@kevinrabun/judges 3.11.4 → 3.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +19 -0
- package/README.md +3 -3
- package/dist/evaluators/data-sovereignty.d.ts.map +1 -1
- package/dist/evaluators/data-sovereignty.js +157 -0
- package/dist/evaluators/data-sovereignty.js.map +1 -1
- package/dist/judges/data-sovereignty.d.ts.map +1 -1
- package/dist/judges/data-sovereignty.js +25 -9
- package/dist/judges/data-sovereignty.js.map +1 -1
- package/package.json +1 -1
- package/server.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,25 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to **@kevinrabun/judges** are documented here.
|
|
4
4
|
|
|
5
|
+
## [3.12.0] — 2026-03-01
|
|
6
|
+
|
|
7
|
+
### Added
|
|
8
|
+
- **Technological sovereignty rules** — 3 new evaluator rules:
|
|
9
|
+
- **SOV-011**: Vendor-managed encryption without key sovereignty (BYOK/CMK/HSM).
|
|
10
|
+
- **SOV-012**: Proprietary AI/ML model dependency without abstraction layer.
|
|
11
|
+
- **SOV-013**: Single identity provider coupling without OIDC/SAML federation.
|
|
12
|
+
- **Operational sovereignty rules** — 3 new evaluator rules:
|
|
13
|
+
- **SOV-014**: External API calls without circuit breaker / resilience patterns.
|
|
14
|
+
- **SOV-015**: Administrative operations without structured audit trail.
|
|
15
|
+
- **SOV-016**: Data storage without export / portability mechanism.
|
|
16
|
+
- **3-pillar sovereignty systemPrompt** — judge definition expanded with 20 evaluation criteria across Data, Technological & Operational sovereignty pillars.
|
|
17
|
+
- **13 new tests** for technological and operational sovereignty rules including comment-skipping regression (925 total tests, 190 suites).
|
|
18
|
+
|
|
19
|
+
### Changed
|
|
20
|
+
- **Judge name** — "Judge Data Sovereignty" → "Judge Sovereignty".
|
|
21
|
+
- **Judge domain** — "Data Sovereignty & Jurisdictional Controls" → "Data, Technological & Operational Sovereignty".
|
|
22
|
+
- **README** — test badge 912 → 925; Data Sovereignty row and MCP prompt expanded.
|
|
23
|
+
|
|
5
24
|
## [3.11.4] — 2026-03-01
|
|
6
25
|
|
|
7
26
|
### Fixed
|
package/README.md
CHANGED
|
@@ -11,7 +11,7 @@ An MCP (Model Context Protocol) server that provides a panel of **35 specialized
|
|
|
11
11
|
[](https://www.npmjs.com/package/@kevinrabun/judges)
|
|
12
12
|
[](https://www.npmjs.com/package/@kevinrabun/judges)
|
|
13
13
|
[](https://opensource.org/licenses/MIT)
|
|
14
|
-
[](https://github.com/KevinRabun/judges/actions)
|
|
15
15
|
|
|
16
16
|
---
|
|
17
17
|
|
|
@@ -633,7 +633,7 @@ const svg2 = generateBadgeSvg(75, "quality"); // custom label
|
|
|
633
633
|
| **Observability** | Observability & Monitoring | `OBS-` | Structured logging, health checks, metrics, tracing |
|
|
634
634
|
| **Performance** | Performance & Efficiency | `PERF-` | N+1 queries, sync I/O, caching, memory leaks |
|
|
635
635
|
| **Compliance** | Regulatory Compliance | `COMP-` | GDPR/CCPA, PII protection, consent, data retention, audit trails |
|
|
636
|
-
| **Data Sovereignty** | Data
|
|
636
|
+
| **Data Sovereignty** | Data, Technological & Operational Sovereignty | `SOV-` | Data residency, cross-border transfers, vendor key management, AI model portability, identity federation, circuit breakers, audit trails, data export |
|
|
637
637
|
| **Testing** | Testing & Quality Assurance | `TEST-` | Test coverage, assertions, test isolation, naming |
|
|
638
638
|
| **Documentation** | Documentation & Readability | `DOC-` | JSDoc/docstrings, magic numbers, TODOs, code comments |
|
|
639
639
|
| **Internationalization** | Internationalization (i18n) | `I18N-` | Hardcoded strings, locale handling, currency formatting |
|
|
@@ -956,7 +956,7 @@ Each judge has a corresponding prompt for LLM-powered deep analysis:
|
|
|
956
956
|
| `judge-observability` | Deep observability & monitoring review |
|
|
957
957
|
| `judge-performance` | Deep performance optimization review |
|
|
958
958
|
| `judge-compliance` | Deep regulatory compliance review |
|
|
959
|
-
| `judge-data-sovereignty` | Deep data
|
|
959
|
+
| `judge-data-sovereignty` | Deep data, technological & operational sovereignty review |
|
|
960
960
|
| `judge-testing` | Deep testing quality review |
|
|
961
961
|
| `judge-documentation` | Deep documentation quality review |
|
|
962
962
|
| `judge-internationalization` | Deep i18n review |
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-sovereignty.d.ts","sourceRoot":"","sources":["../../src/evaluators/data-sovereignty.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"data-sovereignty.d.ts","sourceRoot":"","sources":["../../src/evaluators/data-sovereignty.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAG3C,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,EAAE,CA4gBjF"}
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { isCommentLine } from "./shared.js";
|
|
1
2
|
export function analyzeDataSovereignty(code, _language) {
|
|
2
3
|
const findings = [];
|
|
3
4
|
const lines = code.split("\n");
|
|
@@ -205,6 +206,162 @@ export function analyzeDataSovereignty(code, _language) {
|
|
|
205
206
|
confidence: 0.8,
|
|
206
207
|
});
|
|
207
208
|
}
|
|
209
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
210
|
+
// TECHNOLOGICAL SOVEREIGNTY
|
|
211
|
+
// Detect vendor lock-in, proprietary dependency risk, and lack of
|
|
212
|
+
// technology-stack independence that undermines sovereign control.
