npm - pm-orchestrator-runner - Versions diffs - 1.0.0 - Mend

pm-orchestrator-runner 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (215) hide show

package/LICENSE +21 -0
package/README.md +108 -0
package/dist/cli/cli-interface.d.ts +150 -0
package/dist/cli/cli-interface.d.ts.map +1 -0
package/dist/cli/cli-interface.js +606 -0
package/dist/cli/cli-interface.js.map +1 -0
package/dist/cli/index.d.ts +13 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +243 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/llm-sentinel.d.ts +15 -0
package/dist/cli/llm-sentinel.d.ts.map +1 -0
package/dist/cli/llm-sentinel.js +184 -0
package/dist/cli/llm-sentinel.js.map +1 -0
package/dist/config/configuration-manager.d.ts +149 -0
package/dist/config/configuration-manager.d.ts.map +1 -0
package/dist/config/configuration-manager.js +241 -0
package/dist/config/configuration-manager.js.map +1 -0
package/dist/continuation/continuation-control-manager.d.ts +154 -0
package/dist/continuation/continuation-control-manager.d.ts.map +1 -0
package/dist/continuation/continuation-control-manager.js +303 -0
package/dist/continuation/continuation-control-manager.js.map +1 -0
package/dist/core/runner-core.d.ts +474 -0
package/dist/core/runner-core.d.ts.map +1 -0
package/dist/core/runner-core.js +1311 -0
package/dist/core/runner-core.js.map +1 -0
package/dist/errors/error-codes.d.ts +105 -0
package/dist/errors/error-codes.d.ts.map +1 -0
package/dist/errors/error-codes.js +198 -0
package/dist/errors/error-codes.js.map +1 -0
package/dist/errors/runner-error.d.ts +14 -0
package/dist/errors/runner-error.d.ts.map +1 -0
package/dist/errors/runner-error.js +33 -0
package/dist/errors/runner-error.js.map +1 -0
package/dist/evidence/evidence-manager.d.ts +112 -0
package/dist/evidence/evidence-manager.d.ts.map +1 -0
package/dist/evidence/evidence-manager.js +337 -0
package/dist/evidence/evidence-manager.js.map +1 -0
package/dist/executor/claude-code-executor.d.ts +136 -0
package/dist/executor/claude-code-executor.d.ts.map +1 -0
package/dist/executor/claude-code-executor.js +643 -0
package/dist/executor/claude-code-executor.js.map +1 -0
package/dist/executor/deterministic-executor.d.ts +40 -0
package/dist/executor/deterministic-executor.d.ts.map +1 -0
package/dist/executor/deterministic-executor.js +269 -0
package/dist/executor/deterministic-executor.js.map +1 -0
package/dist/lifecycle/lifecycle-controller.d.ts +270 -0
package/dist/lifecycle/lifecycle-controller.d.ts.map +1 -0
package/dist/lifecycle/lifecycle-controller.js +596 -0
package/dist/lifecycle/lifecycle-controller.js.map +1 -0
package/dist/limits/resource-limit-manager.d.ts +200 -0
package/dist/limits/resource-limit-manager.d.ts.map +1 -0
package/dist/limits/resource-limit-manager.js +376 -0
package/dist/limits/resource-limit-manager.js.map +1 -0
package/dist/locks/lock-manager.d.ts +116 -0
package/dist/locks/lock-manager.d.ts.map +1 -0
package/dist/locks/lock-manager.js +306 -0
package/dist/locks/lock-manager.js.map +1 -0
package/dist/logging/index.d.ts +8 -0
package/dist/logging/index.d.ts.map +1 -0
package/dist/logging/index.js +22 -0
package/dist/logging/index.js.map +1 -0
package/dist/logging/sensitive-data-masker.d.ts +90 -0
package/dist/logging/sensitive-data-masker.d.ts.map +1 -0
package/dist/logging/sensitive-data-masker.js +228 -0
package/dist/logging/sensitive-data-masker.js.map +1 -0
package/dist/logging/task-log-manager.d.ts +215 -0
package/dist/logging/task-log-manager.d.ts.map +1 -0
package/dist/logging/task-log-manager.js +743 -0
package/dist/logging/task-log-manager.js.map +1 -0
package/dist/mediation/fail-closed-runner.d.ts +131 -0
package/dist/mediation/fail-closed-runner.d.ts.map +1 -0
package/dist/mediation/fail-closed-runner.js +245 -0
package/dist/mediation/fail-closed-runner.js.map +1 -0
package/dist/mediation/llm-client-with-evidence.d.ts +123 -0
package/dist/mediation/llm-client-with-evidence.d.ts.map +1 -0
package/dist/mediation/llm-client-with-evidence.js +245 -0
package/dist/mediation/llm-client-with-evidence.js.map +1 -0
package/dist/mediation/llm-client.d.ts +102 -0
package/dist/mediation/llm-client.d.ts.map +1 -0
package/dist/mediation/llm-client.js +206 -0
package/dist/mediation/llm-client.js.map +1 -0
package/dist/mediation/llm-evidence-manager.d.ts +108 -0
package/dist/mediation/llm-evidence-manager.d.ts.map +1 -0
package/dist/mediation/llm-evidence-manager.js +230 -0
package/dist/mediation/llm-evidence-manager.js.map +1 -0
package/dist/mediation/llm-mediation-layer.d.ts +175 -0
package/dist/mediation/llm-mediation-layer.d.ts.map +1 -0
package/dist/mediation/llm-mediation-layer.js +315 -0
package/dist/mediation/llm-mediation-layer.js.map +1 -0
package/dist/mediation/llm-sentinel.d.ts +107 -0
