@centrali-io/centrali-sdk 4.4.1 → 4.4.4

package/README.md

@@ -40,20 +40,36 @@ console.log('Found:', results.data.totalHits, 'results');
 
 ## Authentication
 
-The SDK supports two authentication methods:
+The SDK supports three authentication methods. See the [full authentication guide](../docs/sdk/authentication.md) for details.
 
-### Bearer Token (User Authentication)
+### Publishable Key (Frontend Apps)
+
+Safe to use in browser code. Scoped to specific resources.
+
+```typescript
+const centrali = new CentraliSDK({
+  baseUrl: 'https://centrali.io',
+  workspaceId: 'your-workspace',
+  publishableKey: 'pk_live_your_key_here'
+});
+```
+
+### External Token / BYOT (Clerk, Auth0, etc.)
+
+Dynamic token callback for apps with their own auth.
 
 ```typescript
 const centrali = new CentraliSDK({
   baseUrl: 'https://centrali.io',
   workspaceId: 'your-workspace',
-  token: 'your-jwt-token'
+  getToken: async () => await clerk.session.getToken()
 });
 ```
 
 ### Service Account (Server-to-Server)
 
+Never use in browser code. Client secret must stay on the server.
+
 ```typescript
 const centrali = new CentraliSDK({
   baseUrl: 'https://centrali.io',
@@ -61,8 +77,6 @@ const centrali = new CentraliSDK({
   clientId: process.env.CENTRALI_CLIENT_ID,
   clientSecret: process.env.CENTRALI_CLIENT_SECRET
 });
-
-// The SDK automatically fetches and manages tokens
 ```
 
 ## Features
@@ -79,6 +93,8 @@ const centrali = new CentraliSDK({
 - ✅ **Data Validation** - AI-powered typo detection, format validation, duplicate detection
 - ✅ **Anomaly Insights** - AI-powered anomaly detection and data quality insights
 - ✅ **Orchestrations** - Multi-step workflows with compute functions, decision logic, and delays
+- ✅ **Publishable keys** - Scoped, browser-safe keys for frontend apps
+- ✅ **External auth (BYOT)** - Dynamic token callback for Clerk, Auth0, etc.
 - ✅ **Service accounts** - Automatic token refresh for server-to-server auth
 
