npm - @illuma-ai/agents - Versions diffs - 1.3.2 → 1.4.0-alpha.0 - Mend

@illuma-ai/agents 1.3.2 → 1.4.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (353) hide show

package/dist/cjs/graphs/Graph.cjs +3 -18
package/dist/cjs/graphs/Graph.cjs.map +1 -1
package/dist/cjs/llm/openai/index.cjs +3 -0
package/dist/cjs/llm/openai/index.cjs.map +1 -1
package/dist/cjs/main.cjs +58 -0
package/dist/cjs/main.cjs.map +1 -1
package/dist/cjs/providers/a2a/A2ACapabilityProvider.cjs +288 -0
package/dist/cjs/providers/a2a/A2ACapabilityProvider.cjs.map +1 -0
package/dist/cjs/providers/a2a/client.cjs +92 -0
package/dist/cjs/providers/a2a/client.cjs.map +1 -0
package/dist/cjs/providers/a2a/config.cjs +38 -0
package/dist/cjs/providers/a2a/config.cjs.map +1 -0
package/dist/cjs/providers/capabilityNaming.cjs +43 -0
package/dist/cjs/providers/capabilityNaming.cjs.map +1 -0
package/dist/cjs/providers/composite/CompositeCapabilityProvider.cjs +80 -0
package/dist/cjs/providers/composite/CompositeCapabilityProvider.cjs.map +1 -0
package/dist/cjs/providers/mcp/MCPCapabilityProvider.cjs +244 -0
package/dist/cjs/providers/mcp/MCPCapabilityProvider.cjs.map +1 -0
package/dist/cjs/providers/mcp/config.cjs +42 -0
package/dist/cjs/providers/mcp/config.cjs.map +1 -0
package/dist/cjs/providers/mcp/transport.cjs +65 -0
package/dist/cjs/providers/mcp/transport.cjs.map +1 -0
package/dist/cjs/providers/tools-server/ToolsServerCapabilityProvider.cjs +121 -0
package/dist/cjs/providers/tools-server/ToolsServerCapabilityProvider.cjs.map +1 -0
package/dist/cjs/providers/types.cjs +51 -0
package/dist/cjs/providers/types.cjs.map +1 -0
package/dist/cjs/tools/ToolNode.cjs +3 -0
package/dist/cjs/tools/ToolNode.cjs.map +1 -1
package/dist/cjs/tools/proxyTool.cjs +100 -0
package/dist/cjs/tools/proxyTool.cjs.map +1 -0
package/dist/cjs/utils/credentials.cjs +142 -0
package/dist/cjs/utils/credentials.cjs.map +1 -0
package/dist/cjs/utils/httpClient.cjs +74 -0
package/dist/cjs/utils/httpClient.cjs.map +1 -0
package/dist/cjs/utils/toolManifest.cjs +100 -0
package/dist/cjs/utils/toolManifest.cjs.map +1 -0
package/dist/esm/graphs/Graph.mjs +3 -18
package/dist/esm/graphs/Graph.mjs.map +1 -1
package/dist/esm/llm/openai/index.mjs +3 -0
package/dist/esm/llm/openai/index.mjs.map +1 -1
package/dist/esm/main.mjs +14 -0
package/dist/esm/main.mjs.map +1 -1
package/dist/esm/providers/a2a/A2ACapabilityProvider.mjs +281 -0
package/dist/esm/providers/a2a/A2ACapabilityProvider.mjs.map +1 -0
package/dist/esm/providers/a2a/client.mjs +88 -0
package/dist/esm/providers/a2a/client.mjs.map +1 -0
package/dist/esm/providers/a2a/config.mjs +35 -0
package/dist/esm/providers/a2a/config.mjs.map +1 -0
package/dist/esm/providers/capabilityNaming.mjs +39 -0
package/dist/esm/providers/capabilityNaming.mjs.map +1 -0
package/dist/esm/providers/composite/CompositeCapabilityProvider.mjs +78 -0
package/dist/esm/providers/composite/CompositeCapabilityProvider.mjs.map +1 -0
package/dist/esm/providers/mcp/MCPCapabilityProvider.mjs +240 -0
package/dist/esm/providers/mcp/MCPCapabilityProvider.mjs.map +1 -0
package/dist/esm/providers/mcp/config.mjs +39 -0
package/dist/esm/providers/mcp/config.mjs.map +1 -0
package/dist/esm/providers/mcp/transport.mjs +63 -0
package/dist/esm/providers/mcp/transport.mjs.map +1 -0
package/dist/esm/providers/tools-server/ToolsServerCapabilityProvider.mjs +119 -0
package/dist/esm/providers/tools-server/ToolsServerCapabilityProvider.mjs.map +1 -0
package/dist/esm/providers/types.mjs +51 -0
package/dist/esm/providers/types.mjs.map +1 -0
package/dist/esm/tools/ToolNode.mjs +3 -0
package/dist/esm/tools/ToolNode.mjs.map +1 -1
package/dist/esm/tools/proxyTool.mjs +98 -0
package/dist/esm/tools/proxyTool.mjs.map +1 -0
package/dist/esm/utils/credentials.mjs +135 -0
package/dist/esm/utils/credentials.mjs.map +1 -0
package/dist/esm/utils/httpClient.mjs +70 -0
package/dist/esm/utils/httpClient.mjs.map +1 -0
package/dist/esm/utils/toolManifest.mjs +96 -0
package/dist/esm/utils/toolManifest.mjs.map +1 -0
package/dist/types/index.d.ts +2 -0
package/dist/types/providers/a2a/A2ACapabilityProvider.d.ts +89 -0
package/dist/types/providers/a2a/client.d.ts +47 -0
package/dist/types/providers/a2a/config.d.ts +18 -0
package/dist/types/providers/a2a/index.d.ts +6 -0
package/dist/types/providers/a2a/types.d.ts +173 -0
package/dist/types/providers/capabilityNaming.d.ts +25 -0
package/dist/types/providers/composite/CompositeCapabilityProvider.d.ts +22 -0
package/dist/types/providers/composite/index.d.ts +1 -0
package/dist/types/providers/index.d.ts +13 -0
package/dist/types/providers/mcp/MCPCapabilityProvider.d.ts +54 -0
package/dist/types/providers/mcp/config.d.ts +20 -0
package/dist/types/providers/mcp/index.d.ts +5 -0
package/dist/types/providers/mcp/transport.d.ts +18 -0
package/dist/types/providers/mcp/types.d.ts +112 -0
package/dist/types/providers/tools-server/ToolsServerCapabilityProvider.d.ts +45 -0
package/dist/types/providers/tools-server/index.d.ts +1 -0
package/dist/types/providers/types.d.ts +170 -0
package/dist/types/tools/proxyTool.d.ts +55 -0
package/dist/types/utils/credentials.d.ts +77 -0
package/dist/types/utils/httpClient.d.ts +46 -0
package/dist/types/utils/index.d.ts +3 -0
package/dist/types/utils/toolManifest.d.ts +49 -0
package/package.json +21 -1
package/src/graphs/Graph.ts +0 -23
package/src/index.ts +4 -0
package/src/providers/__tests__/CompositeCapabilityProvider.test.ts +93 -0
package/src/providers/__tests__/ToolsServerCapabilityProvider.integration.spec.ts +79 -0
package/src/providers/__tests__/ToolsServerCapabilityProvider.test.ts +206 -0
package/src/providers/__tests__/types.test.ts +64 -0
package/src/providers/a2a/A2ACapabilityProvider.ts +384 -0
package/src/providers/a2a/__tests__/A2ACapabilityProvider.integration.spec.ts +345 -0
package/src/providers/a2a/__tests__/A2ACapabilityProvider.test.ts +460 -0
package/src/providers/a2a/client.ts +115 -0
package/src/providers/a2a/config.ts +40 -0
package/src/providers/a2a/index.ts +29 -0
package/src/providers/a2a/types.ts +191 -0
package/src/providers/capabilityNaming.ts +42 -0
