npm - @aryee337/aery-ai - Versions diffs - 0.1.148 → 0.2.10 - Mend

@aryee337/aery-ai 0.1.148 → 0.2.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (592) hide show

package/CHANGELOG.md +2914 -0
package/README.md +614 -813
package/dist/types/api-registry.d.ts +30 -0
package/dist/types/auth-broker/client.d.ts +66 -0
package/dist/types/auth-broker/index.d.ts +5 -0
package/dist/types/auth-broker/refresher.d.ts +25 -0
package/dist/types/auth-broker/remote-store.d.ts +96 -0
package/dist/types/auth-broker/server.d.ts +32 -0
package/dist/types/auth-broker/types.d.ts +105 -0
package/dist/types/auth-broker/wire-schemas.d.ts +412 -0
package/dist/types/auth-gateway/http.d.ts +39 -0
package/dist/types/auth-gateway/index.d.ts +3 -0
package/dist/types/auth-gateway/server.d.ts +36 -0
package/dist/types/auth-gateway/types.d.ts +117 -0
package/dist/types/auth-storage.d.ts +739 -0
package/dist/types/index.d.ts +49 -0
package/dist/types/model-cache.d.ts +17 -0
package/dist/types/model-manager.d.ts +64 -0
package/dist/types/model-thinking.d.ts +100 -0
package/dist/types/models.d.ts +12 -0
package/dist/types/provider-details.d.ts +24 -0
package/dist/types/provider-models/bundled-references.d.ts +4 -0
package/dist/types/provider-models/descriptors.d.ts +50 -0
package/dist/types/provider-models/google.d.ts +24 -0
package/dist/types/provider-models/index.d.ts +5 -0
package/dist/types/provider-models/ollama.d.ts +7 -0
package/dist/types/provider-models/openai-compat.d.ts +296 -0
package/dist/types/provider-models/special.d.ts +16 -0
package/dist/types/providers/aery-native-client.d.ts +13 -0
package/dist/types/providers/aery-native-server.d.ts +68 -0
package/dist/types/providers/amazon-bedrock.d.ts +38 -0
package/dist/types/providers/anthropic-client.d.ts +99 -0
package/dist/types/providers/anthropic-messages-server-schema.d.ts +465 -0
package/dist/types/providers/anthropic-messages-server.d.ts +17 -0
package/dist/types/providers/anthropic-wire.d.ts +262 -0
package/dist/types/providers/anthropic.d.ts +206 -0
package/dist/types/providers/aws-credentials.d.ts +43 -0
package/dist/types/providers/aws-eventstream.d.ts +38 -0
package/dist/types/providers/aws-sigv4.d.ts +55 -0
package/dist/types/providers/azure-openai-responses.d.ts +15 -0
package/dist/types/providers/cursor/gen/agent_pb.d.ts +13022 -0
package/dist/types/providers/cursor.d.ts +43 -0
package/dist/types/providers/error-message.d.ts +27 -0
package/dist/types/providers/github-copilot-headers.d.ts +40 -0
package/dist/types/providers/gitlab-duo.d.ts +27 -0
package/dist/types/providers/google-auth.d.ts +24 -0
package/dist/types/providers/google-gemini-cli.d.ts +81 -0
package/dist/types/providers/google-gemini-headers.d.ts +18 -0
package/dist/types/providers/google-shared.d.ts +171 -0
package/dist/types/providers/google-types.d.ts +138 -0
package/dist/types/providers/google-vertex.d.ts +7 -0
package/dist/types/providers/google.d.ts +4 -0
package/dist/types/providers/grammar.d.ts +1 -0
package/dist/types/providers/kimi.d.ts +27 -0
package/dist/types/providers/mock.d.ts +173 -0
package/dist/types/providers/ollama.d.ts +6 -0
package/dist/types/providers/openai-anthropic-shim.d.ts +31 -0
package/dist/types/providers/openai-chat-server-schema.d.ts +817 -0
package/dist/types/providers/openai-chat-server.d.ts +16 -0
package/dist/types/providers/openai-codex/constants.d.ts +26 -0
package/dist/types/providers/openai-codex/request-transformer.d.ts +49 -0
package/dist/types/providers/openai-codex/response-handler.d.ts +17 -0
package/dist/types/providers/openai-codex-responses.d.ts +67 -0
package/dist/types/providers/openai-completions-compat.d.ts +25 -0
package/dist/types/providers/openai-completions.d.ts +54 -0
package/dist/types/providers/openai-responses-server-schema.d.ts +392 -0
package/dist/types/providers/openai-responses-server.d.ts +17 -0
package/dist/types/providers/openai-responses-shared.d.ts +100 -0
package/dist/types/providers/openai-responses.d.ts +66 -0
package/dist/types/providers/register-builtins.d.ts +31 -0
package/dist/types/providers/synthetic.d.ts +26 -0
package/dist/{providers → types/providers}/transform-messages.d.ts +6 -2
package/dist/types/providers/vision-guard.d.ts +8 -0
package/dist/types/providers/xai-responses.d.ts +23 -0
package/dist/types/rate-limit-utils.d.ts +19 -0
package/dist/types/stream.d.ts +28 -0
package/dist/types/types.d.ts +801 -0
package/dist/types/usage/claude.d.ts +4 -0
package/dist/types/usage/gemini.d.ts +2 -0
package/dist/types/usage/github-copilot.d.ts +7 -0
package/dist/types/usage/google-antigravity.d.ts +2 -0
package/dist/types/usage/kimi.d.ts +2 -0
package/dist/types/usage/minimax-code.d.ts +2 -0
package/dist/types/usage/openai-codex.d.ts +3 -0
package/dist/types/usage/shared.d.ts +1 -0
package/dist/types/usage/zai.d.ts +2 -0
package/dist/types/usage.d.ts +260 -0
package/dist/types/utils/abort.d.ts +19 -0
package/dist/types/utils/abortable-iterator.d.ts +4 -0
package/dist/types/utils/anthropic-auth.d.ts +35 -0
package/dist/types/utils/discovery/antigravity.d.ts +61 -0
package/dist/types/utils/discovery/codex.d.ts +38 -0
package/dist/types/utils/discovery/cursor.d.ts +23 -0
package/dist/types/utils/discovery/gemini.d.ts +25 -0
package/dist/types/utils/discovery/index.d.ts +4 -0
package/dist/types/utils/discovery/openai-compatible.d.ts +72 -0
package/dist/types/utils/event-stream.d.ts +28 -0
package/dist/types/utils/fireworks-model-id.d.ts +10 -0
package/dist/types/utils/foundry.d.ts +1 -0
package/dist/types/utils/http-inspector.d.ts +31 -0
package/dist/types/utils/idle-iterator.d.ts +78 -0
package/dist/types/utils/json-parse.d.ts +37 -0
package/dist/types/utils/oauth/__tests__/xai-oauth.test.d.ts +1 -0
package/dist/types/utils/oauth/alibaba-coding-plan.d.ts +18 -0
package/dist/types/utils/oauth/anthropic.d.ts +22 -0
package/dist/types/utils/oauth/api-key-login.d.ts +35 -0
package/dist/types/utils/oauth/api-key-validation.d.ts +27 -0
package/dist/types/utils/oauth/callback-server.d.ts +57 -0
package/dist/types/utils/oauth/cerebras.d.ts +1 -0
package/dist/types/utils/oauth/cloudflare-ai-gateway.d.ts +18 -0
package/dist/types/utils/oauth/cursor.d.ts +15 -0
package/dist/types/utils/oauth/deepseek.d.ts +10 -0
package/dist/types/utils/oauth/firepass.d.ts +1 -0
package/dist/types/utils/oauth/fireworks.d.ts +1 -0
package/dist/types/utils/oauth/github-copilot.d.ts +38 -0
package/dist/types/utils/oauth/gitlab-duo.d.ts +3 -0
package/dist/types/utils/oauth/google-antigravity.d.ts +11 -0
package/dist/types/utils/oauth/google-gemini-cli.d.ts +10 -0
package/dist/types/utils/oauth/google-oauth-shared.d.ts +28 -0
package/dist/types/utils/oauth/huggingface.d.ts +19 -0
package/dist/types/utils/oauth/index.d.ts +38 -0
package/dist/types/utils/oauth/kagi.d.ts +17 -0
