npm - @probelabs/visor - Versions diffs - 0.1.129 → 0.1.130 - Mend

@probelabs/visor 0.1.129 → 0.1.130

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (206) hide show

package/dist/sdk/{chunk-PO7X5XI7.mjs → chunk-SZXICFQ3.mjs} RENAMED Viewed

@@ -2,7 +2,7 @@ import {
   context,
   init_lazy_otel,
   trace
-} from "./chunk-HEX3RL32.mjs";
+} from "./chunk-UCMJJ3IM.mjs";
 import {
   __esm,
   __export
@@ -204,4 +204,4 @@ export {
   logger_exports,
   init_logger
 };
-//# sourceMappingURL=chunk-PO7X5XI7.mjs.map
+//# sourceMappingURL=chunk-SZXICFQ3.mjs.map

package/dist/sdk/{chunk-HEX3RL32.mjs → chunk-UCMJJ3IM.mjs} RENAMED Viewed

@@ -91,7 +91,6 @@ function createNoOpMeter() {
 var otelApi, otelApiAttempted, OTEL_API_MODULE, trace, context, metrics, SpanStatusCode, SpanKind, diag, DiagConsoleLogger, DiagLogLevel;
 var init_lazy_otel = __esm({
   "src/telemetry/lazy-otel.ts"() {
-    "use strict";
     otelApi = null;
     otelApiAttempted = false;
     OTEL_API_MODULE = "@opentelemetry/api";
@@ -218,7 +217,11 @@ export {
   context,
   metrics,
   SpanStatusCode,
+  SpanKind,
+  diag,
+  DiagConsoleLogger,
+  DiagLogLevel,
   lazy_otel_exports,
   init_lazy_otel
 };
-//# sourceMappingURL=chunk-HEX3RL32.mjs.map
+//# sourceMappingURL=chunk-UCMJJ3IM.mjs.map

package/dist/sdk/{chunk-HEX3RL32.mjs.map → chunk-UCMJJ3IM.mjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../../src/telemetry/lazy-otel.ts"],"sourcesContent":["/*\n Lazy-loading wrapper for OpenTelemetry API.\n * Returns no-op implementations if OpenTelemetry is not installed.\n * Uses hardcoded module name for security - no dynamic module loading.\n */\n\nlet otelApi: any = null;\nlet otelApiAttempted = false;\n\n// Hardcoded allowed module name to prevent module loading attacks\nconst OTEL_API_MODULE = '@opentelemetry/api';\n\nfunction getOtelApi() {\n if (otelApiAttempted) return otelApi;\n otelApiAttempted = true;\n\n try {\n // Security: Only load the specific @opentelemetry/api module\n // Use dynamic require to prevent bundlers from including this module\n\n otelApi = (function (name: string) {\n return require(name);\n })(OTEL_API_MODULE);\n } catch {\n // OpenTelemetry not installed - provide no-op implementations\n otelApi = null;\n }\n\n return otelApi;\n}\n\n// Export lazy-loaded trace API\nexport const trace = {\n getTracer(name: string, version?: string) {\n const api = getOtelApi();\n if (!api) return createNoOpTracer();\n return api.trace.getTracer(name, version);\n },\n getSpan(context: any) {\n const api = getOtelApi();\n if (!api) return undefined;\n return api.trace.getSpan(context);\n },\n getActiveSpan() {\n const api = getOtelApi();\n if (!api) return undefined;\n return api.trace.getActiveSpan();\n },\n};\n\n// Export lazy-loaded context API\nexport const context = {\n active() {\n const api = getOtelApi();\n if (!api) return {};\n return api.context.active();\n },\n with(context: any, fn: Function, thisArg?: any, ...args: any[]) {\n const api = getOtelApi();\n if (!api) return fn.call(thisArg, ...args);\n return api.context.with(context, fn, thisArg, ...args);\n },\n};\n\n// Export lazy-loaded metrics API\nexport const metrics = {\n getMeter(name: string, version?: string) {\n const api = getOtelApi();\n if (!api?.metrics) return createNoOpMeter();\n return api.metrics.getMeter(name, version);\n },\n};\n\n// Export types and enums\nexport const SpanStatusCode = {\n get UNSET() {\n const api = getOtelApi();\n return api?.SpanStatusCode?.UNSET ?? 0;\n },\n get OK() {\n const api = getOtelApi();\n return api?.SpanStatusCode?.OK ?? 1;\n },\n get ERROR() {\n const api = getOtelApi();\n return api?.SpanStatusCode?.ERROR ?? 2;\n },\n};\n\nexport const SpanKind = {\n get INTERNAL() {\n const api = getOtelApi();\n return api?.SpanKind?.INTERNAL ?? 0;\n },\n get SERVER() {\n const api = getOtelApi();\n return api?.SpanKind?.SERVER ?? 1;\n },\n get CLIENT() {\n const api = getOtelApi();\n return api?.SpanKind?.CLIENT ?? 2;\n },\n get PRODUCER() {\n const api = getOtelApi();\n return api?.SpanKind?.PRODUCER ?? 3;\n },\n get CONSUMER() {\n const api = getOtelApi();\n return api?.SpanKind?.CONSUMER ?? 4;\n },\n};\n\n// Export diag API\nexport const diag = {\n setLogger(logger: any, level?: any) {\n const api = getOtelApi();\n if (!api) return;\n return api.diag.setLogger(logger, level);\n },\n};\n\n// Lazy-loaded DiagConsoleLogger and DiagLogLevel for consistency\nexport const DiagConsoleLogger = {\n get() {\n const api = getOtelApi();\n return api?.DiagConsoleLogger;\n },\n};\n\nexport const DiagLogLevel = {\n get NONE() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.NONE ?? 