@inkeep/agents-api 0.0.0-dev-20260123091222 → 0.0.0-dev-20260123094230

package/dist/.well-known/workflow/v1/step.cjs.debug.json

@@ -1,6 +1,6 @@
 {
   "stepFiles": [
-    "/home/runner/work/agents/agents/agents-api/src/domains/evals/workflow/functions/evaluateConversation.ts",
-    "/home/runner/work/agents/agents/agents-api/src/domains/evals/workflow/functions/runDatasetItem.ts"
+    "/home/runner/work/agents/agents/agents-api/src/domains/evals/workflow/functions/runDatasetItem.ts",
+    "/home/runner/work/agents/agents/agents-api/src/domains/evals/workflow/functions/evaluateConversation.ts"
   ]
 }

package/dist/data/db/runDbClient.d.ts

@@ -1,6 +1,6 @@
-import * as _inkeep_agents_core0 from "@inkeep/agents-core";
+import * as _inkeep_agents_core3 from "@inkeep/agents-core";
 
 //#region src/data/db/runDbClient.d.ts
-declare const runDbClient: _inkeep_agents_core0.AgentsRunDatabaseClient;
+declare const runDbClient: _inkeep_agents_core3.AgentsRunDatabaseClient;
 //#endregion
 export { runDbClient as default };

package/dist/domains/evals/routes/datasetTriggers.d.ts

@@ -1,7 +1,7 @@
 import { OpenAPIHono } from "@hono/zod-openapi";
-import * as hono16 from "hono";
+import * as hono12 from "hono";
 
 //#region src/domains/evals/routes/datasetTriggers.d.ts
-declare const app: OpenAPIHono<hono16.Env, {}, "/">;
+declare const app: OpenAPIHono<hono12.Env, {}, "/">;
 //#endregion
 export { app as default };

package/dist/domains/evals/routes/index.d.ts

@@ -1,7 +1,7 @@
 import { OpenAPIHono } from "@hono/zod-openapi";
-import * as hono0 from "hono";
+import * as hono13 from "hono";
 
 //#region src/domains/evals/routes/index.d.ts
-declare const app: OpenAPIHono<hono0.Env, {}, "/">;
+declare const app: OpenAPIHono<hono13.Env, {}, "/">;
 //#endregion
 export { app as default };

package/dist/domains/evals/workflow/routes.d.ts

@@ -1,7 +1,7 @@
 import { Hono } from "hono";
-import * as hono_types5 from "hono/types";
+import * as hono_types7 from "hono/types";
 
 //#region src/domains/evals/workflow/routes.d.ts
-declare const workflowRoutes: Hono<hono_types5.BlankEnv, hono_types5.BlankSchema, "/">;
+declare const workflowRoutes: Hono<hono_types7.BlankEnv, hono_types7.BlankSchema, "/">;
 //#endregion
 export { workflowRoutes };

package/dist/domains/manage/routes/conversations.d.ts

@@ -1,7 +1,7 @@
 import { OpenAPIHono } from "@hono/zod-openapi";
-import * as hono3 from "hono";
+import * as hono0 from "hono";
 
 //#region src/domains/manage/routes/conversations.d.ts
-declare const app: OpenAPIHono<hono3.Env, {}, "/">;
+declare const app: OpenAPIHono<hono0.Env, {}, "/">;
 //#endregion
 export { app as default };

package/dist/domains/manage/routes/evals/evaluationResults.d.ts

@@ -1,7 +1,7 @@
 import { OpenAPIHono } from "@hono/zod-openapi";
-import * as hono18 from "hono";
+import * as hono14 from "hono";
 
 //#region src/domains/manage/routes/evals/evaluationResults.d.ts
-declare const app: OpenAPIHono<hono18.Env, {}, "/">;
+declare const app: OpenAPIHono<hono14.Env, {}, "/">;
 //#endregion
 export { app as default };

package/dist/domains/manage/routes/index.d.ts

@@ -1,7 +1,7 @@
 import { OpenAPIHono } from "@hono/zod-openapi";
-import * as hono17 from "hono";
+import * as hono9 from "hono";
 
