@upx-us/shield 0.3.16 → 0.4.36

package/dist/src/events/exec/enrich.js

@@ -1,24 +1,87 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.splitChainedCommands = splitChainedCommands;
 exports.enrich = enrich;
 const base_1 = require("../base");
+function splitChainedCommands(cmd) {
+    const segments = [];
+    let current = '';
+    let inSingle = false;
+    let inDouble = false;
+    let inBacktick = false;
+    for (let i = 0; i < cmd.length; i++) {
+        const ch = cmd[i];
+        const next = cmd[i + 1];
+        if (ch === "'" && !inDouble && !inBacktick) {
+            inSingle = !inSingle;
+            current += ch;
+            continue;
+        }
+        if (ch === '"' && !inSingle && !inBacktick) {
+            inDouble = !inDouble;
+            current += ch;
+            continue;
+        }
+        if (ch === '`' && !inSingle && !inDouble) {
+            inBacktick = !inBacktick;
+            current += ch;
+            continue;
+        }
+        if (inSingle || inDouble || inBacktick) {
+            current += ch;
+            continue;
+        }
+        if (ch === '&' && next === '&') {
+            segments.push(current);
+            current = '';
+            i++;
+            continue;
+        }
+        if (ch === '|' && next === '|') {
+            segments.push(current);
+            current = '';
+            i++;
+            continue;
+        }
+        if (ch === ';') {
+            segments.push(current);
+            current = '';
+            continue;
+        }
+        current += ch;
+    }
+    if (current.trim())
+        segments.push(current);
+    return segments.map(s => s.trim()).filter(Boolean);
+}
 function enrich(tool, ctx) {
     const args = tool.arguments;
     const cmd = args.command || '';
     const rootCmd = (cmd.split(/\s+/)[0] || '').split('/').pop() || '';
+    const segments = splitChainedCommands(cmd);
+    const allRootCommands = segments
+        .map(s => (s.trim().split(/\s+/)[0] || '').split('/').pop() || '')
+        .filter(Boolean);
+    const isChained = allRootCommands.length > 1;
     const meta = {
         tool_name: 'exec',
         'openclaw.session_id': ctx.sessionId,
         'openclaw.agent_id': ctx.agentId,
         cmd_root_command: rootCmd,
+        cmd_all_root_commands: allRootCommands,
+        cmd_is_chained: isChained,
+        cmd_chain_count: allRootCommands.length,
         cmd_has_sudo: /\bsudo\b/.test(cmd),
         cmd_has_pipe: /\|/.test(cmd),
     };
-    if (/^(kill|pkill|killall)$/.test(rootCmd)) {
-        const pidMatch = cmd.match(/\bkill\s+(?:-\d+\s+)?(\d+)/);
-        if (pidMatch) {
-            meta.target_pid = pidMatch[1];
-            meta.target_pid_in_scope = 'false';
+    for (const segRoot of allRootCommands) {
+        if (/^(kill|pkill|killall)$/.test(segRoot)) {
+            const pidMatch = cmd.match(/\bkill\s+(?:-\d+\s+)?(\d+)/);
+            if (pidMatch) {
+                meta.target_pid = pidMatch[1];
+                meta.target_pid_in_scope = 'false';
+            }
+            break;
         }
     }
     const event = {
@@ -41,8 +104,12 @@ function enrich(tool, ctx) {
         target: { command_line: (0, base_1.truncate)(cmd) },
         tool_metadata: (0, base_1.stringifyMetadata)(meta),
     };
-    if (/^(ssh|scp|rsync)\b/.test(rootCmd)) {
-        const stripped = cmd.replace(/\s-[ipoFlJWbDeLRw]\s+\S+/g, ' ').replace(/\s-[^\s]+/g, ' ');
+    const sshSegment = segments.find(s => /^\s*(ssh|scp|rsync)\b/.test(s));
+    const sshRoot = sshSegment
+        ? (sshSegment.trim().split(/\s+/)[0] || '').split('/').pop() || ''
+        : rootCmd;
+    if (/^(ssh|scp|rsync)$/.test(sshRoot) && sshSegment) {
+        const stripped = sshSegment.replace(/\s-[ipoFlJWbDeLRw]\s+\S+/g, ' ').replace(/\s-[^\s]+/g, ' ');
         const parts = stripped.trim().split(/\s+/).slice(1);
         let targetHost = null;
         for (const p of parts) {

