@lucern/sdk 0.3.0-alpha.10 → 0.3.0-alpha.12
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/accessControl.d.ts +78 -0
- package/dist/accessControl.js +1118 -0
- package/dist/accessControl.js.map +1 -0
- package/dist/adminClient.js.map +1 -1
- package/dist/answersClient.js.map +1 -1
- package/dist/audiencesClient.js.map +1 -1
- package/dist/auditClient.js.map +1 -1
- package/dist/authContext.d.ts +1 -1
- package/dist/authContext.js.map +1 -1
- package/dist/beliefs/index.d.ts +1 -0
- package/dist/beliefs/index.js +799 -551
- package/dist/beliefs/index.js.map +1 -1
- package/dist/beliefsClient.js.map +1 -1
- package/dist/client.d.ts +27 -8
- package/dist/client.js +799 -551
- package/dist/client.js.map +1 -1
- package/dist/contextClient.js.map +1 -1
- package/dist/contracts/api-enums.contract.d.ts +1 -1
- package/dist/contracts/api-enums.contract.js +6 -1
- package/dist/contracts/api-enums.contract.js.map +1 -1
- package/dist/contracts/index.js +12 -1
- package/dist/contracts/index.js.map +1 -1
- package/dist/contracts/mcpTools.js +6 -0
- package/dist/contracts/mcpTools.js.map +1 -1
- package/dist/contradictions/index.d.ts +1 -0
- package/dist/contradictions/index.js +799 -551
- package/dist/contradictions/index.js.map +1 -1
- package/dist/coreClient.js.map +1 -1
- package/dist/decisions/index.d.ts +1 -0
- package/dist/decisions/index.js +799 -551
- package/dist/decisions/index.js.map +1 -1
- package/dist/decisionsClient.js.map +1 -1
- package/dist/edges/index.d.ts +1 -0
- package/dist/edges/index.js +799 -551
- package/dist/edges/index.js.map +1 -1
- package/dist/embeddingsClient.js.map +1 -1
- package/dist/eventingClient.js.map +1 -1
- package/dist/eventsCore.js.map +1 -1
- package/dist/evidence/index.d.ts +1 -0
- package/dist/evidence/index.js +799 -551
- package/dist/evidence/index.js.map +1 -1
- package/dist/evidenceClient.js.map +1 -1
- package/dist/functionSurface.js.map +1 -1
- package/dist/functionSurfaceClient.js.map +1 -1
- package/dist/gatewayFacades.d.ts +1 -0
- package/dist/gatewayFacades.js.map +1 -1
- package/dist/graphAnalysisClient.js.map +1 -1
- package/dist/graphClient.d.ts +1 -0
- package/dist/graphClient.js.map +1 -1
- package/dist/graphIntel.d.ts +1 -0
- package/dist/graphRecommendationsClient.js.map +1 -1
- package/dist/graphStateClassifierClient.js.map +1 -1
- package/dist/harnessClient.js.map +1 -1
- package/dist/identityClient.d.ts +1 -1
- package/dist/identityClient.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.js +790 -490
- package/dist/index.js.map +1 -1
- package/dist/infisicalRuntime.d.ts +1 -0
- package/dist/infisicalRuntime.js +64 -32
- package/dist/infisicalRuntime.js.map +1 -1
- package/dist/jobsClient.js.map +1 -1
- package/dist/learningClient.js.map +1 -1
- package/dist/lenses/index.d.ts +1 -0
- package/dist/lenses/index.js +799 -551
- package/dist/lenses/index.js.map +1 -1
- package/dist/mcpClient.js +2 -1
- package/dist/mcpClient.js.map +1 -1
- package/dist/modelRuntimeClient.js.map +1 -1
- package/dist/nodes/index.d.ts +1 -0
- package/dist/nodes/index.js +799 -551
- package/dist/nodes/index.js.map +1 -1
- package/dist/ontologies/index.d.ts +1 -0
