usertrust 0.2.2 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/audit/canonical.d.ts.map +1 -1
- package/dist/audit/canonical.js +11 -0
- package/dist/audit/canonical.js.map +1 -1
- package/dist/audit/chain.d.ts +1 -1
- package/dist/audit/chain.d.ts.map +1 -1
- package/dist/audit/chain.js +104 -57
- package/dist/audit/chain.js.map +1 -1
- package/dist/audit/rotation.d.ts +1 -1
- package/dist/audit/rotation.js +1 -1
- package/dist/audit/verify.d.ts +1 -0
- package/dist/audit/verify.d.ts.map +1 -1
- package/dist/audit/verify.js +13 -3
- package/dist/audit/verify.js.map +1 -1
- package/dist/board/board.d.ts +1 -1
- package/dist/board/board.js +1 -1
- package/dist/detect.d.ts +19 -2
- package/dist/detect.d.ts.map +1 -1
- package/dist/detect.js +7 -2
- package/dist/detect.js.map +1 -1
- package/dist/govern.d.ts +2 -0
- package/dist/govern.d.ts.map +1 -1
- package/dist/govern.js +378 -260
- package/dist/govern.js.map +1 -1
- package/dist/ledger/engine.d.ts +1 -1
- package/dist/ledger/engine.d.ts.map +1 -1
- package/dist/ledger/engine.js +35 -12
- package/dist/ledger/engine.js.map +1 -1
- package/dist/memory/patterns.d.ts +4 -1
- package/dist/memory/patterns.d.ts.map +1 -1
- package/dist/memory/patterns.js +46 -14
- package/dist/memory/patterns.js.map +1 -1
- package/dist/policy/gate.d.ts.map +1 -1
- package/dist/policy/gate.js +38 -6
- package/dist/policy/gate.js.map +1 -1
- package/dist/proxy.d.ts +3 -0
- package/dist/proxy.d.ts.map +1 -1
- package/dist/proxy.js +14 -0
- package/dist/proxy.js.map +1 -1
- package/dist/resilience/scope.d.ts +32 -4
- package/dist/resilience/scope.d.ts.map +1 -1
- package/dist/resilience/scope.js +83 -35
- package/dist/resilience/scope.js.map +1 -1
- package/dist/shared/errors.d.ts +14 -0
- package/dist/shared/errors.d.ts.map +1 -1
- package/dist/shared/errors.js +49 -7
- package/dist/shared/errors.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"canonical.d.ts","sourceRoot":"","sources":["../../src/audit/canonical.ts"],"names":[],"mappings":"AAGA;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"canonical.d.ts","sourceRoot":"","sources":["../../src/audit/canonical.ts"],"names":[],"mappings":"AAGA;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAyBnD"}
|
package/dist/audit/canonical.js
CHANGED
|
@@ -6,6 +6,17 @@
|
|
|
6
6
|
* Strips undefined values. Preserves null. Arrays keep order.
|
|
7
7
|
*/
|
|
8
8
|
export function canonicalize(value) {
|
|
9
|
+
// Guard against values that JSON.stringify silently coerces to "null"
|
|
10
|
+
if (typeof value === "number" && Number.isNaN(value)) {
|
|
11
|
+
throw new Error("canonicalize: NaN is not allowed in audit data");
|
|
12
|
+
}
|
|
13
|
+
if (value === Number.POSITIVE_INFINITY || value === Number.NEGATIVE_INFINITY) {
|
|
14
|
+
throw new Error("canonicalize: Infinity is not allowed in audit data");
|
|
15
|
+
}
|
|
16
|
+
// Convert Date to ISO string to avoid double-quoting divergence
|
|
17
|
+
if (value instanceof Date) {
|
|
18
|
+
return JSON.stringify(value.toISOString());
|
|
19
|
+
}
|
|
9
20
|
if (value === null || value === undefined)
|
|
10
21
|
return JSON.stringify(value);
|
|
11
22
|
if (typeof value !== "object")
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"canonical.js","sourceRoot":"","sources":["../../src/audit/canonical.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;AAEjC;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,KAAc;IAC1C,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACxE,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IAC5D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;IAC3D,CAAC;IACD,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACrC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACxB,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,SAAS;YAAE,SAAS;QACrC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;AAC/B,CAAC"}
|
|
1
|
+
{"version":3,"file":"canonical.js","sourceRoot":"","sources":["../../src/audit/canonical.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;AAEjC;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAAC,KAAc;IAC1C,sEAAsE;IACtE,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;IACnE,CAAC;IACD,IAAI,KAAK,KAAK,MAAM,CAAC,iBAAiB,IAAI,KAAK,KAAK,MAAM,CAAC,iBAAiB,EAAE,CAAC;QAC9E,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACxE,CAAC;IACD,gEAAgE;IAChE,IAAI,KAAK,YAAY,IAAI,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IACxE,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;IAC5D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;IAC3D,CAAC;IACD,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACrC,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACxB,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,SAAS;YAAE,SAAS;QACrC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC;IAChE,CAAC;IACD,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;AAC/B,CAAC"}
|
package/dist/audit/chain.d.ts
CHANGED
|
@@ -14,7 +14,7 @@ export interface AuditWriter {
|
|
|
14
14
|
/**
|
|
15
15
|
* Create an audit writer instance for the given vault path.
|
|
16
16
|
*
|
|
17
|
-
* The writer appends events to `<vaultPath>/.
|
|
17
|
+
* The writer appends events to `<vaultPath>/.usertrust/audit/events.jsonl`.
|
|
18
18
|
* Each event's SHA-256 hash covers the previous event's hash, creating a
|
|
19
19
|
* tamper-evident chain. The first event chains from GENESIS_HASH.
