@veritas-lex/contract-analysis-package 1.2.3

package/dist/constants/enums.js

@@ -0,0 +1,92 @@
+"use strict";
+/**
+ * Shared Enums
+ *
+ * Single source of truth for workflow/status enums used across
+ * both contract-analysis-api and ai-analysis-api.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RuleDirection = exports.RuleKind = exports.RiskLevel = exports.TaskPriority = exports.TaskStatus = exports.JobStatus = exports.JobType = exports.ContractStatus = void 0;
+// ─── Contract Pipeline ──────────────────────────────────────
+var ContractStatus;
+(function (ContractStatus) {
+    ContractStatus["UPLOADED"] = "uploaded";
+    ContractStatus["DETECTING_TYPE"] = "detecting_type";
+    ContractStatus["EXTRACTING_TEXT"] = "extracting_text";
+    ContractStatus["OCR_PENDING"] = "ocr_pending";
+    ContractStatus["OCR_RUNNING"] = "ocr_running";
+    ContractStatus["SCANNING_PII"] = "scanning_pii";
+    ContractStatus["PII_DETECTED"] = "pii_detected";
+    ContractStatus["AWAITING_PII_APPROVAL"] = "awaiting_pii_approval";
+    ContractStatus["PSEUDONYMIZING"] = "pseudonymizing";
+    ContractStatus["CHUNKING"] = "chunking";
+    ContractStatus["EMBEDDING"] = "embedding";
+    ContractStatus["INDEXED"] = "indexed";
+    ContractStatus["PARTIALLY_INDEXED"] = "partially_indexed";
+    ContractStatus["ANALYSIS_PENDING"] = "analysis_pending";
+    ContractStatus["ANALYSIS_RUNNING"] = "analysis_running";
+    ContractStatus["ANALYZING_RED_FLAGS"] = "analyzing_red_flags";
+    ContractStatus["ANALYZING_DEEP"] = "analyzing_deep";
+    ContractStatus["GENERATING_REPORT"] = "generating_report";
+    ContractStatus["DEEP_ANALYSIS_COMPLETE"] = "deep_analysis_complete";
+    ContractStatus["READY"] = "ready";
+    ContractStatus["FAILED"] = "failed";
+    ContractStatus["ACTION_REQUIRED"] = "action_required";
+})(ContractStatus || (exports.ContractStatus = ContractStatus = {}));
+// ─── Jobs ───────────────────────────────────────────────────
+var JobType;
+(function (JobType) {
+    JobType["DOCUMENT_TYPE_DETECTION"] = "document_type_detection";
+    JobType["EXTRACT_TEXT"] = "extract_text";
+    JobType["OCR"] = "ocr";
+    JobType["PII_SCAN"] = "pii_scan";
+    JobType["CHUNK"] = "chunk";
+    JobType["EMBED"] = "embed";
+    JobType["QNA"] = "qna";
+})(JobType || (exports.JobType = JobType = {}));
+var JobStatus;
+(function (JobStatus) {
+    JobStatus["QUEUED"] = "queued";
+    JobStatus["STARTED"] = "started";
+    JobStatus["RUNNING"] = "running";
+    JobStatus["SUCCEEDED"] = "succeeded";
+    JobStatus["FAILED"] = "failed";
+    JobStatus["CANCELLED"] = "cancelled";
+})(JobStatus || (exports.JobStatus = JobStatus = {}));
+// ─── Tasks ──────────────────────────────────────────────────
+var TaskStatus;
+(function (TaskStatus) {
+    TaskStatus["OPEN"] = "open";
+    TaskStatus["DONE"] = "done";
+    TaskStatus["CANCELLED"] = "cancelled";
+    TaskStatus["SNOOZED"] = "snoozed";
+})(TaskStatus || (exports.TaskStatus = TaskStatus = {}));
+var TaskPriority;
+(function (TaskPriority) {
+    TaskPriority["LOW"] = "low";
+    TaskPriority["MEDIUM"] = "medium";
+    TaskPriority["HIGH"] = "high";
+    TaskPriority["CRITICAL"] = "critical";
+})(TaskPriority || (exports.TaskPriority = TaskPriority = {}));
+// ─── Risk ───────────────────────────────────────────────────
+var RiskLevel;
+(function (RiskLevel) {
+    RiskLevel["CRITICAL"] = "critical";
+    RiskLevel["HIGH"] = "high";
+    RiskLevel["MEDIUM"] = "medium";
+    RiskLevel["LOW"] = "low";
+    RiskLevel["INFORMATIONAL"] = "informational";
+})(RiskLevel || (exports.RiskLevel = RiskLevel = {}));
+// ─── Key Date Rules ─────────────────────────────────────────
+var RuleKind;
+(function (RuleKind) {
+    RuleKind["ABSOLUTE"] = "absolute";
+    RuleKind["RELATIVE"] = "relative";
+    RuleKind["EVENT_DRIVEN"] = "event_driven";
+})(RuleKind || (exports.RuleKind = RuleKind = {}));
+var RuleDirection;
+(function (RuleDirection) {
+    RuleDirection["BEFORE"] = "before";
+    RuleDirection["AFTER"] = "after";
+})(RuleDirection || (exports.RuleDirection = RuleDirection = {}));
+//# sourceMappingURL=enums.js.map

