@kya-os/checkpoint-nextjs 1.2.0 → 1.7.1

package/dist/index.d.ts

@@ -1,4 +1,4 @@
-export { CheckpointConfig, withCheckpoint } from './middleware-node.js';
+export { VERSION, withCheckpoint } from './middleware-node.js';
 export { createAgentShieldMiddleware, createAgentShieldMiddleware as createMiddleware } from './create-middleware.js';
 export { AgentDetectionEvent, AgentSession, AgentShieldMiddlewareConfig, CheckpointApiMiddlewareConfig, EnhancedMiddlewareConfig, StorageAdapter, StorageConfig, agentShieldMiddleware, createEnhancedAgentShieldMiddleware, withAgentShield, withCheckpointApi } from './api-middleware.js';
 export { createAgentShieldMiddleware as createAgentShieldMiddlewareBase } from './middleware.js';
@@ -6,20 +6,12 @@ export { EdgeSessionTracker, SessionData, SessionTrackingConfig, StatelessSessio
 export { AgentShieldClient, AgentShieldClientConfig, CheckpointApiClient, CheckpointApiClientConfig, EnforceInput, EnforceResponse, EnforcementDecision, LogDetectionInput, getAgentShieldClient, getCheckpointApiClient, resetAgentShieldClient, resetCheckpointApiClient } from './api-client.js';
 export { A as AgentShieldRequest, D as DetectionContext, N as NextJSMiddlewareConfig } from './types-D9RQvPNy.js';
 export { NextJSPolicyMiddlewareConfig, PolicyMiddlewareConfig, applyPolicy, buildBlockedResponse as buildPolicyBlockedResponse, buildRedirectResponse as buildPolicyRedirectResponse, createContextFromDetection, evaluatePolicyForDetection, getPolicy, handlePolicyDecision } from './policy.js';
+export { C as CheckpointConfig } from './config-DyU4l5er.js';
 export { DEFAULT_POLICY, ENFORCEMENT_ACTIONS, EnforcementAction, PolicyConfig, PolicyEvaluationContext, PolicyEvaluationResult, createEvaluationContext, evaluatePolicy } from '@kya-os/checkpoint-shared';
+import '@kya-os/checkpoint-wasm-runtime/engine';
 import '@kya-os/checkpoint-wasm-runtime/adapters';
 import 'next/server';
-import '@kya-os/checkpoint-wasm-runtime/engine';
+import '@kya-os/checkpoint-wasm-runtime/reporter';
+import './composed-policy.js';
+import '@kya-os/checkpoint-wasm-runtime/composed-policy';
 import '@kya-os/checkpoint';
-
-/**
- * @fileoverview Checkpoint Next.js Integration
- * @license MIT OR Apache-2.0
- */
-
-/**
- * Library version
- */
-declare const VERSION = "0.1.0";
-
-export { VERSION };

package/dist/index.js

@@ -2,8 +2,10 @@
 
 var orchestrator = require('@kya-os/checkpoint-wasm-runtime/orchestrator');
 var adapters = require('@kya-os/checkpoint-wasm-runtime/adapters');
-var server = require('next/server');
+var reporter = require('@kya-os/checkpoint-wasm-runtime/reporter');
 var checkpointShared = require('@kya-os/checkpoint-shared');
+var server = require('next/server');
+var composedPolicy = require('@kya-os/checkpoint-wasm-runtime/composed-policy');
 
