@sunaiva/gate 1.0.0 → 1.1.0

package/dist/engine/immutability.js

@@ -0,0 +1,129 @@
+/**
+ * Immutability guard — constitutional rules cannot be disabled or bypassed.
+ *
+ * Builder B4. Resolves CRITICAL findings:
+ *   - C2: `update_rules({disable: ['fin-001']})` must reject (cannot disable constitutional).
+ *   - C3: `log_bypass({rule_id: 'fin-001'})` must reject (cannot bypass constitutional).
+ *
+ * Design:
+ *   - Single canonical source of truth for "what is constitutional":
+ *       1. CONSTITUTIONAL_RULE_IDS (frozen array in src/config/defaults.ts) — primary.
+ *       2. Cross-check against loadConstitutionalRulesOnly() from rule-engine — defense in depth.
+ *       Union of both => guard set. This means a future rule with `enforcement === "constitutional"`
+ *       in rules.json is automatically protected even if CONSTITUTIONAL_RULE_IDS isn't updated.
+ *   - assertCanDisable() and assertCanBypass() throw ConstitutionalImmutableError.
+ *   - enforceConstitutionalActive() returns a config with every constitutional ID guaranteed
+ *     in active_rules — called on every config load so user tampering of ~/.sunaiva/gate-config.json
+ *     cannot disable a constitutional rule.
+ *
+ * Why both sources?
+ *   - CONSTITUTIONAL_RULE_IDS in defaults.ts is the frozen, code-level source — even if
+ *     the bundled rules.json is missing or corrupt, we still know which IDs are protected.
+ *   - loadConstitutionalRulesOnly() from rule-engine reads from the package-bundled rules,
+ *     never user config — adds new rules without code changes if rules.json is updated.
+ *   - Union ensures additive protection: a rule listed EITHER place is constitutional.
+ */
+import { CONSTITUTIONAL_RULE_IDS } from "../config/defaults.js";
+import { loadConstitutionalRulesOnly } from "./rule-engine.js";
+// ----------------------------------------------------------------------
+// Errors
+// ----------------------------------------------------------------------
+export class ConstitutionalImmutableError extends Error {
+    rule_id;
+    op;
+    constructor(ruleId, op) {
+        const verb = op === "disable" ? "disabled" : "bypassed";
+        super(`Constitutional rule '${ruleId}' cannot be ${verb}.`);
+        this.name = "ConstitutionalImmutableError";
+        this.rule_id = ruleId;
+        this.op = op;
+        // Restore prototype chain for `instanceof` to work across compile targets.
+        Object.setPrototypeOf(this, ConstitutionalImmutableError.prototype);
+    }
+}
+// ----------------------------------------------------------------------
+// Canonical constitutional set (cached)
+// ----------------------------------------------------------------------
+let _cached = null;
+/**
+ * Returns the canonical set of constitutional rule IDs. Union of:
+ *   1. CONSTITUTIONAL_RULE_IDS (frozen array — code-level guarantee)
+ *   2. loadConstitutionalRulesOnly() (rules.json — runtime additive)
+ *
+ * Cached after first call. Tests can force a refresh with refreshConstitutionalCache().
+ */
+export function getConstitutionalRuleIds() {
+    if (_cached)
+        return _cached;
+    const set = new Set(CONSTITUTIONAL_RULE_IDS);
+    // Defense in depth: also pick up any rule with enforcement === "constitutional"
+    // in the bundled rules.json, even if the frozen array hasn't been updated yet.
+    try {
+        for (const r of loadConstitutionalRulesOnly()) {
+            if (r?.id)
+                set.add(r.id);
+        }
+    }
+    catch {
+        // Fail-OPEN on the rules.json side — the frozen array is still authoritative.
+    }
+    _cached = set;
+    return _cached;
+}
+/**
+ * Test-only cache reset. Used by tests that mutate environment / config files
+ * and need a fresh read.
