@caplets/core 0.18.8 → 0.19.0

package/dist/config-runtime.d.ts

@@ -0,0 +1,174 @@
+export type RemoteAuthConfig = {
+    type: "none";
+} | {
+    type: "bearer";
+    token: string;
+} | {
+    type: "headers";
+    headers: Record<string, string>;
+} | {
+    type: "oauth2" | "oidc";
+    authorizationUrl?: string | undefined;
+    tokenUrl?: string | undefined;
+    issuer?: string | undefined;
+    resourceMetadataUrl?: string | undefined;
+    authorizationServerMetadataUrl?: string | undefined;
+    openidConfigurationUrl?: string | undefined;
+    clientMetadataUrl?: string | undefined;
+    clientId?: string | undefined;
+    clientSecret?: string | undefined;
+    scopes?: string[] | undefined;
+    redirectUri?: string | undefined;
+};
+export type CapletSetupCommandConfig = {
+    label: string;
+    command: string;
+    args?: string[] | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    timeoutMs?: number | undefined;
+    maxOutputBytes?: number | undefined;
+};
+export type CapletSetupConfig = {
+    commands?: CapletSetupCommandConfig[] | undefined;
+    verify?: CapletSetupCommandConfig[] | undefined;
+};
+export type ProjectBindingConfig = {
+    required: true;
+};
+export type RuntimeFeature = "docker" | "browser";
+export type RuntimeResourceClass = "standard" | "large" | "heavy";
+export type RuntimeRequirementsConfig = {
+    features?: RuntimeFeature[] | undefined;
+    resources?: {
+        class?: RuntimeResourceClass | undefined;
+    } | undefined;
+};
+export type CapletServerConfig = CommonCapletConfig & {
+    backend: "mcp";
+    transport: "stdio" | "http" | "sse";
+    command?: string | undefined;
+    args?: string[] | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    url?: string | undefined;
+    auth?: RemoteAuthConfig | undefined;
+    startupTimeoutMs: number;
+    callTimeoutMs: number;
+    toolCacheTtlMs: number;
+};
+export type OpenApiAuthConfig = RemoteAuthConfig;
+export type OpenApiEndpointConfig = CommonCapletConfig & {
+    backend: "openapi";
+    specPath?: string | undefined;
+    specUrl?: string | undefined;
+    baseUrl?: string | undefined;
+    auth: OpenApiAuthConfig;
+    requestTimeoutMs: number;
+    operationCacheTtlMs: number;
+};
+export type GraphQlOperationConfig = {
+    document?: string | undefined;
+    documentPath?: string | undefined;
+    operationName?: string | undefined;
+    description?: string | undefined;
+};
+export type GraphQlEndpointConfig = CommonCapletConfig & {
+    backend: "graphql";
+    endpointUrl: string;
+    schemaPath?: string | undefined;
+    schemaUrl?: string | undefined;
+    introspection?: true | undefined;
+    operations?: Record<string, GraphQlOperationConfig> | undefined;
+    auth: OpenApiAuthConfig;
+    requestTimeoutMs: number;
+    operationCacheTtlMs: number;
+    selectionDepth: number;
+};
+export type HttpActionConfig = {
+    method: "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
+    path: string;
+    description?: string | undefined;
+    inputSchema?: Record<string, unknown> | undefined;
+    outputSchema?: Record<string, unknown> | undefined;
+    query?: Record<string, string | number | boolean> | undefined;
+    headers?: Record<string, string | number | boolean> | undefined;
+    jsonBody?: unknown;
+};
+export type HttpApiConfig = CommonCapletConfig & {
+    backend: "http";
+    baseUrl: string;
+    auth: OpenApiAuthConfig;
+    actions: Record<string, HttpActionConfig>;
