@sdux-vault/engine 0.0.9

package/LICENSE

@@ -0,0 +1,212 @@
+# NGL Commercial License 1.0
+
+**Copyright © 2026 NextGen Luminary (“NGL”)**  
+All rights reserved.
+
+This NGL Commercial License 1.0 (“**License**”) is a legal agreement between **NextGen Luminary**, its affiliates, or licensors (“**Licensor**”), and the individual or legal entity exercising rights under this License (“**Licensee**”).
+
+This License governs the use of proprietary SDuX software components, including but not limited to the SDuX Engine, SDuX Engine npm distributions, SDuX Vault runtime components, and related proprietary source code, as identified and distributed by Licensor.
+
+By installing, accessing, or using the Software, Licensee agrees to be bound by the terms of this License.
+
+---
+
+## 1. Definitions
+
+For purposes of this License:
+
+- **“Software”** means the proprietary SDuX components provided by Licensor under this License, in source code form, object code form, or binary distribution, as applicable.
+- **“Object Code”** means compiled or executable versions of the Software, including npm-distributed binaries.
+- **“Source Code”** means the human-readable form of the Software, where access is explicitly granted.
+- **“Internal Use”** means use of the Software solely within Licensee’s organization for its own internal business purposes.
+- **“Production Use”** means deployment of the Software in live, customer-facing, revenue-generating, or operational environments.
+- **“Change of Control”** means a merger, acquisition, reorganization, or sale of substantially all assets of Licensee.
+- **“Licensed Extension”** means a Behavior, Controller, module, or other software component that integrates with the Software and declares a runtime license requirement through SDuX Vault or related enforcement mechanisms.
+- **“Extension Author”** or **“Vendor”** means any third party that develops, distributes, or licenses a Licensed Extension for use with the Software.
+- **“License Payload”** means vendor-defined data supplied at runtime for purposes of validating a Licensed Extension, including but not limited to tokens, cryptographic signatures, entitlement metadata, or other opaque validation artifacts.
+- **“Validation Result”** means the boolean approval or denial outcome reported by a Licensed Extension to SDuX Vault runtime enforcement mechanisms.
+- **“FeatureCell”** means a discrete execution unit, pipeline element, or runtime-bound functional component within the Software that may be subject to license validation or gating behavior.
+- **“Terminal State”** means a non-recoverable runtime condition entered following denial or failed validation that requires full reinitialization of affected components.
+- **“Validation Timeout”** or **“License Timeout Window”** means the configured period during which a Validation Result must be reported before automatic denial occurs.
+- **“Deterministic Enforcement”** means the intentional, programmatic license validation behavior whereby activation, denial, suspension, or terminal state transitions occur based on defined runtime rules without discretionary override.
+- **“Runtime License Token”** means any token, key, credential, or structured data representing runtime licensing state or entitlement within the Software.
+
+---
+
+## 2. Grant of License
+
+Subject to the terms and conditions of this License, Licensor hereby grants Licensee a **non-exclusive**, **non-transferable**, **non-sublicensable** license to:
+
+- Use the Software solely in **Object Code form** (unless Source Code access is explicitly granted by Licensor);
+- Use the Software solely for **Internal Use** and, where applicable, **Production Use** in accordance with Licensor’s commercial terms;
+- Install and execute the Software only on systems owned or controlled by Licensee.
+
+No rights are granted except as expressly stated in this License.
+
+---
+
+## 3. Third-Party Extensions and Ecosystem Separation
+
+The Software may permit integration with Licensed Extensions developed or distributed by third parties.
+
+Licensor:
+
+1. Does not license, distribute, or control any Licensed Extension unless expressly identified as such;
+2. Makes no representations or warranties regarding compatibility, functionality, entitlement correctness, security, or operational availability of any third-party Licensed Extension;
+3. Does not validate, issue, manage, or enforce third-party commercial licenses;
+4. Has no obligation to provide support, billing services, entitlement tracking, revenue processing, dispute resolution, or marketplace operation services for third-party Licensed Extensions.
+
+All commercial relationships between Licensee and any Extension Author are solely between those parties.
+
+Use of third-party Licensed Extensions is at Licensee’s sole risk.
+
+Nothing in this License creates a partnership, joint venture, agency relationship, revenue-sharing obligation, fiduciary duty, or marketplace operator responsibility between Licensor and any Extension Author or Vendor.
