npm - monora-ai - Versions diffs - 2.0.0 → 2.1.3 - Mend

monora-ai 2.0.0 → 2.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (202) hide show

package/README.md +441 -150
package/dist/aims_governance.d.ts +238 -0
package/dist/aims_governance.d.ts.map +1 -0
package/dist/aims_governance.js +922 -0
package/dist/alerts.d.ts +16 -0
package/dist/alerts.d.ts.map +1 -1
package/dist/alerts.js +16 -0
package/dist/api.d.ts +6 -0
package/dist/api.d.ts.map +1 -1
package/dist/api.js +6 -0
package/dist/assessment.d.ts +269 -0
package/dist/assessment.d.ts.map +1 -0
package/dist/assessment.js +1232 -0
package/dist/attestation.js +23 -1
package/dist/attribution.d.ts +349 -0
package/dist/attribution.d.ts.map +1 -0
package/dist/attribution.js +987 -0
package/dist/autodetect.d.ts +69 -1
package/dist/autodetect.d.ts.map +1 -1
package/dist/autodetect.js +644 -1
package/dist/bias.d.ts +130 -0
package/dist/bias.d.ts.map +1 -0
package/dist/bias.js +223 -0
package/dist/circuit_breaker.js +3 -3
package/dist/cli/diagnostics.d.ts +5 -1
package/dist/cli/diagnostics.d.ts.map +1 -1
package/dist/cli/diagnostics.js +31 -8
package/dist/cli/doctor.d.ts +25 -0
package/dist/cli/doctor.d.ts.map +1 -0
package/dist/cli/doctor.js +381 -0
package/dist/cli/fix.d.ts +16 -0
package/dist/cli/fix.d.ts.map +1 -0
package/dist/cli/fix.js +284 -0
package/dist/cli/init.d.ts +57 -0
package/dist/cli/init.d.ts.map +1 -0
package/dist/cli/init.js +205 -0
package/dist/cli.js +1611 -126
package/dist/complianceTargets.d.ts +111 -0
package/dist/complianceTargets.d.ts.map +1 -0
package/dist/complianceTargets.js +521 -0
package/dist/config.d.ts +301 -17
package/dist/config.d.ts.map +1 -1
package/dist/config.js +428 -36
package/dist/config_migrations.d.ts +41 -0
package/dist/config_migrations.d.ts.map +1 -1
package/dist/config_migrations.js +205 -0
package/dist/config_schema.d.ts +2900 -731
package/dist/config_schema.d.ts.map +1 -1
package/dist/config_schema.js +257 -55
package/dist/context.d.ts +34 -0
package/dist/context.d.ts.map +1 -1
package/dist/context.js +118 -7
package/dist/control_backbone.d.ts +122 -0
package/dist/control_backbone.d.ts.map +1 -0
package/dist/control_backbone.js +698 -0
package/dist/data-governance.d.ts +187 -0
package/dist/data-governance.d.ts.map +1 -0
package/dist/data-governance.js +424 -0
package/dist/dataResidency.d.ts +44 -0
package/dist/dataResidency.d.ts.map +1 -0
package/dist/dataResidency.js +203 -0
package/dist/dispatcher.d.ts +32 -0
package/dist/dispatcher.d.ts.map +1 -1
package/dist/dispatcher.js +91 -4
package/dist/events.d.ts.map +1 -1
package/dist/events.js +38 -0
package/dist/evidence_store.d.ts +103 -0
package/dist/evidence_store.d.ts.map +1 -0
package/dist/evidence_store.js +459 -0
package/dist/executiveSummary.d.ts +65 -8
package/dist/executiveSummary.d.ts.map +1 -1
package/dist/executiveSummary.js +289 -26
package/dist/identity.d.ts +143 -0
package/dist/identity.d.ts.map +1 -0
package/dist/identity.js +231 -0
package/dist/impact-assessment.d.ts +350 -0
package/dist/impact-assessment.d.ts.map +1 -0
package/dist/impact-assessment.js +580 -0
package/dist/index.d.ts +25 -5
package/dist/index.d.ts.map +1 -1
package/dist/index.js +300 -4
package/dist/instrumentation.d.ts +1 -1
package/dist/instrumentation.d.ts.map +1 -1
package/dist/instrumentation.js +243 -27
package/dist/integrations/anthropic.d.ts +3 -0
package/dist/integrations/anthropic.d.ts.map +1 -1
package/dist/integrations/anthropic.js +284 -79
package/dist/integrations/governance.d.ts +33 -0
package/dist/integrations/governance.d.ts.map +1 -0
package/dist/integrations/governance.js +208 -0
package/dist/integrations/langchain.d.ts +7 -0
package/dist/integrations/langchain.d.ts.map +1 -1
package/dist/integrations/langchain.js +387 -143
package/dist/integrations/openai.d.ts +9 -0
package/dist/integrations/openai.d.ts.map +1 -1
package/dist/integrations/openai.js +673 -73
package/dist/iso42001_consolidation.d.ts +16 -0
package/dist/iso42001_consolidation.d.ts.map +1 -0
package/dist/iso42001_consolidation.js +413 -0
package/dist/iso42001_workflows.d.ts +263 -0
package/dist/iso42001_workflows.d.ts.map +1 -0
