@inkeep/agents-core 0.46.0 → 0.47.0

package/dist/auth/authz/types.d.ts

@@ -0,0 +1,92 @@
+//#region src/auth/authz/types.d.ts
+/**
+ * Client-safe authz types and constants.
+ * These can be safely imported in client-side code without any Node.js dependencies.
+ */
+/**
+ * SpiceDB resource types used in the schema
+ */
+declare const SpiceDbResourceTypes: {
+  readonly USER: "user";
+  readonly ORGANIZATION: "organization";
+  readonly PROJECT: "project";
+};
+/**
+ * SpiceDB relations used in the schema
+ *
+ * Relations are named as nouns (roles) per SpiceDB best practices.
+ * Project roles are prefixed for clarity when debugging/grepping.
+ */
+declare const SpiceDbRelations: {
+  readonly OWNER: "owner";
+  readonly ADMIN: "admin";
+  readonly MEMBER: "member";
+  readonly ORGANIZATION: "organization";
+  readonly PROJECT_ADMIN: "project_admin";
+  readonly PROJECT_MEMBER: "project_member";
+  readonly PROJECT_VIEWER: "project_viewer";
+};
+/**
+ * SpiceDB permissions for organization resources.
+ *
+ * From schema.zed definition organization:
+ * - view: owner + admin + member
+ * - manage: owner + admin (includes managing org settings and all projects)
+ */
+declare const SpiceDbOrgPermissions: {
+  readonly VIEW: "view";
+  readonly MANAGE: "manage";
+};
+type SpiceDbOrgPermission = (typeof SpiceDbOrgPermissions)[keyof typeof SpiceDbOrgPermissions];
+/**
+ * SpiceDB permissions for project resources.
+ *
+ * From schema.zed definition project:
+ * - view: read-only access to project and its resources
+ * - use: invoke agents, create API keys, view traces
+ * - edit: modify configurations, manage members
+ */
+declare const SpiceDbProjectPermissions: {
+  readonly VIEW: "view";
+  readonly USE: "use";
+  readonly EDIT: "edit";
+};
+type SpiceDbProjectPermission = (typeof SpiceDbProjectPermissions)[keyof typeof SpiceDbProjectPermissions];
+/**
+ * Permission levels for project access checks.
+ */
+type ProjectPermissionLevel = SpiceDbProjectPermission;
+/**
+ * Organization roles from SpiceDB schema.
+ */
+declare const OrgRoles: {
+  readonly OWNER: "owner";
+  readonly ADMIN: "admin";
+  readonly MEMBER: "member";
+};
+type OrgRole = (typeof OrgRoles)[keyof typeof OrgRoles];
+/**
+ * Project roles from SpiceDB schema.
+ *
+ * Hierarchy:
+ * - project_admin: Full access (view + use + edit + manage members)
+ * - project_member: Operator access (view + use: invoke agents, create API keys)
+ * - project_viewer: Read-only access (view only)
+ */
+declare const ProjectRoles: {
+  readonly ADMIN: "project_admin";
+  readonly MEMBER: "project_member";
+  readonly VIEWER: "project_viewer";
+};
+type ProjectRole = (typeof ProjectRoles)[keyof typeof ProjectRoles];
+/**
+ * Project permission capabilities.
+ * Maps to the SpiceDB permission checks (view, use, edit).
+ */
+interface ProjectPermissions {
+  canView: boolean;
+  canUse: boolean;
+  canEdit: boolean;
+}
+//#endregion
+export { OrgRole, OrgRoles, ProjectPermissionLevel, ProjectPermissions, ProjectRole, ProjectRoles, SpiceDbOrgPermission, SpiceDbOrgPermissions, SpiceDbProjectPermission, SpiceDbProjectPermissions, SpiceDbRelations, SpiceDbResourceTypes };

