compfn 0.1.0

package/dist/compfn.js

@@ -0,0 +1,94 @@
+/**
+ * compFn(config) factory: returns CompFnAPI with controls, frameworks, evidence, checks, readiness, and export.
+ */
+import { createControlsService } from "./controls/service.js";
+import { createFrameworksService } from "./frameworks/service.js";
+import { createEvidenceService } from "./evidence/service.js";
+import { createChecksService } from "./checks/service.js";
+import { createReadinessService } from "./readiness/service.js";
+import { createExportService } from "./export/service.js";
+/**
+ * Create CompFn API instance. Returns API with controls.*, frameworks.*, and evidence.* (create, get, list) implemented.
+ */
+export function compFn(config) {
+    const controls = createControlsService({
+        database: config.database,
+        namespace: config.namespace,
+    });
+    const frameworks = createFrameworksService({
+        database: config.database,
+        namespace: config.namespace,
+        existsControl: (controlId) => controls.get(controlId).then((r) => r.ok),
+    });
+    const evidence = createEvidenceService({
+        database: config.database,
+        namespace: config.namespace,
+        evidencePayloadMaxBytes: config.evidencePayloadMaxBytes,
+        existsControl: (controlId) => controls.get(controlId).then((r) => r.ok),
+        getFramework: async (frameworkId) => {
+            const r = await frameworks.get(frameworkId);
+            return r.ok ? r.result : null;
+        },
+        logger: config.logger,
+    });
+    const checks = createChecksService({
+        database: config.database,
+        namespace: config.namespace,
+        existsControl: (controlId) => controls.get(controlId).then((r) => r.ok),
+        getAdapter: (adapterName) => config.adapters?.[adapterName],
+        systemActorId: config.systemActorId,
+        evidenceCreate: (input) => evidence.create(input),
+        logger: config.logger,
+    });
+    const readiness = createReadinessService({
+        getControl: (id) => controls.get(id),
+        getFramework: (id) => frameworks.get(id),
+        listEvidence: (controlId) => evidence.list({ controlId }),
+        readinessWindowDays: config.readinessWindowDays,
+    });
+    const exportService = createExportService({
+        getFramework: (id) => frameworks.get(id),
+        listFrameworks: () => frameworks.list(),
+        getControl: (id) => controls.get(id),
+        listControls: (filters) => controls.list(filters),
+        listEvidence: (filters) => evidence.list(filters ?? {}),
+        exportMaxBytes: config.exportMaxBytes,
+        logger: config.logger,
+    });
+    return {
+        controls: {
+            create: (input) => controls.create(input),
+            get: (id) => controls.get(id),
+            list: (filters) => controls.list(filters),
+            update: (id, input) => controls.update(id, input),
+            delete: (id) => controls.delete(id),
+        },
+        frameworks: {
+            create: (input) => frameworks.create(input),
+            get: (id) => frameworks.get(id),
+            list: () => frameworks.list(),
+            update: (id, input) => frameworks.update(id, input),
+            delete: (id) => frameworks.delete(id),
+        },
+        evidence: {
+            create: (input) => evidence.create(input),
+            get: (id) => evidence.get(id),
+            list: (filters) => evidence.list(filters ?? {}),
+        },
+        checks: {
+            create: (definition) => checks.create(definition),
+            get: (id) => checks.get(id),
+            list: () => checks.list(),
+            run: (id) => checks.run(id),
+            delete: (id) => checks.delete(id),
+        },
+        readiness: {
+            forControl: (controlId, frameworkId) => readiness.forControl(controlId, frameworkId),
+            forFramework: (frameworkId) => readiness.forFramework(frameworkId),
+        },
+        export: {
+            auditorPack: (options) => exportService.auditorPack(options ?? {}),
+        },
+    };
+}
+//# sourceMappingURL=compfn.js.map