package/dist/iso42001_workflows.js +781 -0
package/dist/lifecycle.d.ts +299 -0
package/dist/lifecycle.d.ts.map +1 -0
package/dist/lifecycle.js +624 -0
package/dist/lineage.d.ts +2 -2
package/dist/lineage.d.ts.map +1 -1
package/dist/lineage.js +12 -17
package/dist/middleware/express.d.ts.map +1 -1
package/dist/middleware/express.js +33 -3
package/dist/middleware/nextjs.d.ts.map +1 -1
package/dist/middleware/nextjs.js +42 -68
package/dist/model.d.ts +143 -0
package/dist/model.d.ts.map +1 -0
package/dist/model.js +371 -0
package/dist/onboarding.d.ts +42 -0
package/dist/onboarding.d.ts.map +1 -0
package/dist/onboarding.js +1022 -0
package/dist/oversight.d.ts +264 -0
package/dist/oversight.d.ts.map +1 -0
package/dist/oversight.js +497 -0
package/dist/pdf_report.d.ts.map +1 -1
package/dist/pdf_report.js +42 -21
package/dist/presets.d.ts +88 -0
package/dist/presets.d.ts.map +1 -0
package/dist/presets.js +520 -0
package/dist/propagation.d.ts.map +1 -1
package/dist/propagation.js +34 -2
package/dist/quotas.d.ts +171 -0
package/dist/quotas.d.ts.map +1 -0
package/dist/quotas.js +259 -0
package/dist/register.d.ts +13 -0
package/dist/register.d.ts.map +1 -0
package/dist/register.js +99 -0
package/dist/registry.d.ts +1 -0
package/dist/registry.d.ts.map +1 -1
package/dist/registry.js +7 -0
package/dist/registryData.json +43 -6
package/dist/report.d.ts +2 -1
package/dist/report.d.ts.map +1 -1
package/dist/report.js +189 -2
package/dist/reporting.d.ts +125 -0
package/dist/reporting.d.ts.map +1 -1
package/dist/reporting.js +196 -5
package/dist/resources.d.ts +285 -0
package/dist/resources.d.ts.map +1 -0
package/dist/resources.js +643 -0
package/dist/risk.d.ts +120 -0
package/dist/risk.d.ts.map +1 -0
package/dist/risk.js +220 -0
package/dist/runtime.d.ts +74 -1
package/dist/runtime.d.ts.map +1 -1
package/dist/runtime.js +598 -22
package/dist/schemaInference.d.ts +92 -0
package/dist/schemaInference.d.ts.map +1 -0
package/dist/schemaInference.js +466 -0
package/dist/schema_validation.js +2 -2
package/dist/schemas/config.schema.json +169 -6
package/dist/schemas/event.schema.json +4 -0
package/dist/security_report.js +4 -4
package/dist/signing.d.ts +1 -1
package/dist/signing.d.ts.map +1 -1
package/dist/signing.js +4 -0
package/dist/sinks/file.d.ts +19 -1
package/dist/sinks/file.d.ts.map +1 -1
package/dist/sinks/file.js +82 -13
package/dist/sinks/https.d.ts +10 -0
package/dist/sinks/https.d.ts.map +1 -1
package/dist/sinks/https.js +76 -16
package/dist/sinks/stdout.d.ts +1 -0
package/dist/sinks/stdout.d.ts.map +1 -1
package/dist/sinks/stdout.js +12 -1
package/dist/spec.d.ts +159 -0
package/dist/spec.d.ts.map +1 -0
package/dist/spec.js +391 -0
package/dist/stakeholders.d.ts +199 -0
package/dist/stakeholders.d.ts.map +1 -0
package/dist/stakeholders.js +398 -0
package/dist/standards.d.ts.map +1 -1
package/dist/standards.js +160 -2
package/dist/standards_ingest.d.ts +2 -2
package/dist/standards_ingest.d.ts.map +1 -1
package/dist/standards_ingest.js +105 -23
package/dist/streaming.d.ts.map +1 -1
package/dist/streaming.js +7 -2
package/dist/telemetry.d.ts +16 -2
package/dist/telemetry.d.ts.map +1 -1
package/dist/telemetry.js +79 -14
package/dist/templates/controls/iso42001_control_catalog.json +1443 -0
package/dist/traced_emitter.d.ts +3 -0
package/dist/traced_emitter.d.ts.map +1 -1
package/dist/traced_emitter.js +142 -25
package/dist/trust_package.d.ts +21 -1
package/dist/trust_package.d.ts.map +1 -1
package/dist/trust_package.js +101 -4
package/dist/verify.d.ts.map +1 -1
package/dist/verify.js +9 -2
package/dist/wal.d.ts.map +1 -1
package/dist/wal.js +2 -1
package/package.json +14 -1
package/scripts/postinstall.js +119 -97
package/templates/controls/iso42001_control_catalog.json +1443 -0

package/dist/resources.js ADDED Viewed

@@ -0,0 +1,643 @@
+"use strict";
+/**
+ * ISO 42001 Resource Inventory Management Module (A.4.2, A.4.4, A.4.5, A.2.4)
+ *
+ * Provides comprehensive resource tracking for AI systems including:
+ * - A.4.2: Resource determination
+ * - A.4.4: Tooling resources (algorithms, frameworks, libraries, models, tools)
+ * - A.4.5: Computing resources (cloud, on-premise, edge, hybrid)