 // src/middleware-node.ts
 function adaptToNextResponse(rendered, req) {
@@ -54,6 +56,96 @@ function applyHeaders(res, headers) {
     res.headers.set(key, value);
   }
 }
+var DEFAULT_DASHBOARD_URL = "https://kya.vouched.id";
+var NOOP_LOGGER = {
+  shadowDivergence: () => {
+  },
+  evaluationError: () => {
+  }
+};
+function makeComposedPolicyContext(opts) {
+  const { projectId, fetcher } = opts;
+  const cache = composedPolicy.makeComposedPolicyCache({ compile: opts.compile, cacheMax: opts.cacheMax });
+  const logger = opts.logger ?? NOOP_LOGGER;
+  return {
+    async apply(result, path) {
+      const structured = { decision: result.decision, acted: false };
+      const policy = await fetcher.getPolicy(projectId);
+      const outcome = await composedPolicy.evaluateComposedPolicy({
+        cache,
+        projectId,
+        flags: {
+          policyLanguage: policy.policyLanguage,
+          policySourceText: policy.policySourceText,
+          engineEnforcementEnabled: policy.engineEnforcementEnabled,
+          enabled: policy.enabled
+        },
+        authorizeInput: composedPolicy.verifyResultToAuthorizeInput(result, { tenantId: projectId, path }),
+        baselineDecisionKind: result.decision.kind
+      });
+      if ((outcome.status === "acting" || outcome.status === "shadow") && outcome.diverged) {
+        logger.shadowDivergence({
+          projectId,
+          path,
+          engineDecision: outcome.engineDecision.kind,
+          structuredDecision: result.decision.kind,
+          detectionClass: result.detectionDetail.detectionClass.type,
+          verificationMethod: result.detectionDetail.verificationMethod,
+          confidence: result.detectionDetail.confidence,
+          agentName: result.detectionDetail.detectedAgent?.name
+        });
+      }
+      if (outcome.status === "error") {
+        logger.evaluationError(projectId, outcome.error);
+        return structured;
+      }
+      if (outcome.status === "acting") {
+        return {
+          decision: outcome.engineDecision,
+          acted: true,
+          // Echo the SSOT revision pin with the decision it produced (#3246
+          // PR5). Conditional spread: absent upstream stays absent here.
+          ...policy.policySourceHash ? { composedBlobHash: policy.policySourceHash } : {}
+        };
+      }
+      return structured;
+    },
+    async trustedDelegationRoots() {
+      const policy = await fetcher.getPolicy(projectId);
+      return policy.trustedDelegationRoots ?? [];
+    }
+  };
+}
+async function resolveTrustedDelegationRootsForRequest(resolver, headers) {
+  if (!resolver) return void 0;
+  if (!checkpointShared.requestCarriesDelegationProof(headers)) return void 0;
+  const roots = await resolver();
+  return roots.length > 0 ? roots : void 0;
+}
+async function applyComposedPolicy(context, result, path) {
+  if (!context) return;
+  try {
+    const outcome = await context.apply(result, path);
+    if (outcome.acted) {
+      result.decision = outcome.decision;
+      if (outcome.composedBlobHash) {
+        result.composedBlobHash = outcome.composedBlobHash;
+      }
+    }
+  } catch {
+  }
+}
+var consoleComposedPolicyLogger = {
+  shadowDivergence(info) {
+    console.warn("[checkpoint/composed-policy] shadow-divergence", info);
+  },
+  evaluationError(projectId, error) {
+    console.error(
+      `[checkpoint/composed-policy] evaluation failed for ${projectId}; using structured decision:`,
+      error
+    );
+  }
+};
 