+    requestTimeoutMs: number;
+    maxResponseBytes: number;
+};
+export type CliToolActionConfig = {
+    description?: string | undefined;
+    inputSchema?: Record<string, unknown> | undefined;
+    outputSchema?: Record<string, unknown> | undefined;
+    command: string;
+    args?: string[] | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    timeoutMs?: number | undefined;
+    maxOutputBytes?: number | undefined;
+    output?: {
+        type: "text" | "json";
+    } | undefined;
+    annotations?: {
+        readOnlyHint?: boolean | undefined;
+        destructiveHint?: boolean | undefined;
+        idempotentHint?: boolean | undefined;
+        openWorldHint?: boolean | undefined;
+    } | undefined;
+};
+export type CliToolsConfig = CommonCapletConfig & {
+    backend: "cli";
+    actions: Record<string, CliToolActionConfig>;
+    cwd?: string | undefined;
+    env?: Record<string, string> | undefined;
+    timeoutMs: number;
+    maxOutputBytes: number;
+};
+export type CapletSetConfig = CommonCapletConfig & {
+    backend: "caplets";
+    configPath?: string | undefined;
+    capletsRoot?: string | undefined;
+    defaultSearchLimit: number;
+    maxSearchLimit: number;
+    toolCacheTtlMs: number;
+};
+export type CapletConfig = CapletServerConfig | OpenApiEndpointConfig | GraphQlEndpointConfig | HttpApiConfig | CliToolsConfig | CapletSetConfig;
+export type CapletsConfig = {
+    version: 1;
+    options: {
+        defaultSearchLimit: number;
+        maxSearchLimit: number;
+        completion: {
+            discoveryTimeoutMs: number;
+            overallTimeoutMs: number;
+            cacheTtlMs: number;
+            negativeCacheTtlMs: number;
+        };
+    };
+    mcpServers: Record<string, CapletServerConfig>;
+    openapiEndpoints: Record<string, OpenApiEndpointConfig>;
+    graphqlEndpoints: Record<string, GraphQlEndpointConfig>;
+    httpApis: Record<string, HttpApiConfig>;
+    cliTools: Record<string, CliToolsConfig>;
+    capletSets: Record<string, CapletSetConfig>;
+};
+type CommonCapletConfig = {
+    server: string;
+    name: string;
+    description: string;
+    tags?: string[] | undefined;
+    body?: string | undefined;
+    setup?: CapletSetupConfig | undefined;
+    projectBinding?: ProjectBindingConfig | undefined;
+    runtime?: RuntimeRequirementsConfig | undefined;
+    disabled: boolean;
+};
+export declare function parseConfig(input: unknown): CapletsConfig;
+export {};

package/dist/config-runtime.js

@@ -0,0 +1,392 @@
+import { a as isAllowedHttpBaseUrl, c as validateHttpActionHeaders, i as SERVER_ID_PATTERN, n as HEADER_NAME_PATTERN, o as isAllowedRemoteUrl, r as HTTP_BASE_URL_PATTERN, s as isUrl, t as FORBIDDEN_HEADERS, u as CapletsError } from "./validation-BBG4skZf.js";
+import { _ as record, b as unknown, d as literal, l as discriminatedUnion, m as object, o as array, p as number, r as _enum, s as boolean, v as string, y as union } from "./schemas-BZ6BBrh7.js";
+//#region src/config-runtime.ts
+const stringMapSchema = record(string(), string());
+const authSchema = discriminatedUnion("type", [
+	object({ type: literal("none") }).strict(),
+	object({
+		type: literal("bearer"),
+		token: string().min(1)
+	}).strict(),
+	object({
+		type: literal("headers"),
+		headers: stringMapSchema
+	}).strict(),
+	oauthLikeSchema("oauth2"),
+	oauthLikeSchema("oidc")
+]);
+const setupCommandSchema = object({
+	label: string().min(1),
+	command: string().min(1),
+	args: array(string()).optional(),
