@agent-os-sdk/client 0.9.24 → 0.9.26

package/dist/client/AgentOsClient.d.ts

@@ -1,141 +0,0 @@
-/**
- * Agent OS SDK - Main Client
- *
- * Fully typed API client for Agent OS platform.
- *
- * Two authentication modes:
- * - API Token (server-to-server): aosk_* tokens with embedded claims
- * - JWT (browser): Supabase JWT + X-Workspace-Id header
- *
- * @example
- * ```ts
- * // API Token (server-to-server)
- * const api = new AgentOsClient({
- *   baseUrl: "https://api.agentos.io",
- *   auth: { type: "api_token", apiKey: "aosk_live_xxx" }
- * });
- *
- * // JWT (browser)
- * const api = new AgentOsClient({
- *   baseUrl: "https://api.agentos.io",
- *   auth: {
- *     type: "jwt",
- *     getToken: () => supabase.auth.getSession().then(s => s.data.session?.access_token ?? ""),
- *     getWorkspaceId: () => localStorage.getItem("agentos.workspaceId") ?? ""
- *   }
- * });
- * ```
- */
-import { type AgentOsClientOptions } from "./auth.js";
-import { type RawClient } from "./raw.js";
-import { AgentsModule } from "../modules/agents.js";
-import { ChatwootModule } from "../modules/chatwoot.js";
-import { CredentialsModule } from "../modules/credentials.js";
-import { DatasetsModule } from "../modules/datasets.js";
-import { RolesModule } from "../modules/roles.js";
-import { MembersModule } from "../modules/members.js";
-import { RunsModule } from "../modules/runs.js";
-import { TenantsModule } from "../modules/tenants.js";
-import { ThreadsModule } from "../modules/threads.js";
-import { ToolsModule } from "../modules/tools.js";
-import { TriggersModule } from "../modules/triggers.js";
-import { WorkspacesModule } from "../modules/workspaces.js";
-import { A2aModule } from "../modules/a2a.js";
-import { ApiTokensModule } from "../modules/apiTokens.js";
-import { ApprovalsModule } from "../modules/approvals.js";
-import { AuditModule } from "../modules/audit.js";
-import { AuthModule } from "../modules/auth.js";
-import { CatalogModule } from "../modules/catalog.js";
-import { CheckpointsModule } from "../modules/checkpoints.js";
-import { ContractsModule } from "../modules/contracts.js";
-import { CronsModule } from "../modules/crons.js";
-import { EvaluationModule } from "../modules/evaluation.js";
-import { FilesModule } from "../modules/files.js";
-import { InfoModule } from "../modules/info.js";
-import { ImprovementsModule } from "../modules/improvements.js";
-import { MeModule } from "../modules/me.js";
-import { MembershipsModule } from "../modules/memberships.js";
-import { MetaAgentModule } from "../modules/metaAgent.js";
-import { MetricsModule } from "../modules/metrics.js";
-import { ObservabilityModule } from "../modules/observability.js";
-import { PlaygroundModule } from "../modules/playground.js";
-import { PresetsModule } from "../modules/presets.js";
-import { PromptsModule } from "../modules/prompts.js";
-import { StoreModule } from "../modules/store.js";
-import { TemplatesModule } from "../modules/templates.js";
-import { TracesModule } from "../modules/traces.js";
-import { UsageModule } from "../modules/usage.js";
-import { VectorStoresModule } from "../modules/vectorStores.js";
-export { isApiTokenAuth, isJwtAuth } from "./auth.js";
-export type { AgentOsClientOptions, AuthProvider } from "./auth.js";
-export declare class AgentOsClient {
-    private readonly _client;
-    private readonly _baseUrl;
-    private readonly _auth;
-    private readonly _customHeaders;
-    readonly agents: AgentsModule;
-    readonly runs: RunsModule;
-    readonly threads: ThreadsModule;
-    readonly tools: ToolsModule;
-    readonly datasets: DatasetsModule;
-    readonly roles: RolesModule;
-    readonly triggers: TriggersModule;
-    readonly credentials: CredentialsModule;
-    readonly members: MembersModule;
-    readonly tenants: TenantsModule;
-    readonly workspaces: WorkspacesModule;
-    readonly chatwoot: ChatwootModule;
-    readonly prompts: PromptsModule;
-    readonly traces: TracesModule;
-    readonly files: FilesModule;
-    readonly vectorStores: VectorStoresModule;
-    readonly evaluation: EvaluationModule;
-    readonly checkpoints: CheckpointsModule;
-    readonly playground: PlaygroundModule;
-    readonly crons: CronsModule;
-    readonly store: StoreModule;
-    readonly audit: AuditModule;
-    readonly usage: UsageModule;
-    readonly a2a: A2aModule;
-    readonly me: MeModule;
-    readonly info: InfoModule;
-    readonly improvements: ImprovementsModule;
-    readonly metrics: MetricsModule;
-    readonly metaAgent: MetaAgentModule;
-    readonly contracts: ContractsModule;
-    readonly catalog: CatalogModule;
-    readonly approvals: ApprovalsModule;
-    readonly auth: AuthModule;
-    readonly observability: ObservabilityModule;
-    readonly templates: TemplatesModule;
-    readonly experiments: {
-        list: EvaluationModule["listExperiments"];
-        get: EvaluationModule["getExperiment"];
-        create: EvaluationModule["createExperiment"];
-    };
-    readonly apiTokens: ApiTokensModule;
-    readonly memberships: MembershipsModule;
-    readonly presets: PresetsModule;
-    constructor(options: AgentOsClientOptions);
-    /**
-     * Validate auth configuration at construction time
-     */
-    private _validateAuth;
-    /**
-     * Resolve headers for each request (async)
-     *
-     * SECURITY INVARIANTS:
-     * - JWT: Authorization + X-Workspace-Id (REQUIRED), NO X-Tenant-Id
-     * - API Token: Authorization only, NO X-Workspace-Id, NO X-Tenant-Id
-     */
-    private _resolveHeaders;
-    /**
-     * Get resolved headers (for debugging/testing)
-     */
-    getHeadersAsync(): Promise<Record<string, string>>;
-    /** Auth provider type */
-    get authType(): "api_token" | "jwt";
-    /** Raw HTTP client (use modules instead) */
-    get raw(): RawClient;
-}
-//# sourceMappingURL=AgentOsClient.d.ts.map

