agentskeptic 1.0.0 → 1.0.4

package/dist/cliOperationalCodes.js.map

@@ -1 +1 @@
-{"version":3,"file":"cliOperationalCodes.js","sourceRoot":"","sources":["../src/cliOperationalCodes.ts"],"names":[],"mappings":"AAAA,yFAAyF;AAEzF,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,SAAS,EAAE,WAAW;IACtB,oBAAoB,EAAE,sBAAsB;IAC5C,oBAAoB,EAAE,sBAAsB;IAC5C,uBAAuB,EAAE,yBAAyB;IAClD,0BAA0B,EAAE,4BAA4B;IACxD,kBAAkB,EAAE,oBAAoB;IACxC,2BAA2B,EAAE,6BAA6B;IAC1D,4BAA4B,EAAE,8BAA8B;IAC5D,8BAA8B,EAAE,gCAAgC;IAChE,cAAc,EAAE,gBAAgB;IAChC,aAAa,EAAE,eAAe;IAC9B,yBAAyB,EAAE,2BAA2B;IACtD,4BAA4B,EAAE,8BAA8B;IAC5D,yBAAyB,EAAE,2BAA2B;IACtD,yBAAyB,EAAE,2BAA2B;IACtD,4BAA4B,EAAE,8BAA8B;IAC5D,+BAA+B,EAAE,iCAAiC;IAClE,qCAAqC,EAAE,uCAAuC;IAC9E,2BAA2B,EAAE,6BAA6B;IAC1D,2CAA2C,EAAE,6CAA6C;IAC1F,uBAAuB,EAAE,yBAAyB;IAClD,qBAAqB,EAAE,uBAAuB;IAC9C,4BAA4B,EAAE,8BAA8B;IAC5D,iCAAiC,EAAE,mCAAmC;IACtE,8BAA8B,EAAE,gCAAgC;IAChE,oCAAoC,EAAE,sCAAsC;IAC5E,wCAAwC,EAAE,0CAA0C;IACpF,qBAAqB,EAAE,uBAAuB;IAC9C,2BAA2B,EAAE,6BAA6B;IAC1D,0BAA0B,EAAE,4BAA4B;IACxD,uBAAuB,EAAE,yBAAyB;IAClD,yBAAyB,EAAE,2BAA2B;IACtD,+BAA+B,EAAE,iCAAiC;IAClE,4BAA4B,EAAE,8BAA8B;IAC5D,8BAA8B,EAAE,gCAAgC;IAChE,iCAAiC,EAAE,mCAAmC;IACtE,oCAAoC,EAAE,sCAAsC;IAC5E,+BAA+B,EAAE,iCAAiC;IAClE,sBAAsB,EAAE,wBAAwB;IAChD,aAAa,EAAE,eAAe;IAC9B,sBAAsB,EAAE,wBAAwB;IAChD,iCAAiC,EAAE,mCAAmC;IACtE,eAAe,EAAE,iBAAiB;IAClC,8BAA8B,EAAE,gCAAgC;IAChE,8BAA8B,EAAE,gCAAgC;IAChE,iCAAiC,EAAE,mCAAmC;IACtE,6BAA6B,EAAE,+BAA+B;IAC9D,qBAAqB,EAAE,uBAAuB;IAC9C,+BAA+B,EAAE,iCAAiC;IAClE,4BAA4B,EAAE,8BAA8B;IAC5D,4BAA4B,EAAE,8BAA8B;IAC5D,+BAA+B,EAAE,iCAAiC;IAClE,qBAAqB,EAAE,uBAAuB;IAC9C,mBAAmB,EAAE,qBAAqB;IAC1C,cAAc,EAAE,gBAAgB;IAChC,yBAAyB,EAAE,2BAA2B;IACtD,8BAA8B,EAAE,gCAAgC;IAChE,kCAAkC,EAAE,oCAAoC;IACxE,iCAAiC,EAAE,mCAAmC;IACtE,mBAAmB,EAAE,qBAAqB;IAC1C,eAAe,EAAE,iBAAiB;IAClC,uBAAuB,EAAE,yBAAyB;IAClD,oBAAoB,EAAE,sBAAsB;IAC5C,uBAAuB,EAAE,yBAAyB;IAClD,qCAAqC,EAAE,uCAAuC;IAC9E,wBAAwB,EAAE,0BAA0B;IACpD,6BAA6B,EAAE,+BAA+B;IAC9D,cAAc,EAAE,gBAAgB;CACxB,CAAC"}
+{"version":3,"file":"cliOperationalCodes.js","sourceRoot":"","sources":["../src/cliOperationalCodes.ts"],"names":[],"mappings":"AAAA,yFAAyF;AAEzF,MAAM,CAAC,MAAM,qBAAqB,GAAG;IACnC,SAAS,EAAE,WAAW;IACtB,oBAAoB,EAAE,sBAAsB;IAC5C,oBAAoB,EAAE,sBAAsB;IAC5C,uBAAuB,EAAE,yBAAyB;IAClD,0BAA0B,EAAE,4BAA4B;IACxD,kBAAkB,EAAE,oBAAoB;IACxC,2BAA2B,EAAE,6BAA6B;IAC1D,4BAA4B,EAAE,8BAA8B;IAC5D,8BAA8B,EAAE,gCAAgC;IAChE,cAAc,EAAE,gBAAgB;IAChC,aAAa,EAAE,eAAe;IAC9B,yBAAyB,EAAE,2BAA2B;IACtD,4BAA4B,EAAE,8BAA8B;IAC5D,yBAAyB,EAAE,2BAA2B;IACtD,yBAAyB,EAAE,2BAA2B;IACtD,4BAA4B,EAAE,8BAA8B;IAC5D,+BAA+B,EAAE,iCAAiC;IAClE,qCAAqC,EAAE,uCAAuC;IAC9E,2BAA2B,EAAE,6BAA6B;IAC1D,2CAA2C,EAAE,6CAA6C;IAC1F,uBAAuB,EAAE,yBAAyB;IAClD,qBAAqB,EAAE,uBAAuB;IAC9C,4BAA4B,EAAE,8BAA8B;IAC5D,iCAAiC,EAAE,mCAAmC;IACtE,8BAA8B,EAAE,gCAAgC;IAChE,oCAAoC,EAAE,sCAAsC;IAC5E,wCAAwC,EAAE,0CAA0C;IACpF,qBAAqB,EAAE,uBAAuB;IAC9C,2BAA2B,EAAE,6BAA6B;IAC1D,0BAA0B,EAAE,4BAA4B;IACxD,uBAAuB,EAAE,yBAAyB;IAClD,yBAAyB,EAAE,2BAA2B;IACtD,+BAA+B,EAAE,iCAAiC;IAClE,4BAA4B,EAAE,8BAA8B;IAC5D,8BAA8B,EAAE,gCAAgC;IAChE,iCAAiC,EAAE,mCAAmC;IACtE,oCAAoC,EAAE,sCAAsC;IAC5E,+BAA+B,EAAE,iCAAiC;IAClE,sBAAsB,EAAE,wBAAwB;IAChD,aAAa,EAAE,eAAe;IAC9B,sBAAsB,EAAE,wBAAwB;IAChD,iCAAiC,EAAE,mCAAmC;IACtE,eAAe,EAAE,iBAAiB;IAClC,8BAA8B,EAAE,gCAAgC;IAChE,8BAA8B,EAAE,gCAAgC;IAChE,iCAAiC,EAAE,mCAAmC;IACtE,6BAA6B,EAAE,+BAA+B;IAC9D,qBAAqB,EAAE,uBAAuB;IAC9C,+BAA+B,EAAE,iCAAiC;IAClE,4BAA4B,EAAE,8BAA8B;IAC5D,4BAA4B,EAAE,8BAA8B;IAC5D,+BAA+B,EAAE,iCAAiC;IAClE,qBAAqB,EAAE,uBAAuB;IAC9C,mBAAmB,EAAE,qBAAqB;IAC1C,cAAc,EAAE,gBAAgB;IAChC,yBAAyB,EAAE,2BAA2B;IACtD,8BAA8B,EAAE,gCAAgC;IAChE,kCAAkC,EAAE,oCAAoC;IACxE,iCAAiC,EAAE,mCAAmC;IACtE,mBAAmB,EAAE,qBAAqB;IAC1C,eAAe,EAAE,iBAAiB;IAClC,uBAAuB,EAAE,yBAAyB;IAClD,oBAAoB,EAAE,sBAAsB;IAC5C,uBAAuB,EAAE,yBAAyB;IAClD,qCAAqC,EAAE,uCAAuC;IAC9E,wBAAwB,EAAE,0BAA0B;IACpD,6BAA6B,EAAE,+BAA+B;IAC9D,cAAc,EAAE,gBAAgB;IAChC,gDAAgD,EAAE,kDAAkD;CAC5F,CAAC"}