package/dist/auth/authz/types.js

@@ -0,0 +1,76 @@
+//#region src/auth/authz/types.ts
+/**
+* Client-safe authz types and constants.
+* These can be safely imported in client-side code without any Node.js dependencies.
+*/
+/**
+* SpiceDB resource types used in the schema
+*/
+const SpiceDbResourceTypes = {
+	USER: "user",
+	ORGANIZATION: "organization",
+	PROJECT: "project"
+};
+/**
+* SpiceDB relations used in the schema
+*
+* Relations are named as nouns (roles) per SpiceDB best practices.
+* Project roles are prefixed for clarity when debugging/grepping.
+*/
+const SpiceDbRelations = {
+	OWNER: "owner",
+	ADMIN: "admin",
+	MEMBER: "member",
+	ORGANIZATION: "organization",
+	PROJECT_ADMIN: "project_admin",
+	PROJECT_MEMBER: "project_member",
+	PROJECT_VIEWER: "project_viewer"
+};
+/**
+* SpiceDB permissions for organization resources.
+*
+* From schema.zed definition organization:
+* - view: owner + admin + member
+* - manage: owner + admin (includes managing org settings and all projects)
+*/
+const SpiceDbOrgPermissions = {
+	VIEW: "view",
+	MANAGE: "manage"
+};
+/**
+* SpiceDB permissions for project resources.
+*
+* From schema.zed definition project:
+* - view: read-only access to project and its resources
+* - use: invoke agents, create API keys, view traces
+* - edit: modify configurations, manage members
+*/
+const SpiceDbProjectPermissions = {
+	VIEW: "view",
+	USE: "use",
+	EDIT: "edit"
+};
+/**
+* Organization roles from SpiceDB schema.
+*/
+const OrgRoles = {
+	OWNER: "owner",
+	ADMIN: "admin",
+	MEMBER: "member"
+};
+/**
+* Project roles from SpiceDB schema.
+*
+* Hierarchy:
+* - project_admin: Full access (view + use + edit + manage members)
+* - project_member: Operator access (view + use: invoke agents, create API keys)
+* - project_viewer: Read-only access (view only)
+*/
+const ProjectRoles = {
+	ADMIN: "project_admin",
+	MEMBER: "project_member",
+	VIEWER: "project_viewer"
+};
+
+//#endregion
+export { OrgRoles, ProjectRoles, SpiceDbOrgPermissions, SpiceDbProjectPermissions, SpiceDbRelations, SpiceDbResourceTypes };

package/dist/auth/init.js

@@ -1,4 +1,4 @@
-import { OrgRoles } from "./authz/config.js";
+import { OrgRoles } from "./authz/types.js";
 import { loadEnvironmentFiles } from "../env.js";
 import { syncOrgMemberToSpiceDb } from "./authz/sync.js";
 import "./authz/index.js";
@@ -6,6 +6,7 @@ import { createAgentsRunDatabaseClient } from "../db/runtime/runtime-client.js";
 import { addUserToOrganization, upsertOrganization } from "../data-access/runtime/organizations.js";
 import { getUserByEmail } from "../data-access/runtime/users.js";
 import { createAuth } from "./auth.js";
+import { writeSpiceDbSchema } from "./spicedb-schema.js";
 
 //#region src/auth/init.ts
 /**
@@ -31,6 +32,15 @@ loadEnvironmentFiles();
 const TENANT_ID = process.env.TENANT_ID || "default";
 async function init() {
 	console.log("🚀 Initializing database with default organization and user...\n");
+	console.log("📜 Writing SpiceDB schema...");
+	try {
+		await writeSpiceDbSchema();
+		console.log("   ✅ SpiceDB schema applied");
+	} catch (error) {
+		console.error("   ❌ Failed to write SpiceDB schema:", error);
+		console.error("   Make sure SpiceDB is running (docker-compose.dbs.yml)");
+		process.exit(1);
+	}
 	const dbClient = createAgentsRunDatabaseClient();
 	const username = process.env.INKEEP_AGENTS_MANAGE_UI_USERNAME;
 	const password = process.env.INKEEP_AGENTS_MANAGE_UI_PASSWORD;
@@ -95,14 +105,14 @@ async function init() {
 			action: "add"
 		});
 		console.log("   ✅ Synced to SpiceDB");
-	} catch {
-		console.log("   ℹ️  SpiceDB sync failed");
+	} catch (error) {
+		console.error("❌ SpiceDB sync failed:", error);
 	}
 	console.log("\n================================================");
 	console.log("✅ Initialization complete!");
 	console.log("================================================");
 	console.log(`\nOrganization: ${TENANT_ID}`);
-	console.log(`Admin user:   ${username} (owner)`);
+	console.log(`Admin user:   ${username}`);
 	console.log("\nYou can now log in with these credentials.\n");
 	process.exit(0);
 }