 //#region src/domains/manage/routes/index.d.ts
-declare const app: OpenAPIHono<hono17.Env, {}, "/">;
+declare const app: OpenAPIHono<hono9.Env, {}, "/">;
 //#endregion
 export { app as default };

package/dist/domains/manage/routes/mcp.d.ts

@@ -1,7 +1,7 @@
 import { Hono } from "hono";
-import * as hono_types8 from "hono/types";
+import * as hono_types5 from "hono/types";
 
 //#region src/domains/manage/routes/mcp.d.ts
-declare const app: Hono<hono_types8.BlankEnv, hono_types8.BlankSchema, "/">;
+declare const app: Hono<hono_types5.BlankEnv, hono_types5.BlankSchema, "/">;
 //#endregion
 export { app as default };

package/dist/domains/manage/routes/signoz.d.ts

@@ -1,10 +1,10 @@
 import { ManageAppVariables } from "../../../types/app.js";
 import { Hono } from "hono";
-import * as hono_types7 from "hono/types";
+import * as hono_types9 from "hono/types";
 
 //#region src/domains/manage/routes/signoz.d.ts
 declare const app: Hono<{
   Variables: ManageAppVariables;
-}, hono_types7.BlankSchema, "/">;
+}, hono_types9.BlankSchema, "/">;
 //#endregion
 export { app as default };

package/dist/domains/manage/routes/triggers.js

@@ -4,11 +4,21 @@ import runDbClient_default from "../../../data/db/runDbClient.js";
 import { requireProjectPermission } from "../../../middleware/projectAccess.js";
 import { speakeasyOffsetLimitPagination } from "../../../utils/speakeasy.js";
 import { OpenAPIHono, createRoute, z } from "@hono/zod-openapi";
-import { PaginationQueryParamsSchema, TenantProjectAgentIdParamsSchema, TenantProjectAgentParamsSchema, TriggerApiInsertSchema, TriggerApiUpdateSchema, TriggerInvocationListResponse, TriggerInvocationResponse, TriggerInvocationStatusEnum, TriggerWithWebhookUrlListResponse, TriggerWithWebhookUrlResponse, commonGetErrorResponses, createApiError, createTrigger, deleteTrigger, generateId, getCredentialReference, getTriggerById, getTriggerInvocationById, hashAuthenticationHeaders, listTriggerInvocationsPaginated, listTriggersPaginated, updateTrigger } from "@inkeep/agents-core";
+import { PaginationQueryParamsSchema, TenantProjectAgentIdParamsSchema, TenantProjectAgentParamsSchema, TriggerApiInsertSchema, TriggerApiSelectSchema, TriggerApiUpdateSchema, TriggerInvocationListResponse, TriggerInvocationResponse, TriggerInvocationStatusEnum, commonGetErrorResponses, createApiError, createTrigger, deleteTrigger, generateId, getTriggerById, getTriggerInvocationById, hashAuthenticationHeaders, listTriggerInvocationsPaginated, listTriggersPaginated, updateTrigger } from "@inkeep/agents-core";
 
