@xemahq/kernel-contracts 0.22.3 → 0.23.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agent-workspace/awp-spec.json +0 -1
- package/dist/agent-workspace/lib/workspace-layout.d.ts.map +1 -1
- package/dist/agent-workspace/lib/workspace-layout.js.map +1 -1
- package/dist/biome/lib/biome-manifest.d.ts +0 -8
- package/dist/biome/lib/biome-manifest.d.ts.map +1 -1
- package/dist/biome/lib/biome-manifest.js +4 -50
- package/dist/biome/lib/biome-manifest.js.map +1 -1
- package/dist/capability/lib/errors.d.ts.map +1 -1
- package/dist/capability/lib/errors.js.map +1 -1
- package/dist/capability/lib/meta-tool.d.ts.map +1 -1
- package/dist/capability/lib/meta-tool.js.map +1 -1
- package/dist/connector/lib/connector-descriptor.d.ts.map +1 -1
- package/dist/connector/lib/credential-kind.d.ts.map +1 -1
- package/dist/connector/lib/credential-kind.js.map +1 -1
- package/dist/connector/lib/filter-expr.js +6 -0
- package/dist/connector/lib/filter-expr.js.map +1 -1
- package/dist/contribution/lib/contribution-kind.d.ts.map +1 -1
- package/dist/contribution/lib/contribution-kind.js.map +1 -1
- package/dist/contribution/lib/contribution-source.d.ts.map +1 -1
- package/dist/contribution/lib/contribution-source.js.map +1 -1
- package/dist/contribution/lib/contribution.d.ts.map +1 -1
- package/dist/contribution/lib/contribution.js.map +1 -1
- package/dist/document-render/lib/render-enums.d.ts.map +1 -1
- package/dist/document-render/lib/render-enums.js.map +1 -1
- package/dist/execution-context/lib/execution-context.d.ts.map +1 -1
- package/dist/execution-context/lib/execution-context.js.map +1 -1
- package/dist/execution-environment/lib/built-in-environments.d.ts.map +1 -1
- package/dist/execution-environment/lib/built-in-environments.js.map +1 -1
- package/dist/execution-environment/lib/execution-environment.d.ts.map +1 -1
- package/dist/execution-environment/lib/execution-environment.js +1 -1
- package/dist/execution-environment/lib/execution-environment.js.map +1 -1
- package/dist/inquiry/index.d.ts.map +1 -1
- package/dist/inquiry/index.js.map +1 -1
- package/dist/object/lib/object-lifecycle.d.ts.map +1 -1
- package/dist/object/lib/object-lifecycle.js.map +1 -1
- package/dist/policy/lib/obligations.d.ts.map +1 -1
- package/dist/policy/lib/obligations.js.map +1 -1
- package/dist/runner/lib/runner-registration.d.ts.map +1 -1
- package/dist/runner/lib/runner-registration.js.map +1 -1
- package/dist/service-registry/lib/service-names.generated.d.ts.map +1 -1
- package/dist/service-registry/lib/service-names.generated.js.map +1 -1
- package/dist/space/lib/space.d.ts.map +1 -1
- package/dist/space/lib/space.js.map +1 -1
- package/dist/workflow/index.d.ts.map +1 -1
- package/dist/workflow/index.js.map +1 -1
- package/dist/workflow/lib/activity-outputs.d.ts.map +1 -1
- package/package.json +11 -2
- package/src/agent-composition/lib/agent-workspace-config.ts +3 -3
- package/src/agent-composition/lib/capability-layer.ts +2 -2
- package/src/agent-composition/lib/intrinsic-floor.ts +1 -1
- package/src/agent-session/lib/participant.ts +1 -1
- package/src/agent-workspace/lib/context-json.ts +1 -1
- package/src/agent-workspace/lib/mount-apply.ts +2 -2
- package/src/agent-workspace/lib/workspace-layout.ts +2 -4
- package/src/app-runtime/lib/app-client.ts +1 -1
- package/src/app-runtime/lib/app-lockfile.ts +2 -2
- package/src/app-runtime/lib/app.ts +4 -4
- package/src/app-runtime/lib/audience-policy.ts +2 -2
- package/src/app-runtime/lib/biome-install.ts +3 -3
- package/src/app-runtime/lib/branding-config.ts +1 -1
- package/src/app-runtime/lib/delegated-session.ts +1 -1
- package/src/app-runtime/lib/external-subject.ts +1 -1
- package/src/biome/lib/biome-capability-refs.ts +3 -3
- package/src/biome/lib/biome-engines.ts +2 -2
- package/src/biome/lib/biome-lifecycle-hooks.ts +1 -1
- package/src/biome/lib/biome-lifecycle.ts +3 -3
- package/src/biome/lib/biome-manifest.ts +68 -122
- package/src/biome/lib/biome-permissions.ts +2 -2
- package/src/biome/lib/biome-scope.ts +2 -2
- package/src/biome/lib/biome-trust-tier.ts +1 -1
- package/src/biome/lib/trust-tier-policies.ts +2 -2
- package/src/biome-availability/lib/biome-availability.ts +1 -1
- package/src/capability/lib/capability-contribution.ts +3 -3
- package/src/capability/lib/capability-grant.ts +5 -5
- package/src/capability/lib/capability-policy.ts +2 -2
- package/src/capability/lib/capability-ref.ts +4 -4
- package/src/capability/lib/errors.ts +4 -10
- package/src/capability/lib/meta-tool.ts +2 -5
- package/src/capability/lib/permission-profile.ts +7 -7
- package/src/capability/lib/shell-command-descriptor.ts +3 -3
- package/src/connector/lib/adapter-kind.ts +1 -1
- package/src/connector/lib/capability-refs.ts +1 -1
- package/src/connector/lib/connector-descriptor.ts +4 -3
- package/src/connector/lib/credential-kind.ts +3 -4
- package/src/connector/lib/envelope-schema.ts +2 -2
- package/src/connector/lib/filter-expr-validate.ts +1 -1
- package/src/connector/lib/filter-expr.ts +8 -0
- package/src/contribution/lib/contribution-kind.ts +11 -12
- package/src/contribution/lib/contribution-source.ts +1 -2
- package/src/contribution/lib/contribution.ts +3 -6
- package/src/document-render/lib/render-enums.ts +1 -2
- package/src/execution-context/lib/caller.ts +2 -2