package/dist/client/AgentOsClient.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"AgentOsClient.d.ts","sourceRoot":"","sources":["../../src/client/AgentOsClient.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,EACH,KAAK,oBAAoB,EAK5B,MAAM,WAAW,CAAC;AACnB,OAAO,EAAmB,KAAK,SAAS,EAAE,MAAM,UAAU,CAAC;AAE3D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAG5D,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAC5D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAGhE,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtD,YAAY,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAEpE,qBAAa,aAAa;IACtB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAY;IACpC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAS;IAClC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAe;IACrC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAyB;IAGxD,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC;IAC1B,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IACxC,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,UAAU,EAAE,gBAAgB,CAAC;IACtC,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAGlC,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,YAAY,EAAE,kBAAkB,CAAC;IAC1C,QAAQ,CAAC,UAAU,EAAE,gBAAgB,CAAC;IACtC,QAAQ,CAAC,WAAW,EAAE,iBAAiB,CAAC;IACxC,QAAQ,CAAC,UAAU,EAAE,gBAAgB,CAAC;IACtC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,GAAG,EAAE,SAAS,CAAC;IACxB,QAAQ,CAAC,EAAE,EAAE,QAAQ,CAAC;IACtB,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC;IAC1B,QAAQ,CAAC,YAAY,EAAE,kBAAkB,CAAC;IAC1C,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC;IAC1B,QAAQ,CAAC,aAAa,EAAE,mBAAmB,CAAC;IAC5C,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IAGpC,QAAQ,CAAC,WAAW,EAAE;QAClB,IAAI,EAAE,gBAAgB,CAAC,iBAAiB,CAAC,CAAC;QAC1C,GAAG,EAAE,gBAAgB,CAAC,eAAe,CAAC,CAAC;QACvC,MAAM,EAAE,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;KAChD,CAAC;IAEF,SAAgB,SAAS,EAAE,eAAe,CAAC;IAC3C,SAAgB,WAAW,EAAE,iBAAiB,CAAC;IAC/C,SAAgB,OAAO,EAAE,aAAa,CAAC;gBAI3B,OAAO,EAAE,oBAAoB;IA0EzC;;OAEG;IACH,OAAO,CAAC,aAAa;IAYrB;;;;;;OAMG;YACW,eAAe;IAwC7B;;OAEG;IACG,eAAe,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAIxD,yBAAyB;IACzB,IAAI,QAAQ,IAAI,WAAW,GAAG,KAAK,CAElC;IAED,4CAA4C;IAC5C,IAAI,GAAG,IAAI,SAAS,CAEnB;CACJ"}

