@sunaiva/gate 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +10 -0
- package/README.md +67 -0
- package/dist/config/defaults.d.ts +23 -0
- package/dist/config/defaults.d.ts.map +1 -0
- package/dist/config/defaults.js +26 -0
- package/dist/config/defaults.js.map +1 -0
- package/dist/config/loader.d.ts +5 -0
- package/dist/config/loader.d.ts.map +1 -0
- package/dist/config/loader.js +19 -0
- package/dist/config/loader.js.map +1 -0
- package/dist/engine/pattern-matcher.d.ts +32 -0
- package/dist/engine/pattern-matcher.d.ts.map +1 -0
- package/dist/engine/pattern-matcher.js +75 -0
- package/dist/engine/pattern-matcher.js.map +1 -0
- package/dist/engine/rule-engine.d.ts +25 -0
- package/dist/engine/rule-engine.d.ts.map +1 -0
- package/dist/engine/rule-engine.js +56 -0
- package/dist/engine/rule-engine.js.map +1 -0
- package/dist/engine/session-state.d.ts +14 -0
- package/dist/engine/session-state.d.ts.map +1 -0
- package/dist/engine/session-state.js +38 -0
- package/dist/engine/session-state.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +61 -0
- package/dist/index.js.map +1 -0
- package/dist/rules/categories.json +83 -0
- package/dist/rules/presets.json +163 -0
- package/dist/rules/rules.json +2119 -0
- package/dist/tools/audit.d.ts +11 -0
- package/dist/tools/audit.d.ts.map +1 -0
- package/dist/tools/audit.js +33 -0
- package/dist/tools/audit.js.map +1 -0
- package/dist/tools/bypass.d.ts +10 -0
- package/dist/tools/bypass.d.ts.map +1 -0
- package/dist/tools/bypass.js +16 -0
- package/dist/tools/bypass.js.map +1 -0
- package/dist/tools/rules.d.ts +10 -0
- package/dist/tools/rules.d.ts.map +1 -0
- package/dist/tools/rules.js +31 -0
- package/dist/tools/rules.js.map +1 -0
- package/dist/tools/update.d.ts +10 -0
- package/dist/tools/update.d.ts.map +1 -0
- package/dist/tools/update.js +24 -0
- package/dist/tools/update.js.map +1 -0
- package/dist/tools/validate.d.ts +10 -0
- package/dist/tools/validate.d.ts.map +1 -0
- package/dist/tools/validate.js +30 -0
- package/dist/tools/validate.js.map +1 -0
- package/package.json +65 -0
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export declare function appendAudit(entry: Record<string, unknown>): void;
|
|
2
|
+
export declare function handleGetAuditLog(args: {
|
|
3
|
+
limit?: number;
|
|
4
|
+
rule_id?: string;
|
|
5
|
+
}): Promise<{
|
|
6
|
+
content: {
|
|
7
|
+
type: "text";
|
|
8
|
+
text: string;
|
|
9
|
+
}[];
|
|
10
|
+
}>;
|
|
11
|
+
//# sourceMappingURL=audit.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/tools/audit.ts"],"names":[],"mappings":"AAQA,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAMhE;AAED,wBAAsB,iBAAiB,CAAC,IAAI,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE;;;;;GAejF"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { readFileSync, appendFileSync, existsSync, mkdirSync } from "node:fs";
|
|
2
|
+
import { dirname } from "node:path";
|
|
3
|
+
import { getConfig } from "../config/loader.js";
|
|
4
|
+
function getLogPath() {
|
|
5
|
+
return getConfig().audit_log_path;
|
|
6
|
+
}
|
|
7
|
+
export function appendAudit(entry) {
|
|
8
|
+
try {
|
|
9
|
+
const logPath = getLogPath();
|
|
10
|
+
mkdirSync(dirname(logPath), { recursive: true });
|
|
11
|
+
appendFileSync(logPath, JSON.stringify(entry) + "\n");
|
|
12
|
+
}
|
|
13
|
+
catch { }
|
|
14
|
+
}
|
|
15
|
+
export async function handleGetAuditLog(args) {
|
|
16
|
+
const logPath = getLogPath();
|
|
17
|
+
if (!existsSync(logPath)) {
|
|
18
|
+
return { content: [{ type: "text", text: JSON.stringify({ entries: [], total: 0 }) }] };
|
|
19
|
+
}
|
|
20
|
+
const lines = readFileSync(logPath, "utf-8").trim().split("\n").filter(Boolean);
|
|
21
|
+
let entries = lines.map(l => { try {
|
|
22
|
+
return JSON.parse(l);
|
|
23
|
+
}
|
|
24
|
+
catch {
|
|
25
|
+
return null;
|
|
26
|
+
} }).filter(Boolean);
|
|
27
|
+
if (args.rule_id)
|
|
28
|
+
entries = entries.filter((e) => e.rule_id === args.rule_id);
|
|
29
|
+
const limit = args.limit || 50;
|
|
30
|
+
entries = entries.slice(-limit);
|
|
31
|
+
return { content: [{ type: "text", text: JSON.stringify({ entries, total: entries.length }, null, 2) }] };
|
|
32
|
+
}
|
|
33
|
+
