npm - @datasynx/agentic-ai-cartography - Versions diffs - 2.4.0 → 2.5.0 - Mend

@datasynx/agentic-ai-cartography 2.4.0 → 2.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/dist/api-bin.js +2 -2
package/dist/{chunk-X5JA2UDT.js → chunk-GA4427LB.js} +134 -14
package/dist/chunk-GA4427LB.js.map +1 -0
package/dist/{chunk-L4OSL7I6.js → chunk-NQXZUWOI.js} +41 -11
package/dist/chunk-NQXZUWOI.js.map +1 -0
package/dist/{chunk-B4QWX7CP.js → chunk-RYQ4KQCK.js} +55 -11
package/dist/chunk-RYQ4KQCK.js.map +1 -0
package/dist/cli.js +87 -8
package/dist/cli.js.map +1 -1
package/dist/index.cjs +262 -26
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +223 -3
package/dist/index.d.ts +223 -3
package/dist/index.js +244 -24
package/dist/index.js.map +1 -1
package/dist/mcp-bin.js +2 -2
package/package.json +1 -1
package/server.json +2 -2
package/dist/chunk-B4QWX7CP.js.map +0 -1
package/dist/chunk-L4OSL7I6.js.map +0 -1
package/dist/chunk-X5JA2UDT.js.map +0 -1

package/dist/index.cjs CHANGED Viewed

@@ -30,6 +30,10 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+  ACTIONS: () => ACTIONS,
+  ActionSchema: () => ActionSchema,
+  AuthConfigSchema: () => AuthConfigSchema,
+  AuthorizationError: () => AuthorizationError,
   CLIENTS: () => CLIENTS,
   CONFIDENCE: () => CONFIDENCE,
   CartographyDB: () => CartographyDB,
@@ -38,6 +42,7 @@ __export(src_exports, {
   ConditionSchema: () => ConditionSchema,
   ConfigError: () => ConfigError,
   ControlResultSchema: () => ControlResultSchema,
+  CredentialConfigSchema: () => CredentialConfigSchema,
   CsvCostSource: () => CsvCostSource,
   DEFAULT_ANOMALY_THRESHOLDS: () => DEFAULT_ANOMALY_THRESHOLDS,
   DEFAULT_SERVER_NAME: () => DEFAULT_SERVER_NAME,
@@ -57,8 +62,11 @@ __export(src_exports, {
   PRIVATE_IP: () => PRIVATE_IP,
   PUSH_SCHEMA_VERSION: () => PUSH_SCHEMA_VERSION,
   PagerDutySink: () => PagerDutySink,
+  PrincipalSchema: () => PrincipalSchema,
   ProviderRegistry: () => ProviderRegistry,
   RELATION_TO_DIRECTION: () => RELATION_TO_DIRECTION,
+  ROLES: () => ROLES,
+  RoleSchema: () => RoleSchema,
   RuleCheckSchema: () => RuleCheckSchema,
   RulesetSchema: () => RulesetSchema,
   SCAN_ARG_PATTERNS: () => SCAN_ARG_PATTERNS,
@@ -69,10 +77,12 @@ __export(src_exports, {
   ScannerShape: () => ScannerShape,
   SharingLevelSchema: () => SharingLevelSchema,
   SlackSink: () => SlackSink,
+  SqliteCredentialStore: () => SqliteCredentialStore,
   SqliteQueryBackend: () => SqliteQueryBackend,
   SqliteStoreBackend: () => SqliteStoreBackend,
   StdoutSink: () => StdoutSink,
   TENANT_HEADER: () => TENANT_HEADER,
+  TenantMismatchError: () => TenantMismatchError,
   VectorStore: () => VectorStore,
   WebhookSink: () => WebhookSink,
   applyInstall: () => applyInstall,
@@ -80,7 +90,9 @@ __export(src_exports, {
   assertReadOnly: () => assertReadOnly,
   assertSafeBind: () => assertSafeBind,
   assertSafeScanArg: () => assertSafeScanArg,
+  assertSameTenant: () => assertSameTenant,
   assignColors: () => assignColors,
+  authorize: () => authorize,
   bearerToken: () => bearerToken,
   bookmarksScanner: () => bookmarksScanner,
   buildCartographyToolHandlers: () => buildCartographyToolHandlers,
@@ -88,6 +100,7 @@ __export(src_exports, {
   buildOpenApiDocument: () => buildOpenApiDocument,
   buildReport: () => buildReport,
   buildSinks: () => buildSinks,
+  can: () => can,
   centralDbFromEnv: () => centralDbFromEnv,
   checkBearer: () => checkBearer,
   checkPrerequisites: () => checkPrerequisites,
@@ -164,6 +177,7 @@ __export(src_exports, {
   globalId: () => globalId,
   groupByDomain: () => groupByDomain,
   handleGraphqlGet: () => handleGraphqlGet,
+  hashToken: () => hashToken,