package/dist/compfn.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compfn.js","sourceRoot":"","sources":["../src/compfn.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAC;AAC9D,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAE1D;;GAEG;AACH,MAAM,UAAU,MAAM,CAAC,MAAoB;IACzC,MAAM,QAAQ,GAAG,qBAAqB,CAAC;QACrC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,uBAAuB,CAAC;QACzC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,aAAa,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxE,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,qBAAqB,CAAC;QACrC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;QACvD,aAAa,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,YAAY,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE;YAClC,MAAM,CAAC,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YAC5C,OAAO,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;QAChC,CAAC;QACD,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,mBAAmB,CAAC;QACjC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,aAAa,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,UAAU,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,WAAW,CAAC;QAC3D,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,cAAc,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC;QACjD,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,sBAAsB,CAAC;QACvC,UAAU,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACpC,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxC,YAAY,EAAE,CAAC,SAAS,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC;QACzD,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;KAChD,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,mBAAmB,CAAC;QACxC,YAAY,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxC,cAAc,EAAE,GAAG,EAAE,CAAC,UAAU,CAAC,IAAI,EAAE;QACvC,UAAU,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACpC,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;QACjD,YAAY,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;QACvD,cAAc,EAAE,MAAM,CAAC,cAAc;QACrC,MAAM,EAAE,MAAM,CAAC,MAAM;KACtB,CAAC,CAAC;IAEH,OAAO;QACL,QAAQ,EAAE;YACR,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC;YACzC,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,IAAI,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;YACzC,MAAM,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC;YACjD,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;SACpC;QACD,UAAU,EAAE;YACV,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC;YAC3C,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/B,IAAI,EAAE,GAAG,EAAE,CAAC,UAAU,CAAC,IAAI,EAAE;YAC7B,MAAM,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC;YACnD,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;SACtC;QACD,QAAQ,EAAE;YACR,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC;YACzC,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,IAAI,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;SAChD;QACD,MAAM,EAAE;YACN,MAAM,EAAE,CAAC,UAAU,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC;YACjD,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YAC3B,IAAI,EAAE,GAAG,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE;YACzB,GAAG,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,EAAE,CAAC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;SAClC;QACD,SAAS,EAAE;YACT,UAAU,EAAE,CAAC,SAAS,EAAE,WAAW,EAAE,EAAE,CACrC,SAAS,CAAC,UAAU,CAAC,SAAS,EAAE,WAAW,CAAC;YAC9C,YAAY,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,SAAS,CAAC,YAAY,CAAC,WAAW,CAAC;SACnE;QACD,MAAM,EAAE;YACN,WAAW,EAAE,CAAC,OAAO,EAAE,EAAE,CAAC,aAAa,CAAC,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;SACnE;KACF,CAAC;AACJ,CAAC"}

package/dist/constants.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Limit constants (LIMIT-001).
+ */
+/** Default max evidence payload size: 512 KiB */
+export declare const EVIDENCE_PAYLOAD_MAX_BYTES_DEFAULT = 524288;
+/** Default max auditor pack export size: 50 MiB */
+export declare const EXPORT_MAX_BYTES_DEFAULT: number;
+/** Max requirements per framework */
+export declare const MAX_REQUIREMENTS_PER_FRAMEWORK = 1000;
+/** Max control IDs per framework requirement */
+export declare const MAX_CONTROL_IDS_PER_REQUIREMENT = 100;
+/** Default readiness policy window (days): evidence with timestamp within this window counts for compliant. */
+export declare const READINESS_WINDOW_DAYS_DEFAULT = 90;
+//# sourceMappingURL=constants.d.ts.map

package/dist/constants.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,iDAAiD;AACjD,eAAO,MAAM,kCAAkC,SAAS,CAAC;AAEzD,mDAAmD;AACnD,eAAO,MAAM,wBAAwB,QAAmB,CAAC;AAEzD,qCAAqC;AACrC,eAAO,MAAM,8BAA8B,OAAO,CAAC;AAEnD,gDAAgD;AAChD,eAAO,MAAM,+BAA+B,MAAM,CAAC;AAEnD,+GAA+G;AAC/G,eAAO,MAAM,6BAA6B,KAAK,CAAC"}

