monora-ai 2.0.0 → 2.1.3

package/dist/config.js

@@ -36,44 +36,54 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.PRESETS = void 0;
+exports.DEFAULT_CONFIG = exports.PRESETS = void 0;
 exports.loadConfig = loadConfig;
 exports.parseSinkConfig = parseSinkConfig;
 exports.getPresetConfig = getPresetConfig;
 exports.buildConfigFromOptions = buildConfigFromOptions;
+exports.detectEnvironment = detectEnvironment;
+exports.suggestPreset = suggestPreset;
 const fs = __importStar(require("fs"));
 const yaml = __importStar(require("js-yaml"));
 const logger_1 = require("./logger");
 const config_migrations_1 = require("./config_migrations");
+const presets_1 = require("./presets");
 /**
  * Preset configurations for quick setup.
  */
+const MINIMAL_PRESET = {
+    sinks: [{ type: 'file', path: './monora_events.jsonl', rotation: 'none' }],
+    immutability: { enabled: false },
+    reporting: { enabled: false },
+    instrumentation: { enabled: false },
+    telemetry: { enabled: true, backend: 'minimal' },
+};
+const DEV_PRESET = {
+    defaults: { environment: 'dev' },
+    sinks: [
+        { type: 'file', path: './monora_events.jsonl', rotation: 'none' },
+        { type: 'stdout', format: 'pretty' },
+    ],
+    immutability: { enabled: true, verify_on_emit: false },
+    reporting: { enabled: true, output_dir: './monora_reports' },
+    instrumentation: { enabled: true, auto_patch: true },
+    telemetry: { enabled: true, backend: 'minimal' },
+};
+const PRODUCTION_PRESET = {
+    defaults: { environment: 'production' },
+    sinks: [{ type: 'file', path: './logs/monora_events.jsonl', rotation: 'daily', symlink: true }],
+    immutability: { enabled: true, verify_on_shutdown: true },
+    reporting: { enabled: true, output_dir: './monora_reports' },
+    wal: { enabled: true, path: './monora_wal' },
+    instrumentation: { enabled: true, auto_patch: true },
+    error_handling: { sink_failure_mode: 'warn' },
+    telemetry: { enabled: true, backend: 'minimal' },
+};
 exports.PRESETS = {
-    minimal: {
-        sinks: [{ type: 'stdout', format: 'json' }],
-        immutability: { enabled: false },
-        reporting: { enabled: false },
-        instrumentation: { enabled: false },
-    },
-    development: {
-        defaults: { environment: 'dev' },
-        sinks: [
-            { type: 'stdout', format: 'json' },
-            { type: 'file', path: './monora_events.jsonl' },
-        ],
-        immutability: { enabled: true, verify_on_emit: false },
-        reporting: { enabled: true, output_dir: './monora_reports' },
-        instrumentation: { enabled: true, auto_patch: true },
-    },
-    production: {
-        defaults: { environment: 'production' },
-        sinks: [{ type: 'file', path: './logs/monora_events.jsonl' }],
-        immutability: { enabled: true, verify_on_shutdown: true },
-        reporting: { enabled: true, output_dir: './monora_reports' },
-        wal: { enabled: true, path: './monora_wal' },
-        instrumentation: { enabled: true, auto_patch: true },
-        error_handling: { sink_failure_mode: 'warn' },
-    },
+    minimal: MINIMAL_PRESET,
+    development: DEV_PRESET,
+    dev: DEV_PRESET,
+    production: PRODUCTION_PRESET,
     compliance: {
         defaults: { environment: 'production' },
         sinks: [{ type: 'file', path: './logs/monora_events.jsonl' }],
@@ -89,6 +99,14 @@ exports.PRESETS = {
         attestation: { enabled: true },
         ai_act: { enabled: true, generate_transparency_report: true },
         instrumentation: { enabled: true, auto_patch: true },
+        attribution: {
+            enabled: false,
+            telemetry: {
+                enabled: false,
+                send_data: false,
+                data_residency: null,
+            },
+        },
     },
     poc: {
         defaults: { environment: 'production' },
@@ -110,7 +128,7 @@ exports.PRESETS = {
         instrumentation: { enabled: true, auto_patch: true },
     },
 };
-const DEFAULT_CONFIG = {
+exports.DEFAULT_CONFIG = {
