@globiguard/contracts 1.0.1

package/LICENSE

@@ -0,0 +1,128 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction, and
+distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by the copyright
+owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all other entities
+that control, are controlled by, or are under common control with that entity.
+For the purposes of this definition, "control" means (i) the power, direct or
+indirect, to cause the direction or management of such entity, whether by
+contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the
+outstanding shares, or (iii) beneficial ownership of such entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity exercising
+permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications, including
+but not limited to software source code, documentation source, and
+configuration files.
+
+"Object" form shall mean any form resulting from mechanical transformation or
+translation of a Source form, including but not limited to compiled object
+code, generated documentation, and conversions to other media types.
+
+"Work" shall mean the work of authorship, whether in Source or Object form,
+made available under the License, as indicated by a copyright notice that is
+included in or attached to the work.
+
+"Derivative Works" shall mean any work, whether in Source or Object form, that
+is based on (or derived from) the Work and for which the editorial revisions,
+annotations, elaborations, or other modifications represent, as a whole, an
+original work of authorship. For the purposes of this License, Derivative Works
+shall not include works that remain separable from, or merely link (or bind by
+name) to the interfaces of, the Work and Derivative Works thereof.
+
+"Contribution" shall mean any work of authorship, including the original
+version of the Work and any modifications or additions to that Work or
+Derivative Works thereof, that is intentionally submitted to Licensor for
+inclusion in the Work by the copyright owner or by an individual or Legal
+Entity authorized to submit on behalf of the copyright owner.
+
+"Contributor" shall mean Licensor and any individual or Legal Entity on behalf
+of whom a Contribution has been received by Licensor and subsequently
+incorporated within the Work.
+
+2. Grant of Copyright License.
+
+Subject to the terms and conditions of this License, each Contributor hereby
+grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
+irrevocable copyright license to reproduce, prepare Derivative Works of,
+publicly display, publicly perform, sublicense, and distribute the Work and
+such Derivative Works in Source or Object form.
+
+3. Grant of Patent License.
+
+Subject to the terms and conditions of this License, each Contributor hereby
+grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
+irrevocable patent license to make, have made, use, offer to sell, sell,
+import, and otherwise transfer the Work.
+
+4. Redistribution.
+
+You may reproduce and distribute copies of the Work or Derivative Works thereof
+in any medium, with or without modifications, and in Source or Object form,
+provided that You meet the following conditions:
+
+(a) You must give any other recipients of the Work or Derivative Works a copy
+of this License; and
+
+(b) You must cause any modified files to carry prominent notices stating that
+You changed the files; and
+
+(c) You must retain, in the Source form of any Derivative Works that You
+distribute, all copyright, patent, trademark, and attribution notices from the
+Source form of the Work, excluding those notices that do not pertain to any
+part of the Derivative Works; and
+
+(d) If the Work includes a "NOTICE" text file as part of its distribution, then
+any Derivative Works that You distribute must include a readable copy of the
+attribution notices contained within such NOTICE file, excluding those notices
+that do not pertain to any part of the Derivative Works, in at least one of the
+following places: within a NOTICE text file distributed as part of the
+Derivative Works; within the Source form or documentation, if provided along
+with the Derivative Works; or within a display generated by the Derivative
+Works, if and wherever such third-party notices normally appear.
+
+5. Submission of Contributions.
+
+Unless You explicitly state otherwise, any Contribution intentionally submitted
+for inclusion in the Work by You to the Licensor shall be under the terms and
+conditions of this License, without any additional terms or conditions.
+
+6. Trademarks.
+
+This License does not grant permission to use the trade names, trademarks,
+service marks, or product names of the Licensor, except as required for
+reasonable and customary use in describing the origin of the Work.
+
+7. Disclaimer of Warranty.
+
+Unless required by applicable law or agreed to in writing, Licensor provides
+the Work on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+either express or implied, including, without limitation, any warranties or
+conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+PARTICULAR PURPOSE.
+
+8. Limitation of Liability.
+
+In no event and under no legal theory, whether in tort (including negligence),
+contract, or otherwise, unless required by applicable law, shall any
+Contributor be liable to You for damages, including any direct, indirect,
+special, incidental, or consequential damages of any character arising as a
+result of this License or out of the use or inability to use the Work.
+
+9. Accepting Warranty or Additional Liability.
+
+While redistributing the Work or Derivative Works thereof, You may choose to
+offer, and charge a fee for, acceptance of support, warranty, indemnity, or
+other liability obligations and/or rights consistent with this License.
+

