npm - @sovr/engine - Versions diffs - 3.2.0 → 3.4.0 - Mend

@sovr/engine 3.2.0 → 3.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.mjs CHANGED Viewed

@@ -1,3 +1,2004 @@
+// src/expressionTree.ts
+function compileFromJSON(rule) {
+  const ast = parseNode(rule);
+  const variables = extractVariables(ast);
+  return {
+    ast,
+    evaluate: (ctx) => evaluateNode(ast, ctx),
+    toString: () => nodeToString(ast),
+    variables
+  };
+}
+function parseNode(rule) {
+  if (rule === null || rule === void 0) {
+    return { type: "LITERAL", value: false };
+  }
+  if (rule.and && Array.isArray(rule.and)) {
+    return {
+      type: "AND",
+      children: rule.and.map((child) => parseNode(child))
+    };
+  }
+  if (rule.or && Array.isArray(rule.or)) {
+    return {
+      type: "OR",
+      children: rule.or.map((child) => parseNode(child))
+    };
+  }
+  if (rule.not) {
+    return {
+      type: "NOT",
+      child: parseNode(rule.not)
+    };
+  }
+  if (rule.fn) {
+    return {
+      type: "COMPARE",
+      operator: rule.op || "==",
+      left: {
+        type: "FUNCTION",
+        name: rule.fn,
+        args: (rule.args || []).map(
+          (a) => typeof a === "string" ? { type: "VARIABLE", path: a } : { type: "LITERAL", value: a }
+        )
+      },
+      right: { type: "LITERAL", value: rule.value }
+    };
+  }
+  if (rule.field && rule.op !== void 0) {
+    return {
+      type: "COMPARE",
+      operator: rule.op,
+      left: { type: "VARIABLE", path: rule.field },
+      right: { type: "LITERAL", value: rule.value }
+    };
+  }
+  if (typeof rule === "boolean") {
+    return { type: "LITERAL", value: rule };
+  }
+  throw new Error(`[ExpressionTree] Invalid rule node: ${JSON.stringify(rule)}`);
+}
+function evaluateNode(node, ctx) {
+  switch (node.type) {
+    case "AND":
+      return node.children.every((child) => evaluateNode(child, ctx));
+    case "OR":
+      return node.children.some((child) => evaluateNode(child, ctx));
+    case "NOT":
+      return !evaluateNode(node.child, ctx);
+    case "COMPARE":
+      return evaluateComparison(node, ctx);
+    case "LITERAL":
+      return Boolean(node.value);
+    case "VARIABLE":
+      return Boolean(resolveVariable(node.path, ctx));
+    case "FUNCTION":
+      return Boolean(evaluateFunction(node, ctx));
+    default:
+      return false;
+  }
+}
+function evaluateComparison(node, ctx) {
+  const leftVal = resolveNode(node.left, ctx);
+  const rightVal = resolveNode(node.right, ctx);
+  switch (node.operator) {
+    case "==":
+      return leftVal == rightVal;
+    case "!=":
+      return leftVal != rightVal;
+    case ">":
+      return Number(leftVal) > Number(rightVal);
+    case "<":
+      return Number(leftVal) < Number(rightVal);
+    case ">=":
+      return Number(leftVal) >= Number(rightVal);
+    case "<=":
+      return Number(leftVal) <= Number(rightVal);
+    case "in":
+      return Array.isArray(rightVal) ? rightVal.includes(leftVal) : false;
+    case "not_in":
+      return Array.isArray(rightVal) ? !rightVal.includes(leftVal) : true;
+    case "contains":
+      return typeof leftVal === "string" && typeof rightVal === "string" ? leftVal.includes(rightVal) : false;
+    case "starts_with":
+      return typeof leftVal === "string" && typeof rightVal === "string" ? leftVal.startsWith(rightVal) : false;
+    case "ends_with":
+      return typeof leftVal === "string" && typeof rightVal === "string" ? leftVal.endsWith(rightVal) : false;
+    case "matches":
+      try {
+        return typeof leftVal === "string" && typeof rightVal === "string" ? new RegExp(rightVal).test(leftVal) : false;
+      } catch {
+        return false;
+      }
+    default:
+      return false;
+  }
+}
+function resolveNode(node, ctx) {
+  switch (node.type) {
+    case "LITERAL":
+      return node.value;
+    case "VARIABLE":
+      return resolveVariable(node.path, ctx);
+    case "FUNCTION":
+      return evaluateFunction(node, ctx);
+    default:
+      return evaluateNode(node, ctx);
+  }
+}
+function resolveVariable(path, ctx) {
+  const parts = path.split(".");
+  let current = ctx;
+  for (const part of parts) {
+    if (current === null || current === void 0) return void 0;
+    current = current[part];
+  }
+  return current;
+}
+var BUILT_IN_FUNCTIONS = {
+  now_hour: () => (/* @__PURE__ */ new Date()).getHours(),
+  now_day: () => (/* @__PURE__ */ new Date()).getDay(),
+  // 0=Sunday
+  now_timestamp: () => Date.now(),
+  len: (args) => {
+    const val = args[0];
+    return typeof val === "string" || Array.isArray(val) ? val.length : 0;
+  },
+  lower: (args) => String(args[0] || "").toLowerCase(),
+  upper: (args) => String(args[0] || "").toUpperCase(),
+  abs: (args) => Math.abs(Number(args[0] || 0)),
+  min: (args) => Math.min(...args.map(Number)),
+  max: (args) => Math.max(...args.map(Number)),
+  coalesce: (args) => args.find((a) => a !== null && a !== void 0),
+  risk_level: (args) => {
+    const score = Number(args[0] || 0);
+    if (score >= 0.9) return "critical";
+    if (score >= 0.7) return "high";
+    if (score >= 0.4) return "medium";
+    return "low";
+  },
+  is_business_hours: () => {
+    const hour = (/* @__PURE__ */ new Date()).getHours();
+    const day = (/* @__PURE__ */ new Date()).getDay();
+    return day >= 1 && day <= 5 && hour >= 9 && hour < 18;
+  }
+};
+function registerFunction(name, fn) {
+  BUILT_IN_FUNCTIONS[name] = fn;
+}
+function evaluateFunction(node, ctx) {
+  const fn = BUILT_IN_FUNCTIONS[node.name];
+  if (!fn) {
+    console.warn(`[ExpressionTree] Unknown function: ${node.name}`);
+    return null;
+  }
+  const resolvedArgs = node.args.map((arg) => resolveNode(arg, ctx));
+  return fn(resolvedArgs, ctx);
+}
+function extractVariables(node) {
+  const vars = /* @__PURE__ */ new Set();
+  function walk(n) {
+    switch (n.type) {
+      case "VARIABLE":
+        vars.add(n.path);
+        break;
+      case "AND":
+      case "OR":
+        n.children.forEach(walk);
+        break;
+      case "NOT":
+        walk(n.child);
+        break;
+      case "COMPARE":
+        walk(n.left);
+        walk(n.right);
+        break;
+      case "FUNCTION":
+        n.args.forEach(walk);
+        break;
+    }
+  }
+  walk(node);
+  return Array.from(vars);
+}
+function nodeToString(node, depth = 0) {
+  const indent = "  ".repeat(depth);
+  switch (node.type) {
+    case "AND":
+      return `${indent}AND(
+${node.children.map((c) => nodeToString(c, depth + 1)).join(",\n")}
+${indent})`;
+    case "OR":
+      return `${indent}OR(
+${node.children.map((c) => nodeToString(c, depth + 1)).join(",\n")}
+${indent})`;
+    case "NOT":
+      return `${indent}NOT(
+${nodeToString(node.child, depth + 1)}
+${indent})`;
+    case "COMPARE":
+      return `${indent}${nodeToString(node.left, 0)} ${node.operator} ${nodeToString(node.right, 0)}`;
+    case "LITERAL":
+      return `${indent}${JSON.stringify(node.value)}`;
+    case "VARIABLE":
+      return `${indent}\${${node.path}}`;
+    case "FUNCTION":
+      return `${indent}${node.name}(${node.args.map((a) => nodeToString(a, 0)).join(", ")})`;
+    default:
+      return `${indent}???`;
+  }
+}
+var ruleCache = /* @__PURE__ */ new Map();
+function compileRuleSet(rules) {
+  ruleCache.clear();
+  for (const rule of rules) {
+    try {
+      ruleCache.set(rule.id, compileFromJSON(rule.condition));
+    } catch (err) {
+      console.error(`[ExpressionTree] Failed to compile rule ${rule.id}: ${rule.name}`, err);
+    }
+  }
+}
+function evaluateRules(rules, ctx) {
+  const sorted = [...rules].sort((a, b) => b.priority - a.priority);
+  const results = [];
+  let matched = null;
+  for (const rule of sorted) {
+    const start = performance.now();
+    const compiled = ruleCache.get(rule.id) || compileFromJSON(rule.condition);
+    let isMatch = false;
+    try {
+      isMatch = compiled.evaluate(ctx);
+    } catch (err) {
+      console.warn(`[ExpressionTree] Rule ${rule.id} evaluation error`, err);
+    }
+    const elapsed = performance.now() - start;
+    results.push({
+      ruleId: rule.id,
+      ruleName: rule.name,
+      matched: isMatch,
+      action: rule.action,
+      evaluationTimeMs: elapsed
+    });
+    if (isMatch && !matched) {
+      matched = rule;
+    }
+  }
+  return { matched, results };
+}
+// src/adaptiveThreshold.ts
+var DEFAULT_THRESHOLDS = [
+  {
+    name: "risk_score",
+    currentValue: 0.7,
+    minValue: 0.3,
+    maxValue: 0.95,
+    alpha: 0.1,
+    maxStepPercent: 5,
+    lastAdjustedAt: 0,
+    directionLock: null,
+    consecutiveAdjustments: 0
+  },
+  {
+    name: "cost_limit_usd",
+    currentValue: 100,
+    minValue: 10,
+    maxValue: 1e4,
+    alpha: 0.05,
+    maxStepPercent: 10,
+    lastAdjustedAt: 0,
+    directionLock: null,
+    consecutiveAdjustments: 0
+  },
+  {
+    name: "latency_p99_ms",
+    currentValue: 5e3,
+    minValue: 1e3,
+    maxValue: 3e4,
+    alpha: 0.15,
+    maxStepPercent: 15,
+    lastAdjustedAt: 0,
+    directionLock: null,
+    consecutiveAdjustments: 0
+  },
+  {
+    name: "hallucination_score",
+    currentValue: 0.5,
+    minValue: 0.1,
+    maxValue: 0.9,
+    alpha: 0.08,
+    maxStepPercent: 5,
+    lastAdjustedAt: 0,
+    directionLock: null,
+    consecutiveAdjustments: 0
+  }
+];
+var AdaptiveThresholdManager = class {
+  thresholds = /* @__PURE__ */ new Map();
+  feedbackBuffer = [];
+  maxBufferSize;
+  cooldownMs;
+  onAdjustment;
+  constructor(options = {}) {
+    this.maxBufferSize = options.maxBufferSize ?? 1e4;
+    this.cooldownMs = options.adjustmentCooldownMs ?? 5 * 60 * 1e3;
+    this.onAdjustment = options.onAdjustment;
+    const configs = options.thresholds ?? DEFAULT_THRESHOLDS;
+    for (const config of configs) {
+      this.thresholds.set(config.name, { ...config });
+    }
+  }
+  // ========== Core API ==========
+  /** Get a threshold by name */
+  getThreshold(name) {
+    const t = this.thresholds.get(name);
+    return t ? { ...t } : void 0;
+  }
+  /** Get all thresholds */
+  getAllThresholds() {
+    return Array.from(this.thresholds.values()).map((t) => ({ ...t }));
+  }
+  /** Record a decision feedback sample */
+  recordFeedback(feedback) {
+    this.feedbackBuffer.push(feedback);
+    if (this.feedbackBuffer.length > this.maxBufferSize) {
+      this.feedbackBuffer.splice(0, this.feedbackBuffer.length - this.maxBufferSize);
+    }
+  }
+  /**
+   * Adjust a single threshold based on feedback (EWMA algorithm).
