@mcoda/codali 0.1.87 → 0.1.89
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/EvalCommand.d.ts +8 -0
- package/dist/cli/EvalCommand.d.ts.map +1 -1
- package/dist/cli/EvalCommand.js +93 -1
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +1 -0
- package/dist/docdex/DocdexClient.d.ts +8 -1
- package/dist/docdex/DocdexClient.d.ts.map +1 -1
- package/dist/docdex/DocdexClient.js +126 -33
- package/dist/eval/CodaliGatewayLiveHarness.d.ts +169 -0
- package/dist/eval/CodaliGatewayLiveHarness.d.ts.map +1 -0
- package/dist/eval/CodaliGatewayLiveHarness.js +824 -0
- package/dist/eval/GatewayEvalSuite.d.ts +202 -0
- package/dist/eval/GatewayEvalSuite.d.ts.map +1 -0
- package/dist/eval/GatewayEvalSuite.js +673 -0
- package/dist/gateway/AgentTierResolver.d.ts +74 -0
- package/dist/gateway/AgentTierResolver.d.ts.map +1 -0
- package/dist/gateway/AgentTierResolver.js +576 -0
- package/dist/gateway/AppToolGatewayDispatcher.d.ts +88 -0
- package/dist/gateway/AppToolGatewayDispatcher.d.ts.map +1 -0
- package/dist/gateway/AppToolGatewayDispatcher.js +381 -0
- package/dist/gateway/CodaliGateway.d.ts +73 -0
- package/dist/gateway/CodaliGateway.d.ts.map +1 -0
- package/dist/gateway/CodaliGateway.js +824 -0
- package/dist/gateway/CodaliGatewaySchemas.d.ts +21 -0
- package/dist/gateway/CodaliGatewaySchemas.d.ts.map +1 -0
- package/dist/gateway/CodaliGatewaySchemas.js +874 -0
- package/dist/gateway/CodaliGatewayStore.d.ts +157 -0
- package/dist/gateway/CodaliGatewayStore.d.ts.map +1 -0
- package/dist/gateway/CodaliGatewayStore.js +206 -0
- package/dist/gateway/CodaliGatewayTypes.d.ts +336 -0
- package/dist/gateway/CodaliGatewayTypes.d.ts.map +1 -0
- package/dist/gateway/CodaliGatewayTypes.js +1 -0
- package/dist/gateway/ContextPackBuilder.d.ts +43 -0
- package/dist/gateway/ContextPackBuilder.d.ts.map +1 -0
- package/dist/gateway/ContextPackBuilder.js +317 -0
- package/dist/gateway/EvidenceNormalizer.d.ts +42 -0
- package/dist/gateway/EvidenceNormalizer.d.ts.map +1 -0
- package/dist/gateway/EvidenceNormalizer.js +488 -0
- package/dist/gateway/GatewayPlanner.d.ts +195 -0
- package/dist/gateway/GatewayPlanner.d.ts.map +1 -0
- package/dist/gateway/GatewayPlanner.js +379 -0
- package/dist/gateway/GatewayPolicyCompiler.d.ts +30 -0
- package/dist/gateway/GatewayPolicyCompiler.d.ts.map +1 -0
- package/dist/gateway/GatewayPolicyCompiler.js +114 -0
- package/dist/gateway/GatewaySecurityPolicy.d.ts +14 -0
- package/dist/gateway/GatewaySecurityPolicy.d.ts.map +1 -0
- package/dist/gateway/GatewaySecurityPolicy.js +350 -0
- package/dist/gateway/GatewayStateMachine.d.ts +165 -0
- package/dist/gateway/GatewayStateMachine.d.ts.map +1 -0
- package/dist/gateway/GatewayStateMachine.js +790 -0
- package/dist/gateway/GatewayTraceReplay.d.ts +120 -0
- package/dist/gateway/GatewayTraceReplay.d.ts.map +1 -0
- package/dist/gateway/GatewayTraceReplay.js +273 -0
- package/dist/gateway/ToolCapabilityCompiler.d.ts +50 -0
- package/dist/gateway/ToolCapabilityCompiler.d.ts.map +1 -0
- package/dist/gateway/ToolCapabilityCompiler.js +442 -0
- package/dist/index.d.ts +33 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +16 -0
- package/dist/runtime/CodaliJobRuntime.d.ts +211 -0
- package/dist/runtime/CodaliJobRuntime.d.ts.map +1 -0
- package/dist/runtime/CodaliJobRuntime.js +590 -0
- package/dist/runtime/CodaliRuntime.d.ts +81 -1
- package/dist/runtime/CodaliRuntime.d.ts.map +1 -1
- package/dist/runtime/CodaliRuntime.js +619 -4
- package/dist/tools/ToolRegistry.d.ts.map +1 -1
- package/dist/tools/ToolRegistry.js +4 -0
- package/dist/tools/ToolTypes.d.ts +1 -1
- package/dist/tools/ToolTypes.d.ts.map +1 -1
- package/dist/tools/ToolTypes.js +5 -1
- package/package.json +3 -3
|
@@ -0,0 +1,442 @@
|
|
|
1
|
+
export const CODALI_GATEWAY_READ_ONLY_BACKING_TOOLS = [
|
|
2
|
+
"docdex_search",
|
|
3
|
+
"docdex_batch_search",
|
|
4
|
+
"docdex_open",
|
|
5
|
+
"docdex_files",
|
|
6
|
+
"docdex_tree",
|
|
7
|
+
"docdex_stats",
|
|
8
|
+
];
|
|
9
|
+
export const CODALI_GATEWAY_RESERVED_TOOL_ARG_KEYS = [
|
|
10
|
+
"apiKey",
|
|
11
|
+
"api_key",
|
|
12
|
+
"baseUrl",
|
|
13
|
+
"base_url",
|
|
14
|
+
"credentialSource",
|
|
15
|
+
"credential_source",
|
|
16
|
+
"docdex",
|
|
17
|
+
"repo",
|
|
18
|
+
"repoId",
|
|
19
|
+
"repo_id",
|
|
20
|
+
"repoRoot",
|
|
21
|
+
"repo_root",
|
|
22
|
+
"tenant",
|
|
23
|
+
"tenantId",
|
|
24
|
+
"tenant_id",
|
|
25
|
+
];
|
|
26
|
+
const DOCDEX_OPERATION_BY_TOOL = {
|
|
27
|
+
docdex_batch_search: "batch_search",
|
|
28
|
+
docdex_files: "files",
|
|
29
|
+
docdex_open: "open",
|
|
30
|
+
docdex_search: "search",
|
|
31
|
+
docdex_stats: "stats",
|
|
32
|
+
docdex_tree: "tree",
|
|
33
|
+
};
|
|
34
|
+
const READ_ONLY_BUILTIN_TOOLS = new Set(CODALI_GATEWAY_READ_ONLY_BACKING_TOOLS);
|
|
35
|
+
const DESTRUCTIVE_TOOL_TOKENS = new Set([
|
|
36
|
+
"delete",
|
|
37
|
+
"destroy",
|
|
38
|
+
"drop",
|
|
39
|
+
"exec",
|
|
40
|
+
"execute",
|
|
41
|
+
"purge",
|
|
42
|
+
"remove",
|
|
43
|
+
"reset",
|
|
44
|
+
"rm",
|
|
45
|
+
"shell",
|
|
46
|
+
"terminal",
|
|
47
|
+
"truncate",
|
|
48
|
+
"wipe",
|
|
49
|
+
]);
|
|
50
|
+
const WRITE_TOOL_TOKENS = new Set([
|
|
51
|
+
"add",
|
|
52
|
+
"approve",
|
|
53
|
+
"assign",
|
|
54
|
+
"cancel",
|
|
55
|
+
"commit",
|
|
56
|
+
"create",
|
|
57
|
+
"dispatch",
|
|
58
|
+
"edit",
|
|
59
|
+
"merge",
|
|
60
|
+
"mutate",
|
|
61
|
+
"post",
|
|
62
|
+
"publish",
|
|
63
|
+
"push",
|
|
64
|
+
"send",
|
|
65
|
+
"submit",
|
|
66
|
+
"sync",
|
|
67
|
+
"transition",
|
|
68
|
+
"update",
|
|
69
|
+
"upload",
|
|
70
|
+
"write",
|
|
71
|
+
]);
|
|
72
|
+
const RESERVED_TOOL_ARG_KEY_SET = new Set(CODALI_GATEWAY_RESERVED_TOOL_ARG_KEYS.map((key) => key.toLowerCase()));
