npm - governance-sdk - Versions diffs - 0.5.0 - Mend

governance-sdk 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (387) hide show

package/LICENSE +21 -0
package/README.md +559 -0
package/dist/agent-identity-ed25519.d.ts +80 -0
package/dist/agent-identity-ed25519.d.ts.map +1 -0
package/dist/agent-identity-ed25519.js +134 -0
package/dist/agent-identity-ed25519.js.map +1 -0
package/dist/agent-identity.d.ts +65 -0
package/dist/agent-identity.d.ts.map +1 -0
package/dist/agent-identity.js +85 -0
package/dist/agent-identity.js.map +1 -0
package/dist/audit-integrity.d.ts +78 -0
package/dist/audit-integrity.d.ts.map +1 -0
package/dist/audit-integrity.js +173 -0
package/dist/audit-integrity.js.map +1 -0
package/dist/behavioral-scorer.d.ts +72 -0
package/dist/behavioral-scorer.d.ts.map +1 -0
package/dist/behavioral-scorer.js +223 -0
package/dist/behavioral-scorer.js.map +1 -0
package/dist/cli/init.d.ts +11 -0
package/dist/cli/init.d.ts.map +1 -0
package/dist/cli/init.js +217 -0
package/dist/cli/init.js.map +1 -0
package/dist/compliance-articles.d.ts +71 -0
package/dist/compliance-articles.d.ts.map +1 -0
package/dist/compliance-articles.js +201 -0
package/dist/compliance-articles.js.map +1 -0
package/dist/compliance.d.ts +24 -0
package/dist/compliance.d.ts.map +1 -0
package/dist/compliance.js +183 -0
package/dist/compliance.js.map +1 -0
package/dist/conditions/builtins.d.ts +17 -0
package/dist/conditions/builtins.d.ts.map +1 -0
package/dist/conditions/builtins.js +213 -0
package/dist/conditions/builtins.js.map +1 -0
package/dist/conditions/postprocess.d.ts +12 -0
package/dist/conditions/postprocess.d.ts.map +1 -0
package/dist/conditions/postprocess.js +33 -0
package/dist/conditions/postprocess.js.map +1 -0
package/dist/conditions/preprocess.d.ts +12 -0
package/dist/conditions/preprocess.d.ts.map +1 -0
package/dist/conditions/preprocess.js +47 -0
package/dist/conditions/preprocess.js.map +1 -0
package/dist/conditions/process.d.ts +14 -0
package/dist/conditions/process.d.ts.map +1 -0
package/dist/conditions/process.js +78 -0
package/dist/conditions/process.js.map +1 -0
package/dist/conditions/sensitive-patterns.d.ts +13 -0
package/dist/conditions/sensitive-patterns.d.ts.map +1 -0
package/dist/conditions/sensitive-patterns.js +42 -0
package/dist/conditions/sensitive-patterns.js.map +1 -0
package/dist/dry-run.d.ts +85 -0
package/dist/dry-run.d.ts.map +1 -0
package/dist/dry-run.js +132 -0
package/dist/dry-run.js.map +1 -0
package/dist/eval-red-team.d.ts +69 -0
package/dist/eval-red-team.d.ts.map +1 -0
package/dist/eval-red-team.js +205 -0
package/dist/eval-red-team.js.map +1 -0
package/dist/eval-scorer.d.ts +56 -0
package/dist/eval-scorer.d.ts.map +1 -0
package/dist/eval-scorer.js +148 -0
package/dist/eval-scorer.js.map +1 -0
package/dist/eval-trace.d.ts +30 -0
package/dist/eval-trace.d.ts.map +1 -0
package/dist/eval-trace.js +129 -0
package/dist/eval-trace.js.map +1 -0
package/dist/eval-types.d.ts +108 -0
package/dist/eval-types.d.ts.map +1 -0
package/dist/eval-types.js +14 -0
package/dist/eval-types.js.map +1 -0
package/dist/events.d.ts +57 -0
package/dist/events.d.ts.map +1 -0
package/dist/events.js +81 -0
package/dist/events.js.map +1 -0
package/dist/federation-types.d.ts +58 -0
package/dist/federation-types.d.ts.map +1 -0
package/dist/federation-types.js +8 -0
package/dist/federation-types.js.map +1 -0
package/dist/federation.d.ts +42 -0
package/dist/federation.d.ts.map +1 -0
package/dist/federation.js +158 -0
package/dist/federation.js.map +1 -0
package/dist/index.d.ts +142 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +273 -0
package/dist/index.js.map +1 -0
package/dist/injection-benchmark.d.ts +62 -0
package/dist/injection-benchmark.d.ts.map +1 -0
package/dist/injection-benchmark.js +201 -0
package/dist/injection-benchmark.js.map +1 -0
package/dist/injection-classifier.d.ts +69 -0
package/dist/injection-classifier.d.ts.map +1 -0
package/dist/injection-classifier.js +98 -0
package/dist/injection-classifier.js.map +1 -0
package/dist/injection-detect.d.ts +59 -0
package/dist/injection-detect.d.ts.map +1 -0
package/dist/injection-detect.js +175 -0
package/dist/injection-detect.js.map +1 -0
package/dist/injection-patterns-ext.d.ts +7 -0
package/dist/injection-patterns-ext.d.ts.map +1 -0
package/dist/injection-patterns-ext.js +71 -0
package/dist/injection-patterns-ext.js.map +1 -0
package/dist/injection-patterns.d.ts +15 -0
package/dist/injection-patterns.d.ts.map +1 -0
package/dist/injection-patterns.js +361 -0
package/dist/injection-patterns.js.map +1 -0
package/dist/iso-42001-articles.d.ts +34 -0
package/dist/iso-42001-articles.d.ts.map +1 -0
package/dist/iso-42001-articles.js +147 -0
package/dist/iso-42001-articles.js.map +1 -0
package/dist/iso-42001.d.ts +18 -0
package/dist/iso-42001.d.ts.map +1 -0
package/dist/iso-42001.js +156 -0
package/dist/iso-42001.js.map +1 -0
package/dist/kill-switch.d.ts +56 -0
package/dist/kill-switch.d.ts.map +1 -0
package/dist/kill-switch.js +173 -0
package/dist/kill-switch.js.map +1 -0
package/dist/metrics.d.ts +58 -0
package/dist/metrics.d.ts.map +1 -0
package/dist/metrics.js +81 -0
package/dist/metrics.js.map +1 -0
package/dist/monorepo-detect.d.ts +30 -0
package/dist/monorepo-detect.d.ts.map +1 -0
package/dist/monorepo-detect.js +107 -0
package/dist/monorepo-detect.js.map +1 -0
package/dist/nist-ai-rmf-articles.d.ts +40 -0
package/dist/nist-ai-rmf-articles.d.ts.map +1 -0
package/dist/nist-ai-rmf-articles.js +156 -0
package/dist/nist-ai-rmf-articles.js.map +1 -0
package/dist/nist-ai-rmf.d.ts +20 -0
package/dist/nist-ai-rmf.d.ts.map +1 -0
