@handlebar/governance-schema 0.0.6-dev.6 → 0.0.6-dev.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/audit/events.base.d.ts +1 -5
- package/dist/audit/events.d.ts +29 -194
- package/dist/audit/events.llm.d.ts +7 -11
- package/dist/audit/events.tools.d.ts +162 -0
- package/dist/audit/governance-actions.d.ts +22 -0
- package/dist/audit/index.d.ts +2 -0
- package/dist/index.d.ts +4 -3
- package/dist/index.js +70 -51
- package/dist/rules/index.d.ts +1 -1
- package/dist/rules/metrics.d.ts +3 -1
- package/dist/rules/signals.d.ts +3 -4
- package/dist/rules/time.d.ts +1 -1
- package/package.json +1 -1
|
@@ -5,11 +5,7 @@ export declare const AuditEnvelopeSchema: z.ZodObject<{
|
|
|
5
5
|
runId: z.ZodString;
|
|
6
6
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
7
7
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
8
|
-
|
|
9
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
10
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
11
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
12
|
-
}, z.core.$strip>>;
|
|
8
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
13
9
|
otel: z.ZodOptional<z.ZodObject<{
|
|
14
10
|
traceId: z.ZodOptional<z.ZodString>;
|
|
15
11
|
spanId: z.ZodOptional<z.ZodString>;
|
package/dist/audit/events.d.ts
CHANGED
|
@@ -5,11 +5,7 @@ export declare const RunStartedEventSchema: z.ZodObject<{
|
|
|
5
5
|
runId: z.ZodString;
|
|
6
6
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
7
7
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
8
|
-
|
|
9
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
10
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
11
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
12
|
-
}, z.core.$strip>>;
|
|
8
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
13
9
|
otel: z.ZodOptional<z.ZodObject<{
|
|
14
10
|
traceId: z.ZodOptional<z.ZodString>;
|
|
15
11
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -67,163 +63,13 @@ export declare const RunStartedEventSchema: z.ZodObject<{
|
|
|
67
63
|
}, z.core.$strip>>;
|
|
68
64
|
}, z.core.$strip>;
|
|
69
65
|
}, z.core.$strip>;
|
|
70
|
-
export declare const HitlMetaSchema: z.ZodObject<{
|
|
71
|
-
hitlActionId: z.ZodOptional<z.ZodString>;
|
|
72
|
-
fingerprint: z.ZodOptional<z.ZodString>;
|
|
73
|
-
status: z.ZodOptional<z.ZodEnum<{
|
|
74
|
-
none: "none";
|
|
75
|
-
pending: "pending";
|
|
76
|
-
approved: "approved";
|
|
77
|
-
denied: "denied";
|
|
78
|
-
}>>;
|
|
79
|
-
}, z.core.$strip>;
|
|
80
|
-
export declare const ToolDecisionEventSchema: z.ZodObject<{
|
|
81
|
-
schema: z.ZodLiteral<"handlebar.audit.v1">;
|
|
82
|
-
ts: z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodDate>;
|
|
83
|
-
runId: z.ZodString;
|
|
84
|
-
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
85
|
-
decisionId: z.ZodOptional<z.ZodString>;
|
|
86
|
-
user: z.ZodOptional<z.ZodObject<{
|
|
87
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
88
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
89
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
90
|
-
}, z.core.$strip>>;
|
|
91
|
-
otel: z.ZodOptional<z.ZodObject<{
|
|
92
|
-
traceId: z.ZodOptional<z.ZodString>;
|
|
93
|
-
spanId: z.ZodOptional<z.ZodString>;
|
|
94
|
-
}, z.core.$strip>>;
|
|
95
|
-
sample: z.ZodOptional<z.ZodObject<{
|
|
96
|
-
rate: z.ZodOptional<z.ZodNumber>;
|
|
97
|
-
reason: z.ZodOptional<z.ZodString>;
|
|
98
|
-
}, z.core.$strip>>;
|
|
99
|
-
redaction: z.ZodOptional<z.ZodObject<{
|
|
100
|
-
level: z.ZodOptional<z.ZodEnum<{
|
|
101
|
-
none: "none";
|
|
102
|
-
partial: "partial";
|
|
103
|
-
strict: "strict";
|
|
104
|
-
}>>;
|
|
105
|
-
}, z.core.$strip>>;
|
|
106
|
-
kind: z.ZodLiteral<"tool.decision">;
|
|
107
|
-
data: z.ZodObject<{
|
|
108
|
-
effect: z.ZodCustom<import("./governance-actions").GovernanceEffect, import("./governance-actions").GovernanceEffect>;
|
|
109
|
-
code: z.ZodCustom<import("./governance-actions").GovernanceCode, import("./governance-actions").GovernanceCode>;
|
|
110
|
-
matchedRuleIds: z.ZodArray<z.ZodString>;
|
|
111
|
-
appliedActions: z.ZodArray<z.ZodObject<{
|
|
112
|
-
type: z.ZodCustom<"allow" | "block" | "hitl" | "notify" | "log", "allow" | "block" | "hitl" | "notify" | "log">;
|
|
113
|
-
ruleId: z.ZodString;
|
|
114
|
-
}, z.core.$strip>>;
|
|
115
|
-
reason: z.ZodOptional<z.ZodString>;
|
|
116
|
-
tool: z.ZodObject<{
|
|
117
|
-
name: z.ZodString;
|
|
118
|
-
categories: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
119
|
-
}, z.core.$strip>;
|
|
120
|
-
args: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
121
|
-
argsMeta: z.ZodOptional<z.ZodObject<{
|
|
122
|
-
redacted: z.ZodBoolean;
|
|
123
|
-
redactedFields: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
124
|
-
sizeBytesApprox: z.ZodOptional<z.ZodNumber>;
|
|
125
|
-
}, z.core.$strip>>;
|
|
126
|
-
hitl: z.ZodOptional<z.ZodObject<{
|
|
127
|
-
hitlActionId: z.ZodOptional<z.ZodString>;
|
|
128
|
-
fingerprint: z.ZodOptional<z.ZodString>;
|
|
129
|
-
status: z.ZodOptional<z.ZodEnum<{
|
|
130
|
-
none: "none";
|
|
131
|
-
pending: "pending";
|
|
132
|
-
approved: "approved";
|
|
133
|
-
denied: "denied";
|
|
134
|
-
}>>;
|
|
135
|
-
}, z.core.$strip>>;
|
|
136
|
-
counters: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>>;
|
|
137
|
-
latencyMs: z.ZodOptional<z.ZodNumber>;
|
|
138
|
-
}, z.core.$strip>;
|
|
139
|
-
}, z.core.$strip>;
|
|
140
|
-
export declare const ToolResultEventSchema: z.ZodObject<{
|
|
141
|
-
schema: z.ZodLiteral<"handlebar.audit.v1">;
|
|
142
|
-
