@apifuse/provider-sdk 2.1.0-beta.2 → 2.1.0-beta.4

package/bin/apifuse-pack-smoke.ts

@@ -39,17 +39,19 @@ const PING_RESPONSE_SCHEMA = z.object({
 	error: z.unknown().optional(),
 });
 
-const KEEP_TEMP = process.env.APIFUSE_PACK_SMOKE_KEEP_TEMP === "1";
+const KEEP_TEMP = process.env.APIFUSE__PACK_SMOKE__KEEP_TEMP === "1";
 
 const tempRoot = mkdtempSync(
 	join(tmpdir(), "apifuse-provider-sdk-pack-smoke-"),
 );
 const packDir = join(tempRoot, "pack");
 const consumerDir = join(tempRoot, "consumer");
+const externalWorkspaceDir = join(tempRoot, "external-workspace");
 
 try {
 	mkdirSync(packDir, { recursive: true });
 	mkdirSync(consumerDir, { recursive: true });
+	mkdirSync(join(externalWorkspaceDir, "providers"), { recursive: true });
 
 	const packed = packSdk(packDir);
 	const tarballPath = resolve(packDir, packed.filename);
@@ -93,9 +95,15 @@ try {
 
 	const generatedProviderDir = join(consumerDir, "dx-smoke");
 	run("bun", ["run", "check"], generatedProviderDir);
+	run("bun", ["run", "submit-check"], generatedProviderDir);
 	run("bun", ["run", "test"], generatedProviderDir);
 	assertGeneratedReadme(generatedProviderDir);
 	await smokeGeneratedDevServer(generatedProviderDir);
+	assertExternalWorkspaceTopology(
+		cliBin,
+		externalWorkspaceDir,
+		tarballSpecifier,
+	);
 
 	console.log(
 		`Provider SDK packed-artifact smoke passed: ${tarballPath} -> ${generatedProviderDir}`,
@@ -108,6 +116,103 @@ try {
 	}
 }
 
