@intutic/shared-types 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.dist/anomaly.d.ts +227 -0
- package/.dist/anomaly.d.ts.map +1 -0
- package/.dist/anomaly.js +35 -0
- package/.dist/anomaly.js.map +1 -0
- package/.dist/api-contracts.d.ts +176 -0
- package/.dist/api-contracts.d.ts.map +1 -0
- package/.dist/api-contracts.js +110 -0
- package/.dist/api-contracts.js.map +1 -0
- package/.dist/auth.d.ts +222 -0
- package/.dist/auth.d.ts.map +1 -0
- package/.dist/auth.js +59 -0
- package/.dist/auth.js.map +1 -0
- package/.dist/enums.d.ts +156 -0
- package/.dist/enums.d.ts.map +1 -0
- package/.dist/enums.js +161 -0
- package/.dist/enums.js.map +1 -0
- package/.dist/errors.d.ts +106 -0
- package/.dist/errors.d.ts.map +1 -0
- package/.dist/errors.js +110 -0
- package/.dist/errors.js.map +1 -0
- package/.dist/finops.d.ts +117 -0
- package/.dist/finops.d.ts.map +1 -0
- package/.dist/finops.js +14 -0
- package/.dist/finops.js.map +1 -0
- package/.dist/identity.d.ts +176 -0
- package/.dist/identity.d.ts.map +1 -0
- package/.dist/identity.js +32 -0
- package/.dist/identity.js.map +1 -0
- package/.dist/index.d.ts +27 -0
- package/.dist/index.d.ts.map +1 -0
- package/.dist/index.js +75 -0
- package/.dist/index.js.map +1 -0
- package/.dist/policy.d.ts +104 -0
- package/.dist/policy.d.ts.map +1 -0
- package/.dist/policy.js +14 -0
- package/.dist/policy.js.map +1 -0
- package/.dist/session.d.ts +62 -0
- package/.dist/session.d.ts.map +1 -0
- package/.dist/session.js +14 -0
- package/.dist/session.js.map +1 -0
- package/.dist/sop.d.ts +329 -0
- package/.dist/sop.d.ts.map +1 -0
- package/.dist/sop.js +44 -0
- package/.dist/sop.js.map +1 -0
- package/.dist/sync.d.ts +204 -0
- package/.dist/sync.d.ts.map +1 -0
- package/.dist/sync.js +45 -0
- package/.dist/sync.js.map +1 -0
- package/package.json +19 -0
|
@@ -0,0 +1,106 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Shared error codes and error class for the Intutic platform.
|
|
3
|
+
*
|
|
4
|
+
* All services throw `IntuticError` instances so that HTTP handlers can
|
|
5
|
+
* reliably extract `code`, `statusCode`, and `details` for structured
|
|
6
|
+
* error responses.
|
|
7
|
+
*
|
|
8
|
+
* @module
|
|
9
|
+
*/
|
|
10
|
+
/** Resource not found. */
|
|
11
|
+
export declare const E_NOT_FOUND: "E_NOT_FOUND";
|
|
12
|
+
/** Missing or invalid authentication credentials. */
|
|
13
|
+
export declare const E_UNAUTHORIZED: "E_UNAUTHORIZED";
|
|
14
|
+
/** Authenticated but insufficient permissions. */
|
|
15
|
+
export declare const E_FORBIDDEN: "E_FORBIDDEN";
|
|
16
|
+
/** Budget limit exceeded — HLD §3.6 FinOps guardrail. */
|
|
17
|
+
export declare const E_BUDGET_EXCEEDED: "E_BUDGET_EXCEEDED";
|
|
18
|
+
/** Request rate limit exceeded. */
|
|
19
|
+
export declare const E_RATE_LIMITED: "E_RATE_LIMITED";
|
|
20
|
+
/** Attempted UPDATE/DELETE on an append-only table (e.g., execution_traces). */
|
|
21
|
+
export declare const E_APPEND_ONLY_VIOLATION: "E_APPEND_ONLY_VIOLATION";
|
|
22
|
+
/** High-risk plan approval requires a human-written rationale (EU AI Act Art. 14). */
|
|
23
|
+
export declare const E_APPROVAL_RATIONALE_REQUIRED: "E_APPROVAL_RATIONALE_REQUIRED";
|
|
24
|
+
/** Request payload failed Zod schema validation. */
|
|
25
|
+
export declare const E_VALIDATION_FAILED: "E_VALIDATION_FAILED";
|
|
26
|
+
/** Stripe/billing checkout disabled or unavailable. */
|
|
27
|
+
export declare const E_CHECKOUT_DISABLED: "CHECKOUT_DISABLED";
|
|
28
|
+
/** Workspace already on the requested tier. */
|
|
29
|
+
export declare const E_ALREADY_ON_TIER: "ALREADY_ON_TIER";
|
|
30
|
+
/** Stripe API error. */
|
|
31
|
+
export declare const E_STRIPE_ERROR: "STRIPE_ERROR";
|
|
32
|
+
/** Webhook signature validation failed. */
|
|
33
|
+
export declare const E_SIGNATURE_INVALID: "SIGNATURE_INVALID";
|
|
34
|
+
/** Email already registered. */
|
|
35
|
+
export declare const E_EMAIL_ALREADY_EXISTS: "EMAIL_ALREADY_EXISTS";
|
|
36
|
+
/** OAuth flow failure. */
|
|
37
|
+
export declare const E_OAUTH_FAILED: "OAUTH_FAILED";
|
|
38
|
+
/** Token is invalid or malformed. */
|
|
39
|
+
export declare const E_TOKEN_INVALID: "TOKEN_INVALID";
|
|
40
|
+
/** Token has expired. */
|
|
41
|
+
export declare const E_TOKEN_EXPIRED: "TOKEN_EXPIRED";
|
|
42
|
+
/** Resource is already in the target state. */
|
|
43
|
+
export declare const E_ALREADY_VERIFIED: "ALREADY_VERIFIED";
|
|
44
|
+
/** Workspace free trial has expired. */
|
|
45
|
+
export declare const E_TRIAL_EXPIRED: "TRIAL_EXPIRED";
|
|
46
|
+
/** Generic validation failure (legacy alias). */
|
|
47
|
+
export declare const E_VALIDATION: "E_VALIDATION";
|
|
48
|
+
/** SSO is not configured or disabled for this workspace. */
|
|
49
|
+
export declare const E_SSO_DISABLED: "SSO_DISABLED";
|
|
50
|
+
/** SSO user has no workspace membership. */
|
|
51
|
+
export declare const E_SSO_NO_MEMBERSHIP: "SSO_NO_MEMBERSHIP";
|
|
52
|
+
/** OIDC state parameter is invalid or expired. */
|
|
53
|
+
export declare const E_OIDC_INVALID_STATE: "OIDC_INVALID_STATE";
|
|
54
|
+
/** OIDC token exchange with the IdP failed. */
|
|
55
|
+
export declare const E_OIDC_TOKEN_EXCHANGE_FAILED: "OIDC_TOKEN_EXCHANGE_FAILED";
|
|
56
|
+
/** Required claims missing from OIDC id_token. */
|
|
57
|
+
export declare const E_OIDC_CLAIMS_MISSING: "OIDC_CLAIMS_MISSING";
|
|
58
|
+
/** SSO provider exists but is disabled. */
|
|
59
|
+
export declare const E_PROVIDER_DISABLED: "PROVIDER_DISABLED";
|
|
60
|
+
/** Cannot delete provider — active members are using it. */
|
|
61
|
+
export declare const E_PROVIDER_IN_USE: "PROVIDER_IN_USE";
|
|
62
|
+
/** SCIM bearer token authentication failed. */
|
|
63
|
+
export declare const E_SCIM_AUTH_FAILED: "SCIM_AUTH_FAILED";
|
|
64
|
+
/** SCIM resource already exists (duplicate externalId). */
|
|
65
|
+
export declare const E_SCIM_DUPLICATE: "SCIM_DUPLICATE";
|
|
66
|
+
/** Offboarding cascade is already running for this user. */
|
|
67
|
+
export declare const E_OFFBOARDING_IN_PROGRESS: "OFFBOARDING_IN_PROGRESS";
|
|
68
|
+
/** Feature is not available on the current plan tier. */
|
|
69
|
+
export declare const E_FEATURE_NOT_AVAILABLE: "FEATURE_NOT_AVAILABLE";
|
|
70
|
+
/**
|
|
71
|
+
* Union of all Intutic error code constants.
