@sentropic/h2a 0.13.0 → 0.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/org.d.ts +104 -0
- package/dist/org.d.ts.map +1 -0
- package/dist/org.js +114 -0
- package/dist/org.js.map +1 -0
- package/package.json +1 -1
package/dist/index.d.ts
CHANGED
|
@@ -27,6 +27,8 @@ export { H2A_NHI_EXPORT_KEY_USE, H2A_NHI_SPIFFE_PATH_ENCODINGS, nhiSpiffeId, nhi
|
|
|
27
27
|
export type { H2ANhiTrustBundle, H2ANhiTrustBundleInput, H2ANhiTrustBundleKey } from "./nhi-export.js";
|
|
28
28
|
export { H2A_BLOCKAGE_BODY_KIND, H2A_BLOCKAGE_CLEARED_BODY_KIND, blockageEnvelope, isActiveBlockage } from "./blockage.js";
|
|
29
29
|
export type { H2ABlockage, H2ABlockageBody } from "./blockage.js";
|
|
30
|
+
export { H2A_ORG_PROPOSAL_BODY_KIND, H2A_ORG_RATIFIED_BODY_KIND, orgAssignmentEnvelope, validateOrgManifest } from "./org.js";
|
|
31
|
+
export type { H2AOrgAssignmentActor, H2AOrgAssignmentBody, H2AOrgAssignmentKind, H2AOrgCommEdge, H2AOrgInstance, H2AOrgManifest, H2AOrgValidationError, H2AOrgValidationResult } from "./org.js";
|
|
30
32
|
export { H2A_SYSML_REF_KIND, isH2ASysmlRef, sysmlRefEquals, validateSysmlRef } from "./sysml.js";
|
|
31
33
|
export type { H2ASysmlRef, H2ASysmlRefValidation, H2ASysmlRefValidationError } from "./sysml.js";
|
|
32
34
|
export { assertValidNegotiationState } from "./negotiation.js";
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,sBAAsB,EACtB,0BAA0B,EAC1B,kBAAkB,EACnB,MAAM,UAAU,CAAC;AAClB,YAAY,EACV,qBAAqB,EACrB,+BAA+B,EAC/B,2BAA2B,EAC3B,8BAA8B,EAC9B,aAAa,EACb,4BAA4B,EAC5B,cAAc,EACd,WAAW,EACZ,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,wBAAwB,EACxB,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,oBAAoB,EACpB,2BAA2B,EAC3B,mBAAmB,EACnB,wBAAwB,EACxB,0BAA0B,EAC1B,iCAAiC,EACjC,gCAAgC,EACjC,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,6BAA6B,EAC7B,8BAA8B,EAC9B,gCAAgC,EAChC,0BAA0B,EAC1B,2BAA2B,EAC5B,MAAM,0BAA0B,CAAC;AAClC,YAAY,EACV,mCAAmC,EACnC,2BAA2B,EAC3B,0BAA0B,EAC1B,2BAA2B,EAC5B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,2CAA2C,EAC3C,8BAA8B,EAC9B,2BAA2B,EAC3B,4BAA4B,EAC5B,0BAA0B,EAC3B,MAAM,wBAAwB,CAAC;AAChC,YAAY,EACV,8BAA8B,EAC9B,sCAAsC,EACtC,oCAAoC,EACpC,uBAAuB,EACxB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,oCAAoC,EACpC,oBAAoB,EACpB,uBAAuB,EACvB,sBAAsB,EACtB,oBAAoB,EACrB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,wBAAwB,EACxB,gCAAgC,EAChC,iBAAiB,EACjB,8BAA8B,EAC/B,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,kCAAkC,EAClC,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,eAAe,CAAC;AACvB,YAAY,EACV,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,EAC5B,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,uBAAuB,EACvB,8CAA8C,EAC9C,iCAAiC,EACjC,+BAA+B,EAC/B,6BAA6B,EAC9B,MAAM,4BAA4B,CAAC;AACpC,YAAY,EACV,oBAAoB,EACpB,iCAAiC,EACjC,yCAAyC,EACzC,uCAAuC,EACxC,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,sCAAsC,EACtC,sBAAsB,EACtB,yBAAyB,EACzB,wBAAwB,EACxB,sBAAsB,EACvB,MAAM,mBAAmB,CAAC;AAC3B,YAAY,EACV,0BAA0B,EAC1B,kCAAkC,EAClC,mBAAmB,EACnB,gCAAgC,EACjC,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,cAAc,EACd,aAAa,EACb,YAAY,EACZ,uBAAuB,EACxB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,sBAAsB,EACtB,iBAAiB,EAClB,MAAM,aAAa,CAAC;AACrB,YAAY,EACV,mBAAmB,EACnB,cAAc,EACd,cAAc,EACd,kBAAkB,EACnB,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,yBAAyB,EACzB,6BAA6B,EAC7B,yCAAyC,EACzC,+BAA+B,EAC/B,kBAAkB,EAClB,iBAAiB,EACjB,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,cAAc,CAAC;AACtB,YAAY,EACV,gBAAgB,EAChB,UAAU,EACV,uBAAuB,EACvB,mBAAmB,EACnB,2BAA2B,EAC3B,eAAe,EACf,eAAe,EACf,cAAc,EACd,eAAe,EACf,aAAa,EACd,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,eAAe,EACf,oBAAoB,EACpB,sBAAsB,EACvB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,wBAAwB,EACxB,+BAA+B,EAC/B,mBAAmB,EACnB,6BAA6B,EAC7B,2BAA2B,EAC3B,4BAA4B,EAC5B,8BAA8B,EAC9B,sBAAsB,EACtB,iCAAiC,EAClC,