sentinelayer-cli 0.1.0

package/src/audit/package.js

@@ -0,0 +1,204 @@
+import fsp from "node:fs/promises";
+import path from "node:path";
+
+function normalizeString(value) {
+  return String(value || "").trim();
+}
+
+function toPosixPath(value) {
+  return String(value || "").replace(/\\/g, "/");
+}
+
+function normalizeRunDirectory(runDirectory) {
+  const normalized = normalizeString(runDirectory);
+  if (!normalized) {
+    throw new Error("runDirectory is required for DD package generation.");
+  }
+  return path.resolve(normalized);
+}
+
+function buildFindingsIndex(report = {}) {
+  const seen = new Set();
+  const indexed = [];
+  for (const agent of report.agentResults || []) {
+    for (const finding of agent.findings || []) {
+      const key = `${toPosixPath(finding.file)}:${finding.line}:${normalizeString(
+        finding.message
+      ).toLowerCase()}`;
+      if (seen.has(key)) {
+        continue;
+      }
+      seen.add(key);
+      indexed.push({
+        findingId: `DD-${String(indexed.length + 1).padStart(4, "0")}`,
+        severity: finding.severity,
+        file: toPosixPath(finding.file),
+        line: finding.line,
+        message: finding.message,
+        ruleId: finding.ruleId || "",
+        suggestedFix: finding.suggestedFix || "",
+        ownerAgentId: agent.agentId,
+      });
+    }
+  }
+  return indexed.slice(0, 500);
+}
+
+function buildExecutiveSummaryMarkdown({ report, manifest, findingsIndex }) {
+  const topFindings = findingsIndex
+    .slice(0, 20)
+    .map((item) => `- [${item.severity}] ${item.file}:${item.line} ${item.message}`)
+    .join("\n");
+
+  return `# DD_EXEC_SUMMARY
+
+Generated: ${manifest.generatedAt}
+Run ID: ${manifest.runId}
+Target: ${manifest.targetPath}
+
+Overall findings:
+- P0=${manifest.summary.P0}
+- P1=${manifest.summary.P1}
+- P2=${manifest.summary.P2}
+- P3=${manifest.summary.P3}
+- Blocking: ${manifest.summary.blocking ? "yes" : "no"}
+
+Agent coverage:
+${(manifest.agents || [])
+  .map(
+    (agent) =>
+      `- ${agent.agentId} (${agent.persona}, ${agent.domain}) findings=${agent.findingCount} status=${agent.status}`
+  )
+  .join("\n")}
+
+Deterministic baseline:
+- Run ID: ${manifest.deterministicBaseline.runId || "n/a"}
+- Summary: P0=${manifest.deterministicBaseline.summary.P0} P1=${manifest.deterministicBaseline.summary.P1} P2=${manifest.deterministicBaseline.summary.P2} P3=${manifest.deterministicBaseline.summary.P3}
+- Report: ${manifest.deterministicBaseline.reportPath || "n/a"}
+
+Top findings index:
+${topFindings || "- none"}
+
+Package artifacts:
+- manifest: ${path.join(report.runDirectory, "DD_PACKAGE_MANIFEST.json")}
+- findings index: ${path.join(report.runDirectory, "DD_FINDINGS_INDEX.json")}
+- executive summary: ${path.join(report.runDirectory, "DD_EXEC_SUMMARY.md")}
+`;
+}
+
+export function buildDdPackageManifest(report = {}) {
+  const findingsIndex = buildFindingsIndex(report);
+  return {
+    schemaVersion: "1.0.0",
+    generatedAt: new Date().toISOString(),
+    runId: report.runId || "",
+    targetPath: report.targetPath || "",
+    runDirectory: report.runDirectory || "",
+    summary: report.summary || { P0: 0, P1: 0, P2: 0, P3: 0, blocking: false },
+    deterministicBaseline: {
+      runId: report.deterministicBaseline?.runId || "",
+      reportPath: report.deterministicBaseline?.reportPath || "",
+      reportJsonPath: report.deterministicBaseline?.reportJsonPath || "",
