npm - @hiro-c/agent-gate - Versions diffs - 1.0.0 - Mend

@hiro-c/agent-gate 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (154) hide show

package/AGENTS.md +76 -0
package/LICENSE +21 -0
package/README.md +205 -0
package/dist/adapters/Adapter.d.ts +32 -0
package/dist/adapters/Adapter.d.ts.map +1 -0
package/dist/adapters/Adapter.js +2 -0
package/dist/adapters/claude-code/adapter.d.ts +3 -0
package/dist/adapters/claude-code/adapter.d.ts.map +1 -0
package/dist/adapters/claude-code/adapter.js +45 -0
package/dist/adapters/claude-code/transcript.d.ts +16 -0
package/dist/adapters/claude-code/transcript.d.ts.map +1 -0
package/dist/adapters/claude-code/transcript.js +104 -0
package/dist/adapters/cursor/adapter.d.ts +3 -0
package/dist/adapters/cursor/adapter.d.ts.map +1 -0
package/dist/adapters/cursor/adapter.js +89 -0
package/dist/adapters/index.d.ts +8 -0
package/dist/adapters/index.d.ts.map +1 -0
package/dist/adapters/index.js +20 -0
package/dist/cli/agent-gate.d.ts +13 -0
package/dist/cli/agent-gate.d.ts.map +1 -0
package/dist/cli/agent-gate.js +226 -0
package/dist/cli/installer.d.ts +21 -0
package/dist/cli/installer.d.ts.map +1 -0
package/dist/cli/installer.js +71 -0
package/dist/collector/collectClaudeMd.d.ts +3 -0
package/dist/collector/collectClaudeMd.d.ts.map +1 -0
package/dist/collector/collectClaudeMd.js +87 -0
package/dist/collector/collectRuleSources.d.ts +3 -0
package/dist/collector/collectRuleSources.d.ts.map +1 -0
package/dist/collector/collectRuleSources.js +151 -0
package/dist/config/AgentGateConfig.d.ts +18 -0
package/dist/config/AgentGateConfig.d.ts.map +1 -0
package/dist/config/AgentGateConfig.js +34 -0
package/dist/config/Config.d.ts +26 -0
package/dist/config/Config.d.ts.map +1 -0
package/dist/config/Config.js +25 -0
package/dist/config/PluginConfigLoader.d.ts +3 -0
package/dist/config/PluginConfigLoader.d.ts.map +1 -0
package/dist/config/PluginConfigLoader.js +85 -0
package/dist/config/defineConfig.d.ts +23 -0
package/dist/config/defineConfig.d.ts.map +1 -0
package/dist/config/defineConfig.js +10 -0
package/dist/contracts/schemas/hookDataSchema.d.ts +7 -0
package/dist/contracts/schemas/hookDataSchema.d.ts.map +1 -0
package/dist/contracts/schemas/hookDataSchema.js +9 -0
package/dist/contracts/types/Action.d.ts +23 -0
package/dist/contracts/types/Action.d.ts.map +1 -0
package/dist/contracts/types/Action.js +2 -0
package/dist/contracts/types/ClaudeMdFile.d.ts +5 -0
package/dist/contracts/types/ClaudeMdFile.d.ts.map +1 -0
package/dist/contracts/types/ClaudeMdFile.js +2 -0
package/dist/contracts/types/HookData.d.ts +6 -0
package/dist/contracts/types/HookData.d.ts.map +1 -0
package/dist/contracts/types/HookData.js +2 -0
package/dist/contracts/types/ModelClient.d.ts +4 -0
package/dist/contracts/types/ModelClient.d.ts.map +1 -0
package/dist/contracts/types/ModelClient.js +2 -0
package/dist/contracts/types/RuleSource.d.ts +7 -0
package/dist/contracts/types/RuleSource.d.ts.map +1 -0
package/dist/contracts/types/RuleSource.js +2 -0
package/dist/contracts/types/SessionContext.d.ts +25 -0
package/dist/contracts/types/SessionContext.d.ts.map +1 -0
package/dist/contracts/types/SessionContext.js +2 -0
package/dist/contracts/types/ValidationResult.d.ts +5 -0
package/dist/contracts/types/ValidationResult.d.ts.map +1 -0
package/dist/contracts/types/ValidationResult.js +2 -0
package/dist/daemon/client.d.ts +17 -0
package/dist/daemon/client.d.ts.map +1 -0
package/dist/daemon/client.js +59 -0
package/dist/daemon/protocol.d.ts +17 -0
package/dist/daemon/protocol.d.ts.map +1 -0
package/dist/daemon/protocol.js +8 -0
package/dist/daemon/server.d.ts +27 -0
package/dist/daemon/server.d.ts.map +1 -0
package/dist/daemon/server.js +100 -0
package/dist/deterministic/defaultRules.d.ts +11 -0
package/dist/deterministic/defaultRules.d.ts.map +1 -0
package/dist/deterministic/defaultRules.js +33 -0
package/dist/deterministic/engine.d.ts +11 -0
package/dist/deterministic/engine.d.ts.map +1 -0