+function assertExternalWorkspaceTopology(
+	cliBin: string,
+	externalWorkspaceDir: string,
+	tarballSpecifier: string,
+): void {
+	writeFileSync(
+		join(externalWorkspaceDir, "package.json"),
+		`${JSON.stringify(
+			{
+				private: true,
+				type: "module",
+				workspaces: ["providers/*"],
+			},
+			null,
+			2,
+		)}\n`,
+	);
+
+	run(
+		"bun",
+		[
+			cliBin,
+			"create",
+			"external-workspace-smoke",
+			"--yes",
+			"--json",
+			"--sdk-specifier",
+			tarballSpecifier,
+		],
+		externalWorkspaceDir,
+	);
+
+	const generatedProviderDir = join(
+		externalWorkspaceDir,
+		"external-workspace-smoke",
+	);
+	const forbiddenProviderDir = join(
+		externalWorkspaceDir,
+		"providers",
+		"external-workspace-smoke",
+	);
+	if (!existsSync(generatedProviderDir)) {
+		throw new Error(
+			"Public create must generate a one-provider repository at <name>/ even when providers/ exists.",
+		);
+	}
+	if (existsSync(forbiddenProviderDir)) {
+		throw new Error(
+			"Public create must not generate providers/<name>/ in external bounty workspaces.",
+		);
+	}
+
+	const packageJson = JSON.parse(
+		readFileSync(join(generatedProviderDir, "package.json"), "utf8"),
+	);
+	const sdkDependency = packageJson?.dependencies?.["@apifuse/provider-sdk"];
+	if (sdkDependency !== tarballSpecifier) {
+		throw new Error(
+			`Expected generated provider to depend on packed SDK ${tarballSpecifier}, got ${sdkDependency}`,
+		);
+	}
+	if (JSON.stringify(packageJson).includes("workspace:")) {
+		throw new Error(
+			"External bounty workspace scaffold must not contain workspace: dependencies.",
+		);
+	}
+
+	run("bun", ["install"], generatedProviderDir);
+	run("bun", ["run", "check"], generatedProviderDir);
+	run("bun", ["run", "submit-check"], generatedProviderDir);
+	run("bun", ["run", "test"], generatedProviderDir);
+
+	const monorepoAttempt = spawnSync(
+		"bun",
+		[cliBin, "create", "bad-monorepo-smoke", "--preset", "monorepo", "--yes"],
+		{
+			cwd: externalWorkspaceDir,
+			env: { ...process.env, APIFUSE__SDK__SPECIFIER: tarballSpecifier },
+			encoding: "utf8",
+			stdio: ["ignore", "pipe", "pipe"],
+		},
+	);
+	if (monorepoAttempt.status === 0) {
+		throw new Error(
+			"--preset monorepo must reject outside the private APIFuse monorepo.",
+		);
+	}
+	const rejectionOutput = `${monorepoAttempt.stdout}\n${monorepoAttempt.stderr}`;
+	if (
+		!rejectionOutput.includes(
+			"Monorepo preset is internal to the APIFuse repository",
+		)
+	) {
+		throw new Error(`Unexpected monorepo rejection output: ${rejectionOutput}`);
+	}
+}
+
 function packSdk(destination: string): { filename: string } {
 	const raw = execFileSync(
 		"npm",
@@ -161,9 +266,14 @@ function assertGeneratedReadme(providerDir: string): void {
 			"Generated README is missing browser runtime troubleshooting guidance.",
 		);
 	}
-	if (!readme.includes("bun pm untrusted")) {
+	if (!readme.includes("impit")) {
 		throw new Error(
-			"Generated README is missing Bun trusted-dependency troubleshooting guidance.",
+			"Generated README is missing impit stealth runtime guidance.",
+		);
+	}
+	if (!readme.includes("bun run submit-check")) {
+		throw new Error(
+			"Generated README must document the submit-check pre-submission workflow.",
 		);
 	}
 	if (!readme.includes("bun run record -- --operation <operation>")) {
@@ -177,7 +287,8 @@ async function smokeGeneratedDevServer(providerDir: string): Promise<void> {
 	const port = await getAvailablePort();
 	const server = spawn("bun", ["run", "dev"], {
 		cwd: providerDir,
-		env: { ...process.env, PORT: String(port) },
+		env: { ...process.env, APIFUSE__RUNTIME__PORT: String(port) },
+		detached: process.platform !== "win32",
 		stdio: ["ignore", "pipe", "pipe"],
 	});
 	let output = "";
@@ -280,11 +391,11 @@ async function stopServer(server: ChildProcess): Promise<void> {
 	if (server.exitCode !== null) {
 		return;
 	}
-	server.kill("SIGTERM");
+	killProcessTree(server, "SIGTERM");
 	await new Promise<void>((resolvePromise) => {
 		const timeout = setTimeout(() => {
 			if (server.exitCode === null) {
-				server.kill("SIGKILL");
+				killProcessTree(server, "SIGKILL");
 			}
 			resolvePromise();
 		}, 2_000);
@@ -294,3 +405,19 @@ async function stopServer(server: ChildProcess): Promise<void> {
 		});
 	});
 }
+
+function killProcessTree(server: ChildProcess, signal: NodeJS.Signals): void {
+	if (server.pid === undefined) {
+		return;
+	}
+
+	try {
+		if (process.platform === "win32") {
+			server.kill(signal);
+			return;
+		}
+		process.kill(-server.pid, signal);
+	} catch {
+		server.kill(signal);
+	}
+}

package/bin/apifuse-perf.ts

@@ -8,8 +8,10 @@ import { pathToFileURL } from "node:url";
 
 import {
 	type ApiFuseConfig,
+	createBypassProviderCache,
 	createHttpClient,
-	createTlsClient,
+	createStealthClient,
+	createSttClientFromEnv,
 	executeOperation,
 	getProviderBaseUrl,
 	type HttpClient,
@@ -18,8 +20,8 @@ import {
 	type ProviderDefinition,
 	ProviderError,
 	type Span,
-	type TlsClient,
-	type TlsResponse,
+	type StealthClient,
+	type StealthResponse,
 	wrapWithInstrumentation,
 } from "../src";
 import {
@@ -440,12 +442,12 @@ async function loadFixtureReplay(
 }
 
 function assertProxyConfigured(config: ApiFuseConfig): void {
-	if (config.proxy?.url || process.env.APIFUSE_PROXY_URL) {
+	if (config.proxy?.url || process.env.APIFUSE__PROXY__URL) {
 		return;
 	}
 
 	throw new Error(
-		"--compare-proxy requires a proxy URL in apifuse.config.ts or APIFUSE_PROXY_URL.",
+		"--compare-proxy requires a proxy URL in apifuse.config.ts or APIFUSE__PROXY__URL.",
 	);
 }
 
