  2327. package/dist/packs/iec-62304.js +588 -0
  2328. package/dist/packs/iec-62304.js.map +1 -0
  2329. package/dist/packs/iec-62443.d.ts +112 -0
  2330. package/dist/packs/iec-62443.d.ts.map +1 -0
  2331. package/dist/packs/iec-62443.js +689 -0
  2332. package/dist/packs/iec-62443.js.map +1 -0
  2333. package/dist/packs/illinois-aivia.d.ts +56 -0
  2334. package/dist/packs/illinois-aivia.d.ts.map +1 -0
  2335. package/dist/packs/illinois-aivia.js +351 -0
  2336. package/dist/packs/illinois-aivia.js.map +1 -0
  2337. package/dist/packs/in-dpdp.d.ts +82 -0
  2338. package/dist/packs/in-dpdp.d.ts.map +1 -0
  2339. package/dist/packs/in-dpdp.js +432 -0
  2340. package/dist/packs/in-dpdp.js.map +1 -0
  2341. package/dist/packs/index.d.ts +468 -0
  2342. package/dist/packs/index.d.ts.map +1 -0
  2343. package/dist/packs/index.js +672 -0
  2344. package/dist/packs/index.js.map +1 -0
  2345. package/dist/packs/iso-15189.d.ts +143 -0
  2346. package/dist/packs/iso-15189.d.ts.map +1 -0
  2347. package/dist/packs/iso-15189.js +947 -0
  2348. package/dist/packs/iso-15189.js.map +1 -0
  2349. package/dist/packs/iso-23894.d.ts +40 -0
  2350. package/dist/packs/iso-23894.d.ts.map +1 -0
  2351. package/dist/packs/iso-23894.js +445 -0
  2352. package/dist/packs/iso-23894.js.map +1 -0
  2353. package/dist/packs/iso-26262.d.ts +97 -0
  2354. package/dist/packs/iso-26262.d.ts.map +1 -0
  2355. package/dist/packs/iso-26262.js +737 -0
  2356. package/dist/packs/iso-26262.js.map +1 -0
  2357. package/dist/packs/iso-iec-80001.d.ts +151 -0
  2358. package/dist/packs/iso-iec-80001.d.ts.map +1 -0
  2359. package/dist/packs/iso-iec-80001.js +996 -0
  2360. package/dist/packs/iso-iec-80001.js.map +1 -0
  2361. package/dist/packs/iso20022.d.ts +54 -0
  2362. package/dist/packs/iso20022.d.ts.map +1 -0
  2363. package/dist/packs/iso20022.js +347 -0
  2364. package/dist/packs/iso20022.js.map +1 -0
  2365. package/dist/packs/iso27001.d.ts +46 -0
  2366. package/dist/packs/iso27001.d.ts.map +1 -0
  2367. package/dist/packs/iso27001.js +391 -0
  2368. package/dist/packs/iso27001.js.map +1 -0
  2369. package/dist/packs/iso27701.d.ts +53 -0
  2370. package/dist/packs/iso27701.d.ts.map +1 -0
  2371. package/dist/packs/iso27701.js +393 -0
  2372. package/dist/packs/iso27701.js.map +1 -0
  2373. package/dist/packs/iso42001.d.ts +47 -0
  2374. package/dist/packs/iso42001.d.ts.map +1 -0
  2375. package/dist/packs/iso42001.js +291 -0
  2376. package/dist/packs/iso42001.js.map +1 -0
  2377. package/dist/packs/jp-appi.d.ts +78 -0
  2378. package/dist/packs/jp-appi.d.ts.map +1 -0
  2379. package/dist/packs/jp-appi.js +441 -0
  2380. package/dist/packs/jp-appi.js.map +1 -0
  2381. package/dist/packs/kr-pipa.d.ts +74 -0
  2382. package/dist/packs/kr-pipa.d.ts.map +1 -0
  2383. package/dist/packs/kr-pipa.js +445 -0
  2384. package/dist/packs/kr-pipa.js.map +1 -0
  2385. package/dist/packs/lgpd.d.ts +32 -0
  2386. package/dist/packs/lgpd.d.ts.map +1 -0
  2387. package/dist/packs/lgpd.js +353 -0
  2388. package/dist/packs/lgpd.js.map +1 -0
  2389. package/dist/packs/lpo2024.d.ts +70 -0
  2390. package/dist/packs/lpo2024.d.ts.map +1 -0
  2391. package/dist/packs/lpo2024.js +310 -0
  2392. package/dist/packs/lpo2024.js.map +1 -0
  2393. package/dist/packs/maryland-hb1202.d.ts +53 -0
  2394. package/dist/packs/maryland-hb1202.d.ts.map +1 -0
  2395. package/dist/packs/maryland-hb1202.js +341 -0
  2396. package/dist/packs/maryland-hb1202.js.map +1 -0
  2397. package/dist/packs/mhra-samd-ukca.d.ts +79 -0
  2398. package/dist/packs/mhra-samd-ukca.d.ts.map +1 -0
  2399. package/dist/packs/mhra-samd-ukca.js +476 -0
  2400. package/dist/packs/mhra-samd-ukca.js.map +1 -0
  2401. package/dist/packs/mifid2.d.ts +51 -0
  2402. package/dist/packs/mifid2.d.ts.map +1 -0
  2403. package/dist/packs/mifid2.js +384 -0
  2404. package/dist/packs/mifid2.js.map +1 -0
  2405. package/dist/packs/migration-manifest.d.ts +30 -0
  2406. package/dist/packs/migration-manifest.d.ts.map +1 -0
  2407. package/dist/packs/migration-manifest.js +59 -0
  2408. package/dist/packs/migration-manifest.js.map +1 -0
  2409. package/dist/packs/naic-mdl.d.ts +50 -0
  2410. package/dist/packs/naic-mdl.d.ts.map +1 -0
  2411. package/dist/packs/naic-mdl.js +318 -0
  2412. package/dist/packs/naic-mdl.js.map +1 -0
  2413. package/dist/packs/ncsc-ai-security.d.ts +69 -0
  2414. package/dist/packs/ncsc-ai-security.d.ts.map +1 -0
  2415. package/dist/packs/ncsc-ai-security.js +629 -0
  2416. package/dist/packs/ncsc-ai-security.js.map +1 -0
  2417. package/dist/packs/ncsc-caf.d.ts +62 -0
  2418. package/dist/packs/ncsc-caf.d.ts.map +1 -0
  2419. package/dist/packs/ncsc-caf.js +384 -0
  2420. package/dist/packs/ncsc-caf.js.map +1 -0
  2421. package/dist/packs/nhs-dcb0129-dcb0160.d.ts +85 -0
  2422. package/dist/packs/nhs-dcb0129-dcb0160.d.ts.map +1 -0
  2423. package/dist/packs/nhs-dcb0129-dcb0160.js +473 -0
  2424. package/dist/packs/nhs-dcb0129-dcb0160.js.map +1 -0
  2425. package/dist/packs/nhs-dspt.d.ts +83 -0
  2426. package/dist/packs/nhs-dspt.d.ts.map +1 -0
  2427. package/dist/packs/nhs-dspt.js +437 -0
  2428. package/dist/packs/nhs-dspt.js.map +1 -0
  2429. package/dist/packs/nhs-dtac.d.ts +80 -0
  2430. package/dist/packs/nhs-dtac.d.ts.map +1 -0
  2431. package/dist/packs/nhs-dtac.js +402 -0
  2432. package/dist/packs/nhs-dtac.js.map +1 -0
  2433. package/dist/packs/nhs-psirf.d.ts +74 -0
  2434. package/dist/packs/nhs-psirf.d.ts.map +1 -0
  2435. package/dist/packs/nhs-psirf.js +417 -0
  2436. package/dist/packs/nhs-psirf.js.map +1 -0
  2437. package/dist/packs/ni-equality.d.ts +87 -0
  2438. package/dist/packs/ni-equality.d.ts.map +1 -0
  2439. package/dist/packs/ni-equality.js +439 -0
  2440. package/dist/packs/ni-equality.js.map +1 -0
  2441. package/dist/packs/ni-hscni.d.ts +76 -0
  2442. package/dist/packs/ni-hscni.d.ts.map +1 -0
  2443. package/dist/packs/ni-hscni.js +418 -0
  2444. package/dist/packs/ni-hscni.js.map +1 -0
  2445. package/dist/packs/ni-mental-capacity.d.ts +45 -0
  2446. package/dist/packs/ni-mental-capacity.d.ts.map +1 -0
  2447. package/dist/packs/ni-mental-capacity.js +133 -0
  2448. package/dist/packs/ni-mental-capacity.js.map +1 -0
  2449. package/dist/packs/nice-esf-dht.d.ts +72 -0
  2450. package/dist/packs/nice-esf-dht.d.ts.map +1 -0
  2451. package/dist/packs/nice-esf-dht.js +407 -0
  2452. package/dist/packs/nice-esf-dht.js.map +1 -0
  2453. package/dist/packs/nis2.d.ts +80 -0
  2454. package/dist/packs/nis2.d.ts.map +1 -0
  2455. package/dist/packs/nis2.js +425 -0
  2456. package/dist/packs/nis2.js.map +1 -0
  2457. package/dist/packs/nist-800-53.d.ts +40 -0
  2458. package/dist/packs/nist-800-53.d.ts.map +1 -0
  2459. package/dist/packs/nist-800-53.js +129 -0
  2460. package/dist/packs/nist-800-53.js.map +1 -0
  2461. package/dist/packs/nist-ai-rmf.d.ts +48 -0
  2462. package/dist/packs/nist-ai-rmf.d.ts.map +1 -0
  2463. package/dist/packs/nist-ai-rmf.js +370 -0
  2464. package/dist/packs/nist-ai-rmf.js.map +1 -0
  2465. package/dist/packs/nist-csf.d.ts +41 -0
  2466. package/dist/packs/nist-csf.d.ts.map +1 -0
  2467. package/dist/packs/nist-csf.js +134 -0
  2468. package/dist/packs/nist-csf.js.map +1 -0
  2469. package/dist/packs/nist-sp-800-82.d.ts +127 -0
  2470. package/dist/packs/nist-sp-800-82.d.ts.map +1 -0
  2471. package/dist/packs/nist-sp-800-82.js +724 -0
  2472. package/dist/packs/nist-sp-800-82.js.map +1 -0
  2473. package/dist/packs/nyc-ll-144.d.ts +38 -0
  2474. package/dist/packs/nyc-ll-144.d.ts.map +1 -0
  2475. package/dist/packs/nyc-ll-144.js +291 -0
  2476. package/dist/packs/nyc-ll-144.js.map +1 -0
  2477. package/dist/packs/nydfs500.d.ts +32 -0
  2478. package/dist/packs/nydfs500.d.ts.map +1 -0
  2479. package/dist/packs/nydfs500.js +288 -0
  2480. package/dist/packs/nydfs500.js.map +1 -0
  2481. package/dist/packs/nz-privacy.d.ts +91 -0
  2482. package/dist/packs/nz-privacy.d.ts.map +1 -0
  2483. package/dist/packs/nz-privacy.js +468 -0
  2484. package/dist/packs/nz-privacy.js.map +1 -0
  2485. package/dist/packs/part11.d.ts +31 -0
  2486. package/dist/packs/part11.d.ts.map +1 -0
  2487. package/dist/packs/part11.js +332 -0
  2488. package/dist/packs/part11.js.map +1 -0
  2489. package/dist/packs/part2.d.ts +42 -0
  2490. package/dist/packs/part2.d.ts.map +1 -0
  2491. package/dist/packs/part2.js +358 -0
  2492. package/dist/packs/part2.js.map +1 -0
  2493. package/dist/packs/pcidss.d.ts +72 -0
  2494. package/dist/packs/pcidss.d.ts.map +1 -0
  2495. package/dist/packs/pcidss.js +470 -0
  2496. package/dist/packs/pcidss.js.map +1 -0
  2497. package/dist/packs/pipl.d.ts +31 -0
  2498. package/dist/packs/pipl.d.ts.map +1 -0
  2499. package/dist/packs/pipl.js +208 -0
  2500. package/dist/packs/pipl.js.map +1 -0
  2501. package/dist/packs/reg-e.d.ts +55 -0
  2502. package/dist/packs/reg-e.d.ts.map +1 -0
  2503. package/dist/packs/reg-e.js +362 -0
  2504. package/dist/packs/reg-e.js.map +1 -0
  2505. package/dist/packs/registry-expanded.d.ts +76 -0
  2506. package/dist/packs/registry-expanded.d.ts.map +1 -0
  2507. package/dist/packs/registry-expanded.js +2354 -0
  2508. package/dist/packs/registry-expanded.js.map +1 -0
  2509. package/dist/packs/scotland-awi.d.ts +74 -0
  2510. package/dist/packs/scotland-awi.d.ts.map +1 -0
  2511. package/dist/packs/scotland-awi.js +408 -0
  2512. package/dist/packs/scotland-awi.js.map +1 -0
  2513. package/dist/packs/scotland-procurement-reform.d.ts +40 -0
  2514. package/dist/packs/scotland-procurement-reform.d.ts.map +1 -0
  2515. package/dist/packs/scotland-procurement-reform.js +125 -0
  2516. package/dist/packs/scotland-procurement-reform.js.map +1 -0
  2517. package/dist/packs/scotland-psed.d.ts +67 -0
  2518. package/dist/packs/scotland-psed.d.ts.map +1 -0
  2519. package/dist/packs/scotland-psed.js +372 -0
  2520. package/dist/packs/scotland-psed.js.map +1 -0
  2521. package/dist/packs/sg-model-ai-gov.d.ts +62 -0
  2522. package/dist/packs/sg-model-ai-gov.d.ts.map +1 -0
  2523. package/dist/packs/sg-model-ai-gov.js +396 -0
  2524. package/dist/packs/sg-model-ai-gov.js.map +1 -0
  2525. package/dist/packs/soc1.d.ts +34 -0
  2526. package/dist/packs/soc1.d.ts.map +1 -0
  2527. package/dist/packs/soc1.js +308 -0
  2528. package/dist/packs/soc1.js.map +1 -0
  2529. package/dist/packs/soc2.d.ts +44 -0
  2530. package/dist/packs/soc2.d.ts.map +1 -0
  2531. package/dist/packs/soc2.js +340 -0
  2532. package/dist/packs/soc2.js.map +1 -0
  2533. package/dist/packs/sox404.d.ts +32 -0
  2534. package/dist/packs/sox404.d.ts.map +1 -0
  2535. package/dist/packs/sox404.js +298 -0
  2536. package/dist/packs/sox404.js.map +1 -0
  2537. package/dist/packs/sr117.d.ts +35 -0
  2538. package/dist/packs/sr117.d.ts.map +1 -0
  2539. package/dist/packs/sr117.js +345 -0
  2540. package/dist/packs/sr117.js.map +1 -0
  2541. package/dist/packs/stateramp.d.ts +62 -0
  2542. package/dist/packs/stateramp.d.ts.map +1 -0
  2543. package/dist/packs/stateramp.js +327 -0
  2544. package/dist/packs/stateramp.js.map +1 -0
  2545. package/dist/packs/tennessee-elvis.d.ts +68 -0
  2546. package/dist/packs/tennessee-elvis.d.ts.map +1 -0
  2547. package/dist/packs/tennessee-elvis.js +420 -0
  2548. package/dist/packs/tennessee-elvis.js.map +1 -0
  2549. package/dist/packs/texas-hb4.d.ts +77 -0
  2550. package/dist/packs/texas-hb4.d.ts.map +1 -0
  2551. package/dist/packs/texas-hb4.js +396 -0
  2552. package/dist/packs/texas-hb4.js.map +1 -0
  2553. package/dist/packs/th-pdpa.d.ts +43 -0
  2554. package/dist/packs/th-pdpa.d.ts.map +1 -0
  2555. package/dist/packs/th-pdpa.js +128 -0
  2556. package/dist/packs/th-pdpa.js.map +1 -0
  2557. package/dist/packs/title-ix.d.ts +93 -0
  2558. package/dist/packs/title-ix.d.ts.map +1 -0
  2559. package/dist/packs/title-ix.js +447 -0
  2560. package/dist/packs/title-ix.js.map +1 -0
  2561. package/dist/packs/uk-ai-framework.d.ts +42 -0
  2562. package/dist/packs/uk-ai-framework.d.ts.map +1 -0
  2563. package/dist/packs/uk-ai-framework.js +355 -0
  2564. package/dist/packs/uk-ai-framework.js.map +1 -0
  2565. package/dist/packs/uk-cma-1990.d.ts +75 -0
  2566. package/dist/packs/uk-cma-1990.d.ts.map +1 -0
  2567. package/dist/packs/uk-cma-1990.js +406 -0
  2568. package/dist/packs/uk-cma-1990.js.map +1 -0
  2569. package/dist/packs/uk-equality-act-ai-bias.d.ts +54 -0
  2570. package/dist/packs/uk-equality-act-ai-bias.d.ts.map +1 -0
  2571. package/dist/packs/uk-equality-act-ai-bias.js +684 -0
  2572. package/dist/packs/uk-equality-act-ai-bias.js.map +1 -0
  2573. package/dist/packs/uk-equality-act.d.ts +69 -0
  2574. package/dist/packs/uk-equality-act.d.ts.map +1 -0
  2575. package/dist/packs/uk-equality-act.js +409 -0
  2576. package/dist/packs/uk-equality-act.js.map +1 -0
  2577. package/dist/packs/uk-future-ai-legislation.d.ts +42 -0
  2578. package/dist/packs/uk-future-ai-legislation.d.ts.map +1 -0
  2579. package/dist/packs/uk-future-ai-legislation.js +212 -0
  2580. package/dist/packs/uk-future-ai-legislation.js.map +1 -0
  2581. package/dist/packs/uk-gdpr.d.ts +74 -0
  2582. package/dist/packs/uk-gdpr.d.ts.map +1 -0
  2583. package/dist/packs/uk-gdpr.js +377 -0
  2584. package/dist/packs/uk-gdpr.js.map +1 -0
  2585. package/dist/packs/uk-ico-open-case.d.ts +65 -0
  2586. package/dist/packs/uk-ico-open-case.d.ts.map +1 -0
  2587. package/dist/packs/uk-ico-open-case.js +399 -0
  2588. package/dist/packs/uk-ico-open-case.js.map +1 -0
  2589. package/dist/packs/uk-nis-regs.d.ts +67 -0
  2590. package/dist/packs/uk-nis-regs.d.ts.map +1 -0
  2591. package/dist/packs/uk-nis-regs.js +366 -0
  2592. package/dist/packs/uk-nis-regs.js.map +1 -0
  2593. package/dist/packs/uk-online-safety-act.d.ts +68 -0
  2594. package/dist/packs/uk-online-safety-act.d.ts.map +1 -0
  2595. package/dist/packs/uk-online-safety-act.js +413 -0
  2596. package/dist/packs/uk-online-safety-act.js.map +1 -0
  2597. package/dist/packs/uk-procurement-act.d.ts +81 -0
  2598. package/dist/packs/uk-procurement-act.d.ts.map +1 -0
  2599. package/dist/packs/uk-procurement-act.js +434 -0
  2600. package/dist/packs/uk-procurement-act.js.map +1 -0
  2601. package/dist/packs/us-fda-21cfr56.d.ts +63 -0
  2602. package/dist/packs/us-fda-21cfr56.d.ts.map +1 -0
  2603. package/dist/packs/us-fda-21cfr56.js +367 -0
  2604. package/dist/packs/us-fda-21cfr56.js.map +1 -0
  2605. package/dist/packs/us-nih-coc.d.ts +43 -0
  2606. package/dist/packs/us-nih-coc.d.ts.map +1 -0
  2607. package/dist/packs/us-nih-coc.js +206 -0
  2608. package/dist/packs/us-nih-coc.js.map +1 -0
  2609. package/dist/packs/us-nih-dms.d.ts +43 -0
  2610. package/dist/packs/us-nih-dms.d.ts.map +1 -0
  2611. package/dist/packs/us-nih-dms.js +244 -0
  2612. package/dist/packs/us-nih-dms.js.map +1 -0
  2613. package/dist/packs/us-nih-gds.d.ts +41 -0
  2614. package/dist/packs/us-nih-gds.d.ts.map +1 -0
  2615. package/dist/packs/us-nih-gds.js +358 -0
  2616. package/dist/packs/us-nih-gds.js.map +1 -0
  2617. package/dist/packs/us-nih-it-security.d.ts +40 -0
  2618. package/dist/packs/us-nih-it-security.d.ts.map +1 -0
  2619. package/dist/packs/us-nih-it-security.js +206 -0
  2620. package/dist/packs/us-nih-it-security.js.map +1 -0
  2621. package/dist/packs/us-respa.d.ts +55 -0
  2622. package/dist/packs/us-respa.d.ts.map +1 -0
  2623. package/dist/packs/us-respa.js +364 -0
  2624. package/dist/packs/us-respa.js.map +1 -0
  2625. package/dist/packs/us-tila.d.ts +65 -0
  2626. package/dist/packs/us-tila.d.ts.map +1 -0
  2627. package/dist/packs/us-tila.js +353 -0
  2628. package/dist/packs/us-tila.js.map +1 -0
  2629. package/dist/packs/us-trid.d.ts +62 -0
  2630. package/dist/packs/us-trid.d.ts.map +1 -0
  2631. package/dist/packs/us-trid.js +345 -0
  2632. package/dist/packs/us-trid.js.map +1 -0
  2633. package/dist/packs/utah-ai-policy.d.ts +55 -0
  2634. package/dist/packs/utah-ai-policy.d.ts.map +1 -0
  2635. package/dist/packs/utah-ai-policy.js +340 -0
  2636. package/dist/packs/utah-ai-policy.js.map +1 -0
  2637. package/dist/packs/vn-pdpd.d.ts +40 -0
  2638. package/dist/packs/vn-pdpd.d.ts.map +1 -0
  2639. package/dist/packs/vn-pdpd.js +125 -0
  2640. package/dist/packs/vn-pdpd.js.map +1 -0
  2641. package/dist/packs/wales-future-generations.d.ts +67 -0
  2642. package/dist/packs/wales-future-generations.d.ts.map +1 -0
  2643. package/dist/packs/wales-future-generations.js +396 -0
