@jterrats/open-orchestra 1.0.16 → 1.0.18

package/dist/security/policy-types.d.ts

@@ -0,0 +1,79 @@
+export declare const policyDecisionOutcomes: readonly ["allow", "deny", "requiresApproval", "quarantine"];
+export type PolicyDecisionOutcome = (typeof policyDecisionOutcomes)[number];
+export type PolicyAction = "content.ingest" | "evidence.write" | "pythonWorker.process" | "provider.message" | "url.fetch" | "file.write" | "command.execute";
+export type PolicySink = "evidence" | "htmlText" | "json" | "log" | "markdown" | "provider" | "shellArgument" | "url";
+export type SegmentKind = "data" | "evidence" | "instruction" | "providerResponse" | "toolInput" | "toolOutput" | "unknown";
+export type DataClassification = "public" | "internal" | "restricted" | "unknown";
+export type FindingSeverity = "low" | "medium" | "high" | "critical";
+export type ContentFindingKind = "indirectPromptInjection" | "noSqlLike" | "pathTraversal" | "piiEmail" | "piiPaymentCard" | "piiPhone" | "piiSsn" | "promptInjection" | "secretShaped" | "shellLike" | "sqlLike" | "unsafeUrl";
+export interface ContentFinding {
+    kind: ContentFindingKind;
+    ruleId: string;
+    severity: FindingSeverity;
+    summary: string;
+}
+export interface ContentClassification {
+    classification: DataClassification;
+    findings: ContentFinding[];
+}
+export interface PromptSegment {
+    id: string;
+    kind: SegmentKind;
+    provenance: string;
+    sink: PolicySink;
+    text: string;
+    byteLength: number;
+    classification: ContentClassification;
+}
+export type RedactionStatus = "notRequired" | "redacted" | "quarantined" | "unsafeUnredacted";
+export interface RedactedSegment {
+    id: string;
+    text: string;
+    status: RedactionStatus;
+    redactedFindings: ContentFindingKind[];
+}
+export interface RedactionReport {
+    status: RedactionStatus;
+    redactedSegments: RedactedSegment[];
+    sanitizedReasons: string[];
+}
+export interface PolicySubject {
+    id: string;
+    subjectType: "human" | "runtime" | "system" | "tool";
+    tenantId?: string;
+    workspaceId?: string;
+}
+export interface PolicyResource {
+    resourceType: "command" | "evidence" | "file" | "prompt" | "pythonWorker" | "url";
+    summary: string;
+    tenantId?: string;
+    workspaceId?: string;
+}
+export interface PolicyRequest {
+    requestId: string;
+    subject: PolicySubject;
+    action: PolicyAction;
+    resource: PolicyResource;
+    sink: PolicySink;
+    dataClassification: DataClassification;
+    segments: PromptSegment[];
+    redactionReport: RedactionReport;
+}
+export interface PolicyRequestInput {
+    requestId?: string;
+    subject?: Partial<PolicySubject>;
+    action?: PolicyAction;
+    resource?: Partial<PolicyResource>;
+    sink?: PolicySink;
+    dataClassification?: DataClassification;
+    segments?: PromptSegment[];
+    redactionReport?: RedactionReport;
+}
+export interface PolicyDecision {
+    requestId: string;
+    outcome: PolicyDecisionOutcome;
+    matchedRuleIds: string[];
+    redactionStatus: RedactionStatus;
+    sanitizedReasons: string[];
+    evidenceSummary: string;
+}

package/dist/security/policy-types.js

@@ -0,0 +1,7 @@
+export const policyDecisionOutcomes = [
+    "allow",
+    "deny",
+    "requiresApproval",
+    "quarantine",
+];
+//# sourceMappingURL=policy-types.js.map

package/dist/security/policy-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-types.js","sourceRoot":"","sources":["../../src/security/policy-types.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,OAAO;IACP,MAAM;IACN,kBAAkB;IAClB,YAAY;CACJ,CAAC"}

package/dist/security/prompt-intake.d.ts

@@ -0,0 +1,13 @@
+import type { PolicySink, PromptSegment, SegmentKind } from "./policy-types.js";
+export interface PromptSegmentInput {
+    id?: string;
+    kind?: SegmentKind;
+    provenance?: string;
+    sink?: PolicySink;
+    text?: string;
+}
+export interface PromptPacketInput {
+    segments?: PromptSegmentInput[];
+}
+export declare function intakePromptPacket(packet: PromptPacketInput): PromptSegment[];
+export declare function intakePromptSegment(input: PromptSegmentInput, fallbackId?: string): PromptSegment;

package/dist/security/prompt-intake.js

@@ -0,0 +1,33 @@
+import { Buffer } from "node:buffer";
+import { classifyContent } from "./content-classifier.js";
+export function intakePromptPacket(packet) {
+    if (!Array.isArray(packet.segments)) {
+        return [unknownSegment("segment-1", "malformed prompt packet")];
+    }
+    return packet.segments.map((segment, index) => intakePromptSegment(segment, `segment-${index + 1}`));
+}
+export function intakePromptSegment(input, fallbackId = "segment-1") {
+    const text = typeof input.text === "string" ? input.text : "";
+    const kind = input.kind ?? "unknown";
+    return {
+        id: input.id ?? fallbackId,
+        kind,
+        provenance: input.provenance ?? "unknown",
+        sink: input.sink ?? "provider",
+        text,
+        byteLength: Buffer.byteLength(text, "utf8"),
+        classification: classifyContent(text),
+    };
+}
+function unknownSegment(id, text) {
+    return {
+        id,
+        kind: "unknown",
+        provenance: "unknown",
+        sink: "provider",
+        text,
+        byteLength: Buffer.byteLength(text, "utf8"),
+        classification: classifyContent(text),
+    };
+}
+//# sourceMappingURL=prompt-intake.js.map

