compfn 0.1.0

package/dist/evidence/service.js

@@ -0,0 +1,218 @@
+/**
+ * Evidence service: create, get, list (immutable; no update/delete).
+ * Validates controlId exists, type in EvidenceType, payload size ≤ evidencePayloadMaxBytes.
+ * Returns VALIDATION_FAILED for invalid controlId or type; PAYLOAD_TOO_LARGE when payload exceeds limit.
+ */
+import { validateCreateEvidenceInput } from "../validation.js";
+import { EVIDENCE_PAYLOAD_MAX_BYTES_DEFAULT } from "../constants.js";
+import { defaultLogger } from "../logger.js";
+const MODEL = "evidence";
+function defaultNamespace() {
+    return "compfn";
+}
+function generateId() {
+    return crypto.randomUUID();
+}
+function now() {
+    return Date.now();
+}
+function rowToEvidence(row) {
+    const evidence = {
+        id: String(row.id),
+        controlId: String(row.controlId),
+        type: String(row.type),
+        timestamp: Number(row.timestamp),
+        actorId: String(row.actorId),
+        outcome: String(row.outcome),
+        createdAt: Number(row.createdAt),
+    };
+    if (row.sourceId != null && row.sourceId !== "") {
+        evidence.sourceId = String(row.sourceId);
+    }
+    if (row.frameworkRequirementId != null && row.frameworkRequirementId !== "") {
+        evidence.frameworkRequirementId = String(row.frameworkRequirementId);
+    }
+    if (row.payload != null && typeof row.payload === "object") {
+        evidence.payload = row.payload;
+    }
+    if (row.artifactRef != null && row.artifactRef !== "") {
+        evidence.artifactRef = String(row.artifactRef);
+    }
+    return evidence;
+}
+export function createEvidenceService(config) {
+    const namespace = config.namespace ?? defaultNamespace();
+    const maxPayloadBytes = config.evidencePayloadMaxBytes ?? EVIDENCE_PAYLOAD_MAX_BYTES_DEFAULT;
+    const logger = config.logger ?? defaultLogger;
+    function withNamespace(params) {
+        return { ...params, namespace };
+    }
+    return {
+        async create(input) {
+            const validation = validateCreateEvidenceInput(input);
+            if (!validation.ok) {
+                return { ok: false, error: validation.error };
+            }
+            const value = validation.value;
+            const controlExists = await config.existsControl(value.controlId);
+            if (!controlExists) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "VALIDATION_FAILED",
+                        message: "Control not found",
+                        details: { controlId: value.controlId },
+                    },
+                };
+            }
+            if (value.payload != null) {
+                const payloadBytes = new TextEncoder().encode(JSON.stringify(value.payload)).length;
+                if (payloadBytes > maxPayloadBytes) {
+                    return {
+                        ok: false,
+                        error: {
+                            code: "PAYLOAD_TOO_LARGE",
+                            message: `Payload size ${payloadBytes} exceeds limit ${maxPayloadBytes}`,
+                            details: { limit: maxPayloadBytes, size: payloadBytes },
+                        },
+                    };
+                }
+            }
+            const id = generateId();
+            const timestamp = value.timestamp ?? now();
+            const createdAt = now();
+            const data = {
+                id,
+                controlId: value.controlId,
+                type: value.type,
+                timestamp,
+                actorId: value.actorId,
+                outcome: value.outcome,
+                createdAt,
+            };
+            if (value.sourceId != null)
+                data.sourceId = value.sourceId;
+            if (value.frameworkRequirementId != null)
+                data.frameworkRequirementId = value.frameworkRequirementId;
+            if (value.payload != null)
+                data.payload = value.payload;
+            if (value.artifactRef != null)
+                data.artifactRef = value.artifactRef;
+            try {
+                const created = await config.database.create(withNamespace({ model: MODEL, data }));
+                const result = rowToEvidence(created);
+                logger.info("evidence.created", {
