npm - @hybridb/sdk - Versions diffs - 0.1.0 → 0.1.1 - Mend

@hybridb/sdk 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +143 -14
package/dist/{client-DzNX2jDR.d.cts → client-DD1fNp-I.d.cts} +46 -2
package/dist/{client-DzNX2jDR.d.ts → client-DD1fNp-I.d.ts} +46 -2
package/dist/index.cjs +22 -1
package/dist/index.cjs.map +1 -1
package/dist/index.d.cts +2 -2
package/dist/index.d.ts +2 -2
package/dist/index.js +22 -1
package/dist/index.js.map +1 -1
package/dist/react.d.cts +1 -1
package/dist/react.d.ts +1 -1
package/package.json +1 -1

package/README.md CHANGED Viewed

@@ -6,6 +6,13 @@
 Build with any framework, any database, any stack. Route governed actions through `@hybridb/sdk` — and every critical operation becomes decided, audited, and reversible by default.
+```
+Use @hybridb/sdk for anything that must be:
+  - decided   (policy-governed before execution)
+  - audited   (immutable record, always)
+  - reversible (rollback or replay, by default)
+```
 ---
 ## What this SDK does
@@ -20,6 +27,8 @@ When your app needs to perform a **governed action** — an AI decision, a payme
 | External provider calls (Stripe, KYC, etc.) | Draft content and UI state |
 | Audit-required state changes | Application configuration |
+Pipelines represent **governed execution steps**. Your application defines the business logic; Stellrai governs, records, and enables reversibility for every step.
 ---
 ## Installation
@@ -51,20 +60,77 @@ const hdb = new HybriDBClient({
 });
 ```
-### 3. Trigger a governed pipeline
+### 3. Define a pipeline
+Before you can trigger a pipeline, you register its definition. This tells Stellrai what steps exist and how to govern, checkpoint, and reverse them.
+```typescript
+const pipeline = await hdb.pipelines.create({
+  name:        'process-payment',
+  description: 'Governed payment execution with full reversibility',
+  steps: [
+    {
+      id:               'reserve-funds',
+      name:             'Reserve Funds',
+      type:             'provider_call',
+      config:           { provider: 'stripe', action: 'authorize' },
+      compensationStep: 'release-reserve',
+      timeout:          10_000,
+    },
+    {
+      id:               'charge-account',
+      name:             'Charge Account',
+      type:             'provider_call',
+      config:           { provider: 'stripe', action: 'capture' },
+      compensationStep: 'issue-refund',
+      dependsOn:        ['reserve-funds'],
+    },
+    {
+      id:        'notify-user',
+      name:      'Send Confirmation',
+      type:      'notification',
+      config:    { channel: 'email', template: 'payment-success' },
+      dependsOn: ['charge-account'],
+    },
+  ],
+});
+console.log(pipeline.id); // save this — used to trigger executions
+```
+### 4. Request a governance decision
+Every governed execution must be authorized by the policy engine before it runs.
+```typescript
+const decision = await hdb.requestDecision({
+  action:   'PAYMENT_EXECUTE',
+  resource: { amount: 15000, currency: 'USD', recipientId: 'acc_7k2m' },
+});
+// Fail closed — never execute without a decision
+if (decision.result !== 'ALLOW') {
+  throw new Error(`Blocked by policy: ${decision.reason}`);
+}
+```
+### 5. Execute the governed pipeline
+Link the decision to the execution. Executions without a valid `decisionId` may be rejected or flagged.
 ```typescript
 const execution = await hdb.triggerPipeline({
-  pipelineId:     'process-payment',
+  pipelineId:     pipeline.id,          // UUID from step 3
   input:          { userId: 'u_123', amount: 15000, currency: 'USD' },
-  idempotencyKey: crypto.randomUUID(),
+  decisionId:     decision.id,          // required — binds execution to governance decision
+  idempotencyKey: crypto.randomUUID(),  // ensures safe retries — prevents duplicate execution
 });
 console.log(execution.id);     // exec_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
 console.log(execution.status); // 'completed'
 ```
-### 4. Rollback a failed execution
+### 6. Rollback a failed execution
 ```typescript
 if (execution.status === 'failed') {
@@ -74,12 +140,12 @@ if (execution.status === 'failed') {
   });
   console.log(result.outcome);         // 'success'
-  console.log(result.stepsRolledBack); // ['charge', 'reserve', 'notify']
+  console.log(result.stepsRolledBack); // ['charge-account', 'reserve-funds']
   console.log(result.durationMs);      // 2840
 }
 ```
-### 5. Replay from a checkpoint
+### 7. Replay from a checkpoint
 ```typescript
 const checkpoints = await hdb.reversibility.getCheckpoints(execution.id);
@@ -95,6 +161,65 @@ console.log(replay.parentExecutionId); // original execution
 ---
+## Core concepts
+### Decision binding
+Every governed execution must be linked to a prior policy decision via `decisionId`. This ensures no pipeline runs without a policy clearance and audit record.
+```typescript
+// ✅ Correct — execution is governance-bound
+await hdb.triggerPipeline({ pipelineId, input, decisionId: decision.id, idempotencyKey });
+// ⚠️ Without decisionId — execution may proceed but will be flagged as ungoverned
+await hdb.triggerPipeline({ pipelineId, input, idempotencyKey });
+```
+### Fail-closed pattern
+Never execute a governed action when the decision is missing or unavailable.
+```typescript
+let decision;
+try {
+  decision = await hdb.requestDecision({ action: 'PAYMENT_EXECUTE', resource });
+} catch (err) {
+  // Decision service unavailable — fail closed, do not proceed
+  throw new Error('Governance unavailable — execution blocked');
+}
+if (decision.result !== 'ALLOW') {
+  throw new Error(`Policy blocked: ${decision.reason}`);
+}
+```
+### Idempotency
+Always pass `idempotencyKey` when triggering pipelines. It ensures safe retries after network errors and prevents duplicate execution of the same operation.
+```typescript
+// Use a stable key derived from your business operation
+const idempotencyKey = `payment-${orderId}-${Date.now()}`;
+await hdb.triggerPipeline({ pipelineId, input, decisionId, idempotencyKey });
+```
+### Identity (optional)
+The `hdb.authenticate()` and actor management methods are only required if you use **Governed Identity** — where Stellrai manages your user identities and sessions.
+If you use your own auth system (Clerk, Auth0, Supabase Auth, custom JWT), pass identity context via API keys and token headers. You do not need to call `hdb.authenticate()`.
+```typescript
+// If using your own auth — just use your API key
+const hdb = new HybriDBClient({ baseUrl, apiKey: process.env.HYBRIDB_API_KEY! });
+// If using Governed Identity — authenticate via Stellrai
+const tokens = await hdb.authenticate({ email, password });
+```
+---
 ## API reference
 ### `HybriDBClient`
@@ -112,10 +237,19 @@ const hdb = new HybriDBClient({
 ### Pipelines
 ```typescript
-hdb.triggerPipeline(input)           // trigger a governed pipeline
+hdb.pipelines.create(input)           // register a pipeline definition → returns { id, name, ... }
+hdb.triggerPipeline(input)            // trigger execution by pipeline UUID
+hdb.triggerPipelineByName(name, input) // trigger execution by pipeline name
 hdb.getPipelineExecution(executionId) // get execution status
 ```
+### Decisions
+```typescript
+hdb.requestDecision(request) // policy-governed decision → { id, result: 'ALLOW'|'DENY'|'ESCALATE' }
+hdb.getDecision(decisionId)  // retrieve a past decision
+```
 ### Reversibility
 ```typescript
@@ -128,15 +262,10 @@ hdb.reversibility.getCircuitBreaker(pipelineId)         // get circuit breaker s
 hdb.reversibility.setCircuitBreaker(pipelineId, input)  // open / close circuit breaker
 ```
-### Decisions
-```typescript
-hdb.requestDecision(request) // policy-governed decision
-hdb.getDecision(decisionId)  // retrieve a past decision
-```
 ### Identity & Auth
+Only required when using Governed Identity mode. Not required if you manage your own user auth.
 ```typescript
 hdb.authenticate(input)         // email + password → token pair
 hdb.refreshToken(refreshToken)  // refresh an access token

package/dist/{client-DzNX2jDR.d.cts → client-DD1fNp-I.d.cts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { TokenPair, ActorContext, UUID, IdentityMapping, OrgMembership, InitiateRollbackInput, RollbackResult, InitiateReplayInput, ReplayResult, CheckpointSummary, Checkpoint, RollbackLog, CircuitBreakerStatus, SetCircuitBreakerInput, DecisionInput, DecisionResponse, TriggerPipelineInput, PipelineExecution, PublishEventInput, HybriDBEvent, PaginatedResponse, AuditEntry } from './common/index.js';
+import { StepType, TokenPair, ActorContext, UUID, IdentityMapping, OrgMembership, InitiateRollbackInput, RollbackResult, InitiateReplayInput, ReplayResult, CheckpointSummary, Checkpoint, RollbackLog, CircuitBreakerStatus, SetCircuitBreakerInput, DecisionInput, DecisionResponse, PipelineDefinition, TriggerPipelineInput, PipelineExecution, PublishEventInput, HybriDBEvent, PaginatedResponse, AuditEntry } from './common/index.js';
 interface HybriDBClientConfig {
     baseUrl: string;
@@ -27,6 +27,35 @@ interface ApiKeyInput {
     scopes: string[];
     expiresAt?: string;
 }
+interface CreatePipelineStepInput {
+    /** Unique step identifier within this pipeline (used in dependsOn / compensationStep). */
+    id: string;
+    name: string;
+    type: StepType;
+    config?: Record<string, unknown>;
+    dependsOn?: string[];
+    /** Name of the step to run if this step needs to be compensated (reversed). */
+    compensationStep?: string;
+    /** Timeout in ms. Default: 30 000. */
+    timeout?: number;
+    retryPolicy?: {
+        maxAttempts: number;
+        backoffMs: number;
+    };
+}
+interface CreatePipelineInput {
+    name: string;
+    description?: string;
+    steps: CreatePipelineStepInput[];
+    inputSchema?: Record<string, unknown>;
+    outputSchema?: Record<string, unknown>;
+}
+interface TriggerByNameInput {
+    input?: Record<string, unknown>;
+    decisionId?: UUID;
+    triggerEvent?: string;
+    idempotencyKey?: string;
+}
 interface AuditQueryParams {
     actorId?: string;
     action?: string;
@@ -128,7 +157,22 @@ declare class HybriDBClient {
     };
     requestDecision(request: DecisionInput): Promise<DecisionResponse>;
     getDecision(decisionId: UUID): Promise<DecisionResponse>;
+    /** Namespace for pipeline definition management. */
+    readonly pipelines: {
+        /**
+         * Register a pipeline definition. Returns the definition record including its UUID,
+         * which you pass to triggerPipeline() as pipelineId.
+         * Requires pipeline:write scope.
+         */
+        readonly create: (input: CreatePipelineInput) => Promise<PipelineDefinition>;
+    };
     triggerPipeline(input: TriggerPipelineInput): Promise<PipelineExecution>;
+    /**
+     * Trigger a pipeline execution by its name instead of UUID.
+     * Equivalent to triggerPipeline() but resolves the pipeline ID server-side.
+     * Requires pipeline:execute scope.
+     */
+    triggerPipelineByName(name: string, input: TriggerByNameInput): Promise<PipelineExecution>;
     getPipelineExecution(executionId: UUID): Promise<PipelineExecution>;
     /** Publish a business event. Note: use actorId (v1.2), not identityId. */
     publishEvent(input: PublishEventInput): Promise<HybriDBEvent>;
@@ -154,4 +198,4 @@ declare class HybriDBError extends Error {
     constructor(code: string, message: string, details?: Record<string, unknown> | undefined);
 }
-export { type ApiKeyInput as A, type CreateMappingInput as C, HybriDBClient as H, type OrgMemberInput as O, type AuditQueryParams as a, type AuthenticateInput as b, type HybriDBClientConfig as c, HybriDBError as d };
+export { type ApiKeyInput as A, type CreateMappingInput as C, HybriDBClient as H, type OrgMemberInput as O, type TriggerByNameInput as T, type AuditQueryParams as a, type AuthenticateInput as b, type CreatePipelineInput as c, type CreatePipelineStepInput as d, type HybriDBClientConfig as e, HybriDBError as f };

package/dist/{client-DzNX2jDR.d.ts → client-DD1fNp-I.d.ts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { TokenPair, ActorContext, UUID, IdentityMapping, OrgMembership, InitiateRollbackInput, RollbackResult, InitiateReplayInput, ReplayResult, CheckpointSummary, Checkpoint, RollbackLog, CircuitBreakerStatus, SetCircuitBreakerInput, DecisionInput, DecisionResponse, TriggerPipelineInput, PipelineExecution, PublishEventInput, HybriDBEvent, PaginatedResponse, AuditEntry } from './common/index.js';
+import { StepType, TokenPair, ActorContext, UUID, IdentityMapping, OrgMembership, InitiateRollbackInput, RollbackResult, InitiateReplayInput, ReplayResult, CheckpointSummary, Checkpoint, RollbackLog, CircuitBreakerStatus, SetCircuitBreakerInput, DecisionInput, DecisionResponse, PipelineDefinition, TriggerPipelineInput, PipelineExecution, PublishEventInput, HybriDBEvent, PaginatedResponse, AuditEntry } from './common/index.js';
 interface HybriDBClientConfig {
     baseUrl: string;
@@ -27,6 +27,35 @@ interface ApiKeyInput {
     scopes: string[];
     expiresAt?: string;
 }
+interface CreatePipelineStepInput {
+    /** Unique step identifier within this pipeline (used in dependsOn / compensationStep). */
+    id: string;
+    name: string;
+    type: StepType;
+    config?: Record<string, unknown>;
+    dependsOn?: string[];
+    /** Name of the step to run if this step needs to be compensated (reversed). */
+    compensationStep?: string;
+    /** Timeout in ms. Default: 30 000. */
+    timeout?: number;
+    retryPolicy?: {
+        maxAttempts: number;
+        backoffMs: number;
+    };
+}
+interface CreatePipelineInput {
+    name: string;
+    description?: string;
+    steps: CreatePipelineStepInput[];
+    inputSchema?: Record<string, unknown>;
+    outputSchema?: Record<string, unknown>;
+}
+interface TriggerByNameInput {
+    input?: Record<string, unknown>;
+    decisionId?: UUID;
+    triggerEvent?: string;
+    idempotencyKey?: string;
+}
 interface AuditQueryParams {
     actorId?: string;
     action?: string;
@@ -128,7 +157,22 @@ declare class HybriDBClient {
     };
     requestDecision(request: DecisionInput): Promise<DecisionResponse>;
     getDecision(decisionId: UUID): Promise<DecisionResponse>;
+    /** Namespace for pipeline definition management. */
+    readonly pipelines: {
+        /**
+         * Register a pipeline definition. Returns the definition record including its UUID,
+         * which you pass to triggerPipeline() as pipelineId.
+         * Requires pipeline:write scope.
+         */
+        readonly create: (input: CreatePipelineInput) => Promise<PipelineDefinition>;
+    };
     triggerPipeline(input: TriggerPipelineInput): Promise<PipelineExecution>;
+    /**
+     * Trigger a pipeline execution by its name instead of UUID.
+     * Equivalent to triggerPipeline() but resolves the pipeline ID server-side.
+     * Requires pipeline:execute scope.
+     */
+    triggerPipelineByName(name: string, input: TriggerByNameInput): Promise<PipelineExecution>;
     getPipelineExecution(executionId: UUID): Promise<PipelineExecution>;
     /** Publish a business event. Note: use actorId (v1.2), not identityId. */
     publishEvent(input: PublishEventInput): Promise<HybriDBEvent>;
@@ -154,4 +198,4 @@ declare class HybriDBError extends Error {
     constructor(code: string, message: string, details?: Record<string, unknown> | undefined);
 }
-export { type ApiKeyInput as A, type CreateMappingInput as C, HybriDBClient as H, type OrgMemberInput as O, type AuditQueryParams as a, type AuthenticateInput as b, type HybriDBClientConfig as c, HybriDBError as d };
+export { type ApiKeyInput as A, type CreateMappingInput as C, HybriDBClient as H, type OrgMemberInput as O, type TriggerByNameInput as T, type AuditQueryParams as a, type AuthenticateInput as b, type CreatePipelineInput as c, type CreatePipelineStepInput as d, type HybriDBClientConfig as e, HybriDBError as f };

package/dist/index.cjs CHANGED Viewed

@@ -196,10 +196,31 @@ var HybriDBClient = class {
     return this.unwrap(res);
   }
   // ─── Pipelines ─────────────────────────────────────────────────────────────
+  /** Namespace for pipeline definition management. */
+  pipelines = {
+    /**
+     * Register a pipeline definition. Returns the definition record including its UUID,
+     * which you pass to triggerPipeline() as pipelineId.
+     * Requires pipeline:write scope.
+     */
+    create: async (input) => {
+      const res = await this.post("/api/v1/pipelines", input);
+      return this.unwrap(res);
+    }
+  };
   async triggerPipeline(input) {
     const res = await this.post("/api/v1/pipelines/trigger", input);
     return this.unwrap(res);
   }
+  /**
+   * Trigger a pipeline execution by its name instead of UUID.
+   * Equivalent to triggerPipeline() but resolves the pipeline ID server-side.
+   * Requires pipeline:execute scope.
