@contractspec/example.policy-safe-knowledge-assistant 1.46.1 → 1.48.0

package/dist/handlers/policy-safe-knowledge-assistant.handlers.js

@@ -0,0 +1,264 @@
+import { buildPolicySafeAnswer } from "../orchestrator/buildAnswer.js";
+import { web } from "@contractspec/lib.runtime-sandbox";
+
+//#region src/handlers/policy-safe-knowledge-assistant.handlers.ts
+const { generateId } = web;
+function parseJsonArray(value) {
+	if (!value) return [];
+	try {
+		const parsed = JSON.parse(value);
+		return Array.isArray(parsed) ? parsed.filter((v) => typeof v === "string") : [];
+	} catch {
+		return [];
+	}
+}
+function nowIso() {
+	return (/* @__PURE__ */ new Date()).toISOString();
+}
+function createPolicySafeKnowledgeAssistantHandlers(db) {
+	async function getUserContext(input) {
+		const row = (await db.query(`SELECT * FROM psa_user_context WHERE "projectId" = $1 LIMIT 1`, [input.projectId])).rows[0];
+		if (!row) return {
+			projectId: input.projectId,
+			locale: "en-GB",
+			jurisdiction: "EU",
+			allowedScope: "education_only",
+			kbSnapshotId: null
+		};
+		return {
+			projectId: row.projectId,
+			locale: row.locale,
+			jurisdiction: row.jurisdiction,
+			allowedScope: row.allowedScope,
+			kbSnapshotId: row.kbSnapshotId
+		};
+	}
+	async function setUserContext(input) {
+		if ((await db.query(`SELECT "projectId" FROM psa_user_context WHERE "projectId" = $1 LIMIT 1`, [input.projectId])).rows.length) await db.execute(`UPDATE psa_user_context SET locale = $1, jurisdiction = $2, "allowedScope" = $3 WHERE "projectId" = $4`, [
+			input.locale,
+			input.jurisdiction,
+			input.allowedScope,
+			input.projectId
+		]);
+		else await db.execute(`INSERT INTO psa_user_context ("projectId", locale, jurisdiction, "allowedScope", "kbSnapshotId") VALUES ($1, $2, $3, $4, $5)`, [
+			input.projectId,
+			input.locale,
+			input.jurisdiction,
+			input.allowedScope,
+			null
+		]);
+		return await getUserContext({ projectId: input.projectId });
+	}
+	async function createRule(input) {
+		const id = generateId("psa_rule");
+		await db.execute(`INSERT INTO psa_rule (id, "projectId", jurisdiction, "topicKey") VALUES ($1, $2, $3, $4)`, [
+			id,
+			input.projectId,
+			input.jurisdiction,
+			input.topicKey
+		]);
+		return {
+			id,
+			...input
+		};
+	}
+	async function upsertRuleVersion(input) {
+		if (!input.sourceRefs.length) throw new Error("SOURCE_REFS_REQUIRED");
+		const rule = (await db.query(`SELECT * FROM psa_rule WHERE id = $1 LIMIT 1`, [input.ruleId])).rows[0];
+		if (!rule) throw new Error("RULE_NOT_FOUND");
+		const maxResult = await db.query(`SELECT MAX(version) as maxVersion FROM psa_rule_version WHERE "ruleId" = $1`, [input.ruleId]);
+		const version = Number(maxResult.rows[0]?.maxVersion ?? 0) + 1;
+		const id = generateId("psa_rv");
+		const createdAt = nowIso();
+		await db.execute(`INSERT INTO psa_rule_version (id, "ruleId", jurisdiction, "topicKey", version, content, status, "sourceRefsJson", "approvedBy", "approvedAt", "createdAt")
+       VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11)`, [
+			id,
+			input.ruleId,
+			rule.jurisdiction,
+			rule.topicKey,
+			version,
+			input.content,
+			"draft",
+			JSON.stringify(input.sourceRefs),
+			null,
+			null,
+			createdAt
+		]);
+		return {
+			id,
+			ruleId: input.ruleId,
+			jurisdiction: rule.jurisdiction,
+			topicKey: rule.topicKey,
+			version,
+			content: input.content,
+			status: "draft",
+			sourceRefs: input.sourceRefs,
+			createdAt: new Date(createdAt)
+		};
+	}
+	async function approveRuleVersion(input) {
+		const approvedAt = nowIso();
+		await db.execute(`UPDATE psa_rule_version SET status = $1, "approvedBy" = $2, "approvedAt" = $3 WHERE id = $4`, [
+			"approved",
+			input.approver,
+			approvedAt,
+			input.ruleVersionId
+		]);
+		return {
+			ruleVersionId: input.ruleVersionId,
+			status: "approved"
+		};
+	}
+	async function publishSnapshot(input) {
+		const includedIds = (await db.query(`SELECT id FROM psa_rule_version WHERE jurisdiction = $1 AND status = 'approved' ORDER BY id ASC`, [input.jurisdiction])).rows.map((r) => r.id).filter(Boolean);
+		if (!includedIds.length) throw new Error("NO_APPROVED_RULES");
+		const id = generateId("psa_snap");
+		const publishedAt = nowIso();
+		await db.execute(`INSERT INTO psa_snapshot (id, jurisdiction, "asOfDate", "includedRuleVersionIdsJson", "publishedAt")
+       VALUES ($1, $2, $3, $4, $5)`, [
+			id,
+			input.jurisdiction,
+			input.asOfDate.toISOString(),
+			JSON.stringify(includedIds),
+			publishedAt
+		]);
+		await db.execute(`UPDATE psa_user_context SET "kbSnapshotId" = $1 WHERE "projectId" = $2`, [id, input.projectId]);
+		return {
+			id,
+			jurisdiction: input.jurisdiction,
+			includedRuleVersionIds: includedIds
+		};
+	}
+	async function searchKb(input) {
+		const snap = (await db.query(`SELECT * FROM psa_snapshot WHERE id = $1 LIMIT 1`, [input.snapshotId])).rows[0];
+		if (!snap) throw new Error("SNAPSHOT_NOT_FOUND");
+		if (snap.jurisdiction !== input.jurisdiction) throw new Error("JURISDICTION_MISMATCH");
+		const includedIds = parseJsonArray(snap.includedRuleVersionIdsJson);
+		const tokens = input.query.toLowerCase().split(/\s+/).map((t) => t.trim()).filter(Boolean);
+		const items = [];
+		for (const id of includedIds) {
+			const rv = (await db.query(`SELECT * FROM psa_rule_version WHERE id = $1 LIMIT 1`, [id])).rows[0];
+			if (!rv) continue;
+			const hay = rv.content.toLowerCase();
+			if (!(tokens.length ? tokens.every((t) => hay.includes(t)) : true)) continue;
+			items.push({
+				ruleVersionId: rv.id,
+				excerpt: rv.content.slice(0, 140)
+			});
+		}
+		return { items };
+	}
+	async function answer(input) {
+		const ctx = await getUserContext({ projectId: input.projectId });
+		if (!ctx.kbSnapshotId) return await buildPolicySafeAnswer({
+			envelope: {
+				traceId: generateId("trace"),
+				locale: ctx.locale,
+				kbSnapshotId: "",
+				allowedScope: ctx.allowedScope,
+				regulatoryContext: { jurisdiction: ctx.jurisdiction }
+			},
+			question: input.question,
+			kbSearch: async () => ({ items: [] })
+		});
+		return await buildPolicySafeAnswer({
+			envelope: {
+				traceId: generateId("trace"),
+				locale: ctx.locale,
+				kbSnapshotId: ctx.kbSnapshotId,
+				allowedScope: ctx.allowedScope,
+				regulatoryContext: { jurisdiction: ctx.jurisdiction }
+			},
+			question: input.question,
+			kbSearch: async (q) => await searchKb(q)
+		});
+	}
+	async function createChangeCandidate(input) {
+		const id = generateId("psa_change");
+		await db.execute(`INSERT INTO psa_change_candidate (id, "projectId", jurisdiction, "detectedAt", "diffSummary", "riskLevel", "proposedRuleVersionIdsJson")
+       VALUES ($1, $2, $3, $4, $5, $6, $7)`, [
+			id,
+			input.projectId,
+			input.jurisdiction,
+			nowIso(),
+			input.diffSummary,
+			input.riskLevel,
+			JSON.stringify(input.proposedRuleVersionIds)
+		]);
+		return { id };
+	}
+	async function createReviewTask(input) {
+		const candidate = (await db.query(`SELECT * FROM psa_change_candidate WHERE id = $1 LIMIT 1`, [input.changeCandidateId])).rows[0];
+		if (!candidate) throw new Error("CHANGE_CANDIDATE_NOT_FOUND");
+		const assignedRole = candidate.riskLevel === "high" ? "expert" : "curator";
+		const id = generateId("psa_review");
+		await db.execute(`INSERT INTO psa_review_task (id, "changeCandidateId", status, "assignedRole", decision, "decidedAt", "decidedBy")
+       VALUES ($1, $2, $3, $4, $5, $6, $7)`, [
+			id,
+			input.changeCandidateId,
+			"open",
+			assignedRole,
+			null,
+			null,
+			null
+		]);
+		return {
+			id,
+			assignedRole
+		};
+	}
+	async function submitDecision(input) {
+		const task = (await db.query(`SELECT * FROM psa_review_task WHERE id = $1 LIMIT 1`, [input.reviewTaskId])).rows[0];
+		if (!task) throw new Error("REVIEW_TASK_NOT_FOUND");
+		const candidate = (await db.query(`SELECT * FROM psa_change_candidate WHERE id = $1 LIMIT 1`, [task.changeCandidateId])).rows[0];
+		if (!candidate) throw new Error("CHANGE_CANDIDATE_NOT_FOUND");
+		if (candidate.riskLevel === "high" && input.decision === "approve" && input.decidedByRole !== "expert") throw new Error("FORBIDDEN_ROLE");
+		const decidedAt = nowIso();
+		await db.execute(`UPDATE psa_review_task SET status = $1, decision = $2, "decidedAt" = $3, "decidedBy" = $4 WHERE id = $5`, [
+			"decided",
+			input.decision,
+			decidedAt,
+			input.decidedBy,
+			input.reviewTaskId
+		]);
+		return {
+			id: input.reviewTaskId,
+			status: "decided"
+		};
+	}
+	async function publishIfReady(input) {
+		const openResult = await db.query(`SELECT COUNT(*) as count FROM psa_review_task WHERE status != 'decided'`, []);
+		if (Number(openResult.rows[0]?.count ?? 0) > 0) throw new Error("NOT_READY");
+		const decidedResult = await db.query(`SELECT * FROM psa_review_task`, []);
+		for (const row of decidedResult.rows) {
+			if (row.decision !== "approve") continue;
+			const cand = (await db.query(`SELECT * FROM psa_change_candidate WHERE id = $1 LIMIT 1`, [row.changeCandidateId])).rows[0];
+			if (!cand) continue;
+			if (cand.jurisdiction !== input.jurisdiction) continue;
+			const proposedIds = parseJsonArray(cand.proposedRuleVersionIdsJson);
+			for (const rvId of proposedIds) {
+				const rvQueryResult = await db.query(`SELECT status FROM psa_rule_version WHERE id = $1 LIMIT 1`, [rvId]);
+				if (String(rvQueryResult.rows[0]?.status ?? "") !== "approved") throw new Error("NOT_READY");
+			}
+		}
+		return { published: true };
+	}
+	return {
+		getUserContext,
+		setUserContext,
+		createRule,
+		upsertRuleVersion,
+		approveRuleVersion,
+		publishSnapshot,
+		searchKb,
+		answer,
+		createChangeCandidate,
+		createReviewTask,
+		submitDecision,
+		publishIfReady
+	};
+}
+
+//#endregion
+export { createPolicySafeKnowledgeAssistantHandlers };
+//# sourceMappingURL=policy-safe-knowledge-assistant.handlers.js.map

