@dexto/core 1.1.4 → 1.1.6

package/dist/tools/confirmation/allowed-tools-provider/in-memory.cjs

@@ -0,0 +1,62 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var in_memory_exports = {};
+__export(in_memory_exports, {
+  InMemoryAllowedToolsProvider: () => InMemoryAllowedToolsProvider
+});
+module.exports = __toCommonJS(in_memory_exports);
+class InMemoryAllowedToolsProvider {
+  /**
+   * Map key is sessionId (undefined => global approvals). Value is a set of
+   * approved tool names.
+   */
+  store = /* @__PURE__ */ new Map();
+  constructor(initialGlobal) {
+    if (initialGlobal) {
+      this.store.set(void 0, new Set(initialGlobal));
+    }
+  }
+  getSet(sessionId) {
+    const key = sessionId ?? void 0;
+    let set = this.store.get(key);
+    if (!set) {
+      set = /* @__PURE__ */ new Set();
+      this.store.set(key, set);
+    }
+    return set;
+  }
+  async allowTool(toolName, sessionId) {
+    this.getSet(sessionId).add(toolName);
+  }
+  async disallowTool(toolName, sessionId) {
+    this.getSet(sessionId).delete(toolName);
+  }
+  async isToolAllowed(toolName, sessionId) {
+    const scopedSet = this.store.get(sessionId ?? void 0);
+    const globalSet = this.store.get(void 0);
+    return Boolean(scopedSet?.has(toolName) || globalSet?.has(toolName));
+  }
+  async getAllowedTools(sessionId) {
+    return new Set(this.getSet(sessionId));
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  InMemoryAllowedToolsProvider
+});

package/dist/tools/confirmation/allowed-tools-provider/in-memory.d.cts

@@ -0,0 +1,17 @@
+import { IAllowedToolsProvider } from './types.cjs';
+
+declare class InMemoryAllowedToolsProvider implements IAllowedToolsProvider {
+    /**
+     * Map key is sessionId (undefined => global approvals). Value is a set of
+     * approved tool names.
+     */
+    private store;
+    constructor(initialGlobal?: Set<string>);
+    private getSet;
+    allowTool(toolName: string, sessionId?: string): Promise<void>;
+    disallowTool(toolName: string, sessionId?: string): Promise<void>;
+    isToolAllowed(toolName: string, sessionId?: string): Promise<boolean>;
+    getAllowedTools(sessionId?: string): Promise<Set<string>>;
+}
+
+export { InMemoryAllowedToolsProvider };

package/dist/tools/confirmation/allowed-tools-provider/in-memory.d.ts

@@ -0,0 +1,17 @@
+import { IAllowedToolsProvider } from './types.js';
+
+declare class InMemoryAllowedToolsProvider implements IAllowedToolsProvider {
+    /**
+     * Map key is sessionId (undefined => global approvals). Value is a set of
+     * approved tool names.
+     */
+    private store;
+    constructor(initialGlobal?: Set<string>);
+    private getSet;
+    allowTool(toolName: string, sessionId?: string): Promise<void>;
+    disallowTool(toolName: string, sessionId?: string): Promise<void>;
+    isToolAllowed(toolName: string, sessionId?: string): Promise<boolean>;
+    getAllowedTools(sessionId?: string): Promise<Set<string>>;
+}
+
+export { InMemoryAllowedToolsProvider };