 // src/translate.ts
 async function nextRequestToHttpLike(req, opts = {}) {
@@ -98,15 +190,96 @@ function extractRemoteAddress(req) {
 // src/middleware-node.ts
 function withCheckpoint(config) {
   const opts = buildVerifyOpts(config);
+  const reporter = buildReporter(config);
+  const composed = buildComposedContext(config);
+  const trustedRootsResolver = buildTrustedRootsResolver(config, composed);
   const translateOpts = { drainJsonBody: config.drainJsonBody };
-  return async function checkpointMiddleware(req) {
+  return async function checkpointMiddleware(req, event) {
     const httpLike = await nextRequestToHttpLike(req, translateOpts);
-    const result = await orchestrator.verifyRequest(httpLike, opts);
+    const trustedDelegationRoots = await resolveTrustedDelegationRootsForRequest(
+      trustedRootsResolver,
+      req.headers
+    );
+    const result = await orchestrator.verifyRequest(
+      httpLike,
+      trustedDelegationRoots ? { ...opts, trustedDelegationRoots } : opts
+    );
+    await applyComposedPolicy(composed, result, req.nextUrl.pathname);
+    if (reporter) {
+      const reportPromise = reporter(result, extractReporterContext(req));
+      if (event) {
+        event.waitUntil(reportPromise);
+      }
+    }
     await dispatchOnResult(config, result, req);
-    const rendered = orchestrator.renderDecisionAsResponse(result);
+    const bodyReadable200 = checkpointShared.selectBodyReadable200(
+      config.delegationChallengeMode ?? "spec-401",
+      req.headers,
+      result.detectionDetail.detectionClass
+    );
+    const rendered = orchestrator.renderDecisionAsResponse(result, { bodyReadable200 });
     return adaptToNextResponse(rendered, req);
   };
 }
+var SDK_NAME = "@kya-os/checkpoint-nextjs";
+var VERSION = "1.7.1";
+function buildReporter(config, runtime = "node") {
+  if (!config.apiKey) return null;
+  return reporter.makeDetectionReporter({
+    apiKey: config.apiKey,
+    baseUrl: config.baseUrl,
+    debug: config.debug,
+    // Self-identify (incl. node-vs-edge) so the dashboard can version-gate
+    // enforcement. Next.js EDGE composed enforcement is opt-in (needs
+    // `cedarWasmModule`), so the dashboard shows it as opt-in, never "Enforcing".
+    sdk: { name: SDK_NAME, version: VERSION, runtime }
+  });
+}
+function buildTrustedRootsResolver(config, composed) {
+  if (composed?.trustedDelegationRoots) {
+    return () => composed.trustedDelegationRoots();
+  }
+  if (!config.projectId) return null;
+  const fetcher = new checkpointShared.PolicyFetcher({
+    apiBaseUrl: config.dashboardUrl ?? config.baseUrl ?? DEFAULT_DASHBOARD_URL,
+    apiKey: config.apiKey,
+    cacheTtlSeconds: config.policyCacheTtlSeconds
+  });
+  const projectId = config.projectId;
+  return async () => (await fetcher.getPolicy(projectId)).trustedDelegationRoots ?? [];
+}
+function buildComposedContext(config) {
+  if (config.composedPolicyEnforcer) return config.composedPolicyEnforcer;
+  if (!config.projectId) return null;
+  return makeComposedPolicyContext({
+    projectId: config.projectId,
+    fetcher: new checkpointShared.PolicyFetcher({
+      apiBaseUrl: config.dashboardUrl ?? config.baseUrl ?? DEFAULT_DASHBOARD_URL,
+      apiKey: config.apiKey,
+      cacheTtlSeconds: config.policyCacheTtlSeconds
+    }),
+    // LAZY dynamic import — NOT a top-level `import` — so the node-only
+    // `./policy` glue (`createRequire`/`fs` at module load) is never pulled into
+    // the Edge bundle. `middleware-edge.ts` imports helpers from this file, so a
+    // top-level `./policy` import would surface as a side-effect import in the
