@vybestack/llxprt-code-core 0.5.0-nightly.251121.9dcb43714 → 0.5.0-nightly.251121.bd93fe760

package/dist/src/policy/config.d.ts

@@ -0,0 +1,51 @@
+/**
+ * Policy Configuration
+ *
+ * Creates PolicyEngineConfig by merging:
+ * 1. Default TOML policy files (read-only, write)
+ * 2. Legacy ApprovalMode migration rules
+ * 3. User-defined TOML policies (if provided)
+ * 4. Runtime rules (e.g., "Always Allow" UI selections)
+ *
+ * Implements legacy migration from ApprovalMode and --allowed-tools to policy rules.
+ */
+import { type PolicyRule, type PolicyEngineConfig } from './types.js';
+import { ApprovalMode } from '../config/config.js';
+/**
+ * Minimal Config interface for policy creation
+ * Avoids circular dependency by only requiring the methods we need
+ */
+export interface PolicyConfigSource {
+    getApprovalMode(): ApprovalMode;
+    getAllowedTools(): string[] | undefined;
+    getNonInteractive(): boolean;
+    getUserPolicyPath?(): string | undefined;
+}
+/**
+ * Converts legacy ApprovalMode and --allowed-tools to policy rules.
+ *
+ * Priority bands:
+ * - 1.999: YOLO mode allow-all (wildcard)
+ * - 1.015: AUTO_EDIT mode write tools
+ * - 2.3: --allowed-tools CLI flag
+ *
+ * @param config - Config object with approval mode and allowed tools
+ * @returns Array of PolicyRule objects representing legacy settings
+ */
+export declare function migrateLegacyApprovalMode(config: PolicyConfigSource): PolicyRule[];
+/**
+ * Creates the full PolicyEngineConfig by merging:
+ * 1. Default TOML policy files (read-only.toml, write.toml)
+ * 2. Legacy ApprovalMode migration rules
+ * 3. User-defined TOML policies (if userPolicyPath provided)
+ * 4. Runtime rules (can be added later via PolicyEngine.addRule)
+ *
+ * Rules are evaluated by priority (highest wins), so:
+ * - User policies (Tier 2: 2.xxx) override defaults (Tier 1: 1.xxx)
+ * - Legacy migration rules slot into appropriate priority bands
+ * - Admin policies (Tier 3: 3.xxx, if added later) override all
+ *
+ * @param config - Config object with policy settings
+ * @returns PolicyEngineConfig ready for PolicyEngine construction
+ */
+export declare function createPolicyEngineConfig(config: PolicyConfigSource): Promise<PolicyEngineConfig>;

