@botbotgo/agent-harness 0.0.268 → 0.0.270

package/README.md

@@ -147,6 +147,7 @@ The public API spans a full product runtime—persistent records, memory and evi
 - **Runtime memory and evidence:** `memorize`, `recall`, `listMemories`, memory policy hooks, `listArtifacts`, `getArtifact`, `exportEvaluationBundle`, `replayEvaluationBundle`, and request/session evidence export helpers.
 - **Protocol and transport surfaces:** `createAcpServer`, `createAcpStdioClient`, `serveAcpStdio`, `serveAcpHttp`, `serveA2aHttp`, `serveAgUiHttp`, and `createRuntimeMcpServer` / `serveRuntimeMcpOverStdio`.
 - **Governed workspace runtime:** YAML-owned routing, concurrency, maintenance, MCP policy, runtime governance bundles, and approval defaults for sensitive memory or write-like MCP side effects.
+- **Policy-shaped approvals:** governed tools can stay on manual review, auto-approve, or auto-reject / deny-and-continue modes while the runtime keeps one inspectable governance decision surface.
 
 If you integrate external clients, treat `deepagents-acp` as the primary protocol direction: clients connect through that surface while `agent-harness` keeps persistence, recovery, approvals, and operator control on the runtime side.
 Keep the standard stack split explicit: MCP connects agents to resources and tools, A2A bridges task exchange between agent platforms, ACP is the client-to-runtime boundary, AG-UI is the UI event surface, and runtime MCP exposes the operator control plane.
@@ -1059,12 +1060,12 @@ ACP transport notes:
 - `serveAcpHttp(runtime)` exposes JSON-RPC over HTTP plus SSE runtime events so remote operator surfaces can connect without importing the runtime in-process.
 - ACP transport validation now covers the reference-client core flow: capability discovery, request submit, session lookup, request lookup, invalid-JSON handling, notification calls without response ids, stdio JSON-RPC, and HTTP plus SSE runtime notifications.
 - For the thinnest editor or CLI starter, begin with `agent-harness acp serve --workspace . --transport stdio` and mirror the `examples/protocol-hello-world/app/acp-stdio-hello-world.mjs` wire shape. Applications that want an in-process reference client can use `createAcpStdioClient(...)` to issue JSON-RPC requests and route runtime notifications without hand-rolling line parsing.
-- `serveA2aHttp(runtime)` exposes an A2A-compatible HTTP JSON-RPC bridge plus agent card discovery, mapping both existing methods such as `message/send` and A2A v1.0 PascalCase methods such as `SendMessage`, `SendStreamingMessage`, `GetTask`, `ListTasks`, `CancelTask`, `SubscribeToTask`, `GetExtendedAgentCard`, and task push-notification config methods onto the existing session/request runtime surface. The bridge now advertises both `1.0` and `0.3` JSON-RPC interfaces, sets `capabilities.streaming = true` plus `capabilities.pushNotifications = true`, validates `A2A-Version`, records `A2A-Extensions` into runtime invocation metadata, publishes `TASK_STATE_*` statuses plus the `{ task }` `SendMessage` wrapper, streams an initial `{ task }` snapshot plus later `{ statusUpdate }` payloads over SSE for v1 streaming methods, and can send best-effort webhook task snapshots for configured push notification receivers.
+- `serveA2aHttp(runtime)` exposes an A2A-compatible HTTP JSON-RPC bridge plus agent card discovery, mapping both existing methods such as `message/send` and A2A v1.0 PascalCase methods such as `SendMessage`, `SendStreamingMessage`, `GetTask`, `ListTasks`, `CancelTask`, `SubscribeToTask`, `GetAgentCard`, `GetExtendedAgentCard`, and task push-notification config methods onto the existing session/request runtime surface. The bridge now advertises both `1.0` and `0.3` JSON-RPC interfaces, answers `HEAD` / `OPTIONS` discovery on the agent-card path, sets supported-version discovery headers, validates `A2A-Version`, records `A2A-Extensions` into runtime invocation metadata, publishes `TASK_STATE_*` statuses plus the `{ task }` `SendMessage` wrapper, streams an initial `{ task }` snapshot plus later `{ statusUpdate }` payloads over SSE for v1 streaming methods, and can send best-effort webhook task snapshots for configured push notification receivers.
 - `serveAgUiHttp(runtime)` exposes an AG-UI-compatible HTTP SSE bridge that projects runtime lifecycle, text output, upstream thinking, step progress, and tool calls onto `RUN_*`, `TEXT_MESSAGE_*`, `THINKING_TEXT_MESSAGE_*`, `STEP_*`, and `TOOL_CALL_*` events for UI clients.
 - `createRuntimeMcpServer(runtime)` and `serveRuntimeMcpOverStdio(runtime)` expose the persisted runtime control surface itself as MCP tools, including sessions, requests, approvals, artifacts, events, and package export helpers.
 - `listRequestEvents(...)`, `listRequestTraceItems(...)`, and `exportRequestPackage(...)` are the request-first inspection helpers.
 - `exportRequestPackage(...)` and `exportSessionPackage(...)` package stable runtime records, transcript, approvals, events, artifacts, and governance evidence for operator tooling without reaching into persistence internals.
-- `runtime/default.governance.remoteMcp` can now deny or allow specific MCP servers, raise approval requirements by transport, and stamp transport-based risk tiers into runtime governance bundles. MCP server catalogs can also declare trust tier, access mode, tenant scope, approval policy, prompt-injection risk, and OAuth scope metadata so governance bundles capture why one remote tool is treated as high-risk.
+- `runtime/default.governance.remoteMcp` can now deny or allow specific MCP servers, raise approval requirements by transport, and stamp transport-based risk tiers into runtime governance bundles. MCP server catalogs can also declare trust tier, access mode, tenant scope, approval policy, prompt-injection risk, and OAuth scope metadata so governance bundles capture why one remote tool is treated as high-risk. Tool policy overrides can also set `decisionMode: manual | auto-approve | auto-reject | deny-and-continue` so operator evidence and execution behavior stay aligned.
 - Protocol responsibilities stay split on purpose: ACP is the primary editor/client runtime boundary, A2A is the streaming-capable agent-platform bridge with polling compatibility, AG-UI is the UI event surface, and runtime MCP is the operator-facing control plane exported as MCP tools.
 - `runtime/default.observability.tracing` can now describe exporter metadata such as OTLP endpoints and propagation mode, so frozen runtime snapshots keep trace-correlation plus operator-visible export context without exposing backend-private span internals.
 - `agent-harness runtime overview`, `agent-harness runtime health`, `agent-harness runtime approvals list|watch`, `agent-harness runtime runs list|tail`, and `agent-harness runtime export request|session` provide a thin operator CLI over persisted runtime health, queue pressure, governance risk, approval queues, active run state, and audit-ready evidence packages.

