qwed-open-responses 0.1.0

package/README.md

@@ -0,0 +1,135 @@
+# QWED Open Responses (Node.js)
+
+[![npm version](https://badge.fury.io/js/qwed-open-responses.svg)](https://badge.fury.io/js/qwed-open-responses)
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+
+**Verification guards for AI agent outputs in Node.js/Express applications.**
+
+## Installation
+
+```bash
+npm install qwed-open-responses
+```
+
+## Quick Start
+
+```typescript
+import express from 'express';
+import { createQWEDMiddleware, ToolGuard, SafetyGuard } from 'qwed-open-responses';
+
+const app = express();
+app.use(express.json());
+
+// Add verification middleware
+app.use(createQWEDMiddleware({
+  guards: [new ToolGuard(), new SafetyGuard()],
+  blockOnFailure: true,
+}));
+
+app.post('/api/agent', (req, res) => {
+  // Response will be verified before sending
+  res.json({
+    tool_calls: [
+      { name: 'search', arguments: { query: 'weather' } }
+    ]
+  });
+});
+```
+
+## Guards
+
+### ToolGuard
+
+Blocks dangerous tool calls.
+
+```typescript
+const guard = new ToolGuard({
+  blockedTools: ['execute_shell', 'delete_file'],
+  allowedTools: ['search', 'calculator'], // Whitelist mode
+});
+```
+
+### SafetyGuard
+
+Detects PII and prompt injection.
+
+```typescript
+const guard = new SafetyGuard({
+  checkPii: true,
+  checkInjection: true,
+});
+```
+
+### SchemaGuard
+
+Validates JSON structure.
+
+```typescript
+const guard = new SchemaGuard({
+  type: 'object',
+  required: ['name', 'age'],
+});
+```
+
+### MathGuard
+
+Verifies calculations.
+
+```typescript
+const guard = new MathGuard({ tolerance: 0.01 });
+```
+
+## Middleware Options
+
+```typescript
+createQWEDMiddleware({
+  guards: [],              // Guards to apply
+  blockOnFailure: true,    // Block failed responses
+  verbose: false,          // Log verification results
+  skipPaths: ['/health'],  // Paths to skip
+  onError: (result, req, res) => {
+    // Custom error handler
+  },
+});
+```
+
+## Verify Request Bodies
+
+```typescript
+import { verifyRequestBody, ToolGuard } from 'qwed-open-responses';
+
+app.post('/api/execute',
+  verifyRequestBody({ guards: [new ToolGuard()] }),
+  (req, res) => {
+    // Request body is verified
+  }
+);
+```
+
+## Direct Verification
+
+```typescript
+import { ResponseVerifier, ToolGuard } from 'qwed-open-responses';
+
+const verifier = new ResponseVerifier([new ToolGuard()]);
+
+const result = verifier.verify({
+  tool_calls: [{ name: 'search', arguments: {} }]
+});
+
+if (result.verified) {
+  console.log('✅ Safe to execute');
+} else {
+  console.log('❌ Blocked:', result.blockReason);
+}
+```
+
+## Links
+
+- **GitHub:** [QWED-AI/qwed-open-responses](https://github.com/QWED-AI/qwed-open-responses)
+- **PyPI (Python):** [qwed-open-responses](https://pypi.org/project/qwed-open-responses/)
+- **Docs:** [docs.qwedai.com](https://docs.qwedai.com/docs/open-responses/overview)
+
+## License
+
+Apache 2.0

package/dist/guards.d.ts

@@ -0,0 +1,73 @@
+/**
+ * QWED Open Responses - Guards
+ */
+import { GuardResult, ParsedResponse } from './types';
+/**
+ * Base class for all guards.
+ */
+export declare abstract class BaseGuard {
+    abstract name: string;
+    abstract description: string;
+    abstract check(response: ParsedResponse, context?: Record<string, any>): GuardResult;
+    protected passResult(message?: string, details?: Record<string, any>): GuardResult;
+    protected failResult(message: string, details?: Record<string, any>, severity?: 'error' | 'warning'): GuardResult;
+}
+/**
+ * Tool Guard - Blocks dangerous tool calls.
+ */
+export declare class ToolGuard extends BaseGuard {
+    name: string;
+    description: string;
+    private blockedTools;
+    private allowedTools;
+    private dangerousPatterns;
+    private static DEFAULT_BLOCKED_TOOLS;
+    private static DEFAULT_DANGEROUS_PATTERNS;
+    constructor(options?: {
+        blockedTools?: string[];
+        allowedTools?: string[];
+        useDefaultBlocklist?: boolean;
+        dangerousPatterns?: RegExp[];
+    });
+    check(response: ParsedResponse, context?: Record<string, any>): GuardResult;
+    private extractToolCalls;
+}
+/**
+ * Schema Guard - Validates JSON schema.
+ */
+export declare class SchemaGuard extends BaseGuard {
+    name: string;
+    description: string;
+    private schema;
+    constructor(schema: Record<string, any>);
+    check(response: ParsedResponse, context?: Record<string, any>): GuardResult;
+}
+/**
+ * Safety Guard - Comprehensive safety checks.
+ */
+export declare class SafetyGuard extends BaseGuard {
+    name: string;
+    description: string;
+    private checkPii;
+    private checkInjection;
+    private static PII_PATTERNS;
+    private static INJECTION_PATTERNS;
+    constructor(options?: {
+        checkPii?: boolean;
+        checkInjection?: boolean;
+    });
+    check(response: ParsedResponse, context?: Record<string, any>): GuardResult;
+    private extractContent;
+}
+/**
+ * Math Guard - Verifies calculations.
+ */
+export declare class MathGuard extends BaseGuard {
+    name: string;
+    description: string;
+    private tolerance;
+    constructor(options?: {
+        tolerance?: number;
+    });
+    check(response: ParsedResponse, context?: Record<string, any>): GuardResult;
+}

