@xemahq/ui-kernel 0.1.6 → 0.1.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (197) hide show
  1. package/dist/lib/biome-host/agent-validation.d.ts +22 -0
  2. package/dist/lib/biome-host/agent-validation.d.ts.map +1 -0
  3. package/dist/lib/biome-host/agent-validation.js +127 -0
  4. package/dist/lib/biome-host/agent-validation.js.map +1 -0
  5. package/dist/lib/biome-host/create-biome-orval-config.d.ts +14 -0
  6. package/dist/lib/biome-host/create-biome-orval-config.d.ts.map +1 -0
  7. package/dist/lib/biome-host/create-biome-orval-config.js +22 -0
  8. package/dist/lib/biome-host/create-biome-orval-config.js.map +1 -0
  9. package/dist/lib/biome-host/frontend-biome.d.ts +3 -1
  10. package/dist/lib/biome-host/frontend-biome.d.ts.map +1 -1
  11. package/dist/lib/biome-host/host-bridge.d.ts +2 -0
  12. package/dist/lib/biome-host/host-bridge.d.ts.map +1 -1
  13. package/dist/lib/biome-host/host-bridge.js.map +1 -1
  14. package/dist/lib/biome-host/host-sources.d.ts +2 -0
  15. package/dist/lib/biome-host/host-sources.d.ts.map +1 -1
  16. package/dist/lib/biome-host/index.d.ts +2 -1
  17. package/dist/lib/biome-host/index.d.ts.map +1 -1
  18. package/dist/lib/biome-host/index.js +2 -1
  19. package/dist/lib/biome-host/index.js.map +1 -1
  20. package/dist/registry/index.d.ts +1 -1
  21. package/dist/registry/index.d.ts.map +1 -1
  22. package/dist/registry/index.js +1 -1
  23. package/dist/registry/index.js.map +1 -1
  24. package/dist/registry/lib/agent-validation-host.d.ts +3 -0
  25. package/dist/registry/lib/agent-validation-host.d.ts.map +1 -0
  26. package/dist/registry/lib/agent-validation-host.js +10 -0
  27. package/dist/registry/lib/agent-validation-host.js.map +1 -0
  28. package/dist/session-kit/approvals/ApprovalButton.d.ts +14 -0
  29. package/dist/session-kit/approvals/ApprovalButton.d.ts.map +1 -0
  30. package/dist/session-kit/approvals/ApprovalButton.js +45 -0
  31. package/dist/session-kit/approvals/ApprovalButton.js.map +1 -0
  32. package/dist/session-kit/approvals/ApprovalCard.d.ts +12 -0
  33. package/dist/session-kit/approvals/ApprovalCard.d.ts.map +1 -0
  34. package/dist/session-kit/approvals/ApprovalCard.js +117 -0
  35. package/dist/session-kit/approvals/ApprovalCard.js.map +1 -0
  36. package/dist/session-kit/approvals/ApprovalsCenter.d.ts +11 -0
  37. package/dist/session-kit/approvals/ApprovalsCenter.d.ts.map +1 -0
  38. package/dist/session-kit/approvals/ApprovalsCenter.js +127 -0
  39. package/dist/session-kit/approvals/ApprovalsCenter.js.map +1 -0
  40. package/dist/session-kit/approvals/CapabilityApprovalStickyBar.d.ts +12 -0
  41. package/dist/session-kit/approvals/CapabilityApprovalStickyBar.d.ts.map +1 -0
  42. package/dist/session-kit/approvals/CapabilityApprovalStickyBar.js +36 -0
  43. package/dist/session-kit/approvals/CapabilityApprovalStickyBar.js.map +1 -0
  44. package/dist/session-kit/approvals/Obligation.d.ts +15 -0
  45. package/dist/session-kit/approvals/Obligation.d.ts.map +1 -0
  46. package/dist/session-kit/approvals/Obligation.js +42 -0
  47. package/dist/session-kit/approvals/Obligation.js.map +1 -0
  48. package/dist/session-kit/approvals/ScopedBody.d.ts +9 -0
  49. package/dist/session-kit/approvals/ScopedBody.d.ts.map +1 -0
  50. package/dist/session-kit/approvals/ScopedBody.js +145 -0
  51. package/dist/session-kit/approvals/ScopedBody.js.map +1 -0
  52. package/dist/session-kit/approvals/approval-icons.d.ts +15 -0
  53. package/dist/session-kit/approvals/approval-icons.d.ts.map +1 -0
  54. package/dist/session-kit/approvals/approval-icons.js +3 -0
  55. package/dist/session-kit/approvals/approval-icons.js.map +1 -0
  56. package/dist/session-kit/approvals/approval-model.d.ts +83 -0
  57. package/dist/session-kit/approvals/approval-model.d.ts.map +1 -0
  58. package/dist/session-kit/approvals/approval-model.js +25 -0
  59. package/dist/session-kit/approvals/approval-model.js.map +1 -0
  60. package/dist/session-kit/approvals/index.d.ts +12 -0
  61. package/dist/session-kit/approvals/index.d.ts.map +1 -0
  62. package/dist/session-kit/approvals/index.js +28 -0
  63. package/dist/session-kit/approvals/index.js.map +1 -0
  64. package/dist/session-kit/approvals/obligation-display.d.ts +17 -0
  65. package/dist/session-kit/approvals/obligation-display.d.ts.map +1 -0
  66. package/dist/session-kit/approvals/obligation-display.js +58 -0