 //#region src/domains/manage/routes/triggers.ts
 const logger = getLogger$1("triggers");
 const app = new OpenAPIHono();
+const TriggerResponse = z.object({ data: TriggerApiSelectSchema.extend({ webhookUrl: z.string().describe("Fully qualified webhook URL for this trigger") }) });
+const TriggerListResponse = z.object({
+	data: z.array(TriggerApiSelectSchema.extend({ webhookUrl: z.string().describe("Fully qualified webhook URL for this trigger") })),
+	pagination: z.object({
+		page: z.number(),
+		limit: z.number(),
+		total: z.number(),
+		pages: z.number()
+	})
+});
 app.use("/", async (c, next) => {
 	if (c.req.method === "POST") return requireProjectPermission("edit")(c, next);
 	return next();
@@ -41,7 +51,7 @@ app.openapi(createRoute({
 	responses: {
 		200: {
 			description: "List of triggers retrieved successfully",
-			content: { "application/json": { schema: TriggerWithWebhookUrlListResponse } }
+			content: { "application/json": { schema: TriggerListResponse } }
 		},
 		...commonGetErrorResponses
 	},
@@ -93,7 +103,7 @@ app.openapi(createRoute({
 	responses: {
 		200: {
 			description: "Trigger found",
-			content: { "application/json": { schema: TriggerWithWebhookUrlResponse } }
+			content: { "application/json": { schema: TriggerResponse } }
 		},
 		...commonGetErrorResponses
 	}
@@ -141,7 +151,7 @@ app.openapi(createRoute({
 	responses: {
 		201: {
 			description: "Trigger created successfully",
-			content: { "application/json": { schema: TriggerWithWebhookUrlResponse } }
+			content: { "application/json": { schema: TriggerResponse } }
 		},
 		...commonGetErrorResponses
 	}
@@ -151,29 +161,12 @@ app.openapi(createRoute({
 	const body = c.req.valid("json");
 	const apiBaseUrl = env.INKEEP_AGENTS_API_URL;
 	const id = body.id || generateId();
-	logger.debug({
+	logger.info({
 		tenantId,
 		projectId,
 		agentId,
 		triggerId: id
 	}, "Creating trigger");
-	if (body.signingSecretCredentialReferenceId) {
-		const credentialRef = await getCredentialReference(db)({
-			scopes: {
-				tenantId,
-				projectId
-			},
-			id: body.signingSecretCredentialReferenceId
-		});
-		if (!credentialRef) throw createApiError({
-			code: "bad_request",
-			message: `Credential reference not found: ${body.signingSecretCredentialReferenceId}`
-		});
-		if (credentialRef.userId) throw createApiError({
-			code: "bad_request",
-			message: "Only project-scoped credentials can be attached to triggers. User-scoped credentials are not allowed."
-		});
-	}
 	let hashedAuthentication;
 	const authInput = body.authentication;
 	if (authInput?.headers && authInput.headers.length > 0) hashedAuthentication = { headers: await hashAuthenticationHeaders(authInput.headers) };
@@ -189,8 +182,7 @@ app.openapi(createRoute({
 		outputTransform: body.outputTransform,
 		messageTemplate: body.messageTemplate,
 		authentication: hashedAuthentication,
-		signingSecretCredentialReferenceId: body.signingSecretCredentialReferenceId,
-		signatureVerification: body.signatureVerification
+		signingSecret: body.signingSecret
 	});
 	const { tenantId: _tid, projectId: _pid, agentId: _aid, ...triggerWithoutScopes } = trigger;
 	return c.json({ data: {
@@ -220,7 +212,7 @@ app.openapi(createRoute({
 	responses: {
 		200: {
 			description: "Trigger updated successfully",
-			content: { "application/json": { schema: TriggerWithWebhookUrlResponse } }