|
|
73
|
+
const isRecord = (value) => Boolean(value && typeof value === "object" && !Array.isArray(value));
|
|
74
|
+
const normalizeName = (value) => typeof value === "string" && value.trim() ? value.trim() : undefined;
|
|
75
|
+
const unique = (values) => {
|
|
76
|
+
const seen = new Set();
|
|
77
|
+
for (const value of values) {
|
|
78
|
+
const normalized = normalizeName(value);
|
|
79
|
+
if (normalized) {
|
|
80
|
+
seen.add(normalized);
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
return [...seen];
|
|
84
|
+
};
|
|
85
|
+
const toolNameTokens = (tool) => tool
|
|
86
|
+
.toLowerCase()
|
|
87
|
+
.split(/[^a-z0-9]+/g)
|
|
88
|
+
.filter(Boolean);
|
|
89
|
+
const hasRiskToken = (tool, tokens) => {
|
|
90
|
+
const normalized = tool.toLowerCase();
|
|
91
|
+
return toolNameTokens(tool).some((token) => tokens.has(token)) ||
|
|
92
|
+
[...tokens].some((token) => normalized === token || normalized.endsWith(`_${token}`));
|
|
93
|
+
};
|
|
94
|
+
const classifyCapabilityRisk = (name, readOnly) => {
|
|
95
|
+
if (hasRiskToken(name, DESTRUCTIVE_TOOL_TOKENS)) {
|
|
96
|
+
return "destructive_blocked";
|
|
97
|
+
}
|
|
98
|
+
if (!readOnly || hasRiskToken(name, WRITE_TOOL_TOKENS)) {
|
|
99
|
+
return "write_with_approval";
|
|
100
|
+
}
|
|
101
|
+
return "read_only";
|
|
102
|
+
};
|
|
103
|
+
const readString = (record, keys) => {
|
|
104
|
+
for (const key of keys) {
|
|
105
|
+
const value = normalizeName(record[key]);
|
|
106
|
+
if (value) {
|
|
107
|
+
return value;
|
|
108
|
+
}
|
|
109
|
+
}
|
|
110
|
+
return undefined;
|
|
111
|
+
};
|
|
112
|
+
const readBoolean = (record, keys) => {
|
|
113
|
+
for (const key of keys) {
|
|
114
|
+
const value = record[key];
|
|
115
|
+
if (typeof value === "boolean") {
|
|
116
|
+
return value;
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
return undefined;
|
|
120
|
+
};
|
|
121
|
+
const readStringArray = (record, keys) => {
|
|
122
|
+
for (const key of keys) {
|
|
123
|
+
const value = record[key];
|
|
124
|
+
if (!Array.isArray(value)) {
|
|
125
|
+
continue;
|
|
126
|
+
}
|
|
127
|
+
return unique(value.map(normalizeName));
|
|
128
|
+
}
|
|
129
|
+
return [];
|
|
130
|
+
};
|
|
131
|
+
const readRecord = (record, keys) => {
|
|
132
|
+
for (const key of keys) {
|
|
133
|
+
const value = record[key];
|
|
134
|
+
if (isRecord(value)) {
|
|
135
|
+
return value;
|
|
136
|
+
}
|
|
137
|
+
}
|
|
138
|
+
return undefined;
|
|
139
|
+
};
|
|
140
|
+
const extractToolName = (tool) => {
|
|
141
|
+
if (typeof tool === "string") {
|
|
142
|
+
return normalizeName(tool);
|
|
143
|
+
}
|
|
144
|
+
if (!isRecord(tool)) {
|
|
145
|
+
return undefined;
|
|
146
|
+
}
|
|
147
|
+
return readString(tool, ["name", "tool", "toolName", "tool_name", "slug", "id"]);
|
|
148
|
+
};
|
|
149
|
+
const readManifestTools = (tools, keys) => {
|
|
150
|
+
if (!tools) {
|
|
151
|
+
return [];
|
|
152
|
+
}
|
|
153
|
+
const names = [];
|
|
154
|
+
for (const key of keys) {
|
|
155
|
+
const value = tools[key];
|
|
156
|
+
if (Array.isArray(value)) {
|
|
157
|
+
names.push(...value.map(extractToolName).filter(Boolean));
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
return unique(names);
|
|
161
|
+
};
|
|
162
|
+
const addIssue = (target, severity, code, message, tool, details) => {
|
|
163
|
+
target.push({ code, message, tool, severity, details });
|
|
164
|
+
};
|
|
165
|
+
const addSkippedTool = (skippedTools, warnings, name, reason, details) => {
|
|
166
|
+
skippedTools.push({ name, reason, details });
|
|
167
|
+
addIssue(warnings, "warning", `GATEWAY_TOOL_SKIPPED_${reason.toUpperCase()}`, `Skipped tool ${name}: ${reason}.`, name, details);
|
|
168
|
+
};
|
|
169
|
+
const normalizeAppToolContracts = (contracts, warnings) => {
|
|
170
|
+
const normalized = new Map();
|
|
171
|
+
if (!contracts) {
|
|
172
|
+
return normalized;
|
|
173
|
+
}
|
|
174
|
+
if (Array.isArray(contracts)) {
|
|
175
|
+
for (const contract of contracts) {
|
|
176
|
+
if (!isRecord(contract)) {
|
|
177
|
+
continue;
|
|
178
|
+
}
|
|
179
|
+
const name = extractToolName(contract);
|
|
180
|
+
if (!name) {
|
|
181
|
+
addIssue(warnings, "warning", "GATEWAY_TOOL_CONTRACT_NAME_REQUIRED", "Skipped an app tool contract without a tool name.");
|
|
182
|
+
continue;
|
|
183
|
+
}
|
|
184
|
+
normalized.set(name, { ...contract, name });
|
|
185
|
+
}
|
|
186
|
+
return normalized;
|
|
187
|
+
}
|
|
188
|
+
for (const [key, value] of Object.entries(contracts)) {
|
|
189
|
+
if (!isRecord(value)) {
|
|
190
|
+
addIssue(warnings, "warning", "GATEWAY_TOOL_CONTRACT_INVALID", `Skipped app tool contract ${key}: contract must be an object.`, key);
|
|
191
|
+
continue;
|
|
192
|
+
}
|
|
193
|
+
const name = extractToolName(value) ?? normalizeName(key);
|
|
194
|
+
if (!name) {
|
|
195
|
+
continue;
|
|
196
|
+
}
|
|
197
|
+
normalized.set(name, { ...value, name });
|
|
198
|
+
}
|
|
199
|
+
return normalized;
|
|
200
|
+
};
|
|
201
|
+
const callSchemaReservedProperties = (contract) => {
|
|
202
|
+
const schema = readRecord(contract, ["callSchema", "call_schema"]);
|
|
203
|
+
const properties = schema ? readRecord(schema, ["properties"]) : undefined;
|
|
204
|
+
if (!properties) {
|
|
205
|
+
return [];
|
|
206
|
+
}
|
|
207
|
+
return Object.keys(properties).filter((key) => RESERVED_TOOL_ARG_KEY_SET.has(key.toLowerCase()));
|
|
208
|
+
};
|
|
209
|
+
const contractGateway = (contract, policyGateway) => {
|
|
210
|
+
const gateway = readRecord(contract, ["gateway"]);
|
|
211
|
+
if (!gateway && !policyGateway)
|
|
212
|
+
return undefined;
|
|
213
|
+
return { ...(policyGateway ?? {}), ...(gateway ?? {}) };
