@codemation/core-nodes 0.12.0 → 0.14.0

package/dist/index.js

@@ -1,13 +1,10 @@
-import { AgentConfigInspector, AgentConnectionNodeCollector, AgentGuardrailDefaults, AgentMessageConfigNormalizer, CallableToolConfig, ChildExecutionScopeFactory, CodemationTelemetryAttributeNames, CodemationTelemetryMetricNames, ConnectionInvocationIdFactory, ConnectionNodeIdFactory, CoreTokens, DefinedNodeRegistry, GenAiTelemetryAttributeNames, InboxChannelResolverToken, ItemExprResolver, ItemsInputNormalizer, NodeBackedToolConfig, NodeOutputNormalizer, RetryPolicy, RunnableOutputBehaviorResolver, SuspensionRequest, WorkflowBuilder, chatModel, defineCredential, defineHumanApprovalNode, defineNode, emitPorts, getOriginIndexFromItem, inject, injectable, isPortsEmission, node } from "@codemation/core";
+import { AgentConfigInspector, AgentConnectionNodeCollector, AgentGuardrailDefaults, AgentMessageConfigNormalizer, CallableToolConfig, ChildExecutionScopeFactory, CodemationTelemetryAttributeNames, CodemationTelemetryMetricNames, ConnectionInvocationIdFactory, ConnectionNodeIdFactory, CoreTokens, DefinedNodeRegistry, GenAiTelemetryAttributeNames, InboxChannelResolverToken, ItemExprResolver, ItemsInputNormalizer, NodeBackedToolConfig, NodeOutputNormalizer, RetryPolicy, RunnableOutputBehaviorResolver, SuspensionRequest, WorkflowBuilder, chatModel, defineCredential, defineHumanApprovalNode, defineNode, definePollingTrigger, emitPorts, getOriginIndexFromItem, inject, injectable, isPortsEmission, node } from "@codemation/core";
 import dns from "node:dns/promises";
 import { CredentialResolverFactory } from "@codemation/core/bootstrap";
 import { createHash, createHmac, randomBytes } from "node:crypto";
 import { Cron } from "croner";
 
 //#region src/credentials/ApiKeyCredentialType.ts
-/**
-* API key credential that injects a key either as an HTTP header or a query parameter.
-*/
 const apiKeyCredentialType = defineCredential({
 	key: "core-nodes.api-key",
 	label: "API Key",
@@ -55,10 +52,6 @@ const apiKeyCredentialType = defineCredential({
 
 //#endregion
 //#region src/credentials/BasicAuthCredentialType.ts
-/**
-* HTTP Basic authentication credential.
-* Session sets `Authorization: Basic <base64(username:password)>`.
-*/
 const basicAuthCredentialType = defineCredential({
 	key: "core-nodes.basic-auth",
 	label: "Basic Auth",
@@ -96,10 +89,6 @@ const basicAuthCredentialType = defineCredential({
 
 //#endregion
 //#region src/credentials/BearerTokenCredentialType.ts
-/**
-* Simple Bearer token credential.
-* Session sets `Authorization: Bearer <token>` on every request.
-*/
 const bearerTokenCredentialType = defineCredential({
 	key: "core-nodes.bearer-token",
 	label: "Bearer Token",
@@ -158,24 +147,6 @@ var OAuth2TokenExchangeFactory = class {
 
 //#endregion
 //#region src/credentials/OAuth2ClientCredentialsTypeFactory.ts
-/**
-* OAuth2 client-credentials flow credential.
-*
-* This is a machine-to-machine flow: no user redirect occurs. The session
-* POSTs to the configured `tokenUrl` with `client_credentials` grant, caches
-* the resulting access token for the duration of the session, and injects it
-* as `Authorization: Bearer <token>` on each request.
-*
-* Token caching is per-session only (one createSession call = one token fetch
-* at most). Cross-session caching would require host-level state and is out of
-* scope here. Because the engine creates a fresh session per execution, a new
-* token is fetched once per node activation.
-*
-* NOTE: `auth` is intentionally omitted from the definition. The OAuth2
-* `auth: { kind: "oauth2" }` shape signals an authorization-code / user-redirect
-* flow; using it here would cause the host UI to render an OAuth consent button
-* that goes nowhere. Client-credentials is a purely server-side flow.
-*/
 const oauth2ClientCredentialsType = defineCredential({
 	key: "core-nodes.oauth2-client-credentials",
 	label: "OAuth2 Client Credentials",
@@ -259,10 +230,6 @@ const oauth2ClientCredentialsType = defineCredential({
 
 //#endregion
 //#region src/http/SSRFBlockedError.ts
-/**
-* Thrown when an HTTP request target resolves to a private, link-local, or
-* loopback address and `allowPrivateNetworkTargets` is not set.
-*/
 var SSRFBlockedError = class extends Error {
 	resolvedIp;
 	constructor(host, resolvedIp) {
@@ -274,26 +241,7 @@ var SSRFBlockedError = class extends Error {
 
 //#endregion
 //#region src/http/SsrfGuard.ts
-/** Emitted once per process when NODE_ENV=production and no allowedOutboundHosts is set. */
 let _productionNoAllowlistWarned = false;
-/**
-* Guards HTTP requests against Server-Side Request Forgery (SSRF) by
-* DNS-resolving the target host and rejecting private/link-local/loopback
-* addresses.
-*
-* Blocked ranges:
-* - RFC-1918: 10/8, 172.16/12, 192.168/16
-* - Link-local: 169.254/16
-* - Loopback: 127/8, ::1
-*
-* When `allowedOutboundHosts` is set, every resolved DNS target must match
-* at least one entry in the list (exact hostname or `*.example.com` wildcard).
-* When unset, existing behaviour applies: private ranges blocked, public allowed.
-*
-* Call {@link check} before making any outbound HTTP request.
-* Pass `allowPrivate: true` to bypass the private-network guard for trusted workflows
-* (allowedOutboundHosts allowlist is still applied when set).
-*/
 var SsrfGuard = class {
 	constructor(allowedOutboundHosts) {
 		this.allowedOutboundHosts = allowedOutboundHosts;
@@ -302,15 +250,6 @@ var SsrfGuard = class {
 			console.warn("[SsrfGuard] WARNING: NODE_ENV=production but no allowedOutboundHosts is configured for HttpRequest. All public destinations are permitted. Set allowedOutboundHosts to restrict outbound traffic.");
 		}
 	}
-	/**
-	* Resolves the host of `url` via DNS and throws {@link SSRFBlockedError}
-	* if any resolved address falls in a blocked range, or if the host does not
-	* match the operator-configured allowlist (when set).
-	*
-	* @param url - Fully-qualified URL of the intended request target.
-	* @param allowPrivate - When `true`, the private-network check is skipped.
-	*   The allowedOutboundHosts check is still applied when set.
-	*/
 	async check(url, allowPrivate) {
 		if (allowPrivate && !this.allowedOutboundHosts?.length) return;
 		let host;
@@ -334,10 +273,6 @@ var SsrfGuard = class {
 		}
 		for (const { address } of addresses) if (this.isPrivateAddress(address)) throw new SSRFBlockedError(host, address);
 	}
-	/**
-	* Returns true when `host` matches at least one entry in `allowedOutboundHosts`.
-	* Supports exact hostnames (`api.example.com`) and wildcard prefixes (`*.example.com`).
-	*/
 	isHostAllowed(host) {
 		for (const allowed of this.allowedOutboundHosts ?? []) if (allowed.startsWith("*.")) {
 			const suffix = allowed.slice(1);
@@ -371,21 +306,6 @@ var SsrfGuard = class {
 
