kyd-shared-badge 0.3.2 → 0.3.4

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kyd-shared-badge",
-  "version": "0.3.2",
+  "version": "0.3.4",
   "private": false,
   "main": "./src/index.ts",
   "module": "./src/index.ts",

package/src/ambient-ai.d.ts

@@ -3,6 +3,7 @@ declare module 'ai' {
 }
 
 declare module '@ai-sdk/amazon-bedrock' {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   export function bedrock(modelId: string, opts?: any): any;
 }
 

package/src/lib/auth-verify.ts

@@ -1,48 +1,48 @@
-import { NextRequest } from 'next/server';
-import { getServerSession } from 'next-auth';
-import { authOptions } from '@/lib/auth';
-import { jwtVerify, createRemoteJWKSet } from 'jose';
+// import { NextRequest } from 'next/server';
+// import { getServerSession } from 'next-auth';
+// import { authOptions } from '@/lib/auth';
+// import { jwtVerify, createRemoteJWKSet } from 'jose';
 
-export type VerifiedUser = {
-  userId: string;
-  companyId?: string | null;
-  idToken: string;
-};
+// export type VerifiedUser = {
+//   userId: string;
+//   companyId?: string | null;
+//   idToken: string;
+// };
 
-// Verifies Cognito ID Token from the server session or Authorization header.
-// Returns userId (sub) and optional companyId claim if present.
-export async function verifyCognito(req: NextRequest): Promise<VerifiedUser> {
-  // Try to get id_token from NextAuth session first
-  const session = await getServerSession(authOptions as any);
-  let idToken: string | undefined;
-  if (session && (session as any).id_token) {
-    idToken = (session as any).id_token as string;
-  }
-  if (!idToken) {
-    const authz = req.headers.get('authorization') || req.headers.get('Authorization');
-    if (authz && authz.toLowerCase().startsWith('bearer ')) {
-      idToken = authz.slice(7).trim();
-    }
-  }
+// // Verifies Cognito ID Token from the server session or Authorization header.
+// // Returns userId (sub) and optional companyId claim if present.
+// export async function verifyCognito(req: NextRequest): Promise<VerifiedUser> {
+//   // Try to get id_token from NextAuth session first
+//   const session = await getServerSession(authOptions as any);
+//   let idToken: string | undefined;
+//   if (session.id_token) {
+//     idToken = session.id_token as string;
+//   }
+//   if (!idToken) {
+//     const authz = req.headers.get('authorization') || req.headers.get('Authorization');
+//     if (authz && authz.toLowerCase().startsWith('bearer ')) {
+//       idToken = authz.slice(7).trim();
+//     }
+//   }
 
-  if (!idToken) {
-    throw new Response(JSON.stringify({ error: 'Not authenticated' }), { status: 401 }) as unknown as Error;
-  }
+//   if (!idToken) {
+//     throw new Response(JSON.stringify({ error: 'Not authenticated' }), { status: 401 }) as unknown as Error;
+//   }
 
-  const region = process.env.AWS_REGION!;
-  const userPoolId = process.env.COGNITO_USER_POOL_ID!;
-  const issuer = `https://cognito-idp.${region}.amazonaws.com/${userPoolId}`;
-  const jwks = createRemoteJWKSet(new URL(`${issuer}/.well-known/jwks.json`));
+//   const region = process.env.AWS_REGION!;
+//   const userPoolId = process.env.COGNITO_USER_POOL_ID!;
+//   const issuer = `https://cognito-idp.${region}.amazonaws.com/${userPoolId}`;
+//   const jwks = createRemoteJWKSet(new URL(`${issuer}/.well-known/jwks.json`));
 
-  try {
-    const { payload } = await jwtVerify(idToken, jwks, { issuer });
-    const sub = String(payload.sub || '');
-    if (!sub) throw new Error('Invalid token');
-    const companyId = (payload as any)['custom:companyId'] || (payload as any).companyId || null;
-    return { userId: sub, companyId, idToken };
-  } catch (e) {
-    throw new Response(JSON.stringify({ error: 'Invalid token' }), { status: 401 }) as unknown as Error;
-  }
-}
+//   try {
+//     const { payload } = await jwtVerify(idToken, jwks, { issuer });
+//     const sub = String(payload.sub || '');
+//     if (!sub) throw new Error('Invalid token');
+//     const companyId = (payload as any)['custom:companyId'] || (payload as any).companyId || null;
+//     return { userId: sub, companyId, idToken };
+//   } catch (e) {
+//     throw new Response(JSON.stringify({ error: 'Invalid token' }), { status: 401 }) as unknown as Error;
+//   }
+// }
 
