qati-sdk 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -12
- package/dist/index.cjs +473 -109
- package/dist/index.cjs.map +1 -1
- package/dist/index.d.cts +2403 -373
- package/dist/index.d.ts +2403 -373
- package/dist/index.js +465 -110
- package/dist/index.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -550,15 +550,3 @@ Transient failures are retried automatically for **`POST /v1/events:batch`** acc
|
|
|
550
550
|
| Errors | `QatiSDKError`, `QatiAPIError`, `QatiAuthError`, `QatiNotFoundError`, `QatiRateLimitError`, `QatiServerError`, `QatiConfigError`. |
|
|
551
551
|
|
|
552
552
|
`HttpClient.request(...)` exists for advanced use; prefer resource methods for application code.
|
|
553
|
-
|
|
554
|
-
## Build (maintainers)
|
|
555
|
-
|
|
556
|
-
From `sdks/typescript/`:
|
|
557
|
-
|
|
558
|
-
```bash
|
|
559
|
-
npm ci
|
|
560
|
-
npm test
|
|
561
|
-
npm run build
|
|
562
|
-
```
|
|
563
|
-
|
|
564
|
-
Outputs land in `dist/` (ESM + CJS + declarations).
|
package/dist/index.cjs
CHANGED
|
@@ -640,7 +640,7 @@ var TrustStateResource = class {
|
|
|
640
640
|
/**
|
|
641
641
|
* Fetches the latest trust state for one entity.
|
|
642
642
|
*
|
|
643
|
-
* @param entityType - Lowercase entity class
|
|
643
|
+
* @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
|
|
644
644
|
* @param entityId - Id for the entity(Required)
|
|
645
645
|
* @param options - Optional contributor limits/window.
|
|
646
646
|
* @returns {@link TrustState} including `current_closure_score`, `risk_tier`, and `top_contributors`.
|
|
@@ -661,7 +661,7 @@ var TrustStateResource = class {
|
|
|
661
661
|
/**
|
|
662
662
|
* Fetches trust states for many entities in one request.
|
|
663
663
|
*
|
|
664
|
-
* @param entityType - Lowercase entity class
|
|
664
|
+
* @param entityType - Lowercase entity class (see {@link EntityTypeLowerCase}).
|
|
665
665
|
* @param entityIds - Distinct ids to query. Prefer length ≤ 100 or the server may reject the request.
|
|
666
666
|
* @param options - Optional contributor limits/window.
|
|
667
667
|
* @returns Array of {@link TrustState} in server-defined order; empty array when `entityIds` is empty.
|
|
@@ -780,6 +780,9 @@ var Session = class {
|
|
|
780
780
|
return new Client(this._config, httpClients ?? {});
|
|
781
781
|
}
|
|
782
782
|
};
|
|
783
|
+
var fraction01 = () => zod.z.number().min(0).max(1);
|
|
784
|
+
var fraction01Nullable = () => fraction01().nullable().optional();
|
|
785
|
+
var nonEmptyString = () => zod.z.string().min(1);
|
|
783
786
|
|
|
784
787
|
// src/shared/types/signal-type.ts
|
|
785
788
|
var SIGNAL_TYPES = [
|
|
@@ -789,7 +792,16 @@ var SIGNAL_TYPES = [
|
|
|
789
792
|
"SYSTEM_TELEMETRY",
|
|
790
793
|
"MODEL_OUTPUT",
|
|
791
794
|
"ANOMALY_FLAG",
|
|
792
|
-
"NETWORK_EVENT"
|
|
795
|
+
"NETWORK_EVENT",
|
|
796
|
+
"SESSION",
|
|
797
|
+
"PROMPT_INPUT",
|
|
798
|
+
"CONTEXT_INTEGRITY",
|
|
799
|
+
"TOOL_CALL",
|
|
800
|
+
"RAG_RETRIEVAL",
|
|
801
|
+
"POLICY_EVENT",
|
|
802
|
+
"USER_FEEDBACK",
|
|
803
|
+
"WORKFLOW_ACTION",
|
|
804
|
+
"API_CALL"
|
|
793
805
|
];
|
|
794
806
|
|
|
795
807
|
// src/shared/types/provenance-mode.ts
|
|
@@ -816,8 +828,13 @@ var EventPrincipalSchema = zod.z.object({
|
|
|
816
828
|
device_id: zod.z.string().min(1).optional(),
|
|
817
829
|
session_id: zod.z.string().min(1).optional(),
|
|
818
830
|
model_id: zod.z.string().min(1).optional(),
|
|
819
|
-
service_id: zod.z.string().min(1).optional()
|
|
820
|
-
|
|
831
|
+
service_id: zod.z.string().min(1).optional(),
|
|
832
|
+
conversation_id: zod.z.string().min(1).optional(),
|
|
833
|
+
document_id: zod.z.string().min(1).optional(),
|
|
834
|
+
tool_id: zod.z.string().min(1).optional(),
|
|
835
|
+
workflow_id: zod.z.string().min(1).optional(),
|
|
836
|
+
api_key_id: zod.z.string().min(1).optional()
|
|
837
|
+
}).strict();
|
|
821
838
|
|
|
822
839
|
// src/v1/schemas/raw-event.ts
|
|
823
840
|
var BaseEventSchema = zod.z.object({
|
|
@@ -838,103 +855,15 @@ var RawEventRequestSchema = zod.z.object({
|
|
|
838
855
|
payload: zod.z.record(zod.z.any()).describe("JSON payload (stored as JSONB in DB).")