package/dist/client/AgentOsClient.js

@@ -1,250 +0,0 @@
-/**
- * Agent OS SDK - Main Client
- *
- * Fully typed API client for Agent OS platform.
- *
- * Two authentication modes:
- * - API Token (server-to-server): aosk_* tokens with embedded claims
- * - JWT (browser): Supabase JWT + X-Workspace-Id header
- *
- * @example
- * ```ts
- * // API Token (server-to-server)
- * const api = new AgentOsClient({
- *   baseUrl: "https://api.agentos.io",
- *   auth: { type: "api_token", apiKey: "aosk_live_xxx" }
- * });
- *
- * // JWT (browser)
- * const api = new AgentOsClient({
- *   baseUrl: "https://api.agentos.io",
- *   auth: {
- *     type: "jwt",
- *     getToken: () => supabase.auth.getSession().then(s => s.data.session?.access_token ?? ""),
- *     getWorkspaceId: () => localStorage.getItem("agentos.workspaceId") ?? ""
- *   }
- * });
- * ```
- */
-import { isApiTokenAuth, isBrowser, isJwtAuth, } from "./auth.js";
-import { createRawClient } from "./raw.js";
-import { AgentsModule } from "../modules/agents.js";
-import { ChatwootModule } from "../modules/chatwoot.js";
-import { CredentialsModule } from "../modules/credentials.js";
-import { DatasetsModule } from "../modules/datasets.js";
-import { RolesModule } from "../modules/roles.js";
-import { MembersModule } from "../modules/members.js";
-import { RunsModule } from "../modules/runs.js";
-import { TenantsModule } from "../modules/tenants.js";
-import { ThreadsModule } from "../modules/threads.js";
-import { ToolsModule } from "../modules/tools.js";
-import { TriggersModule } from "../modules/triggers.js";
-import { WorkspacesModule } from "../modules/workspaces.js";
-// Platform modules
-import { A2aModule } from "../modules/a2a.js";
-import { ApiTokensModule } from "../modules/apiTokens.js";
-import { ApprovalsModule } from "../modules/approvals.js";
-import { AuditModule } from "../modules/audit.js";
-import { AuthModule } from "../modules/auth.js";
-import { CatalogModule } from "../modules/catalog.js";
-import { CheckpointsModule } from "../modules/checkpoints.js";
-import { ContractsModule } from "../modules/contracts.js";
-import { CronsModule } from "../modules/crons.js";
-import { EvaluationModule } from "../modules/evaluation.js";
-import { FilesModule } from "../modules/files.js";
-import { InfoModule } from "../modules/info.js";
-import { ImprovementsModule } from "../modules/improvements.js";
-import { MeModule } from "../modules/me.js";
-import { MembershipsModule } from "../modules/memberships.js";
-import { MetaAgentModule } from "../modules/metaAgent.js";
-import { MetricsModule } from "../modules/metrics.js";
-import { ObservabilityModule } from "../modules/observability.js";
-import { PlaygroundModule } from "../modules/playground.js";
-import { PresetsModule } from "../modules/presets.js";
-import { PromptsModule } from "../modules/prompts.js";
-import { StoreModule } from "../modules/store.js";
-import { TemplatesModule } from "../modules/templates.js";
-import { TracesModule } from "../modules/traces.js";
-import { UsageModule } from "../modules/usage.js";
-import { VectorStoresModule } from "../modules/vectorStores.js";
-// Re-export auth types
-export { isApiTokenAuth, isJwtAuth } from "./auth.js";
-export class AgentOsClient {
-    _client;
-    _baseUrl;
-    _auth;
-    _customHeaders;
-    // Core modules
-    agents;
-    runs;
-    threads;
-    tools;
-    datasets;
-    roles;
-    triggers;
-    credentials;
-    members;
-    tenants;
-    workspaces;
-    chatwoot;
-    // Platform modules
-    prompts;
-    traces;
-    files;
-    vectorStores;
-    evaluation;
-    checkpoints;
-    playground;
-    crons;
-    store;
-    audit;
-    usage;
-    a2a;
-    me;
-    info;
-    improvements;
-    metrics;
-    metaAgent;
-    contracts;
-    catalog;
-    approvals;
-    auth;
-    observability;
-    templates;
-    // Convenience aliases
-    experiments;
-    apiTokens;
-    memberships;
-    presets;
-    constructor(options) {
-        this._baseUrl = options.baseUrl;
-        this._auth = options.auth;
-        this._customHeaders = options.headers ?? {};
-        // Validate auth configuration
-        this._validateAuth(options);
-        // Create raw client with async header provider
-        this._client = createRawClient({
-            baseUrl: options.baseUrl,
-            headerProvider: () => this._resolveHeaders(),
-            contextProvider: options.contextProvider,
-            network: options.network,
-            hooks: options.hooks,
-        });
-        // Module header getter (sync fallback for backwards compat with module internals)
-        const getHeaders = () => this._customHeaders;
-        const getWorkspaceId = () => "";
-        const getTenantId = () => "";
-        // Initialize core modules
-        this.agents = new AgentsModule(this._client, getHeaders);
-        this.runs = new RunsModule(this._client);
-        this.threads = new ThreadsModule(this._client, getHeaders);
-        this.tools = new ToolsModule(this._client, getHeaders);
-        this.datasets = new DatasetsModule(this._client, getHeaders);
-        this.roles = new RolesModule(this._client, getHeaders);
