@parmanasystems/execution-runtime 1.65.0

package/README.md

@@ -0,0 +1,26 @@
+\# @parmanasystems/execution-runtime
+
+
+
+Runtime orchestration layer for Parmana Systems deterministic governance execution.
+
+
+
+Provides:
+
+
+
+\- executeFromSignals
+
+\- replay protection
+
+\- Redis replay coordination
+
+\- batch execution
+
+\- runtime execution orchestration
+
+
+
+This package separates operational execution flows from deterministic execution-core semantics.
+

package/dist/index.d.ts

@@ -0,0 +1,105 @@
+import * as _parmanasystems_execution from '@parmanasystems/execution';
+import { Signer, Verifier, ReplayStore, ExecutionAttestation, ExecutionContext, AsyncReplayStore, DecisionResult } from '@parmanasystems/execution';
+
+declare function executeFromSignals(input: {
+    policyId: string;
+    policyVersion: string;
+    signals: Record<string, unknown>;
+}, signer: Signer, verifier: Verifier, replayStore: ReplayStore): Promise<ExecutionAttestation>;
+
+/**
+ * 🟢 ASYNC ADAPTER
+ * Handles distributed replay protection
+ * while preserving deterministic execution core.
+ */
+declare function executeWithRedis(context: ExecutionContext, redisStore: AsyncReplayStore): Promise<ExecutionAttestation>;
+
+/**
+ * Executes multiple records sequentially.
+ *
+ * Each record is processed independently.
+ * Errors are captured per-record (fail-isolated).
+ */
+declare function executeBatch(records: Array<{
+    policyId: string;
+    policyVersion: string;
+    signals: Record<string, unknown>;
+    governed_time: string;
+}>, signer: Signer, verifier: Verifier, replayStore: AsyncReplayStore): Promise<({
+    input: {
+        policyId: string;
+        policyVersion: string;
+        signals: Record<string, unknown>;
+        governed_time: string;
+    };
+    output: _parmanasystems_execution.ExecutionAttestation;
+} | {
+    input: {
+        policyId: string;
+        policyVersion: string;
+        signals: Record<string, unknown>;
+        governed_time: string;
+    };
+    output: {
+        status: string;
+        error: string;
+    };
+})[]>;
+
+/**
+ * 🔒 Distributed replay protection
+ *
+ * Replay protection operates on deterministic
+ * semantic execution fingerprints rather than
+ * operational execution IDs.
+ */
+declare class RedisReplayStore implements AsyncReplayStore {
+    private client;
+    constructor(url: string);
+    hasExecuted(execution_fingerprint: string): Promise<boolean>;
+    markExecuted(execution_fingerprint: string): Promise<void>;
+    get(key: string): Promise<string | null>;
+    set(key: string, value: string): Promise<void>;
+    del(key: string): Promise<void>;
+    close(): Promise<void>;
+}
+
+/**
+ * 🔒 In-memory replay protection
+ *
+ * Replay protection operates on deterministic
+ * semantic execution fingerprints rather than
+ * operational execution IDs.
+ */
+declare class MemoryReplayStore implements ReplayStore {
+    private store;
+    markExecuted(execution_fingerprint: string): Promise<void>;
+    hasExecuted(execution_fingerprint: string): Promise<boolean>;
+}
+
+declare function resolveOverride(executionId: string, replayStore: AsyncReplayStore & {
+    get: (key: string) => Promise<string | null>;
+    del: (key: string) => Promise<void>;
+}, signer: Signer, verifier: Verifier): Promise<{
+    status: "success";
+    executionId: string;
+    signature: string;
+    resolved: boolean;
+}>;
+
+declare function addReviewTask(task: any): void;