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,6BAA6B,EAC7B,mCAAmC,EACnC,gBAAgB,EAChB,eAAe,EACf,sBAAsB,EACtB,YAAY,EACZ,iBAAiB,EAClB,MAAM,UAAU,CAAC;AAClB,YAAY,EACV,sBAAsB,EACtB,qBAAqB,EACrB,aAAa,EACb,uBAAuB,EACvB,sBAAsB,EACtB,eAAe,EACf,oBAAoB,EACpB,qBAAqB,EACrB,sBAAsB,EACtB,kBAAkB,EAClB,sBAAsB,EACtB,kBAAkB,EAClB,mBAAmB,EACnB,oBAAoB,EACpB,YAAY,EACZ,cAAc,EACd,uBAAuB,EACvB,sBAAsB,EACvB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,sBAAsB,EACtB,6BAA6B,EAC7B,WAAW,EACX,cAAc,EACf,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,iBAAiB,EACjB,sBAAsB,EACtB,oBAAoB,EACrB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,gBAAgB,EAChB,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAClE,OAAO,EACL,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,gBAAgB,EACjB,MAAM,YAAY,CAAC;AACpB,YAAY,EACV,WAAW,EACX,qBAAqB,EACrB,0BAA0B,EAC3B,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,2BAA2B,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAChE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,6BAA6B,EAC7B,kBAAkB,EACnB,MAAM,cAAc,CAAC;AACtB,YAAY,EACV,eAAe,EACf,iBAAiB,EACjB,sBAAsB,EACvB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,WAAW,EACX,WAAW,EACX,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,QAAQ,EACR,WAAW,EACZ,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,iCAAiC,EACjC,mCAAmC,EACnC,wBAAwB,EACxB,6BAA6B,EAC9B,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,sBAAsB,EACtB,iCAAiC,EACjC,0BAA0B,EAC1B,6BAA6B,EAC7B,uCAAuC,EACxC,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,8BAA8B,EAC9B,uBAAuB,EACvB,8BAA8B,EAC9B,uBAAuB,EACxB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,0BAA0B,EAC1B,oBAAoB,EACpB,uBAAuB,EACvB,2BAA2B,EAC3B,2BAA2B,EAC3B,0BAA0B,EAC1B,6BAA6B,EAC9B,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAC7D,YAAY,EAAE,gCAAgC,EAAE,MAAM,qBAAqB,CAAC;AAC5E,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,EAChB,eAAe,EACf,uBAAuB,EACxB,MAAM,gBAAgB,CAAC;AACxB,YAAY,EACV,kBAAkB,EAClB,qBAAqB,EACrB,0BAA0B,EAC3B,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,EAClB,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,YAAY,EACV,WAAW,EACX,oBAAoB,EACpB,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACX,kBAAkB,EAClB,aAAa,EACb,WAAW,EACX,eAAe,EACf,UAAU,EACV,oBAAoB,EACpB,mBAAmB,EACnB,SAAS,EACT,qBAAqB,EACrB,OAAO,EACP,YAAY,EACb,MAAM,YAAY,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,sBAAsB,EACtB,0BAA0B,EAC1B,kBAAkB,EACnB,MAAM,UAAU,CAAC;AAClB,YAAY,EACV,qBAAqB,EACrB,+BAA+B,EAC/B,2BAA2B,EAC3B,8BAA8B,EAC9B,aAAa,EACb,4BAA4B,EAC5B,cAAc,EACd,WAAW,EACZ,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,wBAAwB,EACxB,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,oBAAoB,EACpB,2BAA2B,EAC3B,mBAAmB,EACnB,wBAAwB,EACxB,0BAA0B,EAC1B,iCAAiC,EACjC,gCAAgC,EACjC,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,6BAA6B,EAC7B,8BAA8B,EAC9B,gCAAgC,EAChC,0BAA0B,EAC1B,2BAA2B,EAC5B,MAAM,0BAA0B,CAAC;AAClC,YAAY,EACV,mCAAmC,EACnC,2BAA2B,EAC3B,0BAA0B,EAC1B,2BAA2B,EAC5B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,2CAA2C,EAC3C,8BAA8B,EAC9B,2BAA2B,EAC3B,4BAA4B,EAC5B,0BAA0B,EAC3B,MAAM,wBAAwB,CAAC;AAChC,YAAY,EACV,8BAA8B,EAC9B,sCAAsC,EACtC,oCAAoC,EACpC,uBAAuB,EACxB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,oCAAoC,EACpC,oBAAoB,EACpB,uBAAuB,EACvB,sBAAsB,EACtB,oBAAoB,EACrB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,wBAAwB,EACxB,gCAAgC,EAChC,iBAAiB,EACjB,8BAA8B,EAC/B,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,kCAAkC,EAClC,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,eAAe,CAAC;AACvB,YAAY,EACV,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,EAC5B,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,uBAAuB,EACvB,8CAA8C,EAC9C,iCAAiC,EACjC,+BAA+B,EAC/B,6BAA6B,EAC9B,MAAM,4BAA4B,CAAC;AACpC,YAAY,EACV,oBAAoB,EACpB,iCAAiC,EACjC,yCAAyC,EACzC,uCAAuC,EACxC,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