@caplets/core 0.26.0 → 0.27.0

package/dist/attach/api.d.ts

@@ -1,4 +1,5 @@
 import type { CapletsEngine } from "../engine";
+import type { CapletShadowingPolicy } from "../config";
 export type AttachExportKind = "caplet" | "tool" | "resource" | "resourceTemplate" | "prompt" | "completion";
 export type AttachInvokeRequest = {
     revision: string;
@@ -26,7 +27,7 @@ export type AttachManifestExport = {
     annotations?: unknown;
     schemaHash: string | null;
     capletId: string;
-    shadowing: "forbid" | "allow";
+    shadowing: CapletShadowingPolicy;
 };
 export type AttachProgressiveCapletExport = AttachManifestExport & {
     kind: "caplet";

package/dist/caplet-files-bundle.d.ts

@@ -454,6 +454,7 @@ export declare const capletFileSchema: z.ZodObject<{
     shadowing: z.ZodOptional<z.ZodEnum<{
         forbid: "forbid";
         allow: "allow";
+        namespace: "namespace";
     }>>;
 }, z.core.$strict>;
 export declare function capletJsonSchema(): unknown;

package/dist/caplet-source.js

@@ -10031,6 +10031,7 @@ function superRefine(fn, params) {
 //#endregion
 //#region src/config/validation.ts
 const SERVER_ID_PATTERN = /^[a-zA-Z0-9_-]{1,64}$/;
+const NAMESPACE_ALIAS_LABEL_PATTERN = /^[a-z](?:[a-z0-9-]{0,30}[a-z0-9])?$/;
 const HEADER_NAME_PATTERN = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/;
 const HTTP_BASE_URL_PATTERN = /^(?![a-zA-Z][a-zA-Z0-9+.-]*:\/\/[^/?#]*@)[^?#]*$/;
 const FORBIDDEN_HEADERS = /* @__PURE__ */ new Set([
@@ -10169,7 +10170,11 @@ const capletExposureSchema = _enum([
 	"direct_and_code_mode",
 	"progressive_and_code_mode"
 ]).describe("How this Caplet is exposed to agents.");
-const capletShadowingSchema = _enum(["forbid", "allow"]).describe("Whether attached local Caplets may shadow this remote Caplet ID.");
+const capletShadowingSchema = _enum([
+	"forbid",
+	"allow",
+	"namespace"
+]).describe("Whether attached local Caplets may shadow this remote Caplet ID.");
 const capletEndpointAuthSchema = discriminatedUnion("type", [
 	object({ type: literal("none") }).strict(),
 	object({
@@ -10849,7 +10854,11 @@ const exposureSchema = _enum([
 	"direct_and_code_mode",
 	"progressive_and_code_mode"
 ]);
-const shadowingSchema = _enum(["forbid", "allow"]).default("forbid");
+const shadowingSchema = _enum([
+	"forbid",
+	"allow",
+	"namespace"
+]).default("forbid");
 const commonSchema = {
 	name: string().trim().min(1).max(80),
 	description: string().refine((value) => value.trim().length >= 10, "description must contain at least 10 non-whitespace characters").refine((value) => value.length <= 1500, "description must be at most 1500 characters"),
@@ -10988,6 +10997,28 @@ const capletSetSchema = object({
 	maxSearchLimit: number().int().positive().max(50).default(50),
 	toolCacheTtlMs: number().int().nonnegative().default(3e4)
 }).strict();
+const namespaceAliasLabelSchema = string().regex(NAMESPACE_ALIAS_LABEL_PATTERN, "namespace alias labels must be lowercase DNS-style labels using letters, numbers, or hyphens");
+const namespaceAliasesSchema = object({
+	local: namespaceAliasLabelSchema.optional(),
+	upstreams: record(string().trim().min(1), namespaceAliasLabelSchema).default({})
+}).strict().default({ upstreams: {} }).superRefine((aliases, ctx) => {
+	const seen = /* @__PURE__ */ new Map();
+	const addAlias = (value, path) => {
+		if (!value) return;
+		const existing = seen.get(value);
+		if (existing) {
+			ctx.addIssue({
+				code: "custom",
+				path,
+				message: `namespace alias '${value}' is already used at ${existing.join(".")}`
+			});
+			return;
+		}
+		seen.set(value, path);
+	};
+	addAlias(aliases.local, ["local"]);
+	for (const [selector, alias] of Object.entries(aliases.upstreams)) addAlias(alias, ["upstreams", selector]);
+});
 const configSchema = object({
 	version: literal(1).default(1),
 	defaultSearchLimit: number().int().positive().default(20),
@@ -11018,7 +11049,8 @@ const configSchema = object({
 	graphqlEndpoints: record(string().regex(SERVER_ID_PATTERN), graphQlEndpointSchema).default({}),
 	httpApis: record(string().regex(SERVER_ID_PATTERN), httpApiSchema).default({}),
 	cliTools: record(string().regex(SERVER_ID_PATTERN), cliToolsSchema).default({}),
-	capletSets: record(string().regex(SERVER_ID_PATTERN), capletSetSchema).default({})
+	capletSets: record(string().regex(SERVER_ID_PATTERN), capletSetSchema).default({}),
+	namespaceAliases: namespaceAliasesSchema
 }).strict().superRefine((config, ctx) => {
 	if (config.defaultSearchLimit > config.maxSearchLimit) ctx.addIssue({
 		code: "custom",
@@ -11041,6 +11073,10 @@ function parseConfig(input) {
 			exposureDiscoveryConcurrency: config.options.exposureDiscoveryConcurrency,
 			completion: config.completion
 		},
+		namespaceAliases: stripUndefined({
+			local: config.namespaceAliases.local,
+			upstreams: config.namespaceAliases.upstreams
+		}),
 		mcpServers: mapBackend(config.mcpServers, "mcp", (id, raw) => {
 			const server = raw;
 			return {