package/dist/constants/enums.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enums.js","sourceRoot":"","sources":["../../src/constants/enums.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEH,+DAA+D;AAE/D,IAAY,cAuBX;AAvBD,WAAY,cAAc;IACxB,uCAAqB,CAAA;IACrB,mDAAiC,CAAA;IACjC,qDAAmC,CAAA;IACnC,6CAA2B,CAAA;IAC3B,6CAA2B,CAAA;IAC3B,+CAA6B,CAAA;IAC7B,+CAA6B,CAAA;IAC7B,iEAA+C,CAAA;IAC/C,mDAAiC,CAAA;IACjC,uCAAqB,CAAA;IACrB,yCAAuB,CAAA;IACvB,qCAAmB,CAAA;IACnB,yDAAuC,CAAA;IACvC,uDAAqC,CAAA;IACrC,uDAAqC,CAAA;IACrC,6DAA2C,CAAA;IAC3C,mDAAiC,CAAA;IACjC,yDAAuC,CAAA;IACvC,mEAAiD,CAAA;IACjD,iCAAe,CAAA;IACf,mCAAiB,CAAA;IACjB,qDAAmC,CAAA;AACrC,CAAC,EAvBW,cAAc,8BAAd,cAAc,QAuBzB;AAED,+DAA+D;AAE/D,IAAY,OAQX;AARD,WAAY,OAAO;IACjB,8DAAmD,CAAA;IACnD,wCAA6B,CAAA;IAC7B,sBAAW,CAAA;IACX,gCAAqB,CAAA;IACrB,0BAAe,CAAA;IACf,0BAAe,CAAA;IACf,sBAAW,CAAA;AACb,CAAC,EARW,OAAO,uBAAP,OAAO,QAQlB;AAED,IAAY,SAOX;AAPD,WAAY,SAAS;IACnB,8BAAiB,CAAA;IACjB,gCAAmB,CAAA;IACnB,gCAAmB,CAAA;IACnB,oCAAuB,CAAA;IACvB,8BAAiB,CAAA;IACjB,oCAAuB,CAAA;AACzB,CAAC,EAPW,SAAS,yBAAT,SAAS,QAOpB;AAED,+DAA+D;AAE/D,IAAY,UAKX;AALD,WAAY,UAAU;IACpB,2BAAa,CAAA;IACb,2BAAa,CAAA;IACb,qCAAuB,CAAA;IACvB,iCAAmB,CAAA;AACrB,CAAC,EALW,UAAU,0BAAV,UAAU,QAKrB;AAED,IAAY,YAKX;AALD,WAAY,YAAY;IACtB,2BAAW,CAAA;IACX,iCAAiB,CAAA;IACjB,6BAAa,CAAA;IACb,qCAAqB,CAAA;AACvB,CAAC,EALW,YAAY,4BAAZ,YAAY,QAKvB;AAED,+DAA+D;AAE/D,IAAY,SAMX;AAND,WAAY,SAAS;IACnB,kCAAqB,CAAA;IACrB,0BAAa,CAAA;IACb,8BAAiB,CAAA;IACjB,wBAAW,CAAA;IACX,4CAA+B,CAAA;AACjC,CAAC,EANW,SAAS,yBAAT,SAAS,QAMpB;AAED,+DAA+D;AAE/D,IAAY,QAIX;AAJD,WAAY,QAAQ;IAClB,iCAAqB,CAAA;IACrB,iCAAqB,CAAA;IACrB,yCAA6B,CAAA;AAC/B,CAAC,EAJW,QAAQ,wBAAR,QAAQ,QAInB;AAED,IAAY,aAGX;AAHD,WAAY,aAAa;IACvB,kCAAiB,CAAA;IACjB,gCAAe,CAAA;AACjB,CAAC,EAHW,aAAa,6BAAb,aAAa,QAGxB"}

package/dist/constants/file-validation.constants.d.ts

@@ -0,0 +1,28 @@
+/**
+ * File validation constants for contract uploads.
+ *
+ * Centralised allowlist of accepted MIME types, file extensions,
+ * and the mapping between them. Used by both the DTO validation
+ * layer and the service-level cross-check.
+ */
+/** Maximum upload size in bytes (100 MB — matches Supabase bucket limit) */
+export declare const MAX_UPLOAD_SIZE_BYTES = 104857600;
+/** Allowed MIME types for contract document uploads */
+export declare const ALLOWED_MIME_TYPES: readonly ["application/pdf", "application/vnd.openxmlformats-officedocument.wordprocessingml.document", "application/msword", "image/png", "image/jpeg", "image/tiff"];
+export type AllowedMimeType = (typeof ALLOWED_MIME_TYPES)[number];
+/**
+ * Bidirectional mapping: extension → allowed MIME types.
+ */
+export declare const EXTENSION_TO_MIME: Record<string, AllowedMimeType[]>;
+/**
+ * Reverse mapping: MIME type → allowed extensions.
+ * Built from EXTENSION_TO_MIME for consistency.
+ */
+export declare const MIME_TO_EXTENSIONS: Record<AllowedMimeType, string[]>;
+/**
+ * Validate that a filename extension is consistent with the declared MIME type.
+ *
+ * @returns `null` if valid, or a human-readable error string if mismatched.
+ */
+export declare function validateExtensionMimeMatch(filename: string, mimeType: string): string | null;
+//# sourceMappingURL=file-validation.constants.d.ts.map