 ## Core Operations

package/dist/index.js

@@ -51,7 +51,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.CentraliSDK = exports.ComputeFunctionsManager = exports.CollectionsManager = exports.StructuresManager = exports.AllowedDomainsManager = exports.ValidationManager = exports.AnomalyInsightsManager = exports.SmartQueriesManager = exports.TriggersManager = exports.OrchestrationsManager = exports.RealtimeManager = exports.CentraliError = void 0;
+exports.CentraliSDK = exports.FunctionRunsManager = exports.ComputeFunctionsManager = exports.CollectionsManager = exports.StructuresManager = exports.AllowedDomainsManager = exports.ValidationManager = exports.AnomalyInsightsManager = exports.SmartQueriesManager = exports.TriggersManager = exports.OrchestrationsManager = exports.RealtimeManager = exports.CentraliError = void 0;
 exports.isCentraliError = isCentraliError;
 exports.getApiUrl = getApiUrl;
 exports.getAuthUrl = getAuthUrl;
@@ -84,6 +84,9 @@ exports.getCollectionBySlugApiPath = getCollectionBySlugApiPath;
 exports.getCollectionValidateApiPath = getCollectionValidateApiPath;
 exports.getComputeFunctionsApiPath = getComputeFunctionsApiPath;
 exports.getComputeFunctionTestApiPath = getComputeFunctionTestApiPath;
+exports.getFunctionRunsApiPath = getFunctionRunsApiPath;
+exports.getFunctionRunsByTriggerApiPath = getFunctionRunsByTriggerApiPath;
+exports.getFunctionRunsByFunctionApiPath = getFunctionRunsByFunctionApiPath;
 exports.getSmartQueryTestApiPath = getSmartQueryTestApiPath;
 exports.getValidationSuggestionsApiPath = getValidationSuggestionsApiPath;
 exports.getValidationSuggestionAcceptApiPath = getValidationSuggestionAcceptApiPath;
@@ -656,6 +659,28 @@ function getComputeFunctionTestApiPath(workspaceId) {
     return `data/workspace/${workspaceId}/api/v1/compute-functions/test`;
 }
 // =====================================================
+// Function Runs API Path Helpers
+// =====================================================
+/**
+ * Generate Function Runs base API URL PATH.
+ */
+function getFunctionRunsApiPath(workspaceId, runId) {
+    const basePath = `data/workspace/${workspaceId}/api/v1/function-runs`;
+    return runId ? `${basePath}/${runId}` : basePath;
+}
+/**
+ * Generate Function Runs by trigger API URL PATH.
+ */
+function getFunctionRunsByTriggerApiPath(workspaceId, triggerId) {
+    return `data/workspace/${workspaceId}/api/v1/function-runs/trigger/${triggerId}`;
+}
+/**
+ * Generate Function Runs by function API URL PATH.
+ */
+function getFunctionRunsByFunctionApiPath(workspaceId, functionId) {
+    return `data/workspace/${workspaceId}/api/v1/function-runs/function/${functionId}`;
+}
+// =====================================================
 // Smart Query Test API Path Helper (Configuration-as-Code)
 // =====================================================
 /**
@@ -2505,6 +2530,97 @@ class ComputeFunctionsManager {
     }
 }
 exports.ComputeFunctionsManager = ComputeFunctionsManager;
+/**
+ * Manager for querying function execution runs.
+ *
+ * Provides read access to function run history — useful for checking
+ * whether jobs completed, inspecting outputs, and monitoring trigger activity.
+ *
+ * Access via `client.runs`.
+ */
+class FunctionRunsManager {
+    constructor(workspaceId, requestFn) {
+        this.workspaceId = workspaceId;
+        this.requestFn = requestFn;
+    }
+    /**
+     * Get a function run by ID.
+     *
+     * @param runId - The function run UUID
+     * @returns The function run details
+     *
+     * @example
+     * ```ts
+     * const run = await client.runs.get('run-uuid');
+     * console.log('Status:', run.data.status);
+     * console.log('Duration:', run.data.endedAt ? Date.parse(run.data.endedAt) - Date.parse(run.data.startedAt) : 'still running');
+     * ```
+     */
+    get(runId) {
+        const path = getFunctionRunsApiPath(this.workspaceId, runId);
+        return this.requestFn('GET', path);
+    }
+    /**
+     * List runs for a specific trigger.
+     *
+     * @param triggerId - The trigger UUID
+     * @param options - Optional pagination and status filter
+     * @returns Paginated list of function runs
+     *
+     * @example
+     * ```ts
+     * // List recent runs for a trigger
+     * const runs = await client.runs.listByTrigger('trigger-uuid');
+     *
+     * // Filter to only failed runs
+     * const failed = await client.runs.listByTrigger('trigger-uuid', {
+     *   status: 'failure'
+     * });
+     * ```
+     */
+    listByTrigger(triggerId, options) {
+        const path = getFunctionRunsByTriggerApiPath(this.workspaceId, triggerId);
+        const queryParams = {};
+        if (options === null || options === void 0 ? void 0 : options.page)
+            queryParams.page = options.page;
+        if (options === null || options === void 0 ? void 0 : options.limit)
+            queryParams.limit = options.limit;
+        if (options === null || options === void 0 ? void 0 : options.status)
+            queryParams.status = options.status;
+        return this.requestFn('GET', path, null, queryParams);
+    }
+    /**
+     * List runs for a specific compute function.
+     *
+     * @param functionId - The compute function UUID
+     * @param options - Optional pagination and status filter
+     * @returns Paginated list of function runs
+     *
+     * @example
+     * ```ts
+     * // List recent runs for a function
+     * const runs = await client.runs.listByFunction('function-uuid');
+     *
+     * // Only completed runs, page 2
+     * const completed = await client.runs.listByFunction('function-uuid', {
+     *   status: 'completed',
+     *   page: 2
+     * });
+     * ```
+     */
+    listByFunction(functionId, options) {