package/dist/constants.js

@@ -0,0 +1,14 @@
+/**
+ * Limit constants (LIMIT-001).
+ */
+/** Default max evidence payload size: 512 KiB */
+export const EVIDENCE_PAYLOAD_MAX_BYTES_DEFAULT = 524288;
+/** Default max auditor pack export size: 50 MiB */
+export const EXPORT_MAX_BYTES_DEFAULT = 50 * 1024 * 1024;
+/** Max requirements per framework */
+export const MAX_REQUIREMENTS_PER_FRAMEWORK = 1000;
+/** Max control IDs per framework requirement */
+export const MAX_CONTROL_IDS_PER_REQUIREMENT = 100;
+/** Default readiness policy window (days): evidence with timestamp within this window counts for compliant. */
+export const READINESS_WINDOW_DAYS_DEFAULT = 90;
+//# sourceMappingURL=constants.js.map

package/dist/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,iDAAiD;AACjD,MAAM,CAAC,MAAM,kCAAkC,GAAG,MAAM,CAAC;AAEzD,mDAAmD;AACnD,MAAM,CAAC,MAAM,wBAAwB,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC;AAEzD,qCAAqC;AACrC,MAAM,CAAC,MAAM,8BAA8B,GAAG,IAAI,CAAC;AAEnD,gDAAgD;AAChD,MAAM,CAAC,MAAM,+BAA+B,GAAG,GAAG,CAAC;AAEnD,+GAA+G;AAC/G,MAAM,CAAC,MAAM,6BAA6B,GAAG,EAAE,CAAC"}

package/dist/control.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Control types: Control, CreateControlInput, UpdateControlInput.
+ */
+export interface Control {
+    id: string;
+    name: string;
+    description: string;
+    category: string;
+    tags?: string[];
+    createdAt: number;
+    updatedAt: number;
+}
+export interface CreateControlInput {
+    name: string;
+    description: string;
+    category: string;
+    tags?: string[];
+}
+export interface UpdateControlInput {
+    name?: string;
+    description?: string;
+    category?: string;
+    tags?: string[];
+}
+//# sourceMappingURL=control.d.ts.map

package/dist/control.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"control.d.ts","sourceRoot":"","sources":["../src/control.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB"}

package/dist/control.js

@@ -0,0 +1,5 @@
+/**
+ * Control types: Control, CreateControlInput, UpdateControlInput.
+ */
+export {};
+//# sourceMappingURL=control.js.map

package/dist/control.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"control.js","sourceRoot":"","sources":["../src/control.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/controls/service.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Controls CRUD service using storage adapter.
+ * All methods return CompfnEnvelope; CONTROL_NOT_FOUND when id does not exist.
+ */
+import type { Adapter } from "@superfunctions/db";
+import type { Control, CreateControlInput, UpdateControlInput } from "../control.js";
+import type { CompfnEnvelope } from "../errors.js";
+export interface ControlsServiceConfig {
+    database: Adapter;
+    namespace?: string;
+}
+export declare function createControlsService(config: ControlsServiceConfig): {
+    create(input: CreateControlInput): Promise<CompfnEnvelope<Control>>;
+    get(id: string): Promise<CompfnEnvelope<Control>>;
+    list(filters?: {
+        category?: string;
+        tags?: string[];
+    }): Promise<CompfnEnvelope<Control[]>>;
+    update(id: string, input: UpdateControlInput): Promise<CompfnEnvelope<Control>>;
+    delete(id: string): Promise<CompfnEnvelope<void>>;
+};
+//# sourceMappingURL=service.d.ts.map

package/dist/controls/service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../src/controls/service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,KAAK,EAAE,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACrF,OAAO,KAAK,EAAE,cAAc,EAAe,MAAM,cAAc,CAAC;AAKhE,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAgCD,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,qBAAqB;kBAQ3C,kBAAkB,GAAG,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YAmC3D,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;mBAiClC;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;KACjB,GAAG,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC;eAoCrB,MAAM,SAAS,kBAAkB,GAAG,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;eAgFpE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;EAqC1D"}

