@graphorin/core 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (134) hide show
  1. package/CHANGELOG.md +27 -0
  2. package/LICENSE +21 -0
  3. package/README.md +70 -0
  4. package/dist/channels/channels.d.ts +156 -0
  5. package/dist/channels/channels.d.ts.map +1 -0
  6. package/dist/channels/channels.js +90 -0
  7. package/dist/channels/channels.js.map +1 -0
  8. package/dist/channels/directive.d.ts +34 -0
  9. package/dist/channels/directive.d.ts.map +1 -0
  10. package/dist/channels/directive.js +29 -0
  11. package/dist/channels/directive.js.map +1 -0
  12. package/dist/channels/dispatch.d.ts +26 -0
  13. package/dist/channels/dispatch.d.ts.map +1 -0
  14. package/dist/channels/dispatch.js +32 -0
  15. package/dist/channels/dispatch.js.map +1 -0
  16. package/dist/channels/index.d.ts +5 -0
  17. package/dist/channels/index.js +6 -0
  18. package/dist/channels/pause.d.ts +84 -0
  19. package/dist/channels/pause.d.ts.map +1 -0
  20. package/dist/channels/pause.js +90 -0
  21. package/dist/channels/pause.js.map +1 -0
  22. package/dist/contracts/auth-token-store.d.ts +45 -0
  23. package/dist/contracts/auth-token-store.d.ts.map +1 -0
  24. package/dist/contracts/checkpoint-store.d.ts +90 -0
  25. package/dist/contracts/checkpoint-store.d.ts.map +1 -0
  26. package/dist/contracts/embedder.d.ts +45 -0
  27. package/dist/contracts/embedder.d.ts.map +1 -0
  28. package/dist/contracts/eval-scorer.d.ts +46 -0
  29. package/dist/contracts/eval-scorer.d.ts.map +1 -0
  30. package/dist/contracts/index.d.ts +22 -0
  31. package/dist/contracts/index.js +6 -0
  32. package/dist/contracts/local-provider-trust.d.ts +36 -0
  33. package/dist/contracts/local-provider-trust.d.ts.map +1 -0
  34. package/dist/contracts/logger.d.ts +53 -0
  35. package/dist/contracts/logger.d.ts.map +1 -0
  36. package/dist/contracts/logger.js +21 -0
  37. package/dist/contracts/logger.js.map +1 -0
  38. package/dist/contracts/memory-store.d.ts +106 -0
  39. package/dist/contracts/memory-store.d.ts.map +1 -0
  40. package/dist/contracts/oauth-server-store.d.ts +81 -0
  41. package/dist/contracts/oauth-server-store.d.ts.map +1 -0
  42. package/dist/contracts/preferred-model.d.ts +60 -0
  43. package/dist/contracts/preferred-model.d.ts.map +1 -0
  44. package/dist/contracts/preferred-model.js +15 -0
  45. package/dist/contracts/preferred-model.js.map +1 -0
  46. package/dist/contracts/provider.d.ts +272 -0
  47. package/dist/contracts/provider.d.ts.map +1 -0
  48. package/dist/contracts/reasoning-retention.d.ts +53 -0
  49. package/dist/contracts/reasoning-retention.d.ts.map +1 -0
  50. package/dist/contracts/redaction-validator.d.ts +59 -0
  51. package/dist/contracts/redaction-validator.d.ts.map +1 -0
  52. package/dist/contracts/sandbox.d.ts +73 -0
  53. package/dist/contracts/sandbox.d.ts.map +1 -0
  54. package/dist/contracts/secret-ref.d.ts +26 -0
  55. package/dist/contracts/secret-ref.d.ts.map +1 -0
  56. package/dist/contracts/secret-value.d.ts +112 -0
  57. package/dist/contracts/secret-value.d.ts.map +1 -0
  58. package/dist/contracts/secret-value.js +24 -0
  59. package/dist/contracts/secret-value.js.map +1 -0
  60. package/dist/contracts/secrets-store.d.ts +87 -0
  61. package/dist/contracts/secrets-store.d.ts.map +1 -0
  62. package/dist/contracts/session-store.d.ts +142 -0
  63. package/dist/contracts/session-store.d.ts.map +1 -0
  64. package/dist/contracts/token-counter.d.ts +28 -0
  65. package/dist/contracts/token-counter.d.ts.map +1 -0
  66. package/dist/contracts/tool.d.ts +264 -0
  67. package/dist/contracts/tool.d.ts.map +1 -0
  68. package/dist/contracts/tracer.d.ts +84 -0
  69. package/dist/contracts/tracer.d.ts.map +1 -0
  70. package/dist/contracts/tracer.js +34 -0
  71. package/dist/contracts/tracer.js.map +1 -0
  72. package/dist/contracts/trigger-store.d.ts +43 -0