+                    event: "evidence.created",
+                    evidenceId: result.id,
+                    controlId: result.controlId,
+                    type: result.type,
+                    outcome: result.outcome,
+                });
+                return { ok: true, result };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: {},
+                    },
+                };
+            }
+        },
+        async get(id) {
+            try {
+                const row = await config.database.findOne(withNamespace({
+                    model: MODEL,
+                    where: [{ field: "id", operator: "eq", value: id }],
+                }));
+                if (row == null) {
+                    return {
+                        ok: false,
+                        error: {
+                            code: "EVIDENCE_NOT_FOUND",
+                            message: "Evidence not found",
+                            details: { id },
+                        },
+                    };
+                }
+                return { ok: true, result: rowToEvidence(row) };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: { id },
+                    },
+                };
+            }
+        },
+        async list(filters) {
+            try {
+                let controlIds;
+                if (filters.frameworkId != null && filters.frameworkId !== "") {
+                    const fw = await config.getFramework(filters.frameworkId);
+                    if (fw == null) {
+                        return {
+                            ok: false,
+                            error: {
+                                code: "FRAMEWORK_NOT_FOUND",
+                                message: "Framework not found",
+                                details: { frameworkId: filters.frameworkId },
+                            },
+                        };
+                    }
+                    const set = new Set();
+                    for (const req of fw.requirements) {
+                        for (const cid of req.controlIds) {
+                            set.add(cid);
+                        }
+                    }
+                    controlIds = Array.from(set);
+                    if (filters.controlId != null && filters.controlId !== "") {
+                        controlIds = set.has(filters.controlId) ? [filters.controlId] : [];
+                    }
+                    if (controlIds.length === 0) {
+                        return { ok: true, result: [] };
+                    }
+                }
+                const where = [];
+                if (controlIds != null && controlIds.length > 0) {
+                    where.push({ field: "controlId", operator: "in", value: controlIds });
+                }
+                else if (filters.controlId != null && filters.controlId !== "") {
+                    where.push({ field: "controlId", operator: "eq", value: filters.controlId });
+                }
+                if (filters.type != null && filters.type !== "") {
+                    where.push({ field: "type", operator: "eq", value: filters.type });
+                }
+                if (filters.since != null && Number.isFinite(filters.since)) {
+                    where.push({ field: "timestamp", operator: "gte", value: filters.since });
+                }
+                const withConnector = where.map((w, i) => ({ ...w, connector: i === 0 ? undefined : "AND" }));
+                const params = withNamespace({
+                    model: MODEL,
+                    where: withConnector,
+                    orderBy: [{ field: "createdAt", direction: "desc" }],
+                });
+                const rows = await config.database.findMany(params);
+                const evidence = rows.map((r) => rowToEvidence(r));
+                return { ok: true, result: evidence };
+            }
+            catch (err) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "STORAGE_ERROR",
+                        message: err instanceof Error ? err.message : "Storage error",
+                        details: {},
+                    },
+                };
+            }
+        },
+    };
+}
+//# sourceMappingURL=service.js.map