|
|
213
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
214
|
+
// ── SOV-011: Vendor-managed encryption without key sovereignty ──────────
|
|
215
|
+
const kmsLines = [];
|
|
216
|
+
lines.forEach((line, index) => {
|
|
217
|
+
const trimmed = line.trim();
|
|
218
|
+
if (isCommentLine(trimmed))
|
|
219
|
+
return;
|
|
220
|
+
if (/(?:aws\.?kms|kms\.encrypt|kms\.decrypt|kms\.generateDataKey|@aws-sdk\/client-kms|Azure\.KeyVault|CryptographyClient|keyVaultClient|google\.cloud\.kms|CloudKMS|KmsKeyRing)/i.test(line) &&
|
|
221
|
+
!/byok|bring.?your.?own.?key|hsm|import.?key|customer.?managed|cmk|external.?key|key.?wrap|key.?import/i.test(line)) {
|
|
222
|
+
kmsLines.push(index + 1);
|
|
223
|
+
}
|
|
224
|
+
});
|
|
225
|
+
if (kmsLines.length > 0) {
|
|
226
|
+
findings.push({
|
|
227
|
+
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
228
|
+
severity: "medium",
|
|
229
|
+
title: "Vendor-managed encryption without key sovereignty",
|
|
230
|
+
description: "Code uses cloud-provider key management services (KMS) without visible BYOK (Bring Your Own Key), customer-managed key (CMK), or HSM key-import patterns. Provider-managed keys mean the cloud vendor retains ultimate control over cryptographic material, undermining technological sovereignty.",
|
|
231
|
+
lineNumbers: kmsLines.slice(0, 10),
|
|
232
|
+
recommendation: "Use customer-managed keys (CMK) or import keys via BYOK/HSM to retain cryptographic sovereignty. Document key lifecycle ownership and ensure keys can be rotated independently of the cloud provider.",
|
|
233
|
+
reference: "Cloud Key Sovereignty / BYOK Best Practices",
|
|
234
|
+
suggestedFix: "Import your own key material: const key = await kmsClient.importKey({ keyMaterial: localHsmKey, wrappingAlgorithm: 'RSA_AES_KEY_WRAP_SHA_256' }); — or configure customer-managed keys (CMK) for all encryption-at-rest resources.",
|
|
235
|
+
confidence: 0.8,
|
|
236
|
+
});
|
|
237
|
+
}
|
|
238
|
+
// ── SOV-012: Proprietary AI/ML model dependency without abstraction ─────
|
|
239
|
+
const aiVendorLines = [];
|
|
240
|
+
lines.forEach((line, index) => {
|
|
241
|
+
const trimmed = line.trim();
|
|
242
|
+
if (isCommentLine(trimmed))
|
|
243
|
+
return;
|
|
244
|
+
if (/(?:@aws-sdk\/client-bedrock|BedrockRuntimeClient|InvokeModelCommand|@azure\/openai|AzureOpenAI|OpenAIClient|@google-cloud\/aiplatform|PredictionServiceClient|@google-cloud\/vertexai|VertexAI|@aws-sdk\/client-rekognition|@aws-sdk\/client-textract|@aws-sdk\/client-comprehend|CognitiveServicesCredentials|TextAnalyticsClient|ComputerVisionClient|google\.cloud\.vision|google\.cloud\.language|google\.cloud\.speech)/i.test(line) &&
|
|
245
|
+
!/interface\s+\w*(?:AI|Model|LLM|Inference|Predict)\w*|abstract\s+class|implements\s+\w*(?:AI|Model|LLM)\w*|adapter|provider.?pattern|strategy.?pattern/i.test(line)) {
|
|
246
|
+
aiVendorLines.push(index + 1);
|
|
247
|
+
}
|
|
248
|
+
});
|
|
249
|
+
const hasAiAbstraction = /interface\s+\w*(?:AI|Model|LLM|Inference|Predict|Embedding|Completion)\w*/i.test(code) ||
|
|
250
|
+
/(?:adapter|provider|strategy).*(?:AI|Model|LLM)/i.test(code) ||
|
|
251
|
+
/(?:openai|ollama|huggingface|transformers|vllm|litellm|langchain)/i.test(code);
|
|
252
|
+
if (aiVendorLines.length > 0 && !hasAiAbstraction) {
|
|
253
|
+
findings.push({
|
|
254
|
+
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
255
|
+
severity: "medium",
|
|
256
|
+
title: "Proprietary AI/ML service dependency without model portability",
|
|
257
|
+
description: "Code directly imports vendor-specific AI/ML SDKs (AWS Bedrock, Azure OpenAI, Google Vertex AI, or vendor cognitive services) without an abstraction layer. This creates tight coupling to a single vendor's AI platform, limiting model portability and technological sovereignty.",
|
|
258
|
+
lineNumbers: aiVendorLines.slice(0, 10),
|
|
259
|
+
recommendation: "Introduce an AI provider abstraction (interface/adapter) that decouples business logic from the specific vendor SDK. Consider open-source model runners (Ollama, vLLM, HuggingFace Transformers) or multi-provider libraries (LiteLLM, LangChain) for model portability.",
|
|
260
|
+
reference: "Technological Sovereignty / AI Model Portability",
|
|
261
|
+
suggestedFix: "Define a provider-agnostic interface: interface IModelProvider { complete(prompt: string): Promise<string>; } — and wrap each vendor SDK in an adapter implementing this interface.",
|
|
262
|
+
confidence: 0.75,
|
|
263
|
+
});
|
|
264
|
+
}
|
|
265
|
+
// ── SOV-013: Single identity provider coupling ──────────────────────────
|
|
266
|
+
const idpLines = [];
|
|
267
|
+
lines.forEach((line, index) => {
|
|
268
|
+
const trimmed = line.trim();
|
|
269
|
+
if (isCommentLine(trimmed))
|
|
270
|
+
return;
|
|
271
|
+
if (/(?:@aws-sdk\/client-cognito|CognitoIdentityProviderClient|CognitoUserPool|@azure\/msal|ConfidentialClientApplication|PublicClientApplication|@azure\/identity|google-auth-library|GoogleAuth|firebase\/auth|signInWithGoogle|Auth0Client|@auth0\/auth0-react)/i.test(line) &&
|
|
272
|
+
