npm - @flink-app/flink - Versions diffs - 2.0.0-alpha.95 → 2.0.0-alpha.97 - Mend

@flink-app/flink 2.0.0-alpha.95 → 2.0.0-alpha.97

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/CHANGELOG.md +29 -0
package/dist/src/FlinkApp.js +1 -1
package/dist/src/ai/ConversationAgent.js +3 -1
package/dist/src/auth/FlinkAuthPlugin.d.ts +1 -1
package/package.json +1 -1
package/spec/ai/ConversationAgent.spec.ts +29 -0
package/src/FlinkApp.ts +1 -1
package/src/ai/ConversationAgent.ts +3 -1
package/src/auth/FlinkAuthPlugin.ts +2 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,34 @@
 # @flink-app/flink
+## 2.0.0-alpha.97
+### Minor Changes
+-   eed6bc1: Pass host application context to auth plugins.
+    `FlinkAuthPlugin.authenticateRequest` now receives the host app's context as an optional third argument. Flink core supplies it on every authenticated request, so auth plugins can access repos/services without the caller wiring up a lazy accessor or maintaining a module-level mutable reference.
+    For `@flink-app/jwt-auth-plugin`, this means `getUser` receives the context directly:
+    ```typescript
+    jwtAuthPlugin({
+        getUser: async (tokenData, req, ctx) => {
+            const user = await ctx?.repos.userRepo.getById(tokenData._id);
+            return user ? { username: user.username, _id: user._id } : null;
+        },
+    });
+    ```
+    The `getContext` option previously added in alpha.96 is no longer needed and has been removed — remove it from your `jwtAuthPlugin({ … })` call. The third `ctx` parameter on `getUser` is optional, so callbacks that ignore it are unaffected.
+## 2.0.0-alpha.96
+### Patch Changes
+-   Fix double-JSON-encoding of tool results on conversation reload.
+    `ConversationAgent.convertToAgentMessages` was re-stringifying tool result payloads that `ToolExecutor.formatResultForAI` had already serialized to a JSON string. Each reload escaped the value one more level, corrupting tool history on every continuation turn (visible through any LLM adapter, including Anthropic). Strings are now passed through untouched; non-string values are still stringified for backward compatibility with older storage rows.
 ## 2.0.0-alpha.95
 ## 2.0.0-alpha.94

package/dist/src/FlinkApp.js CHANGED Viewed

@@ -1300,7 +1300,7 @@ var FlinkApp = /** @class */ (function () {
                         if (!this.auth) {
                             throw new Error("Attempting to authenticate request (".concat(req.method, " ").concat(req.path, ") but no authPlugin is set"));
                         }
-                        return [4 /*yield*/, this.auth.authenticateRequest(req, permissions)];
+                        return [4 /*yield*/, this.auth.authenticateRequest(req, permissions, this._ctx)];
                     case 1: return [2 /*return*/, _a.sent()];
                 }
             });

package/dist/src/ai/ConversationAgent.js CHANGED Viewed

@@ -297,7 +297,9 @@ var ConversationAgent = /** @class */ (function (_super) {
                     role: "tool",
                     toolCallId: toolResult.id,
                     toolName: "", // Not stored, but required by type
-                    result: JSON.stringify(toolResult.result),
+                    // Tool results are persisted as already-stringified payloads (see formatResultForAI).
+                    // JSON.stringify-ing again would double-encode strings into escaped JSON literals.
+                    result: typeof toolResult.result === "string" ? toolResult.result : JSON.stringify(toolResult.result),
                 }); });
             }
             else if (msg.role === "user") {

package/dist/src/auth/FlinkAuthPlugin.d.ts CHANGED Viewed

@@ -1,5 +1,5 @@
 import { FlinkRequest } from "../FlinkHttpHandler";
 export interface FlinkAuthPlugin {
-    authenticateRequest: (req: FlinkRequest, permissions: string | string[]) => Promise<boolean>;
+    authenticateRequest: (req: FlinkRequest, permissions: string | string[], ctx?: any) => Promise<boolean>;
     createToken: (payload: any, roles: string[]) => Promise<string>;
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@flink-app/flink",
-  "version": "2.0.0-alpha.95",
+  "version": "2.0.0-alpha.97",
   "description": "Typescript only framework for creating REST-like APIs on top of Express and mongodb",
   "types": "dist/src/index.d.ts",
   "main": "dist/src/index.js",

package/spec/ai/ConversationAgent.spec.ts CHANGED Viewed

@@ -324,6 +324,35 @@ describe("ConversationAgent", () => {
             });
         });
+        it("should not double-encode string tool results on reload", async () => {
+            // Real production flow: ToolExecutor.formatResultForAI returns a JSON string,
+            // which is what AgentRunner stores on tool_result content blocks. On the
+            // round-trip back from storage, that string must NOT be JSON.stringified
+            // again — otherwise the model sees escaped JSON literals on every reload.
+            const alreadyStringified = JSON.stringify({ temp: "22C", condition: "sunny" });
+            const conversationData: ConversationData = {
+                messages: [
+                    {
+                        role: "user",
+                        toolResults: [{ id: "call_1", result: alreadyStringified }],
+                    },
+                ],
+            };
+            agent.loadConversationSpy.and.returnValue(Promise.resolve(conversationData));
+            const input: any = { conversationId: "conv-123" };
+            await agent.testBeforeRun(input, {});
+            expect(input.history[0]).toEqual({
+                role: "tool",
+                toolCallId: "call_1",
+                toolName: "",
+                result: alreadyStringified, // not JSON.stringify(alreadyStringified)
+            });
+        });
         it("should preserve assistant messages with toolCalls", async () => {
             const conversationData: ConversationData = {
                 messages: [

package/src/FlinkApp.ts CHANGED Viewed

@@ -1580,7 +1580,7 @@ export class FlinkApp<C extends FlinkContext> {
         if (!this.auth) {
             throw new Error(`Attempting to authenticate request (${req.method} ${req.path}) but no authPlugin is set`);
         }
-        return await this.auth.authenticateRequest(req as FlinkRequest, permissions);
+        return await this.auth.authenticateRequest(req as FlinkRequest, permissions, this._ctx);
     }
     public getRegisteredRoutes() {

package/src/ai/ConversationAgent.ts CHANGED Viewed

@@ -308,7 +308,9 @@ export abstract class ConversationAgent<Context extends FlinkContext = FlinkCont
                         role: "tool",
                         toolCallId: toolResult.id,
                         toolName: "", // Not stored, but required by type
-                        result: JSON.stringify(toolResult.result),
+                        // Tool results are persisted as already-stringified payloads (see formatResultForAI).
+                        // JSON.stringify-ing again would double-encode strings into escaped JSON literals.
+                        result: typeof toolResult.result === "string" ? toolResult.result : JSON.stringify(toolResult.result),
                     })
                 );
             } else if (msg.role === "user") {

package/src/auth/FlinkAuthPlugin.ts CHANGED Viewed

@@ -3,7 +3,8 @@ import { FlinkRequest } from "../FlinkHttpHandler";
 export interface FlinkAuthPlugin {
   authenticateRequest: (
     req: FlinkRequest,
-    permissions: string | string[]
+    permissions: string | string[],
+    ctx?: any
   ) => Promise<boolean>;
   createToken: (payload: any, roles: string[]) => Promise<string>;
 }