package/src/providers/composite/CompositeCapabilityProvider.ts +112 -0
package/src/providers/composite/index.ts +1 -0
package/src/providers/index.ts +65 -0
package/src/providers/mcp/MCPCapabilityProvider.ts +345 -0
package/src/providers/mcp/__tests__/MCPCapabilityProvider.integration.spec.ts +386 -0
package/src/providers/mcp/__tests__/MCPCapabilityProvider.test.ts +371 -0
package/src/providers/mcp/config.ts +45 -0
package/src/providers/mcp/index.ts +21 -0
package/src/providers/mcp/transport.ts +76 -0
package/src/providers/mcp/types.ts +139 -0
package/src/providers/tools-server/ToolsServerCapabilityProvider.ts +220 -0
package/src/providers/tools-server/index.ts +1 -0
package/src/providers/types.ts +187 -0
package/src/tools/proxyTool.ts +146 -0
package/src/utils/__tests__/credentials.test.ts +130 -0
package/src/utils/__tests__/httpClient.test.ts +75 -0
package/src/utils/__tests__/toolManifest.test.ts +116 -0
package/src/utils/credentials.ts +157 -0
package/src/utils/httpClient.ts +92 -0
package/src/utils/index.ts +3 -0
package/src/utils/toolManifest.ts +109 -0
package/src/agents/AgentContext.js.map +0 -1
package/src/agents/AgentContext.test.js.map +0 -1
package/src/agents/__tests__/AgentContext.test.js.map +0 -1
package/src/agents/__tests__/resolveStructuredOutputMode.test.js.map +0 -1
package/src/common/enum.js.map +0 -1
package/src/common/index.js.map +0 -1
package/src/events.js.map +0 -1
package/src/graphs/Graph.js.map +0 -1
package/src/graphs/MultiAgentGraph.js.map +0 -1
package/src/graphs/__tests__/structured-output.integration.test.js.map +0 -1
package/src/graphs/__tests__/structured-output.test.js.map +0 -1
package/src/graphs/contextManagement.e2e.test.js.map +0 -1
package/src/graphs/contextManagement.test.js.map +0 -1
package/src/graphs/handoffValidation.test.js.map +0 -1
package/src/graphs/index.js.map +0 -1
package/src/index.js.map +0 -1
package/src/instrumentation.js.map +0 -1
package/src/llm/anthropic/index.js.map +0 -1
package/src/llm/anthropic/types.js.map +0 -1
package/src/llm/anthropic/utils/message_inputs.js.map +0 -1
package/src/llm/anthropic/utils/message_outputs.js.map +0 -1
package/src/llm/anthropic/utils/output_parsers.js.map +0 -1
package/src/llm/anthropic/utils/tools.js.map +0 -1
package/src/llm/bedrock/__tests__/bedrock-caching.test.js.map +0 -1
package/src/llm/bedrock/index.js.map +0 -1
package/src/llm/bedrock/types.js.map +0 -1
package/src/llm/bedrock/utils/index.js.map +0 -1
package/src/llm/bedrock/utils/message_inputs.js.map +0 -1
package/src/llm/bedrock/utils/message_outputs.js.map +0 -1
package/src/llm/fake.js.map +0 -1
package/src/llm/google/index.js.map +0 -1
package/src/llm/google/types.js.map +0 -1
package/src/llm/google/utils/common.js.map +0 -1
package/src/llm/google/utils/tools.js.map +0 -1
package/src/llm/google/utils/zod_to_genai_parameters.js.map +0 -1
package/src/llm/openai/index.js.map +0 -1
package/src/llm/openai/types.js.map +0 -1
package/src/llm/openai/utils/index.js.map +0 -1
package/src/llm/openai/utils/isReasoningModel.test.js.map +0 -1
package/src/llm/openrouter/index.js.map +0 -1
package/src/llm/openrouter/reasoning.test.js.map +0 -1
package/src/llm/providers.js.map +0 -1
package/src/llm/text.js.map +0 -1
package/src/llm/vertexai/index.js.map +0 -1
package/src/messages/__tests__/tools.test.js.map +0 -1
package/src/messages/cache.js.map +0 -1
package/src/messages/cache.test.js.map +0 -1
package/src/messages/content.js.map +0 -1
package/src/messages/content.test.js.map +0 -1
package/src/messages/core.js.map +0 -1
package/src/messages/ensureThinkingBlock.test.js.map +0 -1
package/src/messages/format.js.map +0 -1
package/src/messages/formatAgentMessages.test.js.map +0 -1
package/src/messages/formatAgentMessages.tools.test.js.map +0 -1
package/src/messages/formatMessage.test.js.map +0 -1
package/src/messages/ids.js.map +0 -1
package/src/messages/index.js.map +0 -1
package/src/messages/labelContentByAgent.test.js.map +0 -1
package/src/messages/prune.js.map +0 -1
package/src/messages/reducer.js.map +0 -1
package/src/messages/shiftIndexTokenCountMap.test.js.map +0 -1
package/src/messages/summarize.js.map +0 -1
package/src/messages/summarize.test.js.map +0 -1
package/src/messages/tools.js.map +0 -1
package/src/mockStream.js.map +0 -1
package/src/prompts/collab.js.map +0 -1
package/src/prompts/index.js.map +0 -1
package/src/prompts/taskmanager.js.map +0 -1
package/src/run.js.map +0 -1
package/src/schemas/index.js.map +0 -1
package/src/schemas/schema-preparation.test.js.map +0 -1
package/src/schemas/validate.js.map +0 -1
package/src/schemas/validate.test.js.map +0 -1
package/src/scripts/abort.js.map +0 -1
package/src/scripts/ant_web_search.js.map +0 -1
package/src/scripts/ant_web_search_edge_case.js.map +0 -1
package/src/scripts/ant_web_search_error_edge_case.js.map +0 -1
package/src/scripts/args.js.map +0 -1
package/src/scripts/bedrock-cache-debug.js.map +0 -1
package/src/scripts/bedrock-content-aggregation-test.js.map +0 -1
package/src/scripts/bedrock-merge-test.js.map +0 -1
package/src/scripts/bedrock-parallel-tools-test.js.map +0 -1
package/src/scripts/caching.js.map +0 -1
package/src/scripts/cli.js.map +0 -1
package/src/scripts/cli2.js.map +0 -1
package/src/scripts/cli3.js.map +0 -1
package/src/scripts/cli4.js.map +0 -1
package/src/scripts/cli5.js.map +0 -1
package/src/scripts/code_exec.js.map +0 -1
package/src/scripts/code_exec_files.js.map +0 -1
package/src/scripts/code_exec_multi_session.js.map +0 -1
package/src/scripts/code_exec_ptc.js.map +0 -1
package/src/scripts/code_exec_session.js.map +0 -1
package/src/scripts/code_exec_simple.js.map +0 -1
package/src/scripts/content.js.map +0 -1
package/src/scripts/empty_input.js.map +0 -1
package/src/scripts/handoff-test.js.map +0 -1
package/src/scripts/image.js.map +0 -1
package/src/scripts/memory.js.map +0 -1
package/src/scripts/multi-agent-chain.js.map +0 -1
package/src/scripts/multi-agent-conditional.js.map +0 -1
package/src/scripts/multi-agent-document-review-chain.js.map +0 -1
package/src/scripts/multi-agent-hybrid-flow.js.map +0 -1