+declare function getAllTasks(): any;
+
+interface DryRunResult {
+    policyId: string;
+    policyVersion: string;
+    schemaVersion: string;
+    decision: DecisionResult;
+    rule_trace: string[];
+    governed: false;
+    dry_run: true;
+    evaluated_at: string;
+}
+declare function evaluateDryRun(policyId: string, policyVersion: string, signals: Record<string, unknown>, governed_time?: string): DryRunResult;
+
+export { type DryRunResult, MemoryReplayStore, RedisReplayStore, addReviewTask, evaluateDryRun, executeBatch, executeFromSignals, executeWithRedis, getAllTasks, resolveOverride };

package/dist/index.js

@@ -0,0 +1,263 @@
+// src/execute-from-signals.ts
+import {
+  executeDecision,
+  issueToken,
+  getRuntimeManifest,
+  evaluatePolicy,
+  loadPolicy,
+  canonicalizeForSigning
+} from "@parmanasystems/execution";
+import crypto from "crypto";
+async function executeFromSignals(input, signer, verifier, replayStore) {
+  const policy = loadPolicy(
+    input.policyId,
+    input.policyVersion
+  );
+  const decision = evaluatePolicy(
+    policy,
+    input.signals
+  );
+  if (decision.status !== "decided") {
+    throw new Error(
+      "[SYS-006] Policy evaluation returned undecided"
+    );
+  }
+  const execution_fingerprint = crypto.createHash("sha256").update(
+    JSON.stringify({
+      policyId: input.policyId,
+      policyVersion: input.policyVersion,
+      signals: input.signals
+    })
+  ).digest("hex");
+  replayStore.markExecuted(
+    execution_fingerprint
+  );
+  const runtimeManifest = getRuntimeManifest();
+  const token = issueToken({
+    executionId: execution_fingerprint,
+    policyId: input.policyId,
+    policyVersion: input.policyVersion,
+    schemaVersion: policy.schemaVersion,
+    runtimeVersion: runtimeManifest.runtimeVersion,
+    decision_payload: decision.outcome,
+    signalsHash: execution_fingerprint
+  });
+  const token_signature = signer.sign(
+    canonicalizeForSigning(
+      token
+    )
+  );
+  return executeDecision({
+    token,
+    execution_fingerprint,
+    token_signature,
+    signer,
+    verifier,
+    runtime_manifest: runtimeManifest,
+    runtime_requirements: {
+      supported_runtimeVersions: [
+        runtimeManifest.runtimeVersion
+      ],
+      supported_schemaVersions: runtimeManifest.supported_schemaVersions
+    }
+  });
+}
+
+// src/execute-with-redis.ts
+import {
+  executeDecision as executeDecision2
+} from "@parmanasystems/execution";
+async function executeWithRedis(context, redisStore) {
+  await redisStore.markExecuted(
+    context.execution_fingerprint
+  );
+  return executeDecision2(
+    context
+  );
+}
+
+// src/execute-batch.ts
+async function executeBatch(records, signer, verifier, replayStore) {
+  const outputs = [];
+  for (const record of records) {
+    try {
+      const output = await executeFromSignals(
+        record,
+        signer,
+        verifier,
+        replayStore
+      );
+      outputs.push({
+        input: record,
+        output
+      });
+    } catch (err) {
+      outputs.push({
+        input: record,
+        output: {
+          status: "error",
+          error: err instanceof Error ? err.message : "Unknown error"
+        }
+      });
+    }
+  }
+  return outputs;
+}
+
+// src/redis-replay-store.ts
+import Redis from "ioredis";
+var RedisReplayStore = class {
+  constructor(url) {
+    this.client = new Redis(url);
+  }