+ */
+export function refreshConstitutionalCache() {
+    _cached = null;
+}
+// ----------------------------------------------------------------------
+// Predicate
+// ----------------------------------------------------------------------
+export function isConstitutional(ruleId) {
+    return getConstitutionalRuleIds().has(ruleId);
+}
+// ----------------------------------------------------------------------
+// Assertions (throw on violation)
+// ----------------------------------------------------------------------
+export function assertCanDisable(ruleId) {
+    if (isConstitutional(ruleId)) {
+        throw new ConstitutionalImmutableError(ruleId, "disable");
+    }
+}
+export function assertCanBypass(ruleId) {
+    if (isConstitutional(ruleId)) {
+        throw new ConstitutionalImmutableError(ruleId, "bypass");
+    }
+}
+// ----------------------------------------------------------------------
+// Config re-merge — load-time immutability
+// ----------------------------------------------------------------------
+/**
+ * Returns a new GateConfig with every constitutional rule ID guaranteed
+ * in active_rules. The on-disk config file is NOT mutated; this is an
+ * in-memory enforcement layer so a user can hand-edit `~/.sunaiva/gate-config.json`
+ * to remove constitutional rules and the next runtime load will simply
+ * re-add them — silently and unbypassably.
+ *
+ * Idempotent: calling on a config that already has all constitutional IDs
+ * is a no-op (returns a structurally equal config).
+ */
+export function enforceConstitutionalActive(config) {
+    const required = getConstitutionalRuleIds();
+    const active = new Set(config.active_rules ?? []);
+    let added = false;
+    for (const id of required) {
+        if (!active.has(id)) {
+            active.add(id);
+            added = true;
+        }
+    }
+    if (!added)
+        return config;
+    return {
+        ...config,
+        active_rules: [...active],
+    };
+}
+//# sourceMappingURL=immutability.js.map

package/dist/engine/immutability.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"immutability.js","sourceRoot":"","sources":["../../src/engine/immutability.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAAE,uBAAuB,EAAmB,MAAM,uBAAuB,CAAC;AACjF,OAAO,EAAE,2BAA2B,EAAE,MAAM,kBAAkB,CAAC;AAE/D,yEAAyE;AACzE,SAAS;AACT,yEAAyE;AAEzE,MAAM,OAAO,4BAA6B,SAAQ,KAAK;IACrC,OAAO,CAAS;IAChB,EAAE,CAAuB;IAEzC,YAAY,MAAc,EAAE,EAAwB;QAClD,MAAM,IAAI,GAAG,EAAE,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC;QACxD,KAAK,CAAC,wBAAwB,MAAM,eAAe,IAAI,GAAG,CAAC,CAAC;QAC5D,IAAI,CAAC,IAAI,GAAG,8BAA8B,CAAC;QAC3C,IAAI,CAAC,OAAO,GAAG,MAAM,CAAC;QACtB,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,2EAA2E;QAC3E,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,4BAA4B,CAAC,SAAS,CAAC,CAAC;IACtE,CAAC;CACF;AAED,yEAAyE;AACzE,wCAAwC;AACxC,yEAAyE;AAEzE,IAAI,OAAO,GAA+B,IAAI,CAAC;AAE/C;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB;IACtC,IAAI,OAAO;QAAE,OAAO,OAAO,CAAC;IAC5B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAS,uBAAuB,CAAC,CAAC;IACrD,gFAAgF;IAChF,+EAA+E;IAC/E,IAAI,CAAC;QACH,KAAK,MAAM,CAAC,IAAI,2BAA2B,EAAE,EAAE,CAAC;YAC9C,IAAI,CAAC,EAAE,EAAE;gBAAE,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,8EAA8E;IAChF,CAAC;IACD,OAAO,GAAG,GAAG,CAAC;IACd,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B;IACxC,OAAO,GAAG,IAAI,CAAC;AACjB,CAAC;AAED,yEAAyE;AACzE,YAAY;AACZ,yEAAyE;AAEzE,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAC7C,OAAO,wBAAwB,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;AAChD,CAAC;AAED,yEAAyE;AACzE,kCAAkC;AAClC,yEAAyE;AAEzE,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAC7C,IAAI,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,4BAA4B,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC5D,CAAC;AACH,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,MAAc;IAC5C,IAAI,gBAAgB,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,4BAA4B,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED,yEAAyE;AACzE,2CAA2C;AAC3C,yEAAyE;AAEzE;;;;;;;;;GASG;AACH,MAAM,UAAU,2BAA2B,CAAC,MAAkB;IAC5D,MAAM,QAAQ,GAAG,wBAAwB,EAAE,CAAC;IAC5C,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;IAClD,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC1B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;YACpB,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,GAAG,IAAI,CAAC;QACf,CAAC;IACH,CAAC;IACD,IAAI,CAAC,KAAK;QAAE,OAAO,MAAM,CAAC;IAC1B,OAAO;QACL,GAAG,MAAM;QACT,YAAY,EAAE,CAAC,GAAG,MAAM,CAAC;KAC1B,CAAC;AACJ,CAAC"}

package/dist/engine/pattern-matcher.d.ts

@@ -1,6 +1,19 @@
 /**
  * Pattern Matcher — local regex/keyword matching for rule detection_pattern fields.
