Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,12 @@ git push --force-with-lease
Commits that do not include a valid `Signed-off-by` trailer will
be rejected by CI.

## Trademark

"IntentProof" and "Verified by IntentProof" are trademarks of
IntentProof, Inc. Apache 2.0 grants a copyright license; it does not grant a
trademark license. See [`TRADEMARK.md`](TRADEMARK.md).

## License

By contributing as a maintainer, you agree your commits are licensed
Expand Down
60 changes: 59 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,15 @@
# intentproof-sdk-node

[![CI](https://github.com/IntentProof/intentproof-sdk-node/actions/workflows/ci.yml/badge.svg)](https://github.com/IntentProof/intentproof-sdk-node/actions/workflows/ci.yml)

Node.js SDK for emitting signed `ExecutionEvent` records to IntentProof.

## Who uses this

Node.js application authors who instrument business logic with
`wrap(intent, action, fn)` and export signed execution events to local or
hosted ingest.

## Scope

- `wrap(intent, action, fn)` instrumentation helper
Expand All @@ -10,6 +18,55 @@ Node.js SDK for emitting signed `ExecutionEvent` records to IntentProof.
- Local outbox support
- HTTP export to ingest when `INTENTPROOF_INGEST_URL` is set

## Install

```bash
npm install @intentproof/sdk
```

For development in this repository:

```bash
npm install
npm run build
```

## Verify

Cross-language signing fixtures in CI match
[`intentproof-spec`](https://github.com/IntentProof/intentproof-spec) golden
vectors. Run `npm test` locally before publishing.

## Test

```bash
npm test
npm run build
```

CI enforces lint, typecheck, and conformance coverage.

## Release

npm packages are published from maintainer release workflows in
[`intentproof-tools`](https://github.com/IntentProof/intentproof-tools) using
Sigstore-attested artifacts. See
[`docs/release-signing.md`](https://github.com/IntentProof/intentproof-tools/blob/main/docs/release-signing.md).

## Documentation hub

Per-repo README files plus
[`intentproof-infra`](https://github.com/IntentProof/intentproof-infra) for
self-host install and image verification. Docs site deferred — see
[`docs-hub-decision.md`](https://github.com/IntentProof/intentproof-infra/blob/main/docs/docs-hub-decision.md).

## Support

Report bugs, API gaps, and conformance findings via
[GitHub Issues](https://github.com/IntentProof/intentproof-sdk-node/issues).
See [`CONTRIBUTING.md`](CONTRIBUTING.md). Security reports:
[`SECURITY.md`](SECURITY.md).

## Quick start

1. Install deps: `npm install`
Expand Down Expand Up @@ -49,4 +106,5 @@ verify without extra key-registration steps.

## License

Apache License 2.0 (`LICENSE`).
Apache License 2.0 — see [`LICENSE`](LICENSE), [`NOTICE`](NOTICE), and
[`TRADEMARK.md`](TRADEMARK.md).
31 changes: 31 additions & 0 deletions TRADEMARK.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# IntentProof Trademark Policy

**IntentProof** and **Verified by IntentProof** are trademarks of
IntentProof, Inc.

The Apache License 2.0 grants a copyright license for the code in this
repository. It does **not** grant a trademark license.

## Permitted use

You may use the name **IntentProof** in plain text to describe
compatibility with or use of this open-source software, provided you do
not imply endorsement, sponsorship, or certification by IntentProof, Inc.

## Not permitted without written permission

- Using IntentProof trademarks in your product, company, or project name.
- Displaying the **Verified by IntentProof** certification mark or any
IntentProof logo except as authorized in a written agreement.
- Suggesting that IntentProof, Inc. certifies or warrantees your deployment
solely because you use this software.

## Certification mark

Operational use of the **Verified by IntentProof** certification mark is
governed by a separate certification policy before certificate issuance
ships. Contact `security@intentproof.io` for questions.

## Questions

Trademark or certification-mark questions: `security@intentproof.io`.
Loading