|
|
72
|
+
*
|
|
73
|
+
* Use this type to constrain error handling branches:
|
|
74
|
+
* ```ts
|
|
75
|
+
* function handle(code: IntuticErrorCode) { ... }
|
|
76
|
+
* ```
|
|
77
|
+
*/
|
|
78
|
+
export type IntuticErrorCode = typeof E_NOT_FOUND | typeof E_UNAUTHORIZED | typeof E_FORBIDDEN | typeof E_BUDGET_EXCEEDED | typeof E_RATE_LIMITED | typeof E_APPEND_ONLY_VIOLATION | typeof E_APPROVAL_RATIONALE_REQUIRED | typeof E_VALIDATION_FAILED | typeof E_CHECKOUT_DISABLED | typeof E_ALREADY_ON_TIER | typeof E_STRIPE_ERROR | typeof E_SIGNATURE_INVALID | typeof E_EMAIL_ALREADY_EXISTS | typeof E_OAUTH_FAILED | typeof E_TOKEN_INVALID | typeof E_TOKEN_EXPIRED | typeof E_ALREADY_VERIFIED | typeof E_TRIAL_EXPIRED | typeof E_VALIDATION | typeof E_SSO_DISABLED | typeof E_SSO_NO_MEMBERSHIP | typeof E_OIDC_INVALID_STATE | typeof E_OIDC_TOKEN_EXCHANGE_FAILED | typeof E_OIDC_CLAIMS_MISSING | typeof E_PROVIDER_DISABLED | typeof E_PROVIDER_IN_USE | typeof E_SCIM_AUTH_FAILED | typeof E_SCIM_DUPLICATE | typeof E_OFFBOARDING_IN_PROGRESS | typeof E_FEATURE_NOT_AVAILABLE;
|
|
79
|
+
/**
|
|
80
|
+
* Structured error class used across all Intutic services.
|
|
81
|
+
*
|
|
82
|
+
* Every error carries a machine-readable `code`, an HTTP `statusCode`,
|
|
83
|
+
* and optional `details` for diagnostics.
|
|
84
|
+
*
|
|
85
|
+
* @example
|
|
86
|
+
* ```typescript
|
|
87
|
+
* import { IntuticError, E_BUDGET_EXCEEDED } from '@intutic/shared-types'
|
|
88
|
+
*
|
|
89
|
+
* throw new IntuticError(
|
|
90
|
+
* E_BUDGET_EXCEEDED,
|
|
91
|
+
* 402,
|
|
92
|
+
* 'Monthly budget of $500.00 exceeded',
|
|
93
|
+
* { currentSpend: 512.34, limit: 500.00 }
|
|
94
|
+
* )
|
|
95
|
+
* ```
|
|
96
|
+
*/
|
|
97
|
+
export declare class IntuticError extends Error {
|
|
98
|
+
/** Machine-readable error code (e.g., `E_BUDGET_EXCEEDED`). */
|
|
99
|
+
readonly code: IntuticErrorCode;
|
|
100
|
+
/** HTTP status code to return (e.g., 402, 403, 404). */
|
|
101
|
+
readonly statusCode: number;
|
|
102
|
+
/** Optional structured details for diagnostics. */
|
|
103
|
+
readonly details?: Record<string, unknown>;
|
|
104
|
+
constructor(code: IntuticErrorCode, statusCode: number, message: string, details?: Record<string, unknown>);
|
|
105
|
+
}
|
|
106
|
+
//# sourceMappingURL=errors.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,0BAA0B;AAC1B,eAAO,MAAM,WAAW,EAAG,aAAsB,CAAA;AAEjD,qDAAqD;AACrD,eAAO,MAAM,cAAc,EAAG,gBAAyB,CAAA;AAEvD,kDAAkD;AAClD,eAAO,MAAM,WAAW,EAAG,aAAsB,CAAA;AAEjD,yDAAyD;AACzD,eAAO,MAAM,iBAAiB,EAAG,mBAA4B,CAAA;AAE7D,mCAAmC;AACnC,eAAO,MAAM,cAAc,EAAG,gBAAyB,CAAA;AAEvD,gFAAgF;AAChF,eAAO,MAAM,uBAAuB,EAAG,yBAAkC,CAAA;AAEzE,sFAAsF;AACtF,eAAO,MAAM,6BAA6B,EAAG,+BAAwC,CAAA;AAErF,oDAAoD;AACpD,eAAO,MAAM,mBAAmB,EAAG,qBAA8B,CAAA;AAEjE,uDAAuD;AACvD,eAAO,MAAM,mBAAmB,EAAG,mBAA4B,CAAA;AAE/D,+CAA+C;AAC/C,eAAO,MAAM,iBAAiB,EAAG,iBAA0B,CAAA;AAE3D,wBAAwB;AACxB,eAAO,MAAM,cAAc,EAAG,cAAuB,CAAA;AAErD,2CAA2C;AAC3C,eAAO,MAAM,mBAAmB,EAAG,mBAA4B,CAAA;AAE/D,gCAAgC;AAChC,eAAO,MAAM,sBAAsB,EAAG,sBAA+B,CAAA;AAErE,0BAA0B;AAC1B,eAAO,MAAM,cAAc,EAAG,cAAuB,CAAA;AAErD,qCAAqC;AACrC,eAAO,MAAM,eAAe,EAAG,eAAwB,CAAA;AAEvD,yBAAyB;AACzB,eAAO,MAAM,eAAe,EAAG,eAAwB,CAAA;AAEvD,+CAA+C;AAC/C,eAAO,MAAM,kBAAkB,EAAG,kBAA2B,CAAA;AAE7D,wCAAwC;AACxC,eAAO,MAAM,eAAe,EAAG,eAAwB,CAAA;AAEvD,iDAAiD;AACjD,eAAO,MAAM,YAAY,EAAG,cAAuB,CAAA;AAInD,4DAA4D;AAC5D,eAAO,MAAM,cAAc,EAAG,cAAuB,CAAA;AAErD,4CAA4C;AAC5C,eAAO,MAAM,mBAAmB,EAAG,mBAA4B,CAAA;AAE/D,kDAAkD;AAClD,eAAO,MAAM,oBAAoB,EAAG,oBAA6B,CAAA;AAEjE,+CAA+C;AAC/C,eAAO,MAAM,4BAA4B,EAAG,4BAAqC,CAAA;AAEjF,kDAAkD;AAClD,eAAO,MAAM,qBAAqB,EAAG,qBAA8B,CAAA;AAEnE,2CAA2C;AAC3C,eAAO,MAAM,mBAAmB,EAAG,mBAA4B,CAAA;AAE/D,4DAA4D;AAC5D,eAAO,MAAM,iBAAiB,EAAG,iBAA0B,CAAA;AAE3D,+CAA+C;AAC/C,eAAO,MAAM,kBAAkB,EAAG,kBAA2B,CAAA;AAE7D,2DAA2D;AAC3D,eAAO,MAAM,gBAAgB,EAAG,gBAAyB,CAAA;AAEzD,4DAA4D;AAC5D,eAAO,MAAM,yBAAyB,EAAG,yBAAkC,CAAA;AAE3E,yDAAyD;AACzD,eAAO,MAAM,uBAAuB,EAAG,uBAAgC,CAAA;AAEvE;;;;;;;GAOG;AACH,MAAM,MAAM,gBAAgB,GACxB,OAAO,WAAW,GAClB,OAAO,cAAc,GACrB,OAAO,WAAW,GAClB,OAAO,iBAAiB,GACxB,OAAO,cAAc,GACrB,OAAO,uBAAuB,GAC9B,OAAO,6BAA6B,GACpC,OAAO,mBAAmB,GAC1B,OAAO,mBAAmB,GAC1B,OAAO,iBAAiB,GACxB,OAAO,cAAc,GACrB,OAAO,mBAAmB,GAC1B,OAAO,sBAAsB,GAC7B,OAAO,cAAc,GACrB,OAAO,eAAe,GACtB,OAAO,eAAe,GACtB,OAAO,kBAAkB,GACzB,OAAO,eAAe,GACtB,OAAO,YAAY,GAEnB,OAAO,cAAc,GACrB,OAAO,mBAAmB,GAC1B,OAAO,oBAAoB,GAC3B,OAAO,4BAA4B,GACnC,OAAO,qBAAqB,GAC5B,OAAO,mBAAmB,GAC1B,OAAO,iBAAiB,GACxB,OAAO,kBAAkB,GACzB,OAAO,gBAAgB,GACvB,OAAO,yBAAyB,GAChC,OAAO,uBAAuB,CAAA;AAIlC;;;;;;;;;;;;;;;;;GAiBG;AACH,qBAAa,YAAa,SAAQ,KAAK;IACrC,+DAA+D;IAC/D,QAAQ,CAAC,IAAI,EAAE,gBAAgB,CAAA;IAE/B,wDAAwD;IACxD,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAA;IAE3B,mDAAmD;IACnD,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;gBAGxC,IAAI,EAAE,gBAAgB,EACtB,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;CAQpC"}
|
package/.dist/errors.js
ADDED
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Shared error codes and error class for the Intutic platform.