@@ -637,10 +639,10 @@ function createBaseContext(options: {
 					apifuseConfig,
 					upstream,
 				});
-	const tls =
+	const stealth =
 		options.forceFixtureReplay && options.fixtureReplay
-			? createFixtureTlsClient(options.fixtureReplay.rawText)
-			: createTlsClient(getProviderBaseUrl(options.provider), {
+			? createFixtureStealthClient(options.fixtureReplay.rawText)
+			: createStealthClient(getProviderBaseUrl(options.provider), {
 					apifuseConfig,
 					upstream,
 				});
@@ -657,10 +659,12 @@ function createBaseContext(options: {
 			getScopes: () => [],
 		},
 		http,
-		tls,
+		cache: createBypassProviderCache({ providerId: options.provider.id }),
+		stealth,
 		browser: createBrowserStub(),
 		trace: options.traceContext,
 		auth: createAuthStub(),
+		stt: createSttClientFromEnv(options.provider.stt),
 	};
 }
 
@@ -695,8 +699,8 @@ function createFixtureResponse(raw: unknown) {
 	};
 }
 
-function createFixtureTlsClient(rawText: string): TlsClient {
-	const createResponse = async (): Promise<TlsResponse> => ({
+function createFixtureStealthClient(rawText: string): StealthClient {
+	const createResponse = async (): Promise<StealthResponse> => ({
 		status: 200,
 		ok: true,
 		headers: { "content-type": "application/json" },
@@ -738,7 +742,7 @@ function buildInsights(
 ): string[] {
 	const insights: string[] = [];
 	const allSpans = runs.flatMap((run) => run.spans);
-	const tlsSpans = allSpans.filter((span) => span.name === "tls.fetch");
+	const stealthSpans = allSpans.filter((span) => span.name === "stealth.fetch");
 	const dnsSpans = allSpans.filter((span) => span.name === "dns");
 	const transform = breakdown.find(
 		(entry) => entry.name === "transformResponse",
@@ -746,7 +750,7 @@ function buildInsights(
 	const responseSizes = allSpans
 		.map((span) => span.attributes.response_size)
 		.filter((value): value is number => typeof value === "number");
-	const reuseFlags = tlsSpans
+	const reuseFlags = stealthSpans
 		.map((span) => span.attributes.connection_reused)
 		.filter((value): value is boolean => typeof value === "boolean");
 
@@ -756,8 +760,8 @@ function buildInsights(
 		);
 		insights.push(
 			reusePercent >= 80
-				? `✓ TLS connection reuse: ${reusePercent}% (good)`
-				: `⚠ TLS connection reuse: ${reusePercent}% — consider session reuse`,
+				? `✓ Stealth connection reuse: ${reusePercent}% (good)`
+				: `⚠ Stealth connection reuse: ${reusePercent}% — consider session reuse`,
 		);
 	}
 

package/bin/apifuse-record.ts

@@ -7,13 +7,15 @@ import { basename, dirname, relative, resolve } from "node:path";
 import { pathToFileURL } from "node:url";
 
 import {
+	createBypassProviderCache,
 	createHttpClient,
-	createTlsClient,
+	createStealthClient,
+	createSttClientFromEnv,
 	executeOperation,
 	type HttpClient,
 	type ProviderContext,
 	type ProviderDefinition,
-	type TlsClient,
+	type StealthClient,
 } from "../src";
 
 type CliArgs = {
@@ -37,6 +39,7 @@ export async function main() {
 	const parsedParams = parseParams(operation, args.params);
 
 	const capture = createCaptureContext(
+		provider,
 		resolveOperationBaseUrl(provider, operationName),
 	);
 