package/dist/src/index.js

@@ -33,6 +33,9 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
+const os = __importStar(require("os"));
+const path = __importStar(require("path"));
+const updater_1 = require("./updater");
 const config_1 = require("./config");
 const log = __importStar(require("./log"));
 const fetcher_1 = require("./fetcher");
@@ -42,6 +45,9 @@ const redactor_1 = require("./redactor");
 const validator_1 = require("./validator");
 const fs_1 = require("fs");
 const version_1 = require("./version");
+const event_store_1 = require("./event-store");
+const case_monitor_1 = require("./case-monitor");
+const SHIELD_DATA_DIR = path.join(os.homedir(), '.openclaw', 'shield', 'data');
 let running = true;
 let lastTelemetryAt = 0;
 let consecutiveFailures = 0;
@@ -60,7 +66,30 @@ async function poll() {
     if (config.redactionEnabled) {
         (0, redactor_1.init)();
     }
+    (0, case_monitor_1.initCaseMonitor)(SHIELD_DATA_DIR);
+    if (config.localEventBuffer) {
+        (0, event_store_1.initEventStore)(SHIELD_DATA_DIR, { maxEvents: config.localEventLimit });
+    }
     log.info('bridge', `Starting — dryRun=${config.dryRun} poll=${config.pollIntervalMs}ms maxEvents=${config.maxEvents || 'unlimited'} redaction=${config.redactionEnabled} logLevel=${process.env.LOG_LEVEL || 'info'}`);
+    const autoUpdateMode = process.env.SHIELD_AUTO_UPDATE ?? true;
+    log.info('updater', `Startup update check (autoUpdate=${autoUpdateMode}, current=${version_1.VERSION})`);
+    const startupUpdate = (0, updater_1.performAutoUpdate)(autoUpdateMode, 0);
+    if (startupUpdate.action === "none") {
+        log.info("updater", `Up to date (${version_1.VERSION})`);
+    }
+    else if (startupUpdate.action === "updated") {
+        log.info("updater", startupUpdate.message);
+        const restarted = (0, updater_1.requestGatewayRestart)();
+        if (restarted)
+            return;
+        log.warn("updater", "Gateway restart failed — continuing with current version. Restart manually to load the update.");
+    }
+    else if (startupUpdate.action === "notify") {
+        log.info("updater", startupUpdate.message);
+    }
+    else if (startupUpdate.action === "rollback" || startupUpdate.action === "error") {
+        log.warn("updater", startupUpdate.message);
+    }
     while (running) {
         try {
             let entries = await (0, fetcher_1.fetchNewEntries)(config);
@@ -113,6 +142,28 @@ async function poll() {
                     continue;
                 }
             }
+            const autoUpdateMode = process.env.SHIELD_AUTO_UPDATE ?? true;
+            const updateResult = (0, updater_1.performAutoUpdate)(autoUpdateMode);
+            if (updateResult.action !== "none") {
+                if (updateResult.action === "notify") {
+                    log.info("updater", updateResult.message);
+                }
+                else if (updateResult.action === "updated") {
+                    log.info("updater", updateResult.message);
+                    const restarted = (0, updater_1.requestGatewayRestart)();
+                    if (restarted) {
+                        running = false;
+                        break;
+                    }
+                    log.warn("updater", "Gateway restart failed — continuing with current version. Restart manually to load the update.");
+                }
+                else if (updateResult.action === "rollback") {
+                    log.warn("updater", updateResult.message);
+                }
+                else if (updateResult.action === "error") {
+                    log.error("updater", updateResult.message);
+                }
+            }
             if (entries.length > 0) {
                 let envelopes = (0, transformer_1.transformEntries)(entries);
                 const { valid: validEnvelopes, quarantined } = (0, validator_1.validate)(envelopes.map(e => e.event));
@@ -141,6 +192,18 @@ async function poll() {
                         log.error('bridge', `Result: FAILED status=${r.statusCode} events=${r.eventCount} body=${r.body?.slice(0, 200)}`);
                     }
                 }
+                if (config.localEventBuffer && results.some(r => r.success)) {
+                    const summaries = envelopes.map(env => ({
+                        ts: env.event.timestamp,
+                        type: env.event.event_type || 'UNKNOWN',
+                        tool: env.event.tool_name || 'unknown',
+                        summary: env.event.tool_metadata?.["openclaw.display_summary"] || env.event.target?.command_line || env.event.tool_name || 'event',
+                        session: env.event.session_id || '?',
+                        model: env.event.model || '?',
+                        redacted: !!env.source?.plugin?.redaction_applied,
+                    }));
+                    (0, event_store_1.appendEvents)(summaries);
+                }
                 if (results.some(r => r.needsRegistration)) {
                     consecutiveFailures++;
                     registrationOk = false;
@@ -186,6 +249,18 @@ async function poll() {
             consecutiveFailures++;
             log.error('bridge', 'Poll error', err);
         }
+        try {
+            const creds = (0, config_1.loadCredentials)();
+            const platformConfig = {
+                apiUrl: config.platformApiUrl ?? null,
+                instanceId: creds?.instanceId || '',
+                hmacSecret: creds?.hmacSecret || '',
+            };
+            await (0, case_monitor_1.checkForNewCases)(platformConfig);
+        }
+        catch (err) {
+            log.debug('case-monitor', `Check error: ${err instanceof Error ? err.message : String(err)}`);
+        }
         if (!running)
             break;
         const interval = getBackoffInterval(config.pollIntervalMs);

