npm - @vorionsys/security - Versions diffs - 1.0.0 - Mend

@vorionsys/security 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1843) hide show

package/LICENSE +190 -0
package/README.md +85 -0
package/dist/aci-extensions/aci-string-extensions.d.ts +334 -0
package/dist/aci-extensions/aci-string-extensions.d.ts.map +1 -0
package/dist/aci-extensions/aci-string-extensions.js +435 -0
package/dist/aci-extensions/aci-string-extensions.js.map +1 -0
package/dist/aci-extensions/builtin-extensions/audit.d.ts +88 -0
package/dist/aci-extensions/builtin-extensions/audit.d.ts.map +1 -0
package/dist/aci-extensions/builtin-extensions/audit.js +444 -0
package/dist/aci-extensions/builtin-extensions/audit.js.map +1 -0
package/dist/aci-extensions/builtin-extensions/governance.d.ts +32 -0
package/dist/aci-extensions/builtin-extensions/governance.d.ts.map +1 -0
package/dist/aci-extensions/builtin-extensions/governance.js +533 -0
package/dist/aci-extensions/builtin-extensions/governance.js.map +1 -0
package/dist/aci-extensions/builtin-extensions/monitoring.d.ts +43 -0
package/dist/aci-extensions/builtin-extensions/monitoring.d.ts.map +1 -0
package/dist/aci-extensions/builtin-extensions/monitoring.js +416 -0
package/dist/aci-extensions/builtin-extensions/monitoring.js.map +1 -0
package/dist/aci-extensions/executor.d.ts +208 -0
package/dist/aci-extensions/executor.d.ts.map +1 -0
package/dist/aci-extensions/executor.js +789 -0
package/dist/aci-extensions/executor.js.map +1 -0
package/dist/aci-extensions/index.d.ts +6 -0
package/dist/aci-extensions/index.d.ts.map +1 -0
package/dist/aci-extensions/index.js +6 -0
package/dist/aci-extensions/index.js.map +1 -0
package/dist/aci-extensions/registry.d.ts +217 -0
package/dist/aci-extensions/registry.d.ts.map +1 -0
package/dist/aci-extensions/registry.js +443 -0
package/dist/aci-extensions/registry.js.map +1 -0
package/dist/aci-extensions/service.d.ts +220 -0
package/dist/aci-extensions/service.d.ts.map +1 -0
package/dist/aci-extensions/service.js +484 -0
package/dist/aci-extensions/service.js.map +1 -0
package/dist/aci-extensions/types.d.ts +2265 -0
package/dist/aci-extensions/types.d.ts.map +1 -0
package/dist/aci-extensions/types.js +389 -0
package/dist/aci-extensions/types.js.map +1 -0
package/dist/api/auth.d.ts +55 -0
package/dist/api/auth.d.ts.map +1 -0
package/dist/api/auth.js +306 -0
package/dist/api/auth.js.map +1 -0
package/dist/api/errors.d.ts +146 -0
package/dist/api/errors.d.ts.map +1 -0
package/dist/api/errors.js +464 -0
package/dist/api/errors.js.map +1 -0
package/dist/api/index.d.ts +16 -0
package/dist/api/index.d.ts.map +1 -0
package/dist/api/index.js +19 -0
package/dist/api/index.js.map +1 -0
package/dist/api/middleware/api-key-enforcement.d.ts +131 -0
package/dist/api/middleware/api-key-enforcement.d.ts.map +1 -0
package/dist/api/middleware/api-key-enforcement.js +674 -0
package/dist/api/middleware/api-key-enforcement.js.map +1 -0
package/dist/api/middleware/audit.d.ts +151 -0
package/dist/api/middleware/audit.d.ts.map +1 -0
package/dist/api/middleware/audit.js +384 -0
package/dist/api/middleware/audit.js.map +1 -0
package/dist/api/middleware/dpop-enforcement.d.ts +176 -0
package/dist/api/middleware/dpop-enforcement.d.ts.map +1 -0
package/dist/api/middleware/dpop-enforcement.js +596 -0
package/dist/api/middleware/dpop-enforcement.js.map +1 -0
package/dist/api/middleware/index.d.ts +23 -0
package/dist/api/middleware/index.d.ts.map +1 -0
package/dist/api/middleware/index.js +41 -0
package/dist/api/middleware/index.js.map +1 -0
package/dist/api/middleware/metrics.d.ts +41 -0
package/dist/api/middleware/metrics.d.ts.map +1 -0
package/dist/api/middleware/metrics.js +150 -0
package/dist/api/middleware/metrics.js.map +1 -0
package/dist/api/middleware/rate-limits.d.ts +224 -0
package/dist/api/middleware/rate-limits.d.ts.map +1 -0
package/dist/api/middleware/rate-limits.js +686 -0
package/dist/api/middleware/rate-limits.js.map +1 -0
package/dist/api/middleware/rateLimit.d.ts +165 -0
package/dist/api/middleware/rateLimit.d.ts.map +1 -0
package/dist/api/middleware/rateLimit.js +477 -0
package/dist/api/middleware/rateLimit.js.map +1 -0
package/dist/api/middleware/redis-rate-limiter.d.ts +279 -0
package/dist/api/middleware/redis-rate-limiter.d.ts.map +1 -0
package/dist/api/middleware/redis-rate-limiter.js +1074 -0
package/dist/api/middleware/redis-rate-limiter.js.map +1 -0
package/dist/api/middleware/security.d.ts +156 -0
package/dist/api/middleware/security.d.ts.map +1 -0
package/dist/api/middleware/security.js +412 -0
package/dist/api/middleware/security.js.map +1 -0
package/dist/api/middleware/validation.d.ts +132 -0
package/dist/api/middleware/validation.d.ts.map +1 -0
package/dist/api/middleware/validation.js +363 -0
package/dist/api/middleware/validation.js.map +1 -0
package/dist/api/middleware/webhook-verify.d.ts +130 -0
package/dist/api/middleware/webhook-verify.d.ts.map +1 -0
package/dist/api/middleware/webhook-verify.js +366 -0
package/dist/api/middleware/webhook-verify.js.map +1 -0
package/dist/api/rate-limit.d.ts +115 -0
package/dist/api/rate-limit.d.ts.map +1 -0
package/dist/api/rate-limit.js +335 -0
package/dist/api/rate-limit.js.map +1 -0
package/dist/api/routes/extensions.d.ts +40 -0
package/dist/api/routes/extensions.d.ts.map +1 -0
package/dist/api/routes/extensions.js +434 -0
package/dist/api/routes/extensions.js.map +1 -0
package/dist/api/routes/mfa.d.ts +44 -0
package/dist/api/routes/mfa.d.ts.map +1 -0
package/dist/api/routes/mfa.js +270 -0
package/dist/api/routes/mfa.js.map +1 -0
package/dist/api/server.d.ts +37 -0
package/dist/api/server.d.ts.map +1 -0
package/dist/api/server.js +1967 -0
package/dist/api/server.js.map +1 -0
package/dist/api/v1/admin.d.ts +11 -0
package/dist/api/v1/admin.d.ts.map +1 -0
package/dist/api/v1/admin.js +207 -0
package/dist/api/v1/admin.js.map +1 -0
package/dist/api/v1/audit.d.ts +14 -0
package/dist/api/v1/audit.d.ts.map +1 -0
package/dist/api/v1/audit.js +376 -0
package/dist/api/v1/audit.js.map +1 -0
package/dist/api/v1/auth.d.ts +17 -0
package/dist/api/v1/auth.d.ts.map +1 -0
package/dist/api/v1/auth.js +637 -0
package/dist/api/v1/auth.js.map +1 -0
package/dist/api/v1/compliance.d.ts +62 -0
package/dist/api/v1/compliance.d.ts.map +1 -0
package/dist/api/v1/compliance.js +858 -0
package/dist/api/v1/compliance.js.map +1 -0
package/dist/api/v1/constraints.d.ts +11 -0
package/dist/api/v1/constraints.d.ts.map +1 -0
package/dist/api/v1/constraints.js +71 -0
package/dist/api/v1/constraints.js.map +1 -0
package/dist/api/v1/dashboard.d.ts +224 -0
package/dist/api/v1/dashboard.d.ts.map +1 -0
package/dist/api/v1/dashboard.js +833 -0
package/dist/api/v1/dashboard.js.map +1 -0
package/dist/api/v1/docs.d.ts +11 -0
package/dist/api/v1/docs.d.ts.map +1 -0
package/dist/api/v1/docs.js +95 -0
package/dist/api/v1/docs.js.map +1 -0
package/dist/api/v1/escalations.d.ts +11 -0
package/dist/api/v1/escalations.d.ts.map +1 -0
package/dist/api/v1/escalations.js +857 -0
package/dist/api/v1/escalations.js.map +1 -0
package/dist/api/v1/gdpr.d.ts +11 -0
package/dist/api/v1/gdpr.d.ts.map +1 -0
package/dist/api/v1/gdpr.js +220 -0
package/dist/api/v1/gdpr.js.map +1 -0
package/dist/api/v1/health.d.ts +22 -0
package/dist/api/v1/health.d.ts.map +1 -0
package/dist/api/v1/health.js +512 -0
package/dist/api/v1/health.js.map +1 -0
package/dist/api/v1/index.d.ts +22 -0
package/dist/api/v1/index.d.ts.map +1 -0
package/dist/api/v1/index.js +81 -0
package/dist/api/v1/index.js.map +1 -0
package/dist/api/v1/intents.d.ts +11 -0
package/dist/api/v1/intents.d.ts.map +1 -0
package/dist/api/v1/intents.js +239 -0
package/dist/api/v1/intents.js.map +1 -0
package/dist/api/v1/operations.d.ts +21 -0
package/dist/api/v1/operations.d.ts.map +1 -0
package/dist/api/v1/operations.js +140 -0
package/dist/api/v1/operations.js.map +1 -0
package/dist/api/v1/policies.d.ts +11 -0
package/dist/api/v1/policies.d.ts.map +1 -0
package/dist/api/v1/policies.js +763 -0
package/dist/api/v1/policies.js.map +1 -0
package/dist/api/v1/proofs.d.ts +13 -0
package/dist/api/v1/proofs.d.ts.map +1 -0
package/dist/api/v1/proofs.js +239 -0
package/dist/api/v1/proofs.js.map +1 -0
package/dist/api/v1/security-dashboard.d.ts +1090 -0
package/dist/api/v1/security-dashboard.d.ts.map +1 -0
package/dist/api/v1/security-dashboard.js +755 -0
package/dist/api/v1/security-dashboard.js.map +1 -0
package/dist/api/v1/service-accounts.d.ts +16 -0
package/dist/api/v1/service-accounts.d.ts.map +1 -0
package/dist/api/v1/service-accounts.js +563 -0
package/dist/api/v1/service-accounts.js.map +1 -0
package/dist/api/v1/sessions.d.ts +36 -0
package/dist/api/v1/sessions.d.ts.map +1 -0
package/dist/api/v1/sessions.js +333 -0
package/dist/api/v1/sessions.js.map +1 -0
package/dist/api/v1/trust.d.ts +14 -0
package/dist/api/v1/trust.d.ts.map +1 -0
package/dist/api/v1/trust.js +578 -0
package/dist/api/v1/trust.js.map +1 -0
package/dist/api/v1/webhooks.d.ts +11 -0
package/dist/api/v1/webhooks.d.ts.map +1 -0
package/dist/api/v1/webhooks.js +250 -0
package/dist/api/v1/webhooks.js.map +1 -0
package/dist/api/v2/trust.d.ts +20 -0
package/dist/api/v2/trust.d.ts.map +1 -0
package/dist/api/v2/trust.js +362 -0
package/dist/api/v2/trust.js.map +1 -0
package/dist/api/validation.d.ts +243 -0
package/dist/api/validation.d.ts.map +1 -0
package/dist/api/validation.js +247 -0
package/dist/api/validation.js.map +1 -0
package/dist/api/versioning/backward-compat.d.ts +28 -0
package/dist/api/versioning/backward-compat.d.ts.map +1 -0
package/dist/api/versioning/backward-compat.js +161 -0
package/dist/api/versioning/backward-compat.js.map +1 -0
package/dist/api/versioning/index.d.ts +112 -0
package/dist/api/versioning/index.d.ts.map +1 -0
package/dist/api/versioning/index.js +199 -0
package/dist/api/versioning/index.js.map +1 -0
package/dist/audit/compliance-reporter.d.ts +271 -0
package/dist/audit/compliance-reporter.d.ts.map +1 -0
package/dist/audit/compliance-reporter.js +587 -0
package/dist/audit/compliance-reporter.js.map +1 -0
package/dist/audit/db-store.d.ts +689 -0
package/dist/audit/db-store.d.ts.map +1 -0
package/dist/audit/db-store.js +589 -0
package/dist/audit/db-store.js.map +1 -0
package/dist/audit/event-schema.d.ts +605 -0
package/dist/audit/event-schema.d.ts.map +1 -0
package/dist/audit/event-schema.js +566 -0
package/dist/audit/event-schema.js.map +1 -0
package/dist/audit/index.d.ts +16 -0
package/dist/audit/index.d.ts.map +1 -0
package/dist/audit/index.js +44 -0
package/dist/audit/index.js.map +1 -0
package/dist/audit/security-events.d.ts +1624 -0
package/dist/audit/security-events.d.ts.map +1 -0
package/dist/audit/security-events.js +775 -0
package/dist/audit/security-events.js.map +1 -0
package/dist/audit/security-logger.d.ts +288 -0
package/dist/audit/security-logger.d.ts.map +1 -0
package/dist/audit/security-logger.js +820 -0
package/dist/audit/security-logger.js.map +1 -0
package/dist/audit/service.d.ts +206 -0
package/dist/audit/service.d.ts.map +1 -0
package/dist/audit/service.js +756 -0
package/dist/audit/service.js.map +1 -0
package/dist/audit/siem/elastic.d.ts +94 -0
package/dist/audit/siem/elastic.d.ts.map +1 -0
package/dist/audit/siem/elastic.js +411 -0
package/dist/audit/siem/elastic.js.map +1 -0
package/dist/audit/siem/index.d.ts +179 -0
package/dist/audit/siem/index.d.ts.map +1 -0
package/dist/audit/siem/index.js +368 -0
package/dist/audit/siem/index.js.map +1 -0
package/dist/audit/siem/loki.d.ts +100 -0
package/dist/audit/siem/loki.d.ts.map +1 -0
package/dist/audit/siem/loki.js +405 -0
package/dist/audit/siem/loki.js.map +1 -0
package/dist/audit/siem/splunk.d.ts +91 -0
package/dist/audit/siem/splunk.d.ts.map +1 -0
package/dist/audit/siem/splunk.js +374 -0
package/dist/audit/siem/splunk.js.map +1 -0
package/dist/audit/siem/types.d.ts +547 -0
package/dist/audit/siem/types.d.ts.map +1 -0
package/dist/audit/siem/types.js +270 -0
package/dist/audit/siem/types.js.map +1 -0
package/dist/audit/types.d.ts +405 -0
package/dist/audit/types.d.ts.map +1 -0
package/dist/audit/types.js +121 -0
package/dist/audit/types.js.map +1 -0
package/dist/auth/mfa/index.d.ts +66 -0
package/dist/auth/mfa/index.d.ts.map +1 -0
package/dist/auth/mfa/index.js +15 -0
package/dist/auth/mfa/index.js.map +1 -0
package/dist/auth/mfa/totp.d.ts +221 -0
package/dist/auth/mfa/totp.d.ts.map +1 -0
package/dist/auth/mfa/totp.js +324 -0
package/dist/auth/mfa/totp.js.map +1 -0
package/dist/auth/mfa/webauthn.d.ts +224 -0
package/dist/auth/mfa/webauthn.d.ts.map +1 -0
package/dist/auth/mfa/webauthn.js +409 -0
package/dist/auth/mfa/webauthn.js.map +1 -0
package/dist/auth/sso/index.d.ts +247 -0
package/dist/auth/sso/index.d.ts.map +1 -0
package/dist/auth/sso/index.js +763 -0
package/dist/auth/sso/index.js.map +1 -0
package/dist/auth/sso/oidc-provider.d.ts +146 -0
package/dist/auth/sso/oidc-provider.d.ts.map +1 -0
package/dist/auth/sso/oidc-provider.js +589 -0
package/dist/auth/sso/oidc-provider.js.map +1 -0
package/dist/auth/sso/types.d.ts +488 -0
package/dist/auth/sso/types.d.ts.map +1 -0
package/dist/auth/sso/types.js +73 -0
package/dist/auth/sso/types.js.map +1 -0
package/dist/basis/evaluator.d.ts +70 -0
package/dist/basis/evaluator.d.ts.map +1 -0
package/dist/basis/evaluator.js +269 -0
package/dist/basis/evaluator.js.map +1 -0
package/dist/basis/expression-evaluator.d.ts +77 -0
package/dist/basis/expression-evaluator.d.ts.map +1 -0
package/dist/basis/expression-evaluator.js +826 -0
package/dist/basis/expression-evaluator.js.map +1 -0
package/dist/basis/index.d.ts +13 -0
package/dist/basis/index.d.ts.map +1 -0
package/dist/basis/index.js +13 -0
package/dist/basis/index.js.map +1 -0
package/dist/basis/parser.d.ts +376 -0
package/dist/basis/parser.d.ts.map +1 -0
package/dist/basis/parser.js +174 -0
package/dist/basis/parser.js.map +1 -0
package/dist/basis/types.d.ts +115 -0
package/dist/basis/types.d.ts.map +1 -0
package/dist/basis/types.js +5 -0
package/dist/basis/types.js.map +1 -0
package/dist/car-extensions/builtin-extensions/audit.d.ts +88 -0
package/dist/car-extensions/builtin-extensions/audit.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/audit.js +444 -0
package/dist/car-extensions/builtin-extensions/audit.js.map +1 -0
package/dist/car-extensions/builtin-extensions/governance.d.ts +32 -0
package/dist/car-extensions/builtin-extensions/governance.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/governance.js +533 -0
package/dist/car-extensions/builtin-extensions/governance.js.map +1 -0
package/dist/car-extensions/builtin-extensions/monitoring.d.ts +43 -0
package/dist/car-extensions/builtin-extensions/monitoring.d.ts.map +1 -0
package/dist/car-extensions/builtin-extensions/monitoring.js +416 -0
package/dist/car-extensions/builtin-extensions/monitoring.js.map +1 -0
package/dist/car-extensions/car-string-extensions.d.ts +334 -0
package/dist/car-extensions/car-string-extensions.d.ts.map +1 -0
package/dist/car-extensions/car-string-extensions.js +435 -0
package/dist/car-extensions/car-string-extensions.js.map +1 -0
package/dist/car-extensions/executor.d.ts +208 -0
package/dist/car-extensions/executor.d.ts.map +1 -0
package/dist/car-extensions/executor.js +789 -0
package/dist/car-extensions/executor.js.map +1 -0
package/dist/car-extensions/index.d.ts +94 -0
package/dist/car-extensions/index.d.ts.map +1 -0
package/dist/car-extensions/index.js +157 -0
package/dist/car-extensions/index.js.map +1 -0
package/dist/car-extensions/registry.d.ts +217 -0
package/dist/car-extensions/registry.d.ts.map +1 -0
package/dist/car-extensions/registry.js +443 -0
package/dist/car-extensions/registry.js.map +1 -0
package/dist/car-extensions/service.d.ts +220 -0
package/dist/car-extensions/service.d.ts.map +1 -0
package/dist/car-extensions/service.js +484 -0
package/dist/car-extensions/service.js.map +1 -0
package/dist/car-extensions/types.d.ts +2265 -0
package/dist/car-extensions/types.d.ts.map +1 -0
package/dist/car-extensions/types.js +389 -0
package/dist/car-extensions/types.js.map +1 -0
package/dist/cognigate/index.d.ts +139 -0
package/dist/cognigate/index.d.ts.map +1 -0
package/dist/cognigate/index.js +404 -0
package/dist/cognigate/index.js.map +1 -0
package/dist/cognigate/lua-scripts.d.ts +96 -0
package/dist/cognigate/lua-scripts.d.ts.map +1 -0
package/dist/cognigate/lua-scripts.js +264 -0
package/dist/cognigate/lua-scripts.js.map +1 -0
package/dist/cognigate/metrics.d.ts +112 -0
package/dist/cognigate/metrics.d.ts.map +1 -0
package/dist/cognigate/metrics.js +229 -0
package/dist/cognigate/metrics.js.map +1 -0
package/dist/cognigate/output-integration.d.ts +86 -0
package/dist/cognigate/output-integration.d.ts.map +1 -0
package/dist/cognigate/output-integration.js +184 -0
package/dist/cognigate/output-integration.js.map +1 -0
package/dist/cognigate/resource-interceptors.d.ts +77 -0
package/dist/cognigate/resource-interceptors.d.ts.map +1 -0
package/dist/cognigate/resource-interceptors.js +143 -0
package/dist/cognigate/resource-interceptors.js.map +1 -0
package/dist/cognigate/resource-state-provider.d.ts +103 -0
package/dist/cognigate/resource-state-provider.d.ts.map +1 -0
package/dist/cognigate/resource-state-provider.js +195 -0
package/dist/cognigate/resource-state-provider.js.map +1 -0
package/dist/cognigate/resource-tracker.d.ts +85 -0
package/dist/cognigate/resource-tracker.d.ts.map +1 -0
package/dist/cognigate/resource-tracker.js +216 -0
package/dist/cognigate/resource-tracker.js.map +1 -0
package/dist/cognigate/types.d.ts +199 -0
package/dist/cognigate/types.d.ts.map +1 -0
package/dist/cognigate/types.js +11 -0
package/dist/cognigate/types.js.map +1 -0
package/dist/common/adapters/index.d.ts +34 -0
package/dist/common/adapters/index.d.ts.map +1 -0
package/dist/common/adapters/index.js +46 -0
package/dist/common/adapters/index.js.map +1 -0
package/dist/common/adapters/memory-cache.d.ts +91 -0
package/dist/common/adapters/memory-cache.d.ts.map +1 -0
package/dist/common/adapters/memory-cache.js +201 -0
package/dist/common/adapters/memory-cache.js.map +1 -0
package/dist/common/adapters/memory-lock.d.ts +75 -0
package/dist/common/adapters/memory-lock.d.ts.map +1 -0
package/dist/common/adapters/memory-lock.js +219 -0
package/dist/common/adapters/memory-lock.js.map +1 -0
package/dist/common/adapters/memory-queue.d.ts +64 -0
package/dist/common/adapters/memory-queue.d.ts.map +1 -0
package/dist/common/adapters/memory-queue.js +233 -0
package/dist/common/adapters/memory-queue.js.map +1 -0
package/dist/common/adapters/memory-ratelimit.d.ts +78 -0
package/dist/common/adapters/memory-ratelimit.d.ts.map +1 -0
