@lucern/sdk 0.3.0-alpha.11 → 0.3.0-alpha.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (102) hide show
  1. package/README.md +51 -0
  2. package/dist/accessControl.d.ts +1 -0
  3. package/dist/accessControl.js +156 -22
  4. package/dist/accessControl.js.map +1 -1
  5. package/dist/adminClient.js.map +1 -1
  6. package/dist/answersClient.js.map +1 -1
  7. package/dist/audiencesClient.js.map +1 -1
  8. package/dist/auditClient.js.map +1 -1
  9. package/dist/authContext.d.ts +1 -1
  10. package/dist/authContext.js.map +1 -1
  11. package/dist/beliefs/index.d.ts +1 -0
  12. package/dist/beliefs/index.js +206 -40
  13. package/dist/beliefs/index.js.map +1 -1
  14. package/dist/beliefsClient.js.map +1 -1
  15. package/dist/client.d.ts +79 -31
  16. package/dist/client.js +206 -40
  17. package/dist/client.js.map +1 -1
  18. package/dist/contextClient.js.map +1 -1
  19. package/dist/contracts/auth-session.contract.d.ts +1 -1
  20. package/dist/contracts/auth-session.contract.js +13 -1
  21. package/dist/contracts/auth-session.contract.js.map +1 -1
  22. package/dist/contracts/index.js +13 -1
  23. package/dist/contracts/index.js.map +1 -1
  24. package/dist/contradictions/index.d.ts +1 -0
  25. package/dist/contradictions/index.js +206 -40
  26. package/dist/contradictions/index.js.map +1 -1
  27. package/dist/control-plane.d.ts +69 -0
  28. package/dist/control-plane.js +656 -0
  29. package/dist/control-plane.js.map +1 -0
  30. package/dist/coreClient.js.map +1 -1
  31. package/dist/decisions/index.d.ts +1 -0
  32. package/dist/decisions/index.js +206 -40
  33. package/dist/decisions/index.js.map +1 -1
  34. package/dist/decisionsClient.js.map +1 -1
  35. package/dist/edges/index.d.ts +1 -0
  36. package/dist/edges/index.js +206 -40
  37. package/dist/edges/index.js.map +1 -1
  38. package/dist/embeddingsClient.js.map +1 -1
  39. package/dist/eventingClient.js.map +1 -1
  40. package/dist/eventsCore.js.map +1 -1
  41. package/dist/evidence/index.d.ts +1 -0
  42. package/dist/evidence/index.js +206 -40
  43. package/dist/evidence/index.js.map +1 -1
  44. package/dist/evidenceClient.js.map +1 -1
  45. package/dist/functionSurface.d.ts +2 -1
  46. package/dist/functionSurface.js +5 -0
  47. package/dist/functionSurface.js.map +1 -1
  48. package/dist/functionSurfaceClient.js +5 -0
  49. package/dist/functionSurfaceClient.js.map +1 -1
  50. package/dist/gatewayFacades.d.ts +26 -2
  51. package/dist/gatewayFacades.js +135 -7
  52. package/dist/gatewayFacades.js.map +1 -1
  53. package/dist/graphAnalysisClient.js.map +1 -1
  54. package/dist/graphClient.js.map +1 -1
  55. package/dist/graphRecommendationsClient.js.map +1 -1
  56. package/dist/graphStateClassifierClient.js.map +1 -1
  57. package/dist/harnessClient.js.map +1 -1
  58. package/dist/identityClient.d.ts +19 -1
  59. package/dist/identityClient.js +133 -5
  60. package/dist/identityClient.js.map +1 -1
  61. package/dist/index.d.ts +1 -0
  62. package/dist/index.js +232 -49
  63. package/dist/index.js.map +1 -1
  64. package/dist/jobsClient.js.map +1 -1
  65. package/dist/learningClient.js.map +1 -1
  66. package/dist/lenses/index.d.ts +1 -0
  67. package/dist/lenses/index.js +206 -40
  68. package/dist/lenses/index.js.map +1 -1
  69. package/dist/mcpClient.js.map +1 -1
  70. package/dist/modelRuntimeClient.js.map +1 -1
  71. package/dist/nodes/index.d.ts +1 -0
  72. package/dist/nodes/index.js +206 -40
  73. package/dist/nodes/index.js.map +1 -1
  74. package/dist/ontologies/index.d.ts +1 -0
  75. package/dist/ontologies/index.js +206 -40
  76. package/dist/ontologies/index.js.map +1 -1
  77. package/dist/ontologyClient.js.map +1 -1
  78. package/dist/ontologyLinksClient.js.map +1 -1
  79. package/dist/orgGraphSearchClient.js.map +1 -1
  80. package/dist/packsClient.js.map +1 -1
  81. package/dist/policyClient.js.map +1 -1
  82. package/dist/questions/index.d.ts +1 -0
  83. package/dist/questions/index.js +206 -40
  84. package/dist/questions/index.js.map +1 -1
  85. package/dist/reportsClient.js.map +1 -1
  86. package/dist/schemaClient.js.map +1 -1
  87. package/dist/sourcesClient.js.map +1 -1
  88. package/dist/telemetryClient.js.map +1 -1
  89. package/dist/toolRegistryClient.js.map +1 -1
  90. package/dist/topics/index.d.ts +1 -0
  91. package/dist/topics/index.js +206 -40
  92. package/dist/topics/index.js.map +1 -1
  93. package/dist/topicsClient.js.map +1 -1
  94. package/dist/types.d.ts +12 -0
  95. package/dist/version.d.ts +1 -1
  96. package/dist/version.js +1 -1
  97. package/dist/version.js.map +1 -1
  98. package/dist/workflowClient.js.map +1 -1
  99. package/dist/worktrees/index.d.ts +1 -0
  100. package/dist/worktrees/index.js +206 -40
  101. package/dist/worktrees/index.js.map +1 -1
  102. package/package.json +9 -5
package/dist/index.js CHANGED
@@ -81,6 +81,7 @@ __export(src_exports, {
81
81
  LUCERN_SDK_VERSION: () => LUCERN_SDK_VERSION,
82
82
  LucernAccessControlError: () => LucernAccessControlError,
83
83
  LucernApiError: () => LucernApiError,
84
+ LucernControlPlaneIdentityError: () => LucernControlPlaneIdentityError,
84
85
  LucernSdkAuthContextError: () => LucernSdkAuthContextError,
85
86
  MAX_ENTITY_LIMIT: () => MAX_ENTITY_LIMIT,
86
87
  MCP_ALWAYS_ALLOWED_TOOL_NAMES: () => MCP_ALWAYS_ALLOWED_TOOL_NAMES,
@@ -138,6 +139,8 @@ __export(src_exports, {
138
139
  createCanonicalAuthHeaders: () => createCanonicalAuthHeaders,
139
140
  createContextClient: () => createContextClient,
140
141
  createContextFacade: () => createContextFacade,
142
+ createControlPlaneClient: () => createControlPlaneClient,
143
+ createControlPlaneIdentityClient: () => createControlPlaneIdentityClient,
141
144
  createDecisionsClient: () => createDecisionsClient,
142
145
  createEmbeddingsClient: () => createEmbeddingsClient,
143
146
  createEventId: () => createEventId,
@@ -211,6 +214,7 @@ __export(src_exports, {
211
214
  normalizeDelegationChain: () => normalizeDelegationChain,
212
215
  normalizeNodeVerificationStatus: () => normalizeNodeVerificationStatus,
213
216
  normalizeNodeWriteInput: () => normalizeNodeWriteInput,
217
+ normalizeResolvedInteractivePrincipal: () => normalizeResolvedInteractivePrincipal,
214
218
  normalizeRetentionDays: () => normalizeRetentionDays,
215
219
  normalizeTopicQuery: () => normalizeTopicQuery,
216
220
  normalizeWebhookPatterns: () => normalizeWebhookPatterns,
@@ -299,14 +303,14 @@ function requireString(value, reason, label) {
299
303
  }
300
304
  return normalized;
301
305
  }
302
- function requirePrincipalType(principalType) {
303
- if (!principalType) {
306
+ function requirePrincipalType(principalType2) {
307
+ if (!principalType2) {
304
308
  throw new LucernSdkAuthContextError(
305
309
  "principal_missing",
306
310
  "Canonical Lucern SDK auth context is missing principalType."