package/README.zh.md

@@ -143,6 +143,7 @@ try {
 - **运行时 memory 与证据能力：** `memorize`、`recall`、`listMemories`、memory policy hooks、`listArtifacts`、`getArtifact`、`exportEvaluationBundle`、`replayEvaluationBundle`，以及 request / session 级证据导出辅助函数。
 - **协议与传输层：** `createAcpServer`、`createAcpStdioClient`、`serveAcpStdio`、`serveAcpHttp`、`serveA2aHttp`、`serveAgUiHttp`，以及 `createRuntimeMcpServer` / `serveRuntimeMcpOverStdio`。
 - **受治理的工作区运行时：** 由 YAML 持有的路由、并发、维护、MCP 策略、runtime governance bundles，以及针对敏感 memory 或写类 MCP 副作用的默认审批门槛。
+- **策略化审批：** 受治理工具现在既可以走人工审批，也可以走 `auto-approve`、`auto-reject` 或 `deny-and-continue`，同时继续保留统一可检查的治理决策面。
 
 若你的产品需要对接外部客户端，可从本节理解边界：`deepagents-acp` 是主要的外部协议接入方向；持久化、恢复、审批与运行控制仍由 `agent-harness` 在运行时侧承担。
 协议栈分工也要保持明确：MCP 连接资源和工具，A2A 承接 agent 平台之间的 task exchange，ACP 是 client-to-runtime 边界，AG-UI 是 UI 事件面，runtime MCP 则把 operator control plane 以 MCP tools 暴露出去。
@@ -1016,12 +1017,12 @@ ACP transport 说明：
 - `serveAcpHttp(runtime)` 提供基于 HTTP 的 JSON-RPC 与 SSE runtime events，适合远程界面或独立控制面接入。
 - ACP transport 现已覆盖核心参考客户端流程验证：capability discovery、request submit、session lookup、request lookup、invalid JSON 处理、无 id notification 不返回响应，以及 stdio JSON-RPC 与 HTTP + SSE runtime notifications。
 - 如果要从最薄的一层 editor / CLI starter 开始，优先用 `agent-harness acp serve --workspace . --transport stdio`，并直接参考 `examples/protocol-hello-world/app/acp-stdio-hello-world.mjs` 的 wire shape。需要在应用内使用 reference client 时，可直接用 `createAcpStdioClient(...)` 发起 JSON-RPC 请求并分流 runtime notifications，避免每个 sidecar 自己重写 line parsing。
-- `serveA2aHttp(runtime)` 提供 A2A HTTP JSON-RPC bridge 与 agent card discovery，同时兼容 `message/send` 这类旧方法，以及 `SendMessage`、`SendStreamingMessage`、`GetTask`、`ListTasks`、`CancelTask`、`SubscribeToTask`、`GetExtendedAgentCard` 与 task push-notification config 这类 A2A v1.0 方法，并统一映射到现有 session/request 运行记录。bridge 现在会同时声明 `1.0` 与 `0.3` 两个 JSON-RPC interface、把 `capabilities.streaming` 和 `capabilities.pushNotifications` 都设为 `true`、校验 `A2A-Version`、把 `A2A-Extensions` 记录进 runtime invocation metadata、发布 `TASK_STATE_*` 状态与 `SendMessage` 的 `{ task }` wrapper、在 v1 streaming 方法上先通过 SSE 输出 `{ task }` 初始快照，再输出 `{ statusUpdate }` 增量状态，并可向已配置的 webhook receiver 发送 best-effort task push notifications。