|
|
4
|
+
*
|
|
5
|
+
* All services throw `IntuticError` instances so that HTTP handlers can
|
|
6
|
+
* reliably extract `code`, `statusCode`, and `details` for structured
|
|
7
|
+
* error responses.
|
|
8
|
+
*
|
|
9
|
+
* @module
|
|
10
|
+
*/
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.IntuticError = exports.E_FEATURE_NOT_AVAILABLE = exports.E_OFFBOARDING_IN_PROGRESS = exports.E_SCIM_DUPLICATE = exports.E_SCIM_AUTH_FAILED = exports.E_PROVIDER_IN_USE = exports.E_PROVIDER_DISABLED = exports.E_OIDC_CLAIMS_MISSING = exports.E_OIDC_TOKEN_EXCHANGE_FAILED = exports.E_OIDC_INVALID_STATE = exports.E_SSO_NO_MEMBERSHIP = exports.E_SSO_DISABLED = exports.E_VALIDATION = exports.E_TRIAL_EXPIRED = exports.E_ALREADY_VERIFIED = exports.E_TOKEN_EXPIRED = exports.E_TOKEN_INVALID = exports.E_OAUTH_FAILED = exports.E_EMAIL_ALREADY_EXISTS = exports.E_SIGNATURE_INVALID = exports.E_STRIPE_ERROR = exports.E_ALREADY_ON_TIER = exports.E_CHECKOUT_DISABLED = exports.E_VALIDATION_FAILED = exports.E_APPROVAL_RATIONALE_REQUIRED = exports.E_APPEND_ONLY_VIOLATION = exports.E_RATE_LIMITED = exports.E_BUDGET_EXCEEDED = exports.E_FORBIDDEN = exports.E_UNAUTHORIZED = exports.E_NOT_FOUND = void 0;
|
|
13
|
+
// ─── Error Code Constants ────────────────────────────────────────────
|
|
14
|
+
/** Resource not found. */
|
|
15
|
+
exports.E_NOT_FOUND = 'E_NOT_FOUND';
|
|
16
|
+
/** Missing or invalid authentication credentials. */
|
|
17
|
+
exports.E_UNAUTHORIZED = 'E_UNAUTHORIZED';
|
|
18
|
+
/** Authenticated but insufficient permissions. */
|
|
19
|
+
exports.E_FORBIDDEN = 'E_FORBIDDEN';
|
|
20
|
+
/** Budget limit exceeded — HLD §3.6 FinOps guardrail. */
|
|
21
|
+
exports.E_BUDGET_EXCEEDED = 'E_BUDGET_EXCEEDED';
|
|
22
|
+
/** Request rate limit exceeded. */
|
|
23
|
+
exports.E_RATE_LIMITED = 'E_RATE_LIMITED';
|
|
24
|
+
/** Attempted UPDATE/DELETE on an append-only table (e.g., execution_traces). */
|
|
25
|
+
exports.E_APPEND_ONLY_VIOLATION = 'E_APPEND_ONLY_VIOLATION';
|
|
26
|
+
/** High-risk plan approval requires a human-written rationale (EU AI Act Art. 14). */
|
|
27
|
+
exports.E_APPROVAL_RATIONALE_REQUIRED = 'E_APPROVAL_RATIONALE_REQUIRED';
|
|
28
|
+
/** Request payload failed Zod schema validation. */
|
|
29
|
+
exports.E_VALIDATION_FAILED = 'E_VALIDATION_FAILED';
|
|
30
|
+
/** Stripe/billing checkout disabled or unavailable. */
|
|
31
|
+
exports.E_CHECKOUT_DISABLED = 'CHECKOUT_DISABLED';
|
|
32
|
+
/** Workspace already on the requested tier. */
|
|
33
|
+
exports.E_ALREADY_ON_TIER = 'ALREADY_ON_TIER';
|
|
34
|
+
/** Stripe API error. */
|
|
35
|
+
exports.E_STRIPE_ERROR = 'STRIPE_ERROR';
|
|
36
|
+
/** Webhook signature validation failed. */
|
|
37
|
+
exports.E_SIGNATURE_INVALID = 'SIGNATURE_INVALID';
|
|
38
|
+
/** Email already registered. */
|
|
39
|
+
exports.E_EMAIL_ALREADY_EXISTS = 'EMAIL_ALREADY_EXISTS';
|
|
40
|
+
/** OAuth flow failure. */
|
|
41
|
+
exports.E_OAUTH_FAILED = 'OAUTH_FAILED';
|
|
42
|
+
/** Token is invalid or malformed. */
|
|
43
|
+
exports.E_TOKEN_INVALID = 'TOKEN_INVALID';
|
|
44
|
+
/** Token has expired. */
|
|
45
|
+
exports.E_TOKEN_EXPIRED = 'TOKEN_EXPIRED';
|
|
46
|
+
/** Resource is already in the target state. */
|
|
47
|
+
exports.E_ALREADY_VERIFIED = 'ALREADY_VERIFIED';
|
|
48
|
+
/** Workspace free trial has expired. */
|
|
49
|
+
exports.E_TRIAL_EXPIRED = 'TRIAL_EXPIRED';
|
|
50
|
+
/** Generic validation failure (legacy alias). */
|
|
51
|
+
exports.E_VALIDATION = 'E_VALIDATION';
|
|
52
|
+
// ─── Identity Federation Error Codes (LLD #11) ─────────────────────
|
|
53
|
+
/** SSO is not configured or disabled for this workspace. */
|
|
54
|
+
exports.E_SSO_DISABLED = 'SSO_DISABLED';
|
|
55
|
+
/** SSO user has no workspace membership. */
|
|
56
|
+
exports.E_SSO_NO_MEMBERSHIP = 'SSO_NO_MEMBERSHIP';
|
|
57
|
+
/** OIDC state parameter is invalid or expired. */
|
|
58
|
+
exports.E_OIDC_INVALID_STATE = 'OIDC_INVALID_STATE';
|
|
59
|
+
/** OIDC token exchange with the IdP failed. */
|
|
60
|
+
exports.E_OIDC_TOKEN_EXCHANGE_FAILED = 'OIDC_TOKEN_EXCHANGE_FAILED';
|
|
61
|
+
/** Required claims missing from OIDC id_token. */
|
|
62
|
+
exports.E_OIDC_CLAIMS_MISSING = 'OIDC_CLAIMS_MISSING';
|
|
63
|
+
/** SSO provider exists but is disabled. */
|
|
64
|
+
exports.E_PROVIDER_DISABLED = 'PROVIDER_DISABLED';
|
|
65
|
+
/** Cannot delete provider — active members are using it. */
|
|
66
|
+
exports.E_PROVIDER_IN_USE = 'PROVIDER_IN_USE';
|
|
67
|
+
/** SCIM bearer token authentication failed. */
|
|
68
|
+
exports.E_SCIM_AUTH_FAILED = 'SCIM_AUTH_FAILED';
|
|
69
|
+
/** SCIM resource already exists (duplicate externalId). */
|
|
70
|
+
exports.E_SCIM_DUPLICATE = 'SCIM_DUPLICATE';
|
|
71
|
+
/** Offboarding cascade is already running for this user. */
|
|
72
|
+
exports.E_OFFBOARDING_IN_PROGRESS = 'OFFBOARDING_IN_PROGRESS';
|
|
73
|
+
/** Feature is not available on the current plan tier. */
|
|
74
|
+
exports.E_FEATURE_NOT_AVAILABLE = 'FEATURE_NOT_AVAILABLE';
|
|
75
|
+
// ─── Error Class ─────────────────────────────────────────────────────
|
|
76
|
+
/**
|
|
77
|
+
* Structured error class used across all Intutic services.