+  async hasExecuted(execution_fingerprint) {
+    const res = await this.client.exists(
+      `exec:${execution_fingerprint}`
+    );
+    return res === 1;
+  }
+  async markExecuted(execution_fingerprint) {
+    const result = await this.client.set(
+      `exec:${execution_fingerprint}`,
+      "1",
+      "NX"
+    );
+    if (result !== "OK") {
+      throw new Error(
+        `[INV-013@replay] Replay detected: execution_fingerprint ${execution_fingerprint} has already been consumed`
+      );
+    }
+  }
+  async get(key) {
+    return this.client.get(key);
+  }
+  async set(key, value) {
+    await this.client.set(
+      key,
+      value
+    );
+  }
+  async del(key) {
+    await this.client.del(key);
+  }
+  async close() {
+    await this.client.quit();
+  }
+};
+
+// src/memory-replay-store.ts
+var MemoryReplayStore = class {
+  constructor() {
+    this.store = /* @__PURE__ */ new Set();
+  }
+  async markExecuted(execution_fingerprint) {
+    if (this.store.has(
+      execution_fingerprint
+    )) {
+      throw new Error(
+        `[INV-013@replay] Replay detected: execution_fingerprint ${execution_fingerprint} has already been consumed`
+      );
+    }
+    this.store.add(
+      execution_fingerprint
+    );
+  }
+  async hasExecuted(execution_fingerprint) {
+    return this.store.has(
+      execution_fingerprint
+    );
+  }
+};
+
+// src/resolve-override.ts
+async function resolveOverride(executionId, replayStore, signer, verifier) {
+  const raw = await replayStore.get(
+    `pending:${executionId}`
+  );
+  if (!raw) {
+    throw new Error(
+      `[SYS-021] No pending execution found for ${executionId}`
+    );
+  }
+  const stored = JSON.parse(raw);
+  const execution = await executeWithRedis(
+    {
+      token: stored.token,
+      execution_fingerprint: stored.token.executionId,
+      token_signature: stored.token_signature,
+      signer,
+      verifier,
+      runtime_manifest: stored.runtime_manifest,
+      runtime_requirements: stored.runtime_requirements
+    },
+    replayStore
+  );
+  await replayStore.del(
+    `pending:${executionId}`
+  );
+  return {
+    status: "success",
+    executionId,
+    signature: execution.signature,
+    resolved: true
+  };
+}
+
+// src/review-store.ts
+import * as fs from "fs";
+var FILE = "./review-queue.json";
+function addReviewTask(task) {
+  let data = [];
+  if (fs.existsSync(FILE)) {
+    data = JSON.parse(fs.readFileSync(FILE, "utf-8"));
+  }
+  data.push(task);
+  fs.writeFileSync(FILE, JSON.stringify(data, null, 2));
+}
+function getAllTasks() {
+  if (!fs.existsSync(FILE)) return [];
+  return JSON.parse(fs.readFileSync(FILE, "utf-8"));
+}
+
+// src/dry-run.ts
+import {
+  evaluatePolicy as evaluatePolicy2,
+  loadPolicy as loadPolicy2,
+  validateSignalsStrict
+} from "@parmanasystems/execution";
+function evaluateDryRun(policyId, policyVersion, signals, governed_time = (/* @__PURE__ */ new Date()).toISOString()) {
+  const policy = loadPolicy2(
+    policyId,
+    policyVersion
+  );
+  validateSignalsStrict(
+    signals,
+    policy
+  );
+  const decision = evaluatePolicy2(
+    policy,
+    signals
+  );
+  return {
+    policyId,
+    policyVersion,
+    schemaVersion: policy.schemaVersion,
+    decision,
+    rule_trace: [],
+    governed: false,
+    dry_run: true,
+    evaluated_at: governed_time
+  };
+}
+export {
+  MemoryReplayStore,
+  RedisReplayStore,
+  addReviewTask,
+  evaluateDryRun,
+  executeBatch,
