@turingpulse/sdk 1.0.1

package/.github/workflows/security.yml

@@ -0,0 +1,336 @@
+# Security Scanning Workflow for TypeScript/React Projects
+# Add to: TP-portal, TP-admin-portal, TP-website, TP-sdk-typescript
+name: Security Scan
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+  schedule:
+    # Run weekly on Monday at 9 AM UTC
+    - cron: '0 9 * * 1'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  security-events: write
+  actions: read
+
+jobs:
+  # Dependency vulnerability scanning (CVE check)
+  dependency-scan:
+    name: Dependency CVE Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+
+      - name: Run npm audit (CVE scan)
+        continue-on-error: true
+        run: |
+          npm audit --json > npm-audit-report.json || true
+          npm audit --audit-level=moderate || true
+
+      - name: Run Snyk vulnerability scan
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        run: |
+          if [ -n "$SNYK_TOKEN" ]; then
+            npx snyk test --json > snyk-report.json || true
+            npx snyk test || true
+          else
+            echo "SNYK_TOKEN not set, skipping Snyk scan"
+          fi
+
+      - name: Upload vulnerability reports
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: dependency-vulnerability-reports
+          path: |
+            npm-audit-report.json
+            snyk-report.json
+          retention-days: 30
+
+  # Static Application Security Testing (SAST)
+  sast-scan:
+    name: SAST Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Install ESLint security plugins
+        run: |
+          npm install -g eslint @eslint/js eslint-plugin-security eslint-plugin-no-secrets
+
+      - name: Run ESLint security scan
+        continue-on-error: true
+        run: |
+          npx eslint . --ext .js,.jsx,.ts,.tsx --format json --output-file eslint-security-report.json \
+            --plugin security --plugin no-secrets \
+            --rule 'security/detect-object-injection: warn' \
+            --rule 'security/detect-non-literal-regexp: warn' \
+            --rule 'security/detect-unsafe-regex: warn' \
+            --rule 'security/detect-buffer-noassert: warn' \
+            --rule 'security/detect-eval-with-expression: error' \
+            --rule 'security/detect-no-csrf-before-method-override: warn' \
+            --rule 'security/detect-possible-timing-attacks: warn' \
+            --rule 'no-secrets/no-secrets: warn' || true
+
+      - name: Run Semgrep
+        continue-on-error: true
+        run: |
+          pip install semgrep
+          semgrep --config=auto --config=p/typescript --json --output=semgrep-report.json . || true
+          semgrep --config=auto --config=p/typescript . || true
+
+      - name: Upload SAST reports
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: sast-reports
+          path: |
+            eslint-security-report.json
+            semgrep-report.json
+          retention-days: 30
+
+  # Secret scanning
+  secret-scan:
+    name: Secret Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Run TruffleHog (primary - free)
+        id: trufflehog
+        run: |
+          docker run --rm -v "$PWD:/pwd" trufflesecurity/trufflehog:latest filesystem /pwd --json > trufflehog-report.json 2>&1 || true
+          # Check if secrets were found
+          if [ -s trufflehog-report.json ]; then
+            SECRETS_FOUND=$(cat trufflehog-report.json | grep -c '"SourceMetadata"' || echo "0")
+            echo "secrets_found=${SECRETS_FOUND}" >> $GITHUB_OUTPUT
+            if [ "$SECRETS_FOUND" -gt 0 ]; then
+              echo "::warning::TruffleHog found ${SECRETS_FOUND} potential secrets!"
+              cat trufflehog-report.json
+            fi
+          else
+            echo "secrets_found=0" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Run Gitleaks (optional - requires license for orgs)
+        continue-on-error: true
+        uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}
+
+      - name: Upload secret scan reports
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: secret-scan-reports
+          path: trufflehog-report.json
+          retention-days: 30
+          if-no-files-found: ignore
+
+  # Container image scanning (if Dockerfile exists)
+  container-scan:
+    name: Container CVE Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Check for Dockerfile
+        id: check-dockerfile
+        run: |
+          if [ -f "Dockerfile" ]; then
+            echo "exists=true" >> $GITHUB_OUTPUT
+          else
+            echo "exists=false" >> $GITHUB_OUTPUT
+            echo "No Dockerfile found, skipping container scan"
+          fi
+
+      - name: Build Docker image
+        if: steps.check-dockerfile.outputs.exists == 'true'
+        run: docker build -t security-scan:latest .
+
+      - name: Run Trivy vulnerability scanner
+        if: steps.check-dockerfile.outputs.exists == 'true'
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'security-scan:latest'
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL,HIGH,MEDIUM'
+
+      - name: Upload Trivy scan results
+        if: steps.check-dockerfile.outputs.exists == 'true'
+        uses: github/codeql-action/upload-sarif@v3
+        continue-on-error: true  # May fail if GitHub Advanced Security not enabled
+        with:
+          sarif_file: 'trivy-results.sarif'