package/dist/mediation/llm-sentinel.d.ts.map +1 -0
package/dist/mediation/llm-sentinel.js +187 -0
package/dist/mediation/llm-sentinel.js.map +1 -0
package/dist/mediation/real-llm-mediation-layer.d.ts +104 -0
package/dist/mediation/real-llm-mediation-layer.d.ts.map +1 -0
package/dist/mediation/real-llm-mediation-layer.js +322 -0
package/dist/mediation/real-llm-mediation-layer.js.map +1 -0
package/dist/mediation/verdict-reporter.d.ts +61 -0
package/dist/mediation/verdict-reporter.d.ts.map +1 -0
package/dist/mediation/verdict-reporter.js +178 -0
package/dist/mediation/verdict-reporter.js.map +1 -0
package/dist/models/enums.d.ts +133 -0
package/dist/models/enums.d.ts.map +1 -0
package/dist/models/enums.js +201 -0
package/dist/models/enums.js.map +1 -0
package/dist/models/evidence.d.ts +60 -0
package/dist/models/evidence.d.ts.map +1 -0
package/dist/models/evidence.js +135 -0
package/dist/models/evidence.js.map +1 -0
package/dist/models/execution-result.d.ts +89 -0
package/dist/models/execution-result.d.ts.map +1 -0
package/dist/models/execution-result.js +197 -0
package/dist/models/execution-result.js.map +1 -0
package/dist/models/file-lock.d.ts +62 -0
package/dist/models/file-lock.d.ts.map +1 -0
package/dist/models/file-lock.js +133 -0
package/dist/models/file-lock.js.map +1 -0
package/dist/models/index.d.ts +12 -0
package/dist/models/index.d.ts.map +1 -0
package/dist/models/index.js +91 -0
package/dist/models/index.js.map +1 -0
package/dist/models/repl/index.d.ts +7 -0
package/dist/models/repl/index.d.ts.map +1 -0
package/dist/models/repl/index.js +32 -0
package/dist/models/repl/index.js.map +1 -0
package/dist/models/repl/model-registry.d.ts +73 -0
package/dist/models/repl/model-registry.d.ts.map +1 -0
package/dist/models/repl/model-registry.js +116 -0
package/dist/models/repl/model-registry.js.map +1 -0
package/dist/models/repl/repl-state.d.ts +86 -0
package/dist/models/repl/repl-state.d.ts.map +1 -0
package/dist/models/repl/repl-state.js +152 -0
package/dist/models/repl/repl-state.js.map +1 -0
package/dist/models/repl/task-log.d.ts +247 -0
package/dist/models/repl/task-log.d.ts.map +1 -0
package/dist/models/repl/task-log.js +178 -0
package/dist/models/repl/task-log.js.map +1 -0
package/dist/models/session.d.ts +71 -0
package/dist/models/session.d.ts.map +1 -0
package/dist/models/session.js +140 -0
package/dist/models/session.js.map +1 -0
package/dist/models/supporting.d.ts +97 -0
package/dist/models/supporting.d.ts.map +1 -0
package/dist/models/supporting.js +208 -0
package/dist/models/supporting.js.map +1 -0
package/dist/models/task.d.ts +77 -0
package/dist/models/task.d.ts.map +1 -0
package/dist/models/task.js +170 -0
package/dist/models/task.js.map +1 -0
package/dist/output/output-control-manager.d.ts +217 -0
package/dist/output/output-control-manager.d.ts.map +1 -0
package/dist/output/output-control-manager.js +378 -0
package/dist/output/output-control-manager.js.map +1 -0
package/dist/pool/agent-pool.d.ts +284 -0
package/dist/pool/agent-pool.d.ts.map +1 -0
package/dist/pool/agent-pool.js +451 -0
package/dist/pool/agent-pool.js.map +1 -0
package/dist/repl/commands/index.d.ts +12 -0
package/dist/repl/commands/index.d.ts.map +1 -0
package/dist/repl/commands/index.js +26 -0
package/dist/repl/commands/index.js.map +1 -0
package/dist/repl/commands/init.d.ts +31 -0
package/dist/repl/commands/init.d.ts.map +1 -0
package/dist/repl/commands/init.js +234 -0
package/dist/repl/commands/init.js.map +1 -0
package/dist/repl/commands/keys.d.ts +63 -0
package/dist/repl/commands/keys.d.ts.map +1 -0
package/dist/repl/commands/keys.js +114 -0
package/dist/repl/commands/keys.js.map +1 -0
package/dist/repl/commands/logs.d.ts +91 -0
package/dist/repl/commands/logs.d.ts.map +1 -0
package/dist/repl/commands/logs.js +200 -0
package/dist/repl/commands/logs.js.map +1 -0
package/dist/repl/commands/model.d.ts +85 -0
package/dist/repl/commands/model.d.ts.map +1 -0
package/dist/repl/commands/model.js +225 -0
package/dist/repl/commands/model.js.map +1 -0
package/dist/repl/commands/models.d.ts +50 -0
package/dist/repl/commands/models.d.ts.map +1 -0
package/dist/repl/commands/models.js +180 -0
package/dist/repl/commands/models.js.map +1 -0
package/dist/repl/commands/provider.d.ts +79 -0
package/dist/repl/commands/provider.d.ts.map +1 -0
package/dist/repl/commands/provider.js +291 -0
package/dist/repl/commands/provider.js.map +1 -0
package/dist/repl/commands/session.d.ts +50 -0
package/dist/repl/commands/session.d.ts.map +1 -0
package/dist/repl/commands/session.js +152 -0
package/dist/repl/commands/session.js.map +1 -0
package/dist/repl/commands/status.d.ts +55 -0
package/dist/repl/commands/status.d.ts.map +1 -0
package/dist/repl/commands/status.js +182 -0
package/dist/repl/commands/status.js.map +1 -0
