@pliuz/sdk 0.1.0 → 0.2.2

package/dist/index.d.cts

@@ -1,11 +1,11 @@
-import { P as PliuzClient, O as Originator } from './client-BABvN_88.cjs';
-export { A as ApiErrorBody, a as ApprovalRequest, b as ApprovalStatus, C as CreateApprovalInput, c as CreateApprovalResponse, D as DEFAULT_BASE_URL, d as DEFAULT_MAX_RETRIES, e as DEFAULT_TIMEOUT_MS, E as ENV_API_KEY, f as ENV_BASE_URL, g as ExecutionInput, h as ExecutionResult, i as ExecutionStatus, j as OriginatorType, k as PliuzClientOptions } from './client-BABvN_88.cjs';
+import { P as PliuzClient, O as Originator } from './client-K9c9HsAc.cjs';
+export { A as ApiErrorBody, a as ApprovalRequest, b as ApprovalStatus, C as CreateApprovalInput, c as CreateApprovalResponse, D as DEFAULT_BASE_URL, d as DEFAULT_MAX_RETRIES, e as DEFAULT_TIMEOUT_MS, E as ENV_API_KEY, f as ENV_BASE_URL, g as ExecutionInput, h as ExecutionResult, i as ExecutionStatus, j as OriginatorType, k as PliuzClientOptions } from './client-K9c9HsAc.cjs';
 
 /**
  * Single source of truth for the package version.
  * Kept in sync with `package.json` by release tooling at publish time.
  */
-declare const VERSION: "0.1.0";
+declare const VERSION: "0.2.2";
 
 /**
  * Field-level redaction applied client-side BEFORE sending to Pliuz.
@@ -31,11 +31,16 @@ declare const REDACTED_PLACEHOLDER: "<redacted>";
  * Returns a deep copy of `payload` with values at `paths` replaced by
  * `REDACTED_PLACEHOLDER`. Does not mutate the input.
  *
+ * When `strict` is true, a syntactically valid path that resolves to no
+ * existing field throws {@link PliuzRedactionPathError} instead of being a
+ * silent no-op — turn it on to fail loud and avoid leaking a field you meant
+ * to redact. Defaults to false (lenient: a typo'd path is ignored).
+ *
  * @example
  *   applyRedaction({ customer: { ssn: '123-45-6789' } }, ['customer.ssn'])
  *   // → { customer: { ssn: '<redacted>' } }
  */
-declare function applyRedaction<T extends Record<string, unknown>>(payload: T, paths: readonly string[] | null | undefined): T;
+declare function applyRedaction<T extends Record<string, unknown>>(payload: T, paths: readonly string[] | null | undefined, strict?: boolean): T;
 
 /**
  * Error hierarchy for the Pliuz SDK.
@@ -65,6 +70,16 @@ declare class PliuzNetworkError extends PliuzError {
     readonly cause?: unknown | undefined;
     constructor(message: string, cause?: unknown | undefined);
 }
+/**
+ * A redaction path was syntactically valid but matched no field. Thrown only
+ * in strict mode (`redactStrict: true`) to catch the silent-leak footgun where
+ * a typo like `'customer.ssnn'` would otherwise be a no-op, leaving the real
+ * `customer.ssn` unredacted in the payload sent to Pliuz.
+ */
+declare class PliuzRedactionPathError extends PliuzError {
+    readonly path: string;
+    constructor(path: string);
+}
 declare class PliuzTimeoutError extends PliuzError {
     constructor(message: string);
 }
@@ -112,6 +127,19 @@ declare class PliuzApprovalTimeoutError extends PliuzError {
     readonly timeoutMs: number;
     constructor(approvalId: string, timeoutMs: number);
 }
+/**
+ * A human approved with EDITED args (action='edit') but the SDK cannot map
+ * `final_args` back onto the wrapped function's parameters. The SDK refuses
+ * to execute the ORIGINAL (unapproved) args — that would make the audit
+ * trail lie about what was approved vs executed. Carries `finalArgs` so the
+ * caller can apply the edit manually, or pass an `applyFinalArgs` mapper in
+ * GatedOptions to handle edits automatically.
+ */
+declare class PliuzEditNotApplicableError extends PliuzError {
+    readonly approvalId: string;
+    readonly finalArgs: Record<string, unknown>;
+    constructor(approvalId: string, finalArgs: Record<string, unknown>);
+}
 declare function errorForStatus(statusCode: number, errorCode: string, message: string, details?: Record<string, unknown>): PliuzApiError;
 