- package/src/execution-context/lib/execution-context.ts +12 -18
- package/src/execution-environment/lib/approval-rule.ts +2 -2
- package/src/execution-environment/lib/built-in-environments.ts +9 -11
- package/src/execution-environment/lib/execution-environment.ts +25 -26
- package/src/inquiry/index.ts +1 -2
- package/src/invocation/lib/invocation-mode.ts +1 -1
- package/src/invocation/lib/invocation-record.ts +1 -1
- package/src/invocation/lib/isolation-level.ts +1 -1
- package/src/kernel-state/lib/adapter-kind.ts +3 -3
- package/src/kernel-state/lib/kernel-state.ts +1 -1
- package/src/kernel-state/lib/key-grammar.ts +1 -1
- package/src/mcp-tool/lib/tool-selection.ts +1 -1
- package/src/object/lib/object-lifecycle.ts +1 -2
- package/src/object/lib/xema-object-kind.ts +1 -1
- package/src/object/lib/xema-object-ref.ts +2 -2
- package/src/org-database/lib/db-result-event.ts +3 -3
- package/src/policy/lib/obligations.ts +5 -6
- package/src/policy/lib/policy.ts +7 -7
- package/src/policy/lib/route-hints.ts +1 -1
- package/src/provisioning/index.ts +1 -1
- package/src/provisioning/lib/provisioning.ts +4 -4
- package/src/resource/lib/resource-ownership-contribution.ts +2 -2
- package/src/runner/lib/dispatch.ts +5 -5
- package/src/runner/lib/job-token.ts +2 -2
- package/src/runner/lib/runner-attestation.ts +2 -2
- package/src/runner/lib/runner-job.ts +2 -2
- package/src/runner/lib/runner-mode.ts +1 -1
- package/src/runner/lib/runner-plane.ts +2 -2
- package/src/runner/lib/runner-registration.ts +9 -10
- package/src/runner/lib/runner.ts +7 -7
- package/src/runner-input-hash/lib/input-hash.ts +2 -2
- package/src/service-registry/lib/service-descriptor.ts +1 -1
- package/src/service-registry/lib/service-names.generated.ts +1 -3
- package/src/space/lib/space-ref-parser.ts +1 -1
- package/src/space/lib/space.ts +4 -5
- package/src/widget/lib/chat-widget-envelope.ts +1 -1
- package/src/worker-runtime/lib/capabilities.ts +1 -1
- package/src/workflow/index.ts +2 -3
- package/src/workflow/lib/activity-outputs.ts +3 -4
- package/src/workflow/lib/agent-role.ts +5 -5
- package/src/workflow/lib/artifact-ref.ts +1 -1
- package/src/workflow/lib/compiled-run.ts +2 -2
- package/src/workflow/lib/compiled-workspace-manifest.ts +2 -2
- package/src/workflow/lib/enums.ts +4 -4
- package/src/workflow/lib/errors.ts +1 -1
- package/src/workflow/lib/model-ref.ts +1 -1
- package/src/workflow/lib/mount-plan.ts +1 -1
- package/src/workflow/lib/platform-task-queue.ts +3 -3
- package/src/workflow/lib/role-capability.ts +1 -1
- package/src/workflow/lib/run-progress.ts +2 -2
- package/src/workflow/lib/trigger-payload.ts +2 -2
- package/src/workflow/lib/variable-requirement.ts +1 -1
- package/src/workflow/lib/workspace-manifest-enums.ts +1 -1
- package/src/workspace-storage/lib/types.ts +1 -1
|
@@ -56,8 +56,8 @@ import {
|
|
|
56
56
|
export const BIOME_MANIFEST_FILENAME = 'xema-biome.json';
|
|
57
57
|
|
|
58
58
|
/**
|
|
59
|
-
* Declarative event subscription entry of the biome manifest
|
|
60
|
-
*
|
|
59
|
+
* Declarative event subscription entry of the biome manifest.
|
|
60
|
+
* `event` is the CloudEvents `type` the biome subscribes
|
|
61
61
|
* to (e.g. `xema.kb.page.published.v1`); `handlerModule` is the module
|
|
62
62
|
* path relative to the biome package root that `biome-host-api` loads
|
|
63
63
|
* to dispatch matching events.
|
|
@@ -94,19 +94,18 @@ const ManifestBiomeScopeSchema = z.enum([
|
|
|
94
94
|
]);
|
|
95
95
|
|
|
96
96
|
/**
|
|
97
|
-
*
|
|
98
|
-
*
|
|
97
|
+
* Canonical map from a content-kind token to its conventional on-disk
|
|
98
|
+
* directory name. Biome content is discovered by walking these directories
|
|
99
|
+
* for on-disk presence (the file-walk seeders); the kind tokens themselves
|
|
100
|
+
* correspond to the Contribution Protocol
|
|
101
|
+
* (`@xemahq/kernel-contracts/contribution`). Multi-file bundle kinds (agents,
|
|
102
|
+
* skills, workflows, …) live under these dirs; single-file/typed
|
|
103
|
+
* contributions may alternatively use the `xema.contributions` block.
|
|
99
104
|
*
|
|
100
|
-
*
|
|
101
|
-
*
|
|
102
|
-
* migrated to the `contributions/` directory protocol. New code MUST use the
|
|
103
|
-
* `xema.contributions` block (or inline contributions) instead of
|
|
104
|
-
* `ships.content` / `ships.modules`.
|
|
105
|
-
*
|
|
106
|
-
* Keys are the camelCase tokens accepted in `xema-biome.json`; the mapping
|
|
107
|
-
* returns `null` for any key it does not recognise so callers can fail fast.
|
|
105
|
+
* Keys are the camelCase tokens; the mapping throws for any key it does not
|
|
106
|
+
* recognise so callers fail fast.
|
|
108
107
|
*/
|
|
109
|
-
const
|
|
108
|
+
const CONTENT_KIND_DIR: Readonly<Record<string, string>> = {
|
|
110
109
|
agents: 'agents',
|
|
111
110
|
workflowConfig: 'workflow-config',
|
|
112
111
|
deliverableSpecs: 'deliverable-specs',
|
|
@@ -127,16 +126,16 @@ const LEGACY_SHIPS_CONTENT_DIR: Readonly<Record<string, string>> = {
|
|
|
127
126
|
};
|
|
128
127
|
|
|
129
128
|
/**
|
|
130
|
-
* Resolve a
|
|
131
|
-
*
|
|
132
|
-
*
|
|
129
|
+
* Resolve a content-kind token to its conventional directory name. Used by
|
|
130
|
+
* the file-walk catalog/seeders that discover content by on-disk presence.
