@cullet/erp-core 1.2.0 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (218) hide show
  1. package/KIT_CONTEXT.md +5 -3
  2. package/README.md +160 -0
  3. package/dist/abac/index.cjs +7 -0
  4. package/dist/abac/index.d.cts +2 -0
  5. package/dist/abac/index.d.ts +2 -0
  6. package/dist/abac/index.js +2 -0
  7. package/dist/app-error.cjs +193 -0
  8. package/dist/app-error.cjs.map +1 -0
  9. package/dist/app-error.d.cts +108 -0
  10. package/dist/app-error.js +170 -0
  11. package/dist/app-error.js.map +1 -0
  12. package/dist/application/index.cjs +27 -0
  13. package/dist/application/index.d.cts +3 -0
  14. package/dist/application/index.d.ts +2 -1
  15. package/dist/application/index.js +2 -1
  16. package/dist/authorization-error.cjs +157 -0
  17. package/dist/authorization-error.cjs.map +1 -0
  18. package/dist/authorization-error.d.cts +113 -0
  19. package/dist/authorization-error.d.ts +113 -0
  20. package/dist/authorization-error.js +152 -0
  21. package/dist/authorization-error.js.map +1 -0
  22. package/dist/authorizer.port.d.cts +130 -0
  23. package/dist/authorizer.port.d.ts +130 -0
  24. package/dist/composite-authorizer.d.cts +216 -0
  25. package/dist/composite-authorizer.d.ts +216 -0
  26. package/dist/condition-evaluator.cjs +565 -0
  27. package/dist/condition-evaluator.cjs.map +1 -0
  28. package/dist/condition-evaluator.js +536 -0
  29. package/dist/condition-evaluator.js.map +1 -0
  30. package/dist/core-config.d.cts +172 -0
  31. package/dist/{gate-types.d.ts → core-config.d.ts} +78 -77
  32. package/dist/domain/index.cjs +17 -0
  33. package/dist/domain/index.d.cts +4 -0
  34. package/dist/domain/index.d.ts +2 -1
  35. package/dist/domain/index.js +2 -1
  36. package/dist/domain-event-contracts.cjs +34 -0
  37. package/dist/domain-event-contracts.cjs.map +1 -0
  38. package/dist/domain-event-contracts.d.cts +27 -0
  39. package/dist/domain-event-contracts.js +2 -1
  40. package/dist/domain-event-contracts.js.map +1 -1
  41. package/dist/domain-exception.cjs +17 -0
  42. package/dist/domain-exception.cjs.map +1 -0
  43. package/dist/domain-exception.d.cts +7 -0
  44. package/dist/entity.cjs +126 -0
  45. package/dist/entity.cjs.map +1 -0
  46. package/dist/entity.js +115 -0
  47. package/dist/entity.js.map +1 -0
  48. package/dist/errors/index.cjs +43 -0
  49. package/dist/errors/index.d.cts +4 -0
  50. package/dist/errors/index.d.ts +2 -1
  51. package/dist/errors/index.js +4 -2
  52. package/dist/exceptions/index.cjs +17 -0
  53. package/dist/exceptions/index.d.cts +5 -0
  54. package/dist/exceptions/validation-field.cjs +3 -0
  55. package/dist/exceptions/validation-field.d.cts +2 -0
  56. package/dist/gate-engine-registry.cjs +309 -0
  57. package/dist/gate-engine-registry.cjs.map +1 -0
  58. package/dist/gate-engine-registry.d.cts +82 -0
  59. package/dist/gate-engine-registry.d.ts +3 -2
  60. package/dist/gate-engine-registry.js +2 -1
  61. package/dist/gate-engine-registry.js.map +1 -1
  62. package/dist/gate-v1-payload.schema.cjs +76 -0
  63. package/dist/gate-v1-payload.schema.cjs.map +1 -0
  64. package/dist/gate-v1-payload.schema.js +1 -533
  65. package/dist/gate-v1-payload.schema.js.map +1 -1
  66. package/dist/hashing.cjs +66 -0
  67. package/dist/hashing.cjs.map +1 -0
  68. package/dist/immutable.cjs +77 -0
  69. package/dist/immutable.cjs.map +1 -0
  70. package/dist/immutable.d.cts +6 -0
  71. package/dist/index.cjs +181 -0
  72. package/dist/index.cjs.map +1 -0
  73. package/dist/index.d.cts +37 -0
  74. package/dist/index.d.ts +19 -12
  75. package/dist/index.js +15 -9
  76. package/dist/index.js.map +1 -1
  77. package/dist/invalid-state-transition-exception.cjs +47 -0
  78. package/dist/invalid-state-transition-exception.cjs.map +1 -0
  79. package/dist/invariant-violation-exception.cjs +16 -0
  80. package/dist/invariant-violation-exception.cjs.map +1 -0
  81. package/dist/not-found-error.cjs +65 -0
  82. package/dist/not-found-error.cjs.map +1 -0
  83. package/dist/not-found-error.js +1 -1
  84. package/dist/outcome.cjs +97 -0
  85. package/dist/outcome.cjs.map +1 -0
  86. package/dist/outcome.d.cts +58 -0
  87. package/dist/outcome.d.ts +1 -83
  88. package/dist/parse-gate-payload.d.cts +62 -0
  89. package/dist/parse-gate-payload.d.ts +2 -2
  90. package/dist/path.d.cts +90 -0
  91. package/dist/path.d.ts +2 -2
  92. package/dist/plugin.cjs +79 -0
  93. package/dist/plugin.cjs.map +1 -0
  94. package/dist/plugin.d.cts +85 -0
  95. package/dist/plugins/index.cjs +3 -0
  96. package/dist/plugins/index.d.cts +2 -0
  97. package/dist/policies/engines/index.cjs +10 -0
  98. package/dist/policies/engines/index.d.cts +4 -0
  99. package/dist/policies/engines/index.d.ts +1 -1
  100. package/dist/policies/engines/v1/gate/index.cjs +92 -0
  101. package/dist/policies/engines/v1/gate/index.cjs.map +1 -0
  102. package/dist/policies/engines/v1/gate/index.d.cts +121 -0
  103. package/dist/policies/engines/v1/gate/index.d.ts +2 -2
  104. package/dist/policies/engines/v1/gate/index.js +2 -1
  105. package/dist/policies/engines/v1/gate/index.js.map +1 -1
  106. package/dist/policies/index.cjs +41 -0
  107. package/dist/policies/index.d.cts +8 -0
  108. package/dist/policies/index.d.ts +3 -2
  109. package/dist/policies/index.js +2 -2
  110. package/dist/policy-bridge.cjs +437 -0
  111. package/dist/policy-bridge.cjs.map +1 -0
  112. package/dist/policy-bridge.d.cts +185 -0
  113. package/dist/policy-bridge.d.ts +185 -0
  114. package/dist/policy-bridge.js +396 -0
  115. package/dist/policy-bridge.js.map +1 -0
  116. package/dist/policy-service.cjs +1190 -0
  117. package/dist/policy-service.cjs.map +1 -0
  118. package/dist/policy-service.d.cts +559 -0
  119. package/dist/policy-service.d.ts +2 -2
  120. package/dist/policy-service.js +239 -239
  121. package/dist/policy-service.js.map +1 -1
  122. package/dist/rbac/index.cjs +9 -0
  123. package/dist/rbac/index.d.cts +3 -0
  124. package/dist/rbac/index.d.ts +3 -0
  125. package/dist/rbac/index.js +2 -0
  126. package/dist/requested-by.cjs +54 -0
  127. package/dist/requested-by.cjs.map +1 -0
  128. package/dist/requested-by.d.cts +25 -0
  129. package/dist/requested-by.d.ts +25 -0
  130. package/dist/requested-by.js +49 -0
  131. package/dist/requested-by.js.map +1 -0
  132. package/dist/result/index.cjs +7 -0
  133. package/dist/result/index.d.cts +3 -0
  134. package/dist/result/index.d.ts +2 -1
  135. package/dist/result.cjs +135 -0
  136. package/dist/result.cjs.map +1 -0
  137. package/dist/result.d.cts +84 -0
  138. package/dist/result.d.ts +84 -0
  139. package/dist/rule.cjs +327 -0
  140. package/dist/rule.cjs.map +1 -0
  141. package/dist/rule.js +298 -0
  142. package/dist/rule.js.map +1 -0
  143. package/dist/ruleset-registry.cjs +47 -0
  144. package/dist/ruleset-registry.cjs.map +1 -0
  145. package/dist/rulesets/index.cjs +3 -0
  146. package/dist/rulesets/index.d.cts +2 -0
  147. package/dist/temporal-guards.cjs +32 -0
  148. package/dist/temporal-guards.cjs.map +1 -0
  149. package/dist/temporal-use-case.cjs +139 -0