+    // edge bundle and boot-fail on Vercel edge. The import is cached after first
+    // call; the core's single-flight cache wraps the (now async) compile.
+    compile: async (_language, source) => {
+      const { createPolicyEvaluator } = await import('@kya-os/checkpoint-wasm-runtime/policy');
+      return createPolicyEvaluator(source);
+    },
+    logger: config.debug ? consoleComposedPolicyLogger : void 0
+  });
+}
+function extractReporterContext(req) {
+  return {
+    userAgent: req.headers.get("user-agent") ?? void 0,
+    ipAddress: req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() ?? req.headers.get("x-real-ip") ?? void 0,
+    path: req.nextUrl.pathname,
+    url: req.nextUrl.href,
+    method: req.method
+  };
+}
 function buildVerifyOpts(config) {
   const overrides = config.adapters ?? {};
   return {
@@ -130,8 +303,6 @@ async function dispatchOnResult(config, result, req) {
   } catch {
   }
 }
-
-// src/middleware.ts
 var MIGRATION_ERROR = "@kya-os/checkpoint-nextjs's `createAgentShieldMiddleware` / `agentShield` were deleted in Phase D (engine consolidation). The 600-line TS pattern matcher that backed them is gone. Migrate to `withCheckpoint` from `@kya-os/checkpoint-nextjs` (Node runtime) or `@kya-os/checkpoint-nextjs/edge` (Edge runtime). See packages/checkpoint-nextjs/CHANGELOG.md (1.0.0) for the recipe.";
 function createAgentShieldMiddleware(_config = {}) {
   throw new Error(MIGRATION_ERROR);
@@ -397,7 +568,7 @@ function safeHostname(url) {
 // src/responses/agent-instruction.ts
 var MCP_I_DOCS_URL = "https://docs.knowthat.ai/mcp-i/getting-started";
 var DEFAULT_CONNECT_PATH = "/connect";
-function buildAgentInstructionResponse(request, decision, redirectUrl) {
+function buildAgentInstructionResponse(request, decision, redirectUrl, options) {
   const resolved = resolveUrl(redirectUrl ?? DEFAULT_CONNECT_PATH, request.url);
   const agentName = decision.agentName || decision.agentType || "unknown";
   if (!resolved.searchParams.has("agent")) {
@@ -448,8 +619,11 @@ It only takes a moment and you won't need to do it again. Once you're done, ask
       confidence: decision.confidence
     }
   };
-  const response = server.NextResponse.json(body, { status: 401 });
-  response.headers.set("WWW-Authenticate", `KYA realm="api", authorization_uri="${authUrl}"`);
+  const bodyReadable200 = options?.bodyReadable200 ?? false;
+  const response = server.NextResponse.json(body, { status: bodyReadable200 ? 200 : 401 });
+  if (!bodyReadable200) {
+    response.headers.set("WWW-Authenticate", `KYA realm="api", authorization_uri="${authUrl}"`);
+  }
   response.headers.set(
     "Link",
     `<${authUrl}>; rel="kya-authorize", <${MCP_I_DOCS_URL}>; rel="help"`
@@ -642,7 +816,14 @@ function withCheckpointApi(config = {}) {
             return buildRedirectResponse(request, decision, config);
           }
           const targetUrl = config.redirectUrl || decision.redirectUrl;
-          return buildAgentInstructionResponse(request, decision, targetUrl);
+          const bodyReadable200 = checkpointShared.selectBodyReadable200(
+            config.delegationChallengeMode ?? "spec-401",
+            request.headers,
+            result.data.detection?.detectionClass
+          );
+          return buildAgentInstructionResponse(request, decision, targetUrl, {
+            bodyReadable200
+          });
         }
         case "challenge": {
           return buildRedirectResponse(request, decision, config);
@@ -1007,9 +1188,6 @@ async function applyPolicy(request, detection, config) {
     );
   }
 }
-
-// src/index.ts
-var VERSION = "0.1.0";
 /**
  * @fileoverview Checkpoint Next.js Integration
  * @license MIT OR Apache-2.0

