npm - @trentapps/manager-protocol - Versions diffs - 1.1.2 → 1.2.0 - Mend

@trentapps/manager-protocol 1.1.2 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (150) hide show

package/README.md +29 -1
package/dist/analyzers/CSSAnalyzer.d.ts +188 -8
package/dist/analyzers/CSSAnalyzer.d.ts.map +1 -1
package/dist/analyzers/CSSAnalyzer.js +794 -192
package/dist/analyzers/CSSAnalyzer.js.map +1 -1
package/dist/cli.js +1 -1
package/dist/config/dashboard.d.ts +55 -0
package/dist/config/dashboard.d.ts.map +1 -0
package/dist/config/dashboard.js +103 -0
package/dist/config/dashboard.js.map +1 -0
package/dist/config/index.d.ts +7 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +7 -0
package/dist/config/index.js.map +1 -0
package/dist/dashboard/httpDashboard.d.ts +100 -0
package/dist/dashboard/httpDashboard.d.ts.map +1 -0
package/dist/dashboard/httpDashboard.js +1276 -0
package/dist/dashboard/httpDashboard.js.map +1 -0
package/dist/dashboard/index.d.ts +6 -0
package/dist/dashboard/index.d.ts.map +1 -0
package/dist/dashboard/index.js +7 -0
package/dist/dashboard/index.js.map +1 -0
package/dist/engine/AuditLogger.d.ts +370 -2
package/dist/engine/AuditLogger.d.ts.map +1 -1
package/dist/engine/AuditLogger.js +1067 -24
package/dist/engine/AuditLogger.js.map +1 -1
package/dist/engine/GitHubApprovalManager.d.ts +13 -0
package/dist/engine/GitHubApprovalManager.d.ts.map +1 -1
package/dist/engine/GitHubApprovalManager.js +72 -46
package/dist/engine/GitHubApprovalManager.js.map +1 -1
package/dist/engine/GitHubClient.d.ts +183 -0
package/dist/engine/GitHubClient.d.ts.map +1 -0
package/dist/engine/GitHubClient.js +411 -0
package/dist/engine/GitHubClient.js.map +1 -0
package/dist/engine/RateLimiter.d.ts +5 -3
package/dist/engine/RateLimiter.d.ts.map +1 -1
package/dist/engine/RateLimiter.js +53 -70
package/dist/engine/RateLimiter.js.map +1 -1
package/dist/engine/RuleDependencyAnalyzer.d.ts +73 -0
package/dist/engine/RuleDependencyAnalyzer.d.ts.map +1 -0
package/dist/engine/RuleDependencyAnalyzer.js +475 -0
package/dist/engine/RuleDependencyAnalyzer.js.map +1 -0
package/dist/engine/RulesEngine.d.ts +102 -3
package/dist/engine/RulesEngine.d.ts.map +1 -1
package/dist/engine/RulesEngine.js +326 -21
package/dist/engine/RulesEngine.js.map +1 -1
package/dist/engine/TaskManager.d.ts +11 -10
package/dist/engine/TaskManager.d.ts.map +1 -1
package/dist/engine/TaskManager.js +180 -195
package/dist/engine/TaskManager.js.map +1 -1
package/dist/engine/index.d.ts +3 -0
package/dist/engine/index.d.ts.map +1 -1
package/dist/engine/index.js +5 -0
package/dist/engine/index.js.map +1 -1
package/dist/rules/azure.d.ts.map +1 -1
package/dist/rules/azure.js +12 -14
package/dist/rules/azure.js.map +1 -1
package/dist/rules/compliance.d.ts.map +1 -1
package/dist/rules/compliance.js +23 -41
package/dist/rules/compliance.js.map +1 -1
package/dist/rules/condition-optimizer.d.ts +151 -0
package/dist/rules/condition-optimizer.d.ts.map +1 -0
package/dist/rules/condition-optimizer.js +479 -0
package/dist/rules/condition-optimizer.js.map +1 -0
package/dist/rules/css.d.ts.map +1 -1
package/dist/rules/css.js +538 -0
package/dist/rules/css.js.map +1 -1
package/dist/rules/field-standards.d.ts +1172 -0
package/dist/rules/field-standards.d.ts.map +1 -0
package/dist/rules/field-standards.js +908 -0
package/dist/rules/field-standards.js.map +1 -0
package/dist/rules/flask.d.ts.map +1 -1
package/dist/rules/flask.js +18 -31
package/dist/rules/flask.js.map +1 -1
package/dist/rules/index.d.ts +220 -0
package/dist/rules/index.d.ts.map +1 -1
