@gaodefa/daocore 2026.5.74 → 2026.5.75

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1066) hide show
  1. package/dist/abort-CB4Bin7P.js +277 -0
  2. package/dist/abort.runtime-C5imf3M6.js +2 -0
  3. package/dist/abort.runtime.js +1 -1
  4. package/dist/account-inspect-BrLOD3dL.js +173 -0
  5. package/dist/accounts-BJghihjE.js +107 -0
  6. package/dist/accounts-Cmmoz0Uc.js +119 -0
  7. package/dist/accounts-CtHQ9LlB.js +2 -0
  8. package/dist/accounts-D2XmsEdz.js +107 -0
  9. package/dist/acp-runtime-CsJkP6Eh.js +26 -0
  10. package/dist/acp-spawn-DrF63yyT.js +1275 -0
  11. package/dist/acp-spawn-ORtTG-uw.js +2 -0
  12. package/dist/acp-stateful-target-driver-XI6lnVTT.js +89 -0
  13. package/dist/action-kill-BkWa08iK.js +33 -0
  14. package/dist/action-runtime-CW2Fkm81.js +469 -0
  15. package/dist/action-runtime-api-LQHyxfBM.js +2 -0
  16. package/dist/action-send-BSTkpsKB.js +39 -0
  17. package/dist/action-spawn-CG0owoYM.js +47 -0
  18. package/dist/actions-BQH4Vf20.js +161 -0
  19. package/dist/actions.runtime-BwFgiJFE.js +5 -0
  20. package/dist/agent-B1k62jFg.js +3 -0
  21. package/dist/agent-CooPvAB8.js +2 -0
  22. package/dist/agent-command-Djll6bnb.js +1367 -0
  23. package/dist/agent-components.runtime-Bxmeq5SX.js +10 -0
  24. package/dist/agent-components.runtime.js +1 -1
  25. package/dist/agent-harness-runtime-Bt2xTt2z.js +180 -0
  26. package/dist/agent-harness-task-runtime-C6Sx-QFy.js +140 -0
  27. package/dist/agent-runner-execution-CUB1dxz1.js +1713 -0
  28. package/dist/agent-runner-utils-LoP2ghjB.js +266 -0
  29. package/dist/agent-runner.runtime-B6FEpN97.js +3455 -0
  30. package/dist/agent-runner.runtime.js +1 -1
  31. package/dist/agent-runtime-DDBYT9PU.js +229 -0
  32. package/dist/agent-via-gateway-Cac7aWXN.js +463 -0
  33. package/dist/api-C7_eM4X7.js +2 -0
  34. package/dist/api-CTv-thVP.js +2 -0
  35. package/dist/api-CyVlHCwr.js +6 -0
  36. package/dist/api-DfnW7Cwk.js +134 -0
  37. package/dist/api-mdeTtlMU.js +3 -0
  38. package/dist/api-rzVN_ShI.js +639 -0
  39. package/dist/apply-CA6OjGyH.js +41 -0
  40. package/dist/apply-YMZKb6rV.js +54 -0
  41. package/dist/approval-handler.runtime-Bo3XBEmS.js +130 -0
  42. package/dist/assistant-D0Y0TW8p.js +291 -0
  43. package/dist/attachment-normalize-CRqY0rzf.js +225 -0
  44. package/dist/attempt-execution-BL2-MkN9.js +558 -0
  45. package/dist/attempt-execution.runtime-BbkIPww8.js +3 -0
  46. package/dist/attempt-execution.runtime.js +1 -1
  47. package/dist/attempt-execution.shared-xgnVkNxr.js +38 -0
  48. package/dist/attempt.prompt-helpers--NxxT8xy.js +475 -0
  49. package/dist/attempt.tool-run-context-EsAayWh6.js +2094 -0
  50. package/dist/binding-routing-BIf2zYbn.js +113 -0
  51. package/dist/binding-targets-CnVPlLL3.js +121 -0
  52. package/dist/bot-BUkIAmq4.js +7894 -0
  53. package/dist/bot-deps-BDpF3-2x.js +747 -0
  54. package/dist/bot-deps-Ctxazu0z.js +2 -0
  55. package/dist/bot-message-context.runtime-Ddl-CF0g.js +7 -0
  56. package/dist/bot-message-context.runtime.js +1 -1
  57. package/dist/bot-message-context.session.runtime-BOBDJGi6.js +12 -0
  58. package/dist/bot-message-context.session.runtime.js +1 -1
  59. package/dist/bot-native-commands.delivery.runtime-Cp2bC1cm.js +4 -0
  60. package/dist/bot-native-commands.delivery.runtime.js +1 -1
  61. package/dist/bot-native-commands.runtime-BxOgiBSg.js +13 -0
  62. package/dist/bot-native-commands.runtime.js +1 -1
  63. package/dist/bridge-server-BD8gdvCj.js +113 -0
  64. package/dist/browser-cli-BxOiqtw0.js +230 -0
  65. package/dist/browser-cli-CQSbU4r7.js +2 -0
  66. package/dist/browser-cli-actions-input-CACwoXjH.js +473 -0
  67. package/dist/browser-cli-actions-observe-7y44Efff.js +81 -0
  68. package/dist/browser-cli-debug--cZDNVgZ.js +137 -0
  69. package/dist/browser-cli-inspect-Bjm1LYpb.js +104 -0
  70. package/dist/browser-cli-manage-BdoQAGZ5.js +443 -0
  71. package/dist/browser-cli-resize-CiWfi52U.js +26 -0
  72. package/dist/browser-cli-shared-Cf2UTok5.js +50 -0
  73. package/dist/browser-cli-state-BzSo9Zyo.js +337 -0
  74. package/dist/browser-control-auth-goBz3LrL.js +2 -0
  75. package/dist/browser-profiles-5QyWxduY.js +2 -0
  76. package/dist/browser-runtime-DpYYMv_-.js +384 -0
  77. package/dist/build-BOWwrF6B.js +257 -0
  78. package/dist/build-info.json +3 -3
  79. package/dist/bundled/boot-md/handler.js +2 -2
  80. package/dist/bundled/session-memory/handler.js +1 -1
  81. package/dist/canvas-host/a2ui/.bundle.hash +1 -1
  82. package/dist/capability-cli-p3b5r_A5.js +1782 -0
  83. package/dist/channel-8rtqtIC-.js +238 -0
  84. package/dist/channel-B2t80bjP.js +1556 -0
  85. package/dist/channel-BFgbA2E6.js +562 -0
  86. package/dist/channel-BPZSxEkQ.js +808 -0
  87. package/dist/channel-BibcrGJ7.js +955 -0
  88. package/dist/channel-Bj3a13bG.js +1777 -0
  89. package/dist/channel-Bsd0VVMJ.js +2126 -0
  90. package/dist/channel-C4Ouz2jY.js +481 -0
  91. package/dist/channel-CXcp2i5k.js +653 -0
  92. package/dist/channel-CZNxKVdH.js +1134 -0
  93. package/dist/channel-CfI-ubEB.js +740 -0
  94. package/dist/channel-CgNA5Zih.js +1496 -0
  95. package/dist/channel-D5n_k9F5.js +867 -0
  96. package/dist/channel-D7vJSPUF.js +1249 -0
  97. package/dist/channel-DcV0Ld4N.js +362 -0
  98. package/dist/channel-De73mgO_.js +508 -0
  99. package/dist/channel-Dmdu9Pzb.js +376 -0
  100. package/dist/channel-actions.runtime-CihZrf0M.js +265 -0
  101. package/dist/channel-actions.runtime.js +1 -1
  102. package/dist/channel-cGJKLfJe.d.ts +427 -0
  103. package/dist/channel-core-Ng_haxOP.js +5 -0
  104. package/dist/channel-inbound-Dz8i5Map.js +80 -0
  105. package/dist/channel-plugin-runtime-BGwpeswU.js +998 -0
  106. package/dist/channel-runtime-5xfHeIpP.js +408 -0
  107. package/dist/channel.runtime-3cv5PIqa.js +21009 -0
  108. package/dist/channel.runtime-B48fiEqP.js +109 -0
  109. package/dist/channel.runtime-B9omb8Je.js +733 -0
  110. package/dist/channel.runtime-BTnYLrjs.js +652 -0
  111. package/dist/channel.runtime-Bw4vm2KP.js +4 -0
  112. package/dist/channel.runtime-JZVnahXY.js +254 -0
  113. package/dist/channel.runtime-OyE1NDe4.js +2528 -0
  114. package/dist/channel.runtime-Q3Chs30P.js +1008 -0
  115. package/dist/channel.runtime-cGEI9b88.js +88 -0
  116. package/dist/channel.setup-BvvO8wUo.js +1098 -0
  117. package/dist/channel.setup-Cy2rvR1u.js +10 -0
  118. package/dist/channel.setup-Xo7BBamM.js +343 -0
  119. package/dist/chat-CfSmQsWK.js +2666 -0
  120. package/dist/chrome-CB8ELr8g.js +1503 -0
  121. package/dist/cli/run-main.js +5 -5
  122. package/dist/cli-CCnAoXu8.js +1341 -0
  123. package/dist/cli-compaction-C5z02QAR.js +347 -0
  124. package/dist/cli-metadata-VfQG__-m.js +22 -0
  125. package/dist/cli-runner-C8VlXbx6.js +2 -0
  126. package/dist/cli-runner-FnNwgi9z.js +540 -0
  127. package/dist/cli-runner.runtime-3y8ztIrM.js +4 -0
  128. package/dist/cli-runner.runtime-DjJNUNqh.js +3 -0
  129. package/dist/cli-runner.runtime.js +1 -1
  130. package/dist/cli-startup-metadata.json +8 -8
  131. package/dist/client-BxaKR3NR.js +650 -0
  132. package/dist/client-adapter-CD2eYE5u.js +897 -0
  133. package/dist/client-factory-wknOz0YZ.js +9 -0
  134. package/dist/command-auth-5oWRlAgW.js +135 -0
  135. package/dist/command-handlers-DRLCoUOI.js +1609 -0
  136. package/dist/command-registry-ClgHMh-P.js +4 -0
  137. package/dist/command-registry-Crw-ALyo.js +9 -0
  138. package/dist/command-registry-core-Q8mKRnm2.js +110 -0
  139. package/dist/command-status.runtime-Bv5-S6Jh.js +90 -0
  140. package/dist/command-status.runtime.js +1 -1
  141. package/dist/commands-acp-D7wwvhSb.js +74 -0
  142. package/dist/commands-compact.runtime-Do6XoPgi.js +10 -0
  143. package/dist/commands-compact.runtime.js +1 -1
  144. package/dist/commands-handlers.runtime-CQIeiOBs.js +6154 -0
  145. package/dist/commands-handlers.runtime.js +1 -1
  146. package/dist/commands-status--6Ec-6xl.js +3 -0
  147. package/dist/commands-status-B71V5ctj.js +16 -0
  148. package/dist/commands-status.runtime--6Ec-6xl.js +3 -0
  149. package/dist/commands-status.runtime.js +1 -1
  150. package/dist/commands-subagents-control.runtime-0bdHKGkh.js +2 -0
  151. package/dist/commands-subagents-control.runtime-C699ndyM.js +3 -0
  152. package/dist/commands-subagents-control.runtime.js +1 -1
  153. package/dist/commands-system-prompt-B-_6D_8o.js +2 -0
  154. package/dist/commands-system-prompt-Cf5S370X.js +162 -0
  155. package/dist/commands.runtime-C95VhDIj.js +176 -0
  156. package/dist/commands.runtime.js +1 -1
  157. package/dist/commitments/runtime.js +1 -1
  158. package/dist/compact-BUfPJl6J.js +1141 -0
  159. package/dist/compact-WFlFbfB-.js +480 -0
  160. package/dist/compact.runtime-CQnO12gG.js +12 -0
  161. package/dist/compact.runtime.js +1 -1
  162. package/dist/completion-cli-uJRHgHYJ.js +315 -0
  163. package/dist/computer-use-BqSdNbdx.js +367 -0
  164. package/dist/config-5QyWxduY.js +2 -0
  165. package/dist/config-D7UGquxF.js +373 -0
  166. package/dist/config-mutations-BcFxP9jF.js +159 -0
  167. package/dist/context-engine-host-compat-BBGC6Eb4.js +2 -0
  168. package/dist/context-engine-host-compat-Us6I7iiS.js +288 -0
  169. package/dist/context-engine-lifecycle-BRYjJ_xx.js +1274 -0
  170. package/dist/control-auth-Dz6wWtYF.js +114 -0
  171. package/dist/control-service-OTMJ16Vr.js +145 -0
  172. package/dist/control-ui/assets/agents-B6Fnnycd.js +1008 -0
  173. package/dist/control-ui/assets/channel-config-extras-Bfyy8zu1.js +2 -0
  174. package/dist/control-ui/assets/channels-Cz4PQN2A.js +367 -0
  175. package/dist/control-ui/assets/cron-CNn6C7Np.js +1013 -0
  176. package/dist/control-ui/assets/debug-D1moRGPg.js +97 -0
  177. package/dist/control-ui/assets/index-CWpjkFbm.js +7378 -0
  178. package/dist/control-ui/assets/instances-CD1vgemb.js +57 -0
  179. package/dist/control-ui/assets/logs-DFBfz91p.js +74 -0
  180. package/dist/control-ui/assets/nodes-D_ByFobS.js +436 -0
  181. package/dist/control-ui/assets/sessions-CI1Fspms.js +399 -0
  182. package/dist/control-ui/assets/skills-DtnIlsXa.js +314 -0
  183. package/dist/control-ui/assets/skills-shared-CxPIl_DL.js +11 -0
  184. package/dist/control-ui/index.html +1 -1
  185. package/dist/control-ui/sw.js +1 -1
  186. package/dist/conversation-binding-runtime-Qzm50Ztm.js +4 -0
  187. package/dist/conversation-runtime-B8IRh0X_.js +31 -0
  188. package/dist/core-B9JJc5bK.js +282 -0
  189. package/dist/core-api-BkLqoKIY.js +5 -0
  190. package/dist/core-api-D_qLiSVx.js +2 -0
  191. package/dist/crestodian/crestodian.js +1 -1
  192. package/dist/crestodian/rescue-message.js +1 -1
  193. package/dist/crestodian-Wce00VL9.js +55 -0
  194. package/dist/daocore-tools-BGfsn9OX.js +11727 -0
  195. package/dist/delivery-CKZNf6HN.js +1002 -0
  196. package/dist/dialogue-DMyfQ10Y.js +37 -0
  197. package/dist/dir-fetch-tool-Bodc_UiO.js +565 -0
  198. package/dist/dir-list-tool-DKdRgmE0.js +100 -0
  199. package/dist/direct-dm-gubxMBvV.js +64 -0
  200. package/dist/directive-handling.fast-lane-SIR-LK_X.js +68 -0
  201. package/dist/directive-handling.impl-CyETmsuZ.js +2 -0
  202. package/dist/directive-handling.impl-DBRFiFvk.js +818 -0
  203. package/dist/directive-handling.model-selection-DY-tmC6k.js +122 -0
  204. package/dist/directive-handling.persist.runtime-NzxgMnZ0.js +263 -0
  205. package/dist/directive-handling.persist.runtime.js +1 -1
  206. package/dist/dispatch-Cfc2X0Y6.js +1640 -0
  207. package/dist/dispatch-acp-transcript.runtime-QL350v4-.js +40 -0
  208. package/dist/dispatch-acp-transcript.runtime.js +1 -1
  209. package/dist/dispatch-acp.runtime-D3FviqFZ.js +18 -0
  210. package/dist/dispatch-acp.runtime.js +1 -1
  211. package/dist/doctor-C7gTSFfH.js +6 -0
  212. package/dist/doctor-DiHS_IQ0.js +2 -0
  213. package/dist/doctor-config-flow-B8FwXA-r.js +1741 -0
  214. package/dist/doctor-core-checks-BYeuryZ4.js +2 -0
  215. package/dist/doctor-core-checks-CnzzLGiH.js +573 -0
  216. package/dist/doctor-health-BnmOyTty.js +65 -0
  217. package/dist/doctor-health-contributions-ocQMPxjM.js +696 -0
  218. package/dist/doctor-lint-CjRi8o5u.js +94 -0
  219. package/dist/doctor-state-integrity-Dbu4NMz2.js +1231 -0
  220. package/dist/dynamic-tools-6zBBc1qr.js +486 -0
  221. package/dist/embedded-backend-BZOf3nmp.js +579 -0
  222. package/dist/embedded-gateway-stub.runtime-Bz0nKXhe.js +12 -0
  223. package/dist/embedded-gateway-stub.runtime.js +1 -1
  224. package/dist/exec-approvals-D7MoRNan.js +149 -0
  225. package/dist/extensionAPI.js +1 -1
  226. package/dist/extensions/active-memory/index.js +1 -1
  227. package/dist/extensions/admin-http-rpc/index.js +1 -1
  228. package/dist/extensions/browser/browser-bridge.js +1 -1
  229. package/dist/extensions/browser/browser-config.js +4 -4
  230. package/dist/extensions/browser/browser-control-auth.js +2 -2
  231. package/dist/extensions/browser/browser-doctor.js +2 -2
  232. package/dist/extensions/browser/browser-maintenance.js +1 -1
  233. package/dist/extensions/browser/browser-profiles.js +2 -2
  234. package/dist/extensions/browser/browser-runtime-api.js +11 -11
  235. package/dist/extensions/browser/cli-metadata.js +1 -1
  236. package/dist/extensions/browser/index.js +1 -1
  237. package/dist/extensions/browser/plugin-registration.js +1 -1
  238. package/dist/extensions/browser/register.runtime.js +4 -4
  239. package/dist/extensions/browser/runtime-api.js +13 -13
  240. package/dist/extensions/canvas/index.js +1 -1
