npm - @inkeep/agents-core - Versions diffs - 0.58.21 → 0.59.1 - Mend

@inkeep/agents-core 0.58.21 → 0.59.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (75) hide show

package/dist/auth/auth-config-utils.d.ts +49 -0
package/dist/auth/auth-config-utils.js +133 -0
package/dist/auth/auth-schema.d.ts +102 -85
package/dist/auth/auth-schema.js +1 -0
package/dist/auth/auth-types.d.ts +170 -0
package/dist/auth/auth-types.js +53 -0
package/dist/auth/auth-validation-schemas.d.ts +169 -135
package/dist/auth/auth.d.ts +43 -1286
package/dist/auth/auth.js +61 -70
package/dist/auth/email-send-status-store.js +15 -3
package/dist/auth/init.js +2 -1
package/dist/auth/password-reset-link-store.js +8 -1
package/dist/auth/permissions.d.ts +13 -13
package/dist/client-exports.d.ts +2 -2
package/dist/client-exports.js +2 -2
package/dist/constants/{allowed-image-formats.d.ts → allowed-file-formats.d.ts} +4 -3
package/dist/constants/{allowed-image-formats.js → allowed-file-formats.js} +13 -10
package/dist/credential-stores/composio-store.d.ts +28 -0
package/dist/credential-stores/composio-store.js +53 -0
package/dist/credential-stores/default-constants.d.ts +2 -1
package/dist/credential-stores/default-constants.js +2 -1
package/dist/credential-stores/defaults.js +3 -1
package/dist/credential-stores/index.d.ts +3 -2
package/dist/credential-stores/index.js +3 -2
package/dist/data-access/index.d.ts +5 -4
package/dist/data-access/index.js +4 -4
package/dist/data-access/manage/agents.d.ts +30 -30
package/dist/data-access/manage/artifactComponents.d.ts +10 -10
package/dist/data-access/manage/contextConfigs.d.ts +8 -8
package/dist/data-access/manage/dataComponents.d.ts +2 -2
package/dist/data-access/manage/functionTools.d.ts +14 -14
package/dist/data-access/manage/skills.d.ts +19 -19
package/dist/data-access/manage/subAgentExternalAgentRelations.d.ts +24 -24
package/dist/data-access/manage/subAgentRelations.d.ts +22 -22
package/dist/data-access/manage/subAgentTeamAgentRelations.d.ts +18 -18
package/dist/data-access/manage/subAgents.d.ts +18 -18
package/dist/data-access/manage/tools.d.ts +30 -30
package/dist/data-access/manage/tools.js +17 -5
package/dist/data-access/manage/triggers.d.ts +1 -1
package/dist/data-access/runtime/apiKeys.d.ts +16 -16
package/dist/data-access/runtime/apps.d.ts +12 -12
package/dist/data-access/runtime/auth.d.ts +9 -9
package/dist/data-access/runtime/auth.js +19 -21
package/dist/data-access/runtime/conversations.d.ts +24 -24
package/dist/data-access/runtime/messages.d.ts +12 -12
package/dist/data-access/runtime/organizations.d.ts +28 -4
package/dist/data-access/runtime/organizations.js +131 -9
package/dist/data-access/runtime/scheduledTriggerInvocations.d.ts +10 -1
package/dist/data-access/runtime/scheduledTriggerInvocations.js +13 -1
package/dist/data-access/runtime/tasks.d.ts +5 -5
package/dist/db/manage/manage-schema.d.ts +359 -359
package/dist/db/runtime/runtime-schema.d.ts +298 -298
package/dist/index.d.ts +8 -6
package/dist/index.js +8 -7
package/dist/types/utility.d.ts +1 -0
package/dist/types/utility.js +2 -1
package/dist/utils/credential-store-utils.js +1 -0
package/dist/utils/error.d.ts +51 -48
package/dist/utils/error.js +3 -0
package/dist/utils/index.d.ts +2 -2
package/dist/utils/index.js +4 -4
package/dist/utils/third-party-mcp-servers/composio-client.d.ts +20 -4
package/dist/utils/third-party-mcp-servers/composio-client.js +51 -25
package/dist/utils/third-party-mcp-servers/index.d.ts +2 -2
package/dist/utils/third-party-mcp-servers/index.js +2 -2
package/dist/utils/third-party-mcp-servers/third-party-check.d.ts +3 -4
package/dist/utils/third-party-mcp-servers/third-party-check.js +1 -2
package/dist/validation/drizzle-schema-helpers.d.ts +3 -3
package/dist/validation/schemas.d.ts +2026 -2005
package/dist/validation/schemas.js +3 -1
package/drizzle/runtime/0023_lazy_energizer.sql +1 -0
package/drizzle/runtime/0024_moaning_kingpin.sql +1 -0
package/drizzle/runtime/meta/0024_snapshot.json +4270 -0
package/drizzle/runtime/meta/_journal.json +7 -0
package/package.json +11 -6

