@enactprotocol/api 2.0.0 → 2.0.1

package/dist/trust.d.ts

@@ -0,0 +1,123 @@
+/**
+ * Trust configuration management (v2)
+ * Functions for managing user trust settings
+ */
+import type { EnactApiClient } from "./client";
+import type { UserTrustConfig } from "./types";
+/**
+ * Get a user's trust configuration (v2)
+ *
+ * This is public information - anyone can see which auditors a user trusts.
+ *
+ * @param client - API client instance
+ * @param username - Username to look up
+ * @returns User's trust configuration
+ *
+ * @example
+ * ```ts
+ * const trustConfig = await getUserTrust(client, "alice");
+ * console.log(`Alice trusts ${trustConfig.trusted_auditors.length} auditors`);
+ * ```
+ */
+export declare function getUserTrust(client: EnactApiClient, username: string): Promise<UserTrustConfig>;
+/**
+ * Update current user's trust configuration (v2)
+ *
+ * Replace the entire list of trusted auditors.
+ *
+ * @param client - API client instance (must be authenticated)
+ * @param trustedAuditors - Array of auditor emails to trust
+ * @returns Updated trust configuration
+ *
+ * @example
+ * ```ts
+ * const updated = await updateMyTrust(client, [
+ *   "security@example.com",
+ *   "bob@github.com",
+ *   "audit-team@company.com"
+ * ]);
+ * console.log(`Now trusting ${updated.trusted_auditors.length} auditors`);
+ * ```
+ */
+export declare function updateMyTrust(client: EnactApiClient, trustedAuditors: string[]): Promise<{
+    trustedAuditors: Array<{
+        identity: string;
+        addedAt: Date;
+    }>;
+    updatedAt: Date;
+}>;
+/**
+ * Add an auditor to the current user's trust list
+ *
+ * This is a convenience wrapper that fetches current trust config,
+ * adds the auditor if not already present, and updates.
+ *
+ * @param client - API client instance (must be authenticated)
+ * @param auditorEmail - Auditor email to trust
+ * @returns Updated trust configuration
+ *
+ * @example
+ * ```ts
+ * await addTrustedAuditor(client, "new-auditor@example.com");
+ * ```
+ */
+export declare function addTrustedAuditor(client: EnactApiClient, auditorEmail: string): Promise<{
+    trustedAuditors: Array<{
+        identity: string;
+        addedAt: Date;
+    }>;
+    updatedAt: Date;
+}>;
+/**
+ * Remove an auditor from the current user's trust list
+ *
+ * This is a convenience wrapper that fetches current trust config,
+ * removes the auditor if present, and updates.
+ *
+ * @param client - API client instance (must be authenticated)
+ * @param auditorEmail - Auditor email to remove
+ * @returns Updated trust configuration
+ *
+ * @example
+ * ```ts
+ * await removeTrustedAuditor(client, "old-auditor@example.com");
+ * ```
+ */
+export declare function removeTrustedAuditor(client: EnactApiClient, auditorEmail: string): Promise<{
+    trustedAuditors: Array<{
+        identity: string;
+        addedAt: Date;
+    }>;
+    updatedAt: Date;
+}>;
+/**
+ * Check if a user trusts a specific auditor
+ *
+ * @param client - API client instance
+ * @param username - Username to check
+ * @param auditorEmail - Auditor email to check
+ * @returns True if the user trusts this auditor
+ *
+ * @example
+ * ```ts
+ * const trusts = await userTrustsAuditor(client, "alice", "security@example.com");
+ * if (trusts) {
+ *   console.log("Alice trusts this auditor");
+ * }
+ * ```
+ */
+export declare function userTrustsAuditor(client: EnactApiClient, username: string, auditorEmail: string): Promise<boolean>;
+/**
+ * Get list of auditors trusted by the current user
+ *
+ * @param client - API client instance (must be authenticated)
+ * @returns Array of trusted auditor emails