package/dist/auth/password-reset-link-store.d.ts

@@ -0,0 +1,26 @@
+//#region src/auth/password-reset-link-store.d.ts
+type PasswordResetLinkEntry = {
+  email: string;
+  url: string;
+  token: string;
+};
+/**
+ * Sets up a listener that resolves when `setPasswordResetLink` fires for this email.
+ * Call BEFORE `auth.api.requestPasswordReset()`.
+ *
+ * This creates a per-request promise bridge: the `sendResetPassword` callback
+ * (configured in auth.ts) calls `setPasswordResetLink`, which resolves this promise
+ * within the same HTTP request on the same server instance.
+ */
+declare function waitForPasswordResetLink(email: string, timeoutMs?: number): Promise<PasswordResetLinkEntry>;
+/**
+ * Called from the `sendResetPassword` callback in auth config.
+ * Resolves the pending promise for this email (if any).
+ */
+declare function setPasswordResetLink(entry: {
+  email: string;
+  url: string;
+  token: string;
+}): void;
+//#endregion
+export { setPasswordResetLink, waitForPasswordResetLink };

package/dist/auth/password-reset-link-store.js

@@ -0,0 +1,40 @@
+//#region src/auth/password-reset-link-store.ts
+const pendingResolvers = /* @__PURE__ */ new Map();
+/**
+* Sets up a listener that resolves when `setPasswordResetLink` fires for this email.
+* Call BEFORE `auth.api.requestPasswordReset()`.
+*
+* This creates a per-request promise bridge: the `sendResetPassword` callback
+* (configured in auth.ts) calls `setPasswordResetLink`, which resolves this promise
+* within the same HTTP request on the same server instance.
+*/
+function waitForPasswordResetLink(email, timeoutMs = 1e4) {
+	const key = email.toLowerCase();
+	return new Promise((resolve, reject) => {
+		const timeout = setTimeout(() => {
+			pendingResolvers.delete(key);
+			reject(/* @__PURE__ */ new Error("Timed out waiting for password reset link"));
+		}, timeoutMs);
+		pendingResolvers.set(key, (entry) => {
+			clearTimeout(timeout);
+			pendingResolvers.delete(key);
+			resolve(entry);
+		});
+	});
+}
+/**
+* Called from the `sendResetPassword` callback in auth config.
+* Resolves the pending promise for this email (if any).
+*/
+function setPasswordResetLink(entry) {
+	const key = entry.email.toLowerCase();
+	const resolver = pendingResolvers.get(key);
+	if (resolver) resolver({
+		email: entry.email,
+		url: entry.url,
+		token: entry.token
+	});
+}
+
+//#endregion
+export { setPasswordResetLink, waitForPasswordResetLink };

package/dist/auth/permissions.d.ts

@@ -1,29 +1,29 @@
-import * as better_auth_plugins69 from "better-auth/plugins";
+import * as better_auth_plugins0 from "better-auth/plugins";
 import { AccessControl } from "better-auth/plugins/access";
 import { organizationClient } from "better-auth/client/plugins";
 
 //#region src/auth/permissions.d.ts
 declare const ac: AccessControl;
 declare const memberRole: {
-  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "ac" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>[key] | {
-    actions: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>[key];
+  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>[key] | {
+    actions: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>[key];
     connector: "OR" | "AND";
-  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins69.AuthorizeResponse;
-  statements: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>;
+  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
+  statements: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>;
 };
 declare const adminRole: {
-  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "ac" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>[key] | {
-    actions: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>[key];
+  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>[key] | {
+    actions: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>[key];
     connector: "OR" | "AND";
-  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins69.AuthorizeResponse;
-  statements: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>;
+  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
+  statements: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>;
 };
 declare const ownerRole: {
-  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "ac" | "team">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>[key] | {
-    actions: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>[key];
+  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>[key] | {
+    actions: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>[key];
     connector: "OR" | "AND";
-  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins69.AuthorizeResponse;
-  statements: better_auth_plugins69.Subset<"organization" | "member" | "invitation" | "project" | "ac" | "team", better_auth_plugins69.Statements>;
+  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
+  statements: better_auth_plugins0.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins0.Statements>;
 };
 //#endregion
 export { ac, adminRole, memberRole, organizationClient, ownerRole };

package/dist/auth/spicedb-schema.d.ts

@@ -0,0 +1,9 @@
+//#region src/auth/spicedb-schema.d.ts
+declare function writeSpiceDbSchema(options?: {
+  endpoint?: string;
+  token?: string;
+  schemaPath?: string;
+  maxRetries?: number;
+}): Promise<void>;
+//#endregion
+export { writeSpiceDbSchema };

