@paybond/kit 0.9.8 → 0.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/completion-presets/catalog.json +1187 -0
- package/completion-presets/catalog.sha256 +1 -0
- package/dev/trace-ui/dashboard.html +617 -0
- package/dist/agent/adapter.d.ts +51 -0
- package/dist/agent/adapter.js +66 -0
- package/dist/agent/attach-bundle.d.ts +37 -0
- package/dist/agent/attach-bundle.js +118 -0
- package/dist/agent/authorization-cache.d.ts +22 -0
- package/dist/agent/authorization-cache.js +36 -0
- package/dist/agent/deferred-tools.d.ts +11 -0
- package/dist/agent/deferred-tools.js +62 -0
- package/dist/agent/discover.d.ts +41 -0
- package/dist/agent/discover.js +147 -0
- package/dist/agent/evidence.d.ts +9 -0
- package/dist/agent/evidence.js +28 -0
- package/dist/agent/facade.d.ts +48 -0
- package/dist/agent/facade.js +112 -0
- package/dist/agent/gateway-trace-reporter.d.ts +28 -0
- package/dist/agent/gateway-trace-reporter.js +49 -0
- package/dist/agent/generic-runner.d.ts +14 -0
- package/dist/agent/generic-runner.js +49 -0
- package/dist/agent/generic-sandbox-demo.d.ts +36 -0
- package/dist/agent/generic-sandbox-demo.js +82 -0
- package/dist/agent/guarded-agent.d.ts +49 -0
- package/dist/agent/guarded-agent.js +100 -0
- package/dist/agent/index.d.ts +13 -0
- package/dist/agent/index.js +13 -0
- package/dist/agent/instrument.d.ts +156 -0
- package/dist/agent/instrument.js +442 -0
- package/dist/agent/interceptor.d.ts +24 -0
- package/dist/agent/interceptor.js +440 -0
- package/dist/agent/lazy-context-tools.d.ts +15 -0
- package/dist/agent/lazy-context-tools.js +81 -0
- package/dist/agent/registry-file.d.ts +39 -0
- package/dist/agent/registry-file.js +219 -0
- package/dist/agent/registry.d.ts +37 -0
- package/dist/agent/registry.js +128 -0
- package/dist/agent/run.d.ts +124 -0
- package/dist/agent/run.js +301 -0
- package/dist/agent/types.d.ts +318 -0
- package/dist/agent/types.js +42 -0
- package/dist/agent-recognition.d.ts +72 -0
- package/dist/agent-recognition.js +165 -0
- package/dist/bincode-wire.d.ts +18 -0
- package/dist/bincode-wire.js +93 -0
- package/dist/claude-agents/config.d.ts +21 -0
- package/dist/claude-agents/config.js +145 -0
- package/dist/claude-agents/index.d.ts +2 -0
- package/dist/claude-agents/index.js +2 -0
- package/dist/claude-agents/sandbox-demo.d.ts +30 -0
- package/dist/claude-agents/sandbox-demo.js +91 -0
- package/dist/cli/agent/env-quote.d.ts +1 -0
- package/dist/cli/agent/env-quote.js +6 -0
- package/dist/cli/agent/env-write.d.ts +8 -0
- package/dist/cli/agent/env-write.js +47 -0
- package/dist/cli/agent/paybond.d.ts +16 -0
- package/dist/cli/agent/paybond.js +55 -0
- package/dist/cli/agent/policy-file.d.ts +29 -0
- package/dist/cli/agent/policy-file.js +61 -0
- package/dist/cli/agent/production-evidence.d.ts +24 -0
- package/dist/cli/agent/production-evidence.js +98 -0
- package/dist/cli/agent/run-store.d.ts +30 -0
- package/dist/cli/agent/run-store.js +42 -0
- package/dist/cli/agent/run-trace-store.d.ts +39 -0
- package/dist/cli/agent/run-trace-store.js +143 -0
- package/dist/cli/agent-run-trace-table.d.ts +9 -0
- package/dist/cli/agent-run-trace-table.js +24 -0
- package/dist/cli/agent-sandbox-smoke-checklist.d.ts +9 -0
- package/dist/cli/agent-sandbox-smoke-checklist.js +50 -0
- package/dist/cli/audit-export.d.ts +7 -0
- package/dist/cli/audit-export.js +120 -0
- package/dist/cli/automation.d.ts +25 -0
- package/dist/cli/automation.js +297 -0
- package/dist/cli/body.d.ts +7 -0
- package/dist/cli/body.js +22 -0
- package/dist/cli/color.d.ts +15 -0
- package/dist/cli/color.js +39 -0
- package/dist/cli/command-spec.d.ts +13 -0
- package/dist/cli/command-spec.js +611 -0
- package/dist/cli/commands/agent.d.ts +16 -0
- package/dist/cli/commands/agent.js +1135 -0
- package/dist/cli/commands/dev.d.ts +7 -0
- package/dist/cli/commands/dev.js +348 -0
- package/dist/cli/commands/discovery.d.ts +8 -0
- package/dist/cli/commands/discovery.js +194 -0
- package/dist/cli/commands/policy.d.ts +13 -0
- package/dist/cli/commands/policy.js +769 -0
- package/dist/cli/commands/setup.d.ts +18 -0
- package/dist/cli/commands/setup.js +513 -0
- package/dist/cli/commands/workflows.d.ts +7 -0
- package/dist/cli/commands/workflows.js +214 -0
- package/dist/cli/config.d.ts +16 -0
- package/dist/cli/config.js +98 -0
- package/dist/cli/context.d.ts +22 -0
- package/dist/cli/context.js +110 -0
- package/dist/cli/credentials.d.ts +21 -0
- package/dist/cli/credentials.js +141 -0
- package/dist/cli/doctor-agent-middleware.d.ts +5 -0
- package/dist/cli/doctor-agent-middleware.js +49 -0
- package/dist/cli/doctor-agent.d.ts +15 -0
- package/dist/cli/doctor-agent.js +311 -0
- package/dist/cli/envelope.d.ts +14 -0
- package/dist/cli/envelope.js +46 -0
- package/dist/cli/globals.d.ts +23 -0
- package/dist/cli/globals.js +248 -0
- package/dist/cli/help.d.ts +3 -0
- package/dist/cli/help.js +83 -0
- package/dist/cli/mcp-install.d.ts +41 -0
- package/dist/cli/mcp-install.js +95 -0
- package/dist/cli/mcp-policy.d.ts +26 -0
- package/dist/cli/mcp-policy.js +110 -0
- package/dist/cli/mcp-verify-config.d.ts +37 -0
- package/dist/cli/mcp-verify-config.js +172 -0
- package/dist/cli/redact.d.ts +4 -0
- package/dist/cli/redact.js +88 -0
- package/dist/cli/request-id.d.ts +2 -0
- package/dist/cli/request-id.js +5 -0
- package/dist/cli/router.d.ts +2 -0
- package/dist/cli/router.js +378 -0
- package/dist/cli/smoke-deep-links.d.ts +15 -0
- package/dist/cli/smoke-deep-links.js +63 -0
- package/dist/cli/suggest.d.ts +4 -0
- package/dist/cli/suggest.js +58 -0
- package/dist/cli/support-diagnostics.d.ts +19 -0
- package/dist/cli/support-diagnostics.js +47 -0
- package/dist/cli/telemetry.d.ts +17 -0
- package/dist/cli/telemetry.js +94 -0
- package/dist/cli/types.d.ts +72 -0
