@lucern/contracts 0.3.0-alpha.2 → 0.3.0-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/dist/component-boundary.contract.d.ts +14 -0
  2. package/dist/component-boundary.contract.js +155 -0
  3. package/dist/component-boundary.contract.js.map +1 -0
  4. package/dist/component-host-boundary.contract.d.ts +41 -0
  5. package/dist/component-host-boundary.contract.js +54 -0
  6. package/dist/component-host-boundary.contract.js.map +1 -0
  7. package/dist/function-registry/beliefs.d.ts +41 -41
  8. package/dist/function-registry/beliefs.js +202 -8
  9. package/dist/function-registry/beliefs.js.map +1 -1
  10. package/dist/function-registry/coding.js +187 -8
  11. package/dist/function-registry/coding.js.map +1 -1
  12. package/dist/function-registry/context.d.ts +13 -13
  13. package/dist/function-registry/context.js +187 -9
  14. package/dist/function-registry/context.js.map +1 -1
  15. package/dist/function-registry/contracts.js +158 -5
  16. package/dist/function-registry/contracts.js.map +1 -1
  17. package/dist/function-registry/coordination.js +158 -5
  18. package/dist/function-registry/coordination.js.map +1 -1
  19. package/dist/function-registry/edges.js +169 -6
  20. package/dist/function-registry/edges.js.map +1 -1
  21. package/dist/function-registry/evidence.d.ts +33 -33
  22. package/dist/function-registry/evidence.js +202 -9
  23. package/dist/function-registry/evidence.js.map +1 -1
  24. package/dist/function-registry/graph.d.ts +53 -53
  25. package/dist/function-registry/graph.js +217 -12
  26. package/dist/function-registry/graph.js.map +1 -1
  27. package/dist/function-registry/helpers.d.ts +1 -1
  28. package/dist/function-registry/helpers.js +158 -5
  29. package/dist/function-registry/helpers.js.map +1 -1
  30. package/dist/function-registry/identity.js +158 -5
  31. package/dist/function-registry/identity.js.map +1 -1
  32. package/dist/function-registry/index.d.ts +1 -1
  33. package/dist/function-registry/index.js +158 -5
  34. package/dist/function-registry/index.js.map +1 -1
  35. package/dist/function-registry/judgments.d.ts +9 -9
  36. package/dist/function-registry/judgments.js +170 -8
  37. package/dist/function-registry/judgments.js.map +1 -1
  38. package/dist/function-registry/legacy.js +158 -5
  39. package/dist/function-registry/legacy.js.map +1 -1
  40. package/dist/function-registry/lenses.d.ts +17 -17
  41. package/dist/function-registry/lenses.js +181 -8
  42. package/dist/function-registry/lenses.js.map +1 -1
  43. package/dist/function-registry/manifest.d.ts +3 -3
  44. package/dist/function-registry/manifest.js +1 -1
  45. package/dist/function-registry/manifest.js.map +1 -1
  46. package/dist/function-registry/ontologies.d.ts +45 -45
  47. package/dist/function-registry/ontologies.js +176 -11
  48. package/dist/function-registry/ontologies.js.map +1 -1
  49. package/dist/function-registry/pipeline.d.ts +13 -13
  50. package/dist/function-registry/pipeline.js +167 -8
  51. package/dist/function-registry/pipeline.js.map +1 -1
  52. package/dist/function-registry/questions.d.ts +49 -49
  53. package/dist/function-registry/questions.js +255 -13
  54. package/dist/function-registry/questions.js.map +1 -1
  55. package/dist/function-registry/tasks.js +158 -5
  56. package/dist/function-registry/tasks.js.map +1 -1
  57. package/dist/function-registry/topics.d.ts +21 -21
  58. package/dist/function-registry/topics.js +172 -8
  59. package/dist/function-registry/topics.js.map +1 -1
  60. package/dist/function-registry/types.d.ts +1 -1
  61. package/dist/function-registry/worktrees.d.ts +80 -41
  62. package/dist/function-registry/worktrees.js +292 -17
  63. package/dist/function-registry/worktrees.js.map +1 -1
  64. package/dist/function-registry-input-audit.d.ts +13 -0
  65. package/dist/function-registry-input-audit.js +164 -0
  66. package/dist/function-registry-input-audit.js.map +1 -0
  67. package/dist/gateway.contract.d.ts +2 -0
  68. package/dist/gateway.contract.js.map +1 -1
  69. package/dist/generated/convexSchemas.js +2 -1
  70. package/dist/generated/convexSchemas.js.map +1 -1
  71. package/dist/generated/schema-manifest.json +42 -3
  72. package/dist/generated/tableOwnership.d.ts +2 -1
  73. package/dist/generated/tableOwnership.js +2 -0
  74. package/dist/generated/tableOwnership.js.map +1 -1