package/dist/rules/index.js +155 -0
package/dist/rules/index.js.map +1 -1
package/dist/rules/ml-ai.d.ts.map +1 -1
package/dist/rules/ml-ai.js +11 -13
package/dist/rules/ml-ai.js.map +1 -1
package/dist/rules/patterns.d.ts +568 -0
package/dist/rules/patterns.d.ts.map +1 -0
package/dist/rules/patterns.js +1359 -0
package/dist/rules/patterns.js.map +1 -0
package/dist/rules/security.d.ts.map +1 -1
package/dist/rules/security.js +580 -19
package/dist/rules/security.js.map +1 -1
package/dist/rules/shared-patterns.d.ts +268 -0
package/dist/rules/shared-patterns.d.ts.map +1 -0
package/dist/rules/shared-patterns.js +556 -0
package/dist/rules/shared-patterns.js.map +1 -0
package/dist/rules/storage.d.ts +8 -2
package/dist/rules/storage.d.ts.map +1 -1
package/dist/rules/storage.js +541 -3
package/dist/rules/storage.js.map +1 -1
package/dist/rules/stripe.d.ts.map +1 -1
package/dist/rules/stripe.js +19 -26
package/dist/rules/stripe.js.map +1 -1
package/dist/rules/websocket.d.ts.map +1 -1
package/dist/rules/websocket.js +32 -40
package/dist/rules/websocket.js.map +1 -1
package/dist/server.d.ts.map +1 -1
package/dist/server.js +96 -17
package/dist/server.js.map +1 -1
package/dist/supervisor/AgentSupervisor.d.ts +52 -0
package/dist/supervisor/AgentSupervisor.d.ts.map +1 -1
package/dist/supervisor/AgentSupervisor.js +120 -1
package/dist/supervisor/AgentSupervisor.js.map +1 -1
package/dist/supervisor/ManagedServerRegistry.d.ts +139 -2
package/dist/supervisor/ManagedServerRegistry.d.ts.map +1 -1
package/dist/supervisor/ManagedServerRegistry.js +590 -6
package/dist/supervisor/ManagedServerRegistry.js.map +1 -1
package/dist/supervisor/ProjectTracker.d.ts +24 -2
package/dist/supervisor/ProjectTracker.d.ts.map +1 -1
package/dist/supervisor/ProjectTracker.js +151 -59
package/dist/supervisor/ProjectTracker.js.map +1 -1
package/dist/testing/index.d.ts +11 -0
package/dist/testing/index.d.ts.map +1 -0
package/dist/testing/index.js +12 -0
package/dist/testing/index.js.map +1 -0
package/dist/testing/rule-tester.d.ts +217 -0
package/dist/testing/rule-tester.d.ts.map +1 -0
package/dist/testing/rule-tester.examples.d.ts +57 -0
package/dist/testing/rule-tester.examples.d.ts.map +1 -0
package/dist/testing/rule-tester.examples.js +375 -0
package/dist/testing/rule-tester.examples.js.map +1 -0
package/dist/testing/rule-tester.js +381 -0
package/dist/testing/rule-tester.js.map +1 -0
package/dist/testing/rule-validator.d.ts +141 -0
package/dist/testing/rule-validator.d.ts.map +1 -0
package/dist/testing/rule-validator.js +640 -0
package/dist/testing/rule-validator.js.map +1 -0
package/dist/types/index.d.ts +265 -4
package/dist/types/index.d.ts.map +1 -1
package/dist/types/index.js +57 -2
package/dist/types/index.js.map +1 -1
package/dist/utils/index.d.ts +2 -0
package/dist/utils/index.d.ts.map +1 -1
package/dist/utils/index.js +2 -0
package/dist/utils/index.js.map +1 -1
package/dist/utils/rate-limiting.d.ts +268 -0
package/dist/utils/rate-limiting.d.ts.map +1 -0
package/dist/utils/rate-limiting.js +403 -0
package/dist/utils/rate-limiting.js.map +1 -0
package/dist/utils/shared.d.ts +306 -0
package/dist/utils/shared.d.ts.map +1 -0
package/dist/utils/shared.js +464 -0
package/dist/utils/shared.js.map +1 -0
package/package.json +2 -1

package/dist/rules/patterns.d.ts ADDED Viewed

@@ -0,0 +1,568 @@
+/**
+ * Enterprise Agent Supervisor - Rule Pattern Builders
+ *
+ * Reusable pattern builders for creating common governance rules.
+ * These builders provide sensible defaults while allowing full customization.