   hexCorners: () => hexCorners,
   hexDistance: () => hexDistance,
   hexNeighbors: () => hexNeighbors,
@@ -230,6 +244,7 @@ __export(src_exports, {
   renderDiff: () => renderDiff,
   resolveEffectiveLevel: () => resolveEffectiveLevel,
   resolveNlQuery: () => resolveNlQuery,
+  resolvePrincipal: () => resolvePrincipal,
   resolveSharingLevel: () => resolveSharingLevel,
   resolveTenant: () => resolveTenant,
   revalidateAnonymized: () => revalidateAnonymized,
@@ -249,6 +264,7 @@ __export(src_exports, {
   safetyHook: () => safetyHook,
   sanitizeUntrusted: () => sanitizeUntrusted,
   sanitizeValue: () => sanitizeValue,
+  scopeReads: () => scopeReads,
   scoreTopology: () => scoreTopology,
   securityRelevantChange: () => securityRelevantChange,
   serializeConfig: () => serializeConfig,
@@ -3085,7 +3101,10 @@ CREATE TABLE IF NOT EXISTS activity_events (
   duration_ms INTEGER,
   command TEXT,
   result_bytes INTEGER,
-  tenant TEXT NOT NULL DEFAULT 'local'
+  tenant TEXT NOT NULL DEFAULT 'local',
+  actor_subject TEXT,
+  actor_role TEXT,
+  actor_tenant TEXT
 );
 CREATE TABLE IF NOT EXISTS tasks (
@@ -3194,6 +3213,16 @@ CREATE INDEX IF NOT EXISTS idx_nodes_tenant_content ON nodes(tenant, content_has
 CREATE INDEX IF NOT EXISTS idx_contrib_org ON node_contributors(organization, global_id);
 CREATE INDEX IF NOT EXISTS idx_nodes_owner ON nodes(session_id, owner);
 `;
+var AUTH_SCHEMA = `
+CREATE TABLE IF NOT EXISTS auth_credentials (
+  token_hash TEXT PRIMARY KEY,
+  subject TEXT NOT NULL,
+  tenant TEXT NOT NULL DEFAULT 'local',
+  role TEXT NOT NULL,
+  created_at TEXT NOT NULL
+);
+CREATE INDEX IF NOT EXISTS idx_auth_subject ON auth_credentials(subject);
+`;
 var CartographyDB = class {
   db;
   /** 3.6 anomaly settings; defaults apply when no `anomaly` config is supplied. */
@@ -3213,7 +3242,8 @@ var CartographyDB = class {
     const version = this.db.pragma("user_version", { simple: true });
     if (version === 0) {
       this.db.exec(SCHEMA);
-      this.db.pragma("user_version = 14");
+      this.db.exec(AUTH_SCHEMA);
+      this.db.pragma("user_version = 15");
       return;
     } else if (version === 1) {
       const cols = this.db.prepare("PRAGMA table_info(nodes)").all().map((c) => c.name);
@@ -3399,6 +3429,18 @@ var CartographyDB = class {
       }
       this.db.pragma("user_version = 14");
     }
+    const v14 = this.db.pragma("user_version", { simple: true });
+    if (v14 < 15) {
+      this.db.exec(AUTH_SCHEMA);
+      const ev = this.db.prepare("PRAGMA table_info(activity_events)").all();
+      if (ev.length > 0) {
+        const cols = ev.map((c) => c.name);
+        if (!cols.includes("actor_subject")) this.db.exec("ALTER TABLE activity_events ADD COLUMN actor_subject TEXT");
+        if (!cols.includes("actor_role")) this.db.exec("ALTER TABLE activity_events ADD COLUMN actor_role TEXT");
+        if (!cols.includes("actor_tenant")) this.db.exec("ALTER TABLE activity_events ADD COLUMN actor_tenant TEXT");
+      }
+      this.db.pragma("user_version = 15");
+    }
   }
   close() {
     this.db.pragma("optimize");
@@ -3829,13 +3871,13 @@ var CartographyDB = class {
     });
   }
   // ── Events ──────────────────────────────
-  insertEvent(sessionId, event, taskId) {
+  insertEvent(sessionId, event, taskId, actor) {
     const id = crypto.randomUUID();
     const tenant = this.tenantOf(sessionId);
     this.db.prepare(`
       INSERT INTO activity_events
-        (id, session_id, task_id, timestamp, event_type, process, pid, target, target_type, port, command, result_bytes, tenant)