     config_version: '1.0.0',
     defaults: {
         data_classification: 'internal',
@@ -118,7 +136,7 @@ const DEFAULT_CONFIG = {
         service_name: undefined,
         environment: 'dev',
     },
-    sinks: [{ type: 'stdout', format: 'json' }],
+    sinks: [{ type: 'file', path: './monora_events.jsonl', rotation: 'none' }],
     immutability: {
         enabled: true,
         scope: 'per_trace',
@@ -186,6 +204,7 @@ const DEFAULT_CONFIG = {
         include_security_report: false,
         max_events_per_trace: 10000,
         redact_host: true,
+        trust_bundle_include_events: true,
     },
     data_handling: {
         enabled: false,
@@ -259,10 +278,179 @@ const DEFAULT_CONFIG = {
         enabled: true,
         backend: 'minimal',
     },
+    attribution: {
+        enabled: false,
+        project: {},
+        telemetry: {
+            enabled: false,
+            send_data: false,
+            data_residency: null,
+            endpoints: {
+                us: null, // Set via MONORA_ATTRIBUTION_ENDPOINT_US or config
+                eu: null, // Set via MONORA_ATTRIBUTION_ENDPOINT_EU or config
+            },
+            api_key_env: 'MONORA_ATTRIBUTION_KEY',
+            timeout_sec: 5.0,
+            retry_attempts: 2,
+            backoff_base_sec: 0.5,
+        },
+    },
+    audit: {},
+    quotas: {
+        enabled: false,
+        max_tokens_per_trace: 100000,
+        max_llm_calls_per_trace: 50,
+        max_trace_duration_sec: 3600,
+        max_cost_per_trace: 10.0,
+        action: 'warn',
+    },
+    identity: {
+        enabled: false,
+        require_user_id: false,
+        capture_roles: false,
+        capture_org: false,
+        redact_user_id: false,
+    },
+    risk_register: {
+        enabled: false,
+        models: {},
+        default_risk_level: 'high',
+        block_unassessed: false,
+    },
+    bias: {
+        enabled: false,
+        dimensions: [],
+        thresholds: {
+            demographic_parity_ratio: 0.8,
+            disparate_impact: 0.8,
+        },
+        alert_on_violation: true,
+        measurement_callback: null,
+    },
+    human_oversight: {
+        enabled: false,
+        require_review_for: [],
+        review_timeout_hours: 24,
+        escalation_policy: {
+            timeout_action: 'alert',
+            escalate_to: null,
+        },
+    },
+    // ISO 42001 A.5 - AI Impact Assessment
+    impact_assessment: {
+        enabled: false,
+        require_before_production: true,
+        review_interval_days: 365,
+        categories: ['fairness', 'privacy', 'safety', 'autonomy', 'economic', 'environmental'],
+        require_approvals: [
+            { role: 'ai_governance' },
+            { role: 'legal' },
+            { role: 'ethics_board' },
+        ],
+        risk_matrix: {
+            likelihood_weights: { rare: 1, unlikely: 2, possible: 3, likely: 4, certain: 5 },
+            severity_weights: { minimal: 1, minor: 2, moderate: 3, major: 4, catastrophic: 5 },
+        },
+    },
+    // ISO 42001 A.6 - AI System Life Cycle
+    lifecycle: {
+        enabled: false,
+        require_objectives: true,
+        require_requirements: true,
+        require_v_and_v: true,
+        stage_prerequisites: {
+            testing: ['requirements_defined'],
+            staging: ['verification_complete'],
+            production: ['validation_complete', 'deployment_approved'],
+            deprecated: ['decommission_plan'],
+        },
+    },
+    // ISO 42001 A.7 - Data Governance
+    data_governance: {
+        enabled: false,
+        require_quality_assessment: true,
+        default_quality_thresholds: {
+            completeness: 0.95,
+            accuracy: 0.90,
+            consistency: 0.95,
+            timeliness: 0.80,
+            uniqueness: 0.99,
+            representativeness: 0.70,
+        },
+        require_bias_assessment_for: ['training', 'validation'],
+    },
+    // ISO 42001 A.8/A.10 - Stakeholder & Third-Party Management
+    stakeholders: {