package/dist/constants/file-validation.constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-validation.constants.d.ts","sourceRoot":"","sources":["../../src/constants/file-validation.constants.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,4EAA4E;AAC5E,eAAO,MAAM,qBAAqB,YAAc,CAAC;AAEjD,uDAAuD;AACvD,eAAO,MAAM,kBAAkB,wKAOrB,CAAC;AAEX,MAAM,MAAM,eAAe,GAAG,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,CAAC,CAAC;AAElE;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,EAAE,CAW/D,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,eAAe,EAAE,MAAM,EAAE,CAa7D,CAAC;AAEL;;;;GAIG;AACH,wBAAgB,0BAA0B,CACxC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACf,MAAM,GAAG,IAAI,CAmBf"}

package/dist/constants/file-validation.constants.js

@@ -0,0 +1,81 @@
+"use strict";
+/**
+ * File validation constants for contract uploads.
+ *
+ * Centralised allowlist of accepted MIME types, file extensions,
+ * and the mapping between them. Used by both the DTO validation
+ * layer and the service-level cross-check.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MIME_TO_EXTENSIONS = exports.EXTENSION_TO_MIME = exports.ALLOWED_MIME_TYPES = exports.MAX_UPLOAD_SIZE_BYTES = void 0;
+exports.validateExtensionMimeMatch = validateExtensionMimeMatch;
+/** Maximum upload size in bytes (100 MB — matches Supabase bucket limit) */
+exports.MAX_UPLOAD_SIZE_BYTES = 104_857_600;
+/** Allowed MIME types for contract document uploads */
+exports.ALLOWED_MIME_TYPES = [
+    "application/pdf",
+    "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+    "application/msword",
+    "image/png",
+    "image/jpeg",
+    "image/tiff",
+];
+/**
+ * Bidirectional mapping: extension → allowed MIME types.
+ */
+exports.EXTENSION_TO_MIME = {
+    ".pdf": ["application/pdf"],
+    ".docx": [
+        "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
+    ],
+    ".doc": ["application/msword"],
+    ".png": ["image/png"],
+    ".jpg": ["image/jpeg"],
+    ".jpeg": ["image/jpeg"],
+    ".tif": ["image/tiff"],
+    ".tiff": ["image/tiff"],
+};
+/**
+ * Reverse mapping: MIME type → allowed extensions.
+ * Built from EXTENSION_TO_MIME for consistency.
+ */
+exports.MIME_TO_EXTENSIONS = (() => {
+    const map = {};
+    for (const mime of exports.ALLOWED_MIME_TYPES) {
+        map[mime] = [];
+    }
+    for (const [ext, mimes] of Object.entries(exports.EXTENSION_TO_MIME)) {
+        for (const mime of mimes) {
+            if (!map[mime].includes(ext)) {
+                map[mime].push(ext);
+            }
+        }
+    }
+    return map;
+})();
+/**
+ * Validate that a filename extension is consistent with the declared MIME type.
+ *
+ * @returns `null` if valid, or a human-readable error string if mismatched.
+ */
+function validateExtensionMimeMatch(filename, mimeType) {
+    const ext = getFileExtension(filename);
+    if (!ext) {
+        return `Filename "${filename}" has no recognisable file extension`;
+    }
+    const allowedMimes = exports.EXTENSION_TO_MIME[ext];
+    if (!allowedMimes) {
+        const supportedExts = Object.keys(exports.EXTENSION_TO_MIME).join(", ");
+        return `File extension "${ext}" is not supported. Accepted extensions: ${supportedExts}`;
+    }
+    if (!allowedMimes.includes(mimeType)) {
+        return `File extension "${ext}" does not match MIME type "${mimeType}". Expected MIME type(s) for "${ext}": ${allowedMimes.join(", ")}`;
+    }
+    return null;
+}
+/** Extract lowercase file extension including the dot, e.g. `.pdf` */
+function getFileExtension(filename) {
+    const match = filename.match(/\.[a-zA-Z0-9]+$/);
+    return match ? match[0].toLowerCase() : null;
+}
+//# sourceMappingURL=file-validation.constants.js.map