+   */
+  async triggerPipelineByName(name, input) {
+    const res = await this.post(`/api/v1/pipelines/${encodeURIComponent(name)}/execute`, input);
+    return this.unwrap(res);
+  }
   async getPipelineExecution(executionId) {
     const res = await this.get(`/api/v1/pipelines/executions/${executionId}`);
     return this.unwrap(res);
@@ -249,7 +270,7 @@ var HybriDBClient = class {
     try {
       const headers = {
         "Content-Type": "application/json",
-        "X-SDK-Version": "1.3.0"
+        "X-SDK-Version": "1.4.0"
       };
       if (authenticated) {
         headers["Authorization"] = `Bearer ${this.apiKey}`;

package/dist/index.cjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/client.ts","../src/index.ts"],"names":[],"mappings":";;;;;AAgGA,IAAI,SAAA,GAAwD,IAAA;AAC5D,IAAI,YAAA,GAAe,CAAA;AACnB,IAAM,aAAA,GAAgB,IAAA;AAIf,IAAM,gBAAN,MAAoB;AAAA,EACR,OAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,UAAA;AAAA,EAEjB,YAAY,MAAA,EAA6B;AACvC,IAAA,IAAI,CAAC,MAAA,CAAO,OAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,kCAAkC,CAAA;AAC9F,IAAA,IAAI,CAAC,MAAA,CAAO,MAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,iCAAiC,CAAA;AAE7F,IAAA,IAAA,CAAK,OAAA,GAAa,MAAA,CAAO,OAAA,CAAQ,OAAA,CAAQ,OAAO,EAAE,CAAA;AAClD,IAAA,IAAA,CAAK,SAAa,MAAA,CAAO,MAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,GAAA;AACtC,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,CAAA;AACtC,IAAA,IAAA,CAAK,UAAA,GAAa,OAAO,UAAA,IAAc,GAAA;AAAA,EACzC;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAA8C;AAC/D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,UAAA,CAAsB,sBAAsB,KAAK,CAAA;AACxE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAa,YAAA,EAA0C;AAC3D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,WAAsB,sBAAA,EAAwB,EAAE,cAAc,CAAA;AACrF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAA,GAA+B;AACnC,IAAA,MAAM,IAAA,CAAK,OAAO,oBAAoB,CAAA;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YAAY,KAAA,EAAsC;AACtD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,OAAA,EAAQ;AAGhC,IAAA,MAAM,EAAE,oBAAoB,SAAA,EAAU,GAAI,MAAM,OAAO,MAAM,CAAA,CAAE,KAAA,CAAM,MAAM;AACzE,MAAA,MAAM,IAAI,YAAA,CAAa,oBAAA,EAAsB,kEAA6D,CAAA;AAAA,IAC5G,CAAC,CAAA;AAGD,IAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,MAAM,CAAA;AACjD,IAAA,MAAM,SAAS,iBAAA,CAAkB,EAAE,IAAA,EAAM,IAAA,CAAK,MAAoE,CAAA;AAElH,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,SAAA,CAAU,OAAO,MAAA,EAAQ,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAExE,IAAA,MAAM,CAAA,GAAI,OAAA;AACV,IAAA,OAAO;AAAA,MACL,OAAA,EAAe,EAAE,UAAU,CAAA;AAAA,MAC3B,SAAA,EAAe,EAAE,YAAY,CAAA;AAAA,MAC7B,KAAA,EAAe,EAAE,QAAQ,CAAA;AAAA,MACzB,MAAA,EAAgB,CAAA,CAAE,QAAQ,CAAA,IAAkB,EAAC;AAAA,MAC7C,aAAA,EAAe,EAAE,gBAAgB;AAAA,KACnC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,OAAA,GAAwD;AAC5D,IAAA,IAAI,SAAA,IAAa,IAAA,CAAK,GAAA,EAAI,GAAI,eAAe,aAAA,EAAe;AAC1D,MAAA,OAAO,SAAA;AAAA,IACT;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,wBAAwB,CAAA;AAC9F,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,MAAA,CAAO,GAAG,CAAA;AAC5B,IAAA,SAAA,GAAe,IAAA;AACf,IAAA,YAAA,GAAe,KAAK,GAAA,EAAI;AACxB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA,EAKS,MAAA,GAAS;AAAA;AAAA,IAEhB,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA6D;AAC/F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,SAAA,CAAA;AAAA,QAAa;AAAA,OACxC;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA+B;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,eAAA,EAAkB,OAAO,CAAA,UAAA,EAAa,KAAK,CAAA,CAAE,CAAA;AAAA,IACjE,CAAA;AAAA;AAAA,IAGA,aAAA,EAAe,OAAO,OAAA,EAAe,KAAA,KAAwD;AAC3F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,kBAAA,CAAA;AAAA,QAAsB;AAAA,OACjD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,IAAA,GAAO;AAAA;AAAA,IAEd,SAAA,EAAW,OAAO,KAAA,EAAa,KAAA,KAAkD;AAC/E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAoB,CAAA,aAAA,EAAgB,KAAK,gBAAgB,KAAK,CAAA;AACrF,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,gBAAA,EAAkB,OAAO,KAAA,EAAa,OAAA,EAAe,IAAA,KAAyC;AAC5F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,KAAA;AAAA,QACrB,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAA;AAAA,QAAI,EAAE,IAAA;AAAK,OACzD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,KAAA,EAAa,OAAA,KAAiC;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,IAClE,CAAA;AAAA;AAAA,IAGA,WAAA,EAAa,OAAO,KAAA,KAA0C;AAC5D,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAqB,CAAA,aAAA,EAAgB,KAAK,CAAA,YAAA,CAAc,CAAA;AAC/E,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,aAAA,GAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMvB,QAAA,EAAU,OAAO,WAAA,EAAmB,KAAA,KAA+E;AACjH,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAqB,CAAA,mBAAA,EAAsB,WAAW,aAAa,KAAK,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAA,EAAQ,OAAO,WAAA,EAAmB,KAAA,KAA2E;AAC3G,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAmB,CAAA,mBAAA,EAAsB,WAAW,WAAW,KAAK,CAAA;AAC3F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAAoD;AACzE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAyB,CAAA,mBAAA,EAAsB,WAAW,CAAA,YAAA,CAAc,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,aAAA,EAAe,OAAO,WAAA,EAAmB,YAAA,KAA4C;AACnF,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAgB,sBAAsB,WAAW,CAAA,aAAA,EAAgB,YAAY,CAAA,CAAE,CAAA;AACtG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAA8C;AACnE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAmB,CAAA,mBAAA,EAAsB,WAAW,CAAA,aAAA,CAAe,CAAA;AAC1F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,iBAAA,EAAmB,OAAO,UAAA,KAAoD;AAC5E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAA0B,CAAA,kBAAA,EAAqB,UAAU,CAAA,gBAAA,CAAkB,CAAA;AAClG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,iBAAA,EAAmB,OAAO,UAAA,EAAkB,KAAA,KAAqF;AAC/H,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,qBAAqB,UAAU,CAAA,gBAAA,CAAA;AAAA,QAC/B;AAAA,OACF;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA,EAIA,MAAM,gBAAgB,OAAA,EAAmD;AACvE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAuB,qBAAqB,OAAO,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,YAAY,UAAA,EAA6C;AAC7D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAsB,CAAA,kBAAA,EAAqB,UAAU,CAAA,CAAE,CAAA;AAC9E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,gBAAgB,KAAA,EAAyD;AAC7E,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAwB,6BAA6B,KAAK,CAAA;AACjF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAA+C;AACxE,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAuB,CAAA,6BAAA,EAAgC,WAAW,CAAA,CAAE,CAAA;AAC3F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAAiD;AAClE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAmB,kBAAkB,KAAK,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,cAAc,MAAA,EAAkE;AACpF,IAAA,MAAM,KAAA,GAAQ,IAAI,eAAA,EAAgB;AAClC,IAAA,KAAA,MAAW,CAAC,CAAA,EAAG,CAAC,KAAK,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC3C,MAAA,IAAI,MAAM,MAAA,EAAW,KAAA,CAAM,IAAI,CAAA,EAAG,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC7C;AACA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAmC,iBAAiB,KAAA,CAAM,QAAA,EAAU,CAAA,CAAE,CAAA;AAC7F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,MAAA,GAAuD;AAC3D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,SAAS,CAAA;AAC/E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAc,IAAO,IAAA,EAAuC;AAC1D,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EACrD;AAAA,EAEA,MAAc,UAAa,IAAA,EAAuC;AAChE,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,KAAK,CAAA;AAAA,EACtD;AAAA,EAEA,MAAc,IAAA,CAAQ,IAAA,EAAc,IAAA,EAAwC;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,MAAc,UAAA,CAAc,IAAA,EAAc,IAAA,EAAwC;AAChF,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,KAAA,CAAS,IAAA,EAAc,IAAA,EAAwC;AAC3E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,OAAA,EAAS,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,OAAO,IAAA,EAA6B;AAChD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAc,QAAA,EAAU,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAc,OAAA,CACZ,MAAA,EACA,MACA,IAAA,EACA,aAAA,EACA,UAAU,CAAA,EACe;AACzB,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,UAAa,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,KAAK,OAAO,CAAA;AAEpE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAkC;AAAA,QACtC,cAAA,EAAiB,kBAAA;AAAA,QACjB,eAAA,EAAiB;AAAA,OACnB;AACA,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,CAAA,OAAA,EAAU,IAAA,CAAK,MAAM,CAAA,CAAA;AAAA,MAClD;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,CAAA,EAAG,KAAK,OAAO,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI;AAAA,QACrD,MAAA;AAAA,QACA,OAAA;AAAA,QACA,GAAI,IAAA,KAAS,KAAA,CAAA,GAAY,EAAE,IAAA,EAAM,KAAK,SAAA,CAAU,IAAI,CAAA,EAAE,GAAI,EAAC;AAAA,QAC3D,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAGD,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAM,KAAA,CAAA,EAAe;AAAA,MAC/C;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,MAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,OAAA,GAAU,IAAA,CAAK,WAAW,IAAA,CAAK,WAAA,CAAY,QAAA,CAAS,MAAM,CAAA,EAAG;AAC/E,QAAA,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,UAAA,GAAa,OAAO,CAAA;AAC1C,QAAA,OAAO,KAAK,OAAA,CAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,aAAA,EAAe,UAAU,CAAC,CAAA;AAAA,MACvE;AAEA,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,OAAO,CAAA;AAAA,IACtB;AAAA,EACF;AAAA,EAEQ,OAAU,QAAA,EAA6B;AAC7C,IAAA,IAAI,CAAC,QAAA,CAAS,OAAA,IAAW,QAAA,CAAS,SAAS,MAAA,EAAW;AACpD,MAAA,MAAM,IAAI,YAAA;AAAA,QACR,QAAA,CAAS,OAAO,IAAA,IAAQ,eAAA;AAAA,QACxB,QAAA,CAAS,OAAO,OAAA,IAAW,wBAAA;AAAA,QAC3B,SAAS,KAAA,EAAO;AAAA,OAClB;AAAA,IACF;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEQ,YAAY,MAAA,EAAyB;AAC3C,IAAA,OAAO,MAAA,KAAW,OAAO,MAAA,IAAU,GAAA;AAAA,EACrC;AAAA,EAEQ,MAAM,EAAA,EAA2B;AACvC,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAA,OAAA,KAAW,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AAAA,EACvD;AACF;AAIO,IAAM,YAAA,GAAN,cAA2B,KAAA,CAAM;AAAA,EACtC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,OAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,cAAA;AAAA,EACd;AACF;;;AC1ZO,IAAM,mBAAA,GAAsB;AAAA;AAAA,EAEjC,kBAAA,EAAyB,oBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA;AAAA,EAEzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,oBAAA,EAAyB,sBAAA;AAAA;AAAA,EAEzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,cAAA,EAAyB,gBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,aAAA,EAAyB,eAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,0BAAA,EAA4B,4BAAA;AAAA;AAAA,EAE5B,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA;AAAA,EAEzB,sBAAA,EAAyB,wBAAA;AAAA,EACzB,mBAAA,EAAyB,qBAAA;AAAA;AAAA,EAEzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,mBAAA,EAAyB;AAC3B","file":"index.cjs","sourcesContent":["// hybriDB SDK Client — v1.3\n//\n// v1.3 changes (v2.4 Reversible Autonomy):\n// - reversibility namespace: rollback(), replay(), getCheckpoints(), getCheckpoint(),\n// getRollbackLog(), getCircuitBreaker(), setCircuitBreaker()\n// - SDK-Version header bumped to 1.3.0\n//\n// v1.2 changes:\n// - db.actors.* namespace (replaces db.identities.)\n// - createMapping() — create identity mapping for an actor\n// - assignRole() — assign a role to an actor\n// - orgs.addMember(), orgs.revokeMember(), orgs.listMembers(), orgs.updateMemberRole()\n// - verifyToken() — JWKS-based local token verification\n// - 7 new HybriDBErrorCode values (see @stellrai/types)\n// - actorId field in PublishEventInput (replaces identityId)\n// - SDK-Version header bumped to 1.2.0\n\nimport type {\n UUID,\n ApiResponse,\n DecisionInput,\n DecisionRequest,\n DecisionResponse,\n TriggerPipelineInput,\n PipelineExecution,\n PublishEventInput,\n HybriDBEvent,\n AuditEntry,\n PaginatedResponse,\n Actor,\n ActorContext,\n TokenPair,\n OrgMembership,\n IdentityMapping,\n // v2.4 Reversible Autonomy\n InitiateRollbackInput,\n RollbackResult,\n InitiateReplayInput,\n ReplayResult,\n Checkpoint,\n CheckpointSummary,\n RollbackLog,\n CircuitBreakerStatus,\n SetCircuitBreakerInput,\n} from '@stellrai/types';\n\n// ─── Client config ────────────────────────────────────────────────────────────\n\nexport interface HybriDBClientConfig {\n baseUrl: string;\n apiKey: string;\n timeout?: number; // ms, default 10000\n retries?: number; // default 3\n retryDelay?: number; // ms, default 500\n}\n\n// ─── Auth inputs ─────────────────────────────────────────────────────────────\n\nexport interface AuthenticateInput {\n email: string;\n password: string;\n orgId?: string;\n}\n\nexport interface CreateMappingInput {\n providerId: string;\n externalId: string;\n userId: string;\n actorId: string;\n}\n\nexport interface OrgMemberInput {\n actorId: string;\n role: string;\n}\n\nexport interface ApiKeyInput {\n name?: string;\n scopes: string[];\n expiresAt?: string;\n}\n\nexport interface AuditQueryParams {\n actorId?: string;\n action?: string;\n outcome?: string;\n decisionId?: string;\n sessionId?: string;\n from?: string;\n to?: string;\n page?: number;\n limit?: number;\n}\n\n// ─── JWKS cache (module-level — shared across instances) ─────────────────────\n\nlet jwksCache: { keys: Record<string, unknown>[] } \| null = null;\nlet jwksCachedAt = 0;\nconst JWKS_CACHE_MS = 3_600_000; // 1 hour\n\n// ─── HybriDBClient ────────────────────────────────────────────────────────────\n\nexport class HybriDBClient {\n private readonly baseUrl: string;\n private readonly apiKey: string;\n private readonly timeout: number;\n private readonly retries: number;\n private readonly retryDelay: number;\n\n constructor(config: HybriDBClientConfig) {\n if (!config.baseUrl) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: baseUrl is required');\n if (!config.apiKey) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: apiKey is required');\n\n this.baseUrl = config.baseUrl.replace(/\\/$/, '');\n this.apiKey = config.apiKey;\n this.timeout = config.timeout ?? 10_000;\n this.retries = config.retries ?? 3;\n this.retryDelay = config.retryDelay ?? 500;\n }\n\n // ─── auth — token issuance ──────────────────────────────────────────────────\n\n /* Exchange email + password for an access + refresh token pair. /\n async authenticate(input: AuthenticateInput): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/token', input);\n return this.unwrap(res);\n }\n\n /* Refresh an access token using a refresh token. /\n async refreshToken(refreshToken: string): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/refresh', { refreshToken });\n return this.unwrap(res);\n }\n\n /* Revoke the current session (requires authenticated API key/JWT). /\n async revokeSession(): Promise<void> {\n await this.delete('/api/v1/auth/token');\n }\n\n /\n Verify a JWT token locally using JWKS from the hybriDB server.\n * Returns the decoded actor context without making a decision API call.\n * JWKS is cached for 1 hour (spec: Cache-Control: max-age=3600).\n /\n async verifyToken(token: string): Promise<ActorContext> {\n const jwks = await this.getJwks();\n\n // Dynamic import — jose is optional peer dependency for token verification\n const { createRemoteJWKSet, jwtVerify } = await import('jose').catch(() => {\n throw new HybriDBError('DEPENDENCY_MISSING', 'jose is required for verifyToken() — install it: npm i jose');\n });\n\n // Build an in-memory JWKS from our cached keys\n const { createLocalJWKSet } = await import('jose');\n const keySet = createLocalJWKSet({ keys: jwks.keys as unknown as Parameters<typeof createLocalJWKSet>[0]['keys'] });\n\n const { payload } = await jwtVerify(token, keySet, { issuer: 'hybridb' });\n\n const p = payload as Record<string, unknown>;\n return {\n actorId: p['actor_id'] as string,\n actorType: p['actor_type'] as ActorContext['actorType'],\n orgId: p['org_id'] as string \| null,\n scopes: (p['scopes'] as string[]) ?? [],\n policyVersion: p['policy_version'] as number,\n };\n }\n\n /* Fetch JWKS from the hybriDB server (cached for 1 hour). /\n async getJwks(): Promise<{ keys: Record<string, unknown>[] }> {\n if (jwksCache && Date.now() - jwksCachedAt < JWKS_CACHE_MS) {\n return jwksCache;\n }\n\n const res = await this.getPublic<{ keys: Record<string, unknown>[] }>('/.well-known/jwks.json');\n const data = this.unwrap(res);\n jwksCache = data;\n jwksCachedAt = Date.now();\n return data;\n }\n\n // ─── db.actors — actor management ──────────────────────────────────────────\n\n /* Namespace for actor management operations. /\n readonly actors = {\n /* Issue an API key for an actor. Requires actor:admin scope. /\n createApiKey: async (actorId: UUID, input: ApiKeyInput): Promise<{ id: string; key: string }> => {\n const res = await this.post<{ id: string; key: string }>(\n `/api/v1/actors/${actorId}/api-keys`, input,\n );\n return this.unwrap(res);\n },\n\n /* Revoke an API key. Requires actor:admin scope. /\n revokeApiKey: async (actorId: UUID, keyId: UUID): Promise<void> => {\n await this.delete(`/api/v1/actors/${actorId}/api-keys/${keyId}`);\n },\n\n /* Create an identity mapping (external provider → actor). Requires actor:write scope. /\n createMapping: async (actorId: UUID, input: CreateMappingInput): Promise<IdentityMapping> => {\n const res = await this.post<IdentityMapping>(\n `/api/v1/actors/${actorId}/identity-mappings`, input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── orgs — organisation membership ────────────────────────────────────────\n\n /* Namespace for organisation membership operations. /\n readonly orgs = {\n /* Add a member to an organisation. Requires org:admin scope. /\n addMember: async (orgId: UUID, input: OrgMemberInput): Promise<OrgMembership> => {\n const res = await this.post<OrgMembership>(`/api/v1/orgs/${orgId}/memberships`, input);\n return this.unwrap(res);\n },\n\n /* Update a member's role. Requires org:admin scope. /\n updateMemberRole: async (orgId: UUID, actorId: UUID, role: string): Promise<OrgMembership> => {\n const res = await this.patch<OrgMembership>(\n `/api/v1/orgs/${orgId}/memberships/${actorId}`, { role },\n );\n return this.unwrap(res);\n },\n\n /* Revoke an actor's membership. Requires org:admin scope. /\n revokeMember: async (orgId: UUID, actorId: UUID): Promise<void> => {\n await this.delete(`/api/v1/orgs/${orgId}/memberships/${actorId}`);\n },\n\n /* List organisation members. Requires org:read scope. /\n listMembers: async (orgId: UUID): Promise<OrgMembership[]> => {\n const res = await this.get<OrgMembership[]>(`/api/v1/orgs/${orgId}/memberships`);\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Reversibility (v2.4) ──────────────────────────────────────────────────\n\n /* Namespace for Reversible Autonomy operations (v2.4). /\n readonly reversibility = {\n /\n Initiate a rollback for an execution.