@probelabs/visor 0.1.129 → 0.1.130

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (206) hide show
  1. package/README.md +23 -0
  2. package/dist/cli-main.d.ts.map +1 -1
  3. package/dist/config.d.ts +4 -0
  4. package/dist/config.d.ts.map +1 -1
  5. package/dist/docs/author-permissions.md +20 -0
  6. package/dist/docs/enterprise-policy.md +1325 -0
  7. package/dist/docs/index.md +10 -0
  8. package/dist/docs/scheduler-storage.md +433 -0
  9. package/dist/docs/scheduler.md +12 -2
  10. package/dist/enterprise/license/validator.d.ts +39 -0
  11. package/dist/enterprise/license/validator.d.ts.map +1 -0
  12. package/dist/enterprise/loader.d.ts +25 -0
  13. package/dist/enterprise/loader.d.ts.map +1 -0
  14. package/dist/enterprise/policy/opa-compiler.d.ts +37 -0
  15. package/dist/enterprise/policy/opa-compiler.d.ts.map +1 -0
  16. package/dist/enterprise/policy/opa-http-evaluator.d.ts +36 -0
  17. package/dist/enterprise/policy/opa-http-evaluator.d.ts.map +1 -0
  18. package/dist/enterprise/policy/opa-policy-engine.d.ts +48 -0
  19. package/dist/enterprise/policy/opa-policy-engine.d.ts.map +1 -0
  20. package/dist/enterprise/policy/opa-wasm-evaluator.d.ts +34 -0
  21. package/dist/enterprise/policy/opa-wasm-evaluator.d.ts.map +1 -0
  22. package/dist/enterprise/policy/policy-input-builder.d.ts +120 -0
  23. package/dist/enterprise/policy/policy-input-builder.d.ts.map +1 -0
  24. package/dist/enterprise/scheduler/knex-store.d.ts +41 -0
  25. package/dist/enterprise/scheduler/knex-store.d.ts.map +1 -0
  26. package/dist/examples/README.md +23 -0
  27. package/dist/examples/enterprise-policy/README.md +344 -0
  28. package/dist/examples/enterprise-policy/policies/capability_resolve.rego +29 -0
  29. package/dist/examples/enterprise-policy/policies/capability_resolve_test.rego +230 -0
  30. package/dist/examples/enterprise-policy/policies/check_execute.rego +71 -0
  31. package/dist/examples/enterprise-policy/policies/check_execute_test.rego +321 -0
  32. package/dist/examples/enterprise-policy/policies/deploy_production.rego +33 -0
  33. package/dist/examples/enterprise-policy/policies/deploy_production_test.rego +29 -0
  34. package/dist/examples/enterprise-policy/policies/slack_channel_gate.rego +17 -0
  35. package/dist/examples/enterprise-policy/policies/slack_tool_restrict.rego +16 -0
  36. package/dist/examples/enterprise-policy/policies/tool_invoke.rego +24 -0
  37. package/dist/examples/enterprise-policy/policies/tool_invoke_test.rego +227 -0
  38. package/dist/examples/enterprise-policy/visor.yaml +64 -0
  39. package/dist/failure-condition-evaluator.d.ts +18 -0
  40. package/dist/failure-condition-evaluator.d.ts.map +1 -1
  41. package/dist/frontends/slack-frontend.d.ts +1 -0
  42. package/dist/frontends/slack-frontend.d.ts.map +1 -1
  43. package/dist/generated/config-schema.d.ts +139 -0
  44. package/dist/generated/config-schema.d.ts.map +1 -1
  45. package/dist/index.js +12121 -7169
  46. package/dist/liquid-extensions.d.ts.map +1 -1
  47. package/dist/output/traces/{run-2026-02-08T18-16-04-160Z.ndjson → run-2026-02-11T16-20-59-999Z.ndjson} +84 -84
  48. package/dist/{traces/run-2026-02-08T18-16-51-253Z.ndjson → output/traces/run-2026-02-11T16-21-47-711Z.ndjson} +1032 -1032
  49. package/dist/policy/default-engine.d.ts +17 -0
  50. package/dist/policy/default-engine.d.ts.map +1 -0
  51. package/dist/policy/index.d.ts +4 -0
  52. package/dist/policy/index.d.ts.map +1 -0
  53. package/dist/policy/policy-check-command.d.ts +65 -0
  54. package/dist/policy/policy-check-command.d.ts.map +1 -0
  55. package/dist/policy/types.d.ts +81 -0
  56. package/dist/policy/types.d.ts.map +1 -0
  57. package/dist/providers/ai-check-provider.d.ts.map +1 -1
  58. package/dist/providers/check-provider.interface.d.ts +2 -0
  59. package/dist/providers/check-provider.interface.d.ts.map +1 -1
  60. package/dist/providers/claude-code-check-provider.d.ts.map +1 -1
  61. package/dist/providers/mcp-check-provider.d.ts.map +1 -1
  62. package/dist/providers/mcp-custom-sse-server.d.ts.map +1 -1
  63. package/dist/providers/workflow-check-provider.d.ts.map +1 -1
  64. package/dist/scheduler/index.d.ts +2 -0
  65. package/dist/scheduler/index.d.ts.map +1 -1
  66. package/dist/scheduler/schedule-store.d.ts +33 -59
  67. package/dist/scheduler/schedule-store.d.ts.map +1 -1
  68. package/dist/scheduler/schedule-tool.d.ts.map +1 -1
  69. package/dist/scheduler/scheduler.d.ts +24 -3
  70. package/dist/scheduler/scheduler.d.ts.map +1 -1
  71. package/dist/scheduler/store/index.d.ts +7 -0
  72. package/dist/scheduler/store/index.d.ts.map +1 -0
  73. package/dist/scheduler/store/json-migrator.d.ts +10 -0
  74. package/dist/scheduler/store/json-migrator.d.ts.map +1 -0