  67. package/dist/session-kit/approvals/obligation-display.js.map +1 -0
  68. package/dist/session-kit/approvals/risk-accent.d.ts +8 -0
  69. package/dist/session-kit/approvals/risk-accent.d.ts.map +1 -0
  70. package/dist/session-kit/approvals/risk-accent.js +28 -0
  71. package/dist/session-kit/approvals/risk-accent.js.map +1 -0
  72. package/dist/session-kit/approvals/scope-icons.d.ts +12 -0
  73. package/dist/session-kit/approvals/scope-icons.d.ts.map +1 -0
  74. package/dist/session-kit/approvals/scope-icons.js +14 -0
  75. package/dist/session-kit/approvals/scope-icons.js.map +1 -0
  76. package/dist/session-kit/combobox/Combobox.d.ts +46 -0
  77. package/dist/session-kit/combobox/Combobox.d.ts.map +1 -0
  78. package/dist/session-kit/combobox/Combobox.js +113 -0
  79. package/dist/session-kit/combobox/Combobox.js.map +1 -0
  80. package/dist/session-kit/combobox/use-click-outside.d.ts +3 -0
  81. package/dist/session-kit/combobox/use-click-outside.d.ts.map +1 -0
  82. package/dist/session-kit/combobox/use-click-outside.js +18 -0
  83. package/dist/session-kit/combobox/use-click-outside.js.map +1 -0
  84. package/dist/session-kit/display/ContextHeader.d.ts +27 -0
  85. package/dist/session-kit/display/ContextHeader.d.ts.map +1 -0
  86. package/dist/session-kit/display/ContextHeader.js +47 -0
  87. package/dist/session-kit/display/ContextHeader.js.map +1 -0
  88. package/dist/session-kit/display/FileDiffCard.d.ts +18 -0
  89. package/dist/session-kit/display/FileDiffCard.d.ts.map +1 -0
  90. package/dist/session-kit/display/FileDiffCard.js +58 -0
  91. package/dist/session-kit/display/FileDiffCard.js.map +1 -0
  92. package/dist/session-kit/display/MD.d.ts +7 -0
  93. package/dist/session-kit/display/MD.d.ts.map +1 -0
  94. package/dist/session-kit/display/MD.js +89 -0
  95. package/dist/session-kit/display/MD.js.map +1 -0
  96. package/dist/session-kit/display/MessageTurn.d.ts +21 -0
  97. package/dist/session-kit/display/MessageTurn.d.ts.map +1 -0
  98. package/dist/session-kit/display/MessageTurn.js +62 -0
  99. package/dist/session-kit/display/MessageTurn.js.map +1 -0
  100. package/dist/session-kit/display/ThinkingPanel.d.ts +12 -0
  101. package/dist/session-kit/display/ThinkingPanel.d.ts.map +1 -0
  102. package/dist/session-kit/display/ThinkingPanel.js +30 -0
  103. package/dist/session-kit/display/ThinkingPanel.js.map +1 -0
  104. package/dist/session-kit/display/TodoChecklist.d.ts +17 -0
  105. package/dist/session-kit/display/TodoChecklist.d.ts.map +1 -0
  106. package/dist/session-kit/display/TodoChecklist.js +50 -0
  107. package/dist/session-kit/display/TodoChecklist.js.map +1 -0
  108. package/dist/session-kit/display/TokenMeter.d.ts +15 -0
  109. package/dist/session-kit/display/TokenMeter.d.ts.map +1 -0
  110. package/dist/session-kit/display/TokenMeter.js +35 -0
  111. package/dist/session-kit/display/TokenMeter.js.map +1 -0
  112. package/dist/session-kit/display/ToolStrip.d.ts +31 -0
  113. package/dist/session-kit/display/ToolStrip.d.ts.map +1 -0
  114. package/dist/session-kit/display/ToolStrip.js +99 -0
  115. package/dist/session-kit/display/ToolStrip.js.map +1 -0
  116. package/dist/session-kit/display/TypingDots.d.ts +3 -0
  117. package/dist/session-kit/display/TypingDots.d.ts.map +1 -0
  118. package/dist/session-kit/display/TypingDots.js +14 -0
  119. package/dist/session-kit/display/TypingDots.js.map +1 -0
  120. package/dist/session-kit/index.d.ts +21 -0
  121. package/dist/session-kit/index.d.ts.map +1 -0
  122. package/dist/session-kit/index.js +37 -0
  123. package/dist/session-kit/index.js.map +1 -0
  124. package/dist/session-kit/lib/enums.d.ts +34 -0
  125. package/dist/session-kit/lib/enums.d.ts.map +1 -0
  126. package/dist/session-kit/lib/enums.js +44 -0
  127. package/dist/session-kit/lib/enums.js.map +1 -0
  128. package/dist/session-kit/lib/portal-accent.d.ts +3 -0
  129. package/dist/session-kit/lib/portal-accent.d.ts.map +1 -0
  130. package/dist/session-kit/lib/portal-accent.js +9 -0
  131. package/dist/session-kit/lib/portal-accent.js.map +1 -0
  132. package/dist/session-kit/lib/status-dot.d.ts +10 -0
  133. package/dist/session-kit/lib/status-dot.d.ts.map +1 -0
  134. package/dist/session-kit/lib/status-dot.js +43 -0
  135. package/dist/session-kit/lib/status-dot.js.map +1 -0
  136. package/dist/session-kit/primitives/Avatar.d.ts +10 -0
