npm - @agentpress/sdk - Versions diffs - 0.2.70 - Mend

@agentpress/sdk 0.2.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/index.cjs ADDED Viewed

@@ -0,0 +1,368 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  ActionsClient: () => ActionsClient,
+  AgentPress: () => AgentPress,
+  AgentPressError: () => AgentPressError,
+  ConfigurationError: () => ConfigurationError,
+  HttpError: () => HttpError,
+  TimeoutError: () => TimeoutError,
+  WebhookSignatureError: () => WebhookSignatureError
+});
+module.exports = __toCommonJS(index_exports);
+// src/errors.ts
+var AgentPressError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "AgentPressError";
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+};
+var ConfigurationError = class extends AgentPressError {
+  constructor(message) {
+    super(message);
+    this.name = "ConfigurationError";
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+};
+var HttpError = class extends AgentPressError {
+  statusCode;
+  responseBody;
+  url;
+  constructor(statusCode, responseBody, url) {
+    super(`HTTP ${statusCode} from ${url}`);
+    this.name = "HttpError";
+    this.statusCode = statusCode;
+    this.responseBody = responseBody;
+    this.url = url;
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+};
+var TimeoutError = class extends AgentPressError {
+  constructor(url, timeout) {
+    super(`Request to ${url} timed out after ${timeout}ms`);
+    this.name = "TimeoutError";
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+};
+var WebhookSignatureError = class extends AgentPressError {
+  constructor(message) {
+    super(message);
+    this.name = "WebhookSignatureError";
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+};
+// src/utils.ts
+var import_node_crypto = require("crypto");
+function randomMessageId() {
+  return `msg_${(0, import_node_crypto.randomUUID)()}`;
+}
+// src/webhooks/signing.ts
+var import_node_crypto2 = require("crypto");
+var SIGNATURE_PREFIX = "v1,";
+var DEFAULT_TOLERANCE_SECONDS = 5 * 60;
+function sign(secret, msgId, timestamp, body) {
+  const secretBytes = Buffer.from(secret.replace(/^whsec_/, ""), "base64");
+  const message = `${msgId}.${timestamp}.${body}`;
+  const signature = (0, import_node_crypto2.createHmac)("sha256", secretBytes).update(message).digest("base64");
+  return `${SIGNATURE_PREFIX}${signature}`;
+}
+function verify(secret, payload, headers, toleranceSeconds = DEFAULT_TOLERANCE_SECONDS) {
+  const msgId = headers["svix-id"];
+  const timestampStr = headers["svix-timestamp"];
+  const signatureHeader = headers["svix-signature"];
+  const timestamp = parseInt(timestampStr, 10);
+  if (Number.isNaN(timestamp)) return false;
+  const now = Math.floor(Date.now() / 1e3);
+  if (Math.abs(now - timestamp) > toleranceSeconds) return false;
+  const body = typeof payload === "string" ? payload : payload.toString("utf-8");
+  const expected = sign(secret, msgId, timestamp, body);
+  const signatures = signatureHeader.split(" ");
+  const expectedBuf = Buffer.from(expected);
+  for (const sig of signatures) {
+    const sigBuf = Buffer.from(sig);
+    if (sigBuf.length === expectedBuf.length && (0, import_node_crypto2.timingSafeEqual)(sigBuf, expectedBuf)) {
+      return true;
+    }
+  }
+  return false;
+}
+// src/actions/client.ts
+var ActionsClient = class {
+  options;
+  http;
+  constructor(options, http) {
+    this.options = options;
+    this.http = http;
+  }
+  /**
+   * Approve a staged action, optionally modifying the tool call.
+   *
+   * @throws ConfigurationError if webhookSecret is not configured
+   * @throws HttpError on non-2xx response
+   * @throws TimeoutError if request exceeds timeout
+   */
+  async approve(actionId, params) {
+    return this.manage(actionId, params.action, "approve", {
+      editedToolCall: params.editedToolCall
+    });
+  }
+  /**
+   * Reject a staged action.
+   *
+   * @throws ConfigurationError if webhookSecret is not configured
+   * @throws HttpError on non-2xx response
+   * @throws TimeoutError if request exceeds timeout
+   */
+  async reject(actionId, params) {
+    return this.manage(actionId, params.action, "reject", {
+      reason: params.reason
+    });
+  }
+  async manage(actionId, webhookAction, operation, body) {
+    if (!this.options.webhookSecret) {
+      throw new ConfigurationError(
+        "webhookSecret is required for action management operations"
+      );
+    }
+    const path = `/webhooks/actions/${this.options.org}/${webhookAction}/manage/${actionId}/${operation}`;
+    const bodyStr = JSON.stringify(body);
+    const msgId = randomMessageId();
+    const timestamp = Math.floor(Date.now() / 1e3);
+    const signature = sign(
+      this.options.webhookSecret,
+      msgId,
+      timestamp,
+      bodyStr
+    );
+    return this.http.request(path, {
+      method: "POST",
+      body: bodyStr,
+      headers: {
+        "svix-id": msgId,
+        "svix-timestamp": String(timestamp),
+        "svix-signature": signature
+      }
+    });
+  }
+};
+// src/http.ts
+var HttpClient = class {
+  baseUrl;
+  timeout;
+  onRequest;
+  onResponse;
+  constructor(options) {
+    this.baseUrl = options.baseUrl;
+    this.timeout = options.timeout;
+    this.onRequest = options.onRequest;
+    this.onResponse = options.onResponse;
+  }
+  /**
+   * Send an HTTP request to the API. Constructs the full URL from `baseUrl` + `path`,
+   * applies the configured timeout via `AbortSignal`, fires `onRequest`/`onResponse`
+   * hooks, and parses the JSON response.