  241. package/dist/extensions/clickclack/api.js +2 -2
  242. package/dist/extensions/clickclack/channel-plugin-api.js +1 -1
  243. package/dist/extensions/clickclack/runtime-api.js +2 -2
  244. package/dist/extensions/device-pair/api.js +1 -1
  245. package/dist/extensions/device-pair/pair-command-approve.js +1 -1
  246. package/dist/extensions/file-transfer/index.js +4 -4
  247. package/dist/extensions/imessage/api.js +2 -2
  248. package/dist/extensions/imessage/channel-plugin-api.js +1 -1
  249. package/dist/extensions/imessage/message-tool-api.d.ts +1 -1
  250. package/dist/extensions/imessage/runtime-api.js +3 -3
  251. package/dist/extensions/irc/api.js +2 -2
  252. package/dist/extensions/irc/channel-plugin-api.js +1 -1
  253. package/dist/extensions/llm-task/index.js +1 -1
  254. package/dist/extensions/mattermost/api.js +1 -1
  255. package/dist/extensions/mattermost/channel-plugin-api.js +1 -1
  256. package/dist/extensions/mattermost/channel-plugin-runtime.js +1 -1
  257. package/dist/extensions/mattermost/policy-api.js +1 -1
  258. package/dist/extensions/mattermost/runtime-api.js +2 -2
  259. package/dist/extensions/mattermost/slash-route-api.js +1 -1
  260. package/dist/extensions/memory-core/cli-metadata.js +1 -1
  261. package/dist/extensions/migrate-claude/apply.js +1 -1
  262. package/dist/extensions/migrate-claude/index.js +1 -1
  263. package/dist/extensions/migrate-claude/plan.js +1 -1
  264. package/dist/extensions/migrate-claude/provider.js +1 -1
  265. package/dist/extensions/migrate-claude/targets.js +1 -1
  266. package/dist/extensions/migrate-hermes/apply.js +1 -1
  267. package/dist/extensions/migrate-hermes/index.js +1 -1
  268. package/dist/extensions/migrate-hermes/model.js +1 -1
  269. package/dist/extensions/migrate-hermes/plan.js +1 -1
  270. package/dist/extensions/migrate-hermes/provider.js +1 -1
  271. package/dist/extensions/migrate-hermes/secrets.js +1 -1
  272. package/dist/extensions/migrate-hermes/targets.js +1 -1
  273. package/dist/extensions/policy/api.js +1 -1
  274. package/dist/extensions/policy/index.js +2 -2
  275. package/dist/extensions/signal/api.js +6 -6
  276. package/dist/extensions/signal/channel-plugin-api.js +1 -1
  277. package/dist/extensions/signal/reaction-runtime-api.js +1 -1
  278. package/dist/extensions/signal/runtime-api.js +7 -7
  279. package/dist/extensions/skill-workshop/api.js +1 -1
  280. package/dist/extensions/skill-workshop/index.js +2 -2
  281. package/dist/extensions/telegram/account-inspect-api.js +1 -1
  282. package/dist/extensions/telegram/api.js +11 -11
  283. package/dist/extensions/telegram/channel-plugin-api.js +2 -2
  284. package/dist/extensions/telegram/contract-api.js +3 -3
  285. package/dist/extensions/telegram/runtime-api.js +7 -7
  286. package/dist/extensions/telegram/security-audit-contract-api.js +1 -1
  287. package/dist/extensions/telegram/setup-plugin-api.js +1 -1
  288. package/dist/extensions/telegram/test-api.js +2 -2
  289. package/dist/extensions/webhooks/api.js +1 -1
  290. package/dist/extensions/webhooks/index.js +1 -1
  291. package/dist/extensions/xai/index.js +4 -4
  292. package/dist/extensions/xai/realtime-transcription-provider.js +1 -1
  293. package/dist/extensions/xai/speech-provider.js +1 -1
  294. package/dist/extensions/xai/test-api.js +1 -1
  295. package/dist/extensions/xai/tts.js +1 -1
  296. package/dist/extensions/xai/web-search.js +1 -1
  297. package/dist/extensions/xai/xai-oauth.js +1 -1
  298. package/dist/file-fetch-tool-UOp-kXiF.js +124 -0
  299. package/dist/file-write-tool-Bmics566.js +127 -0
  300. package/dist/format-BAPtahQp.js +1145 -0
  301. package/dist/gateway-cli-C9vWttAu.js +435 -0
  302. package/dist/gateway-method-runtime-cf2DQe_R.js +21 -0
  303. package/dist/get-reply-from-config.runtime-973T_WNQ.js +2 -0
  304. package/dist/get-reply-from-config.runtime.js +1 -1
  305. package/dist/get-reply-nFbvZyXJ.js +4689 -0
  306. package/dist/graph-users-DX3qj987.js +1419 -0
  307. package/dist/group-access-fUxE_esT.js +112 -0
  308. package/dist/handle-action.guild-admin-DzmixKDt.js +288 -0
  309. package/dist/harness-BvoaeM2G.js +61 -0
  310. package/dist/health-BNfYEJaa.js +4 -0
  311. package/dist/heartbeat-runner-DHFAz5O-.js +5 -0
  312. package/dist/heartbeat-runner.runtime-BTARhrNZ.js +4 -0
  313. package/dist/heartbeat-runner.runtime.js +1 -1
  314. package/dist/hooks-DxGU2YA5.js +534 -0
  315. package/dist/inbound-direct-dm-runtime-CAX9fltu.js +2 -0
  316. package/dist/inbound-reply-dispatch-T13MYtrr.js +148 -0
  317. package/dist/index.js +1 -1
  318. package/dist/init-DCCh5oSO.js +59 -0
  319. package/dist/inline-buttons-DaFc4jXn.js +40 -0
  320. package/dist/internal-events-Gz1ipxmh.js +90 -0
  321. package/dist/isolated-agent-CHUsxMC-.js +1118 -0
  322. package/dist/isolated-agent-K2nfnPOc.js +2 -0
  323. package/dist/lifecycle-kyB2yqsq.js +571 -0
  324. package/dist/list.probe-BSjy8u2p.js +449 -0
  325. package/dist/list.status-command-BxIAK-G5.js +789 -0
  326. package/dist/llm-slug-generator-BMH4faWD.js +78 -0
  327. package/dist/llm-slug-generator.js +1 -1
  328. package/dist/local-dispatch.runtime-DFy7ycDP.js +9 -0
  329. package/dist/local-dispatch.runtime.js +1 -1
  330. package/dist/manager.runtime-CPqoT9HS.js +2714 -0
  331. package/dist/manager.runtime.js +1 -1
  332. package/dist/markdown-to-line-DQuET8BD.js +811 -0
  333. package/dist/mcp-http-BTLfb7mN.js +555 -0
  334. package/dist/mcp-http-Bcx2IvUV.js +2 -0
  335. package/dist/media-understanding-provider-BXfXH9ER.js +339 -0
  336. package/dist/message-actions-O4ffm7Zz.js +145 -0
  337. package/dist/message-handler-B3NHGkvn.js +1715 -0
  338. package/dist/message-handler-Dm-49Yay.js +384 -0
  339. package/dist/message-handler.preflight-Dmy4TMmc.js +1125 -0
  340. package/dist/message-handler.process-BvIh9714.js +1484 -0
  341. package/dist/model-CiE38oM-.js +74 -0
  342. package/dist/model-selection-B4wj_z32.js +272 -0
  343. package/dist/models-DF0uMtab.js +2 -0
  344. package/dist/models-DupIeDpS.js +104 -0
  345. package/dist/models-cli-BKoIijSE.js +256 -0
  346. package/dist/monitor-BGkgqVYu.js +4377 -0
  347. package/dist/monitor-BJBnArAU.js +834 -0
  348. package/dist/monitor-C1L1aR0q.js +2788 -0
  349. package/dist/monitor-C3wAzu_q.js +2 -0
  350. package/dist/monitor-CN29zOnf.js +1370 -0
  351. package/dist/monitor-D7FhV0Qe.js +1657 -0
  352. package/dist/monitor-Dcy6FUPv.js +60 -0
  353. package/dist/monitor-Y4SvOC0z.js +715 -0
  354. package/dist/monitor-auth-B_73QHux.js +179 -0
  355. package/dist/monitor-polling.runtime-D3yoLMON.js +883 -0
  356. package/dist/monitor-polling.runtime.js +1 -1
  357. package/dist/monitor-webhook.runtime-CnchK0Ki.js +387 -0
  358. package/dist/monitor-webhook.runtime.js +1 -1
  359. package/dist/monitor.account-B0u_Xih0.js +5233 -0
  360. package/dist/monitor.runtime-9JVw9n8z.js +2 -0
  361. package/dist/monitor.runtime.js +1 -1
  362. package/dist/monitor.webhook-ixq3jhC8.js +180 -0
  363. package/dist/node-cli-sessions-C07qXjfH.js +1228 -0
  364. package/dist/openai-http-DL1i7Pdz.js +824 -0
  365. package/dist/openresponses-http-4vW7i5hM.js +1173 -0
  366. package/dist/operations-hyqHq47Z.js +805 -0
  367. package/dist/outbound-adapter-B2lF_Qp0.js +543 -0
  368. package/dist/outbound-session-route-CXbw-Zbl.js +45 -0
  369. package/dist/outbound.runtime-ROOz_EXD.js +2 -0
  370. package/dist/outbound.runtime.js +1 -1
  371. package/dist/pi-embedded-D23Jv1_v.js +4 -0
  372. package/dist/pi-embedded-LwXPGFfT.js +3796 -0
  373. package/dist/pi-embedded.runtime-Rk5rpqL7.js +4 -0
  374. package/dist/pi-embedded.runtime.js +1 -1
  375. package/dist/pi-tools-DqhrI9AL.js +2413 -0
  376. package/dist/plan-BCEMv5RF.js +112 -0
  377. package/dist/plan-BHwmpZjz.js +81 -0
  378. package/dist/plugin-app-cache-key-CWYPZS_p.js +46 -0
  379. package/dist/plugin-enabled-NkokTFHK.js +233 -0
  380. package/dist/plugin-oDyOB4UI.js +12396 -0
  381. package/dist/plugin-registration-CeH_6Is4.js +88 -0
  382. package/dist/plugin-sdk/.boundary-entry-shims.stamp +1 -1
  383. package/dist/plugin-sdk/acp-runtime-backend.js +1 -1
  384. package/dist/plugin-sdk/acp-runtime.js +2 -2
  385. package/dist/plugin-sdk/agent-harness-runtime.js +6 -6
  386. package/dist/plugin-sdk/agent-harness-task-runtime.js +1 -1
  387. package/dist/plugin-sdk/agent-harness.js +7 -7
  388. package/dist/plugin-sdk/agent-runtime.js +2 -2
  389. package/dist/plugin-sdk/channel-core.js +2 -2
  390. package/dist/plugin-sdk/channel-inbound.js +2 -2
  391. package/dist/plugin-sdk/channel-test-helpers.js +1 -1
  392. package/dist/plugin-sdk/command-auth.js +1 -1
  393. package/dist/plugin-sdk/command-status-runtime.js +1 -1
  394. package/dist/plugin-sdk/compat.js +1 -1
  395. package/dist/plugin-sdk/conversation-binding-runtime.js +2 -2
  396. package/dist/plugin-sdk/conversation-runtime.js +3 -3
  397. package/dist/plugin-sdk/core.js +2 -2
  398. package/dist/plugin-sdk/direct-dm.js +1 -1
  399. package/dist/plugin-sdk/gateway-method-runtime.js +1 -1
  400. package/dist/plugin-sdk/health.js +2 -2
  401. package/dist/plugin-sdk/inbound-reply-dispatch.js +1 -1
  402. package/dist/plugin-sdk/index.js +1 -1
  403. package/dist/plugin-sdk/mattermost.js +1 -1
  404. package/dist/plugin-sdk/plugin-test-contracts.js +2 -2
  405. package/dist/plugin-sdk/provider-test-contracts.js +4 -4
  406. package/dist/plugin-sdk/reply-runtime.js +4 -4
  407. package/dist/plugin-sdk/testing.js +2 -2
  408. package/dist/plugin-sdk/zalouser.js +1 -1
  409. package/dist/plugin-service-XeCZ8oFI.js +1229 -0
  410. package/dist/plugins/runtime/index.js +4 -4
  411. package/dist/policy-BsS7jXyV.js +138 -0
  412. package/dist/policy-dTLidj41.js +680 -0
  413. package/dist/prepare.runtime-CxSRhibQ.js +732 -0
  414. package/dist/prepare.runtime.js +1 -1
  415. package/dist/preview-warnings-CYO_Ec8j.js +392 -0
  416. package/dist/probe-B38i01ob.js +2 -0
  417. package/dist/probe-BfuwJZxZ.js +47 -0
  418. package/dist/probe-DaZ-zbpf.js +2204 -0
  419. package/dist/probe-TNHaSvg4.js +682 -0
  420. package/dist/program-BHDY7txk.js +131 -0
  421. package/dist/provider-B2OEKMgz.js +8735 -0
  422. package/dist/provider-BN5zYpXy.js +152 -0
  423. package/dist/provider-C5wk4Zq2.js +32 -0
  424. package/dist/provider-C_AVioxd.js +32 -0
  425. package/dist/provider-dispatcher-D8wmCCX8.js +22 -0
  426. package/dist/provider-dispatcher.runtime.js +1 -1
  427. package/dist/provider-session.runtime-B63XBUkk.js +9 -0
  428. package/dist/provider-session.runtime.js +1 -1
  429. package/dist/provider.runtime-D1lu1iBi.js +2 -0
  430. package/dist/provider.runtime.js +1 -1
  431. package/dist/public-surface-loader-ClnvswYD.js +114 -0
  432. package/dist/pw-ai-CUvQLjDl.js +3029 -0
  433. package/dist/pw-role-snapshot-DqOQm6b-.js +333 -0
  434. package/dist/reaction-level-DdxMc_S-.js +19 -0
  435. package/dist/reaction-runtime-api-DV5ADguG.js +116 -0
  436. package/dist/realtime-transcription-provider-Jx3qVPVX.js +205 -0
  437. package/dist/register-B6JqGeZm.js +2178 -0
  438. package/dist/register.agent-pQ55YbLM.js +156 -0
  439. package/dist/register.crestodian-DG48cq1n.js +24 -0
  440. package/dist/register.maintenance-CmyTyWfW.js +83 -0
  441. package/dist/register.runtime-Dc2ah3hl.js +54 -0
  442. package/dist/register.subclis-BNslxGzE.js +3 -0
  443. package/dist/register.subclis-BltgkX8W.js +31 -0
  444. package/dist/register.subclis-core-CXo28UGO.js +273 -0
  445. package/dist/repair-sequencing-SddJfHba.js +640 -0
  446. package/dist/reply-delivery-YOUVxLhE.js +196 -0
  447. package/dist/reply-runtime-Bic05q8u.js +11 -0
  448. package/dist/reply.runtime-973T_WNQ.js +2 -0
  449. package/dist/reply.runtime.js +1 -1
  450. package/dist/request-De-MLnVs.js +54 -0
  451. package/dist/resolve-allowlist-0P5Zm3Ih.js +220 -0
  452. package/dist/result-fallback-classifier-CRFWJOeW.js +79 -0
  453. package/dist/route-A4sH-KRJ.js +469 -0
  454. package/dist/route-resolution-BR89k_5k.js +274 -0
  455. package/dist/routes-BbmTgfa7.js +3602 -0
  456. package/dist/routes-H_X6d_BR.js +2 -0
  457. package/dist/run-C_HJBF46.js +1162 -0
  458. package/dist/run-attempt-DVUpjMzw.js +7704 -0
  459. package/dist/run-command-CtO053FV.js +23 -0
  460. package/dist/run-command-whpq0vSs.js +2 -0
  461. package/dist/run-embedded.runtime-z8KRAA9N.js +4 -0
  462. package/dist/run-embedded.runtime.js +1 -1
  463. package/dist/run-execution-cli.runtime-DP4sTGB3.js +4 -0
  464. package/dist/run-execution-cli.runtime.js +1 -1
  465. package/dist/run-executor.runtime.js +1 -1
  466. package/dist/run-subagent-registry.runtime-Ic4qjJAZ.js +2 -0
  467. package/dist/run-subagent-registry.runtime.js +1 -1
  468. package/dist/runtime-C84q1uWh.js +438 -0
  469. package/dist/runtime-DM-8CUG8.js +1287 -0
  470. package/dist/runtime-api-B92-eAFH.js +4 -0
  471. package/dist/runtime-api-BA-_f4wN.js +21 -0
  472. package/dist/runtime-api-C3x1bTUP.js +3 -0
  473. package/dist/runtime-api-C4J88HGc.js +13 -0
  474. package/dist/runtime-api-CBJPQTPG.js +24 -0
  475. package/dist/runtime-api-DI4rBaZp.js +17 -0
  476. package/dist/runtime-api-D_JIC4_F.js +13 -0
  477. package/dist/runtime-api.actions-Crwfcz27.js +3 -0
  478. package/dist/runtime-api.monitor-KeGId_a2.js +6 -0
  479. package/dist/runtime-api.send-DkmqVan7.js +4 -0
  480. package/dist/runtime-api.threads--LYxacx4.js +2 -0
  481. package/dist/runtime-channel-C0fX96Yx.js +2 -0