  137. package/dist/session-kit/primitives/Avatar.d.ts.map +1 -0
  138. package/dist/session-kit/primitives/Avatar.js +21 -0
  139. package/dist/session-kit/primitives/Avatar.js.map +1 -0
  140. package/dist/session-kit/primitives/PortalGlyph.d.ts +12 -0
  141. package/dist/session-kit/primitives/PortalGlyph.d.ts.map +1 -0
  142. package/dist/session-kit/primitives/PortalGlyph.js +21 -0
  143. package/dist/session-kit/primitives/PortalGlyph.js.map +1 -0
  144. package/dist/session-kit/primitives/RiskPill.d.ts +12 -0
  145. package/dist/session-kit/primitives/RiskPill.d.ts.map +1 -0
  146. package/dist/session-kit/primitives/RiskPill.js +53 -0
  147. package/dist/session-kit/primitives/RiskPill.js.map +1 -0
  148. package/dist/session-kit/primitives/ScopeDot.d.ts +9 -0
  149. package/dist/session-kit/primitives/ScopeDot.d.ts.map +1 -0
  150. package/dist/session-kit/primitives/ScopeDot.js +23 -0
  151. package/dist/session-kit/primitives/ScopeDot.js.map +1 -0
  152. package/dist/session-kit/primitives/Segmented.d.ts +16 -0
  153. package/dist/session-kit/primitives/Segmented.d.ts.map +1 -0
  154. package/dist/session-kit/primitives/Segmented.js +31 -0
  155. package/dist/session-kit/primitives/Segmented.js.map +1 -0
  156. package/package.json +2 -2
  157. package/src/lib/biome-host/create-biome-orval-config.ts +76 -0
  158. package/src/lib/biome-host/frontend-biome.ts +22 -2
  159. package/src/lib/biome-host/host-bridge.ts +22 -0
  160. package/src/lib/biome-host/host-sources.ts +13 -0
  161. package/src/lib/biome-host/index.ts +2 -1
  162. package/src/registry/index.ts +1 -1
  163. package/src/registry/lib/extension-points.ts +1 -1
  164. package/src/session-kit/approvals/ApprovalButton.tsx +89 -0
  165. package/src/session-kit/approvals/ApprovalCard.tsx +336 -0
  166. package/src/session-kit/approvals/ApprovalsCenter.tsx +327 -0
  167. package/src/session-kit/approvals/CapabilityApprovalStickyBar.tsx +118 -0
  168. package/src/session-kit/approvals/Obligation.tsx +111 -0
  169. package/src/session-kit/approvals/ScopedBody.tsx +392 -0
  170. package/src/session-kit/approvals/approval-icons.ts +31 -0
  171. package/src/session-kit/approvals/approval-model.ts +205 -0
  172. package/src/session-kit/approvals/index.ts +22 -0
  173. package/src/session-kit/approvals/obligation-display.ts +100 -0
  174. package/src/session-kit/approvals/risk-accent.ts +47 -0
  175. package/src/session-kit/approvals/scope-icons.ts +19 -0
  176. package/src/session-kit/combobox/Combobox.tsx +327 -0
  177. package/src/session-kit/combobox/use-click-outside.ts +21 -0
  178. package/src/session-kit/display/ContextHeader.tsx +148 -0
  179. package/src/session-kit/display/FileDiffCard.tsx +140 -0
  180. package/src/session-kit/display/MD.tsx +153 -0
  181. package/src/session-kit/display/MessageTurn.tsx +157 -0
  182. package/src/session-kit/display/ThinkingPanel.tsx +78 -0
  183. package/src/session-kit/display/TodoChecklist.tsx +120 -0
  184. package/src/session-kit/display/TokenMeter.tsx +89 -0
  185. package/src/session-kit/display/ToolStrip.tsx +278 -0
  186. package/src/session-kit/display/TypingDots.tsx +24 -0
  187. package/src/session-kit/index.ts +44 -0
  188. package/src/session-kit/lib/enums.ts +66 -0
  189. package/src/session-kit/lib/portal-accent.ts +30 -0
  190. package/src/session-kit/lib/status-dot.ts +68 -0
  191. package/src/session-kit/primitives/Avatar.tsx +44 -0
  192. package/src/session-kit/primitives/PortalGlyph.tsx +51 -0
  193. package/src/session-kit/primitives/RiskPill.tsx +95 -0
  194. package/src/session-kit/primitives/ScopeDot.tsx +47 -0
  195. package/src/session-kit/primitives/Segmented.tsx +71 -0
  196. /package/src/lib/biome-host/{composition-validation.ts → agent-validation.ts} +0 -0
  197. /package/src/registry/lib/{composition-validation-host.ts → agent-validation-host.ts} +0 -0
@@ -0,0 +1,392 @@
1
+ /**
2
+ * Scoped approval bodies (HANDOFF §6) — the biome-supplied typed detail
3
+ * that renders UNDER the generic frame.
4
+ *
5
+ * `ScopedBody` is an EXHAUSTIVE switch over `ApprovalScopeKind`. A scope
6
+ * whose `kind` is outside the closed set fails SAFE to a visible
7
+ * "unknown scope" placeholder (it surfaces the raw kind) rather than
8
+ * silently dropping the body — the same fail-fast-but-visible contract as
9
+ * the unknown-obligation and unknown-chat-widget paths.