+   *
+   * @throws {TimeoutError} If the request exceeds the configured timeout.
+   * @throws {HttpError} If the API returns a non-2xx status code.
+   * @throws {AgentPressError} On network failures or non-JSON responses.
+   */
+  async request(path, init) {
+    const url = `${this.baseUrl}${path}`;
+    const headers = new Headers(init.headers);
+    if (!headers.has("Content-Type")) {
+      headers.set("Content-Type", "application/json");
+    }
+    const requestInit = {
+      ...init,
+      headers,
+      signal: AbortSignal.timeout(this.timeout)
+    };
+    this.onRequest?.(url, requestInit);
+    let response;
+    try {
+      response = await fetch(url, requestInit);
+    } catch (error) {
+      if (error instanceof Error && (error.name === "TimeoutError" || error.name === "AbortError")) {
+        throw new TimeoutError(url, this.timeout);
+      }
+      const message = error instanceof Error ? error.message : "Unknown fetch error";
+      throw new AgentPressError(`Request to ${url} failed: ${message}`);
+    }
+    this.onResponse?.(url, response.clone());
+    const text = await response.text();
+    if (!response.ok) {
+      throw new HttpError(response.status, text, url);
+    }
+    try {
+      return JSON.parse(text);
+    } catch {
+      throw new AgentPressError(
+        `Expected JSON response from ${url} but received: ${text.slice(0, 200)}`
+      );
+    }
+  }
+};
+// src/webhooks/client.ts
+var WebhooksClient = class {
+  options;
+  http;
+  constructor(options, http) {
+    this.options = options;
+    this.http = http;
+  }
+  /**
+   * Send an arbitrary webhook payload to AgentPress.
+   * Signs the payload with HMAC-SHA256 (Svix-compatible).
+   *
+   * @throws ConfigurationError if webhookSecret is not configured
+   * @throws HttpError on non-2xx response
+   * @throws TimeoutError if request exceeds timeout
+   */
+  async send(params) {
+    if (!this.options.webhookSecret) {
+      throw new ConfigurationError(
+        "webhookSecret is required for webhook operations"
+      );
+    }
+    const path = `/webhooks/actions/${this.options.org}/${params.action}`;
+    const body = JSON.stringify(params.payload);
+    const msgId = randomMessageId();
+    const timestamp = Math.floor(Date.now() / 1e3);
+    const signature = sign(this.options.webhookSecret, msgId, timestamp, body);
+    return this.http.request(path, {
+      method: "POST",
+      body,
+      headers: {
+        "svix-id": msgId,
+        "svix-timestamp": String(timestamp),
+        "svix-signature": signature
+      }
+    });
+  }
+  /**
+   * Verify an inbound Svix webhook signature.
+   *
+   * @returns true if valid, false if invalid or expired
+   * @throws ConfigurationError if webhookSecret is not configured
+   */
+  verify(params) {
+    if (!this.options.webhookSecret) {
+      throw new ConfigurationError(
+        "webhookSecret is required for webhook verification"
+      );
+    }
+    return verify(
+      this.options.webhookSecret,
+      params.payload,
+      params.headers
+    );
+  }
+  /**
+   * Verify an inbound Svix webhook signature, throwing on failure.
+   * Useful for middleware patterns where invalid signatures should halt processing.
+   *
+   * @throws WebhookSignatureError if signature is invalid or expired
+   * @throws ConfigurationError if webhookSecret is not configured
+   */
+  verifyOrThrow(params) {
+    if (!this.verify(params)) {
+      throw new WebhookSignatureError("Invalid webhook signature");
+    }
+  }
+  /**
+   * Verify and parse an inbound webhook from AgentPress.
+   * Combines signature verification with JSON parsing and type casting.
+   * This is the recommended way to handle incoming webhooks.
+   *
+   * @throws WebhookSignatureError if signature is invalid or expired
+   * @throws ConfigurationError if webhookSecret is not configured
+   * @throws AgentPressError if payload is not valid JSON
+   */
+  constructEvent(params) {
+    this.verifyOrThrow(params);
+    const body = typeof params.payload === "string" ? params.payload : params.payload.toString("utf-8");
+    try {
+      return JSON.parse(body);
+    } catch {
+      throw new AgentPressError("Webhook payload is not valid JSON");
+    }
+  }
+};
+// src/client.ts
+var AgentPress = class {
+  /** Webhook operations: send outbound webhooks and verify inbound signatures. */
+  webhooks;
+  /** Action management: approve or reject staged actions. */
+  actions;
+  /**
+   * @param options - SDK configuration. All fields are optional with sensible defaults.