package/dist/types/utils/oauth/kilo.d.ts +5 -0
package/dist/types/utils/oauth/kimi.d.ts +21 -0
package/dist/types/utils/oauth/litellm.d.ts +18 -0
package/dist/types/utils/oauth/lm-studio.d.ts +17 -0
package/dist/types/utils/oauth/minimax-code.d.ts +28 -0
package/dist/types/utils/oauth/moonshot.d.ts +1 -0
package/dist/types/utils/oauth/nanogpt.d.ts +1 -0
package/dist/types/utils/oauth/nvidia.d.ts +18 -0
package/dist/types/utils/oauth/ollama-cloud.d.ts +2 -0
package/dist/types/utils/oauth/ollama.d.ts +18 -0
package/dist/types/utils/oauth/openai-codex.d.ts +21 -0
package/dist/types/utils/oauth/opencode.d.ts +18 -0
package/dist/types/utils/oauth/openrouter.d.ts +1 -0
package/dist/types/utils/oauth/parallel.d.ts +17 -0
package/dist/types/utils/oauth/perplexity.d.ts +9 -0
package/dist/{utils → types/utils}/oauth/pkce.d.ts +0 -5
package/dist/types/utils/oauth/qianfan.d.ts +17 -0
package/dist/types/utils/oauth/qwen-portal.d.ts +19 -0
package/dist/types/utils/oauth/synthetic.d.ts +1 -0
package/dist/types/utils/oauth/tavily.d.ts +17 -0
package/dist/types/utils/oauth/together.d.ts +1 -0
package/dist/types/utils/oauth/types.d.ts +44 -0
package/dist/types/utils/oauth/venice.d.ts +18 -0
package/dist/types/utils/oauth/vercel-ai-gateway.d.ts +18 -0
package/dist/types/utils/oauth/vllm.d.ts +16 -0
package/dist/types/utils/oauth/wafer.d.ts +2 -0
package/dist/types/utils/oauth/xai-oauth.d.ts +60 -0
package/dist/types/utils/oauth/xiaomi.d.ts +19 -0
package/dist/types/utils/oauth/zai.d.ts +18 -0
package/dist/types/utils/oauth/zenmux.d.ts +1 -0
package/dist/types/utils/oauth/zhipu.d.ts +18 -0
package/dist/{utils → types/utils}/overflow.d.ts +9 -11
package/dist/types/utils/parse-bind.d.ts +23 -0
package/dist/types/utils/provider-response.d.ts +3 -0
package/dist/types/utils/request-debug.d.ts +29 -0
package/dist/types/utils/retry-after.d.ts +3 -0
package/dist/types/utils/retry.d.ts +26 -0
package/dist/types/utils/schema/adapt.d.ts +24 -0
package/dist/types/utils/schema/compatibility.d.ts +30 -0
package/dist/types/utils/schema/dereference.d.ts +11 -0
package/dist/types/utils/schema/draft.d.ts +10 -0
package/dist/types/utils/schema/equality.d.ts +4 -0
package/dist/types/utils/schema/fields.d.ts +49 -0
package/dist/types/utils/schema/index.d.ts +13 -0
package/dist/types/utils/schema/json-schema-validator.d.ts +12 -0
package/dist/types/utils/schema/meta-validator.d.ts +2 -0
package/dist/types/utils/schema/normalize.d.ts +93 -0
package/dist/types/utils/schema/spill.d.ts +8 -0
package/dist/types/utils/schema/stamps.d.ts +25 -0
package/dist/types/utils/schema/types.d.ts +4 -0
package/dist/types/utils/schema/wire.d.ts +53 -0
package/dist/types/utils/schema/zod-decontaminate.d.ts +31 -0
package/dist/types/utils/sdk-stream-timeout.d.ts +33 -0
package/dist/types/utils/sse-debug.d.ts +10 -0
package/dist/types/utils/stream-markup-healing.d.ts +80 -0
package/dist/types/utils/tool-choice.d.ts +50 -0
package/dist/types/utils/validation.d.ts +17 -0
package/dist/types/utils.d.ts +28 -0
package/package.json +139 -105
package/src/api-registry.ts +96 -0
package/src/auth-broker/client.ts +358 -0
package/src/auth-broker/index.ts +5 -0
package/src/auth-broker/refresher.ts +117 -0
package/src/auth-broker/remote-store.ts +623 -0
package/src/auth-broker/server.ts +644 -0
package/src/auth-broker/types.ts +127 -0
package/src/auth-broker/wire-schemas.ts +200 -0
package/src/auth-gateway/http.ts +194 -0
package/src/auth-gateway/index.ts +3 -0
package/src/auth-gateway/server.ts +818 -0
package/src/auth-gateway/types.ts +143 -0
package/src/auth-storage.ts +4422 -0
package/src/index.ts +54 -0
package/src/model-cache.ts +129 -0
package/src/model-manager.ts +469 -0
package/src/model-thinking.ts +782 -0
package/src/models.json +83530 -0
package/src/models.json.d.ts +9 -0
package/src/models.ts +56 -0
package/src/prompts/turn-aborted-guidance.md +4 -0
package/src/provider-details.ts +90 -0
package/src/provider-models/bundled-references.ts +38 -0
package/src/provider-models/descriptors.ts +355 -0
package/src/provider-models/google.ts +88 -0
package/src/provider-models/index.ts +5 -0
package/src/provider-models/ollama.ts +153 -0
package/src/provider-models/openai-compat.ts +2817 -0
package/src/provider-models/special.ts +67 -0
package/src/providers/aery-native-client.ts +228 -0
package/src/providers/aery-native-server.ts +212 -0
package/src/providers/amazon-bedrock.ts +873 -0
package/src/providers/anthropic-client.ts +318 -0
package/src/providers/anthropic-messages-server-schema.ts +243 -0
package/src/providers/anthropic-messages-server.ts +683 -0
package/src/providers/anthropic-wire.ts +268 -0
package/src/providers/anthropic.ts +3094 -0
package/src/providers/aws-credentials.ts +501 -0
package/src/providers/aws-eventstream.ts +185 -0
package/src/providers/aws-sigv4.ts +218 -0
package/src/providers/azure-openai-responses.ts +361 -0
package/src/providers/cursor/gen/agent_pb.ts +15274 -0
package/src/providers/cursor/proto/agent.proto +3526 -0
package/src/providers/cursor/proto/buf.gen.yaml +6 -0
package/src/providers/cursor/proto/buf.yaml +17 -0
package/src/providers/cursor.ts +2621 -0
package/src/providers/error-message.ts +21 -0
package/src/providers/github-copilot-headers.ts +140 -0
package/src/providers/gitlab-duo.ts +372 -0
package/src/providers/google-auth.ts +252 -0
package/src/providers/google-gemini-cli.ts +809 -0
package/src/providers/google-gemini-headers.ts +41 -0
package/src/providers/google-shared.ts +917 -0
package/src/providers/google-types.ts +167 -0
package/src/providers/google-vertex.ts +91 -0
package/src/providers/google.ts +41 -0
package/src/providers/grammar.ts +70 -0
package/src/providers/kimi.ts +52 -0
package/src/providers/mock.ts +496 -0
package/src/providers/ollama.ts +644 -0
package/src/providers/openai-anthropic-shim.ts +138 -0
package/src/providers/openai-chat-server-schema.ts +252 -0
package/src/providers/openai-chat-server.ts +647 -0
package/src/providers/openai-codex/constants.ts +43 -0
package/src/providers/openai-codex/request-transformer.ts +161 -0
package/src/providers/openai-codex/response-handler.ts +81 -0
package/src/providers/openai-codex-responses.ts +3018 -0
package/src/providers/openai-completions-compat.ts +300 -0
package/src/providers/openai-completions.ts +1979 -0
package/src/providers/openai-responses-server-schema.ts +290 -0
package/src/providers/openai-responses-server.ts +1183 -0
package/src/providers/openai-responses-shared.ts +873 -0
package/src/providers/openai-responses.ts +679 -0
package/src/providers/register-builtins.ts +436 -0
package/src/providers/synthetic.ts +50 -0
package/src/providers/transform-messages.ts +382 -0
package/src/providers/vision-guard.ts +31 -0
package/src/providers/xai-responses.ts +82 -0
package/src/rate-limit-utils.ts +84 -0
package/src/stream.ts +1065 -0