0;\n },\n get ERROR() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.ERROR ?? 30;\n },\n get WARN() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.WARN ?? 50;\n },\n get INFO() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.INFO ?? 60;\n },\n get DEBUG() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.DEBUG ?? 70;\n },\n get VERBOSE() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.VERBOSE ?? 80;\n },\n get ALL() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.ALL ?? 9999;\n },\n};\n\n// Type exports for TypeScript\nexport type Span = any;\nexport type Attributes = Record<string, any>;\nexport type HrTime = [number, number];\n\n// No-op implementations\nfunction createNoOpTracer() {\n return {\n startSpan: () => createNoOpSpan(),\n // Support both OTel v1 and v2 overloads:\n // - startActiveSpan(name, callback)\n // - startActiveSpan(name, options, callback)\n // - startActiveSpan(name, options, context, callback)\n startActiveSpan: (name: string, arg2?: any, arg3?: any, arg4?: any) => {\n const span = createNoOpSpan();\n let cb: any = undefined;\n if (typeof arg2 === 'function') cb = arg2;\n else if (typeof arg3 === 'function') cb = arg3;\n else if (typeof arg4 === 'function') cb = arg4;\n if (typeof cb === 'function') {\n try {\n return cb(span);\n } catch {\n // swallow errors in no-op implementation\n return undefined;\n }\n }\n // No callback supplied: return a no-op span like the real API would\n return span;\n },\n };\n}\n\nfunction createNoOpSpan() {\n return {\n spanContext: () => ({ traceId: '', spanId: '', traceFlags: 0 }),\n setAttribute: () => {},\n setAttributes: () => {},\n addEvent: () => {},\n setStatus: () => {},\n updateName: () => {},\n end: () => {},\n isRecording: () => false,\n recordException: () => {},\n };\n}\n\nfunction createNoOpMeter() {\n return {\n createCounter: () => ({ add: () => {} }),\n createHistogram: () => ({ record: () => {} }),\n createUpDownCounter: () => ({ add: () => {} }),\n createObservableGauge: () => {},\n createObservableCounter: () => {},\n createObservableUpDownCounter: () => {},\n };\n}\n"],"mappings":";;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAYA,SAAS,aAAa;AACpB,MAAI,iBAAkB,QAAO;AAC7B,qBAAmB;AAEnB,MAAI;AAIF,eAAW,SAAU,MAAc;AACjC,aAAO,UAAQ,IAAI;AAAA,IACrB,GAAG,eAAe;AAAA,EACpB,QAAQ;AAEN,cAAU;AAAA,EACZ;AAEA,SAAO;AACT;AAyIA,SAAS,mBAAmB;AAC1B,SAAO;AAAA,IACL,WAAW,MAAM,eAAe;AAAA;AAAA;AAAA;AAAA;AAAA,IAKhC,iBAAiB,CAAC,MAAc,MAAY,MAAY,SAAe;AACrE,YAAM,OAAO,eAAe;AAC5B,UAAI,KAAU;AACd,UAAI,OAAO,SAAS,WAAY,MAAK;AAAA,eAC5B,OAAO,SAAS,WAAY,MAAK;AAAA,eACjC,OAAO,SAAS,WAAY,MAAK;AAC1C,UAAI,OAAO,OAAO,YAAY;AAC5B,YAAI;AACF,iBAAO,GAAG,IAAI;AAAA,QAChB,QAAQ;AAEN,iBAAO;AAAA,QACT;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,SAAS,iBAAiB;AACxB,SAAO;AAAA,IACL,aAAa,OAAO,EAAE,SAAS,IAAI,QAAQ,IAAI,YAAY,EAAE;AAAA,IAC7D,cAAc,MAAM;AAAA,IAAC;AAAA,IACrB,eAAe,MAAM;AAAA,IAAC;AAAA,IACtB,UAAU,MAAM;AAAA,IAAC;AAAA,IACjB,WAAW,MAAM;AAAA,IAAC;AAAA,IAClB,YAAY,MAAM;AAAA,IAAC;AAAA,IACnB,KAAK,MAAM;AAAA,IAAC;AAAA,IACZ,aAAa,MAAM;AAAA,IACnB,iBAAiB,MAAM;AAAA,IAAC;AAAA,EAC1B;AACF;AAEA,SAAS,kBAAkB;AACzB,SAAO;AAAA,IACL,eAAe,OAAO,EAAE,KAAK,MAAM;AAAA,IAAC,EAAE;AAAA,IACtC,iBAAiB,OAAO,EAAE,QAAQ,MAAM;AAAA,IAAC,EAAE;AAAA,IAC3C,qBAAqB,OAAO,EAAE,KAAK,MAAM;AAAA,IAAC,EAAE;AAAA,IAC5C,uBAAuB,MAAM;AAAA,IAAC;AAAA,IAC9B,yBAAyB,MAAM;AAAA,IAAC;AAAA,IAChC,+BAA+B,MAAM;AAAA,IAAC;AAAA,EACxC;AACF;AAxNA,IAMI,SACA,kBAGE,iBAsBO,OAmBA,SAcA,SASA,gBAeA,UAwBA,MASA,mBAOA;AAjIb;AAAA;~~AAAA;~~AAMA,IAAI,UAAe;AACnB,IAAI,mBAAmB;AAGvB,IAAM,kBAAkB;AAsBjB,IAAM,QAAQ;AAAA,MACnB,UAAU,MAAc,SAAkB;AACxC,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO,iBAAiB;AAClC,eAAO,IAAI,MAAM,UAAU,MAAM,OAAO;AAAA,MAC1C;AAAA,MACA,QAAQA,UAAc;AACpB,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO;AACjB,eAAO,IAAI,MAAM,QAAQA,QAAO;AAAA,MAClC;AAAA,MACA,gBAAgB;AACd,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO;AACjB,eAAO,IAAI,MAAM,cAAc;AAAA,MACjC;AAAA,IACF;AAGO,IAAM,UAAU;AAAA,MACrB,SAAS;AACP,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO,CAAC;AAClB,eAAO,IAAI,QAAQ,OAAO;AAAA,MAC5B;AAAA,MACA,KAAKA,UAAc,IAAc,YAAkB,MAAa;AAC9D,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO,GAAG,KAAK,SAAS,GAAG,IAAI;AACzC,eAAO,IAAI,QAAQ,KAAKA,UAAS,IAAI,SAAS,GAAG,IAAI;AAAA,MACvD;AAAA,IACF;AAGO,IAAM,UAAU;AAAA,MACrB,SAAS,MAAc,SAAkB;AACvC,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,KAAK,QAAS,QAAO,gBAAgB;AAC1C,eAAO,IAAI,QAAQ,SAAS,MAAM,OAAO;AAAA,MAC3C;AAAA,IACF;AAGO,IAAM,iBAAiB;AAAA,MAC5B,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,gBAAgB,SAAS;AAAA,MACvC;AAAA,MACA,IAAI,KAAK;AACP,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,gBAAgB,MAAM;AAAA,MACpC;AAAA,MACA,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,gBAAgB,SAAS;AAAA,MACvC;AAAA,IACF;AAEO,IAAM,WAAW;AAAA,MACtB,IAAI,WAAW;AACb,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,YAAY;AAAA,MACpC;AAAA,MACA,IAAI,SAAS;AACX,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,UAAU;AAAA,MAClC;AAAA,MACA,IAAI,SAAS;AACX,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,UAAU;AAAA,MAClC;AAAA,MACA,IAAI,WAAW;AACb,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,YAAY;AAAA,MACpC;AAAA,MACA,IAAI,WAAW;AACb,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,YAAY;AAAA,MACpC;AAAA,IACF;AAGO,IAAM,OAAO;AAAA,MAClB,UAAU,QAAa,OAAa;AAClC,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK;AACV,eAAO,IAAI,KAAK,UAAU,QAAQ,KAAK;AAAA,MACzC;AAAA,IACF;AAGO,IAAM,oBAAoB;AAAA,MAC/B,MAAM;AACJ,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK;AAAA,MACd;AAAA,IACF;AAEO,IAAM,eAAe;AAAA,MAC1B,IAAI,OAAO;AACT,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,QAAQ;AAAA,MACpC;AAAA,MACA,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,SAAS;AAAA,MACrC;AAAA,MACA,IAAI,OAAO;AACT,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,QAAQ;AAAA,MACpC;AAAA,MACA,IAAI,OAAO;AACT,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,QAAQ;AAAA,MACpC;AAAA,MACA,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,SAAS;AAAA,MACrC;AAAA,MACA,IAAI,UAAU;AACZ,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,WAAW;AAAA,MACvC;AAAA,MACA,IAAI,MAAM;AACR,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,OAAO;AAAA,MACnC;AAAA,IACF;AAAA;AAAA;","names":["context"]}
1	+ {"version":3,"sources":["../../src/telemetry/lazy-otel.ts"],"sourcesContent":["/*\n Lazy-loading wrapper for OpenTelemetry API.\n * Returns no-op implementations if OpenTelemetry is not installed.\n * Uses hardcoded module name for security - no dynamic module loading.\n */\n\nlet otelApi: any = null;\nlet otelApiAttempted = false;\n\n// Hardcoded allowed module name to prevent module loading attacks\nconst OTEL_API_MODULE = '@opentelemetry/api';\n\nfunction getOtelApi() {\n if (otelApiAttempted) return otelApi;\n otelApiAttempted = true;\n\n try {\n // Security: Only load the specific @opentelemetry/api module\n // Use dynamic require to prevent bundlers from including this module\n\n otelApi = (function (name: string) {\n return require(name);\n })(OTEL_API_MODULE);\n } catch {\n // OpenTelemetry not installed - provide no-op implementations\n otelApi = null;\n }\n\n return otelApi;\n}\n\n// Export lazy-loaded trace API\nexport const trace = {\n getTracer(name: string, version?: string) {\n const api = getOtelApi();\n if (!api) return createNoOpTracer();\n return api.trace.getTracer(name, version);\n },\n getSpan(context: any) {\n const api = getOtelApi();\n if (!api) return undefined;\n return api.trace.getSpan(context);\n },\n getActiveSpan() {\n const api = getOtelApi();\n if (!api) return undefined;\n return api.trace.getActiveSpan();\n },\n};\n\n// Export lazy-loaded context API\nexport const context = {\n active() {\n const api = getOtelApi();\n if (!api) return {};\n return api.context.active();\n },\n with(context: any, fn: Function, thisArg?: any, ...args: any[]) {\n const api = getOtelApi();\n if (!api) return fn.call(thisArg, ...args);\n return api.context.with(context, fn, thisArg, ...args);\n },\n};\n\n// Export lazy-loaded metrics API\nexport const metrics = {\n getMeter(name: string, version?: string) {\n const api = getOtelApi();\n if (!api?.metrics) return createNoOpMeter();\n return api.metrics.getMeter(name, version);\n },\n};\n\n// Export types and enums\nexport const SpanStatusCode = {\n get UNSET() {\n const api = getOtelApi();\n return api?.SpanStatusCode?.UNSET ?? 0;\n },\n get OK() {\n const api = getOtelApi();\n return api?.SpanStatusCode?.OK ?? 1;\n },\n get ERROR() {\n const api = getOtelApi();\n return api?.SpanStatusCode?.ERROR ?? 2;\n },\n};\n\nexport const SpanKind = {\n get INTERNAL() {\n const api = getOtelApi();\n return api?.SpanKind?.INTERNAL ?? 0;\n },\n get SERVER() {\n const api = getOtelApi();\n return api?.SpanKind?.SERVER ?? 1;\n },\n get CLIENT() {\n const api = getOtelApi();\n return api?.SpanKind?.CLIENT ?? 2;\n },\n get PRODUCER() {\n const api = getOtelApi();\n return api?.SpanKind?.PRODUCER ?? 3;\n },\n get CONSUMER() {\n const api = getOtelApi();\n return api?.SpanKind?.CONSUMER ?? 