npm - @haaaiawd/second-nature - Versions diffs - 0.1.1 → 0.1.2 - Mend

@haaaiawd/second-nature 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (200) hide show

package/runtime/observability/db/schema/index.js ADDED Viewed

@@ -0,0 +1,70 @@
+import { integer, sqliteTable, text, uniqueIndex, index } from "drizzle-orm/sqlite-core";
+export const decisionLedger = sqliteTable("decision_ledger", {
+    id: text("id").primaryKey(),
+    tickId: text("tick_id").notNull(),
+    traceId: text("trace_id").notNull(),
+    intentId: text("intent_id"),
+    platformId: text("platform_id"),
+    verdict: text("verdict").notNull(),
+    mode: text("mode").notNull(),
+    reasons: text("reasons").notNull(),
+    reasonCodes: text("reason_codes").notNull(),
+    decisionBasis: text("decision_basis").notNull(),
+    evidenceRefs: text("evidence_refs").notNull(),
+    modelEvalRef: text("model_eval_ref"),
+    createdAt: text("created_at").notNull(),
+}, (table) => [
+    index("decision_tick_idx").on(table.tickId),
+    uniqueIndex("decision_trace_idx").on(table.traceId),
+]);
+export const executionAttempts = sqliteTable("execution_attempts", {
+    id: text("id").primaryKey(),
+    traceId: text("trace_id").notNull(),
+    decisionId: text("decision_id").notNull(),
+    intentId: text("intent_id").notNull(),
+    platformId: text("platform_id").notNull(),
+    capability: text("capability").notNull(),
+    channel: text("channel").notNull(),
+    status: text("status").notNull(),
+    commitState: text("commit_state"),
+    failureClass: text("failure_class"),
+    retryPolicy: text("retry_policy"),
+    idempotencyKey: text("idempotency_key"),
+    startedAt: text("started_at"),
+    finishedAt: text("finished_at"),
+}, (table) => [
+    uniqueIndex("attempt_trace_idx").on(table.traceId),
+    index("attempt_decision_idx").on(table.decisionId),
+    index("attempt_platform_idx").on(table.platformId),
+]);
+export const governanceAudit = sqliteTable("governance_audit", {
+    id: text("id").primaryKey(),
+    eventType: text("event_type").notNull(),
+    proposalId: text("proposal_id"),
+    targetAssetId: text("target_asset_id"),
+    assetPath: text("asset_path"),
+    statusFrom: text("status_from"),
+    statusTo: text("status_to").notNull(),
+    beforeHash: text("before_hash"),
+    afterHash: text("after_hash"),
+    supportingSources: text("supporting_sources"),
+    reason: text("reason"),
+    verificationDeadline: text("verification_deadline"),
+    attemptsRemaining: integer("attempts_remaining"),
+    createdAt: text("created_at").notNull(),
+}, (table) => [
+    index("audit_proposal_idx").on(table.proposalId),
+    index("audit_asset_idx").on(table.targetAssetId),
+    index("audit_event_idx").on(table.eventType),
+]);
+export const redactionManifest = sqliteTable("redaction_manifest", {
+    id: text("id").primaryKey(),
+    eventId: text("event_id").notNull(),
+    eventType: text("event_type").notNull(),
+    fieldName: text("field_name").notNull(),
+    action: text("action").notNull(),
+    originalValueHash: text("original_value_hash"),
+    createdAt: text("created_at").notNull(),
+}, (table) => [
+    index("redact_event_idx").on(table.eventId),
+]);

package/runtime/observability/index.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+export { createObservabilityDatabase, type ObservabilityDatabase } from "./db/index.js";
+export * as obsSchema from "./db/schema/index.js";
+export { REDACTION_CONFIG, DEFAULT_REDACTION_POLICY, getFieldRedactionRule, type RedactionPolicy, type RedactionRule, type SensitivityLevel, } from "./redaction/policy.js";
+export { redactEvent, createEmptyManifest, mergeManifests, type RedactionManifest, type RedactionResult, } from "./redaction/manifest.js";
+export { DecisionLedger, type QuietLifecycleEvent, type OutreachDecision } from "./services/decision-ledger.js";
+export { GovernanceAudit, type CredentialLifecycleAudit } from "./services/governance-audit.js";
+export { ExecutionTelemetry, type ExecutionAttemptInput } from "./services/execution-telemetry.js";
+export { EvidenceQueryEngine, } from "./query/evidence-query-engine.js";
+export type { EvidenceQuery, EvidenceBundle, EvidenceResolutionPlan, GovernanceEvidenceRecord, ResolvedContentRef, ExplanationCapsule, } from "./query/compose-evidence.js";
+export { projectReflectionAudit, type ReflectionAudit, type ReflectionAuditProjection, } from "./projections/reflection-audit.js";
+export { projectOutreachQualityAudit, type OutreachQualityAudit, type OutreachQualityProjection, } from "./projections/outreach-quality-audit.js";
+export { projectGuidanceParticipationAudit, type GuidanceParticipationAudit, type GuidanceParticipationProjection, } from "./projections/guidance-audit.js";