package/dist/cli/inspection.d.ts

@@ -1,4 +1,4 @@
-import { type CapletConfig, type ConfigSource, type ConfigWithSources } from "../config";
+import { type CapletConfig, type CapletShadowingPolicy, type ConfigSource, type ConfigWithSources } from "../config";
 import type { ServerStatus } from "../registry";
 type CapletListRow = {
     server: string;
@@ -10,6 +10,7 @@ type CapletListRow = {
     source: ConfigSource["kind"] | "remote" | "unknown";
     path: string | null;
     shadows: ConfigSource[];
+    shadowing?: CapletShadowingPolicy | undefined;
 };
 type ConfigPaths = {
     userConfig: string;

package/dist/cli.d.ts

@@ -24,4 +24,9 @@ type CliIO = {
     readStdin?: () => Promise<string>;
 };
 export declare function runCli(args: string[], io?: CliIO): Promise<void>;
+export declare const readHiddenInputForTest: typeof readHiddenInput;
+declare function readHiddenInput(label: string, options?: {
+    input?: NodeJS.ReadableStream;
+    output?: Pick<NodeJS.WriteStream, "write">;
+}): Promise<string>;
 export declare function createProgram(io?: CliIO): Command;

package/dist/code-mode/types.d.ts

@@ -6,7 +6,7 @@ export type CodeModeCallableCaplet = {
     id: string;
     name: string;
     description: string;
-    shadowing?: "forbid" | "allow";
+    shadowing?: "forbid" | "allow" | "namespace";
     useWhen?: string;
     avoidWhen?: string;
 };