+ * - A.4.6: Human resources (roles, competencies, certifications)
+ * - A.2.4: AI policy review scheduling and tracking
+ *
+ * This module enables organizations to maintain complete visibility
+ * into the resources supporting their AI systems.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ResourceRegistry = void 0;
+exports.getRegistry = getRegistry;
+exports.createResourceInventory = createResourceInventory;
+exports.getResourceInventory = getResourceInventory;
+exports.getInventoryForSystem = getInventoryForSystem;
+exports.addToolingResource = addToolingResource;
+exports.addComputeResource = addComputeResource;
+exports.addHumanResource = addHumanResource;
+exports.addDataResource = addDataResource;
+exports.approveToolingResource = approveToolingResource;
+exports.getInventorySummary = getInventorySummary;
+exports.schedulePolicyReview = schedulePolicyReview;
+exports.startPolicyReview = startPolicyReview;
+exports.completePolicyReview = completePolicyReview;
+exports.cancelPolicyReview = cancelPolicyReview;
+exports.checkOverdueReviews = checkOverdueReviews;
+exports.getPolicyReviewSummary = getPolicyReviewSummary;
+exports.emitCustomResourceEvent = emitCustomResourceEvent;
+exports.inventoryToDict = inventoryToDict;
+exports.policyReviewToDict = policyReviewToDict;
+exports.toolingResourceToDict = toolingResourceToDict;
+exports.computeResourceToDict = computeResourceToDict;
+exports.humanResourceToDict = humanResourceToDict;
+const crypto = __importStar(require("crypto"));
+// -----------------------------------------------------------------------------
+// Conversion helpers
+// -----------------------------------------------------------------------------
+function toolingResourceToDict(resource) {
+    return {
+        resource_id: resource.resourceId,
+        type: resource.type,
+        name: resource.name,
+        version: resource.version,
+        purpose: resource.purpose,
+        license: resource.license,
+        risk_assessment: resource.riskAssessment,
+        approved: resource.approved,
+        approved_by: resource.approvedBy,
+        approved_at: resource.approvedAt,
+        added_at: resource.addedAt,
+        metadata: resource.metadata,
+    };
+}
+function computeResourceToDict(resource) {
+    return {
+        resource_id: resource.resourceId,
+        type: resource.type,
+        provider: resource.provider,
+        description: resource.description,
+        capacity: resource.capacity,
+        purpose: resource.purpose,
+        cost_tier: resource.costTier,
+        location: resource.location,
+        compliance_certifications: resource.complianceCertifications,
+        added_at: resource.addedAt,
+        metadata: resource.metadata,
+    };
+}
+function humanResourceToDict(resource) {
+    return {
+        resource_id: resource.resourceId,
+        role: resource.role,
+        name: resource.name,
+        competencies: resource.competencies,
+        certifications: resource.certifications,
+        training_completed: resource.trainingCompleted,
+        training_required: resource.trainingRequired,
+        assigned_systems: resource.assignedSystems,
+        department: resource.department,
+        added_at: resource.addedAt,
+        updated_at: resource.updatedAt,
+        metadata: resource.metadata,
+    };
+}
+function inventoryToDict(inventory) {
+    return {
+        inventory_id: inventory.inventoryId,
+        system_id: inventory.systemId,
+        name: inventory.name,
+        description: inventory.description,
+        data_resources: inventory.dataResources,
+        tooling_resources: inventory.toolingResources.map(toolingResourceToDict),
+        compute_resources: inventory.computeResources.map(computeResourceToDict),
+        human_resources: inventory.humanResources.map(humanResourceToDict),
+        created_at: inventory.createdAt,
+        updated_at: inventory.updatedAt,
+        metadata: inventory.metadata,
+    };
+}
+function policyReviewToDict(review) {
+    return {
+        review_id: review.reviewId,
+        policy_id: review.policyId,
