npm - gazetta - Versions diffs - 0.7.0 → 0.8.0 - Mend

gazetta 0.7.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (738) hide show

package/admin-dist/assets/index-CBeq0rRb.js +693 -0
package/admin-dist/assets/index-Dtg1dTZQ.css +1 -0
package/admin-dist/assets/rolldown-runtime-BYbx6iT9.js +1 -0
package/admin-dist/assets/{vendor-primevue-C0Q_YTCb.js → vendor-primevue-CBGHkaXv.js} +183 -39
package/admin-dist/assets/{vendor-react-BipDVGow.js → vendor-react-BdW_kNCG.js} +2 -2
package/admin-dist/assets/vendor-rjsf-lN2SztQt.js +33 -0
package/admin-dist/assets/vendor-tiptap-C36yDquB.js +141 -0
package/admin-dist/assets/vendor-vue-Bt5uR1VW.js +1 -0
package/admin-dist/assets/workbox-window.prod.es5-DGMtIXHc.js +2 -0
package/admin-dist/index.html +8 -8
package/admin-dist/sw.js +1 -0
package/dist/admin-api/archived-name-conflict.d.ts +31 -0
package/dist/admin-api/archived-name-conflict.d.ts.map +1 -0
package/dist/admin-api/archived-name-conflict.js +226 -0
package/dist/admin-api/archived-name-conflict.js.map +1 -0
package/dist/admin-api/cache-stats-logger.d.ts +83 -0
package/dist/admin-api/cache-stats-logger.d.ts.map +1 -0
package/dist/admin-api/cache-stats-logger.js +59 -0
package/dist/admin-api/cache-stats-logger.js.map +1 -0
package/dist/admin-api/hook-audit-emitter.d.ts +38 -0
package/dist/admin-api/hook-audit-emitter.d.ts.map +1 -0
package/dist/admin-api/hook-audit-emitter.js +21 -0
package/dist/admin-api/hook-audit-emitter.js.map +1 -0
package/dist/admin-api/index.d.ts +84 -0
package/dist/admin-api/index.d.ts.map +1 -1
package/dist/admin-api/index.js +254 -9
package/dist/admin-api/index.js.map +1 -1
package/dist/admin-api/middleware/audit.d.ts +25 -0
package/dist/admin-api/middleware/audit.d.ts.map +1 -0
package/dist/admin-api/middleware/audit.js +65 -0
package/dist/admin-api/middleware/audit.js.map +1 -0
package/dist/admin-api/middleware/capability.d.ts +8 -0
package/dist/admin-api/middleware/capability.d.ts.map +1 -0
package/dist/admin-api/middleware/capability.js +65 -0
package/dist/admin-api/middleware/capability.js.map +1 -0
package/dist/admin-api/middleware/principal.d.ts +18 -0
package/dist/admin-api/middleware/principal.d.ts.map +1 -0
package/dist/admin-api/middleware/principal.js +128 -0
package/dist/admin-api/middleware/principal.js.map +1 -0
package/dist/admin-api/routes/archive-review.d.ts +80 -0
package/dist/admin-api/routes/archive-review.d.ts.map +1 -0
package/dist/admin-api/routes/archive-review.js +70 -0
package/dist/admin-api/routes/archive-review.js.map +1 -0
package/dist/admin-api/routes/archive.d.ts +145 -0
package/dist/admin-api/routes/archive.d.ts.map +1 -0
package/dist/admin-api/routes/archive.js +540 -0
package/dist/admin-api/routes/archive.js.map +1 -0
package/dist/admin-api/routes/assets.d.ts +6 -1
package/dist/admin-api/routes/assets.d.ts.map +1 -1
package/dist/admin-api/routes/assets.js +167 -14
package/dist/admin-api/routes/assets.js.map +1 -1
package/dist/admin-api/routes/audit.d.ts +71 -0
package/dist/admin-api/routes/audit.d.ts.map +1 -0
package/dist/admin-api/routes/audit.js +178 -0
package/dist/admin-api/routes/audit.js.map +1 -0
package/dist/admin-api/routes/compare.d.ts.map +1 -1
package/dist/admin-api/routes/compare.js +3 -2
package/dist/admin-api/routes/compare.js.map +1 -1
package/dist/admin-api/routes/fields.d.ts.map +1 -1
package/dist/admin-api/routes/fields.js +2 -1
package/dist/admin-api/routes/fields.js.map +1 -1
package/dist/admin-api/routes/fragments.d.ts +13 -1
package/dist/admin-api/routes/fragments.d.ts.map +1 -1
package/dist/admin-api/routes/fragments.js +127 -92
package/dist/admin-api/routes/fragments.js.map +1 -1
package/dist/admin-api/routes/health.d.ts +60 -0
package/dist/admin-api/routes/health.d.ts.map +1 -0
package/dist/admin-api/routes/health.js +65 -0
package/dist/admin-api/routes/health.js.map +1 -0
package/dist/admin-api/routes/history.d.ts +2 -1
package/dist/admin-api/routes/history.d.ts.map +1 -1
package/dist/admin-api/routes/history.js +26 -4
package/dist/admin-api/routes/history.js.map +1 -1
package/dist/admin-api/routes/pages.d.ts +20 -1
package/dist/admin-api/routes/pages.d.ts.map +1 -1
package/dist/admin-api/routes/pages.js +157 -117
package/dist/admin-api/routes/pages.js.map +1 -1
package/dist/admin-api/routes/preview.d.ts.map +1 -1
package/dist/admin-api/routes/preview.js +56 -17
package/dist/admin-api/routes/preview.js.map +1 -1
package/dist/admin-api/routes/publish.d.ts +19 -1
package/dist/admin-api/routes/publish.d.ts.map +1 -1
package/dist/admin-api/routes/publish.js +508 -92
package/dist/admin-api/routes/publish.js.map +1 -1
package/dist/admin-api/routes/rename.d.ts +62 -0
package/dist/admin-api/routes/rename.d.ts.map +1 -0
package/dist/admin-api/routes/rename.js +366 -0
package/dist/admin-api/routes/rename.js.map +1 -0
package/dist/admin-api/routes/site.d.ts.map +1 -1
package/dist/admin-api/routes/site.js +6 -18
package/dist/admin-api/routes/site.js.map +1 -1
package/dist/admin-api/routes/system.d.ts +23 -0
package/dist/admin-api/routes/system.d.ts.map +1 -0
package/dist/admin-api/routes/system.js +115 -0
package/dist/admin-api/routes/system.js.map +1 -0
package/dist/admin-api/routes/templates.d.ts +11 -1
package/dist/admin-api/routes/templates.d.ts.map +1 -1
package/dist/admin-api/routes/templates.js +36 -3
package/dist/admin-api/routes/templates.js.map +1 -1
package/dist/admin-api/routes/validation.d.ts +47 -0
package/dist/admin-api/routes/validation.d.ts.map +1 -0
package/dist/admin-api/routes/validation.js +120 -0
package/dist/admin-api/routes/validation.js.map +1 -0
package/dist/admin-api/schemas/archive.d.ts +124 -0
package/dist/admin-api/schemas/archive.d.ts.map +1 -0
package/dist/admin-api/schemas/archive.js +93 -0
package/dist/admin-api/schemas/archive.js.map +1 -0
package/dist/admin-api/schemas/assets.d.ts +16 -0
package/dist/admin-api/schemas/assets.d.ts.map +1 -1
package/dist/admin-api/schemas/assets.js +15 -0
package/dist/admin-api/schemas/assets.js.map +1 -1
package/dist/admin-api/schemas/audit.d.ts +175 -0
package/dist/admin-api/schemas/audit.d.ts.map +1 -0
package/dist/admin-api/schemas/audit.js +91 -0
package/dist/admin-api/schemas/audit.js.map +1 -0
package/dist/admin-api/schemas/error.d.ts +94 -0
package/dist/admin-api/schemas/error.d.ts.map +1 -0
package/dist/admin-api/schemas/error.js +79 -0
package/dist/admin-api/schemas/error.js.map +1 -0
package/dist/admin-api/schemas/fragments.d.ts +2 -0
package/dist/admin-api/schemas/fragments.d.ts.map +1 -1
package/dist/admin-api/schemas/fragments.js +4 -0
package/dist/admin-api/schemas/fragments.js.map +1 -1
package/dist/admin-api/schemas/index.d.ts +8 -0
package/dist/admin-api/schemas/index.d.ts.map +1 -1
package/dist/admin-api/schemas/index.js +8 -0
package/dist/admin-api/schemas/index.js.map +1 -1
package/dist/admin-api/schemas/pages.d.ts +2 -0
package/dist/admin-api/schemas/pages.d.ts.map +1 -1
package/dist/admin-api/schemas/pages.js +11 -0
package/dist/admin-api/schemas/pages.js.map +1 -1
package/dist/admin-api/schemas/rename.d.ts +77 -0
package/dist/admin-api/schemas/rename.d.ts.map +1 -0
package/dist/admin-api/schemas/rename.js +75 -0
package/dist/admin-api/schemas/rename.js.map +1 -0
package/dist/admin-api/schemas/site.d.ts +3 -2
package/dist/admin-api/schemas/site.d.ts.map +1 -1
package/dist/admin-api/schemas/site.js +3 -2
package/dist/admin-api/schemas/site.js.map +1 -1
package/dist/admin-api/schemas/system.d.ts +28 -0
package/dist/admin-api/schemas/system.d.ts.map +1 -0
package/dist/admin-api/schemas/system.js +35 -0
package/dist/admin-api/schemas/system.js.map +1 -0
package/dist/admin-api/schemas/targets.d.ts +55 -0
package/dist/admin-api/schemas/targets.d.ts.map +1 -1
package/dist/admin-api/schemas/targets.js +46 -0
package/dist/admin-api/schemas/targets.js.map +1 -1
package/dist/admin-api/schemas/templates.d.ts +54 -0
package/dist/admin-api/schemas/templates.d.ts.map +1 -1
package/dist/admin-api/schemas/templates.js +21 -0
package/dist/admin-api/schemas/templates.js.map +1 -1
package/dist/admin-api/schemas/validation.d.ts +101 -0
package/dist/admin-api/schemas/validation.d.ts.map +1 -0
package/dist/admin-api/schemas/validation.js +57 -0
package/dist/admin-api/schemas/validation.js.map +1 -0
package/dist/admin-api/source-context.d.ts +66 -10
package/dist/admin-api/source-context.d.ts.map +1 -1
package/dist/admin-api/source-context.js +43 -5
package/dist/admin-api/source-context.js.map +1 -1
package/dist/ai/adapter-scaffold.d.ts +63 -0
package/dist/ai/adapter-scaffold.d.ts.map +1 -0
package/dist/ai/adapter-scaffold.js +89 -0
package/dist/ai/adapter-scaffold.js.map +1 -0
package/dist/ai/compose-prompt.d.ts +50 -0
