@graphrefly/ts 0.0.1 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (330) hide show
  1. package/dist/actions-types-CSC3NMDl.d.ts +657 -0
  2. package/dist/actions-types-wl9Mgkmr.d.cts +657 -0
  3. package/dist/adapters/index.cjs +5157 -2951
  4. package/dist/adapters/index.cjs.map +1 -1
  5. package/dist/adapters/index.d.cts +207 -70
  6. package/dist/adapters/index.d.ts +207 -70
  7. package/dist/adapters/index.js +3738 -1688
  8. package/dist/adapters/index.js.map +1 -1
  9. package/dist/adapters/nestjs/microservices.cjs +841 -0
  10. package/dist/adapters/nestjs/microservices.cjs.map +1 -0
  11. package/dist/adapters/nestjs/microservices.d.cts +45 -0
  12. package/dist/adapters/nestjs/microservices.d.ts +45 -0
  13. package/dist/adapters/nestjs/microservices.js +206 -0
  14. package/dist/adapters/nestjs/microservices.js.map +1 -0
  15. package/dist/adapters/nestjs/native.cjs +1391 -0
  16. package/dist/adapters/nestjs/native.cjs.map +1 -0
  17. package/dist/adapters/nestjs/native.d.cts +111 -0
  18. package/dist/adapters/nestjs/native.d.ts +111 -0
  19. package/dist/adapters/nestjs/native.js +577 -0
  20. package/dist/adapters/nestjs/native.js.map +1 -0
  21. package/dist/adapters/nestjs/websockets.cjs +924 -0
  22. package/dist/adapters/nestjs/websockets.cjs.map +1 -0
  23. package/dist/adapters/nestjs/websockets.d.cts +47 -0
  24. package/dist/adapters/nestjs/websockets.d.ts +47 -0
  25. package/dist/adapters/nestjs/websockets.js +286 -0
  26. package/dist/adapters/nestjs/websockets.js.map +1 -0
  27. package/dist/adapters/nestjs.cjs +1085 -0
  28. package/dist/adapters/nestjs.cjs.map +1 -0
  29. package/dist/adapters/nestjs.d.cts +385 -0
  30. package/dist/adapters/nestjs.d.ts +385 -0
  31. package/dist/adapters/nestjs.js +112 -0
  32. package/dist/adapters/nestjs.js.map +1 -0
  33. package/dist/adapters/observe-storage.d.cts +3 -3
  34. package/dist/adapters/observe-storage.d.ts +3 -3
  35. package/dist/adapters/observe-storage.js +4 -4
  36. package/dist/adapters/react.cjs.map +1 -1
  37. package/dist/adapters/react.d.cts +2 -2
  38. package/dist/adapters/react.d.ts +2 -2
  39. package/dist/adapters/react.js +1 -1
  40. package/dist/adapters/solid.cjs.map +1 -1
  41. package/dist/adapters/solid.d.cts +2 -2
  42. package/dist/adapters/solid.d.ts +2 -2
  43. package/dist/adapters/solid.js +1 -1
  44. package/dist/adapters/svelte.cjs.map +1 -1
  45. package/dist/adapters/svelte.d.cts +2 -2
  46. package/dist/adapters/svelte.d.ts +2 -2
  47. package/dist/adapters/svelte.js +1 -1
  48. package/dist/adapters/vue.cjs.map +1 -1
  49. package/dist/adapters/vue.d.cts +2 -2
  50. package/dist/adapters/vue.d.ts +2 -2
  51. package/dist/adapters/vue.js +1 -1
  52. package/dist/{agent-runtime-DZTJ3C-p.d.cts → agent-runtime-types-core-CaXfKNtY.d.cts} +171 -320
  53. package/dist/{agent-runtime-BesGDZcB.d.ts → agent-runtime-types-core-hU299uIC.d.ts} +171 -320
  54. package/dist/agent-runtime-types-tool-BEpSINol.d.ts +695 -0
  55. package/dist/agent-runtime-types-tool-DninPEzk.d.cts +695 -0
  56. package/dist/agentic-memory-retention-BmGX368S.d.ts +14 -0
  57. package/dist/agentic-memory-retention-Ih1qhX9Z.d.cts +14 -0
  58. package/dist/{agentic-memory-BmRCvh0d.d.ts → agentic-memory-types-CVSUS6XR.d.ts} +13 -57
  59. package/dist/{agentic-memory-DfuVZ-lY.d.cts → agentic-memory-types-FnnYlVUs.d.cts} +13 -57
  60. package/dist/{capability-admission-g0mn9hpq.d.ts → capability-admission-BW2CziT6.d.ts} +3 -3
  61. package/dist/{capability-admission-B0BzqAm5.d.cts → capability-admission-lwSecxXs.d.cts} +3 -3
  62. package/dist/chunk-2KUAG2GZ.js +9693 -0
  63. package/dist/chunk-2KUAG2GZ.js.map +1 -0
  64. package/dist/chunk-2NJP6GO4.js +1320 -0
  65. package/dist/chunk-2NJP6GO4.js.map +1 -0
  66. package/dist/{chunk-YDSIVHRR.js → chunk-4NWSNI4K.js} +1598 -1584
  67. package/dist/chunk-4NWSNI4K.js.map +1 -0
  68. package/dist/{chunk-Z2ANQ6JW.js → chunk-4Q77MMJY.js} +2 -2
  69. package/dist/chunk-6E76H4OU.js +132 -0
  70. package/dist/chunk-6E76H4OU.js.map +1 -0
  71. package/dist/chunk-7GOTIIQ7.js +819 -0
  72. package/dist/chunk-7GOTIIQ7.js.map +1 -0
  73. package/dist/{chunk-IXZBUWSP.js → chunk-7HZRJMN6.js} +2 -2
  74. package/dist/{chunk-SS2A464I.js → chunk-CJIFGJQG.js} +3 -3
  75. package/dist/{chunk-V7CIJE4B.js → chunk-CX6B6PO2.js} +92 -9
  76. package/dist/chunk-CX6B6PO2.js.map +1 -0
  77. package/dist/{chunk-FBUU43PM.js → chunk-E4QCH32M.js} +448 -446
  78. package/dist/chunk-E4QCH32M.js.map +1 -0
  79. package/dist/{chunk-HKK2JD7Z.js → chunk-ECURQ3HD.js} +12 -125
  80. package/dist/chunk-ECURQ3HD.js.map +1 -0
  81. package/dist/{chunk-3JR3EDB2.js → chunk-EOKT4QFF.js} +121 -115
  82. package/dist/chunk-EOKT4QFF.js.map +1 -0
  83. package/dist/{chunk-K3FXTC3I.js → chunk-HJACH5PU.js} +3 -3
  84. package/dist/{chunk-GTPCOEOZ.js → chunk-IDMLXLLG.js} +3 -3
  85. package/dist/{chunk-DKP56CSW.js → chunk-JKAYLDQV.js} +2 -2
  86. package/dist/{chunk-4VLAQHZI.js → chunk-K7FB3JTD.js} +17 -1
  87. package/dist/chunk-K7FB3JTD.js.map +1 -0
  88. package/dist/{chunk-H75VXTGT.js → chunk-L6LDXRWE.js} +3 -3
  89. package/dist/{chunk-H75VXTGT.js.map → chunk-L6LDXRWE.js.map} +1 -1
  90. package/dist/{chunk-YXMZ2N6J.js → chunk-M7J6Z4IJ.js} +1071 -1025
  91. package/dist/chunk-M7J6Z4IJ.js.map +1 -0
  92. package/dist/chunk-MQEQMS7B.js +1009 -0
  93. package/dist/chunk-MQEQMS7B.js.map +1 -0
  94. package/dist/chunk-MTELVIYR.js +1421 -0
  95. package/dist/chunk-MTELVIYR.js.map +1 -0
  96. package/dist/{chunk-QFY4AFY4.js → chunk-PVC7WDKI.js} +58 -52
  97. package/dist/chunk-PVC7WDKI.js.map +1 -0
  98. package/dist/{chunk-VTHLCFN4.js → chunk-RAHNUYA5.js} +2 -2
  99. package/dist/{chunk-XKXWK2KP.js → chunk-SHZDP2MQ.js} +1157 -1021
  100. package/dist/chunk-SHZDP2MQ.js.map +1 -0
  101. package/dist/{chunk-CZNV3VXM.js → chunk-SIDJO2T4.js} +11 -11
  102. package/dist/chunk-STXRMPW4.js +4131 -0
  103. package/dist/chunk-STXRMPW4.js.map +1 -0
  104. package/dist/{chunk-2747WN4Y.js → chunk-TPND5MJS.js} +3 -3
  105. package/dist/chunk-TQPCAIQI.js +612 -0
  106. package/dist/chunk-TQPCAIQI.js.map +1 -0
  107. package/dist/{chunk-43BKLFZU.js → chunk-YDWBXXQZ.js} +10 -10
  108. package/dist/{chunk-6PHB5CJS.js → chunk-ZLFRB6FI.js} +2 -2
  109. package/dist/composition/index.cjs +1228 -1076
  110. package/dist/composition/index.cjs.map +1 -1
  111. package/dist/composition/index.d.cts +3 -3
  112. package/dist/composition/index.d.ts +3 -3
  113. package/dist/composition/index.js +4 -4
  114. package/dist/core/index.cjs +1198 -1046
  115. package/dist/core/index.cjs.map +1 -1
  116. package/dist/core/index.d.cts +1 -1
  117. package/dist/core/index.d.ts +1 -1
  118. package/dist/core/index.js +2 -2
  119. package/dist/cqrs/index.d.cts +3 -3
  120. package/dist/cqrs/index.d.ts +3 -3
  121. package/dist/cqrs/messaging.d.cts +4 -4
  122. package/dist/cqrs/messaging.d.ts +4 -4
  123. package/dist/cqrs/work-queue.d.cts +5 -5
  124. package/dist/cqrs/work-queue.d.ts +5 -5
  125. package/dist/data-structures/index.cjs +1226 -1074
  126. package/dist/data-structures/index.cjs.map +1 -1
  127. package/dist/data-structures/index.d.cts +8 -7
  128. package/dist/data-structures/index.d.ts +8 -7
  129. package/dist/data-structures/index.js +6 -5
  130. package/dist/{describe-BpyJuWkw.d.ts → describe-B_A5fbXH.d.ts} +1 -1
  131. package/dist/{describe-DYMw_l1C.d.cts → describe-CQRrkv-Q.d.cts} +1 -1
  132. package/dist/executors/tool-provider-adapters.cjs +3091 -0
  133. package/dist/executors/tool-provider-adapters.cjs.map +1 -0
  134. package/dist/executors/tool-provider-adapters.d.cts +174 -0
  135. package/dist/executors/tool-provider-adapters.d.ts +174 -0
  136. package/dist/executors/tool-provider-adapters.js +1336 -0
  137. package/dist/executors/tool-provider-adapters.js.map +1 -0
  138. package/dist/executors/tool-provider-runtime.cjs +5178 -0
  139. package/dist/executors/tool-provider-runtime.cjs.map +1 -0
  140. package/dist/executors/tool-provider-runtime.d.cts +17 -0
  141. package/dist/executors/tool-provider-runtime.d.ts +17 -0
  142. package/dist/executors/tool-provider-runtime.js +15 -0
  143. package/dist/executors/tool-provider-runtime.js.map +1 -0
  144. package/dist/executors/tool-provider.cjs +6392 -0
  145. package/dist/executors/tool-provider.cjs.map +1 -0
  146. package/dist/executors/tool-provider.d.cts +60 -0
  147. package/dist/executors/tool-provider.d.ts +60 -0
  148. package/dist/executors/tool-provider.js +89 -0
  149. package/dist/executors/tool-provider.js.map +1 -0
  150. package/dist/executors/work-queue.d.cts +6 -6
  151. package/dist/executors/work-queue.d.ts +6 -6
  152. package/dist/graph/index.cjs +1499 -1341
  153. package/dist/graph/index.cjs.map +1 -1
  154. package/dist/graph/index.d.cts +9 -8
  155. package/dist/graph/index.d.ts +9 -8
  156. package/dist/graph/index.js +23 -22
  157. package/dist/{graph-DCEWh4T2.d.cts → graph-CWK3HLPB.d.cts} +133 -131
  158. package/dist/{graph-D-1-SQeC.d.ts → graph-ho5sotHP.d.ts} +133 -131
  159. package/dist/{index-Bmxeu0nK.d.ts → index-CQWcE0Dw.d.ts} +18 -4
  160. package/dist/{index-72VZC0-E.d.cts → index-DHA1i67c.d.cts} +18 -4
  161. package/dist/index.cjs +3397 -3140
  162. package/dist/index.cjs.map +1 -1
  163. package/dist/index.d.cts +12 -9
  164. package/dist/index.d.ts +12 -9
  165. package/dist/index.js +110 -109
  166. package/dist/inspection/boundary.d.cts +4 -4
  167. package/dist/inspection/boundary.d.ts +4 -4
  168. package/dist/measurements-C0mAvWU1.d.cts +164 -0
  169. package/dist/measurements-OMpCeBwh.d.ts +164 -0
  170. package/dist/messaging/index.cjs +57 -51
  171. package/dist/messaging/index.cjs.map +1 -1
  172. package/dist/messaging/index.d.cts +11 -276
  173. package/dist/messaging/index.d.ts +11 -276
  174. package/dist/messaging/index.js +1 -1
  175. package/dist/operators/index.cjs +1228 -1076
  176. package/dist/operators/index.cjs.map +1 -1
  177. package/dist/operators/index.d.cts +5 -5
  178. package/dist/operators/index.d.ts +5 -5
  179. package/dist/operators/index.js +5 -5
  180. package/dist/orchestration/index.cjs +8844 -6071
  181. package/dist/orchestration/index.cjs.map +1 -1
  182. package/dist/orchestration/index.d.cts +171 -224
  183. package/dist/orchestration/index.d.ts +171 -224
  184. package/dist/orchestration/index.js +42 -991
  185. package/dist/orchestration/index.js.map +1 -1
  186. package/dist/orchestration/messaging.d.cts +5 -8
  187. package/dist/orchestration/messaging.d.ts +5 -8
  188. package/dist/orchestration/work-queue.cjs +1243 -5
  189. package/dist/orchestration/work-queue.cjs.map +1 -1
  190. package/dist/orchestration/work-queue.d.cts +121 -10
  191. package/dist/orchestration/work-queue.d.ts +121 -10
  192. package/dist/orchestration/work-queue.js +1067 -4
  193. package/dist/orchestration/work-queue.js.map +1 -1
  194. package/dist/patterns/event-flow.cjs +6 -20
  195. package/dist/patterns/event-flow.cjs.map +1 -1
  196. package/dist/patterns/event-flow.d.cts +4 -4
  197. package/dist/patterns/event-flow.d.ts +4 -4
  198. package/dist/patterns/event-flow.js +2 -2
  199. package/dist/patterns/index.cjs +453 -465
  200. package/dist/patterns/index.cjs.map +1 -1
  201. package/dist/patterns/index.d.cts +6 -5
  202. package/dist/patterns/index.d.ts +6 -5
  203. package/dist/patterns/index.js +3 -3
  204. package/dist/process-types-C9uMYz3i.d.ts +200 -0
  205. package/dist/process-types-h3uRlzDc.d.cts +200 -0
  206. package/dist/{reactive-collection-DNV0-gFi.d.cts → reactive-collection-B9R0Bl1P.d.cts} +4 -34
  207. package/dist/{reactive-collection-BAmfrGjd.d.ts → reactive-collection-BXFrH0U2.d.ts} +4 -34
  208. package/dist/{reactive-collection-storage-BNEldDyi.d.cts → reactive-collection-storage-BLGv8Xp8.d.cts} +5 -5
  209. package/dist/{reactive-collection-storage-YZsAQsWK.d.ts → reactive-collection-storage-a4zD3665.d.ts} +5 -5
  210. package/dist/{reactive-map-DRD1LJ2H.d.cts → reactive-map-C_8sOfdS.d.cts} +3 -2
  211. package/dist/{reactive-map-EsDiCmJk.d.ts → reactive-map-jle5dnok.d.ts} +3 -2
  212. package/dist/render/index.d.cts +2 -2
  213. package/dist/render/index.d.ts +2 -2
  214. package/dist/scheduled-readiness-5rwQlyjV.d.ts +91 -0
  215. package/dist/scheduled-readiness-DpRY8jI0.d.cts +91 -0
  216. package/dist/semantic-memory-graph-C2ZUwIlq.d.ts +30 -0
  217. package/dist/semantic-memory-graph-DlZBD_Eu.d.cts +30 -0
  218. package/dist/{semantic-memory-graph-DKuNzuWw.d.cts → semantic-memory-graph-types-BvzdqmkY.d.cts} +2 -28
  219. package/dist/{semantic-memory-graph-uwbwJdhe.d.ts → semantic-memory-graph-types-Ci-OtahO.d.ts} +2 -28
  220. package/dist/solutions/index.cjs +6353 -6169
  221. package/dist/solutions/index.cjs.map +1 -1
  222. package/dist/solutions/index.d.cts +12 -10
  223. package/dist/solutions/index.d.ts +12 -10
  224. package/dist/solutions/index.js +5 -5
  225. package/dist/solutions/reactive-layout/browser/index.cjs +116 -108
  226. package/dist/solutions/reactive-layout/browser/index.cjs.map +1 -1
  227. package/dist/solutions/reactive-layout/browser/index.d.cts +4 -4
  228. package/dist/solutions/reactive-layout/browser/index.d.ts +4 -4
  229. package/dist/solutions/reactive-layout/browser/index.js +3 -3
  230. package/dist/solutions/reactive-layout/index.cjs +3578 -3350
  231. package/dist/solutions/reactive-layout/index.cjs.map +1 -1
  232. package/dist/solutions/reactive-layout/index.d.cts +32 -576
  233. package/dist/solutions/reactive-layout/index.d.ts +32 -576
  234. package/dist/solutions/reactive-layout/index.js +65 -5
  235. package/dist/solutions/reactive-layout/node-canvas/index.cjs +127 -117
  236. package/dist/solutions/reactive-layout/node-canvas/index.cjs.map +1 -1
  237. package/dist/solutions/reactive-layout/node-canvas/index.d.cts +4 -4
  238. package/dist/solutions/reactive-layout/node-canvas/index.d.ts +4 -4
  239. package/dist/solutions/reactive-layout/node-canvas/index.js +3 -3
  240. package/dist/solutions/reactive-layout/react-native/index.cjs +127 -117
  241. package/dist/solutions/reactive-layout/react-native/index.cjs.map +1 -1
  242. package/dist/solutions/reactive-layout/react-native/index.d.cts +4 -4
  243. package/dist/solutions/reactive-layout/react-native/index.d.ts +4 -4
  244. package/dist/solutions/reactive-layout/react-native/index.js +3 -3
  245. package/dist/solutions/reactive-layout/skia/index.cjs +127 -117
  246. package/dist/solutions/reactive-layout/skia/index.cjs.map +1 -1
  247. package/dist/solutions/reactive-layout/skia/index.d.cts +4 -4
  248. package/dist/solutions/reactive-layout/skia/index.d.ts +4 -4
  249. package/dist/solutions/reactive-layout/skia/index.js +3 -3
  250. package/dist/solutions/work-item/actions.cjs +1609 -1428
  251. package/dist/solutions/work-item/actions.cjs.map +1 -1
  252. package/dist/solutions/work-item/actions.d.cts +23 -184
  253. package/dist/solutions/work-item/actions.d.ts +23 -184
  254. package/dist/solutions/work-item/actions.js +1558 -934
  255. package/dist/solutions/work-item/actions.js.map +1 -1
  256. package/dist/solutions/work-item/scheduling.cjs +9181 -1838
  257. package/dist/solutions/work-item/scheduling.cjs.map +1 -1
  258. package/dist/solutions/work-item/scheduling.d.cts +1763 -328
  259. package/dist/solutions/work-item/scheduling.d.ts +1763 -328
  260. package/dist/solutions/work-item/scheduling.js +117 -3
  261. package/dist/solutions/work-item/work-queue.d.cts +7 -7
  262. package/dist/solutions/work-item/work-queue.d.ts +7 -7
  263. package/dist/sources/browser.cjs +1318 -1083
  264. package/dist/sources/browser.cjs.map +1 -1
  265. package/dist/sources/browser.d.cts +4 -4
  266. package/dist/sources/browser.d.ts +4 -4
  267. package/dist/sources/browser.js +4 -4
  268. package/dist/sources/index.cjs +1318 -1083
  269. package/dist/sources/index.cjs.map +1 -1
  270. package/dist/sources/index.d.cts +4 -4
  271. package/dist/sources/index.d.ts +4 -4
  272. package/dist/sources/index.js +4 -4
  273. package/dist/sources/node.d.cts +3 -3
  274. package/dist/sources/node.d.ts +3 -3
  275. package/dist/storage/browser.cjs +16 -0
  276. package/dist/storage/browser.cjs.map +1 -1
  277. package/dist/storage/browser.js +3 -3
  278. package/dist/storage/index.cjs +16 -0
  279. package/dist/storage/index.cjs.map +1 -1
  280. package/dist/storage/index.d.cts +5 -4
  281. package/dist/storage/index.d.ts +5 -4
  282. package/dist/storage/index.js +6 -6
  283. package/dist/storage/node.cjs +16 -0
  284. package/dist/storage/node.cjs.map +1 -1
  285. package/dist/storage/node.js +3 -3
  286. package/dist/{store-C-joM4gh.d.ts → store-BmtEs9mG.d.ts} +1 -1
  287. package/dist/{store-CNJwmT-h.d.cts → store-PAAsYvML.d.cts} +1 -1
  288. package/dist/types-BRNKoFHj.d.ts +357 -0
  289. package/dist/{types-CcPIn7sy.d.cts → types-BS6CyR-x.d.cts} +27 -108
  290. package/dist/types-BWK2ay3e.d.cts +457 -0
  291. package/dist/types-BXKSAoE1.d.cts +357 -0
  292. package/dist/types-BaPpZItj.d.ts +457 -0
  293. package/dist/types-BhveCMg5.d.cts +274 -0
  294. package/dist/{types-BsJvElYZ.d.ts → types-C9NOgNJw.d.ts} +27 -108
  295. package/dist/types-CTsQ8Ww4.d.ts +274 -0
  296. package/dist/types-DL_05n2M.d.ts +34 -0
  297. package/dist/types-XDoqxYO9.d.cts +34 -0
  298. package/dist/{work-item-runtime-C3M79vE9.d.ts → work-item-runtime-types-BqtWnSCS.d.ts} +3 -93
  299. package/dist/{work-item-runtime-qaVgsL0T.d.cts → work-item-runtime-types-CHO03AKh.d.cts} +3 -93
  300. package/dist/work-queue/index.cjs +957 -953
  301. package/dist/work-queue/index.cjs.map +1 -1
  302. package/dist/work-queue/index.d.cts +9 -357
  303. package/dist/work-queue/index.d.ts +9 -357
  304. package/dist/work-queue/index.js +957 -953
  305. package/dist/work-queue/index.js.map +1 -1