  75. package/dist/generated/tier-expectations.json +4 -2
  76. package/dist/index.d.ts +445 -35
  77. package/dist/index.js +1987 -17
  78. package/dist/index.js.map +1 -1
  79. package/dist/infisical-runtime.contract.d.ts +174 -0
  80. package/dist/infisical-runtime.contract.js +192 -0
  81. package/dist/infisical-runtime.contract.js.map +1 -0
  82. package/dist/mcp-gateway-boundary.contract.d.ts +181 -0
  83. package/dist/mcp-gateway-boundary.contract.js +43 -0
  84. package/dist/mcp-gateway-boundary.contract.js.map +1 -0
  85. package/dist/schemas/component-table-manifest.d.ts +2 -2
  86. package/dist/schemas/index.js +38 -1
  87. package/dist/schemas/index.js.map +1 -1
  88. package/dist/schemas/manifest.d.ts +1050 -910
  89. package/dist/schemas/manifest.js +38 -1
  90. package/dist/schemas/manifest.js.map +1 -1
  91. package/dist/schemas/sl-opinion.d.ts +4 -4
  92. package/dist/schemas/tables/identity/platform.d.ts +10 -10
  93. package/dist/schemas/tables/kernel/epistemic.d.ts +6 -6
  94. package/dist/schemas/tables/kernel/infra.d.ts +4 -4
  95. package/dist/schemas/tables/kernel/intelligence.d.ts +10 -10
  96. package/dist/schemas/tables/kernel/lens.d.ts +4 -4
  97. package/dist/schemas/tables/kernel/platform.d.ts +12 -12
  98. package/dist/schemas/tables/kernel/spine.d.ts +2 -2
  99. package/dist/schemas/tables/kernel/task.d.ts +42 -42
  100. package/dist/schemas/tables/kernel/worktree.d.ts +62 -62
  101. package/dist/schemas/tables/mc/identity.d.ts +26 -3
  102. package/dist/schemas/tables/mc/identity.js +35 -1
  103. package/dist/schemas/tables/mc/identity.js.map +1 -1
  104. package/dist/schemas/tables/mc/pack.d.ts +20 -20
  105. package/dist/schemas/tables/mc/registry.d.ts +4 -4
  106. package/dist/schemas/tables/mc/workspace.d.ts +9 -3
  107. package/dist/schemas/tables/mc/workspace.js +3 -1
  108. package/dist/schemas/tables/mc/workspace.js.map +1 -1
  109. package/dist/sdk-methods.contract.d.ts +1 -1
  110. package/dist/{sdk-tools.contract-S4ia0TTo.d.ts → sdk-tools.contract-CD-N1Jf7.d.ts} +1 -1
  111. package/dist/sdk-tools.contract.d.ts +2 -2
  112. package/dist/sdk-tools.contract.js +157 -4
  113. package/dist/sdk-tools.contract.js.map +1 -1
  114. package/dist/tenant-bootstrap-seed.contract.d.ts +1097 -0
  115. package/dist/tenant-bootstrap-seed.contract.js +651 -0
  116. package/dist/tenant-bootstrap-seed.contract.js.map +1 -0
  117. package/dist/tenant-bootstrap-seed.defaults.d.ts +16 -0
  118. package/dist/tenant-bootstrap-seed.defaults.js +303 -0
  119. package/dist/tenant-bootstrap-seed.defaults.js.map +1 -0
  120. package/dist/tenant-client.contract.d.ts +266 -0
  121. package/dist/tenant-client.contract.js +404 -0
  122. package/dist/tenant-client.contract.js.map +1 -0
  123. package/dist/{tool-contracts-C92-9ueT.d.ts → tool-contracts-BcKz-VGj.d.ts} +4 -2
  124. package/dist/tool-contracts.d.ts +1 -1
  125. package/dist/tool-contracts.js +158 -5
  126. package/dist/tool-contracts.js.map +1 -1
  127. package/package.json +1 -1
@@ -0,0 +1,266 @@
1
+ /**
2
+ * Tenant client contract
3
+ *
4
+ * Defines the generic boundary for any customer-owned product that consumes
5
+ * Lucern through the SDK, hosted API, or MCP server. Tenant clients may run
6
+ * their own UI, auth provider, deployment, and data plane, but reasoning
7
+ * operations must enter through the published packages below.
8
+ */
9
+ declare const TENANT_CLIENT_CONTRACT_VERSION: "2026-04-27";
10
+ declare const TENANT_CLIENT_AUTH_MODES: readonly ["interactive_user", "service_principal", "tenant_api_key", "session_token"];
11
+ type TenantClientAuthMode = (typeof TENANT_CLIENT_AUTH_MODES)[number];
12
+ declare const TENANT_CLIENT_PRINCIPAL_TYPES: readonly ["human", "service", "agent"];
13
+ type TenantClientPrincipalType = (typeof TENANT_CLIENT_PRINCIPAL_TYPES)[number];
14
+ declare const TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS: readonly ["tenantId", "workspaceId", "principalId", "authMode", "scopes"];
15
+ type TenantClientRequiredContextField = (typeof TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS)[number];
16
+ declare const TENANT_CLIENT_OPTIONAL_CONTEXT_FIELDS: readonly ["principalType", "roles", "sessionId", "delegationChain"];
17
+ type TenantClientOptionalContextField = (typeof TENANT_CLIENT_OPTIONAL_CONTEXT_FIELDS)[number];
18
+ declare const TENANT_CLIENT_INSTALL_TOKEN_ENV: "INSTALL_LUCERN_NPM";
