@directive-run/core 1.11.0 → 1.13.0

package/dist/audit-ledger-dxvslGi3.d.ts

@@ -0,0 +1,378 @@
+import { F as FactPredicate, C as ClauseResult, P as Plugin, M as ModuleSchema } from './plugins-BIzXaYbg.js';
+
+/**
+ * createAuditLedger — append-only, queryable, hash-chained
+ * (djb2; SHA-256 reserved for v2) audit of every state change. For
+ * forensics and "show me why this user got that decision."
+ *
+ * Captures (per observation event):
+ *
+ *   - `constraint.evaluate` → { whenSpec, whenExplain, active, whenSource? }
+ *   - `resolver.write.rejected` (rejection + summary kinds)
+ *   - `fact.change` → { key, prior, next }
+ *   - `resolver.complete` → { resolverId, requirementId, duration }
+ *   - `system.init` / `system.start` / `system.stop` / `system.destroy`
+ *   - `system.snapshot` / `system.history.navigate` (lifecycle markers)
+ *   - `system.truncated` (ring-buffer overflow marker)
+ *   - `system.entry-erased` / `system.subject-erased` (GDPR Art.17 stub)
+ *
+ * Hash chain: each entry stores `prevHash` — the djb2 (`hashObject`)
+ * hash of the previous entry's stable-stringified payload. Tampering
+ * with any entry's payload breaks the next entry's `prevHash` link —
+ * visible in `verify()`. v1 ships sync djb2 only; `verify({ strong: true })`
+ * is reserved for v2 (SHA-256) and throws today.
+ *
+ * PII redaction: by default, fact keys whose meta carries the `pii`
+ * tag (via `system.meta.byTag("pii")`) have their values replaced with
+ * `"[redacted]"` in `whenExplain.actual`, `fact.change.prior`,
+ * `fact.change.next`, and the cached `whenSpec` operands. Opt out with
+ * `capturePII: true`.
+ */
+
+/** Hash algorithm tag — bumped if canonicalization or hash function changes. */
+declare const HASH_ALGO: "djb2-1";
+/**
+ * Entry schema version. Bumped if `AuditEntry` field shape changes in
+ * a way that breaks back-compat parsers. Persisted on every entry so
+ * exports remain self-describing across library upgrades. (F-5)
+ */
+declare const SCHEMA_VERSION: 1;
+/**
+ * Private sentinel stamped onto tombstone entries by {@link createAuditLedger.erase}.
+ * Never exported, never serialized — `verify()` checks for it before
+ * accepting a `system.entry-erased` entry as a legitimate chain break.
+ *
+ * (N7) Without this, a caller holding a raw `AuditLedgerSink` reference
+ * could write `{ kind: "system.entry-erased", … }` directly into the
+ * sink to mask real tampering as legitimate erasure. The sentinel
+ * raises the bar so only the in-process ledger plugin (which lives in
+ * this module's closure) can mint a valid tombstone.
+ */
+declare const LEDGER_INTERNAL_TOKEN: unique symbol;
+type AuditEntryKind = "constraint.evaluate" | "resolver.write.rejected" | "fact.change" | "resolver.complete" | "resolver.error" | "system.init" | "system.start" | "system.stop" | "system.destroy" | "system.snapshot" | "system.history.navigate" | "system.truncated" | "system.entry-erased" | "system.subject-erased";
+interface AuditEntryBase {
+    /** Monotonic sequence number, starting at 0. */
+    readonly seq: number;
+    /** Wall-clock timestamp (ms epoch). */
+    readonly ts: number;
+    /** Discriminator. */
+    readonly kind: AuditEntryKind;
+    /** Hash of the previous entry's full payload. null on the genesis entry. */
+    readonly prevHash: string | null;
+    /**
+     * Hash algorithm tag identifying the canonicalization + hash
+     * function in use. Bumped if the algorithm or canonical form
+     * changes, so exports remain verifiable across versions.
+     */
+    readonly hashAlgo: typeof HASH_ALGO;
+    /**
+     * Entry schema version — bumped if any `AuditEntry` field shape
+     * changes in a way that breaks back-compat. Pair with `hashAlgo`
+     * when migrating older exports. (F-5)
+     */
+    readonly schemaVersion: typeof SCHEMA_VERSION;
+    /**
+     * Private sentinel — present (and equal to the in-module token) only
+     * on legitimate tombstones minted by `ledger.erase()`. Filtered out
+     * of all public read paths (`query`, `recent`, `toJSON`, etc.) so
+     * consumers never see or copy it. (N7)
+     *
+     * NOT serialized. NOT exported. Forging this from outside the module
+     * is impossible without the symbol reference; `verify()` rejects any
+     * `system.entry-erased` entry that lacks it.