+   * Returns null if no adjustment is needed (cooldown, insufficient samples, etc.).
+   */
+  async adjustThreshold(thresholdName, windowHours = 24) {
+    const config = this.thresholds.get(thresholdName);
+    if (!config) return null;
+    if (Date.now() - config.lastAdjustedAt < this.cooldownMs) return null;
+    const windowStart = Date.now() - windowHours * 60 * 60 * 1e3;
+    const windowFeedback = this.feedbackBuffer.filter(
+      (f) => f.thresholdName === thresholdName && f.timestamp >= windowStart
+    );
+    if (windowFeedback.length < 10) return null;
+    const fp = windowFeedback.filter((f) => f.outcome === "false_positive").length;
+    const fn = windowFeedback.filter((f) => f.outcome === "false_negative").length;
+    const total = windowFeedback.length;
+    const fpRate = fp / total;
+    const fnRate = fn / total;
+    let direction = "none";
+    let reason = "";
+    if (fpRate > 0.15 && fpRate > fnRate * 2) {
+      direction = "up";
+      reason = `False positive rate ${(fpRate * 100).toFixed(1)}% exceeds 15% threshold`;
+    } else if (fnRate > 0.1 && fnRate > fpRate * 2) {
+      direction = "down";
+      reason = `False negative rate ${(fnRate * 100).toFixed(1)}% exceeds 10% threshold`;
+    }
+    if (direction === "none") return null;
+    if (config.directionLock && config.directionLock !== direction && config.consecutiveAdjustments < 3) {
+      return null;
+    }
+    const errorRate = direction === "up" ? fpRate : fnRate;
+    const ewmaAdjustment = config.alpha * errorRate;
+    const maxStep = config.currentValue * (config.maxStepPercent / 100);
+    const actualStep = Math.min(ewmaAdjustment * config.currentValue, maxStep);
+    const previousValue = config.currentValue;
+    let newValue = direction === "up" ? config.currentValue + actualStep : config.currentValue - actualStep;
+    newValue = Math.max(config.minValue, Math.min(config.maxValue, newValue));
+    config.currentValue = newValue;
+    config.lastAdjustedAt = Date.now();
+    config.consecutiveAdjustments = config.directionLock === direction ? config.consecutiveAdjustments + 1 : 1;
+    config.directionLock = direction;
+    const result = {
+      thresholdName,
+      previousValue,
+      newValue,
+      reason,
+      metrics: { falsePositiveRate: fpRate, falseNegativeRate: fnRate, totalSamples: total, windowHours }
+    };
+    if (this.onAdjustment) {
+      try {
+        await this.onAdjustment(result);
+      } catch (err) {
+        console.warn("[AdaptiveThreshold] Audit callback failed", err);
+      }
+    }
+    return result;
+  }
+  /** Adjust all thresholds */
+  async adjustAll(windowHours = 24) {
+    const results = [];
+    for (const [name] of this.thresholds) {
+      const result = await this.adjustThreshold(name, windowHours);
+      if (result) results.push(result);
+    }
+    return results;
+  }
+  /** Manually override a threshold value */
+  setThresholdManual(name, value) {
+    const config = this.thresholds.get(name);
+    if (!config) return false;
+    if (value < config.minValue || value > config.maxValue) return false;
+    config.currentValue = value;
+    config.lastAdjustedAt = Date.now();
+    config.directionLock = null;
+    config.consecutiveAdjustments = 0;
+    return true;
+  }
+  /** Get feedback statistics for a threshold (or all) */
+  getFeedbackStats(thresholdName, windowHours = 24) {
+    const windowStart = Date.now() - windowHours * 60 * 60 * 1e3;
+    const filtered = this.feedbackBuffer.filter(
+      (f) => f.timestamp >= windowStart && (!thresholdName || f.thresholdName === thresholdName)
+    );
+    const tp = filtered.filter((f) => f.outcome === "true_positive").length;
+    const tn = filtered.filter((f) => f.outcome === "true_negative").length;
+    const fp = filtered.filter((f) => f.outcome === "false_positive").length;
+    const fn = filtered.filter((f) => f.outcome === "false_negative").length;
+    const total = filtered.length;
+    return {
+      total,
+      truePositive: tp,
+      trueNegative: tn,
+      falsePositive: fp,
+      falseNegative: fn,
+      accuracy: total > 0 ? (tp + tn) / total : 0,
+      precision: tp + fp > 0 ? tp / (tp + fp) : 0,
+      recall: tp + fn > 0 ? tp / (tp + fn) : 0
+    };
+  }
+  /** Clear the feedback buffer */
+  clearFeedback() {
+    this.feedbackBuffer.length = 0;
+  }
+};
+// src/featureSwitches.ts
+var SOVR_FEATURE_SWITCHES = {
+  USE_NEW_RISK_ENGINE: {
+    key: "USE_NEW_RISK_ENGINE",
+    description: "Enable new risk engine (expression tree + adaptive threshold), replacing legacy static rule matching",
+    defaultValue: false,
+    category: "risk",
+    impactLevel: "high"
+  },
+  ENFORCE_COST_CAP: {
+    key: "ENFORCE_COST_CAP",
+    description: "Enforce cost cap \u2014 hard-reject execution when agent cost exceeds budget (not just warn)",
+    defaultValue: false,
+    category: "cost",
+    impactLevel: "high"
+  },
+  ENABLE_PROMPT_GUARD: {
+    key: "ENABLE_PROMPT_GUARD",
+    description: "Enable prompt injection guard \u2014 scan all LLM call prompts for injection attacks",
+    defaultValue: true,
+    category: "security",
+    impactLevel: "medium"
+  },
+  DISABLE_EVIDENCE_PAUSE: {
+    key: "DISABLE_EVIDENCE_PAUSE",
+    description: "Disable evidence pause \u2014 keep audit chain writing continuously even under high system load",
+    defaultValue: false,
+    category: "evidence",
+    impactLevel: "medium"
+  }
+};
+var FeatureSwitchesManager = class {
+  cache = /* @__PURE__ */ new Map();
+  cacheTtlMs;
+  onLoad;
+  onSave;
+  constructor(options = {}) {
+    this.cacheTtlMs = options.cacheTtlMs ?? 3e4;
+    this.onLoad = options.onLoad;
+    this.onSave = options.onSave;
+  }
+  /**
+   * Get a switch value (with cache + optional external load).
+   */
+  async getValue(key, tenantId = "default") {
+    const cacheKey = `${tenantId}:${key}`;
+    const cached = this.cache.get(cacheKey);
+    if (cached && Date.now() - cached.updatedAt < this.cacheTtlMs) {
+      return cached.value;
+    }
+    if (this.onLoad) {
+      try {
+        const loaded = await this.onLoad(key, tenantId);
+        if (loaded !== null) {
+          this.cache.set(cacheKey, { value: loaded, updatedAt: Date.now() });
+          return loaded;
+        }
+      } catch (err) {
+        console.warn(`[FeatureSwitch] Failed to load ${key}, using default`, err);
+      }
+    }
+    const def = SOVR_FEATURE_SWITCHES[key];
+    const defaultVal = def ? def.defaultValue : false;
+    this.cache.set(cacheKey, { value: defaultVal, updatedAt: Date.now() });
+    return defaultVal;
+  }
+  /**
+   * Set a switch value (updates cache + optional external save).