  306. package/package.json +603 -513
  307. package/dist/chunk-3JR3EDB2.js.map +0 -1
  308. package/dist/chunk-4VLAQHZI.js.map +0 -1
  309. package/dist/chunk-6XAIOL3X.js +0 -2407
  310. package/dist/chunk-6XAIOL3X.js.map +0 -1
  311. package/dist/chunk-FBUU43PM.js.map +0 -1
  312. package/dist/chunk-HKK2JD7Z.js.map +0 -1
  313. package/dist/chunk-PC3BTTBE.js +0 -3217
  314. package/dist/chunk-PC3BTTBE.js.map +0 -1
  315. package/dist/chunk-QFY4AFY4.js.map +0 -1
  316. package/dist/chunk-V7CIJE4B.js.map +0 -1
  317. package/dist/chunk-XKXWK2KP.js.map +0 -1
  318. package/dist/chunk-YDSIVHRR.js.map +0 -1
  319. package/dist/chunk-YXMZ2N6J.js.map +0 -1
  320. /package/dist/{chunk-Z2ANQ6JW.js.map → chunk-4Q77MMJY.js.map} +0 -0
  321. /package/dist/{chunk-IXZBUWSP.js.map → chunk-7HZRJMN6.js.map} +0 -0
  322. /package/dist/{chunk-SS2A464I.js.map → chunk-CJIFGJQG.js.map} +0 -0
  323. /package/dist/{chunk-K3FXTC3I.js.map → chunk-HJACH5PU.js.map} +0 -0
  324. /package/dist/{chunk-GTPCOEOZ.js.map → chunk-IDMLXLLG.js.map} +0 -0
  325. /package/dist/{chunk-DKP56CSW.js.map → chunk-JKAYLDQV.js.map} +0 -0
  326. /package/dist/{chunk-VTHLCFN4.js.map → chunk-RAHNUYA5.js.map} +0 -0
  327. /package/dist/{chunk-CZNV3VXM.js.map → chunk-SIDJO2T4.js.map} +0 -0
  328. /package/dist/{chunk-2747WN4Y.js.map → chunk-TPND5MJS.js.map} +0 -0
  329. /package/dist/{chunk-43BKLFZU.js.map → chunk-YDWBXXQZ.js.map} +0 -0
  330. /package/dist/{chunk-6PHB5CJS.js.map → chunk-ZLFRB6FI.js.map} +0 -0
@@ -0,0 +1,3091 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __export = (target, all) => {
7
+ for (var name in all)
8
+ __defProp(target, name, { get: all[name], enumerable: true });
9
+ };
10
+ var __copyProps = (to, from, except, desc) => {
11
+ if (from && typeof from === "object" || typeof from === "function") {
12
+ for (let key of __getOwnPropNames(from))
13
+ if (!__hasOwnProp.call(to, key) && key !== except)
14
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
+ }
16
+ return to;
17
+ };
18
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
+
20
+ // src/executors/tool-provider-adapters.ts
21
+ var tool_provider_adapters_exports = {};
22
+ __export(tool_provider_adapters_exports, {
23
+ httpToolProviderCatalog: () => httpToolProviderCatalog,
24
+ httpToolProviderRuntime: () => httpToolProviderRuntime,
25
+ localBuiltinToolProviderAdapterPack: () => localBuiltinToolProviderAdapterPack,
26
+ localBuiltinToolProviderBinding: () => localBuiltinToolProviderBinding,
27
+ processToolProviderAdapterPack: () => processToolProviderAdapterPack,
28
+ processToolProviderBinding: () => processToolProviderBinding,
29
+ processToolProviderCatalog: () => processToolProviderCatalog
30
+ });
31
+ module.exports = __toCommonJS(tool_provider_adapters_exports);
32
+ var import_node_child_process = require("child_process");
33
+ var import_node_fs = require("fs");
34
+ var import_node_path = require("path");
35
+
36
+ // src/protocol/messages.ts
37
+ var SENTINEL = void 0;
38
+
39
+ // src/ctx/types.ts
40
+ function depWaves(ctx, depIndex) {
41
+ return ctx.waveData[depIndex] ?? [];
42
+ }
43
+ function depBatch(ctx, depIndex) {
44
+ const waves = depWaves(ctx, depIndex);
45
+ if (waves.length === 0) return null;
46
+ const flattened = waves.flat().filter((v) => v !== SENTINEL);
47
+ return flattened.length === 0 ? [] : flattened;
48
+ }
49
+
50
+ // src/orchestration/agent-runtime-common.ts
51
+ function uniqueSourceRefs(sourceRefs) {
52
+ const seen = /* @__PURE__ */ new Set();
53
+ const unique = [];
54
+ for (const sourceRef of sourceRefs) {
55
+ const key = `${sourceRef.kind}:${sourceRef.id}:${JSON.stringify(sourceRef.metadata ?? {})}`;
56
+ if (seen.has(key)) continue;
57
+ seen.add(key);
58
+ unique.push(sourceRef);
59
+ }
60
+ return Object.freeze(unique);
61
+ }
62
+ function stableJsonStringify(value) {
63
+ const seen = /* @__PURE__ */ new WeakSet();
64
+ return JSON.stringify(value, (_key, child) => {
65
+ if (typeof child === "bigint") return child.toString();
66
+ if (typeof child === "function") return "[Function]";
67
+ if (!isRecord(child) && !Array.isArray(child)) return child;
68
+ if (seen.has(child)) return "[Circular]";
69
+ seen.add(child);
70
+ if (Array.isArray(child)) return child;
71
+ return Object.keys(child).sort().reduce((out, key) => {
72
+ out[key] = child[key];
73
+ return out;
74
+ }, {});
75
+ });
76
+ }
77
+ function stableStringHash(value) {
78
+ let hash = 2166136261;
79
+ for (let i = 0; i < value.length; i += 1) {
80
+ hash ^= value.charCodeAt(i);
81
+ hash = Math.imul(hash, 16777619);
82
+ }
83
+ return (hash >>> 0).toString(36);
84
+ }
85
+ function cloneGraphVisibleMaterial(value) {
86
+ if (!isRecord(value) && !Array.isArray(value)) return value;
87
+ if (Array.isArray(value))
88
+ return Object.freeze(value.map((item) => cloneGraphVisibleMaterial(item)));
89
+ return Object.freeze(
90
+ Object.entries(value).reduce((record, [key, child]) => {
91
+ record[key] = cloneGraphVisibleMaterial(child);
92
+ return record;
93
+ }, {})
94
+ );
95
+ }
96
+ function projectRuntimeFact(graph, runtime, name, factory, pick) {
97
+ return graph.node(
98
+ [runtime],
99
+ (ctx) => {
100
+ for (const fact of depBatch(ctx, 0) ?? []) {
101
+ const typed = fact;
102
+ const value = pick(typed);
103
+ if (value !== void 0) ctx.down([["DATA", value]]);
104
+ }
105
+ },
106
+ { name, factory }
107
+ );
108
+ }
109
+ function forEachDepBatch(ctx, start, count, fn) {
110
+ for (let i = 0; i < count; i += 1) {
111
+ for (const value of depBatch(ctx, start + i) ?? []) fn(value);
112
+ }
113
+ }
114
+ function forbiddenDataKeys(value, path = [], seen = /* @__PURE__ */ new WeakSet()) {
115
+ if (typeof value === "function") return [{ path, reason: "function-value" }];
116
+ if (typeof value === "symbol" || typeof value === "bigint") {
117
+ return [{ path, reason: "non-graph-visible-primitive" }];
118
+ }
119
+ if (!isRecord(value) && !Array.isArray(value)) return [];
120
+ if (typeof value === "object" && value !== null) {
121
+ if (seen.has(value)) return [];
122
+ seen.add(value);
123
+ }
124
+ const issues = [];
125
+ if (Array.isArray(value)) {
126
+ value.forEach((item, index) => {
127
+ issues.push(...forbiddenDataKeys(item, [...path, index], seen));
128
+ });
129
+ return issues;
130
+ }
131
+ if (!isPlainRecord(value)) return [{ path, reason: "non-plain-runtime-object" }];
132
+ const symbolKeys = Object.getOwnPropertySymbols(value);
133
+ if (symbolKeys.length > 0) {
134
+ issues.push({ path, reason: "symbol-key" });
135
+ }
136
+ for (const [key, child] of Object.entries(value)) {
137
+ const nextPath = [...path, key];
138
+ if (/^(apiKey|api_key|secret|client|transport|subprocess|sdk|oauth|credential|credentials|accessToken|access_token|refreshToken|refresh_token|idToken|id_token|token|password|passphrase|authorization|authHeader|auth_header|bearer|privateKey|private_key|sessionCookie|session_cookie|cookie)$/i.test(
139
+ key
140
+ )) {
141
+ issues.push({ path: nextPath, reason: "forbidden-runtime-key" });
142
+ }
143
+ issues.push(...forbiddenDataKeys(child, nextPath, seen));
144
+ }
145
+ return issues;
146
+ }
147
+ function forbiddenGraphVisibleMaterialIssues(value, subjectRef, area) {
148
+ if (value === void 0) return [];
149
+ const forbidden = publicMaterialForbiddenKeys(value, "provider");
150
+ if (forbidden.length === 0) return [];
151
+ return Object.freeze(
152
+ forbidden.map(
153
+ (entry) => dataIssue(
154
+ "tool-provider-catalog-forbidden-runtime-material",
155
+ "Tool provider catalog material must not contain runtime-private adapter material.",
156
+ { subjectId: subjectRef.id, refs: [subjectRef], details: { area, reason: entry.reason } }
157
+ )
158
+ )
159
+ );
160
+ }
161
+ function sanitizeAdapterInputSourceRefs(sourceRefs) {
162
+ return canonicalPublicSourceRefs(sourceRefs);
163
+ }
164
+ function sanitizeGraphVisibleRecord(value, policy) {
165
+ return sanitizePublicRecord(value, { mode: "graph", policy });
166
+ }
167
+ function sanitizeProviderGraphVisibleRecord(value, policy) {
168
+ return sanitizePublicRecord(value, { mode: "provider", policy });
169
+ }
170
+ function canonicalPublicSourceRefs(sourceRefs) {
171
+ return uniqueSourceRefs(
172
+ sourceRefs.map((sourceRef) => {
173
+ const metadata = sanitizePublicRecord(sourceRef.metadata, { mode: "provider" });
174
+ return metadata === void 0 ? { kind: sourceRef.kind, id: sourceRef.id } : { kind: sourceRef.kind, id: sourceRef.id, metadata };
175
+ })
176
+ );
177
+ }
178
+ function sanitizePublicRecord(value, opts) {
179
+ if (value === void 0 || publicMaterialForbiddenKeys(value, opts.mode).length > 0) {
180
+ return void 0;
181
+ }
182
+ return Object.freeze(boundRecordStrings(value, maxPublicMetadataStringChars(opts.policy)));
183
+ }
184
+ function publicMaterialForbiddenKeys(value, mode) {
185
+ const forbidden = [...forbiddenDataKeys(value)];
186
+ if (mode === "provider") forbidden.push(...forbiddenProviderRawMaterialKeys(value));
187
+ return forbidden;
188
+ }
189
+ function unlockedToolProviderPolicyOverrides(overrides) {
190
+ if (overrides === void 0) return void 0;
191
+ const rest = { ...overrides };
192
+ delete rest.kind;
193
+ delete rest.policyId;
194
+ delete rest.providerId;
195
+ return rest;
196
+ }
197
+ function sanitizeAgentOutputEnvelope(envelope, input, policy, issues) {
198
+ const summary = envelope.summary === void 0 ? void 0 : boundedPublicText(envelope.summary, "summary", input, policy, issues);
199
+ const metadata = sanitizeRuntimeMetadata(envelope.metadata, input, policy, issues);
200
+ if (metadata === void 0 && envelope.metadata !== void 0) {
201
+ issues.push(
202
+ dataIssue(
203
+ "tool-provider-adapter-runtime-metadata-redacted",
204
+ "Tool provider adapter runtime metadata was omitted because it contained runtime-private material.",
205
+ {
206
+ subjectId: input.requestId,
207
+ refs: [ref("tool-provider-adapter-input", input.adapterInputId)],
208
+ severity: "warning"
209
+ }
210
+ )
211
+ );
212
+ }
213
+ const value = sanitizeInlineOutputValue(envelope.value, input, policy, issues);
214
+ return Object.freeze({
215
+ kind: envelope.kind,
216
+ value,
217
+ refs: envelope.refs === void 0 ? void 0 : sanitizeAdapterInputSourceRefs(envelope.refs),
218
+ summary,
219
+ artifacts: envelope.artifacts === void 0 ? void 0 : Object.freeze(
220
+ envelope.artifacts.map(
221
+ (artifact) => sanitizeExecutorArtifactMaterial(artifact, input, policy, issues)
222
+ )
223
+ ),
224
+ metadata
225
+ });
226
+ }
227
+ function sanitizeExecutorArtifactMaterial(artifact, input, policy, issues) {
228
+ const metadata = sanitizeRuntimeMetadata(artifact.metadata, input, policy, issues);
229
+ const redaction = sanitizeRuntimeMetadata(artifact.redaction, input, policy, issues);
230
+ return Object.freeze({
231
+ kind: artifact.kind,
232
+ ...artifact.format === void 0 ? {} : { format: artifact.format },
233
+ ...artifact.schemaRef === void 0 ? {} : { schemaRef: artifact.schemaRef },
234
+ ...artifact.schemaKind === void 0 ? {} : { schemaKind: artifact.schemaKind },
235
+ ...artifact.mimeType === void 0 ? {} : { mimeType: artifact.mimeType },
236
+ ...artifact.mediaType === void 0 ? {} : { mediaType: artifact.mediaType },
237
+ ...artifact.filename === void 0 ? {} : { filename: artifact.filename },
238
+ ...artifact.byteLength === void 0 ? {} : { byteLength: artifact.byteLength },
239
+ ...artifact.digest === void 0 ? {} : { digest: artifact.digest },
240
+ ...artifact.encoding === void 0 ? {} : { encoding: artifact.encoding },
241
+ dataMode: artifact.dataMode,
242
+ ...artifact.summary === void 0 ? {} : { summary: boundedPublicText(artifact.summary, "summary", input, policy, issues) },
243
+ ...artifact.value === void 0 ? {} : { value: sanitizeInlineOutputValue(artifact.value, input, policy, issues) },
244
+ ...artifact.ref === void 0 ? {} : { ref: sanitizeAdapterInputSourceRefs([artifact.ref])[0] },
245
+ ...artifact.refs === void 0 ? {} : { refs: sanitizeAdapterInputSourceRefs(artifact.refs) },
246
+ ...artifact.sourceRefs === void 0 ? {} : { sourceRefs: sanitizeAdapterInputSourceRefs(artifact.sourceRefs) },
247
+ ...artifact.sizeEvidence === void 0 ? {} : {
248
+ sizeEvidence: Object.freeze(
249
+ artifact.sizeEvidence.map(
250
+ (evidence) => sanitizeSizeCapacityEvidence(evidence, input, policy, issues)
251
+ )
252
+ )
253
+ },
254
+ ...artifact.sensitivity === void 0 ? {} : { sensitivity: Object.freeze([...artifact.sensitivity]) },
255
+ ...redaction === void 0 ? {} : { redaction },
256
+ ...metadata === void 0 ? {} : { metadata }
257
+ });
258
+ }
259
+ function sanitizeSizeCapacityEvidence(evidence, input, policy, issues) {
260
+ const metadata = sanitizeRuntimeMetadata(evidence.metadata, input, policy, issues);
261
+ const redaction = sanitizeRuntimeMetadata(evidence.redaction, input, policy, issues);
262
+ return Object.freeze({
263
+ kind: "size-capacity-evidence",
264
+ unit: evidence.unit,
265
+ quantity: evidence.quantity,
266
+ measurementSource: evidence.measurementSource,
267
+ ...evidence.estimated === void 0 ? {} : { estimated: evidence.estimated },
268
+ ...evidence.encoding === void 0 ? {} : { encoding: evidence.encoding },
269
+ ...evidence.mediaType === void 0 ? {} : { mediaType: evidence.mediaType },
270
+ ...evidence.sourceRefs === void 0 ? {} : { sourceRefs: sanitizeAdapterInputSourceRefs(evidence.sourceRefs) },
271
+ ...evidence.refs === void 0 ? {} : { refs: sanitizeAdapterInputSourceRefs(evidence.refs) },
272
+ ...evidence.issues === void 0 ? {} : {
273
+ issues: Object.freeze(evidence.issues.map((issue2) => sanitizeAdapterInputIssue(issue2)))
274
+ },
275
+ ...evidence.sensitivity === void 0 ? {} : { sensitivity: Object.freeze([...evidence.sensitivity]) },
276
+ ...redaction === void 0 ? {} : { redaction },
277
+ ...metadata === void 0 ? {} : { metadata }
278
+ });
279
+ }
280
+ function sanitizeAgentNeed(need, input, policy, issues) {
281
+ const metadata = sanitizeRuntimeMetadata(need.metadata, input, policy, issues);
282
+ if (metadata === void 0 && need.metadata !== void 0) {
283
+ issues.push(
284
+ dataIssue(
285
+ "tool-provider-adapter-runtime-metadata-redacted",
286
+ "Tool provider adapter runtime metadata was omitted because it contained runtime-private material.",
287
+ {
288
+ subjectId: input.requestId,
289
+ refs: [ref("tool-provider-adapter-input", input.adapterInputId)],
290
+ severity: "warning"
291
+ }
292
+ )
293
+ );
294
+ }
295
+ return Object.freeze({
296
+ kind: need.kind,
297
+ message: need.message === void 0 ? void 0 : boundedPublicText(need.message, "message", input, policy, issues),
298
+ refs: need.refs === void 0 ? void 0 : sanitizeAdapterInputSourceRefs(need.refs),
299
+ metadata
300
+ });
301
+ }
302
+ function sanitizeRuntimeMetadata(value, input, policy, issues) {
303
+ if (value === void 0) return void 0;
304
+ const bounded = sanitizePublicRecordWithEvidence(value, { mode: "provider", policy });
305
+ if (bounded === void 0) return void 0;
306
+ for (const entry of bounded.truncated) {
307
+ issues.push(
308
+ dataIssue(
309
+ "tool-provider-adapter-runtime-public-text-truncated",
310
+ "Tool provider adapter runtime public text was truncated; large/raw material must use artifact summary/ref envelopes.",
311
+ {
312
+ subjectId: input.requestId,
313
+ refs: [ref("tool-provider-adapter-input", input.adapterInputId)],
314
+ severity: "warning",
315
+ details: {
316
+ field: "metadata",
317
+ path: entry.path.join("."),
318
+ originalChars: entry.originalChars,
319
+ limitChars: entry.limitChars,
320
+ unit: "chars",
321
+ measurementSource: "js-string-length"
322
+ }
323
+ }
324
+ )
325
+ );
326
+ }
327
+ return Object.freeze(bounded.value);
328
+ }
329
+ function sanitizePublicRecordWithEvidence(value, opts) {
330
+ if (publicMaterialForbiddenKeys(value, opts.mode).length > 0) return void 0;
331
+ return boundRecordStringsWithEvidence(value, maxPublicMetadataStringChars(opts.policy));
332
+ }
333
+ function sanitizeInlineOutputValue(value, input, policy, issues) {
334
+ if (value === void 0) return void 0;
335
+ const forbidden = [
336
+ ...publicMaterialForbiddenKeys(value, "provider"),
337
+ ...oversizedInlineTextKeys(value, maxPublicSummaryChars(policy))
338
+ ];
339
+ if (forbidden.length === 0) return cloneGraphVisibleMaterial(value);
340
+ for (const entry of forbidden) {
341
+ issues.push(
342
+ dataIssue(
343
+ "tool-provider-adapter-runtime-forbidden-runtime-material",
344
+ "Tool provider adapter runtime output value must not inline runtime-private, raw, or oversized provider material.",
345
+ {
346
+ subjectId: input.requestId,
347
+ refs: [ref("tool-provider-adapter-input", input.adapterInputId)],
348
+ details: { reason: entry.reason }
349
+ }
350
+ )
351
+ );
352
+ }
353
+ return void 0;
354
+ }
355
+ function boundedPublicText(text, field, input, policy, issues) {
356
+ const limit = field === "summary" ? maxPublicSummaryChars(policy) : field === "reason" ? maxPublicReasonChars(policy) : maxPublicMessageChars(policy);
357
+ const bounded = boundPublicText(text, limit);
358
+ if (!bounded.truncated) return bounded.text;
359
+ issues.push(
360
+ dataIssue(
361
+ "tool-provider-adapter-runtime-public-text-truncated",
362
+ "Tool provider adapter runtime public text was truncated; large/raw material must use artifact summary/ref envelopes.",
363
+ {
364
+ subjectId: input.requestId,
365
+ refs: [ref("tool-provider-adapter-input", input.adapterInputId)],
366
+ severity: "warning",
367
+ details: {
368
+ field,
369
+ originalChars: bounded.originalChars,
370
+ limitChars: bounded.limitChars,
371
+ unit: "chars",
372
+ measurementSource: "js-string-length"
373
+ }
374
+ }
375
+ )
376
+ );
377
+ return bounded.text;
