@peac/policy-kit 0.9.18

package/dist/evaluate.js

@@ -0,0 +1,258 @@
+"use strict";
+/**
+ * PEAC Policy Kit Evaluation
+ *
+ * Deterministic policy evaluation for CAL semantics.
+ * First-match-wins rule semantics.
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.evaluate = evaluate;
+exports.explainMatches = explainMatches;
+exports.findEffectiveRule = findEffectiveRule;
+exports.isAllowed = isAllowed;
+exports.isDenied = isDenied;
+exports.requiresReview = requiresReview;
+exports.evaluateBatch = evaluateBatch;
+/**
+ * Check if a value matches a single-or-array pattern
+ *
+ * @param value - Value to check
+ * @param pattern - Single value or array of values
+ * @returns true if value matches pattern
+ */
+function matchesSingleOrArray(value, pattern) {
+    // If no pattern specified, match anything
+    if (pattern === undefined) {
+        return true;
+    }
+    // If no value and pattern exists, no match
+    if (value === undefined) {
+        return false;
+    }
+    // Check against array or single value
+    if (Array.isArray(pattern)) {
+        return pattern.includes(value);
+    }
+    return value === pattern;
+}
+/**
+ * Check if a subject ID matches a pattern
+ *
+ * Supports:
+ * - Exact match: "user:abc123"
+ * - Prefix match with wildcard: "user:*" matches "user:abc123"
+ *
+ * @param id - Subject ID to check
+ * @param pattern - Pattern to match against
+ * @returns true if ID matches pattern
+ */
+function matchesIdPattern(id, pattern) {
+    // No pattern = match anything
+    if (pattern === undefined) {
+        return true;
+    }
+    // No ID but pattern exists = no match
+    if (id === undefined) {
+        return false;
+    }
+    // Wildcard prefix match
+    if (pattern.endsWith('*')) {
+        const prefix = pattern.slice(0, -1);
+        return id.startsWith(prefix);
+    }
+    // Exact match
+    return id === pattern;
+}
+/**
+ * Check if subject labels contain all required labels
+ *
+ * @param subjectLabels - Labels on the subject
+ * @param requiredLabels - Labels required by the rule
+ * @returns true if subject has all required labels
+ */
+function hasAllLabels(subjectLabels, requiredLabels) {
+    // No required labels = match
+    if (requiredLabels === undefined || requiredLabels.length === 0) {
+        return true;
+    }
+    // Required labels but no subject labels = no match
+    if (subjectLabels === undefined || subjectLabels.length === 0) {
+        return false;
+    }
+    // Check all required labels are present
+    return requiredLabels.every((label) => subjectLabels.includes(label));
+}
+/**
+ * Check if a subject matches a subject matcher
+ *
+ * @param subject - Subject from evaluation context
+ * @param matcher - Subject matcher from rule
+ * @returns true if subject matches all criteria
+ */
+function matchesSubject(subject, matcher) {
+    // No matcher = match any subject
+    if (matcher === undefined) {
+        return true;
+    }
+    // Check type
+    if (!matchesSingleOrArray(subject?.type, matcher.type)) {
+        return false;
+    }
+    // Check labels (must have ALL required labels)
+    if (!hasAllLabels(subject?.labels, matcher.labels)) {
+        return false;
+    }
+    // Check ID pattern
+    if (!matchesIdPattern(subject?.id, matcher.id)) {
+        return false;
+    }
+    return true;
+}
+/**
+ * Check if a rule matches the evaluation context
+ *
+ * All criteria must match (AND logic).