+- `serveA2aHttp(runtime)` 提供 A2A HTTP JSON-RPC bridge 与 agent card discovery，同时兼容 `message/send` 这类旧方法，以及 `SendMessage`、`SendStreamingMessage`、`GetTask`、`ListTasks`、`CancelTask`、`SubscribeToTask`、`GetAgentCard`、`GetExtendedAgentCard` 与 task push-notification config 这类 A2A v1.0 方法，并统一映射到现有 session/request 运行记录。bridge 现在会同时声明 `1.0` 与 `0.3` 两个 JSON-RPC interface、在 agent card 路径上响应 `HEAD` / `OPTIONS` discovery、写出支持版本的 discovery headers、校验 `A2A-Version`、把 `A2A-Extensions` 记录进 runtime invocation metadata、发布 `TASK_STATE_*` 状态与 `SendMessage` 的 `{ task }` wrapper、在 v1 streaming 方法上先通过 SSE 输出 `{ task }` 初始快照，再输出 `{ statusUpdate }` 增量状态，并可向已配置的 webhook receiver 发送 best-effort task push notifications。
 - `serveAgUiHttp(runtime)` 提供 AG-UI HTTP SSE bridge，把 runtime 生命周期、文本输出、upstream thinking、step 进度与 tool call 投影成 `RUN_*`、`TEXT_MESSAGE_*`、`THINKING_TEXT_MESSAGE_*`、`STEP_*` 与 `TOOL_CALL_*` 事件，便于 UI 客户端直接接入。
 - `createRuntimeMcpServer(runtime)` 与 `serveRuntimeMcpOverStdio(runtime)` 会把持久化 runtime 控制面本身暴露成 MCP tools，包括 sessions、requests、approvals、artifacts、events 与 package export helpers。
 - `listRequestEvents(...)`、`listRequestTraceItems(...)` 与 `exportRequestPackage(...)` 是 request-first 的检查 helper。
 - `exportRequestPackage(...)` 与 `exportSessionPackage(...)` 可把稳定 runtime 记录、transcript、approvals、events、artifacts 与 governance evidence 一起打包给管理工具，而不必直接访问 persistence 内部实现。
-- `runtime/default.governance.remoteMcp` 现在可以按 MCP server 或 transport 做 allow/deny、审批升级，并把 transport 风险等级写进 runtime governance bundles。MCP server catalog 也可以声明 trust tier、access mode、tenant scope、approval policy、prompt-injection risk 与 OAuth scope 元数据，让治理快照能解释为什么某个远端工具被视为高风险。
+- `runtime/default.governance.remoteMcp` 现在可以按 MCP server 或 transport 做 allow/deny、审批升级，并把 transport 风险等级写进 runtime governance bundles。MCP server catalog 也可以声明 trust tier、access mode、tenant scope、approval policy、prompt-injection risk 与 OAuth scope 元数据，让治理快照能解释为什么某个远端工具被视为高风险。tool policy override 也可以声明 `decisionMode: manual | auto-approve | auto-reject | deny-and-continue`，让治理快照与实际执行路径保持一致。
 - 协议分工要继续保持清晰：ACP 是 editor / client 的主运行时边界，A2A 是支持 streaming 且兼容轮询的 agent-platform bridge，AG-UI 是 UI 事件面，runtime MCP 是以 MCP tools 暴露的 operator control plane。
 - `runtime/default.observability.tracing` 现在可描述 OTLP endpoint 和 propagation mode 这类 exporter 元数据，使冻结的 runtime snapshot 在保留 trace correlation 的同时，也能保留有用的导出上下文，而不暴露 backend 私有 span 细节。
 - `agent-harness runtime overview`、`agent-harness runtime health`、`agent-harness runtime approvals list|watch`、`agent-harness runtime runs list|tail` 与 `agent-harness runtime export request|session` 提供了一层轻量 CLI，可直接查看 runtime health、queue pressure、governance risk、审批队列、运行状态与可审计证据包。