package/dist/handlers/policy-safe-knowledge-assistant.handlers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-safe-knowledge-assistant.handlers.js","names":[],"sources":["../../src/handlers/policy-safe-knowledge-assistant.handlers.ts"],"sourcesContent":["/**\n * Runtime-local handlers for the Policy-safe Knowledge Assistant template.\n *\n * These handlers are intentionally minimal and deterministic:\n * - No external LLM calls\n * - No web fetching as primary truth\n * - Answers are derived from KB snapshots and must include citations\n */\nimport type { DatabasePort, DbRow } from '@contractspec/lib.runtime-sandbox';\nimport { web } from '@contractspec/lib.runtime-sandbox';\nconst { generateId } = web;\n\nimport { buildPolicySafeAnswer } from '../orchestrator/buildAnswer';\n\ntype AllowedScope = 'education_only' | 'generic_info' | 'escalation_required';\ntype RiskLevel = 'low' | 'medium' | 'high';\ntype ReviewRole = 'curator' | 'expert';\n\ninterface UserContextRow extends Record<string, unknown> {\n  projectId: string;\n  locale: string;\n  jurisdiction: string;\n  allowedScope: AllowedScope;\n  kbSnapshotId: string | null;\n}\n\ninterface RuleRow extends Record<string, unknown> {\n  id: string;\n  projectId: string;\n  jurisdiction: string;\n  topicKey: string;\n}\n\ninterface RuleVersionRow extends Record<string, unknown> {\n  id: string;\n  ruleId: string;\n  jurisdiction: string;\n  topicKey: string;\n  version: number;\n  content: string;\n  status: string;\n  sourceRefsJson: string;\n  approvedBy: string | null;\n  approvedAt: string | null;\n  createdAt: string;\n}\n\ninterface SnapshotRow extends Record<string, unknown> {\n  id: string;\n  jurisdiction: string;\n  asOfDate: string;\n  includedRuleVersionIdsJson: string;\n  publishedAt: string;\n}\n\ninterface ChangeCandidateRow extends Record<string, unknown> {\n  id: string;\n  projectId: string;\n  jurisdiction: string;\n  detectedAt: string;\n  diffSummary: string;\n  riskLevel: RiskLevel;\n  proposedRuleVersionIdsJson: string;\n}\n\ninterface ReviewTaskRow extends Record<string, unknown> {\n  id: string;\n  changeCandidateId: string;\n  status: string;\n  assignedRole: ReviewRole;\n  decision: string | null;\n  decidedAt: string | null;\n  decidedBy: string | null;\n}\n\nfunction parseJsonArray(value: string | null): string[] {\n  if (!value) return [];\n  try {\n    const parsed = JSON.parse(value) as unknown;\n    return Array.isArray(parsed)\n      ? parsed.filter((v) => typeof v === 'string')\n      : [];\n  } catch {\n    return [];\n  }\n}\n\nfunction nowIso(): string {\n  return new Date().toISOString();\n}\n\nexport function createPolicySafeKnowledgeAssistantHandlers(db: DatabasePort) {\n  async function getUserContext(input: { projectId: string }) {\n    const result = await db.query(\n      `SELECT * FROM psa_user_context WHERE \"projectId\" = $1 LIMIT 1`,\n      [input.projectId]\n    );\n    const row = result.rows[0] as UserContextRow | undefined;\n    if (!row) {\n      return {\n        projectId: input.projectId,\n        locale: 'en-GB',\n        jurisdiction: 'EU',\n        allowedScope: 'education_only' as const,\n        kbSnapshotId: null as string | null,\n      };\n    }\n    return {\n      projectId: row.projectId,\n      locale: row.locale,\n      jurisdiction: row.jurisdiction,\n      allowedScope: row.allowedScope,\n      kbSnapshotId: row.kbSnapshotId,\n    };\n  }\n\n  async function setUserContext(input: {\n    projectId: string;\n    locale: string;\n    jurisdiction: string;\n    allowedScope: AllowedScope;\n  }) {\n    const existing = await db.query(\n      `SELECT \"projectId\" FROM psa_user_context WHERE \"projectId\" = $1 LIMIT 1`,\n      [input.projectId]\n    );\n    if (existing.rows.length) {\n      await db.execute(\n        `UPDATE psa_user_context SET locale = $1, jurisdiction = $2, \"allowedScope\" = $3 WHERE \"projectId\" = $4`,\n        [input.locale, input.jurisdiction, input.allowedScope, input.projectId]\n      );\n    } else {\n      await db.execute(\n        `INSERT INTO psa_user_context (\"projectId\", locale, jurisdiction, \"allowedScope\", \"kbSnapshotId\") VALUES ($1, $2, $3, $4, $5)`,\n        [\n          input.projectId,\n          input.locale,\n          input.jurisdiction,\n          input.allowedScope,\n          null,\n        ]\n      );\n    }\n    return await getUserContext({ projectId: input.projectId });\n  }\n\n  async function createRule(input: {\n    projectId: string;\n    jurisdiction: string;\n    topicKey: string;\n  }) {\n    const id = generateId('psa_rule');\n    await db.execute(\n      `INSERT INTO psa_rule (id, \"projectId\", jurisdiction, \"topicKey\") VALUES ($1, $2, $3, $4)`,\n      [id, input.projectId, input.jurisdiction, input.topicKey]\n    );\n    return { id, ...input };\n  }\n\n  async function upsertRuleVersion(input: {\n    projectId: string;\n    ruleId: string;\n    content: string;\n    sourceRefs: { sourceDocumentId: string; excerpt?: string }[];\n  }) {\n    if (!input.sourceRefs.length) throw new Error('SOURCE_REFS_REQUIRED');\n    const rulesResult = await db.query(\n      `SELECT * FROM psa_rule WHERE id = $1 LIMIT 1`,\n      [input.ruleId]\n    );\n    const rule = rulesResult.rows[0] as RuleRow | undefined;\n    if (!rule) throw new Error('RULE_NOT_FOUND');\n\n    const maxResult = await db.query(\n      `SELECT MAX(version) as maxVersion FROM psa_rule_version WHERE \"ruleId\" = $1`,\n      [input.ruleId]\n    );\n    const maxVersion = Number(\n      (maxResult.rows[0] as Record<string, unknown>)?.maxVersion ?? 0\n    );\n    const version = maxVersion + 1;\n    const id = generateId('psa_rv');\n    const createdAt = nowIso();\n    await db.execute(\n      `INSERT INTO psa_rule_version (id, \"ruleId\", jurisdiction, \"topicKey\", version, content, status, \"sourceRefsJson\", \"approvedBy\", \"approvedAt\", \"createdAt\")\n       VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11)`,\n      [\n        id,\n        input.ruleId,\n        rule.jurisdiction,\n        rule.topicKey,\n        version,\n        input.content,\n        'draft',\n        JSON.stringify(input.sourceRefs),\n        null,\n        null,\n        createdAt,\n      ]\n    );\n    return {\n      id,\n      ruleId: input.ruleId,\n      jurisdiction: rule.jurisdiction,\n      topicKey: rule.topicKey,\n      version,\n      content: input.content,\n      status: 'draft',\n      sourceRefs: input.sourceRefs,\n      createdAt: new Date(createdAt),\n    };\n  }\n\n  async function approveRuleVersion(input: {\n    ruleVersionId: string;\n    approver: string;\n  }) {\n    const approvedAt = nowIso();\n    await db.execute(\n      `UPDATE psa_rule_version SET status = $1, \"approvedBy\" = $2, \"approvedAt\" = $3 WHERE id = $4`,\n      ['approved', input.approver, approvedAt, input.ruleVersionId]\n    );\n    return { ruleVersionId: input.ruleVersionId, status: 'approved' as const };\n  }\n\n  async function publishSnapshot(input: {\n    projectId: string;\n    jurisdiction: string;\n    asOfDate: Date;\n  }) {\n    const approvedResult = await db.query(\n      `SELECT id FROM psa_rule_version WHERE jurisdiction = $1 AND status = 'approved' ORDER BY id ASC`,\n      [input.jurisdiction]\n    );\n    const includedIds = approvedResult.rows\n      .map((r: DbRow) => (r as { id: string }).id)\n      .filter(Boolean);\n    if (!includedIds.length) throw new Error('NO_APPROVED_RULES');\n    const id = generateId('psa_snap');\n    const publishedAt = nowIso();\n    await db.execute(\n      `INSERT INTO psa_snapshot (id, jurisdiction, \"asOfDate\", \"includedRuleVersionIdsJson\", \"publishedAt\")\n       VALUES ($1, $2, $3, $4, $5)`,\n      [\n        id,\n        input.jurisdiction,\n        input.asOfDate.toISOString(),\n        JSON.stringify(includedIds),\n        publishedAt,\n      ]\n    );\n    // update user context snapshot pointer (single-profile demo)\n    await db.execute(\n      `UPDATE psa_user_context SET \"kbSnapshotId\" = $1 WHERE \"projectId\" = $2`,\n      [id, input.projectId]\n    );\n    return {\n      id,\n      jurisdiction: input.jurisdiction,\n      includedRuleVersionIds: includedIds,\n    };\n  }\n\n  async function searchKb(input: {\n    snapshotId: string;\n    jurisdiction: string;\n    query: string;\n  }) {\n    const snapResult = await db.query(\n      `SELECT * FROM psa_snapshot WHERE id = $1 LIMIT 1`,\n      [input.snapshotId]\n    );\n    const snap = snapResult.rows[0] as SnapshotRow | undefined;\n    if (!snap) throw new Error('SNAPSHOT_NOT_FOUND');\n    if (snap.jurisdiction !== input.jurisdiction)\n      throw new Error('JURISDICTION_MISMATCH');\n\n    const includedIds = parseJsonArray(snap.includedRuleVersionIdsJson);\n    const tokens = input.query\n      .toLowerCase()\n      .split(/\\s+/)\n      .map((t) => t.trim())\n      .filter(Boolean);\n\n    const items: { ruleVersionId: string; excerpt?: string }[] = [];\n    for (const id of includedIds) {\n      const rvResult = await db.query(\n        `SELECT * FROM psa_rule_version WHERE id = $1 LIMIT 1`,\n        [id]\n      );\n      const rv = rvResult.rows[0] as RuleVersionRow | undefined;\n      if (!rv) continue;\n      const hay = rv.content.toLowerCase();\n      const match = tokens.length ? tokens.every((t) => hay.includes(t)) : true;\n      if (!match) continue;\n      items.push({ ruleVersionId: rv.id, excerpt: rv.content.slice(0, 140) });\n    }\n    return { items };\n  }\n\n  async function answer(input: { projectId: string; question: string }) {\n    const ctx = await getUserContext({ projectId: input.projectId });\n    if (!ctx.kbSnapshotId) {\n      // fail closed: no snapshot id => refuse via gate\n      const refused = await buildPolicySafeAnswer({\n        envelope: {\n          traceId: generateId('trace'),\n          locale: ctx.locale,\n          kbSnapshotId: '',\n          allowedScope: ctx.allowedScope,\n          regulatoryContext: { jurisdiction: ctx.jurisdiction },\n        },\n        question: input.question,\n        kbSearch: async () => ({ items: [] }),\n      });\n      return refused;\n    }\n    return await buildPolicySafeAnswer({\n      envelope: {\n        traceId: generateId('trace'),\n        locale: ctx.locale,\n        kbSnapshotId: ctx.kbSnapshotId,\n        allowedScope: ctx.allowedScope,\n        regulatoryContext: { jurisdiction: ctx.jurisdiction },\n      },\n      question: input.question,\n      kbSearch: async (q) => await searchKb(q),\n    });\n  }\n\n  async function createChangeCandidate(input: {\n    projectId: string;\n    jurisdiction: string;\n    diffSummary: string;\n    riskLevel: RiskLevel;\n    proposedRuleVersionIds: string[];\n  }) {\n    const id = generateId('psa_change');\n    await db.execute(\n      `INSERT INTO psa_change_candidate (id, \"projectId\", jurisdiction, \"detectedAt\", \"diffSummary\", \"riskLevel\", \"proposedRuleVersionIdsJson\")\n       VALUES ($1, $2, $3, $4, $5, $6, $7)`,\n      [\n        id,\n        input.projectId,\n        input.jurisdiction,\n        nowIso(),\n        input.diffSummary,\n        input.riskLevel,\n        JSON.stringify(input.proposedRuleVersionIds),\n      ]\n    );\n    return { id };\n  }\n\n  async function createReviewTask(input: { changeCandidateId: string }) {\n    const candResult = await db.query(\n      `SELECT * FROM psa_change_candidate WHERE id = $1 LIMIT 1`,\n      [input.changeCandidateId]\n    );\n    const candidate = candResult.rows[0] as ChangeCandidateRow | undefined;\n    if (!candidate) throw new Error('CHANGE_CANDIDATE_NOT_FOUND');\n    const assignedRole: ReviewRole =\n      candidate.riskLevel === 'high' ? 'expert' : 'curator';\n    const id = generateId('psa_review');\n    await db.execute(\n      `INSERT INTO psa_review_task (id, \"changeCandidateId\", status, \"assignedRole\", decision, \"decidedAt\", \"decidedBy\")\n       VALUES ($1, $2, $3, $4, $5, $6, $7)`,\n      [id, input.changeCandidateId, 'open', assignedRole, null, null, null]\n    );\n    return { id, assignedRole };\n  }\n\n  async function submitDecision(input: {\n    reviewTaskId: string;\n    decision: 'approve' | 'reject';\n    decidedByRole: ReviewRole;\n    decidedBy: string;\n  }) {\n    const reviewResult = await db.query(\n      `SELECT * FROM psa_review_task WHERE id = $1 LIMIT 1`,\n      [input.reviewTaskId]\n    );\n    const task = reviewResult.rows[0] as ReviewTaskRow | undefined;\n    if (!task) throw new Error('REVIEW_TASK_NOT_FOUND');\n\n    const candidateResult = await db.query(\n      `SELECT * FROM psa_change_candidate WHERE id = $1 LIMIT 1`,\n      [task.changeCandidateId]\n    );\n    const candidate = candidateResult.rows[0] as ChangeCandidateRow | undefined;\n    if (!candidate) throw new Error('CHANGE_CANDIDATE_NOT_FOUND');\n    if (\n      candidate.riskLevel === 'high' &&\n      input.decision === 'approve' &&\n      input.decidedByRole !== 'expert'\n    ) {\n      throw new Error('FORBIDDEN_ROLE');\n    }\n\n    const decidedAt = nowIso();\n    await db.execute(\n      `UPDATE psa_review_task SET status = $1, decision = $2, \"decidedAt\" = $3, \"decidedBy\" = $4 WHERE id = $5`,\n      [\n        'decided',\n        input.decision,\n        decidedAt,\n        input.decidedBy,\n        input.reviewTaskId,\n      ]\n    );\n    return { id: input.reviewTaskId, status: 'decided' as const };\n  }\n\n  async function publishIfReady(input: { jurisdiction: string }) {\n    const openResult = await db.query(\n      `SELECT COUNT(*) as count FROM psa_review_task WHERE status != 'decided'`,\n      []\n    );\n    const openCount = Number(\n      (openResult.rows[0] as Record<string, unknown>)?.count ?? 