npm - @vorionsys/platform-core - Versions diffs - 0.1.0 - Mend

@vorionsys/platform-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1847) hide show

package/LICENSE +190 -0
package/README.md +88 -0
package/dist/a2a/attestation.d.ts +145 -0
package/dist/a2a/attestation.d.ts.map +1 -0
package/dist/a2a/attestation.js +353 -0
package/dist/a2a/attestation.js.map +1 -0
package/dist/a2a/chain-of-trust.d.ts +143 -0
package/dist/a2a/chain-of-trust.d.ts.map +1 -0
package/dist/a2a/chain-of-trust.js +422 -0
package/dist/a2a/chain-of-trust.js.map +1 -0
package/dist/a2a/index.d.ts +15 -0
package/dist/a2a/index.d.ts.map +1 -0
package/dist/a2a/index.js +23 -0
package/dist/a2a/index.js.map +1 -0
package/dist/a2a/openapi.d.ts +22 -0
package/dist/a2a/openapi.d.ts.map +1 -0
package/dist/a2a/openapi.js +1133 -0
package/dist/a2a/openapi.js.map +1 -0
package/dist/a2a/router.d.ts +167 -0
package/dist/a2a/router.d.ts.map +1 -0
package/dist/a2a/router.js +454 -0
package/dist/a2a/router.js.map +1 -0
package/dist/a2a/routes.d.ts +11 -0
package/dist/a2a/routes.d.ts.map +1 -0
package/dist/a2a/routes.js +442 -0
package/dist/a2a/routes.js.map +1 -0
package/dist/a2a/trust-negotiation.d.ts +119 -0
package/dist/a2a/trust-negotiation.d.ts.map +1 -0
package/dist/a2a/trust-negotiation.js +425 -0
package/dist/a2a/trust-negotiation.js.map +1 -0
package/dist/a2a/types.d.ts +413 -0
package/dist/a2a/types.d.ts.map +1 -0
package/dist/a2a/types.js +38 -0
package/dist/a2a/types.js.map +1 -0
package/dist/agent-registry/a3i-cache.d.ts +113 -0
package/dist/agent-registry/a3i-cache.d.ts.map +1 -0
package/dist/agent-registry/a3i-cache.js +305 -0
package/dist/agent-registry/a3i-cache.js.map +1 -0
package/dist/agent-registry/index.d.ts +14 -0
package/dist/agent-registry/index.d.ts.map +1 -0
package/dist/agent-registry/index.js +17 -0
package/dist/agent-registry/index.js.map +1 -0
package/dist/agent-registry/openapi.d.ts +23 -0
package/dist/agent-registry/openapi.d.ts.map +1 -0
package/dist/agent-registry/openapi.js +1377 -0
package/dist/agent-registry/openapi.js.map +1 -0
package/dist/agent-registry/routes.d.ts +10 -0
package/dist/agent-registry/routes.d.ts.map +1 -0
package/dist/agent-registry/routes.js +485 -0
package/dist/agent-registry/routes.js.map +1 -0
package/dist/agent-registry/service.d.ts +159 -0
package/dist/agent-registry/service.d.ts.map +1 -0
package/dist/agent-registry/service.js +652 -0
package/dist/agent-registry/service.js.map +1 -0
package/dist/agent-registry/tenant-service.d.ts +104 -0
package/dist/agent-registry/tenant-service.d.ts.map +1 -0
package/dist/agent-registry/tenant-service.js +313 -0
package/dist/agent-registry/tenant-service.js.map +1 -0
package/dist/api/auth.d.ts +55 -0
package/dist/api/auth.d.ts.map +1 -0
package/dist/api/auth.js +322 -0
package/dist/api/auth.js.map +1 -0
package/dist/api/errors.d.ts +146 -0
package/dist/api/errors.d.ts.map +1 -0
package/dist/api/errors.js +464 -0
package/dist/api/errors.js.map +1 -0
package/dist/api/index.d.ts +15 -0
package/dist/api/index.d.ts.map +1 -0
package/dist/api/index.js +19 -0
package/dist/api/index.js.map +1 -0
package/dist/api/middleware/api-key-enforcement.d.ts +131 -0
package/dist/api/middleware/api-key-enforcement.d.ts.map +1 -0
package/dist/api/middleware/api-key-enforcement.js +674 -0
package/dist/api/middleware/api-key-enforcement.js.map +1 -0
package/dist/api/middleware/audit.d.ts +151 -0
package/dist/api/middleware/audit.d.ts.map +1 -0
package/dist/api/middleware/audit.js +384 -0
package/dist/api/middleware/audit.js.map +1 -0
package/dist/api/middleware/dpop-enforcement.d.ts +176 -0
package/dist/api/middleware/dpop-enforcement.d.ts.map +1 -0
package/dist/api/middleware/dpop-enforcement.js +596 -0
package/dist/api/middleware/dpop-enforcement.js.map +1 -0
package/dist/api/middleware/index.d.ts +24 -0
package/dist/api/middleware/index.d.ts.map +1 -0
package/dist/api/middleware/index.js +43 -0
package/dist/api/middleware/index.js.map +1 -0
package/dist/api/middleware/metrics.d.ts +41 -0
package/dist/api/middleware/metrics.d.ts.map +1 -0
package/dist/api/middleware/metrics.js +150 -0
package/dist/api/middleware/metrics.js.map +1 -0
package/dist/api/middleware/rate-limits.d.ts +224 -0
package/dist/api/middleware/rate-limits.d.ts.map +1 -0
package/dist/api/middleware/rate-limits.js +686 -0
package/dist/api/middleware/rate-limits.js.map +1 -0
package/dist/api/middleware/rateLimit.d.ts +165 -0
package/dist/api/middleware/rateLimit.d.ts.map +1 -0
package/dist/api/middleware/rateLimit.js +477 -0
package/dist/api/middleware/rateLimit.js.map +1 -0
package/dist/api/middleware/redis-rate-limiter.d.ts +279 -0
package/dist/api/middleware/redis-rate-limiter.d.ts.map +1 -0
package/dist/api/middleware/redis-rate-limiter.js +1074 -0
package/dist/api/middleware/redis-rate-limiter.js.map +1 -0
package/dist/api/middleware/security-headers.d.ts +248 -0
package/dist/api/middleware/security-headers.d.ts.map +1 -0
package/dist/api/middleware/security-headers.js +410 -0
package/dist/api/middleware/security-headers.js.map +1 -0
package/dist/api/middleware/security.d.ts +156 -0
package/dist/api/middleware/security.d.ts.map +1 -0
package/dist/api/middleware/security.js +412 -0
package/dist/api/middleware/security.js.map +1 -0
package/dist/api/middleware/validation.d.ts +132 -0
package/dist/api/middleware/validation.d.ts.map +1 -0
package/dist/api/middleware/validation.js +363 -0
package/dist/api/middleware/validation.js.map +1 -0
package/dist/api/middleware/webhook-verify.d.ts +130 -0
package/dist/api/middleware/webhook-verify.d.ts.map +1 -0
package/dist/api/middleware/webhook-verify.js +366 -0
package/dist/api/middleware/webhook-verify.js.map +1 -0
package/dist/api/rate-limit.d.ts +115 -0
package/dist/api/rate-limit.d.ts.map +1 -0
package/dist/api/rate-limit.js +335 -0
package/dist/api/rate-limit.js.map +1 -0
package/dist/api/server.d.ts +37 -0
package/dist/api/server.d.ts.map +1 -0
package/dist/api/server.js +2086 -0
package/dist/api/server.js.map +1 -0
package/dist/api/validation.d.ts +243 -0
package/dist/api/validation.d.ts.map +1 -0
package/dist/api/validation.js +247 -0
package/dist/api/validation.js.map +1 -0
package/dist/audit/compliance-reporter.d.ts +271 -0
package/dist/audit/compliance-reporter.d.ts.map +1 -0
package/dist/audit/compliance-reporter.js +587 -0
package/dist/audit/compliance-reporter.js.map +1 -0
package/dist/audit/db-store.d.ts +689 -0
package/dist/audit/db-store.d.ts.map +1 -0
package/dist/audit/db-store.js +589 -0
package/dist/audit/db-store.js.map +1 -0
package/dist/audit/event-schema.d.ts +605 -0
package/dist/audit/event-schema.d.ts.map +1 -0
package/dist/audit/event-schema.js +566 -0
package/dist/audit/event-schema.js.map +1 -0
package/dist/audit/index.d.ts +16 -0
package/dist/audit/index.d.ts.map +1 -0
package/dist/audit/index.js +44 -0
package/dist/audit/index.js.map +1 -0
package/dist/audit/security-events.d.ts +1624 -0
package/dist/audit/security-events.d.ts.map +1 -0
package/dist/audit/security-events.js +775 -0
package/dist/audit/security-events.js.map +1 -0
package/dist/audit/security-logger.d.ts +288 -0
package/dist/audit/security-logger.d.ts.map +1 -0
package/dist/audit/security-logger.js +820 -0
package/dist/audit/security-logger.js.map +1 -0
package/dist/audit/service.d.ts +206 -0
package/dist/audit/service.d.ts.map +1 -0
package/dist/audit/service.js +756 -0
package/dist/audit/service.js.map +1 -0
package/dist/audit/siem/elastic.d.ts +94 -0
package/dist/audit/siem/elastic.d.ts.map +1 -0
package/dist/audit/siem/elastic.js +412 -0
package/dist/audit/siem/elastic.js.map +1 -0
package/dist/audit/siem/index.d.ts +179 -0
package/dist/audit/siem/index.d.ts.map +1 -0
package/dist/audit/siem/index.js +368 -0
package/dist/audit/siem/index.js.map +1 -0
package/dist/audit/siem/loki.d.ts +100 -0
package/dist/audit/siem/loki.d.ts.map +1 -0
package/dist/audit/siem/loki.js +406 -0
package/dist/audit/siem/loki.js.map +1 -0
package/dist/audit/siem/splunk.d.ts +91 -0
package/dist/audit/siem/splunk.d.ts.map +1 -0
package/dist/audit/siem/splunk.js +375 -0
package/dist/audit/siem/splunk.js.map +1 -0
package/dist/audit/siem/types.d.ts +547 -0
package/dist/audit/siem/types.d.ts.map +1 -0
package/dist/audit/siem/types.js +270 -0
package/dist/audit/siem/types.js.map +1 -0
package/dist/audit/types.d.ts +410 -0
package/dist/audit/types.d.ts.map +1 -0
package/dist/audit/types.js +130 -0
package/dist/audit/types.js.map +1 -0
package/dist/auth/index.d.ts +10 -0
package/dist/auth/index.d.ts.map +1 -0
package/dist/auth/index.js +10 -0
package/dist/auth/index.js.map +1 -0
package/dist/auth/mfa/index.d.ts +9 -0
package/dist/auth/mfa/index.d.ts.map +1 -0
package/dist/auth/mfa/index.js +9 -0
package/dist/auth/mfa/index.js.map +1 -0
package/dist/auth/mfa/totp.d.ts +222 -0
package/dist/auth/mfa/totp.d.ts.map +1 -0
package/dist/auth/mfa/totp.js +329 -0
package/dist/auth/mfa/totp.js.map +1 -0
package/dist/auth/piv-cac/card-removal-handler.d.ts +197 -0
package/dist/auth/piv-cac/card-removal-handler.d.ts.map +1 -0
package/dist/auth/piv-cac/card-removal-handler.js +560 -0
package/dist/auth/piv-cac/card-removal-handler.js.map +1 -0
package/dist/auth/piv-cac/certificate-auth.d.ts +117 -0
package/dist/auth/piv-cac/certificate-auth.d.ts.map +1 -0
package/dist/auth/piv-cac/certificate-auth.js +727 -0
package/dist/auth/piv-cac/certificate-auth.js.map +1 -0
package/dist/auth/piv-cac/certificate-mapper.d.ts +141 -0
package/dist/auth/piv-cac/certificate-mapper.d.ts.map +1 -0
package/dist/auth/piv-cac/certificate-mapper.js +569 -0
package/dist/auth/piv-cac/certificate-mapper.js.map +1 -0
package/dist/auth/piv-cac/crl-validator.d.ts +195 -0
package/dist/auth/piv-cac/crl-validator.d.ts.map +1 -0
package/dist/auth/piv-cac/crl-validator.js +824 -0
package/dist/auth/piv-cac/crl-validator.js.map +1 -0
package/dist/auth/piv-cac/index.d.ts +72 -0
package/dist/auth/piv-cac/index.d.ts.map +1 -0
package/dist/auth/piv-cac/index.js +172 -0
package/dist/auth/piv-cac/index.js.map +1 -0
package/dist/auth/piv-cac/ocsp-validator.d.ts +183 -0
package/dist/auth/piv-cac/ocsp-validator.d.ts.map +1 -0
package/dist/auth/piv-cac/ocsp-validator.js +657 -0
package/dist/auth/piv-cac/ocsp-validator.js.map +1 -0
package/dist/auth/piv-cac/piv-middleware.d.ts +95 -0
package/dist/auth/piv-cac/piv-middleware.d.ts.map +1 -0
package/dist/auth/piv-cac/piv-middleware.js +524 -0
package/dist/auth/piv-cac/piv-middleware.js.map +1 -0
package/dist/auth/piv-cac/piv-routes.d.ts +29 -0
package/dist/auth/piv-cac/piv-routes.d.ts.map +1 -0
package/dist/auth/piv-cac/piv-routes.js +534 -0
package/dist/auth/piv-cac/piv-routes.js.map +1 -0
package/dist/auth/piv-cac/pkcs11-provider.d.ts +280 -0
package/dist/auth/piv-cac/pkcs11-provider.d.ts.map +1 -0
package/dist/auth/piv-cac/pkcs11-provider.js +535 -0
package/dist/auth/piv-cac/pkcs11-provider.js.map +1 -0
package/dist/auth/piv-cac/types.d.ts +4098 -0
package/dist/auth/piv-cac/types.d.ts.map +1 -0
package/dist/auth/piv-cac/types.js +495 -0
package/dist/auth/piv-cac/types.js.map +1 -0
package/dist/basis/evaluator.d.ts +72 -0
package/dist/basis/evaluator.d.ts.map +1 -0
package/dist/basis/evaluator.js +275 -0
package/dist/basis/evaluator.js.map +1 -0
package/dist/basis/expression-evaluator.d.ts +77 -0
package/dist/basis/expression-evaluator.d.ts.map +1 -0
package/dist/basis/expression-evaluator.js +826 -0
package/dist/basis/expression-evaluator.js.map +1 -0
package/dist/basis/index.d.ts +13 -0
package/dist/basis/index.d.ts.map +1 -0
package/dist/basis/index.js +13 -0
package/dist/basis/index.js.map +1 -0
package/dist/basis/parser.d.ts +376 -0
package/dist/basis/parser.d.ts.map +1 -0
package/dist/basis/parser.js +178 -0
package/dist/basis/parser.js.map +1 -0
package/dist/basis/types.d.ts +115 -0
package/dist/basis/types.d.ts.map +1 -0
package/dist/basis/types.js +5 -0
package/dist/basis/types.js.map +1 -0
package/dist/car-extensions/aci-string-extensions.d.ts +10 -0
package/dist/car-extensions/aci-string-extensions.d.ts.map +1 -0
package/dist/car-extensions/aci-string-extensions.js +24 -0
package/dist/car-extensions/aci-string-extensions.js.map +1 -0
package/dist/car-extensions/builtin-extensions/audit.d.ts +88 -0
package/dist/car-extensions/builtin-extensions/audit.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/audit.js +445 -0
package/dist/car-extensions/builtin-extensions/audit.js.map +1 -0
package/dist/car-extensions/builtin-extensions/governance.d.ts +32 -0
package/dist/car-extensions/builtin-extensions/governance.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/governance.js +534 -0
package/dist/car-extensions/builtin-extensions/governance.js.map +1 -0
package/dist/car-extensions/builtin-extensions/monitoring.d.ts +43 -0
package/dist/car-extensions/builtin-extensions/monitoring.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/monitoring.js +416 -0
package/dist/car-extensions/builtin-extensions/monitoring.js.map +1 -0
package/dist/car-extensions/car-string-extensions.d.ts +355 -0
package/dist/car-extensions/car-string-extensions.d.ts.map +1 -0
package/dist/car-extensions/car-string-extensions.js +473 -0
package/dist/car-extensions/car-string-extensions.js.map +1 -0
package/dist/car-extensions/executor.d.ts +208 -0
package/dist/car-extensions/executor.d.ts.map +1 -0
package/dist/car-extensions/executor.js +789 -0
package/dist/car-extensions/executor.js.map +1 -0
package/dist/car-extensions/index.d.ts +94 -0
package/dist/car-extensions/index.d.ts.map +1 -0
package/dist/car-extensions/index.js +159 -0
package/dist/car-extensions/index.js.map +1 -0
package/dist/car-extensions/registry.d.ts +217 -0
package/dist/car-extensions/registry.d.ts.map +1 -0
package/dist/car-extensions/registry.js +450 -0
package/dist/car-extensions/registry.js.map +1 -0
package/dist/car-extensions/service.d.ts +220 -0
package/dist/car-extensions/service.d.ts.map +1 -0
package/dist/car-extensions/service.js +486 -0
package/dist/car-extensions/service.js.map +1 -0
package/dist/car-extensions/types.d.ts +2269 -0
package/dist/car-extensions/types.d.ts.map +1 -0
package/dist/car-extensions/types.js +389 -0
package/dist/car-extensions/types.js.map +1 -0
package/dist/cognigate/index.d.ts +192 -0
package/dist/cognigate/index.d.ts.map +1 -0
package/dist/cognigate/index.js +435 -0
package/dist/cognigate/index.js.map +1 -0
package/dist/cognigate/sandbox/capability-broker.d.ts +166 -0
package/dist/cognigate/sandbox/capability-broker.d.ts.map +1 -0
package/dist/cognigate/sandbox/capability-broker.js +461 -0
package/dist/cognigate/sandbox/capability-broker.js.map +1 -0
package/dist/cognigate/sandbox/filesystem-policy.d.ts +139 -0
package/dist/cognigate/sandbox/filesystem-policy.d.ts.map +1 -0
package/dist/cognigate/sandbox/filesystem-policy.js +426 -0
package/dist/cognigate/sandbox/filesystem-policy.js.map +1 -0
package/dist/cognigate/sandbox/index.d.ts +17 -0
package/dist/cognigate/sandbox/index.d.ts.map +1 -0
package/dist/cognigate/sandbox/index.js +24 -0
package/dist/cognigate/sandbox/index.js.map +1 -0
package/dist/cognigate/sandbox/network-policy.d.ts +126 -0
package/dist/cognigate/sandbox/network-policy.d.ts.map +1 -0
package/dist/cognigate/sandbox/network-policy.js +382 -0
package/dist/cognigate/sandbox/network-policy.js.map +1 -0
package/dist/cognigate/sandbox/sandbox-service.d.ts +70 -0
package/dist/cognigate/sandbox/sandbox-service.d.ts.map +1 -0
package/dist/cognigate/sandbox/sandbox-service.js +472 -0
package/dist/cognigate/sandbox/sandbox-service.js.map +1 -0
package/dist/cognigate/sandbox/types.d.ts +376 -0
package/dist/cognigate/sandbox/types.d.ts.map +1 -0
package/dist/cognigate/sandbox/types.js +179 -0
package/dist/cognigate/sandbox/types.js.map +1 -0
package/dist/common/adapters/index.d.ts +34 -0
package/dist/common/adapters/index.d.ts.map +1 -0
package/dist/common/adapters/index.js +46 -0
package/dist/common/adapters/index.js.map +1 -0
package/dist/common/adapters/memory-cache.d.ts +91 -0
package/dist/common/adapters/memory-cache.d.ts.map +1 -0
package/dist/common/adapters/memory-cache.js +201 -0
package/dist/common/adapters/memory-cache.js.map +1 -0
package/dist/common/adapters/memory-lock.d.ts +75 -0
package/dist/common/adapters/memory-lock.d.ts.map +1 -0
package/dist/common/adapters/memory-lock.js +219 -0
package/dist/common/adapters/memory-lock.js.map +1 -0
package/dist/common/adapters/memory-queue.d.ts +64 -0
package/dist/common/adapters/memory-queue.d.ts.map +1 -0
package/dist/common/adapters/memory-queue.js +233 -0
package/dist/common/adapters/memory-queue.js.map +1 -0
package/dist/common/adapters/memory-ratelimit.d.ts +78 -0
package/dist/common/adapters/memory-ratelimit.d.ts.map +1 -0
package/dist/common/adapters/memory-ratelimit.js +196 -0
package/dist/common/adapters/memory-ratelimit.js.map +1 -0
package/dist/common/adapters/memory-session.d.ts +105 -0
package/dist/common/adapters/memory-session.d.ts.map +1 -0
package/dist/common/adapters/memory-session.js +302 -0
package/dist/common/adapters/memory-session.js.map +1 -0
package/dist/common/adapters/provider.d.ts +47 -0
package/dist/common/adapters/provider.d.ts.map +1 -0
package/dist/common/adapters/provider.js +347 -0
package/dist/common/adapters/provider.js.map +1 -0
package/dist/common/adapters/types.d.ts +247 -0
package/dist/common/adapters/types.d.ts.map +1 -0
package/dist/common/adapters/types.js +11 -0
package/dist/common/adapters/types.js.map +1 -0
package/dist/common/alerts.d.ts +57 -0
package/dist/common/alerts.d.ts.map +1 -0
package/dist/common/alerts.js +216 -0
package/dist/common/alerts.js.map +1 -0
package/dist/common/authorization.d.ts +137 -0
package/dist/common/authorization.d.ts.map +1 -0
package/dist/common/authorization.js +270 -0
package/dist/common/authorization.js.map +1 -0
package/dist/common/canonical-bridge.d.ts +153 -0
package/dist/common/canonical-bridge.d.ts.map +1 -0
package/dist/common/canonical-bridge.js +236 -0
package/dist/common/canonical-bridge.js.map +1 -0
package/dist/common/canonical-json.d.ts +64 -0
package/dist/common/canonical-json.d.ts.map +1 -0
package/dist/common/canonical-json.js +95 -0
package/dist/common/canonical-json.js.map +1 -0
package/dist/common/circuit-breaker.d.ts +320 -0
package/dist/common/circuit-breaker.d.ts.map +1 -0