  2644. package/dist/packs/wales-future-generations.js.map +1 -0
  2645. package/dist/reporting/governance-reporter.d.ts +196 -0
  2646. package/dist/reporting/governance-reporter.d.ts.map +1 -0
  2647. package/dist/reporting/governance-reporter.js +442 -0
  2648. package/dist/reporting/governance-reporter.js.map +1 -0
  2649. package/dist/retention/backup-retention-adapter.d.ts +72 -0
  2650. package/dist/retention/backup-retention-adapter.d.ts.map +1 -0
  2651. package/dist/retention/backup-retention-adapter.js +69 -0
  2652. package/dist/retention/backup-retention-adapter.js.map +1 -0
  2653. package/dist/retention/classification-rules.d.ts +59 -0
  2654. package/dist/retention/classification-rules.d.ts.map +1 -0
  2655. package/dist/retention/classification-rules.js +185 -0
  2656. package/dist/retention/classification-rules.js.map +1 -0
  2657. package/dist/retention/classifier.d.ts +195 -0
  2658. package/dist/retention/classifier.d.ts.map +1 -0
  2659. package/dist/retention/classifier.js +254 -0
  2660. package/dist/retention/classifier.js.map +1 -0
  2661. package/dist/retention/data-class.d.ts +70 -0
  2662. package/dist/retention/data-class.d.ts.map +1 -0
  2663. package/dist/retention/data-class.js +47 -0
  2664. package/dist/retention/data-class.js.map +1 -0
  2665. package/dist/retention/enforcement-log-store.d.ts +121 -0
  2666. package/dist/retention/enforcement-log-store.d.ts.map +1 -0
  2667. package/dist/retention/enforcement-log-store.js +183 -0
  2668. package/dist/retention/enforcement-log-store.js.map +1 -0
  2669. package/dist/retention/index.d.ts +31 -0
  2670. package/dist/retention/index.d.ts.map +1 -0
  2671. package/dist/retention/index.js +67 -0
  2672. package/dist/retention/index.js.map +1 -0
  2673. package/dist/retention/ingest-classifier.d.ts +126 -0
  2674. package/dist/retention/ingest-classifier.d.ts.map +1 -0
  2675. package/dist/retention/ingest-classifier.js +130 -0
  2676. package/dist/retention/ingest-classifier.js.map +1 -0
  2677. package/dist/retention/legal-hold-errors.d.ts +57 -0
  2678. package/dist/retention/legal-hold-errors.d.ts.map +1 -0
  2679. package/dist/retention/legal-hold-errors.js +99 -0
  2680. package/dist/retention/legal-hold-errors.js.map +1 -0
  2681. package/dist/retention/legal-hold-store.d.ts +191 -0
  2682. package/dist/retention/legal-hold-store.d.ts.map +1 -0
  2683. package/dist/retention/legal-hold-store.js +432 -0
  2684. package/dist/retention/legal-hold-store.js.map +1 -0
  2685. package/dist/retention/legal-hold.d.ts +122 -0
  2686. package/dist/retention/legal-hold.d.ts.map +1 -0
  2687. package/dist/retention/legal-hold.js +18 -0
  2688. package/dist/retention/legal-hold.js.map +1 -0
  2689. package/dist/retention/log-aggregators/datadog.d.ts +53 -0
  2690. package/dist/retention/log-aggregators/datadog.d.ts.map +1 -0
  2691. package/dist/retention/log-aggregators/datadog.js +157 -0
  2692. package/dist/retention/log-aggregators/datadog.js.map +1 -0
  2693. package/dist/retention/log-aggregators/index.d.ts +14 -0
  2694. package/dist/retention/log-aggregators/index.d.ts.map +1 -0
  2695. package/dist/retention/log-aggregators/index.js +18 -0
  2696. package/dist/retention/log-aggregators/index.js.map +1 -0
  2697. package/dist/retention/log-aggregators/log-aggregator.d.ts +62 -0
  2698. package/dist/retention/log-aggregators/log-aggregator.d.ts.map +1 -0
  2699. package/dist/retention/log-aggregators/log-aggregator.js +21 -0
  2700. package/dist/retention/log-aggregators/log-aggregator.js.map +1 -0
  2701. package/dist/retention/log-aggregators/noop.d.ts +23 -0
  2702. package/dist/retention/log-aggregators/noop.d.ts.map +1 -0
  2703. package/dist/retention/log-aggregators/noop.js +30 -0
  2704. package/dist/retention/log-aggregators/noop.js.map +1 -0
  2705. package/dist/retention/log-aggregators/sentinel.d.ts +75 -0
  2706. package/dist/retention/log-aggregators/sentinel.d.ts.map +1 -0
  2707. package/dist/retention/log-aggregators/sentinel.js +220 -0
  2708. package/dist/retention/log-aggregators/sentinel.js.map +1 -0
  2709. package/dist/retention/log-aggregators/splunk.d.ts +58 -0
  2710. package/dist/retention/log-aggregators/splunk.d.ts.map +1 -0
  2711. package/dist/retention/log-aggregators/splunk.js +151 -0
  2712. package/dist/retention/log-aggregators/splunk.js.map +1 -0
  2713. package/dist/retention/policy-matrix-errors.d.ts +80 -0
  2714. package/dist/retention/policy-matrix-errors.d.ts.map +1 -0
  2715. package/dist/retention/policy-matrix-errors.js +134 -0
  2716. package/dist/retention/policy-matrix-errors.js.map +1 -0
  2717. package/dist/retention/policy-matrix.d.ts +263 -0
  2718. package/dist/retention/policy-matrix.d.ts.map +1 -0
  2719. package/dist/retention/policy-matrix.js +584 -0
  2720. package/dist/retention/policy-matrix.js.map +1 -0
  2721. package/dist/scanner/gap-report.d.ts +108 -0
  2722. package/dist/scanner/gap-report.d.ts.map +1 -0
  2723. package/dist/scanner/gap-report.js +337 -0
  2724. package/dist/scanner/gap-report.js.map +1 -0
  2725. package/dist/scanner/index.d.ts +98 -0
  2726. package/dist/scanner/index.d.ts.map +1 -0
  2727. package/dist/scanner/index.js +453 -0
  2728. package/dist/scanner/index.js.map +1 -0
  2729. package/dist/scanner/manifest-integrity.d.ts +44 -0
  2730. package/dist/scanner/manifest-integrity.d.ts.map +1 -0
  2731. package/dist/scanner/manifest-integrity.js +155 -0
  2732. package/dist/scanner/manifest-integrity.js.map +1 -0
  2733. package/dist/scanner/remediation.d.ts +72 -0
  2734. package/dist/scanner/remediation.d.ts.map +1 -0
  2735. package/dist/scanner/remediation.js +292 -0
  2736. package/dist/scanner/remediation.js.map +1 -0
  2737. package/dist/security/access-review.d.ts +122 -0
  2738. package/dist/security/access-review.d.ts.map +1 -0
  2739. package/dist/security/access-review.js +272 -0
  2740. package/dist/security/access-review.js.map +1 -0
  2741. package/dist/security/agent-auth.d.ts +92 -0
  2742. package/dist/security/agent-auth.d.ts.map +1 -0
  2743. package/dist/security/agent-auth.js +290 -0
  2744. package/dist/security/agent-auth.js.map +1 -0
  2745. package/dist/security/anomaly-auto-suspend.d.ts +226 -0
  2746. package/dist/security/anomaly-auto-suspend.d.ts.map +1 -0
  2747. package/dist/security/anomaly-auto-suspend.js +384 -0
  2748. package/dist/security/anomaly-auto-suspend.js.map +1 -0
  2749. package/dist/security/anomaly-correlator.d.ts +66 -0
  2750. package/dist/security/anomaly-correlator.d.ts.map +1 -0
  2751. package/dist/security/anomaly-correlator.js +316 -0
  2752. package/dist/security/anomaly-correlator.js.map +1 -0
  2753. package/dist/security/anomaly-detector.d.ts +137 -0
  2754. package/dist/security/anomaly-detector.d.ts.map +1 -0
  2755. package/dist/security/anomaly-detector.js +298 -0
  2756. package/dist/security/anomaly-detector.js.map +1 -0
  2757. package/dist/security/anomaly-self-reflection.d.ts +168 -0
  2758. package/dist/security/anomaly-self-reflection.d.ts.map +1 -0
  2759. package/dist/security/anomaly-self-reflection.js +331 -0
  2760. package/dist/security/anomaly-self-reflection.js.map +1 -0
  2761. package/dist/security/built-in-llm-providers.d.ts +50 -0
  2762. package/dist/security/built-in-llm-providers.d.ts.map +1 -0
  2763. package/dist/security/built-in-llm-providers.js +83 -0
  2764. package/dist/security/built-in-llm-providers.js.map +1 -0
  2765. package/dist/security/circuit-breaker.d.ts +62 -0
  2766. package/dist/security/circuit-breaker.d.ts.map +1 -0
  2767. package/dist/security/circuit-breaker.js +183 -0
  2768. package/dist/security/circuit-breaker.js.map +1 -0
  2769. package/dist/security/data-classifier.d.ts +139 -0
  2770. package/dist/security/data-classifier.d.ts.map +1 -0
  2771. package/dist/security/data-classifier.js +483 -0
  2772. package/dist/security/data-classifier.js.map +1 -0
  2773. package/dist/security/encrypted-storage.d.ts +80 -0
  2774. package/dist/security/encrypted-storage.d.ts.map +1 -0
  2775. package/dist/security/encrypted-storage.js +257 -0
  2776. package/dist/security/encrypted-storage.js.map +1 -0
  2777. package/dist/security/encryption-layer.d.ts +115 -0
  2778. package/dist/security/encryption-layer.d.ts.map +1 -0
  2779. package/dist/security/encryption-layer.js +374 -0
  2780. package/dist/security/encryption-layer.js.map +1 -0
  2781. package/dist/security/external-cross-check.d.ts +206 -0
  2782. package/dist/security/external-cross-check.d.ts.map +1 -0
  2783. package/dist/security/external-cross-check.js +490 -0
  2784. package/dist/security/external-cross-check.js.map +1 -0
  2785. package/dist/security/hash-manifest.d.ts +70 -0
  2786. package/dist/security/hash-manifest.d.ts.map +1 -0
  2787. package/dist/security/hash-manifest.js +266 -0
  2788. package/dist/security/hash-manifest.js.map +1 -0
  2789. package/dist/security/http-interceptor.d.ts +262 -0
  2790. package/dist/security/http-interceptor.d.ts.map +1 -0
  2791. package/dist/security/http-interceptor.js +637 -0
  2792. package/dist/security/http-interceptor.js.map +1 -0
  2793. package/dist/security/key-manager.d.ts +111 -0
  2794. package/dist/security/key-manager.d.ts.map +1 -0
  2795. package/dist/security/key-manager.js +326 -0
  2796. package/dist/security/key-manager.js.map +1 -0
  2797. package/dist/security/nonce-store.d.ts +48 -0
  2798. package/dist/security/nonce-store.d.ts.map +1 -0
  2799. package/dist/security/nonce-store.js +170 -0
  2800. package/dist/security/nonce-store.js.map +1 -0
  2801. package/dist/security/operator-roles.d.ts +100 -0
  2802. package/dist/security/operator-roles.d.ts.map +1 -0
  2803. package/dist/security/operator-roles.js +278 -0
  2804. package/dist/security/operator-roles.js.map +1 -0
  2805. package/dist/security/plugin-integrity.d.ts +99 -0
  2806. package/dist/security/plugin-integrity.d.ts.map +1 -0
  2807. package/dist/security/plugin-integrity.js +194 -0
  2808. package/dist/security/plugin-integrity.js.map +1 -0
  2809. package/dist/security/prompt-injection-detector.d.ts +81 -0
  2810. package/dist/security/prompt-injection-detector.d.ts.map +1 -0
  2811. package/dist/security/prompt-injection-detector.js +505 -0
  2812. package/dist/security/prompt-injection-detector.js.map +1 -0
  2813. package/dist/security/provider-compliance-boot.d.ts +64 -0
  2814. package/dist/security/provider-compliance-boot.d.ts.map +1 -0
  2815. package/dist/security/provider-compliance-boot.js +105 -0
  2816. package/dist/security/provider-compliance-boot.js.map +1 -0
  2817. package/dist/security/provider-compliance.d.ts +261 -0
  2818. package/dist/security/provider-compliance.d.ts.map +1 -0
  2819. package/dist/security/provider-compliance.js +711 -0
  2820. package/dist/security/provider-compliance.js.map +1 -0
  2821. package/dist/security/secret-leak-detector.d.ts +59 -0
  2822. package/dist/security/secret-leak-detector.d.ts.map +1 -0
  2823. package/dist/security/secret-leak-detector.js +180 -0
  2824. package/dist/security/secret-leak-detector.js.map +1 -0
  2825. package/dist/security/session-timeout.d.ts +107 -0
  2826. package/dist/security/session-timeout.d.ts.map +1 -0
  2827. package/dist/security/session-timeout.js +291 -0
  2828. package/dist/security/session-timeout.js.map +1 -0
  2829. package/dist/security/ssrf-guard.d.ts +45 -0
  2830. package/dist/security/ssrf-guard.d.ts.map +1 -0
  2831. package/dist/security/ssrf-guard.js +263 -0
  2832. package/dist/security/ssrf-guard.js.map +1 -0
  2833. package/dist/security/supply-chain.d.ts +99 -0
  2834. package/dist/security/supply-chain.d.ts.map +1 -0
  2835. package/dist/security/supply-chain.js +320 -0
  2836. package/dist/security/supply-chain.js.map +1 -0
  2837. package/dist/security/vendor-registry.d.ts +111 -0
  2838. package/dist/security/vendor-registry.d.ts.map +1 -0
  2839. package/dist/security/vendor-registry.js +293 -0
  2840. package/dist/security/vendor-registry.js.map +1 -0
  2841. package/dist/tenant/index.d.ts +14 -0
  2842. package/dist/tenant/index.d.ts.map +1 -0
  2843. package/dist/tenant/index.js +32 -0
  2844. package/dist/tenant/index.js.map +1 -0
  2845. package/dist/tenant/policy-inheritance.d.ts +112 -0
  2846. package/dist/tenant/policy-inheritance.d.ts.map +1 -0
  2847. package/dist/tenant/policy-inheritance.js +382 -0
  2848. package/dist/tenant/policy-inheritance.js.map +1 -0
  2849. package/dist/tenant/rbac.d.ts +65 -0
  2850. package/dist/tenant/rbac.d.ts.map +1 -0
  2851. package/dist/tenant/rbac.js +185 -0
  2852. package/dist/tenant/rbac.js.map +1 -0
  2853. package/dist/tenant/workspace.d.ts +111 -0
  2854. package/dist/tenant/workspace.d.ts.map +1 -0
  2855. package/dist/tenant/workspace.js +315 -0
  2856. package/dist/tenant/workspace.js.map +1 -0
  2857. package/dist/trust-passport/index.d.ts +106 -0
  2858. package/dist/trust-passport/index.d.ts.map +1 -0
  2859. package/dist/trust-passport/index.js +123 -0
  2860. package/dist/trust-passport/index.js.map +1 -0
  2861. package/dist/util/async-io.d.ts +57 -0
  2862. package/dist/util/async-io.d.ts.map +1 -0
  2863. package/dist/util/async-io.js +209 -0
  2864. package/dist/util/async-io.js.map +1 -0
  2865. package/dist/util/fs.d.ts +84 -0
  2866. package/dist/util/fs.d.ts.map +1 -0
  2867. package/dist/util/fs.js +211 -0
  2868. package/dist/util/fs.js.map +1 -0
  2869. package/dist/util/log-rotation.d.ts +55 -0
  2870. package/dist/util/log-rotation.d.ts.map +1 -0
  2871. package/dist/util/log-rotation.js +212 -0
  2872. package/dist/util/log-rotation.js.map +1 -0
  2873. package/dist/util/log.d.ts +35 -0
  2874. package/dist/util/log.d.ts.map +1 -0
  2875. package/dist/util/log.js +115 -0
  2876. package/dist/util/log.js.map +1 -0
  2877. package/dist/util/sigv4.d.ts +73 -0
  2878. package/dist/util/sigv4.d.ts.map +1 -0
  2879. package/dist/util/sigv4.js +155 -0
  2880. package/dist/util/sigv4.js.map +1 -0
  2881. package/dist/util/storage-backend.d.ts +69 -0
  2882. package/dist/util/storage-backend.d.ts.map +1 -0
  2883. package/dist/util/storage-backend.js +204 -0
  2884. package/dist/util/storage-backend.js.map +1 -0
  2885. package/package.json +144 -0
  2886. package/src/hooks/audit-dir-picker.sh +70 -0
  2887. package/src/hooks/audit-logger.sh +325 -0
  2888. package/src/hooks/cost-budget-gate.sh +74 -0
  2889. package/src/hooks/destructive-command-guard.sh +200 -0
  2890. package/src/hooks/file-boundary-guard.sh +159 -0
  2891. package/src/hooks/file-change-tracker.sh +78 -0
  2892. package/src/hooks/governance-file-shield.sh +102 -0
  2893. package/src/hooks/governance-integrity-check.sh +109 -0
  2894. package/src/hooks/hook-health-monitor.sh +189 -0
  2895. package/src/hooks/hook-utils.sh +51 -0
  2896. package/src/hooks/hook-wrapper.sh +77 -0
  2897. package/src/hooks/install-hooks.sh +162 -0
  2898. package/src/hooks/output-exfiltration-scanner.sh +112 -0
  2899. package/src/hooks/powershell/audit-dir-picker.ps1 +72 -0
  2900. package/src/hooks/powershell/audit-logger.ps1 +75 -0
  2901. package/src/hooks/powershell/cost-budget-gate.ps1 +61 -0
  2902. package/src/hooks/powershell/destructive-command-guard.ps1 +67 -0
  2903. package/src/hooks/powershell/file-boundary-guard.ps1 +76 -0
  2904. package/src/hooks/powershell/file-change-tracker.ps1 +74 -0
  2905. package/src/hooks/powershell/governance-file-shield.ps1 +86 -0
  2906. package/src/hooks/powershell/governance-integrity-check.ps1 +101 -0
  2907. package/src/hooks/powershell/hook-health-monitor.ps1 +153 -0
  2908. package/src/hooks/powershell/hook-utils.ps1 +44 -0
  2909. package/src/hooks/powershell/hook-wrapper.ps1 +67 -0
  2910. package/src/hooks/powershell/install-hooks.ps1 +142 -0
  2911. package/src/hooks/powershell/output-exfiltration-scanner.ps1 +85 -0
  2912. package/src/hooks/powershell/secret-leak-scanner.ps1 +105 -0
  2913. package/src/hooks/powershell/token-tracker.ps1 +83 -0
  2914. package/src/hooks/powershell/web-access-gate.ps1 +89 -0
  2915. package/src/hooks/secret-leak-scanner.sh +293 -0
  2916. package/src/hooks/token-tracker.sh +89 -0
  2917. package/src/hooks/web-access-gate.sh +123 -0
package/dist/esm/cli/index.js ADDED
@@ -0,0 +1,2083 @@
1
+ #!/usr/bin/env node
2
+ /**
3
+ * @connexum/ai-governance CLI
4
+ *
5
+ * Scaffolds governance into Claude Code projects.