10
+ *
11
+ * Icon-agnostic: bodies that need a glyph take a `renderIcon` mapping a
12
+ * stable `ScopeIcon` key to a host icon node.
13
+ */
14
+ import {
15
+ ApprovalScopeKind,
16
+ type ApprovalScope,
17
+ type DeployScope,
18
+ type FilesScope,
19
+ type PaymentScope,
20
+ type SlackScope,
21
+ type SqlScope,
22
+ } from './approval-model';
23
+ import { ScopeIcon, type ScopeIconRenderer } from './scope-icons';
24
+
25
+ import type { ReactElement, ReactNode } from 'react';
26
+
27
+ export interface ScopedBodyProps {
28
+ readonly scope: ApprovalScope;
29
+ readonly renderIcon: ScopeIconRenderer;
30
+ }
31
+
32
+ export function ScopedBody({
33
+ scope,
34
+ renderIcon,
35
+ }: ScopedBodyProps): ReactElement {
36
+ switch (scope.kind) {
37
+ case ApprovalScopeKind.Payment:
38
+ return <PaymentBody s={scope} />;
39
+ case ApprovalScopeKind.Sql:
40
+ return <SqlBody s={scope} renderIcon={renderIcon} />;
41
+ case ApprovalScopeKind.Slack:
42
+ return <SlackBody s={scope} renderIcon={renderIcon} />;
43
+ case ApprovalScopeKind.Deploy:
44
+ return <DeployBody s={scope} renderIcon={renderIcon} />;
45
+ case ApprovalScopeKind.Files:
46
+ return <FilesBody s={scope} renderIcon={renderIcon} />;
47
+ default:
48
+ return <UnknownScopeBody scope={scope} />;
49
+ }
50
+ }
51
+
52
+ /** Visible fallback for a scope kind the host does not (yet) understand. */
53
+ function UnknownScopeBody({
54
+ scope,
55
+ }: Readonly<{ scope: { readonly kind: string } }>): ReactElement {
56
+ return (
57
+ <div
58
+ style={{
59
+ padding: '8px 11px',
60
+ borderRadius: 7,
61
+ border: '1px dashed hsl(var(--rule-2))',
62
+ background: 'hsl(var(--muted))',
63
+ fontSize: 12,
64
+ color: 'hsl(var(--ink-3))',
65
+ }}
66
+ >
67
+ Unknown approval detail{' '}
68
+ <span className="mono" style={{ color: 'hsl(var(--ink-2))' }}>
69
+ {scope.kind}
70
+ </span>{' '}
71
+ — this biome ships a scope kind this host build cannot render. Review
72
+ the request before deciding.
73
+ </div>
74
+ );
75
+ }
76
+
77
+ function KV({
78
+ k,
79
+ v,
80
+ mono,
81
+ strong,
82
+ }: Readonly<{
83
+ k: string;
84
+ v: ReactNode;
85
+ mono?: boolean;
86
+ strong?: boolean;
87
+ }>): ReactElement {
88
+ return (
89
+ <div
90
+ style={{
91
+ display: 'flex',
92
+ justifyContent: 'space-between',
93
+ gap: 12,
94
+ padding: '3px 0',
95
+ }}
96
+ >
97
+ <span
98
+ style={{ fontSize: 12, color: 'hsl(var(--ink-3))', whiteSpace: 'nowrap' }}
99
+ >
100
+ {k}
101
+ </span>
102
+ <span
103
+ className={mono ? 'mono' : undefined}
104
+ style={{
105
+ fontSize: mono ? 12 : 12.5,
106
+ color: 'hsl(var(--ink))',
107
+ fontWeight: strong ? 600 : 450,
108
+ textAlign: 'right',
109
+ whiteSpace: 'nowrap',
110
+ }}
111
+ >
112
+ {v}
113
+ </span>
114
+ </div>
115
+ );
116
+ }
117
+
118
+ function PaymentBody({ s }: Readonly<{ s: PaymentScope }>): ReactElement {
119
+ return (
120
+ <div>
121
+ <div style={{ marginBottom: 9 }}>
122
+ <div
123
+ className="serif"
124
+ style={{
125
+ fontSize: 27,
126
+ fontWeight: 600,
127
+ color: 'hsl(var(--ink))',
128
+ lineHeight: 1.05,
129
+ }}
130
+ >
131
+ {s.amount}
132
+ </div>
133
+ <div
134
+ style={{ fontSize: 12.5, color: 'hsl(var(--ink-3))', marginTop: 2 }}
135
+ >
136
+ to {s.payee}
137
+ </div>
138
+ </div>
139
+ <div style={{ borderTop: '1px solid hsl(var(--rule))', paddingTop: 4 }}>
140
+ <KV k="Method" v={s.method} />
141
+ <KV k="Account" v={s.account} mono />
142
+ {s.memo && <KV k="Memo" v={s.memo} />}
143
+ </div>
144
+ </div>
145
+ );
146
+ }
147
+
148
+ function SqlBody({
149
+ s,
150
+ renderIcon,
151
+ }: Readonly<{ s: SqlScope; renderIcon: ScopeIconRenderer }>): ReactElement {
152
+ return (
153
+ <div>
154
+ <div
155
+ style={{ display: 'flex', gap: 8, marginBottom: 7, flexWrap: 'wrap' }}
156
+ >
157
+ <Tag icon={renderIcon(ScopeIcon.Database, 12)} t={s.dialect} />
158
+ <Tag icon={renderIcon(ScopeIcon.Layers, 12)} t={s.table} />