package/dist/deterministic/engine.js +12 -0
package/dist/deterministic/factories.d.ts +20 -0
package/dist/deterministic/factories.d.ts.map +1 -0
package/dist/deterministic/factories.js +56 -0
package/dist/deterministic/rules/preventBashSecretWrite.d.ts +3 -0
package/dist/deterministic/rules/preventBashSecretWrite.d.ts.map +1 -0
package/dist/deterministic/rules/preventBashSecretWrite.js +75 -0
package/dist/deterministic/rules/preventForcePushMain.d.ts +7 -0
package/dist/deterministic/rules/preventForcePushMain.d.ts.map +1 -0
package/dist/deterministic/rules/preventForcePushMain.js +85 -0
package/dist/deterministic/rules/preventRmRfRoot.d.ts +3 -0
package/dist/deterministic/rules/preventRmRfRoot.d.ts.map +1 -0
package/dist/deterministic/rules/preventRmRfRoot.js +68 -0
package/dist/deterministic/rules/preventSecretFileWrite.d.ts +7 -0
package/dist/deterministic/rules/preventSecretFileWrite.d.ts.map +1 -0
package/dist/deterministic/rules/preventSecretFileWrite.js +55 -0
package/dist/deterministic/rules/preventSystemPathWrite.d.ts +3 -0
package/dist/deterministic/rules/preventSystemPathWrite.d.ts.map +1 -0
package/dist/deterministic/rules/preventSystemPathWrite.js +38 -0
package/dist/deterministic/types.d.ts +20 -0
package/dist/deterministic/types.d.ts.map +1 -0
package/dist/deterministic/types.js +2 -0
package/dist/doctor/findings.d.ts +15 -0
package/dist/doctor/findings.d.ts.map +1 -0
package/dist/doctor/findings.js +2 -0
package/dist/doctor/formatFindings.d.ts +3 -0
package/dist/doctor/formatFindings.d.ts.map +1 -0
package/dist/doctor/formatFindings.js +37 -0
package/dist/doctor/lintRuleSources.d.ts +4 -0
package/dist/doctor/lintRuleSources.d.ts.map +1 -0
package/dist/doctor/lintRuleSources.js +87 -0
package/dist/hooks/processHookData.d.ts +37 -0
package/dist/hooks/processHookData.d.ts.map +1 -0
package/dist/hooks/processHookData.js +181 -0
package/dist/index.d.ts +38 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +54 -0
package/dist/observability/decisionLogger.d.ts +15 -0
package/dist/observability/decisionLogger.d.ts.map +1 -0
package/dist/observability/decisionLogger.js +20 -0
package/dist/observability/eventBus.d.ts +15 -0
package/dist/observability/eventBus.d.ts.map +1 -0
package/dist/observability/eventBus.js +33 -0
package/dist/observability/sinks/JsonlFileSink.d.ts +13 -0
package/dist/observability/sinks/JsonlFileSink.d.ts.map +1 -0
package/dist/observability/sinks/JsonlFileSink.js +36 -0
package/dist/observability/sinks/Sink.d.ts +46 -0
package/dist/observability/sinks/Sink.d.ts.map +1 -0
package/dist/observability/sinks/Sink.js +2 -0
package/dist/observability/stats.d.ts +14 -0
package/dist/observability/stats.d.ts.map +1 -0
package/dist/observability/stats.js +78 -0
package/dist/validation/models/AnthropicApi.d.ts +9 -0
package/dist/validation/models/AnthropicApi.d.ts.map +1 -0
package/dist/validation/models/AnthropicApi.js +44 -0
package/dist/validation/models/ClaudeCli.d.ts +10 -0
package/dist/validation/models/ClaudeCli.d.ts.map +1 -0
package/dist/validation/models/ClaudeCli.js +64 -0
package/dist/validation/models/CompositeModelClient.d.ts +20 -0
package/dist/validation/models/CompositeModelClient.d.ts.map +1 -0
package/dist/validation/models/CompositeModelClient.js +53 -0
package/dist/validation/prompts/context.d.ts +3 -0
package/dist/validation/prompts/context.d.ts.map +1 -0
package/dist/validation/prompts/context.js +29 -0
package/dist/validation/prompts/response.d.ts +2 -0
package/dist/validation/prompts/response.d.ts.map +1 -0
package/dist/validation/prompts/response.js +20 -0
package/dist/validation/prompts/system-prompt.d.ts +7 -0
package/dist/validation/prompts/system-prompt.d.ts.map +1 -0
package/dist/validation/prompts/system-prompt.js +69 -0
package/dist/validation/validator.d.ts +5 -0
package/dist/validation/validator.d.ts.map +1 -0
package/dist/validation/validator.js +98 -0
package/package.json +67 -0

