@grwnd/pi-governance 1.4.1 → 1.5.0

package/dist/index.cjs

@@ -3759,6 +3759,10 @@ __export(index_exports, {
   ConfigValidationError: () => ConfigValidationError,
   ConfigWatcher: () => ConfigWatcher,
   DANGEROUS_PATTERNS: () => DANGEROUS_PATTERNS,
+  DLP_PII_PATTERNS: () => PII_PATTERNS,
+  DLP_SECRET_PATTERNS: () => SECRET_PATTERNS,
+  DlpMasker: () => DlpMasker,
+  DlpScanner: () => DlpScanner,
   EnvIdentityProvider: () => EnvIdentityProvider,
   IdentityChain: () => IdentityChain,
   JsonlAuditSink: () => JsonlAuditSink,
@@ -3770,6 +3774,7 @@ __export(index_exports, {
   WebhookAuditSink: () => WebhookAuditSink,
   YamlFactStore: () => YamlFactStore,
   YamlPolicyEngine: () => YamlPolicyEngine,
+  compareSeverity: () => compareSeverity,
   createApprovalFlow: () => createApprovalFlow,
   createIdentityChain: () => createIdentityChain,
   createPolicyEngine: () => createPolicyEngine,
@@ -3856,12 +3861,78 @@ var OrgUnitOverride = import_typebox.Type.Object({
     })
   )
 });
+var DlpMaskingConfig = import_typebox.Type.Object({
+  strategy: import_typebox.Type.Union([import_typebox.Type.Literal("partial"), import_typebox.Type.Literal("full"), import_typebox.Type.Literal("hash")], {
+    default: "partial"
+  }),
+  show_chars: import_typebox.Type.Optional(import_typebox.Type.Number({ default: 4, minimum: 0 })),
+  placeholder: import_typebox.Type.Optional(import_typebox.Type.String({ default: "***" }))
+});
+var DlpCustomPatternConfig = import_typebox.Type.Object({
+  name: import_typebox.Type.String(),
+  pattern: import_typebox.Type.String(),
+  severity: import_typebox.Type.Union([
+    import_typebox.Type.Literal("low"),
+    import_typebox.Type.Literal("medium"),
+    import_typebox.Type.Literal("high"),
+    import_typebox.Type.Literal("critical")
+  ]),
+  action: import_typebox.Type.Optional(
+    import_typebox.Type.Union([import_typebox.Type.Literal("audit"), import_typebox.Type.Literal("mask"), import_typebox.Type.Literal("block")])
+  )
+});
+var DlpAllowlistEntryConfig = import_typebox.Type.Object({
+  pattern: import_typebox.Type.String()
+});
+var DlpRoleOverrideConfig = import_typebox.Type.Object({
+  enabled: import_typebox.Type.Optional(import_typebox.Type.Boolean()),
+  mode: import_typebox.Type.Optional(
+    import_typebox.Type.Union([import_typebox.Type.Literal("audit"), import_typebox.Type.Literal("mask"), import_typebox.Type.Literal("block")])
+  ),
+  on_input: import_typebox.Type.Optional(
+    import_typebox.Type.Union([import_typebox.Type.Literal("audit"), import_typebox.Type.Literal("mask"), import_typebox.Type.Literal("block")])
+  ),
+  on_output: import_typebox.Type.Optional(
+    import_typebox.Type.Union([import_typebox.Type.Literal("audit"), import_typebox.Type.Literal("mask"), import_typebox.Type.Literal("block")])
+  )
+});
+var DlpConfig = import_typebox.Type.Object({
+  enabled: import_typebox.Type.Boolean({ default: false }),
+  mode: import_typebox.Type.Optional(
+    import_typebox.Type.Union([import_typebox.Type.Literal("audit"), import_typebox.Type.Literal("mask"), import_typebox.Type.Literal("block")], {
+      default: "audit"
+    })
+  ),
+  on_input: import_typebox.Type.Optional(
+    import_typebox.Type.Union([import_typebox.Type.Literal("audit"), import_typebox.Type.Literal("mask"), import_typebox.Type.Literal("block")])
+  ),
+  on_output: import_typebox.Type.Optional(
+    import_typebox.Type.Union([import_typebox.Type.Literal("audit"), import_typebox.Type.Literal("mask"), import_typebox.Type.Literal("block")])
+  ),
+  masking: import_typebox.Type.Optional(DlpMaskingConfig),
+  severity_threshold: import_typebox.Type.Optional(
+    import_typebox.Type.Union(
+      [import_typebox.Type.Literal("low"), import_typebox.Type.Literal("medium"), import_typebox.Type.Literal("high"), import_typebox.Type.Literal("critical")],
+      { default: "low" }
+    )
+  ),
+  built_in: import_typebox.Type.Optional(
+    import_typebox.Type.Object({
+      secrets: import_typebox.Type.Boolean({ default: true }),
+      pii: import_typebox.Type.Boolean({ default: true })
+    })
+  ),
+  custom_patterns: import_typebox.Type.Optional(import_typebox.Type.Array(DlpCustomPatternConfig)),
+  allowlist: import_typebox.Type.Optional(import_typebox.Type.Array(DlpAllowlistEntryConfig)),
+  role_overrides: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), DlpRoleOverrideConfig))
+});
 var GovernanceConfigSchema = import_typebox.Type.Object({
   auth: import_typebox.Type.Optional(AuthConfig),
   policy: import_typebox.Type.Optional(PolicyConfig),
   templates: import_typebox.Type.Optional(TemplatesConfig),
   hitl: import_typebox.Type.Optional(HitlConfig),
   audit: import_typebox.Type.Optional(AuditConfig),
+  dlp: import_typebox.Type.Optional(DlpConfig),
   org_units: import_typebox.Type.Optional(import_typebox.Type.Record(import_typebox.Type.String(), OrgUnitOverride))
 });
 