+      summary: report.deterministicBaseline?.summary || { P0: 0, P1: 0, P2: 0, P3: 0, blocking: false },
+    },
+    ingest: report.ingest || {},
+    agents: (report.agentResults || []).map((agent) => ({
+      agentId: agent.agentId,
+      persona: agent.persona,
+      domain: agent.domain,
+      status: agent.status,
+      findingCount: agent.findingCount,
+      confidence: agent.confidence,
+      artifactPath: agent.artifactPath || "",
+      specialistReportPath: agent.specialistReportPath || "",
+    })),
+    findingsIndexCount: findingsIndex.length,
+  };
+}
+
+export async function writeDdPackage({ report = {}, runDirectory } = {}) {
+  const resolvedRunDirectory = normalizeRunDirectory(runDirectory || report.runDirectory);
+  const manifest = buildDdPackageManifest({
+    ...report,
+    runDirectory: resolvedRunDirectory,
+  });
+  const findingsIndex = buildFindingsIndex({
+    ...report,
+    runDirectory: resolvedRunDirectory,
+  });
+  const manifestPath = path.join(resolvedRunDirectory, "DD_PACKAGE_MANIFEST.json");
+  const findingsIndexPath = path.join(resolvedRunDirectory, "DD_FINDINGS_INDEX.json");
+  const executiveSummaryPath = path.join(resolvedRunDirectory, "DD_EXEC_SUMMARY.md");
+  const executiveSummary = buildExecutiveSummaryMarkdown({
+    report: {
+      ...report,
+      runDirectory: resolvedRunDirectory,
+    },
+    manifest,
+    findingsIndex,
+  });
+
+  await fsp.writeFile(manifestPath, `${JSON.stringify(manifest, null, 2)}\n`, "utf-8");
+  await fsp.writeFile(findingsIndexPath, `${JSON.stringify(findingsIndex, null, 2)}\n`, "utf-8");
+  await fsp.writeFile(executiveSummaryPath, `${executiveSummary.trim()}\n`, "utf-8");
+
+  return {
+    manifest,
+    findingsIndexCount: findingsIndex.length,
+    manifestPath,
+    findingsIndexPath,
+    executiveSummaryPath,
+  };
+}
+
+export async function loadAuditRunReport(runDirectory) {
+  const resolvedRunDirectory = normalizeRunDirectory(runDirectory);
+  const reportPath = path.join(resolvedRunDirectory, "AUDIT_REPORT.json");
+  const raw = await fsp.readFile(reportPath, "utf-8");
+  const report = JSON.parse(raw);
+  return {
+    report,
+    reportPath,
+    runDirectory: resolvedRunDirectory,
+  };
+}
+
+export async function resolveAuditRunDirectory({ outputRoot, runId = "" } = {}) {
+  const normalizedOutputRoot = path.resolve(String(outputRoot || "."));
+  const auditsDirectory = path.join(normalizedOutputRoot, "audits");
+  const requestedRunId = normalizeString(runId);
+
+  if (requestedRunId) {
+    const requestedDirectory = path.join(auditsDirectory, requestedRunId);
+    await fsp.access(path.join(requestedDirectory, "AUDIT_REPORT.json"));
+    return requestedDirectory;
+  }
+
+  const entries = await fsp.readdir(auditsDirectory, { withFileTypes: true });
+  const candidates = entries.filter((entry) => entry.isDirectory()).map((entry) => entry.name);
+  if (candidates.length === 0) {
+    throw new Error("No audit runs found to package.");
+  }
+
+  const withMtime = [];
+  for (const candidate of candidates) {
+    const candidateDirectory = path.join(auditsDirectory, candidate);
+    const reportPath = path.join(candidateDirectory, "AUDIT_REPORT.json");
+    try {
+      const stat = await fsp.stat(reportPath);
+      withMtime.push({
+        candidateDirectory,
+        mtimeMs: stat.mtimeMs,
+      });
+    } catch {
+      // Ignore directories without a report artifact.