package/dist/tools/confirmation/allowed-tools-provider/in-memory.js

@@ -0,0 +1,38 @@
+class InMemoryAllowedToolsProvider {
+  /**
+   * Map key is sessionId (undefined => global approvals). Value is a set of
+   * approved tool names.
+   */
+  store = /* @__PURE__ */ new Map();
+  constructor(initialGlobal) {
+    if (initialGlobal) {
+      this.store.set(void 0, new Set(initialGlobal));
+    }
+  }
+  getSet(sessionId) {
+    const key = sessionId ?? void 0;
+    let set = this.store.get(key);
+    if (!set) {
+      set = /* @__PURE__ */ new Set();
+      this.store.set(key, set);
+    }
+    return set;
+  }
+  async allowTool(toolName, sessionId) {
+    this.getSet(sessionId).add(toolName);
+  }
+  async disallowTool(toolName, sessionId) {
+    this.getSet(sessionId).delete(toolName);
+  }
+  async isToolAllowed(toolName, sessionId) {
+    const scopedSet = this.store.get(sessionId ?? void 0);
+    const globalSet = this.store.get(void 0);
+    return Boolean(scopedSet?.has(toolName) || globalSet?.has(toolName));
+  }
+  async getAllowedTools(sessionId) {
+    return new Set(this.getSet(sessionId));
+  }
+}
+export {
+  InMemoryAllowedToolsProvider
+};

package/dist/tools/confirmation/allowed-tools-provider/storage.cjs

@@ -0,0 +1,68 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var storage_exports = {};
+__export(storage_exports, {
+  StorageAllowedToolsProvider: () => StorageAllowedToolsProvider
+});
+module.exports = __toCommonJS(storage_exports);
+var import_logger = require("../../../logger/index.cjs");
+class StorageAllowedToolsProvider {
+  constructor(storage) {
+    this.storage = storage;
+  }
+  buildKey(sessionId) {
+    return sessionId ? `allowedTools:${sessionId}` : "allowedTools:global";
+  }
+  async allowTool(toolName, sessionId) {
+    const key = this.buildKey(sessionId);
+    import_logger.logger.debug(`Adding allowed tool '${toolName}' for key '${key}'`);
+    const existingRaw = await this.storage.database.get(key);
+    const newSet = new Set(Array.isArray(existingRaw) ? existingRaw : []);
+    newSet.add(toolName);
+    await this.storage.database.set(key, Array.from(newSet));
+    import_logger.logger.debug(`Added allowed tool '${toolName}' for key '${key}'`);
+  }
+  async disallowTool(toolName, sessionId) {
+    const key = this.buildKey(sessionId);
+    import_logger.logger.debug(`Removing allowed tool '${toolName}' for key '${key}'`);
+    const existingRaw = await this.storage.database.get(key);
+    if (!Array.isArray(existingRaw)) return;
+    const newSet = new Set(existingRaw);
+    newSet.delete(toolName);
+    await this.storage.database.set(key, Array.from(newSet));
+  }
+  async isToolAllowed(toolName, sessionId) {
+    const sessionArr = await this.storage.database.get(this.buildKey(sessionId));
+    if (Array.isArray(sessionArr) && sessionArr.includes(toolName)) return true;
+    const globalArr = await this.storage.database.get(this.buildKey(void 0));
+    const allowed = Array.isArray(globalArr) ? globalArr.includes(toolName) : false;
+    import_logger.logger.debug(
+      `Checked allowed tool '${toolName}' in session '${sessionId ?? "global"}' \u2013 allowed=${allowed}`
+    );
+    return allowed;
+  }
+  async getAllowedTools(sessionId) {
+    const arr = await this.storage.database.get(this.buildKey(sessionId));
+    return new Set(Array.isArray(arr) ? arr : []);
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  StorageAllowedToolsProvider
+});

package/dist/tools/confirmation/allowed-tools-provider/storage.d.cts

@@ -0,0 +1,26 @@
+import { StorageBackends } from '../../../storage/backend/types.cjs';
+import { IAllowedToolsProvider } from './types.cjs';
+import '../../../storage/backend/cache-backend.cjs';
+import '../../../storage/backend/database-backend.cjs';
+import '../../../storage/schemas.cjs';
+import 'zod';
+
+/**
+ * Storage-backed implementation that persists allowed tools in the Dexto
+ * storage backends. The key scheme is:
+ *   allowedTools:<sessionId>          – approvals scoped to a session
+ *   allowedTools:global               – global approvals (sessionId undefined)
+ *
+ * Using the database backend for persistence.
+ */
+declare class StorageAllowedToolsProvider implements IAllowedToolsProvider {
+    private storage;
+    constructor(storage: StorageBackends);
+    private buildKey;
+    allowTool(toolName: string, sessionId?: string): Promise<void>;
+    disallowTool(toolName: string, sessionId?: string): Promise<void>;
+    isToolAllowed(toolName: string, sessionId?: string): Promise<boolean>;
+    getAllowedTools(sessionId?: string): Promise<Set<string>>;
+}
+
+export { StorageAllowedToolsProvider };