package/dist/src/policy/config.js

@@ -0,0 +1,102 @@
+/**
+ * Policy Configuration
+ *
+ * Creates PolicyEngineConfig by merging:
+ * 1. Default TOML policy files (read-only, write)
+ * 2. Legacy ApprovalMode migration rules
+ * 3. User-defined TOML policies (if provided)
+ * 4. Runtime rules (e.g., "Always Allow" UI selections)
+ *
+ * Implements legacy migration from ApprovalMode and --allowed-tools to policy rules.
+ */
+import { PolicyDecision, } from './types.js';
+import { loadDefaultPolicies, loadPolicyFromToml } from './toml-loader.js';
+import { ApprovalMode } from '../config/config.js';
+/**
+ * Converts legacy ApprovalMode and --allowed-tools to policy rules.
+ *
+ * Priority bands:
+ * - 1.999: YOLO mode allow-all (wildcard)
+ * - 1.015: AUTO_EDIT mode write tools
+ * - 2.3: --allowed-tools CLI flag
+ *
+ * @param config - Config object with approval mode and allowed tools
+ * @returns Array of PolicyRule objects representing legacy settings
+ */
+export function migrateLegacyApprovalMode(config) {
+    const rules = [];
+    // Map ApprovalMode
+    const approvalMode = config.getApprovalMode();
+    if (approvalMode === ApprovalMode.YOLO) {
+        // YOLO mode: allow all tools with wildcard rule
+        rules.push({
+            // toolName: undefined means wildcard - matches all tools
+            decision: PolicyDecision.ALLOW,
+            priority: 1.999,
+        });
+    }
+    else if (approvalMode === ApprovalMode.AUTO_EDIT) {
+        // AUTO_EDIT mode: allow write tools at priority 1.015
+        const writeTools = ['edit', 'smart_edit', 'write_file', 'shell', 'memory'];
+        for (const tool of writeTools) {
+            rules.push({
+                toolName: tool,
+                decision: PolicyDecision.ALLOW,
+                priority: 1.015,
+            });
+        }
+    }
+    // ApprovalMode.DEFAULT doesn't add any rules - standard policy stack applies
+    // Map --allowed-tools
+    const allowedTools = config.getAllowedTools() ?? [];
+    for (const tool of allowedTools) {
+        rules.push({
+            toolName: tool,
+            decision: PolicyDecision.ALLOW,
+            priority: 2.3,
+        });
+    }
+    return rules;
+}
+/**
+ * Creates the full PolicyEngineConfig by merging:
+ * 1. Default TOML policy files (read-only.toml, write.toml)
+ * 2. Legacy ApprovalMode migration rules
+ * 3. User-defined TOML policies (if userPolicyPath provided)
+ * 4. Runtime rules (can be added later via PolicyEngine.addRule)
+ *
+ * Rules are evaluated by priority (highest wins), so:
+ * - User policies (Tier 2: 2.xxx) override defaults (Tier 1: 1.xxx)
+ * - Legacy migration rules slot into appropriate priority bands
+ * - Admin policies (Tier 3: 3.xxx, if added later) override all
+ *
+ * @param config - Config object with policy settings
+ * @returns PolicyEngineConfig ready for PolicyEngine construction
+ */
+export async function createPolicyEngineConfig(config) {
+    const rules = [];
+    // 1. Load default policies from TOML
+    const defaultRules = await loadDefaultPolicies();
+    rules.push(...defaultRules);
+    // 2. Migrate legacy settings (ApprovalMode, --allowed-tools)
+    const legacyRules = migrateLegacyApprovalMode(config);
+    rules.push(...legacyRules);
+    // 3. Load user-defined policies (if any)
+    const userPolicyPath = config.getUserPolicyPath?.();
+    if (userPolicyPath) {
+        try {
+            const userRules = await loadPolicyFromToml(userPolicyPath);
+            rules.push(...userRules);
+        }
+        catch (error) {
+            // Log warning but don't fail - user policies are optional
+            console.warn(`Failed to load user policy from ${userPolicyPath}:`, error);
+        }
+    }
+    return {
+        rules,
+        defaultDecision: PolicyDecision.ASK_USER,
+        nonInteractive: config.getNonInteractive(),
+    };
+}
+//# sourceMappingURL=config.js.map