  73. package/dist/contracts/trigger-store.d.ts.map +1 -0
  74. package/dist/index.d.ts +59 -0
  75. package/dist/index.d.ts.map +1 -0
  76. package/dist/index.js +38 -0
  77. package/dist/index.js.map +1 -0
  78. package/dist/types/agent-event.d.ts +449 -0
  79. package/dist/types/agent-event.d.ts.map +1 -0
  80. package/dist/types/handoff.d.ts +112 -0
  81. package/dist/types/handoff.d.ts.map +1 -0
  82. package/dist/types/index.d.ts +13 -0
  83. package/dist/types/index.js +6 -0
  84. package/dist/types/memory.d.ts +354 -0
  85. package/dist/types/memory.d.ts.map +1 -0
  86. package/dist/types/message.d.ts +162 -0
  87. package/dist/types/message.d.ts.map +1 -0
  88. package/dist/types/run.d.ts +155 -0
  89. package/dist/types/run.d.ts.map +1 -0
  90. package/dist/types/run.js +31 -0
  91. package/dist/types/run.js.map +1 -0
  92. package/dist/types/sensitivity.d.ts +35 -0
  93. package/dist/types/sensitivity.d.ts.map +1 -0
  94. package/dist/types/sensitivity.js +29 -0
  95. package/dist/types/sensitivity.js.map +1 -0
  96. package/dist/types/session-scope.d.ts +22 -0
  97. package/dist/types/session-scope.d.ts.map +1 -0
  98. package/dist/types/stop-condition.d.ts +62 -0
  99. package/dist/types/stop-condition.d.ts.map +1 -0
  100. package/dist/types/stop-condition.js +81 -0
  101. package/dist/types/stop-condition.js.map +1 -0
  102. package/dist/types/tool-call.d.ts +27 -0
  103. package/dist/types/tool-call.d.ts.map +1 -0
  104. package/dist/types/tool.d.ts +260 -0
  105. package/dist/types/tool.d.ts.map +1 -0
  106. package/dist/types/usage.d.ts +82 -0
  107. package/dist/types/usage.d.ts.map +1 -0
  108. package/dist/types/usage.js +17 -0
  109. package/dist/types/usage.js.map +1 -0
  110. package/dist/types/workflow-event.d.ts +108 -0
  111. package/dist/types/workflow-event.d.ts.map +1 -0
  112. package/dist/utils/assert-never.d.ts +26 -0
  113. package/dist/utils/assert-never.d.ts.map +1 -0
  114. package/dist/utils/assert-never.js +29 -0
  115. package/dist/utils/assert-never.js.map +1 -0
  116. package/dist/utils/async-context.d.ts +37 -0
  117. package/dist/utils/async-context.d.ts.map +1 -0
  118. package/dist/utils/async-context.js +33 -0
  119. package/dist/utils/async-context.js.map +1 -0
  120. package/dist/utils/hash.d.ts +30 -0
  121. package/dist/utils/hash.d.ts.map +1 -0
  122. package/dist/utils/hash.js +102 -0
  123. package/dist/utils/hash.js.map +1 -0
  124. package/dist/utils/index.d.ts +6 -0
  125. package/dist/utils/index.js +7 -0
  126. package/dist/utils/streams.d.ts +59 -0
  127. package/dist/utils/streams.d.ts.map +1 -0
  128. package/dist/utils/streams.js +169 -0
  129. package/dist/utils/streams.js.map +1 -0
  130. package/dist/utils/validation.d.ts +67 -0
  131. package/dist/utils/validation.d.ts.map +1 -0
  132. package/dist/utils/validation.js +36 -0
  133. package/dist/utils/validation.js.map +1 -0
  134. package/package.json +82 -0
@@ -0,0 +1,112 @@
1
+ //#region src/contracts/secret-value.d.ts
2
+ /**
3
+ * Cross-realm symbol used to brand `SecretValue` instances. Implementations
4
+ * (e.g. the wrapper class shipped from `@graphorin/security`) attach this
5
+ * symbol so that `isSecretValue(...)` works across realms (Worker threads,
6
+ * sandboxes, etc.).
7
+ *
8
+ * @stable
9
+ */
10
+ declare const SECRET_VALUE_BRAND: unique symbol;
11
+ /**
12
+ * Well-known symbol used by `node:util.inspect()` to format the wrapper.
13
+ * Re-exported here so downstream packages can reference it without taking
14
+ * an unconditional dependency on `node:util`.
15
+ *
16
+ * Equivalent to `Symbol.for('nodejs.util.inspect.custom')`.
17
+ *
18
+ * @stable
19
+ */
20
+ declare const NODEJS_INSPECT_CUSTOM: unique symbol;
21
+ /**
22
+ * Runtime-safe wrapper around an opaque secret (API key, token, password).