ts: z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodDate>;
|
|
143
|
-
runId: z.ZodString;
|
|
144
|
-
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
145
|
-
decisionId: z.ZodOptional<z.ZodString>;
|
|
146
|
-
user: z.ZodOptional<z.ZodObject<{
|
|
147
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
148
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
149
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
150
|
-
}, z.core.$strip>>;
|
|
151
|
-
otel: z.ZodOptional<z.ZodObject<{
|
|
152
|
-
traceId: z.ZodOptional<z.ZodString>;
|
|
153
|
-
spanId: z.ZodOptional<z.ZodString>;
|
|
154
|
-
}, z.core.$strip>>;
|
|
155
|
-
sample: z.ZodOptional<z.ZodObject<{
|
|
156
|
-
rate: z.ZodOptional<z.ZodNumber>;
|
|
157
|
-
reason: z.ZodOptional<z.ZodString>;
|
|
158
|
-
}, z.core.$strip>>;
|
|
159
|
-
redaction: z.ZodOptional<z.ZodObject<{
|
|
160
|
-
level: z.ZodOptional<z.ZodEnum<{
|
|
161
|
-
none: "none";
|
|
162
|
-
partial: "partial";
|
|
163
|
-
strict: "strict";
|
|
164
|
-
}>>;
|
|
165
|
-
}, z.core.$strip>>;
|
|
166
|
-
kind: z.ZodLiteral<"tool.result">;
|
|
167
|
-
data: z.ZodObject<{
|
|
168
|
-
tool: z.ZodObject<{
|
|
169
|
-
name: z.ZodString;
|
|
170
|
-
categories: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
171
|
-
}, z.core.$strip>;
|
|
172
|
-
hitl: z.ZodOptional<z.ZodObject<{
|
|
173
|
-
hitlActionId: z.ZodOptional<z.ZodString>;
|
|
174
|
-
fingerprint: z.ZodOptional<z.ZodString>;
|
|
175
|
-
status: z.ZodOptional<z.ZodEnum<{
|
|
176
|
-
none: "none";
|
|
177
|
-
pending: "pending";
|
|
178
|
-
approved: "approved";
|
|
179
|
-
denied: "denied";
|
|
180
|
-
}>>;
|
|
181
|
-
}, z.core.$strip>>;
|
|
182
|
-
outcome: z.ZodEnum<{
|
|
183
|
-
success: "success";
|
|
184
|
-
error: "error";
|
|
185
|
-
}>;
|
|
186
|
-
durationMs: z.ZodOptional<z.ZodNumber>;
|
|
187
|
-
counters: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>>;
|
|
188
|
-
metrics: z.ZodOptional<z.ZodObject<{
|
|
189
|
-
inbuilt: z.ZodRecord<z.ZodEnum<{
|
|
190
|
-
bytes_in: "bytes_in";
|
|
191
|
-
bytes_out: "bytes_out";
|
|
192
|
-
duration_ms: "duration_ms";
|
|
193
|
-
records_in: "records_in";
|
|
194
|
-
records_out: "records_out";
|
|
195
|
-
}> & z.core.$partial, z.ZodObject<{
|
|
196
|
-
value: z.ZodNumber;
|
|
197
|
-
unit: z.ZodOptional<z.ZodString>;
|
|
198
|
-
}, z.core.$strip>>;
|
|
199
|
-
custom: z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
200
|
-
value: z.ZodNumber;
|
|
201
|
-
unit: z.ZodOptional<z.ZodString>;
|
|
202
|
-
}, z.core.$strip>>;
|
|
203
|
-
}, z.core.$strip>>;
|
|
204
|
-
error: z.ZodOptional<z.ZodObject<{
|
|
205
|
-
name: z.ZodOptional<z.ZodString>;
|
|
206
|
-
message: z.ZodOptional<z.ZodString>;
|
|
207
|
-
stack: z.ZodOptional<z.ZodString>;
|
|
208
|
-
}, z.core.$strip>>;
|
|
209
|
-
resultMeta: z.ZodOptional<z.ZodObject<{
|
|
210
|
-
redacted: z.ZodBoolean;
|
|
211
|
-
redactedFields: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
212
|
-
sizeBytesApprox: z.ZodOptional<z.ZodNumber>;
|
|
213
|
-
}, z.core.$strip>>;
|
|
214
|
-
}, z.core.$strip>;
|
|
215
|
-
}, z.core.$strip>;
|
|
216
66
|
export declare const RunEndedEventSchema: z.ZodObject<{
|
|
217
67
|
schema: z.ZodLiteral<"handlebar.audit.v1">;
|
|
218
68
|
ts: z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodDate>;
|
|
219
69
|
runId: z.ZodString;
|
|
220
70
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
221
71
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
222
|
-
|
|
223
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
224
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
225
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
226
|
-
}, z.core.$strip>>;
|
|
72
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
227
73
|
otel: z.ZodOptional<z.ZodObject<{
|
|
228
74
|
traceId: z.ZodOptional<z.ZodString>;
|
|
229
75
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -257,11 +103,7 @@ export declare const ErrorEventSchema: z.ZodObject<{
|
|
|
257
103
|
runId: z.ZodString;
|
|
258
104
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
259
105
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
260
|
-
|
|
261
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
262
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
263
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
264
|
-
}, z.core.$strip>>;
|
|
106
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
265
107
|
otel: z.ZodOptional<z.ZodObject<{
|
|
266
108
|
traceId: z.ZodOptional<z.ZodString>;
|
|
267
109
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -296,11 +138,7 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
296
138
|
runId: z.ZodString;
|
|
297
139
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
298
140
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
299
|
-
|
|
300
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
301
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
302
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
303
|
-
}, z.core.$strip>>;
|
|
141
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
304
142
|
otel: z.ZodOptional<z.ZodObject<{
|
|
305
143
|
traceId: z.ZodOptional<z.ZodString>;
|
|
306
144
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -363,11 +201,7 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
363
201
|
runId: z.ZodString;
|
|
364
202
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
365
203
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
366
|
-
|
|
367
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
368
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