package/dist/nist-ai-rmf.js +176 -0
package/dist/nist-ai-rmf.js.map +1 -0
package/dist/otel-hooks.d.ts +67 -0
package/dist/otel-hooks.d.ts.map +1 -0
package/dist/otel-hooks.js +100 -0
package/dist/otel-hooks.js.map +1 -0
package/dist/owasp-agentic-articles.d.ts +42 -0
package/dist/owasp-agentic-articles.d.ts.map +1 -0
package/dist/owasp-agentic-articles.js +236 -0
package/dist/owasp-agentic-articles.js.map +1 -0
package/dist/owasp-agentic.d.ts +20 -0
package/dist/owasp-agentic.d.ts.map +1 -0
package/dist/owasp-agentic.js +205 -0
package/dist/owasp-agentic.js.map +1 -0
package/dist/plugins/a2a-types.d.ts +241 -0
package/dist/plugins/a2a-types.d.ts.map +1 -0
package/dist/plugins/a2a-types.js +14 -0
package/dist/plugins/a2a-types.js.map +1 -0
package/dist/plugins/a2a.d.ts +37 -0
package/dist/plugins/a2a.d.ts.map +1 -0
package/dist/plugins/a2a.js +160 -0
package/dist/plugins/a2a.js.map +1 -0
package/dist/plugins/anthropic-types.d.ts +188 -0
package/dist/plugins/anthropic-types.d.ts.map +1 -0
package/dist/plugins/anthropic-types.js +8 -0
package/dist/plugins/anthropic-types.js.map +1 -0
package/dist/plugins/anthropic.d.ts +32 -0
package/dist/plugins/anthropic.d.ts.map +1 -0
package/dist/plugins/anthropic.js +131 -0
package/dist/plugins/anthropic.js.map +1 -0
package/dist/plugins/autogen-types.d.ts +121 -0
package/dist/plugins/autogen-types.d.ts.map +1 -0
package/dist/plugins/autogen-types.js +13 -0
package/dist/plugins/autogen-types.js.map +1 -0
package/dist/plugins/autogen.d.ts +41 -0
package/dist/plugins/autogen.d.ts.map +1 -0
package/dist/plugins/autogen.js +131 -0
package/dist/plugins/autogen.js.map +1 -0
package/dist/plugins/bedrock-types.d.ts +246 -0
package/dist/plugins/bedrock-types.d.ts.map +1 -0
package/dist/plugins/bedrock-types.js +8 -0
package/dist/plugins/bedrock-types.js.map +1 -0
package/dist/plugins/bedrock.d.ts +43 -0
package/dist/plugins/bedrock.d.ts.map +1 -0
package/dist/plugins/bedrock.js +155 -0
package/dist/plugins/bedrock.js.map +1 -0
package/dist/plugins/cloudflare-ai-types.d.ts +85 -0
package/dist/plugins/cloudflare-ai-types.d.ts.map +1 -0
package/dist/plugins/cloudflare-ai-types.js +10 -0
package/dist/plugins/cloudflare-ai-types.js.map +1 -0
package/dist/plugins/cloudflare-ai.d.ts +32 -0
package/dist/plugins/cloudflare-ai.d.ts.map +1 -0
package/dist/plugins/cloudflare-ai.js +108 -0
package/dist/plugins/cloudflare-ai.js.map +1 -0
package/dist/plugins/composio-types.d.ts +96 -0
package/dist/plugins/composio-types.d.ts.map +1 -0
package/dist/plugins/composio-types.js +13 -0
package/dist/plugins/composio-types.js.map +1 -0
package/dist/plugins/composio.d.ts +37 -0
package/dist/plugins/composio.d.ts.map +1 -0
package/dist/plugins/composio.js +118 -0
package/dist/plugins/composio.js.map +1 -0
package/dist/plugins/crewai-types.d.ts +153 -0
package/dist/plugins/crewai-types.d.ts.map +1 -0
package/dist/plugins/crewai-types.js +10 -0
package/dist/plugins/crewai-types.js.map +1 -0
package/dist/plugins/crewai.d.ts +37 -0
package/dist/plugins/crewai.d.ts.map +1 -0
package/dist/plugins/crewai.js +127 -0
package/dist/plugins/crewai.js.map +1 -0
package/dist/plugins/deno-types.d.ts +68 -0
package/dist/plugins/deno-types.d.ts.map +1 -0
package/dist/plugins/deno-types.js +8 -0
package/dist/plugins/deno-types.js.map +1 -0
package/dist/plugins/deno.d.ts +37 -0
package/dist/plugins/deno.d.ts.map +1 -0
package/dist/plugins/deno.js +129 -0
package/dist/plugins/deno.js.map +1 -0
package/dist/plugins/e2b-types.d.ts +140 -0
package/dist/plugins/e2b-types.d.ts.map +1 -0
package/dist/plugins/e2b-types.js +8 -0
package/dist/plugins/e2b-types.js.map +1 -0
package/dist/plugins/e2b.d.ts +43 -0
package/dist/plugins/e2b.d.ts.map +1 -0
package/dist/plugins/e2b.js +157 -0
package/dist/plugins/e2b.js.map +1 -0
package/dist/plugins/genkit-types.d.ts +88 -0
package/dist/plugins/genkit-types.d.ts.map +1 -0
package/dist/plugins/genkit-types.js +11 -0
package/dist/plugins/genkit-types.js.map +1 -0
package/dist/plugins/genkit.d.ts +35 -0
package/dist/plugins/genkit.d.ts.map +1 -0
package/dist/plugins/genkit.js +143 -0
package/dist/plugins/genkit.js.map +1 -0
package/dist/plugins/langchain.d.ts +130 -0
package/dist/plugins/langchain.d.ts.map +1 -0
package/dist/plugins/langchain.js +172 -0
package/dist/plugins/langchain.js.map +1 -0
package/dist/plugins/llamaindex-types.d.ts +86 -0
package/dist/plugins/llamaindex-types.d.ts.map +1 -0
package/dist/plugins/llamaindex-types.js +11 -0
package/dist/plugins/llamaindex-types.js.map +1 -0
package/dist/plugins/llamaindex.d.ts +36 -0
package/dist/plugins/llamaindex.d.ts.map +1 -0
package/dist/plugins/llamaindex.js +131 -0
package/dist/plugins/llamaindex.js.map +1 -0
package/dist/plugins/mastra-processor-types.d.ts +126 -0
package/dist/plugins/mastra-processor-types.d.ts.map +1 -0
package/dist/plugins/mastra-processor-types.js +11 -0
package/dist/plugins/mastra-processor-types.js.map +1 -0
package/dist/plugins/mastra-processor.d.ts +32 -0
package/dist/plugins/mastra-processor.d.ts.map +1 -0
package/dist/plugins/mastra-processor.js +126 -0
package/dist/plugins/mastra-processor.js.map +1 -0
package/dist/plugins/mastra.d.ts +100 -0
package/dist/plugins/mastra.d.ts.map +1 -0
package/dist/plugins/mastra.js +143 -0
package/dist/plugins/mastra.js.map +1 -0
package/dist/plugins/mcp-annotations.d.ts +54 -0
package/dist/plugins/mcp-annotations.d.ts.map +1 -0
package/dist/plugins/mcp-annotations.js +110 -0
package/dist/plugins/mcp-annotations.js.map +1 -0
package/dist/plugins/mcp-chain-audit.d.ts +74 -0
package/dist/plugins/mcp-chain-audit.d.ts.map +1 -0