378
+ }
379
+ function boundPublicText(text, limitChars) {
380
+ const limit = Math.max(0, limitChars);
381
+ if (text.length <= limit) {
382
+ return { text, truncated: false, originalChars: text.length, limitChars: limit };
383
+ }
384
+ const bounded = limit <= 1 ? text.slice(0, limit) : limit <= 3 ? text.slice(0, limit) : `${text.slice(0, limit - 3)}...`;
385
+ return { text: bounded, truncated: true, originalChars: text.length, limitChars: limit };
386
+ }
387
+ function boundRecordStrings(value, limitChars, seen = /* @__PURE__ */ new WeakSet()) {
388
+ if (seen.has(value)) return {};
389
+ seen.add(value);
390
+ return Object.entries(value).reduce((out, [key, child]) => {
391
+ if (typeof child === "string") {
392
+ out[key] = boundPublicText(child, limitChars).text;
393
+ } else if (Array.isArray(child)) {
394
+ out[key] = child.map(
395
+ (item) => typeof item === "string" ? boundPublicText(item, limitChars).text : isPlainRecord(item) ? boundRecordStrings(item, limitChars, seen) : item
396
+ );
397
+ } else if (isPlainRecord(child)) {
398
+ out[key] = boundRecordStrings(child, limitChars, seen);
399
+ } else {
400
+ out[key] = child;
401
+ }
402
+ return out;
403
+ }, {});
404
+ }
405
+ function boundRecordStringsWithEvidence(value, limitChars, path = [], seen = /* @__PURE__ */ new WeakSet()) {
406
+ if (seen.has(value)) return { value: {}, truncated: [] };
407
+ seen.add(value);
408
+ const truncated = [];
409
+ const out = Object.entries(value).reduce((record, [key, child]) => {
410
+ const childPath = [...path, key];
411
+ if (typeof child === "string") {
412
+ const bounded = boundPublicText(child, limitChars);
413
+ record[key] = bounded.text;
414
+ if (bounded.truncated) {
415
+ truncated.push({
416
+ path: childPath,
417
+ originalChars: bounded.originalChars,
418
+ limitChars: bounded.limitChars
419
+ });
420
+ }
421
+ } else if (Array.isArray(child)) {
422
+ record[key] = child.map((item, index) => {
423
+ const itemPath = [...childPath, index];
424
+ if (typeof item === "string") {
425
+ const bounded = boundPublicText(item, limitChars);
426
+ if (bounded.truncated) {
427
+ truncated.push({
428
+ path: itemPath,
429
+ originalChars: bounded.originalChars,
430
+ limitChars: bounded.limitChars
431
+ });
432
+ }
433
+ return bounded.text;
434
+ }
435
+ if (isPlainRecord(item)) {
436
+ const nested = boundRecordStringsWithEvidence(item, limitChars, itemPath, seen);
437
+ truncated.push(...nested.truncated);
438
+ return nested.value;
439
+ }
440
+ return item;
441
+ });
442
+ } else if (isPlainRecord(child)) {
443
+ const nested = boundRecordStringsWithEvidence(child, limitChars, childPath, seen);
444
+ record[key] = nested.value;
445
+ truncated.push(...nested.truncated);
446
+ } else {
447
+ record[key] = child;
448
+ }
449
+ return record;
450
+ }, {});
451
+ return { value: out, truncated };
452
+ }
453
+ function sanitizeIssueDetails(details, policy) {
454
+ if (details === void 0) return void 0;
455
+ if (publicMaterialForbiddenKeys(details, "provider").length > 0) {
456
+ return { redacted: true, reason: "forbidden-runtime-material" };
457
+ }
458
+ const bounded = boundUnknownStringsWithEvidence(details, maxPublicMetadataStringChars(policy));
459
+ if (bounded.truncated.length === 0) return bounded.value;
460
+ const detailsTruncated = {
461
+ detailsTruncated: true,
462
+ detailsTruncatedPaths: bounded.truncated.map((entry) => entry.path.join(".")),
463
+ measurementSource: "js-string-length"
464
+ };
465
+ if (isPlainRecord(bounded.value)) {
466
+ return Object.freeze({ ...bounded.value, ...detailsTruncated });
467
+ }
468
+ return Object.freeze({ value: bounded.value, ...detailsTruncated });
469
+ }
470
+ function boundUnknownStringsWithEvidence(value, limitChars, path = [], seen = /* @__PURE__ */ new WeakSet()) {
471
+ if (typeof value === "string") {
472
+ const bounded = boundPublicText(value, limitChars);
473
+ return {
474
+ value: bounded.text,
475
+ truncated: bounded.truncated ? [{ path, originalChars: bounded.originalChars, limitChars: bounded.limitChars }] : []
476
+ };
477
+ }
478
+ if (!isRecord(value) && !Array.isArray(value)) return { value, truncated: [] };
479
+ if (typeof value === "object" && value !== null) {
480
+ if (seen.has(value)) return { value: Array.isArray(value) ? [] : {}, truncated: [] };
481
+ seen.add(value);
482
+ }
483
+ const truncated = [];
484
+ if (Array.isArray(value)) {
485
+ const out2 = value.map((item, index) => {
486
+ const bounded = boundUnknownStringsWithEvidence(item, limitChars, [...path, index], seen);
487
+ truncated.push(...bounded.truncated);
488
+ return bounded.value;
489
+ });
490
+ return { value: out2, truncated };
491
+ }
492
+ const out = Object.entries(value).reduce((record, [key, child]) => {
493
+ const bounded = boundUnknownStringsWithEvidence(child, limitChars, [...path, key], seen);
494
+ record[key] = bounded.value;
495
+ truncated.push(...bounded.truncated);
496
+ return record;
497
+ }, {});
498
+ return { value: out, truncated };
499
+ }
500
+ function oversizedInlineTextKeys(value, limitChars, path = [], seen = /* @__PURE__ */ new WeakSet()) {
501
+ if (typeof value === "string") {
502
+ return value.length > Math.max(0, limitChars) ? [{ path, reason: "oversized-inline-text" }] : [];
503
+ }
504
+ if (!isRecord(value) && !Array.isArray(value)) return [];
505
+ if (typeof value === "object" && value !== null) {
506
+ if (seen.has(value)) return [];
507
+ seen.add(value);
508
+ }
509
+ const issues = [];
510
+ if (Array.isArray(value)) {
511
+ value.forEach((item, index) => {
512
+ issues.push(...oversizedInlineTextKeys(item, limitChars, [...path, index], seen));
513
+ });
514
+ return issues;
515
+ }
516
+ for (const [key, child] of Object.entries(value)) {
517
+ issues.push(...oversizedInlineTextKeys(child, limitChars, [...path, key], seen));
518
+ }
519
+ return issues;
520
+ }
521
+ function maxPublicMessageChars(policy) {
522
+ return normalizedPublicTextLimit(policy?.maxMessageChars, 512);
523
+ }
524
+ function maxPublicSummaryChars(policy) {
525
+ return normalizedPublicTextLimit(policy?.maxSummaryChars, 512);
526
+ }
527
+ function maxPublicReasonChars(policy) {
528
+ return normalizedPublicTextLimit(policy?.maxReasonChars, 512);
529
+ }
530
+ function maxPublicMetadataStringChars(policy) {
531
+ return normalizedPublicTextLimit(policy?.maxMetadataStringChars, 256);
532
+ }
533
+ function normalizedPublicTextLimit(value, fallback) {
534
+ if (value === void 0 || !Number.isFinite(value)) return fallback;
535
+ return Math.max(0, Math.floor(value));
536
+ }
537
+ function sanitizeAdapterInputIssue(issue2, policy) {
538
+ const boundedMessage = boundPublicText(issue2.message, maxPublicMessageChars(policy));
539
+ const details = sanitizeIssueDetails(issue2.details, policy);
540
+ const metadata = sanitizeProviderGraphVisibleRecord(issue2.metadata, policy);
541
+ const refs = issue2.refs === void 0 ? void 0 : Object.freeze(issue2.refs.filter((entry) => typeof entry === "string"));
542
+ return Object.freeze({
543
+ kind: issue2.kind,
544
+ code: issue2.code,
545
+ ...issue2.source === void 0 ? {} : { source: issue2.source },
546
+ message: boundedMessage.text,
547
+ severity: issue2.severity,
548
+ subjectId: issue2.subjectId,
549
+ ...issue2.correlationId === void 0 ? {} : { correlationId: issue2.correlationId },
550
+ ...issue2.causationId === void 0 ? {} : { causationId: issue2.causationId },
551
+ ...issue2.path === void 0 ? {} : { path: Object.freeze([...issue2.path]) },
552
+ ...refs === void 0 || refs.length === 0 ? {} : { refs },
553
+ ...issue2.retryable === void 0 ? {} : { retryable: issue2.retryable },
554
+ details: boundedMessage.truncated || details !== issue2.details ? {
555
+ ...isRecord(details) ? details : {},
556
+ ...boundedMessage.truncated ? {
557
+ truncated: true,
558
+ originalChars: boundedMessage.originalChars,
559
+ limitChars: boundedMessage.limitChars,
560
+ measurementSource: "js-string-length"
561
+ } : {}
562
+ } : details,
563
+ ...metadata === void 0 ? {} : { metadata }
564
+ });
565
+ }
566
+ function forbiddenProviderRawMaterialKeys(value, path = [], seen = /* @__PURE__ */ new WeakSet()) {
567
+ if (!isRecord(value) && !Array.isArray(value)) return [];
568
+ if (typeof value === "object" && value !== null) {
569
+ if (seen.has(value)) return [];
570
+ seen.add(value);
571
+ }
572
+ const issues = [];
573
+ if (Array.isArray(value)) {
574
+ value.forEach((item, index) => {
575
+ issues.push(...forbiddenProviderRawMaterialKeys(item, [...path, index], seen));
576
+ });
577
+ return issues;
578
+ }
579
+ for (const [key, child] of Object.entries(value)) {
580
+ const nextPath = [...path, key];
581
+ if (/^(stdout|stderr|stack|stackTrace|stack_trace|providerRaw|provider_raw|rawResponse|raw_response|diff|patch|fileContents|file_contents|binary|media)$/i.test(
582
+ key
583
+ )) {
584
+ issues.push({ path: nextPath, reason: "raw-provider-material" });
585
+ }
586
+ issues.push(...forbiddenProviderRawMaterialKeys(child, nextPath, seen));
587
+ }
588
+ return issues;
589
+ }
590
+ function dataIssue(code, message, opts = {}) {
591
+ return {
592
+ kind: "issue",
593
+ code,
594
+ message,
595
+ severity: opts.severity ?? "error",
596
+ subjectId: opts.subjectId,
597
+ refs: opts.refs?.map((r) => `${r.kind}:${r.id}`),
598
+ details: opts.details
599
+ };
600
+ }
601
+ function ref(kind, id) {
602
+ return { kind, id };
603
+ }
604
+ function isRecord(value) {
605
+ return typeof value === "object" && value !== null && !Array.isArray(value);
606
+ }
607
+ function isPlainRecord(value) {
608
+ if (!isRecord(value)) return false;
609
+ const proto = Object.getPrototypeOf(value);
610
+ return proto === Object.prototype || proto === null;
611
+ }
612
+
613
+ // src/orchestration/agent-runtime-adapter-run.ts
614
+ function requestToolProviderAdapterRun(input, opts = {}) {
615
+ const attempt = opts.attempt ?? 1;
616
+ return Object.freeze({
617
+ kind: "tool-provider-adapter-run-requested",
618
+ runId: opts.runId ?? defaultToolProviderAdapterRunId(input.adapterInputId, attempt, input),
619
+ adapterInputId: input.adapterInputId,
620
+ requestId: input.requestId,
621
+ operationId: input.operationId,
622
+ routeId: input.routeId,
623
+ providerId: input.providerId,
624
+ executorId: input.executorId,
625
+ profileId: input.profileId,
626
+ attempt,
627
+ reason: sanitizeToolProviderAdapterRunReason(opts.reason, attempt),
628
+ retryOfOutcomeId: opts.retryOfOutcomeId,
629
+ policyRefs: sanitizeAdapterInputSourceRefs(opts.policyRefs ?? input.policyRefs ?? []),
630
+ sourceRefs: sanitizeAdapterInputSourceRefs([
631
+ ref("tool-provider-adapter-input", input.adapterInputId),
632
+ ...input.sourceRefs ?? [],
633
+ ...opts.sourceRefs ?? []
634
+ ]),
635
+ metadata: sanitizeProviderGraphVisibleRecord(opts.metadata),
636
+ requestedAtMs: opts.requestedAtMs
637
+ });
638
+ }
639
+ function toolProviderAdapterRunProjector(graph, opts) {
640
+ return toolProviderAdapterRunProjectorInternal(graph, opts);
641
+ }
642
+ function toolProviderAdapterRunProjectorInternal(graph, opts) {
643
+ const name = opts.name ?? "toolProviderAdapterRun";
644
+ const explicitRunDeps = opts.runRequests ?? [];
645
+ const autoRunReadyInputs = opts.autoRunReadyInputs ?? true;
646
+ const runtime = graph.node(
647
+ [opts.inputs, ...explicitRunDeps],
648
+ (ctx) => {
649
+ const state = ctx.state.get() ?? {
650
+ inputs: /* @__PURE__ */ new Map(),
651
+ emittedKeys: /* @__PURE__ */ new Set(),
652
+ statusKeys: /* @__PURE__ */ new Set(),
653
+ issueKeys: /* @__PURE__ */ new Set(),
654
+ auditSeq: 0
655
+ };
656
+ for (const raw of depBatch(ctx, 0) ?? []) {
657
+ const input = raw;
658
+ state.inputs.set(input.adapterInputId, input);
659
+ opts.privateRetentionHooks?.onAdapterInputKey?.({
660
+ adapterInputId: input.adapterInputId,
661
+ dropInput: () => {
662
+ state.inputs.delete(input.adapterInputId);
663
+ }
664
+ });
665
+ if (input.status !== "ready") continue;
666
+ if (autoRunReadyInputs) {
667
+ emitRunRequested(
668
+ ctx,
669
+ state,
670
+ requestToolProviderAdapterRun(input, {
671
+ requestedAtMs: opts.now?.()
672
+ }),
673
+ opts.privateRetentionHooks
674
+ );
675
+ } else if (explicitRunDeps.length === 0) {
676
+ emitRunIssue(
677
+ ctx,
678
+ state,
679
+ "tool-provider-adapter-run-request-missing",
680
+ "Ready tool provider adapter input has no visible run request.",
681
+ input.adapterInputId,
682
+ [ref("tool-provider-adapter-input", input.adapterInputId)],
683
+ opts.privateRetentionHooks
684
+ );
685
+ emitRunStatus(
686
+ ctx,
687
+ state,
688
+ {
689
+ kind: "tool-provider-adapter-run-status",
690
+ runId: defaultToolProviderAdapterRunId(input.adapterInputId, 1, input),
691
+ adapterInputId: input.adapterInputId,
692
+ requestId: input.requestId,
693
+ operationId: input.operationId,
694
+ status: "missing-request",
695
+ attempt: 1,
696
+ sourceRefs: [ref("tool-provider-adapter-input", input.adapterInputId)]
697
+ },
698
+ opts.privateRetentionHooks
699
+ );
700
+ }
701
+ }
702
+ forEachDepBatch(ctx, 1, explicitRunDeps.length, (raw) => {
703
+ if (!isToolProviderAdapterRunRequestedLike(raw)) {
704
+ const request2 = fallbackToolProviderAdapterRunRequest(raw, opts.publicText);
705
+ const issue2 = dataIssue(
706
+ "tool-provider-adapter-run-request-invalid-shape",
707
+ "Tool provider adapter run request must be a data object with runId, adapterInputId, requestId, operationId, and attempt.",
708
+ {
709
+ subjectId: request2.adapterInputId,
710
+ refs: [ref("tool-provider-adapter-run", request2.runId)]
711
+ }
712
+ );
713
+ emitRunIssueFact(ctx, state, issue2, opts.privateRetentionHooks);
714
+ emitRunStatus(
715
+ ctx,
716
+ state,
717
+ {
718
+ kind: "tool-provider-adapter-run-status",
719
+ runId: request2.runId,
720
+ adapterInputId: request2.adapterInputId,
721
+ requestId: request2.requestId,
722
+ operationId: request2.operationId,
723
+ status: "mismatched-request",
724
+ attempt: request2.attempt,
725
+ issues: [issue2],
726
+ sourceRefs: request2.sourceRefs
727
+ },
728
+ opts.privateRetentionHooks
729
+ );
730
+ emitRunAudit(ctx, state, "tool-provider-adapter-run-request-invalid-shape", request2, {
731
+ issueCode: issue2.code
732
+ });
733
+ return;
734
+ }
735
+ const request = raw;
736
+ const input = state.inputs.get(request.adapterInputId);
737
+ if (input === void 0) {
738
+ const replayClassification = opts.privateRetentionHooks?.classifyRetainedRunRequestReplayEvidence?.(request);
739
+ if (replayClassification?.kind === "retention-gap") {
740
+ emitRunRequested(
741
+ ctx,
742
+ state,
743
+ sanitizeRetainedToolProviderAdapterRunRequest(request, opts.publicText),
744
+ opts.privateRetentionHooks
745
+ );
746
+ return;
747
+ }
748
+ const issue2 = dataIssue(
749
+ "tool-provider-adapter-run-request-missing-input",
750
+ "Tool provider adapter run request references an unknown adapter input.",
751
+ {
752
+ subjectId: request.adapterInputId,
753
+ refs: sanitizeAdapterInputSourceRefs([
754
+ ref("tool-provider-adapter-run", request.runId),
755
+ ...request.sourceRefs ?? []
756
+ ])
757
+ }
758
+ );
759
+ emitRunIssueFact(ctx, state, issue2, opts.privateRetentionHooks);
760
+ emitRunStatus(
761
+ ctx,
762
+ state,
763
+ {
764
+ kind: "tool-provider-adapter-run-status",
765
+ runId: request.runId,
766
+ adapterInputId: request.adapterInputId,
767
+ requestId: request.requestId,
768
+ operationId: request.operationId,
769
+ status: "missing-input",
770
+ attempt: request.attempt,
771
+ issues: [issue2],
772
+ sourceRefs: sanitizeAdapterInputSourceRefs(request.sourceRefs ?? [])
773
+ },
774
+ opts.privateRetentionHooks
775
+ );
776
+ return;
777
+ }
778
+ const issues = runRequestIdentityIssues(request, input);
779
+ if (input.status !== "ready") {
780
+ issues.push(
781
+ dataIssue(
782
+ "tool-provider-adapter-run-request-input-not-ready",
783
+ "Tool provider adapter run request requires a ready adapter input.",
784
+ {
785
+ subjectId: input.requestId,
786
+ refs: [ref("tool-provider-adapter-input", input.adapterInputId)],
787
+ details: { status: input.status }
788
+ }
789
+ )
790
+ );
791
+ }
792
+ if (issues.length > 0) {
793
+ for (const issue2 of issues)
794
+ emitRunIssueFact(ctx, state, issue2, opts.privateRetentionHooks);
795
+ emitRunStatus(
796
+ ctx,
797
+ state,
798
+ {
799
+ kind: "tool-provider-adapter-run-status",
800
+ runId: request.runId,
801
+ adapterInputId: request.adapterInputId,
802
+ requestId: request.requestId,
803
+ operationId: request.operationId,
804
+ status: "mismatched-request",
805
+ attempt: request.attempt,
806
+ issues: Object.freeze(issues),
807
+ sourceRefs: sanitizeAdapterInputSourceRefs(request.sourceRefs ?? [])
808
+ },
809
+ opts.privateRetentionHooks
810
+ );
811
+ emitRunAudit(ctx, state, "tool-provider-adapter-run-request-rejected", request, {
812
+ issueCodes: issues.map((issue2) => issue2.code)
813
+ });
814
+ return;
815
+ }
816
+ emitRunRequested(
817
+ ctx,
818
+ state,
819
+ sanitizeToolProviderAdapterRunRequest(request, input, opts.publicText),
820
+ opts.privateRetentionHooks
821
+ );
822
+ });
823
+ ctx.state.set(state);
824
+ },
825
+ { name: `${name}/runtime`, factory: "toolProviderAdapterRunProjector", partial: true }
826
+ );
827
+ return {
828
+ requests: projectRuntimeFact(
829
+ graph,
830
+ runtime,
831
+ `${name}/requests`,
832
+ "toolProviderAdapterRunRequests",
833
+ (fact) => fact.kind === "request" ? fact.request : void 0
834
+ ),
835
+ status: projectRuntimeFact(
836
+ graph,
837
+ runtime,
838
+ `${name}/status`,
839
+ "toolProviderAdapterRunStatus",
840
+ (fact) => fact.kind === "status" ? fact.status : void 0
841
+ ),
842
+ issues: projectRuntimeFact(
843
