@agent-native/core 0.14.8 → 0.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (420) hide show
  1. package/README.md +1 -1
  2. package/dist/agent/engine/builder-engine.d.ts.map +1 -1
  3. package/dist/agent/engine/builder-engine.js +30 -9
  4. package/dist/agent/engine/builder-engine.js.map +1 -1
  5. package/dist/agent/engine/registry.d.ts.map +1 -1
  6. package/dist/agent/engine/registry.js +14 -4
  7. package/dist/agent/engine/registry.js.map +1 -1
  8. package/dist/agent/production-agent.d.ts.map +1 -1
  9. package/dist/agent/production-agent.js +71 -4
  10. package/dist/agent/production-agent.js.map +1 -1
  11. package/dist/agent/types.d.ts +9 -0
  12. package/dist/agent/types.d.ts.map +1 -1
  13. package/dist/agent/types.js.map +1 -1
  14. package/dist/appearance/actions/change-appearance.d.ts +3 -0
  15. package/dist/appearance/actions/change-appearance.d.ts.map +1 -0
  16. package/dist/appearance/actions/change-appearance.js +29 -0
  17. package/dist/appearance/actions/change-appearance.js.map +1 -0
  18. package/dist/chat-threads/store.d.ts +53 -2
  19. package/dist/chat-threads/store.d.ts.map +1 -1
  20. package/dist/chat-threads/store.js +172 -12
  21. package/dist/chat-threads/store.js.map +1 -1
  22. package/dist/cli/create.d.ts.map +1 -1
  23. package/dist/cli/create.js +114 -37
  24. package/dist/cli/create.js.map +1 -1
  25. package/dist/cli/index.js +30 -4
  26. package/dist/cli/index.js.map +1 -1
  27. package/dist/cli/workspace-dev.d.ts +25 -1
  28. package/dist/cli/workspace-dev.d.ts.map +1 -1
  29. package/dist/cli/workspace-dev.js +275 -49
  30. package/dist/cli/workspace-dev.js.map +1 -1
  31. package/dist/client/AgentPanel.d.ts +23 -4
  32. package/dist/client/AgentPanel.d.ts.map +1 -1
  33. package/dist/client/AgentPanel.js +276 -53
  34. package/dist/client/AgentPanel.js.map +1 -1
  35. package/dist/client/AppearancePicker.d.ts +11 -0
  36. package/dist/client/AppearancePicker.d.ts.map +1 -0
  37. package/dist/client/AppearancePicker.js +16 -0
  38. package/dist/client/AppearancePicker.js.map +1 -0
  39. package/dist/client/AssistantChat.d.ts +35 -0
  40. package/dist/client/AssistantChat.d.ts.map +1 -1
  41. package/dist/client/AssistantChat.js +315 -32
  42. package/dist/client/AssistantChat.js.map +1 -1
  43. package/dist/client/ConnectBuilderCard.d.ts.map +1 -1
  44. package/dist/client/ConnectBuilderCard.js +5 -2
  45. package/dist/client/ConnectBuilderCard.js.map +1 -1
  46. package/dist/client/ErrorBoundary.d.ts.map +1 -1
  47. package/dist/client/ErrorBoundary.js +8 -10
  48. package/dist/client/ErrorBoundary.js.map +1 -1
  49. package/dist/client/FeedbackButton.d.ts.map +1 -1
  50. package/dist/client/FeedbackButton.js +1 -1
  51. package/dist/client/FeedbackButton.js.map +1 -1
  52. package/dist/client/MultiTabAssistantChat.d.ts +13 -1
  53. package/dist/client/MultiTabAssistantChat.d.ts.map +1 -1
  54. package/dist/client/MultiTabAssistantChat.js +217 -38
  55. package/dist/client/MultiTabAssistantChat.js.map +1 -1
  56. package/dist/client/NewWorkspaceAppFlow.d.ts.map +1 -1
  57. package/dist/client/NewWorkspaceAppFlow.js +37 -14
  58. package/dist/client/NewWorkspaceAppFlow.js.map +1 -1
  59. package/dist/client/agent-chat-adapter.d.ts +5 -0
  60. package/dist/client/agent-chat-adapter.d.ts.map +1 -1
  61. package/dist/client/agent-chat-adapter.js +4 -0
  62. package/dist/client/agent-chat-adapter.js.map +1 -1
  63. package/dist/client/agent-sidebar-state.d.ts +12 -0
  64. package/dist/client/agent-sidebar-state.d.ts.map +1 -1
  65. package/dist/client/agent-sidebar-state.js +8 -0
  66. package/dist/client/agent-sidebar-state.js.map +1 -1
  67. package/dist/client/analytics.d.ts.map +1 -1
  68. package/dist/client/analytics.js +175 -3
  69. package/dist/client/analytics.js.map +1 -1
  70. package/dist/client/appearance.d.ts +40 -0
  71. package/dist/client/appearance.d.ts.map +1 -0
  72. package/dist/client/appearance.js +114 -0
  73. package/dist/client/appearance.js.map +1 -0
  74. package/dist/client/builder-frame.d.ts +1 -0
  75. package/dist/client/builder-frame.d.ts.map +1 -1
  76. package/dist/client/builder-frame.js +19 -9
  77. package/dist/client/builder-frame.js.map +1 -1
  78. package/dist/client/components/CodeRequiredDialog.d.ts.map +1 -1
  79. package/dist/client/components/CodeRequiredDialog.js +10 -2
  80. package/dist/client/components/CodeRequiredDialog.js.map +1 -1
  81. package/dist/client/components/ui/dropdown-menu.js +2 -2
  82. package/dist/client/components/ui/dropdown-menu.js.map +1 -1
  83. package/dist/client/components/ui/hover-card.js +1 -1
  84. package/dist/client/components/ui/hover-card.js.map +1 -1
  85. package/dist/client/components/ui/popover.js +1 -1
  86. package/dist/client/components/ui/popover.js.map +1 -1
  87. package/dist/client/composer/PromptComposer.d.ts +7 -0
  88. package/dist/client/composer/PromptComposer.d.ts.map +1 -1
  89. package/dist/client/composer/PromptComposer.js +63 -32
  90. package/dist/client/composer/PromptComposer.js.map +1 -1
  91. package/dist/client/composer/TiptapComposer.d.ts +5 -0
  92. package/dist/client/composer/TiptapComposer.d.ts.map +1 -1
  93. package/dist/client/composer/TiptapComposer.js +36 -6
  94. package/dist/client/composer/TiptapComposer.js.map +1 -1
  95. package/dist/client/composer/useVoiceDictation.d.ts.map +1 -1
  96. package/dist/client/composer/useVoiceDictation.js +13 -1
  97. package/dist/client/composer/useVoiceDictation.js.map +1 -1
  98. package/dist/client/error-format.d.ts +3 -2
  99. package/dist/client/error-format.d.ts.map +1 -1
  100. package/dist/client/error-format.js +9 -2
  101. package/dist/client/error-format.js.map +1 -1
  102. package/dist/client/extensions/ExtensionViewer.d.ts.map +1 -1
  103. package/dist/client/extensions/ExtensionViewer.js +24 -2
  104. package/dist/client/extensions/ExtensionViewer.js.map +1 -1
  105. package/dist/client/index.d.ts +8 -1
  106. package/dist/client/index.d.ts.map +1 -1
  107. package/dist/client/index.js +7 -0
  108. package/dist/client/index.js.map +1 -1
  109. package/dist/client/onboarding/OnboardingPanel.js +1 -0
  110. package/dist/client/onboarding/OnboardingPanel.js.map +1 -1
  111. package/dist/client/org/InvitationBanner.d.ts.map +1 -1
  112. package/dist/client/org/InvitationBanner.js +23 -2
  113. package/dist/client/org/InvitationBanner.js.map +1 -1
  114. package/dist/client/org/OrgSwitcher.d.ts +5 -4
  115. package/dist/client/org/OrgSwitcher.d.ts.map +1 -1
  116. package/dist/client/org/OrgSwitcher.js +57 -9
  117. package/dist/client/org/OrgSwitcher.js.map +1 -1
  118. package/dist/client/org/hooks.d.ts.map +1 -1
  119. package/dist/client/org/hooks.js +10 -6
  120. package/dist/client/org/hooks.js.map +1 -1
  121. package/dist/client/org/workspace-app-links.d.ts +31 -0
  122. package/dist/client/org/workspace-app-links.d.ts.map +1 -0
  123. package/dist/client/org/workspace-app-links.js +268 -0
  124. package/dist/client/org/workspace-app-links.js.map +1 -0
  125. package/dist/client/resources/ResourcesPanel.d.ts.map +1 -1
  126. package/dist/client/resources/ResourcesPanel.js +18 -5
  127. package/dist/client/resources/ResourcesPanel.js.map +1 -1
  128. package/dist/client/resources/use-resources.d.ts +18 -13
  129. package/dist/client/resources/use-resources.d.ts.map +1 -1
  130. package/dist/client/resources/use-resources.js +24 -6
  131. package/dist/client/resources/use-resources.js.map +1 -1
  132. package/dist/client/settings/BackgroundAgentSection.d.ts.map +1 -1
  133. package/dist/client/settings/BackgroundAgentSection.js +9 -1
  134. package/dist/client/settings/BackgroundAgentSection.js.map +1 -1
  135. package/dist/client/settings/BrowserSection.d.ts.map +1 -1
  136. package/dist/client/settings/BrowserSection.js +16 -1
  137. package/dist/client/settings/BrowserSection.js.map +1 -1
  138. package/dist/client/settings/SettingsPanel.d.ts.map +1 -1
  139. package/dist/client/settings/SettingsPanel.js +4 -1
  140. package/dist/client/settings/SettingsPanel.js.map +1 -1
  141. package/dist/client/settings/VoiceTranscriptionSection.d.ts.map +1 -1
  142. package/dist/client/settings/VoiceTranscriptionSection.js +5 -5
  143. package/dist/client/settings/VoiceTranscriptionSection.js.map +1 -1
  144. package/dist/client/settings/useBuilderStatus.d.ts +8 -0
  145. package/dist/client/settings/useBuilderStatus.d.ts.map +1 -1
  146. package/dist/client/settings/useBuilderStatus.js +50 -13
  147. package/dist/client/settings/useBuilderStatus.js.map +1 -1
  148. package/dist/client/settings/useBuilderStatus.spec.d.ts +2 -0
  149. package/dist/client/settings/useBuilderStatus.spec.d.ts.map +1 -0
  150. package/dist/client/settings/useBuilderStatus.spec.js +64 -0
  151. package/dist/client/settings/useBuilderStatus.spec.js.map +1 -0
  152. package/dist/client/sharing/ShareButton.d.ts +5 -0
  153. package/dist/client/sharing/ShareButton.d.ts.map +1 -1
  154. package/dist/client/sharing/ShareButton.js +60 -6
  155. package/dist/client/sharing/ShareButton.js.map +1 -1
  156. package/dist/client/theme.js +1 -1
  157. package/dist/client/theme.js.map +1 -1
  158. package/dist/client/transcription/BuilderTranscriptionCta.d.ts.map +1 -1
  159. package/dist/client/transcription/BuilderTranscriptionCta.js +2 -3
  160. package/dist/client/transcription/BuilderTranscriptionCta.js.map +1 -1
  161. package/dist/client/use-change-version.d.ts +46 -0
  162. package/dist/client/use-change-version.d.ts.map +1 -0
  163. package/dist/client/use-change-version.js +135 -0
  164. package/dist/client/use-change-version.js.map +1 -0
  165. package/dist/client/use-chat-threads.d.ts +16 -2
  166. package/dist/client/use-chat-threads.d.ts.map +1 -1
  167. package/dist/client/use-chat-threads.js +87 -12
  168. package/dist/client/use-chat-threads.js.map +1 -1
  169. package/dist/client/use-chat-threads.spec.d.ts +2 -0
  170. package/dist/client/use-chat-threads.spec.d.ts.map +1 -0
  171. package/dist/client/use-chat-threads.spec.js +85 -0
  172. package/dist/client/use-chat-threads.spec.js.map +1 -0
  173. package/dist/client/use-db-sync.d.ts +5 -2
  174. package/dist/client/use-db-sync.d.ts.map +1 -1
  175. package/dist/client/use-db-sync.js +41 -16
  176. package/dist/client/use-db-sync.js.map +1 -1
  177. package/dist/client/use-pinch-zoom.d.ts +35 -0
  178. package/dist/client/use-pinch-zoom.d.ts.map +1 -0
  179. package/dist/client/use-pinch-zoom.js +105 -0
  180. package/dist/client/use-pinch-zoom.js.map +1 -0
  181. package/dist/deploy/workspace-deploy.d.ts.map +1 -1
  182. package/dist/deploy/workspace-deploy.js +99 -5
  183. package/dist/deploy/workspace-deploy.js.map +1 -1
  184. package/dist/extensions/actions.d.ts.map +1 -1
  185. package/dist/extensions/actions.js +3 -0
  186. package/dist/extensions/actions.js.map +1 -1
  187. package/dist/extensions/store.d.ts +5 -0
  188. package/dist/extensions/store.d.ts.map +1 -1
  189. package/dist/extensions/store.js +16 -1
  190. package/dist/extensions/store.js.map +1 -1
  191. package/dist/file-upload/actions/upload-image.d.ts +3 -0
  192. package/dist/file-upload/actions/upload-image.d.ts.map +1 -0
  193. package/dist/file-upload/actions/upload-image.js +145 -0
  194. package/dist/file-upload/actions/upload-image.js.map +1 -0
  195. package/dist/file-upload/builder.d.ts.map +1 -1
  196. package/dist/file-upload/builder.js +31 -11
  197. package/dist/file-upload/builder.js.map +1 -1
  198. package/dist/file-upload/index.d.ts +1 -0
  199. package/dist/file-upload/index.d.ts.map +1 -1
  200. package/dist/file-upload/index.js +1 -0
  201. package/dist/file-upload/index.js.map +1 -1
  202. package/dist/file-upload/pre-upload-attachments.d.ts +39 -0
  203. package/dist/file-upload/pre-upload-attachments.d.ts.map +1 -0
  204. package/dist/file-upload/pre-upload-attachments.js +110 -0
  205. package/dist/file-upload/pre-upload-attachments.js.map +1 -0
  206. package/dist/file-upload/registry.d.ts.map +1 -1
  207. package/dist/file-upload/registry.js +8 -7
  208. package/dist/file-upload/registry.js.map +1 -1
  209. package/dist/onboarding/default-steps.js +1 -1
  210. package/dist/onboarding/default-steps.js.map +1 -1
  211. package/dist/org/context.d.ts +15 -1
  212. package/dist/org/context.d.ts.map +1 -1
  213. package/dist/org/context.js +25 -0
  214. package/dist/org/context.js.map +1 -1
  215. package/dist/org/handlers.d.ts +2 -2
  216. package/dist/org/handlers.d.ts.map +1 -1
  217. package/dist/org/handlers.js +3 -17
  218. package/dist/org/handlers.js.map +1 -1
  219. package/dist/org/index.d.ts +1 -1
  220. package/dist/org/index.d.ts.map +1 -1
  221. package/dist/org/index.js +1 -1
  222. package/dist/org/index.js.map +1 -1
  223. package/dist/resources/handlers.d.ts +6 -0
  224. package/dist/resources/handlers.d.ts.map +1 -1
  225. package/dist/resources/handlers.js +30 -6
  226. package/dist/resources/handlers.js.map +1 -1
  227. package/dist/resources/script-helpers.d.ts +11 -2
  228. package/dist/resources/script-helpers.d.ts.map +1 -1
  229. package/dist/resources/script-helpers.js +20 -3
  230. package/dist/resources/script-helpers.js.map +1 -1
  231. package/dist/resources/store.d.ts +28 -3
  232. package/dist/resources/store.d.ts.map +1 -1
  233. package/dist/resources/store.js +170 -20
  234. package/dist/resources/store.js.map +1 -1
  235. package/dist/scripts/resources/list.d.ts +1 -1
  236. package/dist/scripts/resources/list.d.ts.map +1 -1
  237. package/dist/scripts/resources/list.js +16 -4
  238. package/dist/scripts/resources/list.js.map +1 -1
  239. package/dist/scripts/resources/write.d.ts +1 -1
  240. package/dist/scripts/resources/write.d.ts.map +1 -1
  241. package/dist/scripts/resources/write.js +47 -3
  242. package/dist/scripts/resources/write.js.map +1 -1
  243. package/dist/server/action-discovery.d.ts.map +1 -1
  244. package/dist/server/action-discovery.js +8 -3
  245. package/dist/server/action-discovery.js.map +1 -1
  246. package/dist/server/agent-chat-plugin.d.ts.map +1 -1
  247. package/dist/server/agent-chat-plugin.js +214 -25
  248. package/dist/server/agent-chat-plugin.js.map +1 -1
  249. package/dist/server/agent-discovery.d.ts +35 -0
  250. package/dist/server/agent-discovery.d.ts.map +1 -1
  251. package/dist/server/agent-discovery.js +139 -8
  252. package/dist/server/agent-discovery.js.map +1 -1
  253. package/dist/server/app-url.d.ts +12 -6
  254. package/dist/server/app-url.d.ts.map +1 -1
  255. package/dist/server/app-url.js +58 -11
  256. package/dist/server/app-url.js.map +1 -1
  257. package/dist/server/auth.d.ts +22 -0
  258. package/dist/server/auth.d.ts.map +1 -1
  259. package/dist/server/auth.js +272 -59
  260. package/dist/server/auth.js.map +1 -1
  261. package/dist/server/better-auth-instance.d.ts +0 -4
  262. package/dist/server/better-auth-instance.d.ts.map +1 -1
  263. package/dist/server/better-auth-instance.js +0 -3
  264. package/dist/server/better-auth-instance.js.map +1 -1
  265. package/dist/server/builder-browser.d.ts.map +1 -1
  266. package/dist/server/builder-browser.js +23 -0
  267. package/dist/server/builder-browser.js.map +1 -1
  268. package/dist/server/core-routes-plugin.d.ts.map +1 -1
  269. package/dist/server/core-routes-plugin.js +29 -14
  270. package/dist/server/core-routes-plugin.js.map +1 -1
  271. package/dist/server/credential-provider.d.ts +14 -0
  272. package/dist/server/credential-provider.d.ts.map +1 -1
  273. package/dist/server/credential-provider.js +88 -11
  274. package/dist/server/credential-provider.js.map +1 -1
  275. package/dist/server/google-auth-plugin.d.ts.map +1 -1
  276. package/dist/server/google-auth-plugin.js +53 -13
  277. package/dist/server/google-auth-plugin.js.map +1 -1
  278. package/dist/server/google-oauth.d.ts.map +1 -1
  279. package/dist/server/google-oauth.js +47 -17
  280. package/dist/server/google-oauth.js.map +1 -1
  281. package/dist/server/index.d.ts +1 -1
  282. package/dist/server/index.d.ts.map +1 -1
  283. package/dist/server/index.js +1 -1
  284. package/dist/server/index.js.map +1 -1
  285. package/dist/server/oauth-public-origin.d.ts.map +1 -1
  286. package/dist/server/oauth-public-origin.js +19 -1
  287. package/dist/server/oauth-public-origin.js.map +1 -1
  288. package/dist/server/onboarding-html.d.ts.map +1 -1
  289. package/dist/server/onboarding-html.js +62 -15
  290. package/dist/server/onboarding-html.js.map +1 -1
  291. package/dist/server/poll.d.ts.map +1 -1
  292. package/dist/server/poll.js +20 -5
  293. package/dist/server/poll.js.map +1 -1
  294. package/dist/server/request-context.d.ts +8 -0
  295. package/dist/server/request-context.d.ts.map +1 -1
  296. package/dist/server/request-context.js.map +1 -1
  297. package/dist/shared/index.d.ts +2 -0
  298. package/dist/shared/index.d.ts.map +1 -1
  299. package/dist/shared/index.js +2 -0
  300. package/dist/shared/index.js.map +1 -1
  301. package/dist/shared/llm-connection.d.ts +10 -0
  302. package/dist/shared/llm-connection.d.ts.map +1 -0
  303. package/dist/shared/llm-connection.js +29 -0
  304. package/dist/shared/llm-connection.js.map +1 -0
  305. package/dist/shared/workspace-app-audience.d.ts +25 -0
  306. package/dist/shared/workspace-app-audience.d.ts.map +1 -0
  307. package/dist/shared/workspace-app-audience.js +126 -0
  308. package/dist/shared/workspace-app-audience.js.map +1 -0
  309. package/dist/shared/workspace-app-id.d.ts +1 -1
  310. package/dist/shared/workspace-app-id.d.ts.map +1 -1
  311. package/dist/shared/workspace-app-id.js +1 -0
  312. package/dist/shared/workspace-app-id.js.map +1 -1
  313. package/dist/sharing/access.d.ts.map +1 -1
  314. package/dist/sharing/access.js +46 -5
  315. package/dist/sharing/access.js.map +1 -1
  316. package/dist/sharing/actions/list-resource-shares.d.ts.map +1 -1
  317. package/dist/sharing/actions/list-resource-shares.js +8 -1
  318. package/dist/sharing/actions/list-resource-shares.js.map +1 -1
  319. package/dist/sharing/actions/set-resource-visibility.d.ts.map +1 -1
  320. package/dist/sharing/actions/set-resource-visibility.js +12 -3
  321. package/dist/sharing/actions/set-resource-visibility.js.map +1 -1
  322. package/dist/sharing/actions/share-resource.d.ts.map +1 -1
  323. package/dist/sharing/actions/share-resource.js +50 -1
  324. package/dist/sharing/actions/share-resource.js.map +1 -1
  325. package/dist/sharing/registry.d.ts +26 -0
  326. package/dist/sharing/registry.d.ts.map +1 -1
  327. package/dist/sharing/registry.js.map +1 -1
  328. package/dist/styles/agent-native.css +91 -0
  329. package/dist/templates/default/.agents/skills/adding-a-feature/SKILL.md +72 -0
  330. package/dist/templates/default/.agents/skills/frontend-design/SKILL.md +60 -37
  331. package/dist/templates/default/.agents/skills/real-time-sync/SKILL.md +28 -17