  150. package/dist/temporal-use-case.cjs.map +1 -0
  151. package/dist/temporal-use-case.d.cts +282 -0
  152. package/dist/temporal-use-case.d.ts +5 -27
  153. package/dist/temporal-use-case.js +2 -48
  154. package/dist/temporal-use-case.js.map +1 -1
  155. package/dist/unexpected-error.cjs +19 -0
  156. package/dist/unexpected-error.cjs.map +1 -0
  157. package/dist/unexpected-error.js +2 -167
  158. package/dist/unexpected-error.js.map +1 -1
  159. package/dist/use-case.cjs +96 -0
  160. package/dist/use-case.cjs.map +1 -0
  161. package/dist/uuid-identifier.cjs +65 -0
  162. package/dist/uuid-identifier.cjs.map +1 -0
  163. package/dist/uuid-identifier.d.cts +147 -0
  164. package/dist/uuid-identifier.d.ts +2 -85
  165. package/dist/validation-code.cjs +60 -0
  166. package/dist/validation-code.cjs.map +1 -0
  167. package/dist/validation-code.d.cts +23 -0
  168. package/dist/validation-error.cjs +887 -0
  169. package/dist/validation-error.cjs.map +1 -0
  170. package/dist/validation-error.d.cts +681 -0
  171. package/dist/validation-error.d.ts +2 -98
  172. package/dist/validation-error.js +7 -134
  173. package/dist/validation-error.js.map +1 -1
  174. package/dist/validation-exception.cjs +41 -0
  175. package/dist/validation-exception.cjs.map +1 -0
  176. package/dist/validation-exception.d.cts +50 -0
  177. package/dist/validation-field.cjs +28 -0
  178. package/dist/validation-field.cjs.map +1 -0
  179. package/dist/validation-field.d.cts +12 -0
  180. package/dist/value-object-ruleset.contracts.d.cts +36 -0
  181. package/dist/value-object.cjs +85 -0
  182. package/dist/value-object.cjs.map +1 -0
  183. package/dist/value-object.d.cts +89 -0
  184. package/dist/value-object.d.ts +89 -0
  185. package/dist/value-object.js +1 -112
  186. package/dist/value-object.js.map +1 -1
  187. package/dist/version.d.cts +10 -0
  188. package/dist/versioning/index.cjs +7 -0
  189. package/dist/versioning/index.d.cts +3 -0
  190. package/meta.json +19 -4
  191. package/package.json +173 -28
  192. package/src/abac/index.ts +1 -0
  193. package/src/core/abac/abac-request.ts +29 -0
  194. package/src/core/abac/attributes.ts +39 -0
  195. package/src/core/abac/authorizer.ts +108 -0
  196. package/src/core/abac/combining.ts +63 -0
  197. package/src/core/abac/composite-authorizer.ts +45 -0
  198. package/src/core/abac/domain/policy-set.ts +52 -0
  199. package/src/core/abac/domain/rule.ts +197 -0
  200. package/src/core/abac/index.ts +21 -0
  201. package/src/core/application/ports/abac-authorizer.port.ts +20 -0
  202. package/src/core/application/ports/authorizer.port.ts +22 -0
  203. package/src/core/errors/authorization-error.ts +26 -0
  204. package/src/core/errors/error-codes.ts +1 -0
  205. package/src/core/index.ts +7 -0
  206. package/src/core/rbac/access-request.ts +32 -0
  207. package/src/core/rbac/authorizer.ts +91 -0
  208. package/src/core/rbac/domain/grant.ts +96 -0
  209. package/src/core/rbac/domain/permission-set.ts +67 -0
  210. package/src/core/rbac/domain/permission.ts +119 -0
  211. package/src/core/rbac/domain/role.ts +101 -0
  212. package/src/core/rbac/domain/scope.ts +84 -0
  213. package/src/core/rbac/index.ts +15 -0
  214. package/src/core/rbac/policy-bridge.ts +44 -0
  215. package/src/examples/application/authorize-cancel-order-abac.example.ts +107 -0
  216. package/src/examples/application/authorize-cancel-order.example.ts +101 -0
  217. package/src/rbac/index.ts +1 -0
  218. package/src/version.ts +1 -1
@@ -0,0 +1 @@
1
+ {"version":3,"file":"invalid-state-transition-exception.cjs","names":["DomainException","DomainException","DomainException"],"sources":["../src/core/exceptions/business-rule-violation-exception.ts","../src/core/exceptions/entity-not-found-exception.ts","../src/core/exceptions/invalid-state-transition-exception.ts"],"sourcesContent":["import { DomainException } from \"./domain-exception.js\";\n\nclass BusinessRuleViolationException extends DomainException {\n constructor(\n public readonly rule: string,\n message: string,\n ) {\n super(message);\n }\n}\n\nexport { BusinessRuleViolationException };\n","import { DomainException } from \"./domain-exception.js\";\n\nclass EntityNotFoundException extends DomainException {\n constructor(\n public readonly entityName: string,\n public readonly identifier: string,\n ) {\n super(`${entityName} with identifier ${identifier} was not found.`);\n }\n}\n\nexport { EntityNotFoundException };\n","import { DomainException } from \"./domain-exception.js\";\n\nclass InvalidStateTransitionException<\n TState extends string = string,\n> extends DomainException {\n constructor(\n public readonly from: TState,\n public readonly to: TState,\n message: string,\n ) {\n super(message);\n }\n}\n\nexport { InvalidStateTransitionException };\n"],"mappings":";;AAEA,IAAM,iCAAN,cAA6CA,yBAAAA,gBAAgB;CACzD,YACI,MACA,SACF;EACE,MAAM,OAAO;EAHG,KAAA,OAAA;CAIpB;AACJ;;;ACPA,IAAM,0BAAN,cAAsCC,yBAAAA,gBAAgB;CAClD,YACI,YACA,YACF;EACE,MAAM,GAAG,WAAW,mBAAmB,WAAW,gBAAgB;EAHlD,KAAA,aAAA;EACA,KAAA,aAAA;CAGpB;AACJ;;;ACPA,IAAM,kCAAN,cAEUC,yBAAAA,gBAAgB;CACtB,YACI,MACA,IACA,SACF;EACE,MAAM,OAAO;EAJG,KAAA,OAAA;EACA,KAAA,KAAA;CAIpB;AACJ"}
@@ -0,0 +1,16 @@
1
+ const require_domain_exception = require("./domain-exception.cjs");
2
+ //#region src/core/exceptions/invariant-violation-exception.ts
3
+ var InvariantViolationException = class extends require_domain_exception.DomainException {
4
+ constructor(message) {
5
+ super(message);
6
+ }
7
+ };
8
+ //#endregion
9
+ Object.defineProperty(exports, "InvariantViolationException", {
10
+ enumerable: true,
11
+ get: function() {
12
+ return InvariantViolationException;
13
+ }
14
+ });
15
+
16
+ //# sourceMappingURL=invariant-violation-exception.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"invariant-violation-exception.cjs","names":["DomainException"],"sources":["../src/core/exceptions/invariant-violation-exception.ts"],"sourcesContent":["import { DomainException } from \"./domain-exception.js\";\n\nclass InvariantViolationException extends DomainException {\n constructor(message: string) {\n super(message);\n }\n}\n\nexport { InvariantViolationException };\n"],"mappings":";;AAEA,IAAM,8BAAN,cAA0CA,yBAAAA,gBAAgB;CACtD,YAAY,SAAiB;EACzB,MAAM,OAAO;CACjB;AACJ"}
@@ -0,0 +1,65 @@
1
+ const require_app_error = require("./app-error.cjs");
2
+ //#region src/core/errors/business-rule-violation-error.ts
3
+ var BusinessRuleViolationError = class extends require_app_error.AppError {
4
+ constructor(rule, message, detail, options) {
5
+ const baseMetadata = detail ? {
6
+ rule,
7
+ detail
8
+ } : { rule };
9
+ const mergedMetadata = options?.metadata ? {
10
+ ...baseMetadata,
11
+ ...options.metadata
12
+ } : baseMetadata;
13
+ super(message, require_app_error.ErrorCodes.businessRuleViolation, {
14
+ ...options,
15
+ metadata: mergedMetadata
16
+ });
17
+ }
18
+ };
19
+ //#endregion
20
+ //#region src/core/errors/not-found-error.ts
21
+ /**
22
+ * Raised when a requested resource does not exist. Maps naturally onto an HTTP
23
+ * 404 at the edge, but stays transport-agnostic here.