package/dist/security/prompt-intake.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt-intake.js","sourceRoot":"","sources":["../../src/security/prompt-intake.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AACrC,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAe1D,MAAM,UAAU,kBAAkB,CAAC,MAAyB;IAC1D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,cAAc,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC,CAAC;IAClE,CAAC;IACD,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CAC5C,mBAAmB,CAAC,OAAO,EAAE,WAAW,KAAK,GAAG,CAAC,EAAE,CAAC,CACrD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,KAAyB,EACzB,UAAU,GAAG,WAAW;IAExB,MAAM,IAAI,GAAG,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,SAAS,CAAC;IACrC,OAAO;QACL,EAAE,EAAE,KAAK,CAAC,EAAE,IAAI,UAAU;QAC1B,IAAI;QACJ,UAAU,EAAE,KAAK,CAAC,UAAU,IAAI,SAAS;QACzC,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,UAAU;QAC9B,IAAI;QACJ,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,MAAM,CAAC;QAC3C,cAAc,EAAE,eAAe,CAAC,IAAI,CAAC;KACtC,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,EAAU,EAAE,IAAY;IAC9C,OAAO;QACL,EAAE;QACF,IAAI,EAAE,SAAS;QACf,UAAU,EAAE,SAAS;QACrB,IAAI,EAAE,UAAU;QAChB,IAAI;QACJ,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,MAAM,CAAC;QAC3C,cAAc,EAAE,eAAe,CAAC,IAAI,CAAC;KACtC,CAAC;AACJ,CAAC"}

package/dist/security/provider-egress-policy.d.ts

@@ -0,0 +1,27 @@
+import type { ContentClassification, DataClassification, PolicyDecision } from "./policy-types.js";
+import type { ModelMessage } from "../types/model-config.js";
+export interface ProviderEgressClassification {
+    classification: DataClassification;
+    findings: ContentClassification["findings"];
+}
+export interface ProviderEgressClassifier {
+    classify(text: string): ProviderEgressClassification;
+}
+export interface ProviderEgressPolicyInput {
+    requestId?: string;
+    taskId: string;
+    role: string;
+    actor: string;
+    providerId: string;
+    messages: ModelMessage[];
+    classifier?: ProviderEgressClassifier;
+}
+export interface ProviderEgressPolicyDecision {
+    allowed: boolean;
+    requestId: string;
+    outcome: PolicyDecision["outcome"];
+    safeMessage?: string;
+    matchedRuleIds: string[];
+    redactionStatus: PolicyDecision["redactionStatus"];
+}
+export declare function evaluateProviderEgressPolicy(input: ProviderEgressPolicyInput): ProviderEgressPolicyDecision;

package/dist/security/provider-egress-policy.js

@@ -0,0 +1,72 @@
+import { randomUUID } from "node:crypto";
+import { evaluateSecurityPolicy } from "./policy-engine.js";
+import { intakePromptSegment } from "./prompt-intake.js";
+import { redactPromptSegments } from "./redaction.js";
+export function evaluateProviderEgressPolicy(input) {
+    const requestId = input.requestId ?? `provider-egress-${randomUUID()}`;
+    const segments = input.messages.map((message, index) => providerPromptSegment(message, index, input.classifier));
+    const redactionReport = redactPromptSegments(segments);
+    const decision = evaluateSecurityPolicy({
+        requestId,
+        subject: {
+            id: input.actor,
+            subjectType: "runtime",
+            workspaceId: input.taskId,
+        },
+        action: "provider.message",
+        resource: {
+            resourceType: "prompt",
+            summary: `provider egress to ${input.providerId}`,
+            workspaceId: input.taskId,
+        },
+        sink: "provider",
+        dataClassification: highestDataClassification(segments),
+        segments,
+        redactionReport,
+    });
+    const allowed = redactionReport.status === "notRequired" &&
+        !hasRestrictedClassification(segments);
+    return {
+        allowed,
+        requestId,
+        outcome: decision.outcome,
+        matchedRuleIds: decision.matchedRuleIds,
+        redactionStatus: decision.redactionStatus,
+        ...(allowed
+            ? {}
+            : {
+                safeMessage: "provider egress blocked by restricted-content policy before provider execution",
+            }),
+    };
+}
+function hasRestrictedClassification(segments) {
+    return segments.some((segment) => segment.classification.classification === "restricted");
+}
+function providerPromptSegment(message, index, classifier) {
+    const segment = intakePromptSegment({
+        id: `message-${index + 1}`,
+        kind: message.role === "tool" ? "toolOutput" : "instruction",
+        provenance: `model-message:${message.role}`,
+        sink: "provider",
+        text: message.content,
+    }, `message-${index + 1}`);
+    if (!classifier)
+        return segment;
+    return {
+        ...segment,
+        classification: classifier.classify(message.content),
+    };
+}
+function highestDataClassification(segments) {
+    if (segments.some((segment) => segment.classification.classification === "restricted")) {
+        return "restricted";
+    }
+    if (segments.some((segment) => segment.classification.classification === "unknown")) {
+        return "unknown";
+    }
+    if (segments.some((segment) => segment.classification.classification === "internal")) {
+        return "internal";
+    }
+    return "public";
+}
+//# sourceMappingURL=provider-egress-policy.js.map