 /**
@@ -147,6 +175,12 @@ interface GatedOptions<TArgs extends readonly unknown[]> {
     policy?: string;
     /** Redaction paths applied to tool_args BEFORE sending. */
     redact?: readonly string[];
+    /**
+     * When true, a `redact` path that matches no field throws
+     * PliuzRedactionPathError instead of being a silent no-op — fail loud so a
+     * typo'd path never leaks the field you meant to redact. Default: false.
+     */
+    redactStrict?: boolean;
     /** Override the tool name. Default: `fn.name` (may be empty for anonymous). */
     toolName?: string;
     /**
@@ -167,6 +201,14 @@ interface GatedOptions<TArgs extends readonly unknown[]> {
     sessionId?: string;
     /** Optional originator (default: { type: 'system' }). */
     originator?: Originator;
+    /**
+     * Map human-EDITED args (approval decided with action='edit') back onto
+     * the wrapped function's argument tuple. Required to honor edits when a
+     * custom `toolArgs` mapper is used (the SDK cannot invert an arbitrary
+     * mapper). Without it, an edited approval throws
+     * PliuzEditNotApplicableError instead of executing the original args.
+     */
+    applyFinalArgs?: (finalArgs: Record<string, unknown>, originalArgs: TArgs) => TArgs;
 }
 /**
  * Wrap a function so every call is gated by Pliuz.
@@ -176,4 +218,4 @@ interface GatedOptions<TArgs extends readonly unknown[]> {
  */
 declare function gated<TArgs extends readonly unknown[], TResult>(options: GatedOptions<TArgs>, fn: (...args: TArgs) => Promise<TResult> | TResult): (...args: TArgs) => Promise<TResult>;
 
-export { DEFAULT_GATED_POLL_INTERVAL_MS, DEFAULT_GATED_TIMEOUT_MS, type GatedOptions, Originator, PliuzApiError, PliuzApprovalExpiredError, PliuzApprovalTimeoutError, PliuzAuthError, PliuzClient, PliuzConflictError, PliuzError, PliuzForbiddenError, PliuzNetworkError, PliuzNotFoundError, PliuzPolicyError, PliuzRateLimitError, PliuzRejectedError, PliuzServerError, PliuzTimeoutError, PliuzValidationError, REDACTED_PLACEHOLDER, VERSION, applyRedaction, errorForStatus, gated };
+export { DEFAULT_GATED_POLL_INTERVAL_MS, DEFAULT_GATED_TIMEOUT_MS, type GatedOptions, Originator, PliuzApiError, PliuzApprovalExpiredError, PliuzApprovalTimeoutError, PliuzAuthError, PliuzClient, PliuzConflictError, PliuzEditNotApplicableError, PliuzError, PliuzForbiddenError, PliuzNetworkError, PliuzNotFoundError, PliuzPolicyError, PliuzRateLimitError, PliuzRedactionPathError, PliuzRejectedError, PliuzServerError, PliuzTimeoutError, PliuzValidationError, REDACTED_PLACEHOLDER, VERSION, applyRedaction, errorForStatus, gated };