23
+ *
24
+ * The shape declared here is the **interface contract**: the concrete
25
+ * wrapper class lives in `@graphorin/security`. Downstream packages typing
26
+ * a parameter as `SecretValue` therefore avoid taking a security
27
+ * dependency.
28
+ *
29
+ * Note: `SecretValue` is **not** a TypeScript branded primitive — it is
30
+ * a full wrapper class with explicit leakage barriers
31
+ * (`Symbol.toPrimitive`, `toJSON`, `[nodejs.util.inspect.custom]`, …).
32
+ * Any conforming implementation must ensure that:
33
+ *
34
+ * - String coercion (`String(s)`, `` `${s}` ``, `s + ''`, …) yields a
35
+ * redacted placeholder, **not** the underlying value.
36
+ * - JSON serialization (`JSON.stringify({ apiKey: s })`) yields a
37
+ * redacted placeholder.
38
+ * - Inspector output (`util.inspect(s)`) yields
39
+ * `'SecretValue([REDACTED])'`.
40
+ * - The underlying value is only reachable through `.use(fn)`,
41
+ * `.useBuffer(fn)` or the audited `.reveal()` escape hatch.
42
+ *
43
+ * @stable
44
+ */
45
+ interface SecretValue {
46
+ /** Number of bytes in the wrapped value. Safe to log. */
47
+ readonly length: number;
48
+ /**
49
+ * Run `fn` with the unwrapped string and return its result. Preferred
50
+ * over `.reveal()` because it scopes the unwrapped value to a single
51
+ * synchronous / asynchronous turn.
52
+ */
53
+ use<T>(fn: (raw: string) => T | Promise<T>): Promise<T>;
54
+ /**
55
+ * Run `fn` with the unwrapped value as a `Buffer`. Useful for binary
56
+ * secrets (encryption keys, HMAC keys) where round-tripping through a
57
+ * V8 string would defeat the wrapper's hygiene.
58
+ */
59
+ useBuffer<T>(fn: (buf: Buffer) => T | Promise<T>): Promise<T>;
60
+ /**
61
+ * One-shot reveal as a string. Audited by the implementation. Prefer
62
+ * `.use(fn)` whenever possible.
63
+ */
64
+ reveal(): string;
65
+ /**
66
+ * Best-effort zeroization of the underlying buffer. Does not affect
67
+ * derived V8 strings already created via `.use(fn)` / `.reveal()`.
68
+ */
69
+ dispose(): void;
70
+ /** Cross-realm brand. Implementations set this to `SECRET_VALUE_BRAND`. */
71
+ readonly [SECRET_VALUE_BRAND]: true;
72
+ /** Leakage barrier for ToPrimitive coercion. Returns the placeholder. */
73
+ [Symbol.toPrimitive](hint: string): string | number;
74
+ /** Leakage barrier for `JSON.stringify(...)`. Returns the placeholder. */
75
+ toJSON(): string;
76
+ /**
77
+ * Leakage barrier for `node:util.inspect(...)`. Returns the placeholder
78
+ * (`'SecretValue([REDACTED])'`) so that REPL / `console.log` /
79
+ * structured-logger output never reveals the underlying value.
80
+ */
81
+ [NODEJS_INSPECT_CUSTOM](depth?: number, opts?: unknown, inspect?: unknown): string;
82
+ }
83
+ /**
84
+ * Static helpers expected on every concrete `SecretValue` constructor.
85
+ *
86
+ * @stable
87
+ */
88
+ interface SecretValueStatic {
89
+ /** Cross-realm safe type guard. */
90
+ isSecretValue(value: unknown): value is SecretValue;
91
+ /** Constant-time equality. */
92
+ timingSafeEquals(a: SecretValue, b: SecretValue): boolean;
93
+ /** Construct from a plain string. */
94
+ fromString(raw: string, opts?: SecretValueOptions): SecretValue;
95
+ /** Construct from a Node.js `Buffer`. */
96
+ fromBuffer(buf: Buffer, opts?: SecretValueOptions): SecretValue;
97
+ }
98
+ /**
99
+ * Optional metadata attached to a freshly constructed `SecretValue`.