 //#endregion
 //#region src/http/HttpRequestExecutor.ts
-/**
-* Executes a single HTTP request described by {@link HttpRequestSpec}.
-*
-* - Credential sessions provide header/query deltas via `applyToRequest`.
-* - Body encoding is delegated to {@link HttpBodyBuilder}.
-* - URL query merging is delegated to {@link HttpUrlBuilder}.
-* - SSRF protection is delegated to {@link SsrfGuard} (injected).
-* - Binary response bodies: when `download.mode` triggers binary attach, the
-*   `bodyBinaryName` field is set in the result but the body is NOT read here.
-*   Callers that need binary attachment should use `buildRequest` to get the
-*   resolved URL + init and make the fetch + binary attach themselves.
-*
-* Collaborators (`fetch`, body builder, url builder, ssrfGuard) are injected so
-* callers own construction at composition roots and tests can supply deterministic stubs.
-*/
 var HttpRequestExecutor = class {
 	constructor(fetchFn, bodyBuilder, urlBuilder, ssrfGuard) {
 		this.fetchFn = fetchFn;
@@ -393,14 +313,6 @@ var HttpRequestExecutor = class {
 		this.urlBuilder = urlBuilder;
 		this.ssrfGuard = ssrfGuard;
 	}
-	/**
-	* Builds the fetch init (headers, query, body) from the spec + credential delta,
-	* returning both the resolved URL and the RequestInit so callers can make the
-	* actual fetch call themselves (useful for streaming / binary attach).
-	*
-	* Also performs SSRF protection via the injected {@link SsrfGuard} before
-	* returning — throws {@link SSRFBlockedError} if the target is a private address.
-	*/
 	async buildRequest(spec, item) {
 		await this.ssrfGuard.check(spec.url, spec.allowPrivateNetworkTargets ?? false);
 		const credentialDelta = spec.credential?.applyToRequest(spec) ?? {};
@@ -424,12 +336,6 @@ var HttpRequestExecutor = class {
 			}
 		};
 	}
-	/**
-	* Executes an HTTP request and returns parsed result.
-	* For binary downloads (when `shouldAttachBody` is true), the body is NOT consumed
-	* and callers must call `ctx.binary.attach` directly using the resolved URL + init
-	* (available via `buildRequest`).
-	*/
 	async execute(spec, item) {
 		const { url: resolvedUrl, init } = await this.buildRequest(spec, item);
 		const response = await this.fetchFn(resolvedUrl, init);
@@ -486,10 +392,6 @@ var HttpRequestExecutor = class {
 
 //#endregion
 //#region src/http/HttpBodyBuilder.ts
-/**
-* Builds a fetch-compatible `BodyInit` + Content-Type pair from an {@link HttpBodySpec}.
-* Multipart binaries are read from `item.binary` via `ctx.binary.openReadStream`.
-*/
 var HttpBodyBuilder = class {
 	async build(spec, item, ctx) {
 		if (!spec || spec.kind === "none") return;
@@ -560,10 +462,6 @@ var HttpBodyBuilder = class {
 
 //#endregion
 //#region src/http/HttpUrlBuilder.ts
-/**
-* Merges query parameters into a base URL.
-* Handles both scalar and array values, and preserves any existing params.
-*/
 var HttpUrlBuilder = class {
 	build(baseUrl, query) {
 		if (!query || Object.keys(query).length === 0) return baseUrl;
@@ -576,39 +474,12 @@ var HttpUrlBuilder = class {
 
 //#endregion
 //#region src/authoring/defineRestNode.types.ts
-/**
-* Substitutes `{name}` placeholders in a path template using values from `params`.
-*/
 function substitutePath(template, params) {
 	return template.replace(/\{([^}]+)}/g, (_match, key) => {
 		const value = params[key];
 		return value !== void 0 ? String(value) : `{${key}}`;
 	});
 }
-/**
-* Declarative helper for creating thin API-wrapper nodes.
-*
-* Usage:
-* ```ts
-* export const postMessage = defineRestNode({
-*   key: "slack.post-message",
-*   title: "Send Slack message",
-*   icon: "si:slack",
-*   api: { baseUrl: "https://slack.com/api", path: "/chat.postMessage", method: "POST" },
-*   credentials: { auth: bearerTokenCredentialType },
-*   inputSchema: z.object({ channel: z.string(), text: z.string() }),
-*   request: ({ input }) => ({
-*     body: { kind: "json", data: { channel: input.channel, text: input.text } },
-*   }),
-*   response: ({ json }) => ({ messageTs: (json as any).ts }),
-* });
-* ```
-*
-* - `defineRestNode` is a thin wrapper over `defineNode`; it does not introduce a new runtime kind.
-* - Credential sessions are resolved via the `credentials` binding map (same as `defineNode`).
-* - Path `{placeholder}` substitution is applied from `input` keys before the request is made.
-* - Non-2xx responses throw an `Error` by default (`errorPolicy: "throw"`).
-*/
 function defineRestNode(options) {
 	const errorPolicy = options.errorPolicy ?? "throw";
 	return defineNode({
@@ -4146,11 +4017,6 @@ function toJSONSchema(input, params) {
 
 //#endregion
 //#region src/nodes/ConnectionCredentialExecutionContextFactory.ts
-/**
-* Builds a {@link NodeExecutionContext} whose identity for credential binding and `getCredential`
-* is a **connection-owned** workflow node id (`ConnectionNodeIdFactory` in `@codemation/core`),
-* not the executing parent node. Use for LLM slots, tool slots, or any connection-scoped owner.
-*/
 var ConnectionCredentialExecutionContextFactory = class {
 	credentialResolverFactory;
 	constructor(credentialSessions) {
@@ -4173,15 +4039,6 @@ let AIAgentExecutionHelpersFactory = class AIAgentExecutionHelpersFactory$1 {
 	createConnectionCredentialExecutionContextFactory(credentialSessions) {
 		return new ConnectionCredentialExecutionContextFactory(credentialSessions);
 	}
-	/**
-	* Produces a plain JSON Schema object (`draft-07`) from a Zod schema, as needed by
-	* OpenAI tool-parameter schemas and the structured-output repair prompt.
-	* - Prefers the schema's **instance** `toJSONSchema(...)` method so we stay inside the Zod
-	*   instance that created the schema (works across consumer/framework tsx namespaces — see
-	*   {@link ZodInstanceToJsonSchema}). Falls back to the framework-imported module function.
-	* - Strips root `$schema` (OpenAI ignores it).
-	* - Sanitizes `required` for cfworker json-schema compatibility (must be a string array or absent).
-	*/
 	createJsonSchemaRecord(inputSchema, options) {
 		const { $schema: _draftSchemaOmitted,...rest } = this.convertZodSchemaToJsonSchema(inputSchema, { target: "draft-07" });
 		if (options.requireObjectRoot && rest.type !== "object") throw new Error(`Cannot create tool "${options.schemaName}": tool input schema must be a JSON Schema object type (got type=${String(rest.type)}).`);
@@ -4190,20 +4047,11 @@ let AIAgentExecutionHelpersFactory = class AIAgentExecutionHelpersFactory$1 {
 		this.sanitizeJsonSchemaRequiredKeywordsForCfworker(rest);
 		return rest;
 	}
-	/**
-	* Runs Zod's `toJSONSchema` via the schema's own instance method when available, so consumer
-	* schemas loaded under a different tsx namespace still convert correctly. If the caller handed us
-	* a payload that lacks that method (e.g. a plain JSON Schema record or a Zod instance whose
-	* prototype was stripped), we fall back to the framework-bundled module function.
-	*/
 	convertZodSchemaToJsonSchema(inputSchema, params) {
 		const candidate = inputSchema.toJSONSchema;
 		if (typeof candidate === "function") return candidate.call(inputSchema, params);
 		return toJSONSchema(inputSchema, params);
 	}
-	/**
-	* `@cfworker/json-schema` iterates `schema.required` with `for...of`; it must be a string array or absent.
-	*/
 	sanitizeJsonSchemaRequiredKeywordsForCfworker(node$1) {
 		if (!node$1 || typeof node$1 !== "object" || Array.isArray(node$1)) return;
 		const o = node$1;
@@ -4350,11 +4198,6 @@ var OpenAIChatModelConfig = class {
 
