@runfile-ai/schemas 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (41) hide show
  1. package/LICENSE +190 -0
  2. package/README.md +163 -0
  3. package/dist/canonical.d.ts +32 -0
  4. package/dist/canonical.d.ts.map +1 -0
  5. package/dist/canonical.js +46 -0
  6. package/dist/canonical.js.map +1 -0
  7. package/dist/control-mapping.d.ts +85 -0
  8. package/dist/control-mapping.d.ts.map +1 -0
  9. package/dist/control-mapping.js +31 -0
  10. package/dist/control-mapping.js.map +1 -0
  11. package/dist/event.d.ts +866 -0
  12. package/dist/event.d.ts.map +1 -0
  13. package/dist/event.js +289 -0
  14. package/dist/event.js.map +1 -0
  15. package/dist/evidence.d.ts +955 -0
  16. package/dist/evidence.d.ts.map +1 -0
  17. package/dist/evidence.js +31 -0
  18. package/dist/evidence.js.map +1 -0
  19. package/dist/index.d.ts +8 -0
  20. package/dist/index.d.ts.map +1 -0
  21. package/dist/index.js +8 -0
  22. package/dist/index.js.map +1 -0
  23. package/dist/ingest.d.ts +1595 -0
  24. package/dist/ingest.d.ts.map +1 -0
  25. package/dist/ingest.js +177 -0
  26. package/dist/ingest.js.map +1 -0
  27. package/dist/manifest.d.ts +110 -0
  28. package/dist/manifest.d.ts.map +1 -0
  29. package/dist/manifest.js +46 -0
  30. package/dist/manifest.js.map +1 -0
  31. package/dist/vault.d.ts +459 -0
  32. package/dist/vault.d.ts.map +1 -0
  33. package/dist/vault.js +188 -0
  34. package/dist/vault.js.map +1 -0
  35. package/generated/json-schema/control_mapping.json +107 -0
  36. package/generated/json-schema/event.json +600 -0
  37. package/generated/json-schema/evidence.json +721 -0
  38. package/generated/json-schema/ingest.json +800 -0
  39. package/generated/json-schema/manifest.json +148 -0
  40. package/generated/json-schema/vault.json +468 -0
  41. package/package.json +59 -0
package/generated/json-schema/manifest.json ADDED
@@ -0,0 +1,148 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2019-09/schema#",
3
+ "title": "manifest",
4
+ "description": "Runfile manifest schemas. Source: src/manifest.ts (Zod). Do not edit by hand.",
5
+ "$ref": "#/definitions/_RunfileBundle",
6
+ "definitions": {
7
+ "MerkleManifest": {
8
+ "type": "object",
9
+ "properties": {
10
+ "manifest_version": {
11
+ "type": "string",
12
+ "pattern": "^\\d+\\.\\d+\\.\\d+$"
13
+ },
14
+ "schema_version": {
15
+ "$ref": "#/definitions/MerkleManifest/properties/manifest_version"
16
+ },
17
+ "tenant_id": {
18
+ "type": "string",
19
+ "pattern": "^tnt_[0-9a-z]{12}$"
20
+ },
21
+ "day_utc": {
22
+ "type": "string",
23
+ "pattern": "^\\d{4}-\\d{2}-\\d{2}$"
24
+ },
25
+ "built_at": {
26
+ "type": "string",
27
+ "format": "date-time"
28
+ },
29
+ "leaf_count": {
30
+ "type": "integer",
31
+ "minimum": 0
32
+ },
33
+ "merkle_root": {
34
+ "type": "string",
35
+ "pattern": "^sha256:[a-f0-9]{64}$"
36
+ },
37
+ "prev_manifest_root": {
38
+ "anyOf": [
39
+ {
40
+ "$ref": "#/definitions/MerkleManifest/properties/merkle_root"
41
+ },
42
+ {
43
+ "type": "null"
44
+ }
45
+ ]
46
+ },
47
+ "leaves": {
48
+ "type": "array",
49
+ "items": {
50
+ "type": "object",
51
+ "properties": {
52
+ "event_id": {
53
+ "type": "string",
54
+ "pattern": "^[0-9A-HJKMNP-TV-Z]{26}$"
55
+ },
56
+ "event_hash": {
57
+ "$ref": "#/definitions/MerkleManifest/properties/merkle_root"
58
+ },
59
+ "leaf_index": {
60
+ "type": "integer",
61
+ "minimum": 0
62
+ }
63
+ },
64
+ "required": [
65
+ "event_id",
66