package/dist/evidence/service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.js","sourceRoot":"","sources":["../../src/evidence/service.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,OAAO,EAAE,2BAA2B,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,kCAAkC,EAAE,MAAM,iBAAiB,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,MAAM,KAAK,GAAG,UAAU,CAAC;AAazB,SAAS,gBAAgB;IACvB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,MAAM,CAAC,UAAU,EAAE,CAAC;AAC7B,CAAC;AAED,SAAS,GAAG;IACV,OAAO,IAAI,CAAC,GAAG,EAAE,CAAC;AACpB,CAAC;AAED,SAAS,aAAa,CAAC,GAA4B;IACjD,MAAM,QAAQ,GAAa;QACzB,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;QAChC,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,CAAqB;QAC1C,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;QAChC,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC;QAC5B,OAAO,EAAE,MAAM,CAAC,GAAG,CAAC,OAAO,CAAgC;QAC3D,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;KACjC,CAAC;IACF,IAAI,GAAG,CAAC,QAAQ,IAAI,IAAI,IAAI,GAAG,CAAC,QAAQ,KAAK,EAAE,EAAE,CAAC;QAChD,QAAQ,CAAC,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC3C,CAAC;IACD,IAAI,GAAG,CAAC,sBAAsB,IAAI,IAAI,IAAI,GAAG,CAAC,sBAAsB,KAAK,EAAE,EAAE,CAAC;QAC5E,QAAQ,CAAC,sBAAsB,GAAG,MAAM,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACvE,CAAC;IACD,IAAI,GAAG,CAAC,OAAO,IAAI,IAAI,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;QAC3D,QAAQ,CAAC,OAAO,GAAG,GAAG,CAAC,OAAkC,CAAC;IAC5D,CAAC;IACD,IAAI,GAAG,CAAC,WAAW,IAAI,IAAI,IAAI,GAAG,CAAC,WAAW,KAAK,EAAE,EAAE,CAAC;QACtD,QAAQ,CAAC,WAAW,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACjD,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAA6B;IACjE,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,gBAAgB,EAAE,CAAC;IACzD,MAAM,eAAe,GAAG,MAAM,CAAC,uBAAuB,IAAI,kCAAkC,CAAC;IAC7F,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,aAAa,CAAC;IAE9C,SAAS,aAAa,CAAmB,MAAS;QAChD,OAAO,EAAE,GAAG,MAAM,EAAE,SAAS,EAA+B,CAAC;IAC/D,CAAC;IAED,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,KAA0B;YACrC,MAAM,UAAU,GAAG,2BAA2B,CAAC,KAAK,CAAC,CAAC;YACtD,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;gBACnB,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,CAAC;YAChD,CAAC;YACD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC;YAE/B,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAClE,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,mBAAmB;wBACzB,OAAO,EAAE,mBAAmB;wBAC5B,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE;qBACxC;iBACF,CAAC;YACJ,CAAC;YAED,IAAI,KAAK,CAAC,OAAO,IAAI,IAAI,EAAE,CAAC;gBAC1B,MAAM,YAAY,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;gBACpF,IAAI,YAAY,GAAG,eAAe,EAAE,CAAC;oBACnC,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,mBAAmB;4BACzB,OAAO,EAAE,gBAAgB,YAAY,kBAAkB,eAAe,EAAE;4BACxE,OAAO,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,YAAY,EAAE;yBACxD;qBACF,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;YACxB,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;YAC3C,MAAM,SAAS,GAAG,GAAG,EAAE,CAAC;YACxB,MAAM,IAAI,GAA4B;gBACpC,EAAE;gBACF,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,SAAS;gBACT,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,OAAO,EAAE,KAAK,CAAC,OAAO;gBACtB,SAAS;aACV,CAAC;YACF,IAAI,KAAK,CAAC,QAAQ,IAAI,IAAI;gBAAE,IAAI,CAAC,QAAQ,GAAG,KAAK,CAAC,QAAQ,CAAC;YAC3D,IAAI,KAAK,CAAC,sBAAsB,IAAI,IAAI;gBAAE,IAAI,CAAC,sBAAsB,GAAG,KAAK,CAAC,sBAAsB,CAAC;YACrG,IAAI,KAAK,CAAC,OAAO,IAAI,IAAI;gBAAE,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;YACxD,IAAI,KAAK,CAAC,WAAW,IAAI,IAAI;gBAAE,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC;YAEpE,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC1C,aAAa,CAAC,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CACtC,CAAC;gBACF,MAAM,MAAM,GAAG,aAAa,CAAC,OAAkC,CAAC,CAAC;gBACjE,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE;oBAC9B,KAAK,EAAE,kBAAkB;oBACzB,UAAU,EAAE,MAAM,CAAC,EAAE;oBACrB,SAAS,EAAE,MAAM,CAAC,SAAS;oBAC3B,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;iBACxB,CAAC,CAAC;gBACH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;YAC9B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE;qBACZ;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,KAAK,CAAC