package/dist/doctor/lintRuleSources.js ADDED Viewed

@@ -0,0 +1,87 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.lintRuleSources = lintRuleSources;
+const AMBIGUOUS_PATTERNS = [
+    { regex: /\bwhere possible\b/i, label: 'where possible' },
+    { regex: /\bas (?:needed|appropriate)\b/i, label: 'as needed/appropriate' },
+    { regex: /\bwhen appropriate\b/i, label: 'when appropriate' },
+    { regex: /\bif possible\b/i, label: 'if possible' },
+    { regex: /\bshould consider\b/i, label: 'should consider' },
+    { regex: /\bgenerally speaking\b/i, label: 'generally speaking' },
+    { regex: /\btry to\b/i, label: 'try to' },
+    { regex: /適切に/, label: '適切に' },
+    { regex: /なるべく/, label: 'なるべく' },
+    { regex: /可能な限り/, label: '可能な限り' },
+    { regex: /必要に応じて/, label: '必要に応じて' },
+    { regex: /できれば/, label: 'できれば' },
+    { regex: /状況に応じて/, label: '状況に応じて' },
+];
+const IMPERATIVE_HINTS = [
+    /^[\s\-*\d.]*(?:never|always|do not|don[''']t|must|should|use|avoid|prefer|run|check)\b/i,
+    /^\s*[-*]\s+/, // bullet items
+    /^\s*\d+\.\s+/, // numbered items
+    /禁止|必須|常に|決して|してはいけない|すること|してください|する/, // Japanese imperatives
+];
+function isEmpty(content) {
+    return content.trim().length === 0;
+}
+function hasConcreteRules(content) {
+    const lines = content.split('\n');
+    return lines.some((line) => IMPERATIVE_HINTS.some((re) => re.test(line)));
+}
+function findAmbiguousLines(content) {
+    const out = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const { regex, label } of AMBIGUOUS_PATTERNS) {
+            if (regex.test(line)) {
+                out.push({ line: i + 1, match: label });
+                break;
+            }
+        }
+    }
+    return out;
+}
+function trimExcerpt(line) {
+    const t = line.trim();
+    return t.length > 80 ? t.slice(0, 77) + '...' : t;
+}
+function lintRuleSources(sources) {
+    const findings = [];
+    for (const source of sources) {
+        if (isEmpty(source.content)) {
+            findings.push({
+                ruleSourcePath: source.path,
+                ruleSourceKind: source.kind,
+                severity: 'warning',
+                code: 'empty-file',
+                message: 'Instruction file is empty. Either remove it or fill in concrete project rules so the AI has something to enforce.',
+            });
+            continue;
+        }
+        if (!hasConcreteRules(source.content)) {
+            findings.push({
+                ruleSourcePath: source.path,
+                ruleSourceKind: source.kind,
+                severity: 'warning',
+                code: 'no-concrete-rules',
+                message: 'No imperatives (must / should / never / "use X") or bulleted/numbered items detected. The AI may struggle to extract actionable rules.',
+            });
+        }
+        const ambiguousLines = findAmbiguousLines(source.content);
+        for (const a of ambiguousLines) {
+            const excerpt = trimExcerpt(source.content.split('\n')[a.line - 1] ?? '');
+            findings.push({
+                ruleSourcePath: source.path,
+                ruleSourceKind: source.kind,
+                severity: 'info',
+                code: 'ambiguous-modifier',
+                message: `Ambiguous modifier "${a.match}" makes the rule hard for AI to enforce reliably. Replace with a concrete condition or threshold.`,
+                line: a.line,
+                excerpt,
+            });
+        }
+    }
+    return findings;
+}

package/dist/hooks/processHookData.d.ts ADDED Viewed

@@ -0,0 +1,37 @@
+import { ValidationResult } from '../contracts/types/ValidationResult';
+import { RuleSource } from '../contracts/types/RuleSource';
+import { IModelClient } from '../contracts/types/ModelClient';
+import { validator } from '../validation/validator';
+import { Config } from '../config/Config';
+import { DeterministicRule } from '../deterministic/types';
+import { Adapter } from '../adapters/Adapter';
+import { AgentGateConfig } from '../config/AgentGateConfig';
+import { EventBus } from '../observability/eventBus';
+export interface CooldownStore {
+    getLastTime(key: string): number;
+    setLastTime(key: string, time: number): void;
+}
+export interface ProcessHookDataDeps {
+    config?: Config;
+    agentGateConfig?: AgentGateConfig;
+    collectFn?: (cwd: string) => RuleSource[];
+    validatorFn?: typeof validator;
+    getModelClient?: (config: Config) => IModelClient;
+    cooldownStore?: CooldownStore;
+    cwd?: string;
+    deterministicRules?: DeterministicRule[];
+    adapter?: Adapter;
+    /**
+     * Pre-configured event bus. When omitted, a default bus is built
+     * and a JsonlFileSink is auto-subscribed iff AGENT_GATE_LOG=1 (or
+     * `logging.enabled` is true).
+     */
+    eventBus?: EventBus;
+    /** Override logging behavior. When provided, replaces env detection. */
+    logging?: {
+        enabled: boolean;
+        path?: string;
+    };
+}
+export declare function processHookData(input: string, deps?: ProcessHookDataDeps): Promise<ValidationResult>;
+//# sourceMappingURL=processHookData.d.ts.map

package/dist/hooks/processHookData.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"processHookData.d.ts","sourceRoot":"","sources":["../../src/hooks/processHookData.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAA;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAA;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAA;AAE7D,OAAO,EAAE,SAAS,EAAE,MAAM,yBAAyB,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAA;AAIzC,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAG1D,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAA;AAE7C,OAAO,EACL,eAAe,EAEhB,MAAM,2BAA2B,CAAA;AAMlC,OAAO,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAA;AAWpD,MAAM,WAAW,aAAa;IAC5B,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAA;IAChC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,IAAI,CAAA;CAC7C;AA4BD,MAAM,WAAW,mBAAmB;IAClC,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,eAAe,CAAC,EAAE,eAAe,CAAA;IACjC,SAAS,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,UAAU,EAAE,CAAA;IACzC,WAAW,CAAC,EAAE,OAAO,SAAS,CAAA;IAC9B,cAAc,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,YAAY,CAAA;IACjD,aAAa,CAAC,EAAE,aAAa,CAAA;IAC7B,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,kBAAkB,CAAC,EAAE,iBAAiB,EAAE,CAAA;IACxC,OAAO,CAAC,EAAE,OAAO,CAAA;IACjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,QAAQ,CAAA;IACnB,wEAAwE;IACxE,OAAO,CAAC,EAAE;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;CAC9C;AAaD,wBAAsB,eAAe,CACnC,KAAK,EAAE,MAAM,EACb,IAAI,CAAC,EAAE,mBAAmB,GACzB,OAAO,CAAC,gBAAgB,CAAC,CAoI3B"}