  332. package/dist/templates/default/.agents/skills/shadcn-ui/SKILL.md +79 -0
  333. package/dist/templates/default/AGENTS.md +22 -19
  334. package/dist/templates/default/actions/navigate.ts +3 -0
  335. package/dist/templates/default/app/hooks/use-navigation-state.ts +29 -5
  336. package/dist/templates/workspace-core/.agents/skills/a2a-protocol/SKILL.md +251 -0
  337. package/dist/templates/workspace-core/.agents/skills/actions/SKILL.md +264 -0
  338. package/dist/templates/workspace-core/.agents/skills/adding-a-feature/SKILL.md +130 -0
  339. package/dist/templates/workspace-core/.agents/skills/address-feedback/SKILL.md +112 -0
  340. package/dist/templates/workspace-core/.agents/skills/authentication/SKILL.md +88 -0
  341. package/dist/templates/workspace-core/.agents/skills/automations/SKILL.md +191 -0
  342. package/dist/templates/workspace-core/.agents/skills/capture-learnings/SKILL.md +74 -0
  343. package/dist/templates/workspace-core/.agents/skills/client-side-routing/SKILL.md +75 -0
  344. package/dist/templates/workspace-core/.agents/skills/context-awareness/SKILL.md +190 -0
  345. package/dist/templates/workspace-core/.agents/skills/create-skill/SKILL.md +168 -0
  346. package/dist/templates/workspace-core/.agents/skills/delegate-to-agent/SKILL.md +163 -0
  347. package/dist/templates/workspace-core/.agents/skills/extension-points/SKILL.md +205 -0
  348. package/dist/templates/workspace-core/.agents/skills/extensions/SKILL.md +720 -0
  349. package/dist/templates/workspace-core/.agents/skills/frontend-design/SKILL.md +92 -0
  350. package/dist/templates/workspace-core/.agents/skills/integration-webhooks/SKILL.md +285 -0
  351. package/dist/templates/workspace-core/.agents/skills/observability/SKILL.md +192 -0
  352. package/dist/templates/workspace-core/.agents/skills/onboarding/SKILL.md +43 -0
  353. package/dist/templates/workspace-core/.agents/skills/portability/SKILL.md +84 -0
  354. package/dist/templates/workspace-core/.agents/skills/qa/SKILL.md +313 -0
  355. package/dist/templates/workspace-core/.agents/skills/real-time-collab/SKILL.md +112 -0
  356. package/dist/templates/workspace-core/.agents/skills/real-time-sync/SKILL.md +165 -0
  357. package/dist/templates/workspace-core/.agents/skills/recurring-jobs/SKILL.md +41 -0
  358. package/dist/templates/workspace-core/.agents/skills/secrets/SKILL.md +239 -0
  359. package/dist/templates/workspace-core/.agents/skills/security/SKILL.md +191 -0
  360. package/dist/templates/workspace-core/.agents/skills/self-modifying-code/SKILL.md +79 -0
  361. package/dist/templates/workspace-core/.agents/skills/server-plugins/SKILL.md +73 -0
  362. package/dist/templates/workspace-core/.agents/skills/shadcn-ui/SKILL.md +79 -0
  363. package/dist/templates/workspace-core/.agents/skills/sharing/SKILL.md +217 -0
  364. package/dist/templates/workspace-core/.agents/skills/storing-data/SKILL.md +132 -0
  365. package/dist/templates/workspace-core/.agents/skills/tracking/SKILL.md +150 -0
  366. package/dist/templates/workspace-core/.agents/skills/voice-transcription/SKILL.md +124 -0
  367. package/dist/templates/workspace-core/AGENTS.md +16 -1
  368. package/dist/templates/workspace-root/AGENTS.md +35 -0
  369. package/dist/templates/workspace-root/README.md +7 -0
  370. package/dist/vite/action-types-plugin.d.ts.map +1 -1
  371. package/dist/vite/action-types-plugin.js +4 -0
  372. package/dist/vite/action-types-plugin.js.map +1 -1
  373. package/docs/content/authentication.md +36 -0
  374. package/docs/content/creating-templates.md +15 -0
  375. package/docs/content/dispatch.md +3 -3
  376. package/docs/content/multi-app-workspace.md +5 -0
  377. package/docs/content/tracking.md +12 -0
  378. package/docs/content/workspace-management.md +39 -4
  379. package/package.json +15 -12
  380. package/src/templates/default/.agents/skills/adding-a-feature/SKILL.md +72 -0
  381. package/src/templates/default/.agents/skills/frontend-design/SKILL.md +60 -37
  382. package/src/templates/default/.agents/skills/real-time-sync/SKILL.md +28 -17
  383. package/src/templates/default/.agents/skills/shadcn-ui/SKILL.md +79 -0
  384. package/src/templates/default/AGENTS.md +22 -19
  385. package/src/templates/default/actions/navigate.ts +3 -0
  386. package/src/templates/default/app/hooks/use-navigation-state.ts +29 -5
  387. package/src/templates/workspace-core/.agents/skills/a2a-protocol/SKILL.md +251 -0
  388. package/src/templates/workspace-core/.agents/skills/actions/SKILL.md +264 -0
  389. package/src/templates/workspace-core/.agents/skills/adding-a-feature/SKILL.md +130 -0
  390. package/src/templates/workspace-core/.agents/skills/address-feedback/SKILL.md +112 -0
  391. package/src/templates/workspace-core/.agents/skills/authentication/SKILL.md +88 -0
  392. package/src/templates/workspace-core/.agents/skills/automations/SKILL.md +191 -0
  393. package/src/templates/workspace-core/.agents/skills/capture-learnings/SKILL.md +74 -0
  394. package/src/templates/workspace-core/.agents/skills/client-side-routing/SKILL.md +75 -0
  395. package/src/templates/workspace-core/.agents/skills/context-awareness/SKILL.md +190 -0
  396. package/src/templates/workspace-core/.agents/skills/create-skill/SKILL.md +168 -0
  397. package/src/templates/workspace-core/.agents/skills/delegate-to-agent/SKILL.md +163 -0
  398. package/src/templates/workspace-core/.agents/skills/extension-points/SKILL.md +205 -0
  399. package/src/templates/workspace-core/.agents/skills/extensions/SKILL.md +720 -0
  400. package/src/templates/workspace-core/.agents/skills/frontend-design/SKILL.md +92 -0
  401. package/src/templates/workspace-core/.agents/skills/integration-webhooks/SKILL.md +285 -0
  402. package/src/templates/workspace-core/.agents/skills/observability/SKILL.md +192 -0
  403. package/src/templates/workspace-core/.agents/skills/onboarding/SKILL.md +43 -0
  404. package/src/templates/workspace-core/.agents/skills/portability/SKILL.md +84 -0
  405. package/src/templates/workspace-core/.agents/skills/qa/SKILL.md +313 -0
  406. package/src/templates/workspace-core/.agents/skills/real-time-collab/SKILL.md +112 -0
  407. package/src/templates/workspace-core/.agents/skills/real-time-sync/SKILL.md +165 -0
  408. package/src/templates/workspace-core/.agents/skills/recurring-jobs/SKILL.md +41 -0
  409. package/src/templates/workspace-core/.agents/skills/secrets/SKILL.md +239 -0
  410. package/src/templates/workspace-core/.agents/skills/security/SKILL.md +191 -0
  411. package/src/templates/workspace-core/.agents/skills/self-modifying-code/SKILL.md +79 -0
  412. package/src/templates/workspace-core/.agents/skills/server-plugins/SKILL.md +73 -0
  413. package/src/templates/workspace-core/.agents/skills/shadcn-ui/SKILL.md +79 -0
  414. package/src/templates/workspace-core/.agents/skills/sharing/SKILL.md +217 -0
  415. package/src/templates/workspace-core/.agents/skills/storing-data/SKILL.md +132 -0
  416. package/src/templates/workspace-core/.agents/skills/tracking/SKILL.md +150 -0
  417. package/src/templates/workspace-core/.agents/skills/voice-transcription/SKILL.md +124 -0
  418. package/src/templates/workspace-core/AGENTS.md +16 -1
  419. package/src/templates/workspace-root/AGENTS.md +35 -0
  420. package/src/templates/workspace-root/README.md +7 -0
package/dist/file-upload/builder.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"builder.js","sourceRoot":"","sources":["../../src/file-upload/builder.ts"],"names":[],"mappings":"AAEA,MAAM,wBAAwB,GAAG,oBAAoB,CAAC;AAEtD,SAAS,iBAAiB;IACxB,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,OAAO,CAAC,GAAG,CAAC,uBAAuB;QACnC,wBAAwB,CACzB,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAuB;IAC3D,EAAE,EAAE,SAAS;IACb,IAAI,EAAE,YAAY;IAClB,YAAY,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB;IACrD,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,EAAE;QAC7C,MAAM,EAAE,wBAAwB,EAAE,GAChC,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;QACnD,MAAM,UAAU,GAAG,MAAM,wBAAwB,EAAE,CAAC;QACpD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,CAAC,CAAC;QAC3D,IAAI,QAAQ;YAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAErD,iEAAiE;QACjE,qEAAqE;QACrE,qEAAqE;QACrE,sEAAsE;QACtE,iEAAiE;QACjE,oBAAoB;QACpB,MAAM,YAAY,GAAG,CAAC,QAAQ,IAAI,0BAA0B,CAAC;aAC1D,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;aACb,IAAI,EAAE,CAAC;QAEV,MAAM,MAAM,GACV,IAAI,YAAY,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAW,CAAC,CAAC;QAClE,MAAM,KAAK,GAAG,IAAI,UAAU,CAC1B,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,UAAU,CAClB,CAAC;QACF,MAAM,IAAI,GACR,OAAO,IAAI,KAAK,WAAW;YACzB,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;YAC3C,CAAC,CAAE,KAA6B,CAAC;QAErC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,UAAU,EAAE;gBACrC,cAAc,EAAE,YAAY;aAC7B;YACD,IAAI;SACL,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACnD,MAAM,IAAI,KAAK,CACb,6BAA6B,QAAQ,CAAC,MAAM,MAAM,IAAI,IAAI,QAAQ,CAAC,UAAU,EAAE,CAChF,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGpD,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QAED,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC7D,CAAC;CACF,CAAC","sourcesContent":["import type { FileUploadProvider } from \"./types.js\";\n\nconst DEFAULT_BUILDER_APP_HOST = \"https://builder.io\";\n\nfunction builderUploadHost(): string {\n return (\n process.env.BUILDER_APP_HOST ||\n process.env.BUILDER_PUBLIC_APP_HOST ||\n DEFAULT_BUILDER_APP_HOST\n );\n}\n\n/**\n * Built-in Builder.io file upload provider.\n * Uses the same BUILDER_PRIVATE_KEY as the browser/background-agent flows,\n * so connecting Builder once (via the sidebar \"Connect Builder\" action)\n * automatically enables file uploads.\n *\n * Upload API: https://www.builder.io/c/docs/upload-api\n */\nexport const builderFileUploadProvider: FileUploadProvider = {\n id: \"builder\",\n name: \"Builder.io\",\n isConfigured: () => !!process.env.BUILDER_PRIVATE_KEY,\n upload: async ({ data, filename, mimeType }) => {\n const { resolveBuilderPrivateKey } =\n await import(\"../server/credential-provider.js\");\n const privateKey = await resolveBuilderPrivateKey();\n if (!privateKey) {\n throw new Error(\"BUILDER_PRIVATE_KEY is not set\");\n }\n\n const url = new URL(\"/api/v1/upload\", builderUploadHost());\n if (filename) url.searchParams.set(\"name\", filename);\n\n // Strip any media-type parameters (e.g. `;codecs=avc1,opus` from\n // MediaRecorder blobs) — Builder's upload API parses the body as raw\n // binary only when Content-Type is a bare MIME type. A parameterized\n // Content-Type falls through to the multipart/base64 paths which look\n // for an `image` field, and returns \"No image specified\" when it\n // doesn't find one.\n const bareMimeType = (mimeType || \"application/octet-stream\")\n .split(\";\")[0]\n .trim();\n\n const buffer =\n data instanceof Uint8Array ? data : new Uint8Array(data as any);\n const bytes = new Uint8Array(\n buffer.buffer,\n buffer.byteOffset,\n buffer.byteLength,\n );\n const body =\n typeof Blob !== \"undefined\"\n ? new Blob([bytes], { type: bareMimeType })\n : (bytes as unknown as BodyInit);\n\n const response = await fetch(url, {\n method: \"POST\",\n headers: {\n Authorization: `Bearer ${privateKey}`,\n \"Content-Type\": bareMimeType,\n },\n body,\n });\n\n if (!response.ok) {\n const text = await response.text().catch(() => \"\");\n throw new Error(\n `Builder.io upload failed (${response.status}): ${text || response.statusText}`,\n );\n }\n\n const json = (await response.json().catch(() => ({}))) as {\n url?: string;\n id?: string;\n };\n if (!json.url) {\n throw new Error(\"Builder.io upload returned no URL\");\n }\n\n return { url: json.url, id: json.id, provider: \"builder\" };\n },\n};\n"]}
1
+ {"version":3,"file":"builder.js","sourceRoot":"","sources":["../../src/file-upload/builder.ts"],"names":[],"mappings":"AAEA,MAAM,wBAAwB,GAAG,oBAAoB,CAAC;AAEtD,SAAS,iBAAiB;IACxB,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,OAAO,CAAC,GAAG,CAAC,uBAAuB;QACnC,wBAAwB,CACzB,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAuB;IAC3D,EAAE,EAAE,SAAS;IACb,IAAI,EAAE,YAAY;IAClB,YAAY,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB;IACrD,MAAM,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE,EAAE;QAC7C,MAAM,EAAE,wBAAwB,EAAE,GAChC,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;QACnD,MAAM,UAAU,GAAG,MAAM,wBAAwB,EAAE,CAAC;QACpD,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,gBAAgB,EAAE,iBAAiB,EAAE,CAAC,CAAC;QAC3D,IAAI,QAAQ;YAAE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAErD,iEAAiE;QACjE,qEAAqE;QACrE,qEAAqE;QACrE,sEAAsE;QACtE,iEAAiE;QACjE,oBAAoB;QACpB,MAAM,YAAY,GAAG,CAAC,QAAQ,IAAI,0BAA0B,CAAC;aAC1D,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;aACb,IAAI,EAAE,CAAC;QAEV,MAAM,MAAM,GACV,IAAI,YAAY,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,IAAW,CAAC,CAAC;QAClE,MAAM,KAAK,GAAG,IAAI,UAAU,CAC1B,MAAM,CAAC,MAAM,EACb,MAAM,CAAC,UAAU,EACjB,MAAM,CAAC,UAAU,CAClB,CAAC;QACF,MAAM,IAAI,GACR,OAAO,IAAI,KAAK,WAAW;YACzB,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC;YAC3C,CAAC,CAAE,KAA6B,CAAC;QAErC,qEAAqE;QACrE,sEAAsE;QACtE,sEAAsE;QACtE,kEAAkE;QAClE,MAAM,eAAe,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACpC,IAAI,QAAQ,GAAoB,IAAI,CAAC;QACrC,IAAI,aAAa,GAAG,EAAE,CAAC;QACvB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,eAAe,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAC1B,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,aAAa,EAAE,UAAU,UAAU,EAAE;oBACrC,cAAc,EAAE,YAAY;iBAC7B;gBACD,IAAI;aACL,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,EAAE;gBAAE,MAAM;YACvB,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,CAAC;YACtE,MAAM,aAAa,GAAG,OAAO,KAAK,eAAe,CAAC,MAAM,CAAC;YACzD,IAAI,CAAC,WAAW,IAAI,aAAa,EAAE,CAAC;gBAClC,aAAa,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;gBACtD,MAAM;YACR,CAAC;YACD,aAAa,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;YACtD,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YAC9B,MAAM,MAAM,GAAG,QAAQ,EAAE,MAAM,IAAI,CAAC,CAAC;YACrC,MAAM,UAAU,GAAG,QAAQ,EAAE,UAAU,IAAI,aAAa,CAAC;YACzD,MAAM,IAAI,KAAK,CACb,6BAA6B,MAAM,MAAM,aAAa,IAAI,UAAU,EAAE,CACvE,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGpD,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACvD,CAAC;QAED,OAAO,EAAE,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC7D,CAAC;CACF,CAAC","sourcesContent":["import type { FileUploadProvider } from \"./types.js\";\n\nconst DEFAULT_BUILDER_APP_HOST = \"https://builder.io\";\n\nfunction builderUploadHost(): string {\n return (\n process.env.BUILDER_APP_HOST ||\n process.env.BUILDER_PUBLIC_APP_HOST ||\n DEFAULT_BUILDER_APP_HOST\n );\n}\n\n/**\n * Built-in Builder.io file upload provider.\n * Uses the same BUILDER_PRIVATE_KEY as the browser/background-agent flows,\n * so connecting Builder once (via the sidebar \"Connect Builder\" action)\n * automatically enables file uploads.\n *\n * Upload API: https://www.builder.io/c/docs/upload-api\n */\nexport const builderFileUploadProvider: FileUploadProvider = {\n id: \"builder\",\n name: \"Builder.io\",\n isConfigured: () => !!process.env.BUILDER_PRIVATE_KEY,\n upload: async ({ data, filename, mimeType }) => {\n const { resolveBuilderPrivateKey } =\n await import(\"../server/credential-provider.js\");\n const privateKey = await resolveBuilderPrivateKey();\n if (!privateKey) {\n throw new Error(\"BUILDER_PRIVATE_KEY is not set\");\n }\n\n const url = new URL(\"/api/v1/upload\", builderUploadHost());\n if (filename) url.searchParams.set(\"name\", filename);\n\n // Strip any media-type parameters (e.g. `;codecs=avc1,opus` from\n // MediaRecorder blobs) — Builder's upload API parses the body as raw\n // binary only when Content-Type is a bare MIME type. A parameterized\n // Content-Type falls through to the multipart/base64 paths which look\n // for an `image` field, and returns \"No image specified\" when it\n // doesn't find one.\n const bareMimeType = (mimeType || \"application/octet-stream\")\n .split(\";\")[0]\n .trim();\n\n const buffer =\n data instanceof Uint8Array ? data : new Uint8Array(data as any);\n const bytes = new Uint8Array(\n buffer.buffer,\n buffer.byteOffset,\n buffer.byteLength,\n );\n const body =\n typeof Blob !== \"undefined\"\n ? new Blob([bytes], { type: bareMimeType })\n : (bytes as unknown as BodyInit);\n\n // Retry transient 5xx once with backoff. Builder.io's upload service\n // occasionally returns a bodyless 500 (\"Internal Error\") on the first\n // attempt — usually GCS write hiccups that succeed on retry. We bound\n // it tight so a deterministic 500 surfaces quickly to the caller.\n const RETRY_DELAYS_MS = [600, 1800];\n let response: Response | null = null;\n let lastErrorBody = \"\";\n for (let attempt = 0; attempt <= RETRY_DELAYS_MS.length; attempt++) {\n response = await fetch(url, {\n method: \"POST\",\n headers: {\n Authorization: `Bearer ${privateKey}`,\n \"Content-Type\": bareMimeType,\n },\n body,\n });\n if (response.ok) break;\n const isTransient = response.status >= 500 && response.status !== 501;\n const isLastAttempt = attempt === RETRY_DELAYS_MS.length;\n if (!isTransient || isLastAttempt) {\n lastErrorBody = await response.text().catch(() => \"\");\n break;\n }\n lastErrorBody = await response.text().catch(() => \"\");\n await new Promise((r) => setTimeout(r, RETRY_DELAYS_MS[attempt]));\n }\n\n if (!response || !response.ok) {\n const status = response?.status ?? 0;\n const statusText = response?.statusText ?? \"no response\";\n throw new Error(\n `Builder.io upload failed (${status}): ${lastErrorBody || statusText}`,\n );\n }\n\n const json = (await response.json().catch(() => ({}))) as {\n url?: string;\n id?: string;\n };\n if (!json.url) {\n throw new Error(\"Builder.io upload returned no URL\");\n }\n\n return { url: json.url, id: json.id, provider: \"builder\" };\n },\n};\n"]}
package/dist/file-upload/index.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  export type { FileUploadInput, FileUploadProvider, FileUploadResult, } from "./types.js";
2
2
  export { registerFileUploadProvider, unregisterFileUploadProvider, listFileUploadProviders, getActiveFileUploadProvider, uploadFile, } from "./registry.js";
3
3
  export { builderFileUploadProvider } from "./builder.js";
4
+ export { preUploadImageAttachments, type PreUploadAttachmentsResult, type PreUploadedImageAttachment, } from "./pre-upload-attachments.js";
4
5
  //# sourceMappingURL=index.d.ts.map
package/dist/file-upload/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/file-upload/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,eAAe,EACf,kBAAkB,EAClB,gBAAgB,GACjB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,uBAAuB,EACvB,2BAA2B,EAC3B,UAAU,GACX,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/file-upload/index.ts"],"names":[],"mappings":"AAAA,YAAY,EACV,eAAe,EACf,kBAAkB,EAClB,gBAAgB,GACjB,MAAM,YAAY,CAAC;AACpB,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,uBAAuB,EACvB,2BAA2B,EAC3B,UAAU,GACX,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AACzD,OAAO,EACL,yBAAyB,EACzB,KAAK,0BAA0B,EAC/B,KAAK,0BAA0B,GAChC,MAAM,6BAA6B,CAAC"}