307
311
  );
308
312
  }
309
- return principalType;
313
+ return principalType2;
310
314
  }
311
315
  function requireAuthMode(authMode) {
312
316
  if (!authMode) {
@@ -352,7 +356,7 @@ function normalizeCanonicalLucernAuthContext(input) {
352
356
  );
353
357
  const roles = cleanStringList(input.roles);
354
358
  const scopes = cleanStringList(input.scopes);
355
- const principalType = requirePrincipalType(input.principalType);
359
+ const principalType2 = requirePrincipalType(input.principalType);
356
360
  const authMode = requireAuthMode(input.authMode);
357
361
  const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
358
362
  if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
@@ -381,7 +385,7 @@ function normalizeCanonicalLucernAuthContext(input) {
381
385
  principalId,
382
386
  tenantId,
383
387
  workspaceId,
384
- principalType,
388
+ principalType: principalType2,
385
389
  authMode,
386
390
  roles,
387
391
  scopes,
@@ -1370,6 +1374,128 @@ function listResultFromEnvelope(data, legacyKey) {
1370
1374
  );
1371
1375
  }
1372
1376
 
1377
+ // src/control-plane.ts
1378
+ var LucernControlPlaneIdentityError = class extends Error {
1379
+ reason;
1380
+ principalStatus;
1381
+ tenantStatus;
1382
+ workspaceStatus;
1383
+ details;
1384
+ constructor(failure) {
1385
+ super(failure.message);
1386
+ this.name = "LucernControlPlaneIdentityError";
1387
+ this.reason = failure.reason;
1388
+ this.principalStatus = failure.principalStatus;
1389
+ this.tenantStatus = failure.tenantStatus;
1390
+ this.workspaceStatus = failure.workspaceStatus;
1391
+ this.details = failure.details;
1392
+ }
1393
+ };
1394
+ function cleanString3(value) {
1395
+ return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
1396
+ }
1397
+ function stringList(value) {
1398
+ if (!Array.isArray(value)) {
1399
+ return [];
1400
+ }
1401
+ return [
1402
+ ...new Set(
1403
+ value.filter((entry) => typeof entry === "string").map((entry) => entry.trim()).filter(Boolean)
1404
+ )
1405
+ ];
1406
+ }
1407
+ function principalType(value) {
1408
+ switch (value) {
1409
+ case "service":
1410
+ case "service_principal":
1411
+ return "service";
1412
+ case "agent":
1413
+ return "agent";
1414
+ case "group":
1415
+ return "group";
1416
+ case "external_viewer":
1417
+ case "external_stakeholder":
1418
+ return "external_viewer";
1419
+ default:
1420
+ return "human";
1421
+ }
1422
+ }
1423
+ function adminFlags(roles) {
1424
+ const normalized = roles.map((role) => role.toLowerCase());
1425
+ const isPlatformAdmin = normalized.includes("platform_admin");
1426
+ const isTenantAdmin = isPlatformAdmin || normalized.includes("tenant_admin");
1427
+ const isWorkspaceAdmin = isTenantAdmin || normalized.includes("workspace_admin") || normalized.includes("workspace_owner");
1428
+ return { isPlatformAdmin, isTenantAdmin, isWorkspaceAdmin };
1429
+ }
1430
+ function normalizeResolvedInteractivePrincipal(payload) {
1431
+ if ("ok" in payload && payload.ok === false) {
1432
+ throw new LucernControlPlaneIdentityError(payload);
1433
+ }
1434
+ const principalId = cleanString3(payload.principalId);
1435
+ const clerkId = cleanString3(payload.clerkId);
1436
+ const tenantId = cleanString3(payload.tenantId);
1437
+ if (!principalId || !clerkId || !tenantId) {
1438
+ throw new LucernControlPlaneIdentityError({
1439
+ ok: false,
1440
+ reason: "resolver_unavailable",
1441
+ message: "Control-plane principal resolver returned an incomplete principal context.",
1442
+ principalStatus: payload.principalStatus ?? "missing",
1443
+ tenantStatus: payload.tenantStatus,
1444
+ workspaceStatus: payload.workspaceStatus
1445
+ });
1446
+ }
1447
+ const roles = stringList(payload.roles);
1448
+ const scopes = stringList(payload.scopes);
1449
+ const workspaceId = cleanString3(payload.workspaceId) ?? null;
1450
+ const flags = adminFlags(roles);
1451
+ return {
1452
+ principalId,
1453
+ principalType: principalType(payload.principalType),
1454
+ clerkId,
1455
+ tenantId,
1456
+ workspaceId,
1457
+ roles,
1458
+ scopes,
1459
+ groupIds: stringList(payload.groupIds),