package/dist/common/circuit-breaker.js +887 -0
package/dist/common/circuit-breaker.js.map +1 -0
package/dist/common/config.d.ts +2053 -0
package/dist/common/config.d.ts.map +1 -0
package/dist/common/config.js +1314 -0
package/dist/common/config.js.map +1 -0
package/dist/common/contracts/index.d.ts +2 -0
package/dist/common/contracts/index.d.ts.map +1 -0
package/dist/common/contracts/index.js +2 -0
package/dist/common/contracts/index.js.map +1 -0
package/dist/common/contracts/output.d.ts +81 -0
package/dist/common/contracts/output.d.ts.map +1 -0
package/dist/common/contracts/output.js +38 -0
package/dist/common/contracts/output.js.map +1 -0
package/dist/common/crypto-utils.d.ts +103 -0
package/dist/common/crypto-utils.d.ts.map +1 -0
package/dist/common/crypto-utils.js +275 -0
package/dist/common/crypto-utils.js.map +1 -0
package/dist/common/crypto.d.ts +70 -0
package/dist/common/crypto.d.ts.map +1 -0
package/dist/common/crypto.js +201 -0
package/dist/common/crypto.js.map +1 -0
package/dist/common/database-resilience.d.ts +156 -0
package/dist/common/database-resilience.d.ts.map +1 -0
package/dist/common/database-resilience.js +269 -0
package/dist/common/database-resilience.js.map +1 -0
package/dist/common/db-metrics.d.ts +90 -0
package/dist/common/db-metrics.d.ts.map +1 -0
package/dist/common/db-metrics.js +219 -0
package/dist/common/db-metrics.js.map +1 -0
package/dist/common/db-pool.d.ts +307 -0
package/dist/common/db-pool.d.ts.map +1 -0
package/dist/common/db-pool.js +879 -0
package/dist/common/db-pool.js.map +1 -0
package/dist/common/db.d.ts +105 -0
package/dist/common/db.d.ts.map +1 -0
package/dist/common/db.js +216 -0
package/dist/common/db.js.map +1 -0
package/dist/common/debug-auth-middleware.d.ts +111 -0
package/dist/common/debug-auth-middleware.d.ts.map +1 -0
package/dist/common/debug-auth-middleware.js +285 -0
package/dist/common/debug-auth-middleware.js.map +1 -0
package/dist/common/di.d.ts +202 -0
package/dist/common/di.d.ts.map +1 -0
package/dist/common/di.js +219 -0
package/dist/common/di.js.map +1 -0
package/dist/common/encryption.d.ts +233 -0
package/dist/common/encryption.d.ts.map +1 -0
package/dist/common/encryption.js +527 -0
package/dist/common/encryption.js.map +1 -0
package/dist/common/error-sanitizer.d.ts +67 -0
package/dist/common/error-sanitizer.d.ts.map +1 -0
package/dist/common/error-sanitizer.js +298 -0
package/dist/common/error-sanitizer.js.map +1 -0
package/dist/common/errors.d.ts +229 -0
package/dist/common/errors.d.ts.map +1 -0
package/dist/common/errors.js +349 -0
package/dist/common/errors.js.map +1 -0
package/dist/common/expression/evaluator.d.ts +58 -0
package/dist/common/expression/evaluator.d.ts.map +1 -0
package/dist/common/expression/evaluator.js +326 -0
package/dist/common/expression/evaluator.js.map +1 -0
package/dist/common/expression/index.d.ts +180 -0
package/dist/common/expression/index.d.ts.map +1 -0
package/dist/common/expression/index.js +198 -0
package/dist/common/expression/index.js.map +1 -0
package/dist/common/expression/lexer.d.ts +69 -0
package/dist/common/expression/lexer.d.ts.map +1 -0
package/dist/common/expression/lexer.js +255 -0
package/dist/common/expression/lexer.js.map +1 -0
package/dist/common/expression/parser.d.ts +133 -0
package/dist/common/expression/parser.d.ts.map +1 -0
package/dist/common/expression/parser.js +293 -0
package/dist/common/expression/parser.js.map +1 -0
package/dist/common/group-membership.d.ts +119 -0
package/dist/common/group-membership.d.ts.map +1 -0
package/dist/common/group-membership.js +250 -0
package/dist/common/group-membership.js.map +1 -0
package/dist/common/index.d.ts +14 -0
package/dist/common/index.d.ts.map +1 -0
package/dist/common/index.js +15 -0
package/dist/common/index.js.map +1 -0
package/dist/common/leader-election.d.ts +40 -0
package/dist/common/leader-election.d.ts.map +1 -0
package/dist/common/leader-election.js +232 -0
package/dist/common/leader-election.js.map +1 -0
package/dist/common/lock.d.ts +77 -0
package/dist/common/lock.d.ts.map +1 -0
package/dist/common/lock.js +167 -0
package/dist/common/lock.js.map +1 -0
package/dist/common/logger.d.ts +19 -0
package/dist/common/logger.d.ts.map +1 -0
package/dist/common/logger.js +80 -0
package/dist/common/logger.js.map +1 -0
package/dist/common/metrics-registry.d.ts +48 -0
package/dist/common/metrics-registry.d.ts.map +1 -0
package/dist/common/metrics-registry.js +77 -0
package/dist/common/metrics-registry.js.map +1 -0
package/dist/common/metrics.d.ts +204 -0
package/dist/common/metrics.d.ts.map +1 -0
package/dist/common/metrics.js +497 -0
package/dist/common/metrics.js.map +1 -0
package/dist/common/operation-tracker.d.ts +137 -0
package/dist/common/operation-tracker.d.ts.map +1 -0
package/dist/common/operation-tracker.js +366 -0
package/dist/common/operation-tracker.js.map +1 -0
package/dist/common/provenance/chain.d.ts +54 -0
package/dist/common/provenance/chain.d.ts.map +1 -0
package/dist/common/provenance/chain.js +252 -0
package/dist/common/provenance/chain.js.map +1 -0
package/dist/common/provenance/index.d.ts +14 -0
package/dist/common/provenance/index.d.ts.map +1 -0
package/dist/common/provenance/index.js +19 -0
package/dist/common/provenance/index.js.map +1 -0
package/dist/common/provenance/query.d.ts +111 -0
package/dist/common/provenance/query.d.ts.map +1 -0
package/dist/common/provenance/query.js +310 -0
package/dist/common/provenance/query.js.map +1 -0
package/dist/common/provenance/storage.d.ts +297 -0
package/dist/common/provenance/storage.d.ts.map +1 -0
package/dist/common/provenance/storage.js +436 -0
package/dist/common/provenance/storage.js.map +1 -0
package/dist/common/provenance/tracker.d.ts +57 -0
package/dist/common/provenance/tracker.d.ts.map +1 -0
package/dist/common/provenance/tracker.js +209 -0
package/dist/common/provenance/tracker.js.map +1 -0
package/dist/common/provenance/types.d.ts +146 -0
package/dist/common/provenance/types.d.ts.map +1 -0
package/dist/common/provenance/types.js +10 -0
package/dist/common/provenance/types.js.map +1 -0
package/dist/common/random.d.ts +84 -0
package/dist/common/random.d.ts.map +1 -0
package/dist/common/random.js +130 -0
package/dist/common/random.js.map +1 -0
package/dist/common/redaction.d.ts +49 -0
package/dist/common/redaction.d.ts.map +1 -0
package/dist/common/redaction.js +217 -0
package/dist/common/redaction.js.map +1 -0
package/dist/common/redis-cluster.d.ts +538 -0
package/dist/common/redis-cluster.d.ts.map +1 -0
package/dist/common/redis-cluster.js +1539 -0
package/dist/common/redis-cluster.js.map +1 -0
package/dist/common/redis-resilience.d.ts +270 -0
package/dist/common/redis-resilience.d.ts.map +1 -0
package/dist/common/redis-resilience.js +586 -0
package/dist/common/redis-resilience.js.map +1 -0
package/dist/common/redis.d.ts +19 -0
package/dist/common/redis.d.ts.map +1 -0
package/dist/common/redis.js +73 -0
package/dist/common/redis.js.map +1 -0
package/dist/common/safe-json.d.ts +246 -0
package/dist/common/safe-json.d.ts.map +1 -0
package/dist/common/safe-json.js +442 -0
package/dist/common/safe-json.js.map +1 -0
package/dist/common/secret-generator.d.ts +142 -0
package/dist/common/secret-generator.d.ts.map +1 -0
package/dist/common/secret-generator.js +286 -0
package/dist/common/secret-generator.js.map +1 -0
package/dist/common/secure-fetch.d.ts +182 -0
package/dist/common/secure-fetch.d.ts.map +1 -0
package/dist/common/secure-fetch.js +657 -0
package/dist/common/secure-fetch.js.map +1 -0
package/dist/common/security-mode.d.ts +151 -0
package/dist/common/security-mode.d.ts.map +1 -0
package/dist/common/security-mode.js +482 -0
package/dist/common/security-mode.js.map +1 -0
package/dist/common/telemetry/index.d.ts +82 -0
package/dist/common/telemetry/index.d.ts.map +1 -0
package/dist/common/telemetry/index.js +198 -0
package/dist/common/telemetry/index.js.map +1 -0
package/dist/common/telemetry/instrumentation.d.ts +167 -0
package/dist/common/telemetry/instrumentation.d.ts.map +1 -0
package/dist/common/telemetry/instrumentation.js +492 -0
package/dist/common/telemetry/instrumentation.js.map +1 -0
package/dist/common/telemetry/metrics-bridge.d.ts +227 -0
package/dist/common/telemetry/metrics-bridge.d.ts.map +1 -0
package/dist/common/telemetry/metrics-bridge.js +437 -0
package/dist/common/telemetry/metrics-bridge.js.map +1 -0
package/dist/common/telemetry/middleware.d.ts +114 -0
package/dist/common/telemetry/middleware.d.ts.map +1 -0
package/dist/common/telemetry/middleware.js +353 -0
package/dist/common/telemetry/middleware.js.map +1 -0
package/dist/common/telemetry/propagation.d.ts +221 -0
package/dist/common/telemetry/propagation.d.ts.map +1 -0
package/dist/common/telemetry/propagation.js +409 -0
package/dist/common/telemetry/propagation.js.map +1 -0
package/dist/common/telemetry/spans.d.ts +295 -0
package/dist/common/telemetry/spans.d.ts.map +1 -0
package/dist/common/telemetry/spans.js +439 -0
package/dist/common/telemetry/spans.js.map +1 -0
package/dist/common/telemetry/tracer.d.ts +155 -0
package/dist/common/telemetry/tracer.d.ts.map +1 -0
package/dist/common/telemetry/tracer.js +343 -0
package/dist/common/telemetry/tracer.js.map +1 -0
package/dist/common/telemetry.d.ts +15 -0
package/dist/common/telemetry.d.ts.map +1 -0
package/dist/common/telemetry.js +61 -0
package/dist/common/telemetry.js.map +1 -0
package/dist/common/tenant-context.d.ts +253 -0
package/dist/common/tenant-context.d.ts.map +1 -0
package/dist/common/tenant-context.js +259 -0
package/dist/common/tenant-context.js.map +1 -0
package/dist/common/tenant-verification.d.ts +86 -0
package/dist/common/tenant-verification.d.ts.map +1 -0
package/dist/common/tenant-verification.js +184 -0
package/dist/common/tenant-verification.js.map +1 -0
package/dist/common/timeout.d.ts +40 -0
package/dist/common/timeout.d.ts.map +1 -0
package/dist/common/timeout.js +82 -0
package/dist/common/timeout.js.map +1 -0
package/dist/common/token-revocation.d.ts +44 -0
package/dist/common/token-revocation.d.ts.map +1 -0
package/dist/common/token-revocation.js +169 -0
package/dist/common/token-revocation.js.map +1 -0
package/dist/common/trace.d.ts +149 -0
package/dist/common/trace.d.ts.map +1 -0
package/dist/common/trace.js +328 -0
package/dist/common/trace.js.map +1 -0
package/dist/common/trust-cache.d.ts +263 -0
package/dist/common/trust-cache.d.ts.map +1 -0
package/dist/common/trust-cache.js +670 -0
package/dist/common/trust-cache.js.map +1 -0
package/dist/common/types.d.ts +351 -0
package/dist/common/types.d.ts.map +1 -0
package/dist/common/types.js +55 -0
package/dist/common/types.js.map +1 -0
package/dist/common/validation.d.ts +113 -0
package/dist/common/validation.d.ts.map +1 -0
package/dist/common/validation.js +221 -0
package/dist/common/validation.js.map +1 -0
package/dist/db/client.d.ts +72 -0
package/dist/db/client.d.ts.map +1 -0
package/dist/db/client.js +110 -0
package/dist/db/client.js.map +1 -0
package/dist/db/index.d.ts +9 -0
package/dist/db/index.d.ts.map +1 -0
package/dist/db/index.js +9 -0
package/dist/db/index.js.map +1 -0
package/dist/db/schema/merkle.d.ts +475 -0
package/dist/db/schema/merkle.d.ts.map +1 -0
package/dist/db/schema/merkle.js +100 -0
package/dist/db/schema/merkle.js.map +1 -0
package/dist/db/schema/proofs.d.ts +412 -0
package/dist/db/schema/proofs.d.ts.map +1 -0
package/dist/db/schema/proofs.js +63 -0
package/dist/db/schema/proofs.js.map +1 -0
package/dist/enforce/adapters.d.ts +73 -0
package/dist/enforce/adapters.d.ts.map +1 -0
package/dist/enforce/adapters.js +293 -0
package/dist/enforce/adapters.js.map +1 -0
package/dist/enforce/index.d.ts +213 -0
package/dist/enforce/index.d.ts.map +1 -0
package/dist/enforce/index.js +630 -0
package/dist/enforce/index.js.map +1 -0
package/dist/enforce/repository.d.ts +203 -0
package/dist/enforce/repository.d.ts.map +1 -0
package/dist/enforce/repository.js +359 -0
package/dist/enforce/repository.js.map +1 -0
package/dist/enforce/schema.d.ts +1198 -0
package/dist/enforce/schema.d.ts.map +1 -0
package/dist/enforce/schema.js +257 -0
package/dist/enforce/schema.js.map +1 -0
package/dist/friction/index.d.ts +235 -0
package/dist/friction/index.d.ts.map +1 -0
package/dist/friction/index.js +636 -0
package/dist/friction/index.js.map +1 -0
package/dist/friction/openapi.d.ts +23 -0
package/dist/friction/openapi.d.ts.map +1 -0
package/dist/friction/openapi.js +883 -0
package/dist/friction/openapi.js.map +1 -0
package/dist/friction/routes.d.ts +14 -0
package/dist/friction/routes.d.ts.map +1 -0
package/dist/friction/routes.js +206 -0
package/dist/friction/routes.js.map +1 -0
package/dist/governance/engine.d.ts +158 -0
package/dist/governance/engine.d.ts.map +1 -0
package/dist/governance/engine.js +248 -0
package/dist/governance/engine.js.map +1 -0
package/dist/governance/evaluator.d.ts +106 -0
package/dist/governance/evaluator.d.ts.map +1 -0
package/dist/governance/evaluator.js +277 -0
package/dist/governance/evaluator.js.map +1 -0
package/dist/governance/index.d.ts +11 -0
package/dist/governance/index.d.ts.map +1 -0
package/dist/governance/index.js +14 -0
package/dist/governance/index.js.map +1 -0
package/dist/governance/policy.d.ts +152 -0
package/dist/governance/policy.d.ts.map +1 -0
package/dist/governance/policy.js +152 -0
package/dist/governance/policy.js.map +1 -0
package/dist/index.d.ts +50 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +61 -0
package/dist/index.js.map +1 -0
package/dist/intent/adapters.d.ts +101 -0
package/dist/intent/adapters.d.ts.map +1 -0
package/dist/intent/adapters.js +250 -0
package/dist/intent/adapters.js.map +1 -0
package/dist/intent/audit.d.ts +119 -0
package/dist/intent/audit.d.ts.map +1 -0
package/dist/intent/audit.js +463 -0
package/dist/intent/audit.js.map +1 -0
package/dist/intent/classifier/index.d.ts +121 -0
package/dist/intent/classifier/index.d.ts.map +1 -0
package/dist/intent/classifier/index.js +232 -0
package/dist/intent/classifier/index.js.map +1 -0
package/dist/intent/classifier/patterns.d.ts +129 -0
package/dist/intent/classifier/patterns.d.ts.map +1 -0
package/dist/intent/classifier/patterns.js +471 -0
package/dist/intent/classifier/patterns.js.map +1 -0
package/dist/intent/classifier/risk.d.ts +177 -0
package/dist/intent/classifier/risk.d.ts.map +1 -0
package/dist/intent/classifier/risk.js +335 -0
package/dist/intent/classifier/risk.js.map +1 -0
package/dist/intent/cleanup.d.ts +24 -0
package/dist/intent/cleanup.d.ts.map +1 -0
package/dist/intent/cleanup.js +104 -0
package/dist/intent/cleanup.js.map +1 -0
package/dist/intent/consent.d.ts +238 -0
package/dist/intent/consent.d.ts.map +1 -0
package/dist/intent/consent.js +427 -0
package/dist/intent/consent.js.map +1 -0
package/dist/intent/escalation.d.ts +284 -0
package/dist/intent/escalation.d.ts.map +1 -0
package/dist/intent/escalation.js +618 -0
package/dist/intent/escalation.js.map +1 -0
package/dist/intent/gdpr-rate-limiter.d.ts +170 -0
package/dist/intent/gdpr-rate-limiter.d.ts.map +1 -0
package/dist/intent/gdpr-rate-limiter.js +385 -0
package/dist/intent/gdpr-rate-limiter.js.map +1 -0
package/dist/intent/gdpr.d.ts +323 -0
package/dist/intent/gdpr.d.ts.map +1 -0
package/dist/intent/gdpr.js +1013 -0
package/dist/intent/gdpr.js.map +1 -0
package/dist/intent/health.d.ts +214 -0
package/dist/intent/health.d.ts.map +1 -0
package/dist/intent/health.js +526 -0
package/dist/intent/health.js.map +1 -0
package/dist/intent/index.d.ts +565 -0
package/dist/intent/index.d.ts.map +1 -0
package/dist/intent/index.js +756 -0
package/dist/intent/index.js.map +1 -0
package/dist/intent/metrics.d.ts +399 -0
package/dist/intent/metrics.d.ts.map +1 -0
package/dist/intent/metrics.js +886 -0
package/dist/intent/metrics.js.map +1 -0
package/dist/intent/openapi.d.ts +22 -0
package/dist/intent/openapi.d.ts.map +1 -0
package/dist/intent/openapi.js +1674 -0
package/dist/intent/openapi.js.map +1 -0
package/dist/intent/planner/dependency.d.ts +78 -0
package/dist/intent/planner/dependency.d.ts.map +1 -0
package/dist/intent/planner/dependency.js +334 -0
package/dist/intent/planner/dependency.js.map +1 -0
package/dist/intent/planner/index.d.ts +130 -0
package/dist/intent/planner/index.d.ts.map +1 -0
package/dist/intent/planner/index.js +372 -0
package/dist/intent/planner/index.js.map +1 -0
package/dist/intent/planner/rollback.d.ts +92 -0
package/dist/intent/planner/rollback.d.ts.map +1 -0
package/dist/intent/planner/rollback.js +326 -0
package/dist/intent/planner/rollback.js.map +1 -0
package/dist/intent/planner/templates.d.ts +81 -0
package/dist/intent/planner/templates.d.ts.map +1 -0
package/dist/intent/planner/templates.js +560 -0
package/dist/intent/planner/templates.js.map +1 -0
package/dist/intent/planner/types.d.ts +38 -0
package/dist/intent/planner/types.d.ts.map +1 -0
package/dist/intent/planner/types.js +10 -0
package/dist/intent/planner/types.js.map +1 -0
package/dist/intent/queue.d.ts +150 -0
package/dist/intent/queue.d.ts.map +1 -0
package/dist/intent/queue.js +339 -0
package/dist/intent/queue.js.map +1 -0
package/dist/intent/queues.d.ts +176 -0
package/dist/intent/queues.d.ts.map +1 -0
package/dist/intent/queues.js +1393 -0
package/dist/intent/queues.js.map +1 -0
package/dist/intent/ratelimit.d.ts +147 -0
package/dist/intent/ratelimit.d.ts.map +1 -0
package/dist/intent/ratelimit.js +301 -0
package/dist/intent/ratelimit.js.map +1 -0
package/dist/intent/replay/comparator.d.ts +73 -0
package/dist/intent/replay/comparator.d.ts.map +1 -0
package/dist/intent/replay/comparator.js +320 -0
package/dist/intent/replay/comparator.js.map +1 -0
package/dist/intent/replay/index.d.ts +104 -0
package/dist/intent/replay/index.d.ts.map +1 -0
package/dist/intent/replay/index.js +487 -0
package/dist/intent/replay/index.js.map +1 -0
package/dist/intent/replay/simulator.d.ts +184 -0
package/dist/intent/replay/simulator.d.ts.map +1 -0
package/dist/intent/replay/simulator.js +512 -0
package/dist/intent/replay/simulator.js.map +1 -0
package/dist/intent/replay/snapshot.d.ts +149 -0
package/dist/intent/replay/snapshot.d.ts.map +1 -0
package/dist/intent/replay/snapshot.js +245 -0
package/dist/intent/replay/snapshot.js.map +1 -0
package/dist/intent/replay/types.d.ts +143 -0
package/dist/intent/replay/types.d.ts.map +1 -0
package/dist/intent/replay/types.js +10 -0