+        enabled: false,
+        require_supplier_assessment: true,
+        supplier_review_interval_days: 365,
+        risk_thresholds: {
+            critical_requires_approval: true,
+            high_requires_review: true,
+        },
+    },
+    // ISO 42001 A.4/A.2 - Resource Inventory & Policy Review
+    resources: {
+        enabled: false,
+        require_tooling_approval: true,
+        policy_review_interval_days: 365,
+        track_competencies: true,
+    },
+    onboarding: {
+        enabled: false,
+        required_in_production: true,
+        status: 'draft',
+        standards: ['SOC2', 'GDPR', 'ISO27001'],
+        artifacts: {
+            production_logs_path: './monora_events.jsonl',
+            schema_contract_path: './onboarding/schema_contract.json',
+            dataset_sample_path: null,
+            baseline_reports_dir: './monora_reports/onboarding',
+        },
+        validation: {
+            min_log_records: 100,
+            required_field_presence_threshold: 0.95,
+            type_conformance_threshold: 0.90,
+        },
+        completion: {
+            completed_at: null,
+            completed_by: null,
+            last_validated_at: null,
+        },
+    },
+    model_spec: {
+        name: 'monora_default',
+        version: 'v1',
+        event_ts_field: 'timestamp',
+        schema_ref: './onboarding/schema_contract.json',
+        roles: {
+            inputs: [],
+            outputs: [],
+            metadata: [],
+            identifiers: ['event_id', 'trace_id', 'span_id'],
+        },
+    },
+    enrichments: {
+        profile: 'recommended',
+        bundles: [
+            'core_observability',
+            'soc2_access',
+            'gdpr_privacy',
+            'iso27001_security',
+        ],
+        toggles: {
+            identity_tracking: true,
+            risk_tracking: true,
+            bias_tracking: false,
+            oversight_tracking: true,
+            data_governance_tracking: true,
+            lifecycle_tracking: true,
+        },
+    },
 };
 function loadConfig(options) {
     const { configPath, configDict, envPrefix = 'MONORA_' } = options || {};
-    let config = deepCopy(DEFAULT_CONFIG);
+    let config = deepCopy(exports.DEFAULT_CONFIG);
     // Load from environment variables
     const envConfig = configFromEnv(envPrefix);
     mergeDicts(config, envConfig);
@@ -326,7 +514,13 @@ function envKeyToPath(key) {
     const upperKey = key.toUpperCase();
     let rest = parts.slice(1);
     const path = [];
-    if (upperKey.startsWith('AI_ACT') ||
+    let prefix = [];
+    if (parts.length >= 2 && parts[0] === 'ATTRIBUTION' && ['TELEMETRY', 'PROJECT'].includes(parts[1])) {
+        path.push('attribution');
+        prefix = [parts[1].toLowerCase()];
+        rest = parts.slice(2);
+    }
+    else if (upperKey.startsWith('AI_ACT') ||
         (parts.length >= 2 && parts[0] === 'AI' && parts[1] === 'ACT')) {
         path.push('ai_act');
         rest = parts.slice(2);
@@ -334,6 +528,9 @@ function envKeyToPath(key) {
     else {
         path.push(parts[0].toLowerCase());
     }
+    if (prefix.length > 0) {
+        path.push(...prefix);
+    }
     const buffer = [];
     for (const part of rest) {
         if (/^\d+$/.test(part)) {
@@ -558,8 +755,9 @@ function parseSinkConfig(sink) {
     }
     // HTTPS sink
     if (sinkStr.startsWith('https://') || sinkStr.startsWith('http://')) {
+        const sinkType = sinkStr.startsWith('https://') ? 'https' : 'http';
         return [{
-                type: 'https',
+                type: sinkType,
                 endpoint: sinkStr,
                 batch_size: 50,
                 timeout_sec: 10,
@@ -570,7 +768,7 @@ function parseSinkConfig(sink) {
     return [{
             type: 'file',
             path: sinkStr,
-            rotation: 'daily',
+            rotation: 'none',
             max_size_mb: 100,
         }];
 }
@@ -578,11 +776,16 @@ function parseSinkConfig(sink) {
  * Get configuration for a named preset.