|
|
839
856
|
});
|
|
840
857
|
|
|
841
|
-
// src/v1/schemas/
|
|
842
|
-
var TransactionSignalPayloadSchema = zod.z.object({
|
|
843
|
-
amount: zod.z.number().nonnegative().default(0),
|
|
844
|
-
amount_minor: zod.z.number().int().nonnegative().nullable().optional(),
|
|
845
|
-
amount_usd: zod.z.number().nonnegative().nullable().optional(),
|
|
846
|
-
currency: zod.z.string().nullable().optional(),
|
|
847
|
-
merchant_category: zod.z.string().nullable().optional(),
|
|
848
|
-
merchant_id: zod.z.string().nullable().optional(),
|
|
849
|
-
channel: zod.z.string().nullable().optional(),
|
|
850
|
-
country: zod.z.string().nullable().optional(),
|
|
851
|
-
velocity: zod.z.number().nonnegative().nullable().optional(),
|
|
852
|
-
external_anomaly_score: zod.z.number().nullable().optional(),
|
|
853
|
-
geo_distance: zod.z.number().nonnegative().nullable().optional(),
|
|
854
|
-
geo_distance_km: zod.z.number().nonnegative().nullable().optional(),
|
|
855
|
-
records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
|
|
856
|
-
baseline_records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
|
|
857
|
-
sensitivity_level: zod.z.string().nullable().optional(),
|
|
858
|
-
export_count: zod.z.number().int().nonnegative().nullable().optional(),
|
|
859
|
-
bulk_export: zod.z.boolean().optional().default(false),
|
|
860
|
-
contains_phi: zod.z.boolean().optional().default(false),
|
|
861
|
-
control_command: zod.z.string().nullable().optional(),
|
|
862
|
-
authorized: zod.z.boolean().nullable().optional(),
|
|
863
|
-
safety_critical: zod.z.boolean().optional().default(false)
|
|
864
|
-
});
|
|
865
|
-
var AuthSignalPayloadSchema = zod.z.object({
|
|
866
|
-
result: zod.z.string().nullable().optional(),
|
|
867
|
-
auth_method: zod.z.string().nullable().optional(),
|
|
868
|
-
mfa_used: zod.z.boolean().nullable().optional(),
|
|
869
|
-
mfa_bypassed: zod.z.boolean().optional().default(false),
|
|
870
|
-
failed_attempts: zod.z.number().int().nonnegative().optional().default(0),
|
|
871
|
-
ip: zod.z.string().nullable().optional(),
|
|
872
|
-
country: zod.z.string().nullable().optional(),
|
|
873
|
-
user_agent: zod.z.string().nullable().optional(),
|
|
874
|
-
unusual_location: zod.z.boolean().optional().default(false),
|
|
875
|
-
after_hours_login: zod.z.boolean().optional().default(false)
|
|
876
|
-
});
|
|
877
|
-
var ModelOutputSignalPayloadSchema = zod.z.object({
|
|
878
|
-
missing_citations_rate: zod.z.number().min(0).max(1).nullable().optional(),
|
|
879
|
-
citation_rate: zod.z.number().min(0).max(1).nullable().optional(),
|
|
880
|
-
expected_citation_rate: zod.z.number().min(0).max(1).nullable().optional(),
|
|
881
|
-
policy_violations: zod.z.number().int().nonnegative().optional().default(0),
|
|
882
|
-
policy_violation_rate: zod.z.number().min(0).max(1).nullable().optional(),
|
|
883
|
-
tool_call_inconsistency: zod.z.number().min(0).max(1).optional().default(0),
|
|
884
|
-
tool_inconsistency_rate: zod.z.number().min(0).max(1).nullable().optional(),
|
|
885
|
-
tool_miss_rate: zod.z.number().min(0).max(1).nullable().optional(),
|
|
886
|
-
eval_window_n: zod.z.number().int().min(1).nullable().optional()
|
|
887
|
-
});
|
|
888
|
-
var SystemTelemetrySignalPayloadSchema = zod.z.object({
|
|
889
|
-
metric_name: zod.z.string().nullable().optional(),
|
|
890
|
-
value: zod.z.number().nullable().optional(),
|
|
891
|
-
baseline: zod.z.number().nullable().optional(),
|
|
892
|
-
window_seconds: zod.z.number().int().min(1).nullable().optional(),
|
|
893
|
-
error_rate: zod.z.number().min(0).max(1).optional().default(0),
|
|
894
|
-
baseline_error_rate: zod.z.number().min(0).max(1).nullable().optional(),
|
|
895
|
-
unusual_auth_rate: zod.z.number().min(0).max(1).optional().default(0),
|
|
896
|
-
firmware_hash_changed: zod.z.boolean().optional().default(false),
|
|
897
|
-
expected_hash_match: zod.z.boolean().nullable().optional(),
|
|
898
|
-
sensor_deviation_score: zod.z.number().min(0).max(1).nullable().optional()
|
|
899
|
-
});
|
|
858
|
+
// src/v1/schemas/anomaly-flag.ts
|
|
900
859
|
var AnomalyFlagSignalPayloadSchema = zod.z.object({
|
|
901
|
-
severity:
|
|
902
|
-
});
|
|
903
|
-
var BehaviorSignalPayloadSchema = zod.z.object({
|
|
904
|
-
deviation_score: zod.z.number().min(0).max(1)
|
|
905
|
-
});
|
|
906
|
-
var NetworkSignalPayloadSchema = zod.z.object({
|
|
907
|
-
ip: zod.z.string().nullable().optional(),