+ *
+ * Task #31: Create Shared Library for Common Rule Patterns
+ */
+import type { BusinessRule, RuleCondition, RuleAction, BusinessRuleType, ActionCategory } from '../types/index.js';
+/**
+ * Base options shared by all rule pattern builders
+ */
+export interface BaseRuleOptions {
+    /** Unique rule ID (required) */
+    id: string;
+    /** Human-readable rule name (required) */
+    name: string;
+    /** Rule description */
+    description?: string;
+    /** Whether rule is enabled (default: true) */
+    enabled?: boolean;
+    /** Rule priority 0-1000 (higher = evaluated first) */
+    priority?: number;
+    /** Risk weight 0-100 for risk score calculation */
+    riskWeight?: number;
+    /** Tags for categorization and filtering */
+    tags?: string[];
+    /** Additional conditions to add */
+    additionalConditions?: RuleCondition[];
+    /** Override default actions */
+    overrideActions?: RuleAction[];
+    /** Additional actions to append */
+    additionalActions?: RuleAction[];
+    /** Condition logic: 'all' (AND) or 'any' (OR) */
+    conditionLogic?: 'all' | 'any';
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Options for authentication rules
+ */
+export interface AuthenticationRuleOptions extends BaseRuleOptions {
+    /** Action categories requiring authentication (default: ['external_api']) */
+    categories?: ActionCategory[];
+    /** Field to check for auth token (default: 'authToken') */
+    authTokenField?: string;
+    /** Require specific auth types (e.g., 'bearer', 'api_key', 'oauth') */
+    requiredAuthTypes?: string[];
+    /** Allow unauthenticated in specific environments */
+    allowUnauthenticatedIn?: ('development' | 'staging' | 'production')[];
+    /** Action on failure: 'deny' | 'require_approval' | 'warn' */
+    failureAction?: 'deny' | 'require_approval' | 'warn';
+    /** Custom failure message */
+    failureMessage?: string;
+}
+/**
+ * Options for data access rules
+ */
+export interface DataAccessRuleOptions extends BaseRuleOptions {
+    /** Data classification levels that trigger the rule */
+    dataClassifications?: ('public' | 'internal' | 'confidential' | 'restricted')[];
+    /** Data types that trigger the rule (e.g., 'pii', 'phi', 'cardholder') */
+    dataTypes?: string[];
+    /** Roles allowed to access (if empty, all roles blocked) */
+    allowedRoles?: string[];
+    /** Require justification for access */
+    requireJustification?: boolean;
+    /** Maximum record count before approval required */
+    bulkThreshold?: number;
+    /** Require encryption for access */
+    requireEncryption?: boolean;
+    /** Action on unauthorized access: 'deny' | 'require_approval' | 'warn' */
+    unauthorizedAction?: 'deny' | 'require_approval' | 'warn';
+    /** Custom message for unauthorized access */
+    unauthorizedMessage?: string;
+}
+/**
+ * Options for rate limit rules
+ */
+export interface RateLimitRuleOptions extends BaseRuleOptions {
+    /** Action categories to rate limit */
+    categories?: ActionCategory[];
+    /** Action names to rate limit (partial match) */
+    actionNames?: string[];
+    /** Maximum requests in window */
+    maxRequests: number;
+    /** Window duration in milliseconds */
+    windowMs: number;
+    /** Burst limit (temporary spike allowance) */
+    burstLimit?: number;
+    /** Scope: 'global' | 'agent' | 'session' | 'user' */
+    scope?: 'global' | 'agent' | 'session' | 'user';
+    /** Custom rate limit exceeded message */
+    rateLimitMessage?: string;
+}
+/**
+ * Options for compliance rules
+ */
+export interface ComplianceRuleOptions extends BaseRuleOptions {
+    /** Require data retention check */
+    checkRetention?: boolean;
+    /** Require consent verification */
+    checkConsent?: boolean;
+    /** Require geographic restrictions */
+    allowedRegions?: string[];
+    /** Require audit logging */
+    requireAuditLog?: boolean;
+    /** Require encryption */
+    requireEncryption?: boolean;
+    /** Data types covered */
+    dataTypes?: string[];
+    /** Specific compliance requirements */
+    requirements?: {
+        /** Require identity verification */
+        identityVerification?: boolean;
+        /** Require business justification */
+        businessJustification?: boolean;
+        /** Require dual approval */
+        dualApproval?: boolean;
+        /** Minimum data fields allowed */