0\n    );\n    if (openCount > 0) throw new Error('NOT_READY');\n\n    // Ensure for each approved review, all proposed rule versions are approved in KB.\n    const decidedResult = await db.query(`SELECT * FROM psa_review_task`, []);\n    for (const row of decidedResult.rows as ReviewTaskRow[]) {\n      if (row.decision !== 'approve') continue;\n      const candQueryResult = await db.query(\n        `SELECT * FROM psa_change_candidate WHERE id = $1 LIMIT 1`,\n        [row.changeCandidateId]\n      );\n      const cand = candQueryResult.rows[0] as ChangeCandidateRow | undefined;\n      if (!cand) continue;\n      if (cand.jurisdiction !== input.jurisdiction) continue;\n      const proposedIds = parseJsonArray(cand.proposedRuleVersionIdsJson);\n      for (const rvId of proposedIds) {\n        const rvQueryResult = await db.query(\n          `SELECT status FROM psa_rule_version WHERE id = $1 LIMIT 1`,\n          [rvId]\n        );\n        const status = String(\n          (rvQueryResult.rows[0] as Record<string, unknown> | undefined)\n            ?.status ?? ''\n        );\n        if (status !== 'approved') throw new Error('NOT_READY');\n      }\n    }\n    return { published: true as const };\n  }\n\n  return {\n    // Onboarding\n    getUserContext,\n    setUserContext,\n\n    // KB\n    createRule,\n    upsertRuleVersion,\n    approveRuleVersion,\n    publishSnapshot,\n    searchKb,\n\n    // Assistant\n    answer,\n\n    // Pipeline\n    createChangeCandidate,\n    createReviewTask,\n    submitDecision,\n    publishIfReady,\n  };\n}\n\nexport type PolicySafeKnowledgeAssistantHandlers = ReturnType<\n  typeof createPolicySafeKnowledgeAssistantHandlers\n>;\n"],"mappings":";;;;AAUA,MAAM,EAAE,eAAe;AAiEvB,SAAS,eAAe,OAAgC;AACtD,KAAI,CAAC,MAAO,QAAO,EAAE;AACrB,KAAI;EACF,MAAM,SAAS,KAAK,MAAM,MAAM;AAChC,SAAO,MAAM,QAAQ,OAAO,GACxB,OAAO,QAAQ,MAAM,OAAO,MAAM,SAAS,GAC3C,EAAE;SACA;AACN,SAAO,EAAE;;;AAIb,SAAS,SAAiB;AACxB,yBAAO,IAAI,MAAM,EAAC,aAAa;;AAGjC,SAAgB,2CAA2C,IAAkB;CAC3E,eAAe,eAAe,OAA8B;EAK1D,MAAM,OAJS,MAAM,GAAG,MACtB,iEACA,CAAC,MAAM,UAAU,CAClB,EACkB,KAAK;AACxB,MAAI,CAAC,IACH,QAAO;GACL,WAAW,MAAM;GACjB,QAAQ;GACR,cAAc;GACd,cAAc;GACd,cAAc;GACf;AAEH,SAAO;GACL,WAAW,IAAI;GACf,QAAQ,IAAI;GACZ,cAAc,IAAI;GAClB,cAAc,IAAI;GAClB,cAAc,IAAI;GACnB;;CAGH,eAAe,eAAe,OAK3B;AAKD,OAJiB,MAAM,GAAG,MACxB,2EACA,CAAC,MAAM,UAAU,CAClB,EACY,KAAK,OAChB,OAAM,GAAG,QACP,0GACA;GAAC,MAAM;GAAQ,MAAM;GAAc,MAAM;GAAc,MAAM;GAAU,CACxE;MAED,OAAM,GAAG,QACP,gIACA;GACE,MAAM;GACN,MAAM;GACN,MAAM;GACN,MAAM;GACN;GACD,CACF;AAEH,SAAO,MAAM,eAAe,EAAE,WAAW,MAAM,WAAW,CAAC;;CAG7D,eAAe,WAAW,OAIvB;EACD,MAAM,KAAK,WAAW,WAAW;AACjC,QAAM,GAAG,QACP,4FACA;GAAC;GAAI,MAAM;GAAW,MAAM;GAAc,MAAM;GAAS,CAC1D;AACD,SAAO;GAAE;GAAI,GAAG;GAAO;;CAGzB,eAAe,kBAAkB,OAK9B;AACD,MAAI,CAAC,MAAM,WAAW,OAAQ,OAAM,IAAI,MAAM,uBAAuB;EAKrE,MAAM,QAJc,MAAM,GAAG,MAC3B,gDACA,CAAC,MAAM,OAAO,CACf,EACwB,KAAK;AAC9B,MAAI,CAAC,KAAM,OAAM,IAAI,MAAM,iBAAiB;EAE5C,MAAM,YAAY,MAAM,GAAG,MACzB,+EACA,CAAC,MAAM,OAAO,CACf;EAID,MAAM,UAHa,OAChB,UAAU,KAAK,IAAgC,cAAc,EAC/D,GAC4B;EAC7B,MAAM,KAAK,WAAW,SAAS;EAC/B,MAAM,YAAY,QAAQ;AAC1B,QAAM,GAAG,QACP;+DAEA;GACE;GACA,MAAM;GACN,KAAK;GACL,KAAK;GACL;GACA,MAAM;GACN;GACA,KAAK,UAAU,MAAM,WAAW;GAChC;GACA;GACA;GACD,CACF;AACD,SAAO;GACL;GACA,QAAQ,MAAM;GACd,cAAc,KAAK;GACnB,UAAU,KAAK;GACf;GACA,SAAS,MAAM;GACf,QAAQ;GACR,YAAY,MAAM;GAClB,WAAW,IAAI,KAAK,UAAU;GAC/B;;CAGH,eAAe,mBAAmB,OAG/B;EACD,MAAM,aAAa,QAAQ;AAC3B,QAAM,GAAG,QACP,+FACA;GAAC;GAAY,MAAM;GAAU;GAAY,MAAM;GAAc,CAC9D;AACD,SAAO;GAAE,eAAe,MAAM;GAAe,QAAQ;GAAqB;;CAG5E,eAAe,gBAAgB,OAI5B;EAKD,MAAM,eAJiB,MAAM,GAAG,MAC9B,mGACA,CAAC,MAAM,aAAa,CACrB,EACkC,KAChC,KAAK,MAAc,EAAqB,GAAG,CAC3C,OAAO,QAAQ;AAClB,MAAI,CAAC,YAAY,OAAQ,OAAM,IAAI,MAAM,oBAAoB;EAC7D,MAAM,KAAK,WAAW,WAAW;EACjC,MAAM,cAAc,QAAQ;AAC5B,QAAM,GAAG,QACP;qCAEA;GACE;GACA,MAAM;GACN,MAAM,SAAS,aAAa;GAC5B,KAAK,UAAU,YAAY;GAC3B;GACD,CACF;AAED,QAAM,GAAG,QACP,0EACA,CAAC,IAAI,MAAM,UAAU,CACtB;AACD,SAAO;GACL;GACA,cAAc,MAAM;GACpB,wBAAwB;GACzB;;CAGH,eAAe,SAAS,OAIrB;EAKD,MAAM,QAJa,MAAM,GAAG,MAC1B,oDACA,CAAC,MAAM,WAAW,CACnB,EACuB,KAAK;AAC7B,MAAI,CAAC,KAAM,OAAM,IAAI,MAAM,qBAAqB;AAChD,MAAI,KAAK,iBAAiB,MAAM,aAC9B,OAAM,IAAI,MAAM,wBAAwB;EAE1C,MAAM,cAAc,eAAe,KAAK,2BAA2B;EACnE,MAAM,SAAS,MAAM,MAClB,aAAa,CACb,MAAM,MAAM,CACZ,KAAK,MAAM,EAAE,MAAM,CAAC,CACpB,OAAO,QAAQ;EAElB,MAAM,QAAuD,EAAE;AAC/D,OAAK,MAAM,MAAM,aAAa;GAK5B,MAAM,MAJW,MAAM,GAAG,MACxB,wDACA,CAAC,GAAG,CACL,EACmB,KAAK;AACzB,OAAI,CAAC,GAAI;GACT,MAAM,MAAM,GAAG,QAAQ,aAAa;AAEpC,OAAI,EADU,OAAO,SAAS,OAAO,OAAO,MAAM,IAAI,SAAS,EAAE,CAAC,GAAG,MACzD;AACZ,SAAM,KAAK;IAAE,eAAe,GAAG;IAAI,SAAS,GAAG,QAAQ,MAAM,GAAG,IAAI;IAAE,CAAC;;AAEzE,SAAO,EAAE,OAAO;;CAGlB,eAAe,OAAO,OAAgD;EACpE,MAAM,MAAM,MAAM,eAAe,EAAE,WAAW,MAAM,WAAW,CAAC;AAChE,MAAI,CAAC,IAAI,aAaP,QAXgB,MAAM,sBAAsB;GAC1C,UAAU;IACR,SAAS,WAAW,QAAQ;IAC5B,QAAQ,IAAI;IACZ,cAAc;IACd,cAAc,IAAI;IAClB,mBAAmB,EAAE,cAAc,IAAI,cAAc;IACtD;GACD,UAAU,MAAM;GAChB,UAAU,aAAa,EAAE,OAAO,EAAE,EAAE;GACrC,CAAC;AAGJ,SAAO,MAAM,sBAAsB;GACjC,UAAU;IACR,SAAS,WAAW,QAAQ;IAC5B,QAAQ,IAAI;IACZ,cAAc,IAAI;IAClB,cAAc,IAAI;IAClB,mBAAmB,EAAE,cAAc,IAAI,cAAc;IACtD;GACD,UAAU,MAAM;GAChB,UAAU,OAAO,MAAM,MAAM,SAAS,EAAE;GACzC,CAAC;;CAGJ,eAAe,sBAAsB,OAMlC;EACD,MAAM,KAAK,WAAW,aAAa;AACnC,QAAM,GAAG,QACP;6CAEA;GACE;GACA,MAAM;GACN,MAAM;GACN,QAAQ;GACR,MAAM;GACN,MAAM;GACN,KAAK,UAAU,MAAM,uBAAuB;GAC7C,CACF;AACD,SAAO,EAAE,IAAI;;CAGf,eAAe,iBAAiB,OAAsC;EAKpE,MAAM,aAJa,MAAM,GAAG,MAC1B,4DACA,CAAC,MAAM,kBAAkB,CAC1B,EAC4B,KAAK;AAClC,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM,6BAA6B;EAC7D,MAAM,eACJ,UAAU,cAAc,SAAS,WAAW;EAC9C,MAAM,KAAK,WAAW,aAAa;AACnC,QAAM,GAAG,QACP;6CAEA;GAAC;GAAI,MAAM;GAAmB;GAAQ;GAAc;GAAM;GAAM;GAAK,CACtE;AACD,SAAO;GAAE;GAAI;GAAc;;CAG7B,eAAe,eAAe,OAK3B;EAKD,MAAM,QAJe,MAAM,GAAG,MAC5B,uDACA,CAAC,MAAM,aAAa,CACrB,EACyB,KAAK;AAC/B,MAAI,CAAC,KAAM,OAAM,IAAI,MAAM,wBAAwB;EAMnD,MAAM,aAJkB,MAAM,GAAG,MAC/B,4DACA,CAAC,KAAK,kBAAkB,CACzB,EACiC,KAAK;AACvC,MAAI,CAAC,UAAW,OAAM,IAAI,MAAM,6BAA6B;AAC7D,MACE,UAAU,cAAc,UACxB,MAAM,aAAa,aACnB,MAAM,kBAAkB,SAExB,OAAM,IAAI,MAAM,iBAAiB;EAGnC,MAAM,YAAY,QAAQ;AAC1B,QAAM,GAAG,QACP,2GACA;GACE;GACA,MAAM;GACN;GACA,MAAM;GACN,MAAM;GACP,CACF;AACD,SAAO;GAAE,IAAI,MAAM;GAAc,QAAQ;GAAoB;;CAG/D,eAAe,eAAe,OAAiC;EAC7D,MAAM,aAAa,MAAM,GAAG,MAC1B,2EACA,EAAE,CACH;AAID,MAHkB,OACf,WAAW,KAAK,IAAgC,SAAS,EAC3D,GACe,EAAG,OAAM,IAAI,MAAM,YAAY;EAG/C,MAAM,gBAAgB,MAAM,GAAG,MAAM,iCAAiC,EAAE,CAAC;AACzE,OAAK,MAAM,OAAO,cAAc,MAAyB;AACvD,OAAI,IAAI,aAAa,UAAW;GAKhC,MAAM,QAJkB,MAAM,GAAG,MAC/B,4DACA,CAAC,IAAI,kBAAkB,CACxB,EAC4B,KAAK;AAClC,OAAI,CAAC,KAAM;AACX,OAAI,KAAK,iBAAiB,MAAM,aAAc;GAC9C,MAAM,cAAc,eAAe,KAAK,2BAA2B;AACnE,QAAK,MAAM,QAAQ,aAAa;IAC9B,MAAM,gBAAgB,MAAM,GAAG,MAC7B,6DACA,CAAC,KAAK,CACP;AAKD,QAJe,OACZ,cAAc,KAAK,IAChB,UAAU,GACf,KACc,WAAY,OAAM,IAAI,MAAM,YAAY;;;AAG3D,SAAO,EAAE,WAAW,MAAe;;AAGrC,QAAO;EAEL;EACA;EAGA;EACA;EACA;EACA;EACA;EAGA;EAGA;EACA;EACA;EACA;EACD"}

