@dcdr/contracts 2.5.3 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,39 @@
1
+ import { IntentProvider } from "./provider.contract";
2
+ import { DcdrServiceTokenLimitType } from "./service-tokens.contract";
3
+ /**
4
+ * Tenant-level provider/model limiting gate used by DCDR governance.
5
+ *
6
+ * Notes
7
+ * - Missing/undefined values preserve permissive behavior by default.
8
+ * - This contract carries configuration only; live metering/enforcement is a
9
+ * runtime/backend responsibility.
10
+ */
11
+ export interface DcdrProviderLimitGate {
12
+ /** Missing/true = allowed. `false` = fully blocked. */
13
+ enabled?: boolean;
14
+ /** Max execution calls allowed within `maxCallsPeriod`. `null` = unlimited. */
15
+ maxCalls?: number | null;
16
+ /** Window type for `maxCalls`. Only meaningful when `maxCalls` is set. */
17
+ maxCallsPeriod?: DcdrServiceTokenLimitType;
18
+ /** Max spend allowed within `maxBudgetPeriod`. `null` = unlimited. */
19
+ maxBudget?: number | null;
20
+ /** Window type for `maxBudget`. Only meaningful when `maxBudget` is set. */
21
+ maxBudgetPeriod?: DcdrServiceTokenLimitType;
22
+ }
23
+ /**
24
+ * Per-provider gate plus optional per-model overrides.
25
+ *
26
+ * Notes
27
+ * - Model ids remain free strings rather than a closed enum because the public
28
+ * provider catalog is large and versioned independently of tenant config.
29
+ */
30
+ export interface DcdrProviderLimitEntry extends DcdrProviderLimitGate {
31
+ models?: Record<string, DcdrProviderLimitGate>;
32
+ }
33
+ /**
34
+ * Tenant-scoped provider limits configuration.
35
+ */
36
+ export interface DcdrProviderLimitsConfig {
37
+ providers?: Partial<Record<IntentProvider, DcdrProviderLimitEntry>>;
38
+ }
39
+ //# sourceMappingURL=provider-limits.contract.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"provider-limits.contract.d.ts","sourceRoot":"","sources":["../src/provider-limits.contract.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AAEtE;;;;;;;GAOG;AACH,MAAM,WAAW,qBAAqB;IACpC,uDAAuD;IACvD,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,+EAA+E;IAC/E,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAEzB,0EAA0E;IAC1E,cAAc,CAAC,EAAE,yBAAyB,CAAC;IAE3C,sEAAsE;IACtE,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAE1B,4EAA4E;IAC5E,eAAe,CAAC,EAAE,yBAAyB,CAAC;CAC7C;AAED;;;;;;GAMG;AACH,MAAM,WAAW,sBAAuB,SAAQ,qBAAqB;IACnE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,qBAAqB,CAAC,CAAC;CAChD;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,SAAS,CAAC,EAAE,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,sBAAsB,CAAC,CAAC,CAAC;CACrE"}
@@ -0,0 +1,2 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
@@ -6,13 +6,38 @@
6
6
  * - Tokens are referenced by sha256(utf8(tokenString)) in hex.
7
7
  * - Backend should keep this snapshot stable & ordered for reproducible ETags.
8
8
  */
9
+ import { IntentProvider } from "./provider.contract";
9
10
  export type DcdrServiceTokenStatus = "ACTIVE" | "REVOKED";
11
+ /**
12
+ * Stable well-known scopes that can be attached to DCDR service tokens.
13
+ *
14
+ * Notes
15
+ * - `scopes` remains an open `string[]` surface for backward compatibility.
16
+ * - This enum only publishes shared canonical values that runtime/backend/UI
17
+ * may want to reference consistently.
18
+ */
19
+ export declare enum DcdrServiceTokenScope {
20
+ GATEWAY = "gateway"
21
+ }
10
22
  export declare enum DcdrServiceTokenLimitType {
11
23
  FIXED = "FIXED",
12
24
  LIMITED_BY_HOUR = "LIMITED_BY_HOUR",
13
25
  LIMITED_BY_DAY = "LIMITED_BY_DAY",
14
26
  LIMITED_BY_MONTH = "LIMITED_BY_MONTH"
15
27
  }
28
+ /**
29
+ * Gateway binding for one provider.