1460
+ permittedToolNames: stringList(payload.permittedToolNames),
1461
+ permittedPackKeys: stringList(payload.permittedPackKeys),
1462
+ principalStatus: cleanString3(payload.principalStatus) ?? "active",
1463
+ tenantStatus: cleanString3(payload.tenantStatus) ?? "active",
1464
+ workspaceStatus: cleanString3(payload.workspaceStatus) ?? (workspaceId ? "active" : "none"),
1465
+ isPlatformAdmin: typeof payload.isPlatformAdmin === "boolean" ? payload.isPlatformAdmin : flags.isPlatformAdmin,
1466
+ isTenantAdmin: typeof payload.isTenantAdmin === "boolean" ? payload.isTenantAdmin : flags.isTenantAdmin,
1467
+ isWorkspaceAdmin: typeof payload.isWorkspaceAdmin === "boolean" ? payload.isWorkspaceAdmin : flags.isWorkspaceAdmin,
1468
+ permit: {
1469
+ subject: cleanString3(payload.permit?.subject) ?? principalId,
1470
+ tenant: cleanString3(payload.permit?.tenant) ?? tenantId,
1471
+ ...workspaceId ? { workspace: cleanString3(payload.permit?.workspace) ?? workspaceId } : {}
1472
+ },
1473
+ authMode: "interactive_user",
1474
+ sessionId: payload.sessionId,
1475
+ delegatedBy: payload.delegatedBy,
1476
+ expiresAt: payload.expiresAt
1477
+ };
1478
+ }
1479
+ function createControlPlaneIdentityClient(config = {}) {
1480
+ const gateway = createGatewayRequestClient(config);
1481
+ return {
1482
+ async resolveInteractivePrincipal(input) {
1483
+ return gateway.request({
1484
+ path: "/api/platform/v1/control-plane/identity/resolve-interactive-principal",
1485
+ method: "POST",
1486
+ body: input
1487
+ }).then(
1488
+ (response) => mapGatewayData(response, normalizeResolvedInteractivePrincipal)
1489
+ );
1490
+ }
1491
+ };
1492
+ }
1493
+ function createControlPlaneClient(config = {}) {
1494
+ return {
1495
+ identity: createControlPlaneIdentityClient(config)
1496
+ };
1497
+ }
1498
+
1373
1499
  // src/identityClient.ts
1374
1500
  function createIdentityWhoamiClient(config = {}) {
1375
1501
  const gateway = createGatewayRequestClient(config);
@@ -1437,13 +1563,25 @@ function createIdentityClient(config = {}) {
1437
1563
  (response) => mapGatewayData(response, (data) => ({
1438
1564
  principalId: data.principalId,
1439
1565
  principalType: data.principalType,
1566
+ clerkId: data.clerkId,
1440
1567
  tenantId: data.tenantId ?? null,
1441
1568
  workspaceId: data.workspaceId ?? null,
1442
1569
  scopes: Array.isArray(data.scopes) ? data.scopes : [],
1443
1570
  roles: Array.isArray(data.roles) ? data.roles : [],
1571
+ groupIds: Array.isArray(data.groupIds) ? data.groupIds : [],
1572
+ permittedToolNames: Array.isArray(data.permittedToolNames) ? data.permittedToolNames : [],
1573
+ permittedPackKeys: Array.isArray(data.permittedPackKeys) ? data.permittedPackKeys : [],
1574
+ principalStatus: data.principalStatus,
1575
+ tenantStatus: data.tenantStatus,
1576
+ workspaceStatus: data.workspaceStatus,
1444
1577
  isPlatformAdmin: data.isPlatformAdmin === true,
1445
1578
  isTenantAdmin: data.isTenantAdmin === true,
1446
1579
  isWorkspaceAdmin: data.isWorkspaceAdmin === true,
1580
+ permit: data.permit ?? (data.tenantId ? {
1581
+ subject: data.principalId,
1582
+ tenant: data.tenantId,
1583
+ ...data.workspaceId ? { workspace: data.workspaceId } : {}
1584
+ } : void 0),
1447
1585
  authMode: data.authMode,
1448
1586
  sessionId: data.sessionId,
1449
1587
  delegatedBy: data.delegatedBy,
@@ -1451,6 +1589,19 @@ function createIdentityClient(config = {}) {
1451
1589
  }))
1452
1590
  );
1453
1591
  },
1592
+ /**
1593
+ * Resolve a Clerk subject through the tenant control-plane Permit projection.
1594
+ * @deprecated Prefer lucern.controlPlane.identity.resolveInteractivePrincipal().
1595
+ */
1596
+ async resolveInteractivePrincipal(input) {
1597
+ return gateway.request({
1598
+ path: "/api/platform/v1/control-plane/identity/resolve-interactive-principal",
1599
+ method: "POST",
1600
+ body: input
1601
+ }).then(
1602
+ (response) => mapGatewayData(response, normalizeResolvedInteractivePrincipal)
1603
+ );
1604
+ },
1454
1605
  /**
1455
1606
  * List principals in the current identity scope.