package/dist/index.d.ts

@@ -1,5 +1,8 @@
 import example from "./example.js";
-import { PolicySafeKnowledgeAssistantFeature } from "./feature.js";
+import { PolicySafeKnowledgeAssistantFeature } from "./policy-safe-knowledge-assistant.feature.js";
 import { DEMO_FIXTURES } from "./seed/fixtures.js";
 import { AssistantAnswerIR, BuildAnswerInput, buildPolicySafeAnswer } from "./orchestrator/buildAnswer.js";
-export { AssistantAnswerIR, BuildAnswerInput, DEMO_FIXTURES, PolicySafeKnowledgeAssistantFeature, buildPolicySafeAnswer, example };
+import { PolicySafeKnowledgeAssistantDashboard } from "./ui/PolicySafeKnowledgeAssistantDashboard.js";
+import "./ui/index.js";
+import { PolicySafeKnowledgeAssistantHandlers, createPolicySafeKnowledgeAssistantHandlers } from "./handlers/policy-safe-knowledge-assistant.handlers.js";
+export { AssistantAnswerIR, BuildAnswerInput, DEMO_FIXTURES, PolicySafeKnowledgeAssistantDashboard, PolicySafeKnowledgeAssistantFeature, PolicySafeKnowledgeAssistantHandlers, buildPolicySafeAnswer, createPolicySafeKnowledgeAssistantHandlers, example };

package/dist/index.js

@@ -1,7 +1,10 @@
 import example_default from "./example.js";
-import { PolicySafeKnowledgeAssistantFeature } from "./feature.js";
+import { PolicySafeKnowledgeAssistantFeature } from "./policy-safe-knowledge-assistant.feature.js";
 import { DEMO_FIXTURES } from "./seed/fixtures.js";
 import { buildPolicySafeAnswer } from "./orchestrator/buildAnswer.js";
+import { createPolicySafeKnowledgeAssistantHandlers } from "./handlers/policy-safe-knowledge-assistant.handlers.js";
+import { PolicySafeKnowledgeAssistantDashboard } from "./ui/PolicySafeKnowledgeAssistantDashboard.js";
+import "./ui/index.js";
 import "./docs/index.js";
 