+
+      - name: Run Grype scanner
+        if: steps.check-dockerfile.outputs.exists == 'true'
+        continue-on-error: true
+        run: |
+          curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin
+          grype security-scan:latest -o json > grype-report.json || true
+
+      - name: Upload container scan reports
+        if: steps.check-dockerfile.outputs.exists == 'true'
+        uses: actions/upload-artifact@v4
+        with:
+          name: container-scan-reports
+          path: |
+            trivy-results.sarif
+            grype-report.json
+          retention-days: 30
+
+  # CodeQL analysis (requires GitHub Advanced Security for private repos)
+  codeql-analysis:
+    name: CodeQL Analysis
+    runs-on: ubuntu-latest
+    # Skip if Advanced Security not available
+    continue-on-error: true
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        continue-on-error: true
+        with:
+          languages: javascript-typescript
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+        continue-on-error: true
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        continue-on-error: true
+        with:
+          category: "/language:javascript-typescript"
+
+  # License compliance check
+  license-scan:
+    name: License Compliance
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+
+      - name: Install dependencies
+        run: npm ci --ignore-scripts
+
+      - name: Run license checker
+        continue-on-error: true
+        run: |
+          npx license-checker --json --out licenses.json || true
+          npx license-checker --summary || true
+
+      - name: Check for problematic licenses
+        continue-on-error: true
+        run: |
+          npx license-checker --failOn 'GPL;AGPL;LGPL;SSPL' || echo "Warning: Found copyleft licenses"
+
+      - name: Upload license report
+        uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: license-report
+          path: licenses.json
+          retention-days: 30
+
+  # Summary job with email notification
+  security-summary:
+    name: Security Summary
+    runs-on: ubuntu-latest
+    needs: [dependency-scan, sast-scan, secret-scan, codeql-analysis, license-scan]
+    if: always()
+    steps:
+      - name: Download all artifacts
+        uses: actions/download-artifact@v4
+        with:
+          merge-multiple: true
+
+      - name: Generate summary
+        id: summary
+        run: |
+          echo "## Security Scan Summary" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "| Scan Type | Status |" >> $GITHUB_STEP_SUMMARY
+          echo "|-----------|--------|" >> $GITHUB_STEP_SUMMARY
+          echo "| Dependency CVE | ${{ needs.dependency-scan.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| SAST | ${{ needs.sast-scan.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| Secret Scan | ${{ needs.secret-scan.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| CodeQL | ${{ needs.codeql-analysis.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| License Check | ${{ needs.license-scan.result }} |" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "📊 Check the Security tab for detailed findings." >> $GITHUB_STEP_SUMMARY
+          
+          # Check for failures
+          if [[ "${{ needs.dependency-scan.result }}" == "failure" ]] || \
+             [[ "${{ needs.sast-scan.result }}" == "failure" ]] || \
+             [[ "${{ needs.secret-scan.result }}" == "failure" ]] || \
+             [[ "${{ needs.codeql-analysis.result }}" == "failure" ]] || \
+             [[ "${{ needs.license-scan.result }}" == "failure" ]]; then
+            echo "has_failures=true" >> $GITHUB_OUTPUT
+          else
+            echo "has_failures=false" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Send email notification on critical findings
+        if: steps.summary.outputs.has_failures == 'true'
+        uses: dawidd6/action-send-mail@v3
+        with:
+          server_address: smtp.gmail.com
+          server_port: 587
+          username: ${{ secrets.SMTP_USERNAME }}
+          password: ${{ secrets.SMTP_PASSWORD }}
+          subject: "🚨 Security Alert: ${{ github.repository }} - Critical Findings Detected"
+          to: ${{ secrets.SECURITY_ALERT_EMAIL }}
+          from: "TuringPulse Security <security@turingpulse.ai>"
+          html_body: |
+            <h2>🚨 Security Scan Alert</h2>
+            <p><strong>Repository:</strong> ${{ github.repository }}</p>
+            <p><strong>Branch:</strong> ${{ github.ref_name }}</p>
+            <p><strong>Commit:</strong> ${{ github.sha }}</p>
+            <p><strong>Triggered by:</strong> ${{ github.actor }}</p>
+            <hr>
+            <h3>Scan Results:</h3>
+            <ul>
+              <li>Dependency CVE: ${{ needs.dependency-scan.result }}</li>
+              <li>SAST: ${{ needs.sast-scan.result }}</li>
+              <li>Secret Scan: ${{ needs.secret-scan.result }}</li>
+              <li>CodeQL: ${{ needs.codeql-analysis.result }}</li>
+              <li>License Check: ${{ needs.license-scan.result }}</li>
+            </ul>
+            <p><a href="${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}">View Full Report</a></p>
+            <p><a href="${{ github.server_url }}/${{ github.repository }}/security">View Security Tab</a></p>