6
+ * Usage: npx @connexum/ai-governance init
7
+ *
8
+ * T-084: CLI scaffolder
9
+ * T-085: Interactive framework selection
10
+ * T-086: License key validation
11
+ * T-087: Hook installation
12
+ *
13
+ * @connexum/ai-governance
14
+ */
15
+ import * as fs from 'fs';
16
+ import * as path from 'path';
17
+ import * as crypto from 'crypto';
18
+ import * as readline from 'readline';
19
+ import * as https from 'https';
20
+ import { JwtValidator } from '../license/index.js';
21
+ import { BUILT_IN_PACKS } from '../governed-agent.js';
22
+ import { scanAgentDirectory } from './agent-dir-scanner.js';
23
+ import { writeWrapShims } from './wrap-shim-generator.js';
24
+ import { preflightAgents } from './preflight.js';
25
+ import { formatPreflightReport } from './preflight-report.js';
26
+ const VERSION = '1.0.0-beta.1';
27
+ // ---------------------------------------------------------------------------
28
+ // S-07: Vendor Code provisioning
29
+ // ---------------------------------------------------------------------------
30
+ const VENDOR_CODE_PATTERN = /^cxni_v1_[BCDFGHJKMNPQRSTVWXYZ234567]{14}$/i;
31
+ const DEFAULT_LICENSE_SERVER_URL = 'https://license.my-cc.io';
32
+ const BILLING_URL = 'https://my-cc.io/billing';
33
+ /**
34
+ * Production gov-server URL — the customer-facing portal API.
35
+ *
36
+ * Thomas directive 2026-05-17 evening: "Make sure this is working and
37
+ * link to the portal so when it goes live it's a fix." When the
38
+ * @connexum/ai-governance package is installed from the public npm
39
+ * registry, the runtime defaults to api.my-cc.io so customers running
40
+ * `npx @connexum/ai-governance@latest init --vendor-code XXX` connect
41
+ * to the production portal automatically. The moment Railway DNS
42
+ * points api.my-cc.io at the production gov-server, every existing
43
+ * customer install starts pushing audit events without re-init.
44
+ *
45
+ * Override paths (in priority order):
46
+ * 1. `--gov-server-url <url>` CLI flag
47
+ * 2. `CXNI_GOV_URL` environment variable
48
+ * 3. This default
49
+ *
50
+ * Local-dev customers pass `--gov-server-url http://localhost:3200`
51
+ * or set `CXNI_GOV_URL` explicitly. The default is production-safe.
52
+ */
53
+ const DEFAULT_GOV_SERVER_URL = 'https://api.my-cc.io';
54
+ const DEFAULT_PROXY_URL = 'https://governed.my-cc.io';
55
+ const DEFAULT_DASHBOARD_URL = 'https://app.my-cc.io';
56
+ const VENDOR_CODE_REMEDIATION = 'Contact thomas@ucreatewithai.com for a Vendor Code or visit ' + BILLING_URL;
57
+ /**
58
+ * Validate a vendor code format.
59
+ * Accepts `cxni_v1_<14 chars, case-insensitive>`.
60
+ */
61
+ export function isValidVendorCodeFormat(code) {
62
+ return VENDOR_CODE_PATTERN.test(code);
63
+ }
64
+ /**
65
+ * Exchange a Vendor Code with the license server for an Entitlement Token.
66
+ * Returns structured result; does not throw.
67
+ */
68
+ export async function exchangeVendorCode(vendorCode, licenseServerUrl = DEFAULT_LICENSE_SERVER_URL) {
69
+ const body = JSON.stringify({
70
+ vendorCode,
71
+ sdkVersion: VERSION,
72
+ machineId: getMachineId(),
73
+ });
74
+ return new Promise((resolve) => {
75
+ const url = new URL('/api/v1/license/exchange', licenseServerUrl);
76
+ const isHttps = url.protocol === 'https:';
77
+ const mod = isHttps ? https : require('http');
78
+ const req = mod.request({
79
+ hostname: url.hostname,
80
+ port: url.port || (isHttps ? 443 : 80),
81
+ path: url.pathname,
82
+ method: 'POST',
83
+ headers: {
84
+ 'Content-Type': 'application/json',
85
+ 'Content-Length': Buffer.byteLength(body),
86
+ },
87
+ timeout: 10000,
88
+ }, (res) => {
89
+ const chunks = [];
90
+ res.on('data', (chunk) => chunks.push(chunk));
91
+ res.on('end', () => {
92
+ const raw = Buffer.concat(chunks).toString('utf-8');
93
+ try {
94
+ const parsed = JSON.parse(raw);
95
+ if (res.statusCode === 200 && parsed.token) {
96
+ resolve({
97
+ ok: true,
98
+ tier: parsed.tier,
99
+ packEntitlements: parsed.packEntitlements,
100
+ subscriptionActiveUntil: parsed.graceUntil,
101
+ status: parsed.status,
102
+ });
103
+ }
104
+ else if (res.statusCode === 403) {
105
+ resolve({ ok: false, error: 'subscription_inactive', status: 'revoked' });
106
+ }
107
+ else if (res.statusCode === 404) {
108
+ resolve({ ok: false, error: 'vendor_code_not_found' });
109
+ }
110
+ else {
111
+ resolve({ ok: false, error: parsed.error ?? `server_error_${res.statusCode}` });
112
+ }
113
+ }
114
+ catch {
115
+ resolve({ ok: false, error: 'invalid_server_response' });
116
+ }
117
+ });
118
+ });
119
+ req.on('error', (e) => {
120
+ resolve({ ok: false, error: `network_error: ${e.message}` });
121
+ });
122
+ req.on('timeout', () => {
123
+ req.destroy();
124
+ resolve({ ok: false, error: 'request_timeout' });
125
+ });
126
+ req.write(body);
127
+ req.end();
128
+ });
129
+ }
130
+ /**
131
+ * Derive a stable machine ID for abuse-detection telemetry.
132
+ * Not a secret; used for detecting vendor code sharing across many machines.
133
+ */
134
+ function getMachineId() {
135
+ const hostname = require('os').hostname();
136
+ return crypto.createHash('sha256').update(hostname).digest('hex').slice(0, 16);
137
+ }
138
+ /**
139
+ * Read the vendor code from environment, config file, or interactive prompt.
140
+ * Returns the code and how it was sourced, or null if not available.
141
+ */
142
+ export async function resolveVendorCode(projectDir, opts = {}) {
143
+ const serverUrl = opts.licenseServerUrl ?? DEFAULT_LICENSE_SERVER_URL;
144
+ // 1. --vendor-code flag
145
+ if (opts.vendorCodeFlag) {
146
+ if (!isValidVendorCodeFormat(opts.vendorCodeFlag)) {
147
+ process.stderr.write(`Invalid vendor code format: "${opts.vendorCodeFlag}"\n`);
148
+ process.stderr.write(VENDOR_CODE_REMEDIATION + '\n');
149
+ return null;
150
+ }
151
+ return { code: opts.vendorCodeFlag, source: 'flag' };
152
+ }
153
+ // 2. CXNI_VENDOR_CODE env var
154
+ const envCode = process.env['CXNI_VENDOR_CODE'];
155
+ if (envCode) {
156
+ if (!isValidVendorCodeFormat(envCode)) {
157
+ process.stderr.write(`CXNI_VENDOR_CODE has invalid format: "${envCode}"\n`);
158
+ process.stderr.write(VENDOR_CODE_REMEDIATION + '\n');
159
+ return null;
160
+ }
161
+ return { code: envCode, source: 'env' };
162
+ }
163
+ // 3. Existing .governance.json
164
+ const configPath = path.join(projectDir, '.governance.json');
165
+ if (fs.existsSync(configPath)) {
166
+ try {
167
+ const config = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
168
+ const saved = config.subscription?.vendorCode;
169
+ if (saved && isValidVendorCodeFormat(saved)) {
170
+ return { code: saved, source: 'config' };
171
+ }
172
+ }
173
+ catch { /* ignore parse errors */ }
174
+ }
175
+ // 4. --offline flag
176
+ if (opts.offlineFlag) {
177
+ const ackEnv = process.env['CXNI_OFFLINE_GRACE_ACKNOWLEDGED'];
178
+ if (ackEnv !== 'true') {
179
+ process.stderr.write('--offline flag requires CXNI_OFFLINE_GRACE_ACKNOWLEDGED=true env var to be set.\n' +
180
+ 'This flag bypasses subscription verification and is REFUSED in HIPAA-bound deployments.\n' +
181
+ VENDOR_CODE_REMEDIATION + '\n');
182
+ return null;
183
+ }
184
+ process.stderr.write('WARNING: --offline mode acknowledged. Subscription verification bypassed.\n' +
185
+ 'This deployment will be treated as permanently in grace mode.\n' +
186
+ 'HIPAA/PCI-DSS-bound deployments refuse offline mode at runtime.\n');
187
+ // Return a sentinel that callers handle specially
188
+ return { code: '__offline__', source: 'flag' };
189
+ }
190
+ // 5. Interactive prompt
191
+ if (opts.rl) {
192
+ const code = await new Promise(resolve => opts.rl.question('Enter your Vendor Code (received by email after purchase): ', resolve));
193
+ const trimmed = code.trim();
194
+ if (!trimmed || !isValidVendorCodeFormat(trimmed)) {
195
+ process.stderr.write('Invalid or empty Vendor Code.\n');
196
+ process.stderr.write(VENDOR_CODE_REMEDIATION + '\n');
197
+ return null;
198
+ }
199
+ return { code: trimmed, source: 'prompt' };
200
+ }
201
+ process.stderr.write('No Vendor Code found. Scaffolding refused.\n');
202
+ process.stderr.write(VENDOR_CODE_REMEDIATION + '\n');
203
+ return null;
204
+ }
205
+ /**
206
+ * Write the vendor code into .governance.json at `subscription.vendorCode`
207
+ * with file mode 0600 on Unix.
208
+ */
209
+ export function writeVendorCodeToConfig(projectDir, vendorCode, offlineAcknowledged = false) {
210
+ const configPath = path.join(projectDir, '.governance.json');
211
+ let config = {};
212
+ if (fs.existsSync(configPath)) {
213
+ try {
214
+ config = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
215
+ }
216
+ catch { /* start fresh */ }
217
+ }
218
+ const subscription = {
219
+ vendorCode,
220
+ writtenAt: new Date().toISOString(),
221
+ };
222
+ if (offlineAcknowledged) {
223
+ subscription['offlineAcknowledged'] = true;
224
+ }
225
+ config['subscription'] = subscription;
226
+ fs.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 0o600 });
227
+ }
228
+ // --- Pack registry for framework selection ---
229
+ const AVAILABLE_PACKS = [
230
+ { id: 'soc2', name: 'SOC 2 Type II', industries: 'SaaS, Cloud Services' },
231
+ { id: 'hipaa', name: 'HIPAA Security & Privacy', industries: 'Healthcare, Telehealth' },
232
+ { id: 'gdpr', name: 'GDPR', industries: 'Any (EU users/data)' },
233
+ { id: 'pci-dss', name: 'PCI DSS v4.0', industries: 'Payments, Fintech' },
234
+ { id: 'dora', name: 'DORA', industries: 'EU Financial Services' },
235
+ { id: 'eu-ai-act', name: 'EU AI Act', industries: 'Any AI system in EU' },
236
+ { id: 'iso27001', name: 'ISO 27001', industries: 'Enterprise, Government' },
237
+ ];
238
+ // --- OS detection for hook selection ---
239
+ const IS_WINDOWS = process.platform === 'win32';
240
+ const HOOK_EXT = IS_WINDOWS ? '.ps1' : '.sh';
241
+ const HOOK_RUNNER = IS_WINDOWS ? 'pwsh' : 'bash';
242
+ const HOOK_SUBDIR = IS_WINDOWS ? 'powershell' : '';
243
+ export function detectIde(projectDir) {
244
+ const markers = [
245
+ { dir: '.claude', ide: 'claude-code' },
246
+ { dir: '.cursor', ide: 'cursor' },
247
+ { dir: '.continue', ide: 'continue' },
248
+ { dir: '.cody', ide: 'cody' },
249
+ { dir: '.aider', ide: 'aider' },
250
+ { dir: '.gemini', ide: 'gemini' },
251
+ ];
252
+ for (const m of markers) {
253
+ if (fs.existsSync(path.join(projectDir, m.dir)))
254
+ return m.ide;
255
+ }
256
+ // GitHub Copilot uses `.github/copilot-instructions.md` (file, not dir)
257
+ // as its repo-level rules surface. We use that file as the Copilot
258
+ // marker because `.github/` alone is too noisy (every GitHub repo has
259
+ // it for Actions / issue templates / etc.).
260
+ if (fs.existsSync(path.join(projectDir, '.github', 'copilot-instructions.md'))) {
261
+ return 'copilot';
262
+ }
263
+ return 'unknown';
264
+ }
265
+ // --- Hook manifest ---
266
+ const HOOKS = [
267
+ { file: `governance-integrity-check${HOOK_EXT}`, type: 'PreToolUse', description: 'SHA-256 governance file integrity verification' },
268
+ { file: `governance-file-shield${HOOK_EXT}`, type: 'PreToolUse', description: 'Prevents modification of governance config files' },
269
+ { file: `file-boundary-guard${HOOK_EXT}`, type: 'PreToolUse', description: 'Restricts file access to agent boundaries' },
270
+ { file: `destructive-command-guard${HOOK_EXT}`, type: 'PreToolUse', description: 'Blocks destructive shell commands' },
271
+ { file: `secret-leak-scanner${HOOK_EXT}`, type: 'PreToolUse', description: 'Scans for credentials, API keys, PII' },
272
+ { file: `web-access-gate${HOOK_EXT}`, type: 'PreToolUse', description: 'Controls agent web access' },
273
+ { file: `cost-budget-gate${HOOK_EXT}`, type: 'PreToolUse', description: 'Token budget enforcement' },
274
+ { file: `audit-logger${HOOK_EXT}`, type: 'PostToolUse', description: 'Tamper-evident audit logging' },
275
+ { file: `file-change-tracker${HOOK_EXT}`, type: 'PostToolUse', description: 'Tracks all file modifications' },
276
+ { file: `token-tracker${HOOK_EXT}`, type: 'PostToolUse', description: 'Token usage monitoring' },
277
+ { file: `output-exfiltration-scanner${HOOK_EXT}`, type: 'PostToolUse', description: 'Detects data exfiltration in output' },
278
+ ];
279
+ /**
280
+ * Validate a license key. Supports two formats:
281
+ * 1. JWT tokens (RS256-signed, new format) -- validated via JwtValidator
282
+ * 2. Legacy HMAC keys (CXGOV-<tier>-<org>-<checksum>) -- backward compatible
283
+ */
284
+ async function validateLicenseAsync(key) {
285
+ // Free tier: no key required.
286
+ // 2026-05-17 — raised maxPacks 1→3 so design-partner customers who only
287
+ // pass a vendor code (not a JWT license) can still bind the minimum
288
+ // bundle of HIPAA + SOC 2 + GDPR on day one. The hard cap is still
289
+ // enforced server-side via the per-org PackVersionStore.