-export { DEMO_FIXTURES, PolicySafeKnowledgeAssistantFeature, buildPolicySafeAnswer, example_default as example };
+export { DEMO_FIXTURES, PolicySafeKnowledgeAssistantDashboard, PolicySafeKnowledgeAssistantFeature, buildPolicySafeAnswer, createPolicySafeKnowledgeAssistantHandlers, example_default as example };

package/dist/orchestrator/buildAnswer.js.map

@@ -1 +1 @@
-{"version":3,"file":"buildAnswer.js","names":["draft: AssistantAnswerIR"],"sources":["../../src/orchestrator/buildAnswer.ts"],"sourcesContent":["import {\n  enforceAllowedScope,\n  enforceCitations,\n  validateEnvelope,\n} from '@contractspec/example.locale-jurisdiction-gate/policy/guard';\n\ntype AllowedScope = 'education_only' | 'generic_info' | 'escalation_required';\n\nexport interface AssistantAnswerIR {\n  locale: string;\n  jurisdiction: string;\n  allowedScope: AllowedScope;\n  sections: { heading: string; body: string }[];\n  citations: {\n    kbSnapshotId: string;\n    sourceType: string;\n    sourceId: string;\n    title?: string;\n    excerpt?: string;\n  }[];\n  disclaimers?: string[];\n  riskFlags?: string[];\n  refused?: boolean;\n  refusalReason?: string;\n}\n\nexport interface BuildAnswerInput {\n  envelope: {\n    traceId: string;\n    locale: string;\n    kbSnapshotId: string;\n    allowedScope: AllowedScope;\n    regulatoryContext: { jurisdiction: string };\n  };\n  question: string;\n  kbSearch: (input: {\n    snapshotId: string;\n    jurisdiction: string;\n    query: string;\n  }) => Promise<{ items: { ruleVersionId: string; excerpt?: string }[] }>;\n}\n\n/**\n * Build a policy-safe assistant answer derived from KB search results.\n *\n * Deterministic: no LLM calls; if search yields no results, it refuses.\n */\nexport async function buildPolicySafeAnswer(\n  input: BuildAnswerInput\n): Promise<AssistantAnswerIR> {\n  const env = validateEnvelope(input.envelope);\n  if (!env.ok) {\n    return {\n      locale: input.envelope.locale ?? 'en-GB',\n      jurisdiction: input.envelope.regulatoryContext?.jurisdiction ?? 'UNKNOWN',\n      allowedScope: input.envelope.allowedScope ?? 'education_only',\n      sections: [{ heading: 'Request blocked', body: env.error.message }],\n      citations: [],\n      disclaimers: ['This system refuses to answer without a valid envelope.'],\n      riskFlags: [env.error.code],\n      refused: true,\n      refusalReason: env.error.code,\n    };\n  }\n\n  const results = await input.kbSearch({\n    snapshotId: env.value.kbSnapshotId,\n    jurisdiction: env.value.regulatoryContext?.jurisdiction ?? 'UNKNOWN',\n    query: input.question,\n  });\n\n  const citations = results.items.map((item) => ({\n    kbSnapshotId: env.value.kbSnapshotId,\n    sourceType: 'ruleVersion',\n    sourceId: item.ruleVersionId,\n    title: 'Curated rule version',\n    excerpt: item.excerpt,\n  }));\n\n  const draft: AssistantAnswerIR = {\n    locale: env.value.locale,\n    jurisdiction: env.value.regulatoryContext?.jurisdiction ?? 'UNKNOWN',\n    allowedScope: env.value.allowedScope,\n    sections: [\n      {\n        heading: 'Answer (KB-derived)',\n        body:\n          results.items.length > 0\n            ? `This answer is derived from ${results.items.length} curated rule version(s) in the referenced snapshot.`\n            : 'No curated knowledge found in the referenced snapshot.',\n      },\n    ],\n    citations,\n    disclaimers: ['Educational demo only.'],\n    riskFlags: [],\n  };\n\n  const scope = enforceAllowedScope(env.value.allowedScope, draft);\n  if (!scope.ok) {\n    return {\n      ...draft,\n      sections: [{ heading: 'Escalation required', body: scope.error.message }],\n      refused: true,\n      refusalReason: scope.error.code,\n      riskFlags: [...(draft.riskFlags ?? []), scope.error.code],\n    };\n  }\n\n  const cited = enforceCitations(draft);\n  if (!cited.ok) {\n    return {\n      ...draft,\n      sections: [{ heading: 'Request blocked', body: cited.error.message }],\n      citations: [],\n      refused: true,\n      refusalReason: cited.error.code,\n      riskFlags: [...(draft.riskFlags ?? []), cited.error.code],\n    };\n  }\n\n  return draft;\n}\n"],"mappings":";;;;;;;;AA+CA,eAAsB,sBACpB,OAC4B;CAC5B,MAAM,MAAM,iBAAiB,MAAM,SAAS;AAC5C,KAAI,CAAC,IAAI,GACP,QAAO;EACL,QAAQ,MAAM,SAAS,UAAU;EACjC,cAAc,MAAM,SAAS,mBAAmB,gBAAgB;EAChE,cAAc,MAAM,SAAS,gBAAgB;EAC7C,UAAU,CAAC;GAAE,SAAS;GAAmB,MAAM,IAAI,MAAM;GAAS,CAAC;EACnE,WAAW,EAAE;EACb,aAAa,CAAC,0DAA0D;EACxE,WAAW,CAAC,IAAI,MAAM,KAAK;EAC3B,SAAS;EACT,eAAe,IAAI,MAAM;EAC1B;CAGH,MAAM,UAAU,MAAM,MAAM,SAAS;EACnC,YAAY,IAAI,MAAM;EACtB,cAAc,IAAI,MAAM,mBAAmB,gBAAgB;EAC3D,OAAO,MAAM;EACd,CAAC;CAEF,MAAM,YAAY,QAAQ,MAAM,KAAK,UAAU;EAC7C,cAAc,IAAI,MAAM;EACxB,YAAY;EACZ,UAAU,KAAK;EACf,OAAO;EACP,SAAS,KAAK;EACf,EAAE;CAEH,MAAMA,QAA2B;EAC/B,QAAQ,IAAI,MAAM;EAClB,cAAc,IAAI,MAAM,mBAAmB,gBAAgB;EAC3D,cAAc,IAAI,MAAM;EACxB,UAAU,CACR;GACE,SAAS;GACT,MACE,QAAQ,MAAM,SAAS,IACnB,+BAA+B,QAAQ,MAAM,OAAO,wDACpD;GACP,CACF;EACD;EACA,aAAa,CAAC,yBAAyB;EACvC,WAAW,EAAE;EACd;CAED,MAAM,QAAQ,oBAAoB,IAAI,MAAM,cAAc,MAAM;AAChE,KAAI,CAAC,MAAM,GACT,QAAO;EACL,GAAG;EACH,UAAU,CAAC;GAAE,SAAS;GAAuB,MAAM,MAAM,MAAM;GAAS,CAAC;EACzE,SAAS;EACT,eAAe,MAAM,MAAM;EAC3B,WAAW,CAAC,GAAI,MAAM,aAAa,EAAE,EAAG,MAAM,MAAM,KAAK;EAC1D;CAGH,MAAM,QAAQ,iBAAiB,MAAM;AACrC,KAAI,CAAC,MAAM,GACT,QAAO;EACL,GAAG;EACH,UAAU,CAAC;GAAE,SAAS;GAAmB,MAAM,MAAM,MAAM;GAAS,CAAC;EACrE,WAAW,EAAE;EACb,SAAS;EACT,eAAe,MAAM,MAAM;EAC3B,WAAW,CAAC,GAAI,MAAM,aAAa,EAAE,EAAG,MAAM,MAAM,KAAK;EAC1D;AAGH,QAAO"}
+{"version":3,"file":"buildAnswer.js","names":[],"sources":["../../src/orchestrator/buildAnswer.ts"],"sourcesContent":["import {\n  enforceAllowedScope,\n  enforceCitations,\n  validateEnvelope,\n} from '@contractspec/example.locale-jurisdiction-gate/policy/guard';\n\ntype AllowedScope = 'education_only' | 'generic_info' | 'escalation_required';\n\nexport interface AssistantAnswerIR {\n  locale: string;\n  jurisdiction: string;\n  allowedScope: AllowedScope;\n  sections: { heading: string; body: string }[];\n  citations: {\n    kbSnapshotId: string;\n    sourceType: string;\n    sourceId: string;\n    title?: string;\n    excerpt?: string;\n  }[];\n  disclaimers?: string[];\n  riskFlags?: string[];\n  refused?: boolean;\n  refusalReason?: string;\n}\n\nexport interface BuildAnswerInput {\n  envelope: {\n    traceId: string;\n    locale: string;\n    kbSnapshotId: string;\n    allowedScope: AllowedScope;\n    regulatoryContext: { jurisdiction: string };\n  };\n  question: string;\n  kbSearch: (input: {\n    snapshotId: string;\n    jurisdiction: string;\n    query: string;\n  }) => Promise<{ items: { ruleVersionId: string; excerpt?: string }[] }>;\n}\n\n/**\n * Build a policy-safe assistant answer derived from KB search results.\n *\n * Deterministic: no LLM calls; if search yields no results, it refuses.\n */\nexport async function buildPolicySafeAnswer(\n  input: BuildAnswerInput\n): Promise<AssistantAnswerIR> {\n  const env = validateEnvelope(input.envelope);\n  if (!env.ok) {\n    return {\n      locale: input.envelope.locale ?? 'en-GB',\n      jurisdiction: input.envelope.regulatoryContext?.jurisdiction ?? 'UNKNOWN',\n      allowedScope: input.envelope.allowedScope ?? 'education_only',\n      sections: [{ heading: 'Request blocked', body: env.error.message }],\n      citations: [],\n      disclaimers: ['This system refuses to answer without a valid envelope.'],\n      riskFlags: [env.error.code],\n      refused: true,\n      refusalReason: env.error.code,\n    };\n  }\n\n  const results = await input.kbSearch({\n    snapshotId: env.value.kbSnapshotId,\n    jurisdiction: env.value.regulatoryContext?.jurisdiction ?? 'UNKNOWN',\n    query: input.question,\n  });\n\n  const citations = results.items.map((item) => ({\n    kbSnapshotId: env.value.kbSnapshotId,\n    sourceType: 'ruleVersion',\n    sourceId: item.ruleVersionId,\n    title: 'Curated rule version',\n    excerpt: item.excerpt,\n  }));\n\n  const draft: AssistantAnswerIR = {\n    locale: env.value.locale,\n    jurisdiction: env.value.regulatoryContext?.jurisdiction ?? 'UNKNOWN',\n    allowedScope: env.value.allowedScope,\n    sections: [\n      {\n        heading: 'Answer (KB-derived)',\n        body:\n          results.items.length > 0\n            ? `This answer is derived from ${results.items.length} curated rule version(s) in the referenced snapshot.`\n            : 'No curated knowledge found in the referenced snapshot.',\n      },\n    ],\n    citations,\n    disclaimers: ['Educational demo only.'],\n    riskFlags: [],\n  };\n\n  const scope = enforceAllowedScope(env.value.allowedScope, draft);\n  if (!scope.ok) {\n    return {\n      ...draft,\n      sections: [{ heading: 'Escalation required', body: scope.error.message }],\n      refused: true,\n      refusalReason: scope.error.code,\n      riskFlags: [...(draft.riskFlags ?? []), scope.error.code],\n    };\n  }\n\n  const cited = enforceCitations(draft);\n  if (!cited.ok) {\n    return {\n      ...draft,\n      sections: [{ heading: 'Request blocked', body: cited.error.message }],\n      citations: [],\n      refused: true,\n      refusalReason: cited.error.code,\n      riskFlags: [...(draft.riskFlags ?? []), cited.error.code],\n    };\n  }\n\n  return draft;\n}\n"],"mappings":";;;;;;;;AA+CA,eAAsB,sBACpB,OAC4B;CAC5B,MAAM,MAAM,iBAAiB,MAAM,SAAS;AAC5C,KAAI,CAAC,IAAI,GACP,QAAO;EACL,QAAQ,MAAM,SAAS,UAAU;EACjC,cAAc,MAAM,SAAS,mBAAmB,gBAAgB;EAChE,cAAc,MAAM,SAAS,gBAAgB;EAC7C,UAAU,CAAC;GAAE,SAAS;GAAmB,MAAM,IAAI,MAAM;GAAS,CAAC;EACnE,WAAW,EAAE;EACb,aAAa,CAAC,0DAA0D;EACxE,WAAW,CAAC,IAAI,MAAM,KAAK;EAC3B,SAAS;EACT,eAAe,IAAI,MAAM;EAC1B;CAGH,MAAM,UAAU,MAAM,MAAM,SAAS;EACnC,YAAY,IAAI,MAAM;EACtB,cAAc,IAAI,MAAM,mBAAmB,gBAAgB;EAC3D,OAAO,MAAM;EACd,CAAC;CAEF,MAAM,YAAY,QAAQ,MAAM,KAAK,UAAU;EAC7C,cAAc,IAAI,MAAM;EACxB,YAAY;EACZ,UAAU,KAAK;EACf,OAAO;EACP,SAAS,KAAK;EACf,EAAE;CAEH,MAAM,QAA2B;EAC/B,QAAQ,IAAI,MAAM;EAClB,cAAc,IAAI,MAAM,mBAAmB,gBAAgB;EAC3D,cAAc,IAAI,MAAM;EACxB,UAAU,CACR;GACE,SAAS;GACT,MACE,QAAQ,MAAM,SAAS,IACnB,+BAA+B,QAAQ,MAAM,OAAO,wDACpD;GACP,CACF;EACD;EACA,aAAa,CAAC,yBAAyB;EACvC,WAAW,EAAE;EACd;CAED,MAAM,QAAQ,oBAAoB,IAAI,MAAM,cAAc,MAAM;AAChE,KAAI,CAAC,MAAM,GACT,QAAO;EACL,GAAG;EACH,UAAU,CAAC;GAAE,SAAS;GAAuB,MAAM,MAAM,MAAM;GAAS,CAAC;EACzE,SAAS;EACT,eAAe,MAAM,MAAM;EAC3B,WAAW,CAAC,GAAI,MAAM,aAAa,EAAE,EAAG,MAAM,MAAM,KAAK;EAC1D;CAGH,MAAM,QAAQ,iBAAiB,MAAM;AACrC,KAAI,CAAC,MAAM,GACT,QAAO;EACL,GAAG;EACH,UAAU,CAAC;GAAE,SAAS;GAAmB,MAAM,MAAM,MAAM;GAAS,CAAC;EACrE,WAAW,EAAE;EACb,SAAS;EACT,eAAe,MAAM,MAAM;EAC3B,WAAW,CAAC,GAAI,MAAM,aAAa,EAAE,EAAG,MAAM,MAAM,KAAK;EAC1D;AAGH,QAAO"}