package/dist/constants/file-validation.constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-validation.constants.js","sourceRoot":"","sources":["../../src/constants/file-validation.constants.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;AAyDH,gEAsBC;AA7ED,4EAA4E;AAC/D,QAAA,qBAAqB,GAAG,WAAW,CAAC;AAEjD,uDAAuD;AAC1C,QAAA,kBAAkB,GAAG;IAChC,iBAAiB;IACjB,yEAAyE;IACzE,oBAAoB;IACpB,WAAW;IACX,YAAY;IACZ,YAAY;CACJ,CAAC;AAIX;;GAEG;AACU,QAAA,iBAAiB,GAAsC;IAClE,MAAM,EAAE,CAAC,iBAAiB,CAAC;IAC3B,OAAO,EAAE;QACP,yEAAyE;KAC1E;IACD,MAAM,EAAE,CAAC,oBAAoB,CAAC;IAC9B,MAAM,EAAE,CAAC,WAAW,CAAC;IACrB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,OAAO,EAAE,CAAC,YAAY,CAAC;CACxB,CAAC;AAEF;;;GAGG;AACU,QAAA,kBAAkB,GAAsC,CAAC,GAAG,EAAE;IACzE,MAAM,GAAG,GAA6B,EAAE,CAAC;IACzC,KAAK,MAAM,IAAI,IAAI,0BAAkB,EAAE,CAAC;QACtC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IACjB,CAAC;IACD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,yBAAiB,CAAC,EAAE,CAAC;QAC7D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,GAAwC,CAAC;AAClD,CAAC,CAAC,EAAE,CAAC;AAEL;;;;GAIG;AACH,SAAgB,0BAA0B,CACxC,QAAgB,EAChB,QAAgB;IAEhB,MAAM,GAAG,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;IAEvC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO,aAAa,QAAQ,sCAAsC,CAAC;IACrE,CAAC;IAED,MAAM,YAAY,GAAG,yBAAiB,CAAC,GAAG,CAAC,CAAC;IAE5C,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,aAAa,GAAG,MAAM,CAAC,IAAI,CAAC,yBAAiB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChE,OAAO,mBAAmB,GAAG,4CAA4C,aAAa,EAAE,CAAC;IAC3F,CAAC;IAED,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,QAA2B,CAAC,EAAE,CAAC;QACxD,OAAO,mBAAmB,GAAG,+BAA+B,QAAQ,iCAAiC,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;IAC1I,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,sEAAsE;AACtE,SAAS,gBAAgB,CAAC,QAAgB;IACxC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAChD,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AAC/C,CAAC"}

package/dist/constants/index.d.ts

@@ -0,0 +1,6 @@
+export { CRITICAL_PII_TYPES, HIGH_RISK_PII_TYPES, CONTEXTUAL_ENTITIES, STANDARD_PII_TYPES, ALL_MASKABLE_PII_TYPES, APPROVAL_REQUIRED_PII_TYPES, } from "./pii-classifications.constants";
+export type { PiiRiskLevel } from "./pii-classifications.constants";
+export { MAX_UPLOAD_SIZE_BYTES, ALLOWED_MIME_TYPES, EXTENSION_TO_MIME, MIME_TO_EXTENSIONS, validateExtensionMimeMatch, } from "./file-validation.constants";
+export type { AllowedMimeType } from "./file-validation.constants";
+export { ContractStatus, JobType, JobStatus, TaskStatus, TaskPriority, RiskLevel, RuleKind, RuleDirection, } from "./enums";
+//# sourceMappingURL=index.d.ts.map

package/dist/constants/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/constants/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,mBAAmB,EACnB,kBAAkB,EAClB,sBAAsB,EACtB,2BAA2B,GAC5B,MAAM,iCAAiC,CAAC;AACzC,YAAY,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAEpE,OAAO,EACL,qBAAqB,EACrB,kBAAkB,EAClB,iBAAiB,EACjB,kBAAkB,EAClB,0BAA0B,GAC3B,MAAM,6BAA6B,CAAC;AACrC,YAAY,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAEnE,OAAO,EACL,cAAc,EACd,OAAO,EACP,SAAS,EACT,UAAU,EACV,YAAY,EACZ,SAAS,EACT,QAAQ,EACR,aAAa,GACd,MAAM,SAAS,CAAC"}

package/dist/constants/index.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RuleDirection = exports.RuleKind = exports.RiskLevel = exports.TaskPriority = exports.TaskStatus = exports.JobStatus = exports.JobType = exports.ContractStatus = exports.validateExtensionMimeMatch = exports.MIME_TO_EXTENSIONS = exports.EXTENSION_TO_MIME = exports.ALLOWED_MIME_TYPES = exports.MAX_UPLOAD_SIZE_BYTES = exports.APPROVAL_REQUIRED_PII_TYPES = exports.ALL_MASKABLE_PII_TYPES = exports.STANDARD_PII_TYPES = exports.CONTEXTUAL_ENTITIES = exports.HIGH_RISK_PII_TYPES = exports.CRITICAL_PII_TYPES = void 0;
+var pii_classifications_constants_1 = require("./pii-classifications.constants");
+Object.defineProperty(exports, "CRITICAL_PII_TYPES", { enumerable: true, get: function () { return pii_classifications_constants_1.CRITICAL_PII_TYPES; } });
+Object.defineProperty(exports, "HIGH_RISK_PII_TYPES", { enumerable: true, get: function () { return pii_classifications_constants_1.HIGH_RISK_PII_TYPES; } });
+Object.defineProperty(exports, "CONTEXTUAL_ENTITIES", { enumerable: true, get: function () { return pii_classifications_constants_1.CONTEXTUAL_ENTITIES; } });
+Object.defineProperty(exports, "STANDARD_PII_TYPES", { enumerable: true, get: function () { return pii_classifications_constants_1.STANDARD_PII_TYPES; } });
+Object.defineProperty(exports, "ALL_MASKABLE_PII_TYPES", { enumerable: true, get: function () { return pii_classifications_constants_1.ALL_MASKABLE_PII_TYPES; } });
+Object.defineProperty(exports, "APPROVAL_REQUIRED_PII_TYPES", { enumerable: true, get: function () { return pii_classifications_constants_1.APPROVAL_REQUIRED_PII_TYPES; } });
+var file_validation_constants_1 = require("./file-validation.constants");
+Object.defineProperty(exports, "MAX_UPLOAD_SIZE_BYTES", { enumerable: true, get: function () { return file_validation_constants_1.MAX_UPLOAD_SIZE_BYTES; } });
+Object.defineProperty(exports, "ALLOWED_MIME_TYPES", { enumerable: true, get: function () { return file_validation_constants_1.ALLOWED_MIME_TYPES; } });
+Object.defineProperty(exports, "EXTENSION_TO_MIME", { enumerable: true, get: function () { return file_validation_constants_1.EXTENSION_TO_MIME; } });
+Object.defineProperty(exports, "MIME_TO_EXTENSIONS", { enumerable: true, get: function () { return file_validation_constants_1.MIME_TO_EXTENSIONS; } });
+Object.defineProperty(exports, "validateExtensionMimeMatch", { enumerable: true, get: function () { return file_validation_constants_1.validateExtensionMimeMatch; } });
+var enums_1 = require("./enums");
+Object.defineProperty(exports, "ContractStatus", { enumerable: true, get: function () { return enums_1.ContractStatus; } });
+Object.defineProperty(exports, "JobType", { enumerable: true, get: function () { return enums_1.JobType; } });
+Object.defineProperty(exports, "JobStatus", { enumerable: true, get: function () { return enums_1.JobStatus; } });
+Object.defineProperty(exports, "TaskStatus", { enumerable: true, get: function () { return enums_1.TaskStatus; } });
+Object.defineProperty(exports, "TaskPriority", { enumerable: true, get: function () { return enums_1.TaskPriority; } });
+Object.defineProperty(exports, "RiskLevel", { enumerable: true, get: function () { return enums_1.RiskLevel; } });
+Object.defineProperty(exports, "RuleKind", { enumerable: true, get: function () { return enums_1.RuleKind; } });
+Object.defineProperty(exports, "RuleDirection", { enumerable: true, get: function () { return enums_1.RuleDirection; } });
+//# sourceMappingURL=index.js.map