+ *
+ * @example
+ * ```ts
+ * const auditors = await getMyTrustedAuditors(client);
+ * console.log(`You trust: ${auditors.join(", ")}`);
+ * ```
+ */
+export declare function getMyTrustedAuditors(client: EnactApiClient): Promise<string[]>;
+//# sourceMappingURL=trust.d.ts.map

package/dist/trust.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust.d.ts","sourceRoot":"","sources":["../src/trust.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAC/C,OAAO,KAAK,EAAuD,eAAe,EAAE,MAAM,SAAS,CAAC;AAEpG;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,YAAY,CAChC,MAAM,EAAE,cAAc,EACtB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,eAAe,CAAC,CAG1B;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,aAAa,CACjC,MAAM,EAAE,cAAc,EACtB,eAAe,EAAE,MAAM,EAAE,GACxB,OAAO,CAAC;IACT,eAAe,EAAE,KAAK,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,IAAI,CAAC;KACf,CAAC,CAAC;IACH,SAAS,EAAE,IAAI,CAAC;CACjB,CAAC,CAYD;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,cAAc,EACtB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC;IACT,eAAe,EAAE,KAAK,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,IAAI,CAAC;KACf,CAAC,CAAC;IACH,SAAS,EAAE,IAAI,CAAC;CACjB,CAAC,CAgBD;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,cAAc,EACtB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC;IACT,eAAe,EAAE,KAAK,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,IAAI,CAAC;KACf,CAAC,CAAC;IACH,SAAS,EAAE,IAAI,CAAC;CACjB,CAAC,CAeD;AAED;;;;;;;;;;;;;;;GAeG;AACH,wBAAsB,iBAAiB,CACrC,MAAM,EAAE,cAAc,EACtB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,OAAO,CAAC,CAGlB;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,oBAAoB,CAAC,MAAM,EAAE,cAAc,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CASpF"}

package/dist/trust.js

@@ -0,0 +1,152 @@
+/**
+ * Trust configuration management (v2)
+ * Functions for managing user trust settings
+ */
+/**
+ * Get a user's trust configuration (v2)
+ *
+ * This is public information - anyone can see which auditors a user trusts.
+ *
+ * @param client - API client instance
+ * @param username - Username to look up
+ * @returns User's trust configuration
+ *
+ * @example
+ * ```ts
+ * const trustConfig = await getUserTrust(client, "alice");
+ * console.log(`Alice trusts ${trustConfig.trusted_auditors.length} auditors`);
+ * ```
+ */
+export async function getUserTrust(client, username) {
+    const response = await client.get(`/users/${username}/trust`);
+    return response.data;
+}
+/**
+ * Update current user's trust configuration (v2)
+ *
+ * Replace the entire list of trusted auditors.
+ *
+ * @param client - API client instance (must be authenticated)
+ * @param trustedAuditors - Array of auditor emails to trust
+ * @returns Updated trust configuration
+ *
+ * @example
+ * ```ts
+ * const updated = await updateMyTrust(client, [
+ *   "security@example.com",
+ *   "bob@github.com",
+ *   "audit-team@company.com"
+ * ]);
+ * console.log(`Now trusting ${updated.trusted_auditors.length} auditors`);
+ * ```
+ */
+export async function updateMyTrust(client, trustedAuditors) {
+    const response = await client.put("/users/me/trust", {
+        trusted_auditors: trustedAuditors,
+    });
+    return {
+        trustedAuditors: response.data.trusted_auditors.map((ta) => ({
+            identity: ta.identity,
+            addedAt: new Date(ta.added_at),
+        })),
+        updatedAt: new Date(response.data.updated_at),
+    };
+}
+/**
+ * Add an auditor to the current user's trust list
+ *
+ * This is a convenience wrapper that fetches current trust config,
+ * adds the auditor if not already present, and updates.
