npm - @sovr/engine - Versions diffs - 3.7.0 → 4.0.0 - Mend

@sovr/engine 3.7.0 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -2768,6 +2768,42 @@ interface AuditEvent {
  * Users can extend or override these.
  */
 declare const DEFAULT_RULES: PolicyRule[];
+/**
+ * SOVR Billing Event Types — aligned with the pricing model:
+ * 1. gate.check — low price or included in quota (every policy evaluation)
+ * 2. gate.block — usually free or very low price (blocked requests)
+ * 3. irreversible.allowed — HIGH PRICE core tax base (allowed irreversible ops)
+ * 4. trust_bundle.issued — medium-high price (Trust Bundle generation)
+ * 5. trust_bundle.exported — higher price (audit necessity)
+ * 6. replay.requested — optional, per-use or monthly (trace replay)
+ * 7. auditor.session — enterprise billing (external audit sessions)
+ */
+type BillingEventType = 'gate.check' | 'gate.block' | 'irreversible.allowed' | 'trust_bundle.issued' | 'trust_bundle.exported' | 'replay.requested' | 'auditor.session';
+interface BillingEvent {
+    event_type: BillingEventType;
+    action: string;
+    resource: string;
+    verdict: string;
+    api_key: string;
+    timestamp: number;
+    metadata?: Record<string, unknown>;
+}
+interface BillingConfig {
+    /** Enable billing event reporting (default: true) */
+    enabled?: boolean;
+    /** Metering endpoint URL (default: SOVR cloud) */
+    meteringEndpoint?: string;
+    /** Batch flush interval in milliseconds (default: 10000) */
+    flushIntervalMs?: number;
+    /** Maximum events in buffer before auto-flush (default: 500) */
+    bufferMax?: number;
+}
+interface BillingStats {
+    eventsReported: number;
+    eventsDropped: number;
+    bufferSize: number;
+    byType: Record<BillingEventType, number>;
+}
 type EngineTier = 'free' | 'personal' | 'starter' | 'pro' | 'enterprise';
 interface EngineTierLimits {
     evaluationsPerMonth: number;
@@ -2782,12 +2818,51 @@ declare class PolicyEngine {
     private _usage;
     private _apiKey;
     private _versionChecked;
+    private _billingEnabled;
+    private _billingEndpoint;
+    private _billingBuffer;
+    private _billingFlushTimer;
+    private _billingFlushInterval;
+    private _billingBufferMax;
+    private _billingStats;
+    private _loginValidated;
     constructor(config: EngineConfig & {
         tier?: EngineTier;
         apiKey?: string;
+        billing?: BillingConfig;
     });
     /** v3.1.0: Async version check — blocks evaluate() on first call if deprecated */
     private _asyncVersionCheck;
+    /**
+     * Async login validation — verifies API Key is bound to a registered user.
+     * Runs once at startup. On failure: logs warning but allows operation (fail-open).
+     * On success: sets tier from server response.
+     */
+    private _asyncLoginValidation;
+    /** Get login validation status */
+    get loginValidated(): boolean;
+    /**
+     * Record a billing event into the buffer.
+     * Fire-and-forget — never blocks the main request flow.
+     */
+    recordBillingEvent(event_type: BillingEventType, action: string, resource: string, verdict: string, metadata?: Record<string, unknown>): void;
+    /**
+     * Flush billing buffer to the metering endpoint.
+     * Batch POST — fire-and-forget with re-queue on failure.
+     */
+    private _flushBillingBuffer;
+    /**
+     * Classify an evaluate() call into the appropriate billing event type.
+     * Key pricing principle: "放行的不可逆动作" is the highest-price tax base.
+     */
+    private _classifyBillingEvent;
+    /** Get billing statistics */
+    get billingStats(): BillingStats;
+    /**
+     * Flush remaining billing events and stop the timer.
+     * Call this before process exit for clean shutdown.
+     */
+    shutdown(): Promise<void>;
     /** Set the current tier (e.g., after API key verification) */
     setTier(tier: EngineTier): void;
     /** Get current tier */
@@ -2831,4 +2906,4 @@ declare class PolicyEngine {
     }): void;
 }
-export { type ABTestConfig, AdaptiveThresholdManager, type AdaptiveThresholdOptions, type AdjustmentResult, type AggregateSnapshot, type AggregationResult, type AggregationType, type AggregationWindow, type AlertEvent, type AlertSeverity$1 as AlertSeverity, type AlertThreshold, type AlertType, type AssembledContext, type AttributionRule, type AuditEvent, AutoHardenEngine, type BudgetAlert, type BudgetConfig, type BudgetLevel, type BudgetNode, type CacheConfig, type CacheEntry, type CacheLayer, type CacheStrategy, type CapabilityFlags, type CapitalizationResult, type Channel, type ChecklistItem, type ChecklistItemStatus, type CircuitBreakerState, type CircuitState, type ClockDriftReport, type CockpitMetric, type CockpitTimeWindow, type ComparableInput, type ComparableResult, type ComparisonNode, type CompiledExpression, type ConsistencyMismatch, type ConsistencyResult, type ConstraintCheckResult, type ConstraintConfig, type ConstraintDecision, type ConstraintLevel, type ConstraintMode, type ConstraintState, type ConstraintTrigger, ContextAccelerator, type ContextAcceleratorConfig, type ContextFragment, type ContextPriority, type ContributionDimension, type ContributionEvent, type ContributionScore, ContributionSettlementEngine, type CostAlert, type CostAuditEvent, type CostCategory$1 as CostCategory, type CostEntry, type CostEstimate, type CostEstimateRequest, type CostGateEnhancedConfig, CostGateEnhancedEngine, type