npm - @datasynx/agentic-ai-cartography - Versions diffs - 2.6.0 → 2.7.0 - Mend

@datasynx/agentic-ai-cartography 2.6.0 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/dist/api-bin.js +2 -2
package/dist/{chunk-X3UWUX3G.js → chunk-HLWNO3RF.js} +70 -6
package/dist/chunk-HLWNO3RF.js.map +1 -0
package/dist/{chunk-PQ7Q6MI5.js → chunk-TBPGFEMQ.js} +2 -2
package/dist/{chunk-GA4427LB.js → chunk-YVV6NIT2.js} +11 -1
package/dist/chunk-YVV6NIT2.js.map +1 -0
package/dist/cli.js +24 -4
package/dist/cli.js.map +1 -1
package/dist/index.cjs +70 -3
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +61 -3
package/dist/index.d.ts +61 -3
package/dist/index.js +67 -3
package/dist/index.js.map +1 -1
package/dist/mcp-bin.js +2 -2
package/package.json +1 -1
package/server.json +2 -2
package/dist/chunk-GA4427LB.js.map +0 -1
package/dist/chunk-X3UWUX3G.js.map +0 -1
/package/dist/{chunk-PQ7Q6MI5.js.map → chunk-TBPGFEMQ.js.map} +0 -0

package/dist/index.d.cts CHANGED Viewed

@@ -982,6 +982,12 @@ interface NodeAttribution {
 /** Default tenant for single-user / pre-migration installs. */
 declare const DEFAULT_TENANT = "local";
+/**
+ * The current catalog schema version. A fresh DB initializes here and the migration
+ * chain advances to it; the collector readiness probe (4.7) asserts a reopened DB
+ * reports exactly this. Keep in lockstep with the final `user_version` set in `migrate()`.
+ */
+declare const SCHEMA_VERSION = 15;
 /**
  * Normalize an untrusted tenant id: strip invisible/control characters, trim,
  * cap length, and enforce a conservative key charset. Falls back to DEFAULT_TENANT
@@ -1352,6 +1358,12 @@ declare class CartographyDB {
      * Prune sessions older than the given ISO date string. Returns count of deleted sessions.
      */
     pruneSessions(olderThan: string): number;
+    /**
+     * Retention/compaction (4.7): delete audit events older than `olderThan` (ISO 8601).
+     * The audit trail grows unbounded on a busy collector; this bounds it without touching
+     * sessions/nodes/edges. Returns the number of events removed.
+     */
+    pruneEventsOlderThan(olderThan: string): number;
     /** Fetch a single node by id within a session. */
     getNode(sessionId: string, nodeId: string): NodeRow | undefined;
     /** Batch-fetch nodes by id, keyed for O(1) lookup. Chunked to stay under SQLite's bind-variable limit. */
@@ -1760,6 +1772,37 @@ interface IngestOptions {
  */
 declare function ingestEnvelope(store: StoreBackend, envelope: IngestEnvelope, opts?: IngestOptions): IngestResult;
+/**
+ * Ingest backpressure for the central collector (4.7).
+ *
+ * A pure, in-memory **per-org token-bucket** rate limiter. The networked `POST /ingest`
+ * write endpoint must protect the shared store from a runaway or hostile client; over-quota
+ * requests are refused with `429 + Retry-After` rather than admitted. Deterministic given an
+ * injected clock, so it is unit-testable without real time. In-process only (a multi-replica
+ * deployment would front it with a shared limiter; documented in the runbook).
+ */
+interface QuotaConfig {
+    /** Bucket capacity = max burst, and the number of tokens refilled over one `refillMs` window. */
+    capacity: number;
+    /** Milliseconds over which a fully-drained bucket refills to `capacity`. */
+    refillMs: number;
+}
+/** Sensible default: 120 ingests / minute / org (burst 120). */
+declare const DEFAULT_INGEST_QUOTA: QuotaConfig;
+interface QuotaDecision {
+    allowed: boolean;
+    /** Seconds to wait before retrying — populated only when `!allowed` (≥1). */
+    retryAfterSec: number;
+}
+declare class RateLimiter {
+    private readonly cfg;
+    private readonly now;
+    private readonly buckets;
+    constructor(cfg?: QuotaConfig, now?: () => number);
+    /** Consume one token for `key`. Returns whether the request is allowed (+ Retry-After when not). */
+    take(key: string): QuotaDecision;
+}
 /**
  * The central-collector ingest HTTP surface (2.12).
  *
@@ -1775,12 +1818,18 @@ declare function ingestEnvelope(store: StoreBackend, envelope: IngestEnvelope, o
  * handler ever runs, so the handler never sees (and never logs) the token.
  */
-/** A transport-agnostic HTTP-ish response: a status code and a JSON-serializable body. */
+/** A transport-agnostic HTTP-ish response: a status code, a JSON-serializable body, optional headers. */
 interface IngestResponse {
     status: number;
     body: unknown;
+    /** Extra response headers (e.g. `Retry-After` on a 429). */
+    headers?: Record<string, string>;
 }
 type IngestHandler = (body: unknown) => IngestResponse;
+interface IngestHandlerOptions extends IngestOptions {
+    /** Per-org ingest rate limiter (4.7 backpressure). Over-quota → 429 + Retry-After. */
+    quota?: RateLimiter;
+}
 /**
  * Build the `/ingest` handler over a {@link StoreBackend}. The handler validates the
  * 2.11 push envelope, runs ingest (re-validating anonymization first), and maps the
@@ -1789,7 +1838,7 @@ type IngestHandler = (body: unknown) => IngestResponse;
  *  - 500 — ingest threw (the store's per-node transaction rolls that node back).
  *  - 200 — {@link IngestResult}.
  */
-declare function createIngestHandler(store: StoreBackend, opts?: IngestOptions): IngestHandler;
+declare function createIngestHandler(store: StoreBackend, opts?: IngestHandlerOptions): IngestHandler;
 /**
  * Org-key lifecycle for the 2.10 anonymization layer.
@@ -2183,6 +2232,7 @@ interface HttpOptions {
     onIngest?: (body: unknown) => {
         status: number;
         body: unknown;
+        headers?: Record<string, string>;
     };
     /**
      * RBAC (4.5). When `store` holds credentials, the transport runs in RBAC mode: a
@@ -2197,6 +2247,14 @@ interface HttpOptions {
     };
     /** Tenant assigned to implicit (shared/loopback) admin principals. */
     defaultTenant?: string;
+    /**
+     * Readiness probe (4.7). When set, `GET /readyz` calls it: 200 when `ready`, else 503.
+     * `GET /healthz` (liveness) is always 200. Both are PUBLIC (no auth) for k8s/LB probes.