+        const path = getFunctionRunsByFunctionApiPath(this.workspaceId, functionId);
+        const queryParams = {};
+        if (options === null || options === void 0 ? void 0 : options.page)
+            queryParams.page = options.page;
+        if (options === null || options === void 0 ? void 0 : options.limit)
+            queryParams.limit = options.limit;
+        if (options === null || options === void 0 ? void 0 : options.status)
+            queryParams.status = options.status;
+        return this.requestFn('GET', path, null, queryParams);
+    }
+}
+exports.FunctionRunsManager = FunctionRunsManager;
 /**
  * Main Centrali SDK client.
  */
@@ -2521,14 +2637,41 @@ class CentraliSDK {
         this._structures = null;
         this._collections = null;
         this._functions = null;
+        this._runs = null;
         this.isRefreshingToken = false;
         this.tokenRefreshPromise = null;
         this.options = options;
         this.token = options.token || null;
+        // Validate mutually exclusive auth options
+        const authPaths = [
+            options.publishableKey ? 'publishableKey' : null,
+            options.getToken ? 'getToken' : null,
+            (options.clientId || options.clientSecret) ? 'clientId/clientSecret' : null,
+        ].filter(Boolean);
+        if (options.publishableKey && authPaths.length > 1) {
+            throw new Error(`Cannot use publishableKey with ${authPaths.filter(p => p !== 'publishableKey').join(', ')}. Use one auth method.`);
+        }
+        if (options.getToken && (options.clientId || options.clientSecret)) {
+            throw new Error('Cannot use getToken with clientId/clientSecret. Use one auth method.');
+        }
         const apiUrl = getApiUrl(options.baseUrl);
         this.axios = axios_1.default.create(Object.assign({ baseURL: apiUrl, paramsSerializer: (params) => qs_1.default.stringify(params, { arrayFormat: "repeat" }), proxy: false }, options.axiosConfig));
         // Attach async interceptor to fetch token on first request if needed
         this.axios.interceptors.request.use((config) => __awaiter(this, void 0, void 0, function* () {
+            // Auth path 1: Publishable key — send as x-api-key header, no token logic
+            if (this.options.publishableKey) {
+                config.headers['x-api-key'] = this.options.publishableKey;
+                return config;
+            }
+            // Auth path 2: Dynamic token callback (getToken) — call on each request
+            if (this.options.getToken) {
+                this.token = yield this.options.getToken();
+                if (this.token) {
+                    config.headers.Authorization = `Bearer ${this.token}`;
+                }
+                return config;
+            }
+            // Auth path 3: Client credentials — fetch token on first request
             if (!this.token && this.options.clientId && this.options.clientSecret) {
                 this.token = yield fetchClientToken(this.options.clientId, this.options.clientSecret, this.options.baseUrl);
             }
@@ -2541,10 +2684,26 @@ class CentraliSDK {
         this.axios.interceptors.response.use((response) => response, (error) => __awaiter(this, void 0, void 0, function* () {
             var _a, _b;
             const originalRequest = error.config;
-            // Only attempt refresh for 401/403 errors when using client credentials
+            // Publishable keys: no retry — scope errors are permanent
+            if (this.options.publishableKey) {
+                return Promise.reject(error);
+            }
             const isAuthError = ((_a = error.response) === null || _a === void 0 ? void 0 : _a.status) === 401 || ((_b = error.response) === null || _b === void 0 ? void 0 : _b.status) === 403;
-            const hasClientCredentials = this.options.clientId && this.options.clientSecret;
             const hasNotRetried = !originalRequest._hasRetried;
+            // getToken path: retry once with a fresh token on 401
+            if (isAuthError && this.options.getToken && hasNotRetried) {
+                originalRequest._hasRetried = true;
+                try {
+                    this.token = yield this.options.getToken();
+                    originalRequest.headers.Authorization = `Bearer ${this.token}`;
+                    return this.axios(originalRequest);
+                }
+                catch (refreshError) {
+                    return Promise.reject(error);
+                }
+            }
+            // Client credentials path: refresh token and retry on 401/403
+            const hasClientCredentials = this.options.clientId && this.options.clientSecret;
             if (isAuthError && hasClientCredentials && hasNotRetried) {
                 // Mark request as retried to prevent infinite loops
                 originalRequest._hasRetried = true;
@@ -2871,6 +3030,29 @@ class CentraliSDK {
         }
         return this._functions;
     }
+    /**
+     * Runs namespace for querying execution history.
+     *
+     * Usage:
+     * ```ts
+     * // Get a specific run
+     * const run = await client.runs.get('run-id');
+     *
+     * // List runs for a trigger
+     * const runs = await client.runs.listByTrigger('trigger-id');
+     *
+     * // List failed runs for a compute definition
+     * const failed = await client.runs.listByFunction('fn-id', {
+     *   status: 'failure'
+     * });
+     * ```
+     */
+    get runs() {
+        if (!this._runs) {
+            this._runs = new FunctionRunsManager(this.options.workspaceId, this.request.bind(this));
+        }
+        return this._runs;
+    }
     /**
      * Manually set or update the bearer token for subsequent requests.
      */