+
+---
+
+## 4. Restrictions
+
+Except as expressly permitted by this License, Licensee shall not, and shall not permit any third party to:
+
+- Modify, adapt, translate, or create derivative works of the Software;
+- Reverse engineer, decompile, disassemble, or otherwise attempt to derive source code from the Software;
+- Redistribute, resell, lease, sublicense, or make the Software available to any third party;
+- Use the Software to provide hosted, managed, or service-bureau offerings;
+- Circumvent, disable, or interfere with license enforcement mechanisms or technical safeguards;
+- Remove or alter proprietary notices, labels, or marks;
+- Interfere with, spoof, or manipulate runtime license validation flows, including any call paths that report a Validation Result;
+- Inject, fabricate, tamper with, or misrepresent License Payload data or Runtime License Tokens for the purpose of bypassing enforcement or causing unauthorized activation;
+- Attempt to alter, disable, or circumvent Deterministic Enforcement, Validation Timeout behavior, License Timeout Windows, Terminal State transitions, or other defined runtime gating mechanisms;
+- Extract, reuse, reverse engineer, or repurpose proprietary enforcement logic, telemetry systems, FeatureCell gating logic, or validation infrastructure outside the scope of authorized use under this License;
+- Use the Software to operate, enable, or provide a competing licensing enforcement infrastructure or marketplace that derives from proprietary enforcement components of the Software.
+
+Any use of the Software outside the scope of this License constitutes a material breach.
+
+---
+
+## 5. Ownership and Intellectual Property
+
+The Software is **licensed, not sold**.
+
+All right, title, and interest in and to the Software, including all intellectual property rights therein, are and shall remain exclusively with Licensor. Licensee acquires no ownership interest in the Software by virtue of this License.
+
+No implied licenses are granted under any patents, copyrights, trademarks, or trade secrets of Licensor.
+
+Nothing in this License grants any right to use Licensor’s trademarks, service marks, trade names, or branding except as necessary for truthful reference consistent with authorized use.
+
+---
+
+## 6. Assignment and Change of Control
+
+This License **is assignable in its entirety**, without the consent of Licensor, **solely** in connection with a Change of Control, provided that:
+
+1. The successor entity agrees in writing to be bound by all terms of this License; and
+2. The assignment includes all copies of the Software in Licensee’s possession.
+
+Any other assignment, delegation, or transfer without Licensor’s prior written consent is void.
+
+Nothing in this section grants any right to sublicense, redistribute, or relicense the Software.
+
+---
+
+## 7. Compliance and Audit
+
+Licensee agrees to use the Software in compliance with this License and all applicable laws. Licensor may, upon reasonable notice, request written certification of compliance or usage scope solely to verify adherence to this License.
+
+Nothing in this section creates any service-level agreement, uptime commitment, validation latency guarantee, or operational availability obligation.
+
+---
+
+## 8. Platform Enforcement and Deterministic Operation
+
+Licensee acknowledges that the Software includes Deterministic Enforcement mechanisms and runtime gating behavior.
+
+Where a Licensed Extension requires runtime validation:
+
+- Failure to report a Validation Result within the configured Validation Timeout or License Timeout Window may result in automatic denial;
+- A negative Validation Result may cause affected runtime components, FeatureCells, or execution units to enter a Terminal State;
+- Late Validation Results may be ignored;
+- Terminal denial states may not be reversible without full reinitialization.
+
+Licensee agrees that such behavior constitutes intended license enforcement and gating functionality and shall not be deemed a defect, failure of performance, service interruption, or breach of warranty.
+
+Licensor does not guarantee validation latency, entitlement response time, network availability, or successful completion of any third-party validation process.
+
+Licensor shall not be liable for denial, suspension, non-activation, Terminal State outcomes, or related execution impacts resulting from third-party license validation outcomes, Vendor service unavailability, License Payload errors, Runtime License Token corruption, or cryptographic implementation errors by Vendors.
+
+Vendors are solely responsible for the secure design, implementation, and operation of their cryptographic, entitlement, and validation systems.