package/src/scripts/multi-agent-parallel-start.js.map +0 -1
package/src/scripts/multi-agent-parallel.js.map +0 -1
package/src/scripts/multi-agent-sequence.js.map +0 -1
package/src/scripts/multi-agent-supervisor.js.map +0 -1
package/src/scripts/multi-agent-test.js.map +0 -1
package/src/scripts/parallel-asymmetric-tools-test.js.map +0 -1
package/src/scripts/parallel-full-metadata-test.js.map +0 -1
package/src/scripts/parallel-tools-test.js.map +0 -1
package/src/scripts/programmatic_exec.js.map +0 -1
package/src/scripts/programmatic_exec_agent.js.map +0 -1
package/src/scripts/search.js.map +0 -1
package/src/scripts/sequential-full-metadata-test.js.map +0 -1
package/src/scripts/simple.js.map +0 -1
package/src/scripts/single-agent-metadata-test.js.map +0 -1
package/src/scripts/stream.js.map +0 -1
package/src/scripts/test-custom-prompt-key.js.map +0 -1
package/src/scripts/test-handoff-input.js.map +0 -1
package/src/scripts/test-handoff-preamble.js.map +0 -1
package/src/scripts/test-handoff-steering.js.map +0 -1
package/src/scripts/test-multi-agent-list-handoff.js.map +0 -1
package/src/scripts/test-parallel-agent-labeling.js.map +0 -1
package/src/scripts/test-parallel-handoffs.js.map +0 -1
package/src/scripts/test-thinking-handoff-bedrock.js.map +0 -1
package/src/scripts/test-thinking-handoff.js.map +0 -1
package/src/scripts/test-thinking-to-thinking-handoff-bedrock.js.map +0 -1
package/src/scripts/test-tool-before-handoff-role-order.js.map +0 -1
package/src/scripts/test-tools-before-handoff.js.map +0 -1
package/src/scripts/test_code_api.js.map +0 -1
package/src/scripts/thinking-bedrock.js.map +0 -1
package/src/scripts/thinking-vertexai.js.map +0 -1
package/src/scripts/thinking.js.map +0 -1
package/src/scripts/tool_search.js.map +0 -1
package/src/scripts/tools.js.map +0 -1
package/src/specs/agent-handoffs-bedrock.integration.test.js.map +0 -1
package/src/specs/agent-handoffs.test.js.map +0 -1
package/src/specs/anthropic.simple.test.js.map +0 -1
package/src/specs/azure.simple.test.js.map +0 -1
package/src/specs/cache.simple.test.js.map +0 -1
package/src/specs/custom-event-await.test.js.map +0 -1
package/src/specs/deepseek.simple.test.js.map +0 -1
package/src/specs/emergency-prune.test.js.map +0 -1
package/src/specs/moonshot.simple.test.js.map +0 -1
package/src/specs/observability.integration.test.js.map +0 -1
package/src/specs/openai.simple.test.js.map +0 -1
package/src/specs/openrouter.simple.test.js.map +0 -1
package/src/specs/prune.test.js.map +0 -1
package/src/specs/reasoning.test.js.map +0 -1
package/src/specs/spec.utils.js.map +0 -1
package/src/specs/thinking-handoff.test.js.map +0 -1
package/src/specs/thinking-prune.test.js.map +0 -1
package/src/specs/token-distribution-edge-case.test.js.map +0 -1
package/src/specs/token-memoization.test.js.map +0 -1
package/src/specs/tokens.test.js.map +0 -1
package/src/specs/tool-error.test.js.map +0 -1
package/src/splitStream.js.map +0 -1
package/src/splitStream.test.js.map +0 -1
package/src/stream.js.map +0 -1
package/src/stream.test.js.map +0 -1
package/src/test/mockTools.js.map +0 -1
package/src/tools/BrowserTools.js.map +0 -1
package/src/tools/Calculator.js.map +0 -1
package/src/tools/Calculator.test.js.map +0 -1
package/src/tools/CodeExecutor.js.map +0 -1
package/src/tools/ProgrammaticToolCalling.js.map +0 -1
package/src/tools/StreamingToolCallBuffer.js.map +0 -1
package/src/tools/ToolNode.js.map +0 -1
package/src/tools/ToolSearch.js.map +0 -1
package/src/tools/__tests__/BrowserTools.test.js.map +0 -1
package/src/tools/__tests__/ProgrammaticToolCalling.integration.test.js.map +0 -1
package/src/tools/__tests__/ProgrammaticToolCalling.test.js.map +0 -1
package/src/tools/__tests__/StreamingToolCallBuffer.test.js.map +0 -1
package/src/tools/__tests__/ToolApproval.test.js.map +0 -1
package/src/tools/__tests__/ToolNode.recovery.test.js.map +0 -1
package/src/tools/__tests__/ToolNode.session.test.js.map +0 -1
package/src/tools/__tests__/ToolSearch.integration.test.js.map +0 -1
package/src/tools/__tests__/ToolSearch.test.js.map +0 -1
package/src/tools/__tests__/handlers.test.js.map +0 -1
package/src/tools/__tests__/truncation-recovery.integration.test.js.map +0 -1
package/src/tools/handlers.js.map +0 -1
package/src/tools/schema.js.map +0 -1
package/src/tools/search/anthropic.js.map +0 -1
package/src/tools/search/content.js.map +0 -1
package/src/tools/search/content.test.js.map +0 -1
package/src/tools/search/firecrawl.js.map +0 -1
package/src/tools/search/format.js.map +0 -1
package/src/tools/search/highlights.js.map +0 -1
package/src/tools/search/index.js.map +0 -1
package/src/tools/search/jina-reranker.test.js.map +0 -1
package/src/tools/search/rerankers.js.map +0 -1
package/src/tools/search/schema.js.map +0 -1
package/src/tools/search/search.js.map +0 -1
package/src/tools/search/serper-scraper.js.map +0 -1
package/src/tools/search/test.js.map +0 -1
package/src/tools/search/tool.js.map +0 -1
package/src/tools/search/types.js.map +0 -1
package/src/tools/search/utils.js.map +0 -1
package/src/types/graph.js.map +0 -1
package/src/types/graph.test.js.map +0 -1
package/src/types/index.js.map +0 -1
package/src/types/llm.js.map +0 -1
package/src/types/messages.js.map +0 -1
package/src/types/run.js.map +0 -1
package/src/types/stream.js.map +0 -1
package/src/types/tools.js.map +0 -1
package/src/utils/contextAnalytics.js.map +0 -1
package/src/utils/contextAnalytics.test.js.map +0 -1
package/src/utils/events.js.map +0 -1
package/src/utils/graph.js.map +0 -1
package/src/utils/handlers.js.map +0 -1
package/src/utils/index.js.map +0 -1
package/src/utils/llm.js.map +0 -1
package/src/utils/llmConfig.js.map +0 -1
package/src/utils/logging.js.map +0 -1
package/src/utils/misc.js.map +0 -1
package/src/utils/run.js.map +0 -1
package/src/utils/schema.js.map +0 -1
package/src/utils/title.js.map +0 -1
package/src/utils/tokens.js.map +0 -1
package/src/utils/toonFormat.js.map +0 -1

package/dist/cjs/utils/credentials.cjs ADDED Viewed

@@ -0,0 +1,142 @@
+'use strict';
+var types = require('../providers/types.cjs');
+/**
+ * Credential merging utility for capability providers.