+   */
+  async setValue(key, value, tenantId = "default") {
+    const def = SOVR_FEATURE_SWITCHES[key];
+    if (!def) {
+      throw new Error(`Unknown feature switch: ${key}`);
+    }
+    const cacheKey = `${tenantId}:${key}`;
+    if (this.onSave) {
+      await this.onSave(key, value, tenantId);
+    }
+    this.cache.set(cacheKey, { value, updatedAt: Date.now() });
+  }
+  /**
+   * Get all switch states.
+   */
+  async getAll(tenantId = "default") {
+    const result = {};
+    for (const [key, def] of Object.entries(SOVR_FEATURE_SWITCHES)) {
+      const value = await this.getValue(key, tenantId);
+      result[key] = {
+        key,
+        value,
+        description: def.description,
+        category: def.category,
+        impactLevel: def.impactLevel,
+        isDefault: value === def.defaultValue
+      };
+    }
+    return result;
+  }
+  /** Clear the cache (for testing or forced refresh) */
+  clearCache() {
+    this.cache.clear();
+  }
+  // ========== Convenience Checkers ==========
+  async isNewRiskEngineEnabled(tenantId) {
+    return this.getValue("USE_NEW_RISK_ENGINE", tenantId);
+  }
+  async isCostCapEnforced(tenantId) {
+    return this.getValue("ENFORCE_COST_CAP", tenantId);
+  }
+  async isPromptGuardEnabled(tenantId) {
+    return this.getValue("ENABLE_PROMPT_GUARD", tenantId);
+  }
+  async isEvidencePauseDisabled(tenantId) {
+    return this.getValue("DISABLE_EVIDENCE_PAUSE", tenantId);
+  }
+};
+// src/pricingRules.ts
+var PricingRulesEngine = class {
+  rules = [];
+  constructor(rules) {
+    if (rules) {
+      this.loadRules(rules);
+    }
+  }
+  /** Load rules (sorted by priority descending) */
+  loadRules(rules) {
+    this.rules = [...rules].filter((r) => r.isActive).sort((a, b) => b.priority - a.priority);
+  }
+  /** Add a single rule */
+  addRule(rule) {
+    this.rules.push(rule);
+    this.rules.sort((a, b) => b.priority - a.priority);
+  }
+  /** Get all loaded rules */
+  getRules() {
+    return this.rules;
+  }
+  /**
+   * Evaluate pricing for an action.
+   * Returns the computed cost and breakdown.
+   */
+  evaluate(request) {
+    const currentHour = request.currentHour ?? (/* @__PURE__ */ new Date()).getHours();
+    for (const rule of this.rules) {
+      if (rule.tier && rule.tier !== request.tier) continue;
+      if (!this.globMatch(rule.actionPattern, request.action)) continue;
+      let timeWindowActive = false;
+      if (rule.timeWindowStart >= 0 && rule.timeWindowEnd >= 0) {
+        if (rule.timeWindowStart <= rule.timeWindowEnd) {
+          timeWindowActive = currentHour >= rule.timeWindowStart && currentHour < rule.timeWindowEnd;
+        } else {
+          timeWindowActive = currentHour >= rule.timeWindowStart || currentHour < rule.timeWindowEnd;
+        }
+        if (!timeWindowActive) continue;
+      } else {
+        timeWindowActive = false;
+      }
+      let cost = rule.baseCostUsd * rule.multiplier;
+      let discountPercent = 0;
+      if (rule.volumeDiscountThreshold > 0 && request.currentVolume >= rule.volumeDiscountThreshold) {
+        discountPercent = rule.volumeDiscountPercent;
+        cost = cost * (1 - discountPercent / 100);
+      }
+      const parts = [`base=$${rule.baseCostUsd.toFixed(4)}`];
+      if (rule.multiplier !== 1) parts.push(`\xD7${rule.multiplier}`);
+      if (discountPercent > 0) parts.push(`-${discountPercent}% vol`);
+      if (timeWindowActive) parts.push(`[time:${rule.timeWindowStart}-${rule.timeWindowEnd}]`);
+      return {
+        costUsd: Math.max(0, cost),
+        baseCostUsd: rule.baseCostUsd,
+        multiplier: rule.multiplier,
+        volumeDiscountPercent: discountPercent,
+        timeWindowActive,
+        matchedRuleId: rule.id,
+        breakdown: parts.join(" ")
+      };
+    }
+    return {
+      costUsd: 0,
+      baseCostUsd: 0,
+      multiplier: 1,
+      volumeDiscountPercent: 0,
+      timeWindowActive: false,
+      matchedRuleId: null,
+      breakdown: "no matching pricing rule"
+    };
+  }
+  globMatch(pattern, value) {
+    if (pattern === "*") return true;
+    const regex = new RegExp(
+      "^" + pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*").replace(/\?/g, ".") + "$"
+    );
+    return regex.test(value);
+  }
+};
+// src/recalculationEngine.ts
+var idCounter = 0;
+function genId(prefix) {
+  return `${prefix}_${Date.now()}_${++idCounter}`;
+}
+function simpleHash(data) {
+  let hash = 0;
+  for (let i = 0; i < data.length; i++) {
+    const char = data.charCodeAt(i);
+    hash = (hash << 5) - hash + char;
+    hash = hash & hash;
+  }
+  return "h_" + Math.abs(hash).toString(16).padStart(8, "0");
+}
+var RecalculationEngine = class {
+  tasks = /* @__PURE__ */ new Map();
+  consistencyResults = /* @__PURE__ */ new Map();
+  snapshots = /* @__PURE__ */ new Map();
+  handlers = /* @__PURE__ */ new Map();
+  config;
+  constructor(config = {}) {
+    this.config = { maxRangeDays: 30, ...config };
+  }
+  /** G3: Trigger recalculation */
+  triggerRecalculation(input) {
+    if (input.fromTs >= input.toTs) throw new Error("fromTs must be before toTs");
+    const maxMs = this.config.maxRangeDays * 864e5;
+    if (input.toTs - input.fromTs > maxMs) throw new Error(`Range exceeds ${this.config.maxRangeDays} days`);
+    const task = {
+      id: genId("recalc"),
+      tenantId: input.tenantId,
+      triggerType: input.triggerType,
+      triggeredBy: input.triggeredBy,
+      reason: input.reason,
+      fromTs: input.fromTs,
+      toTs: input.toTs,
+      granularity: input.granularity || "all",
+      incremental: input.incremental || false,
+      incrementalCheckpoint: input.incrementalCheckpoint,
+      status: "pending",
+      progress: 0,
+      bucketsProcessed: 0,
+      rowsUpserted: 0,
+      createdAt: Date.now(),
+      traceId: genId("trace")
+    };
+    this.tasks.set(task.id, task);
+    this.audit("recalc.triggered", { taskId: task.id, triggerType: task.triggerType, reason: task.reason });
+    return task;
+  }
+  /** Execute recalculation task */
+  async executeTask(taskId) {
+    const task = this.tasks.get(taskId);
+    if (!task) throw new Error(`Task not found: ${taskId}`);
+    if (task.status !== "pending") throw new Error(`Task not pending: ${task.status}`);
+    task.status = "running";
+    task.startedAt = Date.now();
+    this.audit("recalc.started", { taskId: task.id });
+    try {
+      const preSnapshot = this.createSnapshot(task.tenantId, "pre_recalc", task.id);
+      const handler = this.handlers.get(task.granularity);
+      if (handler) {
+        const result = await handler(task);
+        task.bucketsProcessed = result.bucketsProcessed;
+        task.rowsUpserted = result.rowsUpserted;
+        const postSnapshot = this.createSnapshot(task.tenantId, "post_recalc", task.id, result.metrics);
+        task.consistencyResult = this.verifyConsistency(task.id, preSnapshot, postSnapshot, result.metrics);
+      } else {
+        const segmentMs = task.granularity === "5m" ? 3e5 : task.granularity === "1h" ? 36e5 : task.granularity === "1d" ? 864e5 : 36e5;
+        const totalSegments = Math.ceil((task.toTs - task.fromTs) / segmentMs);
+        task.bucketsProcessed = totalSegments;
+        task.progress = 100;
+      }
+      task.status = "completed";
+      task.completedAt = Date.now();
+      task.progress = 100;
+      this.audit("recalc.completed", {
+        taskId: task.id,
+        bucketsProcessed: task.bucketsProcessed,
+        durationMs: task.completedAt - (task.startedAt || 0),
+        consistencyRate: task.consistencyResult?.consistencyRate
+      });
+      return task;
+    } catch (error) {
+      task.status = "failed";
+      task.error = error instanceof Error ? error.message : "Unknown error";
+      task.completedAt = Date.now();
+      this.audit("recalc.failed", { taskId: task.id, error: task.error });
+      return task;
+    }
+  }
+  /** G4: Verify consistency */
+  verifyConsistency(taskId, preSnapshot, postSnapshot, recalculatedMetrics) {
+    const mismatches = [];
+    const metrics = recalculatedMetrics || postSnapshot.metrics;
+    let totalComparisons = 0;
+    let matchCount = 0;
+    for (const [metric, recalcValue] of Object.entries(metrics)) {
+      const currentValue = preSnapshot.metrics[metric];
+      if (currentValue === void 0) continue;
+      totalComparisons++;
+      const deviation = Math.abs(recalcValue - currentValue);
+      const deviationPercent = currentValue !== 0 ? deviation / Math.abs(currentValue) * 100 : recalcValue !== 0 ? 100 : 0;
