@vettly/shared 0.1.9

package/dist/index.js

@@ -0,0 +1,299 @@
+// src/types.ts
+import { z } from "zod";
+var ContentTypeSchema = z.enum(["text", "image", "video"]);
+var UseCaseTypeSchema = z.enum([
+  "social_post",
+  "comment",
+  "profile",
+  "message",
+  "review",
+  "listing",
+  "bio",
+  "other"
+]);
+var CategorySchema = z.enum([
+  "hate_speech",
+  "harassment",
+  "violence",
+  "self_harm",
+  "sexual",
+  "spam",
+  "profanity",
+  "scam",
+  "illegal"
+]);
+var ProviderNameSchema = z.enum([
+  "openai",
+  "perspective",
+  "hive",
+  "azure",
+  "bot_detection",
+  "gemini_vision",
+  "mock",
+  "fallback"
+]);
+var ActionSchema = z.enum(["block", "warn", "flag", "allow"]);
+var RuleSchema = z.object({
+  category: CategorySchema,
+  threshold: z.number().min(0).max(1),
+  provider: ProviderNameSchema,
+  action: ActionSchema,
+  priority: z.number().optional().default(0),
+  // Custom prompt-based moderation (Pro+ tier only)
+  // When set, uses Gemini Vision for semantic image analysis
+  customPrompt: z.string().min(1).max(500).optional(),
+  customCategory: z.string().min(1).max(100).optional()
+}).refine(
+  (data) => {
+    const hasPrompt = !!data.customPrompt;
+    const hasCategory = !!data.customCategory;
+    return hasPrompt === hasCategory;
+  },
+  {
+    message: "customPrompt and customCategory must both be set, or both be omitted",
+    path: ["customPrompt"]
+  }
+);
+var OverrideSchema = z.object({
+  locale: z.string().optional(),
+  region: z.string().optional(),
+  data_residency: z.string().optional(),
+  provider: ProviderNameSchema.optional()
+});
+var FallbackConfigSchema = z.object({
+  provider: ProviderNameSchema,
+  on_timeout: z.boolean().optional().default(true),
+  timeout_ms: z.number().optional().default(5e3)
+});
+var PolicySchema = z.object({
+  name: z.string(),
+  version: z.string(),
+  rules: z.array(RuleSchema),
+  overrides: z.array(OverrideSchema).optional(),
+  fallback: FallbackConfigSchema.optional()
+});
+var DecisionSchema = z.object({
+  id: z.string().uuid(),
+  content: z.string(),
+  contentHash: z.string(),
+  contentType: ContentTypeSchema,
+  policy: z.object({
+    id: z.string(),
+    version: z.string()
+  }),
+  result: z.object({
+    safe: z.boolean(),
+    flagged: z.boolean(),
+    action: ActionSchema,
+    categories: z.array(
+      z.object({
+        category: CategorySchema,
+        score: z.number(),
+        threshold: z.number(),
+        triggered: z.boolean()
+      })
+    )
+  }),
+  provider: z.object({
+    name: ProviderNameSchema,
+    latency: z.number(),
+    cost: z.number()
+  }),
+  metadata: z.record(z.unknown()).optional(),
+  timestamp: z.string().datetime(),
+  requestId: z.string().optional()
+});
+var MultiModalCheckRequestSchema = z.object({
+  // Multi-modal content inputs
+  text: z.string().max(1e5, "Text exceeds maximum size of 100KB").optional(),
+  images: z.array(
+    z.string().refine(
+      (val) => {
+        return val.startsWith("http://") || val.startsWith("https://") || val.startsWith("data:image/");
+      },
+      { message: "Images must be URLs or base64 data URIs" }
+    )
+  ).max(10, "Maximum 10 images per request").optional(),
+  video: z.string().url("Video must be a valid URL").optional(),
+  // Moderation context
+  context: z.object({
+    useCase: UseCaseTypeSchema.default("other"),
+    userId: z.string().optional(),
+    userReputation: z.number().min(0).max(1).optional(),
+    // 0-1 score
+    locale: z.string().optional(),
+    region: z.string().optional()
+  }).optional(),
+  // Policy and metadata
+  policyId: z.string(),
+  metadata: z.record(z.unknown()).optional(),
+  requestId: z.string().optional()
+  // For idempotency
+}).refine(
+  (data) => {
+    return data.text || data.images?.length || data.video;
+  },
+  { message: "At least one of text, images, or video must be provided" }
+);
+var CheckRequestSchema = z.object({
+  content: z.string().min(1).max(1e5, "Content exceeds maximum size of 100KB"),
+  policyId: z.string(),
+  contentType: ContentTypeSchema.optional().default("text"),
+  metadata: z.record(z.unknown()).optional(),
+  requestId: z.string().optional()
+  // For idempotency
+});
+var ContentItemResultSchema = z.object({
+  contentType: ContentTypeSchema,
+  contentRef: z.string().optional(),
+  // URL or identifier for images/video
+  contentItemId: z.string().uuid().optional(),
+  // Database ID for linking evidence
+  safe: z.boolean(),
+  flagged: z.boolean(),
+  action: ActionSchema,
+  categories: z.array(
+    z.object({
+      category: CategorySchema,
+      score: z.number(),
+      triggered: z.boolean()
+    })
+  ),