package/dist/repl/index.d.ts +6 -0
package/dist/repl/index.d.ts.map +1 -0
package/dist/repl/index.js +25 -0
package/dist/repl/index.js.map +1 -0
package/dist/repl/repl-interface.d.ts +371 -0
package/dist/repl/repl-interface.d.ts.map +1 -0
package/dist/repl/repl-interface.js +1214 -0
package/dist/repl/repl-interface.js.map +1 -0
package/dist/session/session-manager.d.ts +85 -0
package/dist/session/session-manager.d.ts.map +1 -0
package/dist/session/session-manager.js +217 -0
package/dist/session/session-manager.js.map +1 -0
package/dist/supervisor/executor-supervisor.d.ts +90 -0
package/dist/supervisor/executor-supervisor.d.ts.map +1 -0
package/dist/supervisor/executor-supervisor.js +223 -0
package/dist/supervisor/executor-supervisor.js.map +1 -0
package/dist/supervisor/index.d.ts +5 -0
package/dist/supervisor/index.d.ts.map +1 -0
package/dist/supervisor/index.js +9 -0
package/dist/supervisor/index.js.map +1 -0
package/package.json +57 -0

package/dist/mediation/llm-client-with-evidence.js ADDED Viewed

@@ -0,0 +1,245 @@
+"use strict";
+/**
+ * LLM Client with Evidence Recording
+ *
+ * Extends LLMClient with automatic evidence recording for fail-closed behavior.
+ * Every API call generates a proof file that can be verified.
+ *
+ * ARCHITECTURAL RULES:
+ * - Every LLM call MUST generate evidence
+ * - COMPLETE status can only be asserted if evidence exists
+ * - Double Execution Gate: API key check + Evidence file check
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LLMClientWithEvidence = void 0;
+exports.createLLMClientWithEvidence = createLLMClientWithEvidence;
+const crypto = __importStar(require("crypto"));
+const llm_client_1 = require("./llm-client");
+const llm_evidence_manager_1 = require("./llm-evidence-manager");
+/**
+ * LLM Client with automatic evidence recording
+ *
+ * Implements Double Execution Gate:
+ * - Gate 1: API key validation (fail-closed)
+ * - Gate 2: Evidence directory ready (fail-closed)
+ *
+ * Both gates must pass before any LLM call can be made.
+ */
+class LLMClientWithEvidence {
+    client;
+    evidenceManager;
+    provider;
+    model;
+    gateCheckPerformed = false;
+    gateResult = null;
+    constructor(config) {
+        // Gate 1: API key validation (fail-closed)
+        // This will throw APIKeyMissingError if key is not set
+        this.client = llm_client_1.LLMClient.fromEnv(config.provider ?? 'openai', config.model, { temperature: config.temperature ?? 0.7 });
+        // Gate 2: Evidence directory initialization
+        this.evidenceManager = new llm_evidence_manager_1.LLMEvidenceManager(config.evidenceDir);
+        this.provider = config.provider ?? 'openai';
+        this.model = config.model ?? (config.provider === 'anthropic' ? 'claude-3-haiku-20240307' : 'gpt-4o-mini');
+    }
+    /**
+     * Create client from environment with evidence recording
+     * @throws APIKeyMissingError if API key is not set (fail-closed)
+     */
+    static fromEnv(evidenceDir, provider = 'openai', model, options) {
+        return new LLMClientWithEvidence({
+            provider,
+            model,
+            temperature: options?.temperature,
+            evidenceDir,
+        });
+    }
+    /**
+     * Check Double Execution Gate
+     *
+     * Gate 1: API key is valid (already checked in constructor)
+     * Gate 2: Evidence directory is ready
+     *
+     * @returns Gate check result
+     */
+    checkExecutionGate() {
+        // Gate 1 passed if we got here (constructor would throw otherwise)
+        const gate1Pass = true;
+        // Gate 2: Evidence directory ready
+        const evidenceDir = this.evidenceManager.getEvidenceDir();
+        const gate2Pass = evidenceDir !== null && evidenceDir !== undefined;
+        this.gateResult = {
+            gate1_api_key: gate1Pass ? 'PASS' : 'FAIL',
+            gate2_evidence_ready: gate2Pass ? 'PASS' : 'FAIL',
+            can_execute: gate1Pass && gate2Pass,
+            failure_reason: !gate1Pass
+                ? 'API key not configured'
+                : !gate2Pass
+                    ? 'Evidence directory not ready'
+                    : undefined,
+        };
+        this.gateCheckPerformed = true;
+        return this.gateResult;
+    }
+    /**
+     * Send chat completion request with automatic evidence recording
+     *
+     * @throws Error if Double Execution Gate not passed
+     */
+    async chat(messages) {
+        // Enforce Double Execution Gate check
+        if (!this.gateCheckPerformed) {
+            this.checkExecutionGate();
+        }
+        if (!this.gateResult?.can_execute) {
+            throw new Error(`LLM execution blocked by Double Execution Gate: ${this.gateResult?.failure_reason}`);
+        }