- package/dist/cli/types.js +60 -0
- package/dist/cli/ux.d.ts +8 -0
- package/dist/cli/ux.js +164 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +38 -0
- package/dist/completion-catalog-digest.d.ts +2 -0
- package/dist/completion-catalog-digest.js +2 -0
- package/dist/completion-catalog-integrity.d.ts +2 -0
- package/dist/completion-catalog-integrity.js +17 -0
- package/dist/completion-catalog.d.ts +49 -0
- package/dist/completion-catalog.js +62 -0
- package/dist/completion-contract-digest.d.ts +37 -0
- package/dist/completion-contract-digest.js +73 -0
- package/dist/completion-forbidden-fields.d.ts +5 -0
- package/dist/completion-forbidden-fields.js +26 -0
- package/dist/completion-init.d.ts +8 -0
- package/dist/completion-init.js +334 -0
- package/dist/completion-resolve.d.ts +21 -0
- package/dist/completion-resolve.js +86 -0
- package/dist/completion-validate-evidence.d.ts +24 -0
- package/dist/completion-validate-evidence.js +145 -0
- package/dist/dev/offline-gateway.d.ts +24 -0
- package/dist/dev/offline-gateway.js +102 -0
- package/dist/dev/trace-buffer.d.ts +61 -0
- package/dist/dev/trace-buffer.js +330 -0
- package/dist/dev/trace-security-headers.d.ts +11 -0
- package/dist/dev/trace-security-headers.js +16 -0
- package/dist/dev/trace-server.d.ts +8 -0
- package/dist/dev/trace-server.js +38 -0
- package/dist/dev/trace-ui.d.ts +4 -0
- package/dist/dev/trace-ui.js +25 -0
- package/dist/dev/wiremock-up.d.ts +15 -0
- package/dist/dev/wiremock-up.js +118 -0
- package/dist/doctor-completion.d.ts +17 -0
- package/dist/doctor-completion.js +428 -0
- package/dist/gateway-url.d.ts +7 -0
- package/dist/gateway-url.js +69 -0
- package/dist/index.d.ts +119 -2
- package/dist/index.js +267 -6
- package/dist/init.js +380 -68
- package/dist/langgraph/awrap-tool-call.d.ts +25 -0
- package/dist/langgraph/awrap-tool-call.js +81 -0
- package/dist/langgraph/config.d.ts +13 -0
- package/dist/langgraph/config.js +11 -0
- package/dist/langgraph/index.d.ts +4 -0
- package/dist/langgraph/index.js +4 -0
- package/dist/langgraph/sandbox-demo.d.ts +40 -0
- package/dist/langgraph/sandbox-demo.js +96 -0
- package/dist/langgraph/tool-node.d.ts +10 -0
- package/dist/langgraph/tool-node.js +38 -0
- package/dist/login.d.ts +14 -1
- package/dist/login.js +130 -63
- package/dist/mcp/index.d.ts +1 -0
- package/dist/mcp/index.js +1 -0
- package/dist/mcp/tool-surface.d.ts +25 -0
- package/dist/mcp/tool-surface.js +17 -0
- package/dist/mcp-capability-token-cache.d.ts +24 -0
- package/dist/mcp-capability-token-cache.js +101 -0
- package/dist/mcp-evidence-policy.d.ts +48 -0
- package/dist/mcp-evidence-policy.js +117 -0
- package/dist/mcp-policy-reload.d.ts +79 -0
- package/dist/mcp-policy-reload.js +200 -0
- package/dist/mcp-sep2828-evidence.d.ts +36 -0
- package/dist/mcp-sep2828-evidence.js +65 -0
- package/dist/mcp-server.d.ts +10 -0
- package/dist/mcp-server.js +423 -115
- package/dist/openai-agents/index.d.ts +40 -0
- package/dist/openai-agents/index.js +151 -0
- package/dist/openai-agents/sandbox-demo.d.ts +34 -0
- package/dist/openai-agents/sandbox-demo.js +118 -0
- package/dist/payee-evidence.js +2 -29
- package/dist/policy/catalog.d.ts +31 -0
- package/dist/policy/catalog.js +48 -0
- package/dist/policy/compose-utils.d.ts +3 -0
- package/dist/policy/compose-utils.js +4 -0
- package/dist/policy/compose.d.ts +20 -0
- package/dist/policy/compose.js +240 -0
- package/dist/policy/digest.d.ts +7 -0
- package/dist/policy/digest.js +75 -0
- package/dist/policy/domain.d.ts +15 -0
- package/dist/policy/domain.js +28 -0
- package/dist/policy/guardrail-spec.d.ts +17 -0
- package/dist/policy/guardrail-spec.js +140 -0
- package/dist/policy/guardrails.d.ts +48 -0
- package/dist/policy/guardrails.js +72 -0
- package/dist/policy/index.d.ts +21 -0
- package/dist/policy/index.js +21 -0
- package/dist/policy/init.d.ts +102 -0
- package/dist/policy/init.js +351 -0
- package/dist/policy/intent-spec.d.ts +52 -0
- package/dist/policy/intent-spec.js +176 -0
- package/dist/policy/json-path.d.ts +4 -0
- package/dist/policy/json-path.js +23 -0
- package/dist/policy/layers-io.d.ts +7 -0
- package/dist/policy/layers-io.js +28 -0
- package/dist/policy/load-effective.d.ts +22 -0
- package/dist/policy/load-effective.js +77 -0
- package/dist/policy/load.d.ts +85 -0
- package/dist/policy/load.js +164 -0
- package/dist/policy/merge.d.ts +29 -0
- package/dist/policy/merge.js +297 -0
- package/dist/policy/parse-text.d.ts +2 -0
- package/dist/policy/parse-text.js +126 -0
- package/dist/policy/policy-api.d.ts +45 -0
- package/dist/policy/policy-api.js +61 -0
- package/dist/policy/presets.d.ts +19 -0
- package/dist/policy/presets.js +66 -0
- package/dist/policy/registry.d.ts +7 -0
- package/dist/policy/registry.js +33 -0
- package/dist/policy/reload.d.ts +86 -0
- package/dist/policy/reload.js +233 -0
- package/dist/policy/render-yaml.d.ts +3 -0
- package/dist/policy/render-yaml.js +69 -0
- package/dist/policy/sandbox-bootstrap.d.ts +19 -0
- package/dist/policy/sandbox-bootstrap.js +66 -0
- package/dist/policy/schema.d.ts +204 -0
- package/dist/policy/schema.js +255 -0
- package/dist/policy/snapshot.d.ts +33 -0
- package/dist/policy/snapshot.js +23 -0
- package/dist/policy/validate-remote.d.ts +43 -0
- package/dist/policy/validate-remote.js +104 -0
- package/dist/policy/validate.d.ts +36 -0
- package/dist/policy/validate.js +150 -0
- package/dist/policy/watcher.d.ts +29 -0
- package/dist/policy/watcher.js +112 -0
- package/dist/principal-intent.d.ts +52 -0
- package/dist/principal-intent.js +193 -37
- package/dist/project-init.d.ts +34 -0
- package/dist/project-init.js +898 -0
- package/dist/sep2828-signature.d.ts +10 -0
- package/dist/sep2828-signature.js +134 -0