369
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
370
|
-
}, z.core.$strip>>;
|
|
204
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
371
205
|
otel: z.ZodOptional<z.ZodObject<{
|
|
372
206
|
traceId: z.ZodOptional<z.ZodString>;
|
|
373
207
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -389,7 +223,7 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
389
223
|
code: z.ZodCustom<import("./governance-actions").GovernanceCode, import("./governance-actions").GovernanceCode>;
|
|
390
224
|
matchedRuleIds: z.ZodArray<z.ZodString>;
|
|
391
225
|
appliedActions: z.ZodArray<z.ZodObject<{
|
|
392
|
-
type: z.ZodCustom<"allow" | "
|
|
226
|
+
type: z.ZodCustom<"allow" | "hitl" | "block" | "notify" | "log", "allow" | "hitl" | "block" | "notify" | "log">;
|
|
393
227
|
ruleId: z.ZodString;
|
|
394
228
|
}, z.core.$strip>>;
|
|
395
229
|
reason: z.ZodOptional<z.ZodString>;
|
|
@@ -413,6 +247,23 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
413
247
|
denied: "denied";
|
|
414
248
|
}>>;
|
|
415
249
|
}, z.core.$strip>>;
|
|
250
|
+
subjects: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
251
|
+
subjectType: z.ZodString;
|
|
252
|
+
role: z.ZodOptional<z.ZodString>;
|
|
253
|
+
value: z.ZodString;
|
|
254
|
+
idSystem: z.ZodOptional<z.ZodString>;
|
|
255
|
+
}, z.core.$strip>>>;
|
|
256
|
+
signals: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
257
|
+
key: z.ZodString;
|
|
258
|
+
args: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
259
|
+
result: z.ZodUnion<readonly [z.ZodObject<{
|
|
260
|
+
ok: z.ZodLiteral<false>;
|
|
261
|
+
error: z.ZodOptional<z.ZodString>;
|
|
262
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
263
|
+
ok: z.ZodLiteral<true>;
|
|
264
|
+
value: z.ZodString;
|
|
265
|
+
}, z.core.$strip>]>;
|
|
266
|
+
}, z.core.$strip>>>;
|
|
416
267
|
counters: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>>;
|
|
417
268
|
latencyMs: z.ZodOptional<z.ZodNumber>;
|
|
418
269
|
}, z.core.$strip>;
|
|
@@ -422,11 +273,7 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
422
273
|
runId: z.ZodString;
|
|
423
274
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
424
275
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
425
|
-
|
|
426
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
427
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
428
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
429
|
-
}, z.core.$strip>>;
|
|
276
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
430
277
|
otel: z.ZodOptional<z.ZodObject<{
|
|
431
278
|
traceId: z.ZodOptional<z.ZodString>;
|
|
432
279
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -497,11 +344,7 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
497
344
|
runId: z.ZodString;
|
|
498
345
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
499
346
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
500
|
-
|
|
501
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
502
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
503
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
504
|
-
}, z.core.$strip>>;
|
|
347
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
505
348
|
otel: z.ZodOptional<z.ZodObject<{
|
|
506
349
|
traceId: z.ZodOptional<z.ZodString>;
|
|
507
350
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -534,11 +377,7 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
534
377
|
runId: z.ZodString;
|
|
535
378
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
536
379
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
537
|
-
|
|
538
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
539
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
540
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
541
|
-
}, z.core.$strip>>;
|
|
380
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
542
381
|
otel: z.ZodOptional<z.ZodObject<{
|
|
543
382
|
traceId: z.ZodOptional<z.ZodString>;
|
|
544
383
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -572,11 +411,7 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
572
411
|
runId: z.ZodString;
|
|
573
412
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
574
413
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
575
|
-
|
|
576
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
577
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
578
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
579
|
-
}, z.core.$strip>>;
|
|
414
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
580
415
|
otel: z.ZodOptional<z.ZodObject<{
|
|
581
416
|
traceId: z.ZodOptional<z.ZodString>;
|
|
582
417
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -596,11 +431,11 @@ export declare const AuditEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
|
|
|
596
431
|
data: z.ZodObject<{
|
|
597
432
|
messageId: z.ZodUUID;
|
|
598
433
|
role: z.ZodEnum<{
|
|
599
|
-
|
|
434
|
+
tool: "tool";
|
|
600
435
|
system: "system";
|
|
601
436
|
developer: "developer";
|
|
437
|
+
user: "user";
|
|
602
438
|
assistant: "assistant";
|
|
603
|
-
tool: "tool";
|
|
604
439
|
}>;
|
|
605
440
|
kind: z.ZodEnum<{
|
|
606
441
|
output: "output";
|
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
2
|
export declare const MessageRoleSchema: z.ZodEnum<{
|
|
3
|
-
|
|
3
|
+
tool: "tool";
|
|
4
4
|
system: "system";
|
|
5
5
|
developer: "developer";
|
|
6
|
+
user: "user";
|
|
6
7
|
assistant: "assistant";
|
|
7
|
-
tool: "tool";
|
|
8
8
|
}>;
|
|
9
9
|
/**
|
|
10
10
|
* Message "kind" is about how it appears in an agent flow.