!/oidc|openid|saml|federation|multi.?provider|identity.?broker|passport|next-?auth|keycloak|casdoor/i.test(line)) {
|
|
273
|
+
idpLines.push(index + 1);
|
|
274
|
+
}
|
|
275
|
+
});
|
|
276
|
+
const hasIdpAbstraction = /(?:oidc|openid.?connect|saml|federation|identity.?broker|passport\.use|NextAuth|next-?auth|keycloak|multi.?provider)/i.test(code);
|
|
277
|
+
if (idpLines.length > 0 && !hasIdpAbstraction) {
|
|
278
|
+
findings.push({
|
|
279
|
+
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
280
|
+
severity: "medium",
|
|
281
|
+
title: "Single identity provider coupling without federation",
|
|
282
|
+
description: "Authentication is tightly coupled to a single vendor-specific identity provider (Cognito, MSAL/Entra ID, Google Auth, Auth0, Firebase Auth) without visible OIDC/SAML federation or multi-provider abstraction. Single-vendor identity dependency creates operational risk and limits sovereignty over user authentication flows.",
|
|
283
|
+
lineNumbers: idpLines.slice(0, 10),
|
|
284
|
+
recommendation: "Implement identity federation using standard protocols (OpenID Connect, SAML 2.0). Use an identity broker (Keycloak, NextAuth, Passport.js with multiple strategies) that supports multiple upstream providers. This ensures authentication sovereignty and provider portability.",
|
|
285
|
+
reference: "Technological Sovereignty / Identity Federation",
|
|
286
|
+
suggestedFix: "Use an identity abstraction layer: configure Passport.js with multiple strategies (passport.use('oidc', new OidcStrategy(...))), or use NextAuth with pluggable providers to avoid single-vendor lock-in.",
|
|
287
|
+
confidence: 0.75,
|
|
288
|
+
});
|
|
289
|
+
}
|
|
290
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
291
|
+
// OPERATIONAL SOVEREIGNTY
|
|
292
|
+
// Detect patterns that undermine an organization's ability to operate
|
|
293
|
+
// independently — missing resilience, audit trails, and data portability.
|
|
294
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
295
|
+
// ── SOV-014: External API calls without circuit breaker / resilience ────
|
|
296
|
+
const externalCallLines = [];
|
|
297
|
+
lines.forEach((line, index) => {
|
|
298
|
+
const trimmed = line.trim();
|
|
299
|
+
if (isCommentLine(trimmed))
|
|
300
|
+
return;
|
|
301
|
+
if (/(?:fetch\(|axios\.|got\(|superagent|request\(|httpClient|HttpClient|http\.(?:get|post|put|delete)|urllib|requests\.(?:get|post|put|delete)|reqwest|hyper::Client)/i.test(line) &&
|
|
302
|
+
!/circuit.?breaker|fallback|retry|timeout|AbortController|signal|AbortSignal|deadline|backoff|resilience|polly|cockatiel|opossum/i.test(line)) {
|
|
303
|
+
externalCallLines.push(index + 1);
|
|
304
|
+
}
|
|
305
|
+
});
|
|
306
|
+
const hasResiliencePattern = /(?:circuit.?breaker|CircuitBreaker|opossum|cockatiel|polly|resilience4j|Hystrix|retry.?policy|exponential.?backoff|fallback.?handler|AbortController|timeout.*fetch|fetch.*timeout)/i.test(code);
|
|
307
|
+
if (externalCallLines.length > 2 && !hasResiliencePattern && code.split("\n").length > 20) {
|
|
308
|
+
findings.push({
|
|
309
|
+
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
310
|
+
severity: "medium",
|
|
311
|
+
title: "External API calls without circuit breaker or resilience pattern",
|
|
312
|
+
description: "Multiple external HTTP calls are made without visible circuit breaker, retry/backoff, or timeout patterns. This creates operational dependency on external services — if they degrade or become unavailable, your system has no autonomy to gracefully degrade or fail fast.",
|
|
313
|
+
lineNumbers: externalCallLines.slice(0, 10),
|
|
314
|
+
recommendation: "Wrap external API calls with circuit breaker patterns (opossum, cockatiel, Polly, resilience4j). Add timeouts via AbortController/AbortSignal. Implement fallback responses for degraded-mode operation to maintain operational sovereignty.",
|
|
315
|
+
reference: "Operational Sovereignty / Resilience Patterns",
|
|
316
|
+
suggestedFix: "Add a circuit breaker: const breaker = new CircuitBreaker(fetchExternal, { timeout: 5000, errorThresholdPercentage: 50 }); breaker.fallback(() => cachedResponse); — and use AbortController for request-level timeouts.",
|
|
317
|
+
confidence: 0.75,
|
|
318
|
+
});
|
|
319
|
+
}
|
|
320
|
+
// ── SOV-015: Administrative operations without audit trail ──────────────
|
|
321
|
+
const adminOpLines = [];
|
|
322
|
+
lines.forEach((line, index) => {
|
|
323
|
+
const trimmed = line.trim();
|
|
324
|
+
if (isCommentLine(trimmed))
|
|
325
|
+
return;
|
|
326
|
+
if (/(?:\.delete\(|\.destroy\(|\.drop\(|\.truncate\(|\.revoke\(|\.disable\(|\.suspend\(|\.terminate\(|\.purge\(|\.wipe\(|\.removeAll\(|\.deleteMany\(|\.dropTable|\.dropDatabase|\.dropCollection|admin\.(?:create|delete|update|grant|revoke)|setRole|assignRole|revokeRole|changePassword|resetPassword)/i.test(line) &&
|
|
327
|
+
!/audit|log\.|logger\.|console\.|track|record|emit.*event|chronicle|journal/i.test(line)) {
|
|
328
|
+
adminOpLines.push(index + 1);
|
|
329
|
+
}
|
|
330
|
+
});
|
|
331
|
+
