@aexhq/sdk 0.25.0 → 0.25.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. package/README.md +1 -1
  2. package/dist/_contracts/index.d.ts +0 -1
  3. package/dist/_contracts/index.js +0 -1
  4. package/dist/_contracts/operations.d.ts +11 -3
  5. package/dist/_contracts/operations.js +216 -6
  6. package/dist/_contracts/provider-support.d.ts +2 -13
  7. package/dist/_contracts/provider-support.js +2 -14
  8. package/dist/_contracts/proxy-protocol.d.ts +4 -2
  9. package/dist/_contracts/proxy-protocol.js +10 -3
  10. package/dist/_contracts/run-config.d.ts +4 -4
  11. package/dist/_contracts/run-config.js +4 -5
  12. package/dist/_contracts/run-cost.d.ts +3 -11
  13. package/dist/_contracts/run-cost.js +2 -57
  14. package/dist/_contracts/run-custody.d.ts +1 -52
  15. package/dist/_contracts/run-custody.js +3 -87
  16. package/dist/_contracts/run-retention.d.ts +1 -5
  17. package/dist/_contracts/run-retention.js +2 -14
  18. package/dist/_contracts/run-unit.d.ts +2 -2
  19. package/dist/_contracts/runtime-security-profile.js +1 -1
  20. package/dist/_contracts/runtime-types.d.ts +36 -10
  21. package/dist/_contracts/side-effect-audit.d.ts +4 -5
  22. package/dist/_contracts/side-effect-audit.js +1 -4
  23. package/dist/_contracts/status.d.ts +3 -4
  24. package/dist/_contracts/status.js +3 -8
  25. package/dist/_contracts/submission.d.ts +66 -41
  26. package/dist/_contracts/submission.js +78 -29
  27. package/dist/cli.mjs +226 -46
  28. package/dist/cli.mjs.sha256 +1 -1
  29. package/dist/client.d.ts +19 -17
  30. package/dist/client.js +22 -9
  31. package/dist/client.js.map +1 -1
  32. package/dist/index.d.ts +3 -3
  33. package/dist/index.js +3 -3
  34. package/dist/index.js.map +1 -1
  35. package/dist/version.d.ts +1 -1
  36. package/dist/version.js +1 -1
  37. package/docs/concepts/agent-tools.md +26 -21
  38. package/docs/credentials.md +5 -3
  39. package/docs/events.md +12 -0
  40. package/docs/limits.md +10 -1
  41. package/docs/outputs.md +58 -0
  42. package/docs/provider-runtime-capabilities.md +1 -1
  43. package/docs/public-surface.json +1 -1
  44. package/docs/release.md +1 -1
  45. package/docs/run-config.md +1 -1
  46. package/docs/skills.md +3 -3
  47. package/docs/vision-skills.md +11 -13
  48. package/package.json +2 -2
  49. package/dist/_contracts/managed-key.d.ts +0 -101
  50. package/dist/_contracts/managed-key.js +0 -181
@@ -14,18 +14,14 @@ export const RUN_STATUSES = [
14
14
  "failed",
15
15
  "timed_out",
16
16
  "cancelled",
17
- "cleanup_failed",
18
- "pending_delete",
19
- "deleted"
17
+ "cleanup_failed"
20
18
  ];
21
19
  export const TERMINAL_RUN_STATUSES = [
22
20
  "succeeded",
23
21
  "failed",
24
22
  "timed_out",
25
23
  "cancelled",
26
- "cleanup_failed",
27
- "pending_delete",
28
- "deleted"
24
+ "cleanup_failed"
29
25
  ];
30
26
  const terminalRunStatuses = new Set(TERMINAL_RUN_STATUSES);
31
27
  export function isTerminalRunStatus(status) {
@@ -35,8 +31,7 @@ export function isTerminalRunStatus(status) {
35
31
  * The closed set of terminal OUTCOMES the run-lifecycle funnel writes via
36
32
  * `markRunTerminal` (and that a `run/terminal` event carries). This is a
37
33
  * STRICT SUBSET of {@link TERMINAL_RUN_STATUSES}: the read-terminal set also
38
- * includes the post-terminal housekeeping states (`cleanup_failed`,
39
- * `pending_delete`, `deleted`) which the funnel never writes as an outcome.