19
+ declare const TENANT_CLIENT_INSTALL_TOKEN_INFISICAL_PATH: "tenants/shared";
20
+ declare const TENANT_CLIENT_FORBIDDEN_INSTALL_TOKEN_INFISICAL_PATHS: readonly ["/platform/publish"];
21
+ declare const TENANT_CLIENT_FORBIDDEN_SECRET_ENV: readonly ["NPM_TOKEN"];
22
+ type TenantClientForbiddenInstallTokenInfisicalPath = (typeof TENANT_CLIENT_FORBIDDEN_INSTALL_TOKEN_INFISICAL_PATHS)[number];
23
+ type TenantClientForbiddenSecretEnv = (typeof TENANT_CLIENT_FORBIDDEN_SECRET_ENV)[number];
24
+ declare const TENANT_CLIENT_INSTALLABLE_PACKAGES: readonly [{
25
+ readonly packageName: "@lucern/access-control";
26
+ readonly role: "sdk_dependency";
27
+ readonly directTenantImport: false;
28
+ }, {
29
+ readonly packageName: "@lucern/agent";
30
+ readonly role: "platform_runtime";
31
+ readonly directTenantImport: false;
32
+ }, {
33
+ readonly packageName: "@lucern/auth";
34
+ readonly role: "sdk_dependency";
35
+ readonly directTenantImport: false;
36
+ }, {
37
+ readonly packageName: "@lucern/cli";
38
+ readonly role: "developer_tool";
39
+ readonly directTenantImport: false;
40
+ }, {
41
+ readonly packageName: "@lucern/client-core";
42
+ readonly role: "sdk_dependency";
43
+ readonly directTenantImport: false;
44
+ }, {
45
+ readonly packageName: "@lucern/confidence";
46
+ readonly role: "sdk_dependency";
47
+ readonly directTenantImport: false;
48
+ }, {
49
+ readonly packageName: "@lucern/config";
50
+ readonly role: "configuration";
51
+ readonly directTenantImport: false;
52
+ }, {
53
+ readonly packageName: "@lucern/contracts";
54
+ readonly role: "contract_entrypoint";
55
+ readonly directTenantImport: true;
56
+ }, {
57
+ readonly packageName: "@lucern/control-plane";
58
+ readonly role: "platform_runtime";
59
+ readonly directTenantImport: false;
60
+ }, {
61
+ readonly packageName: "@lucern/developer-kit";
62
+ readonly role: "developer_tool";
63
+ readonly directTenantImport: false;
64
+ }, {
65
+ readonly packageName: "@lucern/events";
66
+ readonly role: "sdk_dependency";
67
+ readonly directTenantImport: false;
68
+ }, {
69
+ readonly packageName: "@lucern/graph-primitives";
70
+ readonly role: "sdk_dependency";
71
+ readonly directTenantImport: false;
72
+ }, {
73
+ readonly packageName: "@lucern/identity";
74
+ readonly role: "component_runtime";
75
+ readonly directTenantImport: false;
76
+ }, {
77
+ readonly packageName: "@lucern/mcp";
78
+ readonly role: "runtime_entrypoint";
79
+ readonly directTenantImport: true;
80
+ }, {
81
+ readonly packageName: "@lucern/pack-host";
82
+ readonly role: "platform_runtime";
83
+ readonly directTenantImport: false;
84
+ }, {
85
+ readonly packageName: "@lucern/pack-installer";
86
+ readonly role: "developer_tool";
87
+ readonly directTenantImport: false;
88
+ }, {
89
+ readonly packageName: "@lucern/proof-compiler";
90
+ readonly role: "developer_tool";
91
+ readonly directTenantImport: false;
92
+ }, {
93
+ readonly packageName: "@lucern/react";
94
+ readonly role: "runtime_entrypoint";
95
+ readonly directTenantImport: true;
96
+ }, {
97
+ readonly packageName: "@lucern/reasoning-kernel";
98
+ readonly role: "component_runtime";
99
+ readonly directTenantImport: false;
100
+ }, {
101
+ readonly packageName: "@lucern/sdk";
102
+ readonly role: "runtime_entrypoint";
103
+ readonly directTenantImport: true;
104
+ }, {
105
+ readonly packageName: "@lucern/server-core";
106
+ readonly role: "platform_runtime";
107
+ readonly directTenantImport: false;
108
+ }, {
109
+ readonly packageName: "@lucern/testing";
110
+ readonly role: "test_support";
111
+ readonly directTenantImport: false;
112
+ }, {
113
+ readonly packageName: "@lucern/types";
114
+ readonly role: "contract_entrypoint";
115
+ readonly directTenantImport: true;
116
+ }];
117
+ type TenantClientInstallablePackage = (typeof TENANT_CLIENT_INSTALLABLE_PACKAGES)[number];
118
+ type TenantClientPackageRole = TenantClientInstallablePackage["role"];
119
+ type TenantClientInstallablePackageName = TenantClientInstallablePackage["packageName"];
120
+ /**
121
+ * Direct imports tenant-owned product code may use. This is intentionally
122
+ * smaller than TENANT_CLIENT_INSTALLABLE_PACKAGES: several publishable packages
123
+ * are installed as SDK dependencies, tooling, or platform runtimes but should
124
+ * not become the application integration surface.