|
|
131
|
+
* Throws for an unknown token so callers fail fast.
|
|
133
132
|
*/
|
|
134
133
|
export function contentKindToDir(kind: string): string {
|
|
135
|
-
const dir =
|
|
134
|
+
const dir = CONTENT_KIND_DIR[kind];
|
|
136
135
|
if (!dir) {
|
|
137
136
|
throw new Error(
|
|
138
|
-
`biome-host-sdk: unknown
|
|
139
|
-
`Either
|
|
137
|
+
`biome-host-sdk: unknown content kind "${kind}". ` +
|
|
138
|
+
`Either use the xema.contributions block or extend CONTENT_KIND_DIR.`,
|
|
140
139
|
);
|
|
141
140
|
}
|
|
142
141
|
return dir;
|
|
@@ -155,7 +154,7 @@ export const BiomeDatabaseDeclarationSchema = z
|
|
|
155
154
|
export type BiomeDatabaseDeclaration = z.infer<typeof BiomeDatabaseDeclarationSchema>;
|
|
156
155
|
|
|
157
156
|
/**
|
|
158
|
-
* Per-API declaration shipped under `xema.ships.apis[]
|
|
157
|
+
* Per-API declaration shipped under `xema.ships.apis[]`.
|
|
159
158
|
* Each entry becomes one subdomain (`<name>.api.<base-domain>`)
|
|
160
159
|
* served by a biome-shipped API service. biome-host-api applies
|
|
161
160
|
* the Helm sub-chart at install time and writes a route-registry
|
|
@@ -227,7 +226,7 @@ export const BiomeApiDeclarationSchema = z
|
|
|
227
226
|
export type BiomeApiDeclaration = z.infer<typeof BiomeApiDeclarationSchema>;
|
|
228
227
|
|
|
229
228
|
/**
|
|
230
|
-
*
|
|
229
|
+
* Contribution Protocol entry. The body of an
|
|
231
230
|
* `*.contribution.json` file under a biome's `contributions/` directory,
|
|
232
231
|
* or an inline entry under `xema.contributions.inline[]` in
|
|
233
232
|
* `xema-biome.json`.
|
|
@@ -235,10 +234,7 @@ export type BiomeApiDeclaration = z.infer<typeof BiomeApiDeclarationSchema>;
|
|
|
235
234
|
* Validated structurally here (kind + slug + opaque manifest). The
|
|
236
235
|
* authoritative per-kind manifest validation lives in the kind-specific
|
|
237
236
|
* contracts package and is exercised at boot by the generic
|
|
238
|
-
* `BootstrapContributionsService` template
|
|
239
|
-
* `bootstrap-contributions-service.ts`).
|
|
240
|
-
*
|
|
241
|
-
* See `.claude/plans/following-up-the-xema-os-plan-md-abstract-stream.md` §6.C.1.
|
|
237
|
+
* `BootstrapContributionsService` template.
|
|
242
238
|
*/
|
|
243
239
|
export const BiomeContributionEntrySchema = z
|
|
244
240
|
.object({
|
|
@@ -268,8 +264,6 @@ export type BiomeContributionEntry = z.infer<typeof BiomeContributionEntrySchema
|
|
|
268
264
|
* manifest — directory entries are walked first, inline entries layered
|
|
269
265
|
* on top with last-write-wins on `(kind, id)` collision (the host fails
|
|
270
266
|
* fast on duplicates at boot).
|
|
271
|
-
*
|
|
272
|
-
* Phase C plan-of-record: §6.C.1.
|
|
273
267
|
*/
|
|
274
268
|
export const BiomeContributionsSchema = z
|
|
275
269
|
.object({
|
|
@@ -289,17 +283,13 @@ export type BiomeContributions = z.infer<typeof BiomeContributionsSchema>;
|
|
|
289
283
|
export const BiomeShipsSchema = z
|
|
290
284
|
.object({
|
|
291
285
|
/**
|
|
292
|
-
*
|
|
293
|
-
*
|
|
294
|
-
*
|
|
295
|
-
*
|
|
286
|
+
* Per-API service declarations. Content contributions (agents, skills,
|
|
287
|
+
* workflows, deliverable-specs, …) are NOT declared here — they are
|
|
288
|
+
* discovered by on-disk presence of their convention directory (see
|
|
289
|
+
* `contentKindToDir`) and/or the `xema.contributions` block. The former
|
|
290
|
+
* `content` / `modules` string arrays were removed once discovery became
|
|
291
|
+
* presence-based; do not re-introduce a per-kind declaration.
|
|
296
292
|
*/
|
|
297
|
-
content: z.array(z.string().min(1)).optional(),
|
|
298
|
-
/**
|
|
299
|
-
* @deprecated PHASE-C-SWEEP: superseded by top-level
|
|
300
|
-
* `xema.contributions`. See `content` above — same rationale.
|
|
301
|
-
*/
|
|
302
|
-
modules: z.array(z.string().min(1)).optional(),
|
|
303
293
|
apis: z.array(BiomeApiDeclarationSchema).optional(),
|
|
304
294
|
})
|
|
305
295
|
.strict();
|
|
@@ -414,7 +404,7 @@ export type WebhookFilter = z.infer<typeof WebhookFilterSchema>;
|
|
|
414
404
|
|
|
415
405
|
/**
|
|
416
406
|
* Server-side capability declarations. Validated at boot for shape +
|
|
417
|
-
* closed-set membership; runtime enforcement is
|
|
407
|
+
* closed-set membership; runtime enforcement is planned (network
|
|
418
408
|
* allow-list, MCP ACL, secret scope). Declaring intent now means every
|
|
419
409
|
* biome already states it — no migration when enforcement turns on.
|
|
420
410
|
*/
|
|
@@ -430,7 +420,7 @@ export const ServerBiomeCapabilitiesSchema = z
|
|
|
430
420
|
.strict();
|
|
431
421
|
export type ServerBiomeCapabilities = z.infer<typeof ServerBiomeCapabilitiesSchema>;
|
|
432
422
|
|
|
433
|
-
/** Web-side capability declarations. Same
|
|
423
|
+
/** Web-side capability declarations. Same runtime-enforcement timing as server. */
|
|
434
424
|
export const WebBiomeCapabilitiesSchema = z
|
|
435
425
|
.object({
|
|
436
426
|
slots: z.array(z.string().min(1)).optional(),
|
|
@@ -500,39 +490,39 @@ const BiomeIdSchema = z
|
|
|
500
490
|
/**
|
|
501
491
|
* Per-handler declarative event subscription. Type-aliased to
|
|
502
492
|
* `BiomeEventSubscription` so the SDK's manifest field and the
|
|
503
|
-
* `xema-biome.json` parser share one shape.