,GAAG,CAAC,EAAU;YAClB,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,OAAO,CACvC,aAAa,CAAC;oBACZ,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;iBACpD,CAAC,CACH,CAAC;gBACF,IAAI,GAAG,IAAI,IAAI,EAAE,CAAC;oBAChB,OAAO;wBACL,EAAE,EAAE,KAAK;wBACT,KAAK,EAAE;4BACL,IAAI,EAAE,oBAAoB;4BAC1B,OAAO,EAAE,oBAAoB;4BAC7B,OAAO,EAAE,EAAE,EAAE,EAAE;yBAChB;qBACF,CAAC;gBACJ,CAAC;gBACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,aAAa,CAAC,GAA8B,CAAC,EAAE,CAAC;YAC7E,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE,EAAE,EAAE;qBAChB;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,OAKV;YACC,IAAI,CAAC;gBACH,IAAI,UAAgC,CAAC;gBACrC,IAAI,OAAO,CAAC,WAAW,IAAI,IAAI,IAAI,OAAO,CAAC,WAAW,KAAK,EAAE,EAAE,CAAC;oBAC9D,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;oBAC1D,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC;wBACf,OAAO;4BACL,EAAE,EAAE,KAAK;4BACT,KAAK,EAAE;gCACL,IAAI,EAAE,qBAAqB;gCAC3B,OAAO,EAAE,qBAAqB;gCAC9B,OAAO,EAAE,EAAE,WAAW,EAAE,OAAO,CAAC,WAAW,EAAE;6BAC9C;yBACF,CAAC;oBACJ,CAAC;oBACD,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;oBAC9B,KAAK,MAAM,GAAG,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;wBAClC,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;4BACjC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;wBACf,CAAC;oBACH,CAAC;oBACD,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAC7B,IAAI,OAAO,CAAC,SAAS,IAAI,IAAI,IAAI,OAAO,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;wBAC1D,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBACrE,CAAC;oBACD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC5B,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;oBAClC,CAAC;gBACH,CAAC;gBAED,MAAM,KAAK,GAA6G,EAAE,CAAC;gBAC3H,IAAI,UAAU,IAAI,IAAI,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChD,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;gBACxE,CAAC;qBAAM,IAAI,OAAO,CAAC,SAAS,IAAI,IAAI,IAAI,OAAO,CAAC,SAAS,KAAK,EAAE,EAAE,CAAC;oBACjE,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;gBAC/E,CAAC;gBACD,IAAI,OAAO,CAAC,IAAI,IAAI,IAAI,IAAI,OAAO,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC;oBAChD,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;gBACrE,CAAC;gBACD,IAAI,OAAO,CAAC,KAAK,IAAI,IAAI,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC5D,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC5E,CAAC;gBAED,MAAM,aAAa,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,KAAe,EAAE,CAAC,CAAC,CAAC;gBACzG,MAAM,MAAM,GAAG,aAAa,CAAC;oBAC3B,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,aAAa;oBACpB,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAe,EAAE,CAAC;iBAC9D,CAAC,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;gBACpD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAA0B,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC5E,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;YACxC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;wBAC7D,OAAO,EAAE,EAAE;qBACZ;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/evidence.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Evidence types: EvidenceType, Evidence, CreateEvidenceInput.
+ */
+export declare const EVIDENCE_TYPES: readonly string[];
+export type EvidenceType = "automated_secfn" | "automated_authfn" | "automated_logfn" | "automated_watchfn" | "automated_hostfn" | "automated_flowfn" | "automated_filefn" | "automated_plugfn" | "manual_attestation" | "file_upload" | "questionnaire" | "custom_check" | "scoping_decision" | "external_webhook";
+export interface Evidence {
+    id: string;
+    controlId: string;
+    type: EvidenceType;
+    sourceId?: string;
+    frameworkRequirementId?: string;
+    timestamp: number;
+    actorId: string;
+    outcome: "pass" | "fail" | "unknown";
+    payload?: Record<string, unknown>;
+    artifactRef?: string;
+    createdAt: number;
+}
+export interface CreateEvidenceInput {
+    controlId: string;
+    type: EvidenceType;
+    sourceId?: string;
+    frameworkRequirementId?: string;
+    timestamp?: number;
+    actorId: string;
+    outcome: "pass" | "fail" | "unknown";
+    payload?: Record<string, unknown>;
+    artifactRef?: string;
+}
+//# sourceMappingURL=evidence.d.ts.map