-        this.triggers = new TriggersModule(this._client, getHeaders);
-        this.credentials = new CredentialsModule(this._client, getWorkspaceId, getHeaders);
-        this.members = new MembersModule(this._client, getHeaders);
-        this.tenants = new TenantsModule(this._client, getHeaders);
-        this.workspaces = new WorkspacesModule(this._client, getTenantId, getHeaders);
-        this.chatwoot = new ChatwootModule(this._client, getHeaders);
-        // Initialize platform modules
-        this.prompts = new PromptsModule(this._client, getHeaders);
-        this.traces = new TracesModule(this._client, getHeaders);
-        this.files = new FilesModule(this._client, getHeaders);
-        this.vectorStores = new VectorStoresModule(this._client, getHeaders);
-        this.evaluation = new EvaluationModule(this._client, getHeaders);
-        this.checkpoints = new CheckpointsModule(this._client, getHeaders);
-        this.playground = new PlaygroundModule(this._client, getHeaders);
-        this.crons = new CronsModule(this._client, getHeaders);
-        this.store = new StoreModule(this._client, getHeaders);
-        this.audit = new AuditModule(this._client, getHeaders);
-        this.usage = new UsageModule(this._client, getHeaders);
-        this.a2a = new A2aModule(this._client, getHeaders);
-        this.me = new MeModule(this._client, getHeaders);
-        this.info = new InfoModule(this._client, getHeaders);
-        this.improvements = new ImprovementsModule(this._client, getHeaders);
-        this.metrics = new MetricsModule(this._client);
-        this.metaAgent = new MetaAgentModule(this._client, getHeaders);
-        this.contracts = new ContractsModule(this._client, getHeaders);
-        this.catalog = new CatalogModule(this._client);
-        this.approvals = new ApprovalsModule(this._client, getHeaders);
-        this.auth = new AuthModule(this._client, getHeaders);
-        this.observability = new ObservabilityModule(this._client, getHeaders);
-        this.templates = new TemplatesModule(this._client, getHeaders);
-        // Initialize convenience aliases
-        this.experiments = {
-            list: this.evaluation.listExperiments.bind(this.evaluation),
-            get: this.evaluation.getExperiment.bind(this.evaluation),
-            create: this.evaluation.createExperiment.bind(this.evaluation),
-        };
-        this.apiTokens = new ApiTokensModule(this._client);
-        this.memberships = new MembershipsModule(this._client);
-        this.presets = new PresetsModule(this._client, getHeaders);
-    }
-    /**
-     * Validate auth configuration at construction time
-     */
-    _validateAuth(options) {
-        const { auth, allowApiTokenInBrowser } = options;
-        // Browser security guard for API tokens
-        if (isApiTokenAuth(auth) && isBrowser() && !allowApiTokenInBrowser) {
-            throw new Error("[AgentOS SDK] SECURITY: API tokens (aosk_*) are SERVER-SIDE only. " +
-                "Use JWT auth in the browser. Set allowApiTokenInBrowser: true only if you understand the risks.");
-        }
-    }
-    /**
-     * Resolve headers for each request (async)
-     *
-     * SECURITY INVARIANTS:
-     * - JWT: Authorization + X-Workspace-Id (REQUIRED), NO X-Tenant-Id
-     * - API Token: Authorization only, NO X-Workspace-Id, NO X-Tenant-Id
-     */
-    async _resolveHeaders() {
-        const headers = {
-            "Content-Type": "application/json",
-            ...this._customHeaders,
-        };
-        if (isApiTokenAuth(this._auth)) {
-            // API Token: Authorization header only
-            const apiKey = typeof this._auth.apiKey === "function"
-                ? await this._auth.apiKey()
-                : this._auth.apiKey;
-            if (apiKey) {
-                headers["Authorization"] = `Bearer ${apiKey}`;
-            }
-            // NO X-Workspace-Id (embedded in token claims)
-            // NO X-Tenant-Id (embedded in token claims)
-        }
-        else if (isJwtAuth(this._auth)) {
-            // JWT: Authorization + X-Workspace-Id
-            const [token, workspaceId] = await Promise.all([
-                Promise.resolve(this._auth.getToken()),
-                Promise.resolve(this._auth.getWorkspaceId()),
-            ]);
-            if (token) {
-                headers["Authorization"] = `Bearer ${token}`;
-            }
-            // Workspace ID is optional for bootstrap endpoints (e.g., /me)
-            // Most endpoints require it, but the header provider allows empty strings
-            if (workspaceId) {
-                headers["X-Workspace-Id"] = workspaceId;
-            }
-            // NO X-Tenant-Id (backend derives from workspace membership)
-        }
-        return headers;
-    }
-    /**
-     * Get resolved headers (for debugging/testing)
-     */
-    async getHeadersAsync() {
-        return this._resolveHeaders();
-    }
-    /** Auth provider type */
-    get authType() {
-        return this._auth.type;
-    }
-    /** Raw HTTP client (use modules instead) */
-    get raw() {
-        return this._client;
-    }
-}

