@lucern/sdk 0.3.0-alpha.17 → 0.3.0-alpha.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (227) hide show
  1. package/CHANGELOG.md +0 -12
  2. package/README.md +4 -110
  3. package/dist/adminClient.d.ts +8 -10
  4. package/dist/adminClient.js +39 -260
  5. package/dist/adminClient.js.map +1 -1
  6. package/dist/answersClient.d.ts +0 -2
  7. package/dist/answersClient.js +11 -239
  8. package/dist/answersClient.js.map +1 -1
  9. package/dist/audience/index.d.ts +1 -2
  10. package/dist/audience/index.js +3 -1
  11. package/dist/audience/index.js.map +1 -1
  12. package/dist/audiencesClient.d.ts +16 -18
  13. package/dist/audiencesClient.js +90 -315
  14. package/dist/audiencesClient.js.map +1 -1
  15. package/dist/auditClient.d.ts +0 -2
  16. package/dist/auditClient.js +15 -245
  17. package/dist/auditClient.js.map +1 -1
  18. package/dist/beliefs/index.d.ts +5 -27
  19. package/dist/beliefs/index.js +1177 -3842
  20. package/dist/beliefs/index.js.map +1 -1
  21. package/dist/beliefsClient.d.ts +2 -4
  22. package/dist/beliefsClient.js +26 -248
  23. package/dist/beliefsClient.js.map +1 -1
  24. package/dist/client-B6aWUUwp.d.ts +2552 -0
  25. package/dist/client.d.ts +27 -3041
  26. package/dist/client.js +1177 -3842
  27. package/dist/client.js.map +1 -1
  28. package/dist/contextClient.d.ts +3 -6
  29. package/dist/contextClient.js +30 -270
  30. package/dist/contextClient.js.map +1 -1
  31. package/dist/contextFacade.js +16 -25
  32. package/dist/contextFacade.js.map +1 -1
  33. package/dist/contextPackCompiler.js +30 -19
  34. package/dist/contextPackCompiler.js.map +1 -1
  35. package/dist/contextPackPolicy.js +17 -7
  36. package/dist/contextPackPolicy.js.map +1 -1
  37. package/dist/contextTypes.d.ts +0 -2
  38. package/dist/contracts/api-enums.contract.d.ts +2 -2
  39. package/dist/contracts/api-enums.contract.js +1 -6
  40. package/dist/contracts/api-enums.contract.js.map +1 -1
  41. package/dist/contracts/auth-session.contract.d.ts +1 -1
  42. package/dist/contracts/auth-session.contract.js +2 -14
  43. package/dist/contracts/auth-session.contract.js.map +1 -1
  44. package/dist/contracts/index.d.ts +0 -1
  45. package/dist/contracts/index.js +7 -134
  46. package/dist/contracts/index.js.map +1 -1
  47. package/dist/contracts/lens-filter.contract.js +3 -4
  48. package/dist/contracts/lens-filter.contract.js.map +1 -1
  49. package/dist/contracts/lens-workflow.contract.js +3 -4
  50. package/dist/contracts/lens-workflow.contract.js.map +1 -1
  51. package/dist/contracts/lensFilter.js +3 -4
  52. package/dist/contracts/lensFilter.js.map +1 -1
  53. package/dist/contracts/lensWorkflow.js +3 -4
  54. package/dist/contracts/lensWorkflow.js.map +1 -1
  55. package/dist/contracts/mcpTools.d.ts +1 -46
  56. package/dist/contracts/mcpTools.js +0 -108
  57. package/dist/contracts/mcpTools.js.map +1 -1
  58. package/dist/contradictions/index.d.ts +4 -26
  59. package/dist/contradictions/index.js +1177 -3842
  60. package/dist/contradictions/index.js.map +1 -1
  61. package/dist/coreClient.d.ts +2 -28
  62. package/dist/coreClient.js +14 -240
  63. package/dist/coreClient.js.map +1 -1
  64. package/dist/decisions/index.d.ts +14 -36
  65. package/dist/decisions/index.js +1177 -3842
  66. package/dist/decisions/index.js.map +1 -1
  67. package/dist/decisionsClient.d.ts +12 -6
  68. package/dist/decisionsClient.js +37 -253
  69. package/dist/decisionsClient.js.map +1 -1
  70. package/dist/edges/index.d.ts +87 -49
  71. package/dist/edges/index.js +1177 -3842
  72. package/dist/edges/index.js.map +1 -1
  73. package/dist/events.js +3 -6
  74. package/dist/events.js.map +1 -1
  75. package/dist/eventsCore.d.ts +1 -3
  76. package/dist/eventsCore.js +14 -240
  77. package/dist/eventsCore.js.map +1 -1
  78. package/dist/evidence/index.d.ts +4 -26
  79. package/dist/evidence/index.js +1177 -3842
  80. package/dist/evidence/index.js.map +1 -1
  81. package/dist/evidenceClient.d.ts +0 -2
  82. package/dist/evidenceClient.js +14 -240
  83. package/dist/evidenceClient.js.map +1 -1
  84. package/dist/facade/context.d.ts +1 -2
  85. package/dist/facade/context.js +16 -25
  86. package/dist/facade/context.js.map +1 -1
  87. package/dist/gatewayFacades.d.ts +46 -90
  88. package/dist/gatewayFacades.js +128 -609
  89. package/dist/gatewayFacades.js.map +1 -1
  90. package/dist/graphClient.d.ts +13 -8
  91. package/dist/graphClient.js +45 -262
  92. package/dist/graphClient.js.map +1 -1
  93. package/dist/harnessClient.d.ts +24 -15
  94. package/dist/harnessClient.js +42 -253
  95. package/dist/harnessClient.js.map +1 -1
  96. package/dist/identityClient.d.ts +11 -115
  97. package/dist/identityClient.js +33 -555
  98. package/dist/identityClient.js.map +1 -1
  99. package/dist/index.d.ts +6 -32
  100. package/dist/index.js +2581 -5826
  101. package/dist/index.js.map +1 -1
  102. package/dist/learningClient.d.ts +6 -8
  103. package/dist/learningClient.js +44 -270
  104. package/dist/learningClient.js.map +1 -1
  105. package/dist/lenses/index.d.ts +38 -78
  106. package/dist/lenses/index.js +1177 -3842
  107. package/dist/lenses/index.js.map +1 -1
  108. package/dist/nodes/index.d.ts +21 -65
  109. package/dist/nodes/index.js +1177 -3842
  110. package/dist/nodes/index.js.map +1 -1
  111. package/dist/ontologies/index.d.ts +32 -55
  112. package/dist/ontologies/index.js +1177 -3842
  113. package/dist/ontologies/index.js.map +1 -1
  114. package/dist/ontologyClient.d.ts +25 -19
  115. package/dist/ontologyClient.js +40 -276
  116. package/dist/ontologyClient.js.map +1 -1
  117. package/dist/packsClient.d.ts +23 -11
  118. package/dist/packsClient.js +46 -252
  119. package/dist/packsClient.js.map +1 -1
  120. package/dist/policyClient.d.ts +10 -13
  121. package/dist/policyClient.js +25 -261
  122. package/dist/policyClient.js.map +1 -1
  123. package/dist/questions/index.d.ts +4 -26
  124. package/dist/questions/index.js +1177 -3842
  125. package/dist/questions/index.js.map +1 -1
  126. package/dist/realtime/index.d.ts +1 -1
  127. package/dist/reportsClient.d.ts +7 -9
  128. package/dist/reportsClient.js +53 -299
  129. package/dist/reportsClient.js.map +1 -1
  130. package/dist/schemaClient.d.ts +3 -5
  131. package/dist/schemaClient.js +29 -253
  132. package/dist/schemaClient.js.map +1 -1
  133. package/dist/sdkSurface.d.ts +3 -8
  134. package/dist/sdkSurface.js +6 -10
  135. package/dist/sdkSurface.js.map +1 -1
  136. package/dist/sourcesClient.d.ts +0 -2
  137. package/dist/sourcesClient.js +14 -240
  138. package/dist/sourcesClient.js.map +1 -1
  139. package/dist/topics/index.d.ts +9 -37
  140. package/dist/topics/index.js +1177 -3844
  141. package/dist/topics/index.js.map +1 -1
  142. package/dist/topicsClient.d.ts +0 -4
  143. package/dist/topicsClient.js +24 -255
  144. package/dist/topicsClient.js.map +1 -1
  145. package/dist/types.d.ts +0 -17
  146. package/dist/version.d.ts +1 -1
  147. package/dist/version.js +1 -1
  148. package/dist/version.js.map +1 -1
  149. package/dist/workflowClient.d.ts +40 -60
  150. package/dist/workflowClient.js +58 -261
  151. package/dist/workflowClient.js.map +1 -1
  152. package/dist/worktrees/index.d.ts +33 -71
  153. package/dist/worktrees/index.js +1177 -3842
  154. package/dist/worktrees/index.js.map +1 -1
  155. package/package.json +3 -17
  156. package/dist/accessControl.d.ts +0 -79
  157. package/dist/accessControl.js +0 -1270
  158. package/dist/accessControl.js.map +0 -1
  159. package/dist/authContext.d.ts +0 -56
  160. package/dist/authContext.js +0 -170
  161. package/dist/authContext.js.map +0 -1
  162. package/dist/authDeviceClient.d.ts +0 -49
  163. package/dist/authDeviceClient.js +0 -121
  164. package/dist/authDeviceClient.js.map +0 -1
  165. package/dist/boundaryClientSurface.d.ts +0 -20
  166. package/dist/boundaryClientSurface.js +0 -73
  167. package/dist/boundaryClientSurface.js.map +0 -1
  168. package/dist/clientHelpers.d.ts +0 -48
  169. package/dist/clientHelpers.js +0 -137
  170. package/dist/clientHelpers.js.map +0 -1
  171. package/dist/control-plane.d.ts +0 -69
  172. package/dist/control-plane.js +0 -674
  173. package/dist/control-plane.js.map +0 -1
  174. package/dist/embeddingsClient.d.ts +0 -106
  175. package/dist/embeddingsClient.js +0 -749
  176. package/dist/embeddingsClient.js.map +0 -1
  177. package/dist/eventingClient.d.ts +0 -96
  178. package/dist/eventingClient.js +0 -746
  179. package/dist/eventingClient.js.map +0 -1
  180. package/dist/functionSurface.d.ts +0 -144
  181. package/dist/functionSurface.js +0 -1227
  182. package/dist/functionSurface.js.map +0 -1
  183. package/dist/functionSurfaceClient.d.ts +0 -8
  184. package/dist/functionSurfaceClient.js +0 -1227
  185. package/dist/functionSurfaceClient.js.map +0 -1
  186. package/dist/graphAnalysisClient.d.ts +0 -192
  187. package/dist/graphAnalysisClient.js +0 -817
  188. package/dist/graphAnalysisClient.js.map +0 -1