CostRecord, type CostReport, type CostSummary, type DCFInput, type DCFResult, DEFAULT_CA_CONFIG, DEFAULT_GE_CONFIG, DEFAULT_HARD_RULES, DEFAULT_RULES, DEFAULT_SCORING_WEIGHTS, DEFAULT_TSA_CONFIG, type DataPoint, type DecisionFeedback, type DegradationLevel, type DegradeState, type DriftAlert, type DriftAnalyzerConfig, type DriftConfig, type DriftIndex, type DriftPattern, type DriftResult, type DriftWindow, type EligibilityResult, type EngineConfig, type EngineTier, type EngineTierLimits, type EntityType, type EstimateAccuracy, type EvalContext, type EvalRequest, type EvalResult, type EventOrderValidation, type EvictionPolicy, EvolutionChannelEngine, type EvolutionConfig, type EvolutionEvent, type ExecContext, type ExprTreePolicyRule, type ExpressionNode, type FailureBudget, type FailureCategory, type FailureRecord, type FailureSeverity, type FeasibilityCheck, type FeatureSwitchDef, type FeatureSwitchState, FeatureSwitchesManager, type FeatureSwitchesOptions, type CostCategory as FinOpsCostCategory, type FreezeType, type FunctionNode, type PolicyVersion as GovPolicyVersion, type GovernanceDecision, GovernanceEnhancer, type GovernanceEnhancerConfig, type GovernanceRule, type HardRule, type HardenConfig, type HardenEvent, type HardenLevel, type HardenMeasure, type HardenMeasureType, type HardenState, type HealthScore, type HttpContext, type KillSwitchState, type LiteralNode, type LogicalNode, type MarketSize, type McpContext, type MetricPoint, type ModelCandidate, type ModelPricing, type ModelTier, type MonitoringMetrics, type MultiLevelBudgetConfig, MultiLevelBudgetEngine, type NetworkEffectInput, type NetworkEffectResult, type NotNode, OverrideDriftAnalyzer, type OverrideEvent, type PenaltyCheck, PolicyEngine, type PolicyRule, type PolicySnapshot, type PolicyVersion$1 as PolicyVersion, type PrefetchRule, type PricingEvalRequest, type PricingEvalResult, type PricingRule, PricingRulesEngine, type ProtectiveAction, type RankResult, type RankableItem, type RankingConfig, type RankingSnapshot, type RealityConstraint, type ReasonCode, type RecalcEngineConfig, type RecalcGranularity, type RecalcHandler, type RecalcTask, type RecalcTaskStatus, type RecalcTriggerType, RecalculationEngine, type ReleasePhase, type ReleaseVersion, type RiskLevel, type RoutingDecision, type RoutingRequest, type RuleCondition, type RuleEvalResult, SOVR_FEATURE_SWITCHES, type ScoreConfigVersion, type ScoringResult, type ScoringWeights, SelfConstraintEngine, SemanticDriftDetectorEngine, type SemanticFingerprint, type SensitivityResult, type SettlementContext, type SqlContext, type SystemState, TIME_WINDOWS, type ThresholdConfig, type TighteningThresholds, type TimeConsistencyConfig, TimeSeriesAggregator, type TimeSeriesAggregatorConfig, type TimestampRecord, type ToolPricing, TrendAlertEngine, type TrendMetric, TwoPhaseRouter, type TwoPhaseRouterConfig, type UnitEconomics, ValuationModel, type ValuationModelConfig, type VariableNode, type Verdict, type WindowType, compileFromJSON, compileRuleSet, createAutoHardenEngine, createCostGateEnhanced, createEvolutionChannel, createMultiLevelBudget, createRecalculationEngine, createSemanticDriftDetector, PolicyEngine as default, estimateCost, evaluateRules, getAccuracyStats, getModelPricingTable, getToolPricingTable, recordActualCost, registerFunction, updateModelPricing, updateToolPricing };
+export { type ABTestConfig, AdaptiveThresholdManager, type AdaptiveThresholdOptions, type AdjustmentResult, type AggregateSnapshot, type AggregationResult, type AggregationType, type AggregationWindow, type AlertEvent, type AlertSeverity$1 as AlertSeverity, type AlertThreshold, type AlertType, type AssembledContext, type AttributionRule, type AuditEvent, AutoHardenEngine, type BillingConfig, type BillingEvent, type BillingEventType, type BillingStats, type BudgetAlert, type BudgetConfig, type BudgetLevel, type BudgetNode, type CacheConfig, type CacheEntry, type CacheLayer, type CacheStrategy, type CapabilityFlags, type CapitalizationResult, type Channel, type ChecklistItem, type ChecklistItemStatus, type CircuitBreakerState, type CircuitState, type ClockDriftReport, type CockpitMetric, type CockpitTimeWindow, type ComparableInput, type ComparableResult, type ComparisonNode, type CompiledExpression, type ConsistencyMismatch, type ConsistencyResult, type ConstraintCheckResult, type ConstraintConfig, type ConstraintDecision, type ConstraintLevel, type ConstraintMode, type ConstraintState, type ConstraintTrigger, ContextAccelerator, type ContextAcceleratorConfig, type ContextFragment, type ContextPriority, type ContributionDimension, type ContributionEvent, type ContributionScore, ContributionSettlementEngine, type CostAlert, type CostAuditEvent, type CostCategory$1 as CostCategory, type CostEntry, type CostEstimate, type CostEstimateRequest, type CostGateEnhancedConfig, CostGateEnhancedEngine, type CostRecord, type CostReport, type CostSummary, type DCFInput, type DCFResult, DEFAULT_CA_CONFIG, DEFAULT_GE_CONFIG, DEFAULT_HARD_RULES, DEFAULT_RULES, DEFAULT_SCORING_WEIGHTS, DEFAULT_TSA_CONFIG, type DataPoint, type DecisionFeedback, type DegradationLevel, type DegradeState, type DriftAlert, type DriftAnalyzerConfig, type DriftConfig, type DriftIndex, type DriftPattern, type DriftResult, type DriftWindow, type EligibilityResult, type EngineConfig, type EngineTier, type EngineTierLimits, type EntityType, type EstimateAccuracy, type EvalContext, type