@pan-sec/notebooklm-mcp 1.4.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +61 -7
- package/SECURITY.md +40 -6
- package/dist/auth/mcp-auth.d.ts.map +1 -1
- package/dist/auth/mcp-auth.js +3 -6
- package/dist/auth/mcp-auth.js.map +1 -1
- package/dist/compliance/alert-manager.d.ts +120 -0
- package/dist/compliance/alert-manager.d.ts.map +1 -0
- package/dist/compliance/alert-manager.js +420 -0
- package/dist/compliance/alert-manager.js.map +1 -0
- package/dist/compliance/breach-detection.d.ts +134 -0
- package/dist/compliance/breach-detection.d.ts.map +1 -0
- package/dist/compliance/breach-detection.js +456 -0
- package/dist/compliance/breach-detection.js.map +1 -0
- package/dist/compliance/change-log.d.ts +113 -0
- package/dist/compliance/change-log.d.ts.map +1 -0
- package/dist/compliance/change-log.js +275 -0
- package/dist/compliance/change-log.js.map +1 -0
- package/dist/compliance/compliance-logger.d.ts +136 -0
- package/dist/compliance/compliance-logger.d.ts.map +1 -0
- package/dist/compliance/compliance-logger.js +425 -0
- package/dist/compliance/compliance-logger.js.map +1 -0
- package/dist/compliance/compliance-tools.d.ts +18 -0
- package/dist/compliance/compliance-tools.d.ts.map +1 -0
- package/dist/compliance/compliance-tools.js +673 -0
- package/dist/compliance/compliance-tools.js.map +1 -0
- package/dist/compliance/consent-manager.d.ts +130 -0
- package/dist/compliance/consent-manager.d.ts.map +1 -0
- package/dist/compliance/consent-manager.js +386 -0
- package/dist/compliance/consent-manager.js.map +1 -0
- package/dist/compliance/dashboard.d.ts +243 -0
- package/dist/compliance/dashboard.d.ts.map +1 -0
- package/dist/compliance/dashboard.js +519 -0
- package/dist/compliance/dashboard.js.map +1 -0
- package/dist/compliance/data-classification.d.ts +117 -0
- package/dist/compliance/data-classification.d.ts.map +1 -0
- package/dist/compliance/data-classification.js +469 -0
- package/dist/compliance/data-classification.js.map +1 -0
- package/dist/compliance/data-erasure.d.ts +110 -0
- package/dist/compliance/data-erasure.d.ts.map +1 -0
- package/dist/compliance/data-erasure.js +501 -0
- package/dist/compliance/data-erasure.js.map +1 -0
- package/dist/compliance/data-export.d.ts +85 -0
- package/dist/compliance/data-export.d.ts.map +1 -0
- package/dist/compliance/data-export.js +394 -0
- package/dist/compliance/data-export.js.map +1 -0
- package/dist/compliance/data-inventory.d.ts +136 -0
- package/dist/compliance/data-inventory.d.ts.map +1 -0
- package/dist/compliance/data-inventory.js +335 -0
- package/dist/compliance/data-inventory.js.map +1 -0
- package/dist/compliance/dsar-handler.d.ts +123 -0
- package/dist/compliance/dsar-handler.d.ts.map +1 -0
- package/dist/compliance/dsar-handler.js +371 -0
- package/dist/compliance/dsar-handler.js.map +1 -0
- package/dist/compliance/evidence-collector.d.ts +187 -0
- package/dist/compliance/evidence-collector.d.ts.map +1 -0
- package/dist/compliance/evidence-collector.js +656 -0
- package/dist/compliance/evidence-collector.js.map +1 -0
- package/dist/compliance/health-monitor.d.ts +111 -0
- package/dist/compliance/health-monitor.d.ts.map +1 -0
- package/dist/compliance/health-monitor.js +509 -0
- package/dist/compliance/health-monitor.js.map +1 -0
- package/dist/compliance/incident-manager.d.ts +131 -0
- package/dist/compliance/incident-manager.d.ts.map +1 -0
- package/dist/compliance/incident-manager.js +418 -0
- package/dist/compliance/incident-manager.js.map +1 -0
- package/dist/compliance/index.d.ts +32 -0
- package/dist/compliance/index.d.ts.map +1 -0
- package/dist/compliance/index.js +35 -0
- package/dist/compliance/index.js.map +1 -0
- package/dist/compliance/policy-docs.d.ts +108 -0
- package/dist/compliance/policy-docs.d.ts.map +1 -0
- package/dist/compliance/policy-docs.js +464 -0
- package/dist/compliance/policy-docs.js.map +1 -0
- package/dist/compliance/privacy-notice-text.d.ts +58 -0
- package/dist/compliance/privacy-notice-text.d.ts.map +1 -0
- package/dist/compliance/privacy-notice-text.js +161 -0
- package/dist/compliance/privacy-notice-text.js.map +1 -0
- package/dist/compliance/privacy-notice.d.ts +128 -0
- package/dist/compliance/privacy-notice.d.ts.map +1 -0
- package/dist/compliance/privacy-notice.js +250 -0
- package/dist/compliance/privacy-notice.js.map +1 -0
- package/dist/compliance/report-generator.d.ts +168 -0
- package/dist/compliance/report-generator.d.ts.map +1 -0
- package/dist/compliance/report-generator.js +830 -0
- package/dist/compliance/report-generator.js.map +1 -0
- package/dist/compliance/retention-engine.d.ts +130 -0
- package/dist/compliance/retention-engine.d.ts.map +1 -0
- package/dist/compliance/retention-engine.js +510 -0
- package/dist/compliance/retention-engine.js.map +1 -0
- package/dist/compliance/siem-exporter.d.ts +150 -0
- package/dist/compliance/siem-exporter.d.ts.map +1 -0
- package/dist/compliance/siem-exporter.js +509 -0
- package/dist/compliance/siem-exporter.js.map +1 -0
- package/dist/compliance/types.d.ts +601 -0
- package/dist/compliance/types.d.ts.map +1 -0
- package/dist/compliance/types.js +22 -0
- package/dist/compliance/types.js.map +1 -0
- package/dist/config.d.ts +4 -0
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +8 -1
- package/dist/config.js.map +1 -1
- package/dist/events/event-emitter.d.ts +45 -0
- package/dist/events/event-emitter.d.ts.map +1 -0
- package/dist/events/event-emitter.js +100 -0
- package/dist/events/event-emitter.js.map +1 -0
- package/dist/events/event-types.d.ts +124 -0
- package/dist/events/event-types.d.ts.map +1 -0
- package/dist/events/event-types.js +18 -0
- package/dist/events/event-types.js.map +1 -0
- package/dist/index.js +59 -2
- package/dist/index.js.map +1 -1
- package/dist/library/notebook-library.d.ts +25 -2
- package/dist/library/notebook-library.d.ts.map +1 -1
- package/dist/library/notebook-library.js +144 -3
- package/dist/library/notebook-library.js.map +1 -1
- package/dist/library/types.d.ts +15 -0
- package/dist/library/types.d.ts.map +1 -1
- package/dist/notebook-creation/audio-manager.d.ts +56 -0
- package/dist/notebook-creation/audio-manager.d.ts.map +1 -0
- package/dist/notebook-creation/audio-manager.js +335 -0