+	env: stringMapSchema.optional(),
+	cwd: string().min(1).optional(),
+	timeoutMs: number().int().positive().optional(),
+	maxOutputBytes: number().int().positive().optional()
+}).strict();
+const setupSchema = object({
+	commands: array(setupCommandSchema).optional(),
+	verify: array(setupCommandSchema).optional()
+}).strict().refine((setup) => (setup.commands?.length ?? 0) > 0 || (setup.verify?.length ?? 0) > 0, "setup must define at least one command or verify step");
+const projectBindingSchema = object({ required: literal(true) }).strict();
+const runtimeRequirementsSchema = object({
+	features: array(_enum(["docker", "browser"])).refine((features) => new Set(features).size === features.length, { message: "runtime.features must not contain duplicate feature names" }).optional(),
+	resources: object({ class: _enum([
+		"standard",
+		"large",
+		"heavy"
+	]).optional() }).strict().optional()
+}).strict();
+const commonSchema = {
+	name: string().trim().min(1).max(80),
+	description: string().refine((value) => value.trim().length >= 10, "description must contain at least 10 non-whitespace characters").refine((value) => value.length <= 1500, "description must be at most 1500 characters"),
+	tags: array(string().trim().min(1).max(80)).optional(),
+	body: string().optional(),
+	setup: setupSchema.optional(),
+	projectBinding: projectBindingSchema.optional(),
+	runtime: runtimeRequirementsSchema.optional(),
+	disabled: boolean().default(false)
+};
+const mcpServerSchema = object({
+	...commonSchema,
+	transport: _enum([
+		"stdio",
+		"http",
+		"sse"
+	]).optional(),
+	command: string().min(1).optional(),
+	args: array(string()).optional(),
+	env: stringMapSchema.optional(),
+	cwd: string().min(1).optional(),
+	url: string().min(1).optional(),
+	auth: authSchema.optional(),
+	startupTimeoutMs: number().int().positive().default(1e4),
+	callTimeoutMs: number().int().positive().default(6e4),
+	toolCacheTtlMs: number().int().nonnegative().default(3e4)
+}).strict();
+const openApiEndpointSchema = object({
+	...commonSchema,
+	specPath: string().min(1).optional(),
+	specUrl: string().min(1).optional(),
+	baseUrl: string().min(1).optional(),
+	auth: authSchema,
+	requestTimeoutMs: number().int().positive().default(6e4),
+	operationCacheTtlMs: number().int().nonnegative().default(3e4)
+}).strict();
+const graphQlOperationSchema = object({
+	document: string().min(1).optional(),
+	documentPath: string().min(1).optional(),
+	operationName: string().min(1).optional(),
+	description: string().min(1).optional()
+}).strict().refine((operation) => Boolean(operation.document) !== Boolean(operation.documentPath), { message: "GraphQL operation must define exactly one document source" });
+const graphQlEndpointSchema = object({
+	...commonSchema,
+	endpointUrl: string().min(1),
+	schemaPath: string().min(1).optional(),
+	schemaUrl: string().min(1).optional(),
+	introspection: literal(true).optional(),
+	operations: record(string().regex(SERVER_ID_PATTERN), graphQlOperationSchema).optional(),
+	auth: authSchema,
+	requestTimeoutMs: number().int().positive().default(6e4),
+	operationCacheTtlMs: number().int().nonnegative().default(3e4),
+	selectionDepth: number().int().positive().max(5).default(2)
+}).strict();
+const scalarMapSchema = record(string(), union([
+	string(),
+	number(),
+	boolean()
+]));
+const httpActionSchema = object({
+	method: _enum([
+		"GET",
+		"POST",
+		"PUT",
+		"PATCH",
+		"DELETE"
+	]),