package/dist/tools/confirmation/allowed-tools-provider/storage.d.ts

@@ -0,0 +1,26 @@
+import { StorageBackends } from '../../../storage/backend/types.js';
+import { IAllowedToolsProvider } from './types.js';
+import '../../../storage/backend/cache-backend.js';
+import '../../../storage/backend/database-backend.js';
+import '../../../storage/schemas.js';
+import 'zod';
+
+/**
+ * Storage-backed implementation that persists allowed tools in the Dexto
+ * storage backends. The key scheme is:
+ *   allowedTools:<sessionId>          – approvals scoped to a session
+ *   allowedTools:global               – global approvals (sessionId undefined)
+ *
+ * Using the database backend for persistence.
+ */
+declare class StorageAllowedToolsProvider implements IAllowedToolsProvider {
+    private storage;
+    constructor(storage: StorageBackends);
+    private buildKey;
+    allowTool(toolName: string, sessionId?: string): Promise<void>;
+    disallowTool(toolName: string, sessionId?: string): Promise<void>;
+    isToolAllowed(toolName: string, sessionId?: string): Promise<boolean>;
+    getAllowedTools(sessionId?: string): Promise<Set<string>>;
+}
+
+export { StorageAllowedToolsProvider };

package/dist/tools/confirmation/allowed-tools-provider/storage.js

@@ -0,0 +1,44 @@
+import { logger } from "../../../logger/index.js";
+class StorageAllowedToolsProvider {
+  constructor(storage) {
+    this.storage = storage;
+  }
+  buildKey(sessionId) {
+    return sessionId ? `allowedTools:${sessionId}` : "allowedTools:global";
+  }
+  async allowTool(toolName, sessionId) {
+    const key = this.buildKey(sessionId);
+    logger.debug(`Adding allowed tool '${toolName}' for key '${key}'`);
+    const existingRaw = await this.storage.database.get(key);
+    const newSet = new Set(Array.isArray(existingRaw) ? existingRaw : []);
+    newSet.add(toolName);
+    await this.storage.database.set(key, Array.from(newSet));
+    logger.debug(`Added allowed tool '${toolName}' for key '${key}'`);
+  }
+  async disallowTool(toolName, sessionId) {
+    const key = this.buildKey(sessionId);
+    logger.debug(`Removing allowed tool '${toolName}' for key '${key}'`);
+    const existingRaw = await this.storage.database.get(key);
+    if (!Array.isArray(existingRaw)) return;
+    const newSet = new Set(existingRaw);
+    newSet.delete(toolName);
+    await this.storage.database.set(key, Array.from(newSet));
+  }
+  async isToolAllowed(toolName, sessionId) {
+    const sessionArr = await this.storage.database.get(this.buildKey(sessionId));
+    if (Array.isArray(sessionArr) && sessionArr.includes(toolName)) return true;
+    const globalArr = await this.storage.database.get(this.buildKey(void 0));
+    const allowed = Array.isArray(globalArr) ? globalArr.includes(toolName) : false;
+    logger.debug(
+      `Checked allowed tool '${toolName}' in session '${sessionId ?? "global"}' \u2013 allowed=${allowed}`
+    );
+    return allowed;
+  }
+  async getAllowedTools(sessionId) {
+    const arr = await this.storage.database.get(this.buildKey(sessionId));
+    return new Set(Array.isArray(arr) ? arr : []);
+  }
+}
+export {
+  StorageAllowedToolsProvider
+};

package/dist/tools/confirmation/allowed-tools-provider/types.cjs

@@ -0,0 +1,16 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var types_exports = {};
+module.exports = __toCommonJS(types_exports);