+ *
+ * @param rule - Policy rule to check
+ * @param context - Evaluation context
+ * @returns true if rule matches context
+ */
+function ruleMatches(rule, context) {
+    // Check subject
+    if (!matchesSubject(context.subject, rule.subject)) {
+        return false;
+    }
+    // Check purpose
+    if (!matchesSingleOrArray(context.purpose, rule.purpose)) {
+        return false;
+    }
+    // Check licensing mode
+    if (!matchesSingleOrArray(context.licensing_mode, rule.licensing_mode)) {
+        return false;
+    }
+    return true;
+}
+/**
+ * Evaluate a policy against a context
+ *
+ * Uses first-match-wins semantics:
+ * - Rules are evaluated in order
+ * - First matching rule determines the decision
+ * - If no rule matches, defaults are applied
+ *
+ * @param policy - Policy document
+ * @param context - Evaluation context
+ * @returns Evaluation result
+ */
+function evaluate(policy, context) {
+    // Find first matching rule
+    for (const rule of policy.rules) {
+        if (ruleMatches(rule, context)) {
+            return {
+                decision: rule.decision,
+                matched_rule: rule.name,
+                reason: rule.reason,
+                is_default: false,
+            };
+        }
+    }
+    // No rule matched, apply defaults
+    return {
+        decision: policy.defaults.decision,
+        reason: policy.defaults.reason,
+        is_default: true,
+    };
+}
+/**
+ * Explain which rules could potentially match a context
+ *
+ * Useful for debugging and policy analysis.
+ * Returns all rules that would match if evaluated, in order.
+ *
+ * @param policy - Policy document
+ * @param context - Evaluation context
+ * @returns Array of rule names that match, or 'default' if none
+ */
+function explainMatches(policy, context) {
+    const matches = [];
+    for (const rule of policy.rules) {
+        if (ruleMatches(rule, context)) {
+            matches.push(rule.name);
+        }
+    }
+    if (matches.length === 0) {
+        matches.push('[default]');
+    }
+    return matches;
+}
+/**
+ * Find the effective rule for a context
+ *
+ * Same as evaluate() but returns the full rule object.
+ *
+ * @param policy - Policy document
+ * @param context - Evaluation context
+ * @returns Matched rule or undefined if default applies
+ */
+function findEffectiveRule(policy, context) {
+    for (const rule of policy.rules) {
+        if (ruleMatches(rule, context)) {
+            return rule;
+        }
+    }
+    return undefined;
+}
+/**
+ * Check if a policy would allow a given context
+ *
+ * Convenience helper for common allow/deny checks.
+ *
+ * @param policy - Policy document
+ * @param context - Evaluation context
+ * @returns true if decision is 'allow'
+ */
+function isAllowed(policy, context) {
+    const result = evaluate(policy, context);
+    return result.decision === 'allow';
+}
+/**
+ * Check if a policy would deny a given context
+ *
+ * Convenience helper for common allow/deny checks.
+ *
+ * @param policy - Policy document
+ * @param context - Evaluation context
+ * @returns true if decision is 'deny'
+ */
+function isDenied(policy, context) {
+    const result = evaluate(policy, context);
+    return result.decision === 'deny';
+}
+/**
+ * Check if a policy requires review for a given context
+ *
+ * Convenience helper for review checks.
+ *
+ * @param policy - Policy document
+ * @param context - Evaluation context
+ * @returns true if decision is 'review'
+ */
+function requiresReview(policy, context) {
+    const result = evaluate(policy, context);
+    return result.decision === 'review';
+}
+/**
+ * Batch evaluate multiple contexts against a policy
+ *
+ * Useful for testing or bulk authorization checks.
+ *
+ * @param policy - Policy document
+ * @param contexts - Array of evaluation contexts
+ * @returns Array of evaluation results (same order as contexts)
+ */
+function evaluateBatch(policy, contexts) {
+    return contexts.map((context) => evaluate(policy, context));
+}
+//# sourceMappingURL=evaluate.js.map