package/dist/client/HttpRequestBuilder.d.ts

@@ -1,50 +0,0 @@
-/**
- * HttpRequestBuilder — Single source of truth for headers
- *
- * All header generation flows through this builder.
- * raw.ts should NOT generate headers directly.
- *
- * Headers generated:
- * - X-Request-Id: Per-request, always new (crypto.randomUUID)
- * - X-Correlation-Id: Per-flow, immutable within flow
- * - Authorization: Bearer token
- * - X-Workspace-Id: Workspace binding (from context)
- * - X-Idempotency-Key: Opt-in for POST requests
- * - User-Agent: SDK version + runtime info
- *
- * @see sdk-upgrade.md Section 1.3
- */
-import type { OperationContext } from "./OperationContext.js";
-export declare function sanitizeValidCorrelationId(raw?: string): string | null;
-/**
- * Options for building request headers
- */
-export interface HttpRequestBuilderOptions {
-    /** Bearer token for Authorization header */
-    token?: string;
-    /** Operation context with correlationId and workspaceId */
-    context?: OperationContext;
-    /** Idempotency key for POST requests */
-    idempotencyKey?: string;
-    /** If true, throws if correlationId is missing */
-    requireFlow?: boolean;
-}
-/**
- * Build headers for HTTP requests.
- * This is the SINGLE SOURCE OF TRUTH for header generation.
- */
-export declare class HttpRequestBuilder {
-    /**
-     * Build headers from options.
-     *
-     * @throws Error if requireFlow is true and correlationId is missing
-     */
-    build(opts: HttpRequestBuilderOptions): Record<string, string>;
-    private resolveCorrelationId;
-    /**
-     * Build User-Agent string with SDK version and runtime info
-     */
-    private buildUserAgent;
-}
-export declare const httpRequestBuilder: HttpRequestBuilder;
-//# sourceMappingURL=HttpRequestBuilder.d.ts.map