\n * Types: 'full' (all steps), 'selective' (targetSteps list), 'to_checkpoint'.\n * Requires pipeline:rollback scope.\n /\n rollback: async (executionId: UUID, input: Omit<InitiateRollbackInput, 'executionId'>): Promise<RollbackResult> => {\n const res = await this.post<RollbackResult>(`/api/v1/executions/${executionId}/rollback`, input);\n return this.unwrap(res);\n },\n\n /\n Initiate a replay from a checkpoint.\n * Creates a new child execution starting from the checkpoint's step.\n * Requires pipeline:replay scope.\n /\n replay: async (executionId: UUID, input: Omit<InitiateReplayInput, 'executionId'>): Promise<ReplayResult> => {\n const res = await this.post<ReplayResult>(`/api/v1/executions/${executionId}/replay`, input);\n return this.unwrap(res);\n },\n\n /\n List all checkpoints for an execution (ordered by step_index asc).\n * Requires pipeline:read scope.\n /\n getCheckpoints: async (executionId: UUID): Promise<CheckpointSummary[]> => {\n const res = await this.get<CheckpointSummary[]>(`/api/v1/executions/${executionId}/checkpoints`);\n return this.unwrap(res);\n },\n\n /\n Get a specific checkpoint (with checksum verification).\n * Throws REPLAY_CONTEXT_INVALID if checksum mismatches.\n * Requires pipeline:read scope.\n /\n getCheckpoint: async (executionId: UUID, checkpointId: UUID): Promise<Checkpoint> => {\n const res = await this.get<Checkpoint>(`/api/v1/executions/${executionId}/checkpoints/${checkpointId}`);\n return this.unwrap(res);\n },\n\n /\n List all rollback log entries for an execution.\n * Requires pipeline:read scope.\n /\n getRollbackLog: async (executionId: UUID): Promise<RollbackLog[]> => {\n const res = await this.get<RollbackLog[]>(`/api/v1/executions/${executionId}/rollback-log`);\n return this.unwrap(res);\n },\n\n /\n Get circuit breaker status for a pipeline.\n * Requires pipeline:read scope.\n /\n getCircuitBreaker: async (pipelineId: UUID): Promise<CircuitBreakerStatus> => {\n const res = await this.get<CircuitBreakerStatus>(`/api/v1/pipelines/${pipelineId}/circuit-breaker`);\n return this.unwrap(res);\n },\n\n /\n Open or close the circuit breaker for a pipeline.\n * Opening halts all future executions immediately.\n * Requires pipeline:circuit_breaker scope.\n /\n setCircuitBreaker: async (pipelineId: UUID, input: Omit<SetCircuitBreakerInput, 'pipelineId'>): Promise<CircuitBreakerStatus> => {\n const res = await this.post<CircuitBreakerStatus>(\n `/api/v1/pipelines/${pipelineId}/circuit-breaker`,\n input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Decisions ─────────────────────────────────────────────────────────────\n\n async requestDecision(request: DecisionInput): Promise<DecisionResponse> {\n const res = await this.post<DecisionResponse>('/api/v1/decisions', request);\n return this.unwrap(res);\n }\n\n async getDecision(decisionId: UUID): Promise<DecisionResponse> {\n const res = await this.get<DecisionResponse>(`/api/v1/decisions/${decisionId}`);\n return this.unwrap(res);\n }\n\n // ─── Pipelines ─────────────────────────────────────────────────────────────\n\n async triggerPipeline(input: TriggerPipelineInput): Promise<PipelineExecution> {\n const res = await this.post<PipelineExecution>('/api/v1/pipelines/trigger', input);\n return this.unwrap(res);\n }\n\n async getPipelineExecution(executionId: UUID): Promise<PipelineExecution> {\n const res = await this.get<PipelineExecution>(`/api/v1/pipelines/executions/${executionId}`);\n return this.unwrap(res);\n }\n\n // ─── Events ────────────────────────────────────────────────────────────────\n\n /* Publish a business event. Note: use actorId (v1.2), not identityId. /\n async publishEvent(input: PublishEventInput): Promise<HybriDBEvent> {\n const res = await this.post<HybriDBEvent>('/api/v1/events', input);\n return this.unwrap(res);\n }\n\n // ─── Audit ─────────────────────────────────────────────────────────────────\n\n async queryAuditLog(params: AuditQueryParams): Promise<PaginatedResponse<AuditEntry>> {\n const query = new URLSearchParams();\n for (const [k, v] of Object.entries(params)) {\n if (v !== undefined) query.set(k, String(v));\n }\n const res = await this.get<PaginatedResponse<AuditEntry>>(`/api/v1/audit?${query.toString()}`);\n return this.unwrap(res);\n }\n\n // ─── Health ────────────────────────────────────────────────────────────────\n\n async health(): Promise<{ status: string; version: string }> {\n const res = await this.getPublic<{ status: string; version: string }>('/health');\n return this.unwrap(res);\n }\n\n // ─── HTTP primitives ───────────────────────────────────────────────────────\n\n private async get<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, true);\n }\n\n private async getPublic<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, false);\n }\n\n private async post<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, true);\n }\n\n private async postPublic<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, false);\n }\n\n private async patch<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('PATCH', path, body, true);\n }\n\n private async delete(path: string): Promise<void> {\n await this.request<void>('DELETE', path, undefined, true);\n }\n\n private async request<T>(\n method: string,\n path: string,\n body: unknown,\n authenticated: boolean,\n attempt = 1,\n ): Promise<ApiResponse<T>> {\n const controller = new AbortController();\n const timerId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-SDK-Version': '1.3.0',\n };\n if (authenticated) {\n headers['Authorization'] = `Bearer ${this.apiKey}`;\n }\n\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers,\n ...(body !== undefined ? { body: JSON.stringify(body) } : {}),\n signal: controller.signal,\n });\n\n // 204 No Content — return success with no data\n if (response.status === 204) {\n return { success: true, data: undefined as T };\n }\n\n const json = await response.json() as ApiResponse<T>;\n\n if (!response.ok && attempt < this.retries && this.isRetryable(response.status)) {\n await this.sleep(this.retryDelay attempt);\n return this.request<T>(method, path, body, authenticated, attempt + 1);\n }\n\n return json;\n } finally {\n clearTimeout(timerId);\n }\n }\n\n private unwrap<T>(response: ApiResponse<T>): T {\n if (!response.success \|\| response.data === undefined) {\n throw new HybriDBError(\n response.error?.code ?? 'UNKNOWN_ERROR',\n response.error?.message ?? 'hybriDB request failed',\n response.error?.details,\n );\n }\n return response.data;\n }\n\n private isRetryable(status: number): boolean {\n return status === 429 \|\| status >= 500;\n }\n\n private sleep(ms: number): Promise<void> {\n return new Promise(resolve => setTimeout(resolve, ms));\n }\n}\n\n// ─── HybriDBError ─────────────────────────────────────────────────────────────\n\nexport class HybriDBError extends Error {\n constructor(\n public readonly code: string,\n message: string,\n public readonly details?: Record<string, unknown>,\n ) {\n super(message);\n this.name = 'HybriDBError';\n }\n}\n","// hybriDB SDK — v1.2\nexport { HybriDBClient, HybriDBError } from './client.js';\nexport type {\n HybriDBClientConfig,\n AuthenticateInput,\n CreateMappingInput,\n OrgMemberInput,\n ApiKeyInput,\n AuditQueryParams,\n} from './client.js';\n\n// React context — exported from '@hybridb/sdk/react' (separate entry point, browser only)\n\n// Re-export commonly used types for SDK consumers\nexport type {\n // Actor-centric (v1.2)\n Actor,\n ActorContext,\n ActorType,\n ActorStatus,\n User,\n OrgMembership,\n IdentityMapping,\n Session,\n TokenPair,\n // Decisions\n DecisionRequest,\n DecisionResponse,\n DecisionResult,\n // Pipelines\n TriggerPipelineInput,\n PipelineExecution,\n // Events — actorId (v1.2), not identityId\n PublishEventInput,\n HybriDBEvent,\n // Audit\n AuditEntry,\n AuditOutcome,\n // Policy\n Policy,\n PolicyEvaluationResult,\n // Shared\n ApiResponse,\n ApiError,\n PaginatedResponse,\n UUID,\n ISO8601,\n // Errors\n HybriDBErrorCode,\n} from '@stellrai/types';\n\n// ─── Event type constants (v1.2) ──────────────────────────────────────────────\n\nexport const HYBRIDB_EVENT_TYPES = {\n // Decisions\n DECISION_REQUESTED: 'decision.requested',\n DECISION_ALLOWED: 'decision.allowed',\n DECISION_BLOCKED: 'decision.blocked',\n DECISION_ESCALATED: 'decision.escalated',\n // Pipelines\n PIPELINE_STARTED: 'pipeline.started',\n PIPELINE_COMPLETED: 'pipeline.completed',\n PIPELINE_FAILED: 'pipeline.failed',\n PIPELINE_COMPENSATED: 'pipeline.compensated',\n // Payments\n PAYMENT_INITIATED: 'payment.initiated',\n PAYMENT_COMPLETED: 'payment.completed',\n PAYMENT_FAILED: 'payment.failed',\n PAYMENT_REVERSED: 'payment.reversed',\n // Identity (v1.2 — actor-centric)\n ACTOR_CREATED: 'actor.created',\n ACTOR_SUSPENDED: 'actor.suspended',\n ACTOR_REVOKED: 'actor.revoked',\n IDENTITY_RESOLVED: 'identity.resolved',\n IDENTITY_RESOLUTION_FAILED: 'identity.resolution_failed',\n // Policy\n POLICY_ACTIVATED: 'policy.activated',\n POLICY_DEACTIVATED: 'policy.deactivated',\n POLICY_VERSION_BUMPED: 'policy.version_bumped',\n // KYC\n KYC_SUBMITTED: 'kyc.submitted',\n KYC_APPROVED: 'kyc.approved',\n KYC_REJECTED: 'kyc.rejected',\n // AI\n AI_INFERENCE_COMPLETED: 'ai.inference_completed',\n AI_INFERENCE_FAILED: 'ai.inference_failed',\n // Fraud\n FRAUD_SIGNAL_DETECTED: 'fraud.signal_detected',\n // sync-back\n SYNC_BACK_EXHAUSTED: 'sync_back.exhausted',\n} as const;\n\nexport type HybriDBEventType = typeof HYBRIDB_EVENT_TYPES[keyof typeof HYBRIDB_EVENT_TYPES];\n"]}
1	+ {"version":3,"sources":["../src/client.ts","../src/index.ts"],"names":[],"mappings":";;;;;AAwIA,IAAI,SAAA,GAAwD,IAAA;AAC5D,IAAI,YAAA,GAAe,CAAA;AACnB,IAAM,aAAA,GAAgB,IAAA;AAIf,IAAM,gBAAN,MAAoB;AAAA,EACR,OAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,UAAA;AAAA,EAEjB,YAAY,MAAA,EAA6B;AACvC,IAAA,IAAI,CAAC,MAAA,CAAO,OAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,kCAAkC,CAAA;AAC9F,IAAA,IAAI,CAAC,MAAA,CAAO,MAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,iCAAiC,CAAA;AAE7F,IAAA,IAAA,CAAK,OAAA,GAAa,MAAA,CAAO,OAAA,CAAQ,OAAA,CAAQ,OAAO,EAAE,CAAA;AAClD,IAAA,IAAA,CAAK,SAAa,MAAA,CAAO,MAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,GAAA;AACtC,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,CAAA;AACtC,IAAA,IAAA,CAAK,UAAA,GAAa,OAAO,UAAA,IAAc,GAAA;AAAA,EACzC;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAA8C;AAC/D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,UAAA,CAAsB,sBAAsB,KAAK,CAAA;AACxE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAa,YAAA,EAA0C;AAC3D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,WAAsB,sBAAA,EAAwB,EAAE,cAAc,CAAA;AACrF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAA,GAA+B;AACnC,IAAA,MAAM,IAAA,CAAK,OAAO,oBAAoB,CAAA;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YAAY,KAAA,EAAsC;AACtD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,OAAA,EAAQ;AAGhC,IAAA,MAAM,EAAE,oBAAoB,SAAA,EAAU,GAAI,MAAM,OAAO,MAAM,CAAA,CAAE,KAAA,CAAM,MAAM;AACzE,MAAA,MAAM,IAAI,YAAA,CAAa,oBAAA,EAAsB,kEAA6D,CAAA;AAAA,IAC5G,CAAC,CAAA;AAGD,IAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,MAAM,CAAA;AACjD,IAAA,MAAM,SAAS,iBAAA,CAAkB,EAAE,IAAA,EAAM,IAAA,CAAK,MAAoE,CAAA;AAElH,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,SAAA,CAAU,OAAO,MAAA,EAAQ,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAExE,IAAA,MAAM,CAAA,GAAI,OAAA;AACV,IAAA,OAAO;AAAA,MACL,OAAA,EAAe,EAAE,UAAU,CAAA;AAAA,MAC3B,SAAA,EAAe,EAAE,YAAY,CAAA;AAAA,MAC7B,KAAA,EAAe,EAAE,QAAQ,CAAA;AAAA,MACzB,MAAA,EAAgB,CAAA,CAAE,QAAQ,CAAA,IAAkB,EAAC;AAAA,MAC7C,aAAA,EAAe,EAAE,gBAAgB;AAAA,KACnC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,OAAA,GAAwD;AAC5D,IAAA,IAAI,SAAA,IAAa,IAAA,CAAK,GAAA,EAAI,GAAI,eAAe,aAAA,EAAe;AAC1D,MAAA,OAAO,SAAA;AAAA,IACT;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,wBAAwB,CAAA;AAC9F,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,MAAA,CAAO,GAAG,CAAA;AAC5B,IAAA,SAAA,GAAe,IAAA;AACf,IAAA,YAAA,GAAe,KAAK,GAAA,EAAI;AACxB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA,EAKS,MAAA,GAAS;AAAA;AAAA,IAEhB,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA6D;AAC/F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,SAAA,CAAA;AAAA,QAAa;AAAA,OACxC;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA+B;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,eAAA,EAAkB,OAAO,CAAA,UAAA,EAAa,KAAK,CAAA,CAAE,CAAA;AAAA,IACjE,CAAA;AAAA;AAAA,IAGA,aAAA,EAAe,OAAO,OAAA,EAAe,KAAA,KAAwD;AAC3F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,kBAAA,CAAA;AAAA,QAAsB;AAAA,OACjD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,IAAA,GAAO;AAAA;AAAA,IAEd,SAAA,EAAW,OAAO,KAAA,EAAa,KAAA,KAAkD;AAC/E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAoB,CAAA,aAAA,EAAgB,KAAK,gBAAgB,KAAK,CAAA;AACrF,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,gBAAA,EAAkB,OAAO,KAAA,EAAa,OAAA,EAAe,IAAA,KAAyC;AAC5F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,KAAA;AAAA,QACrB,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAA;AAAA,QAAI,EAAE,IAAA;AAAK,OACzD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,KAAA,EAAa,OAAA,KAAiC;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,IAClE,CAAA;AAAA;AAAA,IAGA,WAAA,EAAa,OAAO,KAAA,KAA0C;AAC5D,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAqB,CAAA,aAAA,EAAgB,KAAK,CAAA,YAAA,CAAc,CAAA;AAC/E,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,aAAA,GAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMvB,QAAA,EAAU,OAAO,WAAA,EAAmB,KAAA,KAA+E;AACjH,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAqB,CAAA,mBAAA,EAAsB,WAAW,aAAa,KAAK,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAA,EAAQ,OAAO,WAAA,EAAmB,KAAA,KAA2E;AAC3G,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAmB,CAAA,mBAAA,EAAsB,WAAW,WAAW,KAAK,CAAA;AAC3F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAAoD;AACzE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAyB,CAAA,mBAAA,EAAsB,WAAW,CAAA,YAAA,CAAc,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,aAAA,EAAe,OAAO,WAAA,EAAmB,YAAA,KAA4C;AACnF,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAgB,sBAAsB,WAAW,CAAA,aAAA,EAAgB,YAAY,CAAA,CAAE,CAAA;AACtG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAA8C;AACnE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAmB,CAAA,mBAAA,EAAsB,WAAW,CAAA,aAAA,CAAe,CAAA;AAC1F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,iBAAA,EAAmB,OAAO,UAAA,KAAoD;AAC5E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAA0B,CAAA,kBAAA,EAAqB,UAAU,CAAA,gBAAA,CAAkB,CAAA;AAClG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,iBAAA,EAAmB,OAAO,UAAA,EAAkB,KAAA,KAAqF;AAC/H,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,qBAAqB,UAAU,CAAA,gBAAA,CAAA;AAAA,QAC/B;AAAA,OACF;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA,EAIA,MAAM,gBAAgB,OAAA,EAAmD;AACvE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAuB,qBAAqB,OAAO,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,YAAY,UAAA,EAA6C;AAC7D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAsB,CAAA,kBAAA,EAAqB,UAAU,CAAA,CAAE,CAAA;AAC9E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA,EAKS,SAAA,GAAY;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMnB,MAAA,EAAQ,OAAO,KAAA,KAA4D;AACzE,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAyB,qBAAqB,KAAK,CAAA;AAC1E,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyD;AAC7E,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAwB,6BAA6B,KAAK,CAAA;AACjF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAA,CAAsB,IAAA,EAAc,KAAA,EAAuD;AAC/F,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAwB,qBAAqB,kBAAA,CAAmB,IAAI,CAAC,CAAA,QAAA,CAAA,EAAY,KAAK,CAAA;AAC7G,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAA+C;AACxE,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAuB,CAAA,6BAAA,EAAgC,WAAW,CAAA,CAAE,CAAA;AAC3F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAAiD;AAClE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAmB,kBAAkB,KAAK,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,cAAc,MAAA,EAAkE;AACpF,IAAA,MAAM,KAAA,GAAQ,IAAI,eAAA,EAAgB;AAClC,IAAA,KAAA,MAAW,CAAC,CAAA,EAAG,CAAC,KAAK,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC3C,MAAA,IAAI,MAAM,MAAA,EAAW,KAAA,CAAM,IAAI,CAAA,EAAG,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC7C;AACA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAmC,iBAAiB,KAAA,CAAM,QAAA,EAAU,CAAA,CAAE,CAAA;AAC7F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,MAAA,GAAuD;AAC3D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,SAAS,CAAA;AAC/E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAc,IAAO,IAAA,EAAuC;AAC1D,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EACrD;AAAA,EAEA,MAAc,UAAa,IAAA,EAAuC;AAChE,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,KAAK,CAAA;AAAA,EACtD;AAAA,EAEA,MAAc,IAAA,CAAQ,IAAA,EAAc,IAAA,EAAwC;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,MAAc,UAAA,CAAc,IAAA,EAAc,IAAA,EAAwC;AAChF,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,KAAA,CAAS,IAAA,EAAc,IAAA,EAAwC;AAC3E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,OAAA,EAAS,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,OAAO,IAAA,EAA6B;AAChD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAc,QAAA,EAAU,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAc,OAAA,CACZ,MAAA,EACA,MACA,IAAA,EACA,aAAA,EACA,UAAU,CAAA,EACe;AACzB,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,UAAa,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,KAAK,OAAO,CAAA;AAEpE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAkC;AAAA,QACtC,cAAA,EAAiB,kBAAA;AAAA,QACjB,eAAA,EAAiB;AAAA,OACnB;AACA,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,CAAA,OAAA,EAAU,IAAA,CAAK,MAAM,CAAA,CAAA;AAAA,MAClD;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,CAAA,EAAG,KAAK,OAAO,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI;AAAA,QACrD,MAAA;AAAA,QACA,OAAA;AAAA,QACA,GAAI,IAAA,KAAS,KAAA,CAAA,GAAY,EAAE,IAAA,EAAM,KAAK,SAAA,CAAU,IAAI,CAAA,EAAE,GAAI,EAAC;AAAA,QAC3D,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAGD,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAM,KAAA,CAAA,EAAe;AAAA,MAC/C;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,MAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,OAAA,GAAU,IAAA,CAAK,WAAW,IAAA,CAAK,WAAA,CAAY,QAAA,CAAS,MAAM,CAAA,EAAG;AAC/E,QAAA,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,UAAA,GAAa,OAAO,CAAA;AAC1C,QAAA,OAAO,KAAK,OAAA,CAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,aAAA,EAAe,UAAU,CAAC,CAAA;AAAA,MACvE;AAEA,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,OAAO,CAAA;AAAA,IACtB;AAAA,EACF;AAAA,EAEQ,OAAU,QAAA,EAA6B;AAC7C,IAAA,IAAI,CAAC,QAAA,CAAS,OAAA,IAAW,QAAA,CAAS,SAAS,MAAA,EAAW;AACpD,MAAA,MAAM,IAAI,YAAA;AAAA,QACR,QAAA,CAAS,OAAO,IAAA,IAAQ,eAAA;AAAA,QACxB,QAAA,CAAS,OAAO,OAAA,IAAW,wBAAA;AAAA,QAC3B,SAAS,KAAA,EAAO;AAAA,OAClB;AAAA,IACF;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEQ,YAAY,MAAA,EAAyB;AAC3C,IAAA,OAAO,MAAA,KAAW,OAAO,MAAA,IAAU,GAAA;AAAA,EACrC;AAAA,EAEQ,MAAM,EAAA,EAA2B;AACvC,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAA,OAAA,KAAW,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AAAA,EACvD;AACF;AAIO,IAAM,YAAA,GAAN,cAA2B,KAAA,CAAM;AAAA,EACtC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,OAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,cAAA;AAAA,EACd;AACF;;;ACldO,IAAM,mBAAA,GAAsB;AAAA;AAAA,EAEjC,kBAAA,EAAyB,oBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA;AAAA,EAEzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,oBAAA,EAAyB,sBAAA;AAAA;AAAA,EAEzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,cAAA,EAAyB,gBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,aAAA,EAAyB,eAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,0BAAA,EAA4B,4BAAA;AAAA;AAAA,EAE5B,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA;AAAA,EAEzB,sBAAA,EAAyB,wBAAA;AAAA,EACzB,mBAAA,EAAyB,qBAAA;AAAA;AAAA,EAEzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,mBAAA,EAAyB;AAC3B","file":"index.cjs","sourcesContent":["// hybriDB SDK Client — v1.4\n//\n// v1.4 changes:\n// - pipelines namespace: create() — register a pipeline definition\n// - triggerPipelineByName() — trigger execution by pipeline name (URL-based)\n// - CreatePipelineInput, CreatePipelineStepInput, TriggerByNameInput types\n// - SDK-Version header bumped to 1.4.0\n//\n// v1.3 changes (v2.4 Reversible Autonomy):\n// - reversibility namespace: rollback(), replay(), getCheckpoints(), getCheckpoint(),\n// getRollbackLog(), getCircuitBreaker(), setCircuitBreaker()\n// - SDK-Version header bumped to 1.3.0\n//\n// v1.2 changes:\n// - db.actors.* namespace (replaces db.identities.)\n// - createMapping() — create identity mapping for an actor\n// - assignRole() — assign a role to an actor\n// - orgs.addMember(), orgs.revokeMember(), orgs.listMembers(), orgs.updateMemberRole()\n// - verifyToken() — JWKS-based local token verification\n// - 7 new HybriDBErrorCode values (see @stellrai/types)\n// - actorId field in PublishEventInput (replaces identityId)\n// - SDK-Version header bumped to 1.2.0\n\nimport type {\n UUID,\n ApiResponse,\n DecisionInput,\n DecisionRequest,\n DecisionResponse,\n TriggerPipelineInput,\n PipelineDefinition,\n PipelineExecution,\n StepType,\n PublishEventInput,\n HybriDBEvent,\n AuditEntry,\n PaginatedResponse,\n Actor,\n ActorContext,\n TokenPair,\n OrgMembership,\n IdentityMapping,\n // v2.4 Reversible Autonomy\n InitiateRollbackInput,\n RollbackResult,\n InitiateReplayInput,\n ReplayResult,\n Checkpoint,\n CheckpointSummary,\n RollbackLog,\n CircuitBreakerStatus,\n SetCircuitBreakerInput,\n} from '@stellrai/types';\n\n// ─── Client config ────────────────────────────────────────────────────────────\n\nexport interface HybriDBClientConfig {\n baseUrl: string;\n apiKey: string;\n timeout?: number; // ms, default 10000\n retries?: number; // default 3\n retryDelay?: number; // ms, default 500\n}\n\n// ─── Auth inputs ─────────────────────────────────────────────────────────────\n\nexport interface AuthenticateInput {\n email: string;\n password: string;\n orgId?: string;\n}\n\nexport interface CreateMappingInput {\n providerId: string;\n externalId: string;\n userId: string;\n actorId: string;\n}\n\nexport interface OrgMemberInput {\n actorId: string;\n role: string;\n}\n\nexport interface ApiKeyInput {\n name?: string;\n scopes: string[];\n expiresAt?: string;\n}\n\nexport interface CreatePipelineStepInput {\n /* Unique step identifier within this pipeline (used in dependsOn / compensationStep). /\n id: string;\n name: string;\n type: StepType;\n config?: Record<string, unknown>;\n dependsOn?: string[];\n /* Name of the step to run if this step needs to be compensated (reversed). /\n compensationStep?: string;\n /* Timeout in ms. Default: 30 000. /\n timeout?: number;\n retryPolicy?: {\n maxAttempts: number;\n backoffMs: number;\n };\n}\n\nexport interface CreatePipelineInput {\n name: string;\n description?: string;\n steps: CreatePipelineStepInput[];\n inputSchema?: Record<string, unknown>;\n outputSchema?: Record<string, unknown>;\n}\n\nexport interface TriggerByNameInput {\n input?: Record<string, unknown>;\n decisionId?: UUID;\n triggerEvent?: string;\n idempotencyKey?: string;\n}\n\nexport interface AuditQueryParams {\n actorId?: string;\n action?: string;\n outcome?: string;\n decisionId?: string;\n sessionId?: string;\n from?: string;\n to?: string;\n page?: number;\n limit?: number;\n}\n\n// ─── JWKS cache (module-level — shared across instances) ─────────────────────\n\nlet jwksCache: { keys: Record<string, unknown>[] } \| null = null;\nlet jwksCachedAt = 0;\nconst JWKS_CACHE_MS = 3_600_000; // 1 hour\n\n// ─── HybriDBClient ────────────────────────────────────────────────────────────\n\nexport class HybriDBClient {\n private readonly baseUrl: string;\n private readonly apiKey: string;\n private readonly timeout: number;\n private readonly retries: number;\n private readonly retryDelay: number;\n\n constructor(config: HybriDBClientConfig) {\n if (!config.baseUrl) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: baseUrl is required');\n if (!config.apiKey) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: apiKey is required');\n\n this.baseUrl = config.baseUrl.replace(/\\/$/, '');\n this.apiKey = config.apiKey;\n this.timeout = config.timeout ?? 10_000;\n this.retries = config.retries ?? 3;\n this.retryDelay = config.retryDelay ?? 500;\n }\n\n // ─── auth — token issuance ──────────────────────────────────────────────────\n\n /* Exchange email + password for an access + refresh token pair. /\n async authenticate(input: AuthenticateInput): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/token', input);\n return this.unwrap(res);\n }\n\n /* Refresh an access token using a refresh token. /\n async refreshToken(refreshToken: string): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/refresh', { refreshToken });\n return this.unwrap(res);\n }\n\n /* Revoke the current session (requires authenticated API key/JWT). /\n async revokeSession(): Promise<void> {\n await this.delete('/api/v1/auth/token');\n }\n\n /\n Verify a JWT token locally using JWKS from the hybriDB server.\n * Returns the decoded actor context without making a decision API call.\n * JWKS is cached for 1 hour (spec: Cache-Control: max-age=3600).\n /\n async verifyToken(token: string): Promise<ActorContext> {\n const jwks = await this.getJwks();\n\n // Dynamic import — jose is optional peer dependency for token verification\n const { createRemoteJWKSet, jwtVerify } = await import('jose').catch(() => {\n throw new HybriDBError('DEPENDENCY_MISSING', 'jose is required for verifyToken() — install it: npm i jose');\n });\n\n // Build an in-memory JWKS from our cached keys\n const { createLocalJWKSet } = await import('jose');\n const keySet = createLocalJWKSet({ keys: jwks.keys as unknown as Parameters<typeof createLocalJWKSet>[0]['keys'] });\n\n const { payload } = await jwtVerify(token, keySet, { issuer: 'hybridb' });\n\n const p = payload as Record<string, unknown>;\n return {\n actorId: p['actor_id'] as string,\n actorType: p['actor_type'] as ActorContext['actorType'],\n orgId: p['org_id'] as string \| null,\n scopes: (p['scopes'] as string[]) ?? [],\n policyVersion: p['policy_version'] as number,\n };\n }\n\n /* Fetch JWKS from the hybriDB server (cached for 1 hour). /\n async getJwks(): Promise<{ keys: Record<string, unknown>[] }> {\n if (jwksCache && Date.now() - jwksCachedAt < JWKS_CACHE_MS) {\n return jwksCache;\n }\n\n const res = await this.getPublic<{ keys: Record<string, unknown>[] }>('/.well-known/jwks.json');\n const data = this.unwrap(res);\n jwksCache = data;\n jwksCachedAt = Date.now();\n return data;\n }\n\n // ─── db.actors — actor management ──────────────────────────────────────────\n\n /* Namespace for actor management operations. /\n readonly actors = {\n /* Issue an API key for an actor. Requires actor:admin scope. /\n createApiKey: async (actorId: UUID, input: ApiKeyInput): Promise<{ id: string; key: string }> => {\n const res = await this.post<{ id: string; key: string }>(\n `/api/v1/actors/${actorId}/api-keys`, input,\n );\n return this.unwrap(res);\n },\n\n /* Revoke an API key. Requires actor:admin scope. /\n revokeApiKey: async (actorId: UUID, keyId: UUID): Promise<void> => {\n await this.delete(`/api/v1/actors/${actorId}/api-keys/${keyId}`);\n },\n\n /* Create an identity mapping (external provider → actor). Requires actor:write scope. /\n createMapping: async (actorId: UUID, input: CreateMappingInput): Promise<IdentityMapping> => {\n const res = await this.post<IdentityMapping>(\n `/api/v1/actors/${actorId}/identity-mappings`, input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── orgs — organisation membership ────────────────────────────────────────\n\n /* Namespace for organisation membership operations. /\n readonly orgs = {\n /* Add a member to an organisation. Requires org:admin scope. /\n addMember: async (orgId: UUID, input: OrgMemberInput): Promise<OrgMembership> => {\n const res = await this.post<OrgMembership>(`/api/v1/orgs/${orgId}/memberships`, input);\n return this.unwrap(res);\n },\n\n /* Update a member's role. Requires org:admin scope. /\n updateMemberRole: async (orgId: UUID, actorId: UUID, role: string): Promise<OrgMembership> => {\n const res = await this.patch<OrgMembership>(\n `/api/v1/orgs/${orgId}/memberships/${actorId}`, { role },\n );\n return this.unwrap(res);\n },\n\n /* Revoke an actor's membership. Requires org:admin scope. /\n revokeMember: async (orgId: UUID, actorId: UUID): Promise<void> => {\n await this.delete(`/api/v1/orgs/${orgId}/memberships/${actorId}`);\n },\n\n /* List organisation members. Requires org:read scope. /\n listMembers: async (orgId: UUID): Promise<OrgMembership[]> => {\n const res = await this.get<OrgMembership[]>(`/api/v1/orgs/${orgId}/memberships`);\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Reversibility (v2.4) ──────────────────────────────────────────────────\n\n /* Namespace for Reversible Autonomy operations (v2.4). /\n readonly reversibility = {\n /\n Initiate a rollback for an execution.\n * Types: 'full' (all steps), 'selective' (targetSteps list), 'to_checkpoint'.\n * Requires pipeline:rollback scope.\n /\n rollback: async (executionId: UUID, input: Omit<InitiateRollbackInput, 'executionId'>): Promise<RollbackResult> => {\n const res = await this.post<RollbackResult>(`/api/v1/executions/${executionId}/rollback`, input);\n return this.unwrap(res);\n },\n\n /\n Initiate a replay from a checkpoint.\n * Creates a new child execution starting from the checkpoint's step.\n * Requires pipeline:replay scope.\n /\n replay: async (executionId: UUID, input: Omit<InitiateReplayInput, 'executionId'>): Promise<ReplayResult> => {\n const res = await this.post<ReplayResult>(`/api/v1/executions/${executionId}/replay`, input);\n return this.unwrap(res);\n },\n\n /\n List all checkpoints for an execution (ordered by step_index asc).\n * Requires pipeline:read scope.\n /\n getCheckpoints: async (executionId: UUID): Promise<CheckpointSummary[]> => {\n const res = await this.get<CheckpointSummary[]>(`/api/v1/executions/${executionId}/checkpoints`);\n return this.unwrap(res);\n },\n\n /\n Get a specific checkpoint (with checksum verification).\n * Throws REPLAY_CONTEXT_INVALID if checksum mismatches.\n * Requires pipeline:read scope.\n /\n getCheckpoint: async (executionId: UUID, checkpointId: UUID): Promise<Checkpoint> => {\n const res = await this.get<Checkpoint>(`/api/v1/executions/${executionId}/checkpoints/${checkpointId}`);\n return this.unwrap(res);\n },\n\n /\n List all rollback log entries for an execution.\n * Requires pipeline:read scope.\n /\n getRollbackLog: async (executionId: UUID): Promise<RollbackLog[]> => {\n const res = await this.get<RollbackLog[]>(`/api/v1/executions/${executionId}/rollback-log`);\n return this.unwrap(res);\n },\n\n /\n Get circuit breaker status for a pipeline.\n * Requires pipeline:read scope.\n /\n getCircuitBreaker: async (pipelineId: UUID): Promise<CircuitBreakerStatus> => {\n const res = await this.get<CircuitBreakerStatus>(`/api/v1/pipelines/${pipelineId}/circuit-breaker`);\n return this.unwrap(res);\n },\n\n /\n Open or close the circuit breaker for a pipeline.\n * Opening halts all future executions immediately.\n * Requires pipeline:circuit_breaker scope.\n /\n setCircuitBreaker: async (pipelineId: UUID, input: Omit<SetCircuitBreakerInput, 'pipelineId'>): Promise<CircuitBreakerStatus> => {\n const res = await this.post<CircuitBreakerStatus>(\n `/api/v1/pipelines/${pipelineId}/circuit-breaker`,\n input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Decisions ─────────────────────────────────────────────────────────────\n\n async requestDecision(request: DecisionInput): Promise<DecisionResponse> {\n const res = await this.post<DecisionResponse>('/api/v1/decisions', request);\n return this.unwrap(res);\n }\n\n async getDecision(decisionId: UUID): Promise<DecisionResponse> {\n const res = await this.get<DecisionResponse>(`/api/v1/decisions/${decisionId}`);\n return this.unwrap(res);\n }\n\n // ─── Pipelines ─────────────────────────────────────────────────────────────\n\n /* Namespace for pipeline definition management. /\n readonly pipelines = {\n /\n Register a pipeline definition. Returns the definition record including its UUID,\n * which you pass to triggerPipeline() as pipelineId.\n * Requires pipeline:write scope.\n /\n create: async (input: CreatePipelineInput): Promise<PipelineDefinition> => {\n const res = await this.post<PipelineDefinition>('/api/v1/pipelines', input);\n return this.unwrap(res);\n },\n } as const;\n\n async triggerPipeline(input: TriggerPipelineInput): Promise<PipelineExecution> {\n const res = await this.post<PipelineExecution>('/api/v1/pipelines/trigger', input);\n return this.unwrap(res);\n }\n\n /\n Trigger a pipeline execution by its name instead of UUID.\n * Equivalent to triggerPipeline() but resolves the pipeline ID server-side.\n * Requires pipeline:execute scope.\n /\n async triggerPipelineByName(name: string, input: TriggerByNameInput): Promise<PipelineExecution> {\n const res = await this.post<PipelineExecution>(`/api/v1/pipelines/${encodeURIComponent(name)}/execute`, input);\n return this.unwrap(res);\n }\n\n async getPipelineExecution(executionId: UUID): Promise<PipelineExecution> {\n const res = await this.get<PipelineExecution>(`/api/v1/pipelines/executions/${executionId}`);\n return this.unwrap(res);\n }\n\n // ─── Events ────────────────────────────────────────────────────────────────\n\n /* Publish a business event. Note: use actorId (v1.2), not identityId. /\n async publishEvent(input: PublishEventInput): Promise<HybriDBEvent> {\n const res = await this.post<HybriDBEvent>('/api/v1/events', input);\n return this.unwrap(res);\n }\n\n // ─── Audit ─────────────────────────────────────────────────────────────────\n\n async queryAuditLog(params: AuditQueryParams): Promise<PaginatedResponse<AuditEntry>> {\n const query = new URLSearchParams();\n for (const [k, v] of Object.entries(params)) {\n if (v !