JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 848
  • Score
    100M100P100Q93860F
  • License Apache-2.0

Policy schema, resolved-rule types, normalizer, and route contracts shared across Kratex components.

Package Exports

  • @kratex/shared
  • @kratex/shared/primordials

Readme

@kratex/shared

The Kratex policy schema and built-in rule catalog, shared by every Kratex component and published to npm as a standalone policy-schema library.

npm i @kratex/shared

Inside this monorepo, @kratex/cli and @kratex/runtime link to it via the workspace file: protocol; external consumers install it from npm.

What lives here

  • Policy schema (src/policy/schema.ts): the Zod schemas for rules, subjects, targets, conditions, effects, and kratex.policy.json itself. This is the single source of truth; the CLI validates against it and the runtime evaluates against it.
  • Built-in rules (src/policy/builtin-rules/): the block-tier rules that ship enabled by default, plus the target allowlists (LIFECYCLE_NETWORK_ALLOWLIST, LIFECYCLE_SPAWN_ALLOWLIST) that exempt package-manager entrypoints. See the project README for what these rules block.
  • Data classes (src/policy/data-classes.ts): the BUILTIN_FILENAME_CLASS_MAP that classifies sensitive paths (credentials, wallets, secrets) so rules can match on data class rather than literal paths.
  • Route contracts (src/contracts/): the KRATEX_API_CONTRACT table of CLI-facing routes (device auth, project policy fetch, telemetry ingestion), used by both the CLI and any backend that implements it.

Editing the schema

The policy schema is the integration point between the CLI and the runtime, so changes here ripple to both. Build after editing:

npm run build -w @kratex/shared

In-repo consumers link via the file: protocol and pick up the new dist/ automatically, so no republish is needed for local development.

License

Apache License 2.0. See the root LICENSE.