package/dist/evaluate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evaluate.js","sourceRoot":"","sources":["../src/evaluate.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AA0KH,4BAmBC;AAYD,wCAcC;AAWD,8CAUC;AAWD,8BAGC;AAWD,4BAGC;AAWD,wCAGC;AAWD,sCAKC;AAzRD;;;;;;GAMG;AACH,SAAS,oBAAoB,CAAI,KAAoB,EAAE,OAA4B;IACjF,0CAA0C;IAC1C,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,2CAA2C;IAC3C,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,sCAAsC;IACtC,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,OAAO,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAED,OAAO,KAAK,KAAK,OAAO,CAAC;AAC3B,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,gBAAgB,CAAC,EAAsB,EAAE,OAA2B;IAC3E,8BAA8B;IAC9B,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,sCAAsC;IACtC,IAAI,EAAE,KAAK,SAAS,EAAE,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,wBAAwB;IACxB,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QACpC,OAAO,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;IAED,cAAc;IACd,OAAO,EAAE,KAAK,OAAO,CAAC;AACxB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,YAAY,CACnB,aAAmC,EACnC,cAAoC;IAEpC,6BAA6B;IAC7B,IAAI,cAAc,KAAK,SAAS,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,mDAAmD;IACnD,IAAI,aAAa,KAAK,SAAS,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;IAED,wCAAwC;IACxC,OAAO,cAAc,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;AACxE,CAAC;AAED;;;;;;GAMG;AACH,SAAS,cAAc,CACrB,OAAqC,EACrC,OAAmC;IAEnC,iCAAiC;IACjC,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,aAAa;IACb,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;QACvD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,+CAA+C;IAC/C,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,mBAAmB;IACnB,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,EAAE,EAAE,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC;QAC/C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,WAAW,CAAC,IAAgB,EAAE,OAA0B;IAC/D,gBAAgB;IAChB,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACnD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,gBAAgB;IAChB,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACzD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,uBAAuB;IACvB,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;QACvE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAgB,QAAQ,CAAC,MAAsB,EAAE,OAA0B;IACzE,2BAA2B;IAC3B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QAChC,IAAI,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;YAC/B,OAAO;gBACL,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,YAAY,EAAE,IAAI,CAAC,IAAI;gBACvB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,KAAK;aAClB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;QAClC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QAC9B,UAAU,EAAE,IAAI;KACjB,CAAC;AACJ,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,cAAc,CAAC,MAAsB,EAAE,OAA0B;IAC/E,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QAChC,IAAI,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC5B,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,iBAAiB,CAC/B,MAAsB,EACtB,OAA0B;IAE1B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QAChC,IAAI,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;YAC/B,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,SAAS,CAAC,MAAsB,EAAE,OAA0B;IAC1E,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACzC,OAAO,MAAM,CAAC,QAAQ,KAAK,OAAO,CAAC;AACrC,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,QAAQ,CAAC,MAAsB,EAAE,OAA0B;IACzE,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACzC,OAAO,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC;AACpC,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,cAAc,CAAC,MAAsB,EAAE,OAA0B;IAC/E,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACzC,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;AACtC,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,aAAa,CAC3B,MAAsB,EACtB,QAA6B;IAE7B,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AAC9D,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,35 @@
+/**
+ * PEAC Policy Kit
+ *
+ * Deterministic policy evaluation for Control Abstraction Layer (CAL) semantics.
+ *
+ * Features:
+ * - File-based policy format (YAML or JSON)
+ * - First-match-wins rule semantics
+ * - Subject matching by type, labels, and ID patterns
