@crowdstrike/aidr 1.0.2

package/.editorconfig

@@ -0,0 +1,9 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true

package/.github/CODEOWNERS

@@ -0,0 +1 @@
+* @kenany

package/.github/workflows/ci.yml

@@ -0,0 +1,128 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+
+  pull_request:
+    types:
+      - opened
+      - synchronize
+      - reopened
+      - ready_for_review
+
+  merge_group:
+
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - run: corepack enable
+
+      - name: Setup Node.js
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        with:
+          node-version: 24.11.1
+          cache: pnpm
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: Build
+        run: pnpm build
+
+  lint:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - run: corepack enable
+
+      - name: Setup Node.js
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        with:
+          node-version: 24.11.1
+          cache: pnpm
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: Lint
+        run: pnpm lint
+
+  test:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+
+      - run: corepack enable
+
+      - name: Setup Node.js
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        with:
+          node-version: 24.11.1
+          cache: pnpm
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: Test
+        run: ./scripts/test
+
+  release:
+    needs:
+      - build
+      - lint
+      - test
+    if: github.repository == 'crowdstrike/aidr-typescript' && github.event_name != 'pull_request'
+    runs-on: ubuntu-24.04
+    environment: release
+    permissions:
+      contents: write
+      id-token: write
+      issues: write
+      packages: write
+      pull-requests: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        with:
+          fetch-depth: 0
+          filter: blob:none
+          show-progress: false
+
+      - run: corepack enable
+
+      - name: Setup Node.js
+        uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
+        with:
+          node-version: 24.11.1
+          cache: pnpm
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: Build
+        run: pnpm build
+
+      - name: semantic-release
+        run: pnpx semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
+          LOG_LEVEL: debug

package/.pnpmfile.cjs

@@ -0,0 +1,17 @@
+// <https://github.com/pnpm/pnpm/issues/6667#issuecomment-2971121163>
+
+function afterAllResolved(lockfile) {
+  // Remove any tarball URLs from the lockfile.
+  for (const key in lockfile.packages) {
+    if (lockfile.packages[key].resolution?.tarball) {
+      delete lockfile.packages[key].resolution.tarball;
+    }
+  }
+  return lockfile;
+}
+
+module.exports = {
+  hooks: {
+    afterAllResolved,
+  },
+};

package/.releaserc.json

@@ -0,0 +1,21 @@
+{
+  "plugins": [
+    "@semantic-release/commit-analyzer",
+    "@semantic-release/release-notes-generator",
+    [
+      "@semantic-release/github",
+      {
+        "releasedLabels": false,
+        "successCommentCondition": "<% return issue.user.type !== 'Bot'; %>"
+      }
+    ],
+    "@semantic-release/npm"
+  ],
+  "branches": [
+    {
+      "name": "main"
+    }
+  ],
+  "preset": "conventionalcommits",
+  "tagFormat": "v${version}"
+}

package/LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 CrowdStrike
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,3 @@
+# CrowdStrike AIDR TypeScript SDK
+
+TypeScript SDK for CrowdStrike AIDR.

package/biome.json

@@ -0,0 +1,67 @@
+{
+  "$schema": "./node_modules/@biomejs/biome/configuration_schema.json",
+  "assist": {
+    "actions": {
+      "source": {
+        "organizeImports": "on",
+        "useSortedAttributes": "on",
+        "useSortedKeys": "off"
+      }
+    }
+  },
+  "formatter": {
+    "enabled": true,
+    "formatWithErrors": true,
+    "indentStyle": "space",
+    "indentWidth": 2,
+    "lineEnding": "lf",
+    "lineWidth": 80,
+    "attributePosition": "auto",
+    "bracketSpacing": true
+  },
+  "javascript": {
+    "formatter": {
+      "arrowParentheses": "always",
+      "bracketSameLine": false,
+      "jsxQuoteStyle": "double",
+      "quoteProperties": "asNeeded",
+      "quoteStyle": "single",
+      "semicolons": "always",
+      "trailingCommas": "es5"
+    }
+  },
+  "json": {
+    "assist": {
+      "enabled": false
+    },
+    "formatter": {
+      "enabled": true,
+      "indentStyle": "space",
+      "indentWidth": 2,
+      "lineEnding": "lf",
+      "lineWidth": 80,
+      "trailingCommas": "none"
+    },
+    "parser": {
+      "allowComments": false,
+      "allowTrailingCommas": false
+    }
+  },
+  "linter": {
+    "rules": {
+      "performance": {
+        "noBarrelFile": "off",
+        "noNamespaceImport": "off"
+      },
+      "style": {
+        "noNestedTernary": "off"
+      }
+    }
+  },
+  "vcs": {
+    "enabled": true,
+    "clientKind": "git",
+    "useIgnoreFile": true,
+    "defaultBranch": "main"
+  }
+}