package/dist/common/adapters/memory-ratelimit.js +196 -0
package/dist/common/adapters/memory-ratelimit.js.map +1 -0
package/dist/common/adapters/memory-session.d.ts +105 -0
package/dist/common/adapters/memory-session.d.ts.map +1 -0
package/dist/common/adapters/memory-session.js +302 -0
package/dist/common/adapters/memory-session.js.map +1 -0
package/dist/common/adapters/provider.d.ts +47 -0
package/dist/common/adapters/provider.d.ts.map +1 -0
package/dist/common/adapters/provider.js +347 -0
package/dist/common/adapters/provider.js.map +1 -0
package/dist/common/adapters/types.d.ts +247 -0
package/dist/common/adapters/types.d.ts.map +1 -0
package/dist/common/adapters/types.js +11 -0
package/dist/common/adapters/types.js.map +1 -0
package/dist/common/authorization.d.ts +137 -0
package/dist/common/authorization.d.ts.map +1 -0
package/dist/common/authorization.js +270 -0
package/dist/common/authorization.js.map +1 -0
package/dist/common/canonical-bridge.d.ts +151 -0
package/dist/common/canonical-bridge.d.ts.map +1 -0
package/dist/common/canonical-bridge.js +231 -0
package/dist/common/canonical-bridge.js.map +1 -0
package/dist/common/canonical-json.d.ts +64 -0
package/dist/common/canonical-json.d.ts.map +1 -0
package/dist/common/canonical-json.js +95 -0
package/dist/common/canonical-json.js.map +1 -0
package/dist/common/circuit-breaker.d.ts +320 -0
package/dist/common/circuit-breaker.d.ts.map +1 -0
package/dist/common/circuit-breaker.js +850 -0
package/dist/common/circuit-breaker.js.map +1 -0
package/dist/common/config.d.ts +1678 -0
package/dist/common/config.d.ts.map +1 -0
package/dist/common/config.js +1057 -0
package/dist/common/config.js.map +1 -0
package/dist/common/contracts/index.d.ts +2 -0
package/dist/common/contracts/index.d.ts.map +1 -0
package/dist/common/contracts/index.js +2 -0
package/dist/common/contracts/index.js.map +1 -0
package/dist/common/contracts/output.d.ts +81 -0
package/dist/common/contracts/output.d.ts.map +1 -0
package/dist/common/contracts/output.js +38 -0
package/dist/common/contracts/output.js.map +1 -0
package/dist/common/crypto.d.ts +70 -0
package/dist/common/crypto.d.ts.map +1 -0
package/dist/common/crypto.js +201 -0
package/dist/common/crypto.js.map +1 -0
package/dist/common/database-resilience.d.ts +156 -0
package/dist/common/database-resilience.d.ts.map +1 -0
package/dist/common/database-resilience.js +269 -0
package/dist/common/database-resilience.js.map +1 -0
package/dist/common/db-metrics.d.ts +90 -0
package/dist/common/db-metrics.d.ts.map +1 -0
package/dist/common/db-metrics.js +219 -0
package/dist/common/db-metrics.js.map +1 -0
package/dist/common/db-pool.d.ts +307 -0
package/dist/common/db-pool.d.ts.map +1 -0
package/dist/common/db-pool.js +879 -0
package/dist/common/db-pool.js.map +1 -0
package/dist/common/db.d.ts +105 -0
package/dist/common/db.d.ts.map +1 -0
package/dist/common/db.js +216 -0
package/dist/common/db.js.map +1 -0
package/dist/common/di.d.ts +202 -0
package/dist/common/di.d.ts.map +1 -0
package/dist/common/di.js +219 -0
package/dist/common/di.js.map +1 -0
package/dist/common/encryption.d.ts +131 -0
package/dist/common/encryption.d.ts.map +1 -0
package/dist/common/encryption.js +255 -0
package/dist/common/encryption.js.map +1 -0
package/dist/common/errors.d.ts +229 -0
package/dist/common/errors.d.ts.map +1 -0
package/dist/common/errors.js +349 -0
package/dist/common/errors.js.map +1 -0
package/dist/common/expression/evaluator.d.ts +58 -0
package/dist/common/expression/evaluator.d.ts.map +1 -0
package/dist/common/expression/evaluator.js +326 -0
package/dist/common/expression/evaluator.js.map +1 -0
package/dist/common/expression/index.d.ts +180 -0
package/dist/common/expression/index.d.ts.map +1 -0
package/dist/common/expression/index.js +198 -0
package/dist/common/expression/index.js.map +1 -0
package/dist/common/expression/lexer.d.ts +69 -0
package/dist/common/expression/lexer.d.ts.map +1 -0
package/dist/common/expression/lexer.js +255 -0
package/dist/common/expression/lexer.js.map +1 -0
package/dist/common/expression/parser.d.ts +133 -0
package/dist/common/expression/parser.d.ts.map +1 -0
package/dist/common/expression/parser.js +293 -0
package/dist/common/expression/parser.js.map +1 -0
package/dist/common/group-membership.d.ts +119 -0
package/dist/common/group-membership.d.ts.map +1 -0
package/dist/common/group-membership.js +250 -0
package/dist/common/group-membership.js.map +1 -0
package/dist/common/index.d.ts +14 -0
package/dist/common/index.d.ts.map +1 -0
package/dist/common/index.js +15 -0
package/dist/common/index.js.map +1 -0
package/dist/common/leader-election.d.ts +40 -0
package/dist/common/leader-election.d.ts.map +1 -0
package/dist/common/leader-election.js +232 -0
package/dist/common/leader-election.js.map +1 -0
package/dist/common/lock.d.ts +77 -0
package/dist/common/lock.d.ts.map +1 -0
package/dist/common/lock.js +167 -0
package/dist/common/lock.js.map +1 -0
package/dist/common/logger.d.ts +19 -0
package/dist/common/logger.d.ts.map +1 -0
package/dist/common/logger.js +80 -0
package/dist/common/logger.js.map +1 -0
package/dist/common/metrics-registry.d.ts +48 -0
package/dist/common/metrics-registry.d.ts.map +1 -0
package/dist/common/metrics-registry.js +77 -0
package/dist/common/metrics-registry.js.map +1 -0
package/dist/common/metrics.d.ts +227 -0
package/dist/common/metrics.d.ts.map +1 -0
package/dist/common/metrics.js +524 -0
package/dist/common/metrics.js.map +1 -0
package/dist/common/operation-tracker.d.ts +137 -0
package/dist/common/operation-tracker.d.ts.map +1 -0
package/dist/common/operation-tracker.js +366 -0
package/dist/common/operation-tracker.js.map +1 -0
package/dist/common/provenance/chain.d.ts +54 -0
package/dist/common/provenance/chain.d.ts.map +1 -0
package/dist/common/provenance/chain.js +252 -0
package/dist/common/provenance/chain.js.map +1 -0
package/dist/common/provenance/index.d.ts +14 -0
package/dist/common/provenance/index.d.ts.map +1 -0
package/dist/common/provenance/index.js +19 -0
package/dist/common/provenance/index.js.map +1 -0
package/dist/common/provenance/query.d.ts +111 -0
package/dist/common/provenance/query.d.ts.map +1 -0
package/dist/common/provenance/query.js +310 -0
package/dist/common/provenance/query.js.map +1 -0
package/dist/common/provenance/storage.d.ts +297 -0
package/dist/common/provenance/storage.d.ts.map +1 -0
package/dist/common/provenance/storage.js +436 -0
package/dist/common/provenance/storage.js.map +1 -0
package/dist/common/provenance/tracker.d.ts +57 -0
package/dist/common/provenance/tracker.d.ts.map +1 -0
package/dist/common/provenance/tracker.js +209 -0
package/dist/common/provenance/tracker.js.map +1 -0
package/dist/common/provenance/types.d.ts +146 -0
package/dist/common/provenance/types.d.ts.map +1 -0
package/dist/common/provenance/types.js +10 -0
package/dist/common/provenance/types.js.map +1 -0
package/dist/common/random.d.ts +84 -0
package/dist/common/random.d.ts.map +1 -0
package/dist/common/random.js +130 -0
package/dist/common/random.js.map +1 -0
package/dist/common/redaction.d.ts +49 -0
package/dist/common/redaction.d.ts.map +1 -0
package/dist/common/redaction.js +217 -0
package/dist/common/redaction.js.map +1 -0
package/dist/common/redis-cluster.d.ts +538 -0
package/dist/common/redis-cluster.d.ts.map +1 -0
package/dist/common/redis-cluster.js +1539 -0
package/dist/common/redis-cluster.js.map +1 -0
package/dist/common/redis-resilience.d.ts +270 -0
package/dist/common/redis-resilience.d.ts.map +1 -0
package/dist/common/redis-resilience.js +586 -0
package/dist/common/redis-resilience.js.map +1 -0
package/dist/common/redis.d.ts +19 -0
package/dist/common/redis.d.ts.map +1 -0
package/dist/common/redis.js +73 -0
package/dist/common/redis.js.map +1 -0
package/dist/common/secret-generator.d.ts +142 -0
package/dist/common/secret-generator.d.ts.map +1 -0
package/dist/common/secret-generator.js +286 -0
package/dist/common/secret-generator.js.map +1 -0
package/dist/common/security-mode.d.ts +101 -0
package/dist/common/security-mode.d.ts.map +1 -0
package/dist/common/security-mode.js +304 -0
package/dist/common/security-mode.js.map +1 -0
package/dist/common/telemetry/index.d.ts +82 -0
package/dist/common/telemetry/index.d.ts.map +1 -0
package/dist/common/telemetry/index.js +198 -0
package/dist/common/telemetry/index.js.map +1 -0
package/dist/common/telemetry/instrumentation.d.ts +167 -0
package/dist/common/telemetry/instrumentation.d.ts.map +1 -0
package/dist/common/telemetry/instrumentation.js +492 -0
package/dist/common/telemetry/instrumentation.js.map +1 -0
package/dist/common/telemetry/metrics-bridge.d.ts +227 -0
package/dist/common/telemetry/metrics-bridge.d.ts.map +1 -0
package/dist/common/telemetry/metrics-bridge.js +437 -0
package/dist/common/telemetry/metrics-bridge.js.map +1 -0
package/dist/common/telemetry/middleware.d.ts +114 -0
package/dist/common/telemetry/middleware.d.ts.map +1 -0
package/dist/common/telemetry/middleware.js +353 -0
package/dist/common/telemetry/middleware.js.map +1 -0
package/dist/common/telemetry/propagation.d.ts +221 -0
package/dist/common/telemetry/propagation.d.ts.map +1 -0
package/dist/common/telemetry/propagation.js +409 -0
package/dist/common/telemetry/propagation.js.map +1 -0
package/dist/common/telemetry/spans.d.ts +295 -0
package/dist/common/telemetry/spans.d.ts.map +1 -0
package/dist/common/telemetry/spans.js +439 -0
package/dist/common/telemetry/spans.js.map +1 -0
package/dist/common/telemetry/tracer.d.ts +155 -0
package/dist/common/telemetry/tracer.d.ts.map +1 -0
package/dist/common/telemetry/tracer.js +343 -0
package/dist/common/telemetry/tracer.js.map +1 -0
package/dist/common/telemetry.d.ts +15 -0
package/dist/common/telemetry.d.ts.map +1 -0
package/dist/common/telemetry.js +61 -0
package/dist/common/telemetry.js.map +1 -0
package/dist/common/tenant-verification.d.ts +86 -0
package/dist/common/tenant-verification.d.ts.map +1 -0
package/dist/common/tenant-verification.js +184 -0
package/dist/common/tenant-verification.js.map +1 -0
package/dist/common/timeout.d.ts +40 -0
package/dist/common/timeout.d.ts.map +1 -0
package/dist/common/timeout.js +82 -0
package/dist/common/timeout.js.map +1 -0
package/dist/common/token-revocation.d.ts +44 -0
package/dist/common/token-revocation.d.ts.map +1 -0
package/dist/common/token-revocation.js +169 -0
package/dist/common/token-revocation.js.map +1 -0
package/dist/common/trace.d.ts +149 -0
package/dist/common/trace.d.ts.map +1 -0
package/dist/common/trace.js +328 -0
package/dist/common/trace.js.map +1 -0
package/dist/common/trust-cache.d.ts +263 -0
package/dist/common/trust-cache.d.ts.map +1 -0
package/dist/common/trust-cache.js +670 -0
package/dist/common/trust-cache.js.map +1 -0
package/dist/common/types.d.ts +328 -0
package/dist/common/types.d.ts.map +1 -0
package/dist/common/types.js +55 -0
package/dist/common/types.js.map +1 -0
package/dist/common/validation.d.ts +113 -0
package/dist/common/validation.d.ts.map +1 -0
package/dist/common/validation.js +221 -0
package/dist/common/validation.js.map +1 -0
package/dist/compliance/export/evidence-collector.d.ts +252 -0
package/dist/compliance/export/evidence-collector.d.ts.map +1 -0
package/dist/compliance/export/evidence-collector.js +488 -0
package/dist/compliance/export/evidence-collector.js.map +1 -0
package/dist/compliance/export/hash-verifier.d.ts +181 -0
package/dist/compliance/export/hash-verifier.d.ts.map +1 -0
package/dist/compliance/export/hash-verifier.js +425 -0
package/dist/compliance/export/hash-verifier.js.map +1 -0
package/dist/compliance/export/index.d.ts +14 -0
package/dist/compliance/export/index.d.ts.map +1 -0
package/dist/compliance/export/index.js +41 -0
package/dist/compliance/export/index.js.map +1 -0
package/dist/compliance/export/report-generator.d.ts +264 -0
package/dist/compliance/export/report-generator.d.ts.map +1 -0
package/dist/compliance/export/report-generator.js +890 -0
package/dist/compliance/export/report-generator.js.map +1 -0
package/dist/compliance/export/scheduled-exports.d.ts +256 -0
package/dist/compliance/export/scheduled-exports.d.ts.map +1 -0
package/dist/compliance/export/scheduled-exports.js +545 -0
package/dist/compliance/export/scheduled-exports.js.map +1 -0
package/dist/compliance/export/service.d.ts +191 -0
package/dist/compliance/export/service.d.ts.map +1 -0
package/dist/compliance/export/service.js +382 -0
package/dist/compliance/export/service.js.map +1 -0
package/dist/compliance/fedramp/assessment.d.ts +654 -0
package/dist/compliance/fedramp/assessment.d.ts.map +1 -0
package/dist/compliance/fedramp/assessment.js +721 -0
package/dist/compliance/fedramp/assessment.js.map +1 -0
package/dist/compliance/fedramp/boundary.d.ts +932 -0
package/dist/compliance/fedramp/boundary.d.ts.map +1 -0
package/dist/compliance/fedramp/boundary.js +645 -0
package/dist/compliance/fedramp/boundary.js.map +1 -0
package/dist/compliance/fedramp/continuous-monitoring.d.ts +705 -0
package/dist/compliance/fedramp/continuous-monitoring.d.ts.map +1 -0
package/dist/compliance/fedramp/continuous-monitoring.js +616 -0
package/dist/compliance/fedramp/continuous-monitoring.js.map +1 -0
package/dist/compliance/fedramp/controls.d.ts +128 -0
package/dist/compliance/fedramp/controls.d.ts.map +1 -0
package/dist/compliance/fedramp/controls.js +1110 -0
package/dist/compliance/fedramp/controls.js.map +1 -0
package/dist/compliance/fedramp/incident-reporting.d.ts +1001 -0
package/dist/compliance/fedramp/incident-reporting.d.ts.map +1 -0
package/dist/compliance/fedramp/incident-reporting.js +764 -0
package/dist/compliance/fedramp/incident-reporting.js.map +1 -0
package/dist/compliance/fedramp/index.d.ts +87 -0
package/dist/compliance/fedramp/index.d.ts.map +1 -0
package/dist/compliance/fedramp/index.js +192 -0
package/dist/compliance/fedramp/index.js.map +1 -0
package/dist/compliance/fedramp/metrics.d.ts +288 -0
package/dist/compliance/fedramp/metrics.d.ts.map +1 -0
package/dist/compliance/fedramp/metrics.js +560 -0
package/dist/compliance/fedramp/metrics.js.map +1 -0
package/dist/compliance/fedramp/poam.d.ts +635 -0
package/dist/compliance/fedramp/poam.d.ts.map +1 -0
package/dist/compliance/fedramp/poam.js +602 -0
package/dist/compliance/fedramp/poam.js.map +1 -0
package/dist/compliance/fedramp/ssp-generator.d.ts +368 -0
package/dist/compliance/fedramp/ssp-generator.d.ts.map +1 -0
package/dist/compliance/fedramp/ssp-generator.js +543 -0
package/dist/compliance/fedramp/ssp-generator.js.map +1 -0
package/dist/compliance/frameworks/nist-800-53.d.ts +35 -0
package/dist/compliance/frameworks/nist-800-53.d.ts.map +1 -0
package/dist/compliance/frameworks/nist-800-53.js +892 -0
package/dist/compliance/frameworks/nist-800-53.js.map +1 -0
package/dist/compliance/frameworks/pci-dss.d.ts +407 -0
package/dist/compliance/frameworks/pci-dss.d.ts.map +1 -0
package/dist/compliance/frameworks/pci-dss.js +1873 -0
package/dist/compliance/frameworks/pci-dss.js.map +1 -0
package/dist/compliance/frameworks/soc2.d.ts +42 -0
package/dist/compliance/frameworks/soc2.d.ts.map +1 -0
package/dist/compliance/frameworks/soc2.js +669 -0
package/dist/compliance/frameworks/soc2.js.map +1 -0
package/dist/compliance/gdpr/data-transfers.d.ts +493 -0
package/dist/compliance/gdpr/data-transfers.d.ts.map +1 -0
package/dist/compliance/gdpr/data-transfers.js +1242 -0
package/dist/compliance/gdpr/data-transfers.js.map +1 -0
package/dist/compliance/gdpr/index.d.ts +7 -0
package/dist/compliance/gdpr/index.d.ts.map +1 -0
package/dist/compliance/gdpr/index.js +7 -0
package/dist/compliance/gdpr/index.js.map +1 -0
package/dist/compliance/index.d.ts +148 -0
package/dist/compliance/index.d.ts.map +1 -0
package/dist/compliance/index.js +532 -0
package/dist/compliance/index.js.map +1 -0
package/dist/compliance/reports.d.ts +141 -0
package/dist/compliance/reports.d.ts.map +1 -0
package/dist/compliance/reports.js +495 -0
package/dist/compliance/reports.js.map +1 -0
package/dist/compliance/retention/index.d.ts +19 -0
package/dist/compliance/retention/index.d.ts.map +1 -0
package/dist/compliance/retention/index.js +46 -0
package/dist/compliance/retention/index.js.map +1 -0
package/dist/compliance/retention/retention-enforcer.d.ts +128 -0
package/dist/compliance/retention/retention-enforcer.d.ts.map +1 -0
package/dist/compliance/retention/retention-enforcer.js +695 -0
package/dist/compliance/retention/retention-enforcer.js.map +1 -0
package/dist/compliance/retention/retention-policy.d.ts +307 -0
package/dist/compliance/retention/retention-policy.d.ts.map +1 -0
package/dist/compliance/retention/retention-policy.js +102 -0
package/dist/compliance/retention/retention-policy.js.map +1 -0
package/dist/compliance/retention/retention-scheduler.d.ts +124 -0
package/dist/compliance/retention/retention-scheduler.d.ts.map +1 -0
package/dist/compliance/retention/retention-scheduler.js +391 -0
package/dist/compliance/retention/retention-scheduler.js.map +1 -0
package/dist/compliance/types.d.ts +1162 -0
package/dist/compliance/types.d.ts.map +1 -0
package/dist/compliance/types.js +191 -0
package/dist/compliance/types.js.map +1 -0
package/dist/db/migration-checker.d.ts +183 -0
package/dist/db/migration-checker.d.ts.map +1 -0
package/dist/db/migration-checker.js +680 -0
package/dist/db/migration-checker.js.map +1 -0
package/dist/db/schema/api-keys.d.ts +506 -0
package/dist/db/schema/api-keys.d.ts.map +1 -0
package/dist/db/schema/api-keys.js +98 -0
package/dist/db/schema/api-keys.js.map +1 -0
package/dist/db/schema/escalations.d.ts +554 -0
package/dist/db/schema/escalations.d.ts.map +1 -0
package/dist/db/schema/escalations.js +97 -0
package/dist/db/schema/escalations.js.map +1 -0
package/dist/db/schema/index.d.ts +19 -0
package/dist/db/schema/index.d.ts.map +1 -0
package/dist/db/schema/index.js +19 -0
package/dist/db/schema/index.js.map +1 -0
package/dist/db/schema/intents.d.ts +535 -0
package/dist/db/schema/intents.d.ts.map +1 -0
package/dist/db/schema/intents.js +90 -0
package/dist/db/schema/intents.js.map +1 -0
package/dist/db/schema/merkle.d.ts +475 -0
package/dist/db/schema/merkle.d.ts.map +1 -0
package/dist/db/schema/merkle.js +100 -0
package/dist/db/schema/merkle.js.map +1 -0
package/dist/db/schema/operations.d.ts +256 -0
package/dist/db/schema/operations.d.ts.map +1 -0
package/dist/db/schema/operations.js +65 -0
package/dist/db/schema/operations.js.map +1 -0
package/dist/db/schema/policy-versions.d.ts +149 -0
package/dist/db/schema/policy-versions.d.ts.map +1 -0
package/dist/db/schema/policy-versions.js +40 -0
package/dist/db/schema/policy-versions.js.map +1 -0