  482. package/dist/runtime-channel-CmXstmiO.js +150 -0
  483. package/dist/runtime-embedded-pi.runtime-C0nckPTh.js +2 -0
  484. package/dist/runtime-embedded-pi.runtime.js +1 -1
  485. package/dist/runtime-o-9rMitP.js +6179 -0
  486. package/dist/sanitize-outbound-BDtDO_r3.js +127 -0
  487. package/dist/sdk-setup-tools-Bw1sb2J0.js +8 -0
  488. package/dist/secrets-Cexd83PL.js +113 -0
  489. package/dist/security-audit-DeMasGQi.js +122 -0
  490. package/dist/security-audit-lZXBiK8a.js +118 -0
  491. package/dist/security-audit.runtime-B73uav0c.js +2 -0
  492. package/dist/security-audit.runtime.js +1 -1
  493. package/dist/selection-BPe1-NRx.js +16157 -0
  494. package/dist/selection-DtlsSu6t.js +3 -0
  495. package/dist/send-BP8O_f3_.js +2 -0
  496. package/dist/send-DB92XENW.js +192 -0
  497. package/dist/send-DPpvAomE.js +1631 -0
  498. package/dist/send-DUSg5J3j.js +143 -0
  499. package/dist/send.components-Beh2GSlI.js +500 -0
  500. package/dist/send.components-vjkB2tEO.js +2 -0
  501. package/dist/send.runtime-XHNBD8mm.js +2 -0
  502. package/dist/send.runtime.js +1 -1
  503. package/dist/server-CAQk-GlH.js +24 -0
  504. package/dist/server-Um3iJ7EL.js +73 -0
  505. package/dist/server-close.runtime.js +1 -1
  506. package/dist/server-context-Cq6Mf_Hx.js +2 -0
  507. package/dist/server-context-CxM3niUB.js +955 -0
  508. package/dist/server-cron-BSh0DjkH.js +2989 -0
  509. package/dist/server-cron-Csg1r2SE.js +2 -0
  510. package/dist/server-methods-CBPnwVD3.js +16499 -0
  511. package/dist/server-node-events-CZCahsw3.js +596 -0
  512. package/dist/server-plugin-bootstrap-DB4Iptzd.js +70 -0
  513. package/dist/server-plugins-BZIW7Sn8.js +432 -0
  514. package/dist/server-reload-handlers-V9f07KRC.js +714 -0
  515. package/dist/server-restart-sentinel-DSQyhuO9.js +2 -0
  516. package/dist/server-restart-sentinel-DnS4nSXg.js +747 -0
  517. package/dist/server-runtime-services-Da8S4dip.js +2 -0
  518. package/dist/server-runtime-services-hMwmCtz4.js +267 -0
  519. package/dist/server-startup-plugins-CFedlOir.js +113 -0
  520. package/dist/server-startup-post-attach-BC4ypGDV.js +716 -0
  521. package/dist/server-ws-runtime-BZdnJ8_f.js +349 -0
  522. package/dist/server.impl-JxdGpBse.js +2586 -0
  523. package/dist/service-CrRxM1s3.js +1446 -0
  524. package/dist/session-binding-B1kLTRx0.js +219 -0
  525. package/dist/session-binding-BhmP2qr8.js +2 -0
  526. package/dist/session-kill-http-hVTRFmxJ.js +121 -0
  527. package/dist/session-reset-service-NFIUAaub.js +625 -0
  528. package/dist/session-route-CAVGKfbY.js +93 -0
  529. package/dist/session-status.runtime-CAujMI0m.js +2 -0
  530. package/dist/session-status.runtime.js +1 -1
  531. package/dist/session-subagent-reactivation.runtime-CAD_WZE1.js +2 -0
  532. package/dist/session-subagent-reactivation.runtime.js +1 -1
  533. package/dist/session-tab-registry-BIhFQ2_N.js +521 -0
  534. package/dist/sessions-history-http-DTUCgSIv.js +430 -0
  535. package/dist/sessions.runtime-BhxJAIUl.js +2 -0
  536. package/dist/sessions.runtime.js +1 -1
  537. package/dist/setup-api-BaSNfjGt.js +29 -0
  538. package/dist/setup-core-Cv-UM5DV.js +174 -0
  539. package/dist/setup-surface-3iygBoSk.js +288 -0
  540. package/dist/setup-surface-BYu3PlXP.js +405 -0
  541. package/dist/setup-surface-BnCUx0xf.js +221 -0
  542. package/dist/setup-surface-DajEGPq9.js +320 -0
  543. package/dist/shared-DjUBdZw0.js +121 -0
  544. package/dist/shared-client-B364qsQs.js +2 -0
  545. package/dist/shared-client-vi4UjWgq.js +629 -0
  546. package/dist/side-question-Cfz-6Mik.js +683 -0
  547. package/dist/skill-tool-dispatch.runtime-BHi8qkm6.js +143 -0
  548. package/dist/skill-tool-dispatch.runtime.js +1 -1
  549. package/dist/slash-state-1yv6e-CZ.js +2166 -0
  550. package/dist/speech-provider-BBTLPoxz.js +184 -0
  551. package/dist/src-DQGUHoew.js +4256 -0
  552. package/dist/startup-context-CSXtIxM4.js +313 -0
  553. package/dist/status-subagents.runtime-Ce4XFNpI.js +18 -0
  554. package/dist/status-subagents.runtime.js +1 -1
  555. package/dist/status-text-B_aeJyIx.js +296 -0
  556. package/dist/sticker-cache-CyXfXSnD.js +206 -0
  557. package/dist/sticker-vision.runtime-CfEwepme.js +17 -0
  558. package/dist/sticker-vision.runtime.js +1 -1
  559. package/dist/subagent-announce-DJP9Deag.js +354 -0
  560. package/dist/subagent-announce-delivery-djkdPFWz.js +958 -0
  561. package/dist/subagent-control-C59CHxJT.js +508 -0
  562. package/dist/subagent-hooks-B7HsNzMr.js +230 -0
  563. package/dist/subagent-hooks-BPSvsSKo.js +2 -0
  564. package/dist/subagent-hooks-Bg-RSz4n.js +146 -0
  565. package/dist/subagent-hooks-BvAYM6MF.js +2 -0
  566. package/dist/subagent-hooks-DCga-z0P.js +2 -0
  567. package/dist/subagent-hooks-DpUUm-nC.js +116 -0
  568. package/dist/subagent-hooks-api-BfBPES7I.js +23 -0
  569. package/dist/subagent-hooks-api-Ct3H1JvT.js +23 -0
  570. package/dist/subagent-hooks-api-D-gcal8L.js +22 -0
  571. package/dist/subagent-orphan-recovery-TurbGwPo.js +352 -0
  572. package/dist/subagent-registry-Dcr5vJsh.js +3 -0
  573. package/dist/subagent-registry-almRMGiJ.js +2351 -0
  574. package/dist/subagent-registry.runtime.js +1 -1
  575. package/dist/subagent-session-cleanup-DStloUoa.js +525 -0
  576. package/dist/subagent-spawn-a5zQq79_.js +1164 -0
  577. package/dist/target-id-C0AUAPRt.js +107 -0
  578. package/dist/targets-9NQEAB_8.js +44 -0
  579. package/dist/targets-BX9hUOE0.js +19 -0
  580. package/dist/targets-uCQJMS9L.js +19 -0
  581. package/dist/task-registry-control.runtime.js +1 -1
  582. package/dist/telegram/token.js +1 -1
  583. package/dist/testing-CL4tSWlY.js +267 -0
  584. package/dist/thread-bindings-CuYgnJrA.js +232 -0
  585. package/dist/thread-bindings-DrLRFv9V.js +571 -0
  586. package/dist/thread-bindings-DuDBMJUH.js +8 -0
  587. package/dist/thread-bindings-DuPLUeEg.js +228 -0
  588. package/dist/thread-bindings.discord-api-CRkN3LO6.js +187 -0
  589. package/dist/thread-bindings.manager-U4vvV74R.js +2 -0
  590. package/dist/thread-bindings.manager-qvjQ7XrE.js +536 -0
  591. package/dist/thread-lifecycle-ebEJZlV8.js +1614 -0
  592. package/dist/token-BfUGddbB.js +134 -0
  593. package/dist/tool-DMbMn8SG.js +139 -0
  594. package/dist/tool-actions.runtime-3flyBx99.js +534 -0
  595. package/dist/tool-actions.runtime.js +1 -1
  596. package/dist/tool-resolution-CteuwLWG.js +149 -0
  597. package/dist/tools-effective-inventory-C3umjhj4.js +204 -0
  598. package/dist/tools-invoke-http-BPDxOpMS.js +67 -0
  599. package/dist/tools-invoke-shared-BgajIn1A.js +200 -0
  600. package/dist/tts-DWkHFEoO.js +66 -0
  601. package/dist/tui-BLuAg68O.js +2 -0
  602. package/dist/tui-backend-B_XhQILj.js +256 -0
  603. package/dist/tui-cli-C3L6mNyE.js +37 -0
  604. package/dist/tui-kx080n35.js +4709 -0
  605. package/dist/update-cli-Ca7CiQOc.js +3664 -0
  606. package/dist/vision-tools-V-w_kZa2.js +1409 -0
  607. package/dist/web-search-LuWKS3f2.js +62 -0
  608. package/dist/web-search-provider.runtime-CmbTFxDm.js +2 -0
  609. package/dist/web-search-provider.runtime-DZXMqd4W.js +328 -0
  610. package/dist/web-search-provider.runtime.js +1 -1
  611. package/dist/xai-oauth-C_tPwhEw.js +479 -0
  612. package/dist/xai-user-agent-C1zI5_IU.js +32 -0
  613. package/package.json +1 -1
  614. package/dist/abort-By1jCXcv.js +0 -277
  615. package/dist/abort.runtime-BUEReR-v.js +0 -2
  616. package/dist/account-inspect-DkuYTikX.js +0 -173
  617. package/dist/accounts-C19Qdo7I.js +0 -107
  618. package/dist/accounts-CjG0t0Cv.js +0 -119
  619. package/dist/accounts-CtWjp889.js +0 -2
  620. package/dist/accounts-qPTOizTg.js +0 -107
  621. package/dist/acp-runtime-CMLjiKa-.js +0 -26
  622. package/dist/acp-spawn-BGT-Px6Z.js +0 -1275
  623. package/dist/acp-spawn-CPO-hI4Y.js +0 -2
  624. package/dist/acp-stateful-target-driver-CDW_IRB4.js +0 -89
  625. package/dist/action-kill-B77KpIIQ.js +0 -33
  626. package/dist/action-runtime-EWSpHGrj.js +0 -469
  627. package/dist/action-runtime-api-bUNFqFoC.js +0 -2
  628. package/dist/action-send-DkQiw_fv.js +0 -39
  629. package/dist/action-spawn-noygtmpa.js +0 -47
  630. package/dist/actions-CPKTkTAD.js +0 -161
  631. package/dist/actions.runtime-eslFNzsP.js +0 -5
  632. package/dist/agent-CjNqqyKT.js +0 -3
  633. package/dist/agent-DaUQpTpc.js +0 -2
  634. package/dist/agent-command-DFcGb1lF.js +0 -1367
  635. package/dist/agent-components.runtime-_b4M39T5.js +0 -10
  636. package/dist/agent-harness-runtime-C09s_5eo.js +0 -180
  637. package/dist/agent-harness-task-runtime-wnzHUZZT.js +0 -140
  638. package/dist/agent-runner-execution-Bx_X59we.js +0 -1713
  639. package/dist/agent-runner-utils-hOwJODaJ.js +0 -266
  640. package/dist/agent-runner.runtime-LeZ65RXP.js +0 -3455
  641. package/dist/agent-runtime-Cio-RAUW.js +0 -229
  642. package/dist/agent-via-gateway-C06ks7Yk.js +0 -463
  643. package/dist/api-CBKedD81.js +0 -2
  644. package/dist/api-Ct1qM1Qp.js +0 -3
  645. package/dist/api-DN_WUxmH.js +0 -639
  646. package/dist/api-D_cLf5HR.js +0 -6
  647. package/dist/api-DhpRwVRC.js +0 -134
  648. package/dist/api-HHeiUqKx.js +0 -2
  649. package/dist/apply-CBc3t-6b.js +0 -41
  650. package/dist/apply-DP2LNAI1.js +0 -54
  651. package/dist/approval-handler.runtime-D3dVfQpz.js +0 -130
  652. package/dist/assistant-CJUhCzx1.js +0 -291
  653. package/dist/attachment-normalize-B7BuPwh0.js +0 -225
  654. package/dist/attempt-execution-C_zoopZx.js +0 -558
  655. package/dist/attempt-execution.runtime-BORPE4U7.js +0 -3
  656. package/dist/attempt-execution.shared-CVs8nY8C.js +0 -38
  657. package/dist/attempt.prompt-helpers-hRgWdd1i.js +0 -475
  658. package/dist/attempt.tool-run-context-kTuNRgCl.js +0 -2094
  659. package/dist/binding-routing-DODVC3IC.js +0 -113
  660. package/dist/binding-targets-AB_RKGdU.js +0 -121
  661. package/dist/bot-CSLsTmf1.js +0 -7894
  662. package/dist/bot-deps-DynTqfAM.js +0 -2
  663. package/dist/bot-deps-W46ftf2D.js +0 -747
  664. package/dist/bot-message-context.runtime-CYqi6a9-.js +0 -7
  665. package/dist/bot-message-context.session.runtime-zGfXe8D8.js +0 -12
  666. package/dist/bot-native-commands.delivery.runtime-Cl0_uLC6.js +0 -4
  667. package/dist/bot-native-commands.runtime-yy3akJPm.js +0 -13
  668. package/dist/bridge-server-B6ImaGh0.js +0 -113
  669. package/dist/browser-cli-CPNZpueD.js +0 -230
  670. package/dist/browser-cli-CntDlufK.js +0 -2
  671. package/dist/browser-cli-actions-input-DiJDRQCl.js +0 -473
  672. package/dist/browser-cli-actions-observe-9KtuDERW.js +0 -81
  673. package/dist/browser-cli-debug-lSi6c_Ol.js +0 -137
  674. package/dist/browser-cli-inspect-B5KmooQv.js +0 -104
  675. package/dist/browser-cli-manage-ClQjPfwK.js +0 -443
  676. package/dist/browser-cli-resize-DDY2Vnxq.js +0 -26
  677. package/dist/browser-cli-shared-KEAus8qW.js +0 -50
  678. package/dist/browser-cli-state-cmFcL-Ov.js +0 -337
  679. package/dist/browser-control-auth-B9USDwU2.js +0 -2
  680. package/dist/browser-profiles-wUaKqWjT.js +0 -2
  681. package/dist/browser-runtime-BMjauwo0.js +0 -384
  682. package/dist/build-Dpe0nJg9.js +0 -257
  683. package/dist/capability-cli-APHxOZ1-.js +0 -1782
  684. package/dist/channel--E_8Ztf3.js +0 -238
  685. package/dist/channel-3EQVZa8n.js +0 -2126
  686. package/dist/channel-BWohDmFY.js +0 -1777
  687. package/dist/channel-BfuypvUg.js +0 -562
  688. package/dist/channel-C-xJIqXb.js +0 -508
  689. package/dist/channel-C9ZiWsaI.js +0 -1496
  690. package/dist/channel-CWrkQgCl.js +0 -376
  691. package/dist/channel-CeYYSdzG.js +0 -740
  692. package/dist/channel-ClyBSyAK.js +0 -481
  693. package/dist/channel-Czs81UUj.d.ts +0 -427
  694. package/dist/channel-DG1b4zfh.js +0 -1134
  695. package/dist/channel-DW54rSJn.js +0 -1249
  696. package/dist/channel-DxjDXDxn.js +0 -867
  697. package/dist/channel-FomvCEVN.js +0 -955
  698. package/dist/channel-GKsXwHeD.js +0 -808
  699. package/dist/channel-WXdZaj61.js +0 -653
  700. package/dist/channel-actions.runtime-NGRDvF7V.js +0 -265
  701. package/dist/channel-core-DtMwDjjI.js +0 -5
  702. package/dist/channel-e8DrnKQ4.js +0 -1556
  703. package/dist/channel-inbound-DHAnp9B7.js +0 -80
  704. package/dist/channel-nELBI87_.js +0 -362
  705. package/dist/channel-plugin-runtime-Djo2BcWh.js +0 -998
  706. package/dist/channel-runtime-CAlo3fCO.js +0 -408
  707. package/dist/channel.runtime-B3Ul1RFH.js +0 -4
  708. package/dist/channel.runtime-B9St3ZA6.js +0 -2528
  709. package/dist/channel.runtime-BJQkhPRD.js +0 -109
  710. package/dist/channel.runtime-CK75RXGn.js +0 -652
  711. package/dist/channel.runtime-CToTSl-o.js +0 -254
  712. package/dist/channel.runtime-CmCC2X3-.js +0 -1008
  713. package/dist/channel.runtime-D9aRtIhc.js +0 -733
  714. package/dist/channel.runtime-awjkyecJ.js +0 -88
  715. package/dist/channel.runtime-j5gDw94U.js +0 -21009
  716. package/dist/channel.setup--MA2uXGh.js +0 -1098
  717. package/dist/channel.setup-CoJW0xXI.js +0 -343
  718. package/dist/channel.setup-Du2MwoWF.js +0 -10
  719. package/dist/chat-_rJvHV8g.js +0 -2666
  720. package/dist/chrome-Du8Sd8UD.js +0 -1503
  721. package/dist/cli-DmfcqkxN.js +0 -1341
  722. package/dist/cli-compaction-6W-_Qcqh.js +0 -347
  723. package/dist/cli-metadata-B4zGtsS4.js +0 -22
  724. package/dist/cli-runner-C2sL9k3L.js +0 -2
  725. package/dist/cli-runner-DppcV2AG.js +0 -540
  726. package/dist/cli-runner.runtime-CQLSyTQY.js +0 -4
  727. package/dist/cli-runner.runtime-CbEAn48-.js +0 -3