package/dist/intent/replay/types.js.map +1 -0
package/dist/intent/repository.d.ts +198 -0
package/dist/intent/repository.d.ts.map +1 -0
package/dist/intent/repository.js +538 -0
package/dist/intent/repository.js.map +1 -0
package/dist/intent/response-middleware.d.ts +156 -0
package/dist/intent/response-middleware.d.ts.map +1 -0
package/dist/intent/response-middleware.js +346 -0
package/dist/intent/response-middleware.js.map +1 -0
package/dist/intent/response.d.ts +267 -0
package/dist/intent/response.d.ts.map +1 -0
package/dist/intent/response.js +402 -0
package/dist/intent/response.js.map +1 -0
package/dist/intent/routes.d.ts +35 -0
package/dist/intent/routes.d.ts.map +1 -0
package/dist/intent/routes.js +1023 -0
package/dist/intent/routes.js.map +1 -0
package/dist/intent/scheduler.d.ts +45 -0
package/dist/intent/scheduler.d.ts.map +1 -0
package/dist/intent/scheduler.js +221 -0
package/dist/intent/scheduler.js.map +1 -0
package/dist/intent/schema.d.ts +3817 -0
package/dist/intent/schema.d.ts.map +1 -0
package/dist/intent/schema.js +631 -0
package/dist/intent/schema.js.map +1 -0
package/dist/intent/shutdown.d.ts +145 -0
package/dist/intent/shutdown.d.ts.map +1 -0
package/dist/intent/shutdown.js +468 -0
package/dist/intent/shutdown.js.map +1 -0
package/dist/intent/state-machine.d.ts +111 -0
package/dist/intent/state-machine.d.ts.map +1 -0
package/dist/intent/state-machine.js +242 -0
package/dist/intent/state-machine.js.map +1 -0
package/dist/intent/tracing.d.ts +152 -0
package/dist/intent/tracing.d.ts.map +1 -0
package/dist/intent/tracing.js +658 -0
package/dist/intent/tracing.js.map +1 -0
package/dist/intent/types.d.ts +188 -0
package/dist/intent/types.d.ts.map +1 -0
package/dist/intent/types.js +25 -0
package/dist/intent/types.js.map +1 -0
package/dist/intent/webhooks/delivery-repository.d.ts +80 -0
package/dist/intent/webhooks/delivery-repository.d.ts.map +1 -0
package/dist/intent/webhooks/delivery-repository.js +251 -0
package/dist/intent/webhooks/delivery-repository.js.map +1 -0
package/dist/intent/webhooks/dns-pinning.d.ts +30 -0
package/dist/intent/webhooks/dns-pinning.d.ts.map +1 -0
package/dist/intent/webhooks/dns-pinning.js +69 -0
package/dist/intent/webhooks/dns-pinning.js.map +1 -0
package/dist/intent/webhooks/index.d.ts +14 -0
package/dist/intent/webhooks/index.d.ts.map +1 -0
package/dist/intent/webhooks/index.js +17 -0
package/dist/intent/webhooks/index.js.map +1 -0
package/dist/intent/webhooks/signature.d.ts +47 -0
package/dist/intent/webhooks/signature.d.ts.map +1 -0
package/dist/intent/webhooks/signature.js +80 -0
package/dist/intent/webhooks/signature.js.map +1 -0
package/dist/intent/webhooks/ssrf-protection.d.ts +29 -0
package/dist/intent/webhooks/ssrf-protection.d.ts.map +1 -0
package/dist/intent/webhooks/ssrf-protection.js +161 -0
package/dist/intent/webhooks/ssrf-protection.js.map +1 -0
package/dist/intent/webhooks/types.d.ts +132 -0
package/dist/intent/webhooks/types.d.ts.map +1 -0
package/dist/intent/webhooks/types.js +14 -0
package/dist/intent/webhooks/types.js.map +1 -0
package/dist/intent/webhooks.d.ts +618 -0
package/dist/intent/webhooks.d.ts.map +1 -0
package/dist/intent/webhooks.js +1836 -0
package/dist/intent/webhooks.js.map +1 -0
package/dist/intent-gateway/ai-act-classifier.d.ts +18 -0
package/dist/intent-gateway/ai-act-classifier.d.ts.map +1 -0
package/dist/intent-gateway/ai-act-classifier.js +296 -0
package/dist/intent-gateway/ai-act-classifier.js.map +1 -0
package/dist/intent-gateway/index.d.ts +43 -0
package/dist/intent-gateway/index.d.ts.map +1 -0
package/dist/intent-gateway/index.js +236 -0
package/dist/intent-gateway/index.js.map +1 -0
package/dist/intent-gateway/jurisdiction-resolver.d.ts +19 -0
package/dist/intent-gateway/jurisdiction-resolver.d.ts.map +1 -0
package/dist/intent-gateway/jurisdiction-resolver.js +236 -0
package/dist/intent-gateway/jurisdiction-resolver.js.map +1 -0
package/dist/intent-gateway/policy-composer.d.ts +27 -0
package/dist/intent-gateway/policy-composer.d.ts.map +1 -0
package/dist/intent-gateway/policy-composer.js +418 -0
package/dist/intent-gateway/policy-composer.js.map +1 -0
package/dist/intent-gateway/regime-selector.d.ts +26 -0
package/dist/intent-gateway/regime-selector.d.ts.map +1 -0
package/dist/intent-gateway/regime-selector.js +185 -0
package/dist/intent-gateway/regime-selector.js.map +1 -0
package/dist/intent-gateway/types.d.ts +103 -0
package/dist/intent-gateway/types.d.ts.map +1 -0
package/dist/intent-gateway/types.js +85 -0
package/dist/intent-gateway/types.js.map +1 -0
package/dist/observability/alerts.d.ts +136 -0
package/dist/observability/alerts.d.ts.map +1 -0
package/dist/observability/alerts.js +485 -0
package/dist/observability/alerts.js.map +1 -0
package/dist/observability/health.d.ts +102 -0
package/dist/observability/health.d.ts.map +1 -0
package/dist/observability/health.js +415 -0
package/dist/observability/health.js.map +1 -0
package/dist/observability/index.d.ts +29 -0
package/dist/observability/index.d.ts.map +1 -0
package/dist/observability/index.js +72 -0
package/dist/observability/index.js.map +1 -0
package/dist/observability/logging.d.ts +90 -0
package/dist/observability/logging.d.ts.map +1 -0
package/dist/observability/logging.js +260 -0
package/dist/observability/logging.js.map +1 -0
package/dist/observability/metrics.d.ts +226 -0
package/dist/observability/metrics.d.ts.map +1 -0
package/dist/observability/metrics.js +527 -0
package/dist/observability/metrics.js.map +1 -0
package/dist/observability/tracing.d.ts +120 -0
package/dist/observability/tracing.d.ts.map +1 -0
package/dist/observability/tracing.js +285 -0
package/dist/observability/tracing.js.map +1 -0
package/dist/persistence/audit.d.ts +169 -0
package/dist/persistence/audit.d.ts.map +1 -0
package/dist/persistence/audit.js +342 -0
package/dist/persistence/audit.js.map +1 -0
package/dist/persistence/index.d.ts +13 -0
package/dist/persistence/index.d.ts.map +1 -0
package/dist/persistence/index.js +15 -0
package/dist/persistence/index.js.map +1 -0
package/dist/persistence/repository.d.ts +192 -0
package/dist/persistence/repository.d.ts.map +1 -0
package/dist/persistence/repository.js +223 -0
package/dist/persistence/repository.js.map +1 -0
package/dist/policy/diff.d.ts +88 -0
package/dist/policy/diff.d.ts.map +1 -0
package/dist/policy/diff.js +325 -0
package/dist/policy/diff.js.map +1 -0
package/dist/policy/distributed-cache.d.ts +205 -0
package/dist/policy/distributed-cache.d.ts.map +1 -0
package/dist/policy/distributed-cache.js +683 -0
package/dist/policy/distributed-cache.js.map +1 -0
package/dist/policy/evaluator.d.ts +102 -0
package/dist/policy/evaluator.d.ts.map +1 -0
package/dist/policy/evaluator.js +648 -0
package/dist/policy/evaluator.js.map +1 -0
package/dist/policy/index.d.ts +24 -0
package/dist/policy/index.d.ts.map +1 -0
package/dist/policy/index.js +27 -0
package/dist/policy/index.js.map +1 -0
package/dist/policy/loader.d.ts +63 -0
package/dist/policy/loader.d.ts.map +1 -0
package/dist/policy/loader.js +176 -0
package/dist/policy/loader.js.map +1 -0
package/dist/policy/service.d.ts +240 -0
package/dist/policy/service.d.ts.map +1 -0
package/dist/policy/service.js +1032 -0
package/dist/policy/service.js.map +1 -0
package/dist/policy/types.d.ts +220 -0
package/dist/policy/types.d.ts.map +1 -0
package/dist/policy/types.js +36 -0
package/dist/policy/types.js.map +1 -0
package/dist/policy/visual-builder/index.d.ts +201 -0
package/dist/policy/visual-builder/index.d.ts.map +1 -0
package/dist/policy/visual-builder/index.js +727 -0
package/dist/policy/visual-builder/index.js.map +1 -0
package/dist/policy/visual-builder/inheritance.d.ts +151 -0
package/dist/policy/visual-builder/inheritance.d.ts.map +1 -0
package/dist/policy/visual-builder/inheritance.js +314 -0
package/dist/policy/visual-builder/inheritance.js.map +1 -0
package/dist/policy/visual-builder/propagation.d.ts +146 -0
package/dist/policy/visual-builder/propagation.d.ts.map +1 -0
package/dist/policy/visual-builder/propagation.js +299 -0
package/dist/policy/visual-builder/propagation.js.map +1 -0
package/dist/policy/visual-builder/routes.d.ts +14 -0
package/dist/policy/visual-builder/routes.d.ts.map +1 -0
package/dist/policy/visual-builder/routes.js +528 -0
package/dist/policy/visual-builder/routes.js.map +1 -0
package/dist/policy/visual-builder/simulator.d.ts +161 -0
package/dist/policy/visual-builder/simulator.d.ts.map +1 -0
package/dist/policy/visual-builder/simulator.js +413 -0
package/dist/policy/visual-builder/simulator.js.map +1 -0
package/dist/policy/visual-builder/templates.d.ts +119 -0
package/dist/policy/visual-builder/templates.d.ts.map +1 -0
package/dist/policy/visual-builder/templates.js +627 -0
package/dist/policy/visual-builder/templates.js.map +1 -0
package/dist/proof/chain/index.d.ts +271 -0
package/dist/proof/chain/index.d.ts.map +1 -0
package/dist/proof/chain/index.js +483 -0
package/dist/proof/chain/index.js.map +1 -0
package/dist/proof/index.d.ts +206 -0
package/dist/proof/index.d.ts.map +1 -0
package/dist/proof/index.js +597 -0
package/dist/proof/index.js.map +1 -0
package/dist/proof/merkle-service.d.ts +194 -0
package/dist/proof/merkle-service.d.ts.map +1 -0
package/dist/proof/merkle-service.js +463 -0
package/dist/proof/merkle-service.js.map +1 -0
package/dist/proof/merkle.d.ts +118 -0
package/dist/proof/merkle.d.ts.map +1 -0
package/dist/proof/merkle.js +265 -0
package/dist/proof/merkle.js.map +1 -0
package/dist/security/ai-governance/access-policy.d.ts +197 -0
package/dist/security/ai-governance/access-policy.d.ts.map +1 -0
package/dist/security/ai-governance/access-policy.js +522 -0
package/dist/security/ai-governance/access-policy.js.map +1 -0
package/dist/security/ai-governance/audit-trail.d.ts +241 -0
package/dist/security/ai-governance/audit-trail.d.ts.map +1 -0
package/dist/security/ai-governance/audit-trail.js +645 -0
package/dist/security/ai-governance/audit-trail.js.map +1 -0
package/dist/security/ai-governance/bias-detection.d.ts +221 -0
package/dist/security/ai-governance/bias-detection.d.ts.map +1 -0
package/dist/security/ai-governance/bias-detection.js +615 -0
package/dist/security/ai-governance/bias-detection.js.map +1 -0
package/dist/security/ai-governance/index.d.ts +92 -0
package/dist/security/ai-governance/index.d.ts.map +1 -0
package/dist/security/ai-governance/index.js +184 -0
package/dist/security/ai-governance/index.js.map +1 -0
package/dist/security/ai-governance/middleware.d.ts +110 -0
package/dist/security/ai-governance/middleware.d.ts.map +1 -0
package/dist/security/ai-governance/middleware.js +359 -0
package/dist/security/ai-governance/middleware.js.map +1 -0
package/dist/security/ai-governance/model-registry.d.ts +229 -0
package/dist/security/ai-governance/model-registry.d.ts.map +1 -0
package/dist/security/ai-governance/model-registry.js +535 -0
package/dist/security/ai-governance/model-registry.js.map +1 -0
package/dist/security/ai-governance/output-filter.d.ts +150 -0
package/dist/security/ai-governance/output-filter.d.ts.map +1 -0
package/dist/security/ai-governance/output-filter.js +561 -0
package/dist/security/ai-governance/output-filter.js.map +1 -0
package/dist/security/ai-governance/prompt-injection.d.ts +153 -0
package/dist/security/ai-governance/prompt-injection.d.ts.map +1 -0
package/dist/security/ai-governance/prompt-injection.js +614 -0
package/dist/security/ai-governance/prompt-injection.js.map +1 -0
package/dist/security/ai-governance/rate-limiter.d.ts +156 -0
package/dist/security/ai-governance/rate-limiter.d.ts.map +1 -0
package/dist/security/ai-governance/rate-limiter.js +541 -0
package/dist/security/ai-governance/rate-limiter.js.map +1 -0
package/dist/security/ai-governance/types.d.ts +594 -0
package/dist/security/ai-governance/types.d.ts.map +1 -0
package/dist/security/ai-governance/types.js +6 -0
package/dist/security/ai-governance/types.js.map +1 -0
package/dist/security/alerting/channels/base.d.ts +91 -0
package/dist/security/alerting/channels/base.d.ts.map +1 -0
package/dist/security/alerting/channels/base.js +128 -0
package/dist/security/alerting/channels/base.js.map +1 -0
package/dist/security/alerting/channels/email.d.ts +92 -0
package/dist/security/alerting/channels/email.d.ts.map +1 -0
package/dist/security/alerting/channels/email.js +418 -0
package/dist/security/alerting/channels/email.js.map +1 -0
package/dist/security/alerting/channels/http-base.d.ts +86 -0
package/dist/security/alerting/channels/http-base.d.ts.map +1 -0
package/dist/security/alerting/channels/http-base.js +133 -0
package/dist/security/alerting/channels/http-base.js.map +1 -0
package/dist/security/alerting/channels/index.d.ts +30 -0
package/dist/security/alerting/channels/index.d.ts.map +1 -0
package/dist/security/alerting/channels/index.js +22 -0
package/dist/security/alerting/channels/index.js.map +1 -0
package/dist/security/alerting/channels/pagerduty.d.ts +70 -0
package/dist/security/alerting/channels/pagerduty.d.ts.map +1 -0
package/dist/security/alerting/channels/pagerduty.js +248 -0
package/dist/security/alerting/channels/pagerduty.js.map +1 -0
package/dist/security/alerting/channels/slack.d.ts +55 -0
package/dist/security/alerting/channels/slack.d.ts.map +1 -0
package/dist/security/alerting/channels/slack.js +215 -0
package/dist/security/alerting/channels/slack.js.map +1 -0
package/dist/security/alerting/channels/sns.d.ts +87 -0
package/dist/security/alerting/channels/sns.d.ts.map +1 -0
package/dist/security/alerting/channels/sns.js +251 -0
package/dist/security/alerting/channels/sns.js.map +1 -0
package/dist/security/alerting/channels/webhook.d.ts +92 -0
package/dist/security/alerting/channels/webhook.d.ts.map +1 -0
package/dist/security/alerting/channels/webhook.js +203 -0
package/dist/security/alerting/channels/webhook.js.map +1 -0
package/dist/security/alerting/detector.d.ts +217 -0
package/dist/security/alerting/detector.d.ts.map +1 -0
package/dist/security/alerting/detector.js +725 -0
package/dist/security/alerting/detector.js.map +1 -0
package/dist/security/alerting/index.d.ts +57 -0
package/dist/security/alerting/index.d.ts.map +1 -0
package/dist/security/alerting/index.js +214 -0
package/dist/security/alerting/index.js.map +1 -0
package/dist/security/alerting/service.d.ts +190 -0
package/dist/security/alerting/service.d.ts.map +1 -0
package/dist/security/alerting/service.js +815 -0
package/dist/security/alerting/service.js.map +1 -0
package/dist/security/alerting/types.d.ts +2165 -0
package/dist/security/alerting/types.d.ts.map +1 -0
package/dist/security/alerting/types.js +278 -0
package/dist/security/alerting/types.js.map +1 -0
package/dist/security/anomaly/detectors/account-compromise.d.ts +198 -0
package/dist/security/anomaly/detectors/account-compromise.d.ts.map +1 -0
package/dist/security/anomaly/detectors/account-compromise.js +815 -0
package/dist/security/anomaly/detectors/account-compromise.js.map +1 -0
package/dist/security/anomaly/detectors/data-exfiltration.d.ts +175 -0
package/dist/security/anomaly/detectors/data-exfiltration.d.ts.map +1 -0
package/dist/security/anomaly/detectors/data-exfiltration.js +733 -0
package/dist/security/anomaly/detectors/data-exfiltration.js.map +1 -0
package/dist/security/anomaly/detectors/geographic.d.ts +100 -0
package/dist/security/anomaly/detectors/geographic.d.ts.map +1 -0
package/dist/security/anomaly/detectors/geographic.js +348 -0
package/dist/security/anomaly/detectors/geographic.js.map +1 -0
package/dist/security/anomaly/detectors/index.d.ts +86 -0
package/dist/security/anomaly/detectors/index.d.ts.map +1 -0
package/dist/security/anomaly/detectors/index.js +118 -0
package/dist/security/anomaly/detectors/index.js.map +1 -0
package/dist/security/anomaly/detectors/lateral-movement.d.ts +168 -0
package/dist/security/anomaly/detectors/lateral-movement.d.ts.map +1 -0
package/dist/security/anomaly/detectors/lateral-movement.js +795 -0
package/dist/security/anomaly/detectors/lateral-movement.js.map +1 -0
package/dist/security/anomaly/detectors/privilege-escalation.d.ts +177 -0
package/dist/security/anomaly/detectors/privilege-escalation.d.ts.map +1 -0
package/dist/security/anomaly/detectors/privilege-escalation.js +741 -0
package/dist/security/anomaly/detectors/privilege-escalation.js.map +1 -0
package/dist/security/anomaly/detectors/temporal.d.ts +71 -0
package/dist/security/anomaly/detectors/temporal.d.ts.map +1 -0
package/dist/security/anomaly/detectors/temporal.js +398 -0
package/dist/security/anomaly/detectors/temporal.js.map +1 -0
package/dist/security/anomaly/detectors/volume.d.ts +97 -0
package/dist/security/anomaly/detectors/volume.d.ts.map +1 -0
package/dist/security/anomaly/detectors/volume.js +424 -0
package/dist/security/anomaly/detectors/volume.js.map +1 -0
package/dist/security/anomaly/index.d.ts +128 -0
package/dist/security/anomaly/index.d.ts.map +1 -0
package/dist/security/anomaly/index.js +378 -0
package/dist/security/anomaly/index.js.map +1 -0
package/dist/security/anomaly/types.d.ts +1209 -0
package/dist/security/anomaly/types.d.ts.map +1 -0
package/dist/security/anomaly/types.js +193 -0
package/dist/security/anomaly/types.js.map +1 -0
package/dist/security/api-keys/cache.d.ts +255 -0
package/dist/security/api-keys/cache.d.ts.map +1 -0
package/dist/security/api-keys/cache.js +595 -0
package/dist/security/api-keys/cache.js.map +1 -0
package/dist/security/api-keys/db-store.d.ts +150 -0
package/dist/security/api-keys/db-store.d.ts.map +1 -0
package/dist/security/api-keys/db-store.js +694 -0
package/dist/security/api-keys/db-store.js.map +1 -0
package/dist/security/api-keys/index.d.ts +29 -0
package/dist/security/api-keys/index.d.ts.map +1 -0
package/dist/security/api-keys/index.js +81 -0
package/dist/security/api-keys/index.js.map +1 -0
package/dist/security/api-keys/middleware.d.ts +164 -0
package/dist/security/api-keys/middleware.d.ts.map +1 -0
package/dist/security/api-keys/middleware.js +392 -0
package/dist/security/api-keys/middleware.js.map +1 -0
package/dist/security/api-keys/service.d.ts +226 -0
package/dist/security/api-keys/service.d.ts.map +1 -0
package/dist/security/api-keys/service.js +861 -0
package/dist/security/api-keys/service.js.map +1 -0
package/dist/security/api-keys/store.d.ts +241 -0
