@flowdesk/core 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (142) hide show
  1. package/dist/authority-promotion.d.ts +70 -0
  2. package/dist/authority-promotion.d.ts.map +1 -0
  3. package/dist/authority-promotion.js +388 -0
  4. package/dist/authority-promotion.js.map +1 -0
  5. package/dist/chat-control-authority.d.ts +83 -0
  6. package/dist/chat-control-authority.d.ts.map +1 -0
  7. package/dist/chat-control-authority.js +238 -0
  8. package/dist/chat-control-authority.js.map +1 -0
  9. package/dist/chat-hook-authority-probe.d.ts +39 -0
  10. package/dist/chat-hook-authority-probe.d.ts.map +1 -0
  11. package/dist/chat-hook-authority-probe.js +153 -0
  12. package/dist/chat-hook-authority-probe.js.map +1 -0
  13. package/dist/chat-routing.d.ts.map +1 -1
  14. package/dist/chat-routing.js +18 -15
  15. package/dist/chat-routing.js.map +1 -1
  16. package/dist/connector-gateway.d.ts +34 -0
  17. package/dist/connector-gateway.d.ts.map +1 -0
  18. package/dist/connector-gateway.js +147 -0
  19. package/dist/connector-gateway.js.map +1 -0
  20. package/dist/connector-profile.d.ts +41 -0
  21. package/dist/connector-profile.d.ts.map +1 -0
  22. package/dist/connector-profile.js +125 -0
  23. package/dist/connector-profile.js.map +1 -0
  24. package/dist/controlled-conformance-doc-write.d.ts +44 -0
  25. package/dist/controlled-conformance-doc-write.d.ts.map +1 -0
  26. package/dist/controlled-conformance-doc-write.js +142 -0
  27. package/dist/controlled-conformance-doc-write.js.map +1 -0
  28. package/dist/controlled-redacted-audit-export-write.d.ts +45 -0
  29. package/dist/controlled-redacted-audit-export-write.d.ts.map +1 -0
  30. package/dist/controlled-redacted-audit-export-write.js +145 -0
  31. package/dist/controlled-redacted-audit-export-write.js.map +1 -0
  32. package/dist/core-completion-safety-contracts.d.ts +35 -0
  33. package/dist/core-completion-safety-contracts.d.ts.map +1 -0
  34. package/dist/core-completion-safety-contracts.js +98 -0
  35. package/dist/core-completion-safety-contracts.js.map +1 -0
  36. package/dist/dispatch-attempt-manifest.d.ts +59 -0
  37. package/dist/dispatch-attempt-manifest.d.ts.map +1 -0
  38. package/dist/dispatch-attempt-manifest.js +294 -0
  39. package/dist/dispatch-attempt-manifest.js.map +1 -0
  40. package/dist/dispatch-idempotency.d.ts +89 -0
  41. package/dist/dispatch-idempotency.d.ts.map +1 -0
  42. package/dist/dispatch-idempotency.js +275 -0
  43. package/dist/dispatch-idempotency.js.map +1 -0
  44. package/dist/external-auth-policy.d.ts +49 -0
  45. package/dist/external-auth-policy.d.ts.map +1 -0
  46. package/dist/external-auth-policy.js +166 -0
  47. package/dist/external-auth-policy.js.map +1 -0
  48. package/dist/fake-remote-connector-adapter.d.ts +37 -0
  49. package/dist/fake-remote-connector-adapter.d.ts.map +1 -0
  50. package/dist/fake-remote-connector-adapter.js +162 -0
  51. package/dist/fake-remote-connector-adapter.js.map +1 -0
  52. package/dist/fallback-decision.d.ts +29 -0
  53. package/dist/fallback-decision.d.ts.map +1 -0
  54. package/dist/fallback-decision.js +93 -0
  55. package/dist/fallback-decision.js.map +1 -0
  56. package/dist/fallback-regate-plan.d.ts +34 -0
  57. package/dist/fallback-regate-plan.d.ts.map +1 -0
  58. package/dist/fallback-regate-plan.js +122 -0
  59. package/dist/fallback-regate-plan.js.map +1 -0
  60. package/dist/fds1-schema-probe-result.d.ts +37 -0
  61. package/dist/fds1-schema-probe-result.d.ts.map +1 -0
  62. package/dist/fds1-schema-probe-result.js +115 -0
  63. package/dist/fds1-schema-probe-result.js.map +1 -0
  64. package/dist/index.d.ts +25 -0
  65. package/dist/index.d.ts.map +1 -1
  66. package/dist/index.js +25 -0
  67. package/dist/index.js.map +1 -1
  68. package/dist/lane-heartbeat.d.ts +49 -0
  69. package/dist/lane-heartbeat.d.ts.map +1 -0
  70. package/dist/lane-heartbeat.js +149 -0
  71. package/dist/lane-heartbeat.js.map +1 -0
  72. package/dist/lane-lifecycle-record.d.ts +32 -0
  73. package/dist/lane-lifecycle-record.d.ts.map +1 -0
  74. package/dist/lane-lifecycle-record.js +134 -0
  75. package/dist/lane-lifecycle-record.js.map +1 -0
  76. package/dist/lane-stall-projection.d.ts +43 -0
  77. package/dist/lane-stall-projection.d.ts.map +1 -0
  78. package/dist/lane-stall-projection.js +272 -0
  79. package/dist/lane-stall-projection.js.map +1 -0
  80. package/dist/model-availability-cache.d.ts +286 -0
  81. package/dist/model-availability-cache.d.ts.map +1 -0
  82. package/dist/model-availability-cache.js +1109 -0
  83. package/dist/model-availability-cache.js.map +1 -0
  84. package/dist/operational-intelligence.d.ts +38 -0
  85. package/dist/operational-intelligence.d.ts.map +1 -0
  86. package/dist/operational-intelligence.js +107 -0
  87. package/dist/operational-intelligence.js.map +1 -0
  88. package/dist/production-approval-source.d.ts +61 -0
  89. package/dist/production-approval-source.d.ts.map +1 -0
  90. package/dist/production-approval-source.js +226 -0
  91. package/dist/production-approval-source.js.map +1 -0
  92. package/dist/production-enablement.d.ts +92 -1
  93. package/dist/production-enablement.d.ts.map +1 -1
  94. package/dist/production-enablement.js +421 -8
  95. package/dist/production-enablement.js.map +1 -1
  96. package/dist/production-verification.d.ts +31 -0
  97. package/dist/production-verification.d.ts.map +1 -0
  98. package/dist/production-verification.js +126 -0
  99. package/dist/production-verification.js.map +1 -0
  100. package/dist/provider-usage-collector.d.ts +7 -0
  101. package/dist/provider-usage-collector.d.ts.map +1 -1
  102. package/dist/provider-usage-collector.js +64 -10
  103. package/dist/provider-usage-collector.js.map +1 -1
  104. package/dist/release1-contracts.d.ts +8 -2
  105. package/dist/release1-contracts.d.ts.map +1 -1
  106. package/dist/release1-contracts.js +2 -1
  107. package/dist/release1-contracts.js.map +1 -1
  108. package/dist/remote-write-connector-gate.d.ts +91 -0
  109. package/dist/remote-write-connector-gate.d.ts.map +1 -0
  110. package/dist/remote-write-connector-gate.js +291 -0
  111. package/dist/remote-write-connector-gate.js.map +1 -0
  112. package/dist/runtime-lane-productization.d.ts +78 -0
  113. package/dist/runtime-lane-productization.d.ts.map +1 -0
  114. package/dist/runtime-lane-productization.js +270 -0
  115. package/dist/runtime-lane-productization.js.map +1 -0
  116. package/dist/sanitized-auth-capture.d.ts +50 -0
  117. package/dist/sanitized-auth-capture.d.ts.map +1 -0
  118. package/dist/sanitized-auth-capture.js +164 -0
  119. package/dist/sanitized-auth-capture.js.map +1 -0
  120. package/dist/schema-artifacts.d.ts.map +1 -1
  121. package/dist/schema-artifacts.js +37 -6
  122. package/dist/schema-artifacts.js.map +1 -1
  123. package/dist/schema-registry.d.ts.map +1 -1
  124. package/dist/schema-registry.js +21 -0
  125. package/dist/schema-registry.js.map +1 -1
  126. package/dist/session-evidence.d.ts +117 -0
  127. package/dist/session-evidence.d.ts.map +1 -1