const hasAuditPattern = /(?:audit.?log|audit.?trail|audit.?event|audit.?record|AuditLogger|createAuditEntry|logAuditEvent|emitAuditEvent|chronicle|compliance.?log)/i.test(code);
|
|
332
|
+
if (adminOpLines.length > 0 && !hasAuditPattern && code.split("\n").length > 15) {
|
|
333
|
+
findings.push({
|
|
334
|
+
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
335
|
+
severity: "high",
|
|
336
|
+
title: "Administrative operations without audit trail",
|
|
337
|
+
description: "Destructive or privileged operations (delete, destroy, drop, revoke, role changes, password resets) are performed without visible audit logging. Without audit trails, the organization loses operational sovereignty — the ability to independently verify who did what, when, and why.",
|
|
338
|
+
lineNumbers: adminOpLines.slice(0, 10),
|
|
339
|
+
recommendation: "Log all administrative and destructive operations to a tamper-evident audit trail. Include actor identity, timestamp, operation type, affected resource, and outcome. Store audit logs in a separate, append-only store with retention policies.",
|
|
340
|
+
reference: "Operational Sovereignty / Audit Trail Requirements",
|
|
341
|
+
suggestedFix: "Add audit logging before each destructive operation: auditLogger.log({ actor: ctx.userId, action: 'DELETE', resource: resourceId, timestamp: new Date().toISOString(), outcome: 'success' });",
|
|
342
|
+
confidence: 0.8,
|
|
343
|
+
});
|
|
344
|
+
}
|
|
345
|
+
// ── SOV-016: No data export or portability mechanism ────────────────────
|
|
346
|
+
const hasDataStorage = /(?:\.save\(|\.insert\(|\.create\(|\.put\(|\.store\(|\.persist\(|\.upsert\(|\.bulkWrite\(|Model\.create|Repository\.save|database|collection\(|table\()/i.test(code);
|
|
347
|
+
const hasDataExport = /(?:export.*data|data.*export|download|dump|backup|migrate|portability|transfer.*out|extract|bulk.*read|getAll|findAll|cursor|stream.*all|paginate.*all|data.?portability|right.?to.?data)/i.test(code);
|
|
348
|
+
const hasExportApi = /(?:\/export|\/download|\/dump|\/backup|\/migrate|\/extract|\/portability|api.*export|export.*endpoint|bulk.*export)/i.test(code);
|
|
349
|
+
if (hasDataStorage && !hasDataExport && !hasExportApi && code.split("\n").length > 30) {
|
|
350
|
+
findings.push({
|
|
351
|
+
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
352
|
+
severity: "low",
|
|
353
|
+
title: "Data storage without export or portability mechanism",
|
|
354
|
+
description: "Code stores data but has no visible data export, bulk extraction, or portability mechanism. Without data portability, the organization risks vendor lock-in at the data layer — inability to migrate, audit, or exercise sovereignty over stored data.",
|
|
355
|
+
recommendation: "Implement data export APIs (bulk read, streaming export, backup endpoints). Support standard portable formats (JSON, CSV, Parquet). This satisfies both GDPR Article 20 (right to data portability) and operational sovereignty — the ability to migrate data between systems independently.",
|
|
356
|
+
reference: "Operational Sovereignty / Data Portability / GDPR Art. 20",
|
|
357
|
+
suggestedFix: "Add a data export endpoint: app.get('/api/export/:entity', async (req, res) => { const data = await repository.findAll(); res.json(data); }); — and support CSV/JSON format options.",
|
|
358
|
+
confidence: 0.7,
|
|
359
|
+
isAbsenceBased: true,
|
|
360
|
+
});
|
|
361
|
+
}
|
|
362
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
363
|
+
// CATCH-ALL: Sovereignty evidence not explicit
|
|
364
|
+
// ═══════════════════════════════════════════════════════════════════════════
|
|
208
365
|
if (findings.length === 0 && code.length > 0) {
|
|
209
366
|
const hasDataHandling = /(user|customer|personal|profile|account|email|phone|pii|data)/i.test(code);
|
|
210
367
|
if (hasDataHandling) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-sovereignty.js","sourceRoot":"","sources":["../../src/evaluators/data-sovereignty.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,sBAAsB,CAAC,IAAY,EAAE,SAAiB;IACpE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,KAAK,CAAC;IACrB,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,MAAM,kBAAkB,GAAa,EAAE,CAAC;IACxC,MAAM,6BAA6B,GAAa,EAAE,CAAC;IACnD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,qFAAqF;QACrF,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAE/D,IAAI,iDAAiD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACjE,kBAAkB,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,IACE,2EAA2E,CAAC,IAAI,CAAC,IAAI,CAAC;YACtF,CAAC,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,EAClE,CAAC;YACD,6BAA6B,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,iFAAiF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAErH,IAAI,6BAA6B,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;QACjE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,kDAAkD;YACzD,WAAW,EACT,iKAAiK;YACnK,WAAW,EAAE,6BAA6B,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACvD,cAAc,EACZ,6GAA6G;YAC/G,SAAS,EAAE,4CAA4C;YACvD,YAAY,EACV,0IAA0I;YAC5I,