1456
1607
  */
@@ -1647,7 +1798,7 @@ var LucernAccessControlError = class extends LucernSdkAuthContextError {
1647
1798
  this.policyDecision = policyDecision;
1648
1799
  }
1649
1800
  };
1650
- function cleanString3(value) {
1801
+ function cleanString4(value) {
1651
1802
  const normalized = value?.trim();
1652
1803
  return normalized ? normalized : void 0;
1653
1804
  }
@@ -1662,7 +1813,7 @@ function cleanStringList2(values) {
1662
1813
  ];
1663
1814
  }
1664
1815
  function requireString2(value, reason, label) {
1665
- const normalized = cleanString3(value);
1816
+ const normalized = cleanString4(value);
1666
1817
  if (!normalized) {
1667
1818
  throw new LucernAccessControlError(
1668
1819
  reason,
@@ -1671,13 +1822,19 @@ function requireString2(value, reason, label) {
1671
1822
  }
1672
1823
  return normalized;
1673
1824
  }
1674
- function normalizePrincipalType(principalType) {
1675
- if (principalType === "agent") {
1825
+ function normalizePrincipalType(principalType2) {
1826
+ if (principalType2 === "agent") {
1676
1827
  return "agent";
1677
1828
  }
1678
- if (principalType === "service") {
1829
+ if (principalType2 === "service") {
1679
1830
  return "service";
1680
1831
  }
1832
+ if (principalType2 === "group") {
1833
+ return "group";
1834
+ }
1835
+ if (principalType2 === "external_viewer") {
1836
+ return "external_viewer";
1837
+ }
1681
1838
  return "human";
1682
1839
  }
1683
1840
  function aliasKey(alias) {
@@ -1686,15 +1843,15 @@ function aliasKey(alias) {
1686
1843
  function normalizeAliases(input, canonicalClerkUserId) {
1687
1844
  const aliases = /* @__PURE__ */ new Map();
1688
1845
  for (const alias of input ?? []) {
1689
- const externalSubjectId = cleanString3(alias.externalSubjectId);
1846
+ const externalSubjectId = cleanString4(alias.externalSubjectId);
1690
1847
  if (!externalSubjectId) {
1691
1848
  continue;
1692
1849
  }
1693
1850
  const normalized = {
1694
- provider: cleanString3(alias.provider) ?? "clerk",
1695
- providerProjectId: cleanString3(alias.providerProjectId),
1851
+ provider: cleanString4(alias.provider) ?? "clerk",
1852
+ providerProjectId: cleanString4(alias.providerProjectId),
1696
1853
  externalSubjectId,
1697
- status: cleanString3(alias.status)
1854
+ status: cleanString4(alias.status)
1698
1855
  };
1699
1856
  aliases.set(aliasKey(normalized), normalized);
1700
1857
  }
@@ -1739,10 +1896,10 @@ function normalizeCanonicalPrincipalIdentity(input, options = {}) {
1739
1896
  "principal_missing",
1740
1897
  "principalId"
1741
1898
  );
1742
- const principalType = normalizePrincipalType(principalInput.principalType);
1743
- const observedClerkId = cleanString3(options.observedClerkId);
1744
- const canonicalClerkUserId = cleanString3(principalInput.canonicalClerkUserId) ?? cleanString3(principalInput.clerkId);
1745
- if (principalType === "human" && !canonicalClerkUserId) {
1899
+ const principalType2 = normalizePrincipalType(principalInput.principalType);
1900
+ const observedClerkId = cleanString4(options.observedClerkId);
1901
+ const canonicalClerkUserId = cleanString4(principalInput.canonicalClerkUserId) ?? cleanString4(principalInput.clerkId);
1902
+ if (principalType2 === "human" && !canonicalClerkUserId) {
1746
1903
  throw new LucernAccessControlError(
1747
1904
  "clerk_alias_missing",
1748
1905
  "Human principals require one canonical Clerk user id."
@@ -1764,11 +1921,11 @@ function normalizeCanonicalPrincipalIdentity(input, options = {}) {
1764
1921
  }
1765
1922
  return {
1766
1923
  principalId,
1767
- principalType,
1924
+ principalType: principalType2,
1768
1925
  canonicalClerkUserId,
1769
1926
  clerkIdentityAliases: aliases,
1770
- tenantId: cleanString3(principalInput.tenantId),
1771
- workspaceId: cleanString3(principalInput.workspaceId),
1927
+ tenantId: cleanString4(principalInput.tenantId),
1928
+ workspaceId: cleanString4(principalInput.workspaceId),
1772
1929
  roles: cleanStringList2(principalInput.roles),
1773
1930
  scopes: cleanStringList2(principalInput.scopes)
1774
1931
  };
@@ -1793,7 +1950,7 @@ function buildPolicyInput(identity, input) {
1793
1950
  "tenant_missing",
1794
1951
  "tenantId"
1795
1952
  );
1796
- const workspaceId = cleanString3(input.workspaceId ?? identity.workspaceId);
1953
+ const workspaceId = cleanString4(input.workspaceId ?? identity.workspaceId);
1797
1954
  if (resourceRequiresWorkspace(input.resource) && !workspaceId) {
1798
1955
  throw new LucernAccessControlError(
1799
1956
  "workspace_missing",
@@ -3193,12 +3350,12 @@ function createGraphClient(config = {}) {
3193
3350
  }
3194
3351
 
3195
3352
  // src/topicsClient.ts
3196
- function cleanString4(value) {
3353
+ function cleanString5(value) {
3197
3354
  return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
3198
3355
  }
3199
3356
  function normalizeTopicRecord(value) {
3200
3357
  const record = asRecord(value);
3201
- const topicId = cleanString4(record.topicId) ?? cleanString4(record.id) ?? cleanString4(record._id);
3358
+ const topicId = cleanString5(record.topicId) ?? cleanString5(record.id) ?? cleanString5(record._id);
3202
3359
  return withTopicAlias({
3203
3360
  ...record,
3204
3361
  ...topicId ? { topicId } : {}
@@ -4411,7 +4568,7 @@ function createEmbeddingsClient(config = {}) {
4411
4568
  }
4412
4569
 
4413
4570
  // src/contextClient.ts
4414
- function cleanString5(value) {
4571