+   * @throws {ConfigurationError} If `timeout` is non-positive or `webhookSecret` has an invalid prefix.
+   */
+  constructor(options = {}) {
+    const resolved = resolveOptions(options);
+    const http = new HttpClient(resolved);
+    this.webhooks = new WebhooksClient(resolved, http);
+    this.actions = new ActionsClient(resolved, http);
+  }
+};
+function resolveOptions(options) {
+  const baseUrl = (options.baseUrl ?? "https://api.agent.press").replace(
+    /\/+$/,
+    ""
+  );
+  const timeout = options.timeout ?? 3e4;
+  const org = options.org ?? "default-org";
+  if (timeout <= 0 || !Number.isFinite(timeout)) {
+    throw new ConfigurationError("timeout must be a positive number");
+  }
+  if (options.webhookSecret !== void 0 && !options.webhookSecret.startsWith("whsec_")) {
+    throw new ConfigurationError('webhookSecret must start with "whsec_"');
+  }
+  return {
+    baseUrl,
+    timeout,
+    org,
+    webhookSecret: options.webhookSecret,
+    apiKey: options.apiKey,
+    onRequest: options.onRequest,
+    onResponse: options.onResponse
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ActionsClient,
+  AgentPress,
+  AgentPressError,
+  ConfigurationError,
+  HttpError,
+  TimeoutError,
+  WebhookSignatureError
+});
+//# sourceMappingURL=index.cjs.map

package/dist/index.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/index.ts","../src/errors.ts","../src/utils.ts","../src/webhooks/signing.ts","../src/actions/client.ts","../src/http.ts","../src/webhooks/client.ts","../src/client.ts"],"sourcesContent":["export { ActionsClient } from \"./actions/client\";\nexport { AgentPress } from \"./client\";\nexport {\n AgentPressError,\n ConfigurationError,\n HttpError,\n TimeoutError,\n WebhookSignatureError,\n} from \"./errors\";\nexport type {\n ActionCallbackPayload,\n ActionEventType,\n ActionManageResponse,\n ActionStatus,\n AgentPressOptions,\n AgentResponse,\n ApproveActionParams,\n RejectActionParams,\n StagedToolCall,\n ToolCallResult,\n WebhookResponse,\n WebhookSendParams,\n WebhookVerifyParams,\n} from \"./types\";\n","/**\n * Base error class for all SDK errors. Catch this to handle any error\n * thrown by the AgentPress SDK regardless of specific type.\n */\nexport class AgentPressError extends Error {\n constructor(message: string) {\n super(message);\n this.name = \"AgentPressError\";\n Object.setPrototypeOf(this, new.target.prototype);\n }\n}\n\n/**\n * Thrown at construction time when `AgentPressOptions` contains invalid values\n * (e.g., non-positive timeout, malformed `webhookSecret`).\n */\nexport class ConfigurationError extends AgentPressError {\n constructor(message: string) {\n super(message);\n this.name = \"ConfigurationError\";\n Object.setPrototypeOf(this, new.target.prototype);\n }\n}\n\n/**\n * Thrown when the API returns a non-2xx HTTP response.\n *\n * Properties:\n * - `statusCode` - HTTP status code (e.g., 401, 404, 500)\n * - `responseBody` - Raw response body text for debugging\n * - `url` - The full request URL that failed\n */\nexport class HttpError extends AgentPressError {\n public readonly statusCode: number;\n public readonly responseBody: string;\n public readonly url: string;\n\n constructor(statusCode: number, responseBody: string, url: string) {\n super(`HTTP ${statusCode} from ${url}`);\n this.name = \"HttpError\";\n this.statusCode = statusCode;\n this.responseBody = responseBody;\n this.url = url;\n Object.setPrototypeOf(this, new.target.prototype);\n }\n}\n\n/** Thrown when a request exceeds the configured `timeout` (default 30s). */\nexport class TimeoutError extends AgentPressError {\n constructor(url: string, timeout: number) {\n super(`Request to ${url} timed out after ${timeout}ms`);\n this.name = \"TimeoutError\";\n Object.setPrototypeOf(this, new.target.prototype);\n }\n}\n\n/** Thrown by {@link WebhooksClient.verifyOrThrow} when an inbound webhook signature is