//# sourceMappingURL=audit.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/tools/audit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,cAAc,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC9E,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAEhD,SAAS,UAAU;IACjB,OAAO,SAAS,EAAE,CAAC,cAAc,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAA8B;IACxD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;AACZ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAA0C;IAChF,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACnG,CAAC;IAED,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAChF,IAAI,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,CAAC;QAAC,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IAAC,MAAM,CAAC;QAAC,OAAO,IAAI,CAAC;IAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEvG,IAAI,IAAI,CAAC,OAAO;QAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAA0B,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,IAAI,CAAC,OAAO,CAAC,CAAC;IAEvG,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;IAC/B,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC;IAEhC,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;AACrH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bypass.d.ts","sourceRoot":"","sources":["../../src/tools/bypass.ts"],"names":[],"mappings":"AAGA,wBAAsB,eAAe,CAAC,IAAI,EAAE;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE;;;;;GAe9E"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import { loadAllRules } from "../engine/rule-engine.js";
|
|
2
|
+
import { appendAudit } from "./audit.js";
|
|
3
|
+
export async function handleLogBypass(args) {
|
|
4
|
+
const rules = loadAllRules();
|
|
5
|
+
const rule = rules.find(r => r.id === args.rule_id);
|
|
6
|
+
if (!rule) {
|
|
7
|
+
return { content: [{ type: "text", text: JSON.stringify({ error: `Rule not found: ${args.rule_id}` }) }] };
|
|
8
|
+
}
|
|
9
|
+
if (rule.enforcement === "constitutional") {
|
|
10
|
+
return { content: [{ type: "text", text: JSON.stringify({ error: `Cannot bypass constitutional rule: ${args.rule_id}` }) }] };
|
|
11
|
+
}
|
|
12
|
+
const entry = { timestamp: new Date().toISOString(), type: "bypass", rule_id: args.rule_id, reason: args.reason };
|
|
13
|
+
appendAudit(entry);
|
|
14
|
+
return { content: [{ type: "text", text: JSON.stringify({ logged: true, bypass_id: `byp_${Date.now()}`, rule_id: args.rule_id }) }] };
|
|
15
|
+
}
|
|
16
|
+
//# sourceMappingURL=bypass.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"bypass.js","sourceRoot":"","sources":["../../src/tools/bypass.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,IAAyC;IAC7E,MAAM,KAAK,GAAG,YAAY,EAAE,CAAC;IAC7B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,OAAO,CAAC,CAAC;IAEpD,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,mBAAmB,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACtH,CAAC;IACD,IAAI,IAAI,CAAC,WAAW,KAAK,gBAAgB,EAAE,CAAC;QAC1C,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,sCAAsC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IACzI,CAAC;IAED,MAAM,KAAK,GAAG,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;IAClH,WAAW,CAAC,KAAK,CAAC,CAAC;IAEnB,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AACjJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rules.d.ts","sourceRoot":"","sources":["../../src/tools/rules.ts"],"names":[],"mappings":"AAQA,wBAAsB,cAAc,CAAC,IAAI,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE;;;;;GAsBhF"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
import { loadAllRules } from "../engine/rule-engine.js";
|
|
2
|
+
import { getConfig } from "../config/loader.js";
|
|
3
|
+
import { readFileSync } from "node:fs";
|
|
4
|
+
import { join, dirname } from "node:path";
|
|
5
|
+
import { fileURLToPath } from "node:url";
|
|
6
|
+
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
7
|
+
export async function handleGetRules(args) {
|
|
8
|
+
const cfg = getConfig();
|
|
9
|
+
let rules = loadAllRules().filter(r => cfg.active_rules.includes(r.id));
|
|
10
|
+
if (args.category)
|
|
11
|
+
rules = rules.filter(r => r.category === args.category);
|
|
12
|
+
if (args.preset) {
|
|
13
|
+
try {
|
|
14
|
+
const presets = JSON.parse(readFileSync(join(__dirname, "../../rules/presets.json"), "utf-8"));
|
|
15
|
+
const preset = presets.find((p) => p.id === args.preset);
|
|
16
|
+
if (preset)
|
|
17
|
+
rules = rules.filter(r => preset.rule_ids.includes(r.id));
|
|
18
|
+
}
|
|
19
|
+
catch { }
|
|
20
|
+