package/README.md

@@ -0,0 +1,50 @@
+# @globiguard/contracts
+
+This package is the shared contract foundation for the GlobiGuard open
+distribution layer.
+
+## Current scope
+
+This bootstrap slice includes the early contract surfaces that are safe to lock
+before the full canonical public spec is generated:
+
+- action authorization, approval state, evidence reference, destination system, and data-class contracts
+- decision enums
+- environment identity
+- credential shapes
+- service target shape, including optional action sidecar/gateway targets
+- install registration and heartbeat shapes
+- audit event and evidence export shapes
+- queue entry, lookup, and approval decision shapes
+- metadata-safe evidence package summaries with checksums, source refs, redaction
+  mode, and artifact delivery hints
+- versioned incident replay timelines with explicit missing/redacted/unverified
+  segments
+- trust webhook envelopes, signature header names, delivery IDs, timestamps, and
+  replay-window verification inputs
+- authority-boundary markers that distinguish browser-readable display contracts
+  from server-secret authority contracts
+- workflow management and run shapes
+- realtime subscription auth, channel, and event-envelope shapes
+- policy management shapes
+- org and API-key management shapes
+
+It does **not** claim to be the full public API spec for GlobiGuard.
+
+The canonical machine-readable spec remains owned by the main `globiguard`
+repository. Later slices should generate or validate richer public contracts
+from that source of truth.
+
+## Authority boundaries
+
+Browser-safe contracts use `GLOBIGUARD_BROWSER_READ_BOUNDARY`; they are metadata
+surfaces for status, summaries, evidence links, and replay timelines. They never
+include server secrets, approval/resume authority, bypass controls, or raw
+customer payloads.
+
+Server-authority contracts use `GLOBIGUARD_SERVER_AUTHORITY_BOUNDARY`; SDKs and
+integrations must keep those behind server-only package entrypoints and runtime
+guards. Trust webhook verification signs the canonical body plus delivery ID,
+event type, and timestamp, then receivers enforce a replay window and duplicate
+delivery detection.
+