|
|
493
|
+
* `xema-biome.json` parser share one shape.
|
|
504
494
|
*/
|
|
505
495
|
export type BiomeManifestSubscribe = BiomeEventSubscription;
|
|
506
496
|
|
|
507
497
|
/**
|
|
508
498
|
* `requires`: biome id → semver range. Same shape as the kernel biome
|
|
509
|
-
* manifest's `requires` block
|
|
499
|
+
* manifest's `requires` block; the platform refuses to
|
|
510
500
|
* enable a biome/biome whose `requires` cannot be satisfied by the
|
|
511
501
|
* other enabled biomes/biomes in the org.
|
|
512
502
|
*/
|
|
513
503
|
export type BiomeManifestRequires = Readonly<Record<string, string>>;
|
|
514
504
|
|
|
515
505
|
/**
|
|
516
|
-
* Additive XSI fields layered onto the per-target `xema` block
|
|
517
|
-
*
|
|
506
|
+
* Additive XSI fields layered onto the per-target `xema` block. Pure
|
|
507
|
+
* additive. All fields are OPTIONAL.
|
|
518
508
|
*
|
|
519
|
-
* - `subscribes[]` — declarative event wiring
|
|
509
|
+
* - `subscribes[]` — declarative event wiring. Each entry binds
|
|
520
510
|
* one CloudEvents `type` to a handler module path.
|
|
521
511
|
* - `requires` — typed semver dependency declaration on other
|
|
522
|
-
* biomes/biomes
|
|
512
|
+
* biomes/biomes.
|
|
523
513
|
* - `contributes[]` — closed `ContributionKind` enum from
|
|
524
514
|
* `@xemahq/kernel-contracts/contribution`. The biome-host uses this to know
|
|
525
|
-
* which slot registries to walk on install
|
|
515
|
+
* which slot registries to walk on install.
|
|
526
516
|
* - `requiresCapabilities[]` — capability refs the biome needs the host
|
|
527
|
-
* to grant before any of its handlers/contributions execute
|
|
517
|
+
* to grant before any of its handlers/contributions execute.
|
|
528
518
|
* - `exposesCapabilities[]` — capability refs the biome itself
|
|
529
|
-
* implements and offers to others
|
|
519
|
+
* implements and offers to others.
|
|
530
520
|
* - `permissions` — install-time consent metadata (default profile +
|
|
531
|
-
* per-ref hints + UX groupings) for `requiresCapabilities[]
|
|
521
|
+
* per-ref hints + UX groupings) for `requiresCapabilities[]`.
|
|
532
522
|
* - `lifecycle` — module paths the host invokes on
|
|
533
|
-
* install/upgrade/enable/disable/uninstall transitions
|
|
523
|
+
* install/upgrade/enable/disable/uninstall transitions.
|
|
534
524
|
* - `engines.xema` — semver range the host enforces against the running
|
|
535
|
-
* platform version
|
|
525
|
+
* platform version.
|
|
536
526
|
*
|
|
537
527
|
* Kernel-owned types are referenced through the sibling biome contract
|
|
538
528
|
* modules — never redefined here.
|
|
@@ -543,11 +533,10 @@ const XsiManifestExtensionsShape = {
|
|
|
543
533
|
contributes: z.array(ContributionKindSchema).optional(),
|
|
544
534
|
/**
|
|
545
535
|
* Phase-C Contribution Protocol entries (the actual envelopes, not just
|
|
546
|
-
* the kind whitelist)
|
|
547
|
-
* `
|
|
548
|
-
* `
|
|
549
|
-
*
|
|
550
|
-
* `contributions/` directory at the biome root.
|
|
536
|
+
* the kind whitelist), fed to a single generic
|
|
537
|
+
* `BootstrapContributionsService` template. Either inline entries or a
|
|
538
|
+
* pointer to a `contributions/` directory at the biome root. Complements
|
|
539
|
+
* the presence-based file-walk seeders (see `contentKindToDir`).
|
|
551
540
|
*/
|
|
552
541
|
contributions: BiomeContributionsSchema.optional(),
|
|
553
542
|
requiresCapabilities: z.array(CapabilityRefSchema).optional(),
|
|
@@ -733,7 +722,7 @@ const ServerBiomeXemaSchema = z
|
|
|
733
722
|
ships: BiomeShipsSchema.optional(),
|
|
734
723
|
capabilities: ServerBiomeCapabilitiesSchema.optional(),
|
|
735
724
|
/**
|
|
736
|
-
* Hosting/provenance posture for adapter-contribution modules
|
|
725
|
+
* Hosting/provenance posture for adapter-contribution modules.
|
|
737
726
|
* The same `first-party | third-party` set as {@link BiomeOrigin} (which
|
|
738
727
|
* documents this very field) — uses `BiomeOriginSchema` so the two cannot
|
|
739
728
|
* drift. Other biome kinds ignore this field. Defaults to `third-party`.
|
|
@@ -883,14 +872,14 @@ const ServerBiomeXemaSchema = z
|
|
|
883
872
|
.max(64)
|
|
884
873
|
.optional(),
|
|
885
874
|
/**
|
|
886
|
-
* Explicit roster of agents this biome ships.
|
|
887
|
-
*
|
|
888
|
-
*
|
|
889
|
-
*
|
|
875
|
+
* Explicit roster of agents this biome ships. Present ⟺ the biome has an
|
|
876
|
+
* on-disk `agents/` directory (discovered by presence). Each entry pins
|
|
877
|
+
* one `agents/<slug>.md` file with its execution mode (primary vs
|
|
878
|
+
* subagent).
|
|
890
879
|
*
|
|
891
880
|
* Why both this field AND the on-disk `agents/` scan exist:
|
|
892
881
|
* - The declaration makes the roster greppable from outside the
|
|
893
|
-
* biome tree
|
|
882
|
+
* biome tree by scanning each biome's `xema-biome.json`.
|
|
894
883
|
* - It lets biome-host fail fast at boot when an agent file is
|
|
895
884
|
* added or removed without updating the manifest — the prior
|
|
896
885
|
* convention silently accepted drift.