|
|
908
|
-
asn: zod.z.string().nullable().optional(),
|
|
909
|
-
reputation_score: zod.z.number().min(0).max(1).nullable().optional(),
|
|
910
|
-
threat_score: zod.z.number().min(0).max(1).nullable().optional(),
|
|
911
|
-
is_datacenter: zod.z.boolean().nullable().optional(),
|
|
912
|
-
is_untrusted_segment: zod.z.boolean().optional().default(false),
|
|
913
|
-
asn_reputation: zod.z.number().min(0).max(1).nullable().optional()
|
|
914
|
-
});
|
|
915
|
-
BaseEventSchema.extend({
|
|
916
|
-
signal_payload: TransactionSignalPayloadSchema
|
|
860
|
+
severity: fraction01()
|
|
917
861
|
});
|
|
918
862
|
BaseEventSchema.extend({
|
|
919
863
|
signal_payload: AnomalyFlagSignalPayloadSchema
|
|
920
864
|
});
|
|
921
|
-
BaseEventSchema.extend({
|
|
922
|
-
signal_payload: AuthSignalPayloadSchema
|
|
923
|
-
});
|
|
924
|
-
BaseEventSchema.extend({
|
|
925
|
-
signal_payload: BehaviorSignalPayloadSchema
|
|
926
|
-
});
|
|
927
|
-
BaseEventSchema.extend({
|
|
928
|
-
signal_payload: NetworkSignalPayloadSchema
|
|
929
|
-
});
|
|
930
|
-
BaseEventSchema.extend({
|
|
931
|
-
signal_payload: ModelOutputSignalPayloadSchema
|
|
932
|
-
});
|
|
933
|
-
BaseEventSchema.extend({
|
|
934
|
-
signal_payload: SystemTelemetrySignalPayloadSchema
|
|
935
|
-
});
|
|
936
865
|
|
|
937
|
-
// src/v1/builders/
|
|
866
|
+
// src/v1/builders/_common.ts
|
|
938
867
|
var buildRawEventPayload = (event, signalPayload, signalType) => {
|
|
939
868
|
const rawEventPayload = {
|
|
940
869
|
timestamp: event.timestamp,
|
|
@@ -960,36 +889,296 @@ var buildRawEventRequest = (event, signalPayload, signalType) => {
|
|
|
960
889
|
payload: rawEventPayload
|
|
961
890
|
};
|
|
962
891
|
};
|
|
963
|
-
|
|
964
|
-
|
|
965
|
-
return buildRawEventRequest(event, signalPayload, "AUTH");
|
|
966
|
-
};
|
|
967
|
-
function createTransactionEvent(event) {
|
|
968
|
-
const signalPayload = TransactionSignalPayloadSchema.parse(
|
|
969
|
-
event.signal_payload
|
|
970
|
-
);
|
|
971
|
-
return buildRawEventRequest(event, signalPayload, "TRANSACTION");
|
|
972
|
-
}
|
|
892
|
+
|
|
893
|
+
// src/v1/builders/anomaly-flag-builder.ts
|
|
973
894
|
var createAnomalyFlagEvent = (event) => {
|
|
974
895
|
const signalPayload = AnomalyFlagSignalPayloadSchema.parse(
|
|
975
896
|
event.signal_payload
|
|
976
897
|
);
|
|
977
898
|
return buildRawEventRequest(event, signalPayload, "ANOMALY_FLAG");
|
|
978
899
|
};
|
|
900
|
+
|
|
901
|
+
// src/shared/types/http-method.ts
|
|
902
|
+
var HTTP_METHODS = ["GET", "POST", "PUT", "PATCH", "DELETE"];
|
|
903
|
+
|
|
904
|
+
// src/v1/schemas/api-call.ts
|
|
905
|
+
var ApiCallSignalPayloadSchema = zod.z.object({
|
|
906
|
+
service_id: nonEmptyString(),
|
|
907
|
+
endpoint: nonEmptyString(),
|
|
908
|
+
method: zod.z.enum(HTTP_METHODS),
|
|
909
|
+
status_code: zod.z.number().int().min(100).max(599),
|
|
910
|
+
authorized: zod.z.boolean().nullable(),
|
|
911
|
+
authentication_present: zod.z.boolean().nullable().optional(),
|
|
912
|
+
rate_limited: zod.z.boolean().nullable().optional(),
|
|
913
|
+
external_side_effect: zod.z.boolean().nullable().optional(),
|
|
914
|
+
records_returned: zod.z.number().int().nonnegative().nullable().optional(),
|
|
915
|
+
records_modified: zod.z.number().int().nonnegative().nullable().optional(),
|
|
916
|
+
contains_sensitive_data: zod.z.boolean().nullable().optional(),
|
|
917
|
+
latency_ms: zod.z.number().nonnegative().nullable().optional(),
|
|
918
|
+
retry_count: zod.z.number().int().nonnegative().nullable().optional(),
|
|
919
|
+
api_key_id: zod.z.string().nullable().optional()
|
|
920
|
+
});
|
|
921
|
+
BaseEventSchema.extend({
|
|
922
|
+
signal_payload: ApiCallSignalPayloadSchema
|
|
923
|
+
});
|
|
924
|
+
|
|
925
|
+
// src/v1/builders/api-call-builder.ts
|
|
926
|
+
var createApiCallEvent = (event) => {
|
|
927
|
+
const signalPayload = ApiCallSignalPayloadSchema.parse(event.signal_payload);
|
|
928
|
+
return buildRawEventRequest(event, signalPayload, "API_CALL");
|
|
929
|
+
};
|
|
930
|
+
var AuthSignalPayloadSchema = zod.z.object({
|
|
931
|
+
result: zod.z.string().nullable().optional(),
|
|
932
|
+
auth_method: zod.z.string().nullable().optional(),
|
|
933
|
+
mfa_used: zod.z.boolean().nullable().optional(),
|
|
934
|
+
mfa_bypassed: zod.z.boolean().optional().default(false),
|
|
935
|
+
failed_attempts: zod.z.number().int().nonnegative().optional().default(0),