+	path: string().min(1).regex(/^\//, "HTTP action path must start with /").refine((value) => !value.startsWith("//"), "HTTP action path must not start with //").refine((value) => !isUrl(value), "HTTP action path must be a URL path, not a URL"),
+	description: string().min(1).optional(),
+	inputSchema: record(string(), unknown()).optional(),
+	outputSchema: record(string(), unknown()).optional(),
+	query: scalarMapSchema.optional(),
+	headers: scalarMapSchema.optional(),
+	jsonBody: unknown().optional()
+}).strict().refine((action) => action.method !== "GET" || action.jsonBody === void 0, {
+	path: ["jsonBody"],
+	message: "HTTP GET actions must not define jsonBody"
+});
+const httpApiSchema = object({
+	...commonSchema,
+	baseUrl: string().min(1).regex(HTTP_BASE_URL_PATTERN, "HTTP API baseUrl must not include credentials, query, or fragment"),
+	auth: authSchema,
+	actions: record(string().regex(SERVER_ID_PATTERN), httpActionSchema).refine((actions) => Object.keys(actions).length > 0, "HTTP API must define at least one action"),
+	requestTimeoutMs: number().int().positive().default(6e4),
+	maxResponseBytes: number().int().positive().default(2e5)
+}).strict();
+const cliActionSchema = object({
+	description: string().min(1).optional(),
+	inputSchema: record(string(), unknown()).optional(),
+	outputSchema: record(string(), unknown()).optional(),
+	command: string().min(1),
+	args: array(string()).optional(),
+	env: stringMapSchema.optional(),
+	cwd: string().min(1).optional(),
+	timeoutMs: number().int().positive().optional(),
+	maxOutputBytes: number().int().positive().optional(),
+	output: object({ type: _enum(["text", "json"]).default("text") }).strict().optional(),
+	annotations: object({
+		readOnlyHint: boolean().optional(),
+		destructiveHint: boolean().optional(),
+		idempotentHint: boolean().optional(),
+		openWorldHint: boolean().optional()
+	}).strict().optional()
+}).strict();
+const cliToolsSchema = object({
+	...commonSchema,
+	actions: record(string().regex(SERVER_ID_PATTERN), cliActionSchema).refine((actions) => Object.keys(actions).length > 0, "CLI tools backend must define at least one action"),
+	cwd: string().min(1).optional(),
+	env: stringMapSchema.optional(),
+	timeoutMs: number().int().positive().default(6e4),
+	maxOutputBytes: number().int().positive().default(2e5)
+}).strict();
+const capletSetSchema = object({
+	...commonSchema,
+	configPath: string().min(1).optional(),
+	capletsRoot: string().min(1).optional(),
+	defaultSearchLimit: number().int().positive().default(20),
+	maxSearchLimit: number().int().positive().max(50).default(50),
+	toolCacheTtlMs: number().int().nonnegative().default(3e4)
+}).strict();
+const configSchema = object({
+	version: literal(1).default(1),
+	defaultSearchLimit: number().int().positive().default(20),
+	maxSearchLimit: number().int().positive().max(50).default(50),
+	completion: object({
+		discoveryTimeoutMs: number().int().positive().default(750),
+		overallTimeoutMs: number().int().positive().default(1500),
+		cacheTtlMs: number().int().nonnegative().default(3e5),
+		negativeCacheTtlMs: number().int().nonnegative().default(3e4)
+	}).strict().default({
+		discoveryTimeoutMs: 750,
+		overallTimeoutMs: 1500,
+		cacheTtlMs: 3e5,
+		negativeCacheTtlMs: 3e4
+	}),
+	mcpServers: record(string().regex(SERVER_ID_PATTERN), mcpServerSchema).default({}),
+	openapiEndpoints: record(string().regex(SERVER_ID_PATTERN), openApiEndpointSchema).default({}),
+	graphqlEndpoints: record(string().regex(SERVER_ID_PATTERN), graphQlEndpointSchema).default({}),