package/dist/chunk.cjs

@@ -0,0 +1,34 @@
+//#region rolldown:runtime
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+	if (from && typeof from === "object" || typeof from === "function") {
+		for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
+			key = keys[i];
+			if (!__hasOwnProp.call(to, key) && key !== except) {
+				__defProp(to, key, {
+					get: ((k) => from[k]).bind(null, key),
+					enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable
+				});
+			}
+		}
+	}
+	return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", {
+	value: mod,
+	enumerable: true
+}) : target, mod));
+
+//#endregion
+
+Object.defineProperty(exports, '__toESM', {
+  enumerable: true,
+  get: function () {
+    return __toESM;
+  }
+});

package/dist/index.cjs

@@ -0,0 +1,356 @@
+const require_chunk = require('./chunk.cjs');
+const require_schemas = require('./schemas.cjs');
+let valibot = require("valibot");
+valibot = require_chunk.__toESM(valibot);
+
+//#region src/core/error.ts
+var AIDRError = class extends Error {};
+var APIError = class APIError extends AIDRError {
+	/** HTTP status for the response that caused the error */
+	status;
+	/** HTTP headers for the response that caused the error */
+	headers;
+	/** JSON body of the response that caused the error */
+	error;
+	constructor(status, error, message, headers) {
+		super(`${APIError.makeMessage(status, error, message)}`);
+		this.status = status;
+		this.headers = headers;
+		this.error = error;
+	}
+	static makeMessage(status, error, message) {
+		const msg = error?.message ? typeof error.message === "string" ? error.message : JSON.stringify(error.message) : error ? JSON.stringify(error) : message;
+		if (status && msg) return `${status} ${msg}`;
+		if (status) return `${status} status code (no body)`;
+		if (msg) return msg;
+		return "(no status code or body)";
+	}
+};
+var APIUserAbortError = class extends APIError {
+	constructor({ message } = {}) {
+		super(void 0, void 0, message || "Request was aborted.", void 0);
+	}
+};
+var APIConnectionError = class extends APIError {
+	constructor({ message, cause }) {
+		super(void 0, void 0, message || "Connection error.", void 0);
+		if (cause) this.cause = cause;
+	}
+};
+
+//#endregion
+//#region src/internal/errors.ts
+function castToError(err) {
+	if (err instanceof Error) return err;
+	if (typeof err === "object" && err !== null) {
+		try {
+			if (Object.prototype.toString.call(err) === "[object Error]") {
+				const error = new Error(err.message, err.cause ? { cause: err.cause } : {});
+				if (err.stack) error.stack = err.stack;
+				if (err.cause && !error.cause) error.cause = err.cause;
+				if (err.name) error.name = err.name;
+				return error;
+			}
+		} catch {}
+		try {
+			return new Error(JSON.stringify(err));
+		} catch {}
+	}
+	return new Error(err);
+}
+
+//#endregion
+//#region src/internal/utils/values.ts
+const startsWithSchemeRegexp = /^[a-z][a-z0-9+.-]*:/i;
+function isAbsoluteURL(url) {
+	return startsWithSchemeRegexp.test(url);
+}
+function stringifyQuery(query) {
+	return Object.entries(query).filter(([_, value]) => typeof value !== "undefined").map(([key, value]) => {
+		if (typeof value === "string" || typeof value === "number" || typeof value === "boolean") return `${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
+		if (value === null) return `${encodeURIComponent(key)}=`;
+		throw new AIDRError(`Cannot stringify type ${typeof value}; Expected string, number, boolean, or null.`);
+	}).join("&");
+}
+let isArray = (val) => (isArray = Array.isArray, isArray(val));
+const isReadonlyArray = isArray;
+
+//#endregion
+//#region src/internal/headers.ts
+const brand_privateNullableHeaders = /* @__PURE__ */ Symbol("brand.privateNullableHeaders");
+function* iterateHeaders(headers) {
+	if (!headers) return;
+	if (brand_privateNullableHeaders in headers) {
+		const { values, nulls } = headers;
+		yield* values.entries();
+		for (const name of nulls) yield [name, null];
+		return;
+	}
+	let shouldClear = false;
+	let iter;
+	if (headers instanceof Headers) iter = headers.entries();
+	else if (isReadonlyArray(headers)) iter = headers;
+	else {
+		shouldClear = true;
+		iter = Object.entries(headers ?? {});
+	}
+	for (const row of iter) {
+		const name = row[0];
+		if (typeof name !== "string") throw new TypeError("expected header name to be a string");