+      if (deviationPercent < 0.01) {
+        matchCount++;
+      } else {
+        mismatches.push({
+          metric,
+          bucket: `${preSnapshot.id} \u2192 ${postSnapshot.id}`,
+          currentValue,
+          recalculatedValue: recalcValue,
+          deviation,
+          deviationPercent: Math.round(deviationPercent * 100) / 100,
+          severity: deviationPercent > 10 ? "critical" : deviationPercent > 5 ? "high" : deviationPercent > 1 ? "medium" : "low"
+        });
+      }
+    }
+    const consistencyRate = totalComparisons > 0 ? Math.round(matchCount / totalComparisons * 1e4) / 100 : 100;
+    const verificationHash = simpleHash(JSON.stringify({ taskId, pre: preSnapshot.hash, post: postSnapshot.hash, mismatches }));
+    const result = {
+      id: genId("cr"),
+      taskId,
+      status: mismatches.length === 0 ? "consistent" : consistencyRate > 95 ? "partial" : "inconsistent",
+      totalComparisons,
+      matchCount,
+      mismatchCount: mismatches.length,
+      consistencyRate,
+      mismatches,
+      verifiedAt: Date.now(),
+      verificationHash
+    };
+    this.consistencyResults.set(result.id, result);
+    this.audit("recalc.consistency_check", { taskId, consistencyRate, mismatchCount: mismatches.length, status: result.status });
+    return result;
+  }
+  /** G5: Incremental recalculation */
+  triggerIncremental(input) {
+    const completed = Array.from(this.tasks.values()).filter((t) => t.tenantId === input.tenantId && t.status === "completed").sort((a, b) => (b.completedAt || 0) - (a.completedAt || 0));
+    const last = completed[0];
+    const fromTs = last ? last.toTs : Date.now() - 864e5;
+    return this.triggerRecalculation({
+      tenantId: input.tenantId,
+      triggerType: "manual",
+      triggeredBy: input.triggeredBy,
+      reason: input.reason,
+      fromTs,
+      toTs: Date.now(),
+      granularity: input.granularity,
+      incremental: true,
+      incrementalCheckpoint: last?.id
+    });
+  }
+  /** Create aggregate snapshot */
+  createSnapshot(tenantId, snapshotType, taskId, metrics) {
+    const m = metrics || {};
+    const snapshot = {
+      id: genId("snap"),
+      tenantId,
+      snapshotType,
+      taskId,
+      metrics: m,
+      hash: simpleHash(JSON.stringify(m)),
+      createdAt: Date.now()
+    };
+    this.snapshots.set(snapshot.id, snapshot);
+    return snapshot;
+  }
+  /** Register recalculation handler */
+  registerHandler(granularity, handler) {
+    this.handlers.set(granularity, handler);
+  }
+  /** Query functions */
+  getTask(taskId) {
+    return this.tasks.get(taskId);
+  }
+  getTasks(tenantId, limit = 20) {
+    return Array.from(this.tasks.values()).filter((t) => t.tenantId === tenantId).sort((a, b) => b.createdAt - a.createdAt).slice(0, limit);
+  }
+  getConsistencyResult(taskId) {
+    return Array.from(this.consistencyResults.values()).find((r) => r.taskId === taskId);
+  }
+  getSnapshot(snapshotId) {
+    return this.snapshots.get(snapshotId);
+  }
+  cancelTask(taskId) {
+    const task = this.tasks.get(taskId);
+    if (!task || task.status !== "pending") return false;
+    task.status = "cancelled";
+    return true;
+  }
+  audit(type, details) {
+    if (this.config.onAudit) {
+      this.config.onAudit({ type, details, timestamp: Date.now() });
+    }
+  }
+};
+function createRecalculationEngine(config) {
+  return new RecalculationEngine(config);
+}
+// src/autoHarden.ts
+var LEVEL_PRIORITY = {
+  normal: 0,
+  elevated: 1,
+  hardened: 2,
+  lockdown: 3
+};
+var DEFAULT_CONFIG = {
+  enabled: true,
+  levelMeasures: {
+    normal: [],
+    elevated: ["enhanced_audit", "alert_admin"],
+    hardened: ["gate_level_upgrade", "rate_limit_reduce", "enhanced_audit", "alert_admin"],
+    lockdown: ["gate_level_upgrade", "rate_limit_reduce", "enhanced_audit", "ip_block", "session_invalidate", "feature_disable", "alert_admin"]
+  },
+  autoRollbackMs: 30 * 60 * 1e3,
+  rateLimitReductionFactor: 0.25,
+  notifyAdmin: true
+};
+var idCounter2 = 0;
+function genId2(prefix) {
+  return `${prefix}_${Date.now()}_${++idCounter2}`;
+}
+var AutoHardenEngine = class {
+  states = /* @__PURE__ */ new Map();
+  history = [];
+  config;
+  rollbackTimers = /* @__PURE__ */ new Map();
+  maxHistory = 1e3;
+  constructor(config = {}) {
+    this.config = { ...DEFAULT_CONFIG, ...config };
+  }
+  /** Get tenant harden state */
+  getState(tenantId) {
+    return this.states.get(tenantId) || { currentLevel: "normal", activeMeasures: [] };
+  }
+  /** Get current harden level */
+  getLevel(tenantId) {
+    return this.getState(tenantId).currentLevel;
+  }
+  /** Auto-harden (main entry) */
+  async harden(input) {
+    if (!this.config.enabled) throw new Error("AutoHarden is disabled");
+    const state = this.getState(input.tenantId);
+    const traceId = genId2("trace");
+    const targetLevel = input.targetLevel || this.determineLevel(
+      input.manipulationScore || 0,
+      input.reasonCodes || []
+    );
+    if (LEVEL_PRIORITY[targetLevel] <= LEVEL_PRIORITY[state.currentLevel]) {
+      const event2 = {
+        id: genId2("harden"),
+        tenantId: input.tenantId,
+        triggeredBy: input.triggeredBy,
+        reason: `Already at ${state.currentLevel}, target ${targetLevel} skipped`,
+        previousLevel: state.currentLevel,
+        newLevel: state.currentLevel,
+        measures: [],
+        createdAt: Date.now(),
+        rolledBack: false,
+        traceId
+      };
+      this.history.push(event2);
+      return event2;
+    }
+    const measures = this.applyMeasures(input.tenantId, targetLevel);
+    const previousLevel = state.currentLevel;
+    state.currentLevel = targetLevel;
+    state.activeMeasures = measures;
+    state.hardenedSince = Date.now();
+    if (this.config.autoRollbackMs > 0) {
+      state.expectedRollbackAt = Date.now() + this.config.autoRollbackMs;
+      this.scheduleAutoRollback(input.tenantId, this.config.autoRollbackMs);
+    }
+    this.states.set(input.tenantId, state);
+    const event = {
+      id: genId2("harden"),
+      tenantId: input.tenantId,
+      triggeredBy: input.triggeredBy,
+      reason: input.reason,
+      previousLevel,
+      newLevel: targetLevel,
+      measures,
+      createdAt: Date.now(),
+      rolledBack: false,
+      traceId
+    };
+    this.history.push(event);
+    if (this.history.length > this.maxHistory) this.history.shift();
+    state.lastEvent = event;
+    this.audit(event.rolledBack ? "HARDEN_ROLLBACK" : "HARDEN_ACTIVATED", {
+      tenantId: event.tenantId,
+      previousLevel,
+      newLevel: targetLevel,
+      measuresCount: measures.length,
+      measures: measures.map((m) => m.type)
+    });
+    if (this.config.notifyAdmin && this.config.onNotifyAdmin) {
+      try {
+        await this.config.onNotifyAdmin(event);
+      } catch {
+      }
+    }
+    return event;
+  }
+  /** Manual rollback */
+  async rollback(tenantId, rolledBackBy, reason) {
+    const state = this.getState(tenantId);
+    if (state.currentLevel === "normal") throw new Error("Already at normal level");
+    const timer = this.rollbackTimers.get(tenantId);
+    if (timer) {
+      clearTimeout(timer);
+      this.rollbackTimers.delete(tenantId);
+    }
+    const previousLevel = state.currentLevel;
+    const event = {
+      id: genId2("harden"),
+      tenantId,
+      triggeredBy: rolledBackBy,
+      reason: reason || `Manual rollback from ${previousLevel}`,
+      previousLevel,
+      newLevel: "normal",
+      measures: state.activeMeasures.map((m) => ({ ...m, rolledBackAt: Date.now() })),
+      createdAt: Date.now(),
+      rolledBack: true,
+      rolledBackAt: Date.now(),
+      traceId: genId2("trace")
+    };
+    state.currentLevel = "normal";
+    state.activeMeasures = [];
+    state.hardenedSince = void 0;
+    state.expectedRollbackAt = void 0;
+    state.lastEvent = event;
+    this.states.set(tenantId, state);
+    this.history.push(event);
+    this.audit("HARDEN_ROLLBACK", { tenantId, previousLevel, rolledBackBy });
+    return event;
+  }
+  /** Update config */
+  updateConfig(config) {
+    this.config = { ...this.config, ...config };
+    return this.config;
+  }
+  /** Get config */
+  getConfig() {
+    return { ...this.config };
+  }
+  /** Get history */
+  getHistory(tenantId, limit = 50) {
+    const filtered = tenantId ? this.history.filter((e) => e.tenantId === tenantId) : this.history;
