@hesohq/sdk 0.1.2-dev.21

package/dist/delegation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"delegation.js","sourceRoot":"","sources":["../src/delegation.ts"],"names":[],"mappings":";AAAA,sDAAsD;AACtD,EAAE;AACF,iFAAiF;AACjF,0EAA0E;AAC1E,mFAAmF;AACnF,qFAAqF;AACrF,mFAAmF;AACnF,kFAAkF;AAClF,6EAA6E;AAC7E,aAAa;AACb,EAAE;AACF,qBAAqB;AACrB,8EAA8E;AAC9E,mDAAmD;AACnD,0DAA0D;AAC1D,oBAAoB;AACpB,4EAA4E;AAC5E,EAAE;AACF,6EAA6E;AAC7E,+EAA+E;AAC/E,8EAA8E;AAC9E,kFAAkF;AAClF,iDAAiD;;AAoGjD,wCA8BC;AA0BD,wDAcC;AAxKD,iFAAiF;AACjF,MAAM,yBAAyB,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAA;AAClF,MAAM,kBAAkB,GAAG,IAAI,CAAA;AAE/B,SAAS,KAAK,CAAC,CAAS;IACtB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAA;IAC7B,IAAI,CAAC,GAAG,CAAC,CAAA;IACT,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,GAAG,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,KAAK,CAAC,CAAA;QAC1B,CAAC,KAAK,EAAE,CAAA;IACV,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,SAAS,KAAK,CAAC,CAAS;IACtB,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,CAAC,CAAC,CAAA;IAC7B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAA;IAC1B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,GAAG,IAAI,CAAA;IAC1B,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAA;IACzB,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,CAAA;IACjB,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,SAAS,MAAM,CAAC,KAAmB;IACjC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAA;IACrD,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAA;IACjC,IAAI,GAAG,GAAG,CAAC,CAAA;IACX,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,CAAC,CAAA;QACf,GAAG,IAAI,CAAC,CAAC,MAAM,CAAA;IACjB,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,SAAS,QAAQ,CAAC,KAAiB;IACjC,IAAI,GAAG,GAAG,EAAE,CAAA;IACZ,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAA;IACpD,OAAO,OAAO,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;AACvF,CAAC;AAED,SAAS,OAAO,CAAC,GAAW;IAC1B,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,qCAAqC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAA;IAC5F,MAAM,GAAG,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE;QAAE,GAAG,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACvF,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,SAAS,YAAY,CAAC,UAA+B;IACnD,MAAM,GAAG,GAAG,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAA;IAC7E,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,wDAAwD,GAAG,CAAC,MAAM,EAAE,CAAC,CAAA;IAC5G,OAAO,GAAG,CAAA;AACZ,CAAC;AA0CD;;;;GAIG;AACI,KAAK,UAAU,cAAc,CAAC,KAAsB;IACzD,MAAM,UAAU,GAAG,YAAY,CAAC,KAAK,CAAC,UAAU,CAAC,CAAA;IACjD,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAA;IAC9G,IAAI,KAAK,CAAC,aAAa,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAA;IACzF,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACpD,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IAExD,+EAA+E;IAC/E,iDAAiD;IACjD,MAAM,MAAM,GAAG,MAAM,CAAC;QACpB,IAAI,UAAU,CAAC,CAAC,kBAAkB,CAAC,CAAC;QACpC,UAAU;QACV,KAAK,CAAC,KAAK;QACX,KAAK,CAAC,KAAK,CAAC,cAAc,CAAC;QAC3B,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC;QAC9B,KAAK,CAAC,aAAa;QACnB,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QACtB,QAAQ;QACR,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC;QACxB,UAAU;KACX,CAAC,CAAA;IAEF,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,yBAAyB,EAAE,MAAM,CAAC,CAAC,CAAC,CAAA;IACtF,IAAI,SAAS,CAAC,MAAM,KAAK,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,6CAA6C,SAAS,CAAC,MAAM,EAAE,CAAC,CAAA;IAE7G,MAAM,aAAa,GAAG,MAAM,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAA;IAC5E,OAAO,EAAE,WAAW,EAAE,QAAQ,CAAC,aAAa,CAAC,EAAE,aAAa,EAAE,oBAAoB,EAAE,KAAK,CAAC,MAAM,CAAC,YAAY,EAAE,CAAA;AACjH,CAAC;AAmBD;;;;;;GAMG;AACI,KAAK,UAAU,sBAAsB,CAAC,KAA0B;IACrE,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,IAAI,GAAG,CAAC,CAAA;IACxC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,CAAA;IACjD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,WAAW,EAAE,CAAA;IAC1C,OAAO,cAAc,CAAC;QACpB,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,KAAK;QACL,aAAa,EAAE,KAAK,CAAC,aAAa;QAClC,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,eAAe;QACjC,iBAAiB,EAAE,GAAG;QACtB,cAAc,EAAE,GAAG,GAAG,GAAG;QACzB,MAAM,EAAE,KAAK,CAAC,MAAM;KACrB,CAAC,CAAA;AACJ,CAAC;AAED,SAAS,WAAW;IAClB,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAA;IAC5B,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAA;IACpC,OAAO,CAAC,CAAA;AACV,CAAC"}