  75. package/dist/scheduler/store/sqlite-store.d.ts +32 -0
  76. package/dist/scheduler/store/sqlite-store.d.ts.map +1 -0
  77. package/dist/scheduler/store/types.d.ts +127 -0
  78. package/dist/scheduler/store/types.d.ts.map +1 -0
  79. package/dist/sdk/check-provider-registry-M3Y6JMTW.mjs +28 -0
  80. package/dist/sdk/check-provider-registry-PANIXYRB.mjs +28 -0
  81. package/dist/sdk/{chunk-D5KI4YQ4.mjs → chunk-DIND4ZCV.mjs} +2 -2
  82. package/dist/sdk/{chunk-DGZPPGJJ.mjs → chunk-EUUAQBTW.mjs} +1463 -568
  83. package/dist/sdk/chunk-EUUAQBTW.mjs.map +1 -0
  84. package/dist/sdk/{chunk-XDLQ3UNF.mjs → chunk-GEW6LS32.mjs} +2 -2
  85. package/dist/sdk/{chunk-N7HO6KKC.mjs → chunk-HOKQOO3G.mjs} +11 -6
  86. package/dist/sdk/chunk-HOKQOO3G.mjs.map +1 -0
  87. package/dist/sdk/{chunk-XR7XXGL7.mjs → chunk-JL7JXCET.mjs} +2 -2
  88. package/dist/sdk/{chunk-6W75IMDC.mjs → chunk-LG4AUKHB.mjs} +2 -2
  89. package/dist/sdk/{chunk-BDGUM6BA.mjs → chunk-S6CD7GFM.mjs} +1463 -568
  90. package/dist/sdk/chunk-S6CD7GFM.mjs.map +1 -0
  91. package/dist/sdk/{chunk-PO7X5XI7.mjs → chunk-SZXICFQ3.mjs} +2 -2
  92. package/dist/sdk/{chunk-HEX3RL32.mjs → chunk-UCMJJ3IM.mjs} +5 -2
  93. package/dist/sdk/{chunk-HEX3RL32.mjs.map → chunk-UCMJJ3IM.mjs.map} +1 -1
  94. package/dist/sdk/{chunk-7YSOINAQ.mjs → chunk-UCNT3PDT.mjs} +342 -5
  95. package/dist/sdk/chunk-UCNT3PDT.mjs.map +1 -0
  96. package/dist/sdk/{chunk-R5Z7YWPB.mjs → chunk-V2IV3ILA.mjs} +7 -5
  97. package/dist/sdk/chunk-V2IV3ILA.mjs.map +1 -0
  98. package/dist/sdk/{chunk-SGS2VMEL.mjs → chunk-VMLORODQ.mjs} +107 -20
  99. package/dist/sdk/chunk-VMLORODQ.mjs.map +1 -0
  100. package/dist/sdk/{chunk-2KB35MB7.mjs → chunk-VPC3QSPW.mjs} +2 -2
  101. package/dist/sdk/{chunk-J5RGJQ53.mjs → chunk-YJRBN3XS.mjs} +2 -2
  102. package/dist/sdk/{command-executor-DVVXERLR.mjs → command-executor-TOYBBE7S.mjs} +4 -4
  103. package/dist/sdk/{config-7VTT64SQ.mjs → config-OGOS4ZU4.mjs} +4 -4
  104. package/dist/sdk/failure-condition-evaluator-HC3M5377.mjs +17 -0
  105. package/dist/sdk/{github-frontend-3N2NLO66.mjs → github-frontend-E2KJSC3Y.mjs} +7 -7
  106. package/dist/sdk/{host-ONVMEHAA.mjs → host-EE6EJ2FM.mjs} +4 -4
  107. package/dist/sdk/lazy-otel-5NH4ZJJM.mjs +24 -0
  108. package/dist/sdk/{liquid-extensions-5IZLTFSZ.mjs → liquid-extensions-E4EUOCES.mjs} +5 -5
  109. package/dist/sdk/memory-store-AAPL2MTE.mjs +12 -0
  110. package/dist/sdk/{metrics-GXQ2EDXA.mjs → metrics-I6A7IHG4.mjs} +3 -3
  111. package/dist/sdk/{prompt-state-YHGXB2OA.mjs → prompt-state-VAKKC773.mjs} +4 -4
  112. package/dist/sdk/{renderer-schema-CMXOLNIG.mjs → renderer-schema-HXEW6BRJ.mjs} +3 -3
  113. package/dist/sdk/{routing-S3Y7T2X3.mjs → routing-OZQWAGAI.mjs} +9 -8
  114. package/dist/sdk/schedule-tool-handler-B7TMSG6A.mjs +38 -0
  115. package/dist/sdk/schedule-tool-handler-IEB2VS7O.mjs +38 -0
  116. package/dist/sdk/sdk.d.mts +134 -4
  117. package/dist/sdk/sdk.d.ts +134 -4
  118. package/dist/sdk/sdk.js +2509 -1085
  119. package/dist/sdk/sdk.js.map +1 -1
  120. package/dist/sdk/sdk.mjs +14 -14
  121. package/dist/sdk/{slack-frontend-R3M2CACB.mjs → slack-frontend-LAY45IBR.mjs} +119 -29
  122. package/dist/sdk/slack-frontend-LAY45IBR.mjs.map +1 -0
  123. package/dist/sdk/{trace-helpers-YHNPC7MR.mjs → trace-helpers-PP3YHTAM.mjs} +3 -3
  124. package/dist/sdk/{tui-frontend-S546M7A7.mjs → tui-frontend-T56PZB67.mjs} +25 -16
  125. package/dist/sdk/tui-frontend-T56PZB67.mjs.map +1 -0
  126. package/dist/sdk/workflow-check-provider-2ET3SFZH.mjs +28 -0
  127. package/dist/sdk/workflow-check-provider-2ET3SFZH.mjs.map +1 -0
  128. package/dist/sdk/workflow-check-provider-HB4XTD4Z.mjs +28 -0
  129. package/dist/sdk/workflow-check-provider-HB4XTD4Z.mjs.map +1 -0
  130. package/dist/sdk/workflow-registry-AAD37XKZ.mjs +12 -0
  131. package/dist/sdk/workflow-registry-AAD37XKZ.mjs.map +1 -0
  132. package/dist/slack/client.d.ts +12 -0
  133. package/dist/slack/client.d.ts.map +1 -1
  134. package/dist/slack/slack-output-adapter.d.ts.map +1 -1
  135. package/dist/slack/socket-runner.d.ts.map +1 -1
  136. package/dist/state-machine/dispatch/execution-invoker.d.ts.map +1 -1
  137. package/dist/state-machine/dispatch/policy-gate.d.ts +28 -0
  138. package/dist/state-machine/dispatch/policy-gate.d.ts.map +1 -0
  139. package/dist/state-machine/states/level-dispatch.d.ts.map +1 -1
  140. package/dist/state-machine/states/routing.d.ts.map +1 -1
  141. package/dist/state-machine/states/wave-planning.d.ts.map +1 -1
  142. package/dist/state-machine-execution-engine.d.ts.map +1 -1
  143. package/dist/test-runner/core/flow-stage.d.ts.map +1 -1
  144. package/dist/test-runner/validator.d.ts.map +1 -1
  145. package/dist/traces/{run-2026-02-08T18-16-04-160Z.ndjson → run-2026-02-11T16-20-59-999Z.ndjson} +84 -84