package/dist/guards.js

@@ -0,0 +1,228 @@
+"use strict";
+/**
+ * QWED Open Responses - Guards
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MathGuard = exports.SafetyGuard = exports.SchemaGuard = exports.ToolGuard = exports.BaseGuard = void 0;
+/**
+ * Base class for all guards.
+ */
+class BaseGuard {
+    passResult(message, details) {
+        return {
+            guardName: this.name,
+            passed: true,
+            message: message || `${this.name} passed`,
+            details,
+            severity: 'info',
+        };
+    }
+    failResult(message, details, severity = 'error') {
+        return {
+            guardName: this.name,
+            passed: false,
+            message,
+            details,
+            severity,
+        };
+    }
+}
+exports.BaseGuard = BaseGuard;
+/**
+ * Tool Guard - Blocks dangerous tool calls.
+ */
+class ToolGuard extends BaseGuard {
+    constructor(options = {}) {
+        super();
+        this.name = 'ToolGuard';
+        this.description = 'Validates tool calls for safety';
+        const { blockedTools = [], allowedTools, useDefaultBlocklist = true, dangerousPatterns = [], } = options;
+        this.blockedTools = new Set(blockedTools);
+        if (useDefaultBlocklist) {
+            ToolGuard.DEFAULT_BLOCKED_TOOLS.forEach(t => this.blockedTools.add(t));
+        }
+        this.allowedTools = allowedTools ? new Set(allowedTools) : null;
+        this.dangerousPatterns = [
+            ...ToolGuard.DEFAULT_DANGEROUS_PATTERNS,
+            ...dangerousPatterns,
+        ];
+    }
+    check(response, context) {
+        const toolCalls = this.extractToolCalls(response);
+        if (toolCalls.length === 0) {
+            return this.passResult('No tool calls to verify');
+        }
+        for (const call of toolCalls) {
+            const toolName = call.toolName || call.tool_name || call.name || 'unknown';
+            const args = call.arguments || {};
+            // Check blocked list
+            if (this.blockedTools.has(toolName)) {
+                return this.failResult(`BLOCKED: Tool '${toolName}' is not allowed`, { blockedTool: toolName });
+            }
+            // Check allowed list (whitelist mode)
+            if (this.allowedTools && !this.allowedTools.has(toolName)) {
+                return this.failResult(`BLOCKED: Tool '${toolName}' is not in allowed list`, {
+                    tool: toolName,
+                    allowed: Array.from(this.allowedTools),
+                });
+            }
+            // Check dangerous patterns
+            const argsStr = JSON.stringify(args);
+            for (const pattern of this.dangerousPatterns) {
+                if (pattern.test(argsStr)) {
+                    return this.failResult('BLOCKED: Dangerous pattern detected in tool arguments', {
+                        tool: toolName,
+                        pattern: pattern.source,
+                    });
+                }
+            }
+        }
+        return this.passResult(`All ${toolCalls.length} tool call(s) verified`);
+    }
+    extractToolCalls(response) {
+        const calls = [];
+        if (response.type === 'tool_call') {
+            calls.push(response);
+        }
+        if (response.toolCalls || response.tool_calls) {
+            calls.push(...(response.toolCalls || response.tool_calls || []));
+        }
+        return calls;
+    }
+}
+exports.ToolGuard = ToolGuard;
+ToolGuard.DEFAULT_BLOCKED_TOOLS = new Set([
+    'execute_shell', 'shell', 'bash', 'cmd', 'exec', 'eval',
+    'delete_file', 'remove_file', 'write_file', 'modify_file',
+    'send_email', 'transfer_money', 'make_payment',
+]);
+ToolGuard.DEFAULT_DANGEROUS_PATTERNS = [
+    /DROP\s+TABLE/i,
+    /DELETE\s+FROM/i,
+    /TRUNCATE\s+TABLE/i,
+    /rm\s+-rf/i,
+    /rmdir\s+\/s/i,
+    /eval\s*\(/i,
+    /exec\s*\(/i,
+    /__import__/i,
+];
+/**
+ * Schema Guard - Validates JSON schema.
+ */
+class SchemaGuard extends BaseGuard {
+    constructor(schema) {
+        super();
+        this.name = 'SchemaGuard';
+        this.description = 'Validates response against JSON Schema';
+        this.schema = schema;
+    }
+    check(response, context) {
+        const data = response.output || response;
+        // Basic type checking (full JSON Schema validation would need ajv)
+        if (this.schema.type === 'object' && typeof data !== 'object') {
+            return this.failResult('Expected object type');
+        }
+        if (this.schema.required) {
+            const missing = this.schema.required.filter((field) => !(field in data));
+            if (missing.length > 0) {
+                return this.failResult(`Missing required fields: ${missing.join(', ')}`, { missing });
+            }
+        }
+        return this.passResult('Schema validation passed');
+    }
+}
+exports.SchemaGuard = SchemaGuard;
+/**
+ * Safety Guard - Comprehensive safety checks.
+ */
+class SafetyGuard extends BaseGuard {
+    constructor(options = {}) {
+        super();
+        this.name = 'SafetyGuard';
+        this.description = 'Comprehensive safety checks';
+        this.checkPii = options.checkPii ?? true;
+        this.checkInjection = options.checkInjection ?? true;
+    }
+    check(response, context) {
+        const content = this.extractContent(response);
+        const issues = [];
+        if (this.checkPii) {
+            for (const [type, pattern] of Object.entries(SafetyGuard.PII_PATTERNS)) {
+                if (pattern.test(content)) {
+                    issues.push(`PII detected: ${type}`);
+                }
+            }
+        }
+        if (this.checkInjection) {
+            for (const pattern of SafetyGuard.INJECTION_PATTERNS) {
+                if (pattern.test(content)) {
+                    return this.failResult('BLOCKED: Prompt injection detected', { pattern: pattern.source });
+                }
+            }
+        }
+        if (issues.length > 0) {
+            return this.failResult(`Safety issues detected: ${issues.join(', ')}`, { issues }, 'warning');
+        }
+        return this.passResult('All safety checks passed');
+    }
+    extractContent(response) {
+        const parts = [];
+        if (typeof response.content === 'string')
+            parts.push(response.content);
+        if (typeof response.output === 'string')
+            parts.push(response.output);
+        if (typeof response.text === 'string')
+            parts.push(response.text);
+        if (typeof response.output === 'object')
+            parts.push(JSON.stringify(response.output));
+        if (response.arguments)
+            parts.push(JSON.stringify(response.arguments));
+        return parts.join(' ');
+    }
+}
+exports.SafetyGuard = SafetyGuard;
+SafetyGuard.PII_PATTERNS = {
+    email: /[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}/,
+    phone: /\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/,
+    ssn: /\b\d{3}-\d{2}-\d{4}\b/,
+    creditCard: /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/,
+};
+SafetyGuard.INJECTION_PATTERNS = [
+    /ignore\s+(previous|all|above)\s+(instructions?|prompts?)/i,
+    /disregard\s+(previous|all|above)/i,
+    /forget\s+(everything|all|your\s+instructions)/i,
+    /you\s+are\s+now\s+/i,
+    /pretend\s+(you|to\s+be)/i,
+];
+/**
+ * Math Guard - Verifies calculations.
+ */
+class MathGuard extends BaseGuard {
+    constructor(options = {}) {
+        super();
+        this.name = 'MathGuard';
+        this.description = 'Verifies mathematical calculations';
+        this.tolerance = options.tolerance ?? 0.01;
+    }
+    check(response, context) {
+        const data = response.output || response;
+        if (typeof data !== 'object') {
+            return this.passResult('No calculations to verify');
+        }
+        // Check common total patterns
+        if ('total' in data && 'subtotal' in data) {
+            const subtotal = Number(data.subtotal) || 0;
+            const tax = Number(data.tax) || 0;
+            const shipping = Number(data.shipping) || 0;
+            const discount = Number(data.discount) || 0;
+            const total = Number(data.total);
+            const expected = subtotal + tax + shipping - discount;
+            if (Math.abs(expected - total) > this.tolerance) {
+                return this.failResult(`Total mismatch: expected ${expected}, got ${total}`, { expected, actual: total });
+            }
+        }
+        return this.passResult('Math verification passed');
+    }
+}
+exports.MathGuard = MathGuard;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ3VhcmRzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL2d1YXJkcy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUE7O0dBRUc7OztBQUlIOztHQUVHO0FBQ0gsTUFBc0IsU0FBUztJQU1qQixVQUFVLENBQUMsT0FBZ0IsRUFBRSxPQUE2QjtRQUNoRSxPQUFPO1lBQ0gsU0FBUyxFQUFFLElBQUksQ0FBQyxJQUFJO1lBQ3BCLE1BQU0sRUFBRSxJQUFJO1lBQ1osT0FBTyxFQUFFLE9BQU8sSUFBSSxHQUFHLElBQUksQ0FBQyxJQUFJLFNBQVM7WUFDekMsT0FBTztZQUNQLFFBQVEsRUFBRSxNQUFNO1NBQ25CLENBQUM7SUFDTixDQUFDO0lBRVMsVUFBVSxDQUFDLE9BQWUsRUFBRSxPQUE2QixFQUFFLFdBQWdDLE9BQU87UUFDeEcsT0FBTztZQUNILFNBQVMsRUFBRSxJQUFJLENBQUMsSUFBSTtZQUNwQixNQUFNLEVBQUUsS0FBSztZQUNiLE9BQU87WUFDUCxPQUFPO1lBQ1AsUUFBUTtTQUNYLENBQUM7SUFDTixDQUFDO0NBQ0o7QUF6QkQsOEJBeUJDO0FBRUQ7O0dBRUc7QUFDSCxNQUFhLFNBQVUsU0FBUSxTQUFTO0lBeUJwQyxZQUFZLFVBS1IsRUFBRTtRQUNGLEtBQUssRUFBRSxDQUFDO1FBOUJaLFNBQUksR0FBRyxXQUFXLENBQUM7UUFDbkIsZ0JBQVcsR0FBRyxpQ0FBaUMsQ0FBQztRQStCNUMsTUFBTSxFQUNGLFlBQVksR0FBRyxFQUFFLEVBQ2pCLFlBQVksRUFDWixtQkFBbUIsR0FBRyxJQUFJLEVBQzFCLGlCQUFpQixHQUFHLEVBQUUsR0FDekIsR0FBRyxPQUFPLENBQUM7UUFFWixJQUFJLENBQUMsWUFBWSxHQUFHLElBQUksR0FBRyxDQUFDLFlBQVksQ0FBQyxDQUFDO1FBQzFDLElBQUksbUJBQW1CLEVBQUUsQ0FBQztZQUN0QixTQUFTLENBQUMscUJBQXFCLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUMzRSxDQUFDO1FBRUQsSUFBSSxDQUFDLFlBQVksR0FBRyxZQUFZLENBQUMsQ0FBQyxDQUFDLElBQUksR0FBRyxDQUFDLFlBQVksQ0FBQyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUM7UUFDaEUsSUFBSSxDQUFDLGlCQUFpQixHQUFHO1lBQ3JCLEdBQUcsU0FBUyxDQUFDLDBCQUEwQjtZQUN2QyxHQUFHLGlCQUFpQjtTQUN2QixDQUFDO0lBQ04sQ0FBQztJQUVELEtBQUssQ0FBQyxRQUF3QixFQUFFLE9BQTZCO1FBQ3pELE1BQU0sU0FBUyxHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxRQUFRLENBQUMsQ0FBQztRQUVsRCxJQUFJLFNBQVMsQ0FBQyxNQUFNLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDekIsT0FBTyxJQUFJLENBQUMsVUFBVSxDQUFDLHlCQUF5QixDQUFDLENBQUM7UUFDdEQsQ0FBQztRQUVELEtBQUssTUFBTSxJQUFJLElBQUksU0FBUyxFQUFFLENBQUM7WUFDM0IsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFFBQVEsSUFBSSxJQUFJLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQyxJQUFJLElBQUksU0FBUyxDQUFDO1lBQzNFLE1BQU0sSUFBSSxHQUFHLElBQUksQ0FBQyxTQUFTLElBQUksRUFBRSxDQUFDO1lBRWxDLHFCQUFxQjtZQUNyQixJQUFJLElBQUksQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7Z0JBQ2xDLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyxrQkFBa0IsUUFBUSxrQkFBa0IsRUFBRSxFQUFFLFdBQVcsRUFBRSxRQUFRLEVBQUUsQ0FBQyxDQUFDO1lBQ3BHLENBQUM7WUFFRCxzQ0FBc0M7WUFDdEMsSUFBSSxJQUFJLENBQUMsWUFBWSxJQUFJLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztnQkFDeEQsT0FBTyxJQUFJLENBQUMsVUFBVSxDQUFDLGtCQUFrQixRQUFRLDBCQUEwQixFQUFFO29CQUN6RSxJQUFJLEVBQUUsUUFBUTtvQkFDZCxPQUFPLEVBQUUsS0FBSyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDO2lCQUN6QyxDQUFDLENBQUM7WUFDUCxDQUFDO1lBRUQsMkJBQTJCO1lBQzNCLE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDckMsS0FBSyxNQUFNLE9BQU8sSUFBSSxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztnQkFDM0MsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7b0JBQ3hCLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyx1REFBdUQsRUFBRTt3QkFDNUUsSUFBSSxFQUFFLFFBQVE7d0JBQ2QsT0FBTyxFQUFFLE9BQU8sQ0FBQyxNQUFNO3FCQUMxQixDQUFDLENBQUM7Z0JBQ1AsQ0FBQztZQUNMLENBQUM7UUFDTCxDQUFDO1FBRUQsT0FBTyxJQUFJLENBQUMsVUFBVSxDQUFDLE9BQU8sU0FBUyxDQUFDLE1BQU0sd0JBQXdCLENBQUMsQ0FBQztJQUM1RSxDQUFDO0lBRU8sZ0JBQWdCLENBQUMsUUFBd0I7UUFDN0MsTUFBTSxLQUFLLEdBQVUsRUFBRSxDQUFDO1FBRXhCLElBQUksUUFBUSxDQUFDLElBQUksS0FBSyxXQUFXLEVBQUUsQ0FBQztZQUNoQyxLQUFLLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3pCLENBQUM7UUFFRCxJQUFJLFFBQVEsQ0FBQyxTQUFTLElBQUksUUFBUSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQzVDLEtBQUssQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBQyxTQUFTLElBQUksUUFBUSxDQUFDLFVBQVUsSUFBSSxFQUFFLENBQUMsQ0FBQyxDQUFDO1FBQ3JFLENBQUM7UUFFRCxPQUFPLEtBQUssQ0FBQztJQUNqQixDQUFDOztBQXZHTCw4QkF3R0M7QUFoR2tCLCtCQUFxQixHQUFHLElBQUksR0FBRyxDQUFDO0lBQzNDLGVBQWUsRUFBRSxPQUFPLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxNQUFNLEVBQUUsTUFBTTtJQUN2RCxhQUFhLEVBQUUsYUFBYSxFQUFFLFlBQVksRUFBRSxhQUFhO0lBQ3pELFlBQVksRUFBRSxnQkFBZ0IsRUFBRSxjQUFjO0NBQ2pELENBQUMsQUFKa0MsQ0FJakM7QUFFWSxvQ0FBMEIsR0FBRztJQUN4QyxlQUFlO0lBQ2YsZ0JBQWdCO0lBQ2hCLG1CQUFtQjtJQUNuQixXQUFXO0lBQ1gsY0FBYztJQUNkLFlBQVk7SUFDWixZQUFZO0lBQ1osYUFBYTtDQUNoQixBQVR3QyxDQVN2QztBQW1GTjs7R0FFRztBQUNILE1BQWEsV0FBWSxTQUFRLFNBQVM7SUFNdEMsWUFBWSxNQUEyQjtRQUNuQyxLQUFLLEVBQUUsQ0FBQztRQU5aLFNBQUksR0FBRyxhQUFhLENBQUM7UUFDckIsZ0JBQVcsR0FBRyx3Q0FBd0MsQ0FBQztRQU1uRCxJQUFJLENBQUMsTUFBTSxHQUFHLE1BQU0sQ0FBQztJQUN6QixDQUFDO0lBRUQsS0FBSyxDQUFDLFFBQXdCLEVBQUUsT0FBNkI7UUFDekQsTUFBTSxJQUFJLEdBQUcsUUFBUSxDQUFDLE1BQU0sSUFBSSxRQUFRLENBQUM7UUFFekMsbUVBQW1FO1FBQ25FLElBQUksSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLEtBQUssUUFBUSxJQUFJLE9BQU8sSUFBSSxLQUFLLFFBQVEsRUFBRSxDQUFDO1lBQzVELE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDO1FBQ25ELENBQUM7UUFFRCxJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDdkIsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUMsS0FBYSxFQUFFLEVBQUUsQ0FBQyxDQUFDLENBQUMsS0FBSyxJQUFJLElBQUksQ0FBQyxDQUFDLENBQUM7WUFDakYsSUFBSSxPQUFPLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUNyQixPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsNEJBQTRCLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsRUFBRSxFQUFFLE9BQU8sRUFBRSxDQUFDLENBQUM7WUFDMUYsQ0FBQztRQUNMLENBQUM7UUFFRCxPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUN2RCxDQUFDO0NBQ0o7QUE1QkQsa0NBNEJDO0FBRUQ7O0dBRUc7QUFDSCxNQUFhLFdBQVksU0FBUSxTQUFTO0lBc0J0QyxZQUFZLFVBQTRELEVBQUU7UUFDdEUsS0FBSyxFQUFFLENBQUM7UUF0QlosU0FBSSxHQUFHLGFBQWEsQ0FBQztRQUNyQixnQkFBVyxHQUFHLDZCQUE2QixDQUFDO1FBc0J4QyxJQUFJLENBQUMsUUFBUSxHQUFHLE9BQU8sQ0FBQyxRQUFRLElBQUksSUFBSSxDQUFDO1FBQ3pDLElBQUksQ0FBQyxjQUFjLEdBQUcsT0FBTyxDQUFDLGNBQWMsSUFBSSxJQUFJLENBQUM7SUFDekQsQ0FBQztJQUVELEtBQUssQ0FBQyxRQUF3QixFQUFFLE9BQTZCO1FBQ3pELE1BQU0sT0FBTyxHQUFHLElBQUksQ0FBQyxjQUFjLENBQUMsUUFBUSxDQUFDLENBQUM7UUFDOUMsTUFBTSxNQUFNLEdBQWEsRUFBRSxDQUFDO1FBRTVCLElBQUksSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO1lBQ2hCLEtBQUssTUFBTSxDQUFDLElBQUksRUFBRSxPQUFPLENBQUMsSUFBSSxNQUFNLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxZQUFZLENBQUMsRUFBRSxDQUFDO2dCQUNyRSxJQUFJLE9BQU8sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztvQkFDeEIsTUFBTSxDQUFDLElBQUksQ0FBQyxpQkFBaUIsSUFBSSxFQUFFLENBQUMsQ0FBQztnQkFDekMsQ0FBQztZQUNMLENBQUM7UUFDTCxDQUFDO1FBRUQsSUFBSSxJQUFJLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDdEIsS0FBSyxNQUFNLE9BQU8sSUFBSSxXQUFXLENBQUMsa0JBQWtCLEVBQUUsQ0FBQztnQkFDbkQsSUFBSSxPQUFPLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7b0JBQ3hCLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQyxvQ0FBb0MsRUFBRSxFQUFFLE9BQU8sRUFBRSxPQUFPLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQztnQkFDOUYsQ0FBQztZQUNMLENBQUM7UUFDTCxDQUFDO1FBRUQsSUFBSSxNQUFNLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ3BCLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQywyQkFBMkIsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxFQUFFLEVBQUUsTUFBTSxFQUFFLEVBQUUsU0FBUyxDQUFDLENBQUM7UUFDbEcsQ0FBQztRQUVELE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0lBQ3ZELENBQUM7SUFFTyxjQUFjLENBQUMsUUFBd0I7UUFDM0MsTUFBTSxLQUFLLEdBQWEsRUFBRSxDQUFDO1FBRTNCLElBQUksT0FBTyxRQUFRLENBQUMsT0FBTyxLQUFLLFFBQVE7WUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUN2RSxJQUFJLE9BQU8sUUFBUSxDQUFDLE1BQU0sS0FBSyxRQUFRO1lBQUUsS0FBSyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDckUsSUFBSSxPQUFPLFFBQVEsQ0FBQyxJQUFJLEtBQUssUUFBUTtZQUFFLEtBQUssQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRWpFLElBQUksT0FBTyxRQUFRLENBQUMsTUFBTSxLQUFLLFFBQVE7WUFBRSxLQUFLLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7UUFDckYsSUFBSSxRQUFRLENBQUMsU0FBUztZQUFFLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQztRQUV2RSxPQUFPLEtBQUssQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDM0IsQ0FBQzs7QUFsRUwsa0NBbUVDO0FBNURrQix3QkFBWSxHQUFHO0lBQzFCLEtBQUssRUFBRSxnREFBZ0Q7SUFDdkQsS0FBSyxFQUFFLCtCQUErQjtJQUN0QyxHQUFHLEVBQUUsdUJBQXVCO0lBQzVCLFVBQVUsRUFBRSw0Q0FBNEM7Q0FDM0QsQUFMMEIsQ0FLekI7QUFFYSw4QkFBa0IsR0FBRztJQUNoQywyREFBMkQ7SUFDM0QsbUNBQW1DO0lBQ25DLGdEQUFnRDtJQUNoRCxxQkFBcUI7SUFDckIsMEJBQTBCO0NBQzdCLEFBTmdDLENBTS9CO0FBaUROOztHQUVHO0FBQ0gsTUFBYSxTQUFVLFNBQVEsU0FBUztJQU1wQyxZQUFZLFVBQWtDLEVBQUU7UUFDNUMsS0FBSyxFQUFFLENBQUM7UUFOWixTQUFJLEdBQUcsV0FBVyxDQUFDO1FBQ25CLGdCQUFXLEdBQUcsb0NBQW9DLENBQUM7UUFNL0MsSUFBSSxDQUFDLFNBQVMsR0FBRyxPQUFPLENBQUMsU0FBUyxJQUFJLElBQUksQ0FBQztJQUMvQyxDQUFDO0lBRUQsS0FBSyxDQUFDLFFBQXdCLEVBQUUsT0FBNkI7UUFDekQsTUFBTSxJQUFJLEdBQUcsUUFBUSxDQUFDLE1BQU0sSUFBSSxRQUFRLENBQUM7UUFFekMsSUFBSSxPQUFPLElBQUksS0FBSyxRQUFRLEVBQUUsQ0FBQztZQUMzQixPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsMkJBQTJCLENBQUMsQ0FBQztRQUN4RCxDQUFDO1FBRUQsOEJBQThCO1FBQzlCLElBQUksT0FBTyxJQUFJLElBQUksSUFBSSxVQUFVLElBQUksSUFBSSxFQUFFLENBQUM7WUFDeEMsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUMsTUFBTSxHQUFHLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDbEMsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUMsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDNUMsTUFBTSxLQUFLLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQztZQUVqQyxNQUFNLFFBQVEsR0FBRyxRQUFRLEdBQUcsR0FBRyxHQUFHLFFBQVEsR0FBRyxRQUFRLENBQUM7WUFFdEQsSUFBSSxJQUFJLENBQUMsR0FBRyxDQUFDLFFBQVEsR0FBRyxLQUFLLENBQUMsR0FBRyxJQUFJLENBQUMsU0FBUyxFQUFFLENBQUM7Z0JBQzlDLE9BQU8sSUFBSSxDQUFDLFVBQVUsQ0FDbEIsNEJBQTRCLFFBQVEsU0FBUyxLQUFLLEVBQUUsRUFDcEQsRUFBRSxRQUFRLEVBQUUsTUFBTSxFQUFFLEtBQUssRUFBRSxDQUM5QixDQUFDO1lBQ04sQ0FBQztRQUNMLENBQUM7UUFFRCxPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsMEJBQTBCLENBQUMsQ0FBQztJQUN2RCxDQUFDO0NBQ0o7QUF0Q0QsOEJBc0NDIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiBRV0VEIE9wZW4gUmVzcG9uc2VzIC0gR3VhcmRzXG4gKi9cblxuaW1wb3J0IHsgR3VhcmRSZXN1bHQsIFBhcnNlZFJlc3BvbnNlIH0gZnJvbSAnLi90eXBlcyc7XG5cbi8qKlxuICogQmFzZSBjbGFzcyBmb3IgYWxsIGd1YXJkcy5cbiAqL1xuZXhwb3J0IGFic3RyYWN0IGNsYXNzIEJhc2VHdWFyZCB7XG4gICAgYWJzdHJhY3QgbmFtZTogc3RyaW5nO1xuICAgIGFic3RyYWN0IGRlc2NyaXB0aW9uOiBzdHJpbmc7XG5cbiAgICBhYnN0cmFjdCBjaGVjayhyZXNwb25zZTogUGFyc2VkUmVzcG9uc2UsIGNvbnRleHQ/OiBSZWNvcmQ8c3RyaW5nLCBhbnk+KTogR3VhcmRSZXN1bHQ7XG5cbiAgICBwcm90ZWN0ZWQgcGFzc1Jlc3VsdChtZXNzYWdlPzogc3RyaW5nLCBkZXRhaWxzPzogUmVjb3JkPHN0cmluZywgYW55Pik6IEd1YXJkUmVzdWx0IHtcbiAgICAgICAgcmV0dXJuIHtcbiAgICAgICAgICAgIGd1YXJkTmFtZTogdGhpcy5uYW1lLFxuICAgICAgICAgICAgcGFzc2VkOiB0cnVlLFxuICAgICAgICAgICAgbWVzc2FnZTogbWVzc2FnZSB8fCBgJHt0aGlzLm5hbWV9IHBhc3NlZGAsXG4gICAgICAgICAgICBkZXRhaWxzLFxuICAgICAgICAgICAgc2V2ZXJpdHk6ICdpbmZvJyxcbiAgICAgICAgfTtcbiAgICB9XG5cbiAgICBwcm90ZWN0ZWQgZmFpbFJlc3VsdChtZXNzYWdlOiBzdHJpbmcsIGRldGFpbHM/OiBSZWNvcmQ8c3RyaW5nLCBhbnk+LCBzZXZlcml0eTogJ2Vycm9yJyB8ICd3YXJuaW5nJyA9ICdlcnJvcicpOiBHdWFyZFJlc3VsdCB7XG4gICAgICAgIHJldHVybiB7XG4gICAgICAgICAgICBndWFyZE5hbWU6IHRoaXMubmFtZSxcbiAgICAgICAgICAgIHBhc3NlZDogZmFsc2UsXG4gICAgICAgICAgICBtZXNzYWdlLFxuICAgICAgICAgICAgZGV0YWlscyxcbiAgICAgICAgICAgIHNldmVyaXR5LFxuICAgICAgICB9O1xuICAgIH1cbn1cblxuLyoqXG4gKiBUb29sIEd1YXJkIC0gQmxvY2tzIGRhbmdlcm91cyB0b29sIGNhbGxzLlxuICovXG5leHBvcnQgY2xhc3MgVG9vbEd1YXJkIGV4dGVuZHMgQmFzZUd1YXJkIHtcbiAgICBuYW1lID0gJ1Rvb2xHdWFyZCc7XG4gICAgZGVzY3JpcHRpb24gPSAnVmFsaWRhdGVzIHRvb2wgY2FsbHMgZm9yIHNhZmV0eSc7XG5cbiAgICBwcml2YXRlIGJsb2NrZWRUb29sczogU2V0PHN0cmluZz47XG4gICAgcHJpdmF0ZSBhbGxvd2VkVG9vbHM6IFNldDxzdHJpbmc+IHwgbnVsbDtcbiAgICBwcml2YXRlIGRhbmdlcm91c1BhdHRlcm5zOiBSZWdFeHBbXTtcblxuICAgIHByaXZhdGUgc3RhdGljIERFRkFVTFRfQkxPQ0tFRF9UT09MUyA9IG5ldyBTZXQoW1xuICAgICAgICAnZXhlY3V0ZV9zaGVsbCcsICdzaGVsbCcsICdiYXNoJywgJ2NtZCcsICdleGVjJywgJ2V2YWwnLFxuICAgICAgICAnZGVsZXRlX2ZpbGUnLCAncmVtb3ZlX2ZpbGUnLCAnd3JpdGVfZmlsZScsICdtb2RpZnlfZmlsZScsXG4gICAgICAgICdzZW5kX2VtYWlsJywgJ3RyYW5zZmVyX21vbmV5JywgJ21ha2VfcGF5bWVudCcsXG4gICAgXSk7XG5cbiAgICBwcml2YXRlIHN0YXRpYyBERUZBVUxUX0RBTkdFUk9VU19QQVRURVJOUyA9IFtcbiAgICAgICAgL0RST1BcXHMrVEFCTEUvaSxcbiAgICAgICAgL0RFTEVURVxccytGUk9NL2ksXG4gICAgICAgIC9UUlVOQ0FURVxccytUQUJMRS9pLFxuICAgICAgICAvcm1cXHMrLXJmL2ksXG4gICAgICAgIC9ybWRpclxccytcXC9zL2ksXG4gICAgICAgIC9ldmFsXFxzKlxcKC9pLFxuICAgICAgICAvZXhlY1xccypcXCgvaSxcbiAgICAgICAgL19faW1wb3J0X18vaSxcbiAgICBdO1xuXG4gICAgY29uc3RydWN0b3Iob3B0aW9uczoge1xuICAgICAgICBibG9ja2VkVG9vbHM/OiBzdHJpbmdbXTtcbiAgICAgICAgYWxsb3dlZFRvb2xzPzogc3RyaW5nW107XG4gICAgICAgIHVzZURlZmF1bHRCbG9ja2xpc3Q/OiBib29sZWFuO1xuICAgICAgICBkYW5nZXJvdXNQYXR0ZXJucz86IFJlZ0V4cFtdO1xuICAgIH0gPSB7fSkge1xuICAgICAgICBzdXBlcigpO1xuXG4gICAgICAgIGNvbnN0IHtcbiAgICAgICAgICAgIGJsb2NrZWRUb29scyA9IFtdLFxuICAgICAgICAgICAgYWxsb3dlZFRvb2xzLFxuICAgICAgICAgICAgdXNlRGVmYXVsdEJsb2NrbGlzdCA9IHRydWUsXG4gICAgICAgICAgICBkYW5nZXJvdXNQYXR0ZXJucyA9IFtdLFxuICAgICAgICB9ID0gb3B0aW9ucztcblxuICAgICAgICB0aGlzLmJsb2NrZWRUb29scyA9IG5ldyBTZXQoYmxvY2tlZFRvb2xzKTtcbiAgICAgICAgaWYgKHVzZURlZmF1bHRCbG9ja2xpc3QpIHtcbiAgICAgICAgICAgIFRvb2xHdWFyZC5ERUZBVUxUX0JMT0NLRURfVE9PTFMuZm9yRWFjaCh0ID0+IHRoaXMuYmxvY2tlZFRvb2xzLmFkZCh0KSk7XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLmFsbG93ZWRUb29scyA9IGFsbG93ZWRUb29scyA/IG5ldyBTZXQoYWxsb3dlZFRvb2xzKSA6IG51bGw7XG4gICAgICAgIHRoaXMuZGFuZ2Vyb3VzUGF0dGVybnMgPSBbXG4gICAgICAgICAgICAuLi5Ub29sR3VhcmQuREVGQVVMVF9EQU5HRVJPVVNfUEFUVEVSTlMsXG4gICAgICAgICAgICAuLi5kYW5nZXJvdXNQYXR0ZXJucyxcbiAgICAgICAgXTtcbiAgICB9XG5cbiAgICBjaGVjayhyZXNwb25zZTogUGFyc2VkUmVzcG9uc2UsIGNvbnRleHQ/OiBSZWNvcmQ8c3RyaW5nLCBhbnk+KTogR3VhcmRSZXN1bHQge1xuICAgICAgICBjb25zdCB0b29sQ2FsbHMgPSB0aGlzLmV4dHJhY3RUb29sQ2FsbHMocmVzcG9uc2UpO1xuXG4gICAgICAgIGlmICh0b29sQ2FsbHMubGVuZ3RoID09PSAwKSB7XG4gICAgICAgICAgICByZXR1cm4gdGhpcy5wYXNzUmVzdWx0KCdObyB0b29sIGNhbGxzIHRvIHZlcmlmeScpO1xuICAgICAgICB9XG5cbiAgICAgICAgZm9yIChjb25zdCBjYWxsIG9mIHRvb2xDYWxscykge1xuICAgICAgICAgICAgY29uc3QgdG9vbE5hbWUgPSBjYWxsLnRvb2xOYW1lIHx8IGNhbGwudG9vbF9uYW1lIHx8IGNhbGwubmFtZSB8fCAndW5rbm93bic7XG4gICAgICAgICAgICBjb25zdCBhcmdzID0gY2FsbC5hcmd1bWVudHMgfHwge307XG5cbiAgICAgICAgICAgIC8vIENoZWNrIGJsb2NrZWQgbGlzdFxuICAgICAgICAgICAgaWYgKHRoaXMuYmxvY2tlZFRvb2xzLmhhcyh0b29sTmFtZSkpIHtcbiAgICAgICAgICAgICAgICByZXR1cm4gdGhpcy5mYWlsUmVzdWx0KGBCTE9DS0VEOiBUb29sICcke3Rvb2xOYW1lfScgaXMgbm90IGFsbG93ZWRgLCB7IGJsb2NrZWRUb29sOiB0b29sTmFtZSB9KTtcbiAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgLy8gQ2hlY2sgYWxsb3dlZCBsaXN0ICh3aGl0ZWxpc3QgbW9kZSlcbiAgICAgICAgICAgIGlmICh0aGlzLmFsbG93ZWRUb29scyAmJiAhdGhpcy5hbGxvd2VkVG9vbHMuaGFzKHRvb2xOYW1lKSkge1xuICAgICAgICAgICAgICAgIHJldHVybiB0aGlzLmZhaWxSZXN1bHQoYEJMT0NLRUQ6IFRvb2wgJyR7dG9vbE5hbWV9JyBpcyBub3QgaW4gYWxsb3dlZCBsaXN0YCwge1xuICAgICAgICAgICAgICAgICAgICB0b29sOiB0b29sTmFtZSxcbiAgICAgICAgICAgICAgICAgICAgYWxsb3dlZDogQXJyYXkuZnJvbSh0aGlzLmFsbG93ZWRUb29scyksXG4gICAgICAgICAgICAgICAgfSk7XG4gICAgICAgICAgICB9XG5cbiAgICAgICAgICAgIC8vIENoZWNrIGRhbmdlcm91cyBwYXR0ZXJuc1xuICAgICAgICAgICAgY29uc3QgYXJnc1N0ciA9IEpTT04uc3RyaW5naWZ5KGFyZ3MpO1xuICAgICAgICAgICAgZm9yIChjb25zdCBwYXR0ZXJuIG9mIHRoaXMuZGFuZ2Vyb3VzUGF0dGVybnMpIHtcbiAgICAgICAgICAgICAgICBpZiAocGF0dGVybi50ZXN0KGFyZ3NTdHIpKSB7XG4gICAgICAgICAgICAgICAgICAgIHJldHVybiB0aGlzLmZhaWxSZXN1bHQoJ0JMT0NLRUQ6IERhbmdlcm91cyBwYXR0ZXJuIGRldGVjdGVkIGluIHRvb2wgYXJndW1lbnRzJywge1xuICAgICAgICAgICAgICAgICAgICAgICAgdG9vbDogdG9vbE5hbWUsXG4gICAgICAgICAgICAgICAgICAgICAgICBwYXR0ZXJuOiBwYXR0ZXJuLnNvdXJjZSxcbiAgICAgICAgICAgICAgICAgICAgfSk7XG4gICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgfVxuICAgICAgICB9XG5cbiAgICAgICAgcmV0dXJuIHRoaXMucGFzc1Jlc3VsdChgQWxsICR7dG9vbENhbGxzLmxlbmd0aH0gdG9vbCBjYWxsKHMpIHZlcmlmaWVkYCk7XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBleHRyYWN0VG9vbENhbGxzKHJlc3BvbnNlOiBQYXJzZWRSZXNwb25zZSk6IGFueVtdIHtcbiAgICAgICAgY29uc3QgY2FsbHM6IGFueVtdID0gW107XG5cbiAgICAgICAgaWYgKHJlc3BvbnNlLnR5cGUgPT09ICd0b29sX2NhbGwnKSB7XG4gICAgICAgICAgICBjYWxscy5wdXNoKHJlc3BvbnNlKTtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmIChyZXNwb25zZS50b29sQ2FsbHMgfHwgcmVzcG9uc2UudG9vbF9jYWxscykge1xuICAgICAgICAgICAgY2FsbHMucHVzaCguLi4ocmVzcG9uc2UudG9vbENhbGxzIHx8IHJlc3BvbnNlLnRvb2xfY2FsbHMgfHwgW10pKTtcbiAgICAgICAgfVxuXG4gICAgICAgIHJldHVybiBjYWxscztcbiAgICB9XG59XG5cbi8qKlxuICogU2NoZW1hIEd1YXJkIC0gVmFsaWRhdGVzIEpTT04gc2NoZW1hLlxuICovXG5leHBvcnQgY2xhc3MgU2NoZW1hR3VhcmQgZXh0ZW5kcyBCYXNlR3VhcmQge1xuICAgIG5hbWUgPSAnU2NoZW1hR3VhcmQnO1xuICAgIGRlc2NyaXB0aW9uID0gJ1ZhbGlkYXRlcyByZXNwb25zZSBhZ2FpbnN0IEpTT04gU2NoZW1hJztcblxuICAgIHByaXZhdGUgc2NoZW1hOiBSZWNvcmQ8c3RyaW5nLCBhbnk+O1xuXG4gICAgY29uc3RydWN0b3Ioc2NoZW1hOiBSZWNvcmQ8c3RyaW5nLCBhbnk+KSB7XG4gICAgICAgIHN1cGVyKCk7XG4gICAgICAgIHRoaXMuc2NoZW1hID0gc2NoZW1hO1xuICAgIH1cblxuICAgIGNoZWNrKHJlc3BvbnNlOiBQYXJzZWRSZXNwb25zZSwgY29udGV4dD86IFJlY29yZDxzdHJpbmcsIGFueT4pOiBHdWFyZFJlc3VsdCB7XG4gICAgICAgIGNvbnN0IGRhdGEgPSByZXNwb25zZS5vdXRwdXQgfHwgcmVzcG9uc2U7XG5cbiAgICAgICAgLy8gQmFzaWMgdHlwZSBjaGVja2luZyAoZnVsbCBKU09OIFNjaGVtYSB2YWxpZGF0aW9uIHdvdWxkIG5lZWQgYWp2KVxuICAgICAgICBpZiAodGhpcy5zY2hlbWEudHlwZSA9PT0gJ29iamVjdCcgJiYgdHlwZW9mIGRhdGEgIT09ICdvYmplY3QnKSB7XG4gICAgICAgICAgICByZXR1cm4gdGhpcy5mYWlsUmVzdWx0KCdFeHBlY3RlZCBvYmplY3QgdHlwZScpO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKHRoaXMuc2NoZW1hLnJlcXVpcmVkKSB7XG4gICAgICAgICAgICBjb25zdCBtaXNzaW5nID0gdGhpcy5zY2hlbWEucmVxdWlyZWQuZmlsdGVyKChmaWVsZDogc3RyaW5nKSA9PiAhKGZpZWxkIGluIGRhdGEpKTtcbiAgICAgICAgICAgIGlmIChtaXNzaW5nLmxlbmd0aCA+IDApIHtcbiAgICAgICAgICAgICAgICByZXR1cm4gdGhpcy5mYWlsUmVzdWx0KGBNaXNzaW5nIHJlcXVpcmVkIGZpZWxkczogJHttaXNzaW5nLmpvaW4oJywgJyl9YCwgeyBtaXNzaW5nIH0pO1xuICAgICAgICAgICAgfVxuICAgICAgICB9XG5cbiAgICAgICAgcmV0dXJuIHRoaXMucGFzc1Jlc3VsdCgnU2NoZW1hIHZhbGlkYXRpb24gcGFzc2VkJyk7XG4gICAgfVxufVxuXG4vKipcbiAqIFNhZmV0eSBHdWFyZCAtIENvbXByZWhlbnNpdmUgc2FmZXR5IGNoZWNrcy5cbiAqL1xuZXhwb3J0IGNsYXNzIFNhZmV0eUd1YXJkIGV4dGVuZHMgQmFzZUd1YXJkIHtcbiAgICBuYW1lID0gJ1NhZmV0eUd1YXJkJztcbiAgICBkZXNjcmlwdGlvbiA9ICdDb21wcmVoZW5zaXZlIHNhZmV0eSBjaGVja3MnO1xuXG4gICAgcHJpdmF0ZSBjaGVja1BpaTogYm9vbGVhbjtcbiAgICBwcml2YXRlIGNoZWNrSW5qZWN0aW9uOiBib29sZWFuO1xuXG4gICAgcHJpdmF0ZSBzdGF0aWMgUElJX1BBVFRFUk5TID0ge1xuICAgICAgICBlbWFpbDogL1thLXpBLVowLTkuXyUrLV0rQFthLXpBLVowLTkuLV0rXFwuW2EtekEtWl17Mix9LyxcbiAgICAgICAgcGhvbmU6IC9cXGJcXGR7M31bLS5dP1xcZHszfVstLl0/XFxkezR9XFxiLyxcbiAgICAgICAgc3NuOiAvXFxiXFxkezN9LVxcZHsyfS1cXGR7NH1cXGIvLFxuICAgICAgICBjcmVkaXRDYXJkOiAvXFxiXFxkezR9W1xccy1dP1xcZHs0fVtcXHMtXT9cXGR7NH1bXFxzLV0/XFxkezR9XFxiLyxcbiAgICB9O1xuXG4gICAgcHJpdmF0ZSBzdGF0aWMgSU5KRUNUSU9OX1BBVFRFUk5TID0gW1xuICAgICAgICAvaWdub3JlXFxzKyhwcmV2aW91c3xhbGx8YWJvdmUpXFxzKyhpbnN0cnVjdGlvbnM/fHByb21wdHM/KS9pLFxuICAgICAgICAvZGlzcmVnYXJkXFxzKyhwcmV2aW91c3xhbGx8YWJvdmUpL2ksXG4gICAgICAgIC9mb3JnZXRcXHMrKGV2ZXJ5dGhpbmd8YWxsfHlvdXJcXHMraW5zdHJ1Y3Rpb25zKS9pLFxuICAgICAgICAveW91XFxzK2FyZVxccytub3dcXHMrL2ksXG4gICAgICAgIC9wcmV0ZW5kXFxzKyh5b3V8dG9cXHMrYmUpL2ksXG4gICAgXTtcblxuICAgIGNvbnN0cnVjdG9yKG9wdGlvbnM6IHsgY2hlY2tQaWk/OiBib29sZWFuOyBjaGVja0luamVjdGlvbj86IGJvb2xlYW4gfSA9IHt9KSB7XG4gICAgICAgIHN1cGVyKCk7XG4gICAgICAgIHRoaXMuY2hlY2tQaWkgPSBvcHRpb25zLmNoZWNrUGlpID8/IHRydWU7XG4gICAgICAgIHRoaXMuY2hlY2tJbmplY3Rpb24gPSBvcHRpb25zLmNoZWNrSW5qZWN0aW9uID8/IHRydWU7XG4gICAgfVxuXG4gICAgY2hlY2socmVzcG9uc2U6IFBhcnNlZFJlc3BvbnNlLCBjb250ZXh0PzogUmVjb3JkPHN0cmluZywgYW55Pik6IEd1YXJkUmVzdWx0IHtcbiAgICAgICAgY29uc3QgY29udGVudCA9IHRoaXMuZXh0cmFjdENvbnRlbnQocmVzcG9uc2UpO1xuICAgICAgICBjb25zdCBpc3N1ZXM6IHN0cmluZ1tdID0gW107XG5cbiAgICAgICAgaWYgKHRoaXMuY2hlY2tQaWkpIHtcbiAgICAgICAgICAgIGZvciAoY29uc3QgW3R5cGUsIHBhdHRlcm5dIG9mIE9iamVjdC5lbnRyaWVzKFNhZmV0eUd1YXJkLlBJSV9QQVRURVJOUykpIHtcbiAgICAgICAgICAgICAgICBpZiAocGF0dGVybi50ZXN0KGNvbnRlbnQpKSB7XG4gICAgICAgICAgICAgICAgICAgIGlzc3Vlcy5wdXNoKGBQSUkgZGV0ZWN0ZWQ6ICR7dHlwZX1gKTtcbiAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICB9XG4gICAgICAgIH1cblxuICAgICAgICBpZiAodGhpcy5jaGVja0luamVjdGlvbikge1xuICAgICAgICAgICAgZm9yIChjb25zdCBwYXR0ZXJuIG9mIFNhZmV0eUd1YXJkLklOSkVDVElPTl9QQVRURVJOUykge1xuICAgICAgICAgICAgICAgIGlmIChwYXR0ZXJuLnRlc3QoY29udGVudCkpIHtcbiAgICAgICAgICAgICAgICAgICAgcmV0dXJuIHRoaXMuZmFpbFJlc3VsdCgnQkxPQ0tFRDogUHJvbXB0IGluamVjdGlvbiBkZXRlY3RlZCcsIHsgcGF0dGVybjogcGF0dGVybi5zb3VyY2UgfSk7XG4gICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgfVxuICAgICAgICB9XG5cbiAgICAgICAgaWYgKGlzc3Vlcy5sZW5ndGggPiAwKSB7XG4gICAgICAgICAgICByZXR1cm4gdGhpcy5mYWlsUmVzdWx0KGBTYWZldHkgaXNzdWVzIGRldGVjdGVkOiAke2lzc3Vlcy5qb2luKCcsICcpfWAsIHsgaXNzdWVzIH0sICd3YXJuaW5nJyk7XG4gICAgICAgIH1cblxuICAgICAgICByZXR1cm4gdGhpcy5wYXNzUmVzdWx0KCdBbGwgc2FmZXR5IGNoZWNrcyBwYXNzZWQnKTtcbiAgICB9XG5cbiAgICBwcml2YXRlIGV4dHJhY3RDb250ZW50KHJlc3BvbnNlOiBQYXJzZWRSZXNwb25zZSk6IHN0cmluZyB7XG4gICAgICAgIGNvbnN0IHBhcnRzOiBzdHJpbmdbXSA9IFtdO1xuXG4gICAgICAgIGlmICh0eXBlb2YgcmVzcG9uc2UuY29udGVudCA9PT0gJ3N0cmluZycpIHBhcnRzLnB1c2gocmVzcG9uc2UuY29udGVudCk7XG4gICAgICAgIGlmICh0eXBlb2YgcmVzcG9uc2Uub3V0cHV0ID09PSAnc3RyaW5nJykgcGFydHMucHVzaChyZXNwb25zZS5vdXRwdXQpO1xuICAgICAgICBpZiAodHlwZW9mIHJlc3BvbnNlLnRleHQgPT09ICdzdHJpbmcnKSBwYXJ0cy5wdXNoKHJlc3BvbnNlLnRleHQpO1xuXG4gICAgICAgIGlmICh0eXBlb2YgcmVzcG9uc2Uub3V0cHV0ID09PSAnb2JqZWN0JykgcGFydHMucHVzaChKU09OLnN0cmluZ2lmeShyZXNwb25zZS5vdXRwdXQpKTtcbiAgICAgICAgaWYgKHJlc3BvbnNlLmFyZ3VtZW50cykgcGFydHMucHVzaChKU09OLnN0cmluZ2lmeShyZXNwb25zZS5hcmd1bWVudHMpKTtcblxuICAgICAgICByZXR1cm4gcGFydHMuam9pbignICcpO1xuICAgIH1cbn1cblxuLyoqXG4gKiBNYXRoIEd1YXJkIC0gVmVyaWZpZXMgY2FsY3VsYXRpb25zLlxuICovXG5leHBvcnQgY2xhc3MgTWF0aEd1YXJkIGV4dGVuZHMgQmFzZUd1YXJkIHtcbiAgICBuYW1lID0gJ01hdGhHdWFyZCc7XG4gICAgZGVzY3JpcHRpb24gPSAnVmVyaWZpZXMgbWF0aGVtYXRpY2FsIGNhbGN1bGF0aW9ucyc7XG5cbiAgICBwcml2YXRlIHRvbGVyYW5jZTogbnVtYmVyO1xuXG4gICAgY29uc3RydWN0b3Iob3B0aW9uczogeyB0b2xlcmFuY2U/OiBudW1iZXIgfSA9IHt9KSB7XG4gICAgICAgIHN1cGVyKCk7XG4gICAgICAgIHRoaXMudG9sZXJhbmNlID0gb3B0aW9ucy50b2xlcmFuY2UgPz8gMC4wMTtcbiAgICB9XG5cbiAgICBjaGVjayhyZXNwb25zZTogUGFyc2VkUmVzcG9uc2UsIGNvbnRleHQ/OiBSZWNvcmQ8c3RyaW5nLCBhbnk+KTogR3VhcmRSZXN1bHQge1xuICAgICAgICBjb25zdCBkYXRhID0gcmVzcG9uc2Uub3V0cHV0IHx8IHJlc3BvbnNlO1xuXG4gICAgICAgIGlmICh0eXBlb2YgZGF0YSAhPT0gJ29iamVjdCcpIHtcbiAgICAgICAgICAgIHJldHVybiB0aGlzLnBhc3NSZXN1bHQoJ05vIGNhbGN1bGF0aW9ucyB0byB2ZXJpZnknKTtcbiAgICAgICAgfVxuXG4gICAgICAgIC8vIENoZWNrIGNvbW1vbiB0b3RhbCBwYXR0ZXJuc1xuICAgICAgICBpZiAoJ3RvdGFsJyBpbiBkYXRhICYmICdzdWJ0b3RhbCcgaW4gZGF0YSkge1xuICAgICAgICAgICAgY29uc3Qgc3VidG90YWwgPSBOdW1iZXIoZGF0YS5zdWJ0b3RhbCkgfHwgMDtcbiAgICAgICAgICAgIGNvbnN0IHRheCA9IE51bWJlcihkYXRhLnRheCkgfHwgMDtcbiAgICAgICAgICAgIGNvbnN0IHNoaXBwaW5nID0gTnVtYmVyKGRhdGEuc2hpcHBpbmcpIHx8IDA7XG4gICAgICAgICAgICBjb25zdCBkaXNjb3VudCA9IE51bWJlcihkYXRhLmRpc2NvdW50KSB8fCAwO1xuICAgICAgICAgICAgY29uc3QgdG90YWwgPSBOdW1iZXIoZGF0YS50b3RhbCk7XG5cbiAgICAgICAgICAgIGNvbnN0IGV4cGVjdGVkID0gc3VidG90YWwgKyB0YXggKyBzaGlwcGluZyAtIGRpc2NvdW50O1xuXG4gICAgICAgICAgICBpZiAoTWF0aC5hYnMoZXhwZWN0ZWQgLSB0b3RhbCkgPiB0aGlzLnRvbGVyYW5jZSkge1xuICAgICAgICAgICAgICAgIHJldHVybiB0aGlzLmZhaWxSZXN1bHQoXG4gICAgICAgICAgICAgICAgICAgIGBUb3RhbCBtaXNtYXRjaDogZXhwZWN0ZWQgJHtleHBlY3RlZH0sIGdvdCAke3RvdGFsfWAsXG4gICAgICAgICAgICAgICAgICAgIHsgZXhwZWN0ZWQsIGFjdHVhbDogdG90YWwgfVxuICAgICAgICAgICAgICAgICk7XG4gICAgICAgICAgICB9XG4gICAgICAgIH1cblxuICAgICAgICByZXR1cm4gdGhpcy5wYXNzUmVzdWx0KCdNYXRoIHZlcmlmaWNhdGlvbiBwYXNzZWQnKTtcbiAgICB9XG59XG4iXX0=