package/src/types.ts +944 -0
package/src/usage/claude.ts +482 -0
package/src/usage/gemini.ts +250 -0
package/src/usage/github-copilot.ts +421 -0
package/src/usage/google-antigravity.ts +201 -0
package/src/usage/kimi.ts +271 -0
package/src/usage/minimax-code.ts +31 -0
package/src/usage/openai-codex.ts +503 -0
package/src/usage/shared.ts +10 -0
package/src/usage/zai.ts +247 -0
package/src/usage.ts +185 -0
package/src/utils/abort.ts +51 -0
package/src/utils/abortable-iterator.ts +69 -0
package/src/utils/anthropic-auth.ts +93 -0
package/src/utils/discovery/antigravity.ts +261 -0
package/src/utils/discovery/codex.ts +371 -0
package/src/utils/discovery/cursor.ts +306 -0
package/src/utils/discovery/gemini.ts +248 -0
package/src/utils/discovery/index.ts +4 -0
package/src/utils/discovery/openai-compatible.ts +224 -0
package/src/utils/event-stream.ts +142 -0
package/src/utils/fireworks-model-id.ts +30 -0
package/src/utils/foundry.ts +8 -0
package/src/utils/http-inspector.ts +176 -0
package/src/utils/idle-iterator.ts +267 -0
package/src/utils/json-parse.ts +182 -0
package/src/utils/oauth/__tests__/xai-oauth.test.ts +107 -0
package/src/utils/oauth/alibaba-coding-plan.ts +59 -0
package/src/utils/oauth/anthropic.ts +273 -0
package/src/utils/oauth/api-key-login.ts +87 -0
package/src/utils/oauth/api-key-validation.ts +92 -0
package/src/utils/oauth/callback-server.ts +276 -0
package/src/utils/oauth/cerebras.ts +16 -0
package/src/utils/oauth/cloudflare-ai-gateway.ts +48 -0
package/src/utils/oauth/cursor.ts +157 -0
package/src/utils/oauth/deepseek.ts +53 -0
package/src/utils/oauth/firepass.ts +24 -0
package/src/utils/oauth/fireworks.ts +15 -0
package/src/utils/oauth/github-copilot.ts +362 -0
package/src/utils/oauth/gitlab-duo.ts +123 -0
package/src/utils/oauth/google-antigravity.ts +200 -0
package/src/utils/oauth/google-gemini-cli.ts +256 -0
package/src/utils/oauth/google-oauth-shared.ts +110 -0
package/src/utils/oauth/huggingface.ts +62 -0
package/src/utils/oauth/index.ts +484 -0
package/src/utils/oauth/kagi.ts +47 -0
package/src/utils/oauth/kilo.ts +87 -0
package/src/utils/oauth/kimi.ts +254 -0
package/src/utils/oauth/litellm.ts +47 -0
package/src/utils/oauth/lm-studio.ts +38 -0
package/src/utils/oauth/minimax-code.ts +78 -0
package/src/utils/oauth/moonshot.ts +23 -0
package/src/utils/oauth/nanogpt.ts +15 -0
package/src/utils/oauth/nvidia.ts +70 -0
package/src/utils/oauth/oauth.html +203 -0
package/src/utils/oauth/ollama-cloud.ts +28 -0
package/src/utils/oauth/ollama.ts +47 -0
package/src/utils/oauth/openai-codex.ts +299 -0
package/src/utils/oauth/opencode.ts +49 -0
package/src/utils/oauth/openrouter.ts +20 -0
package/src/utils/oauth/parallel.ts +46 -0
package/src/utils/oauth/perplexity.ts +206 -0
package/src/utils/oauth/pkce.ts +18 -0
package/src/utils/oauth/qianfan.ts +58 -0
package/src/utils/oauth/qwen-portal.ts +60 -0
package/src/utils/oauth/synthetic.ts +15 -0
package/src/utils/oauth/tavily.ts +46 -0
package/src/utils/oauth/together.ts +16 -0
package/src/utils/oauth/types.ts +99 -0
package/src/utils/oauth/venice.ts +59 -0
package/src/utils/oauth/vercel-ai-gateway.ts +47 -0
package/src/utils/oauth/vllm.ts +40 -0
package/src/utils/oauth/wafer.ts +50 -0
package/src/utils/oauth/xai-oauth.ts +342 -0
package/src/utils/oauth/xiaomi.ts +139 -0
package/src/utils/oauth/zai.ts +60 -0
package/src/utils/oauth/zenmux.ts +15 -0
package/src/utils/oauth/zhipu.ts +60 -0
package/src/utils/overflow.ts +137 -0
package/src/utils/parse-bind.ts +54 -0
package/src/utils/provider-response.ts +30 -0
package/src/utils/request-debug.ts +336 -0
package/src/utils/retry-after.ts +110 -0
package/src/utils/retry.ts +54 -0
package/src/utils/schema/CONSTRAINTS.md +164 -0
package/src/utils/schema/adapt.ts +36 -0
package/src/utils/schema/compatibility.ts +435 -0
package/src/utils/schema/dereference.ts +98 -0
package/src/utils/schema/draft.ts +341 -0
package/src/utils/schema/equality.ts +97 -0
package/src/utils/schema/fields.ts +191 -0
package/src/utils/schema/index.ts +13 -0
package/src/utils/schema/json-schema-validator.ts +577 -0
package/src/utils/schema/meta-validator.ts +167 -0
package/src/utils/schema/normalize.ts +1588 -0
package/src/utils/schema/spill.ts +43 -0
package/src/utils/schema/stamps.ts +97 -0
package/src/utils/schema/types.ts +10 -0
package/src/utils/schema/wire.ts +293 -0
package/src/utils/schema/zod-decontaminate.ts +331 -0
package/src/utils/sdk-stream-timeout.ts +43 -0
package/src/utils/sse-debug.ts +289 -0
package/src/utils/stream-markup-healing.ts +612 -0
package/src/utils/tool-choice.ts +99 -0
package/src/utils/validation.ts +1024 -0
package/src/utils.ts +166 -0
package/dist/api-registry.d.ts +0 -20
package/dist/api-registry.d.ts.map +0 -1
package/dist/api-registry.js +0 -44
package/dist/api-registry.js.map +0 -1
package/dist/bedrock-provider.d.ts +0 -5
package/dist/bedrock-provider.d.ts.map +0 -1
package/dist/bedrock-provider.js +0 -6
package/dist/bedrock-provider.js.map +0 -1
package/dist/cli.d.ts +0 -3
package/dist/cli.d.ts.map +0 -1
package/dist/cli.js +0 -130
package/dist/cli.js.map +0 -1
package/dist/env-api-keys.d.ts +0 -18
package/dist/env-api-keys.d.ts.map +0 -1
package/dist/env-api-keys.js +0 -178
package/dist/env-api-keys.js.map +0 -1
package/dist/image-models.d.ts +0 -10
package/dist/image-models.d.ts.map +0 -1
package/dist/image-models.generated.d.ts +0 -440
package/dist/image-models.generated.d.ts.map +0 -1
package/dist/image-models.generated.js +0 -442
package/dist/image-models.generated.js.map +0 -1
package/dist/image-models.js +0 -23
package/dist/image-models.js.map +0 -1
package/dist/images-api-registry.d.ts +0 -14
package/dist/images-api-registry.d.ts.map +0 -1
package/dist/images-api-registry.js +0 -22
package/dist/images-api-registry.js.map +0 -1
package/dist/images.d.ts +0 -4
package/dist/images.d.ts.map +0 -1
package/dist/images.js +0 -14
package/dist/images.js.map +0 -1
package/dist/index.d.ts +0 -32
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -20
package/dist/index.js.map +0 -1
package/dist/models.d.ts +0 -18
package/dist/models.d.ts.map +0 -1
package/dist/models.generated.d.ts +0 -17480
package/dist/models.generated.d.ts.map +0 -1
package/dist/models.generated.js +0 -16339
package/dist/models.generated.js.map +0 -1
package/dist/models.js +0 -71
package/dist/models.js.map +0 -1
package/dist/oauth.d.ts +0 -2
package/dist/oauth.d.ts.map +0 -1
package/dist/oauth.js +0 -2
package/dist/oauth.js.map +0 -1
package/dist/providers/aery-error-formatting.d.ts +0 -13
package/dist/providers/aery-error-formatting.d.ts.map +0 -1
package/dist/providers/aery-error-formatting.js +0 -112
package/dist/providers/aery-error-formatting.js.map +0 -1
package/dist/providers/amazon-bedrock.d.ts +0 -38
package/dist/providers/amazon-bedrock.d.ts.map +0 -1
