@lucern/contracts 0.3.0-alpha.11 → 0.3.0-alpha.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/generated/convexSchemas.js +2 -2
- package/dist/generated/convexSchemas.js.map +1 -1
- package/dist/generated/infisicalRuntimeEnv.js +246 -0
- package/dist/generated/infisicalRuntimeEnv.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +439 -2
- package/dist/index.js.map +1 -1
- package/dist/infisical-runtime.contract.d.ts +26 -0
- package/dist/infisical-runtime.contract.js +31 -0
- package/dist/infisical-runtime.contract.js.map +1 -1
- package/dist/manifests/infisical-runtime-manifest.d.ts +26 -0
- package/dist/manifests/infisical-runtime-manifest.js +31 -0
- package/dist/manifests/infisical-runtime-manifest.js.map +1 -1
- package/dist/permit-principal-projection.contract.d.ts +74 -0
- package/dist/permit-principal-projection.contract.js +161 -0
- package/dist/permit-principal-projection.contract.js.map +1 -0
- package/dist/proof-attestation.json +1 -1
- package/dist/schemas/index.js +3 -1
- package/dist/schemas/index.js.map +1 -1
- package/dist/schemas/manifest.d.ts +10 -10
- package/dist/schemas/manifest.js +3 -1
- package/dist/schemas/manifest.js.map +1 -1
- package/dist/schemas/tables/controlPlane/accessControl.d.ts +2 -2
- package/dist/schemas/tables/controlPlane/accessControl.js +3 -1
- package/dist/schemas/tables/controlPlane/accessControl.js.map +1 -1
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
|
@@ -25,6 +25,7 @@ export { ProjectionRegistry, projections } from './projections/index.js';
|
|
|
25
25
|
export * from './function-registry/index.js';
|
|
26
26
|
export { t as mcpToolsContract } from './tool-contracts-BevD9Ho2.js';
|
|
27
27
|
export { EntityConnectionMatch, EntityMatchCandidate, EntityTypeMatch, OntologyEntityType, rankEntityConnections, rankEntityTypeMatches, scoreEntityConnection, scoreEntityTypeMatch } from './v1/ontologies/v1.js';
|
|
28
|
+
export { PermitAliasProjection, PermitGroupMembershipProjection, PermitPrincipalProjection, PermitProjectedUserRecord, PermitProjectionPlatformRole, PermitProjectionRows, PermitRoleAssignmentProjection, buildProjectedUserFromPermitPrincipal, findProjectedUserByPermitClerkId, findProjectedUserByPermitPrincipalId, isActivePermitProjectionStatus, mapPermitRoleToPlatformRole, readPermitProjectionString } from './permit-principal-projection.contract.js';
|
|
28
29
|
export { LucernPrompt, LucernPromptModelHint, isLucernPrompt } from './prompt.contract.js';
|
|
29
30
|
export { AddEvidenceInput, AddWorktreeInput, BeliefResult, BisectConfidenceInput, BisectResult, BranchResult, CompileContextInput, CompiledContextResult, ConfidenceResult, ContradictionResult, CreateBeliefInput, CreateBranchInput, CreateEdgeInput, EdgeResult, EvidenceResult, FlagContradictionInput, ForkBeliefInput, ForkResult, JudgmentResult, LineageResult, LucernClient, LucernClientConfig, LucernGraphMethods, LucernWorkflowMethods, MergeInput, MergeResult, ModulateConfidenceInput, OpenPullRequestInput, PullRequestResult, PushInput, PushResult, QueryLineageInput, RecordJudgmentInput, RefineBeliefInput, SearchBeliefsInput, WorktreeResult } from './sdk-methods.contract.js';
|
|
30
31
|
export { s as sdkToolsContract } from './sdk-tools.contract-BNklQDfB.js';
|
package/dist/index.js
CHANGED
|
@@ -5789,7 +5789,9 @@ var permitObjectType = z.enum([
|
|
|
5789
5789
|
"group",
|
|
5790
5790
|
"resource_instance",
|
|
5791
5791
|
"relationship_tuple",
|
|
5792
|
-
"role_assignment"
|
|
5792
|
+
"role_assignment",
|
|
5793
|
+
"attribute_binding",
|
|
5794
|
+
"policy_bundle"
|
|
5793
5795
|
]);
|
|
5794
5796
|
var permitOutboxOperation = z.enum([
|
|
5795
5797
|
"upsert",
|
|
@@ -8732,6 +8734,37 @@ var PLATFORM_SECRET_DEFINITIONS = [
|
|
|
8732
8734
|
],
|
|
8733
8735
|
description: "Permit.io API key used for MC sync and policy checks. Must fail closed if missing."
|
|
8734
8736
|
},
|
|
8737
|
+
{
|
|
8738
|
+
id: "platform.permit.webhook-secret",
|
|
8739
|
+
canonicalName: "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
8740
|
+
aliases: ["PERMIT_WEBHOOK_SECRET"],
|
|
8741
|
+
owner: "lucern_platform",
|
|
8742
|
+
scope: "environment",
|
|
8743
|
+
sourcePath: "/platform/permit",
|
|
8744
|
+
environmentPolicy: "environment_specific",
|
|
8745
|
+
required: true,
|
|
8746
|
+
secret: true,
|
|
8747
|
+
public: false,
|
|
8748
|
+
consumers: ["mc-convex", "lucern-gateway", "mc-operator-tooling"],
|
|
8749
|
+
destinations: [
|
|
8750
|
+
{
|
|
8751
|
+
kind: "convex",
|
|
8752
|
+
target: "master-control",
|
|
8753
|
+
environmentPolicy: "environment_specific"
|
|
8754
|
+
},
|
|
8755
|
+
{
|
|
8756
|
+
kind: "vercel",
|
|
8757
|
+
target: "lucern-gateway",
|
|
8758
|
+
environmentPolicy: "environment_specific"
|
|
8759
|
+
},
|
|
8760
|
+
{
|
|
8761
|
+
kind: "operator_local",
|
|
8762
|
+
target: "mc-credential-maintenance",
|
|
8763
|
+
environmentPolicy: "environment_specific"
|
|
8764
|
+
}
|
|
8765
|
+
],
|
|
8766
|
+
description: "Permit.io webhook secret used by gateway and MC webhook handlers. Must fail closed if missing."