+ *
+ * The host is the source of truth for credential values. It resolves them
+ * from env vars, user settings, or active OAuth sessions, then passes a
+ * flat CredentialMap to the provider.
+ *
+ * This utility helps hosts build that map from multiple sources with clear
+ * precedence rules. Providers themselves do NOT use this — they just receive
+ * the finished map.
+ */
+/**
+ * Source of a credential value in the merged result. Useful for logging
+ * and debugging which layer won a given authField.
+ */
+exports.CredentialOrigin = void 0;
+(function (CredentialOrigin) {
+    /** From the caller's process env (typically the CLI). */
+    CredentialOrigin["ENV"] = "env";
+    /** From the agent definition's tool_credentials block. */
+    CredentialOrigin["AGENT"] = "agent";
+    /** From the user's stored credentials in the host's credential store. */
+    CredentialOrigin["USER"] = "user";
+    /** From an active OAuth session forwarded by the host. */
+    CredentialOrigin["SESSION"] = "session";
+    /** Injected by the host at runtime for another reason. */
+    CredentialOrigin["RUNTIME"] = "runtime";
+})(exports.CredentialOrigin || (exports.CredentialOrigin = {}));
+/**
+ * Merge credential layers with earlier layers overriding later ones.
+ *
+ * Typical host flow (in order of precedence):
+ *   1. runtime overrides (e.g., test injection)       → RUNTIME
+ *   2. active OAuth session tokens                    → SESSION
+ *   3. agent-defined tool_credentials                 → AGENT
+ *   4. user's stored credentials                      → USER
+ *   5. process env                                    → ENV
+ *
+ * Caller passes layers in precedence order (highest first).
+ */
+function mergeCredentials(...layers) {
+    const merged = {};
+    // Iterate reverse so first-declared layer wins on collision.
+    for (let i = layers.length - 1; i >= 0; i--) {
+        const layer = layers[i];
+        for (const [key, value] of Object.entries(layer.values)) {
+            if (value !== undefined && value !== null && value !== '') {
+                merged[key] = value;
+            }
+        }
+    }
+    return merged;
+}
+/**
+ * Given a set of capabilities, return the union of authField names they
+ * require. Useful for hosts that want to pre-resolve credentials before
+ * calling createRunnables.
+ */
+function collectRequiredAuthFields(capabilities) {
+    const fields = new Set();
+    for (const cap of capabilities) {
+        for (const entry of cap.authConfig) {
+            fields.add(entry.authField);
+        }
+    }
+    return Array.from(fields);
+}
+/**
+ * Filter out credentials that the provider is expected to resolve itself
+ * (source === SERVER). Hosts call this before forwarding — these values
+ * live in the provider's own environment and shouldn't be sent.
+ *
+ * Precedence: entries without `source` default to USER (must be forwarded).
+ */
+function filterForwardableCredentials(credentials, capabilities) {
+    const serverManagedFields = new Set();
+    for (const cap of capabilities) {
+        for (const entry of cap.authConfig) {
+            if (entry.source === types.AuthSource.SERVER) {
+                serverManagedFields.add(entry.authField);
+            }
+        }
+    }
+    const forwardable = {};
+    for (const [key, value] of Object.entries(credentials)) {
+        if (!serverManagedFields.has(key)) {
+            forwardable[key] = value;
+        }
+    }
+    return forwardable;
+}
+/**
+ * Validate that all required credentials for a capability are present in
+ * the provided map. Returns the list of missing authFields (empty array
+ * if all satisfied). Credentials with `source === SERVER` are excluded
+ * from the check since the provider resolves them.
+ */
+function findMissingCredentials(capability, credentials) {
+    const missing = [];
+    for (const entry of capability.authConfig) {
+        if (entry.source === types.AuthSource.SERVER)
+            continue;
+        if (!entry.required)
+            continue;
+        if (!credentials[entry.authField]) {
+            missing.push(entry.authField);
+        }
+    }
+    return missing;
+}
+/**
+ * Build a CredentialLayer from process env given a list of authField names.
+ * Values that aren't set in env are omitted (not set to empty string).
+ */
+function credentialsFromEnv(authFields, env = process.env) {
+    const values = {};
+    for (const field of authFields) {
+        const value = env[field];
+        if (value)
+            values[field] = value;
+    }
+    return { origin: exports.CredentialOrigin.ENV, values };
+}
+/**
+ * Type guard: check whether an auth config entry should be forwarded by
+ * the host (vs resolved by the provider itself).
+ */
+function isForwardable(entry) {
+    return entry.source !== types.AuthSource.SERVER;
+}
+exports.collectRequiredAuthFields = collectRequiredAuthFields;
+exports.credentialsFromEnv = credentialsFromEnv;
+exports.filterForwardableCredentials = filterForwardableCredentials;
+exports.findMissingCredentials = findMissingCredentials;
+exports.isForwardable = isForwardable;
+exports.mergeCredentials = mergeCredentials;
+//# sourceMappingURL=credentials.cjs.map

package/dist/cjs/utils/credentials.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"credentials.cjs","sources":["../../../src/utils/credentials.ts"],"sourcesContent":["/**\n * Credential merging utility for capability providers.\n *\n * The host is the source of truth for credential values. It resolves them\n * from env vars, user settings, or active OAuth sessions, then passes a\n * flat CredentialMap to the provider.\n *\n * This utility helps hosts build that map from multiple sources with clear\n * precedence rules. Providers themselves do NOT use this — they just receive\n * the finished map.\n */\n\nimport type {\n AuthConfigEntry,\n Capability,\n CredentialMap,\n} from '@/providers/types';\nimport { AuthSource } from '@/providers/types';\n\n/**\n * Source of a credential value in the merged result. Useful for logging\n * and debugging which layer won a given authField.\n */\nexport enum CredentialOrigin {\n /** From the caller's process env (typically the CLI). */\n ENV = 'env',\n /** From the agent definition's tool_credentials block. */\n AGENT = 'agent',\n /** From the user's stored credentials in the host's credential store. */\n USER = 'user',\n /** From an active OAuth session forwarded by the host. */\n SESSION = 'session',\n /** Injected by the host at runtime for another reason. */\n RUNTIME = 'runtime',\n}\n\n/** One layer of credentials with its origin. */\nexport interface CredentialLayer {\n origin: CredentialOrigin;\n values: CredentialMap;\n}\n\n/**\n * Merge credential layers with earlier layers overriding later ones.