package/dist/providers/amazon-bedrock.js +0 -763
package/dist/providers/amazon-bedrock.js.map +0 -1
package/dist/providers/anthropic.d.ts +0 -71
package/dist/providers/anthropic.d.ts.map +0 -1
package/dist/providers/anthropic.js +0 -949
package/dist/providers/anthropic.js.map +0 -1
package/dist/providers/azure-openai-responses.d.ts +0 -15
package/dist/providers/azure-openai-responses.d.ts.map +0 -1
package/dist/providers/azure-openai-responses.js +0 -225
package/dist/providers/azure-openai-responses.js.map +0 -1
package/dist/providers/cloudflare.d.ts +0 -13
package/dist/providers/cloudflare.d.ts.map +0 -1
package/dist/providers/cloudflare.js +0 -26
package/dist/providers/cloudflare.js.map +0 -1
package/dist/providers/faux.d.ts +0 -56
package/dist/providers/faux.d.ts.map +0 -1
package/dist/providers/faux.js +0 -368
package/dist/providers/faux.js.map +0 -1
package/dist/providers/github-copilot-headers.d.ts +0 -8
package/dist/providers/github-copilot-headers.d.ts.map +0 -1
package/dist/providers/github-copilot-headers.js +0 -29
package/dist/providers/github-copilot-headers.js.map +0 -1
package/dist/providers/google-gemini-cli.d.ts +0 -74
package/dist/providers/google-gemini-cli.d.ts.map +0 -1
package/dist/providers/google-gemini-cli.js +0 -779
package/dist/providers/google-gemini-cli.js.map +0 -1
package/dist/providers/google-shared.d.ts +0 -70
package/dist/providers/google-shared.d.ts.map +0 -1
package/dist/providers/google-shared.js +0 -329
package/dist/providers/google-shared.js.map +0 -1
package/dist/providers/google-vertex.d.ts +0 -15
package/dist/providers/google-vertex.d.ts.map +0 -1
package/dist/providers/google-vertex.js +0 -442
package/dist/providers/google-vertex.js.map +0 -1
package/dist/providers/google.d.ts +0 -13
package/dist/providers/google.d.ts.map +0 -1
package/dist/providers/google.js +0 -400
package/dist/providers/google.js.map +0 -1
package/dist/providers/images/openrouter.d.ts +0 -3
package/dist/providers/images/openrouter.d.ts.map +0 -1
package/dist/providers/images/openrouter.js +0 -129
package/dist/providers/images/openrouter.js.map +0 -1
package/dist/providers/images/register-builtins.d.ts +0 -4
package/dist/providers/images/register-builtins.d.ts.map +0 -1
package/dist/providers/images/register-builtins.js +0 -34
package/dist/providers/images/register-builtins.js.map +0 -1
package/dist/providers/mistral.d.ts +0 -25
package/dist/providers/mistral.d.ts.map +0 -1
package/dist/providers/mistral.js +0 -535
package/dist/providers/mistral.js.map +0 -1
package/dist/providers/openai-codex-responses.d.ts +0 -30
package/dist/providers/openai-codex-responses.d.ts.map +0 -1
package/dist/providers/openai-codex-responses.js +0 -1090
package/dist/providers/openai-codex-responses.js.map +0 -1
package/dist/providers/openai-completions.d.ts +0 -19
package/dist/providers/openai-completions.d.ts.map +0 -1
package/dist/providers/openai-completions.js +0 -950
package/dist/providers/openai-completions.js.map +0 -1
package/dist/providers/openai-prompt-cache.d.ts +0 -3
package/dist/providers/openai-prompt-cache.d.ts.map +0 -1
package/dist/providers/openai-prompt-cache.js +0 -10
package/dist/providers/openai-prompt-cache.js.map +0 -1
package/dist/providers/openai-responses-shared.d.ts +0 -18
package/dist/providers/openai-responses-shared.d.ts.map +0 -1
package/dist/providers/openai-responses-shared.js +0 -492
package/dist/providers/openai-responses-shared.js.map +0 -1
package/dist/providers/openai-responses.d.ts +0 -13
package/dist/providers/openai-responses.d.ts.map +0 -1
package/dist/providers/openai-responses.js +0 -237
package/dist/providers/openai-responses.js.map +0 -1
package/dist/providers/register-builtins.d.ts +0 -38
package/dist/providers/register-builtins.d.ts.map +0 -1
package/dist/providers/register-builtins.js +0 -278
package/dist/providers/register-builtins.js.map +0 -1
package/dist/providers/simple-options.d.ts +0 -8
package/dist/providers/simple-options.d.ts.map +0 -1
package/dist/providers/simple-options.js +0 -41
package/dist/providers/simple-options.js.map +0 -1
package/dist/providers/transform-messages.d.ts.map +0 -1
package/dist/providers/transform-messages.js +0 -184
package/dist/providers/transform-messages.js.map +0 -1
package/dist/session-resources.d.ts +0 -4
package/dist/session-resources.d.ts.map +0 -1
package/dist/session-resources.js +0 -22
package/dist/session-resources.js.map +0 -1
package/dist/stream.d.ts +0 -8
package/dist/stream.d.ts.map +0 -1
package/dist/stream.js +0 -27
package/dist/stream.js.map +0 -1
package/dist/types.d.ts +0 -498
package/dist/types.d.ts.map +0 -1
package/dist/types.js +0 -2
package/dist/types.js.map +0 -1
package/dist/utils/diagnostics.d.ts +0 -19
package/dist/utils/diagnostics.d.ts.map +0 -1
package/dist/utils/diagnostics.js +0 -25
package/dist/utils/diagnostics.js.map +0 -1
package/dist/utils/event-stream.d.ts +0 -21
package/dist/utils/event-stream.d.ts.map +0 -1
package/dist/utils/event-stream.js +0 -81
package/dist/utils/event-stream.js.map +0 -1
package/dist/utils/hash.d.ts +0 -3
package/dist/utils/hash.d.ts.map +0 -1
package/dist/utils/hash.js +0 -14
package/dist/utils/hash.js.map +0 -1
package/dist/utils/headers.d.ts +0 -2
package/dist/utils/headers.d.ts.map +0 -1
package/dist/utils/headers.js +0 -8
package/dist/utils/headers.js.map +0 -1
package/dist/utils/json-parse.d.ts +0 -16
package/dist/utils/json-parse.d.ts.map +0 -1
package/dist/utils/json-parse.js +0 -113
package/dist/utils/json-parse.js.map +0 -1
package/dist/utils/node-http-proxy.d.ts +0 -10
package/dist/utils/node-http-proxy.d.ts.map +0 -1
package/dist/utils/node-http-proxy.js +0 -97
package/dist/utils/node-http-proxy.js.map +0 -1
package/dist/utils/oauth/anthropic.d.ts +0 -25
package/dist/utils/oauth/anthropic.d.ts.map +0 -1
package/dist/utils/oauth/anthropic.js +0 -335
package/dist/utils/oauth/anthropic.js.map +0 -1
package/dist/utils/oauth/device-code.d.ts +0 -19
package/dist/utils/oauth/device-code.d.ts.map +0 -1
package/dist/utils/oauth/device-code.js +0 -55
package/dist/utils/oauth/device-code.js.map +0 -1
package/dist/utils/oauth/github-copilot.d.ts +0 -30
package/dist/utils/oauth/github-copilot.d.ts.map +0 -1
package/dist/utils/oauth/github-copilot.js +0 -268
package/dist/utils/oauth/github-copilot.js.map +0 -1
package/dist/utils/oauth/google-antigravity.d.ts +0 -26
package/dist/utils/oauth/google-antigravity.d.ts.map +0 -1
package/dist/utils/oauth/google-antigravity.js +0 -377
package/dist/utils/oauth/google-antigravity.js.map +0 -1
package/dist/utils/oauth/google-gemini-cli.d.ts +0 -26
package/dist/utils/oauth/google-gemini-cli.d.ts.map +0 -1
package/dist/utils/oauth/google-gemini-cli.js +0 -482
package/dist/utils/oauth/google-gemini-cli.js.map +0 -1
package/dist/utils/oauth/index.d.ts +0 -63