}
|
|
21
|
+
return {
|
|
22
|
+
content: [{
|
|
23
|
+
type: "text",
|
|
24
|
+
text: JSON.stringify({
|
|
25
|
+
rules: rules.map(r => ({ id: r.id, name: r.name, category: r.category, enforcement: r.enforcement, severity: r.severity })),
|
|
26
|
+
total: rules.length,
|
|
27
|
+
}, null, 2),
|
|
28
|
+
}],
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
//# sourceMappingURL=rules.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rules.js","sourceRoot":"","sources":["../../src/tools/rules.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAE1D,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,IAA4C;IAC/E,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC;IACxB,IAAI,KAAK,GAAG,YAAY,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAExE,IAAI,IAAI,CAAC,QAAQ;QAAE,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC3E,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,0BAA0B,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;YAC/F,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAqC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,MAAM,CAAC,CAAC;YAC7F,IAAI,MAAM;gBAAE,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACxE,CAAC;QAAC,MAAM,CAAC,CAAA,CAAC;IACZ,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;oBAC3H,KAAK,EAAE,KAAK,CAAC,MAAM;iBACpB,EAAE,IAAI,EAAE,CAAC,CAAC;aACZ,CAAC;KACH,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"update.d.ts","sourceRoot":"","sources":["../../src/tools/update.ts"],"names":[],"mappings":"AAGA,wBAAsB,iBAAiB,CAAC,IAAI,EAAE;IAAE,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE;;;;;GAqBtF"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
import { getConfig, saveConfig } from "../config/loader.js";
|
|
2
|
+
import { loadAllRules } from "../engine/rule-engine.js";
|
|
3
|
+
export async function handleUpdateRules(args) {
|
|
4
|
+
const cfg = getConfig();
|
|
5
|
+
const allRules = loadAllRules();
|
|
6
|
+
const constitutional = new Set(allRules.filter(r => r.enforcement === "constitutional").map(r => r.id));
|
|
7
|
+
if (args.disable?.some(id => constitutional.has(id))) {
|
|
8
|
+
return {
|
|
9
|
+
content: [{
|
|
10
|
+
type: "text",
|
|
11
|
+
text: JSON.stringify({ error: "Cannot disable constitutional rules", blocked: args.disable.filter(id => constitutional.has(id)) }),
|
|
12
|
+
}],
|
|
13
|
+
};
|
|
14
|
+
}
|
|
15
|
+
const active = new Set(cfg.active_rules);
|
|
16
|
+
if (args.enable)
|
|
17
|
+
args.enable.forEach(id => active.add(id));
|
|
18
|
+
if (args.disable)
|
|
19
|
+
args.disable.forEach(id => active.delete(id));
|
|
20
|
+
cfg.active_rules = [...active];
|
|
21
|
+
saveConfig(cfg);
|
|
22
|
+
return { content: [{ type: "text", text: JSON.stringify({ updated: true, active_count: cfg.active_rules.length }) }] };
|
|
23
|
+
}
|
|
24
|
+
//# sourceMappingURL=update.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"update.js","sourceRoot":"","sources":["../../src/tools/update.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,IAA+C;IACrF,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC;IACxB,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;IAChC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAExG,IAAI,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;QACrD,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,qCAAqC,EAAE,OAAO,EAAE,IAAI,CAAC,OAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;iBACpI,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACzC,IAAI,IAAI,CAAC,MAAM;QAAE,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3D,IAAI,IAAI,CAAC,OAAO;QAAE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAChE,GAAG,CAAC,YAAY,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC;IAC/B,UAAU,CAAC,GAAG,CAAC,CAAC;IAEhB,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;AAClI,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../src/tools/validate.ts"],"names":[],"mappings":"AAKA,wBAAsB,oBAAoB,CAAC,IAAI,EAAE;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE;;;;;GA0BpF"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import { evaluateAction } from "../engine/rule-engine.js";
|
|
2
|
+
import { getConfig } from "../config/loader.js";
|
|
3
|
+
import { getWarningCounts, recordWarning } from "../engine/session-state.js";
|
|
4
|
+
import { appendAudit } from "./audit.js";
|
|
5
|
+
