npm - @girardmedia/bootspring - Versions diffs - 2.0.24 → 2.0.26 - Mend

@girardmedia/bootspring 2.0.24 → 2.0.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/dist/cli/index.d.ts +1 -1
package/dist/cli/index.js +1539 -1697
package/dist/cli/index.js.map +1 -1
package/dist/core/index.js +3 -0
package/dist/core/index.js.map +1 -1
package/dist/{index-DlXygBAE.d.ts → index-DJD8HAyK.d.ts} +1 -1
package/dist/index.d.ts +199 -2
package/dist/index.js +1542 -1697
package/dist/index.js.map +1 -1
package/dist/mcp/index.js +3 -0
package/dist/mcp/index.js.map +1 -1
package/intelligence/learning/insights.json +1 -1
package/mcp/contracts/mcp-contract.v1.json +1 -1
package/package.json +7 -4
package/src/cli/org.ts +82 -50
package/src/core/organizations.ts +42 -69
package/src/core/policy-matrix.ts +25 -34
package/src/types/index.ts +3 -0
package/src/types/policy.ts +216 -0
package/src/version.ts +1 -1

package/src/core/policy-matrix.ts CHANGED Viewed

@@ -1,14 +1,26 @@
-// @ts-nocheck
 /**
  * Policy Matrix
  * Comprehensive policy definitions for org-level gates
  * @package bootspring
  */
+import type {
+  Tier,
+  PolicyProfile,
+  MemberRole,
+  PolicyScopes,
+  TierPolicy,
+  ProfilePolicy,
+  RolePermissions,
+  MemberOverrides,
+  EffectivePolicy,
+  PolicyAccessResult,
+} from '../types/policy';
 /**
  * Policy scopes define what can be controlled
  */
-const POLICY_SCOPES = {
+export const POLICY_SCOPES: PolicyScopes = {
   skills: {
     external: 'skills.external',        // Third-party/external skills
     premium: 'skills.premium',          // Premium skill categories
@@ -41,7 +53,7 @@ const POLICY_SCOPES = {
  * Default policy matrix by tier
  * Defines what's allowed/blocked per tier
  */
-const TIER_POLICY_DEFAULTS = {
+export const TIER_POLICY_DEFAULTS: Record<Tier, TierPolicy> = {
   free: {
     allowed: [
       'skills.external',
@@ -119,7 +131,7 @@ const TIER_POLICY_DEFAULTS = {
  * Profile-specific policy overrides
  * Applied on top of tier defaults
  */
-const PROFILE_OVERRIDES = {
+export const PROFILE_OVERRIDES: Record<PolicyProfile, ProfilePolicy> = {
   startup: {
     // Startup profile: permissive, fast iteration
     overrides: {},
@@ -152,7 +164,7 @@ const PROFILE_OVERRIDES = {
  * Member role permissions
  * What each role can do within an org
  */
-const ROLE_PERMISSIONS = {
+export const ROLE_PERMISSIONS: Record<MemberRole, RolePermissions> = {
   owner: {
     canManageOrg: true,
     canManageMembers: true,
@@ -185,11 +197,8 @@ const ROLE_PERMISSIONS = {
 /**