package/dist/src/policy/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../../src/policy/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EACL,cAAc,GAGf,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AAC3E,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAanD;;;;;;;;;;GAUG;AACH,MAAM,UAAU,yBAAyB,CACvC,MAA0B;IAE1B,MAAM,KAAK,GAAiB,EAAE,CAAC;IAE/B,mBAAmB;IACnB,MAAM,YAAY,GAAG,MAAM,CAAC,eAAe,EAAE,CAAC;IAE9C,IAAI,YAAY,KAAK,YAAY,CAAC,IAAI,EAAE,CAAC;QACvC,gDAAgD;QAChD,KAAK,CAAC,IAAI,CAAC;YACT,yDAAyD;YACzD,QAAQ,EAAE,cAAc,CAAC,KAAK;YAC9B,QAAQ,EAAE,KAAK;SAChB,CAAC,CAAC;IACL,CAAC;SAAM,IAAI,YAAY,KAAK,YAAY,CAAC,SAAS,EAAE,CAAC;QACnD,sDAAsD;QACtD,MAAM,UAAU,GAAG,CAAC,MAAM,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC3E,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;YAC9B,KAAK,CAAC,IAAI,CAAC;gBACT,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,cAAc,CAAC,KAAK;gBAC9B,QAAQ,EAAE,KAAK;aAChB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,6EAA6E;IAE7E,sBAAsB;IACtB,MAAM,YAAY,GAAG,MAAM,CAAC,eAAe,EAAE,IAAI,EAAE,CAAC;IACpD,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC;YACT,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,cAAc,CAAC,KAAK;YAC9B,QAAQ,EAAE,GAAG;SACd,CAAC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,MAA0B;IAE1B,MAAM,KAAK,GAAiB,EAAE,CAAC;IAE/B,qCAAqC;IACrC,MAAM,YAAY,GAAG,MAAM,mBAAmB,EAAE,CAAC;IACjD,KAAK,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;IAE5B,6DAA6D;IAC7D,MAAM,WAAW,GAAG,yBAAyB,CAAC,MAAM,CAAC,CAAC;IACtD,KAAK,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;IAE3B,yCAAyC;IACzC,MAAM,cAAc,GAAG,MAAM,CAAC,iBAAiB,EAAE,EAAE,CAAC;IACpD,IAAI,cAAc,EAAE,CAAC;QACnB,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,kBAAkB,CAAC,cAAc,CAAC,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,CAAC;QAC3B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,0DAA0D;YAC1D,OAAO,CAAC,IAAI,CAAC,mCAAmC,cAAc,GAAG,EAAE,KAAK,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,eAAe,EAAE,cAAc,CAAC,QAAQ;QACxC,cAAc,EAAE,MAAM,CAAC,iBAAiB,EAAE;KAC3C,CAAC;AACJ,CAAC"}

package/dist/src/policy/index.d.ts

@@ -0,0 +1,5 @@
+export * from './types.js';
+export * from './policy-engine.js';
+export * from './stable-stringify.js';
+export * from './config.js';
+export * from './toml-loader.js';

package/dist/src/policy/index.js

@@ -0,0 +1,6 @@
+export * from './types.js';
+export * from './policy-engine.js';
+export * from './stable-stringify.js';
+export * from './config.js';
+export * from './toml-loader.js';
+//# sourceMappingURL=index.js.map

package/dist/src/policy/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/policy/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,cAAc,oBAAoB,CAAC;AACnC,cAAc,uBAAuB,CAAC;AACtC,cAAc,aAAa,CAAC;AAC5B,cAAc,kBAAkB,CAAC"}

package/dist/src/policy/policies/discovered.toml

@@ -0,0 +1,9 @@
+# Default policy for discovered tools (MCP, extensions, etc.)
+# Priority band: 1.01 (Tier 1 - Default)
+# Discovered tools require user confirmation unless explicitly trusted
+
+[[rule]]
+# Match all discovered tools (tools with discovered_tool_ prefix will be added by ToolRegistry)
+toolName = "discovered_tool_"
+decision = "ask_user"
+priority = 1.01

package/dist/src/policy/policies/read-only.toml

@@ -0,0 +1,68 @@
+# Default read-only tool policy
+# Priority band: 1.05 (Tier 1 - Default)
+# These tools are considered safe for auto-approval
+
+[[rule]]
+toolName = "glob"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "grep"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "ls"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "read_file"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "read_many_files"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "ripgrep"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "web_search"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "task"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "write_todos"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "list_subagents"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "notebook_edit"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "slash_command"
+decision = "allow"
+priority = 1.05
+
+[[rule]]
+toolName = "skill"
+decision = "allow"
+priority = 1.05