package/dist/utils/oauth/index.d.ts.map +0 -1
package/dist/utils/oauth/index.js +0 -131
package/dist/utils/oauth/index.js.map +0 -1
package/dist/utils/oauth/oauth-page.d.ts +0 -3
package/dist/utils/oauth/oauth-page.d.ts.map +0 -1
package/dist/utils/oauth/oauth-page.js +0 -105
package/dist/utils/oauth/oauth-page.js.map +0 -1
package/dist/utils/oauth/openai-codex.d.ts +0 -34
package/dist/utils/oauth/openai-codex.d.ts.map +0 -1
package/dist/utils/oauth/openai-codex.js +0 -385
package/dist/utils/oauth/openai-codex.js.map +0 -1
package/dist/utils/oauth/pkce.d.ts.map +0 -1
package/dist/utils/oauth/pkce.js +0 -31
package/dist/utils/oauth/pkce.js.map +0 -1
package/dist/utils/oauth/types.d.ts +0 -64
package/dist/utils/oauth/types.d.ts.map +0 -1
package/dist/utils/oauth/types.js +0 -2
package/dist/utils/oauth/types.js.map +0 -1
package/dist/utils/overflow.d.ts.map +0 -1
package/dist/utils/overflow.js +0 -151
package/dist/utils/overflow.js.map +0 -1
package/dist/utils/sanitize-unicode.d.ts +0 -22
package/dist/utils/sanitize-unicode.d.ts.map +0 -1
package/dist/utils/sanitize-unicode.js +0 -26
package/dist/utils/sanitize-unicode.js.map +0 -1
package/dist/utils/typebox-helpers.d.ts +0 -17
package/dist/utils/typebox-helpers.d.ts.map +0 -1
package/dist/utils/typebox-helpers.js +0 -21
package/dist/utils/typebox-helpers.js.map +0 -1
package/dist/utils/validation.d.ts +0 -18
package/dist/utils/validation.d.ts.map +0 -1
package/dist/utils/validation.js +0 -281
package/dist/utils/validation.js.map +0 -1

package/dist/types/auth-broker/wire-schemas.d.ts ADDED Viewed

@@ -0,0 +1,412 @@
+/**
+ * Zod schemas for the auth-broker wire protocol.
+ *
+ * Shared between the server (validates inbound request bodies) and the client
+ * (validates responses from the broker). Schemas mirror the TypeScript types
+ * in `./types.ts` 1:1; the types remain the source of truth for static typing,
+ * and `z.infer<typeof Schema>` is asserted-compatible with them where possible.
+ *
+ * Schemas use `.strict()` on objects with a closed set of fields so unknown
+ * keys are rejected — the previous implementation used a hand-rolled
+ * `hasOnlyFields` allowlist for the same effect.
+ */
+import * as z from "zod/v4";
+/** Real OAuth credential (broker-side) — refresh token is the actual upstream value. */
+export declare const oauthCredentialSchema: z.ZodObject<{
+    type: z.ZodLiteral<"oauth">;
+    refresh: z.ZodString;
+    access: z.ZodString;
+    expires: z.ZodNumber;
+    enterpriseUrl: z.ZodOptional<z.ZodString>;
+    projectId: z.ZodOptional<z.ZodString>;
+    email: z.ZodOptional<z.ZodString>;
+    accountId: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+/** OAuth credential as it appears in broker snapshots — refresh replaced with sentinel. */
+export declare const remoteOauthCredentialSchema: z.ZodObject<{
+    type: z.ZodLiteral<"oauth">;
+    access: z.ZodString;
+    expires: z.ZodNumber;
+    enterpriseUrl: z.ZodOptional<z.ZodString>;
+    projectId: z.ZodOptional<z.ZodString>;
+    email: z.ZodOptional<z.ZodString>;
+    accountId: z.ZodOptional<z.ZodString>;
+    refresh: z.ZodLiteral<"__remote__">;
+}, z.core.$strict>;
+export declare const apiKeyCredentialSchema: z.ZodObject<{
+    type: z.ZodLiteral<"api_key">;
+    key: z.ZodString;
+}, z.core.$strict>;
+/** Discriminated union accepted on POST /v1/credential (writes). */
+export declare const writableAuthCredentialSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
+    type: z.ZodLiteral<"oauth">;
+    refresh: z.ZodString;
+    access: z.ZodString;
+    expires: z.ZodNumber;
+    enterpriseUrl: z.ZodOptional<z.ZodString>;
+    projectId: z.ZodOptional<z.ZodString>;
+    email: z.ZodOptional<z.ZodString>;
+    accountId: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>, z.ZodObject<{
+    type: z.ZodLiteral<"api_key">;
+    key: z.ZodString;
+}, z.core.$strict>], "type">;
+/** Discriminated union returned in snapshots (refresh is sentinel for OAuth). */
+export declare const snapshotCredentialSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
+    type: z.ZodLiteral<"oauth">;
+    access: z.ZodString;
+    expires: z.ZodNumber;
+    enterpriseUrl: z.ZodOptional<z.ZodString>;
+    projectId: z.ZodOptional<z.ZodString>;
+    email: z.ZodOptional<z.ZodString>;
+    accountId: z.ZodOptional<z.ZodString>;
+    refresh: z.ZodLiteral<"__remote__">;
+}, z.core.$strict>, z.ZodObject<{
+    type: z.ZodLiteral<"api_key">;
+    key: z.ZodString;
+}, z.core.$strict>], "type">;
+export declare const credentialSnapshotEntrySchema: z.ZodObject<{
+    id: z.ZodNumber;
+    provider: z.ZodString;
+    credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+        type: z.ZodLiteral<"oauth">;
+        access: z.ZodString;
+        expires: z.ZodNumber;
+        enterpriseUrl: z.ZodOptional<z.ZodString>;
+        projectId: z.ZodOptional<z.ZodString>;
+        email: z.ZodOptional<z.ZodString>;
+        accountId: z.ZodOptional<z.ZodString>;
+        refresh: z.ZodLiteral<"__remote__">;
+    }, z.core.$strict>, z.ZodObject<{
+        type: z.ZodLiteral<"api_key">;
+        key: z.ZodString;
+    }, z.core.$strict>], "type">;
+    identityKey: z.ZodNullable<z.ZodString>;
+}, z.core.$strict>;
+export declare const snapshotEntrySchema: z.ZodObject<{
+    id: z.ZodNumber;
+    provider: z.ZodString;
+    credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+        type: z.ZodLiteral<"oauth">;
+        access: z.ZodString;
+        expires: z.ZodNumber;
+        enterpriseUrl: z.ZodOptional<z.ZodString>;
+        projectId: z.ZodOptional<z.ZodString>;
+        email: z.ZodOptional<z.ZodString>;
+        accountId: z.ZodOptional<z.ZodString>;
+        refresh: z.ZodLiteral<"__remote__">;
+    }, z.core.$strict>, z.ZodObject<{
+        type: z.ZodLiteral<"api_key">;
+        key: z.ZodString;
+    }, z.core.$strict>], "type">;
+    identityKey: z.ZodNullable<z.ZodString>;
+    rotatesInMs: z.ZodNullable<z.ZodNumber>;
+}, z.core.$strict>;
+export declare const refresherScheduleSchema: z.ZodObject<{
+    enabled: z.ZodBoolean;
+    intervalMs: z.ZodNumber;
+    skewMs: z.ZodNumber;
+    nextSweepInMs: z.ZodNumber;
+}, z.core.$strict>;
+export declare const snapshotResponseSchema: z.ZodObject<{
+    generation: z.ZodNumber;
+    generatedAt: z.ZodNumber;
+    serverNowMs: z.ZodNumber;
+    refresher: z.ZodObject<{
+        enabled: z.ZodBoolean;
+        intervalMs: z.ZodNumber;
+        skewMs: z.ZodNumber;
+        nextSweepInMs: z.ZodNumber;
+    }, z.core.$strict>;
+    credentials: z.ZodArray<z.ZodObject<{
+        id: z.ZodNumber;
+        provider: z.ZodString;
+        credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+            type: z.ZodLiteral<"oauth">;
+            access: z.ZodString;
+            expires: z.ZodNumber;