package/dist/evidence.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"evidence.d.ts","sourceRoot":"","sources":["../src/evidence.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,eAAO,MAAM,cAAc,EAAE,SAAS,MAAM,EAelC,CAAC;AAEX,MAAM,MAAM,YAAY,GACpB,iBAAiB,GACjB,kBAAkB,GAClB,iBAAiB,GACjB,mBAAmB,GACnB,kBAAkB,GAClB,kBAAkB,GAClB,kBAAkB,GAClB,kBAAkB,GAClB,oBAAoB,GACpB,aAAa,GACb,eAAe,GACf,cAAc,GACd,kBAAkB,GAClB,kBAAkB,CAAC;AAEvB,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,YAAY,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,YAAY,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAChC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB"}

package/dist/evidence.js

@@ -0,0 +1,20 @@
+/**
+ * Evidence types: EvidenceType, Evidence, CreateEvidenceInput.
+ */
+export const EVIDENCE_TYPES = [
+    "automated_secfn",
+    "automated_authfn",
+    "automated_logfn",
+    "automated_watchfn",
+    "automated_hostfn",
+    "automated_flowfn",
+    "automated_filefn",
+    "automated_plugfn",
+    "manual_attestation",
+    "file_upload",
+    "questionnaire",
+    "custom_check",
+    "scoping_decision",
+    "external_webhook",
+];
+//# sourceMappingURL=evidence.js.map

package/dist/evidence.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evidence.js","sourceRoot":"","sources":["../src/evidence.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,CAAC,MAAM,cAAc,GAAsB;IAC/C,iBAAiB;IACjB,kBAAkB;IAClB,iBAAiB;IACjB,mBAAmB;IACnB,kBAAkB;IAClB,kBAAkB;IAClB,kBAAkB;IAClB,kBAAkB;IAClB,oBAAoB;IACpB,aAAa;IACb,eAAe;IACf,cAAc;IACd,kBAAkB;IAClB,kBAAkB;CACV,CAAC"}

package/dist/export/service.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Export service: auditorPack() builds AuditorPack with optional frameworkId/since filters
+ * and enforces exportMaxBytes (EXPORT-001, LIMIT-001).
+ */
+import type { CompfnEnvelope } from "../errors.js";
+import type { Control } from "../control.js";
+import type { Framework } from "../framework.js";
+import type { Evidence } from "../evidence.js";
+import type { AuditorPack } from "../export-types.js";
+import type { Logger } from "../logger.js";
+export interface ExportServiceConfig {
+    /** Load single framework by id */
+    getFramework: (id: string) => Promise<CompfnEnvelope<Framework>>;
+    /** Load all frameworks */
+    listFrameworks: () => Promise<CompfnEnvelope<Framework[]>>;
+    /** Load single control by id */
+    getControl: (id: string) => Promise<CompfnEnvelope<Control>>;
+    /** Load all controls (no filter) or with optional filters */
+    listControls: (filters?: {
+        category?: string;
+        tags?: string[];
+    }) => Promise<CompfnEnvelope<Control[]>>;
+    /** List evidence with optional controlId, frameworkId, type, since */
+    listEvidence: (filters: {
+        controlId?: string;
+        frameworkId?: string;
+        type?: string;
+        since?: number;
+    }) => Promise<CompfnEnvelope<Evidence[]>>;
+    exportMaxBytes?: number;
+    logger?: Logger;
+}
+export declare function createExportService(config: ExportServiceConfig): {
+    auditorPack(options: {
+        frameworkId?: string;
+        since?: number;
+    }): Promise<CompfnEnvelope<AuditorPack>>;
+};
+//# sourceMappingURL=service.d.ts.map

package/dist/export/service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../src/export/service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAI3C,MAAM,WAAW,mBAAmB;IAClC,kCAAkC;IAClC,YAAY,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC,CAAC;IACjE,0BAA0B;IAC1B,cAAc,EAAE,MAAM,OAAO,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAC3D,gCAAgC;IAChC,UAAU,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;IAC7D,6DAA6D;IAC7D,YAAY,EAAE,CAAC,OAAO,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,KAAK,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACvG,sEAAsE;IACtE,YAAY,EAAE,CAAC,OAAO,EAAE;QACtB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,KAAK,OAAO,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IAC1C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAiBD,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,mBAAmB;yBAKhC;QACzB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,GAAG,OAAO,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;EAsF3C"}