|
|
936
|
+
ip: zod.z.string().nullable().optional(),
|
|
937
|
+
country: zod.z.string().nullable().optional(),
|
|
938
|
+
user_agent: zod.z.string().nullable().optional(),
|
|
939
|
+
unusual_location: zod.z.boolean().optional().default(false),
|
|
940
|
+
after_hours_login: zod.z.boolean().optional().default(false)
|
|
941
|
+
});
|
|
942
|
+
BaseEventSchema.extend({
|
|
943
|
+
signal_payload: AuthSignalPayloadSchema
|
|
944
|
+
});
|
|
945
|
+
|
|
946
|
+
// src/v1/builders/auth-builder.ts
|
|
947
|
+
var createAuthEvent = (event) => {
|
|
948
|
+
const signalPayload = AuthSignalPayloadSchema.parse(event.signal_payload);
|
|
949
|
+
return buildRawEventRequest(event, signalPayload, "AUTH");
|
|
950
|
+
};
|
|
951
|
+
var BehaviorSignalPayloadSchema = zod.z.object({
|
|
952
|
+
deviation_score: fraction01()
|
|
953
|
+
});
|
|
954
|
+
BaseEventSchema.extend({
|
|
955
|
+
signal_payload: BehaviorSignalPayloadSchema
|
|
956
|
+
});
|
|
957
|
+
|
|
958
|
+
// src/v1/builders/behavior-builder.ts
|
|
979
959
|
var createBehaviorEvent = (event) => {
|
|
980
960
|
const signalPayload = BehaviorSignalPayloadSchema.parse(event.signal_payload);
|
|
981
961
|
return buildRawEventRequest(event, signalPayload, "BEHAVIOR");
|
|
982
962
|
};
|
|
983
|
-
|
|
984
|
-
|
|
985
|
-
|
|
963
|
+
|
|
964
|
+
// src/shared/types/context-integrity.ts
|
|
965
|
+
var CONTEXT_SOURCES = [
|
|
966
|
+
"CONVERSATION_HISTORY",
|
|
967
|
+
"RETRIEVED_DOCUMENT",
|
|
968
|
+
"TOOL_OUTPUT",
|
|
969
|
+
"SYSTEM",
|
|
970
|
+
"DEVELOPER",
|
|
971
|
+
"USER"
|
|
972
|
+
];
|
|
973
|
+
|
|
974
|
+
// src/v1/schemas/context-integrity.ts
|
|
975
|
+
var ContextIntegritySignalPayloadSchema = zod.z.object({
|
|
976
|
+
context_source: zod.z.enum(CONTEXT_SOURCES),
|
|
977
|
+
instruction_conflict_detected: zod.z.boolean(),
|
|
978
|
+
untrusted_instruction_detected: zod.z.boolean(),
|
|
979
|
+
context_priority_violation: zod.z.boolean(),
|
|
980
|
+
recursive_instruction_pattern: zod.z.boolean().optional().default(false),
|
|
981
|
+
context_drift_score: fraction01Nullable(),
|
|
982
|
+
system_prompt_conflict_score: fraction01Nullable(),
|
|
983
|
+
developer_prompt_conflict_score: fraction01Nullable(),
|
|
984
|
+
retrieved_instruction_count: zod.z.number().int().nonnegative().optional().default(0),
|
|
985
|
+
hidden_instruction_score: fraction01Nullable(),
|
|
986
|
+
source_document_id: zod.z.string().nullable().optional(),
|
|
987
|
+
untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0),
|
|
988
|
+
source_trust_score: fraction01Nullable(),
|
|
989
|
+
lowest_source_trust_score: fraction01Nullable(),
|
|
990
|
+
recursive_pattern_score: fraction01Nullable(),
|
|
991
|
+
prompt_injection_score: fraction01Nullable(),
|
|
992
|
+
contains_instruction_override: zod.z.boolean().optional().default(false),
|
|
993
|
+
context_injection_score: fraction01Nullable()
|
|
994
|
+
});
|
|
995
|
+
BaseEventSchema.extend({
|
|
996
|
+
signal_payload: ContextIntegritySignalPayloadSchema
|
|
997
|
+
});
|
|
998
|
+
|
|
999
|
+
// src/v1/builders/context-integrity-builder.ts
|
|
1000
|
+
var createContextIntegrityEvent = (event) => {
|
|
1001
|
+
const signalPayload = ContextIntegritySignalPayloadSchema.parse(
|
|
1002
|
+
event.signal_payload
|
|
1003
|
+
);
|
|
1004
|
+
return buildRawEventRequest(event, signalPayload, "CONTEXT_INTEGRITY");
|
|
986
1005
|
};
|
|
1006
|
+
var ModelOutputSignalPayloadSchema = zod.z.object({
|
|
1007
|
+
missing_citations_rate: fraction01Nullable(),
|
|
1008
|
+
citation_rate: fraction01Nullable(),
|
|
1009
|
+
expected_citation_rate: fraction01Nullable(),
|
|
1010
|
+
policy_violations: zod.z.number().int().nonnegative().optional().default(0),
|
|
1011
|
+
policy_violation_rate: fraction01Nullable(),
|
|
1012
|
+
tool_call_inconsistency: fraction01().optional().default(0),
|
|
1013
|
+
tool_inconsistency_rate: fraction01Nullable(),
|
|
1014
|
+
tool_miss_rate: fraction01Nullable(),
|
|
1015
|
+
eval_window_n: zod.z.number().int().min(1).nullable().optional(),
|
|
1016
|
+
hallucination_risk_score: fraction01Nullable(),
|
|
1017
|
+
self_contradiction_score: fraction01Nullable(),
|
|
1018
|
+
grounding_score: fraction01Nullable(),
|
|
1019
|
+
contains_unsupported_claims: zod.z.boolean().optional().default(false)
|
|
1020
|
+
});
|
|
1021
|
+
BaseEventSchema.extend({
|
|
1022
|
+
signal_payload: ModelOutputSignalPayloadSchema