+     */
+    readiness?: () => {
+        ready: boolean;
+        detail?: Record<string, unknown>;
+    };
 }
 /**
  * Start a Streamable HTTP server. A fresh MCP server instance is created per
@@ -4128,4 +4186,4 @@ declare function logInfo(message: string, context?: Record<string, unknown>): vo
 declare function logWarn(message: string, context?: Record<string, unknown>): void;
 declare function logError(message: string, context?: Record<string, unknown>): void;
-export { ACTIONS, ANOMALY_KINDS, ANOMALY_SEVERITIES, type Action, ActionSchema, type AgentProvider, type AgentRunContext, type AgentTool, type Anomaly, type AnomalyConfig, type AnomalyKind, type AnomalySeverity, type AnomalyThresholds, type AnonViolation, type AnonymizationLevel, type ApiServerOptions, type AskUserFn, type AuthConfig, AuthConfigSchema, AuthorizationError, type BackstageEntity, type BackstageMapOptions, type BindGuardOptions, CLIENTS, CONFIDENCE, COST_PERIODS, type CartographyConfig, CartographyDB, type CartographyMapData, type CentralDbConfig, CentralDbConfigSchema, type ClassifiedItem, type ClassifyInput, type ClassifyResult, type ClientSpec, type Cluster, ClusterSchema, type ComplianceInput, type ComplianceReport, ComplianceReportSchema, type ComplianceRule, ComplianceRuleSchema, type Condition, ConditionSchema, ConfigError, type ConfigFile, ConfigFileSchema, type ConfigFormat, type Connection, ConnectionSchema, type Contributor, type ControlResult, ControlResultSchema, type CostEntry, CostEntrySchema, type CostPeriod, type CostRecord, type CostSource, type CreateMcpServerOptions, type CredentialConfig, CredentialConfigSchema, type CredentialDb, type CredentialRecord, type CredentialStore, type CronFields, CsvCostSource, type CsvCostSourceOptions, DEFAULT_ANOMALY_THRESHOLDS, DEFAULT_FAST_MODEL, DEFAULT_LEAD_MODEL, DEFAULT_SERVER_NAME, DEFAULT_TENANT, DOMAIN_COLORS, DOMAIN_PALETTE, DRIFT_FIELDS, type DataAsset, DataAssetSchema, type DependencyQuery, type DiscoveryEdge, type DiscoveryEvent, type DiscoveryFn, type DiscoveryNode, type DriftAlert, type DriftAlertItem, type DriftConfig, DriftConfigSchema, type DriftField, type DriftItemKind, type DriftRunRow, type DriftSink, type DriftSinkConfig, EDGE_RELATIONSHIPS, type EdgeRelationship, type EdgeRow, EdgeSchema, type EmbeddingProvider, type EnrichResult, type EntryOptions, type EstablishedConn, type EvidenceKind, type FetchLike, type FragmentKind, type GraphSummary, type HealthResult, type HttpOptions, INGEST_SCHEMA_VERSION, type IngestEnvelope, IngestEnvelopeSchema, type IngestHandler, type IngestOptions, type IngestResponse, type IngestResult, type InstallPlan, InvalidTenantError, type JiraIssue, type JiraOptions, JiraSink, type JiraSinkOptions, LOOPBACK_HOSTS, type LocalDiscoveryOptions, type LocalDiscoveryResult, type LogEntry, type LogLevel, MCP_BIN, type MatchStrategy, NODE_TYPES, NODE_TYPE_GROUPS, type NlIntent, type NlQueryOptions, type NlQueryResult, type NlRelation, type NodeAttribution, type NodeChange, type NodeIdentity, type NodeQuery, type NodeRow, NodeSchema, type NodeType, type NodesResult, NotFoundError, OUTPUT_FORMATS, type OrgKeyOptions, type OrgSummary, type OsKind, type OutputFormat, PACKAGE_NAME, PAGERDUTY_ENQUEUE_URL, PENDING_STATUSES, PERSONAL, PORT_MAP, PRIVATE_IP, PUSH_SCHEMA_VERSION, type PagerDutyEvent, PagerDutySink, type PagerDutySinkOptions, type ParsedApiArgs, type PendingShareRow, type PendingStatus, type PlanOptions, type PolicyResult, type PostJsonOptions, type Principal, PrincipalSchema, type ProviderFactory, type ProviderName, ProviderRegistry, type PushItem, type PushOptions, type PushResult, type QueryBackend, RELATION_TO_DIRECTION, ROLES, type ResolveContext, type ResolveOptions, type Role, RoleSchema, type RuleCheck, RuleCheckSchema, type RuleScope, type Ruleset, RulesetSchema, type RunDriftOptions, SCAN_ARG_PATTERNS, SDL, SECURITY_METADATA_KEYS, SEVERITIES, SEVERITY_WEIGHT, SHARING_LEVELS, type ScanArgKind, type ScanContext, type ScanHintParams, type ScanResult, type Scanner, type ScannerPlugin, type ScannerPluginApi, ScannerRegistry, ScannerShape, type ScheduleConfig, ScheduleConfigSchema, type ScheduledRunResult, type Scope, type SearchFn, type SemanticSearchOptions, type ServerEntry, type SessionRow, type Severity, type SharePreview, type SharePreviewEntry, type SharingLevel, SharingLevelSchema, type SharingPolicy, type ShellKind, type SlackMessage, SlackSink, SqliteCredentialStore, SqliteQueryBackend, SqliteStoreBackend, type StartApiOptions, StdoutSink, type StoreBackend, type SyncClassifyOptions, type SyncClassifyResult, TENANT_HEADER, type TenantContext, TenantMismatchError, type TenantOptions, type ToolResult, type TopologyDelta, type TopologyDiff, type TopologyInput, type TraversalResult, VectorStore, WebhookSink, type WebhookSinkOptions, applyInstall, applySharingLevel, assertReadOnly, assertSafeBind, assertSafeScanArg, assertSameTenant, assignColors, authorize, bearerToken, bookmarksScanner, buildCartographyToolHandlers, buildMapData, buildOpenApiDocument, buildReport, buildSinks, can, centralDbFromEnv, checkBearer, checkPrerequisites, checkReadOnly, clampText, classify, classifyDrift, cleanupTempFiles, cloudAwsScanner, cloudAzureScanner, cloudGcpScanner, codeAddMcpCommand, computeCentroid, computeClusterBounds, computeIdentity, connectionsScanner, contentHash, createBashTool, createCartographyTools, createClaudeProvider, createDefaultRegistry, createHashEmbedder, createIngestHandler, createLocalEmbedder, createMcpServer, createOllamaProvider, createOpenAIProvider, createScanRunner, createSemanticSearch, createSqliteQueryBackend, currentOs, cursorDeeplink, databasesScanner, deepMerge, defaultAllowedHosts, defaultConfig, defaultContext, defaultProviderRegistry, defaultRegistry, defaultServerEntry, definePlugin, deriveSessionName, detectAnomalies, detectOrphans, detectShadowIt, diffTopology, edgesToConnections, enrichCosts, entitiesToYaml, evaluateCheck, evaluateRule, evidenceLine, executeGraphql, executeNlQuery, exportAll, exportBackstageYAML, exportComplianceReport, exportCostCSV, exportCostSummary, exportDiscoveryApp, exportJGF, exportJSON, extractListeningPorts, filterBySeverity, findAnonViolations, formatComplianceText, formatJira, formatPagerDuty, formatSlack, generateDependencyMermaid, generateDiffMermaid, generateTopologyMermaid, getClient, getRuleset, globalId, groupByDomain, handleGraphqlGet, hashToken, hexCorners, hexDistance, hexNeighbors, hexRing, hexSpiral, hexToPixel, hmacKey, hostname, ingestEnvelope, installedAppsScanner, isLoopbackHost, isPersonalHost, isReadOnlyCommand, isRemembered, isSecureWebhookUrl, k8sScanner, keyMetaOf, layoutClusters, listClients, listRulesets, loadConfig, loadOrgKey, loadPlugins, loadRuleset, localDiscoveryFn, log, logDebug, logError, logInfo, logWarn, machineId, maxSeverity, mcpServerObject, newAnomalies, nextRun, nodesToAssets, normalizeId, normalizeTenant, orgKeyPath, osUser, parseApiArgs, parseComposeDeps, parseConfig, parseConnectionString, parseCostCsv, parseCron, parseEstablished, parseNginxUpstreams, parseNlQuery, parseScanHint, pixelToHex, planInstall, portsScanner, postJson, previewShare, pseudonymize, pseudonymizeFragment, pseudonymizeString, pushDeltas, readConfigFile, redactConnectionString, redactSecrets, redactValue, renderDiff, resolveEffectiveLevel, resolveNlQuery, resolvePrincipal, resolveSharingLevel, resolveTenant, revalidateAnonymized, reversalKey, reversePseudonym, rotateOrgKey, runApi, runDiscovery, runDrift, runHttp, runLocalDiscovery, runOnce, runStdio, runSyncClassify, safeEnv, safeJson, safetyHook, sanitizeUntrusted, sanitizeValue, scopeReads, scoreTopology, securityRelevantChange, serializeConfig, serviceConfigScanner, setVerbose, shadeVariant, shapeToJsonSchema, shareHash, splitSegments, stableStringify, startApi, stripSensitive, timingSafeEqual, toBackstageEntities, validateScanner, vscodeDeeplink, zodToJsonSchema };
+export { ACTIONS, ANOMALY_KINDS, ANOMALY_SEVERITIES, type Action, ActionSchema, type AgentProvider, type AgentRunContext, type AgentTool, type Anomaly, type AnomalyConfig, type AnomalyKind, type AnomalySeverity, type AnomalyThresholds, type AnonViolation, type AnonymizationLevel, type ApiServerOptions, type AskUserFn, type AuthConfig, AuthConfigSchema, AuthorizationError, type BackstageEntity, type BackstageMapOptions, type BindGuardOptions, CLIENTS, CONFIDENCE, COST_PERIODS, type CartographyConfig, CartographyDB, type CartographyMapData, type CentralDbConfig, CentralDbConfigSchema, type ClassifiedItem, type ClassifyInput, type ClassifyResult, type ClientSpec, type Cluster, ClusterSchema, type ComplianceInput, type ComplianceReport, ComplianceReportSchema, type ComplianceRule, ComplianceRuleSchema, type Condition, ConditionSchema, ConfigError, type ConfigFile, ConfigFileSchema, type ConfigFormat, type Connection, ConnectionSchema, type Contributor, type ControlResult, ControlResultSchema, type CostEntry, CostEntrySchema, type CostPeriod, type CostRecord, type CostSource, type CreateMcpServerOptions, type CredentialConfig, CredentialConfigSchema, type CredentialDb, type CredentialRecord, type CredentialStore, type CronFields, CsvCostSource, type CsvCostSourceOptions, DEFAULT_ANOMALY_THRESHOLDS, DEFAULT_FAST_MODEL, DEFAULT_INGEST_QUOTA, DEFAULT_LEAD_MODEL, DEFAULT_SERVER_NAME, DEFAULT_TENANT, DOMAIN_COLORS, DOMAIN_PALETTE, DRIFT_FIELDS, type DataAsset, DataAssetSchema, type DependencyQuery, type DiscoveryEdge, type DiscoveryEvent, type DiscoveryFn, type DiscoveryNode, type DriftAlert, type DriftAlertItem, type DriftConfig, DriftConfigSchema, type DriftField, type DriftItemKind, type DriftRunRow, type DriftSink, type DriftSinkConfig, EDGE_RELATIONSHIPS, type EdgeRelationship, type EdgeRow, EdgeSchema, type EmbeddingProvider, type EnrichResult, type EntryOptions, type EstablishedConn, type EvidenceKind, type FetchLike, type FragmentKind, type GraphSummary, type HealthResult, type HttpOptions, INGEST_SCHEMA_VERSION, type IngestEnvelope, IngestEnvelopeSchema, type IngestHandler, type IngestHandlerOptions, type IngestOptions, type IngestResponse, type IngestResult, type InstallPlan, InvalidTenantError, type JiraIssue, type JiraOptions, JiraSink, type JiraSinkOptions, LOOPBACK_HOSTS, type LocalDiscoveryOptions, type LocalDiscoveryResult, type LogEntry, type LogLevel, MCP_BIN, type MatchStrategy, NODE_TYPES, NODE_TYPE_GROUPS, type NlIntent, type NlQueryOptions, type NlQueryResult, type NlRelation, type NodeAttribution, type NodeChange, type NodeIdentity, type NodeQuery, type NodeRow, NodeSchema, type NodeType, type NodesResult, NotFoundError, OUTPUT_FORMATS, type OrgKeyOptions, type OrgSummary, type OsKind, type OutputFormat, PACKAGE_NAME, PAGERDUTY_ENQUEUE_URL, PENDING_STATUSES, PERSONAL, PORT_MAP, PRIVATE_IP, PUSH_SCHEMA_VERSION, type PagerDutyEvent, PagerDutySink, type PagerDutySinkOptions, type ParsedApiArgs, type PendingShareRow, type PendingStatus, type PlanOptions, type PolicyResult, type PostJsonOptions, type Principal, PrincipalSchema, type ProviderFactory, type ProviderName, ProviderRegistry, type PushItem, type PushOptions, type PushResult, type QueryBackend, type QuotaConfig, type QuotaDecision, RELATION_TO_DIRECTION, ROLES, RateLimiter, type ResolveContext, type ResolveOptions, type Role, RoleSchema, type RuleCheck, RuleCheckSchema, type RuleScope, type Ruleset, RulesetSchema, type RunDriftOptions, SCAN_ARG_PATTERNS, SCHEMA_VERSION, SDL, SECURITY_METADATA_KEYS, SEVERITIES, SEVERITY_WEIGHT, SHARING_LEVELS, type ScanArgKind, type ScanContext, type ScanHintParams, type ScanResult, type Scanner, type ScannerPlugin, type ScannerPluginApi, ScannerRegistry, ScannerShape, type ScheduleConfig, ScheduleConfigSchema, type ScheduledRunResult, type Scope, type SearchFn, type SemanticSearchOptions, type ServerEntry, type SessionRow, type Severity, type SharePreview, type SharePreviewEntry, type SharingLevel, SharingLevelSchema, type SharingPolicy, type ShellKind, type SlackMessage, SlackSink, SqliteCredentialStore, SqliteQueryBackend, SqliteStoreBackend, type StartApiOptions, StdoutSink, type StoreBackend, type SyncClassifyOptions, type SyncClassifyResult, TENANT_HEADER, type TenantContext, TenantMismatchError, type TenantOptions, type ToolResult, type TopologyDelta, type TopologyDiff, type TopologyInput, type TraversalResult, VectorStore, WebhookSink, type