  128. package/dist/session-evidence.js +569 -1
  129. package/dist/session-evidence.js.map +1 -1
  130. package/dist/state-paths.d.ts +1 -1
  131. package/dist/state-paths.d.ts.map +1 -1
  132. package/dist/state-paths.js +56 -6
  133. package/dist/state-paths.js.map +1 -1
  134. package/dist/status.d.ts +7 -0
  135. package/dist/status.d.ts.map +1 -1
  136. package/dist/status.js +89 -1
  137. package/dist/status.js.map +1 -1
  138. package/dist/validators.d.ts +1 -0
  139. package/dist/validators.d.ts.map +1 -1
  140. package/dist/validators.js +30 -7
  141. package/dist/validators.js.map +1 -1
  142. package/package.json +1 -1
package/dist/connector-gateway.js ADDED
@@ -0,0 +1,147 @@
1
+ import { validateFlowDeskConnectorProfileV1, validateFlowDeskConnectorRecipeRefV1, } from "./connector-profile.js";
2
+ import { validateFlowDeskRemoteWritePlanV1, } from "./remote-write-connector-gate.js";
3
+ import { invalid, valid, validateNoForbiddenRawPayloads, validateOpaqueRef, } from "./validators.js";
4
+ const disabledGatewayAuthority = {
5
+ gateway_execution_attempted: false,
6
+ remote_write_attempted: false,
7
+ connector_write_attempted: false,
8
+ remote_write_authority_enabled: false,
9
+ external_write_authority_enabled: false,
10
+ dispatch_authority_enabled: false,
11
+ providerCall: false,
12
+ actualLaneLaunch: false,
13
+ runtimeExecution: false,
14
+ };
15
+ function isRecord(value) {
16
+ return typeof value === "object" && value !== null && !Array.isArray(value);
17
+ }
18
+ function rejectUnknownProperties(record, allowed, label) {
19
+ const unknown = Object.keys(record).filter((key) => !allowed.includes(key));
20
+ return unknown.length === 0 ? valid() : invalid(`${label} unknown properties: ${unknown.join(",")}`);
21
+ }
22
+ export function validateFlowDeskConnectorGatewayInvocationPlanV1(value) {
23
+ if (!isRecord(value))
24
+ return invalid("connector gateway invocation plan must be an object");
25
+ const record = value;
26
+ const errors = [];
27
+ errors.push(...rejectUnknownProperties(record, [
28
+ "schema_version",
29
+ "workflow_id",
30
+ "attempt_id",
31
+ "ok",
32
+ "errors",
33
+ "state",
34
+ "blocked_labels",
35
+ "connector_profile_ref",
36
+ "connector_recipe_ref",
37
+ "connector_kind",
38
+ "target_ref",
39
+ "content_hash_ref",
40
+ "pre_write_audit_ref",
41
+ "idempotency_key_ref",
42
+ "gateway_execution_attempted",
43
+ "remote_write_attempted",
44
+ "connector_write_attempted",
45
+ "remote_write_authority_enabled",
46
+ "external_write_authority_enabled",
47
+ "dispatch_authority_enabled",
48
+ "providerCall",
49
+ "actualLaneLaunch",
50
+ "runtimeExecution",
51
+ ], "connector gateway invocation plan").errors);
52
+ if (record.schema_version !== "flowdesk.connector_gateway_invocation_plan.v1")
53
+ errors.push("connector gateway invocation plan schema_version is invalid");
54
+ if (record.workflow_id !== undefined)
55
+ errors.push(...validateOpaqueRef(record.workflow_id, "workflow_id").errors);
56
+ if (record.attempt_id !== undefined)
57
+ errors.push(...validateOpaqueRef(record.attempt_id, "attempt_id").errors);
58
+ if (record.state !== "gateway_ready" && record.state !== "blocked")
59
+ errors.push("connector gateway state is invalid");
60
+ if (!Array.isArray(record.blocked_labels))
61
+ errors.push("blocked_labels must be an array");
62
+ else
63
+ for (const [index, label] of record.blocked_labels.entries())
64
+ errors.push(...validateOpaqueRef(label, `blocked_labels[${index}]`).errors);
65
+ for (const [value, label] of [
66
+ [record.connector_profile_ref, "connector_profile_ref"],
67
+ [record.connector_recipe_ref, "connector_recipe_ref"],
68
+ [record.target_ref, "target_ref"],
69
+ [record.content_hash_ref, "content_hash_ref"],
70
+ [record.pre_write_audit_ref, "pre_write_audit_ref"],
71
+ [record.idempotency_key_ref, "idempotency_key_ref"],
72
+ ])
73
+ if (value !== undefined)
74
+ errors.push(...validateOpaqueRef(value, label).errors);
75
+ if (record.state === "gateway_ready" && (record.blocked_labels?.length ?? 0) > 0)
76
+ errors.push("gateway_ready plan cannot carry blocked labels");
77
+ if (record.state === "blocked" && (record.blocked_labels?.length ?? 0) === 0)
78
+ errors.push("blocked gateway plan requires blocked labels");
79
+ if (record.gateway_execution_attempted !== false || record.remote_write_attempted !== false || record.connector_write_attempted !== false || record.remote_write_authority_enabled !== false || record.external_write_authority_enabled !== false || record.dispatch_authority_enabled !== false || record.providerCall !== false || record.actualLaneLaunch !== false || record.runtimeExecution !== false)
80
+ errors.push("connector gateway plan cannot attempt execution or enable authority");
81
+ errors.push(...validateNoForbiddenRawPayloads(record, "connector_gateway_invocation_plan").errors);
82
+ return errors.length === 0 ? valid() : invalid(...errors);
83
+ }
84
+ export function planFlowDeskConnectorGatewayInvocationV1(input) {
85
+ const errors = [];
86
+ const blockedLabels = [];
87
+ const profileResult = validateFlowDeskConnectorProfileV1(input.profile);
88
+ const recipeResult = validateFlowDeskConnectorRecipeRefV1(input.recipe);
89
+ const writePlanResult = validateFlowDeskRemoteWritePlanV1(input.writePlan);
90
+ const readinessResult = validateFlowDeskConnectorGatewayReadinessShape(input.readiness);
91
+ errors.push(...profileResult.errors, ...recipeResult.errors, ...writePlanResult.errors, ...readinessResult.errors);
92
+ if (!profileResult.ok)
93
+ blockedLabels.push("connector_profile_invalid");
94
+ if (!recipeResult.ok)
95
+ blockedLabels.push("connector_recipe_invalid");
96
+ if (!writePlanResult.ok)
97
+ blockedLabels.push("write_plan_invalid");
98
+ if (!readinessResult.ok)
99
+ blockedLabels.push("readiness_invalid");
100
+ if (input.readiness.state !== "ready" || input.readiness.remote_write_connector_ready !== true)
101
+ blockedLabels.push("remote_write_readiness_not_ready");
102
+ if (input.profile.profile_id !== input.recipe.connector_profile_ref)
103
+ blockedLabels.push("profile_recipe_ref_mismatch");
104
+ if (input.profile.connector_kind !== input.recipe.connector_kind || input.profile.connector_kind !== input.writePlan.connector_kind)
105
+ blockedLabels.push("connector_kind_mismatch");
106
+ if (!input.profile.allowed_target_kinds.includes(input.recipe.target_kind))
107
+ blockedLabels.push("target_kind_not_allowed");
108
+ if (input.writePlan.workflow_id !== input.readiness.workflow_id)
109
+ blockedLabels.push("workflow_mismatch");
110
+ if (input.writePlan.attempt_id !== input.readiness.attempt_id)
111
+ blockedLabels.push("attempt_mismatch");
112
+ if (input.writePlan.connector_kind !== input.readiness.connector_kind)
113
+ blockedLabels.push("readiness_connector_mismatch");
114
+ const ready = errors.length === 0 && blockedLabels.length === 0;
115
+ return {
116
+ schema_version: "flowdesk.connector_gateway_invocation_plan.v1",
117