|
|
1023
|
+
});
|
|
1024
|
+
|
|
1025
|
+
// src/v1/builders/model-output-builder.ts
|
|
987
1026
|
var createModelOutputEvent = (event) => {
|
|
988
1027
|
const signalPayload = ModelOutputSignalPayloadSchema.parse(
|
|
989
1028
|
event.signal_payload
|
|
990
1029
|
);
|
|
991
1030
|
return buildRawEventRequest(event, signalPayload, "MODEL_OUTPUT");
|
|
992
1031
|
};
|
|
1032
|
+
var NetworkSignalPayloadSchema = zod.z.object({
|
|
1033
|
+
ip: zod.z.string().nullable().optional(),
|
|
1034
|
+
asn: zod.z.string().nullable().optional(),
|
|
1035
|
+
reputation_score: fraction01Nullable(),
|
|
1036
|
+
threat_score: fraction01Nullable(),
|
|
1037
|
+
is_datacenter: zod.z.boolean().nullable().optional(),
|
|
1038
|
+
is_untrusted_segment: zod.z.boolean().optional().default(false),
|
|
1039
|
+
asn_reputation: fraction01Nullable()
|
|
1040
|
+
});
|
|
1041
|
+
BaseEventSchema.extend({
|
|
1042
|
+
signal_payload: NetworkSignalPayloadSchema
|
|
1043
|
+
});
|
|
1044
|
+
|
|
1045
|
+
// src/v1/builders/network-builder.ts
|
|
1046
|
+
var createNetworkEvent = (event) => {
|
|
1047
|
+
const signalPayload = NetworkSignalPayloadSchema.parse(event.signal_payload);
|
|
1048
|
+
return buildRawEventRequest(event, signalPayload, "NETWORK_EVENT");
|
|
1049
|
+
};
|
|
1050
|
+
|
|
1051
|
+
// src/shared/types/policy-event.ts
|
|
1052
|
+
var POLICY_CATEGORIES = [
|
|
1053
|
+
"SAFETY",
|
|
1054
|
+
"PRIVACY",
|
|
1055
|
+
"SECURITY",
|
|
1056
|
+
"COMPLIANCE",
|
|
1057
|
+
"CONTENT",
|
|
1058
|
+
"OTHER"
|
|
1059
|
+
];
|
|
1060
|
+
var POLICY_RESULTS = ["PASS", "WARN", "FAIL", "BLOCKED"];
|
|
1061
|
+
|
|
1062
|
+
// src/v1/schemas/policy-event.ts
|
|
1063
|
+
var PolicyEventSignalPayloadSchema = zod.z.object({
|
|
1064
|
+
policy_check_name: nonEmptyString(),
|
|
1065
|
+
policy_category: zod.z.enum(POLICY_CATEGORIES),
|
|
1066
|
+
policy_result: zod.z.enum(POLICY_RESULTS),
|
|
1067
|
+
severity: fraction01(),
|
|
1068
|
+
blocked: zod.z.boolean().optional().default(false),
|
|
1069
|
+
violation_count: zod.z.number().int().nonnegative().optional().default(0),
|
|
1070
|
+
policy_confidence: fraction01Nullable(),
|
|
1071
|
+
redaction_applied: zod.z.boolean().optional().default(false)
|
|
1072
|
+
});
|
|
1073
|
+
BaseEventSchema.extend({
|
|
1074
|
+
signal_payload: PolicyEventSignalPayloadSchema
|
|
1075
|
+
});
|
|
1076
|
+
|
|
1077
|
+
// src/v1/builders/policy-event-builder.ts
|
|
1078
|
+
var createPolicyEvent = (event) => {
|
|
1079
|
+
const signalPayload = PolicyEventSignalPayloadSchema.parse(
|
|
1080
|
+
event.signal_payload
|
|
1081
|
+
);
|
|
1082
|
+
return buildRawEventRequest(event, signalPayload, "POLICY_EVENT");
|
|
1083
|
+
};
|
|
1084
|
+
var promptHashSchema = zod.z.string().regex(/^[a-fA-F0-9]{64}$/).optional();
|
|
1085
|
+
var PromptInputSignalPayloadSchema = zod.z.object({
|
|
1086
|
+
prompt_length_chars: zod.z.number().int().nonnegative(),
|
|
1087
|
+
conversation_turn_index: zod.z.number().int().nonnegative(),
|
|
1088
|
+
contains_instruction_override: zod.z.boolean(),
|
|
1089
|
+
contains_tool_request: zod.z.boolean().optional().default(false),
|
|
1090
|
+
contains_secret_request: zod.z.boolean().optional().default(false),
|
|
1091
|
+
contains_policy_challenge: zod.z.boolean().optional().default(false),
|
|
1092
|
+
recursive_pattern_score: fraction01Nullable(),
|
|
1093
|
+
prompt_injection_score: fraction01Nullable(),
|
|
1094
|
+
sensitive_domain: zod.z.boolean().optional().default(false),
|
|
1095
|
+
complexity_score: fraction01Nullable(),
|
|
1096
|
+
prompt_hash: promptHashSchema
|
|
1097
|
+
});
|
|
1098
|
+
BaseEventSchema.extend({
|
|
1099
|
+
signal_payload: PromptInputSignalPayloadSchema
|
|
1100
|
+
});
|
|
1101
|
+
|
|
1102
|
+
// src/v1/builders/prompt-input-builder.ts
|
|
1103
|
+
var createPromptInputEvent = (event) => {
|
|
1104
|
+
const signalPayload = PromptInputSignalPayloadSchema.parse(
|
|
1105
|
+
event.signal_payload
|
|
1106
|
+
);
|
|
1107
|
+
return buildRawEventRequest(event, signalPayload, "PROMPT_INPUT");
|
|
1108
|
+
};
|
|
1109
|
+
var RagRetrievalSignalPayloadSchema = zod.z.object({
|
|
1110
|
+
retriever_id: nonEmptyString(),
|
|
1111
|
+
query_hash: zod.z.string().nullable().optional(),
|
|
1112
|
+
documents_retrieved: zod.z.number().int().nonnegative(),
|
|
1113
|
+
top_k: zod.z.number().int().min(1),
|
|
1114
|
+
average_relevance_score: fraction01(),
|
|
1115
|
+