package/dist/security/provider-egress-policy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider-egress-policy.js","sourceRoot":"","sources":["../../src/security/provider-egress-policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AAqCtD,MAAM,UAAU,4BAA4B,CAC1C,KAAgC;IAEhC,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,mBAAmB,UAAU,EAAE,EAAE,CAAC;IACvE,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE,CACrD,qBAAqB,CAAC,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,UAAU,CAAC,CACxD,CAAC;IACF,MAAM,eAAe,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IACvD,MAAM,QAAQ,GAAG,sBAAsB,CAAC;QACtC,SAAS;QACT,OAAO,EAAE;YACP,EAAE,EAAE,KAAK,CAAC,KAAK;YACf,WAAW,EAAE,SAAS;YACtB,WAAW,EAAE,KAAK,CAAC,MAAM;SAC1B;QACD,MAAM,EAAE,kBAAkB;QAC1B,QAAQ,EAAE;YACR,YAAY,EAAE,QAAQ;YACtB,OAAO,EAAE,sBAAsB,KAAK,CAAC,UAAU,EAAE;YACjD,WAAW,EAAE,KAAK,CAAC,MAAM;SAC1B;QACD,IAAI,EAAE,UAAU;QAChB,kBAAkB,EAAE,yBAAyB,CAAC,QAAQ,CAAC;QACvD,QAAQ;QACR,eAAe;KAChB,CAAC,CAAC;IACH,MAAM,OAAO,GACX,eAAe,CAAC,MAAM,KAAK,aAAa;QACxC,CAAC,2BAA2B,CAAC,QAAQ,CAAC,CAAC;IACzC,OAAO;QACL,OAAO;QACP,SAAS;QACT,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,cAAc,EAAE,QAAQ,CAAC,cAAc;QACvC,eAAe,EAAE,QAAQ,CAAC,eAAe;QACzC,GAAG,CAAC,OAAO;YACT,CAAC,CAAC,EAAE;YACJ,CAAC,CAAC;gBACE,WAAW,EACT,gFAAgF;aACnF,CAAC;KACP,CAAC;AACJ,CAAC;AAED,SAAS,2BAA2B,CAAC,QAAyB;IAC5D,OAAO,QAAQ,CAAC,IAAI,CAClB,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,cAAc,KAAK,YAAY,CACpE,CAAC;AACJ,CAAC;AAED,SAAS,qBAAqB,CAC5B,OAAqB,EACrB,KAAa,EACb,UAAgD;IAEhD,MAAM,OAAO,GAAG,mBAAmB,CACjC;QACE,EAAE,EAAE,WAAW,KAAK,GAAG,CAAC,EAAE;QAC1B,IAAI,EAAE,OAAO,CAAC,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,aAAa;QAC5D,UAAU,EAAE,iBAAiB,OAAO,CAAC,IAAI,EAAE;QAC3C,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,OAAO,CAAC,OAAO;KACtB,EACD,WAAW,KAAK,GAAG,CAAC,EAAE,CACvB,CAAC;IACF,IAAI,CAAC,UAAU;QAAE,OAAO,OAAO,CAAC;IAChC,OAAO;QACL,GAAG,OAAO;QACV,cAAc,EAAE,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC;KACrD,CAAC;AACJ,CAAC;AAED,SAAS,yBAAyB,CAChC,QAAyB;IAEzB,IACE,QAAQ,CAAC,IAAI,CACX,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,cAAc,KAAK,YAAY,CACpE,EACD,CAAC;QACD,OAAO,YAAY,CAAC;IACtB,CAAC;IACD,IACE,QAAQ,CAAC,IAAI,CACX,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,cAAc,KAAK,SAAS,CACjE,EACD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IACE,QAAQ,CAAC,IAAI,CACX,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,cAAc,CAAC,cAAc,KAAK,UAAU,CAClE,EACD,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/security/public-api-auth.d.ts

@@ -0,0 +1,20 @@
+import type http from "node:http";
+import type { ChatScope } from "../types/chat.js";
+export declare const PUBLIC_LOCAL_DEV_USER_ID_HEADER = "x-orchestra-user-id";
+export interface PublicApiPrincipal {
+    id: string;
+    displayName: string;
+    source: "local_dev_header";
+}
+export interface PublicApiAuthContext {
+    requestId: string;
+    principal: PublicApiPrincipal;
+    scope: ChatScope;
+    rateLimitKey: string;
+}
+export declare function authenticatePublicApiRequest(input: {
+    request: http.IncomingMessage;
+    requestId: string;
+    workspaceKey: string;
+}): PublicApiAuthContext;
+export declare function workspaceKeyForRoot(root: string): string;