  728. package/dist/client-Dk9ROpNW.js +0 -650
  729. package/dist/client-adapter-ClI0hCmb.js +0 -897
  730. package/dist/client-factory-CaCu9BQF.js +0 -9
  731. package/dist/command-auth-6q0HyTu9.js +0 -135
  732. package/dist/command-handlers-DMAACmGz.js +0 -1609
  733. package/dist/command-registry-CfpDWtfY.js +0 -9
  734. package/dist/command-registry-Dnxqw0fv.js +0 -4
  735. package/dist/command-registry-core-D11J7oB_.js +0 -110
  736. package/dist/command-status.runtime-DrsPaVZw.js +0 -90
  737. package/dist/commands-acp-B4PDb6rs.js +0 -74
  738. package/dist/commands-compact.runtime-BmK2PNTw.js +0 -10
  739. package/dist/commands-handlers.runtime-C5hpRwAL.js +0 -6154
  740. package/dist/commands-status-CiZyKzzI.js +0 -3
  741. package/dist/commands-status-CzSWpd6s.js +0 -16
  742. package/dist/commands-status.runtime-CiZyKzzI.js +0 -3
  743. package/dist/commands-subagents-control.runtime-qc9m5MmZ.js +0 -3
  744. package/dist/commands-subagents-control.runtime-tWG0OlZd.js +0 -2
  745. package/dist/commands-system-prompt-6Q-vf5jq.js +0 -162
  746. package/dist/commands-system-prompt-FecWmCWC.js +0 -2
  747. package/dist/commands.runtime-DEt9uWfr.js +0 -176
  748. package/dist/compact-CgCjnQEP.js +0 -480
  749. package/dist/compact-D6t2ld0f.js +0 -1141
  750. package/dist/compact.runtime-CtoOHiEB.js +0 -12
  751. package/dist/completion-cli-CAHVBBDJ.js +0 -315
  752. package/dist/computer-use-CdIz1WHr.js +0 -367
  753. package/dist/config-CFxlEsAY.js +0 -373
  754. package/dist/config-mutations-6ioXU8Qg.js +0 -159
  755. package/dist/config-wUaKqWjT.js +0 -2
  756. package/dist/context-engine-host-compat-CFAOug91.js +0 -288
  757. package/dist/context-engine-host-compat-Cqe9ZyUZ.js +0 -2
  758. package/dist/context-engine-lifecycle-BjQwDRNw.js +0 -1274
  759. package/dist/control-auth-Du_jaEQB.js +0 -114
  760. package/dist/control-service-DIBBeoM_.js +0 -145
  761. package/dist/control-ui/assets/agents-BzOECW97.js +0 -1008
  762. package/dist/control-ui/assets/channel-config-extras-C-cqqjn3.js +0 -2
  763. package/dist/control-ui/assets/channels-B2c1DoAf.js +0 -367
  764. package/dist/control-ui/assets/cron-Dikdppj_.js +0 -1013
  765. package/dist/control-ui/assets/debug-BTcka11D.js +0 -97
  766. package/dist/control-ui/assets/index-BifhGgI4.js +0 -7378
  767. package/dist/control-ui/assets/instances-DnlcwLSs.js +0 -57
  768. package/dist/control-ui/assets/logs-CUGJL7Ia.js +0 -74
  769. package/dist/control-ui/assets/nodes-DuwS3hRY.js +0 -436
  770. package/dist/control-ui/assets/sessions-DtiOFwOv.js +0 -399
  771. package/dist/control-ui/assets/skills-shared-Y3plxrx2.js +0 -11
  772. package/dist/control-ui/assets/skills-yR0YXQld.js +0 -314
  773. package/dist/conversation-binding-runtime-BnDFNjpw.js +0 -4
  774. package/dist/conversation-runtime-DXfeo_YZ.js +0 -31
  775. package/dist/core-CwGP8lnn.js +0 -282
  776. package/dist/core-api-B3hgaGPY.js +0 -5
  777. package/dist/core-api-DhVgU6Pw.js +0 -2
  778. package/dist/crestodian-BQF8KHgB.js +0 -55
  779. package/dist/daocore-tools-DwFKEwEz.js +0 -11727
  780. package/dist/delivery-LkV1NN8a.js +0 -1002
  781. package/dist/dialogue-BIB1NqtA.js +0 -37
  782. package/dist/dir-fetch-tool-DyG20xlt.js +0 -565
  783. package/dist/dir-list-tool-BntISSEL.js +0 -100
  784. package/dist/direct-dm-Dfgmj_Rk.js +0 -64
  785. package/dist/directive-handling.fast-lane-CPtDyKdP.js +0 -68
  786. package/dist/directive-handling.impl-CuhOq-BS.js +0 -2
  787. package/dist/directive-handling.impl-SAvKobjF.js +0 -818
  788. package/dist/directive-handling.model-selection-3dnu2j_t.js +0 -122
  789. package/dist/directive-handling.persist.runtime-y8pN8w-i.js +0 -263
  790. package/dist/dispatch-C_JMxM3D.js +0 -1640
  791. package/dist/dispatch-acp-transcript.runtime-BA4jA5DL.js +0 -40
  792. package/dist/dispatch-acp.runtime-BhpXHUuZ.js +0 -18
  793. package/dist/doctor-CRMnQl-o.js +0 -6
  794. package/dist/doctor-DD_iqydP.js +0 -2
  795. package/dist/doctor-config-flow-BXKaaiSk.js +0 -1741
  796. package/dist/doctor-core-checks-CSYsZXuS.js +0 -573
  797. package/dist/doctor-core-checks-xGSa7eSt.js +0 -2
  798. package/dist/doctor-health-contributions-DVLNXMsN.js +0 -696
  799. package/dist/doctor-health-wIbh8NF6.js +0 -65
  800. package/dist/doctor-lint-Hq2tNUox.js +0 -94
  801. package/dist/doctor-state-integrity-CQQ1oMeP.js +0 -1231
  802. package/dist/dynamic-tools-B3DtJJJn.js +0 -486
  803. package/dist/embedded-backend-Cz0ZebJI.js +0 -579
  804. package/dist/embedded-gateway-stub.runtime-CIk1aOal.js +0 -12
  805. package/dist/exec-approvals-DqJA2OTf.js +0 -149
  806. package/dist/file-fetch-tool-BM0auSop.js +0 -124
  807. package/dist/file-write-tool-CshXwc98.js +0 -127
  808. package/dist/format-BrPefrQt.js +0 -1145
  809. package/dist/gateway-cli-UkR6BmcI.js +0 -435
  810. package/dist/gateway-method-runtime-ucwF-DHM.js +0 -21
  811. package/dist/get-reply-BJ1QFEY8.js +0 -4689
  812. package/dist/get-reply-from-config.runtime-Rm8cMH3e.js +0 -2
  813. package/dist/graph-users-D2gOcc5D.js +0 -1419
  814. package/dist/group-access-BkQ2ldY4.js +0 -112
  815. package/dist/handle-action.guild-admin-aiua5pA-.js +0 -288
  816. package/dist/harness-BT2riWLr.js +0 -61
  817. package/dist/health-CnVZ4T6j.js +0 -4
  818. package/dist/heartbeat-runner-Cjg3EgS1.js +0 -5
  819. package/dist/heartbeat-runner.runtime-CoC3qR61.js +0 -4
  820. package/dist/hooks-DlRvRnbJ.js +0 -534
  821. package/dist/inbound-direct-dm-runtime-BzQSanFy.js +0 -2
  822. package/dist/inbound-reply-dispatch-CDI1clh-.js +0 -148
  823. package/dist/init-pnw2iggs.js +0 -59
  824. package/dist/inline-buttons-Bh_p4ehq.js +0 -40
  825. package/dist/internal-events-u0Ov8uLt.js +0 -90
  826. package/dist/isolated-agent-By1ca-36.js +0 -2
  827. package/dist/isolated-agent-Zz-RQA7J.js +0 -1118
  828. package/dist/lifecycle-R9-dS5vo.js +0 -571
  829. package/dist/list.probe-CZLSVJOU.js +0 -449
  830. package/dist/list.status-command-BfFEfb9a.js +0 -789
  831. package/dist/llm-slug-generator-dCtCznm8.js +0 -78
  832. package/dist/local-dispatch.runtime-D9LP1xHX.js +0 -9
  833. package/dist/manager.runtime-6QpcwMf8.js +0 -2714
  834. package/dist/markdown-to-line-zbqRGuzM.js +0 -811
  835. package/dist/mcp-http-8c8x2bw2.js +0 -555
  836. package/dist/mcp-http-_a6CgNfk.js +0 -2
  837. package/dist/media-understanding-provider-CXP_WVXG.js +0 -339
  838. package/dist/message-actions-SByKheul.js +0 -145
  839. package/dist/message-handler-CKCY2qPA.js +0 -384
  840. package/dist/message-handler-StORmhkH.js +0 -1715
  841. package/dist/message-handler.preflight-BBcy1Vmz.js +0 -1125
  842. package/dist/message-handler.process-DC3NGb_U.js +0 -1484
  843. package/dist/model-qHmcK-wV.js +0 -74
  844. package/dist/model-selection-C_bNk70D.js +0 -272
  845. package/dist/models-0m6kj9Kh.js +0 -104
  846. package/dist/models-P3tVodj6.js +0 -2
  847. package/dist/models-cli-C_jhGL9M.js +0 -256
  848. package/dist/monitor-BK8o2fuJ.js +0 -2788
  849. package/dist/monitor-Bi5Al5Qq.js +0 -1657
  850. package/dist/monitor-CG3e3DTn.js +0 -4377
  851. package/dist/monitor-Cfa9dKXg.js +0 -1370
  852. package/dist/monitor-D3o4Su4a.js +0 -834
  853. package/dist/monitor-D5fMTlZ5.js +0 -60
  854. package/dist/monitor-DmPTU0tw.js +0 -715
  855. package/dist/monitor-DzgPE9f5.js +0 -2
  856. package/dist/monitor-auth-CVtN6J4_.js +0 -179
  857. package/dist/monitor-polling.runtime-Cg2e0kqq.js +0 -883
  858. package/dist/monitor-webhook.runtime-Dj1HmLMX.js +0 -387
  859. package/dist/monitor.account-BQImY6W4.js +0 -5233
  860. package/dist/monitor.runtime-CDK8uUpm.js +0 -2
  861. package/dist/monitor.webhook-DyEHhPJ1.js +0 -180
  862. package/dist/node-cli-sessions-Bv5PguQJ.js +0 -1228
  863. package/dist/openai-http-CIBLqlWd.js +0 -824
  864. package/dist/openresponses-http-DjoX4IHF.js +0 -1173
  865. package/dist/operations-DP1MZD9K.js +0 -805
  866. package/dist/outbound-adapter-BAwVSQlL.js +0 -543
  867. package/dist/outbound-session-route-DtqxN5uz.js +0 -45
  868. package/dist/outbound.runtime-DHPJ4ASv.js +0 -2
  869. package/dist/pi-embedded-BAC7pDy3.js +0 -4
  870. package/dist/pi-embedded-CNX1q8t8.js +0 -3796
  871. package/dist/pi-embedded.runtime-SbuDxtwm.js +0 -4
  872. package/dist/pi-tools-CnpfHiC0.js +0 -2413
  873. package/dist/plan-BNvONvjS.js +0 -81
  874. package/dist/plan-CADq4BFI.js +0 -112
  875. package/dist/plugin-D7gXSmDQ.js +0 -12396
  876. package/dist/plugin-app-cache-key-DrmlMiVI.js +0 -46
  877. package/dist/plugin-enabled-BoIsHSBf.js +0 -233
  878. package/dist/plugin-registration-yt9E-tcz.js +0 -88
  879. package/dist/plugin-service-BV0GV7gk.js +0 -1229
  880. package/dist/policy-D11pkH-F.js +0 -680
  881. package/dist/policy-DRVErS8F.js +0 -138
  882. package/dist/prepare.runtime-D5popyud.js +0 -732
  883. package/dist/preview-warnings-CdcHFLjy.js +0 -392
  884. package/dist/probe-BR_XxREj.js +0 -682
  885. package/dist/probe-CSkuj1Ki.js +0 -47
  886. package/dist/probe-DZHxSUyh.js +0 -2204
  887. package/dist/probe-DvUH7S2e.js +0 -2
  888. package/dist/program-Dp1JSnyB.js +0 -131
  889. package/dist/provider-4N9pa4vk.js +0 -32
  890. package/dist/provider-B6N1_oRM.js +0 -8735
  891. package/dist/provider-_W55dN19.js +0 -152
  892. package/dist/provider-dispatcher-BY0BKM51.js +0 -22
  893. package/dist/provider-session.runtime-CIMHFVsw.js +0 -9
  894. package/dist/provider-yjwJ7cEv.js +0 -32
  895. package/dist/provider.runtime-BXgHyxdL.js +0 -2
  896. package/dist/public-surface-loader-BtZpLAiq.js +0 -114
  897. package/dist/pw-ai-C8gW7XAX.js +0 -3029
  898. package/dist/pw-role-snapshot-DUCYIx3v.js +0 -333
  899. package/dist/reaction-level-D9FhYPnf.js +0 -19
  900. package/dist/reaction-runtime-api-C3r-xTtB.js +0 -116
  901. package/dist/realtime-transcription-provider-Ibc5MlDn.js +0 -205
  902. package/dist/register-C8HRj-Rv.js +0 -2178
  903. package/dist/register.agent-DRcH0h2g.js +0 -156
  904. package/dist/register.crestodian-Cc0_1XnJ.js +0 -24
  905. package/dist/register.maintenance-hDD-888W.js +0 -83
  906. package/dist/register.runtime-3KCk-rHT.js +0 -54
  907. package/dist/register.subclis-CrUZyRN9.js +0 -31
  908. package/dist/register.subclis-DGaNfEn8.js +0 -3
  909. package/dist/register.subclis-core-B5LkL2i6.js +0 -273
  910. package/dist/repair-sequencing-DSOttY24.js +0 -640
  911. package/dist/reply-delivery-CjS0vGdN.js +0 -196
  912. package/dist/reply-runtime-CEB3h2ID.js +0 -11
  913. package/dist/reply.runtime-Rm8cMH3e.js +0 -2
  914. package/dist/request-hp0T5HDv.js +0 -54
  915. package/dist/resolve-allowlist-BN__FO0F.js +0 -220
  916. package/dist/result-fallback-classifier-CfKrq2-s.js +0 -79
  917. package/dist/route-B2z32D9-.js +0 -469
  918. package/dist/route-resolution-B25jgDh8.js +0 -274
  919. package/dist/routes-CM95LS3k.js +0 -3602
  920. package/dist/routes-CUOimkJP.js +0 -2
  921. package/dist/run-CCrse9cU.js +0 -1162
  922. package/dist/run-attempt-Bp3H4oIM.js +0 -7704
  923. package/dist/run-command-9aTCc0HJ.js +0 -23
  924. package/dist/run-command-BuJ1fk8M.js +0 -2
  925. package/dist/run-embedded.runtime-CTprMJ8Z.js +0 -4
  926. package/dist/run-execution-cli.runtime-B05Oa61H.js +0 -4
  927. package/dist/run-subagent-registry.runtime-CJ0Hs8Pw.js +0 -2
  928. package/dist/runtime-CKKZ8Pcs.js +0 -438
  929. package/dist/runtime-Cdi7BCo3.js +0 -6179
  930. package/dist/runtime-D3XaGRT8.js +0 -1287
  931. package/dist/runtime-api-1yqMVS2P.js +0 -17
  932. package/dist/runtime-api-B2sZsZh8.js +0 -4
  933. package/dist/runtime-api-BgQT9LMm.js +0 -21
  934. package/dist/runtime-api-CsbGUmvA.js +0 -3
  935. package/dist/runtime-api-DpTi-PJ3.js +0 -24
  936. package/dist/runtime-api-c9O4luRc.js +0 -13
  937. package/dist/runtime-api-iiw2xe0i.js +0 -13
  938. package/dist/runtime-api.actions-BVrajshb.js +0 -3
  939. package/dist/runtime-api.monitor-BShOXy33.js +0 -6
  940. package/dist/runtime-api.send-BTuGzQtf.js +0 -4
  941. package/dist/runtime-api.threads-3cF-9XFp.js +0 -2
  942. package/dist/runtime-channel-CwZHOoMT.js +0 -2
  943. package/dist/runtime-channel-fHBJLcYG.js +0 -150
  944. package/dist/runtime-embedded-pi.runtime-Cgc2MHEr.js +0 -2
  945. package/dist/sanitize-outbound-DTdYOSuN.js +0 -127
  946. package/dist/sdk-setup-tools-DsgXMSJF.js +0 -8
  947. package/dist/secrets-xq1GA7Xo.js +0 -113
  948. package/dist/security-audit-Du_2AwxR.js +0 -122
  949. package/dist/security-audit-i1ehCFCk.js +0 -118
  950. package/dist/security-audit.runtime-nBiU375z.js +0 -2
  951. package/dist/selection-CZeNX1pE.js +0 -3
  952. package/dist/selection-DTrJ8MmR.js +0 -16157
  953. package/dist/send-79TPg_6c.js +0 -2
  954. package/dist/send-91PqXvSN.js +0 -192
  955. package/dist/send-C2reDA-B.js +0 -143
  956. package/dist/send-JRMzkOJi.js +0 -1631
  957. package/dist/send.components-Dv_9V1n4.js +0 -500
  958. package/dist/send.components-MeAhqv9J.js +0 -2
  959. package/dist/send.runtime-BXAcNcFW.js +0 -2
  960. package/dist/server-CFMwy7OB.js +0 -24
  961. package/dist/server-context-Dqwl703G.js +0 -955
  962. package/dist/server-context-wK29CPaJ.js +0 -2
  963. package/dist/server-cron-B1DKKd9L.js +0 -2
  964. package/dist/server-cron-i1RW7vPj.js +0 -2989
  965. package/dist/server-jF0fwwqG.js +0 -73
  966. package/dist/server-methods-CbFofeYw.js +0 -16499
  967. package/dist/server-node-events-DL9C2Zgb.js +0 -596
  968. package/dist/server-plugin-bootstrap-BpLRcl2N.js +0 -70
  969. package/dist/server-plugins-Bw4luxP4.js +0 -432