159
+ <Tag
160
+ icon={renderIcon(ScopeIcon.Alert, 12)}
161
+ t={`${s.rowsAffected} rows`}
162
+ warn
163
+ />
164
+ </div>
165
+ <pre
166
+ className="mono"
167
+ style={{
168
+ margin: 0,
169
+ padding: '10px 12px',
170
+ background: 'hsl(var(--ink) / 0.04)',
171
+ border: '1px solid hsl(var(--rule))',
172
+ borderRadius: 8,
173
+ fontSize: 12,
174
+ lineHeight: 1.6,
175
+ color: 'hsl(var(--ink))',
176
+ overflowX: 'auto',
177
+ whiteSpace: 'pre',
178
+ }}
179
+ >
180
+ {s.query}
181
+ </pre>
182
+ </div>
183
+ );
184
+ }
185
+
186
+ function SlackBody({
187
+ s,
188
+ renderIcon,
189
+ }: Readonly<{ s: SlackScope; renderIcon: ScopeIconRenderer }>): ReactElement {
190
+ return (
191
+ <div>
192
+ <div
193
+ style={{
194
+ display: 'flex',
195
+ alignItems: 'center',
196
+ gap: 8,
197
+ marginBottom: 7,
198
+ fontSize: 12.5,
199
+ }}
200
+ >
201
+ <span style={{ color: 'hsl(var(--ink-3))', display: 'inline-flex' }}>
202
+ {renderIcon(ScopeIcon.Send, 13)}
203
+ </span>
204
+ <span
205
+ className="mono"
206
+ style={{ color: 'hsl(var(--ink))', fontWeight: 600 }}
207
+ >
208
+ {s.channel}
209
+ </span>
210
+ <span style={{ color: 'hsl(var(--ink-4))' }}>
211
+ · {s.workspace} · as {s.as}
212
+ </span>
213
+ </div>
214
+ <div
215
+ style={{
216
+ padding: '10px 12px',
217
+ background: 'hsl(var(--paper-elev))',
218
+ border: '1px solid hsl(var(--rule))',
219
+ borderRadius: 8,
220
+ fontSize: 13,
221
+ lineHeight: 1.55,
222
+ color: 'hsl(var(--ink-2))',
223
+ whiteSpace: 'pre-wrap',
224
+ }}
225
+ >
226
+ {s.message}
227
+ </div>
228
+ </div>
229
+ );
230
+ }
231
+
232
+ function DeployBody({
233
+ s,
234
+ renderIcon,
235
+ }: Readonly<{ s: DeployScope; renderIcon: ScopeIconRenderer }>): ReactElement {
236
+ return (
237
+ <div>
238
+ <div
239
+ style={{
240
+ display: 'flex',
241
+ alignItems: 'center',
242
+ gap: 8,
243
+ marginBottom: 8,
244
+ }}
245
+ >
246
+ <span
247
+ className="mono serif"
248
+ style={{ fontSize: 18, fontWeight: 600, color: 'hsl(var(--ink))' }}
249
+ >
250
+ {s.version}
251
+ </span>
252
+ <span style={{ color: 'hsl(var(--ink-4))', display: 'inline-flex' }}>
253
+ {renderIcon(ScopeIcon.ArrowRight, 14)}
254
+ </span>
255
+ <Tag icon={renderIcon(ScopeIcon.Globe, 12)} t={s.cluster} warn />
256
+ </div>
257
+ <div style={{ display: 'flex', gap: 14, marginBottom: 8 }}>
258
+ <Stat2 n={s.services} l="services" />
259
+ <Stat2 n={s.migrations} l="migrations" warn />
260
+ </div>
261
+ <div style={{ display: 'flex', flexDirection: 'column', gap: 3 }}>
262
+ {s.changelog.map((c) => (
263
+ <div
264
+ key={c}
265
+ style={{
266
+ display: 'flex',
267
+ gap: 8,
268
+ fontSize: 12,
269
+ color: 'hsl(var(--ink-2))',
270
+ }}
271
+ >
272
+ <span
273
+ style={{
274
+ marginTop: 7,
275
+ width: 3,
276
+ height: 3,
277
+ borderRadius: '50%',
278
+ background: 'hsl(var(--ink-4))',
279
+ flexShrink: 0,
280
+ }}
281
+ />
282
+ <span className="mono" style={{ fontSize: 11.5 }}>
283
+ {c}
284
+ </span>
285
+ </div>
286
+ ))}
287
+ </div>
288
+ </div>
289
+ );
290
+ }
291
+
292
+ function FilesBody({
293
+ s,
294
+ renderIcon,
295
+ }: Readonly<{ s: FilesScope; renderIcon: ScopeIconRenderer }>): ReactElement {
296
+ return (
297
+ <div style={{ display: 'flex', flexDirection: 'column', gap: 5 }}>
298
+ {s.files.map((f) => (
299
+ <div
300
+ key={f.path}
301
+ style={{
302
+ display: 'flex',
303
+ alignItems: 'center',
304
+ gap: 9,
305
+ padding: '5px 9px',
306
+ background: 'hsl(var(--paper-elev))',
307
+ border: '1px solid hsl(var(--rule))',
308
+ borderRadius: 7,
309
+ }}
310
+ >
311
+ <span style={{ color: 'hsl(var(--warning))', display: 'inline-flex' }}>
312
+ {renderIcon(ScopeIcon.FileEdit, 13)}
313
+ </span>
314
+ <span
315
+ className="mono"
316
+ style={{
317
+ fontSize: 12,
318
+ color: 'hsl(var(--ink))',
319
+ flex: 1,
320
+ overflow: 'hidden',
321
+ textOverflow: 'ellipsis',
322