  146. package/dist/{output/traces/run-2026-02-08T18-16-51-253Z.ndjson → traces/run-2026-02-11T16-21-47-711Z.ndjson} +1032 -1032
  147. package/dist/tui/chat-runner.d.ts.map +1 -1
  148. package/dist/tui/chat-state.d.ts +1 -0
  149. package/dist/tui/chat-state.d.ts.map +1 -1
  150. package/dist/tui/chat-tui.d.ts +3 -2
  151. package/dist/tui/chat-tui.d.ts.map +1 -1
  152. package/dist/tui/components/chat-box.d.ts +9 -0
  153. package/dist/tui/components/chat-box.d.ts.map +1 -1
  154. package/dist/tui/components/input-bar.d.ts +18 -1
  155. package/dist/tui/components/input-bar.d.ts.map +1 -1
  156. package/dist/tui/components/status-bar.d.ts +5 -2
  157. package/dist/tui/components/status-bar.d.ts.map +1 -1
  158. package/dist/tui/components/trace-viewer.d.ts +1 -0
  159. package/dist/tui/components/trace-viewer.d.ts.map +1 -1
  160. package/dist/tui/tui-frontend.d.ts.map +1 -1
  161. package/dist/types/config.d.ts +107 -3
  162. package/dist/types/config.d.ts.map +1 -1
  163. package/dist/types/engine.d.ts +5 -0
  164. package/dist/types/engine.d.ts.map +1 -1
  165. package/dist/types/execution.d.ts +1 -1
  166. package/dist/types/execution.d.ts.map +1 -1
  167. package/package.json +14 -4
  168. package/dist/sdk/check-provider-registry-ACRGIYOB.mjs +0 -28
  169. package/dist/sdk/check-provider-registry-VYHKFHK2.mjs +0 -28
  170. package/dist/sdk/chunk-7YSOINAQ.mjs.map +0 -1
  171. package/dist/sdk/chunk-BDGUM6BA.mjs.map +0 -1
  172. package/dist/sdk/chunk-DGZPPGJJ.mjs.map +0 -1
  173. package/dist/sdk/chunk-N7HO6KKC.mjs.map +0 -1
  174. package/dist/sdk/chunk-R5Z7YWPB.mjs.map +0 -1
  175. package/dist/sdk/chunk-SGS2VMEL.mjs.map +0 -1
  176. package/dist/sdk/failure-condition-evaluator-4WMDF4Q3.mjs +0 -17
  177. package/dist/sdk/memory-store-3N4AZCYB.mjs +0 -12
  178. package/dist/sdk/slack-frontend-R3M2CACB.mjs.map +0 -1
  179. package/dist/sdk/tui-frontend-S546M7A7.mjs.map +0 -1
  180. package/dist/sdk/workflow-check-provider-4F3432ZP.mjs +0 -28
  181. package/dist/sdk/workflow-check-provider-A44PBPG2.mjs +0 -28
  182. package/dist/sdk/workflow-registry-ZAYYXLEP.mjs +0 -12
  183. /package/dist/sdk/{check-provider-registry-ACRGIYOB.mjs.map → check-provider-registry-M3Y6JMTW.mjs.map} +0 -0
  184. /package/dist/sdk/{check-provider-registry-VYHKFHK2.mjs.map → check-provider-registry-PANIXYRB.mjs.map} +0 -0
  185. /package/dist/sdk/{chunk-D5KI4YQ4.mjs.map → chunk-DIND4ZCV.mjs.map} +0 -0
  186. /package/dist/sdk/{chunk-XDLQ3UNF.mjs.map → chunk-GEW6LS32.mjs.map} +0 -0
  187. /package/dist/sdk/{chunk-XR7XXGL7.mjs.map → chunk-JL7JXCET.mjs.map} +0 -0
  188. /package/dist/sdk/{chunk-6W75IMDC.mjs.map → chunk-LG4AUKHB.mjs.map} +0 -0
  189. /package/dist/sdk/{chunk-PO7X5XI7.mjs.map → chunk-SZXICFQ3.mjs.map} +0 -0
  190. /package/dist/sdk/{chunk-2KB35MB7.mjs.map → chunk-VPC3QSPW.mjs.map} +0 -0
  191. /package/dist/sdk/{chunk-J5RGJQ53.mjs.map → chunk-YJRBN3XS.mjs.map} +0 -0
  192. /package/dist/sdk/{command-executor-DVVXERLR.mjs.map → command-executor-TOYBBE7S.mjs.map} +0 -0
  193. /package/dist/sdk/{config-7VTT64SQ.mjs.map → config-OGOS4ZU4.mjs.map} +0 -0
  194. /package/dist/sdk/{failure-condition-evaluator-4WMDF4Q3.mjs.map → failure-condition-evaluator-HC3M5377.mjs.map} +0 -0
  195. /package/dist/sdk/{github-frontend-3N2NLO66.mjs.map → github-frontend-E2KJSC3Y.mjs.map} +0 -0
  196. /package/dist/sdk/{host-ONVMEHAA.mjs.map → host-EE6EJ2FM.mjs.map} +0 -0
  197. /package/dist/sdk/{liquid-extensions-5IZLTFSZ.mjs.map → lazy-otel-5NH4ZJJM.mjs.map} +0 -0
  198. /package/dist/sdk/{memory-store-3N4AZCYB.mjs.map → liquid-extensions-E4EUOCES.mjs.map} +0 -0
  199. /package/dist/sdk/{metrics-GXQ2EDXA.mjs.map → memory-store-AAPL2MTE.mjs.map} +0 -0
  200. /package/dist/sdk/{prompt-state-YHGXB2OA.mjs.map → metrics-I6A7IHG4.mjs.map} +0 -0
  201. /package/dist/sdk/{routing-S3Y7T2X3.mjs.map → prompt-state-VAKKC773.mjs.map} +0 -0
  202. /package/dist/sdk/{renderer-schema-CMXOLNIG.mjs.map → renderer-schema-HXEW6BRJ.mjs.map} +0 -0
  203. /package/dist/sdk/{trace-helpers-YHNPC7MR.mjs.map → routing-OZQWAGAI.mjs.map} +0 -0
  204. /package/dist/sdk/{workflow-check-provider-4F3432ZP.mjs.map → schedule-tool-handler-B7TMSG6A.mjs.map} +0 -0
  205. /package/dist/sdk/{workflow-check-provider-A44PBPG2.mjs.map → schedule-tool-handler-IEB2VS7O.mjs.map} +0 -0
  206. /package/dist/sdk/{workflow-registry-ZAYYXLEP.mjs.map → trace-helpers-PP3YHTAM.mjs.map} +0 -0
@@ -135,6 +135,16 @@ The test framework allows you to write integration tests for your Visor workflow
135
135
 
136
136
  ---
137
137
 
138
+ ## Enterprise Edition
139
+
140
+ > Enterprise features require a Visor EE license. Contact **hello@probelabs.com** for licensing.