package/dist/ai/compose-prompt.d.ts.map +1 -0
package/dist/ai/compose-prompt.js +49 -0
package/dist/ai/compose-prompt.js.map +1 -0
package/dist/ai/errors.d.ts +65 -0
package/dist/ai/errors.d.ts.map +1 -0
package/dist/ai/errors.js +59 -0
package/dist/ai/errors.js.map +1 -0
package/dist/ai/index.d.ts +17 -0
package/dist/ai/index.d.ts.map +1 -0
package/dist/ai/index.js +16 -0
package/dist/ai/index.js.map +1 -0
package/dist/ai/provider.d.ts +76 -0
package/dist/ai/provider.d.ts.map +1 -0
package/dist/ai/provider.js +13 -0
package/dist/ai/provider.js.map +1 -0
package/dist/ai/refusal.d.ts +50 -0
package/dist/ai/refusal.d.ts.map +1 -0
package/dist/ai/refusal.js +100 -0
package/dist/ai/refusal.js.map +1 -0
package/dist/ai/vision-prep.d.ts +32 -0
package/dist/ai/vision-prep.d.ts.map +1 -0
package/dist/ai/vision-prep.js +113 -0
package/dist/ai/vision-prep.js.map +1 -0
package/dist/alt/adapter.d.ts +140 -0
package/dist/alt/adapter.d.ts.map +1 -0
package/dist/alt/adapter.js +7 -0
package/dist/alt/adapter.js.map +1 -0
package/dist/alt/anthropic.d.ts +63 -0
package/dist/alt/anthropic.d.ts.map +1 -0
package/dist/alt/anthropic.js +147 -0
package/dist/alt/anthropic.js.map +1 -0
package/dist/alt/config.d.ts +67 -0
package/dist/alt/config.d.ts.map +1 -0
package/dist/alt/config.js +41 -0
package/dist/alt/config.js.map +1 -0
package/dist/alt/factory.d.ts +19 -0
package/dist/alt/factory.d.ts.map +1 -0
package/dist/alt/factory.js +69 -0
package/dist/alt/factory.js.map +1 -0
package/dist/alt/null-adapter.d.ts +3 -0
package/dist/alt/null-adapter.d.ts.map +1 -0
package/dist/alt/null-adapter.js +43 -0
package/dist/alt/null-adapter.js.map +1 -0
package/dist/alt/ollama.d.ts +40 -0
package/dist/alt/ollama.d.ts.map +1 -0
package/dist/alt/ollama.js +139 -0
package/dist/alt/ollama.js.map +1 -0
package/dist/alt/openai.d.ts +46 -0
package/dist/alt/openai.d.ts.map +1 -0
package/dist/alt/openai.js +118 -0
package/dist/alt/openai.js.map +1 -0
package/dist/alt/prompt-policies.d.ts +79 -0
package/dist/alt/prompt-policies.d.ts.map +1 -0
package/dist/alt/prompt-policies.js +67 -0
package/dist/alt/prompt-policies.js.map +1 -0
package/dist/alt/route-handler.d.ts +56 -0
package/dist/alt/route-handler.d.ts.map +1 -0
package/dist/alt/route-handler.js +122 -0
package/dist/alt/route-handler.js.map +1 -0
package/dist/alt/suggester.d.ts +57 -0
package/dist/alt/suggester.d.ts.map +1 -0
package/dist/alt/suggester.js +133 -0
package/dist/alt/suggester.js.map +1 -0
package/dist/app.js +1 -1
package/dist/app.js.map +1 -1
package/dist/archive-aliases.d.ts +79 -0
package/dist/archive-aliases.d.ts.map +1 -0
package/dist/archive-aliases.js +60 -0
package/dist/archive-aliases.js.map +1 -0
package/dist/archive-helpers.d.ts +73 -0
package/dist/archive-helpers.d.ts.map +1 -0
package/dist/archive-helpers.js +94 -0
package/dist/archive-helpers.js.map +1 -0
package/dist/assets/find-refs.d.ts +1 -1
package/dist/assets/find-refs.js +1 -1
package/dist/assets/find-refs.js.map +1 -1
package/dist/assets/rename.js +1 -1
package/dist/assets/rename.js.map +1 -1
package/dist/assets/replace.js +1 -1
package/dist/assets/replace.js.map +1 -1
package/dist/assets/resolve.js +4 -4
package/dist/assets/resolve.js.map +1 -1
package/dist/assets/serve-route.js +2 -2
package/dist/assets/serve-route.js.map +1 -1
package/dist/assets/validate.d.ts +1 -1
package/dist/assets/validate.js +1 -1
package/dist/audit/config.d.ts +75 -0
package/dist/audit/config.d.ts.map +1 -0
package/dist/audit/config.js +91 -0
package/dist/audit/config.js.map +1 -0
package/dist/audit/context.d.ts +98 -0
package/dist/audit/context.d.ts.map +1 -0
package/dist/audit/context.js +51 -0
package/dist/audit/context.js.map +1 -0
package/dist/audit/errors.d.ts +73 -0
package/dist/audit/errors.d.ts.map +1 -0
package/dist/audit/errors.js +78 -0
package/dist/audit/errors.js.map +1 -0
package/dist/audit/index.d.ts +16 -0
package/dist/audit/index.d.ts.map +1 -0
package/dist/audit/index.js +10 -0
package/dist/audit/index.js.map +1 -0
package/dist/audit/provider.d.ts +73 -0
package/dist/audit/provider.d.ts.map +1 -0
package/dist/audit/provider.js +2 -0
package/dist/audit/provider.js.map +1 -0
package/dist/audit/providers/history.d.ts +66 -0
package/dist/audit/providers/history.d.ts.map +1 -0
package/dist/audit/providers/history.js +102 -0
package/dist/audit/providers/history.js.map +1 -0
package/dist/audit/pseudonymize.d.ts +26 -0
package/dist/audit/pseudonymize.d.ts.map +1 -0
package/dist/audit/pseudonymize.js +86 -0
package/dist/audit/pseudonymize.js.map +1 -0
package/dist/audit/recorder.d.ts +102 -0
package/dist/audit/recorder.d.ts.map +1 -0
package/dist/audit/recorder.js +55 -0
package/dist/audit/recorder.js.map +1 -0
package/dist/audit/retention.d.ts +83 -0
package/dist/audit/retention.d.ts.map +1 -0
package/dist/audit/retention.js +142 -0
package/dist/audit/retention.js.map +1 -0
package/dist/audit/source-ip.d.ts +32 -0
package/dist/audit/source-ip.d.ts.map +1 -0
package/dist/audit/source-ip.js +164 -0
package/dist/audit/source-ip.js.map +1 -0
package/dist/audit/types.d.ts +143 -0
package/dist/audit/types.d.ts.map +1 -0
package/dist/audit/types.js +33 -0
package/dist/audit/types.js.map +1 -0
package/dist/audit/user-agent.d.ts +28 -0
package/dist/audit/user-agent.d.ts.map +1 -0
package/dist/audit/user-agent.js +63 -0
package/dist/audit/user-agent.js.map +1 -0
package/dist/auth/capabilities.d.ts +28 -0
package/dist/auth/capabilities.d.ts.map +1 -0
package/dist/auth/capabilities.js +101 -0
package/dist/auth/capabilities.js.map +1 -0
package/dist/auth/config.d.ts +109 -0
package/dist/auth/config.d.ts.map +1 -0
package/dist/auth/config.js +221 -0
package/dist/auth/config.js.map +1 -0
package/dist/auth/errors.d.ts +72 -0
package/dist/auth/errors.d.ts.map +1 -0
package/dist/auth/errors.js +78 -0
package/dist/auth/errors.js.map +1 -0
package/dist/auth/factory.d.ts +43 -0
package/dist/auth/factory.d.ts.map +1 -0
package/dist/auth/factory.js +48 -0
package/dist/auth/factory.js.map +1 -0
package/dist/auth/index.d.ts +21 -0
package/dist/auth/index.d.ts.map +1 -0
package/dist/auth/index.js +14 -0
package/dist/auth/index.js.map +1 -0
package/dist/auth/ip-match.d.ts +29 -0
package/dist/auth/ip-match.d.ts.map +1 -0
package/dist/auth/ip-match.js +162 -0
package/dist/auth/ip-match.js.map +1 -0
package/dist/auth/provider.d.ts +76 -0
package/dist/auth/provider.d.ts.map +1 -0
package/dist/auth/provider.js +2 -0
package/dist/auth/provider.js.map +1 -0
package/dist/auth/providers/aws-cognito.d.ts +55 -0
package/dist/auth/providers/aws-cognito.d.ts.map +1 -0
package/dist/auth/providers/aws-cognito.js +114 -0
package/dist/auth/providers/aws-cognito.js.map +1 -0
package/dist/auth/providers/azure-easy-auth.d.ts +7 -0
package/dist/auth/providers/azure-easy-auth.d.ts.map +1 -0
package/dist/auth/providers/azure-easy-auth.js +48 -0
package/dist/auth/providers/azure-easy-auth.js.map +1 -0
package/dist/auth/providers/cloudflare-access.d.ts +71 -0
package/dist/auth/providers/cloudflare-access.d.ts.map +1 -0
package/dist/auth/providers/cloudflare-access.js +120 -0
package/dist/auth/providers/cloudflare-access.js.map +1 -0
package/dist/auth/providers/forwarded-user.d.ts +31 -0
package/dist/auth/providers/forwarded-user.d.ts.map +1 -0
package/dist/auth/providers/forwarded-user.js +72 -0
package/dist/auth/providers/forwarded-user.js.map +1 -0
package/dist/auth/providers/none.d.ts +6 -0
package/dist/auth/providers/none.d.ts.map +1 -0
package/dist/auth/providers/none.js +19 -0
package/dist/auth/providers/none.js.map +1 -0
package/dist/auth/providers/tailscale.d.ts +7 -0
package/dist/auth/providers/tailscale.d.ts.map +1 -0
package/dist/auth/providers/tailscale.js +30 -0
package/dist/auth/providers/tailscale.js.map +1 -0
package/dist/auth/role-resolver.d.ts +38 -0
package/dist/auth/role-resolver.d.ts.map +1 -0
package/dist/auth/role-resolver.js +92 -0
package/dist/auth/role-resolver.js.map +1 -0
package/dist/auth/types.d.ts +150 -0
package/dist/auth/types.d.ts.map +1 -0
package/dist/auth/types.js +60 -0
package/dist/auth/types.js.map +1 -0
package/dist/cache/errors.d.ts +41 -0
package/dist/cache/errors.d.ts.map +1 -0
package/dist/cache/errors.js +44 -0
package/dist/cache/errors.js.map +1 -0
package/dist/cache/factories.d.ts +17 -0
package/dist/cache/factories.d.ts.map +1 -0
package/dist/cache/factories.js +17 -0
package/dist/cache/factories.js.map +1 -0
package/dist/cache/keys.d.ts +63 -0
package/dist/cache/keys.d.ts.map +1 -0
package/dist/cache/keys.js +145 -0
package/dist/cache/keys.js.map +1 -0
package/dist/cache/memory.d.ts +51 -0
package/dist/cache/memory.d.ts.map +1 -0
package/dist/cache/memory.js +204 -0
package/dist/cache/memory.js.map +1 -0