|
|
214
|
+
};
|
|
215
|
+
const gatewayEndpoint = (gateway) => readString(gateway ?? {}, ["endpoint"]);
|
|
216
|
+
const gatewayHasSigningMaterial = (gateway) => Boolean(readString(gateway ?? {}, [
|
|
217
|
+
"signatureSecret",
|
|
218
|
+
"signature_secret",
|
|
219
|
+
"signingSecret",
|
|
220
|
+
"signing_secret",
|
|
221
|
+
"secret",
|
|
222
|
+
"signature",
|
|
223
|
+
]));
|
|
224
|
+
const gatewayRequiresMissingSignature = (gateway) => Boolean(gateway &&
|
|
225
|
+
(gatewayEndpoint(gateway) ||
|
|
226
|
+
gateway.signatureRequired === true ||
|
|
227
|
+
gateway.signature_required === true) &&
|
|
228
|
+
!gatewayHasSigningMaterial(gateway));
|
|
229
|
+
const isGatewayReadOnly = (gateway) => {
|
|
230
|
+
if (!gateway)
|
|
231
|
+
return true;
|
|
232
|
+
return readBoolean(gateway, ["readOnly", "read_only"]) === true;
|
|
233
|
+
};
|
|
234
|
+
const isOperationAllowed = (tool, operation, allowedOperations) => allowedOperations.size === 0 ||
|
|
235
|
+
allowedOperations.has(operation) ||
|
|
236
|
+
allowedOperations.has(tool);
|
|
237
|
+
const requireDocdexOperation = (operations, tool) => {
|
|
238
|
+
const operation = DOCDEX_OPERATION_BY_TOOL[tool];
|
|
239
|
+
if (operation) {
|
|
240
|
+
operations.add(operation);
|
|
241
|
+
}
|
|
242
|
+
};
|
|
243
|
+
const isImmutableDocdexRuntimeContext = (docdex) => docdex?.immutableRuntimeContext === true ||
|
|
244
|
+
docdex?.credentialSource === "attached_mswarm_api_key";
|
|
245
|
+
export const compileToolCapabilities = (input) => {
|
|
246
|
+
const warnings = [];
|
|
247
|
+
const errors = [];
|
|
248
|
+
const skippedTools = [];
|
|
249
|
+
const capabilities = [];
|
|
250
|
+
const visibleTools = [];
|
|
251
|
+
const appVirtualTools = [];
|
|
252
|
+
const appToolContracts = {};
|
|
253
|
+
const allowedTools = unique(input.policy.allowedTools);
|
|
254
|
+
const allowedSet = new Set(allowedTools);
|
|
255
|
+
const deniedTools = unique(input.policy.deniedTools ?? []);
|
|
256
|
+
const deniedSet = new Set(deniedTools);
|
|
257
|
+
const actualTools = new Set(readManifestTools(input.tools ?? input.docdex?.toolManifest, [
|
|
258
|
+
"actualTools",
|
|
259
|
+
"actual_tools",
|
|
260
|
+
]));
|
|
261
|
+
const virtualTools = new Set([
|
|
262
|
+
...readManifestTools(input.tools ?? input.docdex?.toolManifest, [
|
|
263
|
+
"virtualTools",
|
|
264
|
+
"virtual_tools",
|
|
265
|
+
]),
|
|
266
|
+
...unique(input.policy.appVirtualTools ?? []),
|
|
267
|
+
]);
|
|
268
|
+
const contracts = normalizeAppToolContracts(input.policy.appToolContracts, warnings);
|
|
269
|
+
const allowedBackingTools = new Set(unique(input.allowedBackingTools ?? CODALI_GATEWAY_READ_ONLY_BACKING_TOOLS));
|
|
270
|
+
const requiredDocdexOperations = new Set(unique(input.requiredDocdexOperations ?? []));
|
|
271
|
+
const addCapability = (name, kind, status, readOnly, backingTools, reasons) => {
|
|
272
|
+
const riskCategory = classifyCapabilityRisk(name, readOnly);
|
|
273
|
+
capabilities.push({
|
|
274
|
+
name,
|
|
275
|
+
kind,
|
|
276
|
+
status,
|
|
277
|
+
readOnly,
|
|
278
|
+
riskCategory,
|
|
279
|
+
approvalRequired: riskCategory !== "read_only",
|
|
280
|
+
backingTools,
|
|
281
|
+
reasons,
|
|
282
|
+
});
|
|
283
|
+
};
|
|
284
|
+
for (const tool of allowedTools) {
|
|
285
|
+
const contract = contracts.get(tool);
|
|
286
|
+
const isActual = actualTools.has(tool);
|
|
287
|
+
const isVirtual = virtualTools.has(tool);
|
|
288
|
+
const isBuiltin = READ_ONLY_BUILTIN_TOOLS.has(tool);
|
|
289
|
+
const kind = contract ? "app_contract" : isActual ? "actual" : isVirtual ? "virtual" : "builtin";
|
|
290
|
+
if (deniedSet.has(tool)) {
|
|
291
|
+
addCapability(tool, kind, "denied", true, [], ["denied_by_policy"]);
|
|
292
|
+
addSkippedTool(skippedTools, warnings, tool, "denied_by_policy");
|
|
293
|
+
continue;
|
|
294
|
+
}
|
|
295
|
+
if (!contract && !isActual && !isVirtual && !isBuiltin) {
|
|
296
|
+
addCapability(tool, kind, "skipped", true, [], ["not_declared"]);
|
|
297
|
+
addSkippedTool(skippedTools, warnings, tool, "not_declared");
|
|
298
|
+
continue;
|
|
299
|
+
}
|
|
300
|
+
if (!contract) {
|
|
301
|
+
visibleTools.push(tool);
|
|
302
|
+
addCapability(tool, kind, "allowed", true, [], []);
|
|
303
|
+
requireDocdexOperation(requiredDocdexOperations, tool);
|
|
304
|
+
continue;
|
|
305
|
+
}
|
|
306
|
+
if (contract.enabled === false) {
|
|
307
|
+
addCapability(tool, "app_contract", "skipped", true, [], ["disabled"]);
|
|
308
|
+
addSkippedTool(skippedTools, warnings, tool, "disabled");
|
|
309
|
+
continue;
|
|
310
|
+
}
|
|
311
|
+
const contractReadOnly = readBoolean(contract, ["readOnly", "read_only"]) ?? true;
|
|
312
|
+
if (!contractReadOnly) {
|
|
313
|
+
addCapability(tool, "app_contract", "skipped", false, [], ["not_read_only"]);
|
|
314
|
+
addSkippedTool(skippedTools, warnings, tool, "not_read_only");
|
|
315
|
+
continue;
|
|
316
|
+
}
|
|
317
|
+
const gateway = contractGateway(contract, input.policy.appToolGateway);
|
|
318
|
+
const hasGateway = Boolean(gatewayEndpoint(gateway));
|
|
319
|
+
if (hasGateway && !isGatewayReadOnly(gateway)) {
|
|
320
|
+
addCapability(tool, "app_gateway", "skipped", false, [], ["gateway_not_read_only"]);
|
|
321
|
+
addSkippedTool(skippedTools, warnings, tool, "gateway_not_read_only");
|
|
322
|
+
continue;
|
|
323
|
+
}
|
|
324
|
+
if (gatewayRequiresMissingSignature(gateway)) {
|
|
325
|
+
addCapability(tool, "app_gateway", "skipped", true, [], ["gateway_signature_required"]);
|
|
326
|
+
addSkippedTool(skippedTools, warnings, tool, "gateway_signature_required");
|
|
327
|
+
continue;
|
|
328
|
+
}