+ workflow_id: input.writePlan.workflow_id,
118
+ attempt_id: input.writePlan.attempt_id,
119
+ ok: errors.length === 0,
120
+ errors,
121
+ state: ready ? "gateway_ready" : "blocked",
122
+ blocked_labels: [...new Set(blockedLabels)],
123
+ connector_profile_ref: input.profile.profile_id,
124
+ connector_recipe_ref: input.recipe.recipe_ref,
125
+ connector_kind: input.writePlan.connector_kind,
126
+ target_ref: input.writePlan.target_ref,
127
+ content_hash_ref: input.writePlan.content_hash_ref,
128
+ pre_write_audit_ref: input.writePlan.pre_write_audit_ref,
129
+ idempotency_key_ref: input.writePlan.idempotency_key_ref,
130
+ ...disabledGatewayAuthority,
131
+ };
132
+ }
133
+ function validateFlowDeskConnectorGatewayReadinessShape(value) {
134
+ if (!isRecord(value))
135
+ return invalid("remote write readiness must be an object");
136
+ const record = value;
137
+ const errors = [];
138
+ if (record.schema_version !== "flowdesk.remote_write_connector_execution_readiness.v1")
139
+ errors.push("readiness schema_version is invalid");
140
+ if (record.gateway_execution_attempted !== undefined)
141
+ errors.push("readiness cannot predeclare gateway execution");
142
+ if (record.remote_write_attempted !== false || record.remote_write_authority_enabled !== false || record.external_write_authority_enabled !== false || record.dispatch_authority_enabled !== false || record.providerCall !== false || record.actualLaneLaunch !== false || record.runtimeExecution !== false)
143
+ errors.push("readiness cannot enable authority");
144
+ errors.push(...validateNoForbiddenRawPayloads(record, "connector_gateway_readiness").errors);
145
+ return errors.length === 0 ? valid() : invalid(...errors);
146
+ }
147
+ //# sourceMappingURL=connector-gateway.js.map
package/dist/connector-gateway.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"connector-gateway.js","sourceRoot":"","sources":["../src/connector-gateway.ts"],"names":[],"mappings":"AAAA,OAAO,EAGN,kCAAkC,EAClC,oCAAoC,GACpC,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAGN,iCAAiC,GACjC,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EACN,OAAO,EAEP,KAAK,EACL,8BAA8B,EAC9B,iBAAiB,GACjB,MAAM,iBAAiB,CAAC;AA0BzB,MAAM,wBAAwB,GAAG;IAChC,2BAA2B,EAAE,KAAc;IAC3C,sBAAsB,EAAE,KAAc;IACtC,yBAAyB,EAAE,KAAc;IACzC,8BAA8B,EAAE,KAAc;IAC9C,gCAAgC,EAAE,KAAc;IAChD,0BAA0B,EAAE,KAAc;IAC1C,YAAY,EAAE,KAAc;IAC5B,gBAAgB,EAAE,KAAc;IAChC,gBAAgB,EAAE,KAAc;CAChC,CAAC;AAEF,SAAS,QAAQ,CAAC,KAAc;IAC/B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,uBAAuB,CAAC,MAA+B,EAAE,OAA0B,EAAE,KAAa;IAC1G,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5E,OAAO,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,KAAK,wBAAwB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AACtG,CAAC;AAED,MAAM,UAAU,gDAAgD,CAAC,KAAc;IAC9E,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,qDAAqD,CAAC,CAAC;IAC5F,MAAM,MAAM,GAAG,KAA0D,CAAC;IAC1E,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,IAAI,CAAC,GAAG,uBAAuB,CAAC,MAAM,EAAE;QAC9C,gBAAgB;QAChB,aAAa;QACb,YAAY;QACZ,IAAI;QACJ,QAAQ;QACR,OAAO;QACP,gBAAgB;QAChB,uBAAuB;QACvB,sBAAsB;QACtB,gBAAgB;QAChB,YAAY;QACZ,kBAAkB;QAClB,qBAAqB;QACrB,qBAAqB;QACrB,6BAA6B;QAC7B,wBAAwB;QACxB,2BAA2B;QAC3B,gCAAgC;QAChC,kCAAkC;QAClC,4BAA4B;QAC5B,cAAc;QACd,kBAAkB;QAClB,kBAAkB;KAClB,EAAE,mCAAmC,CAAC,CAAC,MAAM,CAAC,CAAC;IAChD,IAAI,MAAM,CAAC,cAAc,KAAK,+CAA+C;QAAE,MAAM,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC1J,IAAI,MAAM,CAAC,WAAW,KAAK,SAAS;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC,MAAM,CAAC,CAAC;IAClH,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC;IAC/G,IAAI,MAAM,CAAC,KAAK,KAAK,eAAe,IAAI,MAAM,CAAC,KAAK,KAAK,SAAS;QAAE,MAAM,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;IACtH,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,cAAc,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;;QACrF,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE;YAAE,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,KAAK,EAAE,kBAAkB,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IAC/I,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI;QAC5B,CAAC,MAAM,CAAC,qBAAqB,EAAE,uBAAuB,CAAC;QACvD,CAAC,MAAM,CAAC,oBAAoB,EAAE,sBAAsB,CAAC;QACrD,CAAC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;QACjC,CAAC,MAAM,CAAC,gBAAgB,EAAE,kBAAkB,CAAC;QAC7C,CAAC,MAAM,CAAC,mBAAmB,EAAE,qBAAqB,CAAC;QACnD,CAAC,MAAM,CAAC,mBAAmB,EAAE,qBAAqB,CAAC;KAC1C;QACT,IAAI,KAAK,KAAK,SAAS;YAAE,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC;IACjF,IAAI,MAAM,CAAC,KAAK,KAAK,eAAe,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;IAChJ,IAAI,MAAM,CAAC,KAAK,KAAK,SAAS,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,IAAI,CAAC,CAAC,KAAK,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;IAC1I,IAAI,MAAM,CAAC,2BAA2B,KAAK,KAAK,IAAI,MAAM,CAAC,sBAAsB,KAAK,KAAK,IAAI,MAAM,CAAC,yBAAyB,KAAK,KAAK,IAAI,MAAM,CAAC,8BAA8B,KAAK,KAAK,IAAI,MAAM,CAAC,gCAAgC,KAAK,KAAK,IAAI,MAAM,CAAC,0BAA0B,KAAK,KAAK,IAAI,MAAM,CAAC,YAAY,KAAK,KAAK,IAAI,MAAM,CAAC,gBAAgB,KAAK,KAAK,IAAI,MAAM,CAAC,gBAAgB,KAAK,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,qEAAqE,CAAC,CAAC;IAChe,MAAM,CAAC,IAAI,CAAC,GAAG,8BAA8B,CAAC,MAAM,EAAE,mCAAmC,CAAC,CAAC,MAAM,CAAC,CAAC;IACnG,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,wCAAwC,CAAC,KAKxD;IACA,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,aAAa,GAAG,kCAAkC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACxE,MAAM,YAAY,GAAG,oCAAoC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACxE,MAAM,eAAe,GAAG,iCAAiC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC3E,MAAM,eAAe,GAAG,8CAA8C,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACxF,MAAM,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,MAAM,EAAE,GAAG,YAAY,CAAC,MAAM,EAAE,GAAG,eAAe,CAAC,MAAM,EAAE,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;IACnH,IAAI,CAAC,aAAa,CAAC,EAAE;QAAE,aAAa,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IACvE,IAAI,CAAC,YAAY,CAAC,EAAE;QAAE,aAAa,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACrE,IAAI,CAAC,eAAe,CAAC,EAAE;QAAE,aAAa,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IAClE,IAAI,CAAC,eAAe,CAAC,EAAE;QAAE,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACjE,IAAI,KAAK,CAAC,SAAS,CAAC,KAAK,KAAK,OAAO,IAAI,KAAK,CAAC,SAAS,CAAC,4BAA4B,KAAK,IAAI;QAAE,aAAa,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IACvJ,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,KAAK,KAAK,CAAC,MAAM,CAAC,qBAAqB;QAAE,aAAa,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IACvH,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,KAAK,KAAK,CAAC,MAAM,CAAC,cAAc,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,KAAK,KAAK,CAAC,SAAS,CAAC,cAAc;QAAE,aAAa,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACnL,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,oBAAoB,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC;QAAE,aAAa,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IAC1H,IAAI,KAAK,CAAC,SAAS,CAAC,WAAW,KAAK,KAAK,CAAC,SAAS,CAAC,WAAW;QAAE,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACzG,IAAI,KAAK,CAAC,SAAS,CAAC,UAAU,KAAK,KAAK,CAAC,SAAS,CAAC,UAAU;QAAE,aAAa,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACtG,IAAI,KAAK,CAAC,SAAS,CAAC,cAAc,KAAK,KAAK,CAAC,SAAS,CAAC,cAAc;QAAE,aAAa,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC1H,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,CAAC;IAChE,OAAO;QACN,cAAc,EAAE,+CAA+C;QAC/D,WAAW,EAAE,KAAK,CAAC,SAAS,CAAC,WAAW;QACxC,UAAU,EAAE,KAAK,CAAC,SAAS,CAAC,UAAU;QACtC,EAAE,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QACvB,MAAM;QACN,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,SAAS;QAC1C,cAAc,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC;QAC3C,qBAAqB,EAAE,KAAK,CAAC,OAAO,CAAC,UAAU;QAC/C,oBAAoB,EAAE,KAAK,CAAC,MAAM,CAAC,UAAU;QAC7C,cAAc,EAAE,KAAK,CAAC,SAAS,CAAC,cAAc;QAC9C,UAAU,EAAE,KAAK,CAAC,SAAS,CAAC,UAAU;QACtC,gBAAgB,EAAE,KAAK,CAAC,SAAS,CAAC,gBAAgB;QAClD,mBAAmB,EAAE,KAAK,CAAC,SAAS,CAAC,mBAAmB;QACxD,mBAAmB,EAAE,KAAK,CAAC,SAAS,CAAC,mBAAmB;QACxD,GAAG,wBAAwB;KAC3B,CAAC;AACH,CAAC;AAED,SAAS,8CAA8C,CAAC,KAAc;IACrE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,0CAA0C,CAAC,CAAC;IACjF,MAAM,MAAM,GAAG,KAAkE,CAAC;IAClF,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,MAAM,CAAC,cAAc,KAAK,wDAAwD;QAAE,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;IAC3I,IAAK,MAAkC,CAAC,2BAA2B,KAAK,SAAS;QAAE,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;IAChJ,IAAI,MAAM,CAAC,sBAAsB,KAAK,KAAK,IAAI,MAAM,CAAC,8BAA8B,KAAK,KAAK,IAAI,MAAM,CAAC,gCAAgC,KAAK,KAAK,IAAI,MAAM,CAAC,0BAA0B,KAAK,KAAK,IAAI,MAAM,CAAC,YAAY,KAAK,KAAK,IAAI,MAAM,CAAC,gBAAgB,KAAK,KAAK,IAAI,MAAM,CAAC,gBAAgB,KAAK,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IAChW,MAAM,CAAC,IAAI,CAAC,GAAG,8BAA8B,CAAC,MAAM,EAAE,6BAA6B,CAAC,CAAC,MAAM,CAAC,CAAC;IAC7F,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC"}
package/dist/connector-profile.d.ts ADDED
@@ -0,0 +1,41 @@
1
+ import { type ValidationResult } from "./validators.js";
2
+ import { type FlowDeskRemoteWriteConnectorKindV1 } from "./remote-write-connector-gate.js";
3
+ export declare const FLOWDESK_CONNECTOR_TARGET_KINDS: readonly ["github_issue", "github_pr_comment", "http_endpoint", "cloud_storage_object", "database_record", "custom_mcp_connector", "external_ledger_entry"];
4
+ export type FlowDeskConnectorTargetKindV1 = (typeof FLOWDESK_CONNECTOR_TARGET_KINDS)[number];
5
+ export declare const FLOWDESK_CONNECTOR_INSTALL_POLICIES: readonly ["disabled", "approval_required"];
6
+ export type FlowDeskConnectorInstallPolicyV1 = (typeof FLOWDESK_CONNECTOR_INSTALL_POLICIES)[number];
7
+ export interface FlowDeskConnectorProfileV1 {
8
+ schema_version: "flowdesk.connector_profile.v1";
9
+ profile_id: string;
10
+ connector_kind: FlowDeskRemoteWriteConnectorKindV1;
11
+ active_profile_ref: string;
12
+ allowed_target_kinds: FlowDeskConnectorTargetKindV1[];
13
+ required_tool_refs: string[];
14
+ auth_scope_refs: string[];
15
+ recipe_playbook_refs: string[];
16
+ install_policy: FlowDeskConnectorInstallPolicyV1;
17
+ rollback_ref: string;
18
+ doctor_status_ref: string;
19
+ gateway_execution_authority_enabled: false;
20
+ remote_write_authority_enabled: false;
21
+ external_write_authority_enabled: false;
22
+ dispatch_authority_enabled: false;
23
+ }
24
+ export interface FlowDeskConnectorRecipeRefV1 {
25
+ schema_version: "flowdesk.connector_recipe_ref.v1";
26
+ recipe_ref: string;
27
+ connector_profile_ref: string;
28
+ connector_kind: FlowDeskRemoteWriteConnectorKindV1;
29
+ target_kind: FlowDeskConnectorTargetKindV1;
30
+ operation_label: string;
31
+ playbook_ref: string;
32
+ content_hash_required: true;
33
+ dry_run_required: true;
34
+ raw_locator_allowed: false;
35
+ gateway_execution_authority_enabled: false;
36
+ remote_write_authority_enabled: false;
37
+ dispatch_authority_enabled: false;
38
+ }
39
+ export declare function validateFlowDeskConnectorProfileV1(value: unknown): ValidationResult;
40
+ export declare function validateFlowDeskConnectorRecipeRefV1(value: unknown): ValidationResult;
41
+ //# sourceMappingURL=connector-profile.d.ts.map
package/dist/connector-profile.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"connector-profile.d.ts","sourceRoot":"","sources":["../src/connector-profile.ts"],"names":[],"mappings":"AAAA,OAAO,EAEN,KAAK,gBAAgB,EAKrB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAyC,KAAK,kCAAkC,EAAE,MAAM,kCAAkC,CAAC;AAElI,eAAO,MAAM,+BAA+B,6JAQlC,CAAC;AACX,MAAM,MAAM,6BAA6B,GACxC,CAAC,OAAO,+BAA+B,CAAC,CAAC,MAAM,CAAC,CAAC;AAElD,eAAO,MAAM,mCAAmC,4CAGtC,CAAC;AACX,MAAM,MAAM,gCAAgC,GAC3C,CAAC,OAAO,mCAAmC,CAAC,CAAC,MAAM,CAAC,CAAC;AAEtD,MAAM,WAAW,0BAA0B;IAC1C,cAAc,EAAE,+BAA+B,CAAC;IAChD,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,kCAAkC,CAAC;IACnD,kBAAkB,EAAE,MAAM,CAAC;IAC3B,oBAAoB,EAAE,6BAA6B,EAAE,CAAC;IACtD,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,cAAc,EAAE,gCAAgC,CAAC;IACjD,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,mCAAmC,EAAE,KAAK,CAAC;IAC3C,8BAA8B,EAAE,KAAK,CAAC;IACtC,gCAAgC,EAAE,KAAK,CAAC;IACxC,0BAA0B,EAAE,KAAK,CAAC;CAClC;AAED,MAAM,WAAW,4BAA4B;IAC5C,cAAc,EAAE,kCAAkC,CAAC;IACnD,UAAU,EAAE,MAAM,CAAC;IACnB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,cAAc,EAAE,kCAAkC,CAAC;IACnD,WAAW,EAAE,6BAA6B,CAAC;IAC3C,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB,EAAE,IAAI,CAAC;IAC5B,gBAAgB,EAAE,IAAI,CAAC;IACvB,mBAAmB,EAAE,KAAK,CAAC;IAC3B,mCAAmC,EAAE,KAAK,CAAC;IAC3C,8BAA8B,EAAE,KAAK,CAAC;IACtC,0BAA0B,EAAE,KAAK,CAAC;CAClC;AA6BD,wBAAgB,kCAAkC,CAAC,KAAK,EAAE,OAAO,GAAG,gBAAgB,CAqCnF;AAED,wBAAgB,oCAAoC,CAAC,KAAK,EAAE,OAAO,GAAG,gBAAgB,CA8BrF"}
package/dist/connector-profile.js ADDED
@@ -0,0 +1,125 @@
1
+ import { invalid, valid, validateNoForbiddenRawPayloads, validateOpaqueId, validateOpaqueRef, } from "./validators.js";
2
+ import { FLOWDESK_REMOTE_WRITE_CONNECTOR_KINDS } from "./remote-write-connector-gate.js";
3
+ export const FLOWDESK_CONNECTOR_TARGET_KINDS = [
4
+ "github_issue",
5
+ "github_pr_comment",
6
+ "http_endpoint",
7
+ "cloud_storage_object",
8
+ "database_record",
9
+ "custom_mcp_connector",
10
+ "external_ledger_entry",
11
+ ];
12
+ export const FLOWDESK_CONNECTOR_INSTALL_POLICIES = [
13
+ "disabled",
14
+ "approval_required",
15
+ ];
16
+ function isRecord(value) {
17
+ return typeof value === "object" && value !== null && !Array.isArray(value);
18
+ }
19
+ function rejectUnknownProperties(record, allowed, label) {
20
+ const unknown = Object.keys(record).filter((key) => !allowed.includes(key));
21
+ return unknown.length === 0 ? valid() : invalid(`${label} unknown properties: ${unknown.join(",")}`);
22
+ }
23
+ function refs(value, label, options = {}) {
24
+ if (!Array.isArray(value))
25
+ return invalid(`${label} must be an array`);
26
+ const errors = [];
27
+ const minItems = options.minItems ?? 1;
28
+ if (value.length < minItems)
29
+ errors.push(`${label} must include at least ${minItems} item(s)`);
30
+ if (options.maxItems !== undefined && value.length > options.maxItems)
31
+ errors.push(`${label} exceeds max items ${options.maxItems}`);
32
+ for (const [index, ref] of value.entries())
33
+ errors.push(...validateOpaqueRef(ref, `${label}[${index}]`).errors);
