npm - @wytness/sdk - Versions diffs - 0.6.0 → 0.7.0 - Mend

@wytness/sdk 0.6.0 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/index.cjs CHANGED Viewed

@@ -284,7 +284,7 @@ var SessionTokenizer = class {
   pseudonymizeValue(value, fieldPath = "") {
     if (!value || !value.trim())
       return value;
-    if (this._piiFields.includes(fieldPath)) {
+    if (this.matchPiiField(fieldPath)) {
       if (this._reverseMap[value])
         return this._reverseMap[value];
       const pseudonym = hmacPseudonym(value, this._hmacSecret);
@@ -293,6 +293,19 @@ var SessionTokenizer = class {
     }
     return value;
   }
+  matchPiiField(path) {
+    if (!path)
+      return false;
+    if (this._piiFields.includes(path))
+      return true;
+    const stripped = path.replace(/\[\d+\]/g, "");
+    if (this._piiFields.includes(stripped))
+      return true;
+    const wildcarded = path.replace(/\[\d+\]/g, "[]");
+    if (this._piiFields.includes(wildcarded))
+      return true;
+    return false;
+  }
   pseudonymizeText(text) {
     if (!text)
       return text;
@@ -316,20 +329,46 @@ var SessionTokenizer = class {
     }
     return text;
   }
+  /**
+   * Pseudonymize tool parameters, preserving nested structure.
+   *
+   * Walks objects and arrays recursively. Keys whose names match
+   * SECRET_PATTERN are replaced with "[REDACTED]". Primitive string values
+   * at paths listed in piiFields are fully pseudonymized; other strings are
+   * scanned with regex patterns.
+   *
+   * Paths use dot notation ("fields.abn") and [index] for arrays
+   * ("entities[0].name"). A piiFields entry matches by exact path, by
+   * index-stripped path ("entities.name"), or wildcard ("entities[].name").
+   */
   pseudonymizeParams(params) {
-    const result = {};
-    for (const [k, v] of Object.entries(params)) {
-      if (SECRET_PATTERN.test(k)) {
-        result[k] = "[REDACTED]";
-      } else if (this._piiFields.includes(k)) {
-        const val = String(v).slice(0, 500);
-        result[k] = this.pseudonymizeValue(val, k);
-      } else {
-        const val = String(v).slice(0, 500);
-        result[k] = this.pseudonymizeText(val);
+    return this.walk(params, "");
+  }
+  walk(value, path) {
+    if (value === null || value === void 0)
+      return value;
+    if (typeof value === "boolean" || typeof value === "number")
+      return value;
+    if (Array.isArray(value)) {
+      return value.map((item, i) => this.walk(item, `${path}[${i}]`));
+    }
+    if (typeof value === "object") {
+      const out = {};
+      for (const [k, v] of Object.entries(value)) {
+        if (SECRET_PATTERN.test(k)) {
+          out[k] = "[REDACTED]";
+          continue;
+        }
+        const childPath = path ? `${path}.${k}` : k;
+        out[k] = this.walk(v, childPath);
       }
+      return out;
     }
-    return result;
+    const text = String(value).slice(0, 500);
+    if (this.matchPiiField(path)) {
+      return this.pseudonymizeValue(text, path);
+    }
+    return this.pseudonymizeText(text);
   }
   /**
    * Encrypt the token map with the customer's X25519 public key.
@@ -430,10 +469,21 @@ var AuditClient = class {
   get tokenizer() {
     return this._tokenizer;
   }
-  /** Record an audit event. Never throws — errors are logged and swallowed. */
+  /**
+   * Record an audit event. Never throws — errors are logged and swallowed.
+   *
+   * If the client was configured with pseudonymization (piiHmacSecret +
+   * encryptionPublicKey), the event is automatically pseudonymized before
+   * signing — tool_parameters and response/prompt are walked and declared
+   * piiFields (supports dotted paths for nested keys) are replaced with
+   * deterministic tokens. The encrypted token map is attached.
+   */
   record(event) {
     try {
-      const d = { ...event };
+      let d = { ...event };
+      if (this._tokenizer) {
+        d = this.applyTokenizer(d);
+      }
       d["prev_event_hash"] = this._prevEventHash;
       d["signature"] = signEvent(d, this._secretKey);
       this._prevEventHash = computeEventHash(d);
@@ -442,6 +492,22 @@ var AuditClient = class {
       console.error(`wytness: failed to record event: ${e}`);
     }
   }
+  applyTokenizer(d) {
+    const tokenizer = this._tokenizer;
+    const params = d["tool_parameters"] ?? {};
+    d["tool_parameters"] = tokenizer.pseudonymizeParams(params);
+    const prompt = d["prompt"];
+    if (prompt) {
+      d["prompt"] = tokenizer.pseudonymizeText(String(prompt));
+    }
+    const response = d["response"];
+    if (response) {
+      d["response"] = tokenizer.pseudonymizeText(String(response).slice(0, 5e3));
+    }
+    d["encrypted_token_map"] = tokenizer.encryptTokenMap();
+    d["pseudonymization_version"] = d["pseudonymization_version"] || "1.0";
+    return d;
+  }
   /**
    * Wait for all pending HTTP requests to complete.
    * Call this before process exit in serverless/short-lived environments
@@ -492,9 +558,7 @@ function recordEvent(client, toolName, taskId, prompt, args, start, status, erro
   const outputsHash = result != null ? hashValue(result) : "";
   const tokenizer = client.tokenizer;
   if (tokenizer) {
-    const pseudonymizedParams = tokenizer.pseudonymizeParams(params);
-    const pseudonymizedPrompt = prompt ? tokenizer.pseudonymizeText(prompt) : "";
-    const response = result != null ? tokenizer.pseudonymizeText(String(result).slice(0, RESPONSE_MAX_CHARS)) : "";
+    const responseRaw = result != null ? String(result).slice(0, RESPONSE_MAX_CHARS) : "";
     const event = AuditEventSchema.parse({
       agent_id: client.agentId,
       agent_version: client.agentVersion,
@@ -502,16 +566,14 @@ function recordEvent(client, toolName, taskId, prompt, args, start, status, erro
       task_id: taskId,
       session_id: client.sessionId,
       tool_name: toolName,
-      tool_parameters: pseudonymizedParams,
-      prompt: pseudonymizedPrompt,
+      tool_parameters: params,
+      prompt,
       inputs_hash: hashValue(args),
       outputs_hash: outputsHash,
-      response,
+      response: responseRaw,
       status,
       error_code: errorCode,
-      duration_ms: Math.round(performance.now() - start),
-      encrypted_token_map: tokenizer.encryptTokenMap(),
-      pseudonymization_version: "1.0"
+      duration_ms: Math.round(performance.now() - start)
     });
     client.record(event);
   } else {