- package/dist/solutions/api.d.ts +22 -0
- package/dist/solutions/api.js +40 -0
- package/dist/solutions/catalog.d.ts +34 -0
- package/dist/solutions/catalog.js +129 -0
- package/dist/solutions/index.d.ts +2 -0
- package/dist/solutions/index.js +2 -0
- package/dist/template-init.d.ts +54 -0
- package/dist/template-init.js +203 -0
- package/dist/vercel-ai/config.d.ts +15 -0
- package/dist/vercel-ai/config.js +13 -0
- package/dist/vercel-ai/index.d.ts +4 -0
- package/dist/vercel-ai/index.js +4 -0
- package/dist/vercel-ai/sandbox-demo.d.ts +44 -0
- package/dist/vercel-ai/sandbox-demo.js +153 -0
- package/dist/vercel-ai/tool-approval.d.ts +16 -0
- package/dist/vercel-ai/tool-approval.js +41 -0
- package/dist/vercel-ai/wrap-tools.d.ts +9 -0
- package/dist/vercel-ai/wrap-tools.js +40 -0
- package/dist/x402-receipt-evidence.d.ts +29 -0
- package/dist/x402-receipt-evidence.js +97 -0
- package/dist/x402-receipt-signature.d.ts +12 -0
- package/dist/x402-receipt-signature.js +211 -0
- package/package.json +79 -4
- package/solutions/aws.json +17 -0
- package/solutions/saas.json +17 -0
- package/solutions/shopping.json +17 -0
- package/solutions/travel.json +18 -0
- package/templates/manifest.json +169 -0
- package/templates/openai-shopping-agent/.env.example +3 -0
- package/templates/openai-shopping-agent/.github/workflows/smoke.yml +20 -0
- package/templates/openai-shopping-agent/LICENSE +201 -0
- package/templates/openai-shopping-agent/README.md +29 -0
- package/templates/openai-shopping-agent/package.json +22 -0
- package/templates/openai-shopping-agent/paybond.policy.yaml +22 -0
- package/templates/openai-shopping-agent/src/index.ts +22 -0
- package/templates/openai-shopping-agent/src/paybond.config.ts +51 -0
- package/templates/openai-shopping-agent/tsconfig.json +13 -0
- package/templates/paybond-aws-operator/.env.example +3 -0
- package/templates/paybond-aws-operator/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-aws-operator/LICENSE +201 -0
- package/templates/paybond-aws-operator/README.md +29 -0
- package/templates/paybond-aws-operator/package.json +20 -0
- package/templates/paybond-aws-operator/paybond.policy.yaml +22 -0
- package/templates/paybond-aws-operator/src/index.ts +54 -0
- package/templates/paybond-aws-operator/src/paybond.config.ts +51 -0
- package/templates/paybond-aws-operator/tsconfig.json +13 -0
- package/templates/paybond-claude-agents-demo/.env.example +3 -0
- package/templates/paybond-claude-agents-demo/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-claude-agents-demo/LICENSE +201 -0
- package/templates/paybond-claude-agents-demo/README.md +29 -0
- package/templates/paybond-claude-agents-demo/package.json +22 -0
- package/templates/paybond-claude-agents-demo/paybond.policy.yaml +22 -0
- package/templates/paybond-claude-agents-demo/src/index.ts +22 -0
- package/templates/paybond-claude-agents-demo/src/paybond.config.ts +51 -0
- package/templates/paybond-claude-agents-demo/tsconfig.json +13 -0
- package/templates/paybond-invoice-agent/.env.example +3 -0
- package/templates/paybond-invoice-agent/.github/workflows/smoke.yml +19 -0
- package/templates/paybond-invoice-agent/LICENSE +201 -0
- package/templates/paybond-invoice-agent/README.md +29 -0
- package/templates/paybond-invoice-agent/app.py +27 -0
- package/templates/paybond-invoice-agent/package.json +6 -0
- package/templates/paybond-invoice-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-invoice-agent/paybond_config.py +45 -0
- package/templates/paybond-invoice-agent/requirements.txt +2 -0
- package/templates/paybond-mcp-coding-agent/.env.example +3 -0
- package/templates/paybond-mcp-coding-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-mcp-coding-agent/LICENSE +201 -0
- package/templates/paybond-mcp-coding-agent/README.md +39 -0
- package/templates/paybond-mcp-coding-agent/package.json +20 -0
- package/templates/paybond-mcp-coding-agent/paybond.policy.yaml +25 -0
- package/templates/paybond-mcp-coding-agent/src/index.ts +40 -0
- package/templates/paybond-mcp-coding-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-mcp-coding-agent/tsconfig.json +13 -0
- package/templates/paybond-openai-agents-demo/.env.example +3 -0
- package/templates/paybond-openai-agents-demo/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-openai-agents-demo/LICENSE +201 -0
- package/templates/paybond-openai-agents-demo/README.md +29 -0
- package/templates/paybond-openai-agents-demo/package.json +22 -0
- package/templates/paybond-openai-agents-demo/paybond.policy.yaml +22 -0
- package/templates/paybond-openai-agents-demo/src/index.ts +22 -0
- package/templates/paybond-openai-agents-demo/src/paybond.config.ts +51 -0
- package/templates/paybond-openai-agents-demo/tsconfig.json +13 -0
- package/templates/paybond-procurement-agent/.env.example +3 -0
- package/templates/paybond-procurement-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-procurement-agent/LICENSE +201 -0
- package/templates/paybond-procurement-agent/README.md +29 -0
- package/templates/paybond-procurement-agent/package.json +20 -0
- package/templates/paybond-procurement-agent/paybond.policy.yaml +25 -0
- package/templates/paybond-procurement-agent/src/index.ts +54 -0
- package/templates/paybond-procurement-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-procurement-agent/tsconfig.json +13 -0
- package/templates/paybond-travel-agent/.env.example +3 -0
- package/templates/paybond-travel-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-travel-agent/LICENSE +201 -0
- package/templates/paybond-travel-agent/README.md +29 -0
- package/templates/paybond-travel-agent/package.json +23 -0
- package/templates/paybond-travel-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-travel-agent/src/index.ts +22 -0