package/dist/index.mjs

@@ -1,8 +1,10 @@
 import { verifyRequest, renderDecisionAsResponse } from '@kya-os/checkpoint-wasm-runtime/orchestrator';
 import { makeSystemClock, makePolicyEvaluator, makeReputationOracle, makeStatusListCache, makeDidResolver } from '@kya-os/checkpoint-wasm-runtime/adapters';
-import { NextResponse } from 'next/server';
-import { isKnownAiCrawler, createEvaluationContext, evaluatePolicy, ENFORCEMENT_ACTIONS, PolicyConfigSchema, DEFAULT_POLICY, matchPath, acceptsHtml, encodeVerdictCookie, classifyResponseShape, BLOCKED_PATH, createPolicyFetcher, VERDICT_COOKIE_NAME } from '@kya-os/checkpoint-shared';
+import { makeDetectionReporter } from '@kya-os/checkpoint-wasm-runtime/reporter';
+import { selectBodyReadable200, PolicyFetcher, isKnownAiCrawler, createEvaluationContext, evaluatePolicy, ENFORCEMENT_ACTIONS, PolicyConfigSchema, DEFAULT_POLICY, matchPath, requestCarriesDelegationProof, acceptsHtml, encodeVerdictCookie, classifyResponseShape, BLOCKED_PATH, createPolicyFetcher, VERDICT_COOKIE_NAME } from '@kya-os/checkpoint-shared';
 export { DEFAULT_POLICY, ENFORCEMENT_ACTIONS, createEvaluationContext, evaluatePolicy } from '@kya-os/checkpoint-shared';
+import { NextResponse } from 'next/server';
+import { makeComposedPolicyCache, evaluateComposedPolicy, verifyResultToAuthorizeInput } from '@kya-os/checkpoint-wasm-runtime/composed-policy';
 
 // src/middleware-node.ts
 function adaptToNextResponse(rendered, req) {
@@ -53,6 +55,96 @@ function applyHeaders(res, headers) {
     res.headers.set(key, value);
   }
 }
+var DEFAULT_DASHBOARD_URL = "https://kya.vouched.id";
+var NOOP_LOGGER = {
+  shadowDivergence: () => {
+  },
+  evaluationError: () => {
+  }
+};
+function makeComposedPolicyContext(opts) {
+  const { projectId, fetcher } = opts;
+  const cache = makeComposedPolicyCache({ compile: opts.compile, cacheMax: opts.cacheMax });
+  const logger = opts.logger ?? NOOP_LOGGER;
+  return {
+    async apply(result, path) {
+      const structured = { decision: result.decision, acted: false };
+      const policy = await fetcher.getPolicy(projectId);
+      const outcome = await evaluateComposedPolicy({
+        cache,
+        projectId,
+        flags: {
+          policyLanguage: policy.policyLanguage,
+          policySourceText: policy.policySourceText,
+          engineEnforcementEnabled: policy.engineEnforcementEnabled,
+          enabled: policy.enabled
+        },
+        authorizeInput: verifyResultToAuthorizeInput(result, { tenantId: projectId, path }),
+        baselineDecisionKind: result.decision.kind
+      });
+      if ((outcome.status === "acting" || outcome.status === "shadow") && outcome.diverged) {
+        logger.shadowDivergence({
+          projectId,
+          path,
+          engineDecision: outcome.engineDecision.kind,
+          structuredDecision: result.decision.kind,
+          detectionClass: result.detectionDetail.detectionClass.type,
+          verificationMethod: result.detectionDetail.verificationMethod,
+          confidence: result.detectionDetail.confidence,
+          agentName: result.detectionDetail.detectedAgent?.name
+        });
+      }
+      if (outcome.status === "error") {
+        logger.evaluationError(projectId, outcome.error);
+        return structured;
+      }
+      if (outcome.status === "acting") {
+        return {
+          decision: outcome.engineDecision,
+          acted: true,
+          // Echo the SSOT revision pin with the decision it produced (#3246
+          // PR5). Conditional spread: absent upstream stays absent here.
+          ...policy.policySourceHash ? { composedBlobHash: policy.policySourceHash } : {}
+        };
+      }
+      return structured;
+    },
+    async trustedDelegationRoots() {
+      const policy = await fetcher.getPolicy(projectId);
+      return policy.trustedDelegationRoots ?? [];
+    }
+  };
+}
+async function resolveTrustedDelegationRootsForRequest(resolver, headers) {
+  if (!resolver) return void 0;
+  if (!requestCarriesDelegationProof(headers)) return void 0;
+  const roots = await resolver();
+  return roots.length > 0 ? roots : void 0;
+}
+async function applyComposedPolicy(context, result, path) {
+  if (!context) return;
+  try {
+    const outcome = await context.apply(result, path);
+    if (outcome.acted) {
+      result.decision = outcome.decision;
+      if (outcome.composedBlobHash) {
+        result.composedBlobHash = outcome.composedBlobHash;
+      }
+    }
+  } catch {
+  }
+}
+var consoleComposedPolicyLogger = {
+  shadowDivergence(info) {
+    console.warn("[checkpoint/composed-policy] shadow-divergence", info);
+  },
+  evaluationError(projectId, error) {
+    console.error(
+      `[checkpoint/composed-policy] evaluation failed for ${projectId}; using structured decision:`,
+      error
+    );
+  }
+};
 