package/dist/plugins/mcp-chain-audit.js +134 -0
package/dist/plugins/mcp-chain-audit.js.map +1 -0
package/dist/plugins/mcp-trust.d.ts +59 -0
package/dist/plugins/mcp-trust.d.ts.map +1 -0
package/dist/plugins/mcp-trust.js +100 -0
package/dist/plugins/mcp-trust.js.map +1 -0
package/dist/plugins/mcp-types.d.ts +183 -0
package/dist/plugins/mcp-types.d.ts.map +1 -0
package/dist/plugins/mcp-types.js +12 -0
package/dist/plugins/mcp-types.js.map +1 -0
package/dist/plugins/mcp.d.ts +41 -0
package/dist/plugins/mcp.d.ts.map +1 -0
package/dist/plugins/mcp.js +228 -0
package/dist/plugins/mcp.js.map +1 -0
package/dist/plugins/mistral-types.d.ts +72 -0
package/dist/plugins/mistral-types.d.ts.map +1 -0
package/dist/plugins/mistral-types.js +8 -0
package/dist/plugins/mistral-types.js.map +1 -0
package/dist/plugins/mistral.d.ts +32 -0
package/dist/plugins/mistral.d.ts.map +1 -0
package/dist/plugins/mistral.js +133 -0
package/dist/plugins/mistral.js.map +1 -0
package/dist/plugins/ollama-types.d.ts +76 -0
package/dist/plugins/ollama-types.d.ts.map +1 -0
package/dist/plugins/ollama-types.js +8 -0
package/dist/plugins/ollama-types.js.map +1 -0
package/dist/plugins/ollama.d.ts +32 -0
package/dist/plugins/ollama.d.ts.map +1 -0
package/dist/plugins/ollama.js +130 -0
package/dist/plugins/ollama.js.map +1 -0
package/dist/plugins/openai-agents-types.d.ts +130 -0
package/dist/plugins/openai-agents-types.d.ts.map +1 -0
package/dist/plugins/openai-agents-types.js +12 -0
package/dist/plugins/openai-agents-types.js.map +1 -0
package/dist/plugins/openai-agents.d.ts +37 -0
package/dist/plugins/openai-agents.d.ts.map +1 -0
package/dist/plugins/openai-agents.js +151 -0
package/dist/plugins/openai-agents.js.map +1 -0
package/dist/plugins/semantic-kernel-types.d.ts +103 -0
package/dist/plugins/semantic-kernel-types.d.ts.map +1 -0
package/dist/plugins/semantic-kernel-types.js +13 -0
package/dist/plugins/semantic-kernel-types.js.map +1 -0
package/dist/plugins/semantic-kernel.d.ts +37 -0
package/dist/plugins/semantic-kernel.d.ts.map +1 -0
package/dist/plugins/semantic-kernel.js +149 -0
package/dist/plugins/semantic-kernel.js.map +1 -0
package/dist/plugins/vercel-ai.d.ts +134 -0
package/dist/plugins/vercel-ai.d.ts.map +1 -0
package/dist/plugins/vercel-ai.js +130 -0
package/dist/plugins/vercel-ai.js.map +1 -0
package/dist/policy-builder.d.ts +52 -0
package/dist/policy-builder.d.ts.map +1 -0
package/dist/policy-builder.js +108 -0
package/dist/policy-builder.js.map +1 -0
package/dist/policy-compose-presets.d.ts +18 -0
package/dist/policy-compose-presets.d.ts.map +1 -0
package/dist/policy-compose-presets.js +52 -0
package/dist/policy-compose-presets.js.map +1 -0
package/dist/policy-compose.d.ts +66 -0
package/dist/policy-compose.d.ts.map +1 -0
package/dist/policy-compose.js +163 -0
package/dist/policy-compose.js.map +1 -0
package/dist/policy-presets-extended.d.ts +35 -0
package/dist/policy-presets-extended.d.ts.map +1 -0
package/dist/policy-presets-extended.js +137 -0
package/dist/policy-presets-extended.js.map +1 -0
package/dist/policy-presets.d.ts +77 -0
package/dist/policy-presets.d.ts.map +1 -0
package/dist/policy-presets.js +164 -0
package/dist/policy-presets.js.map +1 -0
package/dist/policy-stage-defaults.d.ts +8 -0
package/dist/policy-stage-defaults.d.ts.map +1 -0
package/dist/policy-stage-defaults.js +34 -0
package/dist/policy-stage-defaults.js.map +1 -0
package/dist/policy-yaml.d.ts +23 -0
package/dist/policy-yaml.d.ts.map +1 -0
package/dist/policy-yaml.js +216 -0
package/dist/policy-yaml.js.map +1 -0
package/dist/policy.d.ts +124 -0
package/dist/policy.d.ts.map +1 -0
package/dist/policy.js +161 -0
package/dist/policy.js.map +1 -0
package/dist/remote-enforce.d.ts +44 -0
package/dist/remote-enforce.d.ts.map +1 -0
package/dist/remote-enforce.js +99 -0
package/dist/remote-enforce.js.map +1 -0
package/dist/repo-patterns.d.ts +32 -0
package/dist/repo-patterns.d.ts.map +1 -0
package/dist/repo-patterns.js +222 -0
package/dist/repo-patterns.js.map +1 -0
package/dist/sandbox.d.ts +68 -0
package/dist/sandbox.d.ts.map +1 -0
package/dist/sandbox.js +124 -0
package/dist/sandbox.js.map +1 -0
package/dist/scorer-dimensions.d.ts +10 -0
package/dist/scorer-dimensions.d.ts.map +1 -0
package/dist/scorer-dimensions.js +184 -0
package/dist/scorer-dimensions.js.map +1 -0
package/dist/scorer.d.ts +27 -0
package/dist/scorer.d.ts.map +1 -0
package/dist/scorer.js +138 -0
package/dist/scorer.js.map +1 -0
package/dist/storage-postgres-schema.d.ts +47 -0
package/dist/storage-postgres-schema.d.ts.map +1 -0
package/dist/storage-postgres-schema.js +134 -0
package/dist/storage-postgres-schema.js.map +1 -0
package/dist/storage-postgres.d.ts +41 -0
package/dist/storage-postgres.d.ts.map +1 -0
package/dist/storage-postgres.js +180 -0
package/dist/storage-postgres.js.map +1 -0
package/dist/storage.d.ts +65 -0
package/dist/storage.d.ts.map +1 -0
package/dist/storage.js +85 -0
package/dist/storage.js.map +1 -0
package/dist/supply-chain-sbom.d.ts +72 -0
package/dist/supply-chain-sbom.d.ts.map +1 -0
package/dist/supply-chain-sbom.js +73 -0
package/dist/supply-chain-sbom.js.map +1 -0
package/dist/supply-chain.d.ts +61 -0
package/dist/supply-chain.d.ts.map +1 -0
package/dist/supply-chain.js +95 -0
package/dist/supply-chain.js.map +1 -0
package/dist/token-types.d.ts +77 -0
package/dist/token-types.d.ts.map +1 -0
package/dist/token-types.js +31 -0
package/dist/token-types.js.map +1 -0
package/dist/types.d.ts +71 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +6 -0
package/dist/types.js.map +1 -0
package/package.json +361 -0