-      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+        (id, session_id, task_id, timestamp, event_type, process, pid, target, target_type, port, command, result_bytes, tenant, actor_subject, actor_role, actor_tenant)
+      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
     `).run(
       id,
       sessionId,
@@ -3849,9 +3891,52 @@ var CartographyDB = class {
       event.port ?? null,
       event.command ?? null,
       event.resultBytes ?? null,
-      tenant
+      tenant,
+      actor?.subject ?? null,
+      actor?.role ?? null,
+      actor?.tenant ?? null
     );
   }
+  // ── RBAC credential store (4.5) ─────────────
+  /** Number of stored credentials. `0` ⇒ no RBAC configured (fall back to shared/loopback). */
+  countCredentials() {
+    return this.db.prepare("SELECT COUNT(*) AS n FROM auth_credentials").get().n;
+  }
+  /** Look up a credential by its sha256 token hash. */
+  findCredentialByHash(tokenHash) {
+    const r = this.db.prepare("SELECT * FROM auth_credentials WHERE token_hash = ?").get(tokenHash);
+    if (!r) return void 0;
+    return {
+      tokenHash: r["token_hash"],
+      subject: r["subject"],
+      tenant: r["tenant"],
+      role: r["role"],
+      createdAt: r["created_at"]
+    };
+  }
+  /** Upsert a credential (idempotent on the token hash). Stores only the hash, never the raw token. */
+  addCredential(rec) {
+    this.db.prepare(`
+      INSERT INTO auth_credentials (token_hash, subject, tenant, role, created_at)
+      VALUES (?, ?, ?, ?, ?)
+      ON CONFLICT(token_hash) DO UPDATE SET subject = excluded.subject, tenant = excluded.tenant, role = excluded.role
+    `).run(rec.tokenHash, rec.subject, rec.tenant, rec.role, (/* @__PURE__ */ new Date()).toISOString());
+  }
+  /** List all credentials (token hashes only — the raw token is unrecoverable). */
+  listCredentials() {
+    const rows = this.db.prepare("SELECT * FROM auth_credentials ORDER BY created_at").all();
+    return rows.map((r) => ({
+      tokenHash: r["token_hash"],
+      subject: r["subject"],
+      tenant: r["tenant"],
+      role: r["role"],
+      createdAt: r["created_at"]
+    }));
+  }
+  /** Revoke every credential for a subject. Returns the number removed. */
+  revokeCredentialsBySubject(subject) {
+    return this.db.prepare("DELETE FROM auth_credentials WHERE subject = ?").run(subject).changes;
+  }
   getEvents(sessionId, since) {
     const rows = since ? this.db.prepare("SELECT * FROM activity_events WHERE session_id = ? AND timestamp > ? ORDER BY timestamp").all(sessionId, since) : this.db.prepare("SELECT * FROM activity_events WHERE session_id = ? ORDER BY timestamp").all(sessionId);
     return rows.map((r) => {
@@ -5530,6 +5615,36 @@ async function runDrift(db, config, opts = {}) {
   return alert;
 }
+// src/auth/rbac.ts
+var ROLE_RANK = { viewer: 1, operator: 2, admin: 3 };
+var ACTION_MIN_ROLE = { read: "viewer", discovery: "operator", admin: "admin" };
+function can(role, action) {
+  return ROLE_RANK[role] >= ROLE_RANK[ACTION_MIN_ROLE[action]];
+}
+var AuthorizationError = class extends Error {
+  constructor(action, role) {
+    super(`forbidden: role '${role}' may not perform '${action}'`);
+    this.action = action;
+    this.role = role;
+    this.name = "AuthorizationError";
+  }
+};
+function authorize(principal, action) {
+  if (!can(principal.role, action)) throw new AuthorizationError(action, principal.role);
+}
+var TenantMismatchError = class extends Error {
+  constructor() {
+    super("forbidden: principal is not scoped to the requested tenant");
+    this.name = "TenantMismatchError";
+  }
+};
+function scopeReads(principal) {
+  return principal.tenant;
+}
+function assertSameTenant(principal, requestedTenant) {