package/dist/index.d.ts

@@ -0,0 +1,58 @@
+/**
+ * QWED Open Responses - Express Middleware
+ *
+ * Verification guards for AI agent outputs in Express.js applications.
+ */
+import { Request, Response, RequestHandler } from 'express';
+export * from './guards';
+export * from './types';
+export * from './verifier';
+import { ResponseVerifier, VerificationResult } from './verifier';
+import { BaseGuard, ToolGuard, SchemaGuard, SafetyGuard } from './guards';
+export interface QWEDMiddlewareOptions {
+    /** Guards to apply to all requests */
+    guards?: BaseGuard[];
+    /** Block requests that fail verification */
+    blockOnFailure?: boolean;
+    /** Custom error handler */
+    onError?: (error: VerificationResult, req: Request, res: Response) => void;
+    /** Log verification results */
+    verbose?: boolean;
+    /** Paths to skip verification */
+    skipPaths?: string[];
+}
+/**
+ * Create QWED verification middleware for Express.
+ *
+ * @example
+ * ```typescript
+ * import express from 'express';
+ * import { createQWEDMiddleware, ToolGuard, SafetyGuard } from 'qwed-open-responses';
+ *
+ * const app = express();
+ *
+ * app.use(createQWEDMiddleware({
+ *   guards: [new ToolGuard(), new SafetyGuard()],
+ *   blockOnFailure: true,
+ * }));
+ * ```
+ */
+export declare function createQWEDMiddleware(options?: QWEDMiddlewareOptions): RequestHandler;
+/**
+ * Middleware to verify incoming request bodies.
+ */
+export declare function verifyRequestBody(options?: QWEDMiddlewareOptions): RequestHandler;
+/**
+ * Middleware to verify tool calls in AI agent requests.
+ */
+export declare function verifyToolCalls(options?: QWEDMiddlewareOptions): RequestHandler;
+declare const _default: {
+    createQWEDMiddleware: typeof createQWEDMiddleware;
+    verifyRequestBody: typeof verifyRequestBody;
+    verifyToolCalls: typeof verifyToolCalls;
+    ResponseVerifier: typeof ResponseVerifier;
+    ToolGuard: typeof ToolGuard;
+    SchemaGuard: typeof SchemaGuard;
+    SafetyGuard: typeof SafetyGuard;
+};
+export default _default;