24
+ *
25
+ * The `resource` name builds the message (`"<resource> not found"`) and, with
26
+ * the optional lookup `criteria`, lands in the metadata so logs show *what* was
27
+ * searched for without the caller having to restate it in the message.
28
+ */
29
+ var NotFoundError = class extends require_app_error.AppError {
30
+ /**
31
+ * @param resource - Human-readable name of the missing resource (e.g. `"Order"`).
32
+ * @param criteria - Optional lookup keys used in the search; recorded in
33
+ * metadata to aid debugging. Avoid putting sensitive values here.
34
+ * @param options - Optional cause, correlation ids, and extra metadata.
35
+ */
36
+ constructor(resource, criteria, options) {
37
+ const baseMetadata = criteria ? {
38
+ resource,
39
+ criteria
40
+ } : { resource };
41
+ const mergedMetadata = options?.metadata ? {
42
+ ...baseMetadata,
43
+ ...options.metadata
44
+ } : baseMetadata;
45
+ super(`${resource} not found`, require_app_error.ErrorCodes.notFound, {
46
+ ...options,
47
+ metadata: mergedMetadata
48
+ });
49
+ }
50
+ };
51
+ //#endregion
52
+ Object.defineProperty(exports, "BusinessRuleViolationError", {
53
+ enumerable: true,
54
+ get: function() {
55
+ return BusinessRuleViolationError;
56
+ }
57
+ });
58
+ Object.defineProperty(exports, "NotFoundError", {
59
+ enumerable: true,
60
+ get: function() {
61
+ return NotFoundError;
62
+ }
63
+ });
64
+
65
+ //# sourceMappingURL=not-found-error.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"not-found-error.cjs","names":["AppError","ErrorCodes","AppError","ErrorCodes"],"sources":["../src/core/errors/business-rule-violation-error.ts","../src/core/errors/not-found-error.ts"],"sourcesContent":["import { AppError } from \"./app-error.js\";\nimport { ErrorCodes } from \"./error-codes.js\";\nimport type { AppErrorOptions } from \"./types.js\";\n\n// ─────────────────────────────────────────────────────────────────────────────\n// BusinessRuleViolationError\n// ─────────────────────────────────────────────────────────────────────────────\n\nclass BusinessRuleViolationError extends AppError {\n constructor(\n rule: string,\n message: string,\n detail?: Record<string, unknown>,\n options?: AppErrorOptions,\n ) {\n const baseMetadata = detail ? { rule, detail } : { rule };\n const mergedMetadata = options?.metadata\n ? { ...baseMetadata, ...options.metadata }\n : baseMetadata;\n\n super(message, ErrorCodes.businessRuleViolation, {\n ...options,\n metadata: mergedMetadata,\n });\n }\n}\n\nexport { BusinessRuleViolationError };\n","import { AppError } from \"./app-error.js\";\nimport { ErrorCodes } from \"./error-codes.js\";\nimport type { AppErrorOptions } from \"./types.js\";\n\n// ─────────────────────────────────────────────────────────────────────────────\n// NotFoundError\n// ─────────────────────────────────────────────────────────────────────────────\n\n/**\n * Raised when a requested resource does not exist. Maps naturally onto an HTTP\n * 404 at the edge, but stays transport-agnostic here.\n *\n * The `resource` name builds the message (`\"<resource> not found\"`) and, with\n * the optional lookup `criteria`, lands in the metadata so logs show *what* was\n * searched for without the caller having to restate it in the message.\n */\nclass NotFoundError extends AppError {\n /**\n * @param resource - Human-readable name of the missing resource (e.g. `\"Order\"`).\n * @param criteria - Optional lookup keys used in the search; recorded in\n * metadata to aid debugging. Avoid putting sensitive values here.\n * @param options - Optional cause, correlation ids, and extra metadata.\n */\n constructor(\n resource: string,\n criteria?: Record<string, unknown>,\n options?: AppErrorOptions,\n ) {\n const baseMetadata = criteria ? { resource, criteria } : { resource };\n const mergedMetadata = options?.metadata\n ? { ...baseMetadata, ...options.metadata }\n : baseMetadata;\n\n super(`${resource} not found`, ErrorCodes.notFound, {\n ...options,\n metadata: mergedMetadata,\n });\n }\n}\n\nexport { NotFoundError };\n"],"mappings":";;AAQA,IAAM,6BAAN,cAAyCA,kBAAAA,SAAS;CAC9C,YACI,MACA,SACA,QACA,SACF;EACE,MAAM,eAAe,SAAS;GAAE;GAAM;EAAO,IAAI,EAAE,KAAK;EACxD,MAAM,iBAAiB,SAAS,WAC1B;GAAE,GAAG;GAAc,GAAG,QAAQ;EAAS,IACvC;EAEN,MAAM,SAASC,kBAAAA,WAAW,uBAAuB;GAC7C,GAAG;GACH,UAAU;EACd,CAAC;CACL;AACJ;;;;;;;;;;;ACTA,IAAM,gBAAN,cAA4BC,kBAAAA,SAAS;;;;;;;CAOjC,YACI,UACA,UACA,SACF;EACE,MAAM,eAAe,WAAW;GAAE;GAAU;EAAS,IAAI,EAAE,SAAS;EACpE,MAAM,iBAAiB,SAAS,WAC1B;GAAE,GAAG;GAAc,GAAG,QAAQ;EAAS,IACvC;EAEN,MAAM,GAAG,SAAS,aAAaC,kBAAAA,WAAW,UAAU;GAChD,GAAG;GACH,UAAU;EACd,CAAC;CACL;AACJ"}
@@ -1,4 +1,4 @@
1
- import { i as ErrorCodes, n as AppError } from "./unexpected-error.js";
1
+ import { r as ErrorCodes, t as AppError } from "./app-error.js";
2
2
  //#region src/core/errors/business-rule-violation-error.ts
3
3
  var BusinessRuleViolationError = class extends AppError {
4
4
  constructor(rule, message, detail, options) {
@@ -0,0 +1,97 @@
1
+ const require_invariant_violation_exception = require("./invariant-violation-exception.cjs");
2
+ //#region src/core/result/outcome.ts
3
+ /**
4
+ * Outcome — Business decision abstraction.