package/dist/db/schema/proofs.d.ts +412 -0
package/dist/db/schema/proofs.d.ts.map +1 -0
package/dist/db/schema/proofs.js +63 -0
package/dist/db/schema/proofs.js.map +1 -0
package/dist/db/schema/service-accounts.d.ts +783 -0
package/dist/db/schema/service-accounts.d.ts.map +1 -0
package/dist/db/schema/service-accounts.js +176 -0
package/dist/db/schema/service-accounts.js.map +1 -0
package/dist/db/schema/trust.d.ts +593 -0
package/dist/db/schema/trust.d.ts.map +1 -0
package/dist/db/schema/trust.js +98 -0
package/dist/db/schema/trust.js.map +1 -0
package/dist/db/schema/users.d.ts +487 -0
package/dist/db/schema/users.d.ts.map +1 -0
package/dist/db/schema/users.js +133 -0
package/dist/db/schema/users.js.map +1 -0
package/dist/db/schema/webhooks.d.ts +382 -0
package/dist/db/schema/webhooks.d.ts.map +1 -0
package/dist/db/schema/webhooks.js +91 -0
package/dist/db/schema/webhooks.js.map +1 -0
package/dist/enforce/constraint-evaluator.d.ts +385 -0
package/dist/enforce/constraint-evaluator.d.ts.map +1 -0
package/dist/enforce/constraint-evaluator.js +648 -0
package/dist/enforce/constraint-evaluator.js.map +1 -0
package/dist/enforce/decision-aggregator.d.ts +269 -0
package/dist/enforce/decision-aggregator.d.ts.map +1 -0
package/dist/enforce/decision-aggregator.js +560 -0
package/dist/enforce/decision-aggregator.js.map +1 -0
package/dist/enforce/escalation-rules.d.ts +411 -0
package/dist/enforce/escalation-rules.d.ts.map +1 -0
package/dist/enforce/escalation-rules.js +681 -0
package/dist/enforce/escalation-rules.js.map +1 -0
package/dist/enforce/index.d.ts +175 -0
package/dist/enforce/index.d.ts.map +1 -0
package/dist/enforce/index.js +402 -0
package/dist/enforce/index.js.map +1 -0
package/dist/enforce/policy-engine.d.ts +390 -0
package/dist/enforce/policy-engine.d.ts.map +1 -0
package/dist/enforce/policy-engine.js +652 -0
package/dist/enforce/policy-engine.js.map +1 -0
package/dist/enforce/runtime-config.d.ts +387 -0
package/dist/enforce/runtime-config.d.ts.map +1 -0
package/dist/enforce/runtime-config.js +709 -0
package/dist/enforce/runtime-config.js.map +1 -0
package/dist/index.d.ts +63 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +74 -0
package/dist/index.js.map +1 -0
package/dist/intent/audit.d.ts +119 -0
package/dist/intent/audit.d.ts.map +1 -0
package/dist/intent/audit.js +457 -0
package/dist/intent/audit.js.map +1 -0
package/dist/intent/classifier/index.d.ts +121 -0
package/dist/intent/classifier/index.d.ts.map +1 -0
package/dist/intent/classifier/index.js +232 -0
package/dist/intent/classifier/index.js.map +1 -0
package/dist/intent/classifier/patterns.d.ts +129 -0
package/dist/intent/classifier/patterns.d.ts.map +1 -0
package/dist/intent/classifier/patterns.js +471 -0
package/dist/intent/classifier/patterns.js.map +1 -0
package/dist/intent/classifier/risk.d.ts +177 -0
package/dist/intent/classifier/risk.d.ts.map +1 -0
package/dist/intent/classifier/risk.js +335 -0
package/dist/intent/classifier/risk.js.map +1 -0
package/dist/intent/cleanup.d.ts +24 -0
package/dist/intent/cleanup.d.ts.map +1 -0
package/dist/intent/cleanup.js +104 -0
package/dist/intent/cleanup.js.map +1 -0
package/dist/intent/consent.d.ts +238 -0
package/dist/intent/consent.d.ts.map +1 -0
package/dist/intent/consent.js +427 -0
package/dist/intent/consent.js.map +1 -0
package/dist/intent/escalation.d.ts +208 -0
package/dist/intent/escalation.d.ts.map +1 -0
package/dist/intent/escalation.js +550 -0
package/dist/intent/escalation.js.map +1 -0
package/dist/intent/gdpr.d.ts +245 -0
package/dist/intent/gdpr.d.ts.map +1 -0
package/dist/intent/gdpr.js +580 -0
package/dist/intent/gdpr.js.map +1 -0
package/dist/intent/health.d.ts +214 -0
package/dist/intent/health.d.ts.map +1 -0
package/dist/intent/health.js +526 -0
package/dist/intent/health.js.map +1 -0
package/dist/intent/index.d.ts +447 -0
package/dist/intent/index.d.ts.map +1 -0
package/dist/intent/index.js +685 -0
package/dist/intent/index.js.map +1 -0
package/dist/intent/metrics.d.ts +391 -0
package/dist/intent/metrics.d.ts.map +1 -0
package/dist/intent/metrics.js +885 -0
package/dist/intent/metrics.js.map +1 -0
package/dist/intent/openapi.d.ts +22 -0
package/dist/intent/openapi.d.ts.map +1 -0
package/dist/intent/openapi.js +1674 -0
package/dist/intent/openapi.js.map +1 -0
package/dist/intent/planner/dependency.d.ts +78 -0
package/dist/intent/planner/dependency.d.ts.map +1 -0
package/dist/intent/planner/dependency.js +334 -0
package/dist/intent/planner/dependency.js.map +1 -0
package/dist/intent/planner/index.d.ts +157 -0
package/dist/intent/planner/index.d.ts.map +1 -0
package/dist/intent/planner/index.js +372 -0
package/dist/intent/planner/index.js.map +1 -0
package/dist/intent/planner/rollback.d.ts +92 -0
package/dist/intent/planner/rollback.d.ts.map +1 -0
package/dist/intent/planner/rollback.js +326 -0
package/dist/intent/planner/rollback.js.map +1 -0
package/dist/intent/planner/templates.d.ts +81 -0
package/dist/intent/planner/templates.d.ts.map +1 -0
package/dist/intent/planner/templates.js +560 -0
package/dist/intent/planner/templates.js.map +1 -0
package/dist/intent/queue.d.ts +150 -0
package/dist/intent/queue.d.ts.map +1 -0
package/dist/intent/queue.js +339 -0
package/dist/intent/queue.js.map +1 -0
package/dist/intent/queues.d.ts +176 -0
package/dist/intent/queues.d.ts.map +1 -0
package/dist/intent/queues.js +1382 -0
package/dist/intent/queues.js.map +1 -0
package/dist/intent/ratelimit.d.ts +147 -0
package/dist/intent/ratelimit.d.ts.map +1 -0
package/dist/intent/ratelimit.js +301 -0
package/dist/intent/ratelimit.js.map +1 -0
package/dist/intent/replay/comparator.d.ts +148 -0
package/dist/intent/replay/comparator.d.ts.map +1 -0
package/dist/intent/replay/comparator.js +320 -0
package/dist/intent/replay/comparator.js.map +1 -0
package/dist/intent/replay/index.d.ts +159 -0
package/dist/intent/replay/index.d.ts.map +1 -0
package/dist/intent/replay/index.js +486 -0
package/dist/intent/replay/index.js.map +1 -0
package/dist/intent/replay/simulator.d.ts +184 -0
package/dist/intent/replay/simulator.d.ts.map +1 -0
package/dist/intent/replay/simulator.js +510 -0
package/dist/intent/replay/simulator.js.map +1 -0
package/dist/intent/replay/snapshot.d.ts +149 -0
package/dist/intent/replay/snapshot.d.ts.map +1 -0
package/dist/intent/replay/snapshot.js +245 -0
package/dist/intent/replay/snapshot.js.map +1 -0
package/dist/intent/repository.d.ts +198 -0
package/dist/intent/repository.d.ts.map +1 -0
package/dist/intent/repository.js +526 -0
package/dist/intent/repository.js.map +1 -0
package/dist/intent/response-middleware.d.ts +156 -0
package/dist/intent/response-middleware.d.ts.map +1 -0
package/dist/intent/response-middleware.js +337 -0
package/dist/intent/response-middleware.js.map +1 -0
package/dist/intent/response.d.ts +267 -0
package/dist/intent/response.d.ts.map +1 -0
package/dist/intent/response.js +402 -0
package/dist/intent/response.js.map +1 -0
package/dist/intent/routes.d.ts +35 -0
package/dist/intent/routes.d.ts.map +1 -0
package/dist/intent/routes.js +801 -0
package/dist/intent/routes.js.map +1 -0
package/dist/intent/scheduler.d.ts +45 -0
package/dist/intent/scheduler.d.ts.map +1 -0
package/dist/intent/scheduler.js +221 -0
package/dist/intent/scheduler.js.map +1 -0
package/dist/intent/schema.d.ts +2997 -0
package/dist/intent/schema.d.ts.map +1 -0
package/dist/intent/schema.js +447 -0
package/dist/intent/schema.js.map +1 -0
package/dist/intent/shutdown.d.ts +145 -0
package/dist/intent/shutdown.d.ts.map +1 -0
package/dist/intent/shutdown.js +468 -0
package/dist/intent/shutdown.js.map +1 -0
package/dist/intent/state-machine.d.ts +111 -0
package/dist/intent/state-machine.d.ts.map +1 -0
package/dist/intent/state-machine.js +242 -0
package/dist/intent/state-machine.js.map +1 -0
package/dist/intent/tracing.d.ts +152 -0
package/dist/intent/tracing.d.ts.map +1 -0
package/dist/intent/tracing.js +658 -0
package/dist/intent/tracing.js.map +1 -0
package/dist/intent/types.d.ts +175 -0
package/dist/intent/types.d.ts.map +1 -0
package/dist/intent/types.js +25 -0
package/dist/intent/types.js.map +1 -0
package/dist/intent/webhooks/delivery-repository.d.ts +80 -0
package/dist/intent/webhooks/delivery-repository.d.ts.map +1 -0
package/dist/intent/webhooks/delivery-repository.js +251 -0
package/dist/intent/webhooks/delivery-repository.js.map +1 -0
package/dist/intent/webhooks/dns-pinning.d.ts +30 -0
package/dist/intent/webhooks/dns-pinning.d.ts.map +1 -0
package/dist/intent/webhooks/dns-pinning.js +69 -0
package/dist/intent/webhooks/dns-pinning.js.map +1 -0
package/dist/intent/webhooks/index.d.ts +14 -0
package/dist/intent/webhooks/index.d.ts.map +1 -0
package/dist/intent/webhooks/index.js +17 -0
package/dist/intent/webhooks/index.js.map +1 -0
package/dist/intent/webhooks/signature.d.ts +47 -0
package/dist/intent/webhooks/signature.d.ts.map +1 -0
package/dist/intent/webhooks/signature.js +80 -0
package/dist/intent/webhooks/signature.js.map +1 -0
package/dist/intent/webhooks/ssrf-protection.d.ts +29 -0
package/dist/intent/webhooks/ssrf-protection.d.ts.map +1 -0
package/dist/intent/webhooks/ssrf-protection.js +161 -0
package/dist/intent/webhooks/ssrf-protection.js.map +1 -0
package/dist/intent/webhooks/types.d.ts +132 -0
package/dist/intent/webhooks/types.d.ts.map +1 -0
package/dist/intent/webhooks/types.js +14 -0
package/dist/intent/webhooks/types.js.map +1 -0
package/dist/intent/webhooks.d.ts +610 -0
package/dist/intent/webhooks.d.ts.map +1 -0
package/dist/intent/webhooks.js +1793 -0
package/dist/intent/webhooks.js.map +1 -0
package/dist/policy/diff.d.ts +88 -0
package/dist/policy/diff.d.ts.map +1 -0
package/dist/policy/diff.js +325 -0
package/dist/policy/diff.js.map +1 -0
package/dist/policy/evaluator.d.ts +102 -0
package/dist/policy/evaluator.d.ts.map +1 -0
package/dist/policy/evaluator.js +647 -0
package/dist/policy/evaluator.js.map +1 -0
package/dist/policy/index.d.ts +16 -0
package/dist/policy/index.d.ts.map +1 -0
package/dist/policy/index.js +19 -0
package/dist/policy/index.js.map +1 -0
package/dist/policy/loader.d.ts +63 -0
package/dist/policy/loader.d.ts.map +1 -0
package/dist/policy/loader.js +173 -0
package/dist/policy/loader.js.map +1 -0
package/dist/policy/service.d.ts +150 -0
package/dist/policy/service.d.ts.map +1 -0
package/dist/policy/service.js +782 -0
package/dist/policy/service.js.map +1 -0
package/dist/policy/types.d.ts +220 -0
package/dist/policy/types.d.ts.map +1 -0
package/dist/policy/types.js +36 -0
package/dist/policy/types.js.map +1 -0
package/dist/proof/hybrid-signing.d.ts +82 -0
package/dist/proof/hybrid-signing.d.ts.map +1 -0
package/dist/proof/hybrid-signing.js +239 -0
package/dist/proof/hybrid-signing.js.map +1 -0
package/dist/proof/index.d.ts +203 -0
package/dist/proof/index.d.ts.map +1 -0
package/dist/proof/index.js +610 -0
package/dist/proof/index.js.map +1 -0
package/dist/proof/merkle-service.d.ts +194 -0
package/dist/proof/merkle-service.d.ts.map +1 -0
package/dist/proof/merkle-service.js +463 -0
package/dist/proof/merkle-service.js.map +1 -0
package/dist/proof/merkle.d.ts +118 -0
package/dist/proof/merkle.d.ts.map +1 -0
package/dist/proof/merkle.js +265 -0
package/dist/proof/merkle.js.map +1 -0
package/dist/security/ai-governance/access-policy.d.ts +197 -0
package/dist/security/ai-governance/access-policy.d.ts.map +1 -0
package/dist/security/ai-governance/access-policy.js +522 -0
package/dist/security/ai-governance/access-policy.js.map +1 -0
package/dist/security/ai-governance/audit-trail.d.ts +241 -0
package/dist/security/ai-governance/audit-trail.d.ts.map +1 -0
package/dist/security/ai-governance/audit-trail.js +645 -0
package/dist/security/ai-governance/audit-trail.js.map +1 -0
package/dist/security/ai-governance/bias-detection.d.ts +221 -0
package/dist/security/ai-governance/bias-detection.d.ts.map +1 -0
package/dist/security/ai-governance/bias-detection.js +615 -0
package/dist/security/ai-governance/bias-detection.js.map +1 -0
package/dist/security/ai-governance/index.d.ts +92 -0
package/dist/security/ai-governance/index.d.ts.map +1 -0
package/dist/security/ai-governance/index.js +184 -0
package/dist/security/ai-governance/index.js.map +1 -0
package/dist/security/ai-governance/middleware.d.ts +110 -0
package/dist/security/ai-governance/middleware.d.ts.map +1 -0
package/dist/security/ai-governance/middleware.js +359 -0
package/dist/security/ai-governance/middleware.js.map +1 -0
package/dist/security/ai-governance/model-registry.d.ts +229 -0
package/dist/security/ai-governance/model-registry.d.ts.map +1 -0
package/dist/security/ai-governance/model-registry.js +535 -0
package/dist/security/ai-governance/model-registry.js.map +1 -0
package/dist/security/ai-governance/output-filter.d.ts +150 -0
package/dist/security/ai-governance/output-filter.d.ts.map +1 -0
package/dist/security/ai-governance/output-filter.js +561 -0
package/dist/security/ai-governance/output-filter.js.map +1 -0
package/dist/security/ai-governance/prompt-injection.d.ts +153 -0
package/dist/security/ai-governance/prompt-injection.d.ts.map +1 -0
package/dist/security/ai-governance/prompt-injection.js +614 -0
package/dist/security/ai-governance/prompt-injection.js.map +1 -0
package/dist/security/ai-governance/rate-limiter.d.ts +156 -0
package/dist/security/ai-governance/rate-limiter.d.ts.map +1 -0
package/dist/security/ai-governance/rate-limiter.js +541 -0
package/dist/security/ai-governance/rate-limiter.js.map +1 -0
package/dist/security/ai-governance/types.d.ts +594 -0
package/dist/security/ai-governance/types.d.ts.map +1 -0
package/dist/security/ai-governance/types.js +6 -0
package/dist/security/ai-governance/types.js.map +1 -0
package/dist/security/alerting/channels/base.d.ts +91 -0
package/dist/security/alerting/channels/base.d.ts.map +1 -0
package/dist/security/alerting/channels/base.js +128 -0
package/dist/security/alerting/channels/base.js.map +1 -0
package/dist/security/alerting/channels/email.d.ts +92 -0
package/dist/security/alerting/channels/email.d.ts.map +1 -0
package/dist/security/alerting/channels/email.js +418 -0
package/dist/security/alerting/channels/email.js.map +1 -0
package/dist/security/alerting/channels/http-base.d.ts +86 -0
package/dist/security/alerting/channels/http-base.d.ts.map +1 -0
package/dist/security/alerting/channels/http-base.js +133 -0
package/dist/security/alerting/channels/http-base.js.map +1 -0
package/dist/security/alerting/channels/index.d.ts +30 -0
package/dist/security/alerting/channels/index.d.ts.map +1 -0
package/dist/security/alerting/channels/index.js +22 -0
package/dist/security/alerting/channels/index.js.map +1 -0
package/dist/security/alerting/channels/pagerduty.d.ts +70 -0
package/dist/security/alerting/channels/pagerduty.d.ts.map +1 -0
package/dist/security/alerting/channels/pagerduty.js +248 -0
package/dist/security/alerting/channels/pagerduty.js.map +1 -0
package/dist/security/alerting/channels/slack.d.ts +55 -0
package/dist/security/alerting/channels/slack.d.ts.map +1 -0
package/dist/security/alerting/channels/slack.js +215 -0
package/dist/security/alerting/channels/slack.js.map +1 -0
package/dist/security/alerting/channels/sns.d.ts +87 -0
package/dist/security/alerting/channels/sns.d.ts.map +1 -0
package/dist/security/alerting/channels/sns.js +251 -0
package/dist/security/alerting/channels/sns.js.map +1 -0
package/dist/security/alerting/channels/webhook.d.ts +92 -0
package/dist/security/alerting/channels/webhook.d.ts.map +1 -0
package/dist/security/alerting/channels/webhook.js +203 -0
package/dist/security/alerting/channels/webhook.js.map +1 -0
package/dist/security/alerting/detector.d.ts +217 -0
package/dist/security/alerting/detector.d.ts.map +1 -0
package/dist/security/alerting/detector.js +725 -0
package/dist/security/alerting/detector.js.map +1 -0
package/dist/security/alerting/index.d.ts +57 -0
package/dist/security/alerting/index.d.ts.map +1 -0
package/dist/security/alerting/index.js +214 -0
package/dist/security/alerting/index.js.map +1 -0
package/dist/security/alerting/service.d.ts +190 -0
package/dist/security/alerting/service.d.ts.map +1 -0
package/dist/security/alerting/service.js +815 -0
package/dist/security/alerting/service.js.map +1 -0
package/dist/security/alerting/types.d.ts +2165 -0
package/dist/security/alerting/types.d.ts.map +1 -0
package/dist/security/alerting/types.js +278 -0
package/dist/security/alerting/types.js.map +1 -0
package/dist/security/anomaly/detectors/account-compromise.d.ts +198 -0
package/dist/security/anomaly/detectors/account-compromise.d.ts.map +1 -0
package/dist/security/anomaly/detectors/account-compromise.js +815 -0
package/dist/security/anomaly/detectors/account-compromise.js.map +1 -0
package/dist/security/anomaly/detectors/data-exfiltration.d.ts +175 -0
package/dist/security/anomaly/detectors/data-exfiltration.d.ts.map +1 -0
package/dist/security/anomaly/detectors/data-exfiltration.js +733 -0
package/dist/security/anomaly/detectors/data-exfiltration.js.map +1 -0
package/dist/security/anomaly/detectors/geographic.d.ts +100 -0
package/dist/security/anomaly/detectors/geographic.d.ts.map +1 -0
package/dist/security/anomaly/detectors/geographic.js +348 -0
package/dist/security/anomaly/detectors/geographic.js.map +1 -0
package/dist/security/anomaly/detectors/index.d.ts +86 -0
package/dist/security/anomaly/detectors/index.d.ts.map +1 -0
package/dist/security/anomaly/detectors/index.js +118 -0
package/dist/security/anomaly/detectors/index.js.map +1 -0
package/dist/security/anomaly/detectors/lateral-movement.d.ts +168 -0
package/dist/security/anomaly/detectors/lateral-movement.d.ts.map +1 -0
package/dist/security/anomaly/detectors/lateral-movement.js +795 -0
package/dist/security/anomaly/detectors/lateral-movement.js.map +1 -0
package/dist/security/anomaly/detectors/privilege-escalation.d.ts +177 -0
package/dist/security/anomaly/detectors/privilege-escalation.d.ts.map +1 -0
package/dist/security/anomaly/detectors/privilege-escalation.js +741 -0
package/dist/security/anomaly/detectors/privilege-escalation.js.map +1 -0
package/dist/security/anomaly/detectors/temporal.d.ts +71 -0
package/dist/security/anomaly/detectors/temporal.d.ts.map +1 -0
package/dist/security/anomaly/detectors/temporal.js +398 -0
package/dist/security/anomaly/detectors/temporal.js.map +1 -0
package/dist/security/anomaly/detectors/volume.d.ts +97 -0
package/dist/security/anomaly/detectors/volume.d.ts.map +1 -0
package/dist/security/anomaly/detectors/volume.js +424 -0
package/dist/security/anomaly/detectors/volume.js.map +1 -0
package/dist/security/anomaly/index.d.ts +128 -0