package/dist/export/service.js

@@ -0,0 +1,108 @@
+/**
+ * Export service: auditorPack() builds AuditorPack with optional frameworkId/since filters
+ * and enforces exportMaxBytes (EXPORT-001, LIMIT-001).
+ */
+import { EXPORT_MAX_BYTES_DEFAULT } from "../constants.js";
+import { defaultLogger } from "../logger.js";
+/**
+ * Build set of control IDs from framework(s) requirements.
+ */
+function controlIdsFromFrameworks(frameworks) {
+    const set = new Set();
+    for (const fw of frameworks) {
+        for (const req of fw.requirements) {
+            for (const cid of req.controlIds) {
+                set.add(cid);
+            }
+        }
+    }
+    return set;
+}
+export function createExportService(config) {
+    const exportMaxBytes = config.exportMaxBytes ?? EXPORT_MAX_BYTES_DEFAULT;
+    const logger = config.logger ?? defaultLogger;
+    return {
+        async auditorPack(options) {
+            logger.info("export.requested", {
+                event: "export.requested",
+                frameworkId: options.frameworkId,
+            });
+            // 1) Load frameworks: one by id or all
+            let frameworks;
+            if (options.frameworkId != null && options.frameworkId !== "") {
+                const r = await config.getFramework(options.frameworkId);
+                if (!r.ok)
+                    return r;
+                frameworks = [r.result];
+            }
+            else {
+                const r = await config.listFrameworks();
+                if (!r.ok)
+                    return r;
+                frameworks = r.result;
+            }
+            const controlIdSet = controlIdsFromFrameworks(frameworks);
+            // 2) Load controls: scoped to framework controlIds or all
+            let controls;
+            if (options.frameworkId != null && options.frameworkId !== "") {
+                controls = [];
+                for (const cid of controlIdSet) {
+                    const r = await config.getControl(cid);
+                    if (r.ok)
+                        controls.push(r.result);
+                }
+            }
+            else {
+                const r = await config.listControls();
+                if (!r.ok)
+                    return r;
+                controls = r.result;
+            }
+            // 3) Load evidence: optional frameworkId and since
+            const evidenceFilters = {};
+            if (options.frameworkId != null && options.frameworkId !== "") {
+                evidenceFilters.frameworkId = options.frameworkId;
+            }
+            if (options.since != null && Number.isFinite(options.since)) {
+                evidenceFilters.since = options.since;
+            }
+            const evRes = await config.listEvidence(evidenceFilters);
+            if (!evRes.ok)
+                return evRes;
+            const evidence = evRes.result;
+            // 4) Build mapping from framework.requirements
+            const mapping = frameworks.flatMap((fw) => fw.requirements.map((req) => ({
+                requirementId: req.requirementId,
+                controlIds: [...req.controlIds],
+            })));
+            const result = {
+                exportedAt: Date.now(),
+                frameworkId: options.frameworkId,
+                controls,
+                frameworks,
+                evidence,
+                mapping,
+            };
+            // 5) Size check
+            const serialized = JSON.stringify(result);
+            const size = new TextEncoder().encode(serialized).length;
+            if (size > exportMaxBytes) {
+                return {
+                    ok: false,
+                    error: {
+                        code: "EXPORT_FAILED",
+                        message: `Export size ${size} exceeds limit ${exportMaxBytes}`,
+                        details: { size, limit: exportMaxBytes },
+                    },
+                };
+            }
+            logger.info("export.completed", {
+                event: "export.completed",
+                frameworkId: options.frameworkId,
+                sizeBytes: size,
+            });
+            return { ok: true, result };
+        },
+    };
+}
+//# sourceMappingURL=service.js.map