+	httpApis: record(string().regex(SERVER_ID_PATTERN), httpApiSchema).default({}),
+	cliTools: record(string().regex(SERVER_ID_PATTERN), cliToolsSchema).default({}),
+	capletSets: record(string().regex(SERVER_ID_PATTERN), capletSetSchema).default({})
+}).strict().superRefine((config, ctx) => {
+	if (config.defaultSearchLimit > config.maxSearchLimit) ctx.addIssue({
+		code: "custom",
+		path: ["defaultSearchLimit"],
+		message: "defaultSearchLimit must be <= maxSearchLimit"
+	});
+	validateBackends(config, ctx);
+});
+function parseConfig(input) {
+	const parsed = configSchema.safeParse(input);
+	if (!parsed.success) throw new CapletsError("CONFIG_INVALID", "Caplets config is invalid", parsed.error.issues);
+	const config = parsed.data;
+	return {
+		version: 1,
+		options: {
+			defaultSearchLimit: config.defaultSearchLimit,
+			maxSearchLimit: config.maxSearchLimit,
+			completion: config.completion
+		},
+		mcpServers: mapBackend(config.mcpServers, "mcp", (id, raw) => {
+			const server = raw;
+			return {
+				...server,
+				server: id,
+				transport: server.transport ?? (server.command ? "stdio" : "http")
+			};
+		}),
+		openapiEndpoints: mapBackend(config.openapiEndpoints, "openapi"),
+		graphqlEndpoints: mapBackend(config.graphqlEndpoints, "graphql"),
+		httpApis: mapBackend(config.httpApis, "http"),
+		cliTools: mapBackend(config.cliTools, "cli"),
+		capletSets: mapBackend(config.capletSets, "caplets")
+	};
+}
+function oauthLikeSchema(type) {
+	return object({
+		type: literal(type),
+		authorizationUrl: string().min(1).optional(),
+		tokenUrl: string().min(1).optional(),
+		issuer: string().min(1).optional(),
+		resourceMetadataUrl: string().min(1).optional(),
+		authorizationServerMetadataUrl: string().min(1).optional(),
+		openidConfigurationUrl: string().min(1).optional(),
+		clientMetadataUrl: string().min(1).optional(),
+		clientId: string().min(1).optional(),
+		clientSecret: string().min(1).optional(),
+		scopes: array(string().min(1)).optional(),
+		redirectUri: string().min(1).optional()
+	}).strict();
+}
+function validateBackends(config, ctx) {
+	for (const [server, raw] of Object.entries(config.mcpServers)) {
+		const effectiveTransport = raw.transport ?? (raw.command ? "stdio" : void 0);
+		if (Boolean(raw.command) === Boolean(raw.url)) ctx.addIssue({
+			code: "custom",
+			path: ["mcpServers", server],
+			message: "MCP server must define exactly one connection shape: command or url"
+		});
+		if (effectiveTransport === "stdio" && !raw.command) ctx.addIssue({
+			code: "custom",
+			path: [
+				"mcpServers",
+				server,
+				"command"
+			],
+			message: "stdio servers require command"
+		});
+		if ((effectiveTransport === "http" || effectiveTransport === "sse") && !raw.url) ctx.addIssue({
+			code: "custom",
+			path: [
+				"mcpServers",
+				server,
+				"url"
+			],
+			message: "remote servers require url"
+		});
+		if (raw.url && !hasEnvReference(raw.url) && !isAllowedRemoteUrl(raw.url)) ctx.addIssue({
+			code: "custom",
+			path: [
+				"mcpServers",
+				server,
+				"url"
+			],
+			message: "remote url must use https except loopback development urls"
+		});
+		validateAuthHeaders(raw.auth, ctx, [
+			"mcpServers",
+			server,
+			"auth"
+		]);
+	}
+	for (const [server, raw] of Object.entries(config.openapiEndpoints)) {
+		if (Boolean(raw.specPath) === Boolean(raw.specUrl)) ctx.addIssue({
+			code: "custom",
+			path: ["openapiEndpoints", server],