package/dist/commercial/postVerifyOutcomeBeacon.d.ts

@@ -1,11 +1,11 @@
-export type VerifyOutcomeSubcommand = "batch_verify" | "quick_verify" | "verify_integrator_owned";
-export type VerifyOutcomeTerminalStatus = "complete" | "inconsistent" | "incomplete";
-export type VerifyOutcomeWorkloadClass = "bundled_examples" | "non_bundled";
+import type { OutcomeCertificateV1 } from "../outcomeCertificate.js";
+import { type VerifyOutcomeSubcommand, type VerifyOutcomeTerminalStatus, type VerifyOutcomeWorkloadClass } from "./verifyOutcomeBeaconBody.js";
 /**
  * Best-effort POST to license origin. Never throws; never logs secrets.
  */
 export declare function postVerifyOutcomeBeacon(input: {
     runId: string | null;
+    certificate: OutcomeCertificateV1;
     terminal_status: VerifyOutcomeTerminalStatus;
     workload_class: VerifyOutcomeWorkloadClass;
     subcommand: VerifyOutcomeSubcommand;

package/dist/commercial/postVerifyOutcomeBeacon.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"postVerifyOutcomeBeacon.d.ts","sourceRoot":"","sources":["../../src/commercial/postVerifyOutcomeBeacon.ts"],"names":[],"mappings":"AAMA,MAAM,MAAM,uBAAuB,GAAG,cAAc,GAAG,cAAc,GAAG,yBAAyB,CAAC;AAClG,MAAM,MAAM,2BAA2B,GAAG,UAAU,GAAG,cAAc,GAAG,YAAY,CAAC;AACrF,MAAM,MAAM,0BAA0B,GAAG,kBAAkB,GAAG,aAAa,CAAC;AAE5E;;GAEG;AACH,wBAAsB,uBAAuB,CAAC,KAAK,EAAE;IACnD,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,eAAe,EAAE,2BAA2B,CAAC;IAC7C,cAAc,EAAE,0BAA0B,CAAC;IAC3C,UAAU,EAAE,uBAAuB,CAAC;CACrC,GAAG,OAAO,CAAC,IAAI,CAAC,CA8BhB"}
+{"version":3,"file":"postVerifyOutcomeBeacon.d.ts","sourceRoot":"","sources":["../../src/commercial/postVerifyOutcomeBeacon.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AACrE,OAAO,EAEL,KAAK,uBAAuB,EAC5B,KAAK,2BAA2B,EAChC,KAAK,0BAA0B,EAChC,MAAM,8BAA8B,CAAC;AAEtC;;GAEG;AACH,wBAAsB,uBAAuB,CAAC,KAAK,EAAE;IACnD,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,WAAW,EAAE,oBAAoB,CAAC;IAClC,eAAe,EAAE,2BAA2B,CAAC;IAC7C,cAAc,EAAE,0BAA0B,CAAC;IAC3C,UAAU,EAAE,uBAAuB,CAAC;CACrC,GAAG,OAAO,CAAC,IAAI,CAAC,CAgChB"}

package/dist/commercial/postVerifyOutcomeBeacon.js

@@ -1,5 +1,6 @@
 import { LICENSE_API_BASE_URL, LICENSE_PREFLIGHT_ENABLED, } from "../generated/commercialBuildFlags.js";
 import { fetchWithTimeout } from "../telemetry/fetchWithTimeout.js";
+import { buildVerifyOutcomeBeaconBodyV2, } from "./verifyOutcomeBeaconBody.js";
 /**
  * Best-effort POST to license origin. Never throws; never logs secrets.
  */
@@ -11,6 +12,13 @@ export async function postVerifyOutcomeBeacon(input) {
     if (!apiKey)
         return;
     const url = `${LICENSE_API_BASE_URL.replace(/\/$/, "")}/api/v1/funnel/verify-outcome`;
+    const body = buildVerifyOutcomeBeaconBodyV2({
+        run_id: input.runId,
+        certificate: input.certificate,
+        terminal_status: input.terminal_status,
+        workload_class: input.workload_class,
+        subcommand: input.subcommand,
+    });
     try {
         await fetchWithTimeout(url, {
             method: "POST",
@@ -18,12 +26,7 @@ export async function postVerifyOutcomeBeacon(input) {
                 Authorization: `Bearer ${apiKey}`,
                 "Content-Type": "application/json",
             },
-            body: JSON.stringify({
-                run_id: input.runId,
-                terminal_status: input.terminal_status,
-                workload_class: input.workload_class,
-                subcommand: input.subcommand,
-            }),
+            body: JSON.stringify(body),
         }, 400);
     }
     catch {

