@lucern/contracts 0.3.0-alpha.11 → 0.3.0-alpha.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/auth-context.contract.js +13 -1
- package/dist/auth-context.contract.js.map +1 -1
- package/dist/auth-session.contract.js +13 -1
- package/dist/auth-session.contract.js.map +1 -1
- package/dist/auth.contract.d.ts +1 -1
- package/dist/auth.contract.js +13 -1
- package/dist/auth.contract.js.map +1 -1
- package/dist/component-boundary.contract.js +1 -0
- package/dist/component-boundary.contract.js.map +1 -1
- package/dist/function-registry/beliefs.d.ts +10 -10
- package/dist/function-registry/beliefs.js +53 -2
- package/dist/function-registry/beliefs.js.map +1 -1
- package/dist/function-registry/coding.d.ts +6 -6
- package/dist/function-registry/coding.js +53 -2
- package/dist/function-registry/coding.js.map +1 -1
- package/dist/function-registry/context.d.ts +3 -3
- package/dist/function-registry/context.js +53 -2
- package/dist/function-registry/context.js.map +1 -1
- package/dist/function-registry/contracts.d.ts +3 -3
- package/dist/function-registry/contracts.js +53 -2
- package/dist/function-registry/contracts.js.map +1 -1
- package/dist/function-registry/coordination.d.ts +9 -9
- package/dist/function-registry/coordination.js +53 -2
- package/dist/function-registry/coordination.js.map +1 -1
- package/dist/function-registry/edges.d.ts +6 -6
- package/dist/function-registry/edges.js +53 -2
- package/dist/function-registry/edges.js.map +1 -1
- package/dist/function-registry/evidence.d.ts +8 -8
- package/dist/function-registry/evidence.js +53 -2
- package/dist/function-registry/evidence.js.map +1 -1
- package/dist/function-registry/graph.d.ts +15 -15
- package/dist/function-registry/graph.js +53 -2
- package/dist/function-registry/graph.js.map +1 -1
- package/dist/function-registry/helpers.d.ts +2 -2
- package/dist/function-registry/helpers.js +53 -2
- package/dist/function-registry/helpers.js.map +1 -1
- package/dist/function-registry/identity.d.ts +56 -16
- package/dist/function-registry/identity.js +75 -4
- package/dist/function-registry/identity.js.map +1 -1
- package/dist/function-registry/index.d.ts +1 -1
- package/dist/function-registry/index.js +53 -2
- package/dist/function-registry/index.js.map +1 -1
- package/dist/function-registry/judgments.d.ts +2 -2
- package/dist/function-registry/judgments.js +53 -2
- package/dist/function-registry/judgments.js.map +1 -1
- package/dist/function-registry/legacy.d.ts +1 -1
- package/dist/function-registry/legacy.js +53 -2
- package/dist/function-registry/legacy.js.map +1 -1
- package/dist/function-registry/lenses.d.ts +4 -4
- package/dist/function-registry/lenses.js +53 -2
- package/dist/function-registry/lenses.js.map +1 -1
- package/dist/function-registry/manifest.d.ts +3 -3
- package/dist/function-registry/manifest.js +1 -0
- package/dist/function-registry/manifest.js.map +1 -1
- package/dist/function-registry/nodes.d.ts +8 -8
- package/dist/function-registry/nodes.js +53 -2
- package/dist/function-registry/nodes.js.map +1 -1
- package/dist/function-registry/ontologies.d.ts +11 -11
- package/dist/function-registry/ontologies.js +53 -2
- package/dist/function-registry/ontologies.js.map +1 -1
- package/dist/function-registry/pipeline.d.ts +3 -3
- package/dist/function-registry/pipeline.js +53 -2
- package/dist/function-registry/pipeline.js.map +1 -1
- package/dist/function-registry/questions.d.ts +12 -12
- package/dist/function-registry/questions.js +53 -2
- package/dist/function-registry/questions.js.map +1 -1
- package/dist/function-registry/tasks.d.ts +4 -4
- package/dist/function-registry/tasks.js +53 -2
- package/dist/function-registry/tasks.js.map +1 -1
- package/dist/function-registry/topics.d.ts +7 -7
- package/dist/function-registry/topics.js +53 -2
- package/dist/function-registry/topics.js.map +1 -1
- package/dist/function-registry/types.d.ts +2 -2
- package/dist/function-registry/worktrees.d.ts +11 -11
- package/dist/function-registry/worktrees.js +53 -2
- package/dist/function-registry/worktrees.js.map +1 -1
- package/dist/generated/convexSchemas.js +4 -3
- package/dist/generated/convexSchemas.js.map +1 -1
- package/dist/generated/infisicalRuntimeEnv.js +357 -0
- package/dist/generated/infisicalRuntimeEnv.js.map +1 -1
- package/dist/generated/schema-manifest.json +88 -3
- package/dist/generated/tableOwnership.d.ts +2 -1