package/dist/policy-safe-knowledge-assistant.feature.d.ts

@@ -0,0 +1,7 @@
+import * as _contractspec_lib_contracts0 from "@contractspec/lib.contracts";
+
+//#region src/policy-safe-knowledge-assistant.feature.d.ts
+declare const PolicySafeKnowledgeAssistantFeature: _contractspec_lib_contracts0.FeatureModuleSpec;
+//#endregion
+export { PolicySafeKnowledgeAssistantFeature };
+//# sourceMappingURL=policy-safe-knowledge-assistant.feature.d.ts.map

package/dist/policy-safe-knowledge-assistant.feature.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-safe-knowledge-assistant.feature.d.ts","names":[],"sources":["../src/policy-safe-knowledge-assistant.feature.ts"],"sourcesContent":[],"mappings":";;;cAEa,qCAuDX,4BAAA,CAvD8C"}

package/dist/{feature.js → policy-safe-knowledge-assistant.feature.js}

@@ -1,5 +1,7 @@
-//#region src/feature.ts
-const PolicySafeKnowledgeAssistantFeature = {
+import { defineFeature } from "@contractspec/lib.contracts";
+
+//#region src/policy-safe-knowledge-assistant.feature.ts
+const PolicySafeKnowledgeAssistantFeature = defineFeature({
 	meta: {
 		key: "policy-safe-knowledge-assistant",
 		version: "1.0.0",
@@ -141,8 +143,8 @@ const PolicySafeKnowledgeAssistantFeature = {
 			version: "1.0.0"
 		}
 	] }
-};
+});
 