package/dist/security/anomaly/index.d.ts.map +1 -0
package/dist/security/anomaly/index.js +378 -0
package/dist/security/anomaly/index.js.map +1 -0
package/dist/security/anomaly/types.d.ts +1209 -0
package/dist/security/anomaly/types.d.ts.map +1 -0
package/dist/security/anomaly/types.js +193 -0
package/dist/security/anomaly/types.js.map +1 -0
package/dist/security/api-keys/cache.d.ts +255 -0
package/dist/security/api-keys/cache.d.ts.map +1 -0
package/dist/security/api-keys/cache.js +595 -0
package/dist/security/api-keys/cache.js.map +1 -0
package/dist/security/api-keys/db-store.d.ts +150 -0
package/dist/security/api-keys/db-store.d.ts.map +1 -0
package/dist/security/api-keys/db-store.js +694 -0
package/dist/security/api-keys/db-store.js.map +1 -0
package/dist/security/api-keys/index.d.ts +29 -0
package/dist/security/api-keys/index.d.ts.map +1 -0
package/dist/security/api-keys/index.js +81 -0
package/dist/security/api-keys/index.js.map +1 -0
package/dist/security/api-keys/middleware.d.ts +164 -0
package/dist/security/api-keys/middleware.d.ts.map +1 -0
package/dist/security/api-keys/middleware.js +392 -0
package/dist/security/api-keys/middleware.js.map +1 -0
package/dist/security/api-keys/service.d.ts +226 -0
package/dist/security/api-keys/service.d.ts.map +1 -0
package/dist/security/api-keys/service.js +861 -0
package/dist/security/api-keys/service.js.map +1 -0
package/dist/security/api-keys/store.d.ts +241 -0
package/dist/security/api-keys/store.d.ts.map +1 -0
package/dist/security/api-keys/store.js +360 -0
package/dist/security/api-keys/store.js.map +1 -0
package/dist/security/api-keys/types.d.ts +718 -0
package/dist/security/api-keys/types.d.ts.map +1 -0
package/dist/security/api-keys/types.js +162 -0
package/dist/security/api-keys/types.js.map +1 -0
package/dist/security/brute-force.d.ts +390 -0
package/dist/security/brute-force.d.ts.map +1 -0
package/dist/security/brute-force.js +677 -0
package/dist/security/brute-force.js.map +1 -0
package/dist/security/config-validator.d.ts +152 -0
package/dist/security/config-validator.d.ts.map +1 -0
package/dist/security/config-validator.js +667 -0
package/dist/security/config-validator.js.map +1 -0
package/dist/security/crypto/fips-mode.d.ts +772 -0
package/dist/security/crypto/fips-mode.d.ts.map +1 -0
package/dist/security/crypto/fips-mode.js +1363 -0
package/dist/security/crypto/fips-mode.js.map +1 -0
package/dist/security/crypto/index.d.ts +202 -0
package/dist/security/crypto/index.d.ts.map +1 -0
package/dist/security/crypto/index.js +292 -0
package/dist/security/crypto/index.js.map +1 -0
package/dist/security/crypto/post-quantum/benchmark.d.ts +125 -0
package/dist/security/crypto/post-quantum/benchmark.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/benchmark.js +530 -0
package/dist/security/crypto/post-quantum/benchmark.js.map +1 -0
package/dist/security/crypto/post-quantum/dilithium.d.ts +144 -0
package/dist/security/crypto/post-quantum/dilithium.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/dilithium.js +675 -0
package/dist/security/crypto/post-quantum/dilithium.js.map +1 -0
package/dist/security/crypto/post-quantum/hybrid.d.ts +267 -0
package/dist/security/crypto/post-quantum/hybrid.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/hybrid.js +457 -0
package/dist/security/crypto/post-quantum/hybrid.js.map +1 -0
package/dist/security/crypto/post-quantum/index.d.ts +166 -0
package/dist/security/crypto/post-quantum/index.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/index.js +236 -0
package/dist/security/crypto/post-quantum/index.js.map +1 -0
package/dist/security/crypto/post-quantum/kyber.d.ts +129 -0
package/dist/security/crypto/post-quantum/kyber.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/kyber.js +649 -0
package/dist/security/crypto/post-quantum/kyber.js.map +1 -0
package/dist/security/crypto/post-quantum/migration.d.ts +230 -0
package/dist/security/crypto/post-quantum/migration.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/migration.js +563 -0
package/dist/security/crypto/post-quantum/migration.js.map +1 -0
package/dist/security/crypto/post-quantum/types.d.ts +1056 -0
package/dist/security/crypto/post-quantum/types.d.ts.map +1 -0
package/dist/security/crypto/post-quantum/types.js +350 -0
package/dist/security/crypto/post-quantum/types.js.map +1 -0
package/dist/security/crypto/shamir/comparison.d.ts +128 -0
package/dist/security/crypto/shamir/comparison.d.ts.map +1 -0
package/dist/security/crypto/shamir/comparison.js +423 -0
package/dist/security/crypto/shamir/comparison.js.map +1 -0
package/dist/security/crypto/shamir/index.d.ts +76 -0
package/dist/security/crypto/shamir/index.d.ts.map +1 -0
package/dist/security/crypto/shamir/index.js +155 -0
package/dist/security/crypto/shamir/index.js.map +1 -0
package/dist/security/crypto/shamir/proofs.d.ts +259 -0
package/dist/security/crypto/shamir/proofs.d.ts.map +1 -0
package/dist/security/crypto/shamir/proofs.js +605 -0
package/dist/security/crypto/shamir/proofs.js.map +1 -0
package/dist/security/crypto/shamir/property-tests.d.ts +104 -0
package/dist/security/crypto/shamir/property-tests.d.ts.map +1 -0
package/dist/security/crypto/shamir/property-tests.js +480 -0
package/dist/security/crypto/shamir/property-tests.js.map +1 -0
package/dist/security/crypto/shamir/security-analysis.d.ts +97 -0
package/dist/security/crypto/shamir/security-analysis.d.ts.map +1 -0
package/dist/security/crypto/shamir/security-analysis.js +503 -0
package/dist/security/crypto/shamir/security-analysis.js.map +1 -0
package/dist/security/crypto/shamir/test-vectors.d.ts +116 -0
package/dist/security/crypto/shamir/test-vectors.d.ts.map +1 -0
package/dist/security/crypto/shamir/test-vectors.js +377 -0
package/dist/security/crypto/shamir/test-vectors.js.map +1 -0
package/dist/security/crypto/shamir/types.d.ts +281 -0
package/dist/security/crypto/shamir/types.d.ts.map +1 -0
package/dist/security/crypto/shamir/types.js +82 -0
package/dist/security/crypto/shamir/types.js.map +1 -0
package/dist/security/crypto/shamir/verified-shamir.d.ts +170 -0
package/dist/security/crypto/shamir/verified-shamir.d.ts.map +1 -0
package/dist/security/crypto/shamir/verified-shamir.js +624 -0
package/dist/security/crypto/shamir/verified-shamir.js.map +1 -0
package/dist/security/csrf.d.ts +215 -0
package/dist/security/csrf.d.ts.map +1 -0
package/dist/security/csrf.js +467 -0
package/dist/security/csrf.js.map +1 -0
package/dist/security/distributed-state.d.ts +331 -0
package/dist/security/distributed-state.d.ts.map +1 -0
package/dist/security/distributed-state.js +768 -0
package/dist/security/distributed-state.js.map +1 -0
package/dist/security/dlp/index.d.ts +27 -0
package/dist/security/dlp/index.d.ts.map +1 -0
package/dist/security/dlp/index.js +54 -0
package/dist/security/dlp/index.js.map +1 -0
package/dist/security/dlp/scanner.d.ts +451 -0
package/dist/security/dlp/scanner.d.ts.map +1 -0
package/dist/security/dlp/scanner.js +1241 -0
package/dist/security/dlp/scanner.js.map +1 -0
package/dist/security/dpop.d.ts +260 -0
package/dist/security/dpop.d.ts.map +1 -0
package/dist/security/dpop.js +1058 -0
package/dist/security/dpop.js.map +1 -0
package/dist/security/encryption/decorators.d.ts +263 -0
package/dist/security/encryption/decorators.d.ts.map +1 -0
package/dist/security/encryption/decorators.js +359 -0
package/dist/security/encryption/decorators.js.map +1 -0
package/dist/security/encryption/index.d.ts +83 -0
package/dist/security/encryption/index.d.ts.map +1 -0
package/dist/security/encryption/index.js +140 -0
package/dist/security/encryption/index.js.map +1 -0
package/dist/security/encryption/key-provider.d.ts +335 -0
package/dist/security/encryption/key-provider.d.ts.map +1 -0
package/dist/security/encryption/key-provider.js +853 -0
package/dist/security/encryption/key-provider.js.map +1 -0
package/dist/security/encryption/middleware.d.ts +279 -0
package/dist/security/encryption/middleware.d.ts.map +1 -0
package/dist/security/encryption/middleware.js +493 -0
package/dist/security/encryption/middleware.js.map +1 -0
package/dist/security/encryption/service.d.ts +164 -0
package/dist/security/encryption/service.d.ts.map +1 -0
package/dist/security/encryption/service.js +623 -0
package/dist/security/encryption/service.js.map +1 -0
package/dist/security/encryption/types.d.ts +745 -0
package/dist/security/encryption/types.d.ts.map +1 -0
package/dist/security/encryption/types.js +229 -0
package/dist/security/encryption/types.js.map +1 -0
package/dist/security/error-sanitizer.d.ts +329 -0
package/dist/security/error-sanitizer.d.ts.map +1 -0
package/dist/security/error-sanitizer.js +693 -0
package/dist/security/error-sanitizer.js.map +1 -0
package/dist/security/fingerprint-service.d.ts +139 -0
package/dist/security/fingerprint-service.d.ts.map +1 -0
package/dist/security/fingerprint-service.js +240 -0
package/dist/security/fingerprint-service.js.map +1 -0
package/dist/security/headers/csp.d.ts +270 -0
package/dist/security/headers/csp.d.ts.map +1 -0
package/dist/security/headers/csp.js +655 -0
package/dist/security/headers/csp.js.map +1 -0
package/dist/security/headers/hsts.d.ts +161 -0
package/dist/security/headers/hsts.d.ts.map +1 -0
package/dist/security/headers/hsts.js +346 -0
package/dist/security/headers/hsts.js.map +1 -0
package/dist/security/headers/index.d.ts +47 -0
package/dist/security/headers/index.d.ts.map +1 -0
package/dist/security/headers/index.js +110 -0
package/dist/security/headers/index.js.map +1 -0
package/dist/security/headers/middleware.d.ts +70 -0
package/dist/security/headers/middleware.d.ts.map +1 -0
package/dist/security/headers/middleware.js +549 -0
package/dist/security/headers/middleware.js.map +1 -0
package/dist/security/headers/permissions-policy.d.ts +189 -0
package/dist/security/headers/permissions-policy.d.ts.map +1 -0
package/dist/security/headers/permissions-policy.js +508 -0
package/dist/security/headers/permissions-policy.js.map +1 -0
package/dist/security/headers/types.d.ts +1570 -0
package/dist/security/headers/types.d.ts.map +1 -0
package/dist/security/headers/types.js +281 -0
package/dist/security/headers/types.js.map +1 -0
package/dist/security/headers/validator.d.ts +36 -0
package/dist/security/headers/validator.d.ts.map +1 -0
package/dist/security/headers/validator.js +616 -0
package/dist/security/headers/validator.js.map +1 -0
package/dist/security/hsm/aws-cloudhsm.d.ts +157 -0
package/dist/security/hsm/aws-cloudhsm.d.ts.map +1 -0
package/dist/security/hsm/aws-cloudhsm.js +712 -0
package/dist/security/hsm/aws-cloudhsm.js.map +1 -0
package/dist/security/hsm/azure-hsm.d.ts +174 -0
package/dist/security/hsm/azure-hsm.d.ts.map +1 -0
package/dist/security/hsm/azure-hsm.js +792 -0
package/dist/security/hsm/azure-hsm.js.map +1 -0
package/dist/security/hsm/gcp-hsm.d.ts +184 -0
package/dist/security/hsm/gcp-hsm.d.ts.map +1 -0
package/dist/security/hsm/gcp-hsm.js +817 -0
package/dist/security/hsm/gcp-hsm.js.map +1 -0
package/dist/security/hsm/hsm-service.d.ts +264 -0
package/dist/security/hsm/hsm-service.d.ts.map +1 -0
package/dist/security/hsm/hsm-service.js +772 -0
package/dist/security/hsm/hsm-service.js.map +1 -0
package/dist/security/hsm/index.d.ts +132 -0
package/dist/security/hsm/index.d.ts.map +1 -0
package/dist/security/hsm/index.js +198 -0
package/dist/security/hsm/index.js.map +1 -0
package/dist/security/hsm/key-ceremony.d.ts +214 -0
package/dist/security/hsm/key-ceremony.d.ts.map +1 -0
package/dist/security/hsm/key-ceremony.js +636 -0
package/dist/security/hsm/key-ceremony.js.map +1 -0
package/dist/security/hsm/local-softHSM.d.ts +122 -0
package/dist/security/hsm/local-softHSM.d.ts.map +1 -0
package/dist/security/hsm/local-softHSM.js +786 -0
package/dist/security/hsm/local-softHSM.js.map +1 -0
package/dist/security/hsm/provider.d.ts +333 -0
package/dist/security/hsm/provider.d.ts.map +1 -0
package/dist/security/hsm/provider.js +264 -0
package/dist/security/hsm/provider.js.map +1 -0
package/dist/security/hsm/thales-luna.d.ts +209 -0
package/dist/security/hsm/thales-luna.d.ts.map +1 -0
package/dist/security/hsm/thales-luna.js +820 -0
package/dist/security/hsm/thales-luna.js.map +1 -0
package/dist/security/incident/actions/block-ip.d.ts +84 -0
package/dist/security/incident/actions/block-ip.d.ts.map +1 -0
package/dist/security/incident/actions/block-ip.js +464 -0
package/dist/security/incident/actions/block-ip.js.map +1 -0
package/dist/security/incident/actions/collect-evidence.d.ts +95 -0
package/dist/security/incident/actions/collect-evidence.d.ts.map +1 -0
package/dist/security/incident/actions/collect-evidence.js +458 -0
package/dist/security/incident/actions/collect-evidence.js.map +1 -0
package/dist/security/incident/actions/index.d.ts +39 -0
package/dist/security/incident/actions/index.d.ts.map +1 -0
package/dist/security/incident/actions/index.js +52 -0
package/dist/security/incident/actions/index.js.map +1 -0
package/dist/security/incident/actions/isolate-system.d.ts +63 -0
package/dist/security/incident/actions/isolate-system.d.ts.map +1 -0
package/dist/security/incident/actions/isolate-system.js +379 -0
package/dist/security/incident/actions/isolate-system.js.map +1 -0
package/dist/security/incident/actions/notify-stakeholders.d.ts +72 -0
package/dist/security/incident/actions/notify-stakeholders.d.ts.map +1 -0
package/dist/security/incident/actions/notify-stakeholders.js +387 -0
package/dist/security/incident/actions/notify-stakeholders.js.map +1 -0
package/dist/security/incident/actions/revoke-credentials.d.ts +77 -0
package/dist/security/incident/actions/revoke-credentials.d.ts.map +1 -0
package/dist/security/incident/actions/revoke-credentials.js +329 -0
package/dist/security/incident/actions/revoke-credentials.js.map +1 -0
package/dist/security/incident/actions/scale-monitoring.d.ts +90 -0
package/dist/security/incident/actions/scale-monitoring.d.ts.map +1 -0
package/dist/security/incident/actions/scale-monitoring.js +483 -0
package/dist/security/incident/actions/scale-monitoring.js.map +1 -0
package/dist/security/incident/executor.d.ts +128 -0
package/dist/security/incident/executor.d.ts.map +1 -0
package/dist/security/incident/executor.js +695 -0
package/dist/security/incident/executor.js.map +1 -0
package/dist/security/incident/index.d.ts +220 -0
package/dist/security/incident/index.d.ts.map +1 -0
package/dist/security/incident/index.js +1284 -0
package/dist/security/incident/index.js.map +1 -0
package/dist/security/incident/notification.d.ts +68 -0
package/dist/security/incident/notification.d.ts.map +1 -0
package/dist/security/incident/notification.js +512 -0
package/dist/security/incident/notification.js.map +1 -0
package/dist/security/incident/playbooks/account-compromise.d.ts +13 -0
package/dist/security/incident/playbooks/account-compromise.d.ts.map +1 -0
package/dist/security/incident/playbooks/account-compromise.js +379 -0
package/dist/security/incident/playbooks/account-compromise.js.map +1 -0
package/dist/security/incident/playbooks/configuration-error.d.ts +17 -0
package/dist/security/incident/playbooks/configuration-error.d.ts.map +1 -0
package/dist/security/incident/playbooks/configuration-error.js +340 -0
package/dist/security/incident/playbooks/configuration-error.js.map +1 -0
package/dist/security/incident/playbooks/data-breach.d.ts +13 -0
package/dist/security/incident/playbooks/data-breach.d.ts.map +1 -0
package/dist/security/incident/playbooks/data-breach.js +394 -0
package/dist/security/incident/playbooks/data-breach.js.map +1 -0
package/dist/security/incident/playbooks/denial-of-service.d.ts +13 -0
package/dist/security/incident/playbooks/denial-of-service.d.ts.map +1 -0
package/dist/security/incident/playbooks/denial-of-service.js +540 -0
package/dist/security/incident/playbooks/denial-of-service.js.map +1 -0
package/dist/security/incident/playbooks/index.d.ts +36 -0
package/dist/security/incident/playbooks/index.d.ts.map +1 -0
package/dist/security/incident/playbooks/index.js +56 -0
package/dist/security/incident/playbooks/index.js.map +1 -0
package/dist/security/incident/playbooks/insider-threat.d.ts +18 -0
package/dist/security/incident/playbooks/insider-threat.d.ts.map +1 -0
package/dist/security/incident/playbooks/insider-threat.js +600 -0
package/dist/security/incident/playbooks/insider-threat.js.map +1 -0
package/dist/security/incident/playbooks/malware.d.ts +13 -0
package/dist/security/incident/playbooks/malware.d.ts.map +1 -0
package/dist/security/incident/playbooks/malware.js +515 -0
package/dist/security/incident/playbooks/malware.js.map +1 -0
package/dist/security/incident/playbooks/ransomware.d.ts +14 -0
package/dist/security/incident/playbooks/ransomware.d.ts.map +1 -0
package/dist/security/incident/playbooks/ransomware.js +693 -0
package/dist/security/incident/playbooks/ransomware.js.map +1 -0
package/dist/security/incident/playbooks/unauthorized-access.d.ts +13 -0
package/dist/security/incident/playbooks/unauthorized-access.d.ts.map +1 -0
package/dist/security/incident/playbooks/unauthorized-access.js +412 -0
package/dist/security/incident/playbooks/unauthorized-access.js.map +1 -0
package/dist/security/incident/triggers.d.ts +120 -0
package/dist/security/incident/triggers.d.ts.map +1 -0
package/dist/security/incident/triggers.js +708 -0
package/dist/security/incident/triggers.js.map +1 -0
package/dist/security/incident/types.d.ts +1517 -0
package/dist/security/incident/types.d.ts.map +1 -0
package/dist/security/incident/types.js +222 -0
package/dist/security/incident/types.js.map +1 -0
package/dist/security/index.d.ts +56 -0
package/dist/security/index.d.ts.map +1 -0
package/dist/security/index.js +267 -0
package/dist/security/index.js.map +1 -0
package/dist/security/injection-detector.d.ts +375 -0
package/dist/security/injection-detector.d.ts.map +1 -0
package/dist/security/injection-detector.js +969 -0
package/dist/security/injection-detector.js.map +1 -0
package/dist/security/introspection.d.ts +137 -0
package/dist/security/introspection.d.ts.map +1 -0
package/dist/security/introspection.js +451 -0
package/dist/security/introspection.js.map +1 -0
package/dist/security/key-rotation.d.ts +213 -0
package/dist/security/key-rotation.d.ts.map +1 -0
package/dist/security/key-rotation.js +530 -0
package/dist/security/key-rotation.js.map +1 -0
package/dist/security/kms/aws-kms.d.ts +152 -0
package/dist/security/kms/aws-kms.d.ts.map +1 -0
package/dist/security/kms/aws-kms.js +808 -0
package/dist/security/kms/aws-kms.js.map +1 -0
package/dist/security/kms/index.d.ts +165 -0