EvalRequest, type EvalResult, type EventOrderValidation, type EvictionPolicy, EvolutionChannelEngine, type EvolutionConfig, type EvolutionEvent, type ExecContext, type ExprTreePolicyRule, type ExpressionNode, type FailureBudget, type FailureCategory, type FailureRecord, type FailureSeverity, type FeasibilityCheck, type FeatureSwitchDef, type FeatureSwitchState, FeatureSwitchesManager, type FeatureSwitchesOptions, type CostCategory as FinOpsCostCategory, type FreezeType, type FunctionNode, type PolicyVersion as GovPolicyVersion, type GovernanceDecision, GovernanceEnhancer, type GovernanceEnhancerConfig, type GovernanceRule, type HardRule, type HardenConfig, type HardenEvent, type HardenLevel, type HardenMeasure, type HardenMeasureType, type HardenState, type HealthScore, type HttpContext, type KillSwitchState, type LiteralNode, type LogicalNode, type MarketSize, type McpContext, type MetricPoint, type ModelCandidate, type ModelPricing, type ModelTier, type MonitoringMetrics, type MultiLevelBudgetConfig, MultiLevelBudgetEngine, type NetworkEffectInput, type NetworkEffectResult, type NotNode, OverrideDriftAnalyzer, type OverrideEvent, type PenaltyCheck, PolicyEngine, type PolicyRule, type PolicySnapshot, type PolicyVersion$1 as PolicyVersion, type PrefetchRule, type PricingEvalRequest, type PricingEvalResult, type PricingRule, PricingRulesEngine, type ProtectiveAction, type RankResult, type RankableItem, type RankingConfig, type RankingSnapshot, type RealityConstraint, type ReasonCode, type RecalcEngineConfig, type RecalcGranularity, type RecalcHandler, type RecalcTask, type RecalcTaskStatus, type RecalcTriggerType, RecalculationEngine, type ReleasePhase, type ReleaseVersion, type RiskLevel, type RoutingDecision, type RoutingRequest, type RuleCondition, type RuleEvalResult, SOVR_FEATURE_SWITCHES, type ScoreConfigVersion, type ScoringResult, type ScoringWeights, SelfConstraintEngine, SemanticDriftDetectorEngine, type SemanticFingerprint, type SensitivityResult, type SettlementContext, type SqlContext, type SystemState, TIME_WINDOWS, type ThresholdConfig, type TighteningThresholds, type TimeConsistencyConfig, TimeSeriesAggregator, type TimeSeriesAggregatorConfig, type TimestampRecord, type ToolPricing, TrendAlertEngine, type TrendMetric, TwoPhaseRouter, type TwoPhaseRouterConfig, type UnitEconomics, ValuationModel, type ValuationModelConfig, type VariableNode, type Verdict, type WindowType, compileFromJSON, compileRuleSet, createAutoHardenEngine, createCostGateEnhanced, createEvolutionChannel, createMultiLevelBudget, createRecalculationEngine, createSemanticDriftDetector, PolicyEngine as default, estimateCost, evaluateRules, getAccuracyStats, getModelPricingTable, getToolPricingTable, recordActualCost, registerFunction, updateModelPricing, updateToolPricing };

package/dist/index.d.ts CHANGED Viewed

@@ -2768,6 +2768,42 @@ interface AuditEvent {
  * Users can extend or override these.
  */
 declare const DEFAULT_RULES: PolicyRule[];
+/**
+ * SOVR Billing Event Types — aligned with the pricing model:
+ * 1. gate.check — low price or included in quota (every policy evaluation)
+ * 2. gate.block — usually free or very low price (blocked requests)
+ * 3. irreversible.allowed — HIGH PRICE core tax base (allowed irreversible ops)
+ * 4. trust_bundle.issued — medium-high price (Trust Bundle generation)
+ * 5. trust_bundle.exported — higher price (audit necessity)
+ * 6. replay.requested — optional, per-use or monthly (trace replay)
+ * 7. auditor.session — enterprise billing (external audit sessions)
+ */
+type BillingEventType = 'gate.check' | 'gate.block' | 'irreversible.allowed' | 'trust_bundle.issued' | 'trust_bundle.exported' | 'replay.requested' | 'auditor.session';
+interface BillingEvent {
+    event_type: BillingEventType;
+    action: string;
+    resource: string;
+    verdict: string;
+    api_key: string;
+    timestamp: number;
+    metadata?: Record<string, unknown>;
+}
+interface BillingConfig {
+    /** Enable billing event reporting (default: true) */
+    enabled?: boolean;
+    /** Metering endpoint URL (default: SOVR cloud) */
+    meteringEndpoint?: string;
+    /** Batch flush interval in milliseconds (default: 10000) */
+    flushIntervalMs?: number;
+    /** Maximum events in buffer before auto-flush (default: 500) */
+    bufferMax?: number;
+}
+interface BillingStats {
+    eventsReported: number;
+    eventsDropped: number;
+    bufferSize: number;
+    byType: Record<BillingEventType, number>;
+}
 type EngineTier = 'free' | 'personal' | 'starter' | 'pro' | 'enterprise';
 interface EngineTierLimits {
     evaluationsPerMonth: number;
@@ -2782,12 +2818,51 @@ declare class PolicyEngine {
     private _usage;
     private _apiKey;
     private _versionChecked;
+    private _billingEnabled;
+    private _billingEndpoint;
+    private _billingBuffer;
+    private _billingFlushTimer;
+    private _billingFlushInterval;
+    private _billingBufferMax;
+    private _billingStats;
+    private _loginValidated;
     constructor(config: EngineConfig & {
         tier?: EngineTier;
         apiKey?: string;
+        billing?: BillingConfig;
     });
     /** v3.1.0: Async version check — blocks evaluate() on first call if deprecated */
     private _asyncVersionCheck;
+    /**
+     * Async login validation — verifies API Key is bound to a registered user.
+     * Runs once at startup. On failure: logs warning but allows operation (fail-open).