  970. package/dist/server-reload-handlers-Du2MmNNy.js +0 -714
  971. package/dist/server-restart-sentinel-Bi93NfH5.js +0 -747
  972. package/dist/server-restart-sentinel-CZQ5DtCS.js +0 -2
  973. package/dist/server-runtime-services-6xIr0oF5.js +0 -267
  974. package/dist/server-runtime-services-Bn_-QBG_.js +0 -2
  975. package/dist/server-startup-plugins-D67Ykogy.js +0 -113
  976. package/dist/server-startup-post-attach-DGj_JzsI.js +0 -716
  977. package/dist/server-ws-runtime-DY6Aw13I.js +0 -349
  978. package/dist/server.impl-6rbQJgzF.js +0 -2586
  979. package/dist/service-BniJ-ml1.js +0 -1446
  980. package/dist/session-binding-BCrf6P9-.js +0 -2
  981. package/dist/session-binding-Dv-7cruS.js +0 -219
  982. package/dist/session-kill-http-BJFrJrtN.js +0 -121
  983. package/dist/session-reset-service-BbWtWMwD.js +0 -625
  984. package/dist/session-route-DU5w8Y32.js +0 -93
  985. package/dist/session-status.runtime-BlQpbVG5.js +0 -2
  986. package/dist/session-subagent-reactivation.runtime-5Q01Ew9-.js +0 -2
  987. package/dist/session-tab-registry-BuYe4OOF.js +0 -521
  988. package/dist/sessions-history-http-DSsnYvkK.js +0 -430
  989. package/dist/sessions.runtime-BmeoWYRz.js +0 -2
  990. package/dist/setup-api-CKNdGNsP.js +0 -29
  991. package/dist/setup-core-DP5EwSY0.js +0 -174
  992. package/dist/setup-surface-BYCu55nE.js +0 -288
  993. package/dist/setup-surface-B_2igLCv.js +0 -405
  994. package/dist/setup-surface-BcnlyFJo.js +0 -221
  995. package/dist/setup-surface-BuTeC8Tu.js +0 -320
  996. package/dist/shared-RXlS1jcs.js +0 -121
  997. package/dist/shared-client-C3MyzMO-.js +0 -2
  998. package/dist/shared-client-ChFVc6qy.js +0 -629
  999. package/dist/side-question-C7XXJ3WJ.js +0 -683
  1000. package/dist/skill-tool-dispatch.runtime-D-KdTx1M.js +0 -143
  1001. package/dist/slash-state-Bkj8dL5a.js +0 -2166
  1002. package/dist/speech-provider-BunrBrCI.js +0 -184
  1003. package/dist/src-CEgolSf5.js +0 -4256
  1004. package/dist/startup-context-JB4BWjRi.js +0 -313
  1005. package/dist/status-subagents.runtime-Bp7aARu7.js +0 -18
  1006. package/dist/status-text-DN8S2Q1J.js +0 -296
  1007. package/dist/sticker-cache-Be-oBI7L.js +0 -206
  1008. package/dist/sticker-vision.runtime-Ba4krDPo.js +0 -17
  1009. package/dist/subagent-announce-C7j9VsZa.js +0 -354
  1010. package/dist/subagent-announce-delivery-CB4UtEg2.js +0 -958
  1011. package/dist/subagent-control-C4koBB2g.js +0 -508
  1012. package/dist/subagent-hooks-C6RmP8Ul.js +0 -2
  1013. package/dist/subagent-hooks-CrDfx1bX.js +0 -146
  1014. package/dist/subagent-hooks-Dh-10ODX.js +0 -116
  1015. package/dist/subagent-hooks-DjGGmJOs.js +0 -2
  1016. package/dist/subagent-hooks-Djrkg_r_.js +0 -230
  1017. package/dist/subagent-hooks-XiGzfcD1.js +0 -2
  1018. package/dist/subagent-hooks-api-BAuY6yAp.js +0 -23
  1019. package/dist/subagent-hooks-api-X4Wq3-bg.js +0 -22
  1020. package/dist/subagent-hooks-api-uGaYQ3ls.js +0 -23
  1021. package/dist/subagent-orphan-recovery-CiT4T6EK.js +0 -352
  1022. package/dist/subagent-registry-CJUOLPWx.js +0 -3
  1023. package/dist/subagent-registry-DkLEo8Gw.js +0 -2351
  1024. package/dist/subagent-session-cleanup-BXd7lwdo.js +0 -525
  1025. package/dist/subagent-spawn-C0nFUSkA.js +0 -1164
  1026. package/dist/target-id-C-_5ZyaM.js +0 -107
  1027. package/dist/targets-C6aOnm7M.js +0 -19
  1028. package/dist/targets-CeAvrPZY.js +0 -19
  1029. package/dist/targets-CiQWn-48.js +0 -44
  1030. package/dist/testing-dGXqtqph.js +0 -267
  1031. package/dist/thread-bindings-2it1TXRk.js +0 -228
  1032. package/dist/thread-bindings-BVsdSE6x.js +0 -232
  1033. package/dist/thread-bindings-CxRt4oO6.js +0 -571
  1034. package/dist/thread-bindings-Duucj0p6.js +0 -8
  1035. package/dist/thread-bindings.discord-api-5DrSBok8.js +0 -187
  1036. package/dist/thread-bindings.manager-8Evv-rZ-.js +0 -2
  1037. package/dist/thread-bindings.manager-Dqs05Cqt.js +0 -536
  1038. package/dist/thread-lifecycle-a9ORG_Qn.js +0 -1614
  1039. package/dist/token-Cd4ZyEet.js +0 -134
  1040. package/dist/tool-X8pfYjSy.js +0 -139
  1041. package/dist/tool-actions.runtime-Be5Jzai5.js +0 -534
  1042. package/dist/tool-resolution-BsitImc6.js +0 -149
  1043. package/dist/tools-effective-inventory-BZrHm8Fz.js +0 -204
  1044. package/dist/tools-invoke-http-ShL1W_9J.js +0 -67
  1045. package/dist/tools-invoke-shared-DeHgr_VB.js +0 -200
  1046. package/dist/tts-Ayx5XgJd.js +0 -66
  1047. package/dist/tui-BMb_k0zQ.js +0 -2
  1048. package/dist/tui-Cok5WLhQ.js +0 -4709
  1049. package/dist/tui-backend-ByoQP-cW.js +0 -256
  1050. package/dist/tui-cli-CUq3hRch.js +0 -37
  1051. package/dist/update-cli-CEgVV8KX.js +0 -3664
  1052. package/dist/vision-tools-l3OhetFy.js +0 -1409
  1053. package/dist/web-search-cDMQBezP.js +0 -62
  1054. package/dist/web-search-provider.runtime-Ckon24db.js +0 -2
  1055. package/dist/web-search-provider.runtime-bfpMar6S.js +0 -328
  1056. package/dist/xai-oauth-DI_oDf1M.js +0 -479
  1057. package/dist/xai-user-agent-C3kBfnkY.js +0 -32
  1058. /package/dist/{acp-runtime-backend-BZ5O5ObX.js → acp-runtime-backend-BetObVpx.js} +0 -0
  1059. /package/dist/{channel-actions-CgtkgM0g.js → channel-actions-DckqlhU7.js} +0 -0
  1060. /package/dist/{command-status-runtime-CP5giZCt.js → command-status-runtime-E16rrPc3.js} +0 -0
  1061. /package/dist/{delegate-BqgaH2oz.js → delegate-BSLYNrsG.js} +0 -0
  1062. /package/dist/{dispatch-acp-BZWxbCpX.js → dispatch-acp-D4tmhg9Q.js} +0 -0
  1063. /package/dist/{heartbeat-runner-Ci-DNWRz.js → heartbeat-runner-DVT5MIY3.js} +0 -0
  1064. /package/dist/{library-Be_uMwZR.js → library-DxK3LF7B.js} +0 -0
  1065. /package/dist/{run-executor.runtime-CMc4ImJr.js → run-executor.runtime-6pORvlOZ.js} +0 -0
  1066. /package/dist/{shared-RstjPNr2.js → shared-KCy8RvKa.js} +0 -0
package/dist/graph-users-D2gOcc5D.js DELETED
@@ -1,1419 +0,0 @@
1
- import { o as __toESM } from "./chunk-CNf5ZN-e.js";
2
- import { a as normalizeLowercaseStringOrEmpty, c as normalizeOptionalString } from "./string-coerce-DyL154ka.js";
3
- import { c as isRecord$1 } from "./utils-CNnMhEDp.js";
4
- import { d as normalizeSecretInputString, s as hasConfiguredSecretInput, u as normalizeResolvedSecretInputString } from "./types.secrets-Ct1DNG7D.js";
5
- import { n as privateFileStoreSync } from "./private-file-store-C_5ZwE9L.js";
6
- import { u as isPrivateIpAddress } from "./ssrf-BNF8aODC.js";
7
- import { n as fetchWithSsrFGuard } from "./fetch-guard-CeBd6u85.js";
8
- import { m as readProviderJsonResponse } from "./provider-http-errors-CT7OJDS_.js";
9
- import "./string-coerce-runtime-DcopKqDR.js";
10
- import "./secret-input-s8BgZnEq.js";
11
- import { a as isHttpsUrlAllowedByHostnameSuffixAllowlist, c as normalizeHostnameSuffixAllowlist, n as buildHostnameAllowlistPolicyFromSuffixAllowlist } from "./ssrf-policy-DsqKLgib.js";
12
- import "./ssrf-runtime-Gwgbj2qf.js";
13
- import "./security-runtime-Q5KQBgu1.js";
14
- import "./provider-http-2hRxmq57.js";
15
- import { t as getMSTeamsRuntime } from "./runtime-api-BgQT9LMm.js";
16
- import { n as refreshMSTeamsDelegatedTokens } from "./oauth.token-DfvHO2-p.js";
17
- import { createRequire } from "node:module";
18
- import * as fs$1 from "node:fs";
19
- import { readFileSync } from "node:fs";
20
- import path, { basename, dirname } from "node:path";
21
- import { Buffer } from "node:buffer";
22
- import { lookup } from "node:dns/promises";
23
- //#region extensions/msteams/src/attachments/shared.ts
24
- const IMAGE_EXT_RE = /\.(avif|bmp|gif|heic|heif|jpe?g|png|tiff?|webp)$/i;
25
- const IMG_SRC_RE = /<img[^>]+src=["']([^"']+)["'][^>]*>/gi;
26
- const ATTACHMENT_TAG_RE = /<attachment[^>]+id=["']([^"']+)["'][^>]*>/gi;
27
- const DEFAULT_MEDIA_HOST_ALLOWLIST = [
28
- "graph.microsoft.com",
29
- "graph.microsoft.us",
30
- "graph.microsoft.de",
31
- "graph.microsoft.cn",
32
- "sharepoint.com",
33
- "sharepoint.us",
34
- "sharepoint.de",
35
- "sharepoint.cn",
36
- "sharepoint-df.com",
37
- "1drv.ms",
38
- "onedrive.com",
39
- "teams.microsoft.com",
40
- "teams.cdn.office.net",
41
- "statics.teams.cdn.office.net",
42
- "office.com",
43
- "office.net",
44
- "asm.skype.com",
45
- "ams.skype.com",
46
- "media.ams.skype.com",
47
- "trafficmanager.net",
48
- "blob.core.windows.net",
49
- "azureedge.net",
50
- "microsoft.com"
51
- ];
52
- const DEFAULT_MEDIA_AUTH_HOST_ALLOWLIST = [
53
- "api.botframework.com",
54
- "botframework.com",
55
- "smba.trafficmanager.net",
56
- "graph.microsoft.com",
57
- "graph.microsoft.us",
58
- "graph.microsoft.de",
59
- "graph.microsoft.cn"
60
- ];
61
- const GRAPH_ROOT = "https://graph.microsoft.com/v1.0";
62
- function estimateBase64DecodedBytes(base64) {
63
- let effectiveLen = 0;
64
- for (let i = 0; i < base64.length; i += 1) {
65
- if (base64.charCodeAt(i) <= 32) continue;
66
- effectiveLen += 1;
67
- }
68
- if (effectiveLen === 0) return 0;
69
- let padding = 0;
70
- let end = base64.length - 1;
71
- while (end >= 0 && base64.charCodeAt(end) <= 32) end -= 1;
72
- if (end >= 0 && base64[end] === "=") {
73
- padding = 1;
74
- end -= 1;
75
- while (end >= 0 && base64.charCodeAt(end) <= 32) end -= 1;
76
- if (end >= 0 && base64[end] === "=") padding = 2;
77
- }
78
- const estimated = Math.floor(effectiveLen * 3 / 4) - padding;
79
- return Math.max(0, estimated);
80
- }
81
- /**
82
- * Host suffixes for SharePoint/OneDrive shared links that must be fetched via
83
- * the Graph `/shares/{shareId}/driveItem/content` endpoint instead of directly.
84
- *
85
- * Direct fetches of SharePoint/OneDrive shared URLs return empty/HTML landing
86
- * pages unless encoded as a Graph share id. See
87
- * https://learn.microsoft.com/en-us/graph/api/shares-get for the encoding.
88
- */
89
- const GRAPH_SHARED_LINK_HOST_SUFFIXES = [
90
- ".sharepoint.com",
91
- ".sharepoint.us",
92
- ".sharepoint.de",
93
- ".sharepoint.cn",
94
- ".sharepoint-df.com",
95
- "1drv.ms",
96
- "onedrive.live.com",
97
- "onedrive.com"
98
- ];
99
- /**
100
- * Returns true when the URL points at a SharePoint or OneDrive host whose
101
- * shared-link content must be fetched through the Graph shares API rather
102
- * than directly.
103
- */
104
- function isGraphSharedLinkUrl(url) {
105
- let host;
106
- try {
107
- host = normalizeLowercaseStringOrEmpty(new URL(url).hostname);
108
- } catch {
109
- return false;
110
- }
111
- if (!host) return false;
112
- return GRAPH_SHARED_LINK_HOST_SUFFIXES.some((suffix) => host === suffix || host.endsWith(suffix));
113
- }
114
- /**
115
- * Encode a SharePoint/OneDrive URL as a Graph shareId using the documented
116
- * `u!` + base64url (no padding) scheme:
117
- * https://learn.microsoft.com/en-us/graph/api/shares-get#encoding-sharing-urls
118
- */
119
- function encodeGraphShareId(url) {
120
- return `u!${Buffer.from(url, "utf8").toString("base64url")}`;
121
- }
122
- /**
123
- * When `url` is a SharePoint/OneDrive shared link, return the matching
124
- * `GET /shares/{shareId}/driveItem/content` URL that actually yields the file
125
- * bytes. Returns `undefined` for non-shared-link URLs so callers can fall
126
- * through to the existing fetch path.
127
- */
128
- function tryBuildGraphSharesUrlForSharedLink(url) {
129
- if (!isGraphSharedLinkUrl(url)) return;
130
- return `${GRAPH_ROOT}/shares/${encodeGraphShareId(url)}/driveItem/content`;
131
- }
132
- function readNestedString(value, keys) {
133
- let current = value;
134
- for (const key of keys) {
135
- if (!isRecord$1(current)) return;
136
- current = current[key];
137
- }
138
- return normalizeOptionalString(current);
139
- }
140
- function resolveRequestUrl(input) {
141
- if (typeof input === "string") return input;
142
- if (input instanceof URL) return input.toString();
143
- if (typeof input === "object" && input && "url" in input && typeof input.url === "string") return input.url;
144
- try {
145
- return JSON.stringify(input);
146
- } catch {
147
- return "";
148
- }
149
- }
150
- function normalizeContentType(value) {
151
- if (typeof value !== "string") return;
152
- const trimmed = value.trim();
153
- return trimmed ? trimmed : void 0;
154
- }
155
- function inferPlaceholder(params) {
156
- const mime = normalizeLowercaseStringOrEmpty(params.contentType ?? "");
157
- const name = normalizeLowercaseStringOrEmpty(params.fileName ?? "");
158
- const fileType = normalizeLowercaseStringOrEmpty(params.fileType ?? "");
159
- return mime.startsWith("image/") || IMAGE_EXT_RE.test(name) || IMAGE_EXT_RE.test(`x.${fileType}`) ? "<media:image>" : "<media:document>";
160
- }
161
- function isLikelyImageAttachment(att) {
162
- const contentType = normalizeContentType(att.contentType) ?? "";
163
- const name = typeof att.name === "string" ? att.name : "";
164
- if (contentType.startsWith("image/")) return true;
165
- if (IMAGE_EXT_RE.test(name)) return true;
166
- if (contentType === "application/vnd.microsoft.teams.file.download.info" && isRecord$1(att.content)) {
167
- const fileType = typeof att.content.fileType === "string" ? att.content.fileType : "";
168
- if (fileType && IMAGE_EXT_RE.test(`x.${fileType}`)) return true;
169
- const fileName = typeof att.content.fileName === "string" ? att.content.fileName : "";
170
- if (fileName && IMAGE_EXT_RE.test(fileName)) return true;
171
- }
172
- return false;
173
- }
174
- /**
175
- * Returns true if the attachment can be downloaded (any file type).
176
- * Used when downloading all files, not just images.