|
|
8767
|
+
},
|
|
8735
8768
|
{
|
|
8736
8769
|
id: "platform.permit.pdp-url",
|
|
8737
8770
|
canonicalName: "LUCERN_PERMIT_PDP_URL",
|
|
@@ -11127,6 +11160,7 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
11127
11160
|
"LUCERN_PERMIT_API_KEY",
|
|
11128
11161
|
"LUCERN_PERMIT_API_URL",
|
|
11129
11162
|
"LUCERN_PERMIT_PDP_URL",
|
|
11163
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
11130
11164
|
"LUCERN_PROD_DEPLOY_KEY",
|
|
11131
11165
|
"LUCERN_PROD_URL",
|
|
11132
11166
|
"LUCERN_PROFILE",
|
|
@@ -11197,6 +11231,7 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
11197
11231
|
"PERMIT_API_KEY",
|
|
11198
11232
|
"PERMIT_API_URL",
|
|
11199
11233
|
"PERMIT_PDP_URL",
|
|
11234
|
+
"PERMIT_WEBHOOK_SECRET",
|
|
11200
11235
|
"PINECONE_API_KEY",
|
|
11201
11236
|
"PINECONE_HOST",
|
|
11202
11237
|
"PINECONE_INDEX",
|
|
@@ -11376,6 +11411,7 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
11376
11411
|
"LUCERN_PERMIT_API_KEY",
|
|
11377
11412
|
"LUCERN_PERMIT_API_URL",
|
|
11378
11413
|
"LUCERN_PERMIT_PDP_URL",
|
|
11414
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
11379
11415
|
"LUCERN_PROD_DEPLOY_KEY",
|
|
11380
11416
|
"LUCERN_PROD_URL",
|
|
11381
11417
|
"LUCERN_PROFILE",
|
|
@@ -11449,6 +11485,7 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
11449
11485
|
"PERMIT_API_KEY",
|
|
11450
11486
|
"PERMIT_API_URL",
|
|
11451
11487
|
"PERMIT_PDP_URL",
|
|
11488
|
+
"PERMIT_WEBHOOK_SECRET",
|
|
11452
11489
|
"PINECONE_API_KEY",
|
|
11453
11490
|
"PINECONE_HOST",
|
|
11454
11491
|
"PINECONE_INDEX",
|
|
@@ -14209,6 +14246,54 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
14209
14246
|
],
|
|
14210
14247
|
"description": "Optional Permit PDP URL override."
|
|
14211
14248
|
},
|
|
14249
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET": {
|
|
14250
|
+
"secretId": "platform.permit.webhook-secret",
|
|
14251
|
+
"canonicalName": "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
14252
|
+
"envNames": [
|
|
14253
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
14254
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
14255
|
+
],
|
|
14256
|
+
"aliases": [
|
|
14257
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
14258
|
+
],
|
|
14259
|
+
"writeNames": [
|
|
14260
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
14261
|
+
],
|
|
14262
|
+
"required": true,
|
|
14263
|
+
"secret": true,
|
|
14264
|
+
"public": false,
|
|
14265
|
+
"sourcePath": "/platform/permit",
|
|
14266
|
+
"environmentPolicy": "environment_specific",
|
|
14267
|
+
"consumers": [
|
|
14268
|
+
"mc-convex",
|
|
14269
|
+
"lucern-gateway",
|
|
14270
|
+
"mc-operator-tooling"
|
|
14271
|
+
],
|
|
14272
|
+
"destinations": [
|
|
14273
|
+
{
|
|
14274
|
+
"kind": "convex",
|
|
14275
|
+
"target": "master-control",
|
|
14276
|
+
"writeNames": [
|
|
14277
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
14278
|
+
]
|
|
14279
|
+
},
|
|
14280
|
+
{
|
|
14281
|
+
"kind": "vercel",
|
|
14282
|
+
"target": "lucern-gateway",
|
|
14283
|
+
"writeNames": [
|
|
14284
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
14285
|
+
]
|
|
14286
|
+
},
|
|
14287
|
+
{
|
|
14288
|
+
"kind": "operator_local",
|
|
14289
|
+
"target": "mc-credential-maintenance",
|
|
14290
|
+
"writeNames": [
|
|
14291
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
14292
|
+
]
|
|
14293
|
+
}
|
|
14294
|
+
],
|
|
14295
|
+
"description": "Permit.io webhook secret used by gateway and MC webhook handlers. Must fail closed if missing."
|
|
14296
|
+
},
|
|
14212
14297
|
"LUCERN_PROXY_TOKEN_SECRET": {
|
|
14213
14298
|
"secretId": "tenant.stack-frontend.lucern.proxy-token-secret",
|
|
14214
14299
|
"canonicalName": "LUCERN_PROXY_TOKEN_SECRET",
|
|
@@ -16907,6 +16992,8 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
16907
16992
|
"PERMIT_API_URL": "LUCERN_PERMIT_API_URL",
|
|
16908
16993
|
"LUCERN_PERMIT_PDP_URL": "LUCERN_PERMIT_PDP_URL",
|
|
16909
16994
|
"PERMIT_PDP_URL": "LUCERN_PERMIT_PDP_URL",
|
|
16995
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET": "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
16996
|
+
"PERMIT_WEBHOOK_SECRET": "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
16910
16997
|
"LUCERN_PROXY_TOKEN_SECRET": "LUCERN_PROXY_TOKEN_SECRET",
|
|
16911
16998
|
"LUCERN_REQUIRE_DEPLOYMENT_HOST_REGISTRY": "LUCERN_REQUIRE_DEPLOYMENT_HOST_REGISTRY",
|
|
16912
16999
|
"LUCERN_KERNEL_INSTALL_SPEC": "LUCERN_SDK_NPM_TOKEN",
|
|
@@ -18190,6 +18277,54 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
18190
18277
|
],
|
|
18191
18278
|
"description": "Optional Permit PDP URL override."
|
|
18192
18279
|
},
|
|
18280
|
+
{
|
|
18281
|
+
"secretId": "platform.permit.webhook-secret",
|
|
18282
|
+
"canonicalName": "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
18283
|
+
"envNames": [
|
|
18284
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
18285
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
18286
|
+
],
|
|
18287
|
+
"aliases": [
|
|
18288
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
18289
|
+
],
|
|
18290
|
+
"writeNames": [
|
|
18291
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
18292
|
+
],
|
|
18293
|
+
"required": true,
|
|
18294
|
+
"secret": true,
|
|
18295
|
+
"public": false,
|
|
18296
|
+
"sourcePath": "/platform/permit",
|
|
18297
|
+
"environmentPolicy": "environment_specific",
|
|
18298
|
+
"consumers": [
|
|
18299
|
+
"mc-convex",
|
|
18300
|
+
"lucern-gateway",
|
|
18301
|
+
"mc-operator-tooling"
|
|
18302
|
+
],
|
|
18303
|
+
"destinations": [
|
|
18304
|
+
{
|
|
18305
|
+
"kind": "convex",
|
|
18306
|
+
"target": "master-control",
|
|
18307
|
+
"writeNames": [
|
|
18308
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
18309
|
+
]
|
|
18310
|
+
},
|
|
18311
|
+
{
|
|
18312
|
+
"kind": "vercel",
|
|
18313
|
+
"target": "lucern-gateway",
|
|
18314
|
+
"writeNames": [
|
|
18315
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
18316
|
+
]
|
|
18317
|
+
},
|
|
18318
|
+
{
|
|
18319
|
+
"kind": "operator_local",
|
|
18320
|
+
"target": "mc-credential-maintenance",
|
|
18321
|
+
"writeNames": [
|
|
18322
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
18323
|
+
]
|
|
18324
|
+
}
|
|
18325
|
+
],
|
|
18326
|
+
"description": "Permit.io webhook secret used by gateway and MC webhook handlers. Must fail closed if missing."
|
|
18327
|
+
},
|
|
18193
18328
|
{
|
|
18194
18329
|
"secretId": "platform.runtime.require-deployment-host-registry",
|
|
18195
18330
|
"canonicalName": "LUCERN_REQUIRE_DEPLOYMENT_HOST_REGISTRY",
|
|
@@ -21882,6 +22017,54 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
21882
22017
|
],
|
|
21883
22018
|
"description": "Optional Permit PDP URL override."
