@peac/kernel 0.10.9 → 0.10.10

package/package.json

@@ -1,40 +1,37 @@
 {
   "name": "@peac/kernel",
-  "version": "0.10.9",
+  "version": "0.10.10",
   "description": "PEAC protocol kernel - normative constants, errors, and registries",
-  "main": "./dist/index.js",
-  "types": "./dist/index.d.ts",
+  "main": "dist/index.cjs",
+  "types": "dist/index.d.ts",
   "exports": {
     ".": {
       "types": "./dist/index.d.ts",
-      "import": "./dist/index.js",
-      "require": "./dist/index.js",
-      "default": "./dist/index.js"
+      "import": "./dist/index.mjs",
+      "require": "./dist/index.cjs",
+      "default": "./dist/index.mjs"
     },
     "./constants": {
       "types": "./dist/constants.d.ts",
-      "import": "./dist/constants.js",
-      "require": "./dist/constants.js",
-      "default": "./dist/constants.js"
+      "import": "./dist/constants.mjs",
+      "require": "./dist/constants.cjs"
     },
     "./errors": {
       "types": "./dist/errors.d.ts",
-      "import": "./dist/errors.js",
-      "require": "./dist/errors.js",
-      "default": "./dist/errors.js"
+      "import": "./dist/errors.mjs",
+      "require": "./dist/errors.cjs"
     },
     "./registries": {
       "types": "./dist/registries.d.ts",
-      "import": "./dist/registries.js",
-      "require": "./dist/registries.js",
-      "default": "./dist/registries.js"
+      "import": "./dist/registries.mjs",
+      "require": "./dist/registries.cjs"
     },
     "./types": {
       "types": "./dist/types.d.ts",
-      "import": "./dist/types.js",
-      "require": "./dist/types.js",
-      "default": "./dist/types.js"
-    }
+      "import": "./dist/types.mjs",
+      "require": "./dist/types.cjs"
+    },
+    "./package.json": "./package.json"
   },
   "keywords": [
     "peac",
@@ -63,11 +60,15 @@
     "access": "public"
   },
   "devDependencies": {
-    "typescript": "^5.6.2"
+    "typescript": "^5.6.2",
+    "tsup": "^8.0.0"
   },
   "scripts": {
-    "build": "tsc",
+    "prebuild": "rm -rf dist",
+    "build": "pnpm run build:js && pnpm run build:types",
     "clean": "rm -rf dist tsconfig.tsbuildinfo",
-    "typecheck": "tsc --noEmit"
+    "typecheck": "tsc --noEmit",
+    "build:js": "tsup",
+    "build:types": "rm -f dist/.tsbuildinfo && tsc && rm -f dist/.tsbuildinfo"
   }
 }

package/dist/__tests__/http.test.js

@@ -1,121 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const vitest_1 = require("vitest");
-const http_js_1 = require("../http.js");
-(0, vitest_1.describe)('VARY_HEADERS', () => {
-    (0, vitest_1.it)('includes PEAC-Purpose and PEAC-Receipt', () => {
-        (0, vitest_1.expect)(http_js_1.VARY_HEADERS).toContain('PEAC-Purpose');
-        (0, vitest_1.expect)(http_js_1.VARY_HEADERS).toContain('PEAC-Receipt');
-        (0, vitest_1.expect)(http_js_1.VARY_HEADERS).toHaveLength(2);
-    });
-});
-(0, vitest_1.describe)('applyPurposeVary', () => {
-    (0, vitest_1.describe)('with Web API Headers', () => {
-        (0, vitest_1.it)('sets Vary when no existing header', () => {
-            const headers = new Headers();
-            (0, http_js_1.applyPurposeVary)(headers);
-            (0, vitest_1.expect)(headers.get('Vary')).toBe('PEAC-Purpose');
-        });
-        (0, vitest_1.it)('appends to existing Vary header', () => {
-            const headers = new Headers();
-            headers.set('Vary', 'Accept-Encoding');
-            (0, http_js_1.applyPurposeVary)(headers);
-            // Headers.append behavior
-            (0, vitest_1.expect)(headers.get('Vary')).toContain('Accept-Encoding');
-            (0, vitest_1.expect)(headers.get('Vary')).toContain('PEAC-Purpose');
-        });
-        (0, vitest_1.it)('does not duplicate when PEAC-Purpose already present', () => {
-            const headers = new Headers();
-            headers.set('Vary', 'PEAC-Purpose');
-            (0, http_js_1.applyPurposeVary)(headers);
-            (0, vitest_1.expect)(headers.get('Vary')).toBe('PEAC-Purpose');
-        });
-        (0, vitest_1.it)('handles case-insensitive match', () => {