5
+ *
6
+ * Represents the semantic result of a domain decision, policy evaluation,
7
+ * or business rule. NOT for technical success/failure — use Result for that.
8
+ *
9
+ * Mental model:
10
+ * "What was the business decision?"
11
+ * NOT "Did the operation succeed?"
12
+ *
13
+ * The status axis represents valid business outcomes (APPROVED, REJECTED,
14
+ * ALLOW, DENY, NO_OP, etc.), never technical Ok/Err.
15
+ *
16
+ * @typeParam S - Union of valid status literals for this outcome
17
+ * @typeParam D - Shape of the decision data carried by this outcome
18
+ */
19
+ var Outcome = class Outcome {
20
+ constructor(status, data, reason, metadata) {
21
+ this.status = status;
22
+ this.data = data;
23
+ this.reason = reason;
24
+ this.metadata = metadata;
25
+ Object.freeze(this);
26
+ }
27
+ static of(status, data, reason, metadata) {
28
+ return new Outcome(status, data, reason, Object.freeze({ ...metadata }));
29
+ }
30
+ static approved(data, reason) {
31
+ return new Outcome("APPROVED", data, reason, Object.freeze({}));
32
+ }
33
+ static rejected(data, reason) {
34
+ return new Outcome("REJECTED", data, reason, Object.freeze({}));
35
+ }
36
+ static noOp(data, reason) {
37
+ return new Outcome("NO_OP", data, reason, Object.freeze({}));
38
+ }
39
+ static deferred(data, reason) {
40
+ return new Outcome("DEFERRED", data, reason, Object.freeze({}));
41
+ }
42
+ static requiresReview(data, reason) {
43
+ return new Outcome("REQUIRES_REVIEW", data, reason, Object.freeze({}));
44
+ }
45
+ /**
46
+ * Narrows this Outcome to a specific status.
47
+ *
48
+ * @example
49
+ * if (outcome.is('DENY')) {
50
+ * outcome.data.violations // TS knows status is 'DENY'
51
+ * }
52
+ */
53
+ is(status) {
54
+ return this.status === status;
55
+ }
56
+ /**
57
+ * Exhaustive pattern match over all possible statuses.
58
+ * TypeScript enforces that every status has a handler.
59
+ *
60
+ * @example
61
+ * outcome.match({
62
+ * ALLOW: (o) => handleAllow(o.data),
63
+ * DENY: (o) => handleDeny(o.data.violations),
64
+ * })
65
+ */
66
+ match(handlers) {
67
+ const handler = handlers[this.status];
68
+ if (typeof handler !== "function") {
69
+ const availableStatuses = Object.keys(handlers);
70
+ throw new require_invariant_violation_exception.InvariantViolationException(`Outcome.match is missing a handler for runtime status "${this.status}". Available handlers: ${availableStatuses.join(", ") || "(none)"}`);
71
+ }
72
+ return handler(this);
73
+ }
74
+ withMetadata(extra) {
75
+ return new Outcome(this.status, this.data, this.reason, Object.freeze({
76
+ ...this.metadata,
77
+ ...extra
78
+ }));
79
+ }
80
+ withReason(reason) {
81
+ return new Outcome(this.status, this.data, reason, this.metadata);
82
+ }
83
+ toString() {
84
+ const parts = [this.status];
85
+ if (this.reason) parts.push(`reason="${this.reason}"`);
86
+ return `Outcome(${parts.join(", ")})`;
87
+ }
88
+ };
89
+ //#endregion
90
+ Object.defineProperty(exports, "Outcome", {
91
+ enumerable: true,
92
+ get: function() {
93
+ return Outcome;
94
+ }
95
+ });
96
+
97
+ //# sourceMappingURL=outcome.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"outcome.cjs","names":["InvariantViolationException"],"sources":["../src/core/result/outcome.ts"],"sourcesContent":["// core/domain/outcome.ts\n\nimport { InvariantViolationException } from \"../exceptions/invariant-violation-exception.js\";\n\n/**\n * Outcome — Business decision abstraction.\n *\n * Represents the semantic result of a domain decision, policy evaluation,\n * or business rule. NOT for technical success/failure — use Result for that.\n *\n * Mental model:\n * \"What was the business decision?\"\n * NOT \"Did the operation succeed?\"\n *\n * The status axis represents valid business outcomes (APPROVED, REJECTED,\n * ALLOW, DENY, NO_OP, etc.), never technical Ok/Err.\n *\n * @typeParam S - Union of valid status literals for this outcome\n * @typeParam D - Shape of the decision data carried by this outcome\n */\nexport class Outcome<S extends string, D = undefined> {\n readonly status: S;\n readonly data: D;\n readonly reason: string | undefined;\n readonly metadata: Readonly<Record<string, unknown>>;\n\n private constructor(\n status: S,\n data: D,\n reason: string | undefined,\n metadata: Readonly<Record<string, unknown>>,\n ) {\n this.status = status;\n this.data = data;\n this.reason = reason;\n this.metadata = metadata;\n Object.freeze(this);\n }\n\n // ─── Generic factory ────────────────────────────────────────────────\n\n static of<S extends string, D = undefined>(\n status: S,\n data: D,\n reason?: string,\n metadata?: Record<string, unknown>,\n ): Outcome<S, D> {\n return new Outcome(\n status,\n data,\n reason,\n Object.freeze({ ...metadata }),\n );\n }\n\n // ─── Convenience factories for common business statuses ─────────────\n\n static approved<D = undefined>(\n data: D,\n reason?: string,\n ): Outcome<\"APPROVED\", D> {\n return new Outcome(\"APPROVED\", data, reason, Object.freeze({}));\n }\n\n static rejected<D = undefined>(\n data: D,\n reason: string,\n ): Outcome<\"REJECTED\", D> {\n return new Outcome(\"REJECTED\", data, reason, Object.freeze({}));\n }\n\n static noOp<D = undefined>(data: D, reason?: string): Outcome<\"NO_OP\", D> {\n return new Outcome(\"NO_OP\", data, reason, Object.freeze({}));\n }\n\n static deferred<D = undefined>(\n data: D,\n reason: string,\n ): Outcome<\"DEFERRED\", D> {\n return new Outcome(\"DEFERRED\", data, reason, Object.freeze({}));\n }\n\n static requiresReview<D = undefined>(\n data: D,\n reason: string,\n ): Outcome<\"REQUIRES_REVIEW\", D> {\n return new Outcome(\"REQUIRES_REVIEW\", data, reason, Object.freeze({}));\n }\n\n // ─── Type narrowing ────────────────────────────────────────────────\n\n /**\n * Narrows this Outcome to a specific status.