package/dist/auth/spicedb-schema.js

@@ -0,0 +1,24 @@
+import { getSpiceDbConfig } from "./authz/config.js";
+import { readFileSync } from "node:fs";
+import { resolve } from "node:path";
+import { v1 } from "@authzed/authzed-node";
+
+//#region src/auth/spicedb-schema.ts
+async function writeSpiceDbSchema(options) {
+	const config = getSpiceDbConfig();
+	const { endpoint = config.endpoint, token = config.token, schemaPath = resolve(import.meta.dirname, "../../spicedb/schema.zed"), maxRetries = 30 } = options ?? {};
+	const schema = readFileSync(schemaPath, "utf-8");
+	const client = v1.NewClient(token, endpoint, config.tlsEnabled ? v1.ClientSecurity.SECURE : v1.ClientSecurity.INSECURE_LOCALHOST_ALLOWED);
+	let lastError;
+	for (let attempt = 1; attempt <= maxRetries; attempt++) try {
+		await client.promises.writeSchema(v1.WriteSchemaRequest.create({ schema }));
+		return;
+	} catch (error) {
+		lastError = error;
+		if (attempt < maxRetries) await new Promise((r) => setTimeout(r, 1e3));
+	}
+	throw new Error(`Failed to write SpiceDB schema after ${maxRetries} attempts: ${lastError?.message}`);
+}
+
+//#endregion
+export { writeSpiceDbSchema };

package/dist/client-exports.d.ts

@@ -1,4 +1,4 @@
-import { OrgRole, OrgRoles, ProjectRole, ProjectRoles } from "./auth/authz/config.js";
+import { OrgRole, OrgRoles, ProjectRole, ProjectRoles } from "./auth/authz/types.js";
 import { BreakdownComponentDef, CONTEXT_BREAKDOWN_TOTAL_SPAN_ATTRIBUTE, ContextBreakdown, V1_BREAKDOWN_SCHEMA, calculateBreakdownTotal, createEmptyBreakdown, parseContextBreakdownFromSpan } from "./constants/context-breakdown.js";
 import { ACTIVITY_NAMES, ACTIVITY_STATUS, ACTIVITY_TYPES, AGENT_IDS, AI_OPERATIONS, AI_TOOL_TYPES, DELEGATION_FROM_SUB_AGENT_ID, DELEGATION_ID, DELEGATION_TO_SUB_AGENT_ID, SPAN_KEYS, SPAN_NAMES, TRANSFER_FROM_SUB_AGENT_ID, TRANSFER_TO_SUB_AGENT_ID, UNKNOWN_VALUE } from "./constants/otel-attributes.js";
 import { AGGREGATE_OPERATORS, DATA_SOURCES, DATA_TYPES, FIELD_TYPES, OPERATORS, ORDER_DIRECTIONS, PANEL_TYPES, QUERY_DEFAULTS, QUERY_EXPRESSIONS, QUERY_FIELD_CONFIGS, QUERY_TYPES, REDUCE_OPERATIONS } from "./constants/signoz-queries.js";
@@ -6,186 +6,10 @@ import { ConversationHistoryConfig, CredentialStoreType, MCPTransportType } from
 import "./types/index.js";
 import { DEFAULT_NANGO_STORE_ID } from "./credential-stores/default-constants.js";
 import { detectAuthenticationRequired } from "./utils/auth-detection.js";
-import { validatePropsAsJsonSchema } from "./validation/props-validation.js";
-import "./index.js";
-import { AgentStopWhen, AgentStopWhenSchema, ApiKeyApiUpdateSchema, FullAgentAgentInsertSchema, FunctionApiInsertSchema, FunctionApiSelectSchema, FunctionApiUpdateSchema, ModelSettings, ModelSettingsSchema, ResourceIdSchema, SignatureSource, SignatureVerificationConfig, SignatureVerificationConfigSchema, SignedComponent, StopWhen, StopWhenSchema, SubAgentStopWhen, SubAgentStopWhenSchema, TriggerApiInsertSchema, TriggerApiSelectSchema, TriggerApiUpdateSchema, TriggerInvocationApiSelectSchema, TriggerInvocationListResponse, TriggerInvocationResponse, TriggerInvocationStatusEnum, TriggerListResponse, TriggerResponse, TriggerWithWebhookUrlListResponse, TriggerWithWebhookUrlResponse, TriggerWithWebhookUrlSchema } from "./validation/schemas.js";
+import { AgentApiInsertSchema, AgentStopWhen, AgentWithinContextOfProjectResponse, AgentWithinContextOfProjectSchema, ApiKeyApiCreationResponseSchema, ApiKeyApiSelectSchema, CredentialReferenceApiInsertSchema, ExternalAgentApiInsertSchema, FullAgentAgentInsertSchema, FunctionApiInsertSchema, HeadersSchema, ModelSettings, StopWhen, ToolApiInsertSchema, TriggerApiSelectSchema, TriggerInvocationApiSelectSchema } from "./validation/schemas.js";
 import { z } from "@hono/zod-openapi";
-import { convertJsonSchemaToZod } from "zod-from-json-schema";
 