package/dist/hooks/processHookData.js ADDED Viewed

@@ -0,0 +1,181 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processHookData = processHookData;
+const fs_1 = require("fs");
+const crypto_1 = require("crypto");
+const path_1 = require("path");
+const os_1 = require("os");
+const collectRuleSources_1 = require("../collector/collectRuleSources");
+const validator_1 = require("../validation/validator");
+const Config_1 = require("../config/Config");
+const ClaudeCli_1 = require("../validation/models/ClaudeCli");
+const AnthropicApi_1 = require("../validation/models/AnthropicApi");
+const CompositeModelClient_1 = require("../validation/models/CompositeModelClient");
+const engine_1 = require("../deterministic/engine");
+const defaultRules_1 = require("../deterministic/defaultRules");
+const adapter_1 = require("../adapters/claude-code/adapter");
+const AgentGateConfig_1 = require("../config/AgentGateConfig");
+const decisionLogger_1 = require("../observability/decisionLogger");
+const eventBus_1 = require("../observability/eventBus");
+const JsonlFileSink_1 = require("../observability/sinks/JsonlFileSink");
+const PASS = { decision: undefined, reason: '' };
+const COOLDOWN_DIR_NAME = 'agent-gate';
+class FileCooldownStore {
+    dir;
+    constructor() {
+        this.dir = (0, path_1.join)((0, os_1.tmpdir)(), COOLDOWN_DIR_NAME);
+        (0, fs_1.mkdirSync)(this.dir, { recursive: true });
+    }
+    stampPath(key) {
+        const hash = (0, crypto_1.createHash)('sha256').update(key).digest('hex');
+        return (0, path_1.join)(this.dir, hash);
+    }
+    getLastTime(key) {
+        try {
+            return parseInt((0, fs_1.readFileSync)(this.stampPath(key), 'utf-8'), 10) || 0;
+        }
+        catch {
+            return 0;
+        }
+    }
+    setLastTime(key, time) {
+        (0, fs_1.writeFileSync)(this.stampPath(key), String(time));
+    }
+}
+function resolveEventBus(deps) {
+    if (deps?.eventBus)
+        return deps.eventBus;
+    const bus = new eventBus_1.EventBus();
+    const enabled = deps?.logging ? deps.logging.enabled : (0, decisionLogger_1.isLoggingEnabled)();
+    if (enabled) {
+        const path = deps?.logging?.path ?? (0, decisionLogger_1.defaultLogPath)();
+        bus.subscribe(new JsonlFileSink_1.JsonlFileSink(path));
+    }
+    return bus;
+}
+async function processHookData(input, deps) {
+    const config = deps?.config ?? new Config_1.Config();
+    if (config.disabled) {
+        return PASS;
+    }
+    const adapter = deps?.adapter ?? adapter_1.claudeCodeAdapter;
+    const bus = resolveEventBus(deps);
+    const parsed = adapter.parseHook(input);
+    if (parsed.kind === 'skip') {
+        return PASS;
+    }
+    const { toolName, toolInput } = parsed.action;
+    // Resolve cwd early so the agent-gate config can be loaded relative to it.
+    const cwd = deps?.cwd ?? process.cwd();
+    const agentGateConfig = deps?.agentGateConfig ?? (0, AgentGateConfig_1.loadAgentGateConfig)(cwd);
+    // Build SessionContext (history from adapter, projectRoot defaults to cwd
+    // for v1; future work can detect the actual project root).
+    let history = [];
+    if (typeof adapter.readHistory === 'function') {
+        try {
+            history = await adapter.readHistory({ cwd, limit: 20 });
+        }
+        catch {
+            history = [];
+        }
+    }
+    const sessionContext = {
+        cwd,
+        projectRoot: cwd,
+        history,
+    };
+    // Deterministic rules: a fast, cheap safety baseline that runs before
+    // any cooldown or AI check.
+    const deterministicRules = deps?.deterministicRules ??
+        (0, defaultRules_1.buildDefaultDeterministicRules)(agentGateConfig);
+    const ruleVerdict = (0, engine_1.runDeterministicRules)(toolName, toolInput, deterministicRules, sessionContext);
+    if (ruleVerdict.kind === 'block') {
+        bus.emit({
+            type: 'rule.fired',
+            adapter: adapter.id,
+            toolName,
+            ruleId: ruleVerdict.ruleId,
+            decision: 'block',
+            reason: ruleVerdict.reason,
+        });
+        bus.emit({
+            type: 'verdict.decided',
+            adapter: adapter.id,
+            toolName,
+            decision: 'block',
+            reason: ruleVerdict.reason,
+            source: 'deterministic',
+            ruleId: ruleVerdict.ruleId,
+        });
+        return { decision: 'block', reason: ruleVerdict.reason };
+    }
+    // Cooldown check (file-based, persists across process invocations)
+    const cooldownStore = config.cooldown > 0
+        ? deps?.cooldownStore ?? new FileCooldownStore()
+        : undefined;
+    if (cooldownStore && config.cooldown > 0) {
+        const now = Math.floor(Date.now() / 1000);
+        const lastTime = cooldownStore.getLastTime(cwd);
+        if (now - lastTime < config.cooldown) {
+            return PASS;
+        }
+    }
+    // Collect rule sources (CLAUDE.md, AGENTS.md, .cursorrules, ...)
+    const collect = deps?.collectFn ?? collectRuleSources_1.collectRuleSources;
+    const rules = collect(cwd);
+    if (rules.length === 0) {
+        return PASS;
+    }
+    // Get model client
+    const getClient = deps?.getModelClient ?? ((c) => createModelClient(c, cwd));
+    const modelClient = getClient(config);
+    // Validate
+    const validate = deps?.validatorFn ?? validator_1.validator;
+    bus.emit({
+        type: 'ai.requested',
+        adapter: adapter.id,
+        toolName,
+        rulesCount: rules.length,
+    });
+    const aiStart = Date.now();
+    const result = await validate(rules, toolName, toolInput, modelClient);
+    const aiLatency = Date.now() - aiStart;