  * No API call. Runs entirely in-process.
+ *
+ * Matching strategy (v1.0.1):
+ *   1. Normalize both action and keyword: lowercase, replace . / - _ ( ) = with space,
+ *      collapse runs of whitespace.
+ *   2. Split the normalized keyword into tokens.
+ *   3. Expand "/" alternatives in the original keyword (e.g. "main/master" → ["main","master"]).
+ *   4. Match if the action contains the keyword's distinctive token sequence,
+ *      or all distinctive tokens of the keyword in order with flexible whitespace.
+ *
+ * This catches real agent inputs like:
+ *   - "git push origin main"          via keyword "git push to main/master"
+ *   - "stripe.charges.create()"       via keyword "stripe charges"
+ *   - "rm -rf /"                      via keyword "rm -rf commands"
  */
 export interface MatchResult {
     matched: boolean;

package/dist/engine/pattern-matcher.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"pattern-matcher.d.ts","sourceRoot":"","sources":["../../src/engine/pattern-matcher.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CACvC;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,EAAE,CAexE;AAeD;;;;;;GAMG;AACH,wBAAgB,WAAW,CACzB,MAAM,EAAE,MAAM,EACd,gBAAgB,EAAE,MAAM,GACvB,WAAW,CAwBb;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAC/B,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,KAAK,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,iBAAiB,EAAE,MAAM,CAAA;CAAE,CAAC,GACtD,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAM1B"}
+{"version":3,"file":"pattern-matcher.d.ts","sourceRoot":"","sources":["../../src/engine/pattern-matcher.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CACvC;AA4CD;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,gBAAgB,EAAE,MAAM,GAAG,MAAM,EAAE,CAkBxE;AAuBD;;;;;;GAMG;AACH,wBAAgB,WAAW,CACzB,MAAM,EAAE,MAAM,EACd,gBAAgB,EAAE,MAAM,GACvB,WAAW,CA6Bb;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAC/B,MAAM,EAAE,MAAM,EACd,KAAK,EAAE,KAAK,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,iBAAiB,EAAE,MAAM,CAAA;CAAE,CAAC,GACtD,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAM1B"}

package/dist/engine/pattern-matcher.js

@@ -1,7 +1,59 @@
 /**
  * Pattern Matcher — local regex/keyword matching for rule detection_pattern fields.
  * No API call. Runs entirely in-process.
+ *
+ * Matching strategy (v1.0.1):
+ *   1. Normalize both action and keyword: lowercase, replace . / - _ ( ) = with space,
+ *      collapse runs of whitespace.
+ *   2. Split the normalized keyword into tokens.
+ *   3. Expand "/" alternatives in the original keyword (e.g. "main/master" → ["main","master"]).
+ *   4. Match if the action contains the keyword's distinctive token sequence,
+ *      or all distinctive tokens of the keyword in order with flexible whitespace.
+ *
+ * This catches real agent inputs like:
+ *   - "git push origin main"          via keyword "git push to main/master"
+ *   - "stripe.charges.create()"       via keyword "stripe charges"
+ *   - "rm -rf /"                      via keyword "rm -rf commands"
+ */
+// Stop words that are filler in human-readable rule patterns and should not be
+// required for a match to succeed.