package/dist/utils/third-party-mcp-servers/composio-client.js CHANGED Viewed

@@ -70,19 +70,21 @@ function getComposioUserId(tenantId, projectId, credentialScope, userId) {
 * Configure a Composio MCP server config with the appropriate user_id and x-api-key.
 * Mutates serverConfig in place:
 *  - Injects user_id query param into the URL (scoped by tenant/project/user)
+*  - Injects connected_account_id query param if provided (pins to a specific account)
 *  - Injects x-api-key header from COMPOSIO_API_KEY env var
 *
 * No-op if the URL is not a composio.dev URL or already has a user_id.
 */
-function configureComposioMCPServer(serverConfig, tenantId, projectId, credentialScope, userId) {
+function configureComposioMCPServer(serverConfig, tenantId, projectId, credentialScope, userId, connectedAccountId) {
 	const baseUrl = serverConfig.url?.toString();
 	if (!baseUrl?.includes("composio.dev")) return;
 	const urlObj = new URL(baseUrl);
 	if (!urlObj.searchParams.has("user_id")) {
 		const composioUserId = getComposioUserId(tenantId, projectId, credentialScope, userId);
 		urlObj.searchParams.set("user_id", composioUserId);
-		serverConfig.url = urlObj.toString();
 	}
+	if (connectedAccountId && !urlObj.searchParams.has("connected_account_id")) urlObj.searchParams.set("connected_account_id", connectedAccountId);
+	serverConfig.url = urlObj.toString();
 	const composioApiKey = process.env.COMPOSIO_API_KEY;
 	if (composioApiKey) serverConfig.headers = {
 		...serverConfig.headers,
@@ -135,7 +137,11 @@ async function fetchComposioConnectedAccounts(derivedUserId) {
 	try {
 		return await composioInstance.connectedAccounts.list({
 			userIds: [derivedUserId],
-			statuses: ["ACTIVE", "INITIATED"]
+			statuses: [
+				"ACTIVE",
+				"INITIATED",
+				"EXPIRED"
+			]
 		});
 	} catch (error) {
 		logger$1.error({ error }, "Error fetching Composio connected accounts");
@@ -144,44 +150,52 @@ async function fetchComposioConnectedAccounts(derivedUserId) {
 }
 /**
 * Check if a Composio MCP server is authenticated for the given tenant/project/user
-* Returns true if authenticated, false otherwise
 * @param credentialScope - 'project' for shared team credentials, 'user' for per-user credentials
 * @param userId - The actual user ID (required if credentialScope is 'user')
 */
 async function isComposioMCPServerAuthenticated(tenantId, projectId, mcpServerUrl, credentialScope = "project", userId) {
 	if (!process.env.COMPOSIO_API_KEY) {
 		logger$1.info({}, "Composio API key not configured, skipping auth check");
-		return false;
+		return { authenticated: false };
 	}
 	const serverId = extractComposioServerId(mcpServerUrl);
 	if (!serverId) {
 		logger$1.info({ mcpServerUrl }, "Could not extract Composio server ID from URL");
-		return false;
+		return { authenticated: false };
 	}
 	const composioUserId = getComposioUserId(tenantId, projectId, credentialScope, userId);
 	const composioInstance = getComposioInstance();
 	if (!composioInstance) {
 		logger$1.info({}, "Composio not configured, skipping auth check");
-		return false;
+		return { authenticated: false };
 	}
 	try {
 		const [composioMcpServer, connectedAccounts] = await Promise.all([composioInstance.mcp.get(serverId), fetchComposioConnectedAccounts(composioUserId)]);
-		if (!(composioMcpServer.authConfigIds.length > 0 ? composioMcpServer.authConfigIds[0] : null)) return false;
-		if (!connectedAccounts) return false;