\n *\n * Typical host flow (in order of precedence):\n * 1. runtime overrides (e.g., test injection) → RUNTIME\n * 2. active OAuth session tokens → SESSION\n * 3. agent-defined tool_credentials → AGENT\n * 4. user's stored credentials → USER\n * 5. process env → ENV\n *\n * Caller passes layers in precedence order (highest first).\n */\nexport function mergeCredentials(...layers: CredentialLayer[]): CredentialMap {\n const merged: CredentialMap = {};\n // Iterate reverse so first-declared layer wins on collision.\n for (let i = layers.length - 1; i >= 0; i--) {\n const layer = layers[i];\n for (const [key, value] of Object.entries(layer.values)) {\n if (value !== undefined && value !== null && value !== '') {\n merged[key] = value;\n }\n }\n }\n return merged;\n}\n\n/**\n * Given a set of capabilities, return the union of authField names they\n * require. Useful for hosts that want to pre-resolve credentials before\n * calling createRunnables.\n */\nexport function collectRequiredAuthFields(\n capabilities: Capability[]\n): string[] {\n const fields = new Set<string>();\n for (const cap of capabilities) {\n for (const entry of cap.authConfig) {\n fields.add(entry.authField);\n }\n }\n return Array.from(fields);\n}\n\n/**\n * Filter out credentials that the provider is expected to resolve itself\n * (source === SERVER). Hosts call this before forwarding — these values\n * live in the provider's own environment and shouldn't be sent.\n *\n * Precedence: entries without `source` default to USER (must be forwarded).\n */\nexport function filterForwardableCredentials(\n credentials: CredentialMap,\n capabilities: Capability[]\n): CredentialMap {\n const serverManagedFields = new Set<string>();\n for (const cap of capabilities) {\n for (const entry of cap.authConfig) {\n if (entry.source === AuthSource.SERVER) {\n serverManagedFields.add(entry.authField);\n }\n }\n }\n const forwardable: CredentialMap = {};\n for (const [key, value] of Object.entries(credentials)) {\n if (!serverManagedFields.has(key)) {\n forwardable[key] = value;\n }\n }\n return forwardable;\n}\n\n/**\n * Validate that all required credentials for a capability are present in\n * the provided map. Returns the list of missing authFields (empty array\n * if all satisfied). Credentials with `source === SERVER` are excluded\n * from the check since the provider resolves them.\n */\nexport function findMissingCredentials(\n capability: Capability,\n credentials: CredentialMap\n): string[] {\n const missing: string[] = [];\n for (const entry of capability.authConfig) {\n if (entry.source === AuthSource.SERVER) continue;\n if (!entry.required) continue;\n if (!credentials[entry.authField]) {\n missing.push(entry.authField);\n }\n }\n return missing;\n}\n\n/**\n * Build a CredentialLayer from process env given a list of authField names.\n * Values that aren't set in env are omitted (not set to empty string).\n */\nexport function credentialsFromEnv(\n authFields: readonly string[],\n env: NodeJS.ProcessEnv = process.env\n): CredentialLayer {\n const values: CredentialMap = {};\n for (const field of authFields) {\n const value = env[field];\n if (value) values[field] = value;\n }\n return { origin: CredentialOrigin.ENV, values };\n}\n\n/**\n * Type guard: check whether an auth config entry should be forwarded by\n * the host (vs resolved by the provider itself).\n */\nexport function isForwardable(entry: AuthConfigEntry): boolean {\n return entry.source !== AuthSource.SERVER;\n}\n"],"names":["CredentialOrigin","AuthSource"],"mappings":";;;;AAAA;;;;;;;;;;AAUG;AASH;;;AAGG;AACSA;AAAZ,CAAA,UAAY,gBAAgB,EAAA;;AAE1B,IAAA,gBAAA,CAAA,KAAA,CAAA,GAAA,KAAW;;AAEX,IAAA,gBAAA,CAAA,OAAA,CAAA,GAAA,OAAe;;AAEf,IAAA,gBAAA,CAAA,MAAA,CAAA,GAAA,MAAa;;AAEb,IAAA,gBAAA,CAAA,SAAA,CAAA,GAAA,SAAmB;;AAEnB,IAAA,gBAAA,CAAA,SAAA,CAAA,GAAA,SAAmB;AACrB,CAAC,EAXWA,wBAAgB,KAAhBA,wBAAgB,GAAA,EAAA,CAAA,CAAA;AAmB5B;;;;;;;;;;;AAWG;AACG,SAAU,gBAAgB,CAAC,GAAG,MAAyB,EAAA;IAC3D,MAAM,MAAM,GAAkB,EAAE;;AAEhC,IAAA,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;AAC3C,QAAA,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC;AACvB,QAAA,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE;AACvD,YAAA,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,EAAE;AACzD,gBAAA,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK;YACrB;QACF;IACF;AACA,IAAA,OAAO,MAAM;AACf;AAEA;;;;AAIG;AACG,SAAU,yBAAyB,CACvC,YAA0B,EAAA;AAE1B,IAAA,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU;AAChC,IAAA,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE;AAC9B,QAAA,KAAK,MAAM,KAAK,IAAI,GAAG,CAAC,UAAU,EAAE;AAClC,YAAA,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC;QAC7B;IACF;AACA,IAAA,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC;AAC3B;AAEA;;;;;;AAMG;AACG,SAAU,4BAA4B,CAC1C,WAA0B,EAC1B,YAA0B,EAAA;AAE1B,IAAA,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAU;AAC7C,IAAA,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE;AAC9B,QAAA,KAAK,MAAM,KAAK,IAAI,GAAG,CAAC,UAAU,EAAE;YAClC,IAAI,KAAK,CAAC,MAAM,KAAKC,gBAAU,CAAC,MAAM,EAAE;AACtC,gBAAA,mBAAmB,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC;YAC1C;QACF;IACF;IACA,MAAM,WAAW,GAAkB,EAAE;AACrC,IAAA,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QACtD,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;AACjC,YAAA,WAAW,CAAC,GAAG,CAAC,GAAG,KAAK;QAC1B;IACF;AACA,IAAA,OAAO,WAAW;AACpB;AAEA;;;;;AAKG;AACG,SAAU,sBAAsB,CACpC,UAAsB,EACtB,WAA0B,EAAA;IAE1B,MAAM,OAAO,GAAa,EAAE;AAC5B,IAAA,KAAK,MAAM,KAAK,IAAI,UAAU,CAAC,UAAU,EAAE;AACzC,QAAA,IAAI,KAAK,CAAC,MAAM,KAAKA,gBAAU,CAAC,MAAM;YAAE;QACxC,IAAI,CAAC,KAAK,CAAC,QAAQ;YAAE;QACrB,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE;AACjC,YAAA,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;QAC/B;IACF;AACA,IAAA,OAAO,OAAO;AAChB;AAEA;;;AAGG;AACG,SAAU,kBAAkB,CAChC,UAA6B,EAC7B,GAAA,GAAyB,OAAO,CAAC,GAAG,EAAA;IAEpC,MAAM,MAAM,GAAkB,EAAE;AAChC,IAAA,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE;AAC9B,QAAA,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;AACxB,QAAA,IAAI,KAAK;AAAE,YAAA,MAAM,CAAC,KAAK,CAAC,GAAG,KAAK;IAClC;IACA,OAAO,EAAE,MAAM,EAAED,wBAAgB,CAAC,GAAG,EAAE,MAAM,EAAE;AACjD;AAEA;;;AAGG;AACG,SAAU,aAAa,CAAC,KAAsB,EAAA;AAClD,IAAA,OAAO,KAAK,CAAC,MAAM,KAAKC,gBAAU,CAAC,MAAM;AAC3C;;;;;;;;;"}

package/dist/cjs/utils/httpClient.cjs ADDED Viewed

@@ -0,0 +1,74 @@
+'use strict';
+var axios = require('axios');
+var httpsProxyAgent = require('https-proxy-agent');
+/**
+ * HTTP client utility for capability providers.