package/dist/gating.d.ts

@@ -0,0 +1,33 @@
+import type { ActionReceipt, TrustLevel, DecisionPath } from './types.js';
+export interface GateResult {
+    allowed: boolean;
+    trustLevel: TrustLevel | null;
+    verdict: string;
+}
+/**
+ * Verify a receipt JSON string or Buffer and return whether it should be allowed.
+ *
+ * `minTrust` is the REQUIRED trust floor, not a hint:
+ *  - 'L0' (default) accepts ANY valid receipt — including one that was never
+ *    escalated to a human. Use it for monitoring/observe-only callers; it does
+ *    NOT assert that a human approved an action a policy would have gated.
+ *  - 'L1' additionally requires a human approver co-signature (trustLevel 'L1').
+ *
+ * To enforce that a receipt's decision path matches what the call should have
+ * required, pair this with `isDecisionAllowed`.
+ */
+export declare function gate(receiptBytes: Buffer | string, minTrust?: TrustLevel): GateResult;
+/**
+ * Assert that the receipt is valid and meets the minimum trust level.
+ * Throws with a descriptive message if the gate fails.
+ */
+export declare function assertGate(receiptBytes: Buffer | string, minTrust?: TrustLevel): void;
+/**
+ * Return the short display hash for an action_hash hex string.
+ */
+export declare function shortHash(hex: string, prefix?: string): string;
+/**
+ * True if the receipt's decision_path matches one of the allowed paths.
+ */
+export declare function isDecisionAllowed(receipt: ActionReceipt, allowedPaths: DecisionPath[]): boolean;
+//# sourceMappingURL=gating.d.ts.map

package/dist/gating.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"gating.d.ts","sourceRoot":"","sources":["../src/gating.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAE,aAAa,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAMzE,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,UAAU,GAAG,IAAI,CAAA;IAC7B,OAAO,EAAE,MAAM,CAAA;CAChB;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,IAAI,CAClB,YAAY,EAAE,MAAM,GAAG,MAAM,EAC7B,QAAQ,GAAE,UAAiB,GAC1B,UAAU,CAYZ;AAED;;;GAGG;AACH,wBAAgB,UAAU,CACxB,YAAY,EAAE,MAAM,GAAG,MAAM,EAC7B,QAAQ,GAAE,UAAiB,GAC1B,IAAI,CAON;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,aAAa,EACtB,YAAY,EAAE,YAAY,EAAE,GAC3B,OAAO,CAET"}

package/dist/gating.js

@@ -0,0 +1,96 @@
+"use strict";
+// Gating helpers — thin wrappers over the native verify surface.
+//
+// This Node SDK binds to @hesohq/node via @hesohq/core's main entry (which
+// re-exports @hesohq/node). `core.verify` is the native addon's verify — it
+// takes the receipt bytes and returns an ActionVerdict with a camelCase
+// `trustLevel`. The isomorphic WASM verifier (@hesohq/core/browser ->
+// @hesohq/verify-wasm) is a DIFFERENT surface (`verifyActionReceipt`, snake_case
+// `trust_level`) and is not used here.
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.gate = gate;
+exports.assertGate = assertGate;
+exports.shortHash = shortHash;
+exports.isDecisionAllowed = isDecisionAllowed;
+// Import @hesohq/core statically — it's a hard dep and tree-shakers handle it.
+const core = __importStar(require("@hesohq/core"));
+/**
+ * Verify a receipt JSON string or Buffer and return whether it should be allowed.
+ *
+ * `minTrust` is the REQUIRED trust floor, not a hint:
+ *  - 'L0' (default) accepts ANY valid receipt — including one that was never
+ *    escalated to a human. Use it for monitoring/observe-only callers; it does
+ *    NOT assert that a human approved an action a policy would have gated.
+ *  - 'L1' additionally requires a human approver co-signature (trustLevel 'L1').
+ *
+ * To enforce that a receipt's decision path matches what the call should have
+ * required, pair this with `isDecisionAllowed`.
+ */
+function gate(receiptBytes, minTrust = 'L0') {
+    const result = core.verify(receiptBytes);
+    const verdictOk = result.verdict === 'Valid';
+    const trustOk = minTrust === 'L0'
+        ? (result.trustLevel === 'L0' || result.trustLevel === 'L1')
+        : result.trustLevel === 'L1';
+    return {
+        allowed: verdictOk && trustOk,
+        trustLevel: verdictOk ? result.trustLevel : null,
+        verdict: result.verdict,
+    };
+}
+/**
+ * Assert that the receipt is valid and meets the minimum trust level.
+ * Throws with a descriptive message if the gate fails.
+ */
+function assertGate(receiptBytes, minTrust = 'L0') {
+    const result = gate(receiptBytes, minTrust);
+    if (!result.allowed) {
+        throw new Error(`@hesohq/sdk: gate rejected receipt — verdict=${result.verdict} trustLevel=${result.trustLevel ?? 'none'} required=${minTrust}`);
+    }
+}
+/**
+ * Return the short display hash for an action_hash hex string.
+ */
+function shortHash(hex, prefix) {
+    return core.shortHash(hex, prefix ?? null);
+}
+/**
+ * True if the receipt's decision_path matches one of the allowed paths.
+ */
+function isDecisionAllowed(receipt, allowedPaths) {
+    return allowedPaths.includes(receipt.content.policy.decision_path);
+}
+//# sourceMappingURL=gating.js.map

