Policy Pack Specification

Alpha

DSAR is currently in alpha. APIs, package surfaces, configuration, and documentation may change as the project evolves.

This document defines the schema and evaluator contract for @dsar/policy-engine.

Policy pack schema

Policy packs are versioned, machine-readable contracts with deterministic sections:

Required fields:

Rule precedence is deterministic:

sort by precedence descending
tie-break by id ascending
apply merged rule overrides from lowest to highest precedence so highest precedence wins

evaluatePolicy(input) returns an Effect program with deterministic output.

Input envelope includes:

Output envelope includes:

decision: actionable booleans (verification required, appeal eligibility, etc.)
clock: base/final deadlines and applied pause/extension contributions
requiredActions
requiredNotices
matchedRuleIds
explainabilityTrace

Every decision includes machine-readable trace entries with:

code (clock.base, clock.rule.applied, clock.pause.applied, clock.extension.applied, clock.final)
message
optional details payload

This enables replay and clock explain APIs to show exactly how due dates were produced.

Current fixture coverage:

These vectors validate:

First-party launch coverage includes:

UK baseline pack (uk)
EU baseline pack (eu)
Initial US set: baseline US (us), California (us-ca), Virginia (us-va), Colorado (us-co)

Known gaps:

Request intake now requires a top-level jurisdiction and resolves an active policy via:

The hard-fail envelope includes structured guidance so clients can route users/admins:

Custom policy authoring and activation emit dedicated policy audit events:

These events are emitted by @dsar/policy-packs services and consumed by backend policy routes.