refactor(policy): localize internal declarations (#101963)

This commit is contained in:
Vincent Koc
2026-07-07 19:17:22 -07:00
committed by GitHub
parent 11a0e54ddd
commit d5e4ed93fa
5 changed files with 17 additions and 22 deletions

View File

@@ -20,24 +20,24 @@ import {
} from "./policy-conformance.js";
import { createPolicyAttestation } from "./policy-state.js";
export type PolicyCommandRuntime = {
type PolicyCommandRuntime = {
writeStdout(value: string): void;
error(value: string): void;
sleep?(ms: number): Promise<void>;
};
export interface PolicyCheckOptions {
interface PolicyCheckOptions {
readonly json?: boolean;
readonly severityMin?: string;
readonly cwd?: string;
}
export interface PolicyWatchOptions extends PolicyCheckOptions {
interface PolicyWatchOptions extends PolicyCheckOptions {
readonly intervalMs?: string | number;
readonly once?: boolean;
}
export interface PolicyCompareOptions {
interface PolicyCompareOptions {
readonly baseline?: string;
readonly policy?: string;
readonly json?: boolean;

View File

@@ -1,12 +1,7 @@
// Policy doctor fix metadata classifies findings before patch builders exist.
import { CHECK_IDS, POLICY_CHECK_IDS } from "./metadata.js";
export type PolicyFixClass =
| "automatic"
| "reviewRequired"
| "manual"
| "validateOnly"
| "unsupported";
type PolicyFixClass = "automatic" | "reviewRequired" | "manual" | "validateOnly" | "unsupported";
export type PolicyFixMetadata = {
readonly checkId: (typeof POLICY_CHECK_IDS)[number];

View File

@@ -119,7 +119,7 @@ const SUPPORTED_SANDBOX_MODES = ["off", "non-main", "all"] as const;
let registered = false;
const policyEvaluationCache = new WeakMap<HealthCheckContext, Promise<PolicyEvaluation>>();
export type PolicyDoctorRegistrationHost = {
type PolicyDoctorRegistrationHost = {
readonly registerHealthCheck: (check: HealthCheck) => void;
};

View File

@@ -13,13 +13,13 @@ import {
type PolicyScopeSelectorKind,
} from "./doctor/register.js";
export const POLICY_CONFORMANCE_CHECK_IDS = {
const POLICY_CONFORMANCE_CHECK_IDS = {
missing: "policy/policy-conformance-missing",
weaker: "policy/policy-conformance-weaker",
invalid: "policy/policy-conformance-invalid",
} as const;
export type PolicyConformanceFinding = {
type PolicyConformanceFinding = {
readonly checkId: (typeof POLICY_CONFORMANCE_CHECK_IDS)[keyof typeof POLICY_CONFORMANCE_CHECK_IDS];
readonly severity: "error";
readonly message: string;

View File

@@ -25,7 +25,7 @@ const ALLOWLIST_DEFAULT_INGRESS_GROUP_POLICY_CHANNELS = new Set([
]);
const OPEN_GROUPS_DEFAULT_TO_NO_MENTION_CHANNELS = new Set(["feishu", "qa-channel"]);
export type PolicyAttestation = {
type PolicyAttestation = {
readonly checkedAt: string;
readonly policy?: {
readonly path: string;
@@ -57,14 +57,14 @@ export type PolicyEvidence = {
readonly execApprovals?: readonly PolicyExecApprovalEvidence[];
};
export type PolicyChannelEvidence = {
type PolicyChannelEvidence = {
readonly id: string;
readonly provider: string;
readonly source: string;
readonly enabled?: boolean;
};
export type PolicyMcpServerEvidence = {
type PolicyMcpServerEvidence = {
readonly id: string;
readonly transport: "stdio" | "sse" | "streamable-http" | "unknown";
readonly source: string;
@@ -72,7 +72,7 @@ export type PolicyMcpServerEvidence = {
readonly url?: string;
};
export type PolicyToolEvidence = {
type PolicyToolEvidence = {
readonly id: string;
readonly source: string;
readonly line: number;
@@ -125,19 +125,19 @@ export type PolicySandboxPostureEvidence = {
readonly explicit?: boolean;
};
export type PolicyModelProviderEvidence = {
type PolicyModelProviderEvidence = {
readonly id: string;
readonly source: string;
};
export type PolicyModelRefEvidence = {
type PolicyModelRefEvidence = {
readonly ref: string;
readonly provider: string;
readonly model: string;
readonly source: string;
};
export type PolicyNetworkEvidence = {
type PolicyNetworkEvidence = {
readonly id: string;
readonly source: string;
readonly value: boolean;
@@ -158,7 +158,7 @@ export type PolicyIngressEvidence = {
readonly explicit?: boolean;
};
export type PolicyGatewayExposureEvidence = {
type PolicyGatewayExposureEvidence = {
readonly id: string;
readonly kind:
| "auth"
@@ -195,7 +195,7 @@ export type PolicyAgentWorkspaceEvidence = {
readonly explicit?: boolean;
};
export type PolicySecretEvidence = {
type PolicySecretEvidence = {
readonly id: string;
readonly kind: "input" | "provider";
readonly source: string;