- package/templates/paybond-travel-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-travel-agent/tsconfig.json +13 -0
- package/templates/paybond-vercel-shopping-agent/.env.example +3 -0
- package/templates/paybond-vercel-shopping-agent/.github/workflows/smoke.yml +20 -0
- package/templates/paybond-vercel-shopping-agent/LICENSE +201 -0
- package/templates/paybond-vercel-shopping-agent/README.md +29 -0
- package/templates/paybond-vercel-shopping-agent/package.json +22 -0
- package/templates/paybond-vercel-shopping-agent/paybond.policy.yaml +22 -0
- package/templates/paybond-vercel-shopping-agent/src/index.ts +22 -0
- package/templates/paybond-vercel-shopping-agent/src/paybond.config.ts +51 -0
- package/templates/paybond-vercel-shopping-agent/tsconfig.json +13 -0
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import type { CliContext } from "../context.js";
|
|
2
|
+
import { type CommandResult } from "../types.js";
|
|
3
|
+
export declare function handleDevSmoke(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
4
|
+
export declare function handleDevTrace(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
5
|
+
export declare function handleDevUp(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
6
|
+
export declare function handleDevLoop(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
7
|
+
export declare function handleDev(ctx: CliContext, subcommand: string, argv: string[]): Promise<CommandResult>;
|
|
@@ -0,0 +1,348 @@
|
|
|
1
|
+
import { resolve } from "node:path";
|
|
2
|
+
import { activateOfflineDevMode, createOfflineDevGatewayFetch, isProductionApiKey, } from "../../dev/offline-gateway.js";
|
|
3
|
+
import { runDevWiremockUp } from "../../dev/wiremock-up.js";
|
|
4
|
+
import { appendDevAuditLog, activateDevTraceCollector, buildDevStartupBannerLines, DEV_DEFAULT_POLICY_FILE, DEV_DEFAULT_PRESET, devTraceUrl, finalizeDevTraceCollector, recordSmokeTraceEvent, } from "../../dev/trace-buffer.js";
|
|
5
|
+
import { startDevTraceServer } from "../../dev/trace-server.js";
|
|
6
|
+
import { getSolutionSmokeDefaults } from "../../solutions/catalog.js";
|
|
7
|
+
import { describeCredentialSource, loadEnvFile } from "../credentials.js";
|
|
8
|
+
import { colorize, shouldUseColor } from "../color.js";
|
|
9
|
+
import { consumeBooleanFlag, consumeFlag } from "../globals.js";
|
|
10
|
+
import { CliError } from "../types.js";
|
|
11
|
+
import { handleAgentSandboxSmoke } from "./agent.js";
|
|
12
|
+
import { handleLogin } from "./setup.js";
|
|
13
|
+
import { handlePolicyInit, handlePolicyValidateTools } from "./policy.js";
|
|
14
|
+
import { scheduleCliCommandTelemetry } from "../telemetry.js";
|
|
15
|
+
function devCliError(message, options) {
|
|
16
|
+
return new CliError(message, {
|
|
17
|
+
category: options.category ?? "validation",
|
|
18
|
+
code: options.code,
|
|
19
|
+
details: options.details ?? {},
|
|
20
|
+
});
|
|
21
|
+
}
|
|
22
|
+
function appendDevLoopTraceLine(checklistLines, traceUrl, globals) {
|
|
23
|
+
const useColor = shouldUseColor(globals);
|
|
24
|
+
return [...checklistLines, colorize(`✓ Trace → ${traceUrl}`, "green", useColor)];
|
|
25
|
+
}
|
|
26
|
+
function writeDevStartupBanner(ctx) {
|
|
27
|
+
for (const line of buildDevStartupBannerLines()) {
|
|
28
|
+
ctx.stderr.write(`${line}\n`);
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
function rejectOfflineWithProductionKey(apiKey) {
|
|
32
|
+
const trimmed = apiKey?.trim();
|
|
33
|
+
if (trimmed && isProductionApiKey(trimmed)) {
|
|
34
|
+
throw devCliError("offline dev mode cannot be used with production API keys (paybond_sk_live_...); unset PAYBOND_API_KEY or use a sandbox key", { code: "cli.dev.offline_production_key", category: "validation" });
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
async function assertOfflineDevCredentialsSafe(ctx) {
|
|
38
|
+
rejectOfflineWithProductionKey(process.env.PAYBOND_API_KEY);
|
|
39
|
+
if (process.env.PAYBOND_API_KEY?.trim()) {
|
|
40
|
+
return;
|
|
41
|
+
}
|
|
42
|
+
const fromFile = await loadEnvFile(ctx.globals.envFile, ctx.cwd);
|
|
43
|
+
rejectOfflineWithProductionKey(fromFile);
|
|
44
|
+
}
|
|
45
|
+
function beginOfflineDevSession(ctx) {
|
|
46
|
+
const { restore } = activateOfflineDevMode();
|
|
47
|
+
return {
|
|
48
|
+
ctx: {
|
|
49
|
+
...ctx,
|
|
50
|
+
fetch: createOfflineDevGatewayFetch(),
|
|
51
|
+
},
|
|
52
|
+
restore,
|
|
53
|
+
};
|
|
54
|
+
}
|
|
55
|
+
async function finalizeSmokeResult(ctx, preset, smokeResult, offline = false) {
|
|
56
|
+
const bind = smokeResult.data.bind;
|
|
57
|
+
const execute = smokeResult.data.execute;
|
|
58
|
+
const defaults = getSolutionSmokeDefaults(preset);
|
|
59
|
+
const resultBody = execute.tool_result && typeof execute.tool_result === "object" && !Array.isArray(execute.tool_result)
|
|
60
|
+
? execute.tool_result
|
|
61
|
+
: defaults.resultBody;
|
|
62
|
+
const traceEvent = finalizeDevTraceCollector(resultBody, ctx.cwd) ??
|
|
63
|
+
recordSmokeTraceEvent({
|
|
64
|
+
preset,
|
|
65
|
+
bind,
|
|
66
|
+
execute,
|
|
67
|
+
resultBody,
|
|
68
|
+
}, ctx.cwd);
|
|
69
|
+
const auditLog = await appendDevAuditLog(ctx.cwd, {
|
|
70
|
+
kind: "dev.smoke",
|
|
71
|
+
recorded_at: traceEvent.recorded_at,
|
|
72
|
+
preset,
|
|
73
|
+
bind,
|
|
74
|
+
execute,
|
|
75
|
+
offline,
|
|
76
|
+
});
|
|
77
|
+
const traceUrl = devTraceUrl();
|
|
78
|
+
return {
|
|
79
|
+
data: {
|
|
80
|
+
...smokeResult.data,
|
|
81
|
+
offline,
|
|
82
|
+
trace_url: `${traceUrl}/runs/${encodeURIComponent(traceEvent.id)}`,
|
|
83
|
+
audit_log: auditLog,
|
|
84
|
+
},
|
|
85
|
+
warnings: smokeResult.warnings,
|
|
86
|
+
};
|
|
87
|
+
}
|
|
88
|
+
async function runDevSmokeCore(ctx, preset, offline) {