+ *
+ * Wraps axios with proxy support, default headers, and consistent retry
+ * behavior so every provider doesn't reinvent the wheel. Used by
+ * ToolsServerCapabilityProvider and (future) any HTTP-backed provider.
+ *
+ * Proxy resolution follows the existing pattern in this codebase:
+ * the PROXY env var is read and an HttpsProxyAgent is attached if present.
+ */
+/**
+ * Build an axios instance configured per HttpClientConfig.
+ *
+ * The returned instance should be retained (not recreated per request) so
+ * keepalive connections can be reused.
+ */
+function createHttpClient(config) {
+    const { baseURL, apiKey, headers = {}, timeoutMs = 30_000, proxy } = config;
+    const resolvedProxy = proxy === undefined ? process.env.PROXY : proxy;
+    const defaultHeaders = {
+        'content-type': 'application/json',
+        ...headers,
+    };
+    if (apiKey) {
+        defaultHeaders['x-api-key'] = apiKey;
+    }
+    const axiosConfig = {
+        baseURL,
+        timeout: timeoutMs,
+        headers: defaultHeaders,
+        // Don't throw on non-2xx — callers handle status codes explicitly.
+        validateStatus: () => true,
+    };
+    if (resolvedProxy) {
+        // axios respects `httpsAgent` for outbound proxying
+        axiosConfig.httpsAgent = new httpsProxyAgent.HttpsProxyAgent(resolvedProxy);
+        axiosConfig.httpAgent = new httpsProxyAgent.HttpsProxyAgent(resolvedProxy);
+        // Disable axios's built-in proxy logic in favor of the agent.
+        axiosConfig.proxy = false;
+    }
+    return axios.create(axiosConfig);
+}
+/**
+ * Thin wrapper around an axios response that throws with a structured error
+ * on non-2xx status codes. Providers use this to get uniform error surface.
+ */
+class HttpError extends Error {
+    status;
+    body;
+    url;
+    constructor(status, url, body) {
+        super(`HTTP ${status} on ${url}`);
+        this.name = 'HttpError';
+        this.status = status;
+        this.url = url;
+        this.body = body;
+    }
+}
+/** Assert that an axios response is a 2xx; throw HttpError otherwise. */
+function assertOk(status, url, body) {
+    if (status < 200 || status >= 300) {
+        throw new HttpError(status, url, body);
+    }
+}
+exports.HttpError = HttpError;
+exports.assertOk = assertOk;
+exports.createHttpClient = createHttpClient;
+//# sourceMappingURL=httpClient.cjs.map

package/dist/cjs/utils/httpClient.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"httpClient.cjs","sources":["../../../src/utils/httpClient.ts"],"sourcesContent":["/**\n * HTTP client utility for capability providers.\n *\n * Wraps axios with proxy support, default headers, and consistent retry\n * behavior so every provider doesn't reinvent the wheel. Used by\n * ToolsServerCapabilityProvider and (future) any HTTP-backed provider.\n *\n * Proxy resolution follows the existing pattern in this codebase:\n * the PROXY env var is read and an HttpsProxyAgent is attached if present.\n */\n\nimport axios, { type AxiosInstance, type AxiosRequestConfig } from 'axios';\nimport { HttpsProxyAgent } from 'https-proxy-agent';\n\n/** Configuration for creating an HTTP client. */\nexport interface HttpClientConfig {\n /** Base URL prepended to all requests. */\n baseURL: string;\n /** Optional API key — if present, sent as `x-api-key` header. */\n apiKey?: string;\n /** Custom header map merged into every request. */\n headers?: Record<string, string>;\n /** Request timeout in milliseconds. Defaults to 30_000. */\n timeoutMs?: number;\n /**\n * Override for the PROXY env var. Useful for tests. If undefined,\n * falls back to process.env.PROXY.\n */\n proxy?: string | null;\n}\n\n/**\n * Build an axios instance configured per HttpClientConfig.\n *\n * The returned instance should be retained (not recreated per request) so\n * keepalive connections can be reused.\n */\nexport function createHttpClient(config: HttpClientConfig): AxiosInstance {\n const { baseURL, apiKey, headers = {}, timeoutMs = 30_000, proxy } = config;\n\n const resolvedProxy = proxy === undefined ? process.env.PROXY : proxy;\n\n const defaultHeaders: Record<string, string> = {\n 'content-type': 'application/json',\n ...headers,\n };\n if (apiKey) {\n defaultHeaders['x-api-key'] = apiKey;\n }\n\n const axiosConfig: AxiosRequestConfig = {\n baseURL,\n timeout: timeoutMs,\n headers: defaultHeaders,\n // Don't throw on non-2xx — callers handle status codes explicitly.\n validateStatus: () => true,\n };\n\n if (resolvedProxy) {\n // axios respects `httpsAgent` for outbound proxying\n axiosConfig.httpsAgent = new HttpsProxyAgent(resolvedProxy);\n axiosConfig.httpAgent = new HttpsProxyAgent(resolvedProxy);\n // Disable axios's built-in proxy logic in favor of the agent.\n axiosConfig.proxy = false;\n }\n\n return axios.create(axiosConfig);\n}\n\n/**\n * Thin wrapper around an axios response that throws with a structured error\n * on non-2xx status codes. Providers use this to get uniform error surface.\n */\nexport class HttpError extends Error {\n readonly status: number;\n readonly body: unknown;\n readonly url: string;\n constructor(status: number, url: string, body: unknown) {\n super(`HTTP ${status} on ${url}`);\n this.name = 'HttpError';\n this.status = status;\n this.url = url;\n this.body = body;\n }\n}\n\n/** Assert that an axios response is a 2xx; throw HttpError otherwise. */\nexport function assertOk(status: number, url: string, body: unknown): void {\n if (status < 200 || status >= 300) {\n throw new HttpError(status, url, body);\n }\n}\n"],"names":["HttpsProxyAgent"],"mappings":";;;;;AAAA;;;;;;;;;AASG;AAsBH;;;;;AAKG;AACG,SAAU,gBAAgB,CAAC,MAAwB,EAAA;AACvD,IAAA,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,GAAG,EAAE,EAAE,SAAS,GAAG,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM;AAE3E,IAAA,MAAM,aAAa,GAAG,KAAK,KAAK,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,KAAK;AAErE,IAAA,MAAM,cAAc,GAA2B;AAC7C,QAAA,cAAc,EAAE,kBAAkB;AAClC,QAAA,GAAG,OAAO;KACX;IACD,IAAI,MAAM,EAAE;AACV,QAAA,cAAc,CAAC,WAAW,CAAC,GAAG,MAAM;IACtC;AAEA,IAAA,MAAM,WAAW,GAAuB;QACtC,OAAO;AACP,QAAA,OAAO,EAAE,SAAS;AAClB,QAAA,OAAO,EAAE,cAAc;;AAEvB,QAAA,cAAc,EAAE,MAAM,IAAI;KAC3B;IAED,IAAI,aAAa,EAAE;;QAEjB,WAAW,CAAC,UAAU,GAAG,IAAIA,+BAAe,CAAC,aAAa,CAAC;QAC3D,WAAW,CAAC,SAAS,GAAG,IAAIA,+BAAe,CAAC,aAAa,CAAC;;AAE1D,QAAA,WAAW,CAAC,KAAK,GAAG,KAAK;IAC3B;AAEA,IAAA,OAAO,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC;AAClC;AAEA;;;AAGG;AACG,MAAO,SAAU,SAAQ,KAAK,CAAA;AACzB,IAAA,MAAM;AACN,IAAA,IAAI;AACJ,IAAA,GAAG;AACZ,IAAA,WAAA,CAAY,MAAc,EAAE,GAAW,EAAE,IAAa,EAAA;AACpD,QAAA,KAAK,CAAC,CAAA,KAAA,EAAQ,MAAM,OAAO,GAAG,CAAA,CAAE,CAAC;AACjC,QAAA,IAAI,CAAC,IAAI,GAAG,WAAW;AACvB,QAAA,IAAI,CAAC,MAAM,GAAG,MAAM;AACpB,QAAA,IAAI,CAAC,GAAG,GAAG,GAAG;AACd,QAAA,IAAI,CAAC,IAAI,GAAG,IAAI;IAClB;AACD;AAED;SACgB,QAAQ,CAAC,MAAc,EAAE,GAAW,EAAE,IAAa,EAAA;IACjE,IAAI,MAAM,GAAG,GAAG,IAAI,MAAM,IAAI,GAAG,EAAE;QACjC,MAAM,IAAI,SAAS,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,CAAC;IACxC;AACF;;;;;;"}

package/dist/cjs/utils/toolManifest.cjs ADDED Viewed

@@ -0,0 +1,100 @@
+'use strict';
+/**
+ * Tool manifest cache.