290
+ if (!key || key === 'free') {
291
+ return {
292
+ tier: 'free',
293
+ org: 'unlicensed',
294
+ maxPacks: 3,
295
+ maxAgents: 5,
296
+ features: ['scanner', 'basic-hooks', 'multi-pack'],
297
+ };
298
+ }
299
+ // Detect JWT format (three base64url segments separated by dots)
300
+ if (key.split('.').length === 3) {
301
+ return validateJwtLicense(key);
302
+ }
303
+ // Fall back to legacy HMAC format
304
+ return validateLegacyLicense(key);
305
+ }
306
+ /** Validate JWT license token using JwtValidator. */
307
+ async function validateJwtLicense(token) {
308
+ const serverUrl = process.env.CXGOV_LICENSE_SERVER || '';
309
+ const validator = new JwtValidator({
310
+ serverUrl,
311
+ forceOffline: !serverUrl,
312
+ });
313
+ const result = await validator.validate(token);
314
+ if (!result.valid || !result.claims) {
315
+ process.stderr.write(`[LICENSE] JWT validation failed: ${result.error}\n`);
316
+ return null;
317
+ }
318
+ const claims = result.claims;
319
+ return {
320
+ tier: claims.tier,
321
+ org: claims.org,
322
+ maxPacks: claims.maxPacks,
323
+ maxAgents: claims.maxAgents,
324
+ features: claims.features,
325
+ expiresAt: claims.exp ? new Date(claims.exp * 1000).toISOString() : undefined,
326
+ };
327
+ }
328
+ /**
329
+ * Validate legacy HMAC-based license key (CXGOV-<tier>-<org_hash>-<checksum>).
330
+ *
331
+ * AIAG-006: requires `CXGOV_LICENSE_SECRET` env var and fails closed when
332
+ * missing. No hardcoded fallback. Exported for regression testing — do not
333
+ * re-introduce a default secret.
334
+ */
335
+ export function validateLegacyLicense(key) {
336
+ const parts = key.split('-');
337
+ if (parts.length < 4 || parts[0] !== 'CXGOV')
338
+ return null;
339
+ const tier = parts[1].toLowerCase();
340
+ const orgHash = parts[2];
341
+ const checksum = parts[3];
342
+ // CXGOV_LICENSE_SECRET must be set. No fallback -- fail closed.
343
+ const secret = process.env.CXGOV_LICENSE_SECRET;
344
+ if (!secret) {
345
+ process.stderr.write('[SECURITY] CXGOV_LICENSE_SECRET not set. Cannot validate legacy license keys.\n');
346
+ return null;
347
+ }
348
+ const expected = crypto.createHmac('sha256', secret)
349
+ .update(`${tier}-${orgHash}`)
350
+ .digest('hex')
351
+ .substring(0, 8);
352
+ // F-NEW-CRIT-34 (2026-05-02): timingSafeEqual REQUIRES equal-length
353
+ // buffers (Node throws ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH otherwise).
354
+ // A malformed customer license with a too-short or too-long checksum
355
+ // used to crash the CLI uncaught at first run. Length-check before
356
+ // the constant-time compare; length mismatch == invalid license ==
357
+ // return null cleanly.
358
+ const checksumBuf = Buffer.from(checksum);
359
+ const expectedBuf = Buffer.from(expected);
360
+ if (checksumBuf.length !== expectedBuf.length)
361
+ return null;
362
+ if (!crypto.timingSafeEqual(checksumBuf, expectedBuf))
363
+ return null;
364
+ const tiers = {
365
+ sta: { tier: 'starter', maxPacks: 1, maxAgents: 25, features: ['basic-hooks', 'single-pack', 'dashboard', 'events', 'sso', 'api-access', 'webhooks'] },
366
+ pro: { tier: 'professional', maxPacks: 1, maxAgents: 25, features: ['basic-hooks', 'single-pack', 'dashboard', 'events', 'audit-reports', 'sso', 'api-access', 'webhooks'] },
367
+ ent: { tier: 'enterprise', maxPacks: 99, maxAgents: 100, features: ['basic-hooks', 'multi-pack', 'audit-reports', 'siem-integration', 'encryption', 'custom-packs'] },
368
+ };
369
+ const tierInfo = tiers[tier];
370
+ if (!tierInfo)
371
+ return null;
372
+ return { ...tierInfo, org: orgHash };
373
+ }
374
+ /** Synchronous wrapper for backward compatibility (uses free tier or legacy only). */
375
+ function validateLicense(key) {
376
+ if (!key || key === 'free') {
377
+ return {
378
+ tier: 'free',
379
+ org: 'unlicensed',
380
+ maxPacks: 3,
381
+ maxAgents: 5,
382
+ features: ['scanner', 'basic-hooks', 'multi-pack'],
383
+ };
384
+ }
385
+ // JWT must use async path
386
+ if (key.split('.').length === 3) {
387
+ process.stderr.write('[LICENSE] JWT tokens require async validation. Use --ci mode or interactive init.\n');
388
+ return null;
389
+ }
390
+ return validateLegacyLicense(key);
391
+ }
392
+ /**
393
+ * Read the license server URL from .governance.json, falling back to DEFAULT.
394
+ * Call this at any point where the license server URL is needed at runtime.
395
+ */
396
+ export function readLicenseServerUrl(projectDir) {
397
+ const configPath = path.join(projectDir, '.governance.json');
398
+ if (fs.existsSync(configPath)) {
399
+ try {
400
+ const config = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
401
+ if (config.licenseServerUrl)
402
+ return config.licenseServerUrl;
403
+ }
404
+ catch { /* ignore -- fall through to default */ }
405
+ }
406
+ return process.env['CXGOV_LICENSE_SERVER'] ?? DEFAULT_LICENSE_SERVER_URL;
407
+ }
408
+ export function generateConfig(packs, license, licenseServerUrl, runtime) {
409
+ return {
410
+ version: VERSION,
411
+ organization: license.org !== 'unlicensed' ? license.org : undefined,
412
+ license: license.tier,
413
+ packs,
414
+ providers: {
415
+ allowed: ['anthropic', 'openai', 'google', 'microsoft', 'amazon'],
416
+ blocked: ['deepseek', 'baidu', 'alibaba'],
417
+ },
418
+ hooks: {
419
+ preToolUse: HOOKS.filter(h => h.type === 'PreToolUse').map(h => h.file),
420
+ postToolUse: HOOKS.filter(h => h.type === 'PostToolUse').map(h => h.file),
421
+ },
422
+ audit: {
423
+ enabled: true,
424
+ format: 'jsonl',
425
+ },
426
+ encryption: {
427
+ enabled: license.features.includes('encryption'),
428
+ algorithm: 'aes-256-gcm',
429
+ },
430
+ // Only persist if a custom URL was provided. Absent = use runtime default.
431
+ ...(licenseServerUrl ? { licenseServerUrl } : {}),
432
+ // F-NEW-CUSTOMER-JOURNEY-001: persist runtime block so audit-logger.sh
433
+ // can push tool-call events to gov-server. Absent = local-only audit
434
+ // (the prior behavior; safe default for offline/air-gapped use).
435
+ ...(runtime ? { runtime } : {}),
436
+ createdAt: new Date().toISOString(),
437
+ };
438
+ }
439
+ // --- Hook installation ---
440
+ export function installHooks(projectDir, config) {
441
+ const errors = [];
442
+ let installed = 0;
443
+ // Find the package's hooks directory (bash or powershell based on OS)
444
+ const hooksSrcDir = HOOK_SUBDIR
445
+ ? path.join(__dirname, '..', 'hooks', HOOK_SUBDIR)
446
+ : path.join(__dirname, '..', 'hooks');
447
+ const hooksDestDir = path.join(projectDir, '.governance', 'hooks');
448
+ if (!fs.existsSync(hooksDestDir)) {
449
+ fs.mkdirSync(hooksDestDir, { recursive: true });
450
+ }
451
+ // Copy shared utilities
452
+ const utilsSrc = path.join(hooksSrcDir, `hook-utils${HOOK_EXT}`);
453
+ if (fs.existsSync(utilsSrc)) {
454
+ fs.copyFileSync(utilsSrc, path.join(hooksDestDir, `hook-utils${HOOK_EXT}`));
455
+ }
456
+ // Copy audit-dir-picker helper (sourced by audit-logger.sh at runtime).
457
+ // Without this file the hook exits 1 on every PostToolUse event, silently
458
+ // breaking the audit trail for every customer install. CR-MED-01.
459
+ const auditDirPickerName = `audit-dir-picker${HOOK_EXT}`;
460
+ const auditDirPickerSrc = path.join(hooksSrcDir, auditDirPickerName);
461
+ if (fs.existsSync(auditDirPickerSrc)) {
462
+ fs.copyFileSync(auditDirPickerSrc, path.join(hooksDestDir, auditDirPickerName));
463
+ }
464
+ // Copy hook wrapper
465
+ const wrapperSrc = path.join(hooksSrcDir, `hook-wrapper${HOOK_EXT}`);
466
+ if (fs.existsSync(wrapperSrc)) {
467
+ fs.copyFileSync(wrapperSrc, path.join(hooksDestDir, `hook-wrapper${HOOK_EXT}`));
468
+ }
469
+ // Install configured hooks
470
+ const allHooks = [...config.hooks.preToolUse, ...config.hooks.postToolUse];
471
+ for (const hookFile of allHooks) {
472
+ const src = path.join(hooksSrcDir, hookFile);
473
+ const dest = path.join(hooksDestDir, hookFile);
474
+ if (fs.existsSync(src)) {
475
+ fs.copyFileSync(src, dest);
476
+ // Make executable
477
+ try {
478
+ fs.chmodSync(dest, 0o755);
479
+ }
480
+ catch { /* Windows */ }
481
+ installed++;
482
+ }
483
+ else {
484
+ errors.push(`Hook source not found: ${hookFile}`);
485
+ }
486
+ }
487
+ // Dispatch to IDE-specific surface (F-NEW-CRIT-39g). Cursor / Continue
488
+ // users no longer get a stray .claude/ dir polluting their project;
489
+ // each IDE sees governance rules through its own native surface.
490
+ const ide = detectIde(projectDir);
491
+ switch (ide) {
492
+ case 'cursor':
493
+ case 'continue':
494
+ case 'cody':
495
+ case 'aider':
496
+ case 'gemini':
497
+ case 'copilot':
498
+ installIdeRules(projectDir, config, hooksDestDir, IDE_RULES_SPECS[ide]);
499
+ break;
500
+ default:
501
+ installClaudeCodeSettings(projectDir, config, hooksDestDir);
502
+ break;
503
+ }
504
+ return { installed, errors };
505
+ }
506
+ // Claude Code hook schema (verified against ~/.claude/settings.json on a
507
+ // working install): top-level `hooks` is an object keyed by event name.
508
+ // Each event holds an array of { matcher, hooks: [{ type: 'command', command }] }.
509
+ // Inner `type` is the literal string 'command' (the hook plugin type),
510
+ // NOT the event name.
511
+ function installClaudeCodeSettings(projectDir, config, hooksDestDir) {
512
+ const claudeSettingsDir = path.join(projectDir, '.claude');
513
+ if (!fs.existsSync(claudeSettingsDir)) {
514
+ fs.mkdirSync(claudeSettingsDir, { recursive: true });
515
+ }
516
+ const settingsFile = path.join(claudeSettingsDir, 'settings.json');
517
+ const buildBlock = (hookFile) => ({
518
+ matcher: '*',
519
+ hooks: [{
520
+ type: 'command',
521
+ command: `${HOOK_RUNNER} "${path.join(hooksDestDir, hookFile)}"`,
522
+ }],
523
+ });
524
+ const preEntries = config.hooks.preToolUse.map(buildBlock);
525
+ const postEntries = config.hooks.postToolUse.map(buildBlock);
526
+ let settings = {};
527
+ if (fs.existsSync(settingsFile)) {
528
+ try {
529
+ settings = JSON.parse(fs.readFileSync(settingsFile, 'utf-8'));
530
+ }
531
+ catch { /* fresh */ }
532
+ }
533
+ const existingHooks = (settings['hooks'] && typeof settings['hooks'] === 'object' && !Array.isArray(settings['hooks']))
534
+ ? settings['hooks']
535
+ : {};
536
+ settings['hooks'] = {
537
+ ...existingHooks,
538
+ PreToolUse: preEntries,
539
+ PostToolUse: postEntries,
540
+ };
541
+ fs.writeFileSync(settingsFile, JSON.stringify(settings, null, 2));
542
+ }
543
+ const IDE_RULES_SPECS = {
544
+ cursor: {
545
+ ideKey: 'cursor',
546
+ ideName: 'Cursor',
547
+ fileDir: '.cursor/rules',
548
+ fileName: 'governance.md',
549
+ auditDirRel: '.cursor/audit/',
550
+ fileSelfRef: '.cursor/rules/governance.md',
551
+ integrationSurfaceLines: [
552
+ '**`.cursor/rules/governance.md`** (this file) -- prompt-level policy',
553
+ '**`__HOOKS__/`** -- runtime hook scripts',
554
+ '**`.cursor/audit/`** -- tamper-evident chain (vendor-neutral via picker)',
555
+ ],
556
+ },
557
+ continue: {
558
+ ideKey: 'continue',
559
+ ideName: 'Continue.dev',
560
+ fileDir: '.continue',
561
+ fileName: 'governance.md',
562
+ auditDirRel: '.continue/audit/',
563
+ fileSelfRef: '.continue/governance.md',
564
+ wiringSection: `## Wiring into Continue.dev
565
+
566
+ Continue does not auto-include this file. Wire it in one of two ways:
567
+
568
+ 1. **systemMessage** (simplest) -- copy the rules above into the
569
+ \`systemMessage\` field of your \`.continue/config.json\` so they
570
+ are prepended to every chat/agent prompt.
571
+ 2. **buildContinueExtension** (full enforcement) -- import
572
+ \`buildContinueExtension\` from
573
+ \`@connexum/ai-governance/ide-adapters/continue-dev\` and add it
574
+ to your config's \`extensions\` array. This routes tool calls
575
+ through the runtime governance engine (PreToolUse/PostToolUse
576
+ equivalent) instead of just appending policy text.`,
577
+ integrationSurfaceLines: [
578
+ '**`.continue/governance.md`** (this file) -- policy text',
579
+ '**`__HOOKS__/`** -- runtime hook scripts',
580
+ '**`.continue/audit/`** -- tamper-evident chain (vendor-neutral via picker)',
581
+ '**ContinueDevIdeAdapter** -- runtime enforcement (full mode only)',
582
+ ],
583
+ },
584
+ cody: {
585
+ ideKey: 'cody',
586
+ ideName: 'Cody (Sourcegraph)',
587
+ fileDir: '.cody',
588
+ fileName: 'governance.md',
589
+ auditDirRel: '.cody/audit/',
590
+ fileSelfRef: '.cody/governance.md',
591
+ wiringSection: `## Wiring into Cody (Sourcegraph)
592
+
593
+ Cody does not auto-include policy files. Wire it in one of these ways:
594
+
595
+ 1. **Cody chat system prompt** -- paste the rules above into the Cody
596
+ Agent's system prompt for the workspace (Cody Settings ->
597
+ System Prompt).
598
+ 2. **Custom command** -- create a Cody custom command that prepends
599
+ these rules. See Sourcegraph's Cody docs for custom commands.
600
+ 3. **\`.cody/ignore\`** -- pair this rules file with a \`.cody/ignore\`
601
+ that excludes \`.cody/audit/\` from Cody's context window so the
602
+ audit chain itself is never sent to the LLM.`,
603
+ integrationSurfaceLines: [
604
+ '**`.cody/governance.md`** (this file) -- policy text',
605
+ '**`__HOOKS__/`** -- runtime hook scripts',
606
+ '**`.cody/audit/`** -- tamper-evident chain (vendor-neutral via picker)',
607
+ '**`.cody/ignore`** -- excludes audit chain from Cody context',
608
+ ],
609
+ },
610
+ aider: {
611
+ ideKey: 'aider',
612
+ ideName: 'Aider',
613
+ fileDir: '.aider',
614
+ fileName: 'governance.md',
615
+ auditDirRel: '.aider/audit/',
616
+ fileSelfRef: '.aider/governance.md',
617
+ wiringSection: `## Wiring into Aider
618
+
619
+ Aider does not auto-include policy files. Wire it in one of these ways:
620
+
621
+ 1. **\`--read\` flag** -- launch Aider with
622
+ \`aider --read .aider/governance.md\` so the rules are pre-loaded
623
+ into the conversation context.
624
+ 2. **\`.aider.conf.yml\`** -- add a \`read:\` entry pointing at this
625
+ file:
626
+
627
+ \`\`\`yaml
628
+ read:
629
+ - .aider/governance.md
630
+ \`\`\`
631
+
632
+ 3. **Aider chat \`/read\` command** -- inside an Aider session run
633
+ \`/read .aider/governance.md\` to inject the rules mid-session.`,
634
+ integrationSurfaceLines: [
635
+ '**`.aider/governance.md`** (this file) -- policy text loaded via `--read`',
636
+ '**`__HOOKS__/`** -- runtime hook scripts',
637
+ '**`.aider/audit/`** -- tamper-evident chain (vendor-neutral via picker)',
638
+ ],
639
+ },
640
+ gemini: {
641
+ ideKey: 'gemini',
642
+ ideName: 'Gemini Code Assist',
643
+ fileDir: '.gemini',
644
+ fileName: 'governance.md',
645
+ auditDirRel: '.gemini/audit/',
646
+ fileSelfRef: '.gemini/governance.md',
647
+ wiringSection: `## Wiring into Gemini Code Assist
648
+
649
+ Gemini Code Assist does not auto-include policy files. Wire it via:
650
+
651
+ 1. **Code Customization (Enterprise tier)** -- include this file in
652
+ the private repository Gemini grounds on so the rules are part of
653
+ every prompt's context.
654
+ 2. **Workspace README pointer** -- add a top-of-README block linking
655
+ to \`.gemini/governance.md\` so the IDE assistant surfaces it
656
+ when grounding on README.
657
+ 3. **Manual chat injection** -- paste the rules into the Gemini Chat
658
+ panel at session start.`,
659
+ integrationSurfaceLines: [
660
+ '**`.gemini/governance.md`** (this file) -- policy text',
661
+ '**`__HOOKS__/`** -- runtime hook scripts',
662
+ '**`.gemini/audit/`** -- tamper-evident chain (vendor-neutral via picker)',
663
+ ],
664
+ },
665
+ copilot: {
666
+ ideKey: 'copilot',
667
+ ideName: 'GitHub Copilot',
668
+ fileDir: '.github',
669
+ fileName: 'copilot-governance.md',
670
+ auditDirRel: '.governance/audit/',
671
+ fileSelfRef: '.github/copilot-governance.md',
672
+ wiringSection: `## Wiring into GitHub Copilot
673
+
674
+ GitHub Copilot reads \`.github/copilot-instructions.md\`. We intentionally
675
+ did NOT overwrite that file (it may already contain repo-specific
676
+ guidance). Wire this governance policy in one of these ways:
677
+
678
+ 1. **Append a reference** -- in \`.github/copilot-instructions.md\` add
679
+ a line at the top:
680
+ > Apply the policy in \`.github/copilot-governance.md\`.