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,sBAAsB,GAAa,EAAE,CAAC;IAC5C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,sFAAsF,CAAC,IAAI,CAAC,IAAI,CAAC;YACjG,CAAC,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,EAC7E,CAAC;YACD,sBAAsB,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACzC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,sBAAsB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gEAAgE;YACvE,WAAW,EACT,yIAAyI;YAC3I,WAAW,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAChD,cAAc,EACZ,sIAAsI;YACxI,SAAS,EAAE,sDAAsD;YACjE,YAAY,EACV,qJAAqJ;YACvJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,0FAA0F,CAAC,IAAI,CAAC,IAAI,CAAC;YACrG,CAAC,oDAAoD,CAAC,IAAI,CAAC,IAAI,CAAC,EAChE,CAAC;YACD,gBAAgB,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wEAAwE;YAC/E,WAAW,EACT,kJAAkJ;YACpJ,WAAW,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC1C,cAAc,EACZ,qGAAqG;YACvG,SAAS,EAAE,qDAAqD;YAChE,YAAY,EACV,gIAAgI;YAClI,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,qFAAqF;QACrF,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,+EAA+E;QAC/E,IAAI,gGAAgG,CAAC,IAAI,CAAC,IAAI,CAAC;YAC7G,OAAO;QACT,wEAAwE;QACxE,IAAI,0DAA0D,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO;QAClF,2GAA2G;QAC3G,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO;QAC3F,IACE,oEAAoE,CAAC,IAAI,CAAC,IAAI,CAAC;YAC/E,CAAC,mFAAmF,CAAC,IAAI,CAAC,IAAI,CAAC,EAC/F,CAAC;YACD,WAAW,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qDAAqD;YAC5D,WAAW,EACT,oJAAoJ;YACtJ,WAAW,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACrC,cAAc,EACZ,qHAAqH;YACvH,SAAS,EAAE,4CAA4C;YACvD,YAAY,EACV,sJAAsJ;YACxJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,iBAAiB,GAAG,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvG,MAAM,oBAAoB,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE5G,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,iBAAiB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,kEAAkE;YACzE,WAAW,EACT,uHAAuH;YACzH,WAAW,EAAE,kBAAkB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5C,cAAc,EACZ,uGAAuG;YACzG,SAAS,EAAE,2CAA2C;YACtD,YAAY,EACV,iJAAiJ;YACnJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,yDAAyD;IACzD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,uGAAuG,CAAC,IAAI,CAC1G,IAAI,CACL;YACD,CAAC,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,EACnD,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;QAC5C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iEAAiE;YACxE,WAAW,EACT,oQAAoQ;YACtQ,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAClC,cAAc,EACZ,+KAA+K;YACjL,SAAS,EAAE,+DAA+D;YAC1E,YAAY,EACV,oJAAoJ;YACtJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,wKAAwK,CAAC,IAAI,CAC3K,IAAI,CACL;YACD,CAAC,gEAAgE,CAAC,IAAI,CAAC,IAAI,CAAC,EAC5E,CAAC;YACD,cAAc,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mDAAmD;YAC1D,WAAW,EACT,oMAAoM;YACtM,WAAW,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,EACZ,qPAAqP;YACvP,SAAS,EAAE,kDAAkD;YAC7D,YAAY,EACV,8JAA8J;YAChK,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,MAAM,YAAY,GAChB,4HAA4H,CAAC,IAAI,CAC/H,IAAI,CACL,CAAC;IACJ,MAAM,kBAAkB,GACtB,qGAAqG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnH,MAAM,QAAQ,GAAG,+DAA+D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE5F,IAAI,YAAY,IAAI,QAAQ,IAAI,CAAC,kBAAkB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACpF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,sDAAsD;YAC7D,WAAW,EACT,gQAAgQ;YAClQ,cAAc,EACZ,0LAA0L;YAC5L,SAAS,EAAE,wDAAwD;YACnE,YAAY,EACV,kHAAkH;YACpH,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,uDAAuD;IACvD,MAAM,qBAAqB,GAAG,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,MAAM,mBAAmB,GACvB,2GAA2G,CAAC,IAAI,CAC9G,IAAI,CACL,CAAC;IAEJ,IAAI,qBAAqB,IAAI,CAAC,mBAAmB,IAAI,CAAC,oBAAoB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC3G,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,sDAAsD;YAC7D,WAAW,EACT,yNAAyN;YAC3N,cAAc,EACZ,kNAAkN;YACpN,SAAS,EAAE,sDAAsD;YACjE,YAAY,EACV,+JAA+J;YACjK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7C,MAAM,eAAe,GAAG,gEAAgE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpG,IAAI,eAAe,EAAE,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACvD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,2CAA2C;gBAClD,WAAW,EACT,mKAAmK;gBACrK,cAAc,EACZ,qGAAqG;gBACvG,SAAS,EAAE,qCAAqC;gBAChD,YAAY,EACV,+IAA+I;gBACjJ,UAAU,EAAE,GAAG;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
1
|
+