 //#region src/client-exports.d.ts
-declare const TenantParamsSchema: z.ZodObject<{
-  tenantId: z.ZodString;
-}, z.core.$strip>;
-declare const TenantProjectParamsSchema: z.ZodObject<{
-  tenantId: z.ZodString;
-  projectId: z.ZodString;
-}, z.core.$strip>;
-declare const TenantProjectIdParamsSchema: z.ZodObject<{
-  tenantId: z.ZodString;
-  projectId: z.ZodString;
-  id: z.ZodString;
-}, z.core.$strip>;
-declare const IdParamsSchema: z.ZodObject<{
-  id: z.ZodString;
-}, z.core.$strip>;
-declare const PaginationSchema: z.ZodObject<{
-  page: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
-  limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
-  total: z.ZodNumber;
-  pages: z.ZodNumber;
-}, z.core.$strip>;
-declare const ListResponseSchema: <T extends z.ZodTypeAny>(itemSchema: T) => z.ZodObject<{
-  data: z.ZodArray<T>;
-  pagination: z.ZodObject<{
-    page: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
-    limit: z.ZodDefault<z.ZodCoercedNumber<unknown>>;
-    total: z.ZodNumber;
-    pages: z.ZodNumber;
-  }, z.core.$strip>;
-}, z.core.$strip>;
-declare const SingleResponseSchema: <T extends z.ZodTypeAny>(itemSchema: T) => z.ZodObject<{
-  data: T;
-}, z.core.$strip>;
-declare const ErrorResponseSchema: z.ZodObject<{
-  error: z.ZodString;
-  message: z.ZodOptional<z.ZodString>;
-  details: z.ZodOptional<z.ZodUnknown>;
-}, z.core.$strip>;
-declare const AgentApiInsertSchema: z.ZodObject<{
-  id: z.ZodOptional<z.ZodString>;
-  name: z.ZodString;
-  description: z.ZodOptional<z.ZodString>;
-  prompt: z.ZodOptional<z.ZodString>;
-  model: z.ZodOptional<z.ZodObject<{
-    model: z.ZodOptional<z.ZodString>;
-    providerOptions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodAny>>;
-  }, z.core.$strip>>;
-  tools: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  dataComponents: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  artifactComponents: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  canTransferTo: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  canDelegateTo: z.ZodOptional<z.ZodArray<z.ZodString>>;
-  type: z.ZodOptional<z.ZodEnum<{
-    internal: "internal";
-    external: "external";
-  }>>;
-}, z.core.$strip>;
-declare const ToolApiInsertSchema: z.ZodObject<{
-  id: z.ZodOptional<z.ZodString>;
-  name: z.ZodString;
-  description: z.ZodOptional<z.ZodString>;
-  type: z.ZodEnum<{
-    mcp: "mcp";
-    hosted: "hosted";
-  }>;
-  config: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-  credentialReferenceId: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>;
-declare const ApiKeyApiSelectSchema: z.ZodObject<{
-  id: z.ZodString;
-  tenantId: z.ZodString;
-  projectId: z.ZodString;
-  agentId: z.ZodString;
-  publicId: z.ZodString;
-  keyHash: z.ZodString;
-  keyPrefix: z.ZodString;
-  name: z.ZodOptional<z.ZodString>;
-  lastUsedAt: z.ZodOptional<z.ZodString>;
-  expiresAt: z.ZodOptional<z.ZodString>;
-  createdAt: z.ZodString;
-  updatedAt: z.ZodString;
-}, z.core.$strip>;
-declare const ApiKeyApiCreationResponseSchema: z.ZodObject<{
-  data: z.ZodObject<{
-    apiKey: z.ZodObject<{
-      id: z.ZodString;
-      tenantId: z.ZodString;
-      projectId: z.ZodString;
-      agentId: z.ZodString;
-      publicId: z.ZodString;
-      keyHash: z.ZodString;