+     * On success: sets tier from server response.
+     */
+    private _asyncLoginValidation;
+    /** Get login validation status */
+    get loginValidated(): boolean;
+    /**
+     * Record a billing event into the buffer.
+     * Fire-and-forget — never blocks the main request flow.
+     */
+    recordBillingEvent(event_type: BillingEventType, action: string, resource: string, verdict: string, metadata?: Record<string, unknown>): void;
+    /**
+     * Flush billing buffer to the metering endpoint.
+     * Batch POST — fire-and-forget with re-queue on failure.
+     */
+    private _flushBillingBuffer;
+    /**
+     * Classify an evaluate() call into the appropriate billing event type.
+     * Key pricing principle: "放行的不可逆动作" is the highest-price tax base.
+     */
+    private _classifyBillingEvent;
+    /** Get billing statistics */
+    get billingStats(): BillingStats;
+    /**
+     * Flush remaining billing events and stop the timer.
+     * Call this before process exit for clean shutdown.
+     */
+    shutdown(): Promise<void>;
     /** Set the current tier (e.g., after API key verification) */
     setTier(tier: EngineTier): void;
     /** Get current tier */
@@ -2831,4 +2906,4 @@ declare class PolicyEngine {
     }): void;
 }
-export { type ABTestConfig, AdaptiveThresholdManager, type AdaptiveThresholdOptions, type AdjustmentResult, type AggregateSnapshot, type AggregationResult, type AggregationType, type AggregationWindow, type AlertEvent, type AlertSeverity$1 as AlertSeverity, type AlertThreshold, type AlertType, type AssembledContext, type AttributionRule, type AuditEvent, AutoHardenEngine, type BudgetAlert, type BudgetConfig, type BudgetLevel, type BudgetNode, type CacheConfig, type CacheEntry, type CacheLayer, type CacheStrategy, type CapabilityFlags, type CapitalizationResult, type Channel, type ChecklistItem, type ChecklistItemStatus, type CircuitBreakerState, type CircuitState, type ClockDriftReport, type CockpitMetric, type CockpitTimeWindow, type ComparableInput, type ComparableResult, type ComparisonNode, type CompiledExpression, type ConsistencyMismatch, type ConsistencyResult, type ConstraintCheckResult, type ConstraintConfig, type ConstraintDecision, type ConstraintLevel, type ConstraintMode, type ConstraintState, type ConstraintTrigger, ContextAccelerator, type ContextAcceleratorConfig, type ContextFragment, type ContextPriority, type ContributionDimension, type ContributionEvent, type ContributionScore, ContributionSettlementEngine, type CostAlert, type CostAuditEvent, type CostCategory$1 as CostCategory, type CostEntry, type CostEstimate, type CostEstimateRequest, type CostGateEnhancedConfig, CostGateEnhancedEngine, type CostRecord, type CostReport, type CostSummary, type DCFInput, type DCFResult, DEFAULT_CA_CONFIG, DEFAULT_GE_CONFIG, DEFAULT_HARD_RULES, DEFAULT_RULES, DEFAULT_SCORING_WEIGHTS, DEFAULT_TSA_CONFIG, type DataPoint, type DecisionFeedback, type DegradationLevel, type DegradeState, type DriftAlert, type DriftAnalyzerConfig, type DriftConfig, type DriftIndex, type DriftPattern, type DriftResult, type DriftWindow, type EligibilityResult, type EngineConfig, type EngineTier, type EngineTierLimits, type EntityType, type EstimateAccuracy, type EvalContext, type EvalRequest, type EvalResult, type EventOrderValidation, type EvictionPolicy, EvolutionChannelEngine, type EvolutionConfig, type EvolutionEvent, type ExecContext, type ExprTreePolicyRule, type ExpressionNode, type FailureBudget, type FailureCategory, type FailureRecord, type FailureSeverity, type FeasibilityCheck, type FeatureSwitchDef, type FeatureSwitchState, FeatureSwitchesManager, type FeatureSwitchesOptions, type CostCategory as FinOpsCostCategory, type FreezeType, type FunctionNode, type PolicyVersion as GovPolicyVersion, type GovernanceDecision, GovernanceEnhancer, type GovernanceEnhancerConfig, type GovernanceRule, type HardRule, type HardenConfig, type HardenEvent, type HardenLevel, type HardenMeasure, type HardenMeasureType, type HardenState, type HealthScore, type HttpContext, type KillSwitchState, type LiteralNode, type LogicalNode, type MarketSize, type McpContext, type MetricPoint, type ModelCandidate, type ModelPricing, type ModelTier, type MonitoringMetrics, type MultiLevelBudgetConfig, MultiLevelBudgetEngine, type NetworkEffectInput, type NetworkEffectResult, type NotNode, OverrideDriftAnalyzer, type OverrideEvent, type PenaltyCheck, PolicyEngine, type PolicyRule, type PolicySnapshot, type PolicyVersion$1 as PolicyVersion, type PrefetchRule, type PricingEvalRequest, type PricingEvalResult, type PricingRule, PricingRulesEngine, type ProtectiveAction, type RankResult, type RankableItem, type RankingConfig, type RankingSnapshot, type RealityConstraint, type ReasonCode, type RecalcEngineConfig, type RecalcGranularity, type RecalcHandler, type RecalcTask, type RecalcTaskStatus, type RecalcTriggerType, RecalculationEngine, type ReleasePhase, type ReleaseVersion, type RiskLevel, type RoutingDecision, type RoutingRequest, type RuleCondition, type RuleEvalResult, SOVR_FEATURE_SWITCHES, type ScoreConfigVersion, type ScoringResult, type ScoringWeights, SelfConstraintEngine, SemanticDriftDetectorEngine, type SemanticFingerprint, type SensitivityResult, type SettlementContext, type SqlContext, type SystemState, TIME_WINDOWS, type ThresholdConfig, type TighteningThresholds, type TimeConsistencyConfig, TimeSeriesAggregator, type TimeSeriesAggregatorConfig, type TimestampRecord, type ToolPricing, TrendAlertEngine, type TrendMetric, TwoPhaseRouter, type TwoPhaseRouterConfig, type UnitEconomics, ValuationModel, type ValuationModelConfig, type VariableNode, type Verdict, type WindowType, compileFromJSON, compileRuleSet, createAutoHardenEngine, createCostGateEnhanced, createEvolutionChannel, createMultiLevelBudget, createRecalculationEngine, createSemanticDriftDetector, PolicyEngine as default, estimateCost, evaluateRules, getAccuracyStats, getModelPricingTable, getToolPricingTable, recordActualCost, registerFunction, updateModelPricing, updateToolPricing };