package/dist/src/policy/policies/write.toml

@@ -0,0 +1,69 @@
+# Default write tool policy
+# Priority band: 1.01 (Tier 1 - Default)
+# These tools require user confirmation by default
+
+[[rule]]
+toolName = "edit"
+decision = "ask_user"
+priority = 1.01
+
+[[rule]]
+toolName = "smart_edit"
+decision = "ask_user"
+priority = 1.01
+
+[[rule]]
+toolName = "write_file"
+decision = "ask_user"
+priority = 1.01
+
+[[rule]]
+toolName = "shell"
+decision = "ask_user"
+priority = 1.01
+
+[[rule]]
+toolName = "memory"
+decision = "ask_user"
+priority = 1.01
+
+[[rule]]
+toolName = "web_fetch"
+decision = "ask_user"
+priority = 1.01
+
+[[rule]]
+toolName = "mcp_tool"
+decision = "ask_user"
+priority = 1.01
+
+# Shell commands with dangerous patterns are denied
+[[rule]]
+toolName = "shell"
+argsPattern = "rm\\s+-rf\\s+/"
+decision = "deny"
+priority = 2.0
+
+[[rule]]
+toolName = "shell"
+argsPattern = "chmod\\s+777"
+decision = "deny"
+priority = 2.0
+
+[[rule]]
+toolName = "shell"
+argsPattern = "dd\\s+if="
+decision = "deny"
+priority = 2.0
+
+[[rule]]
+toolName = "shell"
+argsPattern = "mkfs\\."
+decision = "deny"
+priority = 2.0
+
+[[rule]]
+toolName = "shell"
+argsPattern = ":(){ :|:& };:"
+decision = "deny"
+priority = 2.0

package/dist/src/policy/policies/yolo.toml

@@ -0,0 +1,8 @@
+# YOLO mode policy - allow everything
+# Priority band: 1.999 (Tier 1 - Default, just below user settings)
+# WARNING: This disables all safety checks. Use only in trusted environments.
+
+[[rule]]
+# No toolName specified = wildcard (matches all tools)
+decision = "allow"
+priority = 1.999

package/dist/src/policy/policy-engine.d.ts

@@ -0,0 +1,55 @@
+import { PolicyDecision, type PolicyEngineConfig, type PolicyRule } from './types.js';
+/**
+ * PolicyEngine evaluates tool execution requests against configured rules.
+ * Rules are matched in priority order, with the highest priority rule winning.
+ */
+export declare class PolicyEngine {
+    private readonly rules;
+    private readonly defaultDecision;
+    private readonly nonInteractive;
+    constructor(config?: PolicyEngineConfig);
+    /**
+     * Evaluates a tool execution request and returns a policy decision.
+     *
+     * @param toolName - The name of the tool being executed
+     * @param args - The arguments passed to the tool
+     * @param serverName - Optional MCP server name (for spoofing prevention)
+     * @returns PolicyDecision (ALLOW, DENY, or ASK_USER)
+     */
+    evaluate(toolName: string, args: Record<string, unknown>, serverName?: string): PolicyDecision;
+    /**
+     * Finds the highest priority rule matching the tool and args.
+     *
+     * @param toolName - The name of the tool
+     * @param args - The tool arguments
+     * @returns The matching rule, or undefined if none match
+     */
+    private findMatchingRule;
+    /**
+     * Validates that a tool name matches its claimed server name.
+     * Returns null if spoofing is detected, otherwise returns the tool name.
+     *
+     * @param toolName - The tool name (may include server prefix)
+     * @param serverName - The claimed server name
+     * @returns The validated tool name, or null if spoofing detected
+     */
+    private validateServerName;
+    /**
+     * Returns all configured rules (for debugging/inspection).
+     *
+     * @returns Array of policy rules
+     */
+    getRules(): readonly PolicyRule[];
+    /**
+     * Returns the default decision used when no rules match.
+     *
+     * @returns PolicyDecision
+     */
+    getDefaultDecision(): PolicyDecision;
+    /**
+     * Returns whether the engine is in non-interactive mode.
+     *
+     * @returns boolean
+     */
+    isNonInteractive(): boolean;
+}