+const STOP_WORDS = new Set([
+    "the", "a", "an", "to", "of", "in", "on", "for", "and", "or", "with",
+    "without", "from", "into", "via", "by", "is", "are", "be", "as", "at",
+    "commands", "patterns", "calls", "operations", "actions",
+]);
+function normalize(text) {
+    return text
+        .toLowerCase()
+        .replace(/[./\\\-_()=,;:'"`]/g, " ")
+        .replace(/\s+/g, " ")
+        .trim();
+}
+function tokenize(text) {
+    return normalize(text).split(" ").filter((t) => t.length > 0);
+}
+function distinctiveTokens(keyword) {
+    return tokenize(keyword).filter((t) => !STOP_WORDS.has(t) && t.length > 1);
+}
+/**
+ * Expand a keyword's "/" alternatives. "main/master" → ["main", "master"].
+ * For multi-word keywords containing "/", expand each slash-segment in turn,
+ * keeping the surrounding context.
+ *   "git push to main/master" → ["git push to main", "git push to master"]
  */
+function expandSlashAlternatives(keyword) {
+    if (!keyword.includes("/"))
+        return [keyword];
+    // Find first "/" segment with surrounding non-space chars
+    const m = keyword.match(/(\S+\/\S+)/);
+    if (!m)
+        return [keyword];
+    const segment = m[1];
+    const alternatives = segment.split("/");
+    const expanded = alternatives.map((alt) => keyword.replace(segment, alt));
+    // Recurse in case multiple "/" segments
+    return expanded.flatMap(expandSlashAlternatives);
+}
 /**
  * Extract keyword phrases from a human-readable detection_pattern string.
  * The pattern field is prose like:
@@ -10,28 +62,40 @@
 export function parseDetectionPattern(detectionPattern) {
     // Strip "Detects:" prefix if present
     const cleaned = detectionPattern.replace(/^Detects:\s*/i, "");
-    // Split on commas, newlines, semicolons
+    // Split on commas, newlines, semicolons (top-level separators between phrases)
     const fragments = cleaned.split(/[,;\n]+/);
     const keywords = [];
     for (const fragment of fragments) {
-        const trimmed = fragment.trim().toLowerCase();
+        const trimmed = fragment.trim();
         if (trimmed.length > 2) {
-            keywords.push(trimmed);
+            // Expand slash alternatives so "main/master" produces both forms
+            for (const expanded of expandSlashAlternatives(trimmed)) {
+                keywords.push(expanded);
+            }
         }
     }
     return keywords;
 }
 /**
- * Build regex patterns from a list of keyword phrases.
- * Each phrase becomes a word-boundary regex.
+ * Build a regex that matches a keyword's distinctive tokens against the
+ * normalized action, in order, with up to 3 intermediate tokens allowed
+ * between consecutive distinctive tokens. This lets "git push to main"
+ * match "git push origin main" (intermediate "origin") and
+ * "stripe charges" match "stripe charges create" (no intermediates).
+ *
+ * Returns null if the keyword has no distinctive (non-stop-word) tokens.
  */
-function buildPatterns(keywords) {
-    return keywords.map((kw) => {
-        // Escape special regex characters
-        const escaped = kw.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
-        // Allow word boundary or start/end of string matching
-        return new RegExp(escaped, "i");
-    });
+function buildKeywordRegex(keyword) {
+    const tokens = distinctiveTokens(keyword);
+    if (tokens.length === 0)
+        return null;
+    const escaped = tokens.map((t) => t.replace(/[.*+?^${}()|[\]\\]/g, "\\$&"));
+    // Allow up to 3 intermediate words between distinctive tokens.
+    // "(?:\S+\s+){0,3}" matches 0-3 non-whitespace runs followed by whitespace.
+    const gap = "(?:\\S+\\s+){0,3}";
+    const body = escaped.join("\\s+" + gap);
+    // Anchor with word boundaries on the outside so "stripe" doesn't match "pinstripe".