package/dist/cache/per-site.d.ts +22 -0
package/dist/cache/per-site.d.ts.map +1 -0
package/dist/cache/per-site.js +114 -0
package/dist/cache/per-site.js.map +1 -0
package/dist/cache/types.d.ts +142 -0
package/dist/cache/types.d.ts.map +1 -0
package/dist/cache/types.js +33 -0
package/dist/cache/types.js.map +1 -0
package/dist/cli/archive.d.ts +44 -0
package/dist/cli/archive.d.ts.map +1 -0
package/dist/cli/archive.js +310 -0
package/dist/cli/archive.js.map +1 -0
package/dist/cli/bootstrap.d.ts +15 -8
package/dist/cli/bootstrap.d.ts.map +1 -1
package/dist/cli/bootstrap.js +59 -23
package/dist/cli/bootstrap.js.map +1 -1
package/dist/cli/dev-template-watcher.d.ts +29 -0
package/dist/cli/dev-template-watcher.d.ts.map +1 -0
package/dist/cli/dev-template-watcher.js +38 -0
package/dist/cli/dev-template-watcher.js.map +1 -0
package/dist/cli/history.d.ts.map +1 -1
package/dist/cli/history.js +5 -3
package/dist/cli/history.js.map +1 -1
package/dist/cli/index.js +712 -395
package/dist/cli/index.js.map +1 -1
package/dist/cli/validate-flags.d.ts +29 -0
package/dist/cli/validate-flags.d.ts.map +1 -0
package/dist/cli/validate-flags.js +49 -0
package/dist/cli/validate-flags.js.map +1 -0
package/dist/compare.d.ts +1 -1
package/dist/compare.d.ts.map +1 -1
package/dist/compare.js +25 -23
package/dist/compare.js.map +1 -1
package/dist/component-ids.d.ts +25 -0
package/dist/component-ids.d.ts.map +1 -0
package/dist/component-ids.js +83 -0
package/dist/component-ids.js.map +1 -0
package/dist/config/define.d.ts +61 -0
package/dist/config/define.d.ts.map +1 -0
package/dist/config/define.js +64 -0
package/dist/config/define.js.map +1 -0
package/dist/config/errors.d.ts +32 -0
package/dist/config/errors.d.ts.map +1 -0
package/dist/config/errors.js +40 -0
package/dist/config/errors.js.map +1 -0
package/dist/config/index.d.ts +13 -0
package/dist/config/index.d.ts.map +1 -0
package/dist/config/index.js +20 -0
package/dist/config/index.js.map +1 -0
package/dist/config/loader.d.ts +105 -0
package/dist/config/loader.d.ts.map +1 -0
package/dist/config/loader.js +265 -0
package/dist/config/loader.js.map +1 -0
package/dist/config/schemas.d.ts +89 -0
package/dist/config/schemas.d.ts.map +1 -0
package/dist/config/schemas.js +172 -0
package/dist/config/schemas.js.map +1 -0
package/dist/config/types.d.ts +32 -0
package/dist/config/types.d.ts.map +1 -0
package/dist/config/types.js +15 -0
package/dist/config/types.js.map +1 -0
package/dist/deploy/cloudflare-workers.d.ts +46 -0
package/dist/deploy/cloudflare-workers.d.ts.map +1 -0
package/dist/deploy/cloudflare-workers.js +213 -0
package/dist/deploy/cloudflare-workers.js.map +1 -0
package/dist/deploy/errors.d.ts +66 -0
package/dist/deploy/errors.d.ts.map +1 -0
package/dist/deploy/errors.js +82 -0
package/dist/deploy/errors.js.map +1 -0
package/dist/deploy/index.d.ts +9 -0
package/dist/deploy/index.d.ts.map +1 -0
package/dist/deploy/index.js +3 -0
package/dist/deploy/index.js.map +1 -0
package/dist/deploy/types.d.ts +162 -0
package/dist/deploy/types.d.ts.map +1 -0
package/dist/deploy/types.js +2 -0
package/dist/deploy/types.js.map +1 -0
package/dist/fragments/create.d.ts +70 -0
package/dist/fragments/create.d.ts.map +1 -0
package/dist/fragments/create.js +93 -0
package/dist/fragments/create.js.map +1 -0
package/dist/fragments/publish.d.ts +37 -0
package/dist/fragments/publish.d.ts.map +1 -0
package/dist/fragments/publish.js +52 -0
package/dist/fragments/publish.js.map +1 -0
package/dist/fragments/save.d.ts +81 -0
package/dist/fragments/save.d.ts.map +1 -0
package/dist/fragments/save.js +105 -0
package/dist/fragments/save.js.map +1 -0
package/dist/history-recorder.d.ts +5 -5
package/dist/history-recorder.d.ts.map +1 -1
package/dist/history-recorder.js +4 -4
package/dist/history-recorder.js.map +1 -1
package/dist/history-restorer.js +2 -2
package/dist/history-restorer.js.map +1 -1
package/dist/history.d.ts +1 -1
package/dist/hooks/audit-emitter.d.ts +73 -0
package/dist/hooks/audit-emitter.d.ts.map +1 -0
package/dist/hooks/audit-emitter.js +13 -0
package/dist/hooks/audit-emitter.js.map +1 -0
package/dist/hooks/context.d.ts +78 -0
package/dist/hooks/context.d.ts.map +1 -0
package/dist/hooks/context.js +56 -0
package/dist/hooks/context.js.map +1 -0
package/dist/hooks/contribution.d.ts +90 -0
package/dist/hooks/contribution.d.ts.map +1 -0
package/dist/hooks/contribution.js +2 -0
package/dist/hooks/contribution.js.map +1 -0
package/dist/hooks/dispatch.d.ts +30 -0
package/dist/hooks/dispatch.d.ts.map +1 -0
package/dist/hooks/dispatch.js +252 -0
package/dist/hooks/dispatch.js.map +1 -0
package/dist/hooks/errors.d.ts +100 -0
package/dist/hooks/errors.d.ts.map +1 -0
package/dist/hooks/errors.js +103 -0
package/dist/hooks/errors.js.map +1 -0
package/dist/hooks/index.d.ts +15 -0
package/dist/hooks/index.d.ts.map +1 -0
package/dist/hooks/index.js +6 -0
package/dist/hooks/index.js.map +1 -0
package/dist/hooks/registry.d.ts +53 -0
package/dist/hooks/registry.d.ts.map +1 -0
package/dist/hooks/registry.js +139 -0
package/dist/hooks/registry.js.map +1 -0
package/dist/hooks/storage.d.ts +43 -0
package/dist/hooks/storage.d.ts.map +1 -0
package/dist/hooks/storage.js +2 -0
package/dist/hooks/storage.js.map +1 -0
package/dist/hooks/types.d.ts +324 -0
package/dist/hooks/types.d.ts.map +1 -0
package/dist/hooks/types.js +2 -0
package/dist/hooks/types.js.map +1 -0
package/dist/index.d.ts +26 -6
package/dist/index.d.ts.map +1 -1
package/dist/index.js +49 -5
package/dist/index.js.map +1 -1
package/dist/locale.d.ts +5 -1
package/dist/locale.d.ts.map +1 -1
package/dist/locale.js +6 -2
package/dist/locale.js.map +1 -1
package/dist/manifest-save.d.ts +255 -0
package/dist/manifest-save.d.ts.map +1 -0
package/dist/manifest-save.js +260 -0
package/dist/manifest-save.js.map +1 -0
package/dist/manifest.d.ts +1 -2
package/dist/manifest.d.ts.map +1 -1
package/dist/manifest.js +43 -44
package/dist/manifest.js.map +1 -1
package/dist/node-floor.d.ts +3 -0
package/dist/node-floor.d.ts.map +1 -0
package/dist/node-floor.js +3 -0
package/dist/node-floor.js.map +1 -0
package/dist/pages/create.d.ts +103 -0
package/dist/pages/create.d.ts.map +1 -0
package/dist/pages/create.js +117 -0
package/dist/pages/create.js.map +1 -0
package/dist/pages/publish.d.ts +59 -0
package/dist/pages/publish.d.ts.map +1 -0
package/dist/pages/publish.js +78 -0
package/dist/pages/publish.js.map +1 -0
package/dist/pages/save.d.ts +97 -0
package/dist/pages/save.d.ts.map +1 -0
package/dist/pages/save.js +138 -0
package/dist/pages/save.js.map +1 -0
package/dist/providers/factories.d.ts +65 -0
package/dist/providers/factories.d.ts.map +1 -0
package/dist/providers/factories.js +189 -0
package/dist/providers/factories.js.map +1 -0
package/dist/publish-item.d.ts +225 -0
package/dist/publish-item.d.ts.map +1 -0
package/dist/publish-item.js +210 -0
package/dist/publish-item.js.map +1 -0
package/dist/publish-rendered.d.ts.map +1 -1
package/dist/publish-rendered.js +75 -6
package/dist/publish-rendered.js.map +1 -1
package/dist/publish-renderers.d.ts +132 -0
package/dist/publish-renderers.d.ts.map +1 -0
package/dist/publish-renderers.js +240 -0
package/dist/publish-renderers.js.map +1 -0
package/dist/publish-run.d.ts +223 -0
package/dist/publish-run.d.ts.map +1 -0
package/dist/publish-run.js +307 -0
package/dist/publish-run.js.map +1 -0
package/dist/publish.d.ts.map +1 -1
package/dist/publish.js +1 -10
package/dist/publish.js.map +1 -1
package/dist/render-for-analysis.d.ts +24 -0
package/dist/render-for-analysis.d.ts.map +1 -0
package/dist/render-for-analysis.js +146 -0
package/dist/render-for-analysis.js.map +1 -0
package/dist/resolver.d.ts.map +1 -1
package/dist/resolver.js +47 -23
package/dist/resolver.js.map +1 -1
package/dist/runtime/archive-marker.d.ts +62 -0
package/dist/runtime/archive-marker.d.ts.map +1 -0
package/dist/runtime/archive-marker.js +88 -0
package/dist/runtime/archive-marker.js.map +1 -0
package/dist/runtime/capability-gap-warnings.d.ts +42 -0
package/dist/runtime/capability-gap-warnings.d.ts.map +1 -0
package/dist/runtime/capability-gap-warnings.js +28 -0
package/dist/runtime/capability-gap-warnings.js.map +1 -0
package/dist/runtime/redirects-emit.d.ts +93 -0
package/dist/runtime/redirects-emit.d.ts.map +1 -0
package/dist/runtime/redirects-emit.js +89 -0
package/dist/runtime/redirects-emit.js.map +1 -0
package/dist/runtime/runtime-capabilities.d.ts +79 -0
package/dist/runtime/runtime-capabilities.d.ts.map +1 -0
package/dist/runtime/runtime-capabilities.js +60 -0
package/dist/runtime/runtime-capabilities.js.map +1 -0
package/dist/save-etag.d.ts +69 -0
package/dist/save-etag.d.ts.map +1 -0
package/dist/save-etag.js +118 -0
package/dist/save-etag.js.map +1 -0