,sCAAsC,EACtC,sBAAsB,EACtB,yBAAyB,EACzB,wBAAwB,EACxB,sBAAsB,EACvB,MAAM,mBAAmB,CAAC;AAC3B,YAAY,EACV,0BAA0B,EAC1B,kCAAkC,EAClC,mBAAmB,EACnB,gCAAgC,EACjC,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EACL,cAAc,EACd,aAAa,EACb,YAAY,EACZ,uBAAuB,EACxB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,sBAAsB,EACtB,iBAAiB,EAClB,MAAM,aAAa,CAAC;AACrB,YAAY,EACV,mBAAmB,EACnB,cAAc,EACd,cAAc,EACd,kBAAkB,EACnB,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,yBAAyB,EACzB,6BAA6B,EAC7B,yCAAyC,EACzC,+BAA+B,EAC/B,kBAAkB,EAClB,iBAAiB,EACjB,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,cAAc,CAAC;AACtB,YAAY,EACV,gBAAgB,EAChB,UAAU,EACV,uBAAuB,EACvB,mBAAmB,EACnB,2BAA2B,EAC3B,eAAe,EACf,eAAe,EACf,cAAc,EACd,eAAe,EACf,aAAa,EACd,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,eAAe,EACf,oBAAoB,EACpB,sBAAsB,EACvB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,wBAAwB,EACxB,+BAA+B,EAC/B,mBAAmB,EACnB,6BAA6B,EAC7B,2BAA2B,EAC3B,4BAA4B,EAC5B,8BAA8B,EAC9B,sBAAsB,EACtB,iCAAiC,EAClC,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,6BAA6B,EAC7B,mCAAmC,EACnC,gBAAgB,EAChB,eAAe,EACf,sBAAsB,EACtB,YAAY,EACZ,iBAAiB,EAClB,MAAM,UAAU,CAAC;AAClB,YAAY,EACV,sBAAsB,EACtB,qBAAqB,EACrB,aAAa,EACb,uBAAuB,EACvB,sBAAsB,EACtB,eAAe,EACf,oBAAoB,EACpB,qBAAqB,EACrB,sBAAsB,EACtB,kBAAkB,EAClB,sBAAsB,EACtB,kBAAkB,EAClB,mBAAmB,EACnB,oBAAoB,EACpB,YAAY,EACZ,cAAc,EACd,uBAAuB,EACvB,sBAAsB,EACvB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,sBAAsB,EACtB,6BAA6B,EAC7B,WAAW,EACX,cAAc,EACf,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,iBAAiB,EACjB,sBAAsB,EACtB,oBAAoB,EACrB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,gBAAgB,EAChB,gBAAgB,EACjB,MAAM,eAAe,CAAC;AACvB,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAClE,OAAO,EACL,0BAA0B,EAC1B,0BAA0B,EAC1B,qBAAqB,EACrB,mBAAmB,EACpB,MAAM,UAAU,CAAC;AAClB,YAAY,EACV,qBAAqB,EACrB,oBAAoB,EACpB,oBAAoB,EACpB,cAAc,EACd,cAAc,EACd,cAAc,EACd,qBAAqB,EACrB,sBAAsB,EACvB,MAAM,UAAU,CAAC;AAClB,OAAO,EACL,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,gBAAgB,EACjB,MAAM,YAAY,CAAC;AACpB,YAAY,EACV,WAAW,EACX,qBAAqB,EACrB,0BAA0B,EAC3B,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,2BAA2B,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAChE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,6BAA6B,EAC7B,kBAAkB,EACnB,MAAM,cAAc,CAAC;AACtB,YAAY,EACV,eAAe,EACf,iBAAiB,EACjB,sBAAsB,EACvB,MAAM,cAAc,CAAC;AACtB,OAAO,EACL,WAAW,EACX,WAAW,EACX,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,QAAQ,EACR,WAAW,EACZ,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,iCAAiC,EACjC,mCAAmC,EACnC,wBAAwB,EACxB,6BAA6B,EAC9B,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,sBAAsB,EACtB,iCAAiC,EACjC,0BAA0B,EAC1B,6BAA6B,EAC7B,uCAAuC,EACxC,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,8BAA8B,EAC9B,uBAAuB,EACvB,8BAA8B,EAC9B,uBAAuB,EACxB,MAAM,iBAAiB,CAAC;AACzB,YAAY,EACV,0BAA0B,EAC1B,oBAAoB,EACpB,uBAAuB,EACvB,2BAA2B,EAC3B,2BAA2B,EAC3B,0BAA0B,EAC1B,6BAA6B,EAC9B,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAC7D,YAAY,EAAE,gCAAgC,EAAE,MAAM,qBAAqB,CAAC;AAC5E,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,EAChB,eAAe,EACf,uBAAuB,EACxB,MAAM,gBAAgB,CAAC;AACxB,YAAY,EACV,kBAAkB,EAClB,qBAAqB,EACrB,0BAA0B,EAC3B,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,EAClB,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,WAAW,EACZ,MAAM,YAAY,CAAC;AACpB,YAAY,EACV,WAAW,EACX,oBAAoB,EACpB,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,gBAAgB,EAChB,WAAW,EACX,kBAAkB,EAClB,aAAa,EACb,WAAW,EACX,eAAe,EACf,UAAU,EACV,oBAAoB,EACpB,mBAAmB,EACnB,SAAS,EACT,qBAAqB,EACrB,OAAO,EACP,YAAY,EACb,MAAM,YAAY,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -13,6 +13,7 @@ export { H2A_HOST_BRIDGE_CLAUSES, H2A_HOST_BRIDGE_PROFILES, auditHostBridge, get
|
|
|
13
13
|