+        minimumNecessary?: number;
+    };
+}
+/**
+ * Options for environment-specific rules
+ */
+export interface EnvironmentRuleOptions extends BaseRuleOptions {
+    /** Target environments */
+    environments: ('development' | 'staging' | 'production')[];
+    /** Action categories affected */
+    categories?: ActionCategory[];
+    /** Action names affected (partial match) */
+    actionNames?: string[];
+    /** Require approval in target environments */
+    requireApproval?: boolean;
+    /** Block entirely in target environments */
+    blockInEnvironments?: boolean;
+    /** Require feature flag */
+    requireFeatureFlag?: boolean;
+    /** Require rollback plan */
+    requireRollbackPlan?: boolean;
+    /** Custom message */
+    message?: string;
+}
+/**
+ * Options for security rules
+ */
+export interface SecurityRuleOptions extends BaseRuleOptions {
+    /** Pattern type to detect */
+    patternType?: 'sql_injection' | 'command_injection' | 'xss' | 'path_traversal' | 'custom';
+    /** Custom regex pattern for detection */
+    customPattern?: string;
+    /** Field to check for pattern */
+    patternField?: string;
+    /** Require sandboxing */
+    requireSandbox?: boolean;
+    /** Require code validation */
+    requireCodeValidation?: boolean;
+    /** Block system file access */
+    blockSystemFiles?: boolean;
+    /** System file paths pattern */
+    systemFilesPattern?: string;
+    /** Action on detection: 'deny' | 'require_approval' | 'warn' */
+    detectionAction?: 'deny' | 'require_approval' | 'warn';
+    /** Send security notification */
+    sendNotification?: boolean;
+}
+/**
+ * Options for operational rules
+ */
+export interface OperationalRuleOptions extends BaseRuleOptions {
+    /** Cost threshold for approval */
+    costThreshold?: number;
+    /** Memory threshold (MB) for warning */
+    memoryThreshold?: number;
+    /** Token count threshold for LLM operations */
+    tokenThreshold?: number;
+    /** Daily budget limit */
+    dailyBudget?: number;
+    /** Retry limit */
+    maxRetries?: number;
+    /** Session action limit */
+    sessionActionLimit?: number;
+    /** Require backup verification for destructive ops */
+    requireBackupVerification?: boolean;
+    /** Enforce deployment windows */
+    enforceDeploymentWindow?: boolean;
+}
+/**
+ * Generate a unique rule ID with prefix
+ */
+export declare function generateRuleId(prefix: string, suffix?: string): string;
+/**
+ * Create an authentication rule
+ *
+ * @example
+ * ```typescript
+ * const apiAuthRule = createAuthenticationRule({
+ *   id: 'auth-api-001',
+ *   name: 'Require API Authentication',
+ *   categories: ['external_api', 'data_access'],
+ *   requiredAuthTypes: ['bearer', 'api_key'],
+ *   failureAction: 'deny'
+ * });
+ * ```
+ */
+export declare function createAuthenticationRule(options: AuthenticationRuleOptions): BusinessRule;
+/**
+ * Create a data access rule
+ *
+ * @example
+ * ```typescript
+ * const piiAccessRule = createDataAccessRule({
+ *   id: 'data-pii-001',
+ *   name: 'Restrict PII Access',
+ *   dataTypes: ['pii', 'ssn', 'email'],
+ *   allowedRoles: ['admin', 'data_officer'],
+ *   requireJustification: true,
+ *   bulkThreshold: 100
+ * });
+ * ```
+ */
+export declare function createDataAccessRule(options: DataAccessRuleOptions): BusinessRule;
+/**
+ * Create a bulk data access rule (separate from basic data access)
+ *
+ * @example
+ * ```typescript
+ * const bulkExportRule = createBulkDataAccessRule({
+ *   id: 'data-bulk-001',
+ *   name: 'Bulk Export Approval',
+ *   bulkThreshold: 1000,
+ *   requireApproval: true
+ * });
+ * ```
+ */
+export declare function createBulkDataAccessRule(options: DataAccessRuleOptions & {
+    bulkThreshold: number;
+}): BusinessRule;
+/**
+ * Create a rate limit rule
+ *
+ * @example
+ * ```typescript
+ * const apiRateLimitRule = createRateLimitRule({
+ *   id: 'rate-api-001',
+ *   name: 'API Rate Limit',
+ *   categories: ['external_api'],
+ *   maxRequests: 100,
+ *   windowMs: 60000,
+ *   scope: 'agent'
+ * });
+ * ```
+ */
+export declare function createRateLimitRule(options: RateLimitRuleOptions): BusinessRule;
+/**
+ * Compliance framework definitions
+ */
+export declare const COMPLIANCE_FRAMEWORKS: {
+    readonly gdpr: {
+        readonly name: "GDPR";
+        readonly fullName: "General Data Protection Regulation";