source_trust_score: fraction01(),
|
|
1116
|
+
lowest_source_trust_score: fraction01Nullable(),
|
|
1117
|
+
untrusted_source_count: zod.z.number().int().nonnegative().optional().default(0),
|
|
1118
|
+
retrieved_context_tokens: zod.z.number().int().nonnegative().optional().default(0),
|
|
1119
|
+
context_injection_score: fraction01().optional().default(0),
|
|
1120
|
+
document_ids: zod.z.array(zod.z.string()).optional().default([])
|
|
1121
|
+
});
|
|
1122
|
+
BaseEventSchema.extend({
|
|
1123
|
+
signal_payload: RagRetrievalSignalPayloadSchema
|
|
1124
|
+
});
|
|
1125
|
+
|
|
1126
|
+
// src/v1/builders/rag-retrieval-builder.ts
|
|
1127
|
+
var createRagRetrievalEvent = (event) => {
|
|
1128
|
+
const signalPayload = RagRetrievalSignalPayloadSchema.parse(
|
|
1129
|
+
event.signal_payload
|
|
1130
|
+
);
|
|
1131
|
+
return buildRawEventRequest(event, signalPayload, "RAG_RETRIEVAL");
|
|
1132
|
+
};
|
|
1133
|
+
|
|
1134
|
+
// src/shared/types/session.ts
|
|
1135
|
+
var SESSION_STATUSES = [
|
|
1136
|
+
"STARTED",
|
|
1137
|
+
"ACTIVE",
|
|
1138
|
+
"ENDED",
|
|
1139
|
+
"TIMEOUT",
|
|
1140
|
+
"ABANDONED"
|
|
1141
|
+
];
|
|
1142
|
+
|
|
1143
|
+
// src/v1/schemas/session.ts
|
|
1144
|
+
var SessionSignalPayloadSchema = zod.z.object({
|
|
1145
|
+
session_status: zod.z.enum(SESSION_STATUSES),
|
|
1146
|
+
session_age_seconds: zod.z.number().nonnegative().optional().default(0),
|
|
1147
|
+
turn_count: zod.z.number().int().nonnegative().optional().default(0),
|
|
1148
|
+
messages_last_minute: zod.z.number().nonnegative().optional().default(0),
|
|
1149
|
+
avg_seconds_between_turns: zod.z.number().nonnegative().nullable().optional(),
|
|
1150
|
+
restart_count_10m: zod.z.number().int().nonnegative().optional().default(0),
|
|
1151
|
+
session_timeout: zod.z.boolean().optional().default(false),
|
|
1152
|
+
abandoned: zod.z.boolean().optional().default(false),
|
|
1153
|
+
conversation_id: zod.z.string().nullable().optional(),
|
|
1154
|
+
user_id: zod.z.string().nullable().optional()
|
|
1155
|
+
});
|
|
1156
|
+
BaseEventSchema.extend({
|
|
1157
|
+
signal_payload: SessionSignalPayloadSchema
|
|
1158
|
+
});
|
|
1159
|
+
|
|
1160
|
+
// src/v1/builders/session-builder.ts
|
|
1161
|
+
var createSessionEvent = (event) => {
|
|
1162
|
+
const signalPayload = SessionSignalPayloadSchema.parse(event.signal_payload);
|
|
1163
|
+
return buildRawEventRequest(event, signalPayload, "SESSION");
|
|
1164
|
+
};
|
|
1165
|
+
var SystemTelemetrySignalPayloadSchema = zod.z.object({
|
|
1166
|
+
metric_name: zod.z.string().nullable().optional(),
|
|
1167
|
+
value: zod.z.number().nullable().optional(),
|
|
1168
|
+
baseline: zod.z.number().nullable().optional(),
|
|
1169
|
+
window_seconds: zod.z.number().int().min(1).nullable().optional(),
|
|
1170
|
+
error_rate: fraction01().optional().default(0),
|
|
1171
|
+
baseline_error_rate: fraction01Nullable(),
|
|
1172
|
+
unusual_auth_rate: fraction01().optional().default(0),
|
|
1173
|
+
firmware_hash_changed: zod.z.boolean().optional().default(false),
|
|
1174
|
+
expected_hash_match: zod.z.boolean().nullable().optional(),
|
|
1175
|
+
sensor_deviation_score: fraction01Nullable()
|
|
1176
|
+
});
|
|
1177
|
+
BaseEventSchema.extend({
|
|
1178
|
+
signal_payload: SystemTelemetrySignalPayloadSchema
|
|
1179
|
+
});
|
|
1180
|
+
|
|
1181
|
+
// src/v1/builders/system-telemetry-builder.ts
|
|
993
1182
|
var createSystemTelemetryEvent = (event) => {
|
|
994
1183
|
const signalPayload = SystemTelemetrySignalPayloadSchema.parse(
|
|
995
1184
|
event.signal_payload
|
|
@@ -997,6 +1186,172 @@ var createSystemTelemetryEvent = (event) => {
|
|
|
997
1186
|
return buildRawEventRequest(event, signalPayload, "SYSTEM_TELEMETRY");
|
|
998
1187
|
};
|
|
999
1188
|
|
|
1189
|
+
// src/shared/types/tool-call.ts
|
|
1190
|
+
var TOOL_CATEGORIES = [
|
|
1191
|
+
"RETRIEVAL",
|
|
1192
|
+
"DATABASE",
|
|
1193
|
+
"PAYMENT",
|
|
1194
|
+
"MESSAGING",
|
|
1195
|
+
"CODE_EXECUTION",
|
|
1196
|
+
"FILE",
|
|
1197
|
+
"EXTERNAL_API",
|
|
1198
|
+
"OTHER"
|
|
1199
|
+
];
|
|
1200
|
+
|
|
1201
|
+
// src/v1/schemas/tool-call.ts
|
|
1202
|
+
var ToolCallSignalPayloadSchema = zod.z.object({
|
|
1203
|
+
tool_name: nonEmptyString(),
|
|
1204
|
+
tool_category: zod.z.enum(TOOL_CATEGORIES),
|
|
1205
|
+
action: nonEmptyString(),
|
|
1206
|
+
authorized: zod.z.boolean().nullable(),
|
|
1207
|
+
safety_critical: zod.z.boolean(),