package/dist/index.d.ts

@@ -1,11 +1,11 @@
-import { P as PliuzClient, O as Originator } from './client-BABvN_88.js';
-export { A as ApiErrorBody, a as ApprovalRequest, b as ApprovalStatus, C as CreateApprovalInput, c as CreateApprovalResponse, D as DEFAULT_BASE_URL, d as DEFAULT_MAX_RETRIES, e as DEFAULT_TIMEOUT_MS, E as ENV_API_KEY, f as ENV_BASE_URL, g as ExecutionInput, h as ExecutionResult, i as ExecutionStatus, j as OriginatorType, k as PliuzClientOptions } from './client-BABvN_88.js';
+import { P as PliuzClient, O as Originator } from './client-K9c9HsAc.js';
+export { A as ApiErrorBody, a as ApprovalRequest, b as ApprovalStatus, C as CreateApprovalInput, c as CreateApprovalResponse, D as DEFAULT_BASE_URL, d as DEFAULT_MAX_RETRIES, e as DEFAULT_TIMEOUT_MS, E as ENV_API_KEY, f as ENV_BASE_URL, g as ExecutionInput, h as ExecutionResult, i as ExecutionStatus, j as OriginatorType, k as PliuzClientOptions } from './client-K9c9HsAc.js';
 
 /**
  * Single source of truth for the package version.
  * Kept in sync with `package.json` by release tooling at publish time.
  */
-declare const VERSION: "0.1.0";
+declare const VERSION: "0.2.2";
 
 /**
  * Field-level redaction applied client-side BEFORE sending to Pliuz.
@@ -31,11 +31,16 @@ declare const REDACTED_PLACEHOLDER: "<redacted>";
  * Returns a deep copy of `payload` with values at `paths` replaced by
  * `REDACTED_PLACEHOLDER`. Does not mutate the input.
  *
+ * When `strict` is true, a syntactically valid path that resolves to no
+ * existing field throws {@link PliuzRedactionPathError} instead of being a
+ * silent no-op — turn it on to fail loud and avoid leaking a field you meant
+ * to redact. Defaults to false (lenient: a typo'd path is ignored).
+ *
  * @example
  *   applyRedaction({ customer: { ssn: '123-45-6789' } }, ['customer.ssn'])
  *   // → { customer: { ssn: '<redacted>' } }
  */
-declare function applyRedaction<T extends Record<string, unknown>>(payload: T, paths: readonly string[] | null | undefined): T;
+declare function applyRedaction<T extends Record<string, unknown>>(payload: T, paths: readonly string[] | null | undefined, strict?: boolean): T;
 
 /**
  * Error hierarchy for the Pliuz SDK.
@@ -65,6 +70,16 @@ declare class PliuzNetworkError extends PliuzError {
     readonly cause?: unknown | undefined;
     constructor(message: string, cause?: unknown | undefined);
 }
+/**
+ * A redaction path was syntactically valid but matched no field. Thrown only
+ * in strict mode (`redactStrict: true`) to catch the silent-leak footgun where
+ * a typo like `'customer.ssnn'` would otherwise be a no-op, leaving the real
+ * `customer.ssn` unredacted in the payload sent to Pliuz.
+ */
+declare class PliuzRedactionPathError extends PliuzError {
+    readonly path: string;
+    constructor(path: string);
+}
 declare class PliuzTimeoutError extends PliuzError {
     constructor(message: string);
 }
@@ -112,6 +127,19 @@ declare class PliuzApprovalTimeoutError extends PliuzError {
     readonly timeoutMs: number;
     constructor(approvalId: string, timeoutMs: number);
 }
+/**
+ * A human approved with EDITED args (action='edit') but the SDK cannot map
+ * `final_args` back onto the wrapped function's parameters. The SDK refuses
+ * to execute the ORIGINAL (unapproved) args — that would make the audit
+ * trail lie about what was approved vs executed. Carries `finalArgs` so the
+ * caller can apply the edit manually, or pass an `applyFinalArgs` mapper in
+ * GatedOptions to handle edits automatically.
+ */
+declare class PliuzEditNotApplicableError extends PliuzError {
+    readonly approvalId: string;
+    readonly finalArgs: Record<string, unknown>;
+    constructor(approvalId: string, finalArgs: Record<string, unknown>);
+}
 declare function errorForStatus(statusCode: number, errorCode: string, message: string, details?: Record<string, unknown>): PliuzApiError;
 