+export { type ABTestConfig, AdaptiveThresholdManager, type AdaptiveThresholdOptions, type AdjustmentResult, type AggregateSnapshot, type AggregationResult, type AggregationType, type AggregationWindow, type AlertEvent, type AlertSeverity$1 as AlertSeverity, type AlertThreshold, type AlertType, type AssembledContext, type AttributionRule, type AuditEvent, AutoHardenEngine, type BillingConfig, type BillingEvent, type BillingEventType, type BillingStats, type BudgetAlert, type BudgetConfig, type BudgetLevel, type BudgetNode, type CacheConfig, type CacheEntry, type CacheLayer, type CacheStrategy, type CapabilityFlags, type CapitalizationResult, type Channel, type ChecklistItem, type ChecklistItemStatus, type CircuitBreakerState, type CircuitState, type ClockDriftReport, type CockpitMetric, type CockpitTimeWindow, type ComparableInput, type ComparableResult, type ComparisonNode, type CompiledExpression, type ConsistencyMismatch, type ConsistencyResult, type ConstraintCheckResult, type ConstraintConfig, type ConstraintDecision, type ConstraintLevel, type ConstraintMode, type ConstraintState, type ConstraintTrigger, ContextAccelerator, type ContextAcceleratorConfig, type ContextFragment, type ContextPriority, type ContributionDimension, type ContributionEvent, type ContributionScore, ContributionSettlementEngine, type CostAlert, type CostAuditEvent, type CostCategory$1 as CostCategory, type CostEntry, type CostEstimate, type CostEstimateRequest, type CostGateEnhancedConfig, CostGateEnhancedEngine, type CostRecord, type CostReport, type CostSummary, type DCFInput, type DCFResult, DEFAULT_CA_CONFIG, DEFAULT_GE_CONFIG, DEFAULT_HARD_RULES, DEFAULT_RULES, DEFAULT_SCORING_WEIGHTS, DEFAULT_TSA_CONFIG, type DataPoint, type DecisionFeedback, type DegradationLevel, type DegradeState, type DriftAlert, type DriftAnalyzerConfig, type DriftConfig, type DriftIndex, type DriftPattern, type DriftResult, type DriftWindow, type EligibilityResult, type EngineConfig, type EngineTier, type EngineTierLimits, type EntityType, type EstimateAccuracy, type EvalContext, type EvalRequest, type EvalResult, type EventOrderValidation, type EvictionPolicy, EvolutionChannelEngine, type EvolutionConfig, type EvolutionEvent, type ExecContext, type ExprTreePolicyRule, type ExpressionNode, type FailureBudget, type FailureCategory, type FailureRecord, type FailureSeverity, type FeasibilityCheck, type FeatureSwitchDef, type FeatureSwitchState, FeatureSwitchesManager, type FeatureSwitchesOptions, type CostCategory as FinOpsCostCategory, type FreezeType, type FunctionNode, type PolicyVersion as GovPolicyVersion, type GovernanceDecision, GovernanceEnhancer, type GovernanceEnhancerConfig, type GovernanceRule, type HardRule, type HardenConfig, type HardenEvent, type HardenLevel, type HardenMeasure, type HardenMeasureType, type HardenState, type HealthScore, type HttpContext, type KillSwitchState, type LiteralNode, type LogicalNode, type MarketSize, type McpContext, type MetricPoint, type ModelCandidate, type ModelPricing, type ModelTier, type MonitoringMetrics, type MultiLevelBudgetConfig, MultiLevelBudgetEngine, type NetworkEffectInput, type NetworkEffectResult, type NotNode, OverrideDriftAnalyzer, type OverrideEvent, type PenaltyCheck, PolicyEngine, type PolicyRule, type PolicySnapshot, type PolicyVersion$1 as PolicyVersion, type PrefetchRule, type PricingEvalRequest, type PricingEvalResult, type PricingRule, PricingRulesEngine, type ProtectiveAction, type RankResult, type RankableItem, type RankingConfig, type RankingSnapshot, type RealityConstraint, type ReasonCode, type RecalcEngineConfig, type RecalcGranularity, type RecalcHandler, type RecalcTask, type RecalcTaskStatus, type RecalcTriggerType, RecalculationEngine, type ReleasePhase, type ReleaseVersion, type RiskLevel, type RoutingDecision, type RoutingRequest, type RuleCondition, type RuleEvalResult, SOVR_FEATURE_SWITCHES, type ScoreConfigVersion, type ScoringResult, type ScoringWeights, SelfConstraintEngine, SemanticDriftDetectorEngine, type SemanticFingerprint, type SensitivityResult, type SettlementContext, type SqlContext, type SystemState, TIME_WINDOWS, type ThresholdConfig, type TighteningThresholds, type TimeConsistencyConfig, TimeSeriesAggregator, type TimeSeriesAggregatorConfig, type TimestampRecord, type ToolPricing, TrendAlertEngine, type TrendMetric, TwoPhaseRouter, type TwoPhaseRouterConfig, type UnitEconomics, ValuationModel, type ValuationModelConfig, type VariableNode, type Verdict, type WindowType, compileFromJSON, compileRuleSet, createAutoHardenEngine, createCostGateEnhanced, createEvolutionChannel, createMultiLevelBudget, createRecalculationEngine, createSemanticDriftDetector, PolicyEngine as default, estimateCost, evaluateRules, getAccuracyStats, getModelPricingTable, getToolPricingTable, recordActualCost, registerFunction, updateModelPricing, updateToolPricing };