+     *
+     * @internal
+     */
+    readonly __internal?: typeof LEDGER_INTERNAL_TOKEN;
+}
+type AuditEntry = (AuditEntryBase & {
+    kind: "constraint.evaluate";
+    constraintId: string;
+    active: boolean;
+    /** Cached at ledger start from `system.inspect().constraints[].whenSpec`. Refreshed on `register()`/`assign()`/`unregister()`. May be undefined for function-form constraints (see `whenSource`). PII operands redacted unless `capturePII: true`. */
+    whenSpec?: FactPredicate<unknown>;
+    whenExplain?: readonly ClauseResult[];
+    /**
+     * For function-form constraints (no `whenSpec`), a tamper-evident
+     * identity for the function. We DO NOT capture the raw source —
+     * closures routinely reference secrets, API keys, or PII (e.g.
+     * `if (apiKey === "sk-live-xxx")`) and a preview would leak them
+     * into the audit log. Instead, we capture a djb2 hash of the
+     * stringified function (`hashObject(String(fn))`). Auditors can
+     * detect "the function changed between deploys" by comparing
+     * hashes across entries, without ever seeing the function body.
+     *
+     * Informational only — NOT replayable. (N5, M22)
+     */
+    whenSource?: {
+        kind: "function";
+        sourceHash: string;
+    };
+}) | (AuditEntryBase & {
+    kind: "resolver.write.rejected";
+    rejection: "rejection" | "summary";
+    resolverId: string;
+    requirementId: string;
+    reason: string;
+    fact?: string;
+    expected?: unknown;
+    actual?: unknown;
+    dropped?: number;
+}) | (AuditEntryBase & {
+    kind: "fact.change";
+    key: string;
+    prior: unknown;
+    next: unknown;
+}) | (AuditEntryBase & {
+    kind: "resolver.complete";
+    resolverId: string;
+    requirementId: string;
+    duration: number;
+}) | (AuditEntryBase & {
+    kind: "resolver.error";
+    resolverId: string;
+    requirementId: string;
+    error: string;
+}) | (AuditEntryBase & {
+    kind: "system.init" | "system.start" | "system.stop" | "system.destroy";
+}) | (AuditEntryBase & {
+    kind: "system.snapshot";
+    snapshotId: number;
+    trigger: string;
+}) | (AuditEntryBase & {
+    kind: "system.history.navigate";
+    from: number;
+    to: number;
+}) | (AuditEntryBase & {
+    kind: "system.truncated";
+    droppedSeq: number;
+    droppedCount: number;
+}) | (AuditEntryBase & {
+    kind: "system.entry-erased";
+    originalKind: AuditEntryKind;
+    erasedAt: number;
+}) | (AuditEntryBase & {
+    kind: "system.subject-erased";
+    /**
+     * djb2 hash of the filter (via `hashObject(filter)`). PII-safe —
+     * the raw filter values never land in the ledger. Pair with
+     * `filterShape` to see which filter fields were used. (N2)
+     */
+    filterHash: string;
+    /**
+     * Stripped-values shape of the filter — captures WHICH fields were
+     * present without recording their values. (N2)
+     */
+    filterShape: {
+        factPath: boolean;
+        constraintId: boolean;
+        kind: AuditEntryKind | readonly AuditEntryKind[] | undefined;
+        changedBetween: "[range]" | undefined;
+    };
+    erased: number;
+});
+interface QueryFilter {
+    /** Exact-match fact path. */
+    factPath?: string;
+    /** Filter by constraint id. */
+    constraintId?: string;
+    /** Filter by entry kind. */
+    kind?: AuditEntryKind | readonly AuditEntryKind[];
+    /** Time range as `[startMs, endMs]`, ISO strings, or epoch numbers. */
+    changedBetween?: [string | number | Date, string | number | Date];
+    /** Maximum entries returned. Default 1000. */
+    limit?: number;
+}
+/**
+ * Verify result — chain valid OR a break with full context for tamper visualization.
+ *
+ * Erased entries (via `ledger.erase()`) appear as legitimate chain breaks —
+ * `verify()` reports them in `erasedSeqs` and continues the walk from the
+ * tombstone's own hash. Real tamper still surfaces as `valid: false`.
+ *
+ * Forged tombstones (a caller writes `kind: "system.entry-erased"`
+ * directly via `sink.write()` to mask tamper as erasure) are detected:
+ * legitimate tombstones carry an in-module sentinel that forgeries
+ * cannot mint, so `verify()` reports them as tamper. (N7)
+ */
+type VerifyResult = {
+    valid: true;
+    entryCount: number;
+    /**
+     * Seq numbers of entries legitimately broken by `erase()`
+     * tombstones. NOT timestamps — each entry pairs this seq with
+     * the per-entry `system.entry-erased.erasedAt` (ms epoch) for
+     * the timestamp. Empty unless the chain contains erasures.