WebhookSinkOptions, applyInstall, applySharingLevel, assertReadOnly, assertSafeBind, assertSafeScanArg, assertSameTenant, assignColors, authorize, bearerToken, bookmarksScanner, buildCartographyToolHandlers, buildMapData, buildOpenApiDocument, buildReport, buildSinks, can, centralDbFromEnv, checkBearer, checkPrerequisites, checkReadOnly, clampText, classify, classifyDrift, cleanupTempFiles, cloudAwsScanner, cloudAzureScanner, cloudGcpScanner, codeAddMcpCommand, computeCentroid, computeClusterBounds, computeIdentity, connectionsScanner, contentHash, createBashTool, createCartographyTools, createClaudeProvider, createDefaultRegistry, createHashEmbedder, createIngestHandler, createLocalEmbedder, createMcpServer, createOllamaProvider, createOpenAIProvider, createScanRunner, createSemanticSearch, createSqliteQueryBackend, currentOs, cursorDeeplink, databasesScanner, deepMerge, defaultAllowedHosts, defaultConfig, defaultContext, defaultProviderRegistry, defaultRegistry, defaultServerEntry, definePlugin, deriveSessionName, detectAnomalies, detectOrphans, detectShadowIt, diffTopology, edgesToConnections, enrichCosts, entitiesToYaml, evaluateCheck, evaluateRule, evidenceLine, executeGraphql, executeNlQuery, exportAll, exportBackstageYAML, exportComplianceReport, exportCostCSV, exportCostSummary, exportDiscoveryApp, exportJGF, exportJSON, extractListeningPorts, filterBySeverity, findAnonViolations, formatComplianceText, formatJira, formatPagerDuty, formatSlack, generateDependencyMermaid, generateDiffMermaid, generateTopologyMermaid, getClient, getRuleset, globalId, groupByDomain, handleGraphqlGet, hashToken, hexCorners, hexDistance, hexNeighbors, hexRing, hexSpiral, hexToPixel, hmacKey, hostname, ingestEnvelope, installedAppsScanner, isLoopbackHost, isPersonalHost, isReadOnlyCommand, isRemembered, isSecureWebhookUrl, k8sScanner, keyMetaOf, layoutClusters, listClients, listRulesets, loadConfig, loadOrgKey, loadPlugins, loadRuleset, localDiscoveryFn, log, logDebug, logError, logInfo, logWarn, machineId, maxSeverity, mcpServerObject, newAnomalies, nextRun, nodesToAssets, normalizeId, normalizeTenant, orgKeyPath, osUser, parseApiArgs, parseComposeDeps, parseConfig, parseConnectionString, parseCostCsv, parseCron, parseEstablished, parseNginxUpstreams, parseNlQuery, parseScanHint, pixelToHex, planInstall, portsScanner, postJson, previewShare, pseudonymize, pseudonymizeFragment, pseudonymizeString, pushDeltas, readConfigFile, redactConnectionString, redactSecrets, redactValue, renderDiff, resolveEffectiveLevel, resolveNlQuery, resolvePrincipal, resolveSharingLevel, resolveTenant, revalidateAnonymized, reversalKey, reversePseudonym, rotateOrgKey, runApi, runDiscovery, runDrift, runHttp, runLocalDiscovery, runOnce, runStdio, runSyncClassify, safeEnv, safeJson, safetyHook, sanitizeUntrusted, sanitizeValue, scopeReads, scoreTopology, securityRelevantChange, serializeConfig, serviceConfigScanner, setVerbose, shadeVariant, shapeToJsonSchema, shareHash, splitSegments, stableStringify, startApi, stripSensitive, timingSafeEqual, toBackstageEntities, validateScanner, vscodeDeeplink, zodToJsonSchema };

package/dist/index.d.ts CHANGED Viewed

@@ -982,6 +982,12 @@ interface NodeAttribution {
 /** Default tenant for single-user / pre-migration installs. */
 declare const DEFAULT_TENANT = "local";
+/**
+ * The current catalog schema version. A fresh DB initializes here and the migration
+ * chain advances to it; the collector readiness probe (4.7) asserts a reopened DB
+ * reports exactly this. Keep in lockstep with the final `user_version` set in `migrate()`.
+ */
+declare const SCHEMA_VERSION = 15;
 /**
  * Normalize an untrusted tenant id: strip invisible/control characters, trim,
  * cap length, and enforce a conservative key charset. Falls back to DEFAULT_TENANT
@@ -1352,6 +1358,12 @@ declare class CartographyDB {
      * Prune sessions older than the given ISO date string. Returns count of deleted sessions.
      */
     pruneSessions(olderThan: string): number;
+    /**
+     * Retention/compaction (4.7): delete audit events older than `olderThan` (ISO 8601).
+     * The audit trail grows unbounded on a busy collector; this bounds it without touching
+     * sessions/nodes/edges. Returns the number of events removed.
+     */
+    pruneEventsOlderThan(olderThan: string): number;
     /** Fetch a single node by id within a session. */
     getNode(sessionId: string, nodeId: string): NodeRow | undefined;
     /** Batch-fetch nodes by id, keyed for O(1) lookup. Chunked to stay under SQLite's bind-variable limit. */
@@ -1760,6 +1772,37 @@ interface IngestOptions {
  */
 declare function ingestEnvelope(store: StoreBackend, envelope: IngestEnvelope, opts?: IngestOptions): IngestResult;
+/**
+ * Ingest backpressure for the central collector (4.7).
+ *
+ * A pure, in-memory **per-org token-bucket** rate limiter. The networked `POST /ingest`
+ * write endpoint must protect the shared store from a runaway or hostile client; over-quota
+ * requests are refused with `429 + Retry-After` rather than admitted. Deterministic given an
+ * injected clock, so it is unit-testable without real time. In-process only (a multi-replica
+ * deployment would front it with a shared limiter; documented in the runbook).
+ */
+interface QuotaConfig {
+    /** Bucket capacity = max burst, and the number of tokens refilled over one `refillMs` window. */
+    capacity: number;
+    /** Milliseconds over which a fully-drained bucket refills to `capacity`. */
+    refillMs: number;
+}
+/** Sensible default: 120 ingests / minute / org (burst 120). */
+declare const DEFAULT_INGEST_QUOTA: QuotaConfig;
+interface QuotaDecision {
+    allowed: boolean;
+    /** Seconds to wait before retrying — populated only when `!allowed` (≥1). */
+    retryAfterSec: number;
+}
+declare class RateLimiter {
+    private readonly cfg;
+    private readonly now;
+    private readonly buckets;
+    constructor(cfg?: QuotaConfig, now?: () => number);
+    /** Consume one token for `key`. Returns whether the request is allowed (+ Retry-After when not). */
+    take(key: string): QuotaDecision;
+}
 /**
  * The central-collector ingest HTTP surface (2.12).
