@grwnd/pi-governance 2.0.0 → 3.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/LICENSE +1 -1
  2. package/README.md +12 -12
  3. package/dist/extensions/index.cjs +21 -18
  4. package/dist/extensions/index.cjs.map +1 -1
  5. package/dist/extensions/index.js +21 -18
  6. package/dist/extensions/index.js.map +1 -1
  7. package/dist/index.cjs +14 -14
  8. package/dist/index.cjs.map +1 -1
  9. package/dist/index.js +14 -14
  10. package/dist/index.js.map +1 -1
  11. package/package.json +3 -3
package/dist/extensions/index.js CHANGED
@@ -17,9 +17,9 @@ var init_defaults = __esm({
17
17
  auth: {
18
18
  provider: "env",
19
19
  env: {
20
- user_var: "PI_RBAC_USER",
21
- role_var: "PI_RBAC_ROLE",
22
- org_unit_var: "PI_RBAC_ORG_UNIT"
20
+ user_var: "PI_GOV_USER",
21
+ role_var: "PI_GOV_ROLE",
22
+ org_unit_var: "PI_GOV_ORG_UNIT"
23
23
  }
24
24
  },
25
25
  policy: {
@@ -898,15 +898,15 @@ var init_html = __esm({
898
898
  <div class="field-row-3">
899
899
  <div class="field">
900
900
  <label>User Var</label>
901
- <input type="text" id="auth-user-var" value="PI_RBAC_USER" onchange="updatePreview()">
901
+ <input type="text" id="auth-user-var" value="PI_GOV_USER" onchange="updatePreview()">
902
902
  </div>
903
903
  <div class="field">
904
904
  <label>Role Var</label>
905
- <input type="text" id="auth-role-var" value="PI_RBAC_ROLE" onchange="updatePreview()">
905
+ <input type="text" id="auth-role-var" value="PI_GOV_ROLE" onchange="updatePreview()">
906
906
  </div>
907
907
  <div class="field">
908
908
  <label>Org Unit Var</label>
909
- <input type="text" id="auth-org-unit-var" value="PI_RBAC_ORG_UNIT" onchange="updatePreview()">
909
+ <input type="text" id="auth-org-unit-var" value="PI_GOV_ORG_UNIT" onchange="updatePreview()">
910
910
  </div>
911
911
  </div>
912
912
  </div>
@@ -1356,9 +1356,9 @@ function buildGovernanceConfig() {
1356
1356
  cfg.auth = { provider: authProvider };
1357
1357
  if (authProvider === 'env') {
1358
1358
  cfg.auth.env = {
1359
- user_var: document.getElementById('auth-user-var').value || 'PI_RBAC_USER',
1360
- role_var: document.getElementById('auth-role-var').value || 'PI_RBAC_ROLE',
1361
- org_unit_var: document.getElementById('auth-org-unit-var').value || 'PI_RBAC_ORG_UNIT'
1359
+ user_var: document.getElementById('auth-user-var').value || 'PI_GOV_USER',
1360
+ role_var: document.getElementById('auth-role-var').value || 'PI_GOV_ROLE',
1361
+ org_unit_var: document.getElementById('auth-org-unit-var').value || 'PI_GOV_ORG_UNIT'
1362
1362
  };
1363
1363
  } else if (authProvider === 'local') {
1364
1364
  cfg.auth.local = {
@@ -1691,9 +1691,9 @@ import { Value } from "@sinclair/typebox/value";
1691
1691
  // src/lib/config/schema.ts
1692
1692
  import { Type } from "@sinclair/typebox";
1693
1693
  var AuthEnvConfig = Type.Object({
1694
- user_var: Type.String({ default: "PI_RBAC_USER" }),
1695
- role_var: Type.String({ default: "PI_RBAC_ROLE" }),
1696
- org_unit_var: Type.String({ default: "PI_RBAC_ORG_UNIT" })
1694
+ user_var: Type.String({ default: "PI_GOV_USER" }),
1695
+ role_var: Type.String({ default: "PI_GOV_ROLE" }),
1696
+ org_unit_var: Type.String({ default: "PI_GOV_ORG_UNIT" })
1697
1697
  });
1698
1698
  var AuthLocalConfig = Type.Object({
1699
1699
  users_file: Type.String({ default: "./users.yaml" })
@@ -1840,7 +1840,7 @@ var GovernanceConfigSchema = Type.Object({
1840
1840
  init_defaults();
1841
1841
  function getConfigPaths() {
1842
1842
  return [
1843
- process.env["PI_RBAC_GOVERNANCE_CONFIG"],
1843
+ process.env["PI_GOV_GOVERNANCE_CONFIG"],
1844
1844
  ".pi/governance.yaml",
1845
1845
  `${process.env["HOME"]}/.pi/agent/governance.yaml`
1846
1846
  ];
@@ -1887,7 +1887,7 @@ ${details}`);
1887
1887
 
1888
1888
  // src/lib/identity/env-provider.ts
1889
1889
  var EnvIdentityProvider = class {
1890
- constructor(userVar = "PI_RBAC_USER", roleVar = "PI_RBAC_ROLE", orgUnitVar = "PI_RBAC_ORG_UNIT") {
1890
+ constructor(userVar = "PI_GOV_USER", roleVar = "PI_GOV_ROLE", orgUnitVar = "PI_GOV_ORG_UNIT") {
1891
1891
  this.userVar = userVar;
1892
1892
  this.roleVar = roleVar;
1893
1893
  this.orgUnitVar = orgUnitVar;
@@ -3103,6 +3103,7 @@ var piGovernance = (pi) => {
3103
3103
  );
3104
3104
  });
3105
3105
  pi.on("tool_call", async (event, _ctx) => {
3106
+ if (!audit || !policyEngine || !identity) return void 0;
3106
3107
  const { toolName, input } = event;
3107
3108
  const params = summarizeParams(toolName, input);
3108
3109
  const baseRecord = {
@@ -3319,6 +3320,7 @@ var piGovernance = (pi) => {
3319
3320
  return void 0;
3320
3321
  });
3321
3322
  pi.on("tool_result", async (event, _ctx) => {
3323
+ if (!audit || !identity) return;
3322
3324
  if (dlpScanner && dlpMasker && event.output) {
3323
3325
  const result = dlpScanner.scan(event.output);
3324
3326
  if (result.hasMatches) {
@@ -3370,15 +3372,16 @@ var piGovernance = (pi) => {
3370
3372
  });
3371
3373
  pi.on("session_shutdown", async (_event, _ctx) => {
3372
3374
  configWatcher?.stop();
3375
+ if (!audit) return;
3373
3376
  await audit.log({
3374
3377
  sessionId,
3375
3378
  event: "session_end",
3376
- userId: identity.userId,
3377
- role: identity.role,
3378
- orgUnit: identity.orgUnit,
3379
+ userId: identity?.userId,
3380
+ role: identity?.role,
3381
+ orgUnit: identity?.orgUnit,
3379
3382
  metadata: {
3380
3383
  stats: { ...stats },
3381
- budget: { used: budgetTracker.used(), remaining: budgetTracker.remaining() },
3384
+ budget: budgetTracker ? { used: budgetTracker.used(), remaining: budgetTracker.remaining() } : void 0,
3382
3385
  summary: Object.fromEntries(audit.getSummary())
3383
3386
  }
3384
3387
  });