|
|
329
|
+
const reservedProperties = callSchemaReservedProperties(contract);
|
|
330
|
+
if (reservedProperties.length > 0) {
|
|
331
|
+
addCapability(tool, "app_contract", "skipped", true, [], [
|
|
332
|
+
"reserved_call_schema_properties",
|
|
333
|
+
]);
|
|
334
|
+
addSkippedTool(skippedTools, warnings, tool, "reserved_call_schema_properties", {
|
|
335
|
+
properties: reservedProperties,
|
|
336
|
+
});
|
|
337
|
+
continue;
|
|
338
|
+
}
|
|
339
|
+
const backingTools = readStringArray(contract, ["backingTools", "backing_tools"]);
|
|
340
|
+
if (backingTools.length === 0 && !hasGateway) {
|
|
341
|
+
addCapability(tool, "app_contract", "skipped", true, [], ["missing_backing_tools"]);
|
|
342
|
+
addSkippedTool(skippedTools, warnings, tool, "missing_backing_tools");
|
|
343
|
+
continue;
|
|
344
|
+
}
|
|
345
|
+
const deniedBackingTools = backingTools.filter((backingTool) => deniedSet.has(backingTool));
|
|
346
|
+
if (deniedBackingTools.length > 0) {
|
|
347
|
+
addCapability(tool, "app_contract", "skipped", true, backingTools, [
|
|
348
|
+
"denied_backing_tools",
|
|
349
|
+
]);
|
|
350
|
+
addSkippedTool(skippedTools, warnings, tool, "denied_backing_tools", {
|
|
351
|
+
backingTools: deniedBackingTools,
|
|
352
|
+
});
|
|
353
|
+
continue;
|
|
354
|
+
}
|
|
355
|
+
const disallowedBackingTools = backingTools.filter((backingTool) => !allowedSet.has(backingTool));
|
|
356
|
+
if (disallowedBackingTools.length > 0) {
|
|
357
|
+
addCapability(tool, "app_contract", "skipped", true, backingTools, [
|
|
358
|
+
"backing_tools_not_allowed",
|
|
359
|
+
]);
|
|
360
|
+
addSkippedTool(skippedTools, warnings, tool, "backing_tools_not_allowed", {
|
|
361
|
+
backingTools: disallowedBackingTools,
|
|
362
|
+
});
|
|
363
|
+
continue;
|
|
364
|
+
}
|
|
365
|
+
const unsafeBackingTools = backingTools.filter((backingTool) => !allowedBackingTools.has(backingTool));
|
|
366
|
+
if (unsafeBackingTools.length > 0) {
|
|
367
|
+
addCapability(tool, "app_contract", "skipped", true, backingTools, [
|
|
368
|
+
"unsafe_backing_tools",
|
|
369
|
+
]);
|
|
370
|
+
addSkippedTool(skippedTools, warnings, tool, "unsafe_backing_tools", {
|
|
371
|
+
backingTools: unsafeBackingTools,
|
|
372
|
+
});
|
|
373
|
+
continue;
|
|
374
|
+
}
|
|
375
|
+
visibleTools.push(tool);
|
|
376
|
+
appToolContracts[tool] = { ...contract, name: tool };
|
|
377
|
+
if (virtualTools.has(tool)) {
|
|
378
|
+
appVirtualTools.push(tool);
|
|
379
|
+
}
|
|
380
|
+
addCapability(tool, hasGateway ? "app_gateway" : "app_contract", "allowed", true, backingTools, []);
|
|
381
|
+
for (const backingTool of backingTools) {
|
|
382
|
+
requireDocdexOperation(requiredDocdexOperations, backingTool);
|
|
383
|
+
}
|
|
384
|
+
}
|
|
385
|
+
const allowedOperations = new Set(unique(input.docdex?.allowedOperations ?? []));
|
|
386
|
+
const immutableDocdexContext = isImmutableDocdexRuntimeContext(input.docdex);
|
|
387
|
+
const needsDocdex = requiredDocdexOperations.size > 0 ||
|
|
388
|
+
visibleTools.some((tool) => DOCDEX_OPERATION_BY_TOOL[tool]);
|
|
389
|
+
const docdexRequired = input.docdex?.required === true || requiredDocdexOperations.size > 0;
|
|
390
|
+
if (docdexRequired && !input.docdex) {
|
|
391
|
+
addIssue(errors, "error", "GATEWAY_DOCDEX_REQUIRED", "Docdex context is required by the compiled tool surface.");
|
|
392
|
+
}
|
|
393
|
+
if (docdexRequired && input.docdex?.enabled === false) {
|
|
394
|
+
addIssue(errors, "error", "GATEWAY_DOCDEX_DISABLED", "Docdex context is required but disabled.");
|
|
395
|
+
}
|
|
396
|
+
if (needsDocdex &&
|
|
397
|
+
input.docdex?.required === true &&
|
|
398
|
+
!input.docdex.repoId &&
|
|
399
|
+
!input.docdex.repoRoot) {
|
|
400
|
+
addIssue(errors, "error", "GATEWAY_DOCDEX_SCOPE_REQUIRED", "Docdex context is required but no repoId or repoRoot was supplied.");
|
|
401
|
+
}
|
|
402
|
+
if (needsDocdex && immutableDocdexContext) {
|
|
403
|
+
const missing = [];
|
|
404
|
+
if (!input.docdex?.baseUrl)
|
|
405
|
+
missing.push("baseUrl");
|
|
406
|
+
if (!input.docdex?.repoId)
|
|
407
|
+
missing.push("repoId");
|
|
408
|
+
if (allowedOperations.size === 0)
|
|
409
|
+
missing.push("allowedOperations");
|
|
410
|
+
if (!input.docdex?.capabilities)
|
|
411
|
+
missing.push("capabilities");
|
|
412
|
+
if (input.docdex?.credentialSource === "attached_mswarm_api_key" &&
|
|
413
|
+
(!input.docdex.apiKey || input.docdex.apiKey.trim().length === 0)) {
|
|
414
|
+
missing.push("apiKey");
|
|
415
|
+
}
|
|
416
|
+
if (missing.length > 0) {
|
|
417
|
+
addIssue(errors, "error", "GATEWAY_DOCDEX_IMMUTABLE_CONTEXT_REQUIRED", "Encrypted Docdex gateway jobs require an immutable runtime context.", undefined, { missing });
|
|
418
|
+
}
|
|
419
|
+
}
|
|
420
|
+
for (const operation of [...requiredDocdexOperations].sort()) {
|
|
421
|
+
const matchingTool = Object.entries(DOCDEX_OPERATION_BY_TOOL).find(([, value]) => value === operation)?.[0] ?? operation;
|
|
422
|
+
if (!isOperationAllowed(matchingTool, operation, allowedOperations)) {
|
|
423
|
+
addIssue(errors, "error", "GATEWAY_DOCDEX_OPERATION_BLOCKED", `Docdex operation ${operation} is not allowed by policy.`, matchingTool, { operation });
|
|
424
|
+
}
|
|
425
|
+
}
|
|
426
|
+
const gateway = input.policy.appToolGateway && isGatewayReadOnly(input.policy.appToolGateway)
|
|
427
|
+
? input.policy.appToolGateway
|
|
428
|
+
: undefined;
|
|
429
|
+
return {
|
|
430
|
+
allowedTools,
|
|
431
|
+
deniedTools,
|
|
432
|
+
visibleTools: unique(visibleTools),
|
|
433
|
+
appVirtualTools: unique(appVirtualTools),
|
|
434
|
+
appToolContracts,
|
|
435
|
+
appToolGateway: gateway,
|
|
436
|
+