package/dist/constants/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/constants/index.ts"],"names":[],"mappings":";;;AAAA,iFAOyC;AANvC,mIAAA,kBAAkB,OAAA;AAClB,oIAAA,mBAAmB,OAAA;AACnB,oIAAA,mBAAmB,OAAA;AACnB,mIAAA,kBAAkB,OAAA;AAClB,uIAAA,sBAAsB,OAAA;AACtB,4IAAA,2BAA2B,OAAA;AAI7B,yEAMqC;AALnC,kIAAA,qBAAqB,OAAA;AACrB,+HAAA,kBAAkB,OAAA;AAClB,8HAAA,iBAAiB,OAAA;AACjB,+HAAA,kBAAkB,OAAA;AAClB,uIAAA,0BAA0B,OAAA;AAI5B,iCASiB;AARf,uGAAA,cAAc,OAAA;AACd,gGAAA,OAAO,OAAA;AACP,kGAAA,SAAS,OAAA;AACT,mGAAA,UAAU,OAAA;AACV,qGAAA,YAAY,OAAA;AACZ,kGAAA,SAAS,OAAA;AACT,iGAAA,QAAQ,OAAA;AACR,sGAAA,aAAa,OAAA"}

package/dist/constants/pii-classifications.constants.d.ts

@@ -0,0 +1,27 @@
+/**
+ * PII Entity Classification Constants
+ *
+ * Single source of truth for PII entity classification across all APIs.
+ * Based on Microsoft Presidio entity types.
+ *
+ * Classification levels:
+ * - **Critical**: Immediate security/financial risk — requires user approval before processing
+ * - **High-risk**: Sensitive identity documents — requires user approval before processing
+ * - **Standard**: Common PII — always mask but doesn't require explicit approval
+ * - **Contextual**: Not truly PII, needed for contract analysis — DO NOT MASK
+ */
+/** Critical PII: Immediate security/financial risk — requires user approval */
+export declare const CRITICAL_PII_TYPES: readonly string[];
+/** High-risk PII: Sensitive identity documents — requires user approval */
+export declare const HIGH_RISK_PII_TYPES: readonly string[];
+/** Contextual entities: Not truly PII, needed for contract analysis — DO NOT MASK */
+export declare const CONTEXTUAL_ENTITIES: readonly string[];
+/** Standard PII: Always mask but doesn't require explicit approval */
+export declare const STANDARD_PII_TYPES: readonly string[];
+/** All PII types that should be masked (critical + high-risk + standard) */
+export declare const ALL_MASKABLE_PII_TYPES: readonly string[];
+/** PII types that require user approval before processing (critical + high-risk) */
+export declare const APPROVAL_REQUIRED_PII_TYPES: readonly string[];
+/** PII risk level classification for detected entities */
+export type PiiRiskLevel = "critical" | "high" | "medium" | "low";
+//# sourceMappingURL=pii-classifications.constants.d.ts.map