package/dist/actions.d.ts

@@ -0,0 +1,135 @@
+import type { GlobiguardDecision } from "./decision.js";
+import type { GlobiguardBrowserSafeContract } from "./authority.js";
+export declare const GLOBIGUARD_ACTION_CONTRACT_VERSION: "2026-04-action-beta";
+export declare const GLOBIGUARD_DATA_CLASSES: readonly ["PUBLIC", "INTERNAL", "CONFIDENTIAL", "RESTRICTED", "PII", "PHI", "PCI", "SECRET"];
+export type GlobiguardDataClass = (typeof GLOBIGUARD_DATA_CLASSES)[number];
+export declare const GLOBIGUARD_DESTINATION_SYSTEM_TYPES: readonly ["email", "crm", "slack", "webhook", "database", "ticketing", "storage", "custom"];
+export type GlobiguardDestinationSystemType = (typeof GLOBIGUARD_DESTINATION_SYSTEM_TYPES)[number];
+export declare const GLOBIGUARD_APPROVAL_STATES: readonly ["NOT_REQUIRED", "PENDING", "APPROVED", "REJECTED", "EXPIRED", "CANCELLED"];
+export type GlobiguardApprovalState = (typeof GLOBIGUARD_APPROVAL_STATES)[number];
+export declare const GLOBIGUARD_ACTION_GATEWAY_MODES: readonly ["control_plane", "sidecar", "gateway"];
+export type GlobiguardActionGatewayMode = (typeof GLOBIGUARD_ACTION_GATEWAY_MODES)[number];
+export interface GlobiguardDestinationSystem {
+    type: GlobiguardDestinationSystemType;
+    name: string;
+    resource?: string;
+    tenantId?: string;
+    region?: string;
+    metadata?: Record<string, unknown>;
+}
+export interface GlobiguardActionActor {
+    id?: string;
+    type?: "human" | "agent" | "service" | "workflow";
+    displayName?: string;
+}
+export interface GlobiguardActionPayloadSummary {
+    sha256?: string;
+    approxBytes?: number;
+    topLevelKeys?: string[];
+    topLevelValueKinds?: Record<string, string>;
+    fieldTypes?: string[];
+    recordCount?: number;
+    description?: string;
+}
+export interface GlobiguardActionContext {
+    actionType: string;
+    destination: GlobiguardDestinationSystem;
+    dataClasses: GlobiguardDataClass[];
+    payloadSummary?: GlobiguardActionPayloadSummary;
+    fieldsInvolved?: string[];
+    actor?: GlobiguardActionActor;
+    purpose?: string;
+    workflowRunId?: string;
+    workflowStepId?: string;
+    policyId?: string;
+    idempotencyKey?: string;
+    metadata?: Record<string, unknown>;
+}
+export interface GlobiguardEvidenceRef {
+    id: string;
+    uri: string;
+    label?: string;
+    kind?: "audit_event" | "approval" | "policy" | "workflow" | "external";
+    checksum?: string;
+    createdAt?: string;
+    metadata?: Record<string, unknown>;
+}
+export interface GlobiguardApproval {
+    id: string;
+    authorizationId?: string;
+    queueEntryId?: string | null;
+    state: GlobiguardApprovalState;
+    requestedBy?: string | null;
+    reviewedBy?: string | null;
+    reviewNotes?: string | null;
+    createdAt: string;
+    updatedAt?: string | null;
+    resolvedAt?: string | null;
+    expiresAt?: string | null;
+}
+export interface GlobiguardActionDecision {
+    authorizationId: string;
+    decision: GlobiguardDecision;
+    approvalState: GlobiguardApprovalState;
+    approval?: GlobiguardApproval | null;
+    queueEntryId?: string | null;
+    evidenceRefs: GlobiguardEvidenceRef[];
+    reason?: string;
+    obligations?: string[];
+    modifications?: Record<string, unknown>;
+    expiresAt?: string | null;
+    correlationId?: string | null;
+}
+export interface GlobiguardActionDecisionSummary extends GlobiguardBrowserSafeContract {
+    authorizationId: string;
+    decision: GlobiguardDecision;
+    approvalState: GlobiguardApprovalState;
+    queueEntryId?: string | null;
+    evidenceRefCount: number;
+    reason?: string;
+    expiresAt?: string | null;
+    correlationId?: string | null;
+}
+export interface GlobiguardActionAuthorizationRequest {
+    context: GlobiguardActionContext;
+    dryRun?: boolean;
+}
+export interface GlobiguardActionAuthorizationResponse extends GlobiguardActionDecision {
+    contractVersion: typeof GLOBIGUARD_ACTION_CONTRACT_VERSION | string;
+}
+export interface GlobiguardApprovalCreateRequest {
+    authorizationId: string;
+    requestedBy?: string;
+    reason?: string;
+    expiresAt?: string;
+    metadata?: Record<string, unknown>;
+}
+export interface GlobiguardApprovalStatusRequest {
+    approvalId: string;
+}
+export interface GlobiguardEvidenceListRequest {
+    authorizationId?: string;
+    approvalId?: string;
+    workflowRunId?: string;
+}
+export interface GlobiguardActionGatewayConfig {
+    mode: GlobiguardActionGatewayMode;
+    decisionSubscription?: {
+        realtimeRequired?: boolean;
+        channelPrefix?: string;
+    };
+}
+export interface GlobiguardResolvedActionGatewayConfig extends GlobiguardActionGatewayConfig {
+    baseUrl: string;
+}
+export interface GlobiguardActionsReadClient {
+    getAuthorization(authorizationId: string): Promise<GlobiguardActionAuthorizationResponse>;
+    getApproval(approvalId: string): Promise<GlobiguardApproval>;
+    listEvidence(request?: GlobiguardEvidenceListRequest): Promise<GlobiguardEvidenceRef[]>;
+    getEvidence(evidenceRefId: string): Promise<GlobiguardEvidenceRef>;
+}
+export interface GlobiguardActionsClient extends GlobiguardActionsReadClient {
+    authorize(request: GlobiguardActionAuthorizationRequest): Promise<GlobiguardActionAuthorizationResponse>;
+    createApproval(request: GlobiguardApprovalCreateRequest): Promise<GlobiguardApproval>;
+}
+//# sourceMappingURL=actions.d.ts.map