export { H2A_NHI_ATTESTATION_BODY_KIND, H2A_NHI_DEFAULT_LONG_LIVED_KEY_DAYS, H2A_NHI_RISK_IDS, auditNhiPosture, nhiAttestationEnvelope, nhiInventory, nhiKeyFingerprint } from "./nhi.js";
|
|
14
14
|
export { H2A_NHI_EXPORT_KEY_USE, H2A_NHI_SPIFFE_PATH_ENCODINGS, nhiSpiffeId, nhiTrustBundle } from "./nhi-export.js";
|
|
15
15
|
export { H2A_BLOCKAGE_BODY_KIND, H2A_BLOCKAGE_CLEARED_BODY_KIND, blockageEnvelope, isActiveBlockage } from "./blockage.js";
|
|
16
|
+
export { H2A_ORG_PROPOSAL_BODY_KIND, H2A_ORG_RATIFIED_BODY_KIND, orgAssignmentEnvelope, validateOrgManifest } from "./org.js";
|
|
16
17
|
export { H2A_SYSML_REF_KIND, isH2ASysmlRef, sysmlRefEquals, validateSysmlRef } from "./sysml.js";
|
|
17
18
|
export { assertValidNegotiationState } from "./negotiation.js";
|
|
18
19
|
export { canonicalize, computeHash } from "./canonical.js";
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,sBAAsB,EACtB,0BAA0B,EAC1B,kBAAkB,EACnB,MAAM,UAAU,CAAC;AAWlB,OAAO,EACL,wBAAwB,EACxB,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,kBAAkB,CAAC;AAU1B,OAAO,EACL,6BAA6B,EAC7B,8BAA8B,EAC9B,gCAAgC,EAChC,0BAA0B,EAC1B,2BAA2B,EAC5B,MAAM,0BAA0B,CAAC;AAOlC,OAAO,EACL,2CAA2C,EAC3C,8BAA8B,EAC9B,2BAA2B,EAC3B,4BAA4B,EAC5B,0BAA0B,EAC3B,MAAM,wBAAwB,CAAC;AAOhC,OAAO,EACL,oCAAoC,EACpC,oBAAoB,EACpB,uBAAuB,EACvB,sBAAsB,EACtB,oBAAoB,EACrB,MAAM,iBAAiB,CAAC;AAOzB,OAAO,EACL,kCAAkC,EAClC,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,eAAe,CAAC;AAOvB,OAAO,EACL,uBAAuB,EACvB,8CAA8C,EAC9C,iCAAiC,EACjC,+BAA+B,EAC/B,6BAA6B,EAC9B,MAAM,4BAA4B,CAAC;AAOpC,OAAO,EACL,sCAAsC,EACtC,sBAAsB,EACtB,yBAAyB,EACzB,wBAAwB,EACxB,sBAAsB,EACvB,MAAM,mBAAmB,CAAC;AAO3B,OAAO,EACL,cAAc,EACd,aAAa,EACb,YAAY,EACZ,uBAAuB,EACxB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,sBAAsB,EACtB,iBAAiB,EAClB,MAAM,aAAa,CAAC;AAOrB,OAAO,EACL,yBAAyB,EACzB,6BAA6B,EAC7B,yCAAyC,EACzC,+BAA+B,EAC/B,kBAAkB,EAClB,iBAAiB,EACjB,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,cAAc,CAAC;AAatB,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,eAAe,EACf,oBAAoB,EACpB,sBAAsB,EACvB,MAAM,iBAAiB,CAAC;AAYzB,OAAO,EACL,6BAA6B,EAC7B,mCAAmC,EACnC,gBAAgB,EAChB,eAAe,EACf,sBAAsB,EACtB,YAAY,EACZ,iBAAiB,EAClB,MAAM,UAAU,CAAC;AAqBlB,OAAO,EACL,sBAAsB,EACtB,6BAA6B,EAC7B,WAAW,EACX,cAAc,EACf,MAAM,iBAAiB,CAAC;AAMzB,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,gBAAgB,EAChB,gBAAgB,EACjB,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,gBAAgB,EACjB,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAE,2BAA2B,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAEhE,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,6BAA6B,EAC7B,kBAAkB,EACnB,MAAM,cAAc,CAAC;AAMtB,OAAO,EACL,WAAW,EACX,WAAW,EACX,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,QAAQ,EACR,WAAW,EACZ,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,iCAAiC,EACjC,mCAAmC,EACnC,wBAAwB,EACxB,6BAA6B,EAC9B,MAAM,kBAAkB,CAAC;AAQ1B,OAAO,EACL,8BAA8B,EAC9B,uBAAuB,EACvB,8BAA8B,EAC9B,uBAAuB,EACxB,MAAM,iBAAiB,CAAC;AAUzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAE7D,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,EAChB,eAAe,EACf,uBAAuB,EACxB,MAAM,gBAAgB,CAAC;AAMxB,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,EAClB,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,WAAW,EACZ,MAAM,YAAY,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,sBAAsB,EACtB,0BAA0B,EAC1B,kBAAkB,EACnB,MAAM,UAAU,CAAC;AAWlB,OAAO,EACL,wBAAwB,EACxB,qBAAqB,EACrB,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,kBAAkB,CAAC;AAU1B,OAAO,EACL,6BAA6B,EAC7B,8BAA8B,EAC9B,gCAAgC,EAChC,0BAA0B,EAC1B,2BAA2B,EAC5B,MAAM,0BAA0B,CAAC;AAOlC,OAAO,EACL,2CAA2C,EAC3C,8BAA8B,EAC9B,2BAA2B,EAC3B,4BAA4B,EAC5B,0BAA0B,EAC3B,MAAM,wBAAwB,CAAC;AAOhC,OAAO,EACL,oCAAoC,EACpC,oBAAoB,EACpB,uBAAuB,EACvB,sBAAsB,EACtB,oBAAoB,EACrB,MAAM,iBAAiB,CAAC;AAOzB,OAAO,EACL,kCAAkC,EAClC,qBAAqB,EACrB,mBAAmB,EACnB,oBAAoB,EACpB,kBAAkB,EACnB,MAAM,eAAe,CAAC;AAOvB,OAAO,EACL,uBAAuB,EACvB,8CAA8C,EAC9C,iCAAiC,EACjC,+BAA+B,EAC/B,6BAA6B,EAC9B