+    return filtered.slice(-limit);
+  }
+  /** Get all active hardened states */
+  getActiveStates() {
+    const result = [];
+    this.states.forEach((state, tenantId) => {
+      if (state.currentLevel !== "normal") result.push({ tenantId, state });
+    });
+    return result;
+  }
+  /** Cleanup timers */
+  destroy() {
+    this.rollbackTimers.forEach((t) => clearTimeout(t));
+    this.rollbackTimers.clear();
+  }
+  // Internal
+  determineLevel(score, reasonCodes) {
+    if (reasonCodes.some((c) => c.startsWith("CRIT_"))) return "lockdown";
+    if (score >= 0.8) return "lockdown";
+    if (score >= 0.5) return "hardened";
+    if (score >= 0.3) return "elevated";
+    return "normal";
+  }
+  applyMeasures(tenantId, level) {
+    const types = this.config.levelMeasures[level];
+    return types.map((type) => ({
+      id: genId2("measure"),
+      type,
+      description: this.getMeasureDescription(type, level),
+      applied: true,
+      appliedAt: Date.now()
+    }));
+  }
+  getMeasureDescription(type, level) {
+    const d = {
+      gate_level_upgrade: `Gate approval level upgraded to ${level}`,
+      rate_limit_reduce: `Rate limit reduced to ${this.config.rateLimitReductionFactor * 100}%`,
+      enhanced_audit: "Enhanced audit mode enabled (full recording)",
+      ip_block: "Suspicious IPs blocked",
+      session_invalidate: "All active sessions invalidated",
+      feature_disable: "Non-essential features disabled",
+      alert_admin: "Admin security alert sent"
+    };
+    return d[type] || type;
+  }
+  scheduleAutoRollback(tenantId, delayMs) {
+    const existing = this.rollbackTimers.get(tenantId);
+    if (existing) clearTimeout(existing);
+    const timer = setTimeout(async () => {
+      try {
+        await this.rollback(tenantId, "system:auto_rollback", "Auto rollback after timeout");
+      } catch {
+      }
+      this.rollbackTimers.delete(tenantId);
+    }, delayMs);
+    this.rollbackTimers.set(tenantId, timer);
+  }
+  audit(type, details) {
+    if (this.config.onAudit) {
+      this.config.onAudit({ type, details, timestamp: Date.now() });
+    }
+  }
+};
+function createAutoHardenEngine(config) {
+  return new AutoHardenEngine(config);
+}
+// src/costEstimator.ts
+var DEFAULT_MODEL_PRICING = [
+  {
+    modelId: "gpt-4o",
+    modelName: "GPT-4o",
+    inputPricePerKToken: 25e-4,
+    outputPricePerKToken: 0.01,
+    cachedInputPricePerKToken: 125e-5,
+    maxContextLength: 128e3,
+    updatedAt: /* @__PURE__ */ new Date("2025-01-01")
+  },
+  {
+    modelId: "gpt-4o-mini",
+    modelName: "GPT-4o Mini",
+    inputPricePerKToken: 15e-5,
+    outputPricePerKToken: 6e-4,
+    cachedInputPricePerKToken: 75e-6,
+    maxContextLength: 128e3,
+    updatedAt: /* @__PURE__ */ new Date("2025-01-01")
+  },
+  {
+    modelId: "claude-3.5-sonnet",
+    modelName: "Claude 3.5 Sonnet",
+    inputPricePerKToken: 3e-3,
+    outputPricePerKToken: 0.015,
+    cachedInputPricePerKToken: 3e-4,
+    maxContextLength: 2e5,
+    updatedAt: /* @__PURE__ */ new Date("2025-01-01")
+  },
+  {
+    modelId: "claude-3.5-haiku",
+    modelName: "Claude 3.5 Haiku",
+    inputPricePerKToken: 8e-4,
+    outputPricePerKToken: 4e-3,
+    cachedInputPricePerKToken: 8e-5,
+    maxContextLength: 2e5,
+    updatedAt: /* @__PURE__ */ new Date("2025-01-01")
+  },
+  {
+    modelId: "gemini-2.0-flash",
+    modelName: "Gemini 2.0 Flash",
+    inputPricePerKToken: 1e-4,
+    outputPricePerKToken: 4e-4,
+    maxContextLength: 1e6,
+    updatedAt: /* @__PURE__ */ new Date("2025-01-01")
+  }
+];
+var DEFAULT_TOOL_PRICING = [
+  { toolId: "web_search", toolName: "Web Search", costPerCall: 5e-3, multiplier: 1, updatedAt: /* @__PURE__ */ new Date() },
+  { toolId: "code_exec", toolName: "Code Execution", costPerCall: 2e-3, multiplier: 1, updatedAt: /* @__PURE__ */ new Date() },
+  { toolId: "file_read", toolName: "File Read", costPerCall: 1e-3, multiplier: 1, updatedAt: /* @__PURE__ */ new Date() },
+  { toolId: "db_query", toolName: "Database Query", costPerCall: 3e-3, multiplier: 1, updatedAt: /* @__PURE__ */ new Date() },
+  { toolId: "api_call", toolName: "External API Call", costPerCall: 0.01, multiplier: 1.5, updatedAt: /* @__PURE__ */ new Date() }
+];
+var DEFAULT_HUMAN_RATES = [
+  { level: "standard", hourlyRate: 50, avgReviewMinutes: 5 },
+  { level: "senior", hourlyRate: 100, avgReviewMinutes: 10 },
+  { level: "executive", hourlyRate: 200, avgReviewMinutes: 15 }
+];
+var modelPricing = [...DEFAULT_MODEL_PRICING];
+var toolPricing = [...DEFAULT_TOOL_PRICING];
+var humanRates = [...DEFAULT_HUMAN_RATES];
+var accuracyRecords = [];
+var MAX_ACCURACY_RECORDS = 1e4;
+function estimateCost(request) {
+  const id = `est_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
+  const model = modelPricing.find((m) => m.modelId === request.modelId) || modelPricing[0];
+  const inputCost = request.estimatedInputTokens / 1e3 * model.inputPricePerKToken;
+  const outputCost = request.estimatedOutputTokens / 1e3 * model.outputPricePerKToken;
+  const modelCostTotal = inputCost + outputCost;
+  const toolItems = [];
+  let toolCostTotal = 0;
+  if (request.toolCalls) {
+    for (const tc of request.toolCalls) {
+      const tool = toolPricing.find((t) => t.toolId === tc.toolId);
+      if (tool) {
+        const total = tc.estimatedCalls * tool.costPerCall * tool.multiplier;
+        toolItems.push({
+          toolId: tc.toolId,
+          calls: tc.estimatedCalls,
+          costPerCall: tool.costPerCall,
+          total
+        });
+        toolCostTotal += total;
+      }
+    }
+  }
+  let humanCost = null;
+  if (request.requiresHumanReview) {
+    const rate = humanRates.find((r) => r.level === (request.humanReviewLevel || "standard")) || humanRates[0];
+    const humanTotal = rate.avgReviewMinutes / 60 * rate.hourlyRate;
+    humanCost = {
+      level: rate.level,
+      hourlyRate: rate.hourlyRate,
+      estimatedMinutes: rate.avgReviewMinutes,
+      total: humanTotal
+    };
+  }
+  const totalCost = modelCostTotal + toolCostTotal + (humanCost?.total || 0);
+  const avgDeviation = getAverageDeviation();
+  const confidence = {
+    low: totalCost * (1 - avgDeviation),
+    high: totalCost * (1 + avgDeviation),
+    level: Math.max(0, 1 - avgDeviation)
+  };
+  return {
+    id,
+    modelCost: {
+      inputCost: Math.round(inputCost * 1e6) / 1e6,
+      outputCost: Math.round(outputCost * 1e6) / 1e6,
+      total: Math.round(modelCostTotal * 1e6) / 1e6
+    },
+    toolCost: {
+      items: toolItems,
+      total: Math.round(toolCostTotal * 1e6) / 1e6
+    },
+    humanCost,
+    totalCost: Math.round(totalCost * 1e6) / 1e6,
+    confidence,
+    estimatedAt: /* @__PURE__ */ new Date()
+  };
+}
+function recordActualCost(estimateId, actualCost) {
+  const record = {
+    estimateId,
+    estimatedCost: 0,
+    // 需要外部传入
+    actualCost,
+    deviation: 0,
+    deviationPercent: 0,
+    recordedAt: /* @__PURE__ */ new Date()
+  };
+  accuracyRecords.push(record);
+  if (accuracyRecords.length > MAX_ACCURACY_RECORDS) accuracyRecords.shift();
+  return record;
+}
+function getAverageDeviation() {
+  if (accuracyRecords.length === 0) return 0.3;
+  const deviations = accuracyRecords.filter((r) => r.estimatedCost > 0).map((r) => Math.abs(r.deviationPercent));
+  if (deviations.length === 0) return 0.3;
+  return deviations.reduce((sum, d) => sum + d, 0) / deviations.length / 100;
+}
+function updateModelPricing(pricing) {
+  const index = modelPricing.findIndex((m) => m.modelId === pricing.modelId);
+  if (index >= 0) {
+    modelPricing[index] = pricing;
+  } else {
+    modelPricing.push(pricing);
+  }
+}
+function updateToolPricing(pricing) {
+  const index = toolPricing.findIndex((t) => t.toolId === pricing.toolId);
+  if (index >= 0) {
+    toolPricing[index] = pricing;
+  } else {
+    toolPricing.push(pricing);
+  }
+}
+function getModelPricingTable() {
+  return [...modelPricing];
+}
+function getToolPricingTable() {
+  return [...toolPricing];
+}
+function getAccuracyStats() {
+  const avgDev = getAverageDeviation();
+  return {
+    totalRecords: accuracyRecords.length,
+    avgDeviation: avgDev,
+    avgDeviationPercent: avgDev * 100,
+    confidenceLevel: Math.max(0, 1 - avgDev)
+  };
+}
+// src/semanticDriftDetector.ts
+var DEFAULT_CONFIG2 = {
+  lowThreshold: 0.1,
+  mediumThreshold: 0.3,
+  highThreshold: 0.5,
+  criticalThreshold: 0.7,
+  onDriftDetected: void 0,
+  onAudit: void 0
+};
+var SemanticDriftDetectorEngine = class {