+ *
+ * Providers fetch a manifest at init and potentially on refresh. This
+ * utility provides a minimal TTL cache so repeated fetchManifest() calls
+ * don't hammer the backing server.
+ *
+ * Caching is opt-in — providers that want fresh data every time (e.g.,
+ * MCP with dynamic tool lists) can skip this entirely.
+ */
+/**
+ * Simple in-memory TTL cache for manifests, keyed by a caller-supplied
+ * cache key (e.g., the filter hash or a fixed constant for unfiltered).
+ *
+ * Thread-safety: the cache uses a plain Map. Node's single-threaded event
+ * loop makes this safe for typical use. Not safe across workers — each
+ * worker keeps its own cache (fine, since manifests are small).
+ */
+class ManifestCache {
+    ttlMs;
+    store = new Map();
+    constructor(config = {}) {
+        this.ttlMs = config.ttlMs ?? 60_000;
+    }
+    /** Retrieve cached capabilities, or undefined on miss / expiry. */
+    get(key) {
+        const entry = this.store.get(key);
+        if (!entry)
+            return undefined;
+        if (entry.expiresAt < Date.now()) {
+            this.store.delete(key);
+            return undefined;
+        }
+        return entry.capabilities;
+    }
+    /** Insert or replace cached capabilities for the given key. */
+    set(key, capabilities) {
+        if (this.ttlMs <= 0)
+            return;
+        this.store.set(key, {
+            expiresAt: Date.now() + this.ttlMs,
+            capabilities,
+        });
+    }
+    /** Remove all cached entries. */
+    clear() {
+        this.store.clear();
+    }
+    /** For tests / diagnostics. */
+    get size() {
+        return this.store.size;
+    }
+}
+/**
+ * Build a deterministic cache key from a CapabilityFilter.
+ *
+ * Two identical filters always produce the same key. Providers use this
+ * so `fetchManifest(filter)` and `fetchManifest(sameFilter)` hit the
+ * same cache entry.
+ */
+function filterToCacheKey(filter) {
+    if (!filter)
+        return '__all__';
+    const parts = [];
+    if (filter.kind)
+        parts.push(`kind=${filter.kind}`);
+    if (filter.tags?.length)
+        parts.push(`tags=${[...filter.tags].sort().join(',')}`);
+    if (filter.names?.length)
+        parts.push(`names=${[...filter.names].sort().join(',')}`);
+    return parts.length ? parts.join('|') : '__all__';
+}
+/**
+ * Apply a CapabilityFilter to a pre-fetched manifest. Used by providers
+ * that fetch the full manifest once and filter in memory.
+ */
+function applyFilter(capabilities, filter) {
+    if (!filter)
+        return capabilities;
+    return capabilities.filter((cap) => {
+        if (filter.kind && cap.kind !== filter.kind)
+            return false;
+        if (filter.names && !filter.names.includes(cap.name))
+            return false;
+        if (filter.tags?.length) {
+            const capTags = new Set(cap.metadata.tags ?? []);
+            const anyMatch = filter.tags.some((t) => capTags.has(t));
+            if (!anyMatch)
+                return false;
+        }
+        return true;
+    });
+}
+exports.ManifestCache = ManifestCache;
+exports.applyFilter = applyFilter;
+exports.filterToCacheKey = filterToCacheKey;
+//# sourceMappingURL=toolManifest.cjs.map

package/dist/cjs/utils/toolManifest.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"toolManifest.cjs","sources":["../../../src/utils/toolManifest.ts"],"sourcesContent":["/**\n * Tool manifest cache.\n *\n * Providers fetch a manifest at init and potentially on refresh. This\n * utility provides a minimal TTL cache so repeated fetchManifest() calls\n * don't hammer the backing server.\n *\n * Caching is opt-in — providers that want fresh data every time (e.g.,\n * MCP with dynamic tool lists) can skip this entirely.\n */\n\nimport type { Capability, CapabilityFilter } from '@/providers/types';\n\n/** Entry in the manifest cache. */\ninterface CacheEntry {\n expiresAt: number;\n capabilities: Capability[];\n}\n\nexport interface ManifestCacheConfig {\n /** Time-to-live in milliseconds. 0 disables caching. Defaults to 60_000 (1 min). */\n ttlMs?: number;\n}\n\n/**\n * Simple in-memory TTL cache for manifests, keyed by a caller-supplied\n * cache key (e.g., the filter hash or a fixed constant for unfiltered).\n *\n * Thread-safety: the cache uses a plain Map. Node's single-threaded event\n * loop makes this safe for typical use. Not safe across workers — each\n * worker keeps its own cache (fine, since manifests are small).\n */\nexport class ManifestCache {\n private readonly ttlMs: number;\n private readonly store = new Map<string, CacheEntry>();\n\n constructor(config: ManifestCacheConfig = {}) {\n this.ttlMs = config.ttlMs ?? 60_000;\n }\n\n /** Retrieve cached capabilities, or undefined on miss / expiry. */\n get(key: string): Capability[] | undefined {\n const entry = this.store.get(key);\n if (!entry) return undefined;\n if (entry.expiresAt < Date.now()) {\n this.store.delete(key);\n return undefined;\n }\n return entry.capabilities;\n }\n\n /** Insert or replace cached capabilities for the given key. */\n set(key: string, capabilities: Capability[]): void {\n if (this.ttlMs <= 0) return;\n this.store.set(key, {\n expiresAt: Date.now() + this.ttlMs,\n capabilities,\n });\n }\n\n /** Remove all cached entries. */\n clear(): void {\n this.store.clear();\n }\n\n /** For tests / diagnostics. */\n get size(): number {\n return this.store.size;\n }\n}\n\n/**\n * Build a deterministic cache key from a CapabilityFilter.\n *\n * Two identical filters always produce the same key. Providers use this\n * so `fetchManifest(filter)` and `fetchManifest(sameFilter)` hit the\n * same cache entry.\n */\nexport function filterToCacheKey(filter?: CapabilityFilter): string {\n if (!filter) return '__all__';\n const parts: string[] = [];\n if (filter.kind) parts.push(`kind=${filter.kind}`);\n if (filter.tags?.length)\n parts.push(`tags=${[...filter.tags].sort().join(',')}`);\n if (filter.names?.length)\n parts.push(`names=${[...filter.names].sort().join(',')}`);\n return parts.length ? parts.join('|') : '__all__';\n}\n\n/**\n * Apply a CapabilityFilter to a pre-fetched manifest. Used by providers\n * that fetch the full manifest once and filter in memory.