100
+ *
101
+ * @stable
102
+ */
103
+ interface SecretValueOptions {
104
+ /** Free-form provenance string for the audit log. */
105
+ readonly source?: {
106
+ readonly resolver?: string;
107
+ readonly ref?: string;
108
+ };
109
+ }
110
+ //#endregion
111
+ export { NODEJS_INSPECT_CUSTOM, SECRET_VALUE_BRAND, SecretValue, SecretValueOptions, SecretValueStatic };
112
+ //# sourceMappingURL=secret-value.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"secret-value.d.ts","names":[],"sources":["../../src/contracts/secret-value.ts"],"sourcesContent":[],"mappings":";;AAQA;AAWA;AA0BA;;;;;AAS+C,cA9ClC,kBA8CkC,EAAA,OAAA,MAAA;;;;;;;;;AA2C/C;AAE0C,cAhF7B,qBAgF6B,EAAA,OAAA,MAAA;;;;;;;;;AAc1C;;;;;;;;;;;;;;;;UApEiB,WAAA;;;;;;;;8BASa,IAAI,QAAQ,KAAK,QAAQ;;;;;;yBAO9B,WAAW,IAAI,QAAQ,KAAK,QAAQ;;;;;;;;;;;;YAejD,kBAAA;;;;;;;;;;;;;;;;;UAqBK,iBAAA;;0CAEyB;;sBAEpB,gBAAgB;;iCAEL,qBAAqB;;kBAEpC,eAAe,qBAAqB;;;;;;;UAQrC,kBAAA"}
@@ -0,0 +1,24 @@
1
+ //#region src/contracts/secret-value.ts
2
+ /**
3
+ * Cross-realm symbol used to brand `SecretValue` instances. Implementations
4
+ * (e.g. the wrapper class shipped from `@graphorin/security`) attach this
5
+ * symbol so that `isSecretValue(...)` works across realms (Worker threads,
6
+ * sandboxes, etc.).
7
+ *
8
+ * @stable
9
+ */
10
+ const SECRET_VALUE_BRAND = Symbol.for("graphorin.SecretValue");
11
+ /**
12
+ * Well-known symbol used by `node:util.inspect()` to format the wrapper.
13
+ * Re-exported here so downstream packages can reference it without taking
14
+ * an unconditional dependency on `node:util`.
15
+ *
16
+ * Equivalent to `Symbol.for('nodejs.util.inspect.custom')`.
17
+ *
18
+ * @stable
19
+ */
20
+ const NODEJS_INSPECT_CUSTOM = Symbol.for("nodejs.util.inspect.custom");
21
+
22
+ //#endregion
23
+ export { NODEJS_INSPECT_CUSTOM, SECRET_VALUE_BRAND };
24
+ //# sourceMappingURL=secret-value.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"secret-value.js","names":["SECRET_VALUE_BRAND: unique symbol","NODEJS_INSPECT_CUSTOM: unique symbol"],"sources":["../../src/contracts/secret-value.ts"],"sourcesContent":["/**\n * Cross-realm symbol used to brand `SecretValue` instances. Implementations\n * (e.g. the wrapper class shipped from `@graphorin/security`) attach this\n * symbol so that `isSecretValue(...)` works across realms (Worker threads,\n * sandboxes, etc.).\n *\n * @stable\n */\nexport const SECRET_VALUE_BRAND: unique symbol = Symbol.for('graphorin.SecretValue');\n\n/**\n * Well-known symbol used by `node:util.inspect()` to format the wrapper.\n * Re-exported here so downstream packages can reference it without taking\n * an unconditional dependency on `node:util`.\n *\n * Equivalent to `Symbol.for('nodejs.util.inspect.custom')`.\n *\n * @stable\n */\nexport const NODEJS_INSPECT_CUSTOM: unique symbol = Symbol.for('nodejs.util.inspect.custom');\n\n/**\n * Runtime-safe wrapper around an opaque secret (API key, token, password).\n *\n * The shape declared here is the **interface contract**: the concrete\n * wrapper class lives in `@graphorin/security`. Downstream packages typing\n * a parameter as `SecretValue` therefore avoid taking a security\n * dependency.\n *\n * Note: `SecretValue` is **not** a TypeScript branded primitive — it is\n * a full wrapper class with explicit leakage barriers\n * (`Symbol.toPrimitive`, `toJSON`, `[nodejs.util.inspect.custom]`, …).\n * Any conforming implementation must ensure that:\n *\n * - String coercion (`String(s)`, `` `${s}` ``, `s + ''`, …) yields a\n * redacted placeholder, **not** the underlying value.\n * - JSON serialization (`JSON.stringify({ apiKey: s })`) yields a\n * redacted placeholder.\n * - Inspector output (`util.inspect(s)`) yields\n * `'SecretValue([REDACTED])'`.\n * - The underlying value is only reachable through `.use(fn)`,\n * `.useBuffer(fn)` or the audited `.reveal()` escape hatch.\n *\n * @stable\n */\nexport interface SecretValue {\n /** Number of bytes in the wrapped value. Safe to log. */\n readonly length: number;\n\n /**\n * Run `fn` with the unwrapped string and return its result. Preferred\n * over `.reveal()` because it scopes the unwrapped value to a single\n * synchronous / asynchronous turn.