  */
 function getPresetConfig(preset) {
-    if (!(preset in exports.PRESETS)) {
-        const valid = Object.keys(exports.PRESETS).join(', ');
+    if (preset in exports.PRESETS) {
+        return deepCopy(exports.PRESETS[preset]);
+    }
+    try {
+        return (0, presets_1.getPresetConfig)(preset);
+    }
+    catch {
+        const valid = [...new Set([...Object.keys(exports.PRESETS), ...(0, presets_1.listPresets)()])].sort().join(', ');
         throw new Error(`Unknown preset '${preset}'. Valid presets: ${valid}`);
     }
-    return deepCopy(exports.PRESETS[preset]);
 }
 /**
  * Build configuration from simplified options.
@@ -590,7 +793,7 @@ function getPresetConfig(preset) {
 function buildConfigFromOptions(options = {}) {
     const { preset, serviceName, sink, policies, configPath, configDict } = options;
     // Start with defaults
-    let config = deepCopy(DEFAULT_CONFIG);
+    let config = deepCopy(exports.DEFAULT_CONFIG);
     // Apply preset if specified
     if (preset && preset !== 'auto') {
         const presetConfig = getPresetConfig(preset);
@@ -625,3 +828,192 @@ function buildConfigFromOptions(options = {}) {
     (0, config_migrations_1.applyConfigMigrations)(config);
     return config;
 }
+/**
+ * Detect the runtime environment from common signals.
+ *
+ * Checks in order of priority:
+ * 1. Explicit NODE_ENV
+ * 2. CI/CD environment variables
+ * 3. Container orchestrator hints
+ * 4. Framework-specific variables
+ *
+ * @returns Detection result with environment, source, and confidence
+ */
+function detectEnvironment() {
+    const context = {};
+    // 1. Check explicit NODE_ENV (highest priority)
+    const nodeEnv = process.env.NODE_ENV?.toLowerCase();
+    if (nodeEnv) {
+        context.NODE_ENV = nodeEnv;
+        if (nodeEnv === 'production' || nodeEnv === 'prod') {
+            return {
+                environment: 'production',
+                source: 'NODE_ENV',
+                confidence: 'high',
+                context,
+            };
+        }
+        if (nodeEnv === 'staging' || nodeEnv === 'stage') {
+            return {
+                environment: 'staging',
+                source: 'NODE_ENV',
+                confidence: 'high',
+                context,
+            };
+        }
+        if (nodeEnv === 'test' || nodeEnv === 'testing') {
+            return {
+                environment: 'test',
+                source: 'NODE_ENV',
+                confidence: 'high',
+                context,
+            };
+        }
+        if (nodeEnv === 'development' || nodeEnv === 'dev') {
+            return {
+                environment: 'development',
+                source: 'NODE_ENV',
+                confidence: 'high',
+                context,
+            };
+        }
+    }
+    // 2. Check CI/CD environment variables
+    const ciVars = {
+        CI: process.env.CI,
+        GITHUB_ACTIONS: process.env.GITHUB_ACTIONS,
+        GITLAB_CI: process.env.GITLAB_CI,
+        CIRCLECI: process.env.CIRCLECI,
+        TRAVIS: process.env.TRAVIS,
+        JENKINS_URL: process.env.JENKINS_URL,
+        BUILDKITE: process.env.BUILDKITE,
+        AZURE_PIPELINES: process.env.TF_BUILD,
+        TEAMCITY_VERSION: process.env.TEAMCITY_VERSION,
+        BITBUCKET_PIPELINES: process.env.BITBUCKET_BUILD_NUMBER,
+    };
+    for (const [varName, value] of Object.entries(ciVars)) {
+        if (value && value !== 'false' && value !== '0') {
+            context[varName] = value;
+            return {
+                environment: 'ci',
+                source: varName,
+                confidence: 'high',