package/dist/src/inventory.d.ts

@@ -0,0 +1,26 @@
+export interface AgentInfo {
+    id: string;
+    name: string | null;
+    workspace: string;
+    has_identity: boolean;
+    is_bootstrapped: boolean;
+}
+export interface HostInventory {
+    collected_at: string;
+    agents: AgentInfo[];
+    agent_count: number;
+    workspace_count: number;
+}
+export interface InventoryPaths {
+    agentsDir: string;
+    openclawHome: string;
+    vaultPath: string;
+}
+export declare function scanAgents(paths?: Partial<InventoryPaths>): AgentInfo[];
+export declare function readVault(vaultPath?: string): Record<string, unknown>;
+export declare function writeVault(vault: Record<string, unknown>, vaultPath?: string): void;
+export declare function collectInventory(paths?: Partial<InventoryPaths>): HostInventory;
+export declare function loadCachedInventory(paths?: Partial<InventoryPaths>): HostInventory | null;
+export declare function setCachedInventory(inventory: HostInventory): void;
+export declare function resetCachedInventory(): void;
+export declare function detectCrossWorkspace(text: string, currentAgentId: string, inventory?: HostInventory | null): string | null;

package/dist/src/inventory.js

@@ -0,0 +1,191 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.scanAgents = scanAgents;
+exports.readVault = readVault;
+exports.writeVault = writeVault;
+exports.collectInventory = collectInventory;
+exports.loadCachedInventory = loadCachedInventory;
+exports.setCachedInventory = setCachedInventory;
+exports.resetCachedInventory = resetCachedInventory;
+exports.detectCrossWorkspace = detectCrossWorkspace;
+const os_1 = require("os");
+const path_1 = require("path");
+const fs_1 = require("fs");
+const safe_io_1 = require("./safe-io");
+const log = __importStar(require("./log"));
+const OPENCLAW_HOME = (0, path_1.join)((0, os_1.homedir)(), '.openclaw');
+const AGENTS_DIR = (0, path_1.join)(OPENCLAW_HOME, 'agents');
+const VAULT_PATH = (0, path_1.join)(OPENCLAW_HOME, 'shield', 'vault.json');
+function defaultPaths() {
+    return { agentsDir: AGENTS_DIR, openclawHome: OPENCLAW_HOME, vaultPath: VAULT_PATH };
+}
+function resolveWorkspace(agentId) {
+    if (agentId === 'main')
+        return 'workspace';
+    return `workspace-${agentId}`;
+}
+function parseIdentityName(identityPath) {
+    try {
+        if (!(0, fs_1.existsSync)(identityPath))
+            return null;
+        const content = (0, fs_1.readFileSync)(identityPath, 'utf8');
+        const match = content.match(/^\s*-\s*\*\*Name:\*\*\s*(.+)$/m);
+        if (match) {
+            const name = match[1].trim();
+            return name || null;
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+function scanAgents(paths) {
+    const p = { ...defaultPaths(), ...paths };
+    const agents = [];
+    if (!(0, fs_1.existsSync)(p.agentsDir)) {
+        log.warn('inventory', `Agents directory not found: ${p.agentsDir}`);
+        return agents;
+    }
+    let entries;
+    try {
+        entries = (0, fs_1.readdirSync)(p.agentsDir);
+    }
+    catch (err) {
+        log.warn('inventory', `Failed to read agents directory: ${err instanceof Error ? err.message : String(err)}`);
+        return agents;
+    }
+    for (const agentId of entries) {
+        try {
+            const workspaceName = resolveWorkspace(agentId);
+            const workspacePath = (0, path_1.join)(p.openclawHome, workspaceName);
+            const identityPath = (0, path_1.join)(workspacePath, 'IDENTITY.md');
+            const bootstrapPath = (0, path_1.join)(workspacePath, 'BOOTSTRAP.md');
+            const name = parseIdentityName(identityPath);
+            const hasIdentity = (0, fs_1.existsSync)(identityPath);