681
+ Copilot reads the linked file when grounding context.
682
+ 2. **Inline merge** -- copy the rules above into
683
+ \`.github/copilot-instructions.md\` and delete this file.
684
+ 3. **Pull-request review only** -- if the team enforces governance via
685
+ PR review (Copilot does not block destructive suggestions
686
+ prospectively in IDE), this file becomes the reviewer checklist.`,
687
+ integrationSurfaceLines: [
688
+ '**`.github/copilot-governance.md`** (this file) -- policy text',
689
+ '**`.github/copilot-instructions.md`** -- customer-edited Copilot',
690
+ ' instructions (referenced from above)',
691
+ '**`__HOOKS__/`** -- runtime hook scripts',
692
+ '**`.governance/audit/`** -- tamper-evident chain (vendor-neutral)',
693
+ ],
694
+ },
695
+ };
696
+ function installIdeRules(projectDir, config, hooksDestDir, spec) {
697
+ const targetDir = path.join(projectDir, spec.fileDir);
698
+ if (!fs.existsSync(targetDir)) {
699
+ fs.mkdirSync(targetDir, { recursive: true });
700
+ }
701
+ const rulesFile = path.join(targetDir, spec.fileName);
702
+ const packLines = config.packs.length > 0
703
+ ? config.packs.map(p => `- **${p}**`).join('\n')
704
+ : '- (none configured)';
705
+ const blockedProviders = (config.providers?.blocked ?? []).length > 0
706
+ ? config.providers.blocked.map(p => `- ${p}`).join('\n')
707
+ : '- (none configured)';
708
+ const hooksRel = path.relative(projectDir, hooksDestDir);
709
+ const integrationSurface = spec.integrationSurfaceLines
710
+ .map(line => `- ${line.replace(/__HOOKS__/g, hooksRel)}`)
711
+ .join('\n');
712
+ const wiring = spec.wiringSection ? `${spec.wiringSection}\n\n` : '';
713
+ const auditNoun = spec.ideKey === 'copilot'
714
+ ? `Audit chain default: \`${spec.auditDirRel}audit-<date>.jsonl\`.`
715
+ : `Audit chain is appended to \`${spec.auditDirRel}audit-<date>.jsonl\`.`;
716
+ const body = `# AI Governance Policy (auto-generated)
717
+
718
+ > Generated by \`@connexum/ai-governance\` -- DO NOT EDIT BY HAND.
719
+ > Runtime hooks live in \`${hooksRel}\`.
720
+ > ${auditNoun}
721
+ > Re-run \`npx @connexum/ai-governance init\` to regenerate.
722
+
723
+ ## Active compliance packs
724
+ ${packLines}
725
+
726
+ ## Blocked LLM providers
727
+ ${blockedProviders}
728
+
729
+ ## Mandatory rules for every AI action
730
+
731
+ 1. Refuse destructive shell commands. Block patterns include:
732
+ recursive \`rm\`, \`git push --force\`, \`git reset --hard\`,
733
+ \`git clean -f\`, SQL drop/truncate, \`npm publish\`, and any
734
+ \`curl ... | bash\` pipe.
735
+ 2. Refuse reads or writes to sensitive paths: \`/etc/\`, \`/root/\`,
736
+ \`.env\` files, \`secrets/\`, \`.pem\` and \`.key\` files,
737
+ anything matching \`private_?key\`.
738
+ 3. Refuse to write to the audit chain directory \`${spec.auditDirRel}\`.
739
+ The chain is tamper-evident and write-only via the audit logger.
740
+ 4. Every tool invocation is recorded in the audit chain with
741
+ tool name, input summary, decision, reason, and SHA-256 hash
742
+ linking to the prior entry.
743
+ 5. The configured compliance packs above govern data classification.
744
+ Inputs containing PII / PHI / PCI material flagged by those packs
745
+ trigger a DENY decision regardless of the requesting prompt.
746
+
747
+ ${wiring}## Integration surface
748
+
749
+ ${spec.ideName} reaches the governance runtime through:
750
+ ${integrationSurface}
751
+
752
+ ## Override / disable
753
+
754
+ Run \`npx @connexum/ai-governance init\` with a different pack set to
755
+ regenerate this file. To temporarily disable governance for a single
756
+ operation, contact your compliance owner -- there is no in-IDE override.
757
+ `;
758
+ fs.writeFileSync(rulesFile, body);
759
+ }
760
+ // --- Interactive prompts ---
761
+ function ask(rl, question) {
762
+ return new Promise(resolve => rl.question(question, resolve));
763
+ }
764
+ async function interactiveInit(projectDir, opts = {}) {
765
+ const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
766
+ // Citadel banner — emotional positioning. Only emitted on the interactive
767
+ // path so the --ci JSON output stream stays parser-clean.
768
+ process.stdout.write('\n');
769
+ process.stdout.write(' Welcome to the Citadel\n');
770
+ process.stdout.write(' My-CC fortress for building Agent Trust.\n');
771
+ process.stdout.write(' My-CC.io AI Agent Trust Citadel\n');
772
+ process.stdout.write('\n');
773
+ process.stdout.write('@connexum/ai-governance - Enterprise AI Governance Setup\n');
774
+ process.stdout.write('='.repeat(55) + '\n\n');
775
+ // Step 0: S-07 Vendor Code
776
+ const vcResult = await resolveVendorCode(projectDir, {
777
+ vendorCodeFlag: opts.vendorCodeFlag,
778
+ offlineFlag: opts.offlineFlag,
779
+ rl,
780
+ licenseServerUrl: opts.licenseServerUrl,
781
+ });
782
+ if (!vcResult) {
783
+ rl.close();
784
+ process.exit(1);
785
+ }
786
+ const isOffline = vcResult.code === '__offline__';
787
+ let entitlement = null;
788
+ if (!isOffline) {
789
+ process.stdout.write('Validating Vendor Code...\n');
790
+ entitlement = await exchangeVendorCode(vcResult.code, opts.licenseServerUrl);
791
+ if (!entitlement.ok) {
792
+ process.stderr.write(`Vendor Code validation failed: ${entitlement.error}\n`);
793
+ process.stderr.write(VENDOR_CODE_REMEDIATION + '\n');
794
+ rl.close();
795
+ process.exit(1);
796
+ }
797
+ process.stdout.write(`Subscription: ${entitlement.tier ?? 'unknown'} (${entitlement.status ?? 'active'})\n`);
798
+ if (entitlement.packEntitlements?.length) {
799
+ process.stdout.write(`Pack entitlements: ${entitlement.packEntitlements.join(', ')}\n`);
800
+ }
801
+ process.stdout.write('\n');
802
+ }
803
+ // Step 1: License key (supports JWT tokens and legacy HMAC keys)
804
+ const licenseKey = await ask(rl, 'License key (press Enter for free tier): ');
805
+ const license = await validateLicenseAsync(licenseKey || 'free');
806
+ if (!license) {
807
+ process.stderr.write('Invalid license key. Contact thomas@ucreatewithai.com\n');
808
+ rl.close();
809
+ process.exit(1);
810
+ }
811
+ process.stdout.write(`License: ${license.tier} (max ${license.maxPacks} pack${license.maxPacks > 1 ? 's' : ''})\n\n`);
812
+ // Step 2: Framework selection
813
+ process.stdout.write('Available compliance frameworks:\n');
814
+ for (let i = 0; i < AVAILABLE_PACKS.length; i++) {
815
+ const pack = AVAILABLE_PACKS[i];
816
+ process.stdout.write(` ${i + 1}. ${pack.name} - ${pack.industries}\n`);
817
+ }
818
+ process.stdout.write('\n');
819
+ const selection = await ask(rl, `Select frameworks (comma-separated numbers, max ${license.maxPacks}): `);
820
+ const indices = selection.split(',').map(s => parseInt(s.trim(), 10) - 1).filter(i => i >= 0 && i < AVAILABLE_PACKS.length);
821
+ const selectedPacks = indices.slice(0, license.maxPacks).map(i => AVAILABLE_PACKS[i].id);
822
+ if (selectedPacks.length === 0) {
823
+ process.stdout.write('No frameworks selected. Using SOC 2 as default.\n');
824
+ selectedPacks.push('soc2');
825
+ }
826
+ process.stdout.write(`\nSelected: ${selectedPacks.join(', ')}\n\n`);
827
+ // Step 3: Confirmation
828
+ const confirm = await ask(rl, 'Install governance hooks and configuration? (y/n): ');
829
+ if (confirm.toLowerCase() !== 'y') {
830
+ process.stdout.write('Aborted.\n');
831
+ rl.close();
832
+ process.exit(0);
833
+ }
834
+ rl.close();
835
+ // Generate and write config
836
+ // Persist licenseServerUrl if it was provided (allows on-prem customers to override the default)
837
+ const config = generateConfig(selectedPacks, license, opts.licenseServerUrl, opts.runtime);
838
+ const configPath = path.join(projectDir, '.governance.json');
839
+ fs.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 0o600 });
840
+ process.stdout.write(`\nConfiguration written to ${configPath}\n`);
841
+ // Write vendor code into config (file mode 0600 enforced in writeVendorCodeToConfig)
842
+ if (!isOffline) {
843
+ writeVendorCodeToConfig(projectDir, vcResult.code);
844
+ process.stdout.write('Vendor Code stored in .governance.json\n');
845
+ }
846
+ else {
847
+ writeVendorCodeToConfig(projectDir, '', true);
848
+ process.stdout.write('Offline mode recorded in .governance.json\n');
849
+ }
850
+ // Install hooks
851
+ const { installed, errors } = installHooks(projectDir, config);
852
+ process.stdout.write(`Hooks installed: ${installed}\n`);
853
+ if (errors.length > 0) {
854
+ for (const err of errors) {
855
+ process.stderr.write(` Warning: ${err}\n`);
856
+ }
857
+ }
858
+ // Create governance data directory
859
+ const govDir = path.join(projectDir, '.governance');
860
+ const dirs = ['audit', 'sessions', 'events', 'data'];
861
+ for (const dir of dirs) {
862
+ const p = path.join(govDir, dir);
863
+ if (!fs.existsSync(p))
864
+ fs.mkdirSync(p, { recursive: true });
865
+ }
866
+ process.stdout.write(`\nGovernance initialized successfully.\n`);
867
+ process.stdout.write(` Config: ${configPath}\n`);
868
+ process.stdout.write(` Hooks: ${path.join(govDir, 'hooks')}/\n`);
869
+ process.stdout.write(` Audit: ${path.join(govDir, 'audit')}/\n`);
870
+ process.stdout.write(`\nRun 'ai-governance status' to verify.\n`);
871
+ }
872
+ // --- Non-interactive init (CI mode) ---
873
+ async function nonInteractiveInit(projectDir, opts) {
874
+ const licenseKey = opts.license || 'free';
875
+ const license = await validateLicenseAsync(licenseKey);
876
+ if (!license) {
877
+ process.stderr.write('Invalid license key.\n');
878
+ process.exit(1);
879
+ }
880
+ const packs = opts.packs ? opts.packs.split(',') : ['soc2'];
881
+ const validPacks = packs.filter(p => AVAILABLE_PACKS.some(ap => ap.id === p));
882
+ if (validPacks.length > license.maxPacks) {
883
+ process.stderr.write(`License allows max ${license.maxPacks} packs. Selected ${validPacks.length}.\n`);
884
+ process.exit(1);
885
+ }
886
+ const config = generateConfig(validPacks, license, opts.licenseServerUrl, opts.runtime);
887
+ const configPath = path.join(projectDir, '.governance.json');
888
+ fs.writeFileSync(configPath, JSON.stringify(config, null, 2));
889
+ const { installed, errors } = installHooks(projectDir, config);
890
+ // Create directories
891
+ const govDir = path.join(projectDir, '.governance');
892
+ for (const dir of ['audit', 'sessions', 'events', 'data']) {
893
+ const p = path.join(govDir, dir);
894
+ if (!fs.existsSync(p))
895
+ fs.mkdirSync(p, { recursive: true });
896
+ }
897
+ process.stdout.write(JSON.stringify({
898
+ success: true,
899
+ config: configPath,
900
+ packs: validPacks,
901
+ hooksInstalled: installed,
902
+ errors,
903
+ }) + '\n');
904
+ }
905
+ // --- Verify command ---
906
+ function verifyGovernance(projectDir) {
907
+ const configPath = path.join(projectDir, '.governance.json');
908
+ if (!fs.existsSync(configPath)) {
909
+ process.stderr.write('No .governance.json found. Run "ai-governance init" first.\n');
910
+ process.exit(1);
911
+ }
912
+ let config;
913
+ try {
914
+ config = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
915
+ }
916
+ catch {
917
+ process.stderr.write('Invalid .governance.json. Re-run "ai-governance init".\n');
918
+ process.exit(1);
919
+ }
920
+ const checks = [];
921
+ // Check config structure
922
+ checks.push({
923
+ name: 'Config valid',
924
+ passed: !!config.version && !!config.packs,
925
+ detail: `Version: ${config.version}, Packs: ${config.packs?.join(', ')}`,
926
+ });
927
+ // Check hooks exist
928
+ const hooksDir = path.join(projectDir, '.governance', 'hooks');
929
+ const allHooks = [...(config.hooks?.preToolUse || []), ...(config.hooks?.postToolUse || [])];
930
+ let hooksFound = 0;
931
+ for (const hookFile of allHooks) {
932
+ if (fs.existsSync(path.join(hooksDir, hookFile)))
933
+ hooksFound++;
934
+ }
935
+ checks.push({
936
+ name: 'Hooks installed',
937
+ passed: hooksFound === allHooks.length,
938
+ detail: `${hooksFound}/${allHooks.length} hooks present`,
939
+ });
940
+ // Check governance directories
941
+ const requiredDirs = ['audit', 'sessions', 'events'];
942
+ const dirsExist = requiredDirs.every(d => fs.existsSync(path.join(projectDir, '.governance', d)));
943
+ checks.push({
944
+ name: 'Data directories',
945
+ passed: dirsExist,
946
+ detail: dirsExist ? 'All directories present' : 'Missing directories',
947
+ });
948
+ // Check blocked providers config
949
+ checks.push({
950
+ name: 'Provider policy',
951
+ passed: (config.providers?.blocked?.length || 0) > 0,
952
+ detail: `Blocked: ${config.providers?.blocked?.join(', ') || 'none'}`,
953
+ });
954
+ // Output
955
+ process.stdout.write('\nGovernance Verification\n');
956
+ process.stdout.write('='.repeat(40) + '\n');
957
+ let allPassed = true;
958
+ for (const check of checks) {
959
+ const status = check.passed ? 'PASS' : 'FAIL';
960
+ process.stdout.write(` [${status}] ${check.name}: ${check.detail}\n`);
961
+ if (!check.passed)
962
+ allPassed = false;
963
+ }
964
+ process.stdout.write('\n' + (allPassed ? 'All checks passed.\n' : 'Some checks failed. Review configuration.\n'));
965
+ process.exit(allPassed ? 0 : 1);
966
+ }
967
+ export function retentionSweep(opts) {
968
+ const now = opts.now ?? new Date();
969
+ const cutoff = new Date(now.getTime() - opts.retainDays * 24 * 60 * 60 * 1000);
970
+ const result = {
971
+ auditDir: opts.auditDir,
972
+ retainDays: opts.retainDays,
973
+ cutoffIso: cutoff.toISOString(),
974
+ archiveDir: opts.archiveDir,
975
+ dryRun: opts.dryRun,
976
+ filesScanned: 0,
977
+ filesRetained: 0,
978
+ filesActioned: [],
979
+ errors: [],
980
+ };
981
+ if (!fs.existsSync(opts.auditDir)) {
982
+ return result; // empty result; caller decides if absent dir is an error
983
+ }
984
+ if (opts.archiveDir && !fs.existsSync(opts.archiveDir) && !opts.dryRun) {
985
+ fs.mkdirSync(opts.archiveDir, { recursive: true });
986
+ }
987
+ const entries = fs.readdirSync(opts.auditDir);
988
+ for (const entry of entries) {
989
+ // Match `audit-YYYY-MM-DD.jsonl` (the format emitted by audit-logger.sh).
990
+ const m = /^audit-(\d{4}-\d{2}-\d{2})\.jsonl$/.exec(entry);
991
+ if (!m)
992
+ continue;
993
+ result.filesScanned += 1;
994
+ const fileDate = new Date(m[1] + 'T00:00:00.000Z');
995
+ const ageDays = Math.floor((now.getTime() - fileDate.getTime()) / (24 * 60 * 60 * 1000));
996
+ const filePath = path.join(opts.auditDir, entry);
997
+ if (fileDate.getTime() >= cutoff.getTime()) {
998
+ result.filesRetained += 1;
999
+ continue;
1000
+ }
1001
+ if (opts.dryRun) {
1002
+ result.filesActioned.push({ path: filePath, ageDays, action: 'would-action' });
1003
+ continue;
1004
+ }
1005
+ try {
1006
+ if (opts.archiveDir) {
1007
+ const dest = path.join(opts.archiveDir, entry);
1008
+ fs.renameSync(filePath, dest);
1009
+ result.filesActioned.push({ path: filePath, ageDays, action: 'archived' });
1010
+ }
1011
+ else {
1012
+ fs.unlinkSync(filePath);
1013
+ result.filesActioned.push({ path: filePath, ageDays, action: 'deleted' });
1014
+ }
1015
+ }
1016
+ catch (err) {
1017
+ result.errors.push({ path: filePath, error: err.message });
1018
+ }
1019
+ }
1020
+ return result;
1021
+ }
1022
+ export function verifyChain(logDir, jsonOutput) {
1023
+ // Validate logDir argument
1024
+ if (!logDir) {
1025
+ process.stderr.write('Error: <logDir> argument is required.\n');
1026
+ process.stderr.write('Usage: ai-governance verify-chain <logDir> [--json]\n');
1027
+ process.exit(2);
1028
+ }
1029
+ if (!fs.existsSync(logDir)) {
1030
+ const msg = `Error: Log directory not found: ${logDir}`;
1031
+ if (jsonOutput) {
1032
+ process.stdout.write(JSON.stringify({
1033
+ ok: false,
1034
+ error: `Log directory not found: ${logDir}`,
1035
+ exitCode: 2,
1036
+ }) + '\n');
1037
+ }
1038
+ else {
1039
+ process.stderr.write(msg + '\n');
1040
+ }
1041
+ process.exit(2);
1042
+ }
1043
+ if (!fs.statSync(logDir).isDirectory()) {
1044
+ const msg = `Error: Path is not a directory: ${logDir}`;
1045
+ if (jsonOutput) {
1046
+ process.stdout.write(JSON.stringify({
1047
+ ok: false,
1048
+ error: `Path is not a directory: ${logDir}`,
1049
+ exitCode: 2,
1050
+ }) + '\n');
1051
+ }
1052
+ else {
1053
+ process.stderr.write(msg + '\n');
1054
+ }
1055
+ process.exit(2);
1056
+ }
1057
+ // Collect JSONL files from logDir
1058
+ let jsonlFiles;
1059
+ try {
1060
+ jsonlFiles = fs.readdirSync(logDir)
1061
+ .filter(f => f.endsWith('.jsonl'))
1062
+ .sort()
1063
+ .map(f => path.join(logDir, f));
1064
+ }
1065
+ catch (err) {
1066
+ const msg = `Error: Cannot read log directory: ${err.message}`;
1067
+ if (jsonOutput) {
1068
+ process.stdout.write(JSON.stringify({ ok: false, error: msg, exitCode: 2 }) + '\n');
1069
+ }
1070
+ else {
1071
+ process.stderr.write(msg + '\n');
1072
+ }
1073
+ process.exit(2);
1074
+ }
1075
+ // Empty directory is valid — no tamper possible on an empty chain.