package/dist/actions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"actions.d.ts","sourceRoot":"","sources":["../src/actions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,KAAK,EAAE,6BAA6B,EAAE,MAAM,gBAAgB,CAAC;AAEpE,eAAO,MAAM,kCAAkC,EAAG,qBAA8B,CAAC;AAEjF,eAAO,MAAM,uBAAuB,8FAS1B,CAAC;AAEX,MAAM,MAAM,mBAAmB,GAAG,CAAC,OAAO,uBAAuB,CAAC,CAAC,MAAM,CAAC,CAAC;AAE3E,eAAO,MAAM,mCAAmC,6FAStC,CAAC;AAEX,MAAM,MAAM,+BAA+B,GACzC,CAAC,OAAO,mCAAmC,CAAC,CAAC,MAAM,CAAC,CAAC;AAEvD,eAAO,MAAM,0BAA0B,sFAO7B,CAAC;AAEX,MAAM,MAAM,uBAAuB,GACjC,CAAC,OAAO,0BAA0B,CAAC,CAAC,MAAM,CAAC,CAAC;AAE9C,eAAO,MAAM,+BAA+B,kDAIlC,CAAC;AAEX,MAAM,MAAM,2BAA2B,GACrC,CAAC,OAAO,+BAA+B,CAAC,CAAC,MAAM,CAAC,CAAC;AAEnD,MAAM,WAAW,2BAA2B;IAC1C,IAAI,EAAE,+BAA+B,CAAC;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,qBAAqB;IACpC,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,OAAO,GAAG,OAAO,GAAG,SAAS,GAAG,UAAU,CAAC;IAClD,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,8BAA8B;IAC7C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,kBAAkB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5C,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,2BAA2B,CAAC;IACzC,WAAW,EAAE,mBAAmB,EAAE,CAAC;IACnC,cAAc,CAAC,EAAE,8BAA8B,CAAC;IAChD,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,KAAK,CAAC,EAAE,qBAAqB,CAAC;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,aAAa,GAAG,UAAU,GAAG,QAAQ,GAAG,UAAU,GAAG,UAAU,CAAC;IACvE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,KAAK,EAAE,uBAAuB,CAAC;IAC/B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,wBAAwB;IACvC,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,aAAa,EAAE,uBAAuB,CAAC;IACvC,QAAQ,CAAC,EAAE,kBAAkB,GAAG,IAAI,CAAC;IACrC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,YAAY,EAAE,qBAAqB,EAAE,CAAC;IACtC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,MAAM,WAAW,+BACf,SAAQ,6BAA6B;IACrC,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,aAAa,EAAE,uBAAuB,CAAC;IACvC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,MAAM,WAAW,oCAAoC;IACnD,OAAO,EAAE,uBAAuB,CAAC;IACjC,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,qCACf,SAAQ,wBAAwB;IAChC,eAAe,EAAE,OAAO,kCAAkC,GAAG,MAAM,CAAC;CACrE;AAED,MAAM,WAAW,+BAA+B;IAC9C,eAAe,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,+BAA+B;IAC9C,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,6BAA6B;IAC5C,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,6BAA6B;IAC5C,IAAI,EAAE,2BAA2B,CAAC;IAClC,oBAAoB,CAAC,EAAE;QACrB,gBAAgB,CAAC,EAAE,OAAO,CAAC;QAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;KACxB,CAAC;CACH;AAED,MAAM,WAAW,qCACf,SAAQ,6BAA6B;IACrC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,2BAA2B;IAC1C,gBAAgB,CACd,eAAe,EAAE,MAAM,GACtB,OAAO,CAAC,qCAAqC,CAAC,CAAC;IAClD,WAAW,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;IAC7D,YAAY,CACV,OAAO,CAAC,EAAE,6BAA6B,GACtC,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAAC;IACpC,WAAW,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;CACpE;AAED,MAAM,WAAW,uBAAwB,SAAQ,2BAA2B;IAC1E,SAAS,CACP,OAAO,EAAE,oCAAoC,GAC5C,OAAO,CAAC,qCAAqC,CAAC,CAAC;IAClD,cAAc,CACZ,OAAO,EAAE,+BAA+B,GACvC,OAAO,CAAC,kBAAkB,CAAC,CAAC;CAChC"}

package/dist/actions.js

@@ -0,0 +1,35 @@
+export const GLOBIGUARD_ACTION_CONTRACT_VERSION = "2026-04-action-beta";
+export const GLOBIGUARD_DATA_CLASSES = [
+    "PUBLIC",
+    "INTERNAL",
+    "CONFIDENTIAL",
+    "RESTRICTED",
+    "PII",
+    "PHI",
+    "PCI",
+    "SECRET"
+];
+export const GLOBIGUARD_DESTINATION_SYSTEM_TYPES = [
+    "email",
+    "crm",
+    "slack",
+    "webhook",
+    "database",
+    "ticketing",
+    "storage",
+    "custom"
+];
+export const GLOBIGUARD_APPROVAL_STATES = [
+    "NOT_REQUIRED",
+    "PENDING",
+    "APPROVED",
+    "REJECTED",
+    "EXPIRED",
+    "CANCELLED"
+];
+export const GLOBIGUARD_ACTION_GATEWAY_MODES = [
+    "control_plane",
+    "sidecar",
+    "gateway"
+];
+//# sourceMappingURL=actions.js.map