package/dist/file-upload/index.js CHANGED
@@ -1,3 +1,4 @@
1
1
  export { registerFileUploadProvider, unregisterFileUploadProvider, listFileUploadProviders, getActiveFileUploadProvider, uploadFile, } from "./registry.js";
2
2
  export { builderFileUploadProvider } from "./builder.js";
3
+ export { preUploadImageAttachments, } from "./pre-upload-attachments.js";
3
4
  //# sourceMappingURL=index.js.map
package/dist/file-upload/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/file-upload/index.ts"],"names":[],"mappings":"AAKA,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,uBAAuB,EACvB,2BAA2B,EAC3B,UAAU,GACX,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC","sourcesContent":["export type {\n FileUploadInput,\n FileUploadProvider,\n FileUploadResult,\n} from \"./types.js\";\nexport {\n registerFileUploadProvider,\n unregisterFileUploadProvider,\n listFileUploadProviders,\n getActiveFileUploadProvider,\n uploadFile,\n} from \"./registry.js\";\nexport { builderFileUploadProvider } from \"./builder.js\";\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/file-upload/index.ts"],"names":[],"mappings":"AAKA,OAAO,EACL,0BAA0B,EAC1B,4BAA4B,EAC5B,uBAAuB,EACvB,2BAA2B,EAC3B,UAAU,GACX,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AACzD,OAAO,EACL,yBAAyB,GAG1B,MAAM,6BAA6B,CAAC","sourcesContent":["export type {\n FileUploadInput,\n FileUploadProvider,\n FileUploadResult,\n} from \"./types.js\";\nexport {\n registerFileUploadProvider,\n unregisterFileUploadProvider,\n listFileUploadProviders,\n getActiveFileUploadProvider,\n uploadFile,\n} from \"./registry.js\";\nexport { builderFileUploadProvider } from \"./builder.js\";\nexport {\n preUploadImageAttachments,\n type PreUploadAttachmentsResult,\n type PreUploadedImageAttachment,\n} from \"./pre-upload-attachments.js\";\n"]}
package/dist/file-upload/pre-upload-attachments.d.ts ADDED
@@ -0,0 +1,39 @@
1
+ import type { AgentChatAttachment } from "../agent/types.js";
2
+ export interface PreUploadedImageAttachment {
3
+ name?: string;
4
+ url: string;
5
+ provider: string;
6
+ contentType?: string;
7
+ }
8
+ export interface PreUploadAttachmentsResult {
9
+ /** Same array reference. Each image attachment that was uploaded also gets a
10
+ * `url` property attached (non-breaking; consumers that don't read it are
11
+ * unaffected). */
12
+ attachments: AgentChatAttachment[];
13
+ /** Set when at least one image was uploaded. List of hosted URLs the agent
14
+ * can embed in HTML, slide content, documents, etc. */
15
+ uploaded: PreUploadedImageAttachment[];
16
+ /** True if at least one image attachment failed to upload because no
17
+ * file-upload provider is configured. Templates use this to render a
18
+ * "Connect Builder.io" suggestion. */
19
+ providerMissing: boolean;
20
+ /** A pre-formatted block to inject into the user message text so the agent
21
+ * has each hosted URL inline. Null when nothing was uploaded or no provider
22
+ * is configured. */
23
+ injectedText: string | null;
24
+ }
25
+ /**
26
+ * Pre-upload chat image attachments through the active file-upload provider
27
+ * (Builder.io by default) so the agent can embed hosted URLs in HTML, slide
28
+ * content, and outbound messages. Keeps the original base64 data URL on the
29
+ * attachment so multimodal vision still works — only adds a hosted `url`.
30
+ *
31
+ * Safe to call when no provider is configured: it returns the attachments
32
+ * untouched with `providerMissing: true` so callers can surface a connect-
33
+ * Builder.io hint to the agent.
34
+ */
35
+ export declare function preUploadImageAttachments(opts: {
36
+ attachments: AgentChatAttachment[] | undefined;
37
+ ownerEmail: string | null | undefined;
38
+ }): Promise<PreUploadAttachmentsResult>;
39
+ //# sourceMappingURL=pre-upload-attachments.d.ts.map
package/dist/file-upload/pre-upload-attachments.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pre-upload-attachments.d.ts","sourceRoot":"","sources":["../../src/file-upload/pre-upload-attachments.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAG7D,MAAM,WAAW,0BAA0B;IACzC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,0BAA0B;IACzC;;uBAEmB;IACnB,WAAW,EAAE,mBAAmB,EAAE,CAAC;IACnC;4DACwD;IACxD,QAAQ,EAAE,0BAA0B,EAAE,CAAC;IACvC;;2CAEuC;IACvC,eAAe,EAAE,OAAO,CAAC;IACzB;;yBAEqB;IACrB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B;AAYD;;;;;;;;;GASG;AACH,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,WAAW,EAAE,mBAAmB,EAAE,GAAG,SAAS,CAAC;IAC/C,UAAU,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,CAAC;CACvC,GAAG,OAAO,CAAC,0BAA0B,CAAC,CA6FtC"}
package/dist/file-upload/pre-upload-attachments.js ADDED
@@ -0,0 +1,110 @@
1
+ import { uploadFile } from "./registry.js";
2
+ const DATA_URL_RE = /^data:(image\/[^;]+);base64,(.+)$/;
3
+ function escapeXmlAttr(value) {
4
+ return value
5
+ .replace(/&/g, "&amp;")
6
+ .replace(/</g, "&lt;")
7
+ .replace(/>/g, "&gt;")
8
+ .replace(/"/g, "&quot;");
9
+ }
10
+ /**
11
+ * Pre-upload chat image attachments through the active file-upload provider
12
+ * (Builder.io by default) so the agent can embed hosted URLs in HTML, slide
13
+ * content, and outbound messages. Keeps the original base64 data URL on the
14
+ * attachment so multimodal vision still works — only adds a hosted `url`.
15
+ *
16
+ * Safe to call when no provider is configured: it returns the attachments
17
+ * untouched with `providerMissing: true` so callers can surface a connect-
18
+ * Builder.io hint to the agent.
19
+ */
20
+ export async function preUploadImageAttachments(opts) {
21
+ const list = Array.isArray(opts.attachments) ? opts.attachments : [];
22
+ const uploaded = [];
23
+ let providerMissing = false;
24
+ if (list.length === 0) {
25
+ return {
26
+ attachments: list,
27
+ uploaded,
28
+ providerMissing: false,
29
+ injectedText: null,
30
+ };
31
+ }
32
+ for (const att of list) {
33
+ if (att.type !== "image" || typeof att.data !== "string")
34
+ continue;
35
+ if (att.url) {
36
+ // Already pre-uploaded earlier in the pipeline — reuse it.
37
+ uploaded.push({
38
+ name: att.name,
39
+ url: att.url,
40
+ provider: att.uploadProvider || "unknown",
41
+ contentType: att.contentType,
42
+ });
43
+ continue;
44
+ }
45
+ const match = att.data.match(DATA_URL_RE);
46
+ if (!match)
47
+ continue;
48
+ const mimeType = match[1];
49
+ let bytes;
50
+ try {
51
+ bytes = new Uint8Array(Buffer.from(match[2], "base64"));
52
+ }
53
+ catch {
54
+ continue;
55
+ }
56
+ try {
57
+ const result = await uploadFile({
58
+ data: bytes,
59
+ filename: att.name,
60
+ mimeType,
61
+ ownerEmail: opts.ownerEmail || undefined,
62
+ });
63
+ if (!result) {
64
+ providerMissing = true;
65
+ continue;
66
+ }
67
+ att.url = result.url;
68
+ att.uploadProvider = result.provider;
69
+ uploaded.push({
70
+ name: att.name,
71
+ url: result.url,
72
+ provider: result.provider,
73
+ contentType: att.contentType,
74
+ });
75
+ }
76
+ catch (err) {
77
+ // Real upload failure (network, API). Keep the base64 so the model
78
+ // can still see the image, but don't crash the turn.
79
+ console.warn("[agent-native] pre-upload of chat image attachment failed:", err instanceof Error ? err.message : String(err));
80
+ }
81
+ }
82
+ let injectedText = null;
83
+ if (uploaded.length > 0) {
84
+ const lines = uploaded.map((u) => {
85
+ const attrs = [
86
+ u.name ? `name="${escapeXmlAttr(u.name)}"` : null,
87
+ `url="${escapeXmlAttr(u.url)}"`,
88
+ u.contentType ? `contentType="${escapeXmlAttr(u.contentType)}"` : null,
89
+ `provider="${escapeXmlAttr(u.provider)}"`,
90
+ ].filter(Boolean);
91
+ return `<chat-image-attachment ${attrs.join(" ")} />`;
92
+ });
93
+ injectedText = [
94
+ '<chat-image-attachments note="The user attached these images. They have been uploaded — use the url attribute when embedding in HTML, slide content, or any outbound message.">',
95
+ ...lines,
96
+ "</chat-image-attachments>",
97
+ ].join("\n");
98
+ }
99
+ else if (providerMissing) {
100
+ injectedText = [
101
+ "<chat-image-attachment-upload-error>",
102
+ "The user attached one or more images, but no file-upload provider is configured for this app.",
103
+ "Tell the user they need to configure one of: (a) Builder.io — recommended, free credits, one-click connect from Settings → File uploads, (b) BUILDER_PRIVATE_KEY environment variable, (c) a custom provider like S3 / R2 / GCS registered via registerFileUploadProvider(). Use `connect-builder` to render an inline connect card for option (a) when available.",
104
+ "Until that's done, you can still SEE the image, but you do NOT have a URL to embed it in HTML or share with other apps.",
105
+ "</chat-image-attachment-upload-error>",
106
+ ].join("\n");
107
+ }
108
+ return { attachments: list, uploaded, providerMissing, injectedText };
109
+ }
110
+ //# sourceMappingURL=pre-upload-attachments.js.map
package/dist/file-upload/pre-upload-attachments.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"pre-upload-attachments.js","sourceRoot":"","sources":["../../src/file-upload/pre-upload-attachments.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AA2B3C,MAAM,WAAW,GAAG,mCAAmC,CAAC;AAExD,SAAS,aAAa,CAAC,KAAa;IAClC,OAAO,KAAK;SACT,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;SACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AAC7B,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,IAG/C;IACC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC;IACrE,MAAM,QAAQ,GAAiC,EAAE,CAAC;IAClD,IAAI,eAAe,GAAG,KAAK,CAAC;IAE5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO;YACL,WAAW,EAAE,IAAI;YACjB,QAAQ;YACR,eAAe,EAAE,KAAK;YACtB,YAAY,EAAE,IAAI;SACnB,CAAC;IACJ,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ;YAAE,SAAS;QACnE,IAAK,GAAW,CAAC,GAAG,EAAE,CAAC;YACrB,2DAA2D;YAC3D,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,GAAG,EAAG,GAAW,CAAC,GAAa;gBAC/B,QAAQ,EAAI,GAAW,CAAC,cAAyB,IAAI,SAAS;gBAC9D,WAAW,EAAE,GAAG,CAAC,WAAW;aAC7B,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK;YAAE,SAAS;QACrB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC1B,IAAI,KAAiB,CAAC;QACtB,IAAI,CAAC;YACH,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC;gBAC9B,IAAI,EAAE,KAAK;gBACX,QAAQ,EAAE,GAAG,CAAC,IAAI;gBAClB,QAAQ;gBACR,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,SAAS;aACzC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,EAAE,CAAC;gBACZ,eAAe,GAAG,IAAI,CAAC;gBACvB,SAAS;YACX,CAAC;YACA,GAAW,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC;YAC7B,GAAW,CAAC,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC;YAC9C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,GAAG,EAAE,MAAM,CAAC,GAAG;gBACf,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,WAAW,EAAE,GAAG,CAAC,WAAW;aAC7B,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,mEAAmE;YACnE,qDAAqD;YACrD,OAAO,CAAC,IAAI,CACV,4DAA4D,EAC5D,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,YAAY,GAAkB,IAAI,CAAC;IACvC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YAC/B,MAAM,KAAK,GAAG;gBACZ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI;gBACjD,QAAQ,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG;gBAC/B,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,gBAAgB,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI;gBACtE,aAAa,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG;aAC1C,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAClB,OAAO,0BAA0B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC;QACxD,CAAC,CAAC,CAAC;QACH,YAAY,GAAG;YACb,iLAAiL;YACjL,GAAG,KAAK;YACR,2BAA2B;SAC5B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;SAAM,IAAI,eAAe,EAAE,CAAC;QAC3B,YAAY,GAAG;YACb,sCAAsC;YACtC,+FAA+F;YAC/F,oWAAoW;YACpW,yHAAyH;YACzH,uCAAuC;SACxC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,eAAe,EAAE,YAAY,EAAE,CAAC;AACxE,CAAC","sourcesContent":["import type { AgentChatAttachment } from \"../agent/types.js\";\nimport { uploadFile } from \"./registry.js\";\n\nexport interface PreUploadedImageAttachment {\n name?: string;\n url: string;\n provider: string;\n contentType?: string;\n}\n\nexport interface PreUploadAttachmentsResult {\n /** Same array reference. Each image attachment that was uploaded also gets a\n * `url` property attached (non-breaking; consumers that don't read it are\n * unaffected). */\n attachments: AgentChatAttachment[];\n /** Set when at least one image was uploaded. List of hosted URLs the agent\n * can embed in HTML, slide content, documents, etc. */\n uploaded: PreUploadedImageAttachment[];\n /** True if at least one image attachment failed to upload because no\n * file-upload provider is configured. Templates use this to render a\n * \"Connect Builder.io\" suggestion. */\n providerMissing: boolean;\n /** A pre-formatted block to inject into the user message text so the agent\n * has each hosted URL inline. Null when nothing was uploaded or no provider\n * is configured. */\n injectedText: string | null;\n}\n\nconst DATA_URL_RE = /^data:(image\\/[^;]+);base64,(.+)$/;\n\nfunction escapeXmlAttr(value: string): string {\n return value\n .replace(/&/g, \"&amp;\")\n .replace(/</g, \"&lt;\")\n .replace(/>/g, \"&gt;\")\n .replace(/\"/g, \"&quot;\");\n}\n\n/**\n * Pre-upload chat image attachments through the active file-upload provider\n * (Builder.io by default) so the agent can embed hosted URLs in HTML, slide\n * content, and outbound messages. Keeps the original base64 data URL on the\n * attachment so multimodal vision still works — only adds a hosted `url`.\n *\n * Safe to call when no provider is configured: it returns the attachments\n * untouched with `providerMissing: true` so callers can surface a connect-\n * Builder.io hint to the agent.\n */\nexport async function preUploadImageAttachments(opts: {\n attachments: AgentChatAttachment[] | undefined;\n ownerEmail: string | null | undefined;\n}): Promise<PreUploadAttachmentsResult> {\n const list = Array.isArray(opts.attachments) ? opts.attachments : [];\n const uploaded: PreUploadedImageAttachment[] = [];\n let providerMissing = false;\n\n if (list.length === 0) {\n return {\n attachments: list,\n uploaded,\n providerMissing: false,\n injectedText: null,\n };\n }\n\n for (const att of list) {\n if (att.type !== \"image\" || typeof att.data !== \"string\") continue;\n if ((att as any).url) {\n // Already pre-uploaded earlier in the pipeline — reuse it.\n uploaded.push({\n name: att.name,\n url: (att as any).url as string,\n provider: ((att as any).uploadProvider as string) || \"unknown\",\n contentType: att.contentType,\n });\n continue;\n }\n\n const match = att.data.match(DATA_URL_RE);\n if (!match) continue;\n const mimeType = match[1];\n let bytes: Uint8Array;\n try {\n bytes = new Uint8Array(Buffer.from(match[2], \"base64\"));\n } catch {\n continue;\n }\n\n try {\n const result = await uploadFile({\n data: bytes,\n filename: att.name,\n mimeType,\n ownerEmail: opts.ownerEmail || undefined,\n });\n if (!result) {\n providerMissing = true;\n continue;\n }\n (att as any).url = result.url;\n (att as any).uploadProvider = result.provider;\n uploaded.push({\n name: att.name,\n url: result.url,\n provider: result.provider,\n contentType: att.contentType,\n });\n } catch (err) {\n // Real upload failure (network, API). Keep the base64 so the model\n // can still see the image, but don't crash the turn.\n console.warn(\n \"[agent-native] pre-upload of chat image attachment failed:\",\n err instanceof Error ? err.message : String(err),\n );\n }\n }\n\n let injectedText: string | null = null;\n if (uploaded.length > 0) {\n const lines = uploaded.map((u) => {\n const attrs = [\n u.name ? `name=\"${escapeXmlAttr(u.name)}\"` : null,\n `url=\"${escapeXmlAttr(u.url)}\"`,\n u.contentType ? `contentType=\"${escapeXmlAttr(u.contentType)}\"` : null,\n `provider=\"${escapeXmlAttr(u.provider)}\"`,\n ].filter(Boolean);\n return `<chat-image-attachment ${attrs.join(\" \")} />`;\n });\n injectedText = [\n '<chat-image-attachments note=\"The user attached these images. They have been uploaded — use the url attribute when embedding in HTML, slide content, or any outbound message.\">',\n ...lines,\n \"</chat-image-attachments>\",\n ].join(\"\\n\");\n } else if (providerMissing) {\n injectedText = [\n \"<chat-image-attachment-upload-error>\",\n \"The user attached one or more images, but no file-upload provider is configured for this app.\",\n \"Tell the user they need to configure one of: (a) Builder.io — recommended, free credits, one-click connect from Settings → File uploads, (b) BUILDER_PRIVATE_KEY environment variable, (c) a custom provider like S3 / R2 / GCS registered via registerFileUploadProvider(). Use `connect-builder` to render an inline connect card for option (a) when available.\",\n \"Until that's done, you can still SEE the image, but you do NOT have a URL to embed it in HTML or share with other apps.\",\n \"</chat-image-attachment-upload-error>\",\n ].join(\"\\n\");\n }\n\n return { attachments: list, uploaded, providerMissing, injectedText };\n}\n"]}
package/dist/file-upload/registry.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/file-upload/registry.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,YAAY,CAAC;AAMpB;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,QAAQ,EAAE,kBAAkB,GAAG,IAAI,CAE7E;AAED,wBAAgB,4BAA4B,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,CAE7D;AAED,wBAAgB,uBAAuB,IAAI,kBAAkB,EAAE,CAE9D;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,IAAI,kBAAkB,GAAG,IAAI,CAQvE;AAED;;;;;GAKG;AACH,wBAAsB,UAAU,CAC9B,KAAK,EAAE,eAAe,GACrB,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CA4ClC"}
1
+ {"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/file-upload/registry.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,YAAY,CAAC;AAoBpB;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,QAAQ,EAAE,kBAAkB,GAAG,IAAI,CAE7E;AAED,wBAAgB,4BAA4B,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI,CAE7D;AAED,wBAAgB,uBAAuB,IAAI,kBAAkB,EAAE,CAE9D;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,IAAI,kBAAkB,GAAG,IAAI,CAQvE;AAED;;;;;GAKG;AACH,wBAAsB,UAAU,CAC9B,KAAK,EAAE,eAAe,GACrB,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CA4ClC"}
package/dist/file-upload/registry.js CHANGED
@@ -1,6 +1,7 @@
1
1
  import { builderFileUploadProvider } from "./builder.js";
2
- const providers = new Map();
3
- let warnedFallback = false;
2
+ const globals = globalThis;
3
+ const providers = (globals.__agentNativeFileUploadProviders ??= new Map());
4
+ const warnedFallbackRef = (globals.__agentNativeFileUploadWarnedFallback ??= { value: false });
4
5
  /**
5
6
  * Register a file upload provider. Call from a server plugin or app
6
7
  * bootstrap. Idempotent per id — later calls with the same id replace.