@@ -269,15 +272,18 @@ function resolveOperationBaseUrl(
 	return baseUrl;
 }
 
-function createCaptureContext(baseUrl: string) {
+function createCaptureContext(provider: ProviderRuntime, baseUrl: string) {
 	let capturedRaw: unknown;
 
 	const http = proxyHttpClient(createHttpClient(baseUrl), (response) => {
 		capturedRaw = response.data;
 	});
-	const tls = proxyTlsClient(createTlsClient(baseUrl), (response) => {
-		capturedRaw = normalizeCapturedTlsResponse(response);
-	});
+	const stealth = proxyStealthClient(
+		createStealthClient(baseUrl),
+		(response) => {
+			capturedRaw = normalizeCapturedStealthResponse(response);
+		},
+	);
 
 	const ctx: ProviderContext = {
 		env: {
@@ -291,7 +297,8 @@ function createCaptureContext(baseUrl: string) {
 			getScopes: () => [],
 		},
 		http,
-		tls,
+		cache: createBypassProviderCache({ providerId: provider.id }),
+		stealth,
 		browser: {
 			engine: "playwright-stealth",
 			newPage: async () => {
@@ -306,6 +313,7 @@ function createCaptureContext(baseUrl: string) {
 				throw new Error("Auth prompts are not available in apifuse record.");
 			},
 		},
+		stt: createSttClientFromEnv(provider.stt),
 	};
 
 	return {
@@ -335,59 +343,39 @@ function proxyHttpClient(
 	}) as HttpClient;
 }
 
-function proxyTlsClient(
-	client: TlsClient,
-	onResponse: (response: Awaited<ReturnType<TlsClient["fetch"]>>) => void,
-): TlsClient {
-	return new Proxy(client, {
-		get(target, prop, receiver) {
-			const value = Reflect.get(target, prop, receiver);
-
-			if (prop === "fetch" && typeof value === "function") {
-				return async (...args: unknown[]) => {
-					const response = await value.apply(target, args);
-					onResponse(response);
-					return response;
-				};
-			}
-
-			if (prop === "createSession" && typeof value === "function") {
-				return (...args: unknown[]) => {
-					const session = value.apply(target, args) as ReturnType<
-						TlsClient["createSession"]
-					>;
-					return proxyTlsSession(session, onResponse);
-				};
-			}
+type StealthSession = ReturnType<StealthClient["createSession"]>;
 
-			return value;
+function proxyStealthClient(
+	client: StealthClient,
+	onResponse: (response: Awaited<ReturnType<StealthClient["fetch"]>>) => void,
+): StealthClient {
+	return {
+		fetch: async (...args: Parameters<StealthClient["fetch"]>) => {
+			const response = await client.fetch(...args);
+			onResponse(response);
+			return response;
 		},
-	}) as TlsClient;
+		createSession: (...args: Parameters<StealthClient["createSession"]>) =>
+			proxyStealthSession(client.createSession(...args), onResponse),
+	};
 }
 
-function proxyTlsSession(
-	session: ReturnType<TlsClient["createSession"]>,
-	onResponse: (response: Awaited<ReturnType<TlsClient["fetch"]>>) => void,
-) {
-	return new Proxy(session, {
-		get(target, prop, receiver) {
-			const value = Reflect.get(target, prop, receiver);
-
-			if (prop === "fetch" && typeof value === "function") {
-				return async (...args: unknown[]) => {
-					const response = await value.apply(target, args);
-					onResponse(response);
-					return response;
-				};
-			}
-
-			return value;
+function proxyStealthSession(
+	session: StealthSession,
+	onResponse: (response: Awaited<ReturnType<StealthClient["fetch"]>>) => void,
+): StealthSession {
+	return {
+		fetch: async (...args: Parameters<StealthSession["fetch"]>) => {
+			const response = await session.fetch(...args);
+			onResponse(response);
+			return response;
 		},
-	}) as ReturnType<TlsClient["createSession"]>;
+		close: () => session.close(),
+	};
 }
 
-function normalizeCapturedTlsResponse(
-	response: Awaited<ReturnType<TlsClient["fetch"]>>,
+function normalizeCapturedStealthResponse(
+	response: Awaited<ReturnType<StealthClient["fetch"]>>,
 ) {
 	try {
 		return JSON.parse(response.body);