{"version":3,"file":"data-sovereignty.js","sourceRoot":"","sources":["../../src/evaluators/data-sovereignty.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,MAAM,UAAU,sBAAsB,CAAC,IAAY,EAAE,SAAiB;IACpE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,KAAK,CAAC;IACrB,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,MAAM,kBAAkB,GAAa,EAAE,CAAC;IACxC,MAAM,6BAA6B,GAAa,EAAE,CAAC;IACnD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,qFAAqF;QACrF,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAE/D,IAAI,iDAAiD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACjE,kBAAkB,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,IACE,2EAA2E,CAAC,IAAI,CAAC,IAAI,CAAC;YACtF,CAAC,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,EAClE,CAAC;YACD,6BAA6B,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,iFAAiF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAErH,IAAI,6BAA6B,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;QACjE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,kDAAkD;YACzD,WAAW,EACT,iKAAiK;YACnK,WAAW,EAAE,6BAA6B,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACvD,cAAc,EACZ,6GAA6G;YAC/G,SAAS,EAAE,4CAA4C;YACvD,YAAY,EACV,0IAA0I;YAC5I,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,sBAAsB,GAAa,EAAE,CAAC;IAC5C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,sFAAsF,CAAC,IAAI,CAAC,IAAI,CAAC;YACjG,CAAC,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,EAC7E,CAAC;YACD,sBAAsB,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACzC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,sBAAsB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gEAAgE;YACvE,WAAW,EACT,yIAAyI;YAC3I,WAAW,EAAE,sBAAsB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAChD,cAAc,EACZ,sIAAsI;YACxI,SAAS,EAAE,sDAAsD;YACjE,YAAY,EACV,qJAAqJ;YACvJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,0FAA0F,CAAC,IAAI,CAAC,IAAI,CAAC;YACrG,CAAC,oDAAoD,CAAC,IAAI,CAAC,IAAI,CAAC,EAChE,CAAC;YACD,gBAAgB,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wEAAwE;YAC/E,WAAW,EACT,kJAAkJ;YACpJ,WAAW,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC1C,cAAc,EACZ,qGAAqG;YACvG,SAAS,EAAE,qDAAqD;YAChE,YAAY,EACV,gIAAgI;YAClI,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,qFAAqF;QACrF,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,+EAA+E;QAC/E,IAAI,gGAAgG,CAAC,IAAI,CAAC,IAAI,CAAC;YAC7G,OAAO;QACT,wEAAwE;QACxE,IAAI,0DAA0D,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO;QAClF,2GAA2G;QAC3G,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAO;QAC3F,IACE,oEAAoE,CAAC,IAAI,CAAC,IAAI,CAAC;YAC/E,CAAC,mFAAmF,CAAC,IAAI,CAAC,IAAI,CAAC,EAC/F,CAAC;YACD,WAAW,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qDAAqD;YAC5D,WAAW,EACT,oJAAoJ;YACtJ,WAAW,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACrC,cAAc,EACZ,qHAAqH;YACvH,SAAS,EAAE,4CAA4C;YACvD,YAAY,EACV,sJAAsJ;YACxJ,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,MAAM,iBAAiB,GAAG,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvG,MAAM,oBAAoB,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE5G,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,IAAI,iBAAiB,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,kEAAkE;YACzE,WAAW,EACT,uHAAuH;YACzH,WAAW,EAAE,kBAAkB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC5C,cAAc,EACZ,uGAAuG;YACzG,SAAS,EAAE,2CAA2C;YACtD,YAAY,EACV,iJAAiJ;YACnJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,yDAAyD;IACzD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,uGAAuG,CAAC,IAAI,CAC1G,IAAI,CACL;YACD,CAAC,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,EACnD,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;QAC5C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iEAAiE;YACxE,WAAW,EACT,oQAAoQ;YACtQ,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAClC,cAAc,EACZ,+KAA+K;YACjL,SAAS,EAAE,+DAA+D;YAC1E,YAAY,EACV,oJAAoJ;YACtJ,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QAC/D,IACE,wKAAwK,CAAC,IAAI,CAC3K,IAAI,CACL;YACD,CAAC,gEAAgE,CAAC,IAAI,CAAC,IAAI,CAAC,EAC5E,CAAC;YACD,cAAc,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mDAAmD;YAC1D,WAAW,EACT,oMAAoM;YACtM,WAAW,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACxC,cAAc,EACZ,qPAAqP;YACvP,SAAS,EAAE,kDAAkD;YAC7D,YAAY,EACV,8JAA8J;YAChK,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,MAAM,YAAY,GAChB,4HAA4H,CAAC,IAAI,CAC/H,IAAI,CACL,CAAC;IACJ,MAAM,kBAAkB,GACtB,qGAAqG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnH,MAAM,QAAQ,GAAG,+DAA+D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE5F,IAAI,YAAY,IAAI,QAAQ,IAAI,CAAC,kBAAkB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACpF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,sDAAsD;YAC7D,WAAW,EACT,gQAAgQ;YAClQ,cAAc,EACZ,0LAA0L;YAC5L,SAAS,EAAE,wDAAwD;YACnE,YAAY,EACV,kHAAkH;YACpH,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,uDAAuD;IACvD,MAAM,qBAAqB,GAAG,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,MAAM,mBAAmB,GACvB,2GAA2G,CAAC,IAAI,CAC9G,IAAI,CACL,CAAC;IAEJ,IAAI,qBAAqB,IAAI,CAAC,mBAAmB,IAAI,CAAC,oBAAoB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC3G,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,sDAAsD;YAC7D,WAAW,EACT,yNAAyN;YAC3N,cAAc,EACZ,kNAAkN;YACpN,SAAS,EAAE,sDAAsD;YACjE,YAAY,EACV,+JAA+J;YACjK,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,8EAA8E;IAC9E,4BAA4B;IAC5B,kEAAkE;IAClE,mEAAmE;IACnE,8EAA8E;IAE9E,2EAA2E;IAC3E,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,aAAa,CAAC,OAAO,CAAC;YAAE,OAAO;QACnC,IACE,6KAA6K,CAAC,IAAI,CAChL,IAAI,CACL;YACD,CAAC,uGAAuG,CAAC,IAAI,CAC3G,IAAI,CACL,EACD,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mDAAmD;YAC1D,WAAW,EACT,oSAAoS;YACtS,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAClC,cAAc,EACZ,uMAAuM;YACzM,SAAS,EAAE,6CAA6C;YACxD,YAAY,EACV,oOAAoO;YACtO,