package/dist/commercial/postVerifyOutcomeBeacon.js.map

@@ -1 +1 @@
-{"version":3,"file":"postVerifyOutcomeBeacon.js","sourceRoot":"","sources":["../../src/commercial/postVerifyOutcomeBeacon.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,yBAAyB,GAC1B,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AAMpE;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,KAK7C;IACC,IAAI,CAAC,yBAAyB,IAAI,KAAK,CAAC,KAAK,KAAK,IAAI;QAAE,OAAO;IAE/D,MAAM,MAAM,GACV,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,IAAI,EAAE;QACxC,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,CAAC;IAChD,IAAI,CAAC,MAAM;QAAE,OAAO;IAEpB,MAAM,GAAG,GAAG,GAAG,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,+BAA+B,CAAC;IACtF,IAAI,CAAC;QACH,MAAM,gBAAgB,CACpB,GAAG,EACH;YACE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,MAAM,EAAE;gBACjC,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,MAAM,EAAE,KAAK,CAAC,KAAK;gBACnB,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,cAAc,EAAE,KAAK,CAAC,cAAc;gBACpC,UAAU,EAAE,KAAK,CAAC,UAAU;aAC7B,CAAC;SACH,EACD,GAAG,CACJ,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;AACH,CAAC"}
+{"version":3,"file":"postVerifyOutcomeBeacon.js","sourceRoot":"","sources":["../../src/commercial/postVerifyOutcomeBeacon.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,yBAAyB,GAC1B,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AAEpE,OAAO,EACL,8BAA8B,GAI/B,MAAM,8BAA8B,CAAC;AAEtC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,KAM7C;IACC,IAAI,CAAC,yBAAyB,IAAI,KAAK,CAAC,KAAK,KAAK,IAAI;QAAE,OAAO;IAE/D,MAAM,MAAM,GACV,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,IAAI,EAAE;QACxC,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,IAAI,EAAE,CAAC;IAChD,IAAI,CAAC,MAAM;QAAE,OAAO;IAEpB,MAAM,GAAG,GAAG,GAAG,oBAAoB,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,+BAA+B,CAAC;IACtF,MAAM,IAAI,GAAG,8BAA8B,CAAC;QAC1C,MAAM,EAAE,KAAK,CAAC,KAAK;QACnB,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,eAAe,EAAE,KAAK,CAAC,eAAe;QACtC,cAAc,EAAE,KAAK,CAAC,cAAc;QACpC,UAAU,EAAE,KAAK,CAAC,UAAU;KAC7B,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,gBAAgB,CACpB,GAAG,EACH;YACE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,MAAM,EAAE;gBACjC,cAAc,EAAE,kBAAkB;aACnC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;SAC3B,EACD,GAAG,CACJ,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;AACH,CAAC"}

package/dist/commercial/verifyOutcomeBeaconBody.d.ts

@@ -0,0 +1,12 @@
+import type { OutcomeCertificateV1 } from "../outcomeCertificate.js";
+export type VerifyOutcomeTerminalStatus = "complete" | "inconsistent" | "incomplete";
+export type VerifyOutcomeWorkloadClass = "bundled_examples" | "non_bundled";
+export type VerifyOutcomeSubcommand = "batch_verify" | "quick_verify" | "verify_integrator_owned";
+export declare function buildVerifyOutcomeBeaconBodyV2(input: {
+    run_id: string;
+    certificate: OutcomeCertificateV1;
+    terminal_status: VerifyOutcomeTerminalStatus;
+    workload_class: VerifyOutcomeWorkloadClass;
+    subcommand: VerifyOutcomeSubcommand;
+}): Record<string, unknown>;
+//# sourceMappingURL=verifyOutcomeBeaconBody.d.ts.map

package/dist/commercial/verifyOutcomeBeaconBody.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verifyOutcomeBeaconBody.d.ts","sourceRoot":"","sources":["../../src/commercial/verifyOutcomeBeaconBody.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAGrE,MAAM,MAAM,2BAA2B,GAAG,UAAU,GAAG,cAAc,GAAG,YAAY,CAAC;AACrF,MAAM,MAAM,0BAA0B,GAAG,kBAAkB,GAAG,aAAa,CAAC;AAC5E,MAAM,MAAM,uBAAuB,GAAG,cAAc,GAAG,cAAc,GAAG,yBAAyB,CAAC;AAalG,wBAAgB,8BAA8B,CAAC,KAAK,EAAE;IACpD,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,oBAAoB,CAAC;IAClC,eAAe,EAAE,2BAA2B,CAAC;IAC7C,cAAc,EAAE,0BAA0B,CAAC;IAC3C,UAAU,EAAE,uBAAuB,CAAC;CACrC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAY1B"}

package/dist/commercial/verifyOutcomeBeaconBody.js

@@ -0,0 +1,26 @@
+import { trustDecisionFromCertificate } from "../trustDecision.js";
+function sortedReasonCodesFromCertificate(certificate, max) {
+    const raw = certificate.explanation.details.map((d) => d.code);
+    const out = [];
+    for (const c of [...new Set(raw)].sort((a, b) => a.localeCompare(b))) {
+        const t = c.length > 64 ? c.slice(0, 64) : c;
+        out.push(t);
+        if (out.length >= max)
+            break;
+    }
+    return out;
+}
+export function buildVerifyOutcomeBeaconBodyV2(input) {
+    return {
+        schema_version: 2,
+        run_id: input.run_id,
+        workflow_id: input.certificate.workflowId.slice(0, 512),
+        outcome_certificate_run_kind: input.certificate.runKind,
+        trust_decision: trustDecisionFromCertificate(input.certificate),
+        reason_codes: sortedReasonCodesFromCertificate(input.certificate, 8),
+        terminal_status: input.terminal_status,
+        workload_class: input.workload_class,
+        subcommand: input.subcommand,
+    };
+}
+//# sourceMappingURL=verifyOutcomeBeaconBody.js.map

package/dist/commercial/verifyOutcomeBeaconBody.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verifyOutcomeBeaconBody.js","sourceRoot":"","sources":["../../src/commercial/verifyOutcomeBeaconBody.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,4BAA4B,EAAE,MAAM,qBAAqB,CAAC;AAMnE,SAAS,gCAAgC,CAAC,WAAiC,EAAE,GAAW;IACtF,MAAM,GAAG,GAAG,WAAW,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/D,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACrE,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7C,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACZ,IAAI,GAAG,CAAC,MAAM,IAAI,GAAG;YAAE,MAAM;IAC/B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,8BAA8B,CAAC,KAM9C;IACC,OAAO;QACL,cAAc,EAAE,CAAC;QACjB,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,WAAW,EAAE,KAAK,CAAC,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;QACvD,4BAA4B,EAAE,KAAK,CAAC,WAAW,CAAC,OAAO;QACvD,cAAc,EAAE,4BAA4B,CAAC,KAAK,CAAC,WAAW,CAAC;QAC/D,YAAY,EAAE,gCAAgC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;QACpE,eAAe,EAAE,KAAK,CAAC,eAAe;QACtC,cAAc,EAAE,KAAK,CAAC,cAAc;QACpC,UAAU,EAAE,KAAK,CAAC,UAAU;KAC7B,CAAC;AACJ,CAAC"}

package/dist/decisionBlocker.contract.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=decisionBlocker.contract.test.d.ts.map

package/dist/decisionBlocker.contract.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionBlocker.contract.test.d.ts","sourceRoot":"","sources":["../src/decisionBlocker.contract.test.ts"],"names":[],"mappings":""}