+  fingerprints = /* @__PURE__ */ new Map();
+  history = [];
+  config;
+  constructor(config = {}) {
+    this.config = { ...DEFAULT_CONFIG2, ...config };
+  }
+  /**
+   * 计算策略语义指纹
+   */
+  computeFingerprint(snapshot) {
+    const rules = snapshot.rules;
+    const resourceSet = [...new Set(rules.map((r) => r.resource))].sort();
+    const actionSet = [...new Set(rules.map((r) => r.action))].sort();
+    const fingerprint = {
+      version: snapshot.version,
+      hash: this.hashRules(rules),
+      ruleCount: rules.length,
+      allowCount: rules.filter((r) => r.decision === "ALLOW").length,
+      denyCount: rules.filter((r) => r.decision === "DENY").length,
+      reviewCount: rules.filter((r) => r.decision === "REVIEW").length,
+      resourceSet,
+      actionSet,
+      conditionDepth: this.maxConditionDepth(rules),
+      timestamp: Date.now()
+    };
+    this.fingerprints.set(snapshot.version, fingerprint);
+    return fingerprint;
+  }
+  /**
+   * 检测两个版本间的语义漂移
+   */
+  detectDrift(from, to) {
+    const fromRuleMap = new Map(from.rules.map((r) => [r.id, r]));
+    const toRuleMap = new Map(to.rules.map((r) => [r.id, r]));
+    const addedRules = [];
+    const removedRules = [];
+    const modifiedRules = [];
+    const decisionChanges = [];
+    for (const [id, toRule] of toRuleMap) {
+      const fromRule = fromRuleMap.get(id);
+      if (!fromRule) {
+        addedRules.push(id);
+      } else if (this.ruleChanged(fromRule, toRule)) {
+        modifiedRules.push(id);
+        if (fromRule.decision !== toRule.decision) {
+          decisionChanges.push({ ruleId: id, from: fromRule.decision, to: toRule.decision });
+        }
+      }
+    }
+    for (const id of fromRuleMap.keys()) {
+      if (!toRuleMap.has(id)) {
+        removedRules.push(id);
+      }
+    }
+    const fromResources = new Set(from.rules.map((r) => r.resource));
+    const toResources = new Set(to.rules.map((r) => r.resource));
+    const newResources = [...toResources].filter((r) => !fromResources.has(r));
+    const removedResources = [...fromResources].filter((r) => !toResources.has(r));
+    const totalRules = Math.max(from.rules.length, to.rules.length, 1);
+    const changeCount = addedRules.length + removedRules.length + modifiedRules.length;
+    const decisionWeight = decisionChanges.length * 2;
+    const driftScore = Math.min(1, (changeCount + decisionWeight) / totalRules);
+    let severity = "none";
+    if (driftScore >= this.config.criticalThreshold) severity = "critical";
+    else if (driftScore >= this.config.highThreshold) severity = "high";
+    else if (driftScore >= this.config.mediumThreshold) severity = "medium";
+    else if (driftScore >= this.config.lowThreshold) severity = "low";
+    const result = {
+      fromVersion: from.version,
+      toVersion: to.version,
+      driftScore,
+      ruleCountDelta: to.rules.length - from.rules.length,
+      addedRules,
+      removedRules,
+      modifiedRules,
+      decisionChanges,
+      newResources,
+      removedResources,
+      severity,
+      timestamp: Date.now()
+    };
+    this.history.push(result);
+    if (severity !== "none" && this.config.onDriftDetected) {
+      this.config.onDriftDetected(result);
+    }
+    if (this.config.onAudit) {
+      this.config.onAudit({
+        type: "drift_detected",
+        details: { fromVersion: from.version, toVersion: to.version, driftScore, severity },
+        timestamp: Date.now()
+      });
+    }
+    return result;
+  }
+  /**
+   * 获取漂移历史
+   */
+  getDriftHistory() {
+    return [...this.history];
+  }
+  /**
+   * 获取指纹
+   */
+  getFingerprint(version) {
+    return this.fingerprints.get(version) ?? null;
+  }
+  /**
+   * 获取漂移趋势
+   */
+  getDriftTrend() {
+    return this.history.map((h) => ({
+      version: h.toVersion,
+      driftScore: h.driftScore,
+      timestamp: h.timestamp
+    }));
+  }
+  // ============================================
+  // 私有方法
+  // ============================================
+  hashRules(rules) {
+    const sorted = [...rules].sort((a, b) => a.id.localeCompare(b.id));
+    const str = sorted.map((r) => `${r.id}:${r.action}:${r.resource}:${r.decision}:${r.priority}`).join("|");
+    let hash = 0;
+    for (let i = 0; i < str.length; i++) {
+      const char = str.charCodeAt(i);
+      hash = (hash << 5) - hash + char;
+      hash = hash & hash;
+    }
+    return "fp_" + Math.abs(hash).toString(16).padStart(8, "0");
+  }
+  ruleChanged(a, b) {
+    return a.action !== b.action || a.resource !== b.resource || a.decision !== b.decision || a.priority !== b.priority || JSON.stringify(a.conditions) !== JSON.stringify(b.conditions);
+  }
+  maxConditionDepth(rules) {
+    let max = 0;
+    for (const r of rules) {
+      if (r.conditions) {
+        max = Math.max(max, this.objectDepth(r.conditions));
+      }
+    }
+    return max;
+  }
+  objectDepth(obj, depth = 0) {
+    let max = depth;
+    for (const val of Object.values(obj)) {
+      if (val && typeof val === "object" && !Array.isArray(val)) {
+        max = Math.max(max, this.objectDepth(val, depth + 1));
+      }
+    }
+    return max;
+  }
+};
+function createSemanticDriftDetector(config) {
+  return new SemanticDriftDetectorEngine(config);
+}
+// src/costGateEnhanced.ts
+var DEFAULT_CONFIG3 = {
+  defaultBudgetUsd: 100,
+  warningThreshold: 0.8,
+  criticalThreshold: 0.95,
+  humanReviewHourlyRateUsd: 50,
+  toolCosts: [],
+  onAudit: void 0,
+  onBudgetExceeded: void 0
+};
+var CostGateEnhancedEngine = class {
+  records = [];
+  budgets = /* @__PURE__ */ new Map();
+  // tenantId → budgetUsd
+  config;
+  toolCostMap = /* @__PURE__ */ new Map();
+  constructor(config = {}) {
+    this.config = { ...DEFAULT_CONFIG3, ...config };
+    for (const tc of this.config.toolCosts) {
+      this.toolCostMap.set(tc.toolName, tc);
+    }
+  }
+  /**
+   * E2: 记录成本并生成汇总
+   */
+  recordCost(record) {
+    this.records.push(record);
+    this.audit("cost_recorded", record.tenantId, { record });
+    return this.checkBudget(record.tenantId, record.agentId, record.action);
+  }
+  /**
+   * E2: 获取成本汇总（滑动窗口）
+   */
+  getCostSummary(tenantId, period) {
+    const now = Date.now();
+    const periodMs = {
+      "1h": 36e5,
+      "24h": 864e5,
+      "7d": 6048e5,
+      "30d": 2592e6
+    };
+    const startTime = now - (periodMs[period] || 864e5);
+    const filtered = this.records.filter((r) => r.tenantId === tenantId && r.timestamp >= startTime);
+    const byCategory = {
+      llm_inference: 0,
+      tool_call: 0,
+      human_review: 0,
+      storage: 0,
+      network: 0,
+      compute: 0,
+      other: 0
+    };
+    const byAgent = {};
+    const byTool = {};
+    let totalCostUsd = 0;
+    for (const r of filtered) {
+      totalCostUsd += r.costUsd;
+      byCategory[r.category] = (byCategory[r.category] || 0) + r.costUsd;
+      byAgent[r.agentId] = (byAgent[r.agentId] || 0) + r.costUsd;
+      if (r.toolName) {
+        byTool[r.toolName] = (byTool[r.toolName] || 0) + r.costUsd;
+      }
+    }
+    this.audit("summary_generated", tenantId, { period, totalCostUsd, recordCount: filtered.length });
+    return {
+      period,
+      totalCostUsd,
+      byCategory,
+      byAgent,
+      byTool,
+      recordCount: filtered.length,
+      avgCostPerAction: filtered.length > 0 ? totalCostUsd / filtered.length : 0,
+      startTime,
+      endTime: now
+    };
+  }
+  /**
+   * E7: getDailyCostStats — 按天统计
+   */
+  getDailyCostStats(tenantId, days = 30) {
+    const now = Date.now();
+    const startTime = now - days * 864e5;
+    const filtered = this.records.filter((r) => r.tenantId === tenantId && r.timestamp >= startTime);
+    const dailyMap = /* @__PURE__ */ new Map();
+    for (const r of filtered) {
+      const date = new Date(r.timestamp).toISOString().split("T")[0];
+      if (!dailyMap.has(date)) {
+        dailyMap.set(date, { records: [], agents: /* @__PURE__ */ new Set() });
+      }
+      const day = dailyMap.get(date);
+      day.records.push(r);
+      day.agents.add(r.agentId);
+    }
+    const budget = this.budgets.get(tenantId) ?? this.config.defaultBudgetUsd;
+    const dailyBudget = budget / 30;
+    return Array.from(dailyMap.entries()).map(([date, { records, agents }]) => {
+      const byCategory = {
+        llm_inference: 0,
+        tool_call: 0,
+        human_review: 0,
+        storage: 0,
+        network: 0,
+        compute: 0,
+        other: 0
+      };
+      let totalCostUsd = 0;
+      for (const r of records) {