  189. package/dist/graphIntel.d.ts +0 -4
  190. package/dist/graphIntel.js +0 -3
  191. package/dist/graphIntel.js.map +0 -1
  192. package/dist/graphIntelligence.d.ts +0 -2
  193. package/dist/graphIntelligence.js +0 -47
  194. package/dist/graphIntelligence.js.map +0 -1
  195. package/dist/graphRecommendationsClient.d.ts +0 -56
  196. package/dist/graphRecommendationsClient.js +0 -682
  197. package/dist/graphRecommendationsClient.js.map +0 -1
  198. package/dist/graphStateClassifierClient.d.ts +0 -73
  199. package/dist/graphStateClassifierClient.js +0 -734
  200. package/dist/graphStateClassifierClient.js.map +0 -1
  201. package/dist/infisicalRuntime.d.ts +0 -43
  202. package/dist/infisicalRuntime.js +0 -346
  203. package/dist/infisicalRuntime.js.map +0 -1
  204. package/dist/jobsClient.d.ts +0 -98
  205. package/dist/jobsClient.js +0 -744
  206. package/dist/jobsClient.js.map +0 -1
  207. package/dist/mcpClient.d.ts +0 -28
  208. package/dist/mcpClient.js +0 -687
  209. package/dist/mcpClient.js.map +0 -1
  210. package/dist/modelRuntimeClient.d.ts +0 -72
  211. package/dist/modelRuntimeClient.js +0 -722
  212. package/dist/modelRuntimeClient.js.map +0 -1
  213. package/dist/ontologyLinksClient.d.ts +0 -71
  214. package/dist/ontologyLinksClient.js +0 -715
  215. package/dist/ontologyLinksClient.js.map +0 -1
  216. package/dist/orgGraphSearchClient.d.ts +0 -85
  217. package/dist/orgGraphSearchClient.js +0 -690
  218. package/dist/orgGraphSearchClient.js.map +0 -1
  219. package/dist/secrets.d.ts +0 -1
  220. package/dist/secrets.js +0 -3
  221. package/dist/secrets.js.map +0 -1
  222. package/dist/telemetryClient.d.ts +0 -94
  223. package/dist/telemetryClient.js +0 -759
  224. package/dist/telemetryClient.js.map +0 -1
  225. package/dist/toolRegistryClient.d.ts +0 -115
  226. package/dist/toolRegistryClient.js +0 -785
  227. package/dist/toolRegistryClient.js.map +0 -1
package/dist/events.js CHANGED
@@ -78,9 +78,6 @@ function fromBase64(value) {
78
78
  const normalized = value.replace(/-/g, "+").replace(/_/g, "/");
79
79
  return decodeURIComponent(escape(atob(normalized)));
80
80
  }
81
- function isRecord(value) {
82
- return Boolean(value) && typeof value === "object" && !Array.isArray(value);
83
- }
84
81
  function createEventId() {
85
82
  const random = typeof globalThis.crypto?.randomUUID === "function" ? globalThis.crypto.randomUUID().replace(/-/g, "") : Array.from(
86
83
  typeof globalThis.crypto?.getRandomValues === "function" ? globalThis.crypto.getRandomValues(new Uint8Array(16)) : Array.from({ length: 16 }, () => Math.floor(Math.random() * 256)),
@@ -129,14 +126,14 @@ function decodeEventCursor(cursor) {
129
126
  }
130
127
  try {
131
128
  const parsed = JSON.parse(fromBase64(cursor.trim()));
132
- if (!isRecord(parsed) || typeof parsed.timestamp !== "number" || !Number.isFinite(parsed.timestamp) || typeof parsed.eventId !== "string" || parsed.eventId.trim().length === 0) {
129
+ if (typeof parsed.timestamp !== "number" || !Number.isFinite(parsed.timestamp) || typeof parsed.eventId !== "string" || parsed.eventId.trim().length === 0) {
133
130
  return null;
134
131
  }
135
132
  return {
136
133
  timestamp: parsed.timestamp,
137
134
  eventId: parsed.eventId.trim()
138
135
  };
139
- } catch (error) {
136
+ } catch {
140
137
  return null;
141
138
  }
142
139
  }
@@ -165,7 +162,7 @@ var LOCALHOST_HOSTS = /* @__PURE__ */ new Set(["localhost", "127.0.0.1", "::1"])
165
162
  function normalizeUrl(url) {
166
163
  try {
167
164
  return new URL(url.trim());
168
- } catch (error) {
165
+ } catch {
169
166
  throw new Error("Webhook URL must be a valid absolute URL.");
170
167
  }
171
168
  }
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/events.ts"],"names":[],"mappings":";AAAO,IAAM,oBAAA,GAAuB;AAC7B,IAAM,4BAAA,GAA+B;AACrC,IAAM,oBAAA,GAAuB;AAC7B,IAAM,uBAAA,GAA0B,CAAC,GAAA,EAAO,GAAA,EAAO,KAAQ,GAAO;AAE9D,IAAM,kBAAA,GAAqB;AAAA,EAChC,gBAAA;AAAA,EACA,eAAA;AAAA,EACA,2BAAA;AAAA,EACA,iBAAA;AAAA,EACA,gBAAA;AAAA,EACA,yBAAA;AAAA,EACA,2BAAA;AAAA,EACA,wBAAA;AAAA,EACA,kBAAA;AAAA,EACA,iBAAA;AAAA,EACA,0BAAA;AAAA,EACA,kBAAA;AAAA,EACA,mBAAA;AAAA,EACA,kBAAA;AAAA,EACA,yBAAA;AAAA,EACA,mBAAA;AAAA,EACA,cAAA;AAAA,EACA,uBAAA;AAAA,EACA,kBAAA;AAAA,EACA,oBAAA;AAAA,EACA,iBAAA;AAAA,EACA,0BAAA;AAAA,EACA,2BAAA;AAAA,EACA,eAAA;AAAA,EACA,eAAA;AAAA,EACA,gBAAA;AAAA,EACA,cAAA;AAAA,EACA,gBAAA;AAAA,EACA,cAAA;AAAA,EACA,gBAAA;AAAA,EACA,kBAAA;AAAA,EACA,sBAAA;AAAA,EACA,sBAAA;AAAA,EACA,sBAAA;AAAA,EACA;AACF;AAiEA,IAAM,iBAAkB,UAAA,CAErB,MAAA;AAEH,IAAM,WAAA,GAAe,WAIlB,OAAA,EAAS,GAAA;AAkIZ,SAAS,YAAY,KAAA,EAAuB;AAC1C,EAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,qBAAA,EAAuB,MAAM,CAAA;AACpD;AAEO,SAAS,qBAAqB,OAAA,EAAyB;AAC5D,EAAA,MAAM,UAAA,GAAa,QAAQ,IAAA,EAAK;AAChC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,IAAI,eAAe,GAAA,EAAK;AACtB,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,MAAM,SAAS,WAAA,CAAY,UAAU,CAAA,CAAE,OAAA,CAAQ,SAAS,IAAI,CAAA;AAC5D,EAAA,OAAO,IAAI,MAAA,CAAO,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,CAAG,CAAA;AACjC;AAEO,SAAS,mBAAA,CACd,WACA,OAAA,EACS;AACT,EAAA,OAAO,qBAAqB,OAAO,CAAA,CAAE,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AAC5D;AAEO,SAAS,sBAAA,CACd,WACA,QAAA,EACS;AACT,EAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AACzB,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,SAAS,IAAA,CAAK,CAAC,YAAY,mBAAA,CAAoB,SAAA,EAAW,OAAO,CAAC,CAAA;AAC3E;AAEA,SAAS,SAAS,KAAA,EAAuB;AACvC,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,eAAe,IAAA,CAAK,KAAA,EAAO,MAAM,CAAA,CAAE,SAAS,WAAW,CAAA;AAAA,EAChE;AACA,EAAA,OAAO,KAAK,QAAA,CAAS,kBAAA,CAAmB,KAAK,CAAC,CAAC,CAAA,CAC5C,OAAA,CAAQ,KAAA,EAAO,GAAG,EAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,QAAQ,EAAE,CAAA;AACvB;AAEA,SAAS,WAAW,KAAA,EAAuB;AACzC,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,eAAe,IAAA,CAAK,KAAA,EAAO,WAAW,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,EAChE;AACA,EAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,OAAO,kBAAA,CAAmB,MAAA,CAAO,IAAA,CAAK,UAAU,CAAC,CAAC,CAAA;AACpD;AAEA,SAAS,SAAS,KAAA,EAAkD;AAClE,EAAA,OAAO,OAAA,CAAQ,KAAK,CAAA,IAAK,OAAO,UAAU,QAAA,IAAY,CAAC,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA;AAC5E;AAEO,SAAS,aAAA,GAAwB;AACtC,EAAA,MAAM,MAAA,GACJ,OAAO,UAAA,CAAW,MAAA,EAAQ,eAAe,UAAA,GACrC,UAAA,CAAW,MAAA,CAAO,UAAA,EAAW,CAAE,OAAA,CAAQ,IAAA,EAAM,EAAE,IAC/C,KAAA,CAAM,IAAA;AAAA,IACJ,OAAO,UAAA,CAAW,MAAA,EAAQ,eAAA,KAAoB,UAAA,GAC1C,UAAA,CAAW,MAAA,CAAO,eAAA,CAAgB,IAAI,UAAA,CAAW,EAAE,CAAC,CAAA,GACpD,MAAM,IAAA,CAAK,EAAE,MAAA,EAAQ,EAAA,EAAG,EAAG,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,MAAA,EAAO,GAAI,GAAG,CAAC,CAAA;AAAA,IACpE,CAAC,UAAU,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG;AAAA,GAC/C,CAAE,KAAK,EAAE,CAAA;AACf,EAAA,OAAO,OAAO,MAAM,CAAA,CAAA;AACtB;AAEO,SAAS,uBAAuB,KAAA,EAAmC;AACxE,EAAA,IAAI,CAAC,OAAO,QAAA,CAAS,KAAK,KAAK,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,IAAS,CAAA,EAAG;AACtE,IAAA,OAAO,4BAAA;AAAA,EACT;AACA,EAAA,OAAO,KAAK,GAAA,CAAI,CAAA,EAAG,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA;AACtC;AAEO,SAAS,iBAAiB,KAAA,EAA4C;AAC3E,EAAA,MAAM,SAAA,GAAY,KAAA,CAAM,SAAA,IAAa,IAAA,CAAK,GAAA,EAAI;AAC9C,EAAA,MAAM,aAAA,GAAgB,sBAAA,CAAuB,KAAA,CAAM,aAAa,CAAA;AAChE,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,KAAA,CAAM,OAAA,EAAS,IAAA,MAAU,aAAA,EAAc;AAAA,IAChD,IAAA,EAAM,KAAA,CAAM,IAAA,CAAK,IAAA,EAAK;AAAA,IACtB,OAAA,EAAS,oBAAA;AAAA,IACT,SAAA;AAAA,IACA,QAAA,EAAU,KAAA,CAAM,QAAA,EAAU,IAAA,EAAK,IAAK,MAAA;AAAA,IACpC,WAAA,EAAa,KAAA,CAAM,WAAA,EAAa,IAAA,EAAK,IAAK,MAAA;AAAA,IAC1C,OAAA,EAAS,KAAA,CAAM,OAAA,CAAQ,IAAA,EAAK;AAAA,IAC5B,UAAA,EAAY,KAAA,CAAM,UAAA,CAAW,IAAA,EAAK;AAAA,IAClC,YAAA,EAAc,KAAA,CAAM,YAAA,CAAa,IAAA,EAAK;AAAA,IACtC,OAAA,EAAS,KAAA,CAAM,OAAA,CAAQ,IAAA,EAAK;AAAA,IAC5B,WAAW,KAAA,CAAM,SAAA;AAAA,IACjB,IAAA,EAAM,KAAA,CAAM,IAAA,IAAQ,EAAC;AAAA,IACrB,aAAA,EAAe,KAAA,CAAM,aAAA,EAAe,IAAA,EAAK,IAAK,MAAA;AAAA,IAC9C,SAAA,EAAW,SAAA,GAAY,aAAA,GAAgB,EAAA,GAAK,KAAK,EAAA,GAAK;AAAA,GACxD;AACF;AAEO,SAAS,kBAAA,CAAmB,MAAmB,KAAA,EAA4B;AAChF,EAAA,IAAI,IAAA,CAAK,SAAA,KAAc,KAAA,CAAM,SAAA,EAAW;AACtC,IAAA,OAAO,IAAA,CAAK,YAAY,KAAA,CAAM,SAAA;AAAA,EAChC;AACA,EAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,aAAA,CAAc,KAAA,CAAM,OAAO,CAAA;AACjD;AAEO,SAAS,kBAAkB,MAAA,EAA6B;AAC7D,EAAA,OAAO,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,MAAM,CAAC,CAAA;AACxC;AAEO,SAAS,kBAAkB,MAAA,EAAgD;AAChF,EAAA,IAAI,CAAC,MAAA,IAAU,MAAA,CAAO,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AACzC,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,MAAM,SAAS,IAAA,CAAK,KAAA,CAAM,WAAW,MAAA,CAAO,IAAA,EAAM,CAAC,CAAA;AACnD,IAAA,IACE,CAAC,SAAS,MAAM,CAAA,IAChB,OAAO,MAAA,CAAO,SAAA,KAAc,QAAA,IAC5B,CAAC,MAAA,CAAO,QAAA,CAAS,OAAO,SAAS,CAAA,IACjC,OAAO,MAAA,CAAO,OAAA,KAAY,QAAA,IAC1B,OAAO,OAAA,CAAQ,IAAA,EAAK,CAAE,MAAA,KAAW,CAAA,EACjC;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO;AAAA,MACL,WAAW,MAAA,CAAO,SAAA;AAAA,MAClB,OAAA,EAAS,MAAA,CAAO,OAAA,CAAQ,IAAA;AAAK,KAC/B;AAAA,EACF,SAAS,KAAA,EAAO;AAEd,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