@google/adk 0.1.0

package/dist/esm/plugins/security_plugin.js

@@ -0,0 +1,119 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { BasePlugin } from "../plugins/base_plugin.js";
+const REQUEST_CONFIRMATION_FUNCTION_CALL_NAME = "adk_request_confirmation";
+const TOOL_CALL_SECURITY_CHECK_STATES = "orcas_tool_call_security_check_states";
+const INTERMEDIATE_REQUIRE_TOOL_CALL_CONFIRMATION_ERROR = "This tool call needs external confirmation before completion.";
+var PolicyOutcome = /* @__PURE__ */ ((PolicyOutcome2) => {
+  PolicyOutcome2["DENY"] = "DENY";
+  PolicyOutcome2["CONFIRM"] = "CONFIRM";
+  PolicyOutcome2["ALLOW"] = "ALLOW";
+  return PolicyOutcome2;
+})(PolicyOutcome || {});
+class InMemoryPolicyEngine {
+  async evaluate(context) {
+    return Promise.resolve({
+      outcome: "ALLOW" /* ALLOW */,
+      reason: "For prototyping purpose, all tool calls are allowed."
+    });
+  }
+}
+class SecurityPlugin extends BasePlugin {
+  constructor(params) {
+    var _a;
+    super("security_plugin");
+    this.policyEngine = (_a = params == null ? void 0 : params.policyEngine) != null ? _a : new InMemoryPolicyEngine();
+  }
+  async beforeToolCallback({
+    tool,
+    toolArgs,
+    toolContext
+  }) {
+    const toolCallCheckState = this.getToolCallCheckState(toolContext);
+    if (!toolCallCheckState) {
+      return this.checkToolCallPolicy({
+        tool,
+        toolArgs,
+        toolContext
+      });
+    }
+    if (toolCallCheckState !== "CONFIRM" /* CONFIRM */) {
+      return;
+    }
+    if (!toolContext.toolConfirmation) {
+      return { partial: INTERMEDIATE_REQUIRE_TOOL_CALL_CONFIRMATION_ERROR };
+    }
+    this.setToolCallCheckState(toolContext, toolContext.toolConfirmation);
+    if (!toolContext.toolConfirmation.confirmed) {
+      return {
+        error: "Tool call rejected from confirmation flow."
+      };
+    }
+    toolContext.toolConfirmation = void 0;
+    return;
+  }
+  getToolCallCheckState(toolContext) {
+    var _a;
+    const { functionCallId } = toolContext;
+    if (!functionCallId) {
+      return;
+    }
+    const toolCallStates = (_a = toolContext.state.get(TOOL_CALL_SECURITY_CHECK_STATES)) != null ? _a : {};
+    return toolCallStates[functionCallId];
+  }
+  setToolCallCheckState(toolContext, state) {
+    var _a;
+    const { functionCallId } = toolContext;
+    if (!functionCallId) {
+      return;
+    }
+    const toolCallStates = (_a = toolContext.state.get(TOOL_CALL_SECURITY_CHECK_STATES)) != null ? _a : {};
+    toolCallStates[functionCallId] = state;
+    toolContext.state.set(TOOL_CALL_SECURITY_CHECK_STATES, toolCallStates);
+  }
+  async checkToolCallPolicy({
+    tool,
+    toolArgs,
+    toolContext
+  }) {
+    const policyCheckResult = await this.policyEngine.evaluate({ tool, toolArgs });
+    this.setToolCallCheckState(toolContext, policyCheckResult.outcome);
+    switch (policyCheckResult.outcome) {
+      case "DENY" /* DENY */:
+        return {
+          error: `This tool call is rejected by policy engine. Reason: ${policyCheckResult.reason}`
+        };
+      case "CONFIRM" /* CONFIRM */:
+        toolContext.requestConfirmation({
+          hint: `Policy engine requires confirmation calling tool: ${tool.name}. Reason: ${policyCheckResult.reason}`
+        });
+        return { partial: INTERMEDIATE_REQUIRE_TOOL_CALL_CONFIRMATION_ERROR };
+      case "ALLOW" /* ALLOW */:
+        return;
+      default:
+        return;
+    }
+  }
+}
+function getAskUserConfirmationFunctionCalls(event) {
+  if (!event.content || !event.content.parts) {
+    return [];
+  }
+  const results = [];
+  for (const part of event.content.parts) {
+    if (part && part.functionCall && part.functionCall.name === REQUEST_CONFIRMATION_FUNCTION_CALL_NAME) {
+      results.push(part.functionCall);
+    }
+  }
+  return results;
+}
+export {
+  InMemoryPolicyEngine,
+  PolicyOutcome,
+  REQUEST_CONFIRMATION_FUNCTION_CALL_NAME,
+  SecurityPlugin,
+  getAskUserConfirmationFunctionCalls
+};