== undefined) query.set(k, String(v));\n }\n const res = await this.get<PaginatedResponse<AuditEntry>>(`/api/v1/audit?${query.toString()}`);\n return this.unwrap(res);\n }\n\n // ─── Health ────────────────────────────────────────────────────────────────\n\n async health(): Promise<{ status: string; version: string }> {\n const res = await this.getPublic<{ status: string; version: string }>('/health');\n return this.unwrap(res);\n }\n\n // ─── HTTP primitives ───────────────────────────────────────────────────────\n\n private async get<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, true);\n }\n\n private async getPublic<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, false);\n }\n\n private async post<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, true);\n }\n\n private async postPublic<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, false);\n }\n\n private async patch<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('PATCH', path, body, true);\n }\n\n private async delete(path: string): Promise<void> {\n await this.request<void>('DELETE', path, undefined, true);\n }\n\n private async request<T>(\n method: string,\n path: string,\n body: unknown,\n authenticated: boolean,\n attempt = 1,\n ): Promise<ApiResponse<T>> {\n const controller = new AbortController();\n const timerId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-SDK-Version': '1.4.0',\n };\n if (authenticated) {\n headers['Authorization'] = `Bearer ${this.apiKey}`;\n }\n\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers,\n ...(body !== undefined ? { body: JSON.stringify(body) } : {}),\n signal: controller.signal,\n });\n\n // 204 No Content — return success with no data\n if (response.status === 204) {\n return { success: true, data: undefined as T };\n }\n\n const json = await response.json() as ApiResponse<T>;\n\n if (!response.ok && attempt < this.retries && this.isRetryable(response.status)) {\n await this.sleep(this.retryDelay attempt);\n return this.request<T>(method, path, body, authenticated, attempt + 1);\n }\n\n return json;\n } finally {\n clearTimeout(timerId);\n }\n }\n\n private unwrap<T>(response: ApiResponse<T>): T {\n if (!response.success \|\| response.data === undefined) {\n throw new HybriDBError(\n response.error?.code ?? 'UNKNOWN_ERROR',\n response.error?.message ?? 'hybriDB request failed',\n response.error?.details,\n );\n }\n return response.data;\n }\n\n private isRetryable(status: number): boolean {\n return status === 429 \|\| status >= 500;\n }\n\n private sleep(ms: number): Promise<void> {\n return new Promise(resolve => setTimeout(resolve, ms));\n }\n}\n\n// ─── HybriDBError ─────────────────────────────────────────────────────────────\n\nexport class HybriDBError extends Error {\n constructor(\n public readonly code: string,\n message: string,\n public readonly details?: Record<string, unknown>,\n ) {\n super(message);\n this.name = 'HybriDBError';\n }\n}\n","// hybriDB SDK — v1.4\nexport { HybriDBClient, HybriDBError } from './client.js';\nexport type {\n HybriDBClientConfig,\n AuthenticateInput,\n CreateMappingInput,\n OrgMemberInput,\n ApiKeyInput,\n AuditQueryParams,\n // v1.4 — pipeline self-service\n CreatePipelineInput,\n CreatePipelineStepInput,\n TriggerByNameInput,\n} from './client.js';\n\n// React context — exported from '@hybridb/sdk/react' (separate entry point, browser only)\n\n// Re-export commonly used types for SDK consumers\nexport type {\n // Actor-centric (v1.2)\n Actor,\n ActorContext,\n ActorType,\n ActorStatus,\n User,\n OrgMembership,\n IdentityMapping,\n Session,\n TokenPair,\n // Decisions\n DecisionRequest,\n DecisionResponse,\n DecisionResult,\n // Pipelines\n PipelineDefinition,\n PipelineStepDefinition,\n StepType,\n TriggerPipelineInput,\n PipelineExecution,\n // Events — actorId (v1.2), not identityId\n PublishEventInput,\n HybriDBEvent,\n // Audit\n AuditEntry,\n AuditOutcome,\n // Policy\n Policy,\n PolicyEvaluationResult,\n // Shared\n ApiResponse,\n ApiError,\n PaginatedResponse,\n UUID,\n ISO8601,\n // Errors\n HybriDBErrorCode,\n} from '@stellrai/types';\n\n// ─── Event type constants (v1.2) ──────────────────────────────────────────────\n\nexport const HYBRIDB_EVENT_TYPES = {\n // Decisions\n DECISION_REQUESTED: 'decision.requested',\n DECISION_ALLOWED: 'decision.allowed',\n DECISION_BLOCKED: 'decision.blocked',\n DECISION_ESCALATED: 'decision.escalated',\n // Pipelines\n PIPELINE_STARTED: 'pipeline.started',\n PIPELINE_COMPLETED: 'pipeline.completed',\n PIPELINE_FAILED: 'pipeline.failed',\n PIPELINE_COMPENSATED: 'pipeline.compensated',\n // Payments\n PAYMENT_INITIATED: 'payment.initiated',\n PAYMENT_COMPLETED: 'payment.completed',\n PAYMENT_FAILED: 'payment.failed',\n PAYMENT_REVERSED: 'payment.reversed',\n // Identity (v1.2 — actor-centric)\n ACTOR_CREATED: 'actor.created',\n ACTOR_SUSPENDED: 'actor.suspended',\n ACTOR_REVOKED: 'actor.revoked',\n IDENTITY_RESOLVED: 'identity.resolved',\n IDENTITY_RESOLUTION_FAILED: 'identity.resolution_failed',\n // Policy\n POLICY_ACTIVATED: 'policy.activated',\n POLICY_DEACTIVATED: 'policy.deactivated',\n POLICY_VERSION_BUMPED: 'policy.version_bumped',\n // KYC\n KYC_SUBMITTED: 'kyc.submitted',\n KYC_APPROVED: 'kyc.approved',\n KYC_REJECTED: 'kyc.rejected',\n // AI\n AI_INFERENCE_COMPLETED: 'ai.inference_completed',\n AI_INFERENCE_FAILED: 'ai.inference_failed',\n // Fraud\n FRAUD_SIGNAL_DETECTED: 'fraud.signal_detected',\n // sync-back\n SYNC_BACK_EXHAUSTED: 'sync_back.exhausted',\n} as const;\n\nexport type HybriDBEventType = typeof HYBRIDB_EVENT_TYPES[keyof typeof HYBRIDB_EVENT_TYPES];\n"]}

package/dist/index.d.cts CHANGED Viewed

@@ -1,5 +1,5 @@
-export { A as ApiKeyInput, a as AuditQueryParams, b as AuthenticateInput, C as CreateMappingInput, H as HybriDBClient, c as HybriDBClientConfig, d as HybriDBError, O as OrgMemberInput } from './client-DzNX2jDR.cjs';
-export { Actor, ActorContext, ActorStatus, ActorType, ApiError, ApiResponse, AuditEntry, AuditOutcome, DecisionRequest, DecisionResponse, DecisionResult, HybriDBErrorCode, HybriDBEvent, ISO8601, IdentityMapping, OrgMembership, PaginatedResponse, PipelineExecution, Policy, PolicyEvaluationResult, PublishEventInput, Session, TokenPair, TriggerPipelineInput, UUID, User } from './common/index.js';
+export { A as ApiKeyInput, a as AuditQueryParams, b as AuthenticateInput, C as CreateMappingInput, c as CreatePipelineInput, d as CreatePipelineStepInput, H as HybriDBClient, e as HybriDBClientConfig, f as HybriDBError, O as OrgMemberInput, T as TriggerByNameInput } from './client-DD1fNp-I.cjs';
+export { Actor, ActorContext, ActorStatus, ActorType, ApiError, ApiResponse, AuditEntry, AuditOutcome, DecisionRequest, DecisionResponse, DecisionResult, HybriDBErrorCode, HybriDBEvent, ISO8601, IdentityMapping, OrgMembership, PaginatedResponse, PipelineDefinition, PipelineExecution, PipelineStepDefinition, Policy, PolicyEvaluationResult, PublishEventInput, Session, StepType, TokenPair, TriggerPipelineInput, UUID, User } from './common/index.js';
 declare const HYBRIDB_EVENT_TYPES: {
     readonly DECISION_REQUESTED: "decision.requested";

package/dist/index.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
-export { A as ApiKeyInput, a as AuditQueryParams, b as AuthenticateInput, C as CreateMappingInput, H as HybriDBClient, c as HybriDBClientConfig, d as HybriDBError, O as OrgMemberInput } from './client-DzNX2jDR.js';
-export { Actor, ActorContext, ActorStatus, ActorType, ApiError, ApiResponse, AuditEntry, AuditOutcome, DecisionRequest, DecisionResponse, DecisionResult, HybriDBErrorCode, HybriDBEvent, ISO8601, IdentityMapping, OrgMembership, PaginatedResponse, PipelineExecution, Policy, PolicyEvaluationResult, PublishEventInput, Session, TokenPair, TriggerPipelineInput, UUID, User } from './common/index.js';
+export { A as ApiKeyInput, a as AuditQueryParams, b as AuthenticateInput, C as CreateMappingInput, c as CreatePipelineInput, d as CreatePipelineStepInput, H as HybriDBClient, e as HybriDBClientConfig, f as HybriDBError, O as OrgMemberInput, T as TriggerByNameInput } from './client-DD1fNp-I.js';
+export { Actor, ActorContext, ActorStatus, ActorType, ApiError, ApiResponse, AuditEntry, AuditOutcome, DecisionRequest, DecisionResponse, DecisionResult, HybriDBErrorCode, HybriDBEvent, ISO8601, IdentityMapping, OrgMembership, PaginatedResponse, PipelineDefinition, PipelineExecution, PipelineStepDefinition, Policy, PolicyEvaluationResult, PublishEventInput, Session, StepType, TokenPair, TriggerPipelineInput, UUID, User } from './common/index.js';
 declare const HYBRIDB_EVENT_TYPES: {
     readonly DECISION_REQUESTED: "decision.requested";

package/dist/index.js CHANGED Viewed

@@ -194,10 +194,31 @@ var HybriDBClient = class {
     return this.unwrap(res);
   }
   // ─── Pipelines ─────────────────────────────────────────────────────────────
+  /** Namespace for pipeline definition management. */
+  pipelines = {
+    /**
+     * Register a pipeline definition. Returns the definition record including its UUID,
+     * which you pass to triggerPipeline() as pipelineId.
+     * Requires pipeline:write scope.
+     */
+    create: async (input) => {
+      const res = await this.post("/api/v1/pipelines", input);
+      return this.unwrap(res);
+    }
+  };
   async triggerPipeline(input) {
     const res = await this.post("/api/v1/pipelines/trigger", input);
     return this.unwrap(res);
   }
+  /**
+   * Trigger a pipeline execution by its name instead of UUID.
+   * Equivalent to triggerPipeline() but resolves the pipeline ID server-side.
+   * Requires pipeline:execute scope.
+   */
+  async triggerPipelineByName(name, input) {
+    const res = await this.post(`/api/v1/pipelines/${encodeURIComponent(name)}/execute`, input);
+    return this.unwrap(res);
+  }
   async getPipelineExecution(executionId) {
     const res = await this.get(`/api/v1/pipelines/executions/${executionId}`);
     return this.unwrap(res);
@@ -247,7 +268,7 @@ var HybriDBClient = class {
     try {
       const headers = {
         "Content-Type": "application/json",
-        "X-SDK-Version": "1.3.0"
+        "X-SDK-Version": "1.4.0"
       };
       if (authenticated) {
         headers["Authorization"] = `Bearer ${this.apiKey}`;

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/client.ts","../src/index.ts"],"names":[],"mappings":";;;AAgGA,IAAI,SAAA,GAAwD,IAAA;AAC5D,IAAI,YAAA,GAAe,CAAA;AACnB,IAAM,aAAA,GAAgB,IAAA;AAIf,IAAM,gBAAN,MAAoB;AAAA,EACR,OAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,UAAA;AAAA,EAEjB,YAAY,MAAA,EAA6B;AACvC,IAAA,IAAI,CAAC,MAAA,CAAO,OAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,kCAAkC,CAAA;AAC9F,IAAA,IAAI,CAAC,MAAA,CAAO,MAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,iCAAiC,CAAA;AAE7F,IAAA,IAAA,CAAK,OAAA,GAAa,MAAA,CAAO,OAAA,CAAQ,OAAA,CAAQ,OAAO,EAAE,CAAA;AAClD,IAAA,IAAA,CAAK,SAAa,MAAA,CAAO,MAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,GAAA;AACtC,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,CAAA;AACtC,IAAA,IAAA,CAAK,UAAA,GAAa,OAAO,UAAA,IAAc,GAAA;AAAA,EACzC;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAA8C;AAC/D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,UAAA,CAAsB,sBAAsB,KAAK,CAAA;AACxE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAa,YAAA,EAA0C;AAC3D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,WAAsB,sBAAA,EAAwB,EAAE,cAAc,CAAA;AACrF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAA,GAA+B;AACnC,IAAA,MAAM,IAAA,CAAK,OAAO,oBAAoB,CAAA;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YAAY,KAAA,EAAsC;AACtD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,OAAA,EAAQ;AAGhC,IAAA,MAAM,EAAE,oBAAoB,SAAA,EAAU,GAAI,MAAM,OAAO,MAAM,CAAA,CAAE,KAAA,CAAM,MAAM;AACzE,MAAA,MAAM,IAAI,YAAA,CAAa,oBAAA,EAAsB,kEAA6D,CAAA;AAAA,IAC5G,CAAC,CAAA;AAGD,IAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,MAAM,CAAA;AACjD,IAAA,MAAM,SAAS,iBAAA,CAAkB,EAAE,IAAA,EAAM,IAAA,CAAK,MAAoE,CAAA;AAElH,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,SAAA,CAAU,OAAO,MAAA,EAAQ,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAExE,IAAA,MAAM,CAAA,GAAI,OAAA;AACV,IAAA,OAAO;AAAA,MACL,OAAA,EAAe,EAAE,UAAU,CAAA;AAAA,MAC3B,SAAA,EAAe,EAAE,YAAY,CAAA;AAAA,MAC7B,KAAA,EAAe,EAAE,QAAQ,CAAA;AAAA,MACzB,MAAA,EAAgB,CAAA,CAAE,QAAQ,CAAA,IAAkB,EAAC;AAAA,MAC7C,aAAA,EAAe,EAAE,gBAAgB;AAAA,KACnC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,OAAA,GAAwD;AAC5D,IAAA,IAAI,SAAA,IAAa,IAAA,CAAK,GAAA,EAAI,GAAI,eAAe,aAAA,EAAe;AAC1D,MAAA,OAAO,SAAA;AAAA,IACT;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,wBAAwB,CAAA;AAC9F,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,MAAA,CAAO,GAAG,CAAA;AAC5B,IAAA,SAAA,GAAe,IAAA;AACf,IAAA,YAAA,GAAe,KAAK,GAAA,EAAI;AACxB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA,EAKS,MAAA,GAAS;AAAA;AAAA,IAEhB,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA6D;AAC/F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,SAAA,CAAA;AAAA,QAAa;AAAA,OACxC;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA+B;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,eAAA,EAAkB,OAAO,CAAA,UAAA,EAAa,KAAK,CAAA,CAAE,CAAA;AAAA,IACjE,CAAA;AAAA;AAAA,IAGA,aAAA,EAAe,OAAO,OAAA,EAAe,KAAA,KAAwD;AAC3F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,kBAAA,CAAA;AAAA,QAAsB;AAAA,OACjD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,IAAA,GAAO;AAAA;AAAA,IAEd,SAAA,EAAW,OAAO,KAAA,EAAa,KAAA,KAAkD;AAC/E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAoB,CAAA,aAAA,EAAgB,KAAK,gBAAgB,KAAK,CAAA;AACrF,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,gBAAA,EAAkB,OAAO,KAAA,EAAa,OAAA,EAAe,IAAA,KAAyC;AAC5F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,KAAA;AAAA,QACrB,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAA;AAAA,QAAI,EAAE,IAAA;AAAK,OACzD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,KAAA,EAAa,OAAA,KAAiC;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,IAClE,CAAA;AAAA;AAAA,IAGA,WAAA,EAAa,OAAO,KAAA,KAA0C;AAC5D,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAqB,CAAA,aAAA,EAAgB,KAAK,CAAA,YAAA,CAAc,CAAA;AAC/E,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,aAAA,GAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMvB,QAAA,EAAU,OAAO,WAAA,EAAmB,KAAA,KAA+E;AACjH,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAqB,CAAA,mBAAA,EAAsB,WAAW,aAAa,KAAK,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAA,EAAQ,OAAO,WAAA,EAAmB,KAAA,KAA2E;AAC3G,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAmB,CAAA,mBAAA,EAAsB,WAAW,WAAW,KAAK,CAAA;AAC3F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAAoD;AACzE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAyB,CAAA,mBAAA,EAAsB,WAAW,CAAA,YAAA,CAAc,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,aAAA,EAAe,OAAO,WAAA,EAAmB,YAAA,KAA4C;AACnF,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAgB,sBAAsB,WAAW,CAAA,aAAA,EAAgB,YAAY,CAAA,CAAE,CAAA;AACtG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAA8C;AACnE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAmB,CAAA,mBAAA,EAAsB,WAAW,CAAA,aAAA,CAAe,CAAA;AAC1F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,iBAAA,EAAmB,OAAO,UAAA,KAAoD;AAC5E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAA0B,CAAA,kBAAA,EAAqB,UAAU,CAAA,gBAAA,CAAkB,CAAA;AAClG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,iBAAA,EAAmB,OAAO,UAAA,EAAkB,KAAA,KAAqF;AAC/H,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,qBAAqB,UAAU,CAAA,gBAAA,CAAA;AAAA,QAC/B;AAAA,OACF;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA,EAIA,MAAM,gBAAgB,OAAA,EAAmD;AACvE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAuB,qBAAqB,OAAO,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,YAAY,UAAA,EAA6C;AAC7D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAsB,CAAA,kBAAA,EAAqB,UAAU,CAAA,CAAE,CAAA;AAC9E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,gBAAgB,KAAA,EAAyD;AAC7E,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAwB,6BAA6B,KAAK,CAAA;AACjF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAA+C;AACxE,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAuB,CAAA,6BAAA,EAAgC,WAAW,CAAA,CAAE,CAAA;AAC3F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAAiD;AAClE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAmB,kBAAkB,KAAK,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,cAAc,MAAA,EAAkE;AACpF,IAAA,MAAM,KAAA,GAAQ,IAAI,eAAA,EAAgB;AAClC,IAAA,KAAA,MAAW,CAAC,CAAA,EAAG,CAAC,KAAK,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC3C,MAAA,IAAI,MAAM,MAAA,EAAW,KAAA,CAAM,IAAI,CAAA,EAAG,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC7C;AACA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAmC,iBAAiB,KAAA,CAAM,QAAA,EAAU,CAAA,CAAE,CAAA;AAC7F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,MAAA,GAAuD;AAC3D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,SAAS,CAAA;AAC/E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAc,IAAO,IAAA,EAAuC;AAC1D,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EACrD;AAAA,EAEA,MAAc,UAAa,IAAA,EAAuC;AAChE,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,KAAK,CAAA;AAAA,EACtD;AAAA,EAEA,MAAc,IAAA,CAAQ,IAAA,EAAc,IAAA,EAAwC;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,MAAc,UAAA,CAAc,IAAA,EAAc,IAAA,EAAwC;AAChF,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,KAAA,CAAS,IAAA,EAAc,IAAA,EAAwC;AAC3E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,OAAA,EAAS,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,OAAO,IAAA,EAA6B;AAChD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAc,QAAA,EAAU,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAc,OAAA,CACZ,MAAA,EACA,MACA,IAAA,EACA,aAAA,EACA,UAAU,CAAA,EACe;AACzB,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,UAAa,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,KAAK,OAAO,CAAA;AAEpE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAkC;AAAA,QACtC,cAAA,EAAiB,kBAAA;AAAA,QACjB,eAAA,EAAiB;AAAA,OACnB;AACA,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,CAAA,OAAA,EAAU,IAAA,CAAK,MAAM,CAAA,CAAA;AAAA,MAClD;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,CAAA,EAAG,KAAK,OAAO,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI;AAAA,QACrD,MAAA;AAAA,QACA,OAAA;AAAA,QACA,GAAI,IAAA,KAAS,KAAA,CAAA,GAAY,EAAE,IAAA,EAAM,KAAK,SAAA,CAAU,IAAI,CAAA,EAAE,GAAI,EAAC;AAAA,QAC3D,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAGD,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAM,KAAA,CAAA,EAAe;AAAA,MAC/C;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,MAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,OAAA,GAAU,IAAA,CAAK,WAAW,IAAA,CAAK,WAAA,CAAY,QAAA,CAAS,MAAM,CAAA,EAAG;AAC/E,QAAA,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,UAAA,GAAa,OAAO,CAAA;AAC1C,QAAA,OAAO,KAAK,OAAA,CAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,aAAA,EAAe,UAAU,CAAC,CAAA;AAAA,MACvE;AAEA,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,OAAO,CAAA;AAAA,IACtB;AAAA,EACF;AAAA,EAEQ,OAAU,QAAA,EAA6B;AAC7C,IAAA,IAAI,CAAC,QAAA,CAAS,OAAA,IAAW,QAAA,CAAS,SAAS,MAAA,EAAW;AACpD,MAAA,MAAM,IAAI,YAAA;AAAA,QACR,QAAA,CAAS,OAAO,IAAA,IAAQ,eAAA;AAAA,QACxB,QAAA,CAAS,OAAO,OAAA,IAAW,wBAAA;AAAA,QAC3B,SAAS,KAAA,EAAO;AAAA,OAClB;AAAA,IACF;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEQ,YAAY,MAAA,EAAyB;AAC3C,IAAA,OAAO,MAAA,KAAW,OAAO,MAAA,IAAU,GAAA;AAAA,EACrC;AAAA,EAEQ,MAAM,EAAA,EAA2B;AACvC,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAA,OAAA,KAAW,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AAAA,EACvD;AACF;AAIO,IAAM,YAAA,GAAN,cAA2B,KAAA,CAAM;AAAA,EACtC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,OAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,cAAA;AAAA,EACd;AACF;;;AC1ZO,IAAM,mBAAA,GAAsB;AAAA;AAAA,EAEjC,kBAAA,EAAyB,oBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA;AAAA,EAEzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,oBAAA,EAAyB,sBAAA;AAAA;AAAA,EAEzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,cAAA,EAAyB,gBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,aAAA,EAAyB,eAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,0BAAA,EAA4B,4BAAA;AAAA;AAAA,EAE5B,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA;AAAA,EAEzB,sBAAA,EAAyB,wBAAA;AAAA,EACzB,mBAAA,EAAyB,qBAAA;AAAA;AAAA,EAEzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,mBAAA,EAAyB;AAC3B","file":"index.js","sourcesContent":["// hybriDB SDK Client — v1.3\n//\n// v1.3 changes (v2.4 Reversible Autonomy):\n// - reversibility namespace: rollback(), replay(), getCheckpoints(), getCheckpoint(),\n// getRollbackLog(), getCircuitBreaker(), setCircuitBreaker()\n// - SDK-Version header bumped to 1.3.0\n//\n// v1.2 changes:\n// - db.actors.* namespace (replaces db.identities.)\n// - createMapping() — create identity mapping for an actor\n// - assignRole() — assign a role to an actor\n// - orgs.addMember(), orgs.revokeMember(), orgs.listMembers(), orgs.updateMemberRole()\n// - verifyToken() — JWKS-based local token verification\n// - 7 new HybriDBErrorCode values (see @stellrai/types)\n// - actorId field in PublishEventInput (replaces identityId)\n// - SDK-Version header bumped to 1.2.0\n\nimport type {\n UUID,\n ApiResponse,\n DecisionInput,\n DecisionRequest,\n DecisionResponse,\n TriggerPipelineInput,\n PipelineExecution,\n PublishEventInput,\n HybriDBEvent,\n AuditEntry,\n PaginatedResponse,\n Actor,\n ActorContext,\n TokenPair,\n OrgMembership,\n IdentityMapping,\n // v2.4 Reversible Autonomy\n InitiateRollbackInput,\n RollbackResult,\n InitiateReplayInput,\n ReplayResult,\n Checkpoint,\n CheckpointSummary,\n RollbackLog,\n CircuitBreakerStatus,\n SetCircuitBreakerInput,\n} from '@stellrai/types';\n\n// ─── Client config ────────────────────────────────────────────────────────────\n\nexport interface HybriDBClientConfig {\n baseUrl: string;\n apiKey: string;\n timeout?: number; // ms, default 10000\n retries?: number; // default 3\n retryDelay?: number; // ms, default 500\n}\n\n// ─── Auth inputs ─────────────────────────────────────────────────────────────\n\nexport interface AuthenticateInput {\n email: string;\n password: string;\n orgId?: string;\n}\n\nexport interface CreateMappingInput {\n providerId: string;\n externalId: string;\n userId: string;\n actorId: string;\n}\n\nexport interface OrgMemberInput {\n actorId: string;\n role: string;\n}\n\nexport interface ApiKeyInput {\n name?: string;\n scopes: string[];\n expiresAt?: string;\n}\n\nexport interface AuditQueryParams {\n actorId?: string;\n action?: string;\n outcome?: string;\n decisionId?: string;\n sessionId?: string;\n from?: string;\n to?: string;\n page?: number;\n limit?: number;\n}\n\n// ─── JWKS cache (module-level — shared across instances) ─────────────────────\n\nlet jwksCache: { keys: Record<string, unknown>[] } \| null = null;\nlet jwksCachedAt = 0;\nconst JWKS_CACHE_MS = 3_600_000; // 1 hour\n\n// ─── HybriDBClient ────────────────────────────────────────────────────────────\n\nexport class HybriDBClient {\n private readonly baseUrl: string;\n private readonly apiKey: string;\n private readonly timeout: number;\n private readonly retries: number;\n private readonly retryDelay: number;\n\n constructor(config: HybriDBClientConfig) {\n if (!config.baseUrl) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: baseUrl is required');\n if (!config.apiKey) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: apiKey is required');\n\n this.baseUrl = config.baseUrl.replace(/\\/$/, '');\n this.apiKey = config.apiKey;\n this.timeout = config.timeout ?? 10_000;\n this.retries = config.retries ?? 3;\n this.retryDelay = config.retryDelay ?? 500;\n }\n\n // ─── auth — token issuance ──────────────────────────────────────────────────\n\n /* Exchange email + password for an access + refresh token pair. /\n async authenticate(input: AuthenticateInput): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/token', input);\n return this.unwrap(res);\n }\n\n /* Refresh an access token using a refresh token. /\n async refreshToken(refreshToken: string): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/refresh', { refreshToken });\n return this.unwrap(res);\n }\n\n /* Revoke the current session (requires authenticated API key/JWT). /\n async revokeSession(): Promise<void> {\n await this.delete('/api/v1/auth/token');\n }\n\n /\n Verify a JWT token locally using JWKS from the hybriDB server.\n * Returns the decoded actor context without making a decision API call.\n * JWKS is cached for 1 hour (spec: Cache-Control: max-age=3600).\n /\n async verifyToken(token: string): Promise<ActorContext> {\n const jwks = await this.getJwks();\n\n // Dynamic import — jose is optional peer dependency for token verification\n const { createRemoteJWKSet, jwtVerify } = await import('jose').catch(() => {\n throw new HybriDBError('DEPENDENCY_MISSING', 'jose is required for verifyToken() — install it: npm i jose');\n });\n\n // Build an in-memory JWKS from our cached keys\n const { createLocalJWKSet } = await import('jose');\n const keySet = createLocalJWKSet({ keys: jwks.keys as unknown as Parameters<typeof createLocalJWKSet>[0]['keys'] });\n\n const { payload } = await jwtVerify(token, keySet, { issuer: 'hybridb' });\n\n const p = payload as Record<string, unknown>;\n return {\n actorId: p['actor_id'] as string,\n actorType: p['actor_type'] as ActorContext['actorType'],\n orgId: p['org_id'] as string \| null,\n scopes: (p['scopes'] as string[]) ?? [],\n policyVersion: p['policy_version'] as number,\n };\n }\n\n /* Fetch JWKS from the hybriDB server (cached for 1 hour). /\n async getJwks(): Promise<{ keys: Record<string, unknown>[] }> {\n if (jwksCache && Date.now() - jwksCachedAt < JWKS_CACHE_MS) {\n return jwksCache;\n }\n\n const res = await this.getPublic<{ keys: Record<string, unknown>[] }>('/.well-known/jwks.json');\n const data = this.unwrap(res);\n jwksCache = data;\n jwksCachedAt = Date.now();\n return data;\n }\n\n // ─── db.actors — actor management ──────────────────────────────────────────\n\n /* Namespace for actor management operations. /\n readonly actors = {\n /* Issue an API key for an actor. Requires actor:admin scope. /\n createApiKey: async (actorId: UUID, input: ApiKeyInput): Promise<{ id: string; key: string }> => {\n const res = await this.post<{ id: string; key: string }>(\n `/api/v1/actors/${actorId}/api-keys`, input,\n );\n return this.unwrap(res);\n },\n\n /* Revoke an API key. Requires actor:admin scope. /\n revokeApiKey: async (actorId: UUID, keyId: UUID): Promise<void> => {\n await this.delete(`/api/v1/actors/${actorId}/api-keys/${keyId}`);\n },\n\n /* Create an identity mapping (external provider → actor). Requires actor:write scope. /\n createMapping: async (actorId: UUID, input: CreateMappingInput): Promise<IdentityMapping> => {\n const res = await this.post<IdentityMapping>(\n `/api/v1/actors/${actorId}/identity-mappings`, input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── orgs — organisation membership ────────────────────────────────────────\n\n /* Namespace for organisation membership operations. /\n readonly orgs = {\n /* Add a member to an organisation. Requires org:admin scope. /\n addMember: async (orgId: UUID, input: OrgMemberInput): Promise<OrgMembership> => {\n const res = await this.post<OrgMembership>(`/api/v1/orgs/${orgId}/memberships`, input);\n return this.unwrap(res);\n },\n\n /* Update a member's role. Requires org:admin scope. /\n updateMemberRole: async (orgId: UUID, actorId: UUID, role: string): Promise<OrgMembership> => {\n const res = await this.patch<OrgMembership>(\n `/api/v1/orgs/${orgId}/memberships/${actorId}`, { role },\n );\n return this.unwrap(res);\n },\n\n /* Revoke an actor's membership. Requires org:admin scope. /\n revokeMember: async (orgId: UUID, actorId: UUID): Promise<void> => {\n await this.delete(`/api/v1/orgs/${orgId}/memberships/${actorId}`);\n },\n\n /* List organisation members. Requires org:read scope. /\n listMembers: async (orgId: UUID): Promise<OrgMembership[]> => {\n const res = await this.get<OrgMembership[]>(`/api/v1/orgs/${orgId}/memberships`);\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Reversibility (v2.4) ──────────────────────────────────────────────────\n\n /* Namespace for Reversible Autonomy operations (v2.4). /\n readonly reversibility = {\n /\n Initiate a rollback for an execution.\n * Types: 'full' (all steps), 'selective' (targetSteps list), 'to_checkpoint'.\n * Requires pipeline:rollback scope.\n /\n rollback: async (executionId: UUID, input: Omit<InitiateRollbackInput, 'executionId'>): Promise<RollbackResult> => {\n const res = await this.post<RollbackResult>(`/api/v1/executions/${executionId}/rollback`, input);\n return this.unwrap(res);\n },\n\n /\n Initiate a replay from a checkpoint.\n * Creates a new child execution starting from the checkpoint's step.\n * Requires pipeline:replay scope.\n /\n replay: async (executionId: UUID, input: Omit<InitiateReplayInput, 'executionId'>): Promise<ReplayResult> => {\n const res = await this.post<ReplayResult>(`/api/v1/executions/${executionId}/replay`, input);\n return this.unwrap(res);\n },\n\n /\n List all checkpoints for an execution (ordered by step_index asc).\n * Requires pipeline:read scope.\n /\n getCheckpoints: async (executionId: UUID): Promise<CheckpointSummary[]> => {\n const res = await this.get<CheckpointSummary[]>(`/api/v1/executions/${executionId}/checkpoints`);\n return this.unwrap(res);\n },\n\n /\n Get a specific checkpoint (with checksum verification).\n * Throws REPLAY_CONTEXT_INVALID if checksum mismatches.\n * Requires pipeline:read scope.\n /\n getCheckpoint: async (executionId: UUID, checkpointId: UUID): Promise<Checkpoint> => {\n const res = await this.get<Checkpoint>(`/api/v1/executions/${executionId}/checkpoints/${checkpointId}`);\n return this.unwrap(res);\n },\n\n /\n List all rollback log entries for an execution.\n * Requires pipeline:read scope.\n /\n getRollbackLog: async (executionId: UUID): Promise<RollbackLog[]> => {\n const res = await this.get<RollbackLog[]>(`/api/v1/executions/${executionId}/rollback-log`);\n return this.unwrap(res);\n },\n\n /\n Get circuit breaker status for a pipeline.\n * Requires pipeline:read scope.\n /\n getCircuitBreaker: async (pipelineId: UUID): Promise<CircuitBreakerStatus> => {\n const res = await this.get<CircuitBreakerStatus>(`/api/v1/pipelines/${pipelineId}/circuit-breaker`);\n return this.unwrap(res);\n },\n\n /\n Open or close the circuit breaker for a pipeline.\n * Opening halts all future executions immediately.\n * Requires pipeline:circuit_breaker scope.\n /\n setCircuitBreaker: async (pipelineId: UUID, input: Omit<SetCircuitBreakerInput, 'pipelineId'>): Promise<CircuitBreakerStatus> => {\n const res = await this.post<CircuitBreakerStatus>(\n `/api/v1/pipelines/${pipelineId}/circuit-breaker`,\n input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Decisions ─────────────────────────────────────────────────────────────\n\n async requestDecision(request: DecisionInput): Promise<DecisionResponse> {\n const res = await this.post<DecisionResponse>('/api/v1/decisions', request);\n return this.unwrap(res);\n }\n\n async getDecision(decisionId: UUID): Promise<DecisionResponse> {\n const res = await this.get<DecisionResponse>(`/api/v1/decisions/${decisionId}`);\n return this.unwrap(res);\n }\n\n // ─── Pipelines ─────────────────────────────────────────────────────────────\n\n async triggerPipeline(input: TriggerPipelineInput): Promise<PipelineExecution> {\n const res = await this.post<PipelineExecution>('/api/v1/pipelines/trigger', input);\n return this.unwrap(res);\n }\n\n async getPipelineExecution(executionId: UUID): Promise<PipelineExecution> {\n const res = await this.get<PipelineExecution>(`/api/v1/pipelines/executions/${executionId}`);\n return this.unwrap(res);\n }\n\n // ─── Events ────────────────────────────────────────────────────────────────\n\n /* Publish a business event. Note: use actorId (v1.2), not identityId. /\n async publishEvent(input: PublishEventInput): Promise<HybriDBEvent> {\n const res = await this.post<HybriDBEvent>('/api/v1/events', input);\n return this.unwrap(res);\n }\n\n // ─── Audit ─────────────────────────────────────────────────────────────────\n\n async queryAuditLog(params: AuditQueryParams): Promise<PaginatedResponse<AuditEntry>> {\n const query = new URLSearchParams();\n for (const [k, v] of Object.entries(params)) {\n if (v !== undefined) query.set(k, String(v));\n }\n const res = await this.get<PaginatedResponse<AuditEntry>>(`/api/v1/audit?${query.toString()}`);\n return this.unwrap(res);\n }\n\n // ─── Health ────────────────────────────────────────────────────────────────\n\n async health(): Promise<{ status: string; version: string }> {\n const res = await this.getPublic<{ status: string; version: string }>('/health');\n return this.unwrap(res);\n }\n\n // ─── HTTP primitives ───────────────────────────────────────────────────────\n\n private async get<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, true);\n }\n\n private async getPublic<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, false);\n }\n\n private async post<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, true);\n }\n\n private async postPublic<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, false);\n }\n\n private async patch<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('PATCH', path, body, true);\n }\n\n private async delete(path: string): Promise<void> {\n await this.request<void>('DELETE', path, undefined, true);\n }\n\n private async request<T>(\n method: string,\n path: string,\n body: unknown,\n authenticated: boolean,\n attempt = 1,\n ): Promise<ApiResponse<T>> {\n const controller = new AbortController();\n const timerId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-SDK-Version': '1.3.0',\n };\n if (authenticated) {\n headers['Authorization'] = `Bearer ${this.apiKey}`;\n }\n\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers,\n ...(body !== undefined ? { body: JSON.stringify(body) } : {}),\n signal: controller.signal,\n });\n\n // 204 No Content — return success with no data\n if (response.status === 204) {\n return { success: true, data: undefined as T };\n }\n\n const json = await response.json() as ApiResponse<T>;\n\n if (!response.ok && attempt < this.retries && this.isRetryable(response.status)) {\n await this.sleep(this.retryDelay attempt);\n return this.request<T>(method, path, body, authenticated, attempt + 1);\n }\n\n return json;\n } finally {\n clearTimeout(timerId);\n }\n }\n\n private unwrap<T>(response: ApiResponse<T>): T {\n if (!response.success \|\| response.data === undefined) {\n throw new HybriDBError(\n response.error?.code ?? 