package/dist/{completion-DaYL-XQN.js → completion-1wDjwHkC.js}

@@ -1,5 +1,5 @@
-import { Bn as __exportAll, Ft as DEFAULT_COMPLETION_CACHE_DIR, Ht as resolveConfigPath, Pt as DEFAULT_AUTH_DIR, Vt as resolveCapletsRoot, Wt as resolveProjectConfigPath, lt as loadConfigWithSources } from "./service-rvZ7z6FI.js";
-import { u as CapletsError } from "./validation-C4tYXw6G.js";
+import { Hn as __exportAll, It as DEFAULT_AUTH_DIR, Kt as resolveProjectConfigPath, Lt as DEFAULT_COMPLETION_CACHE_DIR, Ut as resolveCapletsRoot, Wt as resolveConfigPath, lt as loadConfigWithSources } from "./service-BGGiZLHa.js";
+import { d as CapletsError } from "./validation-CWzd2gtn.js";
 import { mkdirSync, readFileSync, renameSync, writeFileSync } from "node:fs";
 import { dirname, join } from "node:path";
 import { createHash } from "node:crypto";
@@ -165,7 +165,8 @@ function listCaplets(configWithSources, options) {
 		status: initialServerStatus(server),
 		source: sources[server.server]?.kind ?? "unknown",
 		path: sources[server.server]?.path ?? null,
-		shadows: shadows[server.server] ?? []
+		shadows: shadows[server.server] ?? [],
+		shadowing: server.shadowing
 	})).sort((left, right) => left.server.localeCompare(right.server));
 }
 function initialServerStatus(server) {

package/dist/config/validation.d.ts

@@ -1,4 +1,5 @@
 export declare const SERVER_ID_PATTERN: RegExp;
+export declare const NAMESPACE_ALIAS_LABEL_PATTERN: RegExp;
 export declare const HEADER_NAME_PATTERN: RegExp;
 export declare const HTTP_BASE_URL_PATTERN: RegExp;
 export declare const FORBIDDEN_HEADERS: Set<string>;
@@ -10,6 +11,7 @@ type ValidationIssueSink = {
     }): void;
 };
 export declare function validateHttpActionHeaders(headers: Record<string, unknown>, ctx: ValidationIssueSink, path: Array<string>): void;
+export declare function isValidNamespaceAliasLabel(value: string): boolean;
 export declare function isAllowedRemoteUrl(value: string): boolean;
 export declare function isAllowedHttpBaseUrl(value: string): boolean;
 export declare function isUrl(value: string): boolean;

package/dist/config-runtime.d.ts

@@ -49,7 +49,7 @@ export type AgentSelectionHintsConfig = {
     avoidWhen?: string | undefined;
 };
 export type CapletExposure = "direct" | "progressive" | "code_mode" | "direct_and_code_mode" | "progressive_and_code_mode";
-export type CapletShadowingPolicy = "forbid" | "allow";
+export type CapletShadowingPolicy = "forbid" | "allow" | "namespace";
 export type CapletServerConfig = CommonCapletConfig & {
     backend: "mcp";
     transport: "stdio" | "http" | "sse";
@@ -157,6 +157,10 @@ export type CapletSetConfig = CommonCapletConfig & {
     toolCacheTtlMs: number;
 };
 export type CapletConfig = CapletServerConfig | OpenApiEndpointConfig | GoogleDiscoveryApiConfig | GraphQlEndpointConfig | HttpApiConfig | CliToolsConfig | CapletSetConfig;
+export type NamespaceAliasesConfig = {
+    local?: string | undefined;
+    upstreams: Record<string, string>;
+};
 export type CapletsConfig = {
     version: 1;
     options: {
@@ -172,6 +176,7 @@ export type CapletsConfig = {
             negativeCacheTtlMs: number;
         };
     };
+    namespaceAliases: NamespaceAliasesConfig;
     mcpServers: Record<string, CapletServerConfig>;
     openapiEndpoints: Record<string, OpenApiEndpointConfig>;
     googleDiscoveryApis: Record<string, GoogleDiscoveryApiConfig>;