-            const headers = new Headers();
-            headers.set('Vary', 'peac-purpose');
-            (0, http_js_1.applyPurposeVary)(headers);
-            // Should not duplicate
-            (0, vitest_1.expect)(headers.get('Vary')).toBe('peac-purpose');
-        });
-        (0, vitest_1.it)('handles Vary: * (wildcard)', () => {
-            const headers = new Headers();
-            headers.set('Vary', '*');
-            (0, http_js_1.applyPurposeVary)(headers);
-            // Wildcard means vary on everything, no need to append
-            (0, vitest_1.expect)(headers.get('Vary')).toContain('*');
-        });
-        (0, vitest_1.it)('is idempotent when called twice', () => {
-            const headers = new Headers();
-            (0, http_js_1.applyPurposeVary)(headers);
-            (0, http_js_1.applyPurposeVary)(headers);
-            (0, vitest_1.expect)(headers.get('Vary')).toBe('PEAC-Purpose');
-        });
-        (0, vitest_1.it)('works for deny responses (vary must apply to denials too)', () => {
-            // Deny responses must also vary to prevent caching denial across purposes
-            const headers = new Headers();
-            headers.set('PEAC-Decision', 'deny');
-            (0, http_js_1.applyPurposeVary)(headers);
-            (0, vitest_1.expect)(headers.get('Vary')).toBe('PEAC-Purpose');
-        });
-    });
-    (0, vitest_1.describe)('with Node.js-like response object', () => {
-        (0, vitest_1.it)('sets Vary via setHeader', () => {
-            const headers = {};
-            const res = {
-                getHeader: (name) => headers[name.toLowerCase()],
-                setHeader: (name, value) => {
-                    headers[name.toLowerCase()] = value;
-                },
-            };
-            (0, http_js_1.applyPurposeVary)(res);
-            (0, vitest_1.expect)(headers['vary']).toBe('PEAC-Purpose');
-        });
-        (0, vitest_1.it)('appends to existing Vary via setHeader', () => {
-            const headers = { vary: 'Accept-Encoding' };
-            const res = {
-                getHeader: (name) => headers[name.toLowerCase()],
-                setHeader: (name, value) => {
-                    headers[name.toLowerCase()] = value;
-                },
-            };
-            (0, http_js_1.applyPurposeVary)(res);
-            (0, vitest_1.expect)(headers['vary']).toBe('Accept-Encoding, PEAC-Purpose');
-        });
-        (0, vitest_1.it)('does not duplicate when already present', () => {
-            const headers = { vary: 'PEAC-Purpose' };
-            const res = {
-                getHeader: (name) => headers[name.toLowerCase()],
-                setHeader: (name, value) => {
-                    headers[name.toLowerCase()] = value;
-                },
-            };
-            (0, http_js_1.applyPurposeVary)(res);
-            (0, vitest_1.expect)(headers['vary']).toBe('PEAC-Purpose');
-        });
-    });
-    (0, vitest_1.describe)('with Map-like headers (Hono, etc.)', () => {
-        (0, vitest_1.it)('sets Vary via set method', () => {
-            const map = new Map();
-            const headers = {
-                set: (name, value) => map.set(name, value),
-            };
-            (0, http_js_1.applyPurposeVary)(headers);
-            (0, vitest_1.expect)(map.get('Vary')).toBe('PEAC-Purpose');
-        });
-    });
-});
-(0, vitest_1.describe)('getPeacVaryHeaders', () => {
-    (0, vitest_1.it)('returns comma-separated list of PEAC headers', () => {
-        const result = (0, http_js_1.getPeacVaryHeaders)();
-        (0, vitest_1.expect)(result).toBe('PEAC-Purpose, PEAC-Receipt');
-    });
-});
-(0, vitest_1.describe)('needsPurposeVary', () => {
-    (0, vitest_1.it)('returns true when purpose was enforced', () => {
-        (0, vitest_1.expect)((0, http_js_1.needsPurposeVary)(true)).toBe(true);
-    });
-    (0, vitest_1.it)('returns false when purpose was not enforced', () => {
-        (0, vitest_1.expect)((0, http_js_1.needsPurposeVary)(false)).toBe(false);
-    });
-});