1076
+ // F-NEW-MED-10 (2026-05-02): when the dir contains other artifacts
1077
+ // (subdirs, .log files, .txt files) but no .jsonl chain entries,
1078
+ // the previous output silently reported EMPTY without acknowledging
1079
+ // the non-chain artifacts. Operators routinely pointed verify-chain
1080
+ // at the WRONG directory (e.g. an audit-logs/ that only had a
1081
+ // manual-verifications/ subdirectory) and saw a clean EMPTY result
1082
+ // when they expected to see entries. We now surface non-chain
1083
+ // artifacts in the response so the operator notices the path is
1084
+ // probably wrong.
1085
+ if (jsonlFiles.length === 0) {
1086
+ let nonJsonlEntries = [];
1087
+ let subdirs = [];
1088
+ try {
1089
+ const dirents = fs.readdirSync(logDir, { withFileTypes: true });
1090
+ for (const d of dirents) {
1091
+ if (d.isDirectory())
1092
+ subdirs.push(d.name);
1093
+ else if (!d.name.endsWith('.jsonl'))
1094
+ nonJsonlEntries.push(d.name);
1095
+ }
1096
+ }
1097
+ catch { /* best effort */ }
1098
+ const hint = (nonJsonlEntries.length > 0 || subdirs.length > 0)
1099
+ ? ('Log directory has no .jsonl chain entries, but contains ' +
1100
+ `${nonJsonlEntries.length} non-chain file(s) and ${subdirs.length} subdirectory(ies). ` +
1101
+ (subdirs.length > 0
1102
+ ? `Did you mean a subdirectory? Subdirs found: ${subdirs.slice(0, 5).join(', ')}${subdirs.length > 5 ? ' ...' : ''}. `
1103
+ : '') +
1104
+ 'verify-chain only reads .jsonl files in the directory you pass; it does not recurse.')
1105
+ : 'Log directory is empty. No chain to verify.';
1106
+ if (jsonOutput) {
1107
+ process.stdout.write(JSON.stringify({
1108
+ ok: true,
1109
+ status: 'EMPTY',
1110
+ chainLength: 0,
1111
+ files: 0,
1112
+ firstEntry: null,
1113
+ lastEntry: null,
1114
+ tamperFindings: [],
1115
+ nonChainFiles: nonJsonlEntries,
1116
+ subdirectories: subdirs,
1117
+ summary: hint,
1118
+ }) + '\n');
1119
+ }
1120
+ else {
1121
+ process.stdout.write('\nAudit Chain Verification\n');
1122
+ process.stdout.write('='.repeat(40) + '\n');
1123
+ process.stdout.write(' Status: EMPTY\n');
1124
+ process.stdout.write(' Chain length: 0 entries\n');
1125
+ process.stdout.write(' Files: 0\n');
1126
+ if (nonJsonlEntries.length > 0) {
1127
+ process.stdout.write(` Non-chain files: ${nonJsonlEntries.length} (e.g. ${nonJsonlEntries.slice(0, 3).join(', ')})\n`);
1128
+ }
1129
+ if (subdirs.length > 0) {
1130
+ process.stdout.write(` Subdirectories: ${subdirs.length} (${subdirs.slice(0, 5).join(', ')})\n`);
1131
+ }
1132
+ process.stdout.write('\n' + hint + '\n');
1133
+ }
1134
+ process.exit(0);
1135
+ }
1136
+ const findings = [];
1137
+ let totalEntries = 0;
1138
+ let prevHash = '';
1139
+ let firstTimestamp = null;
1140
+ let lastTimestamp = null;
1141
+ let globalSeq = 0;
1142
+ function computeEntryHash(entry) {
1143
+ const hashInput = JSON.stringify({
1144
+ data: entry.data,
1145
+ _seq: entry._seq,
1146
+ _prevHash: entry._prevHash,
1147
+ });
1148
+ return crypto.createHash('sha256').update(hashInput).digest('hex');
1149
+ }
1150
+ for (const filePath of jsonlFiles) {
1151
+ const baseName = path.basename(filePath);
1152
+ let rawLines;
1153
+ try {
1154
+ const content = fs.readFileSync(filePath, 'utf-8');
1155
+ rawLines = content.trim().split('\n').filter(Boolean);
1156
+ }
1157
+ catch (err) {
1158
+ findings.push({
1159
+ file: baseName,
1160
+ lineNumber: 0,
1161
+ seq: -1,
1162
+ reason: `Cannot read file: ${err.message}`,
1163
+ });
1164
+ continue;
1165
+ }
1166
+ for (let lineIdx = 0; lineIdx < rawLines.length; lineIdx++) {
1167
+ globalSeq++;
1168
+ totalEntries++;
1169
+ const lineNumber = lineIdx + 1;
1170
+ let entry;
1171
+ try {
1172
+ entry = JSON.parse(rawLines[lineIdx]);
1173
+ }
1174
+ catch (parseErr) {
1175
+ findings.push({
1176
+ file: baseName,
1177
+ lineNumber,
1178
+ seq: globalSeq,
1179
+ reason: `Malformed JSON: ${parseErr.message}`,
1180
+ });
1181
+ // Skip prevHash update — chain is broken here
1182
+ continue;
1183
+ }
1184
+ // Validate required fields
1185
+ if (typeof entry._seq !== 'number' || typeof entry._prevHash !== 'string' || typeof entry._hash !== 'string') {
1186
+ findings.push({
1187
+ file: baseName,
1188
+ lineNumber,
1189
+ seq: globalSeq,
1190
+ reason: 'Entry missing required chain fields (_seq, _prevHash, _hash)',
1191
+ });
1192
+ continue;
1193
+ }
1194
+ // Track timestamps for summary
1195
+ const ts = (entry.data?.timestamp ?? entry.data?.ts);
1196
+ if (ts) {
1197
+ if (firstTimestamp === null)
1198
+ firstTimestamp = ts;
1199
+ lastTimestamp = ts;
1200
+ }
1201
+ // Verify prevHash linkage
1202
+ if (entry._prevHash !== prevHash) {
1203
+ findings.push({
1204
+ file: baseName,
1205
+ lineNumber,
1206
+ seq: entry._seq,
1207
+ reason: `Chain break: _prevHash mismatch. Expected ${prevHash.slice(0, 16) || '(empty)'}, got ${entry._prevHash.slice(0, 16)}`,
1208
+ });
1209
+ }
1210
+ // Verify self-hash
1211
+ const expectedHash = computeEntryHash(entry);
1212
+ if (entry._hash !== expectedHash) {
1213
+ findings.push({
1214
+ file: baseName,
1215
+ lineNumber,
1216
+ seq: entry._seq,
1217
+ reason: `Tamper detected: entry hash does not match content. Entry seq=${entry._seq}`,
1218
+ });
1219
+ }
1220
+ prevHash = entry._hash;
1221
+ }
1222
+ }
1223
+ const intact = findings.length === 0;
1224
+ const status = intact ? 'INTACT' : 'TAMPERED';
1225
+ if (jsonOutput) {
1226
+ process.stdout.write(JSON.stringify({
1227
+ ok: intact,
1228
+ status,
1229
+ chainLength: totalEntries,
1230
+ files: jsonlFiles.length,
1231
+ firstEntry: firstTimestamp,
1232
+ lastEntry: lastTimestamp,
1233
+ tamperFindings: findings.map(f => ({
1234
+ file: f.file,
1235
+ line: f.lineNumber,
1236
+ seq: f.seq,
1237
+ reason: f.reason,
1238
+ })),
1239
+ summary: intact
1240
+ ? `Chain intact. ${totalEntries} entries verified across ${jsonlFiles.length} file(s).`
1241
+ : `TAMPER DETECTED. ${findings.length} finding(s) in ${totalEntries} entries.`,
1242
+ }, null, 2) + '\n');
1243
+ }
1244
+ else {
1245
+ process.stdout.write('\nAudit Chain Verification\n');
1246
+ process.stdout.write('='.repeat(40) + '\n');
1247
+ process.stdout.write(` Status: ${status}\n`);
1248
+ process.stdout.write(` Chain length: ${totalEntries} entries\n`);
1249
+ process.stdout.write(` Files: ${jsonlFiles.length}\n`);
1250
+ if (firstTimestamp) {
1251
+ process.stdout.write(` First entry: ${firstTimestamp}\n`);
1252
+ }
1253
+ if (lastTimestamp) {
1254
+ process.stdout.write(` Last entry: ${lastTimestamp}\n`);
1255
+ }
1256
+ if (findings.length > 0) {
1257
+ process.stdout.write(`\n TAMPER FINDINGS (${findings.length}):\n`);
1258
+ for (const f of findings) {
1259
+ process.stdout.write(` [${f.file}:L${f.lineNumber}] seq=${f.seq}: ${f.reason}\n`);
1260
+ }
1261
+ }
1262
+ process.stdout.write('\n' + (intact
1263
+ ? `Chain integrity verified. ${totalEntries} entries checked.\n`
1264
+ : `INTEGRITY FAILURE. ${findings.length} finding(s) detected. Log may have been tampered.\n`));
1265
+ }
1266
+ process.exit(intact ? 0 : 1);
1267
+ }
1268
+ // --- Status command ---
1269
+ function showStatus(projectDir) {
1270
+ const configPath = path.join(projectDir, '.governance.json');
1271
+ if (!fs.existsSync(configPath)) {
1272
+ process.stderr.write('No governance configured. Run "ai-governance init" first.\n');
1273
+ process.exit(1);
1274
+ }
1275
+ const config = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
1276
+ const govDir = path.join(projectDir, '.governance');
1277
+ // Count audit entries
1278
+ const auditDir = path.join(govDir, 'audit');
1279
+ let auditEntries = 0;
1280
+ if (fs.existsSync(auditDir)) {
1281
+ const files = fs.readdirSync(auditDir).filter(f => f.endsWith('.jsonl'));
1282
+ for (const file of files) {
1283
+ try {
1284
+ const content = fs.readFileSync(path.join(auditDir, file), 'utf-8').trim();
1285
+ auditEntries += content ? content.split('\n').length : 0;
1286
+ }
1287
+ catch { /* skip */ }
1288
+ }
1289
+ }
1290
+ // Count hooks
1291
+ const hooksDir = path.join(govDir, 'hooks');
1292
+ const hookCount = fs.existsSync(hooksDir)
1293
+ ? fs.readdirSync(hooksDir).filter(f => f.endsWith('.sh') || f.endsWith('.ps1')).length
1294
+ : 0;
1295
+ process.stdout.write('\nGovernance Status\n');
1296
+ process.stdout.write('='.repeat(40) + '\n');
1297
+ process.stdout.write(` Version: ${config.version}\n`);
1298
+ process.stdout.write(` License: ${config.license}\n`);
1299
+ process.stdout.write(` Packs: ${config.packs.join(', ')}\n`);
1300
+ process.stdout.write(` Hooks: ${hookCount} installed\n`);
1301
+ process.stdout.write(` Audit entries: ${auditEntries}\n`);
1302
+ process.stdout.write(` Encryption: ${config.encryption?.enabled ? 'enabled' : 'disabled'}\n`);
1303
+ process.stdout.write(` Created: ${config.createdAt}\n`);
1304
+ // Per-pack allow/deny rule summary.
1305
+ // Thomas directive 2026-05-17 evening: "It must start up and report
1306
+ // findings to a local database on the compliance and company packs,
1307
+ // including what they are allowed and not allowed to do."
1308
+ //
1309
+ // Pre-fix `status` showed pack NAMES (e.g. "hipaa, soc2") but no rules.
1310
+ // A customer couldn't answer "what does HIPAA block on my install?"
1311
+ // from the CLI. Now each bound pack expands to its categoryActions
1312
+ // (BLOCK / WARN / REQUIRE_APPROVAL / ALLOW), blocked LLM providers,
1313
+ // and required modules so the answer is one terminal scroll away.
1314
+ if (Array.isArray(config.packs) && config.packs.length > 0) {
1315
+ process.stdout.write(`\nPack rules\n${'='.repeat(40)}\n`);
1316
+ for (const packId of config.packs) {
1317
+ const normalizedId = packId.toLowerCase().replace(/[\s-_]/g, '');
1318
+ const pack = BUILT_IN_PACKS[packId] ?? BUILT_IN_PACKS[normalizedId];
1319
+ if (!pack) {
1320
+ process.stdout.write(` ${packId}: (unknown pack — not in BUILT_IN_PACKS)\n`);
1321
+ continue;
1322
+ }
1323
+ process.stdout.write(`\n ${pack.id} — ${pack.name} (v${pack.version}):\n`);
1324
+ const categoryActions = pack.dataPolicy?.categoryActions;
1325
+ if (categoryActions && Object.keys(categoryActions).length > 0) {
1326
+ process.stdout.write(` Category actions:\n`);
1327
+ const sortedEntries = Object.entries(categoryActions).sort(([, a], [, b]) => {
1328
+ const order = { BLOCK: 0, REQUIRE_APPROVAL: 1, WARN: 2, LOG: 3, ALLOW: 4 };
1329
+ return (order[a] ?? 5) - (order[b] ?? 5);
1330
+ });
1331
+ for (const [category, action] of sortedEntries) {
1332
+ process.stdout.write(` ${category.padEnd(36)} ${action}\n`);
1333
+ }
1334
+ }
1335
+ else {
1336
+ process.stdout.write(` Category actions: (none defined)\n`);
1337
+ }
1338
+ const providerPolicy = pack.providerPolicy;
1339
+ if (providerPolicy?.blockedProviders && providerPolicy.blockedProviders.length > 0) {
1340
+ process.stdout.write(` Blocked providers: ${providerPolicy.blockedProviders.join(', ')}\n`);
1341
+ }
1342
+ if (providerPolicy?.allowedProviders && providerPolicy.allowedProviders.length > 0) {
1343
+ process.stdout.write(` Allowed providers: ${providerPolicy.allowedProviders.join(', ')}\n`);
1344
+ }
1345
+ const requiredModules = pack.requiredModules;
1346
+ if (requiredModules && requiredModules.length > 0) {
1347
+ const names = requiredModules
1348
+ .map((m) => (typeof m === 'string' ? m : m?.name ?? 'unknown'))
1349
+ .filter(Boolean);
1350
+ process.stdout.write(` Required modules: ${names.join(', ')}\n`);
1351
+ }
1352
+ }
1353
+ }
1354
+ // Runtime push health — 2026-05-17 customer-debug enhancement.
1355
+ // Without these lines, customers couldn't tell from `status` whether their
1356
+ // hooks were actually reaching the platform or no-oping silently.
1357
+ const runtime = config.runtime;
1358
+ process.stdout.write(`\nRuntime push\n${'='.repeat(40)}\n`);
1359
+ if (!runtime || !runtime.serviceToken) {
1360
+ process.stdout.write(` Status: NOT WIRED — hooks fire locally only.\n`);
1361
+ process.stdout.write(` Fix: Re-run \`ai-governance init --vendor-code <code>\`\n`);
1362
+ }
1363
+ else {
1364
+ const govServerUrl = runtime.govServerUrl;
1365
+ const orgId = runtime.orgId;
1366
+ const agentId = runtime.agentId;
1367
+ const token = runtime.serviceToken;
1368
+ process.stdout.write(` Gov-server: ${govServerUrl ?? 'MISSING'}\n`);
1369
+ process.stdout.write(` Org: ${orgId ?? 'MISSING'}\n`);
1370
+ process.stdout.write(` Agent: ${agentId ?? 'MISSING'}\n`);
1371
+ // Decode the service token (best-effort) to surface expiry
1372
+ try {
1373
+ const parts = token.split('.');
1374
+ if (parts.length === 3) {
1375
+ const claims = JSON.parse(Buffer.from(parts[1], 'base64url').toString('utf8'));
1376
+ if (claims.exp) {
1377
+ const expDate = new Date(claims.exp * 1000);
1378
+ const daysLeft = Math.floor((expDate.getTime() - Date.now()) / 86_400_000);
1379
+ const expWarn = daysLeft < 30 ? ' ⚠ (consider `ai-governance rotate-token`)' : '';
1380
+ process.stdout.write(` Token expires: ${expDate.toISOString()} (${daysLeft}d)${expWarn}\n`);
1381
+ }
1382
+ if (claims.role) {
1383
+ process.stdout.write(` Token role: ${claims.role}\n`);
1384
+ }
1385
+ }
1386
+ }
1387
+ catch { /* malformed token; surfaced by ping below */ }
1388
+ // Best-effort ping — short timeout so `status` never hangs
1389
+ if (govServerUrl) {
1390
+ try {
1391
+ const { spawnSync } = require('node:child_process');
1392
+ const result = spawnSync('curl', [
1393
+ '--silent', '--show-error',
1394
+ '--max-time', '3',
1395
+ '--connect-timeout', '1',
1396
+ '-o', '/dev/null',
1397
+ '-w', '%{http_code}',
1398
+ `${govServerUrl.replace(/\/$/, '')}/api/v1/agents?org=${orgId ?? ''}`,
1399
+ '-H', `Authorization: Bearer ${token}`,
1400
+ ], { encoding: 'utf8' });
1401
+ const code = result.stdout?.trim() || '?';
1402
+ const verdict = code === '200' ? '✅ reachable + token valid' :
1403
+ code === '401' ? '⚠ token rejected (try `ai-governance rotate-token`)' :
1404
+ code === '000' ? '❌ unreachable (check govServerUrl + network)' :
1405
+ `⚠ HTTP ${code}`;
1406
+ process.stdout.write(` Live check: ${verdict}\n`);
1407
+ }
1408
+ catch {
1409
+ process.stdout.write(` Live check: skipped (curl unavailable)\n`);
1410
+ }
1411
+ }
1412
+ }
1413
+ process.stdout.write('\n');
1414
+ }
1415
+ // ---------------------------------------------------------------------------
1416
+ // F-NEW-PRODUCT-AGENT-DIR-WRAPPER slice 3: generateAutowrapArtifacts
1417
+ // ---------------------------------------------------------------------------
1418
+ /**
1419
+ * Generate .governance/autowrap.py and .governance/autowrap.js in agentDir.