- package/dist/generated/tableOwnership.js +2 -0
- package/dist/generated/tableOwnership.js.map +1 -1
- package/dist/generated/tier-expectations.json +6 -3
- package/dist/index.d.ts +3 -2
- package/dist/index.js +726 -19
- package/dist/index.js.map +1 -1
- package/dist/infisical-runtime.contract.d.ts +44 -0
- package/dist/infisical-runtime.contract.js +52 -0
- package/dist/infisical-runtime.contract.js.map +1 -1
- package/dist/manifests/infisical-runtime-manifest.d.ts +44 -0
- package/dist/manifests/infisical-runtime-manifest.js +52 -0
- package/dist/manifests/infisical-runtime-manifest.js.map +1 -1
- package/dist/manifests/tenant-client-manifest.d.ts +8 -3
- package/dist/manifests/tenant-client-manifest.js +18 -1
- package/dist/manifests/tenant-client-manifest.js.map +1 -1
- package/dist/permit-principal-projection.contract.d.ts +74 -0
- package/dist/permit-principal-projection.contract.js +160 -0
- package/dist/permit-principal-projection.contract.js.map +1 -0
- package/dist/proof-attestation.json +1 -1
- package/dist/schemas/index.js +36 -1
- package/dist/schemas/index.js.map +1 -1
- package/dist/schemas/manifest.d.ts +85 -10
- package/dist/schemas/manifest.js +36 -1
- package/dist/schemas/manifest.js.map +1 -1
- package/dist/schemas/tables/controlPlane/accessControl.d.ts +2 -2
- package/dist/schemas/tables/controlPlane/accessControl.js +6 -1
- package/dist/schemas/tables/controlPlane/accessControl.js.map +1 -1
- package/dist/schemas/tables/kernel/events.d.ts +21 -0
- package/dist/schemas/tables/kernel/events.js +43 -0
- package/dist/schemas/tables/kernel/events.js.map +1 -0
- package/dist/{sdk-tools.contract-BNklQDfB.d.ts → sdk-tools.contract-CKmSsrZ2.d.ts} +1 -1
- package/dist/sdk-tools.contract.d.ts +2 -2
- package/dist/sdk-tools.contract.js +45 -1
- package/dist/sdk-tools.contract.js.map +1 -1
- package/dist/tenant-bootstrap-seed.contract.d.ts +22 -2
- package/dist/tenant-bootstrap-seed.contract.js +15 -2
- package/dist/tenant-bootstrap-seed.contract.js.map +1 -1
- package/dist/tenant-bootstrap-seed.defaults.d.ts +1 -1
- package/dist/tenant-bootstrap-seed.defaults.js +30 -12
- package/dist/tenant-bootstrap-seed.defaults.js.map +1 -1
- package/dist/tenant-client.contract.d.ts +8 -3
- package/dist/tenant-client.contract.js +18 -1
- package/dist/tenant-client.contract.js.map +1 -1
- package/dist/{tool-contracts-BevD9Ho2.d.ts → tool-contracts-C_xvM9q2.d.ts} +4 -2
- package/dist/tool-contracts.d.ts +1 -1
- package/dist/tool-contracts.js +46 -2
- package/dist/tool-contracts.js.map +1 -1
- package/package.json +1 -1
|
@@ -24,7 +24,7 @@ export { legacyContracts } from './legacy.js';
|
|
|
24
24
|
export { NODE_TYPE } from '../schemas/enums.js';
|
|
25
25
|
import 'zod';
|
|
26
26
|
import '../defineFunction-DO97DKs4.js';
|
|
27
|
-
import '../tool-contracts-
|
|
27
|
+
import '../tool-contracts-C_xvM9q2.js';
|
|
28
28
|
|
|
29
29
|
declare const ALL_FUNCTION_CONTRACTS: readonly FunctionContract[];
|
|
30
30
|
declare const FUNCTION_SURFACE_CONTRACTS: readonly FunctionContract[];
|
|
@@ -2366,7 +2366,7 @@ var IDENTITY_WHOAMI = {
|
|
|
2366
2366
|
description: "Canonical identity summary for the current session",
|
|
2367
2367
|
fields: {
|
|
2368
2368
|
principalId: "string \u2014 canonical federated principal identifier",
|
|
2369
|
-
principalType: "string \u2014 human, service, or
|
|
2369
|
+
principalType: "string \u2014 human, service, agent, group, or external_viewer",
|
|
2370
2370
|
tenantId: "string | undefined \u2014 resolved tenant scope",
|
|
2371
2371
|
workspaceId: "string | undefined \u2014 resolved workspace scope",
|
|
2372
2372
|
scopes: "string[] | undefined \u2014 granted scopes for this session",
|
|
@@ -2377,6 +2377,49 @@ var IDENTITY_WHOAMI = {
|
|
|
2377
2377
|
ontologyPrimitive: "identity",
|
|
2378
2378
|
tier: "workhorse"
|
|
2379
2379
|
};
|
|
2380
|
+
var RESOLVE_INTERACTIVE_PRINCIPAL = {
|
|
2381
|
+
name: "resolve_interactive_principal",
|
|
2382
|
+
description: "Read the Permit-backed Lucern principal context for an authenticated Clerk user. Like `git config --get user.email` plus the repository ACL \u2014 resolves the identity alias into the canonical authorization subject.",
|
|
2383
|
+
parameters: {
|
|
2384
|
+
clerkId: {
|
|
2385
|
+
type: "string",
|
|
2386
|
+
description: "Authenticated Clerk subject (`sub`). Clerk proves identity only; it is not the authorization record."
