@inkeep/agents-api 0.0.0-dev-20260212152525 → 0.0.0-dev-20260212154015

package/dist/middleware/evalsAuth.d.ts

@@ -1,5 +1,5 @@
 import { BaseExecutionContext } from "@inkeep/agents-core";
-import * as hono15 from "hono";
+import * as hono1 from "hono";
 
 //#region src/middleware/evalsAuth.d.ts
 
@@ -7,7 +7,7 @@ import * as hono15 from "hono";
  * Middleware to authenticate API requests using Bearer token authentication
  * First checks if token matches INKEEP_AGENTS_EVAL_API_BYPASS_SECRET,
  */
-declare const evalApiKeyAuth: () => hono15.MiddlewareHandler<{
+declare const evalApiKeyAuth: () => hono1.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
   };

package/dist/middleware/manageAuth.d.ts

@@ -1,5 +1,5 @@
 import { BaseExecutionContext } from "@inkeep/agents-core";
-import * as hono18 from "hono";
+import * as hono10 from "hono";
 import { createAuth } from "@inkeep/agents-core/auth";
 
 //#region src/middleware/manageAuth.d.ts
@@ -12,7 +12,7 @@ import { createAuth } from "@inkeep/agents-core/auth";
  * 3. Database API key
  * 4. Internal service token
  */
-declare const manageApiKeyAuth: () => hono18.MiddlewareHandler<{
+declare const manageApiKeyAuth: () => hono10.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     userId?: string;

package/dist/middleware/projectAccess.d.ts

@@ -1,6 +1,6 @@
 import { ManageAppVariables } from "../types/app.js";
 import { ProjectPermissionLevel } from "@inkeep/agents-core";
-import * as hono1 from "hono";
+import * as hono9 from "hono";
 
 //#region src/middleware/projectAccess.d.ts
 /**
@@ -10,6 +10,6 @@ declare const requireProjectPermission: <Env$1 extends {
   Variables: ManageAppVariables;
 } = {
   Variables: ManageAppVariables;
-}>(permission?: ProjectPermissionLevel) => hono1.MiddlewareHandler<Env$1, string, {}, Response>;
+}>(permission?: ProjectPermissionLevel) => hono9.MiddlewareHandler<Env$1, string, {}, Response>;
 //#endregion
 export { requireProjectPermission };

package/dist/middleware/projectConfig.d.ts

@@ -1,11 +1,11 @@
 import { BaseExecutionContext, ResolvedRef } from "@inkeep/agents-core";
-import * as hono0 from "hono";
+import * as hono12 from "hono";
 
 //#region src/middleware/projectConfig.d.ts
 /**
  * Middleware that fetches the full project definition from the Management API
  */
-declare const projectConfigMiddleware: hono0.MiddlewareHandler<{
+declare const projectConfigMiddleware: hono12.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     resolvedRef: ResolvedRef;
@@ -15,7 +15,7 @@ declare const projectConfigMiddleware: hono0.MiddlewareHandler<{
  * Creates a middleware that applies project config fetching except for specified route patterns
  * @param skipRouteCheck - Function that returns true if the route should skip the middleware
  */
-declare const projectConfigMiddlewareExcept: (skipRouteCheck: (path: string) => boolean) => hono0.MiddlewareHandler<{
+declare const projectConfigMiddlewareExcept: (skipRouteCheck: (path: string) => boolean) => hono12.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
     resolvedRef: ResolvedRef;

package/dist/middleware/requirePermission.d.ts

@@ -1,5 +1,5 @@
 import { ManageAppVariables } from "../types/app.js";
-import * as hono4 from "hono";
+import * as hono11 from "hono";
 
 //#region src/middleware/requirePermission.d.ts
 type Permission = {
@@ -9,6 +9,6 @@ declare const requirePermission: <Env$1 extends {
   Variables: ManageAppVariables;
 } = {
   Variables: ManageAppVariables;
-}>(permissions: Permission) => hono4.MiddlewareHandler<Env$1, string, {}, Response>;
+}>(permissions: Permission) => hono11.MiddlewareHandler<Env$1, string, {}, Response>;
 //#endregion
 export { requirePermission };

package/dist/middleware/runAuth.d.ts

@@ -1,8 +1,8 @@
 import { BaseExecutionContext } from "@inkeep/agents-core";
-import * as hono6 from "hono";
+import * as hono2 from "hono";
 