+ graph,
844
+ runtime,
845
+ `${name}/issues`,
846
+ "toolProviderAdapterRunIssues",
847
+ (fact) => fact.kind === "issue" ? fact.issue : void 0
848
+ ),
849
+ audit: projectRuntimeFact(
850
+ graph,
851
+ runtime,
852
+ `${name}/audit`,
853
+ "toolProviderAdapterRunAudit",
854
+ (fact) => fact.kind === "audit" ? fact.audit : void 0
855
+ )
856
+ };
857
+ }
858
+ function defaultToolProviderAdapterRunId(adapterInputId, attempt, input) {
859
+ const suffix = input === void 0 ? "" : `:${stableStringHash(stableJsonStringify(input))}`;
860
+ return `${adapterInputId}:run-${attempt}${suffix}`;
861
+ }
862
+ function sanitizeToolProviderAdapterRunReason(reason, attempt, policy) {
863
+ const value = reason ?? (attempt === 1 ? "initial" : "retry");
864
+ return boundPublicText(value, maxPublicReasonChars(policy)).text;
865
+ }
866
+ function sanitizeToolProviderAdapterRunRequest(request, input, policy) {
867
+ return Object.freeze({
868
+ ...request,
869
+ reason: sanitizeToolProviderAdapterRunReason(request.reason, request.attempt, policy),
870
+ policyRefs: sanitizeAdapterInputSourceRefs(request.policyRefs ?? input.policyRefs ?? []),
871
+ sourceRefs: sanitizeAdapterInputSourceRefs([
872
+ ref("tool-provider-adapter-input", input.adapterInputId),
873
+ ...input.sourceRefs ?? [],
874
+ ...request.sourceRefs ?? []
875
+ ]),
876
+ metadata: sanitizeProviderGraphVisibleRecord(request.metadata)
877
+ });
878
+ }
879
+ function sanitizeRetainedToolProviderAdapterRunRequest(request, policy) {
880
+ const policyRefs = sanitizeAdapterInputSourceRefs(request.policyRefs ?? []);
881
+ const sourceRefs = sanitizeAdapterInputSourceRefs(request.sourceRefs ?? []);
882
+ const metadata = sanitizeProviderGraphVisibleRecord(request.metadata);
883
+ return Object.freeze({
884
+ kind: "tool-provider-adapter-run-requested",
885
+ runId: request.runId,
886
+ adapterInputId: request.adapterInputId,
887
+ requestId: request.requestId,
888
+ operationId: request.operationId,
889
+ ...request.routeId === void 0 ? {} : { routeId: request.routeId },
890
+ ...request.providerId === void 0 ? {} : { providerId: request.providerId },
891
+ ...request.executorId === void 0 ? {} : { executorId: request.executorId },
892
+ ...request.profileId === void 0 ? {} : { profileId: request.profileId },
893
+ attempt: request.attempt,
894
+ reason: sanitizeToolProviderAdapterRunReason(request.reason, request.attempt, policy),
895
+ ...request.retryOfOutcomeId === void 0 ? {} : { retryOfOutcomeId: request.retryOfOutcomeId },
896
+ ...policyRefs.length === 0 ? {} : { policyRefs },
897
+ ...sourceRefs.length === 0 ? {} : { sourceRefs },
898
+ ...metadata === void 0 ? {} : { metadata },
899
+ ...request.requestedAtMs === void 0 ? {} : { requestedAtMs: request.requestedAtMs }
900
+ });
901
+ }
902
+ function isToolProviderAdapterRunRequestedLike(value) {
903
+ const attempt = isRecord(value) ? value.attempt : void 0;
904
+ return isRecord(value) && value.kind === "tool-provider-adapter-run-requested" && typeof value.runId === "string" && value.runId.length > 0 && typeof value.adapterInputId === "string" && value.adapterInputId.length > 0 && typeof value.requestId === "string" && value.requestId.length > 0 && typeof value.operationId === "string" && value.operationId.length > 0 && typeof attempt === "number" && Number.isInteger(attempt) && attempt > 0 && typeof value.reason === "string" && value.reason.length > 0;
905
+ }
906
+ function fallbackToolProviderAdapterRunRequest(raw, policy) {
907
+ const record = isRecord(raw) ? raw : {};
908
+ const adapterInputId = typeof record.adapterInputId === "string" && record.adapterInputId.length > 0 ? record.adapterInputId : "<invalid-adapter-input>";
909
+ const runId = typeof record.runId === "string" && record.runId.length > 0 ? record.runId : `${adapterInputId}:invalid-run`;
910
+ const attempt = typeof record.attempt === "number" && Number.isInteger(record.attempt) && record.attempt > 0 ? record.attempt : 1;
911
+ const metadata = isRecord(record.metadata) ? sanitizeProviderGraphVisibleRecord(record.metadata, policy) : void 0;
912
+ return Object.freeze({
913
+ kind: "tool-provider-adapter-run-requested",
914
+ runId,
915
+ adapterInputId,
916
+ requestId: typeof record.requestId === "string" && record.requestId.length > 0 ? record.requestId : "<invalid-request>",
917
+ operationId: typeof record.operationId === "string" && record.operationId.length > 0 ? record.operationId : "<invalid-operation>",
918
+ attempt,
919
+ reason: sanitizeToolProviderAdapterRunReason(
920
+ typeof record.reason === "string" && record.reason.length > 0 ? record.reason : "manual",
921
+ attempt,
922
+ policy
923
+ ),
924
+ sourceRefs: sanitizeAdapterInputSourceRefs([
925
+ ref("tool-provider-adapter-run", runId),
926
+ ...sanitizeUntrustedSourceRefs(record.sourceRefs)
927
+ ]),
928
+ ...metadata === void 0 ? {} : { metadata }
929
+ });
930
+ }
931
+ function sanitizeUntrustedSourceRefs(value) {
932
+ if (!Array.isArray(value)) return [];
933
+ return Object.freeze(
934
+ value.filter(
935
+ (sourceRef) => isRecord(sourceRef) && typeof sourceRef.kind === "string" && sourceRef.kind.length > 0 && typeof sourceRef.id === "string" && sourceRef.id.length > 0
936
+ ).map((sourceRef) => ({
937
+ kind: sourceRef.kind,
938
+ id: sourceRef.id,
939
+ ...isRecord(sourceRef.metadata) ? { metadata: sourceRef.metadata } : {}
940
+ }))
941
+ );
942
+ }
943
+ function runRequestIdentityIssues(request, input) {
944
+ const refs = sanitizeAdapterInputSourceRefs([
945
+ ref("tool-provider-adapter-run", request.runId),
946
+ ref("tool-provider-adapter-input", input.adapterInputId),
947
+ ...request.sourceRefs ?? []
948
+ ]);
949
+ const issues = [];
950
+ if (request.kind !== "tool-provider-adapter-run-requested") {
951
+ issues.push(
952
+ dataIssue(
953
+ "tool-provider-adapter-run-request-invalid-kind",
954
+ "Tool provider adapter run request kind must be tool-provider-adapter-run-requested.",
955
+ { subjectId: request.adapterInputId, refs }
956
+ )
957
+ );
958
+ }
959
+ if (request.runId.length === 0) {
960
+ issues.push(
961
+ dataIssue(
962
+ "tool-provider-adapter-run-request-missing-run-id",
963
+ "Tool provider adapter run request requires runId.",
964
+ {
965
+ subjectId: request.adapterInputId,
966
+ refs
967
+ }
968
+ )
969
+ );
970
+ }
971
+ if (!Number.isInteger(request.attempt) || request.attempt < 1) {
972
+ issues.push(
973
+ dataIssue(
974
+ "tool-provider-adapter-run-request-invalid-attempt",
975
+ "Tool provider adapter run request attempt must be a positive integer.",
976
+ { subjectId: request.adapterInputId, refs }
977
+ )
978
+ );
979
+ }
980
+ if (request.requestId !== input.requestId) {
981
+ issues.push(
982
+ dataIssue(
983
+ "tool-provider-adapter-run-request-stale-request",
984
+ "Tool provider adapter run request requestId does not match the adapter input.",
985
+ { subjectId: input.requestId, refs }
986
+ )
987
+ );
988
+ }
989
+ if (request.operationId !== input.operationId) {
990
+ issues.push(
991
+ dataIssue(
992
+ "tool-provider-adapter-run-request-stale-operation",
993
+ "Tool provider adapter run request operationId does not match the adapter input.",
994
+ { subjectId: input.requestId, refs }
995
+ )
996
+ );
997
+ }
998
+ if (request.routeId !== void 0 && request.routeId !== input.routeId) {
999
+ issues.push(
1000
+ dataIssue(
1001
+ "tool-provider-adapter-run-request-stale-route",
1002
+ "Tool provider adapter run request routeId does not match the adapter input.",
1003
+ { subjectId: input.requestId, refs }
1004
+ )
1005
+ );
1006
+ }
1007
+ if (request.providerId !== void 0 && request.providerId !== input.providerId) {
1008
+ issues.push(
1009
+ dataIssue(
1010
+ "tool-provider-adapter-run-request-stale-provider",
1011
+ "Tool provider adapter run request providerId does not match the adapter input.",
1012
+ { subjectId: input.requestId, refs }
1013
+ )
1014
+ );
1015
+ }
1016
+ if (request.executorId !== void 0 && request.executorId !== input.executorId) {
1017
+ issues.push(
1018
+ dataIssue(
1019
+ "tool-provider-adapter-run-request-stale-executor",
1020
+ "Tool provider adapter run request executorId does not match the adapter input.",
1021
+ { subjectId: input.requestId, refs }
1022
+ )
1023
+ );
1024
+ }
1025
+ if (request.profileId !== void 0 && request.profileId !== input.profileId) {
1026
+ issues.push(
1027
+ dataIssue(
1028
+ "tool-provider-adapter-run-request-stale-profile",
1029
+ "Tool provider adapter run request profileId does not match the adapter input.",
1030
+ { subjectId: input.requestId, refs }
1031
+ )
1032
+ );
1033
+ }
1034
+ for (const forbidden of [
1035
+ ...forbiddenDataKeys(request),
1036
+ ...forbiddenProviderRawMaterialKeys(request)
1037
+ ]) {
1038
+ issues.push(
1039
+ dataIssue(
1040
+ "tool-provider-adapter-run-request-forbidden-runtime-material",
1041
+ "Tool provider adapter run request must not contain runtime-private adapter material.",
1042
+ { subjectId: input.requestId, refs, details: { reason: forbidden.reason } }
1043
+ )
1044
+ );
1045
+ }
1046
+ return issues;
1047
+ }
1048
+ function emitRunRequested(ctx, state, request, privateRetentionHooks) {
1049
+ const key = `${request.runId}:${request.adapterInputId}:${request.attempt}`;
1050
+ if (state.emittedKeys.has(key)) return;
1051
+ state.emittedKeys.add(key);
1052
+ ctx.down([["DATA", { kind: "request", request }]]);
1053
+ privateRetentionHooks?.onRunRequestKey?.({
1054
+ key,
1055
+ request,
1056
+ dropKey: () => state.emittedKeys.delete(key)
1057
+ });
1058
+ emitRunStatus(
1059
+ ctx,
1060
+ state,
1061
+ {
1062
+ kind: "tool-provider-adapter-run-status",
1063
+ runId: request.runId,
1064
+ adapterInputId: request.adapterInputId,
1065
+ requestId: request.requestId,
1066
+ operationId: request.operationId,
1067
+ status: "requested",
1068
+ attempt: request.attempt,
1069
+ sourceRefs: request.sourceRefs
1070
+ },
1071
+ privateRetentionHooks
1072
+ );
1073
+ emitRunAudit(ctx, state, "tool-provider-adapter-run-requested", request, {
1074
+ reason: request.reason,
1075
+ attempt: request.attempt
1076
+ });
1077
+ }
1078
+ function emitRunStatus(ctx, state, status, privateRetentionHooks) {
1079
+ const cleanSourceRefs = status.sourceRefs === void 0 ? void 0 : sanitizeAdapterInputSourceRefs(status.sourceRefs);
1080
+ const cleanIssues = status.issues === void 0 ? void 0 : Object.freeze(status.issues.map((issue2) => sanitizeAdapterInputIssue(issue2)));
1081
+ const cleanMetadata = sanitizeProviderGraphVisibleRecord(status.metadata);
1082
+ const cleanStatus = Object.freeze({
1083
+ kind: status.kind,
1084
+ runId: status.runId,
1085
+ adapterInputId: status.adapterInputId,
1086
+ ...status.requestId === void 0 ? {} : { requestId: status.requestId },
1087
+ ...status.operationId === void 0 ? {} : { operationId: status.operationId },
1088
+ status: status.status,
1089
+ ...status.attempt === void 0 ? {} : { attempt: status.attempt },
1090
+ ...status.outcomeId === void 0 ? {} : { outcomeId: status.outcomeId },
1091
+ ...cleanIssues === void 0 || cleanIssues.length === 0 ? {} : { issues: cleanIssues },
1092
+ ...cleanSourceRefs === void 0 || cleanSourceRefs.length === 0 ? {} : { sourceRefs: cleanSourceRefs },
1093
+ ...cleanMetadata === void 0 ? {} : { metadata: cleanMetadata }
1094
+ });
1095
+ const key = stableJsonStringify({
1096
+ runId: cleanStatus.runId,
1097
+ adapterInputId: cleanStatus.adapterInputId,
1098
+ requestId: cleanStatus.requestId,
1099
+ attempt: cleanStatus.attempt,
1100
+ status: cleanStatus.status,
1101
+ outcomeId: cleanStatus.outcomeId
1102
+ });
1103
+ if (state.statusKeys.has(key)) return;
1104
+ state.statusKeys.add(key);
1105
+ ctx.down([
1106
+ ["DATA", { kind: "status", status: cleanStatus }]
1107
+ ]);
1108
+ privateRetentionHooks?.onRunStatusKey?.({
1109
+ key,
1110
+ status: cleanStatus,
1111
+ dropKey: () => state.statusKeys.delete(key)
1112
+ });
1113
+ }
1114
+ function emitRunIssue(ctx, state, code, message, subjectId, refs, privateRetentionHooks) {
1115
+ emitRunIssueFact(
1116
+ ctx,
1117
+ state,
1118
+ dataIssue(code, message, { subjectId, refs }),
1119
+ privateRetentionHooks
1120
+ );
1121
+ }
1122
+ function emitRunIssueFact(ctx, state, issue2, privateRetentionHooks) {
1123
+ const key = stableJsonStringify({
1124
+ code: issue2.code,
1125
+ subjectId: issue2.subjectId,
1126
+ refs: issue2.refs ?? [],
1127
+ details: issue2.details
1128
+ });
1129
+ if (state.issueKeys.has(key)) return;
1130
+ state.issueKeys.add(key);
1131
+ ctx.down([["DATA", { kind: "issue", issue: issue2 }]]);
1132
+ privateRetentionHooks?.onRunIssueKey?.({
1133
+ key,
1134
+ issue: issue2,
1135
+ dropKey: () => state.issueKeys.delete(key)
1136
+ });
1137
+ }
1138
+ function emitRunAudit(ctx, state, kind, request, metadata) {
1139
+ state.auditSeq += 1;
1140
+ ctx.down([
1141
+ [
1142
+ "DATA",
1143
+ {
1144
+ kind: "audit",
1145
+ audit: {
1146
+ id: `${request.runId}:audit:${state.auditSeq}`,
1147
+ kind,
1148
+ subjectId: request.requestId,
1149
+ sourceRefs: sanitizeAdapterInputSourceRefs(request.sourceRefs ?? []),
1150
+ metadata: sanitizeProviderGraphVisibleRecord({
1151
+ runId: request.runId,
1152
+ adapterInputId: request.adapterInputId,
1153
+ ...metadata
1154
+ })
1155
+ }
1156
+ }
1157
+ ]
1158
+ ]);
1159
+ }
1160
+
1161
+ // src/orchestration/agent-runtime-executor-outcome.ts
1162
+ function adapterRuntimeIdentity(input) {
1163
+ if (input.status !== "ready") {
1164
+ throw new RangeError("buildToolProviderExecutorOutcome: adapter input must be ready");
1165
+ }
1166
+ if (input.routeId === void 0 || input.executorId === void 0 || input.profileId === void 0) {
1167
+ throw new RangeError(
1168
+ "buildToolProviderExecutorOutcome: ready adapter input is missing route/executor/profile identity"
1169
+ );
1170
+ }
1171
+ return {
1172
+ routeId: input.routeId,
1173
+ executorId: input.executorId,
1174
+ profileId: input.profileId
1175
+ };
1176
+ }
1177
+ function defaultToolProviderAdapterEvidenceRefs(input) {
1178
+ return sanitizeAdapterInputSourceRefs([
1179
+ ref("tool-provider-adapter-input", input.adapterInputId),
1180
+ ...input.sourceRefs ?? []
1181
+ ]);
1182
+ }
1183
+ function buildToolProviderExecutorOutcome(input, result, opts = {}) {
1184
+ const ids = adapterRuntimeIdentity(input);
1185
+ const attempt = opts.attempt ?? 1;
1186
+ const occurredAtMs = result.occurredAtMs ?? opts.occurredAtMs;
1187
+ const evidenceRefs = result.evidenceRefs === void 0 ? defaultToolProviderAdapterEvidenceRefs(input) : sanitizeAdapterInputSourceRefs(result.evidenceRefs);
1188
+ const issues = result.issues === void 0 ? void 0 : Object.freeze(
1189
+ result.issues.map((issue3) => sanitizeAdapterInputIssue(issue3, opts.publicText))
1190
+ );
1191
+ const textIssues = [];
1192
+ const metadata = sanitizeRuntimeMetadata(
1193
+ {
1194
+ ...result.metadata ?? {},
1195
+ adapterInputId: input.adapterInputId,
1196
+ ...opts.runId === void 0 ? {} : { runId: opts.runId },
1197
+ providerId: input.providerId,
1198
+ toolName: input.toolName,
1199
+ operation: input.operation
1200
+ },
1201
+ input,
1202
+ opts.publicText,
1203
+ textIssues
1204
+ );
1205
+ if (metadata === void 0 && result.metadata !== void 0) {
1206
+ textIssues.push(
1207
+ dataIssue(
1208
+ "tool-provider-adapter-runtime-metadata-redacted",
1209
+ "Tool provider adapter runtime metadata was omitted because it contained runtime-private material.",
1210
+ {
1211
+ subjectId: input.requestId,
1212
+ refs: [ref("tool-provider-adapter-input", input.adapterInputId)],
1213
+ severity: "warning"
1214
+ }
1215
+ )
1216
+ );
1217
+ }
1218
+ const base = {
1219
+ outcomeId: opts.outcomeId ?? `${input.adapterInputId}:${toolProviderOutcomeRunSegment(opts.runId, attempt)}:${result.kind}`,
1220
+ requestId: input.requestId,
1221
+ operationId: input.operationId,
1222
+ routeId: ids.routeId,
1223
+ executorId: ids.executorId,
1224
+ profileId: ids.profileId,
1225
+ attempt,
1226
+ evidenceRefs,
1227
+ ...input.input?.inputId === void 0 ? {} : { inputId: input.input.inputId },
1228
+ ...input.input?.inputKind === void 0 ? {} : { inputKind: input.input.inputKind },
1229
+ ...occurredAtMs === void 0 ? {} : { occurredAtMs },
1230
+ ...issues === void 0 ? {} : { issues },
1231
+ ...result.usage === void 0 ? {} : { usage: result.usage },
1232
+ ...metadata === void 0 ? {} : { metadata }
1233
+ };
1234
+ const candidate = (() => {
1235
+ switch (result.kind) {
1236
+ case "result":
1237
+ return {
1238
+ ...base,
1239
+ kind: "result",
1240
+ result: sanitizeAgentOutputEnvelope(result.result, input, opts.publicText, textIssues)
1241
+ };
1242
+ case "failure":
1243
+ return {
1244
+ ...base,
1245
+ kind: "failure",
1246
+ error: sanitizeAdapterInputIssue(result.error, opts.publicText),
1247
+ ...result.retryable === void 0 ? {} : { retryable: result.retryable }
1248
+ };
1249
+ case "canceled":
1250
+ return {
1251
+ ...base,
1252
+ kind: "canceled",
1253
+ ...result.reason === void 0 ? {} : {
1254
+ reason: boundedPublicText(
1255
+ result.reason,
1256
+ "reason",
1257
+ input,
1258
+ opts.publicText,
1259
+ textIssues
1260
+ )
1261
+ }
1262
+ };
1263
+ case "timeout":
1264
+ return {
1265
+ ...base,
1266
+ kind: "timeout",
1267
+ ...result.timeoutMs === void 0 ? {} : { timeoutMs: result.timeoutMs },
1268
+ ...result.retryable === void 0 ? {} : { retryable: result.retryable }
1269
+ };
1270
+ case "blocked":
1271
+ return {
1272
+ ...base,
1273
+ kind: "blocked",
1274
+ needs: Object.freeze(
1275
+ result.needs.map((need) => sanitizeAgentNeed(need, input, opts.publicText, textIssues))
1276
+ )
1277
+ };
1278
+ }
1279
+ })();
1280
+ const boundedCandidate = textIssues.length === 0 ? candidate : {
1281
+ ...candidate,