\n */\n use<T>(fn: (raw: string) => T | Promise<T>): Promise<T>;\n\n /**\n * Run `fn` with the unwrapped value as a `Buffer`. Useful for binary\n * secrets (encryption keys, HMAC keys) where round-tripping through a\n * V8 string would defeat the wrapper's hygiene.\n */\n useBuffer<T>(fn: (buf: Buffer) => T | Promise<T>): Promise<T>;\n\n /**\n * One-shot reveal as a string. Audited by the implementation. Prefer\n * `.use(fn)` whenever possible.\n */\n reveal(): string;\n\n /**\n * Best-effort zeroization of the underlying buffer. Does not affect\n * derived V8 strings already created via `.use(fn)` / `.reveal()`.\n */\n dispose(): void;\n\n /** Cross-realm brand. Implementations set this to `SECRET_VALUE_BRAND`. */\n readonly [SECRET_VALUE_BRAND]: true;\n\n /** Leakage barrier for ToPrimitive coercion. Returns the placeholder. */\n [Symbol.toPrimitive](hint: string): string | number;\n\n /** Leakage barrier for `JSON.stringify(...)`. Returns the placeholder. */\n toJSON(): string;\n\n /**\n * Leakage barrier for `node:util.inspect(...)`. Returns the placeholder\n * (`'SecretValue([REDACTED])'`) so that REPL / `console.log` /\n * structured-logger output never reveals the underlying value.\n */\n [NODEJS_INSPECT_CUSTOM](depth?: number, opts?: unknown, inspect?: unknown): string;\n}\n\n/**\n * Static helpers expected on every concrete `SecretValue` constructor.\n *\n * @stable\n */\nexport interface SecretValueStatic {\n /** Cross-realm safe type guard. */\n isSecretValue(value: unknown): value is SecretValue;\n /** Constant-time equality. */\n timingSafeEquals(a: SecretValue, b: SecretValue): boolean;\n /** Construct from a plain string. */\n fromString(raw: string, opts?: SecretValueOptions): SecretValue;\n /** Construct from a Node.js `Buffer`. */\n fromBuffer(buf: Buffer, opts?: SecretValueOptions): SecretValue;\n}\n\n/**\n * Optional metadata attached to a freshly constructed `SecretValue`.\n *\n * @stable\n */\nexport interface SecretValueOptions {\n /** Free-form provenance string for the audit log. */\n readonly source?: { readonly resolver?: string; readonly ref?: string };\n}\n"],"mappings":";;;;;;;;;AAQA,MAAaA,qBAAoC,OAAO,IAAI,wBAAwB;;;;;;;;;;AAWpF,MAAaC,wBAAuC,OAAO,IAAI,6BAA6B"}
@@ -0,0 +1,87 @@
1
+ import { SessionScope } from "../types/session-scope.js";
2
+ import { SecretRef } from "./secret-ref.js";
3
+ import { SecretValue } from "./secret-value.js";
4
+
5
+ //#region src/contracts/secrets-store.d.ts
6
+
7
+ /**
8
+ * Pluggable secret resolver — turns a parsed `SecretRef` into a live
9
+ * `SecretValue`. Concrete resolvers live in `@graphorin/security` (env,
10
+ * keyring, file, encrypted-file, literal, ref, vault) and in optional
11
+ * adapter packages (`@graphorin/secret-1password`, …).
12
+ *
13
+ * @stable
14
+ */
15
+ interface SecretResolver {
16
+ /** Lowercased URI scheme handled by this resolver (`'env'`, `'op'`, …). */
17
+ readonly scheme: string;
18
+ resolve(ref: SecretRef, ctx?: SecretResolverContext): Promise<SecretValue>;
19
+ }
20
+ /**
21
+ * Optional context handed to a resolver. Carries the originating tool /
22
+ * agent identifiers so the audit log can attribute the resolution.
23
+ *
24
+ * @stable
25
+ */
26
+ interface SecretResolverContext {
27
+ readonly toolName?: string;
28
+ readonly agentId?: string;
29
+ readonly runId?: string;
30
+ readonly signal?: AbortSignal;
31
+ }
32
+ /**
33
+ * Pluggable secret-managing storage. Concrete implementations live in
34
+ * `@graphorin/security` (`KeyringSecretsStore`, `EncryptedFileSecretsStore`,
35
+ * `EnvSecretsStore`, `MemorySecretsStore`).
36
+ *
37
+ * The interface is intentionally narrow: every method either returns a
38
+ * `SecretValue` or a piece of metadata that is safe to log. The raw
39
+ * value is never returned as a `string` from this surface.
40
+ *
41
+ * @stable
42
+ */
43
+ interface SecretsStore {
44
+ /** Returns the secret if it exists, `null` otherwise. */
45
+ get(key: string, scope?: SessionScope): Promise<SecretValue | null>;
46
+ /**
47
+ * Returns the secret or throws. Implementations enforce the per-tool
48
+ * `secretsAllowed` ACL: if the current tool context disallows `key`,
49
+ * throw `SecretAccessDeniedError`.