,MAAM,4BAA4B,CAAC;AAOpC,OAAO,EACL,sCAAsC,EACtC,sBAAsB,EACtB,yBAAyB,EACzB,wBAAwB,EACxB,sBAAsB,EACvB,MAAM,mBAAmB,CAAC;AAO3B,OAAO,EACL,cAAc,EACd,aAAa,EACb,YAAY,EACZ,uBAAuB,EACxB,MAAM,eAAe,CAAC;AACvB,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EACvB,sBAAsB,EACtB,iBAAiB,EAClB,MAAM,aAAa,CAAC;AAOrB,OAAO,EACL,yBAAyB,EACzB,6BAA6B,EAC7B,yCAAyC,EACzC,+BAA+B,EAC/B,kBAAkB,EAClB,iBAAiB,EACjB,UAAU,EACV,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,cAAc,CAAC;AAatB,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,eAAe,EACf,oBAAoB,EACpB,sBAAsB,EACvB,MAAM,iBAAiB,CAAC;AAYzB,OAAO,EACL,6BAA6B,EAC7B,mCAAmC,EACnC,gBAAgB,EAChB,eAAe,EACf,sBAAsB,EACtB,YAAY,EACZ,iBAAiB,EAClB,MAAM,UAAU,CAAC;AAqBlB,OAAO,EACL,sBAAsB,EACtB,6BAA6B,EAC7B,WAAW,EACX,cAAc,EACf,MAAM,iBAAiB,CAAC;AAMzB,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,gBAAgB,EAChB,gBAAgB,EACjB,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,0BAA0B,EAC1B,0BAA0B,EAC1B,qBAAqB,EACrB,mBAAmB,EACpB,MAAM,UAAU,CAAC;AAWlB,OAAO,EACL,kBAAkB,EAClB,aAAa,EACb,cAAc,EACd,gBAAgB,EACjB,MAAM,YAAY,CAAC;AAMpB,OAAO,EAAE,2BAA2B,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAEhE,OAAO,EACL,kBAAkB,EAClB,kBAAkB,EAClB,6BAA6B,EAC7B,kBAAkB,EACnB,MAAM,cAAc,CAAC;AAMtB,OAAO,EACL,WAAW,EACX,WAAW,EACX,UAAU,EACV,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,QAAQ,EACR,WAAW,EACZ,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,oBAAoB,EACpB,yBAAyB,EACzB,mBAAmB,EACpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,iCAAiC,EACjC,mCAAmC,EACnC,wBAAwB,EACxB,6BAA6B,EAC9B,MAAM,kBAAkB,CAAC;AAQ1B,OAAO,EACL,8BAA8B,EAC9B,uBAAuB,EACvB,8BAA8B,EAC9B,uBAAuB,EACxB,MAAM,iBAAiB,CAAC;AAUzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAE7D,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,EACjB,oBAAoB,EACpB,gBAAgB,EAChB,eAAe,EACf,uBAAuB,EACxB,MAAM,gBAAgB,CAAC;AAMxB,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,kBAAkB,EAClB,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACZ,SAAS,EACT,WAAW,EACZ,MAAM,YAAY,CAAC"}
|
package/dist/org.d.ts
ADDED
|
@@ -0,0 +1,104 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* EVO-7 — Coach mode, slice 1: the pure **org model**. A coach (a `CONDUCTOR`
|
|
3
|
+
* or transversal advisor) helps assign roles and shape who-talks-to-whom across
|
|
4
|
+
* many instances; the *personal organization* is committed to a repo so it is
|
|
5
|
+
* durable, reviewable and diffable. This module is the pure core: it owns the
|
|
6
|
+
* already-parsed org declaration (`H2AOrgManifest` — instances → roles → scopes
|
|
7
|
+
* → comm edges), a total `validateOrgManifest`, and a builder for the signed
|
|
8
|
+
* ratification artifact. No filesystem and no YAML parsing — committed
|
|
9
|
+
* `org.h2a.yaml` parsing and live provisioning are later CLI slices.
|
|
10
|
+
*
|
|
11
|
+
* Topology = `SCOPE` membership: who-may-message-whom is gated by which
|
|
12
|
+
* instances share which scope (presence/`discover` is already scope-filtered).
|
|
13
|
+
* `commEdges` are informational hints only; the actual gate is scope membership.
|
|
14
|
+
*
|
|
15
|
+
* KEY CONSTRAINT — the coach **proposes, does not impose**. A role/scope
|
|
16
|
+
* assignment is never a unilateral coach write: it runs the existing
|
|
17
|
+
* negotiation + signature lifecycle. The coach (a `CONDUCTOR`) signs an
|
|
18
|
+
* `org-proposal` envelope; affected agents may counter / give input; the owning
|
|
19
|
+
* `PRINCIPAL` then emits an `org-ratified` envelope signed by them. Only the
|
|
20
|
+
* ratified manifest is provisioned (provisioning is a later CLI slice, not in
|
|
21
|
+
* this core module). The org-assignment thus introduces no new artifact kind —
|
|
22
|
+
* it is a signed `event` envelope carrying a manifest (parity with the NHI
|
|
23
|
+
* attestation, DEC-088), verified with the standard `verifyEnvelopeSignature`.