package/CHANGELOG.md

@@ -0,0 +1,29 @@
+# Changelog
+
+All notable changes to the TuringPulse TypeScript SDK.
+
+## [0.2.0] - Unreleased
+
+### Added
+
+- `GovernanceBlockedError` and `ConfigurationError` exceptions
+- Pre-execution policy check for HITL governance
+- `hitl` field on `GovernanceDefaults` interface
+- Auto-initialization from `TP_API_KEY` / `TP_WORKFLOW_NAME` env vars
+- New integration packages: LangChain.js, OpenAI, Anthropic, Vercel AI SDK
+- npm workspaces monorepo structure
+
+### Changed
+
+- `name` in `@instrument()` now takes precedence over `config.workflowName`
+- `context.finish()` sets status to `"blocked"` for `GovernanceBlockedError`
+- `finalize()` skips post-run governance when pre-check already blocked
+- Sync functions return `Promise<T>` when HITL governance is enabled
+
+## [0.1.0] - 2025-01-15
+
+### Added
+
+- Initial release with core instrumentation, governance, fingerprinting
+- Mastra integration
+- OpenTelemetry tracing support

package/LICENSE

@@ -0,0 +1,13 @@
+Copyright (c) 2026 TuringPulse Inc. All rights reserved.
+
+PROPRIETARY AND CONFIDENTIAL
+
+This software is proprietary to TuringPulse Inc. Unauthorized copying,
+modification, distribution, or use of this software, in whole or in part,
+is strictly prohibited without a valid license agreement.
+
+This software is provided under the terms of a separate license agreement
+between you and TuringPulse Inc. By installing or using this software,
+you agree to be bound by those terms.
+
+For licensing inquiries, contact: support@turingpulse.ai

package/MIGRATION.md

@@ -0,0 +1,30 @@
+# Migration Guide — TypeScript SDK
+
+## Migrating to v0.2.0
+
+### Governance Changes
+
+- New `GovernanceBlockedError` thrown when HITL policy returns `block`
+- `GovernanceDefaults` now supports `hitl: true` for global HITL
+- Pre-execution policy check runs automatically when HITL is enabled
+- Context status is `"blocked"` (not `"error"`) for governance blocks
+
+### Important: Sync Function Return Type Change
+
+When HITL governance is enabled, **sync functions wrapped with `@instrument`
+will return `Promise<T>` instead of `T`**. This is because the pre-execution
+policy check is async (HTTP call to the backend).
+
+If your code relies on synchronous return values, you must either:
+1. Make the calling code async-aware, or
+2. Disable HITL governance for sync-only code paths
+
+### Auto-initialization
+
+If `TP_API_KEY` and `TP_WORKFLOW_NAME` are set as environment variables,
+the SDK auto-initializes on first use.
+
+### workflowName Priority
+
+`name` in `@instrument({ name: "..." })` now takes precedence over
+`config.workflowName` set during `init()`.