 // src/translate.ts
 async function nextRequestToHttpLike(req, opts = {}) {
@@ -97,15 +189,96 @@ function extractRemoteAddress(req) {
 // src/middleware-node.ts
 function withCheckpoint(config) {
   const opts = buildVerifyOpts(config);
+  const reporter = buildReporter(config);
+  const composed = buildComposedContext(config);
+  const trustedRootsResolver = buildTrustedRootsResolver(config, composed);
   const translateOpts = { drainJsonBody: config.drainJsonBody };
-  return async function checkpointMiddleware(req) {
+  return async function checkpointMiddleware(req, event) {
     const httpLike = await nextRequestToHttpLike(req, translateOpts);
-    const result = await verifyRequest(httpLike, opts);
+    const trustedDelegationRoots = await resolveTrustedDelegationRootsForRequest(
+      trustedRootsResolver,
+      req.headers
+    );
+    const result = await verifyRequest(
+      httpLike,
+      trustedDelegationRoots ? { ...opts, trustedDelegationRoots } : opts
+    );
+    await applyComposedPolicy(composed, result, req.nextUrl.pathname);
+    if (reporter) {
+      const reportPromise = reporter(result, extractReporterContext(req));
+      if (event) {
+        event.waitUntil(reportPromise);
+      }
+    }
     await dispatchOnResult(config, result, req);
-    const rendered = renderDecisionAsResponse(result);
+    const bodyReadable200 = selectBodyReadable200(
+      config.delegationChallengeMode ?? "spec-401",
+      req.headers,
+      result.detectionDetail.detectionClass
+    );
+    const rendered = renderDecisionAsResponse(result, { bodyReadable200 });
     return adaptToNextResponse(rendered, req);
   };
 }
+var SDK_NAME = "@kya-os/checkpoint-nextjs";
+var VERSION = "1.7.1";
+function buildReporter(config, runtime = "node") {
+  if (!config.apiKey) return null;
+  return makeDetectionReporter({
+    apiKey: config.apiKey,
+    baseUrl: config.baseUrl,
+    debug: config.debug,
+    // Self-identify (incl. node-vs-edge) so the dashboard can version-gate
+    // enforcement. Next.js EDGE composed enforcement is opt-in (needs
+    // `cedarWasmModule`), so the dashboard shows it as opt-in, never "Enforcing".
+    sdk: { name: SDK_NAME, version: VERSION, runtime }
+  });
+}
+function buildTrustedRootsResolver(config, composed) {
+  if (composed?.trustedDelegationRoots) {
+    return () => composed.trustedDelegationRoots();
+  }
+  if (!config.projectId) return null;
+  const fetcher = new PolicyFetcher({
+    apiBaseUrl: config.dashboardUrl ?? config.baseUrl ?? DEFAULT_DASHBOARD_URL,
+    apiKey: config.apiKey,
+    cacheTtlSeconds: config.policyCacheTtlSeconds
+  });
+  const projectId = config.projectId;
+  return async () => (await fetcher.getPolicy(projectId)).trustedDelegationRoots ?? [];
+}
+function buildComposedContext(config) {
+  if (config.composedPolicyEnforcer) return config.composedPolicyEnforcer;
+  if (!config.projectId) return null;
+  return makeComposedPolicyContext({
+    projectId: config.projectId,
+    fetcher: new PolicyFetcher({
+      apiBaseUrl: config.dashboardUrl ?? config.baseUrl ?? DEFAULT_DASHBOARD_URL,
+      apiKey: config.apiKey,
+      cacheTtlSeconds: config.policyCacheTtlSeconds
+    }),
+    // LAZY dynamic import — NOT a top-level `import` — so the node-only
+    // `./policy` glue (`createRequire`/`fs` at module load) is never pulled into
+    // the Edge bundle. `middleware-edge.ts` imports helpers from this file, so a
+    // top-level `./policy` import would surface as a side-effect import in the
+    // edge bundle and boot-fail on Vercel edge. The import is cached after first