+            enterpriseUrl: z.ZodOptional<z.ZodString>;
+            projectId: z.ZodOptional<z.ZodString>;
+            email: z.ZodOptional<z.ZodString>;
+            accountId: z.ZodOptional<z.ZodString>;
+            refresh: z.ZodLiteral<"__remote__">;
+        }, z.core.$strict>, z.ZodObject<{
+            type: z.ZodLiteral<"api_key">;
+            key: z.ZodString;
+        }, z.core.$strict>], "type">;
+        identityKey: z.ZodNullable<z.ZodString>;
+        rotatesInMs: z.ZodNullable<z.ZodNumber>;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+/** First frame on connect — full snapshot embedded inline with a `kind` tag. */
+export declare const snapshotStreamSnapshotEventSchema: z.ZodObject<{
+    generation: z.ZodNumber;
+    generatedAt: z.ZodNumber;
+    serverNowMs: z.ZodNumber;
+    refresher: z.ZodObject<{
+        enabled: z.ZodBoolean;
+        intervalMs: z.ZodNumber;
+        skewMs: z.ZodNumber;
+        nextSweepInMs: z.ZodNumber;
+    }, z.core.$strict>;
+    credentials: z.ZodArray<z.ZodObject<{
+        id: z.ZodNumber;
+        provider: z.ZodString;
+        credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+            type: z.ZodLiteral<"oauth">;
+            access: z.ZodString;
+            expires: z.ZodNumber;
+            enterpriseUrl: z.ZodOptional<z.ZodString>;
+            projectId: z.ZodOptional<z.ZodString>;
+            email: z.ZodOptional<z.ZodString>;
+            accountId: z.ZodOptional<z.ZodString>;
+            refresh: z.ZodLiteral<"__remote__">;
+        }, z.core.$strict>, z.ZodObject<{
+            type: z.ZodLiteral<"api_key">;
+            key: z.ZodString;
+        }, z.core.$strict>], "type">;
+        identityKey: z.ZodNullable<z.ZodString>;
+        rotatesInMs: z.ZodNullable<z.ZodNumber>;
+    }, z.core.$strict>>;
+    kind: z.ZodLiteral<"snapshot">;
+}, z.core.$strict>;
+/** Per-credential upsert/refresh delta. */
+export declare const snapshotStreamEntryEventSchema: z.ZodObject<{
+    kind: z.ZodLiteral<"entry">;
+    generation: z.ZodNumber;
+    serverNowMs: z.ZodNumber;
+    refresher: z.ZodObject<{
+        enabled: z.ZodBoolean;
+        intervalMs: z.ZodNumber;
+        skewMs: z.ZodNumber;
+        nextSweepInMs: z.ZodNumber;
+    }, z.core.$strict>;
+    entry: z.ZodObject<{
+        id: z.ZodNumber;
+        provider: z.ZodString;
+        credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+            type: z.ZodLiteral<"oauth">;
+            access: z.ZodString;
+            expires: z.ZodNumber;
+            enterpriseUrl: z.ZodOptional<z.ZodString>;
+            projectId: z.ZodOptional<z.ZodString>;
+            email: z.ZodOptional<z.ZodString>;
+            accountId: z.ZodOptional<z.ZodString>;
+            refresh: z.ZodLiteral<"__remote__">;
+        }, z.core.$strict>, z.ZodObject<{
+            type: z.ZodLiteral<"api_key">;
+            key: z.ZodString;
+        }, z.core.$strict>], "type">;
+        identityKey: z.ZodNullable<z.ZodString>;
+        rotatesInMs: z.ZodNullable<z.ZodNumber>;
+    }, z.core.$strict>;
+}, z.core.$strict>;
+/** Per-credential delete delta. */
+export declare const snapshotStreamRemovedEventSchema: z.ZodObject<{
+    kind: z.ZodLiteral<"removed">;
+    generation: z.ZodNumber;
+    serverNowMs: z.ZodNumber;
+    refresher: z.ZodObject<{
+        enabled: z.ZodBoolean;
+        intervalMs: z.ZodNumber;
+        skewMs: z.ZodNumber;
+        nextSweepInMs: z.ZodNumber;
+    }, z.core.$strict>;
+    id: z.ZodNumber;
+}, z.core.$strict>;
+/** Discriminated union over every event frame the snapshot stream emits. */
+export declare const snapshotStreamEventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
+    generation: z.ZodNumber;
+    generatedAt: z.ZodNumber;
+    serverNowMs: z.ZodNumber;
+    refresher: z.ZodObject<{
+        enabled: z.ZodBoolean;
+        intervalMs: z.ZodNumber;
+        skewMs: z.ZodNumber;
+        nextSweepInMs: z.ZodNumber;
+    }, z.core.$strict>;
+    credentials: z.ZodArray<z.ZodObject<{
+        id: z.ZodNumber;
+        provider: z.ZodString;
+        credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+            type: z.ZodLiteral<"oauth">;
+            access: z.ZodString;
+            expires: z.ZodNumber;
+            enterpriseUrl: z.ZodOptional<z.ZodString>;
+            projectId: z.ZodOptional<z.ZodString>;
+            email: z.ZodOptional<z.ZodString>;
+            accountId: z.ZodOptional<z.ZodString>;
+            refresh: z.ZodLiteral<"__remote__">;
+        }, z.core.$strict>, z.ZodObject<{
+            type: z.ZodLiteral<"api_key">;
+            key: z.ZodString;
+        }, z.core.$strict>], "type">;
+        identityKey: z.ZodNullable<z.ZodString>;
+        rotatesInMs: z.ZodNullable<z.ZodNumber>;
+    }, z.core.$strict>>;
+    kind: z.ZodLiteral<"snapshot">;
+}, z.core.$strict>, z.ZodObject<{
+    kind: z.ZodLiteral<"entry">;
+    generation: z.ZodNumber;
+    serverNowMs: z.ZodNumber;
+    refresher: z.ZodObject<{
+        enabled: z.ZodBoolean;
+        intervalMs: z.ZodNumber;
+        skewMs: z.ZodNumber;
+        nextSweepInMs: z.ZodNumber;
+    }, z.core.$strict>;
+    entry: z.ZodObject<{
+        id: z.ZodNumber;
+        provider: z.ZodString;
+        credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+            type: z.ZodLiteral<"oauth">;
+            access: z.ZodString;
+            expires: z.ZodNumber;
+            enterpriseUrl: z.ZodOptional<z.ZodString>;
+            projectId: z.ZodOptional<z.ZodString>;
+            email: z.ZodOptional<z.ZodString>;
+            accountId: z.ZodOptional<z.ZodString>;
+            refresh: z.ZodLiteral<"__remote__">;
+        }, z.core.$strict>, z.ZodObject<{
+            type: z.ZodLiteral<"api_key">;
+            key: z.ZodString;
+        }, z.core.$strict>], "type">;
+        identityKey: z.ZodNullable<z.ZodString>;
+        rotatesInMs: z.ZodNullable<z.ZodNumber>;
+    }, z.core.$strict>;
+}, z.core.$strict>, z.ZodObject<{
+    kind: z.ZodLiteral<"removed">;
+    generation: z.ZodNumber;
+    serverNowMs: z.ZodNumber;
+    refresher: z.ZodObject<{
+        enabled: z.ZodBoolean;
+        intervalMs: z.ZodNumber;
+        skewMs: z.ZodNumber;
+        nextSweepInMs: z.ZodNumber;
+    }, z.core.$strict>;
+    id: z.ZodNumber;
+}, z.core.$strict>], "kind">;
+export declare const healthzResponseSchema: z.ZodObject<{
+    ok: z.ZodBoolean;
+    version: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+/**
+ * Broker `/v1/usage` response. Reports are full {@link UsageReport}s minus the
+ * heavy provider-specific `raw` field (the server strips it before send) — we
+ * keep `raw` optional in the underlying schema so a misconfigured broker that
+ * forgot to strip still validates.