package/dist/esm/runner/in_memory_runner.js

@@ -0,0 +1,28 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { InMemoryArtifactService } from "../artifacts/in_memory_artifact_service.js";
+import { InMemoryMemoryService } from "../memory/in_memory_memory_service.js";
+import { InMemorySessionService } from "../sessions/in_memory_session_service.js";
+import { Runner } from "./runner.js";
+class InMemoryRunner extends Runner {
+  constructor({
+    agent,
+    appName = "InMemoryRunner",
+    plugins = []
+  }) {
+    super({
+      appName,
+      agent,
+      plugins,
+      artifactService: new InMemoryArtifactService(),
+      sessionService: new InMemorySessionService(),
+      memoryService: new InMemoryMemoryService()
+    });
+  }
+}
+export {
+  InMemoryRunner
+};

package/dist/esm/runner/runner.js

@@ -0,0 +1,246 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { createPartFromText } from "@google/genai";
+import { trace } from "@opentelemetry/api";
+import { InvocationContext, newInvocationContextId } from "../agents/invocation_context.js";
+import { LlmAgent } from "../agents/llm_agent.js";
+import { RunConfig } from "../agents/run_config.js";
+import { createEvent, getFunctionCalls } from "../events/event.js";
+import { createEventActions } from "../events/event_actions.js";
+import { PluginManager } from "../plugins/plugin_manager.js";
+import { logger } from "../utils/logger.js";
+class Runner {
+  constructor(input) {
+    var _a;
+    this.appName = input.appName;
+    this.agent = input.agent;
+    this.pluginManager = new PluginManager((_a = input.plugins) != null ? _a : []);
+    this.artifactService = input.artifactService;
+    this.sessionService = input.sessionService;
+    this.memoryService = input.memoryService;
+    this.credentialService = input.credentialService;
+  }
+  /**
+   * Runs the agent with the given message, and returns an async generator of
+   * events.
+   *
+   * @param userId The user ID of the session.
+   * @param sessionId The session ID of the session.
+   * @param newMessage A new message to append to the session.
+   * @param stateDelta An optional state delta to apply to the session.
+   * @param runConfig The run config for the agent.
+   * @yields The events generated by the agent.
+   */
+  // TODO - b/425992518: user, sessionId, and runConfig can be internalized.
+  async *runAsync({
+    userId,
+    sessionId,
+    newMessage,
+    stateDelta,
+    runConfig = new RunConfig()
+  }) {
+    var _a;
+    const span = trace.getTracer("gcp.vertex.agent").startSpan("invocation");
+    try {
+      const session = await this.sessionService.getSession({ appName: this.appName, userId, sessionId });
+      if (!session) {
+        throw new Error(`Session not found: ${sessionId}`);
+      }
+      if (runConfig.supportCfc && this.agent instanceof LlmAgent) {
+        const modelName = this.agent.canonicalModel.model;
+        if (!modelName.startsWith("gemini-2")) {
+          throw new Error(`CFC is not supported for model: ${modelName} in agent: ${this.agent.name}`);
+        }
+      }
+      const invocationContext = new InvocationContext({
+        artifactService: this.artifactService,
+        sessionService: this.sessionService,
+        memoryService: this.memoryService,
+        credentialService: this.credentialService,
+        invocationId: newInvocationContextId(),
+        agent: this.agent,
+        session,
+        userContent: newMessage,
+        runConfig,
+        pluginManager: this.pluginManager
+      });
+      const pluginUserMessage = await this.pluginManager.runOnUserMessageCallback({
+        userMessage: newMessage,
+        invocationContext
+      });
+      if (pluginUserMessage) {
+        newMessage = pluginUserMessage;
+      }
+      if (newMessage) {
+        if (!((_a = newMessage.parts) == null ? void 0 : _a.length)) {
+          throw new Error("No parts in the new_message.");
+        }
+        if (runConfig.saveInputBlobsAsArtifacts) {
+          await this.saveArtifacts(
+            invocationContext.invocationId,
+            session.userId,
+            session.id,
+            newMessage
+          );
+        }
+        await this.sessionService.appendEvent({
+          session,
+          event: createEvent({
+            invocationId: invocationContext.invocationId,
+            author: "user",
+            actions: stateDelta ? createEventActions({ stateDelta }) : void 0,
+            content: newMessage
+          })
+        });
+      }
+      invocationContext.agent = this.determineAgentForResumption(session, this.agent);
+      const beforeRunCallbackResponse = await this.pluginManager.runBeforeRunCallback({ invocationContext });
+      if (beforeRunCallbackResponse) {