+                context,
+            };
+        }
+    }
+    // 3. Check container orchestrator hints
+    if (process.env.KUBERNETES_SERVICE_HOST) {
+        context.KUBERNETES_SERVICE_HOST = process.env.KUBERNETES_SERVICE_HOST;
+        // K8s typically means production or staging
+        return {
+            environment: 'production',
+            source: 'KUBERNETES_SERVICE_HOST',
+            confidence: 'medium',
+            context,
+        };
+    }
+    if (process.env.ECS_CONTAINER_METADATA_URI || process.env.AWS_EXECUTION_ENV) {
+        context.AWS = process.env.ECS_CONTAINER_METADATA_URI || process.env.AWS_EXECUTION_ENV || '';
+        return {
+            environment: 'production',
+            source: 'AWS_ECS',
+            confidence: 'medium',
+            context,
+        };
+    }
+    if (process.env.CLOUD_RUN_JOB || process.env.K_SERVICE) {
+        context.GCP = process.env.CLOUD_RUN_JOB || process.env.K_SERVICE || '';
+        return {
+            environment: 'production',
+            source: 'GCP_CLOUD_RUN',
+            confidence: 'medium',
+            context,
+        };
+    }
+    // 4. Check for common cloud platform variables
+    if (process.env.VERCEL) {
+        context.VERCEL = process.env.VERCEL;
+        const vercelEnv = process.env.VERCEL_ENV?.toLowerCase();
+        if (vercelEnv === 'production') {
+            return { environment: 'production', source: 'VERCEL_ENV', confidence: 'high', context };
+        }
+        if (vercelEnv === 'preview') {
+            return { environment: 'staging', source: 'VERCEL_ENV', confidence: 'high', context };
+        }
+        return { environment: 'development', source: 'VERCEL', confidence: 'medium', context };
+    }
+    if (process.env.RAILWAY_ENVIRONMENT) {
+        context.RAILWAY_ENVIRONMENT = process.env.RAILWAY_ENVIRONMENT;
+        const railwayEnv = process.env.RAILWAY_ENVIRONMENT.toLowerCase();
+        if (railwayEnv === 'production') {
+            return { environment: 'production', source: 'RAILWAY_ENVIRONMENT', confidence: 'high', context };
+        }
+        return { environment: 'staging', source: 'RAILWAY_ENVIRONMENT', confidence: 'medium', context };
+    }
+    if (process.env.HEROKU_APP_NAME) {
+        context.HEROKU_APP_NAME = process.env.HEROKU_APP_NAME;
+        // Heroku typically indicates production deployment
+        return {
+            environment: 'production',
+            source: 'HEROKU',
+            confidence: 'medium',
+            context,
+        };
+    }
+    if (process.env.FLY_APP_NAME) {
+        context.FLY_APP_NAME = process.env.FLY_APP_NAME;
+        return {
+            environment: 'production',
+            source: 'FLY_IO',
+            confidence: 'medium',
+            context,
+        };
+    }
+    // 5. Check for test runners
+    if (process.env.JEST_WORKER_ID) {
+        context.JEST_WORKER_ID = process.env.JEST_WORKER_ID;
+        return {
+            environment: 'test',
+            source: 'JEST_WORKER_ID',
+            confidence: 'high',
+            context,
+        };
+    }
+    if (process.env.VITEST) {
+        context.VITEST = process.env.VITEST;
+        return {
+            environment: 'test',
+            source: 'VITEST',
+            confidence: 'high',
+            context,
+        };
+    }
+    // 6. Default to development with low confidence
+    return {
+        environment: 'development',
+        source: 'default',
+        confidence: 'low',
+        context,
+    };
+}
+/**
+ * Get a suggested preset based on detected environment.