+        readonly tags: readonly ["gdpr", "privacy", "eu"];
+        readonly defaultPriority: 920;
+        readonly defaultRiskWeight: 45;
+    };
+    readonly hipaa: {
+        readonly name: "HIPAA";
+        readonly fullName: "Health Insurance Portability and Accountability Act";
+        readonly tags: readonly ["hipaa", "phi", "healthcare"];
+        readonly defaultPriority: 950;
+        readonly defaultRiskWeight: 55;
+    };
+    readonly 'pci-dss': {
+        readonly name: "PCI-DSS";
+        readonly fullName: "Payment Card Industry Data Security Standard";
+        readonly tags: readonly ["pci-dss", "cardholder-data", "financial"];
+        readonly defaultPriority: 970;
+        readonly defaultRiskWeight: 60;
+    };
+    readonly sox: {
+        readonly name: "SOX";
+        readonly fullName: "Sarbanes-Oxley Act";
+        readonly tags: readonly ["sox", "financial", "audit"];
+        readonly defaultPriority: 940;
+        readonly defaultRiskWeight: 50;
+    };
+    readonly soc2: {
+        readonly name: "SOC2";
+        readonly fullName: "Service Organization Control 2";
+        readonly tags: readonly ["soc2", "security", "trust"];
+        readonly defaultPriority: 900;
+        readonly defaultRiskWeight: 40;
+    };
+    readonly ccpa: {
+        readonly name: "CCPA";
+        readonly fullName: "California Consumer Privacy Act";
+        readonly tags: readonly ["ccpa", "privacy", "california"];
+        readonly defaultPriority: 910;
+        readonly defaultRiskWeight: 40;
+    };
+};
+export type ComplianceFramework = keyof typeof COMPLIANCE_FRAMEWORKS;
+/**
+ * Create a compliance rule for a specific framework
+ *
+ * @example
+ * ```typescript
+ * const gdprConsentRule = createComplianceRule('gdpr', {
+ *   id: 'gdpr-consent-001',
+ *   name: 'GDPR Consent Verification',
+ *   checkConsent: true,
+ *   dataTypes: ['pii', 'email', 'name']
+ * });
+ *
+ * const hipaaPhiRule = createComplianceRule('hipaa', {
+ *   id: 'hipaa-phi-001',
+ *   name: 'HIPAA PHI Protection',
+ *   dataTypes: ['phi'],
+ *   requireEncryption: true,
+ *   requirements: { minimumNecessary: 10 }
+ * });
+ * ```
+ */
+export declare function createComplianceRule(framework: ComplianceFramework, options: ComplianceRuleOptions): BusinessRule;
+/**
+ * Create an environment-specific rule
+ *
+ * @example
+ * ```typescript
+ * const prodDeployRule = createEnvironmentRule('production', {
+ *   id: 'env-prod-001',
+ *   name: 'Production Deployment Control',
+ *   environments: ['production'],
+ *   actionNames: ['deploy', 'release'],
+ *   requireApproval: true,
+ *   requireRollbackPlan: true
+ * });
+ *
+ * const devRelaxedRule = createEnvironmentRule('development', {
+ *   id: 'env-dev-001',
+ *   name: 'Development Mode - Relaxed',
+ *   environments: ['development'],
+ *   categories: ['code_execution'],
+ *   blockInEnvironments: false,
+ *   message: 'Development mode - operation allowed'
+ * });
+ * ```
+ */
+export declare function createEnvironmentRule(targetEnv: 'development' | 'staging' | 'production' | 'all', options: EnvironmentRuleOptions): BusinessRule;
+/**
+ * Injection pattern definitions
+ */
+export declare const INJECTION_PATTERNS: {
+    readonly sql_injection: {
+        readonly pattern: "(\\b(SELECT|INSERT|UPDATE|DELETE|DROP|UNION|OR|AND)\\b.*['\";])|(--)|(\\*/)|(/\\*)";
+        readonly description: "SQL injection detection";
+        readonly tags: readonly ["sql-injection", "owasp"];
+    };
+    readonly command_injection: {
+        readonly pattern: "([;&|`$]|\\$\\(|\\{\\{)";
+        readonly description: "Command injection detection";
+        readonly tags: readonly ["command-injection", "owasp"];
+    };
+    readonly xss: {
+        readonly pattern: "(<script|javascript:|on\\w+\\s*=|<img.*onerror)";
+        readonly description: "Cross-site scripting detection";
+        readonly tags: readonly ["xss", "owasp"];
+    };
+    readonly path_traversal: {
+        readonly pattern: "(\\.\\./|\\.\\.\\\\|%2e%2e%2f|%252e%252e%252f)";
+        readonly description: "Path traversal detection";
+        readonly tags: readonly ["path-traversal", "owasp"];
+    };
+};
+/**
+ * Create a security rule
+ *
+ * @example
+ * ```typescript
+ * const sqlInjectionRule = createSecurityRule({
+ *   id: 'sec-sql-001',
+ *   name: 'SQL Injection Prevention',
+ *   patternType: 'sql_injection',
+ *   patternField: 'query',