capabilities,
|
|
437
|
+
skippedTools,
|
|
438
|
+
warnings,
|
|
439
|
+
errors,
|
|
440
|
+
requiredDocdexOperations: [...requiredDocdexOperations].sort(),
|
|
441
|
+
};
|
|
442
|
+
};
|
package/dist/index.d.ts
CHANGED
|
@@ -1,10 +1,42 @@
|
|
|
1
1
|
export { runCli } from "./cli.js";
|
|
2
2
|
export { codaliEventToOpenAIChatCompletionChunk, codaliEventToOpenAISseData, createCodaliRuntime, runCodaliTask, } from "./runtime/CodaliRuntime.js";
|
|
3
|
+
export { runCodaliJob } from "./runtime/CodaliJobRuntime.js";
|
|
4
|
+
export { isCodaliGatewayValidationOk, validateCodaliContextPack, validateCodaliEvidenceItem, validateCodaliGatewayPlannerOutput, validateCodaliGatewayPolicy, validateCodaliGatewayRequest, validateCodaliGatewayVerifierOutput, validateCodaliGatewayWorkerTask, validateGatewayContextPack, validateGatewayEvidenceItem, validateGatewayPlannerOutput, validateGatewayPolicy, validateGatewayRequest, validateGatewayVerifierOutput, validateGatewayWorkerTask, } from "./gateway/CodaliGatewaySchemas.js";
|
|
5
|
+
export { CodaliGateway, buildCodaliGatewayFinalSynthesizerMessages, createCodaliGateway, runCodaliGateway, runCodaliGatewayPlanning, runCodaliGatewayWorkerTasks, } from "./gateway/CodaliGateway.js";
|
|
6
|
+
export { buildCodaliGatewayWorkerPrompt, CodaliGatewayStateMachine, createCodaliGatewayStateMachine, } from "./gateway/GatewayStateMachine.js";
|
|
7
|
+
export { normalizeCodaliEvidence, normalizeGatewayEvidence, } from "./gateway/EvidenceNormalizer.js";
|
|
8
|
+
export { buildCodaliContextPack, CodaliContextPackBuilder, createCodaliContextPackBuilder, estimateCodaliContextPackTokens, } from "./gateway/ContextPackBuilder.js";
|
|
9
|
+
export { createInMemoryCodaliGatewayStore, redactCodaliGatewaySecrets, } from "./gateway/CodaliGatewayStore.js";
|
|
10
|
+
export { CODALI_GATEWAY_REPLAY_FIXTURE_SCHEMA_VERSION, CODALI_GATEWAY_TRACE_EVENT_NAMES, CODALI_GATEWAY_TRACE_SCHEMA_VERSION, buildCodaliGatewayTraceEvents, exportCodaliGatewayReplayFixture, readCodaliGatewayTrace, summarizeCodaliGatewayTrace, } from "./gateway/GatewayTraceReplay.js";
|
|
11
|
+
export { CODALI_GATEWAY_CLASSIFIER_SCHEMA, CODALI_GATEWAY_PLANNER_SCHEMA, CodaliGatewayPlanner, CodaliGatewayPlannerError, buildCodaliGatewayClassifierMessages, buildCodaliGatewayPlannerMessages, createCodaliGatewayPlanner, } from "./gateway/GatewayPlanner.js";
|
|
12
|
+
export { DEFAULT_CODALI_GATEWAY_AGENT_ROLES, DEFAULT_CODALI_GATEWAY_ROLE_POLICIES, normalizeCodaliGatewayAgentCandidate, resolveCodaliGatewayAgentTiers, resolveGatewayAgentTiers, } from "./gateway/AgentTierResolver.js";
|
|
13
|
+
export { compileCodaliGatewayPolicy, compileGatewayPolicy, } from "./gateway/GatewayPolicyCompiler.js";
|
|
14
|
+
export { CODALI_GATEWAY_SECURITY_PROMPT_HARDENING, classifyCodaliGatewayToolRisk, resolveCodaliGatewaySecurityPolicy, } from "./gateway/GatewaySecurityPolicy.js";
|
|
15
|
+
export { CODALI_GATEWAY_READ_ONLY_BACKING_TOOLS, CODALI_GATEWAY_RESERVED_TOOL_ARG_KEYS, compileToolCapabilities, } from "./gateway/ToolCapabilityCompiler.js";
|
|
16
|
+
export { CODALI_APP_TOOL_GATEWAY_VERSION, AppToolGatewayDispatchError, buildAppToolGatewaySignedRequest, canonicalizeAppToolGatewayPayload, dispatchAppToolGateway, redactAppToolGatewayPayload, signAppToolGatewayRequest, verifyAppToolGatewayRequestSignature, } from "./gateway/AppToolGatewayDispatcher.js";
|
|
17
|
+
export { CODALI_GATEWAY_LIVE_SCENARIOS, classifyCodaliGatewayLiveAgents, createMcodaAgentRunScenarioRunner, defaultCodaliGatewayLiveCommandRunner, formatCodaliGatewayLiveHarnessTextReport, parseCodaliGatewayLiveInventory, redactCodaliGatewayLiveValue, runCodaliGatewayLiveHarness, } from "./eval/CodaliGatewayLiveHarness.js";
|
|
18
|
+
export { CODALI_GATEWAY_EVAL_CASES, DEFAULT_CODALI_GATEWAY_EVAL_THRESHOLDS, aggregateCodaliGatewayEvalMetrics, compareCodaliGatewayEvalBaseline, createDefaultCodaliGatewayEvalRunner, evaluateCodaliGatewayEvalCase, evaluateCodaliGatewayEvalGates, formatCodaliGatewayEvalTextReport, runCodaliGatewayEvalSuite, } from "./eval/GatewayEvalSuite.js";
|
|
3
19
|
export { loadInstructionBlocks, formatInstructionBlocks } from "./session/InstructionLoader.js";
|
|
4
20
|
export { SessionStore } from "./session/SessionStore.js";
|
|
5
21
|
export { SubagentOrchestrator } from "./subagents/SubagentOrchestrator.js";
|
|
6
22
|
export type { ProviderMessage, ProviderUsage, } from "./providers/ProviderTypes.js";
|
|
7
|
-
export type { CodaliRuntime, CodaliOpenAIChunkOptions, CodaliRuntimeAgentInput, CodaliRuntimeDocdexInput, CodaliRuntimeEvent, CodaliRuntimeInput, CodaliRuntimePolicy, CodaliRuntimeProviderInput, CodaliRuntimeSessionInput, CodaliRuntimeSubagentsInput, CodaliRuntimeResult, CodaliRuntimeWorkspace, } from "./runtime/CodaliRuntime.js";
|
|
23
|
+
export type { CodaliRuntime, CodaliRuntimeAppToolContract, CodaliRuntimeAppToolContracts, CodaliRuntimeAppToolGatewayContract, CodaliOpenAIChunkOptions, CodaliRuntimeAgentInput, CodaliRuntimeDocdexInput, CodaliRuntimeDynamicToolSkip, CodaliRuntimeEvent, CodaliRuntimeInput, CodaliRuntimePolicy, CodaliRuntimeProviderInput, CodaliRuntimeSessionInput, CodaliRuntimeSubagentsInput, CodaliRuntimeTelemetry, CodaliRuntimeToolManifest, CodaliRuntimeToolTelemetryEntry, CodaliRuntimeResult, CodaliRuntimeWorkspace, } from "./runtime/CodaliRuntime.js";
|
|
24
|
+
export type { CodaliEvidenceCard, CodaliJobAgentPolicy, CodaliJobBudgets, CodaliJobEvent, CodaliJobRequest, CodaliJobResponsePolicy, CodaliJobRuntimeError, CodaliJobRuntimeInput, CodaliJobRuntimeResult, CodaliJobStageDefinition, CodaliJobStageKind, CodaliJobStageResult, CodaliJobStageStatus, CodaliJobStatus, CodaliJobTelemetry, CodaliJobTelemetryStage, CodaliTaskRunner, CodaliVerifierResult, } from "./runtime/CodaliJobRuntime.js";