-//# sourceMappingURL=http.test.js.map

package/dist/__tests__/http.test.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"http.test.js","sourceRoot":"","sources":["../../src/__tests__/http.test.ts"],"names":[],"mappings":";;AAAA,mCAA8C;AAC9C,wCAAkG;AAElG,IAAA,iBAAQ,EAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,IAAA,WAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,IAAA,eAAM,EAAC,sBAAY,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC/C,IAAA,eAAM,EAAC,sBAAY,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC/C,IAAA,eAAM,EAAC,sBAAY,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,IAAA,iBAAQ,EAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,IAAA,WAAE,EAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,iBAAiB,CAAC,CAAC;YACvC,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,0BAA0B;YAC1B,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;YACzD,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,sDAAsD,EAAE,GAAG,EAAE;YAC9D,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACpC,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YACpC,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,uBAAuB;YACvB,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;YACzB,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,uDAAuD;YACvD,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,2DAA2D,EAAE,GAAG,EAAE;YACnE,0EAA0E;YAC1E,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;YACrC,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,IAAA,eAAM,EAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,mCAAmC,EAAE,GAAG,EAAE;QACjD,IAAA,WAAE,EAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,MAAM,OAAO,GAA2B,EAAE,CAAC;YAC3C,MAAM,GAAG,GAAG;gBACV,SAAS,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACxD,SAAS,EAAE,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE;oBACzC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,GAAG,KAAK,CAAC;gBACtC,CAAC;aACF,CAAC;YACF,IAAA,0BAAgB,EAAC,GAAG,CAAC,CAAC;YACtB,IAAA,eAAM,EAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,MAAM,OAAO,GAA2B,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC;YACpE,MAAM,GAAG,GAAG;gBACV,SAAS,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACxD,SAAS,EAAE,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE;oBACzC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,GAAG,KAAK,CAAC;gBACtC,CAAC;aACF,CAAC;YACF,IAAA,0BAAgB,EAAC,GAAG,CAAC,CAAC;YACtB,IAAA,eAAM,EAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC;QAEH,IAAA,WAAE,EAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,OAAO,GAA2B,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC;YACjE,MAAM,GAAG,GAAG;gBACV,SAAS,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACxD,SAAS,EAAE,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE;oBACzC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,GAAG,KAAK,CAAC;gBACtC,CAAC;aACF,CAAC;YACF,IAAA,0BAAgB,EAAC,GAAG,CAAC,CAAC;YACtB,IAAA,eAAM,EAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAA,iBAAQ,EAAC,oCAAoC,EAAE,GAAG,EAAE;QAClD,IAAA,WAAE,EAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,GAAG,GAAG,IAAI,GAAG,EAAkB,CAAC;YACtC,MAAM,OAAO,GAAG;gBACd,GAAG,EAAE,CAAC,IAAY,EAAE,KAAa,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC;aAC3D,CAAC;YACF,IAAA,0BAAgB,EAAC,OAAO,CAAC,CAAC;YAC1B,IAAA,eAAM,EAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,IAAA,WAAE,EAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,MAAM,GAAG,IAAA,4BAAkB,GAAE,CAAC;QACpC,IAAA,eAAM,EAAC,MAAM,CAAC,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,iBAAQ,EAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,IAAA,WAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,IAAA,eAAM,EAAC,IAAA,0BAAgB,EAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IAEH,IAAA,WAAE,EAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,IAAA,eAAM,EAAC,IAAA,0BAAgB,EAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/constants.js

@@ -1,251 +0,0 @@
-"use strict";
-/**
- * PEAC Protocol Constants
- * Derived from specs/kernel/constants.json
- *
- * NOTE: This file is manually synced for v0.9.15.