+    }
+  }
+
+  if (withMtime.length === 0) {
+    throw new Error("No valid audit run reports found under output root.");
+  }
+
+  withMtime.sort((left, right) => right.mtimeMs - left.mtimeMs);
+  return withMtime[0].candidateDirectory;
+}

package/src/audit/registry.js

@@ -0,0 +1,284 @@
+import fsp from "node:fs/promises";
+import path from "node:path";
+
+const BUILTIN_AUDIT_AGENTS = Object.freeze([
+  {
+    id: "security",
+    persona: "Nina Patel",
+    domain: "Security",
+    tools: ["read", "grep", "dependency-audit"],
+    permissionMode: "plan",
+    maxTurns: 8,
+    confidenceFloor: 0.85,
+    evidenceRequirements: ["file_line_reference", "repro_steps"],
+    escalationTargets: ["release", "architecture"],
+  },
+  {
+    id: "architecture",
+    persona: "Maya Volkov",
+    domain: "Architecture",
+    tools: ["read", "grep", "structure-map"],
+    permissionMode: "plan",
+    maxTurns: 8,
+    confidenceFloor: 0.8,
+    evidenceRequirements: ["component_map", "impact_summary"],
+    escalationTargets: ["security", "performance"],
+  },
+  {
+    id: "performance",
+    persona: "Arjun Mehta",
+    domain: "Performance",
+    tools: ["read", "grep", "profiler-hints"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.8,
+    evidenceRequirements: ["latency_paths", "runtime_assumptions"],
+    escalationTargets: ["architecture", "reliability"],
+  },
+  {
+    id: "compliance",
+    persona: "Leila Farouk",
+    domain: "Compliance",
+    tools: ["read", "grep", "control-map"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.82,
+    evidenceRequirements: ["control_refs", "evidence_paths"],
+    escalationTargets: ["security", "release"],
+  },
+  {
+    id: "frontend",
+    persona: "Jules Tanaka",
+    domain: "Frontend",
+    tools: ["read", "grep", "ui-lint"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.75,
+    evidenceRequirements: ["component_paths", "repro_steps"],
+    escalationTargets: ["testing", "security"],
+  },
+  {
+    id: "data-layer",
+    persona: "Linh Tran",
+    domain: "Data Layer",
+    tools: ["read", "grep", "query-review"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.8,
+    evidenceRequirements: ["query_paths", "risk_evidence"],
+    escalationTargets: ["performance", "security"],
+  },
+  {
+    id: "release",
+    persona: "Omar Singh",
+    domain: "Release Engineering",
+    tools: ["read", "grep", "workflow-review"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.8,
+    evidenceRequirements: ["workflow_refs", "gate_matrix"],
+    escalationTargets: ["security", "reliability"],
+  },
+  {
+    id: "infrastructure",
+    persona: "Kat Hughes",
+    domain: "Infrastructure",
+    tools: ["read", "grep", "infra-lint"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.78,
+    evidenceRequirements: ["infra_paths", "blast_radius"],
+    escalationTargets: ["security", "reliability"],
+  },
+  {
+    id: "reliability",
+    persona: "Noah Ben-David",
+    domain: "Reliability",
+    tools: ["read", "grep", "test-runner"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.78,
+    evidenceRequirements: ["failure_modes", "rollback_plan"],
+    escalationTargets: ["release", "observability"],
+  },
+  {
+    id: "observability",
+    persona: "Sofia Alvarez",
+    domain: "Observability",
+    tools: ["read", "grep", "telemetry-review"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.75,
+    evidenceRequirements: ["signal_inventory", "gaps"],
+    escalationTargets: ["reliability", "release"],
+  },
+  {
+    id: "testing",
+    persona: "Priya Raman",
+    domain: "Testing",
+    tools: ["read", "grep", "test-runner"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.8,
+    evidenceRequirements: ["failing_paths", "coverage_gaps"],
+    escalationTargets: ["frontend", "architecture"],
+  },
+  {
+    id: "supply-chain",
+    persona: "Nora Kline",
+    domain: "Supply Chain",
+    tools: ["read", "grep", "dependency-audit"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.82,
+    evidenceRequirements: ["dependency_refs", "version_risks"],
+    escalationTargets: ["security", "release"],