package/dist/security/public-api-auth.js

@@ -0,0 +1,55 @@
+import { createHash } from "node:crypto";
+import { ChatApiError } from "../chat-api-errors.js";
+export const PUBLIC_LOCAL_DEV_USER_ID_HEADER = "x-orchestra-user-id";
+const PUBLIC_LOCAL_DEV_USER_NAME_HEADER = "x-orchestra-user-name";
+const MAX_PRINCIPAL_ID_LENGTH = 128;
+const MAX_DISPLAY_NAME_LENGTH = 160;
+export function authenticatePublicApiRequest(input) {
+    const principalId = boundedHeaderValue(input.request.headers[PUBLIC_LOCAL_DEV_USER_ID_HEADER], PUBLIC_LOCAL_DEV_USER_ID_HEADER, input.requestId, MAX_PRINCIPAL_ID_LENGTH);
+    if (!principalId) {
+        throw new ChatApiError("unauthorized", "authentication is required", 401, input.requestId);
+    }
+    const displayName = boundedHeaderValue(input.request.headers[PUBLIC_LOCAL_DEV_USER_NAME_HEADER], PUBLIC_LOCAL_DEV_USER_NAME_HEADER, input.requestId, MAX_DISPLAY_NAME_LENGTH) ?? principalId;
+    return {
+        requestId: input.requestId,
+        principal: {
+            id: principalId,
+            displayName,
+            source: "local_dev_header",
+        },
+        scope: publicScope(input.workspaceKey, principalId),
+        rateLimitKey: `${input.workspaceKey}:${principalId}`,
+    };
+}
+export function workspaceKeyForRoot(root) {
+    return createHash("sha256").update(root).digest("hex").slice(0, 16);
+}
+function publicScope(workspaceKey, principalId) {
+    const principalKey = createHash("sha256")
+        .update(principalId)
+        .digest("hex")
+        .slice(0, 16);
+    return {
+        tenantId: `workspace:${workspaceKey}`,
+        workspaceId: workspaceKey,
+        taskId: `public-chat:${principalKey}`,
+        runId: "api-v1",
+        phase: "api",
+        sessionId: principalKey,
+    };
+}
+function boundedHeaderValue(value, field, requestId, maxLength) {
+    if (Array.isArray(value)) {
+        throw new ChatApiError("invalid_request", `${field} header must have a single value`, 400, requestId);
+    }
+    if (typeof value !== "string")
+        return undefined;
+    const normalized = value.trim();
+    if (!normalized)
+        return undefined;
+    if (normalized.length > maxLength) {
+        throw new ChatApiError("invalid_request", `${field} header is too long`, 400, requestId);
+    }
+    return normalized;
+}
+//# sourceMappingURL=public-api-auth.js.map

package/dist/security/public-api-auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"public-api-auth.js","sourceRoot":"","sources":["../../src/security/public-api-auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAEzC,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAGrD,MAAM,CAAC,MAAM,+BAA+B,GAAG,qBAAqB,CAAC;AACrE,MAAM,iCAAiC,GAAG,uBAAuB,CAAC;AAClE,MAAM,uBAAuB,GAAG,GAAG,CAAC;AACpC,MAAM,uBAAuB,GAAG,GAAG,CAAC;AAepC,MAAM,UAAU,4BAA4B,CAAC,KAI5C;IACC,MAAM,WAAW,GAAG,kBAAkB,CACpC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,+BAA+B,CAAC,EACtD,+BAA+B,EAC/B,KAAK,CAAC,SAAS,EACf,uBAAuB,CACxB,CAAC;IACF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,YAAY,CACpB,cAAc,EACd,4BAA4B,EAC5B,GAAG,EACH,KAAK,CAAC,SAAS,CAChB,CAAC;IACJ,CAAC;IACD,MAAM,WAAW,GACf,kBAAkB,CAChB,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,iCAAiC,CAAC,EACxD,iCAAiC,EACjC,KAAK,CAAC,SAAS,EACf,uBAAuB,CACxB,IAAI,WAAW,CAAC;IACnB,OAAO;QACL,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,SAAS,EAAE;YACT,EAAE,EAAE,WAAW;YACf,WAAW;YACX,MAAM,EAAE,kBAAkB;SAC3B;QACD,KAAK,EAAE,WAAW,CAAC,KAAK,CAAC,YAAY,EAAE,WAAW,CAAC;QACnD,YAAY,EAAE,GAAG,KAAK,CAAC,YAAY,IAAI,WAAW,EAAE;KACrD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACtE,CAAC;AAED,SAAS,WAAW,CAAC,YAAoB,EAAE,WAAmB;IAC5D,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC;SACtC,MAAM,CAAC,WAAW,CAAC;SACnB,MAAM,CAAC,KAAK,CAAC;SACb,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChB,OAAO;QACL,QAAQ,EAAE,aAAa,YAAY,EAAE;QACrC,WAAW,EAAE,YAAY;QACzB,MAAM,EAAE,eAAe,YAAY,EAAE;QACrC,KAAK,EAAE,QAAQ;QACf,KAAK,EAAE,KAAK;QACZ,SAAS,EAAE,YAAY;KACxB,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,KAAoC,EACpC,KAAa,EACb,SAAiB,EACjB,SAAiB;IAEjB,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,YAAY,CACpB,iBAAiB,EACjB,GAAG,KAAK,kCAAkC,EAC1C,GAAG,EACH,SAAS,CACV,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAC;IAChD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAChC,IAAI,CAAC,UAAU;QAAE,OAAO,SAAS,CAAC;IAClC,IAAI,UAAU,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAClC,MAAM,IAAI,YAAY,CACpB,iBAAiB,EACjB,GAAG,KAAK,qBAAqB,EAC7B,GAAG,EACH,SAAS,CACV,CAAC;IACJ,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC"}