- * From v0.9.16+, this will be auto-generated via codegen.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.CONSTANTS = exports.VERIFICATION_MODES = exports.VERIFIER_POLICY_VERSION = exports.PRIVATE_IP_RANGES = exports.VERIFIER_NETWORK = exports.VERIFIER_LIMITS = exports.HASH = exports.VERIFICATION_REPORT_VERSION = exports.BUNDLE_VERSION = exports.LIMITS = exports.RECEIPT = exports.JWKS = exports.DISCOVERY = exports.ISSUER_CONFIG = exports.POLICY = exports.HEADERS = exports.ALGORITHMS = exports.WIRE_VERSION = exports.WIRE_TYPE = void 0;
-exports.parseHash = parseHash;
-exports.formatHash = formatHash;
-exports.isValidHash = isValidHash;
-/**
- * Wire format type for PEAC receipts
- * Normalized to peac-receipt/0.1 per DEC-20260114-002
- */
-exports.WIRE_TYPE = 'peac-receipt/0.1';
-/**
- * Wire format version (extracted from WIRE_TYPE)
- * Use this for wire_version fields in receipts
- */
-exports.WIRE_VERSION = '0.1';
-/**
- * Supported cryptographic algorithms
- */
-exports.ALGORITHMS = {
-    supported: ['EdDSA'],
-    default: 'EdDSA',
-};
-/**
- * HTTP header names for PEAC protocol
- */
-exports.HEADERS = {
-    receipt: 'PEAC-Receipt',
-    receiptPointer: 'PEAC-Receipt-Pointer',
-    dpop: 'DPoP',
-    // Purpose headers (v0.9.24+)
-    purpose: 'PEAC-Purpose',
-    purposeApplied: 'PEAC-Purpose-Applied',
-    purposeReason: 'PEAC-Purpose-Reason',
-};
-/**
- * Policy manifest settings (/.well-known/peac.txt)
- *
- * Policy documents declare access terms for agents and gateways.
- * @see docs/specs/PEAC-TXT.md
- */
-exports.POLICY = {
-    manifestPath: '/.well-known/peac.txt',
-    fallbackPath: '/peac.txt',
-    manifestVersion: 'peac-policy/0.1',
-    cacheTtlSeconds: 3600,
-    maxBytes: 262144, // 256 KiB
-    maxDepth: 8,
-};
-/**
- * Issuer configuration settings (/.well-known/peac-issuer.json)
- *
- * Issuer config enables verifiers to discover JWKS and verification endpoints.
- * @see docs/specs/PEAC-ISSUER.md
- */
-exports.ISSUER_CONFIG = {
-    configPath: '/.well-known/peac-issuer.json',
-    configVersion: 'peac-issuer/0.1',
-    cacheTtlSeconds: 3600,
-    maxBytes: 65536, // 64 KiB
-    maxDepth: 4,
-    fetchTimeoutMs: 10000,
-};
-/**
- * @deprecated Use POLICY instead. Will be removed in v1.0.