|
|
@@ -904,10 +893,10 @@ const ServerBiomeXemaSchema = z
|
|
|
904
893
|
*/
|
|
905
894
|
agents: z.array(BiomeAgentDeclarationSchema).optional(),
|
|
906
895
|
/**
|
|
907
|
-
* Workspace-provisioning scaffolds the biome ships
|
|
896
|
+
* Workspace-provisioning scaffolds the biome ships. Each
|
|
908
897
|
* entry pins one `provisioning/<id>.yaml` recipe and declares when it
|
|
909
|
-
* runs + how the resolver expands it.
|
|
910
|
-
*
|
|
898
|
+
* runs + how the resolver expands it. Present ⟺ the biome has an on-disk
|
|
899
|
+
* `provisioning/` directory (discovered by presence).
|
|
911
900
|
*/
|
|
912
901
|
provisioning: z.array(ProvisioningScaffoldDeclarationSchema).optional(),
|
|
913
902
|
/**
|
|
@@ -916,7 +905,7 @@ const ServerBiomeXemaSchema = z
|
|
|
916
905
|
* injects the org database identifiers into the runtime workload env.
|
|
917
906
|
*/
|
|
918
907
|
database: BiomeDatabaseDeclarationSchema.optional(),
|
|
919
|
-
/** Reserved for
|
|
908
|
+
/** Reserved for planned third-party signing. Validated only when present. */
|
|
920
909
|
signature: z
|
|
921
910
|
.object({
|
|
922
911
|
algorithm: z.string().min(1),
|
|
@@ -925,15 +914,14 @@ const ServerBiomeXemaSchema = z
|
|
|
925
914
|
})
|
|
926
915
|
.strict()
|
|
927
916
|
.optional(),
|
|
928
|
-
// XSI
|
|
929
|
-
// doc-comment above for the per-field meaning
|
|
917
|
+
// XSI additive fields. See `XsiManifestExtensionsShape`
|
|
918
|
+
// doc-comment above for the per-field meaning.
|
|
930
919
|
...XsiManifestExtensionsShape,
|
|
931
920
|
})
|
|
932
921
|
.strict()
|
|
933
922
|
.superRefine((value, ctx) => {
|
|
934
923
|
validateServerPluginWebhookAndIntegrationRequirements(value, ctx);
|
|
935
924
|
validateServerBiomeAgentDeclarations(value, ctx);
|
|
936
|
-
validateServerPluginProvisioningDeclarations(value, ctx);
|
|
937
925
|
});
|
|
938
926
|
|
|
939
927
|
const WebBiomeXemaSchema = z
|
|
@@ -978,7 +966,7 @@ const WebBiomeXemaSchema = z
|
|
|
978
966
|
})
|
|
979
967
|
.strict()
|
|
980
968
|
.optional(),
|
|
981
|
-
// XSI
|
|
969
|
+
// XSI additive fields — same shape on both targets so the
|
|
982
970
|
// biome-host can read them uniformly regardless of where the biome
|
|
983
971
|
// executes. See `XsiManifestExtensionsShape` above.
|
|
984
972
|
...XsiManifestExtensionsShape,
|
|
@@ -1008,41 +996,23 @@ function validateServerPluginWebhookAndIntegrationRequirements(
|
|
|
1008
996
|
});
|
|
1009
997
|
}
|
|
1010
998
|
}
|
|
1011
|
-
|
|
1012
|
-
|
|
1013
|
-
|
|
1014
|
-
|
|
1015
|
-
|
|
1016
|
-
|
|
1017
|
-
message:
|
|
1018
|
-
'biomes declaring integrationRequirements must also ship a `biomeInstallSchema` content kind so the install wizard can render a resource-selection form',
|
|
1019
|
-
});
|
|
1020
|
-
}
|
|
1021
|
-
}
|
|
999
|
+
// A biome declaring integrationRequirements must also ship a
|
|
1000
|
+
// `biomeInstallSchema` (the `install-schema/` convention directory) so the
|
|
1001
|
+
// install wizard can render a resource-selection form. That directory is
|
|
1002
|
+
// discovered by on-disk presence; the schema validator has no filesystem
|
|
1003
|
+
// access, so this is enforced at boot-time seeding rather than at
|
|
1004
|
+
// manifest-parse time (there is no longer a `ships.content` list to check).
|
|
1022
1005
|
}
|
|
1023
1006
|
|
|
1024
1007
|
function validateServerBiomeAgentDeclarations(
|
|
1025
1008
|
value: ServerBiomeXema,
|
|
1026
1009
|
ctx: z.RefinementCtx,
|
|
1027
1010
|
): void {
|
|
1028
|
-
|
|
1011
|
+
// The `agents[]` roster is the authoritative declaration of what a biome
|
|
1012
|
+
// ships; boot-time `crossValidateAgentDeclarations` enforces parity with the
|
|
1013
|
+
// on-disk `agents/*.md` files. Here we only enforce slug uniqueness — there
|
|
1014
|
+
// is no longer a `ships.content` list to cross-check the block against.