4;\n },\n};\n\n// Export diag API\nexport const diag = {\n setLogger(logger: any, level?: any) {\n const api = getOtelApi();\n if (!api) return;\n return api.diag.setLogger(logger, level);\n },\n};\n\n// Lazy-loaded DiagConsoleLogger and DiagLogLevel for consistency\nexport const DiagConsoleLogger = {\n get() {\n const api = getOtelApi();\n return api?.DiagConsoleLogger;\n },\n};\n\nexport const DiagLogLevel = {\n get NONE() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.NONE ?? 0;\n },\n get ERROR() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.ERROR ?? 30;\n },\n get WARN() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.WARN ?? 50;\n },\n get INFO() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.INFO ?? 60;\n },\n get DEBUG() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.DEBUG ?? 70;\n },\n get VERBOSE() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.VERBOSE ?? 80;\n },\n get ALL() {\n const api = getOtelApi();\n return api?.DiagLogLevel?.ALL ?? 9999;\n },\n};\n\n// Type exports for TypeScript\nexport type Span = any;\nexport type Attributes = Record<string, any>;\nexport type HrTime = [number, number];\n\n// No-op implementations\nfunction createNoOpTracer() {\n return {\n startSpan: () => createNoOpSpan(),\n // Support both OTel v1 and v2 overloads:\n // - startActiveSpan(name, callback)\n // - startActiveSpan(name, options, callback)\n // - startActiveSpan(name, options, context, callback)\n startActiveSpan: (name: string, arg2?: any, arg3?: any, arg4?: any) => {\n const span = createNoOpSpan();\n let cb: any = undefined;\n if (typeof arg2 === 'function') cb = arg2;\n else if (typeof arg3 === 'function') cb = arg3;\n else if (typeof arg4 === 'function') cb = arg4;\n if (typeof cb === 'function') {\n try {\n return cb(span);\n } catch {\n // swallow errors in no-op implementation\n return undefined;\n }\n }\n // No callback supplied: return a no-op span like the real API would\n return span;\n },\n };\n}\n\nfunction createNoOpSpan() {\n return {\n spanContext: () => ({ traceId: '', spanId: '', traceFlags: 0 }),\n setAttribute: () => {},\n setAttributes: () => {},\n addEvent: () => {},\n setStatus: () => {},\n updateName: () => {},\n end: () => {},\n isRecording: () => false,\n recordException: () => {},\n };\n}\n\nfunction createNoOpMeter() {\n return {\n createCounter: () => ({ add: () => {} }),\n createHistogram: () => ({ record: () => {} }),\n createUpDownCounter: () => ({ add: () => {} }),\n createObservableGauge: () => {},\n createObservableCounter: () => {},\n createObservableUpDownCounter: () => {},\n };\n}\n"],"mappings":";;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAYA,SAAS,aAAa;AACpB,MAAI,iBAAkB,QAAO;AAC7B,qBAAmB;AAEnB,MAAI;AAIF,eAAW,SAAU,MAAc;AACjC,aAAO,UAAQ,IAAI;AAAA,IACrB,GAAG,eAAe;AAAA,EACpB,QAAQ;AAEN,cAAU;AAAA,EACZ;AAEA,SAAO;AACT;AAyIA,SAAS,mBAAmB;AAC1B,SAAO;AAAA,IACL,WAAW,MAAM,eAAe;AAAA;AAAA;AAAA;AAAA;AAAA,IAKhC,iBAAiB,CAAC,MAAc,MAAY,MAAY,SAAe;AACrE,YAAM,OAAO,eAAe;AAC5B,UAAI,KAAU;AACd,UAAI,OAAO,SAAS,WAAY,MAAK;AAAA,eAC5B,OAAO,SAAS,WAAY,MAAK;AAAA,eACjC,OAAO,SAAS,WAAY,MAAK;AAC1C,UAAI,OAAO,OAAO,YAAY;AAC5B,YAAI;AACF,iBAAO,GAAG,IAAI;AAAA,QAChB,QAAQ;AAEN,iBAAO;AAAA,QACT;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEA,SAAS,iBAAiB;AACxB,SAAO;AAAA,IACL,aAAa,OAAO,EAAE,SAAS,IAAI,QAAQ,IAAI,YAAY,EAAE;AAAA,IAC7D,cAAc,MAAM;AAAA,IAAC;AAAA,IACrB,eAAe,MAAM;AAAA,IAAC;AAAA,IACtB,UAAU,MAAM;AAAA,IAAC;AAAA,IACjB,WAAW,MAAM;AAAA,IAAC;AAAA,IAClB,YAAY,MAAM;AAAA,IAAC;AAAA,IACnB,KAAK,MAAM;AAAA,IAAC;AAAA,IACZ,aAAa,MAAM;AAAA,IACnB,iBAAiB,MAAM;AAAA,IAAC;AAAA,EAC1B;AACF;AAEA,SAAS,kBAAkB;AACzB,SAAO;AAAA,IACL,eAAe,OAAO,EAAE,KAAK,MAAM;AAAA,IAAC,EAAE;AAAA,IACtC,iBAAiB,OAAO,EAAE,QAAQ,MAAM;AAAA,IAAC,EAAE;AAAA,IAC3C,qBAAqB,OAAO,EAAE,KAAK,MAAM;AAAA,IAAC,EAAE;AAAA,IAC5C,uBAAuB,MAAM;AAAA,IAAC;AAAA,IAC9B,yBAAyB,MAAM;AAAA,IAAC;AAAA,IAChC,+BAA+B,MAAM;AAAA,IAAC;AAAA,EACxC;AACF;AAxNA,IAMI,SACA,kBAGE,iBAsBO,OAmBA,SAcA,SASA,gBAeA,UAwBA,MASA,mBAOA;AAjIb;AAAA;AAMA,IAAI,UAAe;AACnB,IAAI,mBAAmB;AAGvB,IAAM,kBAAkB;AAsBjB,IAAM,QAAQ;AAAA,MACnB,UAAU,MAAc,SAAkB;AACxC,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO,iBAAiB;AAClC,eAAO,IAAI,MAAM,UAAU,MAAM,OAAO;AAAA,MAC1C;AAAA,MACA,QAAQA,UAAc;AACpB,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO;AACjB,eAAO,IAAI,MAAM,QAAQA,QAAO;AAAA,MAClC;AAAA,MACA,gBAAgB;AACd,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO;AACjB,eAAO,IAAI,MAAM,cAAc;AAAA,MACjC;AAAA,IACF;AAGO,IAAM,UAAU;AAAA,MACrB,SAAS;AACP,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO,CAAC;AAClB,eAAO,IAAI,QAAQ,OAAO;AAAA,MAC5B;AAAA,MACA,KAAKA,UAAc,IAAc,YAAkB,MAAa;AAC9D,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK,QAAO,GAAG,KAAK,SAAS,GAAG,IAAI;AACzC,eAAO,IAAI,QAAQ,KAAKA,UAAS,IAAI,SAAS,GAAG,IAAI;AAAA,MACvD;AAAA,IACF;AAGO,IAAM,UAAU;AAAA,MACrB,SAAS,MAAc,SAAkB;AACvC,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,KAAK,QAAS,QAAO,gBAAgB;AAC1C,eAAO,IAAI,QAAQ,SAAS,MAAM,OAAO;AAAA,MAC3C;AAAA,IACF;AAGO,IAAM,iBAAiB;AAAA,MAC5B,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,gBAAgB,SAAS;AAAA,MACvC;AAAA,MACA,IAAI,KAAK;AACP,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,gBAAgB,MAAM;AAAA,MACpC;AAAA,MACA,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,gBAAgB,SAAS;AAAA,MACvC;AAAA,IACF;AAEO,IAAM,WAAW;AAAA,MACtB,IAAI,WAAW;AACb,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,YAAY;AAAA,MACpC;AAAA,MACA,IAAI,SAAS;AACX,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,UAAU;AAAA,MAClC;AAAA,MACA,IAAI,SAAS;AACX,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,UAAU;AAAA,MAClC;AAAA,MACA,IAAI,WAAW;AACb,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,YAAY;AAAA,MACpC;AAAA,MACA,IAAI,WAAW;AACb,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,UAAU,YAAY;AAAA,MACpC;AAAA,IACF;AAGO,IAAM,OAAO;AAAA,MAClB,UAAU,QAAa,OAAa;AAClC,cAAM,MAAM,WAAW;AACvB,YAAI,CAAC,IAAK;AACV,eAAO,IAAI,KAAK,UAAU,QAAQ,KAAK;AAAA,MACzC;AAAA,IACF;AAGO,IAAM,oBAAoB;AAAA,MAC/B,MAAM;AACJ,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK;AAAA,MACd;AAAA,IACF;AAEO,IAAM,eAAe;AAAA,MAC1B,IAAI,OAAO;AACT,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,QAAQ;AAAA,MACpC;AAAA,MACA,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,SAAS;AAAA,MACrC;AAAA,MACA,IAAI,OAAO;AACT,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,QAAQ;AAAA,MACpC;AAAA,MACA,IAAI,OAAO;AACT,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,QAAQ;AAAA,MACpC;AAAA,MACA,IAAI,QAAQ;AACV,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,SAAS;AAAA,MACrC;AAAA,MACA,IAAI,UAAU;AACZ,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,WAAW;AAAA,MACvC;AAAA,MACA,IAAI,MAAM;AACR,cAAM,MAAM,WAAW;AACvB,eAAO,KAAK,cAAc,OAAO;AAAA,MACnC;AAAA,IACF;AAAA;AAAA;","names":["context"]}

package/dist/sdk/{chunk-7YSOINAQ.mjs → chunk-UCNT3PDT.mjs} RENAMED Viewed

@@ -10,7 +10,7 @@ import {
 import {
   init_logger,
   logger
-} from "./chunk-PO7X5XI7.mjs";
+} from "./chunk-SZXICFQ3.mjs";
 import {
   __esm,
   __export,
@@ -568,6 +568,10 @@ var init_config_schema = __esm({
             scheduler: {
               $ref: "#/definitions/SchedulerConfig",
               description: "Scheduler configuration for scheduled workflow execution"
+            },
+            policy: {
+              $ref: "#/definitions/PolicyConfig",
+              description: "Enterprise policy engine configuration (EE feature)"
             }
           },
           required: ["version"],
@@ -1217,6 +1221,10 @@ var init_config_schema = __esm({
             persist_worktree: {
               type: "boolean",
               description: "Keep worktree after workflow completion (default: false)"
+            },
+            policy: {
+              $ref: "#/definitions/StepPolicyOverride",
+              description: "Per-step policy override (enterprise)"
             }
           },
           additionalProperties: false,
@@ -2530,6 +2538,48 @@ var init_config_schema = __esm({
             "^x-": {}
           }
         },
+        PolicyConfig: {
+          type: "object",
+          properties: {
+            engine: {
+              type: "string",
+              enum: ["local", "remote", "disabled"],
+              description: "Policy engine mode: 'local' (WASM), 'remote' (HTTP OPA server), or 'disabled'"
+            },
+            rules: {
+              anyOf: [{ type: "string" }, { type: "array", items: { type: "string" } }],
+              description: "Path to .rego files or .wasm bundle (local mode)"
+            },
+            data: {
+              type: "string",
+              description: "Path to a JSON file to load as OPA data document (local mode)"
+            },
+            url: {
+              type: "string",
+              description: "OPA server URL (remote mode)"
+            },
+            fallback: {
+              type: "string",
+              enum: ["allow", "deny", "warn"],
+              description: "Default decision when policy evaluation fails (default: 'deny'). Use 'warn' for audit mode: violations are logged but not enforced."
+            },
+            timeout: {
+              type: "number",