|
|
21884
22019
|
},
|
|
22020
|
+
{
|
|
22021
|
+
"secretId": "platform.permit.webhook-secret",
|
|
22022
|
+
"canonicalName": "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
22023
|
+
"envNames": [
|
|
22024
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
22025
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
22026
|
+
],
|
|
22027
|
+
"aliases": [
|
|
22028
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
22029
|
+
],
|
|
22030
|
+
"writeNames": [
|
|
22031
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
22032
|
+
],
|
|
22033
|
+
"required": true,
|
|
22034
|
+
"secret": true,
|
|
22035
|
+
"public": false,
|
|
22036
|
+
"sourcePath": "/platform/permit",
|
|
22037
|
+
"environmentPolicy": "environment_specific",
|
|
22038
|
+
"consumers": [
|
|
22039
|
+
"mc-convex",
|
|
22040
|
+
"lucern-gateway",
|
|
22041
|
+
"mc-operator-tooling"
|
|
22042
|
+
],
|
|
22043
|
+
"destinations": [
|
|
22044
|
+
{
|
|
22045
|
+
"kind": "convex",
|
|
22046
|
+
"target": "master-control",
|
|
22047
|
+
"writeNames": [
|
|
22048
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
22049
|
+
]
|
|
22050
|
+
},
|
|
22051
|
+
{
|
|
22052
|
+
"kind": "vercel",
|
|
22053
|
+
"target": "lucern-gateway",
|
|
22054
|
+
"writeNames": [
|
|
22055
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
22056
|
+
]
|
|
22057
|
+
},
|
|
22058
|
+
{
|
|
22059
|
+
"kind": "operator_local",
|
|
22060
|
+
"target": "mc-credential-maintenance",
|
|
22061
|
+
"writeNames": [
|
|
22062
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
22063
|
+
]
|
|
22064
|
+
}
|
|
22065
|
+
],
|
|
22066
|
+
"description": "Permit.io webhook secret used by gateway and MC webhook handlers. Must fail closed if missing."
|
|
22067
|
+
},
|
|
21885
22068
|
{
|
|
21886
22069
|
"secretId": "platform.mc.session-token-secret",
|
|
21887
22070
|
"canonicalName": "LUCERN_SESSION_TOKEN_SECRET",
|
|
@@ -29694,6 +29877,54 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
29694
29877
|
}
|
|
29695
29878
|
],
|
|
29696
29879
|
"operator_local:mc-credential-maintenance": [
|
|
29880
|
+
{
|
|
29881
|
+
"secretId": "platform.permit.webhook-secret",
|
|
29882
|
+
"canonicalName": "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
29883
|
+
"envNames": [
|
|
29884
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
29885
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
29886
|
+
],
|
|
29887
|
+
"aliases": [
|
|
29888
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
29889
|
+
],
|
|
29890
|
+
"writeNames": [
|
|
29891
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
29892
|
+
],
|
|
29893
|
+
"required": true,
|
|
29894
|
+
"secret": true,
|
|
29895
|
+
"public": false,
|
|
29896
|
+
"sourcePath": "/platform/permit",
|
|
29897
|
+
"environmentPolicy": "environment_specific",
|
|
29898
|
+
"consumers": [
|
|
29899
|
+
"mc-convex",
|
|
29900
|
+
"lucern-gateway",
|
|
29901
|
+
"mc-operator-tooling"
|
|
29902
|
+
],
|
|
29903
|
+
"destinations": [
|
|
29904
|
+
{
|
|
29905
|
+
"kind": "convex",
|
|
29906
|
+
"target": "master-control",
|
|
29907
|
+
"writeNames": [
|
|
29908
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
29909
|
+
]
|
|
29910
|
+
},
|
|
29911
|
+
{
|
|
29912
|
+
"kind": "vercel",
|
|
29913
|
+
"target": "lucern-gateway",
|
|
29914
|
+
"writeNames": [
|
|
29915
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
29916
|
+
]
|
|
29917
|
+
},
|
|
29918
|
+
{
|
|
29919
|
+
"kind": "operator_local",
|
|
29920
|
+
"target": "mc-credential-maintenance",
|
|
29921
|
+
"writeNames": [
|
|
29922
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
29923
|
+
]
|
|
29924
|
+
}
|
|
29925
|
+
],
|
|
29926
|
+
"description": "Permit.io webhook secret used by gateway and MC webhook handlers. Must fail closed if missing."
|
|
29927
|
+
},
|
|
29697
29928
|
{
|
|
29698
29929
|
"secretId": "platform.mc.tenant-secret-encryption-key",
|
|
29699
29930
|
"canonicalName": "LUCERN_TENANT_SECRET_ENCRYPTION_KEY",
|
|
@@ -34016,6 +34247,54 @@ var GENERATED_INFISICAL_RUNTIME_ENV = {
|
|
|
34016
34247
|
],
|
|
34017
34248
|
"description": "Optional Permit PDP URL override."
|
|
34018
34249
|
},
|
|
34250
|
+
{
|
|
34251
|
+
"secretId": "platform.permit.webhook-secret",
|
|
34252
|
+
"canonicalName": "LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
34253
|
+
"envNames": [
|
|
34254
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET",
|
|
34255
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
34256
|
+
],
|
|
34257
|
+
"aliases": [
|
|
34258
|
+
"PERMIT_WEBHOOK_SECRET"
|
|
34259
|
+
],
|
|
34260
|
+
"writeNames": [
|
|
34261
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
34262
|
+
],
|
|
34263
|
+
"required": true,
|
|
34264
|
+
"secret": true,
|
|
34265
|
+
"public": false,
|
|
34266
|
+
"sourcePath": "/platform/permit",
|
|
34267
|
+
"environmentPolicy": "environment_specific",
|
|
34268
|
+
"consumers": [
|
|
34269
|
+
"mc-convex",
|
|
34270
|
+
"lucern-gateway",
|
|
34271
|
+
"mc-operator-tooling"
|
|
34272
|
+
],
|
|
34273
|
+
"destinations": [
|
|
34274
|
+
{
|
|
34275
|
+
"kind": "convex",
|
|
34276
|
+
"target": "master-control",
|
|
34277
|
+
"writeNames": [
|
|
34278
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
34279
|
+
]
|
|
34280
|
+
},
|
|
34281
|
+
{
|
|
34282
|
+
"kind": "vercel",
|
|
34283
|
+
"target": "lucern-gateway",
|
|
34284
|
+
"writeNames": [
|
|
34285
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
34286
|
+
]
|
|
34287
|
+
},
|
|
34288
|
+
{
|
|
34289
|
+
"kind": "operator_local",
|
|
34290
|
+
"target": "mc-credential-maintenance",
|
|
34291
|
+
"writeNames": [
|
|
34292
|
+
"LUCERN_PERMIT_WEBHOOK_SECRET"
|
|
34293
|
+
]
|
|
34294
|
+
}
|
|
34295
|
+
],
|
|
34296
|
+
"description": "Permit.io webhook secret used by gateway and MC webhook handlers. Must fail closed if missing."