package/dist/actions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"actions.js","sourceRoot":"","sources":["../src/actions.ts"],"names":[],"mappings":"AAGA,MAAM,CAAC,MAAM,kCAAkC,GAAG,qBAA8B,CAAC;AAEjF,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,QAAQ;IACR,UAAU;IACV,cAAc;IACd,YAAY;IACZ,KAAK;IACL,KAAK;IACL,KAAK;IACL,QAAQ;CACA,CAAC;AAIX,MAAM,CAAC,MAAM,mCAAmC,GAAG;IACjD,OAAO;IACP,KAAK;IACL,OAAO;IACP,SAAS;IACT,UAAU;IACV,WAAW;IACX,SAAS;IACT,QAAQ;CACA,CAAC;AAKX,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,cAAc;IACd,SAAS;IACT,UAAU;IACV,UAAU;IACV,SAAS;IACT,WAAW;CACH,CAAC;AAKX,MAAM,CAAC,MAAM,+BAA+B,GAAG;IAC7C,eAAe;IACf,SAAS;IACT,SAAS;CACD,CAAC"}

package/dist/audit.d.ts

@@ -0,0 +1,130 @@
+import type { GlobiguardDecision } from "./decision.js";
+import type { GlobiguardEvidencePackageSummary, GlobiguardEvidenceExportDescriptor } from "./authority.js";
+import type { GlobiguardIncidentReplay, GlobiguardIncidentReplayLookupRequest } from "./incident-replay.js";
+export interface GlobiguardAuditMaskedField {
+    id: string;
+    auditEventId: string;
+    fieldType: string;
+    tokenAssigned: string;
+    detectionMethod: string;
+    confidence: number;
+    ruleTriggered?: string | null;
+}
+export interface GlobiguardAuditEvent {
+    id: string;
+    orgId: string;
+    policyId?: string | null;
+    policyVersion?: number | null;
+    agentIdHash: string;
+    connectorInstanceId?: string | null;
+    actionType: string;
+    destinationSystem: string;
+    decision: GlobiguardDecision;
+    governanceScore: number;
+    maskedFieldCount: number;
+    maskedFieldTypes: string[];
+    blockedFieldCount: number;
+    workflowRunId?: string | null;
+    workflowStepId?: string | null;
+    sessionId?: string | null;
+    ipAddress?: string | null;
+    frameworkTags: string[];
+    controlRefs: string[];
+    modelVersion?: string | null;
+    connectorManifestVersion?: string | null;
+    evidenceRefs: string[];
+    timestamp: string;
+    maskedFields: GlobiguardAuditMaskedField[];
+    _scoreDisclaimer: string;
+}
+export interface GlobiguardAuditListRequest {
+    from?: string;
+    to?: string;
+    decision?: GlobiguardDecision;
+    workflowRunId?: string;
+    page?: number;
+    limit?: number;
+}
+export interface GlobiguardAuditListResponse {
+    items: GlobiguardAuditEvent[];
+    total: number;
+    page: number;
+    pages: number;
+}
+export interface GlobiguardAuditExportRequest {
+    from?: string;
+    to?: string;
+    frameworkId?: string;
+    workflowRunId?: string;
+    format?: "JSON";
+}
+export interface GlobiguardAuditEvidencePackageRequestedScope {
+    from: string | null;
+    to: string | null;
+    workflowRunId: string | null;
+    frameworkId: string | null;
+    snapshotAt: string;
+}
+export interface GlobiguardAuditEvidencePackageControlMapping {
+    controlRef: string;
+    auditEventCount: number;
+    evidenceRefs: string[];
+    provenanceRefs: string[];
+}
+export interface GlobiguardAuditEvidencePackageHumanReviewEntry {
+    id: string;
+    status: string;
+    reviewedBy: string;
+    resolvedAt: string | null;
+    createdAt: string | null;
+    workflowRunId: string | null;
+    workflowStepId: string | null;
+}
+export interface GlobiguardAuditEvidencePackageSummary {
+    auditEventCount: number;
+    queuedReviewCount: number;
+    decisionCounts: Partial<Record<GlobiguardDecision, number>>;
+    fieldTypes: string[];
+    frameworkTags: string[];
+    connectorInstanceIds: string[];
+    firstEventAt: string | null;
+    lastEventAt: string | null;
+}
+export interface GlobiguardAuditEvidencePackageArtifact {
+    artifactId: string;
+    frameworkId: string;
+    generatedAt: string;
+    scopeStatement: string;
+    requestedScope: GlobiguardAuditEvidencePackageRequestedScope;
+    workflowRunReferences: string[];
+    policyVersions: string[];
+    modelVersionReferences: string[];
+    connectorManifestVersions: string[];
+    evidenceReferences: string[];
+    provenanceReferences: string[];
+    controlMappings: GlobiguardAuditEvidencePackageControlMapping[];
+    humanReviewHistory: GlobiguardAuditEvidencePackageHumanReviewEntry[];
+    summary: GlobiguardAuditEvidencePackageSummary;
+    disclaimers: string[];
+}
+export interface GlobiguardAuditExportResponse {
+    status: "ready";
+    artifactExportId: string;
+    evidencePackageId: string;
+    format: "json";
+    checksum: string;
+    artifactJson: string;
+    artifact: GlobiguardAuditEvidencePackageArtifact;
+    summary?: GlobiguardEvidencePackageSummary;
+    descriptor?: GlobiguardEvidenceExportDescriptor;
+}
+export interface GlobiguardAuditReadClient {
+    list(request?: GlobiguardAuditListRequest): Promise<GlobiguardAuditListResponse>;
+    get(auditEventId: string): Promise<GlobiguardAuditEvent>;
+    getEvidencePackageSummary(evidencePackageId: string): Promise<GlobiguardEvidencePackageSummary>;
+    getIncidentReplay(request: GlobiguardIncidentReplayLookupRequest): Promise<GlobiguardIncidentReplay>;
+}
+export interface GlobiguardAuditClient extends GlobiguardAuditReadClient {
+    export(request?: GlobiguardAuditExportRequest): Promise<GlobiguardAuditExportResponse>;
+}
+//# sourceMappingURL=audit.d.ts.map