package/dist/src/policy/policy-engine.js

@@ -0,0 +1,126 @@
+import { PolicyDecision, } from './types.js';
+import { stableStringify } from './stable-stringify.js';
+/**
+ * PolicyEngine evaluates tool execution requests against configured rules.
+ * Rules are matched in priority order, with the highest priority rule winning.
+ */
+export class PolicyEngine {
+    rules;
+    defaultDecision;
+    nonInteractive;
+    constructor(config) {
+        this.rules = config?.rules ?? [];
+        this.defaultDecision = config?.defaultDecision ?? PolicyDecision.ASK_USER;
+        this.nonInteractive = config?.nonInteractive ?? false;
+        // Sort rules by priority (highest first)
+        this.rules.sort((a, b) => (b.priority ?? 0) - (a.priority ?? 0));
+    }
+    /**
+     * Evaluates a tool execution request and returns a policy decision.
+     *
+     * @param toolName - The name of the tool being executed
+     * @param args - The arguments passed to the tool
+     * @param serverName - Optional MCP server name (for spoofing prevention)
+     * @returns PolicyDecision (ALLOW, DENY, or ASK_USER)
+     */
+    evaluate(toolName, args, serverName) {
+        // Validate serverName to prevent spoofing
+        if (serverName) {
+            const validatedToolName = this.validateServerName(toolName, serverName);
+            if (validatedToolName === null) {
+                // Server name spoofing detected - deny
+                return PolicyDecision.DENY;
+            }
+        }
+        // Find the highest priority matching rule
+        const matchingRule = this.findMatchingRule(toolName, args);
+        if (matchingRule) {
+            const decision = matchingRule.decision;
+            // In non-interactive mode, ASK_USER becomes DENY
+            if (this.nonInteractive && decision === PolicyDecision.ASK_USER) {
+                return PolicyDecision.DENY;
+            }
+            return decision;
+        }
+        // No matching rule - use default decision
+        if (this.nonInteractive &&
+            this.defaultDecision === PolicyDecision.ASK_USER) {
+            return PolicyDecision.DENY;
+        }
+        return this.defaultDecision;
+    }
+    /**
+     * Finds the highest priority rule matching the tool and args.
+     *
+     * @param toolName - The name of the tool
+     * @param args - The tool arguments
+     * @returns The matching rule, or undefined if none match
+     */
+    findMatchingRule(toolName, args) {
+        const argsString = stableStringify(args);
+        for (const rule of this.rules) {
+            // Check tool name match
+            const toolMatches = !rule.toolName || rule.toolName === toolName;
+            if (!toolMatches) {
+                continue;
+            }
+            // Check args pattern match
+            const argsMatch = !rule.argsPattern || rule.argsPattern.test(argsString);
+            if (!argsMatch) {
+                continue;
+            }
+            // Both match - return this rule
+            return rule;
+        }
+        return undefined;
+    }
+    /**
+     * Validates that a tool name matches its claimed server name.
+     * Returns null if spoofing is detected, otherwise returns the tool name.
+     *
+     * @param toolName - The tool name (may include server prefix)
+     * @param serverName - The claimed server name
+     * @returns The validated tool name, or null if spoofing detected
+     */
+    validateServerName(toolName, serverName) {
+        // For MCP tools, expect format: "serverName__toolName"
+        const expectedPrefix = `${serverName}__`;
+        if (toolName.startsWith(expectedPrefix)) {
+            return toolName;
+        }
+        // If tool name doesn't have the expected prefix, check if it's a non-MCP tool
+        // Non-MCP tools don't have a server prefix, so if a serverName is provided
+        // but the tool doesn't have the prefix, it's likely spoofing
+        if (!toolName.includes('__')) {
+            // This is a built-in tool, serverName should not be set
+            return null;
+        }
+        // Tool has a different server prefix - spoofing attempt
+        return null;
+    }
+    /**
+     * Returns all configured rules (for debugging/inspection).
+     *
+     * @returns Array of policy rules
+     */
+    getRules() {
+        return [...this.rules];
+    }
+    /**
+     * Returns the default decision used when no rules match.
+     *
+     * @returns PolicyDecision
+     */
+    getDefaultDecision() {
+        return this.defaultDecision;
+    }
+    /**
+     * Returns whether the engine is in non-interactive mode.
+     *
+     * @returns boolean
+     */
+    isNonInteractive() {
+        return this.nonInteractive;
+    }
+}
+//# sourceMappingURL=policy-engine.js.map