+  if (requestedTenant !== principal.tenant) throw new TenantMismatchError();
+}
 // src/compliance/rulesets/baseline.ts
 var baseline = RulesetSchema.parse({
   name: "baseline",
@@ -5817,7 +5932,7 @@ async function resolveNlQuery(db, sessionId, search, raw, opts) {
 // src/mcp/server.ts
 var SERVER_NAME = "cartography";
-var SERVER_VERSION = "2.4.0";
+var SERVER_VERSION = "2.5.0";
 var SERVICE_TYPES = NODE_TYPE_GROUPS.web;
 var DATA_TYPES = NODE_TYPE_GROUPS.data;
 var lexicalSearch = async (db, sessionId, query, opts) => db.searchNodes(sessionId, query, { types: opts.types, limit: opts.limit }).map((node) => ({ node }));
@@ -6219,6 +6334,14 @@ function createMcpServer(opts = {}) {
         annotations: { readOnlyHint: false, destructiveHint: false, openWorldHint: true }
       },
       async (args) => {
+        if (opts.principal) {
+          try {
+            authorize(opts.principal, "discovery");
+          } catch (err) {
+            if (err instanceof AuthorizationError) return json({ error: `forbidden: role '${opts.principal.role}' may not run discovery (operator required)` });
+            throw err;
+          }
+        }
         let sid = resolveSession();
         if (args.update) {
           if (!sid) return json({ error: "No session to update; run discovery first." });
@@ -6314,7 +6437,7 @@ function createMcpServer(opts = {}) {
 }
 // src/mcp/transports.ts
-var import_node_crypto5 = require("crypto");
+var import_node_crypto6 = require("crypto");
 var import_node_http = __toESM(require("http"), 1);
 var import_stdio = require("@modelcontextprotocol/sdk/server/stdio.js");
 var import_streamableHttp = require("@modelcontextprotocol/sdk/server/streamableHttp.js");
@@ -6361,7 +6484,41 @@ function defaultAllowedHosts(host2, port) {
   return [`${host2}:${port}`, `localhost:${port}`, `127.0.0.1:${port}`];
 }
+// src/auth/identity.ts
+var import_node_crypto5 = require("crypto");
+function hashToken(token) {
+  return (0, import_node_crypto5.createHash)("sha256").update(token, "utf8").digest("hex");
+}
+var SqliteCredentialStore = class {
+  constructor(db) {
+    this.db = db;
+  }
+  count() {
+    return this.db.countCredentials();
+  }
+  findByHash(tokenHash) {
+    return this.db.findCredentialByHash(tokenHash);
+  }
+};
+function resolvePrincipal(presentedToken, opts) {
+  const tenant = opts.defaultTenant ?? DEFAULT_TENANT;
+  if (opts.store && opts.store.count() > 0) {
+    if (!presentedToken) return void 0;
+    const rec = opts.store.findByHash(hashToken(presentedToken));
+    return rec ? { subject: rec.subject, tenant: rec.tenant, role: rec.role } : void 0;
+  }
+  if (opts.sharedToken) {
+    if (!presentedToken || !timingSafeEqual(presentedToken, opts.sharedToken)) return void 0;
+    return { subject: "shared-token", tenant, role: "admin" };
+  }
+  if (opts.required) return void 0;
+  return { subject: "anonymous", tenant, role: "admin" };
+}
 // src/mcp/transports.ts
+function samePrincipal(a, b) {
+  return a.subject === b.subject && a.tenant === b.tenant && a.role === b.role;
+}
 async function runStdio(server) {
   const transport = new import_stdio.StdioServerTransport();
   await server.connect(transport);
@@ -6406,6 +6563,14 @@ async function runHttp(factory, opts = {}) {
   assertSafeBind({ host: host2, port, ...opts.allowedHosts ? { allowedHosts: opts.allowedHosts } : {}, ...opts.token ? { token: opts.token } : {} });
   const allowedHosts = opts.allowedHosts ?? defaultAllowedHosts(host2, port);
   const token = opts.token;
+  const authStore = opts.auth?.store;
+  const defaultTenant = opts.defaultTenant;
+  const resolveAuth = (header) => resolvePrincipal(bearerToken(header), {
