@auxiora/runtime 1.10.9 → 1.10.11

package/dist/tool-approval-gate.d.ts

@@ -0,0 +1,46 @@
+/**
+ * ToolApprovalGate — interactive approval gate for sensitive tool invocations.
+ *
+ * Tools listed in `requireApproval` are held pending until a human resolves
+ * them (approve / reject) or the timeout expires.
+ */
+export interface ToolApprovalGateConfig {
+    /** Tool names that require explicit approval before execution. */
+    requireApproval: string[];
+    /** Milliseconds before an unresolved request is auto-rejected. Default: 30 000. */
+    timeoutMs?: number;
+}
+export interface ApprovalCheckResult {
+    allowed: boolean;
+    reason?: string;
+}
+export interface PendingApproval {
+    id: string;
+    toolName: string;
+    args: unknown;
+    createdAt: number;
+}
+export declare class ToolApprovalGate {
+    private readonly requireApproval;
+    private readonly timeoutMs;
+    private readonly pending;
+    constructor(config: ToolApprovalGateConfig);
+    /**
+     * Check whether a tool call is allowed.
+     *
+     * If the tool is not in the approval list the returned promise resolves
+     * immediately with `{ allowed: true }`.  Otherwise a pending approval
+     * request is created and the promise resolves when `resolve()` is called
+     * or the timeout expires.
+     */
+    check(toolName: string, args: unknown): Promise<ApprovalCheckResult>;
+    /** Return a snapshot of all pending approval requests. */
+    getPending(): PendingApproval[];
+    /**
+     * Resolve a pending approval request.
+     *
+     * @returns The resolved request, or `undefined` if the id was not found.
+     */
+    resolve(id: string, approved: boolean, comment?: string): PendingApproval | undefined;
+}
+//# sourceMappingURL=tool-approval-gate.d.ts.map

package/dist/tool-approval-gate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-approval-gate.d.ts","sourceRoot":"","sources":["../src/tool-approval-gate.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,MAAM,WAAW,sBAAsB;IACrC,kEAAkE;IAClE,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,mFAAmF;IACnF,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;CACnB;AAgBD,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAc;IAC9C,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAmC;gBAE/C,MAAM,EAAE,sBAAsB;IAK1C;;;;;;;OAOG;IACG,KAAK,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAuB1E,0DAA0D;IAC1D,UAAU,IAAI,eAAe,EAAE;IAI/B;;;;OAIG;IACH,OAAO,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS;CAetF"}

package/dist/tool-approval-gate.js

@@ -0,0 +1,72 @@
+/**
+ * ToolApprovalGate — interactive approval gate for sensitive tool invocations.
+ *
+ * Tools listed in `requireApproval` are held pending until a human resolves
+ * them (approve / reject) or the timeout expires.
+ */
+import * as crypto from 'node:crypto';
+// ── Helpers ─────────────────────────────────────────────────────────
+function generateId() {
+    return 'apr_' + crypto.randomUUID().replace(/-/g, '').slice(0, 12);
+}
+// ── Gate ────────────────────────────────────────────────────────────
+export class ToolApprovalGate {
+    requireApproval;
+    timeoutMs;
+    pending = new Map();
+    constructor(config) {
+        this.requireApproval = new Set(config.requireApproval);
+        this.timeoutMs = config.timeoutMs ?? 30_000;
+    }
+    /**
+     * Check whether a tool call is allowed.
+     *
+     * If the tool is not in the approval list the returned promise resolves
+     * immediately with `{ allowed: true }`.  Otherwise a pending approval
+     * request is created and the promise resolves when `resolve()` is called
+     * or the timeout expires.