|
|
1029
1015
|
const hasAgents = (value.agents?.length ?? 0) > 0;
|
|
1030
|
-
if (shipsAgents && !hasAgents) {
|
|
1031
|
-
ctx.addIssue({
|
|
1032
|
-
code: 'custom',
|
|
1033
|
-
path: ['agents'],
|
|
1034
|
-
message:
|
|
1035
|
-
'ships.content includes "agents" — manifest must declare each shipped agent under `agents[]` (slug + mode). The boot-time cross-validator enforces parity with on-disk agents/*.md files.',
|
|
1036
|
-
});
|
|
1037
|
-
}
|
|
1038
|
-
if (!shipsAgents && hasAgents) {
|
|
1039
|
-
ctx.addIssue({
|
|
1040
|
-
code: 'custom',
|
|
1041
|
-
path: ['agents'],
|
|
1042
|
-
message:
|
|
1043
|
-
'agents[] is declared but ships.content does not include "agents" — add "agents" to ships.content or remove the agents[] block',
|
|
1044
|
-
});
|
|
1045
|
-
}
|
|
1046
1016
|
if (hasAgents) {
|
|
1047
1017
|
const slugs = new Set<string>();
|
|
1048
1018
|
value.agents?.forEach((decl, idx) => {
|
|
@@ -1058,30 +1028,6 @@ function validateServerBiomeAgentDeclarations(
|
|
|
1058
1028
|
}
|
|
1059
1029
|
}
|
|
1060
1030
|
|
|
1061
|
-
function validateServerPluginProvisioningDeclarations(
|
|
1062
|
-
value: ServerBiomeXema,
|
|
1063
|
-
ctx: z.RefinementCtx,
|
|
1064
|
-
): void {
|
|
1065
|
-
const shipsProvisioning = value.ships?.content?.includes('provisioningScaffolds') ?? false;
|
|
1066
|
-
const hasProvisioning = (value.provisioning?.length ?? 0) > 0;
|
|
1067
|
-
if (shipsProvisioning && !hasProvisioning) {
|
|
1068
|
-
ctx.addIssue({
|
|
1069
|
-
code: 'custom',
|
|
1070
|
-
path: ['provisioning'],
|
|
1071
|
-
message:
|
|
1072
|
-
'ships.content includes "provisioningScaffolds" — manifest must declare each scaffold under `provisioning[]`',
|
|
1073
|
-
});
|
|
1074
|
-
}
|
|
1075
|
-
if (!shipsProvisioning && hasProvisioning) {
|
|
1076
|
-
ctx.addIssue({
|
|
1077
|
-
code: 'custom',
|
|
1078
|
-
path: ['provisioning'],
|
|
1079
|
-
message:
|
|
1080
|
-
'provisioning[] is declared but ships.content does not include "provisioningScaffolds" — add it or remove the provisioning[] block',
|
|
1081
|
-
});
|
|
1082
|
-
}
|
|
1083
|
-
}
|
|
1084
|
-
|
|
1085
1031
|
const ManifestNameSchema = z
|
|
1086
1032
|
.string()
|
|
1087
1033
|
.min(1)
|
|
@@ -10,9 +10,9 @@ import {
|
|
|
10
10
|
|
|
11
11
|
/**
|
|
12
12
|
* `BiomePermissionsManifest` — the optional `permissions` block of the
|
|
13
|
-
* biome manifest
|
|
13
|
+
* biome manifest. It carries:
|
|
14
14
|
*
|
|
15
|
-
* - `defaultProfile`: the built-in `BiomePermissionProfile`
|
|
15
|
+
* - `defaultProfile`: the built-in `BiomePermissionProfile`
|
|
16
16
|
* the install UI suggests by default. Third-party biomes MUST NOT
|
|
17
17
|
* define new profiles — those are kernel-shipped or org-custom only.
|
|
18
18
|
* - `hints`: one entry per declared `requiresCapabilities[]` ref. The
|
|
@@ -2,9 +2,9 @@ import { z } from 'zod';
|
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* `BiomeScope` is the closed set of installation scopes a biome may live
|
|
5
|
-
* in
|
|
5
|
+
* in. A biome installed twice — once in `Org` and once in
|
|
6
6
|
* `Sandbox` — is two installations with disjoint state (storage,
|
|
7
|
-
* grants, audit lineage)
|
|
7
|
+
* grants, audit lineage).
|
|
8
8
|
*
|
|
9
9
|
* String values match the on-wire representation used by
|
|
10
10
|
* `biome-host-api` install records and Object Registry projections.
|
|
@@ -2,7 +2,7 @@ import { z } from 'zod';
|
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
4
|
* `BiomeTrustTier` is the closed set of provenance tiers a biome may
|
|
5
|
-
* carry
|
|
5
|
+
* carry. The tier is set at biome publication / install
|
|
6
6
|
* time and is the primary input to the trust-tier default capability
|
|
7
7
|
* policy (see `trust-tier-policies.ts`).
|
|
8
8
|
*
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { BiomeTrustTier } from './biome-trust-tier';
|
|
2
2
|
|
|
3
3
|
/**
|
|
4
|
-
* Default capability-policy summary per `BiomeTrustTier
|
|
4
|
+
* Default capability-policy summary per `BiomeTrustTier`.
|
|
5
5
|
*
|
|
6
6
|
* This table is NOT the authorization decision — `authorization-api` is
|
|
7
7
|
* the source of truth at runtime. It is the kernel-shipped default that
|
|
@@ -20,7 +20,7 @@ import { BiomeTrustTier } from './biome-trust-tier';
|
|
|
20
20
|
* defaults to `requiresApproval=true` on the corresponding capability
|
|
21
21
|
* call (`biome:install@1`, `biome:promote@1`).
|
|
22
22
|
* - `allowedEnvironments`: the environment slugs the tier may live in by default —
|
|
23
|
-
* one of the eight built-in zones
|
|
23
|
+
* one of the eight built-in zones
|
|
24
24
|
* (`system | org | project | app | session | sandbox | public |
|
|
25
25
|
* store-review`). Org admins may relax or tighten this through
|
|
26
26
|
* custom policy; the kernel default is the conservative baseline.
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
// This is a POST-SCOPE FILTER applied AFTER implicit-by-scope resolution
|
|
7
7
|
// (the 5-tier `SkillSpace`/`AgentSpace` precedence): it NARROWS the
|
|
8
8
|
// already-visible set; it never widens it and it is NOT a parallel
|
|
9
|
-
// availability/binding table
|
|
9
|
+
// availability/binding table.
|
|
10
10
|
//
|
|
11
11
|
// Why a filter and not a binding table: the ownership model is implicit-by-
|
|
12
12
|
// scope — a contribution is available because its owning biome is installed
|
|
@@ -7,8 +7,8 @@ import {
|
|
|
7
7
|
} from './permission-profile';
|
|
8
8
|
|
|
9
9
|
/**
|
|
10
|
-
* Manifest shape carried by every `ContributionKind.Capability` envelope
|
|
11
|
-
*
|
|
10
|
+
* Manifest shape carried by every `ContributionKind.Capability` envelope.
|
|
11
|
+
* One contribution = one capability ref.
|
|
12
12
|
*
|
|
13
13
|
* The shape is intentionally a value-identical subset of
|
|
14
14
|
* `RegisterCapabilityDto` (the `POST /capabilities/register` body shape on
|
|
@@ -52,7 +52,7 @@ export interface CapabilityContributionManifest {
|
|
|
52
52
|
/**
|
|
53
53
|
* Identifier of the EXTERNAL service this capability calls (e.g. a provider
|
|
54
54
|
* slug like `github` or an MCP server ref). Presence is the signal that the
|
|
55
|
-
* invocation needs a brokered external credential
|
|
55
|
+
* invocation needs a brokered external credential:
|
|
56
56
|
* authorization-api runs the credential-binding precedence ladder ONLY for
|
|
57
57
|
* capabilities that declare it, and the executing gateway resolves a sealed
|
|
58
58
|
* credential for that service. Absent ⇒ the capability is internal and needs
|
|
@@ -35,7 +35,7 @@ export type { SubjectRef, ActingForRef };
|
|
|
35
35
|
/**
|
|
36
36
|
* Per-grant runtime caps. None of these are required at the contract level;
|
|
37
37
|
* absent fields mean "no platform-imposed limit on this axis". Profiles
|
|
38
|
-
*
|
|
38
|
+
* may default some of them; admins may tighten or loosen per row.