package/dist/security/api-keys/store.d.ts.map +1 -0
package/dist/security/api-keys/store.js +360 -0
package/dist/security/api-keys/store.js.map +1 -0
package/dist/security/api-keys/types.d.ts +718 -0
package/dist/security/api-keys/types.d.ts.map +1 -0
package/dist/security/api-keys/types.js +162 -0
package/dist/security/api-keys/types.js.map +1 -0
package/dist/security/brute-force.d.ts +390 -0
package/dist/security/brute-force.d.ts.map +1 -0
package/dist/security/brute-force.js +677 -0
package/dist/security/brute-force.js.map +1 -0
package/dist/security/config-validator.d.ts +152 -0
package/dist/security/config-validator.d.ts.map +1 -0
package/dist/security/config-validator.js +667 -0
package/dist/security/config-validator.js.map +1 -0
package/dist/security/crypto/fips-mode.d.ts +726 -0
package/dist/security/crypto/fips-mode.d.ts.map +1 -0
package/dist/security/crypto/fips-mode.js +1297 -0
package/dist/security/crypto/fips-mode.js.map +1 -0
package/dist/security/crypto/index.d.ts +203 -0
package/dist/security/crypto/index.d.ts.map +1 -0
package/dist/security/crypto/index.js +293 -0
package/dist/security/crypto/index.js.map +1 -0
package/dist/security/crypto/post-quantum/benchmark.d.ts +125 -0
package/dist/security/crypto/post-quantum/benchmark.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/benchmark.js +530 -0
package/dist/security/crypto/post-quantum/benchmark.js.map +1 -0
package/dist/security/crypto/post-quantum/dilithium.d.ts +146 -0
package/dist/security/crypto/post-quantum/dilithium.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/dilithium.js +662 -0
package/dist/security/crypto/post-quantum/dilithium.js.map +1 -0
package/dist/security/crypto/post-quantum/hybrid.d.ts +267 -0
package/dist/security/crypto/post-quantum/hybrid.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/hybrid.js +457 -0
package/dist/security/crypto/post-quantum/hybrid.js.map +1 -0
package/dist/security/crypto/post-quantum/index.d.ts +166 -0
package/dist/security/crypto/post-quantum/index.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/index.js +236 -0
package/dist/security/crypto/post-quantum/index.js.map +1 -0
package/dist/security/crypto/post-quantum/kyber.d.ts +131 -0
package/dist/security/crypto/post-quantum/kyber.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/kyber.js +640 -0
package/dist/security/crypto/post-quantum/kyber.js.map +1 -0
package/dist/security/crypto/post-quantum/migration.d.ts +230 -0
package/dist/security/crypto/post-quantum/migration.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/migration.js +563 -0
package/dist/security/crypto/post-quantum/migration.js.map +1 -0
package/dist/security/crypto/post-quantum/types.d.ts +1056 -0
package/dist/security/crypto/post-quantum/types.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/types.js +350 -0
package/dist/security/crypto/post-quantum/types.js.map +1 -0
package/dist/security/crypto/shamir/comparison.d.ts +128 -0
package/dist/security/crypto/shamir/comparison.d.ts.map +1 -0
package/dist/security/crypto/shamir/comparison.js +423 -0
package/dist/security/crypto/shamir/comparison.js.map +1 -0
package/dist/security/crypto/shamir/index.d.ts +76 -0
package/dist/security/crypto/shamir/index.d.ts.map +1 -0
package/dist/security/crypto/shamir/index.js +155 -0
package/dist/security/crypto/shamir/index.js.map +1 -0
package/dist/security/crypto/shamir/proofs.d.ts +259 -0
package/dist/security/crypto/shamir/proofs.d.ts.map +1 -0
package/dist/security/crypto/shamir/proofs.js +605 -0
package/dist/security/crypto/shamir/proofs.js.map +1 -0
package/dist/security/crypto/shamir/property-tests.d.ts +104 -0
package/dist/security/crypto/shamir/property-tests.d.ts.map +1 -0
package/dist/security/crypto/shamir/property-tests.js +480 -0
package/dist/security/crypto/shamir/property-tests.js.map +1 -0
package/dist/security/crypto/shamir/security-analysis.d.ts +97 -0
package/dist/security/crypto/shamir/security-analysis.d.ts.map +1 -0
package/dist/security/crypto/shamir/security-analysis.js +503 -0
package/dist/security/crypto/shamir/security-analysis.js.map +1 -0
package/dist/security/crypto/shamir/test-vectors.d.ts +116 -0
package/dist/security/crypto/shamir/test-vectors.d.ts.map +1 -0
package/dist/security/crypto/shamir/test-vectors.js +377 -0
package/dist/security/crypto/shamir/test-vectors.js.map +1 -0
package/dist/security/crypto/shamir/types.d.ts +281 -0
package/dist/security/crypto/shamir/types.d.ts.map +1 -0
package/dist/security/crypto/shamir/types.js +82 -0
package/dist/security/crypto/shamir/types.js.map +1 -0
package/dist/security/crypto/shamir/verified-shamir.d.ts +170 -0
package/dist/security/crypto/shamir/verified-shamir.d.ts.map +1 -0
package/dist/security/crypto/shamir/verified-shamir.js +624 -0
package/dist/security/crypto/shamir/verified-shamir.js.map +1 -0
package/dist/security/csrf.d.ts +215 -0
package/dist/security/csrf.d.ts.map +1 -0
package/dist/security/csrf.js +467 -0
package/dist/security/csrf.js.map +1 -0
package/dist/security/distributed-state.d.ts +331 -0
package/dist/security/distributed-state.d.ts.map +1 -0
package/dist/security/distributed-state.js +768 -0
package/dist/security/distributed-state.js.map +1 -0
package/dist/security/dlp/index.d.ts +27 -0
package/dist/security/dlp/index.d.ts.map +1 -0
package/dist/security/dlp/index.js +54 -0
package/dist/security/dlp/index.js.map +1 -0
package/dist/security/dlp/scanner.d.ts +451 -0
package/dist/security/dlp/scanner.d.ts.map +1 -0
package/dist/security/dlp/scanner.js +1241 -0
package/dist/security/dlp/scanner.js.map +1 -0
package/dist/security/dpop.d.ts +260 -0
package/dist/security/dpop.d.ts.map +1 -0
package/dist/security/dpop.js +1058 -0
package/dist/security/dpop.js.map +1 -0
package/dist/security/encryption/decorators.d.ts +263 -0
package/dist/security/encryption/decorators.d.ts.map +1 -0
package/dist/security/encryption/decorators.js +359 -0
package/dist/security/encryption/decorators.js.map +1 -0
package/dist/security/encryption/index.d.ts +83 -0
package/dist/security/encryption/index.d.ts.map +1 -0
package/dist/security/encryption/index.js +140 -0
package/dist/security/encryption/index.js.map +1 -0
package/dist/security/encryption/key-provider.d.ts +335 -0
package/dist/security/encryption/key-provider.d.ts.map +1 -0
package/dist/security/encryption/key-provider.js +853 -0
package/dist/security/encryption/key-provider.js.map +1 -0
package/dist/security/encryption/middleware.d.ts +279 -0
package/dist/security/encryption/middleware.d.ts.map +1 -0
package/dist/security/encryption/middleware.js +493 -0
package/dist/security/encryption/middleware.js.map +1 -0
package/dist/security/encryption/service.d.ts +164 -0
package/dist/security/encryption/service.d.ts.map +1 -0
package/dist/security/encryption/service.js +623 -0
package/dist/security/encryption/service.js.map +1 -0
package/dist/security/encryption/types.d.ts +745 -0
package/dist/security/encryption/types.d.ts.map +1 -0
package/dist/security/encryption/types.js +229 -0
package/dist/security/encryption/types.js.map +1 -0
package/dist/security/error-sanitizer.d.ts +329 -0
package/dist/security/error-sanitizer.d.ts.map +1 -0
package/dist/security/error-sanitizer.js +700 -0
package/dist/security/error-sanitizer.js.map +1 -0
package/dist/security/fingerprint-service.d.ts +139 -0
package/dist/security/fingerprint-service.d.ts.map +1 -0
package/dist/security/fingerprint-service.js +240 -0
package/dist/security/fingerprint-service.js.map +1 -0
package/dist/security/headers/csp.d.ts +270 -0
package/dist/security/headers/csp.d.ts.map +1 -0
package/dist/security/headers/csp.js +655 -0
package/dist/security/headers/csp.js.map +1 -0
package/dist/security/headers/hsts.d.ts +161 -0
package/dist/security/headers/hsts.d.ts.map +1 -0
package/dist/security/headers/hsts.js +346 -0
package/dist/security/headers/hsts.js.map +1 -0
package/dist/security/headers/index.d.ts +47 -0
package/dist/security/headers/index.d.ts.map +1 -0
package/dist/security/headers/index.js +110 -0
package/dist/security/headers/index.js.map +1 -0
package/dist/security/headers/middleware.d.ts +70 -0
package/dist/security/headers/middleware.d.ts.map +1 -0
package/dist/security/headers/middleware.js +549 -0
package/dist/security/headers/middleware.js.map +1 -0
package/dist/security/headers/permissions-policy.d.ts +189 -0
package/dist/security/headers/permissions-policy.d.ts.map +1 -0
package/dist/security/headers/permissions-policy.js +508 -0
package/dist/security/headers/permissions-policy.js.map +1 -0
package/dist/security/headers/types.d.ts +1570 -0
package/dist/security/headers/types.d.ts.map +1 -0
package/dist/security/headers/types.js +281 -0
package/dist/security/headers/types.js.map +1 -0
package/dist/security/headers/validator.d.ts +36 -0
package/dist/security/headers/validator.d.ts.map +1 -0
package/dist/security/headers/validator.js +616 -0
package/dist/security/headers/validator.js.map +1 -0
package/dist/security/hsm/aws-cloudhsm.d.ts +157 -0
package/dist/security/hsm/aws-cloudhsm.d.ts.map +1 -0
package/dist/security/hsm/aws-cloudhsm.js +712 -0
package/dist/security/hsm/aws-cloudhsm.js.map +1 -0
package/dist/security/hsm/azure-hsm.d.ts +174 -0
package/dist/security/hsm/azure-hsm.d.ts.map +1 -0
package/dist/security/hsm/azure-hsm.js +792 -0
package/dist/security/hsm/azure-hsm.js.map +1 -0
package/dist/security/hsm/gcp-hsm.d.ts +184 -0
package/dist/security/hsm/gcp-hsm.d.ts.map +1 -0
package/dist/security/hsm/gcp-hsm.js +817 -0
package/dist/security/hsm/gcp-hsm.js.map +1 -0
package/dist/security/hsm/hsm-service.d.ts +264 -0
package/dist/security/hsm/hsm-service.d.ts.map +1 -0
package/dist/security/hsm/hsm-service.js +772 -0
package/dist/security/hsm/hsm-service.js.map +1 -0
package/dist/security/hsm/index.d.ts +248 -0
package/dist/security/hsm/index.d.ts.map +1 -0
package/dist/security/hsm/index.js +329 -0
package/dist/security/hsm/index.js.map +1 -0
package/dist/security/hsm/key-ceremony.d.ts +214 -0
package/dist/security/hsm/key-ceremony.d.ts.map +1 -0
package/dist/security/hsm/key-ceremony.js +636 -0
package/dist/security/hsm/key-ceremony.js.map +1 -0
package/dist/security/hsm/key-operations.d.ts +218 -0
package/dist/security/hsm/key-operations.d.ts.map +1 -0
package/dist/security/hsm/key-operations.js +625 -0
package/dist/security/hsm/key-operations.js.map +1 -0
package/dist/security/hsm/local-softHSM.d.ts +122 -0
package/dist/security/hsm/local-softHSM.d.ts.map +1 -0
package/dist/security/hsm/local-softHSM.js +786 -0
package/dist/security/hsm/local-softHSM.js.map +1 -0
package/dist/security/hsm/pkcs11-wrapper.d.ts +386 -0
package/dist/security/hsm/pkcs11-wrapper.d.ts.map +1 -0
package/dist/security/hsm/pkcs11-wrapper.js +1149 -0
package/dist/security/hsm/pkcs11-wrapper.js.map +1 -0
package/dist/security/hsm/provider.d.ts +333 -0
package/dist/security/hsm/provider.d.ts.map +1 -0
package/dist/security/hsm/provider.js +264 -0
package/dist/security/hsm/provider.js.map +1 -0
package/dist/security/hsm/thales-luna.d.ts +209 -0
package/dist/security/hsm/thales-luna.d.ts.map +1 -0
package/dist/security/hsm/thales-luna.js +820 -0
package/dist/security/hsm/thales-luna.js.map +1 -0
package/dist/security/incident/actions/block-ip.d.ts +82 -0
package/dist/security/incident/actions/block-ip.d.ts.map +1 -0
package/dist/security/incident/actions/block-ip.js +454 -0
package/dist/security/incident/actions/block-ip.js.map +1 -0
package/dist/security/incident/actions/collect-evidence.d.ts +93 -0
package/dist/security/incident/actions/collect-evidence.d.ts.map +1 -0
package/dist/security/incident/actions/collect-evidence.js +449 -0
package/dist/security/incident/actions/collect-evidence.js.map +1 -0
package/dist/security/incident/actions/index.d.ts +39 -0
package/dist/security/incident/actions/index.d.ts.map +1 -0
package/dist/security/incident/actions/index.js +52 -0
package/dist/security/incident/actions/index.js.map +1 -0
package/dist/security/incident/actions/isolate-system.d.ts +61 -0
package/dist/security/incident/actions/isolate-system.d.ts.map +1 -0
package/dist/security/incident/actions/isolate-system.js +369 -0
package/dist/security/incident/actions/isolate-system.js.map +1 -0
package/dist/security/incident/actions/notify-stakeholders.d.ts +70 -0
package/dist/security/incident/actions/notify-stakeholders.d.ts.map +1 -0
package/dist/security/incident/actions/notify-stakeholders.js +377 -0
package/dist/security/incident/actions/notify-stakeholders.js.map +1 -0
package/dist/security/incident/actions/revoke-credentials.d.ts +75 -0
package/dist/security/incident/actions/revoke-credentials.d.ts.map +1 -0
package/dist/security/incident/actions/revoke-credentials.js +320 -0
package/dist/security/incident/actions/revoke-credentials.js.map +1 -0
package/dist/security/incident/actions/scale-monitoring.d.ts +88 -0
package/dist/security/incident/actions/scale-monitoring.d.ts.map +1 -0
package/dist/security/incident/actions/scale-monitoring.js +473 -0
package/dist/security/incident/actions/scale-monitoring.js.map +1 -0
package/dist/security/incident/executor.d.ts +128 -0
package/dist/security/incident/executor.d.ts.map +1 -0
package/dist/security/incident/executor.js +695 -0
package/dist/security/incident/executor.js.map +1 -0
package/dist/security/incident/index.d.ts +220 -0
package/dist/security/incident/index.d.ts.map +1 -0
package/dist/security/incident/index.js +1284 -0
package/dist/security/incident/index.js.map +1 -0
package/dist/security/incident/notification.d.ts +68 -0
package/dist/security/incident/notification.d.ts.map +1 -0
package/dist/security/incident/notification.js +512 -0
package/dist/security/incident/notification.js.map +1 -0
package/dist/security/incident/playbooks/account-compromise.d.ts +13 -0
package/dist/security/incident/playbooks/account-compromise.d.ts.map +1 -0
package/dist/security/incident/playbooks/account-compromise.js +379 -0
package/dist/security/incident/playbooks/account-compromise.js.map +1 -0
package/dist/security/incident/playbooks/configuration-error.d.ts +17 -0
package/dist/security/incident/playbooks/configuration-error.d.ts.map +1 -0
package/dist/security/incident/playbooks/configuration-error.js +340 -0
package/dist/security/incident/playbooks/configuration-error.js.map +1 -0
package/dist/security/incident/playbooks/data-breach.d.ts +13 -0
package/dist/security/incident/playbooks/data-breach.d.ts.map +1 -0
package/dist/security/incident/playbooks/data-breach.js +394 -0
package/dist/security/incident/playbooks/data-breach.js.map +1 -0
package/dist/security/incident/playbooks/denial-of-service.d.ts +13 -0
package/dist/security/incident/playbooks/denial-of-service.d.ts.map +1 -0
package/dist/security/incident/playbooks/denial-of-service.js +540 -0
package/dist/security/incident/playbooks/denial-of-service.js.map +1 -0
package/dist/security/incident/playbooks/index.d.ts +36 -0
package/dist/security/incident/playbooks/index.d.ts.map +1 -0
package/dist/security/incident/playbooks/index.js +56 -0
package/dist/security/incident/playbooks/index.js.map +1 -0
package/dist/security/incident/playbooks/insider-threat.d.ts +18 -0
package/dist/security/incident/playbooks/insider-threat.d.ts.map +1 -0
package/dist/security/incident/playbooks/insider-threat.js +600 -0
package/dist/security/incident/playbooks/insider-threat.js.map +1 -0
package/dist/security/incident/playbooks/malware.d.ts +13 -0
package/dist/security/incident/playbooks/malware.d.ts.map +1 -0
package/dist/security/incident/playbooks/malware.js +515 -0
package/dist/security/incident/playbooks/malware.js.map +1 -0
package/dist/security/incident/playbooks/ransomware.d.ts +14 -0
package/dist/security/incident/playbooks/ransomware.d.ts.map +1 -0
package/dist/security/incident/playbooks/ransomware.js +693 -0
package/dist/security/incident/playbooks/ransomware.js.map +1 -0
package/dist/security/incident/playbooks/unauthorized-access.d.ts +13 -0
package/dist/security/incident/playbooks/unauthorized-access.d.ts.map +1 -0
package/dist/security/incident/playbooks/unauthorized-access.js +412 -0
package/dist/security/incident/playbooks/unauthorized-access.js.map +1 -0
package/dist/security/incident/triggers.d.ts +120 -0
package/dist/security/incident/triggers.d.ts.map +1 -0
package/dist/security/incident/triggers.js +708 -0
package/dist/security/incident/triggers.js.map +1 -0
package/dist/security/incident/types.d.ts +1517 -0
package/dist/security/incident/types.d.ts.map +1 -0
package/dist/security/incident/types.js +222 -0
package/dist/security/incident/types.js.map +1 -0
package/dist/security/index.d.ts +59 -0
package/dist/security/index.d.ts.map +1 -0
package/dist/security/index.js +295 -0
package/dist/security/index.js.map +1 -0
package/dist/security/injection-detector.d.ts +510 -0
package/dist/security/injection-detector.d.ts.map +1 -0
package/dist/security/injection-detector.js +1325 -0
package/dist/security/injection-detector.js.map +1 -0
package/dist/security/introspection.d.ts +137 -0
package/dist/security/introspection.d.ts.map +1 -0
package/dist/security/introspection.js +451 -0
package/dist/security/introspection.js.map +1 -0
package/dist/security/key-rotation.d.ts +213 -0
package/dist/security/key-rotation.d.ts.map +1 -0
package/dist/security/key-rotation.js +530 -0
package/dist/security/key-rotation.js.map +1 -0
package/dist/security/kms/aws-kms.d.ts +152 -0
package/dist/security/kms/aws-kms.d.ts.map +1 -0
package/dist/security/kms/aws-kms.js +808 -0
package/dist/security/kms/aws-kms.js.map +1 -0
package/dist/security/kms/index.d.ts +165 -0
package/dist/security/kms/index.d.ts.map +1 -0
package/dist/security/kms/index.js +351 -0
package/dist/security/kms/index.js.map +1 -0
package/dist/security/kms/local.d.ts +127 -0
package/dist/security/kms/local.d.ts.map +1 -0
package/dist/security/kms/local.js +682 -0
package/dist/security/kms/local.js.map +1 -0
package/dist/security/kms/types.d.ts +1000 -0
package/dist/security/kms/types.d.ts.map +1 -0
package/dist/security/kms/types.js +167 -0
package/dist/security/kms/types.js.map +1 -0
package/dist/security/kms/vault.d.ts +165 -0
package/dist/security/kms/vault.d.ts.map +1 -0
package/dist/security/kms/vault.js +820 -0
package/dist/security/kms/vault.js.map +1 -0
package/dist/security/mfa/index.d.ts +17 -0