package/dist/acp.js

@@ -31,8 +31,8 @@ function toNotification(event) {
                 eventId: event.eventId,
                 eventType: event.eventType,
                 timestamp: event.timestamp,
-                sessionId: event.threadId,
-                requestId: event.runId,
+                sessionId: event.sessionId,
+                requestId: event.requestId,
                 sequence: event.sequence,
                 source: event.source,
                 payload: event.payload,

package/dist/api.d.ts

@@ -55,7 +55,7 @@ export type Approval = {
     allowedDecisions: Array<"approve" | "edit" | "reject">;
     inputPreview: Record<string, unknown>;
 };
-export type RequestArtifactListing = Omit<ArtifactListing, "threadId" | "runId"> & {
+export type RequestArtifactListing = Omit<ArtifactListing, "sessionId" | "requestId"> & {
     sessionId: string;
     requestId: string;
 };
@@ -97,17 +97,17 @@ type PublicApprovalFilter = {
     sessionId?: string;
     requestId?: string;
 };
-type PublicRequestStartOptions = Omit<RunStartOptions, "threadId" | "listeners"> & {
+type PublicRequestStartOptions = Omit<RunStartOptions, "sessionId" | "listeners"> & {
     sessionId?: string;
     listeners?: PublicRunListeners;
 };
-type PublicRequestDecisionOptions = Omit<RunDecisionOptions, "threadId" | "runId" | "listeners"> & {
+type PublicRequestDecisionOptions = Omit<RunDecisionOptions, "sessionId" | "requestId" | "listeners"> & {
     sessionId: string;
     requestId?: string;
     listeners?: PublicRunListeners;
 };
 type PublicRequestOptions = PublicRequestStartOptions | PublicRequestDecisionOptions;
-type PublicRequestResult = Omit<RunResult, "threadId" | "runId"> & {
+type PublicRequestResult = Omit<RunResult, "sessionId" | "requestId"> & {
     sessionId: string;
     requestId: string;
 };
@@ -188,13 +188,8 @@ export declare function describeInventory(runtime: AgentHarnessRuntime, options?
     workspaceRoot: string;
     agents: InventoryAgentRecord[];
 };
-export declare function resolveApproval(runtime: AgentHarnessRuntime, options: ResumeOptions & {
-    sessionId?: string;
-    requestId?: string;
-}): Promise<PublicRunResult>;
-export declare function cancelRun(runtime: AgentHarnessRuntime, options: CancelOptions & {
-    requestId?: string;
-}): Promise<PublicRunResult>;
+export declare function resolveApproval(runtime: AgentHarnessRuntime, options: ResumeOptions): Promise<PublicRunResult>;
+export declare function cancelRun(runtime: AgentHarnessRuntime, options: CancelOptions): Promise<PublicRunResult>;
 export declare function stop(runtime: AgentHarnessRuntime): Promise<void>;
 export declare function createToolMcpServer(runtime: AgentHarnessRuntime, options: ToolMcpServerOptions): Promise<import("@modelcontextprotocol/sdk/server/mcp").McpServer>;
 export declare function serveToolsOverStdio(runtime: AgentHarnessRuntime, options: ToolMcpServerOptions): Promise<import("@modelcontextprotocol/sdk/server/mcp").McpServer>;