+ *
+ * @param client - API client instance (must be authenticated)
+ * @param auditorEmail - Auditor email to trust
+ * @returns Updated trust configuration
+ *
+ * @example
+ * ```ts
+ * await addTrustedAuditor(client, "new-auditor@example.com");
+ * ```
+ */
+export async function addTrustedAuditor(client, auditorEmail) {
+    // First get current user to know their username
+    const currentUser = await client.get("/auth/me");
+    const username = currentUser.data.username;
+    // Get current trust config
+    const currentTrust = await getUserTrust(client, username);
+    // Add new auditor if not already present
+    const currentAuditors = currentTrust.trusted_auditors.map((ta) => ta.identity);
+    if (!currentAuditors.includes(auditorEmail)) {
+        currentAuditors.push(auditorEmail);
+    }
+    // Update trust config
+    return updateMyTrust(client, currentAuditors);
+}
+/**
+ * Remove an auditor from the current user's trust list
+ *
+ * This is a convenience wrapper that fetches current trust config,
+ * removes the auditor if present, and updates.
+ *
+ * @param client - API client instance (must be authenticated)
+ * @param auditorEmail - Auditor email to remove
+ * @returns Updated trust configuration
+ *
+ * @example
+ * ```ts
+ * await removeTrustedAuditor(client, "old-auditor@example.com");
+ * ```
+ */
+export async function removeTrustedAuditor(client, auditorEmail) {
+    // First get current user to know their username
+    const currentUser = await client.get("/auth/me");
+    const username = currentUser.data.username;
+    // Get current trust config
+    const currentTrust = await getUserTrust(client, username);
+    // Remove auditor
+    const updatedAuditors = currentTrust.trusted_auditors
+        .map((ta) => ta.identity)
+        .filter((email) => email !== auditorEmail);
+    // Update trust config
+    return updateMyTrust(client, updatedAuditors);
+}
+/**
+ * Check if a user trusts a specific auditor
+ *
+ * @param client - API client instance
+ * @param username - Username to check
+ * @param auditorEmail - Auditor email to check
+ * @returns True if the user trusts this auditor
+ *
+ * @example
+ * ```ts
+ * const trusts = await userTrustsAuditor(client, "alice", "security@example.com");
+ * if (trusts) {
+ *   console.log("Alice trusts this auditor");
+ * }
+ * ```
+ */
+export async function userTrustsAuditor(client, username, auditorEmail) {
+    const trustConfig = await getUserTrust(client, username);
+    return trustConfig.trusted_auditors.some((ta) => ta.identity === auditorEmail);
+}
+/**
+ * Get list of auditors trusted by the current user
+ *
+ * @param client - API client instance (must be authenticated)
+ * @returns Array of trusted auditor emails
+ *
+ * @example
+ * ```ts
+ * const auditors = await getMyTrustedAuditors(client);
+ * console.log(`You trust: ${auditors.join(", ")}`);
+ * ```
+ */
+export async function getMyTrustedAuditors(client) {
+    // First get current user to know their username
+    const currentUser = await client.get("/auth/me");
+    const username = currentUser.data.username;
+    // Get trust config
+    const trustConfig = await getUserTrust(client, username);
+    return trustConfig.trusted_auditors.map((ta) => ta.identity);
+}
+//# sourceMappingURL=trust.js.map

package/dist/trust.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust.js","sourceRoot":"","sources":["../src/trust.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,MAAsB,EACtB,QAAgB;IAEhB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAAkB,UAAU,QAAQ,QAAQ,CAAC,CAAC;IAC/E,OAAO,QAAQ,CAAC,IAAI,CAAC;AACvB,CAAC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAsB,EACtB,eAAyB;IAQzB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,GAAG,CAA4B,iBAAiB,EAAE;QAC9E,gBAAgB,EAAE,eAAe;KACN,CAAC,CAAC;IAE/B,OAAO;QACL,eAAe,EAAE,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YAC3D,QAAQ,EAAE,EAAE,CAAC,QAAQ;YACrB,OAAO,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC;SAC/B,CAAC,CAAC;QACH,SAAS,EAAE,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAsB,EACtB,YAAoB;IAQpB,gDAAgD;IAChD,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