|
|
89
|
+
activateDevTraceCollector({ preset, cwd: ctx.cwd });
|
|
90
|
+
const smokeArgv = ["--preset", preset];
|
|
91
|
+
const smokeResult = await handleAgentSandboxSmoke(ctx, smokeArgv);
|
|
92
|
+
return finalizeSmokeResult(ctx, preset, smokeResult, offline);
|
|
93
|
+
}
|
|
94
|
+
export async function handleDevSmoke(ctx, argv) {
|
|
95
|
+
if (argv[0] === "--help" || argv[0] === "-h") {
|
|
96
|
+
throw new CliError("help", { category: "usage", code: "cli.help" });
|
|
97
|
+
}
|
|
98
|
+
let rest = argv;
|
|
99
|
+
const offlineFlag = consumeBooleanFlag(rest, "--offline");
|
|
100
|
+
rest = offlineFlag.rest;
|
|
101
|
+
const presetFlag = consumeFlag(rest, "--preset");
|
|
102
|
+
if (presetFlag.rest.length > 0) {
|
|
103
|
+
throw devCliError(`unexpected arguments: ${presetFlag.rest.join(" ")}`, {
|
|
104
|
+
code: "cli.usage.unexpected_args",
|
|
105
|
+
category: "usage",
|
|
106
|
+
});
|
|
107
|
+
}
|
|
108
|
+
const preset = presetFlag.value?.trim() || DEV_DEFAULT_PRESET;
|
|
109
|
+
if (offlineFlag.present) {
|
|
110
|
+
await assertOfflineDevCredentialsSafe(ctx);
|
|
111
|
+
}
|
|
112
|
+
const offlineSession = offlineFlag.present ? beginOfflineDevSession(ctx) : null;
|
|
113
|
+
try {
|
|
114
|
+
const result = await runDevSmokeCore(offlineSession?.ctx ?? ctx, preset, offlineFlag.present);
|
|
115
|
+
scheduleCliCommandTelemetry(offlineSession?.ctx ?? ctx, {
|
|
116
|
+
commandPath: "dev smoke",
|
|
117
|
+
offline: offlineFlag.present,
|
|
118
|
+
});
|
|
119
|
+
return result;
|
|
120
|
+
}
|
|
121
|
+
finally {
|
|
122
|
+
offlineSession?.restore();
|
|
123
|
+
}
|
|
124
|
+
}
|
|
125
|
+
export async function handleDevTrace(ctx, argv) {
|
|
126
|
+
if (argv[0] === "--help" || argv[0] === "-h") {
|
|
127
|
+
throw new CliError("help", { category: "usage", code: "cli.help" });
|
|
128
|
+
}
|
|
129
|
+
const portFlag = consumeFlag(argv, "--port");
|
|
130
|
+
if (portFlag.rest.length > 0) {
|
|
131
|
+
throw devCliError(`unexpected arguments: ${portFlag.rest.join(" ")}`, {
|
|
132
|
+
code: "cli.usage.unexpected_args",
|
|
133
|
+
category: "usage",
|
|
134
|
+
});
|
|
135
|
+
}
|
|
136
|
+
const port = portFlag.value ? Number.parseInt(portFlag.value, 10) : undefined;
|
|
137
|
+
if (port !== undefined && (!Number.isFinite(port) || port <= 0 || port > 65535)) {
|
|
138
|
+
throw devCliError("dev trace --port must be a valid TCP port", {
|
|
139
|
+
code: "cli.usage.invalid_port",
|
|
140
|
+
category: "usage",
|
|
141
|
+
});
|
|
142
|
+
}
|
|
143
|
+
const credentials = await describeCredentialSource(ctx.globals, ctx.cwd);
|
|
144
|
+
if (credentials.source === "missing") {
|
|
145
|
+
ctx.stderr.write("No PAYBOND_API_KEY configured. Run paybond dev smoke --offline or paybond login, then paybond dev smoke.\n");
|
|
146
|
+
}
|
|
147
|
+
let traceUrl = devTraceUrl(port);
|
|
148
|
+
const server = await startDevTraceServer({
|
|
149
|
+
port,
|
|
150
|
+
cwd: ctx.cwd,
|
|
151
|
+
onListen(url) {
|
|
152
|
+
traceUrl = url;
|
|
153
|
+
ctx.stderr.write(`Paybond dev trace dashboard listening on ${url}\n`);
|
|
154
|
+
ctx.stderr.write("Press Ctrl+C to stop.\n");
|
|
155
|
+
},
|
|
156
|
+
});
|
|
157
|
+
await new Promise((resolvePromise) => {
|
|
158
|
+
const shutdown = () => {
|
|
159
|
+
server.close(() => resolvePromise());
|
|
160
|
+
};
|
|
161
|
+
process.once("SIGINT", shutdown);
|
|
162
|
+
process.once("SIGTERM", shutdown);
|
|
163
|
+
});
|
|
164
|
+
return {
|
|
165
|
+
data: {
|
|
166
|
+
trace_url: traceUrl,
|
|
167
|
+
port: port ?? devTraceUrl().match(/:(\d+)/)?.[1] ?? "9477",
|
|
168
|
+
events: [],
|
|
169
|
+
},
|
|
170
|
+
};
|
|
171
|
+
}
|
|
172
|
+
export async function handleDevUp(ctx, argv) {
|
|
173
|
+
if (argv[0] === "--help" || argv[0] === "-h") {
|
|
174
|
+
throw new CliError("help", { category: "usage", code: "cli.help" });
|
|
175
|
+
}
|
|
176
|
+
let rest = argv;
|
|
177
|
+
const downFlag = consumeBooleanFlag(rest, "--down");
|
|
178
|
+
rest = downFlag.rest;
|
|
179
|
+
const portFlag = consumeFlag(rest, "--port");
|
|
180
|
+
if (portFlag.rest.length > 0) {
|
|
181
|
+
throw devCliError(`unexpected arguments: ${portFlag.rest.join(" ")}`, {
|
|
182
|
+
code: "cli.usage.unexpected_args",
|
|
183
|
+
category: "usage",
|
|
184
|
+
});
|
|
185
|
+
}
|
|
186
|
+
const port = portFlag.value ? Number.parseInt(portFlag.value, 10) : undefined;
|
|
187
|
+
if (port !== undefined && (!Number.isFinite(port) || port <= 0 || port > 65535)) {
|
|
188
|
+
throw devCliError("dev up --port must be a valid TCP port", {
|
|
189
|
+
code: "cli.usage.invalid_port",
|
|
190
|
+
category: "usage",
|
|
191
|
+
});
|
|
192
|
+
}
|
|
193
|
+
try {
|
|
194
|
+
const result = await runDevWiremockUp({ port, down: downFlag.present });
|
|
195
|
+
if (result.status === "stopped") {
|
|
196
|
+
ctx.stderr.write(`Stopped WireMock container ${result.container_name}.\n`);
|
|
197
|
+
}
|
|
198
|
+
else if (result.status === "already_running") {
|
|
199
|
+
ctx.stderr.write(`WireMock already running at ${result.gateway_url}\n`);
|
|
200
|
+
}
|
|
201
|
+
else {
|
|
202
|
+
ctx.stderr.write(`WireMock Gateway listening at ${result.gateway_url}\n`);
|
|
203
|
+
ctx.stderr.write(`Mappings loaded from ${result.wiremock_dir}\n`);
|
|
204
|
+
}
|
|
205
|
+
if (result.next_commands.length > 0) {
|
|
206
|
+
ctx.stderr.write("Next:\n");
|
|
207
|
+
for (const command of result.next_commands) {
|
|
208
|
+
ctx.stderr.write(` ${command}\n`);
|
|
209
|
+
}
|
|
210
|
+
}
|
|
211
|
+
return { data: result };
|
|
212
|
+
}
|
|
213
|
+
catch (err) {
|
|
214
|
+
throw devCliError(err instanceof Error ? err.message : String(err), {
|
|
215
|
+
code: "cli.dev.wiremock_failed",
|
|
216
|
+
category: "validation",
|
|
217
|
+