 //#endregion
 //#region src/chatModels/OpenAiChatModelPresetsFactory.ts
-/**
-* Default OpenAI chat model configs for scaffolds and demos (icon + label match {@link OpenAIChatModelConfig} defaults).
-* Prefer importing {@link openAiChatModelPresets} from here or from the consumer template re-export
-* instead of repeating {@link OpenAIChatModelConfig} construction in app workflows.
-*/
 var OpenAiChatModelPresets = class {
 	demoGpt4oMini = new OpenAIChatModelConfig("OpenAI", "gpt-4o-mini");
 	demoGpt41 = new OpenAIChatModelConfig("OpenAI", "gpt-4.1");
@@ -4363,19 +4206,6 @@ const openAiChatModelPresets = new OpenAiChatModelPresets();
 
 //#endregion
 //#region src/chatModels/ManagedHmacSignerFactory.types.ts
-/**
-* Creates an HMAC-signing fetch wrapper that authenticates requests to
-* Codemation managed services (LLM broker, doc-scanner) with the
-* Codemation-Hmac v=1 scheme.
-*
-* Mirrors HmacRequestSigner from @codemation/host/pairing without importing
-* that package (which would create a circular dependency since @codemation/host
-* depends on @codemation/core-nodes).
-*
-* @param workspaceId   - Workspace identifier injected by the CP provisioner.
-* @param pairingSecret - Base64-encoded 32-byte HMAC key injected by the provisioner.
-* @param options       - Optional behaviour flags and test seams.
-*/
 function managedHmacFetchFactory(workspaceId, pairingSecret, options) {
 	const signBody = options?.signBody ?? true;
 	return async (input, init) => {
@@ -4394,10 +4224,6 @@ function managedHmacFetchFactory(workspaceId, pairingSecret, options) {
 		});
 	};
 }
-/**
-* Produces a Codemation-Hmac v=1 Authorization header value.
-* Algorithm must match HmacVerifier.computeSignature() in the control-plane.
-*/
 function buildHmacAuthHeader(workspaceId, pairingSecret, method, url, body, overrides) {
 	const ts = overrides?.now ? overrides.now() : Math.floor(Date.now() / 1e3);
 	const nonce = overrides?.nonce ? overrides.nonce() : randomBytes(16).toString("base64");
@@ -4458,21 +4284,137 @@ var CodemationChatModelConfig = class {
 	}
 };
 