141
+
142
+ | Document | Description |
143
+ |----------|-------------|
144
+ | [Enterprise Policy Engine (OPA)](./enterprise-policy.md) | Comprehensive guide to the OPA-based policy engine: installation, licensing, Rego policies, configuration, and troubleshooting |
145
+
146
+ ---
147
+
138
148
  ## Guides
139
149
 
140
150
  Best practices and style guides for writing maintainable workflows.
@@ -0,0 +1,433 @@
1
+ # Scheduler Storage
2
+
3
+ This guide covers database storage configuration for the Visor scheduler, including cloud database setup, SSL/TLS, connection pooling, and high-availability deployments.
4
+
5
+ ## Overview
6
+
7
+ The scheduler supports four storage drivers:
8
+
9
+ | Driver | License | Use Case |
10
+ |--------|---------|----------|
11
+ | `sqlite` | OSS (free) | Single-node, local development, small deployments |
12
+ | `postgresql` | Enterprise | Production, multi-node HA, cloud databases |
13
+ | `mysql` | Enterprise | Production, multi-node HA, cloud databases |
14
+ | `mssql` | Enterprise | Azure SQL, SQL Server environments |
15
+
16
+ ## SQLite (Default)
17
+
18
+ Zero-configuration — works out of the box:
19
+
20
+ ```yaml
21
+ scheduler:
22
+ enabled: true
23
+ storage:
24
+ driver: sqlite
25
+ connection:
26
+ filename: .visor/schedules.db # default
27
+ ```
28
+
29
+ SQLite is the default when no driver is specified. It stores data in a local file and supports all scheduler features except distributed locking (HA mode).
30
+
31
+ ## PostgreSQL
32
+
33
+ ```yaml
34
+ scheduler:
35
+ storage:
36
+ driver: postgresql
37
+ connection:
38
+ host: localhost
39
+ port: 5432
40
+ database: visor
41
+ user: visor
42
+ password: ${VISOR_DB_PASSWORD}
43
+ ssl: true
44
+ ```
45
+
46
+ ## MySQL
47
+
48
+ ```yaml
49
+ scheduler:
50
+ storage:
51
+ driver: mysql
52
+ connection:
53
+ host: localhost
54
+ port: 3306
55
+ database: visor
56
+ user: visor
57
+ password: ${VISOR_DB_PASSWORD}
58
+ ssl: true
59
+ ```
60
+
61
+ ## MSSQL (SQL Server)
62
+
63
+ ```yaml
64
+ scheduler:
65
+ storage:
66
+ driver: mssql
67
+ connection:
68
+ host: localhost
69
+ port: 1433
70
+ database: visor
71
+ user: sa
72
+ password: ${VISOR_DB_PASSWORD}
73
+ ssl:
74
+ reject_unauthorized: true
75
+ ```
76
+
77
+ For MSSQL, `host` is mapped to the tedious driver's `server` parameter internally. SSL configuration maps to `encrypt` and `trustServerCertificate` options.
78
+
79
+ ## Connection String
80
+
81
+ All server drivers support connection string URLs as an alternative to individual parameters:
82
+
83
+ ```yaml
84
+ scheduler:
85
+ storage:
86
+ driver: postgresql
87
+ connection:
88
+ connection_string: postgresql://visor:secret@db.example.com:5432/visor?sslmode=require
89
+ ```
90
+
91
+ ```yaml
92
+ scheduler:
93
+ storage:
94
+ driver: mysql
95
+ connection:
96
+ connection_string: mysql://visor:secret@db.example.com:3306/visor
97
+ ```
98
+
99
+ When `connection_string` is set, `host`, `port`, `database`, `user`, and `password` are ignored.
100
+
101
+ ## SSL/TLS Configuration
102
+
103
+ ### Boolean (simple)
104
+
105
+ ```yaml
106
+ connection:
107
+ host: db.example.com
108
+ ssl: true # enables SSL with rejectUnauthorized: true
109
+ ```
110
+
111
+ ### Object (detailed)
112
+
113
+ ```yaml
114
+ connection:
115
+ host: db.example.com
116
+ ssl:
117
+ enabled: true
118
+ reject_unauthorized: true # default: true
119
+ ca: /path/to/ca-cert.pem # CA certificate
120
+ cert: /path/to/client-cert.pem # client certificate (mTLS)
121
+ key: /path/to/client-key.pem # client key (mTLS)
122
+ ```
123
+
124
+ | Field | Default | Description |
125
+ |-------|---------|-------------|
126
+ | `enabled` | `true` | Enable SSL (when object is provided) |
127
+ | `reject_unauthorized` | `true` | Validate server certificate against CA |
128
+ | `ca` | — | Path to CA certificate PEM file |
129
+ | `cert` | — | Path to client certificate PEM file (for mTLS) |
130
+ | `key` | — | Path to client key PEM file (for mTLS) |
131
+
132
+ Certificate file paths are read at initialization time. This works well with Kubernetes secret mounts, AWS SSM Parameter Store files, and similar mechanisms.