30
+ *
31
+ * Notes
32
+ * - `credentialRef` uses the same reference concept already used elsewhere in
33
+ * DCDR contracts.
34
+ * - Runtime/backend should treat `provider` as unique within one token's
35
+ * `gatewayBindings` array.
36
+ */
37
+ export interface DcdrServiceTokenGatewayProviderBinding {
38
+ provider: IntentProvider;
39
+ credentialRef: string;
40
+ }
16
41
  export interface DcdrServiceTokenLimit {
17
42
  /**
18
43
  * Maximum number of execution endpoint calls allowed for this limit window.
@@ -39,6 +64,16 @@ export type DcdrServiceTokenSnapshotItem = {
39
64
  exp?: number;
40
65
  /** Optional runtime-enforced execution limits for this token. */
41
66
  limits?: DcdrServiceTokenLimit[];
67
+ /**
68
+ * Optional OpenAI-compatible gateway bindings.
69
+ *
70
+ * Intended use
71
+ * - A token with `gateway` scope can be constrained to exactly one backend-
72
+ * managed credential reference per provider.
73
+ * - Runtime should resolve the selected credential by reference via backend
74
+ * before making the upstream provider call.
75
+ */
76
+ gatewayBindings?: DcdrServiceTokenGatewayProviderBinding[];
42
77
  /** Optional note for operators. */
43
78
  note?: string;
44
79
  };
@@ -1 +1 @@
1
- {"version":3,"file":"service-tokens.contract.d.ts","sourceRoot":"","sources":["../src/service-tokens.contract.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,MAAM,sBAAsB,GAAG,QAAQ,GAAG,SAAS,CAAC;AAE1D,oBAAY,yBAAyB;IACnC,KAAK,UAAU;IACf,eAAe,oBAAoB;IACnC,cAAc,mBAAmB;IACjC,gBAAgB,qBAAqB;CACtC;AAED,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,IAAI,EAAE,yBAAyB,CAAC;IAEhC;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,MAAM,4BAA4B,GAAG;IACzC,qEAAqE;IACrE,EAAE,EAAE,MAAM,CAAC;IAEX,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;IAEf,MAAM,EAAE,sBAAsB,CAAC;IAE/B,kGAAkG;IAClG,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB,yGAAyG;IACzG,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,iEAAiE;IACjE,MAAM,CAAC,EAAE,qBAAqB,EAAE,CAAC;IAEjC,mCAAmC;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,iCAAiC,GAAG;IAC9C,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,4BAA4B,EAAE,CAAC;IACvC,8CAA8C;IAC9C,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC"}
1
+ {"version":3,"file":"service-tokens.contract.d.ts","sourceRoot":"","sources":["../src/service-tokens.contract.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,MAAM,sBAAsB,GAAG,QAAQ,GAAG,SAAS,CAAC;AAE1D;;;;;;;GAOG;AACH,oBAAY,qBAAqB;IAC/B,OAAO,YAAY;CACpB;AAED,oBAAY,yBAAyB;IACnC,KAAK,UAAU;IACf,eAAe,oBAAoB;IACnC,cAAc,mBAAmB;IACjC,gBAAgB,qBAAqB;CACtC;AAED;;;;;;;;GAQG;AACH,MAAM,WAAW,sCAAsC;IACrD,QAAQ,EAAE,cAAc,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,IAAI,EAAE,yBAAyB,CAAC;IAEhC;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,MAAM,4BAA4B,GAAG;IACzC,qEAAqE;IACrE,EAAE,EAAE,MAAM,CAAC;IAEX,0DAA0D;IAC1D,MAAM,EAAE,MAAM,CAAC;IAEf,MAAM,EAAE,sBAAsB,CAAC;IAE/B,kGAAkG;IAClG,MAAM,EAAE,MAAM,EAAE,CAAC;IAEjB,yGAAyG;IACzG,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,iEAAiE;IACjE,MAAM,CAAC,EAAE,qBAAqB,EAAE,CAAC;IAEjC;;;;;;;;OAQG;IACH,eAAe,CAAC,EAAE,sCAAsC,EAAE,CAAC;IAE3D,mCAAmC;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,iCAAiC,GAAG;IAC9C,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,4BAA4B,EAAE,CAAC;IACvC,8CAA8C;IAC9C,GAAG,CAAC,EAAE,MAAM,CAAC;CACd,CAAC"}
@@ -1,14 +1,18 @@
1
1
  "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.DcdrServiceTokenLimitType = exports.DcdrServiceTokenScope = void 0;
2
4
  /**
3
- * Snapshot of allowed (and revoked) customer service tokens.