- */
-exports.DISCOVERY = {
-    manifestPath: exports.POLICY.manifestPath,
-    manifestVersion: 'peac/0.9',
-    cacheTtlSeconds: exports.POLICY.cacheTtlSeconds,
-};
-/**
- * JWKS rotation and revocation settings
- */
-exports.JWKS = {
-    rotationDays: 90,
-    overlapDays: 7,
-    emergencyRevocationHours: 24,
-};
-/**
- * Receipt validation constants
- */
-exports.RECEIPT = {
-    minReceiptIdLength: 16,
-    maxReceiptIdLength: 64,
-    defaultTtlSeconds: 86400, // 24 hours
-};
-/**
- * Payment amount validation limits (in cents/smallest currency unit)
- */
-exports.LIMITS = {
-    maxAmountCents: 999999999999,
-    minAmountCents: 1,
-};
-/**
- * Bundle format version.
- * Used in dispute bundles, audit bundles, and archive bundles.
- */
-exports.BUNDLE_VERSION = 'peac-bundle/0.1';
-/**
- * Verification report format version.
- */
-exports.VERIFICATION_REPORT_VERSION = 'peac-verification-report/0.1';
-/**
- * Hash format constants and utilities.
- * All hashes use the self-describing format: sha256:<64 lowercase hex chars>
- */
-exports.HASH = {
-    /** Canonical hash algorithm */
-    algorithm: 'sha256',
-    /** Hash prefix pattern */
-    prefix: 'sha256:',
-    /** Valid hash regex: sha256:<64 lowercase hex> */
-    pattern: /^sha256:[0-9a-f]{64}$/,
-    /** Hex-only pattern for legacy comparison */
-    hexPattern: /^[0-9a-f]{64}$/,
-};
-/**
- * Parse a sha256:<hex> hash string into components.
- * Returns null if the format is invalid.
- *
- * @param hash - Hash string to parse (e.g., "sha256:abc123...")
- * @returns Parsed hash or null if invalid
- */
-function parseHash(hash) {
-    if (!exports.HASH.pattern.test(hash)) {
-        return null;
-    }
-    return {
-        alg: 'sha256',
-        hex: hash.slice(7), // Remove 'sha256:' prefix
-    };
-}
-/**
- * Format a hex string as a sha256:<hex> hash.
- * Validates that the hex is exactly 64 lowercase characters.
- *
- * @param hex - Hex string (64 lowercase characters)
- * @returns Formatted hash or null if invalid
- */
-function formatHash(hex) {
-    if (!exports.HASH.hexPattern.test(hex)) {
-        return null;
-    }
-    return `sha256:${hex}`;
-}
-/**
- * Validate a hash string is in the correct format.
- *
- * @param hash - Hash string to validate
- * @returns true if valid sha256:<64 hex> format
- */
-function isValidHash(hash) {
-    return exports.HASH.pattern.test(hash);
-}
-/**
- * Verifier security limits per VERIFIER-SECURITY-MODEL.md
- */
-exports.VERIFIER_LIMITS = {