133
+
134
+ ## Connection Pool
135
+
136
+ ```yaml
137
+ connection:
138
+ host: db.example.com
139
+ pool:
140
+ min: 0 # default: 0 (good for serverless)
141
+ max: 10 # default: 10
142
+ ```
143
+
144
+ | Field | Default | Description |
145
+ |-------|---------|-------------|
146
+ | `min` | `0` | Minimum connections to keep open |
147
+ | `max` | `10` | Maximum simultaneous connections |
148
+
149
+ **Serverless tip**: Keep `min: 0` to avoid holding idle connections in Lambda/Cloud Functions. The pool will scale up on demand and release connections when idle.
150
+
151
+ **High-throughput tip**: Increase `max` if you have many concurrent schedule executions. Each execution may hold a connection during locking and updates.
152
+
153
+ ## Cloud Database Examples
154
+
155
+ ### AWS RDS PostgreSQL
156
+
157
+ ```yaml
158
+ scheduler:
159
+ storage:
160
+ driver: postgresql
161
+ connection:
162
+ host: mydb.abc123.us-east-1.rds.amazonaws.com
163
+ port: 5432
164
+ database: visor
165
+ user: visor
166
+ password: ${RDS_PASSWORD}
167
+ ssl:
168
+ reject_unauthorized: true
169
+ ca: /etc/ssl/certs/rds-combined-ca-bundle.pem
170
+ pool:
171
+ min: 0
172
+ max: 10
173
+ ```
174
+
175
+ Download the [RDS CA bundle](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) and mount it in your container or EC2 instance.
176
+
177
+ ### AWS RDS MySQL
178
+
179
+ ```yaml
180
+ scheduler:
181
+ storage:
182
+ driver: mysql
183
+ connection:
184
+ host: mydb.abc123.us-east-1.rds.amazonaws.com
185
+ port: 3306
186
+ database: visor
187
+ user: visor
188
+ password: ${RDS_PASSWORD}
189
+ ssl:
190
+ reject_unauthorized: true
191
+ ca: /etc/ssl/certs/rds-combined-ca-bundle.pem
192
+ ```
193
+
194
+ ### AWS Aurora PostgreSQL
195
+
196
+ ```yaml
197
+ scheduler:
198
+ storage:
199
+ driver: postgresql
200
+ connection:
201
+ host: mycluster.cluster-abc123.us-east-1.rds.amazonaws.com
202
+ port: 5432
203
+ database: visor
204
+ user: visor
205
+ password: ${AURORA_PASSWORD}
206
+ ssl:
207
+ reject_unauthorized: true
208
+ ca: /etc/ssl/certs/rds-combined-ca-bundle.pem
209
+ pool:
210
+ min: 0
211
+ max: 10
212
+ ```
213
+
214
+ Use the **cluster endpoint** (writer) for the scheduler. Aurora uses the same CA bundle as RDS.
215
+
216
+ ### AWS Aurora MySQL
217
+
218
+ ```yaml
219
+ scheduler:
220
+ storage:
221
+ driver: mysql
222
+ connection:
223
+ host: mycluster.cluster-abc123.us-east-1.rds.amazonaws.com
224
+ port: 3306
225
+ database: visor
226
+ user: visor
227
+ password: ${AURORA_PASSWORD}
228
+ ssl:
229
+ reject_unauthorized: true
230
+ ca: /etc/ssl/certs/rds-combined-ca-bundle.pem
231
+ ```
232
+
233
+ ### Azure Database for PostgreSQL
234
+
235
+ ```yaml
236
+ scheduler:
237
+ storage:
238
+ driver: postgresql
239
+ connection:
240
+ host: myserver.postgres.database.azure.com
241
+ port: 5432
242
+ database: visor
243
+ user: visor@myserver
244
+ password: ${AZURE_DB_PASSWORD}
245
+ ssl:
246
+ reject_unauthorized: true
247
+ ca: /etc/ssl/certs/DigiCertGlobalRootCA.crt.pem
248
+ ```
249
+
250
+ Azure PostgreSQL requires the username in `user@servername` format. Download the [DigiCert Global Root CA](https://learn.microsoft.com/en-us/azure/postgresql/single-server/concepts-ssl-connection-security).
251
+
252
+ ### Azure Database for MySQL
253
+
254
+ ```yaml
255
+ scheduler:
256
+ storage:
257
+ driver: mysql
258
+ connection:
259
+ host: myserver.mysql.database.azure.com
260
+ port: 3306
261
+ database: visor
262
+ user: visor@myserver
263
+ password: ${AZURE_DB_PASSWORD}
264
+ ssl:
265
+ reject_unauthorized: true
266
+ ca: /etc/ssl/certs/DigiCertGlobalRootCA.crt.pem
267
+ ```
268
+
269
+ ### Azure SQL Database (MSSQL)
270
+
271
+ ```yaml
272
+ scheduler:
273
+ storage:
274
+ driver: mssql
275
+ connection:
276
+ host: myserver.database.windows.net
277
+ port: 1433
278
+ database: visor
279
+ user: visor
280
+ password: ${AZURE_SQL_PASSWORD}
281
+ ssl:
282
+ reject_unauthorized: true
283
+ ```
284
+
285
+ Azure SQL Database enforces encryption by default. The `ssl.reject_unauthorized: true` setting maps to `trustServerCertificate: false` (i.e., the server certificate is validated).