|
|
@@ -29,11 +29,11 @@ export declare const MessageKindSchema: z.ZodEnum<{
|
|
|
29
29
|
export declare const MessageSchema: z.ZodObject<{
|
|
30
30
|
messageId: z.ZodUUID;
|
|
31
31
|
role: z.ZodEnum<{
|
|
32
|
-
|
|
32
|
+
tool: "tool";
|
|
33
33
|
system: "system";
|
|
34
34
|
developer: "developer";
|
|
35
|
+
user: "user";
|
|
35
36
|
assistant: "assistant";
|
|
36
|
-
tool: "tool";
|
|
37
37
|
}>;
|
|
38
38
|
kind: z.ZodEnum<{
|
|
39
39
|
output: "output";
|
|
@@ -57,11 +57,7 @@ export declare const MessageEventSchema: z.ZodObject<{
|
|
|
57
57
|
runId: z.ZodString;
|
|
58
58
|
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
59
59
|
decisionId: z.ZodOptional<z.ZodString>;
|
|
60
|
-
|
|
61
|
-
userId: z.ZodOptional<z.ZodString>;
|
|
62
|
-
userCategory: z.ZodOptional<z.ZodString>;
|
|
63
|
-
sessionId: z.ZodOptional<z.ZodString>;
|
|
64
|
-
}, z.core.$strip>>;
|
|
60
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
65
61
|
otel: z.ZodOptional<z.ZodObject<{
|
|
66
62
|
traceId: z.ZodOptional<z.ZodString>;
|
|
67
63
|
spanId: z.ZodOptional<z.ZodString>;
|
|
@@ -81,11 +77,11 @@ export declare const MessageEventSchema: z.ZodObject<{
|
|
|
81
77
|
data: z.ZodObject<{
|
|
82
78
|
messageId: z.ZodUUID;
|
|
83
79
|
role: z.ZodEnum<{
|
|
84
|
-
|
|
80
|
+
tool: "tool";
|
|
85
81
|
system: "system";
|
|
86
82
|
developer: "developer";
|
|
83
|
+
user: "user";
|
|
87
84
|
assistant: "assistant";
|
|
88
|
-
tool: "tool";
|
|
89
85
|
}>;
|
|
90
86
|
kind: z.ZodEnum<{
|
|
91
87
|
output: "output";
|
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
import z from "zod";
|
|
2
|
+
export declare const SubjectSchema: z.ZodObject<{
|
|
3
|
+
subjectType: z.ZodString;
|
|
4
|
+
role: z.ZodOptional<z.ZodString>;
|
|
5
|
+
value: z.ZodString;
|
|
6
|
+
idSystem: z.ZodOptional<z.ZodString>;
|
|
7
|
+
}, z.core.$strip>;
|
|
8
|
+
export declare const HitlMetaSchema: z.ZodObject<{
|
|
9
|
+
hitlActionId: z.ZodOptional<z.ZodString>;
|
|
10
|
+
fingerprint: z.ZodOptional<z.ZodString>;
|
|
11
|
+
status: z.ZodOptional<z.ZodEnum<{
|
|
12
|
+
none: "none";
|
|
13
|
+
pending: "pending";
|
|
14
|
+
approved: "approved";
|
|
15
|
+
denied: "denied";
|
|
16
|
+
}>>;
|
|
17
|
+
}, z.core.$strip>;
|
|
18
|
+
export declare const ToolDecisionEventSchema: z.ZodObject<{
|
|
19
|
+
schema: z.ZodLiteral<"handlebar.audit.v1">;
|
|
20
|
+
ts: z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodDate>;
|
|
21
|
+
runId: z.ZodString;
|
|
22
|
+
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
23
|
+
decisionId: z.ZodOptional<z.ZodString>;
|
|
24
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
25
|
+
otel: z.ZodOptional<z.ZodObject<{
|
|
26
|
+
traceId: z.ZodOptional<z.ZodString>;
|
|
27
|
+
spanId: z.ZodOptional<z.ZodString>;
|
|
28
|
+
}, z.core.$strip>>;
|
|
29
|
+
sample: z.ZodOptional<z.ZodObject<{
|
|
30
|
+
rate: z.ZodOptional<z.ZodNumber>;
|
|
31
|
+
reason: z.ZodOptional<z.ZodString>;
|
|
32
|
+
}, z.core.$strip>>;
|
|
33
|
+
redaction: z.ZodOptional<z.ZodObject<{
|
|
34
|
+
level: z.ZodOptional<z.ZodEnum<{
|
|
35
|
+
none: "none";
|
|
36
|
+
partial: "partial";
|
|
37
|
+
strict: "strict";
|
|
38
|
+
}>>;
|
|
39
|
+
}, z.core.$strip>>;
|
|
40
|
+
kind: z.ZodLiteral<"tool.decision">;
|
|
41
|
+
data: z.ZodObject<{
|
|
42
|
+
effect: z.ZodCustom<import("./governance-actions").GovernanceEffect, import("./governance-actions").GovernanceEffect>;
|
|
43
|
+
code: z.ZodCustom<import("./governance-actions").GovernanceCode, import("./governance-actions").GovernanceCode>;
|
|
44
|
+
matchedRuleIds: z.ZodArray<z.ZodString>;
|
|
45
|
+
appliedActions: z.ZodArray<z.ZodObject<{
|
|
46
|
+
type: z.ZodCustom<"allow" | "hitl" | "block" | "notify" | "log", "allow" | "hitl" | "block" | "notify" | "log">;
|
|
47
|
+
ruleId: z.ZodString;
|
|
48
|
+
}, z.core.$strip>>;
|
|
49
|
+
reason: z.ZodOptional<z.ZodString>;
|
|
50
|
+
tool: z.ZodObject<{
|
|
51
|
+
name: z.ZodString;
|
|
52
|
+
categories: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
53
|
+
}, z.core.$strip>;
|
|
54
|
+
args: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
55
|
+
argsMeta: z.ZodOptional<z.ZodObject<{
|
|
56
|
+
redacted: z.ZodBoolean;
|
|
57
|
+
redactedFields: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
58
|
+
sizeBytesApprox: z.ZodOptional<z.ZodNumber>;
|
|
59
|
+
}, z.core.$strip>>;
|
|
60
|
+
hitl: z.ZodOptional<z.ZodObject<{
|
|
61
|
+
hitlActionId: z.ZodOptional<z.ZodString>;
|
|
62
|
+
fingerprint: z.ZodOptional<z.ZodString>;
|
|
63
|
+
status: z.ZodOptional<z.ZodEnum<{
|
|
64
|
+
none: "none";
|
|
65
|
+
pending: "pending";
|
|
66
|
+
approved: "approved";
|
|
67
