@contractspec/lib.ai-agent 7.0.7 → 7.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/dist/agent/agent-factory.js +26 -1
  2. package/dist/agent/contract-spec-agent.js +26 -1
  3. package/dist/agent/index.js +26 -1
  4. package/dist/agent/json-runner.js +26 -1
  5. package/dist/agent/unified-agent.js +26 -1
  6. package/dist/node/agent/agent-factory.js +26 -1
  7. package/dist/node/agent/contract-spec-agent.js +26 -1
  8. package/dist/node/agent/index.js +26 -1
  9. package/dist/node/agent/json-runner.js +26 -1
  10. package/dist/node/agent/unified-agent.js +26 -1
  11. package/dist/node/session/index.js +26 -1
  12. package/dist/node/session/store.js +26 -1
  13. package/dist/session/index.js +26 -1
  14. package/dist/session/store.js +26 -1
  15. package/dist/session/store.test.d.ts +1 -0
  16. package/package.json +8 -8
package/dist/agent/agent-factory.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/agent/contract-spec-agent.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/agent/index.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/agent/json-runner.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/agent/unified-agent.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/node/agent/agent-factory.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/node/agent/contract-spec-agent.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/node/agent/index.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/node/agent/json-runner.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/node/agent/unified-agent.js CHANGED
@@ -2288,8 +2288,33 @@ class InMemorySessionStore {
2288
2288
  function createInMemorySessionStore(options) {
2289
2289
  return new InMemorySessionStore(options);
2290
2290
  }
2291
+ function createSecureSessionToken() {
2292
+ const cryptoApi = globalThis.crypto;
2293
+ if (typeof cryptoApi?.randomUUID === "function") {
2294
+ return cryptoApi.randomUUID();
2295
+ }
2296
+ if (typeof cryptoApi?.getRandomValues === "function") {
2297
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
2298
+ const versionByte = bytes.at(6);
2299
+ const variantByte = bytes.at(8);
2300
+ if (versionByte === undefined || variantByte === undefined) {
2301
+ throw new Error("Secure session token generation requires 16 random bytes.");
2302
+ }
2303
+ bytes[6] = versionByte & 15 | 64;
2304
+ bytes[8] = variantByte & 63 | 128;
2305
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
2306
+ return [
2307
+ hex.slice(0, 4).join(""),
2308
+ hex.slice(4, 6).join(""),
2309
+ hex.slice(6, 8).join(""),
2310
+ hex.slice(8, 10).join(""),
2311
+ hex.slice(10, 16).join("")
2312
+ ].join("-");
2313
+ }
2314
+ throw new Error("Secure session IDs require Web Crypto support.");
2315
+ }
2291
2316
  function generateSessionId() {
2292
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
2317
+ return `sess_${createSecureSessionToken()}`;
2293
2318
  }
2294
2319
 
2295
2320
  // src/spec/spec.ts
package/dist/node/session/index.js CHANGED
@@ -119,8 +119,33 @@ class InMemorySessionStore {
119
119
  function createInMemorySessionStore(options) {
120
120
  return new InMemorySessionStore(options);
121
121
  }
122
+ function createSecureSessionToken() {
123
+ const cryptoApi = globalThis.crypto;
124
+ if (typeof cryptoApi?.randomUUID === "function") {
125
+ return cryptoApi.randomUUID();
126
+ }
127
+ if (typeof cryptoApi?.getRandomValues === "function") {
128
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
129
+ const versionByte = bytes.at(6);
130
+ const variantByte = bytes.at(8);
131
+ if (versionByte === undefined || variantByte === undefined) {
132
+ throw new Error("Secure session token generation requires 16 random bytes.");
133
+ }
134
+ bytes[6] = versionByte & 15 | 64;
135
+ bytes[8] = variantByte & 63 | 128;
136
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
137
+ return [
138
+ hex.slice(0, 4).join(""),
139
+ hex.slice(4, 6).join(""),
140
+ hex.slice(6, 8).join(""),
141
+ hex.slice(8, 10).join(""),
142
+ hex.slice(10, 16).join("")
143
+ ].join("-");
144
+ }
145
+ throw new Error("Secure session IDs require Web Crypto support.");
146
+ }
122
147
  function generateSessionId() {
123
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
148
+ return `sess_${createSecureSessionToken()}`;
124
149
  }
125
150
  export {
126
151
  generateSessionId,
package/dist/node/session/store.js CHANGED
@@ -119,8 +119,33 @@ class InMemorySessionStore {
119
119
  function createInMemorySessionStore(options) {
120
120
  return new InMemorySessionStore(options);
121
121
  }
122
+ function createSecureSessionToken() {
123
+ const cryptoApi = globalThis.crypto;
124
+ if (typeof cryptoApi?.randomUUID === "function") {
125
+ return cryptoApi.randomUUID();
126
+ }
127
+ if (typeof cryptoApi?.getRandomValues === "function") {
128
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
129
+ const versionByte = bytes.at(6);
130
+ const variantByte = bytes.at(8);
131
+ if (versionByte === undefined || variantByte === undefined) {
132