package/dist/gating.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gating.js","sourceRoot":"","sources":["../src/gating.ts"],"names":[],"mappings":";AAAA,iEAAiE;AACjE,EAAE;AACF,2EAA2E;AAC3E,4EAA4E;AAC5E,wEAAwE;AACxE,sEAAsE;AACtE,iFAAiF;AACjF,uCAAuC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0BvC,oBAeC;AAMD,gCAUC;AAKD,8BAEC;AAKD,8CAKC;AArED,+EAA+E;AAC/E,mDAAoC;AAQpC;;;;;;;;;;;GAWG;AACH,SAAgB,IAAI,CAClB,YAA6B,EAC7B,WAAuB,IAAI;IAE3B,MAAM,MAAM,GAAkB,IAAI,CAAC,MAAM,CAAC,YAAsB,CAAC,CAAA;IACjE,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,KAAK,OAAO,CAAA;IAC5C,MAAM,OAAO,GAAG,QAAQ,KAAK,IAAI;QAC/B,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI,IAAI,MAAM,CAAC,UAAU,KAAK,IAAI,CAAC;QAC5D,CAAC,CAAC,MAAM,CAAC,UAAU,KAAK,IAAI,CAAA;IAE9B,OAAO;QACL,OAAO,EAAE,SAAS,IAAI,OAAO;QAC7B,UAAU,EAAE,SAAS,CAAC,CAAC,CAAE,MAAM,CAAC,UAAyB,CAAC,CAAC,CAAC,IAAI;QAChE,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,UAAU,CACxB,YAA6B,EAC7B,WAAuB,IAAI;IAE3B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAA;IAC3C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CACb,gDAAgD,MAAM,CAAC,OAAO,eAAe,MAAM,CAAC,UAAU,IAAI,MAAM,aAAa,QAAQ,EAAE,CAChI,CAAA;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,GAAW,EAAE,MAAe;IACpD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,MAAM,IAAI,IAAI,CAAC,CAAA;AAC5C,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAC/B,OAAsB,EACtB,YAA4B;IAE5B,OAAO,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,aAA6B,CAAC,CAAA;AACpF,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,19 @@
+export { configure } from './config.js';
+export type { HesoCoreConfig } from './config.js';
+export { init, currentConfig } from './runtime.js';
+export type { HesoRuntimeConfig, InitOptions } from './runtime.js';
+export { BlockedError, SuspendedError, BridgeError, ApprovalRejectedError, OperatorKeyMismatchError, finalizeL1, finalizeQuorum, } from './capture.js';
+export type { Outcome, Action, OutcomeKind, Surface, Fields, GateOptions, ReSuspendResult, } from './capture.js';
+export * as engine from './capture.js';
+export * as aiSdk from './adapters/ai-sdk.js';
+export * as mastra from './adapters/mastra.js';
+export { gate, assertGate, shortHash, isDecisionAllowed } from './gating.js';
+export type { GateResult } from './gating.js';
+export { pullPolicy, pushReceipt, pushReceipts, pollApproval, waitForApproval, getL1Parts, getQuorumParts, submitApprovalToken, } from './cloud.js';
+export type { PolicyPullResult, ReceiptPushResult, ApprovalView, ResolvedApproval, L1Parts, QuorumParts, QuorumLeg, SubmitTokenInput, } from './cloud.js';
+export { wrap } from './proxy.js';
+export type { WrapOptions } from './proxy.js';
+export { signDelegation, mintDelegationEnvelope } from './delegation.js';
+export type { OperatorSigner, DelegationInput, MintDelegationInput, SignedDelegation, } from './delegation.js';
+export type { Verb, DecisionPath, ApproverDecision, RedactionMode, TrustLevel, ConditionOp, SignatureKeyId, MatchedCondition, PolicyOutcome, ApproverRecord, RedactionMarker, RedactionRecord, ActionDetail, ActionContent, MultiApproval, SignatureEntry, ActionReceipt, VerdictState, Run, AuditEntry, AuditChain, FieldDiffEntry, ApprovalOutcome, Role, MemberStatus, Capability, RoutingTarget, ApprovalRouting, Approver, Approval, TrustRung, RoleMeta, Member, Eligibility, RuleSubject, RuleCondition, ApproverTarget, SentenceToken, PolicyRule, SimulationResult, StatCounter, } from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACvC,YAAY,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAGjD,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAClD,YAAY,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAA;AAElE,OAAO,EACL,YAAY,EACZ,cAAc,EACd,WAAW,EACX,qBAAqB,EACrB,wBAAwB,EACxB,UAAU,EACV,cAAc,GACf,MAAM,cAAc,CAAA;AACrB,YAAY,EACV,OAAO,EACP,MAAM,EACN,WAAW,EACX,OAAO,EACP,MAAM,EACN,WAAW,EACX,eAAe,GAChB,MAAM,cAAc,CAAA;AAKrB,OAAO,KAAK,MAAM,MAAM,cAAc,CAAA;AAItC,OAAO,KAAK,KAAK,MAAM,sBAAsB,CAAA;AAC7C,OAAO,KAAK,MAAM,MAAM,sBAAsB,CAAA;AAE9C,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAC5E,YAAY,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAE7C,OAAO,EACL,UAAU,EACV,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,UAAU,EACV,cAAc,EACd,mBAAmB,GACpB,MAAM,YAAY,CAAA;AACnB,YAAY,EACV,gBAAgB,EAChB,iBAAiB,EACjB,YAAY,EACZ,gBAAgB,EAChB,OAAO,EACP,WAAW,EACX,SAAS,EACT,gBAAgB,GACjB,MAAM,YAAY,CAAA;AAEnB,OAAO,EAAE,IAAI,EAAE,MAAM,YAAY,CAAA;AACjC,YAAY,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAI7C,OAAO,EAAE,cAAc,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAA;AACxE,YAAY,EACV,cAAc,EACd,eAAe,EACf,mBAAmB,EACnB,gBAAgB,GACjB,MAAM,iBAAiB,CAAA;AAGxB,YAAY,EACV,IAAI,EACJ,YAAY,EACZ,gBAAgB,EAChB,aAAa,EACb,UAAU,EACV,WAAW,EACX,cAAc,EACd,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,eAAe,EACf,eAAe,EACf,YAAY,EACZ,aAAa,EACb,aAAa,EACb,cAAc,EACd,aAAa,EACb,YAAY,EACZ,GAAG,EACH,UAAU,EACV,UAAU,EACV,cAAc,EACd,eAAe,EACf,IAAI,EACJ,YAAY,EACZ,UAAU,EACV,aAAa,EACb,eAAe,EACf,QAAQ,EACR,QAAQ,EACR,SAAS,EACT,QAAQ,EACR,MAAM,EACN,WAAW,EACX,WAAW,EACX,aAAa,EACb,cAAc,EACd,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,WAAW,GACZ,MAAM,YAAY,CAAA"}

