@parmanasystems/governance 1.71.12 → 1.71.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +36 -37
  2. package/package.json +4 -4
package/README.md CHANGED
@@ -27,42 +27,43 @@ import {
27
27
  createPolicy,
28
28
  validatePolicy,
29
29
  generateBundle,
30
- definePolicy,
30
+ upgradePolicy,
31
31
  } from "@parmanasystems/governance";
32
32
 
33
- // Scaffold a new policy at ./policies/loan-approval/v1/policy.json
33
+ // Scaffold a new policy directory at ./policies/loan-approval/v1/
34
34
  const dir = createPolicy("loan-approval");
35
35
  console.log(dir); // "./policies/loan-approval/v1"
36
+ // Edit ./policies/loan-approval/v1/policy.json with your rules
36
37
 
37
- // Define a policy in memory
38
- const policy = definePolicy({
39
- id: "loan-approval",
40
- version: "v1",
41
- rules: [
42
- {
43
- id: "high-score",
44
- condition: "credit_score >= 700 && requested_usd <= 100000",
45
- action: "approve",
46
- },
47
- {
48
- id: "default-reject",
49
- condition: "true",
50
- action: "reject",
51
- },
52
- ],
53
- });
54
-
55
- // Validate before bundling
56
- validatePolicy(policy);
57
-
58
- // Package into a signed bundle
59
- const result = await generateBundle({
60
- policyPath: "./policies/loan-approval/v1",
61
- outputPath: "./dist/bundles/loan-approval",
62
- });
38
+ // Validate policy files before bundling — throws on schema errors
39
+ validatePolicy("./policies/loan-approval/v1");
63
40
 
41
+ // Package into a content-addressed bundle (unsigned — safe for development)
42
+ const result = generateBundle(
43
+ "loan-approval",
44
+ "v1",
45
+ "./policies/loan-approval/v1"
46
+ );
64
47
  console.log(result.success); // true
65
- console.log(result.bundle_hash); // SHA-256 commitment
48
+ console.log(result.bundle_hash); // SHA-256 commitment over all policy artifacts
49
+ console.log(result.manifest_path); // path to bundle.manifest.json
50
+ console.log(result.signature_path); // null for unsigned bundles
51
+ ```
52
+
53
+ ### Sign a bundle for production
54
+
55
+ Pass a `signer` with an explicit private key path to write a `bundle.sig` alongside the manifest:
56
+
57
+ ```typescript
58
+ import { generateBundle } from "@parmanasystems/governance";
59
+
60
+ const result = generateBundle(
61
+ "loan-approval",
62
+ "v1",
63
+ "./policies/loan-approval/v1",
64
+ { privateKeyPath: "./trust/root.key" } // optional — omit for unsigned bundles
65
+ );
66
+ console.log(result.signature_path); // "./policies/loan-approval/v1/bundle.sig"
66
67
  ```
67
68
 
68
69
  ### Upgrade an existing policy
@@ -70,8 +71,9 @@ console.log(result.bundle_hash); // SHA-256 commitment
70
71
  ```typescript
71
72
  import { upgradePolicy } from "@parmanasystems/governance";
72
73
 
73
- // Creates ./policies/loan-approval/v2/ from ./policies/loan-approval/v1/
74
+ // Creates ./policies/loan-approval/v2/ as a copy of v1 — edit the new version's rules
74
75
  const newDir = upgradePolicy("loan-approval");
76
+ console.log(newDir); // "./policies/loan-approval/v2"
75
77
  ```
76
78
 
77
79
  ---
@@ -84,18 +86,15 @@ const newDir = upgradePolicy("loan-approval");
84
86
  |---|---|
85
87
  | `createPolicy` | Scaffold a new policy directory at `./policies/<id>/v1/` with a skeleton `policy.json` |
86
88
  | `upgradePolicy` | Create the next version directory from the current latest version |
87
- | `validatePolicy` | Validate a policy definition against the governance schema; throws on invalid input |
88
- | `generateBundle` | Package a policy directory into a content-addressed, signed bundle |
89
- | `definePolicy` | Construct a typed `PolicyDefinition` in memory |
89
+ | `validatePolicy` | Validate a policy directory against the governance schema; throws on invalid input |
90
+ | `generateBundle` | Package a policy directory into a content-addressed bundle; optionally sign with a private key |
90
91
 
91
92
  ### Types
92
93
 
93
94
  | Export | Description |
94
95
  |---|---|
95
- | `PolicyDefinition` | In-memory policy with `id`, `version`, and ordered `rules` |
96
- | `PolicyRule` | Single rule: `id`, `condition` expression, and `action` |
97
- | `BundleGenerationResult` | Result of `generateBundle` — success flag, paths, and `bundle_hash` |
98
- | `RuntimeRequirements` | Runtime capability and version constraints embedded in bundles |
96
+ | `BundleGenerationResult` | Result of `generateBundle` `success`, `manifest_path`, `signature_path`, `bundle_hash` |
97
+ | `BundleSigner` | Signer config for `generateBundle`: `{ privateKeyPath: string }` |
99
98
 
100
99
  ---
101
100
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@parmanasystems/governance",
3
- "version": "1.71.12",
3
+ "version": "1.71.14",
4
4
  "private": false,
5
5
  "type": "module",
6
6
  "scripts": {
@@ -18,9 +18,9 @@
18
18
  ],
19
19
  "sideEffects": false,
20
20
  "dependencies": {
21
- "@parmanasystems/bundle": "^1.71.12",
22
- "@parmanasystems/crypto": "^1.71.12",
23
- "@parmanasystems/contracts": "^1.71.12"
21
+ "@parmanasystems/bundle": "^1.71.14",
22
+ "@parmanasystems/crypto": "^1.71.14",
23
+ "@parmanasystems/contracts": "^1.71.14"
24
24
  },
25
25
  "description": "Deterministic governance lifecycle and policy infrastructure for parmanasystems.",
26
26
  "license": "Apache-2.0",