package/dist/api.js

@@ -15,8 +15,8 @@ function toApprovalRecord(record) {
     return {
         approvalId: record.approvalId,
         pendingActionId: record.pendingActionId,
-        sessionId: record.threadId,
-        requestId: record.runId,
+        sessionId: record.sessionId,
+        requestId: record.requestId,
         toolName: record.toolName,
         ...(record.approvalReason ? { approvalReason: record.approvalReason } : {}),
         status: record.status,
@@ -47,8 +47,8 @@ function toPublicEvent(event) {
         eventId: event.eventId,
         eventType: toPublicEventType(event.eventType),
         timestamp: event.timestamp,
-        sessionId: event.threadId,
-        requestId: event.runId,
+        sessionId: event.sessionId,
+        requestId: event.requestId,
         sequence: event.sequence,
         source: event.source,
         payload: event.payload,
@@ -77,8 +77,8 @@ function toPublicRunListeners(listeners) {
         onUpstreamEvent: listeners.onUpstreamEvent,
         onTraceItem: listeners.onTraceItem
             ? async (item) => listeners.onTraceItem({
-                sessionId: item.threadId,
-                requestId: item.runId,
+                sessionId: item.sessionId,
+                requestId: item.requestId,
                 surfaceItem: item.surfaceItem,
                 event: item.event,
             })
@@ -87,8 +87,8 @@ function toPublicRunListeners(listeners) {
 }
 function toRequestArtifactListing(listing) {
     return {
-        sessionId: listing.threadId,
-        requestId: listing.runId,
+        sessionId: listing.sessionId,
+        requestId: listing.requestId,
         items: listing.items,
     };
 }
@@ -106,8 +106,8 @@ function toRequestPackage(pkg) {
 }
 function toPublicRunResult(result) {
     return {
-        sessionId: result.threadId,
-        requestId: result.runId,
+        sessionId: result.sessionId,
+        requestId: result.requestId,
         state: result.state,
         output: result.output,
         finalMessageText: result.finalMessageText,
@@ -130,8 +130,8 @@ function toInternalRunOptions(options) {
             decision: options.decision,
             editedInput: options.editedInput,
             listeners: toPublicRunListeners(options.listeners),
-            runId: options.requestId,
-            threadId: options.sessionId,
+            requestId: options.requestId,
+            sessionId: options.sessionId,
         };
     }
     return {
@@ -140,7 +140,7 @@ function toInternalRunOptions(options) {
         invocation: options.invocation,
         listeners: toPublicRunListeners(options.listeners),
         priority: options.priority,
-        threadId: options.sessionId,
+        sessionId: options.sessionId,
     };
 }
 function toInternalResumeOptions(options) {
@@ -148,14 +148,14 @@ function toInternalResumeOptions(options) {
         approvalId: options.approvalId,
         decision: options.decision,
         editedInput: options.editedInput,
-        runId: options.requestId ?? options.runId,
-        threadId: options.sessionId ?? options.threadId,
+        requestId: options.requestId,
+        sessionId: options.sessionId,
     };
 }
 function toPublicRequestSummary(run) {
     return {
-        requestId: run.runId,
-        sessionId: run.threadId,
+        requestId: run.requestId,
+        sessionId: run.sessionId,
         agentId: run.agentId,
         parentRunId: run.parentRunId,
         executionMode: run.executionMode,
@@ -270,9 +270,9 @@ export async function deleteSession(runtime, sessionId) {
 }
 export async function listApprovals(runtime, filter) {
     return (await runtime.listApprovals({
-        runId: filter?.requestId,
+        requestId: filter?.requestId,
         status: filter?.status,
-        threadId: filter?.sessionId,
+        sessionId: filter?.sessionId,
     })).map(toApprovalRecord);
 }
 export async function getApproval(runtime, approvalId) {
@@ -363,10 +363,7 @@ export async function resolveApproval(runtime, options) {
     return toPublicRunResult(await runtime.resume(toInternalResumeOptions(options)));
 }
 export async function cancelRun(runtime, options) {
-    return toPublicRunResult(await runtime.cancelRun({
-        ...options,
-        runId: options.requestId ?? options.runId,
-    }));
+    return toPublicRunResult(await runtime.cancelRun(options));
 }
 export async function stop(runtime) {
     return runtime.stop();