34
+ * includes `cleanup_failed`, which the funnel never writes as an outcome.
40
35
  * The worker's `TerminalRunStatus` and the workflow `TerminalOutcome` both
41
36
  * derive from this so the four call sites can't drift.
42
37
  */
@@ -5,7 +5,6 @@ import { type RuntimeSize } from "./runtime-sizes.js";
5
5
  import { type PlatformPostHook, type PlatformPostHookInput } from "./post-hook.js";
6
6
  import { type RunModel } from "./models.js";
7
7
  import { type RuntimeSecurityProfileName } from "./runtime-security-profile.js";
8
- import { type CredentialMode, type ManagedKeyPolicyV1 } from "./managed-key.js";
9
8
  export type JsonPrimitive = string | number | boolean | null;
10
9
  export type JsonValue = JsonPrimitive | JsonValue[] | {
11
10
  readonly [key: string]: JsonValue;
@@ -145,6 +144,17 @@ export declare const Providers: {
145
144
  */
146
145
  export declare const RUNTIME_KINDS: readonly ["managed"];
147
146
  export type RuntimeKind = (typeof RUNTIME_KINDS)[number];
147
+ /**
148
+ * Credential source for upstream provider access. Launch accepts only BYOK:
149
+ * callers may omit `credentialMode` or pass `"byok"`. Other strings, including
150
+ * `"managed"`, are invalid submission values rather than reserved product
151
+ * promises.
152
+ */
153
+ export declare const CREDENTIAL_MODES: readonly ["byok"];
154
+ export type CredentialMode = (typeof CREDENTIAL_MODES)[number];
155
+ export declare const DEFAULT_CREDENTIAL_MODE: CredentialMode;
156
+ export declare function parseCredentialMode(input: unknown): CredentialMode;
157
+ export declare function credentialModeOrDefault(input: CredentialMode | undefined): CredentialMode;
148
158
  /** Outcome of the centralized runtime-support check. */
149
159
  export interface RuntimeSupportCheck {
150
160
  readonly ok: boolean;
@@ -188,11 +198,10 @@ export type PlatformProxyAuthValue = {
188
198
  };
189
199
  /**
190
200
  * Per-run inline secrets bundle. `apiKey` is the BYOK provider key for the
191
- * run's selected `provider` (required in `"byok"` credential mode, rejected
192
- * in `"managed"` mode). A run targets exactly one provider, so the key is a
193
- * single flat field rather than a per-provider block. `mcpServers` and
194
- * `proxyEndpointAuth` are cross-provider (an MCP credential is the same
195
- * secret whichever model is driving the MCP client).
201
+ * run's selected `provider`. A run targets exactly one provider, so the key is
202
+ * a single flat field rather than a per-provider block. `mcpServers` and
203
+ * `proxyEndpointAuth` are cross-provider (an MCP credential is the same secret
204
+ * whichever model is driving the MCP client).
196
205
  */
197
206
  export interface PlatformInlineSecrets {
198
207
  readonly apiKey?: string;
@@ -289,9 +298,9 @@ export declare function optionalPositiveInt(input: unknown, field: string): numb
289
298
  * only the non-secret half; bearer headers travel in
290
299
  * `secrets.mcpServers` keyed by `name`.
291
300
  *
292
- * `skills` is a list of `SkillRef`s workspace refs point at
293
- * `skill_bundles.id` (validated by the BFF before acceptance and pinned
294
- * into `run_skill_snapshots`), provider refs pass through unchanged.
301
+ * `skills` is a list of `SkillRef`s. Launch workspace skills use
302
+ * content-addressed asset refs; run submission snapshots the bytes into the
303
+ * run-owned prefix before dispatch.