 

package/src/lib/chat-store.ts

@@ -28,8 +28,11 @@ export type MessageItem = {
   role: Role;
   content: string;
   createdAt: string;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   redactions?: any;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   toolCalls?: any;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   evidenceJson?: any;
 };
 
@@ -59,6 +62,7 @@ export async function createSession(params: { userId: string; companyId?: string
   return sessionId;
 }
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 export async function putMessage(params: { sessionId: string; role: Role; content: string; evidenceJson?: any }): Promise<void> {
   const now = new Date().toISOString();
   const item: MessageItem = {

package/src/lib/context.ts

@@ -4,7 +4,7 @@
 import { DynamoDBClient } from '@aws-sdk/client-dynamodb';
 import { DynamoDBDocumentClient, GetCommand } from '@aws-sdk/lib-dynamodb';
 import { S3Client, GetObjectCommand } from '@aws-sdk/client-s3';
-import { mkdir, writeFile } from 'fs/promises';
+// import { mkdir, writeFile } from 'fs/promises';
 import { GraphInsightsPayload } from '../types';
 
 const region = process.env.AWS_REGION!;
@@ -18,7 +18,7 @@ export async function aggregateUserData(userId: string, enterpriseMode?: boolean
   // Minimal: load user record. Optionally, in enterprise mode, you could also fetch link overlay.
   const userResp = await doc.send(new GetCommand({ TableName: usersTableName, Key: { userId } }));
   const user = userResp.Item || {};
-  const merged = { ...user } as Record<string, any>;
+  const merged = { ...user }
   if (enterpriseMode && companyId) {
     // Optionally merge enterprise overlay later; keeping simple for MVP.
     merged.companyId = companyId;
@@ -50,10 +50,11 @@ export async function aggregateUserData(userId: string, enterpriseMode?: boolean
   return merged;
 }
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 export function cleanDeveloperProfile(data: any): any {
   if (Array.isArray(data)) return data.map(cleanDeveloperProfile);
   if (data === null || typeof data !== 'object') return data;
-  const cleaned: any = {};
+  const cleaned = {};
   const keysToRemove = new Set([
     'accessToken','refreshToken','access_token','refresh_token','id_token',
     'stripeCustomerId','password','secret',
@@ -78,11 +79,13 @@ export function cleanDeveloperProfile(data: any): any {
       delete v['additional_watchlists'];
       delete v['risk_profile_domains'];
     }
+    // @ts-expect-error -  ignoring
     cleaned[key] = v;
   }
   return cleaned;
 }
 
+// // eslint-disable-next-line @typescript-eslint/no-explicit-any
 export function buildAllContextPrompt(cleanedData: any, reportGraphData: GraphInsightsPayload | undefined, options?: { concise?: boolean, debugName?: string }): string {
   const instructions = [
     'You are KYD, a trust and risk analyst.',
@@ -116,29 +119,30 @@ export function buildAllContextPrompt(cleanedData: any, reportGraphData: GraphIn
   return out;
 }
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 async function getJsonFromS3(bucket: string, key: string): Promise<any> {
   const res = await s3.send(new GetObjectCommand({ Bucket: bucket, Key: key }));
-  const text = await (res as any).Body?.transformToString('utf-8');
+  const text = await res.Body?.transformToString('utf-8');
   return JSON.parse(text || '{}');
 }
 
 
-async function maybeWriteDebugContext(cleanedData: any, promptText: string, nameHint?: string): Promise<void> {
-  try {
-    const dir = './debug';
-    await mkdir(dir, { recursive: true });
-    const sanitize = (s: string) => s.replace(/[^a-zA-Z0-9_\-.]/g, '_').slice(0, 64) || 'context';
-    const base = sanitize(nameHint || 'context');
-    const ts = new Date().toISOString().replace(/[:.]/g, '-');
-    const jsonPath = `${dir}/kyd-${base}-${ts}.json`;
-    const txtPath = `${dir}/kyd-${base}-${ts}.txt`;
-    const jsonPretty = JSON.stringify(cleanedData, null, 2);
-    await writeFile(jsonPath, jsonPretty, 'utf8');
-    await writeFile(txtPath, promptText, 'utf8');
-  } catch (e) {
-    console.error('Context debug write failed', e);
-  }
-}
+// async function maybeWriteDebugContext(cleanedData: any, promptText: string, nameHint?: string): Promise<void> {
+//   try {
+//     const dir = './debug';
+//     await mkdir(dir, { recursive: true });
+//     const sanitize = (s: string) => s.replace(/[^a-zA-Z0-9_\-.]/g, '_').slice(0, 64) || 'context';
+//     const base = sanitize(nameHint || 'context');
+//     const ts = new Date().toISOString().replace(/[:.]/g, '-');
+//     const jsonPath = `${dir}/kyd-${base}-${ts}.json`;
+//     const txtPath = `${dir}/kyd-${base}-${ts}.txt`;
+//     const jsonPretty = JSON.stringify(cleanedData, null, 2);
+//     await writeFile(jsonPath, jsonPretty, 'utf8');
+//     await writeFile(txtPath, promptText, 'utf8');
+//   } catch (e) {
+//     console.error('Context debug write failed', e);
+//   }
+// }
 