package/dist/security/mfa/index.d.ts.map +1 -0
package/dist/security/mfa/index.js +37 -0
package/dist/security/mfa/index.js.map +1 -0
package/dist/security/mfa/mfa-middleware.d.ts +74 -0
package/dist/security/mfa/mfa-middleware.d.ts.map +1 -0
package/dist/security/mfa/mfa-middleware.js +244 -0
package/dist/security/mfa/mfa-middleware.js.map +1 -0
package/dist/security/mfa/mfa-service.d.ts +115 -0
package/dist/security/mfa/mfa-service.d.ts.map +1 -0
package/dist/security/mfa/mfa-service.js +509 -0
package/dist/security/mfa/mfa-service.js.map +1 -0
package/dist/security/mfa/mfa-store.d.ts +615 -0
package/dist/security/mfa/mfa-store.d.ts.map +1 -0
package/dist/security/mfa/mfa-store.js +431 -0
package/dist/security/mfa/mfa-store.js.map +1 -0
package/dist/security/mfa/types.d.ts +417 -0
package/dist/security/mfa/types.d.ts.map +1 -0
package/dist/security/mfa/types.js +123 -0
package/dist/security/mfa/types.js.map +1 -0
package/dist/security/middleware.d.ts +179 -0
package/dist/security/middleware.d.ts.map +1 -0
package/dist/security/middleware.js +534 -0
package/dist/security/middleware.js.map +1 -0
package/dist/security/pairwise-did.d.ts +157 -0
package/dist/security/pairwise-did.d.ts.map +1 -0
package/dist/security/pairwise-did.js +450 -0
package/dist/security/pairwise-did.js.map +1 -0
package/dist/security/pam/break-glass.d.ts +776 -0
package/dist/security/pam/break-glass.d.ts.map +1 -0
package/dist/security/pam/break-glass.js +1137 -0
package/dist/security/pam/break-glass.js.map +1 -0
package/dist/security/pam/index.d.ts +120 -0
package/dist/security/pam/index.d.ts.map +1 -0
package/dist/security/pam/index.js +179 -0
package/dist/security/pam/index.js.map +1 -0
package/dist/security/pam/jit-access.d.ts +482 -0
package/dist/security/pam/jit-access.d.ts.map +1 -0
package/dist/security/pam/jit-access.js +1030 -0
package/dist/security/pam/jit-access.js.map +1 -0
package/dist/security/pam/session-recording.d.ts +1007 -0
package/dist/security/pam/session-recording.d.ts.map +1 -0
package/dist/security/pam/session-recording.js +1047 -0
package/dist/security/pam/session-recording.js.map +1 -0
package/dist/security/password-hashing.d.ts +199 -0
package/dist/security/password-hashing.d.ts.map +1 -0
package/dist/security/password-hashing.js +366 -0
package/dist/security/password-hashing.js.map +1 -0
package/dist/security/password-policy.d.ts +304 -0
package/dist/security/password-policy.d.ts.map +1 -0
package/dist/security/password-policy.js +730 -0
package/dist/security/password-policy.js.map +1 -0
package/dist/security/pkce.d.ts +269 -0
package/dist/security/pkce.d.ts.map +1 -0
package/dist/security/pkce.js +408 -0
package/dist/security/pkce.js.map +1 -0
package/dist/security/policy-engine/built-in-policies.d.ts +90 -0
package/dist/security/policy-engine/built-in-policies.d.ts.map +1 -0
package/dist/security/policy-engine/built-in-policies.js +627 -0
package/dist/security/policy-engine/built-in-policies.js.map +1 -0
package/dist/security/policy-engine/condition-evaluator.d.ts +129 -0
package/dist/security/policy-engine/condition-evaluator.d.ts.map +1 -0
package/dist/security/policy-engine/condition-evaluator.js +647 -0
package/dist/security/policy-engine/condition-evaluator.js.map +1 -0
package/dist/security/policy-engine/engine.d.ts +200 -0
package/dist/security/policy-engine/engine.d.ts.map +1 -0
package/dist/security/policy-engine/engine.js +752 -0
package/dist/security/policy-engine/engine.js.map +1 -0
package/dist/security/policy-engine/index.d.ts +58 -0
package/dist/security/policy-engine/index.d.ts.map +1 -0
package/dist/security/policy-engine/index.js +80 -0
package/dist/security/policy-engine/index.js.map +1 -0
package/dist/security/policy-engine/middleware.d.ts +77 -0
package/dist/security/policy-engine/middleware.d.ts.map +1 -0
package/dist/security/policy-engine/middleware.js +375 -0
package/dist/security/policy-engine/middleware.js.map +1 -0
package/dist/security/policy-engine/rule-evaluator.d.ts +140 -0
package/dist/security/policy-engine/rule-evaluator.d.ts.map +1 -0
package/dist/security/policy-engine/rule-evaluator.js +593 -0
package/dist/security/policy-engine/rule-evaluator.js.map +1 -0
package/dist/security/policy-engine/types.d.ts +2855 -0
package/dist/security/policy-engine/types.d.ts.map +1 -0
package/dist/security/policy-engine/types.js +443 -0
package/dist/security/policy-engine/types.js.map +1 -0
package/dist/security/rbac/index.d.ts +317 -0
package/dist/security/rbac/index.d.ts.map +1 -0
package/dist/security/rbac/index.js +618 -0
package/dist/security/rbac/index.js.map +1 -0
package/dist/security/rbac/permissions.d.ts +305 -0
package/dist/security/rbac/permissions.d.ts.map +1 -0
package/dist/security/rbac/permissions.js +947 -0
package/dist/security/rbac/permissions.js.map +1 -0
package/dist/security/rbac/policy-engine.d.ts +542 -0
package/dist/security/rbac/policy-engine.d.ts.map +1 -0
package/dist/security/rbac/policy-engine.js +1244 -0
package/dist/security/rbac/policy-engine.js.map +1 -0
package/dist/security/rbac/roles.d.ts +478 -0
package/dist/security/rbac/roles.d.ts.map +1 -0
package/dist/security/rbac/roles.js +363 -0
package/dist/security/rbac/roles.js.map +1 -0
package/dist/security/refresh-token.d.ts +305 -0
package/dist/security/refresh-token.d.ts.map +1 -0
package/dist/security/refresh-token.js +674 -0
package/dist/security/refresh-token.js.map +1 -0
package/dist/security/request-integrity.d.ts +289 -0
package/dist/security/request-integrity.d.ts.map +1 -0
package/dist/security/request-integrity.js +663 -0
package/dist/security/request-integrity.js.map +1 -0
package/dist/security/revocation-check.d.ts +188 -0
package/dist/security/revocation-check.d.ts.map +1 -0
package/dist/security/revocation-check.js +606 -0
package/dist/security/revocation-check.js.map +1 -0
package/dist/security/revocation.d.ts +191 -0
package/dist/security/revocation.d.ts.map +1 -0
package/dist/security/revocation.js +522 -0
package/dist/security/revocation.js.map +1 -0
package/dist/security/secrets-rotation.d.ts +501 -0
package/dist/security/secrets-rotation.d.ts.map +1 -0
package/dist/security/secrets-rotation.js +934 -0
package/dist/security/secrets-rotation.js.map +1 -0
package/dist/security/secure-memory.d.ts +325 -0
package/dist/security/secure-memory.d.ts.map +1 -0
package/dist/security/secure-memory.js +595 -0
package/dist/security/secure-memory.js.map +1 -0
package/dist/security/security-service.d.ts +186 -0
package/dist/security/security-service.d.ts.map +1 -0
package/dist/security/security-service.js +531 -0
package/dist/security/security-service.js.map +1 -0
package/dist/security/service-auth/index.d.ts +20 -0
package/dist/security/service-auth/index.d.ts.map +1 -0
package/dist/security/service-auth/index.js +61 -0
package/dist/security/service-auth/index.js.map +1 -0
package/dist/security/service-auth/service-account.d.ts +357 -0
package/dist/security/service-auth/service-account.d.ts.map +1 -0
package/dist/security/service-auth/service-account.js +475 -0
package/dist/security/service-auth/service-account.js.map +1 -0
package/dist/security/service-auth/service-auth-middleware.d.ts +174 -0
package/dist/security/service-auth/service-auth-middleware.d.ts.map +1 -0
package/dist/security/service-auth/service-auth-middleware.js +461 -0
package/dist/security/service-auth/service-auth-middleware.js.map +1 -0
package/dist/security/service-auth/service-token.d.ts +391 -0
package/dist/security/service-auth/service-token.d.ts.map +1 -0
package/dist/security/service-auth/service-token.js +472 -0
package/dist/security/service-auth/service-token.js.map +1 -0
package/dist/security/session-manager.d.ts +177 -0
package/dist/security/session-manager.d.ts.map +1 -0
package/dist/security/session-manager.js +353 -0
package/dist/security/session-manager.js.map +1 -0
package/dist/security/session-store.d.ts +205 -0
package/dist/security/session-store.d.ts.map +1 -0
package/dist/security/session-store.js +581 -0
package/dist/security/session-store.js.map +1 -0
package/dist/security/siem/connector.d.ts +147 -0
package/dist/security/siem/connector.d.ts.map +1 -0
package/dist/security/siem/connector.js +254 -0
package/dist/security/siem/connector.js.map +1 -0
package/dist/security/siem/datadog.d.ts +81 -0
package/dist/security/siem/datadog.d.ts.map +1 -0
package/dist/security/siem/datadog.js +362 -0
package/dist/security/siem/datadog.js.map +1 -0
package/dist/security/siem/elastic.d.ts +83 -0
package/dist/security/siem/elastic.d.ts.map +1 -0
package/dist/security/siem/elastic.js +514 -0
package/dist/security/siem/elastic.js.map +1 -0
package/dist/security/siem/enrichment.d.ts +133 -0
package/dist/security/siem/enrichment.d.ts.map +1 -0
package/dist/security/siem/enrichment.js +434 -0
package/dist/security/siem/enrichment.js.map +1 -0
package/dist/security/siem/formatter.d.ts +118 -0
package/dist/security/siem/formatter.d.ts.map +1 -0
package/dist/security/siem/formatter.js +381 -0
package/dist/security/siem/formatter.js.map +1 -0
package/dist/security/siem/hooks.d.ts +107 -0
package/dist/security/siem/hooks.d.ts.map +1 -0
package/dist/security/siem/hooks.js +459 -0
package/dist/security/siem/hooks.js.map +1 -0
package/dist/security/siem/index.d.ts +83 -0
package/dist/security/siem/index.d.ts.map +1 -0
package/dist/security/siem/index.js +95 -0
package/dist/security/siem/index.js.map +1 -0
package/dist/security/siem/service.d.ts +153 -0
package/dist/security/siem/service.d.ts.map +1 -0
package/dist/security/siem/service.js +615 -0
package/dist/security/siem/service.js.map +1 -0
package/dist/security/siem/splunk.d.ts +76 -0
package/dist/security/siem/splunk.d.ts.map +1 -0
package/dist/security/siem/splunk.js +283 -0
package/dist/security/siem/splunk.js.map +1 -0
package/dist/security/siem/types.d.ts +1980 -0
package/dist/security/siem/types.d.ts.map +1 -0
package/dist/security/siem/types.js +268 -0
package/dist/security/siem/types.js.map +1 -0
package/dist/security/tee-production.d.ts +157 -0
package/dist/security/tee-production.d.ts.map +1 -0
package/dist/security/tee-production.js +792 -0
package/dist/security/tee-production.js.map +1 -0
package/dist/security/tee.d.ts +182 -0
package/dist/security/tee.d.ts.map +1 -0
package/dist/security/tee.js +1031 -0
package/dist/security/tee.js.map +1 -0
package/dist/security/threat-intel/bot-detection.d.ts +275 -0
package/dist/security/threat-intel/bot-detection.d.ts.map +1 -0
package/dist/security/threat-intel/bot-detection.js +890 -0
package/dist/security/threat-intel/bot-detection.js.map +1 -0
package/dist/security/threat-intel/credential-stuffing.d.ts +368 -0
package/dist/security/threat-intel/credential-stuffing.d.ts.map +1 -0
package/dist/security/threat-intel/credential-stuffing.js +957 -0
package/dist/security/threat-intel/credential-stuffing.js.map +1 -0
package/dist/security/threat-intel/index.d.ts +10 -0
package/dist/security/threat-intel/index.d.ts.map +1 -0
package/dist/security/threat-intel/index.js +18 -0
package/dist/security/threat-intel/index.js.map +1 -0
package/dist/security/threat-intel/ip-reputation.d.ts +323 -0
package/dist/security/threat-intel/ip-reputation.d.ts.map +1 -0
package/dist/security/threat-intel/ip-reputation.js +923 -0
package/dist/security/threat-intel/ip-reputation.js.map +1 -0
package/dist/security/token-lifecycle.d.ts +272 -0
package/dist/security/token-lifecycle.d.ts.map +1 -0
package/dist/security/token-lifecycle.js +732 -0
package/dist/security/token-lifecycle.js.map +1 -0
package/dist/security/token-lifetime.d.ts +206 -0
package/dist/security/token-lifetime.d.ts.map +1 -0
package/dist/security/token-lifetime.js +388 -0
package/dist/security/token-lifetime.js.map +1 -0
package/dist/security/trust-oracle/alerts.d.ts +202 -0
package/dist/security/trust-oracle/alerts.d.ts.map +1 -0
package/dist/security/trust-oracle/alerts.js +763 -0
package/dist/security/trust-oracle/alerts.js.map +1 -0
package/dist/security/trust-oracle/api.d.ts +116 -0
package/dist/security/trust-oracle/api.d.ts.map +1 -0
package/dist/security/trust-oracle/api.js +721 -0
package/dist/security/trust-oracle/api.js.map +1 -0
package/dist/security/trust-oracle/continuous-monitoring.d.ts +105 -0
package/dist/security/trust-oracle/continuous-monitoring.d.ts.map +1 -0
package/dist/security/trust-oracle/continuous-monitoring.js +696 -0
package/dist/security/trust-oracle/continuous-monitoring.js.map +1 -0
package/dist/security/trust-oracle/data-sources.d.ts +126 -0
package/dist/security/trust-oracle/data-sources.d.ts.map +1 -0
package/dist/security/trust-oracle/data-sources.js +867 -0
package/dist/security/trust-oracle/data-sources.js.map +1 -0
package/dist/security/trust-oracle/index.d.ts +79 -0
package/dist/security/trust-oracle/index.d.ts.map +1 -0
package/dist/security/trust-oracle/index.js +206 -0
package/dist/security/trust-oracle/index.js.map +1 -0
package/dist/security/trust-oracle/oracle.d.ts +125 -0
package/dist/security/trust-oracle/oracle.d.ts.map +1 -0
package/dist/security/trust-oracle/oracle.js +489 -0
package/dist/security/trust-oracle/oracle.js.map +1 -0
package/dist/security/trust-oracle/reporting.d.ts +145 -0
package/dist/security/trust-oracle/reporting.d.ts.map +1 -0
package/dist/security/trust-oracle/reporting.js +1098 -0
package/dist/security/trust-oracle/reporting.js.map +1 -0
package/dist/security/trust-oracle/risk-scorer.d.ts +207 -0
package/dist/security/trust-oracle/risk-scorer.d.ts.map +1 -0
package/dist/security/trust-oracle/risk-scorer.js +1033 -0
package/dist/security/trust-oracle/risk-scorer.js.map +1 -0
package/dist/security/trust-oracle/types.d.ts +444 -0
package/dist/security/trust-oracle/types.d.ts.map +1 -0
package/dist/security/trust-oracle/types.js +6 -0
package/dist/security/trust-oracle/types.js.map +1 -0
package/dist/security/trust-oracle/vendor-registry.d.ts +228 -0
package/dist/security/trust-oracle/vendor-registry.d.ts.map +1 -0
package/dist/security/trust-oracle/vendor-registry.js +727 -0
package/dist/security/trust-oracle/vendor-registry.js.map +1 -0
package/dist/security/types.d.ts +1777 -0
package/dist/security/types.d.ts.map +1 -0
package/dist/security/types.js +388 -0
package/dist/security/types.js.map +1 -0
package/dist/security/webauthn/index.d.ts +47 -0
package/dist/security/webauthn/index.d.ts.map +1 -0
package/dist/security/webauthn/index.js +48 -0
package/dist/security/webauthn/index.js.map +1 -0
package/dist/security/webauthn/middleware.d.ts +109 -0
package/dist/security/webauthn/middleware.d.ts.map +1 -0
package/dist/security/webauthn/middleware.js +629 -0
package/dist/security/webauthn/middleware.js.map +1 -0
package/dist/security/webauthn/service.d.ts +179 -0
package/dist/security/webauthn/service.d.ts.map +1 -0
package/dist/security/webauthn/service.js +758 -0
package/dist/security/webauthn/service.js.map +1 -0
package/dist/security/webauthn/store.d.ts +240 -0
package/dist/security/webauthn/store.d.ts.map +1 -0
package/dist/security/webauthn/store.js +505 -0
package/dist/security/webauthn/store.js.map +1 -0
package/dist/security/webauthn/types.d.ts +678 -0
package/dist/security/webauthn/types.d.ts.map +1 -0
package/dist/security/webauthn/types.js +176 -0
package/dist/security/webauthn/types.js.map +1 -0
package/dist/security/zkp/circuits.d.ts +296 -0
package/dist/security/zkp/circuits.d.ts.map +1 -0
package/dist/security/zkp/circuits.js +771 -0
package/dist/security/zkp/circuits.js.map +1 -0
package/dist/security/zkp/commitment.d.ts +319 -0
package/dist/security/zkp/commitment.d.ts.map +1 -0
package/dist/security/zkp/commitment.js +591 -0
package/dist/security/zkp/commitment.js.map +1 -0
package/dist/security/zkp/compliance.d.ts +251 -0
package/dist/security/zkp/compliance.d.ts.map +1 -0
package/dist/security/zkp/compliance.js +734 -0
package/dist/security/zkp/compliance.js.map +1 -0
package/dist/security/zkp/index.d.ts +184 -0
package/dist/security/zkp/index.d.ts.map +1 -0
package/dist/security/zkp/index.js +285 -0
package/dist/security/zkp/index.js.map +1 -0
package/dist/security/zkp/integration.d.ts +289 -0
package/dist/security/zkp/integration.d.ts.map +1 -0
package/dist/security/zkp/integration.js +571 -0
package/dist/security/zkp/integration.js.map +1 -0
package/dist/security/zkp/prover.d.ts +158 -0
package/dist/security/zkp/prover.d.ts.map +1 -0
package/dist/security/zkp/prover.js +465 -0
package/dist/security/zkp/prover.js.map +1 -0
package/dist/security/zkp/snark-utils.d.ts +321 -0
package/dist/security/zkp/snark-utils.d.ts.map +1 -0
package/dist/security/zkp/snark-utils.js +640 -0
package/dist/security/zkp/snark-utils.js.map +1 -0
package/dist/security/zkp/types.d.ts +1192 -0
package/dist/security/zkp/types.d.ts.map +1 -0
package/dist/security/zkp/types.js +264 -0
package/dist/security/zkp/types.js.map +1 -0
package/dist/security/zkp/verifier.d.ts +111 -0
package/dist/security/zkp/verifier.d.ts.map +1 -0
package/dist/security/zkp/verifier.js +554 -0
package/dist/security/zkp/verifier.js.map +1 -0
package/dist/semantic-governance/context-validator.d.ts +158 -0
package/dist/semantic-governance/context-validator.d.ts.map +1 -0
package/dist/semantic-governance/context-validator.js +598 -0
package/dist/semantic-governance/context-validator.js.map +1 -0
package/dist/semantic-governance/credential-manager.d.ts +156 -0
package/dist/semantic-governance/credential-manager.d.ts.map +1 -0
package/dist/semantic-governance/credential-manager.js +438 -0
package/dist/semantic-governance/credential-manager.js.map +1 -0
package/dist/semantic-governance/dual-channel.d.ts +138 -0
package/dist/semantic-governance/dual-channel.d.ts.map +1 -0
package/dist/semantic-governance/dual-channel.js +333 -0
package/dist/semantic-governance/dual-channel.js.map +1 -0
package/dist/semantic-governance/index.d.ts +107 -0
package/dist/semantic-governance/index.d.ts.map +1 -0
package/dist/semantic-governance/index.js +141 -0
package/dist/semantic-governance/index.js.map +1 -0
package/dist/semantic-governance/inference-validator.d.ts +114 -0
package/dist/semantic-governance/inference-validator.d.ts.map +1 -0
package/dist/semantic-governance/inference-validator.js +390 -0
package/dist/semantic-governance/inference-validator.js.map +1 -0