- package/dist/notebook-creation/audio-manager.js.map +1 -0
- package/dist/notebook-creation/discover-creation-flow.d.ts +8 -0
- package/dist/notebook-creation/discover-creation-flow.d.ts.map +1 -0
- package/dist/notebook-creation/discover-creation-flow.js +177 -0
- package/dist/notebook-creation/discover-creation-flow.js.map +1 -0
- package/dist/notebook-creation/discover-quota.d.ts +8 -0
- package/dist/notebook-creation/discover-quota.d.ts.map +1 -0
- package/dist/notebook-creation/discover-quota.js +195 -0
- package/dist/notebook-creation/discover-quota.js.map +1 -0
- package/dist/notebook-creation/discover-source-dialog.d.ts +8 -0
- package/dist/notebook-creation/discover-source-dialog.d.ts.map +1 -0
- package/dist/notebook-creation/discover-source-dialog.js +134 -0
- package/dist/notebook-creation/discover-source-dialog.js.map +1 -0
- package/dist/notebook-creation/discover-sources.d.ts +8 -0
- package/dist/notebook-creation/discover-sources.d.ts.map +1 -0
- package/dist/notebook-creation/discover-sources.js +273 -0
- package/dist/notebook-creation/discover-sources.js.map +1 -0
- package/dist/notebook-creation/discover-text-input.d.ts +7 -0
- package/dist/notebook-creation/discover-text-input.d.ts.map +1 -0
- package/dist/notebook-creation/discover-text-input.js +135 -0
- package/dist/notebook-creation/discover-text-input.js.map +1 -0
- package/dist/notebook-creation/index.d.ts +12 -0
- package/dist/notebook-creation/index.d.ts.map +1 -0
- package/dist/notebook-creation/index.js +12 -0
- package/dist/notebook-creation/index.js.map +1 -0
- package/dist/notebook-creation/notebook-creator.d.ts +95 -0
- package/dist/notebook-creation/notebook-creator.d.ts.map +1 -0
- package/dist/notebook-creation/notebook-creator.js +689 -0
- package/dist/notebook-creation/notebook-creator.js.map +1 -0
- package/dist/notebook-creation/notebook-sync.d.ts +93 -0
- package/dist/notebook-creation/notebook-sync.d.ts.map +1 -0
- package/dist/notebook-creation/notebook-sync.js +370 -0
- package/dist/notebook-creation/notebook-sync.js.map +1 -0
- package/dist/notebook-creation/run-discovery.d.ts +11 -0
- package/dist/notebook-creation/run-discovery.d.ts.map +1 -0
- package/dist/notebook-creation/run-discovery.js +151 -0
- package/dist/notebook-creation/run-discovery.js.map +1 -0
- package/dist/notebook-creation/selector-discovery.d.ts +65 -0
- package/dist/notebook-creation/selector-discovery.d.ts.map +1 -0
- package/dist/notebook-creation/selector-discovery.js +421 -0
- package/dist/notebook-creation/selector-discovery.js.map +1 -0
- package/dist/notebook-creation/selectors.d.ts +150 -0
- package/dist/notebook-creation/selectors.d.ts.map +1 -0
- package/dist/notebook-creation/selectors.js +225 -0
- package/dist/notebook-creation/selectors.js.map +1 -0
- package/dist/notebook-creation/source-manager.d.ts +73 -0
- package/dist/notebook-creation/source-manager.d.ts.map +1 -0
- package/dist/notebook-creation/source-manager.js +486 -0
- package/dist/notebook-creation/source-manager.js.map +1 -0
- package/dist/notebook-creation/test-create.d.ts +8 -0
- package/dist/notebook-creation/test-create.d.ts.map +1 -0
- package/dist/notebook-creation/test-create.js +72 -0
- package/dist/notebook-creation/test-create.js.map +1 -0
- package/dist/notebook-creation/types.d.ts +173 -0
- package/dist/notebook-creation/types.d.ts.map +1 -0
- package/dist/notebook-creation/types.js +5 -0
- package/dist/notebook-creation/types.js.map +1 -0
- package/dist/quota/index.d.ts +8 -0
- package/dist/quota/index.d.ts.map +1 -0
- package/dist/quota/index.js +8 -0
- package/dist/quota/index.js.map +1 -0
- package/dist/quota/quota-manager.d.ts +125 -0
- package/dist/quota/quota-manager.d.ts.map +1 -0
- package/dist/quota/quota-manager.js +330 -0
- package/dist/quota/quota-manager.js.map +1 -0
- package/dist/session/session-manager.d.ts +5 -0
- package/dist/session/session-manager.d.ts.map +1 -1
- package/dist/session/session-manager.js +6 -0
- package/dist/session/session-manager.js.map +1 -1
- package/dist/session/shared-context-manager.d.ts.map +1 -1
- package/dist/session/shared-context-manager.js +2 -1
- package/dist/session/shared-context-manager.js.map +1 -1
- package/dist/tools/definitions/notebook-management.d.ts.map +1 -1
- package/dist/tools/definitions/notebook-management.js +525 -0
- package/dist/tools/definitions/notebook-management.js.map +1 -1
- package/dist/tools/definitions/system.d.ts.map +1 -1
- package/dist/tools/definitions/system.js +158 -0
- package/dist/tools/definitions/system.js.map +1 -1
- package/dist/tools/handlers.d.ts +225 -0
- package/dist/tools/handlers.d.ts.map +1 -1
- package/dist/tools/handlers.js +911 -0
- package/dist/tools/handlers.js.map +1 -1
- package/dist/utils/audit-logger.d.ts +21 -1
- package/dist/utils/audit-logger.d.ts.map +1 -1
- package/dist/utils/audit-logger.js +53 -4
- package/dist/utils/audit-logger.js.map +1 -1
- package/dist/utils/crypto.d.ts.map +1 -1
- package/dist/utils/crypto.js +8 -15
- package/dist/utils/crypto.js.map +1 -1
- package/dist/utils/file-permissions.d.ts +85 -0
- package/dist/utils/file-permissions.d.ts.map +1 -0
- package/dist/utils/file-permissions.js +180 -0
- package/dist/utils/file-permissions.js.map +1 -0
- package/dist/utils/settings-manager.d.ts.map +1 -1
- package/dist/utils/settings-manager.js +6 -11
- package/dist/utils/settings-manager.js.map +1 -1
- package/dist/webhooks/index.d.ts +8 -0
- package/dist/webhooks/index.d.ts.map +1 -0
- package/dist/webhooks/index.js +8 -0
- package/dist/webhooks/index.js.map +1 -0
- package/dist/webhooks/types.d.ts +57 -0
- package/dist/webhooks/types.d.ts.map +1 -0
- package/dist/webhooks/types.js +5 -0
- package/dist/webhooks/types.js.map +1 -0
- package/dist/webhooks/webhook-dispatcher.d.ts +120 -0
- package/dist/webhooks/webhook-dispatcher.d.ts.map +1 -0
- package/dist/webhooks/webhook-dispatcher.js +519 -0
- package/dist/webhooks/webhook-dispatcher.js.map +1 -0
- package/docs/COMPLIANCE-SPEC.md +1452 -0
- package/package.json +30 -4
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Policy Documentation
|
|
3
|
+
*
|
|
4
|
+
* Machine-readable policy documentation for compliance.
