@zanii/compliance
v0.2.0
Published
Turn a Zanii audit bundle into an auditor-ready compliance report - offline verification, action breakdown, anchoring coverage, and control mapping, rendered to Markdown.
Readme
@zanii/compliance
Turn a Zanii audit bundle into an auditor-ready compliance report — verified offline, no network, no trust in Zanii's servers. Action breakdown by control, on-chain anchoring coverage, and a Markdown renderer you can hand straight to an auditor.
npm install @zanii/complianceUsage
import { buildComplianceReport, renderComplianceMarkdown } from '@zanii/compliance';
// bundle = the JSON from `zanii export <did>` (or GET /v1/export/<did>)
const report = buildComplianceReport(bundle, {
controls: {
crm: 'AC-2 Account Management',
email: 'AU-2 Audit Events',
pay: 'SC-13 Cryptographic Protection',
},
});
console.log(report.verified, report.flags); // false-verified bundles still summarize, with a flag
console.log(renderComplianceMarkdown(report)); // → hand to the auditorbuildComplianceReport verifies the bundle with @zanii/core first; every figure
is derived from the receipts, and anything an auditor should notice (failed
verification, unanchored receipts, revoked delegations, unmapped namespaces)
lands in report.flags.
Changelog
- 0.2.0 — added
reconcile(provider-vs-ledger omission catcher). - 0.1.0 — initial release:
buildComplianceReport,renderComplianceMarkdown,ControlMap.
License
Apache-2.0.
