@aexhq/sdk 0.13.6

package/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for describing the origin of the Work and
+      reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2026 aex contributors
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+   implied. See the License for the specific language governing
+   permissions and limitations under the License.

package/README.md

@@ -0,0 +1,160 @@
+---
+title: aex
+---
+
+# aex
+
+aex is a TypeScript-first SDK + CLI for running autonomous agent sessions across providers through the managed aex service. Everything an agent or human needs is reachable through **one** import and **one** binary.
+
+```ts
+import {
+  AexClient,        // the only client class — submits durable runs to aex
+  Skill,                // workspace / provider / inline skill bundles
+  McpServer,            // MCP server declarations (headers split into secrets server-side)
+  ProxyEndpoint,        // per-run managed HTTP proxy endpoint
+  AgentsMd,             // AGENTS.md / CLAUDE.md uploads
+  File,                 // arbitrary workspace files mounted into the session
+  validateProxyAuth     // helper that fails fast on policy/auth mismatch
+} from "@aexhq/sdk";
+```
+
+```bash
+aex run     --config ./run.json --api-token ant_… \
+                --anthropic-api-key sk-ant-… --follow
+aex status  <run-id>             --api-token …
+aex wait    <run-id> [--timeout 8m] [--interval 2s] --api-token …
+aex events  <run-id> [--follow] [--timeout 8m]  --api-token …
+aex outputs <run-id>             --api-token …
+aex download <run-id> [--only outputs|logs|events|metadata] [--out path] --api-token …
+aex cancel  <run-id>             --api-token …
+aex delete  <run-id>             --api-token …
+aex whoami                       --api-token …
+aex skills  <upload|list|get|delete> [flags] --api-token …
+```
+
+The SDK class and the CLI are backed by the same public `@aexhq/contracts` operations module — any read or write you can do through one, you can do through the other, against the same durable run records. The same npm package also ships the in-container `aex` CLI as its `bin` entry; managed runs mount that CLI inside the runner so skills can call `aex proxy …` against the per-run manifest. See [product capabilities and boundaries](docs/product-boundaries.md).
+
+The aex URL defaults to `https://api.aex.dev`. Set `--aex-url` on the CLI or `baseUrl` on `AexClient` for local, staging, or hosted aex API planes. This is not a supported self-host deployment claim. The workspace is derived server-side from your API token (1:1 binding), so there is no `--workspace` flag and no `workspaceId` option.
+
+## Product boundaries
+
+- Multi-provider via Goose Managed. The published surface is the same
+  regardless of provider:
+  - omit `runtime` or pass `runtime: "managed"`; every provider uses the
+    managed runtime and BYOK provider-proxy.
+  - `provider: "anthropic" | "deepseek" | "openai" | "gemini" | "mistral"`.
+  - See [provider/runtime capabilities](docs/provider-runtime-capabilities.md)
+    for the generated matrix.
+- BYO provider key + MCP credentials + skill references — passed inline on every submission and held in run-scoped custody, with cleanup/revocation attempted at terminal. Cross-provider keys are rejected loudly at submission time.
+- Workspace is the tenant boundary. Workspace identity is derived server-side from the API token (1:1 binding); the SDK / CLI never name it.
+- No SDK-side storage of provider keys, MCP credentials, or output file contents.
+- Cleanup runs by default for tracked runtime resources.
+- Product boundaries are explicit: see [product capabilities and boundaries](docs/product-boundaries.md) for what aex owns, inherits, and does not support.
+
+## Quickstart (SDK)
+
+```ts
+import { AexClient } from "@aexhq/sdk";
+
+const client = new AexClient({
+  apiToken: process.env.AEX_API_TOKEN!
+  // baseUrl defaults to https://api.aex.dev - set it for local or staging planes.
+});
+
+const runId = await client.submitRun({
+  model: "claude-haiku-4-5",
+  system: "You are a concise automation agent.",
+  prompt: "Write a short answer about agent-first SDK design.",
+  secrets: { anthropic: { apiKey: process.env.ANTHROPIC_API_KEY! } }
+});
+
+const run = await client.wait(runId);
+console.log(run.status);
+
+for (const output of await client.outputs(runId)) {
+  console.log(output.id, output.filename);
+}
+
+const report = await client.downloadOutput(runId, { path: "report.txt", match: "suffix" });
+console.log(new TextDecoder().decode(report));
+
+await client.downloadOutputs(runId, { to: "./outputs.zip" });
+```
+
+Reusable, credential-free configs can be ordinary functions:
+
+```ts
+function summarise(topic: string) {
+  return {
+  model: "claude-haiku-4-5",
+  system: "You are a concise automation agent.",
+  prompt: `Write a short answer about ${topic}.`
+  };
+}
+
+const runId = await client.submitRun({
+  ...summarise("agent-first SDK design"),
+  secrets: { anthropic: { apiKey: process.env.ANTHROPIC_API_KEY! } }
+});
+```
+
+Stream events live with `client.stream(runId)`:
+
+```ts
+for await (const event of client.stream(runId)) {
+  if (event.type === "agent.message") {
+    // typed event helpers live under `aex`'s event guard exports.
+  }
+}
+```
+
+The same flow from the CLI (two equivalent forms):
+
+```bash
+aex run \
+  --api-token "$AEX_API_TOKEN" \
+  --anthropic-api-key "$ANTHROPIC_API_KEY" \
+  --model claude-haiku-4-5 \
+  --system "You are a concise automation agent." \
+  --prompt "Write a short answer about agent-first SDK design." \
+  --follow
+
+aex run \
+  --api-token "$AEX_API_TOKEN" \
+  --anthropic-api-key "$ANTHROPIC_API_KEY" \
+  --config ./run.json \
+  --follow
+```
+
+`--config` accepts a plain run-config JSON file for a single run request: `{ model, system?, prompt, skills?, mcpServers?, environment?, proxyEndpoints?, metadata? }`. There is no saved-definition product or interpolation DSL — build the JSON at the call site.
+
+## Test commands
+
+```text
+pnpm test                # unit (deterministic; uses fakes/snapshots)
+pnpm test:user:offline   # clean install of packed/published SDK, no live API
+pnpm test:user           # live hosted API user tests
+pnpm test:user:heavy     # explicit heavy live canary
+```
+
+User tests auto-pack the current SDK when no artifact env is set. CI can pin a
+specific artifact with exactly one of `AEX_USER_TEST_TARBALL` or
+`AEX_USER_TEST_VERSION`; live runs also need `AEX_API_URL`,
+`AEX_API_TOKEN`, and `DEEPSEEK_API_KEY`.
+
+## Guides
+
+- [Quickstart](docs/quickstart.md)
+- [Run config](docs/run-config.md)
+- [Run record](docs/run-record.md)
+- [Product capabilities and boundaries](docs/product-boundaries.md)
+- [Provider/runtime capabilities](docs/provider-runtime-capabilities.md)
+- [Credentials](docs/credentials.md)
+- [MCP](docs/mcp.md)
+- [Skills](docs/skills.md)
+- [Outputs](docs/outputs.md)
+- [Events](docs/events.md)
+- [Cleanup](docs/cleanup.md)
+- [Testing](docs/testing.md)
+- [Release](docs/release.md)
+