1282
+ issues: Object.freeze([...candidate.issues ?? [], ...textIssues])
1283
+ };
1284
+ const materialIssues = (boundedCandidate.issues ?? []).filter(
1285
+ (issue3) => issue3.code === "tool-provider-adapter-runtime-forbidden-runtime-material"
1286
+ );
1287
+ const leakIssues = forbiddenAdapterRuntimeMaterialIssues(
1288
+ boundedCandidate,
1289
+ ref("executor-outcome", boundedCandidate.outcomeId),
1290
+ "executor-outcome"
1291
+ );
1292
+ if (leakIssues.length === 0 && materialIssues.length === 0)
1293
+ return Object.freeze(boundedCandidate);
1294
+ const allLeakIssues = Object.freeze([...materialIssues, ...leakIssues]);
1295
+ const issue2 = allLeakIssues[0] ?? dataIssue("tool-provider-adapter-runtime-invalid", "invalid");
1296
+ const failureMetadata = sanitizeGraphVisibleRecord({
1297
+ adapterInputId: input.adapterInputId,
1298
+ ...opts.runId === void 0 ? {} : { runId: opts.runId },
1299
+ providerId: input.providerId,
1300
+ toolName: input.toolName,
1301
+ operation: input.operation
1302
+ });
1303
+ return Object.freeze({
1304
+ kind: "failure",
1305
+ outcomeId: `${input.adapterInputId}:${toolProviderOutcomeRunSegment(
1306
+ opts.runId,
1307
+ attempt
1308
+ )}:failure`,
1309
+ requestId: input.requestId,
1310
+ operationId: input.operationId,
1311
+ routeId: ids.routeId,
1312
+ executorId: ids.executorId,
1313
+ profileId: ids.profileId,
1314
+ attempt,
1315
+ evidenceRefs,
1316
+ ...input.input?.inputId === void 0 ? {} : { inputId: input.input.inputId },
1317
+ ...input.input?.inputKind === void 0 ? {} : { inputKind: input.input.inputKind },
1318
+ ...occurredAtMs === void 0 ? {} : { occurredAtMs },
1319
+ ...failureMetadata === void 0 ? {} : { metadata: failureMetadata },
1320
+ error: issue2,
1321
+ retryable: false,
1322
+ issues: allLeakIssues
1323
+ });
1324
+ }
1325
+ function toolProviderOutcomeRunSegment(runId, attempt) {
1326
+ return runId === void 0 ? `attempt-${attempt}` : `${runId}:attempt-${attempt}`;
1327
+ }
1328
+ function forbiddenAdapterRuntimeMaterialIssues(value, subjectRef, area) {
1329
+ if (value === void 0) return [];
1330
+ const forbidden = publicMaterialForbiddenKeys(value, "provider");
1331
+ if (forbidden.length === 0) return [];
1332
+ return Object.freeze(
1333
+ forbidden.map(
1334
+ (entry) => dataIssue(
1335
+ "tool-provider-adapter-runtime-forbidden-runtime-material",
1336
+ "Tool provider adapter runtime output must not contain runtime-private adapter material.",
1337
+ { subjectId: subjectRef.id, refs: [subjectRef], details: { area, reason: entry.reason } }
1338
+ )
1339
+ )
1340
+ );
1341
+ }
1342
+
1343
+ // src/orchestration/agent-runtime-tool-provider-policy.ts
1344
+ function localBuiltinToolProviderCatalog(opts = {}) {
1345
+ const providerId = opts.providerId ?? "local-builtin";
1346
+ const executorId = opts.executorId ?? `${providerId}:tool-executor`;
1347
+ const profileId = opts.profileId ?? `${providerId}:tool-profile`;
1348
+ const tools = opts.tools ?? [
1349
+ { toolName: "document/read-doc", operation: "read" },
1350
+ { toolName: "file.read", operation: "read" },
1351
+ { toolName: "file.edit/apply-patch", operation: "edit" },
1352
+ { toolName: "bash.run", operation: "run" },
1353
+ { toolName: "url.fetch", operation: "fetch" },
1354
+ { toolName: "date.now", operation: "read" },
1355
+ { toolName: "weather.fetch", operation: "fetch" },
1356
+ { toolName: "calculator/eval", operation: "eval" }
1357
+ ];
1358
+ const candidatePolicies = opts.policies?.map(
1359
+ (policy) => Object.freeze(policy)
1360
+ ) ?? [
1361
+ defaultLocalBuiltinToolProviderExecutionPolicy({
1362
+ providerId,
1363
+ profileId,
1364
+ tools,
1365
+ overrides: opts.policyOverrides
1366
+ })
1367
+ ];
1368
+ const policyIssues = Object.freeze(
1369
+ candidatePolicies.flatMap((policy) => [
1370
+ ...validateToolProviderExecutionPolicy(policy),
1371
+ ...validateToolProviderPolicyProviderScope(policy, providerId)
1372
+ ])
1373
+ );
1374
+ const policies = Object.freeze(
1375
+ candidatePolicies.filter((policy) => isPublishableToolProviderExecutionPolicy(policy, providerId)).map((policy) => Object.freeze(policy))
1376
+ );
1377
+ const policyRefs = Object.freeze(
1378
+ policies.map((policy) => ref("tool-provider-execution-policy", policy.policyId))
1379
+ );
1380
+ const catalogInputIssues = Object.freeze([
1381
+ ...forbiddenGraphVisibleMaterialIssues(
1382
+ opts.metadata,
1383
+ ref("tool-provider-catalog", providerId),
1384
+ "catalog-metadata"
1385
+ ),
1386
+ ...forbiddenGraphVisibleMaterialIssues(
1387
+ opts.capabilities,
1388
+ ref("executor-profile", profileId),
1389
+ "profile-capabilities"
1390
+ ),
1391
+ ...forbiddenGraphVisibleMaterialIssues(
1392
+ opts.limits,
1393
+ ref("executor-profile", profileId),
1394
+ "profile-limits"
1395
+ ),
1396
+ ...tools.flatMap((tool) => [
1397
+ ...forbiddenGraphVisibleMaterialIssues(
1398
+ tool.metadata,
1399
+ ref("tool", tool.toolName),
1400
+ "tool-metadata"
1401
+ ),
1402
+ ...forbiddenGraphVisibleMaterialIssues(
1403
+ tool.capabilities,
1404
+ ref("tool", tool.toolName),
1405
+ "tool-capabilities"
1406
+ ),
1407
+ ...forbiddenGraphVisibleMaterialIssues(
1408
+ tool.limits,
1409
+ ref("tool", tool.toolName),
1410
+ "tool-limits"
1411
+ )
1412
+ ])
1413
+ ]);
1414
+ const toolEntries = tools.map((tool) => {
1415
+ const toolPolicyRefs = policyRefsForTool(policies, profileId, tool);
1416
+ return Object.freeze({
1417
+ ...tool,
1418
+ kind: "tool-catalog-entry",
1419
+ providerId,
1420
+ inputKind: "tool-call",
1421
+ profileId,
1422
+ executorId,
1423
+ capabilities: sanitizeProviderGraphVisibleRecord(tool.capabilities),
1424
+ limits: sanitizeProviderGraphVisibleRecord(tool.limits),
1425
+ policyRefs: toolPolicyRefs,
1426
+ metadata: sanitizeProviderGraphVisibleRecord(tool.metadata)
1427
+ });
1428
+ });
1429
+ const profilePolicyRefs = policyRefsForProfile(policies, profileId);
1430
+ const issues = Object.freeze([...policyIssues, ...catalogInputIssues]);
1431
+ return Object.freeze({
1432
+ kind: "tool-provider-catalog",
1433
+ providerId,
1434
+ providerKind: "local-builtin",
1435
+ status: issues.length === 0 ? "ready" : "misconfigured",
1436
+ profiles: Object.freeze([
1437
+ Object.freeze({
1438
+ profileId,
1439
+ executorId,
1440
+ kind: "tool",
1441
+ acceptedInputKinds: Object.freeze(["tool-call"]),
1442
+ acceptedResultKinds: Object.freeze(
1443
+ Array.from(new Set(toolEntries.flatMap((tool) => tool.resultKinds ?? [])))
1444
+ ),
1445
+ capabilities: Object.freeze({
1446
+ toolNames: Object.freeze(toolEntries.map((tool) => tool.toolName)),
1447
+ ...sanitizeProviderGraphVisibleRecord(opts.capabilities) ?? {}
1448
+ }),
1449
+ limits: sanitizeProviderGraphVisibleRecord(opts.limits),
1450
+ policyRefs: profilePolicyRefs,
1451
+ metadata: sanitizeProviderGraphVisibleRecord(opts.metadata)
1452
+ })
1453
+ ]),
1454
+ tools: Object.freeze(toolEntries),
1455
+ policies,
1456
+ policyRefs,
1457
+ issues: issues.length === 0 ? void 0 : issues,
1458
+ metadata: sanitizeProviderGraphVisibleRecord(opts.metadata)
1459
+ });
1460
+ }
1461
+ function validateToolProviderExecutionPolicy(policy) {
1462
+ const issues = [];
1463
+ if (!isRecord(policy)) {
1464
+ return Object.freeze([
1465
+ dataIssue(
1466
+ "tool-provider-policy-invalid-shape",
1467
+ "Tool provider policy must be a data object.",
1468
+ { refs: [ref("tool-provider-execution-policy", "<invalid>")] }
1469
+ )
1470
+ ]);
1471
+ }
1472
+ const policyId = typeof policy.policyId === "string" ? policy.policyId : "";
1473
+ const providerId = typeof policy.providerId === "string" ? policy.providerId : "";
1474
+ const policyRef = ref("tool-provider-execution-policy", policyId || "<missing>");
1475
+ if (policy.kind !== "tool-provider-execution-policy") {
1476
+ issues.push(
1477
+ dataIssue(
1478
+ "tool-provider-policy-invalid-kind",
1479
+ "ToolProviderExecutionPolicy.kind must be tool-provider-execution-policy.",
1480
+ { subjectId: policyId, refs: [policyRef] }
1481
+ )
1482
+ );
1483
+ }
1484
+ if (!policyId) {
1485
+ issues.push(
1486
+ dataIssue(
1487
+ "tool-provider-policy-missing-policy-id",
1488
+ "Tool provider policy is missing policyId.",
1489
+ {
1490
+ refs: [policyRef]
1491
+ }
1492
+ )
1493
+ );
1494
+ }
1495
+ if (!providerId) {
1496
+ issues.push(
1497
+ dataIssue(
1498
+ "tool-provider-policy-missing-provider-id",
1499
+ "Tool provider policy is missing providerId.",
1500
+ { subjectId: policyId, refs: [policyRef] }
1501
+ )
1502
+ );
1503
+ }
1504
+ if (policy.sizeCapacity === void 0 && policy.timeout === void 0 && policy.redaction === void 0 && policy.filesystem === void 0 && policy.approval === void 0 && policy.artifacts === void 0 && policy.network === void 0) {
1505
+ issues.push(
1506
+ dataIssue(
1507
+ "tool-provider-policy-missing-material",
1508
+ "Tool provider policy has no D360 policy material sections.",
1509
+ { subjectId: policyId, refs: [policyRef] }
1510
+ )
1511
+ );
1512
+ }
1513
+ if (policy.sizeCapacity !== void 0 && !isRecord(policy.sizeCapacity)) {
1514
+ issues.push(
1515
+ dataIssue(
1516
+ "tool-provider-policy-invalid-size-capacity",
1517
+ "Tool provider size-capacity policy must be a data object.",
1518
+ { subjectId: policyId, refs: [policyRef] }
1519
+ )
1520
+ );
1521
+ }
1522
+ const limits = isRecord(policy.sizeCapacity) ? policy.sizeCapacity.limits : void 0;
1523
+ if (isRecord(policy.sizeCapacity) && !Array.isArray(limits)) {
1524
+ issues.push(
1525
+ dataIssue(
1526
+ "tool-provider-policy-invalid-size-capacity",
1527
+ "Tool provider size-capacity limits must be an array.",
1528
+ { subjectId: policyId, refs: [policyRef] }
1529
+ )
1530
+ );
1531
+ }
1532
+ for (const [index, rawLimit] of (Array.isArray(limits) ? limits : []).entries()) {
1533
+ if (!isRecord(rawLimit)) {
1534
+ issues.push(
1535
+ dataIssue(
1536
+ "tool-provider-policy-invalid-size-limit",
1537
+ "Tool provider size-capacity limit must be a data object.",
1538
+ { subjectId: policyId, refs: [policyRef], details: { index } }
1539
+ )
1540
+ );
1541
+ continue;
1542
+ }
1543
+ const limit = rawLimit;
1544
+ if (typeof limit.unit !== "string" || limit.unit.length === 0) {
1545
+ issues.push(
1546
+ dataIssue(
1547
+ "tool-provider-policy-invalid-size-limit",
1548
+ "Tool provider size-capacity limit unit must be a non-empty string.",
1549
+ { subjectId: policyId, refs: [policyRef], details: { index } }
1550
+ )
1551
+ );
1552
+ }
1553
+ if (limit.softLimit !== void 0 && (typeof limit.softLimit !== "number" || !Number.isFinite(limit.softLimit) || limit.softLimit < 0)) {
1554
+ issues.push(
1555
+ dataIssue(
1556
+ "tool-provider-policy-invalid-size-limit",
1557
+ "Tool provider size-capacity softLimit must be a finite non-negative number.",
1558
+ { subjectId: policyId, refs: [policyRef], details: { index, unit: limit.unit } }
1559
+ )
1560
+ );
1561
+ }
1562
+ if (limit.hardLimit !== void 0 && (typeof limit.hardLimit !== "number" || !Number.isFinite(limit.hardLimit) || limit.hardLimit < 0)) {
1563
+ issues.push(
1564
+ dataIssue(
1565
+ "tool-provider-policy-invalid-size-limit",
1566
+ "Tool provider size-capacity hardLimit must be a finite non-negative number.",
1567
+ { subjectId: policyId, refs: [policyRef], details: { index, unit: limit.unit } }
1568
+ )
1569
+ );
1570
+ }
1571
+ if (typeof limit.softLimit === "number" && Number.isFinite(limit.softLimit) && typeof limit.hardLimit === "number" && Number.isFinite(limit.hardLimit) && limit.softLimit > limit.hardLimit) {
1572
+ issues.push(
1573
+ dataIssue(
1574
+ "tool-provider-policy-invalid-size-limit",
1575
+ "Tool provider size-capacity softLimit must not exceed hardLimit.",
1576
+ { subjectId: policyId, refs: [policyRef], details: { index, unit: limit.unit } }
1577
+ )
1578
+ );
1579
+ }
1580
+ }
1581
+ if (policy.timeout !== void 0 && !isRecord(policy.timeout)) {
1582
+ issues.push(
1583
+ dataIssue(
1584
+ "tool-provider-policy-invalid-timeout",
1585
+ "Tool provider timeout policy must be a data object.",
1586
+ { subjectId: policyId, refs: [policyRef] }
1587
+ )
1588
+ );
1589
+ }
1590
+ for (const [field, value] of Object.entries(isRecord(policy.timeout) ? policy.timeout : {})) {
1591
+ if (field.endsWith("TimeoutMs") || field === "timeoutMs") {
1592
+ if (typeof value !== "number" || !Number.isFinite(value) || value < 0) {
1593
+ issues.push(
1594
+ dataIssue(
1595
+ "tool-provider-policy-invalid-timeout",
1596
+ "Tool provider timeout values must be finite non-negative numbers.",
1597
+ { subjectId: policyId, refs: [policyRef], details: { field } }
1598
+ )
1599
+ );
1600
+ }
1601
+ }
1602
+ }
1603
+ for (const forbidden of [
1604
+ ...forbiddenDataKeys(policy),
1605
+ ...forbiddenProviderRawMaterialKeys(policy)
1606
+ ]) {
1607
+ issues.push(
1608
+ dataIssue(
1609
+ "tool-provider-policy-forbidden-runtime-material",
1610
+ "Tool provider policy must not contain runtime-private adapter material.",
1611
+ { subjectId: policyId, refs: [policyRef], details: { reason: forbidden.reason } }
1612
+ )
1613
+ );
1614
+ }
1615
+ return Object.freeze(issues);
1616
+ }
1617
+ function isPublishableToolProviderExecutionPolicy(policy, providerId) {
1618
+ return isRecord(policy) && policy.kind === "tool-provider-execution-policy" && typeof policy.policyId === "string" && policy.policyId.length > 0 && typeof policy.providerId === "string" && policy.providerId.length > 0 && (providerId === void 0 || policy.providerId === providerId) && validateToolProviderExecutionPolicy(policy).length === 0;
1619
+ }
1620
+ function validateToolProviderPolicyProviderScope(policy, providerId) {
1621
+ if (!isRecord(policy)) return [];
1622
+ if (policy.providerId === void 0 || policy.providerId === providerId) return [];
1623
+ return Object.freeze([
1624
+ dataIssue(
1625
+ "tool-provider-policy-provider-mismatch",
1626
+ "Tool provider policy providerId must match the catalog providerId.",
1627
+ {
1628
+ subjectId: typeof policy.policyId === "string" ? policy.policyId : void 0,
1629
+ refs: [
1630
+ ref(
1631
+ "tool-provider-execution-policy",
1632
+ typeof policy.policyId === "string" && policy.policyId.length > 0 ? policy.policyId : "<missing>"
1633
+ ),
1634
+ ref("tool-provider-catalog", providerId)
1635
+ ]
1636
+ }
1637
+ )
1638
+ ]);
1639
+ }
1640
+ function policyRefsForProfile(policies, profileId) {
1641
+ return Object.freeze(
1642
+ policies.filter((policy) => policyAppliesToProfile(policy, profileId)).map((policy) => ref("tool-provider-execution-policy", policy.policyId))
1643
+ );
1644
+ }
1645
+ function policyRefsForTool(policies, profileId, tool) {
1646
+ return Object.freeze(
1647
+ policies.filter((policy) => policyAppliesToProfile(policy, profileId)).filter((policy) => policyAppliesToOptionalScope(policy.toolNames, tool.toolName)).filter((policy) => policyAppliesToOptionalScope(policy.operations, tool.operation)).map((policy) => ref("tool-provider-execution-policy", policy.policyId))
1648
+ );
1649
+ }
1650
+ function policyAppliesToProfile(policy, profileId) {
1651
+ return policyAppliesToOptionalScope(policy.profileIds, profileId);
1652
+ }
1653
+ function policyAppliesToOptionalScope(scope, value) {
1654
+ return scope === void 0 || scope.length === 0 || value !== void 0 && scope.includes(value);
1655
+ }
1656
+ function defaultLocalBuiltinToolProviderExecutionPolicy(opts) {
1657
+ const toolNames = Object.freeze(Array.from(new Set(opts.tools.map((tool) => tool.toolName))));
1658
+ const operations = Object.freeze(
1659
+ Array.from(new Set(opts.tools.map((tool) => tool.operation).filter((op) => op !== void 0)))
1660
+ );
1661
+ const hasUrlFetch = toolNames.includes("url.fetch");
1662
+ const filesystemToolNames = toolNames.filter(
1663
+ (toolName) => toolName.startsWith("file.") || toolName.startsWith("document/") || toolName === "bash.run"
1664
+ );
1665
+ const approvalToolNames = toolNames.filter(
1666
+ (toolName) => toolName === "file.edit/apply-patch" || toolName === "bash.run"
1667
+ );
1668
+ const approvalOperations = operations.filter(
1669
+ (operation) => operation === "edit" || operation === "run"
1670
+ );
1671
+ const policy = {
1672
+ kind: "tool-provider-execution-policy",
1673
+ policyId: `${opts.providerId}:policy:default`,
1674
+ providerId: opts.providerId,
1675
+ profileIds: Object.freeze([opts.profileId]),
1676
+ toolNames,
1677
+ operations,
1678
+ sizeCapacity: Object.freeze({
1679
+ limits: Object.freeze([
1680
+ Object.freeze({
1681
+ unit: "chars",
1682
+ softLimit: 16384,
1683
+ hardLimit: 65536,
1684
+ perRequest: true,
1685
+ measurementSource: "adapter-estimated"
1686
+ }),
1687
+ Object.freeze({
1688
+ unit: "bytes",
1689
+ softLimit: 1048576,
1690
+ hardLimit: 8388608,
1691
+ perArtifact: true,
1692
+ measurementSource: "adapter-measured"
1693
+ }),
1694
+ Object.freeze({
1695
+ unit: "lines",
1696
+ softLimit: 2e3,
1697
+ hardLimit: 1e4,
1698
+ perStream: true,
1699
+ measurementSource: "adapter-measured"
1700
+ })
1701
+ ])
1702
+ }),
1703
+ timeout: Object.freeze({
1704
+ timeoutMs: 3e4,
1705
+ idleTimeoutMs: 5e3
1706
+ }),
1707
+ redaction: Object.freeze({
1708
+ mode: "summary",
1709
+ sensitivity: Object.freeze(["private-material", "auth-material", "personal-data"]),
1710
+ summaryMaxChars: 512
1711
+ }),
1712
+ ...filesystemToolNames.length > 0 ? {
1713
+ filesystem: Object.freeze({
1714
+ cwd: ".",
1715
+ allowRead: true,
1716
+ allowWrite: false,
1717
+ followSymlinks: false,
1718
+ sourceRefs: Object.freeze(filesystemToolNames.map((toolName) => ref("tool", toolName))),
1719
+ pathRules: Object.freeze([
1720
+ Object.freeze({
1721
+ effect: "allow",
1722
+ path: ".",
1723
+ operation: "read",
1724
+ reason: "Default local builtin catalog is workspace-relative data material."