package/dist/decisionBlocker.contract.test.js

@@ -0,0 +1,51 @@
+import { readFileSync, mkdtempSync, rmSync } from "node:fs";
+import { join, dirname } from "node:path";
+import { tmpdir } from "node:os";
+import { fileURLToPath } from "node:url";
+import { DatabaseSync } from "node:sqlite";
+import { afterAll, beforeAll, describe, expect, it } from "vitest";
+import { buildOutcomeCertificateFromWorkflowResult } from "./outcomeCertificate.js";
+import { formatDecisionBlockerForHumans } from "./decisionBlocker.js";
+import { verifyWorkflow } from "./pipeline.js";
+const root = join(dirname(fileURLToPath(import.meta.url)), "..");
+describe("formatDecisionBlockerForHumans contract", () => {
+    /** Seeded SQLite under tmp — `examples/demo.db` is gitignored and absent on clean CI. */
+    let workDir;
+    let dbPath;
+    beforeAll(() => {
+        workDir = mkdtempSync(join(tmpdir(), "agentskeptic-decision-blocker-"));
+        dbPath = join(workDir, "demo.db");
+        const sql = readFileSync(join(root, "examples", "seed.sql"), "utf8");
+        const db = new DatabaseSync(dbPath);
+        db.exec(sql);
+        db.close();
+    });
+    afterAll(() => {
+        rmSync(workDir, { recursive: true, force: true });
+    });
+    it("emits exactly six lines with required tokens for wf_missing certificate", async () => {
+        const eventsPath = join(root, "examples", "events.ndjson");
+        const registryPath = join(root, "examples", "tools.json");
+        const result = await verifyWorkflow({
+            workflowId: "wf_missing",
+            eventsPath,
+            registryPath,
+            database: { kind: "sqlite", path: dbPath },
+            logStep: () => { },
+            truthReport: () => { },
+        });
+        const certificate = buildOutcomeCertificateFromWorkflowResult(result, "contract_sql");
+        const { lines, trustDecision } = formatDecisionBlockerForHumans(certificate);
+        expect(trustDecision).toBe("unsafe");
+        expect(lines).toHaveLength(6);
+        expect(lines[0]).toMatch(/^Trust: unsafe$/);
+        expect(lines[1]).toMatch(/^Workflow: wf_missing$/);
+        expect(lines[2]).toMatch(/^First problem step: seq=/);
+        expect(lines[2]).toContain("tool=crm.upsert_contact");
+        expect(lines[2]).toContain("status=missing");
+        expect(lines[3]).toContain("ROW_ABSENT");
+        expect(lines[4]).toMatch(/^Expected: /);
+        expect(lines[5]).toMatch(/^Observed: /);
+    });
+});
+//# sourceMappingURL=decisionBlocker.contract.test.js.map

package/dist/decisionBlocker.contract.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionBlocker.contract.test.js","sourceRoot":"","sources":["../src/decisionBlocker.contract.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AACnE,OAAO,EAAE,yCAAyC,EAAE,MAAM,yBAAyB,CAAC;AACpF,OAAO,EAAE,8BAA8B,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAE/C,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;AAEjE,QAAQ,CAAC,yCAAyC,EAAE,GAAG,EAAE;IACvD,yFAAyF;IACzF,IAAI,OAAe,CAAC;IACpB,IAAI,MAAc,CAAC;IAEnB,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,gCAAgC,CAAC,CAAC,CAAC;QACxE,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC,CAAC;QACrE,MAAM,EAAE,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;QACpC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACb,EAAE,CAAC,KAAK,EAAE,CAAC;IACb,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAG,EAAE;QACZ,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yEAAyE,EAAE,KAAK,IAAI,EAAE;QACvF,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAC3D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,YAAY,CAAC,CAAC;QAC1D,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC;YAClC,UAAU,EAAE,YAAY;YACxB,UAAU;YACV,YAAY;YACZ,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE;YAC1C,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC;YACjB,WAAW,EAAE,GAAG,EAAE,GAAE,CAAC;SACtB,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,yCAAyC,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QACtF,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,GAAG,8BAA8B,CAAC,WAAW,CAAC,CAAC;QAC7E,MAAM,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC9B,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;QAC5C,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;QACnD,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,2BAA2B,CAAC,CAAC;QACtD,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAC;QACtD,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC7C,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QACxC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/decisionBlocker.d.ts

@@ -0,0 +1,10 @@
+import type { OutcomeCertificateV1 } from "./outcomeCertificate.js";
+import { type TrustDecision } from "./trustDecision.js";
+/**
+ * Fixed six-line human blocker for operators (Requirement 4 contract).
+ */
+export declare function formatDecisionBlockerForHumans(certificate: OutcomeCertificateV1): {
+    trustDecision: TrustDecision;
+    lines: string[];
+};
+//# sourceMappingURL=decisionBlocker.d.ts.map

package/dist/decisionBlocker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionBlocker.d.ts","sourceRoot":"","sources":["../src/decisionBlocker.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AACpE,OAAO,EAAgC,KAAK,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAgCtF;;GAEG;AACH,wBAAgB,8BAA8B,CAAC,WAAW,EAAE,oBAAoB,GAAG;IACjF,aAAa,EAAE,aAAa,CAAC;IAC7B,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB,CAoCA"}

package/dist/decisionBlocker.js

@@ -0,0 +1,66 @@
+import { trustDecisionFromCertificate } from "./trustDecision.js";
+function truncateOneLine(s, max) {
+    const flat = s.replace(/\s+/g, " ").trim();
+    return flat.length <= max ? flat : `${flat.slice(0, max - 1)}…`;
+}
+function sortedUniqueCodes(codes, cap) {
+    return [...new Set(codes)].sort((a, b) => a.localeCompare(b)).slice(0, cap);
+}
+function inferStepStatus(step) {
+    const o = step.observedOutcome.toLowerCase();
+    if (o.includes("missing") || o.includes("row is missing"))
+        return "missing";
+    // Batch contract `formatBatchObservedStateSummary`: ROW_ABSENT is often summarized as `rowCount=0` only.
+    if (/\browcount=0\b/.test(o) && !o.includes("field="))
+        return "missing";
+    if (o.includes("mismatch") || o.includes("wrong"))
+        return "inconsistent";
+    if (o.includes("matched") || o.includes("verified"))
+        return "verified";
+    return "non_verified";
+}
+function pickPrimaryStep(certificate) {
+    const steps = [...certificate.steps].sort((a, b) => a.seq - b.seq);
+    if (steps.length === 0)
+        return null;
+    const td = trustDecisionFromCertificate(certificate);
+    if (td === "safe")
+        return steps[0] ?? null;
+    for (const s of steps) {
+        if (inferStepStatus(s) !== "verified")
+            return s;
+    }
+    return steps[0] ?? null;
+}
+/**
+ * Fixed six-line human blocker for operators (Requirement 4 contract).
+ */
+export function formatDecisionBlockerForHumans(certificate) {
+    const trustDecision = trustDecisionFromCertificate(certificate);
+    const codes = sortedUniqueCodes(certificate.explanation.details.map((d) => d.code), 5);
+    const primary = pickPrimaryStep(certificate);
+    const line3 = trustDecision === "safe"
+        ? "First problem step: n/a"
+        : primary !== null
+            ? `First problem step: seq=${primary.seq} tool=${primary.toolId ?? "unknown"} status=${inferStepStatus(primary)}`
+            : "First problem step: n/a";
+    const line5 = primary !== null
+        ? `Expected: ${truncateOneLine(primary.expectedOutcome, 200)}`
+        : "Expected: (no step data)";
+    const line6 = primary !== null
+        ? `Observed: ${truncateOneLine(primary.observedOutcome, 200)}`
+        : "Observed: (no step data)";
+    const lines = [
+        `Trust: ${trustDecision}`,
+        `Workflow: ${certificate.workflowId}`,
+        line3,
+        `Reason codes: ${codes.length > 0 ? codes.join(", ") : "(none)"}`,
+        line5,
+        line6,
+    ];
+    if (lines.length !== 6) {
+        throw new Error("formatDecisionBlockerForHumans: invariant violated (must be exactly 6 lines)");
+    }
+    return { trustDecision, lines };
+}
+//# sourceMappingURL=decisionBlocker.js.map