+			message: "OpenAPI endpoint must define exactly one spec source: specPath or specUrl"
+		});
+		if (raw.specUrl && !hasEnvReference(raw.specUrl) && !isAllowedRemoteUrl(raw.specUrl)) ctx.addIssue({
+			code: "custom",
+			path: [
+				"openapiEndpoints",
+				server,
+				"specUrl"
+			],
+			message: "OpenAPI specUrl must use https except loopback development urls"
+		});
+		if (raw.baseUrl && !hasEnvReference(raw.baseUrl) && !isAllowedRemoteUrl(raw.baseUrl)) ctx.addIssue({
+			code: "custom",
+			path: [
+				"openapiEndpoints",
+				server,
+				"baseUrl"
+			],
+			message: "OpenAPI baseUrl must use https except loopback development urls"
+		});
+		validateAuthHeaders(raw.auth, ctx, [
+			"openapiEndpoints",
+			server,
+			"auth"
+		]);
+	}
+	for (const [server, raw] of Object.entries(config.graphqlEndpoints)) {
+		if (Number(Boolean(raw.schemaPath)) + Number(Boolean(raw.schemaUrl)) + Number(raw.introspection === true) !== 1) ctx.addIssue({
+			code: "custom",
+			path: ["graphqlEndpoints", server],
+			message: "GraphQL endpoint must define exactly one schema source"
+		});
+		if (raw.endpointUrl && !hasEnvReference(raw.endpointUrl) && !isAllowedRemoteUrl(raw.endpointUrl)) ctx.addIssue({
+			code: "custom",
+			path: [
+				"graphqlEndpoints",
+				server,
+				"endpointUrl"
+			],
+			message: "GraphQL endpointUrl must use https except loopback development urls"
+		});
+		validateAuthHeaders(raw.auth, ctx, [
+			"graphqlEndpoints",
+			server,
+			"auth"
+		]);
+	}
+	for (const [server, raw] of Object.entries(config.httpApis)) {
+		if (raw.baseUrl && !hasEnvReference(raw.baseUrl) && !isAllowedHttpBaseUrl(raw.baseUrl)) ctx.addIssue({
+			code: "custom",
+			path: [
+				"httpApis",
+				server,
+				"baseUrl"
+			],
+			message: "HTTP API baseUrl must use https except loopback development urls and must not include credentials, query, or fragment"
+		});
+		validateAuthHeaders(raw.auth, ctx, [
+			"httpApis",
+			server,
+			"auth"
+		]);
+		for (const [actionName, action] of Object.entries(raw.actions)) if (action.headers) validateHttpActionHeaders(action.headers, ctx, [
+			"httpApis",
+			server,
+			"actions",
+			actionName,
+			"headers"
+		]);
+	}
+	for (const [server, raw] of Object.entries(config.capletSets)) {
+		if (!raw.configPath && !raw.capletsRoot) ctx.addIssue({
+			code: "custom",
+			path: ["capletSets", server],
+			message: "Caplet set must define at least one source: configPath or capletsRoot"
+		});
+		if (raw.defaultSearchLimit > raw.maxSearchLimit) ctx.addIssue({
+			code: "custom",
+			path: [
+				"capletSets",
+				server,
+				"defaultSearchLimit"
+			],
+			message: "defaultSearchLimit must be <= maxSearchLimit"
+		});
+	}
+}
+function validateAuthHeaders(auth, ctx, path) {
+	if (auth?.type !== "headers") return;
+	for (const headerName of Object.keys(auth.headers)) {
+		const normalized = headerName.toLowerCase();
+		if (!HEADER_NAME_PATTERN.test(headerName) || FORBIDDEN_HEADERS.has(normalized)) ctx.addIssue({
+			code: "custom",
+			path: [
+				...path,
+				"headers",
+				headerName
+			],
+			message: `header ${headerName} is not allowed`
+		});
+	}
+}
+function mapBackend(records, backend, prepare) {
+	return Object.fromEntries(Object.entries(records).map(([id, raw]) => [id, stripUndefined({
+		...prepare ? prepare(id, raw) : raw,
+		server: id,
+		backend
+	})]));
+}
+function stripUndefined(value) {
+	return Object.fromEntries(Object.entries(value).filter(([, nested]) => nested !== void 0));