|
|
78
|
+
*
|
|
79
|
+
* Every error carries a machine-readable `code`, an HTTP `statusCode`,
|
|
80
|
+
* and optional `details` for diagnostics.
|
|
81
|
+
*
|
|
82
|
+
* @example
|
|
83
|
+
* ```typescript
|
|
84
|
+
* import { IntuticError, E_BUDGET_EXCEEDED } from '@intutic/shared-types'
|
|
85
|
+
*
|
|
86
|
+
* throw new IntuticError(
|
|
87
|
+
* E_BUDGET_EXCEEDED,
|
|
88
|
+
* 402,
|
|
89
|
+
* 'Monthly budget of $500.00 exceeded',
|
|
90
|
+
* { currentSpend: 512.34, limit: 500.00 }
|
|
91
|
+
* )
|
|
92
|
+
* ```
|
|
93
|
+
*/
|
|
94
|
+
class IntuticError extends Error {
|
|
95
|
+
/** Machine-readable error code (e.g., `E_BUDGET_EXCEEDED`). */
|
|
96
|
+
code;
|
|
97
|
+
/** HTTP status code to return (e.g., 402, 403, 404). */
|
|
98
|
+
statusCode;
|
|
99
|
+
/** Optional structured details for diagnostics. */
|
|
100
|
+
details;
|
|
101
|
+
constructor(code, statusCode, message, details) {
|
|
102
|
+
super(message);
|
|
103
|
+
this.name = 'IntuticError';
|
|
104
|
+
this.code = code;
|
|
105
|
+
this.statusCode = statusCode;
|
|
106
|
+
this.details = details;
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
exports.IntuticError = IntuticError;
|
|
110
|
+
//# sourceMappingURL=errors.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAEH,wEAAwE;AAExE,0BAA0B;AACb,QAAA,WAAW,GAAG,aAAsB,CAAA;AAEjD,qDAAqD;AACxC,QAAA,cAAc,GAAG,gBAAyB,CAAA;AAEvD,kDAAkD;AACrC,QAAA,WAAW,GAAG,aAAsB,CAAA;AAEjD,yDAAyD;AAC5C,QAAA,iBAAiB,GAAG,mBAA4B,CAAA;AAE7D,mCAAmC;AACtB,QAAA,cAAc,GAAG,gBAAyB,CAAA;AAEvD,gFAAgF;AACnE,QAAA,uBAAuB,GAAG,yBAAkC,CAAA;AAEzE,sFAAsF;AACzE,QAAA,6BAA6B,GAAG,+BAAwC,CAAA;AAErF,oDAAoD;AACvC,QAAA,mBAAmB,GAAG,qBAA8B,CAAA;AAEjE,uDAAuD;AAC1C,QAAA,mBAAmB,GAAG,mBAA4B,CAAA;AAE/D,+CAA+C;AAClC,QAAA,iBAAiB,GAAG,iBAA0B,CAAA;AAE3D,wBAAwB;AACX,QAAA,cAAc,GAAG,cAAuB,CAAA;AAErD,2CAA2C;AAC9B,QAAA,mBAAmB,GAAG,mBAA4B,CAAA;AAE/D,gCAAgC;AACnB,QAAA,sBAAsB,GAAG,sBAA+B,CAAA;AAErE,0BAA0B;AACb,QAAA,cAAc,GAAG,cAAuB,CAAA;AAErD,qCAAqC;AACxB,QAAA,eAAe,GAAG,eAAwB,CAAA;AAEvD,yBAAyB;AACZ,QAAA,eAAe,GAAG,eAAwB,CAAA;AAEvD,+CAA+C;AAClC,QAAA,kBAAkB,GAAG,kBAA2B,CAAA;AAE7D,wCAAwC;AAC3B,QAAA,eAAe,GAAG,eAAwB,CAAA;AAEvD,iDAAiD;AACpC,QAAA,YAAY,GAAG,cAAuB,CAAA;AAEnD,sEAAsE;AAEtE,4DAA4D;AAC/C,QAAA,cAAc,GAAG,cAAuB,CAAA;AAErD,4CAA4C;AAC/B,QAAA,mBAAmB,GAAG,mBAA4B,CAAA;AAE/D,kDAAkD;AACrC,QAAA,oBAAoB,GAAG,oBAA6B,CAAA;AAEjE,+CAA+C;AAClC,QAAA,4BAA4B,GAAG,4BAAqC,CAAA;AAEjF,kDAAkD;AACrC,QAAA,qBAAqB,GAAG,qBAA8B,CAAA;AAEnE,2CAA2C;AAC9B,QAAA,mBAAmB,GAAG,mBAA4B,CAAA;AAE/D,4DAA4D;AAC/C,QAAA,iBAAiB,GAAG,iBAA0B,CAAA;AAE3D,+CAA+C;AAClC,QAAA,kBAAkB,GAAG,kBAA2B,CAAA;AAE7D,2DAA2D;AAC9C,QAAA,gBAAgB,GAAG,gBAAyB,CAAA;AAEzD,4DAA4D;AAC/C,QAAA,yBAAyB,GAAG,yBAAkC,CAAA;AAE3E,yDAAyD;AAC5C,QAAA,uBAAuB,GAAG,uBAAgC,CAAA;AA2CvE,wEAAwE;AAExE;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAa,YAAa,SAAQ,KAAK;IACrC,+DAA+D;IACtD,IAAI,CAAkB;IAE/B,wDAAwD;IAC/C,UAAU,CAAQ;IAE3B,mDAAmD;IAC1C,OAAO,CAA0B;IAE1C,YACE,IAAsB,EACtB,UAAkB,EAClB,OAAe,EACf,OAAiC;QAEjC,KAAK,CAAC,OAAO,CAAC,CAAA;QACd,IAAI,CAAC,IAAI,GAAG,cAAc,CAAA;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAA;QAChB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,CAAC;CACF;AAtBD,oCAsBC"}
|
|
@@ -0,0 +1,117 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* FinOps ledger types for cost tracking and attribution.
|
|
3
|
+
*
|
|
4
|
+
* These types correspond to the `execution_traces` table and the
|
|
5
|
+
* `finops_attribution_4d` materialized view defined in
|
|
6
|
+
* LLD 01-data-architecture §3.1.
|
|
7
|
+
*
|
|
8
|
+
* HLD §3.6 (FinOps Ledger), §3.19 (4D Attribution)
|
|
9
|
+
*
|
|
10
|
+
* @module
|
|
11
|
+
*/
|
|
12
|
+
import type { AnomalyType, EnforcementAction, RoutingTier, TokenUtility } from './enums.js';
|
|
13
|
+
/**
|
|
14
|
+
* A single row in the `execution_traces` table — the append-only FinOps ledger.
|
|
15
|
+
*
|
|
16
|
+
* This is the canonical financial audit trail for every LLM call flowing
|
|
17
|
+
* through the platform. INSERT only; UPDATE and DELETE are forbidden by
|
|
18
|
+
* a database trigger.