package/dist/contracts/runtime.d.ts

@@ -25,17 +25,8 @@ export type SessionListSummary = SessionSummary & {
     title?: string;
     snippet?: string;
 };
-/**
- * Backward-compatible alias for older thread/run terminology.
- */
-export type ThreadSummary = Omit<SessionSummary, "sessionId" | "latestRequestId"> & {
-    threadId: string;
-    latestRunId: string;
-};
-export type ThreadListSummary = Omit<SessionListSummary, "sessionId" | "latestRequestId"> & {
-    threadId: string;
-    latestRunId: string;
-};
+export type ThreadSummary = SessionSummary;
+export type ThreadListSummary = SessionListSummary;
 export type KnownHarnessEventType = "run.created" | "run.queued" | "run.dequeued" | "run.state.changed" | "run.resumed" | "approval.requested" | "approval.resolved" | "artifact.created" | "output.delta" | "runtime.health.changed" | "runtime.synthetic_fallback";
 export type HarnessEventType = KnownHarnessEventType | (string & {});
 /**
@@ -47,8 +38,8 @@ export type HarnessEvent = {
     eventId: string;
     eventType: HarnessEventType;
     timestamp: string;
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     sequence: number;
     source: "runtime" | "policy" | "surface" | "worker";
     payload: Record<string, unknown>;
@@ -65,8 +56,8 @@ export type HarnessEventProjection = {
  */
 export type RuntimeTimelineItem = {
     eventId: string;
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     eventType: HarnessEventType;
     timestamp: string;
     sequence: number;
@@ -75,8 +66,8 @@ export type RuntimeTimelineItem = {
     payload: Record<string, unknown>;
 };
 export type RuntimeTimelineProjectionOptions = {
-    threadId?: string;
-    runId?: string;
+    sessionId?: string;
+    requestId?: string;
 };
 /**
  * Ordered upstream/runtime execution trace projected from persisted upstream events.
@@ -128,6 +119,8 @@ export type RuntimeGovernanceDiagnostics = {
     runsWithGovernance: number;
     highRiskTools: number;
     approvalRequiredTools: number;
+    autoApprovedTools: number;
+    autoRejectedTools: number;
     untrustedMcpTools: number;
     crossTenantTools: number;
     writeAccessMcpTools: number;
@@ -178,6 +171,7 @@ export type RuntimeSnapshotTracing = {
     metadata?: Record<string, unknown>;
 };
 export type RuntimeGovernanceRiskLevel = "low" | "medium" | "high";
+export type RuntimeGovernanceDecisionMode = "none" | "manual" | "auto-approve" | "auto-reject" | "deny-and-continue";
 export type RuntimeGovernanceToolPolicy = {
     toolName: string;
     toolId: string;
@@ -194,6 +188,7 @@ export type RuntimeGovernanceToolPolicy = {
     risk: RuntimeGovernanceRiskLevel;
     requiresApproval: boolean;
     approvalPolicy: "explicit-hitl" | "runtime-default" | "none";
+    decisionMode: RuntimeGovernanceDecisionMode;
     hasInputSchema: boolean;
     inputRiskHints: string[];
 };
@@ -281,8 +276,6 @@ export type MemorizeInput = {
     records: MemorizeInputRecord[];
     sessionId?: string;
     requestId?: string;
-    threadId?: string;
-    runId?: string;
     agentId?: string;
     userId?: string;
     projectId?: string;
@@ -299,7 +292,6 @@ export type RecallInput = {
     topK?: number;
     includeStale?: boolean;
     sessionId?: string;
-    threadId?: string;
     agentId?: string;
     workspaceId?: string;
     userId?: string;
@@ -313,7 +305,6 @@ export type ListMemoriesInput = {
     kinds?: MemoryKind[];
     status?: MemoryRecordStatus[];
     sessionId?: string;
-    threadId?: string;
     agentId?: string;
     workspaceId?: string;
     userId?: string;
@@ -411,8 +402,8 @@ export type RuntimeHealthSnapshot = {
     };
 };
 export type RunResult = {
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     state: RunState;
     output: string;
     finalMessageText?: string;
@@ -429,8 +420,8 @@ export type RunResult = {
 };
 export type UpstreamRuntimeEvent = unknown;
 export type UpstreamRuntimeEventItem = {
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     surfaceItem: RuntimeSurfaceItem;
     event: UpstreamRuntimeEvent;
 };
@@ -457,14 +448,14 @@ export type InvocationEnvelope = {
 export type RunStartOptions = {
     agentId?: string;