+ * - Purpose and licensing mode matching
+ * - No scripting, no dynamic code
+ * - Deterministic, auditable, side-effect free
+ *
+ * @example
+ * ```typescript
+ * import { loadPolicy, evaluate } from '@peac/policy-kit';
+ *
+ * const policy = loadPolicy('peac-policy.yaml');
+ *
+ * const result = evaluate(policy, {
+ *   subject: { type: 'human', labels: ['subscribed'] },
+ *   purpose: 'crawl',
+ *   licensing_mode: 'subscription',
+ * });
+ *
+ * console.log(result.decision); // 'allow' | 'deny' | 'review'
+ * ```
+ *
+ * @packageDocumentation
+ */
+export { POLICY_VERSION, type SubjectType, type ControlPurpose, type ControlLicensingMode, type ControlDecision, type SubjectMatcher, type PolicyRule, type PolicyDefaults, type PolicyDocument, type EvaluationContext, type EvaluationResult, SubjectMatcherSchema, PolicyRuleSchema, PolicyDefaultsSchema, PolicyDocumentSchema, } from './types';
+export { loadPolicy, parsePolicy, validatePolicy, policyFileExists, createExamplePolicy, serializePolicyYaml, serializePolicyJson, PolicyLoadError, PolicyValidationError, } from './loader';
+export { evaluate, explainMatches, findEffectiveRule, isAllowed, isDenied, requiresReview, evaluateBatch, } from './evaluate';
+export { PEAC_PROTOCOL_VERSION, compilePeacTxt, compileRobotsSnippet, compileAiprefTemplates, renderPolicyMarkdown, type CompileOptions, type AiprefTemplate, } from './compiler';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAGH,OAAO,EACL,cAAc,EACd,KAAK,WAAW,EAChB,KAAK,cAAc,EACnB,KAAK,oBAAoB,EACzB,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,UAAU,EACf,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,EAErB,oBAAoB,EACpB,gBAAgB,EAChB,oBAAoB,EACpB,oBAAoB,GACrB,MAAM,SAAS,CAAC;AAGjB,OAAO,EACL,UAAU,EACV,WAAW,EACX,cAAc,EACd,gBAAgB,EAChB,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,EACnB,eAAe,EACf,qBAAqB,GACtB,MAAM,UAAU,CAAC;AAGlB,OAAO,EACL,QAAQ,EACR,cAAc,EACd,iBAAiB,EACjB,SAAS,EACT,QAAQ,EACR,cAAc,EACd,aAAa,GACd,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,qBAAqB,EACrB,cAAc,EACd,oBAAoB,EACpB,sBAAsB,EACtB,oBAAoB,EACpB,KAAK,cAAc,EACnB,KAAK,cAAc,GACpB,MAAM,YAAY,CAAC"}

package/dist/index.js

@@ -0,0 +1,69 @@
+"use strict";
+/**
+ * PEAC Policy Kit
+ *
+ * Deterministic policy evaluation for Control Abstraction Layer (CAL) semantics.
+ *
+ * Features:
+ * - File-based policy format (YAML or JSON)
+ * - First-match-wins rule semantics
+ * - Subject matching by type, labels, and ID patterns
+ * - Purpose and licensing mode matching
+ * - No scripting, no dynamic code
+ * - Deterministic, auditable, side-effect free
+ *
+ * @example
+ * ```typescript
+ * import { loadPolicy, evaluate } from '@peac/policy-kit';
+ *
+ * const policy = loadPolicy('peac-policy.yaml');
+ *
+ * const result = evaluate(policy, {
+ *   subject: { type: 'human', labels: ['subscribed'] },
+ *   purpose: 'crawl',
+ *   licensing_mode: 'subscription',
+ * });
+ *
+ * console.log(result.decision); // 'allow' | 'deny' | 'review'
+ * ```
+ *
+ * @packageDocumentation
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.renderPolicyMarkdown = exports.compileAiprefTemplates = exports.compileRobotsSnippet = exports.compilePeacTxt = exports.PEAC_PROTOCOL_VERSION = exports.evaluateBatch = exports.requiresReview = exports.isDenied = exports.isAllowed = exports.findEffectiveRule = exports.explainMatches = exports.evaluate = exports.PolicyValidationError = exports.PolicyLoadError = exports.serializePolicyJson = exports.serializePolicyYaml = exports.createExamplePolicy = exports.policyFileExists = exports.validatePolicy = exports.parsePolicy = exports.loadPolicy = exports.PolicyDocumentSchema = exports.PolicyDefaultsSchema = exports.PolicyRuleSchema = exports.SubjectMatcherSchema = exports.POLICY_VERSION = void 0;
+// Types
+var types_1 = require("./types");
+Object.defineProperty(exports, "POLICY_VERSION", { enumerable: true, get: function () { return types_1.POLICY_VERSION; } });
+// Schemas for advanced validation
+Object.defineProperty(exports, "SubjectMatcherSchema", { enumerable: true, get: function () { return types_1.SubjectMatcherSchema; } });