+     * (N1 + M1; renamed from `erasedAt` in R3)
+     */
+    erasedSeqs?: number[];
+} | {
+    valid: false;
+    brokenAt: number;
+    expectedHash: string;
+    actualHash: string;
+    entry: AuditEntry;
+    /**
+     * Human-readable reason for the break — populated for cases
+     * where the cause is more specific than "hash mismatch" (e.g.
+     * tombstone forgery detected via missing sentinel).
+     */
+    reason?: string;
+};
+interface AuditLedgerSink {
+    write(entry: AuditEntry): void;
+    query(filter: QueryFilter): readonly AuditEntry[];
+    recent(n: number): readonly AuditEntry[];
+    forFact(path: string, opts?: {
+        limit?: number;
+    }): readonly AuditEntry[];
+    forConstraint(id: string, opts?: {
+        limit?: number;
+    }): readonly AuditEntry[];
+    toJSON(): {
+        entries: readonly AuditEntry[];
+        capturedAt: number;
+    };
+    clear(): void;
+    destroy(): void;
+    /**
+     * Replace matching entries with tombstones IN PLACE (preserving seq +
+     * prevHash so the hash chain still verifies). v1 implementation
+     * matches on the same `QueryFilter` shape used by `query()`.
+     * Returns the count of entries replaced.
+     *
+     * WARNING: erases only from this sink. Any external copies (toJSON
+     * exports, downstream pipelines) must be erased separately.
+     */
+    erase?(filter: QueryFilter, tombstoneFactory: (e: AuditEntry) => AuditEntry): number;
+    /**
+     * Optional hook fired by the sink BEFORE shifting the oldest entry
+     * out of a bounded ring buffer. The ledger plugin uses this to emit
+     * a `system.truncated` marker so an auditor sees that the log was
+     * truncated and where. (M23)
+     */
+    onTruncate?(handler: (droppedSeq: number, droppedCount: number) => void): void;
+}
+/**
+ * In-memory bounded ring-buffer sink. Drops oldest entries past
+ * `capacity` (default 10,000). Use this as the default sink for dev,
+ * tests, and StackBlitz demos.
+ */
+declare function memorySink(opts?: {
+    capacity?: number;
+}): AuditLedgerSink;
+interface AuditLedgerOptions {
+    /** Sink to write entries to. Default: in-memory ring buffer (capacity 10k). */
+    sink?: AuditLedgerSink;
+    /**
+     * Whether to capture raw fact values (`prior`/`next` on fact.change,
+     * `actual` in whenExplain). Default `false` — PII-tagged facts are
+     * redacted by default. Set `true` to opt out of redaction.
+     */
+    capturePII?: boolean;
+    /**
+     * Optional caller-supplied redactor. Runs AFTER the default
+     * pii-tag-based redaction. Useful for additional sanitization.
+     */
+    redact?: (entry: AuditEntry) => AuditEntry;
+}
+interface AuditLedger {
+    /** The plugin to pass to `createSystem({ plugins: [...] })`. */
+    readonly plugin: Plugin<ModuleSchema>;
+    /** Query entries matching the filter. */
+    query(filter?: QueryFilter): readonly AuditEntry[];
+    /** Most recent N entries (chronological). */
+    recent(n: number): readonly AuditEntry[];
+    /** All entries that touch this fact path (exact match). */
+    forFact(path: string, opts?: {
+        limit?: number;
+    }): readonly AuditEntry[];
+    /** All entries for this constraint id. */
+    forConstraint(id: string, opts?: {
+        limit?: number;
+    }): readonly AuditEntry[];
+    /** Full ledger snapshot for export / serialization. */
+    toJSON(): {
+        entries: readonly AuditEntry[];
+        capturedAt: number;
+    };
+    /**
+     * Walk the hash chain genesis → tip. Returns `{ valid: true }` iff
+     * every entry's `prevHash` matches the (sync, djb2-based) hash of
+     * the previous entry. On break, returns the index of the first
+     * broken link plus the expected vs actual hashes — feed into a
+     * "TAMPERED" visualization.