package/dist/controls/service.js

@@ -0,0 +1,248 @@
+/**
+ * Controls CRUD service using storage adapter.
+ * All methods return CompfnEnvelope; CONTROL_NOT_FOUND when id does not exist.
+ */
+import { validateCreateControlInput, validateUpdateControlInput } from "../validation.js";
+const MODEL = "controls";
+function defaultNamespace() {
+    return "compfn";
+}
+function generateId() {
+    return crypto.randomUUID();
+}
+function now() {
+    return Date.now();
+}
+function rowToControl(row) {
+    return {
+        id: String(row.id),
+        name: String(row.name),
+        description: String(row.description),
+        category: String(row.category),
+        createdAt: Number(row.createdAt),
+        updatedAt: Number(row.updatedAt),
+    };
+}
+function ensureTags(control, row) {
+    if (Array.isArray(row.tags)) {
+        control.tags = row.tags.slice();
+    }
+    return control;
+}
+export function createControlsService(config) {
+    const namespace = config.namespace ?? defaultNamespace();
+    function withNamespace(params) {
+        return { ...params, namespace };
+    }
+    return {
+        async create(input) {
+            const validation = validateCreateControlInput(input);
+            if (!validation.ok) {
+                return { ok: false, error: validation.error };
+            }
+            const { value } = validation;
+            const id = generateId();
+            const ts = now();
+            const data = {
+                id,
+                name: value.name,
+                description: value.description,
+                category: value.category,
+                tags: value.tags ?? null,
+                createdAt: ts,
+                updatedAt: ts,
+            };
+            try {
+                const created = await config.database.create(withNamespace({ model: MODEL, data }));
+                const control = ensureTags(rowToControl(created), created);
+                return { ok: true, result: control };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: {},
+                    },
+                };
+            }
+        },
+        async get(id) {
+            try {
+                const row = await config.database.findOne(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                }));
+                if (row == null) {
+                    return {
+                        ok: false,
+                        error: {
+                            code: "CONTROL_NOT_FOUND",
+                            message: "Control not found",
+                            details: { id },
+                        },
+                    };
+                }
+                const r = row;
+                const control = ensureTags(rowToControl(r), r);
+                return { ok: true, result: control };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: { id },
+                    },
+                };
+            }
+        },
+        async list(filters) {
+            try {
+                const where = [];
+                if (filters?.category != null && filters.category !== "") {
+                    where.push({ field: "category", operator: "eq", value: filters.category });
+                }
+                const params = withNamespace({
+                    model: MODEL,
+                    where: where.map((w) => ({ ...w, connector: "AND" })),
+                    orderBy: [{ field: "updatedAt", direction: "desc" }],
+                });
+                let rows = await config.database.findMany(params);
+                if (filters?.tags != null && filters.tags.length > 0) {
+                    const tagSet = new Set(filters.tags);
+                    rows = rows.filter((row) => {
+                        const tags = row.tags;
+                        if (!Array.isArray(tags))
+                            return false;
+                        return tags.some((t) => tagSet.has(t));
+                    });
+                }
+                const controls = rows.map((r) => ensureTags(rowToControl(r), r));
+                return { ok: true, result: controls };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: {},
+                    },
+                };
+            }
+        },
+        async update(id, input) {
+            const validation = validateUpdateControlInput(input);
+            if (!validation.ok) {
+                return { ok: false, error: validation.error };
+            }
+            const { value } = validation;
+            if (Object.keys(value).length === 0) {
+                const row = await config.database.findOne(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                }));
+                if (row == null) {
+                    return {
+                        ok: false,
+                        error: {
+                            code: "CONTROL_NOT_FOUND",
+                            message: "Control not found",
+                            details: { id },
+                        },
+                    };
+                }
+                const r = row;
+                return { ok: true, result: ensureTags(rowToControl(r), r) };
+            }
+            try {
+                const existing = await config.database.findOne(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                }));
+                if (existing == null) {
+                    return {
+                        ok: false,
+                        error: {
+                            code: "CONTROL_NOT_FOUND",
+                            message: "Control not found",
+                            details: { id },
+                        },
+                    };
+                }
+                const existingRow = existing;
+                const data = {
+                    ...existingRow,
+                    updatedAt: now(),
+                };
+                if (value.name !== undefined)
+                    data.name = value.name;
+                if (value.description !== undefined)
+                    data.description = value.description;
+                if (value.category !== undefined)
+                    data.category = value.category;
+                if (value.tags !== undefined)
+                    data.tags = value.tags;
+                await config.database.update(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                    data,
+                }));
+                const updated = await config.database.findOne(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                }));
+                const r = updated;
+                const control = ensureTags(rowToControl(r), r);
+                return { ok: true, result: control };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: { id },
+                    },
+                };
+            }
+        },
+        async delete(id) {
+            try {
+                const existing = await config.database.findOne(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                }));
+                if (existing == null) {
+                    return {
+                        ok: false,
+                        error: {
+                            code: "CONTROL_NOT_FOUND",
+                            message: "Control not found",
+                            details: { id },
+                        },
+                    };
+                }
+                await config.database.delete(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                }));
+                return { ok: true, result: undefined };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: { id },
+                    },
+                };
+            }
+        },
+    };
+}
+//# sourceMappingURL=service.js.map