package/dist/decisionBlocker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionBlocker.js","sourceRoot":"","sources":["../src/decisionBlocker.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,4BAA4B,EAAsB,MAAM,oBAAoB,CAAC;AAEtF,SAAS,eAAe,CAAC,CAAS,EAAE,GAAW;IAC7C,MAAM,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAC3C,OAAO,IAAI,CAAC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC;AAClE,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAe,EAAE,GAAW;IACrD,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC9E,CAAC;AAED,SAAS,eAAe,CAAC,IAAsC;IAC7D,MAAM,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,WAAW,EAAE,CAAC;IAC7C,IAAI,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QAAE,OAAO,SAAS,CAAC;IAC5E,yGAAyG;IACzG,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,SAAS,CAAC;IACxE,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;QAAE,OAAO,cAAc,CAAC;IACzE,IAAI,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;QAAE,OAAO,UAAU,CAAC;IACvE,OAAO,cAAc,CAAC;AACxB,CAAC;AAED,SAAS,eAAe,CAAC,WAAiC;IACxD,MAAM,KAAK,GAAG,CAAC,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IACnE,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,EAAE,GAAG,4BAA4B,CAAC,WAAW,CAAC,CAAC;IACrD,IAAI,EAAE,KAAK,MAAM;QAAE,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;IAC3C,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,eAAe,CAAC,CAAC,CAAC,KAAK,UAAU;YAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,8BAA8B,CAAC,WAAiC;IAI9E,MAAM,aAAa,GAAG,4BAA4B,CAAC,WAAW,CAAC,CAAC;IAChE,MAAM,KAAK,GAAG,iBAAiB,CAC7B,WAAW,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAClD,CAAC,CACF,CAAC;IACF,MAAM,OAAO,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAE7C,MAAM,KAAK,GACT,aAAa,KAAK,MAAM;QACtB,CAAC,CAAC,yBAAyB;QAC3B,CAAC,CAAC,OAAO,KAAK,IAAI;YAChB,CAAC,CAAC,2BAA2B,OAAO,CAAC,GAAG,SAAS,OAAO,CAAC,MAAM,IAAI,SAAS,WAAW,eAAe,CAAC,OAAO,CAAC,EAAE;YACjH,CAAC,CAAC,yBAAyB,CAAC;IAElC,MAAM,KAAK,GACT,OAAO,KAAK,IAAI;QACd,CAAC,CAAC,aAAa,eAAe,CAAC,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,EAAE;QAC9D,CAAC,CAAC,0BAA0B,CAAC;IACjC,MAAM,KAAK,GACT,OAAO,KAAK,IAAI;QACd,CAAC,CAAC,aAAa,eAAe,CAAC,OAAO,CAAC,eAAe,EAAE,GAAG,CAAC,EAAE;QAC9D,CAAC,CAAC,0BAA0B,CAAC;IAEjC,MAAM,KAAK,GAAG;QACZ,UAAU,aAAa,EAAE;QACzB,aAAa,WAAW,CAAC,UAAU,EAAE;QACrC,KAAK;QACL,iBAAiB,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;QACjE,KAAK;QACL,KAAK;KACN,CAAC;IACF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAC;IAClG,CAAC;IACD,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;AAClC,CAAC"}

package/dist/decisionGate.assertSafe.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=decisionGate.assertSafe.test.d.ts.map

package/dist/decisionGate.assertSafe.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionGate.assertSafe.test.d.ts","sourceRoot":"","sources":["../src/decisionGate.assertSafe.test.ts"],"names":[],"mappings":""}

package/dist/decisionGate.assertSafe.test.js

@@ -0,0 +1,52 @@
+import { readFileSync, mkdtempSync, rmSync } from "node:fs";
+import { join, dirname } from "node:path";
+import { tmpdir } from "node:os";
+import { fileURLToPath } from "node:url";
+import { DatabaseSync } from "node:sqlite";
+import { afterAll, beforeAll, describe, expect, it } from "vitest";
+import { createDecisionGate } from "./decisionGate.js";
+import { DecisionUnsafeError } from "./decisionUnsafeError.js";
+const root = join(dirname(fileURLToPath(import.meta.url)), "..");
+describe("DecisionGate.assertSafeForIrreversibleAction", () => {
+    /** Seeded SQLite under tmp — `examples/demo.db` is gitignored and absent on clean CI. */
+    let workDir;
+    let dbPath;
+    beforeAll(() => {
+        workDir = mkdtempSync(join(tmpdir(), "agentskeptic-assert-safe-"));
+        dbPath = join(workDir, "demo.db");
+        const sql = readFileSync(join(root, "examples", "seed.sql"), "utf8");
+        const db = new DatabaseSync(dbPath);
+        db.exec(sql);
+        db.close();
+    });
+    afterAll(() => {
+        rmSync(workDir, { recursive: true, force: true });
+    });
+    it("throws DecisionUnsafeError when DB does not match (wf_missing)", async () => {
+        const eventsPath = join(root, "examples", "events.ndjson");
+        const registryPath = join(root, "examples", "tools.json");
+        const lines = readFileSync(eventsPath, "utf8").split(/\r?\n/).filter((l) => l.trim().length > 0);
+        const gate = createDecisionGate({
+            workflowId: "wf_missing",
+            registryPath,
+            databaseUrl: dbPath,
+            projectRoot: root,
+            logStep: () => { },
+            truthReport: () => { },
+        });
+        for (const line of lines) {
+            const ev = JSON.parse(line);
+            if (ev.workflowId === "wf_missing") {
+                gate.appendRunEvent(ev);
+            }
+        }
+        await expect(gate.assertSafeForIrreversibleAction()).rejects.toSatisfy((e) => {
+            if (!(e instanceof DecisionUnsafeError))
+                return false;
+            if (e.trustDecision !== "unsafe")
+                return false;
+            return e.message.split("\n").length === 6;
+        });
+    });
+});
+//# sourceMappingURL=decisionGate.assertSafe.test.js.map

package/dist/decisionGate.assertSafe.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionGate.assertSafe.test.js","sourceRoot":"","sources":["../src/decisionGate.assertSafe.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAC5D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AACnE,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAE/D,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;AAEjE,QAAQ,CAAC,8CAA8C,EAAE,GAAG,EAAE;IAC5D,yFAAyF;IACzF,IAAI,OAAe,CAAC;IACpB,IAAI,MAAc,CAAC;IAEnB,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,2BAA2B,CAAC,CAAC,CAAC;QACnE,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC,CAAC;QACrE,MAAM,EAAE,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;QACpC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACb,EAAE,CAAC,KAAK,EAAE,CAAC;IACb,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAG,EAAE;QACZ,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gEAAgE,EAAE,KAAK,IAAI,EAAE;QAC9E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAC3D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,YAAY,CAAC,CAAC;QAC1D,MAAM,KAAK,GAAG,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACjG,MAAM,IAAI,GAAG,kBAAkB,CAAC;YAC9B,UAAU,EAAE,YAAY;YACxB,YAAY;YACZ,WAAW,EAAE,MAAM;YACnB,WAAW,EAAE,IAAI;YACjB,OAAO,EAAE,GAAG,EAAE,GAAE,CAAC;YACjB,WAAW,EAAE,GAAG,EAAE,GAAE,CAAC;SACtB,CAAC,CAAC;QACH,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAA4B,CAAC;YACvD,IAAI,EAAE,CAAC,UAAU,KAAK,YAAY,EAAE,CAAC;gBACnC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QACD,MAAM,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAU,EAAE,EAAE;YACpF,IAAI,CAAC,CAAC,CAAC,YAAY,mBAAmB,CAAC;gBAAE,OAAO,KAAK,CAAC;YACtD,IAAI,CAAC,CAAC,aAAa,KAAK,QAAQ;gBAAE,OAAO,KAAK,CAAC;YAC/C,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;QAC5C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/decisionGate.d.ts