+Object.defineProperty(exports, "PolicyRuleSchema", { enumerable: true, get: function () { return types_1.PolicyRuleSchema; } });
+Object.defineProperty(exports, "PolicyDefaultsSchema", { enumerable: true, get: function () { return types_1.PolicyDefaultsSchema; } });
+Object.defineProperty(exports, "PolicyDocumentSchema", { enumerable: true, get: function () { return types_1.PolicyDocumentSchema; } });
+// Loader
+var loader_1 = require("./loader");
+Object.defineProperty(exports, "loadPolicy", { enumerable: true, get: function () { return loader_1.loadPolicy; } });
+Object.defineProperty(exports, "parsePolicy", { enumerable: true, get: function () { return loader_1.parsePolicy; } });
+Object.defineProperty(exports, "validatePolicy", { enumerable: true, get: function () { return loader_1.validatePolicy; } });
+Object.defineProperty(exports, "policyFileExists", { enumerable: true, get: function () { return loader_1.policyFileExists; } });
+Object.defineProperty(exports, "createExamplePolicy", { enumerable: true, get: function () { return loader_1.createExamplePolicy; } });
+Object.defineProperty(exports, "serializePolicyYaml", { enumerable: true, get: function () { return loader_1.serializePolicyYaml; } });
+Object.defineProperty(exports, "serializePolicyJson", { enumerable: true, get: function () { return loader_1.serializePolicyJson; } });
+Object.defineProperty(exports, "PolicyLoadError", { enumerable: true, get: function () { return loader_1.PolicyLoadError; } });
+Object.defineProperty(exports, "PolicyValidationError", { enumerable: true, get: function () { return loader_1.PolicyValidationError; } });
+// Evaluation
+var evaluate_1 = require("./evaluate");
+Object.defineProperty(exports, "evaluate", { enumerable: true, get: function () { return evaluate_1.evaluate; } });
+Object.defineProperty(exports, "explainMatches", { enumerable: true, get: function () { return evaluate_1.explainMatches; } });
+Object.defineProperty(exports, "findEffectiveRule", { enumerable: true, get: function () { return evaluate_1.findEffectiveRule; } });
+Object.defineProperty(exports, "isAllowed", { enumerable: true, get: function () { return evaluate_1.isAllowed; } });
+Object.defineProperty(exports, "isDenied", { enumerable: true, get: function () { return evaluate_1.isDenied; } });
+Object.defineProperty(exports, "requiresReview", { enumerable: true, get: function () { return evaluate_1.requiresReview; } });
+Object.defineProperty(exports, "evaluateBatch", { enumerable: true, get: function () { return evaluate_1.evaluateBatch; } });
+// Compiler (artifact generation)
+var compiler_1 = require("./compiler");
+Object.defineProperty(exports, "PEAC_PROTOCOL_VERSION", { enumerable: true, get: function () { return compiler_1.PEAC_PROTOCOL_VERSION; } });
+Object.defineProperty(exports, "compilePeacTxt", { enumerable: true, get: function () { return compiler_1.compilePeacTxt; } });
+Object.defineProperty(exports, "compileRobotsSnippet", { enumerable: true, get: function () { return compiler_1.compileRobotsSnippet; } });
+Object.defineProperty(exports, "compileAiprefTemplates", { enumerable: true, get: function () { return compiler_1.compileAiprefTemplates; } });
+Object.defineProperty(exports, "renderPolicyMarkdown", { enumerable: true, get: function () { return compiler_1.renderPolicyMarkdown; } });
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;;;AAEH,QAAQ;AACR,iCAiBiB;AAhBf,uGAAA,cAAc,OAAA;AAWd,kCAAkC;AAClC,6GAAA,oBAAoB,OAAA;AACpB,yGAAA,gBAAgB,OAAA;AAChB,6GAAA,oBAAoB,OAAA;AACpB,6GAAA,oBAAoB,OAAA;AAGtB,SAAS;AACT,mCAUkB;AAThB,oGAAA,UAAU,OAAA;AACV,qGAAA,WAAW,OAAA;AACX,wGAAA,cAAc,OAAA;AACd,0GAAA,gBAAgB,OAAA;AAChB,6GAAA,mBAAmB,OAAA;AACnB,6GAAA,mBAAmB,OAAA;AACnB,6GAAA,mBAAmB,OAAA;AACnB,yGAAA,eAAe,OAAA;AACf,+GAAA,qBAAqB,OAAA;AAGvB,aAAa;AACb,uCAQoB;AAPlB,oGAAA,QAAQ,OAAA;AACR,0GAAA,cAAc,OAAA;AACd,6GAAA,iBAAiB,OAAA;AACjB,qGAAA,SAAS,OAAA;AACT,oGAAA,QAAQ,OAAA;AACR,0GAAA,cAAc,OAAA;AACd,yGAAA,aAAa,OAAA;AAGf,iCAAiC;AACjC,uCAQoB;AAPlB,iHAAA,qBAAqB,OAAA;AACrB,0GAAA,cAAc,OAAA;AACd,gHAAA,oBAAoB,OAAA;AACpB,kHAAA,sBAAsB,OAAA;AACtB,gHAAA,oBAAoB,OAAA"}

package/dist/loader.d.ts

@@ -0,0 +1,80 @@
+/**
+ * PEAC Policy Kit Loader
+ *
+ * Loads and validates policy documents from YAML or JSON.