package/dist/controls/service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.js","sourceRoot":"","sources":["../../src/controls/service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAE,0BAA0B,EAAE,0BAA0B,EAAE,MAAM,kBAAkB,CAAC;AAE1F,MAAM,KAAK,GAAG,UAAU,CAAC;AAOzB,SAAS,gBAAgB;IACvB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,MAAM,CAAC,UAAU,EAAE,CAAC;AAC7B,CAAC;AAED,SAAS,GAAG;IACV,OAAO,IAAI,CAAC,GAAG,EAAE,CAAC;AACpB,CAAC;AAED,SAAS,YAAY,CAAC,GAA4B;IAChD,OAAO;QACL,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QAClB,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC;QACtB,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC;QACpC,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC;QAC9B,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;QAChC,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;KACjC,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,OAAgB,EAAE,GAA4B;IAChE,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,GAAI,GAAG,CAAC,IAAiB,CAAC,KAAK,EAAE,CAAC;IAChD,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAA6B;IACjE,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,gBAAgB,EAAE,CAAC;IAEzD,SAAS,aAAa,CAAmB,MAAS;QAChD,OAAO,EAAE,GAAG,MAAM,EAAE,SAAS,EAA+B,CAAC;IAC/D,CAAC;IAED,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,KAAyB;YACpC,MAAM,UAAU,GAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC;YACrD,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;gBACnB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,CAAC;YAChD,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,GAAG,UAAU,CAAC;YAC7B,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;YACxB,MAAM,EAAE,GAAG,GAAG,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG;gBACX,EAAE;gBACF,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,IAAI;gBACxB,SAAS,EAAE,EAAE;gBACb,SAAS,EAAE,EAAE;aACd,CAAC;YACF,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC1C,aAAa,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CACtC,CAAC;gBACF,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,OAAkC,CAAC,EAAE,OAAkC,CAAC,CAAC;gBACjH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YACvC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE;qBACZ;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,KAAK,CAAC,GAAG,CAAC,EAAU;YAClB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,CACvC,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;iBACpD,CAAC,CACH,CAAC;gBACF,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;oBAChB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,mBAAmB;4BACzB,OAAO,EAAE,mBAAmB;4BAC5B,OAAO,EAAE,EAAE,EAAE,EAAE;yBAChB;qBACF,CAAC;gBACJ,CAAC;gBACD,MAAM,CAAC,GAAG,GAA8B,CAAC;gBACzC,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC/C,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YACvC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE,EAAE,EAAE;qBAChB;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,OAGV;YACC,IAAI,CAAC;gBACH,MAAM,KAAK,GAAyE,EAAE,CAAC;gBACvF,IAAI,OAAO,EAAE,QAAQ,IAAI,IAAI,IAAI,OAAO,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;oBACzD,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAC7E,CAAC;gBACD,MAAM,MAAM,GAAG,aAAa,CAAC;oBAC3B,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,SAAS,EAAE,KAAc,EAAE,CAAC,CAAC;oBAC9D,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAe,EAAE,CAAC;iBAC9D,CAAC,CAAC;gBACH,IAAI,IAAI,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAClD,IAAI,OAAO,EAAE,IAAI,IAAI,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBACrC,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAA4B,EAAE,EAAE;wBAClD,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC;wBACtB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;4BAAE,OAAO,KAAK,CAAC;wBACvC,OAAQ,IAAiB,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;oBAC/D,CAAC,CAAC,CAAC;gBACL,CAAC;gBACD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAA0B,EAAE,EAAE,CACvD,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAC/B,CAAC;gBACF,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;YACxC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE;qBACZ;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,EAAU,EAAE,KAAyB;YAChD,MAAM,UAAU,GAAG,0BAA0B,CAAC,KAAK,CAAC,CAAC;YACrD,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;gBACnB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,CAAC;YAChD,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,GAAG,UAAU,CAAC;YAC7B,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACpC,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,CACvC,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;iBACpD,CAAC,CACH,CAAC;gBACF,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;oBAChB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,mBAAmB;4BACzB,OAAO,EAAE,mBAAmB;4BAC5B,OAAO,EAAE,EAAE,EAAE,EAAE;yBAChB;qBACF,CAAC;gBACJ,CAAC;gBACD,MAAM,CAAC,GAAG,GAA8B,CAAC;gBACzC,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YAC9D,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,CAC5C,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;iBACpD,CAAC,CACH,CAAC;gBACF,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;oBACrB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,mBAAmB;4BACzB,OAAO,EAAE,mBAAmB;4BAC5B,OAAO,EAAE,EAAE,EAAE,EAAE;yBAChB;qBACF,CAAC;gBACJ,CAAC;gBACD,MAAM,WAAW,GAAG,QAAmC,CAAC;gBACxD,MAAM,IAAI,GAA4B;oBACpC,GAAG,WAAW;oBACd,SAAS,EAAE,GAAG,EAAE;iBACjB,CAAC;gBACF,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS;oBAAE,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;gBACrD,IAAI,KAAK,CAAC,WAAW,KAAK,SAAS;oBAAE,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC;gBAC1E,IAAI,KAAK,CAAC,QAAQ,KAAK,SAAS;oBAAE,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;gBACjE,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS;oBAAE,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;gBACrD,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC1B,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;oBACnD,IAAI;iBACL,CAAC,CACH,CAAC;gBACF,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,CAC3C,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;iBACpD,CAAC,CACH,CAAC;gBACF,MAAM,CAAC,GAAG,OAAkC,CAAC;gBAC7C,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC/C,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC;YACvC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE,EAAE,EAAE;qBAChB;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,KAAK,CAAC,MAAM,CAAC,EAAU;YACrB,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,CAC5C,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;iBACpD,CAAC,CACH,CAAC;gBACF,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;oBACrB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,mBAAmB;4BACzB,OAAO,EAAE,mBAAmB;4BAC5B,OAAO,EAAE,EAAE,EAAE,EAAE;yBAChB;qBACF,CAAC;gBACJ,CAAC;gBACD,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC1B,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;iBACpD,CAAC,CACH,CAAC;gBACF,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;YACzC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE,EAAE,EAAE;qBAChB;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/errors.d.ts