+//#endregion
+//#region src/nodes/AgentToolResultContentFactory.ts
+const MAX_INLINE_BYTES = 8 * 1024 * 1024;
+const KNOWN_MCP_BLOCK_TYPES = new Set([
+	"text",
+	"image",
+	"audio",
+	"resource",
+	"resource_link"
+]);
+var AgentToolResultContentFactory = class AgentToolResultContentFactory {
+	static tryMapToContentOutput(result) {
+		const blocks = AgentToolResultContentFactory.contentBlocks(result);
+		if (blocks === void 0) return void 0;
+		const parts = [];
+		let inlinedBytes = 0;
+		for (const block of blocks) {
+			const mapped = AgentToolResultContentFactory.mapBlock(block, inlinedBytes);
+			parts.push(mapped.part);
+			inlinedBytes += mapped.bytes;
+		}
+		return parts;
+	}
+	static contentBlocks(result) {
+		if (result === null || typeof result !== "object") return void 0;
+		const content = result.content;
+		if (!Array.isArray(content) || content.length === 0) return void 0;
+		if (!content.every((block) => block !== null && typeof block === "object" && typeof block.type === "string")) return void 0;
+		return content.some((block) => KNOWN_MCP_BLOCK_TYPES.has(block.type)) ? content : void 0;
+	}
+	static mapBlock(block, inlinedBytesSoFar) {
+		const type = block.type;
+		if (type === "text" && typeof block.text === "string") return {
+			part: {
+				type: "text",
+				text: block.text
+			},
+			bytes: 0
+		};
+		if (type === "image" && typeof block.data === "string" && typeof block.mimeType === "string") return AgentToolResultContentFactory.mapBinary({
+			base64: block.data,
+			mediaType: block.mimeType,
+			inlinedBytesSoFar
+		});
+		if (type === "resource" && block.resource) return AgentToolResultContentFactory.mapEmbeddedResource(block.resource, inlinedBytesSoFar);
+		if (type === "resource_link" && typeof block.uri === "string") {
+			const mime = typeof block.mimeType === "string" ? ` (${block.mimeType})` : "";
+			return {
+				part: {
+					type: "text",
+					text: `[linked resource: ${block.uri}${mime}]`
+				},
+				bytes: 0
+			};
+		}
+		return {
+			part: {
+				type: "text",
+				text: `[unsupported tool content block: ${String(type)}]`
+			},
+			bytes: 0
+		};
+	}
+	static mapEmbeddedResource(resource, inlinedBytesSoFar) {
+		if (typeof resource.text === "string") return {
+			part: {
+				type: "text",
+				text: resource.text
+			},
+			bytes: 0
+		};
+		if (typeof resource.blob === "string" && typeof resource.mimeType === "string") return AgentToolResultContentFactory.mapBinary({
+			base64: resource.blob,
+			mediaType: resource.mimeType,
+			filename: typeof resource.name === "string" ? resource.name : void 0,
+			inlinedBytesSoFar
+		});
+		return {
+			part: {
+				type: "text",
+				text: `[embedded resource: ${typeof resource.uri === "string" ? resource.uri : "unknown"}]`
+			},
+			bytes: 0
+		};
+	}
+	static mapBinary(args) {
+		const rawBytes = Math.floor(args.base64.length * 3 / 4);
+		if (args.inlinedBytesSoFar + rawBytes > MAX_INLINE_BYTES) {
+			const name = args.filename ? ` "${args.filename}"` : "";
+			const kb = Math.round(rawBytes / 1024);
+			return {
+				part: {
+					type: "text",
+					text: `[binary${name} (${args.mediaType}, ~${kb} KB) omitted: exceeds the per-tool-result inline limit]`
+				},
+				bytes: 0
+			};
+		}
+		if (args.mediaType.startsWith("image/")) return {
+			part: {
+				type: "image-data",
+				data: args.base64,
+				mediaType: args.mediaType
+			},
+			bytes: rawBytes
+		};
+		if (args.mediaType === "application/pdf") return {
+			part: {
+				type: "file-data",
+				data: args.base64,
+				mediaType: args.mediaType,
+				...args.filename ? { filename: args.filename } : {}
+			},
+			bytes: rawBytes
+		};
+		return {
+			part: {
+				type: "text",
+				text: `[binary${args.filename ? ` "${args.filename}"` : ""} (${args.mediaType}) not inlined: unsupported by the model]`
+			},
+			bytes: 0
+		};
+	}
+};
+
 //#endregion
 //#region src/nodes/AgentMessageFactory.ts
-/**
-* AI-SDK-shaped message construction for the AIAgent stack. Emits plain `ModelMessage[]`
-* ( `{ role: 'system' | 'user' | 'assistant' | 'tool', content: ... }` ) as consumed by
-* `generateText({ messages })` from the `ai` package.
-*/
 var AgentMessageFactory = class AgentMessageFactory {
 	static createPromptMessages(messages) {
 		return messages.map((message) => this.createPromptMessage(message));
 	}
-	/**
-	* Builds the assistant message that contains optional text plus one or more tool-call parts,
-	* matching the shape AI SDK emits between steps.
-	*/
 	static createAssistantWithToolCalls(text, toolCalls) {
 		const content = [];
 		if (text && text.length > 0) content.push({
@@ -4490,24 +4432,30 @@ var AgentMessageFactory = class AgentMessageFactory {
 			content
 		};
 	}
-	/**
-	* Builds the `{ role: "tool", content: [{ type: "tool-result", ... }, ...] }` message returned
-	* to the model after each tool round.
-	*/
-	static createToolResultsMessage(executedToolCalls) {
+	static createToolResultsMessage(executedToolCalls, passToolBinariesToModel = true) {
 		return {
 			role: "tool",
 			content: executedToolCalls.map((executed) => ({
 				type: "tool-result",
 				toolCallId: executed.toolCallId,
 				toolName: executed.toolName,
-				output: {
-					type: "json",
-					value: AgentMessageFactory.toToolResultJson(executed.result)
-				}
+				output: AgentMessageFactory.toToolResultOutput(executed.result, passToolBinariesToModel)
 			}))
 		};
 	}
+	static toToolResultOutput(result, passToolBinariesToModel) {
+		if (passToolBinariesToModel) {
+			const content = AgentToolResultContentFactory.tryMapToContentOutput(result);
+			if (content !== void 0) return {
+				type: "content",
+				value: content
+			};
+		}
+		return {
+			type: "json",
+			value: AgentMessageFactory.toToolResultJson(result)
+		};
+	}
 	static toToolResultJson(value) {
 		if (value === void 0) return null;
 		try {
@@ -5304,10 +5252,6 @@ let AgentStructuredOutputRunner = class AgentStructuredOutputRunner$1 {
 		}
 		throw new Error(`Structured output required for AIAgent "${args.agentName}" (${args.nodeId}) but validation still failed after ${_AgentStructuredOutputRunner.repairAttemptCount} repair attempts: ${failure.validationError}`);
 	}
-	/**
-	* Chooses strict mode for OpenAI chat-model configs, off otherwise.  Extendable in future for
-	* other providers that adopt the same "supply a JSON Schema record directly" contract.
-	*/
 	resolveStructuredOutputOptions(chatModelConfig) {
 		if (chatModelConfig.type !== OpenAIChatModelFactory) return;
 		return {
@@ -5790,10 +5734,6 @@ let AgentToolExecutionCoordinator = class AgentToolExecutionCoordinator$1 {
 	extractErrorDetails(error) {
 		return error.details;
 	}
-	/**
-	* Extracts the text content from the last assistant message in the conversation snapshot.
-	* Used to populate `agentReasoning` in the HITL suspension metadata.
-	*/
 	extractLastAssistantText(conversation) {
 		for (let i = conversation.length - 1; i >= 0; i--) {
 			const msg = conversation[i];
@@ -5828,16 +5768,6 @@ AgentToolExecutionCoordinator = __decorate([
 
 //#endregion
 //#region src/nodes/AgentBinaryContentFactory.ts
-/**
-* Turns resolved file binaries into native AI SDK multimodal content parts and merges them into the
-* agent prompt. Images (`image/*`) become {@link ImagePart}s; every other type (PDFs, office docs,
-* CSV, JSON, …) becomes a {@link FilePart}. The provider maps these to its wire-level `image` /
-* `document` blocks; an unsupported file type surfaces as a provider error at runtime.
-*
-* Parts are appended to the LAST user message so the binary travels alongside the author's prompt
-* text (preserving any untrusted-source preamble that already wrapped that text). When no user
-* message exists, a new user message carrying only the binaries is appended.
-*/
 var AgentBinaryContentFactory = class AgentBinaryContentFactory {
 	static toContentPart(binary) {
 		if (binary.mediaType.startsWith("image/")) return {
@@ -5916,20 +5846,6 @@ let NodeBackedToolRuntime = class NodeBackedToolRuntime$1 {
 			outputs
 		});
 	}
-	/**
-	* Returns a re-rooted child ctx for nested-agent tools (so their LLM/tool connection ids derive
-	* from the tool connection node, telemetry parents under the tool-call span, and connection
-	* invocations carry `parentInvocationId`). Plain runnable tools (non-agent) keep the orchestrator
-	* ctx with only `config` swapped — no nesting concern.
-	*
-	* The caller (`AIAgentNode.createItemScopedTools`) already wraps the orchestrator ctx via
-	* `ConnectionCredentialExecutionContextFactory.forConnectionNode`, so `args.ctx.nodeId` is the
-	* tool's own connection node id (e.g. `AIAgentNode:2__conn__tool__searchInMail`). We pass that
-	* through as the sub-agent's `nodeId`; deriving another `toolConnectionNodeId(args.ctx.nodeId,
-	* config.name)` here would prepend a duplicate `__conn__tool__<name>` segment and exponentially
-	* deepen ids on each invocation, which also breaks credential resolution because user-provided
-	* bindings sit on the single-level connection node id.
-	*/
 	resolveNodeCtx(config$1, args) {
 		const isNestedAgent = AgentConfigInspector.isAgentNodeConfig(config$1.node);
 		const hooks = args.hooks;
@@ -5994,22 +5910,12 @@ NodeBackedToolRuntime = __decorate([
 
