@lucern/sdk 1.0.11 → 1.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +10 -0
- package/README.md +24 -27
- package/dist/.generated +2 -0
- package/dist/accessControl.d.ts +19 -26
- package/dist/accessControl.js +195 -1423
- package/dist/adminClient.d.ts +52 -59
- package/dist/adminClient.js +364 -1142
- package/dist/answersClient.d.ts +5 -14
- package/dist/answersClient.js +19 -737
- package/dist/audience/index.d.ts +18 -18
- package/dist/audience/index.js +87 -90
- package/dist/audiencesClient.d.ts +19 -27
- package/dist/audiencesClient.js +107 -868
- package/dist/auditClient.d.ts +8 -15
- package/dist/auditClient.js +18 -791
- package/dist/authContext.d.ts +11 -16
- package/dist/authContext.js +122 -154
- package/dist/authDeviceClient.d.ts +8 -17
- package/dist/authDeviceClient.js +113 -102
- package/dist/beliefs/index.d.ts +16 -67
- package/dist/beliefs/index.js +20 -10181
- package/dist/beliefs/lifecycle.d.ts +10 -11
- package/dist/beliefs/lifecycle.js +78 -80
- package/dist/beliefsClient.d.ts +30 -35
- package/dist/beliefsClient.js +238 -994
- package/dist/boundaryClientSurface.d.ts +11 -16
- package/dist/boundaryClientSurface.js +49 -68
- package/dist/client.d.ts +82 -113
- package/dist/client.js +232 -10155
- package/dist/clientAssemblyTypes.d.ts +3 -3
- package/dist/clientAssemblyTypes.js +1 -2
- package/dist/clientConfig.d.ts +45 -59
- package/dist/clientConfig.js +1 -2
- package/dist/clientEvidenceCompat.d.ts +24 -14
- package/dist/clientEvidenceCompat.js +56 -64
- package/dist/clientGraphNamespaces.d.ts +3 -5
- package/dist/clientGraphNamespaces.js +170 -245
- package/dist/clientHelpers.d.ts +20 -25
- package/dist/clientHelpers.js +104 -127
- package/dist/clientKnowledgeNamespaces.d.ts +24 -54
- package/dist/clientKnowledgeNamespaces.js +506 -506
- package/dist/clientLocalHelpers.d.ts +11 -56
- package/dist/clientLocalHelpers.js +503 -732
- package/dist/clientPlatformNamespaces.d.ts +5 -53
- package/dist/clientPlatformNamespaces.js +229 -323
- package/dist/clientRuntime.d.ts +5 -53
- package/dist/clientRuntime.js +26 -30
- package/dist/clientWorkflowNamespaces.d.ts +6 -15
- package/dist/clientWorkflowNamespaces.js +529 -596
- package/dist/contextClient.d.ts +9 -17
- package/dist/contextClient.js +92 -805
- package/dist/contextFacade.d.ts +11 -2
- package/dist/contextFacade.js +10 -81
- package/dist/contextPackCompiler.d.ts +10 -11
- package/dist/contextPackCompiler.js +494 -1040
- package/dist/contextPackPolicy.d.ts +14 -15
- package/dist/contextPackPolicy.js +227 -305
- package/dist/contextPackSchema.d.ts +3 -3
- package/dist/contextPackSchema.js +169 -176
- package/dist/contextTypes.d.ts +14 -15
- package/dist/contextTypes.js +1 -2
- package/dist/contracts/api-enums.contract.d.ts +29 -30
- package/dist/contracts/api-enums.contract.js +162 -88
- package/dist/contracts/auth-session.contract.d.ts +13 -14
- package/dist/contracts/auth-session.contract.js +55 -52
- package/dist/contracts/context-pack.contract.d.ts +54 -55
- package/dist/contracts/context-pack.contract.js +160 -88
- package/dist/contracts/contextPack.d.ts +2 -1