- package/dist/ontologies/index.js +799 -551
- package/dist/ontologies/index.js.map +1 -1
- package/dist/ontologyClient.js.map +1 -1
- package/dist/ontologyLinksClient.js.map +1 -1
- package/dist/orgGraphSearchClient.js.map +1 -1
- package/dist/packsClient.js.map +1 -1
- package/dist/policyClient.js.map +1 -1
- package/dist/questions/index.d.ts +1 -0
- package/dist/questions/index.js +799 -551
- package/dist/questions/index.js.map +1 -1
- package/dist/reportsClient.js.map +1 -1
- package/dist/schemaClient.js.map +1 -1
- package/dist/secrets.d.ts +1 -0
- package/dist/secrets.js +3 -0
- package/dist/secrets.js.map +1 -0
- package/dist/sourcesClient.js.map +1 -1
- package/dist/telemetryClient.js.map +1 -1
- package/dist/toolRegistryClient.js.map +1 -1
- package/dist/topics/index.d.ts +1 -0
- package/dist/topics/index.js +799 -551
- package/dist/topics/index.js.map +1 -1
- package/dist/topicsClient.js.map +1 -1
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/dist/version.js.map +1 -1
- package/dist/workflowClient.js.map +1 -1
- package/dist/worktrees/index.d.ts +1 -0
- package/dist/worktrees/index.js +799 -551
- package/dist/worktrees/index.js.map +1 -1
- package/package.json +5 -4
package/README.md
CHANGED
|
@@ -24,7 +24,7 @@ Common direct installs:
|
|
|
24
24
|
| Programmatic Lucern API calls | `@lucern/sdk` |
|
|
25
25
|
| Tool access checks | `@lucern/access-control` |
|
|
26
26
|
| React hooks/components | `@lucern/react @lucern/sdk` |
|
|
27
|
-
| Convex component binding | `@lucern/
|
|
27
|
+
| Convex component binding | `@lucern/control-plane @lucern/reasoning-kernel` |
|
|
28
28
|
| Bootstrap, auth, doctor, and operator commands | `@lucern/cli` |
|
|
29
29
|
| Agent-facing MCP server/runtime | `@lucern/mcp` |
|
|
30
30
|
| Full design-partner/package-suite pin | all packages from `TENANT_CLIENT_INSTALLABLE_PACKAGES` in `@lucern/contracts` |
|
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
import { LucernSdkAuthContextError, LucernSdkAuthFailureReason, LucernSdkAuthContextInput } from './authContext.js';
|
|
2
|
+
import { GatewayClientConfig } from './coreClient.js';
|
|
3
|
+
import { PolicyEvaluationInput, PolicyDecisionRecord } from './identityClient.js';
|
|
4
|
+
import { SessionPrincipalType } from './contracts/auth-session.contract.js';
|
|
5
|
+
import { JsonObject } from './types.js';
|
|
6
|
+
import './contracts/workflow-runtime.contract.js';
|
|
7
|
+
import './contracts/lens-workflow.contract.js';
|
|
8
|
+
import './contracts/lens-filter.contract.js';
|
|
9
|
+
|
|
10
|
+
type ClerkIdentityAliasInput = {
|
|
11
|
+
provider?: "clerk" | string;
|
|
12
|
+
providerProjectId?: string | null;
|
|
13
|
+
externalSubjectId: string;
|
|
14
|
+
status?: "active" | "pending" | "revoked" | string;
|
|
15
|
+
};
|
|
16
|
+
type CanonicalPrincipalIdentityInput = {
|
|
17
|
+
principalId?: string | null;
|
|
18
|
+
principalType?: SessionPrincipalType | "user" | "external_viewer" | null;
|
|
19
|
+
canonicalClerkUserId?: string | null;
|
|
20
|
+
clerkId?: string | null;
|
|
21
|
+
clerkIdentityAliases?: readonly ClerkIdentityAliasInput[];