-    /** Maximum receipt size in bytes (256 KB) */
-    maxReceiptBytes: 262144,
-    /** Maximum number of claims in a receipt */
-    maxClaimsCount: 100,
-    /** Maximum extension size in bytes (64 KB) */
-    maxExtensionBytes: 65536,
-    /** Maximum string length for individual claims (64 KB) */
-    maxStringLength: 65536,
-    /** Maximum JWKS document size in bytes (64 KB) */
-    maxJwksBytes: 65536,
-    /** Maximum number of keys in a JWKS */
-    maxJwksKeys: 20,
-    /** Maximum individual key size in bytes */
-    maxKeySize: 4096,
-    /** Network fetch timeout in milliseconds */
-    fetchTimeoutMs: 5000,
-    /** Maximum number of redirects to follow */
-    maxRedirects: 3,
-    /** Maximum network response size in bytes (256 KB) */
-    maxResponseBytes: 262144,
-};
-/**
- * Verifier network security settings per VERIFIER-SECURITY-MODEL.md
- */
-exports.VERIFIER_NETWORK = {
-    /** Only allow HTTPS URLs */
-    httpsOnly: true,
-    /** Block requests to private IP ranges */
-    blockPrivateIps: true,
-    /** Default redirect policy (false = no redirects) */
-    allowRedirects: false,
-};
-/**
- * Private IPv4 CIDR blocks to block for SSRF protection
- */
-exports.PRIVATE_IP_RANGES = {
-    /** RFC 1918 private ranges */
-    rfc1918: ['10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16'],
-    /** Link-local addresses */
-    linkLocal: ['169.254.0.0/16'],
-    /** Loopback addresses */
-    loopback: ['127.0.0.0/8'],
-    /** IPv6 loopback */
-    ipv6Loopback: ['::1/128'],
-    /** IPv6 link-local */
-    ipv6LinkLocal: ['fe80::/10'],
-};
-/**
- * Verifier policy version
- */
-exports.VERIFIER_POLICY_VERSION = 'peac-verifier-policy/0.1';
-/**
- * Verification modes per VERIFIER-SECURITY-MODEL.md
- */
-exports.VERIFICATION_MODES = {
-    /** All verification in browser/client, may fetch JWKS */
-    clientSide: 'client_side',
-    /** No network access, uses bundled/pinned keys */
-    offlineOnly: 'offline_only',
-    /** Prefer offline, fallback to network */
-    offlinePreferred: 'offline_preferred',
-    /** Allow network fetches for key discovery */
-    networkAllowed: 'network_allowed',
-};
-/**
- * All constants export
- */
-exports.CONSTANTS = {
-    WIRE_TYPE: exports.WIRE_TYPE,
-    WIRE_VERSION: exports.WIRE_VERSION,
-    ALGORITHMS: exports.ALGORITHMS,
-    HEADERS: exports.HEADERS,
-    DISCOVERY: exports.DISCOVERY,
-    JWKS: exports.JWKS,
-    RECEIPT: exports.RECEIPT,
-    LIMITS: exports.LIMITS,
-    BUNDLE_VERSION: exports.BUNDLE_VERSION,