|
+
denied: "denied";
|
|
68
|
+
}>>;
|
|
69
|
+
}, z.core.$strip>>;
|
|
70
|
+
subjects: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
71
|
+
subjectType: z.ZodString;
|
|
72
|
+
role: z.ZodOptional<z.ZodString>;
|
|
73
|
+
value: z.ZodString;
|
|
74
|
+
idSystem: z.ZodOptional<z.ZodString>;
|
|
75
|
+
}, z.core.$strip>>>;
|
|
76
|
+
signals: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
77
|
+
key: z.ZodString;
|
|
78
|
+
args: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
79
|
+
result: z.ZodUnion<readonly [z.ZodObject<{
|
|
80
|
+
ok: z.ZodLiteral<false>;
|
|
81
|
+
error: z.ZodOptional<z.ZodString>;
|
|
82
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
83
|
+
ok: z.ZodLiteral<true>;
|
|
84
|
+
value: z.ZodString;
|
|
85
|
+
}, z.core.$strip>]>;
|
|
86
|
+
}, z.core.$strip>>>;
|
|
87
|
+
counters: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>>;
|
|
88
|
+
latencyMs: z.ZodOptional<z.ZodNumber>;
|
|
89
|
+
}, z.core.$strip>;
|
|
90
|
+
}, z.core.$strip>;
|
|
91
|
+
export declare const ToolResultEventSchema: z.ZodObject<{
|
|
92
|
+
schema: z.ZodLiteral<"handlebar.audit.v1">;
|
|
93
|
+
ts: z.ZodPipe<z.ZodTransform<unknown, unknown>, z.ZodDate>;
|
|
94
|
+
runId: z.ZodString;
|
|
95
|
+
stepIndex: z.ZodOptional<z.ZodNumber>;
|
|
96
|
+
decisionId: z.ZodOptional<z.ZodString>;
|
|
97
|
+
enduserExternalId: z.ZodOptional<z.ZodString>;
|
|
98
|
+
otel: z.ZodOptional<z.ZodObject<{
|
|
99
|
+
traceId: z.ZodOptional<z.ZodString>;
|
|
100
|
+
spanId: z.ZodOptional<z.ZodString>;
|
|
101
|
+
}, z.core.$strip>>;
|
|
102
|
+
sample: z.ZodOptional<z.ZodObject<{
|
|
103
|
+
rate: z.ZodOptional<z.ZodNumber>;
|
|
104
|
+
reason: z.ZodOptional<z.ZodString>;
|
|
105
|
+
}, z.core.$strip>>;
|
|
106
|
+
redaction: z.ZodOptional<z.ZodObject<{
|
|
107
|
+
level: z.ZodOptional<z.ZodEnum<{
|
|
108
|
+
none: "none";
|
|
109
|
+
partial: "partial";
|
|
110
|
+
strict: "strict";
|
|
111
|
+
}>>;
|
|
112
|
+
}, z.core.$strip>>;
|
|
113
|
+
kind: z.ZodLiteral<"tool.result">;
|
|
114
|
+
data: z.ZodObject<{
|
|
115
|
+
tool: z.ZodObject<{
|
|
116
|
+
name: z.ZodString;
|
|
117
|
+
categories: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
118
|
+
}, z.core.$strip>;
|
|
119
|
+
hitl: z.ZodOptional<z.ZodObject<{
|
|
120
|
+
hitlActionId: z.ZodOptional<z.ZodString>;
|
|
121
|
+
fingerprint: z.ZodOptional<z.ZodString>;
|
|
122
|
+
status: z.ZodOptional<z.ZodEnum<{
|
|
123
|
+
none: "none";
|
|
124
|
+
pending: "pending";
|
|
125
|
+
approved: "approved";
|
|
126
|
+
denied: "denied";
|
|
127
|
+
}>>;
|
|
128
|
+
}, z.core.$strip>>;
|
|
129
|
+
outcome: z.ZodEnum<{
|
|
130
|
+
success: "success";
|
|
131
|
+
error: "error";
|
|
132
|
+
}>;
|
|
133
|
+
durationMs: z.ZodOptional<z.ZodNumber>;
|
|
134
|
+
counters: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodNumber]>>>;
|
|
135
|
+
metrics: z.ZodOptional<z.ZodObject<{
|
|
136
|
+
inbuilt: z.ZodRecord<z.ZodEnum<{
|
|
137
|
+
bytes_in: "bytes_in";
|
|
138
|
+
bytes_out: "bytes_out";
|
|
139
|
+
duration_ms: "duration_ms";
|
|
140
|
+
records_in: "records_in";
|
|
141
|
+
records_out: "records_out";
|
|
142
|
+
}> & z.core.$partial, z.ZodObject<{
|
|
143
|
+
value: z.ZodNumber;
|
|
144
|
+
unit: z.ZodOptional<z.ZodString>;
|
|
145
|
+
}, z.core.$strip>>;
|
|
146
|
+
custom: z.ZodRecord<z.ZodString, z.ZodObject<{
|
|
147
|
+
value: z.ZodNumber;
|
|
148
|
+
unit: z.ZodOptional<z.ZodString>;
|
|
149
|
+
}, z.core.$strip>>;
|
|
150
|
+
}, z.core.$strip>>;
|
|
151
|
+
error: z.ZodOptional<z.ZodObject<{
|
|
152
|
+
name: z.ZodOptional<z.ZodString>;
|
|
153
|
+
message: z.ZodOptional<z.ZodString>;
|
|
154
|
+
stack: z.ZodOptional<z.ZodString>;
|
|
155
|
+
}, z.core.$strip>>;
|
|
156
|
+
resultMeta: z.ZodOptional<z.ZodObject<{
|
|
157
|
+
redacted: z.ZodBoolean;
|
|
158
|
+
redactedFields: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
159
|
+
sizeBytesApprox: z.ZodOptional<z.ZodNumber>;
|
|
160
|
+
}, z.core.$strip>>;
|
|
161
|
+
}, z.core.$strip>;
|
|
162
|
+
}, z.core.$strip>;
|
|
@@ -1,4 +1,15 @@
|
|
|
1
1
|
import { z } from "zod";
|
|
2
|
+
export declare const SignalSchema: z.ZodObject<{
|
|
3
|
+
key: z.ZodString;
|
|
4
|
+
args: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
5
|
+
result: z.ZodUnion<readonly [z.ZodObject<{
|
|
6
|
+
ok: z.ZodLiteral<false>;
|
|
7
|
+
error: z.ZodOptional<z.ZodString>;
|
|
8
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
9
|
+
ok: z.ZodLiteral<true>;
|
|
10
|
+
value: z.ZodString;
|
|
11
|
+
}, z.core.$strip>]>;
|
|
12
|
+
}, z.core.$strip>;
|
|
2
13
|
/**
|
|
3
14
|
* "hitl" effect specifically denote human-in-the-loop interventions.