-      keyPrefix: z.ZodString;
-      name: z.ZodOptional<z.ZodString>;
-      lastUsedAt: z.ZodOptional<z.ZodString>;
-      expiresAt: z.ZodOptional<z.ZodString>;
-      createdAt: z.ZodString;
-      updatedAt: z.ZodString;
-    }, z.core.$strip>;
-    key: z.ZodString;
-  }, z.core.$strip>;
-}, z.core.$strip>;
-declare const CredentialReferenceApiInsertSchema: z.ZodObject<{
-  id: z.ZodString;
-  tenantId: z.ZodOptional<z.ZodString>;
-  projectId: z.ZodOptional<z.ZodString>;
-  name: z.ZodString;
-  type: z.ZodEnum<{
-    readonly memory: "memory";
-    readonly keychain: "keychain";
-    readonly nango: "nango";
-  }>;
-  credentialStoreId: z.ZodString;
-  retrievalParams: z.ZodOptional<z.ZodNullable<z.ZodRecord<z.ZodString, z.ZodUnknown>>>;
-  createdAt: z.ZodOptional<z.ZodString>;
-  updatedAt: z.ZodOptional<z.ZodString>;
-  userId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-  toolId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-  createdBy: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-}, z.core.$strip>;
-declare const DataComponentApiInsertSchema: z.ZodObject<{
-  id: z.ZodString;
-  name: z.ZodString;
-  description: z.ZodOptional<z.ZodString>;
-  props: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-  render: z.ZodOptional<z.ZodNullable<z.ZodObject<{
-    component: z.ZodString;
-    mockData: z.ZodRecord<z.ZodString, z.ZodUnknown>;
-  }, z.core.$strip>>>;
-}, z.core.$strip>;
-declare const ArtifactComponentApiInsertSchema: z.ZodObject<{
-  id: z.ZodString;
-  name: z.ZodString;
-  description: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-  props: z.ZodOptional<z.ZodNullable<z.ZodType<Record<string, unknown>, Record<string, unknown>, z.core.$ZodTypeInternals<Record<string, unknown>, Record<string, unknown>>>>>;
-  render: z.ZodOptional<z.ZodNullable<z.ZodType<{
-    component: string;
-    mockData: Record<string, unknown>;
-  }, {
-    component: string;
-    mockData: Record<string, unknown>;
-  }, z.core.$ZodTypeInternals<{
-    component: string;
-    mockData: Record<string, unknown>;
-  }, {
-    component: string;
-    mockData: Record<string, unknown>;
-  }>>>>;
-}, {
-  out: {};
-  in: {};
-}>;
-declare const ContextConfigApiInsertSchema: z.ZodObject<{
-  id: z.ZodOptional<z.ZodString>;
-  name: z.ZodOptional<z.ZodString>;
-  description: z.ZodOptional<z.ZodString>;
-  type: z.ZodOptional<z.ZodString>;
-  config: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
-}, z.core.$strip>;
-declare const ExternalAgentApiInsertSchema: z.ZodObject<{
-  id: z.ZodOptional<z.ZodString>;
-  name: z.ZodString;
-  description: z.ZodOptional<z.ZodString>;
-  baseUrl: z.ZodString;
-  headers: z.ZodOptional<z.ZodNullable<z.ZodRecord<z.ZodString, z.ZodString>>>;
-  credentialReferenceId: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-  type: z.ZodOptional<z.ZodLiteral<"external">>;
-}, z.core.$strip>;
-declare const AgentAgentApiInsertSchema: z.ZodObject<{
-  id: z.ZodOptional<z.ZodString>;
-  name: z.ZodString;
-  description: z.ZodOptional<z.ZodString>;
-  defaultSubAgentId: z.ZodOptional<z.ZodString>;
-}, z.core.$strip>;
 declare const FullAgentDefinitionSchema: z.ZodObject<{
   id: z.ZodOptional<z.ZodString>;
   name: z.ZodString;
@@ -195,8 +19,7 @@ declare const FullAgentDefinitionSchema: z.ZodObject<{