 //#region src/middleware/runAuth.d.ts
-declare const runApiKeyAuth: () => hono6.MiddlewareHandler<{
+declare const runApiKeyAuth: () => hono2.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
   };
@@ -11,7 +11,7 @@ declare const runApiKeyAuth: () => hono6.MiddlewareHandler<{
  * Creates a middleware that applies API key authentication except for specified route patterns
  * @param skipRouteCheck - Function that returns true if the route should skip authentication
  */
-declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) => hono6.MiddlewareHandler<{
+declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) => hono2.MiddlewareHandler<{
   Variables: {
     executionContext: BaseExecutionContext;
   };
@@ -20,7 +20,7 @@ declare const runApiKeyAuthExcept: (skipRouteCheck: (path: string) => boolean) =
  * Helper middleware for endpoints that optionally support API key authentication
  * If no auth header is present, it continues without setting the executionContext
  */
-declare const runOptionalAuth: () => hono6.MiddlewareHandler<{
+declare const runOptionalAuth: () => hono2.MiddlewareHandler<{
   Variables: {
     executionContext?: BaseExecutionContext;
   };

package/dist/middleware/sessionAuth.d.ts

@@ -1,4 +1,4 @@
-import * as hono9 from "hono";
+import * as hono5 from "hono";
 
 //#region src/middleware/sessionAuth.d.ts
 
@@ -7,11 +7,11 @@ import * as hono9 from "hono";
  * Requires that a user has already been authenticated via Better Auth session.
  * Used primarily for manage routes that require an active user session.
  */
-declare const sessionAuth: () => hono9.MiddlewareHandler<any, string, {}, Response>;
+declare const sessionAuth: () => hono5.MiddlewareHandler<any, string, {}, Response>;
 /**
  * Global session middleware - sets user and session in context for all routes
  * Used for all routes that require an active user session.
  */
-declare const sessionContext: () => hono9.MiddlewareHandler<any, string, {}, Response>;
+declare const sessionContext: () => hono5.MiddlewareHandler<any, string, {}, Response>;
 //#endregion
 export { sessionAuth, sessionContext };

package/dist/middleware/tenantAccess.d.ts

@@ -1,4 +1,4 @@
-import * as hono11 from "hono";
+import * as hono0 from "hono";
 
 //#region src/middleware/tenantAccess.d.ts
 
@@ -11,7 +11,7 @@ import * as hono11 from "hono";
  * - API key user: Access only to the tenant associated with the API key
  * - Session user: Access based on organization membership
  */
-declare const requireTenantAccess: () => hono11.MiddlewareHandler<{
+declare const requireTenantAccess: () => hono0.MiddlewareHandler<{
   Variables: {
     userId: string;
     tenantId: string;

package/dist/middleware/tracing.d.ts

@@ -1,7 +1,7 @@
-import * as hono12 from "hono";
+import * as hono7 from "hono";
 
 //#region src/middleware/tracing.d.ts
-declare const otelBaggageMiddleware: () => hono12.MiddlewareHandler<any, string, {}, Response>;
-declare const executionBaggageMiddleware: () => hono12.MiddlewareHandler<any, string, {}, Response>;
+declare const otelBaggageMiddleware: () => hono7.MiddlewareHandler<any, string, {}, Response>;
+declare const executionBaggageMiddleware: () => hono7.MiddlewareHandler<any, string, {}, Response>;
 //#endregion
 export { executionBaggageMiddleware, otelBaggageMiddleware };

package/dist/middleware/tracing.js

@@ -1,6 +1,6 @@
 import { getLogger } from "../logger.js";
-import { createMiddleware } from "hono/factory";
 import { context, propagation } from "@opentelemetry/api";
+import { createMiddleware } from "hono/factory";
 
 //#region src/middleware/tracing.ts
 const logger = getLogger("tracing-middleware");