34
+ return errors.length === 0 ? valid() : invalid(...errors);
35
+ }
36
+ function isConnectorKind(value) {
37
+ return typeof value === "string" && FLOWDESK_REMOTE_WRITE_CONNECTOR_KINDS.includes(value);
38
+ }
39
+ function isTargetKind(value) {
40
+ return typeof value === "string" && FLOWDESK_CONNECTOR_TARGET_KINDS.includes(value);
41
+ }
42
+ export function validateFlowDeskConnectorProfileV1(value) {
43
+ if (!isRecord(value))
44
+ return invalid("connector profile must be an object");
45
+ const record = value;
46
+ const errors = [];
47
+ errors.push(...rejectUnknownProperties(record, [
48
+ "schema_version",
49
+ "profile_id",
50
+ "connector_kind",
51
+ "active_profile_ref",
52
+ "allowed_target_kinds",
53
+ "required_tool_refs",
54
+ "auth_scope_refs",
55
+ "recipe_playbook_refs",
56
+ "install_policy",
57
+ "rollback_ref",
58
+ "doctor_status_ref",
59
+ "gateway_execution_authority_enabled",
60
+ "remote_write_authority_enabled",
61
+ "external_write_authority_enabled",
62
+ "dispatch_authority_enabled",
63
+ ], "connector profile").errors);
64
+ errors.push(...validateOpaqueId(record.profile_id, "profile_id").errors);
65
+ if (!isConnectorKind(record.connector_kind))
66
+ errors.push("connector profile connector_kind is invalid");
67
+ errors.push(...validateOpaqueRef(record.active_profile_ref, "active_profile_ref").errors);
68
+ if (!Array.isArray(record.allowed_target_kinds) || record.allowed_target_kinds.length === 0)
69
+ errors.push("allowed_target_kinds must be a non-empty array");
70
+ else
71
+ for (const [index, targetKind] of record.allowed_target_kinds.entries())
72
+ if (!isTargetKind(targetKind))
73
+ errors.push(`allowed_target_kinds[${index}] is invalid`);
74
+ errors.push(...refs(record.required_tool_refs, "required_tool_refs", { maxItems: 12 }).errors);
75
+ errors.push(...refs(record.auth_scope_refs, "auth_scope_refs", { maxItems: 8 }).errors);
76
+ errors.push(...refs(record.recipe_playbook_refs, "recipe_playbook_refs", { maxItems: 12 }).errors);
77
+ if (!FLOWDESK_CONNECTOR_INSTALL_POLICIES.includes(record.install_policy ?? ""))
78
+ errors.push("install_policy is invalid");
79
+ for (const [value, label] of [[record.rollback_ref, "rollback_ref"], [record.doctor_status_ref, "doctor_status_ref"]])
80
+ errors.push(...validateOpaqueRef(value, label).errors);
81
+ if (record.schema_version !== "flowdesk.connector_profile.v1")
82
+ errors.push("connector profile schema_version is invalid");
83
+ if (record.gateway_execution_authority_enabled !== false || record.remote_write_authority_enabled !== false || record.external_write_authority_enabled !== false || record.dispatch_authority_enabled !== false)
84
+ errors.push("connector profile cannot enable execution authority");
85
+ errors.push(...validateNoForbiddenRawPayloads(record, "connector_profile").errors);
86
+ return errors.length === 0 ? valid() : invalid(...errors);
87
+ }
88
+ export function validateFlowDeskConnectorRecipeRefV1(value) {
89
+ if (!isRecord(value))
90
+ return invalid("connector recipe ref must be an object");
91
+ const record = value;
92
+ const errors = [];
93
+ errors.push(...rejectUnknownProperties(record, [
94
+ "schema_version",
95
+ "recipe_ref",
96
+ "connector_profile_ref",
97
+ "connector_kind",
98
+ "target_kind",
99
+ "operation_label",
100
+ "playbook_ref",
101
+ "content_hash_required",
102
+ "dry_run_required",
103
+ "raw_locator_allowed",
104
+ "gateway_execution_authority_enabled",
105
+ "remote_write_authority_enabled",
106
+ "dispatch_authority_enabled",
107
+ ], "connector recipe ref").errors);
108
+ errors.push(...validateOpaqueRef(record.recipe_ref, "recipe_ref").errors);
109
+ errors.push(...validateOpaqueRef(record.connector_profile_ref, "connector_profile_ref").errors);
110
+ if (!isConnectorKind(record.connector_kind))
111
+ errors.push("connector recipe connector_kind is invalid");
112
+ if (!isTargetKind(record.target_kind))
113
+ errors.push("connector recipe target_kind is invalid");
114
+ errors.push(...validateOpaqueRef(record.operation_label, "operation_label").errors);
115
+ errors.push(...validateOpaqueRef(record.playbook_ref, "playbook_ref").errors);
116
+ if (record.schema_version !== "flowdesk.connector_recipe_ref.v1")
117
+ errors.push("connector recipe schema_version is invalid");
118
+ if (record.content_hash_required !== true || record.dry_run_required !== true || record.raw_locator_allowed !== false)
119
+ errors.push("connector recipe must require hash, dry-run, and no raw locators");
120
+ if (record.gateway_execution_authority_enabled !== false || record.remote_write_authority_enabled !== false || record.dispatch_authority_enabled !== false)
121
+ errors.push("connector recipe cannot enable execution authority");
122
+ errors.push(...validateNoForbiddenRawPayloads(record, "connector_recipe_ref").errors);
123
+ return errors.length === 0 ? valid() : invalid(...errors);
124
+ }
125
+ //# sourceMappingURL=connector-profile.js.map
package/dist/connector-profile.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"connector-profile.js","sourceRoot":"","sources":["../src/connector-profile.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,OAAO,EAEP,KAAK,EACL,8BAA8B,EAC9B,gBAAgB,EAChB,iBAAiB,GACjB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,qCAAqC,EAA2C,MAAM,kCAAkC,CAAC;AAElI,MAAM,CAAC,MAAM,+BAA+B,GAAG;IAC9C,cAAc;IACd,mBAAmB;IACnB,eAAe;IACf,sBAAsB;IACtB,iBAAiB;IACjB,sBAAsB;IACtB,uBAAuB;CACd,CAAC;AAIX,MAAM,CAAC,MAAM,mCAAmC,GAAG;IAClD,UAAU;IACV,mBAAmB;CACV,CAAC;AAsCX,SAAS,QAAQ,CAAC,KAAc;IAC/B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,uBAAuB,CAAC,MAA+B,EAAE,OAA0B,EAAE,KAAa;IAC1G,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5E,OAAO,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,KAAK,wBAAwB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AACtG,CAAC;AAED,SAAS,IAAI,CAAC,KAAc,EAAE,KAAa,EAAE,UAAoD,EAAE;IAClG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,GAAG,KAAK,mBAAmB,CAAC,CAAC;IACvE,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,CAAC,CAAC;IACvC,IAAI,KAAK,CAAC,MAAM,GAAG,QAAQ;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,0BAA0B,QAAQ,UAAU,CAAC,CAAC;IAC/F,IAAI,OAAO,CAAC,QAAQ,KAAK,SAAS,IAAI,KAAK,CAAC,MAAM,GAAG,OAAO,CAAC,QAAQ;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,sBAAsB,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IACrI,KAAK,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,GAAG,EAAE,GAAG,KAAK,IAAI,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;IAChH,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,eAAe,CAAC,KAAc;IACtC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAK,qCAA2D,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAClH,CAAC;AAED,SAAS,YAAY,CAAC,KAAc;IACnC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAK,+BAAqD,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAC5G,CAAC;AAED,MAAM,UAAU,kCAAkC,CAAC,KAAc;IAChE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,qCAAqC,CAAC,CAAC;IAC5E,MAAM,MAAM,GAAG,KAA4C,CAAC;IAC5D,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,IAAI,CAAC,GAAG,uBAAuB,CAAC,MAAM,EAAE;QAC9C,gBAAgB;QAChB,YAAY;QACZ,gBAAgB;QAChB,oBAAoB;QACpB,sBAAsB;QACtB,oBAAoB;QACpB,iBAAiB;QACjB,sBAAsB;QACtB,gBAAgB;QAChB,cAAc;QACd,mBAAmB;QACnB,qCAAqC;QACrC,gCAAgC;QAChC,kCAAkC;QAClC,4BAA4B;KAC5B,EAAE,mBAAmB,CAAC,CAAC,MAAM,CAAC,CAAC;IAChC,MAAM,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC;IACzE,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,cAAc,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IACxG,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC,CAAC,MAAM,CAAC,CAAC;IAC1F,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,IAAI,MAAM,CAAC,oBAAoB,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;;QACtJ,KAAK,MAAM,CAAC,KAAK,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,oBAAoB,CAAC,OAAO,EAAE;YAC3E,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC;gBAAE,MAAM,CAAC,IAAI,CAAC,wBAAwB,KAAK,cAAc,CAAC,CAAC;IACzF,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IAC/F,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,iBAAiB,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACxF,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,sBAAsB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IACnG,IAAI,CAAE,mCAAyD,CAAC,QAAQ,CAAC,MAAM,CAAC,cAAc,IAAI,EAAE,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAChJ,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC,EAAE,CAAC,MAAM,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,CAAU;QAC7H,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC;IACxD,IAAI,MAAM,CAAC,cAAc,KAAK,+BAA+B;QAAE,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAC1H,IAAI,MAAM,CAAC,mCAAmC,KAAK,KAAK,IAAI,MAAM,CAAC,8BAA8B,KAAK,KAAK,IAAI,MAAM,CAAC,gCAAgC,KAAK,KAAK,IAAI,MAAM,CAAC,0BAA0B,KAAK,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;IACpR,MAAM,CAAC,IAAI,CAAC,GAAG,8BAA8B,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC,MAAM,CAAC,CAAC;IACnF,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,UAAU,oCAAoC,CAAC,KAAc;IAClE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC,wCAAwC,CAAC,CAAC;IAC/E,MAAM,MAAM,GAAG,KAA8C,CAAC;IAC9D,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,CAAC,IAAI,CAAC,GAAG,uBAAuB,CAAC,MAAM,EAAE;QAC9C,gBAAgB;QAChB,YAAY;QACZ,uBAAuB;QACvB,gBAAgB;QAChB,aAAa;QACb,iBAAiB;QACjB,cAAc;QACd,uBAAuB;QACvB,kBAAkB;QAClB,qBAAqB;QACrB,qCAAqC;QACrC,gCAAgC;QAChC,4BAA4B;KAC5B,EAAE,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC;IACnC,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC;IAC1E,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,qBAAqB,EAAE,uBAAuB,CAAC,CAAC,MAAM,CAAC,CAAC;IAChG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,cAAc,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IACvG,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IAC9F,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC,MAAM,CAAC,CAAC;IACpF,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC;IAC9E,IAAI,MAAM,CAAC,cAAc,KAAK,kCAAkC;QAAE,MAAM,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IAC5H,IAAI,MAAM,CAAC,qBAAqB,KAAK,IAAI,IAAI,MAAM,CAAC,gBAAgB,KAAK,IAAI,IAAI,MAAM,CAAC,mBAAmB,KAAK,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;IACvM,IAAI,MAAM,CAAC,mCAAmC,KAAK,KAAK,IAAI,MAAM,CAAC,8BAA8B,KAAK,KAAK,IAAI,MAAM,CAAC,0BAA0B,KAAK,KAAK;QAAE,MAAM,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAC;IAC9N,MAAM,CAAC,IAAI,CAAC,GAAG,8BAA8B,CAAC,MAAM,EAAE,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC;IACtF,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC"}
package/dist/controlled-conformance-doc-write.d.ts ADDED
@@ -0,0 +1,44 @@
1
+ import { type ValidationResult } from "./validators.js";
2
+ export interface FlowDeskControlledConformanceDocWriteRecordV1 {
3
+ schema_version: "flowdesk.controlled_conformance_doc_write.v1";
4
+ ledger_entry_id: string;
5
+ request_id: string;
6
+ workflow_id: string;
7
+ attempt_id: string;
8
+ target_kind: "release_conformance_doc";
9
+ target_ref: string;
10
+ approval_id: string;
11
+ actor_ref: string;
12
+ profile_ref: string;
13
+ evidence_bundle_hash: string;
14
+ guard_decision_ref: string;
15
+ issuance_audit_ref: string;
16
+ consumption_audit_ref: string;
17
+ redaction_policy_ref: string;
18
+ content_hash_ref: string;
19
+ pre_write_audit_ref: string;
20
+ dry_run_ref: string;
21
+ artifact_ref: string;
22
+ artifact_path: string;
23
+ artifact_sha256_ref: string;
24
+ materialized_at: string;
25
+ local_only: true;
26
+ writeAttempted: true;
27
+ remoteWriteAttempted: false;
28
+ githubWriteAttempted: false;
29
+ connectorWriteAttempted: false;
30
+ storageWriteAttempted: false;
31
+ databaseWriteAttempted: false;
32
+ urlWriteAttempted: false;
33
+ rawPathWriteAttempted: false;
34
+ dispatch_authority_enabled: false;
35
+ realOpenCodeDispatch: false;
36
+ providerCall: false;
37
+ actualLaneLaunch: false;
38
+ runtimeExecution: false;
39
+ fallbackAuthority: false;
40
+ toolAuthority: false;
41
+ hardCancelOrNoReplyAuthority: false;
42
+ }
43
+ export declare function validateFlowDeskControlledConformanceDocWriteRecordV1(value: unknown): ValidationResult;
44
+ //# sourceMappingURL=controlled-conformance-doc-write.d.ts.map
package/dist/controlled-conformance-doc-write.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"controlled-conformance-doc-write.d.ts","sourceRoot":"","sources":["../src/controlled-conformance-doc-write.ts"],"names":[],"mappings":"AAAA,OAAO,EAEN,KAAK,gBAAgB,EAKrB,MAAM,iBAAiB,CAAC;AAEzB,MAAM,WAAW,6CAA6C;IAC7D,cAAc,EAAE,8CAA8C,CAAC;IAC/D,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,yBAAyB,CAAC;IACvC,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,IAAI,CAAC;IACjB,cAAc,EAAE,IAAI,CAAC;IACrB,oBAAoB,EAAE,KAAK,CAAC;IAC5B,oBAAoB,EAAE,KAAK,CAAC;IAC5B,uBAAuB,EAAE,KAAK,CAAC;IAC/B,qBAAqB,EAAE,KAAK,CAAC;IAC7B,sBAAsB,EAAE,KAAK,CAAC;IAC9B,iBAAiB,EAAE,KAAK,CAAC;IACzB,qBAAqB,EAAE,KAAK,CAAC;IAC7B,0BAA0B,EAAE,KAAK,CAAC;IAClC,oBAAoB,EAAE,KAAK,CAAC;IAC5B,YAAY,EAAE,KAAK,CAAC;IACpB,gBAAgB,EAAE,KAAK,CAAC;IACxB,gBAAgB,EAAE,KAAK,CAAC;IACxB,iBAAiB,EAAE,KAAK,CAAC;IACzB,aAAa,EAAE,KAAK,CAAC;IACrB,4BAA4B,EAAE,KAAK,CAAC;CACpC;AAqDD,wBAAgB,qDAAqD,CACpE,KAAK,EAAE,OAAO,GACZ,gBAAgB,CAgHlB"}
package/dist/controlled-conformance-doc-write.js ADDED
@@ -0,0 +1,142 @@
1
+ import { invalid, valid, validateNoForbiddenRawPayloads, validateOpaqueId, validateOpaqueRef, } from "./validators.js";
2
+ function isRecord(value) {
3
+ return typeof value === "object" && value !== null && !Array.isArray(value);
4
+ }
5
+ function validateTimestamp(value, label) {
6
+ return typeof value === "string" && Number.isFinite(Date.parse(value))
7
+ ? valid()
8
+ : invalid(`${label} must be a parseable timestamp`);
9
+ }
10
+ function validateHashRef(value, label) {
11
+ const ref = validateOpaqueRef(value, label);
12
+ if (!ref.ok)
13
+ return ref;
14
+ return typeof value === "string" && /^(hash-|sha256-)/.test(value)
15
+ ? valid()
16
+ : invalid(`${label} must be a hash-bound opaque ref`);
17
+ }
18
+ function rejectUnknownProperties(value, allowed, label) {