+        totalCostUsd += r.costUsd;
+        byCategory[r.category] = (byCategory[r.category] || 0) + r.costUsd;
+      }
+      return {
+        date,
+        totalCostUsd,
+        byCategory,
+        actionCount: records.length,
+        uniqueAgents: agents.size,
+        budgetUtilization: dailyBudget > 0 ? totalCostUsd / dailyBudget : 0
+      };
+    }).sort((a, b) => a.date.localeCompare(b.date));
+  }
+  /**
+   * E9: 计算工具调用成本
+   */
+  calculateToolCost(toolName, tokenCount) {
+    const config = this.toolCostMap.get(toolName);
+    if (!config) return 1e-3;
+    let cost = config.baseCostUsd + config.perCallCostUsd;
+    if (tokenCount && config.perTokenCostUsd) {
+      cost += tokenCount * config.perTokenCostUsd;
+    }
+    if (config.maxCostPerCallUsd) {
+      cost = Math.min(cost, config.maxCostPerCallUsd);
+    }
+    return cost;
+  }
+  /**
+   * E10: 计算人工审批成本
+   */
+  calculateHumanReviewCost(waitTimeMs, reviewTimeMs) {
+    const totalTimeMs = waitTimeMs + reviewTimeMs;
+    const hours = totalTimeMs / 36e5;
+    const costUsd = hours * this.config.humanReviewHourlyRateUsd;
+    return {
+      reviewId: `review_${Date.now()}`,
+      reviewerType: "human",
+      waitTimeMs,
+      reviewTimeMs,
+      costUsd: Math.round(costUsd * 1e4) / 1e4,
+      hourlyRateUsd: this.config.humanReviewHourlyRateUsd
+    };
+  }
+  /**
+   * 设置租户预算
+   */
+  setBudget(tenantId, budgetUsd) {
+    this.budgets.set(tenantId, budgetUsd);
+  }
+  /**
+   * 获取租户预算使用率
+   */
+  getBudgetUtilization(tenantId) {
+    const budget = this.budgets.get(tenantId) ?? this.config.defaultBudgetUsd;
+    const summary = this.getCostSummary(tenantId, "30d");
+    return {
+      used: summary.totalCostUsd,
+      limit: budget,
+      utilization: budget > 0 ? summary.totalCostUsd / budget : 0
+    };
+  }
+  // ============================================
+  // 私有方法
+  // ============================================
+  checkBudget(tenantId, agentId, action) {
+    const budget = this.budgets.get(tenantId) ?? this.config.defaultBudgetUsd;
+    const summary = this.getCostSummary(tenantId, "30d");
+    const utilization = budget > 0 ? summary.totalCostUsd / budget : 0;
+    if (utilization >= 1) {
+      const event = {
+        code: "BUDGET_EXCEEDED",
+        tenantId,
+        agentId,
+        action,
+        currentCostUsd: summary.totalCostUsd,
+        budgetLimitUsd: budget,
+        overage: summary.totalCostUsd - budget,
+        period: "30d",
+        timestamp: Date.now(),
+        severity: "blocked"
+      };
+      this.audit("budget_exceeded", tenantId, { event });
+      if (this.config.onBudgetExceeded) this.config.onBudgetExceeded(event);
+      return event;
+    }
+    if (utilization >= this.config.criticalThreshold) {
+      this.audit("budget_critical", tenantId, { utilization, budget });
+    } else if (utilization >= this.config.warningThreshold) {
+      this.audit("budget_warning", tenantId, { utilization, budget });
+    }
+    return null;
+  }
+  audit(type, tenantId, details) {
+    if (this.config.onAudit) {
+      this.config.onAudit({ type, tenantId, details, timestamp: Date.now() });
+    }
+  }
+};
+function createCostGateEnhanced(config) {
+  return new CostGateEnhancedEngine(config);
+}
+// src/budgetMultiLevel.ts
+var DEFAULT_ALERT_RULES = [
+  { id: "warn_80", threshold: 0.8, severity: "warning", action: "notify", cooldownMs: 36e5 },
+  { id: "crit_95", threshold: 0.95, severity: "critical", action: "throttle", cooldownMs: 18e5 },
+  { id: "block_100", threshold: 1, severity: "critical", action: "block", cooldownMs: 3e5 }
+];
+var DEFAULT_CONFIG4 = {
+  defaultAlertRules: DEFAULT_ALERT_RULES,
+  trendWindowDays: 30,
+  onAlert: void 0,
+  onAudit: void 0
+};
+var MultiLevelBudgetEngine = class {
+  nodes = /* @__PURE__ */ new Map();
+  spendHistory = [];
+  config;
+  constructor(config = {}) {
+    this.config = { ...DEFAULT_CONFIG4, ...config };
+  }
+  /**
+   * F6: 创建预算节点
+   */
+  createNode(node) {
+    const budgetNode = {
+      ...node,
+      spentUsd: 0,
+      children: [],
+      alertRules: node.alertRules ?? [...this.config.defaultAlertRules]
+    };
+    this.nodes.set(budgetNode.id, budgetNode);
+    if (node.parentId) {
+      const parent = this.nodes.get(node.parentId);
+      if (parent) {
+        parent.children.push(budgetNode.id);
+      }
+    }
+    return budgetNode;
+  }
+  /**
+   * F6: 记录支出（向上冒泡到所有父级）
+   */
+  recordSpend(nodeId, amount) {
+    const alerts = [];
+    let current = this.nodes.get(nodeId);
+    while (current) {
+      current.spentUsd += amount;
+      this.spendHistory.push({ nodeId: current.id, amount, timestamp: Date.now() });
+      const nodeAlerts = this.checkAlerts(current);
+      alerts.push(...nodeAlerts);
+      current = current.parentId ? this.nodes.get(current.parentId) : void 0;
+    }
+    return alerts;
+  }
+  /**
+   * F6: 获取节点预算状态（含子节点汇总）
+   */
+  getNodeStatus(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (!node) return null;
+    const childrenSpent = this.getChildrenSpent(nodeId);
+    const utilization = node.budgetUsd > 0 ? node.spentUsd / node.budgetUsd : 0;
+    return {
+      node,
+      utilization,
+      childrenSpent,
+      remaining: Math.max(0, node.budgetUsd - node.spentUsd)
+    };
+  }
+  /**
+   * F7: 预测预算耗尽日期
+   */
+  predictExhaustion(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (!node || node.spentUsd === 0) return null;
+    const remaining = node.budgetUsd - node.spentUsd;
+    if (remaining <= 0) return (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
+    const sevenDaysAgo = Date.now() - 7 * 864e5;
+    const recentSpends = this.spendHistory.filter(
+      (s) => s.nodeId === nodeId && s.timestamp >= sevenDaysAgo
+    );
+    const recentTotal = recentSpends.reduce((sum, s) => sum + s.amount, 0);
+    const dailyRate = recentTotal / 7;
+    if (dailyRate <= 0) return null;
+    const daysRemaining = remaining / dailyRate;
+    const exhaustionDate = new Date(Date.now() + daysRemaining * 864e5);
+    return exhaustionDate.toISOString().split("T")[0];
+  }
+  /**
+   * F8: 生成成本报告
+   */
+  generateReport(rootNodeId) {
+    const nodes = rootNodeId ? this.getSubtree(rootNodeId) : Array.from(this.nodes.values());
+    const byLevel = {
+      organization: { budget: 0, spent: 0, count: 0 },
+      team: { budget: 0, spent: 0, count: 0 },
+      project: { budget: 0, spent: 0, count: 0 },
+      agent: { budget: 0, spent: 0, count: 0 }
+    };
+    let totalBudget = 0;
+    let totalSpent = 0;
+    for (const n of nodes) {
+      byLevel[n.level].budget += n.budgetUsd;
+      byLevel[n.level].spent += n.spentUsd;
+      byLevel[n.level].count++;
+      if (n.children.length === 0) {
+        totalBudget += n.budgetUsd;
+        totalSpent += n.spentUsd;
+      }
+    }
+    const topSpenders = nodes.sort((a, b) => b.spentUsd - a.spentUsd).slice(0, 10).map((n) => ({ id: n.id, name: n.name, level: n.level, spent: n.spentUsd }));
+    const trend = this.generateTrend(rootNodeId);
+    return {
+      reportId: `report_${Date.now()}`,
+      generatedAt: Date.now(),
+      period: { start: Date.now() - this.config.trendWindowDays * 864e5, end: Date.now() },
+      totalBudgetUsd: totalBudget,
+      totalSpentUsd: totalSpent,
+      utilization: totalBudget > 0 ? totalSpent / totalBudget : 0,
+      byLevel,
+      topSpenders,
+      alerts: [],
+      trend
+    };
+  }
+  /**
+   * 获取所有节点
+   */
+  listNodes(level) {
+    const all = Array.from(this.nodes.values());
+    return level ? all.filter((n) => n.level === level) : all;
+  }
+  // ============================================
+  // 私有方法
+  // ============================================
+  checkAlerts(node) {
+    const alerts = [];
+    const utilization = node.budgetUsd > 0 ? node.spentUsd / node.budgetUsd : 0;
+    for (const rule of node.alertRules) {
+      if (utilization >= rule.threshold) {
+        if (rule.lastTriggeredAt && Date.now() - rule.lastTriggeredAt < rule.cooldownMs) {
+          continue;
+        }
+        rule.lastTriggeredAt = Date.now();
+        const alert = {
+          ruleId: rule.id,
+          nodeId: node.id,
+          nodeName: node.name,
+          level: node.level,
+          severity: rule.severity,
+          action: rule.action,
+          utilization,
+          budgetUsd: node.budgetUsd,
+          spentUsd: node.spentUsd,
+          remainingUsd: Math.max(0, node.budgetUsd - node.spentUsd),