+ whiteSpace: 'nowrap',
323
+ }}
324
+ >
325
+ {f.path}
326
+ </span>
327
+ <span
328
+ className="mono"
329
+ style={{ fontSize: 11, color: 'hsl(var(--success))' }}
330
+ >
331
+ +{f.add}
332
+ </span>
333
+ <span
334
+ className="mono"
335
+ style={{ fontSize: 11, color: 'hsl(var(--danger))' }}
336
+ >
337
+ −{f.del}
338
+ </span>
339
+ </div>
340
+ ))}
341
+ </div>
342
+ );
343
+ }
344
+
345
+ function Tag({
346
+ icon,
347
+ t,
348
+ warn,
349
+ }: Readonly<{ icon: ReactNode; t: string; warn?: boolean }>): ReactElement {
350
+ return (
351
+ <span
352
+ style={{
353
+ display: 'inline-flex',
354
+ alignItems: 'center',
355
+ gap: 5,
356
+ padding: '2px 8px',
357
+ borderRadius: 6,
358
+ fontSize: 11.5,
359
+ background: warn ? 'hsl(var(--warning) / 0.1)' : 'hsl(var(--muted))',
360
+ border: `1px solid ${
361
+ warn ? 'hsl(var(--warning) / 0.3)' : 'hsl(var(--rule))'
362
+ }`,
363
+ color: warn ? 'hsl(var(--warning))' : 'hsl(var(--ink-2))',
364
+ }}
365
+ >
366
+ {icon}
367
+ {t}
368
+ </span>
369
+ );
370
+ }
371
+
372
+ function Stat2({
373
+ n,
374
+ l,
375
+ warn,
376
+ }: Readonly<{ n: number; l: string; warn?: boolean }>): ReactElement {
377
+ return (
378
+ <span style={{ display: 'inline-flex', alignItems: 'baseline', gap: 5 }}>
379
+ <span
380
+ className="serif"
381
+ style={{
382
+ fontSize: 18,
383
+ fontWeight: 600,
384
+ color: warn ? 'hsl(var(--warning))' : 'hsl(var(--ink))',
385
+ }}
386
+ >
387
+ {n}
388
+ </span>
389
+ <span style={{ fontSize: 11.5, color: 'hsl(var(--ink-3))' }}>{l}</span>
390
+ </span>
391
+ );
392
+ }
@@ -0,0 +1,31 @@
1
+ /**
2
+ * The icon contract for the approval surfaces. The kit is icon-agnostic
3
+ * (it never imports an icon set), so the host supplies one bundle that
4
+ * resolves every glyph the approval frame, scoped bodies, obligation
5
+ * chips and Center need. Keeping it as a single typed bundle means a
6
+ * consumer wires icons ONCE and passes it to every approval surface.
7
+ */
8
+ import type { ObligationIcon } from './obligation-display';
9
+ import type { ScopeIcon } from './scope-icons';
10
+ import type { ReactNode } from 'react';
11
+
12
+ export interface ApprovalIcons {
13
+ /** Map a stable obligation-chip glyph key → host icon node. */
14
+ readonly obligation: (key: ObligationIcon, size: number) => ReactNode;
15
+ /** Map a stable scoped-body glyph key → host icon node. */
16
+ readonly scope: (key: ScopeIcon, size: number) => ReactNode;
17
+ /** Frame: the "approval required" / approve shield. */
18
+ readonly shield: (size: number) => ReactNode;
19
+ /** Frame: capability-ref leading bolt. */
20
+ readonly capability: (size: number) => ReactNode;
21
+ /** Frame: approver-role person glyph. */
22
+ readonly user: (size: number) => ReactNode;
23
+ /** Quorum: multi-approver glyph. */
24
+ readonly users: (size: number) => ReactNode;
25
+ /** Resolved state: approved tick. */
26
+ readonly approved: (size: number) => ReactNode;
27
+ /** Resolved state: denied cross. */
28
+ readonly denied: (size: number) => ReactNode;
29
+ /** Generic small check (action buttons / Center). */
30
+ readonly check: (size: number) => ReactNode;
31
+ }
@@ -0,0 +1,205 @@
1
+ /**
2
+ * Approval primitive — generic frame model + scoped-body payloads
3
+ * (Pillar 3 of the Xema Portals design handoff; HANDOFF §6).
4
+ *
5
+ * The approval is the runtime face of a kernel policy decision: a
6
+ * capability call returns `allow | deny | needs_approval`
7
+ * (`PolicyDecisionKind`); on `needs_approval` the gateway suspends the
8
+ * call and renders a TYPED approval. The frame is identical platform-wide
9
+ * (risk pill + capability ref + obligations + quorum + actions); each
10
+ * biome supplies a typed `scope` body for rich detail — the same
11
+ * generic-frame + biome-body pattern as the in-chat widget registry
12
+ * (HANDOFF §3.2) and the preview-tab kinds (HANDOFF §5).