- package/dist/contracts/contextPack.js +1 -97
- package/dist/contracts/index.d.ts +11 -12
- package/dist/contracts/index.js +10 -854
- package/dist/contracts/lens-filter.contract.d.ts +9 -10
- package/dist/contracts/lens-filter.contract.js +82 -58
- package/dist/contracts/lens-workflow.contract.d.ts +21 -23
- package/dist/contracts/lens-workflow.contract.js +48 -117
- package/dist/contracts/lensFilter.d.ts +2 -1
- package/dist/contracts/lensFilter.js +1 -71
- package/dist/contracts/lensWorkflow.d.ts +2 -2
- package/dist/contracts/lensWorkflow.js +1 -123
- package/dist/contracts/mcpTools.d.ts +16 -18
- package/dist/contracts/mcpTools.js +89 -123
- package/dist/contracts/prompt.contract.d.ts +4 -5
- package/dist/contracts/prompt.contract.js +23 -10
- package/dist/contracts/prompt.d.ts +2 -1
- package/dist/contracts/prompt.js +1 -11
- package/dist/contracts/sdk-tools.contract.d.ts +2 -1
- package/dist/contracts/sdk-tools.contract.js +1 -2
- package/dist/contracts/sdkTools.d.ts +2 -1
- package/dist/contracts/sdkTools.js +1 -26
- package/dist/contracts/tool-contracts.d.ts +2 -1
- package/dist/contracts/tool-contracts.js +1 -2
- package/dist/contracts/workflow-runtime.contract.d.ts +45 -46
- package/dist/contracts/workflow-runtime.contract.js +241 -228
- package/dist/contracts/workflowRuntime.d.ts +2 -1
- package/dist/contracts/workflowRuntime.js +1 -244
- package/dist/contradictions/index.d.ts +8 -60
- package/dist/contradictions/index.js +11 -10175
- package/dist/control-plane.d.ts +17 -24
- package/dist/control-plane.js +124 -840
- package/dist/controlObjectOwnership.d.ts +19 -20
- package/dist/controlObjectOwnership.js +207 -201
- package/dist/coreClient.d.ts +23 -28
- package/dist/coreClient.js +567 -692
- package/dist/customTools.d.ts +17 -21
- package/dist/customTools.js +221 -221
- package/dist/decisions/index.d.ts +7 -58
- package/dist/decisions/index.js +14 -10177
- package/dist/decisionsClient.d.ts +25 -32
- package/dist/decisionsClient.js +113 -913
- package/dist/domainContext.d.ts +2 -1
- package/dist/domainContext.js +1 -2
- package/dist/edges/index.d.ts +21 -73
- package/dist/edges/index.js +12 -10176
- package/dist/embeddingsClient.d.ts +22 -30
- package/dist/embeddingsClient.js +73 -922
- package/dist/eventingClient.d.ts +23 -31
- package/dist/eventingClient.js +89 -918
- package/dist/events.d.ts +48 -49
- package/dist/events.js +257 -241
- package/dist/eventsCore.d.ts +20 -29
- package/dist/eventsCore.js +86 -830
- package/dist/evidence/index.d.ts +42 -61
- package/dist/evidence/index.js +13 -10176
- package/dist/evidenceClient.d.ts +13 -22
- package/dist/evidenceClient.js +34 -751
- package/dist/facade/context.d.ts +7 -8
- package/dist/facade/context.js +73 -72
- package/dist/functionSurface.d.ts +2 -156
- package/dist/functionSurface.js +1 -1460
- package/dist/functionSurfaceClient.d.ts +2 -9
- package/dist/functionSurfaceClient.js +1 -1460
- package/dist/gatewayFacades.d.ts +93 -296
- package/dist/gatewayFacades.factories.d.ts +209 -14
- package/dist/gatewayFacades.factories.js +545 -2228
- package/dist/gatewayFacades.js +284 -2627