|
|
22
|
+
tenantId?: string | null;
|
|
23
|
+
workspaceId?: string | null;
|
|
24
|
+
roles?: readonly string[];
|
|
25
|
+
scopes?: readonly string[];
|
|
26
|
+
};
|
|
27
|
+
type CanonicalPrincipalIdentityAlias = {
|
|
28
|
+
provider: string;
|
|
29
|
+
providerProjectId?: string;
|
|
30
|
+
externalSubjectId: string;
|
|
31
|
+
status?: string;
|
|
32
|
+
};
|
|
33
|
+
type CanonicalPrincipalIdentity = {
|
|
34
|
+
principalId: string;
|
|
35
|
+
principalType: SessionPrincipalType;
|
|
36
|
+
canonicalClerkUserId?: string;
|
|
37
|
+
clerkIdentityAliases: CanonicalPrincipalIdentityAlias[];
|
|
38
|
+
tenantId?: string;
|
|
39
|
+
workspaceId?: string;
|
|
40
|
+
roles: string[];
|
|
41
|
+
scopes: string[];
|
|
42
|
+
};
|
|
43
|
+
type AccessResourceType = "tenant" | "workspace" | "deployment" | "convex_table" | "secret_scope" | "agent_session" | (string & {});
|
|
44
|
+
type AccessResourceDescriptor = {
|
|
45
|
+
type: AccessResourceType;
|
|
46
|
+
key: string;
|
|
47
|
+
};
|
|
48
|
+
type RequireAccessInput = {
|
|
49
|
+
identity?: CanonicalPrincipalIdentityInput | LucernSdkAuthContextInput;
|
|
50
|
+
observedClerkId?: string;
|
|
51
|
+
tenantId?: string;
|
|
52
|
+
workspaceId?: string;
|
|
53
|
+
action: string;
|
|
54
|
+
resource: AccessResourceDescriptor | string;
|
|
55
|
+
context?: JsonObject;
|
|
56
|
+
};
|
|
57
|
+
type AccessCheckResult = {
|
|
58
|
+
identity: CanonicalPrincipalIdentity;
|
|
59
|
+
policyInput: PolicyEvaluationInput;
|
|
60
|
+
decision: PolicyDecisionRecord;
|
|
61
|
+
};
|
|
62
|
+
declare class LucernAccessControlError extends LucernSdkAuthContextError {
|
|
63
|
+
readonly policyDecision?: PolicyDecisionRecord;
|
|
64
|
+
constructor(reason: LucernSdkAuthFailureReason, message: string, policyDecision?: PolicyDecisionRecord);
|
|
65
|
+
}
|
|
66
|
+
declare function normalizeCanonicalPrincipalIdentity(input: CanonicalPrincipalIdentityInput | LucernSdkAuthContextInput, options?: {
|
|
67
|
+
observedClerkId?: string;
|
|
68
|
+
}): CanonicalPrincipalIdentity;
|
|
69
|
+
declare function formatPermitResource(resource: AccessResourceDescriptor | string): string;
|
|
70
|
+
declare function assertPermitAllowed(decision: PolicyDecisionRecord): void;
|
|
71
|
+
declare function createAccessControlClient(config?: GatewayClientConfig): {
|
|
72
|
+
normalizePrincipal: typeof normalizeCanonicalPrincipalIdentity;
|
|
73
|
+
checkAccess: (input: RequireAccessInput, idempotencyKey?: string) => Promise<AccessCheckResult>;
|
|
74
|
+
requireAccess: (input: RequireAccessInput, idempotencyKey?: string) => Promise<AccessCheckResult>;
|
|
75
|
+
canAccess: (input: RequireAccessInput, idempotencyKey?: string) => Promise<boolean>;
|
|
76
|
+
};
|
|
77
|
+
|
|
78
|
+
export { type AccessCheckResult, type AccessResourceDescriptor, type AccessResourceType, type CanonicalPrincipalIdentity, type CanonicalPrincipalIdentityAlias, type CanonicalPrincipalIdentityInput, type ClerkIdentityAliasInput, LucernAccessControlError, type RequireAccessInput, assertPermitAllowed, createAccessControlClient, formatPermitResource, normalizeCanonicalPrincipalIdentity };
|