+  },
+  {
+    id: "code-quality",
+    persona: "Ethan Park",
+    domain: "Code Quality",
+    tools: ["read", "grep", "lint-review"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.75,
+    evidenceRequirements: ["rule_hits", "refactor_candidates"],
+    escalationTargets: ["architecture", "testing"],
+  },
+  {
+    id: "documentation",
+    persona: "Samir Okafor",
+    domain: "Documentation",
+    tools: ["read", "grep", "spec-check"],
+    permissionMode: "plan",
+    maxTurns: 4,
+    confidenceFloor: 0.7,
+    evidenceRequirements: ["doc_paths", "spec_mismatches"],
+    escalationTargets: ["architecture", "release"],
+  },
+  {
+    id: "ai-governance",
+    persona: "Amina Chen",
+    domain: "AI Governance",
+    tools: ["read", "grep", "policy-check"],
+    permissionMode: "plan",
+    maxTurns: 6,
+    confidenceFloor: 0.82,
+    evidenceRequirements: ["budget_controls", "eval_refs"],
+    escalationTargets: ["security", "reliability"],
+  },
+]);
+
+function normalizeString(value) {
+  return String(value || "").trim();
+}
+
+function normalizeAgentId(value) {
+  return normalizeString(value).toLowerCase();
+}
+
+function normalizeAgentRecord(record = {}) {
+  return {
+    id: normalizeAgentId(record.id),
+    persona: normalizeString(record.persona),
+    domain: normalizeString(record.domain),
+    tools: Array.isArray(record.tools) ? record.tools.map((item) => normalizeString(item)).filter(Boolean) : [],
+    permissionMode: normalizeString(record.permissionMode || "plan") || "plan",
+    maxTurns: Math.max(1, Math.floor(Number(record.maxTurns || 1))),
+    confidenceFloor: Math.max(0, Math.min(1, Number(record.confidenceFloor || 0))),
+    evidenceRequirements: Array.isArray(record.evidenceRequirements)
+      ? record.evidenceRequirements.map((item) => normalizeString(item)).filter(Boolean)
+      : [],
+    escalationTargets: Array.isArray(record.escalationTargets)
+      ? record.escalationTargets.map((item) => normalizeAgentId(item)).filter(Boolean)
+      : [],
+  };
+}
+
+function mergeRegistry(builtinAgents = [], overrideAgents = []) {
+  const byId = new Map();
+  for (const builtin of builtinAgents) {
+    byId.set(builtin.id, { ...builtin });
+  }
+  for (const override of overrideAgents) {
+    const normalized = normalizeAgentRecord(override);
+    if (!normalized.id) {
+      continue;
+    }
+    const existing = byId.get(normalized.id) || {};
+    byId.set(normalized.id, {
+      ...existing,
+      ...normalized,
+    });
+  }
+  return [...byId.values()].sort((left, right) => left.id.localeCompare(right.id));
+}
+
+function parseAgentFilter(rawValue) {
+  const normalized = normalizeString(rawValue);
+  if (!normalized) {
+    return [];
+  }
+  return [...new Set(normalized.split(",").map((item) => normalizeAgentId(item)).filter(Boolean))];
+}
+
+export function listBuiltinAuditAgents() {
+  return BUILTIN_AUDIT_AGENTS.map((agent) => ({ ...agent }));
+}
+
+export async function loadAuditRegistry({ registryFile = "" } = {}) {
+  const builtin = listBuiltinAuditAgents();
+  const resolvedRegistryFile = normalizeString(registryFile)
+    ? path.resolve(process.cwd(), registryFile)
+    : "";
+  if (!resolvedRegistryFile) {
+    return {
+      registrySource: "builtin",
+      registryFile: "",
+      agents: builtin,
+    };
+  }
+
+  const raw = await fsp.readFile(resolvedRegistryFile, "utf-8");
+  const parsed = JSON.parse(raw);
+  if (!parsed || typeof parsed !== "object" || !Array.isArray(parsed.agents)) {
+    throw new Error("Invalid audit registry file: expected { agents: [...] }.");
+  }
+
+  const merged = mergeRegistry(builtin, parsed.agents);
+  return {
+    registrySource: "custom",
+    registryFile: resolvedRegistryFile,
+    agents: merged,
+  };
+}
+
+export function selectAuditAgents(agents = [], requested = "") {
+  const requestedIds = parseAgentFilter(requested);
+  if (requestedIds.length === 0) {
+    return {
+      selected: [...agents],
+      requestedIds,
+      missing: [],
+    };
+  }
+
+  const byId = new Map(agents.map((agent) => [agent.id, agent]));