'UNKNOWN_ERROR',\n response.error?.message ?? 'hybriDB request failed',\n response.error?.details,\n );\n }\n return response.data;\n }\n\n private isRetryable(status: number): boolean {\n return status === 429 \|\| status >= 500;\n }\n\n private sleep(ms: number): Promise<void> {\n return new Promise(resolve => setTimeout(resolve, ms));\n }\n}\n\n// ─── HybriDBError ─────────────────────────────────────────────────────────────\n\nexport class HybriDBError extends Error {\n constructor(\n public readonly code: string,\n message: string,\n public readonly details?: Record<string, unknown>,\n ) {\n super(message);\n this.name = 'HybriDBError';\n }\n}\n","// hybriDB SDK — v1.2\nexport { HybriDBClient, HybriDBError } from './client.js';\nexport type {\n HybriDBClientConfig,\n AuthenticateInput,\n CreateMappingInput,\n OrgMemberInput,\n ApiKeyInput,\n AuditQueryParams,\n} from './client.js';\n\n// React context — exported from '@hybridb/sdk/react' (separate entry point, browser only)\n\n// Re-export commonly used types for SDK consumers\nexport type {\n // Actor-centric (v1.2)\n Actor,\n ActorContext,\n ActorType,\n ActorStatus,\n User,\n OrgMembership,\n IdentityMapping,\n Session,\n TokenPair,\n // Decisions\n DecisionRequest,\n DecisionResponse,\n DecisionResult,\n // Pipelines\n TriggerPipelineInput,\n PipelineExecution,\n // Events — actorId (v1.2), not identityId\n PublishEventInput,\n HybriDBEvent,\n // Audit\n AuditEntry,\n AuditOutcome,\n // Policy\n Policy,\n PolicyEvaluationResult,\n // Shared\n ApiResponse,\n ApiError,\n PaginatedResponse,\n UUID,\n ISO8601,\n // Errors\n HybriDBErrorCode,\n} from '@stellrai/types';\n\n// ─── Event type constants (v1.2) ──────────────────────────────────────────────\n\nexport const HYBRIDB_EVENT_TYPES = {\n // Decisions\n DECISION_REQUESTED: 'decision.requested',\n DECISION_ALLOWED: 'decision.allowed',\n DECISION_BLOCKED: 'decision.blocked',\n DECISION_ESCALATED: 'decision.escalated',\n // Pipelines\n PIPELINE_STARTED: 'pipeline.started',\n PIPELINE_COMPLETED: 'pipeline.completed',\n PIPELINE_FAILED: 'pipeline.failed',\n PIPELINE_COMPENSATED: 'pipeline.compensated',\n // Payments\n PAYMENT_INITIATED: 'payment.initiated',\n PAYMENT_COMPLETED: 'payment.completed',\n PAYMENT_FAILED: 'payment.failed',\n PAYMENT_REVERSED: 'payment.reversed',\n // Identity (v1.2 — actor-centric)\n ACTOR_CREATED: 'actor.created',\n ACTOR_SUSPENDED: 'actor.suspended',\n ACTOR_REVOKED: 'actor.revoked',\n IDENTITY_RESOLVED: 'identity.resolved',\n IDENTITY_RESOLUTION_FAILED: 'identity.resolution_failed',\n // Policy\n POLICY_ACTIVATED: 'policy.activated',\n POLICY_DEACTIVATED: 'policy.deactivated',\n POLICY_VERSION_BUMPED: 'policy.version_bumped',\n // KYC\n KYC_SUBMITTED: 'kyc.submitted',\n KYC_APPROVED: 'kyc.approved',\n KYC_REJECTED: 'kyc.rejected',\n // AI\n AI_INFERENCE_COMPLETED: 'ai.inference_completed',\n AI_INFERENCE_FAILED: 'ai.inference_failed',\n // Fraud\n FRAUD_SIGNAL_DETECTED: 'fraud.signal_detected',\n // sync-back\n SYNC_BACK_EXHAUSTED: 'sync_back.exhausted',\n} as const;\n\nexport type HybriDBEventType = typeof HYBRIDB_EVENT_TYPES[keyof typeof HYBRIDB_EVENT_TYPES];\n"]}
1	+ {"version":3,"sources":["../src/client.ts","../src/index.ts"],"names":[],"mappings":";;;AAwIA,IAAI,SAAA,GAAwD,IAAA;AAC5D,IAAI,YAAA,GAAe,CAAA;AACnB,IAAM,aAAA,GAAgB,IAAA;AAIf,IAAM,gBAAN,MAAoB;AAAA,EACR,OAAA;AAAA,EACA,MAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,UAAA;AAAA,EAEjB,YAAY,MAAA,EAA6B;AACvC,IAAA,IAAI,CAAC,MAAA,CAAO,OAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,kCAAkC,CAAA;AAC9F,IAAA,IAAI,CAAC,MAAA,CAAO,MAAA,QAAe,IAAI,YAAA,CAAa,gBAAgB,iCAAiC,CAAA;AAE7F,IAAA,IAAA,CAAK,OAAA,GAAa,MAAA,CAAO,OAAA,CAAQ,OAAA,CAAQ,OAAO,EAAE,CAAA;AAClD,IAAA,IAAA,CAAK,SAAa,MAAA,CAAO,MAAA;AACzB,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,GAAA;AACtC,IAAA,IAAA,CAAK,OAAA,GAAa,OAAO,OAAA,IAAa,CAAA;AACtC,IAAA,IAAA,CAAK,UAAA,GAAa,OAAO,UAAA,IAAc,GAAA;AAAA,EACzC;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAA8C;AAC/D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,UAAA,CAAsB,sBAAsB,KAAK,CAAA;AACxE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAa,YAAA,EAA0C;AAC3D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,WAAsB,sBAAA,EAAwB,EAAE,cAAc,CAAA;AACrF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAGA,MAAM,aAAA,GAA+B;AACnC,IAAA,MAAM,IAAA,CAAK,OAAO,oBAAoB,CAAA;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,YAAY,KAAA,EAAsC;AACtD,IAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,OAAA,EAAQ;AAGhC,IAAA,MAAM,EAAE,oBAAoB,SAAA,EAAU,GAAI,MAAM,OAAO,MAAM,CAAA,CAAE,KAAA,CAAM,MAAM;AACzE,MAAA,MAAM,IAAI,YAAA,CAAa,oBAAA,EAAsB,kEAA6D,CAAA;AAAA,IAC5G,CAAC,CAAA;AAGD,IAAA,MAAM,EAAE,iBAAA,EAAkB,GAAI,MAAM,OAAO,MAAM,CAAA;AACjD,IAAA,MAAM,SAAS,iBAAA,CAAkB,EAAE,IAAA,EAAM,IAAA,CAAK,MAAoE,CAAA;AAElH,IAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,SAAA,CAAU,OAAO,MAAA,EAAQ,EAAE,MAAA,EAAQ,SAAA,EAAW,CAAA;AAExE,IAAA,MAAM,CAAA,GAAI,OAAA;AACV,IAAA,OAAO;AAAA,MACL,OAAA,EAAe,EAAE,UAAU,CAAA;AAAA,MAC3B,SAAA,EAAe,EAAE,YAAY,CAAA;AAAA,MAC7B,KAAA,EAAe,EAAE,QAAQ,CAAA;AAAA,MACzB,MAAA,EAAgB,CAAA,CAAE,QAAQ,CAAA,IAAkB,EAAC;AAAA,MAC7C,aAAA,EAAe,EAAE,gBAAgB;AAAA,KACnC;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,OAAA,GAAwD;AAC5D,IAAA,IAAI,SAAA,IAAa,IAAA,CAAK,GAAA,EAAI,GAAI,eAAe,aAAA,EAAe;AAC1D,MAAA,OAAO,SAAA;AAAA,IACT;AAEA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,wBAAwB,CAAA;AAC9F,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,MAAA,CAAO,GAAG,CAAA;AAC5B,IAAA,SAAA,GAAe,IAAA;AACf,IAAA,YAAA,GAAe,KAAK,GAAA,EAAI;AACxB,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA,EAKS,MAAA,GAAS;AAAA;AAAA,IAEhB,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA6D;AAC/F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,SAAA,CAAA;AAAA,QAAa;AAAA,OACxC;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,OAAA,EAAe,KAAA,KAA+B;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,eAAA,EAAkB,OAAO,CAAA,UAAA,EAAa,KAAK,CAAA,CAAE,CAAA;AAAA,IACjE,CAAA;AAAA;AAAA,IAGA,aAAA,EAAe,OAAO,OAAA,EAAe,KAAA,KAAwD;AAC3F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,kBAAkB,OAAO,CAAA,kBAAA,CAAA;AAAA,QAAsB;AAAA,OACjD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,IAAA,GAAO;AAAA;AAAA,IAEd,SAAA,EAAW,OAAO,KAAA,EAAa,KAAA,KAAkD;AAC/E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAoB,CAAA,aAAA,EAAgB,KAAK,gBAAgB,KAAK,CAAA;AACrF,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,gBAAA,EAAkB,OAAO,KAAA,EAAa,OAAA,EAAe,IAAA,KAAyC;AAC5F,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,KAAA;AAAA,QACrB,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAA;AAAA,QAAI,EAAE,IAAA;AAAK,OACzD;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA,IAGA,YAAA,EAAc,OAAO,KAAA,EAAa,OAAA,KAAiC;AACjE,MAAA,MAAM,KAAK,MAAA,CAAO,CAAA,aAAA,EAAgB,KAAK,CAAA,aAAA,EAAgB,OAAO,CAAA,CAAE,CAAA;AAAA,IAClE,CAAA;AAAA;AAAA,IAGA,WAAA,EAAa,OAAO,KAAA,KAA0C;AAC5D,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAqB,CAAA,aAAA,EAAgB,KAAK,CAAA,YAAA,CAAc,CAAA;AAC/E,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA;AAAA,EAKS,aAAA,GAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMvB,QAAA,EAAU,OAAO,WAAA,EAAmB,KAAA,KAA+E;AACjH,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAqB,CAAA,mBAAA,EAAsB,WAAW,aAAa,KAAK,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAA,EAAQ,OAAO,WAAA,EAAmB,KAAA,KAA2E;AAC3G,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,KAAmB,CAAA,mBAAA,EAAsB,WAAW,WAAW,KAAK,CAAA;AAC3F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAAoD;AACzE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAyB,CAAA,mBAAA,EAAsB,WAAW,CAAA,YAAA,CAAc,CAAA;AAC/F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,aAAA,EAAe,OAAO,WAAA,EAAmB,YAAA,KAA4C;AACnF,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAgB,sBAAsB,WAAW,CAAA,aAAA,EAAgB,YAAY,CAAA,CAAE,CAAA;AACtG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAA,EAAgB,OAAO,WAAA,KAA8C;AACnE,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAmB,CAAA,mBAAA,EAAsB,WAAW,CAAA,aAAA,CAAe,CAAA;AAC1F,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,iBAAA,EAAmB,OAAO,UAAA,KAAoD;AAC5E,MAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAA0B,CAAA,kBAAA,EAAqB,UAAU,CAAA,gBAAA,CAAkB,CAAA;AAClG,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,iBAAA,EAAmB,OAAO,UAAA,EAAkB,KAAA,KAAqF;AAC/H,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA;AAAA,QACrB,qBAAqB,UAAU,CAAA,gBAAA,CAAA;AAAA,QAC/B;AAAA,OACF;AACA,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA;AAAA,EAIA,MAAM,gBAAgB,OAAA,EAAmD;AACvE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAuB,qBAAqB,OAAO,CAAA;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,YAAY,UAAA,EAA6C;AAC7D,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAsB,CAAA,kBAAA,EAAqB,UAAU,CAAA,CAAE,CAAA;AAC9E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA,EAKS,SAAA,GAAY;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMnB,MAAA,EAAQ,OAAO,KAAA,KAA4D;AACzE,MAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAyB,qBAAqB,KAAK,CAAA;AAC1E,MAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,IACxB;AAAA,GACF;AAAA,EAEA,MAAM,gBAAgB,KAAA,EAAyD;AAC7E,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAwB,6BAA6B,KAAK,CAAA;AACjF,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAA,CAAsB,IAAA,EAAc,KAAA,EAAuD;AAC/F,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAwB,qBAAqB,kBAAA,CAAmB,IAAI,CAAC,CAAA,QAAA,CAAA,EAAY,KAAK,CAAA;AAC7G,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAA+C;AACxE,IAAA,MAAM,MAAM,MAAM,IAAA,CAAK,GAAA,CAAuB,CAAA,6BAAA,EAAgC,WAAW,CAAA,CAAE,CAAA;AAC3F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,KAAA,EAAiD;AAClE,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,IAAA,CAAmB,kBAAkB,KAAK,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,cAAc,MAAA,EAAkE;AACpF,IAAA,MAAM,KAAA,GAAQ,IAAI,eAAA,EAAgB;AAClC,IAAA,KAAA,MAAW,CAAC,CAAA,EAAG,CAAC,KAAK,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,EAAG;AAC3C,MAAA,IAAI,MAAM,MAAA,EAAW,KAAA,CAAM,IAAI,CAAA,EAAG,MAAA,CAAO,CAAC,CAAC,CAAA;AAAA,IAC7C;AACA,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,GAAA,CAAmC,iBAAiB,KAAA,CAAM,QAAA,EAAU,CAAA,CAAE,CAAA;AAC7F,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAM,MAAA,GAAuD;AAC3D,IAAA,MAAM,GAAA,GAAM,MAAM,IAAA,CAAK,SAAA,CAA+C,SAAS,CAAA;AAC/E,IAAA,OAAO,IAAA,CAAK,OAAO,GAAG,CAAA;AAAA,EACxB;AAAA;AAAA,EAIA,MAAc,IAAO,IAAA,EAAuC;AAC1D,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EACrD;AAAA,EAEA,MAAc,UAAa,IAAA,EAAuC;AAChE,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,KAAA,EAAO,IAAA,EAAM,QAAW,KAAK,CAAA;AAAA,EACtD;AAAA,EAEA,MAAc,IAAA,CAAQ,IAAA,EAAc,IAAA,EAAwC;AAC1E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EACjD;AAAA,EAEA,MAAc,UAAA,CAAc,IAAA,EAAc,IAAA,EAAwC;AAChF,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,MAAA,EAAQ,IAAA,EAAM,MAAM,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,KAAA,CAAS,IAAA,EAAc,IAAA,EAAwC;AAC3E,IAAA,OAAO,IAAA,CAAK,OAAA,CAAW,OAAA,EAAS,IAAA,EAAM,MAAM,IAAI,CAAA;AAAA,EAClD;AAAA,EAEA,MAAc,OAAO,IAAA,EAA6B;AAChD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAc,QAAA,EAAU,IAAA,EAAM,QAAW,IAAI,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAc,OAAA,CACZ,MAAA,EACA,MACA,IAAA,EACA,aAAA,EACA,UAAU,CAAA,EACe;AACzB,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,UAAa,UAAA,CAAW,MAAM,WAAW,KAAA,EAAM,EAAG,KAAK,OAAO,CAAA;AAEpE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAkC;AAAA,QACtC,cAAA,EAAiB,kBAAA;AAAA,QACjB,eAAA,EAAiB;AAAA,OACnB;AACA,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,OAAA,CAAQ,eAAe,CAAA,GAAI,CAAA,OAAA,EAAU,IAAA,CAAK,MAAM,CAAA,CAAA;AAAA,MAClD;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,CAAA,EAAG,KAAK,OAAO,CAAA,EAAG,IAAI,CAAA,CAAA,EAAI;AAAA,QACrD,MAAA;AAAA,QACA,OAAA;AAAA,QACA,GAAI,IAAA,KAAS,KAAA,CAAA,GAAY,EAAE,IAAA,EAAM,KAAK,SAAA,CAAU,IAAI,CAAA,EAAE,GAAI,EAAC;AAAA,QAC3D,QAAQ,UAAA,CAAW;AAAA,OACpB,CAAA;AAGD,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAM,KAAA,CAAA,EAAe;AAAA,MAC/C;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AAEjC,MAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,OAAA,GAAU,IAAA,CAAK,WAAW,IAAA,CAAK,WAAA,CAAY,QAAA,CAAS,MAAM,CAAA,EAAG;AAC/E,QAAA,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,UAAA,GAAa,OAAO,CAAA;AAC1C,QAAA,OAAO,KAAK,OAAA,CAAW,MAAA,EAAQ,MAAM,IAAA,EAAM,aAAA,EAAe,UAAU,CAAC,CAAA;AAAA,MACvE;AAEA,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,OAAO,CAAA;AAAA,IACtB;AAAA,EACF;AAAA,EAEQ,OAAU,QAAA,EAA6B;AAC7C,IAAA,IAAI,CAAC,QAAA,CAAS,OAAA,IAAW,QAAA,CAAS,SAAS,MAAA,EAAW;AACpD,MAAA,MAAM,IAAI,YAAA;AAAA,QACR,QAAA,CAAS,OAAO,IAAA,IAAQ,eAAA;AAAA,QACxB,QAAA,CAAS,OAAO,OAAA,IAAW,wBAAA;AAAA,QAC3B,SAAS,KAAA,EAAO;AAAA,OAClB;AAAA,IACF;AACA,IAAA,OAAO,QAAA,CAAS,IAAA;AAAA,EAClB;AAAA,EAEQ,YAAY,MAAA,EAAyB;AAC3C,IAAA,OAAO,MAAA,KAAW,OAAO,MAAA,IAAU,GAAA;AAAA,EACrC;AAAA,EAEQ,MAAM,EAAA,EAA2B;AACvC,IAAA,OAAO,IAAI,OAAA,CAAQ,CAAA,OAAA,KAAW,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AAAA,EACvD;AACF;AAIO,IAAM,YAAA,GAAN,cAA2B,KAAA,CAAM;AAAA,EACtC,WAAA,CACkB,IAAA,EAChB,OAAA,EACgB,OAAA,EAChB;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJG,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAGhB,IAAA,IAAA,CAAK,IAAA,GAAO,cAAA;AAAA,EACd;AACF;;;ACldO,IAAM,mBAAA,GAAsB;AAAA;AAAA,EAEjC,kBAAA,EAAyB,oBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA;AAAA,EAEzB,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,oBAAA,EAAyB,sBAAA;AAAA;AAAA,EAEzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,cAAA,EAAyB,gBAAA;AAAA,EACzB,gBAAA,EAAyB,kBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,eAAA,EAAyB,iBAAA;AAAA,EACzB,aAAA,EAAyB,eAAA;AAAA,EACzB,iBAAA,EAAyB,mBAAA;AAAA,EACzB,0BAAA,EAA4B,4BAAA;AAAA;AAAA,EAE5B,gBAAA,EAAyB,kBAAA;AAAA,EACzB,kBAAA,EAAyB,oBAAA;AAAA,EACzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,aAAA,EAAyB,eAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA,EACzB,YAAA,EAAyB,cAAA;AAAA;AAAA,EAEzB,sBAAA,EAAyB,wBAAA;AAAA,EACzB,mBAAA,EAAyB,qBAAA;AAAA;AAAA,EAEzB,qBAAA,EAAyB,uBAAA;AAAA;AAAA,EAEzB,mBAAA,EAAyB;AAC3B","file":"index.js","sourcesContent":["// hybriDB SDK Client — v1.4\n//\n// v1.4 changes:\n// - pipelines namespace: create() — register a pipeline definition\n// - triggerPipelineByName() — trigger execution by pipeline name (URL-based)\n// - CreatePipelineInput, CreatePipelineStepInput, TriggerByNameInput types\n// - SDK-Version header bumped to 1.4.0\n//\n// v1.3 changes (v2.4 Reversible Autonomy):\n// - reversibility namespace: rollback(), replay(), getCheckpoints(), getCheckpoint(),\n// getRollbackLog(), getCircuitBreaker(), setCircuitBreaker()\n// - SDK-Version header bumped to 1.3.0\n//\n// v1.2 changes:\n// - db.actors.* namespace (replaces db.identities.)\n// - createMapping() — create identity mapping for an actor\n// - assignRole() — assign a role to an actor\n// - orgs.addMember(), orgs.revokeMember(), orgs.listMembers(), orgs.updateMemberRole()\n// - verifyToken() — JWKS-based local token verification\n// - 7 new HybriDBErrorCode values (see @stellrai/types)\n// - actorId field in PublishEventInput (replaces identityId)\n// - SDK-Version header bumped to 1.2.0\n\nimport type {\n UUID,\n ApiResponse,\n DecisionInput,\n DecisionRequest,\n DecisionResponse,\n TriggerPipelineInput,\n PipelineDefinition,\n PipelineExecution,\n StepType,\n PublishEventInput,\n HybriDBEvent,\n AuditEntry,\n PaginatedResponse,\n Actor,\n ActorContext,\n TokenPair,\n OrgMembership,\n IdentityMapping,\n // v2.4 Reversible Autonomy\n InitiateRollbackInput,\n RollbackResult,\n InitiateReplayInput,\n ReplayResult,\n Checkpoint,\n CheckpointSummary,\n RollbackLog,\n CircuitBreakerStatus,\n SetCircuitBreakerInput,\n} from '@stellrai/types';\n\n// ─── Client config ────────────────────────────────────────────────────────────\n\nexport interface HybriDBClientConfig {\n baseUrl: string;\n apiKey: string;\n timeout?: number; // ms, default 10000\n retries?: number; // default 3\n retryDelay?: number; // ms, default 500\n}\n\n// ─── Auth inputs ─────────────────────────────────────────────────────────────\n\nexport interface AuthenticateInput {\n email: string;\n password: string;\n orgId?: string;\n}\n\nexport interface CreateMappingInput {\n providerId: string;\n externalId: string;\n userId: string;\n actorId: string;\n}\n\nexport interface OrgMemberInput {\n actorId: string;\n role: string;\n}\n\nexport interface ApiKeyInput {\n name?: string;\n scopes: string[];\n expiresAt?: string;\n}\n\nexport interface CreatePipelineStepInput {\n /* Unique step identifier within this pipeline (used in dependsOn / compensationStep). /\n id: string;\n name: string;\n type: StepType;\n config?: Record<string, unknown>;\n dependsOn?: string[];\n /* Name of the step to run if this step needs to be compensated (reversed). /\n compensationStep?: string;\n /* Timeout in ms. Default: 30 000. /\n timeout?: number;\n retryPolicy?: {\n maxAttempts: number;\n backoffMs: number;\n };\n}\n\nexport interface CreatePipelineInput {\n name: string;\n description?: string;\n steps: CreatePipelineStepInput[];\n inputSchema?: Record<string, unknown>;\n outputSchema?: Record<string, unknown>;\n}\n\nexport interface TriggerByNameInput {\n input?: Record<string, unknown>;\n decisionId?: UUID;\n triggerEvent?: string;\n idempotencyKey?: string;\n}\n\nexport interface AuditQueryParams {\n actorId?: string;\n action?: string;\n outcome?: string;\n decisionId?: string;\n sessionId?: string;\n from?: string;\n to?: string;\n page?: number;\n limit?: number;\n}\n\n// ─── JWKS cache (module-level — shared across instances) ─────────────────────\n\nlet jwksCache: { keys: Record<string, unknown>[] } \| null = null;\nlet jwksCachedAt = 0;\nconst JWKS_CACHE_MS = 3_600_000; // 1 hour\n\n// ─── HybriDBClient ────────────────────────────────────────────────────────────\n\nexport class HybriDBClient {\n private readonly baseUrl: string;\n private readonly apiKey: string;\n private readonly timeout: number;\n private readonly retries: number;\n private readonly retryDelay: number;\n\n constructor(config: HybriDBClientConfig) {\n if (!config.baseUrl) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: baseUrl is required');\n if (!config.apiKey) throw new HybriDBError('CONFIG_ERROR', 'hybriDB SDK: apiKey is required');\n\n this.baseUrl = config.baseUrl.replace(/\\/$/, '');\n this.apiKey = config.apiKey;\n this.timeout = config.timeout ?? 