,GAAG,CAAuB,UAAU,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;IAE3C,2BAA2B;IAC3B,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAE1D,yCAAyC;IACzC,MAAM,eAAe,GAAG,YAAY,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IAC/E,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QAC5C,eAAe,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACrC,CAAC;IAED,sBAAsB;IACtB,OAAO,aAAa,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;AAChD,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAAsB,EACtB,YAAoB;IAQpB,gDAAgD;IAChD,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,GAAG,CAAuB,UAAU,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;IAE3C,2BAA2B;IAC3B,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAE1D,iBAAiB;IACjB,MAAM,eAAe,GAAG,YAAY,CAAC,gBAAgB;SAClD,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC;SACxB,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,YAAY,CAAC,CAAC;IAE7C,sBAAsB;IACtB,OAAO,aAAa,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;AAChD,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,MAAsB,EACtB,QAAgB,EAChB,YAAoB;IAEpB,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IACzD,OAAO,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC;AACjF,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,MAAsB;IAC/D,gDAAgD;IAChD,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,GAAG,CAAuB,UAAU,CAAC,CAAC;IACvE,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC;IAE3C,mBAAmB;IACnB,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAEzD,OAAO,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;AAC/D,CAAC"}

package/dist/types.d.ts

@@ -0,0 +1,421 @@
+/**
+ * TypeScript types for Enact Registry API v2
+ * Based on docs/API.md and docs/REGISTRY-SPEC.md specification
+ */
+/**
+ * API error response
+ */
+export interface ApiError {
+    error: {
+        code: string;
+        message: string;
+        details?: Record<string, unknown> | undefined;
+    };
+}
+/**
+ * OAuth provider types
+ */
+export type OAuthProvider = "github" | "google" | "microsoft";
+/**
+ * Author/user information from API
+ */
+export interface ApiAuthor {
+    username: string;
+    avatar_url?: string | undefined;
+}
+/**
+ * Version metadata object (v2)
+ */
+export interface VersionMetadata {
+    /** Version string (e.g., "1.2.0") */
+    version: string;
+    /** Publication timestamp */
+    published_at: string;
+    /** Download count for this version */
+    downloads: number;
+    /** SHA-256 hash of bundle */
+    bundle_hash: string;
+    /** Bundle size in bytes */
+    bundle_size?: number | undefined;
+    /** Whether this version is yanked */
+    yanked: boolean;
+    /** Attestation summary (optional) */
+    attestation_summary?: {
+        auditor_count: number;
+    } | undefined;
+}
+/**
+ * Tool search result item
+ */
+export interface ToolSearchResult {
+    /** Tool name (e.g., "alice/utils/greeter") */
+    name: string;
+    /** Tool description */
+    description: string;
+    /** Tool tags */
+    tags: string[];
+    /** Latest published version */
+    version: string;
+    /** Tool author */
+    author: ApiAuthor;
+    /** Total downloads */
+    downloads: number;
+    /** Trust status */
+    trust_status?: {
+        auditor_count: number;
+    } | undefined;
+}
+/**
+ * Tool metadata from GET /tools/{name}
+ */
+export interface ToolMetadata {
+    /** Tool name */
+    name: string;
+    /** Tool description */
+    description: string;
+    /** Tool tags */
+    tags: string[];
+    /** SPDX license identifier */
+    license: string;
+    /** Tool author */
+    author: ApiAuthor;
+    /** Repository URL */
+    repository?: string | undefined;
+    /** Homepage URL */
+    homepage?: string | undefined;
+    /** Creation timestamp */
+    created_at: string;
+    /** Last update timestamp */
+    updated_at: string;
+    /** Latest version */
+    latest_version: string;
+    /** Version list (paginated) */
+    versions: VersionMetadata[];
+    /** Total number of versions */
+    versions_total: number;
+    /** Total downloads across all versions */
+    total_downloads: number;
+}
+/**