package/runtime/observability/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+export { createObservabilityDatabase } from "./db/index.js";
+export * as obsSchema from "./db/schema/index.js";
+export { REDACTION_CONFIG, DEFAULT_REDACTION_POLICY, getFieldRedactionRule, } from "./redaction/policy.js";
+export { redactEvent, createEmptyManifest, mergeManifests, } from "./redaction/manifest.js";
+export { DecisionLedger } from "./services/decision-ledger.js";
+export { GovernanceAudit } from "./services/governance-audit.js";
+export { ExecutionTelemetry } from "./services/execution-telemetry.js";
+export { EvidenceQueryEngine, } from "./query/evidence-query-engine.js";
+export { projectReflectionAudit, } from "./projections/reflection-audit.js";
+export { projectOutreachQualityAudit, } from "./projections/outreach-quality-audit.js";
+export { projectGuidanceParticipationAudit, } from "./projections/guidance-audit.js";

package/runtime/observability/projections/guidance-audit.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import type { GuidancePayload, GuidanceUnavailable, SceneContext } from "../../guidance/types.js";
+export interface GuidanceParticipationAudit {
+    id: string;
+    sceneContext: SceneContext;
+    payload: GuidancePayload | GuidanceUnavailable;
+    usedFallback: boolean;
+}
+export interface GuidanceParticipationProjection {
+    eventId: string;
+    sceneType: SceneContext["sceneType"];
+    usedFallback: boolean;
+    guidanceAvailable: boolean;
+    blockSummary: string[];
+    snippetRationales: string[];
+}
+export declare function projectGuidanceParticipationAudit(input: GuidanceParticipationAudit): GuidanceParticipationProjection;

package/runtime/observability/projections/guidance-audit.js ADDED Viewed

@@ -0,0 +1,35 @@
+function summarizePayloadBlocks(payload) {
+    if ("available" in payload) {
+        return [`unavailable:${payload.reason}`];
+    }
+    const blocks = [];
+    if (payload.atmosphere) {
+        blocks.push("atmosphere");
+    }
+    if (payload.impulses.length > 0) {
+        blocks.push(...payload.impulses.map((item) => `impulse:${item.kind}`));
+    }
+    if (payload.personaReinforcement.length > 0) {
+        blocks.push(`persona:${payload.personaReinforcement.length}`);
+    }
+    if (payload.outputGuard) {
+        blocks.push("output_guard");
+    }
+    return blocks;
+}
+function summarizeRationales(payload) {
+    if ("available" in payload) {
+        return [];
+    }
+    return payload.personaReinforcement.map((item) => item.rationale);
+}
+export function projectGuidanceParticipationAudit(input) {
+    return {
+        eventId: input.id,
+        sceneType: input.sceneContext.sceneType,
+        usedFallback: input.usedFallback,
+        guidanceAvailable: !(("available" in input.payload) && input.payload.available === false),
+        blockSummary: summarizePayloadBlocks(input.payload),
+        snippetRationales: summarizeRationales(input.payload),
+    };
+}

package/runtime/observability/projections/outreach-quality-audit.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+export interface OutreachQualityAudit {
+    id: string;
+    valueScore: number;
+    noveltyScore: number;
+    requiredUserAction: boolean;
+    suppressionReason?: string;
+}
+export interface OutreachQualityProjection {
+    eventId: string;
+    valueScore: number;
+    noveltyScore: number;
+    requiredUserAction: boolean;
+    suppressionReason?: string;
+}
+export declare function projectOutreachQualityAudit(input: OutreachQualityAudit): OutreachQualityProjection;

package/runtime/observability/projections/outreach-quality-audit.js ADDED Viewed

@@ -0,0 +1,9 @@
+export function projectOutreachQualityAudit(input) {
+    return {
+        eventId: input.id,
+        valueScore: input.valueScore,
+        noveltyScore: input.noveltyScore,
+        requiredUserAction: input.requiredUserAction,
+        suppressionReason: input.suppressionReason,
+    };
+}