+    // Update cooldown timestamp AFTER successful validation
+    if (cooldownStore) {
+        cooldownStore.setLastTime(cwd, Math.floor(Date.now() / 1000));
+    }
+    const decision = result.decision === 'block' ? 'block' : 'allow';
+    const source = 'ai';
+    bus.emit({
+        type: 'ai.completed',
+        adapter: adapter.id,
+        toolName,
+        decision,
+        reason: result.reason,
+        latencyMs: aiLatency,
+    });
+    bus.emit({
+        type: 'verdict.decided',
+        adapter: adapter.id,
+        toolName,
+        decision,
+        reason: result.reason,
+        source,
+    });
+    return result;
+}
+function createModelClient(config, cwd) {
+    // Build a fallback chain: the most-preferred client comes first, with
+    // ClaudeCli as a secondary path. The CompositeModelClient tries each in
+    // order; if the first fails, the next runs. The validator's outer
+    // try/catch fail-opens when every client has failed.
+    const clients = [];
+    if (config.useApi) {
+        clients.push(new AnthropicApi_1.AnthropicApi(config));
+    }
+    clients.push(new ClaudeCli_1.ClaudeCli(config, cwd));
+    if (clients.length === 1) {
+        return clients[0];
+    }
+    return new CompositeModelClient_1.CompositeModelClient(clients);
+}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,38 @@
+export { Config } from './config/Config';
+export type { ConfigOptions } from './config/Config';
+export { defineConfig } from './config/defineConfig';
+export type { AgentGatePluginConfig } from './config/defineConfig';
+export type { AgentGateConfig } from './config/AgentGateConfig';
+export { loadAgentGateConfig } from './config/AgentGateConfig';
+export { loadPluginConfig } from './config/PluginConfigLoader';
+export type { ValidationResult } from './contracts/types/ValidationResult';
+export type { HookData } from './contracts/types/HookData';
+export type { IModelClient } from './contracts/types/ModelClient';
+export type { RuleSource, RuleSourceKind } from './contracts/types/RuleSource';
+export type { Action, ParsedHook } from './contracts/types/Action';
+export type { SessionContext, SessionEvent, } from './contracts/types/SessionContext';
+export { HookDataSchema } from './contracts/schemas/hookDataSchema';
+export type { DeterministicRule, RuleVerdict, } from './deterministic/types';
+export { forbidCommandPattern, forbidContentPattern, forbidFilePathPattern, } from './deterministic/factories';
+export { defaultDeterministicRules, buildDefaultDeterministicRules, } from './deterministic/defaultRules';
+export { claudeCodeAdapter } from './adapters/claude-code/adapter';
+export { cursorAdapter } from './adapters/cursor/adapter';
+export type { Adapter, ReadHistoryOptions } from './adapters/Adapter';
+export { CompositeModelClient } from './validation/models/CompositeModelClient';
+export type { CompositeModelClientOptions } from './validation/models/CompositeModelClient';
+export { lintRuleSources } from './doctor/lintRuleSources';
+export { formatFindings } from './doctor/formatFindings';
+export type { Finding, FindingCode, Severity, } from './doctor/findings';
+export { DaemonServer } from './daemon/server';
+export type { DaemonServerOptions, DaemonHandler } from './daemon/server';
+export { sendToDaemon } from './daemon/client';
+export type { SendToDaemonOptions } from './daemon/client';
+export { defaultSocketPath as defaultDaemonSocketPath, } from './daemon/protocol';
+export type { DaemonRequest, DaemonResponse, DaemonErrorResponse, } from './daemon/protocol';
+export { EventBus } from './observability/eventBus';
+export { JsonlFileSink } from './observability/sinks/JsonlFileSink';
+export type { PipelineEvent, RuleFiredEvent, AiRequestedEvent, AiCompletedEvent, VerdictDecidedEvent, PipelineErrorEvent, Sink, } from './observability/sinks/Sink';
+export { collectRuleSources } from './collector/collectRuleSources';
+export { validator } from './validation/validator';
+export { processHookData } from './hooks/processHookData';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAA;AACxC,YAAY,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AACpD,YAAY,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAA;AAClE,YAAY,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAA;AAC/D,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAA;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,6BAA6B,CAAA;AAG9D,YAAY,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAA;AAC1E,YAAY,EAAE,QAAQ,EAAE,MAAM,4BAA4B,CAAA;AAC1D,YAAY,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAA;AACjE,YAAY,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAA;AAC9E,YAAY,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAA;AAClE,YAAY,EACV,cAAc,EACd,YAAY,GACb,MAAM,kCAAkC,CAAA;AAGzC,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAA;AAGnE,YAAY,EACV,iBAAiB,EACjB,WAAW,GACZ,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EACL,oBAAoB,EACpB,oBAAoB,EACpB,qBAAqB,GACtB,MAAM,2BAA2B,CAAA;AAClC,OAAO,EACL,yBAAyB,EACzB,8BAA8B,GAC/B,MAAM,8BAA8B,CAAA;AAGrC,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAA;AAClE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AACzD,YAAY,EAAE,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AAGrE,OAAO,EAAE,oBAAoB,EAAE,MAAM,0CAA0C,CAAA;AAC/E,YAAY,EAAE,2BAA2B,EAAE,MAAM,0CAA0C,CAAA;AAG3F,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAA;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AACxD,YAAY,EACV,OAAO,EACP,WAAW,EACX,QAAQ,GACT,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,YAAY,EAAE,mBAAmB,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AACzE,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,YAAY,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAA;AAC1D,OAAO,EACL,iBAAiB,IAAI,uBAAuB,GAC7C,MAAM,mBAAmB,CAAA;AAC1B,YAAY,EACV,aAAa,EACb,cAAc,EACd,mBAAmB,GACpB,MAAM,mBAAmB,CAAA;AAG1B,OAAO,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAA;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAA;AACnE,YAAY,EACV,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,gBAAgB,EAChB,mBAAmB,EACnB,kBAAkB,EAClB,IAAI,GACL,MAAM,4BAA4B,CAAA;AAGnC,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAA;AACnE,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAA;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processHookData = exports.validator = exports.collectRuleSources = exports.JsonlFileSink = exports.EventBus = exports.defaultDaemonSocketPath = exports.sendToDaemon = exports.DaemonServer = exports.formatFindings = exports.lintRuleSources = exports.CompositeModelClient = exports.cursorAdapter = exports.claudeCodeAdapter = exports.buildDefaultDeterministicRules = exports.defaultDeterministicRules = exports.forbidFilePathPattern = exports.forbidContentPattern = exports.forbidCommandPattern = exports.HookDataSchema = exports.loadPluginConfig = exports.loadAgentGateConfig = exports.defineConfig = exports.Config = void 0;
+// Config
+var Config_1 = require("./config/Config");
+Object.defineProperty(exports, "Config", { enumerable: true, get: function () { return Config_1.Config; } });
+var defineConfig_1 = require("./config/defineConfig");
+Object.defineProperty(exports, "defineConfig", { enumerable: true, get: function () { return defineConfig_1.defineConfig; } });
+var AgentGateConfig_1 = require("./config/AgentGateConfig");
+Object.defineProperty(exports, "loadAgentGateConfig", { enumerable: true, get: function () { return AgentGateConfig_1.loadAgentGateConfig; } });
+var PluginConfigLoader_1 = require("./config/PluginConfigLoader");
+Object.defineProperty(exports, "loadPluginConfig", { enumerable: true, get: function () { return PluginConfigLoader_1.loadPluginConfig; } });
+// Schemas
+var hookDataSchema_1 = require("./contracts/schemas/hookDataSchema");
+Object.defineProperty(exports, "HookDataSchema", { enumerable: true, get: function () { return hookDataSchema_1.HookDataSchema; } });
+var factories_1 = require("./deterministic/factories");
+Object.defineProperty(exports, "forbidCommandPattern", { enumerable: true, get: function () { return factories_1.forbidCommandPattern; } });
+Object.defineProperty(exports, "forbidContentPattern", { enumerable: true, get: function () { return factories_1.forbidContentPattern; } });
+Object.defineProperty(exports, "forbidFilePathPattern", { enumerable: true, get: function () { return factories_1.forbidFilePathPattern; } });
+var defaultRules_1 = require("./deterministic/defaultRules");
+Object.defineProperty(exports, "defaultDeterministicRules", { enumerable: true, get: function () { return defaultRules_1.defaultDeterministicRules; } });
+Object.defineProperty(exports, "buildDefaultDeterministicRules", { enumerable: true, get: function () { return defaultRules_1.buildDefaultDeterministicRules; } });
+// Adapters
+var adapter_1 = require("./adapters/claude-code/adapter");
+Object.defineProperty(exports, "claudeCodeAdapter", { enumerable: true, get: function () { return adapter_1.claudeCodeAdapter; } });
+var adapter_2 = require("./adapters/cursor/adapter");
+Object.defineProperty(exports, "cursorAdapter", { enumerable: true, get: function () { return adapter_2.cursorAdapter; } });
+// Model clients (for users wiring up custom AI fallback chains)
+var CompositeModelClient_1 = require("./validation/models/CompositeModelClient");
+Object.defineProperty(exports, "CompositeModelClient", { enumerable: true, get: function () { return CompositeModelClient_1.CompositeModelClient; } });
+// Doctor (CLAUDE.md linter)
+var lintRuleSources_1 = require("./doctor/lintRuleSources");
+Object.defineProperty(exports, "lintRuleSources", { enumerable: true, get: function () { return lintRuleSources_1.lintRuleSources; } });
+var formatFindings_1 = require("./doctor/formatFindings");
+Object.defineProperty(exports, "formatFindings", { enumerable: true, get: function () { return formatFindings_1.formatFindings; } });
+// Daemon
+var server_1 = require("./daemon/server");
+Object.defineProperty(exports, "DaemonServer", { enumerable: true, get: function () { return server_1.DaemonServer; } });
+var client_1 = require("./daemon/client");
+Object.defineProperty(exports, "sendToDaemon", { enumerable: true, get: function () { return client_1.sendToDaemon; } });
+var protocol_1 = require("./daemon/protocol");
+Object.defineProperty(exports, "defaultDaemonSocketPath", { enumerable: true, get: function () { return protocol_1.defaultSocketPath; } });
+// Observability
+var eventBus_1 = require("./observability/eventBus");
+Object.defineProperty(exports, "EventBus", { enumerable: true, get: function () { return eventBus_1.EventBus; } });
+var JsonlFileSink_1 = require("./observability/sinks/JsonlFileSink");
+Object.defineProperty(exports, "JsonlFileSink", { enumerable: true, get: function () { return JsonlFileSink_1.JsonlFileSink; } });
+// Core
+var collectRuleSources_1 = require("./collector/collectRuleSources");
+Object.defineProperty(exports, "collectRuleSources", { enumerable: true, get: function () { return collectRuleSources_1.collectRuleSources; } });
+var validator_1 = require("./validation/validator");
+Object.defineProperty(exports, "validator", { enumerable: true, get: function () { return validator_1.validator; } });
+var processHookData_1 = require("./hooks/processHookData");
+Object.defineProperty(exports, "processHookData", { enumerable: true, get: function () { return processHookData_1.processHookData; } });