export async function handleValidateAction(args) {
|
|
6
|
+
const cfg = getConfig();
|
|
7
|
+
const counts = getWarningCounts();
|
|
8
|
+
const result = evaluateAction(args.action, cfg, counts, args.context);
|
|
9
|
+
for (const w of result.warnings)
|
|
10
|
+
recordWarning(w.id);
|
|
11
|
+
const entry = {
|
|
12
|
+
timestamp: new Date().toISOString(),
|
|
13
|
+
type: result.allowed ? "pass" : "block",
|
|
14
|
+
action: args.action.slice(0, 200),
|
|
15
|
+
violations: result.violations.map(r => r.id),
|
|
16
|
+
warnings: result.warnings.map(r => r.id),
|
|
17
|
+
};
|
|
18
|
+
appendAudit(entry);
|
|
19
|
+
return {
|
|
20
|
+
content: [{
|
|
21
|
+
type: "text",
|
|
22
|
+
text: JSON.stringify({
|
|
23
|
+
allowed: result.allowed,
|
|
24
|
+
rule_violations: result.violations.map(r => ({ id: r.id, name: r.name, severity: r.severity })),
|
|
25
|
+
warnings: result.warnings.map(r => ({ id: r.id, name: r.name })),
|
|
26
|
+
}, null, 2),
|
|
27
|
+
}],
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
//# sourceMappingURL=validate.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate.js","sourceRoot":"","sources":["../../src/tools/validate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAChD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC7E,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAA0C;IACnF,MAAM,GAAG,GAAG,SAAS,EAAE,CAAC;IACxB,MAAM,MAAM,GAAG,gBAAgB,EAAE,CAAC;IAClC,MAAM,MAAM,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;IAEtE,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ;QAAE,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAErD,MAAM,KAAK,GAAG;QACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO;QACvC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;QACjC,UAAU,EAAE,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5C,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACzC,CAAC;IACF,WAAW,CAAC,KAAK,CAAC,CAAC;IAEnB,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,eAAe,EAAE,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;oBAC/F,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;iBACjE,EAAE,IAAI,EAAE,CAAC,CAAC;aACZ,CAAC;KACH,CAAC;AACJ,CAAC"}
|
package/package.json
ADDED
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@sunaiva/gate",
|
|
3
|
+
"version": "1.0.0",
|
|
4
|
+
"description": "Sunaiva Gate MCP — enforcement layer for AI agent rules. Stop documenting rules your agents ignore. Start enforcing them.",
|
|
5
|
+
"main": "dist/index.js",
|
|
6
|
+
"type": "module",
|
|
7
|
+
"bin": {
|
|
8
|
+
"sunaiva-gate": "dist/index.js"
|
|
9
|
+
},
|
|
10
|
+
"files": [
|
|
11
|
+
"dist/",
|
|
12
|
+
"README.md",
|
|
13
|
+
"package.json"
|
|
14
|
+
],
|
|
15
|
+
"scripts": {
|
|
16
|
+
"build": "tsc && node scripts/strip-patterns.js",
|
|
17
|
+
"start": "node dist/index.js",
|
|
18
|
+
"dev": "tsx src/index.ts",
|
|
19
|
+
"setup": "tsx src/setup.ts",
|
|
20
|
+
"prepublishOnly": "npm run build",
|
|
21
|
+
"test": "node --experimental-vm-modules node_modules/.bin/jest --passWithNoTests"
|
|
22
|
+
},
|
|
23
|
+
"keywords": [
|
|
24
|
+
"sunaiva",
|
|
25
|
+
"agent-validation",
|
|
26
|
+
"ai-safety",
|
|
27
|
+
"session-hooks"
|
|
28
|
+
],
|
|
29
|
+
"author": "Sunaiva Digital",
|
|
30
|
+
"license": "BUSL-1.1",
|
|
31
|
+
"repository": {
|
|
32
|
+
"type": "git",
|
|
33
|
+
"url": "https://github.com/Kinan27/sunaiva-gate.git"
|
|
34
|
+
},
|
|
35
|
+
"homepage": "https://sunaivadigital.com",
|
|
36
|
+
"engines": {
|
|
37
|
+
"node": ">=18.0.0"
|
|
38
|
+
},
|
|
39
|
+
"publishConfig": {
|
|
40
|
+
"access": "public"
|
|
41
|
+
},
|
|
42
|
+
"dependencies": {
|
|
43
|
+
"@modelcontextprotocol/sdk": "^1.12.1",
|
|
44
|
+
"zod": "^3.22.0"
|
|
45
|
+
},
|
|
46
|
+
"devDependencies": {
|
|
47
|
+
"@types/node": "^22.0.0",
|
|
48
|
+
"@types/jest": "^29.0.0",
|
|
49
|
+
"jest": "^29.0.0",
|
|
50
|
+
"ts-jest": "^29.0.0",
|
|
51
|
+
"tsx": "^4.0.0",
|
|
52
|
+
"typescript": "^5.0.0"
|
|
53
|
+
},
|
|
54
|
+
"jest": {
|
|
55
|
+
"preset": "ts-jest/presets/default-esm",
|
|
56
|
+
"extensionsToTreatAsEsm": [".ts"],
|
|
57
|
+
"moduleNameMapper": {
|
|
58
|
+
"^(\\.{1,2}/.*)\\.js$": "$1"
|
|
59
|
+
},
|
|
60
|
+
"testEnvironment": "node",
|
|
61
|
+
"transform": {
|
|
62
|
+
"^.+\\.tsx?$": ["ts-jest", { "useESM": true }]
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
}
|