package/dist/supply-chain-sbom.js ADDED Viewed

@@ -0,0 +1,73 @@
+/**
+ * governance-sdk — Agent Software Bill of Materials (SBOM)
+ *
+ * Generates a JSON manifest of agent capabilities, dependencies,
+ * and governance posture. Compatible with CycloneDX concepts.
+ *
+ * @example
+ * ```ts
+ * import { generateAgentSBOM } from 'governance-sdk/supply-chain-sbom';
+ *
+ * const sbom = generateAgentSBOM({
+ *   agent: storedAgent,
+ *   dependencies: { tools: ['search'], mcpServers: ['mcp://files'] },
+ *   governanceScore: 87,
+ *   governanceLevel: 4,
+ *   complianceFrameworks: ['eu-ai-act', 'owasp-agentic'],
+ * });
+ * ```
+ */
+// ─── Implementation ─────────────────────────────────────────
+export function generateAgentSBOM(input) {
+    const { agent, dependencies, governanceScore, governanceLevel, complianceFrameworks, policies } = input;
+    return {
+        bomFormat: "LuaAgentSBOM",
+        specVersion: "1.0",
+        serialNumber: `urn:uuid:${generateUUID()}`,
+        generatedAt: new Date().toISOString(),
+        component: {
+            type: "agent",
+            name: agent.name,
+            version: agent.version ?? "0.0.0",
+            description: agent.description ?? "",
+            supplier: agent.owner ?? "unknown",
+            properties: {
+                "agent:id": agent.id,
+                "agent:framework": agent.framework ?? "unknown",
+            },
+        },
+        dependencies: {
+            tools: dependencies?.tools ?? [],
+            mcpServers: dependencies?.mcpServers ?? [],
+            apiEndpoints: dependencies?.apiEndpoints ?? [],
+            agents: dependencies?.agents ?? [],
+        },
+        governance: {
+            score: governanceScore ?? 0,
+            level: governanceLevel ?? 0,
+            complianceFrameworks: complianceFrameworks ?? [],
+            policyCount: policies?.length ?? 0,
+            policies: policies ?? [],
+        },
+    };
+}
+// ─── Utilities ──────────────────────────────────────────────
+function generateUUID() {
+    if (typeof globalThis.crypto !== "undefined" && globalThis.crypto.randomUUID) {
+        return globalThis.crypto.randomUUID();
+    }
+    // Fallback for environments without randomUUID
+    const bytes = new Uint8Array(16);
+    if (typeof globalThis.crypto !== "undefined" && globalThis.crypto.getRandomValues) {
+        globalThis.crypto.getRandomValues(bytes);
+    }
+    else {
+        for (let i = 0; i < 16; i++)
+            bytes[i] = Math.floor(Math.random() * 256);
+    }
+    bytes[6] = (bytes[6] & 0x0f) | 0x40; // version 4
+    bytes[8] = (bytes[8] & 0x3f) | 0x80; // variant 1
+    const hex = Array.from(bytes, (b) => b.toString(16).padStart(2, "0")).join("");
+    return `${hex.slice(0, 8)}-${hex.slice(8, 12)}-${hex.slice(12, 16)}-${hex.slice(16, 20)}-${hex.slice(20)}`;
+}
+//# sourceMappingURL=supply-chain-sbom.js.map