-    VERIFICATION_REPORT_VERSION: exports.VERIFICATION_REPORT_VERSION,
-    HASH: exports.HASH,
-    VERIFIER_LIMITS: exports.VERIFIER_LIMITS,
-    VERIFIER_NETWORK: exports.VERIFIER_NETWORK,
-    VERIFIER_POLICY_VERSION: exports.VERIFIER_POLICY_VERSION,
-    VERIFICATION_MODES: exports.VERIFICATION_MODES,
-};
-//# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAwIH,8BAQC;AASD,gCAKC;AAQD,kCAEC;AAtKD;;;GAGG;AACU,QAAA,SAAS,GAAG,kBAA2B,CAAC;AAErD;;;GAGG;AACU,QAAA,YAAY,GAAG,KAAc,CAAC;AAE3C;;GAEG;AACU,QAAA,UAAU,GAAG;IACxB,SAAS,EAAE,CAAC,OAAO,CAAU;IAC7B,OAAO,EAAE,OAAgB;CACjB,CAAC;AAEX;;GAEG;AACU,QAAA,OAAO,GAAG;IACrB,OAAO,EAAE,cAAuB;IAChC,cAAc,EAAE,sBAA+B;IAC/C,IAAI,EAAE,MAAe;IACrB,6BAA6B;IAC7B,OAAO,EAAE,cAAuB;IAChC,cAAc,EAAE,sBAA+B;IAC/C,aAAa,EAAE,qBAA8B;CACrC,CAAC;AAEX;;;;;GAKG;AACU,QAAA,MAAM,GAAG;IACpB,YAAY,EAAE,uBAAgC;IAC9C,YAAY,EAAE,WAAoB;IAClC,eAAe,EAAE,iBAA0B;IAC3C,eAAe,EAAE,IAAI;IACrB,QAAQ,EAAE,MAAM,EAAE,UAAU;IAC5B,QAAQ,EAAE,CAAC;CACH,CAAC;AAEX;;;;;GAKG;AACU,QAAA,aAAa,GAAG;IAC3B,UAAU,EAAE,+BAAwC;IACpD,aAAa,EAAE,iBAA0B;IACzC,eAAe,EAAE,IAAI;IACrB,QAAQ,EAAE,KAAK,EAAE,SAAS;IAC1B,QAAQ,EAAE,CAAC;IACX,cAAc,EAAE,KAAK;CACb,CAAC;AAEX;;GAEG;AACU,QAAA,SAAS,GAAG;IACvB,YAAY,EAAE,cAAM,CAAC,YAAY;IACjC,eAAe,EAAE,UAAmB;IACpC,eAAe,EAAE,cAAM,CAAC,eAAe;CAC/B,CAAC;AAEX;;GAEG;AACU,QAAA,IAAI,GAAG;IAClB,YAAY,EAAE,EAAE;IAChB,WAAW,EAAE,CAAC;IACd,wBAAwB,EAAE,EAAE;CACpB,CAAC;AAEX;;GAEG;AACU,QAAA,OAAO,GAAG;IACrB,kBAAkB,EAAE,EAAE;IACtB,kBAAkB,EAAE,EAAE;IACtB,iBAAiB,EAAE,KAAK,EAAE,WAAW;CAC7B,CAAC;AAEX;;GAEG;AACU,QAAA,MAAM,GAAG;IACpB,cAAc,EAAE,YAAY;IAC5B,cAAc,EAAE,CAAC;CACT,CAAC;AAEX;;;GAGG;AACU,QAAA,cAAc,GAAG,iBAA0B,CAAC;AAEzD;;GAEG;AACU,QAAA,2BAA2B,GAAG,8BAAuC,CAAC;AAEnF;;;GAGG;AACU,QAAA,IAAI,GAAG;IAClB,+BAA+B;IAC/B,SAAS,EAAE,QAAiB;IAE5B,0BAA0B;IAC1B,MAAM,EAAE,SAAkB;IAE1B,kDAAkD;IAClD,OAAO,EAAE,uBAAuB;IAEhC,6CAA6C;IAC7C,UAAU,EAAE,gBAAgB;CAC7B,CAAC;AAEF;;;;;;GAMG;AACH,SAAgB,SAAS,CAAC,IAAY;IACpC,IAAI,CAAC,YAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO;QACL,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,0BAA0B;KAC/C,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,UAAU,CAAC,GAAW;IACpC,IAAI,CAAC,YAAI,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,UAAU,GAAG,EAAE,CAAC;AACzB,CAAC;AAED;;;;;GAKG;AACH,SAAgB,WAAW,CAAC,IAAY;IACtC,OAAO,YAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACjC,CAAC;AAED;;GAEG;AACU,QAAA,eAAe,GAAG;IAC7B,6CAA6C;IAC7C,eAAe,EAAE,MAAM;IACvB,4CAA4C;IAC5C,cAAc,EAAE,GAAG;IACnB,8CAA8C;IAC9C,iBAAiB,EAAE,KAAK;IACxB,0DAA0D;IAC1D,eAAe,EAAE,KAAK;IACtB,kDAAkD