npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@newco-ai-platform/types

v0.1.2

Published

NewCo Suite cross-product wire-format envelopes (zod) + auth domain primitives + audit-chain hash helpers

Downloads

477

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

hardeeparorahardeeparora

Keywords

newcoenvelopeszodwire-formatschema-versionaudit-chain

Readme

@newco-ai-platform/types

Cross-product wire-format envelopes and auth domain primitives for the NewCo Suite. Pure zod schemas + type inference + the audit-chain hash helper. No runtime side effects, fully isomorphic (Node 18+, browsers, Vercel Edge).

What's in here

| Subpath import | Exports | |---|---| | @newco-ai-platform/types | everything below, re-exported | | @newco-ai-platform/types/auth | User, Org, Role, Permission, Session, IdentityProvider zod schemas + inferred types | | @newco-ai-platform/types/envelopes | WorkflowSpec, AuditEntry, KpiEvent, AcceleratorPipeline, ComplianceBaseline, FeeEvent, ReuseEvent | | @newco-ai-platform/types/hash-chain | canonicalize, sha256Hex, computeEntryHash for the audit chain | | @newco-ai-platform/types/version | CURRENT_SCHEMA_VERSION, AUDIT_CHAIN_VERSION, AUDIT_HASH_FN constants |

The schema_version contract

Every envelope carries a top-level schema_version: number field. v1 producers emit schema_version: 1. Consumers:

  1. Match version → parse strictly. Strict object validation, fail closed on unknown fields. A new field requires a schema_version bump.
  2. Future version → log + drop. A consumer expecting v1 that receives v2 logs the rejection and drops the envelope. Never throws into the request pipeline.
  3. Past version → translator. When v2 ships, a v1ToV2(input) migration lives next to the v2 schema. Producers stay current-only.

This is forward-compatibility without coordinated migrations. The wire format can evolve while five product teams ship in parallel.

The audit chain contract

AuditEntry and FeeEvent are hash-chained:

  • chain_version: 1 and hash_fn: 'sha256' are explicit envelope fields. Future hash function changes ship via chain_version: 2 without rewriting history.
  • prev_hash: string | null references the previous entry's entry_hash. The chain head carries prev_hash: null.
  • entry_hash is SHA-256(canonicalize(entry without entry_hash)) hex-encoded.

The canonicalize algorithm is documented in src/hash-chain.ts and MUST be replicated bit-identical by the Python newco-sdk so cross-language verification works.

Versioning

This package is the contract surface for the whole suite. Token-level diligence:

  • Patch bumps (0.1.0 → 0.1.1) — non-semantic edits (docs, type-narrow clarification with no wire-format change).
  • Minor bumps (0.1.0 → 0.2.0) — additive new envelopes or new optional fields.
  • Major bumps (0.1.0 → 1.0.0) — once the first paying customer signs. Major version = schema_version bump.

All changes go through contracts-owner review (suite-coordinator sub-role).