1725
+ }),
1726
+ Object.freeze({
1727
+ effect: "deny",
1728
+ glob: "**/.env*",
1729
+ reason: "D360 policies keep private material outside catalog DATA."
1730
+ })
1731
+ ])
1732
+ })
1733
+ } : {},
1734
+ ...hasUrlFetch ? {
1735
+ network: Object.freeze({
1736
+ mode: "custom",
1737
+ protocols: Object.freeze(["https:"]),
1738
+ allowedHosts: Object.freeze(["*"]),
1739
+ sourceRefs: Object.freeze([ref("tool", "url.fetch")])
1740
+ })
1741
+ } : {},
1742
+ approval: Object.freeze({
1743
+ mode: approvalToolNames.length > 0 ? "require" : "auto",
1744
+ ...approvalToolNames.length > 0 ? { requiredForToolNames: Object.freeze(approvalToolNames) } : {},
1745
+ ...approvalOperations.length > 0 ? { requiredForOperations: Object.freeze(approvalOperations) } : {}
1746
+ }),
1747
+ artifacts: Object.freeze({
1748
+ defaultDataMode: "summary",
1749
+ artifactKinds: Object.freeze([
1750
+ "text",
1751
+ "markdown",
1752
+ "file",
1753
+ "stdout",
1754
+ "stderr",
1755
+ "tool-output",
1756
+ "provider-raw"
1757
+ ]),
1758
+ inlineLimits: Object.freeze([
1759
+ Object.freeze({
1760
+ unit: "chars",
1761
+ hardLimit: 4096,
1762
+ perArtifact: true,
1763
+ measurementSource: "adapter-estimated"
1764
+ })
1765
+ ]),
1766
+ requireDigest: false
1767
+ }),
1768
+ sourceRefs: Object.freeze([ref("decision", "D360"), ref("tool-provider", opts.providerId)]),
1769
+ metadata: Object.freeze({
1770
+ description: "Default data-only policy material for local builtin tools."
1771
+ }),
1772
+ ...unlockedToolProviderPolicyOverrides(opts.overrides)
1773
+ };
1774
+ return Object.freeze(policy);
1775
+ }
1776
+
1777
+ // src/executors/tool-provider-adapters.ts
1778
+ var LOCAL_BUILTIN_TOOLS = Object.freeze([
1779
+ Object.freeze({
1780
+ toolName: "date.now",
1781
+ operation: "read",
1782
+ resultKinds: Object.freeze(["json"]),
1783
+ capabilities: Object.freeze({ deterministicWithInjectedClock: true })
1784
+ }),
1785
+ Object.freeze({
1786
+ toolName: "json.parse",
1787
+ operation: "parse",
1788
+ resultKinds: Object.freeze(["json"]),
1789
+ capabilities: Object.freeze({ externalSideEffects: false })
1790
+ }),
1791
+ Object.freeze({
1792
+ toolName: "text.concat",
1793
+ operation: "transform",
1794
+ resultKinds: Object.freeze(["text"]),
1795
+ capabilities: Object.freeze({ externalSideEffects: false })
1796
+ })
1797
+ ]);
1798
+ function localBuiltinToolProviderBinding(opts = {}) {
1799
+ const providerId = opts.providerId ?? "local-builtin";
1800
+ const maxTextChars = nonNegativeFinite(opts.maxTextChars, 16384);
1801
+ return Object.freeze({
1802
+ providerId,
1803
+ run(input, ctx) {
1804
+ const toolName = input.toolName;
1805
+ switch (toolName) {
1806
+ case "date.now":
1807
+ return localDateNow(input, ctx, opts.now);
1808
+ case "json.parse":
1809
+ return localJsonParse(input, maxTextChars);
1810
+ case "text.concat":
1811
+ return localTextConcat(input, maxTextChars);
1812
+ default:
1813
+ return blocked(
1814
+ input,
1815
+ "local-builtin-unsupported-tool",
1816
+ "Local builtin tool is not supported."
1817
+ );
1818
+ }
1819
+ }
1820
+ });
1821
+ }
1822
+ function localBuiltinToolProviderAdapterPack(opts = {}) {
1823
+ const providerId = opts.providerId ?? "local-builtin";
1824
+ const catalog = localBuiltinToolProviderCatalog({
1825
+ providerId,
1826
+ executorId: opts.executorId ?? `${providerId}:tool-executor`,
1827
+ profileId: opts.profileId ?? `${providerId}:tool-profile`,
1828
+ tools: LOCAL_BUILTIN_TOOLS,
1829
+ policyOverrides: {
1830
+ operations: Object.freeze(["read", "parse", "transform"]),
1831
+ redaction: Object.freeze({
1832
+ mode: "summary",
1833
+ summaryMaxChars: opts.publicText?.maxSummaryChars ?? 512
1834
+ })
1835
+ },
1836
+ metadata: Object.freeze({ adapterPack: "local-builtin-v0" })
1837
+ });
1838
+ return Object.freeze({
1839
+ catalogs: Object.freeze([catalog]),
1840
+ bindings: Object.freeze([
1841
+ localBuiltinToolProviderBinding({
1842
+ providerId,
1843
+ now: opts.now,
1844
+ maxTextChars: opts.maxTextChars ?? opts.publicText?.maxSummaryChars
1845
+ })
1846
+ ])
1847
+ });
1848
+ }
1849
+ function processToolProviderBinding(opts = {}) {
1850
+ const providerId = opts.providerId ?? "process";
1851
+ const config = processConfig(opts);
1852
+ return Object.freeze({
1853
+ providerId,
1854
+ run(input) {
1855
+ const args = processArguments(input);
1856
+ if (args === void 0) {
1857
+ return blocked(input, "process-invalid-arguments", "Process tool requires argv arguments.");
1858
+ }
1859
+ const allowed = config.allowedCommands.get(args.command);
1860
+ if (allowed === void 0) {
1861
+ if (config.duplicateCommands.has(args.command)) {
1862
+ return blocked(
1863
+ input,
1864
+ "process-command-duplicate-allowlist",
1865
+ "Process command has duplicate allowlist entries."
1866
+ );
1867
+ }
1868
+ if (config.invalidCommands.has(args.command)) {
1869
+ return blocked(
1870
+ input,
1871
+ "process-command-invalid-allowlist",
1872
+ "Process command has an invalid allowlist entry."
1873
+ );
1874
+ }
1875
+ return blocked(input, "process-command-not-allowed", "Process command is not allowlisted.");
1876
+ }
1877
+ if (!argsAllowed(allowed, args.args)) {
1878
+ return blocked(input, "process-argv-not-allowed", "Process argv is not allowlisted.");
1879
+ }
1880
+ const cwd = resolveProcessCwd(args.cwd, allowed, config);
1881
+ if (cwd === void 0) {
1882
+ return blocked(
1883
+ input,
1884
+ "process-cwd-not-allowed",
1885
+ "Process cwd is outside the allowed policy."
1886
+ );
1887
+ }
1888
+ const env = processEnv(args.env, config);
1889
+ if (env === void 0) {
1890
+ return blocked(
1891
+ input,
1892
+ "process-env-not-allowed",
1893
+ "Process env contains non-allowlisted keys."
1894
+ );
1895
+ }
1896
+ return runProcessTool(input, allowed, args, cwd, env, config);
1897
+ }
1898
+ });
1899
+ }
1900
+ function processToolProviderAdapterPack(opts = {}) {
1901
+ const providerId = opts.providerId ?? "process";
1902
+ const executorId = opts.executorId ?? `${providerId}:tool-executor`;
1903
+ const profileId = opts.profileId ?? `${providerId}:tool-profile`;
1904
+ return Object.freeze({
1905
+ catalogs: Object.freeze([
1906
+ processToolProviderCatalog({ ...opts, providerId, executorId, profileId })
1907
+ ]),
1908
+ bindings: Object.freeze([processToolProviderBinding({ ...opts, providerId })])
1909
+ });
1910
+ }
1911
+ function processToolProviderCatalog(opts = {}) {
1912
+ const providerId = opts.providerId ?? "process";
1913
+ const executorId = opts.executorId ?? `${providerId}:tool-executor`;
1914
+ const profileId = opts.profileId ?? `${providerId}:tool-profile`;
1915
+ const normalized = normalizeAllowedCommands(opts.allowedCommands ?? []);
1916
+ const allowedCommands = Object.freeze([...normalized.commands.values()]);
1917
+ const issueList = [
1918
+ ...allowedCommands.length === 0 ? [
1919
+ issue(
1920
+ "process-tool-provider-empty-allowlist",
1921
+ "Process tool provider has no allowlisted commands and will deny execution.",
1922
+ "warning"
1923
+ )
1924
+ ] : [],
1925
+ ...[...normalized.duplicates].map(
1926
+ (command) => issue(
1927
+ "process-tool-provider-duplicate-allowlist",
1928
+ "Process tool provider has duplicate command allowlist entries.",
1929
+ "error",
1930
+ { command }
1931
+ )
1932
+ ),
1933
+ ...[...normalized.invalids].map(
1934
+ (command) => issue(
1935
+ "process-tool-provider-invalid-allowlist",
1936
+ "Process tool provider has invalid command allowlist entries.",
1937
+ "error",
1938
+ { command }
1939
+ )
1940
+ )
1941
+ ];
1942
+ const issues = issueList.length === 0 ? void 0 : Object.freeze(issueList);
1943
+ const policy = processToolProviderExecutionPolicy(providerId, profileId, opts);
1944
+ const tool = Object.freeze({
1945
+ kind: "tool-catalog-entry",
1946
+ providerId,
1947
+ toolName: "process.execFile",
1948
+ operation: "run",
1949
+ inputKind: "tool-call",
1950
+ profileId,
1951
+ executorId,
1952
+ resultKinds: Object.freeze(["process-result"]),
1953
+ capabilities: Object.freeze({
1954
+ argv: true,
1955
+ shell: false,
1956
+ commands: Object.freeze(allowedCommands.map((cmd) => cmd.command)),
1957
+ env: Object.freeze({ allowedKeys: Object.freeze([...opts.allowedEnvKeys ?? []]) })
1958
+ }),
1959
+ policyRefs: Object.freeze([{ kind: "tool-provider-execution-policy", id: policy.policyId }])
1960
+ });
1961
+ return Object.freeze({
1962
+ kind: "tool-provider-catalog",
1963
+ providerId,
1964
+ providerKind: "process",
1965
+ status: issues === void 0 ? "ready" : "misconfigured",
1966
+ profiles: Object.freeze([
1967
+ Object.freeze({
1968
+ profileId,
1969
+ executorId,
1970
+ kind: "tool",
1971
+ acceptedInputKinds: Object.freeze(["tool-call"]),
1972
+ acceptedResultKinds: Object.freeze(["process-result"]),
1973
+ capabilities: Object.freeze({
1974
+ toolNames: Object.freeze([tool.toolName]),
1975
+ argv: true,
1976
+ shell: false
1977
+ }),
1978
+ policyRefs: Object.freeze([
1979
+ { kind: "tool-provider-execution-policy", id: policy.policyId }
1980
+ ])
1981
+ })
1982
+ ]),
1983
+ tools: Object.freeze([tool]),
1984
+ policies: Object.freeze([policy]),
1985
+ policyRefs: Object.freeze([{ kind: "tool-provider-execution-policy", id: policy.policyId }]),
1986
+ issues,
1987
+ metadata: Object.freeze({ adapterPack: "process-v0" })
1988
+ });
1989
+ }
1990
+ function httpToolProviderCatalog(opts = {}) {
1991
+ const providerId = opts.providerId ?? "http";
1992
+ const executorId = opts.executorId ?? `${providerId}:tool-executor`;
1993
+ const profileId = opts.profileId ?? `${providerId}:tool-profile`;
1994
+ const allowedOrigins = Object.freeze([...opts.allowedOrigins ?? []]);
1995
+ const allowedMethods = Object.freeze(normalizeMethods(opts.allowedMethods ?? ["GET"]));
1996
+ const maxResponseBytes = Math.max(1, nonNegativeFinite(opts.maxResponseBytes, 64 * 1024));
1997
+ const policy = httpToolProviderExecutionPolicy(providerId, profileId, opts);
1998
+ const issues = Object.freeze([
1999
+ ...allowedOrigins.length === 0 ? [
2000
+ issue(
2001
+ "http-tool-provider-empty-origin-allowlist",
2002
+ "HTTP tool provider has no allowlisted origins and will deny execution.",
2003
+ "warning"
2004
+ )
2005
+ ] : [],
2006
+ ...allowedMethods.length === 0 ? [
2007
+ issue(
2008
+ "http-tool-provider-empty-method-allowlist",
2009
+ "HTTP tool provider has no allowlisted methods and will deny execution."
2010
+ )
2011
+ ] : []
2012
+ ]);
2013
+ const tool = Object.freeze({
2014
+ kind: "tool-catalog-entry",
2015
+ providerId,
2016
+ toolName: "http.fetch",
2017
+ operation: "fetch",
2018
+ inputKind: "tool-call",
2019
+ profileId,
2020
+ executorId,
2021
+ resultKinds: Object.freeze(["http-result"]),
2022
+ capabilities: Object.freeze({
2023
+ origins: allowedOrigins,
2024
+ methods: allowedMethods,
2025
+ maxResponseBytes,
2026
+ asyncRuntime: true
2027
+ }),
2028
+ policyRefs: Object.freeze([{ kind: "tool-provider-execution-policy", id: policy.policyId }])
2029
+ });
2030
+ return Object.freeze({
2031
+ kind: "tool-provider-catalog",
2032
+ providerId,
2033
+ providerKind: "http",
2034
+ status: issues.length === 0 ? "ready" : "misconfigured",
2035
+ profiles: Object.freeze([
2036
+ Object.freeze({
2037
+ profileId,
2038
+ executorId,
2039
+ kind: "tool",
2040
+ acceptedInputKinds: Object.freeze(["tool-call"]),
2041
+ acceptedResultKinds: Object.freeze(["http-result"]),
2042
+ capabilities: Object.freeze({
2043
+ toolNames: Object.freeze([tool.toolName]),
2044
+ asyncRuntime: true
2045
+ }),
2046
+ policyRefs: Object.freeze([
2047
+ { kind: "tool-provider-execution-policy", id: policy.policyId }
2048
+ ])
2049
+ })
2050
+ ]),
2051
+ tools: Object.freeze([tool]),
2052
+ policies: Object.freeze([policy]),
2053
+ policyRefs: Object.freeze([{ kind: "tool-provider-execution-policy", id: policy.policyId }]),
2054
+ issues: issues.length === 0 ? void 0 : issues,
2055
+ metadata: Object.freeze({ adapterPack: "http-v0", asyncRuntime: true })
2056
+ });
2057
+ }
2058
+ function httpToolProviderRuntime(graph, opts) {
2059
+ const name = opts.name ?? "httpToolProviderRuntime";
2060
+ const providerId = opts.providerId ?? "http";
2061
+ const catalog = httpToolProviderCatalog(opts);
2062
+ const outcomes = graph.node([], null, {
2063
+ name: `${name}/outcomes`
2064
+ });
2065
+ const runStatus = graph.node([], null, {
2066
+ name: `${name}/runStatus`
2067
+ });
2068
+ const status = graph.node([], null, { name: `${name}/status` });
2069
+ const issues = graph.node([], null, { name: `${name}/issues` });
2070
+ const audit = graph.node([], null, { name: `${name}/audit` });
2071
+ const inputs = /* @__PURE__ */ new Map();
2072
+ const executions = /* @__PURE__ */ new Set();
2073
+ const active = /* @__PURE__ */ new Set();
2074
+ const config = httpRuntimeConfig(opts);
2075
+ const driver = opts.driver ?? defaultHttpToolProviderDriver(config.maxResponseBytes);
2076
+ const forwardedRunStatusKeys = /* @__PURE__ */ new Set();
2077
+ let auditSeq = 0;
2078
+ let disposed = false;
2079
+ function nowMs() {
2080
+ return opts.now?.();
2081
+ }
2082
+ function publishIssue(nextIssue) {
2083
+ issues.down([["DATA", nextIssue]]);
2084
+ }
2085
+ function publishAudit(kind, subjectId, metadata, issueCode) {
2086
+ auditSeq += 1;
2087
+ audit.down([
2088
+ [
2089
+ "DATA",
2090
+ {
2091
+ id: `${name}:audit:${auditSeq}`,
2092
+ kind,
2093
+ subjectId,
2094
+ ...issueCode === void 0 ? {} : { issueCode },
2095
+ ...metadata === void 0 ? {} : { metadata }
2096
+ }
2097
+ ]
2098
+ ]);
2099
+ }
2100
+ function publishRunStatus(request, nextStatus, statusIssues, outcomeId) {
2101
+ forwardedRunStatusKeys.add(`${request.runId}:${nextStatus}`);
2102
+ runStatus.down([
2103
+ [
2104
+ "DATA",
2105
+ {
2106
+ kind: "tool-provider-adapter-run-status",
2107
+ runId: request.runId,
2108
+ adapterInputId: request.adapterInputId,
2109
+ requestId: request.requestId,
2110
+ operationId: request.operationId,
2111
+ status: nextStatus,
2112
+ attempt: request.attempt,
2113
+ ...outcomeId === void 0 ? {} : { outcomeId },
2114
+ ...statusIssues === void 0 ? {} : { issues: statusIssues },
2115
+ sourceRefs: request.sourceRefs,
2116
+ metadata: Object.freeze({ providerId, reason: request.reason })
2117
+ }
2118
+ ]
2119
+ ]);
2120
+ }
2121
+ function publishRequestStatus(input, nextStatus, statusIssues) {
2122
+ if (input.effectRunId === void 0) return;
2123
+ status.down([
2124
+ [
2125
+ "DATA",
2126
+ {
2127
+ kind: "status",
2128
+ requestId: input.requestId,
2129
+ operationId: input.operationId,
2130
+ effectRunId: input.effectRunId,
2131
+ status: nextStatus,
2132
+ sourceRefs: defaultEvidenceRefs(input),
2133
+ ...statusIssues === void 0 ? {} : { issues: statusIssues },
2134
+ metadata: Object.freeze({
2135
+ adapterInputId: input.adapterInputId,
2136
+ providerId: input.providerId,
2137
+ toolName: input.toolName
2138
+ })
2139
+ }
2140
+ ]
2141
+ ]);
2142
+ }
2143
+ function publishOutcome(input, request, result) {
2144
+ const outcome = buildToolProviderExecutorOutcome(input, result, {
2145
+ runId: request.runId,
2146
+ attempt: request.attempt,
2147
+ occurredAtMs: nowMs(),
2148
+ publicText: opts.publicText
2149
+ });
2150
+ outcomes.down([["DATA", outcome]]);
2151
+ const statusIssues = outcomeIssues(outcome);
2152
+ for (const statusIssue of statusIssues) publishIssue(statusIssue);
2153
+ publishRequestStatus(input, agentStatusForOutcome(outcome), statusIssues);
2154
+ publishRunStatus(request, outcome.kind, statusIssues, outcome.outcomeId);
2155
+ publishAudit("http-tool-provider-runtime-finished", input.requestId, {
2156
+ runId: request.runId,
2157
+ attempt: request.attempt,
2158
+ status: outcome.kind,
2159
+ outcomeId: outcome.outcomeId
2160
+ });
2161
+ }
2162
+ function execute(request) {
2163
+ if (disposed || request.providerId !== void 0 && request.providerId !== providerId) return;
2164
+ const input = inputs.get(request.adapterInputId);
2165
+ if (input === void 0 || input.providerId !== providerId) return;
2166
+ const coordinate = `${request.runId}:${request.adapterInputId}:${request.attempt}`;
2167
+ if (executions.has(coordinate)) return;
2168
+ executions.add(coordinate);
2169
+ publishRunStatus(request, "requested");
2170
+ if (input.status !== "ready") {
2171
+ const inputIssue = issue(
2172
+ "http-tool-provider-input-not-ready",
2173
+ "HTTP tool provider runtime requires a ready adapter input."