19
+ const unknown = Object.keys(value).filter((key) => !allowed.includes(key));
20
+ return unknown.length === 0
21
+ ? valid()
22
+ : invalid(`${label} unknown properties: ${unknown.join(",")}`);
23
+ }
24
+ function validateArtifactPath(path, targetRef) {
25
+ if (typeof path !== "string")
26
+ return invalid("artifact_path must be a string");
27
+ if (typeof targetRef !== "string")
28
+ return invalid("target_ref must be a string");
29
+ if (path !== `docs/conformance/${targetRef}.md`)
30
+ return invalid("artifact_path must be the controlled conformance doc path for target_ref");
31
+ if (path.startsWith("/") ||
32
+ /^[A-Za-z]:[\\/]/.test(path) ||
33
+ path.startsWith("~") ||
34
+ path.includes("\\") ||
35
+ path.includes("//") ||
36
+ path.includes("/../") ||
37
+ path.endsWith("/..") ||
38
+ path.includes("/./"))
39
+ return invalid("artifact_path must be a relative docs/conformance path without traversal");
40
+ return validateNoForbiddenRawPayloads(path, "artifact_path");
41
+ }
42
+ export function validateFlowDeskControlledConformanceDocWriteRecordV1(value) {
43
+ if (!isRecord(value))
44
+ return invalid("controlled conformance doc write record must be an object");
45
+ const record = value;
46
+ const errors = [];
47
+ const allowed = [
48
+ "schema_version",
49
+ "ledger_entry_id",
50
+ "request_id",
51
+ "workflow_id",
52
+ "attempt_id",
53
+ "target_kind",
54
+ "target_ref",
55
+ "approval_id",
56
+ "actor_ref",
57
+ "profile_ref",
58
+ "evidence_bundle_hash",
59
+ "guard_decision_ref",
60
+ "issuance_audit_ref",
61
+ "consumption_audit_ref",
62
+ "redaction_policy_ref",
63
+ "content_hash_ref",
64
+ "pre_write_audit_ref",
65
+ "dry_run_ref",
66
+ "artifact_ref",
67
+ "artifact_path",
68
+ "artifact_sha256_ref",
69
+ "materialized_at",
70
+ "local_only",
71
+ "writeAttempted",
72
+ "remoteWriteAttempted",
73
+ "githubWriteAttempted",
74
+ "connectorWriteAttempted",
75
+ "storageWriteAttempted",
76
+ "databaseWriteAttempted",
77
+ "urlWriteAttempted",
78
+ "rawPathWriteAttempted",
79
+ "dispatch_authority_enabled",
80
+ "realOpenCodeDispatch",
81
+ "providerCall",
82
+ "actualLaneLaunch",
83
+ "runtimeExecution",
84
+ "fallbackAuthority",
85
+ "toolAuthority",
86
+ "hardCancelOrNoReplyAuthority",
87
+ ];
88
+ errors.push(...rejectUnknownProperties(record, allowed, "controlled conformance doc write record").errors);
89
+ if (record.schema_version !== "flowdesk.controlled_conformance_doc_write.v1")
90
+ errors.push("controlled conformance doc write record schema_version is invalid");
91
+ for (const [valueToCheck, label] of [
92
+ [record.ledger_entry_id, "ledger_entry_id"],
93
+ [record.request_id, "request_id"],
94
+ [record.workflow_id, "workflow_id"],
95
+ [record.attempt_id, "attempt_id"],
96
+ ])
97
+ errors.push(...validateOpaqueId(valueToCheck, label).errors);
98
+ if (record.target_kind !== "release_conformance_doc")
99
+ errors.push("target_kind must be release_conformance_doc");
100
+ for (const [valueToCheck, label] of [
101
+ [record.target_ref, "target_ref"],
102
+ [record.approval_id, "approval_id"],
103
+ [record.actor_ref, "actor_ref"],
104
+ [record.profile_ref, "profile_ref"],
105
+ [record.guard_decision_ref, "guard_decision_ref"],
106
+ [record.issuance_audit_ref, "issuance_audit_ref"],
107
+ [record.consumption_audit_ref, "consumption_audit_ref"],
108
+ [record.redaction_policy_ref, "redaction_policy_ref"],
109
+ [record.pre_write_audit_ref, "pre_write_audit_ref"],
110
+ [record.dry_run_ref, "dry_run_ref"],
111
+ [record.artifact_ref, "artifact_ref"],
112
+ ])
113
+ errors.push(...validateOpaqueRef(valueToCheck, label).errors);
114
+ errors.push(...validateHashRef(record.evidence_bundle_hash, "evidence_bundle_hash").errors);
115
+ errors.push(...validateHashRef(record.content_hash_ref, "content_hash_ref").errors);
116
+ errors.push(...validateHashRef(record.artifact_sha256_ref, "artifact_sha256_ref").errors);
117
+ errors.push(...validateArtifactPath(record.artifact_path, record.target_ref).errors);
118
+ errors.push(...validateTimestamp(record.materialized_at, "materialized_at").errors);
119
+ if (record.content_hash_ref !== record.artifact_sha256_ref)
120
+ errors.push("content_hash_ref must match artifact_sha256_ref");
121
+ if (record.local_only !== true || record.writeAttempted !== true)
122
+ errors.push("controlled conformance doc write must be local-only and attempted");
123
+ if (record.remoteWriteAttempted !== false ||
124
+ record.githubWriteAttempted !== false ||
125
+ record.connectorWriteAttempted !== false ||
126
+ record.storageWriteAttempted !== false ||
127
+ record.databaseWriteAttempted !== false ||
128
+ record.urlWriteAttempted !== false ||
129
+ record.rawPathWriteAttempted !== false ||
130
+ record.dispatch_authority_enabled !== false ||
131
+ record.realOpenCodeDispatch !== false ||
132
+ record.providerCall !== false ||
133
+ record.actualLaneLaunch !== false ||
134
+ record.runtimeExecution !== false ||
135
+ record.fallbackAuthority !== false ||
136
+ record.toolAuthority !== false ||
137
+ record.hardCancelOrNoReplyAuthority !== false)
138
+ errors.push("controlled conformance doc write cannot enable external, dispatch, fallback, tool, or hard-chat authority");
139
+ errors.push(...validateNoForbiddenRawPayloads(record, "controlled_conformance_doc_write_record").errors);
140
+ return errors.length === 0 ? valid() : invalid(...errors);
141
+ }
142
+ //# sourceMappingURL=controlled-conformance-doc-write.js.map
package/dist/controlled-conformance-doc-write.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"controlled-conformance-doc-write.js","sourceRoot":"","sources":["../src/controlled-conformance-doc-write.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,OAAO,EAEP,KAAK,EACL,8BAA8B,EAC9B,gBAAgB,EAChB,iBAAiB,GACjB,MAAM,iBAAiB,CAAC;AA4CzB,SAAS,QAAQ,CAAC,KAAc;IAC/B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAc,EAAE,KAAa;IACvD,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACrE,CAAC,CAAC,KAAK,EAAE;QACT,CAAC,CAAC,OAAO,CAAC,GAAG,KAAK,gCAAgC,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,eAAe,CAAC,KAAc,EAAE,KAAa;IACrD,MAAM,GAAG,GAAG,iBAAiB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;IAC5C,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,OAAO,GAAG,CAAC;IACxB,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC;QACjE,CAAC,CAAC,KAAK,EAAE;QACT,CAAC,CAAC,OAAO,CAAC,GAAG,KAAK,kCAAkC,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,uBAAuB,CAC/B,KAA8B,EAC9B,OAA0B,EAC1B,KAAa;IAEb,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3E,OAAO,OAAO,CAAC,MAAM,KAAK,CAAC;QAC1B,CAAC,CAAC,KAAK,EAAE;QACT,CAAC,CAAC,OAAO,CAAC,GAAG,KAAK,wBAAwB,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AACjE,CAAC;AAED,SAAS,oBAAoB,CAC5B,IAAa,EACb,SAAkB;IAElB,IAAI,OAAO,IAAI,KAAK,QAAQ;QAAE,OAAO,OAAO,CAAC,gCAAgC,CAAC,CAAC;IAC/E,IAAI,OAAO,SAAS,KAAK,QAAQ;QAAE,OAAO,OAAO,CAAC,6BAA6B,CAAC,CAAC;IACjF,IAAI,IAAI,KAAK,oBAAoB,SAAS,KAAK;QAC9C,OAAO,OAAO,CAAC,0EAA0E,CAAC,CAAC;IAC5F,IACC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