@aexhq/sdk 0.13.9 → 0.14.0

package/dist/client.d.ts

@@ -1,5 +1,6 @@
 import { HttpClient, type AexEvent, type AgentsMdRecord, type CredentialMode, type DebugSink, type FetchLike, type FileRecord, type Output, type OutputMode, type PlatformSubmission, type PlatformInlineSecrets, type PlatformProxyEndpoint, type PlatformProxyEndpointAuth, type Run, type RunEvent, type RunProvider, type RunUnit, type RuntimeSize, type RuntimeKind, type SignedOutputLink, type Skill as SkillRecord, type WhoAmI } from "./_contracts/index.js";
 import { AgentsMd } from "./agents-md.js";
+import { type UploadedAsset } from "./asset-upload.js";
 import { File } from "./file.js";
 import { McpServer } from "./mcp-server.js";
 import { ProxyEndpoint } from "./proxy-endpoint.js";
@@ -37,8 +38,9 @@ export interface AgentExecutorOptions {
  *     secret is bundled into the constructor and split into
  *     `secrets.proxyEndpointAuth` server-side; the public submission
  *     only carries the declaration (`{ name, baseUrl, authShape, … }`).
- *   - `secrets.<provider>.apiKey` — REQUIRED for the selected provider.
- *     The platform never holds a long-lived provider key on your behalf.
+ *   - `secrets.apiKey` — REQUIRED: the provider key for the selected
+ *     `provider`. The platform never holds a long-lived provider key on
+ *     your behalf.
  *
  * `idempotencyKey` is auto-generated when omitted; pass one explicitly
  * if you want client-driven retry safety across process restarts.
@@ -46,16 +48,16 @@ export interface AgentExecutorOptions {
 export interface SubmitRunOptions {
     /**
      * Credential source for upstream provider access. Omitted defaults to
-     * `"byok"`, which requires `secrets.<provider>.apiKey` as today.
+     * `"byok"`, which requires `secrets.apiKey`.
      * `"managed"` is reserved for paid managed-key mode and currently fails
      * closed until the hosted private implementation is wired.
      */
     readonly credentialMode?: CredentialMode;
     /**
      * Provider selector. Optional — defaults to
-     * {@link DEFAULT_RUN_PROVIDER} (`"anthropic"`). The call site must
-     * supply the matching `secrets.<provider>.apiKey` and MUST NOT
-     * supply any other provider's secret block.
+     * {@link DEFAULT_RUN_PROVIDER} (`"anthropic"`). Selects which upstream
+     * model route the managed provider-proxy uses; the BYOK key for it is
+     * supplied as `secrets.apiKey`.
      */
     readonly provider?: RunProvider;
     /**
@@ -274,10 +276,10 @@ export declare class AgentExecutor {
      * NOTE (tech-debt): this is part of the legacy workspace-skill upload
      * surface (`SkillsClient` + `operations.createSkillBundle` + the TUS
      * chunked path in asset-upload.ts). The live submit path materializes
-     * inline skills via `uploadAsset` instead; `Skill` no longer
-     * exposes `.upload()`/`.fromId()`. This surface is retained pending a
-     * deliberate deprecation pass (it still threads into the CLI host
-     * commands), tracked in the remediation plan as item 4a.
+     * inline skills via `uploadAsset` instead; `Skill.upload(client)`
+     * pre-stages a draft explicitly for reuse. This surface is retained
+     * pending a deliberate deprecation pass (it still threads into the CLI
+     * host commands), tracked in the remediation plan as item 4a.
      */
     _uploadSkillBundle(args: {
         readonly name: string;
@@ -301,6 +303,17 @@ export declare class AgentExecutor {
         readonly name: string;
         readonly bytes: Uint8Array;
     }): Promise<FileRecord>;
+    /**
+     * Internal: materialize raw bytes to the content-addressable asset store
+     * (`/assets/presign` → PUT → `/assets/finalize`). Used by `Skill.upload(this)`
+     * to pre-upload a draft skill bundle so a later run carries only a plain
+     * `kind:"asset"` ref. NOT part of the public API.
+     */
+    _uploadAsset(args: {
+        readonly bytes: Uint8Array;
+        readonly hash: string;
+        readonly contentType?: string;
+    }): Promise<UploadedAsset>;
     /**
      * Submit a run and wait for it to reach a terminal state. Returns the
      * final `Run` record. For long-running flows, prefer `submitRun` +
@@ -316,15 +329,12 @@ export declare class AgentExecutor {
      * before sending so credentials never enter the hashed submission or
      * the run snapshot.
      *
-     * Unstaged inline skills (`Skill.fromFiles` / `Skill.fromPath`
-     * without a prior `.upload`) are accepted: the SDK switches to a
-     * multipart body that carries the canonical zip bytes alongside the
-     * JSON submission. The dashboard BFF ingests each one through the
-     * standard workspace-skill upload pipeline (dedup by content hash;
-     * upload via the existing two-phase pending → ready flow) and
-     * rewrites the run's `skills[]` to reference the resulting `skl_*`
-     * ids. The bytes persist on aex; the user can browse and
-     * download the resulting workspace skill from the dashboard.
+     * Unstaged inline skills / agentsMd / files (`Skill.fromFiles` /
+     * `Skill.fromPath` / `AgentsMd.fromContent` / `File.fromBytes` without a
+     * prior `.upload`) are auto-uploaded to the content-addressable asset
+     * store (`/assets/presign` → PUT → `/assets/finalize`) before `POST /runs`,
+     * deduped by content hash, and referenced in the submission as plain
+     * `{ kind:"asset" }` refs — identical to a pre-staged `.upload(client)`.
      */
     submitRun(options: SubmitRunOptions): Promise<string>;
     getRun(runId: string): Promise<Run>;