@agentcash/discovery 1.6.2 → 1.6.3

package/dist/index.js

@@ -13785,8 +13785,8 @@ var FixedPriceSchema = external_exports.object({
 var DynamicPriceSchema = external_exports.object({
   currency: Iso4217Schema,
   mode: external_exports.literal("dynamic"),
-  min: external_exports.string(),
-  max: external_exports.string()
+  min: external_exports.string().optional(),
+  max: external_exports.string().optional()
 });
 var PriceSchema = external_exports.union([FixedPriceSchema, DynamicPriceSchema]);
 var X402ProtocolSchema = external_exports.object({
@@ -13885,7 +13885,12 @@ function normalizeLegacy(raw) {
 function formatPrice(price) {
   const sym = price.currency ?? "USD";
   if (price.mode === "fixed") return `${price.amount} ${sym}`;
-  return `${price.min}-${price.max} ${sym}`;
+  if (price.min !== void 0 && price.max !== void 0) {
+    return `${price.min}-${price.max} ${sym}`;
+  }
+  if (price.min !== void 0) return `>=${price.min} ${sym}`;
+  if (price.max !== void 0) return `<=${price.max} ${sym}`;
+  return `dynamic ${sym}`;
 }
 function extractProtocolNames(protocols) {
   return protocols.map((p) => {
@@ -13937,10 +13942,13 @@ var OpenApiOperationSchema = external_exports.object({
   description: external_exports.string().optional(),
   tags: external_exports.array(external_exports.string()).optional(),
   security: external_exports.array(external_exports.record(external_exports.string(), external_exports.array(external_exports.string()))).optional(),
+  // `in` / `name` are spec-required, but a single malformed parameter must not
+  // abort the whole spec — keep them optional so discovery is resilient to
+  // non-conformant OpenAPI documents in the wild.
   parameters: external_exports.array(
     external_exports.object({
-      in: external_exports.string(),
-      name: external_exports.string(),
+      in: external_exports.string().optional(),
+      name: external_exports.string().optional(),
       schema: external_exports.unknown().optional(),
       required: external_exports.boolean().optional()
     })
@@ -13950,7 +13958,8 @@ var OpenApiOperationSchema = external_exports.object({
     content: external_exports.record(external_exports.string(), external_exports.object({ schema: external_exports.unknown().optional() }))
   }).optional(),
   responses: external_exports.record(external_exports.string(), external_exports.unknown()).optional(),
-  "x-payment-info": OpenApiPaymentInfoSchema.optional()
+  // Permissive: vendor extension shape is validated at runtime, never at parse time.
+  "x-payment-info": external_exports.unknown().optional()
 });
 var OpenApiPathItemSchema = external_exports.object({
   get: OpenApiOperationSchema.optional(),
@@ -14094,20 +14103,27 @@ function fetchSafe(url2, init) {
 }
 