|
|
1208
|
+
external_side_effect: zod.z.boolean(),
|
|
1209
|
+
tool_call_success: zod.z.boolean().nullable().optional(),
|
|
1210
|
+
latency_ms: zod.z.number().nonnegative().nullable().optional(),
|
|
1211
|
+
error_code: zod.z.string().nullable().optional(),
|
|
1212
|
+
argument_risk_score: fraction01Nullable(),
|
|
1213
|
+
result_size_bytes: zod.z.number().int().nonnegative().nullable().optional(),
|
|
1214
|
+
records_accessed: zod.z.number().int().nonnegative().optional().default(0),
|
|
1215
|
+
contains_sensitive_data: zod.z.boolean().optional().default(false),
|
|
1216
|
+
action_category: zod.z.string().nullable().optional(),
|
|
1217
|
+
method: zod.z.string().nullable().optional(),
|
|
1218
|
+
sensitive_data_involved: zod.z.boolean().optional().default(false),
|
|
1219
|
+
contains_phi: zod.z.boolean().optional().default(false),
|
|
1220
|
+
sensitive_domain: zod.z.boolean().optional().default(false)
|
|
1221
|
+
});
|
|
1222
|
+
BaseEventSchema.extend({
|
|
1223
|
+
signal_payload: ToolCallSignalPayloadSchema
|
|
1224
|
+
});
|
|
1225
|
+
|
|
1226
|
+
// src/v1/builders/tool-call-builder.ts
|
|
1227
|
+
var createToolCallEvent = (event) => {
|
|
1228
|
+
const signalPayload = ToolCallSignalPayloadSchema.parse(event.signal_payload);
|
|
1229
|
+
return buildRawEventRequest(event, signalPayload, "TOOL_CALL");
|
|
1230
|
+
};
|
|
1231
|
+
var TransactionSignalPayloadSchema = zod.z.object({
|
|
1232
|
+
amount: zod.z.number().nonnegative().default(0),
|
|
1233
|
+
amount_minor: zod.z.number().int().nonnegative().nullable().optional(),
|
|
1234
|
+
amount_usd: zod.z.number().nonnegative().nullable().optional(),
|
|
1235
|
+
currency: zod.z.string().nullable().optional(),
|
|
1236
|
+
merchant_category: zod.z.string().nullable().optional(),
|
|
1237
|
+
merchant_id: zod.z.string().nullable().optional(),
|
|
1238
|
+
channel: zod.z.string().nullable().optional(),
|
|
1239
|
+
country: zod.z.string().nullable().optional(),
|
|
1240
|
+
velocity: zod.z.number().nonnegative().nullable().optional(),
|
|
1241
|
+
external_anomaly_score: zod.z.number().nullable().optional(),
|
|
1242
|
+
geo_distance: zod.z.number().nonnegative().nullable().optional(),
|
|
1243
|
+
geo_distance_km: zod.z.number().nonnegative().nullable().optional(),
|
|
1244
|
+
records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
|
|
1245
|
+
baseline_records_accessed: zod.z.number().int().nonnegative().nullable().optional(),
|
|
1246
|
+
sensitivity_level: zod.z.string().nullable().optional(),
|
|
1247
|
+
export_count: zod.z.number().int().nonnegative().nullable().optional(),
|
|
1248
|
+
bulk_export: zod.z.boolean().optional().default(false),
|
|
1249
|
+
contains_phi: zod.z.boolean().optional().default(false),
|
|
1250
|
+
control_command: zod.z.string().nullable().optional(),
|
|
1251
|
+
authorized: zod.z.boolean().nullable().optional(),
|
|
1252
|
+
safety_critical: zod.z.boolean().optional().default(false)
|
|
1253
|
+
});
|
|
1254
|
+
BaseEventSchema.extend({
|
|
1255
|
+
signal_payload: TransactionSignalPayloadSchema
|
|
1256
|
+
});
|
|
1257
|
+
|
|
1258
|
+
// src/v1/builders/transaction-builder.ts
|
|
1259
|
+
var createTransactionEvent = (event) => {
|
|
1260
|
+
const signalPayload = TransactionSignalPayloadSchema.parse(
|
|
1261
|
+
event.signal_payload
|
|
1262
|
+
);
|
|
1263
|
+
return buildRawEventRequest(event, signalPayload, "TRANSACTION");
|
|
1264
|
+
};
|
|
1265
|
+
|
|
1266
|
+
// src/shared/types/user-feedback.ts
|
|
1267
|
+
var FEEDBACK_TYPES = [
|
|
1268
|
+
"THUMBS_UP",
|
|
1269
|
+
"THUMBS_DOWN",
|
|
1270
|
+
"REPORT",
|
|
1271
|
+
"CORRECTION",
|
|
1272
|
+
"RATING"
|
|
1273
|
+
];
|
|
1274
|
+
var FEEDBACK_ISSUE_TYPES = [
|
|
1275
|
+
"HALLUCINATION",
|
|
1276
|
+
"UNSAFE",
|
|
1277
|
+
"IRRELEVANT",
|
|
1278
|
+
"PRIVACY",
|
|
1279
|
+
"OFFENSIVE",
|
|
1280
|
+
"OTHER"
|
|
1281
|
+
];
|
|
1282
|
+
|
|
1283
|
+
// src/v1/schemas/user-feedback.ts
|
|
1284
|
+
var UserFeedbackSignalPayloadSchema = zod.z.object({
|
|
1285
|
+
feedback_type: zod.z.enum(FEEDBACK_TYPES),
|
|
1286
|
+
rating: zod.z.number().nullable().optional(),
|
|
1287
|
+
reported_issue: zod.z.boolean().optional().default(false),
|
|
1288
|
+
issue_type: zod.z.enum(FEEDBACK_ISSUE_TYPES).nullable().optional(),
|
|
1289
|
+
severity: fraction01Nullable(),
|
|
1290
|
+
response_id: zod.z.string().nullable().optional(),
|
|
1291
|
+