|
|
19
|
+
*
|
|
20
|
+
* LLD §3.1 — execution_traces table definition
|
|
21
|
+
*/
|
|
22
|
+
export interface TraceEntry {
|
|
23
|
+
/** Unique trace identifier — `newId('tr')`. */
|
|
24
|
+
traceId: string;
|
|
25
|
+
/** Session that produced this trace — FK to `agent_sessions`. */
|
|
26
|
+
sessionId: string;
|
|
27
|
+
/** Idempotency key — UNIQUE constraint. */
|
|
28
|
+
requestId: string;
|
|
29
|
+
/** Timestamp of the trace event. */
|
|
30
|
+
timestamp: string;
|
|
31
|
+
/** Effective date of the SOP governing this call. */
|
|
32
|
+
sopEffectiveDate: string;
|
|
33
|
+
/** Model requested by the agent/user. */
|
|
34
|
+
requestedModel: string;
|
|
35
|
+
/** Model actually routed to after complexity scoring. */
|
|
36
|
+
actualModelRouted: string;
|
|
37
|
+
/** Routing tier for this call. */
|
|
38
|
+
routingTier: RoutingTier;
|
|
39
|
+
/** Complexity score used for routing (0.0–1.0). */
|
|
40
|
+
complexityScore: number;
|
|
41
|
+
/** Raw input tokens before compression. */
|
|
42
|
+
rawInputTokens: number;
|
|
43
|
+
/** Input tokens after compression. */
|
|
44
|
+
compressedInputTokens: number;
|
|
45
|
+
/** Output tokens generated. */
|
|
46
|
+
outputTokens: number;
|
|
47
|
+
/** Cost at the raw model rate (USD). */
|
|
48
|
+
rawCostUsd: number;
|
|
49
|
+
/** Actual cost after routing optimization (USD). */
|
|
50
|
+
actualCostUsd: number;
|
|
51
|
+
/** Savings from routing optimization (USD) — generated column. */
|
|
52
|
+
savingsUsd: number;
|
|
53
|
+
/** Whether the token spend was useful or wasted. */
|
|
54
|
+
tokenUtility: TokenUtility;
|
|
55
|
+
/** Utility confidence score (0.0–1.0). */
|
|
56
|
+
tokenUtilityScore: number;
|
|
57
|
+
/** Compliance score from policy evaluation (0.0–1.0). */
|
|
58
|
+
complianceScore: number;
|
|
59
|
+
/** Enforcement action applied to this call. */
|
|
60
|
+
enforcementAction: EnforcementAction;
|
|
61
|
+
/** Detected anomaly type, if any. */
|
|
62
|
+
anomalyDetected: AnomalyType | null;
|
|
63
|
+
/** Anomaly detection confidence score (0.0–1.0). */
|
|
64
|
+
anomalyConfidenceScore: number | null;
|
|
65
|
+
/** Additional anomaly taxonomy metadata. */
|
|
66
|
+
taxonomyMetadata: Record<string, unknown> | null;
|
|
67
|
+
/** Raw request/response payload for audit. SENSITIVE. */
|
|
68
|
+
rawPayloadJson: Record<string, unknown> | null;
|
|
69
|
+
/** Application identifier for attribution. */
|
|
70
|
+
appId: string | null;
|
|
71
|
+
/** Agent chain identifier for attribution. */
|
|
72
|
+
agentChainId: string | null;
|
|
73
|
+
/** Full agent delegation chain (JSON). */
|
|
74
|
+
agentChain: Record<string, unknown> | null;
|
|
75
|
+
/** Whether this call was served from cache. */
|
|
76
|
+
cacheHit: boolean;
|
|
77
|
+
/** Savings from cache hit (USD). */
|
|
78
|
+
cacheSavingsUsd: number;
|
|
79
|
+
/** Structured root cause attribution for anomalies. */
|
|
80
|
+
rootCauseAttribution: Record<string, unknown> | null;
|
|
81
|
+
/** Corrective prompt card generated for this anomaly. */
|
|
82
|
+
correctivePromptCard: Record<string, unknown> | null;
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Summarized cost breakdown for a session, workspace, or time window.
|
|
86
|
+
*
|
|
87
|
+
* HLD §3.6 — FinOps cost accounting
|
|
88
|
+
*/
|
|
89
|
+
export interface CostBreakdown {
|
|
90
|
+
/** Cost at raw model rates (USD). */
|
|
91
|
+
rawCost: number;
|
|
92
|
+
/** Actual cost after optimization (USD). */
|
|
93
|
+
actualCost: number;
|
|
94
|
+
/** Total savings from model routing (USD). */
|
|
95
|
+
savings: number;
|
|
96
|
+
/** Total savings from cache hits (USD). */
|
|
97
|
+
cacheSavings: number;
|
|
98
|
+
}
|
|
99
|
+
/**
|
|
100
|
+
* Four-dimensional attribution key for FinOps rollup.
|
|
101
|
+
*
|
|
102
|
+
* Maps to the `finops_attribution_4d` materialized view's grouping dimensions:
|
|
103
|
+
* Person × Harness × App × Agent Chain.
|
|
104
|
+
*
|
|
105
|
+
* HLD §3.19, LLD §3.1 — finops_attribution_4d materialized view
|
|
106
|
+
*/
|
|
107
|
+
export interface Attribution4D {
|
|
108
|
+
/** User/person identifier. */
|
|
109
|
+
personId: string;
|
|
110
|
+
/** Harness/IDE type that produced the cost. */
|
|
111
|
+
harnessType: string;
|
|
112
|
+
/** Optional application identifier. */
|
|
113
|
+
appId?: string;
|
|
114
|
+
/** Optional agent chain identifier. */
|
|
115
|
+
agentChainId?: string;
|
|
116
|
+
}
|
|
117
|
+
//# sourceMappingURL=finops.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"finops.d.ts","sourceRoot":"","sources":["../src/finops.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EACV,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,YAAY,EACb,MAAM,YAAY,CAAA;AAInB;;;;;;;;GAQG;AACH,MAAM,WAAW,UAAU;IACzB,+CAA+C;IAC/C,OAAO,EAAE,MAAM,CAAA;IAEf,iEAAiE;IACjE,SAAS,EAAE,MAAM,CAAA;IAEjB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAA;IAEjB,oCAAoC;IACpC,SAAS,EAAE,MAAM,CAAA;IAEjB,qDAAqD;IACrD,gBAAgB,EAAE,MAAM,CAAA;IAGxB,yCAAyC;IACzC,cAAc,EAAE,MAAM,CAAA;IAEtB,yDAAyD;IACzD,iBAAiB,EAAE,MAAM,CAAA;IAEzB,kCAAkC;IAClC,WAAW,EAAE,WAAW,CAAA;IAExB,mDAAmD;IACnD,eAAe,EAAE,MAAM,CAAA;IAGvB,2CAA2C;IAC3C,cAAc,EAAE,MAAM,CAAA;IAEtB,sCAAsC;IACtC,qBAAqB,EAAE,MAAM,CAAA;IAE7B,+BAA+B;IAC/B,YAAY,EAAE,MAAM,CAAA;IAGpB,wCAAwC;IACxC,UAAU,EAAE,MAAM,CAAA;IAElB,oDAAoD;IACpD,aAAa,EAAE,MAAM,CAAA;IAErB,kEAAkE;IAClE,UAAU,EAAE,MAAM,CAAA;IAGlB,oDAAoD;IACpD,YAAY,EAAE,YAAY,CAAA;IAE1B,0CAA0C;IAC1C,iBAAiB,EAAE,MAAM,CAAA;IAGzB,yDAAyD;IACzD,eAAe,EAAE,MAAM,CAAA;IAEvB,+CAA+C;IAC/C,iBAAiB,EAAE,iBAAiB,CAAA;IAGpC,qCAAqC;IACrC,eAAe,EAAE,WAAW,GAAG,IAAI,CAAA;IAEnC,oDAAoD;IACpD,sBAAsB,EAAE,MAAM,GAAG,IAAI,CAAA;IAErC,4CAA4C;IAC5C,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;IAGhD,yDAAyD;IACzD,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;IAG9C,8CAA8C;IAC9C,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IAEpB,8CAA8C;IAC9C,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;IAE3B,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;IAG1C,+CAA+C;IAC/C,QAAQ,EAAE,OAAO,CAAA;IAEjB,oCAAoC;IACpC,eAAe,EAAE,MAAM,CAAA;IAGvB,uDAAuD;IACvD,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;IAEpD,yDAAyD;IACzD,oBAAoB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAA;CACrD;AAID;;;;GAIG;AACH,MAAM,WAAW,aAAa;IAC5B,qCAAqC;IACrC,OAAO,EAAE,MAAM,CAAA;IAEf,4CAA4C;IAC5C,UAAU,EAAE,MAAM,CAAA;IAElB,8CAA8C;IAC9C,OAAO,EAAE,MAAM,CAAA;IAEf,2CAA2C;IAC3C,YAAY,EAAE,MAAM,CAAA;CACrB;AAID;;;;;;;GAOG;AACH,MAAM,WAAW,aAAa;IAC5B,8BAA8B;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAEhB,+CAA+C;IAC/C,WAAW,EAAE,MAAM,CAAA;IAEnB,uCAAuC;IACvC,KAAK,CAAC,EAAE,MAAM,CAAA;IAEd,uCAAuC;IACvC,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB"}
|
package/.dist/finops.js
ADDED
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* FinOps ledger types for cost tracking and attribution.
|
|
4
|
+
*
|
|
5
|
+
* These types correspond to the `execution_traces` table and the
|
|
6
|
+
* `finops_attribution_4d` materialized view defined in
|
|
7
|
+
* LLD 01-data-architecture §3.1.