+ function cleanString6(value) {
4415
4572
  return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
4416
4573
  }
4417
4574
  function cleanNumber(value) {
@@ -4423,11 +4580,11 @@ function cleanBoolean(value) {
4423
4580
  function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
4424
4581
  const effectiveInput = typeof topicIdOrInput === "string" ? input : topicIdOrInput;
4425
4582
  const payload = {};
4426
- const topicId = typeof topicIdOrInput === "string" ? cleanString5(topicIdOrInput) : cleanString5(effectiveInput.topicId);
4583
+ const topicId = typeof topicIdOrInput === "string" ? cleanString6(topicIdOrInput) : cleanString6(effectiveInput.topicId);
4427
4584
  if (topicId) {
4428
4585
  payload.topicId = topicId;
4429
4586
  }
4430
- const query5 = cleanString5(effectiveInput.query);
4587
+ const query5 = cleanString6(effectiveInput.query);
4431
4588
  if (query5) {
4432
4589
  payload.query = query5;
4433
4590
  }
@@ -4435,7 +4592,7 @@ function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
4435
4592
  if (budget !== void 0) {
4436
4593
  payload.budget = budget;
4437
4594
  }
4438
- const ranking = cleanString5(effectiveInput.ranking) ?? cleanString5(effectiveInput.rankingProfile);
4595
+ const ranking = cleanString6(effectiveInput.ranking) ?? cleanString6(effectiveInput.rankingProfile);
4439
4596
  if (ranking) {
4440
4597
  payload.ranking = ranking;
4441
4598
  }
@@ -4451,7 +4608,7 @@ function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
4451
4608
  if (includeEntities !== void 0) {
4452
4609
  payload.includeEntities = includeEntities;
4453
4610
  }
4454
- const mode = cleanString5(effectiveInput.mode);
4611
+ const mode = cleanString6(effectiveInput.mode);
4455
4612
  if (mode) {
4456
4613
  payload.mode = mode;
4457
4614
  }
@@ -4459,11 +4616,11 @@ function buildCompileContextRequest(topicIdOrInput = {}, input = {}) {
4459
4616
  if (includeFailures !== void 0) {
4460
4617
  payload.includeFailures = includeFailures;
4461
4618
  }
4462
- const worktreeId = cleanString5(effectiveInput.worktreeId);
4619
+ const worktreeId = cleanString6(effectiveInput.worktreeId);
4463
4620
  if (worktreeId) {
4464
4621
  payload.worktreeId = worktreeId;
4465
4622
  }
4466
- const sessionId = cleanString5(effectiveInput.sessionId);
4623
+ const sessionId = cleanString6(effectiveInput.sessionId);
4467
4624
  if (sessionId) {
4468
4625
  payload.sessionId = sessionId;
4469
4626
  }
@@ -5463,6 +5620,7 @@ var FUNCTION_SURFACE_METHOD_PATHS = [
5463
5620
  "contracts.evaluateContract",
5464
5621
  "contracts.getContractStatus",
5465
5622
  "contradictions.flagContradiction",
5623
+ "controlPlane.identity.resolveInteractivePrincipal",
5466
5624
  "coordination.broadcastMessage",
5467
5625
  "coordination.claimFiles",
5468
5626
  "coordination.endSession",
@@ -5668,6 +5826,7 @@ var CONTRACTS = {
5668
5826
  "remove_edges_between": { method: "DELETE", path: "/edges/between", kind: "mutation", idempotent: true, surfaceIntent: "mcp_analysis" },
5669
5827
  "remove_lens_from_topic": { method: "DELETE", path: "/lenses/apply", kind: "mutation", idempotent: true, surfaceIntent: "mcp_workflow" },
5670
5828
  "resolve_effective_ontology": { method: "POST", path: "/ontologies/effective", kind: "query", idempotent: false, surfaceIntent: "mcp_workflow" },
5829
+ "resolve_interactive_principal": { method: "POST", path: "/control-plane/identity/resolve-interactive-principal", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
5671
5830
  "run_graph_intelligence_query": { method: "POST", path: "/graph-intelligence/run", kind: "query", idempotent: false, surfaceIntent: "mcp_analysis" },
5672
5831
  "search_beliefs": { method: "POST", path: "/beliefs/search", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
5673
5832
  "search_evidence": { method: "POST", path: "/evidence/search", kind: "query", idempotent: false, surfaceIntent: "mcp_core" },
@@ -6050,6 +6209,9 @@ function createFunctionSurfaceClient(config = {}) {
6050
6209
  resolveEffectiveOntology(input = {}, idempotencyKey) {
6051
6210
  return execute("resolve_effective_ontology", input, idempotencyKey);
6052
6211
  },
6212
+ resolveInteractivePrincipal(input = {}, idempotencyKey) {
6213
+ return execute("resolve_interactive_principal", input, idempotencyKey);
6214
+ },
6053
6215
  runGraphIntelligenceQuery(input = {}, idempotencyKey) {
6054
6216
  return execute("run_graph_intelligence_query", input, idempotencyKey);
6055
6217
  },
@@ -6310,7 +6472,7 @@ var ORG_GRAPH_SEARCH_FIELDS = [
6310
6472
  "cursor",
6311
6473
  "provenanceScope"
6312
6474
  ];
6313
- function cleanString6(value, label) {
6475
+ function cleanString7(value, label) {
6314
6476
  const normalized = value?.trim();
6315
6477
  if (!normalized) {
6316
6478
  throw new Error(`${label} is required`);
@@ -6332,9 +6494,9 @@ function searchBody(input) {
6332
6494
  "orgGraphSearch.search"
6333
6495
  );
6334
6496
  return {
6335
- tenantId: cleanString6(input.tenantId, "tenantId"),
6336
- workspaceId: cleanString6(input.workspaceId, "workspaceId"),
6337
- query: cleanString6(input.query, "query"),
6497
+ tenantId: cleanString7(input.tenantId, "tenantId"),
6498
+ workspaceId: cleanString7(input.workspaceId, "workspaceId"),
6499
+ query: cleanString7(input.query, "query"),
6338
6500
  nodeTypes: input.nodeTypes,
6339
6501
  minConfidence: input.minConfidence,
6340
6502