\n *\n * @example\n * if (outcome.is('DENY')) {\n * outcome.data.violations // TS knows status is 'DENY'\n * }\n */\n is<T extends S>(status: T): this is Outcome<T, D> {\n return (this.status as string) === status;\n }\n\n // ─── Exhaustive match ──────────────────────────────────────────────\n\n /**\n * Exhaustive pattern match over all possible statuses.\n * TypeScript enforces that every status has a handler.\n *\n * @example\n * outcome.match({\n * ALLOW: (o) => handleAllow(o.data),\n * DENY: (o) => handleDeny(o.data.violations),\n * })\n */\n match<THandlers extends { [K in S]: (outcome: Outcome<K, D>) => unknown }>(\n handlers: THandlers,\n ): ReturnType<THandlers[S]> {\n const handler = (\n handlers as Partial<Record<string, (o: unknown) => unknown>>\n )[this.status];\n\n if (typeof handler !== \"function\") {\n const availableStatuses = Object.keys(handlers);\n throw new InvariantViolationException(\n `Outcome.match is missing a handler for runtime status \"${this.status}\". Available handlers: ${availableStatuses.join(\", \") || \"(none)\"}`,\n );\n }\n\n return handler(this) as ReturnType<THandlers[S]>;\n }\n\n // ─── Derived copies ────────────────────────────────────────────────\n\n withMetadata(extra: Record<string, unknown>): Outcome<S, D> {\n return new Outcome(\n this.status,\n this.data,\n this.reason,\n Object.freeze({ ...this.metadata, ...extra }),\n );\n }\n\n withReason(reason: string): Outcome<S, D> {\n return new Outcome(this.status, this.data, reason, this.metadata);\n }\n\n // ─── Debug ─────────────────────────────────────────────────────────\n\n toString(): string {\n const parts: string[] = [this.status];\n if (this.reason) parts.push(`reason=\"${this.reason}\"`);\n return `Outcome(${parts.join(\", \")})`;\n }\n}\n\n/** Common business outcome statuses. Extend per domain as needed. */\nexport type CommonOutcomeStatus =\n | \"APPROVED\"\n | \"REJECTED\"\n | \"NO_OP\"\n | \"DEFERRED\"\n | \"REQUIRES_REVIEW\";\n"],"mappings":";;;;;;;;;;;;;;;;;;AAoBA,IAAa,UAAb,MAAa,QAAyC;CAMlD,YACI,QACA,MACA,QACA,UACF;EACE,KAAK,SAAS;EACd,KAAK,OAAO;EACZ,KAAK,SAAS;EACd,KAAK,WAAW;EAChB,OAAO,OAAO,IAAI;CACtB;CAIA,OAAO,GACH,QACA,MACA,QACA,UACa;EACb,OAAO,IAAI,QACP,QACA,MACA,QACA,OAAO,OAAO,EAAE,GAAG,SAAS,CAAC,CACjC;CACJ;CAIA,OAAO,SACH,MACA,QACsB;EACtB,OAAO,IAAI,QAAQ,YAAY,MAAM,QAAQ,OAAO,OAAO,CAAC,CAAC,CAAC;CAClE;CAEA,OAAO,SACH,MACA,QACsB;EACtB,OAAO,IAAI,QAAQ,YAAY,MAAM,QAAQ,OAAO,OAAO,CAAC,CAAC,CAAC;CAClE;CAEA,OAAO,KAAoB,MAAS,QAAsC;EACtE,OAAO,IAAI,QAAQ,SAAS,MAAM,QAAQ,OAAO,OAAO,CAAC,CAAC,CAAC;CAC/D;CAEA,OAAO,SACH,MACA,QACsB;EACtB,OAAO,IAAI,QAAQ,YAAY,MAAM,QAAQ,OAAO,OAAO,CAAC,CAAC,CAAC;CAClE;CAEA,OAAO,eACH,MACA,QAC6B;EAC7B,OAAO,IAAI,QAAQ,mBAAmB,MAAM,QAAQ,OAAO,OAAO,CAAC,CAAC,CAAC;CACzE;;;;;;;;;CAYA,GAAgB,QAAkC;EAC9C,OAAQ,KAAK,WAAsB;CACvC;;;;;;;;;;;CAcA,MACI,UACwB;EACxB,MAAM,UACF,SACF,KAAK;EAEP,IAAI,OAAO,YAAY,YAAY;GAC/B,MAAM,oBAAoB,OAAO,KAAK,QAAQ;GAC9C,MAAM,IAAIA,sCAAAA,4BACN,0DAA0D,KAAK,OAAO,yBAAyB,kBAAkB,KAAK,IAAI,KAAK,UACnI;EACJ;EAEA,OAAO,QAAQ,IAAI;CACvB;CAIA,aAAa,OAA+C;EACxD,OAAO,IAAI,QACP,KAAK,QACL,KAAK,MACL,KAAK,QACL,OAAO,OAAO;GAAE,GAAG,KAAK;GAAU,GAAG;EAAM,CAAC,CAChD;CACJ;CAEA,WAAW,QAA+B;EACtC,OAAO,IAAI,QAAQ,KAAK,QAAQ,KAAK,MAAM,QAAQ,KAAK,QAAQ;CACpE;CAIA,WAAmB;EACf,MAAM,QAAkB,CAAC,KAAK,MAAM;EACpC,IAAI,KAAK,QAAQ,MAAM,KAAK,WAAW,KAAK,OAAO,EAAE;EACrD,OAAO,WAAW,MAAM,KAAK,IAAI,EAAE;CACvC;AACJ"}
@@ -0,0 +1,58 @@
1
+ //#region src/core/result/outcome.d.ts
2
+ /**
3
+ * Outcome — Business decision abstraction.
4
+ *
5
+ * Represents the semantic result of a domain decision, policy evaluation,
6
+ * or business rule. NOT for technical success/failure — use Result for that.
7
+ *
8
+ * Mental model:
9
+ * "What was the business decision?"
10
+ * NOT "Did the operation succeed?"
11
+ *
12
+ * The status axis represents valid business outcomes (APPROVED, REJECTED,
13
+ * ALLOW, DENY, NO_OP, etc.), never technical Ok/Err.
14
+ *
15
+ * @typeParam S - Union of valid status literals for this outcome
16
+ * @typeParam D - Shape of the decision data carried by this outcome
17
+ */
18
+ declare class Outcome<S extends string, D = undefined> {
19
+ readonly status: S;
20
+ readonly data: D;
21
+ readonly reason: string | undefined;
22
+ readonly metadata: Readonly<Record<string, unknown>>;
23
+ private constructor();
24
+ static of<S extends string, D = undefined>(status: S, data: D, reason?: string, metadata?: Record<string, unknown>): Outcome<S, D>;
25
+ static approved<D = undefined>(data: D, reason?: string): Outcome<"APPROVED", D>;
26
+ static rejected<D = undefined>(data: D, reason: string): Outcome<"REJECTED", D>;
27
+ static noOp<D = undefined>(data: D, reason?: string): Outcome<"NO_OP", D>;
28
+ static deferred<D = undefined>(data: D, reason: string): Outcome<"DEFERRED", D>;
29
+ static requiresReview<D = undefined>(data: D, reason: string): Outcome<"REQUIRES_REVIEW", D>;
30
+ /**
31
+ * Narrows this Outcome to a specific status.
32
+ *
33
+ * @example
34
+ * if (outcome.is('DENY')) {
35
+ * outcome.data.violations // TS knows status is 'DENY'
36
+ * }
37
+ */
38
+ is<T extends S>(status: T): this is Outcome<T, D>;
39
+ /**
40
+ * Exhaustive pattern match over all possible statuses.
41
+ * TypeScript enforces that every status has a handler.
42
+ *
43
+ * @example
44
+ * outcome.match({
45
+ * ALLOW: (o) => handleAllow(o.data),
46
+ * DENY: (o) => handleDeny(o.data.violations),
47
+ * })
48
+ */
49
+ match<THandlers extends { [K in S]: (outcome: Outcome<K, D>) => unknown }>(handlers: THandlers): ReturnType<THandlers[S]>;
50
+ withMetadata(extra: Record<string, unknown>): Outcome<S, D>;
51
+ withReason(reason: string): Outcome<S, D>;
52
+ toString(): string;
53
+ }
54
+ /** Common business outcome statuses. Extend per domain as needed. */
55
+ type CommonOutcomeStatus = "APPROVED" | "REJECTED" | "NO_OP" | "DEFERRED" | "REQUIRES_REVIEW";
56
+ //#endregion
57
+ export { Outcome as n, CommonOutcomeStatus as t };
58
+ //# sourceMappingURL=outcome.d.cts.map
package/dist/outcome.d.ts CHANGED
@@ -1,85 +1,3 @@
1
- //#region src/core/result/result.d.ts
2
- /**
3
- * Represents the outcome of an operation that may succeed or fail.