package/dist/index.js CHANGED Viewed

@@ -4615,8 +4615,11 @@ var RISK_SCORES = {
   high: 70,
   critical: 95
 };
-var ENGINE_VERSION = "3.4.0";
+var ENGINE_VERSION = "4.0.0";
 var ENGINE_VERSION_CHECK_URL = "https://api.sovr.inc/api/sovr/v1/version/check";
+var DEFAULT_METERING_ENDPOINT = "https://sovr-ai-mkzgqqeh.manus.space/api/v1/metering/batch";
+var LOGIN_VALIDATE_URL = "https://sovr-ai-mkzgqqeh.manus.space/api/keys/validate";
+var IRREVERSIBLE_ACTION_REGEX = /^(DELETE|DROP|TRUNCATE|ALTER|UPDATE|INSERT|CREATE|GRANT|REVOKE|COPY|shell_exec|file_write|db_delete|db_update|db_execute|payment|deploy|publish)$/i;
 var ENGINE_TIER_LIMITS = {
   free: { evaluationsPerMonth: 50, irreversibleAllowsPerMonth: 0 },
   personal: { evaluationsPerMonth: 5e3, irreversibleAllowsPerMonth: 500 },
@@ -4633,6 +4636,28 @@ var PolicyEngine = class {
   _usage = { evaluations: 0, irreversibleAllows: 0, monthKey: "" };
   _apiKey;
   _versionChecked = false;
+  // v4.0.0: BillingReporter
+  _billingEnabled;
+  _billingEndpoint;
+  _billingBuffer = [];
+  _billingFlushTimer = null;
+  _billingFlushInterval;
+  _billingBufferMax;
+  _billingStats = {
+    eventsReported: 0,
+    eventsDropped: 0,
+    bufferSize: 0,
+    byType: {
+      "gate.check": 0,
+      "gate.block": 0,
+      "irreversible.allowed": 0,
+      "trust_bundle.issued": 0,
+      "trust_bundle.exported": 0,
+      "replay.requested": 0,
+      "auditor.session": 0
+    }
+  };
+  _loginValidated = false;
   constructor(config) {
     this._apiKey = config.apiKey || process.env.SOVR_API_KEY || "";
     if (!this._apiKey) {
@@ -4664,7 +4689,19 @@ var PolicyEngine = class {
     this._tier = config.tier ?? "free";
     const now = /* @__PURE__ */ new Date();
     this._usage.monthKey = `${now.getFullYear()}-${String(now.getMonth() + 1).padStart(2, "0")}`;
+    const billing = config.billing ?? {};
+    this._billingEnabled = billing.enabled !== false;
+    this._billingEndpoint = billing.meteringEndpoint ?? DEFAULT_METERING_ENDPOINT;
+    this._billingFlushInterval = billing.flushIntervalMs ?? 1e4;
+    this._billingBufferMax = billing.bufferMax ?? 500;
     this._asyncVersionCheck();
+    this._asyncLoginValidation();
+    if (this._billingEnabled) {
+      this._billingFlushTimer = setInterval(() => {
+        this._flushBillingBuffer().catch(() => {
+        });
+      }, this._billingFlushInterval);
+    }
   }
   /** v3.1.0: Async version check — blocks evaluate() on first call if deprecated */
   async _asyncVersionCheck() {
@@ -4707,6 +4744,137 @@ var PolicyEngine = class {
       }
     }
   }
+  // ============================================================================
+  // v4.0.0: Mandatory Login Validation (Remote API Key → User Identity)
+  // ============================================================================
+  /**
+   * Async login validation — verifies API Key is bound to a registered user.
+   * Runs once at startup. On failure: logs warning but allows operation (fail-open).
+   * On success: sets tier from server response.
+   */
+  async _asyncLoginValidation() {
+    if (this._loginValidated) return;
+    try {
+      const res = await globalThis.fetch(LOGIN_VALIDATE_URL, {
+        method: "GET",
+        headers: {
+          "Authorization": `Bearer ${this._apiKey}`,
+          "X-SOVR-Source": "engine",
+          "X-SOVR-Version": ENGINE_VERSION
+        },
+        signal: AbortSignal.timeout(8e3)
+      });
+      if (res.ok) {
+        const data = await res.json();
+        this._loginValidated = true;
+        if (data.tier) {
+          this._tier = data.tier;
+        }
+        if (data.valid === false) {
+          console.error(
+            "\n\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\n\u2551          SOVR LOGIN VALIDATION FAILED                        \u2551\n\u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563\n\u2551  Your API key is not bound to a registered user.            \u2551\n\u2551  Please login at: https://sovr.inc/login                    \u2551\n\u2551  Then get a valid key: https://sovr.inc/dashboard/api-keys  \u2551\n\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D\n"
+          );
+        }
+      } else if (res.status === 401 || res.status === 403) {
+        console.error(
+          `[SOVR ENGINE] Login validation failed (HTTP ${res.status}). API key may be invalid or expired.`
+        );
+      }
+    } catch {
+    }
+  }
+  /** Get login validation status */
+  get loginValidated() {
+    return this._loginValidated;
+  }
+  // ============================================================================
+  // v4.0.0: BillingReporter — 7 event types, batch flush, quota check
+  // ============================================================================
+  /**
+   * Record a billing event into the buffer.
+   * Fire-and-forget — never blocks the main request flow.
+   */
+  recordBillingEvent(event_type, action, resource, verdict, metadata) {
+    if (!this._billingEnabled) return;
+    this._billingBuffer.push({
+      event_type,
+      action,
+      resource,
+      verdict,
+      api_key: this._apiKey,
+      timestamp: Date.now(),
+      metadata
+    });
+    this._billingStats.byType[event_type] = (this._billingStats.byType[event_type] || 0) + 1;
+    if (this._billingBuffer.length >= this._billingBufferMax) {
+      this._flushBillingBuffer().catch(() => {
+      });
+    }
+  }
+  /**
+   * Flush billing buffer to the metering endpoint.