+     *
+     * Erased entries (via `ledger.erase()`) appear as legitimate chain
+     * breaks — `verify()` reports them in `erasedSeqs` and continues
+     * the walk from the tombstone's actual hash. Real tamper still
+     * surfaces as `valid: false`. (N1 + M1)
+     *
+     * Forged tombstones — `kind: "system.entry-erased"` entries written
+     * directly via `sink.write()` to mask tamper — are detected as
+     * forgery. Legitimate tombstones carry an in-module sentinel that
+     * forgeries cannot mint. (N7)
+     *
+     * v1 ships sync djb2 only. `verify({ strong: true })` is reserved
+     * for v2 (SHA-256) and THROWS today — there is no silent fallback.
+     * Call `verify()` (no args) for tamper detection.
+     */
+    verify(opts?: {
+        strong?: boolean;
+    }): VerifyResult;
+    /**
+     * Per-subject erasure (GDPR Art. 17 stub). Replaces matching entries
+     * in this sink with `system.entry-erased` tombstones (preserving
+     * seq + prevHash so verify() can resync), then appends a chained
+     * `system.subject-erased` marker entry that summarises the erasure.
+     *
+     * Returns `{ erased, markerEntry }` — `markerEntry` is the chained
+     * `system.subject-erased` summary (the N per-entry tombstones live
+     * in the sink, not on the return value). (M7)
+     *
+     * When `erased === 0` (filter matched nothing), `markerEntry` is
+     * `null` and no marker is emitted into the chain — avoids polluting
+     * the audit trail with empty "erased: 0" records. (MAJOR-3)
+     *
+     * WARNING: v1 erases only from THIS sink. External copies (toJSON
+     * exports, downstream pipelines, persisted backups) must be erased
+     * separately. (C8)
+     */
+    erase(filter: QueryFilter): {
+        erased: number;
+        markerEntry: AuditEntry | null;
+    };
+    /** Empty the sink. */
+    clear(): void;
+    /** Unsubscribe + drop the sink. */
+    destroy(): void;
+}
+/**
+ * Create an audit ledger that subscribes to the given system's
+ * observation stream. Returns a `Plugin` to install + a query/verify
+ * API for the ledger.
+ *
+ * @example
+ * ```ts
+ * import { createAuditLedger } from "@directive-run/core/plugins";
+ *
+ * const ledger = createAuditLedger();
+ * const system = createSystem({ module, plugins: [ledger.plugin] });
+ * system.start();
+ *
+ * // Six months later — auditor asks "what changed cart-total in March?"
+ * ledger.query({
+ *   factPath: "cartTotal",
+ *   changedBetween: ["2026-03-01", "2026-04-01"],
+ * });
+ *
+ * // Verify nobody tampered with the ledger
+ * const verdict = await ledger.verify();
+ * if (!verdict.valid) {
+ *   console.error("Tamper at entry", verdict.brokenAt);
+ * }
+ * ```
+ */
+declare function createAuditLedger(opts?: AuditLedgerOptions): AuditLedger;
+
+export { type AuditEntry as A, type QueryFilter as Q, type VerifyResult as V, type AuditEntryKind as a, type AuditLedger as b, type AuditLedgerOptions as c, type AuditLedgerSink as d, createAuditLedger as e, memorySink as m };

package/dist/chunk-2FF6QGOA.js

@@ -0,0 +1,2 @@
+import {a,e}from'./chunk-PXRV64PA.js';var g=new Set(["$eq","$ne","$in","$nin","$exists","$gt","$gte","$lt","$lte","$between","$matches","$startsWith","$endsWith","$contains","$changed"]),Q=new Set(["$all","$any","$not"]);var T=new Set(["number","string","boolean","bigint","date","unknown"]);function P(e){if(!e)return {kind:"unknown"};let n=/^Branded<(.+)>$/.exec(e);return n?{kind:"branded",inner:P(n[1])}:e.endsWith(" | null")||e.endsWith(" | undefined")?{...P(e.replace(/ \| (null|undefined)$/,"")),nullable:true}:T.has(e)?{kind:e}:/^(email|uuid|url|cuid|datetime|iso\b)/i.test(e)?{kind:"string"}:e.includes(" | ")?{kind:"union",members:e.split(" | ").map(P)}:e==="array"?