package/dist/constants/pii-classifications.constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pii-classifications.constants.d.ts","sourceRoot":"","sources":["../../src/constants/pii-classifications.constants.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,+EAA+E;AAC/E,eAAO,MAAM,kBAAkB,EAAE,SAAS,MAAM,EAMtC,CAAC;AAEX,2EAA2E;AAC3E,eAAO,MAAM,mBAAmB,EAAE,SAAS,MAAM,EAmBvC,CAAC;AAEX,qFAAqF;AACrF,eAAO,MAAM,mBAAmB,EAAE,SAAS,MAAM,EAIvC,CAAC;AAEX,sEAAsE;AACtE,eAAO,MAAM,kBAAkB,EAAE,SAAS,MAAM,EAItC,CAAC;AAEX,4EAA4E;AAC5E,eAAO,MAAM,sBAAsB,EAAE,SAAS,MAAM,EAI1C,CAAC;AAEX,oFAAoF;AACpF,eAAO,MAAM,2BAA2B,EAAE,SAAS,MAAM,EAG/C,CAAC;AAEX,0DAA0D;AAC1D,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC"}

package/dist/constants/pii-classifications.constants.js

@@ -0,0 +1,68 @@
+"use strict";
+/**
+ * PII Entity Classification Constants
+ *
+ * Single source of truth for PII entity classification across all APIs.
+ * Based on Microsoft Presidio entity types.
+ *
+ * Classification levels:
+ * - **Critical**: Immediate security/financial risk — requires user approval before processing
+ * - **High-risk**: Sensitive identity documents — requires user approval before processing
+ * - **Standard**: Common PII — always mask but doesn't require explicit approval
+ * - **Contextual**: Not truly PII, needed for contract analysis — DO NOT MASK
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.APPROVAL_REQUIRED_PII_TYPES = exports.ALL_MASKABLE_PII_TYPES = exports.STANDARD_PII_TYPES = exports.CONTEXTUAL_ENTITIES = exports.HIGH_RISK_PII_TYPES = exports.CRITICAL_PII_TYPES = void 0;
+/** Critical PII: Immediate security/financial risk — requires user approval */
+exports.CRITICAL_PII_TYPES = [
+    "CREDIT_CARD",
+    "US_SSN",
+    "US_BANK_NUMBER",
+    "IBAN_CODE",
+    "CRYPTO",
+];
+/** High-risk PII: Sensitive identity documents — requires user approval */
+exports.HIGH_RISK_PII_TYPES = [
+    "PASSWORD",
+    "US_PASSPORT",
+    "UK_PASSPORT",
+    "EU_PASSPORT",
+    "UK_NHS",
+    "MEDICAL_LICENSE",
+    "IP_ADDRESS",
+    "US_DRIVER_LICENSE",
+    "EU_DRIVER_LICENSE",
+    "SG_NRIC_FIN",
+    "AU_TFN",
+    "AU_MEDICARE",
+    "AU_ABN",
+    "AU_ACN",
+    "ES_NIF",
+    "IT_FISCAL_CODE",
+    "DE_TAX_ID",
+    "FR_NIR",
+];
+/** Contextual entities: Not truly PII, needed for contract analysis — DO NOT MASK */
+exports.CONTEXTUAL_ENTITIES = [
+    "DATE_TIME",
+    "LOCATION",
+    "NRP",
+];
+/** Standard PII: Always mask but doesn't require explicit approval */
+exports.STANDARD_PII_TYPES = [
+    "PERSON",
+    "EMAIL_ADDRESS",
+    "PHONE_NUMBER",
+];
+/** All PII types that should be masked (critical + high-risk + standard) */
+exports.ALL_MASKABLE_PII_TYPES = [
+    ...exports.CRITICAL_PII_TYPES,
+    ...exports.HIGH_RISK_PII_TYPES,
+    ...exports.STANDARD_PII_TYPES,
+];
+/** PII types that require user approval before processing (critical + high-risk) */
+exports.APPROVAL_REQUIRED_PII_TYPES = [
+    ...exports.CRITICAL_PII_TYPES,
+    ...exports.HIGH_RISK_PII_TYPES,
+];
+//# sourceMappingURL=pii-classifications.constants.js.map

package/dist/constants/pii-classifications.constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pii-classifications.constants.js","sourceRoot":"","sources":["../../src/constants/pii-classifications.constants.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAEH,+EAA+E;AAClE,QAAA,kBAAkB,GAAsB;IACnD,aAAa;IACb,QAAQ;IACR,gBAAgB;IAChB,WAAW;IACX,QAAQ;CACA,CAAC;AAEX,2EAA2E;AAC9D,QAAA,mBAAmB,GAAsB;IACpD,UAAU;IACV,aAAa;IACb,aAAa;IACb,aAAa;IACb,QAAQ;IACR,iBAAiB;IACjB,YAAY;IACZ,mBAAmB;IACnB,mBAAmB;IACnB,aAAa;IACb,QAAQ;IACR,aAAa;IACb,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,gBAAgB;IAChB,WAAW;IACX,QAAQ;CACA,CAAC;AAEX,qFAAqF;AACxE,QAAA,mBAAmB,GAAsB;IACpD,WAAW;IACX,UAAU;IACV,KAAK;CACG,CAAC;AAEX,sEAAsE;AACzD,QAAA,kBAAkB,GAAsB;IACnD,QAAQ;IACR,eAAe;IACf,cAAc;CACN,CAAC;AAEX,4EAA4E;AAC/D,QAAA,sBAAsB,GAAsB;IACvD,GAAG,0BAAkB;IACrB,GAAG,2BAAmB;IACtB,GAAG,0BAAkB;CACb,CAAC;AAEX,oFAAoF;AACvE,QAAA,2BAA2B,GAAsB;IAC5D,GAAG,0BAAkB;IACrB,GAAG,2BAAmB;CACd,CAAC"}