 
 export async function getReportGraphData(badgeId: string): Promise<GraphInsightsPayload | undefined> {

package/src/lib/rate-limit.ts

@@ -9,9 +9,9 @@ const doc = DynamoDBDocumentClient.from(ddb);
 
 export async function checkAndConsumeToken(userId: string, capacityPerMinute: number = 10): Promise<boolean> {
   const now = Date.now();
-  const key = { userId } as any;
+  const key = { userId };
   const resp = await doc.send(new GetCommand({ TableName: tableName, Key: key }));
-  const item = (resp.Item as any) || { userId, tokens: capacityPerMinute, refillAt: now };
+  const item = resp.Item || { userId, tokens: capacityPerMinute, refillAt: now };
   let tokens: number = typeof item.tokens === 'number' ? item.tokens : capacityPerMinute;
   let refillAt: number = typeof item.refillAt === 'number' ? item.refillAt : now;
   if (now >= refillAt + 60_000) {

package/src/lib/routes.ts

@@ -43,33 +43,32 @@ export async function chatStreamRoute(req: NextRequest, userId: string, companyI
       messages: [...history, { role: 'user' as const, content }],
       maxTokens: 1024,
       temperature: 0.2,
-      onFinish: async ({ text }: { text: string }) => {
-        // Attempt to capture evidence block if present (UI also parses, but cache server-side)
-        const evidence = tryParseEvidenceServer(text);
-        await putMessage({ sessionId, role: 'assistant', content: text, evidenceJson: evidence || undefined });
-      },
+      // onFinish: async ({ text }: { text: string }) => {
+      //   // Attempt to capture evidence block if present (UI also parses, but cache server-side)
+      //   const evidence = tryParseEvidenceServer(text);
+      //   await putMessage({ sessionId, role: 'assistant', content: text, evidenceJson: evidence || undefined });
+      // },
     });
 
     return result.toTextStreamResponse();
-  } catch (e: any) {
-    if (e instanceof Response) return e;
+  } catch (e) {
     console.error('chat error', e);
     return new Response('An error occurred. Please try again.', { status: 500 });
   }
 }
 
-function tryParseEvidenceServer(text: string): any | null {
-  try {
-    const start = text.indexOf('```json');
-    const end = text.indexOf('```', start + 7);
-    const raw = start >= 0 && end > start ? text.slice(start + 7, end).trim() : text.trim();
-    const obj = JSON.parse(raw);
-    if (obj && obj.type === 'evidence' && Array.isArray(obj.claims)) return obj;
-  } catch {}
-  return null;
-}
+// function tryParseEvidenceServer(text: string): any | null {
+//   try {
+//     const start = text.indexOf('```json');
+//     const end = text.indexOf('```', start + 7);
+//     const raw = start >= 0 && end > start ? text.slice(start + 7, end).trim() : text.trim();
+//     const obj = JSON.parse(raw);
+//     if (obj && obj.type === 'evidence' && Array.isArray(obj.claims)) return obj;
+//   } catch {}
+//   return null;
+// }
 
-export async function POST(req: NextRequest, userId: string, companyId?: string) {
+export async function createSessionRoute(req: NextRequest, userId: string, companyId?: string) {
   try {
     // const user = await verifyCognito(req);
     const body = await req.json().catch(() => ({}));
@@ -81,7 +80,7 @@ export async function POST(req: NextRequest, userId: string, companyId?: string)
       promptVersion: body?.promptVersion,
     });
     return Response.json({ sessionId });
-  } catch (e: any) {
+  } catch (e) {
     console.error(e);
     if (e instanceof Response) return e;
     return Response.json({ error: 'Failed to create session' }, { status: 500 });