+        policy_name: review.policyName,
+        policy_type: review.policyType,
+        policy_version: review.policyVersion,
+        scheduled_date: review.scheduledDate,
+        status: review.status,
+        reviewer: review.reviewer,
+        review_date: review.reviewDate,
+        findings: review.findings,
+        recommendations: review.recommendations,
+        action_items: review.actionItems,
+        policy_status: review.policyStatus,
+        next_review_date: review.nextReviewDate,
+        created_at: review.createdAt,
+        updated_at: review.updatedAt,
+        metadata: review.metadata,
+    };
+}
+// -----------------------------------------------------------------------------
+// Registry
+// -----------------------------------------------------------------------------
+class ResourceRegistry {
+    constructor() {
+        this.inventories = new Map();
+        this.policyReviews = new Map();
+    }
+    addInventory(inventory) {
+        this.inventories.set(inventory.inventoryId, inventory);
+    }
+    getInventory(inventoryId) {
+        return this.inventories.get(inventoryId);
+    }
+    getInventoryBySystem(systemId) {
+        for (const inv of this.inventories.values()) {
+            if (inv.systemId === systemId) {
+                return inv;
+            }
+        }
+        return undefined;
+    }
+    listInventories() {
+        return Array.from(this.inventories.values());
+    }
+    addPolicyReview(review) {
+        this.policyReviews.set(review.reviewId, review);
+    }
+    getPolicyReview(reviewId) {
+        return this.policyReviews.get(reviewId);
+    }
+    listPolicyReviews(status, policyType) {
+        let reviews = Array.from(this.policyReviews.values());
+        if (status) {
+            reviews = reviews.filter((r) => r.status === status);
+        }
+        if (policyType) {
+            reviews = reviews.filter((r) => r.policyType === policyType);
+        }
+        return reviews;
+    }
+    clear() {
+        this.inventories.clear();
+        this.policyReviews.clear();
+    }
+}
+exports.ResourceRegistry = ResourceRegistry;
+// Global registry
+const registry = new ResourceRegistry();
+function getRegistry() {
+    return registry;
+}
+// -----------------------------------------------------------------------------
+// ID Generation
+// -----------------------------------------------------------------------------
+function generateInventoryId(systemId) {
+    const timestamp = new Date().toISOString();
+    const content = `inventory:${systemId}:${timestamp}`;
+    const hash = crypto.createHash("sha256").update(content).digest("hex").slice(0, 16);
+    return `inv_${hash}`;
+}
+function generateResourceId(resourceType, name) {
+    const timestamp = new Date().toISOString();
+    const content = `resource:${resourceType}:${name}:${timestamp}`;
+    const hash = crypto.createHash("sha256").update(content).digest("hex").slice(0, 16);
+    return `res_${hash}`;
+}
+function generateReviewId(policyId) {
+    const timestamp = new Date().toISOString();
+    const content = `review:${policyId}:${timestamp}`;
+    const hash = crypto.createHash("sha256").update(content).digest("hex").slice(0, 16);
+    return `prv_${hash}`;
+}
+// -----------------------------------------------------------------------------
+// Event Emission
+// -----------------------------------------------------------------------------
+function emitResourceEvent(eventType, data) {
+    try {
+        // eslint-disable-next-line @typescript-eslint/no-var-requires
+        const { getState, emitEvent } = require('./runtime');
+        const state = getState();
+        if (!state)
+            return;
+        const config = state.config.resources || {};
+        if (config.enabled === false)
+            return;
+        emitEvent({
+            event_type: `resource.${eventType}`,
+            timestamp: new Date().toISOString(),
+            body: data,
+        });
+    }
+    catch {
+        // Silently ignore emission errors
+    }
+}
+/**
+ * Create a new resource inventory for an AI system.