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,2EAA2E;IAC3E,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,aAAa,CAAC,OAAO,CAAC;YAAE,OAAO;QACnC,IACE,+ZAA+Z,CAAC,IAAI,CACla,IAAI,CACL;YACD,CAAC,wJAAwJ,CAAC,IAAI,CAC5J,IAAI,CACL,EACD,CAAC;YACD,aAAa,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAChC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,gBAAgB,GACpB,4EAA4E,CAAC,IAAI,CAAC,IAAI,CAAC;QACvF,kDAAkD,CAAC,IAAI,CAAC,IAAI,CAAC;QAC7D,oEAAoE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAElF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,gEAAgE;YACvE,WAAW,EACT,oRAAoR;YACtR,WAAW,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACvC,cAAc,EACZ,0QAA0Q;YAC5Q,SAAS,EAAE,kDAAkD;YAC7D,YAAY,EACV,qLAAqL;YACvL,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,2EAA2E;IAC3E,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,aAAa,CAAC,OAAO,CAAC;YAAE,OAAO;QACnC,IACE,gQAAgQ,CAAC,IAAI,CACnQ,IAAI,CACL;YACD,CAAC,oGAAoG,CAAC,IAAI,CAAC,IAAI,CAAC,EAChH,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,iBAAiB,GACrB,uHAAuH,CAAC,IAAI,CAC1H,IAAI,CACL,CAAC;IAEJ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,sDAAsD;YAC7D,WAAW,EACT,mUAAmU;YACrU,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAClC,cAAc,EACZ,mRAAmR;YACrR,SAAS,EAAE,iDAAiD;YAC5D,YAAY,EACV,2MAA2M;YAC7M,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,8EAA8E;IAC9E,0BAA0B;IAC1B,sEAAsE;IACtE,0EAA0E;IAC1E,8EAA8E;IAE9E,2EAA2E;IAC3E,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,aAAa,CAAC,OAAO,CAAC;YAAE,OAAO;QACnC,IACE,oKAAoK,CAAC,IAAI,CACvK,IAAI,CACL;YACD,CAAC,iIAAiI,CAAC,IAAI,CACrI,IAAI,CACL,EACD,CAAC;YACD,iBAAiB,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACpC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,oBAAoB,GACxB,sLAAsL,CAAC,IAAI,CACzL,IAAI,CACL,CAAC;IAEJ,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,oBAAoB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC1F,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,kEAAkE;YACzE,WAAW,EACT,8QAA8Q;YAChR,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC3C,cAAc,EACZ,8OAA8O;YAChP,SAAS,EAAE,+CAA+C;YAC1D,YAAY,EACV,0NAA0N;YAC5N,UAAU,EAAE,IAAI;SACjB,CAAC,CAAC;IACL,CAAC;IAED,2EAA2E;IAC3E,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,aAAa,CAAC,OAAO,CAAC;YAAE,OAAO;QACnC,IACE,wSAAwS,CAAC,IAAI,CAC3S,IAAI,CACL;YACD,CAAC,4EAA4E,CAAC,IAAI,CAAC,IAAI,CAAC,EACxF,CAAC;YACD,YAAY,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GACnB,6IAA6I,CAAC,IAAI,CAChJ,IAAI,CACL,CAAC;IAEJ,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,+CAA+C;YACtD,WAAW,EACT,0RAA0R;YAC5R,WAAW,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YACtC,cAAc,EACZ,kPAAkP;YACpP,SAAS,EAAE,oDAAoD;YAC/D,YAAY,EACV,+LAA+L;YACjM,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;IACL,CAAC;IAED,2EAA2E;IAC3E,MAAM,cAAc,GAClB,yJAAyJ,CAAC,IAAI,CAC5J,IAAI,CACL,CAAC;IACJ,MAAM,aAAa,GACjB,4LAA4L,CAAC,IAAI,CAC/L,IAAI,CACL,CAAC;IACJ,MAAM,YAAY,GAChB,sHAAsH,CAAC,IAAI,CACzH,IAAI,CACL,CAAC;IAEJ,IAAI,cAAc,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACtF,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,sDAAsD;YAC7D,WAAW,EACT,wPAAwP;YAC1P,cAAc,EACZ,8RAA8R;YAChS,SAAS,EAAE,2DAA2D;YACtE,YAAY,EACV,sLAAsL;YACxL,UAAU,EAAE,GAAG;YACf,cAAc,EAAE,IAAI;SACrB,CAAC,CAAC;IACL,CAAC;IAED,8EAA8E;IAC9E,+CAA+C;IAC/C,8EAA8E;IAE9E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7C,MAAM,eAAe,GAAG,gEAAgE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpG,IAAI,eAAe,EAAE,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACvD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,2CAA2C;gBAClD,WAAW,EACT,mKAAmK;gBACrK,cAAc,EACZ,qGAAqG;gBACvG,SAAS,EAAE,qCAAqC;gBAChD,YAAY,EACV,+IAA+I;gBACjJ,UAAU,EAAE,GAAG;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-sovereignty.d.ts","sourceRoot":"","sources":["../../src/judges/data-sovereignty.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEnD,eAAO,MAAM,oBAAoB,EAAE,
|
|
1
|
+
{"version":3,"file":"data-sovereignty.d.ts","sourceRoot":"","sources":["../../src/judges/data-sovereignty.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEnD,eAAO,MAAM,oBAAoB,EAAE,eAiDlC,CAAC"}
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
export const dataSovereigntyJudge = {
|
|
2
2
|
id: "data-sovereignty",
|
|
3
|
-
name: "Judge
|
|
4
|
-
domain: "Data
|
|
5
|
-
description: "Evaluates code for data residency enforcement, cross-border transfer controls,
|
|
3
|
+
name: "Judge Sovereignty",
|
|
4
|
+
domain: "Data, Technological & Operational Sovereignty",
|
|
5
|
+
description: "Evaluates code for data residency enforcement, cross-border transfer controls, jurisdiction-aware data handling, vendor independence (technological sovereignty), and operational self-governance (audit trails, resilience, data portability).",
|
|
6
6
|
rulePrefix: "SOV",
|
|
7
|
-
systemPrompt: `You are Judge
|
|
7
|
+
systemPrompt: `You are Judge Sovereignty — a specialist in data residency, cross-border data transfer controls, jurisdictional compliance, cloud architecture governance, technological independence, and operational self-governance.