,aAAA,CACd,OACA,MAAA,EACS;AACT,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,kBAAA,CAAmB,KAAA,EAAO,MAAM,CAAA,GAAI,CAAA;AAC7C;AAEO,SAAS,mBACd,MAAA,EACK;AACL,EAAA,OAAO,CAAC,GAAG,MAAM,CAAA,CAAE,IAAA,CAAK,CAAC,IAAA,EAAM,KAAA,KAAU,kBAAA,CAAmB,IAAA,EAAM,KAAK,CAAC,CAAA;AAC1E;AAEO,SAAS,eAAe,IAAA,EAIX;AAClB,EAAA,IAAI,IAAA,CAAK,gBAAgB,OAAA,EAAS;AAChC,IAAA,OAAO,OAAA;AAAA,EACT;AACA,EAAA,IACE,IAAA,CAAK,aAAa,mBAAA,IAClB,IAAA,CAAK,aAAa,gBAAA,IAClB,IAAA,CAAK,kBAAkB,SAAA,EACvB;AACA,IAAA,OAAO,SAAA;AAAA,EACT;AACA,EAAA,OAAO,OAAA;AACT;AAEA,eAAsB,eAAA,CACpB,gBACA,KAAA,EACkB;AAClB,EAAA,OAAO,MAAM,cAAA,CAAe,oBAAA,EAA6B,KAAK,CAAA;AAChE;AAEA,IAAM,kCAAkB,IAAI,GAAA,CAAI,CAAC,WAAA,EAAa,WAAA,EAAa,KAAK,CAAC,CAAA;AAEjE,SAAS,aAAa,GAAA,EAAkB;AACtC,EAAA,IAAI;AACF,IAAA,OAAO,IAAI,GAAA,CAAI,GAAA,CAAI,IAAA,EAAM,CAAA;AAAA,EAC3B,SAAS,KAAA,EAAO;AAEd,IAAA,MAAM,IAAI,MAAM,2CAA2C,CAAA;AAAA,EAC7D;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAqB;AACzD,EAAA,MAAM,MAAA,GAAS,aAAa,GAAG,CAAA;AAC/B,EAAA,MAAM,QAAA,GAAW,MAAA,CAAO,QAAA,CAAS,IAAA,GAAO,WAAA,EAAY;AACpD,EAAA,MAAM,UAAU,WAAA,EAAa,QAAA;AAC7B,EAAA,MAAM,cAAA,GACJ,OAAA,KAAY,MAAA,IAAU,eAAA,CAAgB,IAAI,QAAQ,CAAA;AAEpD,EAAA,IAAI,OAAO,QAAA,KAAa,QAAA,IAAY,EAAE,cAAA,IAAkB,MAAA,CAAO,aAAa,OAAA,CAAA,EAAU;AACpF,IAAA,MAAM,IAAI,MAAM,6BAA6B,CAAA;AAAA,EAC/C;AAEA,EAAA,OAAO,OAAO,QAAA,EAAS;AACzB;AAEO,SAAS,yBAAyB,QAAA,EAAuC;AAC9E,EAAA,MAAM,aAAa,KAAA,CAAM,IAAA;AAAA,IACvB,IAAI,GAAA;AAAA,MACF,QAAA,CACG,GAAA,CAAI,CAAC,OAAA,KAAY,OAAA,CAAQ,IAAA,EAAM,CAAA,CAC/B,MAAA,CAAO,CAAC,OAAA,KAAY,OAAA,CAAQ,SAAS,CAAC;AAAA;AAC3C,GACF;AAEA,EAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,MAAM,iDAAiD,CAAA;AAAA,EACnE;AAEA,EAAA,OAAO,UAAA;AACT;AAEO,SAAS,yBAAyB,MAAA,EAAwB;AAC/D,EAAA,MAAM,UAAA,GAAa,OAAO,IAAA,EAAK;AAC/B,EAAA,IAAI,UAAA,CAAW,SAAS,CAAA,EAAG;AACzB,IAAA,MAAM,IAAI,MAAM,+CAA+C,CAAA;AAAA,EACjE;AACA,EAAA,OAAO,UAAA;AACT;AAEA,eAAsB,uBAAA,CACpB,SACA,MAAA,EACiB;AACjB,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,IAC9B,KAAA;AAAA,IACA,OAAA,CAAQ,OAAO,MAAM,CAAA;AAAA,IACrB,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,MAAM;AAAA,GACT;AACA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,QAAQ,GAAA,EAAK,OAAA,CAAQ,MAAA,CAAO,OAAO,CAAC,CAAA;AAC/E,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,UAAA,CAAW,SAAS,CAAC,CAAA,CACxC,IAAI,CAAC,IAAA,KAAS,KAAK,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAChD,KAAK,EAAE,CAAA;AACZ;AAEO,SAAS,qBAAA,CACd,mBAAA,EACA,GAAA,GAAM,IAAA,CAAK,KAAI,EACK;AACpB,EAAA,IAAI,uBAAuB,oBAAA,EAAsB;AAC/C,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,MAAM,aAAa,mBAAA,GAAsB,CAAA;AACzC,EAAA,MAAM,KAAA,GAAQ,wBAAwB,UAAU,CAAA;AAChD,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,GAAW,GAAA,GAAM,KAAA,GAAQ,MAAA;AACnD;AAEO,SAAS,6BACd,YAAA,EACuB;AACvB,EAAA,OAAO,YAAA,IAAgB,uBAAuB,aAAA,GAAgB,QAAA;AAChE;AAEO,SAAS,sBACd,KAAA,EACe;AACf,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,OAAO,KAAA,CAAM,EAAA,IAAM,MAAM,SAAA,IAAa,KAAA,CAAM,OAAO,EAAE,CAAA;AAAA,IACzD,SAAA,EAAW,OAAO,KAAA,CAAM,SAAA,IAAa,MAAM,EAAA,IAAM,KAAA,CAAM,OAAO,EAAE,CAAA;AAAA,IAChE,QAAA,EACE,OAAO,KAAA,CAAM,QAAA,KAAa,QAAA,IAAY,KAAA,CAAM,QAAA,CAAS,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,GACjE,KAAA,CAAM,QAAA,GACN,MAAA;AAAA,IACN,WAAA,EACE,OAAO,KAAA,CAAM,WAAA,KAAgB,QAAA,IAAY,KAAA,CAAM,WAAA,CAAY,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,GACvE,KAAA,CAAM,WAAA,GACN,MAAA;AAAA,IACN,OAAA,EACE,OAAO,KAAA,CAAM,OAAA,KAAY,QAAA,IAAY,KAAA,CAAM,OAAA,CAAQ,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,GAC/D,KAAA,CAAM,OAAA,GACN,MAAA;AAAA,IACN,GAAA,EAAK,MAAA,CAAO,KAAA,CAAM,GAAA,IAAO,EAAE,CAAA;AAAA,IAC3B,MAAA,EAAQ,MAAM,OAAA,CAAQ,KAAA,CAAM,MAAM,CAAA,GAC9B,KAAA,CAAM,MAAA,CACH,GAAA,CAAI,CAAC,KAAA,KAAW,OAAO,KAAA,KAAU,QAAA,GAAW,MAAM,IAAA,EAAK,GAAI,EAAG,CAAA,CAC9D,MAAA,CAAO,OAAO,CAAA,GACjB,EAAC;AAAA,IACL,MAAA,EAAQ,MAAM,MAAA,KAAW,KAAA;AAAA,IACzB,gBAAA,EAAkB,IAAA;AAAA,IAClB,WAAW,MAAA,CAAO,KAAA,CAAM,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAC/C,SAAA,EAAW,OAAO,KAAA,CAAM,SAAA,IAAa,MAAM,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAClE,SAAA,EAAW,MAAA,CAAO,KAAA,CAAM,SAAA,IAAa,EAAE,CAAA;AAAA,IACvC,WAAW,MAAA,CAAO,KAAA,CAAM,SAAA,IAAa,KAAA,CAAM,aAAa,EAAE,CAAA;AAAA,IAC1D,gBACE,OAAO,KAAA,CAAM,cAAA,KAAmB,QAAA,GAAW,MAAM,cAAA,GAAiB,MAAA;AAAA,IACpE,0BACE,OAAO,KAAA,CAAM,wBAAA,KAA6B,QAAA,GACtC,MAAM,wBAAA,GACN;AAAA,GACR;AACF;AAEO,SAAS,2BAAA,CACd,YAAA,EACA,SAAA,GAAY,GAAA,EACQ;AACpB,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,YAAA,CAAa,UAAU,SAAA,EAAW;AACpC,IAAA,OAAO,YAAA;AAAA,EACT;AACA,EAAA,OAAO,GAAG,YAAA,CAAa,KAAA,CAAM,CAAA,EAAG,SAAA,GAAY,CAAC,CAAC,CAAA,GAAA,CAAA;AAChD","file":"events.js","sourcesContent":["export const DOMAIN_EVENT_VERSION = \"1.0\" as const;\nexport const EVENT_RETENTION_DEFAULT_DAYS = 30;\nexport const WEBHOOK_MAX_ATTEMPTS = 5;\nexport const WEBHOOK_RETRY_DELAYS_MS = [1_000, 5_000, 30_000, 300_000] as const;\n\nexport const DOMAIN_EVENT_TYPES = [\n \"belief.created\",\n \"belief.forked\",\n \"belief.confidence_updated\",\n \"belief.archived\",\n \"belief.refined\",\n \"belief.contract_created\",\n \"belief.contract_evaluated\",\n \"belief.lineage_queried\",\n \"evidence.created\",\n \"evidence.linked\",\n \"evidence.search_executed\",\n \"question.created\",\n \"question.answered\",\n \"question.refined\",\n \"question.status_updated\",\n \"question.archived\",\n \"edge.created\",\n \"contradiction.flagged\",\n \"worktree.created\",\n \"worktree.activated\",\n \"worktree.merged\",\n \"worktree.targets_updated\",\n \"worktree.metadata_updated\",\n \"topic.created\",\n \"topic.updated\",\n \"topic.archived\",\n \"task.created\",\n \"task.completed\",\n \"task.updated\",\n \"ontology.bound\",\n \"context.compiled\",\n \"identity.key_created\",\n \"identity.key_rotated\",\n \"identity.key_revoked\",\n \"webhook.test\",\n] as const;\n\nexport type DomainEventType = (typeof DOMAIN_EVENT_TYPES)[number];\n\nexport type DomainResourceType =\n | \"belief\"\n | \"evidence\"\n | \"question\"\n | \"edge\"\n | \"contradiction\"\n | \"worktree\"\n | \"topic\"\n | \"task\"\n | \"ontology\"\n | \"context\"\n | \"identity\"\n | \"webhook\";\n\nexport type DomainActorType = \"human\" | \"agent\" | \"service\";\nexport type DomainEventData = Record<string, unknown>;\n\nexport type DomainEvent = {\n eventId: string;\n type: DomainEventType | string;\n version: typeof DOMAIN_EVENT_VERSION;\n timestamp: number;\n tenantId?: string;\n workspaceId?: string;\n topicId: string;\n resourceId: string;\n resourceType: DomainResourceType | string;\n actorId: string;\n actorType: DomainActorType;\n data: DomainEventData;\n correlationId?: string;\n expiresAt: number;\n};\n\nexport type CreateDomainEventInput = {\n eventId?: string;\n timestamp?: number;\n tenantId?: string;\n workspaceId?: string;\n topicId: string;\n type: DomainEventType | string;\n resourceId: string;\n resourceType: DomainResourceType | string;\n actorId: string;\n actorType: DomainActorType;\n data?: DomainEventData;\n correlationId?: string;\n retentionDays?: number;\n};\n\nexport type EventCursor = {\n timestamp: number;\n eventId: string;\n};\n\ntype RuntimeBufferLike = {\n from(value: string, encoding: \"utf8\" | \"base64url\"): {\n toString(encoding: \"utf8\" | \"base64url\"): string;\n };\n};\n\nconst RUNTIME_BUFFER = (globalThis as typeof globalThis & {\n Buffer?: RuntimeBufferLike;\n}).Buffer;\n\nconst RUNTIME_ENV = (globalThis as typeof globalThis & {\n process?: {\n env?: Record<string, string | undefined>;\n };\n}).process?.env;\n\nexport type EventListQuery = {\n topicId?: string;\n after?: string;\n types?: string[];\n startTime?: number;\n endTime?: number;\n limit?: number;\n};\n\nexport type EventListResult = {\n events: DomainEvent[];\n nextCursor: string | null;\n};\n\nexport type WebhookSecretMode = \"configured\";\n\nexport type WebhookRecord = {\n id: string;\n webhookId: string;\n tenantId?: string;\n workspaceId?: string;\n topicId?: string;\n url: string;\n events: string[];\n active: boolean;\n secretConfigured: boolean;\n createdAt: number;\n updatedAt: number;\n createdBy: string;\n updatedBy: string;\n lastDeliveryAt?: number;\n lastSuccessfulDeliveryAt?: number;\n};\n\nexport type WebhookCreateInput = {\n url: string;\n events: string[];\n secret: string;\n topicId?: string;\n active?: boolean;\n};\n\nexport type WebhookUpdateInput = {\n url?: string;\n events?: string[];\n secret?: string;\n topicId?: string | null;\n active?: boolean;\n};\n\nexport type WebhookDeliveryStatus =\n | \"pending\"\n | \"delivering\"\n | \"succeeded\"\n | \"failed\"\n | \"dead_letter\";\n\nexport type WebhookDeliveryRecord = {\n id: string;\n deliveryId: string;\n webhookId: string;\n eventId: string;\n eventType: string;\n topicId: string;\n status: WebhookDeliveryStatus;\n attemptCount: number;\n maxAttempts: number;\n nextAttemptAt?: number;\n lastAttemptAt?: number;\n lastStatusCode?: number;\n lastError?: string;\n deliveredAt?: number;\n createdAt: number;\n updatedAt: number;\n};\n\nexport type WebhookDeliveryAttemptRecord = {\n id: string;\n attemptId: string;\n deliveryId: string;\n webhookId: string;\n eventId: string;\n eventType: string;\n attemptNumber: number;\n status: \"succeeded\" | \"failed\";\n statusCode?: number;\n error?: string;\n responseBody?: string;\n durationMs?: number;\n createdAt: number;\n};\n\nexport type WebhookDeliveriesResult = {\n deliveries: Array<\n WebhookDeliveryRecord & {\n attempts?: WebhookDeliveryAttemptRecord[];\n }\n >;\n};\n\nexport type WebhookHealthResult = {\n webhookId: string;\n totalAttempts: number;\n successfulAttempts: number;\n failedAttempts: number;\n successRate: number;\n pendingDeliveries: number;\n deadLetterDeliveries: number;\n lastDeliveryAt?: number;\n lastSuccessfulDeliveryAt?: number;\n};\n\nexport type WebhookTestResult = {\n webhookId: string;\n deliveryId: string;\n status: WebhookDeliveryStatus;\n attempts: number;\n};\n\nexport type ReplayEventsInput = EventListQuery & {\n webhookId?: string;\n};\n\nexport type ReplayEventsResult = EventListResult & {\n replayedDeliveries?: number;\n replayedWebhookId?: string;\n};\n\nfunction escapeRegex(value: string): string {\n return value.replace(/[.