+ */
+export declare const usageResponseSchema: z.ZodObject<{
+    generatedAt: z.ZodNumber;
+    reports: z.ZodArray<z.ZodObject<{
+        provider: z.ZodString;
+        fetchedAt: z.ZodNumber;
+        limits: z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            label: z.ZodString;
+            scope: z.ZodObject<{
+                provider: z.ZodString;
+                accountId: z.ZodOptional<z.ZodString>;
+                projectId: z.ZodOptional<z.ZodString>;
+                orgId: z.ZodOptional<z.ZodString>;
+                modelId: z.ZodOptional<z.ZodString>;
+                tier: z.ZodOptional<z.ZodString>;
+                windowId: z.ZodOptional<z.ZodString>;
+                shared: z.ZodOptional<z.ZodBoolean>;
+            }, z.core.$strip>;
+            window: z.ZodOptional<z.ZodObject<{
+                id: z.ZodString;
+                label: z.ZodString;
+                durationMs: z.ZodOptional<z.ZodNumber>;
+                resetsAt: z.ZodOptional<z.ZodNumber>;
+            }, z.core.$strip>>;
+            amount: z.ZodObject<{
+                used: z.ZodOptional<z.ZodNumber>;
+                limit: z.ZodOptional<z.ZodNumber>;
+                remaining: z.ZodOptional<z.ZodNumber>;
+                usedFraction: z.ZodOptional<z.ZodNumber>;
+                remainingFraction: z.ZodOptional<z.ZodNumber>;
+                unit: z.ZodEnum<{
+                    bytes: "bytes";
+                    minutes: "minutes";
+                    percent: "percent";
+                    requests: "requests";
+                    tokens: "tokens";
+                    unknown: "unknown";
+                    usd: "usd";
+                }>;
+            }, z.core.$strip>;
+            status: z.ZodOptional<z.ZodEnum<{
+                exhausted: "exhausted";
+                ok: "ok";
+                unknown: "unknown";
+                warning: "warning";
+            }>>;
+            notes: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        }, z.core.$strip>>;
+        metadata: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
+        raw: z.ZodOptional<z.ZodUnknown>;
+    }, z.core.$strip>>;
+}, z.core.$strict>;
+export declare const credentialRefreshResponseSchema: z.ZodObject<{
+    entry: z.ZodObject<{
+        id: z.ZodNumber;
+        provider: z.ZodString;
+        credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+            type: z.ZodLiteral<"oauth">;
+            access: z.ZodString;
+            expires: z.ZodNumber;
+            enterpriseUrl: z.ZodOptional<z.ZodString>;
+            projectId: z.ZodOptional<z.ZodString>;
+            email: z.ZodOptional<z.ZodString>;
+            accountId: z.ZodOptional<z.ZodString>;
+            refresh: z.ZodLiteral<"__remote__">;
+        }, z.core.$strict>, z.ZodObject<{
+            type: z.ZodLiteral<"api_key">;
+            key: z.ZodString;
+        }, z.core.$strict>], "type">;
+        identityKey: z.ZodNullable<z.ZodString>;
+    }, z.core.$strict>;
+}, z.core.$strict>;
+export declare const credentialDisableRequestSchema: z.ZodObject<{
+    cause: z.ZodOptional<z.ZodString>;
+}, z.core.$strict>;
+export declare const credentialDisableResponseSchema: z.ZodObject<{
+    ok: z.ZodBoolean;
+}, z.core.$strict>;
+export declare const credentialUploadRequestSchema: z.ZodObject<{
+    provider: z.ZodString;
+    credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+        type: z.ZodLiteral<"oauth">;
+        refresh: z.ZodString;
+        access: z.ZodString;
+        expires: z.ZodNumber;
+        enterpriseUrl: z.ZodOptional<z.ZodString>;
+        projectId: z.ZodOptional<z.ZodString>;
+        email: z.ZodOptional<z.ZodString>;
+        accountId: z.ZodOptional<z.ZodString>;
+    }, z.core.$strict>, z.ZodObject<{
+        type: z.ZodLiteral<"api_key">;
+        key: z.ZodString;
+    }, z.core.$strict>], "type">;
+}, z.core.$strict>;
+export declare const credentialUploadResponseSchema: z.ZodObject<{
+    entries: z.ZodArray<z.ZodObject<{
+        id: z.ZodNumber;
+        provider: z.ZodString;
+        credential: z.ZodDiscriminatedUnion<[z.ZodObject<{
+            type: z.ZodLiteral<"oauth">;
+            access: z.ZodString;
+            expires: z.ZodNumber;
+            enterpriseUrl: z.ZodOptional<z.ZodString>;
+            projectId: z.ZodOptional<z.ZodString>;
+            email: z.ZodOptional<z.ZodString>;
+            accountId: z.ZodOptional<z.ZodString>;
+            refresh: z.ZodLiteral<"__remote__">;
+        }, z.core.$strict>, z.ZodObject<{
+            type: z.ZodLiteral<"api_key">;
+            key: z.ZodString;
+        }, z.core.$strict>], "type">;
+        identityKey: z.ZodNullable<z.ZodString>;
+    }, z.core.$strict>>;
+}, z.core.$strict>;

package/dist/types/auth-gateway/http.d.ts ADDED Viewed

@@ -0,0 +1,39 @@
+export declare function json(status: number, body: unknown): Response;
+export declare function resolvePeer(req: Request): string;
+/**
+ * Constant-time byte comparison. Falls back to a manual XOR accumulator if
+ * `node:crypto.timingSafeEqual` isn't available. Always processes every byte
+ * of the longer input so length itself doesn't leak via timing.
+ */
+export declare function timingSafeEqual(a: Uint8Array, b: Uint8Array): boolean;
+export declare function isAuthorized(req: Request, tokens: ReadonlySet<string>): boolean;
+/**
+ * Extract allow-listed passthrough headers from an inbound request. Keys are
+ * lowercased; empty values are dropped. Called once per request in
+ * `handleFormatEndpoint`; parsers then read `options.headers`.
+ */
+export declare function captureRequestHeaders(headers: Headers): Record<string, string>;
+/**
+ * Resolve a prompt-cache identity from inbound request body + headers.
+ * Order of precedence (first wins):
+ *   1. Body `prompt_cache_key`
+ *   2. Body `metadata.{prompt_cache_key,session_id,conversation_id}`
+ *   3. Header `x-prompt-cache-key`
+ *   4. Header `session_id` / `conversation_id` (Codex / ChatGPT-OAuth surface)
+ *   5. Header `x-session-id` / `x-conversation-id` (common informal)
+ * Returns undefined when none present; the gateway then derives a stable
+ * UUID from the request's stable parts.
+ */
+export declare function resolvePromptCacheKey(body: unknown, headers?: Headers): string | undefined;
+/**
+ * CORS headers for the auth-gateway. Currently echoes a wildcard origin; the
+ * request is accepted so future tightening can mirror `Origin` without
+ * threading the request through every caller.