package/dist/security/kms/index.d.ts.map +1 -0
package/dist/security/kms/index.js +351 -0
package/dist/security/kms/index.js.map +1 -0
package/dist/security/kms/local.d.ts +127 -0
package/dist/security/kms/local.d.ts.map +1 -0
package/dist/security/kms/local.js +682 -0
package/dist/security/kms/local.js.map +1 -0
package/dist/security/kms/types.d.ts +1000 -0
package/dist/security/kms/types.d.ts.map +1 -0
package/dist/security/kms/types.js +167 -0
package/dist/security/kms/types.js.map +1 -0
package/dist/security/kms/vault.d.ts +165 -0
package/dist/security/kms/vault.d.ts.map +1 -0
package/dist/security/kms/vault.js +820 -0
package/dist/security/kms/vault.js.map +1 -0
package/dist/security/mfa/index.d.ts +17 -0
package/dist/security/mfa/index.d.ts.map +1 -0
package/dist/security/mfa/index.js +37 -0
package/dist/security/mfa/index.js.map +1 -0
package/dist/security/mfa/mfa-middleware.d.ts +74 -0
package/dist/security/mfa/mfa-middleware.d.ts.map +1 -0
package/dist/security/mfa/mfa-middleware.js +244 -0
package/dist/security/mfa/mfa-middleware.js.map +1 -0
package/dist/security/mfa/mfa-service.d.ts +115 -0
package/dist/security/mfa/mfa-service.d.ts.map +1 -0
package/dist/security/mfa/mfa-service.js +508 -0
package/dist/security/mfa/mfa-service.js.map +1 -0
package/dist/security/mfa/mfa-store.d.ts +615 -0
package/dist/security/mfa/mfa-store.d.ts.map +1 -0
package/dist/security/mfa/mfa-store.js +431 -0
package/dist/security/mfa/mfa-store.js.map +1 -0
package/dist/security/mfa/types.d.ts +417 -0
package/dist/security/mfa/types.d.ts.map +1 -0
package/dist/security/mfa/types.js +123 -0
package/dist/security/mfa/types.js.map +1 -0
package/dist/security/middleware.d.ts +179 -0
package/dist/security/middleware.d.ts.map +1 -0
package/dist/security/middleware.js +534 -0
package/dist/security/middleware.js.map +1 -0
package/dist/security/pairwise-did.d.ts +157 -0
package/dist/security/pairwise-did.d.ts.map +1 -0
package/dist/security/pairwise-did.js +450 -0
package/dist/security/pairwise-did.js.map +1 -0
package/dist/security/pam/break-glass.d.ts +776 -0
package/dist/security/pam/break-glass.d.ts.map +1 -0
package/dist/security/pam/break-glass.js +1137 -0
package/dist/security/pam/break-glass.js.map +1 -0
package/dist/security/pam/index.d.ts +120 -0
package/dist/security/pam/index.d.ts.map +1 -0
package/dist/security/pam/index.js +179 -0
package/dist/security/pam/index.js.map +1 -0
package/dist/security/pam/jit-access.d.ts +482 -0
package/dist/security/pam/jit-access.d.ts.map +1 -0
package/dist/security/pam/jit-access.js +1030 -0
package/dist/security/pam/jit-access.js.map +1 -0
package/dist/security/pam/session-recording.d.ts +1007 -0
package/dist/security/pam/session-recording.d.ts.map +1 -0
package/dist/security/pam/session-recording.js +1047 -0
package/dist/security/pam/session-recording.js.map +1 -0
package/dist/security/password-hashing.d.ts +199 -0
package/dist/security/password-hashing.d.ts.map +1 -0
package/dist/security/password-hashing.js +366 -0
package/dist/security/password-hashing.js.map +1 -0
package/dist/security/password-policy.d.ts +304 -0
package/dist/security/password-policy.d.ts.map +1 -0
package/dist/security/password-policy.js +730 -0
package/dist/security/password-policy.js.map +1 -0
package/dist/security/policy-engine/atsf-adapter.d.ts +93 -0
package/dist/security/policy-engine/atsf-adapter.d.ts.map +1 -0
package/dist/security/policy-engine/atsf-adapter.js +265 -0
package/dist/security/policy-engine/atsf-adapter.js.map +1 -0
package/dist/security/policy-engine/built-in-policies.d.ts +90 -0
package/dist/security/policy-engine/built-in-policies.d.ts.map +1 -0
package/dist/security/policy-engine/built-in-policies.js +627 -0
package/dist/security/policy-engine/built-in-policies.js.map +1 -0
package/dist/security/policy-engine/condition-evaluator.d.ts +129 -0
package/dist/security/policy-engine/condition-evaluator.d.ts.map +1 -0
package/dist/security/policy-engine/condition-evaluator.js +647 -0
package/dist/security/policy-engine/condition-evaluator.js.map +1 -0
package/dist/security/policy-engine/engine.d.ts +200 -0
package/dist/security/policy-engine/engine.d.ts.map +1 -0
package/dist/security/policy-engine/engine.js +752 -0
package/dist/security/policy-engine/engine.js.map +1 -0
package/dist/security/policy-engine/index.d.ts +59 -0
package/dist/security/policy-engine/index.d.ts.map +1 -0
package/dist/security/policy-engine/index.js +84 -0
package/dist/security/policy-engine/index.js.map +1 -0
package/dist/security/policy-engine/middleware.d.ts +77 -0
package/dist/security/policy-engine/middleware.d.ts.map +1 -0
package/dist/security/policy-engine/middleware.js +375 -0
package/dist/security/policy-engine/middleware.js.map +1 -0
package/dist/security/policy-engine/rule-evaluator.d.ts +140 -0
package/dist/security/policy-engine/rule-evaluator.d.ts.map +1 -0
package/dist/security/policy-engine/rule-evaluator.js +593 -0
package/dist/security/policy-engine/rule-evaluator.js.map +1 -0
package/dist/security/policy-engine/types.d.ts +2855 -0
package/dist/security/policy-engine/types.d.ts.map +1 -0
package/dist/security/policy-engine/types.js +443 -0
package/dist/security/policy-engine/types.js.map +1 -0
package/dist/security/refresh-token.d.ts +305 -0
package/dist/security/refresh-token.d.ts.map +1 -0
package/dist/security/refresh-token.js +678 -0
package/dist/security/refresh-token.js.map +1 -0
package/dist/security/request-integrity.d.ts +289 -0
package/dist/security/request-integrity.d.ts.map +1 -0
package/dist/security/request-integrity.js +663 -0
package/dist/security/request-integrity.js.map +1 -0
package/dist/security/revocation-check.d.ts +188 -0
package/dist/security/revocation-check.d.ts.map +1 -0
package/dist/security/revocation-check.js +606 -0
package/dist/security/revocation-check.js.map +1 -0
package/dist/security/revocation.d.ts +191 -0
package/dist/security/revocation.d.ts.map +1 -0
package/dist/security/revocation.js +522 -0
package/dist/security/revocation.js.map +1 -0
package/dist/security/secrets-rotation.d.ts +501 -0
package/dist/security/secrets-rotation.d.ts.map +1 -0
package/dist/security/secrets-rotation.js +934 -0
package/dist/security/secrets-rotation.js.map +1 -0
package/dist/security/secure-memory.d.ts +325 -0
package/dist/security/secure-memory.d.ts.map +1 -0
package/dist/security/secure-memory.js +595 -0
package/dist/security/secure-memory.js.map +1 -0
package/dist/security/security-service.d.ts +186 -0
package/dist/security/security-service.d.ts.map +1 -0
package/dist/security/security-service.js +531 -0
package/dist/security/security-service.js.map +1 -0
package/dist/security/service-auth/index.d.ts +20 -0
package/dist/security/service-auth/index.d.ts.map +1 -0
package/dist/security/service-auth/index.js +61 -0
package/dist/security/service-auth/index.js.map +1 -0
package/dist/security/service-auth/service-account.d.ts +357 -0
package/dist/security/service-auth/service-account.d.ts.map +1 -0
package/dist/security/service-auth/service-account.js +475 -0
package/dist/security/service-auth/service-account.js.map +1 -0
package/dist/security/service-auth/service-auth-middleware.d.ts +174 -0
package/dist/security/service-auth/service-auth-middleware.d.ts.map +1 -0
package/dist/security/service-auth/service-auth-middleware.js +461 -0
package/dist/security/service-auth/service-auth-middleware.js.map +1 -0
package/dist/security/service-auth/service-token.d.ts +391 -0
package/dist/security/service-auth/service-token.d.ts.map +1 -0
package/dist/security/service-auth/service-token.js +472 -0
package/dist/security/service-auth/service-token.js.map +1 -0
package/dist/security/session-manager.d.ts +177 -0
package/dist/security/session-manager.d.ts.map +1 -0
package/dist/security/session-manager.js +353 -0
package/dist/security/session-manager.js.map +1 -0
package/dist/security/session-store.d.ts +205 -0
package/dist/security/session-store.d.ts.map +1 -0
package/dist/security/session-store.js +581 -0
package/dist/security/session-store.js.map +1 -0
package/dist/security/siem/connector.d.ts +147 -0
package/dist/security/siem/connector.d.ts.map +1 -0
package/dist/security/siem/connector.js +254 -0
package/dist/security/siem/connector.js.map +1 -0
package/dist/security/siem/datadog.d.ts +81 -0
package/dist/security/siem/datadog.d.ts.map +1 -0
package/dist/security/siem/datadog.js +362 -0
package/dist/security/siem/datadog.js.map +1 -0
package/dist/security/siem/elastic.d.ts +83 -0
package/dist/security/siem/elastic.d.ts.map +1 -0
package/dist/security/siem/elastic.js +514 -0
package/dist/security/siem/elastic.js.map +1 -0
package/dist/security/siem/enrichment.d.ts +133 -0
package/dist/security/siem/enrichment.d.ts.map +1 -0
package/dist/security/siem/enrichment.js +434 -0
package/dist/security/siem/enrichment.js.map +1 -0
package/dist/security/siem/formatter.d.ts +118 -0
package/dist/security/siem/formatter.d.ts.map +1 -0
package/dist/security/siem/formatter.js +381 -0
package/dist/security/siem/formatter.js.map +1 -0
package/dist/security/siem/hooks.d.ts +107 -0
package/dist/security/siem/hooks.d.ts.map +1 -0
package/dist/security/siem/hooks.js +459 -0
package/dist/security/siem/hooks.js.map +1 -0
package/dist/security/siem/index.d.ts +83 -0
package/dist/security/siem/index.d.ts.map +1 -0
package/dist/security/siem/index.js +95 -0
package/dist/security/siem/index.js.map +1 -0
package/dist/security/siem/service.d.ts +153 -0
package/dist/security/siem/service.d.ts.map +1 -0
package/dist/security/siem/service.js +615 -0
package/dist/security/siem/service.js.map +1 -0
package/dist/security/siem/splunk.d.ts +76 -0
package/dist/security/siem/splunk.d.ts.map +1 -0
package/dist/security/siem/splunk.js +283 -0
package/dist/security/siem/splunk.js.map +1 -0
package/dist/security/siem/types.d.ts +1980 -0
package/dist/security/siem/types.d.ts.map +1 -0
package/dist/security/siem/types.js +268 -0
package/dist/security/siem/types.js.map +1 -0
package/dist/security/tee.d.ts +157 -0
package/dist/security/tee.d.ts.map +1 -0
package/dist/security/tee.js +1073 -0
package/dist/security/tee.js.map +1 -0
package/dist/security/threat-intel/bot-detection.d.ts +275 -0
package/dist/security/threat-intel/bot-detection.d.ts.map +1 -0
package/dist/security/threat-intel/bot-detection.js +890 -0
package/dist/security/threat-intel/bot-detection.js.map +1 -0
package/dist/security/threat-intel/credential-stuffing.d.ts +368 -0
package/dist/security/threat-intel/credential-stuffing.d.ts.map +1 -0
package/dist/security/threat-intel/credential-stuffing.js +957 -0
package/dist/security/threat-intel/credential-stuffing.js.map +1 -0
package/dist/security/threat-intel/index.d.ts +10 -0
package/dist/security/threat-intel/index.d.ts.map +1 -0
package/dist/security/threat-intel/index.js +18 -0
package/dist/security/threat-intel/index.js.map +1 -0
package/dist/security/threat-intel/ip-reputation.d.ts +323 -0
package/dist/security/threat-intel/ip-reputation.d.ts.map +1 -0
package/dist/security/threat-intel/ip-reputation.js +923 -0
package/dist/security/threat-intel/ip-reputation.js.map +1 -0
package/dist/security/token-lifecycle.d.ts +272 -0
package/dist/security/token-lifecycle.d.ts.map +1 -0
package/dist/security/token-lifecycle.js +732 -0
package/dist/security/token-lifecycle.js.map +1 -0
package/dist/security/token-lifetime.d.ts +206 -0
package/dist/security/token-lifetime.d.ts.map +1 -0
package/dist/security/token-lifetime.js +388 -0
package/dist/security/token-lifetime.js.map +1 -0
package/dist/security/trust-oracle/alerts.d.ts +202 -0
package/dist/security/trust-oracle/alerts.d.ts.map +1 -0
package/dist/security/trust-oracle/alerts.js +763 -0
package/dist/security/trust-oracle/alerts.js.map +1 -0
package/dist/security/trust-oracle/api.d.ts +116 -0
package/dist/security/trust-oracle/api.d.ts.map +1 -0
package/dist/security/trust-oracle/api.js +721 -0
package/dist/security/trust-oracle/api.js.map +1 -0
package/dist/security/trust-oracle/continuous-monitoring.d.ts +105 -0
package/dist/security/trust-oracle/continuous-monitoring.d.ts.map +1 -0
package/dist/security/trust-oracle/continuous-monitoring.js +710 -0
package/dist/security/trust-oracle/continuous-monitoring.js.map +1 -0
package/dist/security/trust-oracle/data-sources.d.ts +102 -0
package/dist/security/trust-oracle/data-sources.d.ts.map +1 -0
package/dist/security/trust-oracle/data-sources.js +794 -0
package/dist/security/trust-oracle/data-sources.js.map +1 -0
package/dist/security/trust-oracle/index.d.ts +79 -0
package/dist/security/trust-oracle/index.d.ts.map +1 -0
package/dist/security/trust-oracle/index.js +206 -0
package/dist/security/trust-oracle/index.js.map +1 -0
package/dist/security/trust-oracle/oracle.d.ts +125 -0
package/dist/security/trust-oracle/oracle.d.ts.map +1 -0
package/dist/security/trust-oracle/oracle.js +489 -0
package/dist/security/trust-oracle/oracle.js.map +1 -0
package/dist/security/trust-oracle/reporting.d.ts +145 -0
package/dist/security/trust-oracle/reporting.d.ts.map +1 -0
package/dist/security/trust-oracle/reporting.js +1098 -0
package/dist/security/trust-oracle/reporting.js.map +1 -0
package/dist/security/trust-oracle/risk-scorer.d.ts +207 -0
package/dist/security/trust-oracle/risk-scorer.d.ts.map +1 -0
package/dist/security/trust-oracle/risk-scorer.js +1033 -0
package/dist/security/trust-oracle/risk-scorer.js.map +1 -0
package/dist/security/trust-oracle/types.d.ts +444 -0
package/dist/security/trust-oracle/types.d.ts.map +1 -0
package/dist/security/trust-oracle/types.js +6 -0
package/dist/security/trust-oracle/types.js.map +1 -0
package/dist/security/trust-oracle/vendor-registry.d.ts +228 -0
package/dist/security/trust-oracle/vendor-registry.d.ts.map +1 -0
package/dist/security/trust-oracle/vendor-registry.js +727 -0
package/dist/security/trust-oracle/vendor-registry.js.map +1 -0
package/dist/security/types.d.ts +1796 -0
package/dist/security/types.d.ts.map +1 -0
package/dist/security/types.js +389 -0
package/dist/security/types.js.map +1 -0
package/dist/security/webauthn/index.d.ts +47 -0
package/dist/security/webauthn/index.d.ts.map +1 -0
package/dist/security/webauthn/index.js +48 -0
package/dist/security/webauthn/index.js.map +1 -0
package/dist/security/webauthn/middleware.d.ts +109 -0
package/dist/security/webauthn/middleware.d.ts.map +1 -0
package/dist/security/webauthn/middleware.js +629 -0
package/dist/security/webauthn/middleware.js.map +1 -0
package/dist/security/webauthn/service.d.ts +179 -0
package/dist/security/webauthn/service.d.ts.map +1 -0
package/dist/security/webauthn/service.js +757 -0
package/dist/security/webauthn/service.js.map +1 -0
package/dist/security/webauthn/store.d.ts +240 -0
package/dist/security/webauthn/store.d.ts.map +1 -0
package/dist/security/webauthn/store.js +505 -0
package/dist/security/webauthn/store.js.map +1 -0
package/dist/security/webauthn/types.d.ts +678 -0
package/dist/security/webauthn/types.d.ts.map +1 -0
package/dist/security/webauthn/types.js +176 -0
package/dist/security/webauthn/types.js.map +1 -0
package/dist/security/zkp/circuits.d.ts +296 -0
package/dist/security/zkp/circuits.d.ts.map +1 -0
package/dist/security/zkp/circuits.js +771 -0
package/dist/security/zkp/circuits.js.map +1 -0
package/dist/security/zkp/commitment.d.ts +319 -0
package/dist/security/zkp/commitment.d.ts.map +1 -0
package/dist/security/zkp/commitment.js +591 -0
package/dist/security/zkp/commitment.js.map +1 -0
package/dist/security/zkp/compliance.d.ts +251 -0
package/dist/security/zkp/compliance.d.ts.map +1 -0
package/dist/security/zkp/compliance.js +734 -0
package/dist/security/zkp/compliance.js.map +1 -0
package/dist/security/zkp/index.d.ts +184 -0
package/dist/security/zkp/index.d.ts.map +1 -0
package/dist/security/zkp/index.js +285 -0
package/dist/security/zkp/index.js.map +1 -0
package/dist/security/zkp/integration.d.ts +289 -0
package/dist/security/zkp/integration.d.ts.map +1 -0
package/dist/security/zkp/integration.js +571 -0
package/dist/security/zkp/integration.js.map +1 -0
package/dist/security/zkp/prover.d.ts +158 -0
package/dist/security/zkp/prover.d.ts.map +1 -0
package/dist/security/zkp/prover.js +465 -0
package/dist/security/zkp/prover.js.map +1 -0
package/dist/security/zkp/snark-utils.d.ts +321 -0
package/dist/security/zkp/snark-utils.d.ts.map +1 -0
package/dist/security/zkp/snark-utils.js +640 -0
package/dist/security/zkp/snark-utils.js.map +1 -0
package/dist/security/zkp/types.d.ts +1192 -0
package/dist/security/zkp/types.d.ts.map +1 -0
package/dist/security/zkp/types.js +264 -0
package/dist/security/zkp/types.js.map +1 -0
package/dist/security/zkp/verifier.d.ts +111 -0
package/dist/security/zkp/verifier.d.ts.map +1 -0
package/dist/security/zkp/verifier.js +554 -0
package/dist/security/zkp/verifier.js.map +1 -0
package/dist/semantic-governance/context-validator.d.ts +159 -0
package/dist/semantic-governance/context-validator.d.ts.map +1 -0
package/dist/semantic-governance/context-validator.js +599 -0
package/dist/semantic-governance/context-validator.js.map +1 -0
package/dist/semantic-governance/credential-manager.d.ts +156 -0
package/dist/semantic-governance/credential-manager.d.ts.map +1 -0
package/dist/semantic-governance/credential-manager.js +438 -0
package/dist/semantic-governance/credential-manager.js.map +1 -0
package/dist/semantic-governance/dual-channel.d.ts +138 -0
package/dist/semantic-governance/dual-channel.d.ts.map +1 -0
package/dist/semantic-governance/dual-channel.js +333 -0
package/dist/semantic-governance/dual-channel.js.map +1 -0
package/dist/semantic-governance/index.d.ts +107 -0
package/dist/semantic-governance/index.d.ts.map +1 -0
package/dist/semantic-governance/index.js +141 -0
package/dist/semantic-governance/index.js.map +1 -0
package/dist/semantic-governance/inference-validator.d.ts +114 -0
package/dist/semantic-governance/inference-validator.d.ts.map +1 -0
package/dist/semantic-governance/inference-validator.js +390 -0
package/dist/semantic-governance/inference-validator.js.map +1 -0
package/dist/semantic-governance/instruction-validator.d.ts +146 -0
package/dist/semantic-governance/instruction-validator.d.ts.map +1 -0
package/dist/semantic-governance/instruction-validator.js +357 -0
package/dist/semantic-governance/instruction-validator.js.map +1 -0
package/dist/semantic-governance/integration.d.ts +253 -0
package/dist/semantic-governance/integration.d.ts.map +1 -0
package/dist/semantic-governance/integration.js +657 -0
package/dist/semantic-governance/integration.js.map +1 -0