package/index.ts

@@ -542,11 +542,22 @@ export interface CentraliSDKOptions {
     /** Base URL of Centrali (e.g. https://centrali.io). The SDK automatically uses api.centrali.io for API calls. */
     baseUrl: string;
     workspaceId: string;
+
+    // Auth path 1: Publishable key (frontend apps — safe to expose in browser code)
+    /** Publishable key for frontend access. Sent as x-api-key header. No token refresh needed. */
+    publishableKey?: string;
+
+    // Auth path 2: Bearer token (existing) + dynamic token callback (new)
     /** Optional initial bearer token for authentication */
     token?: string;
+    /** Optional callback to dynamically fetch a fresh token before each request (e.g., for Clerk, Auth0) */
+    getToken?: () => Promise<string>;
+
+    // Auth path 3: Service account (server-side only — never use in browser)
     /** Optional OAuth2 client credentials */
     clientId?: string;
     clientSecret?: string;
+
     /** Optional custom axios config */
     axiosConfig?: AxiosRequestConfig;
 }
@@ -1769,6 +1780,66 @@ export interface TestComputeFunctionResult {
     error?: string;
 }
 
+// =====================================================
+// Function Run Types
+// =====================================================
+
+/**
+ * Execution source for a function run.
+ */
+export type FunctionRunExecutionSource = 'trigger' | 'rerun' | 'manual' | 'scheduled' | 'http-trigger' | 'orchestration' | 'endpoint';
+
+/**
+ * Status of a function run.
+ */
+export type FunctionRunStatus = 'pending' | 'running' | 'completed' | 'failure' | 'timeout';
+
+/**
+ * A function run record representing a single execution of a compute function.
+ */
+export interface FunctionRun {
+    id: string;
+    createdBy: string;
+    functionId: string;
+    workspaceSlug: string;
+    jobId: string;
+    status: FunctionRunStatus;
+    runData: any | null;
+    startedAt: string;
+    endedAt?: string | null;
+    createdAt?: string;
+    updatedAt?: string;
+    executionId: string;
+    triggerId?: string | null;
+    triggerType?: string | null;
+    orchestrationRunId?: string | null;
+    orchestrationStepId?: string | null;
+    originalRunId?: string | null;
+    isRerun: boolean;
+    rerunCount: number;
+    rerunBy?: string | null;
+    rerunReason?: string | null;
+    functionCodeHash?: string | null;
+    functionVersion?: string | null;
+    executionSource: FunctionRunExecutionSource;
+    memoryUsageBytes?: number | null;
+    cpuUsageSeconds?: number | null;
+    errorCode?: string | null;
+    errorMessage?: string | null;
+    dataStrippedAt?: string | null;
+    archiveStorageAddress?: string | null;
+    archivedAt?: string | null;
+}
+
+/**
+ * Options for listing function runs by trigger or function.
+ */
+export interface ListFunctionRunsOptions {
+    page?: number;
+    limit?: number;
+    status?: FunctionRunStatus;
+}
+
 // =====================================================
 // Trigger CRUD Types (Configuration-as-Code)
 // =====================================================
@@ -2723,6 +2794,32 @@ export function getComputeFunctionTestApiPath(workspaceId: string): string {
     return `data/workspace/${workspaceId}/api/v1/compute-functions/test`;
 }
 
+// =====================================================
+// Function Runs API Path Helpers
+// =====================================================
+
+/**
+ * Generate Function Runs base API URL PATH.
+ */
+export function getFunctionRunsApiPath(workspaceId: string, runId?: string): string {
+    const basePath = `data/workspace/${workspaceId}/api/v1/function-runs`;
+    return runId ? `${basePath}/${runId}` : basePath;
+}
+
+/**
+ * Generate Function Runs by trigger API URL PATH.
+ */
+export function getFunctionRunsByTriggerApiPath(workspaceId: string, triggerId: string): string {
+    return `data/workspace/${workspaceId}/api/v1/function-runs/trigger/${triggerId}`;
+}
+
+/**
+ * Generate Function Runs by function API URL PATH.
+ */
+export function getFunctionRunsByFunctionApiPath(workspaceId: string, functionId: string): string {
+    return `data/workspace/${workspaceId}/api/v1/function-runs/function/${functionId}`;
+}
+
 // =====================================================
 // Smart Query Test API Path Helper (Configuration-as-Code)
 // =====================================================
@@ -4750,6 +4847,100 @@ export class ComputeFunctionsManager {
     }
 }
 