+    ...authStore ? { store: authStore } : {},
+    ...token ? { sharedToken: token } : {},
+    ...defaultTenant ? { defaultTenant } : {},
+    ...opts.auth?.required ? { required: true } : {}
+  });
   const transports = /* @__PURE__ */ new Map();
   const httpServer = import_node_http.default.createServer(async (req, res) => {
     try {
@@ -6415,7 +6580,8 @@ async function runHttp(factory, opts = {}) {
         res.writeHead(404, { "content-type": "application/json" }).end('{"error":"not found"}');
         return;
       }
-      if (!checkBearer(req.headers["authorization"], token)) {
+      const principal = resolveAuth(req.headers["authorization"]);
+      if (!principal) {
         res.writeHead(401, { "content-type": "application/json", "www-authenticate": "Bearer" }).end('{"error":"unauthorized"}');
         return;
       }
@@ -6442,8 +6608,12 @@ async function runHttp(factory, opts = {}) {
       const sessionId = req.headers["mcp-session-id"];
       const existing = sessionId ? transports.get(sessionId) : void 0;
       if (existing) {
+        if (!samePrincipal(existing.principal, principal)) {
+          res.writeHead(403, { "content-type": "application/json" }).end('{"error":"session belongs to a different principal"}');
+          return;
+        }
         const body2 = req.method === "POST" ? await readJsonBody(req) : void 0;
-        await existing.handleRequest(req, res, body2);
+        await existing.transport.handleRequest(req, res, body2);
         return;
       }
       if (req.method !== "POST") {
@@ -6452,18 +6622,18 @@ async function runHttp(factory, opts = {}) {
       }
       const body = await readJsonBody(req);
       const transport = new import_streamableHttp.StreamableHTTPServerTransport({
-        sessionIdGenerator: () => (0, import_node_crypto5.randomUUID)(),
+        sessionIdGenerator: () => (0, import_node_crypto6.randomUUID)(),
         enableDnsRebindingProtection: true,
         allowedHosts,
         ...opts.allowedOrigins ? { allowedOrigins: opts.allowedOrigins } : {},
         onsessioninitialized: (id) => {
-          transports.set(id, transport);
+          transports.set(id, { transport, principal });
         }
       });
       transport.onclose = () => {
         if (transport.sessionId) transports.delete(transport.sessionId);
       };
-      await factory().connect(transport);
+      await factory(principal).connect(transport);
       await transport.handleRequest(req, res, body);
     } catch (err) {
       process.stderr.write(`[cartography-mcp] HTTP request failed: ${err instanceof Error ? err.message : String(err)}
@@ -8090,6 +8260,8 @@ async function runApi(opts) {
   const token = opts.token;
   const graphqlEnabled = opts.graphql !== false;
   const defaultTenant = opts.tenant?.defaultTenant ?? DEFAULT_TENANT;
+  const authStore = opts.auth?.store;
+  const rbacMode = !!(authStore && authStore.count() > 0);
   const log2 = opts.log ?? (() => {
   });
   const restDeps = { backend: opts.backend, version: opts.version };
@@ -8148,23 +8320,44 @@ async function runApi(opts) {
           finish(r.status);
           return;
         }
-        if (!checkBearer(req.headers["authorization"], token)) {
+        const principal = resolvePrincipal(bearerToken(req.headers["authorization"]), {
+          ...authStore ? { store: authStore } : {},
+          ...token ? { sharedToken: token } : {},
+          defaultTenant,
+          ...opts.auth?.required ? { required: true } : {}
+        });
+        if (!principal) {
           send(res, 401, { error: "unauthorized" }, { "www-authenticate": "Bearer", ...cors });