+  const selected = [];
+  const missing = [];
+  for (const id of requestedIds) {
+    const agent = byId.get(id);
+    if (!agent) {
+      missing.push(id);
+      continue;
+    }
+    selected.push(agent);
+  }
+
+  return {
+    selected,
+    requestedIds,
+    missing,
+  };
+}
+

package/src/audit/replay.js

@@ -0,0 +1,103 @@
+import fsp from "node:fs/promises";
+import path from "node:path";
+
+function normalizeString(value) {
+  return String(value || "").trim();
+}
+
+function toPosixPath(value) {
+  return String(value || "").replace(/\\/g, "/");
+}
+
+function fingerprintFinding(finding = {}) {
+  return [
+    normalizeString(finding.severity).toUpperCase(),
+    toPosixPath(finding.file),
+    String(Number(finding.line || 0)),
+    normalizeString(finding.message).toLowerCase(),
+  ].join("|");
+}
+
+function collectFindings(report = {}) {
+  const flattened = [];
+  for (const agent of report.agentResults || []) {
+    for (const finding of agent.findings || []) {
+      flattened.push({
+        severity: normalizeString(finding.severity).toUpperCase(),
+        file: toPosixPath(finding.file),
+        line: Number(finding.line || 0),
+        message: normalizeString(finding.message),
+        ruleId: normalizeString(finding.ruleId),
+        ownerAgentId: agent.agentId,
+      });
+    }
+  }
+  return flattened;
+}
+
+function summaryDelta(base = {}, candidate = {}) {
+  const keys = ["P0", "P1", "P2", "P3"];
+  const delta = {};
+  for (const key of keys) {
+    delta[key] = Number(candidate[key] || 0) - Number(base[key] || 0);
+  }
+  delta.blockingChanged = Boolean(base.blocking) !== Boolean(candidate.blocking);
+  return delta;
+}
+
+export function compareAuditReports(baseReport = {}, candidateReport = {}) {
+  const baseFindings = collectFindings(baseReport);
+  const candidateFindings = collectFindings(candidateReport);
+  const baseByFingerprint = new Map(baseFindings.map((finding) => [fingerprintFinding(finding), finding]));
+  const candidateByFingerprint = new Map(
+    candidateFindings.map((finding) => [fingerprintFinding(finding), finding])
+  );
+
+  const added = [];
+  const removed = [];
+
+  for (const [fingerprint, finding] of candidateByFingerprint.entries()) {
+    if (!baseByFingerprint.has(fingerprint)) {
+      added.push(finding);
+    }
+  }
+  for (const [fingerprint, finding] of baseByFingerprint.entries()) {
+    if (!candidateByFingerprint.has(fingerprint)) {
+      removed.push(finding);
+    }
+  }
+
+  const deterministicEquivalent = added.length === 0 && removed.length === 0;
+  return {
+    schemaVersion: "1.0.0",
+    generatedAt: new Date().toISOString(),
+    baseRunId: normalizeString(baseReport.runId),
+    candidateRunId: normalizeString(candidateReport.runId),
+    baseSummary: baseReport.summary || { P0: 0, P1: 0, P2: 0, P3: 0, blocking: false },
+    candidateSummary: candidateReport.summary || { P0: 0, P1: 0, P2: 0, P3: 0, blocking: false },
+    summaryDelta: summaryDelta(baseReport.summary || {}, candidateReport.summary || {}),
+    baseFindingCount: baseFindings.length,
+    candidateFindingCount: candidateFindings.length,
+    addedCount: added.length,
+    removedCount: removed.length,
+    deterministicEquivalent,
+    added: added.slice(0, 500),
+    removed: removed.slice(0, 500),
+  };
+}
+
+export async function writeAuditComparisonArtifact({
+  baseReport = {},
+  candidateReport = {},
+  outputDirectory = "",
+} = {}) {
+  const resolvedOutputDirectory = path.resolve(String(outputDirectory || "."));
+  const comparison = compareAuditReports(baseReport, candidateReport);
+  const fileName = `AUDIT_COMPARISON_${comparison.baseRunId}_vs_${comparison.candidateRunId}.json`;
+  const outputPath = path.join(resolvedOutputDirectory, fileName);
+  await fsp.writeFile(outputPath, `${JSON.stringify(comparison, null, 2)}\n`, "utf-8");
+  return {
+    comparison,
+    outputPath,
+  };
+}

package/src/auth/http.js

@@ -0,0 +1,113 @@
+import { setTimeout as sleep } from "node:timers/promises";
+
+/**
+ * Default timeout applied to Sentinelayer API requests when no override is provided.