@@ -65,11 +66,11 @@ export async function uploadFile(input) {
65
66
  // API, rate-limit) propagate to the caller; do NOT catch them here.
66
67
  return await builderFileUploadProvider.upload(input);
67
68
  }
68
- if (!warnedFallback) {
69
- warnedFallback = true;
70
- console.warn("[agent-native] No file upload provider configured — storing files in SQL. " +
71
- "Connect Builder.io in Settings → File uploads, or register a provider, " +
72
- "for production-grade file storage.");
69
+ if (!warnedFallbackRef.value) {
70
+ warnedFallbackRef.value = true;
71
+ console.warn("[agent-native] No file upload provider configured. " +
72
+ "Connect Builder.io in Settings → File uploads, set BUILDER_PRIVATE_KEY, " +
73
+ "or register a custom provider (S3, R2, GCS, …) via registerFileUploadProvider().");
73
74
  }
74
75
  return null;
75
76
  }
package/dist/file-upload/registry.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/file-upload/registry.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AAEzD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA8B,CAAC;AACxD,IAAI,cAAc,GAAG,KAAK,CAAC;AAE3B;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CAAC,QAA4B;IACrE,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,EAAU;IACrD,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,uBAAuB;IACrC,OAAO,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;AACjC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,2BAA2B;IACzC,KAAK,MAAM,QAAQ,IAAI,SAAS,CAAC,MAAM,EAAE,EAAE,CAAC;QAC1C,IAAI,QAAQ,CAAC,YAAY,EAAE;YAAE,OAAO,QAAQ,CAAC;IAC/C,CAAC;IACD,IAAI,yBAAyB,CAAC,YAAY,EAAE,EAAE,CAAC;QAC7C,OAAO,yBAAyB,CAAC;IACnC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,KAAsB;IAEtB,MAAM,QAAQ,GAAG,2BAA2B,EAAE,CAAC;IAC/C,uEAAuE;IACvE,6EAA6E;IAC7E,8EAA8E;IAC9E,2EAA2E;IAC3E,2EAA2E;IAC3E,IAAI,QAAQ,IAAI,QAAQ,KAAK,yBAAyB,EAAE,CAAC;QACvD,OAAO,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IAED,wEAAwE;IACxE,6EAA6E;IAC7E,sEAAsE;IACtE,iDAAiD;IACjD,IAAI,UAAU,GAAkB,IAAI,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,EAAE,wBAAwB,EAAE,GAChC,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;QACnD,UAAU,GAAG,MAAM,wBAAwB,EAAE,CAAC;IAChD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,oEAAoE;QACpE,kDAAkD;QAClD,OAAO,CAAC,IAAI,CACV,iDAAiD,EACjD,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;IACJ,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,oEAAoE;QACpE,oEAAoE;QACpE,OAAO,MAAM,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,cAAc,GAAG,IAAI,CAAC;QACtB,OAAO,CAAC,IAAI,CACV,4EAA4E;YAC1E,yEAAyE;YACzE,oCAAoC,CACvC,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import type {\n FileUploadInput,\n FileUploadProvider,\n FileUploadResult,\n} from \"./types.js\";\nimport { builderFileUploadProvider } from \"./builder.js\";\n\nconst providers = new Map<string, FileUploadProvider>();\nlet warnedFallback = false;\n\n/**\n * Register a file upload provider. Call from a server plugin or app\n * bootstrap. Idempotent per id — later calls with the same id replace.\n */\nexport function registerFileUploadProvider(provider: FileUploadProvider): void {\n providers.set(provider.id, provider);\n}\n\nexport function unregisterFileUploadProvider(id: string): void {\n providers.delete(id);\n}\n\nexport function listFileUploadProviders(): FileUploadProvider[] {\n return [...providers.values()];\n}\n\n/**\n * Returns the first configured provider, checking user-registered ones first\n * and falling back to the built-in Builder.io provider when its env is set.\n * Returns `null` when nothing is configured — callers should then use the\n * SQL fallback.\n */\nexport function getActiveFileUploadProvider(): FileUploadProvider | null {\n for (const provider of providers.values()) {\n if (provider.isConfigured()) return provider;\n }\n if (builderFileUploadProvider.isConfigured()) {\n return builderFileUploadProvider;\n }\n return null;\n}\n\n/**\n * Upload a file via the active provider, or `null` if no provider is\n * configured. Callers use `null` as the signal to fall back to SQL\n * storage. On the first fallback we log a one-time warning because\n * storing files in SQL is not optimal for production.\n */\nexport async function uploadFile(\n input: FileUploadInput,\n): Promise<FileUploadResult | null> {\n const provider = getActiveFileUploadProvider();\n // Only trust user-registered providers (S3, etc.) from the sync check.\n // The builder builtin's isConfigured() only checks process.env, which causes\n // hard failures for authenticated non-local users on multi-tenant deployments\n // where BUILDER_PRIVATE_KEY is set at the deploy level but the user has no\n // personal credentials. Always resolve builder credentials asynchronously.\n if (provider && provider !== builderFileUploadProvider) {\n return provider.upload(input);\n }\n\n // Resolve credentials asynchronously (works when request context is set\n // via runWithRequestContext — actions always have one via action-routes.ts).\n // Two separate try-catch blocks ensure a real upload failure is never\n // silently swallowed as a \"no credentials\" case.\n let builderKey: string | null = null;\n try {\n const { resolveBuilderPrivateKey } =\n await import(\"../server/credential-provider.js\");\n builderKey = await resolveBuilderPrivateKey();\n } catch (err) {\n // DB unavailable or credential store not ready — can't resolve key.\n // Log and fall through to the SQL fallback below.\n console.warn(\n \"[agent-native] Builder credential check failed:\",\n err instanceof Error ? err.message : String(err),\n );\n }\n\n if (builderKey) {\n // Credentials confirmed — attempt the upload. Real errors (network,\n // API, rate-limit) propagate to the caller; do NOT catch them here.\n return await builderFileUploadProvider.upload(input);\n }\n\n if (!warnedFallback) {\n warnedFallback = true;\n console.warn(\n \"[agent-native] No file upload provider configured — storing files in SQL. \" +\n \"Connect Builder.io in Settings → File uploads, or register a provider, \" +\n \"for production-grade file storage.\",\n );\n }\n return null;\n}\n"]}
1
+ {"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/file-upload/registry.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,yBAAyB,EAAE,MAAM,cAAc,CAAC;AAazD,MAAM,OAAO,GAAG,UAAmD,CAAC;AACpE,MAAM,SAAS,GACb,CAAC,OAAO,CAAC,gCAAgC,KAAK,IAAI,GAAG,EAAE,CAAC,CAAC;AAC3D,MAAM,iBAAiB,GACrB,CAAC,OAAO,CAAC,qCAAqC,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;AAEvE;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CAAC,QAA4B;IACrE,SAAS,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;AACvC,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,EAAU;IACrD,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AACvB,CAAC;AAED,MAAM,UAAU,uBAAuB;IACrC,OAAO,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;AACjC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,2BAA2B;IACzC,KAAK,MAAM,QAAQ,IAAI,SAAS,CAAC,MAAM,EAAE,EAAE,CAAC;QAC1C,IAAI,QAAQ,CAAC,YAAY,EAAE;YAAE,OAAO,QAAQ,CAAC;IAC/C,CAAC;IACD,IAAI,yBAAyB,CAAC,YAAY,EAAE,EAAE,CAAC;QAC7C,OAAO,yBAAyB,CAAC;IACnC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,KAAsB;IAEtB,MAAM,QAAQ,GAAG,2BAA2B,EAAE,CAAC;IAC/C,uEAAuE;IACvE,6EAA6E;IAC7E,8EAA8E;IAC9E,2EAA2E;IAC3E,2EAA2E;IAC3E,IAAI,QAAQ,IAAI,QAAQ,KAAK,yBAAyB,EAAE,CAAC;QACvD,OAAO,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IAED,wEAAwE;IACxE,6EAA6E;IAC7E,sEAAsE;IACtE,iDAAiD;IACjD,IAAI,UAAU,GAAkB,IAAI,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,EAAE,wBAAwB,EAAE,GAChC,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;QACnD,UAAU,GAAG,MAAM,wBAAwB,EAAE,CAAC;IAChD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,oEAAoE;QACpE,kDAAkD;QAClD,OAAO,CAAC,IAAI,CACV,iDAAiD,EACjD,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CACjD,CAAC;IACJ,CAAC;IAED,IAAI,UAAU,EAAE,CAAC;QACf,oEAAoE;QACpE,oEAAoE;QACpE,OAAO,MAAM,yBAAyB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,CAAC;QAC7B,iBAAiB,CAAC,KAAK,GAAG,IAAI,CAAC;QAC/B,OAAO,CAAC,IAAI,CACV,qDAAqD;YACnD,0EAA0E;YAC1E,kFAAkF,CACrF,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import type {\n FileUploadInput,\n FileUploadProvider,\n FileUploadResult,\n} from \"./types.js\";\nimport { builderFileUploadProvider } from \"./builder.js\";\n\n// Why globalThis: in dev (Vite HMR) and in some Nitro/Rollup bundle splits,\n// this module can be evaluated more than once — the plugin file that\n// registers a provider lands in one module instance and the request handler\n// that reads providers lands in another, so the call site sees an empty map\n// even though `registerFileUploadProvider` succeeded. Pinning the singletons\n// on `globalThis` guarantees one set of providers per Node process,\n// independent of how the bundler split the chunks.\ninterface FileUploadGlobals {\n __agentNativeFileUploadProviders?: Map<string, FileUploadProvider>;\n __agentNativeFileUploadWarnedFallback?: { value: boolean };\n}\nconst globals = globalThis as typeof globalThis & FileUploadGlobals;\nconst providers: Map<string, FileUploadProvider> =\n (globals.__agentNativeFileUploadProviders ??= new Map());\nconst warnedFallbackRef: { value: boolean } =\n (globals.__agentNativeFileUploadWarnedFallback ??= { value: false });\n\n/**\n * Register a file upload provider. Call from a server plugin or app\n * bootstrap. Idempotent per id — later calls with the same id replace.\n */\nexport function registerFileUploadProvider(provider: FileUploadProvider): void {\n providers.set(provider.id, provider);\n}\n\nexport function unregisterFileUploadProvider(id: string): void {\n providers.delete(id);\n}\n\nexport function listFileUploadProviders(): FileUploadProvider[] {\n return [...providers.values()];\n}\n\n/**\n * Returns the first configured provider, checking user-registered ones first\n * and falling back to the built-in Builder.io provider when its env is set.\n * Returns `null` when nothing is configured — callers should then use the\n * SQL fallback.\n */\nexport function getActiveFileUploadProvider(): FileUploadProvider | null {\n for (const provider of providers.values()) {\n if (provider.isConfigured()) return provider;\n }\n if (builderFileUploadProvider.isConfigured()) {\n return builderFileUploadProvider;\n }\n return null;\n}\n\n/**\n * Upload a file via the active provider, or `null` if no provider is\n * configured. Callers use `null` as the signal to fall back to SQL\n * storage. On the first fallback we log a one-time warning because\n * storing files in SQL is not optimal for production.\n */\nexport async function uploadFile(\n input: FileUploadInput,\n): Promise<FileUploadResult | null> {\n const provider = getActiveFileUploadProvider();\n // Only trust user-registered providers (S3, etc.) from the sync check.\n // The builder builtin's isConfigured() only checks process.env, which causes\n // hard failures for authenticated non-local users on multi-tenant deployments\n // where BUILDER_PRIVATE_KEY is set at the deploy level but the user has no\n // personal credentials. Always resolve builder credentials asynchronously.\n if (provider && provider !== builderFileUploadProvider) {\n return provider.upload(input);\n }\n\n // Resolve credentials asynchronously (works when request context is set\n // via runWithRequestContext — actions always have one via action-routes.ts).\n // Two separate try-catch blocks ensure a real upload failure is never\n // silently swallowed as a \"no credentials\" case.\n let builderKey: string | null = null;\n try {\n const { resolveBuilderPrivateKey } =\n await import(\"../server/credential-provider.js\");\n builderKey = await resolveBuilderPrivateKey();\n } catch (err) {\n // DB unavailable or credential store not ready — can't resolve key.\n // Log and fall through to the SQL fallback below.\n console.warn(\n \"[agent-native] Builder credential check failed:\",\n err instanceof Error ? err.message : String(err),\n );\n }\n\n if (builderKey) {\n // Credentials confirmed — attempt the upload. Real errors (network,\n // API, rate-limit) propagate to the caller; do NOT catch them here.\n return await builderFileUploadProvider.upload(input);\n }\n\n if (!warnedFallbackRef.value) {\n warnedFallbackRef.value = true;\n console.warn(\n \"[agent-native] No file upload provider configured. \" +\n \"Connect Builder.io in Settings → File uploads, set BUILDER_PRIVATE_KEY, \" +\n \"or register a custom provider (S3, R2, GCS, …) via registerFileUploadProvider().\",\n );\n }\n return null;\n}\n"]}
package/dist/onboarding/default-steps.js CHANGED
@@ -64,7 +64,7 @@ const llmStep = {
64
64
  id: "builder",
65
65
  kind: "builder-cli-auth",
66
66
  label: "Connect Builder",
67
- description: "Connect the Builder space where this app should run. This unlocks managed LLM credits, browser automation, and file uploads. Cloud code changes appear when Builder Cloud Agents are enabled for the workspace.",
67
+ description: "Connect the Builder space where this app should run. This unlocks managed LLM credits, browser automation, and file uploads. Cloud code changes appear when Builder Cloud Agents are available for the workspace.",
68
68
  primary: true,
69
69
  payload: {
70
70
  scope: "llm",
package/dist/onboarding/default-steps.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"default-steps.js","sourceRoot":"","sources":["../../src/onboarding/default-steps.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAEvD,OAAO,EACL,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EACL,2BAA2B,EAC3B,8BAA8B,GAC/B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAUlD,MAAM,eAAe,GAAmB;IACtC;QACE,QAAQ,EAAE,WAAW;QACrB,EAAE,EAAE,eAAe;QACnB,KAAK,EAAE,WAAW;QAClB,WAAW,EAAE,4CAA4C;KAC1D;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,EAAE,EAAE,YAAY;QAChB,KAAK,EAAE,QAAQ;QACf,WAAW,EAAE,sCAAsC;KACpD;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,EAAE,EAAE,YAAY;QAChB,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,4CAA4C;KAC1D;IACD;QACE,QAAQ,EAAE,YAAY;QACtB,EAAE,EAAE,gBAAgB;QACpB,KAAK,EAAE,YAAY;QACnB,WAAW,EAAE,iDAAiD;KAC/D;IACD;QACE,QAAQ,EAAE,MAAM;QAChB,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,MAAM;QACb,WAAW,EAAE,4CAA4C;KAC1D;IACD;QACE,QAAQ,EAAE,SAAS;QACnB,EAAE,EAAE,aAAa;QACjB,KAAK,EAAE,SAAS;QAChB,WAAW,EAAE,2CAA2C;KACzD;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,EAAE,EAAE,YAAY;QAChB,KAAK,EAAE,QAAQ;QACf,WAAW,EAAE,yCAAyC;KACvD;CACF,CAAC;AAEF,MAAM,OAAO,GAAmB;IAC9B,EAAE,EAAE,KAAK;IACT,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,IAAI;IACd,KAAK,EAAE,sBAAsB;IAC7B,WAAW,EAAE,gEAAgE;IAC7E,OAAO,EAAE;QACP;YACE,EAAE,EAAE,SAAS;YACb,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,iBAAiB;YACxB,WAAW,EACT,iNAAiN;YACnN,OAAO,EAAE,IAAI;YACb,OAAO,EAAE;gBACP,KAAK,EAAE,KAAK;aACb;SACF;QACD,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,EAAE;YACvE,MAAM,IAAI,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YACzC,OAAO;gBACL,EAAE;gBACF,IAAI,EAAE,MAAe;gBACrB,KAAK;gBACL,WAAW;gBACX,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrC,OAAO,EAAE;oBACP,UAAU,EAAE,WAAoB;oBAChC,MAAM,EAAE;wBACN;4BACE,GAAG,EAAE,IAAI,CAAC,MAAM;4BAChB,KAAK,EAAE,IAAI,CAAC,MAAM;4BAClB,WAAW,EAAE,IAAI,CAAC,WAAW;4BAC7B,MAAM,EAAE,IAAI;yBACb;qBACF;iBACF;aACF,CAAC;QACJ,CAAC,CAAC;KACH;IACD,UAAU,EAAE,KAAK,IAAI,EAAE;QACrB,IAAI,CAAC;YACH,MAAM,EAAE,2BAA2B,EAAE,GACnC,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;YACnD,IAAI,MAAM,2BAA2B,EAAE;gBAAE,OAAO,IAAI,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB;gBAAE,OAAO,IAAI,CAAC;QACnD,CAAC;QACD,IAAI,CAAC;YACH,IAAI,MAAM,2BAA2B,EAAE;gBAAE,OAAO,IAAI,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,wCAAwC;QAC1C,CAAC;QACD,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QACjE,IAAI,CAAC;YACH,OAAO,8BAA8B,CAAC,MAAM,UAAU,CAAC,cAAc,CAAC,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF,CAAC;AAEF,6EAA6E;AAC7E,MAAM,YAAY,GAAmB;IACnC,EAAE,EAAE,UAAU;IACd,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,KAAK;IACf,KAAK,EAAE,UAAU;IACjB,WAAW,EACT,+GAA+G;IACjH,OAAO,EAAE;QACP;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,kBAAkB;YACzB,WAAW,EAAE,sDAAsD;YACnE,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,cAAc;wBACnB,KAAK,EAAE,cAAc;wBACrB,WAAW,EAAE,kDAAkD;qBAChE;oBACD;wBACE,GAAG,EAAE,qBAAqB;wBAC1B,KAAK,EAAE,iCAAiC;wBACxC,WAAW,EAAE,0CAA0C;wBACvD,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;KACF;IACD,kEAAkE;IAClE,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI;CACvB,CAAC;AAEF,yEAAyE;AACzE,MAAM,QAAQ,GAAmB;IAC/B,EAAE,EAAE,MAAM;IACV,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,KAAK;IACf,KAAK,EAAE,gBAAgB;IACvB,WAAW,EACT,qHAAqH;IACvH,OAAO,EAAE;QACP;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,cAAc;YACrB,WAAW,EAAE,6CAA6C;YAC1D,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,kBAAkB,EAAE;oBACtD;wBACE,GAAG,EAAE,sBAAsB;wBAC3B,KAAK,EAAE,sBAAsB;wBAC7B,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;QACD;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,cAAc;YACrB,WAAW,EAAE,6CAA6C;YAC1D,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,kBAAkB,EAAE;oBACtD;wBACE,GAAG,EAAE,sBAAsB;wBAC3B,KAAK,EAAE,sBAAsB;wBAC7B,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;QACD;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,qBAAqB;YAC5B,WAAW,EAAE,kDAAkD;YAC/D,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,cAAc;wBACnB,KAAK,EAAE,cAAc;wBACrB,WAAW,EAAE,6BAA6B;wBAC1C,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;KACF;IACD,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI;CACvB,CAAC;AAEF,6EAA6E;AAC7E,MAAM,SAAS,GAAmB;IAChC,EAAE,EAAE,OAAO;IACX,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,KAAK;IACf,KAAK,EAAE,gBAAgB;IACvB,WAAW,EACT,iIAAiI;IACnI,OAAO,EAAE;QACP;YACE,EAAE,EAAE,QAAQ;YACZ,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,QAAQ;YACf,WAAW,EAAE,qCAAqC;YAClD,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,gBAAgB;wBACrB,KAAK,EAAE,gBAAgB;wBACvB,WAAW,EAAE,QAAQ;wBACrB,MAAM,EAAE,IAAI;qBACb;oBACD;wBACE,GAAG,EAAE,YAAY;wBACjB,KAAK,EAAE,2BAA2B;wBAClC,WAAW,EAAE,uCAAuC;qBACrD;oBACD;wBACE,GAAG,EAAE,UAAU;wBACf,KAAK,EAAE,mCAAmC;wBAC1C,WAAW,EAAE,YAAY;qBAC1B;iBACF;aACF;SACF;QACD;YACE,EAAE,EAAE,UAAU;YACd,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,UAAU;YACjB,WAAW,EAAE,uCAAuC;YACpD,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,kBAAkB;wBACvB,KAAK,EAAE,kBAAkB;wBACzB,WAAW,EAAE,QAAQ;wBACrB,MAAM,EAAE,IAAI;qBACb;oBACD;wBACE,GAAG,EAAE,YAAY;wBACjB,KAAK,EAAE,2BAA2B;wBAClC,WAAW,EAAE,uCAAuC;qBACrD;iBACF;aACF;SACF;KACF;IACD,UAAU,EAAE,GAAG,EAAE;QACf,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc;YAAE,OAAO,IAAI,CAAC;QAC5C,uEAAuE;QACvE,wEAAwE;QACxE,iBAAiB;QACjB,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB;YAAE,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;QAClE,OAAO,KAAK,CAAC;IACf,CAAC;CACF,CAAC;AAEF,IAAI,UAAU,GAAG,KAAK,CAAC;AAEvB,6DAA6D;AAC7D,MAAM,UAAU,8BAA8B;IAC5C,IAAI,UAAU;QAAE,OAAO;IACvB,UAAU,GAAG,IAAI,CAAC;IAClB,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAChC,sBAAsB,CAAC,YAAY,CAAC,CAAC;IACrC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IACjC,sBAAsB,CAAC,SAAS,CAAC,CAAC;AACpC,CAAC","sourcesContent":["/**\n * Default framework-level onboarding steps.