+        const earlyExitEvent = createEvent({
+          invocationId: invocationContext.invocationId,
+          author: "model",
+          content: beforeRunCallbackResponse
+        });
+        await this.sessionService.appendEvent({ session, event: earlyExitEvent });
+        yield earlyExitEvent;
+      } else {
+        for await (const event of invocationContext.agent.runAsync(
+          invocationContext
+        )) {
+          if (!event.partial) {
+            await this.sessionService.appendEvent({ session, event });
+          }
+          const modifiedEvent = await this.pluginManager.runOnEventCallback(
+            { invocationContext, event }
+          );
+          if (modifiedEvent) {
+            yield modifiedEvent;
+          } else {
+            yield event;
+          }
+        }
+      }
+      await this.pluginManager.runAfterRunCallback({ invocationContext });
+    } finally {
+      span.end();
+    }
+  }
+  /**
+   * Saves artifacts from the message parts and replaces the inline data with
+   * a file name placeholder.
+   *
+   * @param invocationId The current invocation ID.
+   * @param userId The user ID of the session.
+   * @param sessionId The session ID of the session.
+   * @param message The message containing parts to process.
+   */
+  async saveArtifacts(invocationId, userId, sessionId, message) {
+    var _a;
+    if (!this.artifactService || !((_a = message.parts) == null ? void 0 : _a.length)) {
+      return;
+    }
+    for (let i = 0; i < message.parts.length; i++) {
+      const part = message.parts[i];
+      if (!part.inlineData) {
+        continue;
+      }
+      const fileName = `artifact_${invocationId}_${i}`;
+      await this.artifactService.saveArtifact({
+        appName: this.appName,
+        userId,
+        sessionId,
+        filename: fileName,
+        artifact: part
+      });
+      message.parts[i] = createPartFromText(
+        `Uploaded file: ${fileName}. It is saved into artifacts`
+      );
+    }
+  }
+  /**
+   * Determines the next agent to run to continue the session. This is primarily
+   * used for session resumption.
+   */
+  // TODO - b/425992518: This is where LRO integration should happen.
+  // Needs clean up before we can generalize it.
+  determineAgentForResumption(session, rootAgent) {
+    const event = findEventByLastFunctionResponseId(session.events);
+    if (event && event.author) {
+      return rootAgent.findAgent(event.author) || rootAgent;
+    }
+    for (let i = session.events.length - 1; i >= 0; i--) {
+      logger.info("event: ", JSON.stringify(session.events[i]));
+      const event2 = session.events[i];
+      if (event2.author === "user" || !event2.author) {
+        continue;
+      }
+      if (event2.author === rootAgent.name) {
+        return rootAgent;
+      }
+      const agent = rootAgent.findSubAgent(event2.author);
+      if (!agent) {
+        logger.warn(`Event from an unknown agent: ${event2.author}, event id: ${event2.id}`);
+        continue;
+      }
+      if (this.isRoutableLlmAgent(agent)) {
+        return agent;
+      }
+    }
+    return rootAgent;
+  }
+  /**
+   * Whether the agent to run can transfer to any other agent in the agent tree.
+   *
+   * An agent is transferable if:
+   *  - It is an instance of `LlmAgent`.
+   *  - All its ancestors are also transferable (i.e., they have
+   *    `disallowTransferToParent` set to false).
+   *
+   * @param agentToRun The agent to check for transferability.
+   * @returns True if the agent can transfer, False otherwise.
+   */
+  isRoutableLlmAgent(agentToRun) {
+    let agent = agentToRun;
+    while (agent) {
+      if (!(agent instanceof LlmAgent)) {
+        return false;
+      }
+      if (agent.disallowTransferToParent) {
+        return false;
+      }
+      agent = agent.parentAgent;
+    }
+    return true;
+  }
+  // TODO - b/425992518: Implement runLive and related methods.
+}
+function findEventByLastFunctionResponseId(events) {
+  var _a, _b, _c, _d;
+  if (!events.length) {
+    return null;
+  }
+  const lastEvent = events[events.length - 1];
+  const functionCallId = (_d = (_c = (_b = (_a = lastEvent.content) == null ? void 0 : _a.parts) == null ? void 0 : _b.find((part) => part.functionResponse)) == null ? void 0 : _c.functionResponse) == null ? void 0 : _d.id;
+  if (!functionCallId) {
+    return null;
+  }
+  for (let i = events.length - 2; i >= 0; i--) {
+    const event = events[i];
+    const functionCalls = getFunctionCalls(event);
+    if (!functionCalls) {
+      continue;
+    }
+    for (const functionCall of functionCalls) {
+      if (functionCall.id === functionCallId) {
+        return event;
+      }
+    }
+  }
+  return null;
+}
+export {
+  Runner
+};