{kind:"array",element:{kind:"unknown"}}:e==="object"?{kind:"object",shape:{}}:e==="record"?{kind:"record",value:{kind:"unknown"}}:e==="tuple"?{kind:"tuple",elements:[]}:e==="union"?{kind:"union",members:[]}:{kind:"unknown"}}function z(e){if(e==null)return {kind:"unknown"};if(typeof e=="function")return a&&console.warn("[Directive] getKind: received a function \u2014 did you forget () on a t.* builder? Example: write `t.number()`, not `t.number`."),{kind:"unknown"};if(typeof e!="object")return {kind:"unknown"};let n=e,r;try{r=n._kind;}catch{return {kind:"unknown"}}if(r)return r;let i;try{i=n._typeName;}catch{return {kind:"unknown"}}return P(i)}function H(e){let n=new Map;if(!e||typeof e!="object")return n;let r=e,t="facts"in r&&r.facts&&typeof r.facts=="object"?r.facts:r;for(let[a,s]of Object.entries(t)){if(!s||typeof s!="object")continue;let o;try{o=z(s);}catch{continue}if(n.set(a,o),o.kind==="object")for(let[c,l]of Object.entries(o.shape))n.set(`${a}.${c}`,l);}return n.size===0&&a&&console.warn("[Directive] getSchemaFieldKinds: schema appears empty (no introspectable keys). Did you pass the module instead of its schema? Pass `myModule.schema`, not `myModule`."),n}var k=["$eq","$ne","$in","$nin","$exists"],D=["$gt","$gte","$lt","$lte","$between"],W=["$matches","$startsWith","$endsWith","$contains"];function w(e){switch(e.kind){case "number":case "bigint":case "date":return [...k,...D];case "string":return [...k,...D,...W];case "boolean":case "unknown":return k;case "array":return [...k,"$contains"];case "object":case "record":case "tuple":return k;case "literal":case "enum":return w(e.primitive==="number"?{kind:"number"}:e.primitive==="boolean"?{kind:"boolean"}:e.primitive==="null"?{kind:"unknown"}:{kind:"string"});case "branded":return w(e.inner);case "union":{if(e.members.length===0)return k;let n=e.members.map(t=>new Set(w(t))),r=n[0],i=[];for(let t of r)n.every(a=>a.has(t))&&i.push(t);return i}default:{return k}}}function X(){return Array.from(g)}var O=64;function u(e){return typeof e!="object"||e===null||Array.isArray(e)?false:!(e instanceof Date)&&!(e instanceof RegExp)}function x(e){if(typeof e!="object"||e===null||Array.isArray(e))return  false;let n=Object.getPrototypeOf(e);return n===Object.prototype||n===null}function E(e){if(!u(e))return  false;let n=0,r=false;for(let i of Object.keys(e)){if(i.startsWith("$"))r=true,g.has(i)||f(`predicate: unknown operator "${i}" \u2014 looks like a typo. Known operators: ${[...g].join(", ")}`);else if(r||n===0)return  false;n++;}return r?n>0:false}function re(e){return e===null?false:Array.isArray(e)?e.every(n=>x(n)&&"fact"in n&&"op"in n):x(e)}function h(e,n,r="",i=new WeakSet,t=0){if(t>O){a&&console.warn(`[Directive] predicate depth limit (${O}) exceeded \u2014 flatten the predicate or split it into multiple constraints. If this is unexpected, check for a cyclic spec object.`),n.bail?.("depth");return}if(Array.isArray(e)){e.forEach((s,o)=>{if(!u(s))return;let c=s;if(typeof c.fact=="string"&&typeof c.op=="string"){let l=r?`${r}[${o}]`:`[${o}]`;n.operator?.(r?`${r}.${c.fact}`:c.fact,c.op,c.value,`${l}.value`);}});return}if(!u(e))return;if(i.has(e)){a&&console.warn("[Directive] walkPredicate: cyclic predicate spec"),n.bail?.("cycle");return}i.add(e);let a$1=e;for(let s of ["$all","$any","$not"])if(s in a$1){if(n.combinator?.(s)===false)return;let c=s==="$not"?[a$1.$not]:a$1[s]??[];for(let l of c)h(l,n,r,i,t+1);return}for(let s of Object.keys(a$1)){let o=r?`${r}.${s}`:s;if(s.startsWith("$")){n.strayOperatorKey?.(s,o);continue}let c=a$1[s];if(E(c)){let l=c;for(let p of Object.keys(l))n.operator?.(o,p,l[p],`${o}.${p}`);continue}if(x(c)){if(n.nested?.(s)===false)continue;h(c,n,o,i,t+1);continue}n.literal?.