     id: z.ZodString;
     name: z.ZodString;
     description: z.ZodOptional<z.ZodNullable<z.ZodString>>;
-    createdAt: z.ZodOptional<z.ZodString>;
-    updatedAt: z.ZodOptional<z.ZodString>;
+    conversationHistoryConfig: z.ZodOptional<z.ZodNullable<z.ZodType<ConversationHistoryConfig, ConversationHistoryConfig, z.core.$ZodTypeInternals<ConversationHistoryConfig, ConversationHistoryConfig>>>>;
     models: z.ZodOptional<z.ZodObject<{
       base: z.ZodOptional<z.ZodObject<{
         model: z.ZodOptional<z.ZodString>;
@@ -220,7 +43,8 @@ declare const FullAgentDefinitionSchema: z.ZodObject<{
     }, {
       stepCountIs?: number | undefined;
     }>>>>;
-    conversationHistoryConfig: z.ZodOptional<z.ZodNullable<z.ZodType<ConversationHistoryConfig, ConversationHistoryConfig, z.core.$ZodTypeInternals<ConversationHistoryConfig, ConversationHistoryConfig>>>>;
+    createdAt: z.ZodOptional<z.ZodString>;
+    updatedAt: z.ZodOptional<z.ZodString>;
     type: z.ZodLiteral<"internal">;
     canUse: z.ZodArray<z.ZodObject<{
       agentToolRelationId: z.ZodOptional<z.ZodString>;
@@ -289,26 +113,14 @@ declare const FullAgentDefinitionSchema: z.ZodObject<{
 type AgentApiInsert = z.infer<typeof AgentApiInsertSchema>;
 type ToolApiInsert = z.infer<typeof ToolApiInsertSchema>;
 type FunctionApiInsert = z.infer<typeof FunctionApiInsertSchema>;
-type TriggerApiInsert = z.infer<typeof TriggerApiInsertSchema>;
 type TriggerApiSelect = z.infer<typeof TriggerApiSelectSchema>;
-type TriggerApiUpdate = z.infer<typeof TriggerApiUpdateSchema>;
 type TriggerInvocationApiSelect = z.infer<typeof TriggerInvocationApiSelectSchema>;
 type ApiKeyApiSelect = z.infer<typeof ApiKeyApiSelectSchema>;
 type ApiKeyApiCreationResponse = z.infer<typeof ApiKeyApiCreationResponseSchema>;
-type ApiKeyApiUpdateResponse = z.infer<typeof ApiKeyApiUpdateSchema>;
 type CredentialReferenceApiInsert = z.infer<typeof CredentialReferenceApiInsertSchema>;
-type DataComponentApiInsert = z.infer<typeof DataComponentApiInsertSchema>;
-type ArtifactComponentApiInsert = z.infer<typeof ArtifactComponentApiInsertSchema>;
-type ContextConfigApiInsert = z.infer<typeof ContextConfigApiInsertSchema>;
 type ExternalAgentApiInsert = z.infer<typeof ExternalAgentApiInsertSchema>;
-type AgentAgentApiInsert = z.infer<typeof AgentAgentApiInsertSchema>;
 type FullAgentDefinition = z.infer<typeof FullAgentDefinitionSchema>;
 type InternalAgentDefinition = z.infer<typeof FullAgentAgentInsertSchema>;
-type ExternalAgentDefinition = z.infer<typeof ExternalAgentApiInsertSchema>;
-type TenantParams = z.infer<typeof TenantParamsSchema>;
-type ErrorResponse = z.infer<typeof ErrorResponseSchema>;
 declare function generateIdFromName(name: string): string;
-type ToolInsert = ToolApiInsert;
-type AgentAgentInsert = AgentAgentApiInsert;
 //#endregion