\n *\n * Registered when `createOnboardingPlugin()` mounts (auto-mount or explicit).\n * Templates can override any step by registering another step with the same\n * `id` after these have been registered.\n */\n\nimport { registerOnboardingStep } from \"./registry.js\";\nimport type { OnboardingStep } from \"./types.js\";\nimport {\n PROVIDER_ENV_META,\n PROVIDER_ENV_VARS,\n} from \"../agent/engine/provider-env-vars.js\";\nimport {\n detectEngineFromUserSecrets,\n isAgentEngineSettingConfigured,\n} from \"../agent/engine/registry.js\";\nimport { getSetting } from \"../settings/store.js\";\n\ntype LlmKeyMethod = {\n provider: keyof typeof PROVIDER_ENV_META;\n id: string;\n label: string;\n description: string;\n primary?: boolean;\n};\n\nconst LLM_KEY_METHODS: LlmKeyMethod[] = [\n {\n provider: \"anthropic\",\n id: \"anthropic-key\",\n label: \"Anthropic\",\n description: \"Claude models with your own Anthropic key.\",\n },\n {\n provider: \"openai\",\n id: \"openai-key\",\n label: \"OpenAI\",\n description: \"GPT models with your own OpenAI key.\",\n },\n {\n provider: \"google\",\n id: \"google-key\",\n label: \"Google Gemini\",\n description: \"Gemini models with your own Google AI key.\",\n },\n {\n provider: \"openrouter\",\n id: \"openrouter-key\",\n label: \"OpenRouter\",\n description: \"OpenRouter models with your own OpenRouter key.\",\n },\n {\n provider: \"groq\",\n id: \"groq-key\",\n label: \"Groq\",\n description: \"Groq-hosted models with your own Groq key.\",\n },\n {\n provider: \"mistral\",\n id: \"mistral-key\",\n label: \"Mistral\",\n description: \"Mistral models with your own Mistral key.\",\n },\n {\n provider: \"cohere\",\n id: \"cohere-key\",\n label: \"Cohere\",\n description: \"Cohere models with your own Cohere key.\",\n },\n];\n\nconst llmStep: OnboardingStep = {\n id: \"llm\",\n order: 10,\n required: true,\n title: \"Connect an AI engine\",\n description: \"Use Builder's managed gateway, or bring your own provider key.\",\n methods: [\n {\n id: \"builder\",\n kind: \"builder-cli-auth\",\n label: \"Connect Builder\",\n description:\n \"Connect the Builder space where this app should run. This unlocks managed LLM credits, browser automation, and file uploads. Cloud code changes appear when Builder Cloud Agents are enabled for the workspace.\",\n primary: true,\n payload: {\n scope: \"llm\",\n },\n },\n ...LLM_KEY_METHODS.map(({ provider, id, label, description, primary }) => {\n const meta = PROVIDER_ENV_META[provider];\n return {\n id,\n kind: \"form\" as const,\n label,\n description,\n ...(primary ? { primary: true } : {}),\n payload: {\n writeScope: \"workspace\" as const,\n fields: [\n {\n key: meta.envVar,\n label: meta.envVar,\n placeholder: meta.placeholder,\n secret: true,\n },\n ],\n },\n };\n }),\n ],\n isComplete: async () => {\n try {\n const { resolveHasBuilderPrivateKey } =\n await import(\"../server/credential-provider.js\");\n if (await resolveHasBuilderPrivateKey()) return true;\n } catch {\n if (process.env.BUILDER_PRIVATE_KEY) return true;\n }\n try {\n if (await detectEngineFromUserSecrets()) return true;\n } catch {\n // Fall through to legacy/env detection.\n }\n if (PROVIDER_ENV_VARS.some((k) => !!process.env[k])) return true;\n try {\n return isAgentEngineSettingConfigured(await getSetting(\"agent-engine\"));\n } catch {\n return false;\n }\n },\n};\n\n/** Step 2 — where application data lives. The default DB is non-blocking. */\nconst databaseStep: OnboardingStep = {\n id: \"database\",\n order: 20,\n required: false,\n title: \"Database\",\n description:\n \"Agent-native stores app data in SQL. Set DATABASE_URL when you want to point this app at a specific database.\",\n methods: [\n {\n id: \"database-url\",\n kind: \"form\",\n label: \"Set DATABASE_URL\",\n description: \"Paste the SQL connection string this app should use.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"DATABASE_URL\",\n label: \"DATABASE_URL\",\n placeholder: \"postgres://..., libsql://..., file:./data/app.db\",\n },\n {\n key: \"DATABASE_AUTH_TOKEN\",\n label: \"DATABASE_AUTH_TOKEN (if needed)\",\n placeholder: \"Token for providers such as Turso/libSQL\",\n secret: true,\n },\n ],\n },\n },\n ],\n // The default local database means this step is always satisfied.\n isComplete: () => true,\n};\n\n/** Step 3 — how users sign in. Built-in account auth is non-blocking. */\nconst authStep: OnboardingStep = {\n id: \"auth\",\n order: 30,\n required: false,\n title: \"Authentication\",\n description:\n \"Built-in email/password accounts work by default. Add OAuth or access tokens only if you want another sign-in path.\",\n methods: [\n {\n id: \"google-oauth\",\n kind: \"form\",\n label: \"Google OAuth\",\n description: \"Add Google as an optional sign-in provider.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n { key: \"GOOGLE_CLIENT_ID\", label: \"GOOGLE_CLIENT_ID\" },\n {\n key: \"GOOGLE_CLIENT_SECRET\",\n label: \"GOOGLE_CLIENT_SECRET\",\n secret: true,\n },\n ],\n },\n },\n {\n id: \"github-oauth\",\n kind: \"form\",\n label: \"GitHub OAuth\",\n description: \"Add GitHub as an optional sign-in provider.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n { key: \"GITHUB_CLIENT_ID\", label: \"GITHUB_CLIENT_ID\" },\n {\n key: \"GITHUB_CLIENT_SECRET\",\n label: \"GITHUB_CLIENT_SECRET\",\n secret: true,\n },\n ],\n },\n },\n {\n id: \"access-token\",\n kind: \"form\",\n label: \"Shared access token\",\n description: \"Use a simple token gate for private deployments.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"ACCESS_TOKEN\",\n label: \"ACCESS_TOKEN\",\n placeholder: \"Paste a strong shared token\",\n secret: true,\n },\n ],\n },\n },\n ],\n isComplete: () => true,\n};\n\n/** Step 4 — transactional email (password resets, invitations). Optional. */\nconst emailStep: OnboardingStep = {\n id: \"email\",\n order: 40,\n required: false,\n title: \"Email delivery\",\n description:\n \"Optional for local work. Before deploying with password resets, invitations, or share notifications, connect an email provider.\",\n methods: [\n {\n id: \"resend\",\n kind: \"form\",\n label: \"Resend\",\n description: \"Use Resend for transactional email.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"RESEND_API_KEY\",\n label: \"RESEND_API_KEY\",\n placeholder: \"re_...\",\n secret: true,\n },\n {\n key: \"EMAIL_FROM\",\n label: \"EMAIL_FROM (from address)\",\n placeholder: \"Agent Native <noreply@yourdomain.com>\",\n },\n {\n key: \"APP_NAME\",\n label: \"APP_NAME (shown in invite emails)\",\n placeholder: \"Acme Forms\",\n },\n ],\n },\n },\n {\n id: \"sendgrid\",\n kind: \"form\",\n label: \"SendGrid\",\n description: \"Use SendGrid for transactional email.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"SENDGRID_API_KEY\",\n label: \"SENDGRID_API_KEY\",\n placeholder: \"SG....\",\n secret: true,\n },\n {\n key: \"EMAIL_FROM\",\n label: \"EMAIL_FROM (from address)\",\n placeholder: \"Agent Native <noreply@yourdomain.com>\",\n },\n ],\n },\n },\n ],\n isComplete: () => {\n if (process.env.RESEND_API_KEY) return true;\n // SendGrid rejects Resend's sandbox sender, so EMAIL_FROM must also be\n // set — otherwise sendEmail() throws at runtime even though the API key\n // is configured.\n if (process.env.SENDGRID_API_KEY) return !!process.env.EMAIL_FROM;\n return false;\n },\n};\n\nlet registered = false;\n\n/** Idempotent. Safe to call from every plugin-mount call. */\nexport function registerDefaultOnboardingSteps(): void {\n if (registered) return;\n registered = true;\n registerOnboardingStep(llmStep);\n registerOnboardingStep(databaseStep);\n registerOnboardingStep(authStep);\n registerOnboardingStep(emailStep);\n}\n"]}
1
+ {"version":3,"file":"default-steps.js","sourceRoot":"","sources":["../../src/onboarding/default-steps.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AAEvD,OAAO,EACL,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,sCAAsC,CAAC;AAC9C,OAAO,EACL,2BAA2B,EAC3B,8BAA8B,GAC/B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAUlD,MAAM,eAAe,GAAmB;IACtC;QACE,QAAQ,EAAE,WAAW;QACrB,EAAE,EAAE,eAAe;QACnB,KAAK,EAAE,WAAW;QAClB,WAAW,EAAE,4CAA4C;KAC1D;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,EAAE,EAAE,YAAY;QAChB,KAAK,EAAE,QAAQ;QACf,WAAW,EAAE,sCAAsC;KACpD;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,EAAE,EAAE,YAAY;QAChB,KAAK,EAAE,eAAe;QACtB,WAAW,EAAE,4CAA4C;KAC1D;IACD;QACE,QAAQ,EAAE,YAAY;QACtB,EAAE,EAAE,gBAAgB;QACpB,KAAK,EAAE,YAAY;QACnB,WAAW,EAAE,iDAAiD;KAC/D;IACD;QACE,QAAQ,EAAE,MAAM;QAChB,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,MAAM;QACb,WAAW,EAAE,4CAA4C;KAC1D;IACD;QACE,QAAQ,EAAE,SAAS;QACnB,EAAE,EAAE,aAAa;QACjB,KAAK,EAAE,SAAS;QAChB,WAAW,EAAE,2CAA2C;KACzD;IACD;QACE,QAAQ,EAAE,QAAQ;QAClB,EAAE,EAAE,YAAY;QAChB,KAAK,EAAE,QAAQ;QACf,WAAW,EAAE,yCAAyC;KACvD;CACF,CAAC;AAEF,MAAM,OAAO,GAAmB;IAC9B,EAAE,EAAE,KAAK;IACT,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,IAAI;IACd,KAAK,EAAE,sBAAsB;IAC7B,WAAW,EAAE,gEAAgE;IAC7E,OAAO,EAAE;QACP;YACE,EAAE,EAAE,SAAS;YACb,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,iBAAiB;YACxB,WAAW,EACT,mNAAmN;YACrN,OAAO,EAAE,IAAI;YACb,OAAO,EAAE;gBACP,KAAK,EAAE,KAAK;aACb;SACF;QACD,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE,EAAE;YACvE,MAAM,IAAI,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YACzC,OAAO;gBACL,EAAE;gBACF,IAAI,EAAE,MAAe;gBACrB,KAAK;gBACL,WAAW;gBACX,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrC,OAAO,EAAE;oBACP,UAAU,EAAE,WAAoB;oBAChC,MAAM,EAAE;wBACN;4BACE,GAAG,EAAE,IAAI,CAAC,MAAM;4BAChB,KAAK,EAAE,IAAI,CAAC,MAAM;4BAClB,WAAW,EAAE,IAAI,CAAC,WAAW;4BAC7B,MAAM,EAAE,IAAI;yBACb;qBACF;iBACF;aACF,CAAC;QACJ,CAAC,CAAC;KACH;IACD,UAAU,EAAE,KAAK,IAAI,EAAE;QACrB,IAAI,CAAC;YACH,MAAM,EAAE,2BAA2B,EAAE,GACnC,MAAM,MAAM,CAAC,kCAAkC,CAAC,CAAC;YACnD,IAAI,MAAM,2BAA2B,EAAE;gBAAE,OAAO,IAAI,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB;gBAAE,OAAO,IAAI,CAAC;QACnD,CAAC;QACD,IAAI,CAAC;YACH,IAAI,MAAM,2BAA2B,EAAE;gBAAE,OAAO,IAAI,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,wCAAwC;QAC1C,CAAC;QACD,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QACjE,IAAI,CAAC;YACH,OAAO,8BAA8B,CAAC,MAAM,UAAU,CAAC,cAAc,CAAC,CAAC,CAAC;QAC1E,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF,CAAC;AAEF,6EAA6E;AAC7E,MAAM,YAAY,GAAmB;IACnC,EAAE,EAAE,UAAU;IACd,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,KAAK;IACf,KAAK,EAAE,UAAU;IACjB,WAAW,EACT,+GAA+G;IACjH,OAAO,EAAE;QACP;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,kBAAkB;YACzB,WAAW,EAAE,sDAAsD;YACnE,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,cAAc;wBACnB,KAAK,EAAE,cAAc;wBACrB,WAAW,EAAE,kDAAkD;qBAChE;oBACD;wBACE,GAAG,EAAE,qBAAqB;wBAC1B,KAAK,EAAE,iCAAiC;wBACxC,WAAW,EAAE,0CAA0C;wBACvD,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;KACF;IACD,kEAAkE;IAClE,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI;CACvB,CAAC;AAEF,yEAAyE;AACzE,MAAM,QAAQ,GAAmB;IAC/B,EAAE,EAAE,MAAM;IACV,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,KAAK;IACf,KAAK,EAAE,gBAAgB;IACvB,WAAW,EACT,qHAAqH;IACvH,OAAO,EAAE;QACP;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,cAAc;YACrB,WAAW,EAAE,6CAA6C;YAC1D,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,kBAAkB,EAAE;oBACtD;wBACE,GAAG,EAAE,sBAAsB;wBAC3B,KAAK,EAAE,sBAAsB;wBAC7B,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;QACD;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,cAAc;YACrB,WAAW,EAAE,6CAA6C;YAC1D,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,kBAAkB,EAAE;oBACtD;wBACE,GAAG,EAAE,sBAAsB;wBAC3B,KAAK,EAAE,sBAAsB;wBAC7B,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;QACD;YACE,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,qBAAqB;YAC5B,WAAW,EAAE,kDAAkD;YAC/D,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,cAAc;wBACnB,KAAK,EAAE,cAAc;wBACrB,WAAW,EAAE,6BAA6B;wBAC1C,MAAM,EAAE,IAAI;qBACb;iBACF;aACF;SACF;KACF;IACD,UAAU,EAAE,GAAG,EAAE,CAAC,IAAI;CACvB,CAAC;AAEF,6EAA6E;AAC7E,MAAM,SAAS,GAAmB;IAChC,EAAE,EAAE,OAAO;IACX,KAAK,EAAE,EAAE;IACT,QAAQ,EAAE,KAAK;IACf,KAAK,EAAE,gBAAgB;IACvB,WAAW,EACT,iIAAiI;IACnI,OAAO,EAAE;QACP;YACE,EAAE,EAAE,QAAQ;YACZ,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,QAAQ;YACf,WAAW,EAAE,qCAAqC;YAClD,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,gBAAgB;wBACrB,KAAK,EAAE,gBAAgB;wBACvB,WAAW,EAAE,QAAQ;wBACrB,MAAM,EAAE,IAAI;qBACb;oBACD;wBACE,GAAG,EAAE,YAAY;wBACjB,KAAK,EAAE,2BAA2B;wBAClC,WAAW,EAAE,uCAAuC;qBACrD;oBACD;wBACE,GAAG,EAAE,UAAU;wBACf,KAAK,EAAE,mCAAmC;wBAC1C,WAAW,EAAE,YAAY;qBAC1B;iBACF;aACF;SACF;QACD;YACE,EAAE,EAAE,UAAU;YACd,IAAI,EAAE,MAAM;YACZ,KAAK,EAAE,UAAU;YACjB,WAAW,EAAE,uCAAuC;YACpD,OAAO,EAAE;gBACP,UAAU,EAAE,WAAW;gBACvB,MAAM,EAAE;oBACN;wBACE,GAAG,EAAE,kBAAkB;wBACvB,KAAK,EAAE,kBAAkB;wBACzB,WAAW,EAAE,QAAQ;wBACrB,MAAM,EAAE,IAAI;qBACb;oBACD;wBACE,GAAG,EAAE,YAAY;wBACjB,KAAK,EAAE,2BAA2B;wBAClC,WAAW,EAAE,uCAAuC;qBACrD;iBACF;aACF;SACF;KACF;IACD,UAAU,EAAE,GAAG,EAAE;QACf,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc;YAAE,OAAO,IAAI,CAAC;QAC5C,uEAAuE;QACvE,wEAAwE;QACxE,iBAAiB;QACjB,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB;YAAE,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;QAClE,OAAO,KAAK,CAAC;IACf,CAAC;CACF,CAAC;AAEF,IAAI,UAAU,GAAG,KAAK,CAAC;AAEvB,6DAA6D;AAC7D,MAAM,UAAU,8BAA8B;IAC5C,IAAI,UAAU;QAAE,OAAO;IACvB,UAAU,GAAG,IAAI,CAAC;IAClB,sBAAsB,CAAC,OAAO,CAAC,CAAC;IAChC,sBAAsB,CAAC,YAAY,CAAC,CAAC;IACrC,sBAAsB,CAAC,QAAQ,CAAC,CAAC;IACjC,sBAAsB,CAAC,SAAS,CAAC,CAAC;AACpC,CAAC","sourcesContent":["/**\n * Default framework-level onboarding steps.\n *\n * Registered when `createOnboardingPlugin()` mounts (auto-mount or explicit).\n * Templates can override any step by registering another step with the same\n * `id` after these have been registered.\n */\n\nimport { registerOnboardingStep } from \"./registry.js\";\nimport type { OnboardingStep } from \"./types.js\";\nimport {\n PROVIDER_ENV_META,\n PROVIDER_ENV_VARS,\n} from \"../agent/engine/provider-env-vars.js\";\nimport {\n detectEngineFromUserSecrets,\n isAgentEngineSettingConfigured,\n} from \"../agent/engine/registry.js\";\nimport { getSetting } from \"../settings/store.js\";\n\ntype LlmKeyMethod = {\n provider: keyof typeof PROVIDER_ENV_META;\n id: string;\n label: string;\n description: string;\n primary?: boolean;\n};\n\nconst LLM_KEY_METHODS: LlmKeyMethod[] = [\n {\n provider: \"anthropic\",\n id: \"anthropic-key\",\n label: \"Anthropic\",\n description: \"Claude models with your own Anthropic key.\",\n },\n {\n provider: \"openai\",\n id: \"openai-key\",\n label: \"OpenAI\",\n description: \"GPT models with your own OpenAI key.\",\n },\n {\n provider: \"google\",\n id: \"google-key\",\n label: \"Google Gemini\",\n description: \"Gemini models with your own Google AI key.\",\n },\n {\n provider: \"openrouter\",\n id: \"openrouter-key\",\n label: \"OpenRouter\",\n description: \"OpenRouter models with your own OpenRouter key.\",\n },\n {\n provider: \"groq\",\n id: \"groq-key\",\n label: \"Groq\",\n description: \"Groq-hosted models with your own Groq key.\",\n },\n {\n provider: \"mistral\",\n id: \"mistral-key\",\n label: \"Mistral\",\n description: \"Mistral models with your own Mistral key.\",\n },\n {\n provider: \"cohere\",\n id: \"cohere-key\",\n label: \"Cohere\",\n description: \"Cohere models with your own Cohere key.\",\n },\n];\n\nconst llmStep: OnboardingStep = {\n id: \"llm\",\n order: 10,\n required: true,\n title: \"Connect an AI engine\",\n description: \"Use Builder's managed gateway, or bring your own provider key.\",\n methods: [\n {\n id: \"builder\",\n kind: \"builder-cli-auth\",\n label: \"Connect Builder\",\n description:\n \"Connect the Builder space where this app should run. This unlocks managed LLM credits, browser automation, and file uploads. Cloud code changes appear when Builder Cloud Agents are available for the workspace.\",\n primary: true,\n payload: {\n scope: \"llm\",\n },\n },\n ...LLM_KEY_METHODS.map(({ provider, id, label, description, primary }) => {\n const meta = PROVIDER_ENV_META[provider];\n return {\n id,\n kind: \"form\" as const,\n label,\n description,\n ...(primary ? { primary: true } : {}),\n payload: {\n writeScope: \"workspace\" as const,\n fields: [\n {\n key: meta.envVar,\n label: meta.envVar,\n placeholder: meta.placeholder,\n secret: true,\n },\n ],\n },\n };\n }),\n ],\n isComplete: async () => {\n try {\n const { resolveHasBuilderPrivateKey } =\n await import(\"../server/credential-provider.js\");\n if (await resolveHasBuilderPrivateKey()) return true;\n } catch {\n if (process.env.BUILDER_PRIVATE_KEY) return true;\n }\n try {\n if (await detectEngineFromUserSecrets()) return true;\n } catch {\n // Fall through to legacy/env detection.\n }\n if (PROVIDER_ENV_VARS.some((k) => !!process.env[k])) return true;\n try {\n return isAgentEngineSettingConfigured(await getSetting(\"agent-engine\"));\n } catch {\n return false;\n }\n },\n};\n\n/** Step 2 — where application data lives. The default DB is non-blocking. */\nconst databaseStep: OnboardingStep = {\n id: \"database\",\n order: 20,\n required: false,\n title: \"Database\",\n description:\n \"Agent-native stores app data in SQL. Set DATABASE_URL when you want to point this app at a specific database.