@decartai/sdk 0.0.61 → 0.0.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/realtime/client.d.ts +1 -1
  2. package/dist/shared/model.js +1 -1
  3. package/dist/tokens/client.d.ts +12 -3
  4. package/package.json +1 -1
package/dist/realtime/client.d.ts CHANGED
@@ -25,7 +25,7 @@ declare const realTimeClientConnectOptionsSchema: z.ZodObject<{
25
25
  fps: z.ZodNumber;
26
26
  width: z.ZodNumber;
27
27
  height: z.ZodNumber;
28
- inputSchema: z.ZodAny;
28
+ inputSchema: z.ZodOptional<z.ZodAny>;
29
29
  }, z.core.$strip>;
30
30
  onRemoteStream: z.ZodCustom<OnRemoteStreamFn, OnRemoteStreamFn>;
31
31
  initialState: z.ZodOptional<z.ZodObject<{
package/dist/shared/model.js CHANGED
@@ -172,7 +172,7 @@ const modelDefinitionSchema = z.object({
172
172
  fps: z.number().min(1),
173
173
  width: z.number().min(1),
174
174
  height: z.number().min(1),
175
- inputSchema: z.any()
175
+ inputSchema: z.any().optional()
176
176
  });
177
177
  const _models = {
178
178
  realtime: {
package/dist/tokens/client.d.ts CHANGED
@@ -9,6 +9,13 @@ type CreateTokenOptions = {
9
9
  expiresIn?: number;
10
10
  /** Restrict which models this token can access (max 20 items). */
11
11
  allowedModels?: (Model | (string & {}))[];
12
+ /**
13
+ * Restrict which web origins this token can be used from (max 20 items).
14
+ * Each entry must be a full origin including scheme, e.g. `https://example.com`.
15
+ * Enforced on realtime sessions by matching the WebSocket `Origin` header
16
+ * verbatim. Defense-in-depth — only effective for browser-based clients.
17
+ */
18
+ allowedOrigins?: string[];
12
19
  /** Operational limits for the token. */
13
20
  constraints?: {
14
21
  realtime?: {
@@ -19,9 +26,10 @@ type CreateTokenOptions = {
19
26
  type CreateTokenResponse = {
20
27
  apiKey: string;
21
28
  expiresAt: string;
22
- /** Present when `allowedModels` was set on the request. */
29
+ /** Present when `allowedModels` and/or `allowedOrigins` were set on the request. */
23
30
  permissions?: {
24
- models: (Model | (string & {}))[];
31
+ models?: (Model | (string & {}))[];
32
+ origins?: string[];
25
33
  } | null;
26
34
  /** Present when `constraints` was set on the request. */
27
35
  constraints?: {
@@ -45,10 +53,11 @@ type TokensClient = {
45
53
  * // With metadata:
46
54
  * const token = await client.tokens.create({ metadata: { role: "viewer" } });
47
55
  *
48
- * // With expiry, model restrictions, and constraints:
56
+ * // With expiry, model restrictions, origin restrictions, and constraints:
49
57
  * const token = await client.tokens.create({
50
58
  * expiresIn: 300,
51
59
  * allowedModels: ["lucy-pro-v2v", "lucy-restyle-v2v"],
60
+ * allowedOrigins: ["https://example.com"],
52
61
  * constraints: { realtime: { maxSessionDuration: 120 } },
53
62
  * });
54
63
  * ```
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@decartai/sdk",
3
- "version": "0.0.61",
3
+ "version": "0.0.63",
4
4
  "description": "Decart's JavaScript SDK",
5
5
  "type": "module",
6
6
  "license": "MIT",