286
+
287
+ ### Google Cloud SQL PostgreSQL
288
+
289
+ ```yaml
290
+ scheduler:
291
+ storage:
292
+ driver: postgresql
293
+ connection:
294
+ host: /cloudsql/project:region:instance # Unix socket
295
+ database: visor
296
+ user: visor
297
+ password: ${CLOUDSQL_PASSWORD}
298
+ ```
299
+
300
+ When using the [Cloud SQL Auth Proxy](https://cloud.google.com/sql/docs/postgres/connect-auth-proxy), connect via Unix socket (no SSL needed as the proxy handles encryption):
301
+
302
+ ```yaml
303
+ connection:
304
+ host: 127.0.0.1
305
+ port: 5432
306
+ database: visor
307
+ user: visor
308
+ password: ${CLOUDSQL_PASSWORD}
309
+ ```
310
+
311
+ ### Google Cloud SQL MySQL
312
+
313
+ ```yaml
314
+ scheduler:
315
+ storage:
316
+ driver: mysql
317
+ connection:
318
+ host: 127.0.0.1
319
+ port: 3306
320
+ database: visor
321
+ user: visor
322
+ password: ${CLOUDSQL_PASSWORD}
323
+ ```
324
+
325
+ ### Google Cloud SQL - SQL Server
326
+
327
+ ```yaml
328
+ scheduler:
329
+ storage:
330
+ driver: mssql
331
+ connection:
332
+ host: 127.0.0.1
333
+ port: 1433
334
+ database: visor
335
+ user: sqlserver
336
+ password: ${CLOUDSQL_PASSWORD}
337
+ ssl:
338
+ reject_unauthorized: true
339
+ ```
340
+
341
+ ## High Availability
342
+
343
+ For multi-node deployments, enable HA mode with a server database:
344
+
345
+ ```yaml
346
+ scheduler:
347
+ storage:
348
+ driver: postgresql
349
+ connection:
350
+ host: db.example.com
351
+ database: visor
352
+ user: visor
353
+ password: ${DB_PASSWORD}
354
+ ssl: true
355
+ ha:
356
+ enabled: true
357
+ node_id: node-1 # unique per node (default: hostname-pid)
358
+ lock_ttl: 60 # lock expiry in seconds
359
+ heartbeat_interval: 15 # lock renewal interval
360
+ ```
361
+
362
+ HA mode uses row-level distributed locking to ensure each schedule is executed by exactly one node. SQLite does **not** support HA mode — use PostgreSQL, MySQL, or MSSQL.
363
+
364
+ ## Migration from JSON
365
+
366
+ If you previously used JSON file storage (`storage.path: .visor/schedules.json`), the scheduler automatically migrates data to the configured database on first startup. The JSON file is preserved as a backup.
367
+
368
+ ```yaml
369
+ # Legacy config (auto-migrated)
370
+ scheduler:
371
+ storage:
372
+ path: .visor/schedules.json
373
+
374
+ # New config
375
+ scheduler:
376
+ storage:
377
+ driver: sqlite # or postgresql/mysql/mssql
378
+ ```
379
+
380
+ ## Troubleshooting
381
+
382
+ ### Connection Refused
383
+
384
+ ```
385
+ Error: connect ECONNREFUSED 127.0.0.1:5432
386
+ ```
387
+
388
+ - Verify the database server is running and accessible
389
+ - Check host, port, and firewall rules
390
+ - For cloud databases, ensure your IP is whitelisted
391
+
392
+ ### SSL Certificate Error
393
+
394
+ ```
395
+ Error: self signed certificate in certificate chain
396
+ ```
397
+
398
+ - Set the `ca` path to your cloud provider's CA certificate bundle
399
+ - For development with self-signed certs: `ssl.reject_unauthorized: false` (not recommended for production)
400
+
401
+ ### Authentication Failed
402
+
403
+ ```
404
+ Error: password authentication failed for user "visor"
405
+ ```
406
+
407
+ - Verify `user` and `password` are correct
408
+ - For Azure PostgreSQL, use `user@servername` format
409
+ - Check that the user has access to the specified database
410
+
411
+ ### Module Not Found
412
+
413
+ ```
414
+ Error: knex is required for PostgreSQL/MySQL/MSSQL schedule storage
415
+ ```
416
+
417
+ Install the required database driver:
418
+
419
+ ```bash
420
+ npm install knex pg # PostgreSQL
421
+ npm install knex mysql2 # MySQL
422
+ npm install knex tedious # MSSQL
423
+ ```
424
+
425
+ ### Pool Exhaustion
426
+
427
+ ```
428
+ Error: Knex: Timeout acquiring a connection
429
+ ```
430
+
431
+ - Increase `pool.max` in your configuration
432
+ - Check for connection leaks or long-running transactions
433
+ - For serverless, ensure `pool.min: 0` to avoid stale connections
@@ -13,6 +13,8 @@ Output destinations (Slack, GitHub, webhooks) are handled by **output adapters**
13
13
 
14
14
  ## Configuration
15
15
 
16
+ > **Storage & Cloud Databases**: For detailed database configuration (PostgreSQL, MySQL, MSSQL, SSL/TLS, connection strings, cloud provider examples), see [Scheduler Storage](scheduler-storage.md).
17
+
16
18
  Add scheduler settings to your `.visor.yaml`:
17
19
 
18
20
  ```yaml
@@ -392,11 +394,19 @@ This feature enables continuity for status updates, progress tracking, and any r
392
394
  src/
393
395
  ├── scheduler/ # Generic scheduler module
394
396
  │ ├── index.ts # Public exports
395
- │ ├── schedule-store.ts # JSON persistence for schedules
397
+ │ ├── schedule-store.ts # Schedule persistence facade
396
398
  │ ├── schedule-parser.ts # Natural language parsing utilities
397
399
  │ ├── scheduler.ts # Generic scheduler daemon
398
400
  │ ├── schedule-tool.ts # AI tool for schedule management
399
- └── cli-handler.ts # CLI command handlers
401
+ ├── cli-handler.ts # CLI command handlers
402
+ │ └── store/ # Storage backends
403
+ │ ├── index.ts # Backend factory
404
+ │ ├── types.ts # Backend interface & config types
405
+ │ └── sqlite-store.ts # SQLite backend (OSS)
406
+
407
+ ├── enterprise/
408
+ │ └── scheduler/
409
+ │ └── knex-store.ts # PostgreSQL/MySQL/MSSQL backend (Enterprise)
400
410
 
401
411
  └── slack/
402
412
  └── slack-output-adapter.ts # Posts results to Slack
@@ -0,0 +1,39 @@
1
+ /**
2
+ * Copyright (c) ProbeLabs. All rights reserved.
3
+ * Licensed under the Elastic License 2.0; you may not use this file except
4
+ * in compliance with the Elastic License 2.0.
5
+ */
6
+ export interface LicensePayload {
7
+ org: string;
8
+ features: string[];
9
+ exp: number;
10
+ iat: number;
11
+ sub: string;
12
+ }
13
+ export declare class LicenseValidator {
14
+ /** Ed25519 public key for license verification (PEM format). */
15
+ private static PUBLIC_KEY;
16
+ private cache;
17
+ private static CACHE_TTL;
18
+ private static GRACE_PERIOD;
19
+ /**
20
+ * Load and validate license from environment or file.
