@aexhq/sdk 0.22.0 → 0.22.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/_contracts/run-custody.js +24 -1
- package/dist/cli.mjs +15 -1
- package/dist/cli.mjs.sha256 +1 -1
- package/dist/version.d.ts +1 -1
- package/dist/version.js +1 -1
- package/package.json +2 -2
|
@@ -445,7 +445,16 @@ const forbiddenStringPatterns = Object.freeze([
|
|
|
445
445
|
{ reason: "vault_id", regex: /\b(?:vault|vlt|secret)[_:-][A-Za-z0-9][A-Za-z0-9_-]{7,}\b/i },
|
|
446
446
|
{
|
|
447
447
|
reason: "private_resource_handle",
|
|
448
|
-
|
|
448
|
+
// `<keyword><sep><id>` opaque handles (`session_a1B2c3D4e5`, `file_9f8e7d…`).
|
|
449
|
+
// The keyword set overlaps ordinary English (agent/file/skill/resource/…), so
|
|
450
|
+
// the bare shape also matched documentation prose that simply chains those
|
|
451
|
+
// words with `_`/`-` (`agent_decision_failure`, `file_grounded`,
|
|
452
|
+
// `session_handoff_contract`, `agent-judgment` — read straight out of a
|
|
453
|
+
// skill-pack doc in tool-result text). The `accept` predicate keeps the shape
|
|
454
|
+
// but requires the id segment to look minted rather than spelled — i.e. carry
|
|
455
|
+
// a digit — so genuine handles stay flagged while dictionary-word prose does not.
|
|
456
|
+
regex: /\b(?:machine|session|agent|file|skill|env|resource|handle|token_hash|bearer_hash)[_:-][A-Za-z0-9][A-Za-z0-9_-]{7,}\b/i,
|
|
457
|
+
accept: isMintedResourceHandle
|
|
449
458
|
},
|
|
450
459
|
{
|
|
451
460
|
reason: "high_entropy_token",
|
|
@@ -487,6 +496,20 @@ function isHighEntropySecretRun(run) {
|
|
|
487
496
|
}
|
|
488
497
|
return highEntropyShannonBits(run) >= 3.0;
|
|
489
498
|
}
|
|
499
|
+
/**
|
|
500
|
+
* Decide whether a `<keyword><sep><id>` shape-match is a genuinely minted private
|
|
501
|
+
* handle rather than dictionary-word prose. The id segment (everything after the
|
|
502
|
+
* first `_`/`-`/`:`) must carry a digit — the property that separates a minted
|
|
503
|
+
* opaque handle (`session_a1B2c3D4e5`, `file_9f8e7d6c5b4a`, `machine_1234567890`)
|
|
504
|
+
* from a chain of English words (`agent_decision_failure`, `file_grounded`). This
|
|
505
|
+
* mirrors `isHighEntropySecretRun`'s letter+digit requirement: a prefixless secret
|
|
506
|
+
* blob and a minted handle both carry digits; prose does not.
|
|
507
|
+
*/
|
|
508
|
+
function isMintedResourceHandle(match) {
|
|
509
|
+
const separatorIndex = match.search(/[_:-]/);
|
|
510
|
+
const id = match.slice(separatorIndex + 1);
|
|
511
|
+
return /\d/.test(id);
|
|
512
|
+
}
|
|
490
513
|
function highEntropyCharClassCount(value) {
|
|
491
514
|
let count = 0;
|
|
492
515
|
if (/[a-z]/.test(value))
|
package/dist/cli.mjs
CHANGED
|
@@ -901,7 +901,16 @@ var forbiddenStringPatterns = Object.freeze([
|
|
|
901
901
|
{ reason: "vault_id", regex: /\b(?:vault|vlt|secret)[_:-][A-Za-z0-9][A-Za-z0-9_-]{7,}\b/i },
|
|
902
902
|
{
|
|
903
903
|
reason: "private_resource_handle",
|
|
904
|
-
|
|
904
|
+
// `<keyword><sep><id>` opaque handles (`session_a1B2c3D4e5`, `file_9f8e7d…`).
|
|
905
|
+
// The keyword set overlaps ordinary English (agent/file/skill/resource/…), so
|
|
906
|
+
// the bare shape also matched documentation prose that simply chains those
|
|
907
|
+
// words with `_`/`-` (`agent_decision_failure`, `file_grounded`,
|
|
908
|
+
// `session_handoff_contract`, `agent-judgment` — read straight out of a
|
|
909
|
+
// skill-pack doc in tool-result text). The `accept` predicate keeps the shape
|
|
910
|
+
// but requires the id segment to look minted rather than spelled — i.e. carry
|
|
911
|
+
// a digit — so genuine handles stay flagged while dictionary-word prose does not.
|
|
912
|
+
regex: /\b(?:machine|session|agent|file|skill|env|resource|handle|token_hash|bearer_hash)[_:-][A-Za-z0-9][A-Za-z0-9_-]{7,}\b/i,
|
|
913
|
+
accept: isMintedResourceHandle
|
|
905
914
|
},
|
|
906
915
|
{
|
|
907
916
|
reason: "high_entropy_token",
|
|
@@ -931,6 +940,11 @@ function isHighEntropySecretRun(run) {
|
|
|
931
940
|
}
|
|
932
941
|
return highEntropyShannonBits(run) >= 3;
|
|
933
942
|
}
|
|
943
|
+
function isMintedResourceHandle(match) {
|
|
944
|
+
const separatorIndex = match.search(/[_:-]/);
|
|
945
|
+
const id = match.slice(separatorIndex + 1);
|
|
946
|
+
return /\d/.test(id);
|
|
947
|
+
}
|
|
934
948
|
function highEntropyCharClassCount(value) {
|
|
935
949
|
let count = 0;
|
|
936
950
|
if (/[a-z]/.test(value))
|
package/dist/cli.mjs.sha256
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
|
|
1
|
+
84dede6ed017defb49617f6f799912364125363867fa9ca8054150ebc0446286 cli.mjs
|
package/dist/version.d.ts
CHANGED
package/dist/version.js
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aexhq/sdk",
|
|
3
|
-
"version": "0.22.
|
|
3
|
+
"version": "0.22.1",
|
|
4
4
|
"description": "TypeScript SDK for running autonomous agent sessions across providers (Anthropic, OpenAI, DeepSeek, Gemini, Mistral) behind one interface.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"repository": {
|
|
@@ -26,7 +26,7 @@
|
|
|
26
26
|
"examples"
|
|
27
27
|
],
|
|
28
28
|
"devDependencies": {
|
|
29
|
-
"@aexhq/contracts": "0.22.
|
|
29
|
+
"@aexhq/contracts": "0.22.1"
|
|
30
30
|
},
|
|
31
31
|
"engines": {
|
|
32
32
|
"node": ">=20"
|