+        const callId = this.generateCallId();
+        const requestHash = (0, llm_evidence_manager_1.hashRequest)(messages);
+        const startTime = Date.now();
+        try {
+            // Make the actual API call
+            const response = await this.client.chat(messages);
+            const endTime = Date.now();
+            // Record success evidence
+            const evidence = {
+                call_id: callId,
+                provider: this.provider,
+                model: this.model,
+                request_hash: requestHash,
+                response_hash: (0, llm_evidence_manager_1.hashResponse)(response.content),
+                timestamp: new Date().toISOString(),
+                duration_ms: endTime - startTime,
+                success: true,
+            };
+            this.evidenceManager.recordEvidence(evidence);
+            return {
+                ...response,
+                evidence_id: callId,
+            };
+        }
+        catch (error) {
+            const endTime = Date.now();
+            // Record failure evidence
+            const evidence = {
+                call_id: callId,
+                provider: this.provider,
+                model: this.model,
+                request_hash: requestHash,
+                response_hash: null,
+                timestamp: new Date().toISOString(),
+                duration_ms: endTime - startTime,
+                success: false,
+                error: error instanceof Error ? error.message : String(error),
+            };
+            this.evidenceManager.recordEvidence(evidence);
+            // Re-throw the error
+            throw error;
+        }
+    }
+    /**
+     * Check if COMPLETE status can be asserted
+     *
+     * This is the fail-closed check:
+     * - Returns true only if at least one successful LLM call has evidence
+     * - Returns false if no evidence exists or all calls failed
+     */
+    canAssertComplete() {
+        return this.evidenceManager.canAssertComplete();
+    }
+    /**
+     * Get evidence statistics
+     */
+    getEvidenceStats() {
+        return this.evidenceManager.getStats();
+    }
+    /**
+     * Get evidence by call ID
+     */
+    getEvidence(callId) {
+        return this.evidenceManager.getEvidence(callId);
+    }
+    /**
+     * Verify evidence integrity
+     */
+    verifyEvidence(callId) {
+        return this.evidenceManager.verifyIntegrity(callId);
+    }
+    /**
+     * List all evidence
+     */
+    listEvidence() {
+        return this.evidenceManager.listEvidence();
+    }
+    /**
+     * Get the underlying evidence manager
+     */
+    getEvidenceManager() {
+        return this.evidenceManager;
+    }
+    /**
+     * Get the configured provider
+     */
+    getProvider() {
+        return this.provider;
+    }
+    /**
+     * Get the configured model
+     */
+    getModel() {
+        return this.model;
+    }
+    /**
+     * Generate unique call ID
+     */
+    generateCallId() {
+        const timestamp = Date.now().toString(36);
+        const random = crypto.randomBytes(4).toString('hex');
+        return `llm-${timestamp}-${random}`;
+    }
+}
+exports.LLMClientWithEvidence = LLMClientWithEvidence;
+/**
+ * Create LLM Client with Evidence (convenience function)
+ *
+ * @param evidenceDir - Directory to store evidence files
+ * @param provider - LLM provider (default: openai)
+ * @param model - Model name (optional)
+ * @throws APIKeyMissingError if API key is not configured
+ */
+function createLLMClientWithEvidence(evidenceDir, provider = 'openai', model) {
+    return LLMClientWithEvidence.fromEnv(evidenceDir, provider, model);
+}
+//# sourceMappingURL=llm-client-with-evidence.js.map

package/dist/mediation/llm-client-with-evidence.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"llm-client-with-evidence.js","sourceRoot":"","sources":["../../src/mediation/llm-client-with-evidence.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsQH,kEAMC;AA1QD,+CAAiC;AACjC,6CAMsB;AACtB,iEAKgC;AAsBhC;;;;;;;;GAQG;AACH,MAAa,qBAAqB;IACf,MAAM,CAAY;IAClB,eAAe,CAAqB;IACpC,QAAQ,CAAc;IACtB,KAAK,CAAS;IACvB,kBAAkB,GAAG,KAAK,CAAC;IAC3B,UAAU,GAA+B,IAAI,CAAC;IAEtD,YAAY,MAAmC;QAC7C,2CAA2C;QAC3C,uDAAuD;QACvD,IAAI,CAAC,MAAM,GAAG,sBAAS,CAAC,OAAO,CAC7B,MAAM,CAAC,QAAQ,IAAI,QAAQ,EAC3B,MAAM,CAAC,KAAK,EACZ,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,GAAG,EAAE,CAC3C,CAAC;QAEF,4CAA4C;QAC5C,IAAI,CAAC,eAAe,GAAG,IAAI,yCAAkB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAElE,IAAI,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC5C,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,WAAW,CAAC,CAAC,CAAC,yBAAyB,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;IAC7G,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