295
304
  */
296
305
  export interface PlatformSubmission {
297
306
  readonly model: RunModel;
@@ -321,14 +330,14 @@ export interface PlatformSubmission {
321
330
  */
322
331
  readonly outputs?: PlatformOutputCaptureConfig;
323
332
  /**
324
- * Optional override for the managed-runtime builtin extensions enabled
325
- * inside the runner container. Each entry is one of the closed
326
- * {@link BUILTINS} set (prefer the {@link Builtins} symbol
327
- * const). The platform default is `["developer"]` which gives the agent
328
- * shell + write + edit + tree tools (bash, grep via shell, file read via
329
- * shell or editor, file edit). To opt in to more tools (e.g. web fetch via
330
- * the `computercontroller` extension), pass the full list. To opt out of
331
- * all builtins (pure-MCP setup), pass an empty array.
333
+ * Optional override for the managed-runtime builtins enabled inside the
334
+ * runner container. Each entry is one of the closed {@link BUILTINS} set
335
+ * (prefer the {@link Builtins} symbol const).
336
+ *
337
+ * Omit the field for {@link DEFAULT_BUILTINS}: web search, web fetch,
338
+ * file read/edit, glob, grep, head, and tail. Pass an empty array to opt out
339
+ * of all builtins for pure-MCP runs. Pass a custom list to narrow or extend
340
+ * the tool surface, for example `[Builtins.WEB_SEARCH, Builtins.NOTEBOOK]`.
332
341
  *
333
342
  * Validation:
334
343
  * - Each entry must be a member of {@link BUILTINS}.
@@ -389,9 +398,7 @@ export interface PlatformRunSubmissionRequest {
389
398
  readonly idempotencyKey: string;
390
399
  /**
391
400
  * Credential source for upstream provider access. Omitted means
392
- * `"byok"` for compatibility with the current production path.
393
- * `"managed"` is a public contract value but remains fail-closed until
394
- * credential resolution and billing admission are available.
401
+ * `"byok"`; launch does not accept managed provider credentials.
395
402
  */
396
403
  readonly credentialMode: CredentialMode;
397
404
  /**
@@ -470,20 +477,14 @@ export type PlatformRunSubmissionInput = Omit<PlatformRunSubmissionRequest, "wor
470
477
  readonly postHook?: PlatformPostHookInput;
471
478
  };
472
479
  export interface ParseRunSubmissionOptions {
473
- readonly managedKeyPolicy?: ManagedKeyPolicyV1;
474
480
  }
475
481
  export declare function parseRunSubmissionRequest(input: unknown, options?: ParseRunSubmissionOptions): PlatformRunSubmissionRequest;
476
482
  export declare function parseRuntimeKind(input: unknown): RuntimeKind | undefined;
477
483
  export declare function parseRunProvider(input: unknown): RunProvider;
478
484
  /**
479
- * Cross-check the supplied secrets bundle against the credential mode.
480
- *
481
- * - `"byok"`: `secrets.apiKey` (the provider key for the run's `provider`)
482
- * MUST be present.
483
- * - `"managed"`: `secrets.apiKey` MUST be absent — provider access is
484
- * resolved by the managed-key policy, not a caller-supplied key.
485
- * - MCP / proxy endpoint auth carry across providers and are not
486
- * checked here.
485
+ * Cross-check the supplied secrets bundle against the credential mode. BYOK
486
+ * requires `secrets.apiKey` (the provider key for the run's `provider`). MCP /
487
+ * proxy endpoint auth carry across providers and are not checked here.
487
488
  */
488
489
  export declare function enforceCredentialSecretPolicy(credentialMode: CredentialMode, secrets: PlatformInlineSecrets): void;
489
490
  export declare function parseSubmission(input: unknown): PlatformSubmission;
@@ -492,28 +493,52 @@ export declare const OUTPUT_MODES: readonly ["buffered", "stream"];
492
493
  export type OutputMode = (typeof OUTPUT_MODES)[number];
493
494
  export declare const DEFAULT_OUTPUT_MODE: OutputMode;
494
495
  /**
495
- * Managed-runtime builtin extensions — the closed set the managed runtime
496
- * accepts. Closed so an invalid name is a compile error via {@link Builtins},
497
- * not a silent runtime no-op. `developer` is the platform default when
498
- * `builtins` is omitted; pass an empty array to disable all builtins
499
- * (pure-MCP setup).
496
+ * Managed-runtime builtins — the closed set the managed runtime accepts.