(o,c);}}function ie(e){if(!x(e))return  false;let n=false;return h(e,{operator(){n=true;},literal(){n=true;},combinator(){n=true;},strayOperatorKey(){n=true;},bail(){n=true;}}),!n}function I(e){return u(e)&&Object.hasOwn(e,"$template")&&typeof e.$template=="string"}function oe(e,n=""){function r(t,a,s,o){if(typeof t=="bigint")throw new Error(`[Directive] validatePredicate: bigint operand at "${a}" is not JSON-serializable (JSON.stringify throws on bigint).`);if(t instanceof Set)throw new Error(`[Directive] validatePredicate: Set operand at "${a}" is not JSON-serializable (serializes to {} and loses all members).`);if(t instanceof Map)throw new Error(`[Directive] validatePredicate: Map operand at "${a}" is not JSON-serializable (serializes to {} and loses all entries).`);if(t instanceof RegExp)throw new Error(`[Directive] validatePredicate: RegExp operand at "${a}" is not JSON-serializable (a regex lost to JSON.parse becomes {}). Only a direct $matches operand may be a RegExp.`);if(!(t===null||typeof t!="object")&&!(o>O)&&!s.has(t)){if(s.add(t),Array.isArray(t)){t.forEach((c,l)=>{r(c,`${a}[${l}]`,s,o+1);});return}for(let c of Object.keys(t))r(t[c],a?`${a}.${c}`:c,s,o+1);}}function i(t,a,s){if(typeof t=="bigint")throw new Error(`[Directive] validatePredicate: bigint operand at "${s}" is not JSON-serializable (JSON.stringify throws on bigint).`);if(t instanceof Set)throw new Error(`[Directive] validatePredicate: Set operand at "${s}" is not JSON-serializable (serializes to {} and loses all members).`);if(t instanceof Map)throw new Error(`[Directive] validatePredicate: Map operand at "${s}" is not JSON-serializable (serializes to {} and loses all entries).`);if(a==="$matches"&&!(t instanceof RegExp))throw new Error(`[Directive] validatePredicate: $matches operand at "${s}" must be a RegExp; got ${t===null?"null":typeof t}. A regex lost to JSON.parse becomes {} \u2014 reify with new RegExp(pattern, flags) before installing.`);if(Array.isArray(t))t.forEach((o,c)=>{r(o,`${s}[${c}]`,new WeakSet,1);});else if(x(t))for(let o of Object.keys(t))r(t[o],`${s}.${o}`,new WeakSet,1);}if(e instanceof Set)throw new Error(`[Directive] validatePredicate: Set operand${n?` at "${n}"`:""} is not JSON-serializable (serializes to {} and loses all members).`);if(e instanceof Map)throw new Error(`[Directive] validatePredicate: Map operand${n?` at "${n}"`:""} is not JSON-serializable (serializes to {} and loses all entries).`);h(e,{operator(t,a,s,o){i(s,a,n?`${n}.${o}`:o);},literal(t,a){i(a,"",n?`${n}.${t}`:t);}});}function M(e){return typeof e!="string"||e.length===0?false:!!(/\)(?:[+*]\??|\{\d+,?\d*\})\s*[+*?]\s*[+*]/.test(e)||/\(([^()]*?[+*]|[^()]*?\{\d+,?\d*\})[^()]*\)\s*[+*]/.test(e)||/\(\??:?([^()|]+)\|\1\)\s*[+*]/.test(e))}function se(e,n,r={}){let i=[],t=0,a=r.maxOperatorCount,s=r.maxArrayOperandLength;return h(e,{operator(o,c,l,p){if(t++,a!==void 0&&t>a){i.some($=>$.reason.includes("maxOperatorCount"))||i.push({path:o,op:c,reason:`Predicate exceeds maxOperatorCount=${a} \u2014 too many clauses (DoS guard).`});return}if(s!==void 0&&(c==="$in"||c==="$nin")&&Array.isArray(l)&&l.length>s){i.push({path:o,op:c,reason:`Operator ${c} operand exceeds maxArrayOperandLength=${s} (got ${l.length}) \u2014 too large for a query planner.`});return}if(c==="$matches"){let $;if(l instanceof RegExp?$=l.source:typeof l=="string"&&($=l),$!==void 0&&M($)){i.push({path:o,op:c,reason:`Operator $matches operand at "${o}" contains nested quantifiers (ReDoS risk: ${JSON.stringify($)}). Reject untrusted regex or rewrite without nested + / *.`});return}}let m=n.get(o);if(!m){i.push({path:o,op:c,reason:`Unknown fact "${o}" \u2014 not in schema. Known facts: ${n.size===0?"