+ */
+function createResourceInventory(options) {
+    const now = new Date().toISOString();
+    const inventory = {
+        inventoryId: generateInventoryId(options.systemId),
+        systemId: options.systemId,
+        name: options.name || `Inventory for ${options.systemId}`,
+        description: options.description || "",
+        dataResources: [],
+        toolingResources: [],
+        computeResources: [],
+        humanResources: [],
+        createdAt: now,
+        updatedAt: now,
+        metadata: options.metadata || {},
+    };
+    registry.addInventory(inventory);
+    return inventory;
+}
+/**
+ * Get a resource inventory by ID.
+ */
+function getResourceInventory(inventoryId) {
+    return registry.getInventory(inventoryId);
+}
+/**
+ * Get the resource inventory for a system.
+ */
+function getInventoryForSystem(systemId) {
+    return registry.getInventoryBySystem(systemId);
+}
+/**
+ * Add a tooling resource to an inventory.
+ */
+function addToolingResource(options) {
+    const inventory = registry.getInventory(options.inventoryId);
+    if (!inventory)
+        return undefined;
+    const now = new Date().toISOString();
+    const resource = {
+        resourceId: generateResourceId("tooling", options.name),
+        type: options.type,
+        name: options.name,
+        version: options.version,
+        purpose: options.purpose,
+        license: options.license,
+        riskAssessment: options.riskAssessment,
+        approved: options.approved || false,
+        approvedBy: options.approvedBy,
+        approvedAt: options.approved ? now : undefined,
+        addedAt: now,
+        metadata: options.metadata || {},
+    };
+    inventory.toolingResources.push(resource);
+    inventory.updatedAt = now;
+    emitResourceEvent("tooling_resource_added", {
+        inventory_id: options.inventoryId,
+        resource: toolingResourceToDict(resource),
+    });
+    return resource;
+}
+/**
+ * Add a computing resource to an inventory.
+ */
+function addComputeResource(options) {
+    const inventory = registry.getInventory(options.inventoryId);
+    if (!inventory)
+        return undefined;
+    const now = new Date().toISOString();
+    const resource = {
+        resourceId: generateResourceId("compute", options.provider),
+        type: options.type,
+        provider: options.provider,
+        description: options.description,
+        capacity: options.capacity || {},
+        purpose: options.purpose || "",
+        costTier: options.costTier || "",
+        location: options.location,
+        complianceCertifications: options.complianceCertifications || [],
+        addedAt: now,
+        metadata: options.metadata || {},
+    };
+    inventory.computeResources.push(resource);
+    inventory.updatedAt = now;
+    emitResourceEvent("compute_resource_added", {
+        inventory_id: options.inventoryId,
+        resource: computeResourceToDict(resource),
+    });
+    return resource;
+}
+/**
+ * Add a human resource to an inventory.
+ */
+function addHumanResource(options) {
+    const inventory = registry.getInventory(options.inventoryId);
+    if (!inventory)
+        return undefined;
+    // Check config for competency tracking
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
+    const { getState } = require('./runtime');
+    const state = getState();
+    const config = state?.config?.resources || {};
+    const trackCompetencies = config.trackCompetencies !== false;
+    const now = new Date().toISOString();
+    const resource = {
+        resourceId: generateResourceId("human", options.role),
+        role: options.role,
+        name: options.name,
+        competencies: trackCompetencies ? options.competencies || [] : [],
+        certifications: options.certifications || [],
+        trainingCompleted: options.trainingCompleted || [],
+        trainingRequired: options.trainingRequired || [],
+        assignedSystems: options.assignedSystems || [],
+        department: options.department,
+        addedAt: now,
+        updatedAt: now,
+        metadata: options.metadata || {},
+    };
+    inventory.humanResources.push(resource);
+    inventory.updatedAt = now;
+    emitResourceEvent("human_resource_added", {
+        inventory_id: options.inventoryId,
+        resource: humanResourceToDict(resource),
+    });
+    return resource;
+}
+/**
+ * Add a data resource reference to an inventory.