package/dist/security/public-api-policy.d.ts

@@ -0,0 +1,8 @@
+export interface PublicApiAdmission {
+    release: () => void;
+}
+export declare function admitPublicApiRequest(input: {
+    key: string;
+    requestId: string;
+    now?: number;
+}): PublicApiAdmission;

package/dist/security/public-api-policy.js

@@ -0,0 +1,40 @@
+import { ChatApiError } from "../chat-api-errors.js";
+const RATE_LIMIT_WINDOW_MS = 60_000;
+const RATE_LIMIT_MAX_REQUESTS = 60;
+const MAX_CONCURRENT_REQUESTS = 4;
+const buckets = new Map();
+export function admitPublicApiRequest(input) {
+    const now = input.now ?? Date.now();
+    const bucket = activeBucket(input.key, now);
+    if (bucket.requestCount >= RATE_LIMIT_MAX_REQUESTS) {
+        throw new ChatApiError("rate_limited", "rate limit exceeded", 429, input.requestId, true);
+    }
+    if (bucket.activeRequests >= MAX_CONCURRENT_REQUESTS) {
+        throw new ChatApiError("rate_limited", "too many concurrent requests", 429, input.requestId, true);
+    }
+    bucket.requestCount += 1;
+    bucket.activeRequests += 1;
+    let isReleased = false;
+    return {
+        release: () => {
+            if (isReleased)
+                return;
+            isReleased = true;
+            bucket.activeRequests = Math.max(0, bucket.activeRequests - 1);
+        },
+    };
+}
+function activeBucket(key, now) {
+    const existing = buckets.get(key);
+    if (existing && now - existing.windowStartedAt < RATE_LIMIT_WINDOW_MS) {
+        return existing;
+    }
+    const created = {
+        windowStartedAt: now,
+        requestCount: 0,
+        activeRequests: 0,
+    };
+    buckets.set(key, created);
+    return created;
+}
+//# sourceMappingURL=public-api-policy.js.map

package/dist/security/public-api-policy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"public-api-policy.js","sourceRoot":"","sources":["../../src/security/public-api-policy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,MAAM,oBAAoB,GAAG,MAAM,CAAC;AACpC,MAAM,uBAAuB,GAAG,EAAE,CAAC;AACnC,MAAM,uBAAuB,GAAG,CAAC,CAAC;AAQlC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAwB,CAAC;AAMhD,MAAM,UAAU,qBAAqB,CAAC,KAIrC;IACC,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IAC5C,IAAI,MAAM,CAAC,YAAY,IAAI,uBAAuB,EAAE,CAAC;QACnD,MAAM,IAAI,YAAY,CACpB,cAAc,EACd,qBAAqB,EACrB,GAAG,EACH,KAAK,CAAC,SAAS,EACf,IAAI,CACL,CAAC;IACJ,CAAC;IACD,IAAI,MAAM,CAAC,cAAc,IAAI,uBAAuB,EAAE,CAAC;QACrD,MAAM,IAAI,YAAY,CACpB,cAAc,EACd,8BAA8B,EAC9B,GAAG,EACH,KAAK,CAAC,SAAS,EACf,IAAI,CACL,CAAC;IACJ,CAAC;IACD,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC;IACzB,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC;IAC3B,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,OAAO;QACL,OAAO,EAAE,GAAG,EAAE;YACZ,IAAI,UAAU;gBAAE,OAAO;YACvB,UAAU,GAAG,IAAI,CAAC;YAClB,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC;QACjE,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,GAAW,EAAE,GAAW;IAC5C,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,QAAQ,IAAI,GAAG,GAAG,QAAQ,CAAC,eAAe,GAAG,oBAAoB,EAAE,CAAC;QACtE,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,OAAO,GAAiB;QAC5B,eAAe,EAAE,GAAG;QACpB,YAAY,EAAE,CAAC;QACf,cAAc,EAAE,CAAC;KAClB,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IAC1B,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/security/redaction.d.ts

@@ -0,0 +1,3 @@
+import type { PromptSegment, RedactedSegment, RedactionReport } from "./policy-types.js";
+export declare function redactPromptSegments(segments: PromptSegment[]): RedactionReport;
+export declare function redactPromptSegment(segment: PromptSegment): RedactedSegment;