package/dist/esm/sessions/base_session_service.js

@@ -0,0 +1,41 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { State } from "./state.js";
+class BaseSessionService {
+  /**
+   * Appends an event to a session.
+   *
+   * @param request The request to append an event.
+   * @return A promise that resolves to the event that was appended.
+   */
+  async appendEvent({ session, event }) {
+    if (event.partial) {
+      return event;
+    }
+    this.updateSessionState({ session, event });
+    session.events.push(event);
+    return event;
+  }
+  /**
+   * Updates the session state based on the event.
+   *
+   * @param request The request to update the session state.
+   */
+  updateSessionState({ session, event }) {
+    if (!event.actions || !event.actions.stateDelta) {
+      return;
+    }
+    for (const [key, value] of Object.entries(event.actions.stateDelta)) {
+      if (key.startsWith(State.TEMP_PREFIX)) {
+        continue;
+      }
+      session.state[key] = value;
+    }
+  }
+}
+export {
+  BaseSessionService
+};

package/dist/esm/sessions/in_memory_session_service.js

@@ -0,0 +1,154 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { deepClone } from "../utils/deep_clone.js";
+import { randomUUID } from "../utils/env_aware_utils.js";
+import { logger } from "../utils/logger.js";
+import { BaseSessionService } from "./base_session_service.js";
+import { createSession } from "./session.js";
+import { State } from "./state.js";
+class InMemorySessionService extends BaseSessionService {
+  constructor() {
+    super(...arguments);
+    /**
+     * A map from app name to a map from user ID to a map from session ID to
+     * session.
+     */
+    this.sessions = {};
+    /**
+     * A map from app name to a map from user ID to a map from key to the value.
+     */
+    this.userState = {};
+    /**
+     * A map from app name to a map from key to the value.
+     */
+    this.appState = {};
+  }
+  createSession({ appName, userId, state, sessionId }) {
+    const session = createSession({
+      id: sessionId || randomUUID(),
+      appName,
+      userId,
+      state,
+      events: [],
+      lastUpdateTime: Date.now()
+    });
+    if (!this.sessions[appName]) {
+      this.sessions[appName] = {};
+    }
+    if (!this.sessions[appName][userId]) {
+      this.sessions[appName][userId] = {};
+    }
+    this.sessions[appName][userId][session.id] = session;
+    return Promise.resolve(
+      this.mergeState(appName, userId, deepClone(session))
+    );
+  }
+  getSession({ appName, userId, sessionId, config }) {
+    if (!this.sessions[appName] || !this.sessions[appName][userId] || !this.sessions[appName][userId][sessionId]) {
+      return Promise.resolve(void 0);
+    }
+    const session = this.sessions[appName][userId][sessionId];
+    const copiedSession = deepClone(session);
+    if (config) {
+      if (config.numRecentEvents) {
+        copiedSession.events = copiedSession.events.slice(-config.numRecentEvents);
+      }
+      if (config.afterTimestamp) {
+        let i = copiedSession.events.length - 1;
+        while (i >= 0) {
+          if (copiedSession.events[i].timestamp < config.afterTimestamp) {
+            break;
+          }
+          i--;
+        }
+        if (i >= 0) {
+          copiedSession.events = copiedSession.events.slice(i + 1);
+        }
+      }
+    }
+    return Promise.resolve(this.mergeState(appName, userId, copiedSession));
+  }
+  listSessions({ appName, userId }) {
+    if (!this.sessions[appName] || !this.sessions[appName][userId]) {
+      return Promise.resolve({ sessions: [] });
+    }
+    const sessionsWithoutEvents = [];
+    for (const session of Object.values(this.sessions[appName][userId])) {
+      sessionsWithoutEvents.push(createSession({
+        id: session.id,
+        appName: session.appName,
+        userId: session.userId,
+        state: {},
+        events: [],
+        lastUpdateTime: session.lastUpdateTime
+      }));
+    }
+    return Promise.resolve({ sessions: sessionsWithoutEvents });
+  }
+  async deleteSession({ appName, userId, sessionId }) {
+    const session = await this.getSession({ appName, userId, sessionId });
+    if (!session) {
+      return;
+    }
+    delete this.sessions[appName][userId][sessionId];
+  }
+  async appendEvent({ session, event }) {
+    await super.appendEvent({ session, event });
+    session.lastUpdateTime = event.timestamp;
+    const appName = session.appName;
+    const userId = session.userId;
+    const sessionId = session.id;
+    const warning = (message) => {
+      logger.warn(`Failed to append event to session ${sessionId}: ${message}`);
+    };
+    if (!this.sessions[appName]) {
+      warning(`appName ${appName} not in sessions`);
+      return event;
+    }
+    if (!this.sessions[appName][userId]) {
+      warning(`userId ${userId} not in sessions[appName]`);
+      return event;
+    }
+    if (!this.sessions[appName][userId][sessionId]) {
+      warning(`sessionId ${sessionId} not in sessions[appName][userId]`);
+      return event;
+    }
+    if (event.actions && event.actions.stateDelta) {
+      for (const key of Object.keys(event.actions.stateDelta)) {
+        if (key.startsWith(State.APP_PREFIX)) {
+          this.appState[appName] = this.appState[appName] || {};
+          this.appState[appName][key.replace(State.APP_PREFIX, "")] = event.actions.stateDelta[key];
+        }
+        if (key.startsWith(State.USER_PREFIX)) {
+          this.userState[appName] = this.userState[appName] || {};
+          this.userState[appName][userId] = this.userState[appName][userId] || {};
+          this.userState[appName][userId][key.replace(State.USER_PREFIX, "")] = event.actions.stateDelta[key];
+        }
+      }
+    }
+    const storageSession = this.sessions[appName][userId][sessionId];
+    await super.appendEvent({ session: storageSession, event });
+    storageSession.lastUpdateTime = event.timestamp;
+    return event;
+  }
+  mergeState(appName, userId, copiedSession) {
+    if (this.appState[appName]) {
+      for (const key of Object.keys(this.appState[appName])) {
+        copiedSession.state[State.APP_PREFIX + key] = this.appState[appName][key];
+      }
+    }
+    if (!this.userState[appName] || !this.userState[appName][userId]) {
+      return copiedSession;
+    }
+    for (const key of Object.keys(this.userState[appName][userId])) {
+      copiedSession.state[State.USER_PREFIX + key] = this.userState[appName][userId][key];
+    }
+    return copiedSession;
+  }
+}
+export {
+  InMemorySessionService
+};