+            const isBootstrapped = !(0, fs_1.existsSync)(bootstrapPath);
+            agents.push({
+                id: agentId,
+                name,
+                workspace: workspaceName,
+                has_identity: hasIdentity,
+                is_bootstrapped: isBootstrapped,
+            });
+        }
+        catch (err) {
+            log.warn('inventory', `Failed to process agent "${agentId}": ${err instanceof Error ? err.message : String(err)}`);
+        }
+    }
+    return agents;
+}
+function readVault(vaultPath) {
+    const path = vaultPath ?? VAULT_PATH;
+    try {
+        if (!(0, fs_1.existsSync)(path))
+            return {};
+        const content = (0, fs_1.readFileSync)(path, 'utf8');
+        const parsed = JSON.parse(content);
+        if (typeof parsed !== 'object' || parsed === null || Array.isArray(parsed)) {
+            log.warn('inventory', 'Vault file has unexpected shape — resetting');
+            return {};
+        }
+        return parsed;
+    }
+    catch (err) {
+        log.warn('inventory', `Failed to read vault (will reset): ${err instanceof Error ? err.message : String(err)}`);
+        return {};
+    }
+}
+function writeVault(vault, vaultPath) {
+    const p = vaultPath ?? VAULT_PATH;
+    try {
+        (0, safe_io_1.writeJsonSafe)(p, vault);
+    }
+    catch (err) {
+        log.warn('inventory', `Failed to write vault: ${err instanceof Error ? err.message : String(err)}`);
+    }
+}
+function collectInventory(paths) {
+    const agents = scanAgents(paths);
+    const workspaces = new Set(agents.map(a => a.workspace));
+    const inventory = {
+        collected_at: new Date().toISOString(),
+        agents,
+        agent_count: agents.length,
+        workspace_count: workspaces.size,
+    };
+    const p = { ...defaultPaths(), ...paths };
+    const vault = readVault(p.vaultPath);
+    vault.host_inventory = inventory;
+    writeVault(vault, p.vaultPath);
+    log.info('inventory', `Collected inventory: ${inventory.agent_count} agents, ${inventory.workspace_count} workspaces`);
+    return inventory;
+}
+function escapeRegex(s) {
+    return s.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+let _cachedInventory = null;
+function loadCachedInventory(paths) {
+    if (_cachedInventory)
+        return _cachedInventory;
+    const p = { ...defaultPaths(), ...paths };
+    const vault = readVault(p.vaultPath);
+    if (vault.host_inventory && typeof vault.host_inventory === 'object') {
+        _cachedInventory = vault.host_inventory;
+        return _cachedInventory;
+    }
+    return null;
+}
+function setCachedInventory(inventory) {
+    _cachedInventory = inventory;
+}
+function resetCachedInventory() {
+    _cachedInventory = null;
+}
+function detectCrossWorkspace(text, currentAgentId, inventory) {
+    const inv = inventory ?? _cachedInventory;
+    if (!inv || inv.agents.length === 0)
+        return null;
+    for (const agent of inv.agents) {
+        if (agent.id === currentAgentId)
+            continue;
+        const pattern = new RegExp(`(?:^|[/\\\\])${escapeRegex(agent.workspace)}(?:[/\\\\]|$)`);
+        if (pattern.test(text)) {
+            return agent.workspace;
+        }
+    }
+    return null;
+}

package/dist/src/rpc/client.d.ts

@@ -0,0 +1,12 @@
+export interface PlatformApiConfig {
+    apiUrl: string | null;
+    instanceId: string;
+    hmacSecret: string;
+}
+export interface PlatformApiResponse<T = unknown> {
+    ok: boolean;
+    data?: T;
+    error?: string;
+    upgradeUrl?: string;
+}
+export declare function callPlatformApi<T = unknown>(config: PlatformApiConfig, path: string, params?: Record<string, unknown>, method?: 'GET' | 'POST'): Promise<PlatformApiResponse<T>>;