*+?^${}()|[\\]\\\\]/g, \"\\\\$&\");\n}\n\nexport function eventPatternToRegExp(pattern: string): RegExp {\n const normalized = pattern.trim();\n if (!normalized) {\n return /^$/;\n }\n if (normalized === \"*\") {\n return /^.*$/;\n }\n const source = escapeRegex(normalized).replace(/\\\\\\*/g, \".*\");\n return new RegExp(`^${source}$`);\n}\n\nexport function matchesEventPattern(\n eventType: string,\n pattern: string\n): boolean {\n return eventPatternToRegExp(pattern).test(eventType.trim());\n}\n\nexport function matchesAnyEventPattern(\n eventType: string,\n patterns: readonly string[]\n): boolean {\n if (patterns.length === 0) {\n return true;\n }\n return patterns.some((pattern) => matchesEventPattern(eventType, pattern));\n}\n\nfunction toBase64(value: string): string {\n if (RUNTIME_BUFFER) {\n return RUNTIME_BUFFER.from(value, \"utf8\").toString(\"base64url\");\n }\n return btoa(unescape(encodeURIComponent(value)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/g, \"\");\n}\n\nfunction fromBase64(value: string): string {\n if (RUNTIME_BUFFER) {\n return RUNTIME_BUFFER.from(value, \"base64url\").toString(\"utf8\");\n }\n const normalized = value.replace(/-/g, \"+\").replace(/_/g, \"/\");\n return decodeURIComponent(escape(atob(normalized)));\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return Boolean(value) && typeof value === \"object\" && !Array.isArray(value);\n}\n\nexport function createEventId(): string {\n const random =\n typeof globalThis.crypto?.randomUUID === \"function\"\n ? globalThis.crypto.randomUUID().replace(/-/g, \"\")\n : Array.from(\n typeof globalThis.crypto?.getRandomValues === \"function\"\n ? globalThis.crypto.getRandomValues(new Uint8Array(16))\n : Array.from({ length: 16 }, () => Math.floor(Math.random() * 256)),\n (value) => value.toString(16).padStart(2, \"0\")\n ).join(\"\");\n return `evt_${random}`;\n}\n\nexport function normalizeRetentionDays(value: number | undefined): number {\n if (!Number.isFinite(value) || typeof value !== \"number\" || value <= 0) {\n return EVENT_RETENTION_DEFAULT_DAYS;\n }\n return Math.max(1, Math.trunc(value));\n}\n\nexport function buildDomainEvent(input: CreateDomainEventInput): DomainEvent {\n const timestamp = input.timestamp ?? Date.now();\n const retentionDays = normalizeRetentionDays(input.retentionDays);\n return {\n eventId: input.eventId?.trim() || createEventId(),\n type: input.type.trim(),\n version: DOMAIN_EVENT_VERSION,\n timestamp,\n tenantId: input.tenantId?.trim() || undefined,\n workspaceId: input.workspaceId?.trim() || undefined,\n topicId: input.topicId.trim(),\n resourceId: input.resourceId.trim(),\n resourceType: input.resourceType.trim(),\n actorId: input.actorId.trim(),\n actorType: input.actorType,\n data: input.data ?? {},\n correlationId: input.correlationId?.trim() || undefined,\n expiresAt: timestamp + retentionDays * 24 * 60 * 60 * 1000,\n };\n}\n\nexport function compareEventCursor(left: EventCursor, right: EventCursor): number {\n if (left.timestamp !== right.timestamp) {\n return left.timestamp - right.timestamp;\n }\n return left.eventId.localeCompare(right.eventId);\n}\n\nexport function encodeEventCursor(cursor: EventCursor): string {\n return toBase64(JSON.stringify(cursor));\n}\n\nexport function decodeEventCursor(cursor: string | undefined): EventCursor | null {\n if (!cursor || cursor.trim().length === 0) {\n return null;\n }\n try {\n const parsed = JSON.parse(fromBase64(cursor.trim()));\n if (\n !isRecord(parsed) ||\n typeof parsed.timestamp !== \"number\" ||\n !Number.isFinite(parsed.timestamp) ||\n typeof parsed.eventId !== \"string\" ||\n parsed.eventId.trim().length === 0\n ) {\n return null;\n }\n return {\n timestamp: parsed.timestamp,\n eventId: parsed.eventId.trim(),\n };\n } catch (error) {\n void error;\n return null;\n }\n}\n\nexport function isAfterCursor(\n event: Pick<DomainEvent, \"timestamp\" | \"eventId\">,\n cursor: EventCursor | null\n): boolean {\n if (!cursor) {\n return true;\n }\n return compareEventCursor(event, cursor) > 0;\n}\n\nexport function sortEventsByCursor<T extends Pick<DomainEvent, \"timestamp\" | \"eventId\">>(\n events: readonly T[]\n): T[] {\n return [...events].sort((left, right) => compareEventCursor(left, right));\n}\n\nexport function inferActorType(args: {\n sessionType?: \"agent\" | \"user\";\n authMode?: string;\n principalType?: string;\n}): DomainActorType {\n if (args.sessionType === \"agent\") {\n return \"agent\";\n }\n if (\n args.authMode === \"service_principal\" ||\n args.authMode === \"tenant_api_key\" ||\n args.principalType === \"service\"\n ) {\n return \"service\";\n }\n return \"human\";\n}\n\nexport async function emitDomainEvent(\n invokeMutation: (reference: any, args: CreateDomainEventInput) => Promise<unknown>,\n input: CreateDomainEventInput\n): Promise<unknown> {\n return await invokeMutation(\"events:recordEvent\" as any, input);\n}\n\nconst LOCALHOST_HOSTS = new Set([\"localhost\", \"127.0.0.1\", \"::1\"]);\n\nfunction normalizeUrl(url: string): URL {\n try {\n return new URL(url.trim());\n } catch (error) {\n void error;\n throw new Error(\"Webhook URL must be a valid absolute URL.\");\n }\n}\n\nexport function assertValidWebhookUrl(url: string): string {\n const parsed = normalizeUrl(url);\n const hostname = parsed.hostname.trim().toLowerCase();\n const nodeEnv = RUNTIME_ENV?.NODE_ENV;\n const allowLocalHttp =\n nodeEnv === \"test\" || LOCALHOST_HOSTS.has(hostname);\n\n if (parsed.protocol !== \"https:\" && !(allowLocalHttp && parsed.protocol === \"http:\")) {\n throw new Error(\"Webhook URL must use HTTPS.\");\n }\n\n return parsed.toString();\n}\n\nexport function normalizeWebhookPatterns(patterns: readonly string[]): string[] {\n const normalized = Array.from(\n new Set(\n patterns\n .map((pattern) => pattern.trim())\n .filter((pattern) => pattern.length > 0)\n )\n );\n\n if (normalized.length === 0) {\n throw new Error(\"At least one webhook event pattern is required.\");\n }\n\n return normalized;\n}\n\nexport function assertValidWebhookSecret(secret: string): string {\n const normalized = secret.trim();\n if (normalized.length < 8) {\n throw new Error(\"Webhook secret must be at least 8 characters.\");\n }\n return normalized;\n}\n\nexport async function computeWebhookSignature(\n payload: string,\n secret: string\n): Promise<string> {\n const encoder = new TextEncoder();\n const key = await crypto.subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n const signature = await crypto.subtle.sign(\"HMAC\", key, encoder.encode(payload));\n return Array.from(new Uint8Array(signature))\n .map((byte) => byte.toString(16).padStart(2, \"0\"))\n .join(\"\");\n}\n\nexport function nextDeliveryAttemptAt(\n currentAttemptCount: number,\n now = Date.now()\n): number | undefined {\n if (currentAttemptCount >= WEBHOOK_MAX_ATTEMPTS) {\n return undefined;\n }\n const retryIndex = currentAttemptCount - 1;\n const delay = WEBHOOK_RETRY_DELAYS_MS[retryIndex];\n return typeof delay === \"number\" ? now + delay : undefined;\n}\n\nexport function resolveDeliveryFailureStatus(\n attemptCount: number\n): WebhookDeliveryStatus {\n return attemptCount >= WEBHOOK_MAX_ATTEMPTS ? \"dead_letter\" : \"failed\";\n}\n\nexport function sanitizeWebhookRecord(\n value: Record<string, unknown>\n): WebhookRecord {\n return {\n id: String(value.id ?? value.webhookId ?? value._id ?? \"\"),\n webhookId: String(value.webhookId ?? value.id ?? value._id ?? \"\"),\n tenantId:\n typeof value.tenantId === \"string\" && value.tenantId.trim().length > 0\n ? value.tenantId\n : undefined,\n workspaceId:\n typeof value.workspaceId === \"string\" && value.workspaceId.trim().length > 0\n ? value.workspaceId\n : undefined,\n topicId:\n typeof value.topicId === \"string\" && value.topicId.trim().length > 0\n ? value.topicId\n : undefined,\n url: String(value.url ?? \"\"),\n events: Array.isArray(value.events)\n ? value.events\n .map((entry) => (typeof entry === \"string\" ? entry.trim() : \"\"))\n .filter(Boolean)\n : [],\n active: value.active !== false,\n secretConfigured: true,\n createdAt: Number(value.createdAt ?? Date.now()),\n updatedAt: Number(value.updatedAt ?? value.createdAt ?? Date.now()),\n createdBy: String(value.createdBy ?? \"\"),\n updatedBy: String(value.updatedBy ?? value.createdBy ?? \"\"),\n lastDeliveryAt:\n typeof value.lastDeliveryAt === \"number\" ? value.lastDeliveryAt : undefined,\n lastSuccessfulDeliveryAt:\n typeof value.lastSuccessfulDeliveryAt === \"number\"\n ? value.lastSuccessfulDeliveryAt\n : undefined,\n };\n}\n\nexport function truncateWebhookResponseBody(\n responseBody: string | undefined,\n maxLength = 2_000\n): string | undefined {\n if (!responseBody) {\n return undefined;\n }\n if (responseBody.length <= maxLength) {\n return responseBody;\n }\n return `${responseBody.slice(0, maxLength - 3)}...`;\n}\n"]}