+    return new RegExp(`(?:^|\\W)${body}(?:$|\\W)`, "i");
 }
 /**
  * Match an action description against a rule's detection_pattern string.
@@ -41,13 +105,17 @@ function buildPatterns(keywords) {
  * @returns MatchResult
  */
 export function matchAction(action, detectionPattern) {
+    // Server-side stub: never match locally.
+    if (detectionPattern === "[server-side]") {
+        return { matched: false, matched_keywords: [], confidence: "low" };
+    }
     const keywords = parseDetectionPattern(detectionPattern);
-    const patterns = buildPatterns(keywords);
-    const actionLower = action.toLowerCase();
+    const normalizedAction = normalize(action);
     const matchedKeywords = [];
-    for (let i = 0; i < patterns.length; i++) {
-        if (patterns[i].test(actionLower)) {
-            matchedKeywords.push(keywords[i]);
+    for (const kw of keywords) {
+        const re = buildKeywordRegex(kw);
+        if (re && re.test(normalizedAction)) {
+            matchedKeywords.push(kw);
         }
     }
     const matched = matchedKeywords.length > 0;

package/dist/engine/pattern-matcher.js.map

@@ -1 +1 @@
-{"version":3,"file":"pattern-matcher.js","sourceRoot":"","sources":["../../src/engine/pattern-matcher.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAQH;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,gBAAwB;IAC5D,qCAAqC;IACrC,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;IAE9D,wCAAwC;IACxC,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAE3C,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC9C,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa,CAAC,QAAkB;IACvC,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;QACzB,kCAAkC;QAClC,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;QAC1D,sDAAsD;QACtD,OAAO,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CACzB,MAAc,EACd,gBAAwB;IAExB,MAAM,QAAQ,GAAG,qBAAqB,CAAC,gBAAgB,CAAC,CAAC;IACzD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEzC,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IACzC,MAAM,eAAe,GAAa,EAAE,CAAC;IAErC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAClC,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC;IAE3C,sDAAsD;IACtD,IAAI,UAAU,GAA8B,KAAK,CAAC;IAClD,IAAI,eAAe,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAChC,UAAU,GAAG,MAAM,CAAC;IACtB,CAAC;SAAM,IAAI,eAAe,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACvC,UAAU,GAAG,QAAQ,CAAC;IACxB,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,UAAU,EAAE,CAAC;AACpE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAC/B,MAAc,EACd,KAAuD;IAEvD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}
+{"version":3,"file":"pattern-matcher.js","sourceRoot":"","sources":["../../src/engine/pattern-matcher.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAQH,+EAA+E;AAC/E,mCAAmC;AACnC,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;IACzB,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM;IACpE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI;IACrE,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,YAAY,EAAE,SAAS;CACzD,CAAC,CAAC;AAEH,SAAS,SAAS,CAAC,IAAY;IAC7B,OAAO,IAAI;SACR,WAAW,EAAE;SACb,OAAO,CAAC,qBAAqB,EAAE,GAAG,CAAC;SACnC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;SACpB,IAAI,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,QAAQ,CAAC,IAAY;IAC5B,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAChE,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe;IACxC,OAAO,QAAQ,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED;;;;;GAKG;AACH,SAAS,uBAAuB,CAAC,OAAe;IAC9C,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,0DAA0D;IAC1D,MAAM,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IACtC,IAAI,CAAC,CAAC;QAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACzB,MAAM,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACrB,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IAC1E,wCAAwC;IACxC,OAAO,QAAQ,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC;AACnD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CAAC,gBAAwB;IAC5D,qCAAqC;IACrC,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;IAE9D,+EAA+E;IAC/E,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAE3C,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;QAChC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