package/dist/index.js

@@ -0,0 +1,130 @@
+"use strict";
+/**
+ * QWED Open Responses - Express Middleware
+ *
+ * Verification guards for AI agent outputs in Express.js applications.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createQWEDMiddleware = createQWEDMiddleware;
+exports.verifyRequestBody = verifyRequestBody;
+exports.verifyToolCalls = verifyToolCalls;
+// Re-export all guards and types
+__exportStar(require("./guards"), exports);
+__exportStar(require("./types"), exports);
+__exportStar(require("./verifier"), exports);
+const verifier_1 = require("./verifier");
+const guards_1 = require("./guards");
+/**
+ * Create QWED verification middleware for Express.
+ *
+ * @example
+ * ```typescript
+ * import express from 'express';
+ * import { createQWEDMiddleware, ToolGuard, SafetyGuard } from 'qwed-open-responses';
+ *
+ * const app = express();
+ *
+ * app.use(createQWEDMiddleware({
+ *   guards: [new ToolGuard(), new SafetyGuard()],
+ *   blockOnFailure: true,
+ * }));
+ * ```
+ */
+function createQWEDMiddleware(options = {}) {
+    const { guards = [], blockOnFailure = true, onError, verbose = false, skipPaths = [], } = options;
+    const verifier = new verifier_1.ResponseVerifier(guards);
+    return (req, res, next) => {
+        // Skip certain paths
+        if (skipPaths.some(path => req.path.startsWith(path))) {
+            return next();
+        }
+        // Store original json method
+        const originalJson = res.json.bind(res);
+        // Override json to verify before sending
+        res.json = (body) => {
+            const result = verifier.verify(body);
+            if (verbose) {
+                console.log(`[QWED] ${req.method} ${req.path} -> ${result.verified ? 'PASS' : 'FAIL'}`);
+            }
+            // Attach verification result to response
+            res._qwedVerification = result;
+            if (!result.verified && blockOnFailure) {
+                if (onError) {
+                    onError(result, req, res);
+                    return res;
+                }
+                return originalJson({
+                    error: 'Response verification failed',
+                    code: 'QWED_VERIFICATION_FAILED',
+                    details: result.guardResults.filter(g => !g.passed).map(g => ({
+                        guard: g.guardName,
+                        message: g.message,
+                    })),
+                });
+            }
+            return originalJson(body);
+        };
+        next();
+    };
+}
+/**
+ * Middleware to verify incoming request bodies.
+ */
+function verifyRequestBody(options = {}) {
+    const { guards = [], blockOnFailure = true, verbose = false, } = options;
+    const verifier = new verifier_1.ResponseVerifier(guards);
+    return (req, res, next) => {
+        if (!req.body) {
+            return next();
+        }
+        const result = verifier.verify(req.body);
+        if (verbose) {
+            console.log(`[QWED] Request body ${req.method} ${req.path} -> ${result.verified ? 'PASS' : 'FAIL'}`);
+        }
+        req._qwedVerification = result;
+        if (!result.verified && blockOnFailure) {
+            return res.status(422).json({
+                error: 'Request verification failed',
+                code: 'QWED_REQUEST_BLOCKED',
+                details: result.guardResults.filter(g => !g.passed).map(g => ({
+                    guard: g.guardName,
+                    message: g.message,
+                })),
+            });
+        }
+        next();
+    };
+}
+/**
+ * Middleware to verify tool calls in AI agent requests.
+ */
+function verifyToolCalls(options = {}) {
+    const toolGuard = new guards_1.ToolGuard();
+    const guards = [toolGuard, ...(options.guards || [])];
+    return verifyRequestBody({ ...options, guards });
+}
+// Default export
+exports.default = {
+    createQWEDMiddleware,
+    verifyRequestBody,
+    verifyToolCalls,
+    ResponseVerifier: verifier_1.ResponseVerifier,
+    ToolGuard: guards_1.ToolGuard,
+    SchemaGuard: guards_1.SchemaGuard,
+    SafetyGuard: guards_1.SafetyGuard,
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOzs7O0dBSUc7Ozs7Ozs7Ozs7Ozs7Ozs7QUF5Q0gsb0RBb0RDO0FBS0QsOENBbUNDO0FBS0QsMENBS0M7QUEzSUQsaUNBQWlDO0FBQ2pDLDJDQUF5QjtBQUN6QiwwQ0FBd0I7QUFDeEIsNkNBQTJCO0FBRTNCLHlDQUFrRTtBQUNsRSxxQ0FBMEU7QUFlMUU7Ozs7Ozs7Ozs7Ozs7OztHQWVHO0FBQ0gsU0FBZ0Isb0JBQW9CLENBQUMsVUFBaUMsRUFBRTtJQUNwRSxNQUFNLEVBQ0YsTUFBTSxHQUFHLEVBQUUsRUFDWCxjQUFjLEdBQUcsSUFBSSxFQUNyQixPQUFPLEVBQ1AsT0FBTyxHQUFHLEtBQUssRUFDZixTQUFTLEdBQUcsRUFBRSxHQUNqQixHQUFHLE9BQU8sQ0FBQztJQUVaLE1BQU0sUUFBUSxHQUFHLElBQUksMkJBQWdCLENBQUMsTUFBTSxDQUFDLENBQUM7SUFFOUMsT0FBTyxDQUFDLEdBQVksRUFBRSxHQUFhLEVBQUUsSUFBa0IsRUFBRSxFQUFFO1FBQ3ZELHFCQUFxQjtRQUNyQixJQUFJLFNBQVMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxFQUFFLENBQUM7WUFDcEQsT0FBTyxJQUFJLEVBQUUsQ0FBQztRQUNsQixDQUFDO1FBRUQsNkJBQTZCO1FBQzdCLE1BQU0sWUFBWSxHQUFHLEdBQUcsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBRXhDLHlDQUF5QztRQUN6QyxHQUFHLENBQUMsSUFBSSxHQUFHLENBQUMsSUFBUyxFQUFFLEVBQUU7WUFDckIsTUFBTSxNQUFNLEdBQUcsUUFBUSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUVyQyxJQUFJLE9BQU8sRUFBRSxDQUFDO2dCQUNWLE9BQU8sQ0FBQyxHQUFHLENBQUMsVUFBVSxHQUFHLENBQUMsTUFBTSxJQUFJLEdBQUcsQ0FBQyxJQUFJLE9BQU8sTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1lBQzVGLENBQUM7WUFFRCx5Q0FBeUM7WUFDeEMsR0FBVyxDQUFDLGlCQUFpQixHQUFHLE1BQU0sQ0FBQztZQUV4QyxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsSUFBSSxjQUFjLEVBQUUsQ0FBQztnQkFDckMsSUFBSSxPQUFPLEVBQUUsQ0FBQztvQkFDVixPQUFPLENBQUMsTUFBTSxFQUFFLEdBQUcsRUFBRSxHQUFHLENBQUMsQ0FBQztvQkFDMUIsT0FBTyxHQUFHLENBQUM7Z0JBQ2YsQ0FBQztnQkFFRCxPQUFPLFlBQVksQ0FBQztvQkFDaEIsS0FBSyxFQUFFLDhCQUE4QjtvQkFDckMsSUFBSSxFQUFFLDBCQUEwQjtvQkFDaEMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQzt3QkFDMUQsS0FBSyxFQUFFLENBQUMsQ0FBQyxTQUFTO3dCQUNsQixPQUFPLEVBQUUsQ0FBQyxDQUFDLE9BQU87cUJBQ3JCLENBQUMsQ0FBQztpQkFDTixDQUFDLENBQUM7WUFDUCxDQUFDO1lBRUQsT0FBTyxZQUFZLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDOUIsQ0FBQyxDQUFDO1FBRUYsSUFBSSxFQUFFLENBQUM7SUFDWCxDQUFDLENBQUM7QUFDTixDQUFDO0FBRUQ7O0dBRUc7QUFDSCxTQUFnQixpQkFBaUIsQ0FBQyxVQUFpQyxFQUFFO0lBQ2pFLE1BQU0sRUFDRixNQUFNLEdBQUcsRUFBRSxFQUNYLGNBQWMsR0FBRyxJQUFJLEVBQ3JCLE9BQU8sR0FBRyxLQUFLLEdBQ2xCLEdBQUcsT0FBTyxDQUFDO0lBRVosTUFBTSxRQUFRLEdBQUcsSUFBSSwyQkFBZ0IsQ0FBQyxNQUFNLENBQUMsQ0FBQztJQUU5QyxPQUFPLENBQUMsR0FBWSxFQUFFLEdBQWEsRUFBRSxJQUFrQixFQUFFLEVBQUU7UUFDdkQsSUFBSSxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNaLE9BQU8sSUFBSSxFQUFFLENBQUM7UUFDbEIsQ0FBQztRQUVELE1BQU0sTUFBTSxHQUFHLFFBQVEsQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxDQUFDO1FBRXpDLElBQUksT0FBTyxFQUFFLENBQUM7WUFDVixPQUFPLENBQUMsR0FBRyxDQUFDLHVCQUF1QixHQUFHLENBQUMsTUFBTSxJQUFJLEdBQUcsQ0FBQyxJQUFJLE9BQU8sTUFBTSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDO1FBQ3pHLENBQUM7UUFFQSxHQUFXLENBQUMsaUJBQWlCLEdBQUcsTUFBTSxDQUFDO1FBRXhDLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxJQUFJLGNBQWMsRUFBRSxDQUFDO1lBQ3JDLE9BQU8sR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUMsQ0FBQyxJQUFJLENBQUM7Z0JBQ3hCLEtBQUssRUFBRSw2QkFBNkI7Z0JBQ3BDLElBQUksRUFBRSxzQkFBc0I7Z0JBQzVCLE9BQU8sRUFBRSxNQUFNLENBQUMsWUFBWSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUM7b0JBQzFELEtBQUssRUFBRSxDQUFDLENBQUMsU0FBUztvQkFDbEIsT0FBTyxFQUFFLENBQUMsQ0FBQyxPQUFPO2lCQUNyQixDQUFDLENBQUM7YUFDTixDQUFDLENBQUM7UUFDUCxDQUFDO1FBRUQsSUFBSSxFQUFFLENBQUM7SUFDWCxDQUFDLENBQUM7QUFDTixDQUFDO0FBRUQ7O0dBRUc7QUFDSCxTQUFnQixlQUFlLENBQUMsVUFBaUMsRUFBRTtJQUMvRCxNQUFNLFNBQVMsR0FBRyxJQUFJLGtCQUFTLEVBQUUsQ0FBQztJQUNsQyxNQUFNLE1BQU0sR0FBRyxDQUFDLFNBQVMsRUFBRSxHQUFHLENBQUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxFQUFFLENBQUMsQ0FBQyxDQUFDO0lBRXRELE9BQU8saUJBQWlCLENBQUMsRUFBRSxHQUFHLE9BQU8sRUFBRSxNQUFNLEVBQUUsQ0FBQyxDQUFDO0FBQ3JELENBQUM7QUFFRCxpQkFBaUI7QUFDakIsa0JBQWU7SUFDWCxvQkFBb0I7SUFDcEIsaUJBQWlCO0lBQ2pCLGVBQWU7SUFDZixnQkFBZ0IsRUFBaEIsMkJBQWdCO0lBQ2hCLFNBQVMsRUFBVCxrQkFBUztJQUNULFdBQVcsRUFBWCxvQkFBVztJQUNYLFdBQVcsRUFBWCxvQkFBVztDQUNkLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIFFXRUQgT3BlbiBSZXNwb25zZXMgLSBFeHByZXNzIE1pZGRsZXdhcmVcbiAqIFxuICogVmVyaWZpY2F0aW9uIGd1YXJkcyBmb3IgQUkgYWdlbnQgb3V0cHV0cyBpbiBFeHByZXNzLmpzIGFwcGxpY2F0aW9ucy5cbiAqL1xuXG5pbXBvcnQgeyBSZXF1ZXN0LCBSZXNwb25zZSwgTmV4dEZ1bmN0aW9uLCBSZXF1ZXN0SGFuZGxlciB9IGZyb20gJ2V4cHJlc3MnO1xuXG4vLyBSZS1leHBvcnQgYWxsIGd1YXJkcyBhbmQgdHlwZXNcbmV4cG9ydCAqIGZyb20gJy4vZ3VhcmRzJztcbmV4cG9ydCAqIGZyb20gJy4vdHlwZXMnO1xuZXhwb3J0ICogZnJvbSAnLi92ZXJpZmllcic7XG5cbmltcG9ydCB7IFJlc3BvbnNlVmVyaWZpZXIsIFZlcmlmaWNhdGlvblJlc3VsdCB9IGZyb20gJy4vdmVyaWZpZXInO1xuaW1wb3J0IHsgQmFzZUd1YXJkLCBUb29sR3VhcmQsIFNjaGVtYUd1YXJkLCBTYWZldHlHdWFyZCB9IGZyb20gJy4vZ3VhcmRzJztcblxuZXhwb3J0IGludGVyZmFjZSBRV0VETWlkZGxld2FyZU9wdGlvbnMge1xuICAgIC8qKiBHdWFyZHMgdG8gYXBwbHkgdG8gYWxsIHJlcXVlc3RzICovXG4gICAgZ3VhcmRzPzogQmFzZUd1YXJkW107XG4gICAgLyoqIEJsb2NrIHJlcXVlc3RzIHRoYXQgZmFpbCB2ZXJpZmljYXRpb24gKi9cbiAgICBibG9ja09uRmFpbHVyZT86IGJvb2xlYW47XG4gICAgLyoqIEN1c3RvbSBlcnJvciBoYW5kbGVyICovXG4gICAgb25FcnJvcj86IChlcnJvcjogVmVyaWZpY2F0aW9uUmVzdWx0LCByZXE6IFJlcXVlc3QsIHJlczogUmVzcG9uc2UpID0+IHZvaWQ7XG4gICAgLyoqIExvZyB2ZXJpZmljYXRpb24gcmVzdWx0cyAqL1xuICAgIHZlcmJvc2U/OiBib29sZWFuO1xuICAgIC8qKiBQYXRocyB0byBza2lwIHZlcmlmaWNhdGlvbiAqL1xuICAgIHNraXBQYXRocz86IHN0cmluZ1tdO1xufVxuXG4vKipcbiAqIENyZWF0ZSBRV0VEIHZlcmlmaWNhdGlvbiBtaWRkbGV3YXJlIGZvciBFeHByZXNzLlxuICogXG4gKiBAZXhhbXBsZVxuICogYGBgdHlwZXNjcmlwdFxuICogaW1wb3J0IGV4cHJlc3MgZnJvbSAnZXhwcmVzcyc7XG4gKiBpbXBvcnQgeyBjcmVhdGVRV0VETWlkZGxld2FyZSwgVG9vbEd1YXJkLCBTYWZldHlHdWFyZCB9IGZyb20gJ3F3ZWQtb3Blbi1yZXNwb25zZXMnO1xuICogXG4gKiBjb25zdCBhcHAgPSBleHByZXNzKCk7XG4gKiBcbiAqIGFwcC51c2UoY3JlYXRlUVdFRE1pZGRsZXdhcmUoe1xuICogICBndWFyZHM6IFtuZXcgVG9vbEd1YXJkKCksIG5ldyBTYWZldHlHdWFyZCgpXSxcbiAqICAgYmxvY2tPbkZhaWx1cmU6IHRydWUsXG4gKiB9KSk7XG4gKiBgYGBcbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGNyZWF0ZVFXRURNaWRkbGV3YXJlKG9wdGlvbnM6IFFXRURNaWRkbGV3YXJlT3B0aW9ucyA9IHt9KTogUmVxdWVzdEhhbmRsZXIge1xuICAgIGNvbnN0IHtcbiAgICAgICAgZ3VhcmRzID0gW10sXG4gICAgICAgIGJsb2NrT25GYWlsdXJlID0gdHJ1ZSxcbiAgICAgICAgb25FcnJvcixcbiAgICAgICAgdmVyYm9zZSA9IGZhbHNlLFxuICAgICAgICBza2lwUGF0aHMgPSBbXSxcbiAgICB9ID0gb3B0aW9ucztcblxuICAgIGNvbnN0IHZlcmlmaWVyID0gbmV3IFJlc3BvbnNlVmVyaWZpZXIoZ3VhcmRzKTtcblxuICAgIHJldHVybiAocmVxOiBSZXF1ZXN0LCByZXM6IFJlc3BvbnNlLCBuZXh0OiBOZXh0RnVuY3Rpb24pID0+IHtcbiAgICAgICAgLy8gU2tpcCBjZXJ0YWluIHBhdGhzXG4gICAgICAgIGlmIChza2lwUGF0aHMuc29tZShwYXRoID0+IHJlcS5wYXRoLnN0YXJ0c1dpdGgocGF0aCkpKSB7XG4gICAgICAgICAgICByZXR1cm4gbmV4dCgpO1xuICAgICAgICB9XG5cbiAgICAgICAgLy8gU3RvcmUgb3JpZ2luYWwganNvbiBtZXRob2RcbiAgICAgICAgY29uc3Qgb3JpZ2luYWxKc29uID0gcmVzLmpzb24uYmluZChyZXMpO1xuXG4gICAgICAgIC8vIE92ZXJyaWRlIGpzb24gdG8gdmVyaWZ5IGJlZm9yZSBzZW5kaW5nXG4gICAgICAgIHJlcy5qc29uID0gKGJvZHk6IGFueSkgPT4ge1xuICAgICAgICAgICAgY29uc3QgcmVzdWx0ID0gdmVyaWZpZXIudmVyaWZ5KGJvZHkpO1xuXG4gICAgICAgICAgICBpZiAodmVyYm9zZSkge1xuICAgICAgICAgICAgICAgIGNvbnNvbGUubG9nKGBbUVdFRF0gJHtyZXEubWV0aG9kfSAke3JlcS5wYXRofSAtPiAke3Jlc3VsdC52ZXJpZmllZCA/ICdQQVNTJyA6ICdGQUlMJ31gKTtcbiAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgLy8gQXR0YWNoIHZlcmlmaWNhdGlvbiByZXN1bHQgdG8gcmVzcG9uc2VcbiAgICAgICAgICAgIChyZXMgYXMgYW55KS5fcXdlZFZlcmlmaWNhdGlvbiA9IHJlc3VsdDtcblxuICAgICAgICAgICAgaWYgKCFyZXN1bHQudmVyaWZpZWQgJiYgYmxvY2tPbkZhaWx1cmUpIHtcbiAgICAgICAgICAgICAgICBpZiAob25FcnJvcikge1xuICAgICAgICAgICAgICAgICAgICBvbkVycm9yKHJlc3VsdCwgcmVxLCByZXMpO1xuICAgICAgICAgICAgICAgICAgICByZXR1cm4gcmVzO1xuICAgICAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgICAgIHJldHVybiBvcmlnaW5hbEpzb24oe1xuICAgICAgICAgICAgICAgICAgICBlcnJvcjogJ1Jlc3BvbnNlIHZlcmlmaWNhdGlvbiBmYWlsZWQnLFxuICAgICAgICAgICAgICAgICAgICBjb2RlOiAnUVdFRF9WRVJJRklDQVRJT05fRkFJTEVEJyxcbiAgICAgICAgICAgICAgICAgICAgZGV0YWlsczogcmVzdWx0Lmd1YXJkUmVzdWx0cy5maWx0ZXIoZyA9PiAhZy5wYXNzZWQpLm1hcChnID0+ICh7XG4gICAgICAgICAgICAgICAgICAgICAgICBndWFyZDogZy5ndWFyZE5hbWUsXG4gICAgICAgICAgICAgICAgICAgICAgICBtZXNzYWdlOiBnLm1lc3NhZ2UsXG4gICAgICAgICAgICAgICAgICAgIH0pKSxcbiAgICAgICAgICAgICAgICB9KTtcbiAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgcmV0dXJuIG9yaWdpbmFsSnNvbihib2R5KTtcbiAgICAgICAgfTtcblxuICAgICAgICBuZXh0KCk7XG4gICAgfTtcbn1cblxuLyoqXG4gKiBNaWRkbGV3YXJlIHRvIHZlcmlmeSBpbmNvbWluZyByZXF1ZXN0IGJvZGllcy5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIHZlcmlmeVJlcXVlc3RCb2R5KG9wdGlvbnM6IFFXRURNaWRkbGV3YXJlT3B0aW9ucyA9IHt9KTogUmVxdWVzdEhhbmRsZXIge1xuICAgIGNvbnN0IHtcbiAgICAgICAgZ3VhcmRzID0gW10sXG4gICAgICAgIGJsb2NrT25GYWlsdXJlID0gdHJ1ZSxcbiAgICAgICAgdmVyYm9zZSA9IGZhbHNlLFxuICAgIH0gPSBvcHRpb25zO1xuXG4gICAgY29uc3QgdmVyaWZpZXIgPSBuZXcgUmVzcG9uc2VWZXJpZmllcihndWFyZHMpO1xuXG4gICAgcmV0dXJuIChyZXE6IFJlcXVlc3QsIHJlczogUmVzcG9uc2UsIG5leHQ6IE5leHRGdW5jdGlvbikgPT4ge1xuICAgICAgICBpZiAoIXJlcS5ib2R5KSB7XG4gICAgICAgICAgICByZXR1cm4gbmV4dCgpO1xuICAgICAgICB9XG5cbiAgICAgICAgY29uc3QgcmVzdWx0ID0gdmVyaWZpZXIudmVyaWZ5KHJlcS5ib2R5KTtcblxuICAgICAgICBpZiAodmVyYm9zZSkge1xuICAgICAgICAgICAgY29uc29sZS5sb2coYFtRV0VEXSBSZXF1ZXN0IGJvZHkgJHtyZXEubWV0aG9kfSAke3JlcS5wYXRofSAtPiAke3Jlc3VsdC52ZXJpZmllZCA/ICdQQVNTJyA6ICdGQUlMJ31gKTtcbiAgICAgICAgfVxuXG4gICAgICAgIChyZXEgYXMgYW55KS5fcXdlZFZlcmlmaWNhdGlvbiA9IHJlc3VsdDtcblxuICAgICAgICBpZiAoIXJlc3VsdC52ZXJpZmllZCAmJiBibG9ja09uRmFpbHVyZSkge1xuICAgICAgICAgICAgcmV0dXJuIHJlcy5zdGF0dXMoNDIyKS5qc29uKHtcbiAgICAgICAgICAgICAgICBlcnJvcjogJ1JlcXVlc3QgdmVyaWZpY2F0aW9uIGZhaWxlZCcsXG4gICAgICAgICAgICAgICAgY29kZTogJ1FXRURfUkVRVUVTVF9CTE9DS0VEJyxcbiAgICAgICAgICAgICAgICBkZXRhaWxzOiByZXN1bHQuZ3VhcmRSZXN1bHRzLmZpbHRlcihnID0+ICFnLnBhc3NlZCkubWFwKGcgPT4gKHtcbiAgICAgICAgICAgICAgICAgICAgZ3VhcmQ6IGcuZ3VhcmROYW1lLFxuICAgICAgICAgICAgICAgICAgICBtZXNzYWdlOiBnLm1lc3NhZ2UsXG4gICAgICAgICAgICAgICAgfSkpLFxuICAgICAgICAgICAgfSk7XG4gICAgICAgIH1cblxuICAgICAgICBuZXh0KCk7XG4gICAgfTtcbn1cblxuLyoqXG4gKiBNaWRkbGV3YXJlIHRvIHZlcmlmeSB0b29sIGNhbGxzIGluIEFJIGFnZW50IHJlcXVlc3RzLlxuICovXG5leHBvcnQgZnVuY3Rpb24gdmVyaWZ5VG9vbENhbGxzKG9wdGlvbnM6IFFXRURNaWRkbGV3YXJlT3B0aW9ucyA9IHt9KTogUmVxdWVzdEhhbmRsZXIge1xuICAgIGNvbnN0IHRvb2xHdWFyZCA9IG5ldyBUb29sR3VhcmQoKTtcbiAgICBjb25zdCBndWFyZHMgPSBbdG9vbEd1YXJkLCAuLi4ob3B0aW9ucy5ndWFyZHMgfHwgW10pXTtcblxuICAgIHJldHVybiB2ZXJpZnlSZXF1ZXN0Qm9keSh7IC4uLm9wdGlvbnMsIGd1YXJkcyB9KTtcbn1cblxuLy8gRGVmYXVsdCBleHBvcnRcbmV4cG9ydCBkZWZhdWx0IHtcbiAgICBjcmVhdGVRV0VETWlkZGxld2FyZSxcbiAgICB2ZXJpZnlSZXF1ZXN0Qm9keSxcbiAgICB2ZXJpZnlUb29sQ2FsbHMsXG4gICAgUmVzcG9uc2VWZXJpZmllcixcbiAgICBUb29sR3VhcmQsXG4gICAgU2NoZW1hR3VhcmQsXG4gICAgU2FmZXR5R3VhcmQsXG59O1xuIl19