 //#endregion
 export { PolicySafeKnowledgeAssistantFeature };
-//# sourceMappingURL=feature.js.map
+//# sourceMappingURL=policy-safe-knowledge-assistant.feature.js.map

package/dist/policy-safe-knowledge-assistant.feature.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-safe-knowledge-assistant.feature.js","names":[],"sources":["../src/policy-safe-knowledge-assistant.feature.ts"],"sourcesContent":["import { defineFeature } from '@contractspec/lib.contracts';\n\nexport const PolicySafeKnowledgeAssistantFeature = defineFeature({\n  meta: {\n    key: 'policy-safe-knowledge-assistant',\n    version: '1.0.0',\n    title: 'Policy-safe Knowledge Assistant',\n    description:\n      'All-in-one example composing locale/jurisdiction gate + versioned KB + HITL pipeline + learning hub.',\n    domain: 'knowledge',\n    owners: ['@examples'],\n    tags: ['assistant', 'knowledge', 'policy', 'hitl', 'learning'],\n    stability: 'experimental',\n  },\n  operations: [\n    // Gate\n    { key: 'assistant.answer', version: '1.0.0' },\n    { key: 'assistant.explainConcept', version: '1.0.0' },\n    // KB\n    { key: 'kb.ingestSource', version: '1.0.0' },\n    { key: 'kb.upsertRuleVersion', version: '1.0.0' },\n    { key: 'kb.approveRuleVersion', version: '1.0.0' },\n    { key: 'kb.publishSnapshot', version: '1.0.0' },\n    { key: 'kb.search', version: '1.0.0' },\n    // Pipeline\n    { key: 'kbPipeline.runWatch', version: '1.0.0' },\n    { key: 'kbPipeline.createReviewTask', version: '1.0.0' },\n    { key: 'kbPipeline.submitDecision', version: '1.0.0' },\n    { key: 'kbPipeline.publishIfReady', version: '1.0.0' },\n  ],\n  events: [\n    { key: 'assistant.answer.requested', version: '1.0.0' },\n    { key: 'assistant.answer.blocked', version: '1.0.0' },\n    { key: 'assistant.answer.delivered', version: '1.0.0' },\n    { key: 'kb.source.ingested', version: '1.0.0' },\n    { key: 'kb.ruleVersion.created', version: '1.0.0' },\n    { key: 'kb.ruleVersion.approved', version: '1.0.0' },\n    { key: 'kb.snapshot.published', version: '1.0.0' },\n    { key: 'kb.change.detected', version: '1.0.0' },\n    { key: 'kb.review.requested', version: '1.0.0' },\n    { key: 'kb.review.decided', version: '1.0.0' },\n  ],\n  presentations: [],\n  opToPresentation: [],\n  presentationsTargets: [],\n  capabilities: {\n    requires: [\n      { key: 'identity', version: '1.0.0' },\n      { key: 'audit-trail', version: '1.0.0' },\n      { key: 'notifications', version: '1.0.0' },\n      { key: 'jobs', version: '1.0.0' },\n      { key: 'feature-flags', version: '1.0.0' },\n      { key: 'files', version: '1.0.0' },\n      { key: 'metering', version: '1.0.0' },\n      { key: 'learning-journey', version: '1.0.0' },\n    ],\n  },\n});\n"],"mappings":";;;AAEA,MAAa,sCAAsC,cAAc;CAC/D,MAAM;EACJ,KAAK;EACL,SAAS;EACT,OAAO;EACP,aACE;EACF,QAAQ;EACR,QAAQ,CAAC,YAAY;EACrB,MAAM;GAAC;GAAa;GAAa;GAAU;GAAQ;GAAW;EAC9D,WAAW;EACZ;CACD,YAAY;EAEV;GAAE,KAAK;GAAoB,SAAS;GAAS;EAC7C;GAAE,KAAK;GAA4B,SAAS;GAAS;EAErD;GAAE,KAAK;GAAmB,SAAS;GAAS;EAC5C;GAAE,KAAK;GAAwB,SAAS;GAAS;EACjD;GAAE,KAAK;GAAyB,SAAS;GAAS;EAClD;GAAE,KAAK;GAAsB,SAAS;GAAS;EAC/C;GAAE,KAAK;GAAa,SAAS;GAAS;EAEtC;GAAE,KAAK;GAAuB,SAAS;GAAS;EAChD;GAAE,KAAK;GAA+B,SAAS;GAAS;EACxD;GAAE,KAAK;GAA6B,SAAS;GAAS;EACtD;GAAE,KAAK;GAA6B,SAAS;GAAS;EACvD;CACD,QAAQ;EACN;GAAE,KAAK;GAA8B,SAAS;GAAS;EACvD;GAAE,KAAK;GAA4B,SAAS;GAAS;EACrD;GAAE,KAAK;GAA8B,SAAS;GAAS;EACvD;GAAE,KAAK;GAAsB,SAAS;GAAS;EAC/C;GAAE,KAAK;GAA0B,SAAS;GAAS;EACnD;GAAE,KAAK;GAA2B,SAAS;GAAS;EACpD;GAAE,KAAK;GAAyB,SAAS;GAAS;EAClD;GAAE,KAAK;GAAsB,SAAS;GAAS;EAC/C;GAAE,KAAK;GAAuB,SAAS;GAAS;EAChD;GAAE,KAAK;GAAqB,SAAS;GAAS;EAC/C;CACD,eAAe,EAAE;CACjB,kBAAkB,EAAE;CACpB,sBAAsB,EAAE;CACxB,cAAc,EACZ,UAAU;EACR;GAAE,KAAK;GAAY,SAAS;GAAS;EACrC;GAAE,KAAK;GAAe,SAAS;GAAS;EACxC;GAAE,KAAK;GAAiB,SAAS;GAAS;EAC1C;GAAE,KAAK;GAAQ,SAAS;GAAS;EACjC;GAAE,KAAK;GAAiB,SAAS;GAAS;EAC1C;GAAE,KAAK;GAAS,SAAS;GAAS;EAClC;GAAE,KAAK;GAAY,SAAS;GAAS;EACrC;GAAE,KAAK;GAAoB,SAAS;GAAS;EAC9C,EACF;CACF,CAAC"}

package/dist/seeders/index.d.ts

@@ -0,0 +1,10 @@
+import { DatabasePort } from "@contractspec/lib.runtime-sandbox";
+
+//#region src/seeders/index.d.ts
+declare function seedPolicyKnowledgeAssistant(params: {
+  projectId: string;
+  db: DatabasePort;
+}): Promise<void>;
+//#endregion
+export { seedPolicyKnowledgeAssistant };
+//# sourceMappingURL=index.d.ts.map

package/dist/seeders/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","names":[],"sources":["../../src/seeders/index.ts"],"sourcesContent":[],"mappings":";;;iBAEsB,4BAAA;;EAAA,EAAA,EAEhB,YAFgB;IAGrB"}

package/dist/seeders/index.js

@@ -0,0 +1,16 @@
+//#region src/seeders/index.ts
+async function seedPolicyKnowledgeAssistant(params) {
+	const { projectId, db } = params;
+	if ((await db.query(`SELECT COUNT(*) as count FROM psa_user_context WHERE "projectId" = $1`, [projectId])).rows[0]?.count > 0) return;
+	await db.execute(`INSERT INTO psa_user_context ("projectId", locale, jurisdiction, "allowedScope")
+     VALUES ($1, $2, $3, $4)`, [
+		projectId,
+		"en-GB",
+		"EU",
+		"education_only"
+	]);
+}
+
+//#endregion
+export { seedPolicyKnowledgeAssistant };
+//# sourceMappingURL=index.js.map

package/dist/seeders/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","names":[],"sources":["../../src/seeders/index.ts"],"sourcesContent":["import type { DatabasePort } from '@contractspec/lib.runtime-sandbox';\n\nexport async function seedPolicyKnowledgeAssistant(params: {\n  projectId: string;\n  db: DatabasePort;\n}) {\n  const { projectId, db } = params;\n\n  const existing = await db.query(\n    `SELECT COUNT(*) as count FROM psa_user_context WHERE \"projectId\" = $1`,\n    [projectId]\n  );\n  if ((existing.rows[0]?.count as number) > 0) return;\n\n  await db.execute(\n    `INSERT INTO psa_user_context (\"projectId\", locale, jurisdiction, \"allowedScope\")\n     VALUES ($1, $2, $3, $4)`,\n    [projectId, 'en-GB', 'EU', 'education_only']\n  );\n}\n"],"mappings":";AAEA,eAAsB,6BAA6B,QAGhD;CACD,MAAM,EAAE,WAAW,OAAO;AAM1B,MAJiB,MAAM,GAAG,MACxB,yEACA,CAAC,UAAU,CACZ,EACa,KAAK,IAAI,QAAmB,EAAG;AAE7C,OAAM,GAAG,QACP;+BAEA;EAAC;EAAW;EAAS;EAAM;EAAiB,CAC7C"}

package/dist/ui/PolicySafeKnowledgeAssistantDashboard.d.ts

@@ -0,0 +1,7 @@
+import * as react_jsx_runtime0 from "react/jsx-runtime";
+
+//#region src/ui/PolicySafeKnowledgeAssistantDashboard.d.ts
+declare function PolicySafeKnowledgeAssistantDashboard(): react_jsx_runtime0.JSX.Element;
+//#endregion
+export { PolicySafeKnowledgeAssistantDashboard };
+//# sourceMappingURL=PolicySafeKnowledgeAssistantDashboard.d.ts.map

package/dist/ui/PolicySafeKnowledgeAssistantDashboard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"PolicySafeKnowledgeAssistantDashboard.d.ts","names":[],"sources":["../../src/ui/PolicySafeKnowledgeAssistantDashboard.tsx"],"sourcesContent":[],"mappings":";;;iBAyBgB,qCAAA,CAAA,GAAqC,kBAAA,CAAA,GAAA,CAAA"}