|
|
39
39
|
*/
|
|
40
40
|
export interface GrantConstraints {
|
|
41
41
|
maxCallsPerHour?: number;
|
|
@@ -55,14 +55,14 @@ export const GrantConstraintsSchema = z.object({
|
|
|
55
55
|
}) as z.ZodType<GrantConstraints>;
|
|
56
56
|
|
|
57
57
|
/**
|
|
58
|
-
* `CapabilityGrant` is the single row shape `authorization-api` stores
|
|
59
|
-
*
|
|
58
|
+
* `CapabilityGrant` is the single row shape `authorization-api` stores.
|
|
59
|
+
* One grant binds ONE `(subject, capability)` pair to a
|
|
60
60
|
* `resourceGlob`, an allowed-environment set, and optional runtime constraints.
|
|
61
61
|
*
|
|
62
62
|
* Wildcards (`kb:*@1`) are NOT represented in `capability` at the contract
|
|
63
63
|
* level — the kernel grammar in `capability-ref.ts` rejects them. Wildcard
|
|
64
64
|
* grants are stored as multiple per-verb rows OR as a separate
|
|
65
|
-
* domain-wildcard table in `authorization-api`; the choice is
|
|
65
|
+
* domain-wildcard table in `authorization-api`; the choice is an
|
|
66
66
|
* implementation detail, not a kernel concern.
|
|
67
67
|
*/
|
|
68
68
|
export interface CapabilityGrant {
|
|
@@ -71,7 +71,7 @@ export interface CapabilityGrant {
|
|
|
71
71
|
capability: CapabilityRef;
|
|
72
72
|
/**
|
|
73
73
|
* Glob over XVFS resource refs, e.g. `xema://org/acme/project/*\/kb/**`.
|
|
74
|
-
* Authorization-api owns glob semantics
|
|
74
|
+
* Authorization-api owns glob semantics.
|
|
75
75
|
*/
|
|
76
76
|
resourceGlob: string;
|
|
77
77
|
allowedEnvironments: readonly string[];
|
|
@@ -10,8 +10,8 @@ export { GrantConstraintsSchema } from './capability-grant';
|
|
|
10
10
|
|
|
11
11
|
/**
|
|
12
12
|
* `CapabilityPolicy` is what an `ExecutionEnvironment` carries to advertise the
|
|
13
|
-
* capability surface allowed *within* that environment
|
|
14
|
-
* `ExecutionEnvironment.allowedCapabilities[]`).
|
|
13
|
+
* capability surface allowed *within* that environment
|
|
14
|
+
* (`ExecutionEnvironment.allowedCapabilities[]`).
|
|
15
15
|
*
|
|
16
16
|
* A environment's policy is a NECESSARY-but-not-sufficient condition for a runtime
|
|
17
17
|
* call: the environment allows the capability AND the subject has a matching
|
|
@@ -2,7 +2,7 @@ import { z } from 'zod';
|
|
|
2
2
|
import { CapabilityRefParseError } from './errors';
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
|
-
* Canonical Capability Reference grammar
|
|
5
|
+
* Canonical Capability Reference grammar:
|
|
6
6
|
*
|
|
7
7
|
* `<domain>:<resource>.<verb>@<major>`
|
|
8
8
|
*
|
|
@@ -12,14 +12,14 @@ import { CapabilityRefParseError } from './errors';
|
|
|
12
12
|
* - `<domain>` and the first `<resource>` segment match
|
|
13
13
|
* `/^[a-z][a-z0-9-]*$/` (kebab, must start with a letter).
|
|
14
14
|
* - The `<resource>.<verb>` portion is one OR MORE `.`-joined kebab segments
|
|
15
|
-
* (each segment matches the same shape as `<domain>`). This permits
|
|
16
|
-
* examples
|
|
15
|
+
* (each segment matches the same shape as `<domain>`). This permits
|
|
16
|
+
* examples such as `kb:page.read@1`, `connector:scm.merge@1`,
|
|
17
17
|
* `document:render.pdf@1`, `connector:tracker.issue.create@1`, AND
|
|
18
18
|
* nested forms such as `model-resolution:select@1` (single segment after
|
|
19
19
|
* `:`, where the segment IS the verb on the implicit resource).
|
|
20
20
|
* - `<major>` is one or more digits (no leading sign, no float). The major
|
|
21
21
|
* version is part of the ref itself — capability refs version like
|
|
22
|
-
* syscalls
|
|
22
|
+
* syscalls.
|
|
23
23
|
*
|
|
24
24
|
* Invariants enforced by `parseCapabilityRef` / `CapabilityRefSchema`:
|
|
25
25
|
*
|
|
@@ -7,12 +7,10 @@ import { z } from 'zod';
|
|
|
7
7
|
* so callers can branch structurally (no string parsing). The set covers:
|
|
8
8
|
* - parse-time failures on `CapabilityRef`;
|
|
9
9
|
* - resolution failures when no contribution implements the ref;
|
|
10
|
-
* - the four distinct denial axes
|
|
10
|
+
* - the four distinct denial axes
|
|
11
11
|
* (environment, grant, rate-limit, human-approval);
|
|
12
12
|
* - the "you do not even have a grant row" case that drives `xema why-denied`
|
|
13
|
-
* suggestion `request-grant
|
|
14
|
-
*
|
|
15
|
-
* Plan-of-record references: §3.3, §30.5, §31.8.
|
|
13
|
+
* suggestion `request-grant`.
|
|
16
14
|
*/
|
|
17
15
|
export enum CapabilityErrorCode {
|
|
18
16
|
CapabilityRefInvalid = 'CAPABILITY_REF_INVALID',
|
|
@@ -25,7 +23,7 @@ export enum CapabilityErrorCode {
|
|
|
25
23
|
AuthorizationUnreachable = 'AUTHORIZATION_UNREACHABLE',
|
|
26
24
|
/**
|
|
27
25
|
* The invocation passed authorization but its mandatory audit record
|
|
28
|
-
* could not be persisted after retries
|
|
26
|
+
* could not be persisted after retries. The gateway refuses the
|
|
29
27
|
* invocation rather than completing it without an audit trail — surfaced
|
|
30
28
|
* as a 503 so the caller can retry (the audit write is idempotent on
|
|
31
29
|
* `auditId`). This is the fail-fast path for the audit sink; it is NEVER
|
|
@@ -52,7 +50,7 @@ export enum CapabilityErrorCode {
|
|
|
52
50
|
* `externalServiceRef`), but authorization-api's credential-binding
|
|
53
51
|
* precedence resolved no permitted binding for this invocation — no explicit
|
|
54
52
|
* grant binding, no capability-descriptor default, and no project/org
|
|
55
|
-
* default. Fail-fast
|
|
53
|
+
* default. Fail-fast: the PDP returns `deny` with
|
|
56
54
|
* this code rather than letting the invocation run credential-less or letting
|
|
57
55
|
* a gateway silently pick a credential. The broker NEVER chooses a binding;
|
|
58
56
|
* the PDP is the single authority.