1420
+ *
1421
+ * These scripts can be passed to Python / Node as bootstrap loaders:
1422
+ * CONNEXUM_AUTOWRAP=1 python -c "import connexum_governance; from openai import OpenAI"
1423
+ * NODE_OPTIONS='--require ./.governance/autowrap.js' node agent.js
1424
+ *
1425
+ * The function prints clear env-var instructions to stdout.
1426
+ * It does NOT modify the user's shell profile or global environment -- that
1427
+ * would be intrusive and violate the principle of least surprise.
1428
+ */
1429
+ export function generateAutowrapArtifacts(agentDir, detectedAgents, projectDir) {
1430
+ const govDir = path.join(agentDir, '.governance');
1431
+ if (!fs.existsSync(govDir)) {
1432
+ fs.mkdirSync(govDir, { recursive: true });
1433
+ }
1434
+ // Determine packs from detected agents (deduplicated union)
1435
+ const allPacks = new Set();
1436
+ for (const agent of detectedAgents) {
1437
+ for (const pack of agent.packs) {
1438
+ allPacks.add(pack);
1439
+ }
1440
+ }
1441
+ const tenantId = 'local-dev';
1442
+ const packs = JSON.stringify([...allPacks]);
1443
+ // --- Python bootstrap ---
1444
+ const pyPath = path.join(govDir, 'autowrap.py');
1445
+ const pyContent = [
1446
+ '"""',
1447
+ 'Connexum governance autowrap bootstrap -- generated by ai-governance CLI',
1448
+ 'Edit governance.json to change pack assignments. Do not edit this file.',
1449
+ '',
1450
+ 'Usage:',
1451
+ ' CONNEXUM_AUTOWRAP=1 python your_agent.py',
1452
+ '',
1453
+ 'Or add to your shell profile / CI env:',
1454
+ ' export CONNEXUM_AUTOWRAP=1',
1455
+ '"""',
1456
+ 'import os as _os',
1457
+ 'import sys as _sys',
1458
+ '',
1459
+ '# Activate governance before any provider imports',
1460
+ 'if _os.environ.get("CONNEXUM_AUTOWRAP") == "1":',
1461
+ ' try:',
1462
+ ' from connexum_governance.autowrap import activate',
1463
+ ' activate()',
1464
+ ' except ImportError as _e:',
1465
+ ' print(',
1466
+ ' f"[connexum-autowrap] ERROR: connexum_governance not installed: {_e}",',
1467
+ ' file=_sys.stderr,',
1468
+ ' )',
1469
+ ` # Governance context: tenantId=${tenantId}, packs=${packs}`,
1470
+ '',
1471
+ ].join('\n');
1472
+ fs.writeFileSync(pyPath, pyContent, { mode: 0o644 });
1473
+ process.stdout.write(` [autowrap] Python bootstrap: ${pyPath}\n`);
1474
+ // --- Node.js bootstrap (CommonJS --require script) ---
1475
+ const jsPath = path.join(govDir, 'autowrap.js');
1476
+ const jsContent = [
1477
+ '/**',
1478
+ ' * Connexum governance autowrap bootstrap -- generated by ai-governance CLI',
1479
+ ' * Edit governance.json to change pack assignments. Do not edit this file.',
1480
+ ' *',
1481
+ ' * Usage (add to dev shell or CI):',
1482
+ ' * NODE_OPTIONS="--require ' + path.relative(projectDir, jsPath) + '" node agent.js',
1483
+ ' *',
1484
+ ' * Or for a single invocation:',
1485
+ ' * CONNEXUM_AUTOWRAP=1 node -e "require(\\".governance/autowrap.js\\"); const {OpenAI} = require(\\"openai\\");"',
1486
+ ' */',
1487
+ "'use strict';",
1488
+ '',
1489
+ 'if (process.env.CONNEXUM_AUTOWRAP === "1") {',
1490
+ ' try {',
1491
+ " const { register } = require('@connexum/typescript-sdk/autowrap');",
1492
+ ' register();',
1493
+ ' } catch (err) {',
1494
+ ' process.stderr.write(',
1495
+ " '[connexum-autowrap] ERROR: @connexum/typescript-sdk not installed: ' + err.message + '\\n',",
1496
+ ' );',
1497
+ ' }',
1498
+ '}',
1499
+ `// Governance context: tenantId=${tenantId}, packs=${packs}`,
1500
+ '',
1501
+ ].join('\n');
1502
+ fs.writeFileSync(jsPath, jsContent, { mode: 0o644 });
1503
+ process.stdout.write(` [autowrap] Node.js bootstrap: ${jsPath}\n`);
1504
+ // Print activation instructions
1505
+ const relJs = path.relative(projectDir, jsPath);
1506
+ process.stdout.write('\n');
1507
+ process.stdout.write('Autowrap activation instructions:\n');
1508
+ process.stdout.write('\n');
1509
+ process.stdout.write(' Python:\n');
1510
+ process.stdout.write(' Add to your dev shell or CI environment:\n');
1511
+ process.stdout.write(' export CONNEXUM_AUTOWRAP=1\n');
1512
+ process.stdout.write(' Or activate per-invocation:\n');
1513
+ process.stdout.write(' CONNEXUM_AUTOWRAP=1 python your_agent.py\n');
1514
+ process.stdout.write('\n');
1515
+ process.stdout.write(' Node.js:\n');
1516
+ process.stdout.write(' Add to your dev shell or CI environment:\n');
1517
+ process.stdout.write(` export NODE_OPTIONS='--require ${relJs}'\n`);
1518
+ process.stdout.write(' export CONNEXUM_AUTOWRAP=1\n');
1519
+ process.stdout.write(' Or activate per-invocation:\n');
1520
+ process.stdout.write(` CONNEXUM_AUTOWRAP=1 node --require ${relJs} your_agent.js\n`);
1521
+ process.stdout.write('\n');
1522
+ process.stdout.write(' Note: These bootstrap scripts patch CJS require() calls. Pure ESM modules\n');
1523
+ process.stdout.write(' require slice 1 (--agent-dir) or slice 2 (.governed.ts shim files) instead.\n');
1524
+ }
1525
+ // --- Main ---
1526
+ // Only run the CLI when invoked directly, not when imported by tests.
1527
+ const isDirectRun = require.main === module;
1528
+ const args = process.argv.slice(2);
1529
+ const command = args[0];
1530
+ // SYSTEMIC-H3: CLI escape hatch for malformed governance config.
1531
+ // When --force-empty-config is passed, we set the matching env var so
1532
+ // GovernanceConfig.handleConfigFailure() sees it. The bypass is AUDIT
1533
+ // LOGGED via GovernanceConfig.consumeForceEmptyOverride() at boot.
1534
+ if (args.includes('--force-empty-config')) {
1535
+ process.env.FORCE_EMPTY_GOVERNANCE_CONFIG = 'true';
1536
+ process.env.FORCE_EMPTY_GOVERNANCE_CONFIG_SOURCE = 'cli';
1537
+ }
1538
+ if (isDirectRun && (command === '--version' || command === '-v')) {
1539
+ process.stdout.write(`@connexum/ai-governance v${VERSION}\n`);
1540
+ process.exit(0);
1541
+ }
1542
+ if (isDirectRun && (command === '--help' || command === '-h' || !command)) {
1543
+ process.stdout.write(`
1544
+ @connexum/ai-governance v${VERSION}
1545
+ Enterprise AI governance for Claude Code environments.
1546
+
1547
+ Usage:
1548
+ ai-governance init Interactive setup
1549
+ ai-governance init --vendor-code <code> Non-interactive Vendor Code
1550
+ ai-governance init --offline Offline grace mode (requires env ack)
1551
+ ai-governance init --ci Non-interactive (CI) setup
1552
+ --packs soc2,hipaa Compliance frameworks
1553
+ --license CXGOV-... License key
1554
+ ai-governance init --agent-dir <path> Scan custom agent directory (slices 1-4)
1555
+ [--skip-preflight] Skip preflight sidecar check
1556
+ [--sidecar-url <url>] Override sidecar URL (default: http://localhost:4201)
1557
+ ai-governance verify Verify governance file integrity
1558
+ ai-governance verify-chain <logDir> Verify audit chain integrity (standalone)
1559
+ [--json] Output machine-readable JSON
1560
+ ai-governance status Show governance status
1561
+ ai-governance discover Scan project + push signed manifests
1562
+ --root <path> Project directory to scan
1563
+ --org-id <org> Organisation identifier
1564
+ --key <pem-path> Ed25519 private key (PEM)
1565
+ --endpoint <url> Manifest receive endpoint
1566
+ [--dry-run] Discover + report without push
1567
+ [--max-depth <n>] Recursion depth (default 8)
1568
+ ai-governance packs <select|get|upgrade> Manage per-project compliance packs
1569
+ --project <id> Project ID (required)
1570
+ --packs <list> Comma-separated pack IDs (select)
1571
+ --pack <id> --version <semver> Pin pack version (upgrade)
1572
+ [--api-url <url>] Governance server (default https://api.my-cc.io)
1573
+ [--license-key <jwt>] Bearer JWT (or CONNEXUM_LICENSE env)
1574
+ ai-governance retention-sweep Sweep customer audit logs by age
1575
+ [--audit-dir <dir>] Audit dir (default .governance/audit)
1576
+ [--retain-days <n>] Retention window (default 2190 = 6y)
1577
+ [--archive-dir <dir>] Archive destination (else delete)
1578
+ [--dry-run] Report without acting
1579
+ [--json] Machine-readable output
1580
+ ai-governance rotate-token Rotate the runtime service token
1581
+ Reads .governance.json runtime.serviceToken,
1582
+ requests a fresh token from the gov-server,
1583
+ writes it back. Use case: token approaching
1584
+ 1-year TTL, compromised, or rotated for policy.
1585
+ ai-governance bootstrap-admin Create the first ORG_ADMIN for a fresh tenant
1586
+ --vendor-code <code> Vendor code from /start provisioning
1587
+ --email <email> Admin email
1588
+ --password <password> Admin password (min 8 chars)
1589
+ [--gov-server-url <url>] Override gov-server URL (default https://api.my-cc.io)
1590
+ [--write-config] Persist tokens to .governance.json 'admin' section
1591
+ Headless customer-onboarding for CI / IaC flows.
1592
+ Equivalent to setting a password on /start Screen4.
1593
+
1594
+ Subscription:
1595
+ Vendor Codes are emailed on purchase. Set CXNI_VENDOR_CODE env var or use
1596
+ --vendor-code <code> for non-interactive installs.
1597
+ Contact thomas@ucreatewithai.com or visit ${BILLING_URL}
1598
+
1599
+ Options:
1600
+ --version, -v Show version
1601
+ --help, -h Show this help
1602
+ --vendor-code <code> Supply Vendor Code non-interactively
1603
+ --offline Bypass subscription check (requires
1604
+ CXNI_OFFLINE_GRACE_ACKNOWLEDGED=true)
1605
+ --license-server <url> Override license server URL (persisted to config)
1606
+ --license-server-url <url> Alias for --license-server
1607
+ --force-empty-config (EMERGENCY) Bypass a malformed .governance.json
1608
+ and boot with an empty config. This action is
1609
+ audit-logged and is NOT a valid production mode.
1610
+
1611
+ verify-chain:
1612
+ Download your JSONL audit log directory and run:
1613
+ ai-governance verify-chain ./audit-logs
1614
+ Exit code 0 = chain intact, 1 = tamper detected, 2 = input error.
1615
+ Add --json for machine-readable output suitable for compliance pipelines.
1616
+
1617
+ Documentation: https://my-cc.io/docs/ai-governance
1618
+ Connexum Network Inc.
1619
+ `.trim() + '\n');
1620
+ process.exit(0);
1621
+ }
1622
+ if (isDirectRun) {
1623
+ const projectDir = process.cwd();
1624
+ if (command === 'init') {
1625
+ const ciMode = args.includes('--ci');
1626
+ // S-07: Parse vendor code flags
1627
+ const vendorCodeIdx = args.indexOf('--vendor-code');
1628
+ const vendorCodeFlag = vendorCodeIdx >= 0 ? args[vendorCodeIdx + 1] : undefined;
1629
+ const offlineFlag = args.includes('--offline');
1630
+ // License server URL: accept both --license-server and --license-server-url
1631
+ // --license-server is the shorter alias (matches task spec requirement)
1632
+ const lsIdx = args.indexOf('--license-server') >= 0
1633
+ ? args.indexOf('--license-server')
1634
+ : args.indexOf('--license-server-url');
1635
+ const licenseServerUrl = lsIdx >= 0 ? args[lsIdx + 1] : undefined;
1636
+ // F-NEW-CUSTOMER-JOURNEY-001: hook→gov-server runtime push config.
1637
+ // All four flags must be present together to enable the push path.
1638
+ // Env vars (CXNI_GOV_URL / CXNI_ORG_ID / CXNI_AGENT_ID /
1639
+ // CXNI_SERVICE_TOKEN) serve as fallbacks for CI environments.
1640
+ const govServerUrlIdx = args.indexOf('--gov-server-url');
1641
+ const orgIdIdx = args.indexOf('--org-id');
1642
+ const agentIdIdx = args.indexOf('--agent-id');
1643
+ const serviceTokenIdx = args.indexOf('--service-token');
1644
+ const runtimeGovServerUrl = (govServerUrlIdx >= 0 ? args[govServerUrlIdx + 1] : undefined) ?? process.env.CXNI_GOV_URL;
1645
+ const runtimeOrgId = (orgIdIdx >= 0 ? args[orgIdIdx + 1] : undefined) ?? process.env.CXNI_ORG_ID;
1646
+ const runtimeAgentId = (agentIdIdx >= 0 ? args[agentIdIdx + 1] : undefined) ?? process.env.CXNI_AGENT_ID;
1647
+ const runtimeServiceToken = (serviceTokenIdx >= 0 ? args[serviceTokenIdx + 1] : undefined) ?? process.env.CXNI_SERVICE_TOKEN;
1648
+ let runtimeConfig = runtimeGovServerUrl && runtimeOrgId && runtimeAgentId && runtimeServiceToken
1649
+ ? {
1650
+ govServerUrl: runtimeGovServerUrl,
1651
+ orgId: runtimeOrgId,
1652
+ agentId: runtimeAgentId,
1653
+ serviceToken: runtimeServiceToken,
1654
+ }
1655
+ : undefined;
1656
+ // 2026-05-17 customer-journey fix: when --vendor-code is the only
1657
+ // identifier the customer provides, exchange it server-side for the
1658
+ // four runtime fields. Without this, hooks fire locally but never push
1659
+ // to the platform — customer sees empty portal and churns.
1660
+ // Uses sync curl spawn because the surrounding init block is synchronous
1661
+ // (tsc CommonJS target rejects top-level await).
1662
+ if (!runtimeConfig && vendorCodeFlag) {
1663
+ const exchangeServer = process.env.CXNI_GOV_URL ??
1664
+ runtimeGovServerUrl ??
1665
+ licenseServerUrl ??
1666
+ DEFAULT_GOV_SERVER_URL;
1667
+ try {
1668
+ const { spawnSync } = require('node:child_process');
1669
+ const result = spawnSync('curl', [
1670
+ '--silent',
1671
+ '--show-error',
1672
+ '--max-time', '10',
1673
+ '--connect-timeout', '3',
1674
+ '-X', 'POST',
1675
+ `${exchangeServer.replace(/\/$/, '')}/api/v1/cli/exchange-vendor-code`,
1676
+ '-H', 'Content-Type: application/json',
1677
+ '--data', JSON.stringify({ vendorCode: vendorCodeFlag }),
1678
+ ], { encoding: 'utf8' });
1679
+ if (result.status === 0 && result.stdout) {
1680
+ try {
1681
+ const exchanged = JSON.parse(result.stdout);
1682
+ if (exchanged.govServerUrl && exchanged.orgId && exchanged.agentId && exchanged.serviceToken) {
1683
+ runtimeConfig = {
1684
+ govServerUrl: exchanged.govServerUrl,
1685
+ orgId: exchanged.orgId,
1686
+ agentId: exchanged.agentId,
1687
+ serviceToken: exchanged.serviceToken,
1688
+ };
1689
+ process.stderr.write(`[CLI] vendor-code exchanged: orgId=${exchanged.orgId} agentId=${exchanged.agentId}\n`);
1690
+ }
1691
+ else if (exchanged.error) {
1692
+ process.stderr.write(`[CLI] vendor-code exchange returned error: ${exchanged.error}\n`);
1693
+ }
1694
+ }
1695
+ catch (e) {
1696
+ process.stderr.write(`[CLI] vendor-code exchange parse failed: ${e.message}\n`);
1697
+ }
1698
+ }
1699
+ else if (result.stderr) {
1700
+ process.stderr.write(`[CLI] vendor-code exchange request failed: ${result.stderr.trim()}\n`);
1701
+ }
1702
+ }
1703
+ catch (e) {
1704
+ process.stderr.write(`[CLI] vendor-code exchange skipped (${e.message}). Hooks will run locally but not push to the platform.\n`);
1705
+ }
1706
+ }
1707
+ // F-NEW-PRODUCT-AGENT-DIR-WRAPPER slice 1: --agent-dir flag
1708
+ // Scans the specified directory for AI usage signatures and merges
1709
+ // detected agents into governance.json `agents[]`. Additive: does not
1710
+ // replace IDE marker detection. Runs before (and independently of)
1711
+ // the interactive/CI flow so governance.json already has agents[] when
1712
+ // the hook installer runs.
1713
+ const agentDirIdx = args.indexOf('--agent-dir');
1714
+ const agentDirFlag = agentDirIdx >= 0 ? args[agentDirIdx + 1] : undefined;
1715
+ if (agentDirFlag) {
1716
+ // Wrap in async IIFE so slice 4 await calls work without converting the
1717
+ // entire top-level init block to async (which would break the existing
1718
+ // sync interactiveInit / nonInteractiveInit paths below).