+              description: "Evaluation timeout in milliseconds (default: 5000)"
+            },
+            roles: {
+              type: "object",
+              additionalProperties: {
+                $ref: "#/definitions/PolicyRoleConfig"
+              },
+              description: "Role definitions: map role names to conditions"
+            }
+          },
+          additionalProperties: false,
+          patternProperties: {
+            "^x-": {}
+          }
+        },
         SchedulerLimitsConfig: {
           type: "object",
           properties: {
@@ -2588,6 +2638,45 @@ var init_config_schema = __esm({
             "^x-": {}
           }
         },
+        PolicyRoleConfig: {
+          type: "object",
+          properties: {
+            author_association: {
+              type: "array",
+              items: { type: "string" },
+              description: "GitHub author associations that map to this role"
+            },
+            teams: {
+              type: "array",
+              items: { type: "string" },
+              description: "GitHub team slugs"
+            },
+            users: {
+              type: "array",
+              items: { type: "string" },
+              description: "Explicit GitHub usernames"
+            },
+            slack_users: {
+              type: "array",
+              items: { type: "string" },
+              description: "Slack user IDs (e.g., U0123ABC)"
+            },
+            emails: {
+              type: "array",
+              items: { type: "string" },
+              description: "Email addresses for identity matching"
+            },
+            slack_channels: {
+              type: "array",
+              items: { type: "string" },
+              description: "Slack channel IDs \u2014 role only applies when triggered from these channels"
+            }
+          },
+          additionalProperties: false,
+          patternProperties: {
+            "^x-": {}
+          }
+        },
         "Record<string,StaticCronJob>": {
           type: "object",
           additionalProperties: {
@@ -2652,6 +2741,28 @@ var init_config_schema = __esm({
           patternProperties: {
             "^x-": {}
           }
+        },
+        StepPolicyOverride: {
+          type: "object",
+          properties: {
+            require: {
+              anyOf: [{ type: "string" }, { type: "array", items: { type: "string" } }],
+              description: "Required role(s) \u2014 any of these roles suffices"
+            },
+            deny: {
+              type: "array",
+              items: { type: "string" },
+              description: "Explicit deny for roles"
+            },
+            rule: {
+              type: "string",
+              description: "Custom OPA rule path for this step"
+            }
+          },
+          additionalProperties: false,
+          patternProperties: {
+            "^x-": {}
+          }
         }
       }
     };
@@ -3002,7 +3113,7 @@ var init_config = __esm({
        * When a workflow YAML is run standalone, register the workflow and use its tests as checks
        */
       async convertWorkflowToConfig(workflowData, basePath) {
-        const { WorkflowRegistry } = await import("./workflow-registry-ZAYYXLEP.mjs");
+        const { WorkflowRegistry } = await import("./workflow-registry-AAD37XKZ.mjs");
         const registry = WorkflowRegistry.getInstance();
         const workflowId = workflowData.id;
         logger.info(`Detected standalone workflow file: ${workflowId}`);
@@ -3067,7 +3178,7 @@ ${errors}`);
         if (!config.imports || config.imports.length === 0) {
           return;
         }
-        const { WorkflowRegistry } = await import("./workflow-registry-ZAYYXLEP.mjs");
+        const { WorkflowRegistry } = await import("./workflow-registry-AAD37XKZ.mjs");
         const registry = WorkflowRegistry.getInstance();
         for (const source of config.imports) {
           const results = await registry.import(source, { basePath, validate: true });
@@ -3281,6 +3392,55 @@ ${errors}`);
             }
           }
         }
+        if (config.scheduler?.ha?.enabled && (!config.scheduler.storage?.driver || config.scheduler.storage.driver === "sqlite")) {
+          warnings.push({
+            field: "scheduler.ha",
+            message: 'HA mode is enabled but storage driver is SQLite (single-node only). Distributed locking will use in-memory locks which do not coordinate across nodes. Use driver: "postgresql", "mysql", or "mssql" for true multi-node HA.'