@@ -0,0 +1,23 @@
+/**
+ * CompFn error codes and envelope types (API-002).
+ */
+export type CompfnErrorCode = "CONTROL_NOT_FOUND" | "FRAMEWORK_NOT_FOUND" | "EVIDENCE_NOT_FOUND" | "CHECK_NOT_FOUND" | "VALIDATION_FAILED" | "ADAPTER_NOT_FOUND" | "ADAPTER_ERROR" | "STORAGE_ERROR" | "EXPORT_FAILED" | "PAYLOAD_TOO_LARGE" | "RATE_LIMITED";
+export interface CompfnError {
+    code: CompfnErrorCode;
+    message: string;
+    details: {
+        path?: string;
+        id?: string;
+        controlId?: string;
+        frameworkId?: string;
+        [key: string]: unknown;
+    };
+}
+export type CompfnEnvelope<T> = {
+    ok: true;
+    result: T;
+} | {
+    ok: false;
+    error: CompfnError;
+};
+//# sourceMappingURL=errors.d.ts.map

package/dist/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,eAAe,GACvB,mBAAmB,GACnB,qBAAqB,GACrB,oBAAoB,GACpB,iBAAiB,GACjB,mBAAmB,GACnB,mBAAmB,GACnB,eAAe,GACf,eAAe,GACf,eAAe,GACf,mBAAmB,GACnB,cAAc,CAAC;AAEnB,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,eAAe,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE;QACP,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,EAAE,CAAC,EAAE,MAAM,CAAC;QACZ,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;KACxB,CAAC;CACH;AAED,MAAM,MAAM,cAAc,CAAC,CAAC,IACxB;IAAE,EAAE,EAAE,IAAI,CAAC;IAAC,MAAM,EAAE,CAAC,CAAA;CAAE,GACvB;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,WAAW,CAAA;CAAE,CAAC"}

package/dist/errors.js

@@ -0,0 +1,5 @@
+/**
+ * CompFn error codes and envelope types (API-002).
+ */
+export {};
+//# sourceMappingURL=errors.js.map

package/dist/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/evidence/service.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Evidence service: create, get, list (immutable; no update/delete).
+ * Validates controlId exists, type in EvidenceType, payload size ≤ evidencePayloadMaxBytes.
+ * Returns VALIDATION_FAILED for invalid controlId or type; PAYLOAD_TOO_LARGE when payload exceeds limit.
+ */
+import type { Adapter } from "@superfunctions/db";
+import type { Evidence, CreateEvidenceInput } from "../evidence.js";
+import type { CompfnEnvelope } from "../errors.js";
+import type { Logger } from "../logger.js";
+export interface EvidenceServiceConfig {
+    database: Adapter;
+    namespace?: string;
+    evidencePayloadMaxBytes?: number;
+    /** Check that a control exists (e.g. controls.get(id).then(r => r.ok)) */
+    existsControl: (controlId: string) => Promise<boolean>;
+    /** Get framework by id to resolve requirement controlIds (for list by frameworkId) */
+    getFramework: (frameworkId: string) => Promise<{
+        requirements: {
+            controlIds: string[];
+        }[];
+    } | null>;
+    logger?: Logger;
+}
+export declare function createEvidenceService(config: EvidenceServiceConfig): {
+    create(input: CreateEvidenceInput): Promise<CompfnEnvelope<Evidence>>;
+    get(id: string): Promise<CompfnEnvelope<Evidence>>;
+    list(filters: {
+        controlId?: string;
+        frameworkId?: string;
+        type?: string;
+        since?: number;
+    }): Promise<CompfnEnvelope<Evidence[]>>;
+};
+//# sourceMappingURL=service.d.ts.map

package/dist/evidence/service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../src/evidence/service.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,KAAK,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACpE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAO3C,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,0EAA0E;IAC1E,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IACvD,sFAAsF;IACtF,YAAY,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,OAAO,CAAC;QAAE,YAAY,EAAE;YAAE,UAAU,EAAE,MAAM,EAAE,CAAA;SAAE,EAAE,CAAA;KAAE,GAAG,IAAI,CAAC,CAAC;IACpG,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAuCD,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,qBAAqB;kBAU3C,mBAAmB,GAAG,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YA2E7D,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;kBA+BpC;QAClB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC,CAAC;EAgE1C"}