package/dist/config-runtime.js

@@ -1,5 +1,5 @@
 import { _ as record, b as unknown, d as literal, l as discriminatedUnion, m as object, o as array, p as number, r as _enum, s as boolean, v as string, y as union } from "./schemas-BoqMu4MG.js";
-import { a as isAllowedHttpBaseUrl, c as validateHttpActionHeaders, i as SERVER_ID_PATTERN, n as HEADER_NAME_PATTERN, o as isAllowedRemoteUrl, r as HTTP_BASE_URL_PATTERN, s as isUrl, t as FORBIDDEN_HEADERS, u as CapletsError } from "./validation-C4tYXw6G.js";
+import { a as SERVER_ID_PATTERN, c as isUrl, d as CapletsError, i as NAMESPACE_ALIAS_LABEL_PATTERN, l as validateHttpActionHeaders, n as HEADER_NAME_PATTERN, o as isAllowedHttpBaseUrl, r as HTTP_BASE_URL_PATTERN, s as isAllowedRemoteUrl, t as FORBIDDEN_HEADERS } from "./validation-CWzd2gtn.js";
 //#region src/config-runtime.ts
 const stringMapSchema = record(string(), string());
 const authSchema = discriminatedUnion("type", [
@@ -49,7 +49,11 @@ const exposureSchema = _enum([
 	"direct_and_code_mode",
 	"progressive_and_code_mode"
 ]);
-const shadowingSchema = _enum(["forbid", "allow"]).default("forbid");
+const shadowingSchema = _enum([
+	"forbid",
+	"allow",
+	"namespace"
+]).default("forbid");
 const commonSchema = {
 	name: string().trim().min(1).max(80),
 	description: string().refine((value) => value.trim().length >= 10, "description must contain at least 10 non-whitespace characters").refine((value) => value.length <= 1500, "description must be at most 1500 characters"),
@@ -188,6 +192,28 @@ const capletSetSchema = object({
 	maxSearchLimit: number().int().positive().max(50).default(50),
 	toolCacheTtlMs: number().int().nonnegative().default(3e4)
 }).strict();
+const namespaceAliasLabelSchema = string().regex(NAMESPACE_ALIAS_LABEL_PATTERN, "namespace alias labels must be lowercase DNS-style labels using letters, numbers, or hyphens");
+const namespaceAliasesSchema = object({
+	local: namespaceAliasLabelSchema.optional(),
+	upstreams: record(string().trim().min(1), namespaceAliasLabelSchema).default({})
+}).strict().default({ upstreams: {} }).superRefine((aliases, ctx) => {
+	const seen = /* @__PURE__ */ new Map();
+	const addAlias = (value, path) => {
+		if (!value) return;
+		const existing = seen.get(value);
+		if (existing) {
+			ctx.addIssue({
+				code: "custom",
+				path,
+				message: `namespace alias '${value}' is already used at ${existing.join(".")}`
+			});
+			return;
+		}
+		seen.set(value, path);
+	};
+	addAlias(aliases.local, ["local"]);
+	for (const [selector, alias] of Object.entries(aliases.upstreams)) addAlias(alias, ["upstreams", selector]);
+});
 const configSchema = object({
 	version: literal(1).default(1),
 	defaultSearchLimit: number().int().positive().default(20),
@@ -218,7 +244,8 @@ const configSchema = object({
 	graphqlEndpoints: record(string().regex(SERVER_ID_PATTERN), graphQlEndpointSchema).default({}),
 	httpApis: record(string().regex(SERVER_ID_PATTERN), httpApiSchema).default({}),
 	cliTools: record(string().regex(SERVER_ID_PATTERN), cliToolsSchema).default({}),
-	capletSets: record(string().regex(SERVER_ID_PATTERN), capletSetSchema).default({})
+	capletSets: record(string().regex(SERVER_ID_PATTERN), capletSetSchema).default({}),
+	namespaceAliases: namespaceAliasesSchema
 }).strict().superRefine((config, ctx) => {
 	if (config.defaultSearchLimit > config.maxSearchLimit) ctx.addIssue({
 		code: "custom",
@@ -241,6 +268,10 @@ function parseConfig(input) {
 			exposureDiscoveryConcurrency: config.options.exposureDiscoveryConcurrency,
 			completion: config.completion
 		},
+		namespaceAliases: stripUndefined({
+			local: config.namespaceAliases.local,
+			upstreams: config.namespaceAliases.upstreams
+		}),
 		mcpServers: mapBackend(config.mcpServers, "mcp", (id, raw) => {
 			const server = raw;
 			return {