|
|
5
|
+
* Provides structured policies for GDPR, SOC2, and CSSF requirements.
|
|
6
|
+
*
|
|
7
|
+
* Added by Pantheon Security for enterprise compliance support.
|
|
8
|
+
*/
|
|
9
|
+
import type { PolicyDocument, PolicyType } from "./types.js";
|
|
10
|
+
/**
|
|
11
|
+
* Policy Documentation Manager class
|
|
12
|
+
*/
|
|
13
|
+
export declare class PolicyDocManager {
|
|
14
|
+
private static instance;
|
|
15
|
+
private policiesFile;
|
|
16
|
+
private policies;
|
|
17
|
+
private loaded;
|
|
18
|
+
private constructor();
|
|
19
|
+
/**
|
|
20
|
+
* Get singleton instance
|
|
21
|
+
*/
|
|
22
|
+
static getInstance(): PolicyDocManager;
|
|
23
|
+
/**
|
|
24
|
+
* Load policies
|
|
25
|
+
*/
|
|
26
|
+
private load;
|
|
27
|
+
/**
|
|
28
|
+
* Save custom policies
|
|
29
|
+
*/
|
|
30
|
+
private save;
|
|
31
|
+
/**
|
|
32
|
+
* Get all policies
|
|
33
|
+
*/
|
|
34
|
+
getAllPolicies(): Promise<PolicyDocument[]>;
|
|
35
|
+
/**
|
|
36
|
+
* Get policy by ID
|
|
37
|
+
*/
|
|
38
|
+
getPolicy(policyId: string): Promise<PolicyDocument | null>;
|
|
39
|
+
/**
|
|
40
|
+
* Get policies by type
|
|
41
|
+
*/
|
|
42
|
+
getPoliciesByType(type: PolicyType): Promise<PolicyDocument[]>;
|
|
43
|
+
/**
|
|
44
|
+
* Get policies by regulation
|
|
45
|
+
*/
|
|
46
|
+
getPoliciesByRegulation(regulation: string): Promise<PolicyDocument[]>;
|
|
47
|
+
/**
|
|
48
|
+
* Get enforced policies
|
|
49
|
+
*/
|
|
50
|
+
getEnforcedPolicies(): Promise<PolicyDocument[]>;
|
|
51
|
+
/**
|
|
52
|
+
* Get policies due for review
|
|
53
|
+
*/
|
|
54
|
+
getPoliciesDueForReview(): Promise<PolicyDocument[]>;
|
|
55
|
+
/**
|
|
56
|
+
* Add or update a custom policy
|
|
57
|
+
*/
|
|
58
|
+
upsertPolicy(policy: PolicyDocument): Promise<void>;
|
|
59
|
+
/**
|
|
60
|
+
* Remove a custom policy
|
|
61
|
+
*/
|
|
62
|
+
removePolicy(policyId: string): Promise<boolean>;
|
|
63
|
+
/**
|
|
64
|
+
* Get policy summary for compliance dashboard
|
|
65
|
+
*/
|
|
66
|
+
getPolicySummary(): Promise<{
|
|
67
|
+
total_policies: number;
|
|
68
|
+
enforced_policies: number;
|
|
69
|
+
by_type: Record<PolicyType, number>;
|
|
70
|
+
by_regulation: Record<string, number>;
|
|
71
|
+
due_for_review: number;
|
|
72
|
+
}>;
|
|
73
|
+
/**
|
|
74
|
+
* Export policies for audit
|
|
75
|
+
*/
|
|
76
|
+
exportForAudit(): Promise<{
|
|
77
|
+
exported_at: string;
|
|
78
|
+
summary: {
|
|
79
|
+
total_policies: number;
|
|
80
|
+
enforced_policies: number;
|
|
81
|
+
by_type: Record<PolicyType, number>;
|
|
82
|
+
by_regulation: Record<string, number>;
|
|
83
|
+
due_for_review: number;
|
|
84
|
+
};
|
|
85
|
+
policies: PolicyDocument[];
|
|
86
|
+
}>;
|
|
87
|
+
}
|
|
88
|
+
/**
|
|
89
|
+
* Get the policy documentation manager instance
|
|
90
|
+
*/
|
|
91
|
+
export declare function getPolicyDocManager(): PolicyDocManager;
|
|
92
|
+
/**
|
|
93
|
+
* Get all policies
|
|
94
|
+
*/
|
|
95
|
+
export declare function getAllPolicies(): Promise<PolicyDocument[]>;
|
|
96
|
+
/**
|
|
97
|
+
* Get policy by ID
|
|
98
|
+
*/
|
|
99
|
+
export declare function getPolicy(policyId: string): Promise<PolicyDocument | null>;
|
|
100
|
+
/**
|
|
101
|
+
* Get policies by regulation
|
|
102
|
+
*/
|
|
103
|
+
export declare function getPoliciesByRegulation(regulation: string): Promise<PolicyDocument[]>;
|
|
104
|
+
/**
|
|
105
|
+
* Get policy summary
|
|
106
|
+
*/
|
|
107
|
+
export declare function getPolicySummary(): Promise<ReturnType<PolicyDocManager["getPolicySummary"]>>;
|
|
108
|
+
//# sourceMappingURL=policy-docs.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy-docs.d.ts","sourceRoot":"","sources":["../../src/compliance/policy-docs.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAMH,OAAO,KAAK,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAkP7D;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAmB;IAC1C,OAAO,CAAC,YAAY,CAAS;IAC7B,OAAO,CAAC,QAAQ,CAA0C;IAC1D,OAAO,CAAC,MAAM,CAAkB;IAEhC,OAAO;IAKP;;OAEG;WACW,WAAW,IAAI,gBAAgB;IAO7C;;OAEG;YACW,IAAI;IA0BlB;;OAEG;YACW,IAAI;IAkBlB;;OAEG;IACU,cAAc,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAKxD;;OAEG;IACU,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAKxE;;OAEG;IACU,iBAAiB,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IAK3E;;OAEG;IACU,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IAOnF;;OAEG;IACU,mBAAmB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAK7D;;OAEG;IACU,uBAAuB,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;IAUjE;;OAEG;IACU,YAAY,CAAC,MAAM,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;IAMhE;;OAEG;IACU,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAkB7D;;OAEG;IACU,gBAAgB,IAAI,OAAO,CAAC;QACvC,cAAc,EAAE,MAAM,CAAC;QACvB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QACpC,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtC,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC;IAkCF;;OAEG;IACU,cAAc,IAAI,OAAO,CAAC;QACrC,WAAW,EAAE,MAAM,CAAC;QACpB,OAAO,EAAE;YACP,cAAc,EAAE,MAAM,CAAC;YACvB,iBAAiB,EAAE,MAAM,CAAC;YAC1B,OAAO,EAAE,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YACpC,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YACtC,cAAc,EAAE,MAAM,CAAC;SACxB,CAAC;QACF,QAAQ,EAAE,cAAc,EAAE,CAAC;KAC5B,CAAC;CAUH;AAMD;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,gBAAgB,CAEtD;AAMD;;GAEG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC,CAEhE;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC,CAEhF;AAED;;GAEG;AACH,wBAAsB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CAE3F;AAED;;GAEG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,UAAU,CAAC,gBAAgB,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAElG"}
|
|
@@ -0,0 +1,464 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Policy Documentation
|
|
3
|
+
*
|
|
4
|
+
* Machine-readable policy documentation for compliance.
