An npm scope, stored without its leading '@' (the scope of @myorg/pkg is "myorg"). Construct via mkScope, which normalises away a leading '@' so equality is independent of how the scope was written.

Build a Scope, tolerating an optional leading '@'.

The bare scope text, without the leading '@'.

Render a scope in npm wire form, with the leading '@'.

A package identity, decoupled from any registry's wire format.

Identity differs by ecosystem — npm has scopes and is case-sensitive, PyPI normalises per PEP 503, RubyGems is verbatim — so the type is opaque: build it with mkPackageName, which records the ecosystem, computes a pkgCanonical key used for equality/matching, and keeps a pkgDisplay form for faithful rendering. Equality and ordering are on (pkgEcosystem, pkgNamespace, pkgCanonical) only — never the display form — so Flask and flask are the same PyPI package but different npm ones.

Build a PackageName, normalising the canonical key for the ecosystem.

The display form is the scope-joined raw name (@scope/name when scoped); the canonical key is that form normalised: PEP 503 lower-casing and [-_.]+→- collapsing for PyPI, verbatim for npm and RubyGems.

The ecosystem this name belongs to.

The scope, if scoped (npm @scope/name). Nothing for PyPI/RubyGems.

The normalised key for equality and matching (PEP 503 for PyPI; verbatim for npm/RubyGems).

The name as published, for rendering and round-tripping.

Render a package name in its native wire form (the display name).

Whether installing a version executes code (the cross-ecosystem unification of npm install scripts, PyPI sdist builds, and RubyGems native extensions).

The trust/provenance signal for a version. The how of trust differs by ecosystem (npm dist.signatures, PyPI PEP 740 attestations, RubyGems signed gems/MFA) but is captured as TrustEvidence so rules stay ecosystem-blind.

A normalised reason a version is trusted; the adapter maps its ecosystem's mechanism onto this vocabulary.

Whether a version is offered, advisory-deprecated, or withdrawn.

One distribution file for a version. A version owns a NonEmpty list of these: npm has exactly one, PyPI has an sdist plus many wheels, RubyGems has one per platform.

What kind of distribution file an artifact is.

An integrity digest of an artifact. Opaque: a Hash is built only through mkHash, which validates that the digest is well-formed, so every value of this type carries the proof that its digest could be a real digest of its algorithm. Read it back through hashAlg and hashValue.

The algorithm the digest was computed with.

The digest itself, in the algorithm's wire encoding (e.g. hex, or the whole sha512-… string for SRI).

Build a Hash, validating that the digest is structurally well-formed: cleanly encoded and exactly the byte length its algorithm specifies. This is the only way to construct a Hash, so the type itself is the proof that the digest could be a real digest of that algorithm — an empty, truncated, over-long, non-hex, or bad-base64 value is unconstructable and so can never reach an integrity gate as a degenerate digest (the fail-open this closes is docs/architecture/security.md invariant 5).

Well-formedness is not admissibility: a well-formed but weak SHA-1 digest builds fine; whether it clears the public-integrity floor is the separate decision of Ecluse.Package.Integrity. mkHash rejects a malformed digest, never a merely weak one.

A hex-tagged algorithm (everything but SRI) takes lower- or upper-case hex of the algorithm's digest length. An SRI takes one or more whitespace-separated <alg>-<base64> components, each naming a Subresource-Integrity algorithm (sha256, sha384, sha512) whose base64 body decodes to that algorithm's digest length; every component must be well-formed.

>>> import Ecluse.Package (HashAlg (SHA1))
>>> fmap hashAlg (mkHash SHA1 "0a4d55a8d778e5022fab701977c5d840bbc486d0")
Right SHA1

>>> mkHash SHA1 "deadbeef"
Left "malformed sha1 digest"

A hash algorithm an integrity digest is computed with.

The lower-case wire name of an algorithm — the canonical spelling parseHashAlg reads back. Total and injective, so it doubles as config rendering and error text.

>>> renderHashAlg SHA256
"sha256"

Parse an algorithm name, tolerating case and an optional internal '-' (so "SHA-256" and "sha256" both parse). An unrecognised name is reported as such, distinct from a recognised-but-too-weak floor. This admits only the named hash algorithms; the sri wrapper is not a config-selectable algorithm and is rejected.

>>> parseHashAlg "SHA-256"
Right SHA256

>>> parseHashAlg "frobnicate"
Left "unknown integrity algorithm: frobnicate"

The algorithm-name token of a Subresource-Integrity string — the <alg> before the first '-' in <alg>-<base64>. A string with no '-' is all prefix.

>>> sriPrefix "sha512-Zm9vYmFy"
"sha512"

The base64 digest body of a Subresource-Integrity string — the <base64> after the first '-' in <alg>-<base64>. A string with no '-' has an empty body.

>>> sriBody "sha512-Zm9vYmFy"
"Zm9vYmFy"

The HashAlg a Subresource-Integrity string names, read from its <alg> prefix. The prefixes resolved are the Subresource-Integrity set sha256, sha384 and sha512 (every long digest the model represents and a registry serves); an unrecognised or malformed prefix yields Nothing, so the string asserts no algorithm and clears no floor (the fail-closed reading).

>>> sriAlgorithm "sha512-Zm9vYmFy"
Just SHA512

>>> sriAlgorithm "sha384-Zm9vYmFy"
Just SHA384

A declared dependency. The constraint is kept as raw text (semver range / PEP 508 / Gem::Requirement) — lossless and ecosystem-agnostic — and is parsed only if a rule ever needs to compare it.

The role a dependency plays.

A person associated with a package (author, maintainer, or publisher).

The ecosystem-agnostic snapshot of a single package version that the rules engine evaluates. A registry adapter projects its wire format into this; the rules engine never sees anything else, and never branches on the ecosystem.

The packument-level view of a package: the whole-package metadata document (PackageDetails is the per-version snapshot embedded within it). A registry adapter projects a registry's packument (the npm full-metadata document) into this; the proxy core reasons over it without ever seeing the wire format.