 //#endregion
 //#region src/nodes/BM25Index.ts
-/**
-* Minimal BM25 (Okapi BM25) implementation for indexing MCP tool descriptions.
-*
-* Parameters: k1=1.5, b=0.75 (standard defaults).
-* Tokenisation: lowercase, split on non-alphanumerics, filter empties.
-*/
 var BM25Index = class {
 	k1 = 1.5;
 	b = .75;
 	tf = [];
 	df = /* @__PURE__ */ new Map();
 	avgDocLen = 0;
-	/**
-	* Add all documents at once. After calling this, search is available.
-	* Documents are indexed in insertion order; search returns their indices.
-	*/
 	add(docs) {
 		const docTerms = docs.map((d) => this.tokenize(d));
 		let totalLen = 0;
@@ -6022,10 +5928,6 @@ var BM25Index = class {
 		}
 		this.avgDocLen = docTerms.length > 0 ? totalLen / docTerms.length : 0;
 	}
-	/**
-	* Returns up to `limit` document indices ranked by BM25 score (highest first).
-	* Returns an empty array if the index is empty or the query matches nothing.
-	*/
 	search(query, limit) {
 		const n = this.tf.length;
 		if (n === 0) return [];
@@ -6066,26 +5968,12 @@ const PINNED_TOOLS_SOFT_LIMIT = 8;
 const PINNED_TOOLS_HARD_LIMIT = 16;
 const FIND_TOOLS_NAME = "find_tools";
 const FIND_TOOLS_DEFAULT_LIMIT = 5;
-/**
-* Default tool-loading strategy: BM25-indexed MCP tool deferral via a `find_tools` meta-tool.
-*
-* - Node-backed tools and pinned MCP tools are always included in every turn.
-* - `find_tools(query, limit?)` is added to the tool set when MCP tools are indexed.
-* - Tools surfaced by `find_tools` are included in subsequent turns.
-*
-* Not DI-managed; instantiated per agent execution by DeferredMetaToolStrategyFactory.
-*/
 var DeferredMetaToolStrategy = class {
 	nodeBackedTools = {};
 	pinnedTools = {};
 	mcpEntries = [];
 	toolsByServerId = /* @__PURE__ */ new Map();
 	foundToolIds = /* @__PURE__ */ new Set();
-	/**
-	* `jsonSchema` from the `ai` SDK, loaded lazily in {@link initialize} so the SDK
-	* (~28MB RSS) stays off the boot path. `initialize` always runs before the sync
-	* `getToolsForTurn` → `buildFindToolsDefinition` path, so this is set before use.
-	*/
 	jsonSchema;
 	constructor(bm25, warnFn) {
 		this.bm25 = bm25;
@@ -6233,11 +6121,6 @@ let AIAgentNode = class AIAgentNode$1 {
 	inputSchema = unknown();
 	connectionCredentialExecutionContextFactory;
 	preparedByExecutionContext = /* @__PURE__ */ new WeakMap();
-	/**
-	* The `ai` SDK, loaded lazily in {@link execute} so the SDK (~28MB RSS) stays
-	* off the boot path — non-AI workflows never load it. Every path runs through
-	* `execute` → `ensureAiSdk` before any sync helper touches `this.aiSdk`.
-	*/
 	aiSdk;
 	aiSdkPromise = null;
 	constructor(nodeResolver, credentialSessions, nodeBackedToolRuntime, executionHelpers, structuredOutputRunner, toolExecutionCoordinator, toolLoadingStrategyFactory, agentMcpIntegration) {
@@ -6261,15 +6144,9 @@ let AIAgentNode = class AIAgentNode$1 {
 		};
 		return (await this.runAgentForItem(prepared, itemWithMappedJson, args.itemIndex, args.items)).json;
 	}
-	/** Load the `ai` SDK once per node instance (cached promise guards concurrent items). */
 	async ensureAiSdk() {
 		this.aiSdk = await (this.aiSdkPromise ??= import("ai"));
 	}
-	/**
-	* Resume path: re-enters the agent loop after a HITL suspension.
-	* Reconstructs the conversation from the checkpoint, injects the human decision
-	* as a tool_result, and continues the loop from where it suspended.
-	*/
 	async executeResumed(args, resumeContext) {
 		const { ctx } = args;
 		const taskMetadata = resumeContext.task.metadata ?? {};
@@ -6296,7 +6173,7 @@ let AIAgentNode = class AIAgentNode$1 {
 			result: decision,
 			serialized: JSON.stringify(decision)
 		};
-		const conversation = [...checkpoint.conversation, AgentMessageFactory.createToolResultsMessage([toolResultEntry])];
+		const conversation = [...checkpoint.conversation, AgentMessageFactory.createToolResultsMessage([toolResultEntry], ctx.config.passToolBinariesToModel !== false)];
 		const loopResult = await this.runTurnLoopUntilFinalAnswer({
 			prepared,
 			itemInputsByPort,
@@ -6316,10 +6193,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		const outputJson = await this.resolveFinalOutputJson(prepared, itemInputsByPort, conversation, loopResult.finalText, itemScopedTools.length > 0);
 		return this.buildOutputItem(item, outputJson).json;
 	}
-	/**
-	* Normalizes a {@link ResumeContext} decision into a flat JSON-serializable shape
-	* suitable for injection as a tool_result content.
-	*/
 	normalizeDecision(resumeContext) {
 		const { decision } = resumeContext;
 		if (decision.kind === "decided") {
@@ -6446,16 +6319,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		const outputJson = await this.resolveFinalOutputJson(prepared, itemInputsByPort, conversation, loopResult.finalText, itemScopedTools.length > 0);
 		return this.buildOutputItem(item, outputJson);
 	}
-	/**
-	* Multi-turn loop:
-	* - Each turn is a single `generateText` call with tools exposed but **not auto-executed**
-	*   (we control tool dispatch so that {@link AgentToolExecutionCoordinator} drives repair /
-	*   connection-invocation recording / transient-error handling exactly like before).
-	* - When the model returns no tool calls the loop ends with the model's text as the final answer.
-	* - Respects `guardrails.maxTurns` and `guardrails.onTurnLimitReached`.
-	* - Strategy-owned tool calls (e.g. `find_tools`) are dispatched via the strategy, not the
-	*   coordinator; their results are tracked so subsequent turns receive the discovered tools.
-	*/
 	async runTurnLoopUntilFinalAnswer(args) {
 		const { prepared, itemInputsByPort, itemScopedTools, conversation } = args;
 		const { ctx, guardrails, toolLoadingStrategy } = prepared;
@@ -6463,7 +6326,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		let toolCallCount = args.resumedToolCallCount ?? 0;
 		let turnCount = 0;
 		const repairAttemptsByToolName = /* @__PURE__ */ new Map();
-		/** Tool IDs surfaced by find_tools across all prior turns in this item run. */
 		let previousFoundToolIds = [];
 		for (let turn = 1; turn <= guardrails.maxTurns; turn++) {
 			turnCount = turn;
@@ -6516,7 +6378,7 @@ let AIAgentNode = class AIAgentNode$1 {
 				coordinatorExecutedCalls.push(...executed);
 			}
 			const allExecutedCalls = [...strategyExecutedCalls, ...coordinatorExecutedCalls];
-			this.appendAssistantAndToolMessages(conversation, result.assistantMessage, result.text, result.toolCalls, allExecutedCalls);
+			this.appendAssistantAndToolMessages(conversation, result.assistantMessage, result.text, result.toolCalls, allExecutedCalls, ctx.config.passToolBinariesToModel !== false);
 		}
 		return {
 			finalText,
@@ -6531,8 +6393,8 @@ let AIAgentNode = class AIAgentNode$1 {
 		if (guardrails.onTurnLimitReached === "respondWithLastMessage") return;
 		throw new Error(`AIAgent "${ctx.config.name ?? ctx.nodeId}" reached maxTurns=${guardrails.maxTurns} before producing a final response.`);
 	}
-	appendAssistantAndToolMessages(conversation, assistantMessage, text, toolCalls, executedToolCalls) {
-		conversation.push(assistantMessage ?? AgentMessageFactory.createAssistantWithToolCalls(text, toolCalls), AgentMessageFactory.createToolResultsMessage(executedToolCalls));
+	appendAssistantAndToolMessages(conversation, assistantMessage, text, toolCalls, executedToolCalls, passToolBinariesToModel) {
+		conversation.push(assistantMessage ?? AgentMessageFactory.createAssistantWithToolCalls(text, toolCalls), AgentMessageFactory.createToolResultsMessage(executedToolCalls, passToolBinariesToModel));
 	}
 	async resolveFinalOutputJson(prepared, itemInputsByPort, conversation, finalText, wasToolEnabledRun) {