10_000;\n this.retries = config.retries ?? 3;\n this.retryDelay = config.retryDelay ?? 500;\n }\n\n // ─── auth — token issuance ──────────────────────────────────────────────────\n\n /* Exchange email + password for an access + refresh token pair. /\n async authenticate(input: AuthenticateInput): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/token', input);\n return this.unwrap(res);\n }\n\n /* Refresh an access token using a refresh token. /\n async refreshToken(refreshToken: string): Promise<TokenPair> {\n const res = await this.postPublic<TokenPair>('/api/v1/auth/refresh', { refreshToken });\n return this.unwrap(res);\n }\n\n /* Revoke the current session (requires authenticated API key/JWT). /\n async revokeSession(): Promise<void> {\n await this.delete('/api/v1/auth/token');\n }\n\n /\n Verify a JWT token locally using JWKS from the hybriDB server.\n * Returns the decoded actor context without making a decision API call.\n * JWKS is cached for 1 hour (spec: Cache-Control: max-age=3600).\n /\n async verifyToken(token: string): Promise<ActorContext> {\n const jwks = await this.getJwks();\n\n // Dynamic import — jose is optional peer dependency for token verification\n const { createRemoteJWKSet, jwtVerify } = await import('jose').catch(() => {\n throw new HybriDBError('DEPENDENCY_MISSING', 'jose is required for verifyToken() — install it: npm i jose');\n });\n\n // Build an in-memory JWKS from our cached keys\n const { createLocalJWKSet } = await import('jose');\n const keySet = createLocalJWKSet({ keys: jwks.keys as unknown as Parameters<typeof createLocalJWKSet>[0]['keys'] });\n\n const { payload } = await jwtVerify(token, keySet, { issuer: 'hybridb' });\n\n const p = payload as Record<string, unknown>;\n return {\n actorId: p['actor_id'] as string,\n actorType: p['actor_type'] as ActorContext['actorType'],\n orgId: p['org_id'] as string \| null,\n scopes: (p['scopes'] as string[]) ?? [],\n policyVersion: p['policy_version'] as number,\n };\n }\n\n /* Fetch JWKS from the hybriDB server (cached for 1 hour). /\n async getJwks(): Promise<{ keys: Record<string, unknown>[] }> {\n if (jwksCache && Date.now() - jwksCachedAt < JWKS_CACHE_MS) {\n return jwksCache;\n }\n\n const res = await this.getPublic<{ keys: Record<string, unknown>[] }>('/.well-known/jwks.json');\n const data = this.unwrap(res);\n jwksCache = data;\n jwksCachedAt = Date.now();\n return data;\n }\n\n // ─── db.actors — actor management ──────────────────────────────────────────\n\n /* Namespace for actor management operations. /\n readonly actors = {\n /* Issue an API key for an actor. Requires actor:admin scope. /\n createApiKey: async (actorId: UUID, input: ApiKeyInput): Promise<{ id: string; key: string }> => {\n const res = await this.post<{ id: string; key: string }>(\n `/api/v1/actors/${actorId}/api-keys`, input,\n );\n return this.unwrap(res);\n },\n\n /* Revoke an API key. Requires actor:admin scope. /\n revokeApiKey: async (actorId: UUID, keyId: UUID): Promise<void> => {\n await this.delete(`/api/v1/actors/${actorId}/api-keys/${keyId}`);\n },\n\n /* Create an identity mapping (external provider → actor). Requires actor:write scope. /\n createMapping: async (actorId: UUID, input: CreateMappingInput): Promise<IdentityMapping> => {\n const res = await this.post<IdentityMapping>(\n `/api/v1/actors/${actorId}/identity-mappings`, input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── orgs — organisation membership ────────────────────────────────────────\n\n /* Namespace for organisation membership operations. /\n readonly orgs = {\n /* Add a member to an organisation. Requires org:admin scope. /\n addMember: async (orgId: UUID, input: OrgMemberInput): Promise<OrgMembership> => {\n const res = await this.post<OrgMembership>(`/api/v1/orgs/${orgId}/memberships`, input);\n return this.unwrap(res);\n },\n\n /* Update a member's role. Requires org:admin scope. /\n updateMemberRole: async (orgId: UUID, actorId: UUID, role: string): Promise<OrgMembership> => {\n const res = await this.patch<OrgMembership>(\n `/api/v1/orgs/${orgId}/memberships/${actorId}`, { role },\n );\n return this.unwrap(res);\n },\n\n /* Revoke an actor's membership. Requires org:admin scope. /\n revokeMember: async (orgId: UUID, actorId: UUID): Promise<void> => {\n await this.delete(`/api/v1/orgs/${orgId}/memberships/${actorId}`);\n },\n\n /* List organisation members. Requires org:read scope. /\n listMembers: async (orgId: UUID): Promise<OrgMembership[]> => {\n const res = await this.get<OrgMembership[]>(`/api/v1/orgs/${orgId}/memberships`);\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Reversibility (v2.4) ──────────────────────────────────────────────────\n\n /* Namespace for Reversible Autonomy operations (v2.4). /\n readonly reversibility = {\n /\n Initiate a rollback for an execution.\n * Types: 'full' (all steps), 'selective' (targetSteps list), 'to_checkpoint'.\n * Requires pipeline:rollback scope.\n /\n rollback: async (executionId: UUID, input: Omit<InitiateRollbackInput, 'executionId'>): Promise<RollbackResult> => {\n const res = await this.post<RollbackResult>(`/api/v1/executions/${executionId}/rollback`, input);\n return this.unwrap(res);\n },\n\n /\n Initiate a replay from a checkpoint.\n * Creates a new child execution starting from the checkpoint's step.\n * Requires pipeline:replay scope.\n /\n replay: async (executionId: UUID, input: Omit<InitiateReplayInput, 'executionId'>): Promise<ReplayResult> => {\n const res = await this.post<ReplayResult>(`/api/v1/executions/${executionId}/replay`, input);\n return this.unwrap(res);\n },\n\n /\n List all checkpoints for an execution (ordered by step_index asc).\n * Requires pipeline:read scope.\n /\n getCheckpoints: async (executionId: UUID): Promise<CheckpointSummary[]> => {\n const res = await this.get<CheckpointSummary[]>(`/api/v1/executions/${executionId}/checkpoints`);\n return this.unwrap(res);\n },\n\n /\n Get a specific checkpoint (with checksum verification).\n * Throws REPLAY_CONTEXT_INVALID if checksum mismatches.\n * Requires pipeline:read scope.\n /\n getCheckpoint: async (executionId: UUID, checkpointId: UUID): Promise<Checkpoint> => {\n const res = await this.get<Checkpoint>(`/api/v1/executions/${executionId}/checkpoints/${checkpointId}`);\n return this.unwrap(res);\n },\n\n /\n List all rollback log entries for an execution.\n * Requires pipeline:read scope.\n /\n getRollbackLog: async (executionId: UUID): Promise<RollbackLog[]> => {\n const res = await this.get<RollbackLog[]>(`/api/v1/executions/${executionId}/rollback-log`);\n return this.unwrap(res);\n },\n\n /\n Get circuit breaker status for a pipeline.\n * Requires pipeline:read scope.\n /\n getCircuitBreaker: async (pipelineId: UUID): Promise<CircuitBreakerStatus> => {\n const res = await this.get<CircuitBreakerStatus>(`/api/v1/pipelines/${pipelineId}/circuit-breaker`);\n return this.unwrap(res);\n },\n\n /\n Open or close the circuit breaker for a pipeline.\n * Opening halts all future executions immediately.\n * Requires pipeline:circuit_breaker scope.\n /\n setCircuitBreaker: async (pipelineId: UUID, input: Omit<SetCircuitBreakerInput, 'pipelineId'>): Promise<CircuitBreakerStatus> => {\n const res = await this.post<CircuitBreakerStatus>(\n `/api/v1/pipelines/${pipelineId}/circuit-breaker`,\n input,\n );\n return this.unwrap(res);\n },\n } as const;\n\n // ─── Decisions ─────────────────────────────────────────────────────────────\n\n async requestDecision(request: DecisionInput): Promise<DecisionResponse> {\n const res = await this.post<DecisionResponse>('/api/v1/decisions', request);\n return this.unwrap(res);\n }\n\n async getDecision(decisionId: UUID): Promise<DecisionResponse> {\n const res = await this.get<DecisionResponse>(`/api/v1/decisions/${decisionId}`);\n return this.unwrap(res);\n }\n\n // ─── Pipelines ─────────────────────────────────────────────────────────────\n\n /* Namespace for pipeline definition management. /\n readonly pipelines = {\n /\n Register a pipeline definition. Returns the definition record including its UUID,\n * which you pass to triggerPipeline() as pipelineId.\n * Requires pipeline:write scope.\n /\n create: async (input: CreatePipelineInput): Promise<PipelineDefinition> => {\n const res = await this.post<PipelineDefinition>('/api/v1/pipelines', input);\n return this.unwrap(res);\n },\n } as const;\n\n async triggerPipeline(input: TriggerPipelineInput): Promise<PipelineExecution> {\n const res = await this.post<PipelineExecution>('/api/v1/pipelines/trigger', input);\n return this.unwrap(res);\n }\n\n /\n Trigger a pipeline execution by its name instead of UUID.\n * Equivalent to triggerPipeline() but resolves the pipeline ID server-side.\n * Requires pipeline:execute scope.\n /\n async triggerPipelineByName(name: string, input: TriggerByNameInput): Promise<PipelineExecution> {\n const res = await this.post<PipelineExecution>(`/api/v1/pipelines/${encodeURIComponent(name)}/execute`, input);\n return this.unwrap(res);\n }\n\n async getPipelineExecution(executionId: UUID): Promise<PipelineExecution> {\n const res = await this.get<PipelineExecution>(`/api/v1/pipelines/executions/${executionId}`);\n return this.unwrap(res);\n }\n\n // ─── Events ────────────────────────────────────────────────────────────────\n\n /* Publish a business event. Note: use actorId (v1.2), not identityId. /\n async publishEvent(input: PublishEventInput): Promise<HybriDBEvent> {\n const res = await this.post<HybriDBEvent>('/api/v1/events', input);\n return this.unwrap(res);\n }\n\n // ─── Audit ─────────────────────────────────────────────────────────────────\n\n async queryAuditLog(params: AuditQueryParams): Promise<PaginatedResponse<AuditEntry>> {\n const query = new URLSearchParams();\n for (const [k, v] of Object.entries(params)) {\n if (v !== undefined) query.set(k, String(v));\n }\n const res = await this.get<PaginatedResponse<AuditEntry>>(`/api/v1/audit?${query.toString()}`);\n return this.unwrap(res);\n }\n\n // ─── Health ────────────────────────────────────────────────────────────────\n\n async health(): Promise<{ status: string; version: string }> {\n const res = await this.getPublic<{ status: string; version: string }>('/health');\n return this.unwrap(res);\n }\n\n // ─── HTTP primitives ───────────────────────────────────────────────────────\n\n private async get<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, true);\n }\n\n private async getPublic<T>(path: string): Promise<ApiResponse<T>> {\n return this.request<T>('GET', path, undefined, false);\n }\n\n private async post<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, true);\n }\n\n private async postPublic<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('POST', path, body, false);\n }\n\n private async patch<T>(path: string, body: unknown): Promise<ApiResponse<T>> {\n return this.request<T>('PATCH', path, body, true);\n }\n\n private async delete(path: string): Promise<void> {\n await this.request<void>('DELETE', path, undefined, true);\n }\n\n private async request<T>(\n method: string,\n path: string,\n body: unknown,\n authenticated: boolean,\n attempt = 1,\n ): Promise<ApiResponse<T>> {\n const controller = new AbortController();\n const timerId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n 'X-SDK-Version': '1.4.0',\n };\n if (authenticated) {\n headers['Authorization'] = `Bearer ${this.apiKey}`;\n }\n\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers,\n ...(body !== undefined ? { body: JSON.stringify(body) } : {}),\n signal: controller.signal,\n });\n\n // 204 No Content — return success with no data\n if (response.status === 204) {\n return { success: true, data: undefined as T };\n }\n\n const json = await response.json() as ApiResponse<T>;\n\n if (!response.ok && attempt < this.retries && this.isRetryable(response.status)) {\n await this.sleep(this.retryDelay attempt);\n return this.request<T>(method, path, body, authenticated, attempt + 1);\n }\n\n return json;\n } finally {\n clearTimeout(timerId);\n }\n }\n\n private unwrap<T>(response: ApiResponse<T>): T {\n if (!response.success \|\| response.data === undefined) {\n throw new HybriDBError(\n response.error?.code ?? 'UNKNOWN_ERROR',\n response.error?.message ?? 'hybriDB request failed',\n response.error?.details,\n );\n }\n return response.data;\n }\n\n private isRetryable(status: number): boolean {\n return status === 429 \|\| status >= 500;\n }\n\n private sleep(ms: number): Promise<void> {\n return new Promise(resolve => setTimeout(resolve, ms));\n }\n}\n\n// ─── HybriDBError ─────────────────────────────────────────────────────────────\n\nexport class HybriDBError extends Error {\n constructor(\n public readonly code: string,\n message: string,\n public readonly details?: Record<string, unknown>,\n ) {\n super(message);\n this.name = 'HybriDBError';\n }\n}\n","// hybriDB SDK — v1.4\nexport { HybriDBClient, HybriDBError } from './client.js';\nexport type {\n HybriDBClientConfig,\n AuthenticateInput,\n CreateMappingInput,\n OrgMemberInput,\n ApiKeyInput,\n AuditQueryParams,\n // v1.4 — pipeline self-service\n CreatePipelineInput,\n CreatePipelineStepInput,\n TriggerByNameInput,\n} from './client.js';\n\n// React context — exported from '@hybridb/sdk/react' (separate entry point, browser only)\n\n// Re-export commonly used types for SDK consumers\nexport type {\n // Actor-centric (v1.2)\n Actor,\n ActorContext,\n ActorType,\n ActorStatus,\n User,\n OrgMembership,\n IdentityMapping,\n Session,\n TokenPair,\n // Decisions\n DecisionRequest,\n DecisionResponse,\n DecisionResult,\n // Pipelines\n PipelineDefinition,\n PipelineStepDefinition,\n StepType,\n TriggerPipelineInput,\n PipelineExecution,\n // Events — actorId (v1.2), not identityId\n PublishEventInput,\n HybriDBEvent,\n // Audit\n AuditEntry,\n AuditOutcome,\n // Policy\n Policy,\n PolicyEvaluationResult,\n // Shared\n ApiResponse,\n ApiError,\n PaginatedResponse,\n UUID,\n ISO8601,\n // Errors\n HybriDBErrorCode,\n} from '@stellrai/types';\n\n// ─── Event type constants (v1.2) ──────────────────────────────────────────────\n\nexport const HYBRIDB_EVENT_TYPES = {\n // Decisions\n DECISION_REQUESTED: 'decision.requested',\n DECISION_ALLOWED: 'decision.allowed',\n DECISION_BLOCKED: 'decision.blocked',\n DECISION_ESCALATED: 'decision.escalated',\n // Pipelines\n PIPELINE_STARTED: 'pipeline.started',\n PIPELINE_COMPLETED: 'pipeline.completed',\n PIPELINE_FAILED: 'pipeline.failed',\n PIPELINE_COMPENSATED: 'pipeline.compensated',\n // Payments\n PAYMENT_INITIATED: 'payment.initiated',\n PAYMENT_COMPLETED: 'payment.completed',\n PAYMENT_FAILED: 'payment.failed',\n PAYMENT_REVERSED: 'payment.reversed',\n // Identity (v1.2 — actor-centric)\n ACTOR_CREATED: 'actor.created',\n ACTOR_SUSPENDED: 'actor.suspended',\n ACTOR_REVOKED: 'actor.revoked',\n IDENTITY_RESOLVED: 'identity.resolved',\n IDENTITY_RESOLUTION_FAILED: 'identity.resolution_failed',\n // Policy\n POLICY_ACTIVATED: 'policy.activated',\n POLICY_DEACTIVATED: 'policy.deactivated',\n POLICY_VERSION_BUMPED: 'policy.version_bumped',\n // KYC\n KYC_SUBMITTED: 'kyc.submitted',\n KYC_APPROVED: 'kyc.approved',\n KYC_REJECTED: 'kyc.rejected',\n // AI\n AI_INFERENCE_COMPLETED: 'ai.inference_completed',\n AI_INFERENCE_FAILED: 'ai.inference_failed',\n // Fraud\n FRAUD_SIGNAL_DETECTED: 'fraud.signal_detected',\n // sync-back\n SYNC_BACK_EXHAUSTED: 'sync_back.exhausted',\n} as const;\n\nexport type HybriDBEventType = typeof HYBRIDB_EVENT_TYPES[keyof typeof HYBRIDB_EVENT_TYPES];\n"]}

package/dist/react.d.cts CHANGED Viewed

@@ -1,5 +1,5 @@
 import React from 'react';
-import { H as HybriDBClient } from './client-DzNX2jDR.cjs';
+import { H as HybriDBClient } from './client-DD1fNp-I.cjs';
 import './common/index.js';
 interface HybriDBContextValue {

package/dist/react.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import React from 'react';
-import { H as HybriDBClient } from './client-DzNX2jDR.js';
+import { H as HybriDBClient } from './client-DD1fNp-I.js';
 import './common/index.js';
 interface HybriDBContextValue {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@hybridb/sdk",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "description": "Official TypeScript SDK for the Stellrai governed execution runtime",
   "keywords": [
     "hybridb",