125
+ */
126
+ declare const TENANT_CLIENT_PUBLIC_IMPORTS: readonly [{
127
+ readonly packageName: "@lucern/sdk";
128
+ readonly surface: "runtime";
129
+ readonly subpaths: "published_exports";
130
+ readonly description: "TypeScript SDK runtime and generated operation namespaces.";
131
+ }, {
132
+ readonly packageName: "@lucern/react";
133
+ readonly surface: "runtime";
134
+ readonly subpaths: "published_exports";
135
+ readonly description: "React bindings for tenant-owned UI applications.";
136
+ }, {
137
+ readonly packageName: "@lucern/mcp";
138
+ readonly surface: "runtime";
139
+ readonly subpaths: "published_exports";
140
+ readonly description: "MCP client/server entry points and hosted route helpers.";
141
+ }, {
142
+ readonly packageName: "@lucern/contracts";
143
+ readonly surface: "contract";
144
+ readonly subpaths: "published_exports";
145
+ readonly description: "Published type and manifest contracts.";
146
+ }, {
147
+ readonly packageName: "@lucern/types";
148
+ readonly surface: "contract";
149
+ readonly subpaths: "published_exports";
150
+ readonly description: "Published type-only helpers for tenant integration code.";
151
+ }];
152
+ type TenantClientPublicImport = (typeof TENANT_CLIENT_PUBLIC_IMPORTS)[number];
153
+ type TenantClientPublicPackage = TenantClientPublicImport["packageName"];
154
+ type TenantClientPublicSurface = TenantClientPublicImport["surface"];
155
+ declare const TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS: readonly [{
156
+ readonly packageName: "@lucern/identity";
157
+ readonly importPath: "@lucern/identity/convex.config";
158
+ readonly surface: "component_config";
159
+ readonly description: "Convex component binding config for tenant deployments that install Lucern identity.";
160
+ }, {
161
+ readonly packageName: "@lucern/reasoning-kernel";
162
+ readonly importPath: "@lucern/reasoning-kernel/convex.config";
163
+ readonly surface: "component_config";
164
+ readonly description: "Convex component binding config for tenant deployments that install the Lucern reasoning kernel.";
165
+ }, {
166
+ readonly packageName: "@lucern/reasoning-kernel";
167
+ readonly importPath: "@lucern/reasoning-kernel/runtime.config";
168
+ readonly surface: "component_config";
169
+ readonly description: "Runtime config alias for tenant deployments that install the Lucern reasoning kernel.";
170
+ }];
171
+ type TenantClientComponentConfigImport = (typeof TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS)[number];
172
+ type TenantClientAllowedImport = TenantClientPublicImport | TenantClientComponentConfigImport;
173
+ declare function findTenantClientInstallablePackage(packageName: string): TenantClientInstallablePackage | undefined;
174
+ declare function isTenantClientInstallablePackage(packageName: string): boolean;
175
+ declare const TENANT_CLIENT_REQUIRED_SDK_NAMESPACES: readonly ["bootstrap", "context", "beliefs", "evidence", "questions", "graph", "worktrees", "topics", "edges", "contradictions", "contracts", "graphAnalysis", "graphRecommendations", "orgGraphSearch", "embeddings", "ontologyLinks", "graphStateClassifier", "tools", "identity", "modelRuntime", "events", "jobs", "telemetry"];
176
+ type TenantClientRequiredSdkNamespace = (typeof TENANT_CLIENT_REQUIRED_SDK_NAMESPACES)[number];
177
+ declare const TENANT_CLIENT_CAPABILITIES: readonly [{
178
+ readonly id: "identity.bootstrap_session";
179
+ readonly description: "Start a scoped Lucern session for a tenant principal.";
180
+ readonly surfaces: readonly ["@lucern/sdk", "@lucern/mcp"];
181
+ readonly requiredContextFields: readonly ["tenantId", "workspaceId", "principalId", "authMode", "scopes"];
182
+ }, {
183
+ readonly id: "reasoning.context.compile";
184
+ readonly description: "Compile tenant and workspace scoped reasoning context.";
185
+ readonly surfaces: readonly ["@lucern/sdk", "@lucern/react", "@lucern/mcp"];
186
+ readonly requiredContextFields: readonly ["tenantId", "workspaceId", "principalId", "authMode", "scopes"];
187
+ }, {
188
+ readonly id: "reasoning.graph.read";
189
+ readonly description: "Read beliefs, evidence, questions, topics, and lineage.";
190
+ readonly surfaces: readonly ["@lucern/sdk", "@lucern/react", "@lucern/mcp"];
191
+ readonly requiredContextFields: readonly ["tenantId", "workspaceId", "principalId", "authMode", "scopes"];
192
+ }, {
193
+ readonly id: "reasoning.graph.write";
194
+ readonly description: "Create and update graph objects through authorized APIs.";
195
+ readonly surfaces: readonly ["@lucern/sdk", "@lucern/mcp"];
196
+ readonly requiredContextFields: readonly ["tenantId", "workspaceId", "principalId", "authMode", "scopes"];
197
+ }, {
198
+ readonly id: "workflow.worktree_lifecycle";
199
+ readonly description: "Create, review, merge, and close scoped worktrees.";
200
+ readonly surfaces: readonly ["@lucern/sdk", "@lucern/react", "@lucern/mcp"];
201
+ readonly requiredContextFields: readonly ["tenantId", "workspaceId", "principalId", "authMode", "scopes"];