\",\n methods: [\n {\n id: \"database-url\",\n kind: \"form\",\n label: \"Set DATABASE_URL\",\n description: \"Paste the SQL connection string this app should use.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"DATABASE_URL\",\n label: \"DATABASE_URL\",\n placeholder: \"postgres://..., libsql://..., file:./data/app.db\",\n },\n {\n key: \"DATABASE_AUTH_TOKEN\",\n label: \"DATABASE_AUTH_TOKEN (if needed)\",\n placeholder: \"Token for providers such as Turso/libSQL\",\n secret: true,\n },\n ],\n },\n },\n ],\n // The default local database means this step is always satisfied.\n isComplete: () => true,\n};\n\n/** Step 3 — how users sign in. Built-in account auth is non-blocking. */\nconst authStep: OnboardingStep = {\n id: \"auth\",\n order: 30,\n required: false,\n title: \"Authentication\",\n description:\n \"Built-in email/password accounts work by default. Add OAuth or access tokens only if you want another sign-in path.\",\n methods: [\n {\n id: \"google-oauth\",\n kind: \"form\",\n label: \"Google OAuth\",\n description: \"Add Google as an optional sign-in provider.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n { key: \"GOOGLE_CLIENT_ID\", label: \"GOOGLE_CLIENT_ID\" },\n {\n key: \"GOOGLE_CLIENT_SECRET\",\n label: \"GOOGLE_CLIENT_SECRET\",\n secret: true,\n },\n ],\n },\n },\n {\n id: \"github-oauth\",\n kind: \"form\",\n label: \"GitHub OAuth\",\n description: \"Add GitHub as an optional sign-in provider.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n { key: \"GITHUB_CLIENT_ID\", label: \"GITHUB_CLIENT_ID\" },\n {\n key: \"GITHUB_CLIENT_SECRET\",\n label: \"GITHUB_CLIENT_SECRET\",\n secret: true,\n },\n ],\n },\n },\n {\n id: \"access-token\",\n kind: \"form\",\n label: \"Shared access token\",\n description: \"Use a simple token gate for private deployments.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"ACCESS_TOKEN\",\n label: \"ACCESS_TOKEN\",\n placeholder: \"Paste a strong shared token\",\n secret: true,\n },\n ],\n },\n },\n ],\n isComplete: () => true,\n};\n\n/** Step 4 — transactional email (password resets, invitations). Optional. */\nconst emailStep: OnboardingStep = {\n id: \"email\",\n order: 40,\n required: false,\n title: \"Email delivery\",\n description:\n \"Optional for local work. Before deploying with password resets, invitations, or share notifications, connect an email provider.\",\n methods: [\n {\n id: \"resend\",\n kind: \"form\",\n label: \"Resend\",\n description: \"Use Resend for transactional email.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"RESEND_API_KEY\",\n label: \"RESEND_API_KEY\",\n placeholder: \"re_...\",\n secret: true,\n },\n {\n key: \"EMAIL_FROM\",\n label: \"EMAIL_FROM (from address)\",\n placeholder: \"Agent Native <noreply@yourdomain.com>\",\n },\n {\n key: \"APP_NAME\",\n label: \"APP_NAME (shown in invite emails)\",\n placeholder: \"Acme Forms\",\n },\n ],\n },\n },\n {\n id: \"sendgrid\",\n kind: \"form\",\n label: \"SendGrid\",\n description: \"Use SendGrid for transactional email.\",\n payload: {\n writeScope: \"workspace\",\n fields: [\n {\n key: \"SENDGRID_API_KEY\",\n label: \"SENDGRID_API_KEY\",\n placeholder: \"SG....\",\n secret: true,\n },\n {\n key: \"EMAIL_FROM\",\n label: \"EMAIL_FROM (from address)\",\n placeholder: \"Agent Native <noreply@yourdomain.com>\",\n },\n ],\n },\n },\n ],\n isComplete: () => {\n if (process.env.RESEND_API_KEY) return true;\n // SendGrid rejects Resend's sandbox sender, so EMAIL_FROM must also be\n // set — otherwise sendEmail() throws at runtime even though the API key\n // is configured.\n if (process.env.SENDGRID_API_KEY) return !!process.env.EMAIL_FROM;\n return false;\n },\n};\n\nlet registered = false;\n\n/** Idempotent. Safe to call from every plugin-mount call. */\nexport function registerDefaultOnboardingSteps(): void {\n if (registered) return;\n registered = true;\n registerOnboardingStep(llmStep);\n registerOnboardingStep(databaseStep);\n registerOnboardingStep(authStep);\n registerOnboardingStep(emailStep);\n}\n"]}
package/dist/org/context.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import type { H3Event } from "h3";
2
- import type { OrgContext } from "./types.js";
2
+ import type { OrgContext, OrgRole } from "./types.js";
3
3
  /**
4
4
  * Resolve the current user's organization context from their session.
5
5
  *
@@ -20,6 +20,20 @@ export declare function getOrgContext(event: H3Event): Promise<OrgContext>;
20
20
  * Returns null if the user has no memberships.
21
21
  */
22
22
  export declare function resolveOrgIdForEmail(email: string): Promise<string | null>;
23
+ /**
24
+ * Create a new organization and add the caller as a member with the given
25
+ * role. Generates a per-org A2A secret for cross-app delegation and writes
26
+ * the caller's `active-org-id` user-setting so the new org is immediately
27
+ * active.
28
+ *
29
+ */
30
+ export declare function createOrganization(name: string, email: string, role?: OrgRole): Promise<{
31
+ id: string;
32
+ name: string;
33
+ role: OrgRole;
34
+ a2aSecret: string;
35
+ createdAt: number;
36
+ }>;
23
37
  /**
24
38
  * Look up the `allowed_domain` for an org by its ID.
25
39
  * Used when making outbound A2A calls so the JWT includes the
package/dist/org/context.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/org/context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;AAKlC,OAAO,KAAK,EAAE,UAAU,EAAW,MAAM,YAAY,CAAC;AAatD;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAkEvE;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAqBxB;AAqLD;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAaxE;AAED;;;;GAIG;AACH,wBAAsB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAa3E;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAaxB;AAED;;;;GAIG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAepD"}
1
+ {"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../src/org/context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;AAKlC,OAAO,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAatD;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAkEvE;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACxC,KAAK,EAAE,MAAM,GACZ,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAqBxB;AAED;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CACtC,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,IAAI,GAAE,OAAiB,GACtB,OAAO,CAAC;IACT,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB,CAAC,CAqBD;AAqLD;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAaxE;AAED;;;;GAIG;AACH,wBAAsB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAa3E;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAaxB;AAED;;;;GAIG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAAC,CAepD"}
package/dist/org/context.js CHANGED
@@ -108,6 +108,31 @@ export async function resolveOrgIdForEmail(email) {
108
108
  return null;
109
109
  }
110
110
  }
111
+ /**
112
+ * Create a new organization and add the caller as a member with the given
113
+ * role. Generates a per-org A2A secret for cross-app delegation and writes
114
+ * the caller's `active-org-id` user-setting so the new org is immediately
115
+ * active.
116
+ *
117
+ */
118
+ export async function createOrganization(name, email, role = "owner") {
119
+ const trimmedName = name.trim();
120
+ const exec = getDbExec();
121
+ const id = nanoid();
122
+ const createdAt = Date.now();
123
+ const { randomBytes } = await import("node:crypto");
124
+ const a2aSecret = randomBytes(32).toString("base64url");
125
+ await exec.execute({
126
+ sql: `INSERT INTO organizations (id, name, created_by, created_at, a2a_secret) VALUES (?, ?, ?, ?, ?)`,
127
+ args: [id, trimmedName, email, createdAt, a2aSecret],
128
+ });
129
+ await exec.execute({
130
+ sql: `INSERT INTO org_members (id, org_id, email, role, joined_at) VALUES (?, ?, ?, ?, ?)`,
131
+ args: [nanoid(), id, email, role, createdAt],
132
+ });
133
+ await putUserSetting(email, "active-org-id", { orgId: id });
134
+ return { id, name: trimmedName, role, a2aSecret, createdAt };
135
+ }
111
136
  function defaultOrgName(email, session) {
112
137
  const full = session?.name?.trim();
113
138
  if (full)
package/dist/org/context.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"context.js","sourceRoot":"","sources":["../../src/org/context.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9E,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAGlD,MAAM,aAAa,GAAe;IAChC,KAAK,EAAE,EAAE;IACT,KAAK,EAAE,IAAI;IACX,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,IAAI;CACX,CAAC;AAEF,MAAM,MAAM,GAAG,GAAW,EAAE,CAC1B,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;IACnD,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;AAEhE;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAc;IAChD,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,CAAC;IAC7B,IAAI,CAAC,KAAK;QAAE,OAAO,aAAa,CAAC;IAEjC,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IAEzB,IAAI,WAAW,GAIV,EAAE,CAAC;IACR,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE;;;qCAG0B;YAC/B,IAAI,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;SAC5B,CAAC,CAAC;QACH,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;YAClC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,MAAM,CAAC;YAClC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAY;YAC/B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,QAAQ,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;IAAC,MAAM,CAAC;QACP,mEAAmE;QACnE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAC3D,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,CAAC;QACpE,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QAChE,IAAI,OAAO;YAAE,OAAO,OAAO,CAAC;QAC5B,8DAA8D;QAC9D,iDAAiD;IACnD,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAC3D,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,gBAAgB,GAAG,CAAC,MAAM,cAAc,CAAC,KAAK,EAAE,eAAe,CAAC,CAE9D,CAAC;QACT,IAAI,gBAAgB,EAAE,KAAK,EAAE,CAAC;YAC5B,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,gBAAgB,CAAC,KAAK,CAC1C,CAAC;YACF,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO;oBACL,KAAK;oBACL,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,IAAI,EAAE,MAAM,CAAC,IAAI;iBAClB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,KAAK;QAC3B,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO;QAC/B,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI;KAC1B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAa;IAEb,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,uDAAuD;YAC5D,IAAI,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;SAC5B,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QACnD,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,gBAAgB,GAAG,CAAC,MAAM,cAAc,CAAC,KAAK,EAAE,eAAe,CAAC,CAE9D,CAAC;QACT,IAAI,gBAAgB,EAAE,KAAK,IAAI,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC;YACpE,OAAO,gBAAgB,CAAC,KAAK,CAAC;QAChC,CAAC;QACD,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CACrB,KAAa,EACb,OAAiC;IAEjC,MAAM,IAAI,GAAG,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACnC,IAAI,IAAI;QAAE,OAAO,GAAG,IAAI,cAAc,CAAC;IACvC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC;IAC3C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,MAAM,GACV,OAAO;SACJ,KAAK,CAAC,GAAG,CAAC;SACV,MAAM,CAAC,OAAO,CAAC;SACf,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;SAClD,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IACvB,OAAO,GAAG,MAAM,cAAc,CAAC;AACjC,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,oBAAoB,CACjC,IAAkC,EAClC,KAAa;IAEb,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,qFAAqF;YAC1F,IAAI,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;SAC5B,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,4DAA4D;QAC5D,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAkC,EAClC,KAAa;IAEb,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC;QAClD,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAC1B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,qEAAqE;YAC1E,IAAI,EAAE,CAAC,MAAM,CAAC;SACf,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;sDAIsD;AACtD,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnC;;;;;;;;;;;;;;;;;;;GAmBG;AACH,KAAK,UAAU,mBAAmB,CAChC,IAAkC,EAClC,KAAa,EACb,OAAiC;IAEjC,sEAAsE;IACtE,mEAAmE;IACnE,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IAE7C,MAAM,QAAQ,GAAG,KAAK,KAAK,CAAC,WAAW,EAAE,oBAAoB,CAAC;IAE9D,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvD,sEAAsE;IACtE,qEAAqE;IACrE,mEAAmE;IACnE,yDAAyD;IACzD,IAAI,MAAM,oBAAoB,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC;QAC5C,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,MAAM,cAAc,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC;QACtC,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,IAAI,CAAC,OAAO,CAAC;YACjB,GAAG,EAAE,kFAAkF;YACvF,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC;SACnC,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,OAAO,CAAC;YACjB,GAAG,EAAE,qFAAqF;YAC1F,IAAI,EAAE,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,CAAC;SAC7C,CAAC,CAAC;QAEH,MAAM,cAAc,CAAC,KAAK,EAAE,eAAe,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAExD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,IAAkC,EAClC,QAAgB;IAEhB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,OAAO,CAAC;YACjB,GAAG,EAAE,gEAAgE;YACrE,IAAI,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC;SACnD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,iEAAiE;QACjE,mDAAmD;QACnD,EAAE;QACF,2DAA2D;QAC3D,iEAAiE;QACjE,iEAAiE;QACjE,kEAAkE;QAClE,iEAAiE;QACjE,0DAA0D;QAC1D,gEAAgE;QAChE,uEAAuE;QACvE,yBAAyB;QACzB,MAAM,cAAc,GAAG,GAAG,GAAG,YAAY,CAAC;QAC1C,MAAM,MAAM,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC;YACjC,GAAG,EAAE,iFAAiF;YACtF,IAAI,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,cAAc,CAAC;SACnE,CAAC,CAA8B,CAAC;QACjC,OAAO,CAAC,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACxC,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,IAAkC,EAClC,QAAgB;IAEhB,+DAA+D;IAC/D,qEAAqE;IACrE,kDAAkD;IAClD,MAAM,IAAI;SACP,OAAO,CAAC,EAAE,GAAG,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;SACxE,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;AACrB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,KAAa;IAC9C,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,+DAA+D;YACpE,IAAI,EAAE,CAAC,KAAK,CAAC;SACd,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,MAAM,GAAG,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC;QAC7D,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,KAAa;IACjD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,2DAA2D;YAChE,IAAI,EAAE,CAAC,KAAK,CAAC;SACd,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,MAAM,GAAG,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;QACzD,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAAc;IAEd,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,8EAA8E;YACnF,IAAI,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;SAC7B,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,MAAM,GAAG,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;QACzD,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAc;IAEd,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,4EAA4E;YACjF,IAAI,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;SAC7B,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,OAAO;YACL,KAAK,EAAE,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,EAAE,CAAC;YAClC,OAAO,EAAE,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,IAAI,CAAC;SACvC,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["import type { H3Event } from \"h3\";\nimport { getSession } from \"../server/auth.js\";\nimport { getUserSetting, putUserSetting } from \"../settings/user-settings.js\";\nimport { getDbExec } from \"../db/client.js\";\nimport { getSetting } from \"../settings/store.js\";\nimport type { OrgContext, OrgRole } from \"./types.js\";\n\nconst EMPTY_CONTEXT: OrgContext = {\n email: \"\",\n orgId: null,\n orgName: null,\n role: null,\n};\n\nconst nanoid = (): string =>\n globalThis.crypto?.randomUUID?.().replace(/-/g, \"\") ??\n Math.random().toString(36).slice(2) + Date.now().toString(36);\n\n/**\n * Resolve the current user's organization context from their session.\n *\n * - For users in multiple orgs, honors their `active-org-id` user setting.\n * - Falls back to the user's first membership.\n * - When `AUTO_CREATE_DEFAULT_ORG` is set and the authenticated user has\n * zero memberships, provisions a default org named after the user\n * ({name}'s workspace, falling back to the email local-part). Opt-in\n * per deployment so templates that don't use orgs don't accrue phantom\n * default orgs in their DB. The <RequireActiveOrg> client guard remains\n * the safety net for pre-existing accounts or provisioning failures.\n */\nexport async function getOrgContext(event: H3Event): Promise<OrgContext> {\n const session = await getSession(event);\n const email = session?.email;\n if (!email) return EMPTY_CONTEXT;\n\n const exec = getDbExec();\n\n let memberships: Array<{\n orgId: string;\n role: OrgRole;\n orgName: string;\n }> = [];\n try {\n const { rows } = await exec.execute({\n sql: `SELECT m.org_id AS \"orgId\", m.role AS role, o.name AS \"orgName\"\n FROM org_members m\n INNER JOIN organizations o ON m.org_id = o.id\n WHERE LOWER(m.email) = ?`,\n args: [email.toLowerCase()],\n });\n memberships = rows.map((r: any) => ({\n orgId: String(r.orgId ?? r.org_id),\n role: String(r.role) as OrgRole,\n orgName: String(r.orgName ?? r.org_name),\n }));\n } catch {\n // Tables may not exist yet on first boot before migrations finish.\n return { email, orgId: null, orgName: null, role: null };\n }\n\n if (memberships.length === 0 && process.env.AUTO_CREATE_DEFAULT_ORG) {\n const created = await tryCreateDefaultOrg(exec, email, session);\n if (created) return created;\n // Creation failed (race / DB error); fall through and let the\n // RequireActiveOrg client guard prompt the user.