|
|
34297
|
+
},
|
|
34019
34298
|
{
|
|
34020
34299
|
"secretId": "platform.runtime.require-deployment-host-registry",
|
|
34021
34300
|
"canonicalName": "LUCERN_REQUIRE_DEPLOYMENT_HOST_REGISTRY",
|
|
@@ -42713,6 +42992,164 @@ function rankEntityConnections(nodeText, candidates, options) {
|
|
|
42713
42992
|
).filter((m) => m.score >= minScore).sort((a, b) => b.score - a.score).slice(0, limit);
|
|
42714
42993
|
}
|
|
42715
42994
|
|
|
42995
|
+
// src/permit-principal-projection.contract.ts
|
|
42996
|
+
var PLATFORM_ROLE_PRIORITY = {
|
|
42997
|
+
platform_admin: 70,
|
|
42998
|
+
tenant_admin: 60,
|
|
42999
|
+
workspace_admin: 50,
|
|
43000
|
+
editor: 40,
|
|
43001
|
+
auditor: 30,
|
|
43002
|
+
viewer: 20,
|
|
43003
|
+
service_agent: 10
|
|
43004
|
+
};
|
|
43005
|
+
function readPermitProjectionString(value) {
|
|
43006
|
+
return typeof value === "string" && value.trim() ? value.trim() : void 0;
|
|
43007
|
+
}
|
|
43008
|
+
function isActivePermitProjectionStatus(value) {
|
|
43009
|
+
const status = readPermitProjectionString(value)?.toLowerCase();
|
|
43010
|
+
return !status || status === "active" || status === "synced";
|
|
43011
|
+
}
|
|
43012
|
+
function mapPermitRoleToPlatformRole(role) {
|
|
43013
|
+
switch (readPermitProjectionString(role)?.toLowerCase()) {
|
|
43014
|
+
case "platform_admin":
|
|
43015
|
+
return "platform_admin";
|
|
43016
|
+
case "tenant_admin":
|
|
43017
|
+
return "tenant_admin";
|
|
43018
|
+
case "workspace_admin":
|
|
43019
|
+
case "deployment_admin":
|
|
43020
|
+
case "graph_admin":
|
|
43021
|
+
return "workspace_admin";
|
|
43022
|
+
case "editor":
|
|
43023
|
+
case "workspace_member":
|
|
43024
|
+
case "graph_editor":
|
|
43025
|
+
case "evidence_contributor":
|
|
43026
|
+
case "question_resolver":
|
|
43027
|
+
case "theme_promoter":
|
|
43028
|
+
return "editor";
|
|
43029
|
+
case "auditor":
|
|
43030
|
+
return "auditor";
|
|
43031
|
+
case "viewer":
|
|
43032
|
+
case "graph_viewer":
|
|
43033
|
+
case "stakeholder_viewer":
|
|
43034
|
+
case "stakeholder_summarizer":
|
|
43035
|
+
case "source_drilldown_viewer":
|
|
43036
|
+
case "restricted_data_viewer":
|
|
43037
|
+
case "proprietary_data_viewer":
|
|
43038
|
+
return "viewer";
|
|
43039
|
+
case "service_agent":
|
|
43040
|
+
case "agent_runner":
|
|
43041
|
+
return "service_agent";
|
|
43042
|
+
default:
|
|
43043
|
+
return void 0;
|
|
43044
|
+
}
|
|
43045
|
+
}
|
|
43046
|
+
function highestPlatformRole(roles) {
|
|
43047
|
+
return roles.reduce(
|
|
43048
|
+
(best, role) => PLATFORM_ROLE_PRIORITY[role] > PLATFORM_ROLE_PRIORITY[best] ? role : best,
|
|
43049
|
+
"viewer"
|
|
43050
|
+
);
|
|
43051
|
+
}
|
|
43052
|
+
function isClerkAliasFor(alias, clerkId) {
|
|
43053
|
+
return isActivePermitProjectionStatus(alias.status) && readPermitProjectionString(alias.provider)?.toLowerCase() === "clerk" && (readPermitProjectionString(alias.providerSubjectId) === clerkId || readPermitProjectionString(alias.alias) === clerkId);
|
|
43054
|
+
}
|
|
43055
|
+
function emailFromAlias(aliases, principal) {
|
|
43056
|
+
return aliases.find(
|
|
43057
|
+
(alias) => readPermitProjectionString(alias.aliasKind)?.toLowerCase() === "email"
|
|
43058
|
+
)?.alias ?? readPermitProjectionString(principal.metadata?.email);
|
|
43059
|
+
}
|
|
43060
|
+
function groupIdsForPrincipal(memberships2, principal) {
|
|
43061
|
+
const principalId = readPermitProjectionString(principal.principalId);
|
|
43062
|
+
if (!principalId) return [];
|
|
43063
|
+
return [
|
|
43064
|
+
...new Set(
|
|
43065
|
+
memberships2.filter(
|
|
43066
|
+
(membership) => isActivePermitProjectionStatus(membership.status) && readPermitProjectionString(membership.tenantId) === readPermitProjectionString(principal.tenantId) && readPermitProjectionString(membership.memberType) === "principal" && (readPermitProjectionString(membership.memberId) === principalId || readPermitProjectionString(membership.principalId) === principalId)
|
|
43067
|
+
).map((membership) => readPermitProjectionString(membership.groupId)).filter((groupId) => Boolean(groupId))
|
|
43068
|
+
)
|
|
43069
|
+
];
|
|
43070
|
+
}
|
|
43071
|
+
function rolesForPrincipal(assignments, principal, groupIds) {
|
|
43072
|
+
const principalId = readPermitProjectionString(principal.principalId);
|
|
43073
|
+
const tenantId = readPermitProjectionString(principal.tenantId);
|
|
43074
|
+
const roles = assignments.filter(
|
|
43075
|
+
(assignment) => isActivePermitProjectionStatus(assignment.status) && readPermitProjectionString(assignment.tenantId) === tenantId && (readPermitProjectionString(assignment.targetType) === "principal" && readPermitProjectionString(assignment.targetId) === principalId || readPermitProjectionString(assignment.targetType) === "group" && groupIds.includes(
|
|
43076
|
+
readPermitProjectionString(assignment.targetId) ?? ""
|
|
43077
|
+
))
|
|