50
+ */
51
+ require(key: string, scope?: SessionScope): Promise<SecretValue>;
52
+ /**
53
+ * Persist a secret. Implementations auto-wrap a plain string into a
54
+ * `SecretValue` so callers don't have to.
55
+ */
56
+ set(key: string, value: string | SecretValue, opts?: SecretsSetOptions): Promise<void>;
57
+ delete(key: string, scope?: SessionScope): Promise<void>;
58
+ /** Returns metadata about every key — never the values themselves. */
59
+ list(scope?: SessionScope): Promise<ReadonlyArray<SecretMetadata>>;
60
+ }
61
+ /**
62
+ * Optional knobs for `SecretsStore.set(...)`.
63
+ *
64
+ * @stable
65
+ */
66
+ interface SecretsSetOptions {
67
+ readonly scope?: SessionScope;
68
+ readonly expiresAt?: string;
69
+ readonly tags?: ReadonlyArray<string>;
70
+ }
71
+ /**
72
+ * Public metadata about a stored secret. Safe to log — never carries the
73
+ * value itself.
74
+ *
75
+ * @stable
76
+ */
77
+ interface SecretMetadata {
78
+ readonly key: string;
79
+ readonly createdAt: string;
80
+ readonly updatedAt?: string;
81
+ readonly expiresAt?: string;
82
+ readonly tags?: ReadonlyArray<string>;
83
+ readonly source?: string;
84
+ }
85
+ //#endregion
86
+ export { SecretMetadata, SecretResolver, SecretResolverContext, SecretsSetOptions, SecretsStore };
87
+ //# sourceMappingURL=secrets-store.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"secrets-store.d.ts","names":[],"sources":["../../src/contracts/secrets-store.ts"],"sourcesContent":[],"mappings":";;;;;;;;AAYA;;;;;;AAYiB,UAZA,cAAA,CAYqB;EAkBrB;EAEU,SAAA,MAAA,EAAA,MAAA;EAAuB,OAAA,CAAA,GAAA,EA7BnC,SA6BmC,EAAA,GAAA,CAAA,EA7BlB,qBA6BkB,CAAA,EA7BM,OA6BN,CA7Bc,WA6Bd,CAAA;;;;;;;;AAepB,UAnCb,qBAAA,CAmCa;EAAe,SAAA,QAAA,CAAA,EAAA,MAAA;EAG9B,SAAA,OAAA,CAAA,EAAA,MAAA;EAAqC,SAAA,KAAA,CAAA,EAAA,MAAA;EAAd,SAAA,MAAA,CAAA,EAlClB,WAkCkB;;;AAQtC;AAYA;;;;;;;;;UAxCiB,YAAA;;2BAEU,eAAe,QAAQ;;;;;;+BAOnB,eAAe,QAAQ;;;;;mCAMnB,oBAAoB,oBAAoB;8BAE7C,eAAe;;eAG9B,eAAe,QAAQ,cAAc;;;;;;;UAQnC,iBAAA;mBACE;;kBAED;;;;;;;;UASD,cAAA;;;;;kBAKC"}
@@ -0,0 +1,142 @@
1
+ import { SessionScope } from "../types/session-scope.js";
2
+ import { HandoffRecord } from "../types/handoff.js";
3
+
4
+ //#region src/contracts/session-store.d.ts
5
+
6
+ /**
7
+ * Lightweight session metadata persisted by the sessions package. The
8
+ * actual `session_messages` rows are owned by `MemoryStore` (single source
9
+ * of truth — the sessions package delegates message CRUD to memory).
10
+ *
11
+ * @stable
12
+ */
13
+ interface SessionMetadata {
14
+ readonly id: string;
15
+ readonly userId: string;
16
+ readonly agentId: string;
17
+ readonly title?: string;
18
+ readonly createdAt: string;
19
+ readonly updatedAt?: string;
20
+ readonly closedAt?: string;
21
+ readonly tags?: ReadonlyArray<string>;
22
+ }
23
+ /**
24
+ * Agent registry entry. Captures stable metadata about every agent that
25
+ * ever produced a message — so JSONL exports / replays can resolve a
26
+ * `Message.agentId` to a human-readable name even after the agent was
27
+ * renamed or retired.
28
+ *
29
+ * @stable
30
+ */
31
+ interface AgentRegistryEntry {
32
+ readonly id: string;
33
+ readonly displayName: string;
34
+ readonly registeredAt: string;
35
+ readonly retiredAt?: string;
36
+ readonly tags?: ReadonlyArray<string>;
37
+ }
38
+ /**
39
+ * Workflow ↔ session mapping row. Lets the server enumerate the
40
+ * workflows attached to a session for resume / replay flows.