package/dist/export/service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.js","sourceRoot":"","sources":["../../src/export/service.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAQH,OAAO,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAsB7C;;GAEG;AACH,SAAS,wBAAwB,CAAC,UAAuB;IACvD,MAAM,GAAG,GAAG,IAAI,GAAG,EAAU,CAAC;IAC9B,KAAK,MAAM,EAAE,IAAI,UAAU,EAAE,CAAC;QAC5B,KAAK,MAAM,GAAG,IAAI,EAAE,CAAC,YAAY,EAAE,CAAC;YAClC,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;gBACjC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACf,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAA2B;IAC7D,MAAM,cAAc,GAAG,MAAM,CAAC,cAAc,IAAI,wBAAwB,CAAC;IACzE,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,aAAa,CAAC;IAE9C,OAAO;QACL,KAAK,CAAC,WAAW,CAAC,OAGjB;YACC,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE;gBAC9B,KAAK,EAAE,kBAAkB;gBACzB,WAAW,EAAE,OAAO,CAAC,WAAW;aACjC,CAAC,CAAC;YAEH,uCAAuC;YACvC,IAAI,UAAuB,CAAC;YAC5B,IAAI,OAAO,CAAC,WAAW,IAAI,IAAI,IAAI,OAAO,CAAC,WAAW,KAAK,EAAE,EAAE,CAAC;gBAC9D,MAAM,CAAC,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBACzD,IAAI,CAAC,CAAC,CAAC,EAAE;oBAAE,OAAO,CAAC,CAAC;gBACpB,UAAU,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,GAAG,MAAM,MAAM,CAAC,cAAc,EAAE,CAAC;gBACxC,IAAI,CAAC,CAAC,CAAC,EAAE;oBAAE,OAAO,CAAC,CAAC;gBACpB,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;YACxB,CAAC;YAED,MAAM,YAAY,GAAG,wBAAwB,CAAC,UAAU,CAAC,CAAC;YAE1D,0DAA0D;YAC1D,IAAI,QAAmB,CAAC;YACxB,IAAI,OAAO,CAAC,WAAW,IAAI,IAAI,IAAI,OAAO,CAAC,WAAW,KAAK,EAAE,EAAE,CAAC;gBAC9D,QAAQ,GAAG,EAAE,CAAC;gBACd,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;oBAC/B,MAAM,CAAC,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;oBACvC,IAAI,CAAC,CAAC,EAAE;wBAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,GAAG,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;gBACtC,IAAI,CAAC,CAAC,CAAC,EAAE;oBAAE,OAAO,CAAC,CAAC;gBACpB,QAAQ,GAAG,CAAC,CAAC,MAAM,CAAC;YACtB,CAAC;YAED,mDAAmD;YACnD,MAAM,eAAe,GAA6C,EAAE,CAAC;YACrE,IAAI,OAAO,CAAC,WAAW,IAAI,IAAI,IAAI,OAAO,CAAC,WAAW,KAAK,EAAE,EAAE,CAAC;gBAC9D,eAAe,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;YACpD,CAAC;YACD,IAAI,OAAO,CAAC,KAAK,IAAI,IAAI,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5D,eAAe,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;YACxC,CAAC;YACD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC;YACzD,IAAI,CAAC,KAAK,CAAC,EAAE;gBAAE,OAAO,KAAK,CAAC;YAC5B,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC;YAE9B,+CAA+C;YAC/C,MAAM,OAAO,GAA2D,UAAU,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,CAChG,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;gBAC5B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,CAAC,GAAG,GAAG,CAAC,UAAU,CAAC;aAChC,CAAC,CAAC,CACJ,CAAC;YAEF,MAAM,MAAM,GAAgB;gBAC1B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE;gBACtB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,QAAQ;gBACR,UAAU;gBACV,QAAQ;gBACR,OAAO;aACR,CAAC;YAEF,gBAAgB;YAChB,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,IAAI,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC;YACzD,IAAI,IAAI,GAAG,cAAc,EAAE,CAAC;gBAC1B,OAAO;oBACL,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE;wBACL,IAAI,EAAE,eAAe;wBACrB,OAAO,EAAE,eAAe,IAAI,kBAAkB,cAAc,EAAE;wBAC9D,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,cAAc,EAAE;qBACzC;iBACF,CAAC;YACJ,CAAC;YAED,MAAM,CAAC,IAAI,CAAC,kBAAkB,EAAE;gBAC9B,KAAK,EAAE,kBAAkB;gBACzB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,SAAS,EAAE,IAAI;aAChB,CAAC,CAAC;YAEH,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;QAC9B,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/export-types.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Export types: AuditorPack.
+ */
+import type { Control } from "./control.js";
+import type { Framework } from "./framework.js";
+import type { Evidence } from "./evidence.js";
+export interface AuditorPack {
+    exportedAt: number;
+    frameworkId?: string;
+    controls: Control[];
+    frameworks: Framework[];
+    evidence: Evidence[];
+    mapping: Array<{
+        requirementId: string;
+        controlIds: string[];
+    }>;
+}
+//# sourceMappingURL=export-types.d.ts.map