43078
|
+
).map((assignment) => mapPermitRoleToPlatformRole(assignment.role)).filter(
|
|
43079
|
+
(role) => Boolean(role)
|
|
43080
|
+
);
|
|
43081
|
+
if (readPermitProjectionString(principal.principalType) === "agent" || readPermitProjectionString(principal.principalType) === "service_principal") {
|
|
43082
|
+
roles.push("service_agent");
|
|
43083
|
+
}
|
|
43084
|
+
return [...new Set(roles)];
|
|
43085
|
+
}
|
|
43086
|
+
function workspaceFromPermitProjection(principal, alias, assignments) {
|
|
43087
|
+
return readPermitProjectionString(principal.workspaceId) ?? readPermitProjectionString(alias?.workspaceId) ?? readPermitProjectionString(
|
|
43088
|
+
assignments.find(
|
|
43089
|
+
(assignment) => readPermitProjectionString(assignment.targetId) === readPermitProjectionString(principal.principalId) && readPermitProjectionString(assignment.resourceType) === "workspace"
|
|
43090
|
+
)?.resourceKey
|
|
43091
|
+
) ?? readPermitProjectionString(
|
|
43092
|
+
assignments.find((assignment) => assignment.workspaceId)?.workspaceId
|
|
43093
|
+
);
|
|
43094
|
+
}
|
|
43095
|
+
function buildProjectedUserFromPermitPrincipal(rows, principal, matchingAlias, now = Date.now()) {
|
|
43096
|
+
const principalId = readPermitProjectionString(principal.principalId);
|
|
43097
|
+
const tenantId = readPermitProjectionString(principal.tenantId);
|
|
43098
|
+
if (!principalId || !tenantId || !isActivePermitProjectionStatus(principal.status)) {
|
|
43099
|
+
return null;
|
|
43100
|
+
}
|
|
43101
|
+
const aliases = rows.aliases.filter(
|
|
43102
|
+
(alias2) => readPermitProjectionString(alias2.tenantId) === tenantId && readPermitProjectionString(alias2.principalId) === principalId && isActivePermitProjectionStatus(alias2.status)
|
|
43103
|
+
);
|
|
43104
|
+
const groupIds = groupIdsForPrincipal(rows.groupMemberships, principal);
|
|
43105
|
+
const roles = rolesForPrincipal(rows.roleAssignments, principal, groupIds);
|
|
43106
|
+
if (roles.length === 0) {
|
|
43107
|
+
return null;
|
|
43108
|
+
}
|
|
43109
|
+
const alias = matchingAlias ?? aliases[0];
|
|
43110
|
+
const clerkId = readPermitProjectionString(
|
|
43111
|
+
aliases.find(
|
|
43112
|
+
(entry) => readPermitProjectionString(entry.provider)?.toLowerCase() === "clerk"
|
|
43113
|
+
)?.providerSubjectId
|
|
43114
|
+
) ?? principalId;
|
|
43115
|
+
return {
|
|
43116
|
+
clerkId,
|
|
43117
|
+
email: emailFromAlias(aliases, principal) ?? `${principalId}@permit.local`,
|
|
43118
|
+
name: readPermitProjectionString(principal.displayName),
|
|
43119
|
+
lastSeenAt: principal.lastSeenAt ?? principal.updatedAt ?? now,
|
|
43120
|
+
chatCount: 0,
|
|
43121
|
+
messageCount: 0,
|
|
43122
|
+
mcRole: highestPlatformRole(roles),
|
|
43123
|
+
mcRoleSyncedAt: principal.updatedAt ?? now,
|
|
43124
|
+
defaultTenantId: tenantId,
|
|
43125
|
+
defaultWorkspaceId: workspaceFromPermitProjection(principal, alias, rows.roleAssignments) ?? tenantId,
|
|
43126
|
+
defaultPrincipalId: principalId,
|
|
43127
|
+
principalGroupIds: groupIds,
|
|
43128
|
+
governanceGrantsSyncedAt: principal.updatedAt ?? now,
|
|
43129
|
+
createdAt: principal.createdAt ?? now,
|
|
43130
|
+
updatedAt: principal.updatedAt ?? now
|
|
43131
|
+
};
|
|
43132
|
+
}
|
|
43133
|
+
function findProjectedUserByPermitPrincipalId(rows, principalId, now = Date.now()) {
|
|
43134
|
+
const normalizedPrincipalId = principalId.trim();
|
|
43135
|
+
const principal = rows.principals.find(
|
|
43136
|
+
(row) => isActivePermitProjectionStatus(row.status) && readPermitProjectionString(row.principalId) === normalizedPrincipalId
|
|
43137
|
+
);
|
|
43138
|
+
return principal ? buildProjectedUserFromPermitPrincipal(rows, principal, void 0, now) : null;
|
|
43139
|
+
}
|
|
43140
|
+
function findProjectedUserByPermitClerkId(rows, clerkId, now = Date.now()) {
|
|
43141
|
+
const normalizedClerkId = clerkId.trim();
|
|
43142
|
+
const matchingAlias = rows.aliases.find(
|
|
43143
|
+
(alias) => isClerkAliasFor(alias, normalizedClerkId)
|
|
43144
|
+
);
|
|
43145
|
+
const principal = matchingAlias ? rows.principals.find(
|
|
43146
|
+
(row) => readPermitProjectionString(row.tenantId) === readPermitProjectionString(matchingAlias.tenantId) && readPermitProjectionString(row.principalId) === readPermitProjectionString(matchingAlias.principalId)
|
|
43147
|
+
) : rows.principals.find(
|
|
43148
|
+
(row) => readPermitProjectionString(row.principalId) === normalizedClerkId || readPermitProjectionString(row.principalId) === `user:${normalizedClerkId}`
|
|
43149
|
+
);
|
|
43150
|
+
return principal ? buildProjectedUserFromPermitPrincipal(rows, principal, matchingAlias, now) : null;
|
|
43151
|
+
}
|
|
43152
|
+
|
|
42716
43153
|
// src/prompt.contract.ts
|
|
42717
43154
|
function isLucernPrompt(value) {
|
|
42718
43155
|
if (!value || typeof value !== "object") {
|
|
@@ -45296,6 +45733,6 @@ var CANONICAL_WORKFLOW_DEFINITIONS = [