package/dist/site-loader.d.ts +42 -4
package/dist/site-loader.d.ts.map +1 -1
package/dist/site-loader.js +27 -8
package/dist/site-loader.js.map +1 -1
package/dist/targets.d.ts +21 -12
package/dist/targets.d.ts.map +1 -1
package/dist/targets.js +27 -95
package/dist/targets.js.map +1 -1
package/dist/testing/admin-cache-contract.d.ts +52 -0
package/dist/testing/admin-cache-contract.d.ts.map +1 -0
package/dist/testing/admin-cache-contract.js +203 -0
package/dist/testing/admin-cache-contract.js.map +1 -0
package/dist/testing/index.d.ts +11 -0
package/dist/testing/index.d.ts.map +1 -0
package/dist/testing/index.js +11 -0
package/dist/testing/index.js.map +1 -0
package/dist/transforms/factories.d.ts +16 -0
package/dist/transforms/factories.d.ts.map +1 -0
package/dist/transforms/factories.js +18 -0
package/dist/transforms/factories.js.map +1 -0
package/dist/transforms/index.d.ts +10 -17
package/dist/transforms/index.d.ts.map +1 -1
package/dist/transforms/index.js +4 -28
package/dist/transforms/index.js.map +1 -1
package/dist/transforms/sharp.d.ts +15 -1
package/dist/transforms/sharp.d.ts.map +1 -1
package/dist/transforms/sharp.js +34 -20
package/dist/transforms/sharp.js.map +1 -1
package/dist/types.d.ts +379 -52
package/dist/types.d.ts.map +1 -1
package/dist/types.js +20 -1
package/dist/types.js.map +1 -1
package/dist/validation/alt-required-walker.d.ts +27 -0
package/dist/validation/alt-required-walker.d.ts.map +1 -0
package/dist/validation/alt-required-walker.js +108 -0
package/dist/validation/alt-required-walker.js.map +1 -0
package/dist/validation/default-registry.d.ts +12 -0
package/dist/validation/default-registry.d.ts.map +1 -0
package/dist/validation/default-registry.js +55 -0
package/dist/validation/default-registry.js.map +1 -0
package/dist/validation/publish-audit.d.ts +44 -0
package/dist/validation/publish-audit.d.ts.map +1 -0
package/dist/validation/publish-audit.js +64 -0
package/dist/validation/publish-audit.js.map +1 -0
package/dist/validation/registry.d.ts +23 -0
package/dist/validation/registry.d.ts.map +1 -0
package/dist/validation/registry.js +15 -0
package/dist/validation/registry.js.map +1 -0
package/dist/validation/save-delta.d.ts +46 -0
package/dist/validation/save-delta.d.ts.map +1 -0
package/dist/validation/save-delta.js +57 -0
package/dist/validation/save-delta.js.map +1 -0
package/dist/validation/scanner.d.ts +91 -0
package/dist/validation/scanner.d.ts.map +1 -0
package/dist/validation/scanner.js +327 -0
package/dist/validation/scanner.js.map +1 -0
package/dist/validation/template-impact.d.ts +52 -0
package/dist/validation/template-impact.d.ts.map +1 -0
package/dist/validation/template-impact.js +53 -0
package/dist/validation/template-impact.js.map +1 -0
package/dist/validation/types.d.ts +123 -0
package/dist/validation/types.d.ts.map +1 -0
package/dist/validation/types.js +7 -0
package/dist/validation/types.js.map +1 -0
package/dist/validation/validators/accessibility.d.ts +3 -0
package/dist/validation/validators/accessibility.d.ts.map +1 -0
package/dist/validation/validators/accessibility.js +106 -0
package/dist/validation/validators/accessibility.js.map +1 -0
package/dist/validation/validators/aliasof-points-to-archived.d.ts +40 -0
package/dist/validation/validators/aliasof-points-to-archived.d.ts.map +1 -0
package/dist/validation/validators/aliasof-points-to-archived.js +34 -0
package/dist/validation/validators/aliasof-points-to-archived.js.map +1 -0
package/dist/validation/validators/alt-required.d.ts +3 -0
package/dist/validation/validators/alt-required.d.ts.map +1 -0
package/dist/validation/validators/alt-required.js +118 -0
package/dist/validation/validators/alt-required.js.map +1 -0
package/dist/validation/validators/archive-not-supported-on-target.d.ts +3 -0
package/dist/validation/validators/archive-not-supported-on-target.d.ts.map +1 -0
package/dist/validation/validators/archive-not-supported-on-target.js +38 -0
package/dist/validation/validators/archive-not-supported-on-target.js.map +1 -0
package/dist/validation/validators/broken-links.d.ts +3 -0
package/dist/validation/validators/broken-links.d.ts.map +1 -0
package/dist/validation/validators/broken-links.js +190 -0
package/dist/validation/validators/broken-links.js.map +1 -0
package/dist/validation/validators/circular-alias.d.ts +36 -0
package/dist/validation/validators/circular-alias.d.ts.map +1 -0
package/dist/validation/validators/circular-alias.js +63 -0
package/dist/validation/validators/circular-alias.js.map +1 -0
package/dist/validation/validators/circular-fragment.d.ts +15 -0
package/dist/validation/validators/circular-fragment.d.ts.map +1 -0
package/dist/validation/validators/circular-fragment.js +97 -0
package/dist/validation/validators/circular-fragment.js.map +1 -0
package/dist/validation/validators/dangling-alias.d.ts +38 -0
package/dist/validation/validators/dangling-alias.d.ts.map +1 -0
package/dist/validation/validators/dangling-alias.js +31 -0
package/dist/validation/validators/dangling-alias.js.map +1 -0
package/dist/validation/validators/deploy-target-type-supported.d.ts +3 -0
package/dist/validation/validators/deploy-target-type-supported.d.ts.map +1 -0
package/dist/validation/validators/deploy-target-type-supported.js +32 -0
package/dist/validation/validators/deploy-target-type-supported.js.map +1 -0
package/dist/validation/validators/dynamic-route-conflict.d.ts +18 -0
package/dist/validation/validators/dynamic-route-conflict.d.ts.map +1 -0
package/dist/validation/validators/dynamic-route-conflict.js +80 -0
package/dist/validation/validators/dynamic-route-conflict.js.map +1 -0
package/dist/validation/validators/html-validity.d.ts +3 -0
package/dist/validation/validators/html-validity.d.ts.map +1 -0
package/dist/validation/validators/html-validity.js +89 -0
package/dist/validation/validators/html-validity.js.map +1 -0
package/dist/validation/validators/orphaned-locale-file.d.ts +21 -0
package/dist/validation/validators/orphaned-locale-file.d.ts.map +1 -0
package/dist/validation/validators/orphaned-locale-file.js +84 -0
package/dist/validation/validators/orphaned-locale-file.js.map +1 -0
package/dist/validation/validators/referenced-archived-without-alias.d.ts +3 -0
package/dist/validation/validators/referenced-archived-without-alias.d.ts.map +1 -0
package/dist/validation/validators/referenced-archived-without-alias.js +65 -0
package/dist/validation/validators/referenced-archived-without-alias.js.map +1 -0
package/dist/validation/validators/referenced-asset-exists.d.ts +13 -0
package/dist/validation/validators/referenced-asset-exists.d.ts.map +1 -0
package/dist/validation/validators/referenced-asset-exists.js +80 -0
package/dist/validation/validators/referenced-asset-exists.js.map +1 -0
package/dist/validation/validators/referenced-fragment-exists.d.ts +9 -0
package/dist/validation/validators/referenced-fragment-exists.d.ts.map +1 -0
package/dist/validation/validators/referenced-fragment-exists.js +52 -0
package/dist/validation/validators/referenced-fragment-exists.js.map +1 -0
package/dist/validation/validators/referenced-template-exists.d.ts +10 -0
package/dist/validation/validators/referenced-template-exists.d.ts.map +1 -0
package/dist/validation/validators/referenced-template-exists.js +74 -0
package/dist/validation/validators/referenced-template-exists.js.map +1 -0
package/dist/validation/validators/schema-conformance.d.ts +17 -0
package/dist/validation/validators/schema-conformance.d.ts.map +1 -0
package/dist/validation/validators/schema-conformance.js +94 -0
package/dist/validation/validators/schema-conformance.js.map +1 -0
package/dist/validation/validators/target-deploy-coverage.d.ts +3 -0
package/dist/validation/validators/target-deploy-coverage.d.ts.map +1 -0
package/dist/validation/validators/target-deploy-coverage.js +37 -0
package/dist/validation/validators/target-deploy-coverage.js.map +1 -0
package/dist/validation/validators/unused-fragment.d.ts +16 -0
package/dist/validation/validators/unused-fragment.d.ts.map +1 -0
package/dist/validation/validators/unused-fragment.js +86 -0
package/dist/validation/validators/unused-fragment.js.map +1 -0
package/package.json +54 -31
package/admin-dist/assets/index-BO9-CXmW.css +0 -1
package/admin-dist/assets/index-Ufu8zZH_.js +0 -668
package/admin-dist/assets/rolldown-runtime-COnpUsM8.js +0 -1
package/admin-dist/assets/vendor-rjsf-HKBAjOmQ.js +0 -32
package/admin-dist/assets/vendor-tiptap-IyO99U4R.js +0 -142
package/admin-dist/assets/vendor-vue-D3wBSmDf.js +0 -1
package/dist/publish-locale.d.ts +0 -44
package/dist/publish-locale.d.ts.map +0 -1
package/dist/publish-locale.js +0 -103
package/dist/publish-locale.js.map +0 -1