|
|
20
20
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"chain.d.ts","sourceRoot":"","sources":["../../src/audit/chain.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"chain.d.ts","sourceRoot":"","sources":["../../src/audit/chain.ts"],"names":[],"mappings":"AAyBA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAKrD,MAAM,WAAW,gBAAgB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC9B;AAED,MAAM,WAAW,WAAW;IAC3B,WAAW,CAAC,KAAK,EAAE,gBAAgB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAC1D,gBAAgB,IAAI,MAAM,CAAC;IAC3B,UAAU,IAAI,OAAO,CAAC;IACtB,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,OAAO,IAAI,IAAI,CAAC;CAChB;AAmQD;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,WAAW,CAyGhE"}
|
package/dist/audit/chain.js
CHANGED
|
@@ -7,7 +7,8 @@
|
|
|
7
7
|
* the previous event's hash, creating a tamper-evident chain. Single-writer
|
|
8
8
|
* semantics are enforced via advisory file lock + in-process async mutex.
|
|
9
9
|
*/
|
|
10
|
-
import { createHash, randomUUID } from "node:crypto";
|
|
10
|
+
import { createHash, createHmac, randomUUID } from "node:crypto";
|
|
11
|
+
import { constants as fsConstants } from "node:fs";
|
|
11
12
|
import { closeSync, existsSync, fsyncSync, mkdirSync, openSync, readFileSync, unlinkSync, writeSync, } from "node:fs";
|
|
12
13
|
import { dirname, join } from "node:path";
|
|
13
14
|
import { GENESIS_HASH, VAULT_DIR } from "../shared/constants.js";
|
|
@@ -34,72 +35,114 @@ class AsyncMutex {
|
|
|
34
35
|
}
|
|
35
36
|
}
|
|
36
37
|
// ── Advisory Lock ──
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
38
|
+
/**
|
|
39
|
+
* Check if a lock file is stale (held by a dead process).
|
|
40
|
+
* Returns true if stale and cleaned up, false if held by a live process.
|
|
41
|
+
* Throws if the lock is actively held.
|
|
42
|
+
*/
|
|
43
|
+
function tryCleanStaleLock(candidateLockPath) {
|
|
44
|
+
try {
|
|
45
|
+
const content = readFileSync(candidateLockPath, "utf-8");
|
|
46
|
+
const lockData = JSON.parse(content);
|
|
47
|
+
if (lockData.pid === process.pid) {
|
|
48
|
+
console.warn(`[AUDIT] Reclaiming stale same-PID lock (PID ${process.pid}). Previous process exited without releasing the lock.`);
|
|
49
|
+
unlinkSync(candidateLockPath);
|
|
50
|
+
return true;
|
|
51
|
+
}
|
|
43
52
|
try {
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
53
|
+
process.kill(lockData.pid, 0);
|
|
54
|
+
// Process is alive — lock is held
|
|
55
|
+
throw new Error(`Audit writer lock held by PID ${lockData.pid}. Only one process may write to the audit log. Lock file: ${candidateLockPath}`);
|
|
56
|
+
}
|
|
57
|
+
catch (killErr) {
|
|
58
|
+
if (killErr instanceof Error && "code" in killErr) {
|
|
59
|
+
const code = killErr.code;
|
|
60
|
+
if (code === "ESRCH") {
|
|
61
|
+
// Process is dead — stale lock
|
|
62
|
+
unlinkSync(candidateLockPath);
|
|
63
|
+
return true;
|
|
54
64
|
}
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
const code = killErr.code;
|
|
58
|
-
if (code === "ESRCH") {
|
|
59
|
-
unlinkSync(candidateLockPath);
|
|
60
|
-
}
|
|
61
|
-
else if (code === "EPERM") {
|
|
62
|
-
throw new Error(`Audit writer lock held by PID ${lockData.pid}. Only one process may write to the audit log. Lock file: ${candidateLockPath}`);
|
|
63
|
-
}
|
|
64
|
-
else {
|
|
65
|
-
throw killErr;
|
|
66
|
-
}
|
|
67
|
-
}
|
|
68
|
-
else {
|
|
69
|
-
throw killErr;
|
|
70
|
-
}
|
|
65
|
+
if (code === "EPERM") {
|
|
66
|
+
throw new Error(`Audit writer lock held by PID ${lockData.pid}. Only one process may write to the audit log. Lock file: ${candidateLockPath}`);
|
|
71
67
|
}
|
|
72
68
|
}
|
|
69
|
+
throw killErr;
|
|
73
70
|
}
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
/* best effort */
|
|
83
|
-
}
|
|
71
|
+
}
|
|
72
|
+
catch (parseErr) {
|
|
73
|
+
if (parseErr instanceof Error && parseErr.message.includes("Audit writer lock held")) {
|
|
74
|
+
throw parseErr;
|
|
75
|
+
}
|
|
76
|
+
// Corrupt lock file — remove it
|
|
77
|
+
try {
|
|
78
|
+
unlinkSync(candidateLockPath);
|
|
84
79
|
}
|
|
80
|
+
catch {
|
|
81
|
+
/* best effort */
|
|
82
|
+
}
|
|
83
|
+
return true;
|
|
85
84
|
}
|
|
86
|
-
|
|
85
|
+
}
|
|
86
|
+
function acquireProcessLock(logPath, locksByDir) {
|
|
87
|
+
const dir = dirname(logPath);
|
|
88
|
+
if (locksByDir.has(dir))
|
|
89
|
+
return;
|
|
90
|
+
const candidateLockPath = `${dir}/.audit-writer.lock`;
|
|
91
|
+
// AUD-458: Use O_WRONLY | O_CREAT | O_EXCL atomically instead of existsSync + openSync('wx').
|
|
92
|
+
// This eliminates the TOCTOU race where two processes both detect a stale lock,
|
|
93
|
+
// both unlink, and both try to create — one gets EEXIST.