  *
@@ -1775,12 +1818,18 @@ declare function ingestEnvelope(store: StoreBackend, envelope: IngestEnvelope, o
  * handler ever runs, so the handler never sees (and never logs) the token.
  */
-/** A transport-agnostic HTTP-ish response: a status code and a JSON-serializable body. */
+/** A transport-agnostic HTTP-ish response: a status code, a JSON-serializable body, optional headers. */
 interface IngestResponse {
     status: number;
     body: unknown;
+    /** Extra response headers (e.g. `Retry-After` on a 429). */
+    headers?: Record<string, string>;
 }
 type IngestHandler = (body: unknown) => IngestResponse;
+interface IngestHandlerOptions extends IngestOptions {
+    /** Per-org ingest rate limiter (4.7 backpressure). Over-quota → 429 + Retry-After. */
+    quota?: RateLimiter;
+}
 /**
  * Build the `/ingest` handler over a {@link StoreBackend}. The handler validates the
  * 2.11 push envelope, runs ingest (re-validating anonymization first), and maps the
@@ -1789,7 +1838,7 @@ type IngestHandler = (body: unknown) => IngestResponse;
  *  - 500 — ingest threw (the store's per-node transaction rolls that node back).
  *  - 200 — {@link IngestResult}.
  */
-declare function createIngestHandler(store: StoreBackend, opts?: IngestOptions): IngestHandler;
+declare function createIngestHandler(store: StoreBackend, opts?: IngestHandlerOptions): IngestHandler;
 /**
  * Org-key lifecycle for the 2.10 anonymization layer.
@@ -2183,6 +2232,7 @@ interface HttpOptions {
     onIngest?: (body: unknown) => {
         status: number;
         body: unknown;
+        headers?: Record<string, string>;
     };
     /**
      * RBAC (4.5). When `store` holds credentials, the transport runs in RBAC mode: a
@@ -2197,6 +2247,14 @@ interface HttpOptions {
     };
     /** Tenant assigned to implicit (shared/loopback) admin principals. */
     defaultTenant?: string;
+    /**
+     * Readiness probe (4.7). When set, `GET /readyz` calls it: 200 when `ready`, else 503.
+     * `GET /healthz` (liveness) is always 200. Both are PUBLIC (no auth) for k8s/LB probes.
+     */
+    readiness?: () => {
+        ready: boolean;
+        detail?: Record<string, unknown>;
+    };
 }
 /**
  * Start a Streamable HTTP server. A fresh MCP server instance is created per
@@ -4128,4 +4186,4 @@ declare function logInfo(message: string, context?: Record<string, unknown>): vo
 declare function logWarn(message: string, context?: Record<string, unknown>): void;
 declare function logError(message: string, context?: Record<string, unknown>): void;
-export { ACTIONS, ANOMALY_KINDS, ANOMALY_SEVERITIES, type Action, ActionSchema, type AgentProvider, type AgentRunContext, type AgentTool, type Anomaly, type AnomalyConfig, type AnomalyKind, type AnomalySeverity, type AnomalyThresholds, type AnonViolation, type AnonymizationLevel, type ApiServerOptions, type AskUserFn, type AuthConfig, AuthConfigSchema, AuthorizationError, type BackstageEntity, type BackstageMapOptions, type BindGuardOptions, CLIENTS, CONFIDENCE, COST_PERIODS, type CartographyConfig, CartographyDB, type CartographyMapData, type CentralDbConfig, CentralDbConfigSchema, type ClassifiedItem, type ClassifyInput, type ClassifyResult, type ClientSpec, type Cluster, ClusterSchema, type ComplianceInput, type ComplianceReport, ComplianceReportSchema, type ComplianceRule, ComplianceRuleSchema, type Condition, ConditionSchema, ConfigError, type ConfigFile, ConfigFileSchema, type ConfigFormat, type Connection, ConnectionSchema, type Contributor, type ControlResult, ControlResultSchema, type CostEntry, CostEntrySchema, type CostPeriod, type CostRecord, type CostSource, type CreateMcpServerOptions, type CredentialConfig, CredentialConfigSchema, type CredentialDb, type CredentialRecord, type CredentialStore, type CronFields, CsvCostSource, type CsvCostSourceOptions, DEFAULT_ANOMALY_THRESHOLDS, DEFAULT_FAST_MODEL, DEFAULT_LEAD_MODEL, DEFAULT_SERVER_NAME, DEFAULT_TENANT, DOMAIN_COLORS, DOMAIN_PALETTE, DRIFT_FIELDS, type DataAsset, DataAssetSchema, type DependencyQuery, type DiscoveryEdge, type DiscoveryEvent, type DiscoveryFn, type DiscoveryNode, type DriftAlert, type DriftAlertItem, type DriftConfig, DriftConfigSchema, type DriftField, type DriftItemKind, type DriftRunRow, type DriftSink, type DriftSinkConfig, EDGE_RELATIONSHIPS, type EdgeRelationship, type EdgeRow, EdgeSchema, type EmbeddingProvider, type EnrichResult, type EntryOptions, type EstablishedConn, type EvidenceKind, type FetchLike, type FragmentKind, type GraphSummary, type HealthResult, type HttpOptions, INGEST_SCHEMA_VERSION, type IngestEnvelope, IngestEnvelopeSchema, type IngestHandler, type IngestOptions, type IngestResponse, type IngestResult, type InstallPlan, InvalidTenantError, type JiraIssue, type JiraOptions, JiraSink, type JiraSinkOptions, LOOPBACK_HOSTS, type LocalDiscoveryOptions, type LocalDiscoveryResult, type LogEntry, type LogLevel, MCP_BIN, type MatchStrategy, NODE_TYPES, NODE_TYPE_GROUPS, type NlIntent, type NlQueryOptions, type NlQueryResult, type NlRelation, type NodeAttribution, type NodeChange, type NodeIdentity, type NodeQuery, type NodeRow, NodeSchema, type NodeType, type NodesResult, NotFoundError, OUTPUT_FORMATS, type OrgKeyOptions, type OrgSummary, type OsKind, type OutputFormat, PACKAGE_NAME, PAGERDUTY_ENQUEUE_URL, PENDING_STATUSES, PERSONAL, PORT_MAP, PRIVATE_IP, PUSH_SCHEMA_VERSION, type PagerDutyEvent, PagerDutySink, type PagerDutySinkOptions, type ParsedApiArgs, type PendingShareRow, type PendingStatus, type PlanOptions, type PolicyResult, type PostJsonOptions, type Principal, PrincipalSchema, type ProviderFactory, type ProviderName, ProviderRegistry, type PushItem, type PushOptions, type PushResult, type QueryBackend, RELATION_TO_DIRECTION, ROLES, type ResolveContext, type ResolveOptions, type Role, RoleSchema, type RuleCheck, RuleCheckSchema, type RuleScope, type Ruleset, RulesetSchema, type RunDriftOptions, SCAN_ARG_PATTERNS, SDL, SECURITY_METADATA_KEYS, SEVERITIES, SEVERITY_WEIGHT, SHARING_LEVELS, type