+			content: { "application/json": { schema: TriggerResponse } }
 		},
 		...commonGetErrorResponses
 	}
@@ -229,33 +221,16 @@ app.openapi(createRoute({
 	const { tenantId, projectId, agentId, id } = c.req.valid("param");
 	const body = c.req.valid("json");
 	const apiBaseUrl = env.INKEEP_AGENTS_API_URL;
-	if (!(body.name !== void 0 || body.description !== void 0 || body.enabled !== void 0 || body.inputSchema !== void 0 || body.outputTransform !== void 0 || body.messageTemplate !== void 0 || body.authentication !== void 0 || body.signingSecretCredentialReferenceId !== void 0 || body.signatureVerification !== void 0)) throw createApiError({
+	if (!(body.name !== void 0 || body.description !== void 0 || body.enabled !== void 0 || body.inputSchema !== void 0 || body.outputTransform !== void 0 || body.messageTemplate !== void 0 || body.authentication !== void 0 || body.signingSecret !== void 0 || body.keepExistingSigningSecret !== void 0)) throw createApiError({
 		code: "bad_request",
 		message: "No fields to update"
 	});
-	logger.debug({
+	logger.info({
 		tenantId,
 		projectId,
 		agentId,
 		triggerId: id
 	}, "Updating trigger");
-	if (body.signingSecretCredentialReferenceId) {
-		const credentialRef = await getCredentialReference(db)({
-			scopes: {
-				tenantId,
-				projectId
-			},
-			id: body.signingSecretCredentialReferenceId
-		});
-		if (!credentialRef) throw createApiError({
-			code: "bad_request",
-			message: `Credential reference not found: ${body.signingSecretCredentialReferenceId}`
-		});
-		if (credentialRef.userId) throw createApiError({
-			code: "bad_request",
-			message: "Only project-scoped credentials can be attached to triggers. User-scoped credentials are not allowed."
-		});
-	}
 	let hashedAuthentication;
 	const authInput = body.authentication;
 	if (authInput?.headers && authInput.headers.length > 0) {
@@ -284,6 +259,7 @@ app.openapi(createRoute({
 		}
 		hashedAuthentication = hashedHeaders.length > 0 ? { headers: hashedHeaders } : void 0;
 	} else if (body.authentication !== void 0) hashedAuthentication = body.authentication;
+	const signingSecretUpdate = body.keepExistingSigningSecret ? void 0 : body.signingSecret;
 	const updatedTrigger = await updateTrigger(db)({
 		scopes: {
 			tenantId,
@@ -299,8 +275,7 @@ app.openapi(createRoute({
 			outputTransform: body.outputTransform,
 			messageTemplate: body.messageTemplate,
 			authentication: hashedAuthentication,
-			signingSecretCredentialReferenceId: body.signingSecretCredentialReferenceId,
-			signatureVerification: body.signatureVerification
+			signingSecret: signingSecretUpdate
 		}
 	});
 	if (!updatedTrigger) throw createApiError({
@@ -336,7 +311,7 @@ app.openapi(createRoute({
 }), async (c) => {
 	const db = c.get("db");
 	const { tenantId, projectId, agentId, id } = c.req.valid("param");
-	logger.debug({
+	logger.info({
 		tenantId,
 		projectId,
 		agentId,
@@ -397,7 +372,7 @@ app.openapi(createRoute({
 }), async (c) => {
 	const { tenantId, projectId, agentId, id: triggerId } = c.req.valid("param");
 	const { page, limit, status, from, to } = c.req.valid("query");
-	logger.debug({
+	logger.info({
 		tenantId,
 		projectId,
 		agentId,
@@ -451,7 +426,7 @@ app.openapi(createRoute({
 	}
 }), async (c) => {
 	const { tenantId, projectId, agentId, id: triggerId, invocationId } = c.req.valid("param");
-	logger.debug({
+	logger.info({
 		tenantId,
 		projectId,
 		agentId,