+ * @type {number}
+ */
+export const DEFAULT_REQUEST_TIMEOUT_MS = 20_000;
+
+function normalizeApiError(errorPayload = {}) {
+  if (!errorPayload || typeof errorPayload !== "object" || Array.isArray(errorPayload)) {
+    return {
+      code: "UNKNOWN",
+      message: "Unknown API error",
+      requestId: null,
+    };
+  }
+  return {
+    code: String(errorPayload.code || "UNKNOWN"),
+    message: String(errorPayload.message || "Unknown API error"),
+    requestId: errorPayload.request_id ? String(errorPayload.request_id) : null,
+  };
+}
+
+export class SentinelayerApiError extends Error {
+  /**
+   * @param {string} message
+   * @param {{ status?: number, code?: string, requestId?: string | null }} [options]
+   */
+  constructor(message, { status = 500, code = "UNKNOWN", requestId = null } = {}) {
+    super(String(message || "Sentinelayer API error"));
+    this.name = "SentinelayerApiError";
+    this.status = Number(status || 500);
+    this.code = String(code || "UNKNOWN");
+    this.requestId = requestId ? String(requestId) : null;
+  }
+}
+
+/**
+ * Execute an HTTP request against the Sentinelayer API and parse a JSON response.
+ * Throws `SentinelayerApiError` for transport errors, timeouts, API failures, and invalid JSON.
+ *
+ * @param {string} url
+ * @param {{
+ *   method?: "GET" | "POST" | "PUT" | "PATCH" | "DELETE",
+ *   headers?: Record<string, string>,
+ *   body?: unknown,
+ *   timeoutMs?: number
+ * }} [options]
+ * @returns {Promise<any>}
+ */
+export async function requestJson(
+  url,
+  { method = "GET", headers = {}, body, timeoutMs = DEFAULT_REQUEST_TIMEOUT_MS } = {}
+) {
+  const controller = new AbortController();
+  const timeout = setTimeout(() => controller.abort(), Number(timeoutMs || DEFAULT_REQUEST_TIMEOUT_MS));
+
+  try {
+    const response = await fetch(String(url), {
+      method,
+      headers: {
+        "Content-Type": "application/json",
+        ...headers,
+      },
+      body: body === undefined ? undefined : JSON.stringify(body),
+      signal: controller.signal,
+    });
+
+    const rawBody = await response.text();
+    let json = {};
+    if (rawBody.trim()) {
+      try {
+        json = JSON.parse(rawBody);
+      } catch {
+        throw new SentinelayerApiError("Invalid JSON returned by API.", {
+          status: response.status,
+          code: "INVALID_JSON",
+        });
+      }
+    }
+
+    if (!response.ok) {
+      const apiError = normalizeApiError(json && typeof json === "object" ? json.error : {});
+      throw new SentinelayerApiError(apiError.message, {
+        status: response.status,
+        code: apiError.code,
+        requestId: apiError.requestId,
+      });
+    }
+
+    return json;
+  } catch (error) {
+    if (error instanceof SentinelayerApiError) {
+      throw error;
+    }
+    if (error && typeof error === "object" && error.name === "AbortError") {
+      throw new SentinelayerApiError("Request timed out.", {
+        status: 408,
+        code: "TIMEOUT",
+      });
+    }
+    throw new SentinelayerApiError(
+      error instanceof Error ? error.message : String(error || "Request failed"),
+      {
+        status: 503,
+        code: "NETWORK_ERROR",
+      }
+    );
+  } finally {
+    clearTimeout(timeout);
+    await sleep(0);
+  }
+}