+ * Bundle information
+ */
+export interface BundleInfo {
+    /** SHA-256 hash */
+    hash: string;
+    /** Size in bytes */
+    size: number;
+    /** Download URL */
+    download_url: string;
+}
+/**
+ * Tool version details from GET /tools/{name}/versions/{version}
+ */
+export interface ToolVersionDetails {
+    /** Tool name */
+    name: string;
+    /** Version */
+    version: string;
+    /** Tool description */
+    description: string;
+    /** SPDX license identifier */
+    license: string;
+    /** Whether this version is yanked */
+    yanked: boolean;
+    /** Yank reason (if yanked) */
+    yank_reason?: string | undefined;
+    /** Replacement version (if yanked) */
+    yank_replacement?: string | undefined;
+    /** When it was yanked */
+    yanked_at?: string | undefined;
+    /** Full manifest object */
+    manifest: Record<string, unknown>;
+    /** Bundle information */
+    bundle: BundleInfo;
+    /** List of attestations */
+    attestations: Attestation[];
+    /** Who published this version */
+    published_by: ApiAuthor;
+    /** Publication timestamp */
+    published_at: string;
+    /** Download count for this version */
+    downloads: number;
+}
+/**
+ * Single attestation record (v2 - auditor-only)
+ */
+export interface Attestation {
+    /** Auditor email (from Sigstore certificate) */
+    auditor: string;
+    /** OAuth provider used for attestation */
+    auditor_provider: string;
+    /** Signing timestamp */
+    signed_at: string;
+    /** Rekor transparency log ID */
+    rekor_log_id: string;
+    /** Rekor transparency log index */
+    rekor_log_index?: number | undefined;
+    /** Verification status */
+    verification?: {
+        verified: boolean;
+        verified_at: string;
+        rekor_verified: boolean;
+        certificate_verified: boolean;
+        signature_verified: boolean;
+    } | undefined;
+}
+/**
+ * Feedback aggregates from GET /tools/{name}/feedback
+ */
+export interface FeedbackAggregates {
+    /** Average rating (1-5) */
+    rating: number;
+    /** Number of ratings */
+    rating_count: number;
+    /** Total downloads */
+    downloads: number;
+}
+/**
+ * User profile from GET /users/{username}
+ */
+export interface UserProfile {
+    /** Username */
+    username: string;
+    /** Display name */
+    display_name?: string | undefined;
+    /** Avatar URL */
+    avatar_url?: string | undefined;
+    /** Account creation date */
+    created_at: string;
+    /** Number of tools published */
+    tools_count?: number | undefined;
+}
+/**
+ * Current user info from GET /auth/me (v2)
+ */
+export interface CurrentUser {
+    /** User ID */
+    id: string;
+    /** Username */
+    username: string;
+    /** Email address */
+    email: string;
+    /** Namespaces the user owns */
+    namespaces: string[];
+    /** Account creation date */
+    created_at: string;
+}
+/**
+ * OAuth login request
+ */
+export interface OAuthLoginRequest {
+    /** OAuth provider */
+    provider: OAuthProvider;
+    /** Redirect URI for callback */
+    redirect_uri: string;
+}
+/**
+ * OAuth login response
+ */
+export interface OAuthLoginResponse {
+    /** Authorization URL to redirect user to */
+    auth_url: string;
+}
+/**
+ * OAuth callback request
+ */
+export interface OAuthCallbackRequest {
+    /** OAuth provider */
+    provider: OAuthProvider;
+    /** Authorization code from OAuth provider */
+    code: string;
+}
+/**
+ * OAuth token response
+ */
+export interface OAuthTokenResponse {
+    /** Access token (JWT) */
+    access_token: string;
+    /** Refresh token */
+    refresh_token: string;
+    /** Token expiration in seconds */
+    expires_in: number;
+    /** User information */
+    user: {
+        id: string;
+        username: string;
+        email: string;
+    };
+}
+/**
+ * Refresh token request
+ */
+export interface RefreshTokenRequest {
+    /** Refresh token */
+    refresh_token: string;
+}
+/**
+ * Refresh token response
+ */
+export interface RefreshTokenResponse {
+    /** New access token */
+    access_token: string;
+    /** Token expiration in seconds */
+    expires_in: number;