+  executeFromSignals,
+  executeWithRedis,
+  getAllTasks,
+  resolveOverride
+};
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/execute-from-signals.ts","../src/execute-with-redis.ts","../src/execute-batch.ts","../src/redis-replay-store.ts","../src/memory-replay-store.ts","../src/resolve-override.ts","../src/review-store.ts","../src/dry-run.ts"],"sourcesContent":["import {\r\n  executeDecision,\r\n  issueToken,\r\n  getRuntimeManifest,\r\n  evaluatePolicy,\r\n  loadPolicy,\r\n  canonicalizeForSigning\r\n} from \"@parmanasystems/execution\";\r\n\r\nimport type {\r\n  ExecutionAttestation,\r\n  Signer,\r\n  Verifier,\r\n  ReplayStore\r\n} from \"@parmanasystems/execution\";\r\n\r\nimport crypto from \"crypto\";\r\n\r\nexport async function executeFromSignals(\r\n  input: {\r\n    policyId: string;\r\n    policyVersion: string;\r\n    signals: Record<string, unknown>;\r\n  },\r\n\r\n  signer: Signer,\r\n  verifier: Verifier,\r\n  replayStore: ReplayStore\r\n): Promise<ExecutionAttestation> {\r\n\r\n  // -----------------------------\r\n  // Load policy\r\n  // -----------------------------\r\n  const policy =\r\n    loadPolicy(\r\n      input.policyId,\r\n      input.policyVersion\r\n    );\r\n\r\n  // -----------------------------\r\n  // Evaluate policy\r\n  // -----------------------------\r\n  const decision =\r\n    evaluatePolicy(\r\n      policy,\r\n      input.signals\r\n    );\r\n\r\n  if (\r\n    decision.status !== \"decided\"\r\n  ) {\r\n\r\n    throw new Error(\r\n      \"[SYS-006] Policy evaluation returned undecided\"\r\n    );\r\n  }\r\n\r\n  // -----------------------------\r\n  // Deterministic execution identity\r\n  // -----------------------------\r\n  const execution_fingerprint =\r\n    crypto\r\n      .createHash(\"sha256\")\r\n      .update(\r\n        JSON.stringify({\r\n          policyId:\r\n            input.policyId,\r\n\r\n          policyVersion:\r\n            input.policyVersion,\r\n\r\n          signals:\r\n            input.signals\r\n        })\r\n      )\r\n      .digest(\"hex\");\r\n\r\n  // -----------------------------\r\n  // Replay protection\r\n  // -----------------------------\r\n  replayStore.markExecuted(\r\n    execution_fingerprint\r\n  );\r\n\r\n  // -----------------------------\r\n  // Runtime manifest\r\n  // -----------------------------\r\n  const runtimeManifest =\r\n    getRuntimeManifest();\r\n\r\n  // -----------------------------\r\n  // Deterministic governance token\r\n  // -----------------------------\r\n  const token =\r\n    issueToken({\r\n\r\n      executionId:\r\n        execution_fingerprint,\r\n\r\n      policyId:\r\n        input.policyId,\r\n\r\n      policyVersion:\r\n        input.policyVersion,\r\n\r\n      schemaVersion:\r\n        policy.schemaVersion,\r\n\r\n      runtimeVersion:\r\n        runtimeManifest.runtimeVersion,\r\n\r\n      decision_payload:\r\n        decision.outcome,\r\n\r\n      signalsHash:\r\n        execution_fingerprint\r\n    });\r\n\r\n// -----------------------------\r\n// Explicit cryptographic signing\r\n// -----------------------------\r\nconst token_signature =\r\n  signer.sign(\r\n    canonicalizeForSigning(\r\n      token\r\n    )\r\n  );\r\n\r\n  // -----------------------------\r\n  // Deterministic execution\r\n  // -----------------------------\r\n  return executeDecision({\r\n\r\n    token,\r\n\r\n    execution_fingerprint,\r\n\r\n    token_signature,\r\n\r\n    signer,\r\n\r\n    