(empty schema)":Array.from(n.keys()).join(", ")}`});return}let y=w(m);y.includes(c)||i.push({path:o,op:c,kind:m,allowedOps:y,reason:`Operator "${c}" is not allowed on fact "${o}" of kind "${m.kind}". Allowed operators for this kind: ${y.join(", ")}.`});},literal(o,c){t++,n.has(o)||i.push({path:o,op:"$eq",reason:`Unknown fact "${o}" \u2014 not in schema.`});},strayOperatorKey(o,c){i.push({path:c,op:o,reason:`Stray operator key "${o}" at "${c}" \u2014 operators must live inside a fact's operator object, not at the predicate top level.`});}}),i.length===0?{ok:true,operatorCount:t}:{ok:false,errors:i,operatorCount:t}}function _(){return {ids:new WeakMap,next:{v:1},pairs:new Set}}function v(e,n){let r=e.ids.get(n);return r===void 0&&(r=e.next.v++,e.ids.set(n,r)),r}function d(e,n,r){if(Object.is(e,n))return  true;if(e instanceof Date&&n instanceof Date)return e.getTime()===n.getTime();if(typeof e!="object"||typeof n!="object"||e===null||n===null)return  false;let i=r??_(),t=`${v(i,e)}:${v(i,n)}`;if(i.pairs.has(t))return  true;if(i.pairs.add(t),Array.isArray(e)||Array.isArray(n))return !Array.isArray(e)||!Array.isArray(n)||e.length!==n.length?false:e.every((o,c)=>d(o,n[c],i));if(e instanceof Set||n instanceof Set){if(!(e instanceof Set)||!(n instanceof Set)||e.size!==n.size)return  false;let o=[...n];return [...e].every(c=>o.some(l=>d(c,l,i)))}if(e instanceof Map||n instanceof Map){if(!(e instanceof Map)||!(n instanceof Map)||e.size!==n.size)return  false;let o=[...n.entries()],c=new Array(o.length).fill(false);for(let[l,p]of e){let m=false;for(let y=0;y<o.length;y++){if(c[y])continue;let[$,N]=o[y];if(d(l,$,i)&&d(p,N,i)){c[y]=true,m=true;break}}if(!m)return  false}return  true}let a=Object.keys(e),s=Object.keys(n);return a.length!==s.length?false:a.every(o=>Object.hasOwn(n,o)&&d(e[o],n[o],i))}function j(e){if(e instanceof Date)return e.getTime();if(typeof e=="number"||typeof e=="bigint"||typeof e=="string")return e}function A(e,n,r){let i=j(n),t=j(r);if(i===void 0||t===void 0||typeof i!=typeof t)return  false;switch(e){case "$gt":return i>t;case "$gte":return i>=t;case "$lt":return i<t;case "$lte":return i<=t;default:return  false}}function R(e,n,r,i){switch(e){case "$eq":return d(n,r);case "$ne":return !d(n,r);case "$in":return Array.isArray(r)&&r.some(t=>d(n,t));case "$nin":return Array.isArray(r)&&!r.some(t=>d(n,t));case "$exists":return r===(n!==void 0);case "$changed":return !d(n,i);case "$gt":case "$gte":case "$lt":case "$lte":return A(e,n,r);case "$between":{if(!Array.isArray(r)||r.length!==2)return  false;let t=j(r[0]),a=j(r[1]);return t!==void 0&&a!==void 0&&typeof t==typeof a&&t>a?(f("$between: reversed pair \u2014 [min, max] required"),false):A("$gte",n,r[0])&&A("$lte",n,r[1])}case "$matches":{if(!(r instanceof RegExp))throw new Error("[Directive] $matches: operand must be a RegExp (string operands are no longer accepted; pass /pattern/flags directly).");return typeof n!="string"?false:r.test(n)}case "$startsWith":return typeof n!="string"?false:n.startsWith(String(r));case "$endsWith":return typeof n!="string"?false:n.endsWith(String(r));case "$contains":return typeof n=="string"?n.includes(String(r)):Array.isArray(n)?n.some(t=>d(t,r)):n instanceof Set?n.has(r):false;default:return  false}}function f(e){a&&console.warn(`[Directive] ${e}`);}function q(e,n,r,i){if(E(e)){let t=Object.keys(e);t.length>1&&f(`predicate: operator object has ${t.length} operators (${t.join(", ")}) \u2014 write the array form or $all instead. The runtime ANDs them as a best-effort fallback.`);for(let a of t)if(!R(a,n,e[a],r))return  false;return  true}return u(e)?S(e,u(n)?n:Object.create(null),u(r)?r:void 0,i+1):d(n,e)}function S(e,n,r,i=0){if(i>O)return f(`predicate depth limit (${O}) exceeded \u2014 flatten the predicate or split it into multiple constraints. If this is unexpected, check for a cyclic spec object.