+ * No network calls - file system only.
+ *
+ * @packageDocumentation
+ */
+import { ZodError } from 'zod';
+import { PolicyDocument } from './types';
+/**
+ * Policy load error
+ */
+export declare class PolicyLoadError extends Error {
+    readonly cause?: (Error | ZodError) | undefined;
+    constructor(message: string, cause?: (Error | ZodError) | undefined);
+}
+/**
+ * Policy validation error with details
+ */
+export declare class PolicyValidationError extends PolicyLoadError {
+    readonly issues: ZodError['issues'];
+    constructor(message: string, issues: ZodError['issues']);
+}
+/**
+ * Parse policy from string content
+ *
+ * @param content - YAML or JSON string
+ * @param format - Optional format hint ('yaml' | 'json'), auto-detected if not provided
+ * @returns Validated policy document
+ * @throws PolicyLoadError on parse failure
+ * @throws PolicyValidationError on schema validation failure
+ */
+export declare function parsePolicy(content: string, format?: 'yaml' | 'json'): PolicyDocument;
+/**
+ * Validate a parsed policy object
+ *
+ * @param obj - Parsed policy object (from YAML/JSON)
+ * @returns Validated policy document
+ * @throws PolicyValidationError on schema validation failure
+ */
+export declare function validatePolicy(obj: unknown): PolicyDocument;
+/**
+ * Load policy from file
+ *
+ * @param filePath - Path to policy file (.yaml, .yml, or .json)
+ * @returns Validated policy document
+ * @throws PolicyLoadError on file read or parse failure
+ * @throws PolicyValidationError on schema validation failure
+ */
+export declare function loadPolicy(filePath: string): PolicyDocument;
+/**
+ * Check if a policy file exists and is readable
+ *
+ * @param filePath - Path to policy file
+ * @returns true if file exists and is readable
+ */
+export declare function policyFileExists(filePath: string): boolean;
+/**
+ * Create a minimal example policy document
+ *
+ * Useful for scaffolding new policy files.
+ */
+export declare function createExamplePolicy(): PolicyDocument;
+/**
+ * Serialize policy to YAML string
+ *
+ * @param policy - Policy document to serialize
+ * @returns YAML string
+ */
+export declare function serializePolicyYaml(policy: PolicyDocument): string;
+/**
+ * Serialize policy to JSON string
+ *
+ * @param policy - Policy document to serialize
+ * @param pretty - Pretty-print with indentation (default: true)
+ * @returns JSON string
+ */
+export declare function serializePolicyJson(policy: PolicyDocument, pretty?: boolean): string;
+//# sourceMappingURL=loader.d.ts.map

package/dist/loader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"loader.d.ts","sourceRoot":"","sources":["../src/loader.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,EAAE,QAAQ,EAAE,MAAM,KAAK,CAAC;AAC/B,OAAO,EAAE,cAAc,EAAwC,MAAM,SAAS,CAAC;AAE/E;;GAEG;AACH,qBAAa,eAAgB,SAAQ,KAAK;aAGtB,KAAK,CAAC,GAAE,KAAK,GAAG,QAAQ;gBADxC,OAAO,EAAE,MAAM,EACC,KAAK,CAAC,GAAE,KAAK,GAAG,QAAQ,aAAA;CAK3C;AAED;;GAEG;AACH,qBAAa,qBAAsB,SAAQ,eAAe;aAGtC,MAAM,EAAE,QAAQ,CAAC,QAAQ,CAAC;gBAD1C,OAAO,EAAE,MAAM,EACC,MAAM,EAAE,QAAQ,CAAC,QAAQ,CAAC;CAK7C;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,cAAc,CAwBrF;AAED;;;;;;GAMG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,cAAc,CAa3D;AAED;;;;;;;GAOG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,cAAc,CAqB3D;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAO1D;AAED;;;;GAIG;AACH,wBAAgB,mBAAmB,IAAI,cAAc,CA0CpD;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,cAAc,GAAG,MAAM,CAMlE;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,cAAc,EAAE,MAAM,UAAO,GAAG,MAAM,CAEjF"}