+ */
+function addDataResource(inventoryId, datasetId) {
+    const inventory = registry.getInventory(inventoryId);
+    if (!inventory)
+        return false;
+    if (!inventory.dataResources.includes(datasetId)) {
+        inventory.dataResources.push(datasetId);
+        inventory.updatedAt = new Date().toISOString();
+        emitResourceEvent("data_resource_added", {
+            inventory_id: inventoryId,
+            dataset_id: datasetId,
+        });
+    }
+    return true;
+}
+/**
+ * Approve a tooling resource for use.
+ */
+function approveToolingResource(inventoryId, resourceId, approver, riskAssessment) {
+    const inventory = registry.getInventory(inventoryId);
+    if (!inventory)
+        return false;
+    const resource = inventory.toolingResources.find((r) => r.resourceId === resourceId);
+    if (!resource)
+        return false;
+    const now = new Date().toISOString();
+    resource.approved = true;
+    resource.approvedBy = approver;
+    resource.approvedAt = now;
+    if (riskAssessment) {
+        resource.riskAssessment = riskAssessment;
+    }
+    inventory.updatedAt = now;
+    emitResourceEvent("tooling_resource_approved", {
+        inventory_id: inventoryId,
+        resource_id: resourceId,
+        approver,
+    });
+    return true;
+}
+/**
+ * Generate a summary of a resource inventory.
+ */
+function getInventorySummary(inventoryId) {
+    const inventory = registry.getInventory(inventoryId);
+    if (!inventory)
+        return undefined;
+    // Count approved vs total tooling
+    const approvedTooling = inventory.toolingResources.filter((t) => t.approved).length;
+    const totalTooling = inventory.toolingResources.length;
+    // Count by type
+    const toolingByType = {};
+    for (const t of inventory.toolingResources) {
+        toolingByType[t.type] = (toolingByType[t.type] || 0) + 1;
+    }
+    const computeByType = {};
+    for (const c of inventory.computeResources) {
+        computeByType[c.type] = (computeByType[c.type] || 0) + 1;
+    }
+    // Count training gaps
+    let trainingGaps = 0;
+    for (const h of inventory.humanResources) {
+        const completed = new Set(h.trainingCompleted);
+        const remaining = h.trainingRequired.filter((t) => !completed.has(t));
+        trainingGaps += remaining.length;
+    }
+    return {
+        inventoryId: inventory.inventoryId,
+        systemId: inventory.systemId,
+        name: inventory.name,
+        summary: {
+            dataResources: inventory.dataResources.length,
+            toolingResources: {
+                total: totalTooling,
+                approved: approvedTooling,
+                byType: toolingByType,
+            },
+            computeResources: {
+                total: inventory.computeResources.length,
+                byType: computeByType,
+            },
+            humanResources: {
+                total: inventory.humanResources.length,
+                trainingGaps,
+            },
+        },
+        updatedAt: inventory.updatedAt,
+    };
+}
+/**
+ * Schedule a policy review.
+ */
+function schedulePolicyReview(options) {
+    const now = new Date().toISOString();
+    const review = {
+        reviewId: generateReviewId(options.policyId),
+        policyId: options.policyId,
+        policyName: options.policyName,
+        policyType: options.policyType,
+        policyVersion: options.policyVersion,
+        scheduledDate: options.scheduledDate,
+        status: "scheduled",
+        findings: [],
+        recommendations: [],
+        actionItems: [],
+        policyStatus: "current",
+        createdAt: now,
+        updatedAt: now,
+        metadata: options.metadata || {},
+    };
+    registry.addPolicyReview(review);
+    emitResourceEvent("policy_review_scheduled", {
+        review: policyReviewToDict(review),
+    });
+    return review;
+}
+/**
+ * Start a policy review.