1
+ {"version":3,"sources":["../src/events.ts"],"names":[],"mappings":";AAAO,IAAM,oBAAA,GAAuB;AAC7B,IAAM,4BAAA,GAA+B;AACrC,IAAM,oBAAA,GAAuB;AAC7B,IAAM,uBAAA,GAA0B,CAAC,GAAA,EAAO,GAAA,EAAO,KAAQ,GAAO;AAE9D,IAAM,kBAAA,GAAqB;AAAA,EAChC,gBAAA;AAAA,EACA,eAAA;AAAA,EACA,2BAAA;AAAA,EACA,iBAAA;AAAA,EACA,gBAAA;AAAA,EACA,yBAAA;AAAA,EACA,2BAAA;AAAA,EACA,wBAAA;AAAA,EACA,kBAAA;AAAA,EACA,iBAAA;AAAA,EACA,0BAAA;AAAA,EACA,kBAAA;AAAA,EACA,mBAAA;AAAA,EACA,kBAAA;AAAA,EACA,yBAAA;AAAA,EACA,mBAAA;AAAA,EACA,cAAA;AAAA,EACA,uBAAA;AAAA,EACA,kBAAA;AAAA,EACA,oBAAA;AAAA,EACA,iBAAA;AAAA,EACA,0BAAA;AAAA,EACA,2BAAA;AAAA,EACA,eAAA;AAAA,EACA,eAAA;AAAA,EACA,gBAAA;AAAA,EACA,cAAA;AAAA,EACA,gBAAA;AAAA,EACA,cAAA;AAAA,EACA,gBAAA;AAAA,EACA,kBAAA;AAAA,EACA,sBAAA;AAAA,EACA,sBAAA;AAAA,EACA,sBAAA;AAAA,EACA;AACF;AAiEA,IAAM,iBAAkB,UAAA,CAErB,MAAA;AAEH,IAAM,WAAA,GAAe,WAIlB,OAAA,EAAS,GAAA;AAkIZ,SAAS,YAAY,KAAA,EAAuB;AAC1C,EAAA,OAAO,KAAA,CAAM,OAAA,CAAQ,qBAAA,EAAuB,MAAM,CAAA;AACpD;AAEO,SAAS,qBAAqB,OAAA,EAAyB;AAC5D,EAAA,MAAM,UAAA,GAAa,QAAQ,IAAA,EAAK;AAChC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,IAAI,eAAe,GAAA,EAAK;AACtB,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,MAAM,SAAS,WAAA,CAAY,UAAU,CAAA,CAAE,OAAA,CAAQ,SAAS,IAAI,CAAA;AAC5D,EAAA,OAAO,IAAI,MAAA,CAAO,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA,CAAG,CAAA;AACjC;AAEO,SAAS,mBAAA,CACd,WACA,OAAA,EACS;AACT,EAAA,OAAO,qBAAqB,OAAO,CAAA,CAAE,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AAC5D;AAEO,SAAS,sBAAA,CACd,WACA,QAAA,EACS;AACT,EAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AACzB,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,SAAS,IAAA,CAAK,CAAC,YAAY,mBAAA,CAAoB,SAAA,EAAW,OAAO,CAAC,CAAA;AAC3E;AAEA,SAAS,SAAS,KAAA,EAAuB;AACvC,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,eAAe,IAAA,CAAK,KAAA,EAAO,MAAM,CAAA,CAAE,SAAS,WAAW,CAAA;AAAA,EAChE;AACA,EAAA,OAAO,KAAK,QAAA,CAAS,kBAAA,CAAmB,KAAK,CAAC,CAAC,CAAA,CAC5C,OAAA,CAAQ,KAAA,EAAO,GAAG,EAClB,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAClB,OAAA,CAAQ,QAAQ,EAAE,CAAA;AACvB;AAEA,SAAS,WAAW,KAAA,EAAuB;AACzC,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,eAAe,IAAA,CAAK,KAAA,EAAO,WAAW,CAAA,CAAE,SAAS,MAAM,CAAA;AAAA,EAChE;AACA,EAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,OAAO,kBAAA,CAAmB,MAAA,CAAO,IAAA,CAAK,UAAU,CAAC,CAAC,CAAA;AACpD;AAEO,SAAS,aAAA,GAAwB;AACtC,EAAA,MAAM,MAAA,GACJ,OAAO,UAAA,CAAW,MAAA,EAAQ,eAAe,UAAA,GACrC,UAAA,CAAW,MAAA,CAAO,UAAA,EAAW,CAAE,OAAA,CAAQ,IAAA,EAAM,EAAE,IAC/C,KAAA,CAAM,IAAA;AAAA,IACJ,OAAO,UAAA,CAAW,MAAA,EAAQ,eAAA,KAAoB,UAAA,GAC1C,UAAA,CAAW,MAAA,CAAO,eAAA,CAAgB,IAAI,UAAA,CAAW,EAAE,CAAC,CAAA,GACpD,MAAM,IAAA,CAAK,EAAE,MAAA,EAAQ,EAAA,EAAG,EAAG,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,MAAA,EAAO,GAAI,GAAG,CAAC,CAAA;AAAA,IACpE,CAAC,UAAU,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG;AAAA,GAC/C,CAAE,KAAK,EAAE,CAAA;AACf,EAAA,OAAO,OAAO,MAAM,CAAA,CAAA;AACtB;AAEO,SAAS,uBAAuB,KAAA,EAAmC;AACxE,EAAA,IAAI,CAAC,OAAO,QAAA,CAAS,KAAK,KAAK,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,IAAS,CAAA,EAAG;AACtE,IAAA,OAAO,4BAAA;AAAA,EACT;AACA,EAAA,OAAO,KAAK,GAAA,CAAI,CAAA,EAAG,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA;AACtC;AAEO,SAAS,iBAAiB,KAAA,EAA4C;AAC3E,EAAA,MAAM,SAAA,GAAY,KAAA,CAAM,SAAA,IAAa,IAAA,CAAK,GAAA,EAAI;AAC9C,EAAA,MAAM,aAAA,GAAgB,sBAAA,CAAuB,KAAA,CAAM,aAAa,CAAA;AAChE,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,KAAA,CAAM,OAAA,EAAS,IAAA,MAAU,aAAA,EAAc;AAAA,IAChD,IAAA,EAAM,KAAA,CAAM,IAAA,CAAK,IAAA,EAAK;AAAA,IACtB,OAAA,EAAS,oBAAA;AAAA,IACT,SAAA;AAAA,IACA,QAAA,EAAU,KAAA,CAAM,QAAA,EAAU,IAAA,EAAK,IAAK,MAAA;AAAA,IACpC,WAAA,EAAa,KAAA,CAAM,WAAA,EAAa,IAAA,EAAK,IAAK,MAAA;AAAA,IAC1C,OAAA,EAAS,KAAA,CAAM,OAAA,CAAQ,IAAA,EAAK;AAAA,IAC5B,UAAA,EAAY,KAAA,CAAM,UAAA,CAAW,IAAA,EAAK;AAAA,IAClC,YAAA,EAAc,KAAA,CAAM,YAAA,CAAa,IAAA,EAAK;AAAA,IACtC,OAAA,EAAS,KAAA,CAAM,OAAA,CAAQ,IAAA,EAAK;AAAA,IAC5B,WAAW,KAAA,CAAM,SAAA;AAAA,IACjB,IAAA,EAAM,KAAA,CAAM,IAAA,IAAQ,EAAC;AAAA,IACrB,aAAA,EAAe,KAAA,CAAM,aAAA,EAAe,IAAA,EAAK,IAAK,MAAA;AAAA,IAC9C,SAAA,EAAW,SAAA,GAAY,aAAA,GAAgB,EAAA,GAAK,KAAK,EAAA,GAAK;AAAA,GACxD;AACF;AAEO,SAAS,kBAAA,CAAmB,MAAmB,KAAA,EAA4B;AAChF,EAAA,IAAI,IAAA,CAAK,SAAA,KAAc,KAAA,CAAM,SAAA,EAAW;AACtC,IAAA,OAAO,IAAA,CAAK,YAAY,KAAA,CAAM,SAAA;AAAA,EAChC;AACA,EAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,aAAA,CAAc,KAAA,CAAM,OAAO,CAAA;AACjD;AAEO,SAAS,kBAAkB,MAAA,EAA6B;AAC7D,EAAA,OAAO,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,MAAM,CAAC,CAAA;AACxC;AAEO,SAAS,kBAAkB,MAAA,EAAgD;AAChF,EAAA,IAAI,CAAC,MAAA,IAAU,MAAA,CAAO,IAAA,EAAK,CAAE,WAAW,CAAA,EAAG;AACzC,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,IAAI;AACF,IAAA,MAAM,SAAS,IAAA,CAAK,KAAA,CAAM,WAAW,MAAA,CAAO,IAAA,EAAM,CAAC,CAAA;AACnD,IAAA,IACE,OAAO,MAAA,CAAO,SAAA,KAAc,YAC5B,CAAC,MAAA,CAAO,SAAS,MAAA,CAAO,SAAS,KACjC,OAAO,MAAA,CAAO,YAAY,QAAA,IAC1B,MAAA,CAAO,QAAQ,IAAA,EAAK,CAAE,WAAW,CAAA,EACjC;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO;AAAA,MACL,WAAW,MAAA,CAAO,SAAA;AAAA,MAClB,OAAA,EAAS,MAAA,CAAO,OAAA,CAAQ,IAAA;AAAK,KAC/B;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAEO,SAAS,aAAA,CACd,OACA,MAAA,EACS;AACT,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,kBAAA,CAAmB,KAAA,EAAO,MAAM,CAAA,GAAI,CAAA;AAC7C;AAEO,SAAS,mBACd,MAAA,EACK;AACL,EAAA,OAAO,CAAC,GAAG,MAAM,CAAA,CAAE,IAAA,CAAK,CAAC,IAAA,EAAM,KAAA,KAAU,kBAAA,CAAmB,IAAA,EAAM,KAAK,CAAC,CAAA;AAC1E;AAEO,SAAS,eAAe,IAAA,EAIX;AAClB,EAAA,IAAI,IAAA,CAAK,gBAAgB,OAAA,EAAS;AAChC,IAAA,OAAO,OAAA;AAAA,EACT;AACA,EAAA,IACE,IAAA,CAAK,aAAa,mBAAA,IAClB,IAAA,CAAK,aAAa,gBAAA,IAClB,IAAA,CAAK,kBAAkB,SAAA,EACvB;AACA,IAAA,OAAO,SAAA;AAAA,EACT;AACA,EAAA,OAAO,OAAA;AACT;AAEA,eAAsB,eAAA,CACpB,gBACA,KAAA,EACkB;AAClB,EAAA,OAAO,MAAM,cAAA,CAAe,oBAAA,EAA6B,KAAK,CAAA;AAChE;AAEA,IAAM,kCAAkB,IAAI,GAAA,CAAI,CAAC,WAAA,EAAa,WAAA,EAAa,KAAK,CAAC,CAAA;AAEjE,SAAS,aAAa,GAAA,EAAkB;AACtC,EAAA,IAAI;AACF,IAAA,OAAO,IAAI,GAAA,CAAI,GAAA,CAAI,IAAA,EAAM,CAAA;AAAA,EAC3B,CAAA,CAAA,MAAQ;AACN,IAAA,MAAM,IAAI,MAAM,2CAA2C,CAAA;AAAA,EAC7D;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAqB;AACzD,EAAA,MAAM,MAAA,GAAS,aAAa,GAAG,CAAA;AAC/B,EAAA,MAAM,QAAA,GAAW,MAAA,CAAO,QAAA,CAAS,IAAA,GAAO,WAAA,EAAY;AACpD,EAAA,MAAM,UAAU,WAAA,EAAa,QAAA;AAC7B,EAAA,MAAM,cAAA,GACJ,OAAA,KAAY,MAAA,IAAU,eAAA,CAAgB,IAAI,QAAQ,CAAA;AAEpD,EAAA,IAAI,OAAO,QAAA,KAAa,QAAA,IAAY,EAAE,cAAA,IAAkB,MAAA,CAAO,aAAa,OAAA,CAAA,EAAU;AACpF,IAAA,MAAM,IAAI,MAAM,6BAA6B,CAAA;AAAA,EAC/C;AAEA,EAAA,OAAO,OAAO,QAAA,EAAS;AACzB;AAEO,SAAS,yBAAyB,QAAA,EAAuC;AAC9E,EAAA,MAAM,aAAa,KAAA,CAAM,IAAA;AAAA,IACvB,IAAI,GAAA;AAAA,MACF,QAAA,CACG,GAAA,CAAI,CAAC,OAAA,KAAY,OAAA,CAAQ,IAAA,EAAM,CAAA,CAC/B,MAAA,CAAO,CAAC,OAAA,KAAY,OAAA,CAAQ,SAAS,CAAC;AAAA;AAC3C,GACF;AAEA,EAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,IAAA,MAAM,IAAI,MAAM,iDAAiD,CAAA;AAAA,EACnE;AAEA,EAAA,OAAO,UAAA;AACT;AAEO,SAAS,yBAAyB,MAAA,EAAwB;AAC/D,EAAA,MAAM,UAAA,GAAa,OAAO,IAAA,EAAK;AAC/B,EAAA,IAAI,UAAA,CAAW,SAAS,CAAA,EAAG;AACzB,IAAA,MAAM,IAAI,MAAM,+CAA+C,CAAA;AAAA,EACjE;AACA,EAAA,OAAO,UAAA;AACT;AAEA,eAAsB,uBAAA,CACpB,SACA,MAAA,EACiB;AACjB,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,GAAA,GAAM,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,IAC9B,KAAA;AAAA,IACA,OAAA,CAAQ,OAAO,MAAM,CAAA;AAAA,IACrB,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,IAChC,KAAA;AAAA,IACA,CAAC,MAAM;AAAA,GACT;AACA,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,QAAQ,GAAA,EAAK,OAAA,CAAQ,MAAA,CAAO,OAAO,CAAC,CAAA;AAC/E,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,UAAA,CAAW,SAAS,CAAC,CAAA,CACxC,IAAI,CAAC,IAAA,KAAS,KAAK,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAChD,KAAK,EAAE,CAAA;AACZ;AAEO,SAAS,qBAAA,CACd,mBAAA,EACA,GAAA,GAAM,IAAA,CAAK,KAAI,EACK;AACpB,EAAA,IAAI,uBAAuB,oBAAA,EAAsB;AAC/C,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,MAAM,aAAa,mBAAA,GAAsB,CAAA;AACzC,EAAA,MAAM,KAAA,GAAQ,wBAAwB,UAAU,CAAA;AAChD,EAAA,OAAO,OAAO,KAAA,KAAU,QAAA,GAAW,GAAA,GAAM,KAAA,GAAQ,MAAA;AACnD;AAEO,SAAS,6BACd,YAAA,EACuB;AACvB,EAAA,OAAO,YAAA,IAAgB,uBAAuB,aAAA,GAAgB,QAAA;AAChE;AAEO,SAAS,