,OAAO,CACZ,WAAmB,EACnB,WAAwB,QAAQ,EAChC,KAAc,EACd,OAAkC;QAElC,OAAO,IAAI,qBAAqB,CAAC;YAC/B,QAAQ;YACR,KAAK;YACL,WAAW,EAAE,OAAO,EAAE,WAAW;YACjC,WAAW;SACZ,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;OAOG;IACH,kBAAkB;QAChB,mEAAmE;QACnE,MAAM,SAAS,GAAG,IAAI,CAAC;QAEvB,mCAAmC;QACnC,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,CAAC,cAAc,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,WAAW,KAAK,IAAI,IAAI,WAAW,KAAK,SAAS,CAAC;QAEpE,IAAI,CAAC,UAAU,GAAG;YAChB,aAAa,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YAC1C,oBAAoB,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YACjD,WAAW,EAAE,SAAS,IAAI,SAAS;YACnC,cAAc,EAAE,CAAC,SAAS;gBACxB,CAAC,CAAC,wBAAwB;gBAC1B,CAAC,CAAC,CAAC,SAAS;oBACV,CAAC,CAAC,8BAA8B;oBAChC,CAAC,CAAC,SAAS;SAChB,CAAC;QAEF,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC;QAC/B,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,IAAI,CAAC,QAAuB;QAChC,sCAAsC;QACtC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC7B,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,mDAAmD,IAAI,CAAC,UAAU,EAAE,cAAc,EAAE,CAAC,CAAC;QACxG,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QACrC,MAAM,WAAW,GAAG,IAAA,kCAAW,EAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,2BAA2B;YAC3B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAE3B,0BAA0B;YAC1B,MAAM,QAAQ,GAAgB;gBAC5B,OAAO,EAAE,MAAM;gBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,YAAY,EAAE,WAAW;gBACzB,aAAa,EAAE,IAAA,mCAAY,EAAC,QAAQ,CAAC,OAAO,CAAC;gBAC7C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,WAAW,EAAE,OAAO,GAAG,SAAS;gBAChC,OAAO,EAAE,IAAI;aACd,CAAC;YAEF,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAE9C,OAAO;gBACL,GAAG,QAAQ;gBACX,WAAW,EAAE,MAAM;aACpB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAE3B,0BAA0B;YAC1B,MAAM,QAAQ,GAAgB;gBAC5B,OAAO,EAAE,MAAM;gBACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,YAAY,EAAE,WAAW;gBACzB,aAAa,EAAE,IAAI;gBACnB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,WAAW,EAAE,OAAO,GAAG,SAAS;gBAChC,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC;YAEF,IAAI,CAAC,eAAe,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;YAE9C,qBAAqB;YACrB,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,iBAAiB;QACf,OAAO,IAAI,CAAC,eAAe,CAAC,iBAAiB,EAAE,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,gBAAgB;QACd,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,MAAc;QACxB,OAAO,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,MAAc;QAC3B,OAAO,IAAI,CAAC,eAAe,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,YAAY;QACV,OAAO,IAAI,CAAC,eAAe,CAAC,YAAY,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED;;OAEG;IACK,cAAc;QACpB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACrD,OAAO,OAAO,SAAS,IAAI,MAAM,EAAE,CAAC;IACtC,CAAC;CACF;AA9MD,sDA8MC;AAED;;;;;;;GAOG;AACH,SAAgB,2BAA2B,CACzC,WAAmB,EACnB,WAAwB,QAAQ,EAChC,KAAc;IAEd,OAAO,qBAAqB,CAAC,OAAO,CAAC,WAAW,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;AACrE,CAAC"}

package/dist/mediation/llm-client.d.ts ADDED Viewed

@@ -0,0 +1,102 @@
+/**
+ * LLM Client - Real API calls to LLM providers
+ *
+ * REQUIREMENTS:
+ * - NO stubs, mocks, or fixed responses
+ * - temperature > 0 required (non-deterministic output)
+ * - API key from environment variables only
+ * - fail-closed on missing API key
+ */
+/**
+ * LLM Provider types
+ */
+export type LLMProvider = 'openai' | 'anthropic';
+/**
+ * LLM Client configuration
+ */
+export interface LLMClientConfig {
+    provider: LLMProvider;
+    model: string;
+    apiKey: string;
+    temperature?: number;
+    maxTokens?: number;
+    baseUrl?: string;
+}
+/**
+ * Chat message format
+ */
+export interface ChatMessage {
+    role: 'system' | 'user' | 'assistant';
+    content: string;
+}
+/**
+ * LLM response
+ */
+export interface LLMResponse {
+    content: string;
+    model: string;
+    usage?: {
+        prompt_tokens: number;
+        completion_tokens: number;
+        total_tokens: number;
+    };
+}
+/**
+ * Error thrown when API key is missing (fail-closed)
+ */
+export declare class APIKeyMissingError extends Error {
+    constructor(provider: LLMProvider);
+}
+/**
+ * Error thrown when LLM API call fails
+ */
+export declare class LLMAPIError extends Error {
+    readonly provider: LLMProvider;
+    readonly statusCode: number;
+    readonly responseBody: string;
+    constructor(provider: LLMProvider, statusCode: number, responseBody: string);
+}
+/**
+ * Get API key from environment variable
+ * @throws APIKeyMissingError if key is not set (fail-closed)
+ */
+export declare function getAPIKeyFromEnv(provider: LLMProvider): string;
+/**
+ * LLM Client class - Makes real API calls to LLM providers
+ *
+ * IMPORTANT: This class NEVER uses stubs or mocks.
+ * All calls go to the real LLM API.