+ */
+function startPolicyReview(reviewId, reviewer) {
+    const review = registry.getPolicyReview(reviewId);
+    if (!review)
+        return undefined;
+    if (review.status !== "scheduled" && review.status !== "overdue") {
+        return review; // Can't start if already in progress or completed
+    }
+    const now = new Date().toISOString();
+    review.status = "in_progress";
+    review.reviewer = reviewer;
+    review.reviewDate = now;
+    review.updatedAt = now;
+    emitResourceEvent("policy_review_started", {
+        review_id: reviewId,
+        reviewer,
+    });
+    return review;
+}
+/**
+ * Complete a policy review with findings.
+ */
+function completePolicyReview(options) {
+    const review = registry.getPolicyReview(options.reviewId);
+    if (!review)
+        return undefined;
+    if (review.status !== "in_progress") {
+        return review; // Must be in progress to complete
+    }
+    // Get config for default review interval
+    // eslint-disable-next-line @typescript-eslint/no-var-requires
+    const { getState } = require('./runtime');
+    const state = getState();
+    const config = state?.config?.resources || {};
+    const defaultInterval = config.policyReviewIntervalDays || 365;
+    // Calculate next review date if not provided
+    let nextReviewDate = options.nextReviewDate;
+    if (!nextReviewDate) {
+        const nextDate = new Date();
+        nextDate.setDate(nextDate.getDate() + defaultInterval);
+        nextReviewDate = nextDate.toISOString().split("T")[0];
+    }
+    const now = new Date().toISOString();
+    review.status = "completed";
+    review.findings = options.findings;
+    review.recommendations = options.recommendations;
+    review.actionItems = options.actionItems || [];
+    review.policyStatus = options.policyStatus || "current";
+    review.nextReviewDate = nextReviewDate;
+    review.updatedAt = now;
+    emitResourceEvent("policy_review_completed", {
+        review: policyReviewToDict(review),
+    });
+    return review;
+}
+/**
+ * Cancel a scheduled policy review.
+ */
+function cancelPolicyReview(reviewId, reason) {
+    const review = registry.getPolicyReview(reviewId);
+    if (!review)
+        return undefined;
+    if (review.status !== "scheduled" && review.status !== "overdue") {
+        return review; // Can only cancel scheduled or overdue reviews
+    }
+    review.status = "cancelled";
+    review.metadata.cancellationReason = reason;
+    review.updatedAt = new Date().toISOString();
+    emitResourceEvent("policy_review_cancelled", {
+        review_id: reviewId,
+        reason,
+    });
+    return review;
+}
+/**
+ * Find and mark overdue policy reviews.
+ */
+function checkOverdueReviews() {
+    const now = new Date().toISOString().split("T")[0];
+    const overdue = [];
+    for (const review of registry.listPolicyReviews("scheduled")) {
+        if (review.scheduledDate < now) {
+            review.status = "overdue";
+            review.updatedAt = new Date().toISOString();
+            overdue.push(review);
+            emitResourceEvent("policy_review_overdue", {
+                review_id: review.reviewId,
+                policy_id: review.policyId,
+                scheduled_date: review.scheduledDate,
+            });
+        }
+    }
+    return overdue;
+}
+/**
+ * Generate a summary of all policy reviews.
+ */
+function getPolicyReviewSummary() {
+    const reviews = registry.listPolicyReviews();
+    // Count by status
+    const byStatus = {};
+    for (const r of reviews) {
+        byStatus[r.status] = (byStatus[r.status] || 0) + 1;
+    }
+    // Count by type
+    const byType = {};
+    for (const r of reviews) {
+        byType[r.policyType] = (byType[r.policyType] || 0) + 1;
+    }
+    // Find upcoming reviews
+    const upcoming = reviews
+        .filter((r) => r.status === "scheduled")
+        .map((r) => ({
+        reviewId: r.reviewId,
+        policyName: r.policyName,
+        scheduledDate: r.scheduledDate,
+    }))
+        .sort((a, b) => a.scheduledDate.localeCompare(b.scheduledDate))
+        .slice(0, 5);
+    // Find overdue reviews
+    const overdue = reviews
+        .filter((r) => r.status === "overdue")
+        .map(policyReviewToDict);
+    return {
+        totalReviews: reviews.length,
+        byStatus,
+        byType,
+        upcoming,
+        overdue,
+    };
+}
+/**
+ * Emit a custom resource event.
+ */
+function emitCustomResourceEvent(eventType, inventoryId, data) {
+    const eventData = data || {};
+    if (inventoryId) {
+        eventData.inventory_id = inventoryId;
+    }
+    emitResourceEvent(eventType, eventData);
+}