package/dist/index.d.cts CHANGED Viewed

@@ -134,8 +134,22 @@ declare class SessionTokenizer {
     get tokenMap(): Record<string, string>;
     private addMapping;
     pseudonymizeValue(value: string, fieldPath?: string): string;
+    private matchPiiField;
     pseudonymizeText(text: string): string;
-    pseudonymizeParams(params: Record<string, unknown>): Record<string, unknown>;
+    /**
+     * Pseudonymize tool parameters, preserving nested structure.
+     *
+     * Walks objects and arrays recursively. Keys whose names match
+     * SECRET_PATTERN are replaced with "[REDACTED]". Primitive string values
+     * at paths listed in piiFields are fully pseudonymized; other strings are
+     * scanned with regex patterns.
+     *
+     * Paths use dot notation ("fields.abn") and [index] for arrays
+     * ("entities[0].name"). A piiFields entry matches by exact path, by
+     * index-stripped path ("entities.name"), or wildcard ("entities[].name").
+     */
+    pseudonymizeParams(params: unknown): unknown;
+    private walk;
     /**
      * Encrypt the token map with the customer's X25519 public key.
      *
@@ -178,8 +192,17 @@ declare class AuditClient {
     constructor(options: AuditClientOptions);
     get sessionId(): string;
     get tokenizer(): SessionTokenizer | null;
-    /** Record an audit event. Never throws — errors are logged and swallowed. */
+    /**
+     * Record an audit event. Never throws — errors are logged and swallowed.
+     *
+     * If the client was configured with pseudonymization (piiHmacSecret +
+     * encryptionPublicKey), the event is automatically pseudonymized before
+     * signing — tool_parameters and response/prompt are walked and declared
+     * piiFields (supports dotted paths for nested keys) are replaced with
+     * deterministic tokens. The encrypted token map is attached.
+     */
     record(event: AuditEvent): void;
+    private applyTokenizer;
     /**
      * Wait for all pending HTTP requests to complete.
      * Call this before process exit in serverless/short-lived environments