|
|
8
|
+
*
|
|
9
|
+
* HLD §3.6 (FinOps Ledger), §3.19 (4D Attribution)
|
|
10
|
+
*
|
|
11
|
+
* @module
|
|
12
|
+
*/
|
|
13
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
14
|
+
//# sourceMappingURL=finops.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"finops.js","sourceRoot":"","sources":["../src/finops.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG"}
|
|
@@ -0,0 +1,176 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Identity Federation types — LLD #11
|
|
3
|
+
*
|
|
4
|
+
* Cross-workspace user identity, SSO/OIDC provider configuration,
|
|
5
|
+
* SCIM 2.0 provisioning resources, and offboarding cascade types.
|
|
6
|
+
*
|
|
7
|
+
* @module
|
|
8
|
+
*/
|
|
9
|
+
import { z } from 'zod';
|
|
10
|
+
export interface User {
|
|
11
|
+
userId: string;
|
|
12
|
+
email: string;
|
|
13
|
+
displayName: string | null;
|
|
14
|
+
avatarUrl: string | null;
|
|
15
|
+
authProvider: 'email' | 'okta' | 'entra_id';
|
|
16
|
+
externalId: string | null;
|
|
17
|
+
isActive: boolean;
|
|
18
|
+
lastLoginAt: string | null;
|
|
19
|
+
createdAt: string;
|
|
20
|
+
updatedAt: string;
|
|
21
|
+
}
|
|
22
|
+
export interface UserInfo {
|
|
23
|
+
userId: string;
|
|
24
|
+
email: string;
|
|
25
|
+
displayName: string | null;
|
|
26
|
+
avatarUrl: string | null;
|
|
27
|
+
authProvider: string;
|
|
28
|
+
isActive: boolean;
|
|
29
|
+
lastLoginAt: string | null;
|
|
30
|
+
createdAt: string;
|
|
31
|
+
}
|
|
32
|
+
export interface SsoProvider {
|
|
33
|
+
providerId: string;
|
|
34
|
+
workspaceId: string;
|
|
35
|
+
name: string;
|
|
36
|
+
type: 'okta' | 'entra_id';
|
|
37
|
+
issuer: string;
|
|
38
|
+
clientId: string;
|
|
39
|
+
scopes: string[];
|
|
40
|
+
autoProvision: boolean;
|
|
41
|
+
defaultRole: string;
|
|
42
|
+
isEnabled: boolean;
|
|
43
|
+
createdAt: string;
|
|
44
|
+
updatedAt: string;
|
|
45
|
+
}
|
|
46
|
+
export declare const CreateSsoProviderSchema: z.ZodObject<{
|
|
47
|
+
name: z.ZodString;
|
|
48
|
+
type: z.ZodEnum<["okta", "entra_id"]>;
|
|
49
|
+
issuer: z.ZodString;
|
|
50
|
+
clientId: z.ZodString;
|
|
51
|
+
clientSecret: z.ZodString;
|
|
52
|
+
scopes: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
|
|
53
|
+
autoProvision: z.ZodDefault<z.ZodBoolean>;
|
|
54
|
+
defaultRole: z.ZodDefault<z.ZodEnum<["ADMIN", "EM", "DEVELOPER", "VIEWER"]>>;
|
|
55
|
+
}, "strip", z.ZodTypeAny, {
|
|
56
|
+
type: "okta" | "entra_id";
|
|
57
|
+
scopes: string[];
|
|
58
|
+
name: string;
|
|
59
|
+
issuer: string;
|
|
60
|
+
clientId: string;
|
|
61
|
+
clientSecret: string;
|
|
62
|
+
autoProvision: boolean;
|
|
63
|
+
defaultRole: "ADMIN" | "EM" | "DEVELOPER" | "VIEWER";
|
|
64
|
+
}, {
|
|
65
|
+
type: "okta" | "entra_id";
|
|
66
|
+
name: string;
|
|
67
|
+
issuer: string;
|
|
68
|
+
clientId: string;
|
|
69
|
+
clientSecret: string;
|
|
70
|
+
scopes?: string[] | undefined;
|
|
71
|
+
autoProvision?: boolean | undefined;
|
|
72
|
+
defaultRole?: "ADMIN" | "EM" | "DEVELOPER" | "VIEWER" | undefined;
|
|
73
|
+
}>;
|
|
74
|
+
export type CreateSsoProviderInput = z.infer<typeof CreateSsoProviderSchema>;
|
|
75
|
+
export interface OidcClaims {
|
|
76
|
+
sub: string;
|
|
77
|
+
email: string;
|
|
78
|
+
email_verified?: boolean;
|
|
79
|
+
name?: string;
|
|
80
|
+
given_name?: string;
|
|
81
|
+
family_name?: string;
|
|
82
|
+
picture?: string;
|
|
83
|
+
groups?: string[];
|
|
84
|
+
iss: string;
|
|
85
|
+
aud: string | string[];
|
|
86
|
+
exp: number;
|
|
87
|
+
iat: number;
|
|
88
|
+
nonce?: string;
|
|
89
|
+
}
|
|
90
|
+
export interface ScimUserResource {
|
|
91
|
+
schemas: string[];
|
|
92
|
+
id?: string;
|
|
93
|
+
externalId?: string;
|
|
94
|
+
userName: string;
|
|
95
|
+
name?: {
|
|
96
|
+
givenName?: string;
|
|
97
|
+
familyName?: string;
|
|
98
|
+
formatted?: string;
|
|
99
|
+
};
|
|
100
|
+
emails?: Array<{
|
|
101
|
+
value: string;
|
|
102
|
+
primary?: boolean;
|
|
103
|
+
type?: string;
|
|
104
|
+
}>;
|
|
105
|
+
active?: boolean;
|
|
106
|
+
groups?: Array<{
|
|
107
|
+
value: string;
|
|
108
|
+
display?: string;
|
|
109
|
+
}>;
|
|
110
|
+
meta?: {
|
|
111
|
+
resourceType?: string;
|
|
112
|
+
created?: string;
|
|
113
|
+
lastModified?: string;
|
|
114
|
+
location?: string;
|
|
115
|
+
};
|
|
116
|
+
}
|
|
117
|
+
export interface ScimListResponse {
|
|
118
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:ListResponse'];
|
|
119
|
+
totalResults: number;
|
|
120
|
+
startIndex: number;
|
|
121
|
+
itemsPerPage: number;
|
|
122
|
+
Resources: ScimUserResource[];
|
|
123
|
+
}
|
|
124
|
+
export interface ScimPatchOp {
|
|
125
|
+
schemas: ['urn:ietf:params:scim:api:messages:2.0:PatchOp'];
|
|
126
|
+
Operations: Array<{
|
|
127
|
+
op: 'add' | 'replace' | 'remove';
|
|
128
|
+
path?: string;
|
|
129
|
+
value?: unknown;
|
|
130
|
+
}>;
|
|
131
|
+
}
|
|
132
|
+
export interface OffboardingStepResult {
|
|
133
|
+
step: 1 | 2 | 3 | 4 | 5 | 6 | 7;
|
|
134
|
+
name: string;
|
|
135
|
+
status: 'completed' | 'failed' | 'skipped';
|
|
136
|
+
detail: Record<string, unknown>;
|
|
137
|
+
durationMs: number;
|
|
138
|
+
}
|
|
139
|
+
export interface OffboardingResult {
|
|
140
|
+
userId: string;
|
|
141
|
+
memberId: string;
|
|
142
|
+
workspaceId: string;
|
|
143
|
+
steps: OffboardingStepResult[];
|
|
144
|
+
totalDurationMs: number;
|
|
145
|
+
completedAt: string;
|
|
146
|
+
}
|
|
147
|
+
export declare const UpdateUserProfileSchema: z.ZodObject<{
|
|
148
|
+
displayName: z.ZodOptional<z.ZodString>;
|
|
149
|
+
avatarUrl: z.ZodOptional<z.ZodString>;
|
|
150
|
+
}, "strip", z.ZodTypeAny, {
|
|
151
|
+
displayName?: string | undefined;
|
|
152
|
+
avatarUrl?: string | undefined;
|
|
153
|
+
}, {
|
|
154
|
+
displayName?: string | undefined;
|
|
155
|
+
avatarUrl?: string | undefined;
|
|
156
|
+
}>;
|
|
157
|
+
export type UpdateUserProfileInput = z.infer<typeof UpdateUserProfileSchema>;
|
|
158
|
+
export interface ScimTokenInfo {
|
|
159
|
+
tokenId: string;
|
|
160
|
+
workspaceId: string;
|
|
161
|
+
label: string | null;
|
|
162
|
+
expiresAt: string | null;
|
|
163
|
+
createdAt: string;
|
|
164
|
+
}
|
|
165
|
+
export declare const CreateScimTokenSchema: z.ZodObject<{
|
|
166
|
+
label: z.ZodOptional<z.ZodString>;
|
|
167
|
+
expiresInDays: z.ZodOptional<z.ZodNumber>;
|
|
168
|
+
}, "strip", z.ZodTypeAny, {
|
|
169
|
+
label?: string | undefined;
|
|
170
|
+
expiresInDays?: number | undefined;
|
|
171
|
+
}, {
|
|
172
|
+
label?: string | undefined;
|
|
173
|
+
expiresInDays?: number | undefined;
|
|
174
|
+
}>;
|
|
175
|
+