|
|
87
94
|
const lockContent = JSON.stringify({
|
|
88
95
|
pid: process.pid,
|
|
89
96
|
startedAt: new Date().toISOString(),
|
|
90
97
|
});
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
}
|
|
95
|
-
function releaseLocks(locksByDir) {
|
|
96
|
-
for (const [dir, lock] of locksByDir) {
|
|
98
|
+
// First attempt: atomic exclusive create
|
|
99
|
+
try {
|
|
100
|
+
const fd = openSync(candidateLockPath, fsConstants.O_WRONLY | fsConstants.O_CREAT | fsConstants.O_EXCL, 0o600);
|
|
97
101
|
try {
|
|
98
|
-
|
|
102
|
+
writeSync(fd, lockContent);
|
|
103
|
+
fsyncSync(fd);
|
|
99
104
|
}
|
|
100
|
-
|
|
101
|
-
|
|
105
|
+
finally {
|
|
106
|
+
// AUD-459: Close fd immediately — lock semantics rely on file existence, not open fd
|
|
107
|
+
closeSync(fd);
|
|
102
108
|
}
|
|
109
|
+
locksByDir.set(dir, { path: candidateLockPath });
|
|
110
|
+
return;
|
|
111
|
+
}
|
|
112
|
+
catch (err) {
|
|
113
|
+
if (!(err instanceof Error && "code" in err && err.code === "EEXIST")) {
|
|
114
|
+
throw err;
|
|
115
|
+
}
|
|
116
|
+
// File exists — check if stale
|
|
117
|
+
}
|
|
118
|
+
// Lock file exists — check if it's stale and clean up if so
|
|
119
|
+
tryCleanStaleLock(candidateLockPath);
|
|
120
|
+
// Second attempt after stale lock cleanup. If another process raced us and
|
|
121
|
+
// already re-created the lock, EEXIST here means they won — report as held.
|
|
122
|
+
try {
|
|
123
|
+
const fd = openSync(candidateLockPath, fsConstants.O_WRONLY | fsConstants.O_CREAT | fsConstants.O_EXCL, 0o600);
|
|
124
|
+
try {
|
|
125
|
+
writeSync(fd, lockContent);
|
|
126
|
+
fsyncSync(fd);
|
|
127
|
+
}
|
|
128
|
+
finally {
|
|
129
|
+
closeSync(fd);
|
|
130
|
+
}
|
|
131
|
+
locksByDir.set(dir, { path: candidateLockPath });
|
|
132
|
+
}
|
|
133
|
+
catch (retryErr) {
|
|
134
|
+
if (retryErr instanceof Error &&
|
|
135
|
+
"code" in retryErr &&
|
|
136
|
+
retryErr.code === "EEXIST") {
|
|
137
|
+
throw new Error(`Audit writer lock acquired by another process during stale lock cleanup. Lock file: ${candidateLockPath}`);
|
|
138
|
+
}
|
|
139
|
+
throw retryErr;
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
// AUD-459: fd is closed immediately after writing PID content.
|
|
143
|
+
// releaseLocks only needs to unlink the file — no fd to close.
|
|
144
|
+
function releaseLocks(locksByDir) {
|
|
145
|
+
for (const [dir, lock] of locksByDir) {
|
|
103
146
|
try {
|
|
104
147
|
unlinkSync(lock.path);
|
|
105
148
|
}
|
|
@@ -159,12 +202,16 @@ function writeDeadLetter(vaultPath, entry) {
|
|
|
159
202
|
try {
|
|
160
203
|
const dlqDir = join(vaultPath, VAULT_DIR, "dlq");
|
|
161
204
|
if (!existsSync(dlqDir)) {
|
|
162
|
-
mkdirSync(dlqDir, { recursive: true });
|
|
205
|
+
mkdirSync(dlqDir, { recursive: true, mode: 0o700 });
|
|
163
206
|
}
|
|
207
|
+
// AUD-469: Compute HMAC over the entry for integrity protection
|
|
208
|
+
const key = createHash("sha256").update(`dlq-integrity:${vaultPath}`).digest("hex");
|
|
209
|
+
const hmac = createHmac("sha256", key).update(JSON.stringify(entry)).digest("hex");
|
|
210
|
+
const sealed = { ...entry, hmac };
|
|
164
211
|
const dlqPath = join(dlqDir, "dead-letters.jsonl");
|
|
165
|
-
const fd = openSync(dlqPath, "a");
|
|
212
|
+
const fd = openSync(dlqPath, "a", 0o600);
|
|
166
213
|
try {
|
|
167
|
-
writeSync(fd, `${JSON.stringify(
|
|
214
|
+
writeSync(fd, `${JSON.stringify(sealed)}\n`);
|
|
168
215
|
fsyncSync(fd);
|
|
169
216
|
}
|
|
170
217
|
finally {
|
|
@@ -180,7 +227,7 @@ function writeDeadLetter(vaultPath, entry) {
|
|
|
180
227
|
/**
|
|
181
228
|
* Create an audit writer instance for the given vault path.
|
|
182
229
|
*
|
|
183
|
-
* The writer appends events to `<vaultPath>/.
|
|
230
|
+
* The writer appends events to `<vaultPath>/.usertrust/audit/events.jsonl`.
|
|
184
231
|
* Each event's SHA-256 hash covers the previous event's hash, creating a
|
|
185
232
|
* tamper-evident chain. The first event chains from GENESIS_HASH.