|
|
2387
|
+
},
|
|
2388
|
+
tenantId: {
|
|
2389
|
+
type: "string",
|
|
2390
|
+
description: "Optional tenant scope. Omit only when the Clerk alias is globally unambiguous."
|
|
2391
|
+
},
|
|
2392
|
+
workspaceId: {
|
|
2393
|
+
type: "string",
|
|
2394
|
+
description: "Optional workspace scope. Required when the principal has access to multiple workspaces and no default can be inferred."
|
|
2395
|
+
},
|
|
2396
|
+
providerProjectId: {
|
|
2397
|
+
type: "string",
|
|
2398
|
+
description: "Optional Clerk project or provider instance id for tenants with multiple identity providers."
|
|
2399
|
+
}
|
|
2400
|
+
},
|
|
2401
|
+
required: ["clerkId"],
|
|
2402
|
+
response: {
|
|
2403
|
+
description: "Permit-backed Lucern principal context for tenant SDK bootstrap",
|
|
2404
|
+
fields: {
|
|
2405
|
+
principalId: "string \u2014 canonical Lucern principal identifier",
|
|
2406
|
+
principalType: "string \u2014 human, service, agent, group, or external_viewer",
|
|
2407
|
+
clerkId: "string \u2014 authenticated Clerk subject alias",
|
|
2408
|
+
tenantId: "string \u2014 resolved tenant scope",
|
|
2409
|
+
workspaceId: "string | null \u2014 resolved workspace scope",
|
|
2410
|
+
roles: "string[] \u2014 effective Permit roles",
|
|
2411
|
+
scopes: "string[] \u2014 effective scopes derived from Permit/control-plane projection",
|
|
2412
|
+
groupIds: "string[] \u2014 active Permit group memberships",
|
|
2413
|
+
principalStatus: "string \u2014 active, invited, suspended, disabled, revoked, or missing",
|
|
2414
|
+
tenantStatus: "string \u2014 projected tenant resource status",
|
|
2415
|
+
workspaceStatus: "string \u2014 projected workspace resource status",
|
|
2416
|
+
permit: "object \u2014 Permit subject, tenant, and optional workspace tuple"
|
|
2417
|
+
}
|
|
2418
|
+
},
|
|
2419
|
+
ownerModule: "control-plane",
|
|
2420
|
+
ontologyPrimitive: "identity",
|
|
2421
|
+
tier: "workhorse"
|
|
2422
|
+
};
|
|
2380
2423
|
var COMPILE_CONTEXT = {
|
|
2381
2424
|
name: "compile_context",
|
|
2382
2425
|
description: "Compile a focused reasoning context. If topicId is omitted, Lucern resolves the best topic from the query. Like `git log --graph --decorate` for the reasoning substrate \u2014 returns the canonical Pillar 3 context pack through the public API shape.",
|
|
@@ -4279,6 +4322,7 @@ var MCP_TOOL_CONTRACTS = {
|
|
|
4279
4322
|
update_worktree_targets: UPDATE_WORKTREE_TARGETS,
|
|
4280
4323
|
update_worktree_metadata: UPDATE_WORKTREE_METADATA,
|
|
4281
4324
|
identity_whoami: IDENTITY_WHOAMI,
|
|
4325
|
+
resolve_interactive_principal: RESOLVE_INTERACTIVE_PRINCIPAL,
|
|
4282
4326
|
compile_context: COMPILE_CONTEXT,
|
|
4283
4327
|
record_scope_learning: RECORD_SCOPE_LEARNING,
|
|
4284
4328
|
pipeline_snapshot: PIPELINE_SNAPSHOT,
|
|
@@ -4396,6 +4440,7 @@ function entries(names, surfaceClass, surfaceIntent, surfaces, rationale) {
|
|
|
4396
4440
|
var MCP_CORE_OPERATION_NAMES = [
|
|
4397
4441
|
"compile_context",
|
|
4398
4442
|
"identity_whoami",
|
|
4443
|
+
"resolve_interactive_principal",
|
|
4399
4444
|
"check_permission",
|
|
4400
4445
|
"filter_by_permission",
|
|
4401
4446
|
"create_belief",
|
|
@@ -5002,7 +5047,13 @@ function surfaceContract(args) {
|
|
|
5002
5047
|
scopes: args.scopes ?? [
|
|
5003
5048
|
args.kind === "query" ? `${args.domain}.read` : `${args.domain}.write`
|
|
5004
5049
|
],
|
|
5005
|
-
allowedPrincipalTypes: [
|
|
5050
|
+
allowedPrincipalTypes: [
|
|
5051
|
+
"user",
|
|
5052
|
+
"service",
|
|
5053
|
+
"agent",
|
|
5054
|
+
"group",
|
|
5055
|
+
"external_viewer"
|
|
5056
|
+
]
|
|
5006
5057
|
},
|
|
5007
5058
|
convex: args.convex,
|
|
5008
5059
|
gateway: args.gateway,
|