package/dist/tools/confirmation/allowed-tools-provider/types.d.cts

@@ -0,0 +1,35 @@
+/**
+ * Interface for allowed tools storage (in-memory, DB, etc.)
+ *
+ * Multi-user support: For multi-tenancy, we can consider either:
+ *  - Instantiating a provider per user (current pattern, recommended for most cases)
+ *  - Or, add userId as a parameter to each method for batch/admin/multi-user operations:
+ *      allowTool(toolName: string, userId: string): Promise<void>
+ *      ...etc.
+ *  - You can also add static/factory methods to create user-scoped providers, e.g.,
+ *      AllowedToolsProvider.forUser(userId)
+ *
+ * AllowedToolsProvider supports both single-user and multi-user scenarios.
+ * - If `userId` is omitted, the implementation will use a default user (e.g., from getUserId()).
+ * - For multi-user/admin scenarios, always pass `userId` explicitly.
+ * - We can enforce this by having a separate env variable/feature-flag for multi-user and having
+ *   strict check for the user id if the feature flag is set.
+ */
+interface IAllowedToolsProvider {
+    /**
+     * Persist an approval for a tool. If `sessionId` is provided the approval is
+     * scoped to that session. When omitted the approval is treated as global.
+     */
+    allowTool(toolName: string, sessionId?: string): Promise<void>;
+    /** Remove an approval. */
+    disallowTool(toolName: string, sessionId?: string): Promise<void>;
+    /**
+     * Check whether the given tool is currently allowed. If `sessionId` is
+     * provided the session-scoped list is checked first, then any global entry.
+     */
+    isToolAllowed(toolName: string, sessionId?: string): Promise<boolean>;
+    /** Optional helper to introspect all approvals for debugging. */
+    getAllowedTools?(sessionId?: string): Promise<Set<string>>;
+}
+
+export type { IAllowedToolsProvider };

package/dist/tools/confirmation/allowed-tools-provider/types.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Interface for allowed tools storage (in-memory, DB, etc.)
+ *
+ * Multi-user support: For multi-tenancy, we can consider either:
+ *  - Instantiating a provider per user (current pattern, recommended for most cases)
+ *  - Or, add userId as a parameter to each method for batch/admin/multi-user operations:
+ *      allowTool(toolName: string, userId: string): Promise<void>
+ *      ...etc.
+ *  - You can also add static/factory methods to create user-scoped providers, e.g.,
+ *      AllowedToolsProvider.forUser(userId)
+ *
+ * AllowedToolsProvider supports both single-user and multi-user scenarios.
+ * - If `userId` is omitted, the implementation will use a default user (e.g., from getUserId()).
+ * - For multi-user/admin scenarios, always pass `userId` explicitly.
+ * - We can enforce this by having a separate env variable/feature-flag for multi-user and having
+ *   strict check for the user id if the feature flag is set.
+ */
+interface IAllowedToolsProvider {
+    /**
+     * Persist an approval for a tool. If `sessionId` is provided the approval is
+     * scoped to that session. When omitted the approval is treated as global.
+     */
+    allowTool(toolName: string, sessionId?: string): Promise<void>;
+    /** Remove an approval. */
+    disallowTool(toolName: string, sessionId?: string): Promise<void>;
+    /**
+     * Check whether the given tool is currently allowed. If `sessionId` is
+     * provided the session-scoped list is checked first, then any global entry.
+     */
+    isToolAllowed(toolName: string, sessionId?: string): Promise<boolean>;
+    /** Optional helper to introspect all approvals for debugging. */
+    getAllowedTools?(sessionId?: string): Promise<Set<string>>;
+}
+
+export type { IAllowedToolsProvider };