package/dist/security/redaction.js

@@ -0,0 +1,95 @@
+import { hasPaymentCardLikeValue, redactPaymentCardLikeValues, } from "./payment-card-detection.js";
+const secretReplacement = "[REDACTED_SECRET]";
+const piiReplacement = "[REDACTED_PII]";
+const bearerPattern = /\bbearer\s+[a-z0-9._-]{12,}/gi;
+const assignmentPattern = /\b(api[_-]?key|password|secret|token)(\s*[:=]\s*)[^\s"']{12,}/gi;
+const secretPatterns = [bearerPattern, assignmentPattern];
+const emailPattern = /\b[a-z0-9._%+-]+@[a-z0-9.-]+[.][a-z]{2,}\b/gi;
+const phonePattern = /(?:\+?1[\s.-]?)?(?:[(]\d{3}[)]|\b\d{3})[\s.-]?\d{3}[\s.-]?\d{4}\b/g;
+const ssnPattern = /\b\d{3}-\d{2}-\d{4}\b/g;
+const paymentCardPattern = /\b(?:\d[ -]?){13,19}\b/g;
+const piiPatterns = [
+    emailPattern,
+    phonePattern,
+    ssnPattern,
+    paymentCardPattern,
+];
+export function redactPromptSegments(segments) {
+    const redactedSegments = segments.map(redactPromptSegment);
+    const status = reportStatus(redactedSegments);
+    return {
+        status,
+        redactedSegments,
+        sanitizedReasons: sanitizedReasons(redactedSegments, status),
+    };
+}
+export function redactPromptSegment(segment) {
+    const restrictedFindings = segment.classification.findings.filter((finding) => finding.kind === "secretShaped" || finding.kind.startsWith("pii"));
+    const redactedText = redactRestrictedValues(segment.text);
+    const wasRedacted = redactedText !== segment.text;
+    const hasRemainingRestrictedValue = hasRestrictedValue(redactedText);
+    return {
+        id: segment.id,
+        text: redactedText,
+        status: redactionStatus(restrictedFindings.length, wasRedacted, hasRemainingRestrictedValue),
+        redactedFindings: wasRedacted
+            ? uniqueFindingKinds(restrictedFindings.map((finding) => finding.kind))
+            : [],
+    };
+}
+function redactRestrictedValues(text) {
+    const secretRedacted = text
+        .replace(bearerPattern, secretReplacement)
+        .replace(assignmentPattern, (_match, label, separator) => {
+        return `${label}${separator}${secretReplacement}`;
+    });
+    return secretRedacted
+        .replace(emailPattern, piiReplacement)
+        .replace(phonePattern, piiReplacement)
+        .replace(ssnPattern, piiReplacement)
+        .replace(paymentCardPattern, (match) => redactPaymentCardLikeValues(match, piiReplacement));
+}
+function redactionStatus(restrictedFindingCount, wasRedacted, hasRemainingRestrictedValue) {
+    if (hasRemainingRestrictedValue)
+        return "unsafeUnredacted";
+    if (wasRedacted)
+        return "redacted";
+    if (restrictedFindingCount > 0)
+        return "unsafeUnredacted";
+    return "notRequired";
+}
+function hasRestrictedValue(text) {
+    return [...secretPatterns, ...piiPatterns].some((pattern) => {
+        pattern.lastIndex = 0;
+        if (pattern === paymentCardPattern) {
+            return paymentCardPattern.test(text) && hasPaymentCard(text);
+        }
+        return pattern.test(text);
+    });
+}
+function hasPaymentCard(text) {
+    return hasPaymentCardLikeValue(text);
+}
+function uniqueFindingKinds(findings) {
+    return [...new Set(findings)];
+}
+function reportStatus(segments) {
+    if (segments.some((segment) => segment.status === "unsafeUnredacted")) {
+        return "unsafeUnredacted";
+    }
+    if (segments.some((segment) => segment.status === "redacted")) {
+        return "redacted";
+    }
+    return "notRequired";
+}
+function sanitizedReasons(segments, status) {
+    if (status === "notRequired")
+        return ["no restricted values detected"];
+    return segments
+        .filter((segment) => segment.redactedFindings.length > 0)
+        .map((segment) => redactionReason(segment.id, segment.redactedFindings));
+}
+function redactionReason(segmentId, findings) {
+    return `segment ${segmentId} redacted ${findings.join(", ")}`;
+}
+//# sourceMappingURL=redaction.js.map