+ *   detectionAction: 'deny',
+ *   sendNotification: true
+ * });
+ *
+ * const sandboxRule = createSecurityRule({
+ *   id: 'sec-sandbox-001',
+ *   name: 'Require Sandbox for Code',
+ *   requireSandbox: true,
+ *   detectionAction: 'deny'
+ * });
+ * ```
+ */
+export declare function createSecurityRule(options: SecurityRuleOptions): BusinessRule;
+/**
+ * Create an operational rule
+ *
+ * @example
+ * ```typescript
+ * const costControlRule = createOperationalRule({
+ *   id: 'ops-cost-001',
+ *   name: 'API Cost Control',
+ *   costThreshold: 50,
+ *   categories: ['external_api']
+ * });
+ *
+ * const resourceLimitRule = createOperationalRule({
+ *   id: 'ops-resource-001',
+ *   name: 'Memory Usage Warning',
+ *   memoryThreshold: 1024,
+ *   tokenThreshold: 100000
+ * });
+ * ```
+ */
+export declare function createOperationalRule(options: OperationalRuleOptions): BusinessRule;
+/**
+ * Create a simple deny rule
+ */
+export declare function createDenyRule(options: {
+    id: string;
+    name: string;
+    conditions: RuleCondition[];
+    message: string;
+    priority?: number;
+    riskWeight?: number;
+    tags?: string[];
+    type?: BusinessRuleType;
+}): BusinessRule;
+/**
+ * Create a simple approval rule
+ */
+export declare function createApprovalRule(options: {
+    id: string;
+    name: string;
+    conditions: RuleCondition[];
+    message: string;
+    priority?: number;
+    riskWeight?: number;
+    tags?: string[];
+    type?: BusinessRuleType;
+}): BusinessRule;
+/**
+ * Create a simple warning rule
+ */
+export declare function createWarningRule(options: {
+    id: string;
+    name: string;
+    conditions: RuleCondition[];
+    message: string;
+    priority?: number;
+    riskWeight?: number;
+    tags?: string[];
+    type?: BusinessRuleType;
+}): BusinessRule;
+/**
+ * Create an audit-only rule (logs without blocking)
+ */
+export declare function createAuditRule(options: {
+    id: string;
+    name: string;
+    conditions: RuleCondition[];
+    priority?: number;
+    tags?: string[];
+}): BusinessRule;
+/**
+ * Create a complete rule set for a compliance framework
+ */
+export declare function createComplianceRuleSet(framework: ComplianceFramework, baseId: string, options?: {
+    enabled?: boolean;
+    priorityOffset?: number;
+}): BusinessRule[];
+/**
+ * Create a complete security rule set
+ */
+export declare function createSecurityRuleSet(baseId: string, options?: {
+    enabled?: boolean;
+    includeInjectionPrevention?: boolean;
+    includeSandboxing?: boolean;
+    includeSystemFileProtection?: boolean;
+}): BusinessRule[];
+declare const _default: {
+    createAuthenticationRule: typeof createAuthenticationRule;
+    createDataAccessRule: typeof createDataAccessRule;
+    createBulkDataAccessRule: typeof createBulkDataAccessRule;
+    createRateLimitRule: typeof createRateLimitRule;
+    createComplianceRule: typeof createComplianceRule;
+    createEnvironmentRule: typeof createEnvironmentRule;
+    createSecurityRule: typeof createSecurityRule;
+    createOperationalRule: typeof createOperationalRule;
+    createDenyRule: typeof createDenyRule;
+    createApprovalRule: typeof createApprovalRule;
+    createWarningRule: typeof createWarningRule;
+    createAuditRule: typeof createAuditRule;
+    createComplianceRuleSet: typeof createComplianceRuleSet;
+    createSecurityRuleSet: typeof createSecurityRuleSet;
+    COMPLIANCE_FRAMEWORKS: {
+        readonly gdpr: {
+            readonly name: "GDPR";
+            readonly fullName: "General Data Protection Regulation";
+            readonly tags: readonly ["gdpr", "privacy", "eu"];
+            readonly defaultPriority: 920;
+            readonly defaultRiskWeight: 45;
+        };
+        readonly hipaa: {
+            readonly name: "HIPAA";
+            readonly fullName: "Health Insurance Portability and Accountability Act";
+            readonly tags: readonly ["hipaa", "phi", "healthcare"];
+            readonly defaultPriority: 950;
+            readonly defaultRiskWeight: 55;
+        };
+        readonly 'pci-dss': {
+            readonly name: "PCI-DSS";
+            readonly fullName: "Payment Card Industry Data Security Standard";
+            readonly tags: readonly ["pci-dss", "cardholder-data", "financial"];
+            readonly defaultPriority: 970;
+            readonly defaultRiskWeight: 60;
+        };