+   * Batch POST — fire-and-forget with re-queue on failure.
+   */
+  async _flushBillingBuffer() {
+    if (this._billingBuffer.length === 0) return;
+    const batch = this._billingBuffer.splice(0, this._billingBufferMax);
+    try {
+      const response = await globalThis.fetch(this._billingEndpoint, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${this._apiKey}`,
+          "X-SOVR-Source": "engine",
+          "X-SOVR-Version": ENGINE_VERSION
+        },
+        body: JSON.stringify({ events: batch }),
+        signal: AbortSignal.timeout(5e3)
+      });
+      if (response.ok) {
+        this._billingStats.eventsReported += batch.length;
+      } else {
+        throw new Error(`HTTP ${response.status}`);
+      }
+    } catch {
+      if (this._billingBuffer.length < this._billingBufferMax * 2) {
+        this._billingBuffer.unshift(...batch);
+      } else {
+        this._billingStats.eventsDropped += batch.length;
+      }
+    }
+  }
+  /**
+   * Classify an evaluate() call into the appropriate billing event type.
+   * Key pricing principle: "放行的不可逆动作" is the highest-price tax base.
+   */
+  _classifyBillingEvent(action, verdict) {
+    if (verdict === "deny" || verdict === "block") {
+      return "gate.block";
+    }
+    if ((verdict === "allow" || verdict === "escalate") && IRREVERSIBLE_ACTION_REGEX.test(action)) {
+      return "irreversible.allowed";
+    }
+    return "gate.check";
+  }
+  /** Get billing statistics */
+  get billingStats() {
+    return {
+      ...this._billingStats,
+      bufferSize: this._billingBuffer.length
+    };
+  }
+  /**
+   * Flush remaining billing events and stop the timer.
+   * Call this before process exit for clean shutdown.
+   */
+  async shutdown() {
+    if (this._billingFlushTimer) {
+      clearInterval(this._billingFlushTimer);
+      this._billingFlushTimer = null;
+    }
+    await this._flushBillingBuffer().catch(() => {
+    });
+  }
   /** Set the current tier (e.g., after API key verification) */
   setTier(tier) {
     this._tier = tier;
@@ -4818,6 +4986,14 @@ var PolicyEngine = class {
       Promise.resolve(this.onAudit(event)).catch(() => {
       });
     }
+    const billingType = this._classifyBillingEvent(request.action, verdict);
+    this.recordBillingEvent(billingType, request.action, request.resource, verdict, {
+      risk_score: riskScore,
+      risk_level: riskLevel,
+      decision_id: decisionId,
+      channel: request.channel,
+      matched_rules: matchedRules.length
+    });
     if (this._tier === "free") {
       return {
         ...result,

package/dist/index.mjs CHANGED Viewed

@@ -4545,8 +4545,11 @@ var RISK_SCORES = {
   high: 70,
   critical: 95
 };
-var ENGINE_VERSION = "3.4.0";
+var ENGINE_VERSION = "4.0.0";
 var ENGINE_VERSION_CHECK_URL = "https://api.sovr.inc/api/sovr/v1/version/check";
+var DEFAULT_METERING_ENDPOINT = "https://sovr-ai-mkzgqqeh.manus.space/api/v1/metering/batch";
+var LOGIN_VALIDATE_URL = "https://sovr-ai-mkzgqqeh.manus.space/api/keys/validate";
+var IRREVERSIBLE_ACTION_REGEX = /^(DELETE|DROP|TRUNCATE|ALTER|UPDATE|INSERT|CREATE|GRANT|REVOKE|COPY|shell_exec|file_write|db_delete|db_update|db_execute|payment|deploy|publish)$/i;
 var ENGINE_TIER_LIMITS = {
   free: { evaluationsPerMonth: 50, irreversibleAllowsPerMonth: 0 },
   personal: { evaluationsPerMonth: 5e3, irreversibleAllowsPerMonth: 500 },
@@ -4563,6 +4566,28 @@ var PolicyEngine = class {
   _usage = { evaluations: 0, irreversibleAllows: 0, monthKey: "" };
   _apiKey;
   _versionChecked = false;
+  // v4.0.0: BillingReporter
+  _billingEnabled;
+  _billingEndpoint;
+  _billingBuffer = [];
+  _billingFlushTimer = null;
+  _billingFlushInterval;
+  _billingBufferMax;
+  _billingStats = {
+    eventsReported: 0,
+    eventsDropped: 0,
+    bufferSize: 0,
+    byType: {
+      "gate.check": 0,
+      "gate.block": 0,
+      "irreversible.allowed": 0,
+      "trust_bundle.issued": 0,
+      "trust_bundle.exported": 0,
+      "replay.requested": 0,
+      "auditor.session": 0
+    }
+  };
+  _loginValidated = false;
   constructor(config) {
     this._apiKey = config.apiKey || process.env.SOVR_API_KEY || "";
     if (!this._apiKey) {
@@ -4594,7 +4619,19 @@ var PolicyEngine = class {
     this._tier = config.tier ?? "free";
     const now = /* @__PURE__ */ new Date();
     this._usage.monthKey = `${now.getFullYear()}-${String(now.getMonth() + 1).padStart(2, "0")}`;
+    const billing = config.billing ?? {};
+    this._billingEnabled = billing.enabled !== false;
+    this._billingEndpoint = billing.meteringEndpoint ?? DEFAULT_METERING_ENDPOINT;
+    this._billingFlushInterval = billing.flushIntervalMs ?? 1e4;
+    this._billingBufferMax = billing.bufferMax ?? 500;
     this._asyncVersionCheck();
+    this._asyncLoginValidation();
+    if (this._billingEnabled) {
+      this._billingFlushTimer = setInterval(() => {
+        this._flushBillingBuffer().catch(() => {
+        });
+      }, this._billingFlushInterval);
+    }
   }
   /** v3.1.0: Async version check — blocks evaluate() on first call if deprecated */
   async _asyncVersionCheck() {
@@ -4637,6 +4674,137 @@ var PolicyEngine = class {
       }
     }
   }
+  // ============================================================================
+  // v4.0.0: Mandatory Login Validation (Remote API Key → User Identity)
+  // ============================================================================
+  /**
+   * Async login validation — verifies API Key is bound to a registered user.