|
|
24
|
+
*/
|
|
25
|
+
import { type H2AEnvelope, type H2ARole } from "./types.js";
|
|
26
|
+
/** One instance's place in the org: its role + the scopes it sits in. */
|
|
27
|
+
export interface H2AOrgInstance {
|
|
28
|
+
readonly instance: string;
|
|
29
|
+
readonly role: H2ARole;
|
|
30
|
+
readonly scopes: readonly string[];
|
|
31
|
+
/** Rights the instance's mandate would carry (informational at this slice). */
|
|
32
|
+
readonly mandateRights?: readonly string[];
|
|
33
|
+
}
|
|
34
|
+
/** A who-may-message-whom hint. Informational — actual gating is scope membership. */
|
|
35
|
+
export interface H2AOrgCommEdge {
|
|
36
|
+
readonly from: string;
|
|
37
|
+
readonly to: string;
|
|
38
|
+
}
|
|
39
|
+
/**
|
|
40
|
+
* The committable org declaration: instances → roles → scopes → comm edges,
|
|
41
|
+
* rooted at a single org `scope`. This is the already-parsed object; the
|
|
42
|
+
* committed `org.h2a.yaml` form is a later CLI concern.
|
|
43
|
+
*/
|
|
44
|
+
export interface H2AOrgManifest {
|
|
45
|
+
/** The org's root scope. */
|
|
46
|
+
readonly scope: string;
|
|
47
|
+
readonly version?: string;
|
|
48
|
+
readonly instances: ReadonlyArray<H2AOrgInstance>;
|
|
49
|
+
/** Optional who-may-message-whom hints (informational). */
|
|
50
|
+
readonly commEdges?: ReadonlyArray<H2AOrgCommEdge>;
|
|
51
|
+
}
|
|
52
|
+
/** Validation error codes for an org manifest (total — never thrown). */
|
|
53
|
+
export type H2AOrgValidationError = "no-principal" | "duplicate-instance" | "instance-empty" | "instance-no-scope" | "instance-bad-role" | "edge-unknown-instance";
|
|
54
|
+
export interface H2AOrgValidationResult {
|
|
55
|
+
readonly ok: boolean;
|
|
56
|
+
readonly errors: H2AOrgValidationError[];
|
|
57
|
+
}
|
|
58
|
+
/**
|
|
59
|
+
* Validate an org manifest against the h2a invariants. Total: never throws,
|
|
60
|
+
* returns the (deduped, stable-ordered) set of error codes.
|
|
61
|
+
*
|
|
62
|
+
* Invariants enforced:
|
|
63
|
+
* - every instance id is non-empty (`instance-empty`) and unique
|
|
64
|
+
* (`duplicate-instance`);
|
|
65
|
+
* - every `role` is a canonical {@link H2A_ROLES} member (`instance-bad-role`);
|
|
66
|
+
* - every instance lists at least one scope (`instance-no-scope`);
|
|
67
|
+
* - at least one `PRINCIPAL` is declared — anything owned needs a PRINCIPAL
|
|
68
|
+
* (`no-principal`);
|
|
69
|
+
* - every {@link H2AOrgCommEdge} references declared instances
|
|
70
|
+
* (`edge-unknown-instance`).
|
|
71
|
+
*/
|
|
72
|
+
export declare function validateOrgManifest(manifest: H2AOrgManifest): H2AOrgValidationResult;
|
|
73
|
+
/**
|
|
74
|
+
* The two body kinds of the org-assignment lifecycle: the coach's `org-proposal`
|
|
75
|
+
* and the PRINCIPAL's `org-ratified`. Only the ratified manifest is provisioned.
|
|
76
|
+
*/
|
|
77
|
+
export declare const H2A_ORG_PROPOSAL_BODY_KIND = "org-proposal";
|
|
78
|
+
export declare const H2A_ORG_RATIFIED_BODY_KIND = "org-ratified";
|
|
79
|
+
export type H2AOrgAssignmentKind = typeof H2A_ORG_PROPOSAL_BODY_KIND | typeof H2A_ORG_RATIFIED_BODY_KIND;
|
|
80
|
+
export interface H2AOrgAssignmentBody {
|
|
81
|
+
readonly kind: H2AOrgAssignmentKind;
|
|
82
|
+
readonly manifest: H2AOrgManifest;
|
|
83
|
+
}
|
|
84
|
+
export interface H2AOrgAssignmentActor {
|
|
85
|
+
readonly instance: string;
|
|
86
|
+
readonly role: H2ARole;
|
|
87
|
+
readonly scope: string;
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Build the canonical *unsigned* envelope carrying an org assignment. No new
|
|
91
|
+
* artifact kind — a plain `event` envelope whose body carries the manifest under
|
|
92
|
+
* a `kind` tag, so a recipient verifies it with the standard
|
|
93
|
+
* `verifyEnvelopeSignature`. The caller signs it: a coach/`CONDUCTOR` signs the
|
|
94
|
+
* `org-proposal`, the owning `PRINCIPAL` signs the `org-ratified`. Core never
|
|
95
|
+
* signs, so the private key never enters core. Only the ratified manifest is
|
|
96
|
+
* provisioned (a later CLI slice).