package/dist/tools/confirmation/event-based-confirmation-provider.cjs

@@ -0,0 +1,158 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var event_based_confirmation_provider_exports = {};
+__export(event_based_confirmation_provider_exports, {
+  EventBasedConfirmationProvider: () => EventBasedConfirmationProvider
+});
+module.exports = __toCommonJS(event_based_confirmation_provider_exports);
+var import_crypto = require("crypto");
+var import_logger = require("../../logger/index.cjs");
+var import_errors = require("../errors.js");
+class EventBasedConfirmationProvider {
+  constructor(allowedToolsProvider, agentEventBus, options) {
+    this.allowedToolsProvider = allowedToolsProvider;
+    this.agentEventBus = agentEventBus;
+    this.confirmationTimeout = options.confirmationTimeout;
+    this.agentEventBus.on(
+      "dexto:toolConfirmationResponse",
+      this.handleConfirmationResponse.bind(this)
+    );
+  }
+  pendingConfirmations = /* @__PURE__ */ new Map();
+  confirmationTimeout;
+  agentEventBus;
+  async requestConfirmation(details) {
+    const isAllowed = await this.allowedToolsProvider.isToolAllowed(
+      details.toolName,
+      details.sessionId
+    );
+    if (isAllowed) {
+      import_logger.logger.info(
+        `Tool '${details.toolName}' already allowed for session '${details.sessionId ?? "global"}' \u2013 skipping confirmation.`
+      );
+      return true;
+    }
+    const executionId = (0, import_crypto.randomUUID)();
+    const event = {
+      toolName: details.toolName,
+      args: details.args,
+      ...details.description && { description: details.description },
+      executionId,
+      timestamp: /* @__PURE__ */ new Date(),
+      ...details.sessionId && { sessionId: details.sessionId }
+      // session context
+    };
+    import_logger.logger.info(
+      `Tool confirmation requested for ${details.toolName}, executionId: ${executionId}, sessionId: ${details.sessionId}`
+    );
+    return new Promise((resolve, reject) => {
+      const timeout = setTimeout(() => {
+        const timeoutResponse = {
+          executionId,
+          approved: false,
+          rememberChoice: false,
+          ...details.sessionId && { sessionId: details.sessionId }
+        };
+        import_logger.logger.warn(
+          `Tool confirmation timeout for ${details.toolName}, executionId: ${executionId}`
+        );
+        this.pendingConfirmations.delete(executionId);
+        this.agentEventBus.emit("dexto:toolConfirmationResponse", timeoutResponse);
+        reject(
+          import_errors.ToolError.confirmationTimeout(
+            details.toolName,
+            this.confirmationTimeout,
+            details.sessionId
+          )
+        );
+      }, this.confirmationTimeout);
+      this.pendingConfirmations.set(executionId, {
+        resolve: (approved) => {
+          clearTimeout(timeout);
+          this.pendingConfirmations.delete(executionId);
+          resolve(approved);
+        },
+        reject: (error) => {
+          clearTimeout(timeout);
+          this.pendingConfirmations.delete(executionId);
+          reject(error);
+        },
+        toolName: details.toolName,
+        ...details.sessionId && { sessionId: details.sessionId }
+      });
+      this.agentEventBus.emit("dexto:toolConfirmationRequest", event);
+    });
+  }
+  /**
+   * Handle confirmation response from external handlers
+   */
+  async handleConfirmationResponse(response) {
+    const pending = this.pendingConfirmations.get(response.executionId);
+    if (!pending) {
+      import_logger.logger.warn(
+        `Received toolConfirmationResponse for unknown executionId ${response.executionId}`
+      );
+      return;
+    }
+    this.pendingConfirmations.delete(response.executionId);
+    if (response.approved && response.rememberChoice) {
+      await this.allowedToolsProvider.allowTool(pending.toolName, response.sessionId);
+      import_logger.logger.info(
+        `Tool '${pending.toolName}' added to allowed tools for session '${response.sessionId ?? "global"}' (remember choice selected)`
+      );
+    }
+    import_logger.logger.info(
+      `Tool confirmation ${response.approved ? "approved" : "denied"} for ${pending.toolName}, executionId: ${response.executionId}, sessionId: ${response.sessionId ?? "global"}`
+    );
+    pending.resolve(response.approved);
+  }
+  /**
+   * Get list of pending confirmation requests
+   */
+  getPendingConfirmations() {
+    return Array.from(this.pendingConfirmations.keys());
+  }
+  /**
+   * Cancel a pending confirmation request
+   */
+  cancelConfirmation(executionId) {
+    const pending = this.pendingConfirmations.get(executionId);
+    if (pending) {
+      pending.reject(
+        import_errors.ToolError.confirmationCancelled(pending.toolName, "individual request cancelled")
+      );
+      this.pendingConfirmations.delete(executionId);
+    }
+  }
+  /**
+   * Cancel all pending confirmation requests
+   */
+  cancelAllConfirmations() {
+    for (const [_executionId, pending] of this.pendingConfirmations) {
+      pending.reject(
+        import_errors.ToolError.confirmationCancelled(pending.toolName, "all requests cancelled")
+      );
+    }
+    this.pendingConfirmations.clear();
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  EventBasedConfirmationProvider
+});