invalid or expired. */\nexport class WebhookSignatureError extends AgentPressError {\n constructor(message: string) {\n super(message);\n this.name = \"WebhookSignatureError\";\n Object.setPrototypeOf(this, new.target.prototype);\n }\n}\n","import { randomUUID } from \"node:crypto\";\n\nexport function randomMessageId(): string {\n return `msg_${randomUUID()}`;\n}\n","import { createHmac, timingSafeEqual } from \"node:crypto\";\n\nconst SIGNATURE_PREFIX = \"v1,\";\nconst DEFAULT_TOLERANCE_SECONDS = 5 * 60; // 5 minutes\n\n/**\n * Sign a webhook payload using Svix-compatible HMAC-SHA256.\n *\n * @param secret - The webhook secret (with \"whsec_\" prefix)\n * @param msgId - Unique message ID (e.g., \"msg_<uuid>\")\n * @param timestamp - Unix timestamp in seconds\n * @param body - JSON stringified payload\n * @returns Signature string in format \"v1,<base64>\"\n */\nexport function sign(\n secret: string,\n msgId: string,\n timestamp: number,\n body: string,\n): string {\n const secretBytes = Buffer.from(secret.replace(/^whsec_/, \"\"), \"base64\");\n const message = `${msgId}.${timestamp}.${body}`;\n const signature = createHmac(\"sha256\", secretBytes)\n .update(message)\n .digest(\"base64\");\n return `${SIGNATURE_PREFIX}${signature}`;\n}\n\n/**\n * Verify a Svix webhook signature.\n *\n * @param secret - The webhook secret (with \"whsec_\" prefix)\n * @param payload - Raw request body (string or Buffer)\n * @param headers - Svix headers object\n * @param toleranceSeconds - Max age of signature in seconds (default: 5 min)\n * @returns true if valid, false if invalid or expired\n */\nexport function verify(\n secret: string,\n payload: string | Buffer,\n headers: {\n \"svix-id\": string;\n \"svix-timestamp\": string;\n \"svix-signature\": string;\n },\n toleranceSeconds: number = DEFAULT_TOLERANCE_SECONDS,\n): boolean {\n const msgId = headers[\"svix-id\"];\n const timestampStr = headers[\"svix-timestamp\"];\n const signatureHeader = headers[\"svix-signature\"];\n\n const timestamp = parseInt(timestampStr, 10);\n if (Number.isNaN(timestamp)) return false;\n\n const now = Math.floor(Date.now() / 1000);\n if (Math.abs(now - timestamp) > toleranceSeconds) return false;\n\n const body =\n typeof payload === \"string\" ? payload : payload.toString(\"utf-8\");\n const expected = sign(secret, msgId, timestamp, body);\n\n const signatures = signatureHeader.split(\" \");\n const expectedBuf = Buffer.from(expected);\n\n for (const sig of signatures) {\n const sigBuf = Buffer.from(sig);\n if (\n sigBuf.length === expectedBuf.length &&\n timingSafeEqual(sigBuf, expectedBuf)\n ) {\n return true;\n }\n }\n\n return false;\n}\n","import { ConfigurationError } from \"../errors\";\nimport type { HttpClient } from \"../http\";\nimport type {\n ActionManageResponse,\n ApproveActionParams,\n RejectActionParams,\n ResolvedOptions,\n} from \"../types\";\nimport { randomMessageId } from \"../utils\";\nimport { sign } from \"../webhooks/signing\";\n\n/**\n * Client for programmatically approving or rejecting staged actions.\n * Uses HMAC-SHA256 signing (Svix-compatible), identical to {@link WebhooksClient}.\n *\n * @example\n * ```ts\n * const client = new AgentPress({ webhookSecret: \"whsec_...\", org: \"my-org\" });\n *\n * // Approve a staged action\n * await client.actions.approve(\"act_123\", {\n * action: \"my_webhook_action\",\n * });\n *\n * // Reject with a reason\n * await client.actions.reject(\"act_456\", {\n * action: \"my_webhook_action\",\n * reason: \"Insufficient data\",\n * });\n * ```\n */\nexport class ActionsClient {\n private readonly options: ResolvedOptions;\n private readonly http: HttpClient;\n\n constructor(options: ResolvedOptions, http: HttpClient) {\n this.options = options;\n this.http = http;\n }\n\n /**\n * Approve a staged action, optionally modifying the tool call.