+     */
+    async check(toolName, args) {
+        if (!this.requireApproval.has(toolName)) {
+            return { allowed: true };
+        }
+        return new Promise((promiseResolve) => {
+            const id = generateId();
+            const request = {
+                id,
+                toolName,
+                args,
+                createdAt: Date.now(),
+            };
+            const timer = setTimeout(() => {
+                this.pending.delete(id);
+                promiseResolve({ allowed: false, reason: `Approval timeout after ${this.timeoutMs}ms` });
+            }, this.timeoutMs);
+            this.pending.set(id, { request, resolve: promiseResolve, timer });
+        });
+    }
+    /** Return a snapshot of all pending approval requests. */
+    getPending() {
+        return [...this.pending.values()].map((e) => e.request);
+    }
+    /**
+     * Resolve a pending approval request.
+     *
+     * @returns The resolved request, or `undefined` if the id was not found.
+     */
+    resolve(id, approved, comment) {
+        const entry = this.pending.get(id);
+        if (!entry)
+            return undefined;
+        clearTimeout(entry.timer);
+        this.pending.delete(id);
+        if (approved) {
+            entry.resolve({ allowed: true });
+        }
+        else {
+            entry.resolve({ allowed: false, reason: comment ?? 'Rejected' });
+        }
+        return entry.request;
+    }
+}
+//# sourceMappingURL=tool-approval-gate.js.map

package/dist/tool-approval-gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-approval-gate.js","sourceRoot":"","sources":["../src/tool-approval-gate.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AA6BtC,uEAAuE;AAEvE,SAAS,UAAU;IACjB,OAAO,MAAM,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACrE,CAAC;AAED,uEAAuE;AAEvE,MAAM,OAAO,gBAAgB;IACV,eAAe,CAAc;IAC7B,SAAS,CAAS;IAClB,OAAO,GAAG,IAAI,GAAG,EAAwB,CAAC;IAE3D,YAAY,MAA8B;QACxC,IAAI,CAAC,eAAe,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC;IAC9C,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,KAAK,CAAC,QAAgB,EAAE,IAAa;QACzC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,OAAO,CAAsB,CAAC,cAAc,EAAE,EAAE;YACzD,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;YACxB,MAAM,OAAO,GAAoB;gBAC/B,EAAE;gBACF,QAAQ;gBACR,IAAI;gBACJ,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC5B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACxB,cAAc,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,0BAA0B,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;YAC3F,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;YAEnB,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,KAAK,EAAE,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACL,CAAC;IAED,0DAA0D;IAC1D,UAAU;QACR,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAC1D,CAAC;IAED;;;;OAIG;IACH,OAAO,CAAC,EAAU,EAAE,QAAiB,EAAE,OAAgB;QACrD,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK;YAAE,OAAO,SAAS,CAAC;QAE7B,YAAY,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAExB,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACnC,CAAC;aAAM,CAAC;YACN,KAAK,CAAC,OAAO,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,IAAI,UAAU,EAAE,CAAC,CAAC;QACnE,CAAC;QAED,OAAO,KAAK,CAAC,OAAO,CAAC;IACvB,CAAC;CACF"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@auxiora/runtime",