package/dist/index.js

@@ -0,0 +1,87 @@
+"use strict";
+// @hesohq/sdk — HESO Enterprise SDK public surface.
+//
+// Zero crypto in TS: this Node SDK is bound to the native @hesohq/node addon —
+// verification via @hesohq/core (whose main entry re-exports @hesohq/node), and
+// in-process minting/gating via @hesohq/node directly (Node-only, loaded lazily).
+// The isomorphic WASM verifier is @hesohq/core/browser; this package is the
+// Node-only build and does not use it.
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.mintDelegationEnvelope = exports.signDelegation = exports.wrap = exports.submitApprovalToken = exports.getQuorumParts = exports.getL1Parts = exports.waitForApproval = exports.pollApproval = exports.pushReceipts = exports.pushReceipt = exports.pullPolicy = exports.isDecisionAllowed = exports.shortHash = exports.assertGate = exports.gate = exports.mastra = exports.aiSdk = exports.engine = exports.finalizeQuorum = exports.finalizeL1 = exports.OperatorKeyMismatchError = exports.ApprovalRejectedError = exports.BridgeError = exports.SuspendedError = exports.BlockedError = exports.currentConfig = exports.init = exports.configure = void 0;
+var config_js_1 = require("./config.js");
+Object.defineProperty(exports, "configure", { enumerable: true, get: function () { return config_js_1.configure; } });
+// Engine runtime + the in-process gate/mint core (Node-only).
+var runtime_js_1 = require("./runtime.js");
+Object.defineProperty(exports, "init", { enumerable: true, get: function () { return runtime_js_1.init; } });
+Object.defineProperty(exports, "currentConfig", { enumerable: true, get: function () { return runtime_js_1.currentConfig; } });
+var capture_js_1 = require("./capture.js");
+Object.defineProperty(exports, "BlockedError", { enumerable: true, get: function () { return capture_js_1.BlockedError; } });
+Object.defineProperty(exports, "SuspendedError", { enumerable: true, get: function () { return capture_js_1.SuspendedError; } });
+Object.defineProperty(exports, "BridgeError", { enumerable: true, get: function () { return capture_js_1.BridgeError; } });
+Object.defineProperty(exports, "ApprovalRejectedError", { enumerable: true, get: function () { return capture_js_1.ApprovalRejectedError; } });
+Object.defineProperty(exports, "OperatorKeyMismatchError", { enumerable: true, get: function () { return capture_js_1.OperatorKeyMismatchError; } });
+Object.defineProperty(exports, "finalizeL1", { enumerable: true, get: function () { return capture_js_1.finalizeL1; } });
+Object.defineProperty(exports, "finalizeQuorum", { enumerable: true, get: function () { return capture_js_1.finalizeQuorum; } });
+// The shared capture core — `engine.gate` / `engine.evaluate` / `engine.recordResult`.
+// Apply the one gate pattern to any framework; the framework adapters are thin
+// wrappers over it.
+exports.engine = __importStar(require("./capture.js"));
+// Framework drop-in adapters (Node-only). Namespaced to avoid colliding `gateTool`
+// names; also reachable via the `./adapters/*` subpath exports in package.json.
+exports.aiSdk = __importStar(require("./adapters/ai-sdk.js"));
+exports.mastra = __importStar(require("./adapters/mastra.js"));