2174
+ );
2175
+ publishIssue(inputIssue);
2176
+ publishRunStatus(request, "stale-request", [inputIssue]);
2177
+ publishRequestStatus(input, "blocked", [inputIssue]);
2178
+ return;
2179
+ }
2180
+ if (!requestMatchesInput(request, input)) {
2181
+ const mismatch = issue(
2182
+ "http-tool-provider-run-request-mismatched-input",
2183
+ "HTTP tool provider run request does not match its adapter input."
2184
+ );
2185
+ publishIssue(mismatch);
2186
+ publishRunStatus(request, "mismatched-request", [mismatch]);
2187
+ publishRequestStatus(input, "blocked", [mismatch]);
2188
+ return;
2189
+ }
2190
+ const prepared = prepareHttpRequest(input, config);
2191
+ if (prepared.kind === "blocked") {
2192
+ publishOutcome(input, request, {
2193
+ kind: "blocked",
2194
+ needs: Object.freeze([
2195
+ Object.freeze({
2196
+ kind: prepared.issue.code,
2197
+ message: prepared.issue.message
2198
+ })
2199
+ ]),
2200
+ issues: Object.freeze([prepared.issue]),
2201
+ evidenceRefs: defaultEvidenceRefs(input)
2202
+ });
2203
+ return;
2204
+ }
2205
+ if (config.approvalMode === "never") {
2206
+ publishOutcome(input, request, {
2207
+ kind: "blocked",
2208
+ needs: Object.freeze([
2209
+ Object.freeze({
2210
+ kind: "tool-provider-approval-disabled",
2211
+ message: "HTTP tool provider policy disallows execution."
2212
+ })
2213
+ ]),
2214
+ issues: Object.freeze([
2215
+ issue("http-tool-provider-approval-never", "HTTP tool provider execution is disabled.")
2216
+ ]),
2217
+ evidenceRefs: defaultEvidenceRefs(input)
2218
+ });
2219
+ return;
2220
+ }
2221
+ if (config.approvalMode === "require" && !requestApproved(request)) {
2222
+ publishOutcome(input, request, {
2223
+ kind: "blocked",
2224
+ needs: Object.freeze([
2225
+ Object.freeze({
2226
+ kind: "tool-provider-approval",
2227
+ message: "HTTP tool provider execution requires a visible approval run request."
2228
+ })
2229
+ ]),
2230
+ issues: Object.freeze([
2231
+ issue(
2232
+ "http-tool-provider-approval-required",
2233
+ "HTTP tool provider execution requires approval."
2234
+ )
2235
+ ]),
2236
+ evidenceRefs: defaultEvidenceRefs(input)
2237
+ });
2238
+ return;
2239
+ }
2240
+ const controller = new AbortController();
2241
+ active.add(controller);
2242
+ publishRunStatus(request, "started");
2243
+ publishRequestStatus(input, "in-flight");
2244
+ publishAudit("http-tool-provider-runtime-started", input.requestId, {
2245
+ runId: request.runId,
2246
+ attempt: request.attempt,
2247
+ method: prepared.request.method,
2248
+ origin: new URL(prepared.request.url).origin
2249
+ });
2250
+ const timeout = setTimeout(() => controller.abort(), config.timeoutMs);
2251
+ Promise.resolve(driver.fetch({ ...prepared.request, signal: controller.signal })).then(
2252
+ (response) => {
2253
+ clearTimeout(timeout);
2254
+ active.delete(controller);
2255
+ if (disposed) return;
2256
+ publishOutcome(input, request, httpResponseResult(prepared.request, response, config));
2257
+ },
2258
+ (error) => {
2259
+ clearTimeout(timeout);
2260
+ active.delete(controller);
2261
+ if (disposed) return;
2262
+ publishOutcome(input, request, httpErrorResult(error, config));
2263
+ }
2264
+ );
2265
+ }
2266
+ const unsubscribeInputs = opts.inputs.subscribe((msg) => {
2267
+ if (msg[0] !== "DATA") return;
2268
+ const input = msg[1];
2269
+ if (input.providerId === providerId) inputs.set(input.adapterInputId, input);
2270
+ });
2271
+ const autoRunReadyInputs = opts.autoRunReadyInputs ?? (opts.runRequests === void 0 || opts.runRequests.length === 0);
2272
+ const runProjector = toolProviderAdapterRunProjector(graph, {
2273
+ name: `${name}/runs`,
2274
+ inputs: opts.inputs,
2275
+ runRequests: opts.runRequests,
2276
+ autoRunReadyInputs,
2277
+ now: opts.now
2278
+ });
2279
+ const unsubscribeRunStatus = runProjector.status.subscribe((msg) => {
2280
+ if (msg[0] !== "DATA") return;
2281
+ const nextStatus = msg[1];
2282
+ const statusKey = `${nextStatus.runId}:${nextStatus.status}`;
2283
+ if (forwardedRunStatusKeys.has(statusKey)) return;
2284
+ forwardedRunStatusKeys.add(statusKey);
2285
+ runStatus.down([["DATA", nextStatus]]);
2286
+ });
2287
+ const unsubscribeRunIssues = runProjector.issues.subscribe((msg) => {
2288
+ if (msg[0] === "DATA") publishIssue(msg[1]);
2289
+ });
2290
+ const unsubscribeRunAudit = runProjector.audit.subscribe((msg) => {
2291
+ if (msg[0] === "DATA") audit.down([["DATA", msg[1]]]);
2292
+ });
2293
+ const unsubscribeRunRequests = runProjector.requests.subscribe((msg) => {
2294
+ if (msg[0] === "DATA") execute(msg[1]);
2295
+ });
2296
+ return Object.freeze({
2297
+ catalogs: Object.freeze([catalog]),
2298
+ runRequests: runProjector.requests,
2299
+ runStatus,
2300
+ outcomes,
2301
+ status,
2302
+ issues,
2303
+ audit,
2304
+ dispose() {
2305
+ if (disposed) return;
2306
+ disposed = true;
2307
+ unsubscribeInputs();
2308
+ unsubscribeRunStatus();
2309
+ unsubscribeRunIssues();
2310
+ unsubscribeRunAudit();
2311
+ unsubscribeRunRequests();
2312
+ for (const controller of active) controller.abort();
2313
+ active.clear();
2314
+ }
2315
+ });
2316
+ }
2317
+ function localDateNow(input, ctx, now) {
2318
+ const epochMs = now?.() ?? ctx.now?.() ?? Date.now();
2319
+ return Object.freeze({
2320
+ kind: "result",
2321
+ result: Object.freeze({
2322
+ kind: "json",
2323
+ value: Object.freeze({
2324
+ toolName: "date.now",
2325
+ epochMs,
2326
+ iso: new Date(epochMs).toISOString()
2327
+ }),
2328
+ summary: String(epochMs)
2329
+ }),
2330
+ occurredAtMs: epochMs,
2331
+ evidenceRefs: input.sourceRefs
2332
+ });
2333
+ }
2334
+ function localJsonParse(input, maxTextChars) {
2335
+ const text = input.toolCall?.arguments?.text;
2336
+ if (typeof text !== "string") {
2337
+ return failure(
2338
+ input,
2339
+ "local-json-parse-missing-text",
2340
+ "json.parse requires a string text argument."
2341
+ );
2342
+ }
2343
+ if (text.length > maxTextChars) {
2344
+ return failure(
2345
+ input,
2346
+ "local-json-parse-text-too-large",
2347
+ "json.parse text exceeds maxTextChars."
2348
+ );
2349
+ }
2350
+ try {
2351
+ const value = JSON.parse(text);
2352
+ return Object.freeze({
2353
+ kind: "result",
2354
+ result: Object.freeze({
2355
+ kind: "json",
2356
+ value: Object.freeze({ toolName: "json.parse", value }),
2357
+ summary: "parsed JSON"
2358
+ }),
2359
+ evidenceRefs: input.sourceRefs
2360
+ });
2361
+ } catch {
2362
+ return failure(input, "local-json-parse-invalid-json", "json.parse received invalid JSON.");
2363
+ }
2364
+ }
2365
+ function localTextConcat(input, maxTextChars) {
2366
+ const parts = input.toolCall?.arguments?.parts;
2367
+ if (!Array.isArray(parts)) {
2368
+ return failure(input, "local-text-concat-missing-parts", "text.concat requires a parts array.");
2369
+ }
2370
+ const separator = input.toolCall?.arguments?.separator ?? "";
2371
+ if (typeof separator !== "string") {
2372
+ return failure(
2373
+ input,
2374
+ "local-text-concat-invalid-separator",
2375
+ "text.concat separator must be a string."
2376
+ );
2377
+ }
2378
+ const text = parts.map((part) => String(part)).join(separator);
2379
+ if (text.length > maxTextChars) {
2380
+ return failure(
2381
+ input,
2382
+ "local-text-concat-too-large",
2383
+ "text.concat result exceeds maxTextChars."
2384
+ );
2385
+ }
2386
+ return Object.freeze({
2387
+ kind: "result",
2388
+ result: Object.freeze({
2389
+ kind: "text",
2390
+ value: Object.freeze({ toolName: "text.concat", text }),
2391
+ summary: text
2392
+ }),
2393
+ evidenceRefs: input.sourceRefs
2394
+ });
2395
+ }
2396
+ function processConfig(opts) {
2397
+ const workingDirectory = (0, import_node_path.resolve)(opts.workingDirectory ?? ".");
2398
+ const allowedWorkingDirectories = Object.freeze(
2399
+ (opts.allowedWorkingDirectories ?? [workingDirectory]).map((dir) => (0, import_node_path.resolve)(dir))
2400
+ );
2401
+ const allowed = normalizeAllowedCommands(opts.allowedCommands ?? []);
2402
+ return {
2403
+ allowedCommands: allowed.commands,
2404
+ duplicateCommands: allowed.duplicates,
2405
+ invalidCommands: allowed.invalids,
2406
+ workingDirectory,
2407
+ allowedWorkingDirectories,
2408
+ baseEnv: Object.freeze({ ...opts.baseEnv ?? {} }),
2409
+ allowedEnvKeys: new Set(opts.allowedEnvKeys ?? []),
2410
+ timeoutMs: positiveFinite(opts.timeoutMs, 1e4),
2411
+ maxOutputBytes: Math.max(1, nonNegativeFinite(opts.maxOutputBytes, 64 * 1024)),
2412
+ maxSummaryChars: Math.max(1, nonNegativeFinite(opts.maxSummaryChars, 512))
2413
+ };
2414
+ }
2415
+ function processArguments(input) {
2416
+ const raw = input.toolCall?.arguments;
2417
+ if (!isRecord2(raw) || typeof raw.command !== "string" || raw.command.length === 0) {
2418
+ return void 0;
2419
+ }
2420
+ const rawArgs = raw.args === void 0 ? Object.freeze([]) : stringArray(raw.args);
2421
+ if (rawArgs === void 0) return void 0;
2422
+ if (raw.cwd !== void 0 && typeof raw.cwd !== "string") return void 0;
2423
+ if (raw.input !== void 0 && typeof raw.input !== "string") return void 0;
2424
+ const rawEnv = raw.env === void 0 ? void 0 : processArgumentEnv(raw.env);
2425
+ if (raw.env !== void 0 && rawEnv === void 0) return void 0;
2426
+ return {
2427
+ command: raw.command,
2428
+ args: rawArgs,
2429
+ ...raw.cwd === void 0 ? {} : { cwd: raw.cwd },
2430
+ ...rawEnv === void 0 ? {} : { env: rawEnv },
2431
+ ...raw.input === void 0 ? {} : { input: raw.input }
2432
+ };
2433
+ }
2434
+ function argsAllowed(command, args) {
2435
+ if (command.allowArgs === true) return true;
2436
+ if (typeof command.allowArgs === "function") return command.allowArgs(args);
2437
+ if (command.allowArgs === void 0) return args.length === 0;
2438
+ return arraysEqual(command.allowArgs, args);
2439
+ }
2440
+ function resolveProcessCwd(requestedCwd, command, config) {
2441
+ const rawCwd = command.cwd ?? requestedCwd;
2442
+ const cwd = rawCwd === void 0 ? config.workingDirectory : (0, import_node_path.isAbsolute)(rawCwd) ? (0, import_node_path.resolve)(rawCwd) : (0, import_node_path.resolve)(config.workingDirectory, rawCwd);
2443
+ const realCwd = realpath(cwd);
2444
+ if (realCwd === void 0) return void 0;
2445
+ return config.allowedWorkingDirectories.some((allowed) => {
2446
+ const realAllowed = realpath(allowed);
2447
+ return realAllowed !== void 0 && isPathInside(realCwd, realAllowed);
2448
+ }) ? cwd : void 0;
2449
+ }
2450
+ function processEnv(inputEnv, config) {
2451
+ const env = { ...config.baseEnv };
2452
+ for (const [key, value] of Object.entries(inputEnv ?? {})) {
2453
+ if (!config.allowedEnvKeys.has(key)) return void 0;
2454
+ if (value !== void 0) env[key] = String(value);
2455
+ }
2456
+ return Object.freeze(env);
2457
+ }
2458
+ function processArgumentEnv(value) {
2459
+ if (!isRecord2(value)) return void 0;
2460
+ const env = {};
2461
+ for (const [key, entry] of Object.entries(value)) {
2462
+ if (entry !== void 0 && typeof entry !== "string" && typeof entry !== "number" && typeof entry !== "boolean") {
2463
+ return void 0;
2464
+ }
2465
+ env[key] = entry;
2466
+ }
2467
+ return Object.freeze(env);
2468
+ }
2469
+ function runProcessTool(input, allowed, args, cwd, env, config) {
2470
+ const executable = allowed.executable ?? args.command;
2471
+ const argv = Object.freeze([...allowed.fixedArgs ?? [], ...args.args]);
2472
+ const result = (0, import_node_child_process.spawnSync)(executable, argv, {
2473
+ cwd,
2474
+ env,
2475
+ input: args.input,
2476
+ encoding: "buffer",
2477
+ shell: false,
2478
+ timeout: config.timeoutMs,
2479
+ maxBuffer: config.maxOutputBytes + 1
2480
+ });
2481
+ const stdout = result.stdout ?? Buffer.alloc(0);
2482
+ const stderr = result.stderr ?? Buffer.alloc(0);
2483
+ const truncated = stdout.length + stderr.length > config.maxOutputBytes;
2484
+ if (result.error !== void 0 && isTimeoutError(result.error)) {
2485
+ return Object.freeze({
2486
+ kind: "timeout",
2487
+ timeoutMs: config.timeoutMs,
2488
+ retryable: true,
2489
+ evidenceRefs: input.sourceRefs
2490
+ });
2491
+ }
2492
+ if (result.error !== void 0 || truncated) {
2493
+ return failure(
2494
+ input,
2495
+ truncated || isOutputLimitError(result.error) ? "process-output-limit-exceeded" : "process-spawn-failed",
2496
+ truncated || isOutputLimitError(result.error) ? "Process output exceeded maxOutputBytes." : "Process execution failed before producing an exit result."
2497
+ );
2498
+ }
2499
+ const value = processResult(
2500
+ args.command,
2501
+ argv,
2502
+ cwd,
2503
+ result.status,
2504
+ result.signal,
2505
+ stdout,
2506
+ stderr,
2507
+ config
2508
+ );
2509
+ if ((result.status ?? 1) !== 0) {
2510
+ return Object.freeze({
2511
+ kind: "failure",
2512
+ error: issue("process-exit-nonzero", "Process exited with a non-zero status.", "error", {
2513
+ exitCode: result.status,
2514
+ signal: result.signal ?? void 0
2515
+ }),
2516
+ retryable: false,
2517
+ evidenceRefs: input.sourceRefs,
2518
+ metadata: Object.freeze({
2519
+ command: args.command,
2520
+ exitCode: result.status,
2521
+ signal: result.signal ?? void 0,
2522
+ outputBytes: value.outputBytes,
2523
+ errorOutputBytes: value.errorOutputBytes
2524
+ })
2525
+ });
2526
+ }
2527
+ return Object.freeze({
2528
+ kind: "result",
2529
+ result: Object.freeze({
2530
+ kind: "process-result",
2531
+ value,
2532
+ summary: value.outputPreview ?? `process exited ${value.exitCode ?? 0}`,
2533
+ artifacts: processArtifacts(stdout, stderr, config, input.sourceRefs)
2534
+ }),
2535
+ evidenceRefs: input.sourceRefs
2536
+ });
2537
+ }
2538
+ function processResult(command, args, cwd, exitCode, signal, stdout, stderr, config) {
2539
+ return Object.freeze({
2540
+ command,
2541
+ args,
2542
+ cwd,
2543
+ exitCode,
2544
+ ...signal === null ? {} : { signal },
2545
+ outputPreview: preview(stdout, config.maxSummaryChars),
2546
+ errorPreview: preview(stderr, config.maxSummaryChars),
2547
+ outputBytes: stdout.length,
2548
+ errorOutputBytes: stderr.length,
2549
+ truncated: false
2550
+ });
2551
+ }
2552
+ function processArtifacts(stdout, stderr, config, sourceRefs) {
2553
+ const artifacts = [
2554
+ processTextArtifact("process-stdout", stdout, config, sourceRefs),
2555
+ processTextArtifact("process-stderr", stderr, config, sourceRefs)
2556
+ ].filter((artifact) => artifact !== void 0);
2557
+ return artifacts.length === 0 ? void 0 : Object.freeze(artifacts);
2558
+ }
2559
+ function processTextArtifact(kind, bytes, config, sourceRefs) {
2560
+ if (bytes.length === 0) return void 0;
2561
+ const text = bytes.toString("utf8");
2562
+ const inline = text.length <= config.maxSummaryChars;
2563
+ return Object.freeze({
2564
+ kind,
2565
+ format: "text",
2566
+ mediaType: "text/plain",
2567
+ encoding: "utf8",
2568
+ byteLength: bytes.length,
2569
+ dataMode: inline ? "inline" : "summary",
2570
+ summary: preview(bytes, config.maxSummaryChars),
2571
+ ...inline ? { value: text } : {},
2572
+ ...sourceRefs === void 0 ? {} : { sourceRefs },
2573
+ sizeEvidence: Object.freeze([
2574
+ sizeEvidence(bytes.length, "adapter-measured-process-output", sourceRefs)
2575
+ ])
2576
+ });
2577
+ }
2578
+ function processToolProviderExecutionPolicy(providerId, profileId, opts) {
2579
+ const maxOutputBytes = Math.max(1, nonNegativeFinite(opts.maxOutputBytes, 64 * 1024));
2580
+ return Object.freeze({
2581
+ kind: "tool-provider-execution-policy",
2582
+ policyId: `${providerId}:policy:process-v0`,
2583
+ providerId,
2584
+ profileIds: Object.freeze([profileId]),
2585
+ toolNames: Object.freeze(["process.execFile"]),
2586
+ operations: Object.freeze(["run"]),
2587
+ sizeCapacity: Object.freeze({
2588
+ limits: Object.freeze([
2589
+ Object.freeze({
2590
+ unit: "bytes",
2591
+ hardLimit: maxOutputBytes,
2592
+ perRequest: true,
2593
+ measurementSource: "adapter-measured"
2594
+ })
2595
+ ])
2596
+ }),
2597
+ timeout: Object.freeze({ timeoutMs: positiveFinite(opts.timeoutMs, 1e4) }),
2598
+ redaction: Object.freeze({
2599
+ mode: "summary",
2600
+ summaryMaxChars: nonNegativeFinite(opts.maxSummaryChars, 512)
2601
+ }),
2602
+ filesystem: Object.freeze({
2603
+ cwd: opts.workingDirectory ?? ".",
2604
+ allowRead: false,
2605
+ allowWrite: false,
2606
+ followSymlinks: false,
2607
+ pathRules: Object.freeze(
2608
+ (opts.allowedWorkingDirectories ?? [opts.workingDirectory ?? "."]).map(
2609
+ (path) => Object.freeze({
2610
+ effect: "allow",
2611
+ path,
2612
+ operation: "run",
2613
+ reason: "Process adapter cwd allowlist."