sBACd,KAAA,EACe;AACf,EAAA,OAAO;AAAA,IACL,EAAA,EAAI,OAAO,KAAA,CAAM,EAAA,IAAM,MAAM,SAAA,IAAa,KAAA,CAAM,OAAO,EAAE,CAAA;AAAA,IACzD,SAAA,EAAW,OAAO,KAAA,CAAM,SAAA,IAAa,MAAM,EAAA,IAAM,KAAA,CAAM,OAAO,EAAE,CAAA;AAAA,IAChE,QAAA,EACE,OAAO,KAAA,CAAM,QAAA,KAAa,QAAA,IAAY,KAAA,CAAM,QAAA,CAAS,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,GACjE,KAAA,CAAM,QAAA,GACN,MAAA;AAAA,IACN,WAAA,EACE,OAAO,KAAA,CAAM,WAAA,KAAgB,QAAA,IAAY,KAAA,CAAM,WAAA,CAAY,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,GACvE,KAAA,CAAM,WAAA,GACN,MAAA;AAAA,IACN,OAAA,EACE,OAAO,KAAA,CAAM,OAAA,KAAY,QAAA,IAAY,KAAA,CAAM,OAAA,CAAQ,IAAA,EAAK,CAAE,MAAA,GAAS,CAAA,GAC/D,KAAA,CAAM,OAAA,GACN,MAAA;AAAA,IACN,GAAA,EAAK,MAAA,CAAO,KAAA,CAAM,GAAA,IAAO,EAAE,CAAA;AAAA,IAC3B,MAAA,EAAQ,MAAM,OAAA,CAAQ,KAAA,CAAM,MAAM,CAAA,GAC9B,KAAA,CAAM,MAAA,CACH,GAAA,CAAI,CAAC,KAAA,KAAW,OAAO,KAAA,KAAU,QAAA,GAAW,MAAM,IAAA,EAAK,GAAI,EAAG,CAAA,CAC9D,MAAA,CAAO,OAAO,CAAA,GACjB,EAAC;AAAA,IACL,MAAA,EAAQ,MAAM,MAAA,KAAW,KAAA;AAAA,IACzB,gBAAA,EAAkB,IAAA;AAAA,IAClB,WAAW,MAAA,CAAO,KAAA,CAAM,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAC/C,SAAA,EAAW,OAAO,KAAA,CAAM,SAAA,IAAa,MAAM,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAClE,SAAA,EAAW,MAAA,CAAO,KAAA,CAAM,SAAA,IAAa,EAAE,CAAA;AAAA,IACvC,WAAW,MAAA,CAAO,KAAA,CAAM,SAAA,IAAa,KAAA,CAAM,aAAa,EAAE,CAAA;AAAA,IAC1D,gBACE,OAAO,KAAA,CAAM,cAAA,KAAmB,QAAA,GAAW,MAAM,cAAA,GAAiB,MAAA;AAAA,IACpE,0BACE,OAAO,KAAA,CAAM,wBAAA,KAA6B,QAAA,GACtC,MAAM,wBAAA,GACN;AAAA,GACR;AACF;AAEO,SAAS,2BAAA,CACd,YAAA,EACA,SAAA,GAAY,GAAA,EACQ;AACpB,EAAA,IAAI,CAAC,YAAA,EAAc;AACjB,IAAA,OAAO,MAAA;AAAA,EACT;AACA,EAAA,IAAI,YAAA,CAAa,UAAU,SAAA,EAAW;AACpC,IAAA,OAAO,YAAA;AAAA,EACT;AACA,EAAA,OAAO,GAAG,YAAA,CAAa,KAAA,CAAM,CAAA,EAAG,SAAA,GAAY,CAAC,CAAC,CAAA,GAAA,CAAA;AAChD","file":"events.js","sourcesContent":["export const DOMAIN_EVENT_VERSION = \"1.0\" as const;\nexport const EVENT_RETENTION_DEFAULT_DAYS = 30;\nexport const WEBHOOK_MAX_ATTEMPTS = 5;\nexport const WEBHOOK_RETRY_DELAYS_MS = [1_000, 5_000, 30_000, 300_000] as const;\n\nexport const DOMAIN_EVENT_TYPES = [\n \"belief.created\",\n \"belief.forked\",\n \"belief.confidence_updated\",\n \"belief.archived\",\n \"belief.refined\",\n \"belief.contract_created\",\n \"belief.contract_evaluated\",\n \"belief.lineage_queried\",\n \"evidence.created\",\n \"evidence.linked\",\n \"evidence.search_executed\",\n \"question.created\",\n \"question.answered\",\n \"question.refined\",\n \"question.status_updated\",\n \"question.archived\",\n \"edge.created\",\n \"contradiction.flagged\",\n \"worktree.created\",\n \"worktree.activated\",\n \"worktree.merged\",\n \"worktree.targets_updated\",\n \"worktree.metadata_updated\",\n \"topic.created\",\n \"topic.updated\",\n \"topic.archived\",\n \"task.created\",\n \"task.completed\",\n \"task.updated\",\n \"ontology.bound\",\n \"context.compiled\",\n \"identity.key_created\",\n \"identity.key_rotated\",\n \"identity.key_revoked\",\n \"webhook.test\",\n] as const;\n\nexport type DomainEventType = (typeof DOMAIN_EVENT_TYPES)[number];\n\nexport type DomainResourceType =\n | \"belief\"\n | \"evidence\"\n | \"question\"\n | \"edge\"\n | \"contradiction\"\n | \"worktree\"\n | \"topic\"\n | \"task\"\n | \"ontology\"\n | \"context\"\n | \"identity\"\n | \"webhook\";\n\nexport type DomainActorType = \"human\" | \"agent\" | \"service\";\nexport type DomainEventData = Record<string, unknown>;\n\nexport type DomainEvent = {\n eventId: string;\n type: DomainEventType | string;\n version: typeof DOMAIN_EVENT_VERSION;\n timestamp: number;\n tenantId?: string;\n workspaceId?: string;\n topicId: string;\n resourceId: string;\n resourceType: DomainResourceType | string;\n actorId: string;\n actorType: DomainActorType;\n data: DomainEventData;\n correlationId?: string;\n expiresAt: number;\n};\n\nexport type CreateDomainEventInput = {\n eventId?: string;\n timestamp?: number;\n tenantId?: string;\n workspaceId?: string;\n topicId: string;\n type: DomainEventType | string;\n resourceId: string;\n resourceType: DomainResourceType | string;\n actorId: string;\n actorType: DomainActorType;\n data?: DomainEventData;\n correlationId?: string;\n retentionDays?: number;\n};\n\nexport type EventCursor = {\n timestamp: number;\n eventId: string;\n};\n\ntype RuntimeBufferLike = {\n from(value: string, encoding: \"utf8\" | \"base64url\"): {\n toString(encoding: \"utf8\" | \"base64url\"): string;\n };\n};\n\nconst RUNTIME_BUFFER = (globalThis as typeof globalThis & {\n Buffer?: RuntimeBufferLike;\n}).Buffer;\n\nconst RUNTIME_ENV = (globalThis as typeof globalThis & {\n process?: {\n env?: Record<string, string | undefined>;\n };\n}).process?.env;\n\nexport type EventListQuery = {\n topicId?: string;\n after?: string;\n types?: string[];\n startTime?: number;\n endTime?: number;\n limit?: number;\n};\n\nexport type EventListResult = {\n events: DomainEvent[];\n nextCursor: string | null;\n};\n\nexport type WebhookSecretMode = \"configured\";\n\nexport type WebhookRecord = {\n id: string;\n webhookId: string;\n tenantId?: string;\n workspaceId?: string;\n topicId?: string;\n url: string;\n events: string[];\n active: boolean;\n secretConfigured: boolean;\n createdAt: number;\n updatedAt: number;\n createdBy: string;\n updatedBy: string;\n lastDeliveryAt?: number;\n lastSuccessfulDeliveryAt?: number;\n};\n\nexport type WebhookCreateInput = {\n url: string;\n events: string[];\n secret: string;\n topicId?: string;\n active?: boolean;\n};\n\nexport type WebhookUpdateInput = {\n url?: string;\n events?: string[];\n secret?: string;\n topicId?: string | null;\n active?: boolean;\n};\n\nexport type WebhookDeliveryStatus =\n | \"pending\"\n | \"delivering\"\n | \"succeeded\"\n | \"failed\"\n | \"dead_letter\";\n\nexport type WebhookDeliveryRecord = {\n id: string;\n deliveryId: string;\n webhookId: string;\n eventId: string;\n eventType: string;\n topicId: string;\n status: WebhookDeliveryStatus;\n attemptCount: number;\n maxAttempts: number;\n nextAttemptAt?: number;\n lastAttemptAt?: number;\n lastStatusCode?: number;\n lastError?: string;\n deliveredAt?: number;\n createdAt: number;\n updatedAt: number;\n};\n\nexport type WebhookDeliveryAttemptRecord = {\n id: string;\n attemptId: string;\n deliveryId: string;\n webhookId: string;\n eventId: string;\n eventType: string;\n attemptNumber: number;\n status: \"succeeded\" | \"failed\";\n statusCode?: number;\n error?: string;\n responseBody?: string;\n durationMs?: number;\n createdAt: number;\n};\n\nexport type WebhookDeliveriesResult = {\n deliveries: Array<\n WebhookDeliveryRecord & {\n attempts?: WebhookDeliveryAttemptRecord[];\n }\n >;\n};\n\nexport type WebhookHealthResult = {\n webhookId: string;\n totalAttempts: number;\n successfulAttempts: number;\n failedAttempts: number;\n successRate: number;\n pendingDeliveries: number;\n deadLetterDeliveries: number;\n lastDeliveryAt?: number;\n lastSuccessfulDeliveryAt?: number;\n};\n\nexport type WebhookTestResult = {\n webhookId: string;\n deliveryId: string;\n status: WebhookDeliveryStatus;\n attempts: number;\n};\n\nexport type ReplayEventsInput = EventListQuery & {\n webhookId?: string;\n};\n\nexport type ReplayEventsResult = EventListResult & {\n replayedDeliveries?: number;\n replayedWebhookId?: string;\n};\n\nfunction escapeRegex(value: string): string {\n return value.replace(/[.*+?^${}()|[\\]\\\\]/g, \"\\\\$&\");\n}\n\nexport function eventPatternToRegExp(pattern: string): RegExp {\n const normalized = pattern.trim();\n if (!normalized) {\n return /^$/;\n }\n if (normalized === \"*\") {\n return /^.*$/;\n }\n const source = escapeRegex(normalized).replace(/\\\\\\*/g, \".*\");\n return new RegExp(`^${source}$`);\n}\n\nexport function matchesEventPattern(\n eventType: string,\n pattern: string\n): boolean {\n return eventPatternToRegExp(pattern).test(eventType.trim());\n}\n\nexport function matchesAnyEventPattern(\n eventType: string,\n patterns: readonly string[]\n): boolean {\n if (patterns.length === 0) {\n return true;\n }\n return patterns.some((pattern) => matchesEventPattern(eventType, pattern));\n}\n\nfunction toBase64(value: string): string {\n if (RUNTIME_BUFFER) {\n return RUNTIME_BUFFER.from(value, \"utf8\").toString(\"base64url\");\n }\n return btoa(unescape(encodeURIComponent(value)))\n .replace(/\\+/g, \"-\")\n .replace(/\\//g, \"_\")\n .replace(/=+$/g, \"\");\n}\n\nfunction fromBase64(value: string): string {\n if (RUNTIME_BUFFER) {\n return RUNTIME_BUFFER.from(value, \"base64url\").toString(\"utf8\");\n }\n const normalized = value.replace(/-/g, \"+\").replace(/_/g, \"/\");\n return decodeURIComponent(escape(atob(normalized)));\n}\n\nexport function createEventId(): string {\n const random =\n typeof globalThis.crypto?.randomUUID === \"function\"\n ? globalThis.crypto.randomUUID().replace(/-/g, \"\")\n : Array.from(\n typeof globalThis.crypto?.getRandomValues === \"function\"\n ? globalThis.crypto.getRandomValues(new Uint8Array(16))\n : Array.from({ length: 16 }, () => Math.floor(Math.random() * 256)),\n (value) => value.toString(16).padStart(2, \"0\")\n ).join(\"\");\n return `evt_${random}`;\n}\n\nexport function normalizeRetentionDays(value: number | undefined): number {\n if (!Number.isFinite(value) || typeof value !