- package/dist/generated/functionSurface.d.ts +149 -0
- package/dist/generated/functionSurface.js +749 -0
- package/dist/graphAnalysisClient.d.ts +41 -49
- package/dist/graphAnalysisClient.js +185 -974
- package/dist/graphClient.d.ts +53 -60
- package/dist/graphClient.js +219 -1090
- package/dist/graphIntel.d.ts +2 -4
- package/dist/graphIntel.js +1 -2
- package/dist/graphIntelligence.d.ts +4 -2
- package/dist/graphIntelligence.js +2 -46
- package/dist/graphRecommendationsClient.d.ts +15 -23
- package/dist/graphRecommendationsClient.js +70 -849
- package/dist/graphStateClassifierClient.d.ts +17 -25
- package/dist/graphStateClassifierClient.js +67 -908
- package/dist/harnessClient.d.ts +40 -47
- package/dist/harnessClient.js +198 -993
- package/dist/identityClient.d.ts +25 -33
- package/dist/identityClient.js +245 -1186
- package/dist/index.d.ts +73 -69
- package/dist/index.js +72 -13313
- package/dist/infisicalRuntime.d.ts +12 -14
- package/dist/infisicalRuntime.js +290 -297
- package/dist/jobsClient.d.ts +24 -32
- package/dist/jobsClient.js +101 -916
- package/dist/learningClient.d.ts +8 -16
- package/dist/learningClient.js +45 -809
- package/dist/lenses/index.d.ts +13 -65
- package/dist/lenses/index.js +11 -10175
- package/dist/mcpClient.d.ts +14 -23
- package/dist/mcpClient.js +115 -856
- package/dist/modelRuntimeClient.d.ts +18 -26
- package/dist/modelRuntimeClient.js +74 -894
- package/dist/nodes/index.d.ts +7 -58
- package/dist/nodes/index.js +14 -10177
- package/dist/ontologies/index.d.ts +21 -73
- package/dist/ontologies/index.js +14 -10178
- package/dist/ontologyClient.d.ts +23 -31
- package/dist/ontologyClient.js +138 -924
- package/dist/ontologyLinksClient.d.ts +16 -24
- package/dist/ontologyLinksClient.js +76 -886
- package/dist/opinion.d.ts +5 -6
- package/dist/opinion.js +21 -25
- package/dist/orgGraphSearchClient.d.ts +19 -27
- package/dist/orgGraphSearchClient.js +89 -857
- package/dist/packRuntime.d.ts +2 -2
- package/dist/packRuntime.js +1 -2
- package/dist/packsClient.d.ts +30 -37
- package/dist/packsClient.js +131 -906
- package/dist/policyClient.d.ts +21 -29
- package/dist/policyClient.js +267 -1026
- package/dist/proof-attestation.json +1 -1
- package/dist/questions/index.d.ts +9 -60
- package/dist/questions/index.js +15 -10178
- package/dist/realtime/index.d.ts +20 -16
- package/dist/realtime/index.js +30 -19
- package/dist/realtime/refs.d.ts +4 -6
- package/dist/realtime/refs.js +12 -7
- package/dist/realtime-refs.d.ts +1 -0
- package/dist/realtime-refs.js +1 -0
- package/dist/realtime.d.ts +1 -0
- package/dist/realtime.js +1 -0
- package/dist/reportsClient.d.ts +10 -19
- package/dist/reportsClient.js +48 -836
- package/dist/schemaClient.d.ts +16 -23
- package/dist/schemaClient.js +62 -832
- package/dist/sdkSurface.d.ts +18 -25
- package/dist/sdkSurface.js +135 -106
- package/dist/secrets.d.ts +2 -1
- package/dist/secrets.js +1 -2
- package/dist/sourcesClient.d.ts +11 -18
- package/dist/sourcesClient.js +18 -741
- package/dist/telemetryClient.d.ts +22 -30
- package/dist/telemetryClient.js +107 -931
- package/dist/toolRegistryClient.d.ts +27 -35