1719
+ void (async () => {
1720
+ const resolvedAgentDir = path.isAbsolute(agentDirFlag)
1721
+ ? agentDirFlag
1722
+ : path.join(projectDir, agentDirFlag);
1723
+ if (!fs.existsSync(resolvedAgentDir)) {
1724
+ process.stderr.write(`--agent-dir: directory not found: ${resolvedAgentDir}\n`);
1725
+ process.exit(1);
1726
+ }
1727
+ process.stdout.write(`Scanning agent directory: ${resolvedAgentDir}\n`);
1728
+ const detectedAgents = scanAgentDirectory(resolvedAgentDir);
1729
+ process.stdout.write(`Detected ${detectedAgents.length} agent file(s).\n`);
1730
+ // Merge into governance.json (create/update)
1731
+ const configPath = path.join(projectDir, 'governance.json');
1732
+ let config = {};
1733
+ if (fs.existsSync(configPath)) {
1734
+ try {
1735
+ config = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
1736
+ }
1737
+ catch { /* fresh */ }
1738
+ }
1739
+ const existing = Array.isArray(config['agents']) ? config['agents'] : [];
1740
+ // Merge: replace any existing auto-<id> entry for the same filePath, append new ones
1741
+ const merged = [...existing];
1742
+ for (const agent of detectedAgents) {
1743
+ const idx = merged.findIndex(a => a.filePath === agent.filePath);
1744
+ if (idx >= 0) {
1745
+ merged[idx] = agent;
1746
+ }
1747
+ else {
1748
+ merged.push(agent);
1749
+ }
1750
+ }
1751
+ config['agents'] = merged;
1752
+ fs.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 0o600 });
1753
+ process.stdout.write(`governance.json updated: ${merged.length} total agent(s).\n`);
1754
+ process.stdout.write(`Config: ${configPath}\n`);
1755
+ for (const agent of detectedAgents) {
1756
+ process.stdout.write(` [${agent.agentId}] ${agent.filePath} ` +
1757
+ `(${agent.language}, provider=${agent.provider ?? 'null'}, framework=${agent.framework ?? 'null'})\n`);
1758
+ }
1759
+ // F-NEW-PRODUCT-AGENT-DIR-WRAPPER slice 2: generate wrap-shim files
1760
+ process.stdout.write('\nGenerating governance shim files...\n');
1761
+ const shimResults = writeWrapShims(detectedAgents, resolvedAgentDir, (msg) => process.stdout.write(msg + '\n'));
1762
+ const generated = shimResults.filter(r => r.status === 'generated').length;
1763
+ const skipped = shimResults.filter(r => r.status !== 'generated').length;
1764
+ process.stdout.write(`Shim generation complete: ${generated} written, ${skipped} skipped.\n`);
1765
+ // F-NEW-PRODUCT-AGENT-DIR-WRAPPER slice 3: --autowrap flag
1766
+ // Generates .governance/autowrap.py and .governance/autowrap.js in the
1767
+ // agent directory and prints the env-var activation instructions.
1768
+ // Does NOT write to global env -- that would be intrusive.
1769
+ if (args.includes('--autowrap')) {
1770
+ generateAutowrapArtifacts(resolvedAgentDir, detectedAgents, projectDir);
1771
+ }
1772
+ // F-NEW-PRODUCT-AGENT-DIR-WRAPPER slice 4: preflight + green-checkmark report
1773
+ const skipPreflight = args.includes('--skip-preflight');
1774
+ if (!skipPreflight && detectedAgents.length > 0) {
1775
+ const sidecarUrlIdx = args.indexOf('--sidecar-url');
1776
+ const sidecarUrl = sidecarUrlIdx >= 0
1777
+ ? args[sidecarUrlIdx + 1]
1778
+ : (process.env['CONNEXUM_SIDECAR_URL'] ?? 'http://localhost:4201');
1779
+ try {
1780
+ process.stdout.write('\nRunning preflight checks against governance-sidecar...\n');
1781
+ const results = await preflightAgents(detectedAgents, resolvedAgentDir, { sidecarUrl });
1782
+ const report = formatPreflightReport(results, {
1783
+ useColour: process.stdout.isTTY,
1784
+ showDetail: true,
1785
+ });
1786
+ process.stdout.write(report);
1787
+ }
1788
+ catch (err) {
1789
+ process.stderr.write(`--agent-dir error: ${err.message}\n`);
1790
+ process.exit(1);
1791
+ }
1792
+ }
1793
+ else if (skipPreflight) {
1794
+ process.stdout.write('\nPreflight skipped (--skip-preflight).\n');
1795
+ }
1796
+ // --agent-dir is a standalone operation — do not fall through to interactive init
1797
+ // unless --ci or interactive flow flags are also explicitly set.
1798
+ if (!ciMode && !vendorCodeFlag && !offlineFlag) {
1799
+ process.exit(0);
1800
+ }
1801
+ })();
1802
+ }
1803
+ if (ciMode) {
1804
+ const packsIdx = args.indexOf('--packs');
1805
+ const licenseIdx = args.indexOf('--license');
1806
+ nonInteractiveInit(projectDir, {
1807
+ packs: packsIdx >= 0 ? args[packsIdx + 1] : undefined,
1808
+ license: licenseIdx >= 0 ? args[licenseIdx + 1] : undefined,
1809
+ licenseServerUrl,
1810
+ runtime: runtimeConfig,
1811
+ });
1812
+ }
1813
+ else if (!agentDirFlag) {
1814
+ interactiveInit(projectDir, { vendorCodeFlag, offlineFlag, licenseServerUrl, runtime: runtimeConfig }).catch(err => {
1815
+ process.stderr.write(`Error: ${err.message}\n`);
1816
+ process.exit(1);
1817
+ });
1818
+ }
1819
+ }
1820
+ else if (command === 'verify') {
1821
+ verifyGovernance(projectDir);
1822
+ }
1823
+ else if (command === 'verify-chain') {
1824
+ // GAP-S1-02: standalone audit chain verifier
1825
+ // Usage: ai-governance verify-chain <logDir> [--json]
1826
+ const logDir = args[1];
1827
+ const jsonOutput = args.includes('--json');
1828
+ verifyChain(logDir, jsonOutput);
1829
+ }
1830
+ else if (command === 'retention-sweep') {
1831
+ // F-NEW-AUDIT-RETENTION-1: customer-side audit log retention.
1832
+ // Usage:
1833
+ // ai-governance retention-sweep [--audit-dir DIR] [--retain-days N]
1834
+ // [--archive-dir DIR] [--dry-run] [--json]
1835
+ const auditDirIdx = args.indexOf('--audit-dir');
1836
+ const auditDir = auditDirIdx >= 0
1837
+ ? args[auditDirIdx + 1]
1838
+ : path.join(projectDir, '.governance', 'audit');
1839
+ const retainDaysIdx = args.indexOf('--retain-days');
1840
+ const retainDays = retainDaysIdx >= 0 ? parseInt(args[retainDaysIdx + 1], 10) : 2190;
1841
+ if (!Number.isFinite(retainDays) || retainDays < 1) {
1842
+ process.stderr.write('Error: --retain-days must be a positive integer.\n');
1843
+ process.exit(2);
1844
+ }
1845
+ const archiveDirIdx = args.indexOf('--archive-dir');
1846
+ const archiveDir = archiveDirIdx >= 0 ? args[archiveDirIdx + 1] : null;
1847
+ const dryRun = args.includes('--dry-run');
1848
+ const jsonOutput = args.includes('--json');
1849
+ const result = retentionSweep({ auditDir, retainDays, archiveDir, dryRun });
1850
+ if (jsonOutput) {
1851
+ process.stdout.write(JSON.stringify(result, null, 2) + '\n');
1852
+ }
1853
+ else {
1854
+ process.stdout.write(`Audit retention sweep\n`);
1855
+ process.stdout.write(` audit dir: ${result.auditDir}\n`);
1856
+ process.stdout.write(` retain days: ${result.retainDays}\n`);
1857
+ process.stdout.write(` cutoff: ${result.cutoffIso}\n`);
1858
+ process.stdout.write(` archive dir: ${result.archiveDir ?? '(none, files deleted)'}\n`);
1859
+ process.stdout.write(` dry run: ${result.dryRun}\n`);
1860
+ process.stdout.write(` files scanned: ${result.filesScanned}\n`);
1861
+ process.stdout.write(` files retained: ${result.filesRetained}\n`);
1862
+ process.stdout.write(` files actioned: ${result.filesActioned.length}\n`);
1863
+ for (const a of result.filesActioned) {
1864
+ process.stdout.write(` - ${a.action}: ${a.path} (age ${a.ageDays}d)\n`);
1865
+ }
1866
+ if (result.errors.length > 0) {
1867
+ process.stdout.write(` errors: ${result.errors.length}\n`);
1868
+ for (const e of result.errors) {
1869
+ process.stdout.write(` - ${e.path}: ${e.error}\n`);
1870
+ }
1871
+ }
1872
+ }
1873
+ process.exit(result.errors.length > 0 ? 1 : 0);
1874
+ }
1875
+ else if (command === 'status') {
1876
+ showStatus(projectDir);
1877
+ }
1878
+ else if (command === 'packs') {
1879
+ // W2: per-project pack selection CLI subcommand
1880
+ import('./packs.js').then(({ runPacksCommand }) => {
1881
+ runPacksCommand(args.slice(1)).catch((err) => {
1882
+ process.stderr.write(`Error: ${err.message}\n`);
1883
+ process.exit(2);
1884
+ });
1885
+ });
1886
+ }
1887
+ else if (command === 'discover') {
1888
+ // F-NEW-PRODUCT-AGENT-DISCOVERY-CLI: scan project + sign + push manifests.
1889
+ // Closes the W2.1 customer-visible loop. See src/cli/discover.ts.
1890
+ import('./discover.js').then(({ runDiscoverCommand }) => {
1891
+ runDiscoverCommand(args.slice(1)).then((code) => process.exit(code)).catch((err) => {
1892
+ process.stderr.write(`Error: ${err.message}\n`);
1893
+ process.exit(2);
1894
+ });
1895
+ });
1896
+ }
1897
+ else if (command === 'bootstrap-admin') {
1898
+ // 2026-05-17: headless first-admin creation. Used by CI / IaC flows
1899
+ // that provision tenants automatically without going through /start
1900
+ // in a browser. Requires: --vendor-code, --email, --password
1901
+ // (or env CXNI_VENDOR_CODE / CXNI_BOOTSTRAP_EMAIL / CXNI_BOOTSTRAP_PASSWORD).
1902
+ // Optional: --gov-server-url (defaults to CXNI_GOV_URL or DEFAULT_GOV_SERVER_URL = https://api.my-cc.io).
1903
+ (() => {
1904
+ const { spawnSync } = require('node:child_process');
1905
+ const fs = require('node:fs');
1906
+ const path = require('node:path');
1907
+ const argv = args.slice(1);
1908
+ const flag = (name, env) => {
1909
+ const idx = argv.indexOf(name);
1910
+ const v = idx >= 0 ? argv[idx + 1] : undefined;
1911
+ return v ?? (env ? process.env[env] : undefined);
1912
+ };
1913
+ const vendorCode = flag('--vendor-code', 'CXNI_VENDOR_CODE');
1914
+ const email = flag('--email', 'CXNI_BOOTSTRAP_EMAIL');
1915
+ const password = flag('--password', 'CXNI_BOOTSTRAP_PASSWORD');
1916
+ const govServerUrl = flag('--gov-server-url', 'CXNI_GOV_URL') ?? DEFAULT_GOV_SERVER_URL;
1917
+ const writeConfig = argv.includes('--write-config');
1918
+ if (!vendorCode || !email || !password) {
1919
+ process.stderr.write('bootstrap-admin requires --vendor-code, --email, --password (or env vars CXNI_VENDOR_CODE / CXNI_BOOTSTRAP_EMAIL / CXNI_BOOTSTRAP_PASSWORD)\n');
1920
+ process.exit(1);
1921
+ }
1922
+ if (password.length < 8) {
1923
+ process.stderr.write('password must be at least 8 characters\n');
1924
+ process.exit(1);
1925
+ }
1926
+ process.stderr.write(`Bootstrapping admin against ${govServerUrl} for vendorCode=${vendorCode.slice(0, 16)}…\n`);
1927
+ const result = spawnSync('curl', [
1928
+ '--silent', '--show-error',
1929
+ '--max-time', '15',
1930
+ '--connect-timeout', '5',
1931
+ '-X', 'POST',
1932
+ `${govServerUrl.replace(/\/$/, '')}/api/v1/cli/bootstrap-admin`,
1933
+ '-H', 'Content-Type: application/json',
1934
+ '--data', JSON.stringify({ vendorCode, email, password }),
1935
+ ], { encoding: 'utf8' });
1936
+ if (result.status !== 0 || !result.stdout) {
1937
+ process.stderr.write(`Bootstrap request failed: ${result.stderr?.trim() || 'no stdout'}\n`);
1938
+ process.exit(1);
1939
+ }
1940
+ let payload;
1941
+ try {
1942
+ payload = JSON.parse(result.stdout);
1943
+ }
1944
+ catch (e) {
1945
+ process.stderr.write(`Bootstrap response was not JSON: ${result.stdout.slice(0, 200)}\n`);
1946
+ process.exit(1);
1947
+ return;
1948
+ }
1949
+ if (!payload.accessToken) {
1950
+ process.stderr.write(`Bootstrap rejected: ${payload.detail ?? payload.error ?? JSON.stringify(payload)}\n`);
1951
+ process.exit(1);
1952
+ }
1953
+ // Optionally persist the bootstrap credentials into .governance.json
1954
+ // so subsequent CLI calls (e.g., `discover`) don't need to re-supply
1955
+ // the access token. Off by default — most callers will pipe stdout
1956
+ // into their own secret store.
1957
+ if (writeConfig) {
1958
+ const configPath = path.join(projectDir, '.governance.json');
1959
+ let config = {};
1960
+ if (fs.existsSync(configPath)) {
1961
+ try {
1962
+ config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
1963
+ }
1964
+ catch {
1965
+ // overwrite if malformed
1966
+ }
1967
+ }
1968
+ config['admin'] = {
1969
+ email,
1970
+ orgId: payload.orgId,
1971
+ userId: payload.userId,
1972
+ role: payload.role,
1973
+ accessToken: payload.accessToken,
1974
+ refreshToken: payload.refreshToken,
1975
+ createdAt: new Date().toISOString(),
1976
+ };
1977
+ fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
1978
+ try {
1979
+ fs.chmodSync(configPath, 0o600);
1980
+ }
1981
+ catch { /* best-effort on Windows */ }
1982
+ process.stderr.write(`Wrote admin section to ${configPath}\n`);
1983
+ }
1984
+ // Always print the result so CI can capture it.
1985
+ process.stdout.write(JSON.stringify({
1986
+ bootstrapped: true,
1987
+ orgId: payload.orgId,
1988
+ userId: payload.userId,
1989
+ role: payload.role,
1990
+ accessToken: payload.accessToken,
1991
+ refreshToken: payload.refreshToken,
1992
+ }) + '\n');
1993
+ process.exit(0);
1994
+ })();
1995
+ }
1996
+ else if (command === 'rotate-token') {
1997
+ // 2026-05-17: rotate the service token without burning a vendor-code redemption.
1998
+ // Reads .governance.json runtime.serviceToken, POSTs to
1999
+ // /api/v1/cli/rotate-token, writes the new token back. Use case:
2000
+ // approaching the 1-year TTL, token compromised, or token lost.
2001
+ (() => {
2002
+ const fs = require('node:fs');
2003
+ const path = require('node:path');
2004
+ const { spawnSync } = require('node:child_process');
2005
+ const configPath = path.join(projectDir, '.governance.json');
2006
+ if (!fs.existsSync(configPath)) {
2007
+ process.stderr.write('No .governance.json found in current directory. Run `ai-governance init` first.\n');
2008
+ process.exit(1);
2009
+ }
2010
+ let config;
2011
+ try {
2012
+ config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
2013
+ }
2014
+ catch (e) {
2015
+ process.stderr.write(`Failed to parse .governance.json: ${e.message}\n`);
2016
+ process.exit(1);
2017
+ return;
2018
+ }
2019
+ const runtime = config['runtime'] ?? {};
2020
+ const serviceToken = typeof runtime['serviceToken'] === 'string' ? runtime['serviceToken'] : '';
2021
+ const govServerUrl = typeof runtime['govServerUrl'] === 'string' ? runtime['govServerUrl'] : '';
2022
+ if (!serviceToken) {
2023
+ process.stderr.write('No runtime.serviceToken in .governance.json. Re-run `init --vendor-code` to obtain one.\n');
2024
+ process.exit(1);
2025
+ }
2026
+ if (!govServerUrl) {
2027
+ process.stderr.write('No runtime.govServerUrl in .governance.json.\n');
2028
+ process.exit(1);
2029
+ }
2030
+ process.stderr.write(`Rotating service token against ${govServerUrl} …\n`);
2031
+ const result = spawnSync('curl', [
2032
+ '--silent', '--show-error',
2033
+ '--max-time', '15',
2034
+ '--connect-timeout', '5',
2035
+ '-X', 'POST',
2036
+ `${govServerUrl.replace(/\/$/, '')}/api/v1/cli/rotate-token`,
2037
+ '-H', `Authorization: Bearer ${serviceToken}`,
2038
+ '-H', 'Content-Type: application/json',
2039
+ '--data', '{}',
2040
+ ], { encoding: 'utf8' });
2041
+ if (result.status !== 0 || !result.stdout) {
2042
+ process.stderr.write(`Rotation request failed: ${result.stderr?.trim() || 'no stdout'}\n`);
2043
+ process.exit(1);
2044
+ }
2045
+ let payload;
2046
+ try {
2047
+ payload = JSON.parse(result.stdout);
2048
+ }
2049
+ catch (e) {
2050
+ process.stderr.write(`Rotation response was not JSON: ${result.stdout.slice(0, 200)}\n`);
2051
+ process.exit(1);
2052
+ return;
2053
+ }
2054
+ if (!payload.serviceToken) {
2055
+ process.stderr.write(`Rotation rejected: ${payload.detail ?? payload.error ?? JSON.stringify(payload)}\n`);
2056
+ if ((payload.error ?? '') === 'token_expired') {
2057
+ process.stderr.write('Token already expired — re-run `ai-governance init --vendor-code <code>` to obtain a fresh one.\n');
2058
+ }
2059
+ process.exit(1);
2060
+ }
2061
+ config['runtime'].serviceToken = payload.serviceToken;
2062
+ fs.writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n');
2063
+ // Explicit chmod — writeFileSync's `mode` flag only applies on create,
2064
+ // and .governance.json already exists. Service token is sensitive →
2065
+ // owner-only read/write.
2066
+ try {
2067
+ fs.chmodSync(configPath, 0o600);
2068
+ }
2069
+ catch { /* best-effort on Windows */ }
2070
+ process.stdout.write(JSON.stringify({
2071
+ rotated: true,
2072
+ expiresAt: payload.expiresAt,
2073
+ configPath,
2074
+ }) + '\n');
2075
+ process.exit(0);
2076
+ })();
2077
+ }
2078
+ else {
2079
+ process.stderr.write(`Unknown command: '${command}'. Run 'ai-governance --help'.\n`);
2080
+ process.exit(1);
2081
+ }
2082
+ }
2083
+ //# sourceMappingURL=index.js.map