package/dist/client/HttpRequestBuilder.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"HttpRequestBuilder.d.ts","sourceRoot":"","sources":["../../src/client/HttpRequestBuilder.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAQ9D,wBAAgB,0BAA0B,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAGtE;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACtC,4CAA4C;IAC5C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,2DAA2D;IAC3D,OAAO,CAAC,EAAE,gBAAgB,CAAC;IAC3B,wCAAwC;IACxC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,kDAAkD;IAClD,WAAW,CAAC,EAAE,OAAO,CAAC;CACzB;AAED;;;GAGG;AACH,qBAAa,kBAAkB;IAC3B;;;;OAIG;IACH,KAAK,CAAC,IAAI,EAAE,yBAAyB,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAiC9D,OAAO,CAAC,oBAAoB;IAS5B;;OAEG;IACH,OAAO,CAAC,cAAc;CAYzB;AAGD,eAAO,MAAM,kBAAkB,oBAA2B,CAAC"}

package/dist/client/HttpRequestBuilder.js

@@ -1,83 +0,0 @@
-/**
- * HttpRequestBuilder — Single source of truth for headers
- *
- * All header generation flows through this builder.
- * raw.ts should NOT generate headers directly.
- *
- * Headers generated:
- * - X-Request-Id: Per-request, always new (crypto.randomUUID)
- * - X-Correlation-Id: Per-flow, immutable within flow
- * - Authorization: Bearer token
- * - X-Workspace-Id: Workspace binding (from context)
- * - X-Idempotency-Key: Opt-in for POST requests
- * - User-Agent: SDK version + runtime info
- *
- * @see sdk-upgrade.md Section 1.3
- */
-import { sanitizeHeader, sanitizeHeaders } from "./sanitize.js";
-const SDK_VERSION = typeof __SDK_VERSION__ !== "undefined" ? __SDK_VERSION__ : "0.7.12-dev";
-const CORRELATION_ID_PATTERN = /^[A-Za-z0-9._:-]{8,128}$/;
-export function sanitizeValidCorrelationId(raw) {
-    const candidate = sanitizeHeader((raw ?? "").trim());
-    return CORRELATION_ID_PATTERN.test(candidate) ? candidate : null;
-}
-/**
- * Build headers for HTTP requests.
- * This is the SINGLE SOURCE OF TRUTH for header generation.
- */
-export class HttpRequestBuilder {
-    /**
-     * Build headers from options.
-     *
-     * @throws Error if requireFlow is true and correlationId is missing
-     */
-    build(opts) {
-        const headers = {};
-        // I2: X-Request-Id always exists (per request)
-        headers["X-Request-Id"] = crypto.randomUUID();
-        // User-Agent: Dynamic SDK version
-        headers["User-Agent"] = this.buildUserAgent();
-        // I3: X-Correlation-Id is per flow
-        if (opts.requireFlow && !opts.context?.correlationId) {
-            throw new Error("X-Correlation-Id required for flow-scoped operations");
-        }
-        headers["X-Correlation-Id"] = this.resolveCorrelationId(opts.context?.correlationId);
-        // Authorization
-        if (opts.token) {
-            headers["Authorization"] = `Bearer ${opts.token}`;
-        }
-        // X-Workspace-Id from context
-        if (opts.context?.workspaceId) {
-            headers["X-Workspace-Id"] = opts.context.workspaceId;
-        }
-        // I7: Idempotency is opt-in
-        if (opts.idempotencyKey) {
-            headers["X-Idempotency-Key"] = sanitizeHeader(opts.idempotencyKey);
-        }
-        return sanitizeHeaders(headers);
-    }
-    resolveCorrelationId(raw) {
-        const candidate = sanitizeValidCorrelationId(raw);
-        if (candidate) {
-            return candidate;
-        }
-        return crypto.randomUUID();
-    }
-    /**
-     * Build User-Agent string with SDK version and runtime info
-     */
-    buildUserAgent() {
-        // Node.js environment
-        if (typeof process !== "undefined" && process.version) {
-            return `agent-os-sdk/${SDK_VERSION} (node/${process.version})`;
-        }
-        // Browser environment
-        if (typeof navigator !== "undefined" && navigator.userAgent) {
-            return `agent-os-sdk/${SDK_VERSION} (browser)`;
-        }
-        // Unknown environment
-        return `agent-os-sdk/${SDK_VERSION}`;
-    }
-}
-// Singleton instance for convenience
-export const httpRequestBuilder = new HttpRequestBuilder();