- package/dist/toolRegistryClient.js +116 -954
- package/dist/topics/index.d.ts +13 -64
- package/dist/topics/index.js +15 -10178
- package/dist/topicsClient.d.ts +19 -27
- package/dist/topicsClient.js +106 -894
- package/dist/types.d.ts +84 -87
- package/dist/types.js +1 -2
- package/dist/version.d.ts +2 -3
- package/dist/version.js +2 -5
- package/dist/workflowClient.d.ts +60 -65
- package/dist/workflowClient.js +343 -1219
- package/dist/worktrees/index.d.ts +16 -68
- package/dist/worktrees/index.js +14 -10178
- package/package.json +6 -6
- package/dist/accessControl.js.map +0 -1
- package/dist/adminClient.js.map +0 -1
- package/dist/answersClient.js.map +0 -1
- package/dist/audience/index.js.map +0 -1
- package/dist/audiencesClient.js.map +0 -1
- package/dist/auditClient.js.map +0 -1
- package/dist/authContext.js.map +0 -1
- package/dist/authDeviceClient.js.map +0 -1
- package/dist/beliefs/index.js.map +0 -1
- package/dist/beliefs/lifecycle.js.map +0 -1
- package/dist/beliefsClient.js.map +0 -1
- package/dist/boundaryClientSurface.js.map +0 -1
- package/dist/client.js.map +0 -1
- package/dist/clientAssemblyTypes.js.map +0 -1
- package/dist/clientConfig.js.map +0 -1
- package/dist/clientEvidenceCompat.js.map +0 -1
- package/dist/clientGraphNamespaces.js.map +0 -1
- package/dist/clientHelpers.js.map +0 -1
- package/dist/clientKnowledgeNamespaces.js.map +0 -1
- package/dist/clientLocalHelpers.js.map +0 -1
- package/dist/clientPlatformNamespaces.js.map +0 -1
- package/dist/clientRuntime.js.map +0 -1
- package/dist/clientWorkflowNamespaces.js.map +0 -1
- package/dist/contextClient.js.map +0 -1
- package/dist/contextFacade.js.map +0 -1
- package/dist/contextPackCompiler.js.map +0 -1
- package/dist/contextPackPolicy.js.map +0 -1
- package/dist/contextPackSchema.js.map +0 -1
- package/dist/contextTypes.js.map +0 -1
- package/dist/contracts/api-enums.contract.js.map +0 -1
- package/dist/contracts/auth-session.contract.js.map +0 -1
- package/dist/contracts/context-pack.contract.js.map +0 -1
- package/dist/contracts/contextPack.js.map +0 -1
- package/dist/contracts/index.js.map +0 -1
- package/dist/contracts/lens-filter.contract.js.map +0 -1
- package/dist/contracts/lens-workflow.contract.js.map +0 -1
- package/dist/contracts/lensFilter.js.map +0 -1
- package/dist/contracts/lensWorkflow.js.map +0 -1
- package/dist/contracts/mcpTools.js.map +0 -1
- package/dist/contracts/prompt.contract.js.map +0 -1
- package/dist/contracts/prompt.js.map +0 -1
- package/dist/contracts/sdk-tools.contract.js.map +0 -1
- package/dist/contracts/sdkTools.js.map +0 -1
- package/dist/contracts/tool-contracts.js.map +0 -1
- package/dist/contracts/workflow-runtime.contract.js.map +0 -1
- package/dist/contracts/workflowRuntime.js.map +0 -1
- package/dist/contradictions/index.js.map +0 -1
- package/dist/control-plane.js.map +0 -1
- package/dist/controlObjectOwnership.js.map +0 -1
- package/dist/coreClient.js.map +0 -1
- package/dist/customTools.js.map +0 -1
- package/dist/decisions/index.js.map +0 -1
- package/dist/decisionsClient.js.map +0 -1
- package/dist/domainContext.js.map +0 -1