|
|
|
45296
45733
|
}
|
|
45297
45734
|
];
|
|
45298
45735
|
|
|
45299
|
-
export { BELIEF_STATUSES, BELIEF_TYPE_BONUS, BRANCH_STATUSES, CANONICAL_WORKFLOW_DEFINITIONS, COMPONENT_BOUNDARY_COMPONENT_LAYERS, COMPONENT_BOUNDARY_CONTRACT_VERSION, COMPONENT_BOUNDARY_DIRECT_DB_METHODS, COMPONENT_BOUNDARY_HIGH_RISK_TABLES, COMPONENT_BOUNDARY_HOST_SOURCE_ROOTS, COMPONENT_HOST_BOUNDARY_CONTRACT_VERSION, COMPONENT_HOST_DB_READ_OPERATIONS, COMPONENT_HOST_DB_WRITE_OPERATIONS, COMPONENT_HOST_PROTECTED_TABLES, COMPONENT_HOST_PROTECTED_TABLE_OWNERS, COMPONENT_HOST_WRITE_ALLOWED_EXCEPTIONS, COMPONENT_HOST_WRITE_AUDIT_ROOTS, CONFIDENCE_TRIGGERS, CONTEXT_PACK_SCHEMA_VERSION, CONTEXT_PACK_SECTION_KEYS, CONTEXT_RANKING_PROFILES, CONTRADICTION_SEVERITIES, CONTRADICTION_STATUSES, ComponentTableManifestSchema, DEFAULT_BELIEF_TYPE_BONUS, DEFAULT_COMPILATION_MODE, DEFAULT_ENTITY_LIMIT, DEFAULT_PRIORITY_SCORE, DEFAULT_RANKING_PROFILE, DEFAULT_SECTION_LIMIT, DEFAULT_SEVERITY_SCORE, DEFAULT_TIER_APPROVAL_MODE, DEFAULT_TOKEN_BUDGET, DEFAULT_WORKFLOW_AUTO_FIX_POLICY, DEFEAT_TYPES, DOMAIN_EVENT_TYPES, DOMAIN_EVENT_VERSION, ENTITY_RANKING_WEIGHTS, EPISTEMIC_LAYERS, EVENT_RETENTION_DEFAULT_DAYS, EdgePolicyEntrySchema, EdgePolicyManifestSchema, EpistemicNodeTypeSchema, FORK_REASONS, GENERATED_INFISICAL_BOOTSTRAP_ENV_NAMES, GENERATED_INFISICAL_CONTROL_ENV_NAMES, GENERATED_INFISICAL_KNOWN_ENV_NAMES, GENERATED_INFISICAL_MANAGED_ENV_NAMES, GENERATED_INFISICAL_RUNTIME_ENV, GENERATED_LUCERN_GATEWAY_ENV_NAMES, GENERATED_LUCERN_WEB_PUBLIC_ENV_NAMES, GENERATED_LUCERN_WEB_SERVER_ENV_NAMES, GRAPH_INTELLIGENCE_MODE_TOOL_NAMES, GRAPH_INTELLIGENCE_PUBLIC_TOOL_NAMES, GRAPH_INTELLIGENCE_QUERIES, GRAPH_INTELLIGENCE_QUERIES_WITH_TOOLS, GRAPH_INTELLIGENCE_QUERY_CATALOG_VERSION, GRAPH_INTELLIGENCE_QUERY_CATEGORIES, GRAPH_INTELLIGENCE_QUERY_MODES, GRAPH_INTELLIGENCE_QUICK_QUERIES, GRAPH_REF_NODE_TYPES, GraphRefSchema, INFISICAL_CONVEX_TIERS, INFISICAL_CONVEX_TIER_BY_VERCEL_ENVIRONMENT, INFISICAL_RUNTIME_BOOTSTRAP_ENV, INFISICAL_RUNTIME_CONTRACT_VERSION, INFISICAL_RUNTIME_CONTROL_ENV, INFISICAL_RUNTIME_DEFAULT_API_URL, INFISICAL_RUNTIME_DEFAULT_PROJECT_ID, INFISICAL_RUNTIME_DELIVERY_MODES, INFISICAL_RUNTIME_ENVIRONMENTS, INFISICAL_RUNTIME_MANIFEST, INFISICAL_RUNTIME_PATHS, INFISICAL_RUNTIME_SURFACES, INFISICAL_RUNTIME_SURFACE_IDS, INFISICAL_SECRET_CONSUMERS, INFISICAL_SECRET_DEFINITIONS, INFISICAL_SECRET_DESTINATION_KINDS, INFISICAL_SECRET_ENVIRONMENT_POLICIES, INFISICAL_SECRET_OWNERS, INFISICAL_SECRET_SCOPES, INFISICAL_TENANT_SOFTWARE_SYSTEMS, INFISICAL_VERCEL_DESTINATION_ENVIRONMENTS, INFISICAL_VERCEL_SYNC_DESTINATIONS, INFISICAL_VERCEL_SYNC_RECONCILIATION, INFISICAL_VERCEL_TARGETS, INTEGRATION_EDGE_TYPES, InvariantManifestSchema, JUDGMENT_TYPES, MAX_ENTITY_LIMIT, MAX_SECTION_LIMIT, MAX_TOKEN_BUDGET, MERGE_OUTCOMES, MIN_CONTRADICTION_BUDGET, MIN_TOKEN_BUDGET, MIN_TOKEN_ESTIMATE, MORNING_BRIEF_WORKFLOW_ID, NIGHTLY_RECONCILIATION_WORKFLOW_ID, PRIORITY_SCORES, PULL_REQUEST_STATUSES, RANKING_WEIGHTS, REASONING_METHODS, RECENCY_HALF_LIFE_DAYS, RESOLVED_QUESTION_STATUSES, ROOT_TOPIC_ID, SECTION_BUDGET_RATIOS, SESSION_AUTH_MODES, SESSION_LIFECYCLE_STATUSES, SESSION_PRINCIPAL_TYPES, SEVERITY_SCORES, SLOpinionInputSchema, TENANT_BOOTSTRAP_FORBIDDEN_SEED_TABLES, TENANT_BOOTSTRAP_SEED_AUTH_METADATA_FIELDS, TENANT_BOOTSTRAP_SEED_COMPONENTS, TENANT_BOOTSTRAP_SEED_CONTRACT_VERSION, TENANT_BOOTSTRAP_SEED_MANIFEST, TENANT_BOOTSTRAP_SEED_TABLES, TENANT_BOOTSTRAP_TABLE_REQUIREMENTS, TENANT_BOOTSTRAP_TEMPLATE_ACTOR, TENANT_BOOTSTRAP_TEMPLATE_SEED_VERSION, TENANT_BOOTSTRAP_TEMPLATE_TENANT_ID, TENANT_CLIENT_AUTH_MODES, TENANT_CLIENT_CAPABILITIES, TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS, TENANT_CLIENT_CONTRACT_VERSION, TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS, TENANT_CLIENT_FORBIDDEN_INSTALL_TOKEN_INFISICAL_PATHS, TENANT_CLIENT_FORBIDDEN_SECRET_ENV, TENANT_CLIENT_FULL_SUITE_PACKAGE_NAMES, TENANT_CLIENT_INSTALLABLE_PACKAGES, TENANT_CLIENT_INSTALL_PROFILES, TENANT_CLIENT_INSTALL_TOKEN_ENV, TENANT_CLIENT_INSTALL_TOKEN_INFISICAL_PATH, TENANT_CLIENT_ISOLATION_RULES, TENANT_CLIENT_MANIFEST, TENANT_CLIENT_OPTIONAL_CONTEXT_FIELDS, TENANT_CLIENT_PRINCIPAL_TYPES, TENANT_CLIENT_PUBLIC_IMPORTS, TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS, TENANT_CLIENT_REQUIRED_SDK_NAMESPACES, TOKENS_PER_WORD, WEBHOOK_MAX_ATTEMPTS, WEBHOOK_RETRY_DELAYS_MS, WORKFLOW_ACTION_KINDS, WORKFLOW_APPROVAL_MODES, WORKFLOW_AUTO_FIX_MODES, WORKFLOW_HOOK_EVENTS, WORKFLOW_INTEGRITY_CHECKS, WORKFLOW_MUTATION_TIERS, WORKFLOW_OUTPUT_KINDS, WORKFLOW_PROOF_ARTIFACT_KINDS, WORKFLOW_RUNTIME_SCHEMA_VERSION, WORKFLOW_RUN_STATUSES, WORKFLOW_STAFFING_HINTS, WORKFLOW_TRIGGER_KINDS, WORKTREE_PHASES, assertEdgePolicyAllowed, assertTenantClientImportAllowed, bigramTokenize, buildDomainEvent, buildTenantBootstrapTemplateSeedRows, canonicalGeneratedInfisicalEnvName, classifyTenantClientImport, collectTopicNeighborhood, compareEventCursor, dsl_exports