package/dist/tools/confirmation/event-based-confirmation-provider.d.cts

@@ -0,0 +1,41 @@
+import { ToolConfirmationProvider, ToolExecutionDetails, ToolConfirmationResponse } from './types.cjs';
+import { IAllowedToolsProvider } from './allowed-tools-provider/types.cjs';
+import { AgentEventBus } from '../../events/index.cjs';
+import 'events';
+import '../../llm/types.cjs';
+import '../../agent/schemas.cjs';
+import 'zod';
+
+/**
+ * Event-based tool confirmation provider that uses the official AgentEventBus
+ * to emit events for confirmation requests and wait for responses.
+ * This decouples the core logic from UI-specific implementations.
+ */
+declare class EventBasedConfirmationProvider implements ToolConfirmationProvider {
+    allowedToolsProvider: IAllowedToolsProvider;
+    private pendingConfirmations;
+    private confirmationTimeout;
+    private agentEventBus;
+    constructor(allowedToolsProvider: IAllowedToolsProvider, agentEventBus: AgentEventBus, options: {
+        confirmationTimeout: number;
+    });
+    requestConfirmation(details: ToolExecutionDetails): Promise<boolean>;
+    /**
+     * Handle confirmation response from external handlers
+     */
+    handleConfirmationResponse(response: ToolConfirmationResponse): Promise<void>;
+    /**
+     * Get list of pending confirmation requests
+     */
+    getPendingConfirmations(): string[];
+    /**
+     * Cancel a pending confirmation request
+     */
+    cancelConfirmation(executionId: string): void;
+    /**
+     * Cancel all pending confirmation requests
+     */
+    cancelAllConfirmations(): void;
+}
+
+export { EventBasedConfirmationProvider };

package/dist/tools/confirmation/event-based-confirmation-provider.d.ts

@@ -0,0 +1,41 @@
+import { ToolConfirmationProvider, ToolExecutionDetails, ToolConfirmationResponse } from './types.js';
+import { IAllowedToolsProvider } from './allowed-tools-provider/types.js';
+import { AgentEventBus } from '../../events/index.js';
+import 'events';
+import '../../llm/types.js';
+import '../../agent/schemas.js';
+import 'zod';
+
+/**
+ * Event-based tool confirmation provider that uses the official AgentEventBus
+ * to emit events for confirmation requests and wait for responses.
+ * This decouples the core logic from UI-specific implementations.
+ */
+declare class EventBasedConfirmationProvider implements ToolConfirmationProvider {
+    allowedToolsProvider: IAllowedToolsProvider;
+    private pendingConfirmations;
+    private confirmationTimeout;
+    private agentEventBus;
+    constructor(allowedToolsProvider: IAllowedToolsProvider, agentEventBus: AgentEventBus, options: {
+        confirmationTimeout: number;
+    });
+    requestConfirmation(details: ToolExecutionDetails): Promise<boolean>;
+    /**
+     * Handle confirmation response from external handlers
+     */
+    handleConfirmationResponse(response: ToolConfirmationResponse): Promise<void>;
+    /**
+     * Get list of pending confirmation requests
+     */
+    getPendingConfirmations(): string[];
+    /**
+     * Cancel a pending confirmation request
+     */
+    cancelConfirmation(executionId: string): void;
+    /**
+     * Cancel all pending confirmation requests
+     */
+    cancelAllConfirmations(): void;
+}
+
+export { EventBasedConfirmationProvider };