 /**
@@ -147,6 +175,12 @@ interface GatedOptions<TArgs extends readonly unknown[]> {
     policy?: string;
     /** Redaction paths applied to tool_args BEFORE sending. */
     redact?: readonly string[];
+    /**
+     * When true, a `redact` path that matches no field throws
+     * PliuzRedactionPathError instead of being a silent no-op — fail loud so a
+     * typo'd path never leaks the field you meant to redact. Default: false.
+     */
+    redactStrict?: boolean;
     /** Override the tool name. Default: `fn.name` (may be empty for anonymous). */
     toolName?: string;
     /**
@@ -167,6 +201,14 @@ interface GatedOptions<TArgs extends readonly unknown[]> {
     sessionId?: string;
     /** Optional originator (default: { type: 'system' }). */
     originator?: Originator;
+    /**
+     * Map human-EDITED args (approval decided with action='edit') back onto
+     * the wrapped function's argument tuple. Required to honor edits when a
+     * custom `toolArgs` mapper is used (the SDK cannot invert an arbitrary
+     * mapper). Without it, an edited approval throws
+     * PliuzEditNotApplicableError instead of executing the original args.
+     */
+    applyFinalArgs?: (finalArgs: Record<string, unknown>, originalArgs: TArgs) => TArgs;
 }
 /**
  * Wrap a function so every call is gated by Pliuz.
@@ -176,4 +218,4 @@ interface GatedOptions<TArgs extends readonly unknown[]> {
  */
 declare function gated<TArgs extends readonly unknown[], TResult>(options: GatedOptions<TArgs>, fn: (...args: TArgs) => Promise<TResult> | TResult): (...args: TArgs) => Promise<TResult>;
 
-export { DEFAULT_GATED_POLL_INTERVAL_MS, DEFAULT_GATED_TIMEOUT_MS, type GatedOptions, Originator, PliuzApiError, PliuzApprovalExpiredError, PliuzApprovalTimeoutError, PliuzAuthError, PliuzClient, PliuzConflictError, PliuzError, PliuzForbiddenError, PliuzNetworkError, PliuzNotFoundError, PliuzPolicyError, PliuzRateLimitError, PliuzRejectedError, PliuzServerError, PliuzTimeoutError, PliuzValidationError, REDACTED_PLACEHOLDER, VERSION, applyRedaction, errorForStatus, gated };
+export { DEFAULT_GATED_POLL_INTERVAL_MS, DEFAULT_GATED_TIMEOUT_MS, type GatedOptions, Originator, PliuzApiError, PliuzApprovalExpiredError, PliuzApprovalTimeoutError, PliuzAuthError, PliuzClient, PliuzConflictError, PliuzEditNotApplicableError, PliuzError, PliuzForbiddenError, PliuzNetworkError, PliuzNotFoundError, PliuzPolicyError, PliuzRateLimitError, PliuzRedactionPathError, PliuzRejectedError, PliuzServerError, PliuzTimeoutError, PliuzValidationError, REDACTED_PLACEHOLDER, VERSION, applyRedaction, errorForStatus, gated };

package/dist/index.js

@@ -1,7 +1,7 @@
 import { createHash } from 'crypto';
 
 // src/version.ts
-var VERSION = "0.1.0";
+var VERSION = "0.2.2";
 