,iEAAiE;YACjE,KAAK,MAAM,QAAQ,IAAI,uBAAuB,CAAC,OAAO,CAAC,EAAE,CAAC;gBACxD,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,iBAAiB,CAAC,OAAe;IACxC,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,MAAM,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC;IAC5E,+DAA+D;IAC/D,4EAA4E;IAC5E,MAAM,GAAG,GAAG,mBAAmB,CAAC;IAChC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC;IACxC,oFAAoF;IACpF,OAAO,IAAI,MAAM,CAAC,YAAY,IAAI,WAAW,EAAE,GAAG,CAAC,CAAC;AACtD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CACzB,MAAc,EACd,gBAAwB;IAExB,yCAAyC;IACzC,IAAI,gBAAgB,KAAK,eAAe,EAAE,CAAC;QACzC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAE,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC;IACrE,CAAC;IAED,MAAM,QAAQ,GAAG,qBAAqB,CAAC,gBAAgB,CAAC,CAAC;IACzD,MAAM,gBAAgB,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAE3C,MAAM,eAAe,GAAa,EAAE,CAAC;IAErC,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC1B,MAAM,EAAE,GAAG,iBAAiB,CAAC,EAAE,CAAC,CAAC;QACjC,IAAI,EAAE,IAAI,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC;IAE3C,sDAAsD;IACtD,IAAI,UAAU,GAA8B,KAAK,CAAC;IAClD,IAAI,eAAe,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAChC,UAAU,GAAG,MAAM,CAAC;IACtB,CAAC;SAAM,IAAI,eAAe,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACvC,UAAU,GAAG,QAAQ,CAAC;IACxB,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,UAAU,EAAE,CAAC;AACpE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAC/B,MAAc,EACd,KAAuD;IAEvD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,WAAW,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/engine/rule-engine.d.ts

@@ -1,7 +1,19 @@
 /**
  * Rule Engine — loads rules.json, filters active rules, evaluates actions.
+ *
+ * Severity model (v1.0.1):
+ *   - HARD   = constitutional rules (always block on match, no enforcement_mode escape)
+ *   - MEDIUM = standard rule with severity=block (warn-then-block)
+ *   - SOFT   = standard rule with severity=warn (warn only, never block)
+ *
+ * Premium rules: rules with `backend_required: true` and stub detection_pattern
+ * are skipped locally unless a backend URL is configured. Future versions will
+ * call the backend over HTTP for these.
  */
 import type { GateConfig } from "../config/defaults.js";
+import { BackendClient } from "./backend-client.js";
+import type { BackendRuleResult } from "../types/backend.js";
+export type SeverityTier = "HARD" | "MEDIUM" | "SOFT";
 export interface Rule {
     id: string;
     name: string;
@@ -9,17 +21,66 @@ export interface Rule {
     category: string;
     enforcement: "constitutional" | "standard";
     gate_type: string;
-    severity: "block" | "warn";
+    severity: "block" | "warn" | "warn-then-block";
     detection_pattern: string;
     tags: string[];
     preset_groups: string[];
+    backend_required?: boolean;
+    constitutional?: boolean;
 }
 export interface EvaluationResult {
     allowed: boolean;
     violations: Rule[];
     warnings: Rule[];
+    /** Highest severity tier triggered, or null if nothing matched. */
+    severity_tier: SeverityTier | null;
+    /** Rule IDs that would have blocked under enforce mode (dry-run instrumentation). */
+    would_have_blocked: string[];
+    /** Rule IDs that were skipped because backend_required=true and no backend configured. */
+    skipped_premium: string[];
+    /** Per-premium-rule backend evaluation results (when SUNAIVA_GATE_API_TOKEN is set). */
+    backend_results?: BackendRuleResult[];
 }
+/** Test-only injection point. */
+export declare function setBackendClient(client: BackendClient | null): void;
 export declare function loadAllRules(): Rule[];
+/**
+ * Returns ONLY the rules whose `enforcement === "constitutional"`.
+ *
+ * This is the canonical "what is constitutional" function used by
+ * B4's immutability guard. It reads from the package-bundled rules
+ * (dist/rules/rules.json), never from the user-editable on-disk
+ * copy at ~/.sunaiva/rules.json — so a user cannot circumvent the
+ * guard by hand-editing their config.
+ *
+ * Cached via loadAllRules().
+ */
+export declare function loadConstitutionalRulesOnly(): Rule[];
+/**
+ * Resolved path that loadAllRules() reads from. Exported for tests
+ * and diagnostic tooling (e.g. verify-bundle / smoke-test reporting).