4
- * Useful for avoiding excessive exceptions and making error flows explicit.
5
- */
6
- declare abstract class Result<T, E> {
7
- protected constructor();
8
- /**
9
- * Creates a success result containing a value.
10
- */
11
- static ok<T>(value: T): Result<T, never>;
12
- /**
13
- * Creates an error result containing an error object.
14
- */
15
- static err<E>(error: E): Result<never, E>;
16
- /**
17
- * Returns true when this is a success result.
18
- */
19
- abstract isOk(): this is Ok<T>;
20
- /**
21
- * Returns true when this is an error result.
22
- */
23
- abstract isErr(): this is Err<E>;
24
- /**
25
- * Runs a handler based on the result state (similar to pattern matching).
26
- */
27
- abstract match<R>(handlers: {
28
- ok: (value: T) => R;
29
- err: (error: E) => R;
30
- }): R;
31
- /**
32
- * Returns the value when this is success, or null when this is an error.
33
- */
34
- getOrNull(): T | null;
35
- /**
36
- * Returns the error when this is a failure, or null when this is a success.
37
- */
38
- errorOrNull(): E | null;
39
- /**
40
- * Returns the value when this is a success, or throws the error when this is a failure.
41
- */
42
- getOrThrow(): T;
43
- /**
44
- * Transforms the success value using the provided function. Keeps the error when this is a failure.
45
- */
46
- map<R>(transform: (value: T) => R): Result<R, E>;
47
- /**
48
- * Transforms the error using the provided function. Keeps the value when this is a success.
49
- */
50
- mapError<F>(transform: (error: E) => F): Result<T, F>;
51
- /**
52
- * Chains another operation that returns a Result when this result is a success.
53
- */
54
- flatMap<R>(transform: (value: T) => Result<R, E>): Result<R, E>;
55
- }
56
- /**
57
- * Success variant of Result.
58
- */
59
- declare class Ok<T> extends Result<T, never> {
60
- readonly value: T;
61
- constructor(value: T);
62
- isOk(): this is Ok<T>;
63
- isErr(): this is Err<never>;
64
- match<R>(handlers: {
65
- ok: (value: T) => R;
66
- err: (error: never) => R;
67
- }): R;
68
- }
69
- /**
70
- * Error variant of Result.
71
- */
72
- declare class Err<E> extends Result<never, E> {
73
- readonly error: E;
74
- constructor(error: E);
75
- isOk(): this is Ok<never>;
76
- isErr(): this is Err<E>;
77
- match<R>(handlers: {
78
- ok: (value: never) => R;
79
- err: (error: E) => R;
80
- }): R;
81
- }
82
- //#endregion
83
1
  //#region src/core/result/outcome.d.ts
84
2
  /**
85
3
  * Outcome — Business decision abstraction.
@@ -136,5 +54,5 @@ declare class Outcome<S extends string, D = undefined> {
136
54
  /** Common business outcome statuses. Extend per domain as needed. */
137
55
  type CommonOutcomeStatus = "APPROVED" | "REJECTED" | "NO_OP" | "DEFERRED" | "REQUIRES_REVIEW";
138
56
  //#endregion
139
- export { Result as a, Ok as i, Outcome as n, Err as r, CommonOutcomeStatus as t };
57
+ export { Outcome as n, CommonOutcomeStatus as t };
140
58
  //# sourceMappingURL=outcome.d.ts.map
@@ -0,0 +1,62 @@
1
+ import { r as Result } from "./result.cjs";
2
+ import { O as GatePayload, T as PolicyContext, k as GatePayloadV1 } from "./core-config.cjs";
3
+ import { a as ComputeOutcome, c as VersionedComputeEngine, i as ComputeEvaluatorRegistration, l as ComputePayload, p as ComputePayloadV1, r as ComputeEvaluator } from "./gate-engine-registry.cjs";
4
+
5
+ //#region src/core/policies/engines/compute-evaluator-registry.d.ts
6
+ declare class ComputeEvaluatorRegistry {
7
+ private readonly evaluators;
8
+ private static toRegistryKey;
9
+ register(registration: ComputeEvaluatorRegistration): void;
10
+ get(policyKey: string, version: number): ComputeEvaluator | undefined;
11
+ }
12
+ //#endregion
13
+ //#region src/core/policies/engines/compute-engine-registry.d.ts
14
+ declare class ComputeEngineRegistry {
15
+ private readonly engines;
16
+ register(engine: VersionedComputeEngine): void;
17
+ get(version: number): VersionedComputeEngine | undefined;
18
+ evaluate(version: number, params: {
19
+ readonly policyKey: string;
20
+ readonly payloadSchemaVersion: number;
21
+ readonly payload: unknown;
22
+ readonly context: PolicyContext;
23
+ readonly evaluators: ComputeEvaluatorRegistry;
24
+ }): Result<ComputeOutcome, string>;
25
+ }
26
+ //#endregion
27
+ //#region src/core/policies/engines/parse-compute-payload.d.ts
28
+ type ComputePayloadParser = (payload: unknown) => Result<ComputePayload, string>;
29
+ declare class ComputePayloadParserRegistry {
30
+ private readonly parsers;
31
+ register(payloadSchemaVersion: number, parser: ComputePayloadParser): void;
32
+ get(payloadSchemaVersion: number): ComputePayloadParser | undefined;
33
+ parse(payloadSchemaVersion: number, payload: unknown): Result<ComputePayloadV1, string>;
34
+ }
35
+ declare class ComputePayloadParsers {
36
+ private static readonly registry;
37
+ private static defaultsRegistered;
38
+ private static ensureDefaults;
39
+ static register(payloadSchemaVersion: number, parser: ComputePayloadParser): void;
40
+ static get(payloadSchemaVersion: number): ComputePayloadParser | undefined;
41
+ static parse(payloadSchemaVersion: number, payload: unknown): Result<ComputePayloadV1, string>;
42
+ }
43
+ //#endregion
44
+ //#region src/core/policies/engines/parse-gate-payload.d.ts
45
+ type GatePayloadParser = (payload: unknown) => Result<GatePayload, string>;
46
+ declare class GatePayloadParserRegistry {
47
+ private readonly parsers;
48
+ register(engineVersion: number, parser: GatePayloadParser): void;
49
+ get(engineVersion: number): GatePayloadParser | undefined;
50
+ parse(engineVersion: number, payload: unknown): Result<GatePayloadV1, string>;
51
+ }
52
+ declare class GatePayloadParsers {
53
+ private static readonly registry;
54
+ private static defaultsRegistered;
55
+ private static ensureDefaults;
56
+ static register(engineVersion: number, parser: GatePayloadParser): void;
57
+ static get(engineVersion: number): GatePayloadParser | undefined;
58
+ static parse(engineVersion: number, payload: unknown): Result<GatePayloadV1, string>;
59
+ }
60
+ //#endregion
61
+ export { ComputePayloadParserRegistry as a, ComputeEvaluatorRegistry as c, ComputePayloadParser as i, GatePayloadParserRegistry as n, ComputePayloadParsers as o, GatePayloadParsers as r, ComputeEngineRegistry as s, GatePayloadParser as t };
62
+ //# sourceMappingURL=parse-gate-payload.d.cts.map
@@ -1,5 +1,5 @@
1
- import { a as Result } from "./outcome.js";
2
- import { d as GatePayloadV1, s as PolicyContext, u as GatePayload } from "./gate-types.js";
1
+ import { r as Result } from "./result.js";
2
+ import { O as GatePayload, T as PolicyContext, k as GatePayloadV1 } from "./core-config.js";
3
3
  import { a as ComputeOutcome, c as VersionedComputeEngine, i as ComputeEvaluatorRegistration, l as ComputePayload, p as ComputePayloadV1, r as ComputeEvaluator } from "./gate-engine-registry.js";
4
4
 
5
5
  //#region src/core/policies/engines/compute-evaluator-registry.d.ts
@@ -0,0 +1,90 @@
1
+ import { r as Result } from "./result.cjs";
2
+ import { t as CoreConfig } from "./core-config.cjs";
3
+ import { D as PolicyDefinition, N as PolicyCatalog, P as PolicyCatalogEntryProps, S as PolicyDefinitionRepository, T as FindCandidatesParams, m as ContextResolverRegistry, y as ContextValueResolver } from "./policy-service.cjs";
4
+ import { i as ComputeEvaluatorRegistration } from "./gate-engine-registry.cjs";
5
+
6
+ //#region src/core/config/core-config.instance.d.ts
7
+
8
+ /**
9
+ * Shared instance for the application composition root.