- package/dist/edges/index.js.map +0 -1
- package/dist/embeddingsClient.js.map +0 -1
- package/dist/eventingClient.js.map +0 -1
- package/dist/events.js.map +0 -1
- package/dist/eventsCore.js.map +0 -1
- package/dist/evidence/index.js.map +0 -1
- package/dist/evidenceClient.js.map +0 -1
- package/dist/facade/context.js.map +0 -1
- package/dist/functionSurface.js.map +0 -1
- package/dist/functionSurfaceClient.js.map +0 -1
- package/dist/gatewayFacades.factories.js.map +0 -1
- package/dist/gatewayFacades.js.map +0 -1
- package/dist/graphAnalysisClient.js.map +0 -1
- package/dist/graphClient.js.map +0 -1
- package/dist/graphIntel.js.map +0 -1
- package/dist/graphIntelligence.js.map +0 -1
- package/dist/graphRecommendationsClient.js.map +0 -1
- package/dist/graphStateClassifierClient.js.map +0 -1
- package/dist/harnessClient.js.map +0 -1
- package/dist/identityClient.js.map +0 -1
- package/dist/index.js.map +0 -1
- package/dist/infisicalRuntime.js.map +0 -1
- package/dist/jobsClient.js.map +0 -1
- package/dist/learningClient.js.map +0 -1
- package/dist/lenses/index.js.map +0 -1
- package/dist/mcpClient.js.map +0 -1
- package/dist/modelRuntimeClient.js.map +0 -1
- package/dist/nodes/index.js.map +0 -1
- package/dist/ontologies/index.js.map +0 -1
- package/dist/ontologyClient.js.map +0 -1
- package/dist/ontologyLinksClient.js.map +0 -1
- package/dist/opinion.js.map +0 -1
- package/dist/orgGraphSearchClient.js.map +0 -1
- package/dist/packRuntime.js.map +0 -1
- package/dist/packsClient.js.map +0 -1
- package/dist/policyClient.js.map +0 -1
- package/dist/questions/index.js.map +0 -1
- package/dist/realtime/index.js.map +0 -1
- package/dist/realtime/refs.js.map +0 -1
- package/dist/reportsClient.js.map +0 -1
- package/dist/schemaClient.js.map +0 -1
- package/dist/sdk-tools.contract-B4c1Zr1o.d.ts +0 -22
- package/dist/sdkSurface.js.map +0 -1
- package/dist/secrets.js.map +0 -1
- package/dist/sourcesClient.js.map +0 -1
- package/dist/telemetryClient.js.map +0 -1
- package/dist/tool-contracts-BUiL9P6z.d.ts +0 -22
- package/dist/toolRegistryClient.js.map +0 -1
- package/dist/topics/index.js.map +0 -1
- package/dist/topicsClient.js.map +0 -1
- package/dist/types.js.map +0 -1
- package/dist/version.js.map +0 -1
- package/dist/workflowClient.js.map +0 -1
- package/dist/worktrees/index.js.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,16 @@ All notable changes to `@lucern/sdk` will be documented in this file.
|
|
|
5
5
|
## [Unreleased]
|
|
6
6
|
- No unreleased changes yet.
|
|
7
7
|
|
|
8
|
+
## [1.0.13] - 2026-06-01
|
|
9
|
+
- Exposes the Campaign 1 closeout headless surface: MCP output-schema
|
|
10
|
+
metadata, richer retrieval receipts, synthesis narrative coverage, and
|
|
11
|
+
evidence relation fields for supporting or contradicting belief links.
|
|
12
|
+
- Deprecates direct public confidence modulation in favor of evidence-backed
|
|
13
|
+
Subjective Logic accumulation.
|
|
14
|
+
|
|
15
|
+
## [1.0.12] - 2026-05-31
|
|
16
|
+
- Release notes pending.
|
|
17
|
+
|
|
8
18
|
## [1.0.11] - 2026-05-29
|
|
9
19
|
- Release notes pending.