@@ -0,0 +1,23 @@
+import { type OutcomeCertificateV1 } from "./outcomeCertificate.js";
+import type { VerificationPolicy, WorkflowResult } from "./types.js";
+export type CreateDecisionGateOptions = {
+    workflowId: string;
+    registryPath: string;
+    databaseUrl: string;
+    projectRoot?: string;
+    verificationPolicy?: VerificationPolicy;
+    logStep?: (line: object) => void;
+    truthReport?: (report: string) => void;
+};
+export type DecisionGate = {
+    appendRunEvent(value: unknown): void;
+    toNdjsonUtf8(): Buffer;
+    evaluate(): Promise<WorkflowResult>;
+    evaluateCertificate(): Promise<OutcomeCertificateV1>;
+    assertSafeForIrreversibleAction(): Promise<void>;
+};
+/**
+ * Runtime integration: buffer structured run events, evaluate against the registry + DB, assert before irreversible work.
+ */
+export declare function createDecisionGate(options: CreateDecisionGateOptions): DecisionGate;
+//# sourceMappingURL=decisionGate.d.ts.map

package/dist/decisionGate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionGate.d.ts","sourceRoot":"","sources":["../src/decisionGate.ts"],"names":[],"mappings":"AAEA,OAAO,EAEL,KAAK,oBAAoB,EAC1B,MAAM,yBAAyB,CAAC;AAKjC,OAAO,KAAK,EAA0C,kBAAkB,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAe7G,MAAM,MAAM,yBAAyB,GAAG;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,CAAC;IACjC,WAAW,CAAC,EAAE,CAAC,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;CACxC,CAAC;AAEF,MAAM,MAAM,YAAY,GAAG;IACzB,cAAc,CAAC,KAAK,EAAE,OAAO,GAAG,IAAI,CAAC;IACrC,YAAY,IAAI,MAAM,CAAC;IACvB,QAAQ,IAAI,OAAO,CAAC,cAAc,CAAC,CAAC;IACpC,mBAAmB,IAAI,OAAO,CAAC,oBAAoB,CAAC,CAAC;IACrD,+BAA+B,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;CAClD,CAAC;AAEF;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,yBAAyB,GAAG,YAAY,CA+EnF"}

package/dist/decisionGate.js

@@ -0,0 +1,88 @@
+import path from "node:path";
+import { CLI_OPERATIONAL_CODES, runLevelIssue } from "./failureCatalog.js";
+import { buildOutcomeCertificateFromWorkflowResult, } from "./outcomeCertificate.js";
+import { verifyRunStateFromBufferedRunEvents } from "./verifyRunStateFromBufferedRunEvents.js";
+import { loadSchemaValidator } from "./schemaLoad.js";
+import { resolveVerificationPolicyInput } from "./verificationPolicy.js";
+import { TruthLayerError } from "./truthLayerError.js";
+import { trustDecisionFromCertificate } from "./trustDecision.js";
+import { formatDecisionBlockerForHumans } from "./decisionBlocker.js";
+import { DecisionUnsafeError } from "./decisionUnsafeError.js";
+const validateEvent = loadSchemaValidator("event");
+const POSTGRES_URL_RE = /^postgres(ql)?:\/\//i;
+function verificationDatabaseFromUrl(databaseUrl, projectRoot) {
+    if (POSTGRES_URL_RE.test(databaseUrl)) {
+        return { kind: "postgres", connectionString: databaseUrl };
+    }
+    return { kind: "sqlite", path: path.resolve(projectRoot, databaseUrl) };
+}
+/**
+ * Runtime integration: buffer structured run events, evaluate against the registry + DB, assert before irreversible work.
+ */
+export function createDecisionGate(options) {
+    const projectRoot = path.resolve(options.projectRoot ?? process.cwd());
+    const registryPath = path.resolve(projectRoot, options.registryPath);
+    const verificationPolicy = resolveVerificationPolicyInput(options.verificationPolicy);
+    const database = verificationDatabaseFromUrl(options.databaseUrl, projectRoot);
+    const logStep = options.logStep ?? (() => { });
+    const truthReport = options.truthReport ?? (() => { });
+    const bufferedRunEvents = [];
+    const runLevelReasons = [];
+    const api = {};
+    api.appendRunEvent = (value) => {
+        if (typeof value !== "object" || value === null) {
+            runLevelReasons.push(runLevelIssue("MALFORMED_EVENT_LINE"));
+            return;
+        }
+        if (!validateEvent(value)) {
+            runLevelReasons.push(runLevelIssue("MALFORMED_EVENT_LINE"));
+            return;
+        }
+        const ev = value;
+        if (ev.workflowId !== options.workflowId) {
+            return;
+        }
+        bufferedRunEvents.push(ev);
+    };
+    api.toNdjsonUtf8 = () => {
+        const parts = [];
+        for (const ev of bufferedRunEvents) {
+            parts.push(`${JSON.stringify(ev)}\n`);
+        }
+        return Buffer.from(parts.join(""), "utf8");
+    };
+    api.evaluate = async () => {
+        if (!bufferedRunEvents.length && !runLevelReasons.length) {
+            throw new TruthLayerError(CLI_OPERATIONAL_CODES.CLI_USAGE, "DecisionGate.evaluate requires at least one buffered run event for the workflow.");
+        }
+        return verifyRunStateFromBufferedRunEvents({
+            workflowId: options.workflowId,
+            registryPath,
+            database,
+            projectRoot,
+            bufferedRunEvents,
+            runLevelReasons,
+            verificationPolicy,
+            logStep,
+            truthReport,
+        });
+    };
+    api.evaluateCertificate = async () => {
+        const result = await api.evaluate();
+        const certificate = buildOutcomeCertificateFromWorkflowResult(result, "contract_sql");
+        const validateCert = loadSchemaValidator("outcome-certificate-v1");
+        if (!validateCert(certificate)) {
+            throw new TruthLayerError(CLI_OPERATIONAL_CODES.WORKFLOW_RESULT_SCHEMA_INVALID, JSON.stringify(validateCert.errors ?? []));
+        }
+        return certificate;
+    };
+    api.assertSafeForIrreversibleAction = async () => {
+        const certificate = await api.evaluateCertificate();
+        if (trustDecisionFromCertificate(certificate) !== "safe") {
+            const { lines } = formatDecisionBlockerForHumans(certificate);
+            throw new DecisionUnsafeError(certificate, lines);
+        }
+    };
+    return api;
+}
+//# sourceMappingURL=decisionGate.js.map