+        readonly sox: {
+            readonly name: "SOX";
+            readonly fullName: "Sarbanes-Oxley Act";
+            readonly tags: readonly ["sox", "financial", "audit"];
+            readonly defaultPriority: 940;
+            readonly defaultRiskWeight: 50;
+        };
+        readonly soc2: {
+            readonly name: "SOC2";
+            readonly fullName: "Service Organization Control 2";
+            readonly tags: readonly ["soc2", "security", "trust"];
+            readonly defaultPriority: 900;
+            readonly defaultRiskWeight: 40;
+        };
+        readonly ccpa: {
+            readonly name: "CCPA";
+            readonly fullName: "California Consumer Privacy Act";
+            readonly tags: readonly ["ccpa", "privacy", "california"];
+            readonly defaultPriority: 910;
+            readonly defaultRiskWeight: 40;
+        };
+    };
+    INJECTION_PATTERNS: {
+        readonly sql_injection: {
+            readonly pattern: "(\\b(SELECT|INSERT|UPDATE|DELETE|DROP|UNION|OR|AND)\\b.*['\";])|(--)|(\\*/)|(/\\*)";
+            readonly description: "SQL injection detection";
+            readonly tags: readonly ["sql-injection", "owasp"];
+        };
+        readonly command_injection: {
+            readonly pattern: "([;&|`$]|\\$\\(|\\{\\{)";
+            readonly description: "Command injection detection";
+            readonly tags: readonly ["command-injection", "owasp"];
+        };
+        readonly xss: {
+            readonly pattern: "(<script|javascript:|on\\w+\\s*=|<img.*onerror)";
+            readonly description: "Cross-site scripting detection";
+            readonly tags: readonly ["xss", "owasp"];
+        };
+        readonly path_traversal: {
+            readonly pattern: "(\\.\\./|\\.\\.\\\\|%2e%2e%2f|%252e%252e%252f)";
+            readonly description: "Path traversal detection";
+            readonly tags: readonly ["path-traversal", "owasp"];
+        };
+    };
+};
+export default _default;
+//# sourceMappingURL=patterns.d.ts.map

package/dist/rules/patterns.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/rules/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAMnH;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,0CAA0C;IAC1C,IAAI,EAAE,MAAM,CAAC;IACb,uBAAuB;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,8CAA8C;IAC9C,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,sDAAsD;IACtD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,mDAAmD;IACnD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,4CAA4C;IAC5C,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,mCAAmC;IACnC,oBAAoB,CAAC,EAAE,aAAa,EAAE,CAAC;IACvC,+BAA+B;IAC/B,eAAe,CAAC,EAAE,UAAU,EAAE,CAAC;IAC/B,mCAAmC;IACnC,iBAAiB,CAAC,EAAE,UAAU,EAAE,CAAC;IACjC,iDAAiD;IACjD,cAAc,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC;IAC/B,0BAA0B;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,yBAA0B,SAAQ,eAAe;IAChE,6EAA6E;IAC7E,UAAU,CAAC,EAAE,cAAc,EAAE,CAAC;IAC9B,2DAA2D;IAC3D,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,uEAAuE;IACvE,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,qDAAqD;IACrD,sBAAsB,CAAC,EAAE,CAAC,aAAa,GAAG,SAAS,GAAG,YAAY,CAAC,EAAE,CAAC;IACtE,8DAA8D;IAC9D,aAAa,CAAC,EAAE,MAAM,GAAG,kBAAkB,GAAG,MAAM,CAAC;IACrD,6BAA6B;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAsB,SAAQ,eAAe;IAC5D,uDAAuD;IACvD,mBAAmB,CAAC,EAAE,CAAC,QAAQ,GAAG,UAAU,GAAG,cAAc,GAAG,YAAY,CAAC,EAAE,CAAC;IAChF,0EAA0E;IAC1E,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,4DAA4D;IAC5D,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,uCAAuC;IACvC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,oDAAoD;IACpD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,oCAAoC;IACpC,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,0EAA0E;IAC1E,kBAAkB,CAAC,EAAE,MAAM,GAAG,kBAAkB,GAAG,MAAM,CAAC;IAC1D,6CAA6C;IAC7C,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAqB,SAAQ,eAAe;IAC3D,sCAAsC;IACtC,UAAU,CAAC,EAAE,cAAc,EAAE,CAAC;IAC9B,iDAAiD;IACjD,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,sCAAsC;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C;IAC9C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,qDAAqD;IACrD,KAAK,CAAC,EAAE,QAAQ,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;IAChD,yCAAyC;IACzC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAsB,SAAQ,eAAe;IAC5D,mCAAmC;IACnC,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,mCAAmC;IACnC,