|
|
10
20
|
|
package/README.md
CHANGED
|
@@ -90,7 +90,6 @@ IA-7 closes the remaining SDK surface gaps needed for SDK-first clients:
|
|
|
90
90
|
```typescript
|
|
91
91
|
import {
|
|
92
92
|
createLucernClient,
|
|
93
|
-
opinionFromDogmatic,
|
|
94
93
|
type PlatformBeliefRecord,
|
|
95
94
|
type SdkPrincipalContext,
|
|
96
95
|
type WorkflowWorktreeRecord,
|
|
@@ -215,12 +214,8 @@ const sqlFactEvidence = await lucern.evidence.create({
|
|
|
215
214
|
text: "OWASP SQL Injection Prevention guidance identifies parameterized queries as the primary defense.",
|
|
216
215
|
sourceUrl: "https://owasp.org/www-community/attacks/SQL_Injection",
|
|
217
216
|
targetId: sqlFact.data.nodeId,
|
|
218
|
-
|
|
219
|
-
|
|
220
|
-
await lucern.beliefs.modulateConfidence(sqlFact.data.nodeId, {
|
|
221
|
-
opinion: opinionFromDogmatic(0.95, 0.5),
|
|
222
|
-
trigger: "evidence_added",
|
|
223
|
-
triggeringEvidenceId: sqlFactEvidence.data.nodeId,
|
|
217
|
+
evidenceRelation: "supports",
|
|
218
|
+
confidence: 0.95,
|
|
224
219
|
rationale: "OWASP verified, industry standard for 20+ years",
|
|
225
220
|
});
|
|
226
221
|
|
|
@@ -234,12 +229,8 @@ const patternEvidence = await lucern.evidence.create({
|
|
|
234
229
|
text: "Last 6 months of security audits found 14 input validation issues and 1 cryptographic issue.",
|
|
235
230
|
sourceUrl: "audit://security/findings-last-6-months",
|
|
236
231
|
targetId: patternBelief.data.nodeId,
|
|
237
|
-
|
|
238
|
-
|
|
239
|
-
await lucern.beliefs.modulateConfidence(patternBelief.data.nodeId, {
|
|
240
|
-
opinion: opinionFromDogmatic(0.82, 0.5),
|
|
241
|
-
trigger: "evidence_added",
|
|
242
|
-
triggeringEvidenceId: patternEvidence.data.nodeId,
|
|
232
|
+
evidenceRelation: "supports",
|
|
233
|
+
confidence: 0.82,
|
|
243
234
|
rationale: "Last 6 months of security audits: 14 input validation issues, 1 crypto issue",
|
|
244
235
|
});
|
|
245
236
|
|
|
@@ -368,11 +359,13 @@ const comparisonAnswer = await lucern.questions.answer(comparisonQuestion.data.q
|
|
|
368
359
|
The original hypothesis said "less than 30%." The data shows 53% — but the story is more nuanced. Fork the belief to capture the evolved understanding.
|
|
369
360
|
|
|
370
361
|
```typescript
|
|
371
|
-
//
|
|
372
|
-
await lucern.
|
|
373
|
-
|
|
374
|
-
|
|
375
|
-
|
|
362
|
+
// Attach contradicting evidence to the original (it was too pessimistic about overall catch rate)
|
|
363
|
+
await lucern.evidence.linkToBelief({
|
|
364
|
+
evidenceId: humanEvidence.data.nodeId,
|
|
365
|
+
beliefId: hypothesis.data.nodeId,
|
|
366
|
+
weight: -0.8,
|
|
367
|
+
evidenceRelation: "contradicts",
|
|
368
|
+
confidence: 0.8,
|
|
376
369
|
rationale: "Static analysis catches 53% overall, not <30%. But the category breakdown reveals something more important.",
|
|
377
370
|
});
|
|
378
371
|
|
|
@@ -382,11 +375,12 @@ const evolved = await lucern.beliefs.fork(hypothesis.data.nodeId, {
|
|
|
382
375
|
forkReason: "refinement",
|
|
383
376
|
});
|
|
384
377
|
|
|
385
|
-
await lucern.
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
378
|
+
await lucern.evidence.linkToBelief({
|
|
379
|
+
evidenceId: humanEvidence.data.nodeId,
|
|
380
|
+
beliefId: evolved.data.nodeId,
|
|
381
|
+
weight: 0.88,
|
|
382
|
+
evidenceRelation: "supports",
|
|
383
|
+
confidence: 0.88,
|
|
390
384
|
rationale: "Direct comparison data: 0/7 business logic flaws caught, 0/2 race conditions caught, while input validation catch rate was 12/22 (55%)",
|
|
391
385
|
});
|
|
392
386
|
|
|
@@ -397,10 +391,13 @@ const actionable = await lucern.beliefs.create({
|
|
|
397
391
|
beliefType: "belief",
|
|
398
392
|
});
|
|
399
393
|
|
|
400
|
-
await lucern.