+ */
+export declare function getResolvedRulesPath(): string;
 export declare function getActiveRules(config: GateConfig): Rule[];
 export declare function evaluateAction(action: string, config: GateConfig, warningCounts: Map<string, number>, context?: string): EvaluationResult;
+/**
+ * Async wrapper around evaluateAction that ALSO delegates premium
+ * (`backend_required: true`) rules to the BackendClient. Used by
+ * `handleValidateAction` when SUNAIVA_GATE_API_TOKEN is set so premium
+ * rules actually get evaluated server-side instead of silently skipped.
+ *
+ * Failure mode: any backend error (network, 5xx, missing token) becomes
+ * a `skipped_*` status on the per-rule result. The BackendClient itself
+ * is fail-OPEN for the customer — a Sunaiva outage never blocks the user.
+ *
+ * Premium-rule semantics:
+ *   - rule_id in skipped_premium  → backend was NOT consulted (sync path)
+ *   - rule_id in backend_results  → backend WAS consulted; check status field
+ *   - status === "matched"        → backend wants to block; promoted to violation
+ *   - status === "no_match"       → backend evaluated clean
+ *   - status === "skipped_*"      → fail-OPEN (rule deferred, see error field)
+ *
+ * Tests #7 (token unset → skipped_no_token) lives here.
+ */
+export declare function evaluateActionAsync(action: string, config: GateConfig, warningCounts: Map<string, number>, context?: string): Promise<EvaluationResult>;
 //# sourceMappingURL=rule-engine.d.ts.map

package/dist/engine/rule-engine.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"rule-engine.d.ts","sourceRoot":"","sources":["../../src/engine/rule-engine.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAMxD,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,gBAAgB,GAAG,UAAU,CAAC;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,GAAG,MAAM,CAAC;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,IAAI,EAAE,CAAC;IACnB,QAAQ,EAAE,IAAI,EAAE,CAAC;CAClB;AAID,wBAAgB,YAAY,IAAI,IAAI,EAAE,CAKrC;AAED,wBAAgB,cAAc,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,EAAE,CAGzD;AAED,wBAAgB,cAAc,CAC5B,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,UAAU,EAClB,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EAClC,OAAO,CAAC,EAAE,MAAM,GACf,gBAAgB,CA+BlB"}
+{"version":3,"file":"rule-engine.d.ts","sourceRoot":"","sources":["../../src/engine/rule-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAMH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAoB7D,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;AAEtD,MAAM,WAAW,IAAI;IACnB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,gBAAgB,GAAG,UAAU,CAAC;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,GAAG,MAAM,GAAG,iBAAiB,CAAC;IAC/C,iBAAiB,EAAE,MAAM,CAAC;IAC1B,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,IAAI,EAAE,CAAC;IACnB,QAAQ,EAAE,IAAI,EAAE,CAAC;IACjB,mEAAmE;IACnE,aAAa,EAAE,YAAY,GAAG,IAAI,CAAC;IACnC,qFAAqF;IACrF,kBAAkB,EAAE,MAAM,EAAE,CAAC;IAC7B,0FAA0F;IAC1F,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,wFAAwF;IACxF,eAAe,CAAC,EAAE,iBAAiB,EAAE,CAAC;CACvC;AAmBD,iCAAiC;AACjC,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI,GAAG,IAAI,CAEnE;AAOD,wBAAgB,YAAY,IAAI,IAAI,EAAE,CAerC;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,2BAA2B,IAAI,IAAI,EAAE,CAMpD;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,CAE7C;AAED,wBAAgB,cAAc,CAAC,MAAM,EAAE,UAAU,GAAG,IAAI,EAAE,CAGzD;AAkBD,wBAAgB,cAAc,CAC5B,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,UAAU,EAClB,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EAClC,OAAO,CAAC,EAAE,MAAM,GACf,gBAAgB,CAkElB;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAsB,mBAAmB,CACvC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,UAAU,EAClB,aAAa,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EAClC,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,gBAAgB,CAAC,CAqE3B"}