497
+ * Closed so an invalid name is a compile error via {@link Builtins}, not a
498
+ * silent runtime no-op.
499
+ *
500
+ * The first entries are the recommended concrete builtins. The legacy aggregate
501
+ * extension names remain accepted for existing callers, but are not the default.
500
502
  */
501
- export declare const BUILTINS: readonly ["developer", "computercontroller", "memory", "autovisualiser", "tutorial"];
503
+ export declare const BUILTINS: readonly ["web_search", "web_fetch", "read", "edit", "glob", "grep", "head", "tail", "notebook", "developer", "computercontroller", "memory", "autovisualiser", "tutorial"];
502
504
  export type Builtin = (typeof BUILTINS)[number];
505
+ /**
506
+ * DX-first managed-runtime defaults. Omitted `builtins` resolves to this list.
507
+ * Notebook support remains opt-in through {@link Builtins.NOTEBOOK}.
508
+ */
509
+ export declare const DEFAULT_BUILTINS: readonly ["web_search", "web_fetch", "read", "edit", "glob", "grep", "head", "tail"];
503
510
  /**
504
511
  * Symbol-style accessors for the closed builtin set, e.g.
505
- * `Builtins.COMPUTER_CONTROLLER`.
512
+ * `Builtins.WEB_SEARCH`.
506
513
  */
507
514
  export declare const Builtins: {
508
- /** Shell (bash + UNIX tools incl. grep), write, edit, tree. The default. */
515
+ /** Managed web search. Included in {@link DEFAULT_BUILTINS}. */
516
+ readonly WEB_SEARCH: "web_search";
517
+ /** Fetch a URL and return readable text. Included in {@link DEFAULT_BUILTINS}. */
518
+ readonly WEB_FETCH: "web_fetch";
519
+ /** Read files. Included in {@link DEFAULT_BUILTINS}. */
520
+ readonly READ: "read";
521
+ /** Create/modify files. Included in {@link DEFAULT_BUILTINS}. */
522
+ readonly EDIT: "edit";
523
+ /** Search paths by glob. Included in {@link DEFAULT_BUILTINS}. */
524
+ readonly GLOB: "glob";
525
+ /** Search file contents. Included in {@link DEFAULT_BUILTINS}. */
526
+ readonly GREP: "grep";
527
+ /** Read the first lines of a file. Included in {@link DEFAULT_BUILTINS}. */
528
+ readonly HEAD: "head";
529
+ /** Read the last lines of a file. Included in {@link DEFAULT_BUILTINS}. */
530
+ readonly TAIL: "tail";
531
+ /** Jupyter notebook editing. Optional; not in {@link DEFAULT_BUILTINS}. */
532
+ readonly NOTEBOOK: "notebook";
533
+ /** Legacy aggregate: shell/filesystem/navigation/web/notebook tools. */
509
534
  readonly DEVELOPER: "developer";
510
- /** Web fetch/scrape, scripting, general computer-control tools. */
535
+ /** Legacy aggregate alias retained for existing callers. */
511
536
  readonly COMPUTER_CONTROLLER: "computercontroller";
512
- /** Cross-session preference memory. */
537
+ /** Legacy aggregate alias retained for existing callers. */
513
538
  readonly MEMORY: "memory";
514
- /** Inline data-visualisation rendering. */
539
+ /** Legacy aggregate alias retained for existing callers. */
515
540
  readonly AUTOVISUALISER: "autovisualiser";
516
- /** Interactive guided tutorials. */
541
+ /** Legacy aggregate alias retained for existing callers. */
517
542
  readonly TUTORIAL: "tutorial";
518
543
  };
519
544
  /**
@@ -9,7 +9,6 @@ import { parseRunTimeout, parseRuntimeSize } from "./runtime-sizes.js";
9
9
  import { parsePostHook } from "./post-hook.js";
10
10
  import { assertRunModelMatchesProvider, parseRunModel } from "./models.js";
11
11
  import { parseRuntimeSecurityProfile } from "./runtime-security-profile.js";
12
- import { assertManagedKeyAdmissionAllowed, parseCredentialMode } from "./managed-key.js";
13
12
  /**
14
13
  * Reserved prefix for aex-set runtime env vars (`AEX_CLI`,
15
14
  * `AEX_RUNTIME_JSON`, …). Customer `environment.envVars` keys carrying this
@@ -121,6 +120,26 @@ export const Providers = {
121
120
  * accepted submission value and fails schema validation.