\n *\n * @throws ConfigurationError if webhookSecret is not configured\n * @throws HttpError on non-2xx response\n * @throws TimeoutError if request exceeds timeout\n */\n async approve(\n actionId: string,\n params: ApproveActionParams,\n ): Promise<ActionManageResponse> {\n return this.manage(actionId, params.action, \"approve\", {\n editedToolCall: params.editedToolCall,\n });\n }\n\n /**\n * Reject a staged action.\n *\n * @throws ConfigurationError if webhookSecret is not configured\n * @throws HttpError on non-2xx response\n * @throws TimeoutError if request exceeds timeout\n */\n async reject(\n actionId: string,\n params: RejectActionParams,\n ): Promise<ActionManageResponse> {\n return this.manage(actionId, params.action, \"reject\", {\n reason: params.reason,\n });\n }\n\n private async manage(\n actionId: string,\n webhookAction: string,\n operation: \"approve\" | \"reject\",\n body: Record<string, unknown>,\n ): Promise<ActionManageResponse> {\n if (!this.options.webhookSecret) {\n throw new ConfigurationError(\n \"webhookSecret is required for action management operations\",\n );\n }\n\n const path = `/webhooks/actions/${this.options.org}/${webhookAction}/manage/${actionId}/${operation}`;\n const bodyStr = JSON.stringify(body);\n const msgId = randomMessageId();\n const timestamp = Math.floor(Date.now() / 1000);\n const signature = sign(\n this.options.webhookSecret,\n msgId,\n timestamp,\n bodyStr,\n );\n\n return this.http.request<ActionManageResponse>(path, {\n method: \"POST\",\n body: bodyStr,\n headers: {\n \"svix-id\": msgId,\n \"svix-timestamp\": String(timestamp),\n \"svix-signature\": signature,\n },\n });\n }\n}\n","import { AgentPressError, HttpError, TimeoutError } from \"./errors\";\nimport type { ResolvedOptions } from \"./types\";\n\n/**\n * Internal shared HTTP client. Not part of the public API -- used by\n * namespace clients (e.g., `WebhooksClient`) to make authenticated requests.\n * @internal\n */\nexport class HttpClient {\n private readonly baseUrl: string;\n private readonly timeout: number;\n private readonly onRequest?: ResolvedOptions[\"onRequest\"];\n private readonly onResponse?: ResolvedOptions[\"onResponse\"];\n\n constructor(options: ResolvedOptions) {\n this.baseUrl = options.baseUrl;\n this.timeout = options.timeout;\n this.onRequest = options.onRequest;\n this.onResponse = options.onResponse;\n }\n\n /**\n * Send an HTTP request to the API. Constructs the full URL from `baseUrl` + `path`,\n * applies the configured timeout via `AbortSignal`, fires `onRequest`/`onResponse`\n * hooks, and parses the JSON response.\n *\n * @throws {TimeoutError} If the request exceeds the configured timeout.\n * @throws {HttpError} If the API returns a non-2xx status code.\n * @throws {AgentPressError} On network failures or non-JSON responses.\n */\n async request<T>(path: string, init: RequestInit): Promise<T> {\n const url = `${this.baseUrl}${path}`;\n\n const headers = new Headers(init.headers);\n if (!headers.has(\"Content-Type\")) {\n headers.set(\"Content-Type\", \"application/json\");\n }\n\n const requestInit: RequestInit = {\n ...init,\n headers,\n signal: AbortSignal.timeout(this.timeout),\n };\n\n this.onRequest?.(url, requestInit);\n\n let response: Response;\n try {\n // biome-ignore lint/style/noRestrictedGlobals: SDK is a standalone package that uses raw fetch\n response = await fetch(url, requestInit);\n } catch (error: unknown) {\n if (\n error instanceof Error &&\n (error.name === \"TimeoutError\" || error.name === \"AbortError\")\n ) {\n throw new TimeoutError(url, this.timeout);\n }\n const message =\n error instanceof Error ? error.message : \"Unknown fetch error\";\n throw new AgentPressError(`Request to ${url} failed: ${message}`);\n }\n\n this.onResponse?.