verifier,\r\n\r\n    runtime_manifest:\r\n      runtimeManifest,\r\n\r\n    runtime_requirements: {\r\n\r\n      supported_runtimeVersions: [\r\n        runtimeManifest.runtimeVersion\r\n      ],\r\n\r\n      supported_schemaVersions:\r\n        runtimeManifest\r\n          .supported_schemaVersions\r\n    }\r\n  });\r\n}","import {\r\n  executeDecision\r\n} from \"@parmanasystems/execution\";\r\n\r\nimport type {\r\n  ExecutionContext,\r\n  ExecutionAttestation,\r\n  AsyncReplayStore\r\n} from \"@parmanasystems/execution\";\r\n\r\n/**\r\n * 🟢 ASYNC ADAPTER\r\n * Handles distributed replay protection\r\n * while preserving deterministic execution core.\r\n */\r\nexport async function executeWithRedis(\r\n  context: ExecutionContext,\r\n  redisStore: AsyncReplayStore\r\n): Promise<ExecutionAttestation> {\r\n\r\n  // -----------------------------\r\n  // Distributed replay protection\r\n  // -----------------------------\r\n  await redisStore.markExecuted(\r\n    context.execution_fingerprint\r\n  );\r\n\r\n  // -----------------------------\r\n  // Deterministic execution\r\n  // -----------------------------\r\n  return executeDecision(\r\n    context\r\n  );\r\n}","import type {\r\n  Signer,\r\n  Verifier,\r\n  AsyncReplayStore\r\n} from \"@parmanasystems/execution\";\r\n\r\nimport {\r\n  executeFromSignals,\r\n} from \"./execute-from-signals.js\";\r\n\r\n/**\r\n * Executes multiple records sequentially.\r\n *\r\n * Each record is processed independently.\r\n * Errors are captured per-record (fail-isolated).\r\n */\r\nexport async function executeBatch(\r\n  records: Array<{\r\n    policyId: string;\r\n    policyVersion: string;\r\n    signals: Record<string, unknown>;\r\n    governed_time: string;\r\n  }>,\r\n\r\n  signer: Signer,\r\n\r\n  verifier: Verifier,\r\n\r\n  replayStore: AsyncReplayStore\r\n) {\r\n\r\n  const outputs = [];\r\n\r\n  for (const record of records) {\r\n\r\n    try {\r\n\r\n      const output =\r\n        await executeFromSignals(\r\n          record,\r\n          signer,\r\n          verifier,\r\n          replayStore\r\n        );\r\n\r\n      outputs.push({\r\n        input: record,\r\n        output\r\n      });\r\n\r\n    } catch (err: unknown) {\r\n\r\n      outputs.push({\r\n        input: record,\r\n\r\n        output: {\r\n          status: \"error\",\r\n\r\n          error:\r\n            err instanceof Error\r\n              ? err.message\r\n              : \"Unknown error\"\r\n        }\r\n      });\r\n\r\n    }\r\n  }\r\n\r\n  return outputs;\r\n}","import Redis from \"ioredis\";\r\n\r\nimport type {\r\n  Redis as RedisClient\r\n} from \"ioredis\";\r\n\r\nimport type {\r\n  AsyncReplayStore\r\n} from \"@parmanasystems/execution\";\r\n\r\n/**\r\n * 🔒 Distributed replay protection\r\n *\r\n * Replay protection operates on deterministic\r\n * semantic execution fingerprints rather than\r\n * operational execution IDs.\r\n */\r\nexport class RedisReplayStore\r\n  implements AsyncReplayStore {\r\n\r\n  private client: RedisClient;\r\n\r\n  constructor(\r\n    url: string\r\n  ) {\r\n\r\n    this.client =\r\n      new (Redis as any)(url);\r\n  }\r\n\r\n  async hasExecuted(\r\n    execution_fingerprint: string\r\n  ): Promise<boolean> {\r\n\r\n    const res =\r\n      await this.client.exists(\r\n        `exec:${execution_fingerprint}`\r\n      );\r\n\r\n    return res === 1;\r\n  }\r\n\r\n  async markExecuted(\r\n    execution_fingerprint: string\r\n  ): Promise<void> {\r\n\r\n    const result =\r\n      await this.client.set(\r\n        `exec:${execution_fingerprint}`,\r\n        \"1\",\r\n        \"NX\"\r\n      );\r\n\r\n    if (result !