202
+ }];
203
+ type TenantClientCapability = (typeof TENANT_CLIENT_CAPABILITIES)[number];
204
+ type TenantClientCapabilityId = TenantClientCapability["id"];
205
+ declare const TENANT_CLIENT_ISOLATION_RULES: readonly [{
206
+ readonly id: "tenant_workspace_scope_required";
207
+ readonly description: "Runtime operations must resolve both tenantId and workspaceId before reaching Lucern reasoning state.";
208
+ }, {
209
+ readonly id: "principal_audit_required";
210
+ readonly description: "Runtime operations must carry principalId, authMode, and scopes for audit attribution.";
211
+ }, {
212
+ readonly id: "no_private_lucern_imports";
213
+ readonly description: "Tenant code must not import Lucern source, Convex internals, generated adapters, or unpublished package internals.";
214
+ }];
215
+ type TenantClientIsolationRule = (typeof TENANT_CLIENT_ISOLATION_RULES)[number];
216
+ declare const TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS: readonly [{
217
+ readonly id: "deep_src_import";
218
+ readonly pattern: "^@lucern/[^/]+/src(?:/|$)";
219
+ readonly description: "Published packages must not be bypassed through src paths.";
220
+ }, {
221
+ readonly id: "deep_dist_import";
222
+ readonly pattern: "^@lucern/[^/]+/dist(?:/|$)";
223
+ readonly description: "Published package exports must be used instead of dist file paths.";
224
+ }, {
225
+ readonly id: "generated_adapter_import";
226
+ readonly pattern: "^@lucern/[^/]+/(?:adapters/)?_generated(?:/|$)";
227
+ readonly description: "Generated Lucern adapters are internal deployment artifacts.";
228
+ }, {
229
+ readonly id: "private_runtime_import";
230
+ readonly pattern: "^@lucern/[^/]+/(?:internal|private)(?:/|$)";
231
+ readonly description: "Internal and private package subpaths are not public SDK API.";
232
+ }, {
233
+ readonly id: "workspace_source_import";
234
+ readonly pattern: "^(?:packages|modules|services|lucern|apps)/(?:.+/)?src(?:/|$)";
235
+ readonly description: "Tenant clients must not import source files from the Lucern monorepo.";
236
+ }, {
237
+ readonly id: "root_alias_lucern_import";
238
+ readonly pattern: "^@/(?:lucern|packages|modules|services|apps)(?:/|$)";
239
+ readonly description: "Tenant clients must not depend on Lucern repo-local path aliases.";
240
+ }, {
241
+ readonly id: "relative_lucern_source_import";
242
+ readonly pattern: "^\\.\\.?/(?:.+/)?(?:packages|modules|services|lucern|apps)(?:/|$)";
243
+ readonly description: "Tenant clients must not reach back into Lucern source through relative paths.";
244
+ }, {
245
+ readonly id: "monorepo_path_import";
246
+ readonly pattern: "lucern-repo";
247
+ readonly description: "Absolute imports that name the Lucern repository are not portable tenant code.";
248
+ }];
249
+ type TenantClientForbiddenImportPattern = (typeof TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS)[number];
250
+ type TenantClientForbiddenImportPatternId = TenantClientForbiddenImportPattern["id"];
251
+ type TenantClientImportDecision = "public" | "forbidden" | "local" | "external";
252
+ type TenantClientImportClassification = {
253
+ importPath: string;
254
+ decision: TenantClientImportDecision;
255
+ publicImport?: TenantClientAllowedImport;
256
+ pattern?: TenantClientForbiddenImportPattern;
257
+ reason: string;
258
+ };
259
+ declare function classifyTenantClientImport(importPath: string): TenantClientImportClassification;
260
+ declare function isTenantClientPublicImport(importPath: string): boolean;
261
+ declare function isTenantClientComponentConfigImport(importPath: string): boolean;
262
+ declare function isTenantClientAllowedImport(importPath: string): boolean;
263
+ declare function assertTenantClientImportAllowed(importPath: string): void;
264
+ declare function formatTenantClientImportViolation(classification: TenantClientImportClassification): string;
265
+
266
+ export { TENANT_CLIENT_AUTH_MODES, TENANT_CLIENT_CAPABILITIES, TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS, TENANT_CLIENT_CONTRACT_VERSION, TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS, TENANT_CLIENT_FORBIDDEN_INSTALL_TOKEN_INFISICAL_PATHS, TENANT_CLIENT_FORBIDDEN_SECRET_ENV, TENANT_CLIENT_INSTALLABLE_PACKAGES, TENANT_CLIENT_INSTALL_TOKEN_ENV, TENANT_CLIENT_INSTALL_TOKEN_INFISICAL_PATH, TENANT_CLIENT_ISOLATION_RULES, TENANT_CLIENT_OPTIONAL_CONTEXT_FIELDS, TENANT_CLIENT_PRINCIPAL_TYPES, TENANT_CLIENT_PUBLIC_IMPORTS, TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS, TENANT_CLIENT_REQUIRED_SDK_NAMESPACES, type TenantClientAllowedImport, type TenantClientAuthMode, type TenantClientCapability, type TenantClientCapabilityId, type TenantClientComponentConfigImport, type TenantClientForbiddenImportPattern, type TenantClientForbiddenImportPatternId, type TenantClientForbiddenInstallTokenInfisicalPath, type TenantClientForbiddenSecretEnv, type TenantClientImportClassification, type TenantClientImportDecision, type TenantClientInstallablePackage, type TenantClientInstallablePackageName, type TenantClientIsolationRule, type TenantClientOptionalContextField, type TenantClientPackageRole, type TenantClientPrincipalType, type TenantClientPublicImport, type TenantClientPublicPackage, type TenantClientPublicSurface, type TenantClientRequiredContextField, type TenantClientRequiredSdkNamespace, assertTenantClientImportAllowed, classifyTenantClientImport, findTenantClientInstallablePackage, formatTenantClientImportViolation, isTenantClientAllowedImport, isTenantClientComponentConfigImport, isTenantClientInstallablePackage, isTenantClientPublicImport };