});
|
|
218
|
+
}
|
|
219
|
+
}
|
|
220
|
+
export async function handleDevLoop(ctx, argv) {
|
|
221
|
+
if (argv[0] === "--help" || argv[0] === "-h") {
|
|
222
|
+
throw new CliError("help", { category: "usage", code: "cli.help" });
|
|
223
|
+
}
|
|
224
|
+
let rest = argv;
|
|
225
|
+
const offlineFlag = consumeBooleanFlag(rest, "--offline");
|
|
226
|
+
rest = offlineFlag.rest;
|
|
227
|
+
const policyFlag = consumeFlag(rest, "--policy-file");
|
|
228
|
+
rest = policyFlag.rest;
|
|
229
|
+
const noLoginFlag = consumeBooleanFlag(rest, "--no-login");
|
|
230
|
+
rest = noLoginFlag.rest;
|
|
231
|
+
if (rest.length > 0) {
|
|
232
|
+
throw devCliError(`unexpected arguments: ${rest.join(" ")}`, {
|
|
233
|
+
code: "cli.usage.unexpected_args",
|
|
234
|
+
category: "usage",
|
|
235
|
+
});
|
|
236
|
+
}
|
|
237
|
+
const policyFile = policyFlag.value?.trim() || DEV_DEFAULT_POLICY_FILE;
|
|
238
|
+
const steps = [];
|
|
239
|
+
const bannerLines = buildDevStartupBannerLines();
|
|
240
|
+
if (offlineFlag.present) {
|
|
241
|
+
await assertOfflineDevCredentialsSafe(ctx);
|
|
242
|
+
}
|
|
243
|
+
const offlineSession = offlineFlag.present ? beginOfflineDevSession(ctx) : null;
|
|
244
|
+
const activeCtx = offlineSession?.ctx ?? ctx;
|
|
245
|
+
writeDevStartupBanner(ctx);
|
|
246
|
+
try {
|
|
247
|
+
if (offlineFlag.present) {
|
|
248
|
+
steps.push({
|
|
249
|
+
name: "login",
|
|
250
|
+
ok: true,
|
|
251
|
+
skipped: true,
|
|
252
|
+
message: "offline mode (no PAYBOND_API_KEY required)",
|
|
253
|
+
});
|
|
254
|
+
}
|
|
255
|
+
else {
|
|
256
|
+
const credentials = await describeCredentialSource(ctx.globals, ctx.cwd);
|
|
257
|
+
if (credentials.source === "missing" && !noLoginFlag.present) {
|
|
258
|
+
const loginResult = await handleLogin(ctx, []);
|
|
259
|
+
steps.push({ name: "login", ok: true, data: loginResult.data });
|
|
260
|
+
}
|
|
261
|
+
else {
|
|
262
|
+
steps.push({
|
|
263
|
+
name: "login",
|
|
264
|
+
ok: credentials.source !== "missing",
|
|
265
|
+
skipped: credentials.source !== "missing",
|
|
266
|
+
message: credentials.source === "missing" ? "missing credentials; run paybond login" : "credentials present",
|
|
267
|
+
});
|
|
268
|
+
if (credentials.source === "missing") {
|
|
269
|
+
throw devCliError("dev loop requires sandbox credentials; run paybond login, pass --offline, or omit --no-login", {
|
|
270
|
+
code: "cli.dev.missing_credentials",
|
|
271
|
+
category: "validation",
|
|
272
|
+
details: { steps },
|
|
273
|
+
});
|
|
274
|
+
}
|
|
275
|
+
}
|
|
276
|
+
}
|
|
277
|
+
const initResult = await handlePolicyInit(activeCtx, [
|
|
278
|
+
"--preset",
|
|
279
|
+
DEV_DEFAULT_PRESET,
|
|
280
|
+
"--out",
|
|
281
|
+
policyFile,
|
|
282
|
+
"--force",
|
|
283
|
+
]);
|
|
284
|
+
steps.push({ name: "policy_init", ok: true, data: initResult.data });
|
|
285
|
+
const validateResult = await handlePolicyValidateTools(activeCtx, [
|
|
286
|
+
"--file",
|
|
287
|
+
policyFile,
|
|
288
|
+
"--local-only",
|
|
289
|
+
]);
|
|
290
|
+
const validateData = validateResult.data;
|
|
291
|
+
steps.push({
|
|
292
|
+
name: "validate_tools",
|
|
293
|
+
ok: validateData.valid === true,
|
|
294
|
+
data: validateData,
|
|
295
|
+
});
|
|
296
|
+
if (validateData.valid !== true) {
|
|
297
|
+
throw devCliError("dev loop failed policy validate-tools --local-only", {
|
|
298
|
+
code: "cli.dev.validate_failed",
|
|
299
|
+
category: "validation",
|
|
300
|
+
details: { steps },
|
|
301
|
+
});
|
|
302
|
+
}
|
|
303
|
+
const smokeResult = await runDevSmokeCore(activeCtx, DEV_DEFAULT_PRESET, offlineFlag.present);
|
|
304
|
+
steps.push({ name: "smoke", ok: true, data: smokeResult.data });
|
|
305
|
+
const traceUrl = String(smokeResult.data.trace_url ?? devTraceUrl());
|
|
306
|
+
const auditLog = String(smokeResult.data.audit_log ?? resolve(ctx.cwd, ".paybond/dev-audit.jsonl"));
|
|
307
|
+
const smokeChecklist = Array.isArray(smokeResult.data.checklist_lines)
|
|
308
|
+
? smokeResult.data.checklist_lines
|
|
309
|
+
: [];
|
|
310
|
+
scheduleCliCommandTelemetry(activeCtx, {
|
|
311
|
+
commandPath: "dev loop",
|
|
312
|
+
offline: offlineFlag.present,
|
|
313
|
+
});
|
|
314
|
+
return {
|
|
315
|
+
data: {
|
|
316
|
+
offline: offlineFlag.present,
|
|
317
|
+
steps,
|
|
318
|
+
smoke: smokeResult.data,
|
|
319
|
+
trace_url: traceUrl,
|
|
320
|
+
audit_log: auditLog,
|
|
321
|
+
banner_lines: bannerLines,
|
|
322
|
+
checklist_lines: appendDevLoopTraceLine(smokeChecklist, traceUrl, ctx.globals),
|
|
323
|
+
},
|
|
324
|
+
warnings: smokeResult.warnings,
|
|
325
|
+
};
|
|
326
|
+
}
|
|
327
|
+
finally {
|
|
328
|
+
offlineSession?.restore();
|
|
329
|
+
}
|
|
330
|
+
}
|
|
331
|
+
export async function handleDev(ctx, subcommand, argv) {
|
|
332
|
+
if (subcommand === "smoke") {
|
|
333
|
+
return handleDevSmoke(ctx, argv);
|
|
334
|
+
}
|
|
335
|
+
if (subcommand === "trace") {
|
|
336
|
+
return handleDevTrace(ctx, argv);
|
|
337
|
+
}
|
|
338
|
+
if (subcommand === "loop") {
|
|
339
|
+
return handleDevLoop(ctx, argv);
|
|
340
|
+
}
|
|
341
|
+
if (subcommand === "up") {
|
|
342
|
+
return handleDevUp(ctx, argv);
|
|
343
|
+
}
|
|
344
|
+
throw devCliError(`unknown dev subcommand: dev ${subcommand}`, {
|
|
345
|
+
code: "cli.usage.unknown_command",
|
|
346
|
+
category: "usage",
|
|
347
|
+
});
|
|
348
|
+
}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import { commandPath, type CliContext } from "../context.js";
|
|
2
|
+
import { type CommandResult } from "../types.js";
|
|
3
|
+
export declare function handleSignal(ctx: CliContext, subcommand: string, argv: string[]): Promise<CommandResult>;
|
|
4
|
+
export declare function handleReceipts(ctx: CliContext, subcommand: string, argv: string[]): Promise<CommandResult>;