package/dist/database/base.entity.d.ts

@@ -0,0 +1,6 @@
+export declare abstract class BaseEntity {
+    id: string;
+    createdAt: Date;
+    updatedAt: Date;
+}
+//# sourceMappingURL=base.entity.d.ts.map

package/dist/database/base.entity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.entity.d.ts","sourceRoot":"","sources":["../../src/database/base.entity.ts"],"names":[],"mappings":"AAMA,8BAAsB,UAAU;IAE9B,EAAE,EAAE,MAAM,CAAC;IAGX,SAAS,EAAE,IAAI,CAAC;IAGhB,SAAS,EAAE,IAAI,CAAC;CACjB"}

package/dist/database/base.entity.js

@@ -0,0 +1,32 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BaseEntity = void 0;
+const typeorm_1 = require("typeorm");
+class BaseEntity {
+    id;
+    createdAt;
+    updatedAt;
+}
+exports.BaseEntity = BaseEntity;
+__decorate([
+    (0, typeorm_1.PrimaryGeneratedColumn)("uuid"),
+    __metadata("design:type", String)
+], BaseEntity.prototype, "id", void 0);
+__decorate([
+    (0, typeorm_1.CreateDateColumn)({ name: "created_at", type: "timestamptz" }),
+    __metadata("design:type", Date)
+], BaseEntity.prototype, "createdAt", void 0);
+__decorate([
+    (0, typeorm_1.UpdateDateColumn)({ name: "updated_at", type: "timestamptz" }),
+    __metadata("design:type", Date)
+], BaseEntity.prototype, "updatedAt", void 0);
+//# sourceMappingURL=base.entity.js.map

package/dist/database/base.entity.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.entity.js","sourceRoot":"","sources":["../../src/database/base.entity.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,qCAIiB;AAEjB,MAAsB,UAAU;IAE9B,EAAE,CAAS;IAGX,SAAS,CAAO;IAGhB,SAAS,CAAO;CACjB;AATD,gCASC;AAPC;IADC,IAAA,gCAAsB,EAAC,MAAM,CAAC;;sCACpB;AAGX;IADC,IAAA,0BAAgB,EAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;8BACnD,IAAI;6CAAC;AAGhB;IADC,IAAA,0BAAgB,EAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;8BACnD,IAAI;6CAAC"}

package/dist/database/database.module.d.ts

@@ -0,0 +1,32 @@
+import { DynamicModule } from "@nestjs/common";
+export interface DatabaseModuleOptions {
+    /**
+     * Automatically load entities registered via `TypeOrmModule.forFeature()`.
+     * When true, entities don't need to be listed explicitly.
+     * @default true
+     */
+    autoLoadEntities?: boolean;
+}
+/**
+ * Database Module
+ *
+ * Provides a reusable TypeORM/PostgreSQL module that reads connection
+ * parameters from the `'database'` config namespace.
+ *
+ * Uses `autoLoadEntities: true` by default — entities are picked up
+ * automatically when registered via `TypeOrmModule.forFeature()` in
+ * their feature modules.
+ *
+ * @example
+ * ```typescript
+ * // In your root module
+ * @Module({
+ *   imports: [DatabaseModule.register()],
+ * })
+ * export class MainModule {}
+ * ```
+ */
+export declare class DatabaseModule {
+    static register(options?: DatabaseModuleOptions): DynamicModule;
+}
+//# sourceMappingURL=database.module.d.ts.map

package/dist/database/database.module.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"database.module.d.ts","sourceRoot":"","sources":["../../src/database/database.module.ts"],"names":[],"mappings":"AAAA,OAAO,EAAkB,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAI/D,MAAM,WAAW,qBAAqB;IACpC;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAEa,cAAc;IACzB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,qBAAqB,GAAG,aAAa;CAmChE"}

package/dist/database/database.module.js

@@ -0,0 +1,69 @@
+"use strict";
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var DatabaseModule_1;
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DatabaseModule = void 0;
+const common_1 = require("@nestjs/common");
+const config_1 = require("@nestjs/config");
+const typeorm_1 = require("@nestjs/typeorm");
+/**
+ * Database Module
+ *
+ * Provides a reusable TypeORM/PostgreSQL module that reads connection
+ * parameters from the `'database'` config namespace.
+ *
+ * Uses `autoLoadEntities: true` by default — entities are picked up
+ * automatically when registered via `TypeOrmModule.forFeature()` in
+ * their feature modules.
+ *
+ * @example
+ * ```typescript
+ * // In your root module
+ * @Module({
+ *   imports: [DatabaseModule.register()],
+ * })
+ * export class MainModule {}
+ * ```
+ */
+let DatabaseModule = DatabaseModule_1 = class DatabaseModule {
+    static register(options) {
+        return {
+            module: DatabaseModule_1,
+            global: true,
+            imports: [
+                typeorm_1.TypeOrmModule.forRootAsync({
+                    inject: [config_1.ConfigService],
+                    useFactory: (configService) => ({
+                        type: "postgres",
+                        host: configService.get("database.host"),
+                        port: configService.get("database.port"),
+                        username: configService.get("database.username"),
+                        password: configService.get("database.password"),
+                        database: configService.get("database.database"),
+                        synchronize: false,
+                        logging: configService.get("database.logging") || false,
+                        ssl: configService.get("database.ssl") || false,
+                        autoLoadEntities: options?.autoLoadEntities ?? true,
+                        extra: {
+                            max: configService.get("database.poolMax", 20),
+                            idleTimeoutMillis: configService.get("database.poolIdleTimeout", 30000),
+                            connectionTimeoutMillis: configService.get("database.poolConnectionTimeout", 5000),
+                        },
+                    }),
+                }),
+            ],
+            exports: [typeorm_1.TypeOrmModule],
+        };
+    }
+};
+exports.DatabaseModule = DatabaseModule;
+exports.DatabaseModule = DatabaseModule = DatabaseModule_1 = __decorate([
+    (0, common_1.Global)(),
+    (0, common_1.Module)({})
+], DatabaseModule);
+//# sourceMappingURL=database.module.js.map