as contractDsl, convexTierForVercelDestinationEnvironment, createEventId, createEvidenceProjection, decodeEventCursor, decodePrefixedId, defineProjection, edgePolicyManifest, emitDomainEvent, encodeEventCursor, encodePrefixedId, expectedTenantConvexDeploymentForVercelEnvironment, fillGraphIntelligencePromptTemplate, findEdgePolicy, findInfisicalRuntimePath, findInfisicalRuntimeSurface, findInfisicalSecretDefinition, findInfisicalTenantSoftwareSystem, findInfisicalVercelSyncDestination, findTenantBootstrapSeedTable, findTenantBootstrapTableRequirement, findTenantClientInstallablePackage, formatTenantClientImportViolation, generatedInfisicalVariableForName, getComponentBoundaryTableLayer, getGraphIntelligenceQuery, hasPrefixedIdPrefix, inferActorType, inferSessionPrincipalType, infisicalSecretDefinitionsForConsumer, infisicalSecretDefinitionsForDestination, isAfterCursor, isComponentBoundaryComponentOwnedTable, isGeneratedInfisicalKnownEnvName, isGeneratedInfisicalManagedEnvName, isGraphIntelligenceQueryMode, isLucernPrompt, isTenantBootstrapForbiddenSeedTable, isTenantBootstrapSeedTable, isTenantClientAllowedImport, isTenantClientComponentConfigImport, isTenantClientInstallablePackage, isTenantClientPublicImport, jaccardSimilarity, lastDelegator, listBeliefsProjection, listGraphIntelligenceQueries, listTasksProjection, tool_contracts_exports as mcpToolsContract, modulateConfidenceProjection, normalizeDelegationChain, normalizeRetentionDays, prepareLexicalQuery, projections, rankEntityConnections, rankEntityTypeMatches, rankWindowScore, readGeneratedInfisicalDestinationEnv, readGeneratedInfisicalEnvValue, readGeneratedInfisicalRuntimeEnvSurface, readGeneratedLucernGatewayEnv, readGeneratedLucernWebPublicEnv, readGeneratedLucernWebServerEnv, requireActorPrincipalId, rerankLexicalWindow, schemas_exports as schemaContracts, scoreEntityConnection, scoreEntityTypeMatch, scoreLexicalSignal, scoreLexicalSignals, sdk_tools_contract_exports as sdkToolsContract, sortEventsByCursor, stemToken, tenantSoftwareSystemConvexEnvNames, tenantSoftwareSystemOwnsConvexEnvName, tokenOverlapScore, tokenizeSearchText, validateInfisicalSecretDefinitions, vercelCustomEnvironmentIdForTenantSoftwareSystem, wordOverlapScore, wordTokenize };
|
|
45736
|
+
export { BELIEF_STATUSES, BELIEF_TYPE_BONUS, BRANCH_STATUSES, CANONICAL_WORKFLOW_DEFINITIONS, COMPONENT_BOUNDARY_COMPONENT_LAYERS, COMPONENT_BOUNDARY_CONTRACT_VERSION, COMPONENT_BOUNDARY_DIRECT_DB_METHODS, COMPONENT_BOUNDARY_HIGH_RISK_TABLES, COMPONENT_BOUNDARY_HOST_SOURCE_ROOTS, COMPONENT_HOST_BOUNDARY_CONTRACT_VERSION, COMPONENT_HOST_DB_READ_OPERATIONS, COMPONENT_HOST_DB_WRITE_OPERATIONS, COMPONENT_HOST_PROTECTED_TABLES, COMPONENT_HOST_PROTECTED_TABLE_OWNERS, COMPONENT_HOST_WRITE_ALLOWED_EXCEPTIONS, COMPONENT_HOST_WRITE_AUDIT_ROOTS, CONFIDENCE_TRIGGERS, CONTEXT_PACK_SCHEMA_VERSION, CONTEXT_PACK_SECTION_KEYS, CONTEXT_RANKING_PROFILES, CONTRADICTION_SEVERITIES, CONTRADICTION_STATUSES, ComponentTableManifestSchema, DEFAULT_BELIEF_TYPE_BONUS, DEFAULT_COMPILATION_MODE, DEFAULT_ENTITY_LIMIT, DEFAULT_PRIORITY_SCORE, DEFAULT_RANKING_PROFILE, DEFAULT_SECTION_LIMIT, DEFAULT_SEVERITY_SCORE, DEFAULT_TIER_APPROVAL_MODE, DEFAULT_TOKEN_BUDGET, DEFAULT_WORKFLOW_AUTO_FIX_POLICY, DEFEAT_TYPES, DOMAIN_EVENT_TYPES, DOMAIN_EVENT_VERSION, ENTITY_RANKING_WEIGHTS, EPISTEMIC_LAYERS, EVENT_RETENTION_DEFAULT_DAYS, EdgePolicyEntrySchema, EdgePolicyManifestSchema, EpistemicNodeTypeSchema, FORK_REASONS, GENERATED_INFISICAL_BOOTSTRAP_ENV_NAMES, GENERATED_INFISICAL_CONTROL_ENV_NAMES, GENERATED_INFISICAL_KNOWN_ENV_NAMES, GENERATED_INFISICAL_MANAGED_ENV_NAMES, GENERATED_INFISICAL_RUNTIME_ENV, GENERATED_LUCERN_GATEWAY_ENV_NAMES, GENERATED_LUCERN_WEB_PUBLIC_ENV_NAMES, GENERATED_LUCERN_WEB_SERVER_ENV_NAMES, GRAPH_INTELLIGENCE_MODE_TOOL_NAMES, GRAPH_INTELLIGENCE_PUBLIC_TOOL_NAMES, GRAPH_INTELLIGENCE_QUERIES, GRAPH_INTELLIGENCE_QUERIES_WITH_TOOLS, GRAPH_INTELLIGENCE_QUERY_CATALOG_VERSION, GRAPH_INTELLIGENCE_QUERY_CATEGORIES, GRAPH_INTELLIGENCE_QUERY_MODES, GRAPH_INTELLIGENCE_QUICK_QUERIES, GRAPH_REF_NODE_TYPES, GraphRefSchema, INFISICAL_CONVEX_TIERS, INFISICAL_CONVEX_TIER_BY_VERCEL_ENVIRONMENT, INFISICAL_RUNTIME_BOOTSTRAP_ENV, INFISICAL_RUNTIME_CONTRACT_VERSION, INFISICAL_RUNTIME_CONTROL_ENV, INFISICAL_RUNTIME_DEFAULT_API_URL, INFISICAL_RUNTIME_DEFAULT_PROJECT_ID, INFISICAL_RUNTIME_DELIVERY_MODES, INFISICAL_RUNTIME_ENVIRONMENTS, INFISICAL_RUNTIME_MANIFEST, INFISICAL_RUNTIME_PATHS, INFISICAL_RUNTIME_SURFACES, INFISICAL_RUNTIME_SURFACE_IDS, INFISICAL_SECRET_CONSUMERS, INFISICAL_SECRET_DEFINITIONS, INFISICAL_SECRET_DESTINATION_KINDS, INFISICAL_SECRET_ENVIRONMENT_POLICIES, INFISICAL_SECRET_OWNERS, INFISICAL_SECRET_SCOPES, INFISICAL_TENANT_SOFTWARE_SYSTEMS, INFISICAL_VERCEL_DESTINATION_ENVIRONMENTS, INFISICAL_VERCEL_SYNC_DESTINATIONS, INFISICAL_VERCEL_SYNC_RECONCILIATION, INFISICAL_VERCEL_TARGETS, INTEGRATION_EDGE_TYPES, InvariantManifestSchema, JUDGMENT_TYPES, MAX_ENTITY_LIMIT, MAX_SECTION_LIMIT, MAX_TOKEN_BUDGET, MERGE_OUTCOMES, MIN_CONTRADICTION_BUDGET, MIN_TOKEN_BUDGET, MIN_TOKEN_ESTIMATE, MORNING_BRIEF_WORKFLOW_ID, NIGHTLY_RECONCILIATION_WORKFLOW_ID, PRIORITY_SCORES, PULL_REQUEST_STATUSES, RANKING_WEIGHTS, REASONING_METHODS, RECENCY_HALF_LIFE_DAYS, RESOLVED_QUESTION_STATUSES, ROOT_TOPIC_ID, SECTION_BUDGET_RATIOS, SESSION_AUTH_MODES, SESSION_LIFECYCLE_STATUSES, SESSION_PRINCIPAL_TYPES, SEVERITY_SCORES, SLOpinionInputSchema, TENANT_BOOTSTRAP_FORBIDDEN_SEED_TABLES, TENANT_BOOTSTRAP_SEED_AUTH_METADATA_FIELDS, TENANT_BOOTSTRAP_SEED_COMPONENTS, TENANT_BOOTSTRAP_SEED_CONTRACT_VERSION, TENANT_BOOTSTRAP_SEED_MANIFEST, TENANT_BOOTSTRAP_SEED_TABLES, TENANT_BOOTSTRAP_TABLE_REQUIREMENTS, TENANT_BOOTSTRAP_TEMPLATE_ACTOR, TENANT_BOOTSTRAP_TEMPLATE_SEED_VERSION, TENANT_BOOTSTRAP_TEMPLATE_TENANT_ID, TENANT_CLIENT_AUTH_MODES, TENANT_CLIENT_CAPABILITIES, TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS, TENANT_CLIENT_CONTRACT_VERSION, TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS, TENANT_CLIENT_FORBIDDEN_INSTALL_TOKEN_INFISICAL_PATHS, TENANT_CLIENT_FORBIDDEN_SECRET_ENV, TENANT_CLIENT_FULL_SUITE_PACKAGE_NAMES, TENANT_CLIENT_INSTALLABLE_PACKAGES, TENANT_CLIENT_INSTALL_PROFILES, TENANT_CLIENT_INSTALL_TOKEN_ENV, TENANT_CLIENT_INSTALL_TOKEN_INFISICAL_PATH, TENANT_CLIENT_ISOLATION_RULES, TENANT_CLIENT_MANIFEST, TENANT_CLIENT_OPTIONAL_CONTEXT_FIELDS, TENANT_CLIENT_PRINCIPAL_TYPES, TENANT_CLIENT_PUBLIC_IMPORTS, TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS, TENANT_CLIENT_REQUIRED_SDK_NAMESPACES, TOKENS_PER_WORD, WEBHOOK_MAX_ATTEMPTS, WEBHOOK_RETRY_DELAYS_MS, WORKFLOW_ACTION_KINDS, WORKFLOW_APPROVAL_MODES, WORKFLOW_AUTO_FIX_MODES, WORKFLOW_HOOK_EVENTS, WORKFLOW_INTEGRITY_CHECKS, WORKFLOW_MUTATION_TIERS, WORKFLOW_OUTPUT_KINDS, WORKFLOW_PROOF_ARTIFACT_KINDS, WORKFLOW_RUNTIME_SCHEMA_VERSION, WORKFLOW_RUN_STATUSES, WORKFLOW_STAFFING_HINTS, WORKFLOW_TRIGGER_KINDS, WORKTREE_PHASES, assertEdgePolicyAllowed, assertTenantClientImportAllowed, bigramTokenize, buildDomainEvent, buildProjectedUserFromPermitPrincipal, buildTenantBootstrapTemplateSeedRows, canonicalGeneratedInfisicalEnvName, classifyTenantClientImport, collectTopicNeighborhood, compareEventCursor, dsl_exports as contractDsl, convexTierForVercelDestinationEnvironment, createEventId, createEvidenceProjection, decodeEventCursor, decodePrefixedId, defineProjection, edgePolicyManifest, emitDomainEvent, encodeEventCursor, encodePrefixedId, expectedTenantConvexDeploymentForVercelEnvironment, fillGraphIntelligencePromptTemplate, findEdgePolicy, findInfisicalRuntimePath, findInfisicalRuntimeSurface, findInfisicalSecretDefinition, findInfisicalTenantSoftwareSystem, findInfisicalVercelSyncDestination, findProjectedUserByPermitClerkId, findProjectedUserByPermitPrincipalId, findTenantBootstrapSeedTable, findTenantBootstrapTableRequirement, findTenantClientInstallablePackage, formatTenantClientImportViolation, generatedInfisicalVariableForName, getComponentBoundaryTableLayer, getGraphIntelligenceQuery, hasPrefixedIdPrefix, inferActorType, inferSessionPrincipalType, infisicalSecretDefinitionsForConsumer, infisicalSecretDefinitionsForDestination, isActivePermitProjectionStatus, isAfterCursor, isComponentBoundaryComponentOwnedTable, isGeneratedInfisicalKnownEnvName, isGeneratedInfisicalManagedEnvName, isGraphIntelligenceQueryMode, isLucernPrompt, isTenantBootstrapForbiddenSeedTable, isTenantBootstrapSeedTable, isTenantClientAllowedImport, isTenantClientComponentConfigImport, isTenantClientInstallablePackage, isTenantClientPublicImport, jaccardSimilarity, lastDelegator, listBeliefsProjection, listGraphIntelligenceQueries, listTasksProjection, mapPermitRoleToPlatformRole, tool_contracts_exports as mcpToolsContract, modulateConfidenceProjection, normalizeDelegationChain, normalizeRetentionDays, prepareLexicalQuery, projections, rankEntityConnections, rankEntityTypeMatches, rankWindowScore, readGeneratedInfisicalDestinationEnv, readGeneratedInfisicalEnvValue, readGeneratedInfisicalRuntimeEnvSurface, readGeneratedLucernGatewayEnv, readGeneratedLucernWebPublicEnv, readGeneratedLucernWebServerEnv, readPermitProjectionString, requireActorPrincipalId, rerankLexicalWindow, schemas_exports as schemaContracts, scoreEntityConnection, scoreEntityTypeMatch, scoreLexicalSignal, scoreLexicalSignals, sdk_tools_contract_exports as sdkToolsContract, sortEventsByCursor, stemToken, tenantSoftwareSystemConvexEnvNames, tenantSoftwareSystemOwnsConvexEnvName, tokenOverlapScore, tokenizeSearchText, validateInfisicalSecretDefinitions, vercelCustomEnvironmentIdForTenantSoftwareSystem, wordOverlapScore, wordTokenize };
|
|
45300
45737
|
//# sourceMappingURL=index.js.map
|
|
45301
45738
|
//# sourceMappingURL=index.js.map
|