|
|
8
8
|
|
|
9
|
-
|
|
9
|
+
You evaluate code across THREE sovereignty pillars:
|
|
10
|
+
|
|
11
|
+
═══ PILLAR 1: DATA SOVEREIGNTY ═══
|
|
10
12
|
1. **Data Residency Enforcement**: Are region choices explicit and constrained? Is storage pinned to approved jurisdictions (e.g., EU-only, US-only)?
|
|
11
13
|
2. **Cross-Border Transfer Controls**: Are outbound data flows to third-party APIs/services controlled and restricted by jurisdiction?
|
|
12
14
|
3. **Transfer Mechanisms**: Where cross-border transfer is required, are lawful mechanisms and safeguards represented (SCCs, adequacy assumptions, contractual controls)?
|
|
@@ -18,17 +20,31 @@ YOUR EVALUATION CRITERIA:
|
|
|
18
20
|
9. **Data Egress Guardrails**: Are there controls that prevent accidental export (logs, telemetry, exports, support tooling)?
|
|
19
21
|
10. **Evidence and Auditability**: Are controls observable and auditable (region tags, policy checks, alerts, deployment guardrails)?
|
|
20
22
|
|
|
23
|
+
═══ PILLAR 2: TECHNOLOGICAL SOVEREIGNTY ═══
|
|
24
|
+
11. **Cryptographic Key Sovereignty**: Are encryption keys controlled by the organization (BYOK, CMK, HSM import) rather than solely vendor-managed?
|
|
25
|
+
12. **AI/ML Model Portability**: Are AI/ML integrations abstracted to allow model swapping, or tightly coupled to a single vendor's platform?
|
|
26
|
+
13. **Identity Provider Independence**: Is authentication federated via open standards (OIDC, SAML) or locked to a single vendor's identity service?
|
|
27
|
+
14. **Open Standards Adoption**: Does code favor open protocols (AMQP, MQTT, gRPC, OpenTelemetry) over proprietary alternatives?
|
|
28
|
+
15. **Supply Chain Sovereignty**: Are dependencies sourced from trusted, auditable registries with mirroring capability?
|
|
29
|
+
|
|
30
|
+
═══ PILLAR 3: OPERATIONAL SOVEREIGNTY ═══
|
|
31
|
+
16. **Resilience and Autonomous Operation**: Are external dependencies wrapped with circuit breakers, timeouts, and fallback strategies for autonomous operation during outages?
|
|
32
|
+
17. **Audit Trail Completeness**: Are administrative and destructive operations logged to a tamper-evident audit trail with actor, action, resource, and timestamp?
|
|
33
|
+
18. **Data Portability and Exit Strategy**: Can stored data be exported, migrated, or transferred in standard portable formats?
|
|
34
|
+
19. **Incident Response Capability**: Does code include structured error classification, alerting hooks, and incident metadata for independent incident management?
|
|
35
|
+
20. **Operational Observability Ownership**: Are logs, metrics, and traces under organizational control (self-hosted or sovereign cloud) rather than exclusively routed to foreign SaaS?
|
|
36
|
+
|
|
21
37
|
RULES FOR YOUR EVALUATION:
|
|
22
38
|
- Assign rule IDs with prefix "SOV-" (e.g. SOV-001).
|
|
23
|
-
- Flag both code-level and architecture-level sovereignty risks.
|
|
39
|
+
- Flag both code-level and architecture-level sovereignty risks across all three pillars.
|
|
24
40
|
- Distinguish between hard violations (critical/high) and weak governance posture (medium/low).
|
|
25
|
-
- Recommend concrete remediations: region pinning,
|
|
26
|
-
- Score from 0-100 where 100 means strong sovereignty posture.
|
|
41
|
+
- Recommend concrete remediations: region pinning, BYOK, provider abstraction, circuit breakers, audit logging, and data export APIs.
|
|
42
|
+
- Score from 0-100 where 100 means strong sovereignty posture across data, technology, and operations.
|
|
27
43
|
|
|
28
44
|
ADVERSARIAL MANDATE:
|
|
29
45
|
- Your role is adversarial: assume sovereignty controls are missing unless explicitly shown.
|
|
30
46
|
- Never praise or compliment the code. Report only gaps, risks, and deficiencies.
|
|
31
|
-
- If uncertain, flag potential
|
|
47
|
+
- If uncertain, flag potential sovereignty exposure and explain the assumption.
|
|
32
48
|
- Absence of findings does not prove sovereignty compliance. State this explicitly.`,
|
|
33
49
|
};
|
|
34
50
|
//# sourceMappingURL=data-sovereignty.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-sovereignty.js","sourceRoot":"","sources":["../../src/judges/data-sovereignty.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,oBAAoB,GAAoB;IACnD,EAAE,EAAE,kBAAkB;IACtB,IAAI,EAAE,
|
|
1
|
+
{"version":3,"file":"data-sovereignty.js","sourceRoot":"","sources":["../../src/judges/data-sovereignty.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,oBAAoB,GAAoB;IACnD,EAAE,EAAE,kBAAkB;IACtB,IAAI,EAAE,mBAAmB;IACzB,MAAM,EAAE,+CAA+C;IACvD,WAAW,EACT,iPAAiP;IACnP,UAAU,EAAE,KAAK;IACjB,YAAY,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oFAyCoE;CACnF,CAAC"}
|
package/package.json
CHANGED