package/dist/database/database.module.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"database.module.js","sourceRoot":"","sources":["../../src/database/database.module.ts"],"names":[],"mappings":";;;;;;;;;;AAAA,2CAA+D;AAC/D,2CAA+C;AAC/C,6CAAgD;AAWhD;;;;;;;;;;;;;;;;;;GAkBG;AAGI,IAAM,cAAc,sBAApB,MAAM,cAAc;IACzB,MAAM,CAAC,QAAQ,CAAC,OAA+B;QAC7C,OAAO;YACL,MAAM,EAAE,gBAAc;YACtB,MAAM,EAAE,IAAI;YACZ,OAAO,EAAE;gBACP,uBAAa,CAAC,YAAY,CAAC;oBACzB,MAAM,EAAE,CAAC,sBAAa,CAAC;oBACvB,UAAU,EAAE,CAAC,aAA4B,EAAE,EAAE,CAAC,CAAC;wBAC7C,IAAI,EAAE,UAAmB;wBACzB,IAAI,EAAE,aAAa,CAAC,GAAG,CAAS,eAAe,CAAC;wBAChD,IAAI,EAAE,aAAa,CAAC,GAAG,CAAS,eAAe,CAAC;wBAChD,QAAQ,EAAE,aAAa,CAAC,GAAG,CAAS,mBAAmB,CAAC;wBACxD,QAAQ,EAAE,aAAa,CAAC,GAAG,CAAS,mBAAmB,CAAC;wBACxD,QAAQ,EAAE,aAAa,CAAC,GAAG,CAAS,mBAAmB,CAAC;wBACxD,WAAW,EAAE,KAAK;wBAClB,OAAO,EAAE,aAAa,CAAC,GAAG,CAAU,kBAAkB,CAAC,IAAI,KAAK;wBAChE,GAAG,EAAE,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,KAAK;wBAC/C,gBAAgB,EAAE,OAAO,EAAE,gBAAgB,IAAI,IAAI;wBACnD,KAAK,EAAE;4BACL,GAAG,EAAE,aAAa,CAAC,GAAG,CAAS,kBAAkB,EAAE,EAAE,CAAC;4BACtD,iBAAiB,EAAE,aAAa,CAAC,GAAG,CAClC,0BAA0B,EAC1B,KAAK,CACN;4BACD,uBAAuB,EAAE,aAAa,CAAC,GAAG,CACxC,gCAAgC,EAChC,IAAI,CACL;yBACF;qBACF,CAAC;iBACH,CAAC;aACH;YACD,OAAO,EAAE,CAAC,uBAAa,CAAC;SACzB,CAAC;IACJ,CAAC;CACF,CAAA;AApCY,wCAAc;yBAAd,cAAc;IAF1B,IAAA,eAAM,GAAE;IACR,IAAA,eAAM,EAAC,EAAE,CAAC;GACE,cAAc,CAoC1B"}

package/dist/database/entities/base-audit-log.entity.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Abstract base AuditLog entity matching `audit_log` in database.sql.
+ *
+ * Immutable audit log (append-only by convention).
+ * The `updated_at` column exists in the schema but is not expected to change.
+ */
+export declare abstract class BaseAuditLogEntity {
+    id: string;
+    organisationId: string | null;
+    userId: string | null;
+    contractId: string | null;
+    jobId: string | null;
+    action: string;
+    details: Record<string, unknown>;
+    durationMs: number | null;
+    status: string | null;
+    errorMessage: string | null;
+    createdAt: Date;
+    updatedAt: Date;
+}
+//# sourceMappingURL=base-audit-log.entity.d.ts.map

package/dist/database/entities/base-audit-log.entity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base-audit-log.entity.d.ts","sourceRoot":"","sources":["../../../src/database/entities/base-audit-log.entity.ts"],"names":[],"mappings":"AAQA;;;;;GAKG;AACH,8BAKsB,kBAAkB;IAEtC,EAAE,EAAE,MAAM,CAAC;IAGX,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAG9B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IAGtB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAG1B,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IAGrB,MAAM,EAAE,MAAM,CAAC;IAGf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAGjC,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAG1B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IAGtB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAG5B,SAAS,EAAE,IAAI,CAAC;IAGhB,SAAS,EAAE,IAAI,CAAC;CACjB"}