     input: MessageContent;
-    threadId?: string;
+    sessionId?: string;
     priority?: number;
     invocation?: InvocationEnvelope;
     listeners?: RunListeners;
 };
 export type RunDecisionOptions = {
-    threadId: string;
-    runId?: string;
+    sessionId: string;
+    requestId?: string;
     approvalId?: string;
     decision: "approve" | "edit" | "reject";
     editedInput?: Record<string, unknown>;
@@ -476,28 +467,28 @@ export type HarnessStreamItem = {
     event: HarnessEvent;
 } | {
     type: "content";
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     agentId: string;
     content: string;
 } | {
     type: "content-blocks";
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     agentId: string;
     contentBlocks: unknown[];
 } | {
     type: "tool-result";
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     agentId: string;
     toolName: string;
     output: unknown;
     isError?: boolean;
 } | {
     type: "upstream-event";
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     surfaceItem?: RuntimeSurfaceItem;
     event: UpstreamRuntimeEvent;
 } | {
@@ -507,12 +498,12 @@ export type HarnessStreamItem = {
 export type TranscriptMessage = {
     role: "user" | "assistant";
     content: MessageContent;
-    runId: string;
+    requestId: string;
     createdAt: string;
 };
 export type ThreadRunRecord = {
-    runId: string;
-    threadId: string;
+    requestId: string;
+    sessionId: string;
     agentId: string;
     parentRunId?: string;
     executionMode: string;
@@ -533,25 +524,13 @@ export type ThreadRunRecord = {
  * Persisted request summary projected from upstream execution state plus runtime lifecycle metadata.
  * This is the canonical runtime-facing execution record.
  */
-export type RequestSummary = Omit<ThreadRunRecord, "threadId" | "runId"> & {
-    sessionId: string;
-    requestId: string;
-};
+export type RequestSummary = ThreadRunRecord;
 export type RequestRecord = RequestSummary & {
     traceItems?: unknown[];
     runtimeTimeline?: RuntimeTimelineItem[];
 };
-/**
- * Backward-compatible alias for older thread/run terminology.
- */
-export type RunSummary = Omit<RequestSummary, "sessionId" | "requestId"> & {
-    threadId: string;
-    runId: string;
-};
-export type RunRecord = RunSummary & {
-    traceItems?: unknown[];
-    runtimeTimeline?: RuntimeTimelineItem[];
-};
+export type RunSummary = RequestSummary;
+export type RunRecord = RequestRecord;
 /**
  * Persisted session inspection record assembled from runtime records.
  * This is an inspectable projection, not a second session semantic model.
@@ -574,27 +553,20 @@ export type SessionRecord = {
         requestedAt: string;
     };
 };
-/**
- * Backward-compatible alias for older thread/run terminology.
- */
-export type ThreadRecord = Omit<SessionRecord, "sessionId" | "latestRequestId" | "requests"> & {
-    threadId: string;
-    latestRunId: string;
-    runs: RunRecord[];
-};
+export type ThreadRecord = SessionRecord;
 export type ResumeOptions = {
-    threadId?: string;
-    runId?: string;
+    sessionId?: string;
+    requestId?: string;
     approvalId?: string;
     decision?: "approve" | "edit" | "reject";
     editedInput?: Record<string, unknown>;
 };
 export type CancelOptions = {
-    runId: string;
+    requestId: string;
     reason?: string;
 };
 export type RestartConversationOptions = {
-    threadId: string;
+    sessionId: string;
     mode: "restart-in-thread" | "restart-new-thread";
     input: string;
 };
@@ -606,8 +578,8 @@ export type RestartConversationOptions = {
 export type ApprovalRecord = {
     approvalId: string;
     pendingActionId: string;
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     toolName: string;
     approvalReason?: string;
     status: "pending" | "approved" | "edited" | "rejected" | "expired";
@@ -628,8 +600,8 @@ export type ArtifactRecord = {
     createdAt: string;
 };
 export type ArtifactListing = {
-    threadId: string;
-    runId: string;
+    sessionId: string;
+    requestId: string;
     items: ArtifactRecord[];
 };
 export type RuntimeToolResolver = (toolIds: string[], binding?: CompiledAgentBinding) => unknown[];