41
+ *
42
+ * @stable
43
+ */
44
+ interface SessionWorkflowRun {
45
+ readonly sessionId: string;
46
+ readonly workflowId: string;
47
+ readonly threadId: string;
48
+ readonly attachedAt: string;
49
+ readonly status: 'running' | 'suspended' | 'completed' | 'failed';
50
+ }
51
+ /**
52
+ * Session lifecycle audit event. The `@graphorin/sessions` package
53
+ * appends one row per noteworthy lifecycle step (`created`, `closed`,
54
+ * `forked`, `replayed`, `cassette-recorded`, `cassette-replayed`,
55
+ * `commentary-sanitized`, …) plus per-session-handoff. Adapters can
56
+ * surface the rows verbatim from disk.
57
+ *
58
+ * The `metadata` field is intentionally an open record — storage
59
+ * adapters serialize it as JSON. Callers should keep it small and
60
+ * never include secret values.
61
+ *
62
+ * @stable
63
+ */
64
+ interface SessionAuditEntry {
65
+ readonly id: string;
66
+ readonly sessionId: string;
67
+ readonly action: string;
68
+ readonly at: string;
69
+ readonly actor?: {
70
+ readonly kind: string;
71
+ readonly id: string;
72
+ readonly label?: string;
73
+ };
74
+ readonly metadata?: Readonly<Record<string, unknown>>;
75
+ }
76
+ /**
77
+ * Pluggable session-metadata storage. Implementations live in the
78
+ * storage adapter packages.
79
+ *
80
+ * @stable
81
+ */
82
+ interface SessionStore {
83
+ createSession(metadata: SessionMetadata): Promise<void>;
84
+ getSession(sessionId: string): Promise<SessionMetadata | null>;
85
+ listSessions(scope: Pick<SessionScope, 'userId' | 'agentId'>): Promise<ReadonlyArray<SessionMetadata>>;
86
+ updateSession(sessionId: string, patch: Partial<SessionMetadata>): Promise<void>;
87
+ closeSession(sessionId: string, closedAt: string): Promise<void>;
88
+ registerAgent(entry: AgentRegistryEntry): Promise<void>;
89
+ retireAgent(agentId: string, retiredAt: string): Promise<void>;
90
+ resolveAgent(agentId: string): Promise<AgentRegistryEntry | null>;
91
+ appendHandoff(sessionId: string, record: HandoffRecord): Promise<void>;
92
+ listHandoffs(sessionId: string): Promise<ReadonlyArray<HandoffRecord>>;
93
+ attachWorkflowRun(run: SessionWorkflowRun): Promise<void>;
94
+ listWorkflowRuns(sessionId: string): Promise<ReadonlyArray<SessionWorkflowRun>>;
95
+ }
96
+ /**
97
+ * Optional extension surface for storage adapters that expose the
98
+ * additional capabilities `@graphorin/sessions` consumes.
99
+ * Adapters that opt out leave the property undefined; the sessions
100
+ * facade degrades gracefully (delete becomes retire; audit rows are
101
+ * dropped on the floor with a one-time WARN).
102
+ *
103
+ * Implementations: `SqliteSessionStore` (`@graphorin/store-sqlite`).
104
+ *
105
+ * @stable
106
+ */
107
+ interface SessionStoreExt extends SessionStore {
108
+ /** Hard-delete an agent. Used by `AgentRegistry.delete(...)`. */
109
+ deleteAgent(agentId: string): Promise<void>;
110
+ /** List all known agents (including retired ones). */
111
+ listAgents(): Promise<ReadonlyArray<AgentRegistryEntry>>;
112
+ /** Update the status of a workflow attachment. */
113
+ updateWorkflowRunStatus(sessionId: string, workflowId: string, threadId: string, status: SessionWorkflowRun['status']): Promise<void>;
114
+ /** Append a session-lifecycle audit row. */
115
+ appendAuditEntry(entry: SessionAuditEntry): Promise<void>;
116
+ /** List recent audit rows for a session, newest-first. */
117
+ listAuditEntries(sessionId: string, opts?: {
118
+ readonly limit?: number;
119
+ }): Promise<ReadonlyArray<SessionAuditEntry>>;
120
+ /** Delete audit rows older than the supplied epoch ms. */
121
+ pruneAuditEntries(beforeEpochMs: number): Promise<number>;
122
+ /**
123
+ * Hard-delete a session and cascade its session-owned rows — handoffs,
124
+ * workflow-run attachments, and audit entries (RP-6). Message rows live in
125
+ * the `SessionMemoryStore` and are purged separately. A no-op for an unknown
126
+ * id.
127
+ */
128
+ deleteSession(sessionId: string): Promise<void>;
129
+ /**
130
+ * Retention sweep (RP-6): hard-delete (cascade) every session matching the
131
+ * policy. `beforeEpochMs` limits to sessions created before that instant;
132
+ * `closedOnly` limits to closed sessions. With neither, deletes all sessions.
133
+ * Returns the number of sessions deleted.