package/dist/semantic-governance/output-validator.d.ts +135 -0
package/dist/semantic-governance/output-validator.d.ts.map +1 -0
package/dist/semantic-governance/output-validator.js +442 -0
package/dist/semantic-governance/output-validator.js.map +1 -0
package/dist/semantic-governance/service.d.ts +120 -0
package/dist/semantic-governance/service.d.ts.map +1 -0
package/dist/semantic-governance/service.js +527 -0
package/dist/semantic-governance/service.js.map +1 -0
package/dist/semantic-governance/types.d.ts +3916 -0
package/dist/semantic-governance/types.d.ts.map +1 -0
package/dist/semantic-governance/types.js +462 -0
package/dist/semantic-governance/types.js.map +1 -0
package/dist/trust-engine/aci-integration.d.ts +6 -0
package/dist/trust-engine/aci-integration.d.ts.map +1 -0
package/dist/trust-engine/aci-integration.js +6 -0
package/dist/trust-engine/aci-integration.js.map +1 -0
package/dist/trust-engine/car-integration.d.ts +244 -0
package/dist/trust-engine/car-integration.d.ts.map +1 -0
package/dist/trust-engine/car-integration.js +332 -0
package/dist/trust-engine/car-integration.js.map +1 -0
package/dist/trust-engine/context.d.ts +197 -0
package/dist/trust-engine/context.d.ts.map +1 -0
package/dist/trust-engine/context.js +307 -0
package/dist/trust-engine/context.js.map +1 -0
package/dist/trust-engine/index.d.ts +410 -0
package/dist/trust-engine/index.d.ts.map +1 -0
package/dist/trust-engine/index.js +1221 -0
package/dist/trust-engine/index.js.map +1 -0
package/dist/trust-engine/observability.d.ts +175 -0
package/dist/trust-engine/observability.d.ts.map +1 -0
package/dist/trust-engine/observability.js +244 -0
package/dist/trust-engine/observability.js.map +1 -0
package/package.json +200 -0

package/dist/security/types.d.ts ADDED Viewed

@@ -0,0 +1,1796 @@
+/**
+ * Security Hardening Types
+ *
+ * Type definitions for CAR ID security hardening controls including:
+ * - DPoP (Demonstrating Proof-of-Possession)
+ * - TEE (Trusted Execution Environment) binding
+ * - Pairwise DID configuration
+ * - Revocation SLA configuration
+ * - Token lifetime configuration
+ *
+ * Based on CAR ID Security Hardening Specification v1.0.0
+ *
+ * @packageDocumentation
+ */
+import { z } from 'zod';
+/**
+ * Trust tiers as defined in CAR ID specification
+ * Maps to security conformance levels:
+ * - T0-T1: No minimum security (not recommended)
+ * - T2: SH-1 (Basic) - DPoP, short-lived tokens
+ * - T3: SH-2 (Standard) - SH-1 + pairwise DIDs, recursive revocation
+ * - T4-T5: SH-3 (Hardened) - SH-2 + TEE binding, sync revocation checks
+ */
+export declare const TrustTier: {
+    readonly T0: 0;
+    readonly T1: 1;
+    readonly T2: 2;
+    readonly T3: 3;
+    readonly T4: 4;
+    readonly T5: 5;
+    readonly T6: 6;
+    readonly T7: 7;
+};
+export type TrustTier = (typeof TrustTier)[keyof typeof TrustTier];
+export declare const trustTierSchema: z.ZodNativeEnum<{
+    readonly T0: 0;
+    readonly T1: 1;
+    readonly T2: 2;
+    readonly T3: 3;
+    readonly T4: 4;
+    readonly T5: 5;
+    readonly T6: 6;
+    readonly T7: 7;
+}>;
+/**
+ * Security conformance levels
+ */
+export declare const SecurityConformanceLevel: {
+    readonly NONE: "none";
+    readonly SH1_BASIC: "sh-1";
+    readonly SH2_STANDARD: "sh-2";
+    readonly SH3_HARDENED: "sh-3";
+};
+export type SecurityConformanceLevel = (typeof SecurityConformanceLevel)[keyof typeof SecurityConformanceLevel];
+export declare const securityConformanceLevelSchema: z.ZodNativeEnum<{
+    readonly NONE: "none";
+    readonly SH1_BASIC: "sh-1";
+    readonly SH2_STANDARD: "sh-2";
+    readonly SH3_HARDENED: "sh-3";
+}>;
+/**
+ * DPoP proof JWT payload structure per RFC 9449
+ */
+export interface DPoPProof {
+    /** Unique token ID (MUST be unique, servers MUST reject replays) */
+    jti: string;
+    /** HTTP method (e.g., 'GET', 'POST') */
+    htm: string;
+    /** HTTP URI (the target endpoint) */
+    htu: string;
+    /** Issued at timestamp (Unix seconds) */
+    iat: number;
+    /** Access token hash (for bound tokens, sha256 of access token) */
+    ath?: string;
+}
+export declare const dpopProofSchema: z.ZodObject<{
+    jti: z.ZodString;
+    htm: z.ZodString;
+    htu: z.ZodString;
+    iat: z.ZodNumber;
+    ath: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    iat?: number;
+    jti?: string;
+    htm?: string;
+    htu?: string;
+    ath?: string;
+}, {
+    iat?: number;
+    jti?: string;
+    htm?: string;
+    htu?: string;
+    ath?: string;
+}>;
+/**
+ * DPoP proof header structure
+ */
+export interface DPoPHeader {
+    /** Type is always 'dpop+jwt' */
+    typ: 'dpop+jwt';
+    /** Algorithm (ES256 required, ES384/ES512 recommended) */
+    alg: 'ES256' | 'ES384' | 'ES512';
+    /** JWK public key */
+    jwk: JsonWebKey;
+}
+export declare const dpopHeaderSchema: z.ZodObject<{
+    typ: z.ZodLiteral<"dpop+jwt">;
+    alg: z.ZodEnum<["ES256", "ES384", "ES512"]>;
+    jwk: z.ZodRecord<z.ZodString, z.ZodUnknown>;
+}, "strip", z.ZodTypeAny, {
+    jwk?: Record<string, unknown>;
+    typ?: "dpop+jwt";
+    alg?: "ES256" | "ES384" | "ES512";
+}, {
+    jwk?: Record<string, unknown>;
+    typ?: "dpop+jwt";
+    alg?: "ES256" | "ES384" | "ES512";
+}>;
+/**
+ * DPoP configuration
+ */
+export interface DPoPConfig {
+    /** Which trust tiers require DPoP (default: T2+) */
+    requiredForTiers: TrustTier[];
+    /** Maximum proof age in seconds (default: 60) */
+    maxProofAge: number;
+    /** Whether nonce is required from server */
+    nonceRequired: boolean;
+    /** Maximum clock skew tolerance in seconds (default: 5) */
+    clockSkewTolerance: number;
+    /** Supported algorithms */
+    allowedAlgorithms: ('ES256' | 'ES384' | 'ES512')[];
+}
+export declare const dpopConfigSchema: z.ZodObject<{
+    requiredForTiers: z.ZodArray<z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+        readonly T6: 6;
+        readonly T7: 7;
+    }>, "many">;
+    maxProofAge: z.ZodDefault<z.ZodNumber>;
+    nonceRequired: z.ZodDefault<z.ZodBoolean>;
+    clockSkewTolerance: z.ZodDefault<z.ZodNumber>;
+    allowedAlgorithms: z.ZodDefault<z.ZodArray<z.ZodEnum<["ES256", "ES384", "ES512"]>, "many">>;
+}, "strip", z.ZodTypeAny, {
+    allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+    clockSkewTolerance?: number;
+    maxProofAge?: number;
+    requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+    nonceRequired?: boolean;
+}, {
+    allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+    clockSkewTolerance?: number;
+    maxProofAge?: number;
+    requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+    nonceRequired?: boolean;
+}>;
+/**
+ * DPoP verification result
+ */
+export interface DPoPVerificationResult {
+    /** Whether verification succeeded */
+    valid: boolean;
+    /** JWK thumbprint of the proof key */
+    keyThumbprint?: string;
+    /** Error reason if verification failed */
+    error?: string;
+    /** Error code for programmatic handling */
+    errorCode?: 'INVALID_SIGNATURE' | 'EXPIRED' | 'REPLAY' | 'METHOD_MISMATCH' | 'URI_MISMATCH' | 'INVALID_FORMAT';
+    /** Verified at timestamp */
+    verifiedAt: string;
+}
+export declare const dpopVerificationResultSchema: z.ZodObject<{
+    valid: z.ZodBoolean;
+    keyThumbprint: z.ZodOptional<z.ZodString>;
+    error: z.ZodOptional<z.ZodString>;
+    errorCode: z.ZodOptional<z.ZodEnum<["INVALID_SIGNATURE", "EXPIRED", "REPLAY", "METHOD_MISMATCH", "URI_MISMATCH", "INVALID_FORMAT"]>>;
+    verifiedAt: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    valid?: boolean;
+    error?: string;
+    errorCode?: "EXPIRED" | "INVALID_SIGNATURE" | "INVALID_FORMAT" | "REPLAY" | "METHOD_MISMATCH" | "URI_MISMATCH";
+    keyThumbprint?: string;
+    verifiedAt?: string;
+}, {
+    valid?: boolean;
+    error?: string;
+    errorCode?: "EXPIRED" | "INVALID_SIGNATURE" | "INVALID_FORMAT" | "REPLAY" | "METHOD_MISMATCH" | "URI_MISMATCH";
+    keyThumbprint?: string;
+    verifiedAt?: string;
+}>;
+/**
+ * Supported TEE platforms
+ */
+export declare const TEEPlatform: {
+    readonly SGX: "sgx";
+    readonly NITRO: "nitro";
+    readonly SEV: "sev";
+    readonly TRUSTZONE: "trustzone";
+    readonly SECURE_ENCLAVE: "secure-enclave";
+};
+export type TEEPlatform = (typeof TEEPlatform)[keyof typeof TEEPlatform];
+export declare const teePlatformSchema: z.ZodNativeEnum<{
+    readonly SGX: "sgx";
+    readonly NITRO: "nitro";
+    readonly SEV: "sev";
+    readonly TRUSTZONE: "trustzone";
+    readonly SECURE_ENCLAVE: "secure-enclave";
+}>;
+/**
+ * TEE attestation document
+ */
+export interface TEEAttestation {
+    /** TEE platform type */
+    platform: TEEPlatform;
+    /** Hash of running code (measurement) */
+    measurementHash: string;
+    /** Attestation timestamp */
+    timestamp: Date;
+    /** Enclave identifier */
+    enclaveId: string;
+    /** Platform Configuration Registers (for SGX/Nitro) */
+    pcrs?: Record<string, string>;
+    /** Attestation document signature */
+    signature?: string;
+    /** Certificate chain for verification */
+    certificateChain?: string[];
+    /** Attestation service endpoint */
+    attestationEndpoint?: string;
+    /** Validity period end */
+    validUntil?: Date;
+}
+export declare const teeAttestationSchema: z.ZodObject<{
+    platform: z.ZodNativeEnum<{
+        readonly SGX: "sgx";
+        readonly NITRO: "nitro";
+        readonly SEV: "sev";
+        readonly TRUSTZONE: "trustzone";
+        readonly SECURE_ENCLAVE: "secure-enclave";
+    }>;
+    measurementHash: z.ZodString;
+    timestamp: z.ZodDate;
+    enclaveId: z.ZodString;
+    pcrs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    signature: z.ZodOptional<z.ZodString>;
+    certificateChain: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    attestationEndpoint: z.ZodOptional<z.ZodString>;
+    validUntil: z.ZodOptional<z.ZodDate>;
+}, "strip", z.ZodTypeAny, {
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    timestamp?: Date;
+    signature?: string;
+    validUntil?: Date;
+    measurementHash?: string;
+    enclaveId?: string;
+    pcrs?: Record<string, string>;
+    certificateChain?: string[];
+    attestationEndpoint?: string;
+}, {
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    timestamp?: Date;
+    signature?: string;
+    validUntil?: Date;
+    measurementHash?: string;
+    enclaveId?: string;
+    pcrs?: Record<string, string>;
+    certificateChain?: string[];
+    attestationEndpoint?: string;
+}>;
+/**
+ * TEE key binding - binds a DID key to an enclave
+ */
+export interface TEEKeyBinding {
+    /** DID verification method ID */
+    didKeyId: string;
+    /** Enclave key identifier */
+    enclaveKeyId: string;
+    /** Cryptographic binding proof */
+    bindingProof: string;
+    /** When the binding was created */
+    boundAt: Date;
+    /** Binding validity period */
+    validUntil?: Date;
+}
+export declare const teeKeyBindingSchema: z.ZodObject<{
+    didKeyId: z.ZodString;
+    enclaveKeyId: z.ZodString;
+    bindingProof: z.ZodString;
+    boundAt: z.ZodDate;
+    validUntil: z.ZodOptional<z.ZodDate>;
+}, "strip", z.ZodTypeAny, {
+    validUntil?: Date;
+    didKeyId?: string;
+    enclaveKeyId?: string;
+    bindingProof?: string;
+    boundAt?: Date;
+}, {
+    validUntil?: Date;
+    didKeyId?: string;
+    enclaveKeyId?: string;
+    bindingProof?: string;
+    boundAt?: Date;
+}>;
+/**
+ * TEE configuration
+ */
+export interface TEEConfig {
+    /** Which trust tiers require TEE (default: T4+) */
+    requiredForTiers: TrustTier[];
+    /** Allowed TEE platforms */
+    allowedPlatforms: TEEPlatform[];
+    /** Maximum attestation age before re-attestation required (seconds) */
+    maxAttestationAge: number;
+    /** Expected code measurements for verification */
+    expectedMeasurements?: Record<string, string>;
+    /** Attestation verification endpoint */
+    attestationVerificationEndpoint?: string;
+}
+export declare const teeConfigSchema: z.ZodObject<{
+    requiredForTiers: z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+        readonly T6: 6;
+        readonly T7: 7;
+    }>, "many">>;
+    allowedPlatforms: z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+        readonly SGX: "sgx";
+        readonly NITRO: "nitro";
+        readonly SEV: "sev";
+        readonly TRUSTZONE: "trustzone";
+        readonly SECURE_ENCLAVE: "secure-enclave";
+    }>, "many">>;
+    maxAttestationAge: z.ZodDefault<z.ZodNumber>;
+    expectedMeasurements: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+    attestationVerificationEndpoint: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+    allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+    maxAttestationAge?: number;
+    expectedMeasurements?: Record<string, string>;
+    attestationVerificationEndpoint?: string;
+}, {
+    requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+    allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+    maxAttestationAge?: number;
+    expectedMeasurements?: Record<string, string>;
+    attestationVerificationEndpoint?: string;
+}>;
+/**
+ * TEE verification result
+ */
+export interface TEEVerificationResult {
+    /** Whether verification succeeded */
+    valid: boolean;
+    /** Verification error reason */
+    reason?: string;
+    /** Platform that was verified */
+    platform?: TEEPlatform;
+    /** Verified measurement hash */
+    measurementHash?: string;
+    /** Verification timestamp */
+    verifiedAt: string;
+}
+export declare const teeVerificationResultSchema: z.ZodObject<{
+    valid: z.ZodBoolean;
+    reason: z.ZodOptional<z.ZodString>;
+    platform: z.ZodOptional<z.ZodNativeEnum<{
+        readonly SGX: "sgx";
+        readonly NITRO: "nitro";
+        readonly SEV: "sev";
+        readonly TRUSTZONE: "trustzone";
+        readonly SECURE_ENCLAVE: "secure-enclave";
+    }>>;
+    measurementHash: z.ZodOptional<z.ZodString>;
+    verifiedAt: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    valid?: boolean;
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    reason?: string;
+    verifiedAt?: string;
+    measurementHash?: string;
+}, {
+    valid?: boolean;
+    platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+    reason?: string;
+    verifiedAt?: string;
+    measurementHash?: string;
+}>;
+/**
+ * Data types that may require pairwise DIDs
+ */
+export declare const DataClassification: {
+    readonly PUBLIC: "public";
+    readonly BUSINESS: "business";
+    readonly PERSONAL: "personal";
+    readonly SENSITIVE: "sensitive";
+    readonly REGULATED: "regulated";
+};
+export type DataClassification = (typeof DataClassification)[keyof typeof DataClassification];
+export declare const dataClassificationSchema: z.ZodNativeEnum<{
+    readonly PUBLIC: "public";
+    readonly BUSINESS: "business";
+    readonly PERSONAL: "personal";
+    readonly SENSITIVE: "sensitive";
+    readonly REGULATED: "regulated";
+}>;
+/**
+ * Pairwise DID derivation algorithm
+ */
+export declare const PairwiseDerivationAlgorithm: {
+    readonly SHA256: "sha256";
+    readonly HKDF: "hkdf";
+};
+export type PairwiseDerivationAlgorithm = (typeof PairwiseDerivationAlgorithm)[keyof typeof PairwiseDerivationAlgorithm];
+export declare const pairwiseDerivationAlgorithmSchema: z.ZodNativeEnum<{
+    readonly SHA256: "sha256";
+    readonly HKDF: "hkdf";
+}>;
+/**
+ * Pairwise DID configuration
+ */
+export interface PairwiseDIDConfig {
+    /** Data types that require pairwise DIDs */
+    requiredForDataTypes: DataClassification[];
+    /** Derivation algorithm */
+    derivationAlgorithm: PairwiseDerivationAlgorithm;
+    /** Salt length in bytes */
+    saltLength: number;
+    /** Info string for HKDF derivation */
+    hkdfInfo?: string;
+}
+export declare const pairwiseDIDConfigSchema: z.ZodObject<{
+    requiredForDataTypes: z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+        readonly PUBLIC: "public";
+        readonly BUSINESS: "business";
+        readonly PERSONAL: "personal";
+        readonly SENSITIVE: "sensitive";
+        readonly REGULATED: "regulated";
+    }>, "many">>;
+    derivationAlgorithm: z.ZodDefault<z.ZodNativeEnum<{
+        readonly SHA256: "sha256";
+        readonly HKDF: "hkdf";
+    }>>;
+    saltLength: z.ZodDefault<z.ZodNumber>;
+    hkdfInfo: z.ZodDefault<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    requiredForDataTypes?: ("public" | "sensitive" | "regulated" | "personal" | "business")[];
+    derivationAlgorithm?: "sha256" | "hkdf";
+    saltLength?: number;
+    hkdfInfo?: string;
+}, {
+    requiredForDataTypes?: ("public" | "sensitive" | "regulated" | "personal" | "business")[];
+    derivationAlgorithm?: "sha256" | "hkdf";
+    saltLength?: number;
+    hkdfInfo?: string;
+}>;
+/**
+ * Pairwise DID derivation record
+ */
+export interface PairwiseDerivation {
+    /** Agent's root/master DID */
+    masterDid: string;
+    /** Relying party's DID */
+    relyingPartyDid: string;
+    /** Random salt for this relationship */
+    contextSalt: string;
+    /** Derived pairwise DID */
+    derivedDid: string;
+    /** When the derivation was created */
+    createdAt: Date;
+}
+export declare const pairwiseDerivationSchema: z.ZodObject<{
+    masterDid: z.ZodString;
+    relyingPartyDid: z.ZodString;
+    contextSalt: z.ZodString;
+    derivedDid: z.ZodString;
+    createdAt: z.ZodDate;
+}, "strip", z.ZodTypeAny, {
+    createdAt?: Date;
+    masterDid?: string;
+    relyingPartyDid?: string;
+    contextSalt?: string;
+    derivedDid?: string;
+}, {
+    createdAt?: Date;
+    masterDid?: string;
+    relyingPartyDid?: string;
+    contextSalt?: string;
+    derivedDid?: string;
+}>;
+/**
+ * Revocation SLA configuration per trust tier
+ */
+export interface RevocationSLA {
+    /** Trust tier this SLA applies to */
+    tier: TrustTier;
+    /** Maximum propagation latency in milliseconds */
+    maxPropagationLatencyMs: number;
+    /** Whether synchronous check is required */
+    syncCheckRequired: boolean;
+    /** Whether token introspection is required */
+    introspectionRequired: boolean;
+}
+export declare const revocationSLASchema: z.ZodObject<{
+    tier: z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+        readonly T6: 6;
+        readonly T7: 7;
+    }>;
+    maxPropagationLatencyMs: z.ZodNumber;
+    syncCheckRequired: z.ZodBoolean;
+    introspectionRequired: z.ZodBoolean;
+}, "strip", z.ZodTypeAny, {