21
+ *
22
+ * Resolution order:
23
+ * 1. VISOR_LICENSE env var (JWT string)
24
+ * 2. VISOR_LICENSE_FILE env var (path to file)
25
+ * 3. .visor-license in project root (cwd)
26
+ * 4. .visor-license in ~/.config/visor/
27
+ */
28
+ loadAndValidate(): Promise<LicensePayload | null>;
29
+ /** Check if a specific feature is licensed */
30
+ hasFeature(feature: string): boolean;
31
+ /** Check if license is valid (with grace period) */
32
+ isValid(): boolean;
33
+ /** Check if the license is within its grace period (expired but still valid) */
34
+ isInGracePeriod(): boolean;
35
+ private resolveToken;
36
+ private readFile;
37
+ private verifyAndDecode;
38
+ }
39
+ //# sourceMappingURL=validator.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"validator.d.ts","sourceRoot":"","sources":["file:///home/runner/work/visor/visor/src/enterprise/license/validator.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACb;AAED,qBAAa,gBAAgB;IAC3B,gEAAgE;IAChE,OAAO,CAAC,MAAM,CAAC,UAAU,CAGM;IAE/B,OAAO,CAAC,KAAK,CAAiE;IAC9E,OAAO,CAAC,MAAM,CAAC,SAAS,CAAiB;IACzC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAoB;IAE/C;;;;;;;;OAQG;IACG,eAAe,IAAI,OAAO,CAAC,cAAc,GAAG,IAAI,CAAC;IAgBvD,8CAA8C;IAC9C,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IAKpC,oDAAoD;IACpD,OAAO,IAAI,OAAO;IAOlB,gFAAgF;IAChF,eAAe,IAAI,OAAO;IAO1B,OAAO,CAAC,YAAY;IA+CpB,OAAO,CAAC,QAAQ;IAQhB,OAAO,CAAC,eAAe;CAwDxB"}
@@ -0,0 +1,25 @@
1
+ /**
2
+ * Copyright (c) ProbeLabs. All rights reserved.
3
+ * Licensed under the Elastic License 2.0; you may not use this file except
4
+ * in compliance with the Elastic License 2.0.
5
+ */
6
+ import type { PolicyEngine, PolicyConfig } from '../policy/types';
7
+ import type { ScheduleStoreBackend, StorageConfig, HAConfig } from '../scheduler/store/types';
8
+ /**
9
+ * Load the enterprise policy engine if licensed, otherwise return the default no-op engine.
10
+ *
11
+ * This is the sole import boundary between OSS and enterprise code. Core code
12
+ * must only import from this module (via dynamic `await import()`), never from
13
+ * individual enterprise submodules.
14
+ */
15
+ export declare function loadEnterprisePolicyEngine(config: PolicyConfig): Promise<PolicyEngine>;
16
+ /**
17
+ * Load the enterprise schedule store backend if licensed.
18
+ *
19
+ * @param driver Database driver ('postgresql', 'mysql', or 'mssql')
20
+ * @param storageConfig Storage configuration with connection details
21
+ * @param haConfig Optional HA configuration
22
+ * @throws Error if enterprise license is not available or missing 'scheduler-sql' feature
23
+ */
24
+ export declare function loadEnterpriseStoreBackend(driver: 'postgresql' | 'mysql' | 'mssql', storageConfig: StorageConfig, haConfig?: HAConfig): Promise<ScheduleStoreBackend>;
25
+ //# sourceMappingURL=loader.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"loader.d.ts","sourceRoot":"","sources":["file:///home/runner/work/visor/visor/src/enterprise/loader.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAElE,OAAO,KAAK,EAAE,oBAAoB,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAE9F;;;;;;GAMG;AACH,wBAAsB,0BAA0B,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,CAiC5F;AAED;;;;;;;GAOG;AACH,wBAAsB,0BAA0B,CAC9C,MAAM,EAAE,YAAY,GAAG,OAAO,GAAG,OAAO,EACxC,aAAa,EAAE,aAAa,EAC5B,QAAQ,CAAC,EAAE,QAAQ,GAClB,OAAO,CAAC,oBAAoB,CAAC,CAsB/B"}
@@ -0,0 +1,37 @@
1
+ /**
2
+ * Copyright (c) ProbeLabs. All rights reserved.
3
+ * Licensed under the Elastic License 2.0; you may not use this file except
4
+ * in compliance with the Elastic License 2.0.
5
+ */
6
+ /**
7
+ * OPA Rego Compiler - compiles .rego policy files to WASM bundles using the `opa` CLI.
8
+ *
9
+ * Handles:
10
+ * - Resolving input paths to WASM bytes (direct .wasm, directory with policy.wasm, or .rego files)
11
+ * - Compiling .rego files to WASM via `opa build`
12
+ * - Caching compiled bundles based on content hashes
13
+ * - Extracting policy.wasm from OPA tar.gz bundles
14
+ *
15
+ * Requires:
16
+ * - `opa` CLI on PATH (only when auto-compiling .rego files)
17
+ */
18
+ export declare class OpaCompiler {
19
+ private static CACHE_DIR;
20
+ /**
21
+ * Resolve the input paths to WASM bytes.
22
+ *
23
+ * Strategy:
24
+ * 1. If any path is a .wasm file, read it directly
25
+ * 2. If a directory contains policy.wasm, read it
26
+ * 3. Otherwise, collect all .rego files and auto-compile via `opa build`
27
+ */
28
+ resolveWasmBytes(paths: string[]): Promise<Buffer>;
29
+ /**
30
+ * Auto-compile .rego files to a WASM bundle using the `opa` CLI.
31
+ *
32
+ * Caches the compiled bundle based on a content hash of all input .rego files
33
+ * so subsequent runs skip compilation if policies haven't changed.
34
+ */
35
+ private compileRego;
36
+ }
37
+ //# sourceMappingURL=opa-compiler.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"opa-compiler.d.ts","sourceRoot":"","sources":["file:///home/runner/work/visor/visor/src/enterprise/policy/opa-compiler.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAQH;;;;;;;;;;;GAWG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAC,SAAS,CAA6C;IAErE;;;;;;;OAOG;IACG,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;IA+CxD;;;;;OAKG;IACH,OAAO,CAAC,WAAW;CA2FpB"}
@@ -0,0 +1,36 @@
1
+ /**
2
+ * Copyright (c) ProbeLabs. All rights reserved.
3
+ * Licensed under the Elastic License 2.0; you may not use this file except
4
+ * in compliance with the Elastic License 2.0.