package/dist/semantic-governance/instruction-validator.d.ts +146 -0
package/dist/semantic-governance/instruction-validator.d.ts.map +1 -0
package/dist/semantic-governance/instruction-validator.js +363 -0
package/dist/semantic-governance/instruction-validator.js.map +1 -0
package/dist/semantic-governance/integration.d.ts +253 -0
package/dist/semantic-governance/integration.d.ts.map +1 -0
package/dist/semantic-governance/integration.js +658 -0
package/dist/semantic-governance/integration.js.map +1 -0
package/dist/semantic-governance/output-validator.d.ts +135 -0
package/dist/semantic-governance/output-validator.d.ts.map +1 -0
package/dist/semantic-governance/output-validator.js +448 -0
package/dist/semantic-governance/output-validator.js.map +1 -0
package/dist/semantic-governance/service.d.ts +120 -0
package/dist/semantic-governance/service.d.ts.map +1 -0
package/dist/semantic-governance/service.js +527 -0
package/dist/semantic-governance/service.js.map +1 -0
package/dist/semantic-governance/types.d.ts +3925 -0
package/dist/semantic-governance/types.d.ts.map +1 -0
package/dist/semantic-governance/types.js +471 -0
package/dist/semantic-governance/types.js.map +1 -0
package/dist/trust-engine/car-integration.d.ts +263 -0
package/dist/trust-engine/car-integration.d.ts.map +1 -0
package/dist/trust-engine/car-integration.js +320 -0
package/dist/trust-engine/car-integration.js.map +1 -0
package/dist/trust-engine/context.d.ts +198 -0
package/dist/trust-engine/context.d.ts.map +1 -0
package/dist/trust-engine/context.js +308 -0
package/dist/trust-engine/context.js.map +1 -0
package/dist/trust-engine/diminishing-returns.d.ts +123 -0
package/dist/trust-engine/diminishing-returns.d.ts.map +1 -0
package/dist/trust-engine/diminishing-returns.js +197 -0
package/dist/trust-engine/diminishing-returns.js.map +1 -0
package/dist/trust-engine/index.d.ts +433 -0
package/dist/trust-engine/index.d.ts.map +1 -0
package/dist/trust-engine/index.js +1241 -0
package/dist/trust-engine/index.js.map +1 -0
package/dist/trust-engine/observability.d.ts +175 -0
package/dist/trust-engine/observability.d.ts.map +1 -0
package/dist/trust-engine/observability.js +246 -0
package/dist/trust-engine/observability.js.map +1 -0
package/dist/trust-engine/signal-diversity.d.ts +130 -0
package/dist/trust-engine/signal-diversity.d.ts.map +1 -0
package/dist/trust-engine/signal-diversity.js +238 -0
package/dist/trust-engine/signal-diversity.js.map +1 -0
package/dist/versioning/deprecation.d.ts +65 -0
package/dist/versioning/deprecation.d.ts.map +1 -0
package/dist/versioning/deprecation.js +199 -0
package/dist/versioning/deprecation.js.map +1 -0
package/dist/versioning/index.d.ts +46 -0
package/dist/versioning/index.d.ts.map +1 -0
package/dist/versioning/index.js +76 -0
package/dist/versioning/index.js.map +1 -0
package/dist/versioning/semver.d.ts +116 -0
package/dist/versioning/semver.d.ts.map +1 -0
package/dist/versioning/semver.js +321 -0
package/dist/versioning/semver.js.map +1 -0
package/package.json +161 -0

package/dist/security/types.d.ts ADDED Viewed

@@ -0,0 +1,1777 @@
+/**
+ * Security Hardening Types
+ *
+ * Type definitions for CAR security hardening controls including:
+ * - DPoP (Demonstrating Proof-of-Possession)
+ * - TEE (Trusted Execution Environment) binding
+ * - Pairwise DID configuration
+ * - Revocation SLA configuration
+ * - Token lifetime configuration
+ *
+ * Based on CAR Security Hardening Specification v1.0.0
+ *
+ * @packageDocumentation
+ */
+import { z } from 'zod';
+/**
+ * Trust tiers as defined in CAR specification
+ * Maps to security conformance levels:
+ * - T0-T1: No minimum security (not recommended)
+ * - T2: SH-1 (Basic) - DPoP, short-lived tokens
+ * - T3: SH-2 (Standard) - SH-1 + pairwise DIDs, recursive revocation
+ * - T4-T5: SH-3 (Hardened) - SH-2 + TEE binding, sync revocation checks
+ */
+export declare const TrustTier: {
+    readonly T0: 0;
+    readonly T1: 1;
+    readonly T2: 2;
+    readonly T3: 3;
+    readonly T4: 4;
+    readonly T5: 5;
+};
+export type TrustTier = (typeof TrustTier)[keyof typeof TrustTier];
+export declare const trustTierSchema: z.ZodNativeEnum<{
+    readonly T0: 0;
+    readonly T1: 1;
+    readonly T2: 2;
+    readonly T3: 3;
+    readonly T4: 4;
+    readonly T5: 5;
+}>;
+/**
+ * Security conformance levels
+ */
+export declare const SecurityConformanceLevel: {
+    readonly NONE: "none";
+    readonly SH1_BASIC: "sh-1";
+    readonly SH2_STANDARD: "sh-2";
+    readonly SH3_HARDENED: "sh-3";
+};
+export type SecurityConformanceLevel = (typeof SecurityConformanceLevel)[keyof typeof SecurityConformanceLevel];
+export declare const securityConformanceLevelSchema: z.ZodNativeEnum<{
+    readonly NONE: "none";
+    readonly SH1_BASIC: "sh-1";
+    readonly SH2_STANDARD: "sh-2";
+    readonly SH3_HARDENED: "sh-3";
+}>;
+/**
+ * DPoP proof JWT payload structure per RFC 9449
+ */
+export interface DPoPProof {
+    /** Unique token ID (MUST be unique, servers MUST reject replays) */
+    jti: string;
+    /** HTTP method (e.g., 'GET', 'POST') */
+    htm: string;
+    /** HTTP URI (the target endpoint) */
+    htu: string;
+    /** Issued at timestamp (Unix seconds) */
+    iat: number;
+    /** Access token hash (for bound tokens, sha256 of access token) */
+    ath?: string;
+}
+export declare const dpopProofSchema: z.ZodObject<{
+    jti: z.ZodString;
+    htm: z.ZodString;
+    htu: z.ZodString;
+    iat: z.ZodNumber;
+    ath: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    iat?: number;
+    jti?: string;
+    htm?: string;
+    htu?: string;
+    ath?: string;
+}, {
+    iat?: number;
+    jti?: string;
+    htm?: string;
+    htu?: string;
+    ath?: string;
+}>;
+/**
+ * DPoP proof header structure
+ */
+export interface DPoPHeader {
+    /** Type is always 'dpop+jwt' */
+    typ: 'dpop+jwt';
+    /** Algorithm (ES256 required, ES384/ES512 recommended) */
+    alg: 'ES256' | 'ES384' | 'ES512';
+    /** JWK public key */
+    jwk: JsonWebKey;
+}
+export declare const dpopHeaderSchema: z.ZodObject<{
+    typ: z.ZodLiteral<"dpop+jwt">;
+    alg: z.ZodEnum<["ES256", "ES384", "ES512"]>;
+    jwk: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+}, "strip", z.ZodTypeAny, {
+    jwk?: Record<string, unknown>;
+    typ?: "dpop+jwt";
+    alg?: "ES256" | "ES384" | "ES512";
+}, {
+    jwk?: Record<string, unknown>;
+    typ?: "dpop+jwt";
+    alg?: "ES256" | "ES384" | "ES512";
+}>;
+/**
+ * DPoP configuration
+ */
+export interface DPoPConfig {
+    /** Which trust tiers require DPoP (default: T2+) */
+    requiredForTiers: TrustTier[];
+    /** Maximum proof age in seconds (default: 60) */
+    maxProofAge: number;
+    /** Whether nonce is required from server */
+    nonceRequired: boolean;
+    /** Maximum clock skew tolerance in seconds (default: 5) */
+    clockSkewTolerance: number;
+    /** Supported algorithms */
+    allowedAlgorithms: ('ES256' | 'ES384' | 'ES512')[];
+}
+export declare const dpopConfigSchema: z.ZodObject<{
+    requiredForTiers: z.ZodArray<z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+    }>, "many">;
+    maxProofAge: z.ZodDefault<z.ZodNumber>;
+    nonceRequired: z.ZodDefault<z.ZodBoolean>;
+    clockSkewTolerance: z.ZodDefault<z.ZodNumber>;
+    allowedAlgorithms: z.ZodDefault<z.ZodArray<z.ZodEnum<["ES256", "ES384", "ES512"]>, "many">>;
+}, "strip", z.ZodTypeAny, {
+    requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+    maxProofAge?: number;
+    nonceRequired?: boolean;
+    clockSkewTolerance?: number;
+    allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+}, {
+    requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+    maxProofAge?: number;
+    nonceRequired?: boolean;
+    clockSkewTolerance?: number;
+    allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+}>;
+/**
+ * DPoP verification result
+ */
+export interface DPoPVerificationResult {
+    /** Whether verification succeeded */
+    valid: boolean;
+    /** JWK thumbprint of the proof key */
+    keyThumbprint?: string;
+    /** Error reason if verification failed */
+    error?: string;
+    /** Error code for programmatic handling */
+    errorCode?: 'INVALID_SIGNATURE' | 'EXPIRED' | 'REPLAY' | 'METHOD_MISMATCH' | 'URI_MISMATCH' | 'INVALID_FORMAT';
+    /** Verified at timestamp */
+    verifiedAt: string;
+}
+export declare const dpopVerificationResultSchema: z.ZodObject<{
+    valid: z.ZodBoolean;
+    keyThumbprint: z.ZodOptional<z.ZodString>;
+    error: z.ZodOptional<z.ZodString>;
+    errorCode: z.ZodOptional<z.ZodEnum<["INVALID_SIGNATURE", "EXPIRED", "REPLAY", "METHOD_MISMATCH", "URI_MISMATCH", "INVALID_FORMAT"]>>;
+    verifiedAt: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    error?: string;
+    valid?: boolean;
+    errorCode?: "EXPIRED" | "INVALID_SIGNATURE" | "REPLAY" | "METHOD_MISMATCH" | "URI_MISMATCH" | "INVALID_FORMAT";
+    keyThumbprint?: string;
+    verifiedAt?: string;
+}, {
+    error?: string;
+    valid?: boolean;
+    errorCode?: "EXPIRED" | "INVALID_SIGNATURE" | "REPLAY" | "METHOD_MISMATCH" | "URI_MISMATCH" | "INVALID_FORMAT";
+    keyThumbprint?: string;
+    verifiedAt?: string;
+}>;
+/**
+ * Supported TEE platforms
+ */
+export declare const TEEPlatform: {
+    readonly SGX: "sgx";
+    readonly NITRO: "nitro";
+    readonly SEV: "sev";
+    readonly TRUSTZONE: "trustzone";
+    readonly SECURE_ENCLAVE: "secure-enclave";
+};
+export type TEEPlatform = (typeof TEEPlatform)[keyof typeof TEEPlatform];
+export declare const teePlatformSchema: z.ZodNativeEnum<{
+    readonly SGX: "sgx";
+    readonly NITRO: "nitro";
+    readonly SEV: "sev";
+    readonly TRUSTZONE: "trustzone";
+    readonly SECURE_ENCLAVE: "secure-enclave";
+}>;
+/**
+ * TEE attestation document
+ */
+export interface TEEAttestation {
+    /** TEE platform type */
+    platform: TEEPlatform;
+    /** Hash of running code (measurement) */
+    measurementHash: string;
+    /** Attestation timestamp */
+    timestamp: Date;
+    /** Enclave identifier */
+    enclaveId: string;
+    /** Platform Configuration Registers (for SGX/Nitro) */
+    pcrs?: Record<string, string>;
+    /** Attestation document signature */
+    signature?: string;
+    /** Certificate chain for verification */
+    certificateChain?: string[];
+    /** Attestation service endpoint */
+    attestationEndpoint?: string;
+    /** Validity period end */
+    validUntil?: Date;
+}
+export declare const teeAttestationSchema: z.ZodObject<{
+    platform: z.ZodNativeEnum<{
+        readonly SGX: "sgx";
+        readonly NITRO: "nitro";
+        readonly SEV: "sev";
+        readonly TRUSTZONE: "trustzone";
+        readonly SECURE_ENCLAVE: "secure-enclave";
+    }>;
+    measurementHash: z.ZodString;
+    timestamp: z.ZodDate;
+    enclaveId: z.ZodString;
+    pcrs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    signature: z.ZodOptional<z.ZodString>;
+    certificateChain: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    attestationEndpoint: z.ZodOptional<z.ZodString>;
+    validUntil: z.ZodOptional<z.ZodDate>;
+}, "strip", z.ZodTypeAny, {
+    timestamp?: Date;
+    signature?: string;
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    measurementHash?: string;
+    enclaveId?: string;
+    pcrs?: Record<string, string>;
+    certificateChain?: string[];
+    attestationEndpoint?: string;
+    validUntil?: Date;
+}, {
+    timestamp?: Date;
+    signature?: string;
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    measurementHash?: string;
+    enclaveId?: string;
+    pcrs?: Record<string, string>;
+    certificateChain?: string[];
+    attestationEndpoint?: string;
+    validUntil?: Date;
+}>;
+/**
+ * TEE key binding - binds a DID key to an enclave
+ */
+export interface TEEKeyBinding {
+    /** DID verification method ID */
+    didKeyId: string;
+    /** Enclave key identifier */
+    enclaveKeyId: string;
+    /** Cryptographic binding proof */
+    bindingProof: string;
+    /** When the binding was created */
+    boundAt: Date;
+    /** Binding validity period */
+    validUntil?: Date;
+}
+export declare const teeKeyBindingSchema: z.ZodObject<{
+    didKeyId: z.ZodString;
+    enclaveKeyId: z.ZodString;
+    bindingProof: z.ZodString;
+    boundAt: z.ZodDate;
+    validUntil: z.ZodOptional<z.ZodDate>;
+}, "strip", z.ZodTypeAny, {
+    validUntil?: Date;
+    didKeyId?: string;
+    enclaveKeyId?: string;
+    bindingProof?: string;
+    boundAt?: Date;
+}, {
+    validUntil?: Date;
+    didKeyId?: string;
+    enclaveKeyId?: string;
+    bindingProof?: string;
+    boundAt?: Date;
+}>;
+/**
+ * TEE configuration
+ */
+export interface TEEConfig {
+    /** Which trust tiers require TEE (default: T4+) */
+    requiredForTiers: TrustTier[];
+    /** Allowed TEE platforms */
+    allowedPlatforms: TEEPlatform[];
+    /** Maximum attestation age before re-attestation required (seconds) */
+    maxAttestationAge: number;
+    /** Expected code measurements for verification */
+    expectedMeasurements?: Record<string, string>;
+    /** Attestation verification endpoint */
+    attestationVerificationEndpoint?: string;
+}
+export declare const teeConfigSchema: z.ZodObject<{
+    requiredForTiers: z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+    }>, "many">>;
+    allowedPlatforms: z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+        readonly SGX: "sgx";
+        readonly NITRO: "nitro";
+        readonly SEV: "sev";
+        readonly TRUSTZONE: "trustzone";
+        readonly SECURE_ENCLAVE: "secure-enclave";
+    }>, "many">>;
+    maxAttestationAge: z.ZodDefault<z.ZodNumber>;
+    expectedMeasurements: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    attestationVerificationEndpoint: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+    allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+    maxAttestationAge?: number;
+    expectedMeasurements?: Record<string, string>;
+    attestationVerificationEndpoint?: string;
+}, {
+    requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+    allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+    maxAttestationAge?: number;
+    expectedMeasurements?: Record<string, string>;
+    attestationVerificationEndpoint?: string;
+}>;
+/**
+ * TEE verification result
+ */
+export interface TEEVerificationResult {
+    /** Whether verification succeeded */
+    valid: boolean;
+    /** Verification error reason */
+    reason?: string;
+    /** Platform that was verified */
+    platform?: TEEPlatform;
+    /** Verified measurement hash */
+    measurementHash?: string;
+    /** Verification timestamp */
+    verifiedAt: string;
+    /** Whether production-grade verification was used */
+    productionVerified?: boolean;
+}
+export declare const teeVerificationResultSchema: z.ZodObject<{
+    valid: z.ZodBoolean;
+    reason: z.ZodOptional<z.ZodString>;
+    platform: z.ZodOptional<z.ZodNativeEnum<{
+        readonly SGX: "sgx";
+        readonly NITRO: "nitro";
+        readonly SEV: "sev";
+        readonly TRUSTZONE: "trustzone";
+        readonly SECURE_ENCLAVE: "secure-enclave";
+    }>>;
+    measurementHash: z.ZodOptional<z.ZodString>;
+    verifiedAt: z.ZodString;
+    productionVerified: z.ZodOptional<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    reason?: string;
+    valid?: boolean;
+    verifiedAt?: string;
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    measurementHash?: string;
+    productionVerified?: boolean;
+}, {
+    reason?: string;
+    valid?: boolean;
+    verifiedAt?: string;
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    measurementHash?: string;
+    productionVerified?: boolean;
+}>;
+/**
+ * Data types that may require pairwise DIDs
+ */
+export declare const DataClassification: {
+    readonly PUBLIC: "public";
+    readonly BUSINESS: "business";
+    readonly PERSONAL: "personal";
+    readonly SENSITIVE: "sensitive";
+    readonly REGULATED: "regulated";
+};
+export type DataClassification = (typeof DataClassification)[keyof typeof DataClassification];
+export declare const dataClassificationSchema: z.ZodNativeEnum<{
+    readonly PUBLIC: "public";
+    readonly BUSINESS: "business";
+    readonly PERSONAL: "personal";
+    readonly SENSITIVE: "sensitive";
+    readonly REGULATED: "regulated";
+}>;
+/**
+ * Pairwise DID derivation algorithm
+ */
+export declare const PairwiseDerivationAlgorithm: {
+    readonly SHA256: "sha256";
+    readonly HKDF: "hkdf";
+};
+export type PairwiseDerivationAlgorithm = (typeof PairwiseDerivationAlgorithm)[keyof typeof PairwiseDerivationAlgorithm];
+export declare const pairwiseDerivationAlgorithmSchema: z.ZodNativeEnum<{
+    readonly SHA256: "sha256";
+    readonly HKDF: "hkdf";
+}>;
+/**
+ * Pairwise DID configuration
+ */
+export interface PairwiseDIDConfig {
+    /** Data types that require pairwise DIDs */
+    requiredForDataTypes: DataClassification[];
+    /** Derivation algorithm */
+    derivationAlgorithm: PairwiseDerivationAlgorithm;
+    /** Salt length in bytes */
+    saltLength: number;
+    /** Info string for HKDF derivation */
+    hkdfInfo?: string;
+}
+export declare const pairwiseDIDConfigSchema: z.ZodObject<{
+    requiredForDataTypes: z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+        readonly PUBLIC: "public";
+        readonly BUSINESS: "business";
+        readonly PERSONAL: "personal";
+        readonly SENSITIVE: "sensitive";
+        readonly REGULATED: "regulated";
+    }>, "many">>;
+    derivationAlgorithm: z.ZodDefault<z.ZodNativeEnum<{
+        readonly SHA256: "sha256";
+        readonly HKDF: "hkdf";
+    }>>;
+    saltLength: z.ZodDefault<z.ZodNumber>;
+    hkdfInfo: z.ZodDefault<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    saltLength?: number;
+    requiredForDataTypes?: ("regulated" | "sensitive" | "public" | "business" | "personal")[];
+    derivationAlgorithm?: "sha256" | "hkdf";
+    hkdfInfo?: string;
+}, {
+    saltLength?: number;
+    requiredForDataTypes?: ("regulated" | "sensitive" | "public" | "business" | "personal")[];
+    derivationAlgorithm?: "sha256" | "hkdf";
+    hkdfInfo?: string;
+}>;
+/**
+ * Pairwise DID derivation record
+ */
+export interface PairwiseDerivation {