package/dist/src/policy/policy-engine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-engine.js","sourceRoot":"","sources":["../../../src/policy/policy-engine.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,GAGf,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAExD;;;GAGG;AACH,MAAM,OAAO,YAAY;IACN,KAAK,CAAe;IACpB,eAAe,CAAiB;IAChC,cAAc,CAAU;IAEzC,YAAY,MAA2B;QACrC,IAAI,CAAC,KAAK,GAAG,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC;QACjC,IAAI,CAAC,eAAe,GAAG,MAAM,EAAE,eAAe,IAAI,cAAc,CAAC,QAAQ,CAAC;QAC1E,IAAI,CAAC,cAAc,GAAG,MAAM,EAAE,cAAc,IAAI,KAAK,CAAC;QAEtD,yCAAyC;QACzC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC;IACnE,CAAC;IAED;;;;;;;OAOG;IACH,QAAQ,CACN,QAAgB,EAChB,IAA6B,EAC7B,UAAmB;QAEnB,0CAA0C;QAC1C,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,iBAAiB,GAAG,IAAI,CAAC,kBAAkB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YACxE,IAAI,iBAAiB,KAAK,IAAI,EAAE,CAAC;gBAC/B,uCAAuC;gBACvC,OAAO,cAAc,CAAC,IAAI,CAAC;YAC7B,CAAC;QACH,CAAC;QAED,0CAA0C;QAC1C,MAAM,YAAY,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAE3D,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC;YAEvC,iDAAiD;YACjD,IAAI,IAAI,CAAC,cAAc,IAAI,QAAQ,KAAK,cAAc,CAAC,QAAQ,EAAE,CAAC;gBAChE,OAAO,cAAc,CAAC,IAAI,CAAC;YAC7B,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,0CAA0C;QAC1C,IACE,IAAI,CAAC,cAAc;YACnB,IAAI,CAAC,eAAe,KAAK,cAAc,CAAC,QAAQ,EAChD,CAAC;YACD,OAAO,cAAc,CAAC,IAAI,CAAC;QAC7B,CAAC;QAED,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;;;;;OAMG;IACK,gBAAgB,CACtB,QAAgB,EAChB,IAA6B;QAE7B,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;QAEzC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,wBAAwB;YACxB,MAAM,WAAW,GAAG,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC;YACjE,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,SAAS;YACX,CAAC;YAED,2BAA2B;YAC3B,MAAM,SAAS,GAAG,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACzE,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,SAAS;YACX,CAAC;YAED,gCAAgC;YAChC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;;OAOG;IACK,kBAAkB,CACxB,QAAgB,EAChB,UAAkB;QAElB,uDAAuD;QACvD,MAAM,cAAc,GAAG,GAAG,UAAU,IAAI,CAAC;QAEzC,IAAI,QAAQ,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACxC,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,8EAA8E;QAC9E,2EAA2E;QAC3E,6DAA6D;QAC7D,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,wDAAwD;YACxD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,wDAAwD;QACxD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;OAIG;IACH,QAAQ;QACN,OAAO,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;;;OAIG;IACH,gBAAgB;QACd,OAAO,IAAI,CAAC,cAAc,CAAC;IAC7B,CAAC;CACF"}