|
|
5
|
+
* Provides structured policies for GDPR, SOC2, and CSSF requirements.
|
|
6
|
+
*
|
|
7
|
+
* Added by Pantheon Security for enterprise compliance support.
|
|
8
|
+
*/
|
|
9
|
+
import path from "path";
|
|
10
|
+
import fs from "fs";
|
|
11
|
+
import { getConfig } from "../config.js";
|
|
12
|
+
import { mkdirSecure, writeFileSecure } from "../utils/file-permissions.js";
|
|
13
|
+
/**
|
|
14
|
+
* Default policies
|
|
15
|
+
*/
|
|
16
|
+
const DEFAULT_POLICIES = [
|
|
17
|
+
{
|
|
18
|
+
id: "policy_privacy",
|
|
19
|
+
type: "privacy_policy",
|
|
20
|
+
version: "1.0.0",
|
|
21
|
+
effective_date: "2025-01-01",
|
|
22
|
+
title: "Privacy Policy",
|
|
23
|
+
description: "Defines how personal data is collected, processed, and protected.",
|
|
24
|
+
full_text: `
|
|
25
|
+
# Privacy Policy
|
|
26
|
+
|
|
27
|
+
## 1. Data Controller
|
|
28
|
+
Pantheon Security acts as the data processor. The user is the data controller for their own data.
|
|
29
|
+
|
|
30
|
+
## 2. Data Collected
|
|
31
|
+
- Browser session data (cookies, local storage)
|
|
32
|
+
- NotebookLM URLs and metadata
|
|
33
|
+
- Query history within sessions
|
|
34
|
+
- Security audit logs
|
|
35
|
+
|
|
36
|
+
## 3. Purpose of Processing
|
|
37
|
+
- Service provision: Enable NotebookLM access via MCP
|
|
38
|
+
- Session management: Maintain authenticated sessions
|
|
39
|
+
- Security: Audit logging and threat detection
|
|
40
|
+
- Compliance: Regulatory requirements
|
|
41
|
+
|
|
42
|
+
## 4. Legal Basis
|
|
43
|
+
- Contract: Core service functionality
|
|
44
|
+
- Legitimate Interest: Security logging
|
|
45
|
+
- Legal Obligation: Audit trail retention
|
|
46
|
+
|
|
47
|
+
## 5. Data Retention
|
|
48
|
+
- Session data: 24 hours
|
|
49
|
+
- Audit logs: 7 years (CSSF requirement)
|
|
50
|
+
- Consent records: 7 years
|
|
51
|
+
|
|
52
|
+
## 6. Data Subject Rights
|
|
53
|
+
- Access: Request copy of personal data
|
|
54
|
+
- Portability: Export in machine-readable format
|
|
55
|
+
- Erasure: Request deletion of personal data
|
|
56
|
+
- Rectification: Correct inaccurate data
|
|
57
|
+
|
|
58
|
+
## 7. Security Measures
|
|
59
|
+
- Post-quantum encryption
|
|
60
|
+
- Certificate pinning
|
|
61
|
+
- Memory scrubbing
|
|
62
|
+
- Tamper-evident logging
|
|
63
|
+
`,
|
|
64
|
+
regulations: ["GDPR"],
|
|
65
|
+
data_types: ["personal_data", "session_data", "audit_logs"],
|
|
66
|
+
enforced: true,
|
|
67
|
+
enforcement_method: "automatic",
|
|
68
|
+
last_reviewed: "2025-01-01",
|
|
69
|
+
next_review: "2026-01-01",
|
|
70
|
+
approved_by: "Pantheon Security",
|
|
71
|
+
},
|
|
72
|
+
{
|
|
73
|
+
id: "policy_retention",
|
|
74
|
+
type: "data_retention",
|
|
75
|
+
version: "1.0.0",
|
|
76
|
+
effective_date: "2025-01-01",
|
|
77
|
+
title: "Data Retention Policy",
|
|
78
|
+
description: "Defines retention periods and disposal procedures for all data types.",
|
|
79
|
+
full_text: `
|
|
80
|
+
# Data Retention Policy
|
|
81
|
+
|
|
82
|
+
## 1. Purpose
|
|
83
|
+
Ensure data is retained for appropriate periods and disposed of securely.
|
|
84
|
+
|
|
85
|
+
## 2. Retention Periods
|
|
86
|
+
|
|
87
|
+
| Data Type | Retention Period | Reason |
|
|
88
|
+
|-----------|-----------------|--------|
|
|
89
|
+
| Audit logs | 7 years | CSSF Circular 20/750 |
|
|
90
|
+
| Compliance events | 7 years | CSSF Circular 20/750 |
|
|
91
|
+
| Consent records | 7 years | GDPR Article 7 |
|
|
92
|
+
| Session data | 24 hours | Operational necessity |
|
|
93
|
+
| Browser cache | 7 days | Performance |
|
|
94
|
+
| Error logs | 30 days | Troubleshooting |
|
|
95
|
+
|
|
96
|
+
## 3. Disposal Procedures
|
|
97
|
+
- Audit logs: Archived with integrity verification
|
|
98
|
+
- Session data: Secure deletion (3-pass overwrite)
|
|
99
|
+
- Credentials: Crypto shred (key destruction)
|
|
100
|
+
|
|
101
|
+
## 4. Exceptions
|
|
102
|
+
- Data involved in legal proceedings: Extended retention
|
|
103
|
+
- Security incidents: Extended retention for investigation
|
|
104
|
+
|
|
105
|
+
## 5. Review
|
|
106
|
+
This policy is reviewed annually or upon regulatory change.