package/dist/config.d.ts

@@ -64,7 +64,7 @@ export type AgentSelectionHintsConfig = {
     useWhen?: string | undefined;
     avoidWhen?: string | undefined;
 };
-export type CapletShadowingPolicy = "forbid" | "allow";
+export type CapletShadowingPolicy = "forbid" | "allow" | "namespace";
 export type CapletExposure = "direct" | "progressive" | "code_mode" | "direct_and_code_mode" | "progressive_and_code_mode";
 export type CapletServerConfig = AgentSelectionHintsConfig & {
     server: string;
@@ -261,6 +261,10 @@ export type CapletSetConfig = AgentSelectionHintsConfig & {
     runtime?: RuntimeRequirementsConfig | undefined;
 };
 export type CapletConfig = CapletServerConfig | OpenApiEndpointConfig | GoogleDiscoveryApiConfig | GraphQlEndpointConfig | HttpApiConfig | CliToolsConfig | CapletSetConfig;
+export type NamespaceAliasesConfig = {
+    local?: string | undefined;
+    upstreams: Record<string, string>;
+};
 export type CapletsOptions = {
     defaultSearchLimit: number;
     maxSearchLimit: number;
@@ -278,6 +282,7 @@ export type CompletionConfig = {
 export type CapletsConfig = {
     version: 1;
     options: CapletsOptions;
+    namespaceAliases: NamespaceAliasesConfig;
     mcpServers: Record<string, CapletServerConfig>;
     openapiEndpoints: Record<string, OpenApiEndpointConfig>;
     googleDiscoveryApis: Record<string, GoogleDiscoveryApiConfig>;
@@ -350,6 +355,10 @@ export declare const configFileSchema: z.ZodObject<{
         exposureDiscoveryTimeoutMs: z.ZodDefault<z.ZodNumber>;
         exposureDiscoveryConcurrency: z.ZodDefault<z.ZodNumber>;
     }, z.core.$strict>>;
+    namespaceAliases: z.ZodDefault<z.ZodObject<{
+        local: z.ZodOptional<z.ZodString>;
+        upstreams: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodString>>;
+    }, z.core.$strict>>;
     mcpServers: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<unknown, unknown, z.core.$ZodTypeInternals<unknown, unknown>>>>;
     openapiEndpoints: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<unknown, unknown, z.core.$ZodTypeInternals<unknown, unknown>>>>;
     googleDiscoveryApis: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodType<unknown, unknown, z.core.$ZodTypeInternals<unknown, unknown>>>>;

package/dist/daemon/host-path.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Node's POSIX filesystem APIs do not treat backslashes as path separators. Tests
+ * sometimes emulate Windows daemon operations with POSIX temp directories, which
+ * `node:path.win32` renders as drive-less absolute paths such as
+ * `\tmp\caplets-...`. On POSIX hosts those strings would otherwise be created as
+ * single backslash-named entries in the current working directory.
+ */
+export declare function daemonHostPath(path: string): string;