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,sCAAsC;IACtC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,4BAA4B;IAC5B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,yBAAyB;IACzB,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,yBAAyB;IACzB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,uCAAuC;IACvC,YAAY,CAAC,EAAE;QACb,oCAAoC;QACpC,oBAAoB,CAAC,EAAE,OAAO,CAAC;QAC/B,qCAAqC;QACrC,qBAAqB,CAAC,EAAE,OAAO,CAAC;QAChC,4BAA4B;QAC5B,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,kCAAkC;QAClC,gBAAgB,CAAC,EAAE,MAAM,CAAC;KAC3B,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,sBAAuB,SAAQ,eAAe;IAC7D,0BAA0B;IAC1B,YAAY,EAAE,CAAC,aAAa,GAAG,SAAS,GAAG,YAAY,CAAC,EAAE,CAAC;IAC3D,iCAAiC;IACjC,UAAU,CAAC,EAAE,cAAc,EAAE,CAAC;IAC9B,4CAA4C;IAC5C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,8CAA8C;IAC9C,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,4CAA4C;IAC5C,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,2BAA2B;IAC3B,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,4BAA4B;IAC5B,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,qBAAqB;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAoB,SAAQ,eAAe;IAC1D,6BAA6B;IAC7B,WAAW,CAAC,EAAE,eAAe,GAAG,mBAAmB,GAAG,KAAK,GAAG,gBAAgB,GAAG,QAAQ,CAAC;IAC1F,yCAAyC;IACzC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,iCAAiC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,yBAAyB;IACzB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,8BAA8B;IAC9B,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,+BAA+B;IAC/B,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,gCAAgC;IAChC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,gEAAgE;IAChE,eAAe,CAAC,EAAE,MAAM,GAAG,kBAAkB,GAAG,MAAM,CAAC;IACvD,iCAAiC;IACjC,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,sBAAuB,SAAQ,eAAe;IAC7D,kCAAkC;IAClC,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,wCAAwC;IACxC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,+CAA+C;IAC/C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,yBAAyB;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,kBAAkB;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,2BAA2B;IAC3B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,sDAAsD;IACtD,yBAAyB,CAAC,EAAE,OAAO,CAAC;IACpC,iCAAiC;IACjC,uBAAuB,CAAC,EAAE,OAAO,CAAC;CACnC;AAMD;;GAEG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,CAGtE;AA8BD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,yBAAyB,GAAG,YAAY,CAmFzF;AAMD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,qBAAqB,GAAG,YAAY,CAkHjF;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,qBAAqB,GAAG;IAAE,aAAa,EAAE,MAAM,CAAA;CAAE,GAAG,YAAY,CAqDjH;AAMD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,oBAAoB,GAAG,YAAY,CAoF/E;AAMD;;GAEG;AACH,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2CxB,CAAC;AAEX,MAAM,MAAM,mBAAmB,GAAG,MAAM,OAAO,qBAAqB,CAAC;AAErE;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,oBAAoB,CAClC,SAAS,EAAE,mBAAmB,EAC9B,OAAO,EAAE,qBAAqB,GAC7B,YAAY,CA+Ld;AAMD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,qBAAqB,CACnC,SAAS,EAAE,aAAa,GAAG,SAAS,GAAG,YAAY,GAAG,KAAK,EAC3D,OAAO,EAAE,sBAAsB,GAC9B,YAAY,CAoJd;AAMD;;GAEG;AACH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;CAqBrB,CAAC;AAEX;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,mBAAmB,GAAG,YAAY,CA2K7E;AAMD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,sBAAsB,GAAG,YAAY,CAwMnF;AAMD;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE;IACtC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,gBAAgB,CAAC;CACzB,GAAG,YAAY,CAkBf;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE;IAC1C,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,gBAAgB,CAAC;CACzB,GAAG,YAAY,CAkBf;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE;IACzC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,gBAAgB,CAAC;CACzB,GAAG,YAAY,CAiBf;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB,GAAG,YAAY,CAkBf;AAMD;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,SAAS,EAAE,mBAAmB,EAC9B,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE;IACR,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB,GACA,YAAY,EAAE,CAwHhB;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;IAC9D,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,0BAA0B,CAAC,EAAE,OAAO,CAAC;IACrC,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,2BAA2B,CAAC,EAAE,OAAO,CAAC;CACvC,GAAG,YAAY,EAAE,CAoEjB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAED,wBAwBE"}