package/runtime/observability/projections/reflection-audit.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+export interface ReflectionAudit {
+    id: string;
+    modelEvalRef?: string;
+    claimCount: number;
+    unsupportedClaimCount: number;
+    sourceCoverageRatio: number;
+    reflectionDebt?: number;
+    starved?: boolean;
+}
+export interface ReflectionAuditProjection {
+    eventId: string;
+    unsupportedClaimCount: number;
+    sourceCoverageRatio: number;
+    claimCount: number;
+    modelEvalRef?: string;
+}
+export declare function projectReflectionAudit(input: ReflectionAudit): ReflectionAuditProjection;

package/runtime/observability/projections/reflection-audit.js ADDED Viewed

@@ -0,0 +1,9 @@
+export function projectReflectionAudit(input) {
+    return {
+        eventId: input.id,
+        unsupportedClaimCount: input.unsupportedClaimCount,
+        sourceCoverageRatio: input.sourceCoverageRatio,
+        claimCount: input.claimCount,
+        modelEvalRef: input.modelEvalRef,
+    };
+}

package/runtime/observability/query/compose-evidence.d.ts ADDED Viewed

@@ -0,0 +1,56 @@
+import type { DecisionRecord, ExecutionAttempt } from "../../shared/types/continuity.js";
+export interface GovernanceEvidenceRecord {
+    id: string;
+    eventType: string;
+    proposalId?: string;
+    targetAssetId?: string;
+    assetPath?: string;
+    statusFrom?: string;
+    statusTo: string;
+    beforeHash?: string;
+    afterHash?: string;
+    supportingSources: string[];
+    reason?: string;
+    verificationDeadline?: string;
+    attemptsRemaining?: number;
+    createdAt: string;
+}
+export interface ResolvedContentRef {
+    ref: string;
+    resolved: boolean;
+    content?: string;
+}
+export interface EvidenceResolutionPlan {
+    path: string[];
+    key: "decisionId" | "traceId" | "assetId" | "proposalId" | "sessionId";
+}
+export interface EvidenceQuery {
+    decisionId?: string;
+    traceId?: string;
+    assetId?: string;
+    proposalId?: string;
+    sessionId?: string;
+    includeContentRefs?: boolean;
+}
+export interface ExplanationCapsule {
+    conclusion: string;
+    keyFactors: string[];
+    evidenceRefs: string[];
+}
+export interface EvidenceBundle {
+    query: EvidenceQuery;
+    plan: EvidenceResolutionPlan;
+    decisions: DecisionRecord[];
+    attempts: ExecutionAttempt[];
+    governance: GovernanceEvidenceRecord[];
+    resolvedContentRefs: ResolvedContentRef[];
+    explanation: ExplanationCapsule;
+}
+export declare function composeEvidenceBundle(input: {
+    query: EvidenceQuery;
+    plan: EvidenceResolutionPlan;
+    decisions: DecisionRecord[];
+    attempts: ExecutionAttempt[];
+    governance: GovernanceEvidenceRecord[];
+    resolvedContentRefs: ResolvedContentRef[];
+}): EvidenceBundle;

package/runtime/observability/query/compose-evidence.js ADDED Viewed

@@ -0,0 +1,43 @@
+function collectEvidenceRefs(decisions, governance) {
+    const refs = new Set();
+    for (const record of decisions) {
+        for (const ref of record.evidenceRefs) {
+            refs.add(ref);
+        }
+    }
+    for (const record of governance) {
+        for (const ref of record.supportingSources) {
+            refs.add(ref);
+        }
+    }
+    return [...refs];
+}
+export function composeEvidenceBundle(input) {
+    const { query, plan, decisions, attempts, governance, resolvedContentRefs } = input;
+    const evidenceRefs = collectEvidenceRefs(decisions, governance);
+    const keyFactors = [
+        ...new Set([
+            ...decisions.flatMap((d) => d.reasonCodes),
+            ...attempts.map((a) => a.failureClass).filter((x) => Boolean(x)),
+            ...governance.map((g) => g.eventType),
+        ]),
+    ];
+    const conclusion = decisions.length > 0
+        ? `找到 ${decisions.length} 条决策证据与 ${attempts.length} 条执行证据。`
+        : governance.length > 0
+            ? `找到 ${governance.length} 条治理证据。`
+            : "仅找到有限证据，建议补充查询键。";
+    return {
+        query,
+        plan,
+        decisions,
+        attempts,
+        governance,
+        resolvedContentRefs,
+        explanation: {
+            conclusion,
+            keyFactors,
+            evidenceRefs,
+        },
+    };
+}