@@ -0,0 +1,404 @@
1
+ // src/tenant-client.contract.ts
2
+ var TENANT_CLIENT_CONTRACT_VERSION = "2026-04-27";
3
+ var TENANT_CLIENT_AUTH_MODES = [
4
+ "interactive_user",
5
+ "service_principal",
6
+ "tenant_api_key",
7
+ "session_token"
8
+ ];
9
+ var TENANT_CLIENT_PRINCIPAL_TYPES = [
10
+ "human",
11
+ "service",
12
+ "agent"
13
+ ];
14
+ var TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS = [
15
+ "tenantId",
16
+ "workspaceId",
17
+ "principalId",
18
+ "authMode",
19
+ "scopes"
20
+ ];
21
+ var TENANT_CLIENT_OPTIONAL_CONTEXT_FIELDS = [
22
+ "principalType",
23
+ "roles",
24
+ "sessionId",
25
+ "delegationChain"
26
+ ];
27
+ var TENANT_CLIENT_INSTALL_TOKEN_ENV = "INSTALL_LUCERN_NPM";
28
+ var TENANT_CLIENT_INSTALL_TOKEN_INFISICAL_PATH = "tenants/shared";
29
+ var TENANT_CLIENT_FORBIDDEN_INSTALL_TOKEN_INFISICAL_PATHS = [
30
+ "/platform/publish"
31
+ ];
32
+ var TENANT_CLIENT_FORBIDDEN_SECRET_ENV = ["NPM_TOKEN"];
33
+ var TENANT_CLIENT_INSTALLABLE_PACKAGES = [
34
+ {
35
+ packageName: "@lucern/access-control",
36
+ role: "sdk_dependency",
37
+ directTenantImport: false
38
+ },
39
+ {
40
+ packageName: "@lucern/agent",
41
+ role: "platform_runtime",
42
+ directTenantImport: false
43
+ },
44
+ {
45
+ packageName: "@lucern/auth",
46
+ role: "sdk_dependency",
47
+ directTenantImport: false
48
+ },
49
+ {
50
+ packageName: "@lucern/cli",
51
+ role: "developer_tool",
52
+ directTenantImport: false
53
+ },
54
+ {
55
+ packageName: "@lucern/client-core",
56
+ role: "sdk_dependency",
57
+ directTenantImport: false
58
+ },
59
+ {
60
+ packageName: "@lucern/confidence",
61
+ role: "sdk_dependency",
62
+ directTenantImport: false
63
+ },
64
+ {
65
+ packageName: "@lucern/config",
66
+ role: "configuration",
67
+ directTenantImport: false
68
+ },
69
+ {
70
+ packageName: "@lucern/contracts",
71
+ role: "contract_entrypoint",
72
+ directTenantImport: true
73
+ },
74
+ {
75
+ packageName: "@lucern/control-plane",
76
+ role: "platform_runtime",
77
+ directTenantImport: false
78
+ },
79
+ {
80
+ packageName: "@lucern/developer-kit",
81
+ role: "developer_tool",
82
+ directTenantImport: false
83
+ },
84
+ {
85
+ packageName: "@lucern/events",
86
+ role: "sdk_dependency",
87
+ directTenantImport: false
88
+ },
89
+ {
90
+ packageName: "@lucern/graph-primitives",
91
+ role: "sdk_dependency",
92
+ directTenantImport: false
93
+ },
94
+ {
95
+ packageName: "@lucern/identity",
96
+ role: "component_runtime",
97
+ directTenantImport: false
98
+ },
99
+ {
100
+ packageName: "@lucern/mcp",
101
+ role: "runtime_entrypoint",
102
+ directTenantImport: true
103
+ },
104
+ {
105
+ packageName: "@lucern/pack-host",
106
+ role: "platform_runtime",
107
+ directTenantImport: false
108
+ },
109
+ {
110
+ packageName: "@lucern/pack-installer",
111
+ role: "developer_tool",
112
+ directTenantImport: false
113
+ },
114
+ {
115
+ packageName: "@lucern/proof-compiler",
116
+ role: "developer_tool",
117
+ directTenantImport: false
118
+ },
119
+ {
120
+ packageName: "@lucern/react",
121
+ role: "runtime_entrypoint",
122
+ directTenantImport: true
123
+ },
124
+ {
125
+ packageName: "@lucern/reasoning-kernel",
126
+ role: "component_runtime",
127
+ directTenantImport: false
128
+ },
129
+ {
130
+ packageName: "@lucern/sdk",
131
+ role: "runtime_entrypoint",
132
+ directTenantImport: true
133
+ },
134
+ {
135
+ packageName: "@lucern/server-core",
136
+ role: "platform_runtime",
137
+ directTenantImport: false
138
+ },
139
+ {
140
+ packageName: "@lucern/testing",
141
+ role: "test_support",
142
+ directTenantImport: false
143
+ },
144
+ {
145
+ packageName: "@lucern/types",
146
+ role: "contract_entrypoint",
147
+ directTenantImport: true
148
+ }
149
+ ];
150
+ var TENANT_CLIENT_PUBLIC_IMPORTS = [
151
+ {
152
+ packageName: "@lucern/sdk",
153
+ surface: "runtime",
154
+ subpaths: "published_exports",
155
+ description: "TypeScript SDK runtime and generated operation namespaces."
156
+ },
157
+ {
158
+ packageName: "@lucern/react",
159
+ surface: "runtime",
160
+ subpaths: "published_exports",
161
+ description: "React bindings for tenant-owned UI applications."
162
+ },
163
+ {
164
+ packageName: "@lucern/mcp",
165
+ surface: "runtime",
166
+ subpaths: "published_exports",
167
+ description: "MCP client/server entry points and hosted route helpers."
168
+ },
169
+ {
170
+ packageName: "@lucern/contracts",
171
+ surface: "contract",
172
+ subpaths: "published_exports",
173
+ description: "Published type and manifest contracts."