 // src/errors.ts
 var PliuzError = class extends Error {
@@ -20,6 +20,17 @@ var PliuzNetworkError = class extends PliuzError {
   }
   cause;
 };
+var PliuzRedactionPathError = class extends PliuzError {
+  constructor(path) {
+    super(
+      `redaction path '${path}' did not match any field in the payload (strict mode). Fix the path or set redactStrict=false to ignore misses.`
+    );
+    this.path = path;
+    this.name = "PliuzRedactionPathError";
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+  path;
+};
 var PliuzTimeoutError = class extends PliuzError {
   constructor(message) {
     super(message);
@@ -130,6 +141,19 @@ var PliuzApprovalTimeoutError = class extends PliuzError {
   approvalId;
   timeoutMs;
 };
+var PliuzEditNotApplicableError = class extends PliuzError {
+  constructor(approvalId, finalArgs) {
+    super(
+      `approval ${approvalId} was approved with edited args, but they cannot be mapped back to the wrapped function (custom toolArgs mapper without applyFinalArgs, or incompatible shape) \u2014 refusing to execute the original (unapproved) args. Apply e.finalArgs manually.`
+    );
+    this.approvalId = approvalId;
+    this.finalArgs = finalArgs;
+    this.name = "PliuzEditNotApplicableError";
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+  approvalId;
+  finalArgs;
+};
 var STATUS_TO_ERROR = {
   400: PliuzValidationError,
   401: PliuzAuthError,
@@ -236,7 +260,7 @@ async function request(opts) {
 }
 
 // src/client.ts
-var DEFAULT_BASE_URL = "https://pliuz-dev.vercel.app";
+var DEFAULT_BASE_URL = "https://pliuz.com";
 var DEFAULT_TIMEOUT_MS = 3e4;
 var DEFAULT_MAX_RETRIES = 3;
 var ENV_API_KEY = "PLIUZ_API_KEY";
@@ -261,6 +285,7 @@ function approvalUrl(baseUrl, approvalId, suffix) {
   if (suffix) path += `/${suffix}`;
   return baseUrl + path;
 }
+var MAX_WAIT_SECONDS = 25;
 var PliuzClient = class {
   apiKey;
   baseUrl;
@@ -310,13 +335,22 @@ var PliuzClient = class {
   /**
    * Fetch the current state of an approval request.
    * Used by polling in `gated()` to detect status transitions.
+   *
+   * Pass `waitSeconds` (1..25) to long-poll: the server holds the request
+   * open and returns the instant the approval stops being `pending`, or after
+   * `waitSeconds` (still pending). Cuts polling volume and decision latency
+   * ~12x vs fixed-interval polling. The per-request HTTP timeout is bumped to
+   * cover the wait window.
    */
-  async getApproval(approvalId) {
+  async getApproval(approvalId, waitSeconds) {
+    const wait = waitSeconds && waitSeconds > 0 ? Math.min(Math.floor(waitSeconds), MAX_WAIT_SECONDS) : 0;
+    const url = wait > 0 ? `${approvalUrl(this.baseUrl, approvalId)}?wait=${wait}` : approvalUrl(this.baseUrl, approvalId);
     return request({
       method: "GET",
-      url: approvalUrl(this.baseUrl, approvalId),
+      url,
       apiKey: this.apiKey,
-      timeoutMs: this.timeoutMs,
+      // Give the socket head-room over the server-side wait window.
+      timeoutMs: wait > 0 ? Math.max(this.timeoutMs, wait * 1e3 + 5e3) : this.timeoutMs,
       maxRetries: this.maxRetries,
       fetchImpl: this.fetchImpl
     });
@@ -349,13 +383,16 @@ var PliuzClient = class {
 