10
+ * Use `new CoreConfig()` for isolated runtimes, tests, or multi-tenant hosts.
11
+ *
12
+ * The default reporter is silent so the core has no runtime logging dependency.
13
+ * Hosts can swap in their own `PolicyReporter` via
14
+ * `coreConfig.configure({ observability: { reporter } })`.
15
+ */
16
+ declare const coreConfig: CoreConfig;
17
+ //#endregion
18
+ //#region src/core/policies/utils/hash.d.ts
19
+ /**
20
+ * Produces a deterministic SHA-256 hex digest of a canonical JSON representation.
21
+ * Object keys are sorted recursively so key order does not affect the hash.
22
+ * Array item order is preserved on purpose; callers that treat arrays as sets
23
+ * must normalize or sort them before hashing.
24
+ *
25
+ * Values that JSON.stringify would silently drop or coerce (undefined,
26
+ * non-finite numbers, functions, symbols, bigint) are rejected up-front to
27
+ * prevent semantically different payloads from collapsing to the same hash.
28
+ */
29
+ declare class PolicyHashing {
30
+ static sha256(input: string): string;
31
+ private static assertHashable;
32
+ static canonicalJson(value: unknown): string;
33
+ static computePayloadHash(payload: unknown, policyKey: string, policyVersion: string): string;
34
+ }
35
+ //#endregion
36
+ //#region src/core/policies/defs/in-memory-policy-definition-repo.d.ts
37
+ declare class InMemoryPolicyDefinitionRepository implements PolicyDefinitionRepository {
38
+ private readonly definitions;
39
+ private readonly definitionsByPolicyKey;
40
+ constructor(definitions: readonly PolicyDefinition[]);
41
+ findCandidates(params: FindCandidatesParams): PolicyDefinition[];
42
+ }
43
+ //#endregion
44
+ //#region src/core/policies/package/policy-package.d.ts
45
+ /**
46
+ * Protocol of contribution: a module declares what it wants to add to the
47
+ * policy system without the core knowing which module it is.
48
+ *
49
+ * - catalogEntries: static policy descriptors the catalog will register.
50
+ * - definitions: default policy definitions (rules/parameters) to seed.
51
+ * - evaluators: compute evaluator registrations keyed by policy/version.
52
+ */
53
+ interface PolicyPackage {
54
+ readonly catalogEntries: readonly PolicyCatalogEntryProps[];
55
+ readonly definitions: readonly PolicyDefinition[];
56
+ readonly evaluators: readonly ComputeEvaluatorRegistration[];
57
+ }
58
+ //#endregion
59
+ //#region src/core/policies/catalog/catalog.instance.d.ts
60
+ /**
61
+ * Aggregates catalog entries contributed by each module package into a single
62
+ * PolicyCatalog. The core knows nothing about concrete modules — callers
63
+ * are responsible for passing all relevant packages at composition time.
64
+ */
65
+ declare class PolicyCatalogFactory {
66
+ static build(packages: readonly PolicyPackage[]): PolicyCatalog;
67
+ }
68
+ //#endregion
69
+ //#region src/core/policies/context/context-registry.instance.d.ts
70
+ /**
71
+ * Official instance of the ContextResolverRegistry.
72
+ * Use `new ContextResolverRegistry()` plus `registerNamespacedContextResolversIn`
73
+ * when each runtime/composition root needs its own isolated resolver graph.
74
+ */
75
+ declare const contextResolverRegistry: ContextResolverRegistry;
76
+ declare function registerNamespacedContextResolvers(namespace: string, resolvers: readonly ContextValueResolver[]): Result<ContextResolverRegistry, string>;
77
+ //#endregion
78
+ //#region src/core/policies/context/path.d.ts
79
+ declare class PolicyContextPath {
80
+ private static readonly FORBIDDEN_SEGMENTS;
81
+ private static resolve;
82
+ private static parseSegments;
83
+ private static isPlainRecord;
84
+ static getOrAbsent(obj: Record<string, unknown>, path: string): Result<unknown, "absent">;
85
+ static has(obj: Record<string, unknown>, path: string): boolean;
86
+ static set(obj: Record<string, unknown>, path: string, value: unknown): Result<void, string>;
87
+ }
88
+ //#endregion
89
+ export { PolicyPackage as a, coreConfig as c, PolicyCatalogFactory as i, contextResolverRegistry as n, InMemoryPolicyDefinitionRepository as o, registerNamespacedContextResolvers as r, PolicyHashing as s, PolicyContextPath as t };
90
+ //# sourceMappingURL=path.d.cts.map
package/dist/path.d.ts CHANGED
@@ -1,5 +1,5 @@
1
- import { a as Result } from "./outcome.js";
2
- import { m as CoreConfig } from "./gate-types.js";
1
+ import { r as Result } from "./result.js";
2
+ import { t as CoreConfig } from "./core-config.js";
3
3
  import { D as PolicyDefinition, N as PolicyCatalog, P as PolicyCatalogEntryProps, S as PolicyDefinitionRepository, T as FindCandidatesParams, m as ContextResolverRegistry, y as ContextValueResolver } from "./policy-service.js";
4
4
  import { i as ComputeEvaluatorRegistration } from "./gate-engine-registry.js";
5
5
 
@@ -0,0 +1,79 @@
1
+ //#region src/core/plugins/plugin.ts
2
+ /**
3
+ * Registry that holds a set of plugins implementing a shared {@link PluginContract}
4
+ * and resolves which of them answer a given extension point.
5
+ *
6
+ * Plugins are kept sorted by priority (descending). For a given method,
7
+ * {@link invoke} either delegates to the highest-priority enabled plugin
8
+ * (`'first'`) or folds every enabled plugin into a single value (`'pipeline'`).
9
+ * When no plugin is enabled, the supplied `fallback` runs instead, so the host
10
+ * always has defined behaviour even with an empty registry.
11
+ *
12
+ * @typeParam P - The plugin contract this manager coordinates.
13
+ */
14
+ var PluginManager = class {
15
+ constructor() {
16
+ this.plugins = [];
17
+ }
18
+ /** Registers one or more plugins and re-sorts by priority. */
19
+ register(...plugins) {
20
+ this.plugins.push(...plugins);
21
+ this.reorder();
22
+ }
23
+ /** Removes a previously registered plugin by name. */
24
+ unregister(name) {
25
+ this.plugins = this.plugins.filter((p) => p.name !== name);
26
+ }
27
+ /** Enables a registered plugin by name. */
28
+ enable(name) {
29
+ const plugin = this.plugins.find((p) => p.name === name);
30
+ if (plugin) plugin.enabled = true;
31
+ }
32
+ /** Disables a registered plugin by name (without removing it). */
33
+ disable(name) {
34
+ const plugin = this.plugins.find((p) => p.name === name);
35
+ if (plugin) plugin.enabled = false;
36
+ }
37
+ /** Lists enabled plugins only, already in priority order. */
38
+ list() {
39
+ return this.plugins.filter((p) => p.enabled !== false);
40
+ }
41
+ /**
42
+ * Resolves `method` against the registered plugins.