  limit: input.limit,
@@ -6344,8 +6506,8 @@ function searchBody(input) {
6344
6506
  }
6345
6507
  function listQuery2(input) {
6346
6508
  return {
6347
- tenantId: cleanString6(input.tenantId, "tenantId"),
6348
- workspaceId: cleanString6(input.workspaceId, "workspaceId"),
6509
+ tenantId: cleanString7(input.tenantId, "tenantId"),
6510
+ workspaceId: cleanString7(input.workspaceId, "workspaceId"),
6349
6511
  nodeTypes: input.nodeTypes?.join(","),
6350
6512
  minConfidence: input.minConfidence,
6351
6513
  limit: input.limit,
@@ -6379,8 +6541,8 @@ function createOrgGraphSearchClient(config = {}) {
6379
6541
  return gateway.request({
6380
6542
  path: `/api/platform/v1/org-graph-search/nodes/${nodePath}${toQueryString(
6381
6543
  {
6382
- tenantId: cleanString6(input.tenantId, "tenantId"),
6383
- workspaceId: cleanString6(input.workspaceId, "workspaceId"),
6544
+ tenantId: cleanString7(input.tenantId, "tenantId"),
6545
+ workspaceId: cleanString7(input.workspaceId, "workspaceId"),
6384
6546
  globalId: nodeId ? void 0 : globalId
6385
6547
  }
6386
6548
  )}`
@@ -7345,7 +7507,7 @@ function createToolRegistryClient(config = {}) {
7345
7507
  }
7346
7508
 
7347
7509
  // src/version.ts
7348
- var LUCERN_SDK_VERSION = "0.3.0-alpha.11";
7510
+ var LUCERN_SDK_VERSION = "0.3.0-alpha.13";
7349
7511
 
7350
7512
  // src/workflowClient.ts
7351
7513
  function normalizeLensQuery(value) {
@@ -7822,6 +7984,7 @@ function createLucernClient(config = {}) {
7822
7984
  const ontologyLinksClient = createOntologyLinksClient(gatewayConfig);
7823
7985
  const orgGraphSearchClient = createOrgGraphSearchClient(gatewayConfig);
7824
7986
  const functionSurfaceClient = createFunctionSurfaceClient(gatewayConfig);
7987
+ const controlPlaneClient = createControlPlaneClient(gatewayConfig);
7825
7988
  const toolRegistryClient = createToolRegistryClient(gatewayConfig);
7826
7989
  const modelRuntimeClient = createModelRuntimeClient(gatewayConfig);
7827
7990
  const packsClient = createPacksClient(gatewayConfig);
@@ -9485,9 +9648,16 @@ function createLucernClient(config = {}) {
9485
9648
  disable: packsClient.disable
9486
9649
  },
9487
9650
  nodes: nodesNamespace,
9651
+ controlPlane: {
9652
+ identity: {
9653
+ resolveInteractivePrincipal: controlPlaneClient.identity.resolveInteractivePrincipal
9654
+ },
9655
+ raw: controlPlaneClient
9656
+ },
9488
9657
  identity: {
9489
9658
  ...identityFacade,
9490
9659
  access: accessControlClient,
9660
+ resolveInteractivePrincipal: identityClient.resolveInteractivePrincipal,
9491
9661
  evaluatePolicy: identityClient.evaluatePolicy,
9492
9662
  recordPolicyDecision: identityClient.recordPolicyDecision,
9493
9663
  putSecretReference: identityClient.putSecretReference,
@@ -9532,6 +9702,7 @@ function createLucernClient(config = {}) {
9532
9702
  ontologyLinks: ontologyLinksClient,
9533
9703
  orgGraphSearch: orgGraphSearchClient,
9534
9704
  functionSurface: functionSurfaceClient,
9705
+ controlPlane: controlPlaneClient,
9535
9706
  toolRegistry: toolRegistryClient,
9536
9707
  modelRuntime: modelRuntimeClient,
9537
9708
  packs: packsClient,
@@ -9549,7 +9720,7 @@ function createLucernClient(config = {}) {
9549
9720
  }
9550
9721
 
9551
9722
  // src/facade/context.ts
9552
- function cleanString7(value) {
9723
+ function cleanString8(value) {
9553
9724
  return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
9554
9725
  }
9555
9726
  function cleanNumber2(value) {
@@ -9561,11 +9732,11 @@ function cleanBoolean2(value) {
9561
9732
  function buildCompileContextRequest2(topicIdOrInput = {}, input = {}) {
9562
9733
  const effectiveInput = typeof topicIdOrInput === "string" ? input : topicIdOrInput;
9563
9734
  const payload = {};
9564
- const topicId = typeof topicIdOrInput === "string" ? cleanString7(topicIdOrInput) : cleanString7(effectiveInput.topicId);
9735
+ const topicId = typeof topicIdOrInput === "string" ? cleanString8(topicIdOrInput) : cleanString8(effectiveInput.topicId);
9565
9736
  if (topicId) {
9566
9737
  payload.topicId = topicId;
9567
9738
  }
9568
- const query5 = cleanString7(effectiveInput.query);
9739
+ const query5 = cleanString8(effectiveInput.query);
9569
9740
  if (query5) {
9570
9741
  payload.query = query5;
9571
9742
  }
@@ -9573,7 +9744,7 @@ function buildCompileContextRequest2(topicIdOrInput = {}, input = {}) {
9573
9744
  if (budget !== void 0) {
9574
9745
  payload.budget = budget;
9575
9746
  }
9576
- const ranking = cleanString7(effectiveInput.ranking) ?? cleanString7(effectiveInput.rankingProfile);
9747
+ const ranking = cleanString8(effectiveInput.ranking) ?? cleanString8(effectiveInput.rankingProfile);
9577
9748
  if (ranking) {
9578
9749
  payload.ranking = ranking;
9579
9750
  }
@@ -9589,7 +9760,7 @@ function buildCompileContextRequest2(topicIdOrInput = {}, input = {}) {
9589
9760
  if (includeEntities !== void 0) {
9590
9761
  payload.includeEntities = includeEntities;
9591
9762
  }
9592
- const mode = cleanString7(effectiveInput.mode);
9763
+ const mode = cleanString8(effectiveInput.mode);
9593
9764
  if (mode) {
9594
9765
  payload.mode = mode;
9595
9766
  }
@@ -9597,11 +9768,11 @@ function buildCompileContextRequest2(topicIdOrInput = {}, input = {}) {
9597
9768
  if (includeFailures !== void 0) {
9598
9769
  payload.includeFailures = includeFailures;
9599
9770
  }
9600
- const worktreeId = cleanString7(effectiveInput.worktreeId);
