@getmarrow/sdk 3.1.0 → 3.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +37 -13
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -23,24 +23,48 @@ That's fine for a toy. It's a problem for anything real.
|
|
|
23
23
|
|
|
24
24
|
---
|
|
25
25
|
|
|
26
|
-
## What's New in v3.0
|
|
26
|
+
## What's New in v3.1.0
|
|
27
27
|
|
|
28
|
-
|
|
29
|
-
This release includes 6 security patches:
|
|
30
|
-
- **Path traversal protection** — all memory IDs are now validated before URL interpolation. IDs like `../../admin/delete` are rejected.
|
|
31
|
-
- **SSRF protection** — `baseUrl` is validated and must use HTTPS. `http://localhost` is allowed for local development.
|
|
32
|
-
- **Error handling** — all silent catch blocks replaced with proper error logging to stderr. No more swallowed failures.
|
|
33
|
-
- **Safe response access** — all memory methods use safe optional chaining on API response data. No more `TypeError` on unexpected response shapes.
|
|
34
|
-
- **Resilient error parsing** — API error handler gracefully handles non-JSON error responses (e.g., HTML error pages from CDN/load balancer).
|
|
28
|
+
**Operator visibility + auto-intelligence — agents get smarter, operators can finally see it.**
|
|
35
29
|
|
|
36
|
-
###
|
|
37
|
-
|
|
30
|
+
### Operator Dashboard
|
|
31
|
+
One call returns everything an operator needs to see — account health, top failures, workflow status, recent activity, and Marrow's impact.
|
|
38
32
|
|
|
39
|
-
|
|
33
|
+
```typescript
|
|
34
|
+
const dash = await marrow.dashboard();
|
|
35
|
+
// dash.health.overall_score, dash.top_failures, dash.impact.saves_this_week, ...
|
|
36
|
+
```
|
|
40
37
|
|
|
41
|
-
|
|
38
|
+
### Weekly Digest
|
|
39
|
+
Periodic summary with success rate trend vs previous period.
|
|
40
|
+
|
|
41
|
+
```typescript
|
|
42
|
+
const digest = await marrow.digest('7d');
|
|
43
|
+
// digest.summary, digest.success_rate.direction, digest.saves.count, ...
|
|
44
|
+
```
|
|
45
|
+
|
|
46
|
+
### Explicit Session End
|
|
47
|
+
Gracefully close a session and optionally auto-commit any open decision — prevents orphaned decisions.
|
|
48
|
+
|
|
49
|
+
```typescript
|
|
50
|
+
await marrow.endSession(true); // true = auto-commit any open decision
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
### Auto-Workflow Detection
|
|
54
|
+
When Marrow detects a recurring decision sequence (5+ occurrences), it surfaces it in `orient()` as a suggestion. Accept it to convert the pattern into an enforced workflow.
|
|
55
|
+
|
|
56
|
+
```typescript
|
|
57
|
+
await marrow.acceptDetectedWorkflow(detectedId);
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
### New Fields in `think()` Response
|
|
61
|
+
- `onboarding_hint` — contextual tip for new accounts (first 50 decisions)
|
|
62
|
+
- `intelligence.collective` — anonymized insights aggregated from all Marrow accounts (k-anonymity ≥5)
|
|
63
|
+
- `intelligence.team_context` — recent decisions from other sessions in the same account
|
|
64
|
+
|
|
65
|
+
---
|
|
42
66
|
|
|
43
|
-
|
|
67
|
+
## Active Intelligence — Marrow Intervenes Before Mistakes
|
|
44
68
|
|
|
45
69
|
### Auto-Warn on Orient
|
|
46
70
|
When you call `orient({autoWarn: true})`, Marrow scans your recent decisions and warns you BEFORE you start a task that recently failed:
|