2614
+ })
2615
+ )
2616
+ )
2617
+ }),
2618
+ approval: Object.freeze({ mode: "auto" }),
2619
+ metadata: Object.freeze({
2620
+ argv: true,
2621
+ shell: false,
2622
+ allowedEnvKeys: Object.freeze([...opts.allowedEnvKeys ?? []])
2623
+ })
2624
+ });
2625
+ }
2626
+ function httpRuntimeConfig(opts) {
2627
+ return {
2628
+ allowedOrigins: new Set(opts.allowedOrigins ?? []),
2629
+ allowedMethods: new Set(normalizeMethods(opts.allowedMethods ?? ["GET"])),
2630
+ allowedRequestHeaders: new Set(normalizeHeaderNames(opts.allowedRequestHeaders ?? [])),
2631
+ exposedResponseHeaders: new Set(normalizeHeaderNames(opts.exposedResponseHeaders ?? [])),
2632
+ timeoutMs: positiveFinite(opts.timeoutMs, 1e4),
2633
+ maxResponseBytes: Math.max(1, nonNegativeFinite(opts.maxResponseBytes, 64 * 1024)),
2634
+ maxInlineBodyChars: Math.max(1, nonNegativeFinite(opts.maxInlineBodyChars, 4096)),
2635
+ approvalMode: opts.approvalMode ?? "auto"
2636
+ };
2637
+ }
2638
+ function httpToolProviderExecutionPolicy(providerId, profileId, opts) {
2639
+ const allowedOrigins = Object.freeze([...opts.allowedOrigins ?? []]);
2640
+ const allowedMethods = Object.freeze(normalizeMethods(opts.allowedMethods ?? ["GET"]));
2641
+ const maxResponseBytes = Math.max(1, nonNegativeFinite(opts.maxResponseBytes, 64 * 1024));
2642
+ return Object.freeze({
2643
+ kind: "tool-provider-execution-policy",
2644
+ policyId: `${providerId}:policy:http-v0`,
2645
+ providerId,
2646
+ profileIds: Object.freeze([profileId]),
2647
+ toolNames: Object.freeze(["http.fetch"]),
2648
+ operations: Object.freeze(["fetch"]),
2649
+ sizeCapacity: Object.freeze({
2650
+ limits: Object.freeze([
2651
+ Object.freeze({
2652
+ unit: "bytes",
2653
+ hardLimit: maxResponseBytes,
2654
+ perRequest: true,
2655
+ measurementSource: "adapter-measured-response-body"
2656
+ })
2657
+ ])
2658
+ }),
2659
+ timeout: Object.freeze({ timeoutMs: positiveFinite(opts.timeoutMs, 1e4) }),
2660
+ redaction: Object.freeze({
2661
+ mode: "summary",
2662
+ summaryMaxChars: nonNegativeFinite(opts.maxInlineBodyChars, 4096)
2663
+ }),
2664
+ network: Object.freeze({
2665
+ mode: "allowlist",
2666
+ protocols: Object.freeze(["http:", "https:"]),
2667
+ allowedHosts: allowedOrigins,
2668
+ metadata: Object.freeze({ allowlistKind: "origin" })
2669
+ }),
2670
+ approval: Object.freeze({ mode: opts.approvalMode ?? "auto" }),
2671
+ artifacts: Object.freeze({
2672
+ defaultDataMode: "summary",
2673
+ inlineLimits: Object.freeze([
2674
+ Object.freeze({
2675
+ unit: "chars",
2676
+ hardLimit: Math.max(1, nonNegativeFinite(opts.maxInlineBodyChars, 4096)),
2677
+ perArtifact: true,
2678
+ measurementSource: "js-string-length"
2679
+ })
2680
+ ]),
2681
+ artifactKinds: Object.freeze(["http-response-body"])
2682
+ }),
2683
+ metadata: Object.freeze({
2684
+ allowedOrigins,
2685
+ allowedMethods,
2686
+ allowedRequestHeaders: Object.freeze([...opts.allowedRequestHeaders ?? []]),
2687
+ exposedResponseHeaders: Object.freeze([...opts.exposedResponseHeaders ?? []]),
2688
+ asyncRuntime: true
2689
+ })
2690
+ });
2691
+ }
2692
+ function prepareHttpRequest(input, config) {
2693
+ const raw = input.toolCall?.arguments;
2694
+ if (!isRecord2(raw) || typeof raw.url !== "string") {
2695
+ return {
2696
+ kind: "blocked",
2697
+ issue: issue("http-invalid-arguments", "http.fetch requires a string url argument.")
2698
+ };
2699
+ }
2700
+ let url;
2701
+ try {
2702
+ url = new URL(raw.url);
2703
+ } catch {
2704
+ return { kind: "blocked", issue: issue("http-invalid-url", "http.fetch url is invalid.") };
2705
+ }
2706
+ if (url.protocol !== "http:" && url.protocol !== "https:") {
2707
+ return {
2708
+ kind: "blocked",
2709
+ issue: issue("http-protocol-not-allowed", "http.fetch only allows http and https URLs.")
2710
+ };
2711
+ }
2712
+ if (!config.allowedOrigins.has(url.origin)) {
2713
+ return {
2714
+ kind: "blocked",
2715
+ issue: issue("http-origin-not-allowed", "http.fetch origin is not allowlisted.")
2716
+ };
2717
+ }
2718
+ const method = normalizeMethod(raw.method ?? "GET");
2719
+ if (method === void 0 || !config.allowedMethods.has(method)) {
2720
+ return {
2721
+ kind: "blocked",
2722
+ issue: issue("http-method-not-allowed", "http.fetch method is not allowlisted.")
2723
+ };
2724
+ }
2725
+ if (raw.body !== void 0 && typeof raw.body !== "string") {
2726
+ return {
2727
+ kind: "blocked",
2728
+ issue: issue("http-invalid-body", "http.fetch body must be a string when provided.")
2729
+ };
2730
+ }
2731
+ const headers = httpArgumentHeaders(raw.headers, config);
2732
+ if (headers === void 0) {
2733
+ return {
2734
+ kind: "blocked",
2735
+ issue: issue("http-request-header-not-allowed", "http.fetch header is not allowlisted.")
2736
+ };
2737
+ }
2738
+ return {
2739
+ kind: "ready",
2740
+ request: Object.freeze({
2741
+ url: url.toString(),
2742
+ method,
2743
+ headers,
2744
+ ...raw.body === void 0 ? {} : { body: raw.body }
2745
+ })
2746
+ };
2747
+ }
2748
+ function httpArgumentHeaders(value, config) {
2749
+ if (value === void 0) return Object.freeze({});
2750
+ if (!isRecord2(value)) return void 0;
2751
+ const headers = {};
2752
+ for (const [key, entry] of Object.entries(value)) {
2753
+ const normalized = key.toLowerCase();
2754
+ if (!config.allowedRequestHeaders.has(normalized)) return void 0;
2755
+ if (entry !== void 0 && typeof entry !== "string" && typeof entry !== "number" && typeof entry !== "boolean") {
2756
+ return void 0;
2757
+ }
2758
+ if (entry !== void 0) headers[key] = String(entry);
2759
+ }
2760
+ return Object.freeze(headers);
2761
+ }
2762
+ function httpResponseResult(request, response, config) {
2763
+ const hasInlineBody = response.bodyText !== void 0;
2764
+ const bodyText = response.bodyText ?? "";
2765
+ const bodyBytes = response.bodyBytes ?? textBytes(bodyText);
2766
+ const hasBodyRef = response.bodyRef !== void 0;
2767
+ if (bodyBytes > config.maxResponseBytes && !hasBodyRef) {
2768
+ return {
2769
+ kind: "failure",
2770
+ error: issue("http-response-too-large", "HTTP response body exceeded maxResponseBytes."),
2771
+ retryable: false,
2772
+ metadata: Object.freeze({ bodyBytes, maxResponseBytes: config.maxResponseBytes })
2773
+ };
2774
+ }
2775
+ const inline = hasInlineBody && bodyBytes <= config.maxResponseBytes && bodyText.length <= config.maxInlineBodyChars;
2776
+ const result = Object.freeze({
2777
+ url: response.url ?? request.url,
2778
+ method: request.method,
2779
+ status: response.status,
2780
+ statusText: response.statusText ?? "",
2781
+ headers: filterResponseHeaders(response.headers, config.exposedResponseHeaders),
2782
+ bodyPreview: hasInlineBody ? previewText(bodyText, config.maxInlineBodyChars) : void 0,
2783
+ ...inline ? { bodyText } : {},
2784
+ bodyBytes,
2785
+ bodyTruncated: bodyBytes > config.maxResponseBytes || bodyText.length > config.maxInlineBodyChars,
2786
+ dataMode: inline ? "inline" : hasBodyRef ? "ref" : "summary",
2787
+ ...response.bodyRef === void 0 ? {} : { bodyRef: response.bodyRef }
2788
+ });
2789
+ return {
2790
+ kind: "result",
2791
+ result: Object.freeze({
2792
+ kind: "http-result",
2793
+ value: result,
2794
+ summary: `${request.method} ${response.status} ${response.url ?? request.url}`,
2795
+ refs: response.bodyRef === void 0 ? void 0 : Object.freeze([response.bodyRef]),
2796
+ artifacts: Object.freeze([httpBodyArtifact(result, response.bodyRef)])
2797
+ }),
2798
+ issues: !inline && !hasBodyRef ? Object.freeze([
2799
+ issue(
2800
+ "http-response-body-summary-only",
2801
+ "HTTP response body was summarized without a durable body ref.",
2802
+ "warning"
2803
+ )
2804
+ ]) : void 0,
2805
+ metadata: Object.freeze({ status: response.status, bodyBytes })
2806
+ };
2807
+ }
2808
+ function httpBodyArtifact(result, bodyRef) {
2809
+ return Object.freeze({
2810
+ kind: "http-response-body",
2811
+ format: "text",
2812
+ byteLength: result.bodyBytes,
2813
+ dataMode: result.dataMode,
2814
+ ...result.bodyPreview === void 0 ? {} : { summary: result.bodyPreview },
2815
+ ...result.dataMode === "inline" && result.bodyText !== void 0 ? { value: result.bodyText } : {},
2816
+ ...bodyRef === void 0 ? {} : { ref: bodyRef, refs: Object.freeze([bodyRef]) },
2817
+ sizeEvidence: Object.freeze([
2818
+ sizeEvidence(result.bodyBytes, "adapter-measured-http-response-body", void 0)
2819
+ ])
2820
+ });
2821
+ }
2822
+ function httpErrorResult(error, config) {
2823
+ const aborted = error instanceof Error && error.name === "AbortError";
2824
+ if (aborted) {
2825
+ return { kind: "timeout", timeoutMs: config.timeoutMs, retryable: true };
2826
+ }
2827
+ return {
2828
+ kind: "failure",
2829
+ error: issue("http-fetch-failed", "HTTP fetch failed before producing a response."),
2830
+ retryable: true,
2831
+ metadata: Object.freeze({ errorType: error instanceof Error ? error.name : typeof error })
2832
+ };
2833
+ }
2834
+ function defaultHttpToolProviderDriver(maxResponseBytes) {
2835
+ return Object.freeze({
2836
+ fetch(request) {
2837
+ const fetchImpl = globalThis.fetch;
2838
+ if (typeof fetchImpl !== "function") {
2839
+ throw new Error("global fetch is unavailable");
2840
+ }
2841
+ return fetchImpl(request.url, {
2842
+ method: request.method,
2843
+ headers: request.headers,
2844
+ body: request.body,
2845
+ redirect: "manual",
2846
+ signal: request.signal
2847
+ }).then(
2848
+ (response) => readResponseBody(response, maxResponseBytes).then(
2849
+ (body) => Object.freeze({
2850
+ url: response.url,
2851
+ status: response.status,
2852
+ statusText: response.statusText,
2853
+ headers: responseHeaders(response.headers),
2854
+ bodyText: body.text,
2855
+ bodyBytes: body.bytes
2856
+ })
2857
+ )
2858
+ );
2859
+ }
2860
+ });
2861
+ }
2862
+ function readResponseBody(response, maxBytes) {
2863
+ const body = response.body;
2864
+ if (body === null) return Promise.resolve({ text: "", bytes: 0 });
2865
+ const reader = body.getReader();
2866
+ const decoder = new TextDecoder();
2867
+ const chunks = [];
2868
+ let bytes = 0;
2869
+ function pump() {
2870
+ return reader.read().then((next) => {
2871
+ if (next.done) {
2872
+ chunks.push(decoder.decode());
2873
+ return { text: chunks.join(""), bytes };
2874
+ }
2875
+ bytes += next.value.byteLength;
2876
+ if (bytes > maxBytes) {
2877
+ reader.cancel().catch(() => {
2878
+ });
2879
+ return { text: chunks.join(""), bytes };
2880
+ }
2881
+ chunks.push(decoder.decode(next.value, { stream: true }));
2882
+ return pump();
2883
+ });
2884
+ }
2885
+ return pump();
2886
+ }
2887
+ function responseHeaders(headers) {
2888
+ const out = {};
2889
+ headers.forEach((value, key) => {
2890
+ out[key] = value;
2891
+ });
2892
+ return Object.freeze(out);
2893
+ }
2894
+ function filterResponseHeaders(headers, exposed) {
2895
+ if (headers === void 0 || exposed.size === 0) return void 0;
2896
+ const out = {};
2897
+ for (const [key, value] of Object.entries(headers)) {
2898
+ if (exposed.has(key.toLowerCase())) out[key] = value;
2899
+ }
2900
+ return Object.keys(out).length === 0 ? void 0 : Object.freeze(out);
2901
+ }
2902
+ function requestMatchesInput(request, input) {
2903
+ return request.adapterInputId === input.adapterInputId && request.requestId === input.requestId && request.operationId === input.operationId && (request.routeId === void 0 || request.routeId === input.routeId) && (request.executorId === void 0 || request.executorId === input.executorId) && (request.profileId === void 0 || request.profileId === input.profileId);
2904
+ }
2905
+ function requestApproved(request) {
2906
+ const metadata = request.metadata;
2907
+ return isRecord2(metadata) && (metadata.approval === "granted" || metadata.approvalGranted === true || isAdmissionApprovedMetadata(metadata) && hasAdmissionSourceRef(request.sourceRefs));
2908
+ }
2909
+ function isAdmissionApprovedMetadata(metadata) {
2910
+ return typeof metadata.admissionId === "string" && metadata.admissionId.length > 0 && typeof metadata.proposalId === "string" && metadata.proposalId.length > 0 && typeof metadata.approvedFromRunId === "string" && metadata.approvedFromRunId.length > 0;
2911
+ }
2912
+ function hasAdmissionSourceRef(sourceRefs) {
2913
+ return (sourceRefs ?? []).some(
2914
+ (sourceRef) => sourceRef.kind === "tool-provider-run-admission" || sourceRef.kind === "tool-provider-run-admission-decision"
2915
+ );
2916
+ }
2917
+ function defaultEvidenceRefs(input) {
2918
+ return Object.freeze([
2919
+ { kind: "tool-provider-adapter-input", id: input.adapterInputId },
2920
+ ...input.sourceRefs ?? []
2921
+ ]);
2922
+ }
2923
+ function outcomeIssues(outcome) {
2924
+ if (outcome.kind === "failure") return Object.freeze([outcome.error, ...outcome.issues ?? []]);
2925
+ return outcome.issues ?? [];
2926
+ }
2927
+ function agentStatusForOutcome(outcome) {
2928
+ switch (outcome.kind) {
2929
+ case "result":
2930
+ return "completed";
2931
+ case "failure":
2932
+ return "failed";
2933
+ case "blocked":
2934
+ return "blocked";
2935
+ case "canceled":
2936
+ return "canceled";
2937
+ case "timeout":
2938
+ return "timeout";
2939
+ }
2940
+ }
2941
+ function normalizeMethods(methods) {
2942
+ return Object.freeze(
2943
+ methods.map((method) => normalizeMethod(method)).filter((method) => method !== void 0)
2944
+ );
2945
+ }
2946
+ function normalizeMethod(method) {
2947
+ return typeof method === "string" && method.length > 0 ? method.toUpperCase() : void 0;
2948
+ }
2949
+ function normalizeHeaderNames(headers) {
2950
+ return Object.freeze(
2951
+ headers.filter((header) => typeof header === "string" && header.length > 0).map((header) => header.toLowerCase())
2952
+ );
2953
+ }
2954
+ function textBytes(text) {
2955
+ return new TextEncoder().encode(text).byteLength;
2956
+ }
2957
+ function previewText(text, maxChars) {
2958
+ if (text.length === 0) return void 0;
2959
+ return text.length <= maxChars ? text : text.slice(0, maxChars);
2960
+ }
2961
+ function blocked(input, code, message) {
2962
+ return Object.freeze({
2963
+ kind: "blocked",
2964
+ needs: Object.freeze([
2965
+ Object.freeze({
2966
+ kind: code,
2967
+ message,
2968
+ refs: input.providerId === void 0 ? void 0 : Object.freeze([{ kind: "tool-provider", id: input.providerId }])
2969
+ })
2970
+ ]),
2971
+ issues: Object.freeze([issue(code, message, "error")]),
2972
+ evidenceRefs: input.sourceRefs
2973
+ });
2974
+ }
2975
+ function failure(input, code, message) {
2976
+ return Object.freeze({
2977
+ kind: "failure",
2978
+ error: issue(code, message, "error"),
2979
+ retryable: false,
2980
+ evidenceRefs: input.sourceRefs
2981
+ });
2982
+ }
2983
+ function issue(code, message, severity = "error", details) {
2984
+ return Object.freeze({
2985
+ kind: "issue",
2986
+ code,
2987
+ message,
2988
+ severity,
2989
+ ...details === void 0 ? {} : { details }
2990
+ });
2991
+ }
2992
+ function sizeEvidence(quantity, measurementSource, sourceRefs) {
2993
+ return Object.freeze({
2994
+ kind: "size-capacity-evidence",
2995
+ unit: "bytes",
2996
+ quantity,
2997
+ measurementSource,
2998
+ ...sourceRefs === void 0 ? {} : { sourceRefs }
2999
+ });
3000
+ }
3001
+ function nonNegativeFinite(value, fallback) {
3002
+ return typeof value === "number" && Number.isFinite(value) && value >= 0 ? value : fallback;
3003
+ }
3004
+ function positiveFinite(value, fallback) {
3005
+ return typeof value === "number" && Number.isFinite(value) && value > 0 ? value : fallback;
3006
+ }
3007
+ function isRecord2(value) {
3008
+ return typeof value === "object" && value !== null && !Array.isArray(value);
3009
+ }
3010
+ function stringArray(value) {
3011
+ if (!Array.isArray(value)) return void 0;
3012
+ const entries = Array.from(value);
3013
+ if (!entries.every((entry) => typeof entry === "string")) return void 0;
3014
+ return Object.freeze(entries);
3015
+ }
3016
+ function arraysEqual(a, b) {
3017
+ return a.length === b.length && a.every((value, index) => value === b[index]);
3018
+ }
3019
+ function normalizeAllowedCommands(commands) {
3020
+ const out = /* @__PURE__ */ new Map();
3021
+ const duplicates = /* @__PURE__ */ new Set();
3022
+ const invalids = /* @__PURE__ */ new Set();
3023
+ for (const command of commands) {
3024
+ if (typeof command.command !== "string" || command.command.length === 0) {
3025
+ invalids.add("<invalid-command>");
3026
+ continue;
3027
+ }
3028
+ const frozen = freezeAllowedCommand(command);
3029
+ if (frozen === void 0) {
3030
+ out.delete(command.command);
3031
+ invalids.add(command.command);
3032
+ continue;
3033
+ }
3034
+ if (out.has(command.command)) {
3035
+ out.delete(command.command);
3036
+ duplicates.add(command.command);
3037
+ continue;
3038
+ }
3039
+ if (duplicates.has(command.command) || invalids.has(command.command)) continue;
3040
+ out.set(command.command, frozen);
3041
+ }
3042
+ return { commands: out, duplicates, invalids };
3043
+ }
3044
+ function freezeAllowedCommand(command) {
3045
+ const fixedArgs = command.fixedArgs === void 0 ? void 0 : stringArray(command.fixedArgs);
3046
+ if (command.fixedArgs !== void 0 && fixedArgs === void 0) return void 0;
3047
+ const allowArgs = Array.isArray(command.allowArgs) ? stringArray(command.allowArgs) : command.allowArgs;
3048
+ if (Array.isArray(command.allowArgs) && allowArgs === void 0) return void 0;
3049
+ return Object.freeze({
3050
+ command: command.command,
3051
+ ...command.executable === void 0 ? {} : { executable: command.executable },
3052
+ ...fixedArgs === void 0 ? {} : { fixedArgs },
3053
+ ...allowArgs === void 0 ? {} : { allowArgs },
3054
+ ...command.cwd === void 0 ? {} : { cwd: command.cwd }
3055
+ });
3056
+ }
3057
+ function realpath(path) {
3058
+ try {
3059
+ return import_node_fs.realpathSync.native(path);
3060
+ } catch {
3061
+ return void 0;
3062
+ }
3063
+ }
3064
+ function isPathInside(path, root) {
3065
+ const normalizedPath = (0, import_node_path.resolve)(path);
3066
+ const normalizedRoot = (0, import_node_path.resolve)(root);
3067
+ const rel = (0, import_node_path.relative)(normalizedRoot, normalizedPath);
3068
+ return rel === "" || rel.length > 0 && !rel.startsWith("..") && !(0, import_node_path.isAbsolute)(rel);
3069
+ }
3070
+ function isTimeoutError(error) {
3071
+ return error.code === "ETIMEDOUT";
3072
+ }
3073
+ function isOutputLimitError(error) {
3074
+ return error?.code === "ENOBUFS";
3075
+ }
3076
+ function preview(buffer, maxChars) {
3077
+ if (buffer.length === 0) return void 0;
3078
+ const text = buffer.toString("utf8");
3079
+ return text.length <= maxChars ? text : text.slice(0, maxChars);
3080
+ }
3081
+ // Annotate the CommonJS export names for ESM import in node:
3082
+ 0 && (module.exports = {
3083
+ httpToolProviderCatalog,
3084
+ httpToolProviderRuntime,
3085
+ localBuiltinToolProviderAdapterPack,
3086
+ localBuiltinToolProviderBinding,
3087
+ processToolProviderAdapterPack,
3088
+ processToolProviderBinding,
3089
+ processToolProviderCatalog
3090
+ });
3091
+ //# sourceMappingURL=tool-provider-adapters.cjs.map