           finish(401);
           return;
         }
-        let ctx;
         try {
-          ctx = resolveTenant(req, url, opts.tenant ?? {});
-          tenantLabel = ctx.tenant;
+          authorize(principal, "read");
         } catch (err) {
-          if (err instanceof InvalidTenantError) {
-            send(res, 400, { error: "invalid tenant" }, cors);
-            finish(400);
+          if (err instanceof AuthorizationError) {
+            send(res, 403, { error: "forbidden" }, cors);
+            finish(403);
             return;
           }
           throw err;
         }
+        let ctx;
+        if (rbacMode) {
+          ctx = { tenant: principal.tenant };
+          tenantLabel = principal.tenant;
+        } else {
+          try {
+            ctx = resolveTenant(req, url, opts.tenant ?? {});
+            tenantLabel = ctx.tenant;
+          } catch (err) {
+            if (err instanceof InvalidTenantError) {
+              send(res, 400, { error: "invalid tenant" }, cors);
+              finish(400);
+              return;
+            }
+            throw err;
+          }
+        }
         if (graphqlEnabled && path === "/graphql") {
           if (req.method === "GET") {
             const g = handleGraphqlGet();
@@ -8234,6 +8427,30 @@ function dispatchRest(ctx, path, url, deps) {
   }
 }
+// src/auth/types.ts
+var import_zod9 = require("zod");
+var ROLES = ["viewer", "operator", "admin"];
+var RoleSchema = import_zod9.z.enum(ROLES);
+var ACTIONS = ["read", "discovery", "admin"];
+var ActionSchema = import_zod9.z.enum(ACTIONS);
+var PrincipalSchema = import_zod9.z.object({
+  subject: import_zod9.z.string().min(1),
+  tenant: import_zod9.z.string().min(1),
+  role: RoleSchema
+});
+var CredentialConfigSchema = import_zod9.z.object({
+  token: import_zod9.z.string().min(1),
+  subject: import_zod9.z.string().min(1),
+  tenant: import_zod9.z.string().optional(),
+  role: RoleSchema.default("viewer")
+});
+var AuthConfigSchema = import_zod9.z.object({
+  /** Seed credentials (merged into the SQLite store on startup). */
+  credentials: import_zod9.z.array(CredentialConfigSchema).optional(),
+  /** Reject unauthenticated requests even on loopback (default: loopback dev stays open). */
+  required: import_zod9.z.boolean().optional()
+});
 // src/api/start.ts
 var import_node_fs5 = require("fs");
 var import_node_path5 = require("path");
@@ -8261,6 +8478,7 @@ function parseApiArgs(argv) {
     else if (a === "--db") opts.dbPath = argv[++i];
     else if (a === "--session") opts.session = argv[++i];
     else if (a === "--tenant" || a === "--org") opts.tenant = argv[++i];
+    else if (a === "--auth-required") opts.authRequired = true;
     else if (a === "--help" || a === "-h") opts.help = true;
   }
   return opts;
@@ -8276,11 +8494,13 @@ async function startApi(opts = {}) {
   const host2 = opts.host ?? "127.0.0.1";
   const port = opts.port ?? 3737;
   const version = readVersion();
+  const authStore = new SqliteCredentialStore(db);
   const server = await runApi({
     host: host2,
     port,
     backend,
     version,
+    auth: { store: authStore, ...opts.authRequired ? { required: true } : {} },
     ...opts.allowedHosts ? { allowedHosts: opts.allowedHosts } : {},
     ...opts.allowedOrigins ? { allowedOrigins: opts.allowedOrigins } : {},
     ...token ? { token } : {},
@@ -8775,13 +8995,13 @@ function createClaudeProvider() {
 }
 // src/providers/shell.ts
-var import_zod9 = require("zod");
+var import_zod10 = require("zod");
 function createBashTool() {
   const shell = IS_WIN ? "powershell" : "posix";
   return {
     name: "Bash",