|
|
186
233
|
*/
|
package/dist/audit/chain.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"chain.js","sourceRoot":"","sources":["../../src/audit/chain.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;AAEjC;;;;;;GAMG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"chain.js","sourceRoot":"","sources":["../../src/audit/chain.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;AAEjC;;;;;;GAMG;AAEH,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,EAAE,SAAS,IAAI,WAAW,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EACN,SAAS,EACT,UAAU,EACV,SAAS,EACT,SAAS,EACT,QAAQ,EACR,YAAY,EACZ,UAAU,EACV,SAAS,GACT,MAAM,SAAS,CAAC;AACjB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAEjE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAkB9C,mBAAmB;AAEnB;;;;;;GAMG;AACH,MAAM,UAAU;IACP,KAAK,GAAkB,OAAO,CAAC,OAAO,EAAE,CAAC;IAEjD,KAAK,CAAC,OAAO;QACZ,IAAI,OAAiC,CAAC;QACtC,MAAM,IAAI,GAAG,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;YAC1C,OAAO,GAAG,OAAO,CAAC;QACnB,CAAC,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC;QACxB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,MAAM,IAAI,CAAC;QACX,OAAO,OAAqB,CAAC;IAC9B,CAAC;CACD;AAED,sBAAsB;AAEtB;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,iBAAyB;IACnD,IAAI,CAAC;QACJ,MAAM,OAAO,GAAG,YAAY,CAAC,iBAAiB,EAAE,OAAO,CAAC,CAAC;QACzD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAoB,CAAC;QACxD,IAAI,QAAQ,CAAC,GAAG,KAAK,OAAO,CAAC,GAAG,EAAE,CAAC;YAClC,OAAO,CAAC,IAAI,CACX,+CAA+C,OAAO,CAAC,GAAG,wDAAwD,CAClH,CAAC;YACF,UAAU,CAAC,iBAAiB,CAAC,CAAC;YAC9B,OAAO,IAAI,CAAC;QACb,CAAC;QACD,IAAI,CAAC;YACJ,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YAC9B,kCAAkC;YAClC,MAAM,IAAI,KAAK,CACd,iCAAiC,QAAQ,CAAC,GAAG,6DAA6D,iBAAiB,EAAE,CAC7H,CAAC;QACH,CAAC;QAAC,OAAO,OAAgB,EAAE,CAAC;YAC3B,IAAI,OAAO,YAAY,KAAK,IAAI,MAAM,IAAI,OAAO,EAAE,CAAC;gBACnD,MAAM,IAAI,GAAI,OAA6B,CAAC,IAAI,CAAC;gBACjD,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;oBACtB,+BAA+B;oBAC/B,UAAU,CAAC,iBAAiB,CAAC,CAAC;oBAC9B,OAAO,IAAI,CAAC;gBACb,CAAC;gBACD,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;oBACtB,MAAM,IAAI,KAAK,CACd,iCAAiC,QAAQ,CAAC,GAAG,6DAA6D,iBAAiB,EAAE,CAC7H,CAAC;gBACH,CAAC;YACF,CAAC;YACD,MAAM,OAAO,CAAC;QACf,CAAC;IACF,CAAC;IAAC,OAAO,QAAQ,EAAE,CAAC;QACnB,IAAI,QAAQ,YAAY,KAAK,IAAI,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE,CAAC;YACtF,MAAM,QAAQ,CAAC;QAChB,CAAC;QACD,gCAAgC;QAChC,IAAI,CAAC;YACJ,UAAU,CAAC,iBAAiB,CAAC,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;YACR,iBAAiB;QAClB,CAAC;QACD,OAAO,IAAI,CAAC;IACb,CAAC;AACF,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAe,EAAE,UAAyC;IACrF,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7B,IAAI,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO;IAEhC,MAAM,iBAAiB,GAAG,GAAG,GAAG,qBAAqB,CAAC;IAEtD,8FAA8F;IAC9F,gFAAgF;IAChF,yDAAyD;IACzD,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC;QAClC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACnC,CAAC,CAAC;IAEH,yCAAyC;IACzC,IAAI,CAAC;QACJ,MAAM,EAAE,GAAG,QAAQ,CAClB,iBAAiB,EACjB,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,OAAO,GAAG,WAAW,CAAC,MAAM,EAC/D,KAAK,CACL,CAAC;QACF,IAAI,CAAC;YACJ,SAAS,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC;YAC3B,SAAS,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;gBAAS,CAAC;YACV,qFAAqF;YACrF,SAAS,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;QACD,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAC;QACjD,OAAO;IACR,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACvB,IAAI,CAAC,CAAC,GAAG,YAAY,KAAK,IAAI,MAAM,IAAI,GAAG,IAAK,GAAyB,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;YAC9F,MAAM,GAAG,CAAC;QACX,CAAC;QACD,+BAA+B;IAChC,CAAC;IAED,4DAA4D;IAC5D,iBAAiB,CAAC,iBAAiB,CAAC,CAAC;IAErC,2EAA2E;IAC3E,4EAA4E;IAC5E,IAAI,CAAC;QACJ,MAAM,EAAE,GAAG,QAAQ,CAClB,iBAAiB,EACjB,WAAW,CAAC,QAAQ,GAAG,WAAW,CAAC,OAAO,GAAG,WAAW,CAAC,MAAM,EAC/D,KAAK,CACL,CAAC;QACF,IAAI,CAAC;YACJ,SAAS,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC;YAC3B,SAAS,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;gBAAS,CAAC;YACV,SAAS,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;QACD,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,QAAiB,EAAE,CAAC;QAC5B,IACC,QAAQ,YAAY,KAAK;YACzB,MAAM,IAAI,QAAQ;YACjB,QAA8B,CAAC,IAAI,KAAK,QAAQ,EAChD,CAAC;YACF,MAAM,IAAI,KAAK,CACd,uFAAuF,iBAAiB,EAAE,CAC1G,CAAC;QACH,CAAC;QACD,MAAM,QAAQ,CAAC;IAChB,CAAC;AACF,CAAC;AAED,+DAA+D;AAC/D,+DAA+D;AAC/D,SAAS,YAAY,CAAC,UAAyC;IAC9D,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,UAAU,EAAE,CAAC;QACtC,IAAI,CAAC;YACJ,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;QAAC,MAAM,CAAC;YACR,qBAAqB;QACtB,CAAC;QACD,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;AACF,CAAC;AASD,SAAS,YAAY,CAAC,OAAe,EAAE,KAA8B;IACpE,MAAM,MAAM,GAAG,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAClC,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IACtD,IAAI,CAAC,OAAO,EAAE,CAAC;QACd,MAAM,QAAQ,GAAG,GAAG,OAAO,OAAO,