package/runtime/observability/query/evidence-query-engine.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import type { ObservabilityDatabase } from "../db/index.js";
+import { type EvidenceBundle, type EvidenceQuery, type EvidenceResolutionPlan } from "./compose-evidence.js";
+interface ContentResolver {
+    resolve(ref: string): Promise<string | undefined>;
+}
+export declare class EvidenceQueryEngine {
+    private readonly db;
+    private readonly contentResolver;
+    constructor(db: ObservabilityDatabase, contentResolver?: ContentResolver);
+    resolveEvidencePath(query: EvidenceQuery): EvidenceResolutionPlan;
+    queryEvidence(query: EvidenceQuery): Promise<EvidenceBundle>;
+    private loadDecisions;
+    private loadAttempts;
+    private loadGovernance;
+    private resolveContentRefs;
+}
+export {};

package/runtime/observability/query/evidence-query-engine.js ADDED Viewed

@@ -0,0 +1,166 @@
+import { eq } from "drizzle-orm";
+import { decisionLedger, executionAttempts, governanceAudit } from "../db/schema/index.js";
+import { composeEvidenceBundle, } from "./compose-evidence.js";
+class NullContentResolver {
+    async resolve(_ref) {
+        return undefined;
+    }
+}
+export class EvidenceQueryEngine {
+    db;
+    contentResolver;
+    constructor(db, contentResolver = new NullContentResolver()) {
+        this.db = db;
+        this.contentResolver = contentResolver;
+    }
+    resolveEvidencePath(query) {
+        if (query.decisionId) {
+            return { key: "decisionId", path: ["decision", "attempts"] };
+        }
+        if (query.proposalId) {
+            return { key: "proposalId", path: ["anchor_audit"] };
+        }
+        if (query.assetId) {
+            return { key: "assetId", path: ["anchor_audit"] };
+        }
+        if (query.traceId) {
+            return { key: "traceId", path: ["telemetry", "decision"] };
+        }
+        throw new Error("evidence_query_requires_index_key");
+    }
+    async queryEvidence(query) {
+        if (query.sessionId) {
+            throw new Error("evidence_query_sessionId_unsupported");
+        }
+        const plan = this.resolveEvidencePath(query);
+        const decisions = await this.loadDecisions(query, plan);
+        const attempts = await this.loadAttempts(query, plan, decisions);
+        const governance = await this.loadGovernance(query, plan, decisions);
+        const resolvedContentRefs = await this.resolveContentRefs(query, decisions, governance);
+        return composeEvidenceBundle({
+            query,
+            plan,
+            decisions,
+            attempts,
+            governance,
+            resolvedContentRefs,
+        });
+    }
+    async loadDecisions(query, plan) {
+        if (!plan.path.includes("decision")) {
+            return [];
+        }
+        if (query.decisionId) {
+            const rows = await this.db.db.select().from(decisionLedger).where(eq(decisionLedger.id, query.decisionId));
+            return rows.map(mapDecisionRow);
+        }
+        if (query.traceId) {
+            const rows = await this.db.db.select().from(decisionLedger).where(eq(decisionLedger.traceId, query.traceId));
+            return rows.map(mapDecisionRow);
+        }
+        return [];
+    }
+    async loadAttempts(query, plan, _decisions) {
+        if (!plan.path.includes("attempts") && !plan.path.includes("telemetry")) {
+            return [];
+        }
+        if (query.traceId) {
+            const rows = await this.db.db.select().from(executionAttempts).where(eq(executionAttempts.traceId, query.traceId));