+ "event_hash",
67
+ "leaf_index"
68
+ ],
69
+ "additionalProperties": false
70
+ }
71
+ },
72
+ "kms_signature": {
73
+ "type": "object",
74
+ "properties": {
75
+ "kms_key_arn": {
76
+ "type": "string"
77
+ },
78
+ "signing_algorithm": {
79
+ "type": "string"
80
+ },
81
+ "signature_base64": {
82
+ "type": "string"
83
+ }
84
+ },
85
+ "required": [
86
+ "kms_key_arn",
87
+ "signing_algorithm",
88
+ "signature_base64"
89
+ ],
90
+ "additionalProperties": false
91
+ },
92
+ "attestation_document": {
93
+ "type": [
94
+ "string",
95
+ "null"
96
+ ]
97
+ },
98
+ "rekor_entry": {
99
+ "type": "object",
100
+ "properties": {
101
+ "log_index": {
102
+ "type": "integer",
103
+ "minimum": 0
104
+ },
105
+ "log_id": {
106
+ "type": "string"
107
+ },
108
+ "inclusion_proof": {
109
+ "type": "string"
110
+ }
111
+ },
112
+ "required": [
113
+ "log_index",
114
+ "log_id",
115
+ "inclusion_proof"
116
+ ],
117
+ "additionalProperties": false
118
+ }
119
+ },
120
+ "required": [
121
+ "manifest_version",
122
+ "schema_version",
123
+ "tenant_id",
124
+ "day_utc",
125
+ "built_at",
126
+ "leaf_count",
127
+ "merkle_root",
128
+ "prev_manifest_root",
129
+ "leaves",
130
+ "kms_signature",
131
+ "attestation_document"
132
+ ],
133
+ "additionalProperties": false
134
+ },
135
+ "_RunfileBundle": {
136
+ "type": "object",
137
+ "properties": {
138
+ "MerkleManifest": {
139
+ "$ref": "#/definitions/MerkleManifest"
140
+ }
141
+ },
142
+ "required": [
143
+ "MerkleManifest"
144
+ ],
145
+ "additionalProperties": false
146
+ }
147
+ }
148
+ }
package/generated/json-schema/vault.json ADDED
@@ -0,0 +1,468 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2019-09/schema#",
3
+ "title": "vault",
4
+ "description": "Runfile vault schemas. Source: src/vault.ts (Zod). Do not edit by hand.",
5
+ "$ref": "#/definitions/_RunfileBundle",
6
+ "definitions": {
7
+ "TokenizeRequest": {
8
+ "type": "object",
9
+ "properties": {
10
+ "value": {
11
+ "type": "string",
12
+ "minLength": 1,
13
+ "maxLength": 4096
14
+ },
15
+ "classification": {
16
+ "type": "string",
17
+ "enum": [
18
+ "person_name",
19
+ "email",
20
+ "phone",
21
+ "address",
22
+ "dob",
23
+ "tax_id_partial",
24
+ "account_id",
25
+ "user_handle",
26
+ "other_identifier"
27
+ ]
28
+ },
29
+ "context": {
30
+ "type": "object",
31
+ "properties": {
32
+ "normalize": {
33
+ "type": "boolean",
34
+ "default": true
35
+ }
36
+ },
37
+ "additionalProperties": false
38
+ }
39
+ },
40
+ "required": [
41
+ "value",
42
+ "classification"
43
+ ],
44
+ "additionalProperties": false
45
+ },
46
+ "TokenizeResponse": {
47
+ "type": "object",
48
+ "properties": {
49
+ "token": {
50
+ "type": "string",
51
+ "pattern": "^tok_[A-Za-z0-9]{24}$"
52
+ },
53
+ "created": {
54
+ "type": "boolean"
55
+ }
56
+ },
57
+ "required": [
58
+ "token",
59
+ "created"
60
+ ],
61
+ "additionalProperties": false
62
+ },
63
+ "TokenizeBatchRequest": {
64
+ "type": "object",
65
+ "properties": {
66
+ "items": {
67
+ "type": "array",
68
+ "items": {
69
+ "$ref": "#/definitions/TokenizeRequest"
70
+ },
71
+ "minItems": 1,
72
+ "maxItems": 100
73
+ }
74
+ },
75
+ "required": [
76
+ "items"
77
+ ],
78
+ "additionalProperties": false
79
+ },
80
+ "TokenizeBatchResponse": {
81
+ "type": "object",
82
+ "properties": {
83
+ "results": {
84
+ "type": "array",
85
+ "items": {
86
+ "$ref": "#/definitions/TokenizeResponse"
87
+ }
88
+ }
89
+ },
90
+ "required": [
91