package/dist/domains/run/agents/relationTools.d.ts

@@ -1,6 +1,6 @@
 import { AgentConfig, DelegateRelation } from "./Agent.js";
 import { InternalRelation } from "../utils/project.js";
-import * as _inkeep_agents_core1 from "@inkeep/agents-core";
+import * as _inkeep_agents_core0 from "@inkeep/agents-core";
 import { CredentialStoreRegistry, FullExecutionContext } from "@inkeep/agents-core";
 import * as ai0 from "ai";
 
@@ -44,7 +44,7 @@ declare function createDelegateToAgentTool({
   message: string;
 }, {
   toolCallId: any;
-  result: _inkeep_agents_core1.Message | _inkeep_agents_core1.Task;
+  result: _inkeep_agents_core0.Message | _inkeep_agents_core0.Task;
 }>;
 /**
  * Parameters for building a transfer relation config

package/dist/domains/run/routes/webhooks.js

@@ -55,10 +55,6 @@ const triggerWebhookRoute = createRoute({
 		422: {
 			description: "Payload transformation failed",
 			content: { "application/json": { schema: z.object({ error: z.string() }) } }
-		},
-		500: {
-			description: "Internal server error",
-			content: { "application/json": { schema: z.object({ error: z.string() }) } }
 		}
 	}
 });

package/dist/domains/run/services/TriggerService.d.ts

@@ -19,7 +19,7 @@ type TriggerWebhookResult = {
 } | {
   success: false;
   error: string;
-  status: 400 | 401 | 403 | 404 | 422 | 500;
+  status: 400 | 401 | 403 | 404 | 422;
   validationErrors?: string[];
 };
 /**

package/dist/domains/run/services/TriggerService.js

@@ -4,15 +4,13 @@ import manageDbPool_default from "../../../data/db/manageDbPool.js";
 import runDbClient_default from "../../../data/db/runDbClient.js";
 import { createSSEStreamHelper } from "../utils/stream-helpers.js";
 import { ExecutionHandler } from "../handlers/executionHandler.js";
-import { JsonTransformer, createKeyChainStore, createMessage, createOrGetConversation, createTriggerInvocation, generateId, getConversationId, getCredentialReference, getCredentialStoreLookupKeyFromRetrievalParams, getFullProjectWithRelationIds, getTriggerById, interpolateTemplate, setActiveAgentForConversation, updateTriggerInvocationStatus, verifySignatureWithConfig, verifyTriggerAuth, withRef } from "@inkeep/agents-core";
+import { JsonTransformer, createMessage, createOrGetConversation, createTriggerInvocation, generateId, getConversationId, getFullProjectWithRelationIds, getTriggerById, interpolateTemplate, setActiveAgentForConversation, updateTriggerInvocationStatus, verifySigningSecret, verifyTriggerAuth, withRef } from "@inkeep/agents-core";
 import { ROOT_CONTEXT, SpanStatusCode, propagation, trace } from "@opentelemetry/api";
 import Ajv from "ajv";
 