CAAC;QACnC,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACJ,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAGtD,CAAC;gBACF,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACzD,CAAC;YAAC,MAAM,CAAC;gBACR,yBAAyB;YAC1B,CAAC;QACF,CAAC;QACD,OAAO,IAAI,CAAC;IACb,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACzC,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,IAAI,CAAC;QACJ,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAuC,CAAC;QACzE,MAAM,QAAQ,GAAG,OAAO,KAAK,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;QACpF,MAAM,IAAI,GAAe,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC;QACxD,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACzB,OAAO,IAAI,CAAC;IACb,CAAC;IAAC,MAAM,CAAC;QACR,MAAM,QAAQ,GAAG,GAAG,OAAO,OAAO,CAAC;QACnC,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACJ,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAGtD,CAAC;gBACF,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACzD,CAAC;YAAC,MAAM,CAAC;gBACR,yBAAyB;YAC1B,CAAC;QACF,CAAC;QACD,OAAO,IAAI,CAAC;IACb,CAAC;AACF,CAAC;AAED,mBAAmB;AAEnB,SAAS,eAAe,CACvB,SAAiB,EACjB,KAOC;IAED,IAAI,CAAC;QACJ,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACzB,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;QACrD,CAAC;QAED,gEAAgE;QAChE,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,iBAAiB,SAAS,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACpF,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACnF,MAAM,MAAM,GAAG,EAAE,GAAG,KAAK,EAAE,IAAI,EAAE,CAAC;QAElC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC;QACnD,MAAM,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC;YACJ,SAAS,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YAC7C,SAAS,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;gBAAS,CAAC;YACV,SAAS,CAAC,EAAE,CAAC,CAAC;QACf,CAAC;IACF,CAAC;IAAC,MAAM,CAAC;QACR,2DAA2D;QAC3D,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;IAC1D,CAAC;AACF,CAAC;AAED,gBAAgB;AAEhB;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAAiB;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IACrD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3B,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;IAE/C,MAAM,KAAK,GAAG,IAAI,UAAU,EAAE,CAAC;IAC/B,MAAM,cAAc,GAAG,IAAI,GAAG,EAAsB,CAAC;IACrD,MAAM,UAAU,GAAG,IAAI,GAAG,EAA4B,CAAC;IACvD,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,aAAa,GAAG,CAAC,CAAC;IAEtB,KAAK,UAAU,WAAW,CAAC,KAAuB;QACjD,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;QACtC,IAAI,CAAC;YACJ,kBAAkB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YAExC,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;YACnD,MAAM,YAAY,GAAG,IAAI,EAAE,IAAI,IAAI,YAAY,CAAC;YAChD,MAAM,QAAQ,GAAG,CAAC,IAAI,EAAE,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAE3C,MAAM,KAAK,GAAoD;gBAC9D,EAAE,EAAE,UAAU,EAAE;gBAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,YAAY;gBACZ,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,QAAQ;aACR,CAAC;YAEF,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;YACtC,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAElE,MAAM,SAAS,GAAsC;gBACpD,GAAG,KAAK;gBACR,IAAI;aACJ,CAAC;YAEF,MAAM,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YAClC,IAAI,CAAC;gBACJ,SAAS,CAAC,EAAE,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;gBAChD,SAAS,CAAC,EAAE,CAAC,CAAC;YACf,CAAC;oBAAS,CAAC;gBACV,SAAS,CAAC,EAAE,CAAC,CAAC;YACf,CAAC;YACD,cAAc,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;YAEhD,kEAAkE;YAClE,MAAM,QAAQ,GAAG,GAAG,OAAO,OAAO,CAAC;YACnC,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YACvC,IAAI,CAAC;gBACJ,SAAS,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAChE,SAAS,CAAC,MAAM,CAAC,CAAC;YACnB,CAAC;oBAAS,CAAC;gBACV,SAAS,CAAC,MAAM,CAAC,CAAC;YACnB,CAAC;YAED,OAAO,SAAS,CAAC;QAClB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,QAAQ,GAAG,IAAI,CAAC;YAChB,aAAa,EAAE,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,6CAA6C,EAAE;gBAC3D,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;aACvD,CAAC,CAAC;YACH,eAAe,CAAC,SAAS,EAAE;gBAC1B,MAAM,EAAE,yBAAyB;gBACjC,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;gBACvD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACnC,CAAC,CAAC;YACH,MAAM,GAAG,CAAC;QACX,CAAC;gBAAS,CAAC;YACV,OAAO,EAAE,CAAC;QACX,CAAC;IACF,CAAC;IAED,SAAS,gBAAgB;QACxB,OAAO,aAAa,CAAC;IACtB,CAAC;IAED,SAAS,YAAY;QACpB,OAAO,QAAQ,CAAC;IACjB,CAAC;IAED,KAAK,UAAU,KAAK;QACnB,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,OAAO,EAAE,CAAC;QACtC,OAAO,EAAE,CAAC;IACX,CAAC;IAED,SAAS,aAAa;QACrB,cAAc,CAAC,KAAK,EAAE,CAAC;QACvB,YAAY,CAAC,UAAU,CAAC,CAAC;QACzB,QAAQ,GAAG,KAAK,CAAC;QACjB,aAAa,GAAG,CAAC,CAAC;IACnB,CAAC;IAED,OAAO;QACN,WAAW;QACX,gBAAgB;QAChB,UAAU,EAAE,YAAY;QACxB,KAAK;QACL,OAAO,EAAE,aAAa;KACtB,CAAC;AACH,CAAC"}
|
package/dist/audit/rotation.d.ts
CHANGED
|
@@ -25,7 +25,7 @@ export interface IndexEntry {
|
|
|
25
25
|
/**
|
|
26
26
|
* Write an audit receipt to the daily-rotated directory structure.