== \"number\" || value <= 0) {\n return EVENT_RETENTION_DEFAULT_DAYS;\n }\n return Math.max(1, Math.trunc(value));\n}\n\nexport function buildDomainEvent(input: CreateDomainEventInput): DomainEvent {\n const timestamp = input.timestamp ?? Date.now();\n const retentionDays = normalizeRetentionDays(input.retentionDays);\n return {\n eventId: input.eventId?.trim() || createEventId(),\n type: input.type.trim(),\n version: DOMAIN_EVENT_VERSION,\n timestamp,\n tenantId: input.tenantId?.trim() || undefined,\n workspaceId: input.workspaceId?.trim() || undefined,\n topicId: input.topicId.trim(),\n resourceId: input.resourceId.trim(),\n resourceType: input.resourceType.trim(),\n actorId: input.actorId.trim(),\n actorType: input.actorType,\n data: input.data ?? {},\n correlationId: input.correlationId?.trim() || undefined,\n expiresAt: timestamp + retentionDays * 24 * 60 * 60 * 1000,\n };\n}\n\nexport function compareEventCursor(left: EventCursor, right: EventCursor): number {\n if (left.timestamp !== right.timestamp) {\n return left.timestamp - right.timestamp;\n }\n return left.eventId.localeCompare(right.eventId);\n}\n\nexport function encodeEventCursor(cursor: EventCursor): string {\n return toBase64(JSON.stringify(cursor));\n}\n\nexport function decodeEventCursor(cursor: string | undefined): EventCursor | null {\n if (!cursor || cursor.trim().length === 0) {\n return null;\n }\n try {\n const parsed = JSON.parse(fromBase64(cursor.trim())) as Partial<EventCursor>;\n if (\n typeof parsed.timestamp !== \"number\" ||\n !Number.isFinite(parsed.timestamp) ||\n typeof parsed.eventId !== \"string\" ||\n parsed.eventId.trim().length === 0\n ) {\n return null;\n }\n return {\n timestamp: parsed.timestamp,\n eventId: parsed.eventId.trim(),\n };\n } catch {\n return null;\n }\n}\n\nexport function isAfterCursor(\n event: Pick<DomainEvent, \"timestamp\" | \"eventId\">,\n cursor: EventCursor | null\n): boolean {\n if (!cursor) {\n return true;\n }\n return compareEventCursor(event, cursor) > 0;\n}\n\nexport function sortEventsByCursor<T extends Pick<DomainEvent, \"timestamp\" | \"eventId\">>(\n events: readonly T[]\n): T[] {\n return [...events].sort((left, right) => compareEventCursor(left, right));\n}\n\nexport function inferActorType(args: {\n sessionType?: \"agent\" | \"user\";\n authMode?: string;\n principalType?: string;\n}): DomainActorType {\n if (args.sessionType === \"agent\") {\n return \"agent\";\n }\n if (\n args.authMode === \"service_principal\" ||\n args.authMode === \"tenant_api_key\" ||\n args.principalType === \"service\"\n ) {\n return \"service\";\n }\n return \"human\";\n}\n\nexport async function emitDomainEvent(\n invokeMutation: (reference: any, args: CreateDomainEventInput) => Promise<unknown>,\n input: CreateDomainEventInput\n): Promise<unknown> {\n return await invokeMutation(\"events:recordEvent\" as any, input);\n}\n\nconst LOCALHOST_HOSTS = new Set([\"localhost\", \"127.0.0.1\", \"::1\"]);\n\nfunction normalizeUrl(url: string): URL {\n try {\n return new URL(url.trim());\n } catch {\n throw new Error(\"Webhook URL must be a valid absolute URL.\");\n }\n}\n\nexport function assertValidWebhookUrl(url: string): string {\n const parsed = normalizeUrl(url);\n const hostname = parsed.hostname.trim().toLowerCase();\n const nodeEnv = RUNTIME_ENV?.NODE_ENV;\n const allowLocalHttp =\n nodeEnv === \"test\" || LOCALHOST_HOSTS.has(hostname);\n\n if (parsed.protocol !== \"https:\" && !(allowLocalHttp && parsed.protocol === \"http:\")) {\n throw new Error(\"Webhook URL must use HTTPS.\");\n }\n\n return parsed.toString();\n}\n\nexport function normalizeWebhookPatterns(patterns: readonly string[]): string[] {\n const normalized = Array.from(\n new Set(\n patterns\n .map((pattern) => pattern.trim())\n .filter((pattern) => pattern.length > 0)\n )\n );\n\n if (normalized.length === 0) {\n throw new Error(\"At least one webhook event pattern is required.\");\n }\n\n return normalized;\n}\n\nexport function assertValidWebhookSecret(secret: string): string {\n const normalized = secret.trim();\n if (normalized.length < 8) {\n throw new Error(\"Webhook secret must be at least 8 characters.\");\n }\n return normalized;\n}\n\nexport async function computeWebhookSignature(\n payload: string,\n secret: string\n): Promise<string> {\n const encoder = new TextEncoder();\n const key = await crypto.subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n const signature = await crypto.subtle.sign(\"HMAC\", key, encoder.encode(payload));\n return Array.from(new Uint8Array(signature))\n .map((byte) => byte.toString(16).padStart(2, \"0\"))\n .join(\"\");\n}\n\nexport function nextDeliveryAttemptAt(\n currentAttemptCount: number,\n now = Date.now()\n): number | undefined {\n if (currentAttemptCount >= WEBHOOK_MAX_ATTEMPTS) {\n return undefined;\n }\n const retryIndex = currentAttemptCount - 1;\n const delay = WEBHOOK_RETRY_DELAYS_MS[retryIndex];\n return typeof delay === \"number\" ? now + delay : undefined;\n}\n\nexport function resolveDeliveryFailureStatus(\n attemptCount: number\n): WebhookDeliveryStatus {\n return attemptCount >= WEBHOOK_MAX_ATTEMPTS ? \"dead_letter\" : \"failed\";\n}\n\nexport function sanitizeWebhookRecord(\n value: Record<string, unknown>\n): WebhookRecord {\n return {\n id: String(value.id ?? value.webhookId ?? value._id ?? \"\"),\n webhookId: String(value.webhookId ?? value.id ?? value._id ?? \"\"),\n tenantId:\n typeof value.tenantId === \"string\" && value.tenantId.trim().length > 0\n ? value.tenantId\n : undefined,\n workspaceId:\n typeof value.workspaceId === \"string\" && value.workspaceId.trim().length > 0\n ? value.workspaceId\n : undefined,\n topicId:\n typeof value.topicId === \"string\" && value.topicId.trim().length > 0\n ? value.topicId\n : undefined,\n url: String(value.url ?? \"\"),\n events: Array.isArray(value.events)\n ? value.events\n .map((entry) => (typeof entry === \"string\" ? entry.trim() : \"\"))\n .filter(Boolean)\n : [],\n active: value.active !== false,\n secretConfigured: true,\n createdAt: Number(value.createdAt ?? Date.now()),\n updatedAt: Number(value.updatedAt ?? value.createdAt ?? Date.now()),\n createdBy: String(value.createdBy ?? \"\"),\n updatedBy: String(value.updatedBy ?? value.createdBy ?? \"\"),\n lastDeliveryAt:\n typeof value.lastDeliveryAt === \"number\" ? value.lastDeliveryAt : undefined,\n lastSuccessfulDeliveryAt:\n typeof value.lastSuccessfulDeliveryAt === \"number\"\n ? value.lastSuccessfulDeliveryAt\n : undefined,\n };\n}\n\nexport function truncateWebhookResponseBody(\n responseBody: string | undefined,\n maxLength = 2_000\n): string | undefined {\n if (!responseBody) {\n return undefined;\n }\n if (responseBody.length <= maxLength) {\n return responseBody;\n }\n return `${responseBody.slice(0, maxLength - 3)}...`;\n}\n"]}
@@ -1,7 +1,5 @@
1
1
  import { GatewayClientConfig, PlatformGatewaySuccess } from './coreClient.js';
2
- import { EventListResult, ReplayEventsResult, WebhookRecord, WebhookDeliveriesResult, WebhookHealthResult, WebhookTestResult, EventListQuery, ReplayEventsInput, WebhookCreateInput, WebhookUpdateInput } from './events.js';
3
- import './authContext.js';
4
- import './contracts/auth-session.contract.js';
2
+ import { EventListResult, ReplayEventsResult, WebhookRecord, WebhookTestResult, WebhookDeliveriesResult, WebhookHealthResult, EventListQuery, ReplayEventsInput, WebhookCreateInput, WebhookUpdateInput } from './events.js';
5
3
  import './types.js';
6
4
  import './contracts/workflow-runtime.contract.js';
7
5
  import './contracts/lens-workflow.contract.js';
@@ -1,170 +1,3 @@
1
- // src/authContext.ts
2
- var LucernSdkAuthContextError = class extends Error {
3
- reason;
4
- constructor(reason, message) {
5
- super(message);
6
- this.name = "LucernSdkAuthContextError";
7
- this.reason = reason;
8
- }
9
- };
10
- function cleanString(value) {
11
- const normalized = value?.trim();
12
- return normalized ? normalized : void 0;
13
- }
14
- function cleanStringList(values) {
15
- if (!values) {
16
- return [];
17
- }
18
- return values.map((value) => value.trim()).filter(
19
- (value, index, list) => value.length > 0 && list.indexOf(value) === index
20
- );
21
- }
22
- function requireString(value, reason, label) {
23
- const normalized = cleanString(value);
24
- if (!normalized) {
25
- throw new LucernSdkAuthContextError(
26
- reason,
27
- `Canonical Lucern SDK auth context is missing ${label}.`
28
- );
29
- }
30
- return normalized;
31
- }
32
- function requirePrincipalType(principalType) {
33
- if (!principalType) {
34
- throw new LucernSdkAuthContextError(
35
- "principal_missing",
36
- "Canonical Lucern SDK auth context is missing principalType."