package/dist/index.d.ts CHANGED Viewed

@@ -134,8 +134,22 @@ declare class SessionTokenizer {
     get tokenMap(): Record<string, string>;
     private addMapping;
     pseudonymizeValue(value: string, fieldPath?: string): string;
+    private matchPiiField;
     pseudonymizeText(text: string): string;
-    pseudonymizeParams(params: Record<string, unknown>): Record<string, unknown>;
+    /**
+     * Pseudonymize tool parameters, preserving nested structure.
+     *
+     * Walks objects and arrays recursively. Keys whose names match
+     * SECRET_PATTERN are replaced with "[REDACTED]". Primitive string values
+     * at paths listed in piiFields are fully pseudonymized; other strings are
+     * scanned with regex patterns.
+     *
+     * Paths use dot notation ("fields.abn") and [index] for arrays
+     * ("entities[0].name"). A piiFields entry matches by exact path, by
+     * index-stripped path ("entities.name"), or wildcard ("entities[].name").
+     */
+    pseudonymizeParams(params: unknown): unknown;
+    private walk;
     /**
      * Encrypt the token map with the customer's X25519 public key.
      *
@@ -178,8 +192,17 @@ declare class AuditClient {
     constructor(options: AuditClientOptions);
     get sessionId(): string;
     get tokenizer(): SessionTokenizer | null;
-    /** Record an audit event. Never throws — errors are logged and swallowed. */
+    /**
+     * Record an audit event. Never throws — errors are logged and swallowed.
+     *
+     * If the client was configured with pseudonymization (piiHmacSecret +
+     * encryptionPublicKey), the event is automatically pseudonymized before
+     * signing — tool_parameters and response/prompt are walked and declared
+     * piiFields (supports dotted paths for nested keys) are replaced with
+     * deterministic tokens. The encrypted token map is attached.
+     */
     record(event: AuditEvent): void;
+    private applyTokenizer;
     /**
      * Wait for all pending HTTP requests to complete.
      * Call this before process exit in serverless/short-lived environments