+ "results"
92
+ ],
93
+ "additionalProperties": false
94
+ },
95
+ "ResolveRequest": {
96
+ "type": "object",
97
+ "properties": {
98
+ "token": {
99
+ "$ref": "#/definitions/TokenizeResponse/properties/token"
100
+ },
101
+ "requester": {
102
+ "$ref": "#/definitions/RequesterContext"
103
+ },
104
+ "justification": {
105
+ "$ref": "#/definitions/Justification"
106
+ }
107
+ },
108
+ "required": [
109
+ "token",
110
+ "requester",
111
+ "justification"
112
+ ],
113
+ "additionalProperties": false
114
+ },
115
+ "ResolveResponse": {
116
+ "type": "object",
117
+ "properties": {
118
+ "token": {
119
+ "$ref": "#/definitions/TokenizeResponse/properties/token"
120
+ },
121
+ "value": {
122
+ "type": "string"
123
+ },
124
+ "classification": {
125
+ "type": "string"
126
+ },
127
+ "created_at": {
128
+ "type": "string",
129
+ "format": "date-time"
130
+ },
131
+ "audit_event_id": {
132
+ "type": "string",
133
+ "pattern": "^[0-9A-HJKMNP-TV-Z]{26}$"
134
+ }
135
+ },
136
+ "required": [
137
+ "token",
138
+ "value",
139
+ "classification",
140
+ "audit_event_id"
141
+ ],
142
+ "additionalProperties": false
143
+ },
144
+ "ResolveBatchRequest": {
145
+ "type": "object",
146
+ "properties": {
147
+ "tokens": {
148
+ "type": "array",
149
+ "items": {
150
+ "$ref": "#/definitions/TokenizeResponse/properties/token"
151
+ },
152
+ "minItems": 1,
153
+ "maxItems": 100
154
+ },
155
+ "requester": {
156
+ "$ref": "#/definitions/RequesterContext"
157
+ },
158
+ "justification": {
159
+ "$ref": "#/definitions/Justification"
160
+ }
161
+ },
162
+ "required": [
163
+ "tokens",
164
+ "requester",
165
+ "justification"
166
+ ],
167
+ "additionalProperties": false
168
+ },
169
+ "ResolveBatchResponse": {
170
+ "type": "object",
171
+ "properties": {
172
+ "results": {
173
+ "type": "array",
174
+ "items": {
175
+ "$ref": "#/definitions/ResolveBatchResult"
176
+ }
177
+ }
178
+ },
179
+ "required": [
180
+ "results"
181
+ ],
182
+ "additionalProperties": false
183
+ },
184
+ "ResolveBatchResult": {
185
+ "type": "object",
186
+ "properties": {
187
+ "token": {
188
+ "$ref": "#/definitions/TokenizeResponse/properties/token"
189
+ },
190
+ "status": {
191
+ "type": "string",
192
+ "enum": [
193
+ "resolved",
194
+ "not_found",
195
+ "tombstoned",
196
+ "denied"
197
+ ]
198
+ },
199
+ "value": {
200
+ "type": "string"
201
+ },
202
+ "tombstone_reason": {
203
+ "type": "string",
204
+ "enum": [
205
+ "retention_expired",
206
+ "rtbf_processed",
207
+ "tenant_offboarded"
208
+ ]
209
+ },
210
+ "denial_reason": {
211
+ "type": "string"
212
+ },
213
+ "audit_event_id": {
214
+ "$ref": "#/definitions/ResolveResponse/properties/audit_event_id"
215
+ }
216
+ },
217
+ "required": [
218
+ "token",
219
+ "status"
220
+ ],
221
+ "additionalProperties": false
222
+ },
223
+ "LifecycleRequest": {
224
+ "type": "object",
225
+ "properties": {
226
+ "action": {
227
+ "type": "string",
228
+ "enum": [
229
+ "tombstone_immediately",
230
+ "tombstone_at",
231
+ "place_on_legal_hold",
232
+ "release_legal_hold"
233
+ ]
234
+ },
235
+ "scheduled_at": {
236
+ "type": "string",
237
+ "format": "date-time"
238
+ },
239
+ "reason": {
240
+ "type": "string",
241
+ "minLength": 8,
242
+ "maxLength": 1024
243
+ },
244
+ "approver_member_id": {
245
+ "type": "string"
246
+ }
247
+ },
248
+ "required": [
249
+ "action",
250
+ "reason"
251
+ ],
252
+ "additionalProperties": false
253
+ },
254