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
394
|
+
await lucern.evidence.create({
|
|
395
|
+
topicId,
|
|
396
|
+
text: "The comparison study makes business logic and concurrency the highest-value human review targets.",
|
|
397
|
+
sourceUrl: `worktree://${investigation.data.worktreeId}`,
|
|
398
|
+
targetId: actionable.data.nodeId,
|
|
399
|
+
evidenceRelation: "supports",
|
|
400
|
+
confidence: 0.85,
|
|
404
401
|
rationale: "Direct implication of the comparison study findings",
|
|
405
402
|
});
|
|
406
403
|
|
package/dist/.generated
ADDED
package/dist/accessControl.d.ts
CHANGED
|
@@ -1,21 +1,15 @@
|
|
|
1
|
-
import { LucernSdkAuthContextError,
|
|
2
|
-
import { GatewayClientConfig } from
|
|
3
|
-
import {
|
|
4
|
-
import { SessionPrincipalType } from
|
|
5
|
-
import { JsonObject } from
|
|
6
|
-
|
|
7
|
-
import './control-plane.js';
|
|
8
|
-
import './contracts/workflow-runtime.contract.js';
|
|
9
|
-
import './contracts/lens-workflow.contract.js';
|
|
10
|
-
import './contracts/lens-filter.contract.js';
|
|
11
|
-
|
|
12
|
-
type ClerkIdentityAliasInput = {
|
|
1
|
+
import { LucernSdkAuthContextError, type LucernSdkAuthContextInput, type LucernSdkAuthFailureReason } from "./authContext";
|
|
2
|
+
import { type GatewayClientConfig } from "./coreClient";
|
|
3
|
+
import { type PolicyDecisionRecord, type PolicyEvaluationInput } from "./identityClient";
|
|
4
|
+
import type { SessionPrincipalType } from "./contracts/auth-session.contract";
|
|
5
|
+
import type { JsonObject } from "./types";
|
|
6
|
+
export type ClerkIdentityAliasInput = {
|
|
13
7
|
provider?: "clerk" | string;
|
|
14
8
|
providerProjectId?: string | null;
|
|
15
9
|
externalSubjectId: string;
|
|
16
10
|
status?: "active" | "pending" | "revoked" | string;
|
|
17
11
|
};
|
|
18
|
-
type CanonicalPrincipalIdentityInput = {
|
|
12
|
+
export type CanonicalPrincipalIdentityInput = {
|
|
19
13
|
principalId?: string | null;
|
|
20
14
|
principalType?: SessionPrincipalType | "user" | "external_viewer" | null;
|
|
21
15
|
canonicalClerkUserId?: string | null;
|
|
@@ -26,13 +20,13 @@ type CanonicalPrincipalIdentityInput = {
|
|
|
26
20
|
roles?: readonly string[];
|
|
27
21
|
scopes?: readonly string[];
|
|
28
22
|
};
|
|
29
|
-
type CanonicalPrincipalIdentityAlias = {
|
|
23
|
+
export type CanonicalPrincipalIdentityAlias = {
|
|
30
24
|
provider: string;
|
|
31
25
|
providerProjectId?: string;
|
|
32
26
|
externalSubjectId: string;
|
|
33
27
|
status?: string;
|
|
34
28
|
};
|
|
35
|
-
type CanonicalPrincipalIdentity = {
|
|
29
|
+
export type CanonicalPrincipalIdentity = {
|
|
36
30
|
principalId: string;
|
|
37
31
|
principalType: SessionPrincipalType;
|
|
38
32
|
canonicalClerkUserId?: string;
|
|
@@ -42,12 +36,12 @@ type CanonicalPrincipalIdentity = {
|
|
|
42
36
|
roles: string[];
|
|
43
37
|
scopes: string[];
|
|
44
38
|
};
|
|
45
|
-
type AccessResourceType = "tenant" | "workspace" | "deployment" | "convex_table" | "secret_scope" | "agent_session" | (string & {});
|
|
46
|
-
type AccessResourceDescriptor = {
|
|
39
|
+