|
|
107
|
+
`,
|
|
108
|
+
regulations: ["GDPR", "CSSF"],
|
|
109
|
+
data_types: ["audit_logs", "session_data", "credentials"],
|
|
110
|
+
enforced: true,
|
|
111
|
+
enforcement_method: "automatic",
|
|
112
|
+
last_reviewed: "2025-01-01",
|
|
113
|
+
next_review: "2026-01-01",
|
|
114
|
+
approved_by: "Pantheon Security",
|
|
115
|
+
},
|
|
116
|
+
{
|
|
117
|
+
id: "policy_access_control",
|
|
118
|
+
type: "access_control",
|
|
119
|
+
version: "1.0.0",
|
|
120
|
+
effective_date: "2025-01-01",
|
|
121
|
+
title: "Access Control Policy",
|
|
122
|
+
description: "Defines authentication and authorization requirements.",
|
|
123
|
+
full_text: `
|
|
124
|
+
# Access Control Policy
|
|
125
|
+
|
|
126
|
+
## 1. Authentication
|
|
127
|
+
- Token-based MCP authentication (optional, recommended)
|
|
128
|
+
- Rate limiting: 5 failed attempts = 5 minute lockout
|
|
129
|
+
- Session timeout: 8 hours hard limit, 30 minutes inactivity
|
|
130
|
+
|
|
131
|
+
## 2. Authorization
|
|
132
|
+
- All data is local to the user
|
|
133
|
+
- No multi-user access control required
|
|
134
|
+
- Browser sessions are user-specific
|
|
135
|
+
|
|
136
|
+
## 3. Password/Token Requirements
|
|
137
|
+
- Minimum 32 bytes of entropy
|
|
138
|
+
- Generated via cryptographically secure random number generator
|
|
139
|
+
|
|
140
|
+
## 4. Session Management
|
|
141
|
+
- Hard timeout: 8 hours maximum session duration
|
|
142
|
+
- Inactivity timeout: 30 minutes
|
|
143
|
+
- Secure session storage (encrypted)
|
|
144
|
+
|
|
145
|
+
## 5. Logging
|
|
146
|
+
- All authentication events are logged
|
|
147
|
+
- Failed attempts are tracked for lockout
|
|
148
|
+
- Session lifecycle events recorded
|
|
149
|
+
`,
|
|
150
|
+
regulations: ["SOC2"],
|
|
151
|
+
data_types: ["credentials", "session_data"],
|
|
152
|
+
enforced: true,
|
|
153
|
+
enforcement_method: "automatic",
|
|
154
|
+
last_reviewed: "2025-01-01",
|
|
155
|
+
next_review: "2026-01-01",
|
|
156
|
+
approved_by: "Pantheon Security",
|
|
157
|
+
},
|
|
158
|
+
{
|
|
159
|
+
id: "policy_encryption",
|
|
160
|
+
type: "encryption",
|
|
161
|
+
version: "1.0.0",
|
|
162
|
+
effective_date: "2025-01-01",
|
|
163
|
+
title: "Encryption Policy",
|
|
164
|
+
description: "Defines encryption standards and key management procedures.",
|
|
165
|
+
full_text: `
|
|
166
|
+
# Encryption Policy
|
|
167
|
+
|
|
168
|
+
## 1. Encryption at Rest
|
|
169
|
+
- Algorithm: ML-KEM-768 + ChaCha20-Poly1305 (hybrid post-quantum)
|
|
170
|
+
- Key derivation: HKDF with secure random salt
|
|
171
|
+
- All sensitive data encrypted by default
|
|
172
|
+
|
|
173
|
+
## 2. Encryption in Transit
|
|
174
|
+
- TLS 1.3 minimum
|
|
175
|
+
- Certificate pinning for Google connections
|
|
176
|
+
- HSTS enforced
|
|
177
|
+
|
|
178
|
+
## 3. Key Management
|
|
179
|
+
- Keys generated using CSPRNG
|
|
180
|
+
- Keys stored in encrypted format
|
|
181
|
+
- Key rotation: On demand (manual)
|
|
182
|
+
- Key destruction: Secure overwrite (7 passes)
|
|
183
|
+
|
|
184
|
+
## 4. What's Encrypted
|
|
185
|
+
- Browser cookies and session state
|
|
186
|
+
- Notebook library metadata
|
|
187
|
+
- Audit logs (optional)
|
|
188
|
+
- PQ encryption keys (double encrypted)
|
|
189
|
+
|
|
190
|
+
## 5. Post-Quantum Readiness
|
|
191
|
+
Hybrid encryption provides protection against:
|
|
192
|
+
- Current classical attacks
|
|
193
|
+
- Future quantum computer attacks
|
|
194
|
+
`,
|
|
195
|
+
regulations: ["SOC2", "GDPR"],
|
|
196
|
+
data_types: ["credentials", "session_data", "notebook_metadata"],
|
|
197
|
+
enforced: true,
|
|
198
|
+
enforcement_method: "automatic",
|
|
199
|
+
last_reviewed: "2025-01-01",
|
|
200
|
+
next_review: "2026-01-01",
|
|
201
|
+
approved_by: "Pantheon Security",
|
|
202
|
+
},
|
|
203
|
+
{
|
|
204
|
+
id: "policy_incident_response",
|
|
205
|
+
type: "incident_response",
|
|
206
|
+
version: "1.0.0",
|
|
207
|
+
effective_date: "2025-01-01",
|
|
208
|
+
title: "Incident Response Policy",
|
|
209
|
+
description: "Defines procedures for security incident detection and response.",
|
|
210
|
+
full_text: `
|
|
211
|
+
# Incident Response Policy
|
|
212
|
+
|
|
213
|
+
## 1. Incident Classification
|
|
214
|
+
- Critical: Data breach, unauthorized access
|
|
215
|
+
- High: Failed encryption, cert pinning violation
|
|
216
|
+
- Medium: Unusual access patterns, mass export
|
|
217
|
+
- Low: Policy violations, configuration errors
|
|
218
|
+
|
|
219
|
+
## 2. Detection
|
|
220
|
+
- Automated breach detection rules
|
|
221
|
+
- Real-time monitoring of security events
|
|
222
|
+
- Threshold-based alerting
|
|
223
|
+
|
|
224
|
+
## 3. Response Procedures
|
|
225
|
+
1. Detect: Automated detection via rules
|
|
226
|
+
2. Contain: Block affected patterns/users
|
|
227
|
+
3. Investigate: Root cause analysis
|
|
228
|
+
4. Remediate: Fix underlying issue
|
|
229
|
+
5. Recover: Restore normal operations
|
|
230
|
+
6. Review: Post-incident analysis
|
|
231
|
+
|
|
232
|
+
## 4. Notification Requirements
|
|
233
|
+
- GDPR: 72 hours for data breaches
|
|
234
|
+
- CSSF: Immediate for significant incidents
|
|
235
|
+
- Internal: Alert on detection
|
|
236
|
+
|
|
237
|
+
## 5. Documentation
|
|
238
|
+
- All incidents logged with full timeline
|
|
239
|
+
- Actions taken recorded
|
|
240
|
+
- Root cause documented
|
|
241
|
+
- Remediation tracked
|
|
242
|
+
`,
|
|
243
|
+
regulations: ["GDPR", "SOC2", "CSSF"],
|
|
244
|
+
data_types: ["audit_logs", "security_logs"],
|
|
245
|
+
enforced: true,
|
|
246
|
+
enforcement_method: "automatic",
|
|
247
|
+
last_reviewed: "2025-01-01",
|
|
248
|
+
next_review: "2026-01-01",
|
|
249