package/dist/src/rpc/client.js

@@ -0,0 +1,105 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.callPlatformApi = callPlatformApi;
+const crypto = __importStar(require("crypto"));
+const TIMEOUT_MS = 10_000;
+function signRequest(_method, _path, _body, secret, instanceId) {
+    const nonce = `${Date.now()}-${crypto.randomBytes(8).toString('hex')}`;
+    const signature = crypto
+        .createHmac('sha256', secret)
+        .update(`${instanceId}:${nonce}`)
+        .digest('hex');
+    return {
+        'Content-Type': 'application/json',
+        'User-Agent': 'OpenClaw-Shield-Plugin/rpc',
+        'X-Shield-Instance': instanceId,
+        'X-Shield-Nonce': nonce,
+        'X-Shield-Signature': signature,
+    };
+}
+async function callPlatformApi(config, path, params, method) {
+    if (!config.apiUrl) {
+        return {
+            ok: false,
+            error: 'Platform API not configured. This feature requires the Shield platform API which is not yet available for your instance. Check your Shield dashboard for updates.',
+        };
+    }
+    const url = new URL(path, config.apiUrl);
+    const httpMethod = method || (params ? 'POST' : 'GET');
+    if (httpMethod === 'GET' && params) {
+        for (const [k, v] of Object.entries(params)) {
+            if (v != null)
+                url.searchParams.set(k, String(v));
+        }
+    }
+    const body = JSON.stringify(params ?? {});
+    const headers = signRequest(httpMethod, path, body, config.hmacSecret, config.instanceId);
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), TIMEOUT_MS);
+    try {
+        const res = await fetch(url.toString(), {
+            method: httpMethod,
+            headers,
+            body: httpMethod === 'POST' ? body : undefined,
+            signal: controller.signal,
+        });
+        clearTimeout(timer);
+        if (res.status === 403) {
+            const json = (await res.json().catch(() => ({})));
+            return {
+                ok: false,
+                error: json.message ?? 'Your Shield subscription has expired or is inactive.',
+                upgradeUrl: json.upgrade_url || undefined,
+            };
+        }
+        if (!res.ok) {
+            return {
+                ok: false,
+                error: `Platform returned HTTP ${res.status}`,
+            };
+        }
+        const data = (await res.json());
+        return { ok: true, data };
+    }
+    catch (err) {
+        clearTimeout(timer);
+        const message = err instanceof Error ? err.message : String(err);
+        if (message.includes('abort')) {
+            return { ok: false, error: 'Platform API request timed out (10s).' };
+        }
+        return { ok: false, error: `Platform API error: ${message}` };
+    }
+}

package/dist/src/rpc/handlers.d.ts

@@ -0,0 +1,57 @@
+import { type PlatformApiConfig } from './client';
+export interface EventSummary {
+    period: string;
+    totalEvents: number;
+    byCategory: Record<string, number>;
+    topCommands?: Array<{
+        command: string;
+        count: number;
+    }>;
+}
+export interface RecentEvent {
+    id: string;
+    timestamp: string;
+    category: string;
+    toolName: string;
+    summary: string;
+    severity?: 'low' | 'medium' | 'high' | 'critical';
+}
+export interface SubscriptionStatus {
+    active: boolean;
+    tier: string;
+    expiresAt: string | null;
+    features: string[];
+}
+type RespondFn = (ok: boolean, data: unknown) => void;
+export declare function createEventsRecentHandler(_config: PlatformApiConfig): ({ respond, params }: {
+    respond: RespondFn;
+    params?: Record<string, unknown>;
+}) => Promise<void>;
+export declare function createEventsSummaryHandler(_config: PlatformApiConfig): ({ respond, params }: {
+    respond: RespondFn;
+    params?: Record<string, unknown>;
+}) => Promise<void>;
+export declare function createSubscriptionStatusHandler(config: PlatformApiConfig): ({ respond }: {
+    respond: RespondFn;
+}) => Promise<void>;
+export declare const VALID_RESOLUTIONS: readonly ["true_positive", "false_positive", "benign", "duplicate"];
+export declare const VALID_ROOT_CAUSES: readonly ["user_initiated", "misconfiguration", "expected_behavior", "actual_threat", "testing", "unknown"];
+export type CaseResolution = typeof VALID_RESOLUTIONS[number];
+export type CaseRootCause = typeof VALID_ROOT_CAUSES[number];
+export declare function createCasesListHandler(config: PlatformApiConfig): ({ respond, params }: {
+    respond: RespondFn;
+    params?: Record<string, unknown>;
+}) => Promise<void>;
+export declare function createCaseDetailHandler(config: PlatformApiConfig): ({ respond, params }: {
+    respond: RespondFn;
+    params?: Record<string, unknown>;
+}) => Promise<void>;
+export declare function createCaseResolveHandler(config: PlatformApiConfig): ({ respond, params }: {
+    respond: RespondFn;
+    params?: Record<string, unknown>;
+}) => Promise<void>;
+export declare function createCasesAckHandler(): ({ respond, params }: {
+    respond: RespondFn;
+    params?: Record<string, unknown>;
+}) => Promise<void>;
+export {};