+var gating_js_1 = require("./gating.js");
+Object.defineProperty(exports, "gate", { enumerable: true, get: function () { return gating_js_1.gate; } });
+Object.defineProperty(exports, "assertGate", { enumerable: true, get: function () { return gating_js_1.assertGate; } });
+Object.defineProperty(exports, "shortHash", { enumerable: true, get: function () { return gating_js_1.shortHash; } });
+Object.defineProperty(exports, "isDecisionAllowed", { enumerable: true, get: function () { return gating_js_1.isDecisionAllowed; } });
+var cloud_js_1 = require("./cloud.js");
+Object.defineProperty(exports, "pullPolicy", { enumerable: true, get: function () { return cloud_js_1.pullPolicy; } });
+Object.defineProperty(exports, "pushReceipt", { enumerable: true, get: function () { return cloud_js_1.pushReceipt; } });
+Object.defineProperty(exports, "pushReceipts", { enumerable: true, get: function () { return cloud_js_1.pushReceipts; } });
+Object.defineProperty(exports, "pollApproval", { enumerable: true, get: function () { return cloud_js_1.pollApproval; } });
+Object.defineProperty(exports, "waitForApproval", { enumerable: true, get: function () { return cloud_js_1.waitForApproval; } });
+Object.defineProperty(exports, "getL1Parts", { enumerable: true, get: function () { return cloud_js_1.getL1Parts; } });
+Object.defineProperty(exports, "getQuorumParts", { enumerable: true, get: function () { return cloud_js_1.getQuorumParts; } });
+Object.defineProperty(exports, "submitApprovalToken", { enumerable: true, get: function () { return cloud_js_1.submitApprovalToken; } });
+var proxy_js_1 = require("./proxy.js");
+Object.defineProperty(exports, "wrap", { enumerable: true, get: function () { return proxy_js_1.wrap; } });
+// Operator delegation-envelope minting (client-approval gates). Zero crypto in TS —
+// the caller injects an OperatorSigner; the wire is byte-pinned to the Rust core.
+var delegation_js_1 = require("./delegation.js");
+Object.defineProperty(exports, "signDelegation", { enumerable: true, get: function () { return delegation_js_1.signDelegation; } });
+Object.defineProperty(exports, "mintDelegationEnvelope", { enumerable: true, get: function () { return delegation_js_1.mintDelegationEnvelope; } });
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA,oDAAoD;AACpD,EAAE;AACF,+EAA+E;AAC/E,gFAAgF;AAChF,kFAAkF;AAClF,4EAA4E;AAC5E,uCAAuC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEvC,yCAAuC;AAA9B,sGAAA,SAAS,OAAA;AAGlB,8DAA8D;AAC9D,2CAAkD;AAAzC,kGAAA,IAAI,OAAA;AAAE,2GAAA,aAAa,OAAA;AAG5B,2CAQqB;AAPnB,0GAAA,YAAY,OAAA;AACZ,4GAAA,cAAc,OAAA;AACd,yGAAA,WAAW,OAAA;AACX,mHAAA,qBAAqB,OAAA;AACrB,sHAAA,wBAAwB,OAAA;AACxB,wGAAA,UAAU,OAAA;AACV,4GAAA,cAAc,OAAA;AAYhB,uFAAuF;AACvF,+EAA+E;AAC/E,oBAAoB;AACpB,uDAAsC;AAEtC,mFAAmF;AACnF,gFAAgF;AAChF,8DAA6C;AAC7C,+DAA8C;AAE9C,yCAA4E;AAAnE,iGAAA,IAAI,OAAA;AAAE,uGAAA,UAAU,OAAA;AAAE,sGAAA,SAAS,OAAA;AAAE,8GAAA,iBAAiB,OAAA;AAGvD,uCASmB;AARjB,sGAAA,UAAU,OAAA;AACV,uGAAA,WAAW,OAAA;AACX,wGAAA,YAAY,OAAA;AACZ,wGAAA,YAAY,OAAA;AACZ,2GAAA,eAAe,OAAA;AACf,sGAAA,UAAU,OAAA;AACV,0GAAA,cAAc,OAAA;AACd,+GAAA,mBAAmB,OAAA;AAarB,uCAAiC;AAAxB,gGAAA,IAAI,OAAA;AAGb,oFAAoF;AACpF,kFAAkF;AAClF,iDAAwE;AAA/D,+GAAA,cAAc,OAAA;AAAE,uHAAA,sBAAsB,OAAA"}