+    // call; the core's single-flight cache wraps the (now async) compile.
+    compile: async (_language, source) => {
+      const { createPolicyEvaluator } = await import('@kya-os/checkpoint-wasm-runtime/policy');
+      return createPolicyEvaluator(source);
+    },
+    logger: config.debug ? consoleComposedPolicyLogger : void 0
+  });
+}
+function extractReporterContext(req) {
+  return {
+    userAgent: req.headers.get("user-agent") ?? void 0,
+    ipAddress: req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() ?? req.headers.get("x-real-ip") ?? void 0,
+    path: req.nextUrl.pathname,
+    url: req.nextUrl.href,
+    method: req.method
+  };
+}
 function buildVerifyOpts(config) {
   const overrides = config.adapters ?? {};
   return {
@@ -129,8 +302,6 @@ async function dispatchOnResult(config, result, req) {
   } catch {
   }
 }
-
-// src/middleware.ts
 var MIGRATION_ERROR = "@kya-os/checkpoint-nextjs's `createAgentShieldMiddleware` / `agentShield` were deleted in Phase D (engine consolidation). The 600-line TS pattern matcher that backed them is gone. Migrate to `withCheckpoint` from `@kya-os/checkpoint-nextjs` (Node runtime) or `@kya-os/checkpoint-nextjs/edge` (Edge runtime). See packages/checkpoint-nextjs/CHANGELOG.md (1.0.0) for the recipe.";
 function createAgentShieldMiddleware(_config = {}) {
   throw new Error(MIGRATION_ERROR);
@@ -396,7 +567,7 @@ function safeHostname(url) {
 // src/responses/agent-instruction.ts
 var MCP_I_DOCS_URL = "https://docs.knowthat.ai/mcp-i/getting-started";
 var DEFAULT_CONNECT_PATH = "/connect";
-function buildAgentInstructionResponse(request, decision, redirectUrl) {
+function buildAgentInstructionResponse(request, decision, redirectUrl, options) {
   const resolved = resolveUrl(redirectUrl ?? DEFAULT_CONNECT_PATH, request.url);
   const agentName = decision.agentName || decision.agentType || "unknown";
   if (!resolved.searchParams.has("agent")) {
@@ -447,8 +618,11 @@ It only takes a moment and you won't need to do it again. Once you're done, ask
       confidence: decision.confidence
     }
   };
-  const response = NextResponse.json(body, { status: 401 });
-  response.headers.set("WWW-Authenticate", `KYA realm="api", authorization_uri="${authUrl}"`);
+  const bodyReadable200 = options?.bodyReadable200 ?? false;
+  const response = NextResponse.json(body, { status: bodyReadable200 ? 200 : 401 });
+  if (!bodyReadable200) {
+    response.headers.set("WWW-Authenticate", `KYA realm="api", authorization_uri="${authUrl}"`);
+  }
   response.headers.set(
     "Link",
     `<${authUrl}>; rel="kya-authorize", <${MCP_I_DOCS_URL}>; rel="help"`
@@ -641,7 +815,14 @@ function withCheckpointApi(config = {}) {
             return buildRedirectResponse(request, decision, config);
           }
           const targetUrl = config.redirectUrl || decision.redirectUrl;
-          return buildAgentInstructionResponse(request, decision, targetUrl);
+          const bodyReadable200 = selectBodyReadable200(
+            config.delegationChallengeMode ?? "spec-401",
+            request.headers,
+            result.data.detection?.detectionClass
+          );
+          return buildAgentInstructionResponse(request, decision, targetUrl, {
+            bodyReadable200
+          });
         }
         case "challenge": {
           return buildRedirectResponse(request, decision, config);
@@ -1006,9 +1187,6 @@ async function applyPolicy(request, detection, config) {
     );
   }
 }
-
-// src/index.ts
-var VERSION = "0.1.0";
 /**
  * @fileoverview Checkpoint Next.js Integration
  * @license MIT OR Apache-2.0