package/dist/supply-chain-sbom.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"supply-chain-sbom.js","sourceRoot":"","sources":["../src/supply-chain-sbom.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAkDH,+DAA+D;AAE/D,MAAM,UAAU,iBAAiB,CAAC,KAAqB;IACrD,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,oBAAoB,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC;IAExG,OAAO;QACL,SAAS,EAAE,cAAc;QACzB,WAAW,EAAE,KAAK;QAClB,YAAY,EAAE,YAAY,YAAY,EAAE,EAAE;QAC1C,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,SAAS,EAAE;YACT,IAAI,EAAE,OAAO;YACb,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,OAAO,EAAE,KAAK,CAAC,OAAO,IAAI,OAAO;YACjC,WAAW,EAAE,KAAK,CAAC,WAAW,IAAI,EAAE;YACpC,QAAQ,EAAE,KAAK,CAAC,KAAK,IAAI,SAAS;YAClC,UAAU,EAAE;gBACV,UAAU,EAAE,KAAK,CAAC,EAAE;gBACpB,iBAAiB,EAAE,KAAK,CAAC,SAAS,IAAI,SAAS;aAChD;SACF;QACD,YAAY,EAAE;YACZ,KAAK,EAAE,YAAY,EAAE,KAAK,IAAI,EAAE;YAChC,UAAU,EAAE,YAAY,EAAE,UAAU,IAAI,EAAE;YAC1C,YAAY,EAAE,YAAY,EAAE,YAAY,IAAI,EAAE;YAC9C,MAAM,EAAE,YAAY,EAAE,MAAM,IAAI,EAAE;SACnC;QACD,UAAU,EAAE;YACV,KAAK,EAAE,eAAe,IAAI,CAAC;YAC3B,KAAK,EAAE,eAAe,IAAI,CAAC;YAC3B,oBAAoB,EAAE,oBAAoB,IAAI,EAAE;YAChD,WAAW,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;YAClC,QAAQ,EAAE,QAAQ,IAAI,EAAE;SACzB;KACF,CAAC;AACJ,CAAC;AAED,+DAA+D;AAE/D,SAAS,YAAY;IACnB,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,IAAI,UAAU,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;QAC7E,OAAO,UAAU,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;IACxC,CAAC;IACD,+CAA+C;IAC/C,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,WAAW,IAAI,UAAU,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;QAClF,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC3C,CAAC;SAAM,CAAC;QACN,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE;YAAE,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC;IAC1E,CAAC;IACD,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,YAAY;IACjD,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC,YAAY;IACjD,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC/E,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;AAC7G,CAAC"}

package/dist/supply-chain.d.ts ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * governance-sdk — Agent Supply Chain Security
+ *
+ * Declare agent dependencies, validate against approved registries,
+ * and enforce supply chain policies. Addresses OWASP AA-03.
+ *
+ * @example
+ * ```ts
+ * import { createSupplyChainPolicy, declareAgentDependencies } from 'governance-sdk/supply-chain';
+ *
+ * const deps = declareAgentDependencies({
+ *   tools: ['web_search', 'email_send'],
+ *   mcpServers: ['mcp://files.company.com'],
+ *   apiEndpoints: ['https://api.internal.com'],
+ * });
+ *
+ * const policy = createSupplyChainPolicy({
+ *   approvedTools: ['web_search', 'email_send', 'calendar_read'],
+ *   approvedMcpServers: ['mcp://files.company.com'],
+ * });
+ * governance.addRule(policy);
+ * ```
+ */
+import type { PolicyRule } from "./policy.js";
+/** Declared dependencies for an agent */
+export interface AgentDependencies {
+    tools?: string[];
+    mcpServers?: string[];
+    apiEndpoints?: string[];
+    agents?: string[];
+}
+/** Approved supply chain registry */
+export interface ApprovedRegistry {
+    approvedTools?: string[];
+    approvedMcpServers?: string[];
+    approvedApiEndpoints?: string[];
+    approvedAgents?: string[];
+}
+/** Validation result for a single agent's supply chain */
+export interface SupplyChainValidation {
+    valid: boolean;
+    violations: SupplyChainViolation[];
+}
+export interface SupplyChainViolation {
+    type: "tool" | "mcp_server" | "api_endpoint" | "agent";
+    name: string;
+    reason: string;
+}
+/** Declare and normalize an agent's dependency set */
+export declare function declareAgentDependencies(deps: AgentDependencies): AgentDependencies;
+/** Validate agent dependencies against an approved registry */
+export declare function validateSupplyChain(deps: AgentDependencies, registry: ApprovedRegistry): SupplyChainValidation;
+/**
+ * Create a policy rule that blocks agents using unapproved tools.
+ * Checks the tool being called against the approved registry.
+ */
+export declare function createSupplyChainPolicy(registry: ApprovedRegistry, opts?: {
+    priority?: number;
+    id?: string;
+}): PolicyRule;
+//# sourceMappingURL=supply-chain.d.ts.map

package/dist/supply-chain.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"supply-chain.d.ts","sourceRoot":"","sources":["../src/supply-chain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAI9C,yCAAyC;AACzC,MAAM,WAAW,iBAAiB;IAChC,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,qCAAqC;AACrC,MAAM,WAAW,gBAAgB;IAC/B,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;IAChC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,0DAA0D;AAC1D,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,OAAO,CAAC;IACf,UAAU,EAAE,oBAAoB,EAAE,CAAC;CACpC;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,MAAM,GAAG,YAAY,GAAG,cAAc,GAAG,OAAO,CAAC;IACvD,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;CAChB;AAID,sDAAsD;AACtD,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,iBAAiB,GAAG,iBAAiB,CAOnF;AAID,+DAA+D;AAC/D,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,iBAAiB,EACvB,QAAQ,EAAE,gBAAgB,GACzB,qBAAqB,CAoCvB;AAID;;;GAGG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,gBAAgB,EAC1B,IAAI,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,EAAE,CAAC,EAAE,MAAM,CAAA;CAAE,GACxC,UAAU,CAqBZ"}