+ */
+export declare function corsHeaders(_req: Request): Record<string, string>;
+/**
+ * Re-emit `response` with CORS headers merged. The original response body is
+ * passed through unchanged. Used by the gateway wrapper so every outbound
+ * format-endpoint response carries the same CORS surface as the preflight.
+ */
+export declare function withCors(response: Response, req: Request): Response;

package/dist/types/auth-gateway/index.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from "./http";
+export * from "./server";
+export * from "./types";

package/dist/types/auth-gateway/server.d.ts ADDED Viewed

@@ -0,0 +1,36 @@
+import type { AuthStorage } from "../auth-storage";
+import type { Api, Model } from "../types";
+import type { AuthGatewayServerHandle, AuthGatewayServerOptions } from "./types";
+export type ModelResolver = (modelId: string) => Model<Api> | undefined;
+export interface AuthGatewayBootOptions extends AuthGatewayServerOptions {
+    /** Source of credentials. Caller wires this to a broker-backed AuthStorage. */
+    storage: AuthStorage;
+    /**
+     * Resolve a client-requested model id to an aery-ai Model. Caller supplies
+     * this from a ModelRegistry (lives in `coding-agent` to avoid an inverse
+     * dependency in `aery-ai`).
+     */
+    resolveModel: ModelResolver;
+    /** Optional supplier for `/v1/models` listing. Returns the full model array. */
+    listModels?: () => Iterable<Model<Api>>;
+}
+/**
+ * Classify an upstream / gateway-internal error into a status code and a
+ * format-neutral type. The order is intentional:
+ *
+ *  1. Honour an explicit numeric `status` property on the thrown error.
+ *  2. Parse a status code embedded in the message string. Provider errors
+ *     virtually always carry one (`Google API error (400): …`, `HTTP 429`,
+ *     `status=503`) and the embedded value is authoritative.
+ *  3. Fall through to **word-boundaried** substring heuristics. The old
+ *     `lower.includes("rate")` test famously matched
+ *     `GenerateContentRequest`, surfacing every Google 400 as a 429
+ *     `rate_limit_error`. The patterns here all require boundaries so they
+ *     don't collide with provider field names.
+ */
+export declare function classifyGatewayError(err: unknown): {
+    status: number;
+    type: string;
+    message: string;
+};
+export declare function startAuthGateway(opts: AuthGatewayBootOptions): AuthGatewayServerHandle;

package/dist/types/auth-gateway/types.d.ts ADDED Viewed

@@ -0,0 +1,117 @@
+import type { Effort } from "../model-thinking";
+import type { AssistantMessage, AssistantMessageEventStream, CacheRetention, Context, ServiceTier, TokenTaskBudget } from "../types";
+/**
+ * Wire types for the aery auth-gateway.
+ *
+ * The gateway sits between unauthenticated clients (containerized aery,
+ * llm-git, …) and the broker. It accepts provider-format HTTP requests
+ * (OpenAI chat-completions / Anthropic messages / OpenAI Responses),
+ * dispatches them through aery-ai's `streamSimple()`, and translates the
+ * canonical event stream back to the matching wire format. The gateway
+ * injects `Authorization` server-side so clients never see access tokens.
+ */
+/** Default bind. Loopback-only — front with reverse proxy for remote access. */
+export declare const DEFAULT_AUTH_GATEWAY_BIND = "127.0.0.1:4000";
+export type AuthGatewayToolChoice = "auto" | "none" | "required" | {
+    name: string;
+};
+export interface AuthGatewayParsedRequestOptions {
+    maxOutputTokens?: number;
+    temperature?: number;
+    topP?: number;
+    topK?: number;
+    /** OpenAI nucleus-min sampling (`min_p`). */
+    minP?: number;
+    /** Anthropic `stop_sequences` / OpenAI `stop`. */
+    stopSequences?: string[];
+    /** OpenAI `presence_penalty`. */
+    presencePenalty?: number;
+    /** OpenAI `frequency_penalty`. */
+    frequencyPenalty?: number;
+    /** OpenRouter / vLLM `repetition_penalty`. */
+    repetitionPenalty?: number;
+    /** OpenAI deterministic-sampling `seed`. */
+    seed?: number;
+    /** OpenAI `logit_bias` map (token id → bias). */
+    logitBias?: Record<string, number>;
+    /** OpenAI `response_format` (text | json_object | json_schema). Opaque passthrough. */
+    responseFormat?: unknown;
+    toolChoice?: AuthGatewayToolChoice;
+    /** OpenAI `parallel_tool_calls`. */
+    parallelToolCalls?: boolean;
+    /** Effort-level reasoning request (OpenAI Responses / Chat `reasoning_effort`). */
+    reasoning?: Effort;
+    /** Force-disable reasoning (Anthropic `thinking: { type: "disabled" }`). */
+    disableReasoning?: boolean;
+    /**
+     * Explicit Anthropic `thinking.budget_tokens`. Mirrors Rust's
+     * `resolve_thinking_budget`: pins onto whichever effort the client
+     * requested (defaulting to High when unspecified). Preferred over the
+     * removed legacy single-number `thinkingBudget` for new code.
+     */
+    explicitThinkingBudgetTokens?: number;
+    /** Per-effort thinking budget map. */
+    thinkingBudgets?: Partial<Record<Effort, number>>;
+    /** Suppress the provider's reasoning summary stream. */
+    hideThinkingSummary?: boolean;
+    /** Anthropic `output_config.task_budget` advisory loop budget. */
+    taskBudget?: TokenTaskBudget;
+    /** OpenAI service tier (auto|default|flex|scale|priority). */
+    serviceTier?: ServiceTier;
+    /** Cache retention hint derived from inbound `cache_control` markers. */
+    cacheRetention?: CacheRetention;
+    /** OpenAI Responses `prompt_cache_key`; also seeds provider routing when no separate session id exists. */
+    promptCacheKey?: string;
+    /** OpenAI Responses `previous_response_id` for response chaining. */
+    previousResponseId?: string;
+    /** OpenAI / abuse-tracking `user` field. */
+    user?: string;
+    /**
+     * Provider-specific metadata. Anthropic uses `metadata.user_id`; OpenRouter
+     * carries routing hints; xAI uses `search_parameters`; OpenAI accepts a
+     * free-form bag. The gateway forwards as-is.
+     */
+    metadata?: Record<string, unknown>;
+    /**
+     * Captured allow-listed passthrough headers (anthropic-beta,
+     * anthropic-version, openai-organization, openai-project, openai-beta,
+     * x-stainless-*). Keys are lowercased.
+     */
+    headers?: Record<string, string>;
+    /**
+     * Escape hatch for provider-specific request controls that don't yet have a
+     * first-class field. Prefer adding a typed field over widening this.
+     */
+    extra?: Record<string, unknown>;
+}
+export interface AuthGatewayParsedRequest {
+    modelId: string;
+    context: Context;
+    stream: boolean;
+    options: AuthGatewayParsedRequestOptions;
+}
+export interface AuthGatewayFormatModule {
+    parseRequest(body: unknown, headers?: Headers): AuthGatewayParsedRequest;
+    encodeResponse(message: AssistantMessage, requestedModelId: string): Record<string, unknown>;
+    encodeStream(events: AssistantMessageEventStream, requestedModelId: string, options?: AuthGatewayParsedRequestOptions): ReadableStream<Uint8Array>;
+    /**
+     * Emit a protocol-specific error envelope. OpenAI returns
+     * `{ error: { message, type } }`; Anthropic returns
+     * `{ type: "error", error: { type, message } }`.
+     */
+    formatError(status: number, type: string, message: string): Response;
+}
+export interface AuthGatewayServerOptions {
+    /** Listen address. Default `127.0.0.1:4000`. */
+    bind?: string;
+    /** Accept any of these bearer tokens. Empty allows unauthenticated calls. */
+    bearerTokens: string[];
+    /** Version surfaced on `/healthz`. */
+    version?: string;
+}
+export interface AuthGatewayServerHandle {
+    url: string;
+    port: number;
+    hostname: string;
+    close(): Promise<void>;
+}