package/dist/proxy.d.ts

@@ -0,0 +1,30 @@
+import type { TrustLevel } from './types.js';
+export interface WrapOptions {
+    /** Minimum trust level required for each intercepted call. Default: 'L0'. */
+    minTrust?: TrustLevel;
+    /**
+     * Called when a receipt fails the gate check. Defaults to throwing an error.
+     * Return `true` to allow the call anyway (e.g. for monitoring-only mode).
+     */
+    onGateFail?: (method: string, verdict: string) => boolean | Promise<boolean>;
+    /**
+     * If provided, called with the raw receipt JSON after each successful call.
+     * Useful for shipping receipts to the outbox.
+     */
+    onReceipt?: (method: string, receiptJson: string) => void | Promise<void>;
+}
+/**
+ * Wrap an arbitrary client object with transparent HESO receipt verification.
+ *
+ * Every method call on the returned proxy:
+ * 1. Forwards arguments to the underlying method.
+ * 2. Checks whether the result carries a `__heso_receipt` field.
+ * 3. If it does, gates it (validity + `minTrust`) via the native verify surface
+ *    before returning the result.
+ *
+ * This is a best-effort pattern for clients that attach receipts to their
+ * response objects. For clients that return receipts out-of-band, use
+ * `gate()` / `assertGate()` directly.
+ */
+export declare function wrap<T extends object>(client: T, options?: WrapOptions): T;
+//# sourceMappingURL=proxy.d.ts.map

package/dist/proxy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"proxy.d.ts","sourceRoot":"","sources":["../src/proxy.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAA;AAE5C,MAAM,WAAW,WAAW;IAC1B,6EAA6E;IAC7E,QAAQ,CAAC,EAAE,UAAU,CAAA;IACrB;;;OAGG;IACH,UAAU,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;IAC5E;;;OAGG;IACH,SAAS,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;CAC1E;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,IAAI,CAAC,CAAC,SAAS,MAAM,EAAE,MAAM,EAAE,CAAC,EAAE,OAAO,GAAE,WAAgB,GAAG,CAAC,CAsC9E"}

package/dist/proxy.js

@@ -0,0 +1,59 @@
+"use strict";
+// Transparent proxy wrapper — wrap(client) returns a Proxy that intercepts
+// every method call, captures a receipt for each action, and gates it before
+// forwarding the result to the caller.
+//
+// Zero crypto in TS: verification runs through `gate()`, which binds to the
+// native @hesohq/node addon (via @hesohq/core's main entry) in this Node SDK.
+// `gate()` checks receipt VALIDITY against `minTrust`; with the default
+// minTrust='L0' it accepts any valid receipt and does NOT assert the receipt's
+// decision path — pass minTrust='L1' to require a human co-signature.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.wrap = wrap;
+const gating_js_1 = require("./gating.js");
+/**
+ * Wrap an arbitrary client object with transparent HESO receipt verification.
+ *
+ * Every method call on the returned proxy:
+ * 1. Forwards arguments to the underlying method.
+ * 2. Checks whether the result carries a `__heso_receipt` field.
+ * 3. If it does, gates it (validity + `minTrust`) via the native verify surface
+ *    before returning the result.
+ *
+ * This is a best-effort pattern for clients that attach receipts to their
+ * response objects. For clients that return receipts out-of-band, use
+ * `gate()` / `assertGate()` directly.
+ */
+function wrap(client, options = {}) {
+    const { minTrust = 'L0', onGateFail, onReceipt } = options;
+    return new Proxy(client, {
+        get(target, prop, receiver) {
+            const value = Reflect.get(target, prop, receiver);
+            if (typeof value !== 'function')
+                return value;
+            return async function (...args) {
+                // eslint-disable-next-line @typescript-eslint/no-explicit-any
+                const result = await value.apply(target, args);
+                // Look for a receipt attached to the result
+                if (result !== null && typeof result === 'object' && '__heso_receipt' in result) {
+                    const receiptJson = result.__heso_receipt;
+                    const gateResult = (0, gating_js_1.gate)(receiptJson, minTrust);
+                    if (onReceipt) {
+                        await Promise.resolve(onReceipt(String(prop), receiptJson));
+                    }
+                    if (!gateResult.allowed) {
+                        const allowAnyway = onGateFail
+                            ? await Promise.resolve(onGateFail(String(prop), gateResult.verdict))
+                            : false;
+                        if (!allowAnyway) {
+                            throw new Error(`@hesohq/sdk: gate rejected receipt on ${String(prop)} — ` +
+                                `verdict=${gateResult.verdict} trustLevel=${gateResult.trustLevel ?? 'none'}`);
+                        }
+                    }
+                }
+                return result;
+            };
+        },
+    });
+}
+//# sourceMappingURL=proxy.js.map