  * Check if a scope matches a pattern
- * @param {string} scope - Specific scope (e.g., 'skills.external')
- * @param {string} pattern - Pattern to match (e.g., 'skills.*' or 'skills.external')
- * @returns {boolean}
  */
-function matchesScope(scope, pattern) {
+export function matchesScope(scope: string, pattern: string): boolean {
   if (pattern === '*') return true;
   if (pattern === scope) return true;
   if (pattern.endsWith('.*')) {
@@ -201,12 +210,8 @@ function matchesScope(scope, pattern) {
 /**
  * Check if a scope is allowed by policy
- * @param {string} scope - Scope to check
- * @param {string[]} allowed - Allowed patterns
- * @param {string[]} blocked - Blocked patterns
- * @returns {boolean}
  */
-function isScopeAllowed(scope, allowed, blocked) {
+export function isScopeAllowed(scope: string, allowed: string[], blocked: string[]): boolean {
   // Check blocked first (blocked takes precedence)
   for (const pattern of blocked) {
     if (matchesScope(scope, pattern)) {
@@ -224,12 +229,12 @@ function isScopeAllowed(scope, allowed, blocked) {
 /**
  * Build effective policy for an org member
- * @param {string} tier - Org tier (free/pro/team/enterprise)
- * @param {string} profile - Policy profile (startup/regulated/enterprise)
- * @param {object} memberOverrides - Per-member policy overrides
- * @returns {object} Effective policy
  */
-function buildEffectivePolicy(tier, profile, memberOverrides = {}) {
+export function buildEffectivePolicy(
+  tier: Tier,
+  profile: PolicyProfile,
+  memberOverrides: MemberOverrides = {}
+): EffectivePolicy {
   const tierDefaults = TIER_POLICY_DEFAULTS[tier] || TIER_POLICY_DEFAULTS.free;
   const profileOverrides = PROFILE_OVERRIDES[profile] || PROFILE_OVERRIDES.startup;
@@ -260,11 +265,8 @@ function buildEffectivePolicy(tier, profile, memberOverrides = {}) {
 /**
  * Check access against effective policy
- * @param {string} scope - Scope to check
- * @param {object} policy - Effective policy
- * @returns {object} Access result
  */
-function checkPolicyAccess(scope, policy) {
+export function checkPolicyAccess(scope: string, policy: EffectivePolicy): PolicyAccessResult {
   const allowed = isScopeAllowed(scope, policy.allowed, policy.blocked);
   if (!allowed) {
@@ -291,14 +293,3 @@ function checkPolicyAccess(scope, policy) {
     scope
   };
 }
-module.exports = {
-  POLICY_SCOPES,
-  TIER_POLICY_DEFAULTS,
-  PROFILE_OVERRIDES,
-  ROLE_PERMISSIONS,
-  matchesScope,
-  isScopeAllowed,
-  buildEffectivePolicy,
-  checkPolicyAccess
-};