 // src/redaction.ts
 var REDACTED_PLACEHOLDER = "<redacted>";
-function applyRedaction(payload, paths) {
+function applyRedaction(payload, paths, strict = false) {
   if (!paths || paths.length === 0) {
     return deepClone(payload);
   }
   const result = deepClone(payload);
   for (const path of paths) {
-    redactPath(result, parsePath(path));
+    const matched = redactPath(result, parsePath(path));
+    if (strict && !matched) {
+      throw new PliuzRedactionPathError(path);
+    }
   }
   return result;
 }
@@ -383,28 +420,30 @@ function parsePath(path) {
   return segments;
 }
 function redactPath(node, segments) {
-  if (segments.length === 0) return;
-  if (!isPlainObject(node)) return;
+  if (segments.length === 0) return true;
+  if (!isPlainObject(node)) return false;
   const [head, ...rest] = segments;
-  if (!head) return;
+  if (!head) return false;
   const { key, isArrayWildcard } = head;
-  if (!(key in node)) return;
+  if (!(key in node)) return false;
   if (isArrayWildcard) {
     const target = node[key];
-    if (!Array.isArray(target)) return;
+    if (!Array.isArray(target)) return false;
     if (rest.length === 0) {
       node[key] = target.map(() => REDACTED_PLACEHOLDER);
-      return;
+      return true;
     }
+    let matched = target.length > 0;
     for (const item of target) {
-      redactPath(item, rest);
+      if (!redactPath(item, rest)) matched = false;
     }
+    return matched;
   } else {
     if (rest.length === 0) {
       node[key] = REDACTED_PLACEHOLDER;
-    } else {
-      redactPath(node[key], rest);
+      return true;
     }
+    return redactPath(node[key], rest);
   }
 }
 function isPlainObject(v) {
@@ -430,8 +469,8 @@ function gated(options, fn) {
   return async (...args) => {
     const activeClient = options.client ?? new PliuzClient();
     const rawArgs = toolArgsMapper(...args);
-    const sendArgs = redactPaths && redactPaths.length > 0 ? applyRedaction(rawArgs, redactPaths) : rawArgs;
-    const idempotencyKey = idempotencyKeyFor(toolName, sendArgs, options.sessionId);
+    const sendArgs = redactPaths && redactPaths.length > 0 ? applyRedaction(rawArgs, redactPaths, options.redactStrict ?? false) : rawArgs;
+    const idempotencyKey = idempotencyKeyFor(toolName, rawArgs, options.sessionId);
     const metadata = {};
     if (options.policy) metadata.policy = options.policy;
     const response = await activeClient.createApproval({
@@ -450,27 +489,38 @@ function gated(options, fn) {
     if (TERMINAL_EXPIRED.has(response.status)) {
       throw new PliuzApprovalExpiredError(approvalId);
     }
+    let approval = null;
     if (!TERMINAL_OK.has(response.status)) {
       const deadline = Date.now() + timeoutMs;
       while (true) {
-        if (Date.now() >= deadline) {
+        const remainingMs = deadline - Date.now();
+        if (remainingMs <= 0) {
           throw new PliuzApprovalTimeoutError(approvalId, timeoutMs);
         }
-        await sleep2(pollIntervalMs);
-        const approval = await activeClient.getApproval(approvalId);
+        const waitSeconds = Math.max(1, Math.ceil(Math.min(remainingMs, pollIntervalMs * 1e3) / 1e3));
+        const callStart = Date.now();
+        approval = await activeClient.getApproval(approvalId, waitSeconds);
         if (terminalOrThrow(approval)) break;
+        if (Date.now() - callStart < 250) await sleep2(pollIntervalMs);
       }
+    } else if (response.is_replay) {
+      approval = await activeClient.getApproval(approvalId);
+    }
+    let callArgs = args;
+    const finalArgs = approval?.final_args ?? null;
+    if (finalArgs) {
+      callArgs = resolveEditedArgs(approvalId, rawArgs, finalArgs, args, options);
     }
     const started = Date.now();
     try {
-      const result = await fn(...args);
+      const result = await fn(...callArgs);
       const latencyMs = Date.now() - started;
-      void safeReport(activeClient, approvalId, "success", null, latencyMs, result);
+      await safeReport(activeClient, approvalId, "success", null, latencyMs, result, redactPaths);
       return result;
     } catch (e) {
       const latencyMs = Date.now() - started;
       const errMsg = e instanceof Error ? e.message : String(e);
-      void safeReport(activeClient, approvalId, "error", errMsg.slice(0, 2e3), latencyMs, null);
+      await safeReport(activeClient, approvalId, "error", errMsg.slice(0, 2e3), latencyMs, null, redactPaths);
       throw e;
     }
   };
@@ -494,6 +544,30 @@ function canonicalJSON(value) {
   const keys = Object.keys(obj).sort();
   return "{" + keys.map((k) => JSON.stringify(k) + ":" + canonicalJSON(obj[k])).join(",") + "}";
 }
+function mergeFinalArgs(raw, final) {
+  if (isPlainRecord(raw) && isPlainRecord(final)) {
+    const out = {};
+    for (const [k, v] of Object.entries(final)) {
+      out[k] = k in raw ? mergeFinalArgs(raw[k], v) : v;
+    }
+    return out;
+  }
+  if (final === REDACTED_PLACEHOLDER) return raw;
+  return final;
+}
+function isPlainRecord(v) {
+  return typeof v === "object" && v !== null && !Array.isArray(v);
+}
+function resolveEditedArgs(approvalId, rawArgs, finalArgs, originalArgs, options) {
+  const merged = mergeFinalArgs(rawArgs, finalArgs);
+  if (options.applyFinalArgs) {
+    return options.applyFinalArgs(merged, originalArgs);
+  }
+  if (options.toolArgs === void 0 && Array.isArray(merged.args)) {
+    return merged.args;
+  }
+  throw new PliuzEditNotApplicableError(approvalId, merged);
+}
 function terminalOrThrow(approval) {
   if (TERMINAL_OK.has(approval.status)) return true;
   if (TERMINAL_REJECT.has(approval.status)) {
@@ -504,13 +578,14 @@ function terminalOrThrow(approval) {
   }
   return false;
 }
-async function safeReport(client, approvalId, status, errorMessage, latencyMs, result) {
+async function safeReport(client, approvalId, status, errorMessage, latencyMs, result, redactPaths) {
   let excerpt = null;
   if (result != null) {
+    const toDump = redactPaths && redactPaths.length > 0 && isPlainRecord(result) ? applyRedaction(result, redactPaths) : result;
     try {
-      excerpt = JSON.stringify(result).slice(0, 2e3);
+      excerpt = JSON.stringify(toDump).slice(0, 2e3);
     } catch {
-      excerpt = String(result).slice(0, 2e3);
+      excerpt = String(toDump).slice(0, 2e3);
     }
   }
   try {
@@ -527,6 +602,6 @@ function sleep2(ms) {
   return new Promise((resolve) => setTimeout(resolve, ms));
 }
 