177
- */
178
- function isDownloadableAttachment(att) {
179
- if ((normalizeContentType(att.contentType) ?? "") === "application/vnd.microsoft.teams.file.download.info" && isRecord$1(att.content) && typeof att.content.downloadUrl === "string") return true;
180
- if (typeof att.contentUrl === "string" && att.contentUrl.trim()) return true;
181
- return false;
182
- }
183
- function isHtmlAttachment(att) {
184
- return (normalizeContentType(att.contentType) ?? "").startsWith("text/html");
185
- }
186
- function extractHtmlFromAttachment(att) {
187
- if (!isHtmlAttachment(att)) return;
188
- if (typeof att.content === "string") return att.content;
189
- if (!isRecord$1(att.content)) return;
190
- return typeof att.content.text === "string" ? att.content.text : typeof att.content.body === "string" ? att.content.body : typeof att.content.content === "string" ? att.content.content : void 0;
191
- }
192
- function canonicalizeInlineBase64Payload(value) {
193
- let cleaned = "";
194
- let padding = 0;
195
- let sawPadding = false;
196
- for (let index = 0; index < value.length; index += 1) {
197
- const code = value.charCodeAt(index);
198
- if (code <= 32) continue;
199
- if (code === 61) {
200
- padding += 1;
201
- if (padding > 2) return;
202
- sawPadding = true;
203
- cleaned += "=";
204
- continue;
205
- }
206
- if (sawPadding || !(code >= 65 && code <= 90 || code >= 97 && code <= 122 || code >= 48 && code <= 57 || code === 43 || code === 47)) return;
207
- cleaned += value[index];
208
- }
209
- return cleaned && cleaned.length % 4 === 0 ? cleaned : void 0;
210
- }
211
- function decodeDataImageWithLimits(src, opts) {
212
- const match = /^data:(image\/[a-z0-9.+-]+)?(;base64)?,(.*)$/i.exec(src);
213
- if (!match) return {
214
- candidate: null,
215
- estimatedBytes: 0
216
- };
217
- const contentType = normalizeLowercaseStringOrEmpty(match[1] ?? "");
218
- if (!Boolean(match[2])) return {
219
- candidate: null,
220
- estimatedBytes: 0
221
- };
222
- const canonicalPayload = canonicalizeInlineBase64Payload(match[3] ?? "");
223
- if (!canonicalPayload) return {
224
- candidate: null,
225
- estimatedBytes: 0
226
- };
227
- const estimatedBytes = estimateBase64DecodedBytes(canonicalPayload);
228
- if (estimatedBytes <= 0) return {
229
- candidate: null,
230
- estimatedBytes: 0
231
- };
232
- if (typeof opts.maxInlineBytes === "number" && estimatedBytes > opts.maxInlineBytes) return {
233
- candidate: null,
234
- estimatedBytes
235
- };
236
- try {
237
- return {
238
- candidate: {
239
- kind: "data",
240
- data: Buffer.from(canonicalPayload, "base64"),
241
- contentType,
242
- placeholder: "<media:image>"
243
- },
244
- estimatedBytes
245
- };
246
- } catch {
247
- return {
248
- candidate: null,
249
- estimatedBytes: 0
250
- };
251
- }
252
- }
253
- function fileHintFromUrl(src) {
254
- try {
255
- return new URL(src).pathname.split("/").pop() || void 0;
256
- } catch {
257
- return;
258
- }
259
- }
260
- function extractInlineImageCandidates(attachments, limits) {
261
- const out = [];
262
- let totalEstimatedInlineBytes = 0;
263
- outerLoop: for (const att of attachments) {
264
- const html = extractHtmlFromAttachment(att);
265
- if (!html) continue;
266
- IMG_SRC_RE.lastIndex = 0;
267
- let match = IMG_SRC_RE.exec(html);
268
- while (match) {
269
- const src = match[1]?.trim();
270
- if (src && !src.startsWith("cid:")) if (src.startsWith("data:")) {
271
- const { candidate: decoded, estimatedBytes } = decodeDataImageWithLimits(src, { maxInlineBytes: limits?.maxInlineBytes });
272
- if (decoded) {
273
- const nextTotal = totalEstimatedInlineBytes + estimatedBytes;
274
- if (typeof limits?.maxInlineTotalBytes === "number" && nextTotal > limits.maxInlineTotalBytes) break outerLoop;
275
- totalEstimatedInlineBytes = nextTotal;
276
- out.push(decoded);
277
- }
278
- } else out.push({
279
- kind: "url",
280
- url: src,
281
- fileHint: fileHintFromUrl(src),
282
- placeholder: "<media:image>"
283
- });
284
- match = IMG_SRC_RE.exec(html);
285
- }
286
- }
287
- return out;
288
- }
289
- function safeHostForUrl(url) {
290
- try {
291
- return normalizeLowercaseStringOrEmpty(new URL(url).hostname);
292
- } catch {
293
- return "invalid-url";
294
- }
295
- }
296
- function resolveAllowedHosts(input) {
297
- return normalizeHostnameSuffixAllowlist(input, DEFAULT_MEDIA_HOST_ALLOWLIST);
298
- }
299
- function resolveAuthAllowedHosts(input) {
300
- return normalizeHostnameSuffixAllowlist(input, DEFAULT_MEDIA_AUTH_HOST_ALLOWLIST);
301
- }
302
- function resolveAttachmentFetchPolicy(params) {
303
- return {
304
- allowHosts: resolveAllowedHosts(params?.allowHosts),
305
- authAllowHosts: resolveAuthAllowedHosts(params?.authAllowHosts)
306
- };
307
- }
308
- function isUrlAllowed(url, allowlist) {
309
- return isHttpsUrlAllowedByHostnameSuffixAllowlist(url, allowlist);
310
- }
311
- function applyAuthorizationHeaderForUrl(params) {
312
- if (!params.bearerToken) {
313
- params.headers.delete("Authorization");
314
- return;
315
- }
316
- if (isUrlAllowed(params.url, params.authAllowHosts)) {
317
- params.headers.set("Authorization", `Bearer ${params.bearerToken}`);
318
- return;
319
- }
320
- params.headers.delete("Authorization");
321
- }
322
- function resolveMediaSsrfPolicy(allowHosts) {
323
- return buildHostnameAllowlistPolicyFromSuffixAllowlist(allowHosts);
324
- }
325
- /**
326
- * Returns true if the given IPv4 or IPv6 address is in a private, loopback,
327
- * or link-local range that must never be reached from media downloads.
328
- *
329
- * Delegates to the SDK's `isPrivateIpAddress` which handles IPv4-mapped IPv6,
330
- * expanded notation, NAT64, 6to4, Teredo, octal IPv4, and fails closed on
331
- * parse errors.
332
- */
333
- const isPrivateOrReservedIP = isPrivateIpAddress;
334
- /**
335
- * Resolve a hostname via DNS and reject private/reserved IPs.
336
- * Throws if the resolved IP is private or resolution fails.
337
- */
338
- async function resolveAndValidateIP(hostname, resolveFn) {
339
- const resolve = resolveFn ?? lookup;
340
- let resolved;
341
- try {
342
- resolved = await resolve(hostname);
343
- } catch {
344
- throw new Error(`DNS resolution failed for "${hostname}"`);
345
- }
346
- if (isPrivateOrReservedIP(resolved.address)) throw new Error(`Hostname "${hostname}" resolves to private/reserved IP (${resolved.address})`);
347
- return resolved.address;
348
- }
349
- /** Maximum number of redirects to follow in safeFetch. */
350
- const MAX_SAFE_REDIRECTS = 5;
351
- /**
352
- * Fetch a URL with redirect: "manual", validating each redirect target
353
- * against the hostname allowlist and optional DNS-resolved IP (anti-SSRF).
354
- *
355
- * This prevents:
356
- * - Auto-following redirects to non-allowlisted hosts
357
- * - DNS rebinding attacks when a lookup function is provided
358
- */
359
- async function safeFetch(params) {
360
- const fetchFn = params.fetchFn ?? fetch;
361
- const resolveFn = params.resolveFn ?? lookup;
362
- const hasDispatcher = Boolean(params.requestInit && typeof params.requestInit === "object" && "dispatcher" in params.requestInit);
363
- const currentHeaders = new Headers(params.requestInit?.headers);
364
- let currentUrl = params.url;
365
- if (!isUrlAllowed(currentUrl, params.allowHosts)) throw new Error(`Initial download URL blocked: ${currentUrl}`);
366
- if (resolveFn) try {
367
- const initialHost = new URL(currentUrl).hostname;
368
- await resolveAndValidateIP(initialHost, resolveFn);
369
- } catch {
370
- throw new Error(`Initial download URL blocked: ${currentUrl}`);
371
- }
372
- for (let i = 0; i <= MAX_SAFE_REDIRECTS; i++) {
373
- const res = await fetchFn(currentUrl, {
374
- ...params.requestInit,
375
- headers: currentHeaders,
376
- redirect: "manual"
377
- });
378
- if (![
379
- 301,
380
- 302,
381
- 303,
382
- 307,
383
- 308
384
- ].includes(res.status)) return res;
385
- const location = res.headers.get("location");
386
- if (!location) return res;
387
- let redirectUrl;
388
- try {
389
- redirectUrl = new URL(location, currentUrl).toString();
390
- } catch {
391
- throw new Error(`Invalid redirect URL: ${location}`);
392
- }
393
- if (!isUrlAllowed(redirectUrl, params.allowHosts)) throw new Error(`Media redirect target blocked by allowlist: ${redirectUrl}`);
394
- if (currentHeaders.has("authorization") && params.authorizationAllowHosts && !isUrlAllowed(redirectUrl, params.authorizationAllowHosts)) currentHeaders.delete("authorization");
395
- if (hasDispatcher) return res;
396
- if (resolveFn) {
397
- const redirectHost = new URL(redirectUrl).hostname;
398
- await resolveAndValidateIP(redirectHost, resolveFn);
399
- }
400
- currentUrl = redirectUrl;
401
- }
402
- throw new Error(`Too many redirects (>${MAX_SAFE_REDIRECTS})`);
403
- }
404
- async function safeFetchWithPolicy(params) {
405
- return await safeFetch({
406
- url: params.url,
407
- allowHosts: params.policy.allowHosts,
408
- authorizationAllowHosts: params.policy.authAllowHosts,
409
- fetchFn: params.fetchFn,
410
- requestInit: params.requestInit,
411
- resolveFn: params.resolveFn
412
- });
413
- }
414
- //#endregion
415
- //#region extensions/msteams/src/errors.ts
416
- function isRecord(value) {
417
- return typeof value === "object" && value !== null && !Array.isArray(value);
418
- }
419
- function formatUnknownError(err) {
420
- if (err instanceof Error) return err.message;
421
- if (typeof err === "string") return err;
422
- if (err === null) return "null";
423
- if (err === void 0) return "undefined";
424
- if (typeof err === "number" || typeof err === "boolean" || typeof err === "bigint") return String(err);
425
- if (typeof err === "symbol") return err.description ?? err.toString();
426
- if (typeof err === "function") return err.name ? `[function ${err.name}]` : "[function]";
427
- try {
428
- return JSON.stringify(err) ?? "unknown error";
429
- } catch {
430
- return "unknown error";
431
- }
432
- }
433
- function extractStatusCode(err) {
434
- if (!isRecord(err)) return null;
435
- const direct = err.statusCode ?? err.status;
436
- if (typeof direct === "number" && Number.isFinite(direct)) return direct;
437
- if (typeof direct === "string") {
438
- const parsed = Number.parseInt(direct, 10);
439
- if (Number.isFinite(parsed)) return parsed;
440
- }
441
- const response = err.response;
442
- if (isRecord(response)) {
443
- const status = response.status;
444
- if (typeof status === "number" && Number.isFinite(status)) return status;
445
- if (typeof status === "string") {
446
- const parsed = Number.parseInt(status, 10);
447
- if (Number.isFinite(parsed)) return parsed;
448
- }
449
- }
450
- return null;
451
- }
452
- function extractErrorCode(err) {
453
- if (!isRecord(err)) return null;
454
- const direct = err.code;
455
- if (typeof direct === "string" && direct.trim()) return direct;
456
- const response = err.response;
457
- if (!isRecord(response)) return null;
458
- const body = response.body;
459
- if (isRecord(body)) {
460
- const error = body.error;
461
- if (isRecord(error) && typeof error.code === "string" && error.code.trim()) return error.code;
462
- }
463
- return null;
464
- }
465
- function extractRetryAfterMs(err) {
466
- if (!isRecord(err)) return null;
467
- const direct = err.retryAfterMs ?? err.retry_after_ms;
468
- if (typeof direct === "number" && Number.isFinite(direct) && direct >= 0) return direct;
469
- const retryAfter = err.retryAfter ?? err.retry_after;
470
- if (typeof retryAfter === "number" && Number.isFinite(retryAfter)) return retryAfter >= 0 ? retryAfter * 1e3 : null;
471
- if (typeof retryAfter === "string") {
472
- const parsed = Number.parseFloat(retryAfter);
473
- if (Number.isFinite(parsed) && parsed >= 0) return parsed * 1e3;
474
- }
475
- const response = err.response;
476
- if (!isRecord(response)) return null;
477
- const headers = response.headers;
478
- if (!headers) return null;
479
- if (isRecord(headers)) {
480
- const raw = headers["retry-after"] ?? headers["Retry-After"];
481
- if (typeof raw === "string") {
482
- const parsed = Number.parseFloat(raw);
483
- if (Number.isFinite(parsed) && parsed >= 0) return parsed * 1e3;
484
- }
485
- }
486
- if (typeof headers === "object" && headers !== null && "get" in headers && typeof headers.get === "function") {
487
- const raw = headers.get("retry-after");
488
- if (raw) {
489
- const parsed = Number.parseFloat(raw);
490
- if (Number.isFinite(parsed) && parsed >= 0) return parsed * 1e3;
491
- }
492
- }
493
- return null;
494
- }
495
- /**
496
- * Classify outbound send errors for safe retries and actionable logs.
497
- *
498
- * Important: We only mark errors as retryable when we have an explicit HTTP
499
- * status code that indicates the message was not accepted (e.g. 429, 5xx).
500
- * For transport-level errors where delivery is ambiguous, we prefer to avoid
501
- * retries to reduce the chance of duplicate posts.
502
- */
503
- function classifyMSTeamsSendError(err) {
504
- const statusCode = extractStatusCode(err);
505
- const retryAfterMs = extractRetryAfterMs(err);
506
- const errorCode = extractErrorCode(err) ?? void 0;
507
- if (statusCode === 401) return {
508
- kind: "auth",
509
- statusCode,
510
- errorCode
511
- };
512
- if (statusCode === 403) {
513
- if (errorCode === "ContentStreamNotAllowed") return {
514
- kind: "permanent",
515
- statusCode,
516
- errorCode
517
- };
518
- return {
519
- kind: "auth",
520
- statusCode,
521
- errorCode
522
- };
523
- }
524
- if (statusCode === 429) return {
525
- kind: "throttled",
526
- statusCode,
527
- retryAfterMs: retryAfterMs ?? void 0,
528
- errorCode
529
- };
530
- if (statusCode === 408 || statusCode != null && statusCode >= 500) return {
531
- kind: "transient",
532
- statusCode,
533
- retryAfterMs: retryAfterMs ?? void 0,
534
- errorCode
535
- };
536
- if (statusCode != null && statusCode >= 400) return {
537
- kind: "permanent",
538
- statusCode,
539
- errorCode
540
- };
541
- if (statusCode == null) {
542
- const networkCode = isRecord(err) && typeof err.code === "string" ? err.code : null;
543
- if (networkCode === "ECONNREFUSED" || networkCode === "ENOTFOUND" || networkCode === "EHOSTUNREACH" || networkCode === "ETIMEDOUT" || networkCode === "ECONNRESET") return {
544
- kind: "network",
545
- errorCode: networkCode
546
- };
547
- }
548
- return {
549
- kind: "unknown",
550
- statusCode: statusCode ?? void 0,
551
- retryAfterMs: retryAfterMs ?? void 0,
552
- errorCode
553
- };
554
- }
555
- /**
556
- * Detect whether an error is caused by a revoked Proxy.
557
- *
558
- * The Bot Framework SDK wraps TurnContext in a Proxy that is revoked once the
559
- * turn handler returns. Any later access (e.g. from a debounced callback)
560
- * throws a TypeError whose message contains the distinctive "proxy that has
561
- * been revoked" string.
562
- */
563
- function isRevokedProxyError(err) {
564
- if (!(err instanceof TypeError)) return false;
565
- return /proxy that has been revoked/i.test(err.message);
566
- }
567
- function formatMSTeamsSendErrorHint(classification) {
568
- if (classification.kind === "auth") return "check msteams appId/appPassword/tenantId (or env vars MSTEAMS_APP_ID/MSTEAMS_APP_PASSWORD/MSTEAMS_TENANT_ID)";
569
- if (classification.errorCode === "ContentStreamNotAllowed") return "Teams expired the content stream; stop streaming earlier and fall back to normal message delivery";
570
- if (classification.kind === "throttled") return "Teams throttled the bot; backing off may help";
571
- if (classification.kind === "transient") return "transient Teams/Bot Framework error; retry may succeed";
572
- if (classification.kind === "network") return "transport-level failure sending reply to Teams Bot Connector (smba.trafficmanager.net) — check egress firewall rules allow outbound HTTPS to smba.trafficmanager.net";
573
- }
574
- //#endregion
575
- //#region extensions/msteams/src/user-agent.ts
576
- let cachedUserAgent;
577
- function resolveTeamsSdkVersion() {
578
- try {
579
- return createRequire(import.meta.url)("@microsoft/teams.apps/package.json").version ?? "unknown";
580
- } catch {
581
- return "unknown";
582
- }
583
- }
584
- function resolveDaoCoreVersion() {
585
- try {
586
- return getMSTeamsRuntime().version;
587
- } catch {
588
- return "unknown";
589
- }
590
- }
591
- function buildUserAgent() {
592
- if (cachedUserAgent) return cachedUserAgent;
593
- cachedUserAgent = `teams.ts[apps]/${resolveTeamsSdkVersion()} DaoCore/${resolveDaoCoreVersion()}`;
594
- return cachedUserAgent;
595
- }
596
- function ensureUserAgentHeader(headers) {
597
- const nextHeaders = new Headers(headers);
598
- if (!nextHeaders.has("User-Agent")) nextHeaders.set("User-Agent", buildUserAgent());
599
- return nextHeaders;
600
- }
601
- //#endregion
602
- //#region extensions/msteams/src/sdk.ts
603
- const AZURE_IDENTITY_MODULE = "@azure/identity";
604
- let azureIdentityModulePromise = null;
605
- async function loadAzureIdentity() {
606
- azureIdentityModulePromise ??= import(AZURE_IDENTITY_MODULE);
607
- return azureIdentityModulePromise;
608
- }
609
- let msTeamsSdkPromise = null;
610
- async function loadMSTeamsSdk() {
611
- msTeamsSdkPromise ??= Promise.all([import("./dist-vtDI3Kho.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1)), import("./dist-DDHqlodv.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1))]).then(([appsModule, apiModule]) => ({
612
- App: appsModule.App,
613
- Client: apiModule.Client
614
- }));
615
- return msTeamsSdkPromise;
616
- }
617
- /**
618
- * Create a no-op HTTP server adapter that satisfies the Teams SDK's
619
- * IHttpServerAdapter interface without spinning up an Express server.
620
- *
621
- * DaoCore manages its own Express server for the Teams webhook endpoint, so
622
- * the SDK's built-in HTTP server is unnecessary. Passing this adapter via the
623
- * `httpServerAdapter` option prevents the SDK from creating the default
624
- * HttpPlugin (which uses the deprecated `plugins` array and registers an
625
- * Express middleware with the pattern `/api*` — invalid in Express 5).
626
- *
627
- * See: https://github.com/gaodefa/daocore-AI-assistant/issues/55161
628
- * See: https://github.com/gaodefa/daocore-AI-assistant/issues/60732
629
- */
630
- function createNoOpHttpServerAdapter() {
631
- return { registerRoute() {} };
632
- }
633
- /**
634
- * Create a Teams SDK App instance from credentials. The App manages token
635
- * acquisition, JWT validation, and the HTTP server lifecycle.
636
- *
637
- * This replaces the previous CloudAdapter + MsalTokenProvider + authorizeJWT
638
- * from @microsoft/agents-hosting.