+          predictedExhaustionDate: this.predictExhaustion(node.id) ?? void 0,
+          timestamp: Date.now()
+        };
+        alerts.push(alert);
+        if (this.config.onAlert) this.config.onAlert(alert);
+      }
+    }
+    return alerts;
+  }
+  getChildrenSpent(nodeId) {
+    const node = this.nodes.get(nodeId);
+    if (!node) return 0;
+    let total = 0;
+    for (const childId of node.children) {
+      const child = this.nodes.get(childId);
+      if (child) {
+        total += child.spentUsd;
+      }
+    }
+    return total;
+  }
+  getSubtree(nodeId) {
+    const result = [];
+    const queue = [nodeId];
+    while (queue.length > 0) {
+      const id = queue.shift();
+      const node = this.nodes.get(id);
+      if (node) {
+        result.push(node);
+        queue.push(...node.children);
+      }
+    }
+    return result;
+  }
+  generateTrend(rootNodeId) {
+    const nodeIds = rootNodeId ? new Set(this.getSubtree(rootNodeId).map((n) => n.id)) : null;
+    const startTime = Date.now() - this.config.trendWindowDays * 864e5;
+    const filtered = this.spendHistory.filter((s) => {
+      if (s.timestamp < startTime) return false;
+      if (nodeIds && !nodeIds.has(s.nodeId)) return false;
+      return true;
+    });
+    const dailyMap = /* @__PURE__ */ new Map();
+    for (const s of filtered) {
+      const date = new Date(s.timestamp).toISOString().split("T")[0];
+      dailyMap.set(date, (dailyMap.get(date) ?? 0) + s.amount);
+    }
+    return Array.from(dailyMap.entries()).map(([date, spent]) => ({ date, spent })).sort((a, b) => a.date.localeCompare(b.date));
+  }
+};
+function createMultiLevelBudget(config) {
+  return new MultiLevelBudgetEngine(config);
+}
+// src/evolutionChannel.ts
+var DEFAULT_CONFIG5 = {
+  maxVersions: 50,
+  canaryMinDurationMs: 36e5,
+  // 1 小时
+  autoPromoteThreshold: 0.95,
+  onAudit: void 0
+};
+var EvolutionChannelEngine = class {
+  versions = /* @__PURE__ */ new Map();
+  activeVersionId = null;
+  canaryVersionId = null;
+  abTests = /* @__PURE__ */ new Map();
+  config;
+  constructor(config = {}) {
+    this.config = { ...DEFAULT_CONFIG5, ...config };
+  }
+  /**
+   * 发布新策略版本
+   */
+  publish(version) {
+    if (this.versions.size >= this.config.maxVersions) {
+      this.cleanupOldVersions();
+    }
+    version.status = "draft";
+    version.createdAt = Date.now();
+    this.versions.set(version.id, version);
+    this.audit("publish", version.id, version.version, version.createdBy);
+    return version;
+  }
+  /**
+   * 启动灰度发布
+   */
+  startCanary(versionId, percent, actor) {
+    const version = this.versions.get(versionId);
+    if (!version || version.status !== "draft") return false;
+    if (percent < 1 || percent > 99) return false;
+    version.status = "canary";
+    version.canaryPercent = percent;
+    this.canaryVersionId = versionId;
+    this.audit("canary_start", versionId, version.version, actor, { percent });
+    return true;
+  }
+  /**
+   * 灰度晋升为正式版本
+   */
+  promoteCanary(actor) {
+    if (!this.canaryVersionId) return false;
+    const canary = this.versions.get(this.canaryVersionId);
+    if (!canary || canary.status !== "canary") return false;
+    const elapsed = Date.now() - canary.createdAt;
+    if (elapsed < this.config.canaryMinDurationMs) return false;
+    if (this.activeVersionId) {
+      const old = this.versions.get(this.activeVersionId);
+      if (old) old.status = "deprecated";
+    }
+    canary.status = "active";
+    canary.canaryPercent = 100;
+    this.activeVersionId = this.canaryVersionId;
+    this.canaryVersionId = null;
+    this.audit("canary_promote", canary.id, canary.version, actor);
+    return true;
+  }
+  /**
+   * 灰度回滚
+   */
+  rollbackCanary(actor) {
+    if (!this.canaryVersionId) return false;
+    const canary = this.versions.get(this.canaryVersionId);
+    if (!canary) return false;
+    canary.status = "rollback";
+    canary.canaryPercent = 0;
+    this.canaryVersionId = null;
+    this.audit("canary_rollback", canary.id, canary.version, actor);
+    return true;
+  }
+  /**
+   * 路由决策：根据灰度百分比选择策略版本
+   */
+  resolveVersion(requestHash) {
+    if (this.canaryVersionId) {
+      const canary = this.versions.get(this.canaryVersionId);
+      if (canary && canary.status === "canary") {
+        const hash = requestHash ?? Math.random() * 100;
+        if (hash % 100 < canary.canaryPercent) {
+          return canary;
+        }
+      }
+    }
+    if (this.activeVersionId) {
+      return this.versions.get(this.activeVersionId) ?? null;
+    }
+    return null;
+  }
+  /**
+   * 启动 A/B 测试
+   */
+  startABTest(testId, controlId, treatmentId, trafficSplit, actor) {
+    const control = this.versions.get(controlId);
+    const treatment = this.versions.get(treatmentId);
+    if (!control || !treatment) return null;
+    const test = {
+      id: testId,
+      controlVersionId: controlId,
+      treatmentVersionId: treatmentId,
+      trafficSplit: Math.max(1, Math.min(99, trafficSplit)),
+      startedAt: Date.now(),
+      status: "running",
+      metrics: {
+        controlDecisions: 0,
+        treatmentDecisions: 0,
+        controlAllowRate: 0,
+        treatmentAllowRate: 0,
+        controlAvgLatencyMs: 0,
+        treatmentAvgLatencyMs: 0
+      }
+    };
+    this.abTests.set(testId, test);
+    this.audit("ab_test_start", testId, `${control.version} vs ${treatment.version}`, actor, { trafficSplit });
+    return test;
+  }
+  /**
+   * A/B 测试路由
+   */
+  resolveABTest(testId, requestHash) {
+    const test = this.abTests.get(testId);
+    if (!test || test.status !== "running") return null;
+    const hash = requestHash ?? Math.random() * 100;
+    const isTreatment = hash % 100 < test.trafficSplit;
+    const versionId = isTreatment ? test.treatmentVersionId : test.controlVersionId;
+    const version = this.versions.get(versionId);
+    if (!version) return null;
+    return { version, group: isTreatment ? "treatment" : "control" };
+  }
+  /**
+   * 结束 A/B 测试
+   */
+  endABTest(testId, actor) {
+    const test = this.abTests.get(testId);
+    if (!test) return null;
+    test.status = "completed";
+    this.audit("ab_test_end", testId, "", actor, { metrics: test.metrics });
+    return test;
+  }
+  /**
+   * 获取所有版本
+   */
+  listVersions() {
+    return Array.from(this.versions.values()).sort((a, b) => b.createdAt - a.createdAt);
+  }
+  /**
+   * 获取当前 active 版本
+   */
+  getActiveVersion() {
+    return this.activeVersionId ? this.versions.get(this.activeVersionId) ?? null : null;
+  }
+  // ============================================
+  // 私有方法
+  // ============================================
+  cleanupOldVersions() {
+    const deprecated = Array.from(this.versions.values()).filter((v) => v.status === "deprecated" || v.status === "rollback").sort((a, b) => a.createdAt - b.createdAt);
+    if (deprecated.length > 0) {
+      this.versions.delete(deprecated[0].id);
+    }
+  }
+  audit(type, policyId, version, actor, details) {
+    if (this.config.onAudit) {
+      this.config.onAudit({ type, policyId, version, timestamp: Date.now(), actor, details });
+    }
+  }
+};
+function createEvolutionChannel(config) {
+  return new EvolutionChannelEngine(config);
+}
 // src/index.ts
 var DEFAULT_RULES = [
   // --- HTTP Proxy: Dangerous outbound calls ---
@@ -232,7 +2233,7 @@ var RISK_SCORES = {
   high: 70,
   critical: 95
 };
-var ENGINE_VERSION = "3.2.0";
+var ENGINE_VERSION = "3.4.0";
 var ENGINE_VERSION_CHECK_URL = "https://api.sovr.inc/api/sovr/v1/version/check";
 var ENGINE_TIER_LIMITS = {
   free: { evaluationsPerMonth: 50, irreversibleAllowsPerMonth: 0 },
@@ -486,7 +2487,34 @@ var PolicyEngine = class {
 };
 var index_default = PolicyEngine;
 export {
+  AdaptiveThresholdManager,
+  AutoHardenEngine,
+  CostGateEnhancedEngine,
   DEFAULT_RULES,
+  EvolutionChannelEngine,
+  FeatureSwitchesManager,
+  MultiLevelBudgetEngine,
   PolicyEngine,
-  index_default as default
+  PricingRulesEngine,
+  RecalculationEngine,
+  SOVR_FEATURE_SWITCHES,
+  SemanticDriftDetectorEngine,
+  compileFromJSON,
+  compileRuleSet,
+  createAutoHardenEngine,
+  createCostGateEnhanced,
+  createEvolutionChannel,
+  createMultiLevelBudget,
+  createRecalculationEngine,
+  createSemanticDriftDetector,
+  index_default as default,
+  estimateCost,
+  evaluateRules,
+  getAccuracyStats,
+  getModelPricingTable,
+  getToolPricingTable,
+  recordActualCost,
+  registerFunction,
+  updateModelPricing,
+  updateToolPricing
 };