+
+---
+
+## 9. Security and Ecosystem Integrity
+
+Licensor reserves the right, where reasonably necessary to address a material security risk, platform integrity concern, legal compliance requirement, or system stability issue, to:
+
+1. Suspend distribution of proprietary components that present material security risk;
+2. Issue updates that modify enforcement behavior or security posture;
+3. Restrict compatibility with extensions that compromise security, violate documented platform policies, or materially degrade system stability.
+
+Nothing in this section shall be interpreted as granting Licensor arbitrary termination rights unrelated to breach, nor as creating an obligation to monitor or police third-party extensions.
+
+---
+
+## 10. API Evolution and Compatibility
+
+Licensor may modify internal APIs, enforcement mechanisms, runtime integration points, or compatibility requirements in future versions of the Software.
+
+Licensor does not guarantee backward compatibility with any third-party Licensed Extension unless expressly agreed in writing.
+
+Licensor reserves the right to publish compatibility guidelines, extension certification programs, or security requirements applicable to integrations with the Software.
+
+---
+
+## 11. Termination
+
+This License shall remain in effect until terminated.
+
+Licensor may terminate this License immediately if Licensee breaches any term of this License. Upon termination:
+
+- All rights granted to Licensee shall immediately cease;
+- Licensee must discontinue all use of the Software;
+- All copies of the Software must be destroyed or permanently deleted.
+
+Sections relating to ownership, restrictions, disclaimers, limitation of liability, governing law, and ecosystem separation shall survive termination.
+
+---
+
+## 12. Disclaimer of Warranties
+
+**THE SOFTWARE IS PROVIDED “AS IS” AND “AS AVAILABLE,” WITHOUT WARRANTY OF ANY KIND.**  
+LICENSOR DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS, IMPLIED, OR STATUTORY, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
+
+LICENSOR DOES NOT WARRANT THAT THIRD-PARTY LICENSED EXTENSIONS, VALIDATION SYSTEMS, ENTITLEMENT SERVICES, RUNTIME LICENSE TOKENS, OR CRYPTOGRAPHIC IMPLEMENTATIONS WILL OPERATE WITHOUT INTERRUPTION, ERROR, DENIAL, LATENCY, OR TERMINATION. LICENSOR DISCLAIMS ALL RESPONSIBILITY FOR THIRD-PARTY ENTITLEMENT SERVICES, CRYPTOGRAPHIC VALIDATION SYSTEMS, OR REMOTE LICENSE VERIFICATION INFRASTRUCTURE.
+
+---
+
+## 13. Limitation of Liability
+
+TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL LICENSOR BE LIABLE FOR ANY INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, OR EXEMPLARY DAMAGES, INCLUDING LOST PROFITS, LOSS OF DATA, LOSS OF GOODWILL, OR BUSINESS INTERRUPTION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
+
+LICENSOR’S TOTAL LIABILITY UNDER THIS LICENSE SHALL NOT EXCEED THE AMOUNT PAID BY LICENSEE FOR THE SOFTWARE, IF ANY, IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.
+
+LICENSOR SHALL NOT BE LIABLE FOR ANY DAMAGES ARISING FROM THIRD-PARTY LICENSE VALIDATION FAILURE, VALIDATION TIMEOUT, ENTITLEMENT REVOCATION, LICENSE PAYLOAD MISCONFIGURATION, RUNTIME LICENSE TOKEN CORRUPTION, CRYPTOGRAPHIC IMPLEMENTATION ERRORS, OR EXTENSION-RELATED TERMINAL DENIAL EVENTS.
+
+---
+
+## 14. Governing Law and Venue
+
+This License shall be governed by and construed in accordance with the laws of the jurisdiction in which Licensor is incorporated, without regard to conflict-of-law principles.
+
+Any legal action arising out of or relating to this License shall be brought exclusively in the courts located within that jurisdiction, and the parties hereby consent to personal jurisdiction and venue therein.
+
+---
+
+## 15. Entire Agreement
+
+This License constitutes the entire agreement between the parties regarding the Software and supersedes all prior or contemporaneous agreements, understandings, or communications, whether written or oral, relating to the Software.
+
+No amendment or waiver of this License shall be effective unless in writing and signed by Licensor.
+
+---
+
+**END OF NGL COMMERCIAL LICENSE 1.0**

package/README.md

@@ -0,0 +1,239 @@
+# @sdux-vault/engine
+
+> Deterministic pipeline execution, orchestration, and state management for the SDuX platform.