package/dist/decisionGate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionGate.js","sourceRoot":"","sources":["../src/decisionGate.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,qBAAqB,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAC3E,OAAO,EACL,yCAAyC,GAE1C,MAAM,yBAAyB,CAAC;AACjC,OAAO,EAAE,mCAAmC,EAAE,MAAM,0CAA0C,CAAC;AAC/F,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,8BAA8B,EAAE,MAAM,yBAAyB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAEvD,OAAO,EAAE,4BAA4B,EAAE,MAAM,oBAAoB,CAAC;AAClE,OAAO,EAAE,8BAA8B,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAE/D,MAAM,aAAa,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;AACnD,MAAM,eAAe,GAAG,sBAAsB,CAAC;AAE/C,SAAS,2BAA2B,CAAC,WAAmB,EAAE,WAAmB;IAC3E,IAAI,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QACtC,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,gBAAgB,EAAE,WAAW,EAAE,CAAC;IAC7D,CAAC;IACD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC;AAC1E,CAAC;AAoBD;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAkC;IACnE,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACvE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IACrE,MAAM,kBAAkB,GAAG,8BAA8B,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;IACtF,MAAM,QAAQ,GAAG,2BAA2B,CAAC,OAAO,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IAC/E,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IAC9C,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IAEtD,MAAM,iBAAiB,GAAe,EAAE,CAAC;IACzC,MAAM,eAAe,GAAa,EAAE,CAAC;IAErC,MAAM,GAAG,GAAG,EAAkB,CAAC;IAE/B,GAAG,CAAC,cAAc,GAAG,CAAC,KAAc,EAAQ,EAAE;QAC5C,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;YAChD,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QACD,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC;YAC1B,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,sBAAsB,CAAC,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QACD,MAAM,EAAE,GAAG,KAAiB,CAAC;QAC7B,IAAI,EAAE,CAAC,UAAU,KAAK,OAAO,CAAC,UAAU,EAAE,CAAC;YACzC,OAAO;QACT,CAAC;QACD,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC7B,CAAC,CAAC;IAEF,GAAG,CAAC,YAAY,GAAG,GAAW,EAAE;QAC9B,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,MAAM,EAAE,IAAI,iBAAiB,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QACxC,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;IAC7C,CAAC,CAAC;IAEF,GAAG,CAAC,QAAQ,GAAG,KAAK,IAA6B,EAAE;QACjD,IAAI,CAAC,iBAAiB,CAAC,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC;YACzD,MAAM,IAAI,eAAe,CACvB,qBAAqB,CAAC,SAAS,EAC/B,kFAAkF,CACnF,CAAC;QACJ,CAAC;QACD,OAAO,mCAAmC,CAAC;YACzC,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,YAAY;YACZ,QAAQ;YACR,WAAW;YACX,iBAAiB;YACjB,eAAe;YACf,kBAAkB;YAClB,OAAO;YACP,WAAW;SACZ,CAAC,CAAC;IACL,CAAC,CAAC;IAEF,GAAG,CAAC,mBAAmB,GAAG,KAAK,IAAmC,EAAE;QAClE,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,QAAQ,EAAE,CAAC;QACpC,MAAM,WAAW,GAAG,yCAAyC,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QACtF,MAAM,YAAY,GAAG,mBAAmB,CAAC,wBAAwB,CAAC,CAAC;QACnE,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,eAAe,CACvB,qBAAqB,CAAC,8BAA8B,EACpD,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,MAAM,IAAI,EAAE,CAAC,CAC1C,CAAC;QACJ,CAAC;QACD,OAAO,WAAW,CAAC;IACrB,CAAC,CAAC;IAEF,GAAG,CAAC,+BAA+B,GAAG,KAAK,IAAmB,EAAE;QAC9D,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,mBAAmB,EAAE,CAAC;QACpD,IAAI,4BAA4B,CAAC,WAAW,CAAC,KAAK,MAAM,EAAE,CAAC;YACzD,MAAM,EAAE,KAAK,EAAE,GAAG,8BAA8B,CAAC,WAAW,CAAC,CAAC;YAC9D,MAAM,IAAI,mBAAmB,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;QACpD,CAAC;IACH,CAAC,CAAC;IAEF,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/decisionGate.persistBundle.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=decisionGate.persistBundle.test.d.ts.map

package/dist/decisionGate.persistBundle.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionGate.persistBundle.test.d.ts","sourceRoot":"","sources":["../src/decisionGate.persistBundle.test.ts"],"names":[],"mappings":""}

package/dist/{withWorkflowVerification.persistBundle.test.js → decisionGate.persistBundle.test.js}

@@ -7,14 +7,15 @@ import { DatabaseSync } from "node:sqlite";
 import { describe, expect, it, beforeAll, afterAll } from "vitest";
 import { normalizeSpkiPemForSidecar } from "./workflowResultSignature.js";
 import { loadCorpusRun, resolveCorpusRootReal } from "./debugCorpus.js";
-import { withWorkflowVerification } from "./pipeline.js";
+import { createDecisionGate } from "./decisionGate.js";
+import { writeRunBundleFromDecisionGate } from "./agentRunBundle.js";
 import { verifyRunBundleSignature } from "./verifyRunBundleSignature.js";
 const root = join(fileURLToPath(import.meta.url), "..", "..");
-describe("withWorkflowVerification persistBundle", () => {
+describe("DecisionGate run bundle write", () => {
     let workDir;
     let dbPath;
     beforeAll(() => {
-        workDir = mkdtempSync(join(tmpdir(), "etl-wfv-persist-"));
+        workDir = mkdtempSync(join(tmpdir(), "etl-dg-persist-"));
         dbPath = join(workDir, "demo.db");
         const sql = readFileSync(join(root, "examples", "seed.sql"), "utf8");
         const db = new DatabaseSync(dbPath);
@@ -34,19 +35,24 @@ describe("withWorkflowVerification persistBundle", () => {
         const runId = "hook_run";
         const outDir = join(bundleParent, runId);
         try {
-            const result = await withWorkflowVerification({
+            const gate = createDecisionGate({
                 workflowId: wfId,
                 registryPath,
-                dbPath,
+                databaseUrl: dbPath,
+                projectRoot: root,
                 truthReport: () => { },
-                persistBundle: { outDir },
-            }, (observeStep) => {
-                for (const ev of events) {
-                    observeStep(ev);
-                }
             });
+            for (const ev of events) {
+                gate.appendRunEvent(ev);
+            }
+            const result = await gate.evaluate();
             expect(result.steps.length).toBe(1);
             expect(result.steps[0].status).toBe("verified");
+            writeRunBundleFromDecisionGate({
+                outDir,
+                eventsNdjson: gate.toNdjsonUtf8(),
+                workflowResult: result,
+            });
             const loaded = loadCorpusRun(resolveCorpusRootReal(bundleParent), runId);
             expect(loaded.loadStatus).toBe("ok");
             const written = readFileSync(join(outDir, "events.ndjson"), "utf8").trim().split(/\r?\n/);
@@ -57,7 +63,7 @@ describe("withWorkflowVerification persistBundle", () => {
             rmSync(bundleParent, { recursive: true, force: true });
         }
     });
-    it("persistBundle with ed25519PrivateKeyPemPath writes v2 bundle verifiable by verifyRunBundleSignature", async () => {
+    it("ed25519PrivateKeyPemPath writes v2 bundle verifiable by verifyRunBundleSignature", async () => {
         const eventsPath = join(root, "examples", "events.ndjson");
         const registryPath = join(root, "examples", "tools.json");
         const wfId = "wf_complete";
@@ -74,16 +80,22 @@ describe("withWorkflowVerification persistBundle", () => {
         writeFileSync(keyPath, privatePem, "utf8");
         writeFileSync(pubPath, normalizeSpkiPemForSidecar(publicPem), "utf8");
         try {
-            await withWorkflowVerification({
+            const gate = createDecisionGate({
                 workflowId: wfId,
                 registryPath,
-                dbPath,
+                databaseUrl: dbPath,
+                projectRoot: root,
                 truthReport: () => { },
-                persistBundle: { outDir, ed25519PrivateKeyPemPath: keyPath },
-            }, (observeStep) => {
-                for (const ev of events) {
-                    observeStep(ev);
-                }
+            });
+            for (const ev of events) {
+                gate.appendRunEvent(ev);
+            }
+            const result = await gate.evaluate();
+            writeRunBundleFromDecisionGate({
+                outDir,
+                eventsNdjson: gate.toNdjsonUtf8(),
+                workflowResult: result,
+                ed25519PrivateKeyPemPath: keyPath,
             });
             const loaded = loadCorpusRun(resolveCorpusRootReal(bundleParent), runId);
             expect(loaded.loadStatus).toBe("ok");
@@ -101,4 +113,4 @@ describe("withWorkflowVerification persistBundle", () => {
         }
     });
 });
-//# sourceMappingURL=withWorkflowVerification.persistBundle.test.js.map
+//# sourceMappingURL=decisionGate.persistBundle.test.js.map