package/dist/supply-chain.js ADDED Viewed

@@ -0,0 +1,95 @@
+/**
+ * governance-sdk — Agent Supply Chain Security
+ *
+ * Declare agent dependencies, validate against approved registries,
+ * and enforce supply chain policies. Addresses OWASP AA-03.
+ *
+ * @example
+ * ```ts
+ * import { createSupplyChainPolicy, declareAgentDependencies } from 'governance-sdk/supply-chain';
+ *
+ * const deps = declareAgentDependencies({
+ *   tools: ['web_search', 'email_send'],
+ *   mcpServers: ['mcp://files.company.com'],
+ *   apiEndpoints: ['https://api.internal.com'],
+ * });
+ *
+ * const policy = createSupplyChainPolicy({
+ *   approvedTools: ['web_search', 'email_send', 'calendar_read'],
+ *   approvedMcpServers: ['mcp://files.company.com'],
+ * });
+ * governance.addRule(policy);
+ * ```
+ */
+// ─── Dependency Declaration ─────────────────────────────────
+/** Declare and normalize an agent's dependency set */
+export function declareAgentDependencies(deps) {
+    return {
+        tools: deps.tools ? [...new Set(deps.tools)].sort() : [],
+        mcpServers: deps.mcpServers ? [...new Set(deps.mcpServers)].sort() : [],
+        apiEndpoints: deps.apiEndpoints ? [...new Set(deps.apiEndpoints)].sort() : [],
+        agents: deps.agents ? [...new Set(deps.agents)].sort() : [],
+    };
+}
+// ─── Validation ─────────────────────────────────────────────
+/** Validate agent dependencies against an approved registry */
+export function validateSupplyChain(deps, registry) {
+    const violations = [];
+    if (registry.approvedTools) {
+        for (const tool of deps.tools ?? []) {
+            if (!registry.approvedTools.includes(tool)) {
+                violations.push({ type: "tool", name: tool, reason: `Tool "${tool}" not in approved registry` });
+            }
+        }
+    }
+    if (registry.approvedMcpServers) {
+        for (const server of deps.mcpServers ?? []) {
+            if (!registry.approvedMcpServers.includes(server)) {
+                violations.push({ type: "mcp_server", name: server, reason: `MCP server "${server}" not approved` });
+            }
+        }
+    }
+    if (registry.approvedApiEndpoints) {
+        for (const ep of deps.apiEndpoints ?? []) {
+            if (!registry.approvedApiEndpoints.includes(ep)) {
+                violations.push({ type: "api_endpoint", name: ep, reason: `API endpoint "${ep}" not approved` });
+            }
+        }
+    }
+    if (registry.approvedAgents) {
+        for (const agent of deps.agents ?? []) {
+            if (!registry.approvedAgents.includes(agent)) {
+                violations.push({ type: "agent", name: agent, reason: `Agent "${agent}" not in approved list` });
+            }
+        }
+    }
+    return { valid: violations.length === 0, violations };
+}
+// ─── Policy Rule ────────────────────────────────────────────
+/**
+ * Create a policy rule that blocks agents using unapproved tools.
+ * Checks the tool being called against the approved registry.
+ */
+export function createSupplyChainPolicy(registry, opts) {
+    const approvedTools = new Set(registry.approvedTools ?? []);
+    return {
+        id: opts?.id ?? "supply-chain-tool-check",
+        name: "Supply chain: block unapproved tools",
+        condition: {
+            type: "custom",
+            params: {
+                evaluate: (ctx) => {
+                    if (!ctx.tool)
+                        return false;
+                    return approvedTools.size > 0 && !approvedTools.has(ctx.tool);
+                },
+            },
+        },
+        outcome: "block",
+        reason: "Tool not in approved supply chain registry",
+        priority: opts?.priority ?? 105,
+        enabled: true,
+        stage: "process",
+    };
+}
+//# sourceMappingURL=supply-chain.js.map

package/dist/supply-chain.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"supply-chain.js","sourceRoot":"","sources":["../src/supply-chain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAkCH,+DAA+D;AAE/D,sDAAsD;AACtD,MAAM,UAAU,wBAAwB,CAAC,IAAuB;IAC9D,OAAO;QACL,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE;QACxD,UAAU,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE;QACvE,YAAY,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE;QAC7E,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE;KAC5D,CAAC;AACJ,CAAC;AAED,+DAA+D;AAE/D,+DAA+D;AAC/D,MAAM,UAAU,mBAAmB,CACjC,IAAuB,EACvB,QAA0B;IAE1B,MAAM,UAAU,GAA2B,EAAE,CAAC;IAE9C,IAAI,QAAQ,CAAC,aAAa,EAAE,CAAC;QAC3B,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;YACpC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3C,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,IAAI,4BAA4B,EAAE,CAAC,CAAC;YACnG,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,kBAAkB,EAAE,CAAC;QAChC,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;YAC3C,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAClD,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,eAAe,MAAM,gBAAgB,EAAE,CAAC,CAAC;YACvG,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,oBAAoB,EAAE,CAAC;QAClC,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,YAAY,IAAI,EAAE,EAAE,CAAC;YACzC,IAAI,CAAC,QAAQ,CAAC,oBAAoB,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;gBAChD,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,CAAC,CAAC;YACnG,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,cAAc,EAAE,CAAC;QAC5B,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YACtC,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC7C,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,KAAK,wBAAwB,EAAE,CAAC,CAAC;YACnG,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,UAAU,EAAE,CAAC;AACxD,CAAC;AAED,+DAA+D;AAE/D;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CACrC,QAA0B,EAC1B,IAAyC;IAEzC,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC;IAE5D,OAAO;QACL,EAAE,EAAE,IAAI,EAAE,EAAE,IAAI,yBAAyB;QACzC,IAAI,EAAE,sCAAsC;QAC5C,SAAS,EAAE;YACT,IAAI,EAAE,QAAQ;YACd,MAAM,EAAE;gBACN,QAAQ,EAAE,CAAC,GAAsB,EAAE,EAAE;oBACnC,IAAI,CAAC,GAAG,CAAC,IAAI;wBAAE,OAAO,KAAK,CAAC;oBAC5B,OAAO,aAAa,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAChE,CAAC;aACF;SACF;QACD,OAAO,EAAE,OAAO;QAChB,MAAM,EAAE,4CAA4C;QACpD,QAAQ,EAAE,IAAI,EAAE,QAAQ,IAAI,GAAG;QAC/B,OAAO,EAAE,IAAI;QACb,KAAK,EAAE,SAAS;KACjB,CAAC;AACJ,CAAC"}