134
+ */
135
+ pruneSessions(opts: {
136
+ readonly beforeEpochMs?: number;
137
+ readonly closedOnly?: boolean;
138
+ }): Promise<number>;
139
+ }
140
+ //#endregion
141
+ export { AgentRegistryEntry, SessionAuditEntry, SessionMetadata, SessionStore, SessionStoreExt, SessionWorkflowRun };
142
+ //# sourceMappingURL=session-store.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"session-store.d.ts","names":[],"sources":["../../src/contracts/session-store.ts"],"sourcesContent":[],"mappings":";;;;;;;AAUA;AAmBA;AAcA;AAqBA;AAmBA;AAC0B,UA1ET,eAAA,CA0ES;EAAkB,SAAA,EAAA,EAAA,MAAA;EACH,SAAA,MAAA,EAAA,MAAA;EAAR,SAAA,OAAA,EAAA,MAAA;EAEjB,SAAA,KAAA,CAAA,EAAA,MAAA;EAAL,SAAA,SAAA,EAAA,MAAA;EACgB,SAAA,SAAA,CAAA,EAAA,MAAA;EAAd,SAAA,QAAA,CAAA,EAAA,MAAA;EAAR,SAAA,IAAA,CAAA,EAtEa,aAsEb,CAAA,MAAA,CAAA;;;;;;;;;;AAQsC,UAnE1B,kBAAA,CAmE0B;EAAgB,SAAA,EAAA,EAAA,MAAA;EACF,SAAA,WAAA,EAAA,MAAA;EAAd,SAAA,YAAA,EAAA,MAAA;EAAR,SAAA,SAAA,CAAA,EAAA,MAAA;EAEV,SAAA,IAAA,CAAA,EAjEP,aAiEO,CAAA,MAAA,CAAA;;;;;;AAezB;;AAIsC,UA3ErB,kBAAA,CA2EqB;EAAd,SAAA,SAAA,EAAA,MAAA;EAAR,SAAA,UAAA,EAAA,MAAA;EAMJ,SAAA,QAAA,EAAA,MAAA;EACP,SAAA,UAAA,EAAA,MAAA;EAEqB,SAAA,MAAA,EAAA,SAAA,GAAA,WAAA,GAAA,WAAA,GAAA,QAAA;;;;;;;;;;;;;;;UA/DT,iBAAA;;;;;;;;;;sBAUK,SAAS;;;;;;;;UASd,YAAA;0BACS,kBAAkB;iCACX,QAAQ;sBAE9B,KAAK,sCACX,QAAQ,cAAc;0CACe,QAAQ,mBAAmB;qDAChB;uBAE9B,qBAAqB;mDACO;iCAClB,QAAQ;2CAEE,gBAAgB;mCACxB,QAAQ,cAAc;yBAEhC,qBAAqB;uCACP,QAAQ,cAAc;;;;;;;;;;;;;UAc5C,eAAA,SAAwB;;gCAET;;gBAEhB,QAAQ,cAAc;;2FAM1B,+BACP;;0BAEqB,oBAAoB;;;;MAKzC,QAAQ,cAAc;;4CAEiB;;;;;;;oCAOR;;;;;;;;;;MAU9B"}
@@ -0,0 +1,28 @@
1
+ import { Message } from "../types/message.js";
2
+
3
+ //#region src/contracts/token-counter.d.ts
4
+
5
+ /**
6
+ * Pluggable token counter. Implementations live in `@graphorin/provider`
7
+ * (default `JsTiktokenCounter` for OpenAI/compatible, plus per-vendor
8
+ * native counters) and are interchangeable behind this interface.
9
+ *
10
+ * Counters carry a `version` field so that consumers (e.g. the
11
+ * `session_messages.tokenizer_version` cache column) can invalidate stale
12
+ * cached counts when the underlying tokenizer is upgraded.
13
+ *
14
+ * @stable
15
+ */
16
+ interface TokenCounter {
17
+ /** Human-readable identifier (`'js-tiktoken@cl100k_base'`, …). */
18
+ readonly id: string;
19
+ /** Tokenizer version string used for cache invalidation. */
20
+ readonly version: string;
21
+ /** Count tokens in a list of `Message`s (system/user/assistant/tool). */
22
+ count(messages: ReadonlyArray<Message>): Promise<number>;
23
+ /** Count tokens in a raw text string. */
24
+ countText(text: string): Promise<number>;
25
+ }
26
+ //#endregion
27
+ export { TokenCounter };
28
+ //# sourceMappingURL=token-counter.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"token-counter.d.ts","names":[],"sources":["../../src/contracts/token-counter.ts"],"sourcesContent":[],"mappings":";;;;;;AAaA;;;;;;;;;UAAiB,YAAA;;;;;;kBAMC,cAAc,WAAW;;2BAEhB"}