-		const activeAuthConfigIds = new Set(connectedAccounts.items.filter((account) => account.status === "ACTIVE").map((account) => account.authConfig.id));
-		return composioMcpServer.authConfigIds.some((authConfigId) => activeAuthConfigIds.has(authConfigId));
+		if (!(composioMcpServer.authConfigIds.length > 0 ? composioMcpServer.authConfigIds[0] : null)) return { authenticated: false };
+		if (!connectedAccounts) return { authenticated: false };
+		const activeAccounts = connectedAccounts.items.filter((account) => account.status === "ACTIVE");
+		const activeAuthConfigIds = new Set(activeAccounts.map((account) => account.authConfig.id));
+		if (!composioMcpServer.authConfigIds.some((authConfigId) => activeAuthConfigIds.has(authConfigId))) return { authenticated: false };
+		const connectedAccountId = activeAccounts.find((account) => composioMcpServer.authConfigIds.includes(account.authConfig.id))?.id;
+		return {
+			authenticated: !!connectedAccountId,
+			connectedAccountId
+		};
 	} catch (error) {
 		logger$1.error({
 			error,
 			mcpServerUrl
 		}, "Error checking Composio authentication status");
-		return false;
+		return {
+			authenticated: false,
+			error: true
+		};
 	}
 }
 /**
 * Convert Composio server data to PrebuiltMCPServer format
 */
-function transformComposioServerData(composioMcpServer, isAuthenticated, url, thirdPartyConnectAccountUrl) {
+function transformComposioServerData(composioMcpServer, isAuthenticated, url, thirdPartyConnectAccountUrl, connectedAccountId, authScheme) {
 	const firstToolkit = composioMcpServer.toolkits[0];
 	const category = firstToolkit ? TOOLKIT_TO_CATEGORY[firstToolkit] || "integration" : "integration";
 	const imageUrl = composioMcpServer.toolkitIcons?.[firstToolkit];
@@ -195,7 +209,9 @@ function transformComposioServerData(composioMcpServer, isAuthenticated, url, th
 		category,
 		description,
 		isOpen: isAuthenticated,
-		thirdPartyConnectAccountUrl
+		thirdPartyConnectAccountUrl,
+		connectedAccountId,
+		authScheme
 	};
 }
 /**
@@ -203,14 +219,14 @@ function transformComposioServerData(composioMcpServer, isAuthenticated, url, th
 * Handles account creation/deletion and returns the redirect URL
 * Returns null if account creation fails
 */
-async function ensureComposioAccount(composioMcpServer, derivedUserId, initiatedAccounts) {
+async function ensureComposioAccount(composioMcpServer, derivedUserId, staleAccounts) {
 	const firstAuthConfigId = composioMcpServer.authConfigIds[0];
 	if (!firstAuthConfigId) {
 		logger$1.error({ serverId: composioMcpServer.id }, "No auth config ID found for MCP server");
 		return null;
 	}
-	const existingInitiatedAccount = initiatedAccounts.find((account) => account.authConfig.id === firstAuthConfigId);
-	if (existingInitiatedAccount) await deleteComposioConnectedAccount(existingInitiatedAccount.id);
+	const existingStaleAccounts = staleAccounts.filter((account) => account.authConfig.id === firstAuthConfigId);
+	await Promise.all(existingStaleAccounts.map((account) => deleteComposioConnectedAccount(account.id)));
 	try {
 		const composioInstance = getComposioInstance();
 		if (!composioInstance) {
@@ -249,7 +265,7 @@ async function getComposioOAuthRedirectUrl(tenantId, projectId, mcpServerUrl, cr
 	}
 	const composioUserId = getComposioUserId(tenantId, projectId, credentialScope, userId);
 	try {
-		return await ensureComposioAccount(await composioInstance.mcp.get(serverId), composioUserId, (await fetchComposioConnectedAccounts(composioUserId))?.items.filter((account) => account.status === "INITIATED") ?? []);