package/dist/audit/source-ip.js ADDED Viewed

@@ -0,0 +1,164 @@
+/**
+ * Source-IP recording — opt-in per design-audit.md "Source IP
+ * recording" section. Trust-mode-driven extraction with optional
+ * pseudonymization / truncation.
+ *
+ * # Modes
+ *
+ *   - `'none'` (default) — IP not recorded; field absent from event
+ *   - `'raw'` — full IP. GDPR-personal-data; operator declares
+ *     processing
+ *   - `'hashed'` — `sha256(ip + GAZETTA_AUDIT_SOURCEIP_SALT).slice(0, 16)`
+ *     for "same source across events?" correlation without
+ *     identification. Different salt from actor (so rotating one
+ *     doesn't break the other)
+ *   - `'truncated'` — `/24` for IPv4, `/48` for IPv6. Geographic /
+ *     network-segment forensics without device identification
+ *
+ * # Trust-mode-driven extraction
+ *
+ * Per design's "Trust-mode-driven header extraction" — leftmost-XFF
+ * naive read is an OWASP Trust Boundary Violation. The IP source
+ * differs per trust mode:
+ *
+ *   - `none`              — TCP peer (no proxy assumed)
+ *   - `forwarded-user`    — X-Forwarded-For with trustedProxyCount
+ *   - `cloudflare-access` — Cf-Connecting-IP (signed/trusted)
+ *   - `azure-easy-auth`   — X-Forwarded-For (Azure appends one entry)
+ *   - `aws-cognito`       — X-Forwarded-For (ALB appends one entry)
+ *   - `tailscale`         — TCP peer (serves direct)
+ *
+ * # SOLID lenses
+ *
+ *   - SRP: extraction + truncation/hashing only. Doesn't dispatch,
+ *     doesn't extract actor identity. Pure functions over
+ *     `(headers, mode, salt?)`.
+ */
+import { createHash } from 'node:crypto';
+/**
+ * Extract the client IP per the trust mode's header convention.
+ * Returns null when the configured header is missing — the caller
+ * should omit the `sourceIp` field from the event (per design:
+ * "Explicitly absent is more honest" than fake values).
+ */
+export function extractSourceIp(ctx) {
+    const { trustMode, headers } = ctx;
+    switch (trustMode) {
+        case 'none':
+        case 'tailscale':
+            return ctx.peerIp ?? null;
+        case 'cloudflare-access': {
+            const cfIp = headers.get('cf-connecting-ip');
+            if (cfIp)
+                return cfIp;
+            return ctx.peerIp ?? null;
+        }
+        case 'forwarded-user':
+        case 'azure-easy-auth':
+        case 'aws-cognito': {
+            // X-Forwarded-For shape: "client, proxy1, proxy2".
+            // trustedProxyCount = N → take the (N+1)th from the RIGHT
+            // (1-indexed). For N=1 (one trusted proxy), client is the
+            // leftmost; for N=2, client is leftmost-of-leftmost-two.
+            const xff = headers.get('x-forwarded-for');
+            if (!xff)
+                return ctx.peerIp ?? null;
+            const entries = xff
+                .split(',')
+                .map(s => s.trim())
+                .filter(Boolean);
+            if (entries.length === 0)
+                return ctx.peerIp ?? null;
+            const trustedCount = ctx.trustedProxyCount ?? 1;
+            // Client position from the right: N entries trusted; client
+            // is the (N+1)th-from-right, i.e., entries[entries.length - N - 1].
+            const clientIdx = entries.length - trustedCount - 1;
+            if (clientIdx < 0)
+                return ctx.peerIp ?? null;
+            return entries[clientIdx];
+        }
+        default:
+            // Unknown trust mode (plugin-supplied future) — fall back to
+            // peer IP. Plugin authors override via custom extraction.
+            return ctx.peerIp ?? null;
+    }
+}
+/**
+ * Apply the configured source-IP mode. Returns null when the mode
+ * is `'none'` OR when the extracted IP is null/empty/malformed —
+ * the caller omits the field.
+ */
+export function processSourceIp(rawIp, mode, salt) {
+    if (mode === 'none')
+        return null;
+    if (!rawIp || rawIp.length === 0)
+        return null;
+    if (mode === 'raw')
+        return rawIp;
+    if (mode === 'hashed') {
+        if (!salt || salt.length === 0) {
+            throw new Error('recordSourceIp: hashed requires a non-empty salt (set GAZETTA_AUDIT_SOURCEIP_SALT environment variable)');
+        }
+        return createHash('sha256')
+            .update(rawIp + salt)
+            .digest('hex')
+            .slice(0, 16);
+    }
+    // mode === 'truncated'
+    return truncateIp(rawIp);
+}
+/**
+ * Truncate an IP to /24 (IPv4) or /48 (IPv6). Returns null for
+ * malformed input — the caller treats this as "missing" and omits
+ * the field.
+ */
+function truncateIp(ip) {
+    // IPv4: 1.2.3.4 → 1.2.3.0/24
+    if (ip.includes('.') && !ip.includes(':')) {
+        const parts = ip.split('.');
+        if (parts.length !== 4)
+            return null;
+        for (const p of parts) {
+            const n = Number.parseInt(p, 10);
+            if (!Number.isInteger(n) || n < 0 || n > 255)
+                return null;
+        }
+        return `${parts[0]}.${parts[1]}.${parts[2]}.0/24`;
+    }
+    // IPv6: fe80::1234 → fe80::/48 (first 3 groups of 16 bits)
+    if (ip.includes(':')) {
+        // Expand :: shorthand if present.
+        const groups = expandIpv6Groups(ip);
+        if (!groups)
+            return null;
+        return `${groups.slice(0, 3).join(':')}::/48`;
+    }
+    return null;
+}
+function expandIpv6Groups(ip) {
+    const doubleColon = ip.indexOf('::');
+    let groups;
+    if (doubleColon >= 0) {
+        const left = ip.slice(0, doubleColon).split(':').filter(Boolean);
+        const right = ip
+            .slice(doubleColon + 2)
+            .split(':')
+            .filter(Boolean);
+        const fillCount = 8 - left.length - right.length;
+        if (fillCount < 0)
+            return null;
+        groups = [...left, ...new Array(fillCount).fill('0'), ...right];
+    }
+    else {
+        groups = ip.split(':');
+    }
+    if (groups.length !== 8)
+        return null;
+    for (const g of groups) {
+        const n = Number.parseInt(g, 16);
+        if (!Number.isInteger(n) || n < 0 || n > 0xffff)
+            return null;
+    }
+    return groups;
+}
+//# sourceMappingURL=source-ip.js.map

