@kya-os/checkpoint-wasm-runtime 1.4.2 → 1.4.4

package/CHANGELOG.md

@@ -1,5 +1,93 @@
 # @kya-os/checkpoint-wasm-runtime
 
+## 1.4.4 — 2026-05-18
+
+**Third recovery release. Do NOT use 1.4.3 — the published manifest
+shipped `@kya-os/checkpoint-shared: "workspace:*"` instead of the
+resolved version. Consumers can't install with any package manager
+(pnpm errors with `ERR_PNPM_WORKSPACE_PKG_NOT_FOUND`; npm/yarn try to
+fetch `workspace:*` from the registry and fail).**
+
+### What 1.4.3 got wrong (and 1.4.4 fixes)
+
+The new publish workflow (#2675/#2676) uses `npm pack --ignore-scripts`
+so it can skip `prepublishOnly` (which would re-introduce the wasm-pack
+`.gitignore` poison that broke 1.4.1/1.4.2). The trade-off we missed:
+`pnpm publish` and `pnpm pack` rewrite the `workspace:` protocol to
+concrete versions at pack-time; `npm pack` does NOT. So the new
+workflow shipped a manifest that no package manager outside the source
+workspace could resolve.
+
+Fix in this release:
+
+1. **Pre-pack substitution step** in `pack-and-verify-tarball`: reads
+   `@kya-os/checkpoint-shared`'s actual version from the workspace and
+   rewrites `workspace:*` → `1.1.0` (or whatever the workspace publishes)
+   in the wasm-runtime manifest before `npm pack` runs.
+2. **New `MANIFEST GATE`** in the same job: extracts the packed
+   `package.json` from the tarball and asserts zero `workspace:`
+   substrings in any dependency field. The 1.4.3 publish would have
+   failed at this gate.
+
+Two artifact-shape gates (1.4.1/1.4.2 failure) + two manifest gates
+(1.4.3 failure) + a post-publish re-fetch gate now stand between any
+future publish and a broken registry entry.
+
+## 1.4.3 — 2026-05-18 — DEPRECATED (workspace:\* leak)
+
+**Second recovery release. Do NOT use 1.4.1 OR 1.4.2 — both shipped
+broken tarballs missing `wasm/kya-os-engine/*` (nodejs target) and
+`wasm/kya-os-engine-web/*` (web target). Consumers crash on import
+with `ERR_MODULE_NOT_FOUND` (or `FUNCTION_INVOCATION_FAILED` on
+Vercel).**
+
+### What 1.4.2 got wrong (and 1.4.3 fixes)
+
+The 1.4.2 recovery was supposed to fix the missing-artifact bug from
+1.4.1 by building all three wasm targets before publish. The local
+build DID produce all the artifact files on disk — but the tarball
+still shipped only `README.md` in those subdirs.
+
+Root cause: **`wasm-pack build` writes a `.gitignore` containing `*`
+into every `--out-dir`.** `pnpm pack` (and `npm pack`) honour nested
+`.gitignore` patterns when filtering tarball contents, so every just-
+built `.wasm` + `.js` + `.d.ts` gets filtered OUT of the tarball at
+pack time. Only `README.md` survives because npm has a hardcoded rule
+to always include READMEs. The 1.4.2 publish flow had no gate that
+inspected tarball contents post-pack, so the broken state shipped
+silently for a second time.
+
+### What 1.4.3 ships
+
+Same TS + Rust changes as 1.4.1/1.4.2 (no code regression). New
+defenses:
+
+- `rust/scripts/build-engine-wasm.sh` now `rm -f`s the wasm-pack-
+  generated `.gitignore` from each `--out-dir` post-build. The poison
+  files can't reach `pnpm pack` from a clean local-dev publish.
+- `packages/checkpoint-wasm-runtime` `copy-engine-wasm-bundler` npm
+  script chains a matching `rm -f` for the bundler target.
+- New CI workflow `.github/workflows/publish-wasm-runtime.yml`:
+  builds all three targets in-runner, defuses the `.gitignore` poison
+  before pack, packs the tarball, **asserts the required `.wasm` +
+  `.js` paths are inside the tarball before publish**, and **re-
+  fetches the published tarball from npm post-publish and re-runs the
+  same assertions** to catch registry-side mutations. After a
+  successful publish, the workflow dispatches a `repository_dispatch`
+  event to `checkpoint-customers` so its bench fixture's lockfile can
+  be auto-bumped.
+
+This is the gate 1.4.1 + 1.4.2 would have failed. Future broken
+tarballs can't reach the registry.
+
+### Migration
+
+Upgrade `@kya-os/checkpoint-wasm-runtime` from `1.4.1` or `1.4.2` to
+`1.4.3`. Both poisoned versions will be deprecated on npm with a
+"Broken tarball — upgrade to 1.4.3" message after this release lands.
+
+---
+
 ## 1.4.2 — 2026-05-18
 