+
+`@sdux-vault/engine` provides the core runtime engine for SDuX.  
+It is responsible for executing pipelines, orchestrating behaviors, and managing deterministic state transitions across the system.
+
+---
+
+## TL;DR
+
+For full documentation, guides, and API references:  
+https://www.sdux-vault.com
+
+---
+
+## Overview
+
+SDuX is built as a layered system:
+
+```
+shared → core → core-extensions → apps
+           └────────────────────→ devtools
+```
+
+- **shared** → contracts, types, utilities
+- **core** → runtime engine and orchestration (this package)
+- **core-extensions** → framework integrations (Angular, React, etc.)
+- **apps** → end-user applications
+- **devtools** → observability and debugging
+
+---
+
+## What This Package Provides
+
+- Pipeline execution engine
+- Behavior orchestration system
+- Controller coordination layer
+- Deterministic state transition processing
+- Event-driven execution model
+- Runtime integration foundation
+
+---
+
+## Key Characteristics
+
+- ✅ Deterministic execution model
+- ✅ Framework-agnostic architecture
+- ✅ Composable pipeline behaviors
+- ✅ Predictable state transitions
+- ✅ High-performance runtime orchestration
+
+---
+
+## Installation
+
+```bash
+npm install @sdux-vault/engine
+```
+
+---
+
+## Usage
+
+### Basic Import
+
+```ts
+import { createVault } from '@sdux-vault/engine';
+```
+
+This enables:
+
+- pipeline execution
+- behavior orchestration
+- controller-driven state updates
+
+---
+
+## Example: Creating a Vault
+
+```ts
+import { createVault } from '@sdux-vault/engine';
+
+const vault = createVault({
+  // configuration
+});
+```
+
+---
+
+## How It Works
+
+This package serves as the execution backbone of SDuX through:
+
+- Pipeline orchestration
+- Behavior execution sequencing
+- Controller decision coordination
+- State mutation management
+
+It processes:
+
+- incoming events
+- pipeline stages
+- controller decisions
+- state updates
+
+All in a deterministic and traceable manner.
+
+---
+
+## Execution Model
+
+### Deterministic Processing
+
+The engine ensures:
+
+- consistent execution order
+- predictable outcomes
+- reproducible state transitions
+
+---
+
+## Pipeline Architecture
+
+Execution is structured around:
+
+- FeatureCell pipelines
+- Behavior chains
+- Controller decision layers
+- Orchestrator coordination
+
+---
+
+## State Management
+
+State transitions are:
+
+- controlled
+- predictable
+- observable (via devtools)
+- fully deterministic
+
+---
+
+## Environment Behavior
+
+The engine is:
+
+- ✅ Production-ready
+- ✅ Framework-agnostic
+- ✅ Compatible with SSR and browser environments
+- ✅ Designed for both simple and complex state systems
+
+---
+
+## Side Effects
+
+This package minimizes side effects and focuses on controlled execution.
+
+All state mutations occur through:
+
+- defined pipeline stages
+- controlled behavior execution
+- explicit controller decisions
+
+---
+
+## Development
+
+### Build
+
+```bash
+npm run build:engine
+```
+
+Output:
+
+```
+dist/engine
+```
+
+---
+
+## Test
+
+```bash
+npm run test:engine
+```
+
+---
+
+## Verify
+
+```bash
+npm run verify
+```
+
+Includes:
+
+- linting
+- formatting
+- type checking
+- tests
+
+---
+
+## Publishing
+
+See `RELEASE.md` for full publishing instructions.
+
+---
+
+## Ecosystem
+
+- `@sdux-vault/shared` — core contracts, types, and utilities
+- `@sdux-vault/core` — execution engine for pipelines and orchestration
+- `@sdux-vault/addons` — optional runtime extensions
+- `@sdux-vault/core-extensions/angular` — Angular integration layer
+- `@sdux-vault/devtools` — observability and debugging layer
+
+---
+
+## Tree Shaking & Side Effects
+
+This package is designed to be:
+
+- tree-shakeable
+- side-effect controlled
+
+Only intentional execution paths trigger state changes.
+
+---
+
+## License
+
+For full licensing details:  
+https://www.sdux-vault.com/docs/welcome/license#license-texts
+
+MIT © SDuX Vault