+ *
+ * @returns Recommended preset name for the detected environment
+ */
+function suggestPreset() {
+    const detection = detectEnvironment();
+    switch (detection.environment) {
+        case 'production':
+            return 'strict_enterprise';
+        case 'staging':
+            return 'poc';
+        case 'ci':
+        case 'test':
+            return 'minimal';
+        case 'development':
+        default:
+            return 'development';
+    }
+}

package/dist/config_migrations.d.ts

@@ -1,4 +1,45 @@
 import type { MonoraConfig } from './config';
 export declare const LATEST_CONFIG_VERSION = "1.0.0";
 export declare function applyConfigMigrations(config: MonoraConfig): MonoraConfig;
+/**
+ * Warning about configuration not being production-ready.
+ */
+export interface ProductionReadinessWarning {
+    category: string;
+    message: string;
+    recommendation: string;
+}
+/**
+ * Validate configuration against production best practices.
+ *
+ * Returns a list of warnings for settings that may not be appropriate
+ * for production use.
+ *
+ * @param config - The Monora configuration object.
+ * @returns List of ProductionReadinessWarning objects.
+ *
+ * @example
+ * ```typescript
+ * const warnings = validateProductionReadiness(config);
+ * for (const w of warnings) {
+ *   console.log(`[${w.category}] ${w.message}`);
+ *   console.log(`  Recommendation: ${w.recommendation}`);
+ * }
+ * ```
+ */
+export declare function validateProductionReadiness(config: MonoraConfig): ProductionReadinessWarning[];
+/**
+ * Check if a preset is appropriate for the given environment.
+ *
+ * @param presetName - Name of the preset being used.
+ * @param environment - Target environment.
+ * @returns Warning if there's a mismatch, null otherwise.
+ */
+export declare function checkPresetEnvironmentMismatch(presetName: string | null | undefined, environment: string): ProductionReadinessWarning | null;
+/**
+ * Log production readiness warnings.
+ *
+ * @param warnings - List of warnings to log.
+ */
+export declare function logProductionWarnings(warnings: ProductionReadinessWarning[]): void;
 //# sourceMappingURL=config_migrations.d.ts.map

package/dist/config_migrations.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config_migrations.d.ts","sourceRoot":"","sources":["../src/config_migrations.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAG7C,eAAO,MAAM,qBAAqB,UAAU,CAAC;AAG7C,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,YAAY,GAAG,YAAY,CAwBxE"}
+{"version":3,"file":"config_migrations.d.ts","sourceRoot":"","sources":["../src/config_migrations.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAG7C,eAAO,MAAM,qBAAqB,UAAU,CAAC;AAG7C,wBAAgB,qBAAqB,CAAC,MAAM,EAAE,YAAY,GAAG,YAAY,CA2BxE;AA+LD;;GAEG;AACH,MAAM,WAAW,0BAA0B;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,2BAA2B,CAAC,MAAM,EAAE,YAAY,GAAG,0BAA0B,EAAE,CA6G9F;AAED;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAC5C,UAAU,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACrC,WAAW,EAAE,MAAM,GAClB,0BAA0B,GAAG,IAAI,CA2BnC;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,0BAA0B,EAAE,GAAG,IAAI,CAalF"}