package/README.md

@@ -0,0 +1,221 @@
+# TuringPulse TypeScript SDK
+
+Decorator-driven instrumentation for Node/TypeScript runtimes. Drop it into any service to publish telemetry to the Agent Observability Service, raise governance workflows (HITL/HATL/HOTL) inside the Agent PM Service, and register hidden entrypoints that can be triggered without an HTTP surface.
+
+## Framework Compatibility
+
+<!-- COMPAT-BADGES:START -->
+![Mistral](https://img.shields.io/badge/Mistral-passing-brightgreen)
+<!-- COMPAT-BADGES:END -->
+
+<details>
+<summary>Full Compatibility Matrix</summary>
+
+<!-- COMPAT-MATRIX:START -->
+| Framework | Version | Node 18 | Node 20 | Node 22 |
+|---|---| --- | --- | --- |
+| Mistral | 1.14.1 | pass | pass | pass |
+<!-- COMPAT-MATRIX:END -->
+
+</details>
+
+## Highlights
+
+- `init(config)` bootstraps SDK defaults (base URLs, tenant headers, tracing, governance fallbacks, fetch implementation).
+- `@instrument(...)` works on class methods (NestJS, controllers, workers) while `withInstrumentation(fn, opts)` wraps standalone functions.
+- Decorator options control tracing, custom labels/metadata, manual trigger keys, governance policies, KPI definitions, and hidden entrypoints.
+- Automatic OpenTelemetry spans + rich metadata; emits `AgentEvent` payloads that match the shared `@turingpulse/interfaces` schema.
+- Trigger registry lets you invoke hidden agents via `getInstance().triggerAgent('hidden:sync_rag', args)` even when no endpoint exists.
+
+## Install
+
+```bash
+pnpm add @turingpulse/sdk @turingpulse/interfaces
+# or npm/yarn equivalent
+```
+
+Local workspace dev:
+
+```bash
+cd packages/turingpulse-sdk
+pnpm install
+pnpm build
+```
+
+## Quickstart
+
+```ts
+import { init, instrument, GovernanceDirective, KPIConfig } from '@turingpulse/sdk';
+
+init({
+  apiKey: process.env.TP_API_KEY!,
+  workflowName: 'My Workflow',
+  redactFields: ['password', 'apiKey', 'secret'],
+});
+
+const governance = new GovernanceDirective({ hitl: true, reviewers: ['audit@org.com'] });
+const throughputKpi = { kpiId: 'items_processed', fromResultPath: 'count', comparator: 'lt', alertThreshold: 1 };
+
+class MarketScanner {
+  @instrument({
+    agentId: 'agent-research',
+    operation: 'market_scan',
+    labels: { surface: 'slack' },
+    governance,
+    kpis: [throughputKpi],
+    triggerKey: 'hidden.market_scan',
+    hiddenEntrypoint: true,
+  })
+  async run(query: string) {
+    // ... do work ...
+    return { count: 3, items: [] };
+  }
+}
+```
+
+Manual trigger:
+
+```ts
+import { getInstance } from '@turingpulse/sdk';
+
+await getInstance().triggerAgent('hidden.market_scan', 'pricing updates');
+```
+
+Wrap standalone functions:
+
+```ts
+import { withInstrumentation } from '@turingpulse/sdk';
+
+const handler = withInstrumentation(
+  async (payload: Payload) => {
+    return service.process(payload);
+  },
+  { agentId: 'agent-worker', operation: 'ingest_payload' },
+);
+```
+
+## Decorator Options
+
+| Option | Description |
+| --- | --- |
+| `agentId` | Required Agent identifier |
+| `operation` | Logical name; defaults to method name |
+| `labels` / `metadata` | Merged with global defaults and sent to traces + AgentEvent metadata |
+| `trace` | Enable/disable tracing at the decorator level |
+| `triggerKey` | Registers the method for manual invocation |
+| `hiddenEntrypoint` | Marks calls as UI-hidden; metadata includes `agent.hidden_entrypoint` |
+| `governance` | `GovernanceDirective` describing HITL/HATL/HOTL behaviour |
+| `kpis` | Array of `KPIConfig` to emit metrics + alert metadata |
+
+## Governance
+
+`GovernanceDirective` controls reviewer queues, escalation channels, severity, and auto-escalation timers. When enabled, the plugin creates tasks in the Agent PM Service per mode (HITL/HATL/HOTL) and attaches KPI metadata for downstream auditors.
+
+## KPI Mapping & Alerts
+
+- `useDuration` derives KPI values from observed runtime (ms).
+- `fromResultPath` pulls nested properties from the returned payload.
+- `value` can be a literal number or `(ctx) => number`.
+- When `alertThreshold` + `comparator` trip, metadata includes `metric.alert.<id>=true`.
+
+## Security
+
+The SDK includes built-in protections to ensure safe operation in customer environments:
+
+### Endpoint Validation
+- **SSRF protection**: Private/internal IP ranges (`127.0.0.0/8`, `10.0.0.0/8`, `172.16.0.0/12`, `192.168.0.0/16`, `169.254.0.0/16`, `localhost`, `[::1]`) are blocked as endpoints.
+- **CRLF injection prevention**: Newline and null characters are stripped from API keys and endpoint URLs.
+- **TLS enforcement**: The SDK emits a warning if an `http://` endpoint is used instead of `https://`.
+
+### Data Protection
+- **Sensitive field redaction**: Use `redactFields` in config to mask sensitive keys before telemetry leaves your environment.
+- **Error sanitization**: Error messages in telemetry do not leak stack traces or internal paths.
+- **No content truncation**: The SDK does not truncate or limit content size — backend handles that.
+
+```typescript
+init({
+  apiKey: 'sk_...',
+  workflowName: 'My Workflow',
+  redactFields: ['password', 'apiKey', 'secret', 'token', 'authorization'],
+});
+```
+
+### Network Safety
+- **Retry-After compliance**: The SDK respects `Retry-After` headers from 429 responses.
+- **No retry on terminal errors**: 401, 402, 403, 404 responses stop retries immediately.
+- **Timeout cap**: HTTP timeout is capped at 120 seconds.
+
+### UUID Generation
+- Uses `crypto.randomUUID()` when available, falls back to `crypto.getRandomValues()` for better entropy than `Math.random()`.
+
+## Fingerprinting & Change Detection
+
+The SDK automatically captures workflow fingerprints to enable root cause analysis when anomalies or drifts are detected. This works out-of-the-box with zero configuration.
+
+### How It Works
+
+1. The SDK automatically detects LLM calls (OpenAI, Anthropic, LangChain, etc.)
+2. Prompts and configurations are hashed for change detection
+3. Workflow structure (nodes and edges) is tracked
+4. Fingerprints are sent to the backend after each run
+5. When anomalies occur, changes are correlated for root cause attribution
+
+### Configuration
+
+```typescript
+import { init } from '@turingpulse/sdk';
+
+init({
+  apiKey: 'sk_...',
+  workflowName: 'My Workflow',
+  fingerprint: {
+    enabled: true,              // Master switch (default: true)
+    capturePrompts: true,       // Hash prompts for change detection
+    captureConfigs: true,       // Hash configs for change detection
+    captureStructure: true,     // Track DAG structure
+    sensitiveConfigKeys: [      // Keys to redact before hashing
+      'apiKey', 'password', 'secret', 'token'
+    ],
+    sendAsync: true,            // Send fingerprints asynchronously
+    sendOnFailure: true,        // Send even if run fails
+  },
+});
+```
+
+### Deploy Tracking
+
+Register deployments to correlate anomalies with code changes:
+
+```typescript
+import { registerDeploy } from '@turingpulse/sdk';
+
+// Auto-detect from CI/CD environment (GitHub Actions, GitLab CI, etc.)
+await registerDeploy({
+  workflowId: 'chat-assistant',
+  autoDetect: true,
+});
+
+// Or provide explicit values
+await registerDeploy({
+  workflowId: 'chat-assistant',
+  version: 'v1.2.3',
+  gitSha: process.env.GIT_SHA,
+  commitMessage: process.env.GIT_COMMIT_MSG,
+});
+```
+
+Supported CI/CD environments for auto-detection:
+- GitHub Actions
+- GitLab CI
+- CircleCI
+- Jenkins
+- Azure DevOps
+- Bitbucket Pipelines
+- Travis CI
+
+## Roadmap
+
+- Browser-friendly fetch adapter
+- Extended decorators for parameter injection + custom trace attributes
+- CLI helper for listing/triggering hidden entrypoints
+