package/dist/middleware-edge.d.mts

@@ -1,8 +1,12 @@
-import { NextRequest, NextResponse } from 'next/server';
+import { NextRequest, NextFetchEvent, NextResponse } from 'next/server';
 export { initEngineEdge } from '@kya-os/checkpoint-wasm-runtime/orchestrator/edge';
-import { CheckpointConfig } from './middleware-node.mjs';
+export { initPolicyEvaluatorEdge } from '@kya-os/checkpoint-wasm-runtime/policy-edge';
+import { C as CheckpointConfig } from './config-DAwIA4DB.mjs';
 import '@kya-os/checkpoint-wasm-runtime/adapters';
 import '@kya-os/checkpoint-wasm-runtime/engine';
+import '@kya-os/checkpoint-shared';
+import './composed-policy.mjs';
+import '@kya-os/checkpoint-wasm-runtime/composed-policy';
 
 /**
  * D.3 — Edge-runtime Next.js middleware entry.
@@ -41,6 +45,6 @@ import '@kya-os/checkpoint-wasm-runtime/engine';
  * factory closure is being built. The first request awaits the same
  * promise; subsequent requests resolve sync.
  */
-declare function withCheckpoint(config: CheckpointConfig): (req: NextRequest) => Promise<NextResponse>;
+declare function withCheckpoint(config: CheckpointConfig): (req: NextRequest, event?: NextFetchEvent) => Promise<NextResponse>;
 
 export { CheckpointConfig, withCheckpoint };

package/dist/middleware-edge.d.ts

@@ -1,8 +1,12 @@
-import { NextRequest, NextResponse } from 'next/server';
+import { NextRequest, NextFetchEvent, NextResponse } from 'next/server';
 export { initEngineEdge } from '@kya-os/checkpoint-wasm-runtime/orchestrator/edge';
-import { CheckpointConfig } from './middleware-node.js';
+export { initPolicyEvaluatorEdge } from '@kya-os/checkpoint-wasm-runtime/policy-edge';
+import { C as CheckpointConfig } from './config-DyU4l5er.js';
 import '@kya-os/checkpoint-wasm-runtime/adapters';
 import '@kya-os/checkpoint-wasm-runtime/engine';
+import '@kya-os/checkpoint-shared';
+import './composed-policy.js';
+import '@kya-os/checkpoint-wasm-runtime/composed-policy';
 
 /**
  * D.3 — Edge-runtime Next.js middleware entry.
@@ -41,6 +45,6 @@ import '@kya-os/checkpoint-wasm-runtime/engine';
  * factory closure is being built. The first request awaits the same
  * promise; subsequent requests resolve sync.
  */
-declare function withCheckpoint(config: CheckpointConfig): (req: NextRequest) => Promise<NextResponse>;
+declare function withCheckpoint(config: CheckpointConfig): (req: NextRequest, event?: NextFetchEvent) => Promise<NextResponse>;
 
 export { CheckpointConfig, withCheckpoint };