packages/policy/src/index.ts exports PolicyEngine, PolicyRegistry, PolicyRouter, PolicyValidator, SignalValidator, the PolicyRepository interface plus its FilePolicyRepository implementation, and the Policy/PolicyCondition/PolicyRule/PolicySignals/PolicyDecision/PolicyAction/PolicyOutcome types.
PolicyEngine.evaluate()
PolicyEngine walks policy.rules in array order and returns the outcome of the first rule whose condition matches the supplied signals — deterministic by construction, since the same policy + signals always walks the same rules in the same order.
Conditions (PolicyCondition) support:
- A leaf check against one named signal:
greater_than(numeric),equals(any JSON value), or plain truthiness if neither is given. all: [...]— logical AND over child conditions.any: [...]— logical OR over child conditions.
PolicyAction (APPROVE, REQUIRE_OVERRIDE, REJECT) on the matched rule maps to a PolicyOutcome; no match falls through to REJECT with reason: "no_rule_matched". This is the same engine @parmana/replay’s (currently unused) ReplayEngine re-invokes to independently re-derive a decision.
Loading policies
packages/api/src/application.ts constructs FilePolicyRepository directly, pointed at process.env.PARMANA_POLICY_DIR — the monorepo root’s policies/ directory. PolicyRouter additionally runs PolicyValidator before returning a loaded policy, but the POST /policies/validate route (REST API → Policies) calls policyRepository.load() directly, not through PolicyRouter — so that endpoint only confirms the file exists and parses as JSON, and never runs PolicyValidator’s checks.
Related
Policy (concept)
The domain concept this package implements.
REST API → Policies
The one HTTP endpoint over this package.
replay
The other consumer of
PolicyEngine.Decision
What a
PolicyDecision becomes downstream.