 		if (!prepared.ctx.config.outputSchema) return AgentOutputFactory.fromAgentContent(finalText);
@@ -6593,12 +6455,6 @@ let AIAgentNode = class AIAgentNode$1 {
 			};
 		});
 	}
-	/**
-	* Resolves the HITL behavior for a tool binding, or `undefined` when it is not a HITL tool.
-	* A binding is HITL if either the backing node carries a `defineHumanApprovalNode` marker or the
-	* binding sets a per-binding `onRejected` via `asTool(..., { onRejected })`. The per-binding value
-	* wins over the node marker, so two tools backed by the same node can reject differently.
-	*/
 	resolveHumanApprovalBehavior(config$1) {
 		if (!this.isNodeBackedToolConfig(config$1)) return void 0;
 		const marker = config$1.node.humanApprovalToolBehavior;
@@ -6606,11 +6462,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		if (marker === void 0 && perBinding === void 0) return void 0;
 		return { onRejected: perBinding ?? marker?.onRejected ?? "return" };
 	}
-	/**
-	* Invoke a text turn using the merged tool set from item-scoped tools (coordinator-managed)
-	* and strategy tools (find_tools + discovered MCP tools).
-	* Strategy tools take precedence for names that overlap.
-	*/
 	async invokeTextTurnWithStrategyTools(prepared, itemInputsByPort, messages, itemScopedTools, strategyTools) {
 		const itemToolSet = this.buildToolSet(itemScopedTools);
 		const strategyHasTools = Object.keys(strategyTools).length > 0;
@@ -6621,10 +6472,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		} : void 0;
 		return this.invokeTextTurnWithToolSet(prepared, itemInputsByPort, messages, mergedTools);
 	}
-	/**
-	* Removes `execute` properties from ToolSet entries so the AI SDK does not
-	* auto-execute them within `generateText`. Codemation owns all tool dispatch.
-	*/
 	stripExecuteCallbacks(tools) {
 		const stripped = {};
 		for (const [name, def] of Object.entries(tools)) {
@@ -6633,12 +6480,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		}
 		return stripped;
 	}
-	/**
-	* Builds a ToolSet from resolved tools for strategy initialization.
-	* The strategy uses this for its "always-included" node-backed tool descriptions.
-	* HITL tools (detected via the `humanApprovalToolBehavior` field set by `defineHumanApprovalNode`) get the solo-constraint sentence
-	* appended to their description.
-	*/
 	buildToolSetFromResolved(resolvedTools) {
 		if (resolvedTools.length === 0) return {};
 		const toolSet = {};
@@ -6656,20 +6497,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		}
 		return toolSet;
 	}
-	/**
-	* Builds an AI SDK {@link ToolSet} where every tool ships a pre-converted JSON Schema (via
-	* {@link jsonSchema}) — not the raw Zod schema — and carries **no** `execute`. Two reasons:
-	*
-	* 1. Codemation owns tool dispatch + the per-tool repair loop (see {@link AgentToolExecutionCoordinator}),
-	*    so the AI SDK must surface tool calls back to us instead of auto-running them.
-	* 2. The AI SDK's `asSchema` helper discriminates between Zod v3 / Zod v4 / Standard Schema via
-	*    runtime feature-detection (`~standard`, `_zod`, etc.). Handing it a pre-built
-	*    {@link jsonSchema} record — which is tagged with `Symbol.for('vercel.ai.schema')` — skips all
-	*    of that detection and guarantees the provider receives a draft-07 JSON Schema with
-	*    `additionalProperties: false` at every object depth (see {@link OpenAiStrictJsonSchemaFactory}
-	*    for the same logic applied to structured-output schemas). Codemation still runs its own Zod
-	*    validation on tool inputs before execute — the schema handed to the model is advisory.
-	*/
 	buildToolSet(itemScopedTools) {
 		if (itemScopedTools.length === 0) return void 0;
 		const toolSet = {};
@@ -6687,10 +6514,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		}
 		return toolSet;
 	}
-	/**
-	* One `generateText` turn (no auto tool execution) with Codemation-owned child-span telemetry
-	* and connection-invocation state recording. Accepts a pre-built ToolSet.
-	*/
 	async invokeTextTurnWithToolSet(prepared, itemInputsByPort, messages, tools) {
 		const invocationId = ConnectionInvocationIdFactory.create();
 		const startedAt = /* @__PURE__ */ new Date();
@@ -6801,11 +6624,6 @@ let AIAgentNode = class AIAgentNode$1 {
 			});
 		}
 	}
-	/**
-	* Structured-output turn: runs `generateText({ output: Output.object({ schema }) })` via the
-	* structured-output runner.  We keep this as a separate helper because the runner needs the raw
-	* validated value (not just text) back, and must be able to retry on Zod failures.
-	*/
 	async invokeStructuredTurn(prepared, itemInputsByPort, schema, messages, structuredOptions) {
 		const invocationId = ConnectionInvocationIdFactory.create();
 		const startedAt = /* @__PURE__ */ new Date();
@@ -6930,13 +6748,6 @@ let AIAgentNode = class AIAgentNode$1 {
 			providerOptions: overrides?.providerOptions ?? defaults.providerOptions
 		};
 	}
-	/**
-	* Build a no-code-friendly output payload for an LLM round.
-	*
-	* Always includes `content` (matching the canvas snapshot shape used elsewhere) and adds a
-	* `toolCalls` array when the round produced tool calls so the execution inspector surfaces the
-	* planned calls instead of just an empty `""` for tool-only rounds.
-	*/
 	summarizeTurnOutput(turnResult) {
 		if (turnResult.toolCalls.length === 0) return { content: turnResult.text };
 		const toolCalls = turnResult.toolCalls.map((toolCall) => ({
@@ -7139,12 +6950,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		const binaries = await this.resolveInlineBinaries(attachments, ctx);
 		return AgentBinaryContentFactory.withBinaries(promptMessages, binaries);
 	}
-	/**
-	* Picks which attachments feed the passdown. When the author supplies `config.binaries`
-	* (a static array or a per-item function — e.g. to forward binaries from an earlier node),
-	* those replace the current item's attachments; otherwise the current item's `item.binary`
-	* is used.
-	*/
 	selectBinaryAttachments(item, itemIndex, items, ctx) {
 		const manual = ctx.config.binaries;
 		if (manual !== void 0) return typeof manual === "function" ? manual({
@@ -7155,14 +6960,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		}) : manual;
 		return item.binary ? Object.values(item.binary) : [];
 	}
-	/**
-	* Reads every attachment through `ctx.binary` (storage-backed, by reference — never base64 on
-	* `item.json`) and resolves it to inline base64 so the agent can pass it to the chat model as a
-	* native multimodal block. Images become image blocks; every other type (PDF, office docs, CSV,
-	* JSON, …) becomes a file block — we don't filter by media type, so any binary can be fed to the
-	* model. If the provider rejects an unsupported type the error surfaces at runtime, and the
-	* workflow can filter the binary upstream.
-	*/
 	async resolveInlineBinaries(attachments, ctx) {
 		const resolved = [];
 		for (const attachment of attachments) {
@@ -7175,12 +6972,6 @@ let AIAgentNode = class AIAgentNode$1 {
 		}
 		return resolved;
 	}
-	/**
-	* When `item.json.__source` matches an entry in `config.untrustedSources`
-	* (default: `["gmail", "ocr", "webhook"]`), wraps every user-role message
-	* content with an untrusted-external-source preamble so the LLM treats the
-	* content as data, not instructions.
-	*/
 	wrapUntrustedSourceMessages(messages, item, config$1) {
 		const source = item.json !== null && typeof item.json === "object" ? item.json.__source : void 0;
 		if (typeof source !== "string") return messages;
@@ -7273,10 +7064,6 @@ AIAgentNode = __decorate([
 