package/dist/audit/source-ip.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"source-ip.js","sourceRoot":"","sources":["../../src/audit/source-ip.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAsBxC;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,GAA8B;IAC5D,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,GAAG,GAAG,CAAA;IAClC,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,MAAM,CAAC;QACZ,KAAK,WAAW;YACd,OAAO,GAAG,CAAC,MAAM,IAAI,IAAI,CAAA;QAC3B,KAAK,mBAAmB,CAAC,CAAC,CAAC;YACzB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;YAC5C,IAAI,IAAI;gBAAE,OAAO,IAAI,CAAA;YACrB,OAAO,GAAG,CAAC,MAAM,IAAI,IAAI,CAAA;QAC3B,CAAC;QACD,KAAK,gBAAgB,CAAC;QACtB,KAAK,iBAAiB,CAAC;QACvB,KAAK,aAAa,CAAC,CAAC,CAAC;YACnB,mDAAmD;YACnD,0DAA0D;YAC1D,0DAA0D;YAC1D,yDAAyD;YACzD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAA;YAC1C,IAAI,CAAC,GAAG;gBAAE,OAAO,GAAG,CAAC,MAAM,IAAI,IAAI,CAAA;YACnC,MAAM,OAAO,GAAG,GAAG;iBAChB,KAAK,CAAC,GAAG,CAAC;iBACV,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;iBAClB,MAAM,CAAC,OAAO,CAAC,CAAA;YAClB,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,GAAG,CAAC,MAAM,IAAI,IAAI,CAAA;YACnD,MAAM,YAAY,GAAG,GAAG,CAAC,iBAAiB,IAAI,CAAC,CAAA;YAC/C,4DAA4D;YAC5D,oEAAoE;YACpE,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,YAAY,GAAG,CAAC,CAAA;YACnD,IAAI,SAAS,GAAG,CAAC;gBAAE,OAAO,GAAG,CAAC,MAAM,IAAI,IAAI,CAAA;YAC5C,OAAO,OAAO,CAAC,SAAS,CAAC,CAAA;QAC3B,CAAC;QACD;YACE,6DAA6D;YAC7D,0DAA0D;YAC1D,OAAO,GAAG,CAAC,MAAM,IAAI,IAAI,CAAA;IAC7B,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,KAAoB,EAAE,IAAkB,EAAE,IAAa;IACrF,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,IAAI,CAAA;IAChC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAE7C,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,KAAK,CAAA;IAChC,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,MAAM,IAAI,KAAK,CACb,yGAAyG,CAC1G,CAAA;QACH,CAAC;QACD,OAAO,UAAU,CAAC,QAAQ,CAAC;aACxB,MAAM,CAAC,KAAK,GAAG,IAAI,CAAC;aACpB,MAAM,CAAC,KAAK,CAAC;aACb,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACjB,CAAC;IACD,uBAAuB;IACvB,OAAO,UAAU,CAAC,KAAK,CAAC,CAAA;AAC1B,CAAC;AAED;;;;GAIG;AACH,SAAS,UAAU,CAAC,EAAU;IAC5B,6BAA6B;IAC7B,IAAI,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC3B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAA;QACnC,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;YAChC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG;gBAAE,OAAO,IAAI,CAAA;QAC3D,CAAC;QACD,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,OAAO,CAAA;IACnD,CAAC;IACD,2DAA2D;IAC3D,IAAI,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,kCAAkC;QAClC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,CAAC,CAAA;QACnC,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAA;QACxB,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAA;IAC/C,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,SAAS,gBAAgB,CAAC,EAAU;IAClC,MAAM,WAAW,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IACpC,IAAI,MAAgB,CAAA;IACpB,IAAI,WAAW,IAAI,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;QAChE,MAAM,KAAK,GAAG,EAAE;aACb,KAAK,CAAC,WAAW,GAAG,CAAC,CAAC;aACtB,KAAK,CAAC,GAAG,CAAC;aACV,MAAM,CAAC,OAAO,CAAC,CAAA;QAClB,MAAM,SAAS,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAA;QAChD,IAAI,SAAS,GAAG,CAAC;YAAE,OAAO,IAAI,CAAA;QAC9B,MAAM,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,KAAK,CAAC,CAAA;IACjE,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACxB,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IACpC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;QAChC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,MAAM;YAAE,OAAO,IAAI,CAAA;IAC9D,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC"}