package/dist/utils/in-process-fetch.d.ts

@@ -0,0 +1,30 @@
+//#region src/utils/in-process-fetch.d.ts
+/**
+ * In-process fetch transport for internal self-calls.
+ *
+ * Routes requests through the Hono app's full middleware stack in-process
+ * rather than over the network. This guarantees same-instance execution,
+ * which is critical for features that rely on process-local state
+ * (e.g. the stream helper registry for real-time SSE streaming).
+ *
+ * Drop-in replacement for `fetch()` — same signature, same return type.
+ * Throws in production if the app hasn't been registered.
+ * Falls back to global `fetch` in test environments where the full app
+ * may not be initialized.
+ *
+ * **IMPORTANT**: Any code making internal A2A calls or self-referencing API
+ * calls within agents-api MUST use `getInProcessFetch()` instead of global
+ * `fetch`. Using regular `fetch` for same-service calls causes requests to
+ * leave the process and hit the load balancer, which may route them to a
+ * different instance — breaking features that depend on process-local state
+ * (e.g. stream helper registry, in-memory caches). This only manifests under
+ * load in multi-instance deployments and is extremely difficult to debug.
+ *
+ * @example
+ * import { getInProcessFetch } from './utils/in-process-fetch';
+ * const response = await getInProcessFetch()(url, init);
+ */
+declare function registerAppFetch(fn: typeof fetch): void;
+declare function getInProcessFetch(): typeof fetch;
+//#endregion
+export { getInProcessFetch, registerAppFetch };

package/dist/utils/in-process-fetch.js

@@ -0,0 +1,51 @@
+import { getLogger } from "../logger.js";
+import { trace } from "@opentelemetry/api";
+
+//#region src/utils/in-process-fetch.ts
+/**
+* In-process fetch transport for internal self-calls.
+*
+* Routes requests through the Hono app's full middleware stack in-process
+* rather than over the network. This guarantees same-instance execution,
+* which is critical for features that rely on process-local state
+* (e.g. the stream helper registry for real-time SSE streaming).
+*
+* Drop-in replacement for `fetch()` — same signature, same return type.
+* Throws in production if the app hasn't been registered.
+* Falls back to global `fetch` in test environments where the full app
+* may not be initialized.
+*
+* **IMPORTANT**: Any code making internal A2A calls or self-referencing API
+* calls within agents-api MUST use `getInProcessFetch()` instead of global
+* `fetch`. Using regular `fetch` for same-service calls causes requests to
+* leave the process and hit the load balancer, which may route them to a
+* different instance — breaking features that depend on process-local state
+* (e.g. stream helper registry, in-memory caches). This only manifests under
+* load in multi-instance deployments and is extremely difficult to debug.
+*
+* @example
+* import { getInProcessFetch } from './utils/in-process-fetch';
+* const response = await getInProcessFetch()(url, init);
+*/
+const logger = getLogger("in-process-fetch");
+let _appFetch;
+function registerAppFetch(fn) {
+	_appFetch = fn;
+}
+function getInProcessFetch() {
+	if (!_appFetch) {
+		if (process.env.ENVIRONMENT === "test" || process.env.ENVIRONMENT === "development") return fetch;
+		throw new Error("[in-process-fetch] App fetch not registered. Call registerAppFetch() during app initialization before handling requests.");
+	}
+	const appFetch = _appFetch;
+	return ((input, init) => {
+		const url = typeof input === "string" ? input : input instanceof URL ? input.href : input.url;
+		const activeSpan = trace.getActiveSpan();
+		if (activeSpan) activeSpan.setAttribute("http.route.in_process", true);
+		logger.debug({ url }, "Routing request in-process");
+		return appFetch(input, init);
+	});
+}
+
+//#endregion
+export { getInProcessFetch, registerAppFetch };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@inkeep/agents-api",
-  "version": "0.0.0-dev-20260212152525",
+  "version": "0.0.0-dev-20260212154015",
   "description": "Unified Inkeep Agents API - combines management, runtime, and evaluation capabilities",
   "types": "dist/index.d.ts",
   "exports": {
@@ -66,10 +66,10 @@
     "openid-client": "^6.8.1",
     "pg": "^8.16.3",
     "workflow": "4.0.1-beta.33",
-    "@inkeep/agents-core": "^0.0.0-dev-20260212152525",
-    "@inkeep/agents-manage-mcp": "^0.0.0-dev-20260212152525",
-    "@inkeep/agents-mcp": "^0.0.0-dev-20260212152525",
-    "@inkeep/agents-work-apps": "^0.0.0-dev-20260212152525"
+    "@inkeep/agents-core": "^0.0.0-dev-20260212154015",
+    "@inkeep/agents-manage-mcp": "^0.0.0-dev-20260212154015",
+    "@inkeep/agents-mcp": "^0.0.0-dev-20260212154015",
+    "@inkeep/agents-work-apps": "^0.0.0-dev-20260212154015"
   },
   "peerDependencies": {
     "@hono/zod-openapi": "^1.1.5",