+ */
+export declare class LLMClient {
+    private readonly config;
+    constructor(config: LLMClientConfig);
+    /**
+     * Create LLM client from environment variables
+     * @throws APIKeyMissingError if API key is not set (fail-closed)
+     */
+    static fromEnv(provider?: LLMProvider, model?: string, options?: {
+        temperature?: number;
+        maxTokens?: number;
+    }): LLMClient;
+    /**
+     * Send chat completion request to LLM
+     */
+    chat(messages: ChatMessage[]): Promise<LLMResponse>;
+    /**
+     * OpenAI API call
+     */
+    private chatOpenAI;
+    /**
+     * Anthropic API call
+     */
+    private chatAnthropic;
+    /**
+     * Get the configured model name
+     */
+    getModel(): string;
+    /**
+     * Get the configured provider
+     */
+    getProvider(): LLMProvider;
+}
+//# sourceMappingURL=llm-client.d.ts.map

package/dist/mediation/llm-client.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"llm-client.d.ts","sourceRoot":"","sources":["../../src/mediation/llm-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,QAAQ,GAAG,WAAW,CAAC;AAEjD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,WAAW,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,QAAQ,GAAG,MAAM,GAAG,WAAW,CAAC;IACtC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE;QACN,aAAa,EAAE,MAAM,CAAC;QACtB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;CACH;AAED;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,KAAK;gBAC/B,QAAQ,EAAE,WAAW;CAIlC;AAED;;GAEG;AACH,qBAAa,WAAY,SAAQ,KAAK;aAElB,QAAQ,EAAE,WAAW;aACrB,UAAU,EAAE,MAAM;aAClB,YAAY,EAAE,MAAM;gBAFpB,QAAQ,EAAE,WAAW,EACrB,UAAU,EAAE,MAAM,EAClB,YAAY,EAAE,MAAM;CAKvC;AAcD;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,WAAW,GAAG,MAAM,CAS9D;AAgBD;;;;;GAKG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA4B;gBAEvC,MAAM,EAAE,eAAe;IAiBnC;;;OAGG;IACH,MAAM,CAAC,OAAO,CACZ,QAAQ,GAAE,WAAsB,EAChC,KAAK,CAAC,EAAE,MAAM,EACd,OAAO,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GACrD,SAAS;IAWZ;;OAEG;IACG,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,CAAC;IASzD;;OAEG;YACW,UAAU;IAiCxB;;OAEG;YACW,aAAa;IA8C3B;;OAEG;IACH,QAAQ,IAAI,MAAM;IAIlB;;OAEG;IACH,WAAW,IAAI,WAAW;CAG3B"}

package/dist/mediation/llm-client.js ADDED Viewed

@@ -0,0 +1,206 @@
+"use strict";
+/**
+ * LLM Client - Real API calls to LLM providers
+ *
+ * REQUIREMENTS:
+ * - NO stubs, mocks, or fixed responses
+ * - temperature > 0 required (non-deterministic output)
+ * - API key from environment variables only
+ * - fail-closed on missing API key
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LLMClient = exports.LLMAPIError = exports.APIKeyMissingError = void 0;
+exports.getAPIKeyFromEnv = getAPIKeyFromEnv;
+/**
+ * Error thrown when API key is missing (fail-closed)
+ */
+class APIKeyMissingError extends Error {
+    constructor(provider) {
+        super(`API key not found for provider: ${provider}. Set ${getEnvVarName(provider)} environment variable.`);
+        this.name = 'APIKeyMissingError';
+    }
+}
+exports.APIKeyMissingError = APIKeyMissingError;
+/**
+ * Error thrown when LLM API call fails
+ */
+class LLMAPIError extends Error {
+    provider;
+    statusCode;
+    responseBody;
+    constructor(provider, statusCode, responseBody) {
+        super(`LLM API error (${provider}): ${statusCode} - ${responseBody}`);
+        this.provider = provider;
+        this.statusCode = statusCode;
+        this.responseBody = responseBody;
+        this.name = 'LLMAPIError';
+    }
+}
+exports.LLMAPIError = LLMAPIError;
+/**
+ * Get environment variable name for API key
+ */
+function getEnvVarName(provider) {
+    switch (provider) {
+        case 'openai':
+            return 'OPENAI_API_KEY';
+        case 'anthropic':
+            return 'ANTHROPIC_API_KEY';
+    }
+}
+/**
+ * Get API key from environment variable
+ * @throws APIKeyMissingError if key is not set (fail-closed)
+ */
+function getAPIKeyFromEnv(provider) {
+    const envVar = getEnvVarName(provider);
+    const apiKey = process.env[envVar];
+    if (!apiKey || apiKey.trim() === '') {
+        throw new APIKeyMissingError(provider);
+    }
+    return apiKey.trim();
+}
+/**
+ * Default configuration for providers
+ */
+const DEFAULT_CONFIGS = {
+    openai: {
+        baseUrl: 'https://api.openai.com/v1',
+        defaultModel: 'gpt-4o-mini',
+    },
+    anthropic: {
+        baseUrl: 'https://api.anthropic.com/v1',
+        defaultModel: 'claude-3-haiku-20240307',
+    },
+};
+/**
+ * LLM Client class - Makes real API calls to LLM providers
+ *
+ * IMPORTANT: This class NEVER uses stubs or mocks.
+ * All calls go to the real LLM API.