 **Recovery release. Do NOT use 1.4.1 — it was published with a broken

package/dist/engine.d.mts

@@ -35,9 +35,9 @@ export { DetectionDetail, McpIPayload } from '@kya-os/checkpoint-shared';
  *      detection probes — bundler entry runs the same JS in every
  *      runtime; no detection needed.
  *
- * Consumers that don't use a bundler (raw Node + ESM, no transpile)
- * should use the explicit `./node` subpath which keeps the
- * `--target nodejs` artifact and its band-aids.
+ * Node consumers are routed to the Node-safe bridge via the package
+ * exports `"node"` condition on `./engine`; the generic bundler bridge
+ * remains the default for bundlers that do not request Node resolution.
  */
 
 /**

package/dist/engine.d.ts

@@ -35,9 +35,9 @@ export { DetectionDetail, McpIPayload } from '@kya-os/checkpoint-shared';
  *      detection probes — bundler entry runs the same JS in every
  *      runtime; no detection needed.
  *
- * Consumers that don't use a bundler (raw Node + ESM, no transpile)
- * should use the explicit `./node` subpath which keeps the
- * `--target nodejs` artifact and its band-aids.
+ * Node consumers are routed to the Node-safe bridge via the package
+ * exports `"node"` condition on `./engine`; the generic bundler bridge
+ * remains the default for bundlers that do not request Node resolution.
  */
 