;IAClD,YAAY,EAAE,KAAK;IACnB,uCAAuC;IACvC,WAAW,EAAE,EAAE;IACf,2CAA2C;IAC3C,UAAU,EAAE,IAAI;IAChB,4CAA4C;IAC5C,cAAc,EAAE,IAAI;IACpB,4CAA4C;IAC5C,YAAY,EAAE,CAAC;IACf,sDAAsD;IACtD,gBAAgB,EAAE,MAAM;CAChB,CAAC;AAEX;;GAEG;AACU,QAAA,gBAAgB,GAAG;IAC9B,4BAA4B;IAC5B,SAAS,EAAE,IAAI;IACf,0CAA0C;IAC1C,eAAe,EAAE,IAAI;IACrB,qDAAqD;IACrD,cAAc,EAAE,KAAK;CACb,CAAC;AAEX;;GAEG;AACU,QAAA,iBAAiB,GAAG;IAC/B,8BAA8B;IAC9B,OAAO,EAAE,CAAC,YAAY,EAAE,eAAe,EAAE,gBAAgB,CAAU;IACnE,2BAA2B;IAC3B,SAAS,EAAE,CAAC,gBAAgB,CAAU;IACtC,yBAAyB;IACzB,QAAQ,EAAE,CAAC,aAAa,CAAU;IAClC,oBAAoB;IACpB,YAAY,EAAE,CAAC,SAAS,CAAU;IAClC,sBAAsB;IACtB,aAAa,EAAE,CAAC,WAAW,CAAU;CAC7B,CAAC;AAEX;;GAEG;AACU,QAAA,uBAAuB,GAAG,0BAAmC,CAAC;AAE3E;;GAEG;AACU,QAAA,kBAAkB,GAAG;IAChC,yDAAyD;IACzD,UAAU,EAAE,aAAsB;IAClC,kDAAkD;IAClD,WAAW,EAAE,cAAuB;IACpC,0CAA0C;IAC1C,gBAAgB,EAAE,mBAA4B;IAC9C,8CAA8C;IAC9C,cAAc,EAAE,iBAA0B;CAClC,CAAC;AAEX;;GAEG;AACU,QAAA,SAAS,GAAG;IACvB,SAAS,EAAT,iBAAS;IACT,YAAY,EAAZ,oBAAY;IACZ,UAAU,EAAV,kBAAU;IACV,OAAO,EAAP,eAAO;IACP,SAAS,EAAT,iBAAS;IACT,IAAI,EAAJ,YAAI;IACJ,OAAO,EAAP,eAAO;IACP,MAAM,EAAN,cAAM;IACN,cAAc,EAAd,sBAAc;IACd,2BAA2B,EAA3B,mCAA2B;IAC3B,IAAI,EAAJ,YAAI;IACJ,eAAe,EAAf,uBAAe;IACf,gBAAgB,EAAhB,wBAAgB;IAChB,uBAAuB,EAAvB,+BAAuB;IACvB,kBAAkB,EAAlB,0BAAkB;CACV,CAAC"}

package/dist/error-categories.generated.js

@@ -1,30 +0,0 @@
-"use strict";
-/**
- * PEAC Protocol Error Categories
- *
- * AUTO-GENERATED from specs/kernel/errors.json
- * DO NOT EDIT MANUALLY - run: npx tsx scripts/codegen-errors.ts
- * Spec version: 0.10.7
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ERROR_CATEGORIES = void 0;
-/**
- * Canonical error categories derived from specs/kernel/errors.json.
- * This is the single source of truth for all error category definitions.
- * Sorted alphabetically. This ordering is a codegen invariant.
- */
-exports.ERROR_CATEGORIES = [
-    'attribution',
-    'bundle',
-    'control',
-    'dispute',
-    'identity',
-    'infrastructure',
-    'interaction',
-    'ucp',
-    'validation',
-    'verification',
-    'verifier',
-    'workflow',
-];
-//# sourceMappingURL=error-categories.generated.js.map

package/dist/error-categories.generated.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"error-categories.generated.js","sourceRoot":"","sources":["../src/error-categories.generated.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAEH;;;;GAIG;AACU,QAAA,gBAAgB,GAAG;IAC9B,aAAa;IACb,QAAQ;IACR,SAAS;IACT,SAAS;IACT,UAAU;IACV,gBAAgB;IAChB,aAAa;IACb,KAAK;IACL,YAAY;IACZ,cAAc;IACd,UAAU;IACV,UAAU;CACF,CAAC"}