package/dist/client/OperationContext.d.ts

@@ -1,19 +0,0 @@
-/**
- * OperationContext — Immutable flow context
- *
- * Created at the start of a logical flow and never mutates.
- *
- * - correlationId: Tracks the entire logical operation (immutable per flow)
- * - workspaceId: Optional workspace binding
- *
- * @see sdk-upgrade.md Section 1.1
- */
-export type OperationContext = Readonly<{
-    correlationId: string;
-    workspaceId?: string;
-}>;
-export declare function createOperationContext(input: {
-    correlationId: string;
-    workspaceId?: string;
-}): OperationContext;
-//# sourceMappingURL=OperationContext.d.ts.map

package/dist/client/OperationContext.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"OperationContext.d.ts","sourceRoot":"","sources":["../../src/client/OperationContext.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,MAAM,MAAM,gBAAgB,GAAG,QAAQ,CAAC;IACpC,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC,CAAC;AAEH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE;IAC1C,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;CACxB,GAAG,gBAAgB,CAEnB"}

package/dist/client/OperationContext.js

@@ -1,13 +0,0 @@
-/**
- * OperationContext — Immutable flow context
- *
- * Created at the start of a logical flow and never mutates.
- *
- * - correlationId: Tracks the entire logical operation (immutable per flow)
- * - workspaceId: Optional workspace binding
- *
- * @see sdk-upgrade.md Section 1.1
- */
-export function createOperationContext(input) {
-    return Object.freeze({ ...input });
-}

package/dist/client/OperationContextProvider.d.ts

@@ -1,54 +0,0 @@
-/**
- * OperationContextProvider — Flow lifecycle management
- *
- * Provider defines the lifecycle of a flow context.
- * Implementations can use AsyncLocalStorage or manual context passing.
- *
- * @see sdk-upgrade.md Section 1.2
- */
-import type { OperationContext } from "./OperationContext.js";
-/**
- * Interface for context providers
- */
-export interface OperationContextProvider {
-    get(): OperationContext | undefined;
-}
-/**
- * Default provider that always returns undefined.
- * Used when no flow context is established.
- */
-export declare class DefaultContextProvider implements OperationContextProvider {
-    get(): OperationContext | undefined;
-}
-/**
- * AsyncLocalStorage-based provider for Node.js environments.
- * Automatically propagates context through async call chains.
- *
- * Note: This class requires Node.js async_hooks module.
- * Import and use only in Node.js environments.
- */
-export declare class AsyncLocalStorageContextProvider implements OperationContextProvider {
-    private readonly storage;
-    constructor();
-    get(): OperationContext | undefined;
-    /**
-     * Run a function within a context.
-     * The context is automatically available to all async operations within.
-     */
-    run<T>(context: OperationContext, fn: () => T): T;
-    /**
-     * Run an async function within a context.
-     */
-    runAsync<T>(context: OperationContext, fn: () => Promise<T>): Promise<T>;
-}
-/**
- * Manual provider for environments without AsyncLocalStorage.
- * Context must be explicitly set and cleared.
- */
-export declare class ManualContextProvider implements OperationContextProvider {
-    private context;
-    get(): OperationContext | undefined;
-    set(context: OperationContext): void;
-    clear(): void;
-}
-//# sourceMappingURL=OperationContextProvider.d.ts.map

package/dist/client/OperationContextProvider.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"OperationContextProvider.d.ts","sourceRoot":"","sources":["../../src/client/OperationContextProvider.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAE9D;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACrC,GAAG,IAAI,gBAAgB,GAAG,SAAS,CAAC;CACvC;AAED;;;GAGG;AACH,qBAAa,sBAAuB,YAAW,wBAAwB;IACnE,GAAG,IAAI,gBAAgB,GAAG,SAAS;CAGtC;AAED;;;;;;GAMG;AACH,qBAAa,gCAAiC,YAAW,wBAAwB;IAE7E,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAM;;IAa9B,GAAG,IAAI,gBAAgB,GAAG,SAAS;IAInC;;;OAGG;IACH,GAAG,CAAC,CAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC;IAIjD;;OAEG;IACH,QAAQ,CAAC,CAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;CAG3E;AAED;;;GAGG;AACH,qBAAa,qBAAsB,YAAW,wBAAwB;IAClE,OAAO,CAAC,OAAO,CAA+B;IAE9C,GAAG,IAAI,gBAAgB,GAAG,SAAS;IAInC,GAAG,CAAC,OAAO,EAAE,gBAAgB,GAAG,IAAI;IAIpC,KAAK,IAAI,IAAI;CAGhB"}