package/dist/token-types.d.ts ADDED Viewed

@@ -0,0 +1,77 @@
+/**
+ * Shared token type definitions for Propolis → Honeycomb JWT exchange.
+ *
+ * Zero dependencies. These types define the JWT payload structure.
+ *
+ * DESIGN PRINCIPLE: The JWT carries identity, trust level, and scope.
+ * It does NOT carry tool permissions — those are enforced by governance
+ * policies via the policy engine. The JWT tells Honeycomb WHO the agent
+ * is and WHAT DATA it can see. Governance tells the agent WHAT ACTIONS
+ * it can take.
+ *
+ * @example
+ * ```ts
+ * import type { HoneycombAgentToken, TokenRequest } from 'governance-sdk/token-types';
+ * ```
+ */
+/** RS256 JWT payload issued by Propolis for Honeycomb authentication. */
+export interface HoneycombAgentToken {
+    /** Issuer — always "propolis" */
+    iss: "propolis";
+    /** Audience — always "honeycomb" */
+    aud: "honeycomb";
+    /** Subject — agentId */
+    sub: string;
+    /** Issued-at (unix seconds) */
+    iat: number;
+    /** Expiry (unix seconds) */
+    exp: number;
+    /** Unique token ID (UUID) — for revocation and audit correlation */
+    jti: string;
+    agentName: string;
+    orgId: string;
+    /** Governance level (0-4) from composite score */
+    governanceLevel: number;
+    /** Composite governance score (0-100) */
+    compositeScore: number;
+    /** Allowed Honeycomb namespaces */
+    namespaces: string[];
+    /** Allowed access level values */
+    accessLevels: ("public" | "namespace" | "restricted")[];
+    /** Maximum extraction tier (0=none, 1=slim, 2=full) */
+    maxExtractionTier: 0 | 1 | 2;
+    /** Maximum concurrent namespaces */
+    maxNamespaces: number;
+    /** Honeycomb tools this agent is allowed to call */
+    allowedTools: string[];
+    /** Search across all namespaces */
+    allowCrossNamespace?: boolean;
+    /** Restrict entity recall by type (undefined = all types) */
+    allowedEntityTypes?: string[];
+}
+/** Request body for POST /api/v1/token */
+export interface TokenRequest {
+    agentId: string;
+    agentName: string;
+    requestedNamespaces?: string[];
+}
+/** Response body from POST /api/v1/token */
+export interface TokenResponse {
+    token: string;
+    /** Expiry as unix seconds */
+    expiresAt: number;
+}
+/** Resource allocation limits by governance level. */
+export interface ResourceLimits {
+    maxNamespaces: number;
+    maxExtractionTier: 0 | 1 | 2;
+}
+/**
+ * Maps governance level → resource limits.
+ *
+ * These control COMPUTE COST (extraction depth, data breadth).
+ * Authorization (which tools, which actions) is handled by
+ * the governance policy engine — NOT by this table.
+ */
+export declare const RESOURCE_LIMITS_BY_LEVEL: Record<number, ResourceLimits>;
+//# sourceMappingURL=token-types.d.ts.map

package/dist/token-types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token-types.d.ts","sourceRoot":"","sources":["../src/token-types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH,yEAAyE;AACzE,MAAM,WAAW,mBAAmB;IAElC,iCAAiC;IACjC,GAAG,EAAE,UAAU,CAAC;IAChB,oCAAoC;IACpC,GAAG,EAAE,WAAW,CAAC;IACjB,wBAAwB;IACxB,GAAG,EAAE,MAAM,CAAC;IACZ,+BAA+B;IAC/B,GAAG,EAAE,MAAM,CAAC;IACZ,4BAA4B;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,oEAAoE;IACpE,GAAG,EAAE,MAAM,CAAC;IAGZ,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IAGd,kDAAkD;IAClD,eAAe,EAAE,MAAM,CAAC;IACxB,yCAAyC;IACzC,cAAc,EAAE,MAAM,CAAC;IAGvB,mCAAmC;IACnC,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,kCAAkC;IAClC,YAAY,EAAE,CAAC,QAAQ,GAAG,WAAW,GAAG,YAAY,CAAC,EAAE,CAAC;IAGxD,uDAAuD;IACvD,iBAAiB,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,oCAAoC;IACpC,aAAa,EAAE,MAAM,CAAC;IAGtB,oDAAoD;IACpD,YAAY,EAAE,MAAM,EAAE,CAAC;IAGvB,mCAAmC;IACnC,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,6DAA6D;IAC7D,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AAID,0CAA0C;AAC1C,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAC;CAChC;AAED,4CAA4C;AAC5C,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,6BAA6B;IAC7B,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,sDAAsD;AACtD,MAAM,WAAW,cAAc;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,iBAAiB,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;CAC9B;AAED;;;;;;GAMG;AACH,eAAO,MAAM,wBAAwB,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAMnE,CAAC"}