|
|
@@ -66,8 +64,6 @@ export const CapabilityErrorCodeSchema = z.nativeEnum(CapabilityErrorCode);
|
|
|
66
64
|
* Discriminated "why" structure for a denial decision. One denial may carry
|
|
67
65
|
* multiple `CapabilityDenialDetail` entries (e.g. the grant exists but the
|
|
68
66
|
* resource glob does not match AND the rate-limit is exhausted).
|
|
69
|
-
*
|
|
70
|
-
* Plan-of-record reference: §31.8.
|
|
71
67
|
*/
|
|
72
68
|
export interface CapabilityDenialDetail {
|
|
73
69
|
code: CapabilityErrorCode;
|
|
@@ -83,8 +79,6 @@ export const CapabilityDenialDetailSchema = z.object({
|
|
|
83
79
|
* Suggestions the Capability Gateway returns so an agent (or a human via
|
|
84
80
|
* `xema why-denied`) can self-correct without trial-and-error.
|
|
85
81
|
*
|
|
86
|
-
* Plan-of-record reference: §31.8.
|
|
87
|
-
*
|
|
88
82
|
* The discriminator `kind` is a closed set; do NOT widen with free-form
|
|
89
83
|
* strings.
|
|
90
84
|
*/
|
|
@@ -3,14 +3,11 @@ import { z } from 'zod';
|
|
|
3
3
|
import { CapabilityRefSchema, type CapabilityRef } from './capability-ref';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
|
-
*
|
|
6
|
+
* The agent-facing MCP surface collapses to exactly three
|
|
7
7
|
* meta-tools. The set is CLOSED — no free-form strings — so we ship the
|
|
8
8
|
* canonical names as a kernel enum that the router controller, the
|
|
9
9
|
* mcp-gateway federation bridge, and any downstream client can all agree on.
|
|
10
10
|
*
|
|
11
|
-
* Plan-of-record:
|
|
12
|
-
* `.claude/plans/following-up-the-xema-os-plan-md-abstract-stream.md` §6.H
|
|
13
|
-
*
|
|
14
11
|
* The string values are the wire names emitted to OpenCode via the
|
|
15
12
|
* mcp-gateway federation bridge (`resolveAsMetaTools()`). They are also the
|
|
16
13
|
* suffix segments of the router HTTP routes:
|
|
@@ -28,7 +25,7 @@ export enum MetaToolName {
|
|
|
28
25
|
export const MetaToolNameSchema = z.nativeEnum(MetaToolName);
|
|
29
26
|
|
|
30
27
|
/**
|
|
31
|
-
* Wire-side audit topic for every meta-tool invocation
|
|
28
|
+
* Wire-side audit topic for every meta-tool invocation. Kept here
|
|
32
29
|
* — not in a service — so analytics consumers and the router emit the same
|
|
33
30
|
* string.
|
|
34
31
|
*/
|
|
@@ -2,12 +2,12 @@ import { z } from 'zod';
|
|
|
2
2
|
import { CapabilityRefSchema, type CapabilityRef } from './capability-ref';
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
|
-
* Closed set of built-in permission **Profiles** shipped by the kernel
|
|
6
|
-
*
|
|
5
|
+
* Closed set of built-in permission **Profiles** shipped by the kernel.
|
|
6
|
+
* Profiles are pre-canned `GrantPolicy` templates that an
|
|
7
7
|
* org admin can apply with one click at biome install time.
|
|
8
8
|
*
|
|
9
9
|
* Third-party biomes MUST NOT add profiles (would be a privilege-escalation
|
|
10
|
-
* vector
|
|
10
|
+
* vector). Orgs may add **Custom Profiles** stored in
|
|
11
11
|
* `authorization-api`, but those are runtime data, not kernel enum values.
|
|
12
12
|
*
|
|
13
13
|
* String values are kebab-case so they match the on-wire / on-disk
|
|
@@ -32,7 +32,7 @@ export const BiomePermissionProfileSchema = z.nativeEnum(
|
|
|
32
32
|
|
|
33
33
|
/**
|
|
34
34
|
* Risk tier of a single capability ask, declared by the biome author in
|
|
35
|
-
* the manifest
|
|
35
|
+
* the manifest. Drives the install-time digest and
|
|
36
36
|
* default approval requirements (`critical` always requires explicit
|
|
37
37
|
* approval, regardless of profile).
|
|
38
38
|
*/
|
|
@@ -47,7 +47,7 @@ export const CapabilityRiskTierSchema = z.nativeEnum(CapabilityRiskTier);
|
|
|
47
47
|
|
|
48
48
|
/**
|
|
49
49
|
* `PermissionHint` — one entry per declared `requiresCapabilities[]` ref
|
|
50
|
-
* in the biome manifest's `permissions.hints[]` block
|
|
50
|
+
* in the biome manifest's `permissions.hints[]` block.
|
|
51
51
|
*
|
|
52
52
|
* The hint is author-facing copy that drives the install-time digest UI;
|
|
53
53
|
* it does NOT itself grant anything. The grant materialises only when the
|
|
@@ -76,8 +76,8 @@ export const PermissionHintSchema = z.object({
|
|
|
76
76
|
|
|
77
77
|
/**
|
|
78
78
|
* `PermissionGroup` — author-side bundling of related capabilities so the
|
|
79
|
-
* install UI can render "Grant the *kb-read* group" as one toggle
|
|
80
|
-
*
|
|
79
|
+
* install UI can render "Grant the *kb-read* group" as one toggle.
|
|
80
|
+
* Grants are still recorded per-capability in
|
|
81
81
|
* `authorization-api`; the group is pure UX sugar.
|
|
82
82
|
*/
|
|
83
83
|
export interface PermissionGroup {
|