export type AccessResourceType = "tenant" | "workspace" | "deployment" | "convex_table" | "secret_scope" | "agent_session" | (string & {});
|
|
40
|
+
export type AccessResourceDescriptor = {
|
|
47
41
|
type: AccessResourceType;
|
|
48
42
|
key: string;
|
|
49
43
|
};
|
|
50
|
-
type RequireAccessInput = {
|
|
44
|
+
export type RequireAccessInput = {
|
|
51
45
|
identity?: CanonicalPrincipalIdentityInput | LucernSdkAuthContextInput;
|
|
52
46
|
observedClerkId?: string;
|
|
53
47
|
tenantId?: string;
|
|
@@ -56,25 +50,24 @@ type RequireAccessInput = {
|
|
|
56
50
|
resource: AccessResourceDescriptor | string;
|
|
57
51
|
context?: JsonObject;
|
|
58
52
|
};
|
|
59
|
-
type AccessCheckResult = {
|
|
53
|
+
export type AccessCheckResult = {
|
|
60
54
|
identity: CanonicalPrincipalIdentity;
|
|
61
55
|
policyInput: PolicyEvaluationInput;
|
|
62
56
|
decision: PolicyDecisionRecord;
|
|
63
57
|
};
|
|
64
|
-
declare class LucernAccessControlError extends LucernSdkAuthContextError {
|
|
58
|
+
export declare class LucernAccessControlError extends LucernSdkAuthContextError {
|
|
65
59
|
readonly policyDecision?: PolicyDecisionRecord;
|
|
66
60
|
constructor(reason: LucernSdkAuthFailureReason, message: string, policyDecision?: PolicyDecisionRecord);
|
|
67
61
|
}
|
|
68
|
-
declare function normalizeCanonicalPrincipalIdentity(input: CanonicalPrincipalIdentityInput | LucernSdkAuthContextInput, options?: {
|
|
62
|
+
export declare function normalizeCanonicalPrincipalIdentity(input: CanonicalPrincipalIdentityInput | LucernSdkAuthContextInput, options?: {
|
|
69
63
|
observedClerkId?: string;
|
|
70
64
|
}): CanonicalPrincipalIdentity;
|
|
71
|
-
declare function formatPermitResource(resource: AccessResourceDescriptor | string): string;
|
|
72
|
-
declare function assertPermitAllowed(decision: PolicyDecisionRecord): void;
|
|
73
|
-
declare function createAccessControlClient(config?: GatewayClientConfig): {
|
|
65
|
+
export declare function formatPermitResource(resource: AccessResourceDescriptor | string): string;
|
|
66
|
+
export declare function assertPermitAllowed(decision: PolicyDecisionRecord): void;
|
|
67
|
+
export declare function createAccessControlClient(config?: GatewayClientConfig): {
|
|
74
68
|
normalizePrincipal: typeof normalizeCanonicalPrincipalIdentity;
|
|
75
69
|
checkAccess: (input: RequireAccessInput, idempotencyKey?: string) => Promise<AccessCheckResult>;
|
|
76
70
|
requireAccess: (input: RequireAccessInput, idempotencyKey?: string) => Promise<AccessCheckResult>;
|
|
77
71
|
canAccess: (input: RequireAccessInput, idempotencyKey?: string) => Promise<boolean>;
|
|
78
72
|
};
|
|
79
|
-
|
|
80
|
-
export { type AccessCheckResult, type AccessResourceDescriptor, type AccessResourceType, type CanonicalPrincipalIdentity, type CanonicalPrincipalIdentityAlias, type CanonicalPrincipalIdentityInput, type ClerkIdentityAliasInput, LucernAccessControlError, type RequireAccessInput, assertPermitAllowed, createAccessControlClient, formatPermitResource, normalizeCanonicalPrincipalIdentity };
|
|
73
|
+
//# sourceMappingURL=accessControl.d.ts.map
|