\n */\nexport function applyFilter(\n capabilities: Capability[],\n filter?: CapabilityFilter\n): Capability[] {\n if (!filter) return capabilities;\n return capabilities.filter((cap) => {\n if (filter.kind && cap.kind !== filter.kind) return false;\n if (filter.names && !filter.names.includes(cap.name)) return false;\n if (filter.tags?.length) {\n const capTags = new Set(cap.metadata.tags ?? []);\n const anyMatch = filter.tags.some((t) => capTags.has(t));\n if (!anyMatch) return false;\n }\n return true;\n });\n}\n"],"names":[],"mappings":";;AAAA;;;;;;;;;AASG;AAeH;;;;;;;AAOG;MACU,aAAa,CAAA;AACP,IAAA,KAAK;AACL,IAAA,KAAK,GAAG,IAAI,GAAG,EAAsB;AAEtD,IAAA,WAAA,CAAY,SAA8B,EAAE,EAAA;QAC1C,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,MAAM;IACrC;;AAGA,IAAA,GAAG,CAAC,GAAW,EAAA;QACb,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC;AACjC,QAAA,IAAI,CAAC,KAAK;AAAE,YAAA,OAAO,SAAS;QAC5B,IAAI,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE;AAChC,YAAA,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC;AACtB,YAAA,OAAO,SAAS;QAClB;QACA,OAAO,KAAK,CAAC,YAAY;IAC3B;;IAGA,GAAG,CAAC,GAAW,EAAE,YAA0B,EAAA;AACzC,QAAA,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC;YAAE;AACrB,QAAA,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK;YAClC,YAAY;AACb,SAAA,CAAC;IACJ;;IAGA,KAAK,GAAA;AACH,QAAA,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE;IACpB;;AAGA,IAAA,IAAI,IAAI,GAAA;AACN,QAAA,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI;IACxB;AACD;AAED;;;;;;AAMG;AACG,SAAU,gBAAgB,CAAC,MAAyB,EAAA;AACxD,IAAA,IAAI,CAAC,MAAM;AAAE,QAAA,OAAO,SAAS;IAC7B,MAAM,KAAK,GAAa,EAAE;IAC1B,IAAI,MAAM,CAAC,IAAI;QAAE,KAAK,CAAC,IAAI,CAAC,CAAA,KAAA,EAAQ,MAAM,CAAC,IAAI,CAAA,CAAE,CAAC;AAClD,IAAA,IAAI,MAAM,CAAC,IAAI,EAAE,MAAM;QACrB,KAAK,CAAC,IAAI,CAAC,CAAA,KAAA,EAAQ,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAE,CAAC;AACzD,IAAA,IAAI,MAAM,CAAC,KAAK,EAAE,MAAM;QACtB,KAAK,CAAC,IAAI,CAAC,CAAA,MAAA,EAAS,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAE,CAAC;AAC3D,IAAA,OAAO,KAAK,CAAC,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,SAAS;AACnD;AAEA;;;AAGG;AACG,SAAU,WAAW,CACzB,YAA0B,EAC1B,MAAyB,EAAA;AAEzB,IAAA,IAAI,CAAC,MAAM;AAAE,QAAA,OAAO,YAAY;AAChC,IAAA,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,KAAI;QACjC,IAAI,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI;AAAE,YAAA,OAAO,KAAK;AACzD,QAAA,IAAI,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC;AAAE,YAAA,OAAO,KAAK;AAClE,QAAA,IAAI,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE;AACvB,YAAA,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;YAChD,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;AACxD,YAAA,IAAI,CAAC,QAAQ;AAAE,gBAAA,OAAO,KAAK;QAC7B;AACA,QAAA,OAAO,IAAI;AACb,IAAA,CAAC,CAAC;AACJ;;;;;;"}

package/dist/esm/graphs/Graph.mjs CHANGED Viewed

@@ -28,6 +28,9 @@ import { ToolDiscoveryCache } from '../utils/toolDiscoveryCache.mjs';
 import { createPruneCalibration, applyCalibration, updatePruneCalibration } from '../utils/pruneCalibration.mjs';
 import { buildFileManifestBlock } from '../utils/fileManifest.mjs';
 import { isLikelyContextOverflowError } from '../utils/errors.mjs';
+import 'axios';
+import 'https-proxy-agent';
+import '../utils/credentials.mjs';
 import { getChatModelClass, manualToolStreamProviders } from '../llm/providers.mjs';
 import { ToolNode, toolsCondition } from '../tools/ToolNode.mjs';
 import { ChatOpenAI, AzureChatOpenAI } from '../llm/openai/index.mjs';
@@ -1060,11 +1063,6 @@ class StandardGraph extends Graph {
                     provider: agentContext.provider,
                     clientOptions: effectiveClientOptions,
                 });
-            // DEBUG: Log which model and tools each agent uses during handoff
-            mlog(`[createCallModel] Agent "${agentId}" invoking LLM | provider=${agentContext.provider} | ` +
-                `model=${effectiveClientOptions.model ?? 'default'} | ` +
-                `toolsForBinding=${toolsForBinding?.length ?? 0} | ` +
-                `toolNames=[${(toolsForBinding ?? []).map((t) => t.name ?? 'unknown').join(', ')}]`);
             if (agentContext.systemRunnable) {
                 model = agentContext.systemRunnable.pipe(model);
             }
@@ -1189,25 +1187,18 @@ class StandardGraph extends Graph {
                 const maxTokens = agentContext.maxContextTokens ?? 0;
                 // Step 1: Resolve best available summary
                 let summary;
-                let summarySource;
                 if (this._cachedRunSummary != null) {
                     summary = this._cachedRunSummary;
-                    summarySource = 'cached';
                 }
                 else if (agentContext.persistedSummary != null &&
                     agentContext.persistedSummary !== '') {
                     summary = agentContext.persistedSummary;
                     this._cachedRunSummary = summary;
-                    summarySource = 'persisted';
                 }
                 else if (sumConfig?.initialSummary != null &&
                     sumConfig.initialSummary !== '') {
                     summary = sumConfig.initialSummary;
                     this._cachedRunSummary = summary;
-                    summarySource = 'initial-seed';
-                }
-                else {
-                    summarySource = 'none';
                 }
                 // Step 2: Calculate token budget
                 // Apply EMA calibration for accuracy across iterations
@@ -1330,12 +1321,6 @@ class StandardGraph extends Graph {
                     viewIdx++;
                 }
                 agentContext.indexTokenCountMap = viewTokenMap;
-                mlog(`[Graph:Compaction] ${messages.length}→${viewParts.length} msgs | ` +
-                    `compacted=${compactedMessages.length} window=${recentMessages.length} | ` +
-                    `summary=${summarySource} | budget=${usedTokens}/${recentBudget}` +
-                    (fileManifestTokens > 0
-                        ? ` | manifest=${fileManifest?.length ?? 0} files (${fileManifestTokens}tok)`
-                        : ''));
                 // Step 5: Fire background summary update (non-blocking)
                 // Summarize messages outside the window so next iteration has a fresh summary.
                 // Only trigger if there are compacted messages worth summarizing.