+ "LifecycleResponse": {
255
+ "type": "object",
256
+ "properties": {
257
+ "token": {
258
+ "$ref": "#/definitions/TokenizeResponse/properties/token"
259
+ },
260
+ "new_state": {
261
+ "type": "string",
262
+ "enum": [
263
+ "active",
264
+ "scheduled_for_tombstone",
265
+ "tombstoned",
266
+ "on_legal_hold"
267
+ ]
268
+ },
269
+ "scheduled_at": {
270
+ "type": "string",
271
+ "format": "date-time"
272
+ },
273
+ "audit_event_id": {
274
+ "$ref": "#/definitions/ResolveResponse/properties/audit_event_id"
275
+ }
276
+ },
277
+ "required": [
278
+ "token",
279
+ "new_state",
280
+ "audit_event_id"
281
+ ],
282
+ "additionalProperties": false
283
+ },
284
+ "RequesterContext": {
285
+ "type": "object",
286
+ "properties": {
287
+ "tenant_id": {
288
+ "type": "string",
289
+ "pattern": "^tnt_[0-9a-z]{12}$"
290
+ },
291
+ "member_id": {
292
+ "type": "string"
293
+ },
294
+ "role": {
295
+ "type": "string",
296
+ "enum": [
297
+ "compliance_officer",
298
+ "internal_auditor",
299
+ "external_auditor",
300
+ "workspace_admin",
301
+ "workspace_owner"
302
+ ]
303
+ },
304
+ "session_id": {
305
+ "type": "string"
306
+ },
307
+ "mfa_age_seconds": {
308
+ "type": "integer",
309
+ "minimum": 0
310
+ },
311
+ "ip_address": {
312
+ "type": "string"
313
+ },
314
+ "user_agent": {
315
+ "type": "string",
316
+ "maxLength": 512
317
+ }
318
+ },
319
+ "required": [
320
+ "tenant_id",
321
+ "member_id",
322
+ "role",
323
+ "session_id",
324
+ "mfa_age_seconds"
325
+ ],
326
+ "additionalProperties": false
327
+ },
328
+ "Justification": {
329
+ "type": "object",
330
+ "properties": {
331
+ "engagement_id": {
332
+ "type": "string",
333
+ "pattern": "^eng_[0-9A-HJKMNP-TV-Z]{26}$"
334
+ },
335
+ "reason_code": {
336
+ "type": "string",
337
+ "enum": [
338
+ "sample_review",
339
+ "finding_investigation",
340
+ "escalation_workflow",
341
+ "rtbf_processing",
342
+ "regulatory_inquiry",
343
+ "other"
344
+ ]
345
+ },
346
+ "free_text": {
347
+ "type": "string",
348
+ "minLength": 8,
349
+ "maxLength": 1024
350
+ },
351
+ "approver_member_id": {
352
+ "type": "string"
353
+ }
354
+ },
355
+ "required": [
356
+ "engagement_id",
357
+ "reason_code",
358
+ "free_text"
359
+ ],
360
+ "additionalProperties": false
361
+ },
362
+ "VaultError": {
363
+ "type": "object",
364
+ "properties": {
365
+ "error_code": {
366
+ "type": "string",
367
+ "enum": [
368
+ "unauthorized",
369
+ "forbidden",
370
+ "classification_not_vaultable",
371
+ "invalid_value",
372
+ "invalid_classification",
373
+ "rate_limited",
374
+ "mfa_too_old",
375
+ "engagement_not_active",
376
+ "engagement_scope_violation",
377
+ "approval_required",
378
+ "approval_invalid",
379
+ "token_not_found",
380
+ "token_tombstoned",
381
+ "lifecycle_conflict",
382
+ "internal_error"
383
+ ]
384
+ },
385
+ "error_message": {
386
+ "type": "string",
387
+ "maxLength": 1024
388
+ },
389
+ "request_id": {
390
+ "type": "string"
391
+ },
392
+ "retry_after_seconds": {
393
+ "type": "integer",
394
+ "minimum": 0
395
+ }
396
+ },
397
+ "required": [
398
+ "error_code",
399
+ "error_message"
400
+ ],
401
+ "additionalProperties": false
402
+ },
403
+ "_RunfileBundle": {
404
+ "type": "object",
405
+ "properties": {
406
+ "TokenizeRequest": {
407
+ "$ref": "#/definitions/TokenizeRequest"
408
+ },
409
+ "TokenizeResponse": {
410
+ "$ref": "#/definitions/TokenizeResponse"
411
+ },
412
+ "TokenizeBatchRequest": {
413