package/dist/observability/decisionLogger.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+export type DecisionSource = 'deterministic' | 'ai' | 'pass';
+export interface DecisionLogEntry {
+    timestamp: string;
+    adapter: string;
+    toolName: string;
+    decision: 'block' | 'allow';
+    reason: string;
+    source: DecisionSource;
+    /** Rule id when the decision came from the deterministic engine. */
+    ruleId?: string;
+}
+export declare function defaultLogPath(): string;
+export declare function appendDecision(entry: DecisionLogEntry, logPath?: string): void;
+export declare function isLoggingEnabled(env?: NodeJS.ProcessEnv): boolean;
+//# sourceMappingURL=decisionLogger.d.ts.map

package/dist/observability/decisionLogger.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"decisionLogger.d.ts","sourceRoot":"","sources":["../../src/observability/decisionLogger.ts"],"names":[],"mappings":"AAIA,MAAM,MAAM,cAAc,GAAG,eAAe,GAAG,IAAI,GAAG,MAAM,CAAA;AAE5D,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,cAAc,CAAA;IACtB,oEAAoE;IACpE,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAKD,wBAAgB,cAAc,IAAI,MAAM,CAEvC;AAED,wBAAgB,cAAc,CAC5B,KAAK,EAAE,gBAAgB,EACvB,OAAO,GAAE,MAAyB,GACjC,IAAI,CAGN;AAED,wBAAgB,gBAAgB,CAAC,GAAG,GAAE,MAAM,CAAC,UAAwB,GAAG,OAAO,CAE9E"}

package/dist/observability/decisionLogger.js ADDED Viewed

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.defaultLogPath = defaultLogPath;
+exports.appendDecision = appendDecision;
+exports.isLoggingEnabled = isLoggingEnabled;
+const fs_1 = require("fs");
+const path_1 = require("path");
+const os_1 = require("os");
+const DEFAULT_LOG_DIR = '.agent-gate';
+const DEFAULT_LOG_FILENAME = 'log.jsonl';
+function defaultLogPath() {
+    return (0, path_1.join)((0, os_1.homedir)(), DEFAULT_LOG_DIR, DEFAULT_LOG_FILENAME);
+}
+function appendDecision(entry, logPath = defaultLogPath()) {
+    (0, fs_1.mkdirSync)((0, path_1.dirname)(logPath), { recursive: true });
+    (0, fs_1.appendFileSync)(logPath, JSON.stringify(entry) + '\n');
+}
+function isLoggingEnabled(env = process.env) {
+    return env.AGENT_GATE_LOG === '1' || env.AGENT_GATE_LOG === 'true';
+}

package/dist/observability/eventBus.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { PipelineEvent, Sink } from './sinks/Sink';
+/**
+ * Tiny synchronous event bus for the pipeline. Sinks subscribe at
+ * pipeline construction time and receive every event emitted.
+ *
+ * The bus catches sink exceptions so a broken sink can never bring
+ * down the hook. Async sinks are allowed but the bus does not await
+ * them; observability is fire-and-forget by design.
+ */
+export declare class EventBus {
+    private readonly sinks;
+    subscribe(sink: Sink): void;
+    emit(event: PipelineEvent): void;
+}
+//# sourceMappingURL=eventBus.d.ts.map

package/dist/observability/eventBus.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"eventBus.d.ts","sourceRoot":"","sources":["../../src/observability/eventBus.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,cAAc,CAAA;AAElD;;;;;;;GAOG;AACH,qBAAa,QAAQ;IACnB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAa;IAEnC,SAAS,CAAC,IAAI,EAAE,IAAI,GAAG,IAAI;IAI3B,IAAI,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI;CAcjC"}

package/dist/observability/eventBus.js ADDED Viewed

@@ -0,0 +1,33 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EventBus = void 0;
+/**
+ * Tiny synchronous event bus for the pipeline. Sinks subscribe at
+ * pipeline construction time and receive every event emitted.
+ *
+ * The bus catches sink exceptions so a broken sink can never bring
+ * down the hook. Async sinks are allowed but the bus does not await
+ * them; observability is fire-and-forget by design.
+ */
+class EventBus {
+    sinks = [];
+    subscribe(sink) {
+        this.sinks.push(sink);
+    }
+    emit(event) {
+        for (const sink of this.sinks) {
+            try {
+                const r = sink.handle(event);
+                if (r instanceof Promise) {
+                    r.catch(() => {
+                        // swallow async sink failures
+                    });
+                }
+            }
+            catch {
+                // swallow sync sink failures
+            }
+        }
+    }
+}
+exports.EventBus = EventBus;

package/dist/observability/sinks/JsonlFileSink.d.ts ADDED Viewed

@@ -0,0 +1,13 @@
+import { PipelineEvent, Sink } from './Sink';
+/**
+ * Persists verdict.decided events to a JSONL file (one event per line).
+ * Other event types are dropped. The output shape matches the legacy
+ * DecisionLogEntry so existing log readers and the `agent-gate stats`
+ * subcommand continue to work unchanged.
+ */
+export declare class JsonlFileSink implements Sink {
+    private readonly path;
+    constructor(path: string);
+    handle(event: PipelineEvent): void;
+}
+//# sourceMappingURL=JsonlFileSink.d.ts.map