package/src/types/index.ts CHANGED Viewed

@@ -21,6 +21,9 @@ export * from './skills';
 // MCP types
 export * from './mcp';
+// Policy types
+export * from './policy';
 // Utility types
 /**

package/src/types/policy.ts ADDED Viewed

@@ -0,0 +1,216 @@
+/**
+ * Bootspring Policy Types
+ * Type definitions for organization policies and access control
+ * @package bootspring
+ */
+/**
+ * Subscription tiers
+ */
+export type Tier = 'free' | 'pro' | 'team' | 'enterprise';
+/**
+ * Policy profile types
+ */
+export type PolicyProfile = 'startup' | 'regulated' | 'enterprise';
+/**
+ * Member roles within an organization
+ */
+export type MemberRole = 'owner' | 'admin' | 'member' | 'viewer';
+/**
+ * Policy scope categories
+ */
+export interface PolicyScopeCategory {
+  external?: string;
+  premium?: string;
+  ai?: string;
+  parallel?: string;
+  custom?: string;
+  technical?: string;
+  business?: string;
+  enterprise?: string;
+  telemetry?: string;
+  cloudSync?: string;
+  teamSharing?: string;
+  auditLogs?: string;
+  apiAccess?: string;
+  all: string;
+}
+/**
+ * All policy scopes
+ */
+export interface PolicyScopes {
+  skills: PolicyScopeCategory;
+  workflows: PolicyScopeCategory;
+  agents: PolicyScopeCategory;
+  features: PolicyScopeCategory;
+}
+/**
+ * Usage limits per tier
+ */
+export interface PolicyLimits {
+  skillsPerDay: number;
+  workflowsPerDay: number;
+  agentInvocationsPerDay: number;
+  teamMembers?: number;
+}
+/**
+ * Tier policy defaults
+ */
+export interface TierPolicy {
+  allowed: string[];
+  blocked: string[];
+  limits: PolicyLimits;
+}
+/**
+ * Profile override settings
+ */
+export interface ProfileOverrides {
+  requireApproval?: string[];
+  auditAll?: boolean;
+  dataResidency?: boolean;
+  ssoRequired?: boolean;
+  approvalWorkflow?: boolean;
+}
+/**
+ * Profile policy configuration
+ */
+export interface ProfilePolicy {
+  overrides: ProfileOverrides;
+  additionalBlocked: string[];
+}
+/**
+ * Role permissions
+ */
+export interface RolePermissions {
+  canManageOrg: boolean;
+  canManageMembers: boolean;
+  canManagePolicies: boolean;
+  canManageBilling: boolean;
+  canUseAllFeatures: boolean;
+}
+/**
+ * Member policy overrides
+ */
+export interface MemberOverrides {
+  additionalAllowed?: string[];
+  additionalBlocked?: string[];
+  limits?: Partial<PolicyLimits>;
+  overrides?: ProfileOverrides;
+}
+/**
+ * Effective policy after merging tier, profile, and member overrides
+ */
+export interface EffectivePolicy {
+  tier: Tier;
+  profile: PolicyProfile;
+  allowed: string[];
+  blocked: string[];
+  limits: PolicyLimits;
+  overrides: ProfileOverrides;
+}
+/**
+ * Policy access check result
+ */
+export interface PolicyAccessResult {
+  allowed: boolean;
+  scope: string;
+  code?: string;
+  reason?: string;
+  requiresApproval?: boolean;
+}
+/**
+ * Organization member
+ */
+export interface OrgMember {
+  userId: string;
+  email?: string;
+  role: MemberRole;
+  policyOverrides?: MemberOverrides;
+}
+/**
+ * Organization
+ */
+export interface Organization {
+  id: string;
+  name: string;
+  tier: Tier;
+  policyProfile: PolicyProfile;
+  settings?: Record<string, unknown>;
+  members?: OrgMember[];
+  memberCount?: number;
+  createdAt?: string;
+  policy?: {
+    allowExternalSkills?: boolean;
+    blockedWorkflows?: string[];
+  };
+}
+/**
+ * Organization context with resolved policy
+ */
+export interface OrgContext {
+  hasOrg: boolean;
+  orgId: string | null;
+  org: Organization | null;
+  member: OrgMember | null;
+  policy: EffectivePolicy | null;
+  role?: MemberRole;
+}
+/**
+ * Organization policy access result
+ */
+export interface OrgPolicyAccessResult extends PolicyAccessResult {
+  hasOrgPolicy: boolean;
+  orgId?: string;
+  tier?: Tier;
+  profile?: PolicyProfile;
+}
+/**
+ * Organization policy summary
+ */
+export interface OrgPolicySummary {
+  hasOrg: boolean;
+  message?: string;
+  orgId?: string;
+  orgName?: string;
+  tier?: Tier;
+  profile?: PolicyProfile;
+  role?: MemberRole;
+  allowedScopes?: number;
+  blockedScopes?: number;
+  limits?: PolicyLimits;
+  overrides?: string[];
+}
+/**
+ * Options for organization operations
+ */
+export interface OrgOptions {
+  orgId?: string | undefined;
+  userId?: string | undefined;
+  apiKey?: string | undefined;
+}
+/**
+ * Cache entry structure
+ */
+export interface CacheEntry<T> {
+  data: T;
+  timestamp: number;
+}

package/src/version.ts CHANGED Viewed

@@ -2,5 +2,5 @@
  * Bootspring Version
  * Auto-updated during build process
  */
-export const VERSION = '2.0.24';
+export const VERSION = '2.0.26';
 export const PACKAGE_NAME = '@girardmedia/bootspring';