+          });
+        }
+        const schedulerDriver = config.scheduler?.storage?.driver;
+        if (schedulerDriver && schedulerDriver !== "sqlite") {
+          const conn = config.scheduler?.storage?.connection;
+          if (!conn) {
+            errors.push({
+              field: "scheduler.storage.connection",
+              message: `The '${schedulerDriver}' driver requires a connection configuration.`
+            });
+          } else {
+            const hasConnStr = !!conn.connection_string;
+            const hasHost = !!conn.host;
+            const hasDb = !!conn.database;
+            if (!hasConnStr && !hasHost) {
+              errors.push({
+                field: "scheduler.storage.connection",
+                message: `The '${schedulerDriver}' driver requires either 'connection_string' or 'host' (with 'database') to be specified.`
+              });
+            }
+            if (!hasConnStr && hasHost && !hasDb) {
+              errors.push({
+                field: "scheduler.storage.connection.database",
+                message: `The '${schedulerDriver}' driver requires 'database' when using host-based connection.`
+              });
+            }
+            if (hasConnStr && hasHost) {
+              warnings.push({
+                field: "scheduler.storage.connection",
+                message: "Both connection_string and host are set. connection_string takes precedence; host/port/database/user/password will be ignored."
+              });
+            }
+            if (hasHost && !hasConnStr) {
+              const host = conn.host || "";
+              const ssl = conn.ssl;
+              const isLocal = host === "localhost" || host === "127.0.0.1" || host === "::1" || host === "0.0.0.0" || host === "[::]";
+              if (!isLocal && !ssl) {
+                warnings.push({
+                  field: "scheduler.storage.connection.ssl",
+                  message: `SSL is not enabled for remote host '${host}'. Consider enabling SSL for secure database connections.`
+                });
+              }
+            }
+          }
+        }
         if (config.ai_mcp_servers) {
           this.validateMcpServersObject(config.ai_mcp_servers, "ai_mcp_servers", errors, warnings);
         }
@@ -3305,6 +3465,9 @@ ${errors}`);
         if (config.tag_filter) {
           this.validateTagFilter(config.tag_filter, errors);
         }
+        if (config.policy) {
+          this.validatePolicyConfig(config.policy, errors, warnings);
+        }
         if (strict && warnings.length > 0) {
           errors.push(...warnings);
         }
@@ -3663,6 +3826,179 @@ ${errors}`);
         } catch {
         }
       }
+      /**
+       * Validate policy engine configuration
+       */
+      validatePolicyConfig(policy, errors, warnings) {
+        const validEngines = ["local", "remote", "disabled"];
+        if (policy.engine && !validEngines.includes(policy.engine)) {
+          errors.push({
+            field: "policy.engine",
+            message: `policy.engine must be one of: ${validEngines.join(", ")}`,
+            value: policy.engine
+          });
+        }
+        if (policy.engine === "local" && !policy.rules) {
+          errors.push({
+            field: "policy.rules",
+            message: 'policy.rules is required when policy.engine is "local"'
+          });
+        }
+        if (policy.rules && typeof policy.rules !== "string" && !Array.isArray(policy.rules)) {
+          errors.push({
+            field: "policy.rules",
+            message: "policy.rules must be a string or array of strings",
+            value: policy.rules
+          });
+        }
+        if (Array.isArray(policy.rules) && !policy.rules.every((r) => typeof r === "string")) {
+          errors.push({
+            field: "policy.rules",
+            message: "policy.rules array must contain only strings",
+            value: policy.rules
+          });
+        }
+        if (policy.engine === "local" && policy.rules) {
+          const rulesPath = Array.isArray(policy.rules) ? policy.rules : [policy.rules];
+          for (const rp of rulesPath) {
+            if (typeof rp === "string" && !fs2.existsSync(path2.resolve(rp))) {
+              warnings.push({
+                field: "policy.rules",
+                message: `Policy rules path does not exist: ${rp}. It will be resolved at runtime.`,
+                value: rp
+              });
+            }
+          }
+        }
+        if (policy.engine === "remote") {
+          if (!policy.url) {
+            errors.push({
+              field: "policy.url",
+              message: 'policy.url is required when policy.engine is "remote"'
+            });
+          } else if (typeof policy.url !== "string" || !/^https?:\/\//i.test(policy.url)) {
+            errors.push({
+              field: "policy.url",
+              message: "policy.url must use http:// or https:// protocol"
+            });
+          }
+        }
+        if (policy.fallback !== void 0) {
+          const validFallbacks = ["allow", "deny", "warn"];
+          if (!validFallbacks.includes(policy.fallback)) {
+            errors.push({
+              field: "policy.fallback",
+              message: `policy.fallback must be one of: ${validFallbacks.join(", ")}`,
+              value: policy.fallback
+            });
+          }
+        }
+        if (policy.timeout !== void 0) {
