@pugi/sdk 0.1.0-alpha.10

package/dist/audit-trace.js

@@ -0,0 +1,185 @@
+import { z } from 'zod';
+import { permissionDecisionSchema } from './permission-rules.js';
+import { subagentIsolationSchema, subagentRoleSchema } from './subagent-contracts.js';
+export const auditEventBaseSchema = z.object({
+    id: z.string().min(1),
+    sessionId: z.string().min(1),
+    timestamp: z.string().datetime(),
+});
+export const toolCallEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('tool_call'),
+    tool: z.string().min(1),
+    inputSummary: z.string().min(1),
+    permissionDecision: permissionDecisionSchema.optional(),
+});
+export const toolResultEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('tool_result'),
+    toolCallId: z.string().min(1),
+    status: z.enum(['success', 'error', 'cancelled']),
+    outputSummary: z.string().min(1),
+    outputRef: z.string().min(1).optional(),
+});
+export const fileMutationEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('file_mutation'),
+    toolCallId: z.string().min(1),
+    path: z.string().min(1),
+    operation: z.enum(['create', 'update', 'delete', 'move']),
+    beforeBlob: z.string().min(1).optional(),
+    afterBlob: z.string().min(1).optional(),
+    beforeHash: z.string().min(1).optional(),
+    afterHash: z.string().min(1).optional(),
+    diffRef: z.string().min(1).optional(),
+});
+export const sessionEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('session'),
+    name: z.enum(['created', 'command_started', 'command_completed']),
+    command: z.string().min(1).optional(),
+    status: z.enum(['success', 'error']).optional(),
+});
+const hookEventName = z.enum([
+    'SessionStart',
+    'UserPromptSubmit',
+    'PreToolUse',
+    'PermissionRequest',
+    'PostToolUse',
+    'PostToolUseFailure',
+    'Stop',
+    'SessionEnd',
+]);
+export const hookInvokedEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('hook.invoked'),
+    event: hookEventName,
+    matchSummary: z.string().min(1),
+    runSummary: z.string().min(1),
+});
+export const hookResultEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('hook.result'),
+    event: hookEventName,
+    ok: z.boolean(),
+    exitCode: z.number().int(),
+    elapsedMs: z.number().int().nonnegative(),
+    stdoutLen: z.number().int().nonnegative(),
+    stderrLen: z.number().int().nonnegative(),
+});
+export const hookSkippedEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('hook.skipped'),
+    event: hookEventName,
+    reason: z.enum(['dedup', 'no-match', 'untrusted-project']),
+});
+export const compactionTierSchema = z.enum([
+    'microcompact',
+    'cached_microcompact',
+    'reactive_summary',
+    'session_memory',
+    'full_compaction',
+    'reset',
+]);
+export const compactionStartedEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('compaction.started'),
+    tier: compactionTierSchema,
+    trigger: z.object({
+        budgetUsed: z.number().nonnegative(),
+        budgetMax: z.number().positive(),
+    }),
+});
+export const compactionCompletedEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('compaction.completed'),
+    tier: compactionTierSchema,
+    bytesReclaimed: z.number().nonnegative(),
+    newContextSize: z.number().nonnegative(),
+    artifactsCreated: z.array(z.object({
+        sha256: z.string().min(1),
+        size: z.number().nonnegative(),