package/dist/index.js CHANGED Viewed

@@ -236,7 +236,7 @@ var SessionTokenizer = class {
   pseudonymizeValue(value, fieldPath = "") {
     if (!value || !value.trim())
       return value;
-    if (this._piiFields.includes(fieldPath)) {
+    if (this.matchPiiField(fieldPath)) {
       if (this._reverseMap[value])
         return this._reverseMap[value];
       const pseudonym = hmacPseudonym(value, this._hmacSecret);
@@ -245,6 +245,19 @@ var SessionTokenizer = class {
     }
     return value;
   }
+  matchPiiField(path) {
+    if (!path)
+      return false;
+    if (this._piiFields.includes(path))
+      return true;
+    const stripped = path.replace(/\[\d+\]/g, "");
+    if (this._piiFields.includes(stripped))
+      return true;
+    const wildcarded = path.replace(/\[\d+\]/g, "[]");
+    if (this._piiFields.includes(wildcarded))
+      return true;
+    return false;
+  }
   pseudonymizeText(text) {
     if (!text)
       return text;
@@ -268,20 +281,46 @@ var SessionTokenizer = class {
     }
     return text;
   }
+  /**
+   * Pseudonymize tool parameters, preserving nested structure.
+   *
+   * Walks objects and arrays recursively. Keys whose names match
+   * SECRET_PATTERN are replaced with "[REDACTED]". Primitive string values
+   * at paths listed in piiFields are fully pseudonymized; other strings are
+   * scanned with regex patterns.
+   *
+   * Paths use dot notation ("fields.abn") and [index] for arrays
+   * ("entities[0].name"). A piiFields entry matches by exact path, by
+   * index-stripped path ("entities.name"), or wildcard ("entities[].name").
+   */
   pseudonymizeParams(params) {
-    const result = {};
-    for (const [k, v] of Object.entries(params)) {
-      if (SECRET_PATTERN.test(k)) {
-        result[k] = "[REDACTED]";
-      } else if (this._piiFields.includes(k)) {
-        const val = String(v).slice(0, 500);
-        result[k] = this.pseudonymizeValue(val, k);
-      } else {
-        const val = String(v).slice(0, 500);
-        result[k] = this.pseudonymizeText(val);
+    return this.walk(params, "");
+  }
+  walk(value, path) {
+    if (value === null || value === void 0)
+      return value;
+    if (typeof value === "boolean" || typeof value === "number")
+      return value;
+    if (Array.isArray(value)) {
+      return value.map((item, i) => this.walk(item, `${path}[${i}]`));
+    }
+    if (typeof value === "object") {
+      const out = {};
+      for (const [k, v] of Object.entries(value)) {
+        if (SECRET_PATTERN.test(k)) {
+          out[k] = "[REDACTED]";
+          continue;
+        }
+        const childPath = path ? `${path}.${k}` : k;
+        out[k] = this.walk(v, childPath);
       }
+      return out;
     }
-    return result;
+    const text = String(value).slice(0, 500);
+    if (this.matchPiiField(path)) {
+      return this.pseudonymizeValue(text, path);
+    }
+    return this.pseudonymizeText(text);
   }
   /**
    * Encrypt the token map with the customer's X25519 public key.
@@ -382,10 +421,21 @@ var AuditClient = class {
   get tokenizer() {
     return this._tokenizer;
   }
-  /** Record an audit event. Never throws — errors are logged and swallowed. */
+  /**
+   * Record an audit event. Never throws — errors are logged and swallowed.
+   *
+   * If the client was configured with pseudonymization (piiHmacSecret +
+   * encryptionPublicKey), the event is automatically pseudonymized before
+   * signing — tool_parameters and response/prompt are walked and declared
+   * piiFields (supports dotted paths for nested keys) are replaced with
+   * deterministic tokens. The encrypted token map is attached.
+   */
   record(event) {
     try {
-      const d = { ...event };
+      let d = { ...event };
+      if (this._tokenizer) {
+        d = this.applyTokenizer(d);
+      }
       d["prev_event_hash"] = this._prevEventHash;
       d["signature"] = signEvent(d, this._secretKey);
       this._prevEventHash = computeEventHash(d);
@@ -394,6 +444,22 @@ var AuditClient = class {
       console.error(`wytness: failed to record event: ${e}`);
     }
   }
+  applyTokenizer(d) {
+    const tokenizer = this._tokenizer;
+    const params = d["tool_parameters"] ?? {};
+    d["tool_parameters"] = tokenizer.pseudonymizeParams(params);
+    const prompt = d["prompt"];
+    if (prompt) {
+      d["prompt"] = tokenizer.pseudonymizeText(String(prompt));
+    }
+    const response = d["response"];
+    if (response) {
+      d["response"] = tokenizer.pseudonymizeText(String(response).slice(0, 5e3));
+    }
+    d["encrypted_token_map"] = tokenizer.encryptTokenMap();
+    d["pseudonymization_version"] = d["pseudonymization_version"] || "1.0";
+    return d;
+  }
   /**
    * Wait for all pending HTTP requests to complete.
    * Call this before process exit in serverless/short-lived environments
@@ -444,9 +510,7 @@ function recordEvent(client, toolName, taskId, prompt, args, start, status, erro
   const outputsHash = result != null ? hashValue(result) : "";
   const tokenizer = client.tokenizer;
   if (tokenizer) {
-    const pseudonymizedParams = tokenizer.pseudonymizeParams(params);
-    const pseudonymizedPrompt = prompt ? tokenizer.pseudonymizeText(prompt) : "";
-    const response = result != null ? tokenizer.pseudonymizeText(String(result).slice(0, RESPONSE_MAX_CHARS)) : "";
+    const responseRaw = result != null ? String(result).slice(0, RESPONSE_MAX_CHARS) : "";
     const event = AuditEventSchema.parse({
       agent_id: client.agentId,
       agent_version: client.agentVersion,
@@ -454,16 +518,14 @@ function recordEvent(client, toolName, taskId, prompt, args, start, status, erro
       task_id: taskId,
       session_id: client.sessionId,
       tool_name: toolName,
-      tool_parameters: pseudonymizedParams,
-      prompt: pseudonymizedPrompt,
+      tool_parameters: params,
+      prompt,
       inputs_hash: hashValue(args),
       outputs_hash: outputsHash,
-      response,
+      response: responseRaw,
       status,
       error_code: errorCode,
-      duration_ms: Math.round(performance.now() - start),
-      encrypted_token_map: tokenizer.encryptTokenMap(),
-      pseudonymization_version: "1.0"
+      duration_ms: Math.round(performance.now() - start)
     });
     client.record(event);
   } else {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@wytness/sdk",
-  "version": "0.6.0",
+  "version": "0.7.0",
   "description": "TypeScript SDK for Wytness — audit logging for AI agents with cryptographic signing and chain integrity",
   "license": "MIT",
   "author": "Wytness <hello@wytness.dev>",