|
|
25
|
+
export type { CodaliGatewayFinalSynthesisInput, CodaliGatewayFinalSynthesizerOptions, CodaliGatewayOptions, CodaliGatewayPlanResult, CodaliGatewayWorkerRunResult, } from "./gateway/CodaliGateway.js";
|
|
26
|
+
export type { CodaliGatewayRejectedFollowUpTask, CodaliGatewayStateMachineInput, CodaliGatewayStateMachineOptions, CodaliGatewayVerificationIteration, CodaliGatewayVerificationLoopResult, CodaliGatewayVerifierRunInput, CodaliGatewayVerifierRunner, CodaliGatewayWorkerExecutionResult, CodaliGatewayWorkerExecutionStatus, CodaliGatewayWorkerModelCallRecord, CodaliGatewayWorkerTaskExecutionResult, CodaliGatewayWorkerTaskRunInput, CodaliGatewayWorkerTaskRunResult, CodaliGatewayWorkerTaskRunner, CodaliGatewayWorkerTaskStatus, CodaliGatewayWorkerToolCallRecord, } from "./gateway/GatewayStateMachine.js";
|
|
27
|
+
export type { CodaliEvidenceNormalizerInput, CodaliEvidenceNormalizerResult, CodaliEvidenceNormalizerToolCall, CodaliEvidenceRejectedItem, } from "./gateway/EvidenceNormalizer.js";
|
|
28
|
+
export type { CodaliContextPackBuildAndPersistInput, CodaliContextPackBuilderInput, CodaliContextPackBuilderOptions, CodaliContextPackBuildResult, } from "./gateway/ContextPackBuilder.js";
|
|
29
|
+
export type { CodaliGatewayCreateRunInput, CodaliGatewayCreateTaskInput, CodaliGatewayRunTrace, CodaliGatewayStore, CodaliGatewayStoreRunStatus, CodaliGatewayStoreTaskStatus, CodaliGatewayStoredArtifact, CodaliGatewayStoredModelCall, CodaliGatewayStoredModelStatus, CodaliGatewayStoredRun, CodaliGatewayStoredTask, CodaliGatewayStoredToolCall, CodaliGatewayStoredToolStatus, CodaliGatewayUpdateRunInput, CodaliGatewayUpdateTaskInput, } from "./gateway/CodaliGatewayStore.js";
|
|
30
|
+
export type { CodaliGatewayDebugSummary, CodaliGatewayReplayFixture, CodaliGatewayReplayFixtureInput, CodaliGatewayReplayFixtureModelCall, CodaliGatewayReplayFixtureOptions, CodaliGatewayReplayFixtureToolCall, CodaliGatewayTraceReadInput, CodaliGatewayTraceReadResult, } from "./gateway/GatewayTraceReplay.js";
|
|
31
|
+
export type { CodaliGatewayPlanningResult, CodaliGatewayPlannerOptions, CodaliGatewayPlannerToolDescriptor, GatewayPlannerInput, } from "./gateway/GatewayPlanner.js";
|
|
32
|
+
export type { CodaliAgentRolePolicy, CodaliAgentTierPolicy, CodaliGatewayApprovalRecord, CodaliGatewayApprovalRequirement, CodaliGatewayApprovalStatus, CodaliGatewayClassifierOutput, CodaliContextPack, CodaliContextPackContradiction, CodaliContextPackExcerpt, CodaliContextPackToolSummary, CodaliEvidenceItem, CodaliGatewayConfidence, CodaliGatewayFinalModel, CodaliGatewayFreshness, CodaliGatewayMessage, CodaliGatewayMessageRole, CodaliGatewayMode, CodaliGatewayModelTier, CodaliGatewayPlannerOutput, CodaliGatewayPolicy, CodaliGatewayPromptHardening, CodaliGatewayRequest, CodaliGatewayResponseFormat, CodaliGatewayResponsePolicy, CodaliGatewayResult, CodaliGatewaySecurityIssue, CodaliGatewaySecurityReview, CodaliGatewaySource, CodaliGatewayStatus, CodaliGatewaySubquestion, CodaliGatewayTenantLimitProfile, CodaliGatewayTrace, CodaliGatewayTraceEvent, CodaliGatewayTraceModelCall, CodaliGatewayTraceToolCall, CodaliGatewayToolRisk, CodaliGatewayToolRiskCategory, CodaliGatewayValidationIssue, CodaliGatewayValidationResult, CodaliGatewayVerifierIssue, CodaliGatewayVerifierOutput, CodaliGatewayWorkerTask, } from "./gateway/CodaliGatewayTypes.js";
|
|
33
|
+
export type { AgentTierResolution, AgentTierResolverInput, CodaliGatewayAgentAssignment, CodaliGatewayAgentCandidate, CodaliGatewayAgentCandidateDiagnostic, CodaliGatewayAgentHealth, CodaliGatewayAgentSource, CodaliGatewayAgentTierError, } from "./gateway/AgentTierResolver.js";
|
|
34
|
+
export type { GatewayPolicyCompilation, GatewayPolicyCompilerInput, } from "./gateway/GatewayPolicyCompiler.js";
|
|
35
|
+
export type { ResolveCodaliGatewaySecurityPolicyInput, } from "./gateway/GatewaySecurityPolicy.js";
|
|
36
|
+
export type { CodaliGatewayCompiledToolCapability, CodaliGatewayCompilerIssue, CodaliGatewaySkippedTool, CodaliGatewayToolCapabilityKind, CodaliGatewayToolCapabilityStatus, ToolCapabilityCompilation, ToolCapabilityCompilerInput, } from "./gateway/ToolCapabilityCompiler.js";
|
|
37
|
+
export type { AppToolGatewayDispatchErrorCode, AppToolGatewayDispatchInput, AppToolGatewayDispatchResult, CodaliAppToolGatewayRequesterScope, CodaliAppToolGatewayScope, CodaliAppToolGatewaySignedRequest, CodaliAppToolGatewayUnsignedRequest, } from "./gateway/AppToolGatewayDispatcher.js";
|
|
38
|
+
export type { CodaliGatewayLiveAgentSummary, CodaliGatewayLiveClassification, CodaliGatewayLiveCommandResult, CodaliGatewayLiveCommandRunner, CodaliGatewayLiveDiscoveryResult, CodaliGatewayLiveHarnessOptions, CodaliGatewayLiveHarnessResult, CodaliGatewayLiveHarnessStatus, CodaliGatewayLiveRoleKey, CodaliGatewayLiveRoleSummary, CodaliGatewayLiveScenarioArtifact, CodaliGatewayLiveScenarioDefinition, CodaliGatewayLiveScenarioId, CodaliGatewayLiveScenarioResult, CodaliGatewayLiveScenarioRunner, CodaliGatewayLiveScenarioRunnerInput, CodaliGatewayLiveScenarioStatus, } from "./eval/CodaliGatewayLiveHarness.js";
|
|
39
|
+
export type { CodaliGatewayEvalCase, CodaliGatewayEvalCaseExpectations, CodaliGatewayEvalCaseResult, CodaliGatewayEvalCitationRecord, CodaliGatewayEvalEvidenceRecord, CodaliGatewayEvalGateFailure, CodaliGatewayEvalGateResult, CodaliGatewayEvalImageArtifactRecord, CodaliGatewayEvalMetricDelta, CodaliGatewayEvalMetrics, CodaliGatewayEvalRegressionComparison, CodaliGatewayEvalReport, CodaliGatewayEvalRunRecord, CodaliGatewayEvalRunStatus, CodaliGatewayEvalRunner, CodaliGatewayEvalSuiteOptions, CodaliGatewayEvalTaskType, CodaliGatewayEvalThresholds, } from "./eval/GatewayEvalSuite.js";