package/dist/observability/sinks/JsonlFileSink.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"JsonlFileSink.d.ts","sourceRoot":"","sources":["../../../src/observability/sinks/JsonlFileSink.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAA;AAM5C;;;;;GAKG;AACH,qBAAa,aAAc,YAAW,IAAI;IAC5B,OAAO,CAAC,QAAQ,CAAC,IAAI;gBAAJ,IAAI,EAAE,MAAM;IAEzC,MAAM,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI;CAiBnC"}

package/dist/observability/sinks/JsonlFileSink.js ADDED Viewed

@@ -0,0 +1,36 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JsonlFileSink = void 0;
+const decisionLogger_1 = require("../decisionLogger");
+/**
+ * Persists verdict.decided events to a JSONL file (one event per line).
+ * Other event types are dropped. The output shape matches the legacy
+ * DecisionLogEntry so existing log readers and the `agent-gate stats`
+ * subcommand continue to work unchanged.
+ */
+class JsonlFileSink {
+    path;
+    constructor(path) {
+        this.path = path;
+    }
+    handle(event) {
+        if (event.type !== 'verdict.decided')
+            return;
+        const entry = {
+            timestamp: new Date().toISOString(),
+            adapter: event.adapter,
+            toolName: event.toolName,
+            decision: event.decision,
+            reason: event.reason,
+            source: event.source,
+            ruleId: event.ruleId,
+        };
+        try {
+            (0, decisionLogger_1.appendDecision)(entry, this.path);
+        }
+        catch {
+            // sink swallows its own failures per Sink contract
+        }
+    }
+}
+exports.JsonlFileSink = JsonlFileSink;

package/dist/observability/sinks/Sink.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+export interface RuleFiredEvent {
+    type: 'rule.fired';
+    adapter: string;
+    toolName: string;
+    ruleId: string;
+    decision: 'block' | 'allow';
+    reason: string;
+}
+export interface AiRequestedEvent {
+    type: 'ai.requested';
+    adapter: string;
+    toolName: string;
+    rulesCount: number;
+}
+export interface AiCompletedEvent {
+    type: 'ai.completed';
+    adapter: string;
+    toolName: string;
+    decision: 'block' | 'allow';
+    reason: string;
+    latencyMs: number;
+}
+export interface VerdictDecidedEvent {
+    type: 'verdict.decided';
+    adapter: string;
+    toolName: string;
+    decision: 'block' | 'allow';
+    reason: string;
+    source: 'deterministic' | 'ai' | 'pass';
+    ruleId?: string;
+}
+export interface PipelineErrorEvent {
+    type: 'pipeline.error';
+    stage: string;
+    error: string;
+}
+export type PipelineEvent = RuleFiredEvent | AiRequestedEvent | AiCompletedEvent | VerdictDecidedEvent | PipelineErrorEvent;
+export interface Sink {
+    /**
+     * Handle a single pipeline event. Sinks must be defensive: throwing
+     * here is caught by the EventBus and does not affect other sinks
+     * or the pipeline.
+     */
+    handle(event: PipelineEvent): void | Promise<void>;
+}
+//# sourceMappingURL=Sink.d.ts.map

package/dist/observability/sinks/Sink.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Sink.d.ts","sourceRoot":"","sources":["../../../src/observability/sinks/Sink.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,YAAY,CAAA;IAClB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,cAAc,CAAA;IACpB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,cAAc,CAAA;IACpB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,iBAAiB,CAAA;IACvB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,eAAe,GAAG,IAAI,GAAG,MAAM,CAAA;IACvC,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,gBAAgB,CAAA;IACtB,KAAK,EAAE,MAAM,CAAA;IACb,KAAK,EAAE,MAAM,CAAA;CACd;AAED,MAAM,MAAM,aAAa,GACrB,cAAc,GACd,gBAAgB,GAChB,gBAAgB,GAChB,mBAAmB,GACnB,kBAAkB,CAAA;AAEtB,MAAM,WAAW,IAAI;IACnB;;;;OAIG;IACH,MAAM,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;CACnD"}

package/dist/observability/sinks/Sink.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/observability/stats.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+import { DecisionLogEntry, DecisionSource } from './decisionLogger';
+export interface Stats {
+    total: number;
+    blocks: number;
+    allows: number;
+    byRuleId: Record<string, number>;
+    bySource: Record<DecisionSource, number>;
+    byAdapter: Record<string, number>;
+    byTool: Record<string, number>;
+}
+export declare function aggregateStats(entries: DecisionLogEntry[]): Stats;
+export declare function readStats(logPath: string): Stats;
+export declare function formatStats(stats: Stats): string;
+//# sourceMappingURL=stats.d.ts.map

package/dist/observability/stats.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"stats.d.ts","sourceRoot":"","sources":["../../src/observability/stats.ts"],"names":[],"mappings":"AACA,OAAO,EACL,gBAAgB,EAChB,cAAc,EACf,MAAM,kBAAkB,CAAA;AAEzB,MAAM,WAAW,KAAK;IACpB,KAAK,EAAE,MAAM,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IAChC,QAAQ,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAA;IACxC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;IACjC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;CAC/B;AAkBD,wBAAgB,cAAc,CAAC,OAAO,EAAE,gBAAgB,EAAE,GAAG,KAAK,CAYjE;AAED,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,KAAK,CAchD;AASD,wBAAgB,WAAW,CAAC,KAAK,EAAE,KAAK,GAAG,MAAM,CAiBhD"}