|
+
approved_by: "Pantheon Security",
|
|
250
|
+
},
|
|
251
|
+
];
|
|
252
|
+
/**
|
|
253
|
+
* Policy Documentation Manager class
|
|
254
|
+
*/
|
|
255
|
+
export class PolicyDocManager {
|
|
256
|
+
static instance;
|
|
257
|
+
policiesFile;
|
|
258
|
+
policies = new Map();
|
|
259
|
+
loaded = false;
|
|
260
|
+
constructor() {
|
|
261
|
+
const config = getConfig();
|
|
262
|
+
this.policiesFile = path.join(config.configDir, "policies.json");
|
|
263
|
+
}
|
|
264
|
+
/**
|
|
265
|
+
* Get singleton instance
|
|
266
|
+
*/
|
|
267
|
+
static getInstance() {
|
|
268
|
+
if (!PolicyDocManager.instance) {
|
|
269
|
+
PolicyDocManager.instance = new PolicyDocManager();
|
|
270
|
+
}
|
|
271
|
+
return PolicyDocManager.instance;
|
|
272
|
+
}
|
|
273
|
+
/**
|
|
274
|
+
* Load policies
|
|
275
|
+
*/
|
|
276
|
+
async load() {
|
|
277
|
+
if (this.loaded)
|
|
278
|
+
return;
|
|
279
|
+
// Load default policies
|
|
280
|
+
for (const policy of DEFAULT_POLICIES) {
|
|
281
|
+
this.policies.set(policy.id, policy);
|
|
282
|
+
}
|
|
283
|
+
// Load custom policies
|
|
284
|
+
try {
|
|
285
|
+
if (fs.existsSync(this.policiesFile)) {
|
|
286
|
+
const content = fs.readFileSync(this.policiesFile, "utf-8");
|
|
287
|
+
const data = JSON.parse(content);
|
|
288
|
+
if (data.policies && Array.isArray(data.policies)) {
|
|
289
|
+
for (const policy of data.policies) {
|
|
290
|
+
this.policies.set(policy.id, policy);
|
|
291
|
+
}
|
|
292
|
+
}
|
|
293
|
+
}
|
|
294
|
+
}
|
|
295
|
+
catch {
|
|
296
|
+
// Use defaults
|
|
297
|
+
}
|
|
298
|
+
this.loaded = true;
|
|
299
|
+
}
|
|
300
|
+
/**
|
|
301
|
+
* Save custom policies
|
|
302
|
+
*/
|
|
303
|
+
async save() {
|
|
304
|
+
const dir = path.dirname(this.policiesFile);
|
|
305
|
+
mkdirSecure(dir);
|
|
306
|
+
// Only save custom policies
|
|
307
|
+
const customPolicies = Array.from(this.policies.values()).filter(p => !DEFAULT_POLICIES.find(dp => dp.id === p.id));
|
|
308
|
+
const data = {
|
|
309
|
+
version: "1.0.0",
|
|
310
|
+
last_updated: new Date().toISOString(),
|
|
311
|
+
policies: customPolicies,
|
|
312
|
+
};
|
|
313
|
+
writeFileSecure(this.policiesFile, JSON.stringify(data, null, 2));
|
|
314
|
+
}
|
|
315
|
+
/**
|
|
316
|
+
* Get all policies
|
|
317
|
+
*/
|
|
318
|
+
async getAllPolicies() {
|
|
319
|
+
await this.load();
|
|
320
|
+
return Array.from(this.policies.values());
|
|
321
|
+
}
|
|
322
|
+
/**
|
|
323
|
+
* Get policy by ID
|
|
324
|
+
*/
|
|
325
|
+
async getPolicy(policyId) {
|
|
326
|
+
await this.load();
|
|
327
|
+
return this.policies.get(policyId) || null;
|
|
328
|
+
}
|
|
329
|
+
/**
|
|
330
|
+
* Get policies by type
|
|
331
|
+
*/
|
|
332
|
+
async getPoliciesByType(type) {
|
|
333
|
+
await this.load();
|
|
334
|
+
return Array.from(this.policies.values()).filter(p => p.type === type);
|
|
335
|
+
}
|
|
336
|
+
/**
|
|
337
|
+
* Get policies by regulation
|
|
338
|
+
*/
|
|
339
|
+
async getPoliciesByRegulation(regulation) {
|
|
340
|
+
await this.load();
|
|
341
|
+
return Array.from(this.policies.values()).filter(p => p.regulations.includes(regulation));
|
|
342
|
+
}
|
|
343
|
+
/**
|
|
344
|
+
* Get enforced policies
|
|
345
|
+
*/
|
|
346
|
+
async getEnforcedPolicies() {
|
|
347
|
+
await this.load();
|
|
348
|
+
return Array.from(this.policies.values()).filter(p => p.enforced);
|
|
349
|
+
}
|
|
350
|
+
/**
|
|
351
|
+
* Get policies due for review
|
|
352
|
+
*/
|
|
353
|
+
async getPoliciesDueForReview() {
|
|
354
|
+
await this.load();
|
|
355
|
+
const now = new Date();
|
|
356
|
+
return Array.from(this.policies.values()).filter(p => {
|
|
357
|
+
const nextReview = new Date(p.next_review);
|
|
358
|
+
return nextReview <= now;
|
|
359
|
+
});
|
|
360
|
+
}
|
|
361
|
+
/**
|
|
362
|
+
* Add or update a custom policy
|
|
363
|
+
*/
|
|
364
|
+
async upsertPolicy(policy) {
|
|
365
|
+
await this.load();
|
|
366
|
+
this.policies.set(policy.id, policy);
|
|
367
|
+
await this.save();
|
|
368
|
+
}
|
|
369
|
+
/**
|
|
370
|
+
* Remove a custom policy
|
|
371
|
+
*/
|
|
372
|
+
async removePolicy(policyId) {
|
|
373
|
+
await this.load();
|
|
374
|
+
// Don't remove default policies
|
|
375
|
+
if (DEFAULT_POLICIES.find(p => p.id === policyId)) {
|
|
376
|
+
return false;
|
|
377
|
+
}
|
|
378
|
+
if (!this.policies.has(policyId)) {
|
|
379
|
+
return false;
|
|
380
|
+
}
|
|
381
|
+
this.policies.delete(policyId);
|
|
382
|
+
await this.save();
|
|
383
|
+
return true;
|
|
384
|
+
}
|
|
385
|
+
/**
|
|
386
|
+
* Get policy summary for compliance dashboard
|
|
387
|
+
*/
|
|
388
|
+
async getPolicySummary() {
|
|
389
|
+
await this.load();
|
|
390
|
+
const policies = Array.from(this.policies.values());
|
|
391
|
+
const byType = {
|
|
392
|
+
privacy_policy: 0,
|
|
393
|
+
data_retention: 0,
|
|
394
|
+
access_control: 0,
|
|
395
|
+
encryption: 0,
|
|
396
|
+
incident_response: 0,
|
|
397
|
+
acceptable_use: 0,
|
|
398
|
+
};
|
|
399
|
+
const byRegulation = {};
|
|
400
|
+
for (const policy of policies) {
|
|
401
|
+
byType[policy.type]++;
|
|
402
|
+
for (const reg of policy.regulations) {
|
|
403
|
+
byRegulation[reg] = (byRegulation[reg] || 0) + 1;
|
|
404
|
+
}
|
|
405
|
+
}
|
|
406
|
+
const dueForReview = (await this.getPoliciesDueForReview()).length;
|
|
407
|
+
return {
|
|
408
|
+
total_policies: policies.length,
|
|
409
|
+
enforced_policies: policies.filter(p => p.enforced).length,
|
|
410
|
+
by_type: byType,
|
|
411
|
+
by_regulation: byRegulation,
|
|
412
|
+
due_for_review: dueForReview,
|
|
413
|
+
};
|
|
414
|
+
}
|
|
415
|
+
/**
|
|
416
|
+
* Export policies for audit
|
|
417
|
+
*/
|
|
418
|
+
async exportForAudit() {
|
|
419
|
+