122
121
  */
123
122
  export const RUNTIME_KINDS = ["managed"];
123
+ /**
124
+ * Credential source for upstream provider access. Launch accepts only BYOK:
125
+ * callers may omit `credentialMode` or pass `"byok"`. Other strings, including
126
+ * `"managed"`, are invalid submission values rather than reserved product
127
+ * promises.
128
+ */
129
+ export const CREDENTIAL_MODES = ["byok"];
130
+ export const DEFAULT_CREDENTIAL_MODE = "byok";
131
+ export function parseCredentialMode(input) {
132
+ if (input === undefined) {
133
+ return DEFAULT_CREDENTIAL_MODE;
134
+ }
135
+ if (typeof input !== "string" || !CREDENTIAL_MODES.includes(input)) {
136
+ throw new Error(`credentialMode must be one of: ${CREDENTIAL_MODES.join(", ")} (got ${JSON.stringify(input)})`);
137
+ }
138
+ return input;
139
+ }
140
+ export function credentialModeOrDefault(input) {
141
+ return input ?? DEFAULT_CREDENTIAL_MODE;
142
+ }
124
143
  /**
125
144
  * Centralized runtime-support validator. Native is removed from the public
126
145
  * runtime enum, so an absent runtime and `"managed"` are the only supported
@@ -999,9 +1018,7 @@ export function parseRunSubmissionRequest(input, options = {}) {
999
1018
  const provider = parseRunProvider(value.provider);
1000
1019
  const runtime = parseRuntimeKind(value.runtime);
1001
1020
  const credentialMode = parseCredentialMode(value.credentialMode);
1002
- if (credentialMode === "managed") {
1003
- assertManagedKeyAdmissionAllowed(options.managedKeyPolicy);
1004
- }
1021
+ void options;
1005
1022
  // Cross-field validation via the centralized runtime-support validator.
1006
1023
  const runtimeSupport = checkRuntimeSupported(provider, runtime);
1007
1024
  if (!runtimeSupport.ok) {
@@ -1086,22 +1103,12 @@ export function parseRunProvider(input) {
1086
1103
  return input;
1087
1104
  }
1088
1105
  /**
1089
- * Cross-check the supplied secrets bundle against the credential mode.
1090
- *
1091
- * - `"byok"`: `secrets.apiKey` (the provider key for the run's `provider`)
1092
- * MUST be present.
1093
- * - `"managed"`: `secrets.apiKey` MUST be absent — provider access is
1094
- * resolved by the managed-key policy, not a caller-supplied key.
1095
- * - MCP / proxy endpoint auth carry across providers and are not
1096
- * checked here.
1106
+ * Cross-check the supplied secrets bundle against the credential mode. BYOK
1107
+ * requires `secrets.apiKey` (the provider key for the run's `provider`). MCP /
1108
+ * proxy endpoint auth carry across providers and are not checked here.
1097
1109
  */
1098
1110
  export function enforceCredentialSecretPolicy(credentialMode, secrets) {
1099
- if (credentialMode === "managed") {
1100
- if (secrets.apiKey !== undefined) {
1101
- throw new Error(`secrets.apiKey is not allowed when credentialMode is managed; provider access is resolved by the managed-key policy`);
1102
- }
1103
- return;
1104
- }
1111
+ void credentialMode;
1105
1112
  if (!secrets.apiKey) {
1106
1113
  throw new Error(`secrets.apiKey is required when credentialMode is byok`);
1107
1114
  }
@@ -1225,33 +1232,75 @@ function parseOutputMode(input) {
1225
1232
  return input;
1226
1233
  }
1227
1234
  /**
1228
- * Managed-runtime builtin extensions — the closed set the managed runtime
1229
- * accepts. Closed so an invalid name is a compile error via {@link Builtins},
1230
- * not a silent runtime no-op. `developer` is the platform default when
1231
- * `builtins` is omitted; pass an empty array to disable all builtins
1232
- * (pure-MCP setup).