+    /** Agent's root/master DID */
+    masterDid: string;
+    /** Relying party's DID */
+    relyingPartyDid: string;
+    /** Random salt for this relationship */
+    contextSalt: string;
+    /** Derived pairwise DID */
+    derivedDid: string;
+    /** When the derivation was created */
+    createdAt: Date;
+}
+export declare const pairwiseDerivationSchema: z.ZodObject<{
+    masterDid: z.ZodString;
+    relyingPartyDid: z.ZodString;
+    contextSalt: z.ZodString;
+    derivedDid: z.ZodString;
+    createdAt: z.ZodDate;
+}, "strip", z.ZodTypeAny, {
+    createdAt?: Date;
+    masterDid?: string;
+    relyingPartyDid?: string;
+    contextSalt?: string;
+    derivedDid?: string;
+}, {
+    createdAt?: Date;
+    masterDid?: string;
+    relyingPartyDid?: string;
+    contextSalt?: string;
+    derivedDid?: string;
+}>;
+/**
+ * Revocation SLA configuration per trust tier
+ */
+export interface RevocationSLA {
+    /** Trust tier this SLA applies to */
+    tier: TrustTier;
+    /** Maximum propagation latency in milliseconds */
+    maxPropagationLatencyMs: number;
+    /** Whether synchronous check is required */
+    syncCheckRequired: boolean;
+    /** Whether token introspection is required */
+    introspectionRequired: boolean;
+}
+export declare const revocationSLASchema: z.ZodObject<{
+    tier: z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+    }>;
+    maxPropagationLatencyMs: z.ZodNumber;
+    syncCheckRequired: z.ZodBoolean;
+    introspectionRequired: z.ZodBoolean;
+}, "strip", z.ZodTypeAny, {
+    tier?: 0 | 1 | 2 | 3 | 4 | 5;
+    maxPropagationLatencyMs?: number;
+    syncCheckRequired?: boolean;
+    introspectionRequired?: boolean;
+}, {
+    tier?: 0 | 1 | 2 | 3 | 4 | 5;
+    maxPropagationLatencyMs?: number;
+    syncCheckRequired?: boolean;
+    introspectionRequired?: boolean;
+}>;
+/**
+ * Default revocation SLAs per CAR spec
+ */
+export declare const DEFAULT_REVOCATION_SLAS: RevocationSLA[];
+/**
+ * Revocation propagation policy
+ */
+export interface RevocationPropagationPolicy {
+    /** Whether to terminate descendant delegations */
+    terminateDescendants: boolean;
+    /** Grace period before termination (milliseconds) */
+    gracePeriodMs: number;
+    /** Whether to notify webhooks */
+    notifyWebhooks: boolean;
+}
+export declare const revocationPropagationPolicySchema: z.ZodObject<{
+    terminateDescendants: z.ZodDefault<z.ZodBoolean>;
+    gracePeriodMs: z.ZodDefault<z.ZodNumber>;
+    notifyWebhooks: z.ZodDefault<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    terminateDescendants?: boolean;
+    gracePeriodMs?: number;
+    notifyWebhooks?: boolean;
+}, {
+    terminateDescendants?: boolean;
+    gracePeriodMs?: number;
+    notifyWebhooks?: boolean;
+}>;
+/**
+ * Revocation request
+ */
+export interface RevocationPropagation {
+    /** DID of agent to revoke */
+    revokedDid: string;
+    /** Reason for revocation */
+    reason: string;
+    /** Propagation policy */
+    propagationPolicy: RevocationPropagationPolicy;
+}
+export declare const revocationPropagationSchema: z.ZodObject<{
+    revokedDid: z.ZodString;
+    reason: z.ZodString;
+    propagationPolicy: z.ZodObject<{
+        terminateDescendants: z.ZodDefault<z.ZodBoolean>;
+        gracePeriodMs: z.ZodDefault<z.ZodNumber>;
+        notifyWebhooks: z.ZodDefault<z.ZodBoolean>;
+    }, "strip", z.ZodTypeAny, {
+        terminateDescendants?: boolean;
+        gracePeriodMs?: number;
+        notifyWebhooks?: boolean;
+    }, {
+        terminateDescendants?: boolean;
+        gracePeriodMs?: number;
+        notifyWebhooks?: boolean;
+    }>;
+}, "strip", z.ZodTypeAny, {
+    reason?: string;
+    revokedDid?: string;
+    propagationPolicy?: {
+        terminateDescendants?: boolean;
+        gracePeriodMs?: number;
+        notifyWebhooks?: boolean;
+    };
+}, {
+    reason?: string;
+    revokedDid?: string;
+    propagationPolicy?: {
+        terminateDescendants?: boolean;
+        gracePeriodMs?: number;
+        notifyWebhooks?: boolean;
+    };
+}>;
+/**
+ * Revocation result
+ */
+export interface RevocationResult {
+    /** Unique revocation ID */
+    revocationId: string;
+    /** DID that was revoked */
+    revokedDid: string;
+    /** DIDs of descendants that were also revoked */
+    descendantsRevoked: string[];
+    /** Number of tokens invalidated */
+    tokensInvalidated: number;
+    /** Whether propagation completed successfully */
+    propagationComplete: boolean;
+    /** Revocation timestamp */
+    timestamp: Date;
+}
+export declare const revocationResultSchema: z.ZodObject<{
+    revocationId: z.ZodString;
+    revokedDid: z.ZodString;
+    descendantsRevoked: z.ZodArray<z.ZodString, "many">;
+    tokensInvalidated: z.ZodNumber;
+    propagationComplete: z.ZodBoolean;
+    timestamp: z.ZodDate;
+}, "strip", z.ZodTypeAny, {
+    timestamp?: Date;
+    revokedDid?: string;
+    revocationId?: string;
+    descendantsRevoked?: string[];
+    tokensInvalidated?: number;
+    propagationComplete?: boolean;
+}, {
+    timestamp?: Date;
+    revokedDid?: string;
+    revocationId?: string;
+    descendantsRevoked?: string[];
+    tokensInvalidated?: number;
+    propagationComplete?: boolean;
+}>;
+/**
+ * Revocation status
+ */
+export declare const RevocationStatusEnum: {
+    readonly ACTIVE: "active";
+    readonly REVOKED: "revoked";
+    readonly PENDING: "pending";
+};
+export type RevocationStatusEnum = (typeof RevocationStatusEnum)[keyof typeof RevocationStatusEnum];
+export declare const revocationStatusEnumSchema: z.ZodNativeEnum<{
+    readonly ACTIVE: "active";
+    readonly REVOKED: "revoked";
+    readonly PENDING: "pending";
+}>;
+/**
+ * Revocation status response
+ */
+export interface RevocationStatus {
+    /** DID being checked */
+    did: string;
+    /** Current status */
+    status: RevocationStatusEnum;
+    /** Revocation timestamp if revoked */
+    revokedAt?: Date;
+    /** Revocation reason if revoked */
+    reason?: string;
+    /** Whether this is from cache or sync check */
+    fromCache: boolean;
+    /** Cache age in milliseconds */
+    cacheAgeMs?: number;
+}
+export declare const revocationStatusSchema: z.ZodObject<{
+    did: z.ZodString;
+    status: z.ZodNativeEnum<{
+        readonly ACTIVE: "active";
+        readonly REVOKED: "revoked";
+        readonly PENDING: "pending";
+    }>;
+    revokedAt: z.ZodOptional<z.ZodDate>;
+    reason: z.ZodOptional<z.ZodString>;
+    fromCache: z.ZodBoolean;
+    cacheAgeMs: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    reason?: string;
+    status?: "pending" | "active" | "revoked";
+    revokedAt?: Date;
+    did?: string;
+    fromCache?: boolean;
+    cacheAgeMs?: number;
+}, {
+    reason?: string;
+    status?: "pending" | "active" | "revoked";
+    revokedAt?: Date;
+    did?: string;
+    fromCache?: boolean;
+    cacheAgeMs?: number;
+}>;
+/**
+ * Revocation event for webhooks/subscriptions
+ */
+export interface RevocationEvent {
+    /** Event type */
+    type: 'agent.revoked' | 'delegation.terminated' | 'token.invalidated';
+    /** Revocation ID */
+    revocationId: string;
+    /** Affected DID */
+    did: string;
+    /** Revocation reason */
+    reason: string;
+    /** Event timestamp */
+    timestamp: Date;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+export declare const revocationEventSchema: z.ZodObject<{
+    type: z.ZodEnum<["agent.revoked", "delegation.terminated", "token.invalidated"]>;
+    revocationId: z.ZodString;
+    did: z.ZodString;
+    reason: z.ZodString;
+    timestamp: z.ZodDate;
+    metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+}, "strip", z.ZodTypeAny, {
+    reason?: string;
+    type?: "agent.revoked" | "delegation.terminated" | "token.invalidated";
+    metadata?: Record<string, unknown>;
+    timestamp?: Date;
+    did?: string;
+    revocationId?: string;
+}, {
+    reason?: string;
+    type?: "agent.revoked" | "delegation.terminated" | "token.invalidated";
+    metadata?: Record<string, unknown>;
+    timestamp?: Date;
+    did?: string;
+    revocationId?: string;
+}>;
+/**
+ * Token lifetime configuration per CAR spec
+ */
+export interface TokenLifetimeConfig {
+    /** Access token maximum TTL in seconds (default: 300 = 5 min) */
+    accessTokenMaxTTL: number;
+    /** Refresh token maximum TTL in seconds (default: 86400 = 24 hr) */
+    refreshTokenMaxTTL: number;
+    /** ID token maximum TTL in seconds (default: 300 = 5 min) */
+    idTokenMaxTTL: number;
+    /** TTL for high-value operations L3+ (default: 60 = 1 min) */
+    highValueOperationTTL: number;
+    /** Threshold for proactive refresh (percentage of TTL remaining) */
+    refreshThreshold: number;
+}
+export declare const tokenLifetimeConfigSchema: z.ZodObject<{
+    accessTokenMaxTTL: z.ZodDefault<z.ZodNumber>;
+    refreshTokenMaxTTL: z.ZodDefault<z.ZodNumber>;
+    idTokenMaxTTL: z.ZodDefault<z.ZodNumber>;
+    highValueOperationTTL: z.ZodDefault<z.ZodNumber>;
+    refreshThreshold: z.ZodDefault<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    accessTokenMaxTTL?: number;
+    refreshTokenMaxTTL?: number;
+    idTokenMaxTTL?: number;
+    highValueOperationTTL?: number;
+    refreshThreshold?: number;
+}, {
+    accessTokenMaxTTL?: number;
+    refreshTokenMaxTTL?: number;
+    idTokenMaxTTL?: number;
+    highValueOperationTTL?: number;
+    refreshThreshold?: number;
+}>;
+/**
+ * Default token lifetime configuration
+ */
+export declare const DEFAULT_TOKEN_LIFETIME_CONFIG: TokenLifetimeConfig;
+/**
+ * Token introspection result per RFC 7662
+ */
+export interface IntrospectionResult {
+    /** Whether the token is active */
+    active: boolean;
+    /** Token scope */
+    scope?: string;
+    /** Client ID */
+    clientId?: string;
+    /** Username (subject) */
+    username?: string;
+    /** Token type */
+    tokenType?: string;
+    /** Expiration timestamp */
+    exp?: number;
+    /** Issued at timestamp */
+    iat?: number;
+    /** Not before timestamp */
+    nbf?: number;
+    /** Subject identifier */
+    sub?: string;
+    /** Audience */
+    aud?: string | string[];
+    /** Issuer */
+    iss?: string;
+    /** JWT ID */
+    jti?: string;
+    /** DPoP key confirmation */
+    cnf?: {
+        jkt?: string;
+    };
+    /** Introspection timestamp */
+    introspectedAt: string;
+    /** Whether result is from cache */
+    fromCache: boolean;
+}
+export declare const introspectionResultSchema: z.ZodObject<{
+    active: z.ZodBoolean;
+    scope: z.ZodOptional<z.ZodString>;
+    clientId: z.ZodOptional<z.ZodString>;
+    username: z.ZodOptional<z.ZodString>;
+    tokenType: z.ZodOptional<z.ZodString>;
+    exp: z.ZodOptional<z.ZodNumber>;
+    iat: z.ZodOptional<z.ZodNumber>;
+    nbf: z.ZodOptional<z.ZodNumber>;
+    sub: z.ZodOptional<z.ZodString>;
+    aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
+    iss: z.ZodOptional<z.ZodString>;
+    jti: z.ZodOptional<z.ZodString>;
+    cnf: z.ZodOptional<z.ZodObject<{
+        jkt: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        jkt?: string;
+    }, {
+        jkt?: string;
+    }>>;
+    introspectedAt: z.ZodString;
+    fromCache: z.ZodBoolean;
+}, "strip", z.ZodTypeAny, {
+    sub?: string;
+    clientId?: string;
+    iat?: number;
+    exp?: number;
+    active?: boolean;
+    jti?: string;
+    fromCache?: boolean;
+    scope?: string;
+    username?: string;
+    tokenType?: string;
+    nbf?: number;
+    aud?: string | string[];
+    iss?: string;
+    cnf?: {
+        jkt?: string;
+    };
+    introspectedAt?: string;
+}, {
+    sub?: string;
+    clientId?: string;
+    iat?: number;
+    exp?: number;
+    active?: boolean;
+    jti?: string;
+    fromCache?: boolean;
+    scope?: string;
+    username?: string;
+    tokenType?: string;
+    nbf?: number;
+    aud?: string | string[];
+    iss?: string;
+    cnf?: {
+        jkt?: string;
+    };
+    introspectedAt?: string;
+}>;
+/**
+ * Agent identity for security context
+ */
+export interface AgentIdentity {
+    /** Agent DID */
+    did: string;
+    /** Trust tier */
+    trustTier: TrustTier;
+    /** Capability level (L0-L5) */
+    capabilityLevel: number;
+    /** DID document */
+    didDocument?: unknown;
+    /** TEE binding if present */
+    teeBinding?: TEEKeyBinding;
+    /** Attestation chain */
+    attestationChain?: unknown[];
+}
+export declare const agentIdentitySchema: z.ZodObject<{
+    did: z.ZodString;
+    trustTier: z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+    }>;
+    capabilityLevel: z.ZodNumber;
+    didDocument: z.ZodOptional<z.ZodUnknown>;
+    teeBinding: z.ZodOptional<z.ZodObject<{
+        didKeyId: z.ZodString;
+        enclaveKeyId: z.ZodString;
+        bindingProof: z.ZodString;
+        boundAt: z.ZodDate;
+        validUntil: z.ZodOptional<z.ZodDate>;
+    }, "strip", z.ZodTypeAny, {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    }, {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    }>>;
+    attestationChain: z.ZodOptional<z.ZodArray<z.ZodUnknown, "many">>;
+}, "strip", z.ZodTypeAny, {
+    trustTier?: 0 | 1 | 2 | 3 | 4 | 5;
+    did?: string;
+    capabilityLevel?: number;
+    didDocument?: unknown;
+    teeBinding?: {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    };
+    attestationChain?: unknown[];
+}, {
+    trustTier?: 0 | 1 | 2 | 3 | 4 | 5;
+    did?: string;
+    capabilityLevel?: number;
+    didDocument?: unknown;
+    teeBinding?: {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    };
+    attestationChain?: unknown[];
+}>;
+/**
+ * Action request for security evaluation
+ */
+export interface ActionRequest {
+    /** Request ID */
+    requestId: string;
+    /** HTTP method */
+    method: string;
+    /** Request URI */
+    uri: string;
+    /** Action type/name */
+    actionType: string;
+    /** Action level (L0-L5) */
+    actionLevel: number;
+    /** Domain codes */
+    domains?: string[];
+    /** Whether this is a high-value operation */
+    isHighValue?: boolean;
+    /** Data classification */
+    dataClassification?: DataClassification;
+}
+export declare const actionRequestSchema: z.ZodObject<{
+    requestId: z.ZodString;
+    method: z.ZodString;
+    uri: z.ZodString;
+    actionType: z.ZodString;
+    actionLevel: z.ZodNumber;
+    domains: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    isHighValue: z.ZodOptional<z.ZodBoolean>;
+    dataClassification: z.ZodOptional<z.ZodNativeEnum<{
+        readonly PUBLIC: "public";
+        readonly BUSINESS: "business";
+        readonly PERSONAL: "personal";
+        readonly SENSITIVE: "sensitive";
+        readonly REGULATED: "regulated";
+    }>>;
+}, "strip", z.ZodTypeAny, {
+    requestId?: string;
+    method?: string;
+    actionType?: string;
+    dataClassification?: "regulated" | "sensitive" | "public" | "business" | "personal";
+    domains?: string[];
+    uri?: string;
+    actionLevel?: number;
+    isHighValue?: boolean;
+}, {
+    requestId?: string;
+    method?: string;
+    actionType?: string;
+    dataClassification?: "regulated" | "sensitive" | "public" | "business" | "personal";
+    domains?: string[];
+    uri?: string;
+    actionLevel?: number;
+    isHighValue?: boolean;
+}>;
+/**
+ * Security context for validation
+ */
+export interface SecurityContext {
+    /** Agent identity */
+    agent: AgentIdentity;
+    /** Current action request */
+    request: ActionRequest;
+    /** Access token */
+    accessToken: string;
+    /** DPoP proof if present */
+    dpopProof?: string;
+    /** DPoP public key */
+    dpopKey?: JsonWebKey;
+    /** TEE attestation if present */
+    teeAttestation?: TEEAttestation;
+    /** Pairwise DID if used */
+    pairwiseDid?: string;
+}
+export declare const securityContextSchema: z.ZodObject<{
+    agent: z.ZodObject<{
+        did: z.ZodString;
+        trustTier: z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+        }>;
+        capabilityLevel: z.ZodNumber;
+        didDocument: z.ZodOptional<z.ZodUnknown>;
+        teeBinding: z.ZodOptional<z.ZodObject<{
+            didKeyId: z.ZodString;
+            enclaveKeyId: z.ZodString;
+            bindingProof: z.ZodString;
+            boundAt: z.ZodDate;
+            validUntil: z.ZodOptional<z.ZodDate>;
+        }, "strip", z.ZodTypeAny, {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        }, {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        }>>;
+        attestationChain: z.ZodOptional<z.ZodArray<z.ZodUnknown, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        trustTier?: 0 | 1 | 2 | 3 | 4 | 5;
+        did?: string;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    }, {
+        trustTier?: 0 | 1 | 2 | 3 | 4 | 5;
+        did?: string;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    }>;
+    request: z.ZodObject<{
+        requestId: z.ZodString;
+        method: z.ZodString;
+        uri: z.ZodString;
+        actionType: z.ZodString;
+        actionLevel: z.ZodNumber;
+        domains: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        isHighValue: z.ZodOptional<z.ZodBoolean>;
+        dataClassification: z.ZodOptional<z.ZodNativeEnum<{
+            readonly PUBLIC: "public";
+            readonly BUSINESS: "business";
+            readonly PERSONAL: "personal";
+            readonly SENSITIVE: "sensitive";
+            readonly REGULATED: "regulated";
+        }>>;
+    }, "strip", z.ZodTypeAny, {
+        requestId?: string;
+        method?: string;
+        actionType?: string;
+        dataClassification?: "regulated" | "sensitive" | "public" | "business" | "personal";
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    }, {
+        requestId?: string;
+        method?: string;
+        actionType?: string;
+        dataClassification?: "regulated" | "sensitive" | "public" | "business" | "personal";
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    }>;
+    accessToken: z.ZodString;
+    dpopProof: z.ZodOptional<z.ZodString>;
+    dpopKey: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+    teeAttestation: z.ZodOptional<z.ZodObject<{