 //#region src/domains/run/services/TriggerService.ts
 const logger = getLogger$1("TriggerService");
 const ajv = new Ajv({ allErrors: true });
-const credentialCache = /* @__PURE__ */ new Map();
-const CACHE_TTL_MS = 300 * 1e3;
 /**
 * Process a trigger webhook request.
 * Handles validation, transformation, and dispatches async execution.
@@ -39,14 +37,7 @@ async function processWebhook(params) {
 	const payload = rawBody ? JSON.parse(rawBody) : {};
 	const authResult = await verifyAuthentication(trigger, honoContext);
 	if (!authResult.success) return authResult;
-	const signatureResult = await verifySignature({
-		trigger,
-		tenantId,
-		projectId,
-		resolvedRef,
-		honoContext,
-		rawBody
-	});
+	const signatureResult = verifySignature(trigger, honoContext, rawBody);
 	if (!signatureResult.success) return signatureResult;
 	const validationResult = validatePayload(trigger, payload);
 	if (!validationResult.success) return validationResult;
@@ -103,106 +94,15 @@ async function verifyAuthentication(trigger, honoContext) {
 	}
 	return { success: true };
 }
-/**
-* Resolve signing secret from credential reference with caching
-*/
-async function resolveSigningSecret(params) {
-	const { tenantId, projectId, credentialReferenceId, resolvedRef } = params;
-	const cacheKey = `${tenantId}:${projectId}:${credentialReferenceId}`;
-	const cached = credentialCache.get(cacheKey);
-	if (cached && cached.expiresAt > Date.now()) return cached.secret;
-	const credentialRef = await withRef(manageDbPool_default, resolvedRef, (db) => getCredentialReference(db)({
-		scopes: {
-			tenantId,
-			projectId
-		},
-		id: credentialReferenceId
-	}));
-	if (!credentialRef) {
-		logger.warn({
-			tenantId,
-			projectId,
-			credentialReferenceId
-		}, "Credential reference not found");
-		return null;
-	}
-	const lookupKey = getCredentialStoreLookupKeyFromRetrievalParams({
-		retrievalParams: credentialRef.retrievalParams ?? {},
-		credentialStoreType: credentialRef.type
-	});
-	if (!lookupKey) {
-		logger.warn({
-			tenantId,
-			projectId,
-			credentialReferenceId,
-			retrievalParams: credentialRef.retrievalParams
-		}, "Could not determine lookup key from credential reference");
-		return null;
-	}
-	let secret = null;
-	if (credentialRef.type === "keychain" || credentialRef.credentialStoreId?.startsWith("keychain")) secret = await createKeyChainStore(credentialRef.credentialStoreId ?? "keychain-default").get(lookupKey);
-	else {
-		logger.warn({
-			credentialStoreType: credentialRef.type,
-			credentialStoreId: credentialRef.credentialStoreId
-		}, "Unsupported credential store type for signing secret");
-		return null;
-	}
-	if (!secret) {
-		logger.warn({
-			tenantId,
-			projectId,
-			credentialReferenceId,
-			lookupKey
-		}, "No secret found in credential store");
-		return null;
-	}
-	if (secret.startsWith("{")) try {
-		const parsed = JSON.parse(secret);
-		const extractedSecret = parsed.access_token || parsed.secret || parsed.value || parsed.token || parsed.key;
-		if (extractedSecret && typeof extractedSecret === "string") secret = extractedSecret;
-	} catch {}
-	credentialCache.set(cacheKey, {
-		secret,
-		expiresAt: Date.now() + CACHE_TTL_MS
-	});
-	return secret;
-}
-async function verifySignature(params) {
-	const { trigger, tenantId, projectId, resolvedRef, honoContext, rawBody } = params;
-	if (!trigger.signatureVerification || !trigger.signingSecretCredentialReferenceId) return { success: true };
-	try {
-		const secret = await resolveSigningSecret({
-			tenantId,
-			projectId,
-			credentialReferenceId: trigger.signingSecretCredentialReferenceId,
-			resolvedRef
-		});
-		if (!secret) return {
-			success: false,
-			error: "Failed to resolve signing secret from credential reference",
-			status: 500
-		};
-		const result = verifySignatureWithConfig(honoContext, trigger.signatureVerification, secret, rawBody);
-		if (!result.success) return {
-			success: false,
-			error: result.message || "Invalid signature",
-			status: 403
-		};
-		return { success: true };
-	} catch (error) {
-		const errorMessage = error instanceof Error ? error.message : String(error);
-		logger.error({
-			error: errorMessage,
-			tenantId,
-			projectId
-		}, "Error during signature verification");
-		return {
-			success: false,
-			error: "Signature verification failed",
-			status: 500
-		};
-	}
+function verifySignature(trigger, honoContext, rawBody) {
+	if (!trigger.signingSecret) return { success: true };
+	const signatureResult = verifySigningSecret(honoContext, trigger.signingSecret, rawBody);
+	if (!signatureResult.success) return {
+		success: false,
+		error: signatureResult.message || "Invalid signature",
+		status: 403
+	};
+	return { success: true };
 }
 function validatePayload(trigger, payload) {
 	if (!trigger.inputSchema) return { success: true };

package/dist/domains/run/tools/NativeSandboxExecutor.js

@@ -312,6 +312,8 @@ var NativeSandboxExecutor = class {
 			mkdirSync(runDir, { recursive: true });
 			writeFileSync(join(runDir, `index.${moduleType === "esm" ? "mjs" : "cjs"}`), executionCode, "utf8");
 			return await this.executeInSandbox(runDir, config.sandboxConfig?.timeout || FUNCTION_TOOL_EXECUTION_TIMEOUT_MS_DEFAULT, moduleType, config.sandboxConfig);
+		} catch (error) {
+			throw error;
 		} finally {
 			if (runDir) try {
 				rmSync(runDir, {

package/dist/domains/run/utils/token-estimator.d.ts

@@ -1,4 +1,4 @@
-import * as _inkeep_agents_core3 from "@inkeep/agents-core";
+import * as _inkeep_agents_core2 from "@inkeep/agents-core";
 import { BreakdownComponentDef, ContextBreakdown, calculateBreakdownTotal, createEmptyBreakdown } from "@inkeep/agents-core";
 