QACpB,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC5B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QACpB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;QACnB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;QACnB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;QACrB,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QACpB,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QAEpB,OAAO,OAAO,CAAC,0EAA0E,CAAC,CAAC;IAC5F,OAAO,8BAA8B,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,qDAAqD,CACpE,KAAc;IAEd,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;QACnB,OAAO,OAAO,CAAC,2DAA2D,CAAC,CAAC;IAC7E,MAAM,MAAM,GAAG,KAA+D,CAAC;IAC/E,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,MAAM,OAAO,GAAG;QACf,gBAAgB;QAChB,iBAAiB;QACjB,YAAY;QACZ,aAAa;QACb,YAAY;QACZ,aAAa;QACb,YAAY;QACZ,aAAa;QACb,WAAW;QACX,aAAa;QACb,sBAAsB;QACtB,oBAAoB;QACpB,oBAAoB;QACpB,uBAAuB;QACvB,sBAAsB;QACtB,kBAAkB;QAClB,qBAAqB;QACrB,aAAa;QACb,cAAc;QACd,eAAe;QACf,qBAAqB;QACrB,iBAAiB;QACjB,YAAY;QACZ,gBAAgB;QAChB,sBAAsB;QACtB,sBAAsB;QACtB,yBAAyB;QACzB,uBAAuB;QACvB,wBAAwB;QACxB,mBAAmB;QACnB,uBAAuB;QACvB,4BAA4B;QAC5B,sBAAsB;QACtB,cAAc;QACd,kBAAkB;QAClB,kBAAkB;QAClB,mBAAmB;QACnB,eAAe;QACf,8BAA8B;KACrB,CAAC;IACX,MAAM,CAAC,IAAI,CACV,GAAG,uBAAuB,CACzB,MAAM,EACN,OAAO,EACP,yCAAyC,CACzC,CAAC,MAAM,CACR,CAAC;IACF,IAAI,MAAM,CAAC,cAAc,KAAK,8CAA8C;QAC3E,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;IAClF,KAAK,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,IAAI;QACnC,CAAC,MAAM,CAAC,eAAe,EAAE,iBAAiB,CAAC;QAC3C,CAAC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;QACjC,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC;QACnC,CAAC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;KACxB;QACT,MAAM,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC;IAC9D,IAAI,MAAM,CAAC,WAAW,KAAK,yBAAyB;QACnD,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAC5D,KAAK,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,IAAI;QACnC,CAAC,MAAM,CAAC,UAAU,EAAE,YAAY,CAAC;QACjC,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC;QACnC,CAAC,MAAM,CAAC,SAAS,EAAE,WAAW,CAAC;QAC/B,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC;QACnC,CAAC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;QACjD,CAAC,MAAM,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;QACjD,CAAC,MAAM,CAAC,qBAAqB,EAAE,uBAAuB,CAAC;QACvD,CAAC,MAAM,CAAC,oBAAoB,EAAE,sBAAsB,CAAC;QACrD,CAAC,MAAM,CAAC,mBAAmB,EAAE,qBAAqB,CAAC;QACnD,CAAC,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC;QACnC,CAAC,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC;KAC5B;QACT,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC;IAC/D,MAAM,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,MAAM,CAAC,oBAAoB,EAAE,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC;IAC5F,MAAM,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,MAAM,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC,MAAM,CAAC,CAAC;IACpF,MAAM,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,MAAM,CAAC,mBAAmB,EAAE,qBAAqB,CAAC,CAAC,MAAM,CAAC,CAAC;IAC1F,MAAM,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,MAAM,CAAC,aAAa,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC;IACrF,MAAM,CAAC,IAAI,CAAC,GAAG,iBAAiB,CAAC,MAAM,CAAC,eAAe,EAAE,iBAAiB,CAAC,CAAC,MAAM,CAAC,CAAC;IACpF,IAAI,MAAM,CAAC,gBAAgB,KAAK,MAAM,CAAC,mBAAmB;QACzD,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IAChE,IAAI,MAAM,CAAC,UAAU,KAAK,IAAI,IAAI,MAAM,CAAC,cAAc,KAAK,IAAI;QAC/D,MAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;IAClF,IACC,MAAM,CAAC,oBAAoB,KAAK,KAAK;QACrC,MAAM,CAAC,oBAAoB,KAAK,KAAK;QACrC,MAAM,CAAC,uBAAuB,KAAK,KAAK;QACxC,MAAM,CAAC,qBAAqB,KAAK,KAAK;QACtC,MAAM,CAAC,sBAAsB,KAAK,KAAK;QACvC,MAAM,CAAC,iBAAiB,KAAK,KAAK;QAClC,MAAM,CAAC,qBAAqB,KAAK,KAAK;QACtC,MAAM,CAAC,0BAA0B,KAAK,KAAK;QAC3C,MAAM,CAAC,oBAAoB,KAAK,KAAK;QACrC,MAAM,CAAC,YAAY,KAAK,KAAK;QAC7B,MAAM,CAAC,gBAAgB,KAAK,KAAK;QACjC,MAAM,CAAC,gBAAgB,KAAK,KAAK;QACjC,MAAM,CAAC,iBAAiB,KAAK,KAAK;QAClC,MAAM,CAAC,aAAa,KAAK,KAAK;QAC9B,MAAM,CAAC,4BAA4B,KAAK,KAAK;QAE7C,MAAM,CAAC,IAAI,CAAC,2GAA2G,CAAC,CAAC;IAC1H,MAAM,CAAC,IAAI,CACV,GAAG,8BAA8B,CAChC,MAAM,EACN,yCAAyC,CACzC,CAAC,MAAM,CACR,CAAC;IACF,OAAO,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;AAC3D,CAAC"}
package/dist/controlled-redacted-audit-export-write.d.ts ADDED
@@ -0,0 +1,45 @@
1
+ import { type ValidationResult } from "./validators.js";
2
+ export interface FlowDeskControlledRedactedAuditExportWriteRecordV1 {
3
+ schema_version: "flowdesk.controlled_redacted_audit_export_write.v1";
4
+ ledger_entry_id: string;
5
+ request_id: string;
6
+ workflow_id: string;
7
+ attempt_id: string;
8
+ target_kind: "redacted_audit_export";
9
+ target_ref: string;
10
+ approval_id: string;
11
+ actor_ref: string;
12
+ profile_ref: string;
13
+ evidence_bundle_hash: string;
14
+ guard_decision_ref: string;
15
+ issuance_audit_ref: string;
16
+ consumption_audit_ref: string;
17
+ redaction_policy_ref: string;
18
+ content_hash_ref: string;
19
+ pre_write_audit_ref: string;
20
+ dry_run_ref: string;
21
+ artifact_ref: string;
22
+ artifact_path: string;
23
+ artifact_sha256_ref: string;
24
+ materialized_at: string;
25
+ local_only: true;
26
+ redacted: true;
27
+ writeAttempted: true;
28
+ remoteWriteAttempted: false;
29
+ githubWriteAttempted: false;
30
+ connectorWriteAttempted: false;
31
+ storageWriteAttempted: false;
32
+ databaseWriteAttempted: false;
33
+ urlWriteAttempted: false;
34
+ rawPathWriteAttempted: false;
35
+ dispatch_authority_enabled: false;
36
+ realOpenCodeDispatch: false;
37
+ providerCall: false;
38
+ actualLaneLaunch: false;
39
+ runtimeExecution: false;
40
+ fallbackAuthority: false;
41
+ toolAuthority: false;
42
+ hardCancelOrNoReplyAuthority: false;
43
+ }
44
+ export declare function validateFlowDeskControlledRedactedAuditExportWriteRecordV1(value: unknown): ValidationResult;
45
+ //# sourceMappingURL=controlled-redacted-audit-export-write.d.ts.map
package/dist/controlled-redacted-audit-export-write.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"controlled-redacted-audit-export-write.d.ts","sourceRoot":"","sources":["../src/controlled-redacted-audit-export-write.ts"],"names":[],"mappings":"AAAA,OAAO,EAEN,KAAK,gBAAgB,EAKrB,MAAM,iBAAiB,CAAC;AAEzB,MAAM,WAAW,kDAAkD;IAClE,cAAc,EAAE,oDAAoD,CAAC;IACrE,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,uBAAuB,CAAC;IACrC,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,qBAAqB,EAAE,MAAM,CAAC;IAC9B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,IAAI,CAAC;IACjB,QAAQ,EAAE,IAAI,CAAC;IACf,cAAc,EAAE,IAAI,CAAC;IACrB,oBAAoB,EAAE,KAAK,CAAC;IAC5B,oBAAoB,EAAE,KAAK,CAAC;IAC5B,uBAAuB,EAAE,KAAK,CAAC;IAC/B,qBAAqB,EAAE,KAAK,CAAC;IAC7B,sBAAsB,EAAE,KAAK,CAAC;IAC9B,iBAAiB,EAAE,KAAK,CAAC;IACzB,qBAAqB,EAAE,KAAK,CAAC;IAC7B,0BAA0B,EAAE,KAAK,CAAC;IAClC,oBAAoB,EAAE,KAAK,CAAC;IAC5B,YAAY,EAAE,KAAK,CAAC;IACpB,gBAAgB,EAAE,KAAK,CAAC;IACxB,gBAAgB,EAAE,KAAK,CAAC;IACxB,iBAAiB,EAAE,KAAK,CAAC;IACzB,aAAa,EAAE,KAAK,CAAC;IACrB,4BAA4B,EAAE,KAAK,CAAC;CACpC;AAmDD,wBAAgB,0DAA0D,CACzE,KAAK,EAAE,OAAO,GACZ,gBAAgB,CAmHlB"}