+		const values = isReadonlyArray(row[1]) ? row[1] : [row[1]];
+		let didClear = false;
+		for (const value of values) {
+			if (value === void 0) continue;
+			if (shouldClear && !didClear) {
+				didClear = true;
+				yield [name, null];
+			}
+			yield [name, value];
+		}
+	}
+}
+function buildHeaders(newHeaders) {
+	const targetHeaders = new Headers();
+	const nullHeaders = /* @__PURE__ */ new Set();
+	for (const headers of newHeaders) {
+		const seenHeaders = /* @__PURE__ */ new Set();
+		for (const [name, value] of iterateHeaders(headers)) {
+			const lowerName = name.toLowerCase();
+			if (!seenHeaders.has(lowerName)) {
+				targetHeaders.delete(name);
+				seenHeaders.add(lowerName);
+			}
+			if (value === null) {
+				targetHeaders.delete(name);
+				nullHeaders.add(lowerName);
+			} else {
+				targetHeaders.append(name, value);
+				nullHeaders.delete(lowerName);
+			}
+		}
+	}
+	return {
+		[brand_privateNullableHeaders]: true,
+		values: targetHeaders,
+		nulls: nullHeaders
+	};
+}
+
+//#endregion
+//#region src/internal/parse.ts
+async function defaultParseResponse(props) {
+	const { response } = props;
+	return await (async () => {
+		if (response.status === 204) return null;
+		const mediaType = response.headers.get("content-type")?.split(";")[0]?.trim();
+		if (mediaType?.includes("application/json") || mediaType?.endsWith("+json")) return await response.json();
+		return await response.text();
+	})();
+}
+
+//#endregion
+//#region src/internal/utils/sleep.ts
+function sleep(ms) {
+	return new Promise((resolve) => setTimeout(resolve, ms));
+}
+
+//#endregion
+//#region src/client.ts
+function isAcceptedResponse(response) {
+	return valibot.safeParse(require_schemas.AcceptedResponseSchema, response).success;
+}
+var Client = class {
+	/** CS AIDR API token.*/
+	token;
+	/**
+	* Template for constructing the base URL for API requests. The placeholder
+	* `{SERVICE_NAME}` will be replaced with the service name slug.
+	*/
+	baseURLTemplate;
+	timeout;
+	maxRetries;
+	maxPollingAttempts;
+	fetch;
+	_options;
+	constructor(options) {
+		if (options.token === void 0) throw new AIDRError("Client was instantiated without an API token.");
+		if (options.baseURLTemplate === void 0) throw new AIDRError("Client was instantiated without a base URL template.");
+		this.baseURLTemplate = options.baseURLTemplate;
+		this.fetch = options.fetch ?? fetch;
+		this.maxRetries = options.maxRetries ?? 2;
+		this.maxPollingAttempts = options.maxPollingAttempts ?? 5;
+		this.timeout = options.timeout ?? 6e4;
+		this.token = options.token;
+		this._options = options;
+	}
+	/**
+	* Will retrieve the result, or will return HTTP/202 if the original request
+	* is still in progress.
+	*/
+	getAsyncRequest(requestId) {
+		return this.get(`/v1/request/${requestId}`);
+	}
+	/**
+	* Polls for an async request result with exponential backoff.
+	* Continues polling until a success response is received or max attempts are reached.
+	*/
+	async pollAsyncRequest(requestId, maxAttempts) {
+		let lastResponse = null;
+		for (let attempt = 0; attempt < maxAttempts; attempt++) {
+			const response = await this.getAsyncRequest(requestId);
+			if (response.status === "Success") return response;
+			lastResponse = response;
+			if (attempt < maxAttempts - 1) await sleep(this.calculateDefaultRetryTimeoutMillis(maxAttempts - attempt - 1, maxAttempts));
+		}
+		if (lastResponse === null) throw new AIDRError("Polling failed: no response received");
+		return lastResponse;
+	}
+	async get(path, opts) {
+		return await this.methodRequest("get", path, opts);
+	}
+	async post(path, opts) {
+		return await this.methodRequest("post", path, opts);
+	}
+	async methodRequest(method, path, opts) {
+		return await this.request(Promise.resolve(opts).then((opts$1) => {
+			return {
+				method,
+				path,
+				...opts$1
+			};
+		}));
+	}
+	async request(options, remainingRetries = null) {
+		const parsed = await defaultParseResponse(await this.makeRequest(options, remainingRetries));
+		if (isAcceptedResponse(parsed)) {
+			const maxPollingAttempts = (await Promise.resolve(options)).maxPollingAttempts ?? this.maxPollingAttempts;
+			if (maxPollingAttempts <= 0) return parsed;
+			return await this.pollAsyncRequest(parsed.request_id, maxPollingAttempts);
+		}