package/dist/audit/types.d.ts ADDED Viewed

@@ -0,0 +1,143 @@
+/**
+ * Audit types — the durable forensic record shape consumed by every
+ * `AuditProvider` implementation.
+ *
+ * # Why these types live here
+ *
+ * Per `design-audit.md`'s "history-recorder is the foundation"
+ * invariant, the audit log extends the existing `Revision` shape
+ * with `actor` + `outcome` fields. The types here are the wire
+ * shape every provider speaks; in-tree `HistoryAuditProvider`
+ * (Cut 2) and external-sink providers (v2 webhook, file, OTel,
+ * CloudWatch, Azure Monitor, syslog) all consume `AuditEvent`.
+ *
+ * # Outcome is required
+ *
+ * Per the locked invariant: "no implicit 'default to success' —
+ * recording sites supply outcome explicitly. Cuts a class of 'I
+ * forgot to record the failure' bugs." The closed enum stays
+ * closed (future additions like `'rate-limited'`, `'session-expired'`
+ * extend the enum, not the wire shape).
+ *
+ * # SOLID lenses
+ *
+ *   - SRP: this module owns the event vocabulary. Doesn't read
+ *     storage; pure data shapes.
+ *   - DIP: providers, recorder, drawer all depend on these types
+ *     — never on which specific provider produced an event.
+ *   - LSP: every `AuditProvider` returns events shaped by these
+ *     types; consumers branch only on `outcome` / `action` for
+ *     behavior, never on which provider produced the data.
+ */
+/**
+ * Closed enum of action verbs Gazetta records. Per `design-audit.md`
+ * "Recording scope (v1)": save / publish / delete / restore at the
+ * content level + configure-roles for role-mapping changes in
+ * site.config.ts. `hook-fired` extends per design-hooks.md Cut 7.
+ *
+ * Soft-delete (per design-soft-delete.md Q8) extends with
+ * `archive` / `unarchive` / `purge` / `rename` — each maps to one
+ * user action; `rename` is recorded as a single composite event with
+ * `metadata.fromName` for forensic reconstruction (per Q8 M4 lock).
+ */
+export type AuditAction = 'save' | 'publish' | 'delete' | 'restore' | 'configure-roles' | 'hook-fired' | 'archive' | 'unarchive' | 'purge' | 'rename' | 'review-withdraw' | 'ai-suggest-alt';
+/**
+ * Closed enum of outcomes. Locked: every recording site supplies
+ * outcome explicitly. The four listed cover write attempts;
+ * v2 ambient-log expansion ('read', 'hook-cancelled') stays
+ * closed-enum.
+ */
+export type AuditOutcome = 'success' | 'forbidden' | 'validation-failed' | 'unauthenticated' | 'hook-cancelled' | 'timeout';
+/**
+ * Snapshot of the principal at decision time — never a live
+ * reference. Subsequent role changes don't rewrite history.
+ */
+export interface AuditActor {
+    /**
+     * Upstream stable subject (OIDC `sub`, Cloudflare Access
+     * `identity_nonce`, etc.) — NOT email. Email rotates; sub is
+     * stable. When `admin.audit.actorPseudonym: 'sha256'` is
+     * configured (Cut 4), this field is the salted hash prefix.
+     * `'unknown'` for pre-RBAC revisions or `none`-mode deployments.
+     */
+    id: string;
+    /**
+     * Optional human-readable identifier. Redacted to undefined when
+     * pseudonymization is enabled (low-entropy email gives weak
+     * pseudonymization).
+     */
+    email?: string;
+    /** Resolved Gazetta role at decision time. */
+    role: string;
+    /**
+     * Trust mode that produced this principal. Open string (not the
+     * `TrustMode` enum) so plugin-supplied modes can carry their own
+     * names without widening this type.
+     */
+    trustMode: string;
+}
+/**
+ * What was acted on. Keeps the audit query layer simple — consumers
+ * filter by `kind` + optional `name`.
+ */
+export interface AuditScope {
+    kind: 'page' | 'fragment' | 'asset' | 'site';
+    /** Item name when applicable (page name, fragment name, etc.). */
+    name?: string;
+}
+/**
+ * The wire shape every provider speaks. Every event records actor
+ * identity + action + outcome + scope; optional sourceIp / userAgent
+ * are operator-opt-in per Cut 4's privacy posture.
+ */
+export interface AuditEvent {
+    /** ISO 8601 with Z suffix. Matches the existing history-recorder convention. */
+    timestamp: string;
+    /** Snapshot of the actor at decision time. */
+    actor: AuditActor;
+    /** Closed-enum action verb. */
+    action: AuditAction;
+    /** Closed-enum outcome. Required — no implicit default. */
+    outcome: AuditOutcome;
+    /** What was acted on. */
+    scope: AuditScope;
+    /**
+     * Source IP when `admin.audit.recordSourceIp` is configured.
+     * Truncation / pseudonymization happens at recording time per
+     * the operator's mode setting (Cut 4).
+     */
+    sourceIp?: string;
+    /**
+     * User agent when `admin.audit.recordUserAgent` is configured.
+     * Cut 4 supports raw / truncated modes; default is none.
+     */
+    userAgent?: string;
+    /**
+     * Provider-specific extras. Examples: publish source target +
+     * destination, restore revision id, `missingCapabilities` for
+     * forbidden outcomes, `comment` for failure-mode events.
+     */
+    metadata?: Record<string, unknown>;
+}
+/**
+ * Filter shape consumed by `AuditProvider.query()`. Open enums
+ * because filter values come from URL query params; the server
+ * validates each field against the audit-event closed enums.
+ */
+export interface AuditQuery {
+    /** Match against `actor.id` or `actor.email` (case-insensitive substring). */
+    actor?: string;
+    action?: AuditAction;
+    outcome?: AuditOutcome;
+    scope?: {
+        kind?: AuditScope['kind'];
+        name?: string;
+    };
+    /** ISO 8601 timestamp lower bound (inclusive). */
+    since?: string;
+    /** ISO 8601 timestamp upper bound (exclusive). */
+    until?: string;
+    /** Max events returned. Default 100; provider may cap further. */
+    limit?: number;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/audit/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/audit/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AAEH;;;;;;;;;;GAUG;AACH,MAAM,MAAM,WAAW,GACnB,MAAM,GACN,SAAS,GACT,QAAQ,GACR,SAAS,GACT,iBAAiB,GACjB,YAAY,GACZ,SAAS,GACT,WAAW,GACX,OAAO,GACP,QAAQ,GACR,iBAAiB,GACjB,gBAAgB,CAAA;AAEpB;;;;;GAKG;AACH,MAAM,MAAM,YAAY,GACpB,SAAS,GACT,WAAW,GACX,mBAAmB,GACnB,iBAAiB,GACjB,gBAAgB,GAChB,SAAS,CAAA;AAEb;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB;;;;;;OAMG;IACH,EAAE,EAAE,MAAM,CAAA;IACV;;;;OAIG;IACH,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,8CAA8C;IAC9C,IAAI,EAAE,MAAM,CAAA;IACZ;;;;OAIG;IACH,SAAS,EAAE,MAAM,CAAA;CAClB;AAED;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,OAAO,GAAG,MAAM,CAAA;IAC5C,kEAAkE;IAClE,IAAI,CAAC,EAAE,MAAM,CAAA;CACd;AAED;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACzB,gFAAgF;IAChF,SAAS,EAAE,MAAM,CAAA;IACjB,8CAA8C;IAC9C,KAAK,EAAE,UAAU,CAAA;IACjB,+BAA+B;IAC/B,MAAM,EAAE,WAAW,CAAA;IACnB,2DAA2D;IAC3D,OAAO,EAAE,YAAY,CAAA;IACrB,yBAAyB;IACzB,KAAK,EAAE,UAAU,CAAA;IACjB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CACnC;AAED;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACzB,8EAA8E;IAC9E,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,WAAW,CAAA;IACpB,OAAO,CAAC,EAAE,YAAY,CAAA;IACtB,KAAK,CAAC,EAAE;QAAE,IAAI,CAAC,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;QAAC,IAAI,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACpD,kDAAkD;IAClD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,kDAAkD;IAClD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,kEAAkE;IAClE,KAAK,CAAC,EAAE,MAAM,CAAA;CACf"}

package/dist/audit/types.js ADDED Viewed

@@ -0,0 +1,33 @@
+/**
+ * Audit types — the durable forensic record shape consumed by every
+ * `AuditProvider` implementation.
+ *
+ * # Why these types live here
+ *
+ * Per `design-audit.md`'s "history-recorder is the foundation"
+ * invariant, the audit log extends the existing `Revision` shape
+ * with `actor` + `outcome` fields. The types here are the wire
+ * shape every provider speaks; in-tree `HistoryAuditProvider`
+ * (Cut 2) and external-sink providers (v2 webhook, file, OTel,
+ * CloudWatch, Azure Monitor, syslog) all consume `AuditEvent`.
+ *
+ * # Outcome is required
+ *
+ * Per the locked invariant: "no implicit 'default to success' —
+ * recording sites supply outcome explicitly. Cuts a class of 'I
+ * forgot to record the failure' bugs." The closed enum stays
+ * closed (future additions like `'rate-limited'`, `'session-expired'`
+ * extend the enum, not the wire shape).
+ *
+ * # SOLID lenses
+ *
+ *   - SRP: this module owns the event vocabulary. Doesn't read
+ *     storage; pure data shapes.
+ *   - DIP: providers, recorder, drawer all depend on these types
+ *     — never on which specific provider produced an event.
+ *   - LSP: every `AuditProvider` returns events shaped by these
+ *     types; consumers branch only on `outcome` / `action` for
+ *     behavior, never on which provider produced the data.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/audit/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/audit/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG"}

package/dist/audit/user-agent.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * User-agent recording — opt-in per design-audit.md "User agent
+ * recording" section. Lower priority than source-IP; most operators
+ * don't enable.
+ *
+ * # Modes
+ *
+ *   - `'none'` (default) — UA not recorded; field absent
+ *   - `'raw'` — full UA string. Useful for fingerprint forensics
+ *   - `'truncated'` — browser family + major version. Drops
+ *     fingerprinting detail; example outputs: `'Chrome/119'`,
+ *     `'Firefox/120'`, `'Safari/17'`, `'Other'`
+ *
+ * No `'hashed'` mode — UA has too little entropy for hashing to be
+ * a meaningful privacy hardening; if you want privacy, use
+ * `truncated` or `none`.
+ *
+ * # SOLID lenses
+ *
+ *   - SRP: UA processing only.
+ */
+export type UserAgentMode = 'none' | 'raw' | 'truncated';
+/**
+ * Apply the configured UA mode. Returns null for `'none'` or when
+ * input is empty/missing.
+ */
+export declare function processUserAgent(rawUa: string | undefined, mode: UserAgentMode): string | null;
+//# sourceMappingURL=user-agent.d.ts.map

package/dist/audit/user-agent.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"user-agent.d.ts","sourceRoot":"","sources":["../../src/audit/user-agent.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,KAAK,GAAG,WAAW,CAAA;AAExD;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,EAAE,IAAI,EAAE,aAAa,GAAG,MAAM,GAAG,IAAI,CAM9F"}

package/dist/audit/user-agent.js ADDED Viewed

@@ -0,0 +1,63 @@
+/**
+ * User-agent recording — opt-in per design-audit.md "User agent
+ * recording" section. Lower priority than source-IP; most operators
+ * don't enable.
+ *
+ * # Modes
+ *
+ *   - `'none'` (default) — UA not recorded; field absent
+ *   - `'raw'` — full UA string. Useful for fingerprint forensics
+ *   - `'truncated'` — browser family + major version. Drops
+ *     fingerprinting detail; example outputs: `'Chrome/119'`,
+ *     `'Firefox/120'`, `'Safari/17'`, `'Other'`
+ *
+ * No `'hashed'` mode — UA has too little entropy for hashing to be
+ * a meaningful privacy hardening; if you want privacy, use
+ * `truncated` or `none`.
+ *
+ * # SOLID lenses
+ *
+ *   - SRP: UA processing only.
+ */
+/**
+ * Apply the configured UA mode. Returns null for `'none'` or when
+ * input is empty/missing.
+ */
+export function processUserAgent(rawUa, mode) {
+    if (mode === 'none')
+        return null;
+    if (!rawUa || rawUa.length === 0)
+        return null;
+    if (mode === 'raw')
+        return rawUa;
+    // mode === 'truncated' — extract browser family + major version.
+    return truncateUserAgent(rawUa);
+}
+/**
+ * Heuristic browser-family detection. Order matters: Edge before
+ * Chrome (Edge UA contains Chrome); Opera before Chrome (same).
+ * Returns 'Other' when no known family matches — better than
+ * leaking the raw string under truncated mode.
+ */
+function truncateUserAgent(ua) {
+    // Patterns ordered by specificity: more-specific first.
+    const patterns = [
+        { name: 'Edge', regex: /Edg(e|A|iOS)?\/(\d+)/i },
+        { name: 'Opera', regex: /OPR\/(\d+)/i },
+        { name: 'Chrome', regex: /Chrome\/(\d+)/i },
+        { name: 'Firefox', regex: /Firefox\/(\d+)/i },
+        { name: 'Safari', regex: /Version\/(\d+).*Safari/i },
+    ];
+    for (const { name, regex } of patterns) {
+        const match = ua.match(regex);
+        if (match) {
+            // Match group 1 is sometimes a sub-product name (Edg vs Edge),
+            // group 2 is the version. Pick the last numeric group.
+            const numericGroups = match.filter(g => /^\d+$/.test(g ?? ''));
+            const version = numericGroups[numericGroups.length - 1];
+            return `${name}/${version}`;
+        }
+    }
+    return 'Other';
+}
+//# sourceMappingURL=user-agent.js.map