|
|
8
40
|
export type { InstructionBlock, InstructionLoadOptions, } from "./session/InstructionLoader.js";
|
|
9
41
|
export type { CodaliResumeBundle, CodaliSessionMetadata, CodaliSessionStatus, CodaliSessionSummary, CodaliSessionTranscriptEvent, } from "./session/SessionStore.js";
|
|
10
42
|
export type { SubagentPermissions, SubagentResult, SubagentRole, SubagentSpec, SubagentStatus, } from "./subagents/SubagentOrchestrator.js";
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAClC,OAAO,EACL,sCAAsC,EACtC,0BAA0B,EAC1B,mBAAmB,EACnB,aAAa,GACd,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,qBAAqB,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AAChG,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,YAAY,EACV,eAAe,EACf,aAAa,GACd,MAAM,8BAA8B,CAAC;AACtC,YAAY,EACV,aAAa,EACb,wBAAwB,EACxB,uBAAuB,EACvB,wBAAwB,EACxB,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,0BAA0B,EAC1B,yBAAyB,EACzB,2BAA2B,EAC3B,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,4BAA4B,CAAC;AACpC,YAAY,EACV,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,gCAAgC,CAAC;AACxC,YAAY,EACV,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,EACpB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AACnC,YAAY,EACV,mBAAmB,EACnB,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,cAAc,GACf,MAAM,qCAAqC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAClC,OAAO,EACL,sCAAsC,EACtC,0BAA0B,EAC1B,mBAAmB,EACnB,aAAa,GACd,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AAC7D,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,0BAA0B,EAC1B,kCAAkC,EAClC,2BAA2B,EAC3B,4BAA4B,EAC5B,mCAAmC,EACnC,+BAA+B,EAC/B,0BAA0B,EAC1B,2BAA2B,EAC3B,4BAA4B,EAC5B,qBAAqB,EACrB,sBAAsB,EACtB,6BAA6B,EAC7B,yBAAyB,GAC1B,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EACL,aAAa,EACb,0CAA0C,EAC1C,mBAAmB,EACnB,gBAAgB,EAChB,wBAAwB,EACxB,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,8BAA8B,EAC9B,yBAAyB,EACzB,+BAA+B,GAChC,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EACL,uBAAuB,EACvB,wBAAwB,GACzB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,sBAAsB,EACtB,wBAAwB,EACxB,8BAA8B,EAC9B,+BAA+B,GAChC,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,gCAAgC,EAChC,0BAA0B,GAC3B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,4CAA4C,EAC5C,gCAAgC,EAChC,mCAAmC,EACnC,6BAA6B,EAC7B,gCAAgC,EAChC,sBAAsB,EACtB,2BAA2B,GAC5B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,gCAAgC,EAChC,6BAA6B,EAC7B,oBAAoB,EACpB,yBAAyB,EACzB,oCAAoC,EACpC,iCAAiC,EACjC,0BAA0B,GAC3B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,kCAAkC,EAClC,oCAAoC,EACpC,oCAAoC,EACpC,8BAA8B,EAC9B,wBAAwB,GACzB,MAAM,gCAAgC,CAAC;AACxC,OAAO,EACL,0BAA0B,EAC1B,oBAAoB,GACrB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EACL,wCAAwC,EACxC,6BAA6B,EAC7B,kCAAkC,GACnC,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EACL,sCAAsC,EACtC,qCAAqC,EACrC,uBAAuB,GACxB,MAAM,qCAAqC,CAAC;AAC7C,OAAO,EACL,+BAA+B,EAC/B,2BAA2B,EAC3B,gCAAgC,EAChC,iCAAiC,EACjC,sBAAsB,EACtB,2BAA2B,EAC3B,yBAAyB,EACzB,oCAAoC,GACrC,MAAM,uCAAuC,CAAC;AAC/C,OAAO,EACL,6BAA6B,EAC7B,+BAA+B,EAC/B,iCAAiC,EACjC,qCAAqC,EACrC,wCAAwC,EACxC,+BAA+B,EAC/B,4BAA4B,EAC5B,2BAA2B,GAC5B,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EACL,yBAAyB,EACzB,sCAAsC,EACtC,iCAAiC,EACjC,gCAAgC,EAChC,oCAAoC,EACpC,6BAA6B,EAC7B,8BAA8B,EAC9B,iCAAiC,EACjC,yBAAyB,GAC1B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,qBAAqB,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AAChG,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAC3E,YAAY,EACV,eAAe,EACf,aAAa,GACd,MAAM,8BAA8B,CAAC;AACtC,YAAY,EACV,aAAa,EACb,4BAA4B,EAC5B,6BAA6B,EAC7B,mCAAmC,EACnC,wBAAwB,EACxB,uBAAuB,EACvB,wBAAwB,EACxB,4BAA4B,EAC5B,kBAAkB,EAClB,kBAAkB,EAClB,mBAAmB,EACnB,0BAA0B,EAC1B,yBAAyB,EACzB,2BAA2B,EAC3B,sBAAsB,EACtB,yBAAyB,EACzB,+BAA+B,EAC/B,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,4BAA4B,CAAC;AACpC,YAAY,EACV,kBAAkB,EAClB,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,qBAAqB,EACrB,qBAAqB,EACrB,sBAAsB,EACtB,wBAAwB,EACxB,kBAAkB,EAClB,oBAAoB,EACpB,oBAAoB,EACpB,eAAe,EACf,kBAAkB,EAClB,uBAAuB,EACvB,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,+BAA+B,CAAC;AACvC,YAAY,EACV,gCAAgC,EAChC,oCAAoC,EACpC,oBAAoB,EACpB,uBAAuB,EACvB,4BAA4B,GAC7B,MAAM,4BAA4B,CAAC;AACpC,YAAY,EACV,iCAAiC,EACjC,8BAA8B,EAC9B,gCAAgC,EAChC,kCAAkC,EAClC,mCAAmC,EACnC,6BAA6B,EAC7B,2BAA2B,EAC3B,kCAAkC,EAClC,kCAAkC,EAClC,kCAAkC,EAClC,sCAAsC,EACtC,+BAA+B,EAC/B,gCAAgC,EAChC,6BAA6B,EAC7B,6BAA6B,EAC7B,iCAAiC,GAClC,MAAM,kCAAkC,CAAC;AAC1C,YAAY,EACV,6BAA6B,EAC7B,8BAA8B,EAC9B,gCAAgC,EAChC,0BAA0B,GAC3B,MAAM,iCAAiC,CAAC;AACzC,YAAY,EACV,qCAAqC,EACrC,6BAA6B,EAC7B,+BAA+B,EAC/B,4BAA4B,GAC7B,MAAM,iCAAiC,CAAC;AACzC,YAAY,EACV,2BAA2B,EAC3B,4BAA4B,EAC5B,qBAAqB,EACrB,kBAAkB,EAClB,2BAA2B,EAC3B,4BAA4B,EAC5B,2BAA2B,EAC3B,4BAA4B,EAC5B,8BAA8B,EAC9B,sBAAsB,EACtB,uBAAuB,EACvB,2BAA2B,EAC3B,6BAA6B,EAC7B,2BAA2B,EAC3B,4BAA4B,GAC7B,MAAM,iCAAiC,CAAC;AACzC,YAAY,EACV,yBAAyB,EACzB,0BAA0B,EAC1B,+BAA+B,EAC/B,mCAAmC,EACnC,iCAAiC,EACjC,kCAAkC,EAClC,2BAA2B,EAC3B,4BAA4B,GAC7B,MAAM,iCAAiC,CAAC;AACzC,YAAY,EACV,2BAA2B,EAC3B,2BAA2B,EAC3B,kCAAkC,EAClC,mBAAmB,GACpB,MAAM,6BAA6B,CAAC;AACrC,YAAY,EACV,qBAAqB,EACrB,qBAAqB,EACrB,2BAA2B,EAC3B,gCAAgC,EAChC,2BAA2B,EAC3B,6BAA6B,EAC7B,iBAAiB,EACjB,8BAA8B,EAC9B,wBAAwB,EACxB,4BAA4B,EAC5B,kBAAkB,EAClB,uBAAuB,EACvB,uBAAuB,EACvB,sBAAsB,EACtB,oBAAoB,EACpB,wBAAwB,EACxB,iBAAiB,EACjB,sBAAsB,EACtB,0BAA0B,EAC1B,mBAAmB,EACnB,4BAA4B,EAC5B,oBAAoB,EACpB,2BAA2B,EAC3B,2BAA2B,EAC3B,mBAAmB,EACnB,0BAA0B,EAC1B,2BAA2B,EAC3B,mBAAmB,EACnB,mBAAmB,EACnB,wBAAwB,EACxB,+BAA+B,EAC/B,kBAAkB,EAClB,uBAAuB,EACvB,2BAA2B,EAC3B,0BAA0B,EAC1B,qBAAqB,EACrB,6BAA6B,EAC7B,4BAA4B,EAC5B,6BAA6B,EAC7B,0BAA0B,EAC1B,2BAA2B,EAC3B,uBAAuB,GACxB,MAAM,iCAAiC,CAAC;AACzC,YAAY,EACV,mBAAmB,EACnB,sBAAsB,EACtB,4BAA4B,EAC5B,2BAA2B,EAC3B,qCAAqC,EACrC,wBAAwB,EACxB,wBAAwB,EACxB,2BAA2B,GAC5B,MAAM,gCAAgC,CAAC;AACxC,YAAY,EACV,wBAAwB,EACxB,0BAA0B,GAC3B,MAAM,oCAAoC,CAAC;AAC5C,YAAY,EACV,uCAAuC,GACxC,MAAM,oCAAoC,CAAC;AAC5C,YAAY,EACV,mCAAmC,EACnC,0BAA0B,EAC1B,wBAAwB,EACxB,+BAA+B,EAC/B,iCAAiC,EACjC,yBAAyB,EACzB,2BAA2B,GAC5B,MAAM,qCAAqC,CAAC;AAC7C,YAAY,EACV,+BAA+B,EAC/B,2BAA2B,EAC3B,4BAA4B,EAC5B,kCAAkC,EAClC,yBAAyB,EACzB,iCAAiC,EACjC,mCAAmC,GACpC,MAAM,uCAAuC,CAAC;AAC/C,YAAY,EACV,6BAA6B,EAC7B,+BAA+B,EAC/B,8BAA8B,EAC9B,8BAA8B,EAC9B,gCAAgC,EAChC,+BAA+B,EAC/B,8BAA8B,EAC9B,8BAA8B,EAC9B,wBAAwB,EACxB,4BAA4B,EAC5B,iCAAiC,EACjC,mCAAmC,EACnC,2BAA2B,EAC3B,+BAA+B,EAC/B,+BAA+B,EAC/B,oCAAoC,EACpC,+BAA+B,GAChC,MAAM,oCAAoC,CAAC;AAC5C,YAAY,EACV,qBAAqB,EACrB,iCAAiC,EACjC,2BAA2B,EAC3B,+BAA+B,EAC/B,+BAA+B,EAC/B,4BAA4B,EAC5B,2BAA2B,EAC3B,oCAAoC,EACpC,4BAA4B,EAC5B,wBAAwB,EACxB,qCAAqC,EACrC,uBAAuB,EACvB,0BAA0B,EAC1B,0BAA0B,EAC1B,uBAAuB,EACvB,6BAA6B,EAC7B,yBAAyB,EACzB,2BAA2B,GAC5B,MAAM,4BAA4B,CAAC;AACpC,YAAY,EACV,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,gCAAgC,CAAC;AACxC,YAAY,EACV,kBAAkB,EAClB,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,EACpB,4BAA4B,GAC7B,MAAM,2BAA2B,CAAC;AACnC,YAAY,EACV,mBAAmB,EACnB,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,cAAc,GACf,MAAM,qCAAqC,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -1,5 +1,21 @@
|
|
|
1
1
|
export { runCli } from "./cli.js";
|
|
2
2
|
export { codaliEventToOpenAIChatCompletionChunk, codaliEventToOpenAISseData, createCodaliRuntime, runCodaliTask, } from "./runtime/CodaliRuntime.js";
|
|
3
|
+
export { runCodaliJob } from "./runtime/CodaliJobRuntime.js";
|
|
4
|
+
export { isCodaliGatewayValidationOk, validateCodaliContextPack, validateCodaliEvidenceItem, validateCodaliGatewayPlannerOutput, validateCodaliGatewayPolicy, validateCodaliGatewayRequest, validateCodaliGatewayVerifierOutput, validateCodaliGatewayWorkerTask, validateGatewayContextPack, validateGatewayEvidenceItem, validateGatewayPlannerOutput, validateGatewayPolicy, validateGatewayRequest, validateGatewayVerifierOutput, validateGatewayWorkerTask, } from "./gateway/CodaliGatewaySchemas.js";
|
|
5
|
+
export { CodaliGateway, buildCodaliGatewayFinalSynthesizerMessages, createCodaliGateway, runCodaliGateway, runCodaliGatewayPlanning, runCodaliGatewayWorkerTasks, } from "./gateway/CodaliGateway.js";
|
|
6
|
+
export { buildCodaliGatewayWorkerPrompt, CodaliGatewayStateMachine, createCodaliGatewayStateMachine, } from "./gateway/GatewayStateMachine.js";
|
|
7
|
+
export { normalizeCodaliEvidence, normalizeGatewayEvidence, } from "./gateway/EvidenceNormalizer.js";
|
|
8
|
+
export { buildCodaliContextPack, CodaliContextPackBuilder, createCodaliContextPackBuilder, estimateCodaliContextPackTokens, } from "./gateway/ContextPackBuilder.js";
|
|
9
|
+
export { createInMemoryCodaliGatewayStore, redactCodaliGatewaySecrets, } from "./gateway/CodaliGatewayStore.js";
|
|
10
|
+
export { CODALI_GATEWAY_REPLAY_FIXTURE_SCHEMA_VERSION, CODALI_GATEWAY_TRACE_EVENT_NAMES, CODALI_GATEWAY_TRACE_SCHEMA_VERSION, buildCodaliGatewayTraceEvents, exportCodaliGatewayReplayFixture, readCodaliGatewayTrace, summarizeCodaliGatewayTrace, } from "./gateway/GatewayTraceReplay.js";
|
|
11
|
+
export { CODALI_GATEWAY_CLASSIFIER_SCHEMA, CODALI_GATEWAY_PLANNER_SCHEMA, CodaliGatewayPlanner, CodaliGatewayPlannerError, buildCodaliGatewayClassifierMessages, buildCodaliGatewayPlannerMessages, createCodaliGatewayPlanner, } from "./gateway/GatewayPlanner.js";
|
|
12
|
+
export { DEFAULT_CODALI_GATEWAY_AGENT_ROLES, DEFAULT_CODALI_GATEWAY_ROLE_POLICIES, normalizeCodaliGatewayAgentCandidate, resolveCodaliGatewayAgentTiers, resolveGatewayAgentTiers, } from "./gateway/AgentTierResolver.js";
|
|
13
|
+
export { compileCodaliGatewayPolicy, compileGatewayPolicy, } from "./gateway/GatewayPolicyCompiler.js";
|
|
14
|
+
export { CODALI_GATEWAY_SECURITY_PROMPT_HARDENING, classifyCodaliGatewayToolRisk, resolveCodaliGatewaySecurityPolicy, } from "./gateway/GatewaySecurityPolicy.js";
|
|
15
|
+
export { CODALI_GATEWAY_READ_ONLY_BACKING_TOOLS, CODALI_GATEWAY_RESERVED_TOOL_ARG_KEYS, compileToolCapabilities, } from "./gateway/ToolCapabilityCompiler.js";
|
|
16
|
+
export { CODALI_APP_TOOL_GATEWAY_VERSION, AppToolGatewayDispatchError, buildAppToolGatewaySignedRequest, canonicalizeAppToolGatewayPayload, dispatchAppToolGateway, redactAppToolGatewayPayload, signAppToolGatewayRequest, verifyAppToolGatewayRequestSignature, } from "./gateway/AppToolGatewayDispatcher.js";
|
|
17
|
+
export { CODALI_GATEWAY_LIVE_SCENARIOS, classifyCodaliGatewayLiveAgents, createMcodaAgentRunScenarioRunner, defaultCodaliGatewayLiveCommandRunner, formatCodaliGatewayLiveHarnessTextReport, parseCodaliGatewayLiveInventory, redactCodaliGatewayLiveValue, runCodaliGatewayLiveHarness, } from "./eval/CodaliGatewayLiveHarness.js";
|
|
18
|
+
export { CODALI_GATEWAY_EVAL_CASES, DEFAULT_CODALI_GATEWAY_EVAL_THRESHOLDS, aggregateCodaliGatewayEvalMetrics, compareCodaliGatewayEvalBaseline, createDefaultCodaliGatewayEvalRunner, evaluateCodaliGatewayEvalCase, evaluateCodaliGatewayEvalGates, formatCodaliGatewayEvalTextReport, runCodaliGatewayEvalSuite, } from "./eval/GatewayEvalSuite.js";
|
|
3
19
|
export { loadInstructionBlocks, formatInstructionBlocks } from "./session/InstructionLoader.js";
|
|
4
20
|
export { SessionStore } from "./session/SessionStore.js";
|
|
5
21
|
export { SubagentOrchestrator } from "./subagents/SubagentOrchestrator.js";
|