@@ -3892,6 +3963,9 @@ var DEFAULTS = {
   },
   audit: {
     sinks: [{ type: "jsonl", path: "~/.pi/agent/audit.jsonl" }]
+  },
+  dlp: {
+    enabled: false
   }
 };
 
@@ -4363,6 +4437,300 @@ var BashClassifier = class {
   }
 };
 
+// src/lib/dlp/patterns.ts
+var SECRET_PATTERNS = [
+  // AWS
+  {
+    name: "aws_access_key",
+    pattern: /\b(AKIA[0-9A-Z]{16})\b/g,
+    severity: "critical",
+    category: "secret"
+  },
+  {
+    name: "aws_secret_key",
+    pattern: /\b([A-Za-z0-9/+=]{40})(?=\s|$|"|')/g,
+    severity: "critical",
+    category: "secret"
+  },
+  // GitHub
+  {
+    name: "github_pat",
+    pattern: /\b(ghp_[A-Za-z0-9]{36,})\b/g,
+    severity: "critical",
+    category: "secret"
+  },
+  {
+    name: "github_oauth",
+    pattern: /\b(gho_[A-Za-z0-9]{36,})\b/g,
+    severity: "high",
+    category: "secret"
+  },
+  {
+    name: "github_app_token",
+    pattern: /\b(ghu_[A-Za-z0-9]{36,})\b/g,
+    severity: "high",
+    category: "secret"
+  },
+  // Anthropic
+  {
+    name: "anthropic_api_key",
+    pattern: /\b(sk-ant-api03-[A-Za-z0-9_-]{90,})\b/g,
+    severity: "critical",
+    category: "secret"
+  },
+  // OpenAI
+  {
+    name: "openai_api_key",
+    pattern: /\b(sk-[A-Za-z0-9]{20,}T3BlbkFJ[A-Za-z0-9]{20,})\b/g,
+    severity: "critical",
+    category: "secret"
+  },
+  // JWT
+  {
+    name: "jwt_token",
+    pattern: /\b(eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,})\b/g,
+    severity: "high",
+    category: "secret"
+  },
+  // Private key headers
+  {
+    name: "private_key",
+    pattern: /-----BEGIN\s+(RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----/g,
+    severity: "critical",
+    category: "secret"
+  },
+  // Database connection strings
+  {
+    name: "database_url",
+    pattern: /\b((?:postgres|mysql|mongodb|redis):\/\/[^\s'"]{10,})\b/g,
+    severity: "high",
+    category: "secret"
+  },
+  // Slack
+  {
+    name: "slack_token",
+    pattern: /\b(xox[bpras]-[A-Za-z0-9-]{10,})\b/g,
+    severity: "high",
+    category: "secret"
+  },
+  // Stripe
+  {
+    name: "stripe_key",
+    pattern: /\b([rs]k_(?:live|test)_[A-Za-z0-9]{20,})\b/g,
+    severity: "critical",
+    category: "secret"
+  },
+  // npm
+  {
+    name: "npm_token",
+    pattern: /\b(npm_[A-Za-z0-9]{36,})\b/g,
+    severity: "high",
+    category: "secret"
+  },
+  // SendGrid
+  {
+    name: "sendgrid_key",
+    pattern: /\b(SG\.[A-Za-z0-9_-]{22,}\.[A-Za-z0-9_-]{22,})\b/g,
+    severity: "high",
+    category: "secret"
+  },
+  // Generic API key patterns (env-var style assignments)
+  {
+    name: "generic_api_key",
+    pattern: /\b(?:API_KEY|API_SECRET|ACCESS_TOKEN|AUTH_TOKEN|SECRET_KEY)\s*[=:]\s*['"]?([A-Za-z0-9_-]{16,})['"]?/gi,
+    severity: "medium",
+    category: "secret"
+  },
+  // High-entropy string near keyword context
+  {
+    name: "generic_secret_assignment",
+    pattern: /\b(?:password|passwd|secret|token|credential)\s*[=:]\s*['"]([^'"]{8,})['"]?/gi,
+    severity: "medium",
+    category: "secret"
+  }
+];
+var PII_PATTERNS = [
+  // SSN (US)
+  {
+    name: "ssn",
+    pattern: /\b(\d{3}-\d{2}-\d{4})\b/g,
+    severity: "critical",
+    category: "pii"
+  },
+  // Credit card numbers
+  {
+    name: "credit_card",
+    pattern: /\b(4\d{3}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}|5[1-5]\d{2}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}|3[47]\d{2}[\s-]?\d{6}[\s-]?\d{5}|6(?:011|5\d{2})[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4})\b/g,
+    severity: "critical",
+    category: "pii"
+  },
+  // Email address
+  {
+    name: "email",
+    pattern: /\b([A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,})\b/g,
+    severity: "low",
+    category: "pii"
+  },
+  // US phone number
+  {
+    name: "phone_us",
+    pattern: /\b(\+?1?[-.\s]?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4})\b/g,
+    severity: "medium",
+    category: "pii"
+  },
+  // IPv4 address
+  {
+    name: "ipv4",
+    pattern: /\b((?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.(?:25[0-5]|2[0-4]\d|[01]?\d\d?)\.(?:25[0-5]|2[0-4]\d|[01]?\d\d?))\b/g,
+    severity: "low",
+    category: "pii"
+  }
+];
+
+// src/lib/dlp/scanner.ts
+var SEVERITY_ORDER = {
+  low: 0,
+  medium: 1,
+  high: 2,