package/dist/errors.d.ts

@@ -1,4 +1,4 @@
-export declare const CAPLETS_ERROR_CODES: readonly ["CONFIG_NOT_FOUND", "CONFIG_EXISTS", "CONFIG_INVALID", "REQUEST_INVALID", "SERVER_NOT_FOUND", "SERVER_UNAVAILABLE", "SERVER_START_TIMEOUT", "UNKNOWN_OPERATION", "TOOL_NOT_FOUND", "TOOL_CALL_TIMEOUT", "AUTH_REQUIRED", "AUTH_FAILED", "AUTH_REFRESH_FAILED", "DOWNSTREAM_PROTOCOL_ERROR", "DOWNSTREAM_TOOL_ERROR", "UNSUPPORTED_OPERATION", "UNSUPPORTED_CAPABILITY", "PROMPT_NOT_FOUND", "DOWNSTREAM_RESOURCE_ERROR", "DOWNSTREAM_PROMPT_ERROR", "DOWNSTREAM_COMPLETION_ERROR", "ATTACH_MANIFEST_STALE", "ATTACH_EXPORT_NOT_FOUND", "UNSUPPORTED_TRANSPORT", "INTERNAL_ERROR"];
+export declare const CAPLETS_ERROR_CODES: readonly ["CONFIG_NOT_FOUND", "CONFIG_EXISTS", "CONFIG_INVALID", "REQUEST_INVALID", "SERVER_NOT_FOUND", "SERVER_UNAVAILABLE", "SERVER_START_TIMEOUT", "UNKNOWN_OPERATION", "CAPLET_NAMESPACE_COLLISION", "TOOL_NOT_FOUND", "TOOL_CALL_TIMEOUT", "AUTH_REQUIRED", "AUTH_FAILED", "REMOTE_CREDENTIALS_REVOKED", "AUTH_REFRESH_FAILED", "DOWNSTREAM_PROTOCOL_ERROR", "DOWNSTREAM_TOOL_ERROR", "UNSUPPORTED_OPERATION", "UNSUPPORTED_CAPABILITY", "PROMPT_NOT_FOUND", "DOWNSTREAM_RESOURCE_ERROR", "DOWNSTREAM_PROMPT_ERROR", "DOWNSTREAM_COMPLETION_ERROR", "ATTACH_MANIFEST_STALE", "ATTACH_EXPORT_NOT_FOUND", "UNSUPPORTED_TRANSPORT", "INTERNAL_ERROR"];
 export type CapletsErrorCode = (typeof CAPLETS_ERROR_CODES)[number];
 export type SafeErrorSummary = {
     code: CapletsErrorCode;

package/dist/exposure/namespace.d.ts

@@ -0,0 +1,39 @@
+import type { CapletShadowingPolicy } from "../config";
+export type NamespaceSourceKind = "local" | "upstream";
+export type NamespaceDiagnosticReason = "namespace_collision" | "missing_durable_source_identity" | "namespace_alias_invalid" | "generated_id_collision" | "unsupported_protocol";
+export type NamespaceSourceEntry<Route = unknown> = {
+    baseId: string;
+    sourceKind: NamespaceSourceKind;
+    sourceLabel?: string | undefined;
+    namespaceAlias?: string | undefined;
+    durableSourceIdentity?: string | undefined;
+    shadowing: CapletShadowingPolicy;
+    route: Route;
+};
+export type NamespaceVisibleRecord<Route = unknown> = NamespaceSourceEntry<Route> & {
+    id: string;
+    label: string;
+    namespaced: boolean;
+};
+export type NamespaceDiagnostic = {
+    requestedId: string;
+    reason: NamespaceDiagnosticReason;
+    alternatives: string[];
+    sources: Array<{
+        sourceKind: NamespaceSourceKind;
+        label: string;
+        durableSourceIdentity?: string | undefined;
+    }>;
+    hint: string;
+};
+export type NamespaceResolution<Route = unknown> = {
+    visibleRecords: NamespaceVisibleRecord<Route>[];
+    routes: Map<string, Route>;
+    suppressedBareIds: Map<string, NamespaceDiagnostic>;
+    unavailableDiagnostics: NamespaceDiagnostic[];
+};
+export type NamespaceResolutionOptions = {
+    hashLength?: number | undefined;
+    maxHashLength?: number | undefined;
+};
+export declare function resolveNamespaceExposure<Route>(entries: NamespaceSourceEntry<Route>[], options?: NamespaceResolutionOptions): NamespaceResolution<Route>;