+ */
+class LLMClient {
+    config;
+    constructor(config) {
+        // Validate temperature > 0 (required for non-determinism)
+        const temperature = config.temperature ?? 0.7;
+        if (temperature <= 0) {
+            throw new Error('temperature must be > 0 to ensure non-deterministic output');
+        }
+        this.config = {
+            provider: config.provider,
+            model: config.model,
+            apiKey: config.apiKey,
+            temperature,
+            maxTokens: config.maxTokens ?? 1024,
+            baseUrl: config.baseUrl ?? DEFAULT_CONFIGS[config.provider].baseUrl,
+        };
+    }
+    /**
+     * Create LLM client from environment variables
+     * @throws APIKeyMissingError if API key is not set (fail-closed)
+     */
+    static fromEnv(provider = 'openai', model, options) {
+        const apiKey = getAPIKeyFromEnv(provider);
+        return new LLMClient({
+            provider,
+            model: model ?? DEFAULT_CONFIGS[provider].defaultModel,
+            apiKey,
+            temperature: options?.temperature ?? 0.7,
+            maxTokens: options?.maxTokens ?? 1024,
+        });
+    }
+    /**
+     * Send chat completion request to LLM
+     */
+    async chat(messages) {
+        switch (this.config.provider) {
+            case 'openai':
+                return this.chatOpenAI(messages);
+            case 'anthropic':
+                return this.chatAnthropic(messages);
+        }
+    }
+    /**
+     * OpenAI API call
+     */
+    async chatOpenAI(messages) {
+        const response = await fetch(`${this.config.baseUrl}/chat/completions`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${this.config.apiKey}`,
+            },
+            body: JSON.stringify({
+                model: this.config.model,
+                messages,
+                temperature: this.config.temperature,
+                max_tokens: this.config.maxTokens,
+            }),
+        });
+        if (!response.ok) {
+            const body = await response.text();
+            throw new LLMAPIError('openai', response.status, body);
+        }
+        const data = await response.json();
+        return {
+            content: data.choices[0]?.message?.content ?? '',
+            model: data.model,
+            usage: data.usage,
+        };
+    }
+    /**
+     * Anthropic API call
+     */
+    async chatAnthropic(messages) {
+        // Extract system message if present
+        const systemMessage = messages.find(m => m.role === 'system');
+        const conversationMessages = messages.filter(m => m.role !== 'system');
+        const response = await fetch(`${this.config.baseUrl}/messages`, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'x-api-key': this.config.apiKey,
+                'anthropic-version': '2023-06-01',
+            },
+            body: JSON.stringify({
+                model: this.config.model,
+                max_tokens: this.config.maxTokens,
+                temperature: this.config.temperature,
+                system: systemMessage?.content,
+                messages: conversationMessages.map(m => ({
+                    role: m.role,
+                    content: m.content,
+                })),
+            }),
+        });
+        if (!response.ok) {
+            const body = await response.text();
+            throw new LLMAPIError('anthropic', response.status, body);
+        }
+        const data = await response.json();
+        return {
+            content: data.content[0]?.text ?? '',
+            model: data.model,
+            usage: data.usage ? {
+                prompt_tokens: data.usage.input_tokens,
+                completion_tokens: data.usage.output_tokens,
+                total_tokens: data.usage.input_tokens + data.usage.output_tokens,
+            } : undefined,
+        };
+    }
+    /**
+     * Get the configured model name
+     */
+    getModel() {
+        return this.config.model;
+    }
+    /**
+     * Get the configured provider
+     */
+    getProvider() {
+        return this.config.provider;
+    }
+}
+exports.LLMClient = LLMClient;
+//# sourceMappingURL=llm-client.js.map

package/dist/mediation/llm-client.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"llm-client.js","sourceRoot":"","sources":["../../src/mediation/llm-client.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAgFH,4CASC;AAjDD;;GAEG;AACH,MAAa,kBAAmB,SAAQ,KAAK;IAC3C,YAAY,QAAqB;QAC/B,KAAK,CAAC,mCAAmC,QAAQ,SAAS,aAAa,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC;QAC3G,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF;AALD,gDAKC;AAED;;GAEG;AACH,MAAa,WAAY,SAAQ,KAAK;IAElB;IACA;IACA;IAHlB,YACkB,QAAqB,EACrB,UAAkB,EAClB,YAAoB;QAEpC,KAAK,CAAC,kBAAkB,QAAQ,MAAM,UAAU,MAAM,YAAY,EAAE,CAAC,CAAC;QAJtD,aAAQ,GAAR,QAAQ,CAAa;QACrB,eAAU,GAAV,UAAU,CAAQ;QAClB,iBAAY,GAAZ,YAAY,CAAQ;QAGpC,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;IAC5B,CAAC;CACF;AATD,kCASC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,QAAqB;IAC1C,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,gBAAgB,CAAC;QAC1B,KAAK,WAAW;YACd,OAAO,mBAAmB,CAAC;IAC/B,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,QAAqB;IACpD,MAAM,MAAM,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAEnC,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;QACpC,MAAM,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,eAAe,GAAmE;IACtF,MAAM,EAAE;QACN,OAAO,EAAE,2BAA2B;QACpC,YAAY,EAAE,aAAa;KAC5B;IACD,SAAS,EAAE;QACT,OAAO,EAAE,8BAA8B;QACvC,YAAY,EAAE,yBAAyB;KACxC;CACF,CAAC;AAEF;;;;;GAKG;AACH,MAAa,SAAS;IACH,MAAM,CAA4B;IAEnD,YAAY,MAAuB;QACjC,0DAA0D;QAC1D,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,GAAG,CAAC;QAC9C,IAAI,WAAW,IAAI,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,4DAA4D,CAAC,CAAC;QAChF,CAAC;QAED,IAAI,CAAC,MAAM,GAAG;YACZ,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,WAAW;YACX,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI;YACnC,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO;SACpE,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,MAAM,CAAC,OAAO,CACZ,WAAwB,QAAQ,EAChC,KAAc,EACd,OAAsD;QAEtD,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC1C,OAAO,IAAI,SAAS,CAAC;YACnB,QAAQ;YACR,KAAK,EAAE,KAAK,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC,YAAY;YACtD,MAAM;YACN,WAAW,EAAE,OAAO,EAAE,WAAW,IAAI,GAAG;YACxC,SAAS,EAAE,OAAO,EAAE,SAAS,IAAI,IAAI;SACtC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,QAAuB;QAChC,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC7B,KAAK,QAAQ;gBACX,OAAO,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YACnC,KAAK,WAAW;gBACd,OAAO,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,UAAU,CAAC,QAAuB;QAC9C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,mBAAmB,EAAE;YACtE,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;aAChD;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;gBACxB,QAAQ;gBACR,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;aAClC,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,WAAW,CAAC,QAAQ,EAAE,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAI/B,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,IAAI,EAAE;YAChD,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CAAC,QAAuB;QACjD,oCAAoC;QACpC,MAAM,aAAa,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QAC9D,MAAM,oBAAoB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QAEvE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO,WAAW,EAAE;YAC9D,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;gBAC/B,mBAAmB,EAAE,YAAY;aAClC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;gBACxB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS;gBACjC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,MAAM,EAAE,aAAa,EAAE,OAAO;gBAC9B,QAAQ,EAAE,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;oBACvC,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,OAAO,EAAE,CAAC,CAAC,OAAO;iBACnB,CAAC,CAAC;aACJ,CAAC;SACH,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,WAAW,CAAC,WAAW,EAAE,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAI/B,CAAC;QAEF,OAAO;YACL,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,IAAI,IAAI,EAAE;YACpC,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBAClB,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY;gBACtC,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa;gBAC3C,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa;aACjE,CAAC,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,WAAW;QACT,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;IAC9B,CAAC;CACF;AArJD,8BAqJC"}

package/dist/mediation/llm-evidence-manager.d.ts ADDED Viewed

@@ -0,0 +1,108 @@
+/**
+ * LLM Evidence Manager
+ *
+ * Tracks and verifies evidence of real LLM API calls.