package/dist/proxy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"proxy.js","sourceRoot":"","sources":["../src/proxy.ts"],"names":[],"mappings":";AAAA,2EAA2E;AAC3E,6EAA6E;AAC7E,uCAAuC;AACvC,EAAE;AACF,4EAA4E;AAC5E,8EAA8E;AAC9E,wEAAwE;AACxE,+EAA+E;AAC/E,sEAAsE;;AAiCtE,oBAsCC;AArED,2CAAkC;AAkBlC;;;;;;;;;;;;GAYG;AACH,SAAgB,IAAI,CAAmB,MAAS,EAAE,UAAuB,EAAE;IACzE,MAAM,EAAE,QAAQ,GAAG,IAAI,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,OAAO,CAAA;IAE1D,OAAO,IAAI,KAAK,CAAC,MAAM,EAAE;QACvB,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ;YACxB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAA;YACjD,IAAI,OAAO,KAAK,KAAK,UAAU;gBAAE,OAAO,KAAK,CAAA;YAE7C,OAAO,KAAK,WAAW,GAAG,IAAe;gBACvC,8DAA8D;gBAC9D,MAAM,MAAM,GAAG,MAAO,KAA2C,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,CAAC,CAAA;gBAErF,4CAA4C;gBAC5C,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,gBAAgB,IAAI,MAAM,EAAE,CAAC;oBAChF,MAAM,WAAW,GAAG,MAAM,CAAC,cAAwB,CAAA;oBACnD,MAAM,UAAU,GAAG,IAAA,gBAAI,EAAC,WAAW,EAAE,QAAQ,CAAC,CAAA;oBAE9C,IAAI,SAAS,EAAE,CAAC;wBACd,MAAM,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC,CAAC,CAAA;oBAC7D,CAAC;oBAED,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;wBACxB,MAAM,WAAW,GAAG,UAAU;4BAC5B,CAAC,CAAC,MAAM,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;4BACrE,CAAC,CAAC,KAAK,CAAA;wBACT,IAAI,CAAC,WAAW,EAAE,CAAC;4BACjB,MAAM,IAAI,KAAK,CACb,yCAAyC,MAAM,CAAC,IAAI,CAAC,KAAK;gCAC1D,WAAW,UAAU,CAAC,OAAO,eAAe,UAAU,CAAC,UAAU,IAAI,MAAM,EAAE,CAC9E,CAAA;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,MAAM,CAAA;YACf,CAAC,CAAA;QACH,CAAC;KACF,CAAC,CAAA;AACJ,CAAC"}

package/dist/runtime.d.ts

@@ -0,0 +1,30 @@
+export interface HesoRuntimeConfig {
+    /** Directory holding `heso.toml` and `heso-local-data/` (operator key, audit log). */
+    projectRoot: string;
+    /** Default workflow id stamped on actions (and the default chain session). */
+    workflow: string;
+    /** Default account/tenant stamped on actions. */
+    account: string;
+    /** RFC-3339 instant pinned into every action for reproducible runs, or null. */
+    clockOverride: string | null;
+    /** When true (default) a blocked/suspended action throws; false = observe-only. */
+    blocking: boolean;
+}
+export interface InitOptions {
+    projectRoot?: string;
+    workflow?: string;
+    account?: string;
+    clockOverride?: string;
+    blocking?: boolean;
+}
+/**
+ * Resolve and install the engine runtime config, returning it. Call once at
+ * startup before gating an action. Re-calling replaces the active config (cheap,
+ * intended — e.g. for tests).
+ */
+export declare function init(options?: InitOptions): HesoRuntimeConfig;
+/** The active engine config, or null before {@link init}. */
+export declare function currentConfig(): HesoRuntimeConfig | null;
+/** The active engine config, or throw if {@link init} has not run. */
+export declare function requireConfig(): HesoRuntimeConfig;
+//# sourceMappingURL=runtime.d.ts.map

package/dist/runtime.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"runtime.d.ts","sourceRoot":"","sources":["../src/runtime.ts"],"names":[],"mappings":"AAYA,MAAM,WAAW,iBAAiB;IAChC,sFAAsF;IACtF,WAAW,EAAE,MAAM,CAAA;IACnB,8EAA8E;IAC9E,QAAQ,EAAE,MAAM,CAAA;IAChB,iDAAiD;IACjD,OAAO,EAAE,MAAM,CAAA;IACf,gFAAgF;IAChF,aAAa,EAAE,MAAM,GAAG,IAAI,CAAA;IAC5B,mFAAmF;IACnF,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,QAAQ,CAAC,EAAE,OAAO,CAAA;CACnB;AAID;;;;GAIG;AACH,wBAAgB,IAAI,CAAC,OAAO,GAAE,WAAgB,GAAG,iBAAiB,CAUjE;AAED,6DAA6D;AAC7D,wBAAgB,aAAa,IAAI,iBAAiB,GAAG,IAAI,CAExD;AAED,sEAAsE;AACtE,wBAAgB,aAAa,IAAI,iBAAiB,CAKjD"}