 //#endregion
 //#region src/nodes/AIAgentConfig.ts
-/**
-* AI agent: credential bindings are keyed to connection-owned LLM/tool node ids (ConnectionNodeIdFactory),
-* not to the agent workflow node id.
-*/
 var AIAgent = class {
 	kind = "node";
 	type = AIAgentNode;
@@ -7296,6 +7083,7 @@ var AIAgent = class {
 	pinnedMcpTools;
 	untrustedSources;
 	passBinariesToModel;
+	passToolBinariesToModel;
 	binaries;
 	constructor(options) {
 		this.name = options.name;
@@ -7312,6 +7100,7 @@ var AIAgent = class {
 		this.pinnedMcpTools = options.pinnedMcpTools;
 		this.untrustedSources = options.untrustedSources;
 		this.passBinariesToModel = options.passBinariesToModel;
+		this.passToolBinariesToModel = options.passToolBinariesToModel;
 		this.binaries = options.binaries;
 	}
 	inspectorSummary() {
@@ -7372,11 +7161,6 @@ AssertionNode = __decorate([node({ packageName: "@codemation/core-nodes" })], As
 
 //#endregion
 //#region src/nodes/assertion.ts
-/**
-* Generic assertion node — the "callback" form. For declarative shorthands (StringEquals,
-* JudgeByAgent) compose this with helpers added in later phases. Sets `emitsAssertions: true`
-* so host-side persisters know to record its outputs as `TestAssertion` rows.
-*/
 var Assertion = class {
 	kind = "node";
 	type = AssertionNode;
@@ -7639,17 +7423,12 @@ HttpRequestNode = __decorate([node({ packageName: "@codemation/core-nodes" })],
 
 //#endregion
 //#region src/nodes/httpRequest.ts
-/**
-* The built-in HTTP request credential type IDs accepted by the `HttpRequest` node.
-* These match the four generic credential types shipped with `@codemation/core-nodes`.
-*/
 const HTTP_REQUEST_ACCEPTED_CREDENTIAL_TYPES = [
 	bearerTokenCredentialType.definition.typeId,
 	apiKeyCredentialType.definition.typeId,
 	basicAuthCredentialType.definition.typeId,
 	oauth2ClientCredentialsType.definition.typeId
 ];
-/** Default maximum response size for binary mode: 100 MiB. */
 const DEFAULT_RESPONSE_SIZE_CAP_BYTES = 100 * 1024 * 1024;
 var HttpRequest = class {
 	kind = "node";
@@ -7818,9 +7597,6 @@ var Filter = class {
 function getOriginIndex(item) {
 	return getOriginIndexFromItem(item);
 }
-/**
-* Tags items routed to fan-in merge-by-origin (same contract as {@link IfNode} / {@link SwitchNode}).
-*/
 function tagItemForRouterFanIn(args) {
 	const { item, itemIndex, nodeId, inputPortLabel = "$in" } = args;
 	const metaBase = item.meta && typeof item.meta === "object" ? item.meta : {};
@@ -7911,10 +7687,6 @@ IsTestRunNode = __decorate([node({ packageName: "@codemation/core-nodes" })], Is
 
 //#endregion
 //#region src/nodes/isTestRun.ts
-/**
-* Branches per-item on whether the current run is a test run. Output ports: `true`, `false`.
-* The wire payload is unchanged — this is a router, not a transform.
-*/
 var IsTestRun = class {
 	kind = "node";
 	type = IsTestRunNode;
@@ -7998,10 +7770,6 @@ var Split = class {
 	type = SplitNode;
 	execution = { hint: "local" };
 	keepBinaries = true;
-	/**
-	* When splitting yields zero items for a batch, downstream single-input nodes still run once with an empty batch.
-	* Mirrors {@link MapData}'s empty-output behavior.
-	*/
 	continueWhenEmptyOutput = true;
 	icon = "builtin:split-rows";
 	id;
@@ -8055,15 +7823,6 @@ CronTriggerNode = __decorate([node({ packageName: "@codemation/core-nodes" })],
 
 //#endregion
 //#region src/nodes/CronTriggerFactory.ts
-/**
-* Schedules a workflow on a standard cron expression.
-*
-* Each tick emits one item: `{ firedAt: string, scheduledFor: string }` — both ISO-8601 timestamps.
-* `firedAt` is the wall-clock moment the callback ran; `scheduledFor` is the cron-computed
-* firing instant (these differ when the job was delayed).
-*
-* Timezone defaults to UTC when omitted — cron without an explicit TZ is a DST footgun.
-*/
 var CronTrigger = class {
 	kind = "trigger";
 	type = CronTriggerNode;
@@ -8134,7 +7893,6 @@ var ManualTrigger = class ManualTrigger {
 	defaultItems;
 	id;
 	description;
-	/** Manual runs often emit an empty batch; still schedule downstream by default. */
 	continueWhenEmptyOutput = true;
 	constructor(name = "Manual trigger", defaultItemsOrId, idOrOptions) {
 		this.name = name;
@@ -8189,7 +7947,6 @@ var MapData = class {
 	kind = "node";
 	type = MapDataNode;
 	execution = { hint: "local" };
-	/** Zero mapped items should still allow downstream nodes to run. */
 	continueWhenEmptyOutput = true;
 	icon = "lucide:square-pen";
 	keepBinaries;
@@ -8422,11 +8179,6 @@ TestTriggerNode = __decorate([node({ packageName: "@codemation/core-nodes" })],
 
 //#endregion
 //#region src/nodes/testTrigger.ts
-/**
-* Trigger config for a test fixture source. Drop one (or more) of these on the canvas alongside
-* a workflow's live triggers; clicking "Run tests" on the Tests tab invokes
-* {@link TestTriggerOptions.generateItems} via the TestSuiteOrchestrator.
-*/
 var TestTrigger = class {
 	kind = "trigger";
 	triggerKind = "test";
@@ -8500,7 +8252,6 @@ var Wait = class {
 	kind = "node";
 	type = WaitNode;
 	execution = { hint: "local" };
-	/** Pass-through empty batches should still advance to downstream nodes. */
 	continueWhenEmptyOutput = true;
 	icon = "lucide:hourglass";
 	id;
@@ -8602,6 +8353,39 @@ var WebhookTrigger = class WebhookTrigger {
 	}
 };
 