|
|
97
|
+
*/
|
|
98
|
+
export declare function orgAssignmentEnvelope(input: {
|
|
99
|
+
readonly manifest: H2AOrgManifest;
|
|
100
|
+
readonly actor: H2AOrgAssignmentActor;
|
|
101
|
+
readonly kind?: H2AOrgAssignmentKind;
|
|
102
|
+
readonly createdAt?: string;
|
|
103
|
+
}): H2AEnvelope<H2AOrgAssignmentBody>;
|
|
104
|
+
//# sourceMappingURL=org.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"org.d.ts","sourceRoot":"","sources":["../src/org.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAIH,OAAO,EAAa,KAAK,WAAW,EAAE,KAAK,OAAO,EAAE,MAAM,YAAY,CAAC;AAEvE,yEAAyE;AACzE,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,+EAA+E;IAC/E,QAAQ,CAAC,aAAa,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CAC5C;AAED,sFAAsF;AACtF,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,WAAW,cAAc;IAC7B,4BAA4B;IAC5B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC;IAClD,2DAA2D;IAC3D,QAAQ,CAAC,SAAS,CAAC,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC;CACpD;AAED,yEAAyE;AACzE,MAAM,MAAM,qBAAqB,GAC7B,cAAc,GACd,oBAAoB,GACpB,gBAAgB,GAChB,mBAAmB,GACnB,mBAAmB,GACnB,uBAAuB,CAAC;AAE5B,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,qBAAqB,EAAE,CAAC;CAC1C;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,cAAc,GAAG,sBAAsB,CA0CpF;AAED;;;GAGG;AACH,eAAO,MAAM,0BAA0B,iBAAiB,CAAC;AACzD,eAAO,MAAM,0BAA0B,iBAAiB,CAAC;AAEzD,MAAM,MAAM,oBAAoB,GAC5B,OAAO,0BAA0B,GACjC,OAAO,0BAA0B,CAAC;AAEtC,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,IAAI,EAAE,oBAAoB,CAAC;IACpC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;CACnC;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC;IACvB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB;AAED;;;;;;;;GAQG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE;IAC3C,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,qBAAqB,CAAC;IACtC,QAAQ,CAAC,IAAI,CAAC,EAAE,oBAAoB,CAAC;IACrC,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B,GAAG,WAAW,CAAC,oBAAoB,CAAC,CAkBpC"}
|
package/dist/org.js
ADDED
|
@@ -0,0 +1,114 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* EVO-7 — Coach mode, slice 1: the pure **org model**. A coach (a `CONDUCTOR`
|
|
3
|
+
* or transversal advisor) helps assign roles and shape who-talks-to-whom across
|
|
4
|
+
* many instances; the *personal organization* is committed to a repo so it is
|
|
5
|
+
* durable, reviewable and diffable. This module is the pure core: it owns the
|
|
6
|
+
* already-parsed org declaration (`H2AOrgManifest` — instances → roles → scopes
|
|
7
|
+
* → comm edges), a total `validateOrgManifest`, and a builder for the signed
|
|
8
|
+
* ratification artifact. No filesystem and no YAML parsing — committed
|
|
9
|
+
* `org.h2a.yaml` parsing and live provisioning are later CLI slices.
|
|
10
|
+
*
|
|
11
|
+
* Topology = `SCOPE` membership: who-may-message-whom is gated by which
|
|
12
|
+
* instances share which scope (presence/`discover` is already scope-filtered).
|
|
13
|
+
* `commEdges` are informational hints only; the actual gate is scope membership.
|
|
14
|
+
*
|
|
15
|
+
* KEY CONSTRAINT — the coach **proposes, does not impose**. A role/scope
|
|
16
|
+
* assignment is never a unilateral coach write: it runs the existing
|
|
17
|
+
* negotiation + signature lifecycle. The coach (a `CONDUCTOR`) signs an
|
|
18
|
+
* `org-proposal` envelope; affected agents may counter / give input; the owning
|
|
19
|
+
* `PRINCIPAL` then emits an `org-ratified` envelope signed by them. Only the
|
|
20
|
+
* ratified manifest is provisioned (provisioning is a later CLI slice, not in
|
|
21
|
+
* this core module). The org-assignment thus introduces no new artifact kind —
|
|
22
|
+
* it is a signed `event` envelope carrying a manifest (parity with the NHI
|
|
23
|
+
* attestation, DEC-088), verified with the standard `verifyEnvelopeSignature`.
|
|
24
|
+
*/
|
|
25
|
+
import { computeHash } from "./canonical.js";
|
|
26
|
+
import { createEnvelope } from "./envelope.js";
|
|
27
|
+
import { H2A_ROLES } from "./types.js";
|
|
28
|
+
/**
|
|
29
|
+
* Validate an org manifest against the h2a invariants. Total: never throws,
|
|
30
|
+
* returns the (deduped, stable-ordered) set of error codes.
|
|
31
|
+
*
|
|
32
|
+
* Invariants enforced:
|
|
33
|
+
* - every instance id is non-empty (`instance-empty`) and unique
|
|
34
|
+
* (`duplicate-instance`);
|
|
35
|
+
* - every `role` is a canonical {@link H2A_ROLES} member (`instance-bad-role`);
|
|
36
|
+
* - every instance lists at least one scope (`instance-no-scope`);
|
|
37
|
+
* - at least one `PRINCIPAL` is declared — anything owned needs a PRINCIPAL
|
|
38
|
+
* (`no-principal`);
|
|
39
|
+
* - every {@link H2AOrgCommEdge} references declared instances
|
|
40
|
+
* (`edge-unknown-instance`).