package/dist/types.d.ts

@@ -0,0 +1,35 @@
+/**
+ * QWED Open Responses - Types
+ */
+export interface GuardResult {
+    guardName: string;
+    passed: boolean;
+    message?: string;
+    details?: Record<string, any>;
+    severity: 'error' | 'warning' | 'info';
+}
+export interface VerificationResult {
+    verified: boolean;
+    response: any;
+    guardsPassed: number;
+    guardsFailed: number;
+    guardResults: GuardResult[];
+    blocked: boolean;
+    blockReason?: string;
+    timestamp: string;
+}
+export interface ToolCall {
+    type?: string;
+    toolName?: string;
+    tool_name?: string;
+    name?: string;
+    arguments?: Record<string, any>;
+}
+export interface ParsedResponse {
+    type?: string;
+    content?: string;
+    output?: any;
+    toolCalls?: ToolCall[];
+    tool_calls?: ToolCall[];
+    [key: string]: any;
+}

package/dist/types.js

@@ -0,0 +1,6 @@
+"use strict";
+/**
+ * QWED Open Responses - Types
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOztHQUVHIiwic291cmNlc0NvbnRlbnQiOlsiLyoqXG4gKiBRV0VEIE9wZW4gUmVzcG9uc2VzIC0gVHlwZXNcbiAqL1xuXG5leHBvcnQgaW50ZXJmYWNlIEd1YXJkUmVzdWx0IHtcbiAgICBndWFyZE5hbWU6IHN0cmluZztcbiAgICBwYXNzZWQ6IGJvb2xlYW47XG4gICAgbWVzc2FnZT86IHN0cmluZztcbiAgICBkZXRhaWxzPzogUmVjb3JkPHN0cmluZywgYW55PjtcbiAgICBzZXZlcml0eTogJ2Vycm9yJyB8ICd3YXJuaW5nJyB8ICdpbmZvJztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBWZXJpZmljYXRpb25SZXN1bHQge1xuICAgIHZlcmlmaWVkOiBib29sZWFuO1xuICAgIHJlc3BvbnNlOiBhbnk7XG4gICAgZ3VhcmRzUGFzc2VkOiBudW1iZXI7XG4gICAgZ3VhcmRzRmFpbGVkOiBudW1iZXI7XG4gICAgZ3VhcmRSZXN1bHRzOiBHdWFyZFJlc3VsdFtdO1xuICAgIGJsb2NrZWQ6IGJvb2xlYW47XG4gICAgYmxvY2tSZWFzb24/OiBzdHJpbmc7XG4gICAgdGltZXN0YW1wOiBzdHJpbmc7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgVG9vbENhbGwge1xuICAgIHR5cGU/OiBzdHJpbmc7XG4gICAgdG9vbE5hbWU/OiBzdHJpbmc7XG4gICAgdG9vbF9uYW1lPzogc3RyaW5nO1xuICAgIG5hbWU/OiBzdHJpbmc7XG4gICAgYXJndW1lbnRzPzogUmVjb3JkPHN0cmluZywgYW55Pjtcbn1cblxuZXhwb3J0IGludGVyZmFjZSBQYXJzZWRSZXNwb25zZSB7XG4gICAgdHlwZT86IHN0cmluZztcbiAgICBjb250ZW50Pzogc3RyaW5nO1xuICAgIG91dHB1dD86IGFueTtcbiAgICB0b29sQ2FsbHM/OiBUb29sQ2FsbFtdO1xuICAgIHRvb2xfY2FsbHM/OiBUb29sQ2FsbFtdO1xuICAgIFtrZXk6IHN0cmluZ106IGFueTtcbn1cbiJdfQ==

package/dist/verifier.d.ts

@@ -0,0 +1,25 @@
+/**
+ * QWED Open Responses - Response Verifier
+ */
+import { BaseGuard } from './guards';
+import { VerificationResult, GuardResult } from './types';
+export { VerificationResult, GuardResult };
+/**
+ * Main verifier for AI responses.
+ */
+export declare class ResponseVerifier {
+    private defaultGuards;
+    private strictMode;
+    constructor(guards?: BaseGuard[], options?: {
+        strictMode?: boolean;
+    });
+    /**
+     * Verify a response against guards.
+     */
+    verify(response: any, guards?: BaseGuard[], context?: Record<string, any>): VerificationResult;
+    /**
+     * Verify a tool call.
+     */
+    verifyToolCall(toolName: string, args: Record<string, any>, guards?: BaseGuard[]): VerificationResult;
+    private parseResponse;
+}