+ "$ref": "#/definitions/TokenizeBatchRequest"
414
+ },
415
+ "TokenizeBatchResponse": {
416
+ "$ref": "#/definitions/TokenizeBatchResponse"
417
+ },
418
+ "ResolveRequest": {
419
+ "$ref": "#/definitions/ResolveRequest"
420
+ },
421
+ "ResolveResponse": {
422
+ "$ref": "#/definitions/ResolveResponse"
423
+ },
424
+ "ResolveBatchRequest": {
425
+ "$ref": "#/definitions/ResolveBatchRequest"
426
+ },
427
+ "ResolveBatchResponse": {
428
+ "$ref": "#/definitions/ResolveBatchResponse"
429
+ },
430
+ "ResolveBatchResult": {
431
+ "$ref": "#/definitions/ResolveBatchResult"
432
+ },
433
+ "LifecycleRequest": {
434
+ "$ref": "#/definitions/LifecycleRequest"
435
+ },
436
+ "LifecycleResponse": {
437
+ "$ref": "#/definitions/LifecycleResponse"
438
+ },
439
+ "RequesterContext": {
440
+ "$ref": "#/definitions/RequesterContext"
441
+ },
442
+ "Justification": {
443
+ "$ref": "#/definitions/Justification"
444
+ },
445
+ "VaultError": {
446
+ "$ref": "#/definitions/VaultError"
447
+ }
448
+ },
449
+ "required": [
450
+ "TokenizeRequest",
451
+ "TokenizeResponse",
452
+ "TokenizeBatchRequest",
453
+ "TokenizeBatchResponse",
454
+ "ResolveRequest",
455
+ "ResolveResponse",
456
+ "ResolveBatchRequest",
457
+ "ResolveBatchResponse",
458
+ "ResolveBatchResult",
459
+ "LifecycleRequest",
460
+ "LifecycleResponse",
461
+ "RequesterContext",
462
+ "Justification",
463
+ "VaultError"
464
+ ],
465
+ "additionalProperties": false
466
+ }
467
+ }
468
+ }
package/package.json ADDED
@@ -0,0 +1,59 @@
1
+ {
2
+ "name": "@runfile-ai/schemas",
3
+ "version": "0.1.0",
4
+ "description": "Runfile event, ingest, vault, evidence, and manifest schemas. Source of truth in Zod; generates JSON Schema, Pydantic, and Go.",
5
+ "license": "Apache-2.0",
6
+ "type": "module",
7
+ "main": "./dist/index.js",
8
+ "types": "./dist/index.d.ts",
9
+ "exports": {
10
+ ".": "./dist/index.js",
11
+ "./event": "./dist/event.js",
12
+ "./ingest": "./dist/ingest.js",
13
+ "./vault": "./dist/vault.js",
14
+ "./evidence": "./dist/evidence.js",
15
+ "./manifest": "./dist/manifest.js",
16
+ "./control-mapping": "./dist/control-mapping.js",
17
+ "./canonical": "./dist/canonical.js",
18
+ "./json-schema/event.json": "./generated/json-schema/event.json",
19
+ "./json-schema/ingest.json": "./generated/json-schema/ingest.json",
20
+ "./json-schema/vault.json": "./generated/json-schema/vault.json"
21
+ },
22
+ "files": [
23
+ "dist",
24
+ "generated/json-schema"
25
+ ],
26
+ "dependencies": {
27
+ "canonicalize": "^2.0.0",
28
+ "zod": "^3.23.8"
29
+ },
30
+ "devDependencies": {
31
+ "@changesets/changelog-github": "^0.7.0",
32
+ "@changesets/cli": "^2.31.0",
33
+ "@types/node": "^20.14.0",
34
+ "quicktype": "^23.2.6",
35
+ "tsx": "^4.16.2",
36
+ "typescript": "^5.5.3",
37
+ "vitest": "^2.0.0",
38
+ "zod-to-json-schema": "^3.23.1"
39
+ },
40
+ "engines": {
41
+ "node": ">=20"
42
+ },
43
+ "publishConfig": {
44
+ "access": "public"
45
+ },
46
+ "scripts": {
47
+ "build": "tsc -p tsconfig.build.json",
48
+ "generate": "tsx scripts/generate.ts",
49
+ "check-drift": "tsx scripts/check-drift.ts",
50
+ "publish-all": "tsx scripts/publish-all.ts",
51
+ "test": "vitest run",
52
+ "test:watch": "vitest",
53
+ "lint": "tsc --noEmit",
54
+ "clean": "rm -rf dist generated/json-schema/*.json",
55
+ "changeset": "changeset",
56
+ "changeset:version": "changeset version",
57
+ "changeset:publish": "pnpm run build && changeset publish"
58
+ }
59
+ }