|
|
4
15
|
* Flow blocking/approval as a result of a decided hitl intervention should have the corresponding effect.
|
|
@@ -19,6 +30,17 @@ export declare const GovernanceDecisionSchema: z.ZodObject<{
|
|
|
19
30
|
ruleId: z.ZodString;
|
|
20
31
|
}, z.core.$strip>>;
|
|
21
32
|
reason: z.ZodOptional<z.ZodString>;
|
|
33
|
+
signals: z.ZodOptional<z.ZodArray<z.ZodObject<{
|
|
34
|
+
key: z.ZodString;
|
|
35
|
+
args: z.ZodOptional<z.ZodArray<z.ZodString>>;
|
|
36
|
+
result: z.ZodUnion<readonly [z.ZodObject<{
|
|
37
|
+
ok: z.ZodLiteral<false>;
|
|
38
|
+
error: z.ZodOptional<z.ZodString>;
|
|
39
|
+
}, z.core.$strip>, z.ZodObject<{
|
|
40
|
+
ok: z.ZodLiteral<true>;
|
|
41
|
+
value: z.ZodString;
|
|
42
|
+
}, z.core.$strip>]>;
|
|
43
|
+
}, z.core.$strip>>>;
|
|
22
44
|
}, z.core.$strip>;
|
|
23
45
|
export type GovernanceDecision = z.infer<typeof GovernanceDecisionSchema>;
|
|
24
46
|
export type AppliedAction = z.infer<typeof AppliedActionSchema>;
|
package/dist/audit/index.d.ts
CHANGED
package/dist/index.d.ts
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
|
+
export type { EndUserConfig, EndUserGroupConfig } from "./enduser.types";
|
|
2
|
+
export * from "./rules";
|
|
1
3
|
export * from "./audit/events";
|
|
2
4
|
export * from "./audit/events.base";
|
|
3
5
|
export * from "./audit/events.llm";
|
|
4
|
-
export * from "./audit/
|
|
6
|
+
export * from "./audit/events.tools";
|
|
5
7
|
export * from "./audit/governance-actions";
|
|
6
|
-
export
|
|
7
|
-
export * from "./rules";
|
|
8
|
+
export * from "./audit/run-metrics";
|
package/dist/index.js
CHANGED
|
@@ -8,7 +8,6 @@ var __export = (target, all) => {
|
|
|
8
8
|
set: (newValue) => all[name] = () => newValue
|
|
9
9
|
});
|
|
10
10
|
};
|
|
11
|
-
|
|
12
11
|
// node_modules/zod/v4/classic/external.js
|
|
13
12
|
var exports_external = {};
|
|
14
13
|
__export(exports_external, {
|
|
@@ -12574,6 +12573,9 @@ function date4(params) {
|
|
|
12574
12573
|
|
|
12575
12574
|
// node_modules/zod/v4/classic/external.js
|
|
12576
12575
|
config(en_default());
|
|
12576
|
+
// node_modules/zod/index.js
|
|
12577
|
+
var zod_default = exports_external;
|
|
12578
|
+
|
|
12577
12579
|
// src/enduser.types.ts
|
|
12578
12580
|
var EndUserConfigSchema = exports_external.object({
|
|
12579
12581
|
externalId: exports_external.string(),
|
|
@@ -12597,11 +12599,7 @@ var AuditEnvelopeSchema = exports_external.object({
|
|
|
12597
12599
|
runId: exports_external.string(),
|
|
12598
12600
|
stepIndex: exports_external.number().min(0).optional(),
|
|
12599
12601
|
decisionId: exports_external.string().optional(),
|
|
12600
|
-
|
|
12601
|
-
userId: exports_external.string().optional(),
|
|
12602
|
-
userCategory: exports_external.string().optional(),
|
|
12603
|
-
sessionId: exports_external.string().optional()
|
|
12604
|
-
}).optional(),
|
|
12602
|
+
enduserExternalId: exports_external.string().optional(),
|
|
12605
12603
|
otel: exports_external.object({
|
|
12606
12604
|
traceId: exports_external.string().optional(),
|
|
12607
12605
|
spanId: exports_external.string().optional()
|
|
@@ -12649,6 +12647,14 @@ var MessageEventSchema = AuditEnvelopeSchema.extend({
|
|
|
12649
12647
|
});
|
|
12650
12648
|
|
|
12651
12649
|
// src/audit/governance-actions.ts
|
|
12650
|
+
var SignalSchema = exports_external.object({
|
|
12651
|
+
key: exports_external.string().max(256),
|
|
12652
|
+
args: exports_external.array(exports_external.string().max(256)).max(100).optional(),
|
|
12653
|
+
result: exports_external.union([
|
|
12654
|
+
exports_external.object({ ok: exports_external.literal(false), error: exports_external.string().optional() }),
|
|
12655
|
+
exports_external.object({ ok: exports_external.literal(true), value: exports_external.string().max(256) })
|
|
12656
|
+
])
|
|
12657
|
+
});
|
|
12652
12658
|
var AppliedActionSchema = exports_external.object({
|
|
12653
12659
|
type: exports_external.custom(),
|
|
12654
12660
|
ruleId: exports_external.string()
|
|
@@ -12658,7 +12664,8 @@ var GovernanceDecisionSchema = exports_external.object({
|
|
|
12658
12664
|
code: exports_external.custom(),
|
|
12659
12665
|
matchedRuleIds: exports_external.array(exports_external.string()),