ScanArgKind, type ScanContext, type ScanHintParams, type ScanResult, type Scanner, type ScannerPlugin, type ScannerPluginApi, ScannerRegistry, ScannerShape, type ScheduleConfig, ScheduleConfigSchema, type ScheduledRunResult, type Scope, type SearchFn, type SemanticSearchOptions, type ServerEntry, type SessionRow, type Severity, type SharePreview, type SharePreviewEntry, type SharingLevel, SharingLevelSchema, type SharingPolicy, type ShellKind, type SlackMessage, SlackSink, SqliteCredentialStore, SqliteQueryBackend, SqliteStoreBackend, type StartApiOptions, StdoutSink, type StoreBackend, type SyncClassifyOptions, type SyncClassifyResult, TENANT_HEADER, type TenantContext, TenantMismatchError, type TenantOptions, type ToolResult, type TopologyDelta, type TopologyDiff, type TopologyInput, type TraversalResult, VectorStore, WebhookSink, type WebhookSinkOptions, applyInstall, applySharingLevel, assertReadOnly, assertSafeBind, assertSafeScanArg, assertSameTenant, assignColors, authorize, bearerToken, bookmarksScanner, buildCartographyToolHandlers, buildMapData, buildOpenApiDocument, buildReport, buildSinks, can, centralDbFromEnv, checkBearer, checkPrerequisites, checkReadOnly, clampText, classify, classifyDrift, cleanupTempFiles, cloudAwsScanner, cloudAzureScanner, cloudGcpScanner, codeAddMcpCommand, computeCentroid, computeClusterBounds, computeIdentity, connectionsScanner, contentHash, createBashTool, createCartographyTools, createClaudeProvider, createDefaultRegistry, createHashEmbedder, createIngestHandler, createLocalEmbedder, createMcpServer, createOllamaProvider, createOpenAIProvider, createScanRunner, createSemanticSearch, createSqliteQueryBackend, currentOs, cursorDeeplink, databasesScanner, deepMerge, defaultAllowedHosts, defaultConfig, defaultContext, defaultProviderRegistry, defaultRegistry, defaultServerEntry, definePlugin, deriveSessionName, detectAnomalies, detectOrphans, detectShadowIt, diffTopology, edgesToConnections, enrichCosts, entitiesToYaml, evaluateCheck, evaluateRule, evidenceLine, executeGraphql, executeNlQuery, exportAll, exportBackstageYAML, exportComplianceReport, exportCostCSV, exportCostSummary, exportDiscoveryApp, exportJGF, exportJSON, extractListeningPorts, filterBySeverity, findAnonViolations, formatComplianceText, formatJira, formatPagerDuty, formatSlack, generateDependencyMermaid, generateDiffMermaid, generateTopologyMermaid, getClient, getRuleset, globalId, groupByDomain, handleGraphqlGet, hashToken, hexCorners, hexDistance, hexNeighbors, hexRing, hexSpiral, hexToPixel, hmacKey, hostname, ingestEnvelope, installedAppsScanner, isLoopbackHost, isPersonalHost, isReadOnlyCommand, isRemembered, isSecureWebhookUrl, k8sScanner, keyMetaOf, layoutClusters, listClients, listRulesets, loadConfig, loadOrgKey, loadPlugins, loadRuleset, localDiscoveryFn, log, logDebug, logError, logInfo, logWarn, machineId, maxSeverity, mcpServerObject, newAnomalies, nextRun, nodesToAssets, normalizeId, normalizeTenant, orgKeyPath, osUser, parseApiArgs, parseComposeDeps, parseConfig, parseConnectionString, parseCostCsv, parseCron, parseEstablished, parseNginxUpstreams, parseNlQuery, parseScanHint, pixelToHex, planInstall, portsScanner, postJson, previewShare, pseudonymize, pseudonymizeFragment, pseudonymizeString, pushDeltas, readConfigFile, redactConnectionString, redactSecrets, redactValue, renderDiff, resolveEffectiveLevel, resolveNlQuery, resolvePrincipal, resolveSharingLevel, resolveTenant, revalidateAnonymized, reversalKey, reversePseudonym, rotateOrgKey, runApi, runDiscovery, runDrift, runHttp, runLocalDiscovery, runOnce, runStdio, runSyncClassify, safeEnv, safeJson, safetyHook, sanitizeUntrusted, sanitizeValue, scopeReads, scoreTopology, securityRelevantChange, serializeConfig, serviceConfigScanner, setVerbose, shadeVariant, shapeToJsonSchema, shareHash, splitSegments, stableStringify, startApi, stripSensitive, timingSafeEqual, toBackstageEntities, validateScanner, vscodeDeeplink, zodToJsonSchema };
+export { ACTIONS, ANOMALY_KINDS, ANOMALY_SEVERITIES, type Action, ActionSchema, type AgentProvider, type AgentRunContext, type AgentTool, type Anomaly, type AnomalyConfig, type AnomalyKind, type AnomalySeverity, type AnomalyThresholds, type AnonViolation, type AnonymizationLevel, type ApiServerOptions, type AskUserFn, type AuthConfig, AuthConfigSchema, AuthorizationError, type BackstageEntity, type BackstageMapOptions, type BindGuardOptions, CLIENTS, CONFIDENCE, COST_PERIODS, type CartographyConfig, CartographyDB, type CartographyMapData, type CentralDbConfig, CentralDbConfigSchema, type ClassifiedItem, type ClassifyInput, type ClassifyResult, type ClientSpec, type Cluster, ClusterSchema, type ComplianceInput, type ComplianceReport, ComplianceReportSchema, type ComplianceRule, ComplianceRuleSchema, type Condition, ConditionSchema, ConfigError, type ConfigFile, ConfigFileSchema, type ConfigFormat, type Connection, ConnectionSchema, type Contributor, type ControlResult, ControlResultSchema, type CostEntry, CostEntrySchema, type CostPeriod, type CostRecord, type CostSource, type CreateMcpServerOptions, type CredentialConfig, CredentialConfigSchema, type CredentialDb, type CredentialRecord, type CredentialStore, type CronFields, CsvCostSource, type CsvCostSourceOptions, DEFAULT_ANOMALY_THRESHOLDS, DEFAULT_FAST_MODEL, DEFAULT_INGEST_QUOTA, DEFAULT_LEAD_MODEL, DEFAULT_SERVER_NAME, DEFAULT_TENANT, DOMAIN_COLORS, DOMAIN_PALETTE, DRIFT_FIELDS, type DataAsset, DataAssetSchema, type DependencyQuery, type DiscoveryEdge, type DiscoveryEvent, type DiscoveryFn, type DiscoveryNode, type DriftAlert, type DriftAlertItem, type DriftConfig, DriftConfigSchema, type DriftField, type DriftItemKind, type DriftRunRow, type DriftSink, type DriftSinkConfig, EDGE_RELATIONSHIPS, type EdgeRelationship, type EdgeRow, EdgeSchema, type EmbeddingProvider, type EnrichResult, type EntryOptions, type EstablishedConn, type EvidenceKind, type FetchLike, type FragmentKind, type GraphSummary, type HealthResult, type HttpOptions, INGEST_SCHEMA_VERSION, type