package/dist/src/policy/stable-stringify.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Provides deterministic JSON stringification for pattern matching in policy rules.
+ * Ensures consistent ordering of object keys and handling of special values.
+ */
+type JSONValue = string | number | boolean | null | JSONValue[] | {
+    [key: string]: JSONValue;
+};
+/**
+ * Deterministically stringifies a value for use in pattern matching.
+ * - Object keys are sorted alphabetically
+ * - Arrays maintain their order
+ * - undefined values are omitted
+ * - Functions and symbols are converted to null
+ * - Circular references throw an error
+ *
+ * @param value - The value to stringify
+ * @param space - Optional spacing for readability (default: none)
+ * @returns Deterministic JSON string
+ */
+export declare function stableStringify(value: unknown, space?: string | number): string;
+/**
+ * Parses a stable-stringified JSON string back into a value.
+ * This is just a wrapper around JSON.parse for consistency.
+ *
+ * @param text - The JSON string to parse
+ * @returns Parsed value
+ */
+export declare function stableParse(text: string): JSONValue;
+export {};

package/dist/src/policy/stable-stringify.js

@@ -0,0 +1,111 @@
+/**
+ * Provides deterministic JSON stringification for pattern matching in policy rules.
+ * Ensures consistent ordering of object keys and handling of special values.
+ */
+/**
+ * Deterministically stringifies a value for use in pattern matching.
+ * - Object keys are sorted alphabetically
+ * - Arrays maintain their order
+ * - undefined values are omitted
+ * - Functions and symbols are converted to null
+ * - Circular references throw an error
+ *
+ * @param value - The value to stringify
+ * @param space - Optional spacing for readability (default: none)
+ * @returns Deterministic JSON string
+ */
+export function stableStringify(value, space) {
+    const seen = new WeakSet();
+    function stringify(val, indent, currentDepth) {
+        // Handle primitives
+        if (val === null)
+            return 'null';
+        if (val === undefined)
+            return 'null';
+        if (typeof val === 'boolean')
+            return String(val);
+        if (typeof val === 'number') {
+            if (!Number.isFinite(val))
+                return 'null';
+            return String(val);
+        }
+        if (typeof val === 'string') {
+            return JSON.stringify(val);
+        }
+        // Handle functions and symbols
+        if (typeof val === 'function' || typeof val === 'symbol') {
+            return 'null';
+        }
+        // Handle objects and arrays
+        if (typeof val === 'object') {
+            // Circular reference check
+            if (seen.has(val)) {
+                throw new TypeError('Converting circular structure to JSON');
+            }
+            seen.add(val);
+            try {
+                // Handle arrays
+                if (Array.isArray(val)) {
+                    const items = [];
+                    const nextIndent = space ? indent + getIndentString(space) : '';
+                    const separator = space ? '\n' : '';
+                    for (let i = 0; i < val.length; i++) {
+                        const item = stringify(val[i], nextIndent, currentDepth + 1);
+                        items.push(space ? `${nextIndent}${item}` : item);
+                    }
+                    if (items.length === 0) {
+                        return '[]';
+                    }
+                    return space
+                        ? `[${separator}${items.join(`,${separator}`)}${separator}${indent}]`
+                        : `[${items.join(',')}]`;
+                }
+                // Handle objects
+                const keys = Object.keys(val).sort();
+                const pairs = [];
+                const nextIndent = space ? indent + getIndentString(space) : '';
+                const separator = space ? '\n' : '';
+                for (const key of keys) {
+                    const value = val[key];
+                    if (value !== undefined) {
+                        const stringifiedKey = JSON.stringify(key);
+                        const stringifiedValue = stringify(value, nextIndent, currentDepth + 1);
+                        const pair = space
+                            ? `${nextIndent}${stringifiedKey}: ${stringifiedValue}`
+                            : `${stringifiedKey}:${stringifiedValue}`;
+                        pairs.push(pair);
+                    }
+                }
+                if (pairs.length === 0) {
+                    return '{}';
+                }
+                return space
+                    ? `{${separator}${pairs.join(`,${separator}`)}${separator}${indent}}`
+                    : `{${pairs.join(',')}}`;
+            }
+            finally {
+                seen.delete(val);
+            }
+        }
+        // Fallback for unknown types
+        return 'null';
+    }
+    function getIndentString(space) {
+        if (typeof space === 'number') {
+            return ' '.repeat(Math.min(10, Math.max(0, Math.floor(space))));
+        }
+        return String(space).slice(0, 10);
+    }
+    return stringify(value, '', 0);
+}
+/**
+ * Parses a stable-stringified JSON string back into a value.
+ * This is just a wrapper around JSON.parse for consistency.
+ *
+ * @param text - The JSON string to parse
+ * @returns Parsed value
+ */
+export function stableParse(text) {
+    return JSON.parse(text);
+}
+//# sourceMappingURL=stable-stringify.js.map