|
|
27
27
|
*
|
|
28
|
-
* @param vaultPath - Root vault directory (parent of .
|
|
28
|
+
* @param vaultPath - Root vault directory (parent of .usertrust/)
|
|
29
29
|
* @param input - Receipt data to write
|
|
30
30
|
* @param indexLimit - Maximum index entries (default: 10000)
|
|
31
31
|
* @returns The written receipt, or undefined if the write failed
|
package/dist/audit/rotation.js
CHANGED
|
@@ -48,7 +48,7 @@ function updateIndex(auditRoot, entry, indexLimit) {
|
|
|
48
48
|
/**
|
|
49
49
|
* Write an audit receipt to the daily-rotated directory structure.
|
|
50
50
|
*
|
|
51
|
-
* @param vaultPath - Root vault directory (parent of .
|
|
51
|
+
* @param vaultPath - Root vault directory (parent of .usertrust/)
|
|
52
52
|
* @param input - Receipt data to write
|
|
53
53
|
* @param indexLimit - Maximum index entries (default: 10000)
|
|
54
54
|
* @returns The written receipt, or undefined if the write failed
|
package/dist/audit/verify.d.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/audit/verify.ts"],"names":[],"mappings":"AAkBA,MAAM,WAAW,uBAAuB;IACvC,KAAK,EAAE,OAAO,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACnB;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,uBAAuB,
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/audit/verify.ts"],"names":[],"mappings":"AAkBA,MAAM,WAAW,uBAAuB;IACvC,KAAK,EAAE,OAAO,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACnB;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,uBAAuB,CAiFpE"}
|
package/dist/audit/verify.js
CHANGED
|
@@ -19,6 +19,7 @@ export function verifyChain(logPath) {
|
|
|
19
19
|
valid: true,
|
|
20
20
|
eventsVerified: 0,
|
|
21
21
|
errors: [],
|
|
22
|
+
skipped: 0,
|
|
22
23
|
latestHash: GENESIS_HASH,
|
|
23
24
|
verifiedAt: new Date().toISOString(),
|
|
24
25
|
};
|
|
@@ -29,6 +30,7 @@ export function verifyChain(logPath) {
|
|
|
29
30
|
valid: true,
|
|
30
31
|
eventsVerified: 0,
|
|
31
32
|
errors: [],
|
|
33
|
+
skipped: 0,
|
|
32
34
|
latestHash: GENESIS_HASH,
|
|
33
35
|
verifiedAt: new Date().toISOString(),
|
|
34
36
|
};
|
|
@@ -36,15 +38,22 @@ export function verifyChain(logPath) {
|
|
|
36
38
|
const lines = content.split("\n").filter((l) => l.trim());
|
|
37
39
|
let expectedPreviousHash = GENESIS_HASH;
|
|
38
40
|
let latestHash = GENESIS_HASH;
|
|
41
|
+
let skipped = 0;
|
|
39
42
|
for (let i = 0; i < lines.length; i++) {
|
|
40
43
|
const line = lines[i];
|
|
41
44
|
let event;
|
|
42
45
|
try {
|
|
43
46
|
event = JSON.parse(line);
|
|
44
47
|
}
|
|
45
|
-
catch (
|
|
46
|
-
errors.push(
|
|
47
|
-
|
|
48
|
+
catch (_parseErr) {
|
|
49
|
+
errors.push(JSON.stringify({
|
|
50
|
+
line: i + 1,
|
|
51
|
+
error: "malformed JSON",
|
|
52
|
+
raw: line.substring(0, 100),
|
|
53
|
+
}));
|
|
54
|
+
// Do NOT reset expectedPreviousHash — skip the corrupt line
|
|
55
|
+
// so subsequent intact events can still verify against the chain
|
|
56
|
+
skipped++;
|
|
48
57
|
continue;
|
|
49
58
|
}
|
|
50
59
|
if (event.previousHash !== expectedPreviousHash) {
|
|
@@ -65,6 +74,7 @@ export function verifyChain(logPath) {
|
|
|
65
74
|
valid: errors.length === 0,
|
|
66
75
|
eventsVerified: lines.length,
|
|
67
76
|
errors,
|
|
77
|
+
skipped,
|
|
68
78
|
latestHash,
|
|
69
79
|
verifiedAt: new Date().toISOString(),
|
|
70
80
|
};
|
package/dist/audit/verify.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/audit/verify.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;AAEjC;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAEtD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../src/audit/verify.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;AAEjC;;;;;;;GAOG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAEtD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAW9C,MAAM,UAAU,WAAW,CAAC,OAAe;IAC1C,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1B,OAAO;YACN,KAAK,EAAE,IAAI;YACX,cAAc,EAAE,CAAC;YACjB,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,CAAC;YACV,UAAU,EAAE,YAAY;YACxB,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;IACtD,IAAI,CAAC,OAAO,EAAE,CAAC;QACd,OAAO;YACN,KAAK,EAAE,IAAI;YACX,cAAc,EAAE,CAAC;YACjB,MAAM,EAAE,EAAE;YACV,OAAO,EAAE,CAAC;YACV,UAAU,EAAE,YAAY;YACxB,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAC1D,IAAI,oBAAoB,GAAG,YAAY,CAAC;IACxC,IAAI,UAAU,GAAG,YAAY,CAAC;IAC9B,IAAI,OAAO,GAAG,CAAC,CAAC;IAEhB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAW,CAAC;QAEhC,IAAI,KAAiB,CAAC;QACtB,IAAI,CAAC;YACJ,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAe,CAAC;QACxC,CAAC;QAAC,OAAO,SAAS,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CACV,IAAI,CAAC,SAAS,CAAC;gBACd,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,KAAK,EAAE,gBAAgB;gBACvB,GAAG,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;aAC3B,CAAC,CACF,CAAC;YACF,4DAA4D;YAC5D,iEAAiE;YACjE,OAAO,EAAE,CAAC;YACV,SAAS;QACV,CAAC;QAED,IAAI,KAAK,CAAC,YAAY,KAAK,oBAAoB,EAAE,CAAC;YACjD,MAAM,CAAC,IAAI,CACV,SAAS,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,EAAE,4BAA4B;gBACtD,YAAY,oBAAoB,SAAS,KAAK,CAAC,YAAY,EAAE,CAC9D,CAAC;QACH,CAAC;QAED,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,gBAAgB,EAAE,GAAG,KAAK,CAAC;QACxD,MAAM,SAAS,GAAG,YAAY,CAAC,gBAAgB,CAAC,CAAC;QACjD,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAE1E,IAAI,UAAU,KAAK,YAAY,EAAE,CAAC;YACjC,MAAM,CAAC,IAAI,CACV,SAAS,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,EAAE,oBAAoB;gBAC9C,YAAY,YAAY,SAAS,UAAU,EAAE,CAC9C,CAAC;QACH,CAAC;QAED,oBAAoB,GAAG,UAAU,CAAC;QAClC,UAAU,GAAG,UAAU,CAAC;IACzB,CAAC;IAED,OAAO;QACN,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,cAAc,EAAE,KAAK,CAAC,MAAM;QAC5B,MAAM;QACN,OAAO;QACP,UAAU;QACV,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;AACH,CAAC"}
|
package/dist/board/board.d.ts
CHANGED
|
@@ -48,7 +48,7 @@ export declare function determineDecision(reviews: DirectorReview[]): {
|
|
|
48
48
|
/**
|
|
49
49
|
* Create a Board of Directors instance backed by a vault directory.
|
|
50
50
|
*
|
|
51
|
-
* @param vaultPath — absolute or relative path to `.
|
|
51
|
+
* @param vaultPath — absolute or relative path to `.usertrust/` (or custom vault)
|
|
52
52
|
* @param opts — optional configuration
|
|
53
53
|
*/
|
|
54
54
|
export declare function createBoard(vaultPath: string, opts?: BoardOpts): Board;
|
package/dist/board/board.js
CHANGED
|
@@ -129,7 +129,7 @@ function appendHistory(vaultPath, result) {
|
|
|
129
129
|
/**
|
|
130
130
|
* Create a Board of Directors instance backed by a vault directory.
|
|
131
131
|
*
|
|
132
|
-
* @param vaultPath — absolute or relative path to `.
|
|
132
|
+
* @param vaultPath — absolute or relative path to `.usertrust/` (or custom vault)
|
|
133
133
|
* @param opts — optional configuration
|
|
134
134
|
*/
|
|
135
135
|
export function createBoard(vaultPath, opts) {
|
package/dist/detect.d.ts
CHANGED
|
@@ -3,14 +3,31 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Uses structural checks (duck typing) to identify which SDK a client object
|
|
5
5
|
* belongs to, without requiring the SDK packages as dependencies.
|
|
6
|
+
*
|
|
7
|
+
* **Governance boundary:** only the following methods are intercepted and governed:
|
|
8
|
+
* - Anthropic: `client.messages.create()`
|
|
9
|
+
* - OpenAI: `client.chat.completions.create()`
|
|
10
|
+
* - Google: `client.models.generateContent()`
|
|
11
|
+
*
|
|
12
|
+
* Alternative methods (e.g., `client.messages.stream`, `client.beta.*`, streaming
|
|
13
|
+
* APIs, `client.completions.create`) are **NOT** intercepted and will bypass
|
|
14
|
+
* governance, audit, and budget enforcement. This is a known limitation of
|
|
15
|
+
* duck-typed proxy interception. Callers relying on ungoverned methods should
|
|
16
|
+
* implement their own budget and audit controls or wrap calls through the
|
|
17
|
+
* governed entry points above.
|
|
6
18
|
*/
|
|
7
19
|
import type { LLMClientKind } from "./shared/types.js";
|
|
8
20
|
/**
|
|
9
21
|
* Detect which LLM SDK a client belongs to by inspecting its shape.
|
|
10
22
|
*
|
|
23
|
+
* Governance boundary: only the following methods are intercepted and governed:
|
|
11
24
|
* - Anthropic: `client.messages.create()`
|
|
12
|
-
* - OpenAI:
|
|
13
|
-
* - Google:
|
|
25
|
+
* - OpenAI: `client.chat.completions.create()`
|
|
26
|
+
* - Google: `client.models.generateContent()`
|
|
27
|
+
*
|
|
28
|
+
* Alternative methods (e.g., `client.messages.stream`, `client.beta.*`, streaming APIs)
|
|
29
|
+
* are NOT intercepted and will bypass governance, audit, and budget enforcement.
|
|
30
|
+
* This is a known limitation of duck-typed proxy interception.