\n }\n\n if (memberships.length === 0) {\n return { email, orgId: null, orgName: null, role: null };\n }\n\n if (memberships.length > 1) {\n const activeOrgSetting = (await getUserSetting(email, \"active-org-id\")) as {\n orgId: string;\n } | null;\n if (activeOrgSetting?.orgId) {\n const active = memberships.find(\n (m) => m.orgId === activeOrgSetting.orgId,\n );\n if (active) {\n return {\n email,\n orgId: active.orgId,\n orgName: active.orgName,\n role: active.role,\n };\n }\n }\n }\n\n return {\n email,\n orgId: memberships[0].orgId,\n orgName: memberships[0].orgName,\n role: memberships[0].role,\n };\n}\n\n/**\n * Resolve the active org ID for a given email — for non-HTTP contexts like\n * the integration webhook handler where we have an email but no event/session.\n * Picks the user's active-org-id setting if set, otherwise the first membership.\n * Returns null if the user has no memberships.\n */\nexport async function resolveOrgIdForEmail(\n email: string,\n): Promise<string | null> {\n const exec = getDbExec();\n if (!exec) return null;\n try {\n const { rows } = await exec.execute({\n sql: `SELECT org_id FROM org_members WHERE LOWER(email) = ?`,\n args: [email.toLowerCase()],\n });\n if (rows.length === 0) return null;\n const ids = rows.map((r: any) => String(r.org_id));\n if (ids.length === 1) return ids[0];\n const activeOrgSetting = (await getUserSetting(email, \"active-org-id\")) as {\n orgId: string;\n } | null;\n if (activeOrgSetting?.orgId && ids.includes(activeOrgSetting.orgId)) {\n return activeOrgSetting.orgId;\n }\n return ids[0];\n } catch {\n return null;\n }\n}\n\nfunction defaultOrgName(\n email: string,\n session: { name?: string } | null,\n): string {\n const full = session?.name?.trim();\n if (full) return `${full}'s workspace`;\n const local = email.split(\"@\")[0] ?? email;\n const cleaned = local.replace(/[._-]+/g, \" \").trim();\n const titled =\n cleaned\n .split(\" \")\n .filter(Boolean)\n .map((w) => w.charAt(0).toUpperCase() + w.slice(1))\n .join(\" \") || \"My\";\n return `${titled}'s workspace`;\n}\n\n/**\n * Check whether the user has a pending invitation. If so, auto-create\n * MUST be skipped — otherwise we'd provision a personal org for them\n * before they ever see the inviter's org in the RequireActiveOrg\n * accept-invite pane, and they'd never join the team that invited them.\n */\nasync function hasPendingInvitation(\n exec: ReturnType<typeof getDbExec>,\n email: string,\n): Promise<boolean> {\n try {\n const { rows } = await exec.execute({\n sql: `SELECT 1 FROM org_invitations WHERE LOWER(email) = ? AND status = 'pending' LIMIT 1`,\n args: [email.toLowerCase()],\n });\n return rows.length > 0;\n } catch {\n // If we can't tell, err on the side of NOT auto-creating — the\n // RequireActiveOrg client guard will surface the situation.\n return true;\n }\n}\n\nasync function hasDomainMatch(\n exec: ReturnType<typeof getDbExec>,\n email: string,\n): Promise<boolean> {\n try {\n const domain = email.split(\"@\")[1]?.toLowerCase();\n if (!domain) return false;\n const { rows } = await exec.execute({\n sql: `SELECT 1 FROM organizations WHERE LOWER(allowed_domain) = ? LIMIT 1`,\n args: [domain],\n });\n return rows.length > 0;\n } catch {\n return false;\n }\n}\n\n/** Stale-claim threshold. A claim row this old is treated as abandoned\n * (process crashed, DELETE failed, etc.) and a new caller may take it\n * over. Long enough that two genuine concurrent first-loads don't\n * trample each other (those settle in milliseconds), short enough that\n * a stuck user recovers on their next navigation. */\nconst CLAIM_TTL_MS = 5 * 60 * 1000;\n\n/**\n * Attempt to provision a default org + owner membership for a user with\n * zero memberships.\n *\n * Race protection: claims the user's auto-create slot via an atomic\n * INSERT into the framework `settings` table (PRIMARY KEY (key) — so\n * concurrent inserts for the same key throw uniqueness violations on\n * both SQLite and Postgres). Only the request that wins the claim\n * proceeds to create the org; losers bail. By the time a losing\n * request retries on a subsequent navigation, the winner's org is in\n * `org_members` and the auto-create branch is skipped entirely.\n *\n * Stuck-state recovery: a stale claim (held longer than CLAIM_TTL_MS)\n * is reclaimed automatically. So even if the DELETE on the failure\n * path fails (network blip, DB error), the user isn't stranded — the\n * next request after the TTL elapses retries cleanly.\n *\n * Returns null on any failure so the caller can fall back to the\n * empty-context / client-guard path.\n */\nasync function tryCreateDefaultOrg(\n exec: ReturnType<typeof getDbExec>,\n email: string,\n session: { name?: string } | null,\n): Promise<OrgContext | null> {\n // Make sure the framework `settings` table exists before we use it as\n // a claim primitive. getSetting() ensures the table on first call.\n await getSetting(\"__init\").catch(() => null);\n\n const claimKey = `u:${email.toLowerCase()}:auto-create-claim`;\n\n if (!(await acquireClaim(exec, claimKey))) return null;\n\n // Pending-invite check happens INSIDE the claim so the window where a\n // newly-arrived invitation can be missed is narrowed to a single SQL\n // round-trip. (A still-narrower window would require a transaction\n // spanning org_invitations and settings — out of scope.)\n if (await hasPendingInvitation(exec, email)) {\n await releaseClaim(exec, claimKey);\n return null;\n }\n\n if (await hasDomainMatch(exec, email)) {\n await releaseClaim(exec, claimKey);\n return null;\n }\n\n try {\n const orgId = nanoid();\n const orgName = defaultOrgName(email, session);\n const now = Date.now();\n\n await exec.execute({\n sql: `INSERT INTO organizations (id, name, created_by, created_at) VALUES (?, ?, ?, ?)`,\n args: [orgId, orgName, email, now],\n });\n await exec.execute({\n sql: `INSERT INTO org_members (id, org_id, email, role, joined_at) VALUES (?, ?, ?, ?, ?)`,\n args: [nanoid(), orgId, email, \"owner\", now],\n });\n\n await putUserSetting(email, \"active-org-id\", { orgId });\n\n return { email, orgId, orgName, role: \"owner\" };\n } catch {\n await releaseClaim(exec, claimKey);\n return null;\n }\n}\n\nasync function acquireClaim(\n exec: ReturnType<typeof getDbExec>,\n claimKey: string,\n): Promise<boolean> {\n const now = Date.now();\n try {\n await exec.execute({\n sql: `INSERT INTO settings (key, value, updated_at) VALUES (?, ?, ?)`,\n args: [claimKey, JSON.stringify({ at: now }), now],\n });\n return true;\n } catch {\n // Conflict — someone else's claim is already in the row. If it's\n // stale (older than CLAIM_TTL_MS) we take it over.\n //\n // CRITICAL: this MUST be a single atomic UPDATE guarded on\n // `updated_at <= staleThreshold`. A read-then-DELETE-then-INSERT\n // sequence lets two concurrent reclaimers each observe the stale\n // timestamp, delete each other's fresh claim, and both think they\n // won — duplicating org creation. The conditional UPDATE matches\n // each stale row at most once: only the first writer sees\n // rowsAffected === 1; the row's updated_at is now `now`, so any\n // subsequent UPDATE no longer satisfies `updated_at <= staleThreshold`\n // and matches zero rows.\n const staleThreshold = now - CLAIM_TTL_MS;\n const result = (await exec.execute({\n sql: `UPDATE settings SET value = ?, updated_at = ? WHERE key = ? AND updated_at <= ?`,\n args: [JSON.stringify({ at: now }), now, claimKey, staleThreshold],\n })) as { rowsAffected?: number };\n return (result.rowsAffected ?? 0) > 0;\n }\n}\n\nasync function releaseClaim(\n exec: ReturnType<typeof getDbExec>,\n claimKey: string,\n): Promise<void> {\n // Best-effort. If this fails (transient network/DB error), the\n // CLAIM_TTL_MS-based takeover in acquireClaim recovers automatically\n // on a future request — no permanent stuck state.\n await exec\n .execute({ sql: `DELETE FROM settings WHERE key = ?`, args: [claimKey] })\n .catch(() => {});\n}\n\n/**\n * Look up the `allowed_domain` for an org by its ID.\n * Used when making outbound A2A calls so the JWT includes the\n * caller's org domain for cross-app org resolution.\n */\nexport async function getOrgDomain(orgId: string): Promise<string | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT allowed_domain FROM organizations WHERE id = ? LIMIT 1`,\n args: [orgId],\n });\n if (!rows[0]) return null;\n const domain = String((rows[0] as any).allowed_domain || \"\");\n return domain || null;\n } catch {\n return null;\n }\n}\n\n/**\n * Look up the org's A2A secret by org ID.\n * Used when making outbound A2A calls so the JWT is signed with the\n * org-specific secret rather than the global A2A_SECRET env var.\n */\nexport async function getOrgA2ASecret(orgId: string): Promise<string | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT a2a_secret FROM organizations WHERE id = ? LIMIT 1`,\n args: [orgId],\n });\n if (!rows[0]) return null;\n const secret = String((rows[0] as any).a2a_secret || \"\");\n return secret || null;\n } catch {\n return null;\n }\n}\n\n/**\n * Look up an org's A2A secret by its `allowed_domain`.\n * Used on the A2A receiving side: the caller's JWT includes `org_domain`,\n * and the receiver looks up which local org matches that domain to find\n * the secret used to verify the JWT signature.\n */\nexport async function getA2ASecretByDomain(\n domain: string,\n): Promise<string | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT a2a_secret FROM organizations WHERE LOWER(allowed_domain) = ? LIMIT 1`,\n args: [domain.toLowerCase()],\n });\n if (!rows[0]) return null;\n const secret = String((rows[0] as any).a2a_secret || \"\");\n return secret || null;\n } catch {\n return null;\n }\n}\n\n/**\n * Resolve a local org by its `allowed_domain`.\n * Used on the A2A receiving side: the caller sends `org_domain` in the JWT,\n * and the receiver looks up which local org matches that domain.\n */\nexport async function resolveOrgByDomain(\n domain: string,\n): Promise<{ orgId: string; orgName: string } | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT id, name FROM organizations WHERE LOWER(allowed_domain) = ? LIMIT 1`,\n args: [domain.toLowerCase()],\n });\n if (!rows[0]) return null;\n return {\n orgId: String((rows[0] as any).id),\n orgName: String((rows[0] as any).name),\n };\n } catch {\n return null;\n }\n}\n"]}
1
+ {"version":3,"file":"context.js","sourceRoot":"","sources":["../../src/org/context.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9E,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAGlD,MAAM,aAAa,GAAe;IAChC,KAAK,EAAE,EAAE;IACT,KAAK,EAAE,IAAI;IACX,OAAO,EAAE,IAAI;IACb,IAAI,EAAE,IAAI;CACX,CAAC;AAEF,MAAM,MAAM,GAAG,GAAW,EAAE,CAC1B,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;IACnD,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;AAEhE;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,KAAc;IAChD,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,KAAK,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,OAAO,EAAE,KAAK,CAAC;IAC7B,IAAI,CAAC,KAAK;QAAE,OAAO,aAAa,CAAC;IAEjC,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IAEzB,IAAI,WAAW,GAIV,EAAE,CAAC;IACR,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE;;;qCAG0B;YAC/B,IAAI,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;SAC5B,CAAC,CAAC;QACH,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;YAClC,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,MAAM,CAAC;YAClC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAY;YAC/B,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,QAAQ,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;IAAC,MAAM,CAAC;QACP,mEAAmE;QACnE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAC3D,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,uBAAuB,EAAE,CAAC;QACpE,MAAM,OAAO,GAAG,MAAM,mBAAmB,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;QAChE,IAAI,OAAO;YAAE,OAAO,OAAO,CAAC;QAC5B,8DAA8D;QAC9D,iDAAiD;IACnD,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAC3D,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,gBAAgB,GAAG,CAAC,MAAM,cAAc,CAAC,KAAK,EAAE,eAAe,CAAC,CAE9D,CAAC;QACT,IAAI,gBAAgB,EAAE,KAAK,EAAE,CAAC;YAC5B,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAC7B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,gBAAgB,CAAC,KAAK,CAC1C,CAAC;YACF,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO;oBACL,KAAK;oBACL,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,IAAI,EAAE,MAAM,CAAC,IAAI;iBAClB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK;QACL,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,KAAK;QAC3B,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO;QAC/B,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI;KAC1B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,KAAa;IAEb,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IACvB,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,uDAAuD;YAC5D,IAAI,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;SAC5B,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QACnD,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC;QACpC,MAAM,gBAAgB,GAAG,CAAC,MAAM,cAAc,CAAC,KAAK,EAAE,eAAe,CAAC,CAE9D,CAAC;QACT,IAAI,gBAAgB,EAAE,KAAK,IAAI,GAAG,CAAC,QAAQ,CAAC,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC;YACpE,OAAO,gBAAgB,CAAC,KAAK,CAAC;QAChC,CAAC;QACD,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,IAAY,EACZ,KAAa,EACb,OAAgB,OAAO;IAQvB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAChC,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IACpB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,EAAE,WAAW,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAExD,MAAM,IAAI,CAAC,OAAO,CAAC;QACjB,GAAG,EAAE,iGAAiG;QACtG,IAAI,EAAE,CAAC,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,CAAC;KACrD,CAAC,CAAC;IAEH,MAAM,IAAI,CAAC,OAAO,CAAC;QACjB,GAAG,EAAE,qFAAqF;QAC1F,IAAI,EAAE,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,CAAC;KAC7C,CAAC,CAAC;IAEH,MAAM,cAAc,CAAC,KAAK,EAAE,eAAe,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;IAE5D,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,SAAS,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,cAAc,CACrB,KAAa,EACb,OAAiC;IAEjC,MAAM,IAAI,GAAG,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACnC,IAAI,IAAI;QAAE,OAAO,GAAG,IAAI,cAAc,CAAC;IACvC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC;IAC3C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,MAAM,GACV,OAAO;SACJ,KAAK,CAAC,GAAG,CAAC;SACV,MAAM,CAAC,OAAO,CAAC;SACf,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;SAClD,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IACvB,OAAO,GAAG,MAAM,cAAc,CAAC;AACjC,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,oBAAoB,CACjC,IAAkC,EAClC,KAAa;IAEb,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,qFAAqF;YAC1F,IAAI,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;SAC5B,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,4DAA4D;QAC5D,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAkC,EAClC,KAAa;IAEb,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC;QAClD,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QAC1B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,qEAAqE;YAC1E,IAAI,EAAE,CAAC,MAAM,CAAC;SACf,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;sDAIsD;AACtD,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;AAEnC;;;;;;;;;;;;;;;;;;;GAmBG;AACH,KAAK,UAAU,mBAAmB,CAChC,IAAkC,EAClC,KAAa,EACb,OAAiC;IAEjC,sEAAsE;IACtE,mEAAmE;IACnE,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IAE7C,MAAM,QAAQ,GAAG,KAAK,KAAK,CAAC,WAAW,EAAE,oBAAoB,CAAC;IAE9D,IAAI,CAAC,CAAC,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAEvD,sEAAsE;IACtE,qEAAqE;IACrE,mEAAmE;IACnE,yDAAyD;IACzD,IAAI,MAAM,oBAAoB,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC;QAC5C,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,MAAM,cAAc,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,CAAC;QACtC,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,MAAM,IAAI,CAAC,OAAO,CAAC;YACjB,GAAG,EAAE,kFAAkF;YACvF,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC;SACnC,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,OAAO,CAAC;YACjB,GAAG,EAAE,qFAAqF;YAC1F,IAAI,EAAE,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,CAAC;SAC7C,CAAC,CAAC;QAEH,MAAM,cAAc,CAAC,KAAK,EAAE,eAAe,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QAExD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,YAAY,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,IAAkC,EAClC,QAAgB;IAEhB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,OAAO,CAAC;YACjB,GAAG,EAAE,gEAAgE;YACrE,IAAI,EAAE,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,CAAC;SACnD,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,iEAAiE;QACjE,mDAAmD;QACnD,EAAE;QACF,2DAA2D;QAC3D,iEAAiE;QACjE,iEAAiE;QACjE,kEAAkE;QAClE,iEAAiE;QACjE,0DAA0D;QAC1D,gEAAgE;QAChE,uEAAuE;QACvE,yBAAyB;QACzB,MAAM,cAAc,GAAG,GAAG,GAAG,YAAY,CAAC;QAC1C,MAAM,MAAM,GAAG,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC;YACjC,GAAG,EAAE,iFAAiF;YACtF,IAAI,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,cAAc,CAAC;SACnE,CAAC,CAA8B,CAAC;QACjC,OAAO,CAAC,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACxC,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,IAAkC,EAClC,QAAgB;IAEhB,+DAA+D;IAC/D,qEAAqE;IACrE,kDAAkD;IAClD,MAAM,IAAI;SACP,OAAO,CAAC,EAAE,GAAG,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;SACxE,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;AACrB,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,KAAa;IAC9C,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,+DAA+D;YACpE,IAAI,EAAE,CAAC,KAAK,CAAC;SACd,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,MAAM,GAAG,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC;QAC7D,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,KAAa;IACjD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,2DAA2D;YAChE,IAAI,EAAE,CAAC,KAAK,CAAC;SACd,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,MAAM,GAAG,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;QACzD,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAAc;IAEd,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,8EAA8E;YACnF,IAAI,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;SAC7B,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,MAAM,MAAM,GAAG,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC;QACzD,OAAO,MAAM,IAAI,IAAI,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAc;IAEd,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;QACzB,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC;YAClC,GAAG,EAAE,4EAA4E;YACjF,IAAI,EAAE,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;SAC7B,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAC1B,OAAO;YACL,KAAK,EAAE,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,EAAE,CAAC;YAClC,OAAO,EAAE,MAAM,CAAE,IAAI,CAAC,CAAC,CAAS,CAAC,IAAI,CAAC;SACvC,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC","sourcesContent":["import type { H3Event } from \"h3\";\nimport { getSession } from \"../server/auth.js\";\nimport { getUserSetting, putUserSetting } from \"../settings/user-settings.js\";\nimport { getDbExec } from \"../db/client.js\";\nimport { getSetting } from \"../settings/store.js\";\nimport type { OrgContext, OrgRole } from \"./types.js\";\n\nconst EMPTY_CONTEXT: OrgContext = {\n email: \"\",\n orgId: null,\n orgName: null,\n role: null,\n};\n\nconst nanoid = (): string =>\n globalThis.crypto?.randomUUID?.