9771
+ const worktreeId = cleanString8(effectiveInput.worktreeId);
9601
9772
  if (worktreeId) {
9602
9773
  payload.worktreeId = worktreeId;
9603
9774
  }
9604
- const sessionId = cleanString7(effectiveInput.sessionId);
9775
+ const sessionId = cleanString8(effectiveInput.sessionId);
9605
9776
  if (sessionId) {
9606
9777
  payload.sessionId = sessionId;
9607
9778
  }
@@ -11023,7 +11194,13 @@ var SESSION_AUTH_MODES = [
11023
11194
  "tenant_api_key",
11024
11195
  "session_token"
11025
11196
  ];
11026
- var SESSION_PRINCIPAL_TYPES = ["human", "service", "agent"];
11197
+ var SESSION_PRINCIPAL_TYPES = [
11198
+ "human",
11199
+ "service",
11200
+ "agent",
11201
+ "group",
11202
+ "external_viewer"
11203
+ ];
11027
11204
  var SESSION_LIFECYCLE_STATUSES = [
11028
11205
  "active",
11029
11206
  "expired",
@@ -11036,6 +11213,12 @@ function inferSessionPrincipalType(principalId) {
11036
11213
  if (principalId.startsWith("agent:")) {
11037
11214
  return "agent";
11038
11215
  }
11216
+ if (principalId.startsWith("group:")) {
11217
+ return "group";
11218
+ }
11219
+ if (principalId.startsWith("external:") || principalId.startsWith("external_viewer:")) {
11220
+ return "external_viewer";
11221
+ }
11039
11222
  return "service";
11040
11223
  }
11041
11224
  function normalizeDelegationChain(args) {
@@ -12255,6 +12438,6 @@ function formatInfisicalRuntimeError(error) {
12255
12438
  return "Unknown Infisical runtime error shape";
12256
12439
  }
12257
12440
 
12258
- export { BELIEF_STATUSES, BRANCH_DEPRECATION_MESSAGE, CANONICAL_WORKFLOW_DEFINITIONS, CONFIDENCE_TRIGGERS, CONTRADICTION_SEVERITIES, CONTRADICTION_STATUSES, CONTROL_OBJECT_BLAST_RADII, CONTROL_OBJECT_EDIT_SURFACES, CONTROL_OBJECT_INHERITANCE_RULES, CONTROL_OBJECT_KINDS, CONTROL_OBJECT_OWNERSHIP_CONTRACT, CONTROL_OBJECT_OWNERSHIP_MATRIX, CONTROL_OBJECT_OWNERSHIP_ROWS, CONTROL_OBJECT_OWNER_SCOPES, CustomToolRegistryError, DEFAULT_TIER_APPROVAL_MODE, DEFAULT_WORKFLOW_AUTO_FIX_POLICY, DEFEAT_TYPES, DOMAIN_EVENT_TYPES, DOMAIN_EVENT_VERSION, DeviceAuthorizationError, EDGE_TYPES, EMBEDDINGS_FIELDS, EPISTEMIC_EDGE_TYPES, EPISTEMIC_LAYERS, EVENTING_FIELDS, EVENT_RETENTION_DEFAULT_DAYS, FORK_REASONS, FUNCTION_SURFACE_METHOD_PATHS, GRAPH_ANALYSIS_ANALYSIS_FIELDS, GRAPH_ANALYSIS_COMPUTE_FIELDS, GRAPH_ANALYSIS_SUGGESTION_FIELDS, GRAPH_RECOMMENDATION_FIELDS, GRAPH_STATE_CLASSIFIER_FIELDS, InfisicalRuntimeError, JOBS_FIELDS, JUDGMENT_TYPES, LENS_PERSPECTIVE_TYPES, LENS_STATUSES, LENS_TASK_TEMPLATE_PRIORITIES, LUCERN_SDK_VERSION, LucernAccessControlError, LucernApiError, LucernSdkAuthContextError, MAX_ENTITY_LIMIT, MCP_ALWAYS_ALLOWED_TOOL_NAMES, MERGE_OUTCOMES, MODEL_RUNTIME_FIELDS, MORNING_BRIEF_WORKFLOW_ID, NIGHTLY_RECONCILIATION_WORKFLOW_ID, ONTOLOGY_LINK_FIELDS, ORG_GRAPH_SEARCH_FIELDS, REASONING_METHODS, SESSION_AUTH_MODES, SESSION_LIFECYCLE_STATUSES, SESSION_PRINCIPAL_TYPES, STRUCTURAL_EDGE_TYPES, TELEMETRY_FIELDS, TENANT_IDENTITY_FIELDS, TOOL_REGISTRY_FIELDS, WEBHOOK_MAX_ATTEMPTS, WEBHOOK_RETRY_DELAYS_MS, WORKFLOW_ACTION_KINDS, WORKFLOW_APPROVAL_MODES, WORKFLOW_AUTO_FIX_MODES, WORKFLOW_HOOK_EVENTS, WORKFLOW_INTEGRITY_CHECKS, WORKFLOW_MUTATION_TIERS, WORKFLOW_OUTPUT_KINDS, WORKFLOW_PROOF_ARTIFACT_KINDS, WORKFLOW_RUNTIME_SCHEMA_VERSION, WORKFLOW_RUN_STATUSES, WORKFLOW_STAFFING_HINTS, WORKFLOW_TRIGGER_KINDS, WORKTREE_PHASES, applyInfisicalRuntimeEnv, asListItems, asRecord, assertPermitAllowed, assertValidWebhookSecret, assertValidWebhookUrl, buildDeprecatedBranchMetadata, buildDomainEvent, buildMcpToolContracts, buildMcpToolManifest, clearRegisteredCustomTools, compareEventCursor, compileContextPackFromSnapshot, computeWebhookSignature, createAccessControlClient, createAdminClient, createAnswersClient, createAudiencesClient, createAuditClient, createAuthDeviceClient, createBeliefsClient, createCanonicalAuthHeaders, createContextClient, createContextFacade, createDecisionsClient, createEmbeddingsClient, createEventId, createEventingClient, createEventsClientCore, createEvidenceClient, createFunctionSurfaceClient, createGatewayRequestClient, createGraphAnalysisClient, createGraphClient, createGraphRecommendationsClient, createGraphStateClassifierClient, createHarnessClient, createIdentityClient, createJobsClient, createLearningClient, createListResult, createLucernClient, createModelRuntimeClient, createOntologyClient, createOntologyLinksClient, createOrgGraphSearchClient, createPacksClient, createPolicyClient, createReportsClient, createSchemaClient, createSourcesClient, createTelemetryClient, createToolRegistryClient, createTopicsClient, createWebhooksClientCore, createWorkflowClient, decodeEventCursor, emitDomainEvent, encodeEventCursor, eventPatternToRegExp, formatPermitResource, getControlObjectOwnershipCase, getMcpToolExposure, getRegisteredCustomTool, hydrateInfisicalRuntimeEnv, inferActorType, inferLensPerspectiveTypeFromBranchSchema, inferSessionPrincipalType, invokeRegisteredCustomTool, isAfterCursor, isInfisicalRuntimeDisabled, isLensFilterCriteria, isLucernPrompt, isMcpToolAllowed, isRecord2 as isRecord, isTaxonomyFilterCriteriaV1, lastDelegator, listControlObjectOwnershipCases, listRegisteredCustomTools, mapAliasedList, mapGatewayData, mapOpinionHistoryEntriesFromGatewayData, matchesAnyEventPattern, matchesEventPattern, mcpContractToInputSchema, mcpContractToManifestEntry, migrateBranchToLens, nextDeliveryAttemptAt, normalizeCanonicalLucernAuthContext, normalizeCanonicalPrincipalIdentity, normalizeDelegationChain, normalizeNodeVerificationStatus, normalizeNodeWriteInput, normalizeRetentionDays, normalizeTopicQuery, normalizeWebhookPatterns, opinionFromBaseRate, opinionFromDogmatic, opinionFromProjected, planContextPackCompilation, randomIdempotencyKey, readInfisicalRuntimeBootstrap, registerCustomTool, resolveDeliveryFailureStatus, resolveText, resolveTopicId, sanitizeWebhookRecord, sortEventsByCursor, toQueryString, truncateWebhookResponseBody, unregisterCustomTool, validateFilterCriteria, withSdkAliases, withTextAlias, withTopicAlias };