     description: "Run a read-only shell command (inspect ports, processes, config). Mutating or destructive commands are blocked by the read-only allowlist.",
-    inputShape: { command: import_zod9.z.string().describe("The read-only shell command to run") },
+    inputShape: { command: import_zod10.z.string().describe("The read-only shell command to run") },
     annotations: { readOnlyHint: true, openWorldHint: true },
     handler: async (args) => {
       const command = String(args["command"] ?? "").trim();
@@ -11293,9 +11513,9 @@ async function runOnce(cfg, db) {
 }
 // src/sync/hash.ts
-var import_node_crypto6 = require("crypto");
+var import_node_crypto7 = require("crypto");
 function shareHash(kind, payload) {
-  return (0, import_node_crypto6.createHash)("sha256").update(stableStringify({ kind, payload })).digest("hex");
+  return (0, import_node_crypto7.createHash)("sha256").update(stableStringify({ kind, payload })).digest("hex");
 }
 // src/sync/classify.ts
@@ -11339,7 +11559,7 @@ function classify2(input) {
 }
 // src/sync/push.ts
-var import_node_crypto7 = require("crypto");
+var import_node_crypto8 = require("crypto");
 var PUSH_SCHEMA_VERSION = 1;
 var DEFAULT_BATCH = 100;
 var DEFAULT_RETRIES = 4;
@@ -11353,7 +11573,7 @@ function defaultSleep(ms) {
 }
 function batchKey(items) {
   const hashes = items.map((i) => i.contentHash).sort();
-  return (0, import_node_crypto7.createHash)("sha256").update(stableStringify(hashes)).digest("hex");
+  return (0, import_node_crypto8.createHash)("sha256").update(stableStringify(hashes)).digest("hex");
 }
 async function pushDeltas(config, items, opts = {}) {
   const central = config.centralDb;
@@ -11559,6 +11779,10 @@ function checkClaudePrerequisites() {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  ACTIONS,
+  ActionSchema,
+  AuthConfigSchema,
+  AuthorizationError,
   CLIENTS,
   CONFIDENCE,
   CartographyDB,
@@ -11567,6 +11791,7 @@ function checkClaudePrerequisites() {
   ConditionSchema,
   ConfigError,
   ControlResultSchema,
+  CredentialConfigSchema,
   CsvCostSource,
   DEFAULT_ANOMALY_THRESHOLDS,
   DEFAULT_SERVER_NAME,
@@ -11586,8 +11811,11 @@ function checkClaudePrerequisites() {
   PRIVATE_IP,
   PUSH_SCHEMA_VERSION,
   PagerDutySink,
+  PrincipalSchema,
   ProviderRegistry,
   RELATION_TO_DIRECTION,
+  ROLES,
+  RoleSchema,
   RuleCheckSchema,
   RulesetSchema,
   SCAN_ARG_PATTERNS,
@@ -11598,10 +11826,12 @@ function checkClaudePrerequisites() {
   ScannerShape,
   SharingLevelSchema,
   SlackSink,
+  SqliteCredentialStore,
   SqliteQueryBackend,
   SqliteStoreBackend,
   StdoutSink,
   TENANT_HEADER,
+  TenantMismatchError,
   VectorStore,
   WebhookSink,
   applyInstall,
@@ -11609,7 +11839,9 @@ function checkClaudePrerequisites() {
   assertReadOnly,
   assertSafeBind,
   assertSafeScanArg,
+  assertSameTenant,
   assignColors,
+  authorize,
   bearerToken,
   bookmarksScanner,
   buildCartographyToolHandlers,
@@ -11617,6 +11849,7 @@ function checkClaudePrerequisites() {
   buildOpenApiDocument,
   buildReport,
   buildSinks,
+  can,
   centralDbFromEnv,
   checkBearer,
   checkPrerequisites,
@@ -11693,6 +11926,7 @@ function checkClaudePrerequisites() {
   globalId,
   groupByDomain,
   handleGraphqlGet,
+  hashToken,
   hexCorners,
   hexDistance,
   hexNeighbors,
@@ -11759,6 +11993,7 @@ function checkClaudePrerequisites() {
   renderDiff,
   resolveEffectiveLevel,
   resolveNlQuery,
+  resolvePrincipal,
   resolveSharingLevel,
   resolveTenant,
   revalidateAnonymized,
@@ -11778,6 +12013,7 @@ function checkClaudePrerequisites() {
   safetyHook,
   sanitizeUntrusted,
   sanitizeValue,
+  scopeReads,
   scoreTopology,
   securityRelevantChange,
   serializeConfig,