174
+ },
175
+ {
176
+ packageName: "@lucern/types",
177
+ surface: "contract",
178
+ subpaths: "published_exports",
179
+ description: "Published type-only helpers for tenant integration code."
180
+ }
181
+ ];
182
+ var TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS = [
183
+ {
184
+ packageName: "@lucern/identity",
185
+ importPath: "@lucern/identity/convex.config",
186
+ surface: "component_config",
187
+ description: "Convex component binding config for tenant deployments that install Lucern identity."
188
+ },
189
+ {
190
+ packageName: "@lucern/reasoning-kernel",
191
+ importPath: "@lucern/reasoning-kernel/convex.config",
192
+ surface: "component_config",
193
+ description: "Convex component binding config for tenant deployments that install the Lucern reasoning kernel."
194
+ },
195
+ {
196
+ packageName: "@lucern/reasoning-kernel",
197
+ importPath: "@lucern/reasoning-kernel/runtime.config",
198
+ surface: "component_config",
199
+ description: "Runtime config alias for tenant deployments that install the Lucern reasoning kernel."
200
+ }
201
+ ];
202
+ function findTenantClientInstallablePackage(packageName) {
203
+ return TENANT_CLIENT_INSTALLABLE_PACKAGES.find(
204
+ (entry) => entry.packageName === packageName
205
+ );
206
+ }
207
+ function isTenantClientInstallablePackage(packageName) {
208
+ return Boolean(findTenantClientInstallablePackage(packageName));
209
+ }
210
+ var TENANT_CLIENT_REQUIRED_SDK_NAMESPACES = [
211
+ "bootstrap",
212
+ "context",
213
+ "beliefs",
214
+ "evidence",
215
+ "questions",
216
+ "graph",
217
+ "worktrees",
218
+ "topics",
219
+ "edges",
220
+ "contradictions",
221
+ "contracts",
222
+ "graphAnalysis",
223
+ "graphRecommendations",
224
+ "orgGraphSearch",
225
+ "embeddings",
226
+ "ontologyLinks",
227
+ "graphStateClassifier",
228
+ "tools",
229
+ "identity",
230
+ "modelRuntime",
231
+ "events",
232
+ "jobs",
233
+ "telemetry"
234
+ ];
235
+ var TENANT_CLIENT_CAPABILITIES = [
236
+ {
237
+ id: "identity.bootstrap_session",
238
+ description: "Start a scoped Lucern session for a tenant principal.",
239
+ surfaces: ["@lucern/sdk", "@lucern/mcp"],
240
+ requiredContextFields: TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS
241
+ },
242
+ {
243
+ id: "reasoning.context.compile",
244
+ description: "Compile tenant and workspace scoped reasoning context.",
245
+ surfaces: ["@lucern/sdk", "@lucern/react", "@lucern/mcp"],
246
+ requiredContextFields: TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS
247
+ },
248
+ {
249
+ id: "reasoning.graph.read",
250
+ description: "Read beliefs, evidence, questions, topics, and lineage.",
251
+ surfaces: ["@lucern/sdk", "@lucern/react", "@lucern/mcp"],
252
+ requiredContextFields: TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS
253
+ },
254
+ {
255
+ id: "reasoning.graph.write",
256
+ description: "Create and update graph objects through authorized APIs.",
257
+ surfaces: ["@lucern/sdk", "@lucern/mcp"],
258
+ requiredContextFields: TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS
259
+ },
260
+ {
261
+ id: "workflow.worktree_lifecycle",
262
+ description: "Create, review, merge, and close scoped worktrees.",
263
+ surfaces: ["@lucern/sdk", "@lucern/react", "@lucern/mcp"],
264
+ requiredContextFields: TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS
265
+ }
266
+ ];
267
+ var TENANT_CLIENT_ISOLATION_RULES = [
268
+ {
269
+ id: "tenant_workspace_scope_required",
270
+ description: "Runtime operations must resolve both tenantId and workspaceId before reaching Lucern reasoning state."
271
+ },
272
+ {
273
+ id: "principal_audit_required",
274
+ description: "Runtime operations must carry principalId, authMode, and scopes for audit attribution."
275
+ },
276
+ {
277
+ id: "no_private_lucern_imports",
278
+ description: "Tenant code must not import Lucern source, Convex internals, generated adapters, or unpublished package internals."
279
+ }
280
+ ];
281
+ var TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS = [
282
+ {
283
+ id: "deep_src_import",
284
+ pattern: "^@lucern/[^/]+/src(?:/|$)",
285
+ description: "Published packages must not be bypassed through src paths."
286
+ },
287
+ {
288
+ id: "deep_dist_import",
289
+ pattern: "^@lucern/[^/]+/dist(?:/|$)",
290
+ description: "Published package exports must be used instead of dist file paths."
291
+ },
292
+ {
293
+ id: "generated_adapter_import",
294
+ pattern: "^@lucern/[^/]+/(?:adapters/)?_generated(?:/|$)",
295
+ description: "Generated Lucern adapters are internal deployment artifacts."
296
+ },
297
+ {
298
+ id: "private_runtime_import",
299
+ pattern: "^@lucern/[^/]+/(?:internal|private)(?:/|$)",
300
+ description: "Internal and private package subpaths are not public SDK API."
301
+ },
302
+ {
303
+ id: "workspace_source_import",
304
+ pattern: "^(?:packages|modules|services|lucern|apps)/(?:.+/)?src(?:/|$)",
305
+ description: "Tenant clients must not import source files from the Lucern monorepo."