5
+ */
6
+ /**
7
+ * OPA HTTP Evaluator - evaluates policies via an external OPA server's REST API.
8
+ *
9
+ * Uses the built-in `fetch` API (Node 18+), so no extra dependencies are needed.
10
+ */
11
+ export declare class OpaHttpEvaluator {
12
+ private baseUrl;
13
+ private timeout;
14
+ constructor(baseUrl: string, timeout?: number);
15
+ /**
16
+ * Check if a hostname is blocked due to SSRF concerns.
17
+ *
18
+ * Blocks:
19
+ * - Loopback addresses (127.x.x.x, localhost, 0.0.0.0, ::1)
20
+ * - Link-local addresses (169.254.x.x)
21
+ * - Private networks (10.x.x.x, 172.16-31.x.x, 192.168.x.x)
22
+ * - IPv6 unique local addresses (fd00::/8)
23
+ * - Cloud metadata services (*.internal)
24
+ */
25
+ private isBlockedHostname;
26
+ /**
27
+ * Evaluate a policy rule against an input document via OPA REST API.
28
+ *
29
+ * @param input - The input document to evaluate
30
+ * @param rulePath - OPA rule path (e.g., 'visor/check/execute')
31
+ * @returns The result object from OPA, or undefined on error
32
+ */
33
+ evaluate(input: object, rulePath: string): Promise<any>;
34
+ shutdown(): Promise<void>;
35
+ }
36
+ //# sourceMappingURL=opa-http-evaluator.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"opa-http-evaluator.d.ts","sourceRoot":"","sources":["file:///home/runner/work/visor/visor/src/enterprise/policy/opa-http-evaluator.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;;GAIG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,OAAO,CAAS;gBAEZ,OAAO,EAAE,MAAM,EAAE,OAAO,GAAE,MAAa;IAyBnD;;;;;;;;;OASG;IACH,OAAO,CAAC,iBAAiB;IA6EzB;;;;;;OAMG;IACG,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAsCvD,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAGhC"}
@@ -0,0 +1,48 @@
1
+ /**
2
+ * Copyright (c) ProbeLabs. All rights reserved.
3
+ * Licensed under the Elastic License 2.0; you may not use this file except
4
+ * in compliance with the Elastic License 2.0.
5
+ */
6
+ import type { PolicyEngine, PolicyConfig, PolicyDecision } from '../../policy/types';
7
+ import { type ActorContext, type RepositoryContext, type PullRequestContext } from './policy-input-builder';
8
+ /**
9
+ * Enterprise OPA Policy Engine.
10
+ *
11
+ * Wraps both WASM (local) and HTTP (remote) OPA evaluators behind the
12
+ * OSS PolicyEngine interface. All OPA input building and role resolution
13
+ * is handled internally — the OSS call sites pass only plain types.
14
+ */
15
+ export declare class OpaPolicyEngine implements PolicyEngine {
16
+ private evaluator;
17
+ private fallback;
18
+ private timeout;
19
+ private config;
20
+ private inputBuilder;
21
+ private logger;
22
+ constructor(config: PolicyConfig);
23
+ initialize(config: PolicyConfig): Promise<void>;
24
+ /**
25
+ * Update actor/repo/PR context (e.g., after PR info becomes available).
26
+ * Called by the enterprise loader when engine context is enriched.
27
+ */
28
+ setActorContext(actor: ActorContext, repo?: RepositoryContext, pullRequest?: PullRequestContext): void;
29
+ evaluateCheckExecution(checkId: string, checkConfig: unknown): Promise<PolicyDecision>;
30
+ evaluateToolInvocation(serverName: string, methodName: string, transport?: string): Promise<PolicyDecision>;
31
+ evaluateCapabilities(checkId: string, capabilities: {
32
+ allowEdit?: boolean;
33
+ allowBash?: boolean;
34
+ allowedTools?: string[];
35
+ }): Promise<PolicyDecision>;
36
+ shutdown(): Promise<void>;
37
+ private resolveRulePath;
38
+ private doEvaluate;
39
+ private rawEvaluate;
40
+ /**
41
+ * Navigate nested OPA WASM result tree to reach the specific rule's output.
42
+ * The WASM entrypoint `-e visor` means the result root IS the visor package,
43
+ * so we strip the `visor/` prefix and walk the remaining segments.
44
+ */
45
+ private navigateWasmResult;
46
+ private parseDecision;
47
+ }
48
+ //# sourceMappingURL=opa-policy-engine.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"opa-policy-engine.d.ts","sourceRoot":"","sources":["file:///home/runner/work/visor/visor/src/enterprise/policy/opa-policy-engine.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,YAAY,EACZ,YAAY,EACZ,cAAc,EAEf,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAEL,KAAK,YAAY,EACjB,KAAK,iBAAiB,EACtB,KAAK,kBAAkB,EACxB,MAAM,wBAAwB,CAAC;AAEhC;;;;;;GAMG;AACH,qBAAa,eAAgB,YAAW,YAAY;IAClD,OAAO,CAAC,SAAS,CAAoD;IACrE,OAAO,CAAC,QAAQ,CAA4B;IAC5C,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,MAAM,CAAe;IAC7B,OAAO,CAAC,YAAY,CAAmC;IACvD,OAAO,CAAC,MAAM,CAAa;gBAEf,MAAM,EAAE,YAAY;IAM1B,UAAU,CAAC,MAAM,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAiDrD;;;OAGG;IACH,eAAe,CACb,KAAK,EAAE,YAAY,EACnB,IAAI,CAAC,EAAE,iBAAiB,EACxB,WAAW,CAAC,EAAE,kBAAkB,GAC/B,IAAI;IAID,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,GAAG,OAAO,CAAC,cAAc,CAAC;IAmBtF,sBAAsB,CAC1B,UAAU,EAAE,MAAM,EAClB,UAAU,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,cAAc,CAAC;IAMpB,oBAAoB,CACxB,OAAO,EAAE,MAAM,EACf,YAAY,EAAE;QACZ,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;KACzB,GACA,OAAO,CAAC,cAAc,CAAC;IAMpB,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ/B,OAAO,CAAC,eAAe;YAOT,UAAU;YAkCV,WAAW;IAWzB;;;;OAIG;IACH,OAAO,CAAC,kBAAkB;IAe1B,OAAO,CAAC,aAAa;CAqBtB"}