package/dist/export-types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"export-types.d.ts","sourceRoot":"","sources":["../src/export-types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAE9C,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,UAAU,EAAE,SAAS,EAAE,CAAC;IACxB,QAAQ,EAAE,QAAQ,EAAE,CAAC;IACrB,OAAO,EAAE,KAAK,CAAC;QAAE,aAAa,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;CACjE"}

package/dist/export-types.js

@@ -0,0 +1,5 @@
+/**
+ * Export types: AuditorPack.
+ */
+export {};
+//# sourceMappingURL=export-types.js.map

package/dist/export-types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"export-types.js","sourceRoot":"","sources":["../src/export-types.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/framework.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Framework types: Framework, FrameworkRequirement, CreateFrameworkInput.
+ */
+export interface FrameworkRequirement {
+    requirementId: string;
+    controlIds: string[];
+    name?: string;
+}
+export interface Framework {
+    id: string;
+    name: string;
+    version?: string;
+    description?: string;
+    requirements: FrameworkRequirement[];
+    createdAt: number;
+    updatedAt: number;
+}
+export interface CreateFrameworkInput {
+    name: string;
+    version?: string;
+    description?: string;
+    requirements: FrameworkRequirement[];
+}
+//# sourceMappingURL=framework.d.ts.map

package/dist/framework.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"framework.d.ts","sourceRoot":"","sources":["../src/framework.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,oBAAoB;IACnC,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,SAAS;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,oBAAoB,EAAE,CAAC;IACrC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,oBAAoB,EAAE,CAAC;CACtC"}

package/dist/framework.js

@@ -0,0 +1,5 @@
+/**
+ * Framework types: Framework, FrameworkRequirement, CreateFrameworkInput.
+ */
+export {};
+//# sourceMappingURL=framework.js.map

package/dist/framework.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"framework.js","sourceRoot":"","sources":["../src/framework.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/frameworks/service.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Frameworks CRUD service with requirement/controlId validation (FW-001, FW-002, LIMIT-001).
+ * All methods return CompfnEnvelope; FRAMEWORK_NOT_FOUND when id does not exist;
+ * VALIDATION_FAILED when requirement controlIds reference nonexistent control or limits exceeded.
+ */
+import type { Adapter } from "@superfunctions/db";
+import type { Framework, CreateFrameworkInput } from "../framework.js";
+import type { CompfnEnvelope } from "../errors.js";
+export interface FrameworksServiceConfig {
+    database: Adapter;
+    namespace?: string;
+    /** Check that a control exists by id (e.g. from controls.get(id).then(r => r.ok)) */
+    existsControl: (controlId: string) => Promise<boolean>;
+}
+export declare function createFrameworksService(config: FrameworksServiceConfig): {
+    create(input: CreateFrameworkInput): Promise<CompfnEnvelope<Framework>>;
+    get(id: string): Promise<CompfnEnvelope<Framework>>;
+    list(): Promise<CompfnEnvelope<Framework[]>>;
+    update(id: string, input: Partial<CreateFrameworkInput>): Promise<CompfnEnvelope<Framework>>;
+    delete(id: string): Promise<CompfnEnvelope<void>>;
+};
+//# sourceMappingURL=service.d.ts.map

package/dist/frameworks/service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"service.d.ts","sourceRoot":"","sources":["../../src/frameworks/service.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,KAAK,EACV,SAAS,EACT,oBAAoB,EAErB,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,EAAE,cAAc,EAAe,MAAM,cAAc,CAAC;AAQhE,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,qFAAqF;IACrF,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;CACxD;AAiED,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,uBAAuB;kBAQ/C,oBAAoB,GAAG,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;YAyC/D,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;YA+B3C,OAAO,CAAC,cAAc,CAAC,SAAS,EAAE,CAAC,CAAC;eAuB5C,MAAM,SACH,OAAO,CAAC,oBAAoB,CAAC,GACnC,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;eAqEpB,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;EAqC1D"}