package/dist/token-types.js ADDED Viewed

@@ -0,0 +1,31 @@
+/**
+ * Shared token type definitions for Propolis → Honeycomb JWT exchange.
+ *
+ * Zero dependencies. These types define the JWT payload structure.
+ *
+ * DESIGN PRINCIPLE: The JWT carries identity, trust level, and scope.
+ * It does NOT carry tool permissions — those are enforced by governance
+ * policies via the policy engine. The JWT tells Honeycomb WHO the agent
+ * is and WHAT DATA it can see. Governance tells the agent WHAT ACTIONS
+ * it can take.
+ *
+ * @example
+ * ```ts
+ * import type { HoneycombAgentToken, TokenRequest } from 'governance-sdk/token-types';
+ * ```
+ */
+/**
+ * Maps governance level → resource limits.
+ *
+ * These control COMPUTE COST (extraction depth, data breadth).
+ * Authorization (which tools, which actions) is handled by
+ * the governance policy engine — NOT by this table.
+ */
+export const RESOURCE_LIMITS_BY_LEVEL = {
+    0: { maxNamespaces: 1, maxExtractionTier: 0 },
+    1: { maxNamespaces: 3, maxExtractionTier: 1 },
+    2: { maxNamespaces: 10, maxExtractionTier: 1 },
+    3: { maxNamespaces: 50, maxExtractionTier: 2 },
+    4: { maxNamespaces: Infinity, maxExtractionTier: 2 },
+};
+//# sourceMappingURL=token-types.js.map

package/dist/token-types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"token-types.js","sourceRoot":"","sources":["../src/token-types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AA6EH;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAmC;IACtE,CAAC,EAAE,EAAE,aAAa,EAAE,CAAC,EAAS,iBAAiB,EAAE,CAAC,EAAE;IACpD,CAAC,EAAE,EAAE,aAAa,EAAE,CAAC,EAAS,iBAAiB,EAAE,CAAC,EAAE;IACpD,CAAC,EAAE,EAAE,aAAa,EAAE,EAAE,EAAQ,iBAAiB,EAAE,CAAC,EAAE;IACpD,CAAC,EAAE,EAAE,aAAa,EAAE,EAAE,EAAQ,iBAAiB,EAAE,CAAC,EAAE;IACpD,CAAC,EAAE,EAAE,aAAa,EAAE,QAAQ,EAAE,iBAAiB,EAAE,CAAC,EAAE;CACrD,CAAC"}

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,71 @@
+/**
+ * governance-sdk — Core type system for agent governance.
+ * Framework-agnostic types for agent registration, scoring, and fleet management.
+ */
+/** Supported agent frameworks */
+export type AgentFramework = "mastra" | "langchain" | "crewai" | "autogen" | "openai" | "vercel-ai" | "mcp" | "bedrock" | "genkit" | "semantic-kernel" | "anthropic" | "mistral" | "ollama" | "e2b" | "composio" | "custom" | "unknown";
+/** Agent lifecycle status */
+export type AgentStatus = "registered" | "assessed" | "approved" | "flagged" | "deprecated" | "quarantined";
+/** The seven governance dimensions */
+export type ScoreDimension = "identity" | "permissions" | "observability" | "guardrails" | "auditability" | "compliance" | "lifecycle";
+/** Governance level mapped from composite score */
+export interface GovernanceLevel {
+    level: 0 | 1 | 2 | 3 | 4;
+    label: string;
+    autonomy: string;
+    minScore: number;
+    maxScore: number;
+}
+/** Individual dimension scoring result */
+export interface DimensionResult {
+    dimension: ScoreDimension;
+    score: number;
+    weight: number;
+    evidence: Record<string, boolean | number | string>;
+}
+/** Complete governance assessment for an agent */
+export interface GovernanceAssessment {
+    agentId: string;
+    agentName: string;
+    compositeScore: number;
+    level: GovernanceLevel;
+    dimensions: DimensionResult[];
+    status: AgentStatus;
+    assessedAt: string;
+    recommendations: string[];
+}
+/** Agent registration input */
+export interface AgentRegistration {
+    name: string;
+    framework: AgentFramework;
+    description?: string;
+    owner: string;
+    version?: string;
+    channels?: string[];
+    tools?: string[];
+    hasAuth?: boolean;
+    hasGuardrails?: boolean;
+    hasObservability?: boolean;
+    hasAuditLog?: boolean;
+    permissions?: Record<string, unknown>;
+    metadata?: Record<string, unknown>;
+}
+/** Fleet-level governance summary */
+export interface FleetSummary {
+    totalAgents: number;
+    averageScore: number;
+    fleetLevel: GovernanceLevel;
+    byStatus: Record<AgentStatus, number>;
+    byFramework: Record<AgentFramework, number>;
+    byLevel: Record<number, number>;
+    highestScoring: {
+        name: string;
+        score: number;
+    } | null;
+    lowestScoring: {
+        name: string;
+        score: number;
+    } | null;
+    recommendations: string[];
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,iCAAiC;AACjC,MAAM,MAAM,cAAc,GACtB,QAAQ,GACR,WAAW,GACX,QAAQ,GACR,SAAS,GACT,QAAQ,GACR,WAAW,GACX,KAAK,GACL,SAAS,GACT,QAAQ,GACR,iBAAiB,GACjB,WAAW,GACX,SAAS,GACT,QAAQ,GACR,KAAK,GACL,UAAU,GACV,QAAQ,GACR,SAAS,CAAC;AAEd,6BAA6B;AAC7B,MAAM,MAAM,WAAW,GACnB,YAAY,GACZ,UAAU,GACV,UAAU,GACV,SAAS,GACT,YAAY,GACZ,aAAa,CAAC;AAElB,sCAAsC;AACtC,MAAM,MAAM,cAAc,GACtB,UAAU,GACV,aAAa,GACb,eAAe,GACf,YAAY,GACZ,cAAc,GACd,YAAY,GACZ,WAAW,CAAC;AAEhB,mDAAmD;AACnD,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,0CAA0C;AAC1C,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,cAAc,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAAC,CAAC;CACrD;AAED,kDAAkD;AAClD,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,KAAK,EAAE,eAAe,CAAC;IACvB,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,MAAM,EAAE,WAAW,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,+BAA+B;AAC/B,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,cAAc,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACtC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,qCAAqC;AACrC,MAAM,WAAW,YAAY;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,eAAe,CAAC;IAC5B,QAAQ,EAAE,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACtC,WAAW,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAC5C,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,cAAc,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;IACvD,aAAa,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;IACtD,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B"}

package/dist/types.js ADDED Viewed

@@ -0,0 +1,6 @@
+/**
+ * governance-sdk — Core type system for agent governance.
+ * Framework-agnostic types for agent registration, scoring, and fleet management.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG"}