package/dist/security/redaction.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"redaction.js","sourceRoot":"","sources":["../../src/security/redaction.ts"],"names":[],"mappings":"AAOA,OAAO,EACL,uBAAuB,EACvB,2BAA2B,GAC5B,MAAM,6BAA6B,CAAC;AAErC,MAAM,iBAAiB,GAAG,mBAAmB,CAAC;AAC9C,MAAM,cAAc,GAAG,gBAAgB,CAAC;AACxC,MAAM,aAAa,GAAG,+BAA+B,CAAC;AACtD,MAAM,iBAAiB,GACrB,iEAAiE,CAAC;AACpE,MAAM,cAAc,GAAG,CAAC,aAAa,EAAE,iBAAiB,CAAU,CAAC;AACnE,MAAM,YAAY,GAAG,8CAA8C,CAAC;AACpE,MAAM,YAAY,GAChB,oEAAoE,CAAC;AACvE,MAAM,UAAU,GAAG,wBAAwB,CAAC;AAC5C,MAAM,kBAAkB,GAAG,yBAAyB,CAAC;AACrD,MAAM,WAAW,GAAG;IAClB,YAAY;IACZ,YAAY;IACZ,UAAU;IACV,kBAAkB;CACV,CAAC;AAEX,MAAM,UAAU,oBAAoB,CAClC,QAAyB;IAEzB,MAAM,gBAAgB,GAAG,QAAQ,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAG,YAAY,CAAC,gBAAgB,CAAC,CAAC;IAC9C,OAAO;QACL,MAAM;QACN,gBAAgB;QAChB,gBAAgB,EAAE,gBAAgB,CAAC,gBAAgB,EAAE,MAAM,CAAC;KAC7D,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAAsB;IACxD,MAAM,kBAAkB,GAAG,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAC/D,CAAC,OAAO,EAAE,EAAE,CACV,OAAO,CAAC,IAAI,KAAK,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CACpE,CAAC;IACF,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,MAAM,WAAW,GAAG,YAAY,KAAK,OAAO,CAAC,IAAI,CAAC;IAClD,MAAM,2BAA2B,GAAG,kBAAkB,CAAC,YAAY,CAAC,CAAC;IACrE,OAAO;QACL,EAAE,EAAE,OAAO,CAAC,EAAE;QACd,IAAI,EAAE,YAAY;QAClB,MAAM,EAAE,eAAe,CACrB,kBAAkB,CAAC,MAAM,EACzB,WAAW,EACX,2BAA2B,CAC5B;QACD,gBAAgB,EAAE,WAAW;YAC3B,CAAC,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACvE,CAAC,CAAC,EAAE;KACP,CAAC;AACJ,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAY;IAC1C,MAAM,cAAc,GAAG,IAAI;SACxB,OAAO,CAAC,aAAa,EAAE,iBAAiB,CAAC;SACzC,OAAO,CAAC,iBAAiB,EAAE,CAAC,MAAM,EAAE,KAAa,EAAE,SAAiB,EAAE,EAAE;QACvE,OAAO,GAAG,KAAK,GAAG,SAAS,GAAG,iBAAiB,EAAE,CAAC;IACpD,CAAC,CAAC,CAAC;IACL,OAAO,cAAc;SAClB,OAAO,CAAC,YAAY,EAAE,cAAc,CAAC;SACrC,OAAO,CAAC,YAAY,EAAE,cAAc,CAAC;SACrC,OAAO,CAAC,UAAU,EAAE,cAAc,CAAC;SACnC,OAAO,CAAC,kBAAkB,EAAE,CAAC,KAAK,EAAE,EAAE,CACrC,2BAA2B,CAAC,KAAK,EAAE,cAAc,CAAC,CACnD,CAAC;AACN,CAAC;AAED,SAAS,eAAe,CACtB,sBAA8B,EAC9B,WAAoB,EACpB,2BAAoC;IAEpC,IAAI,2BAA2B;QAAE,OAAO,kBAAkB,CAAC;IAC3D,IAAI,WAAW;QAAE,OAAO,UAAU,CAAC;IACnC,IAAI,sBAAsB,GAAG,CAAC;QAAE,OAAO,kBAAkB,CAAC;IAC1D,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY;IACtC,OAAO,CAAC,GAAG,cAAc,EAAE,GAAG,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QAC1D,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACtB,IAAI,OAAO,KAAK,kBAAkB,EAAE,CAAC;YACnC,OAAO,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC;QAC/D,CAAC;QACD,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,cAAc,CAAC,IAAY;IAClC,OAAO,uBAAuB,CAAC,IAAI,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,kBAAkB,CACzB,QAA8B;IAE9B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,YAAY,CAAC,QAA2B;IAC/C,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,kBAAkB,CAAC,EAAE,CAAC;QACtE,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IACD,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,UAAU,CAAC,EAAE,CAAC;QAC9D,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,SAAS,gBAAgB,CACvB,QAA2B,EAC3B,MAAuB;IAEvB,IAAI,MAAM,KAAK,aAAa;QAAE,OAAO,CAAC,+BAA+B,CAAC,CAAC;IACvE,OAAO,QAAQ;SACZ,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC;SACxD,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,eAAe,CACtB,SAAiB,EACjB,QAA8B;IAE9B,OAAO,WAAW,SAAS,aAAa,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;AAChE,CAAC"}

package/dist/security/restricted-content-quarantine.d.ts

@@ -0,0 +1,17 @@
+import type { RestrictedDataBoundary } from "../types/restricted-data.js";
+export interface RestrictedIngressField {
+    name: string;
+    text: string;
+}
+export interface RestrictedIngressQuarantineRequest {
+    root: string;
+    requestId: string;
+    boundary: RestrictedDataBoundary;
+    fields: RestrictedIngressField[];
+    actorId?: string;
+    tenantId?: string;
+    workspaceId?: string;
+    taskId?: string;
+    threadId?: string;
+}
+export declare function enforceRestrictedIngressQuarantine(request: RestrictedIngressQuarantineRequest): Promise<void>;