const summary = await this.getPolicySummary();
|
|
420
|
+
const policies = await this.getAllPolicies();
|
|
421
|
+
return {
|
|
422
|
+
exported_at: new Date().toISOString(),
|
|
423
|
+
summary,
|
|
424
|
+
policies,
|
|
425
|
+
};
|
|
426
|
+
}
|
|
427
|
+
}
|
|
428
|
+
// ============================================
|
|
429
|
+
// SINGLETON ACCESS
|
|
430
|
+
// ============================================
|
|
431
|
+
/**
|
|
432
|
+
* Get the policy documentation manager instance
|
|
433
|
+
*/
|
|
434
|
+
export function getPolicyDocManager() {
|
|
435
|
+
return PolicyDocManager.getInstance();
|
|
436
|
+
}
|
|
437
|
+
// ============================================
|
|
438
|
+
// CONVENIENCE EXPORTS
|
|
439
|
+
// ============================================
|
|
440
|
+
/**
|
|
441
|
+
* Get all policies
|
|
442
|
+
*/
|
|
443
|
+
export async function getAllPolicies() {
|
|
444
|
+
return getPolicyDocManager().getAllPolicies();
|
|
445
|
+
}
|
|
446
|
+
/**
|
|
447
|
+
* Get policy by ID
|
|
448
|
+
*/
|
|
449
|
+
export async function getPolicy(policyId) {
|
|
450
|
+
return getPolicyDocManager().getPolicy(policyId);
|
|
451
|
+
}
|
|
452
|
+
/**
|
|
453
|
+
* Get policies by regulation
|
|
454
|
+
*/
|
|
455
|
+
export async function getPoliciesByRegulation(regulation) {
|
|
456
|
+
return getPolicyDocManager().getPoliciesByRegulation(regulation);
|
|
457
|
+
}
|
|
458
|
+
/**
|
|
459
|
+
* Get policy summary
|
|
460
|
+
*/
|
|
461
|
+
export async function getPolicySummary() {
|
|
462
|
+
return getPolicyDocManager().getPolicySummary();
|
|
463
|
+
}
|
|
464
|
+
//# sourceMappingURL=policy-docs.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"policy-docs.js","sourceRoot":"","sources":["../../src/compliance/policy-docs.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAG5E;;GAEG;AACH,MAAM,gBAAgB,GAAqB;IACzC;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;QAChB,cAAc,EAAE,YAAY;QAC5B,KAAK,EAAE,gBAAgB;QACvB,WAAW,EAAE,mEAAmE;QAChF,SAAS,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAuCV;QACD,WAAW,EAAE,CAAC,MAAM,CAAC;QACrB,UAAU,EAAE,CAAC,eAAe,EAAE,cAAc,EAAE,YAAY,CAAC;QAC3D,QAAQ,EAAE,IAAI;QACd,kBAAkB,EAAE,WAAW;QAC/B,aAAa,EAAE,YAAY;QAC3B,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,mBAAmB;KACjC;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;QAChB,cAAc,EAAE,YAAY;QAC5B,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,uEAAuE;QACpF,SAAS,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;KA4BV;QACD,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC;QAC7B,UAAU,EAAE,CAAC,YAAY,EAAE,cAAc,EAAE,aAAa,CAAC;QACzD,QAAQ,EAAE,IAAI;QACd,kBAAkB,EAAE,WAAW;QAC/B,aAAa,EAAE,YAAY;QAC3B,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,mBAAmB;KACjC;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,OAAO;QAChB,cAAc,EAAE,YAAY;QAC5B,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,wDAAwD;QACrE,SAAS,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;KA0BV;QACD,WAAW,EAAE,CAAC,MAAM,CAAC;QACrB,UAAU,EAAE,CAAC,aAAa,EAAE,cAAc,CAAC;QAC3C,QAAQ,EAAE,IAAI;QACd,kBAAkB,EAAE,WAAW;QAC/B,aAAa,EAAE,YAAY;QAC3B,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,mBAAmB;KACjC;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,YAAY;QAClB,OAAO,EAAE,OAAO;QAChB,cAAc,EAAE,YAAY;QAC5B,KAAK,EAAE,mBAAmB;QAC1B,WAAW,EAAE,6DAA6D;QAC1E,SAAS,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KA6BV;QACD,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC;QAC7B,UAAU,EAAE,CAAC,aAAa,EAAE,cAAc,EAAE,mBAAmB,CAAC;QAChE,QAAQ,EAAE,IAAI;QACd,kBAAkB,EAAE,WAAW;QAC/B,aAAa,EAAE,YAAY;QAC3B,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,mBAAmB;KACjC;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,OAAO;QAChB,cAAc,EAAE,YAAY;QAC5B,KAAK,EAAE,0BAA0B;QACjC,WAAW,EAAE,kEAAkE;QAC/E,SAAS,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAgCV;QACD,WAAW,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;QACrC,UAAU,EAAE,CAAC,YAAY,EAAE,eAAe,CAAC;QAC3C,QAAQ,EAAE,IAAI;QACd,kBAAkB,EAAE,WAAW;QAC/B,aAAa,EAAE,YAAY;QAC3B,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,mBAAmB;KACjC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,gBAAgB;IACnB,MAAM,CAAC,QAAQ,CAAmB;IAClC,YAAY,CAAS;IACrB,QAAQ,GAAgC,IAAI,GAAG,EAAE,CAAC;IAClD,MAAM,GAAY,KAAK,CAAC;IAEhC;QACE,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IACnE,CAAC;IAED;;OAEG;IACI,MAAM,CAAC,WAAW;QACvB,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,CAAC;YAC/B,gBAAgB,CAAC,QAAQ,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACrD,CAAC;QACD,OAAO,gBAAgB,CAAC,QAAQ,CAAC;IACnC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,IAAI;QAChB,IAAI,IAAI,CAAC,MAAM;YAAE,OAAO;QAExB,wBAAwB;QACxB,KAAK,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;YACtC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QACvC,CAAC;QAED,uBAAuB;QACvB,IAAI,CAAC;YACH,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBACrC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;gBAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBACjC,IAAI,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAClD,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;wBACnC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;oBACvC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,eAAe;QACjB,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC;IACrB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,IAAI;QAChB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC5C,WAAW,CAAC,GAAG,CAAC,CAAC;QAEjB,4BAA4B;QAC5B,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAC9D,CAAC,CAAC,EAAE,CAAC,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAClD,CAAC;QAEF,MAAM,IAAI,GAAG;YACX,OAAO,EAAE,OAAO;YAChB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACtC,QAAQ,EAAE,cAAc;SACzB,CAAC;QAEF,eAAe,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QACzB,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,SAAS,CAAC,QAAgB;QACrC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;IAC7C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB,CAAC,IAAgB;QAC7C,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IACzE,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,uBAAuB,CAAC,UAAkB;QACrD,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAC9C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,CACxC,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,mBAAmB;QAC9B,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACpE,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,uBAAuB;QAClC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QAEvB,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;YACnD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;YAC3C,OAAO,UAAU,IAAI,GAAG,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,MAAsB;QAC9C,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QACrC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;IACpB,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY,CAAC,QAAgB;QACxC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,gCAAgC;QAChC,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC/B,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,gBAAgB;QAO3B,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QAElB,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAEpD,MAAM,MAAM,GAA+B;YACzC,cAAc,EAAE,CAAC;YACjB,cAAc,EAAE,CAAC;YACjB,cAAc,EAAE,CAAC;YACjB,UAAU,EAAE,CAAC;YACb,iBAAiB,EAAE,CAAC;YACpB,cAAc,EAAE,CAAC;SAClB,CAAC;QAEF,MAAM,YAAY,GAA2B,EAAE,CAAC;QAEhD,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACtB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACrC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACnD,CAAC;QACH,CAAC;QAED,MAAM,YAAY,GAAG,CAAC,MAAM,IAAI,CAAC,uBAAuB,EAAE,CAAC,CAAC,MAAM,CAAC;QAEnE,OAAO;YACL,cAAc,EAAE,QAAQ,CAAC,MAAM;YAC/B,iBAAiB,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM;YAC1D,OAAO,EAAE,MAAM;YACf,aAAa,EAAE,YAAY;YAC3B,cAAc,EAAE,YAAY;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QAWzB,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QAC9C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAE7C,OAAO;YACL,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,OAAO;YACP,QAAQ;SACT,CAAC;IACJ,CAAC;CACF;AAED,+CAA+C;AAC/C,mBAAmB;AACnB,+CAA+C;AAE/C;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,OAAO,gBAAgB,CAAC,WAAW,EAAE,CAAC;AACxC,CAAC;AAED,+CAA+C;AAC/C,sBAAsB;AACtB,+CAA+C;AAE/C;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,OAAO,mBAAmB,EAAE,CAAC,cAAc,EAAE,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,QAAgB;IAC9C,OAAO,mBAAmB,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,UAAkB;IAC9D,OAAO,mBAAmB,EAAE,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,OAAO,mBAAmB,EAAE,CAAC,gBAAgB,EAAE,CAAC;AAClD,CAAC"}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Privacy Notice Text Content
|
|
3
|
+
*
|
|
4
|
+
* Contains the privacy notice content for display to users.
|
|
5
|
+
* Structured for GDPR compliance (Articles 13/14).
|
|
6
|
+
*
|
|
7
|
+
* Added by Pantheon Security for enterprise compliance support.
|
|
8
|
+
*/
|
|
9
|
+
import type { PrivacyNotice } from "./types.js";
|
|
10
|
+
/**
|
|
11
|
+
* Current privacy notice version
|
|
12
|
+
*/
|
|
13
|
+
export declare const PRIVACY_NOTICE_VERSION = "1.0.0";
|
|
14
|
+
/**
|
|
15
|
+
* Full privacy notice content
|
|
16
|
+
*/
|
|
17
|
+
export declare const PRIVACY_NOTICE: PrivacyNotice;
|
|
18
|
+
/**
|
|
19
|
+
* CLI-formatted privacy notice for terminal display
|
|
20
|
+
*/
|
|
21
|
+
export declare function getPrivacyNoticeCLI(): string;
|
|
22
|
+
/**
|
|
23
|
+
* Compact privacy notice for JSON responses
|
|
24
|
+
*/
|
|
25
|
+
export declare function getPrivacyNoticeCompact(): {
|
|
26
|
+
version: string;
|
|
27
|
+
summary: string;
|
|
28
|
+
data_collected: string[];
|
|
29
|
+
purposes: string[];
|
|
30
|
+
rights: string[];
|
|
31
|
+
full_notice_url: string;
|
|
32
|
+
};
|
|
33
|
+
/**
|
|
34
|
+
* Get structured privacy notice for MCP tool response
|
|
35
|
+
*/
|
|
36
|
+
export declare function getPrivacyNoticeStructured(): {
|
|
37
|
+
version: string;
|
|
38
|
+
effective_date: string;
|
|
39
|
+
data_controller: string;
|
|
40
|
+
data_collected: string[];
|
|
41
|
+
purposes: string[];
|
|
42
|
+
legal_basis: string[];
|
|
43
|
+
retention: string;
|
|
44
|
+
rights: string[];
|
|
45
|
+
contact: string;
|
|
46
|
+
};
|
|
47
|
+
/**
|
|
48
|
+
* Get data processing agreement summary
|
|
49
|
+
*/
|
|
50
|
+
export declare function getProcessingAgreement(): {
|
|
51
|
+
version: string;
|
|
52
|
+
processor: string;
|
|
53
|
+
sub_processors: string[];
|
|
54
|
+
data_location: string;
|
|
55
|
+
security_measures: string[];
|
|
56
|
+
breach_notification: string;
|
|
57
|
+
};
|
|
58
|
+
//# sourceMappingURL=privacy-notice-text.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"privacy-notice-text.d.ts","sourceRoot":"","sources":["../../src/compliance/privacy-notice-text.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD;;GAEG;AACH,eAAO,MAAM,sBAAsB,UAAU,CAAC;AAE9C;;GAEG;AACH,eAAO,MAAM,cAAc,EAAE,aAkE5B,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,MAAM,CAgC5C;AAED;;GAEG;AACH,wBAAgB,uBAAuB,IAAI;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;CACzB,CAUA;AAED;;GAEG;AACH,wBAAgB,0BAA0B,IAAI;IAC5C,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB,CAYA;AAED;;GAEG;AACH,wBAAgB,sBAAsB,IAAI;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,mBAAmB,EAAE,MAAM,CAAC;CAC7B,CAiBA"}
|