+ throw new Error("Secure session token generation requires 16 random bytes.");
133
+ }
134
+ bytes[6] = versionByte & 15 | 64;
135
+ bytes[8] = variantByte & 63 | 128;
136
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
137
+ return [
138
+ hex.slice(0, 4).join(""),
139
+ hex.slice(4, 6).join(""),
140
+ hex.slice(6, 8).join(""),
141
+ hex.slice(8, 10).join(""),
142
+ hex.slice(10, 16).join("")
143
+ ].join("-");
144
+ }
145
+ throw new Error("Secure session IDs require Web Crypto support.");
146
+ }
122
147
  function generateSessionId() {
123
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
148
+ return `sess_${createSecureSessionToken()}`;
124
149
  }
125
150
  export {
126
151
  generateSessionId,
package/dist/session/index.js CHANGED
@@ -119,8 +119,33 @@ class InMemorySessionStore {
119
119
  function createInMemorySessionStore(options) {
120
120
  return new InMemorySessionStore(options);
121
121
  }
122
+ function createSecureSessionToken() {
123
+ const cryptoApi = globalThis.crypto;
124
+ if (typeof cryptoApi?.randomUUID === "function") {
125
+ return cryptoApi.randomUUID();
126
+ }
127
+ if (typeof cryptoApi?.getRandomValues === "function") {
128
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
129
+ const versionByte = bytes.at(6);
130
+ const variantByte = bytes.at(8);
131
+ if (versionByte === undefined || variantByte === undefined) {
132
+ throw new Error("Secure session token generation requires 16 random bytes.");
133
+ }
134
+ bytes[6] = versionByte & 15 | 64;
135
+ bytes[8] = variantByte & 63 | 128;
136
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
137
+ return [
138
+ hex.slice(0, 4).join(""),
139
+ hex.slice(4, 6).join(""),
140
+ hex.slice(6, 8).join(""),
141
+ hex.slice(8, 10).join(""),
142
+ hex.slice(10, 16).join("")
143
+ ].join("-");
144
+ }
145
+ throw new Error("Secure session IDs require Web Crypto support.");
146
+ }
122
147
  function generateSessionId() {
123
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
148
+ return `sess_${createSecureSessionToken()}`;
124
149
  }
125
150
  export {
126
151
  generateSessionId,
package/dist/session/store.js CHANGED
@@ -119,8 +119,33 @@ class InMemorySessionStore {
119
119
  function createInMemorySessionStore(options) {
120
120
  return new InMemorySessionStore(options);
121
121
  }
122
+ function createSecureSessionToken() {
123
+ const cryptoApi = globalThis.crypto;
124
+ if (typeof cryptoApi?.randomUUID === "function") {
125
+ return cryptoApi.randomUUID();
126
+ }
127
+ if (typeof cryptoApi?.getRandomValues === "function") {
128
+ const bytes = cryptoApi.getRandomValues(new Uint8Array(16));
129
+ const versionByte = bytes.at(6);
130
+ const variantByte = bytes.at(8);
131
+ if (versionByte === undefined || variantByte === undefined) {
132
+ throw new Error("Secure session token generation requires 16 random bytes.");
133
+ }
134
+ bytes[6] = versionByte & 15 | 64;
135
+ bytes[8] = variantByte & 63 | 128;
136
+ const hex = [...bytes].map((byte) => byte.toString(16).padStart(2, "0"));
137
+ return [
138
+ hex.slice(0, 4).join(""),
139
+ hex.slice(4, 6).join(""),
140
+ hex.slice(6, 8).join(""),
141
+ hex.slice(8, 10).join(""),
142
+ hex.slice(10, 16).join("")
143
+ ].join("-");
144
+ }
145
+ throw new Error("Secure session IDs require Web Crypto support.");
146
+ }
122
147
  function generateSessionId() {
123
- return `sess_${Date.now()}_${Math.random().toString(36).slice(2, 11)}`;
148
+ return `sess_${createSecureSessionToken()}`;
124
149
  }
125
150
  export {
126
151
  generateSessionId,
package/dist/session/store.test.d.ts ADDED
@@ -0,0 +1 @@
1
+ export {};
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@contractspec/lib.ai-agent",
3
- "version": "7.0.7",
3
+ "version": "7.0.10",
4
4
  "description": "AI agent orchestration with MCP and tool support",
5
5
  "keywords": [
6
6
  "contractspec",
@@ -41,10 +41,10 @@
41
41
  "@ai-sdk/openai": "3.0.41",
42
42
  "@modelcontextprotocol/sdk": "^1.27.1",
43
43
  "@posthog/react": "^1.8.2",
44
- "@posthog/ai": "7.12.1",
45
- "@contractspec/lib.contracts-spec": "4.0.0",
46
- "@contractspec/lib.ai-providers": "3.7.6",
47
- "@contractspec/lib.knowledge": "3.7.7",
44
+ "@posthog/ai": "7.12.2",
45
+ "@contractspec/lib.contracts-spec": "4.1.2",
46
+ "@contractspec/lib.ai-providers": "3.7.8",
47
+ "@contractspec/lib.knowledge": "3.7.10",
48
48
  "compare-versions": "^6.1.1",
49
49
  "zod": "^4.3.5"
50
50
  },
@@ -52,7 +52,7 @@
52
52
  "@anthropic-ai/claude-agent-sdk": ">=0.1.0",
53
53
  "@opencode-ai/sdk": ">=1.0.0",
54
54
  "posthog-node": ">=4.0.0",
55
- "@contractspec/lib.surface-runtime": "0.5.7"
55
+ "@contractspec/lib.surface-runtime": "0.5.10"
56
56
  },
57
57
  "peerDependenciesMeta": {
58
58
  "@anthropic-ai/claude-agent-sdk": {
@@ -72,9 +72,9 @@
72
72
  }
73
73
  },
74
74
  "devDependencies": {
75
- "@contractspec/tool.typescript": "3.7.6",
75
+ "@contractspec/tool.typescript": "3.7.8",
76
76
  "typescript": "^5.9.3",
77
- "@contractspec/tool.bun": "3.7.6"
77
+ "@contractspec/tool.bun": "3.7.8"
78
78
  },
79
79
  "exports": {
80
80
  ".": {