export type CreateScimTokenInput = z.infer<typeof CreateScimTokenSchema>;
|
|
176
|
+
//# sourceMappingURL=identity.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.d.ts","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAKvB,MAAM,WAAW,IAAI;IACnB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IACb,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,YAAY,EAAE,OAAO,GAAG,MAAM,GAAG,UAAU,CAAA;IAC3C,UAAU,EAAE,MAAM,GAAG,IAAI,CAAA;IACzB,QAAQ,EAAE,OAAO,CAAA;IACjB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,QAAQ;IACvB,MAAM,EAAE,MAAM,CAAA;IACd,KAAK,EAAE,MAAM,CAAA;IACb,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,YAAY,EAAE,MAAM,CAAA;IACpB,QAAQ,EAAE,OAAO,CAAA;IACjB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAA;IAC1B,SAAS,EAAE,MAAM,CAAA;CAClB;AAID,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAA;IAClB,WAAW,EAAE,MAAM,CAAA;IACnB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,GAAG,UAAU,CAAA;IACzB,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,EAAE,CAAA;IAChB,aAAa,EAAE,OAAO,CAAA;IACtB,WAAW,EAAE,MAAM,CAAA;IACnB,SAAS,EAAE,OAAO,CAAA;IAClB,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;EASlC,CAAA;AACF,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAA;AAI5E,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;IACb,cAAc,CAAC,EAAE,OAAO,CAAA;IACxB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAA;IACjB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,CAAA;IACtB,GAAG,EAAE,MAAM,CAAA;IACX,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAID,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,EAAE,CAAA;IACjB,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,QAAQ,EAAE,MAAM,CAAA;IAChB,IAAI,CAAC,EAAE;QACL,SAAS,CAAC,EAAE,MAAM,CAAA;QAClB,UAAU,CAAC,EAAE,MAAM,CAAA;QACnB,SAAS,CAAC,EAAE,MAAM,CAAA;KACnB,CAAA;IACD,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IACnE,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,MAAM,CAAC,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IACnD,IAAI,CAAC,EAAE;QACL,YAAY,CAAC,EAAE,MAAM,CAAA;QACrB,OAAO,CAAC,EAAE,MAAM,CAAA;QAChB,YAAY,CAAC,EAAE,MAAM,CAAA;QACrB,QAAQ,CAAC,EAAE,MAAM,CAAA;KAClB,CAAA;CACF;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,CAAC,oDAAoD,CAAC,CAAA;IAC/D,YAAY,EAAE,MAAM,CAAA;IACpB,UAAU,EAAE,MAAM,CAAA;IAClB,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,gBAAgB,EAAE,CAAA;CAC9B;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,CAAC,+CAA+C,CAAC,CAAA;IAC1D,UAAU,EAAE,KAAK,CAAC;QAChB,EAAE,EAAE,KAAK,GAAG,SAAS,GAAG,QAAQ,CAAA;QAChC,IAAI,CAAC,EAAE,MAAM,CAAA;QACb,KAAK,CAAC,EAAE,OAAO,CAAA;KAChB,CAAC,CAAA;CACH;AAID,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;IAC/B,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,WAAW,GAAG,QAAQ,GAAG,SAAS,CAAA;IAC1C,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC/B,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAA;IACd,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,EAAE,qBAAqB,EAAE,CAAA;IAC9B,eAAe,EAAE,MAAM,CAAA;IACvB,WAAW,EAAE,MAAM,CAAA;CACpB;AAID,eAAO,MAAM,uBAAuB;;;;;;;;;EAGlC,CAAA;AACF,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAA;AAI5E,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,WAAW,EAAE,MAAM,CAAA;IACnB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAA;IACpB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAA;IACxB,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,eAAO,MAAM,qBAAqB;;;;;;;;;EAGhC,CAAA;AACF,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAA"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Identity Federation types — LLD #11
|
|
4
|
+
*
|
|
5
|
+
* Cross-workspace user identity, SSO/OIDC provider configuration,
|
|
6
|
+
* SCIM 2.0 provisioning resources, and offboarding cascade types.
|
|
7
|
+
*
|
|
8
|
+
* @module
|
|
9
|
+
*/
|
|
10
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
11
|
+
exports.CreateScimTokenSchema = exports.UpdateUserProfileSchema = exports.CreateSsoProviderSchema = void 0;
|
|
12
|
+
const zod_1 = require("zod");
|
|
13
|
+
exports.CreateSsoProviderSchema = zod_1.z.object({
|
|
14
|
+
name: zod_1.z.string().min(1).max(255),
|
|
15
|
+
type: zod_1.z.enum(['okta', 'entra_id']),
|
|
16
|
+
issuer: zod_1.z.string().url(),
|
|
17
|
+
clientId: zod_1.z.string().min(1),
|
|
18
|
+
clientSecret: zod_1.z.string().min(1),
|
|
19
|
+
scopes: zod_1.z.array(zod_1.z.string()).default(['openid', 'profile', 'email']),
|
|
20
|
+
autoProvision: zod_1.z.boolean().default(false),
|
|
21
|
+
defaultRole: zod_1.z.enum(['ADMIN', 'EM', 'DEVELOPER', 'VIEWER']).default('DEVELOPER'),
|
|
22
|
+
});
|
|
23
|
+
// ── User management ──
|
|
24
|
+
exports.UpdateUserProfileSchema = zod_1.z.object({
|
|
25
|
+
displayName: zod_1.z.string().min(1).max(255).optional(),
|
|
26
|
+
avatarUrl: zod_1.z.string().url().optional(),
|
|
27
|
+
});
|
|
28
|
+
exports.CreateScimTokenSchema = zod_1.z.object({
|
|
29
|
+
label: zod_1.z.string().min(1).max(255).optional(),
|
|
30
|
+
expiresInDays: zod_1.z.number().int().min(1).max(365).optional(),
|
|
31
|
+
});
|
|
32
|
+
//# sourceMappingURL=identity.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"identity.js","sourceRoot":"","sources":["../src/identity.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;AAEH,6BAAuB;AA8CV,QAAA,uBAAuB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC9C,IAAI,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC;IAChC,IAAI,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAClC,MAAM,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE;IACxB,QAAQ,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3B,YAAY,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/B,MAAM,EAAE,OAAC,CAAC,KAAK,CAAC,OAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IACnE,aAAa,EAAE,OAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACzC,WAAW,EAAE,OAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;CACjF,CAAC,CAAA;AAgFF,wBAAwB;AAEX,QAAA,uBAAuB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC9C,WAAW,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IAClD,SAAS,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;CACvC,CAAC,CAAA;AAaW,QAAA,qBAAqB,GAAG,OAAC,CAAC,MAAM,CAAC;IAC5C,KAAK,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;IAC5C,aAAa,EAAE,OAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE;CAC3D,CAAC,CAAA"}
|
package/.dist/index.d.ts
ADDED
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @intutic/shared-types — Shared TypeScript types, interfaces, and enums
|
|
3
|
+
*
|
|
4
|
+
* This package is the single source of truth for all types used by 2+ packages
|
|
5
|
+
* in the Intutic monorepo. Never duplicate type definitions across services.