639
- */
640
- async function createMSTeamsApp(creds, sdk) {
641
- if (creds.type === "federated") return createFederatedApp(creds, sdk);
642
- return new sdk.App({
643
- clientId: creds.appId,
644
- clientSecret: creds.appPassword,
645
- tenantId: creds.tenantId,
646
- httpServerAdapter: createNoOpHttpServerAdapter()
647
- });
648
- }
649
- function createFederatedApp(creds, sdk) {
650
- if (creds.useManagedIdentity) return createManagedIdentityApp(creds, sdk);
651
- if (!creds.certificatePath) throw new Error("Federated credentials require either a certificate path or managed identity.");
652
- let privateKey;
653
- try {
654
- privateKey = fs$1.readFileSync(creds.certificatePath, "utf-8");
655
- } catch (err) {
656
- const msg = err instanceof Error ? err.message : String(err);
657
- throw new Error(`Failed to read certificate file at '${creds.certificatePath}': ${msg}`, { cause: err });
658
- }
659
- return createCertificateApp(creds, privateKey, sdk);
660
- }
661
- function createCertificateApp(creds, privateKey, sdk) {
662
- let credentialPromise = null;
663
- const getCredential = async () => {
664
- if (!credentialPromise) credentialPromise = loadAzureIdentity().then((az) => new az.ClientCertificateCredential(creds.tenantId, creds.appId, { certificate: privateKey }));
665
- return credentialPromise;
666
- };
667
- const tokenProvider = async (scope) => {
668
- const token = await (await getCredential()).getToken(scope);
669
- if (!token?.token) throw new Error("Failed to acquire token via certificate credential.");
670
- return token.token;
671
- };
672
- return new sdk.App({
673
- clientId: creds.appId,
674
- tenantId: creds.tenantId,
675
- token: tokenProvider,
676
- httpServerAdapter: createNoOpHttpServerAdapter()
677
- });
678
- }
679
- function createManagedIdentityApp(creds, sdk) {
680
- let credentialPromise = null;
681
- const getCredential = async () => {
682
- if (!credentialPromise) credentialPromise = loadAzureIdentity().then((az) => creds.managedIdentityClientId ? new az.ManagedIdentityCredential(creds.managedIdentityClientId) : new az.ManagedIdentityCredential());
683
- return credentialPromise;
684
- };
685
- const tokenProvider = async (scope) => {
686
- const token = await (await getCredential()).getToken(scope);
687
- if (!token?.token) throw new Error("Failed to acquire token via managed identity.");
688
- return token.token;
689
- };
690
- return new sdk.App({
691
- clientId: creds.appId,
692
- tenantId: creds.tenantId,
693
- token: tokenProvider,
694
- httpServerAdapter: createNoOpHttpServerAdapter()
695
- });
696
- }
697
- /**
698
- * Build a token provider that uses the Teams SDK App for token acquisition.
699
- */
700
- function createMSTeamsTokenProvider(app) {
701
- return { async getAccessToken(scope) {
702
- if (scope.includes("graph.microsoft.com")) {
703
- const token = await app.getAppGraphToken();
704
- return token ? String(token) : "";
705
- }
706
- const token = await app.getBotToken();
707
- return token ? String(token) : "";
708
- } };
709
- }
710
- function createBotTokenGetter(app) {
711
- return async () => {
712
- const token = await app.getBotToken();
713
- return token ? String(token) : void 0;
714
- };
715
- }
716
- function createApiClient(sdk, serviceUrl, getToken) {
717
- return new sdk.Client(serviceUrl, {
718
- token: async () => await getToken() || void 0,
719
- headers: { "User-Agent": buildUserAgent() }
720
- });
721
- }
722
- function normalizeOutboundActivity(textOrActivity) {
723
- return typeof textOrActivity === "string" ? {
724
- type: "message",
725
- text: textOrActivity
726
- } : textOrActivity;
727
- }
728
- function createSendContext(params) {
729
- const apiClient = params.serviceUrl && params.conversationId ? createApiClient(params.sdk, params.serviceUrl, params.getToken) : void 0;
730
- return {
731
- async sendActivity(textOrActivity) {
732
- const msg = normalizeOutboundActivity(textOrActivity);
733
- if (params.treatInvokeResponseAsNoop && msg.type === "invokeResponse") return { id: "invokeResponse" };
734
- if (!apiClient || !params.conversationId) return { id: "unknown" };
735
- const existingChannelData = msg.channelData && typeof msg.channelData === "object" ? msg.channelData : void 0;
736
- const channelData = params.tenantId ? {
737
- ...existingChannelData,
738
- tenant: { id: params.tenantId }
739
- } : existingChannelData;
740
- return await apiClient.conversations.activities(params.conversationId).create({
741
- type: "message",
742
- ...msg,
743
- ...channelData ? { channelData } : {},
744
- from: params.bot?.id ? {
745
- id: params.bot.id,
746
- name: params.bot.name ?? "",
747
- role: "bot"
748
- } : void 0,
749
- conversation: {
750
- id: params.conversationId,
751
- conversationType: params.conversationType ?? "personal",
752
- ...params.tenantId ? { tenantId: params.tenantId } : {}
753
- },
754
- ...params.recipientId || params.recipientAadObjectId ? { recipient: {
755
- ...params.recipientId ? { id: params.recipientId } : {},
756
- ...params.recipientAadObjectId ? { aadObjectId: params.recipientAadObjectId } : {}
757
- } } : {},
758
- ...params.replyToActivityId && !msg.replyToId ? { replyToId: params.replyToActivityId } : {}
759
- });
760
- },
761
- async updateActivity(activityUpdate) {
762
- const nextActivity = activityUpdate;
763
- const activityId = nextActivity.id;
764
- if (!activityId) throw new Error("updateActivity requires an activity id");
765
- if (!params.serviceUrl || !params.conversationId) return { id: "unknown" };
766
- return await updateActivityViaRest({
767
- serviceUrl: params.serviceUrl,
768
- conversationId: params.conversationId,
769
- activityId,
770
- activity: nextActivity,
771
- token: await params.getToken()
772
- });
773
- },
774
- async deleteActivity(activityId) {
775
- if (!activityId) throw new Error("deleteActivity requires an activity id");
776
- if (!params.serviceUrl || !params.conversationId) return;
777
- await deleteActivityViaRest({
778
- serviceUrl: params.serviceUrl,
779
- conversationId: params.conversationId,
780
- activityId,
781
- token: await params.getToken()
782
- });
783
- }
784
- };
785
- }
786
- function createProcessContext(params) {
787
- const serviceUrl = params.activity?.serviceUrl;
788
- const conversationId = (params.activity?.conversation)?.id;
789
- const conversationType = (params.activity?.conversation)?.conversationType;
790
- const replyToActivityId = params.activity?.id;
791
- const bot = params.activity?.recipient && typeof params.activity.recipient === "object" ? {
792
- id: params.activity.recipient.id,
793
- name: params.activity.recipient.name
794
- } : void 0;
795
- const sendContext = createSendContext({
796
- sdk: params.sdk,
797
- serviceUrl,
798
- conversationId,
799
- conversationType,
800
- bot,
801
- replyToActivityId,
802
- getToken: params.getToken,
803
- treatInvokeResponseAsNoop: true
804
- });
805
- return {
806
- activity: params.activity,
807
- ...sendContext,
808
- async sendActivities(activities) {
809
- const results = [];
810
- for (const activity of activities) results.push(await sendContext.sendActivity(activity));
811
- return results;
812
- }
813
- };
814
- }
815
- /**
816
- * Update an existing activity via the Bot Framework REST API.
817
- * PUT /v3/conversations/{conversationId}/activities/{activityId}
818
- */
819
- async function updateActivityViaRest(params) {
820
- const { serviceUrl, conversationId, activityId, activity, token } = params;
821
- const url = `${serviceUrl.replace(/\/+$/, "")}/v3/conversations/${encodeURIComponent(conversationId)}/activities/${encodeURIComponent(activityId)}`;
822
- const headers = {
823
- "Content-Type": "application/json",
824
- "User-Agent": buildUserAgent()
825
- };
826
- if (token) headers.Authorization = `Bearer ${token}`;
827
- const currentFetch = globalThis.fetch;
828
- const { response, release } = await fetchWithSsrFGuard({
829
- url,
830
- fetchImpl: async (input, guardedInit) => await currentFetch(input, guardedInit),
831
- init: {
832
- method: "PUT",
833
- headers,
834
- body: JSON.stringify({
835
- type: "message",
836
- ...activity,
837
- id: activityId
838
- })
839
- },
840
- auditContext: "msteams-update-activity"
841
- });
842
- try {
843
- if (!response.ok) {
844
- const body = await response.text().catch(() => "");
845
- throw Object.assign(/* @__PURE__ */ new Error(`updateActivity failed: HTTP ${response.status} ${body}`), { statusCode: response.status });
846
- }
847
- return await response.json().catch(() => ({ id: activityId }));
848
- } finally {
849
- await release();
850
- }
851
- }
852
- /**
853
- * Delete an existing activity via the Bot Framework REST API.
854
- * DELETE /v3/conversations/{conversationId}/activities/{activityId}
855
- */
856
- async function deleteActivityViaRest(params) {
857
- const { serviceUrl, conversationId, activityId, token } = params;
858
- const url = `${serviceUrl.replace(/\/+$/, "")}/v3/conversations/${encodeURIComponent(conversationId)}/activities/${encodeURIComponent(activityId)}`;
859
- const headers = { "User-Agent": buildUserAgent() };
860
- if (token) headers.Authorization = `Bearer ${token}`;
861
- const currentFetch = globalThis.fetch;
862
- const { response, release } = await fetchWithSsrFGuard({
863
- url,
864
- fetchImpl: async (input, guardedInit) => await currentFetch(input, guardedInit),
865
- init: {
866
- method: "DELETE",
867
- headers
868
- },
869
- auditContext: "msteams-delete-activity"
870
- });
871
- try {
872
- if (!response.ok) {
873
- const body = await response.text().catch(() => "");
874
- throw Object.assign(/* @__PURE__ */ new Error(`deleteActivity failed: HTTP ${response.status} ${body}`), { statusCode: response.status });
875
- }
876
- } finally {
877
- await release();
878
- }
879
- }
880
- /**
881
- * Build a CloudAdapter-compatible adapter using the Teams SDK REST client.
882
- *
883
- * This replaces the previous CloudAdapter from @microsoft/agents-hosting.
884
- * For incoming requests: the App's HTTP server handles JWT validation.
885
- * For proactive sends: uses the Bot Framework REST API via
886
- * @microsoft/teams.api Client.
887
- */
888
- function createMSTeamsAdapter(app, sdk) {
889
- return {
890
- async continueConversation(_appId, reference, logic) {
891
- const serviceUrl = reference.serviceUrl;
892
- if (!serviceUrl) throw new Error("Missing serviceUrl in conversation reference");
893
- const conversationId = reference.conversation?.id;
894
- if (!conversationId) throw new Error("Missing conversation.id in conversation reference");
895
- const tenantId = reference.tenantId ?? reference.conversation?.tenantId;
896
- const recipientAadObjectId = reference.aadObjectId ?? reference.user?.aadObjectId;
897
- const recipientId = reference.user?.id;
898
- await logic(createSendContext({
899
- sdk,
900
- serviceUrl,
901
- conversationId,
902
- conversationType: reference.conversation?.conversationType,
903
- bot: reference.agent ?? void 0,
904
- getToken: createBotTokenGetter(app),
905
- tenantId,
906
- recipientId,
907
- recipientAadObjectId
908
- }));
909
- },
910
- async process(req, res, logic) {
911
- const request = req;
912
- const response = res;
913
- const activity = request.body;
914
- const isInvoke = activity?.type === "invoke";
915
- try {
916
- const context = createProcessContext({
917
- sdk,
918
- activity,
919
- getToken: createBotTokenGetter(app)
920
- });
921
- if (isInvoke) response.status(200).send();
922
- await logic(context);
923
- if (!isInvoke) response.status(200).send();
924
- } catch (err) {
925
- if (!isInvoke) response.status(500).send({ error: formatUnknownError(err) });
926
- }
927
- },
928
- async updateActivity(_context, _activity) {},
929
- async deleteActivity(_context, _reference) {}
930
- };
931
- }
932
- async function loadMSTeamsSdkWithAuth(creds) {
933
- const sdk = await loadMSTeamsSdk();
934
- return {
935
- sdk,
936
- app: await createMSTeamsApp(creds, sdk)
937
- };
938
- }
939
- /**
940
- * Bot Framework issuer → JWKS mapping.
941
- * During Microsoft's transition, inbound service tokens can be signed by either
942
- * the legacy Bot Framework issuer or the Entra issuer. Each gets its own JWKS
943
- * endpoint so we verify signatures with the correct key set.
944
- */
945
- const BOT_FRAMEWORK_ISSUERS = [
946
- {
947
- issuer: "https://api.botframework.com",
948
- jwksUri: "https://login.botframework.com/v1/.well-known/keys"
949
- },
950
- {
951
- issuer: (tenantId) => `https://login.microsoftonline.com/${tenantId}/v2.0`,
952
- jwksUri: "https://login.microsoftonline.com/common/discovery/v2.0/keys"
953
- },
954
- {
955
- issuer: (tenantId) => `https://sts.windows.net/${tenantId}/`,
956
- jwksUri: "https://login.microsoftonline.com/common/discovery/v2.0/keys"
957
- }
958
- ];
959
- const BOT_FRAMEWORK_GLOBAL_AUDIENCE = "https://api.botframework.com";
960
- function isJwtPayloadObject(value) {
961
- return !!value && typeof value === "object" && !Array.isArray(value);
962
- }
963
- function getAudienceClaims(payload) {
964
- if (!isJwtPayloadObject(payload)) return [];
965
- const audience = payload.aud;
966
- if (typeof audience === "string") {
967
- const trimmed = audience.trim();
968
- return trimmed ? [trimmed] : [];
969
- }
970
- if (Array.isArray(audience)) return audience.filter((value) => typeof value === "string").map((value) => value.trim()).filter(Boolean);
971
- return [];
972
- }
973
- function normalizeBotIdentityClaim(value) {
974
- if (typeof value !== "string") return null;
975
- return value.trim().toLowerCase() || null;
976
- }
977
- function hasExpectedBotIdentity(payload, expectedAppId) {
978
- if (!isJwtPayloadObject(payload)) return false;
979
- const expected = normalizeBotIdentityClaim(expectedAppId);
980
- if (!expected) return false;
981
- return normalizeBotIdentityClaim(payload.appid) === expected || normalizeBotIdentityClaim(payload.azp) === expected;
982
- }
983
- let botFrameworkJwtDepsPromise = null;
984
- function hasDefaultExport(value) {
985
- return !!value && typeof value === "object" && "default" in value;
986
- }
987
- function isJsonwebtokenRuntime(value) {
988
- return !!value && typeof value === "object" && typeof value.decode === "function" && typeof value.verify === "function";
989
- }
990
- function loadJsonwebtokenRuntime(jwtModule) {
991
- const jwt = hasDefaultExport(jwtModule) ? jwtModule.default ?? jwtModule : jwtModule;
992
- if (!isJsonwebtokenRuntime(jwt)) throw new Error("jsonwebtoken did not export decode/verify");
993
- return jwt;
994
- }
995
- function isJwksClientRuntime(value) {
996
- return typeof value === "function";
997
- }
998
- function loadJwksClientRuntime(jwksModule) {
999
- const direct = jwksModule && typeof jwksModule === "object" ? jwksModule.JwksClient : void 0;
1000
- const fallback = hasDefaultExport(jwksModule) && jwksModule.default && typeof jwksModule.default === "object" ? jwksModule.default.JwksClient : void 0;
1001
- const JwksClient = direct ?? fallback;
1002
- if (!isJwksClientRuntime(JwksClient)) throw new Error("jwks-rsa did not export JwksClient");
1003
- return JwksClient;
1004
- }
1005
- async function loadBotFrameworkJwtDeps() {
1006
- botFrameworkJwtDepsPromise ??= Promise.all([import("./jsonwebtoken-Biq5rPPj.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1)), import("./src-BWvrN9BA.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1))]).then(([jwtModule, jwksModule]) => {
1007
- return {
1008
- jwt: loadJsonwebtokenRuntime(jwtModule),
1009
- JwksClient: loadJwksClientRuntime(jwksModule)
1010
- };
1011
- });
1012
- return botFrameworkJwtDepsPromise;
1013
- }
1014
- /**
1015
- * Create a Bot Framework JWT validator using jsonwebtoken + jwks-rsa directly.
1016
- *
1017
- * The @microsoft/teams.apps JwtValidator hardcodes audience to [clientId, api://clientId],
1018
- * which rejects valid Bot Framework tokens that carry aud: "https://api.botframework.com".
1019
- * This implementation uses jsonwebtoken directly with the correct audience list, matching
1020
- * the behavior of the legacy @microsoft/agents-hosting authorizeJWT middleware.
1021
- *
1022
- * Security invariants:
1023
- * - signature verification via issuer-specific JWKS endpoints
1024
- * - audience validation: appId, api://appId, and https://api.botframework.com
1025
- * - issuer validation: strict allowlist (Bot Framework + tenant-scoped Entra)
1026
- * - expiration validation with 5-minute clock tolerance
1027
- */
1028
- async function createBotFrameworkJwtValidator(creds) {
1029
- const { jwt, JwksClient } = await loadBotFrameworkJwtDeps();
1030
- const allowedAudiences = [
1031
- creds.appId,
1032
- `api://${creds.appId}`,
1033
- BOT_FRAMEWORK_GLOBAL_AUDIENCE
1034
- ];
1035
- const allowedIssuers = BOT_FRAMEWORK_ISSUERS.map((entry) => typeof entry.issuer === "function" ? entry.issuer(creds.tenantId) : entry.issuer);
1036
- const jwksClients = /* @__PURE__ */ new Map();
1037
- function getJwksClient(uri) {
1038
- let client = jwksClients.get(uri);
1039
- if (!client) {
1040
- client = new JwksClient({
1041
- jwksUri: uri,
1042
- cache: true,
1043
- cacheMaxAge: 6e5,
1044
- rateLimit: true
1045
- });
1046
- jwksClients.set(uri, client);
1047
- }
1048
- return client;
1049
- }
1050
- /** Decode the token header without verification to determine the kid. */
1051
- function decodeHeader(token) {
1052
- const decoded = jwt.decode(token, { complete: true });
1053
- return decoded && typeof decoded === "object" ? decoded.header : null;
1054
- }
1055
- /** Resolve the issuer entry for a token's issuer claim (pre-verification). */
1056
- function resolveIssuerEntry(issuerClaim) {
1057
- if (!issuerClaim) return;
1058
- return BOT_FRAMEWORK_ISSUERS.find((entry) => {
1059
- return (typeof entry.issuer === "function" ? entry.issuer(creds.tenantId) : entry.issuer) === issuerClaim;
1060
- });
1061
- }
1062
- return { async validate(authHeader, _serviceUrl) {
1063
- const token = authHeader.startsWith("Bearer ") ? authHeader.slice(7) : authHeader;
1064
- if (!token) return false;
1065
- const header = decodeHeader(token);
1066
- const unverifiedPayload = jwt.decode(token);
1067
- if (!header?.kid || !isJwtPayloadObject(unverifiedPayload) || typeof unverifiedPayload.iss !== "string") return false;
1068
- const issuerEntry = resolveIssuerEntry(unverifiedPayload.iss);
1069
- if (!issuerEntry) return false;
1070
- const client = getJwksClient(issuerEntry.jwksUri);
1071
- try {
1072
- const publicKey = (await client.getSigningKey(header.kid)).getPublicKey();
1073
- const verifiedPayload = jwt.verify(token, publicKey, {
1074
- audience: allowedAudiences,
1075
- issuer: allowedIssuers,
1076
- algorithms: ["RS256"],
1077
- clockTolerance: 300
1078
- });
1079
- if (!isJwtPayloadObject(verifiedPayload)) return false;
1080
- if (getAudienceClaims(verifiedPayload).includes(BOT_FRAMEWORK_GLOBAL_AUDIENCE) && !hasExpectedBotIdentity(verifiedPayload, creds.appId)) return false;
1081
- return true;
1082
- } catch (err) {
1083
- if (isJwksNetworkError(err)) throw err;
1084
- return false;
1085
- }
1086
- } };
1087
- }
1088
- /**
1089
- * Return true when the error originated from a network-level failure fetching
1090
- * the JWKS endpoint (DNS resolution, connection refused, TLS handshake, etc.)