 //#region src/domains/run/utils/token-estimator.d.ts
@@ -17,7 +17,7 @@ interface AssembleResult {
   /** The assembled prompt string */
   prompt: string;
   /** Token breakdown for each component */
-  breakdown: _inkeep_agents_core3.ContextBreakdown;
+  breakdown: _inkeep_agents_core2.ContextBreakdown;
 }
 //#endregion
 export { AssembleResult, type BreakdownComponentDef, type ContextBreakdown, calculateBreakdownTotal, createEmptyBreakdown, estimateTokens };

package/dist/middleware/manageAuth.d.ts

@@ -1,4 +1,4 @@
-import * as hono2 from "hono";
+import * as hono18 from "hono";
 import { BaseExecutionContext } from "@inkeep/agents-core";
 import { createAuth } from "@inkeep/agents-core/auth";
 
@@ -12,7 +12,7 @@ import { createAuth } from "@inkeep/agents-core/auth";
  * 3. Database API key
  * 4. Internal service token
  */
-declare const manageApiKeyAuth: () => hono2.MiddlewareHandler<{
+declare const manageApiKeyAuth: () => hono18.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     userId?: string;

package/dist/middleware/projectAccess.d.ts

@@ -1,5 +1,5 @@
 import { ManageAppVariables } from "../types/app.js";
-import * as hono4 from "hono";
+import * as hono17 from "hono";
 
 //#region src/middleware/projectAccess.d.ts
 
@@ -26,6 +26,6 @@ declare const requireProjectPermission: <Env$1 extends {
   Variables: ManageAppVariables;
 } = {
   Variables: ManageAppVariables;
-}>(permission?: ProjectPermission) => hono4.MiddlewareHandler<Env$1, string, {}, Response>;
+}>(permission?: ProjectPermission) => hono17.MiddlewareHandler<Env$1, string, {}, Response>;
 //#endregion
 export { ProjectPermission, requireProjectPermission };

package/dist/middleware/projectConfig.d.ts

@@ -1,11 +1,11 @@
-import * as hono5 from "hono";
+import * as hono15 from "hono";
 import { BaseExecutionContext, ResolvedRef } from "@inkeep/agents-core";
 
 //#region src/middleware/projectConfig.d.ts
 /**
  * Middleware that fetches the full project definition from the Management API
  */
-declare const projectConfigMiddleware: hono5.MiddlewareHandler<{
+declare const projectConfigMiddleware: hono15.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     resolvedRef: ResolvedRef;
@@ -15,7 +15,7 @@ declare const projectConfigMiddleware: hono5.MiddlewareHandler<{
  * Creates a middleware that applies project config fetching except for specified route patterns
  * @param skipRouteCheck - Function that returns true if the route should skip the middleware
  */
-declare const projectConfigMiddlewareExcept: (skipRouteCheck: (path: string) => boolean) => hono5.MiddlewareHandler<{
+declare const projectConfigMiddlewareExcept: (skipRouteCheck: (path: string) => boolean) => hono15.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     resolvedRef: ResolvedRef;

package/dist/middleware/requirePermission.d.ts

@@ -1,5 +1,5 @@
 import { ManageAppVariables } from "../types/app.js";
-import * as hono7 from "hono";
+import * as hono2 from "hono";
 