-export { DEFAULT_BASE_URL, DEFAULT_GATED_POLL_INTERVAL_MS, DEFAULT_GATED_TIMEOUT_MS, DEFAULT_MAX_RETRIES, DEFAULT_TIMEOUT_MS, ENV_API_KEY, ENV_BASE_URL, PliuzApiError, PliuzApprovalExpiredError, PliuzApprovalTimeoutError, PliuzAuthError, PliuzClient, PliuzConflictError, PliuzError, PliuzForbiddenError, PliuzNetworkError, PliuzNotFoundError, PliuzPolicyError, PliuzRateLimitError, PliuzRejectedError, PliuzServerError, PliuzTimeoutError, PliuzValidationError, REDACTED_PLACEHOLDER, VERSION, applyRedaction, errorForStatus, gated };
+export { DEFAULT_BASE_URL, DEFAULT_GATED_POLL_INTERVAL_MS, DEFAULT_GATED_TIMEOUT_MS, DEFAULT_MAX_RETRIES, DEFAULT_TIMEOUT_MS, ENV_API_KEY, ENV_BASE_URL, PliuzApiError, PliuzApprovalExpiredError, PliuzApprovalTimeoutError, PliuzAuthError, PliuzClient, PliuzConflictError, PliuzEditNotApplicableError, PliuzError, PliuzForbiddenError, PliuzNetworkError, PliuzNotFoundError, PliuzPolicyError, PliuzRateLimitError, PliuzRedactionPathError, PliuzRejectedError, PliuzServerError, PliuzTimeoutError, PliuzValidationError, REDACTED_PLACEHOLDER, VERSION, applyRedaction, errorForStatus, gated };
 //# sourceMappingURL=index.js.map
 //# sourceMappingURL=index.js.map