package/dist/audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACxD,OAAO,KAAK,EACV,gCAAgC,EAChC,kCAAkC,EACnC,MAAM,gBAAgB,CAAC;AACxB,OAAO,KAAK,EACV,wBAAwB,EACxB,qCAAqC,EACtC,MAAM,sBAAsB,CAAC;AAE9B,MAAM,WAAW,0BAA0B;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,MAAM,CAAC;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,mBAAmB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,eAAe,EAAE,MAAM,CAAC;IACxB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,aAAa,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,wBAAwB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACzC,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,0BAA0B,EAAE,CAAC;IAC3C,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,0BAA0B;IACzC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,QAAQ,CAAC,EAAE,kBAAkB,CAAC;IAC9B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,2BAA2B;IAC1C,KAAK,EAAE,oBAAoB,EAAE,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,4BAA4B;IAC3C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,4CAA4C;IAC3D,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,EAAE,EAAE,MAAM,GAAG,IAAI,CAAC;IAClB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,4CAA4C;IAC3D,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,8CAA8C;IAC7D,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,MAAM,WAAW,qCAAqC;IACpD,eAAe,EAAE,MAAM,CAAC;IACxB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,EAAE,OAAO,CAAC,MAAM,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5D,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,MAAM,WAAW,sCAAsC;IACrD,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,cAAc,EAAE,4CAA4C,CAAC;IAC7D,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,sBAAsB,EAAE,MAAM,EAAE,CAAC;IACjC,yBAAyB,EAAE,MAAM,EAAE,CAAC;IACpC,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,eAAe,EAAE,4CAA4C,EAAE,CAAC;IAChE,kBAAkB,EAAE,8CAA8C,EAAE,CAAC;IACrE,OAAO,EAAE,qCAAqC,CAAC;IAC/C,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,6BAA6B;IAC5C,MAAM,EAAE,OAAO,CAAC;IAChB,gBAAgB,EAAE,MAAM,CAAC;IACzB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,sCAAsC,CAAC;IACjD,OAAO,CAAC,EAAE,gCAAgC,CAAC;IAC3C,UAAU,CAAC,EAAE,kCAAkC,CAAC;CACjD;AAED,MAAM,WAAW,yBAAyB;IACxC,IAAI,CAAC,OAAO,CAAC,EAAE,0BAA0B,GAAG,OAAO,CAAC,2BAA2B,CAAC,CAAC;IACjF,GAAG,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACzD,yBAAyB,CACvB,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,gCAAgC,CAAC,CAAC;IAC7C,iBAAiB,CACf,OAAO,EAAE,qCAAqC,GAC7C,OAAO,CAAC,wBAAwB,CAAC,CAAC;CACtC;AAED,MAAM,WAAW,qBAAsB,SAAQ,yBAAyB;IACtE,MAAM,CACJ,OAAO,CAAC,EAAE,4BAA4B,GACrC,OAAO,CAAC,6BAA6B,CAAC,CAAC;CAC3C"}