+  critical: 3
+};
+var DlpScanner = class {
+  patterns;
+  allowlistRegexps;
+  severityThreshold;
+  config;
+  constructor(config) {
+    this.config = config;
+    this.severityThreshold = SEVERITY_ORDER[config.severity_threshold];
+    this.patterns = [];
+    this.allowlistRegexps = [];
+    if (config.built_in.secrets) {
+      for (const def of SECRET_PATTERNS) {
+        this.patterns.push({ def });
+      }
+    }
+    if (config.built_in.pii) {
+      for (const def of PII_PATTERNS) {
+        this.patterns.push({ def });
+      }
+    }
+    for (const cp of config.custom_patterns) {
+      const def = {
+        name: cp.name,
+        pattern: new RegExp(cp.pattern, "g"),
+        severity: cp.severity,
+        category: "custom"
+      };
+      this.patterns.push({ def, action: cp.action });
+    }
+    for (const compiled of this.patterns) {
+      const override = config.pattern_overrides.get(compiled.def.name);
+      if (override) {
+        compiled.action = override;
+      }
+    }
+    for (const entry of config.allowlist) {
+      this.allowlistRegexps.push(new RegExp(entry.pattern));
+    }
+  }
+  scan(text) {
+    if (!this.config.enabled || text.length === 0) {
+      return { hasMatches: false, matches: [] };
+    }
+    const matches = [];
+    for (const compiled of this.patterns) {
+      if (SEVERITY_ORDER[compiled.def.severity] < this.severityThreshold) {
+        continue;
+      }
+      const regex = new RegExp(compiled.def.pattern.source, compiled.def.pattern.flags);
+      let match;
+      while ((match = regex.exec(text)) !== null) {
+        const matched = match[1] ?? match[0];
+        const start = match[1] ? match.index + match[0].indexOf(match[1]) : match.index;
+        const end = start + matched.length;
+        if (this.isAllowlisted(matched)) {
+          continue;
+        }
+        matches.push({
+          patternName: compiled.def.name,
+          category: compiled.def.category,
+          severity: compiled.def.severity,
+          start,
+          end,
+          matched
+        });
+      }
+    }
+    return { hasMatches: matches.length > 0, matches };
+  }
+  getAction(direction) {
+    if (direction === "input" && this.config.on_input) {
+      return this.config.on_input;
+    }
+    if (direction === "output" && this.config.on_output) {
+      return this.config.on_output;
+    }
+    return this.config.mode;
+  }
+  getPatternAction(match, direction) {
+    const compiled = this.patterns.find((p) => p.def.name === match.patternName);
+    if (compiled?.action) {
+      return compiled.action;
+    }
+    return this.getAction(direction);
+  }
+  isAllowlisted(value) {
+    for (const re of this.allowlistRegexps) {
+      if (re.test(value)) return true;
+    }
+    return false;
+  }
+};
+function compareSeverity(a, b) {
+  return SEVERITY_ORDER[a] - SEVERITY_ORDER[b];
+}
+
+// src/lib/dlp/masker.ts
+var import_node_crypto = require("crypto");
+var DEFAULT_CONFIG = {
+  strategy: "partial",
+  show_chars: 4,
+  placeholder: "***"
+};
+var DlpMasker = class {
+  config;
+  constructor(config) {
+    this.config = { ...DEFAULT_CONFIG, ...config };
+  }
+  maskValue(value) {
+    switch (this.config.strategy) {
+      case "full":
+        return this.config.placeholder;
+      case "hash": {
+        const hash = (0, import_node_crypto.createHash)("sha256").update(value).digest("hex").slice(0, 8);
+        return `[REDACTED:${hash}]`;
+      }
+      case "partial":
+      default: {
+        if (value.length <= this.config.show_chars) {
+          return this.config.placeholder;
+        }
+        return this.config.placeholder + value.slice(-this.config.show_chars);
+      }
+    }
+  }
+  maskText(text, matches) {
+    if (matches.length === 0) return text;
+    const sorted = [...matches].sort((a, b) => b.start - a.start);
+    let result = text;
+    for (const match of sorted) {
+      const masked = this.maskValue(match.matched);
+      result = result.slice(0, match.start) + masked + result.slice(match.end);
+    }
+    return result;
+  }
+};
+
 // src/lib/budget/tracker.ts
 var BudgetTracker = class {
   _used = 0;
@@ -4488,7 +4856,7 @@ function render(templateContent, variables) {
 }
 