+            return rows.map(mapAttemptRow);
+        }
+        if (query.decisionId) {
+            const rows = await this.db.db.select().from(executionAttempts).where(eq(executionAttempts.decisionId, query.decisionId));
+            return rows.map(mapAttemptRow);
+        }
+        return [];
+    }
+    async loadGovernance(query, plan, _decisions) {
+        if (!plan.path.includes("anchor_audit")) {
+            return [];
+        }
+        if (query.proposalId) {
+            const rows = await this.db.db.select().from(governanceAudit).where(eq(governanceAudit.proposalId, query.proposalId));
+            return rows.map(mapGovernanceRow);
+        }
+        if (query.assetId) {
+            const rows = await this.db.db.select().from(governanceAudit).where(eq(governanceAudit.targetAssetId, query.assetId));
+            return rows.map(mapGovernanceRow);
+        }
+        return [];
+    }
+    async resolveContentRefs(query, decisions, governance) {
+        if (!query.includeContentRefs) {
+            return [];
+        }
+        const refs = new Set();
+        for (const decision of decisions) {
+            for (const ref of decision.evidenceRefs) {
+                refs.add(ref);
+            }
+        }
+        for (const gov of governance) {
+            for (const ref of gov.supportingSources) {
+                refs.add(ref);
+            }
+        }
+        const resolved = [];
+        for (const ref of refs) {
+            const content = await this.contentResolver.resolve(ref);
+            resolved.push({ ref, resolved: typeof content === "string", content });
+        }
+        return resolved;
+    }
+}
+function mapDecisionRow(row) {
+    return {
+        id: row.id,
+        tickId: row.tickId,
+        traceId: row.traceId,
+        intentId: row.intentId ?? undefined,
+        platformId: row.platformId ?? undefined,
+        verdict: row.verdict,
+        mode: row.mode,
+        reasons: JSON.parse(row.reasons),
+        reasonCodes: JSON.parse(row.reasonCodes),
+        decisionBasis: row.decisionBasis,
+        evidenceRefs: JSON.parse(row.evidenceRefs),
+        modelEvalRef: row.modelEvalRef ?? undefined,
+        createdAt: row.createdAt,
+    };
+}
+function mapAttemptRow(row) {
+    return {
+        id: row.id,
+        traceId: row.traceId,
+        decisionId: row.decisionId,
+        intentId: row.intentId,
+        platformId: row.platformId,
+        capability: row.capability,
+        channel: row.channel,
+        status: row.status,
+        commitState: row.commitState,
+        failureClass: row.failureClass ?? undefined,
+        retryPolicy: row.retryPolicy ?? undefined,
+        idempotencyKey: row.idempotencyKey ?? undefined,
+        startedAt: row.startedAt ?? undefined,
+        finishedAt: row.finishedAt ?? undefined,
+    };
+}
+function mapGovernanceRow(row) {
+    return {
+        id: row.id,
+        eventType: row.eventType,
+        proposalId: row.proposalId ?? undefined,
+        targetAssetId: row.targetAssetId ?? undefined,
+        assetPath: row.assetPath ?? undefined,
+        statusFrom: row.statusFrom ?? undefined,
+        statusTo: row.statusTo,
+        beforeHash: row.beforeHash ?? undefined,
+        afterHash: row.afterHash ?? undefined,
+        supportingSources: JSON.parse(row.supportingSources ?? "[]"),
+        reason: row.reason ?? undefined,
+        verificationDeadline: row.verificationDeadline ?? undefined,
+        attemptsRemaining: row.attemptsRemaining ?? undefined,
+        createdAt: row.createdAt,
+    };
+}