package/dist/audit.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=audit.js.map

package/dist/audit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.js","sourceRoot":"","sources":["../src/audit.ts"],"names":[],"mappings":""}

package/dist/auth.d.ts

@@ -0,0 +1,22 @@
+import type { GlobiguardEnvironment } from "./environment.js";
+export type GlobiguardCredentialKind = "publishable" | "secret" | "local";
+export interface GlobiguardCredentialBase {
+    projectId?: string;
+    token?: string;
+}
+export interface GlobiguardPublishableCredential extends GlobiguardCredentialBase {
+    kind: "publishable";
+    token: string;
+    projectId: string;
+}
+export interface GlobiguardSecretCredential extends GlobiguardCredentialBase {
+    kind: "secret";
+    token: string;
+    projectId: string;
+    environment: Exclude<GlobiguardEnvironment, "local">;
+}
+export interface GlobiguardLocalCredential extends GlobiguardCredentialBase {
+    kind: "local";
+}
+export type GlobiguardCredential = GlobiguardPublishableCredential | GlobiguardSecretCredential | GlobiguardLocalCredential;
+//# sourceMappingURL=auth.d.ts.map

package/dist/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,kBAAkB,CAAC;AAE9D,MAAM,MAAM,wBAAwB,GAAG,aAAa,GAAG,QAAQ,GAAG,OAAO,CAAC;AAE1E,MAAM,WAAW,wBAAwB;IACvC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,+BAAgC,SAAQ,wBAAwB;IAC/E,IAAI,EAAE,aAAa,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,0BAA2B,SAAQ,wBAAwB;IAC1E,IAAI,EAAE,QAAQ,CAAC;IACf,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,OAAO,CAAC,qBAAqB,EAAE,OAAO,CAAC,CAAC;CACtD;AAED,MAAM,WAAW,yBAA0B,SAAQ,wBAAwB;IACzE,IAAI,EAAE,OAAO,CAAC;CACf;AAED,MAAM,MAAM,oBAAoB,GAC5B,+BAA+B,GAC/B,0BAA0B,GAC1B,yBAAyB,CAAC"}

package/dist/auth.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=auth.js.map