1235
+ * Managed-runtime builtins — the closed set the managed runtime accepts.
1236
+ * Closed so an invalid name is a compile error via {@link Builtins}, not a
1237
+ * silent runtime no-op.
1238
+ *
1239
+ * The first entries are the recommended concrete builtins. The legacy aggregate
1240
+ * extension names remain accepted for existing callers, but are not the default.
1233
1241
  */
1234
1242
  export const BUILTINS = [
1243
+ "web_search",
1244
+ "web_fetch",
1245
+ "read",
1246
+ "edit",
1247
+ "glob",
1248
+ "grep",
1249
+ "head",
1250
+ "tail",
1251
+ "notebook",
1235
1252
  "developer",
1236
1253
  "computercontroller",
1237
1254
  "memory",
1238
1255
  "autovisualiser",
1239
1256
  "tutorial"
1240
1257
  ];
1258
+ /**
1259
+ * DX-first managed-runtime defaults. Omitted `builtins` resolves to this list.
1260
+ * Notebook support remains opt-in through {@link Builtins.NOTEBOOK}.
1261
+ */
1262
+ export const DEFAULT_BUILTINS = [
1263
+ "web_search",
1264
+ "web_fetch",
1265
+ "read",
1266
+ "edit",
1267
+ "glob",
1268
+ "grep",
1269
+ "head",
1270
+ "tail"
1271
+ ];
1241
1272
  /**
1242
1273
  * Symbol-style accessors for the closed builtin set, e.g.
1243
- * `Builtins.COMPUTER_CONTROLLER`.
1274
+ * `Builtins.WEB_SEARCH`.
1244
1275
  */
1245
1276
  export const Builtins = {
1246
- /** Shell (bash + UNIX tools incl. grep), write, edit, tree. The default. */
1277
+ /** Managed web search. Included in {@link DEFAULT_BUILTINS}. */
1278
+ WEB_SEARCH: "web_search",
1279
+ /** Fetch a URL and return readable text. Included in {@link DEFAULT_BUILTINS}. */
1280
+ WEB_FETCH: "web_fetch",
1281
+ /** Read files. Included in {@link DEFAULT_BUILTINS}. */
1282
+ READ: "read",
1283
+ /** Create/modify files. Included in {@link DEFAULT_BUILTINS}. */
1284
+ EDIT: "edit",
1285
+ /** Search paths by glob. Included in {@link DEFAULT_BUILTINS}. */
1286
+ GLOB: "glob",
1287
+ /** Search file contents. Included in {@link DEFAULT_BUILTINS}. */
1288
+ GREP: "grep",
1289
+ /** Read the first lines of a file. Included in {@link DEFAULT_BUILTINS}. */
1290
+ HEAD: "head",
1291
+ /** Read the last lines of a file. Included in {@link DEFAULT_BUILTINS}. */
1292
+ TAIL: "tail",
1293
+ /** Jupyter notebook editing. Optional; not in {@link DEFAULT_BUILTINS}. */
1294
+ NOTEBOOK: "notebook",
1295
+ /** Legacy aggregate: shell/filesystem/navigation/web/notebook tools. */
1247
1296
  DEVELOPER: "developer",
1248
- /** Web fetch/scrape, scripting, general computer-control tools. */
1297
+ /** Legacy aggregate alias retained for existing callers. */
1249
1298
  COMPUTER_CONTROLLER: "computercontroller",
1250
- /** Cross-session preference memory. */
1299
+ /** Legacy aggregate alias retained for existing callers. */
1251
1300
  MEMORY: "memory",
1252
- /** Inline data-visualisation rendering. */
1301
+ /** Legacy aggregate alias retained for existing callers. */
1253
1302
  AUTOVISUALISER: "autovisualiser",
1254
- /** Interactive guided tutorials. */
1303
+ /** Legacy aggregate alias retained for existing callers. */
1255
1304
  TUTORIAL: "tutorial"
1256
1305
  };
1257
1306
  const MAX_BUILTINS = 16;