|
|
14
31
|
*
|
|
15
32
|
* @throws {Error} if the client does not match any known SDK shape
|
|
16
33
|
*/
|
package/dist/detect.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"detect.d.ts","sourceRoot":"","sources":["../src/detect.ts"],"names":[],"mappings":"AAGA
|
|
1
|
+
{"version":3,"file":"detect.d.ts","sourceRoot":"","sources":["../src/detect.ts"],"names":[],"mappings":"AAGA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEvD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,OAAO,GAAG,aAAa,CAyC/D"}
|
package/dist/detect.js
CHANGED
|
@@ -3,9 +3,14 @@
|
|
|
3
3
|
/**
|
|
4
4
|
* Detect which LLM SDK a client belongs to by inspecting its shape.
|
|
5
5
|
*
|
|
6
|
+
* Governance boundary: only the following methods are intercepted and governed:
|
|
6
7
|
* - Anthropic: `client.messages.create()`
|
|
7
|
-
* - OpenAI:
|
|
8
|
-
* - Google:
|
|
8
|
+
* - OpenAI: `client.chat.completions.create()`
|
|
9
|
+
* - Google: `client.models.generateContent()`
|
|
10
|
+
*
|
|
11
|
+
* Alternative methods (e.g., `client.messages.stream`, `client.beta.*`, streaming APIs)
|
|
12
|
+
* are NOT intercepted and will bypass governance, audit, and budget enforcement.
|
|
13
|
+
* This is a known limitation of duck-typed proxy interception.
|
|
9
14
|
*
|
|
10
15
|
* @throws {Error} if the client does not match any known SDK shape
|
|
11
16
|
*/
|
package/dist/detect.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"detect.js","sourceRoot":"","sources":["../src/detect.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;
|
|
1
|
+
{"version":3,"file":"detect.js","sourceRoot":"","sources":["../src/detect.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,iCAAiC;AAuBjC;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAe;IAC/C,IACC,MAAM,IAAI,IAAI;QACd,OAAO,MAAM,KAAK,QAAQ;QAC1B,UAAU,IAAI,MAAM;QACpB,MAAM,CAAC,QAAQ,IAAI,IAAI;QACvB,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ;QACnC,QAAQ,IAAI,MAAM,CAAC,QAAQ;QAC3B,OAAO,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,UAAU,EAC3C,CAAC;QACF,OAAO,WAAW,CAAC;IACpB,CAAC;IAED,IACC,MAAM,IAAI,IAAI;QACd,OAAO,MAAM,KAAK,QAAQ;QAC1B,MAAM,IAAI,MAAM;QAChB,MAAM,CAAC,IAAI,IAAI,IAAI;QACnB,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ;QAC/B,aAAa,IAAI,MAAM,CAAC,IAAI;QAC5B,MAAM,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI;QAC/B,OAAO,MAAM,CAAC,IAAI,CAAC,WAAW,KAAK,QAAQ;QAC3C,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW;QACnC,OAAO,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,UAAU,EACnD,CAAC;QACF,OAAO,QAAQ,CAAC;IACjB,CAAC;IAED,IACC,MAAM,IAAI,IAAI;QACd,OAAO,MAAM,KAAK,QAAQ;QAC1B,QAAQ,IAAI,MAAM;QAClB,MAAM,CAAC,MAAM,IAAI,IAAI;QACrB,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ;QACjC,iBAAiB,IAAI,MAAM,CAAC,MAAM;QAClC,OAAO,MAAM,CAAC,MAAM,CAAC,eAAe,KAAK,UAAU,EAClD,CAAC;QACF,OAAO,QAAQ,CAAC;IACjB,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,2EAA2E,CAAC,CAAC;AAC9F,CAAC"}
|
package/dist/govern.d.ts
CHANGED
|
@@ -39,6 +39,8 @@ export interface TrustEngine {
|
|
|
39
39
|
}>;
|
|
40
40
|
postPendingSpend(transferId: string): Promise<void>;
|
|
41
41
|
voidPendingSpend(transferId: string): Promise<void>;
|
|
42
|
+
/** AUD-461: Void all remaining pending transfers on destroy. */
|
|
43
|
+
voidAllPending?(): Promise<void>;
|
|
42
44
|
destroy?(): void;
|
|
43
45
|
}
|
|
44
46
|
/** The trusted client: original client shape + `destroy()`. */
|
package/dist/govern.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"govern.d.ts","sourceRoot":"","sources":["../src/govern.ts"],"names":[],"mappings":"AAkCA,OAAO,EAAE,KAAK,WAAW,EAAqB,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"govern.d.ts","sourceRoot":"","sources":["../src/govern.ts"],"names":[],"mappings":"AAkCA,OAAO,EAAE,KAAK,WAAW,EAAqB,MAAM,kBAAkB,CAAC;AAsBvE,MAAM,WAAW,SAAS;IACzB,qFAAqF;IACrF,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iEAAiE;IACjE,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,6BAA6B;IAC7B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,6BAA6B;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qBAAqB;IACrB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,+CAA+C;IAC/C,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;;;OAIG;IACH,OAAO,CAAC,EAAE,WAAW,GAAG,IAAI,CAAC;IAC7B;;;OAGG;IACH,MAAM,CAAC,EAAE,WAAW,CAAC;CACrB;AAED,8DAA8D;AAC9D,MAAM,WAAW,WAAW;IAC3B,YAAY,CAAC,MAAM,EAAE;QACpB,UAAU,EAAE,MAAM,CAAC;QACnB,MAAM,EAAE,MAAM,CAAC;KACf,GAAG,OAAO,CAAC;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACpC,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACpD,gBAAgB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACpD,gEAAgE;IAChE,cAAc,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACjC,OAAO,CAAC,IAAI,IAAI,CAAC;CACjB;AAED,+DAA+D;AAC/D,MAAM,MAAM,aAAa,CAAC,CAAC,IAAI,CAAC,GAAG;IAAE,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAA;CAAE,CAAC;AAsEhE,wBAAsB,KAAK,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,IAAI,CAAC,EAAE,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAggBrF"}
|