+}
+function hasEnvReference(value) {
+	return /\$\{?[A-Z_][A-Z0-9_]*\}?|\$env:[A-Z_][A-Z0-9_]*/u.test(value);
+}
+//#endregion
+export { parseConfig };

package/dist/config.d.ts

@@ -35,6 +35,30 @@ export type RemoteAuthConfig = {
     scopes?: string[] | undefined;
     redirectUri?: string | undefined;
 };
+export type CapletSetupCommandConfig = {
+    label: string;
+    command: string;
+    args?: string[] | undefined;
+    env?: Record<string, string> | undefined;
+    cwd?: string | undefined;
+    timeoutMs?: number | undefined;
+    maxOutputBytes?: number | undefined;
+};
+export type CapletSetupConfig = {
+    commands?: CapletSetupCommandConfig[] | undefined;
+    verify?: CapletSetupCommandConfig[] | undefined;
+};
+export type ProjectBindingConfig = {
+    required: true;
+};
+export type RuntimeFeature = "docker" | "browser";
+export type RuntimeResourceClass = "standard" | "large" | "heavy";
+export type RuntimeRequirementsConfig = {
+    features?: RuntimeFeature[] | undefined;
+    resources?: {
+        class?: RuntimeResourceClass | undefined;
+    } | undefined;
+};
 export type CapletServerConfig = {
     server: string;
     backend: "mcp";
@@ -53,6 +77,9 @@ export type CapletServerConfig = {
     callTimeoutMs: number;
     toolCacheTtlMs: number;
     disabled: boolean;
+    setup?: CapletSetupConfig | undefined;
+    projectBinding?: ProjectBindingConfig | undefined;
+    runtime?: RuntimeRequirementsConfig | undefined;
 };
 export type OpenApiAuthConfig = {
     type: "none";
@@ -79,6 +106,9 @@ export type OpenApiEndpointConfig = {
     requestTimeoutMs: number;
     operationCacheTtlMs: number;
     disabled: boolean;
+    setup?: CapletSetupConfig | undefined;
+    projectBinding?: ProjectBindingConfig | undefined;
+    runtime?: RuntimeRequirementsConfig | undefined;
 };
 export type GraphQlOperationConfig = {
     document?: string | undefined;
@@ -103,6 +133,9 @@ export type GraphQlEndpointConfig = {
     operationCacheTtlMs: number;
     selectionDepth: number;
     disabled: boolean;
+    setup?: CapletSetupConfig | undefined;
+    projectBinding?: ProjectBindingConfig | undefined;
+    runtime?: RuntimeRequirementsConfig | undefined;
 };
 export type HttpActionConfig = {
     method: "GET" | "POST" | "PUT" | "PATCH" | "DELETE";
@@ -127,6 +160,9 @@ export type HttpApiConfig = {
     requestTimeoutMs: number;
     maxResponseBytes: number;
     disabled: boolean;
+    setup?: CapletSetupConfig | undefined;
+    projectBinding?: ProjectBindingConfig | undefined;
+    runtime?: RuntimeRequirementsConfig | undefined;
 };
 export type CliToolOutputConfig = {
     type: "text" | "json";
@@ -162,6 +198,9 @@ export type CliToolsConfig = {
     timeoutMs: number;
     maxOutputBytes: number;
     disabled: boolean;
+    setup?: CapletSetupConfig | undefined;
+    projectBinding?: ProjectBindingConfig | undefined;
+    runtime?: RuntimeRequirementsConfig | undefined;
 };
 export type CapletSetConfig = {
     server: string;
@@ -176,6 +215,9 @@ export type CapletSetConfig = {
     maxSearchLimit: number;
     toolCacheTtlMs: number;
     disabled: boolean;
+    setup?: CapletSetupConfig | undefined;
+    projectBinding?: ProjectBindingConfig | undefined;
+    runtime?: RuntimeRequirementsConfig | undefined;
 };
 export type CapletConfig = CapletServerConfig | OpenApiEndpointConfig | GraphQlEndpointConfig | HttpApiConfig | CliToolsConfig | CapletSetConfig;
 export type CapletsOptions = {