13
+ *
14
+ * This module REUSES the kernel contracts rather than redefining them:
15
+ * • `CapabilityRiskTier` (low/medium/high/critical) — risk pill + accent
16
+ * • `PolicyObligationKind` (the closed 9-kind taxonomy) — obligation chips
17
+ * • `CapabilityRef` (`domain.biome/action@v` mono ref)
18
+ * It only ADDS the two things the kernel has no opinion on: the closed
19
+ * `ApprovalScopeKind` set + its discriminated scope-payload union (the
20
+ * biome-supplied detail), and the binary `ApprovalDecision` the surfaces
21
+ * emit. Both are presentation contracts, not policy contracts.
22
+ */
23
+ import type { CapabilityRiskTier } from '@xemahq/kernel-contracts/capability';
24
+ import type { PolicyObligationKind } from '@xemahq/kernel-contracts/policy';
25
+
26
+ /**
27
+ * Closed set of biome-supplied scoped-body kinds (HANDOFF §6). This is the
28
+ * approval analogue of `ChatWidgetKind` — a typed, versioned catalogue of
29
+ * rich bodies that render UNDER the generic frame. The renderer
30
+ * (`ScopedBody`) switches on `kind`; an unknown kind fails SAFE to a
31
+ * visible "unknown scope" rendering rather than a silent drop.
32
+ *
33
+ * First-party kinds ship here; a biome registers a custom kind the same
34
+ * way it registers a chat widget (backend-defined, versioned). Extend the
35
+ * enum + add a body component + a `union` member in lockstep — never match
36
+ * on a free-form string.
37
+ */
38
+ export enum ApprovalScopeKind {
39
+ Payment = 'payment',
40
+ Sql = 'sql',
41
+ Slack = 'slack',
42
+ Deploy = 'deploy',
43
+ Files = 'files',
44
+ }
45
+
46
+ /** Disbursement / payment scope (finance biomes). */
47
+ export interface PaymentScope {
48
+ readonly kind: ApprovalScopeKind.Payment;
49
+ /** Pre-formatted display amount (e.g. `$18,400.00`). */
50
+ readonly amount: string;
51
+ readonly payee: string;
52
+ /** Payment rail, e.g. `ACH wire`. */
53
+ readonly method: string;
54
+ /** Masked account, e.g. `•••• 7741`. */
55
+ readonly account: string;
56
+ readonly memo?: string;
57
+ }
58
+
59
+ /** Write-query scope (data-warehouse biomes). */
60
+ export interface SqlScope {
61
+ readonly kind: ApprovalScopeKind.Sql;
62
+ readonly dialect: string;
63
+ readonly table: string;
64
+ /** Pre-formatted affected-row estimate (e.g. `≈ 1,240`). */
65
+ readonly rowsAffected: string;
66
+ readonly query: string;
67
+ }
68
+
69
+ /** Outbound message scope (chat / outreach biomes). */
70
+ export interface SlackScope {
71
+ readonly kind: ApprovalScopeKind.Slack;
72
+ readonly channel: string;
73
+ readonly workspace: string;
74
+ /** The identity the message is posted as (e.g. `@sales-bot`). */
75
+ readonly as: string;
76
+ readonly message: string;
77
+ }
78
+
79
+ /** Production-deploy scope (release biomes). */
80
+ export interface DeployScope {
81
+ readonly kind: ApprovalScopeKind.Deploy;
82
+ readonly version: string;
83
+ readonly cluster: string;
84
+ readonly services: number;
85
+ readonly migrations: number;
86
+ readonly changelog: readonly string[];
87
+ }
88
+
89
+ /** A single changed file with line deltas. */
90
+ export interface ApprovalFileChange {
91
+ readonly path: string;
92
+ readonly add: number;
93
+ readonly del: number;
94
+ }
95
+
96
+ /** Working-tree write scope (software-dev biomes). */
97
+ export interface FilesScope {
98
+ readonly kind: ApprovalScopeKind.Files;
99
+ readonly files: readonly ApprovalFileChange[];
100
+ }
101
+
102
+ /**
103
+ * Discriminated union of every first-party scope payload. The `kind`
104
+ * discriminant maps 1:1 onto `ApprovalScopeKind`; `ScopedBody` is an
105
+ * exhaustive switch over it with a safe fallback for unknown kinds (so a
106
+ * biome that ships a not-yet-known scope renders a visible placeholder
107
+ * instead of crashing or silently dropping the body).
108
+ */
109
+ export type ApprovalScope =
110
+ | PaymentScope
111
+ | SqlScope
112
+ | SlackScope
113
+ | DeployScope
114
+ | FilesScope;
115
+
116
+ /**
117
+ * A rendered obligation — the `PolicyObligationKind` discriminant plus a
118
+ * pre-formatted display value the producer derived from the typed kernel
119
+ * `PolicyObligation` payload (e.g. `max-cost-usd` → `$25,000`,
120
+ * `max-duration-seconds` → `30s`). The kit deliberately takes a formatted
121
+ * `value` string rather than the raw typed payload so the chip stays
122
+ * presentation-only; the host's `obligationDisplay` helper does the
123
+ * typed→display mapping from the wire `PolicyObligation`.