package/dist/runtime.js

@@ -0,0 +1,70 @@
+"use strict";
+// Engine runtime config — the in-process gate/mint counterpart to the cloud
+// `configure()`. Resolves the project root (the dir holding `heso.toml` and
+// `heso-local-data/`: operator key, audit log, chains), the default
+// workflow/account stamped on every action, an optional pinned clock, and the
+// blocking/observe-only switch. Mirrors the Python SDK's `heso.init` / `Config`.
+//
+// Resolution order for every setting: explicit option > environment > discovery >
+// built-in default.
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.init = init;
+exports.currentConfig = currentConfig;
+exports.requireConfig = requireConfig;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+let _runtime = null;
+/**
+ * Resolve and install the engine runtime config, returning it. Call once at
+ * startup before gating an action. Re-calling replaces the active config (cheap,
+ * intended — e.g. for tests).
+ */
+function init(options = {}) {
+    const config = {
+        projectRoot: resolveProjectRoot(options.projectRoot),
+        workflow: options.workflow ?? process.env.HESO_WORKFLOW ?? 'default',
+        account: options.account ?? process.env.HESO_ACCOUNT ?? 'default',
+        clockOverride: options.clockOverride ?? process.env.HESO_CLOCK ?? null,
+        blocking: options.blocking ?? resolveBlocking(),
+    };
+    _runtime = config;
+    return config;
+}
+/** The active engine config, or null before {@link init}. */
+function currentConfig() {
+    return _runtime;
+}
+/** The active engine config, or throw if {@link init} has not run. */
+function requireConfig() {
+    if (_runtime === null) {
+        throw new Error('@hesohq/sdk: call init() before gating an action');
+    }
+    return _runtime;
+}
+/** Read `HESO_BLOCKING` (off/false/0/no ⇒ observe-only). Unset ⇒ enforce. */
+function resolveBlocking() {
+    const raw = process.env.HESO_BLOCKING;
+    if (raw === undefined)
+        return true;
+    const v = raw.trim().toLowerCase();
+    return !(v === '0' || v === 'false' || v === 'no' || v === 'off');
+}
+/** Find the dir owning `heso.toml`: explicit > $HESO_PROJECT_ROOT > nearest ancestor > cwd. */
+function resolveProjectRoot(explicit) {
+    if (explicit !== undefined)
+        return (0, node_path_1.resolve)(explicit);
+    const env = process.env.HESO_PROJECT_ROOT;
+    if (env)
+        return (0, node_path_1.resolve)(env);
+    let dir = process.cwd();
+    for (;;) {
+        if ((0, node_fs_1.existsSync)((0, node_path_1.resolve)(dir, 'heso.toml')))
+            return dir;
+        const parent = (0, node_path_1.dirname)(dir);
+        if (parent === dir)
+            break;
+        dir = parent;
+    }
+    return process.cwd();
+}
+//# sourceMappingURL=runtime.js.map

package/dist/runtime.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"runtime.js","sourceRoot":"","sources":["../src/runtime.ts"],"names":[],"mappings":";AAAA,4EAA4E;AAC5E,4EAA4E;AAC5E,oEAAoE;AACpE,8EAA8E;AAC9E,iFAAiF;AACjF,EAAE;AACF,kFAAkF;AAClF,oBAAoB;;AAiCpB,oBAUC;AAGD,sCAEC;AAGD,sCAKC;AAtDD,qCAAoC;AACpC,yCAA4C;AAuB5C,IAAI,QAAQ,GAA6B,IAAI,CAAA;AAE7C;;;;GAIG;AACH,SAAgB,IAAI,CAAC,UAAuB,EAAE;IAC5C,MAAM,MAAM,GAAsB;QAChC,WAAW,EAAE,kBAAkB,CAAC,OAAO,CAAC,WAAW,CAAC;QACpD,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,SAAS;QACpE,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,SAAS;QACjE,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,IAAI;QACtE,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,eAAe,EAAE;KAChD,CAAA;IACD,QAAQ,GAAG,MAAM,CAAA;IACjB,OAAO,MAAM,CAAA;AACf,CAAC;AAED,6DAA6D;AAC7D,SAAgB,aAAa;IAC3B,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED,sEAAsE;AACtE,SAAgB,aAAa;IAC3B,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAA;IACrE,CAAC;IACD,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED,6EAA6E;AAC7E,SAAS,eAAe;IACtB,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAA;IACrC,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,IAAI,CAAA;IAClC,MAAM,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;IAClC,OAAO,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,KAAK,CAAC,CAAA;AACnE,CAAC;AAED,+FAA+F;AAC/F,SAAS,kBAAkB,CAAC,QAAiB;IAC3C,IAAI,QAAQ,KAAK,SAAS;QAAE,OAAO,IAAA,mBAAO,EAAC,QAAQ,CAAC,CAAA;IACpD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAA;IACzC,IAAI,GAAG;QAAE,OAAO,IAAA,mBAAO,EAAC,GAAG,CAAC,CAAA;IAC5B,IAAI,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAA;IACvB,SAAS,CAAC;QACR,IAAI,IAAA,oBAAU,EAAC,IAAA,mBAAO,EAAC,GAAG,EAAE,WAAW,CAAC,CAAC;YAAE,OAAO,GAAG,CAAA;QACrD,MAAM,MAAM,GAAG,IAAA,mBAAO,EAAC,GAAG,CAAC,CAAA;QAC3B,IAAI,MAAM,KAAK,GAAG;YAAE,MAAK;QACzB,GAAG,GAAG,MAAM,CAAA;IACd,CAAC;IACD,OAAO,OAAO,CAAC,GAAG,EAAE,CAAA;AACtB,CAAC"}