-  "version": "1.10.9",
+  "version": "1.10.11",
   "description": "Runtime that connects all Auxiora components",
   "type": "module",
   "main": "dist/index.js",
@@ -13,89 +13,91 @@
   },
   "dependencies": {
     "express": "^5.1.0",
-    "@auxiora/agent-protocol": "1.10.9",
-    "@auxiora/a2a": "^1.10.9",
-    "@auxiora/ambient": "1.10.9",
-    "@auxiora/model-registry": "1.10.9",
-    "@auxiora/approval-queue": "^1.10.9",
-    "@auxiora/provider-openrouter": "1.10.9",
-    "@auxiora/audit": "1.10.9",
-    "@auxiora/autonomy": "1.10.9",
-    "@auxiora/backup": "^1.10.9",
-    "@auxiora/behaviors": "1.10.9",
-    "@auxiora/calendar-intelligence": "1.10.9",
-    "@auxiora/canvas": "^1.10.9",
-    "@auxiora/code-interpreter": "^1.10.9",
-    "@auxiora/provider-huggingface": "1.10.9",
-    "@auxiora/channels": "1.10.9",
-    "@auxiora/compose": "1.10.9",
-    "@auxiora/connector-github": "1.10.9",
-    "@auxiora/browser": "1.10.9",
-    "@auxiora/config": "1.10.9",
-    "@auxiora/connector-google-workspace": "1.10.9",
-    "@auxiora/connector-homeassistant": "1.10.9",
-    "@auxiora/connector-microsoft": "1.10.9",
-    "@auxiora/connector-notion": "1.10.9",
-    "@auxiora/connector-social": "1.10.9",
-    "@auxiora/connector-spotify": "1.10.9",
-    "@auxiora/connectors": "1.10.9",
-    "@auxiora/connector-obsidian": "1.10.9",
-    "@auxiora/consciousness": "1.10.9",
-    "@auxiora/contacts": "1.10.9",
-    "@auxiora/conversation": "1.10.9",
-    "@auxiora/conversation-branch": "^1.10.9",
-    "@auxiora/connector-linear": "1.10.9",
-    "@auxiora/core": "1.10.9",
-    "@auxiora/dashboard": "1.10.9",
-    "@auxiora/evaluation": "^1.10.9",
-    "@auxiora/connector-hue": "1.10.9",
-    "@auxiora/email-intelligence": "1.10.9",
-    "@auxiora/gateway": "1.10.9",
-    "@auxiora/guardrails": "1.10.9",
-    "@auxiora/introspection": "1.10.9",
-    "@auxiora/image-gen": "^1.10.9",
-    "@auxiora/job-queue": "^1.10.9",
-    "@auxiora/knowledge-graph": "^1.10.9",
-    "@auxiora/logger": "1.10.9",
-    "@auxiora/mcp": "1.10.9",
-    "@auxiora/intent": "1.10.9",
-    "@auxiora/media": "1.10.9",
-    "@auxiora/memory": "1.10.9",
-    "@auxiora/nl-automation": "^1.10.9",
-    "@auxiora/personality": "1.10.9",
-    "@auxiora/plugins": "1.10.9",
-    "@auxiora/os-bridge": "1.10.9",
-    "@auxiora/providers": "1.10.9",
-    "@auxiora/orchestrator": "1.10.9",
-    "@auxiora/notification-hub": "1.10.9",
-    "@auxiora/research": "1.10.9",
-    "@auxiora/react-loop": "^1.10.9",
-    "@auxiora/router": "1.10.9",
-    "@auxiora/sandbox": "^1.10.9",
-    "@auxiora/screen": "1.10.9",
-    "@auxiora/self-awareness": "1.10.9",
-    "@auxiora/sessions": "1.10.9",
-    "@auxiora/rag": "^1.10.9",
-    "@auxiora/social": "1.10.9",
-    "@auxiora/stt": "1.10.9",
-    "@auxiora/vault": "1.10.9",
-    "@auxiora/updater": "1.10.9",
-    "@auxiora/vector-store": "^1.10.9",
-    "@auxiora/tts": "1.10.9",
-    "@auxiora/tools": "1.10.9",
-    "@auxiora/voice": "1.10.9",
-    "@auxiora/workflows": "1.10.9",
-    "@auxiora/webhooks": "1.10.9"
+    "ws": "^8.18.0",
+    "@auxiora/agent-protocol": "1.10.11",
+    "@auxiora/ambient": "1.10.11",
+    "@auxiora/approval-queue": "1.10.11",
+    "@auxiora/audit": "1.10.11",