package/dist/decisionGate.persistBundle.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionGate.persistBundle.test.js","sourceRoot":"","sources":["../src/decisionGate.persistBundle.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAC3E,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AACnE,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,kBAAkB,CAAC;AACxE,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,8BAA8B,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAC;AAEzE,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAE9D,QAAQ,CAAC,+BAA+B,EAAE,GAAG,EAAE;IAC7C,IAAI,OAAe,CAAC;IACpB,IAAI,MAAc,CAAC;IAEnB,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,iBAAiB,CAAC,CAAC,CAAC;QACzD,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAClC,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,MAAM,CAAC,CAAC;QACrE,MAAM,EAAE,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;QACpC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACb,EAAE,CAAC,KAAK,EAAE,CAAC;IACb,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,GAAG,EAAE;QACZ,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uEAAuE,EAAE,KAAK,IAAI,EAAE;QACrF,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAC3D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,YAAY,CAAC,CAAC;QAC1D,MAAM,IAAI,GAAG,aAAa,CAAC;QAC3B,MAAM,KAAK,GAAG,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACjG,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAA4B,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,IAAI,CAAC,CAAC;QAE/G,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,kBAAkB,CAAC,CAAC,CAAC;QACrE,MAAM,KAAK,GAAG,UAAU,CAAC;QACzB,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,kBAAkB,CAAC;gBAC9B,UAAU,EAAE,IAAI;gBAChB,YAAY;gBACZ,WAAW,EAAE,MAAM;gBACnB,WAAW,EAAE,IAAI;gBACjB,WAAW,EAAE,GAAG,EAAE,GAAE,CAAC;aACtB,CAAC,CAAC;YACH,KAAK,MAAM,EAAE,IAAI,MAAM,EAAE,CAAC;gBACxB,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;YAC1B,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACpC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAEjD,8BAA8B,CAAC;gBAC7B,MAAM;gBACN,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE;gBACjC,cAAc,EAAE,MAAM;aACvB,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,CAAC,qBAAqB,CAAC,YAAY,CAAC,EAAE,KAAK,CAAC,CAAC;YACzE,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAErC,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,MAAM,EAAE,eAAe,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC1F,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAE,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,CAAC;gBAAS,CAAC;YACT,MAAM,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kFAAkF,EAAE,KAAK,IAAI,EAAE;QAChG,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAC3D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,YAAY,CAAC,CAAC;QAC1D,MAAM,IAAI,GAAG,aAAa,CAAC;QAC3B,MAAM,KAAK,GAAG,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACjG,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAA4B,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,IAAI,CAAC,CAAC;QAE/G,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,mBAAmB,CAAC,CAAC,CAAC;QACtE,MAAM,KAAK,GAAG,aAAa,CAAC;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QACzC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAC;QACjE,MAAM,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAW,CAAC;QACjF,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAW,CAAC;QAC9E,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;QACjD,aAAa,CAAC,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;QAC3C,aAAa,CAAC,OAAO,EAAE,0BAA0B,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,CAAC;QACtE,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,kBAAkB,CAAC;gBAC9B,UAAU,EAAE,IAAI;gBAChB,YAAY;gBACZ,WAAW,EAAE,MAAM;gBACnB,WAAW,EAAE,IAAI;gBACjB,WAAW,EAAE,GAAG,EAAE,GAAE,CAAC;aACtB,CAAC,CAAC;YACH,KAAK,MAAM,EAAE,IAAI,MAAM,EAAE,CAAC;gBACxB,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;YAC1B,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrC,8BAA8B,CAAC;gBAC7B,MAAM;gBACN,YAAY,EAAE,IAAI,CAAC,YAAY,EAAE;gBACjC,cAAc,EAAE,MAAM;gBACtB,wBAAwB,EAAE,OAAO;aAClC,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,aAAa,CAAC,qBAAqB,CAAC,YAAY,CAAC,EAAE,KAAK,CAAC,CAAC;YACzE,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACrC,IAAI,MAAM,CAAC,UAAU,KAAK,IAAI;gBAAE,OAAO;YACvC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACpD,IAAI,MAAM,CAAC,cAAc,CAAC,aAAa,KAAK,CAAC;gBAAE,OAAO;YACtD,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,SAAS,CAAC,uBAAuB,CAAC,YAAY,CAAC,CAAC,IAAI,CAC/E,0BAA0B,CAC3B,CAAC;YAEF,MAAM,EAAE,GAAG,wBAAwB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACrD,MAAM,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;QACnC,CAAC;gBAAS,CAAC;YACT,MAAM,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/decisionUnsafeError.d.ts

@@ -0,0 +1,8 @@
+import type { OutcomeCertificateV1 } from "./outcomeCertificate.js";
+import type { TrustDecision } from "./trustDecision.js";
+export declare class DecisionUnsafeError extends Error {
+    readonly trustDecision: TrustDecision;
+    readonly certificate: OutcomeCertificateV1;
+    constructor(certificate: OutcomeCertificateV1, lines: string[]);
+}
+//# sourceMappingURL=decisionUnsafeError.d.ts.map

package/dist/decisionUnsafeError.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decisionUnsafeError.d.ts","sourceRoot":"","sources":["../src/decisionUnsafeError.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,yBAAyB,CAAC;AACpE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAGxD,qBAAa,mBAAoB,SAAQ,KAAK;IAC5C,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,QAAQ,CAAC,WAAW,EAAE,oBAAoB,CAAC;gBAE/B,WAAW,EAAE,oBAAoB,EAAE,KAAK,EAAE,MAAM,EAAE;CAM/D"}