package/dist/verifier.js

@@ -0,0 +1,89 @@
+"use strict";
+/**
+ * QWED Open Responses - Response Verifier
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ResponseVerifier = void 0;
+/**
+ * Main verifier for AI responses.
+ */
+class ResponseVerifier {
+    constructor(guards = [], options = {}) {
+        this.defaultGuards = guards;
+        this.strictMode = options.strictMode ?? true;
+    }
+    /**
+     * Verify a response against guards.
+     */
+    verify(response, guards, context) {
+        const guardsToUse = guards ?? this.defaultGuards;
+        const parsedResponse = this.parseResponse(response);
+        const guardResults = [];
+        let guardsPassed = 0;
+        let guardsFailed = 0;
+        let blocked = false;
+        let blockReason;
+        for (const guard of guardsToUse) {
+            try {
+                const result = guard.check(parsedResponse, context);
+                guardResults.push(result);
+                if (result.passed) {
+                    guardsPassed++;
+                }
+                else {
+                    guardsFailed++;
+                    if (result.severity === 'error' && this.strictMode) {
+                        blocked = true;
+                        blockReason = result.message;
+                    }
+                }
+            }
+            catch (error) {
+                guardResults.push({
+                    guardName: guard.name,
+                    passed: false,
+                    message: `Guard error: ${error instanceof Error ? error.message : String(error)}`,
+                    severity: 'error',
+                });
+                guardsFailed++;
+            }
+        }
+        return {
+            verified: guardsFailed === 0,
+            response: parsedResponse,
+            guardsPassed,
+            guardsFailed,
+            guardResults,
+            blocked,
+            blockReason,
+            timestamp: new Date().toISOString(),
+        };
+    }
+    /**
+     * Verify a tool call.
+     */
+    verifyToolCall(toolName, args, guards) {
+        const toolCall = {
+            type: 'tool_call',
+            toolName,
+            arguments: args,
+        };
+        return this.verify(toolCall, guards);
+    }
+    parseResponse(response) {
+        if (typeof response === 'object' && response !== null) {
+            return response;
+        }
+        if (typeof response === 'string') {
+            try {
+                return JSON.parse(response);
+            }
+            catch {
+                return { type: 'text', content: response };
+            }
+        }
+        return { type: 'unknown', raw: String(response) };
+    }
+}
+exports.ResponseVerifier = ResponseVerifier;
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmVyaWZpZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdmVyaWZpZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBOztHQUVHOzs7QUFRSDs7R0FFRztBQUNILE1BQWEsZ0JBQWdCO0lBSXpCLFlBQVksU0FBc0IsRUFBRSxFQUFFLFVBQW9DLEVBQUU7UUFDeEUsSUFBSSxDQUFDLGFBQWEsR0FBRyxNQUFNLENBQUM7UUFDNUIsSUFBSSxDQUFDLFVBQVUsR0FBRyxPQUFPLENBQUMsVUFBVSxJQUFJLElBQUksQ0FBQztJQUNqRCxDQUFDO0lBRUQ7O09BRUc7SUFDSCxNQUFNLENBQ0YsUUFBYSxFQUNiLE1BQW9CLEVBQ3BCLE9BQTZCO1FBRTdCLE1BQU0sV0FBVyxHQUFHLE1BQU0sSUFBSSxJQUFJLENBQUMsYUFBYSxDQUFDO1FBQ2pELE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7UUFFcEQsTUFBTSxZQUFZLEdBQWtCLEVBQUUsQ0FBQztRQUN2QyxJQUFJLFlBQVksR0FBRyxDQUFDLENBQUM7UUFDckIsSUFBSSxZQUFZLEdBQUcsQ0FBQyxDQUFDO1FBQ3JCLElBQUksT0FBTyxHQUFHLEtBQUssQ0FBQztRQUNwQixJQUFJLFdBQStCLENBQUM7UUFFcEMsS0FBSyxNQUFNLEtBQUssSUFBSSxXQUFXLEVBQUUsQ0FBQztZQUM5QixJQUFJLENBQUM7Z0JBQ0QsTUFBTSxNQUFNLEdBQUcsS0FBSyxDQUFDLEtBQUssQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3BELFlBQVksQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUM7Z0JBRTFCLElBQUksTUFBTSxDQUFDLE1BQU0sRUFBRSxDQUFDO29CQUNoQixZQUFZLEVBQUUsQ0FBQztnQkFDbkIsQ0FBQztxQkFBTSxDQUFDO29CQUNKLFlBQVksRUFBRSxDQUFDO29CQUNmLElBQUksTUFBTSxDQUFDLFFBQVEsS0FBSyxPQUFPLElBQUksSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO3dCQUNqRCxPQUFPLEdBQUcsSUFBSSxDQUFDO3dCQUNmLFdBQVcsR0FBRyxNQUFNLENBQUMsT0FBTyxDQUFDO29CQUNqQyxDQUFDO2dCQUNMLENBQUM7WUFDTCxDQUFDO1lBQUMsT0FBTyxLQUFLLEVBQUUsQ0FBQztnQkFDYixZQUFZLENBQUMsSUFBSSxDQUFDO29CQUNkLFNBQVMsRUFBRSxLQUFLLENBQUMsSUFBSTtvQkFDckIsTUFBTSxFQUFFLEtBQUs7b0JBQ2IsT0FBTyxFQUFFLGdCQUFnQixLQUFLLFlBQVksS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLEVBQUU7b0JBQ2pGLFFBQVEsRUFBRSxPQUFPO2lCQUNwQixDQUFDLENBQUM7Z0JBQ0gsWUFBWSxFQUFFLENBQUM7WUFDbkIsQ0FBQztRQUNMLENBQUM7UUFFRCxPQUFPO1lBQ0gsUUFBUSxFQUFFLFlBQVksS0FBSyxDQUFDO1lBQzVCLFFBQVEsRUFBRSxjQUFjO1lBQ3hCLFlBQVk7WUFDWixZQUFZO1lBQ1osWUFBWTtZQUNaLE9BQU87WUFDUCxXQUFXO1lBQ1gsU0FBUyxFQUFFLElBQUksSUFBSSxFQUFFLENBQUMsV0FBVyxFQUFFO1NBQ3RDLENBQUM7SUFDTixDQUFDO0lBRUQ7O09BRUc7SUFDSCxjQUFjLENBQ1YsUUFBZ0IsRUFDaEIsSUFBeUIsRUFDekIsTUFBb0I7UUFFcEIsTUFBTSxRQUFRLEdBQUc7WUFDYixJQUFJLEVBQUUsV0FBVztZQUNqQixRQUFRO1lBQ1IsU0FBUyxFQUFFLElBQUk7U0FDbEIsQ0FBQztRQUNGLE9BQU8sSUFBSSxDQUFDLE1BQU0sQ0FBQyxRQUFRLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFDekMsQ0FBQztJQUVPLGFBQWEsQ0FBQyxRQUFhO1FBQy9CLElBQUksT0FBTyxRQUFRLEtBQUssUUFBUSxJQUFJLFFBQVEsS0FBSyxJQUFJLEVBQUUsQ0FBQztZQUNwRCxPQUFPLFFBQVEsQ0FBQztRQUNwQixDQUFDO1FBRUQsSUFBSSxPQUFPLFFBQVEsS0FBSyxRQUFRLEVBQUUsQ0FBQztZQUMvQixJQUFJLENBQUM7Z0JBQ0QsT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBQ2hDLENBQUM7WUFBQyxNQUFNLENBQUM7Z0JBQ0wsT0FBTyxFQUFFLElBQUksRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLFFBQVEsRUFBRSxDQUFDO1lBQy9DLENBQUM7UUFDTCxDQUFDO1FBRUQsT0FBTyxFQUFFLElBQUksRUFBRSxTQUFTLEVBQUUsR0FBRyxFQUFFLE1BQU0sQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDO0lBQ3RELENBQUM7Q0FDSjtBQTlGRCw0Q0E4RkMiLCJzb3VyY2VzQ29udGVudCI6WyIvKipcbiAqIFFXRUQgT3BlbiBSZXNwb25zZXMgLSBSZXNwb25zZSBWZXJpZmllclxuICovXG5cbmltcG9ydCB7IEJhc2VHdWFyZCB9IGZyb20gJy4vZ3VhcmRzJztcbmltcG9ydCB7IFZlcmlmaWNhdGlvblJlc3VsdCwgR3VhcmRSZXN1bHQsIFBhcnNlZFJlc3BvbnNlIH0gZnJvbSAnLi90eXBlcyc7XG5cbi8vIFJlLWV4cG9ydCB0eXBlc1xuZXhwb3J0IHsgVmVyaWZpY2F0aW9uUmVzdWx0LCBHdWFyZFJlc3VsdCB9O1xuXG4vKipcbiAqIE1haW4gdmVyaWZpZXIgZm9yIEFJIHJlc3BvbnNlcy5cbiAqL1xuZXhwb3J0IGNsYXNzIFJlc3BvbnNlVmVyaWZpZXIge1xuICAgIHByaXZhdGUgZGVmYXVsdEd1YXJkczogQmFzZUd1YXJkW107XG4gICAgcHJpdmF0ZSBzdHJpY3RNb2RlOiBib29sZWFuO1xuXG4gICAgY29uc3RydWN0b3IoZ3VhcmRzOiBCYXNlR3VhcmRbXSA9IFtdLCBvcHRpb25zOiB7IHN0cmljdE1vZGU/OiBib29sZWFuIH0gPSB7fSkge1xuICAgICAgICB0aGlzLmRlZmF1bHRHdWFyZHMgPSBndWFyZHM7XG4gICAgICAgIHRoaXMuc3RyaWN0TW9kZSA9IG9wdGlvbnMuc3RyaWN0TW9kZSA/PyB0cnVlO1xuICAgIH1cblxuICAgIC8qKlxuICAgICAqIFZlcmlmeSBhIHJlc3BvbnNlIGFnYWluc3QgZ3VhcmRzLlxuICAgICAqL1xuICAgIHZlcmlmeShcbiAgICAgICAgcmVzcG9uc2U6IGFueSxcbiAgICAgICAgZ3VhcmRzPzogQmFzZUd1YXJkW10sXG4gICAgICAgIGNvbnRleHQ/OiBSZWNvcmQ8c3RyaW5nLCBhbnk+XG4gICAgKTogVmVyaWZpY2F0aW9uUmVzdWx0IHtcbiAgICAgICAgY29uc3QgZ3VhcmRzVG9Vc2UgPSBndWFyZHMgPz8gdGhpcy5kZWZhdWx0R3VhcmRzO1xuICAgICAgICBjb25zdCBwYXJzZWRSZXNwb25zZSA9IHRoaXMucGFyc2VSZXNwb25zZShyZXNwb25zZSk7XG5cbiAgICAgICAgY29uc3QgZ3VhcmRSZXN1bHRzOiBHdWFyZFJlc3VsdFtdID0gW107XG4gICAgICAgIGxldCBndWFyZHNQYXNzZWQgPSAwO1xuICAgICAgICBsZXQgZ3VhcmRzRmFpbGVkID0gMDtcbiAgICAgICAgbGV0IGJsb2NrZWQgPSBmYWxzZTtcbiAgICAgICAgbGV0IGJsb2NrUmVhc29uOiBzdHJpbmcgfCB1bmRlZmluZWQ7XG5cbiAgICAgICAgZm9yIChjb25zdCBndWFyZCBvZiBndWFyZHNUb1VzZSkge1xuICAgICAgICAgICAgdHJ5IHtcbiAgICAgICAgICAgICAgICBjb25zdCByZXN1bHQgPSBndWFyZC5jaGVjayhwYXJzZWRSZXNwb25zZSwgY29udGV4dCk7XG4gICAgICAgICAgICAgICAgZ3VhcmRSZXN1bHRzLnB1c2gocmVzdWx0KTtcblxuICAgICAgICAgICAgICAgIGlmIChyZXN1bHQucGFzc2VkKSB7XG4gICAgICAgICAgICAgICAgICAgIGd1YXJkc1Bhc3NlZCsrO1xuICAgICAgICAgICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgICAgICAgICAgIGd1YXJkc0ZhaWxlZCsrO1xuICAgICAgICAgICAgICAgICAgICBpZiAocmVzdWx0LnNldmVyaXR5ID09PSAnZXJyb3InICYmIHRoaXMuc3RyaWN0TW9kZSkge1xuICAgICAgICAgICAgICAgICAgICAgICAgYmxvY2tlZCA9IHRydWU7XG4gICAgICAgICAgICAgICAgICAgICAgICBibG9ja1JlYXNvbiA9IHJlc3VsdC5tZXNzYWdlO1xuICAgICAgICAgICAgICAgICAgICB9XG4gICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHtcbiAgICAgICAgICAgICAgICBndWFyZFJlc3VsdHMucHVzaCh7XG4gICAgICAgICAgICAgICAgICAgIGd1YXJkTmFtZTogZ3VhcmQubmFtZSxcbiAgICAgICAgICAgICAgICAgICAgcGFzc2VkOiBmYWxzZSxcbiAgICAgICAgICAgICAgICAgICAgbWVzc2FnZTogYEd1YXJkIGVycm9yOiAke2Vycm9yIGluc3RhbmNlb2YgRXJyb3IgPyBlcnJvci5tZXNzYWdlIDogU3RyaW5nKGVycm9yKX1gLFxuICAgICAgICAgICAgICAgICAgICBzZXZlcml0eTogJ2Vycm9yJyxcbiAgICAgICAgICAgICAgICB9KTtcbiAgICAgICAgICAgICAgICBndWFyZHNGYWlsZWQrKztcbiAgICAgICAgICAgIH1cbiAgICAgICAgfVxuXG4gICAgICAgIHJldHVybiB7XG4gICAgICAgICAgICB2ZXJpZmllZDogZ3VhcmRzRmFpbGVkID09PSAwLFxuICAgICAgICAgICAgcmVzcG9uc2U6IHBhcnNlZFJlc3BvbnNlLFxuICAgICAgICAgICAgZ3VhcmRzUGFzc2VkLFxuICAgICAgICAgICAgZ3VhcmRzRmFpbGVkLFxuICAgICAgICAgICAgZ3VhcmRSZXN1bHRzLFxuICAgICAgICAgICAgYmxvY2tlZCxcbiAgICAgICAgICAgIGJsb2NrUmVhc29uLFxuICAgICAgICAgICAgdGltZXN0YW1wOiBuZXcgRGF0ZSgpLnRvSVNPU3RyaW5nKCksXG4gICAgICAgIH07XG4gICAgfVxuXG4gICAgLyoqXG4gICAgICogVmVyaWZ5IGEgdG9vbCBjYWxsLlxuICAgICAqL1xuICAgIHZlcmlmeVRvb2xDYWxsKFxuICAgICAgICB0b29sTmFtZTogc3RyaW5nLFxuICAgICAgICBhcmdzOiBSZWNvcmQ8c3RyaW5nLCBhbnk+LFxuICAgICAgICBndWFyZHM/OiBCYXNlR3VhcmRbXVxuICAgICk6IFZlcmlmaWNhdGlvblJlc3VsdCB7XG4gICAgICAgIGNvbnN0IHRvb2xDYWxsID0ge1xuICAgICAgICAgICAgdHlwZTogJ3Rvb2xfY2FsbCcsXG4gICAgICAgICAgICB0b29sTmFtZSxcbiAgICAgICAgICAgIGFyZ3VtZW50czogYXJncyxcbiAgICAgICAgfTtcbiAgICAgICAgcmV0dXJuIHRoaXMudmVyaWZ5KHRvb2xDYWxsLCBndWFyZHMpO1xuICAgIH1cblxuICAgIHByaXZhdGUgcGFyc2VSZXNwb25zZShyZXNwb25zZTogYW55KTogUGFyc2VkUmVzcG9uc2Uge1xuICAgICAgICBpZiAodHlwZW9mIHJlc3BvbnNlID09PSAnb2JqZWN0JyAmJiByZXNwb25zZSAhPT0gbnVsbCkge1xuICAgICAgICAgICAgcmV0dXJuIHJlc3BvbnNlO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKHR5cGVvZiByZXNwb25zZSA9PT0gJ3N0cmluZycpIHtcbiAgICAgICAgICAgIHRyeSB7XG4gICAgICAgICAgICAgICAgcmV0dXJuIEpTT04ucGFyc2UocmVzcG9uc2UpO1xuICAgICAgICAgICAgfSBjYXRjaCB7XG4gICAgICAgICAgICAgICAgcmV0dXJuIHsgdHlwZTogJ3RleHQnLCBjb250ZW50OiByZXNwb25zZSB9O1xuICAgICAgICAgICAgfVxuICAgICAgICB9XG5cbiAgICAgICAgcmV0dXJuIHsgdHlwZTogJ3Vua25vd24nLCByYXc6IFN0cmluZyhyZXNwb25zZSkgfTtcbiAgICB9XG59XG4iXX0=

package/package.json

@@ -0,0 +1,54 @@
+{
+    "name": "qwed-open-responses",
+    "version": "0.1.0",
+    "description": "Verification guards for AI agent outputs - Works with OpenAI, LangChain, Express.js",
+    "main": "dist/index.js",
+    "types": "dist/index.d.ts",
+    "files": [
+        "dist",
+        "README.md",
+        "LICENSE"
+    ],
+    "scripts": {
+        "build": "tsc",
+        "test": "jest",
+        "prepublishOnly": "npm run build"
+    },
+    "keywords": [
+        "ai",
+        "verification",
+        "openai",
+        "responses-api",
+        "agents",
+        "tool-calling",
+        "structured-outputs",
+        "llm",
+        "safety",
+        "express",
+        "middleware",
+        "qwed"
+    ],
+    "author": "QWED-AI <team@qwedai.com>",
+    "license": "Apache-2.0",
+    "repository": {
+        "type": "git",
+        "url": "git+https://github.com/QWED-AI/qwed-open-responses.git"
+    },
+    "bugs": {
+        "url": "https://github.com/QWED-AI/qwed-open-responses/issues"
+    },
+    "homepage": "https://github.com/QWED-AI/qwed-open-responses#readme",
+    "devDependencies": {
+        "@types/express": "^4.17.21",
+        "@types/node": "^20.10.0",
+        "typescript": "^5.3.0",
+        "jest": "^29.7.0",
+        "@types/jest": "^29.5.11"
+    },
+    "peerDependencies": {
+        "express": "^4.18.0 || ^5.0.0"
+    },
+    "engines": {
+        "node": ">=16.0.0"
+    }
+}