 // src/core/source/openapi/index.ts
-function resolvePricingHint(p) {
-  const raw = p;
-  const info = resolvePaymentInfo(raw);
+function toRecord(raw) {
+  if (typeof raw !== "object" || raw === null || Array.isArray(raw)) return void 0;
+  return raw;
+}
+function resolvePricingHint(raw) {
+  const record2 = toRecord(raw);
+  if (!record2) return void 0;
+  const info = resolvePaymentInfo(record2);
   if (!info) return void 0;
   return {
     pricingMode: info.price.mode,
     ...info.price.mode === "fixed" ? { price: info.price.amount } : {},
-    ...info.price.mode === "dynamic" ? { minPrice: info.price.min, maxPrice: info.price.max } : {},
+    ...info.price.mode === "dynamic" && info.price.min !== void 0 ? { minPrice: info.price.min } : {},
+    ...info.price.mode === "dynamic" && info.price.max !== void 0 ? { maxPrice: info.price.max } : {},
     ...info.price.currency ? { currency: info.price.currency } : {}
   };
 }
-function resolveProtocols(p) {
-  const raw = p;
-  const info = resolvePaymentInfo(raw);
+function resolveProtocols(raw) {
+  const record2 = toRecord(raw);
+  if (!record2) return [];
+  const info = resolvePaymentInfo(record2);
   if (!info) return [];
   return extractProtocolNames(info.protocols);
 }
@@ -14120,8 +14136,8 @@ var OpenApiParsedSchema = OpenApiDocSchema.transform((doc) => {
       if (!operation) continue;
       const authMode = inferAuthMode(operation, doc.security, doc.components?.securitySchemes) ?? void 0;
       const p = operation["x-payment-info"];
-      const protocols = resolveProtocols(p ?? {});
-      const pricing = (authMode === "paid" || authMode === "apiKey+paid") && p ? resolvePricingHint(p) : void 0;
+      const protocols = resolveProtocols(p);
+      const pricing = (authMode === "paid" || authMode === "apiKey+paid") && p !== void 0 ? resolvePricingHint(p) : void 0;
       const summary = operation.summary ?? operation.description;
       routes.push({
         path: normalizePath(serverBasePath + rawPath),
@@ -14362,28 +14378,29 @@ function getWellKnown(origin, headers, signal) {
 // src/core/layers/l2.ts
 function formatPrice2(pricing) {
   const sym = pricing.currency ?? "USD";
-  if (pricing.pricingMode === "fixed") return `${pricing.price} ${sym}`;
+  if (pricing.pricingMode === "fixed" && pricing.price) return `${pricing.price} ${sym}`;
   if (pricing.pricingMode === "dynamic") {
     if (pricing.minPrice && pricing.maxPrice)
       return `${pricing.minPrice}-${pricing.maxPrice} ${sym}`;
     if (pricing.maxPrice) return `up to ${pricing.maxPrice} ${sym}`;
-    return "dynamic";
+    if (pricing.minPrice) return `from ${pricing.minPrice} ${sym}`;
   }
-  return `unknown pricing mode: ${pricing.pricingMode}`;
+  return void 0;
 }
 function checkL2ForOpenAPI(openApi) {
-  const routes = openApi.routes.map((route) => ({
-    path: route.path,
-    method: route.method,
-    summary: route.summary ?? `${route.method} ${route.path}`,
-    ...route.authMode ? { authMode: route.authMode } : {},
-    ...route.pricing ? {
-      price: formatPrice2(route.pricing),
-      pricingMode: route.pricing.pricingMode,
-      ...route.pricing.currency ? { currency: route.pricing.currency } : {}
-    } : {},
-    ...route.protocols?.length ? { protocols: route.protocols } : {}
-  }));
+  const routes = openApi.routes.map((route) => {
+    const priceHint = route.pricing ? formatPrice2(route.pricing) : void 0;
+    return {
+      path: route.path,
+      method: route.method,
+      summary: route.summary ?? `${route.method} ${route.path}`,
+      ...route.authMode ? { authMode: route.authMode } : {},
+      ...priceHint ? { price: priceHint } : {},
+      ...route.pricing?.pricingMode ? { pricingMode: route.pricing.pricingMode } : {},
+      ...route.pricing?.currency ? { currency: route.pricing.currency } : {},
+      ...route.protocols?.length ? { protocols: route.protocols } : {}
+    };
+  });
   return {
     ...openApi.info.title ? { title: openApi.info.title } : {},
     ...openApi.info.description ? { description: openApi.info.description } : {},
@@ -15440,6 +15457,7 @@ var AUDIT_CODES = {
   L2_NO_PAID_ROUTES: "L2_NO_PAID_ROUTES",
   L2_PRICE_MISSING_ON_PAID: "L2_PRICE_MISSING_ON_PAID",
   L2_PRICING_MODE_UNKNOWN: "L2_PRICING_MODE_UNKNOWN",
+  L2_DYNAMIC_PRICE_INCOMPLETE: "L2_DYNAMIC_PRICE_INCOMPLETE",
   L2_CURRENCY_INVALID: "L2_CURRENCY_INVALID",
   L2_PAYMENT_INFO_LEGACY: "L2_PAYMENT_INFO_LEGACY",
   L2_PROTOCOLS_MISSING_ON_PAID: "L2_PROTOCOLS_MISSING_ON_PAID",
@@ -16128,7 +16146,15 @@ function getWarningsForL2(l2) {
       });
     }
     if (route.authMode === "paid") {
-      if (!route.price) {
+      if (route.pricingMode === "dynamic" && !route.price) {
+        warnings.push({
+          code: AUDIT_CODES.L2_DYNAMIC_PRICE_INCOMPLETE,
+          severity: "warn",
+          message: `Paid route ${loc} declares dynamic pricing but no min/max bounds.`,
+          hint: "Add x-payment-info.price.min and .price.max so agents can budget before calling. Without bounds, agents have no safe upper limit to pre-authorize.",
+          path: route.path
+        });
+      } else if (!route.price) {
         warnings.push({
           code: AUDIT_CODES.L2_PRICE_MISSING_ON_PAID,
           severity: "warn",

package/dist/schemas.cjs

@@ -13809,8 +13809,8 @@ var FixedPriceSchema = external_exports.object({
 var DynamicPriceSchema = external_exports.object({
   currency: Iso4217Schema,
   mode: external_exports.literal("dynamic"),
-  min: external_exports.string(),
-  max: external_exports.string()
+  min: external_exports.string().optional(),
+  max: external_exports.string().optional()
 });
 var PriceSchema = external_exports.union([FixedPriceSchema, DynamicPriceSchema]);
 var X402ProtocolSchema = external_exports.object({
@@ -13857,10 +13857,13 @@ var OpenApiOperationSchema = external_exports.object({
   description: external_exports.string().optional(),
   tags: external_exports.array(external_exports.string()).optional(),
   security: external_exports.array(external_exports.record(external_exports.string(), external_exports.array(external_exports.string()))).optional(),
+  // `in` / `name` are spec-required, but a single malformed parameter must not
+  // abort the whole spec — keep them optional so discovery is resilient to
+  // non-conformant OpenAPI documents in the wild.
   parameters: external_exports.array(
     external_exports.object({
-      in: external_exports.string(),
-      name: external_exports.string(),
+      in: external_exports.string().optional(),
+      name: external_exports.string().optional(),
       schema: external_exports.unknown().optional(),
       required: external_exports.boolean().optional()
     })
@@ -13870,7 +13873,8 @@ var OpenApiOperationSchema = external_exports.object({
     content: external_exports.record(external_exports.string(), external_exports.object({ schema: external_exports.unknown().optional() }))
   }).optional(),
   responses: external_exports.record(external_exports.string(), external_exports.unknown()).optional(),
-  "x-payment-info": OpenApiPaymentInfoSchema.optional()
+  // Permissive: vendor extension shape is validated at runtime, never at parse time.
+  "x-payment-info": external_exports.unknown().optional()
 });
 var OpenApiPathItemSchema = external_exports.object({
   get: OpenApiOperationSchema.optional(),