+   * Runs once at startup. On failure: logs warning but allows operation (fail-open).
+   * On success: sets tier from server response.
+   */
+  async _asyncLoginValidation() {
+    if (this._loginValidated) return;
+    try {
+      const res = await globalThis.fetch(LOGIN_VALIDATE_URL, {
+        method: "GET",
+        headers: {
+          "Authorization": `Bearer ${this._apiKey}`,
+          "X-SOVR-Source": "engine",
+          "X-SOVR-Version": ENGINE_VERSION
+        },
+        signal: AbortSignal.timeout(8e3)
+      });
+      if (res.ok) {
+        const data = await res.json();
+        this._loginValidated = true;
+        if (data.tier) {
+          this._tier = data.tier;
+        }
+        if (data.valid === false) {
+          console.error(
+            "\n\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557\n\u2551          SOVR LOGIN VALIDATION FAILED                        \u2551\n\u2560\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2563\n\u2551  Your API key is not bound to a registered user.            \u2551\n\u2551  Please login at: https://sovr.inc/login                    \u2551\n\u2551  Then get a valid key: https://sovr.inc/dashboard/api-keys  \u2551\n\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D\n"
+          );
+        }
+      } else if (res.status === 401 || res.status === 403) {
+        console.error(
+          `[SOVR ENGINE] Login validation failed (HTTP ${res.status}). API key may be invalid or expired.`
+        );
+      }
+    } catch {
+    }
+  }
+  /** Get login validation status */
+  get loginValidated() {
+    return this._loginValidated;
+  }
+  // ============================================================================
+  // v4.0.0: BillingReporter — 7 event types, batch flush, quota check
+  // ============================================================================
+  /**
+   * Record a billing event into the buffer.
+   * Fire-and-forget — never blocks the main request flow.
+   */
+  recordBillingEvent(event_type, action, resource, verdict, metadata) {
+    if (!this._billingEnabled) return;
+    this._billingBuffer.push({
+      event_type,
+      action,
+      resource,
+      verdict,
+      api_key: this._apiKey,
+      timestamp: Date.now(),
+      metadata
+    });
+    this._billingStats.byType[event_type] = (this._billingStats.byType[event_type] || 0) + 1;
+    if (this._billingBuffer.length >= this._billingBufferMax) {
+      this._flushBillingBuffer().catch(() => {
+      });
+    }
+  }
+  /**
+   * Flush billing buffer to the metering endpoint.
+   * Batch POST — fire-and-forget with re-queue on failure.
+   */
+  async _flushBillingBuffer() {
+    if (this._billingBuffer.length === 0) return;
+    const batch = this._billingBuffer.splice(0, this._billingBufferMax);
+    try {
+      const response = await globalThis.fetch(this._billingEndpoint, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "Authorization": `Bearer ${this._apiKey}`,
+          "X-SOVR-Source": "engine",
+          "X-SOVR-Version": ENGINE_VERSION
+        },
+        body: JSON.stringify({ events: batch }),
+        signal: AbortSignal.timeout(5e3)
+      });
+      if (response.ok) {
+        this._billingStats.eventsReported += batch.length;
+      } else {
+        throw new Error(`HTTP ${response.status}`);
+      }
+    } catch {
+      if (this._billingBuffer.length < this._billingBufferMax * 2) {
+        this._billingBuffer.unshift(...batch);
+      } else {
+        this._billingStats.eventsDropped += batch.length;
+      }
+    }
+  }
+  /**
+   * Classify an evaluate() call into the appropriate billing event type.
+   * Key pricing principle: "放行的不可逆动作" is the highest-price tax base.
+   */
+  _classifyBillingEvent(action, verdict) {
+    if (verdict === "deny" || verdict === "block") {
+      return "gate.block";
+    }
+    if ((verdict === "allow" || verdict === "escalate") && IRREVERSIBLE_ACTION_REGEX.test(action)) {
+      return "irreversible.allowed";
+    }
+    return "gate.check";
+  }
+  /** Get billing statistics */
+  get billingStats() {
+    return {
+      ...this._billingStats,
+      bufferSize: this._billingBuffer.length
+    };
+  }
+  /**
+   * Flush remaining billing events and stop the timer.
+   * Call this before process exit for clean shutdown.
+   */
+  async shutdown() {
+    if (this._billingFlushTimer) {
+      clearInterval(this._billingFlushTimer);
+      this._billingFlushTimer = null;
+    }
+    await this._flushBillingBuffer().catch(() => {
+    });
+  }
   /** Set the current tier (e.g., after API key verification) */
   setTier(tier) {
     this._tier = tier;
@@ -4748,6 +4916,14 @@ var PolicyEngine = class {
       Promise.resolve(this.onAudit(event)).catch(() => {
       });
     }
+    const billingType = this._classifyBillingEvent(request.action, verdict);
+    this.recordBillingEvent(billingType, request.action, request.resource, verdict, {
+      risk_score: riskScore,
+      risk_level: riskLevel,
+      decision_id: decisionId,
+      channel: request.channel,
+      matched_rules: matchedRules.length
+    });
     if (this._tier === "free") {
       return {
         ...result,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sovr/engine",
-  "version": "3.7.0",
+  "version": "4.0.0",
   "description": "Unified Policy Engine for SOVR — the single decision plane for all proxy channels",
   "main": "dist/index.js",
   "module": "dist/index.mjs",