+    tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+    maxPropagationLatencyMs?: number;
+    syncCheckRequired?: boolean;
+    introspectionRequired?: boolean;
+}, {
+    tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+    maxPropagationLatencyMs?: number;
+    syncCheckRequired?: boolean;
+    introspectionRequired?: boolean;
+}>;
+/**
+ * Default revocation SLAs per CAR ID spec
+ */
+export declare const DEFAULT_REVOCATION_SLAS: RevocationSLA[];
+/**
+ * Revocation propagation policy
+ */
+export interface RevocationPropagationPolicy {
+    /** Whether to terminate descendant delegations */
+    terminateDescendants: boolean;
+    /** Grace period before termination (milliseconds) */
+    gracePeriodMs: number;
+    /** Whether to notify webhooks */
+    notifyWebhooks: boolean;
+}
+export declare const revocationPropagationPolicySchema: z.ZodObject<{
+    terminateDescendants: z.ZodDefault<z.ZodBoolean>;
+    gracePeriodMs: z.ZodDefault<z.ZodNumber>;
+    notifyWebhooks: z.ZodDefault<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    gracePeriodMs?: number;
+    terminateDescendants?: boolean;
+    notifyWebhooks?: boolean;
+}, {
+    gracePeriodMs?: number;
+    terminateDescendants?: boolean;
+    notifyWebhooks?: boolean;
+}>;
+/**
+ * Revocation request
+ */
+export interface RevocationPropagation {
+    /** DID of agent to revoke */
+    revokedDid: string;
+    /** Reason for revocation */
+    reason: string;
+    /** Propagation policy */
+    propagationPolicy: RevocationPropagationPolicy;
+}
+export declare const revocationPropagationSchema: z.ZodObject<{
+    revokedDid: z.ZodString;
+    reason: z.ZodString;
+    propagationPolicy: z.ZodObject<{
+        terminateDescendants: z.ZodDefault<z.ZodBoolean>;
+        gracePeriodMs: z.ZodDefault<z.ZodNumber>;
+        notifyWebhooks: z.ZodDefault<z.ZodBoolean>;
+    }, "strip", z.ZodTypeAny, {
+        gracePeriodMs?: number;
+        terminateDescendants?: boolean;
+        notifyWebhooks?: boolean;
+    }, {
+        gracePeriodMs?: number;
+        terminateDescendants?: boolean;
+        notifyWebhooks?: boolean;
+    }>;
+}, "strip", z.ZodTypeAny, {
+    reason?: string;
+    revokedDid?: string;
+    propagationPolicy?: {
+        gracePeriodMs?: number;
+        terminateDescendants?: boolean;
+        notifyWebhooks?: boolean;
+    };
+}, {
+    reason?: string;
+    revokedDid?: string;
+    propagationPolicy?: {
+        gracePeriodMs?: number;
+        terminateDescendants?: boolean;
+        notifyWebhooks?: boolean;
+    };
+}>;
+/**
+ * Revocation result
+ */
+export interface RevocationResult {
+    /** Unique revocation ID */
+    revocationId: string;
+    /** DID that was revoked */
+    revokedDid: string;
+    /** DIDs of descendants that were also revoked */
+    descendantsRevoked: string[];
+    /** Number of tokens invalidated */
+    tokensInvalidated: number;
+    /** Whether propagation completed successfully */
+    propagationComplete: boolean;
+    /** Revocation timestamp */
+    timestamp: Date;
+}
+export declare const revocationResultSchema: z.ZodObject<{
+    revocationId: z.ZodString;
+    revokedDid: z.ZodString;
+    descendantsRevoked: z.ZodArray<z.ZodString, "many">;
+    tokensInvalidated: z.ZodNumber;
+    propagationComplete: z.ZodBoolean;
+    timestamp: z.ZodDate;
+}, "strip", z.ZodTypeAny, {
+    timestamp?: Date;
+    revocationId?: string;
+    revokedDid?: string;
+    descendantsRevoked?: string[];
+    tokensInvalidated?: number;
+    propagationComplete?: boolean;
+}, {
+    timestamp?: Date;
+    revocationId?: string;
+    revokedDid?: string;
+    descendantsRevoked?: string[];
+    tokensInvalidated?: number;
+    propagationComplete?: boolean;
+}>;
+/**
+ * Revocation status
+ */
+export declare const RevocationStatusEnum: {
+    readonly ACTIVE: "active";
+    readonly REVOKED: "revoked";
+    readonly PENDING: "pending";
+};
+export type RevocationStatusEnum = (typeof RevocationStatusEnum)[keyof typeof RevocationStatusEnum];
+export declare const revocationStatusEnumSchema: z.ZodNativeEnum<{
+    readonly ACTIVE: "active";
+    readonly REVOKED: "revoked";
+    readonly PENDING: "pending";
+}>;
+/**
+ * Revocation status response
+ */
+export interface RevocationStatus {
+    /** DID being checked */
+    did: string;
+    /** Current status */
+    status: RevocationStatusEnum;
+    /** Revocation timestamp if revoked */
+    revokedAt?: Date;
+    /** Revocation reason if revoked */
+    reason?: string;
+    /** Whether this is from cache or sync check */
+    fromCache: boolean;
+    /** Cache age in milliseconds */
+    cacheAgeMs?: number;
+}
+export declare const revocationStatusSchema: z.ZodObject<{
+    did: z.ZodString;
+    status: z.ZodNativeEnum<{
+        readonly ACTIVE: "active";
+        readonly REVOKED: "revoked";
+        readonly PENDING: "pending";
+    }>;
+    revokedAt: z.ZodOptional<z.ZodDate>;
+    reason: z.ZodOptional<z.ZodString>;
+    fromCache: z.ZodBoolean;
+    cacheAgeMs: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    status?: "pending" | "active" | "revoked";
+    reason?: string;
+    revokedAt?: Date;
+    fromCache?: boolean;
+    did?: string;
+    cacheAgeMs?: number;
+}, {
+    status?: "pending" | "active" | "revoked";
+    reason?: string;
+    revokedAt?: Date;
+    fromCache?: boolean;
+    did?: string;
+    cacheAgeMs?: number;
+}>;
+/**
+ * Revocation event for webhooks/subscriptions
+ */
+export interface RevocationEvent {
+    /** Event type */
+    type: 'agent.revoked' | 'delegation.terminated' | 'token.invalidated';
+    /** Revocation ID */
+    revocationId: string;
+    /** Affected DID */
+    did: string;
+    /** Revocation reason */
+    reason: string;
+    /** Event timestamp */
+    timestamp: Date;
+    /** Additional metadata */
+    metadata?: Record<string, unknown>;
+}
+export declare const revocationEventSchema: z.ZodObject<{
+    type: z.ZodEnum<["agent.revoked", "delegation.terminated", "token.invalidated"]>;
+    revocationId: z.ZodString;
+    did: z.ZodString;
+    reason: z.ZodString;
+    timestamp: z.ZodDate;
+    metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+}, "strip", z.ZodTypeAny, {
+    type?: "agent.revoked" | "delegation.terminated" | "token.invalidated";
+    timestamp?: Date;
+    metadata?: Record<string, unknown>;
+    reason?: string;
+    did?: string;
+    revocationId?: string;
+}, {
+    type?: "agent.revoked" | "delegation.terminated" | "token.invalidated";
+    timestamp?: Date;
+    metadata?: Record<string, unknown>;
+    reason?: string;
+    did?: string;
+    revocationId?: string;
+}>;
+/**
+ * Token lifetime configuration per CAR ID spec
+ */
+export interface TokenLifetimeConfig {
+    /** Access token maximum TTL in seconds (default: 300 = 5 min) */
+    accessTokenMaxTTL: number;
+    /** Refresh token maximum TTL in seconds (default: 86400 = 24 hr) */
+    refreshTokenMaxTTL: number;
+    /** ID token maximum TTL in seconds (default: 300 = 5 min) */
+    idTokenMaxTTL: number;
+    /** TTL for high-value operations L3+ (default: 60 = 1 min) */
+    highValueOperationTTL: number;
+    /** Threshold for proactive refresh (percentage of TTL remaining) */
+    refreshThreshold: number;
+}
+export declare const tokenLifetimeConfigSchema: z.ZodObject<{
+    accessTokenMaxTTL: z.ZodDefault<z.ZodNumber>;
+    refreshTokenMaxTTL: z.ZodDefault<z.ZodNumber>;
+    idTokenMaxTTL: z.ZodDefault<z.ZodNumber>;
+    highValueOperationTTL: z.ZodDefault<z.ZodNumber>;
+    refreshThreshold: z.ZodDefault<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    refreshThreshold?: number;
+    accessTokenMaxTTL?: number;
+    refreshTokenMaxTTL?: number;
+    idTokenMaxTTL?: number;
+    highValueOperationTTL?: number;
+}, {
+    refreshThreshold?: number;
+    accessTokenMaxTTL?: number;
+    refreshTokenMaxTTL?: number;
+    idTokenMaxTTL?: number;
+    highValueOperationTTL?: number;
+}>;
+/**
+ * Default token lifetime configuration
+ */
+export declare const DEFAULT_TOKEN_LIFETIME_CONFIG: TokenLifetimeConfig;
+/**
+ * Token introspection result per RFC 7662
+ */
+export interface IntrospectionResult {
+    /** Whether the token is active */
+    active: boolean;
+    /** Token scope */
+    scope?: string;
+    /** Client ID */
+    clientId?: string;
+    /** Username (subject) */
+    username?: string;
+    /** Token type */
+    tokenType?: string;
+    /** Expiration timestamp */
+    exp?: number;
+    /** Issued at timestamp */
+    iat?: number;
+    /** Not before timestamp */
+    nbf?: number;
+    /** Subject identifier */
+    sub?: string;
+    /** Audience */
+    aud?: string | string[];
+    /** Issuer */
+    iss?: string;
+    /** JWT ID */
+    jti?: string;
+    /** DPoP key confirmation */
+    cnf?: {
+        jkt?: string;
+    };
+    /** Introspection timestamp */
+    introspectedAt: string;
+    /** Whether result is from cache */
+    fromCache: boolean;
+}
+export declare const introspectionResultSchema: z.ZodObject<{
+    active: z.ZodBoolean;
+    scope: z.ZodOptional<z.ZodString>;
+    clientId: z.ZodOptional<z.ZodString>;
+    username: z.ZodOptional<z.ZodString>;
+    tokenType: z.ZodOptional<z.ZodString>;
+    exp: z.ZodOptional<z.ZodNumber>;
+    iat: z.ZodOptional<z.ZodNumber>;
+    nbf: z.ZodOptional<z.ZodNumber>;
+    sub: z.ZodOptional<z.ZodString>;
+    aud: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
+    iss: z.ZodOptional<z.ZodString>;
+    jti: z.ZodOptional<z.ZodString>;
+    cnf: z.ZodOptional<z.ZodObject<{
+        jkt: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        jkt?: string;
+    }, {
+        jkt?: string;
+    }>>;
+    introspectedAt: z.ZodString;
+    fromCache: z.ZodBoolean;
+}, "strip", z.ZodTypeAny, {
+    sub?: string;
+    iss?: string;
+    aud?: string | string[];
+    exp?: number;
+    iat?: number;
+    clientId?: string;
+    scope?: string;
+    active?: boolean;
+    username?: string;
+    jti?: string;
+    fromCache?: boolean;
+    tokenType?: string;
+    nbf?: number;
+    cnf?: {
+        jkt?: string;
+    };
+    introspectedAt?: string;
+}, {
+    sub?: string;
+    iss?: string;
+    aud?: string | string[];
+    exp?: number;
+    iat?: number;
+    clientId?: string;
+    scope?: string;
+    active?: boolean;
+    username?: string;
+    jti?: string;
+    fromCache?: boolean;
+    tokenType?: string;
+    nbf?: number;
+    cnf?: {
+        jkt?: string;
+    };
+    introspectedAt?: string;
+}>;
+/**
+ * Agent identity for security context
+ */
+export interface AgentIdentity {
+    /** Agent DID */
+    did: string;
+    /** Trust tier */
+    trustTier: TrustTier;
+    /** Capability level (L0-L5) */
+    capabilityLevel: number;
+    /** DID document */
+    didDocument?: unknown;
+    /** TEE binding if present */
+    teeBinding?: TEEKeyBinding;
+    /** Attestation chain */
+    attestationChain?: unknown[];
+}
+export declare const agentIdentitySchema: z.ZodObject<{
+    did: z.ZodString;
+    trustTier: z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+        readonly T6: 6;
+        readonly T7: 7;
+    }>;
+    capabilityLevel: z.ZodNumber;
+    didDocument: z.ZodOptional<z.ZodUnknown>;
+    teeBinding: z.ZodOptional<z.ZodObject<{
+        didKeyId: z.ZodString;
+        enclaveKeyId: z.ZodString;
+        bindingProof: z.ZodString;
+        boundAt: z.ZodDate;
+        validUntil: z.ZodOptional<z.ZodDate>;
+    }, "strip", z.ZodTypeAny, {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    }, {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    }>>;
+    attestationChain: z.ZodOptional<z.ZodArray<z.ZodUnknown, "many">>;
+}, "strip", z.ZodTypeAny, {
+    did?: string;
+    trustTier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+    capabilityLevel?: number;
+    didDocument?: unknown;
+    teeBinding?: {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    };
+    attestationChain?: unknown[];
+}, {
+    did?: string;
+    trustTier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+    capabilityLevel?: number;
+    didDocument?: unknown;
+    teeBinding?: {
+        validUntil?: Date;
+        didKeyId?: string;
+        enclaveKeyId?: string;
+        bindingProof?: string;
+        boundAt?: Date;
+    };
+    attestationChain?: unknown[];
+}>;
+/**
+ * Action request for security evaluation
+ */
+export interface ActionRequest {
+    /** Request ID */
+    requestId: string;
+    /** HTTP method */
+    method: string;
+    /** Request URI */
+    uri: string;
+    /** Action type/name */
+    actionType: string;
+    /** Action level (L0-L5) */
+    actionLevel: number;
+    /** Domain codes */
+    domains?: string[];
+    /** Whether this is a high-value operation */
+    isHighValue?: boolean;
+    /** Data classification */
+    dataClassification?: DataClassification;
+}
+export declare const actionRequestSchema: z.ZodObject<{
+    requestId: z.ZodString;
+    method: z.ZodString;
+    uri: z.ZodString;
+    actionType: z.ZodString;
+    actionLevel: z.ZodNumber;
+    domains: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    isHighValue: z.ZodOptional<z.ZodBoolean>;
+    dataClassification: z.ZodOptional<z.ZodNativeEnum<{
+        readonly PUBLIC: "public";
+        readonly BUSINESS: "business";
+        readonly PERSONAL: "personal";
+        readonly SENSITIVE: "sensitive";
+        readonly REGULATED: "regulated";
+    }>>;
+}, "strip", z.ZodTypeAny, {
+    method?: string;
+    requestId?: string;
+    dataClassification?: "public" | "sensitive" | "regulated" | "personal" | "business";
+    actionType?: string;
+    domains?: string[];
+    uri?: string;
+    actionLevel?: number;
+    isHighValue?: boolean;
+}, {
+    method?: string;
+    requestId?: string;
+    dataClassification?: "public" | "sensitive" | "regulated" | "personal" | "business";
+    actionType?: string;
+    domains?: string[];
+    uri?: string;
+    actionLevel?: number;
+    isHighValue?: boolean;
+}>;
+/**
+ * Security context for validation
+ */
+export interface SecurityContext {
+    /** Agent identity */
+    agent: AgentIdentity;
+    /** Current action request */
+    request: ActionRequest;
+    /** Access token */
+    accessToken: string;
+    /** DPoP proof if present */
+    dpopProof?: string;
+    /** DPoP public key */
+    dpopKey?: JsonWebKey;
+    /** TEE attestation if present */
+    teeAttestation?: TEEAttestation;
+    /** Pairwise DID if used */
+    pairwiseDid?: string;
+}
+export declare const securityContextSchema: z.ZodObject<{
+    agent: z.ZodObject<{
+        did: z.ZodString;
+        trustTier: z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+            readonly T6: 6;
+            readonly T7: 7;
+        }>;
+        capabilityLevel: z.ZodNumber;
+        didDocument: z.ZodOptional<z.ZodUnknown>;
+        teeBinding: z.ZodOptional<z.ZodObject<{
+            didKeyId: z.ZodString;
+            enclaveKeyId: z.ZodString;
+            bindingProof: z.ZodString;
+            boundAt: z.ZodDate;
+            validUntil: z.ZodOptional<z.ZodDate>;
+        }, "strip", z.ZodTypeAny, {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        }, {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        }>>;
+        attestationChain: z.ZodOptional<z.ZodArray<z.ZodUnknown, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        did?: string;
+        trustTier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    }, {
+        did?: string;
+        trustTier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    }>;
+    request: z.ZodObject<{
+        requestId: z.ZodString;
+        method: z.ZodString;
+        uri: z.ZodString;
+        actionType: z.ZodString;
+        actionLevel: z.ZodNumber;
+        domains: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        isHighValue: z.ZodOptional<z.ZodBoolean>;
+        dataClassification: z.ZodOptional<z.ZodNativeEnum<{
+            readonly PUBLIC: "public";
+            readonly BUSINESS: "business";
+            readonly PERSONAL: "personal";
+            readonly SENSITIVE: "sensitive";
+            readonly REGULATED: "regulated";
+        }>>;
+    }, "strip", z.ZodTypeAny, {
+        method?: string;
+        requestId?: string;
+        dataClassification?: "public" | "sensitive" | "regulated" | "personal" | "business";
+        actionType?: string;
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    }, {
+        method?: string;
+        requestId?: string;
+        dataClassification?: "public" | "sensitive" | "regulated" | "personal" | "business";
+        actionType?: string;
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    }>;
+    accessToken: z.ZodString;
+    dpopProof: z.ZodOptional<z.ZodString>;
+    dpopKey: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+    teeAttestation: z.ZodOptional<z.ZodObject<{
+        platform: z.ZodNativeEnum<{
+            readonly SGX: "sgx";
+            readonly NITRO: "nitro";
+            readonly SEV: "sev";
+            readonly TRUSTZONE: "trustzone";
+            readonly SECURE_ENCLAVE: "secure-enclave";
+        }>;
+        measurementHash: z.ZodString;
+        timestamp: z.ZodDate;
+        enclaveId: z.ZodString;
+        pcrs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
+        signature: z.ZodOptional<z.ZodString>;
+        certificateChain: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        attestationEndpoint: z.ZodOptional<z.ZodString>;
+        validUntil: z.ZodOptional<z.ZodDate>;
+    }, "strip", z.ZodTypeAny, {
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        timestamp?: Date;
+        signature?: string;
+        validUntil?: Date;
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+    }, {
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        timestamp?: Date;
+        signature?: string;
+        validUntil?: Date;
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+    }>>;
+    pairwiseDid: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    agent?: {
+        did?: string;
+        trustTier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    };
+    request?: {
+        method?: string;
+        requestId?: string;
+        dataClassification?: "public" | "sensitive" | "regulated" | "personal" | "business";
+        actionType?: string;
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    };
+    accessToken?: string;