+/**
+ * Manager for querying function execution runs.
+ *
+ * Provides read access to function run history — useful for checking
+ * whether jobs completed, inspecting outputs, and monitoring trigger activity.
+ *
+ * Access via `client.runs`.
+ */
+export class FunctionRunsManager {
+    private requestFn: <T>(method: Method, path: string, data?: any, queryParams?: Record<string, any>) => Promise<ApiResponse<T>>;
+    private workspaceId: string;
+
+    constructor(
+        workspaceId: string,
+        requestFn: <T>(method: Method, path: string, data?: any, queryParams?: Record<string, any>) => Promise<ApiResponse<T>>
+    ) {
+        this.workspaceId = workspaceId;
+        this.requestFn = requestFn;
+    }
+
+    /**
+     * Get a function run by ID.
+     *
+     * @param runId - The function run UUID
+     * @returns The function run details
+     *
+     * @example
+     * ```ts
+     * const run = await client.runs.get('run-uuid');
+     * console.log('Status:', run.data.status);
+     * console.log('Duration:', run.data.endedAt ? Date.parse(run.data.endedAt) - Date.parse(run.data.startedAt) : 'still running');
+     * ```
+     */
+    public get(runId: string): Promise<ApiResponse<FunctionRun>> {
+        const path = getFunctionRunsApiPath(this.workspaceId, runId);
+        return this.requestFn<FunctionRun>('GET', path);
+    }
+
+    /**
+     * List runs for a specific trigger.
+     *
+     * @param triggerId - The trigger UUID
+     * @param options - Optional pagination and status filter
+     * @returns Paginated list of function runs
+     *
+     * @example
+     * ```ts
+     * // List recent runs for a trigger
+     * const runs = await client.runs.listByTrigger('trigger-uuid');
+     *
+     * // Filter to only failed runs
+     * const failed = await client.runs.listByTrigger('trigger-uuid', {
+     *   status: 'failure'
+     * });
+     * ```
+     */
+    public listByTrigger(triggerId: string, options?: ListFunctionRunsOptions): Promise<ApiResponse<PaginatedResponse<FunctionRun>>> {
+        const path = getFunctionRunsByTriggerApiPath(this.workspaceId, triggerId);
+        const queryParams: Record<string, any> = {};
+        if (options?.page) queryParams.page = options.page;
+        if (options?.limit) queryParams.limit = options.limit;
+        if (options?.status) queryParams.status = options.status;
+        return this.requestFn<PaginatedResponse<FunctionRun>>('GET', path, null, queryParams);
+    }
+
+    /**
+     * List runs for a specific compute function.
+     *
+     * @param functionId - The compute function UUID
+     * @param options - Optional pagination and status filter
+     * @returns Paginated list of function runs
+     *
+     * @example
+     * ```ts
+     * // List recent runs for a function
+     * const runs = await client.runs.listByFunction('function-uuid');
+     *
+     * // Only completed runs, page 2
+     * const completed = await client.runs.listByFunction('function-uuid', {
+     *   status: 'completed',
+     *   page: 2
+     * });
+     * ```
+     */
+    public listByFunction(functionId: string, options?: ListFunctionRunsOptions): Promise<ApiResponse<PaginatedResponse<FunctionRun>>> {
+        const path = getFunctionRunsByFunctionApiPath(this.workspaceId, functionId);
+        const queryParams: Record<string, any> = {};
+        if (options?.page) queryParams.page = options.page;
+        if (options?.limit) queryParams.limit = options.limit;
+        if (options?.status) queryParams.status = options.status;
+        return this.requestFn<PaginatedResponse<FunctionRun>>('GET', path, null, queryParams);
+    }
+}
+
 /**
  * Main Centrali SDK client.
  */
@@ -4767,12 +4958,28 @@ export class CentraliSDK {
     private _structures: StructuresManager | null = null;
     private _collections: CollectionsManager | null = null;
     private _functions: ComputeFunctionsManager | null = null;
+    private _runs: FunctionRunsManager | null = null;
     private isRefreshingToken: boolean = false;
     private tokenRefreshPromise: Promise<string> | null = null;
 