|
|
12660
12666
|
appliedActions: exports_external.array(AppliedActionSchema),
|
|
12661
|
-
reason: exports_external.optional(exports_external.string())
|
|
12667
|
+
reason: exports_external.optional(exports_external.string()),
|
|
12668
|
+
signals: exports_external.array(SignalSchema).max(100).optional()
|
|
12662
12669
|
});
|
|
12663
12670
|
|
|
12664
12671
|
// src/audit/run-metrics.ts
|
|
@@ -12675,13 +12682,61 @@ var AgentMetrics = exports_external.object({
|
|
|
12675
12682
|
custom: CustomAgentMetrics
|
|
12676
12683
|
});
|
|
12677
12684
|
|
|
12678
|
-
// src/audit/events.ts
|
|
12679
|
-
var CountersSchema =
|
|
12680
|
-
var ToolMetaSchema =
|
|
12681
|
-
redacted:
|
|
12682
|
-
redactedFields:
|
|
12683
|
-
sizeBytesApprox:
|
|
12685
|
+
// src/audit/events.tools.ts
|
|
12686
|
+
var CountersSchema = zod_default.record(zod_default.string(), zod_default.union([zod_default.string(), zod_default.number()]));
|
|
12687
|
+
var ToolMetaSchema = zod_default.object({
|
|
12688
|
+
redacted: zod_default.boolean(),
|
|
12689
|
+
redactedFields: zod_default.array(zod_default.string()).optional(),
|
|
12690
|
+
sizeBytesApprox: zod_default.number().min(0).optional()
|
|
12691
|
+
});
|
|
12692
|
+
var ToolIdentitySchema = zod_default.object({
|
|
12693
|
+
name: zod_default.string(),
|
|
12694
|
+
categories: zod_default.array(zod_default.string()).optional()
|
|
12695
|
+
});
|
|
12696
|
+
var ToolArgsSchema = zod_default.record(zod_default.string(), zod_default.unknown());
|
|
12697
|
+
var SubjectSchema = zod_default.object({
|
|
12698
|
+
subjectType: zod_default.string().max(256),
|
|
12699
|
+
role: zod_default.string().max(256).optional(),
|
|
12700
|
+
value: zod_default.string().max(256),
|
|
12701
|
+
idSystem: zod_default.string().max(256).optional()
|
|
12702
|
+
});
|
|
12703
|
+
var HitlMetaSchema = zod_default.object({
|
|
12704
|
+
hitlActionId: zod_default.string().optional(),
|
|
12705
|
+
fingerprint: zod_default.string().optional(),
|
|
12706
|
+
status: zod_default.enum(["none", "pending", "approved", "denied"]).optional()
|
|
12707
|
+
});
|
|
12708
|
+
var ToolDecisionEventSchema = AuditEnvelopeSchema.extend({
|
|
12709
|
+
kind: zod_default.literal("tool.decision"),
|
|
12710
|
+
data: GovernanceDecisionSchema.extend({
|
|
12711
|
+
tool: ToolIdentitySchema,
|
|
12712
|
+
args: ToolArgsSchema.optional(),
|
|
12713
|
+
argsMeta: ToolMetaSchema.optional(),
|
|
12714
|
+
hitl: HitlMetaSchema.optional(),
|
|
12715
|
+
subjects: zod_default.array(SubjectSchema).max(100).optional(),
|
|
12716
|
+
signals: zod_default.array(SignalSchema).max(100).optional(),
|
|
12717
|
+
counters: CountersSchema.optional(),
|
|
12718
|
+
latencyMs: zod_default.number().min(0).optional()
|
|
12719
|
+
})
|
|
12720
|
+
});
|
|
12721
|
+
var ToolResultEventSchema = AuditEnvelopeSchema.extend({
|
|
12722
|
+
kind: zod_default.literal("tool.result"),
|
|
12723
|
+
data: zod_default.object({
|
|
12724
|
+
tool: ToolIdentitySchema,
|
|
12725
|
+
hitl: HitlMetaSchema.optional(),
|
|
12726
|
+
outcome: zod_default.enum(["success", "error"]),
|
|
12727
|
+
durationMs: zod_default.number().min(0).optional(),
|
|
12728
|
+
counters: CountersSchema.optional(),
|
|
12729
|
+
metrics: AgentMetrics.optional(),
|
|
12730
|
+
error: zod_default.object({
|
|
12731
|
+
name: zod_default.string().optional(),
|
|
12732
|
+
message: zod_default.string().optional(),
|
|
12733
|
+
stack: zod_default.string().optional()
|
|
12734
|
+
}).optional(),
|
|
12735
|
+
resultMeta: ToolMetaSchema.optional()
|
|
12736
|
+
})
|
|
12684
12737
|
});
|
|
12738
|
+
|
|
12739
|
+
// src/audit/events.ts
|
|
12685
12740
|
var RunStartedEventSchema = AuditEnvelopeSchema.extend({
|
|
12686
12741
|
kind: exports_external.literal("run.started"),
|
|
12687
12742
|
data: exports_external.object({
|
|
@@ -12714,44 +12769,6 @@ var RunStartedEventSchema = AuditEnvelopeSchema.extend({
|
|
|
12714
12769
|
}).optional()
|
|
12715
12770
|
})
|
|
12716
12771
|
});
|
|
12717
|
-
var ToolIdentitySchema = exports_external.object({
|
|
12718
|
-
name: exports_external.string(),
|
|
12719
|
-
categories: exports_external.array(exports_external.string()).optional()
|
|