37
- );
38
- }
39
- return principalType;
40
- }
41
- function requireAuthMode(authMode) {
42
- if (!authMode) {
43
- throw new LucernSdkAuthContextError(
44
- "principal_missing",
45
- "Canonical Lucern SDK auth context is missing authMode."
46
- );
47
- }
48
- return authMode;
49
- }
50
- function ensurePermitMatch(args) {
51
- const actual = cleanString(args.actual);
52
- if (actual && actual !== args.expected) {
53
- throw new LucernSdkAuthContextError(
54
- "policy_denied",
55
- `Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`
56
- );
57
- }
58
- }
59
- function normalizeCanonicalLucernAuthContext(input) {
60
- if (!input) {
61
- throw new LucernSdkAuthContextError(
62
- "principal_missing",
63
- "Canonical Lucern SDK auth context is required."
64
- );
65
- }
66
- if (input.policyDecision === "deny") {
67
- throw new LucernSdkAuthContextError(
68
- "policy_denied",
69
- "Canonical Lucern SDK auth context carries a denied policy decision."
70
- );
71
- }
72
- const principalId = requireString(
73
- input.principalId,
74
- "principal_missing",
75
- "principalId"
76
- );
77
- const tenantId = requireString(input.tenantId, "tenant_missing", "tenantId");
78
- const workspaceId = requireString(
79
- input.workspaceId,
80
- "workspace_missing",
81
- "workspaceId"
82
- );
83
- const roles = cleanStringList(input.roles);
84
- const scopes = cleanStringList(input.scopes);
85
- const principalType = requirePrincipalType(input.principalType);
86
- const authMode = requireAuthMode(input.authMode);
87
- const roleBasedInteractiveAuth = authMode === "interactive_user" && roles.length > 0;
88
- if (roles.length === 0 || scopes.length === 0 && !roleBasedInteractiveAuth) {
89
- throw new LucernSdkAuthContextError(
90
- "membership_missing",
91
- "Canonical Lucern SDK auth context requires non-empty roles and scopes."
92
- );
93
- }
94
- const subject = cleanString(input.permit?.subject) ?? principalId;
95
- const tenant = cleanString(input.permit?.tenant) ?? tenantId;
96
- const workspace = cleanString(input.permit?.workspace) ?? workspaceId;
97
- ensurePermitMatch({
98
- field: "subject",
99
- expected: principalId,
100
- actual: subject
101
- });
102
- ensurePermitMatch({ field: "tenant", expected: tenantId, actual: tenant });
103
- ensurePermitMatch({
104
- field: "workspace",
105
- expected: workspaceId,
106
- actual: workspace
107
- });
108
- const context = input.permit?.context ? { ...input.permit.context } : void 0;
109
- return {
110
- clerkId: cleanString(input.clerkId),
111
- principalId,
112
- tenantId,
113
- workspaceId,
114
- principalType,
115
- authMode,
116
- roles,
117
- scopes,
118
- delegationChain: input.delegationChain ? [...input.delegationChain] : [],
119
- policyTraceId: cleanString(input.policyTraceId),
120
- correlationId: cleanString(input.correlationId),
121
- membershipId: cleanString(input.membershipId),
122
- permit: {
123
- subject,
124
- tenant,
125
- workspace,
126
- resource: cleanString(input.permit?.resource),
127
- action: cleanString(input.permit?.action),
128
- relation: cleanString(input.permit?.relation),
129
- context
130
- }
131
- };
132
- }
133
- function createCanonicalAuthHeaders(authContext) {
134
- const headers = {
135
- "x-lucern-principal-id": authContext.principalId,
136
- "x-lucern-principal-type": authContext.principalType,
137
- "x-lucern-tenant": authContext.tenantId,
138
- "x-lucern-tenant-id": authContext.tenantId,
139
- "x-lucern-workspace": authContext.workspaceId,
140
- "x-lucern-workspace-id": authContext.workspaceId,
141
- "x-lucern-auth-mode": authContext.authMode,
142
- "x-lucern-roles": authContext.roles.join(","),
143
- "x-lucern-scopes": authContext.scopes.join(","),
144
- "x-lucern-permit-context": JSON.stringify(authContext.permit)
145
- };
146
- if (authContext.clerkId) {
147
- headers["x-lucern-clerk-id"] = authContext.clerkId;
148
- headers["x-lucern-user-id"] = authContext.clerkId;
149
- }
150
- if (authContext.delegationChain.length > 0) {
151
- headers["x-lucern-delegation-chain"] = JSON.stringify(
152
- authContext.delegationChain
153
- );
154
- }
155
- if (authContext.policyTraceId) {
156
- headers["x-lucern-policy-trace-id"] = authContext.policyTraceId;
157
- }
158
- if (authContext.correlationId) {
159
- headers["x-correlation-id"] = authContext.correlationId;
160
- headers["x-lucern-correlation-id"] = authContext.correlationId;
161
- }
162
- if (authContext.membershipId) {
163
- headers["x-lucern-membership-id"] = authContext.membershipId;
164
- }
165
- return headers;
166
- }
167
-
168
1
  // src/coreClient.ts
169
2
  var LucernApiError = class extends Error {
170
3
  code;
@@ -232,7 +65,9 @@ function generatePortableRequestId() {
232
65
  8
233
66
  ).join("")}-${hex.slice(8, 10).join("")}-${hex.slice(10).join("")}`;
234
67
  }
235
- var randomIdempotencyKey = generatePortableRequestId;
68
+ function randomIdempotencyKey() {
69
+ return generatePortableRequestId();
70
+ }
236
71
  function isRetryableStatus(status) {
237
72
  return status >= 500 || status === 408 || status === 429;
238
73
  }
@@ -297,11 +132,8 @@ function timeoutError(timeoutMs) {
297
132
  error.name = "AbortError";
298
133
  return error;
299
134
  }
300
- function isRecord(value) {
301
- return value !== null && typeof value === "object" && !Array.isArray(value);
302
- }
303
135
  function readPolicySummaryFromDetails(details) {
304
- if (!isRecord(details)) {
136
+ if (!details || typeof details !== "object" || Array.isArray(details)) {
305
137
  return null;
306
138
  }
307
139
  const directSummary = details.summary;
@@ -309,11 +141,11 @@ function readPolicySummaryFromDetails(details) {
309
141
  return directSummary.trim();
310
142
  }
311
143
  const policy = details.policy;
312
- if (!isRecord(policy)) {
144
+ if (!policy || typeof policy !== "object" || Array.isArray(policy)) {
313
145
  return null;
314
146
  }
315
147
  const explanation = policy.explanation;
316
- if (!isRecord(explanation)) {
148
+ if (!explanation || typeof explanation !== "object" || Array.isArray(explanation)) {
317
149
  return null;
318
150
  }
319
151
  const nestedSummary = explanation.summary;
@@ -322,59 +154,16 @@ function readPolicySummaryFromDetails(details) {
322
154
  }
323
155
  return null;
324
156
  }
325
- async function resolveConfiguredAuthContext(authContext) {
326
- if (typeof authContext === "function") {
327
- return await authContext();
328
- }
329
- return authContext;
330
- }
331
- function mergeHeaderRecord(base, addition) {
332
- const headers = new Headers(base);
333
- for (const [key, value] of Object.entries(addition)) {
334
- const existing = headers.get(key);
335
- if (existing !== null && existing !== value) {
336
- throw new LucernSdkAuthContextError(
337
- "policy_denied",
338
- `Canonical Lucern SDK auth context conflicts with existing ${key} header.`
339
- );
340
- }
341
- headers.set(key, value);
342
- }
343
- return Object.fromEntries(headers.entries());
344
- }
345
- function cleanHeaderValue(value) {
346
- const normalized = value?.trim();
347
- return normalized ? normalized : void 0;
348
- }
349
157
  function createGatewayRequestClient(config = {}) {
350
158
  const fetchImpl = config.fetchImpl ?? fetch;
351
159
  const baseUrl = config.baseUrl?.replace(/\/+$/, "") ?? "";
352
160
  const maxRetries = config.maxRetries ?? 2;
353
161
  const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
354
162
  async function resolveAuthHeaders() {
355
- const provided = config.getAuthHeaders ? await config.getAuthHeaders() : {};
356
- const headers = new Headers(provided);
357
- const setIfAbsent = (name, value) => {
358
- const normalized = cleanHeaderValue(value);
359
- if (normalized && !headers.has(name)) {
360
- headers.set(name, normalized);
361
- }
362
- };
363
- setIfAbsent("x-lucern-key", config.apiKey);
364
- setIfAbsent("x-lucern-session-token", config.userToken);
365
- setIfAbsent("x-lucern-environment", config.environment);
366
- setIfAbsent("x-lucern-clerk-id", config.clerkId);
367
- setIfAbsent("x-lucern-user-id", config.userId ?? config.clerkId);
368
- setIfAbsent("x-lucern-deployment-host", config.deploymentHost);
369
- const base = Object.fromEntries(headers.entries());
370
- const authContextInput = await resolveConfiguredAuthContext(
371
- config.authContext
372
- );
373
- if (!authContextInput && !config.requireCanonicalAuthContext) {
374
- return base;
163
+ if (!config.getAuthHeaders) {
164
+ return {};
375
165
  }
376
- const authContext = normalizeCanonicalLucernAuthContext(authContextInput);
377
- return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));
166
+ return await config.getAuthHeaders();
378
167
  }
379
168
  async function fetchWithTimeout(url, init, timeoutMs) {
380
169
  const controller = new AbortController();
@@ -395,11 +184,11 @@ function createGatewayRequestClient(config = {}) {
395
184
  if (!text) {
396
185
  return null;
397
186
  }
398
- const parsed = tryParseGatewayEnvelopeJson(text);
399
- if (!parsed.ok) {
187
+ try {
188
+ return JSON.parse(text);
189
+ } catch {
400
190
  return null;
401
191
  }
402
- return isRecord(parsed.value) ? parsed.value : null;
403
192
  }
404
193
  function resolveTimeoutMs(method, requestTimeoutMs) {
405
194
  if (typeof requestTimeoutMs === "number") {
@@ -411,31 +200,16 @@ function createGatewayRequestClient(config = {}) {
411
200
  }
412
201
  return config.timeoutMs ?? 15e3;
413
202
  }
414
- function tryParseGatewayEnvelopeJson(text) {
415
- const trimmed = text.trim();
416
- if (!trimmed.startsWith("{") && !trimmed.startsWith("[")) {
417
- return { ok: false, reason: "non-json" };
418
- }
419
- try {
420
- return { ok: true, value: JSON.parse(trimmed) };
421
- } catch (error) {
422
- if (error instanceof SyntaxError) {
423
- return { ok: false, reason: "invalid-json", error };
424
- }
425
- throw error;
426
- }
427
- }
428
203
  function buildApiError(args) {
429
204
  const failure = args.failure;
430
- const legacyError = failure && isRecord(failure.error) ? failure.error : failure?.legacyError;
205
+ const legacyError = failure && typeof failure.error === "object" && failure.error !== null ? failure.error : failure?.legacyError;
431
206
  const correlationId = failure?.correlationId ?? args.response.headers.get("x-lucern-correlation-id")?.trim() ?? args.requestId;
432
207
  const policyTraceId = failure?.policyTraceId ?? args.response.headers.get("x-lucern-policy-trace-id")?.trim() ?? null;
433
208
  const details = failure?.details ?? legacyError?.details;
434
209
  const policySummary = readPolicySummaryFromDetails(details);
435
- const failureMessage = typeof failure?.error === "string" ? failure.error : legacyError?.message;
436
210
  return new LucernApiError({
437
211
  code: failure?.code ?? legacyError?.code ?? fallbackErrorCode(args.response.status),
438
- message: policySummary ?? failureMessage ?? (args.response.ok ? "Platform API returned an invalid success payload." : "Platform API request failed."),
212
+ message: policySummary ?? (typeof failure?.error === "string" ? failure.error : legacyError?.message ?? (args.response.ok ? "Platform API returned an invalid success payload." : "Platform API request failed.")),
439
213
  status: args.response.status,
440
214
  invariant: failure?.invariant,
441
215
  suggestion: failure?.suggestion,