npm - nexus-agents - Versions diffs - 2.81.2 → 2.81.3 - Mend

nexus-agents 2.81.2 → 2.81.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/{chunk-37ZXD5B6.js → chunk-755EZIUF.js} RENAMED Viewed

@@ -77,7 +77,7 @@ import {
   DEFAULT_TASK_TTL_MS,
   DEFAULT_TOOL_RATE_LIMITS,
   clampTaskTtl
-} from "./chunk-6KO6LO3L.js";
+} from "./chunk-WLAQXITV.js";
 import {
   getAvailabilityCache,
   resolveFallback
@@ -28246,15 +28246,12 @@ var PolicyEngine = class {
     return matched.sort((a, b) => b.priority - a.priority);
   }
 };
-var DEFAULT_MAX_ATTEMPTS = 3;
-var COST_WARNING_THRESHOLD = 0.8;
 var trustTierRule = {
   id: "trust-tier",
   priority: 100,
   evaluate(context) {
-    const state = context.pipelineState;
-    const tierVal = state["trustTier"];
-    const numericTier = typeof tierVal === "number" ? tierVal : typeof tierVal === "string" ? Number(tierVal) : Number.NaN;
+    const tierVal = context.pipelineState.trustTier;
+    const numericTier = tierVal === void 0 ? Number.NaN : Number(tierVal);
     const tier = Number.isFinite(numericTier) ? numericTier : void 0;
     if (tier !== void 0 && tier >= 3 && context.stageType === "execute") {
       return {
@@ -28266,83 +28263,7 @@ var trustTierRule = {
     return { allow: true };
   }
 };
-var securityReviewRule = {
-  id: "security-review",
-  priority: 90,
-  evaluate(context) {
-    const state = context.pipelineState;
-    const needsReview = state["securityReviewRequired"] === true;
-    const hasReview = state["securityReviewComplete"] === true;
-    if (needsReview && !hasReview && context.stageType === "execute") {
-      return {
-        allow: false,
-        reason: "Security review required before implementation"
-      };
-    }
-    return { allow: true };
-  }
-};
-var boundedIterationRule = {
-  id: "bounded-iteration",
-  priority: 80,
-  evaluate(context) {
-    const state = context.pipelineState;
-    const attemptsVal = state["stageAttempts"];
-    const attempts = typeof attemptsVal === "number" ? attemptsVal : void 0;
-    if (attempts !== void 0 && attempts >= DEFAULT_MAX_ATTEMPTS) {
-      return {
-        allow: false,
-        reason: `Stage "${context.stageId}" exceeded max retries`
-      };
-    }
-    return { allow: true };
-  }
-};
-var costBudgetRule = {
-  id: "cost-budget",
-  priority: 70,
-  evaluate(context) {
-    const state = context.pipelineState;
-    const spentVal = state["costAccumulator"];
-    const spent = typeof spentVal === "number" ? spentVal : void 0;
-    const budgetVal = state["costBudget"];
-    const budget = typeof budgetVal === "number" ? budgetVal : void 0;
-    if (spent !== void 0 && budget !== void 0) {
-      if (spent > budget * COST_WARNING_THRESHOLD) {
-        return {
-          allow: false,
-          reason: "Approaching cost budget limit",
-          escalateTo: "user"
-        };
-      }
-    }
-    return { allow: true };
-  }
-};
-var highRiskApprovalRule = {
-  id: "high-risk-approval",
-  priority: 60,
-  evaluate(context) {
-    const state = context.pipelineState;
-    const isHighRisk = state["highRisk"] === true;
-    const approved = state["userApproved"] === true;
-    if (isHighRisk && !approved) {
-      return {
-        allow: false,
-        reason: "High-risk action requires user approval",
-        escalateTo: "user"
-      };
-    }
-    return { allow: true };
-  }
-};
-var BUILT_IN_RULES = [
-  trustTierRule,
-  securityReviewRule,
-  boundedIterationRule,
-  costBudgetRule,
-  highRiskApprovalRule
-];
+var BUILT_IN_RULES = [trustTierRule];
 function createDefaultPolicyEngine() {
   const engine = new PolicyEngine();
   for (const rule of BUILT_IN_RULES) {
@@ -28482,6 +28403,10 @@ function buildBaseTaskContract(input) {
 }
 // src/pipeline/v2-delegate.ts
+function toPipelineStateSnapshot(metadata) {
+  const trustTier = metadata["trustTier"];
+  return typeof trustTier === "string" ? { trustTier } : {};
+}
 var logger22 = createLogger({ component: "V2Delegate" });
 function createDelegatePipeline(task) {
   const plan = buildPlan(task);
@@ -28541,7 +28466,10 @@ function checkPipelinePolicy(task, stageType) {
     taskId: task.id,
     stageId: `pre-execution-${stageType}`,
     stageType,
-    pipelineState: task.metadata
+    // #2932: typed extraction. The untyped `task.metadata` is the producer
+    // surface — we narrow to the policy snapshot here so adding a new rule
+    // forces an explicit producer wire-up at this single chokepoint.
+    pipelineState: toPipelineStateSnapshot(task.metadata)
   };
   const result = evaluatePolicy2({ engine, mode }, context);
   if (!result.allowed) {
@@ -50301,4 +50229,4 @@ export {
   detectBackend,
   createTaskTracker
 };
-//# sourceMappingURL=chunk-37ZXD5B6.js.map
+//# sourceMappingURL=chunk-755EZIUF.js.map