+        producedBy: z.string().min(1),
+    })),
+});
+export const compactionSkippedEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('compaction.skipped'),
+    tier: compactionTierSchema,
+    reason: z.string(),
+});
+export const compactionInvariantViolatedEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('compaction.invariant_violated'),
+    invariant: z.enum([
+        'secrets-never-summarize',
+        'open-decisions-preserved',
+        'artifact-refs-resolvable',
+        'static-hash-unchanged',
+    ]),
+    evidence: z.string(),
+    artifactRef: z.string().min(1).optional(),
+});
+/**
+ * Subagent lifecycle events. Extended in Sprint a5.4 (M1 gap remediation D)
+ * so dispatcher activity surfaces in the same `.pugi/events.jsonl` audit
+ * stream as tool calls, hooks, and compactions. The dispatcher
+ * implementation lives in `apps/pugi-cli/src/core/subagents/dispatcher.ts`;
+ * the wire-level shape and role/isolation enums are defined in
+ * `subagent-contracts.ts` and re-used here so a single source of truth
+ * governs validation on both sides of the boundary.
+ */
+export const subagentSpawnedAuditEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('subagent.spawned'),
+    taskId: z.string().min(1),
+    role: subagentRoleSchema,
+    personaSlug: z.string().min(1),
+    parentSessionId: z.string().min(1),
+    isolation: subagentIsolationSchema,
+});
+export const subagentToolCallAuditEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('subagent.tool_call'),
+    taskId: z.string().min(1),
+    role: subagentRoleSchema,
+    personaSlug: z.string().min(1),
+    toolName: z.string().min(1),
+    toolCallId: z.string().min(1),
+});
+export const subagentCompletedAuditEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('subagent.completed'),
+    taskId: z.string().min(1),
+    role: subagentRoleSchema,
+    personaSlug: z.string().min(1),
+    toolCallCount: z.number().int().nonnegative(),
+    tokensIn: z.number().int().nonnegative(),
+    tokensOut: z.number().int().nonnegative(),
+    durationMs: z.number().int().nonnegative(),
+});
+export const subagentBlockedAuditEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('subagent.blocked'),
+    taskId: z.string().min(1),
+    role: subagentRoleSchema,
+    personaSlug: z.string().min(1),
+    reason: z.enum([
+        'budget_exhausted',
+        'plan_mode_refused',
+        'permission_denied',
+        'tool_unavailable',
+    ]),
+    detail: z.string().min(1),
+});
+export const subagentFailedAuditEventSchema = auditEventBaseSchema.extend({
+    type: z.literal('subagent.failed'),
+    taskId: z.string().min(1),
+    role: subagentRoleSchema,
+    personaSlug: z.string().min(1),
+    error: z.string().min(1),
+});
+export const auditEventSchema = z.discriminatedUnion('type', [
+    sessionEventSchema,
+    toolCallEventSchema,
+    toolResultEventSchema,
+    fileMutationEventSchema,
+    hookInvokedEventSchema,
+    hookResultEventSchema,
+    hookSkippedEventSchema,
+    compactionStartedEventSchema,
+    compactionCompletedEventSchema,
+    compactionSkippedEventSchema,
+    compactionInvariantViolatedEventSchema,
+    subagentSpawnedAuditEventSchema,
+    subagentToolCallAuditEventSchema,
+    subagentCompletedAuditEventSchema,
+    subagentBlockedAuditEventSchema,
+    subagentFailedAuditEventSchema,
+]);
+//# sourceMappingURL=audit-trace.js.map