+  provider: ProviderNameSchema,
+  latency: z.number(),
+  cost: z.number(),
+  evidence: z.object({
+    url: z.string().url().optional(),
+    // Signed URL to evidence (screenshot, frame)
+    expiresAt: z.string().datetime().optional()
+  }).optional()
+});
+var MultiModalCheckResponseSchema = z.object({
+  decisionId: z.string().uuid(),
+  safe: z.boolean(),
+  // Overall safe if ALL content items are safe
+  flagged: z.boolean(),
+  // Overall flagged if ANY content item is flagged
+  action: ActionSchema,
+  // Most severe action across all content
+  results: z.array(ContentItemResultSchema),
+  // Per-content-type results
+  totalLatency: z.number(),
+  totalCost: z.number(),
+  requestId: z.string().optional()
+});
+var CheckResponseSchema = z.object({
+  decisionId: z.string().uuid(),
+  safe: z.boolean(),
+  flagged: z.boolean(),
+  action: ActionSchema,
+  categories: z.array(
+    z.object({
+      category: CategorySchema,
+      score: z.number(),
+      triggered: z.boolean()
+    })
+  ),
+  provider: ProviderNameSchema,
+  latency: z.number(),
+  cost: z.number(),
+  requestId: z.string().optional()
+});
+var ReplayRequestSchema = z.object({
+  decisionId: z.string().uuid(),
+  policyId: z.string()
+});
+var ModerationError = class extends Error {
+  constructor(message, code, statusCode = 500, details) {
+    super(message);
+    this.code = code;
+    this.statusCode = statusCode;
+    this.details = details;
+    this.name = "ModerationError";
+  }
+};
+var PolicyValidationError = class extends ModerationError {
+  constructor(message, details) {
+    super(message, "POLICY_VALIDATION_ERROR", 400, details);
+    this.name = "PolicyValidationError";
+  }
+};
+var ProviderError = class extends ModerationError {
+  constructor(message, provider, details) {
+    super(message, "PROVIDER_ERROR", 502, { provider, ...details });
+    this.name = "ProviderError";
+  }
+};
+var WebhookEventTypeSchema = z.enum([
+  "decision.created",
+  "decision.flagged",
+  "decision.blocked",
+  "policy.created",
+  "policy.updated"
+]);
+var WebhookEndpointSchema = z.object({
+  url: z.string().url().refine(
+    (url) => {
+      if (process.env.NODE_ENV === "production") {
+        return !url.includes("localhost") && !url.includes("127.0.0.1");
+      }
+      return true;
+    },
+    "Localhost webhooks are not allowed in production"
+  ),
+  events: z.array(WebhookEventTypeSchema),
+  description: z.string().max(500).optional()
+});
+
+// src/utils.ts
+import crypto from "crypto";
+function hashContent(content) {
+  return crypto.createHash("sha256").update(content).digest("hex");
+}
+function generateUUID() {
+  return crypto.randomUUID();
+}
+function generateRequestId() {
+  return `req_${Date.now()}_${Math.random().toString(36).substring(7)}`;
+}
+function calculatePolicyVersion(yaml) {
+  return hashContent(yaml).substring(0, 16);
+}
+function formatCost(cost) {
+  return `$${cost.toFixed(6)}`;
+}
+function formatLatency(ms) {
+  if (ms < 1e3) {
+    return `${ms.toFixed(0)}ms`;
+  }
+  return `${(ms / 1e3).toFixed(2)}s`;
+}
+export {
+  ActionSchema,
+  CategorySchema,
+  CheckRequestSchema,
+  CheckResponseSchema,
+  ContentItemResultSchema,
+  ContentTypeSchema,
+  DecisionSchema,
+  FallbackConfigSchema,
+  ModerationError,
+  MultiModalCheckRequestSchema,
+  MultiModalCheckResponseSchema,
+  OverrideSchema,
+  PolicySchema,
+  PolicyValidationError,
+  ProviderError,
+  ProviderNameSchema,
+  ReplayRequestSchema,
+  RuleSchema,
+  UseCaseTypeSchema,
+  WebhookEndpointSchema,
+  WebhookEventTypeSchema,
+  calculatePolicyVersion,
+  formatCost,
+  formatLatency,
+  generateRequestId,
+  generateUUID,
+  hashContent
+};

package/package.json

@@ -0,0 +1,54 @@
+{
+  "name": "@vettly/shared",
+  "version": "0.1.9",
+  "description": "Shared TypeScript types for Vettly protection SDK",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "scripts": {
+    "build": "tsup src/index.ts --format esm,cjs --dts --clean",
+    "test": "bun test",
+    "prepublishOnly": "bun run build"
+  },
+  "keywords": [
+    "vettly",
+    "moderation",
+    "protection",
+    "types",
+    "typescript"
+  ],
+  "author": "Vettly",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/brian-nextaura/vettly-docs.git",
+    "directory": "packages/shared"
+  },
+  "homepage": "https://vettly.dev",
+  "publishConfig": {
+    "access": "public",
+    "name": "@nextauralabs/vettly-shared"
+  },
+  "bugs": {
+    "url": "https://github.com/brian-nextaura/vettly-docs/issues"
+  },
+  "dependencies": {
+    "zod": "^3.22.4"
+  },
+  "devDependencies": {
+    "@types/bun": "latest",
+    "tsup": "^8.0.0",
+    "typescript": "^5"
+  }
+}