().replace(/-/g, \"\") ??\n Math.random().toString(36).slice(2) + Date.now().toString(36);\n\n/**\n * Resolve the current user's organization context from their session.\n *\n * - For users in multiple orgs, honors their `active-org-id` user setting.\n * - Falls back to the user's first membership.\n * - When `AUTO_CREATE_DEFAULT_ORG` is set and the authenticated user has\n * zero memberships, provisions a default org named after the user\n * ({name}'s workspace, falling back to the email local-part). Opt-in\n * per deployment so templates that don't use orgs don't accrue phantom\n * default orgs in their DB. The <RequireActiveOrg> client guard remains\n * the safety net for pre-existing accounts or provisioning failures.\n */\nexport async function getOrgContext(event: H3Event): Promise<OrgContext> {\n const session = await getSession(event);\n const email = session?.email;\n if (!email) return EMPTY_CONTEXT;\n\n const exec = getDbExec();\n\n let memberships: Array<{\n orgId: string;\n role: OrgRole;\n orgName: string;\n }> = [];\n try {\n const { rows } = await exec.execute({\n sql: `SELECT m.org_id AS \"orgId\", m.role AS role, o.name AS \"orgName\"\n FROM org_members m\n INNER JOIN organizations o ON m.org_id = o.id\n WHERE LOWER(m.email) = ?`,\n args: [email.toLowerCase()],\n });\n memberships = rows.map((r: any) => ({\n orgId: String(r.orgId ?? r.org_id),\n role: String(r.role) as OrgRole,\n orgName: String(r.orgName ?? r.org_name),\n }));\n } catch {\n // Tables may not exist yet on first boot before migrations finish.\n return { email, orgId: null, orgName: null, role: null };\n }\n\n if (memberships.length === 0 && process.env.AUTO_CREATE_DEFAULT_ORG) {\n const created = await tryCreateDefaultOrg(exec, email, session);\n if (created) return created;\n // Creation failed (race / DB error); fall through and let the\n // RequireActiveOrg client guard prompt the user.\n }\n\n if (memberships.length === 0) {\n return { email, orgId: null, orgName: null, role: null };\n }\n\n if (memberships.length > 1) {\n const activeOrgSetting = (await getUserSetting(email, \"active-org-id\")) as {\n orgId: string;\n } | null;\n if (activeOrgSetting?.orgId) {\n const active = memberships.find(\n (m) => m.orgId === activeOrgSetting.orgId,\n );\n if (active) {\n return {\n email,\n orgId: active.orgId,\n orgName: active.orgName,\n role: active.role,\n };\n }\n }\n }\n\n return {\n email,\n orgId: memberships[0].orgId,\n orgName: memberships[0].orgName,\n role: memberships[0].role,\n };\n}\n\n/**\n * Resolve the active org ID for a given email — for non-HTTP contexts like\n * the integration webhook handler where we have an email but no event/session.\n * Picks the user's active-org-id setting if set, otherwise the first membership.\n * Returns null if the user has no memberships.\n */\nexport async function resolveOrgIdForEmail(\n email: string,\n): Promise<string | null> {\n const exec = getDbExec();\n if (!exec) return null;\n try {\n const { rows } = await exec.execute({\n sql: `SELECT org_id FROM org_members WHERE LOWER(email) = ?`,\n args: [email.toLowerCase()],\n });\n if (rows.length === 0) return null;\n const ids = rows.map((r: any) => String(r.org_id));\n if (ids.length === 1) return ids[0];\n const activeOrgSetting = (await getUserSetting(email, \"active-org-id\")) as {\n orgId: string;\n } | null;\n if (activeOrgSetting?.orgId && ids.includes(activeOrgSetting.orgId)) {\n return activeOrgSetting.orgId;\n }\n return ids[0];\n } catch {\n return null;\n }\n}\n\n/**\n * Create a new organization and add the caller as a member with the given\n * role. Generates a per-org A2A secret for cross-app delegation and writes\n * the caller's `active-org-id` user-setting so the new org is immediately\n * active.\n *\n */\nexport async function createOrganization(\n name: string,\n email: string,\n role: OrgRole = \"owner\",\n): Promise<{\n id: string;\n name: string;\n role: OrgRole;\n a2aSecret: string;\n createdAt: number;\n}> {\n const trimmedName = name.trim();\n const exec = getDbExec();\n const id = nanoid();\n const createdAt = Date.now();\n const { randomBytes } = await import(\"node:crypto\");\n const a2aSecret = randomBytes(32).toString(\"base64url\");\n\n await exec.execute({\n sql: `INSERT INTO organizations (id, name, created_by, created_at, a2a_secret) VALUES (?, ?, ?, ?, ?)`,\n args: [id, trimmedName, email, createdAt, a2aSecret],\n });\n\n await exec.execute({\n sql: `INSERT INTO org_members (id, org_id, email, role, joined_at) VALUES (?, ?, ?, ?, ?)`,\n args: [nanoid(), id, email, role, createdAt],\n });\n\n await putUserSetting(email, \"active-org-id\", { orgId: id });\n\n return { id, name: trimmedName, role, a2aSecret, createdAt };\n}\n\nfunction defaultOrgName(\n email: string,\n session: { name?: string } | null,\n): string {\n const full = session?.name?.trim();\n if (full) return `${full}'s workspace`;\n const local = email.split(\"@\")[0] ?? email;\n const cleaned = local.replace(/[._-]+/g, \" \").trim();\n const titled =\n cleaned\n .split(\" \")\n .filter(Boolean)\n .map((w) => w.charAt(0).toUpperCase() + w.slice(1))\n .join(\" \") || \"My\";\n return `${titled}'s workspace`;\n}\n\n/**\n * Check whether the user has a pending invitation. If so, auto-create\n * MUST be skipped — otherwise we'd provision a personal org for them\n * before they ever see the inviter's org in the RequireActiveOrg\n * accept-invite pane, and they'd never join the team that invited them.\n */\nasync function hasPendingInvitation(\n exec: ReturnType<typeof getDbExec>,\n email: string,\n): Promise<boolean> {\n try {\n const { rows } = await exec.execute({\n sql: `SELECT 1 FROM org_invitations WHERE LOWER(email) = ? AND status = 'pending' LIMIT 1`,\n args: [email.toLowerCase()],\n });\n return rows.length > 0;\n } catch {\n // If we can't tell, err on the side of NOT auto-creating — the\n // RequireActiveOrg client guard will surface the situation.\n return true;\n }\n}\n\nasync function hasDomainMatch(\n exec: ReturnType<typeof getDbExec>,\n email: string,\n): Promise<boolean> {\n try {\n const domain = email.split(\"@\")[1]?.toLowerCase();\n if (!domain) return false;\n const { rows } = await exec.execute({\n sql: `SELECT 1 FROM organizations WHERE LOWER(allowed_domain) = ? LIMIT 1`,\n args: [domain],\n });\n return rows.length > 0;\n } catch {\n return false;\n }\n}\n\n/** Stale-claim threshold. A claim row this old is treated as abandoned\n * (process crashed, DELETE failed, etc.) and a new caller may take it\n * over. Long enough that two genuine concurrent first-loads don't\n * trample each other (those settle in milliseconds), short enough that\n * a stuck user recovers on their next navigation. */\nconst CLAIM_TTL_MS = 5 * 60 * 1000;\n\n/**\n * Attempt to provision a default org + owner membership for a user with\n * zero memberships.\n *\n * Race protection: claims the user's auto-create slot via an atomic\n * INSERT into the framework `settings` table (PRIMARY KEY (key) — so\n * concurrent inserts for the same key throw uniqueness violations on\n * both SQLite and Postgres). Only the request that wins the claim\n * proceeds to create the org; losers bail. By the time a losing\n * request retries on a subsequent navigation, the winner's org is in\n * `org_members` and the auto-create branch is skipped entirely.\n *\n * Stuck-state recovery: a stale claim (held longer than CLAIM_TTL_MS)\n * is reclaimed automatically. So even if the DELETE on the failure\n * path fails (network blip, DB error), the user isn't stranded — the\n * next request after the TTL elapses retries cleanly.\n *\n * Returns null on any failure so the caller can fall back to the\n * empty-context / client-guard path.\n */\nasync function tryCreateDefaultOrg(\n exec: ReturnType<typeof getDbExec>,\n email: string,\n session: { name?: string } | null,\n): Promise<OrgContext | null> {\n // Make sure the framework `settings` table exists before we use it as\n // a claim primitive. getSetting() ensures the table on first call.\n await getSetting(\"__init\").catch(() => null);\n\n const claimKey = `u:${email.toLowerCase()}:auto-create-claim`;\n\n if (!(await acquireClaim(exec, claimKey))) return null;\n\n // Pending-invite check happens INSIDE the claim so the window where a\n // newly-arrived invitation can be missed is narrowed to a single SQL\n // round-trip. (A still-narrower window would require a transaction\n // spanning org_invitations and settings — out of scope.)\n if (await hasPendingInvitation(exec, email)) {\n await releaseClaim(exec, claimKey);\n return null;\n }\n\n if (await hasDomainMatch(exec, email)) {\n await releaseClaim(exec, claimKey);\n return null;\n }\n\n try {\n const orgId = nanoid();\n const orgName = defaultOrgName(email, session);\n const now = Date.now();\n\n await exec.execute({\n sql: `INSERT INTO organizations (id, name, created_by, created_at) VALUES (?, ?, ?, ?)`,\n args: [orgId, orgName, email, now],\n });\n await exec.execute({\n sql: `INSERT INTO org_members (id, org_id, email, role, joined_at) VALUES (?, ?, ?, ?, ?)`,\n args: [nanoid(), orgId, email, \"owner\", now],\n });\n\n await putUserSetting(email, \"active-org-id\", { orgId });\n\n return { email, orgId, orgName, role: \"owner\" };\n } catch {\n await releaseClaim(exec, claimKey);\n return null;\n }\n}\n\nasync function acquireClaim(\n exec: ReturnType<typeof getDbExec>,\n claimKey: string,\n): Promise<boolean> {\n const now = Date.now();\n try {\n await exec.execute({\n sql: `INSERT INTO settings (key, value, updated_at) VALUES (?, ?, ?)`,\n args: [claimKey, JSON.stringify({ at: now }), now],\n });\n return true;\n } catch {\n // Conflict — someone else's claim is already in the row. If it's\n // stale (older than CLAIM_TTL_MS) we take it over.\n //\n // CRITICAL: this MUST be a single atomic UPDATE guarded on\n // `updated_at <= staleThreshold`. A read-then-DELETE-then-INSERT\n // sequence lets two concurrent reclaimers each observe the stale\n // timestamp, delete each other's fresh claim, and both think they\n // won — duplicating org creation. The conditional UPDATE matches\n // each stale row at most once: only the first writer sees\n // rowsAffected === 1; the row's updated_at is now `now`, so any\n // subsequent UPDATE no longer satisfies `updated_at <= staleThreshold`\n // and matches zero rows.\n const staleThreshold = now - CLAIM_TTL_MS;\n const result = (await exec.execute({\n sql: `UPDATE settings SET value = ?, updated_at = ? WHERE key = ? AND updated_at <= ?`,\n args: [JSON.stringify({ at: now }), now, claimKey, staleThreshold],\n })) as { rowsAffected?: number };\n return (result.rowsAffected ?? 0) > 0;\n }\n}\n\nasync function releaseClaim(\n exec: ReturnType<typeof getDbExec>,\n claimKey: string,\n): Promise<void> {\n // Best-effort. If this fails (transient network/DB error), the\n // CLAIM_TTL_MS-based takeover in acquireClaim recovers automatically\n // on a future request — no permanent stuck state.\n await exec\n .execute({ sql: `DELETE FROM settings WHERE key = ?`, args: [claimKey] })\n .catch(() => {});\n}\n\n/**\n * Look up the `allowed_domain` for an org by its ID.\n * Used when making outbound A2A calls so the JWT includes the\n * caller's org domain for cross-app org resolution.\n */\nexport async function getOrgDomain(orgId: string): Promise<string | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT allowed_domain FROM organizations WHERE id = ? LIMIT 1`,\n args: [orgId],\n });\n if (!rows[0]) return null;\n const domain = String((rows[0] as any).allowed_domain || \"\");\n return domain || null;\n } catch {\n return null;\n }\n}\n\n/**\n * Look up the org's A2A secret by org ID.\n * Used when making outbound A2A calls so the JWT is signed with the\n * org-specific secret rather than the global A2A_SECRET env var.\n */\nexport async function getOrgA2ASecret(orgId: string): Promise<string | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT a2a_secret FROM organizations WHERE id = ? LIMIT 1`,\n args: [orgId],\n });\n if (!rows[0]) return null;\n const secret = String((rows[0] as any).a2a_secret || \"\");\n return secret || null;\n } catch {\n return null;\n }\n}\n\n/**\n * Look up an org's A2A secret by its `allowed_domain`.\n * Used on the A2A receiving side: the caller's JWT includes `org_domain`,\n * and the receiver looks up which local org matches that domain to find\n * the secret used to verify the JWT signature.\n */\nexport async function getA2ASecretByDomain(\n domain: string,\n): Promise<string | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT a2a_secret FROM organizations WHERE LOWER(allowed_domain) = ? LIMIT 1`,\n args: [domain.toLowerCase()],\n });\n if (!rows[0]) return null;\n const secret = String((rows[0] as any).a2a_secret || \"\");\n return secret || null;\n } catch {\n return null;\n }\n}\n\n/**\n * Resolve a local org by its `allowed_domain`.\n * Used on the A2A receiving side: the caller sends `org_domain` in the JWT,\n * and the receiver looks up which local org matches that domain.\n */\nexport async function resolveOrgByDomain(\n domain: string,\n): Promise<{ orgId: string; orgName: string } | null> {\n try {\n const exec = getDbExec();\n const { rows } = await exec.execute({\n sql: `SELECT id, name FROM organizations WHERE LOWER(allowed_domain) = ? LIMIT 1`,\n args: [domain.toLowerCase()],\n });\n if (!rows[0]) return null;\n return {\n orgId: String((rows[0] as any).id),\n orgName: String((rows[0] as any).name),\n };\n } catch {\n return null;\n }\n}\n"]}
package/dist/org/handlers.d.ts CHANGED
@@ -26,8 +26,8 @@ export declare const getMyOrgHandler: import("h3").EventHandlerWithFetch<import(
26
26
  /** POST /_agent-native/org — create a new organization */
27
27
  export declare const createOrgHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
28
28
  id: string;
29
- name: any;
30
- role: string;
29
+ name: string;
30
+ role: OrgRole;
31
31
  }>>;
32
32
  /** GET /_agent-native/org/members — list org members */
33
33
  export declare const listMembersHandler: import("h3").EventHandlerWithFetch<import("h3").EventHandlerRequest, Promise<{
package/dist/org/handlers.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../../src/org/handlers.ts"],"names":[],"mappings":"AA+CA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AA2B1C,2FAA2F;AAC3F,eAAO,MAAM,eAAe;;;;;;;cAaA,OAAO;;;;;;;;;;eAIC,MAAM;iBAAW,MAAM;;;;GA0EzD,CAAC;AAEH,0DAA0D;AAC1D,eAAO,MAAM,gBAAgB;;;;GAkC3B,CAAC;AAEH,wDAAwD;AACxD,eAAO,MAAM,kBAAkB;;;cAWH,OAAO;;;GAIjC,CAAC;AAMH,UAAU,kBAAkB;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC;IACzB,MAAM,EAAE,SAAS,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,UAAU,mBAAmB;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAsED,8EAA8E;AAC9E,eAAO,MAAM,uBAAuB;;;;GAuEnC,CAAC;AAEF,gFAAgF;AAChF,eAAO,MAAM,sBAAsB;;;;;;;;;GAyBlC,CAAC;AAEF,4EAA4E;AAC5E,eAAO,MAAM,uBAAuB;;;UAoD8B,OAAO;GAkBxE,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,mBAAmB;;GA2D/B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,uBAAuB;;;GAqEnC,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,gBAAgB;;;GA4B3B,CAAC;AAEH,4EAA4E;AAC5E,eAAO,MAAM,gBAAgB;;;UAkCC,OAAO;GAEnC,CAAC;AAEH,mGAAmG;AACnG,eAAO,MAAM,mBAAmB;;;UAqDR,OAAO;GAG9B,CAAC;AAEF,+FAA+F;AAC/F,eAAO,MAAM,gBAAgB;;GAsE3B,CAAC;AAEH,oGAAoG;AACpG,eAAO,MAAM,mBAAmB;;;GA0C/B,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,oBAAoB;;;;;YA2DvB,MAAM;cACJ,MAAM;aACP,MAAM;YACP,OAAO;iBACF,MAAM;gBACP,MAAM;;GAyDnB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,uBAAuB;;;GAgGnC,CAAC"}
1
+ {"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../../src/org/handlers.ts"],"names":[],"mappings":"AA+CA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AA2B1C,2FAA2F;AAC3F,eAAO,MAAM,eAAe;;;;;;;cAaA,OAAO;;;;;;;;;;eAIC,MAAM;iBAAW,MAAM;;;;GA0EzD,CAAC;AAEH,0DAA0D;AAC1D,eAAO,MAAM,gBAAgB;;;;GAe3B,CAAC;AAEH,wDAAwD;AACxD,eAAO,MAAM,kBAAkB;;;cAWH,OAAO;;;GAIjC,CAAC;AAMH,UAAU,kBAAkB;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,GAAG,OAAO,CAAC;IACzB,MAAM,EAAE,SAAS,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,UAAU,mBAAmB;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;CACf;AAsED,8EAA8E;AAC9E,eAAO,MAAM,uBAAuB;;;;GAuEnC,CAAC;AAEF,gFAAgF;AAChF,eAAO,MAAM,sBAAsB;;;;;;;;;GAyBlC,CAAC;AAEF,4EAA4E;AAC5E,eAAO,MAAM,uBAAuB;;;UAoD8B,OAAO;GAkBxE,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,mBAAmB;;GA2D/B,CAAC;AAEF;;;;;;;GAOG;AACH,eAAO,MAAM,uBAAuB;;;GAqEnC,CAAC;AAEF,oFAAoF;AACpF,eAAO,MAAM,gBAAgB;;;GA4B3B,CAAC;AAEH,4EAA4E;AAC5E,eAAO,MAAM,gBAAgB;;;UAkCC,OAAO;GAEnC,CAAC;AAEH,mGAAmG;AACnG,eAAO,MAAM,mBAAmB;;;UAqDR,OAAO;GAG9B,CAAC;AAEF,+FAA+F;AAC/F,eAAO,MAAM,gBAAgB;;GAsE3B,CAAC;AAEH,oGAAoG;AACpG,eAAO,MAAM,mBAAmB;;;GA0C/B,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,eAAO,MAAM,oBAAoB;;;;;YA2DvB,MAAM;cACJ,MAAM;aACP,MAAM;YACP,OAAO;iBACF,MAAM;gBACP,MAAM;;GAyDnB,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,uBAAuB;;;GAgGnC,CAAC"}