package/dist/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":""}

package/dist/authority.d.ts

@@ -0,0 +1,118 @@
+import type { GlobiguardDecision } from "./decision.js";
+export declare const GLOBIGUARD_AUTHORITY_CONTRACT_VERSION: "2026-05-authority-beta";
+export declare const GLOBIGUARD_PUBLIC_API_FAMILIES: readonly ["actions.v1", "audit.v1", "queue.v1", "webhooks.v1"];
+export type GlobiguardPublicApiFamily = (typeof GLOBIGUARD_PUBLIC_API_FAMILIES)[number];
+export declare const GLOBIGUARD_AUTHORITY_LEVELS: readonly ["browser_read", "server_authority", "webhook_receiver", "internal_only"];
+export type GlobiguardAuthorityLevel = (typeof GLOBIGUARD_AUTHORITY_LEVELS)[number];
+export interface GlobiguardContractCompatibility {
+    contractVersion: typeof GLOBIGUARD_AUTHORITY_CONTRACT_VERSION | string;
+    apiFamily: GlobiguardPublicApiFamily;
+    minControlPlaneVersion?: string;
+    stability: "beta" | "stable" | "deprecated";
+}
+export declare const GLOBIGUARD_AUTHORITY_COMPATIBILITY: {
+    readonly contractVersion: "2026-05-authority-beta";
+    readonly apiFamilies: readonly ["actions.v1", "audit.v1", "queue.v1", "webhooks.v1"];
+    readonly stability: "beta";
+};
+export interface GlobiguardAuthorityBoundary {
+    authorityLevel: GlobiguardAuthorityLevel;
+    browserSafe: boolean;
+    serverSecretRequired: boolean;
+    rawPayloadAllowed: boolean;
+}
+export interface GlobiguardBrowserSafeContract {
+    boundary: {
+        authorityLevel: "browser_read";
+        browserSafe: true;
+        serverSecretRequired: false;
+        rawPayloadAllowed: false;
+    };
+}
+export interface GlobiguardServerAuthorityContract {
+    boundary: {
+        authorityLevel: "server_authority";
+        browserSafe: false;
+        serverSecretRequired: true;
+        rawPayloadAllowed: false;
+    };
+}
+export declare const GLOBIGUARD_BROWSER_READ_BOUNDARY: Readonly<{
+    authorityLevel: "browser_read";
+    browserSafe: true;
+    serverSecretRequired: false;
+    rawPayloadAllowed: false;
+}>;
+export declare const GLOBIGUARD_SERVER_AUTHORITY_BOUNDARY: Readonly<{
+    authorityLevel: "server_authority";
+    browserSafe: false;
+    serverSecretRequired: true;
+    rawPayloadAllowed: false;
+}>;
+export declare const GLOBIGUARD_SDK_ERROR_KINDS: readonly ["POLICY_BLOCKED", "QUEUED_FOR_REVIEW", "STEP_UP_REQUIRED", "PERMISSION_REQUIRED", "EVIDENCE_UNAVAILABLE", "REPLAY_INCOMPLETE", "RATE_LIMITED", "MISCONFIGURED_CLIENT_BOUNDARY", "CONTROL_PLANE_UNAVAILABLE", "WEBHOOK_VERIFICATION_FAILED"];
+export type GlobiguardSdkErrorKind = (typeof GLOBIGUARD_SDK_ERROR_KINDS)[number];
+export interface GlobiguardSdkErrorShape {
+    kind: GlobiguardSdkErrorKind;
+    message: string;
+    authorizationId?: string;
+    queueEntryId?: string | null;
+    evidencePackageId?: string;
+    retryAfterSeconds?: number;
+    safeDetails?: Record<string, string | number | boolean | null>;
+}
+export declare const GLOBIGUARD_EVIDENCE_SUMMARY_SCHEMA_VERSION: "2026-05-evidence-summary-beta";
+export declare const GLOBIGUARD_REDACTION_MODES: readonly ["metadata_only", "masked_fields", "customer_managed_raw"];
+export type GlobiguardRedactionMode = (typeof GLOBIGUARD_REDACTION_MODES)[number];
+export interface GlobiguardEvidenceIntegrity {
+    checksumAlgorithm: "sha256";
+    checksum: string;
+    signedAt?: string;
+    signerKeyId?: string;
+}
+export interface GlobiguardEvidenceRedactionSummary {
+    mode: GlobiguardRedactionMode;
+    rawPayloadIncluded: false;
+    maskedFieldCount?: number;
+    fieldTypes?: string[];
+}
+export interface GlobiguardEvidenceSourceReference {
+    kind: "audit_event" | "approval" | "policy_version" | "workflow_run" | "queue_entry" | "control_mapping";
+    id: string;
+    uri?: string;
+    checksum?: string;
+}
+export interface GlobiguardEvidencePackageSummary extends GlobiguardBrowserSafeContract {
+    schemaVersion: typeof GLOBIGUARD_EVIDENCE_SUMMARY_SCHEMA_VERSION | string;
+    evidencePackageId: string;
+    status: "ready" | "pending" | "unavailable";
+    generatedAt?: string;
+    scope: {
+        from?: string | null;
+        to?: string | null;
+        workflowRunId?: string | null;
+        frameworkId?: string | null;
+    };
+    decisionCounts: Partial<Record<GlobiguardDecision, number>>;
+    integrity?: GlobiguardEvidenceIntegrity;
+    redaction: GlobiguardEvidenceRedactionSummary;
+    sourceRefs: GlobiguardEvidenceSourceReference[];
+    artifact?: {
+        delivery: "download_url" | "object_ref" | "inline_json";
+        uri?: string;
+        expiresAt?: string;
+        approxBytes?: number;
+    };
+    disclaimers: string[];
+}
+export interface GlobiguardEvidenceExportDescriptor {
+    evidencePackageId: string;
+    summary: GlobiguardEvidencePackageSummary;
+    artifact?: {
+        delivery: "download_url" | "object_ref" | "inline_json";
+        uri?: string;
+        checksum: string;
+        expiresAt?: string;
+        approxBytes?: number;
+    };
+}
+//# sourceMappingURL=authority.d.ts.map