package/runtime/observability/redaction/manifest.d.ts ADDED Viewed

@@ -0,0 +1,18 @@
+import { type SensitivityLevel } from "./policy.js";
+export interface RedactionManifest {
+    id: string;
+    sensitivityLevel: SensitivityLevel;
+    maskedFields: string[];
+    erasedFields: string[];
+    hashedFields: string[];
+    originalFieldCount: number;
+    redactedFieldCount: number;
+    createdAt: string;
+}
+export interface RedactionResult<T> {
+    redacted: T;
+    manifest: RedactionManifest;
+}
+export declare function redactEvent<T extends object>(event: T): RedactionResult<T>;
+export declare function createEmptyManifest(): RedactionManifest;
+export declare function mergeManifests(manifests: RedactionManifest[]): RedactionManifest;

package/runtime/observability/redaction/manifest.js ADDED Viewed

@@ -0,0 +1,109 @@
+import * as crypto from "crypto";
+export function redactEvent(event) {
+    const maskedFields = [];
+    const erasedFields = [];
+    const hashedFields = [];
+    const output = structuredClone(event);
+    function joinPath(basePath, key) {
+        return basePath.length > 0 ? `${basePath}.${key}` : key;
+    }
+    function processObject(target, basePath) {
+        for (const key of Object.keys(target)) {
+            const lowerKey = key.toLowerCase();
+            const value = target[key];
+            const fieldPath = joinPath(basePath, key);
+            if (lowerKey === "token" ||
+                lowerKey === "access_token" ||
+                lowerKey === "refresh_token" ||
+                lowerKey === "api_key" ||
+                lowerKey === "apisecret" ||
+                lowerKey === "secret" ||
+                lowerKey === "password" ||
+                lowerKey === "bearer_token" ||
+                lowerKey === "authorization" ||
+                lowerKey === "node_secret") {
+                target[key] = "[MASKED]";
+                maskedFields.push(fieldPath);
+                continue;
+            }
+            if (lowerKey === "full_message" ||
+                lowerKey === "full_post" ||
+                lowerKey === "private_message" ||
+                lowerKey === "prompt" ||
+                lowerKey === "system_prompt" ||
+                lowerKey === "completion" ||
+                lowerKey === "response_content") {
+                delete target[key];
+                erasedFields.push(fieldPath);
+                continue;
+            }
+            if (lowerKey === "content_hash" ||
+                lowerKey === "trace_id" ||
+                lowerKey === "user_id" ||
+                lowerKey === "session_id") {
+                if (typeof value === "string") {
+                    target[key] = crypto.createHash("sha256").update(value).digest("hex").slice(0, 16);
+                }
+                hashedFields.push(fieldPath);
+                continue;
+            }
+            if (value && typeof value === "object" && !Array.isArray(value)) {
+                processObject(value, fieldPath);
+            }
+        }
+    }
+    processObject(output, "");
+    const originalFieldCount = Object.keys(event).length;
+    const redactedFieldCount = Object.keys(output).length;
+    return {
+        redacted: output,
+        manifest: {
+            id: `rm:${Date.now()}:${crypto.randomBytes(4).toString("hex")}`,
+            sensitivityLevel: "internal",
+            maskedFields,
+            erasedFields,
+            hashedFields,
+            originalFieldCount,
+            redactedFieldCount,
+            createdAt: new Date().toISOString(),
+        },
+    };
+}
+export function createEmptyManifest() {
+    return {
+        id: `rm:${Date.now()}:empty`,
+        sensitivityLevel: "internal",
+        maskedFields: [],
+        erasedFields: [],
+        hashedFields: [],
+        originalFieldCount: 0,
+        redactedFieldCount: 0,
+        createdAt: new Date().toISOString(),
+    };
+}
+export function mergeManifests(manifests) {
+    const merged = {
+        id: `rm:${Date.now()}:merged`,
+        sensitivityLevel: "internal",
+        maskedFields: [],
+        erasedFields: [],
+        hashedFields: [],
+        originalFieldCount: 0,
+        redactedFieldCount: 0,
+        createdAt: new Date().toISOString(),
+    };
+    for (const m of manifests) {
+        merged.maskedFields.push(...m.maskedFields);
+        merged.erasedFields.push(...m.erasedFields);
+        merged.hashedFields.push(...m.hashedFields);
+        merged.originalFieldCount += m.originalFieldCount;
+        merged.redactedFieldCount += m.redactedFieldCount;
+        if (m.sensitivityLevel === "restricted") {
+            merged.sensitivityLevel = "restricted";
+        }
+        else if (m.sensitivityLevel === "confidential" && merged.sensitivityLevel !== "restricted") {
+            merged.sensitivityLevel = "confidential";
+        }
+    }
+    return merged;
+}

package/runtime/observability/redaction/policy.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+export declare const REDACTION_CONFIG: {
+    readonly maskedFieldNames: readonly ["token", "access_token", "refresh_token", "api_key", "apiSecret", "secret", "password", "bearer_token", "authorization", "node_secret"];
+    readonly eraseFieldNames: readonly ["full_message", "full_post", "private_message", "prompt", "system_prompt", "completion", "response_content"];
+    readonly hashFieldNames: readonly ["user_id", "session_id", "trace_id", "content_hash"];
+    readonly sensitivityLevels: readonly ["public", "internal", "confidential", "restricted"];
+};
+export type SensitivityLevel = (typeof REDACTION_CONFIG)["sensitivityLevels"][number];
+export interface RedactionRule {
+    fieldName: string;
+    action: "mask" | "erase" | "hash" | "keep";
+    pattern?: RegExp;
+}
+export interface RedactionPolicy {
+    defaultPolicy: RedactionRule[];
+    fieldOverrides: Record<string, RedactionRule[]>;
+    maxFieldLength: number;
+}
+export declare const DEFAULT_REDACTION_POLICY: RedactionPolicy;
+export declare function getFieldRedactionRule(fieldName: string, policy?: RedactionPolicy): RedactionRule;