package/dist/device-flow.d.ts

@@ -0,0 +1,98 @@
+import { z } from 'zod';
+/**
+ * OAuth 2.0 Device Authorization Grant (RFC 8628) wire contracts.
+ *
+ * The CLI hits two endpoints:
+ *   POST /api/auth/device/start
+ *   POST /api/auth/device/poll
+ *
+ * The cabinet UI hits two more (JWT-authenticated):
+ *   POST /api/auth/device/approve
+ *   POST /api/auth/device/deny
+ *
+ * Field naming follows RFC 8628 (snake_case) on the wire, not the
+ * camelCase server type used by Prisma — Zod schemas below are the
+ * canonical wire shape. CLI consumers parse the response with these
+ * schemas to defeat a hostile or buggy runtime returning malformed
+ * fields.
+ */
+export declare const pugiDeviceStartRequestSchema: z.ZodObject<{
+    clientId: z.ZodLiteral<"pugi-cli">;
+}, "strip", z.ZodTypeAny, {
+    clientId: "pugi-cli";
+}, {
+    clientId: "pugi-cli";
+}>;
+export type PugiDeviceStartRequest = z.infer<typeof pugiDeviceStartRequestSchema>;
+export declare const pugiDeviceStartResponseSchema: z.ZodObject<{
+    device_code: z.ZodString;
+    user_code: z.ZodString;
+    verification_uri: z.ZodString;
+    verification_uri_complete: z.ZodString;
+    expires_in: z.ZodNumber;
+    interval: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    device_code: string;
+    user_code: string;
+    verification_uri: string;
+    verification_uri_complete: string;
+    expires_in: number;
+    interval: number;
+}, {
+    device_code: string;
+    user_code: string;
+    verification_uri: string;
+    verification_uri_complete: string;
+    expires_in: number;
+    interval: number;
+}>;
+export type PugiDeviceStartResponse = z.infer<typeof pugiDeviceStartResponseSchema>;
+export declare const pugiDevicePollRequestSchema: z.ZodObject<{
+    deviceCode: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    deviceCode: string;
+}, {
+    deviceCode: string;
+}>;
+export type PugiDevicePollRequest = z.infer<typeof pugiDevicePollRequestSchema>;
+export declare const pugiDevicePollStatusSchema: z.ZodEnum<["pending", "authorized", "denied", "expired", "redeemed"]>;
+export type PugiDevicePollStatus = z.infer<typeof pugiDevicePollStatusSchema>;
+export declare const pugiDevicePollResponseSchema: z.ZodDiscriminatedUnion<"status", [z.ZodObject<{
+    status: z.ZodLiteral<"authorized">;
+    access_token: z.ZodString;
+    token_type: z.ZodLiteral<"Bearer">;
+}, "strip", z.ZodTypeAny, {
+    status: "authorized";
+    access_token: string;
+    token_type: "Bearer";
+}, {
+    status: "authorized";
+    access_token: string;
+    token_type: "Bearer";
+}>, z.ZodObject<{
+    status: z.ZodLiteral<"pending">;
+}, "strip", z.ZodTypeAny, {
+    status: "pending";
+}, {
+    status: "pending";
+}>, z.ZodObject<{
+    status: z.ZodLiteral<"denied">;
+}, "strip", z.ZodTypeAny, {
+    status: "denied";
+}, {
+    status: "denied";
+}>, z.ZodObject<{
+    status: z.ZodLiteral<"expired">;
+}, "strip", z.ZodTypeAny, {
+    status: "expired";
+}, {
+    status: "expired";
+}>, z.ZodObject<{
+    status: z.ZodLiteral<"redeemed">;
+}, "strip", z.ZodTypeAny, {
+    status: "redeemed";
+}, {
+    status: "redeemed";
+}>]>;
+export type PugiDevicePollResponse = z.infer<typeof pugiDevicePollResponseSchema>;
+//# sourceMappingURL=device-flow.d.ts.map

package/dist/device-flow.js

@@ -0,0 +1,55 @@
+import { z } from 'zod';
+/**
+ * OAuth 2.0 Device Authorization Grant (RFC 8628) wire contracts.
+ *
+ * The CLI hits two endpoints:
+ *   POST /api/auth/device/start
+ *   POST /api/auth/device/poll
+ *
+ * The cabinet UI hits two more (JWT-authenticated):
+ *   POST /api/auth/device/approve
+ *   POST /api/auth/device/deny
+ *
+ * Field naming follows RFC 8628 (snake_case) on the wire, not the
+ * camelCase server type used by Prisma — Zod schemas below are the
+ * canonical wire shape. CLI consumers parse the response with these
+ * schemas to defeat a hostile or buggy runtime returning malformed
+ * fields.
+ */
+export const pugiDeviceStartRequestSchema = z.object({
+    clientId: z.literal('pugi-cli'),
+});
+export const pugiDeviceStartResponseSchema = z.object({
+    device_code: z.string().length(64),
+    user_code: z.string().min(8).max(16),
+    verification_uri: z.string().url(),
+    verification_uri_complete: z.string().url(),
+    // Cap `expires_in` at 1 hour so a hostile or misconfigured runtime
+    // cannot trap the CLI in a year-long poll loop by returning a huge
+    // expiration. The server today uses 10 min; this is just the upper
+    // bound the SDK trusts.
+    expires_in: z.number().int().positive().max(3600),
+    interval: z.number().int().min(1).max(60),
+});
+export const pugiDevicePollRequestSchema = z.object({
+    deviceCode: z.string().min(32).max(128),
+});
+export const pugiDevicePollStatusSchema = z.enum([
+    'pending',
+    'authorized',
+    'denied',
+    'expired',
+    'redeemed',
+]);
+export const pugiDevicePollResponseSchema = z.discriminatedUnion('status', [
+    z.object({
+        status: z.literal('authorized'),
+        access_token: z.string().min(1),
+        token_type: z.literal('Bearer'),
+    }),
+    z.object({ status: z.literal('pending') }),
+    z.object({ status: z.literal('denied') }),
+    z.object({ status: z.literal('expired') }),
+    z.object({ status: z.literal('redeemed') }),
+]);
+//# sourceMappingURL=device-flow.js.map