+          if (typeof policy.timeout !== "number" || policy.timeout < 0) {
+            errors.push({
+              field: "policy.timeout",
+              message: "policy.timeout must be a non-negative number (milliseconds)",
+              value: policy.timeout
+            });
+          }
+        }
+        if (policy.data !== void 0) {
+          if (typeof policy.data !== "string") {
+            errors.push({
+              field: "policy.data",
+              message: "policy.data must be a string (path to a JSON file)",
+              value: policy.data
+            });
+          }
+        }
+        if (policy.data && typeof policy.data === "string" && !fs2.existsSync(path2.resolve(policy.data))) {
+          warnings.push({
+            field: "policy.data",
+            message: `Policy data file does not exist: ${policy.data}. It will be resolved at runtime.`,
+            value: policy.data
+          });
+        }
+        if (policy.roles && typeof policy.roles === "object") {
+          for (const [roleName, roleConfig] of Object.entries(policy.roles)) {
+            if (typeof roleConfig !== "object" || roleConfig === null) {
+              errors.push({
+                field: `policy.roles.${roleName}`,
+                message: `Role '${roleName}' must be an object with author_association, teams, or users`,
+                value: roleConfig
+              });
+            } else {
+              if (Array.isArray(roleConfig.teams) && roleConfig.teams.length > 0) {
+                warnings.push({
+                  field: `policy.roles.${roleName}.teams`,
+                  message: `Role '${roleName}' uses 'teams' which is not yet implemented. Team-based role resolution requires a future update. Only author_association and users are currently supported.`,
+                  value: roleConfig.teams
+                });
+              }
+              const validAssociations = [
+                "OWNER",
+                "MEMBER",
+                "COLLABORATOR",
+                "CONTRIBUTOR",
+                "FIRST_TIME_CONTRIBUTOR",
+                "FIRST_TIMER",
+                "MANNEQUIN",
+                "NONE"
+              ];
+              if (roleConfig.author_association && Array.isArray(roleConfig.author_association)) {
+                for (const assoc of roleConfig.author_association) {
+                  if (!validAssociations.includes(assoc)) {
+                    warnings.push({
+                      field: `policy.roles.${roleName}.author_association`,
+                      message: `Unknown author_association value: '${assoc}'. Valid values: ${validAssociations.join(", ")}`,
+                      value: assoc
+                    });
+                  }
+                }
+              }
+              if (Array.isArray(roleConfig.slack_users)) {
+                for (const uid of roleConfig.slack_users) {
+                  if (typeof uid === "string" && !uid.startsWith("U")) {
+                    warnings.push({
+                      field: `policy.roles.${roleName}.slack_users`,
+                      message: `Slack user ID '${uid}' does not start with 'U'. Slack user IDs typically start with 'U' (e.g., U0123ABC).`,
+                      value: uid
+                    });
+                  }
+                }
+              }
+              if (Array.isArray(roleConfig.emails)) {
+                for (const email of roleConfig.emails) {
+                  if (typeof email === "string" && !email.includes("@")) {
+                    warnings.push({
+                      field: `policy.roles.${roleName}.emails`,
+                      message: `Email '${email}' does not contain '@'. Expected a valid email address.`,
+                      value: email
+                    });
+                  }
+                }
+                if (roleConfig.emails.length > 0) {
+                  warnings.push({
+                    field: `policy.roles.${roleName}.emails`,
+                    message: `Role '${roleName}' uses 'emails' for identity matching. This requires the Slack bot to have the 'users:read.email' OAuth scope.`,
+                    value: roleConfig.emails
+                  });
+                }
+              }
+              if (Array.isArray(roleConfig.slack_channels)) {
+                for (const chId of roleConfig.slack_channels) {
+                  if (typeof chId === "string" && !chId.startsWith("C")) {
+                    warnings.push({
+                      field: `policy.roles.${roleName}.slack_channels`,
+                      message: `Slack channel ID '${chId}' does not start with 'C'. Public channel IDs typically start with 'C' (e.g., C0123ENG).`,
+                      value: chId
+                    });
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
       /**
        * Validate MCP servers object shape and values (basic shape only)
        */
@@ -3769,7 +4105,8 @@ ${errors}`);
                   "slack",
                   "sandboxes",
                   "sandbox",
-                  "sandbox_defaults"
+                  "sandbox_defaults",
+                  "policy"
                 ]);
                 if (topLevel && allowedTopLevelKeys.has(addl)) {
                   continue;
@@ -3979,4 +4316,4 @@ export {
   config_exports,
   init_config
 };
-//# sourceMappingURL=chunk-7YSOINAQ.mjs.map
+//# sourceMappingURL=chunk-UCNT3PDT.mjs.map