IngestEnvelope, IngestEnvelopeSchema, type IngestHandler, type IngestHandlerOptions, type IngestOptions, type IngestResponse, type IngestResult, type InstallPlan, InvalidTenantError, type JiraIssue, type JiraOptions, JiraSink, type JiraSinkOptions, LOOPBACK_HOSTS, type LocalDiscoveryOptions, type LocalDiscoveryResult, type LogEntry, type LogLevel, MCP_BIN, type MatchStrategy, NODE_TYPES, NODE_TYPE_GROUPS, type NlIntent, type NlQueryOptions, type NlQueryResult, type NlRelation, type NodeAttribution, type NodeChange, type NodeIdentity, type NodeQuery, type NodeRow, NodeSchema, type NodeType, type NodesResult, NotFoundError, OUTPUT_FORMATS, type OrgKeyOptions, type OrgSummary, type OsKind, type OutputFormat, PACKAGE_NAME, PAGERDUTY_ENQUEUE_URL, PENDING_STATUSES, PERSONAL, PORT_MAP, PRIVATE_IP, PUSH_SCHEMA_VERSION, type PagerDutyEvent, PagerDutySink, type PagerDutySinkOptions, type ParsedApiArgs, type PendingShareRow, type PendingStatus, type PlanOptions, type PolicyResult, type PostJsonOptions, type Principal, PrincipalSchema, type ProviderFactory, type ProviderName, ProviderRegistry, type PushItem, type PushOptions, type PushResult, type QueryBackend, type QuotaConfig, type QuotaDecision, RELATION_TO_DIRECTION, ROLES, RateLimiter, type ResolveContext, type ResolveOptions, type Role, RoleSchema, type RuleCheck, RuleCheckSchema, type RuleScope, type Ruleset, RulesetSchema, type RunDriftOptions, SCAN_ARG_PATTERNS, SCHEMA_VERSION, SDL, SECURITY_METADATA_KEYS, SEVERITIES, SEVERITY_WEIGHT, SHARING_LEVELS, type ScanArgKind, type ScanContext, type ScanHintParams, type ScanResult, type Scanner, type ScannerPlugin, type ScannerPluginApi, ScannerRegistry, ScannerShape, type ScheduleConfig, ScheduleConfigSchema, type ScheduledRunResult, type Scope, type SearchFn, type SemanticSearchOptions, type ServerEntry, type SessionRow, type Severity, type SharePreview, type SharePreviewEntry, type SharingLevel, SharingLevelSchema, type SharingPolicy, type ShellKind, type SlackMessage, SlackSink, SqliteCredentialStore, SqliteQueryBackend, SqliteStoreBackend, type StartApiOptions, StdoutSink, type StoreBackend, type SyncClassifyOptions, type SyncClassifyResult, TENANT_HEADER, type TenantContext, TenantMismatchError, type TenantOptions, type ToolResult, type TopologyDelta, type TopologyDiff, type TopologyInput, type TraversalResult, VectorStore, WebhookSink, type WebhookSinkOptions, applyInstall, applySharingLevel, assertReadOnly, assertSafeBind, assertSafeScanArg, assertSameTenant, assignColors, authorize, bearerToken, bookmarksScanner, buildCartographyToolHandlers, buildMapData, buildOpenApiDocument, buildReport, buildSinks, can, centralDbFromEnv, checkBearer, checkPrerequisites, checkReadOnly, clampText, classify, classifyDrift, cleanupTempFiles, cloudAwsScanner, cloudAzureScanner, cloudGcpScanner, codeAddMcpCommand, computeCentroid, computeClusterBounds, computeIdentity, connectionsScanner, contentHash, createBashTool, createCartographyTools, createClaudeProvider, createDefaultRegistry, createHashEmbedder, createIngestHandler, createLocalEmbedder, createMcpServer, createOllamaProvider, createOpenAIProvider, createScanRunner, createSemanticSearch, createSqliteQueryBackend, currentOs, cursorDeeplink, databasesScanner, deepMerge, defaultAllowedHosts, defaultConfig, defaultContext, defaultProviderRegistry, defaultRegistry, defaultServerEntry, definePlugin, deriveSessionName, detectAnomalies, detectOrphans, detectShadowIt, diffTopology, edgesToConnections, enrichCosts, entitiesToYaml, evaluateCheck, evaluateRule, evidenceLine, executeGraphql, executeNlQuery, exportAll, exportBackstageYAML, exportComplianceReport, exportCostCSV, exportCostSummary, exportDiscoveryApp, exportJGF, exportJSON, extractListeningPorts, filterBySeverity, findAnonViolations, formatComplianceText, formatJira, formatPagerDuty, formatSlack, generateDependencyMermaid, generateDiffMermaid, generateTopologyMermaid, getClient, getRuleset, globalId, groupByDomain, handleGraphqlGet, hashToken, hexCorners, hexDistance, hexNeighbors, hexRing, hexSpiral, hexToPixel, hmacKey, hostname, ingestEnvelope, installedAppsScanner, isLoopbackHost, isPersonalHost, isReadOnlyCommand, isRemembered, isSecureWebhookUrl, k8sScanner, keyMetaOf, layoutClusters, listClients, listRulesets, loadConfig, loadOrgKey, loadPlugins, loadRuleset, localDiscoveryFn, log, logDebug, logError, logInfo, logWarn, machineId, maxSeverity, mcpServerObject, newAnomalies, nextRun, nodesToAssets, normalizeId, normalizeTenant, orgKeyPath, osUser, parseApiArgs, parseComposeDeps, parseConfig, parseConnectionString, parseCostCsv, parseCron, parseEstablished, parseNginxUpstreams, parseNlQuery, parseScanHint, pixelToHex, planInstall, portsScanner, postJson, previewShare, pseudonymize, pseudonymizeFragment, pseudonymizeString, pushDeltas, readConfigFile, redactConnectionString, redactSecrets, redactValue, renderDiff, resolveEffectiveLevel, resolveNlQuery, resolvePrincipal, resolveSharingLevel, resolveTenant, revalidateAnonymized, reversalKey, reversePseudonym, rotateOrgKey, runApi, runDiscovery, runDrift, runHttp, runLocalDiscovery, runOnce, runStdio, runSyncClassify, safeEnv, safeJson, safetyHook, sanitizeUntrusted, sanitizeValue, scopeReads, scoreTopology, securityRelevantChange, serializeConfig, serviceConfigScanner, setVerbose, shadeVariant, shapeToJsonSchema, shareHash, splitSegments, stableStringify, startApi, stripSensitive, timingSafeEqual, toBackstageEntities, validateScanner, vscodeDeeplink, zodToJsonSchema };

package/dist/index.js CHANGED Viewed

@@ -2562,6 +2562,7 @@ function newAnomalies(base, current) {
 // src/db.ts
 var DEFAULT_TENANT = "local";
+var SCHEMA_VERSION = 15;
 function normalizeTenant(raw) {
   if (raw == null) return DEFAULT_TENANT;
   const cleaned = sanitizeUntrusted(String(raw)).trim().slice(0, 128);
@@ -3966,6 +3967,14 @@ var CartographyDB = class {
     }
     return rows.length;
   }
+  /**
+   * Retention/compaction (4.7): delete audit events older than `olderThan` (ISO 8601).