     constructor(options: CentraliSDKOptions) {
         this.options = options;
         this.token = options.token || null;
+
+        // Validate mutually exclusive auth options
+        const authPaths = [
+            options.publishableKey ? 'publishableKey' : null,
+            options.getToken ? 'getToken' : null,
+            (options.clientId || options.clientSecret) ? 'clientId/clientSecret' : null,
+        ].filter(Boolean);
+
+        if (options.publishableKey && authPaths.length > 1) {
+            throw new Error(`Cannot use publishableKey with ${authPaths.filter(p => p !== 'publishableKey').join(', ')}. Use one auth method.`);
+        }
+        if (options.getToken && (options.clientId || options.clientSecret)) {
+            throw new Error('Cannot use getToken with clientId/clientSecret. Use one auth method.');
+        }
+
         const apiUrl = getApiUrl(options.baseUrl);
         this.axios = axios.create({
             baseURL: apiUrl,
@@ -4785,6 +4992,22 @@ export class CentraliSDK {
         // Attach async interceptor to fetch token on first request if needed
         this.axios.interceptors.request.use(
             async (config) => {
+                // Auth path 1: Publishable key — send as x-api-key header, no token logic
+                if (this.options.publishableKey) {
+                    config.headers['x-api-key'] = this.options.publishableKey;
+                    return config;
+                }
+
+                // Auth path 2: Dynamic token callback (getToken) — call on each request
+                if (this.options.getToken) {
+                    this.token = await this.options.getToken();
+                    if (this.token) {
+                        config.headers.Authorization = `Bearer ${this.token}`;
+                    }
+                    return config;
+                }
+
+                // Auth path 3: Client credentials — fetch token on first request
                 if (!this.token && this.options.clientId && this.options.clientSecret) {
                     this.token = await fetchClientToken(
                         this.options.clientId,
@@ -4806,11 +5029,29 @@ export class CentraliSDK {
             async (error) => {
                 const originalRequest = error.config;
 
-                // Only attempt refresh for 401/403 errors when using client credentials
+                // Publishable keys: no retry — scope errors are permanent
+                if (this.options.publishableKey) {
+                    return Promise.reject(error);
+                }
+
                 const isAuthError = error.response?.status === 401 || error.response?.status === 403;
-                const hasClientCredentials = this.options.clientId && this.options.clientSecret;
                 const hasNotRetried = !originalRequest._hasRetried;
 
+                // getToken path: retry once with a fresh token on 401
+                if (isAuthError && this.options.getToken && hasNotRetried) {
+                    originalRequest._hasRetried = true;
+                    try {
+                        this.token = await this.options.getToken();
+                        originalRequest.headers.Authorization = `Bearer ${this.token}`;
+                        return this.axios(originalRequest);
+                    } catch (refreshError) {
+                        return Promise.reject(error);
+                    }
+                }
+
+                // Client credentials path: refresh token and retry on 401/403
+                const hasClientCredentials = this.options.clientId && this.options.clientSecret;
+
                 if (isAuthError && hasClientCredentials && hasNotRetried) {
                     // Mark request as retried to prevent infinite loops
                     originalRequest._hasRetried = true;
@@ -5188,6 +5429,33 @@ export class CentraliSDK {
         return this._functions;
     }
 
+    /**
+     * Runs namespace for querying execution history.
+     *
+     * Usage:
+     * ```ts
+     * // Get a specific run
+     * const run = await client.runs.get('run-id');
+     *
+     * // List runs for a trigger
+     * const runs = await client.runs.listByTrigger('trigger-id');
+     *
+     * // List failed runs for a compute definition
+     * const failed = await client.runs.listByFunction('fn-id', {
+     *   status: 'failure'
+     * });
+     * ```
+     */
+    public get runs(): FunctionRunsManager {
+        if (!this._runs) {
+            this._runs = new FunctionRunsManager(
+                this.options.workspaceId,
+                this.request.bind(this)
+            );
+        }
+        return this._runs;
+    }
+
     /**
      * Manually set or update the bearer token for subsequent requests.
      */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@centrali-io/centrali-sdk",
-  "version": "4.4.1",
+  "version": "4.4.4",
   "description": "Centrali Node SDK",
   "main": "dist/index.js",
   "type": "commonjs",