(url, response.clone());\n\n const text = await response.text();\n\n if (!response.ok) {\n throw new HttpError(response.status, text, url);\n }\n\n try {\n return JSON.parse(text) as T;\n } catch {\n throw new AgentPressError(\n `Expected JSON response from ${url} but received: ${text.slice(0, 200)}`,\n );\n }\n }\n}\n","import {\n AgentPressError,\n ConfigurationError,\n WebhookSignatureError,\n} from \"../errors\";\nimport type { HttpClient } from \"../http\";\nimport type {\n ActionCallbackPayload,\n ResolvedOptions,\n WebhookResponse,\n WebhookSendParams,\n WebhookVerifyParams,\n} from \"../types\";\nimport { randomMessageId } from \"../utils\";\nimport { sign, verify as verifySig } from \"./signing\";\n\nexport class WebhooksClient {\n private readonly options: ResolvedOptions;\n private readonly http: HttpClient;\n\n constructor(options: ResolvedOptions, http: HttpClient) {\n this.options = options;\n this.http = http;\n }\n\n /**\n * Send an arbitrary webhook payload to AgentPress.\n * Signs the payload with HMAC-SHA256 (Svix-compatible).\n *\n * @throws ConfigurationError if webhookSecret is not configured\n * @throws HttpError on non-2xx response\n * @throws TimeoutError if request exceeds timeout\n */\n async send(params: WebhookSendParams): Promise<WebhookResponse> {\n if (!this.options.webhookSecret) {\n throw new ConfigurationError(\n \"webhookSecret is required for webhook operations\",\n );\n }\n\n const path = `/webhooks/actions/${this.options.org}/${params.action}`;\n const body = JSON.stringify(params.payload);\n const msgId = randomMessageId();\n const timestamp = Math.floor(Date.now() / 1000);\n const signature = sign(this.options.webhookSecret, msgId, timestamp, body);\n\n return this.http.request<WebhookResponse>(path, {\n method: \"POST\",\n body,\n headers: {\n \"svix-id\": msgId,\n \"svix-timestamp\": String(timestamp),\n \"svix-signature\": signature,\n },\n });\n }\n\n /**\n * Verify an inbound Svix webhook signature.\n *\n * @returns true if valid, false if invalid or expired\n * @throws ConfigurationError if webhookSecret is not configured\n */\n verify(params: WebhookVerifyParams): boolean {\n if (!this.options.webhookSecret) {\n throw new ConfigurationError(\n \"webhookSecret is required for webhook verification\",\n );\n }\n\n return verifySig(\n this.options.webhookSecret,\n params.payload,\n params.headers,\n );\n }\n\n /**\n * Verify an inbound Svix webhook signature, throwing on failure.\n * Useful for middleware patterns where invalid signatures should halt processing.\n *\n * @throws WebhookSignatureError if signature is invalid or expired\n * @throws ConfigurationError if webhookSecret is not configured\n */\n verifyOrThrow(params: WebhookVerifyParams): void {\n if (!this.verify(params)) {\n throw new WebhookSignatureError(\"Invalid webhook signature\");\n }\n }\n\n /**\n * Verify and parse an inbound webhook from AgentPress.\n * Combines signature verification with JSON parsing and type casting.\n * This is the recommended way to handle incoming webhooks.\n *\n * @throws WebhookSignatureError if signature is invalid or expired\n * @throws ConfigurationError if webhookSecret is not configured\n * @throws AgentPressError if payload is not valid JSON\n */\n constructEvent(params: WebhookVerifyParams): ActionCallbackPayload {\n this.verifyOrThrow(params);\n const body =\n typeof params.payload === \"string\"\n ? params.payload\n : params.payload.toString(\"utf-8\");\n try {\n return JSON.parse(body) as ActionCallbackPayload;\n } catch {\n throw new AgentPressError(\"Webhook payload is not valid JSON\");\n }\n }\n}\n","import { ActionsClient } from \"./actions/client\";\nimport { ConfigurationError } from \"./errors\";\nimport { HttpClient } from \"./http\";\nimport type { AgentPressOptions, ResolvedOptions } from \"./types\";\nimport { WebhooksClient } from \"./webhooks/client\";\n\n/**\n * Main entry point for the AgentPress SDK. Provides namespaced access to API\n * resources (e.g., `client.webhooks.send()`, `client.actions.approve()`).\n * Validates all configuration options at construction time, so invalid config fails fast.