43
+ *
44
+ * In `'first'` mode the highest-priority enabled plugin that implements
45
+ * `method` answers. In `'pipeline'` mode every enabled plugin runs and the
46
+ * results are folded with `reducer` (defaults to "keep the last result").
47
+ * When no enabled plugin implements `method`, `fallback` is called.
48
+ */
49
+ invoke(method, args, opts) {
50
+ const { mode = "first", fallback, reducer } = opts;
51
+ const enabled = this.list().filter((p) => method in p);
52
+ if (enabled.length === 0) return fallback(...args);
53
+ if (mode === "first") {
54
+ const fn = enabled[0][method];
55
+ return fn(...args);
56
+ }
57
+ const defaultReducer = (_, curr) => curr;
58
+ const red = reducer ?? defaultReducer;
59
+ let acc = enabled[0][method](...args);
60
+ enabled.slice(1).forEach((plugin, idx) => {
61
+ const res = plugin[method](...args);
62
+ acc = red(acc, res, plugin, idx + 1);
63
+ });
64
+ return acc;
65
+ }
66
+ /** Re-sorts the internal list by priority (desc; default priority = 0). */
67
+ reorder() {
68
+ this.plugins.sort((a, b) => (b.priority ?? 0) - (a.priority ?? 0));
69
+ }
70
+ };
71
+ //#endregion
72
+ Object.defineProperty(exports, "PluginManager", {
73
+ enumerable: true,
74
+ get: function() {
75
+ return PluginManager;
76
+ }
77
+ });
78
+
79
+ //# sourceMappingURL=plugin.cjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"plugin.cjs","names":[],"sources":["../src/core/plugins/plugin.ts"],"sourcesContent":["import {\n type BasePlugin,\n type InvokeOptions,\n type PipelineReducer,\n type PluginContract,\n} from \"./types.js\";\n\n/**\n * Registry that holds a set of plugins implementing a shared {@link PluginContract}\n * and resolves which of them answer a given extension point.\n *\n * Plugins are kept sorted by priority (descending). For a given method,\n * {@link invoke} either delegates to the highest-priority enabled plugin\n * (`'first'`) or folds every enabled plugin into a single value (`'pipeline'`).\n * When no plugin is enabled, the supplied `fallback` runs instead, so the host\n * always has defined behaviour even with an empty registry.\n *\n * @typeParam P - The plugin contract this manager coordinates.\n */\nclass PluginManager<P extends PluginContract> {\n /** Internal list, kept sorted by priority (desc). */\n private plugins: (P & BasePlugin)[] = [];\n\n /** Registers one or more plugins and re-sorts by priority. */\n public register(...plugins: (P & BasePlugin)[]): void {\n this.plugins.push(...plugins);\n this.reorder();\n }\n\n /** Removes a previously registered plugin by name. */\n public unregister(name: string): void {\n this.plugins = this.plugins.filter((p) => p.name !== name);\n }\n\n /** Enables a registered plugin by name. */\n public enable(name: string): void {\n const plugin = this.plugins.find((p) => p.name === name);\n if (plugin) plugin.enabled = true;\n }\n\n /** Disables a registered plugin by name (without removing it). */\n public disable(name: string): void {\n const plugin = this.plugins.find((p) => p.name === name);\n if (plugin) plugin.enabled = false;\n }\n\n /** Lists enabled plugins only, already in priority order. */\n public list(): readonly (P & BasePlugin)[] {\n return this.plugins.filter((p) => p.enabled !== false);\n }\n\n /**\n * Resolves `method` against the registered plugins.\n *\n * In `'first'` mode the highest-priority enabled plugin that implements\n * `method` answers. In `'pipeline'` mode every enabled plugin runs and the\n * results are folded with `reducer` (defaults to \"keep the last result\").\n * When no enabled plugin implements `method`, `fallback` is called.\n */\n public invoke<K extends keyof P>(\n method: K,\n args: Parameters<P[K]>,\n opts: InvokeOptions<P, K>,\n ): ReturnType<P[K]> {\n const { mode = \"first\", fallback, reducer } = opts;\n const enabled = this.list().filter((p) => method in p) as Array<\n P & BasePlugin\n >;\n\n if (enabled.length === 0) {\n return (fallback as P[K])(...args);\n }\n\n if (mode === \"first\") {\n const fn = enabled[0][method] as P[K];\n return fn(...args);\n }\n\n const defaultReducer: PipelineReducer<ReturnType<P[K]>, P> = (\n _,\n curr,\n ) => curr;\n const red = reducer ?? defaultReducer;\n\n let acc: ReturnType<P[K]> = enabled[0][method]!(...args);\n enabled.slice(1).forEach((plugin, idx) => {\n const res = plugin[method]!(...args);\n acc = red(acc, res, plugin, idx + 1);\n });\n return acc;\n }\n\n /** Re-sorts the internal list by priority (desc; default priority = 0). */\n private reorder(): void {\n this.plugins.sort((a, b) => (b.priority ?? 0) - (a.priority ?? 0));\n }\n}\n\nexport { PluginManager };\n"],"mappings":";;;;;;;;;;;;;AAmBA,IAAM,gBAAN,MAA8C;;iBAEJ,CAAC;;;CAGvC,SAAgB,GAAG,SAAmC;EAClD,KAAK,QAAQ,KAAK,GAAG,OAAO;EAC5B,KAAK,QAAQ;CACjB;;CAGA,WAAkB,MAAoB;EAClC,KAAK,UAAU,KAAK,QAAQ,QAAQ,MAAM,EAAE,SAAS,IAAI;CAC7D;;CAGA,OAAc,MAAoB;EAC9B,MAAM,SAAS,KAAK,QAAQ,MAAM,MAAM,EAAE,SAAS,IAAI;EACvD,IAAI,QAAQ,OAAO,UAAU;CACjC;;CAGA,QAAe,MAAoB;EAC/B,MAAM,SAAS,KAAK,QAAQ,MAAM,MAAM,EAAE,SAAS,IAAI;EACvD,IAAI,QAAQ,OAAO,UAAU;CACjC;;CAGA,OAA2C;EACvC,OAAO,KAAK,QAAQ,QAAQ,MAAM,EAAE,YAAY,KAAK;CACzD;;;;;;;;;CAUA,OACI,QACA,MACA,MACgB;EAChB,MAAM,EAAE,OAAO,SAAS,UAAU,YAAY;EAC9C,MAAM,UAAU,KAAK,KAAK,EAAE,QAAQ,MAAM,UAAU,CAAC;EAIrD,IAAI,QAAQ,WAAW,GACnB,OAAQ,SAAkB,GAAG,IAAI;EAGrC,IAAI,SAAS,SAAS;GAClB,MAAM,KAAK,QAAQ,GAAG;GACtB,OAAO,GAAG,GAAG,IAAI;EACrB;EAEA,MAAM,kBACF,GACA,SACC;EACL,MAAM,MAAM,WAAW;EAEvB,IAAI,MAAwB,QAAQ,GAAG,QAAS,GAAG,IAAI;EACvD,QAAQ,MAAM,CAAC,EAAE,SAAS,QAAQ,QAAQ;GACtC,MAAM,MAAM,OAAO,QAAS,GAAG,IAAI;GACnC,MAAM,IAAI,KAAK,KAAK,QAAQ,MAAM,CAAC;EACvC,CAAC;EACD,OAAO;CACX;;CAGA,UAAwB;EACpB,KAAK,QAAQ,MAAM,GAAG,OAAO,EAAE,YAAY,MAAM,EAAE,YAAY,EAAE;CACrE;AACJ"}