+   * The audit trail grows unbounded on a busy collector; this bounds it without touching
+   * sessions/nodes/edges. Returns the number of events removed.
+   */
+  pruneEventsOlderThan(olderThan) {
+    return this.db.prepare("DELETE FROM activity_events WHERE timestamp < ?").run(olderThan).changes;
+  }
   // ── Graph queries (read-only context layer) ─────────────────────────────────
   /** Fetch a single node by id within a session. */
   getNode(sessionId, nodeId) {
@@ -4657,7 +4666,7 @@ var ContributorSchema = z5.object({
 });
 var IngestEnvelopeSchema = z5.object({
   schemaVersion: z5.literal(INGEST_SCHEMA_VERSION),
-  org: z5.string().min(1).optional(),
+  org: z5.string().min(1).max(128).optional(),
   items: z5.array(z5.object({
     contentHash: z5.string(),
     kind: z5.enum(["node", "edge"]),
@@ -4745,6 +4754,7 @@ function ingestEnvelope(store, envelope, opts = {}) {
 // src/central/server.ts
 function createIngestHandler(store, opts = {}) {
+  const quota = opts.quota;
   return (body) => {
     const parsed = IngestEnvelopeSchema.safeParse(body);
     if (!parsed.success) {
@@ -4752,6 +4762,14 @@ function createIngestHandler(store, opts = {}) {
       logWarn("ingest: rejected invalid envelope", { issues });
       return { status: 400, body: { error: "invalid envelope", issues } };
     }
+    if (quota) {
+      const org = normalizeTenant(parsed.data.org ?? opts.defaultOrg);
+      const decision = quota.take(org);
+      if (!decision.allowed) {
+        logWarn("ingest: rate limited", { org, retryAfterSec: decision.retryAfterSec });
+        return { status: 429, body: { error: "too many requests" }, headers: { "retry-after": String(decision.retryAfterSec) } };
+      }
+    }
     try {
       const result = ingestEnvelope(store, parsed.data, opts);
       return { status: 200, body: result };
@@ -4762,6 +4780,39 @@ function createIngestHandler(store, opts = {}) {
   };
 }
+// src/central/quota.ts
+var DEFAULT_INGEST_QUOTA = { capacity: 120, refillMs: 6e4 };
+var MAX_KEYS = 1e4;
+var RateLimiter = class {
+  constructor(cfg = DEFAULT_INGEST_QUOTA, now = () => Date.now()) {
+    this.cfg = cfg;
+    this.now = now;
+  }
+  buckets = /* @__PURE__ */ new Map();
+  /** Consume one token for `key`. Returns whether the request is allowed (+ Retry-After when not). */
+  take(key) {
+    const t = this.now();
+    const ratePerMs = this.cfg.capacity / this.cfg.refillMs;
+    let b = this.buckets.get(key);
+    if (!b) {
+      if (this.buckets.size >= MAX_KEYS) {
+        const oldest = this.buckets.keys().next().value;
+        if (oldest !== void 0) this.buckets.delete(oldest);
+      }
+      b = { tokens: this.cfg.capacity, last: t };
+      this.buckets.set(key, b);
+    }
+    b.tokens = Math.min(this.cfg.capacity, b.tokens + Math.max(0, t - b.last) * ratePerMs);
+    b.last = t;
+    if (b.tokens >= 1) {
+      b.tokens -= 1;
+      return { allowed: true, retryAfterSec: 0 };
+    }
+    const waitMs = (1 - b.tokens) / ratePerMs;
+    return { allowed: false, retryAfterSec: Math.max(1, Math.ceil(waitMs / 1e3)) };
+  }
+};
 // src/scanners/bookmarks.ts
 var PERSONAL = [
   "facebook.",
@@ -5649,7 +5700,7 @@ async function resolveNlQuery(db, sessionId, search, raw, opts) {
 // src/mcp/server.ts
 var SERVER_NAME = "cartography";
-var SERVER_VERSION = "2.6.0";
+var SERVER_VERSION = "2.7.0";
 var SERVICE_TYPES = NODE_TYPE_GROUPS.web;
 var DATA_TYPES = NODE_TYPE_GROUPS.data;
 var lexicalSearch = async (db, sessionId, query, opts) => db.searchNodes(sessionId, query, { types: opts.types, limit: opts.limit }).map((node) => ({ node }));
@@ -6292,6 +6343,16 @@ async function runHttp(factory, opts = {}) {
   const httpServer = http.createServer(async (req, res) => {
     try {
       const url = req.url ?? "";
+      const probePath = new URL(url || "/", "http://probe").pathname;
+      if (probePath === "/healthz") {
+        res.writeHead(200, { "content-type": "application/json" }).end('{"status":"ok"}');
+        return;
+      }
+      if (probePath === "/readyz") {
+        const r = opts.readiness ? opts.readiness() : { ready: true };
+        res.writeHead(r.ready ? 200 : 503, { "content-type": "application/json" }).end(JSON.stringify({ status: r.ready ? "ready" : "unready" }));
+        return;
+      }
       const isIngest = url.startsWith("/ingest") && opts.onIngest !== void 0;
       if (!url.startsWith("/mcp") && !isIngest) {
         res.writeHead(404, { "content-type": "application/json" }).end('{"error":"not found"}');
@@ -6319,7 +6380,7 @@ async function runHttp(factory, opts = {}) {
           return;
         }
         const out = onIngest(value);
-        res.writeHead(out.status, { "content-type": "application/json" }).end(JSON.stringify(out.body));
+        res.writeHead(out.status, { "content-type": "application/json", ...out.headers ?? {} }).end(JSON.stringify(out.body));
         return;
       }
       const sessionId = req.headers["mcp-session-id"];
@@ -11569,6 +11630,7 @@ export {
   CredentialConfigSchema,
   CsvCostSource,
   DEFAULT_ANOMALY_THRESHOLDS,
+  DEFAULT_INGEST_QUOTA,
   DEFAULT_SERVER_NAME,
   DEFAULT_TENANT,
   DriftConfigSchema,
@@ -11590,10 +11652,12 @@ export {
   ProviderRegistry,
   RELATION_TO_DIRECTION,
   ROLES,
+  RateLimiter,
   RoleSchema,
   RuleCheckSchema,
   RulesetSchema,
   SCAN_ARG_PATTERNS,
+  SCHEMA_VERSION,
   SDL,
   SEVERITY_WEIGHT,
   SHARING_LEVELS,