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kya-os/checkpoint-wasm-runtime",
-  "version": "1.4.2",
+  "version": "1.4.4",
   "description": "Checkpoint WASM runtime for AI agent detection across all environments (formerly @kya-os/agentshield-wasm-runtime)",
   "keywords": [
     "ai",
@@ -55,6 +55,11 @@
         "types": "./dist/engine-edge.d.ts",
         "import": "./dist/engine-edge.mjs"
       },
+      "node": {
+        "types": "./dist/engine-node.d.ts",
+        "import": "./dist/engine-node.mjs",
+        "require": "./dist/engine-node.js"
+      },
       "types": "./dist/engine.d.ts",
       "import": "./dist/engine.mjs",
       "require": "./dist/engine.js"
@@ -122,26 +127,6 @@
   "engines": {
     "node": ">=18.0.0"
   },
-  "dependencies": {
-    "multiformats": "^13",
-    "@kya-os/checkpoint-shared": "1.1.0"
-  },
-  "devDependencies": {
-    "@types/node": "^20.11.24",
-    "@vitest/coverage-v8": "^1.3.1",
-    "rimraf": "^5.0.5",
-    "tsup": "^8.0.2",
-    "typescript": "^5.4.2",
-    "vite-plugin-top-level-await": "^1.6.0",
-    "vite-plugin-wasm": "^3.6.0",
-    "vitest": "^1.3.1"
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "sideEffects": [
-    "./wasm/**/*.js"
-  ],
   "scripts": {
     "build": "tsup",
     "build:watch": "tsup --watch",
@@ -155,10 +140,31 @@
     "lint:fix": "eslint src --ext .ts,.tsx --fix",
     "format": "prettier --write \"src/**/*.{ts,tsx,json,md}\"",
     "format:check": "prettier --check \"src/**/*.{ts,tsx,json,md}\"",
+    "prepublishOnly": "pnpm copy-wasm && pnpm copy-engine-wasm && pnpm copy-engine-wasm-web && pnpm copy-engine-wasm-bundler && pnpm build && pnpm test",
     "copy-wasm": "mkdir -p ./wasm && cp ../../rust/crates/agentshield-wasm/pkg/agentshield_wasm_bg.wasm ./wasm/",
     "copy-engine-wasm": "mkdir -p ./wasm/kya-os-engine && cp ../../rust/crates/kya-os-engine/pkg/kya_os_engine_bg.wasm ../../rust/crates/kya-os-engine/pkg/kya_os_engine_bg.wasm.d.ts ../../rust/crates/kya-os-engine/pkg/kya_os_engine.d.ts ../../rust/crates/kya-os-engine/pkg/kya_os_engine.js ./wasm/kya-os-engine/",
     "copy-engine-wasm-web": "mkdir -p ./wasm/kya-os-engine-web && cp ../../rust/crates/kya-os-engine/pkg-web/kya_os_engine_bg.wasm ../../rust/crates/kya-os-engine/pkg-web/kya_os_engine_bg.wasm.d.ts ../../rust/crates/kya-os-engine/pkg-web/kya_os_engine.d.ts ../../rust/crates/kya-os-engine/pkg-web/kya_os_engine.js ./wasm/kya-os-engine-web/",
-    "copy-engine-wasm-bundler": "mkdir -p ./wasm/kya-os-engine-bundler && cp ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine_bg.wasm ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine_bg.wasm.d.ts ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine_bg.js ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine.d.ts ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine.js ./wasm/kya-os-engine-bundler/",
+    "copy-engine-wasm-bundler": "mkdir -p ./wasm/kya-os-engine-bundler && cp ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine_bg.wasm ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine_bg.wasm.d.ts ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine_bg.js ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine.d.ts ../../rust/crates/kya-os-engine/pkg-bundler/kya_os_engine.js ./wasm/kya-os-engine-bundler/ && rm -f ./wasm/kya-os-engine-bundler/.gitignore",
     "wasm:rebuild": "bash ../../rust/scripts/build-engine-wasm.sh"
-  }
-}
+  },
+  "dependencies": {
+    "@kya-os/checkpoint-shared": "1.1.0",
+    "multiformats": "^13"
+  },
+  "devDependencies": {
+    "@types/node": "^20.11.24",
+    "@vitest/coverage-v8": "^1.3.1",
+    "rimraf": "^5.0.5",
+    "tsup": "^8.0.2",
+    "typescript": "^5.4.2",
+    "vite-plugin-top-level-await": "^1.6.0",
+    "vite-plugin-wasm": "^3.6.0",
+    "vitest": "^1.3.1"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "sideEffects": [
+    "./wasm/**/*.js"
+  ]
+}

package/wasm/kya-os-engine/kya_os_engine.d.ts

@@ -0,0 +1,24 @@
+/* tslint:disable */
+/* eslint-disable */
+/**
+ * Cross-boundary `verify` wrapper. The JS host calls `engine.verify(input,
+ * ctxSpec)`; on success it gets a [`VerifyResult`] JSON object; on
+ * infrastructure failure (or malformed input) it gets a thrown JS error
+ * whose message names the failure mode.
+ *
+ * **Error semantics**:
+ *
+ * - Verification *verdicts* (Block/Challenge/etc.) surface inside the
+ *   returned `VerifyResult` — they are not thrown.
+ * - Engine [`VerifyError`][crate::error::VerifyError] (resolver / cache /
+ *   reputation / policy infra failures) surface as thrown JS errors.
+ * - Serde deserialisation failures (malformed JS input) surface as thrown
+ *   JS errors too, mirroring the typed-vs-thrown split.
+ *
+ * # JS signature
+ *
+ * ```ts
+ * function verify(input: AgentRequest, ctx: ContextSpec): VerifyResult;
+ * ```
+ */
+export function verify(input_js: any, ctx_js: any): any;