+    "@auxiora/model-registry": "1.10.11",
+    "@auxiora/provider-openrouter": "1.10.11",
+    "@auxiora/provider-huggingface": "1.10.11",
+    "@auxiora/backup": "1.10.11",
+    "@auxiora/autonomy": "1.10.11",
+    "@auxiora/behaviors": "1.10.11",
+    "@auxiora/browser": "1.10.11",
+    "@auxiora/calendar-intelligence": "1.10.11",
+    "@auxiora/canvas": "1.10.11",
+    "@auxiora/a2a": "1.10.11",
+    "@auxiora/config": "1.10.11",
+    "@auxiora/code-interpreter": "1.10.11",
+    "@auxiora/connector-github": "1.10.11",
+    "@auxiora/connector-google-workspace": "1.10.11",
+    "@auxiora/connector-homeassistant": "1.10.11",
+    "@auxiora/connector-linear": "1.10.11",
+    "@auxiora/compose": "1.10.11",
+    "@auxiora/connector-notion": "1.10.11",
+    "@auxiora/channels": "1.10.11",
+    "@auxiora/connector-hue": "1.10.11",
+    "@auxiora/connector-microsoft": "1.10.11",
+    "@auxiora/connector-social": "1.10.11",
+    "@auxiora/connector-spotify": "1.10.11",
+    "@auxiora/connector-obsidian": "1.10.11",
+    "@auxiora/consciousness": "1.10.11",
+    "@auxiora/connectors": "1.10.11",
+    "@auxiora/conversation": "1.10.11",
+    "@auxiora/conversation-branch": "1.10.11",
+    "@auxiora/contacts": "1.10.11",
+    "@auxiora/core": "1.10.11",
+    "@auxiora/dashboard": "1.10.11",
+    "@auxiora/email-intelligence": "1.10.11",
+    "@auxiora/evaluation": "1.10.11",
+    "@auxiora/gateway": "1.10.11",
+    "@auxiora/guardrails": "1.10.11",
+    "@auxiora/intent": "1.10.11",
+    "@auxiora/introspection": "1.10.11",
+    "@auxiora/image-gen": "1.10.11",
+    "@auxiora/knowledge-graph": "1.10.11",
+    "@auxiora/logger": "1.10.11",
+    "@auxiora/mcp": "1.10.11",
+    "@auxiora/media": "1.10.11",
+    "@auxiora/nl-automation": "1.10.11",
+    "@auxiora/job-queue": "1.10.11",
+    "@auxiora/memory": "1.10.11",
+    "@auxiora/orchestrator": "1.10.11",
+    "@auxiora/plugins": "1.10.11",
+    "@auxiora/personality": "1.10.11",
+    "@auxiora/providers": "1.10.11",
+    "@auxiora/rag": "1.10.11",
+    "@auxiora/react-loop": "1.10.11",
+    "@auxiora/research": "1.10.11",
+    "@auxiora/os-bridge": "1.10.11",
+    "@auxiora/notification-hub": "1.10.11",
+    "@auxiora/self-awareness": "1.10.11",
+    "@auxiora/router": "1.10.11",
+    "@auxiora/sessions": "1.10.11",
+    "@auxiora/screen": "1.10.11",
+    "@auxiora/sandbox": "1.10.11",
+    "@auxiora/social": "1.10.11",
+    "@auxiora/updater": "1.10.11",
+    "@auxiora/vector-store": "1.10.11",
+    "@auxiora/stt": "1.10.11",
+    "@auxiora/tts": "1.10.11",
+    "@auxiora/tools": "1.10.11",
+    "@auxiora/webhooks": "1.10.11",
+    "@auxiora/workflows": "1.10.11",
+    "@auxiora/voice": "1.10.11",
+    "@auxiora/vault": "1.10.11"
   },
   "devDependencies": {
     "@types/express": "^5.0.0",
+    "@types/ws": "^8.5.10",
     "@types/supertest": "^6.0.0",
     "supertest": "^7.1.0",
-    "@auxiora/event-bus": "1.10.9",
-    "@auxiora/overseer": "1.10.9",
-    "@auxiora/callgraph": "1.10.9",
-    "@auxiora/telemetry": "1.10.9",
-    "@auxiora/reasoning": "1.10.9"
+    "@auxiora/callgraph": "1.10.11",
+    "@auxiora/event-bus": "1.10.11",
+    "@auxiora/telemetry": "1.10.11",
+    "@auxiora/reasoning": "1.10.11",
+    "@auxiora/overseer": "1.10.11"
   },
   "engines": {
     "node": ">=22.0.0"