+    dpopProof?: string;
+    dpopKey?: Record<string, unknown>;
+    teeAttestation?: {
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        timestamp?: Date;
+        signature?: string;
+        validUntil?: Date;
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+    };
+    pairwiseDid?: string;
+}, {
+    agent?: {
+        did?: string;
+        trustTier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        capabilityLevel?: number;
+        didDocument?: unknown;
+        teeBinding?: {
+            validUntil?: Date;
+            didKeyId?: string;
+            enclaveKeyId?: string;
+            bindingProof?: string;
+            boundAt?: Date;
+        };
+        attestationChain?: unknown[];
+    };
+    request?: {
+        method?: string;
+        requestId?: string;
+        dataClassification?: "public" | "sensitive" | "regulated" | "personal" | "business";
+        actionType?: string;
+        domains?: string[];
+        uri?: string;
+        actionLevel?: number;
+        isHighValue?: boolean;
+    };
+    accessToken?: string;
+    dpopProof?: string;
+    dpopKey?: Record<string, unknown>;
+    teeAttestation?: {
+        platform?: "sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave";
+        timestamp?: Date;
+        signature?: string;
+        validUntil?: Date;
+        measurementHash?: string;
+        enclaveId?: string;
+        pcrs?: Record<string, string>;
+        certificateChain?: string[];
+        attestationEndpoint?: string;
+    };
+    pairwiseDid?: string;
+}>;
+/**
+ * Security validation result
+ */
+export interface SecurityValidationResult {
+    /** Whether validation passed */
+    valid: boolean;
+    /** Validation errors */
+    errors: SecurityValidationError[];
+    /** Applied security level */
+    securityLevel: SecurityConformanceLevel;
+    /** Warnings (non-fatal) */
+    warnings: string[];
+    /** Validation timestamp */
+    validatedAt: string;
+}
+export interface SecurityValidationError {
+    /** Error code */
+    code: string;
+    /** Error message */
+    message: string;
+    /** Component that failed */
+    component: 'dpop' | 'tee' | 'pairwise' | 'revocation' | 'token' | 'introspection';
+}
+export declare const securityValidationErrorSchema: z.ZodObject<{
+    code: z.ZodString;
+    message: z.ZodString;
+    component: z.ZodEnum<["dpop", "tee", "pairwise", "revocation", "token", "introspection"]>;
+}, "strip", z.ZodTypeAny, {
+    code?: string;
+    message?: string;
+    component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+}, {
+    code?: string;
+    message?: string;
+    component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+}>;
+export declare const securityValidationResultSchema: z.ZodObject<{
+    valid: z.ZodBoolean;
+    errors: z.ZodArray<z.ZodObject<{
+        code: z.ZodString;
+        message: z.ZodString;
+        component: z.ZodEnum<["dpop", "tee", "pairwise", "revocation", "token", "introspection"]>;
+    }, "strip", z.ZodTypeAny, {
+        code?: string;
+        message?: string;
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+    }, {
+        code?: string;
+        message?: string;
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+    }>, "many">;
+    securityLevel: z.ZodNativeEnum<{
+        readonly NONE: "none";
+        readonly SH1_BASIC: "sh-1";
+        readonly SH2_STANDARD: "sh-2";
+        readonly SH3_HARDENED: "sh-3";
+    }>;
+    warnings: z.ZodArray<z.ZodString, "many">;
+    validatedAt: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    valid?: boolean;
+    errors?: {
+        code?: string;
+        message?: string;
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+    }[];
+    securityLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+    warnings?: string[];
+    validatedAt?: string;
+}, {
+    valid?: boolean;
+    errors?: {
+        code?: string;
+        message?: string;
+        component?: "token" | "dpop" | "tee" | "pairwise" | "revocation" | "introspection";
+    }[];
+    securityLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+    warnings?: string[];
+    validatedAt?: string;
+}>;
+/**
+ * Pre-request security check result
+ */
+export interface PreRequestResult {
+    /** Whether request can proceed */
+    allow: boolean;
+    /** Required actions before proceeding */
+    requiredActions?: ('dpop' | 'tee_attestation' | 'pairwise_did' | 'introspection')[];
+    /** Security requirements for this request */
+    requirements: SecurityRequirements;
+    /** Denial reason if not allowed */
+    denyReason?: string;
+}
+export declare const preRequestResultSchema: z.ZodObject<{
+    allow: z.ZodBoolean;
+    requiredActions: z.ZodOptional<z.ZodArray<z.ZodEnum<["dpop", "tee_attestation", "pairwise_did", "introspection"]>, "many">>;
+    requirements: z.ZodLazy<z.ZodObject<{
+        tier: z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+            readonly T6: 6;
+            readonly T7: 7;
+        }>;
+        conformanceLevel: z.ZodNativeEnum<{
+            readonly NONE: "none";
+            readonly SH1_BASIC: "sh-1";
+            readonly SH2_STANDARD: "sh-2";
+            readonly SH3_HARDENED: "sh-3";
+        }>;
+        dpopRequired: z.ZodBoolean;
+        teeRequired: z.ZodBoolean;
+        pairwiseRequired: z.ZodBoolean;
+        syncRevocationRequired: z.ZodBoolean;
+        maxTokenTTL: z.ZodNumber;
+        maxChainDepth: z.ZodNumber;
+    }, "strip", z.ZodTypeAny, {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    }, {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    }>>;
+    denyReason: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    allow?: boolean;
+    requirements?: {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    };
+    requiredActions?: ("dpop" | "introspection" | "tee_attestation" | "pairwise_did")[];
+    denyReason?: string;
+}, {
+    allow?: boolean;
+    requirements?: {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+        dpopRequired?: boolean;
+        teeRequired?: boolean;
+        pairwiseRequired?: boolean;
+        syncRevocationRequired?: boolean;
+        maxTokenTTL?: number;
+        maxChainDepth?: number;
+    };
+    requiredActions?: ("dpop" | "introspection" | "tee_attestation" | "pairwise_did")[];
+    denyReason?: string;
+}>;
+/**
+ * High-value operation check result
+ */
+export interface HighValueCheckResult {
+    /** Whether operation can proceed */
+    allow: boolean;
+    /** Whether introspection was performed */
+    introspectionPerformed: boolean;
+    /** Whether revocation was checked synchronously */
+    syncRevocationCheck: boolean;
+    /** Token remaining TTL in seconds */
+    tokenTTLRemaining?: number;
+    /** Denial reason if not allowed */
+    denyReason?: string;
+}
+export declare const highValueCheckResultSchema: z.ZodObject<{
+    allow: z.ZodBoolean;
+    introspectionPerformed: z.ZodBoolean;
+    syncRevocationCheck: z.ZodBoolean;
+    tokenTTLRemaining: z.ZodOptional<z.ZodNumber>;
+    denyReason: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    allow?: boolean;
+    denyReason?: string;
+    introspectionPerformed?: boolean;
+    syncRevocationCheck?: boolean;
+    tokenTTLRemaining?: number;
+}, {
+    allow?: boolean;
+    denyReason?: string;
+    introspectionPerformed?: boolean;
+    syncRevocationCheck?: boolean;
+    tokenTTLRemaining?: number;
+}>;
+/**
+ * Security requirements for a trust tier
+ */
+export interface SecurityRequirements {
+    /** Trust tier */
+    tier: TrustTier;
+    /** Required conformance level */
+    conformanceLevel: SecurityConformanceLevel;
+    /** Whether DPoP is required */
+    dpopRequired: boolean;
+    /** Whether TEE binding is required */
+    teeRequired: boolean;
+    /** Whether pairwise DIDs are required */
+    pairwiseRequired: boolean;
+    /** Whether sync revocation check is required */
+    syncRevocationRequired: boolean;
+    /** Maximum token TTL */
+    maxTokenTTL: number;
+    /** Maximum delegation chain depth */
+    maxChainDepth: number;
+}
+export declare const securityRequirementsSchema: z.ZodObject<{
+    tier: z.ZodNativeEnum<{
+        readonly T0: 0;
+        readonly T1: 1;
+        readonly T2: 2;
+        readonly T3: 3;
+        readonly T4: 4;
+        readonly T5: 5;
+        readonly T6: 6;
+        readonly T7: 7;
+    }>;
+    conformanceLevel: z.ZodNativeEnum<{
+        readonly NONE: "none";
+        readonly SH1_BASIC: "sh-1";
+        readonly SH2_STANDARD: "sh-2";
+        readonly SH3_HARDENED: "sh-3";
+    }>;
+    dpopRequired: z.ZodBoolean;
+    teeRequired: z.ZodBoolean;
+    pairwiseRequired: z.ZodBoolean;
+    syncRevocationRequired: z.ZodBoolean;
+    maxTokenTTL: z.ZodNumber;
+    maxChainDepth: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+    conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+    dpopRequired?: boolean;
+    teeRequired?: boolean;
+    pairwiseRequired?: boolean;
+    syncRevocationRequired?: boolean;
+    maxTokenTTL?: number;
+    maxChainDepth?: number;
+}, {
+    tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+    conformanceLevel?: "none" | "sh-1" | "sh-2" | "sh-3";
+    dpopRequired?: boolean;
+    teeRequired?: boolean;
+    pairwiseRequired?: boolean;
+    syncRevocationRequired?: boolean;
+    maxTokenTTL?: number;
+    maxChainDepth?: number;
+}>;
+/**
+ * Get security requirements for a trust tier
+ */
+export declare function getSecurityRequirementsForTier(tier: TrustTier): SecurityRequirements;
+/**
+ * Incoming request structure for middleware
+ */
+export interface IncomingRequest {
+    /** Request ID */
+    requestId: string;
+    /** HTTP method */
+    method: string;
+    /** Request URI */
+    uri: string;
+    /** Authorization header */
+    authorization?: string;
+    /** DPoP header */
+    dpop?: string;
+    /** Additional headers */
+    headers: Record<string, string | string[] | undefined>;
+}
+export declare const incomingRequestSchema: z.ZodObject<{
+    requestId: z.ZodString;
+    method: z.ZodString;
+    uri: z.ZodString;
+    authorization: z.ZodOptional<z.ZodString>;
+    dpop: z.ZodOptional<z.ZodString>;
+    headers: z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">, z.ZodUndefined]>>;
+}, "strip", z.ZodTypeAny, {
+    authorization?: string;
+    headers?: Record<string, string | string[]>;
+    method?: string;
+    requestId?: string;
+    uri?: string;
+    dpop?: string;
+}, {
+    authorization?: string;
+    headers?: Record<string, string | string[]>;
+    method?: string;
+    requestId?: string;
+    uri?: string;
+    dpop?: string;
+}>;
+/**
+ * JTI cache interface for DPoP replay prevention
+ */
+export interface JTICache {
+    /** Store JTI with expiration */
+    store(jti: string, expiresAt: Date): Promise<void>;
+    /** Check if JTI has been seen */
+    exists(jti: string): Promise<boolean>;
+}
+/**
+ * Security plugin options for Fastify
+ */
+export interface SecurityPluginOptions {
+    /** DPoP configuration */
+    dpop?: Partial<DPoPConfig>;
+    /** TEE configuration */
+    tee?: Partial<TEEConfig>;
+    /** Pairwise DID configuration */
+    pairwiseDid?: Partial<PairwiseDIDConfig>;
+    /** Revocation SLA overrides */
+    revocationSLAs?: RevocationSLA[];
+    /** Token lifetime configuration */
+    tokenLifetime?: Partial<TokenLifetimeConfig>;
+    /** Token introspection endpoint */
+    introspectionEndpoint?: string;
+    /** Skip security checks for certain paths */
+    skipPaths?: string[];
+    /** Enable metrics collection */
+    enableMetrics?: boolean;
+}
+export declare const securityPluginOptionsSchema: z.ZodObject<{
+    dpop: z.ZodOptional<z.ZodObject<{
+        requiredForTiers: z.ZodOptional<z.ZodArray<z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+            readonly T6: 6;
+            readonly T7: 7;
+        }>, "many">>;
+        maxProofAge: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        nonceRequired: z.ZodOptional<z.ZodDefault<z.ZodBoolean>>;
+        clockSkewTolerance: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        allowedAlgorithms: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodEnum<["ES256", "ES384", "ES512"]>, "many">>>;
+    }, "strip", z.ZodTypeAny, {
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+        clockSkewTolerance?: number;
+        maxProofAge?: number;
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        nonceRequired?: boolean;
+    }, {
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+        clockSkewTolerance?: number;
+        maxProofAge?: number;
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        nonceRequired?: boolean;
+    }>>;
+    tee: z.ZodOptional<z.ZodObject<{
+        requiredForTiers: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+            readonly T6: 6;
+            readonly T7: 7;
+        }>, "many">>>;
+        allowedPlatforms: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+            readonly SGX: "sgx";
+            readonly NITRO: "nitro";
+            readonly SEV: "sev";
+            readonly TRUSTZONE: "trustzone";
+            readonly SECURE_ENCLAVE: "secure-enclave";
+        }>, "many">>>;
+        maxAttestationAge: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        expectedMeasurements: z.ZodOptional<z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>>;
+        attestationVerificationEndpoint: z.ZodOptional<z.ZodOptional<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    }, {
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    }>>;
+    pairwiseDid: z.ZodOptional<z.ZodObject<{
+        requiredForDataTypes: z.ZodOptional<z.ZodDefault<z.ZodArray<z.ZodNativeEnum<{
+            readonly PUBLIC: "public";
+            readonly BUSINESS: "business";
+            readonly PERSONAL: "personal";
+            readonly SENSITIVE: "sensitive";
+            readonly REGULATED: "regulated";
+        }>, "many">>>;
+        derivationAlgorithm: z.ZodOptional<z.ZodDefault<z.ZodNativeEnum<{
+            readonly SHA256: "sha256";
+            readonly HKDF: "hkdf";
+        }>>>;
+        saltLength: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        hkdfInfo: z.ZodOptional<z.ZodDefault<z.ZodString>>;
+    }, "strip", z.ZodTypeAny, {
+        requiredForDataTypes?: ("public" | "sensitive" | "regulated" | "personal" | "business")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        saltLength?: number;
+        hkdfInfo?: string;
+    }, {
+        requiredForDataTypes?: ("public" | "sensitive" | "regulated" | "personal" | "business")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        saltLength?: number;
+        hkdfInfo?: string;
+    }>>;
+    revocationSLAs: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        tier: z.ZodNativeEnum<{
+            readonly T0: 0;
+            readonly T1: 1;
+            readonly T2: 2;
+            readonly T3: 3;
+            readonly T4: 4;
+            readonly T5: 5;
+            readonly T6: 6;
+            readonly T7: 7;
+        }>;
+        maxPropagationLatencyMs: z.ZodNumber;
+        syncCheckRequired: z.ZodBoolean;
+        introspectionRequired: z.ZodBoolean;
+    }, "strip", z.ZodTypeAny, {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }, {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }>, "many">>;
+    tokenLifetime: z.ZodOptional<z.ZodObject<{
+        accessTokenMaxTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        refreshTokenMaxTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        idTokenMaxTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        highValueOperationTTL: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+        refreshThreshold: z.ZodOptional<z.ZodDefault<z.ZodNumber>>;
+    }, "strip", z.ZodTypeAny, {
+        refreshThreshold?: number;
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+    }, {
+        refreshThreshold?: number;
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+    }>>;
+    introspectionEndpoint: z.ZodOptional<z.ZodString>;
+    skipPaths: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    enableMetrics: z.ZodOptional<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    skipPaths?: string[];
+    pairwiseDid?: {
+        requiredForDataTypes?: ("public" | "sensitive" | "regulated" | "personal" | "business")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        saltLength?: number;
+        hkdfInfo?: string;
+    };
+    dpop?: {
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+        clockSkewTolerance?: number;
+        maxProofAge?: number;
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        nonceRequired?: boolean;
+    };
+    tee?: {
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    };
+    revocationSLAs?: {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }[];
+    tokenLifetime?: {
+        refreshThreshold?: number;
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+    };
+    introspectionEndpoint?: string;
+    enableMetrics?: boolean;
+}, {
+    skipPaths?: string[];
+    pairwiseDid?: {
+        requiredForDataTypes?: ("public" | "sensitive" | "regulated" | "personal" | "business")[];
+        derivationAlgorithm?: "sha256" | "hkdf";
+        saltLength?: number;
+        hkdfInfo?: string;
+    };
+    dpop?: {
+        allowedAlgorithms?: ("ES256" | "ES384" | "ES512")[];
+        clockSkewTolerance?: number;
+        maxProofAge?: number;
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        nonceRequired?: boolean;
+    };
+    tee?: {
+        requiredForTiers?: (0 | 7 | 1 | 2 | 3 | 4 | 5 | 6)[];
+        allowedPlatforms?: ("sgx" | "nitro" | "sev" | "trustzone" | "secure-enclave")[];
+        maxAttestationAge?: number;
+        expectedMeasurements?: Record<string, string>;
+        attestationVerificationEndpoint?: string;
+    };
+    revocationSLAs?: {
+        tier?: 0 | 7 | 1 | 2 | 3 | 4 | 5 | 6;
+        maxPropagationLatencyMs?: number;
+        syncCheckRequired?: boolean;
+        introspectionRequired?: boolean;
+    }[];
+    tokenLifetime?: {
+        refreshThreshold?: number;
+        accessTokenMaxTTL?: number;
+        refreshTokenMaxTTL?: number;
+        idTokenMaxTTL?: number;
+        highValueOperationTTL?: number;
+    };
+    introspectionEndpoint?: string;
+    enableMetrics?: boolean;
+}>;
+//# sourceMappingURL=types.d.ts.map