1091
- * rather than from token verification logic.
1092
- */
1093
- function isJwksNetworkError(err) {
1094
- if (!(err instanceof Error)) return false;
1095
- const code = err.code;
1096
- if (code === "ECONNREFUSED" || code === "ENOTFOUND" || code === "EHOSTUNREACH" || code === "ETIMEDOUT" || code === "ECONNRESET") return true;
1097
- return /jwks|key fetch|getSigningKey/i.test(err.message) && /network|fetch|connect/i.test(err.message);
1098
- }
1099
- //#endregion
1100
- //#region extensions/msteams/src/token-response.ts
1101
- function readAccessToken(value) {
1102
- if (typeof value === "string") return value;
1103
- if (value && typeof value === "object") {
1104
- const token = value.accessToken ?? value.token;
1105
- return typeof token === "string" ? token : null;
1106
- }
1107
- return null;
1108
- }
1109
- //#endregion
1110
- //#region extensions/msteams/src/storage.ts
1111
- function resolveMSTeamsStorePath(params) {
1112
- if (params.storePath) return params.storePath;
1113
- if (params.stateDir) return path.join(params.stateDir, params.filename);
1114
- const env = params.env ?? process.env;
1115
- const stateDir = params.homedir ? getMSTeamsRuntime().state.resolveStateDir(env, params.homedir) : getMSTeamsRuntime().state.resolveStateDir(env);
1116
- return path.join(stateDir, params.filename);
1117
- }
1118
- //#endregion
1119
- //#region extensions/msteams/src/token.ts
1120
- function resolveAuthType(cfg) {
1121
- const fromCfg = cfg?.authType;
1122
- if (fromCfg === "secret" || fromCfg === "federated") return fromCfg;
1123
- if (process.env.MSTEAMS_AUTH_TYPE === "federated") return "federated";
1124
- return "secret";
1125
- }
1126
- function hasConfiguredMSTeamsCredentials(cfg) {
1127
- const authType = resolveAuthType(cfg);
1128
- const hasAppId = Boolean(normalizeSecretInputString(cfg?.appId) || normalizeSecretInputString(process.env.MSTEAMS_APP_ID));
1129
- const hasTenantId = Boolean(normalizeSecretInputString(cfg?.tenantId) || normalizeSecretInputString(process.env.MSTEAMS_TENANT_ID));
1130
- if (authType === "federated") {
1131
- const hasCert = Boolean(cfg?.certificatePath || process.env.MSTEAMS_CERTIFICATE_PATH);
1132
- const hasManagedIdentity = cfg?.useManagedIdentity ?? process.env.MSTEAMS_USE_MANAGED_IDENTITY === "true";
1133
- return hasAppId && hasTenantId && (hasCert || hasManagedIdentity);
1134
- }
1135
- return Boolean(normalizeSecretInputString(cfg?.appId) && hasConfiguredSecretInput(cfg?.appPassword) && normalizeSecretInputString(cfg?.tenantId));
1136
- }
1137
- function resolveMSTeamsCredentials(cfg) {
1138
- const authType = resolveAuthType(cfg);
1139
- const appId = normalizeSecretInputString(cfg?.appId) || normalizeSecretInputString(process.env.MSTEAMS_APP_ID);
1140
- const tenantId = normalizeSecretInputString(cfg?.tenantId) || normalizeSecretInputString(process.env.MSTEAMS_TENANT_ID);
1141
- if (!appId || !tenantId) return;
1142
- if (authType === "federated") {
1143
- const certificatePath = cfg?.certificatePath || process.env.MSTEAMS_CERTIFICATE_PATH || void 0;
1144
- const certificateThumbprint = cfg?.certificateThumbprint || process.env.MSTEAMS_CERTIFICATE_THUMBPRINT || void 0;
1145
- const useManagedIdentity = cfg?.useManagedIdentity ?? process.env.MSTEAMS_USE_MANAGED_IDENTITY === "true";
1146
- const managedIdentityClientId = cfg?.managedIdentityClientId || process.env.MSTEAMS_MANAGED_IDENTITY_CLIENT_ID || void 0;
1147
- if (!certificatePath && !useManagedIdentity) return;
1148
- return {
1149
- type: "federated",
1150
- appId,
1151
- tenantId,
1152
- certificatePath,
1153
- certificateThumbprint,
1154
- useManagedIdentity: useManagedIdentity || void 0,
1155
- managedIdentityClientId
1156
- };
1157
- }
1158
- const appPassword = normalizeResolvedSecretInputString({
1159
- value: cfg?.appPassword,
1160
- path: "channels.msteams.appPassword"
1161
- }) || normalizeSecretInputString(process.env.MSTEAMS_APP_PASSWORD);
1162
- if (!appPassword) return;
1163
- return {
1164
- type: "secret",
1165
- appId,
1166
- appPassword,
1167
- tenantId
1168
- };
1169
- }
1170
- const DELEGATED_TOKEN_FILENAME = "msteams-delegated.json";
1171
- function resolveDelegatedTokenPath() {
1172
- return resolveMSTeamsStorePath({ filename: DELEGATED_TOKEN_FILENAME });
1173
- }
1174
- function loadDelegatedTokens() {
1175
- try {
1176
- const content = readFileSync(resolveDelegatedTokenPath(), "utf8");
1177
- return JSON.parse(content);
1178
- } catch {
1179
- return;
1180
- }
1181
- }
1182
- function saveDelegatedTokens(tokens) {
1183
- const tokenPath = resolveDelegatedTokenPath();
1184
- privateFileStoreSync(dirname(tokenPath)).writeJson(basename(tokenPath), tokens);
1185
- }
1186
- async function resolveDelegatedAccessToken(params) {
1187
- const tokens = loadDelegatedTokens();
1188
- if (!tokens) return;
1189
- if (tokens.expiresAt > Date.now()) return tokens.accessToken;
1190
- try {
1191
- const refreshed = await refreshMSTeamsDelegatedTokens({
1192
- tenantId: params.tenantId,
1193
- clientId: params.clientId,
1194
- clientSecret: params.clientSecret,
1195
- refreshToken: tokens.refreshToken,
1196
- scopes: tokens.scopes
1197
- });
1198
- saveDelegatedTokens(refreshed);
1199
- return refreshed.accessToken;
1200
- } catch {
1201
- return;
1202
- }
1203
- }
1204
- //#endregion
1205
- //#region extensions/msteams/src/graph.ts
1206
- const GRAPH_BETA = "https://graph.microsoft.com/beta";
1207
- const NULL_BODY_STATUSES = new Set([
1208
- 101,
1209
- 204,
1210
- 205,
1211
- 304
1212
- ]);
1213
- function normalizeQuery(value) {
1214
- return value?.trim() ?? "";
1215
- }
1216
- function escapeOData(value) {
1217
- return value.replace(/'/g, "''");
1218
- }
1219
- async function requestGraph(params) {
1220
- const hasBody = params.body !== void 0;
1221
- const url = `${params.root ?? "https://graph.microsoft.com/v1.0"}${params.path}`;
1222
- const currentFetch = globalThis.fetch;
1223
- const { response, release } = await fetchWithSsrFGuard({
1224
- url,
1225
- fetchImpl: async (input, guardedInit) => await currentFetch(input, guardedInit),
1226
- init: {
1227
- method: params.method,
1228
- headers: {
1229
- "User-Agent": buildUserAgent(),
1230
- Authorization: `Bearer ${params.token}`,
1231
- ...hasBody ? { "Content-Type": "application/json" } : {},
1232
- ...params.headers
1233
- },
1234
- body: hasBody ? JSON.stringify(params.body) : void 0
1235
- },
1236
- auditContext: "msteams.graph"
1237
- });
1238
- try {
1239
- if (!response.ok) {
1240
- const text = await response.text().catch(() => "");
1241
- throw new Error(`${params.errorPrefix ?? "Graph"} ${params.path} failed (${response.status}): ${text || "unknown error"}`);
1242
- }
1243
- const body = NULL_BODY_STATUSES.has(response.status) ? null : await response.arrayBuffer();
1244
- return new Response(body, {
1245
- status: response.status,
1246
- statusText: response.statusText,
1247
- headers: new Headers(response.headers)
1248
- });
1249
- } finally {
1250
- await release();
1251
- }
1252
- }
1253
- async function readOptionalGraphJson(res, label) {
1254
- if (res.status === 204 || res.headers?.get?.("content-length") === "0") return;
1255
- return await readProviderJsonResponse(res, label);
1256
- }
1257
- async function fetchGraphJson(params) {
1258
- return await readOptionalGraphJson(await requestGraph({
1259
- token: params.token,
1260
- path: params.path,
1261
- method: params.method,
1262
- body: params.body,
1263
- headers: params.headers
1264
- }), `Graph ${params.path} failed`);
1265
- }
1266
- /**
1267
- * Fetch JSON from an absolute Graph API URL (for example @odata.nextLink
1268
- * pagination URLs) without prepending GRAPH_ROOT.
1269
- */
1270
- async function fetchGraphAbsoluteUrl(params) {
1271
- const { response, release } = await fetchWithSsrFGuard({
1272
- url: params.url,
1273
- init: { headers: {
1274
- "User-Agent": buildUserAgent(),
1275
- Authorization: `Bearer ${params.token}`,
1276
- ...params.headers
1277
- } },
1278
- auditContext: "msteams.graph.absolute"
1279
- });
1280
- try {
1281
- if (!response.ok) {
1282
- const text = await response.text().catch(() => "");
1283
- throw new Error(`Graph ${params.url} failed (${response.status}): ${text || "unknown error"}`);
1284
- }
1285
- return await readProviderJsonResponse(response, `Graph ${params.url} failed`);
1286
- } finally {
1287
- await release();
1288
- }
1289
- }
1290
- /**
1291
- * Fetch all pages of a Graph API collection, following @odata.nextLink.
1292
- * Optionally stop early when `findOne` matches an item.
1293
- */
1294
- async function fetchAllGraphPages(params) {
1295
- const maxPages = params.maxPages ?? 50;
1296
- const items = [];
1297
- let nextPath = params.path;
1298
- for (let page = 0; page < maxPages && nextPath; page++) {
1299
- const res = await fetchGraphJson({
1300
- token: params.token,
1301
- path: nextPath,
1302
- headers: params.headers
1303
- });
1304
- const pageItems = res.value ?? [];
1305
- if (params.findOne) {
1306
- const match = pageItems.find(params.findOne);
1307
- if (match) {
1308
- items.push(...pageItems);
1309
- return {
1310
- items,
1311
- truncated: false,
1312
- found: match
1313
- };
1314
- }
1315
- }
1316
- items.push(...pageItems);
1317
- const rawNext = res["@odata.nextLink"];
1318
- if (rawNext) nextPath = rawNext.replace("https://graph.microsoft.com/v1.0", "").replace("https://graph.microsoft.com/beta", "");
1319
- else nextPath = void 0;
1320
- }
1321
- return {
1322
- items,
1323
- truncated: Boolean(nextPath)
1324
- };
1325
- }
1326
- async function resolveGraphToken(cfg, options) {
1327
- const msteamsCfg = cfg?.channels?.msteams;
1328
- const creds = resolveMSTeamsCredentials(msteamsCfg);
1329
- if (!creds) throw new Error("MS Teams credentials missing");
1330
- if (options?.preferDelegated && msteamsCfg?.delegatedAuth?.enabled && creds.type === "secret") {
1331
- const delegated = await resolveDelegatedAccessToken({
1332
- tenantId: creds.tenantId,
1333
- clientId: creds.appId,
1334
- clientSecret: creds.appPassword
1335
- });
1336
- if (delegated) return delegated;
1337
- }
1338
- const { app } = await loadMSTeamsSdkWithAuth(creds);
1339
- const accessToken = readAccessToken(await createMSTeamsTokenProvider(app).getAccessToken("https://graph.microsoft.com"));
1340
- if (!accessToken) throw new Error("MS Teams graph token unavailable");
1341
- return accessToken;
1342
- }
1343
- async function listTeamsByName(token, query) {
1344
- const filter = `resourceProvisioningOptions/Any(x:x eq 'Team') and startsWith(displayName,'${escapeOData(query)}')`;
1345
- const { items } = await fetchAllGraphPages({
1346
- token,
1347
- path: `/groups?$filter=${encodeURIComponent(filter)}&$select=id,displayName`,
1348
- maxPages: 5
1349
- });
1350
- return items;
1351
- }
1352
- async function postGraphJson(params) {
1353
- return readOptionalGraphJson(await requestGraph({
1354
- token: params.token,
1355
- path: params.path,
1356
- method: "POST",
1357
- body: params.body,
1358
- errorPrefix: "Graph POST"
1359
- }), `Graph POST ${params.path} failed`);
1360
- }
1361
- async function postGraphBetaJson(params) {
1362
- return readOptionalGraphJson(await requestGraph({
1363
- token: params.token,
1364
- path: params.path,
1365
- method: "POST",
1366
- root: GRAPH_BETA,
1367
- body: params.body,
1368
- errorPrefix: "Graph beta POST"
1369
- }), `Graph beta POST ${params.path} failed`);
1370
- }
1371
- async function deleteGraphRequest(params) {
1372
- await requestGraph({
1373
- token: params.token,
1374
- path: params.path,
1375
- method: "DELETE",
1376
- errorPrefix: "Graph DELETE"
1377
- });
1378
- }
1379
- async function patchGraphJson(params) {
1380
- return readOptionalGraphJson(await requestGraph({
1381
- token: params.token,
1382
- path: params.path,
1383
- method: "PATCH",
1384
- body: params.body,
1385
- errorPrefix: "Graph PATCH"
1386
- }), `Graph PATCH ${params.path} failed`);
1387
- }
1388
- async function listChannelsForTeam(token, teamId) {
1389
- const { items } = await fetchAllGraphPages({
1390
- token,
1391
- path: `/teams/${encodeURIComponent(teamId)}/channels?$select=id,displayName`,
1392
- maxPages: 10
1393
- });
1394
- return items;
1395
- }
1396
- //#endregion
1397
- //#region extensions/msteams/src/graph-users.ts
1398
- async function searchGraphUsers(params) {
1399
- const query = params.query.trim();
1400
- if (!query) return [];
1401
- if (query.includes("@")) {
1402
- const escaped = escapeOData(query);
1403
- const filter = `(mail eq '${escaped}' or userPrincipalName eq '${escaped}')`;
1404
- const path = `/users?$filter=${encodeURIComponent(filter)}&$select=id,displayName,mail,userPrincipalName`;
1405
- return (await fetchGraphJson({
1406
- token: params.token,
1407
- path
1408
- })).value ?? [];
1409
- }
1410
- const top = typeof params.top === "number" && params.top > 0 ? params.top : 10;
1411
- const path = `/users?$search=${encodeURIComponent(`"displayName:${query}"`)}&$select=id,displayName,mail,userPrincipalName&$top=${top}`;
1412
- return (await fetchGraphJson({
1413
- token: params.token,
1414
- path,
1415
- headers: { ConsistencyLevel: "eventual" }
1416
- })).value ?? [];
1417
- }
1418
- //#endregion
1419
- export { GRAPH_ROOT as A, isUrlAllowed as B, buildUserAgent as C, formatUnknownError as D, formatMSTeamsSendErrorHint as E, extractHtmlFromAttachment as F, resolveRequestUrl as G, readNestedString as H, extractInlineImageCandidates as I, tryBuildGraphSharesUrlForSharedLink as J, safeFetchWithPolicy as K, inferPlaceholder as L, applyAuthorizationHeaderForUrl as M, encodeGraphShareId as N, isRevokedProxyError as O, estimateBase64DecodedBytes as P, isDownloadableAttachment as R, loadMSTeamsSdkWithAuth as S, classifyMSTeamsSendError as T, resolveAttachmentFetchPolicy as U, normalizeContentType as V, resolveMediaSsrfPolicy as W, resolveMSTeamsStorePath as _, fetchGraphJson as a, createMSTeamsAdapter as b, normalizeQuery as c, postGraphJson as d, resolveGraphToken as f, saveDelegatedTokens as g, resolveMSTeamsCredentials as h, fetchGraphAbsoluteUrl as i, IMG_SRC_RE as j, ATTACHMENT_TAG_RE as k, patchGraphJson as l, loadDelegatedTokens as m, deleteGraphRequest as n, listChannelsForTeam as o, hasConfiguredMSTeamsCredentials as p, safeHostForUrl as q, escapeOData as r, listTeamsByName as s, searchGraphUsers as t, postGraphBetaJson as u, readAccessToken as v, ensureUserAgentHeader as w, createMSTeamsTokenProvider as x, createBotFrameworkJwtValidator as y, isLikelyImageAttachment as z };