-export { ACTIVITY_NAMES, ACTIVITY_STATUS, ACTIVITY_TYPES, AGENT_IDS, AGGREGATE_OPERATORS, AI_OPERATIONS, AI_TOOL_TYPES, AgentAgentApiInsert, AgentAgentApiInsertSchema, AgentAgentInsert, AgentApiInsert, AgentApiInsertSchema, type AgentStopWhen, AgentStopWhenSchema, ApiKeyApiCreationResponse, ApiKeyApiCreationResponseSchema, ApiKeyApiSelect, ApiKeyApiSelectSchema, ApiKeyApiUpdateResponse, ArtifactComponentApiInsert, ArtifactComponentApiInsertSchema, BreakdownComponentDef, CONTEXT_BREAKDOWN_TOTAL_SPAN_ATTRIBUTE, ContextBreakdown, ContextConfigApiInsert, ContextConfigApiInsertSchema, CredentialReferenceApiInsert, CredentialReferenceApiInsertSchema, CredentialStoreType, DATA_SOURCES, DATA_TYPES, DEFAULT_NANGO_STORE_ID, DELEGATION_FROM_SUB_AGENT_ID, DELEGATION_ID, DELEGATION_TO_SUB_AGENT_ID, DataComponentApiInsert, DataComponentApiInsertSchema, ErrorResponse, ErrorResponseSchema, ExternalAgentApiInsert, ExternalAgentApiInsertSchema, ExternalAgentDefinition, FIELD_TYPES, FullAgentDefinition, FullAgentDefinitionSchema, FunctionApiInsert, FunctionApiInsertSchema, FunctionApiSelectSchema, FunctionApiUpdateSchema, IdParamsSchema, InternalAgentDefinition, ListResponseSchema, MCPTransportType, type ModelSettings, ModelSettingsSchema, OPERATORS, ORDER_DIRECTIONS, type OrgRole, OrgRoles, PANEL_TYPES, PaginationSchema, type ProjectRole, ProjectRoles, QUERY_DEFAULTS, QUERY_EXPRESSIONS, QUERY_FIELD_CONFIGS, QUERY_TYPES, REDUCE_OPERATIONS, ResourceIdSchema, SPAN_KEYS, SPAN_NAMES, type SignatureSource, type SignatureVerificationConfig, SignatureVerificationConfigSchema, type SignedComponent, SingleResponseSchema, type StopWhen, StopWhenSchema, type SubAgentStopWhen, SubAgentStopWhenSchema, TRANSFER_FROM_SUB_AGENT_ID, TRANSFER_TO_SUB_AGENT_ID, TenantParams, TenantParamsSchema, TenantProjectIdParamsSchema, TenantProjectParamsSchema, ToolApiInsert, ToolApiInsertSchema, ToolInsert, TriggerApiInsert, TriggerApiInsertSchema, TriggerApiSelect, TriggerApiSelectSchema, TriggerApiUpdate, TriggerApiUpdateSchema, TriggerInvocationApiSelect, TriggerInvocationApiSelectSchema, TriggerInvocationListResponse, TriggerInvocationResponse, TriggerInvocationStatusEnum, TriggerListResponse, TriggerResponse, TriggerWithWebhookUrlListResponse, TriggerWithWebhookUrlResponse, TriggerWithWebhookUrlSchema, UNKNOWN_VALUE, V1_BREAKDOWN_SCHEMA, calculateBreakdownTotal, convertJsonSchemaToZod, createEmptyBreakdown, detectAuthenticationRequired, generateIdFromName, parseContextBreakdownFromSpan, validatePropsAsJsonSchema };
+export { ACTIVITY_NAMES, ACTIVITY_STATUS, ACTIVITY_TYPES, AGENT_IDS, AGGREGATE_OPERATORS, AI_OPERATIONS, AI_TOOL_TYPES, AgentApiInsert, type AgentStopWhen, AgentWithinContextOfProjectResponse, AgentWithinContextOfProjectSchema, ApiKeyApiCreationResponse, ApiKeyApiSelect, BreakdownComponentDef, CONTEXT_BREAKDOWN_TOTAL_SPAN_ATTRIBUTE, ContextBreakdown, CredentialReferenceApiInsert, CredentialStoreType, DATA_SOURCES, DATA_TYPES, DEFAULT_NANGO_STORE_ID, DELEGATION_FROM_SUB_AGENT_ID, DELEGATION_ID, DELEGATION_TO_SUB_AGENT_ID, ExternalAgentApiInsert, FIELD_TYPES, FullAgentDefinition, FullAgentDefinitionSchema, FunctionApiInsert, HeadersSchema, InternalAgentDefinition, MCPTransportType, type ModelSettings, OPERATORS, ORDER_DIRECTIONS, type OrgRole, OrgRoles, PANEL_TYPES, type ProjectRole, ProjectRoles, QUERY_DEFAULTS, QUERY_EXPRESSIONS, QUERY_FIELD_CONFIGS, QUERY_TYPES, REDUCE_OPERATIONS, SPAN_KEYS, SPAN_NAMES, type StopWhen, TRANSFER_FROM_SUB_AGENT_ID, TRANSFER_TO_SUB_AGENT_ID, ToolApiInsert, TriggerApiSelect, TriggerInvocationApiSelect, UNKNOWN_VALUE, V1_BREAKDOWN_SCHEMA, calculateBreakdownTotal, createEmptyBreakdown, detectAuthenticationRequired, generateIdFromName, parseContextBreakdownFromSpan };