306
+ },
307
+ {
308
+ id: "root_alias_lucern_import",
309
+ pattern: "^@/(?:lucern|packages|modules|services|apps)(?:/|$)",
310
+ description: "Tenant clients must not depend on Lucern repo-local path aliases."
311
+ },
312
+ {
313
+ id: "relative_lucern_source_import",
314
+ pattern: "^\\.\\.?/(?:.+/)?(?:packages|modules|services|lucern|apps)(?:/|$)",
315
+ description: "Tenant clients must not reach back into Lucern source through relative paths."
316
+ },
317
+ {
318
+ id: "monorepo_path_import",
319
+ pattern: "lucern-repo",
320
+ description: "Absolute imports that name the Lucern repository are not portable tenant code."
321
+ }
322
+ ];
323
+ function matchesPublicImport(importPath) {
324
+ const componentConfig = TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS.find(
325
+ (entry) => importPath === entry.importPath
326
+ );
327
+ if (componentConfig) {
328
+ return componentConfig;
329
+ }
330
+ return TENANT_CLIENT_PUBLIC_IMPORTS.find(
331
+ (entry) => importPath === entry.packageName || importPath.startsWith(`${entry.packageName}/`)
332
+ );
333
+ }
334
+ function matchesForbiddenPattern(importPath) {
335
+ return TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS.find(
336
+ (entry) => new RegExp(entry.pattern, "u").test(importPath)
337
+ );
338
+ }
339
+ function classifyTenantClientImport(importPath) {
340
+ const normalizedImportPath = importPath.trim();
341
+ const pattern = matchesForbiddenPattern(normalizedImportPath);
342
+ if (pattern) {
343
+ return {
344
+ importPath: normalizedImportPath,
345
+ decision: "forbidden",
346
+ pattern,
347
+ reason: pattern.description
348
+ };
349
+ }
350
+ const publicImport = matchesPublicImport(normalizedImportPath);
351
+ if (publicImport) {
352
+ return {
353
+ importPath: normalizedImportPath,
354
+ decision: "public",
355
+ publicImport,
356
+ reason: publicImport.description
357
+ };
358
+ }
359
+ if (normalizedImportPath.startsWith("@lucern/")) {
360
+ return {
361
+ importPath: normalizedImportPath,
362
+ decision: "forbidden",
363
+ reason: "This @lucern package is not part of the tenant client public surface."
364
+ };
365
+ }
366
+ if (normalizedImportPath.startsWith("./") || normalizedImportPath.startsWith("../")) {
367
+ return {
368
+ importPath: normalizedImportPath,
369
+ decision: "local",
370
+ reason: "Local tenant-owned import."
371
+ };
372
+ }
373
+ return {
374
+ importPath: normalizedImportPath,
375
+ decision: "external",
376
+ reason: "External dependency outside the Lucern package namespace."
377
+ };
378
+ }
379
+ function isTenantClientPublicImport(importPath) {
380
+ return classifyTenantClientImport(importPath).decision === "public";
381
+ }
382
+ function isTenantClientComponentConfigImport(importPath) {
383
+ return TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS.some(
384
+ (entry) => importPath === entry.importPath
385
+ );
386
+ }
387
+ function isTenantClientAllowedImport(importPath) {
388
+ return classifyTenantClientImport(importPath).decision === "public";
389
+ }
390
+ function assertTenantClientImportAllowed(importPath) {
391
+ const classification = classifyTenantClientImport(importPath);
392
+ if (classification.decision !== "forbidden") {
393
+ return;
394
+ }
395
+ throw new Error(formatTenantClientImportViolation(classification));
396
+ }
397
+ function formatTenantClientImportViolation(classification) {
398
+ const patternId = classification.pattern ? ` [${classification.pattern.id}]` : "";
399
+ return `Tenant client import is not allowed${patternId}: ${classification.importPath}. ${classification.reason}`;
400
+ }
401
+
402
+ export { TENANT_CLIENT_AUTH_MODES, TENANT_CLIENT_CAPABILITIES, TENANT_CLIENT_COMPONENT_CONFIG_IMPORTS, TENANT_CLIENT_CONTRACT_VERSION, TENANT_CLIENT_FORBIDDEN_IMPORT_PATTERNS, TENANT_CLIENT_FORBIDDEN_INSTALL_TOKEN_INFISICAL_PATHS, TENANT_CLIENT_FORBIDDEN_SECRET_ENV, TENANT_CLIENT_INSTALLABLE_PACKAGES, TENANT_CLIENT_INSTALL_TOKEN_ENV, TENANT_CLIENT_INSTALL_TOKEN_INFISICAL_PATH, TENANT_CLIENT_ISOLATION_RULES, TENANT_CLIENT_OPTIONAL_CONTEXT_FIELDS, TENANT_CLIENT_PRINCIPAL_TYPES, TENANT_CLIENT_PUBLIC_IMPORTS, TENANT_CLIENT_REQUIRED_CONTEXT_FIELDS, TENANT_CLIENT_REQUIRED_SDK_NAMESPACES, assertTenantClientImportAllowed, classifyTenantClientImport, findTenantClientInstallablePackage, formatTenantClientImportViolation, isTenantClientAllowedImport, isTenantClientComponentConfigImport, isTenantClientInstallablePackage, isTenantClientPublicImport };
403
+ //# sourceMappingURL=tenant-client.contract.js.map
404
+ //# sourceMappingURL=tenant-client.contract.js.map