+        platform: z.ZodNativeEnum<{
+            readonly SGX: "sgx";
+            readonly NITRO: "nitro";
+            readonly SEV: "sev";
+            readonly TRUSTZONE: "trustzone";
+            readonly SECURE_ENCLAVE: "secure-enclave";
+        }>;
+        measurementHash: z.ZodString;
+        timestamp: z.ZodDate;
+        enclaveId: z.ZodString;
+        pcrs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+        signature: z.ZodOptional<z.ZodString>;
+        certificateChain: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        attestationEndpoint: z.ZodOptional<z.ZodString>;
+        validUntil: z.ZodOptional<z.ZodDate>;
+    }, "strip", z.ZodTypeAny, {
+        timestamp?: Date;
+        signature?: string;
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+        validUntil?: Date;
+    }, {
+        timestamp?: Date;
+        signature?: string;
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+        validUntil?: Date;
+    }>>;
+    pairwiseDid: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    agent?: {
+        trustTier?: 0 | 1 | 2 | 3 | 4 | 5;
+        did?: string;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    };
+    accessToken?: string;
+    request?: {
+        requestId?: string;
+        method?: string;
+        actionType?: string;
+        dataClassification?: "regulated" | "sensitive" | "public" | "business" | "personal";
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    };
+    dpopProof?: string;
+    dpopKey?: Record<string, unknown>;
+    teeAttestation?: {
+        timestamp?: Date;
+        signature?: string;
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+        validUntil?: Date;
+    };
+    pairwiseDid?: string;
+}, {
+    agent?: {
+        trustTier?: 0 | 1 | 2 | 3 | 4 | 5;
+        did?: string;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    };
+    accessToken?: string;
+    request?: {
+        requestId?: string;
+        method?: string;
+        actionType?: string;
+        dataClassification?: "regulated" | "sensitive" | "public" | "business" | "personal";
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    };
+    dpopProof?: string;
+    dpopKey?: Record<string, unknown>;
+    teeAttestation?: {
+        timestamp?: Date;
+        signature?: string;
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+        validUntil?: Date;
+    };
+    pairwiseDid?: string;
+}>;
+/**
+ * Security validation result
+ */
+export interface SecurityValidationResult {
+    /** Whether validation passed */
+    valid: boolean;
+    /** Validation errors */
+    errors: SecurityValidationError[];
+    /** Applied security level */
+    securityLevel: SecurityConformanceLevel;
+    /** Warnings (non-fatal) */
+    warnings: string[];
+    /** Validation timestamp */
+    validatedAt: string;
+}
+export interface SecurityValidationError {
+    /** Error code */
+    code: string;
+    /** Error message */
+    message: string;
+    /** Component that failed */
+    component: 'dpop' | 'tee' | 'pairwise' | 'revocation' | 'token' | 'introspection';
+}
+export declare const securityValidationErrorSchema: z.ZodObject<{
+    code: z.ZodString;
+    message: z.ZodString;
+    component: z.ZodEnum<["dpop", "tee", "pairwise", "revocation", "token", "introspection"]>;
+}, "strip", z.ZodTypeAny, {
+    component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+    code?: string;
+    message?: string;
+}, {
+    component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+    code?: string;
+    message?: string;
+}>;
+export declare const securityValidationResultSchema: z.ZodObject<{
+    valid: z.ZodBoolean;
+    errors: z.ZodArray<z.ZodObject<{
+        code: z.ZodString;
+        message: z.ZodString;
+        component: z.ZodEnum<["dpop", "tee", "pairwise", "revocation", "token", "introspection"]>;
+    }, "strip", z.ZodTypeAny, {
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+        code?: string;
+        message?: string;
+    }, {
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+        code?: string;
+        message?: string;
+    }>, "many">;
+    securityLevel: z.ZodNativeEnum<{
+        readonly NONE: "none";
+        readonly SH1_BASIC: "sh-1";
+        readonly SH2_STANDARD: "sh-2";
+        readonly SH3_HARDENED: "sh-3";
+    }>;
+    warnings: z.ZodArray<z.ZodString, "many">;
+    validatedAt: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    valid?: boolean;
+    errors?: {
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+        code?: string;
+        message?: string;
+    }[];
+    warnings?: string[];
+    validatedAt?: string;
+    securityLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+}, {
+    valid?: boolean;
+    errors?: {
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+        code?: string;
+        message?: string;
+    }[];
+    warnings?: string[];
+    validatedAt?: string;
+    securityLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+}>;
+/**
+ * Pre-request security check result
+ */
+export interface PreRequestResult {
+    /** Whether request can proceed */
+    allow: boolean;
+    /** Required actions before proceeding */
+    requiredActions?: ('dpop' | 'tee_attestation' | 'pairwise_did' | 'introspection')[];
+    /** Security requirements for this request */
+    requirements: SecurityRequirements;
+    /** Denial reason if not allowed */
+    denyReason?: string;
+}
+export declare const preRequestResultSchema: z.ZodObject<{
+    allow: z.ZodBoolean;
+    requiredActions: z.ZodOptional<z.ZodArray<z.ZodEnum<["dpop", "tee_attestation", "pairwise_did", "introspection"]>, "many">>;
+    requirements: z.ZodLazy<z.ZodObject<{
+        tier: z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+        }>;
+        conformanceLevel: z.ZodNativeEnum<{
+            readonly NONE: "none";
+            readonly SH1_BASIC: "sh-1";
+            readonly SH2_STANDARD: "sh-2";
+            readonly SH3_HARDENED: "sh-3";
+        }>;
+        dpopRequired: z.ZodBoolean;
+        teeRequired: z.ZodBoolean;
+        pairwiseRequired: z.ZodBoolean;
+        syncRevocationRequired: z.ZodBoolean;
+        maxTokenTTL: z.ZodNumber;
+        maxChainDepth: z.ZodNumber;
+    }, "strip", z.ZodTypeAny, {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    }, {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    }>>;
+    denyReason: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    allow?: boolean;
+    requiredActions?: ("dpop" | "introspection" | "tee_attestation" | "pairwise_did")[];
+    requirements?: {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    };
+    denyReason?: string;
+}, {
+    allow?: boolean;
+    requiredActions?: ("dpop" | "introspection" | "tee_attestation" | "pairwise_did")[];
+    requirements?: {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    };
+    denyReason?: string;
+}>;
+/**
+ * High-value operation check result
+ */
+export interface HighValueCheckResult {
+    /** Whether operation can proceed */
+    allow: boolean;
+    /** Whether introspection was performed */
+    introspectionPerformed: boolean;
+    /** Whether revocation was checked synchronously */
+    syncRevocationCheck: boolean;
+    /** Token remaining TTL in seconds */
+    tokenTTLRemaining?: number;
+    /** Denial reason if not allowed */
+    denyReason?: string;
+}
+export declare const highValueCheckResultSchema: z.ZodObject<{
+    allow: z.ZodBoolean;
+    introspectionPerformed: z.ZodBoolean;
+    syncRevocationCheck: z.ZodBoolean;
+    tokenTTLRemaining: z.ZodOptional<z.ZodNumber>;
+    denyReason: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    allow?: boolean;
+    denyReason?: string;
+    introspectionPerformed?: boolean;
+    syncRevocationCheck?: boolean;
+    tokenTTLRemaining?: number;
+}, {
+    allow?: boolean;
+    denyReason?: string;
+    introspectionPerformed?: boolean;
+    syncRevocationCheck?: boolean;
+    tokenTTLRemaining?: number;
+}>;
+/**
+ * Security requirements for a trust tier
+ */
+export interface SecurityRequirements {
+    /** Trust tier */
+    tier: TrustTier;
+    /** Required conformance level */
+    conformanceLevel: SecurityConformanceLevel;
+    /** Whether DPoP is required */
+    dpopRequired: boolean;
+    /** Whether TEE binding is required */
+    teeRequired: boolean;
+    /** Whether pairwise DIDs are required */
+    pairwiseRequired: boolean;
+    /** Whether sync revocation check is required */
+    syncRevocationRequired: boolean;
+    /** Maximum token TTL */
+    maxTokenTTL: number;
+    /** Maximum delegation chain depth */
+    maxChainDepth: number;
+}
+export declare const securityRequirementsSchema: z.ZodObject<{
+    tier: z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+    }>;
+    conformanceLevel: z.ZodNativeEnum<{
+        readonly NONE: "none";
+        readonly SH1_BASIC: "sh-1";
+        readonly SH2_STANDARD: "sh-2";
+        readonly SH3_HARDENED: "sh-3";
+    }>;
+    dpopRequired: z.ZodBoolean;
+    teeRequired: z.ZodBoolean;
+    pairwiseRequired: z.ZodBoolean;
+    syncRevocationRequired: z.ZodBoolean;
+    maxTokenTTL: z.ZodNumber;
+    maxChainDepth: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    tier?: 0 | 1 | 2 | 3 | 4 | 5;
+    conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+    dpopRequired?: boolean;
+    teeRequired?: boolean;
+    pairwiseRequired?: boolean;
+    syncRevocationRequired?: boolean;
+    maxTokenTTL?: number;
+    maxChainDepth?: number;
+}, {
+    tier?: 0 | 1 | 2 | 3 | 4 | 5;
+    conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+    dpopRequired?: boolean;
+    teeRequired?: boolean;
+    pairwiseRequired?: boolean;
+    syncRevocationRequired?: boolean;
+    maxTokenTTL?: number;
+    maxChainDepth?: number;
+}>;
+/**
+ * Get security requirements for a trust tier
+ */
+export declare function getSecurityRequirementsForTier(tier: TrustTier): SecurityRequirements;
+/**
+ * Incoming request structure for middleware
+ */
+export interface IncomingRequest {
+    /** Request ID */
+    requestId: string;
+    /** HTTP method */
+    method: string;
+    /** Request URI */
+    uri: string;
+    /** Authorization header */
+    authorization?: string;
+    /** DPoP header */
+    dpop?: string;
+    /** Additional headers */
+    headers: Record<string, string | string[] | undefined>;
+}
+export declare const incomingRequestSchema: z.ZodObject<{
+    requestId: z.ZodString;
+    method: z.ZodString;
+    uri: z.ZodString;
+    authorization: z.ZodOptional<z.ZodString>;
+    dpop: z.ZodOptional<z.ZodString>;
+    headers: z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">, z.ZodUndefined]>>;
+}, "strip", z.ZodTypeAny, {
+    authorization?: string;
+    requestId?: string;
+    method?: string;
+    headers?: Record<string, string | string[]>;
+    uri?: string;
+    dpop?: string;
+}, {
+    authorization?: string;
+    requestId?: string;
+    method?: string;
+    headers?: Record<string, string | string[]>;
+    uri?: string;
+    dpop?: string;
+}>;
+/**
+ * JTI cache interface for DPoP replay prevention
+ */
+export interface JTICache {
+    /** Store JTI with expiration */
+    store(jti: string, expiresAt: Date): Promise<void>;
+    /** Check if JTI has been seen */
+    exists(jti: string): Promise<boolean>;
+}
+/**
+ * Security plugin options for Fastify
+ */
+export interface SecurityPluginOptions {
+    /** DPoP configuration */
+    dpop?: Partial<DPoPConfig>;
+    /** TEE configuration */
+    tee?: Partial<TEEConfig>;
+    /** Pairwise DID configuration */
+    pairwiseDid?: Partial<PairwiseDIDConfig>;
+    /** Revocation SLA overrides */
+    revocationSLAs?: RevocationSLA[];
+    /** Token lifetime configuration */
+    tokenLifetime?: Partial<TokenLifetimeConfig>;
+    /** Token introspection endpoint */
+    introspectionEndpoint?: string;
+    /** Skip security checks for certain paths */
+    skipPaths?: string[];
+    /** Enable metrics collection */
+    enableMetrics?: boolean;
+}
+export declare const securityPluginOptionsSchema: z.ZodObject<{
+    dpop: z.ZodOptional<z.ZodObject<{
+        requiredForTiers: z.ZodOptional<z.ZodArray<z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+        }>, "many">>;
+        maxProofAge: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        nonceRequired: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
+        clockSkewTolerance: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        allowedAlgorithms: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<["ES256", "ES384", "ES512"]>, "many">>>;
+    }, "strip", z.ZodTypeAny, {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        maxProofAge?: number;
+        nonceRequired?: boolean;
+        clockSkewTolerance?: number;
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+    }, {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        maxProofAge?: number;
+        nonceRequired?: boolean;
+        clockSkewTolerance?: number;
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+    }>>;
+    tee: z.ZodOptional<z.ZodObject<{
+        requiredForTiers: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+        }>, "many">>>;
+        allowedPlatforms: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+            readonly SGX: "sgx";
+            readonly NITRO: "nitro";
+            readonly SEV: "sev";
+            readonly TRUSTZONE: "trustzone";
+            readonly SECURE_ENCLAVE: "secure-enclave";
+        }>, "many">>>;
+        maxAttestationAge: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        expectedMeasurements: z.ZodOptional<z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>>;
+        attestationVerificationEndpoint: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    }, {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    }>>;
+    pairwiseDid: z.ZodOptional<z.ZodObject<{
+        requiredForDataTypes: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+            readonly PUBLIC: "public";
+            readonly BUSINESS: "business";
+            readonly PERSONAL: "personal";
+            readonly SENSITIVE: "sensitive";
+            readonly REGULATED: "regulated";
+        }>, "many">>>;
+        derivationAlgorithm: z.ZodOptional<z.ZodDefault<z.ZodNativeEnum<{
+            readonly SHA256: "sha256";
+            readonly HKDF: "hkdf";
+        }>>>;
+        saltLength: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        hkdfInfo: z.ZodOptional<z.ZodDefault<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        saltLength?: number;
+        requiredForDataTypes?: ("regulated" | "sensitive" | "public" | "business" | "personal")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        hkdfInfo?: string;
+    }, {
+        saltLength?: number;
+        requiredForDataTypes?: ("regulated" | "sensitive" | "public" | "business" | "personal")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        hkdfInfo?: string;
+    }>>;
+    revocationSLAs: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        tier: z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+        }>;
+        maxPropagationLatencyMs: z.ZodNumber;
+        syncCheckRequired: z.ZodBoolean;
+        introspectionRequired: z.ZodBoolean;
+    }, "strip", z.ZodTypeAny, {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }, {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }>, "many">>;
+    tokenLifetime: z.ZodOptional<z.ZodObject<{
+        accessTokenMaxTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        refreshTokenMaxTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        idTokenMaxTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        highValueOperationTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        refreshThreshold: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+    }, "strip", z.ZodTypeAny, {
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+        refreshThreshold?: number;
+    }, {
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+        refreshThreshold?: number;
+    }>>;
+    introspectionEndpoint: z.ZodOptional<z.ZodString>;
+    skipPaths: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    enableMetrics: z.ZodOptional<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    pairwiseDid?: {
+        saltLength?: number;
+        requiredForDataTypes?: ("regulated" | "sensitive" | "public" | "business" | "personal")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        hkdfInfo?: string;
+    };
+    dpop?: {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        maxProofAge?: number;
+        nonceRequired?: boolean;
+        clockSkewTolerance?: number;
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+    };
+    tee?: {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    };
+    revocationSLAs?: {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }[];
+    tokenLifetime?: {
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+        refreshThreshold?: number;
+    };
+    introspectionEndpoint?: string;
+    skipPaths?: string[];
+    enableMetrics?: boolean;
+}, {
+    pairwiseDid?: {
+        saltLength?: number;
+        requiredForDataTypes?: ("regulated" | "sensitive" | "public" | "business" | "personal")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        hkdfInfo?: string;
+    };
+    dpop?: {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        maxProofAge?: number;
+        nonceRequired?: boolean;
+        clockSkewTolerance?: number;
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+    };
+    tee?: {
+        requiredForTiers?: (0 | 1 | 2 | 3 | 4 | 5)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    };
+    revocationSLAs?: {
+        tier?: 0 | 1 | 2 | 3 | 4 | 5;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }[];
+    tokenLifetime?: {
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+        refreshThreshold?: number;
+    };
+    introspectionEndpoint?: string;
+    skipPaths?: string[];
+    enableMetrics?: boolean;
+}>;
+//# sourceMappingURL=types.d.ts.map