|
|
5
|
+
export declare function handleMandates(ctx: CliContext, subcommand: string, argv: string[]): Promise<CommandResult>;
|
|
6
|
+
export declare function handleA2a(ctx: CliContext, subcommand: string, argv: string[]): Promise<CommandResult>;
|
|
7
|
+
export declare function handleAuditExports(ctx: CliContext, subcommand: string, argv: string[]): Promise<CommandResult>;
|
|
8
|
+
export { commandPath };
|
|
@@ -0,0 +1,194 @@
|
|
|
1
|
+
import { resolveJsonBody } from "../body.js";
|
|
2
|
+
import { verifyAuditBundleLocal } from "../audit-export.js";
|
|
3
|
+
import { buildListQueryParams, extractNextCursor, partialResultsWarning, writeAtomicFileAsync, } from "../automation.js";
|
|
4
|
+
import { commandPath, gatewayUrl, requireConfirmation, withGateway } from "../context.js";
|
|
5
|
+
import { consumeBooleanFlag, consumeFlag } from "../globals.js";
|
|
6
|
+
import { CliError } from "../types.js";
|
|
7
|
+
export async function handleSignal(ctx, subcommand, argv) {
|
|
8
|
+
return withGateway(ctx, async (gateway) => {
|
|
9
|
+
const principal = await gateway.getJson("/v1/auth/principal");
|
|
10
|
+
const tenantId = String(principal.tenant_id ?? "");
|
|
11
|
+
if (subcommand === "portfolio") {
|
|
12
|
+
const body = await gateway.getJson(`/signal/v1/tenants/${encodeURIComponent(tenantId)}/portfolio/summary`);
|
|
13
|
+
return { data: body };
|
|
14
|
+
}
|
|
15
|
+
const didFlag = consumeFlag(argv, "--did");
|
|
16
|
+
if (!didFlag.value) {
|
|
17
|
+
throw new CliError(`signal ${subcommand} requires --did`, { category: "usage", code: "cli.usage.missing_did" });
|
|
18
|
+
}
|
|
19
|
+
if (subcommand === "reputation") {
|
|
20
|
+
const body = await gateway.getJson(`/signal/v1/tenants/${encodeURIComponent(tenantId)}/reputation/${encodeURIComponent(didFlag.value)}`);
|
|
21
|
+
return { data: body };
|
|
22
|
+
}
|
|
23
|
+
if (subcommand === "fraud") {
|
|
24
|
+
const body = await gateway.getJson(`/fraud/v1/tenants/${encodeURIComponent(tenantId)}/assessments/${encodeURIComponent(didFlag.value)}`);
|
|
25
|
+
return { data: body };
|
|
26
|
+
}
|
|
27
|
+
throw new CliError(`unknown signal subcommand: ${subcommand}`, { category: "usage", code: "cli.usage.unknown_command" });
|
|
28
|
+
});
|
|
29
|
+
}
|
|
30
|
+
export async function handleReceipts(ctx, subcommand, argv) {
|
|
31
|
+
return withGateway(ctx, async (gateway) => {
|
|
32
|
+
const receiptId = argv[0];
|
|
33
|
+
if (!receiptId) {
|
|
34
|
+
throw new CliError(`receipts ${subcommand} requires <receipt_id>`, { category: "usage", code: "cli.usage.missing_receipt_id" });
|
|
35
|
+
}
|
|
36
|
+
if (subcommand === "get") {
|
|
37
|
+
const body = await gateway.getJson(`/protocol/v2/receipts/${encodeURIComponent(receiptId)}`);
|
|
38
|
+
return { data: body };
|
|
39
|
+
}
|
|
40
|
+
if (subcommand === "verify") {
|
|
41
|
+
const body = await gateway.postJson("/protocol/v2/receipts/verify", { receipt_id: receiptId });
|
|
42
|
+
return { data: body };
|
|
43
|
+
}
|
|
44
|
+
throw new CliError(`unknown receipts subcommand: ${subcommand}`, { category: "usage", code: "cli.usage.unknown_command" });
|
|
45
|
+
});
|
|
46
|
+
}
|
|
47
|
+
export async function handleMandates(ctx, subcommand, argv) {
|
|
48
|
+
return withGateway(ctx, async (gateway) => {
|
|
49
|
+
const { payload } = await resolveJsonBody(argv, {
|
|
50
|
+
missingMessage: `mandates ${subcommand} requires --body <json-file> or --stdin`,
|
|
51
|
+
});
|
|
52
|
+
if (subcommand === "verify") {
|
|
53
|
+
const body = await gateway.postJson("/protocol/v2/mandates/verify", payload);
|
|
54
|
+
return { data: body };
|
|
55
|
+
}
|
|
56
|
+
if (subcommand === "import") {
|
|
57
|
+
const body = await gateway.postJson("/protocol/v2/mandates/import", payload);
|
|
58
|
+
return { data: body };
|
|
59
|
+
}
|
|
60
|
+
throw new CliError(`unknown mandates subcommand: ${subcommand}`, { category: "usage", code: "cli.usage.unknown_command" });
|
|
61
|
+
});
|
|
62
|
+
}
|
|
63
|
+
export async function handleA2a(ctx, subcommand, argv) {
|
|
64
|
+
return withGateway(ctx, async (gateway) => {
|
|
65
|
+
if (subcommand === "card") {
|
|
66
|
+
const body = await gateway.getJson("/.well-known/agent-card.json");
|
|
67
|
+
return { data: body };
|
|
68
|
+
}
|
|
69
|
+
if (subcommand === "contracts") {
|
|
70
|
+
const contractFlag = consumeFlag(argv, "--contract-id");
|
|
71
|
+
if (contractFlag.value) {
|
|
72
|
+
const body = await gateway.getJson(`/protocol/v2/a2a/task-contracts/${encodeURIComponent(contractFlag.value)}`);
|
|
73
|
+
return { data: body };
|
|
74
|
+
}
|
|
75
|
+
const limitFlag = consumeFlag(argv, "--limit");
|
|
76
|
+
const cursorFlag = consumeFlag(argv, "--cursor");
|
|
77
|
+
const params = buildListQueryParams(limitFlag.value, cursorFlag.value);
|
|
78
|
+
const body = await gateway.getJson(`/protocol/v2/a2a/task-contracts?${params.toString()}`);
|
|
79
|
+
const nextCursor = extractNextCursor(body);
|
|
80
|
+
const warnings = partialResultsWarning(nextCursor) ? [partialResultsWarning(nextCursor)] : undefined;
|
|
81
|
+
if (nextCursor && !body.next_cursor) {
|
|
82
|
+
body.next_cursor = nextCursor;
|
|
83
|
+
}
|
|
84
|
+
return { data: body, warnings };
|
|
85
|
+
}
|
|
86
|
+
throw new CliError(`unknown a2a subcommand: ${subcommand}`, { category: "usage", code: "cli.usage.unknown_command" });
|
|
87
|
+
});
|
|
88
|
+
}
|
|
89
|
+
export async function handleAuditExports(ctx, subcommand, argv) {
|
|
90
|
+
if (subcommand === "verify") {
|
|
91
|
+
const path = argv[0];
|
|
92
|
+
if (!path) {
|
|
93
|
+
throw new CliError("audit exports verify requires <path>", { category: "usage", code: "cli.usage.missing_path" });
|
|
94
|
+
}
|
|
95
|
+
try {
|