 // src/lib/audit/logger.ts
-var import_node_crypto = require("crypto");
+var import_node_crypto2 = require("crypto");
 
 // src/lib/audit/sinks/jsonl.ts
 var import_promises = require("fs/promises");
@@ -4585,7 +4953,7 @@ var AuditLogger = class {
   async log(record) {
     const full = {
       ...record,
-      id: (0, import_node_crypto.randomUUID)(),
+      id: (0, import_node_crypto2.randomUUID)(),
       timestamp: (/* @__PURE__ */ new Date()).toISOString()
     };
     this.counts.set(full.event, (this.counts.get(full.event) ?? 0) + 1);
@@ -4709,6 +5077,10 @@ function createApprovalFlow(config, ui) {
   ConfigValidationError,
   ConfigWatcher,
   DANGEROUS_PATTERNS,
+  DLP_PII_PATTERNS,
+  DLP_SECRET_PATTERNS,
+  DlpMasker,
+  DlpScanner,
   EnvIdentityProvider,
   IdentityChain,
   JsonlAuditSink,
@@ -4720,6 +5092,7 @@ function createApprovalFlow(config, ui) {
   WebhookAuditSink,
   YamlFactStore,
   YamlPolicyEngine,
+  compareSeverity,
   createApprovalFlow,
   createIdentityChain,
   createPolicyEngine,