package/dist/security/restricted-content-quarantine.js

@@ -0,0 +1,50 @@
+import { ChatApiError } from "../chat-api-errors.js";
+import { appendEvent } from "../workspace.js";
+import { classifyRestrictedData, evaluateRestrictedBoundaryPolicy, } from "./restricted-data-classifier.js";
+export async function enforceRestrictedIngressQuarantine(request) {
+    const classification = classifyRestrictedFields(request.fields);
+    const decision = evaluateRestrictedBoundaryPolicy({
+        requestId: request.requestId,
+        boundary: request.boundary,
+        classification,
+    });
+    if (decision.outcome !== "block")
+        return;
+    await recordRestrictedIngressBlocked(request, decision);
+    throw new ChatApiError("policy_blocked", "request was blocked by policy", 403, request.requestId);
+}
+function classifyRestrictedFields(fields) {
+    const classifications = fields
+        .map((field) => classifyRestrictedData(field.text))
+        .filter((classification) => classification.hasRestrictedData);
+    return {
+        hasRestrictedData: classifications.length > 0,
+        findings: classifications.flatMap((classification) => classification.findings),
+        redactedText: "",
+        redactionCount: classifications.reduce((total, classification) => total + classification.redactionCount, 0),
+    };
+}
+async function recordRestrictedIngressBlocked(request, decision) {
+    await appendEvent(request.root, {
+        type: "RESTRICTED_INGRESS_BLOCKED",
+        actor: request.actorId ?? "api",
+        summary: decision.auditSummary,
+        ...(request.taskId ? { taskId: request.taskId } : {}),
+        metadata: {
+            requestId: request.requestId,
+            decisionId: decision.decisionId,
+            boundary: decision.boundary,
+            categories: decision.categories,
+            recommendations: decision.recommendations,
+            redactionCount: decision.redactionCount,
+            providerEgress: decision.providerEgress,
+            rawPersistence: decision.rawPersistence,
+            sanitizedReasons: decision.sanitizedReasons,
+            fieldNames: request.fields.map((field) => field.name),
+            ...(request.tenantId ? { tenantId: request.tenantId } : {}),
+            ...(request.workspaceId ? { workspaceId: request.workspaceId } : {}),
+            ...(request.threadId ? { threadId: request.threadId } : {}),
+        },
+    });
+}
+//# sourceMappingURL=restricted-content-quarantine.js.map

package/dist/security/restricted-content-quarantine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"restricted-content-quarantine.js","sourceRoot":"","sources":["../../src/security/restricted-content-quarantine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC9C,OAAO,EACL,sBAAsB,EACtB,gCAAgC,GACjC,MAAM,iCAAiC,CAAC;AAwBzC,MAAM,CAAC,KAAK,UAAU,kCAAkC,CACtD,OAA2C;IAE3C,MAAM,cAAc,GAAG,wBAAwB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAChE,MAAM,QAAQ,GAAG,gCAAgC,CAAC;QAChD,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,cAAc;KACf,CAAC,CAAC;IACH,IAAI,QAAQ,CAAC,OAAO,KAAK,OAAO;QAAE,OAAO;IACzC,MAAM,8BAA8B,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACxD,MAAM,IAAI,YAAY,CACpB,gBAAgB,EAChB,+BAA+B,EAC/B,GAAG,EACH,OAAO,CAAC,SAAS,CAClB,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB,CAC/B,MAAgC;IAEhC,MAAM,eAAe,GAAG,MAAM;SAC3B,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,sBAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;SAClD,MAAM,CAAC,CAAC,cAAc,EAAE,EAAE,CAAC,cAAc,CAAC,iBAAiB,CAAC,CAAC;IAChE,OAAO;QACL,iBAAiB,EAAE,eAAe,CAAC,MAAM,GAAG,CAAC;QAC7C,QAAQ,EAAE,eAAe,CAAC,OAAO,CAC/B,CAAC,cAAc,EAAE,EAAE,CAAC,cAAc,CAAC,QAAQ,CAC5C;QACD,YAAY,EAAE,EAAE;QAChB,cAAc,EAAE,eAAe,CAAC,MAAM,CACpC,CAAC,KAAK,EAAE,cAAc,EAAE,EAAE,CAAC,KAAK,GAAG,cAAc,CAAC,cAAc,EAChE,CAAC,CACF;KACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,8BAA8B,CAC3C,OAA2C,EAC3C,QAA0C;IAE1C,MAAM,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE;QAC9B,IAAI,EAAE,4BAA4B;QAClC,KAAK,EAAE,OAAO,CAAC,OAAO,IAAI,KAAK;QAC/B,OAAO,EAAE,QAAQ,CAAC,YAAY;QAC9B,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACrD,QAAQ,EAAE;YACR,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;YAC3B,UAAU,EAAE,QAAQ,CAAC,UAAU;YAC/B,eAAe,EAAE,QAAQ,CAAC,eAAe;YACzC,cAAc,EAAE,QAAQ,CAAC,cAAc;YACvC,cAAc,EAAE,QAAQ,CAAC,cAAc;YACvC,cAAc,EAAE,QAAQ,CAAC,cAAc;YACvC,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB;YAC3C,UAAU,EAAE,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC;YACrD,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpE,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC5D;KACF,CAAC,CAAC;AACL,CAAC"}

package/dist/security/restricted-data-classifier.d.ts

@@ -0,0 +1,9 @@
+import type { RestrictedBoundaryPolicyDecision, RestrictedBoundaryPolicyRequest, RestrictedDataAuditEvent, RestrictedDataAuditEventType, RestrictedDataClassification } from "../types/restricted-data.js";
+export declare function classifyRestrictedData(text: string): RestrictedDataClassification;
+export declare function evaluateRestrictedBoundaryPolicy(request: RestrictedBoundaryPolicyRequest): RestrictedBoundaryPolicyDecision;
+export declare function restrictedAuditEventForClassification(input: {
+    eventType: RestrictedDataAuditEventType;
+    sourceId: string;
+    classification: RestrictedDataClassification;
+    decision?: RestrictedBoundaryPolicyDecision;
+}): RestrictedDataAuditEvent;