+		return parsed;
+	}
+	async makeRequest(optionsInput, retriesRemaining) {
+		const options = await optionsInput;
+		const maxRetries = options.maxRetries ?? this.maxRetries;
+		if (retriesRemaining == null) retriesRemaining = maxRetries;
+		const { req, url, timeout } = this.buildRequest(options, { retryCount: maxRetries - retriesRemaining });
+		if (options.signal?.aborted) throw new APIUserAbortError();
+		const controller = new AbortController();
+		const response = await this.fetchWithTimeout(url, req, timeout, controller).catch(castToError);
+		if (response instanceof globalThis.Error) {
+			if (options.signal?.aborted) throw new APIUserAbortError();
+			if (retriesRemaining) return await this.retryRequest(options, retriesRemaining);
+			throw new APIConnectionError({ cause: response });
+		}
+		if (!response.ok) {
+			const shouldRetry = this.shouldRetry(response);
+			if (retriesRemaining && shouldRetry) return await this.retryRequest(options, retriesRemaining);
+		}
+		return {
+			response,
+			options,
+			controller
+		};
+	}
+	shouldRetry(response) {
+		return response.status === 408 || response.status === 409 || response.status === 429 || response.status >= 500;
+	}
+	async retryRequest(options, retriesRemaining) {
+		const maxRetries = options.maxRetries ?? this.maxRetries;
+		await sleep(this.calculateDefaultRetryTimeoutMillis(retriesRemaining, maxRetries));
+		return this.makeRequest(options, retriesRemaining - 1);
+	}
+	calculateDefaultRetryTimeoutMillis(retriesRemaining, maxRetries) {
+		const initialRetryDelay = .5;
+		const maxRetryDelay = 8;
+		const numRetries = maxRetries - retriesRemaining;
+		return Math.min(initialRetryDelay * 2 ** numRetries, maxRetryDelay) * (1 - Math.random() * .25) * 1e3;
+	}
+	async fetchWithTimeout(url, init, ms, controller) {
+		const { signal, method, ...options } = init || {};
+		if (signal) signal.addEventListener("abort", () => controller.abort());
+		const timeout = setTimeout(() => controller.abort(), ms);
+		const fetchOptions = {
+			signal: controller.signal,
+			method: "GET",
+			...options
+		};
+		if (method) fetchOptions.method = method.toUpperCase();
+		try {
+			return await this.fetch.call(void 0, url, fetchOptions);
+		} finally {
+			clearTimeout(timeout);
+		}
+	}
+	buildRequest(inputOptions, { retryCount = 0 } = {}) {
+		const options = { ...inputOptions };
+		const { method, path, query, baseURLTemplate } = options;
+		const url = this.buildURL(path, query, baseURLTemplate);
+		options.timeout = options.timeout ?? this.timeout;
+		const { bodyHeaders, body } = this.buildBody({ options });
+		return {
+			req: {
+				method,
+				headers: this.buildHeaders({
+					options: inputOptions,
+					method,
+					bodyHeaders,
+					retryCount
+				}),
+				...options.signal && { signal: options.signal },
+				...body && { body }
+			},
+			url,
+			timeout: options.timeout
+		};
+	}
+	buildURL(path, query, baseURLTemplate = this.baseURLTemplate) {
+		const url = new URL((isAbsoluteURL(path) ? path : baseURLTemplate + (baseURLTemplate.endsWith("/") && path.startsWith("/") ? path.slice(1) : path)).replaceAll("{SERVICE_NAME}", this.serviceName));
+		if (typeof query === "object" && query && !Array.isArray(query)) url.search = stringifyQuery(query);
+		return url.toString();
+	}
+	buildBody({ options: { body, headers: _rawHeaders } }) {
+		if (!body) return {
+			bodyHeaders: void 0,
+			body: void 0
+		};
+		return {
+			bodyHeaders: { "content-type": "application/json" },
+			body: JSON.stringify(body)
+		};
+	}
+	buildHeaders({ options, bodyHeaders }) {
+		return buildHeaders([
+			{
+				Accept: "application/json",
+				"User-Agent": "aidr-typescript"
+			},
+			this.authHeaders(),
+			this._options.defaultHeaders,
+			bodyHeaders,
+			options.headers
+		]).values;
+	}
+	authHeaders() {
+		return buildHeaders([{ Authorization: `Bearer ${this.token}` }]);
+	}
+};
+
+//#endregion
+//#region src/services/ai-guard.ts
+var AIGuard = class extends Client {
+	serviceName = "aiguard";
+	/**
+	* Analyze and redact content to avoid manipulation of the model, addition of
+	* malicious content, and other undesirable data transfers.
+	*/
+	guardChatCompletions(body, options) {
+		return this.post("/v1/guard_chat_completions", {
+			body,
+			...options
+		});
+	}
+};
+
+//#endregion
+exports.AIGuard = AIGuard;