package/dist/attachments.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Document attachment support for the TuringPulse TypeScript SDK.
+ *
+ * Provides AttachmentManager for uploading documents to the ingestion service
+ * and injecting attachment metadata into the current span.
+ *
+ * Design principle: NEVER crash customer code. All upload failures are logged
+ * and silently ignored.
+ */
+import { TuringPulseConfig } from './config';
+export interface AttachmentResult {
+    attachmentId: string;
+    filename: string;
+    mimeType: string;
+    sizeBytes: number;
+    storagePath: string;
+    direction: string;
+    deduplicated: boolean;
+}
+export declare class AttachmentManager {
+    private readonly baseUrl;
+    private readonly config;
+    private readonly enabled;
+    constructor(config: TuringPulseConfig, enabled?: boolean);
+    attachBytes(data: Uint8Array | Buffer, filename: string, direction?: 'input' | 'output', mimeType?: string): Promise<AttachmentResult | undefined>;
+    attachText(text: string, filename?: string, direction?: 'input' | 'output'): Promise<AttachmentResult | undefined>;
+}
+//# sourceMappingURL=attachments.d.ts.map

package/dist/attachments.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"attachments.d.ts","sourceRoot":"","sources":["../src/attachments.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE7C,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAoB;IAC3C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAU;gBAEtB,MAAM,EAAE,iBAAiB,EAAE,OAAO,UAAO;IAM/C,WAAW,CACf,IAAI,EAAE,UAAU,GAAG,MAAM,EACzB,QAAQ,EAAE,MAAM,EAChB,SAAS,GAAE,OAAO,GAAG,QAAkB,EACvC,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC;IAyClC,UAAU,CACd,IAAI,EAAE,MAAM,EACZ,QAAQ,SAAiB,EACzB,SAAS,GAAE,OAAO,GAAG,QAAkB,GACtC,OAAO,CAAC,gBAAgB,GAAG,SAAS,CAAC;CAIzC"}