124
+ */
125
+ export interface ApprovalObligation {
126
+ readonly kind: PolicyObligationKind;
127
+ /** Pre-formatted display value for the chip's trailing mono span. */
128
+ readonly value?: string;
129
+ }
130
+
131
+ /**
132
+ * The generic approval request — the envelope every surface (inline card,
133
+ * sticky bar, Center row) renders. Field names mirror the kernel/wire
134
+ * shape so the backend approval envelope (capability ref, riskTier,
135
+ * obligations[], requireRole, requireApproverCount, approvalsIn, scope)
136
+ * maps onto it 1:1.
137
+ */
138
+ export interface ApprovalRequest {
139
+ /** Stable id of the suspended invocation awaiting approval. */
140
+ readonly id: string;
141
+ /** Capability ref (`domain.biome/action@v`) rendered mono in the frame. */
142
+ readonly capability: string;
143
+ /** Owning biome id + display name (the scoped body's provenance). */
144
+ readonly biomeId: string;
145
+ readonly biomeName: string;
146
+ /** Serif title + one-line summary (the generic frame's headline). */
147
+ readonly title: string;
148
+ readonly summary: string;
149
+ /** Kernel risk tier — drives the pill + accent + low/critical action set. */
150
+ readonly riskTier: CapabilityRiskTier;
151
+ /** Obligations rendered as chips (closed `PolicyObligationKind` taxonomy). */
152
+ readonly obligations?: readonly ApprovalObligation[];
153
+ /** Approver role required by the matched `ApprovalRule`, if any. */
154
+ readonly requireRole?: string;
155
+ /** Quorum size; `1` (or absent) = single-approver. */
156
+ readonly requireApproverCount?: number;
157
+ /** Approvals already collected toward the quorum. */
158
+ readonly approvalsIn?: number;
159
+ /** Biome-supplied typed scope body. */
160
+ readonly scope: ApprovalScope;
161
+ }
162
+
163
+ /**
164
+ * Binary surface decision. Closed set — never a free-form string. The
165
+ * "allow once" vs "approve & remember" distinction is a UI affordance on
166
+ * top of the same `Approved` decision (the remember flag is carried
167
+ * separately when the backend supports it); both resolve the suspended
168
+ * call. The denied/override-rationale path is DEFERRED (HANDOFF §6).
169
+ */
170
+ export enum ApprovalDecision {
171
+ Approved = 'approved',
172
+ Denied = 'denied',
173
+ }
174
+
175
+ /**
176
+ * A pending approval as it appears in the cross-portal Approvals Center —
177
+ * the request plus the portal/session context it was raised in. The
178
+ * portal fields are first-class so Pillar 4 (Portals) can batch and group
179
+ * approvals across portals without reshaping this model.
180
+ */
181
+ export interface ApprovalCenterItem {
182
+ /** Mirrors `request.id`; kept distinct so a Center may track its own row id. */
183
+ readonly id: string;
184
+ readonly request: ApprovalRequest;
185
+ /** Portal the approval was raised in (Pillar 4 cross-portal context). */
186
+ readonly portalId?: string;
187
+ readonly portalName?: string;
188
+ /** Portal accent token (`var(--p-*)`) for the row glyph; optional. */
189
+ readonly portalAccentVar?: `var(--${string})`;
190
+ /** Session the suspended capability belongs to ("Open session"). */
191
+ readonly sessionId?: string;
192
+ readonly sessionTitle?: string;
193
+ }
194
+
195
+ /** True when the tier always demands an explicit Approve (no allow-once). */
196
+ export function isExplicitApprovalTier(tier: CapabilityRiskTier): boolean {
197
+ // `critical` and `high` are explicit-only (HANDOFF §6: critical always
198
+ // explicit; high uses the warning accent and skips allow-once-remember).
199
+ return tier === 'critical' || tier === 'high';
200
+ }
201
+
202
+ /** True when the request carries a multi-approver quorum. */
203
+ export function isQuorum(req: ApprovalRequest): boolean {
204
+ return (req.requireApproverCount ?? 1) > 1;
205
+ }
@@ -0,0 +1,22 @@
1
+ /**
2
+ * `@xemahq/ui-kernel/session-kit` approvals — the generic approval
3
+ * primitive (Pillar 3 of the Xema Portals design handoff; HANDOFF §6).
4
+ *
5
+ * Generic frame + scoped bodies + sticky bar + Approvals Center. Models on
6
+ * the kernel contracts (`CapabilityRiskTier`, `PolicyObligationKind`) and
7
+ * adds only the presentation contracts the kernel has no opinion on
8
+ * (`ApprovalScopeKind` + scope union, `ApprovalDecision`). Every component
9
+ * is icon-agnostic and prop-driven — the host supplies the icon bundle and
10
+ * the data.
11
+ */
12
+ export * from './approval-model';
13
+ export * from './obligation-display';
14
+ export * from './scope-icons';
15
+ export * from './risk-accent';
16
+ export * from './approval-icons';
17
+ export * from './ApprovalButton';
18
+ export * from './Obligation';
19
+ export * from './ScopedBody';
20
+ export * from './ApprovalCard';
21
+ export * from './CapabilityApprovalStickyBar';
22
+ export * from './ApprovalsCenter';