`),false;if(Array.isArray(e))return e.every(t=>{if(!u(t))return  false;let{fact:a,op:s,value:o}=t;return R(s,n?.[a],o,r?.[a])});if(!u(e))return !!e;if("$all"in e)return e.$all.every(t=>S(t,n,r,i+1));if("$any"in e)return e.$any.some(t=>S(t,n,r,i+1));if("$not"in e)return !S(e.$not,n,r,i+1);for(let t of Object.keys(e)){if(g.has(t))return f(`predicate: operator "${t}" mixed with fact keys \u2014 wrap operators in a per-fact object`),false;if(!q(e[t],n?.[t],r?.[t],i))return  false}return  true}function V(e,n,r,i=""){let t=[];if(Array.isArray(e)){for(let a of e){if(!u(a))continue;let{fact:s,op:o,value:c}=a,l=n?.[s];t.push({path:i+s,op:o,expected:c,actual:l,pass:R(o,l,c,r?.[s])});}return t}if(!u(e))return t;for(let a of ["$all","$any","$not"])if(a in e){let s=a==="$not"?[e.$not]:e[a],o=[];for(let p of s)o.push(...V(p,n,r,i));let c=o.filter(p=>p.pass).length,l;return a==="$all"?l=o.length===0||c===o.length:a==="$any"?l=o.length>0&&c>0:l=!o.every(p=>p.pass),t.push({path:i||a,op:a,expected:s.length,actual:c,pass:l,children:o}),t}for(let a of Object.keys(e)){if(g.has(a))continue;let s=e[a],o=n?.[a],c=i+a;if(E(s))for(let l of Object.keys(s))t.push({path:c,op:l,expected:s[l],actual:o,pass:R(l,o,s[l],r?.[a])});else u(s)?t.push(...V(s,u(o)?o:Object.create(null),u(r?.[a])?r?.[a]:void 0,`${c}.`)):t.push({path:c,op:"$eq",expected:s,actual:o,pass:d(o,s)});}return t}var F=new WeakMap;function ce(e){if(e===null||typeof e!="object")throw new Error(`[Directive] memoizePredicate: predicate must be a plain object or array; got ${typeof e}`);let n=F.get(e);if(n)return n;let r=(i,t)=>S(e,i,t);return F.set(e,r),r}function le(e,n=""){let r=new Set;return h(e,{operator(i){r.add(n+i);},literal(i){r.add(n+i);},strayOperatorKey(i){g.has(i)||f(`extractDeps: unknown operator "${i}" \u2014 skipping. Known operators: ${[...g].join(", ")}`);}}),r}var C=/^[A-Za-z_][A-Za-z0-9_]*$/;function J(e){return typeof e=="symbol"||e==null?"":String(e)}function B(e,n){return typeof e=="symbol"?(f("template: cannot interpolate a symbol value \u2014 using empty string"),""):e===void 0?(f(`template: ${n?`key "${n}" is `:""}undefined \u2014 using empty string`),""):e===null?(f(`template: ${n?`key "${n}" is `:""}null \u2014 using empty string`),""):String(e)}function L(e,n){let r=e.$template,i="",t=0;for(;t<r.length;){if(r[t]==="$"&&r[t+1]==="$"&&r[t+2]==="{"){i+="${",t+=3;continue}if(r[t]==="$"&&r[t+1]==="{"){let a=r.indexOf("}",t+2);if(a===-1){f(`template: unterminated "\${" in ${JSON.stringify(r)}`),i+=r.slice(t);break}let s=r.slice(t+2,a);if(!C.test(s))f(`template: invalid placeholder "\${${s}}" \u2014 not an identifier`);else {let o=n!=null&&Object.hasOwn(n,s),c=o?n[s]:void 0;o?i+=B(c,s):(f(`template: unknown key "${s}"`),i+=J(c));}t=a+1;continue}i+=r[t],t++;}return i}function ue(e){let n=new Set,r=e.$template,i=0;for(;i<r.length;){if(r[i]==="$"&&r[i+1]==="$"&&r[i+2]==="{"){i+=3;continue}if(r[i]==="$"&&r[i+1]==="{"){let t=r.indexOf("}",i+2);if(t===-1)break;let a=r.slice(i+2,t);C.test(a)&&n.add(a),i=t+1;continue}i++;}return n}function de(e$1,n){return e$1.map(r=>e(n?.[r])).join("|")}function fe(e,n,r){let i=e.$set,t=r??{};for(let a of Object.keys(i)){let s=i[a];if(I(s))n[a]=L(s,t);else if(u(s)&&Object.hasOwn(s,"$ref")&&typeof s.$ref=="string"){let o=s.$ref;Object.hasOwn(t,o)||f(`applyPatch: $ref "${o}" is missing from event payload \u2014 assigning undefined to fact "${a}"`),n[a]=t[o];}else n[a]=s;}}export{g as a,Q as b,z as c,H as d,w as e,X as f,O as g,re as h,h as i,ie as j,I as k,oe as l,M as m,se as n,S as o,V as p,ce as q,le as r,L as s,ue as t,de as u,fe as v};//# sourceMappingURL=chunk-2FF6QGOA.js.map
+//# sourceMappingURL=chunk-2FF6QGOA.js.map