package/dist/esm/sessions/session.js

@@ -0,0 +1,18 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+function createSession(params) {
+  return {
+    id: params.id,
+    appName: params.appName,
+    userId: params.userId || "",
+    state: params.state || {},
+    events: params.events || [],
+    lastUpdateTime: params.lastUpdateTime || 0
+  };
+}
+export {
+  createSession
+};

package/dist/esm/sessions/state.js

@@ -0,0 +1,71 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+class State {
+  constructor(value, delta) {
+    this.value = value;
+    this.delta = delta;
+  }
+  /**
+   * Returns the value of the state dict for the given key.
+   *
+   * @param key The key to get the value for.
+   * @param defaultValue The default value to return if the key is not found.
+   * @return The value of the state for the given key, or the default value if
+   *     not found.
+   */
+  get(key, defaultValue) {
+    if (key in this.delta) {
+      return this.delta[key];
+    }
+    if (key in this.value) {
+      return this.value[key];
+    }
+    return defaultValue;
+  }
+  /**
+   * Sets the value of the state dict for the given key.
+   *
+   * @param key The key to set the value for.
+   * @param value The value to set.
+   */
+  set(key, value) {
+    this.value[key] = value;
+    this.delta[key] = value;
+  }
+  /**
+   * Whether the state has pending delta.
+   */
+  has(key) {
+    return key in this.value || key in this.delta;
+  }
+  /**
+   * Whether the state has pending delta.
+   */
+  hasDelta() {
+    return Object.keys(this.delta).length > 0;
+  }
+  /**
+   * Updates the state dict with the given delta.
+   *
+   * @param delta The delta to update the state with.
+   */
+  update(delta) {
+    this.delta = { ...this.delta, ...delta };
+    this.value = { ...this.value, ...delta };
+  }
+  /**
+   * Returns the state as a plain JSON object.
+   */
+  toRecord() {
+    return { ...this.value, ...this.delta };
+  }
+}
+State.APP_PREFIX = "app:";
+State.USER_PREFIX = "user:";
+State.TEMP_PREFIX = "temp:";
+export {
+  State
+};