user_comment_hash: zod.z.string().nullable().optional()
|
|
1292
|
+
});
|
|
1293
|
+
BaseEventSchema.extend({
|
|
1294
|
+
signal_payload: UserFeedbackSignalPayloadSchema
|
|
1295
|
+
});
|
|
1296
|
+
|
|
1297
|
+
// src/v1/builders/user-feedback-builder.ts
|
|
1298
|
+
var createUserFeedbackEvent = (event) => {
|
|
1299
|
+
const signalPayload = UserFeedbackSignalPayloadSchema.parse(
|
|
1300
|
+
event.signal_payload
|
|
1301
|
+
);
|
|
1302
|
+
return buildRawEventRequest(event, signalPayload, "USER_FEEDBACK");
|
|
1303
|
+
};
|
|
1304
|
+
|
|
1305
|
+
// src/shared/types/workflow-action.ts
|
|
1306
|
+
var WORKFLOW_ACTION_CATEGORIES = [
|
|
1307
|
+
"FINANCIAL",
|
|
1308
|
+
"DATA_ACCESS",
|
|
1309
|
+
"COMMUNICATION",
|
|
1310
|
+
"ADMIN",
|
|
1311
|
+
"SECURITY",
|
|
1312
|
+
"CODE",
|
|
1313
|
+
"OTHER"
|
|
1314
|
+
];
|
|
1315
|
+
var WORKFLOW_ACTION_STAGES = [
|
|
1316
|
+
"PROPOSED",
|
|
1317
|
+
"PRE_EXECUTION",
|
|
1318
|
+
"EXECUTED",
|
|
1319
|
+
"FAILED",
|
|
1320
|
+
"ROLLED_BACK"
|
|
1321
|
+
];
|
|
1322
|
+
var WORKFLOW_ACTOR_TYPES = ["USER", "AI_AGENT", "SYSTEM"];
|
|
1323
|
+
|
|
1324
|
+
// src/v1/schemas/workflow-action.ts
|
|
1325
|
+
var WorkflowActionSignalPayloadSchema = zod.z.object({
|
|
1326
|
+
workflow_id: nonEmptyString(),
|
|
1327
|
+
workflow_type: nonEmptyString(),
|
|
1328
|
+
action_name: nonEmptyString(),
|
|
1329
|
+
action_category: zod.z.enum(WORKFLOW_ACTION_CATEGORIES),
|
|
1330
|
+
action_stage: zod.z.enum(WORKFLOW_ACTION_STAGES),
|
|
1331
|
+
actor_type: zod.z.enum(WORKFLOW_ACTOR_TYPES),
|
|
1332
|
+
requires_approval: zod.z.boolean().optional().default(false),
|
|
1333
|
+
approval_present: zod.z.boolean().optional().default(false),
|
|
1334
|
+
external_side_effect: zod.z.boolean().nullable().optional(),
|
|
1335
|
+
safety_critical: zod.z.boolean().nullable().optional(),
|
|
1336
|
+
amount_usd: zod.z.number().nonnegative().nullable().optional(),
|
|
1337
|
+
sensitive_data_involved: zod.z.boolean().optional().default(false),
|
|
1338
|
+
new_counterparty: zod.z.boolean().optional().default(false),
|
|
1339
|
+
is_new_vendor: zod.z.boolean().optional().default(false),
|
|
1340
|
+
is_new_recipient: zod.z.boolean().optional().default(false),
|
|
1341
|
+
is_new_endpoint: zod.z.boolean().optional().default(false)
|
|
1342
|
+
});
|
|
1343
|
+
BaseEventSchema.extend({
|
|
1344
|
+
signal_payload: WorkflowActionSignalPayloadSchema
|
|
1345
|
+
});
|
|
1346
|
+
|
|
1347
|
+
// src/v1/builders/workflow-action-builder.ts
|
|
1348
|
+
var createWorkflowActionEvent = (event) => {
|
|
1349
|
+
const signalPayload = WorkflowActionSignalPayloadSchema.parse(
|
|
1350
|
+
event.signal_payload
|
|
1351
|
+
);
|
|
1352
|
+
return buildRawEventRequest(event, signalPayload, "WORKFLOW_ACTION");
|
|
1353
|
+
};
|
|
1354
|
+
|
|
1000
1355
|
exports.API_REGISTRY = API_REGISTRY;
|
|
1001
1356
|
exports.QatiAPIError = QatiAPIError;
|
|
1002
1357
|
exports.QatiAuthError = QatiAuthError;
|
|
@@ -1009,12 +1364,21 @@ exports.RawEventRequestSchema = RawEventRequestSchema;
|
|
|
1009
1364
|
exports.Session = Session;
|
|
1010
1365
|
exports.baseUrlFor = baseUrlFor;
|
|
1011
1366
|
exports.createAnomalyFlagEvent = createAnomalyFlagEvent;
|
|
1367
|
+
exports.createApiCallEvent = createApiCallEvent;
|
|
1012
1368
|
exports.createAuthEvent = createAuthEvent;
|
|
1013
1369
|
exports.createBehaviorEvent = createBehaviorEvent;
|
|
1370
|
+
exports.createContextIntegrityEvent = createContextIntegrityEvent;
|
|
1014
1371
|
exports.createModelOutputEvent = createModelOutputEvent;
|
|
1015
1372
|
exports.createNetworkEvent = createNetworkEvent;
|
|
1373
|
+
exports.createPolicyEvent = createPolicyEvent;
|
|
1374
|
+
exports.createPromptInputEvent = createPromptInputEvent;
|
|
1375
|
+
exports.createRagRetrievalEvent = createRagRetrievalEvent;
|
|
1376
|
+
exports.createSessionEvent = createSessionEvent;
|
|
1016
1377
|
exports.createSystemTelemetryEvent = createSystemTelemetryEvent;
|
|
1378
|
+
exports.createToolCallEvent = createToolCallEvent;
|
|
1017
1379
|
exports.createTransactionEvent = createTransactionEvent;
|
|
1380
|
+
exports.createUserFeedbackEvent = createUserFeedbackEvent;
|
|
1381
|
+
exports.createWorkflowActionEvent = createWorkflowActionEvent;
|
|
1018
1382
|
exports.parseQatiConfig = parseQatiConfig;
|
|
1019
1383
|
exports.resolveQatiConfig = resolveQatiConfig;
|
|
1020
1384
|
//# sourceMappingURL=index.cjs.map
|