\n *\n * @example\n * ```ts\n * const client = new AgentPress({\n * apiKey: \"ak_...\",\n * webhookSecret: \"whsec_...\",\n * });\n * await client.webhooks.send({ action: \"my_action\", payload: { ... } });\n * await client.actions.approve(\"act_123\", { action: \"my_action\" });\n * ```\n */\nexport class AgentPress {\n /** Webhook operations: send outbound webhooks and verify inbound signatures. */\n public readonly webhooks: WebhooksClient;\n /** Action management: approve or reject staged actions. */\n public readonly actions: ActionsClient;\n\n /**\n * @param options - SDK configuration. All fields are optional with sensible defaults.\n * @throws {ConfigurationError} If `timeout` is non-positive or `webhookSecret` has an invalid prefix.\n */\n constructor(options: AgentPressOptions = {}) {\n const resolved = resolveOptions(options);\n const http = new HttpClient(resolved);\n this.webhooks = new WebhooksClient(resolved, http);\n this.actions = new ActionsClient(resolved, http);\n }\n}\n\nfunction resolveOptions(options: AgentPressOptions): ResolvedOptions {\n const baseUrl = (options.baseUrl ?? \"https://api.agent.press\").replace(\n /\\/+$/,\n \"\",\n );\n const timeout = options.timeout ?? 30_000;\n const org = options.org ?? \"default-org\";\n\n if (timeout <= 0 || !Number.isFinite(timeout)) {\n throw new ConfigurationError(\"timeout must be a positive number\");\n }\n\n if (\n options.webhookSecret !== undefined &&\n !options.webhookSecret.startsWith(\"whsec_\")\n ) {\n throw new ConfigurationError('webhookSecret must start with \"whsec_\"');\n }\n\n return {\n baseUrl,\n timeout,\n org,\n webhookSecret: options.webhookSecret,\n apiKey: options.apiKey,\n onRequest: options.onRequest,\n onResponse: options.onResponse,\n };\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACIO,IAAM,kBAAN,cAA8B,MAAM;AAAA,EACzC,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,WAAO,eAAe,MAAM,WAAW,SAAS;AAAA,EAClD;AACF;AAMO,IAAM,qBAAN,cAAiC,gBAAgB;AAAA,EACtD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,WAAO,eAAe,MAAM,WAAW,SAAS;AAAA,EAClD;AACF;AAUO,IAAM,YAAN,cAAwB,gBAAgB;AAAA,EAC7B;AAAA,EACA;AAAA,EACA;AAAA,EAEhB,YAAY,YAAoB,cAAsB,KAAa;AACjE,UAAM,QAAQ,UAAU,SAAS,GAAG,EAAE;AACtC,SAAK,OAAO;AACZ,SAAK,aAAa;AAClB,SAAK,eAAe;AACpB,SAAK,MAAM;AACX,WAAO,eAAe,MAAM,WAAW,SAAS;AAAA,EAClD;AACF;AAGO,IAAM,eAAN,cAA2B,gBAAgB;AAAA,EAChD,YAAY,KAAa,SAAiB;AACxC,UAAM,cAAc,GAAG,oBAAoB,OAAO,IAAI;AACtD,SAAK,OAAO;AACZ,WAAO,eAAe,MAAM,WAAW,SAAS;AAAA,EAClD;AACF;AAGO,IAAM,wBAAN,cAAoC,gBAAgB;AAAA,EACzD,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,WAAO,eAAe,MAAM,WAAW,SAAS;AAAA,EAClD;AACF;;;AC/DA,yBAA2B;AAEpB,SAAS,kBAA0B;AACxC,SAAO,WAAO,+BAAW,CAAC;AAC5B;;;ACJA,IAAAA,sBAA4C;AAE5C,IAAM,mBAAmB;AACzB,IAAM,4BAA4B,IAAI;AAW/B,SAAS,KACd,QACA,OACA,WACA,MACQ;AACR,QAAM,cAAc,OAAO,KAAK,OAAO,QAAQ,WAAW,EAAE,GAAG,QAAQ;AACvE,QAAM,UAAU,GAAG,KAAK,IAAI,SAAS,IAAI,IAAI;AAC7C,QAAM,gBAAY,gCAAW,UAAU,WAAW,EAC/C,OAAO,OAAO,EACd,OAAO,QAAQ;AAClB,SAAO,GAAG,gBAAgB,GAAG,SAAS;AACxC;AAWO,SAAS,OACd,QACA,SACA,SAKA,mBAA2B,2BAClB;AACT,QAAM,QAAQ,QAAQ,SAAS;AAC/B,QAAM,eAAe,QAAQ,gBAAgB;AAC7C,QAAM,kBAAkB,QAAQ,gBAAgB;AAEhD,QAAM,YAAY,SAAS,cAAc,EAAE;AAC3C,MAAI,OAAO,MAAM,SAAS,EAAG,QAAO;AAEpC,QAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AACxC,MAAI,KAAK,IAAI,MAAM,SAAS,IAAI,iBAAkB,QAAO;AAEzD,QAAM,OACJ,OAAO,YAAY,WAAW,UAAU,QAAQ,SAAS,OAAO;AAClE,QAAM,WAAW,KAAK,QAAQ,OAAO,WAAW,IAAI;AAEpD,QAAM,aAAa,gBAAgB,MAAM,GAAG;AAC5C,QAAM,cAAc,OAAO,KAAK,QAAQ;AAExC,aAAW,OAAO,YAAY;AAC5B,UAAM,SAAS,OAAO,KAAK,GAAG;AAC9B,QACE,OAAO,WAAW,YAAY,cAC9B,qCAAgB,QAAQ,WAAW,GACnC;AACA,aAAO;AAAA,IACT;AAAA,EACF;AAEA,SAAO;AACT;;;AC5CO,IAAM,gBAAN,MAAoB;AAAA,EACR;AAAA,EACA;AAAA,EAEjB,YAAY,SAA0B,MAAkB;AACtD,SAAK,UAAU;AACf,SAAK,OAAO;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,QACJ,UACA,QAC+B;AAC/B,WAAO,KAAK,OAAO,UAAU,OAAO,QAAQ,WAAW;AAAA,MACrD,gBAAgB,OAAO;AAAA,IACzB,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,OACJ,UACA,QAC+B;AAC/B,WAAO,KAAK,OAAO,UAAU,OAAO,QAAQ,UAAU;AAAA,MACpD,QAAQ,OAAO;AAAA,IACjB,CAAC;AAAA,EACH;AAAA,EAEA,MAAc,OACZ,UACA,eACA,WACA,MAC+B;AAC/B,QAAI,CAAC,KAAK,QAAQ,eAAe;AAC/B,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,UAAM,OAAO,qBAAqB,KAAK,QAAQ,GAAG,IAAI,aAAa,WAAW,QAAQ,IAAI,SAAS;AACnG,UAAM,UAAU,KAAK,UAAU,IAAI;AACnC,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,YAAY,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAC9C,UAAM,YAAY;AAAA,MAChB,KAAK,QAAQ;AAAA,MACb;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,WAAO,KAAK,KAAK,QAA8B,MAAM;AAAA,MACnD,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,SAAS;AAAA,QACP,WAAW;AAAA,QACX,kBAAkB,OAAO,SAAS;AAAA,QAClC,kBAAkB;AAAA,MACpB;AAAA,IACF,CAAC;AAAA,EACH;AACF;;;ACjGO,IAAM,aAAN,MAAiB;AAAA,EACL;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAA0B;AACpC,SAAK,UAAU,QAAQ;AACvB,SAAK,UAAU,QAAQ;AACvB,SAAK,YAAY,QAAQ;AACzB,SAAK,aAAa,QAAQ;AAAA,EAC5B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,QAAW,MAAc,MAA+B;AAC5D,UAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI;AAElC,UAAM,UAAU,IAAI,QAAQ,KAAK,OAAO;AACxC,QAAI,CAAC,QAAQ,IAAI,cAAc,GAAG;AAChC,cAAQ,IAAI,gBAAgB,kBAAkB;AAAA,IAChD;AAEA,UAAM,cAA2B;AAAA,MAC/B,GAAG;AAAA,MACH;AAAA,MACA,QAAQ,YAAY,QAAQ,KAAK,OAAO;AAAA,IAC1C;AAEA,SAAK,YAAY,KAAK,WAAW;AAEjC,QAAI;AACJ,QAAI;AAEF,iBAAW,MAAM,MAAM,KAAK,WAAW;AAAA,IACzC,SAAS,OAAgB;AACvB,UACE,iBAAiB,UAChB,MAAM,SAAS,kBAAkB,MAAM,SAAS,eACjD;AACA,cAAM,IAAI,aAAa,KAAK,KAAK,OAAO;AAAA,MAC1C;AACA,YAAM,UACJ,iBAAiB,QAAQ,MAAM,UAAU;AAC3C,YAAM,IAAI,gBAAgB,cAAc,GAAG,YAAY,OAAO,EAAE;AAAA,IAClE;AAEA,SAAK,aAAa,KAAK,SAAS,MAAM,CAAC;AAEvC,UAAM,OAAO,MAAM,SAAS,KAAK;AAEjC,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,UAAU,SAAS,QAAQ,MAAM,GAAG;AAAA,IAChD;AAEA,QAAI;AACF,aAAO,KAAK,MAAM,IAAI;AAAA,IACxB,QAAQ;AACN,YAAM,IAAI;AAAA,QACR,+BAA+B,GAAG,kBAAkB,KAAK,MAAM,GAAG,GAAG,CAAC;AAAA,MACxE;AAAA,IACF;AAAA,EACF;AACF;;;AC9DO,IAAM,iBAAN,MAAqB;AAAA,EACT;AAAA,EACA;AAAA,EAEjB,YAAY,SAA0B,MAAkB;AACtD,SAAK,UAAU;AACf,SAAK,OAAO;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,KAAK,QAAqD;AAC9D,QAAI,CAAC,KAAK,QAAQ,eAAe;AAC/B,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,UAAM,OAAO,qBAAqB,KAAK,QAAQ,GAAG,IAAI,OAAO,MAAM;AACnE,UAAM,OAAO,KAAK,UAAU,OAAO,OAAO;AAC1C,UAAM,QAAQ,gBAAgB;AAC9B,UAAM,YAAY,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;AAC9C,UAAM,YAAY,KAAK,KAAK,QAAQ,eAAe,OAAO,WAAW,IAAI;AAEzE,WAAO,KAAK,KAAK,QAAyB,MAAM;AAAA,MAC9C,QAAQ;AAAA,MACR;AAAA,MACA,SAAS;AAAA,QACP,WAAW;AAAA,QACX,kBAAkB,OAAO,SAAS;AAAA,QAClC,kBAAkB;AAAA,MACpB;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAO,QAAsC;AAC3C,QAAI,CAAC,KAAK,QAAQ,eAAe;AAC/B,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,WAAO;AAAA,MACL,KAAK,QAAQ;AAAA,MACb,OAAO;AAAA,MACP,OAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,cAAc,QAAmC;AAC/C,QAAI,CAAC,KAAK,OAAO,MAAM,GAAG;AACxB,YAAM,IAAI,sBAAsB,2BAA2B;AAAA,IAC7D;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,eAAe,QAAoD;AACjE,SAAK,cAAc,MAAM;AACzB,UAAM,OACJ,OAAO,OAAO,YAAY,WACtB,OAAO,UACP,OAAO,QAAQ,SAAS,OAAO;AACrC,QAAI;AACF,aAAO,KAAK,MAAM,IAAI;AAAA,IACxB,QAAQ;AACN,YAAM,IAAI,gBAAgB,mCAAmC;AAAA,IAC/D;AAAA,EACF;AACF;;;AC1FO,IAAM,aAAN,MAAiB;AAAA;AAAA,EAEN;AAAA;AAAA,EAEA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMhB,YAAY,UAA6B,CAAC,GAAG;AAC3C,UAAM,WAAW,eAAe,OAAO;AACvC,UAAM,OAAO,IAAI,WAAW,QAAQ;AACpC,SAAK,WAAW,IAAI,eAAe,UAAU,IAAI;AACjD,SAAK,UAAU,IAAI,cAAc,UAAU,IAAI;AAAA,EACjD;AACF;AAEA,SAAS,eAAe,SAA6C;AACnE,QAAM,WAAW,QAAQ,WAAW,2BAA2B;AAAA,IAC7D;AAAA,IACA;AAAA,EACF;AACA,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,MAAM,QAAQ,OAAO;AAE3B,MAAI,WAAW,KAAK,CAAC,OAAO,SAAS,OAAO,GAAG;AAC7C,UAAM,IAAI,mBAAmB,mCAAmC;AAAA,EAClE;AAEA,MACE,QAAQ,kBAAkB,UAC1B,CAAC,QAAQ,cAAc,WAAW,QAAQ,GAC1C;AACA,UAAM,IAAI,mBAAmB,wCAAwC;AAAA,EACvE;AAEA,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,eAAe,QAAQ;AAAA,IACvB,QAAQ,QAAQ;AAAA,IAChB,WAAW,QAAQ;AAAA,IACnB,YAAY,QAAQ;AAAA,EACtB;AACF;","names":["import_node_crypto"]}