|
96
|
+
const data = await verifyAuditBundleLocal(path, ctx.cwd);
|
|
97
|
+
return { data };
|
|
98
|
+
}
|
|
99
|
+
catch (err) {
|
|
100
|
+
if (err instanceof CliError) {
|
|
101
|
+
throw err;
|
|
102
|
+
}
|
|
103
|
+
throw new CliError(err instanceof Error ? err.message : String(err), {
|
|
104
|
+
category: "validation",
|
|
105
|
+
code: "cli.audit.verify_failed",
|
|
106
|
+
});
|
|
107
|
+
}
|
|
108
|
+
}
|
|
109
|
+
return withGateway(ctx, async (gateway) => {
|
|
110
|
+
if (subcommand === "list") {
|
|
111
|
+
const limitFlag = consumeFlag(argv, "--limit");
|
|
112
|
+
const cursorFlag = consumeFlag(argv, "--cursor");
|
|
113
|
+
const params = buildListQueryParams(limitFlag.value, cursorFlag.value, { limit: "50" });
|
|
114
|
+
const body = await gateway.getJson(`/v1/compliance/audit-exports?${params.toString()}`);
|
|
115
|
+
const exports = Array.isArray(body.jobs)
|
|
116
|
+
? body.jobs
|
|
117
|
+
: Array.isArray(body.items)
|
|
118
|
+
? body.items
|
|
119
|
+
: Array.isArray(body.exports)
|
|
120
|
+
? body.exports
|
|
121
|
+
: [];
|
|
122
|
+
const nextCursor = extractNextCursor(body);
|
|
123
|
+
const warnings = partialResultsWarning(nextCursor) ? [partialResultsWarning(nextCursor)] : undefined;
|
|
124
|
+
const data = {
|
|
125
|
+
exports: exports.map((item) => {
|
|
126
|
+
const row = item;
|
|
127
|
+
return {
|
|
128
|
+
job_id: String(row.job_id ?? row.id ?? ""),
|
|
129
|
+
status: String(row.status ?? ""),
|
|
130
|
+
created_at: String(row.created_at ?? ""),
|
|
131
|
+
expires_at: row.expires_at ? String(row.expires_at) : null,
|
|
132
|
+
scope: row.scope ? String(row.scope) : undefined,
|
|
133
|
+
};
|
|
134
|
+
}),
|
|
135
|
+
};
|
|
136
|
+
if (nextCursor) {
|
|
137
|
+
data.next_cursor = nextCursor;
|
|
138
|
+
}
|
|
139
|
+
return { data, warnings };
|
|
140
|
+
}
|
|
141
|
+
const jobId = argv[0];
|
|
142
|
+
if (!jobId) {
|
|
143
|
+
throw new CliError(`audit exports ${subcommand} requires <job_id>`, { category: "usage", code: "cli.usage.missing_job_id" });
|
|
144
|
+
}
|
|
145
|
+
if (subcommand === "get") {
|
|
146
|
+
const issueDownload = consumeBooleanFlag(argv.slice(1), "--issue-download").present;
|
|
147
|
+
const outputFlag = consumeFlag(argv.slice(1), "--output");
|
|
148
|
+
const query = issueDownload ? "?issue_download=1" : "";
|
|
149
|
+
const body = await gateway.getJson(`/v1/compliance/audit-exports/${encodeURIComponent(jobId)}${query}`);
|
|
150
|
+
if (outputFlag.value) {
|
|
151
|
+
const job = (body.job ?? body);
|
|
152
|
+
const token = String(job.download_token ?? "");
|
|
153
|
+
if (!token) {
|
|
154
|
+
throw new CliError("audit exports get --output requires a ready export with --issue-download", {
|
|
155
|
+
category: "validation",
|
|
156
|
+
code: "cli.audit.missing_download_token",
|
|
157
|
+
});
|
|
158
|
+
}
|
|
159
|
+
const bundleUrl = gatewayUrl(ctx.globals.gateway, `/v1/compliance/audit-exports/${encodeURIComponent(jobId)}/bundle`);
|
|
160
|
+
const response = await ctx.fetch(bundleUrl, {
|
|
161
|
+
method: "POST",
|
|
162
|
+
headers: {
|
|
163
|
+
authorization: `Bearer ${token}`,
|
|
164
|
+
"x-request-id": ctx.globals.requestId,
|
|
165
|
+
},
|
|
166
|
+
});
|
|
167
|
+
if (!response.ok) {
|
|
168
|
+
throw new CliError(`failed to download audit export bundle (${response.status})`, {
|
|
169
|
+
category: "gateway",
|
|
170
|
+
code: "cli.audit.bundle_download_failed",
|
|
171
|
+
exitCode: 5,
|
|
172
|
+
});
|
|
173
|
+
}
|
|
174
|
+
const bytes = new Uint8Array(await response.arrayBuffer());
|
|
175
|
+
await writeAtomicFileAsync(outputFlag.value, bytes, 0o600);
|
|
176
|
+
return {
|
|
177
|
+
data: {
|
|
178
|
+
job_id: jobId,
|
|
179
|
+
output: outputFlag.value,
|
|
180
|
+
bytes_written: bytes.byteLength,
|
|
181
|
+
},
|
|
182
|
+
};
|
|
183
|
+
}
|
|
184
|
+
return { data: body };
|
|
185
|
+
}
|
|
186
|
+
if (subcommand === "delete") {
|
|
187
|
+
requireConfirmation(ctx.globals, "delete audit export job");
|
|
188
|
+
await gateway.deleteJson(`/v1/compliance/audit-exports/${encodeURIComponent(jobId)}`);
|
|
189
|
+
return { data: { job_id: jobId, deleted: true } };
|
|
190
|
+
}
|
|
191
|
+
throw new CliError(`unknown audit exports subcommand: ${subcommand}`, { category: "usage", code: "cli.usage.unknown_command" });
|
|
192
|
+
});
|
|
193
|
+
}
|
|
194
|
+
export { commandPath };
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import { type CliContext } from "../context.js";
|
|
2
|
+
import { type CommandResult } from "../types.js";
|
|
3
|
+
export declare function handlePolicyPresetsList(_ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
4
|
+
export declare function handlePolicyPresetsShow(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
5
|
+
export declare function handlePolicyInit(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
6
|
+
export declare function handlePolicyInitOrg(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
7
|
+
export declare function handlePolicyExtend(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
8
|
+
export declare function handlePolicyValidateTools(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
9
|
+
export declare function handlePolicyTemplates(_ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
10
|
+
export declare function handlePolicyPreview(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
11
|
+
export declare function handlePolicyImportMcpReceipt(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
12
|
+
export declare function handlePolicyValidateEvidence(_ctx: CliContext, argv: string[]): Promise<CommandResult>;
|
|
13
|
+
export declare function handlePolicyImportX402Receipt(ctx: CliContext, argv: string[]): Promise<CommandResult>;
|