+ * This is the fail-closed mechanism that ensures:
+ * 1. Every LLM call generates a proof file
+ * 2. COMPLETE status can only be asserted with evidence
+ * 3. Evidence files are tamper-resistant (hash verification)
+ *
+ * ARCHITECTURAL RULES:
+ * - No evidence file = LLM call did not happen
+ * - Evidence must exist BEFORE asserting COMPLETE
+ * - Failed calls are also recorded (to prove attempt)
+ */
+/**
+ * LLM Evidence structure
+ * Records proof of a real LLM API call
+ */
+export interface LLMEvidence {
+    /** Unique identifier for this call */
+    call_id: string;
+    /** LLM provider (openai, anthropic) */
+    provider: string;
+    /** Model used */
+    model: string;
+    /** Hash of the request payload */
+    request_hash: string;
+    /** Hash of the response (null if failed) */
+    response_hash: string | null;
+    /** ISO timestamp of the call */
+    timestamp: string;
+    /** Duration in milliseconds */
+    duration_ms: number;
+    /** Whether the call succeeded */
+    success: boolean;
+    /** Error message if failed */
+    error?: string;
+}
+/**
+ * Evidence statistics
+ */
+export interface EvidenceStats {
+    total_calls: number;
+    successful_calls: number;
+    failed_calls: number;
+}
+/**
+ * LLM Evidence Manager
+ *
+ * Manages evidence files for LLM API calls.
+ * Uses file-based storage for durability and auditability.
+ */
+export declare class LLMEvidenceManager {
+    private readonly evidenceDir;
+    private readonly evidenceMap;
+    constructor(baseDir: string);
+    /**
+     * Load existing evidence files from disk
+     */
+    private loadExistingEvidence;
+    /**
+     * Record evidence for an LLM call
+     * @returns Path to the evidence file
+     */
+    recordEvidence(evidence: LLMEvidence): string;
+    /**
+     * Check if evidence exists for a call
+     */
+    hasEvidence(callId: string): boolean;
+    /**
+     * Get evidence by call ID
+     */
+    getEvidence(callId: string): LLMEvidence | null;
+    /**
+     * List all evidence
+     */
+    listEvidence(): LLMEvidence[];
+    /**
+     * Get evidence statistics
+     */
+    getStats(): EvidenceStats;
+    /**
+     * Check if we can assert COMPLETE status
+     * Requires at least one successful LLM call with evidence
+     */
+    canAssertComplete(): boolean;
+    /**
+     * Verify integrity of an evidence file
+     * Detects tampering by comparing stored hash with recalculated hash
+     */
+    verifyIntegrity(callId: string): boolean;
+    /**
+     * Get evidence directory path
+     */
+    getEvidenceDir(): string;
+}
+/**
+ * Create hash for request payload
+ */
+export declare function hashRequest(messages: Array<{
+    role: string;
+    content: string;
+}>): string;
+/**
+ * Create hash for response content
+ */
+export declare function hashResponse(content: string): string;
+//# sourceMappingURL=llm-evidence-manager.d.ts.map

package/dist/mediation/llm-evidence-manager.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"llm-evidence-manager.d.ts","sourceRoot":"","sources":["../../src/mediation/llm-evidence-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAMH;;;GAGG;AACH,MAAM,WAAW,WAAW;IAC1B,sCAAsC;IACtC,OAAO,EAAE,MAAM,CAAC;IAChB,uCAAuC;IACvC,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,kCAAkC;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,4CAA4C;IAC5C,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,gCAAgC;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,+BAA+B;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,iCAAiC;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,8BAA8B;IAC9B,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAUD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;IACzB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;;;GAKG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAuC;gBAEvD,OAAO,EAAE,MAAM;IAY3B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAqB5B;;;OAGG;IACH,cAAc,CAAC,QAAQ,EAAE,WAAW,GAAG,MAAM;IAqB7C;;OAEG;IACH,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAWpC;;OAEG;IACH,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI;IAuB/C;;OAEG;IACH,YAAY,IAAI,WAAW,EAAE;IAM7B;;OAEG;IACH,QAAQ,IAAI,aAAa;IAYzB;;;OAGG;IACH,iBAAiB,IAAI,OAAO;IAY5B;;;OAGG;IACH,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO;IAqBxC;;OAEG;IACH,cAAc,IAAI,MAAM;CAGzB;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,GAAG,MAAM,CAGtF;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEpD"}