+//#endregion
+//#region src/nodes/schedulePollingTrigger.ts
+const schedulePollingTrigger = definePollingTrigger({
+	key: "schedule.interval",
+	packageName: "@codemation/core-nodes",
+	title: "Run on schedule",
+	description: "Emit one tick item on every poll cycle.",
+	icon: "lucide:clock",
+	pollIntervalMs: 6e4,
+	initialState() {
+		return { tick: 0 };
+	},
+	poll({ state }) {
+		const tick = (state ?? { tick: 0 }).tick + 1;
+		return {
+			items: [{ json: {
+				firedAt: (/* @__PURE__ */ new Date()).toISOString(),
+				tick
+			} }],
+			nextState: { tick }
+		};
+	},
+	execute(items) {
+		return { main: items };
+	},
+	testItems() {
+		return [{ json: {
+			firedAt: (/* @__PURE__ */ new Date()).toISOString(),
+			tick: 0
+		} }];
+	}
+});
+
 //#endregion
 //#region src/nodes/ConnectionCredentialNode.ts
 let ConnectionCredentialNode = class ConnectionCredentialNode$1 {
@@ -8615,11 +8399,6 @@ ConnectionCredentialNode = __decorate([node({ packageName: "@codemation/core-nod
 
 //#endregion
 //#region src/register.types.ts
-/**
-* Registrar for built-in nodes. In a real project, this would use tsyringe's
-* container.registerSingleton(...). For the skeleton we keep it token-based:
-* the engine resolves node implementations by class token.
-*/
 function registerCoreNodes(container) {}
 
 //#endregion
@@ -8848,9 +8627,6 @@ function workflow(id) {
 
 //#endregion
 //#region src/workflows/AIAgentConnectionWorkflowExpander.ts
-/**
-* Materializes connection-owned child nodes and {@link WorkflowDefinition.connections} for AI agent nodes.
-*/
 var AIAgentConnectionWorkflowExpander = class {
 	constructor(connectionCredentialNodeConfigFactory, mcpServerResolver) {
 		this.connectionCredentialNodeConfigFactory = connectionCredentialNodeConfigFactory;
@@ -9118,16 +8894,6 @@ const collectionDeleteNode = defineNode({
 function resolveSubjectField(field, item) {
 	return typeof field === "function" ? field({ item }) : field;
 }
-/**
-* Auto-detecting inbox approval node.
-*
-* Uses `ctx.resolve(InboxChannelResolverToken)` to pick the right inbox channel
-* at runtime:
-* - In managed mode (PairingConfig present): routes to the control-plane inbox.
-* - Otherwise: routes to the local inbox.
-*
-* Authors use this node directly; no extra wiring needed per deployment mode.
-*/
 const inboxApproval = defineHumanApprovalNode({
 	key: "inbox.approval",
 	title: "Inbox Approval",
@@ -9281,5 +9047,5 @@ const codemationDocumentScannerNode = defineNode({
 });
 
 //#endregion
-export { AIAgent, AIAgentConnectionWorkflowExpander, AIAgentExecutionHelpersFactory, AIAgentNode, AgentItemPortMap, AgentMessageFactory, AgentOutputFactory, AgentStructuredOutputRepairPromptFactory, AgentStructuredOutputRunner, AgentToolCallPortMap, AgentToolErrorClassifier, AgentToolExecutionCoordinator, AgentToolRepairExhaustedError, AgentToolRepairPolicy, Aggregate, AggregateNode, Assertion, AssertionNode, BM25Index, Callback, CallbackNode, CallbackResultNormalizer, CodemationChatModelConfig, CodemationChatModelFactory, ConnectionCredentialExecutionContextFactory, ConnectionCredentialNode, ConnectionCredentialNodeConfig, ConnectionCredentialNodeConfigFactory, CronTrigger, CronTriggerNode, DeferredMetaToolStrategy, DeferredMetaToolStrategyFactory, Filter, FilterNode, HTTP_REQUEST_ACCEPTED_CREDENTIAL_TYPES, HttpRequest, HttpRequestNode, If, IfNode, IsTestRun, IsTestRunNode, ManualTrigger, ManualTriggerNode, MapData, MapDataNode, Merge, MergeNode, NoOp, NoOpNode, OpenAIChatModelConfig, OpenAIChatModelFactory, OpenAiChatModelPresets, OpenAiStrictJsonSchemaFactory, SSRFBlockedError, Split, SplitNode, SsrfGuard, SubWorkflow, SubWorkflowNode, Switch, SwitchNode, TestTrigger, TestTriggerNode, Wait, WaitDuration, WaitNode, WebhookRespondNowAndContinueError, WebhookRespondNowError, WebhookTrigger, WebhookTriggerNode, WorkflowAuthoringBuilder, WorkflowBranchBuilder, WorkflowChain, apiKeyCredentialType, basicAuthCredentialType, bearerTokenCredentialType, codemationDocumentScannerNode, collectionDeleteNode, collectionFindOneNode, collectionGetNode, collectionInsertNode, collectionListNode, collectionUpdateNode, createWorkflowBuilder, defineRestNode, inboxApproval, oauth2ClientCredentialsType, openAiChatModelPresets, registerCoreNodes, workflow };
+export { AIAgent, AIAgentConnectionWorkflowExpander, AIAgentExecutionHelpersFactory, AIAgentNode, AgentItemPortMap, AgentMessageFactory, AgentOutputFactory, AgentStructuredOutputRepairPromptFactory, AgentStructuredOutputRunner, AgentToolCallPortMap, AgentToolErrorClassifier, AgentToolExecutionCoordinator, AgentToolRepairExhaustedError, AgentToolRepairPolicy, Aggregate, AggregateNode, Assertion, AssertionNode, BM25Index, Callback, CallbackNode, CallbackResultNormalizer, CodemationChatModelConfig, CodemationChatModelFactory, ConnectionCredentialExecutionContextFactory, ConnectionCredentialNode, ConnectionCredentialNodeConfig, ConnectionCredentialNodeConfigFactory, CronTrigger, CronTriggerNode, DeferredMetaToolStrategy, DeferredMetaToolStrategyFactory, Filter, FilterNode, HTTP_REQUEST_ACCEPTED_CREDENTIAL_TYPES, HttpRequest, HttpRequestNode, If, IfNode, IsTestRun, IsTestRunNode, ManualTrigger, ManualTriggerNode, MapData, MapDataNode, Merge, MergeNode, NoOp, NoOpNode, OpenAIChatModelConfig, OpenAIChatModelFactory, OpenAiChatModelPresets, OpenAiStrictJsonSchemaFactory, SSRFBlockedError, Split, SplitNode, SsrfGuard, SubWorkflow, SubWorkflowNode, Switch, SwitchNode, TestTrigger, TestTriggerNode, Wait, WaitDuration, WaitNode, WebhookRespondNowAndContinueError, WebhookRespondNowError, WebhookTrigger, WebhookTriggerNode, WorkflowAuthoringBuilder, WorkflowBranchBuilder, WorkflowChain, apiKeyCredentialType, basicAuthCredentialType, bearerTokenCredentialType, codemationDocumentScannerNode, collectionDeleteNode, collectionFindOneNode, collectionGetNode, collectionInsertNode, collectionListNode, collectionUpdateNode, createWorkflowBuilder, defineRestNode, inboxApproval, oauth2ClientCredentialsType, openAiChatModelPresets, registerCoreNodes, schedulePollingTrigger, workflow };
 //# sourceMappingURL=index.js.map