12441
+ export { BELIEF_STATUSES, BRANCH_DEPRECATION_MESSAGE, CANONICAL_WORKFLOW_DEFINITIONS, CONFIDENCE_TRIGGERS, CONTRADICTION_SEVERITIES, CONTRADICTION_STATUSES, CONTROL_OBJECT_BLAST_RADII, CONTROL_OBJECT_EDIT_SURFACES, CONTROL_OBJECT_INHERITANCE_RULES, CONTROL_OBJECT_KINDS, CONTROL_OBJECT_OWNERSHIP_CONTRACT, CONTROL_OBJECT_OWNERSHIP_MATRIX, CONTROL_OBJECT_OWNERSHIP_ROWS, CONTROL_OBJECT_OWNER_SCOPES, CustomToolRegistryError, DEFAULT_TIER_APPROVAL_MODE, DEFAULT_WORKFLOW_AUTO_FIX_POLICY, DEFEAT_TYPES, DOMAIN_EVENT_TYPES, DOMAIN_EVENT_VERSION, DeviceAuthorizationError, EDGE_TYPES, EMBEDDINGS_FIELDS, EPISTEMIC_EDGE_TYPES, EPISTEMIC_LAYERS, EVENTING_FIELDS, EVENT_RETENTION_DEFAULT_DAYS, FORK_REASONS, FUNCTION_SURFACE_METHOD_PATHS, GRAPH_ANALYSIS_ANALYSIS_FIELDS, GRAPH_ANALYSIS_COMPUTE_FIELDS, GRAPH_ANALYSIS_SUGGESTION_FIELDS, GRAPH_RECOMMENDATION_FIELDS, GRAPH_STATE_CLASSIFIER_FIELDS, InfisicalRuntimeError, JOBS_FIELDS, JUDGMENT_TYPES, LENS_PERSPECTIVE_TYPES, LENS_STATUSES, LENS_TASK_TEMPLATE_PRIORITIES, LUCERN_SDK_VERSION, LucernAccessControlError, LucernApiError, LucernControlPlaneIdentityError, LucernSdkAuthContextError, MAX_ENTITY_LIMIT, MCP_ALWAYS_ALLOWED_TOOL_NAMES, MERGE_OUTCOMES, MODEL_RUNTIME_FIELDS, MORNING_BRIEF_WORKFLOW_ID, NIGHTLY_RECONCILIATION_WORKFLOW_ID, ONTOLOGY_LINK_FIELDS, ORG_GRAPH_SEARCH_FIELDS, REASONING_METHODS, SESSION_AUTH_MODES, SESSION_LIFECYCLE_STATUSES, SESSION_PRINCIPAL_TYPES, STRUCTURAL_EDGE_TYPES, TELEMETRY_FIELDS, TENANT_IDENTITY_FIELDS, TOOL_REGISTRY_FIELDS, WEBHOOK_MAX_ATTEMPTS, WEBHOOK_RETRY_DELAYS_MS, WORKFLOW_ACTION_KINDS, WORKFLOW_APPROVAL_MODES, WORKFLOW_AUTO_FIX_MODES, WORKFLOW_HOOK_EVENTS, WORKFLOW_INTEGRITY_CHECKS, WORKFLOW_MUTATION_TIERS, WORKFLOW_OUTPUT_KINDS, WORKFLOW_PROOF_ARTIFACT_KINDS, WORKFLOW_RUNTIME_SCHEMA_VERSION, WORKFLOW_RUN_STATUSES, WORKFLOW_STAFFING_HINTS, WORKFLOW_TRIGGER_KINDS, WORKTREE_PHASES, applyInfisicalRuntimeEnv, asListItems, asRecord, assertPermitAllowed, assertValidWebhookSecret, assertValidWebhookUrl, buildDeprecatedBranchMetadata, buildDomainEvent, buildMcpToolContracts, buildMcpToolManifest, clearRegisteredCustomTools, compareEventCursor, compileContextPackFromSnapshot, computeWebhookSignature, createAccessControlClient, createAdminClient, createAnswersClient, createAudiencesClient, createAuditClient, createAuthDeviceClient, createBeliefsClient, createCanonicalAuthHeaders, createContextClient, createContextFacade, createControlPlaneClient, createControlPlaneIdentityClient, createDecisionsClient, createEmbeddingsClient, createEventId, createEventingClient, createEventsClientCore, createEvidenceClient, createFunctionSurfaceClient, createGatewayRequestClient, createGraphAnalysisClient, createGraphClient, createGraphRecommendationsClient, createGraphStateClassifierClient, createHarnessClient, createIdentityClient, createJobsClient, createLearningClient, createListResult, createLucernClient, createModelRuntimeClient, createOntologyClient, createOntologyLinksClient, createOrgGraphSearchClient, createPacksClient, createPolicyClient, createReportsClient, createSchemaClient, createSourcesClient, createTelemetryClient, createToolRegistryClient, createTopicsClient, createWebhooksClientCore, createWorkflowClient, decodeEventCursor, emitDomainEvent, encodeEventCursor, eventPatternToRegExp, formatPermitResource, getControlObjectOwnershipCase, getMcpToolExposure, getRegisteredCustomTool, hydrateInfisicalRuntimeEnv, inferActorType, inferLensPerspectiveTypeFromBranchSchema, inferSessionPrincipalType, invokeRegisteredCustomTool, isAfterCursor, isInfisicalRuntimeDisabled, isLensFilterCriteria, isLucernPrompt, isMcpToolAllowed, isRecord2 as isRecord, isTaxonomyFilterCriteriaV1, lastDelegator, listControlObjectOwnershipCases, listRegisteredCustomTools, mapAliasedList, mapGatewayData, mapOpinionHistoryEntriesFromGatewayData, matchesAnyEventPattern, matchesEventPattern, mcpContractToInputSchema, mcpContractToManifestEntry, migrateBranchToLens, nextDeliveryAttemptAt, normalizeCanonicalLucernAuthContext, normalizeCanonicalPrincipalIdentity, normalizeDelegationChain, normalizeNodeVerificationStatus, normalizeNodeWriteInput, normalizeResolvedInteractivePrincipal, normalizeRetentionDays, normalizeTopicQuery, normalizeWebhookPatterns, opinionFromBaseRate, opinionFromDogmatic, opinionFromProjected, planContextPackCompilation, randomIdempotencyKey, readInfisicalRuntimeBootstrap, registerCustomTool, resolveDeliveryFailureStatus, resolveText, resolveTopicId, sanitizeWebhookRecord, sortEventsByCursor, toQueryString, truncateWebhookResponseBody, unregisterCustomTool, validateFilterCriteria, withSdkAliases, withTextAlias, withTopicAlias };
12259
12442
  //# sourceMappingURL=index.js.map
12260
12443
  //# sourceMappingURL=index.js.map