== \"OK\") {\r\n\r\n      throw new Error(\r\n        `[INV-013@replay] Replay detected: execution_fingerprint ${execution_fingerprint} has already been consumed`\r\n      );\r\n    }\r\n  }\r\n\r\n  async get(\r\n    key: string\r\n  ): Promise<string | null> {\r\n\r\n    return this.client.get(key);\r\n  }\r\n\r\n  async set(\r\n    key: string,\r\n    value: string\r\n  ): Promise<void> {\r\n\r\n    await this.client.set(\r\n      key,\r\n      value\r\n    );\r\n  }\r\n\r\n  async del(\r\n    key: string\r\n  ): Promise<void> {\r\n\r\n    await this.client.del(key);\r\n  }\r\n\r\n  async close(): Promise<void> {\r\n\r\n    await this.client.quit();\r\n  }\r\n}","import type {\r\n  ReplayStore\r\n} from \"@parmanasystems/execution\";\r\n\r\n/**\r\n * 🔒 In-memory replay protection\r\n *\r\n * Replay protection operates on deterministic\r\n * semantic execution fingerprints rather than\r\n * operational execution IDs.\r\n */\r\nexport class MemoryReplayStore\r\n  implements ReplayStore {\r\n\r\n  private store =\r\n    new Set<string>();\r\n\r\n  async markExecuted(\r\n    execution_fingerprint: string\r\n  ): Promise<void> {\r\n\r\n    if (\r\n      this.store.has(\r\n        execution_fingerprint\r\n      )\r\n    ) {\r\n\r\n      throw new Error(\r\n        `[INV-013@replay] Replay detected: execution_fingerprint ${execution_fingerprint} has already been consumed`\r\n      );\r\n    }\r\n\r\n    this.store.add(\r\n      execution_fingerprint\r\n    );\r\n  }\r\n\r\n  async hasExecuted(\r\n    execution_fingerprint: string\r\n  ): Promise<boolean> {\r\n\r\n    return this.store.has(\r\n      execution_fingerprint\r\n    );\r\n  }\r\n}","import {\r\n  executeWithRedis\r\n} from \"./execute-with-redis.js\";\r\n\r\nimport type {\r\n  AsyncReplayStore,\r\n  Signer,\r\n  Verifier\r\n} from \"@parmanasystems/execution\";\r\n\r\nexport async function resolveOverride(\r\n  executionId: string,\r\n\r\n  replayStore: AsyncReplayStore & {\r\n    get: (\r\n      key: string\r\n    ) => Promise<string | null>;\r\n\r\n    del: (\r\n      key: string\r\n    ) => Promise<void>;\r\n  },\r\n\r\n  signer: Signer,\r\n\r\n  verifier: Verifier\r\n) {\r\n\r\n  // -----------------------------\r\n  // 1. Load pending execution\r\n  // -----------------------------\r\n  const raw =\r\n    await replayStore.get(\r\n      `pending:${executionId}`\r\n    );\r\n\r\n  if (!raw) {\r\n\r\n    throw new Error(\r\n      `[SYS-021] No pending execution found for ${executionId}`\r\n    );\r\n  }\r\n\r\n  const stored =\r\n    JSON.parse(raw);\r\n\r\n  // -----------------------------\r\n  // 2. Execute approved override\r\n  // -----------------------------\r\n  const execution =\r\n    await executeWithRedis(\r\n      {\r\n        token:\r\n          stored.token,\r\n\r\n        execution_fingerprint:\r\n          stored.token.executionId,\r\n\r\n        token_signature:\r\n          stored.token_signature,\r\n\r\n        signer,\r\n\r\n        verifier,\r\n\r\n        runtime_manifest:\r\n          stored.runtime_manifest,\r\n\r\n        runtime_requirements:\r\n          stored.runtime_requirements\r\n      },\r\n\r\n      replayStore\r\n    );\r\n\r\n  // -----------------------------\r\n  // 3. Remove pending state\r\n  // -----------------------------\r\n  await replayStore.del(\r\n    `pending:${executionId}`\r\n  );\r\n\r\n  // -----------------------------\r\n  // 4. Return deterministic result\r\n  // -----------------------------\r\n  return {\r\n\r\n    status:\r\n      \"success\" as const,\r\n\r\n    executionId,\r\n\r\n    signature:\r\n      execution.signature,\r\n\r\n    resolved:\r\n      true\r\n  };\r\n}","import * as fs from \"node:fs\";\r\n\r\nconst FILE = \"./review-queue.json\";\r\n\r\nexport function addReviewTask(task: any) {\r\n  let data: any[] = [];\r\n\r\n  if (fs.existsSync(FILE)) {\r\n    data = JSON.parse(fs.readFileSync(FILE, \"utf-8\"));\r\n  }\r\n\r\n  data.push(task);\r\n\r\n  fs.writeFileSync(FILE, JSON.stringify(data, null, 2));\r\n}\r\n\r\nexport function getAllTasks() {\r\n  if (!fs.existsSync(FILE)) return [];\r\n  return JSON.parse(fs.readFileSync(FILE, \"utf-8\"));\r\n}\r\n","import {\r\n  evaluatePolicy,\r\n  loadPolicy,\r\n  validateSignalsStrict\r\n} from \"@parmanasystems/execution\";\r\n\r\nimport type {\r\n  DecisionResult\r\n} from \"@parmanasystems/execution\";\r\n\r\nexport interface DryRunResult {\r\n\r\n  policyId: string;\r\n\r\n  policyVersion: string;\r\n\r\n  schemaVersion: string;\r\n\r\n  decision: DecisionResult;\r\n\r\n  rule_trace: string[];\r\n\r\n  governed: false;\r\n\r\n  dry_run: true;\r\n\r\n  evaluated_at: string;\r\n}\r\n\r\nexport function evaluateDryRun(\r\n  policyId: string,\r\n  policyVersion: string,\r\n  signals: Record<string, unknown>,\r\n  governed_time = new Date().toISOString()\r\n): DryRunResult {\r\n\r\n  // -----------------------------\r\n  // 1. Load policy\r\n  // -----------------------------\r\n  const policy =\r\n    loadPolicy(\r\n      policyId,\r\n      policyVersion\r\n    );\r\n\r\n  // -----------------------------\r\n  // 2. Validate signals\r\n  // -----------------------------\r\n  validateSignalsStrict(\r\n    signals,\r\n    policy\r\n  );\r\n\r\n  // -----------------------------\r\n  // 3. Evaluate policy\r\n  // -----------------------------\r\n  const decision: DecisionResult =\r\n    evaluatePolicy(\r\n      policy,\r\n      signals\r\n    );\r\n\r\n  // -----------------------------\r\n  // 4. Return dry-run result\r\n  // -----------------------------\r\n  return {\r\n\r\n    policyId,\r\n\r\n    policyVersion,\r\n\r\n    schemaVersion:\r\n      policy.schemaVersion,\r\n\r\n    decision,\r\n\r\n    rule_trace: [],\r\n\r\n    governed: false,\r\n\r\n    dry_run: true,\r\n\r\n    evaluated_at:\r\n      governed_time\r\n  };\r\n}"],"mappings":";AAAA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AASP,OAAO,YAAY;AAEnB,eAAsB,mBACpB,OAMA,QACA,UACA,aAC+B;AAK/B,QAAM,SACJ;AAAA,IACE,MAAM;AAAA,IACN,MAAM;AAAA,EACR;AAKF,QAAM,WACJ;AAAA,IACE;AAAA,IACA,MAAM;AAAA,EACR;AAEF,MACE,SAAS,WAAW,WACpB;AAEA,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAKA,QAAM,wBACJ,OACG,WAAW,QAAQ,EACnB;AAAA,IACC,KAAK,UAAU;AAAA,MACb,UACE,MAAM;AAAA,MAER,eACE,MAAM;AAAA,MAER,SACE,MAAM;AAAA,IACV,CAAC;AAAA,EACH,EACC,OAAO,KAAK;AAKjB,cAAY;AAAA,IACV;AAAA,EACF;AAKA,QAAM,kBACJ,mBAAmB;AAKrB,QAAM,QACJ,WAAW;AAAA,IAET,aACE;AAAA,IAEF,UACE,MAAM;AAAA,IAER,eACE,MAAM;AAAA,IAER,eACE,OAAO;AAAA,IAET,gBACE,gBAAgB;AAAA,IAElB,kBACE,SAAS;AAAA,IAEX,aACE;AAAA,EACJ,CAAC;AAKL,QAAM,kBACJ,OAAO;AAAA,IACL;AAAA,MACE;AAAA,IACF;AAAA,EACF;AAKA,SAAO,gBAAgB;AAAA,IAErB;AAAA,IAEA;AAAA,IAEA;AAAA,IAEA;AAAA,IAEA;AAAA,IAEA,kBACE;AAAA,IAEF,sBAAsB;AAAA,MAEpB,2BAA2B;AAAA,QACzB,gBAAgB;AAAA,MAClB;AAAA,MAEA,0BACE,gBACG;AAAA,IACP;AAAA,EACF,CAAC;AACH;;;AC7JA;AAAA,EACE,mBAAAA;AAAA,OACK;AAaP,eAAsB,iBACpB,SACA,YAC+B;AAK/B,QAAM,WAAW;AAAA,IACf,QAAQ;AAAA,EACV;AAKA,SAAOA;AAAA,IACL;AAAA,EACF;AACF;;;ACjBA,eAAsB,aACpB,SAOA,QAEA,UAEA,aACA;AAEA,QAAM,UAAU,CAAC;AAEjB,aAAW,UAAU,SAAS;AAE5B,QAAI;AAEF,YAAM,SACJ,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEF,cAAQ,KAAK;AAAA,QACX,OAAO;AAAA,QACP;AAAA,MACF,CAAC;AAAA,IAEH,SAAS,KAAc;AAErB,cAAQ,KAAK;AAAA,QACX,OAAO;AAAA,QAEP,QAAQ;AAAA,UACN,QAAQ;AAAA,UAER,OACE,eAAe,QACX,IAAI,UACJ;AAAA,QACR;AAAA,MACF,CAAC;AAAA,IAEH;AAAA,EACF;AAEA,SAAO;AACT;;;ACrEA,OAAO,WAAW;AAiBX,IAAM,mBAAN,MACuB;AAAA,EAI5B,YACE,KACA;AAEA,SAAK,SACH,IAAK,MAAc,GAAG;AAAA,EAC1B;AAAA,EAEA,MAAM,YACJ,uBACkB;AAElB,UAAM,MACJ,MAAM,KAAK,OAAO;AAAA,MAChB,QAAQ,qBAAqB;AAAA,IAC/B;AAEF,WAAO,QAAQ;AAAA,EACjB;AAAA,EAEA,MAAM,aACJ,uBACe;AAEf,UAAM,SACJ,MAAM,KAAK,OAAO;AAAA,MAChB,QAAQ,qBAAqB;AAAA,MAC7B;AAAA,MACA;AAAA,IACF;AAEF,QAAI,WAAW,MAAM;AAEnB,YAAM,IAAI;AAAA,QACR,2DAA2D,qBAAqB;AAAA,MAClF;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,IACJ,KACwB;AAExB,WAAO,KAAK,OAAO,IAAI,GAAG;AAAA,EAC5B;AAAA,EAEA,MAAM,IACJ,KACA,OACe;AAEf,UAAM,KAAK,OAAO;AAAA,MAChB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,IACJ,KACe;AAEf,UAAM,KAAK,OAAO,IAAI,GAAG;AAAA,EAC3B;AAAA,EAEA,MAAM,QAAuB;AAE3B,UAAM,KAAK,OAAO,KAAK;AAAA,EACzB;AACF;;;AC/EO,IAAM,oBAAN,MACkB;AAAA,EADlB;AAGL,SAAQ,QACN,oBAAI,IAAY;AAAA;AAAA,EAElB,MAAM,aACJ,uBACe;AAEf,QACE,KAAK,MAAM;AAAA,MACT;AAAA,IACF,GACA;AAEA,YAAM,IAAI;AAAA,QACR,2DAA2D,qBAAqB;AAAA,MAClF;AAAA,IACF;AAEA,SAAK,MAAM;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEA,MAAM,YACJ,uBACkB;AAElB,WAAO,KAAK,MAAM;AAAA,MAChB;AAAA,IACF;AAAA,EACF;AACF;;;ACnCA,eAAsB,gBACpB,aAEA,aAUA,QAEA,UACA;AAKA,QAAM,MACJ,MAAM,YAAY;AAAA,IAChB,WAAW,WAAW;AAAA,EACxB;AAEF,MAAI,CAAC,KAAK;AAER,UAAM,IAAI;AAAA,MACR,4CAA4C,WAAW;AAAA,IACzD;AAAA,EACF;AAEA,QAAM,SACJ,KAAK,MAAM,GAAG;AAKhB,QAAM,YACJ,MAAM;AAAA,IACJ;AAAA,MACE,OACE,OAAO;AAAA,MAET,uBACE,OAAO,MAAM;AAAA,MAEf,iBACE,OAAO;AAAA,MAET;AAAA,MAEA;AAAA,MAEA,kBACE,OAAO;AAAA,MAET,sBACE,OAAO;AAAA,IACX;AAAA,IAEA;AAAA,EACF;AAKF,QAAM,YAAY;AAAA,IAChB,WAAW,WAAW;AAAA,EACxB;AAKA,SAAO;AAAA,IAEL,QACE;AAAA,IAEF;AAAA,IAEA,WACE,UAAU;AAAA,IAEZ,UACE;AAAA,EACJ;AACF;;;AClGA,YAAY,QAAQ;AAEpB,IAAM,OAAO;AAEN,SAAS,cAAc,MAAW;AACvC,MAAI,OAAc,CAAC;AAEnB,MAAO,cAAW,IAAI,GAAG;AACvB,WAAO,KAAK,MAAS,gBAAa,MAAM,OAAO,CAAC;AAAA,EAClD;AAEA,OAAK,KAAK,IAAI;AAEd,EAAG,iBAAc,MAAM,KAAK,UAAU,MAAM,MAAM,CAAC,CAAC;AACtD;AAEO,SAAS,cAAc;AAC5B,MAAI,CAAI,cAAW,IAAI,EAAG,QAAO,CAAC;AAClC,SAAO,KAAK,MAAS,gBAAa,MAAM,OAAO,CAAC;AAClD;;;ACnBA;AAAA,EACE,kBAAAC;AAAA,EACA,cAAAC;AAAA,EACA;AAAA,OACK;AAyBA,SAAS,eACd,UACA,eACA,SACA,iBAAgB,oBAAI,KAAK,GAAE,YAAY,GACzB;AAKd,QAAM,SACJA;AAAA,IACE;AAAA,IACA;AAAA,EACF;AAKF;AAAA,IACE;AAAA,IACA;AAAA,EACF;AAKA,QAAM,WACJD;AAAA,IACE;AAAA,IACA;AAAA,EACF;AAKF,SAAO;AAAA,IAEL;AAAA,IAEA;AAAA,IAEA,eACE,OAAO;AAAA,IAET;AAAA,IAEA,YAAY,CAAC;AAAA,IAEb,UAAU;AAAA,IAEV,SAAS;AAAA,IAET,cACE;AAAA,EACJ;AACF;","names":["executeDecision","evaluatePolicy","loadPolicy"]}

package/package.json

@@ -0,0 +1,30 @@
+{
+  "name": "@parmanasystems/execution-runtime",
+  "version": "1.65.0",
+  "private": false,
+  "type": "module",
+  "description": "Runtime orchestration layer for Parmana Systems.",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsup"
+  },
+  "dependencies": {
+    "@parmanasystems/execution": "^1.65.0",
+    "ioredis": "^5.4.1"
+  },
+  "devDependencies": {
+    "tsup": "^8.5.1",
+    "typescript": "^5.8.3"
+  }
+}