|
|
6
|
+
*
|
|
7
|
+
* @packageDocumentation
|
|
8
|
+
*/
|
|
9
|
+
export { RiskLevel, EnforcementAction, TokenUtility, BudgetTier, ComplexityTier, ChangeClassification, AnomalyType, HarnessType, ExecutionMode, IncidentStatus, PlanLifecycleState, SopLifecycleState, RoutingTier, WorkspaceRole, } from './enums.js';
|
|
10
|
+
export type { PermissionSet, PolicyVerdict, DctToken, RiskCategory, InterventionMode, PluginVerdict, EvaluationCascadeResult, } from './policy.js';
|
|
11
|
+
export type { TraceEntry, CostBreakdown, Attribution4D, } from './finops.js';
|
|
12
|
+
export { ANOMALY_SEVERITY_MAP, } from './anomaly.js';
|
|
13
|
+
export type { AnomalyEvent, AnomalyClassification, AnomalySeverity, CorrectivePromptCard, ProbeType, ProbeResult, TrustScoreResult, TrustScoreUpdate, TrustEvent, GovernanceIncidentStatus, CapabilityMissEvent, CapabilityMissInput, DriftDirection, DriftEvent, } from './anomaly.js';
|
|
14
|
+
export type { Session, SessionCheckpoint, } from './session.js';
|
|
15
|
+
export type { Sop, SopProofTree, SopLifecycleTransition, SopHealthMetrics, DreamCycleQueueItem, DreamCycleEnqueueInput, GodelProbeResult, SopContentUpdate, SopLifecycleTransitionResult, CascadeImpactResult, CascadeInvalidationResult, AntiGamingResult, SopEdgeType, SopGraphEdge, DeviationType, PlanDeviation, PlanAdherenceScore, StoredPlan, DecisionRecommendation, DecisionMiningAnalysis, GodelGateResult, GodelScore, ProofTreeDiff, } from './sop.js';
|
|
16
|
+
export { VALID_SOP_TRANSITIONS, ENFORCEMENT_BY_STATE, } from './sop.js';
|
|
17
|
+
export { IntuticError, E_NOT_FOUND, E_UNAUTHORIZED, E_FORBIDDEN, E_BUDGET_EXCEEDED, E_RATE_LIMITED, E_APPEND_ONLY_VIOLATION, E_APPROVAL_RATIONALE_REQUIRED, E_VALIDATION_FAILED, E_SSO_DISABLED, E_SSO_NO_MEMBERSHIP, E_OIDC_INVALID_STATE, E_OIDC_TOKEN_EXCHANGE_FAILED, E_OIDC_CLAIMS_MISSING, E_PROVIDER_DISABLED, E_PROVIDER_IN_USE, E_SCIM_AUTH_FAILED, E_SCIM_DUPLICATE, E_OFFBOARDING_IN_PROGRESS, E_FEATURE_NOT_AVAILABLE, } from './errors.js';
|
|
18
|
+
export type { IntuticErrorCode } from './errors.js';
|
|
19
|
+
export { CreateSessionSchema, CreateTraceSchema, PolicyVerdictSchema, } from './api-contracts.js';
|
|
20
|
+
export type { CreateSessionInput, CreateTraceInput, PolicyVerdictInput, } from './api-contracts.js';
|
|
21
|
+
export { LoginInputSchema, RegisterInputSchema, RefreshInputSchema, ChangePasswordInputSchema, InviteMemberInputSchema, UpdateRoleInputSchema, CreateApiKeyInputSchema, } from './auth.js';
|
|
22
|
+
export type { AuthContext, JwtPayload, LoginInput, LoginResult, RegisterInput, RegisterResult, RefreshResult, WorkspaceMemberInfo, InviteMemberInput, CreateApiKeyInput, CreateApiKeyResult, ApiKeyInfo, DashboardSummary, } from './auth.js';
|
|
23
|
+
export { SopHashReportSchema, DaemonStatusSchema, } from './sync.js';
|
|
24
|
+
export type { SyncSopEntry, SyncConfigPayload, SopFileHash, SopHashReport, DetectedHarness, DaemonStatus, IntuticCredentials, IntuticConfig, IntegrityStore, } from './sync.js';
|
|
25
|
+
export { CreateSsoProviderSchema, UpdateUserProfileSchema, CreateScimTokenSchema, } from './identity.js';
|
|
26
|
+
export type { User, UserInfo, SsoProvider, CreateSsoProviderInput, OidcClaims, ScimUserResource, ScimListResponse, ScimPatchOp, OffboardingStepResult, OffboardingResult, UpdateUserProfileInput, ScimTokenInfo, CreateScimTokenInput, } from './identity.js';
|
|
27
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,SAAS,EACT,iBAAiB,EACjB,YAAY,EACZ,UAAU,EACV,cAAc,EACd,oBAAoB,EACpB,WAAW,EACX,WAAW,EACX,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,iBAAiB,EACjB,WAAW,EACX,aAAa,GACd,MAAM,YAAY,CAAA;AAEnB,YAAY,EACV,aAAa,EACb,aAAa,EACb,QAAQ,EACR,YAAY,EACZ,gBAAgB,EAChB,aAAa,EACb,uBAAuB,GACxB,MAAM,aAAa,CAAA;AAEpB,YAAY,EACV,UAAU,EACV,aAAa,EACb,aAAa,GACd,MAAM,aAAa,CAAA;AAEpB,OAAO,EACL,oBAAoB,GACrB,MAAM,cAAc,CAAA;AAErB,YAAY,EACV,YAAY,EACZ,qBAAqB,EACrB,eAAe,EACf,oBAAoB,EACpB,SAAS,EACT,WAAW,EACX,gBAAgB,EAChB,gBAAgB,EAChB,UAAU,EACV,wBAAwB,EACxB,mBAAmB,EACnB,mBAAmB,EACnB,cAAc,EACd,UAAU,GACX,MAAM,cAAc,CAAA;AAErB,YAAY,EACV,OAAO,EACP,iBAAiB,GAClB,MAAM,cAAc,CAAA;AAErB,YAAY,EACV,GAAG,EACH,YAAY,EACZ,sBAAsB,EACtB,gBAAgB,EAChB,mBAAmB,EACnB,sBAAsB,EACtB,gBAAgB,EAChB,gBAAgB,EAChB,4BAA4B,EAC5B,mBAAmB,EACnB,yBAAyB,EACzB,gBAAgB,EAChB,WAAW,EACX,YAAY,EACZ,aAAa,EACb,aAAa,EACb,kBAAkB,EAClB,UAAU,EACV,sBAAsB,EACtB,sBAAsB,EACtB,eAAe,EACf,UAAU,EACV,aAAa,GACd,MAAM,UAAU,CAAA;AAEjB,OAAO,EACL,qBAAqB,EACrB,oBAAoB,GACrB,MAAM,UAAU,CAAA;AAEjB,OAAO,EACL,YAAY,EACZ,WAAW,EACX,cAAc,EACd,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,uBAAuB,EACvB,6BAA6B,EAC7B,mBAAmB,EAEnB,cAAc,EACd,mBAAmB,EACnB,oBAAoB,EACpB,4BAA4B,EAC5B,qBAAqB,EACrB,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EAChB,yBAAyB,EACzB,uBAAuB,GACxB,MAAM,aAAa,CAAA;AACpB,YAAY,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AAEnD,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,mBAAmB,GACpB,MAAM,oBAAoB,CAAA;AAC3B,YAAY,EACV,kBAAkB,EAClB,gBAAgB,EAChB,kBAAkB,GACnB,MAAM,oBAAoB,CAAA;AAE3B,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EACnB,kBAAkB,EAClB,yBAAyB,EACzB,uBAAuB,EACvB,qBAAqB,EACrB,uBAAuB,GACxB,MAAM,WAAW,CAAA;AAElB,YAAY,EACV,WAAW,EACX,UAAU,EACV,UAAU,EACV,WAAW,EACX,aAAa,EACb,cAAc,EACd,aAAa,EACb,mBAAmB,EACnB,iBAAiB,EACjB,iBAAiB,EACjB,kBAAkB,EAClB,UAAU,EACV,gBAAgB,GACjB,MAAM,WAAW,CAAA;AAElB,OAAO,EACL,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,WAAW,CAAA;AAElB,YAAY,EACV,YAAY,EACZ,iBAAiB,EACjB,WAAW,EACX,aAAa,EACb,eAAe,EACf,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,cAAc,GACf,MAAM,WAAW,CAAA;AAGlB,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,eAAe,CAAA;AAEtB,YAAY,EACV,IAAI,EACJ,QAAQ,EACR,WAAW,EACX,sBAAsB,EACtB,UAAU,EACV,gBAAgB,EAChB,gBAAgB,EAChB,WAAW,EACX,qBAAqB,EACrB,iBAAiB,EACjB,sBAAsB,EACtB,aAAa,EACb,oBAAoB,GACrB,MAAM,eAAe,CAAA"}
|