package/dist/src/policy/stable-stringify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stable-stringify.js","sourceRoot":"","sources":["../../../src/policy/stable-stringify.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAUH;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,eAAe,CAC7B,KAAc,EACd,KAAuB;IAEvB,MAAM,IAAI,GAAG,IAAI,OAAO,EAAU,CAAC;IAEnC,SAAS,SAAS,CAChB,GAAY,EACZ,MAAc,EACd,YAAoB;QAEpB,oBAAoB;QACpB,IAAI,GAAG,KAAK,IAAI;YAAE,OAAO,MAAM,CAAC;QAChC,IAAI,GAAG,KAAK,SAAS;YAAE,OAAO,MAAM,CAAC;QACrC,IAAI,OAAO,GAAG,KAAK,SAAS;YAAE,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;QACjD,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAAE,OAAO,MAAM,CAAC;YACzC,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC;QACrB,CAAC;QACD,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QAC7B,CAAC;QAED,+BAA+B;QAC/B,IAAI,OAAO,GAAG,KAAK,UAAU,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACzD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,4BAA4B;QAC5B,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,2BAA2B;YAC3B,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAClB,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAC;YAC/D,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEd,IAAI,CAAC;gBACH,gBAAgB;gBAChB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;oBACvB,MAAM,KAAK,GAAa,EAAE,CAAC;oBAC3B,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAChE,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;oBAEpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACpC,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,YAAY,GAAG,CAAC,CAAC,CAAC;wBAC7D,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,UAAU,GAAG,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;oBACpD,CAAC;oBAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBACvB,OAAO,IAAI,CAAC;oBACd,CAAC;oBAED,OAAO,KAAK;wBACV,CAAC,CAAC,IAAI,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,EAAE,CAAC,GAAG,SAAS,GAAG,MAAM,GAAG;wBACrE,CAAC,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;gBAC7B,CAAC;gBAED,iBAAiB;gBACjB,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACrC,MAAM,KAAK,GAAa,EAAE,CAAC;gBAC3B,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,MAAM,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAChE,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;gBAEpC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,MAAM,KAAK,GAAI,GAA+B,CAAC,GAAG,CAAC,CAAC;oBACpD,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;wBACxB,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;wBAC3C,MAAM,gBAAgB,GAAG,SAAS,CAChC,KAAK,EACL,UAAU,EACV,YAAY,GAAG,CAAC,CACjB,CAAC;wBACF,MAAM,IAAI,GAAG,KAAK;4BAChB,CAAC,CAAC,GAAG,UAAU,GAAG,cAAc,KAAK,gBAAgB,EAAE;4BACvD,CAAC,CAAC,GAAG,cAAc,IAAI,gBAAgB,EAAE,CAAC;wBAC5C,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACnB,CAAC;gBACH,CAAC;gBAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACvB,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,OAAO,KAAK;oBACV,CAAC,CAAC,IAAI,SAAS,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,SAAS,EAAE,CAAC,GAAG,SAAS,GAAG,MAAM,GAAG;oBACrE,CAAC,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAC7B,CAAC;oBAAS,CAAC;gBACT,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACnB,CAAC;QACH,CAAC;QAED,6BAA6B;QAC7B,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,SAAS,eAAe,CAAC,KAAsB;QAC7C,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC;QACD,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACpC,CAAC;IAED,OAAO,SAAS,CAAC,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;AACjC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CAAC,IAAY;IACtC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAc,CAAC;AACvC,CAAC"}