|
|
41
|
+
*/
|
|
42
|
+
export function validateOrgManifest(manifest) {
|
|
43
|
+
const errors = new Set();
|
|
44
|
+
const validRoles = new Set(H2A_ROLES);
|
|
45
|
+
const seen = new Set();
|
|
46
|
+
const declared = new Set();
|
|
47
|
+
let hasPrincipal = false;
|
|
48
|
+
for (const inst of manifest.instances) {
|
|
49
|
+
const id = inst.instance;
|
|
50
|
+
if (typeof id !== "string" || id.length === 0) {
|
|
51
|
+
errors.add("instance-empty");
|
|
52
|
+
}
|
|
53
|
+
else {
|
|
54
|
+
if (seen.has(id)) {
|
|
55
|
+
errors.add("duplicate-instance");
|
|
56
|
+
}
|
|
57
|
+
seen.add(id);
|
|
58
|
+
declared.add(id);
|
|
59
|
+
}
|
|
60
|
+
if (!validRoles.has(inst.role)) {
|
|
61
|
+
errors.add("instance-bad-role");
|
|
62
|
+
}
|
|
63
|
+
else if (inst.role === "PRINCIPAL") {
|
|
64
|
+
hasPrincipal = true;
|
|
65
|
+
}
|
|
66
|
+
if (!inst.scopes || inst.scopes.length === 0) {
|
|
67
|
+
errors.add("instance-no-scope");
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
if (!hasPrincipal) {
|
|
71
|
+
errors.add("no-principal");
|
|
72
|
+
}
|
|
73
|
+
for (const edge of manifest.commEdges ?? []) {
|
|
74
|
+
if (!declared.has(edge.from) || !declared.has(edge.to)) {
|
|
75
|
+
errors.add("edge-unknown-instance");
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
return { ok: errors.size === 0, errors: [...errors] };
|
|
79
|
+
}
|
|
80
|
+
/**
|
|
81
|
+
* The two body kinds of the org-assignment lifecycle: the coach's `org-proposal`
|
|
82
|
+
* and the PRINCIPAL's `org-ratified`. Only the ratified manifest is provisioned.
|
|
83
|
+
*/
|
|
84
|
+
export const H2A_ORG_PROPOSAL_BODY_KIND = "org-proposal";
|
|
85
|
+
export const H2A_ORG_RATIFIED_BODY_KIND = "org-ratified";
|
|
86
|
+
/**
|
|
87
|
+
* Build the canonical *unsigned* envelope carrying an org assignment. No new
|
|
88
|
+
* artifact kind — a plain `event` envelope whose body carries the manifest under
|
|
89
|
+
* a `kind` tag, so a recipient verifies it with the standard
|
|
90
|
+
* `verifyEnvelopeSignature`. The caller signs it: a coach/`CONDUCTOR` signs the
|
|
91
|
+
* `org-proposal`, the owning `PRINCIPAL` signs the `org-ratified`. Core never
|
|
92
|
+
* signs, so the private key never enters core. Only the ratified manifest is
|
|
93
|
+
* provisioned (a later CLI slice).
|
|
94
|
+
*/
|
|
95
|
+
export function orgAssignmentEnvelope(input) {
|
|
96
|
+
const body = {
|
|
97
|
+
kind: input.kind ?? H2A_ORG_PROPOSAL_BODY_KIND,
|
|
98
|
+
manifest: input.manifest
|
|
99
|
+
};
|
|
100
|
+
const createdAt = input.createdAt ?? new Date().toISOString();
|
|
101
|
+
const id = `org-${computeHash({ by: input.actor.instance, body, createdAt }).slice(0, 16)}`;
|
|
102
|
+
return createEnvelope({
|
|
103
|
+
id,
|
|
104
|
+
type: "event",
|
|
105
|
+
actor: {
|
|
106
|
+
instance: input.actor.instance,
|
|
107
|
+
role: input.actor.role,
|
|
108
|
+
scope: input.actor.scope
|
|
109
|
+
},
|
|
110
|
+
body,
|
|
111
|
+
createdAt
|
|
112
|
+
});
|
|
113
|
+
}
|
|
114
|
+
//# sourceMappingURL=org.js.map
|
package/dist/org.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"org.js","sourceRoot":"","sources":["../src/org.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAkC,MAAM,YAAY,CAAC;AA6CvE;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAwB;IAC1D,MAAM,MAAM,GAAG,IAAI,GAAG,EAAyB,CAAC;IAChD,MAAM,UAAU,GAAG,IAAI,GAAG,CAAS,SAAS,CAAC,CAAC;IAE9C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IACnC,IAAI,YAAY,GAAG,KAAK,CAAC;IAEzB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;QACtC,MAAM,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC;QACzB,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9C,MAAM,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAC/B,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;gBACjB,MAAM,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YACnC,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACb,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACnB,CAAC;QAED,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAClC,CAAC;aAAM,IAAI,IAAI,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACrC,YAAY,GAAG,IAAI,CAAC;QACtB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC7B,CAAC;IAED,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;QAC5C,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;YACvD,MAAM,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,IAAI,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,MAAM,CAAC,EAAE,CAAC;AACxD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,0BAA0B,GAAG,cAAc,CAAC;AACzD,MAAM,CAAC,MAAM,0BAA0B,GAAG,cAAc,CAAC;AAiBzD;;;;;;;;GAQG;AACH,MAAM,UAAU,qBAAqB,CAAC,KAKrC;IACC,MAAM,IAAI,GAAyB;QACjC,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,0BAA0B;QAC9C,QAAQ,EAAE,KAAK,CAAC,QAAQ;KACzB,CAAC;IACF,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC9D,MAAM,EAAE,GAAG,OAAO,WAAW,CAAC,EAAE,EAAE,EAAE,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;IAC5F,OAAO,cAAc,CAAuB;QAC1C,EAAE;QACF,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,QAAQ,EAAE,KAAK,CAAC,KAAK,CAAC,QAAQ;YAC9B,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,IAAI;YACtB,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,KAAK;SACzB;QACD,IAAI;QACJ,SAAS;KACV,CAAC,CAAC;AACL,CAAC"}
|