12720
|
-
});
|
|
12721
|
-
var ToolArgsSchema = exports_external.record(exports_external.string(), exports_external.unknown());
|
|
12722
|
-
var HitlMetaSchema = exports_external.object({
|
|
12723
|
-
hitlActionId: exports_external.string().optional(),
|
|
12724
|
-
fingerprint: exports_external.string().optional(),
|
|
12725
|
-
status: exports_external.enum(["none", "pending", "approved", "denied"]).optional()
|
|
12726
|
-
});
|
|
12727
|
-
var ToolDecisionEventSchema = AuditEnvelopeSchema.extend({
|
|
12728
|
-
kind: exports_external.literal("tool.decision"),
|
|
12729
|
-
data: GovernanceDecisionSchema.extend({
|
|
12730
|
-
tool: ToolIdentitySchema,
|
|
12731
|
-
args: ToolArgsSchema.optional(),
|
|
12732
|
-
argsMeta: ToolMetaSchema.optional(),
|
|
12733
|
-
hitl: HitlMetaSchema.optional(),
|
|
12734
|
-
counters: CountersSchema.optional(),
|
|
12735
|
-
latencyMs: exports_external.number().min(0).optional()
|
|
12736
|
-
})
|
|
12737
|
-
});
|
|
12738
|
-
var ToolResultEventSchema = AuditEnvelopeSchema.extend({
|
|
12739
|
-
kind: exports_external.literal("tool.result"),
|
|
12740
|
-
data: exports_external.object({
|
|
12741
|
-
tool: ToolIdentitySchema,
|
|
12742
|
-
hitl: HitlMetaSchema.optional(),
|
|
12743
|
-
outcome: exports_external.enum(["success", "error"]),
|
|
12744
|
-
durationMs: exports_external.number().min(0).optional(),
|
|
12745
|
-
counters: CountersSchema.optional(),
|
|
12746
|
-
metrics: AgentMetrics.optional(),
|
|
12747
|
-
error: exports_external.object({
|
|
12748
|
-
name: exports_external.string().optional(),
|
|
12749
|
-
message: exports_external.string().optional(),
|
|
12750
|
-
stack: exports_external.string().optional()
|
|
12751
|
-
}).optional(),
|
|
12752
|
-
resultMeta: ToolMetaSchema.optional()
|
|
12753
|
-
})
|
|
12754
|
-
});
|
|
12755
12772
|
var RunEndedEventSchema = AuditEnvelopeSchema.extend({
|
|
12756
12773
|
kind: exports_external.literal("run.ended"),
|
|
12757
12774
|
data: exports_external.object({
|
|
@@ -12781,6 +12798,8 @@ var AuditEventSchema = exports_external.discriminatedUnion("kind", [
|
|
|
12781
12798
|
export {
|
|
12782
12799
|
ToolResultEventSchema,
|
|
12783
12800
|
ToolDecisionEventSchema,
|
|
12801
|
+
SubjectSchema,
|
|
12802
|
+
SignalSchema,
|
|
12784
12803
|
RunStartedEventSchema,
|
|
12785
12804
|
RunEndedEventSchema,
|
|
12786
12805
|
MessageSchema,
|
package/dist/rules/index.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
export type { RuleCondition } from "./condition";
|
|
2
2
|
export type { RulePhase, RuleSelector, Rule } from "./rule";
|
|
3
3
|
export type { RuleEffect, RuleEffectKind } from "./effects";
|
|
4
|
-
export type { RequireSubjectCondition, SignalCondition } from "./signals";
|
|
4
|
+
export type { RequireSubjectCondition, SignalCondition, SignalBinding } from "./signals";
|
|
5
5
|
export type { TimeGateCondition, ExecutionTimeCondition, ExecutionTimeScope } from "./time";
|
|
6
6
|
export type { MetricWindowCondition } from "./metrics";
|
|
7
7
|
export type { CustomFunctionCondition } from "./custom";
|
package/dist/rules/metrics.d.ts
CHANGED
|
@@ -1,8 +1,10 @@
|
|
|
1
|
+
import type { z } from "zod";
|
|
2
|
+
import type { InbuiltAgentMetricKind } from "../audit/run-metrics";
|
|
1
3
|
import type { Glob } from "./common";
|
|
2
4
|
import type { RuleEffectKind } from "./effects";
|
|
3
5
|
type MetricRef = {
|
|
4
6
|
kind: "inbuilt";
|
|
5
|
-
key:
|
|
7
|
+
key: z.infer<typeof InbuiltAgentMetricKind>;
|
|
6
8
|
} | {
|
|
7
9
|
kind: "custom";
|
|
8
10
|
key: string;
|
package/dist/rules/signals.d.ts
CHANGED
|
@@ -11,10 +11,10 @@ export type RequireSubjectCondition = {
|
|
|
11
11
|
subjectType: string;
|
|
12
12
|
idSystem?: string;
|
|
13
13
|
};
|
|
14
|
-
type SignalBinding = {
|
|
15
|
-
from: "
|
|
14
|
+
export type SignalBinding = {
|
|
15
|
+
from: "enduserId";
|
|
16
16
|
} | {
|
|
17
|
-
from: "
|
|
17
|
+
from: "enduserTag";
|
|
18
18
|
tag: string;
|
|
19
19
|
} | {
|
|
20
20
|
from: "toolName";
|
|
@@ -41,4 +41,3 @@ export type SignalCondition = {
|
|
|
41
41
|
value: JSONValue;
|
|
42
42
|
onMissing?: RuleEffectKind;
|
|
43
43
|
};
|
|
44
|
-
export {};
|
package/dist/rules/time.d.ts
CHANGED