+}
+/**
+ * Publish response from POST /tools/{name} (v2 - single POST)
+ */
+export interface PublishResponse {
+    /** Tool name */
+    name: string;
+    /** Published version */
+    version: string;
+    /** Bundle hash */
+    bundle_hash: string;
+    /** Bundle size */
+    bundle_size: number;
+    /** Download URL */
+    download_url: string;
+    /** Publication timestamp */
+    published_at: string;
+}
+/**
+ * Yank version request
+ */
+export interface YankVersionRequest {
+    /** Reason for yanking */
+    reason?: string | undefined;
+    /** Replacement version to recommend */
+    replacement_version?: string | undefined;
+}
+/**
+ * Yank version response
+ */
+export interface YankVersionResponse {
+    /** Whether version is yanked */
+    yanked: true;
+    /** Version that was yanked */
+    version: string;
+    /** Reason for yanking */
+    reason?: string | undefined;
+    /** Replacement version */
+    replacement_version?: string | undefined;
+    /** When it was yanked */
+    yanked_at: string;
+    /** Informational message */
+    message?: string | undefined;
+}
+/**
+ * Unyank version response
+ */
+export interface UnyankVersionResponse {
+    /** Whether version is yanked */
+    yanked: false;
+    /** Version that was unyanked */
+    version: string;
+    /** When it was unyanked */
+    unyanked_at: string;
+}
+/**
+ * Submit attestation response (v2)
+ */
+export interface AttestationResponse {
+    /** Auditor email */
+    auditor: string;
+    /** OAuth provider */
+    auditor_provider: string;
+    /** Signing timestamp */
+    signed_at: string;
+    /** Rekor log ID */
+    rekor_log_id: string;
+    /** Rekor log index */
+    rekor_log_index?: number | undefined;
+    /** Verification result */
+    verification: {
+        verified: boolean;
+        verified_at: string;
+        rekor_verified: boolean;
+        certificate_verified: boolean;
+        signature_verified: boolean;
+    };
+}
+/**
+ * Revoke attestation response
+ */
+export interface RevokeAttestationResponse {
+    /** Auditor email */
+    auditor: string;
+    /** Whether revocation succeeded */
+    revoked: true;
+    /** When it was revoked */
+    revoked_at: string;
+}
+/**
+ * Trusted auditor entry
+ */
+export interface TrustedAuditor {
+    /** Auditor identity (email) */
+    identity: string;
+    /** When they were added to trust list */
+    added_at: string;
+}
+/**
+ * User trust configuration
+ */
+export interface UserTrustConfig {
+    /** Username */
+    username: string;
+    /** List of trusted auditors */
+    trusted_auditors: TrustedAuditor[];
+}
+/**
+ * Update trust configuration request
+ */
+export interface UpdateTrustConfigRequest {
+    /** Array of auditor emails to trust */
+    trusted_auditors: string[];
+}
+/**
+ * Update trust configuration response
+ */
+export interface UpdateTrustConfigResponse {
+    /** Updated list of trusted auditors */
+    trusted_auditors: TrustedAuditor[];
+    /** When the config was updated */
+    updated_at: string;
+}
+/**
+ * Rate limit info from response headers
+ */
+export interface RateLimitInfo {
+    /** Max requests per window */
+    limit: number;
+    /** Remaining requests */
+    remaining: number;
+    /** Unix timestamp when limit resets */
+    reset: number;
+}
+/**
+ * HTTP error codes from API v2
+ */
+export type ApiErrorCode = "BAD_REQUEST" | "UNAUTHORIZED" | "FORBIDDEN" | "NOT_FOUND" | "CONFLICT" | "VERSION_YANKED" | "BUNDLE_TOO_LARGE" | "VALIDATION_ERROR" | "ATTESTATION_VERIFICATION_FAILED" | "RATE_LIMITED" | "INTERNAL_ERROR";
+/**
+ * HTTP status codes
+ */
+export declare const HTTP_STATUS: {
+    readonly OK: 200;
+    readonly CREATED: 201;
+    readonly NO_CONTENT: 204;
+    readonly REDIRECT: 302;
+    readonly BAD_REQUEST: 400;
+    readonly UNAUTHORIZED: 401;
+    readonly FORBIDDEN: 403;
+    readonly NOT_FOUND: 404;
+    readonly CONFLICT: 409;
+    readonly GONE: 410;
+    readonly PAYLOAD_TOO_LARGE: 413;
+    readonly VALIDATION_ERROR: 422;
+    readonly RATE_LIMITED: 429;
+    readonly INTERNAL_ERROR: 500;
+};
+//# sourceMappingURL=types.d.ts.map