5
+ * Stable well-known scopes that can be attached to DCDR service tokens.
4
6
  *
5
- * IMPORTANT:
6
- * - Never include tokens in clear.
7
- * - Tokens are referenced by sha256(utf8(tokenString)) in hex.
8
- * - Backend should keep this snapshot stable & ordered for reproducible ETags.
7
+ * Notes
8
+ * - `scopes` remains an open `string[]` surface for backward compatibility.
9
+ * - This enum only publishes shared canonical values that runtime/backend/UI
10
+ * may want to reference consistently.
9
11
  */
10
- Object.defineProperty(exports, "__esModule", { value: true });
11
- exports.DcdrServiceTokenLimitType = void 0;
12
+ var DcdrServiceTokenScope;
13
+ (function (DcdrServiceTokenScope) {
14
+ DcdrServiceTokenScope["GATEWAY"] = "gateway";
15
+ })(DcdrServiceTokenScope || (exports.DcdrServiceTokenScope = DcdrServiceTokenScope = {}));
12
16
  var DcdrServiceTokenLimitType;
13
17
  (function (DcdrServiceTokenLimitType) {
14
18
  DcdrServiceTokenLimitType["FIXED"] = "FIXED";
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@dcdr/contracts",
3
- "version": "2.5.3",
3
+ "version": "2.7.0",
4
4
  "homepage": "https://dcdr.ai",
5
5
  "description": "TypeScript contracts and runtime client for DCDR intent-based AI execution",
6
6
  "private": false,
@@ -73,7 +73,9 @@
73
73
  "./messages.contract": { "types": "./dist/messages.contract.d.ts", "default": "./dist/messages.contract.js" },
74
74
  "./policies.contract": { "types": "./dist/policies.contract.d.ts", "default": "./dist/policies.contract.js" },
75
75
  "./prompts.contract": { "types": "./dist/prompts.contract.d.ts", "default": "./dist/prompts.contract.js" },
76
+ "./processing.contract": { "types": "./dist/processing.contract.d.ts", "default": "./dist/processing.contract.js" },
76
77
  "./provider.contract": { "types": "./dist/provider.contract.d.ts", "default": "./dist/provider.contract.js" },
78
+ "./provider-limits.contract": { "types": "./dist/provider-limits.contract.d.ts", "default": "./dist/provider-limits.contract.js" },
77
79
  "./provider.catalog.contract": { "types": "./dist/provider.catalog.contract.d.ts", "default": "./dist/provider.catalog.contract.js" },
78
80
  "./service-tokens.contract": { "types": "./dist/service-tokens.contract.d.ts", "default": "./dist/service-tokens.contract.js" },
79
81
  "./session.contract": { "types": "./dist/session.contract.d.ts", "default": "./dist/session.contract.js" }
@@ -102,7 +104,9 @@
102
104
  "messages.contract": ["dist/messages.contract.d.ts"],
103
105
  "policies.contract": ["dist/policies.contract.d.ts"],
104
106
  "prompts.contract": ["dist/prompts.contract.d.ts"],
107
+ "processing.contract": ["dist/processing.contract.d.ts"],
105
108
  "provider.contract": ["dist/provider.contract.d.ts"],
109
+ "provider-limits.contract": ["dist/provider-limits.contract.d.ts"],
106
110
  "provider.catalog.contract": ["dist/provider.catalog.contract.d.ts"],
107
111
  "service-tokens.contract": ["dist/service-tokens.contract.d.ts"],
108
112
  "session.contract": ["dist/session.contract.d.ts"]