 //#region src/middleware/requirePermission.d.ts
 type Permission = {
@@ -9,6 +9,6 @@ declare const requirePermission: <Env$1 extends {
   Variables: ManageAppVariables;
 } = {
   Variables: ManageAppVariables;
-}>(permissions: Permission) => hono7.MiddlewareHandler<Env$1, string, {}, Response>;
+}>(permissions: Permission) => hono2.MiddlewareHandler<Env$1, string, {}, Response>;
 //#endregion
 export { requirePermission };

package/dist/middleware/runAuth.d.ts

@@ -1,8 +1,8 @@
-import * as hono8 from "hono";
+import * as hono3 from "hono";
 import { BaseExecutionContext } from "@inkeep/agents-core";
 
 //#region src/middleware/runAuth.d.ts
-declare const runApiKeyAuth: () => hono8.MiddlewareHandler<{
+declare const runApiKeyAuth: () => hono3.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
   };
@@ -11,7 +11,7 @@ declare const runApiKeyAuth: () => hono8.MiddlewareHandler<{
  * Creates a middleware that applies API key authentication except for specified route patterns
  * @param skipRouteCheck - Function that returns true if the route should skip authentication
  */
-declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) => hono8.MiddlewareHandler<{
+declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) => hono3.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
   };
@@ -20,7 +20,7 @@ declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) =
  * Helper middleware for endpoints that optionally support API key authentication
  * If no auth header is present, it continues without setting the executionContext
  */
-declare const runOptionalAuth: () => hono8.MiddlewareHandler<{
+declare const runOptionalAuth: () => hono3.MiddlewareHandler<{
   Variables: {
     executionContext?: BaseExecutionContext;
   };

package/dist/middleware/sessionAuth.d.ts

@@ -1,4 +1,4 @@
-import * as hono11 from "hono";
+import * as hono6 from "hono";
 
 //#region src/middleware/sessionAuth.d.ts
 
@@ -7,11 +7,11 @@ import * as hono11 from "hono";
  * Requires that a user has already been authenticated via Better Auth session.
  * Used primarily for manage routes that require an active user session.
  */
-declare const sessionAuth: () => hono11.MiddlewareHandler<any, string, {}, Response>;
+declare const sessionAuth: () => hono6.MiddlewareHandler<any, string, {}, Response>;
 /**
  * Global session middleware - sets user and session in context for all routes
  * Used for all routes that require an active user session.
  */
-declare const sessionContext: () => hono11.MiddlewareHandler<any, string, {}, Response>;
+declare const sessionContext: () => hono6.MiddlewareHandler<any, string, {}, Response>;
 //#endregion
 export { sessionAuth, sessionContext };

package/dist/middleware/tenantAccess.d.ts

@@ -1,4 +1,4 @@
-import * as hono13 from "hono";
+import * as hono8 from "hono";
 
 //#region src/middleware/tenantAccess.d.ts
 
@@ -11,7 +11,7 @@ import * as hono13 from "hono";
  * - API key user: Access only to the tenant associated with the API key
  * - Session user: Access based on organization membership
  */
-declare const requireTenantAccess: () => hono13.MiddlewareHandler<{
+declare const requireTenantAccess: () => hono8.MiddlewareHandler<{
   Variables: {
     userId: string;
     tenantId: string;

package/dist/middleware/tracing.d.ts

@@ -1,7 +1,7 @@
-import * as hono14 from "hono";
+import * as hono10 from "hono";
 
 //#region src/middleware/tracing.d.ts
-declare const otelBaggageMiddleware: () => hono14.MiddlewareHandler<any, string, {}, Response>;
-declare const executionBaggageMiddleware: () => hono14.MiddlewareHandler<any, string, {}, Response>;
+declare const otelBaggageMiddleware: () => hono10.MiddlewareHandler<any, string, {}, Response>;
+declare const executionBaggageMiddleware: () => hono10.MiddlewareHandler<any, string, {}, Response>;
 //#endregion
 export { executionBaggageMiddleware, otelBaggageMiddleware };