package/dist/_contracts/connection-ticket.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Connection tickets for the event-coordinator WebSocket handshake.
+ *
+ * A browser/Node WebSocket handshake cannot carry an Authorization header,
+ * so a subscriber first obtains a short-lived ticket from an authenticated
+ * HTTP endpoint, then presents it as a `?ticket=` query parameter on the WS
+ * upgrade. The ticket is an HMAC over `${runId}.${exp}` keyed by the
+ * coordinator secret — it binds the grant to one run and one expiry and is
+ * verified without any per-ticket storage.
+ *
+ * This lives in shared so the coordinator (which verifies) and the API
+ * hosted API's ticket broker (which mints, on behalf of a workspace token) use
+ * ONE implementation. Pure Web Crypto — identical under Node and workerd.
+ */
+/** Mint a `${exp}.${mac}` ticket valid for `ttlMs` from `nowMs`. */
+export declare function mintConnectionTicket(runId: string, secret: string, nowMs: number, ttlMs?: number): Promise<{
+    ticket: string;
+    expiresAtMs: number;
+}>;
+/** Verify a ticket against `runId` + the current time. Constant-time MAC compare. */
+export declare function verifyConnectionTicket(ticket: string, runId: string, secret: string, nowMs: number): Promise<boolean>;

package/dist/_contracts/connection-ticket.js

@@ -0,0 +1,49 @@
+/**
+ * Connection tickets for the event-coordinator WebSocket handshake.
+ *
+ * A browser/Node WebSocket handshake cannot carry an Authorization header,
+ * so a subscriber first obtains a short-lived ticket from an authenticated
+ * HTTP endpoint, then presents it as a `?ticket=` query parameter on the WS
+ * upgrade. The ticket is an HMAC over `${runId}.${exp}` keyed by the
+ * coordinator secret — it binds the grant to one run and one expiry and is
+ * verified without any per-ticket storage.
+ *
+ * This lives in shared so the coordinator (which verifies) and the API
+ * hosted API's ticket broker (which mints, on behalf of a workspace token) use
+ * ONE implementation. Pure Web Crypto — identical under Node and workerd.
+ */
+const DEFAULT_TICKET_TTL_MS = 60_000;
+const encoder = new TextEncoder();
+async function hmacHex(secret, message) {
+    const key = await crypto.subtle.importKey("raw", encoder.encode(secret), { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
+    const sig = await crypto.subtle.sign("HMAC", key, encoder.encode(message));
+    return [...new Uint8Array(sig)].map((b) => b.toString(16).padStart(2, "0")).join("");
+}
+/** Mint a `${exp}.${mac}` ticket valid for `ttlMs` from `nowMs`. */
+export async function mintConnectionTicket(runId, secret, nowMs, ttlMs = DEFAULT_TICKET_TTL_MS) {
+    const exp = nowMs + ttlMs;
+    const mac = await hmacHex(secret, `${runId}.${exp}`);
+    return { ticket: `${exp}.${mac}`, expiresAtMs: exp };
+}
+/** Verify a ticket against `runId` + the current time. Constant-time MAC compare. */
+export async function verifyConnectionTicket(ticket, runId, secret, nowMs) {
+    const dot = ticket.indexOf(".");
+    if (dot < 0)
+        return false;
+    const exp = Number(ticket.slice(0, dot));
+    const mac = ticket.slice(dot + 1);
+    if (!Number.isFinite(exp) || exp < nowMs)
+        return false;
+    const expected = await hmacHex(secret, `${runId}.${exp}`);
+    return timingSafeEqual(mac, expected);
+}
+/** Length-then-constant-time comparison of two hex strings. */
+function timingSafeEqual(a, b) {
+    if (a.length !== b.length)
+        return false;
+    let diff = 0;
+    for (let i = 0; i < a.length; i++)
+        diff |= a.charCodeAt(i) ^ b.charCodeAt(i);
+    return diff === 0;
+}
+//# sourceMappingURL=connection-ticket.js.map