package/dist/audit/user-agent.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"user-agent.js","sourceRoot":"","sources":["../../src/audit/user-agent.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAIH;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAyB,EAAE,IAAmB;IAC7E,IAAI,IAAI,KAAK,MAAM;QAAE,OAAO,IAAI,CAAA;IAChC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAC7C,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,KAAK,CAAA;IAChC,iEAAiE;IACjE,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAA;AACjC,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,EAAU;IACnC,wDAAwD;IACxD,MAAM,QAAQ,GAA2C;QACvD,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,uBAAuB,EAAE;QAChD,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,aAAa,EAAE;QACvC,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE;QAC3C,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,iBAAiB,EAAE;QAC7C,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,yBAAyB,EAAE;KACrD,CAAA;IACD,KAAK,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,QAAQ,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;QAC7B,IAAI,KAAK,EAAE,CAAC;YACV,+DAA+D;YAC/D,uDAAuD;YACvD,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAA;YAC9D,MAAM,OAAO,GAAG,aAAa,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YACvD,OAAO,GAAG,IAAI,IAAI,OAAO,EAAE,CAAA;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAA;AAChB,CAAC"}

package/dist/auth/capabilities.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * Test whether a principal's capability set grants the required
+ * capability. Implements wildcard expansion:
+ *
+ *   - `*` (root wildcard) grants everything (including
+ *     wildcard-exempt capabilities — admin role retains the
+ *     escape hatch)
+ *   - `<prefix>:*` grants every capability under that prefix
+ *     EXCEPT capabilities in `WILDCARD_EXEMPT_CAPABILITIES`
+ *   - exact match grants exactly that capability
+ *
+ * Plugin-supplied capabilities use scoped prefixes
+ * (`@my-org/search:rebuild-index`) and follow the same rules:
+ * `@my-org/search:*` grants `@my-org/search:rebuild-index`.
+ */
+export declare function capabilityGrants(granted: ReadonlyArray<string>, required: string): boolean;
+/**
+ * Expand a role name to its capability set. Built-in roles
+ * (`admin`, `editor`, `viewer`) resolve from `BUILT_IN_ROLES`;
+ * custom roles must be supplied via the `customRoles` map at
+ * resolution time (per `design-auth-rbac.md`'s "hybrid built-in
+ * + custom" model).
+ *
+ * Returns null when the role isn't recognized — caller decides
+ * whether to fail-closed (deny access) or fail-open (assign default).
+ */
+export declare function expandRole(roleName: string, customRoles?: Readonly<Record<string, ReadonlyArray<string>>>): ReadonlyArray<string> | null;
+//# sourceMappingURL=capabilities.d.ts.map

package/dist/auth/capabilities.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"capabilities.d.ts","sourceRoot":"","sources":["../../src/auth/capabilities.ts"],"names":[],"mappings":"AAgDA;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,aAAa,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAe1F;AAED;;;;;;;;;GASG;AACH,wBAAgB,UAAU,CACxB,QAAQ,EAAE,MAAM,EAChB,WAAW,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,GAC5D,aAAa,CAAC,MAAM,CAAC,GAAG,IAAI,CAQ9B"}

package/dist/auth/capabilities.js ADDED Viewed

@@ -0,0 +1,101 @@
+/**
+ * Capability vocabulary helpers — the closed set of built-in
+ * capabilities and the matching logic for wildcard expansion.
+ *
+ * # Why these helpers live here
+ *
+ * Capabilities are strings, but the matching logic (does
+ * `read:*` grant `read:pages`? does `*` grant everything?) is
+ * load-bearing for every authorization check. Centralizing the
+ * matching logic in pure functions means:
+ *
+ *   - Middleware uses one function, not ad-hoc string compares
+ *   - Tests pin the wildcard semantics in one place
+ *   - Plugin-supplied capabilities (when plugin foundation ships)
+ *     extend via prefix conventions, not by changing matching code
+ *
+ * # SOLID lenses
+ *
+ *   - SRP: matching only; doesn't read configs or extract principals.
+ *   - DIP: middleware depends on this helper, not on the BUILT_IN_ROLES
+ *     constant.
+ */
+import { BUILT_IN_ROLES } from './types.js';
+/**
+ * Privacy-sensitive capabilities that prefix wildcards do NOT
+ * grant. Per design-auth-rbac.md's "Audit-log read access is its
+ * own capability — viewers don't see audit by default", and the
+ * matching design-audit.md note that audit log is its own gate.
+ *
+ * These capabilities require either:
+ *   - explicit grant (the exact capability string in the granted
+ *     list), or
+ *   - root wildcard `*` (admin role)
+ *
+ * Prefix wildcards (`read:*`) DO NOT grant them. Built-in editor
+ * + viewer roles hold `read:*` — they get `read:pages`,
+ * `read:fragments`, `read:assets` but NOT `read:audit-log`.
+ * Operators wanting an "auditor" custom role declare
+ * `['read:*', 'read:audit-log']` explicitly.
+ *
+ * Plugin authors adding privacy-sensitive capabilities extend this
+ * set by exporting their own capability string in this set —
+ * future plugin foundation will likely move this to a registry.
+ * For v1 the set is closed to known built-ins.
+ */
+const WILDCARD_EXEMPT_CAPABILITIES = new Set(['read:audit-log']);
+/**
+ * Test whether a principal's capability set grants the required
+ * capability. Implements wildcard expansion:
+ *
+ *   - `*` (root wildcard) grants everything (including
+ *     wildcard-exempt capabilities — admin role retains the
+ *     escape hatch)
+ *   - `<prefix>:*` grants every capability under that prefix
+ *     EXCEPT capabilities in `WILDCARD_EXEMPT_CAPABILITIES`
+ *   - exact match grants exactly that capability
+ *
+ * Plugin-supplied capabilities use scoped prefixes
+ * (`@my-org/search:rebuild-index`) and follow the same rules:
+ * `@my-org/search:*` grants `@my-org/search:rebuild-index`.
+ */
+export function capabilityGrants(granted, required) {
+    if (required.length === 0)
+        return false;
+    const isExempt = WILDCARD_EXEMPT_CAPABILITIES.has(required);
+    for (const cap of granted) {
+        // Root wildcard always grants — admin retains the escape hatch
+        // even for wildcard-exempt capabilities.
+        if (cap === '*')
+            return true;
+        if (cap === required)
+            return true;
+        // Prefix wildcards skip wildcard-exempt capabilities.
+        if (!isExempt && cap.endsWith(':*')) {
+            const prefix = cap.slice(0, -1); // 'read:*' → 'read:'
+            if (required.startsWith(prefix))
+                return true;
+        }
+    }
+    return false;
+}
+/**
+ * Expand a role name to its capability set. Built-in roles
+ * (`admin`, `editor`, `viewer`) resolve from `BUILT_IN_ROLES`;
+ * custom roles must be supplied via the `customRoles` map at
+ * resolution time (per `design-auth-rbac.md`'s "hybrid built-in
+ * + custom" model).
+ *
+ * Returns null when the role isn't recognized — caller decides
+ * whether to fail-closed (deny access) or fail-open (assign default).
+ */
+export function expandRole(roleName, customRoles) {
+    if (customRoles && roleName in customRoles) {
+        return customRoles[roleName];
+    }
+    if (roleName in BUILT_IN_ROLES) {
+        return BUILT_IN_ROLES[roleName];
+    }
+    return null;
+}
+//# sourceMappingURL=capabilities.js.map

package/dist/auth/capabilities.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"capabilities.js","sourceRoot":"","sources":["../../src/auth/capabilities.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,OAAO,EAAE,cAAc,EAA0B,MAAM,YAAY,CAAA;AAEnE;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,4BAA4B,GAAwB,IAAI,GAAG,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAA;AAErF;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAA8B,EAAE,QAAgB;IAC/E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IACvC,MAAM,QAAQ,GAAG,4BAA4B,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IAC3D,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;QAC1B,+DAA+D;QAC/D,yCAAyC;QACzC,IAAI,GAAG,KAAK,GAAG;YAAE,OAAO,IAAI,CAAA;QAC5B,IAAI,GAAG,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAA;QACjC,sDAAsD;QACtD,IAAI,CAAC,QAAQ,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACpC,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA,CAAC,qBAAqB;YACrD,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,OAAO,IAAI,CAAA;QAC9C,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,UAAU,CACxB,QAAgB,EAChB,WAA6D;IAE7D,IAAI,WAAW,IAAI,QAAQ,IAAI,WAAW,EAAE,CAAC;QAC3C,OAAO,WAAW,CAAC,QAAQ,CAAC,CAAA;IAC9B,CAAC;IACD,IAAI,QAAQ,IAAI,cAAc,EAAE,CAAC;QAC/B,OAAO,cAAc,CAAC,QAAQ,CAAqC,CAAA;IACrE,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC"}