+		return await ensureComposioAccount(await composioInstance.mcp.get(serverId), composioUserId, (await fetchComposioConnectedAccounts(composioUserId))?.items.filter((account) => account.status === "INITIATED" || account.status === "EXPIRED") ?? []);
 	} catch (error) {
 		logger$1.error({
 			error,
@@ -263,15 +279,21 @@ async function getComposioOAuthRedirectUrl(tenantId, projectId, mcpServerUrl, cr
 * Coordinates authentication checks and account management
 * Returns null if the server cannot be properly configured
 */
-async function transformComposioServer(composioMcpServer, authenticatedAuthConfigIds, initiatedAccounts, derivedUserId) {
+async function transformComposioServer(composioMcpServer, authenticatedAuthConfigIds, activeAccounts, staleAccounts, derivedUserId) {
 	const isAuthenticated = composioMcpServer.authConfigIds.some((authConfigId) => authenticatedAuthConfigIds.has(authConfigId));
 	let thirdPartyConnectAccountUrl;
+	let connectedAccountId;
+	let authScheme;
 	if (!isAuthenticated) {
-		const redirectUrl = await ensureComposioAccount(composioMcpServer, derivedUserId, initiatedAccounts);
+		const redirectUrl = await ensureComposioAccount(composioMcpServer, derivedUserId, staleAccounts);
 		if (!redirectUrl) return null;
 		thirdPartyConnectAccountUrl = redirectUrl;
+	} else {
+		const matchingAccount = activeAccounts.find((account) => composioMcpServer.authConfigIds.includes(account.authConfig.id));
+		connectedAccountId = matchingAccount?.id;
+		authScheme = matchingAccount?.state?.authScheme;
 	}
-	return transformComposioServerData(composioMcpServer, isAuthenticated, composioMcpServer.MCPUrl, thirdPartyConnectAccountUrl);
+	return transformComposioServerData(composioMcpServer, isAuthenticated, composioMcpServer.MCPUrl, thirdPartyConnectAccountUrl, connectedAccountId, authScheme);
 }
 /**
 * Fetch Composio MCP servers for the catalog
@@ -323,11 +345,15 @@ async function fetchSingleComposioServer(tenantId, projectId, mcpServerUrl, cred
 		const composioMcpServer = await composioInstance.mcp.get(serverId);
 		const userConnectedAccounts = await composioInstance.connectedAccounts.list({
 			userIds: [composioUserId],
-			statuses: ["ACTIVE", "INITIATED"]
+			statuses: [
+				"ACTIVE",
+				"INITIATED",
+				"EXPIRED"
+			]
 		});
 		const activeAccounts = userConnectedAccounts?.items.filter((account) => account.status === "ACTIVE");
-		const initiatedAccounts = userConnectedAccounts?.items.filter((account) => account.status === "INITIATED");
-		return await transformComposioServer(composioMcpServer, new Set(activeAccounts?.map((account) => account.authConfig.id) ?? []), initiatedAccounts ?? [], composioUserId);
+		const staleAccounts = userConnectedAccounts?.items.filter((account) => account.status === "INITIATED" || account.status === "EXPIRED");
+		return await transformComposioServer(composioMcpServer, new Set(activeAccounts?.map((account) => account.authConfig.id) ?? []), activeAccounts ?? [], staleAccounts ?? [], composioUserId);
 	} catch (error) {
 		logger$1.error({
 			error,
@@ -338,4 +364,4 @@ async function fetchSingleComposioServer(tenantId, projectId, mcpServerUrl, cred
 }
 //#endregion
-export { configureComposioMCPServer, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated };
+export { configureComposioMCPServer, deleteComposioConnectedAccount, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioInstance, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated };

package/dist/utils/third-party-mcp-servers/index.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
-import { CredentialScope, configureComposioMCPServer, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
+import { ComposioAuthResult, CredentialScope, configureComposioMCPServer, deleteComposioConnectedAccount, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioInstance, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
 import { isThirdPartyMCPServerAuthenticated } from "./third-party-check.js";
-export { CredentialScope, configureComposioMCPServer, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };
+export { ComposioAuthResult, CredentialScope, configureComposioMCPServer, deleteComposioConnectedAccount, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioInstance, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };

package/dist/utils/third-party-mcp-servers/index.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { configureComposioMCPServer, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
+import { configureComposioMCPServer, deleteComposioConnectedAccount, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioInstance, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated } from "./composio-client.js";
 import { isThirdPartyMCPServerAuthenticated } from "./third-party-check.js";
-export { configureComposioMCPServer, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };
+export { configureComposioMCPServer, deleteComposioConnectedAccount, extractComposioServerId, fetchComposioServers, fetchSingleComposioServer, getComposioInstance, getComposioOAuthRedirectUrl, getComposioUserId, isComposioMCPServerAuthenticated, isThirdPartyMCPServerAuthenticated };

package/dist/utils/third-party-mcp-servers/third-party-check.d.ts CHANGED Viewed

@@ -1,14 +1,13 @@
-import { CredentialScope } from "./composio-client.js";
+import { ComposioAuthResult, CredentialScope } from "./composio-client.js";
 //#region src/utils/third-party-mcp-servers/third-party-check.d.ts
 /**
  * Check if a third-party MCP server is authenticated for the given tenant/project/user
  * This is a generic function that routes to the appropriate provider-specific check
- * Returns true if authenticated, false otherwise
  * @param credentialScope - 'project' for shared team credentials, 'user' for per-user credentials
  * @param userId - The actual user ID (required if credentialScope is 'user')
  */
-declare function isThirdPartyMCPServerAuthenticated(tenantId: string, projectId: string, mcpServerUrl: string, credentialScope?: CredentialScope, userId?: string): Promise<boolean>;
+declare function isThirdPartyMCPServerAuthenticated(tenantId: string, projectId: string, mcpServerUrl: string, credentialScope?: CredentialScope, userId?: string): Promise<ComposioAuthResult>;
 //#endregion
-export { isThirdPartyMCPServerAuthenticated };
+export { type ComposioAuthResult, isThirdPartyMCPServerAuthenticated };

package/dist/utils/third-party-mcp-servers/third-party-check.js CHANGED Viewed

@@ -10,7 +10,6 @@ const logger = getLogger("third-party-check");
 /**
 * Check if a third-party MCP server is authenticated for the given tenant/project/user
 * This is a generic function that routes to the appropriate provider-specific check
-* Returns true if authenticated, false otherwise
 * @param credentialScope - 'project' for shared team credentials, 'user' for per-user credentials
 * @param userId - The actual user ID (required if credentialScope is 'user')
 */
@@ -20,7 +19,7 @@ async function isThirdPartyMCPServerAuthenticated(tenantId, projectId, mcpServer
 		return isComposioMCPServerAuthenticated(tenantId, projectId, mcpServerUrl, credentialScope, userId);
 	}
 	logger.info({ mcpServerUrl }, "Unknown third-party MCP server provider");
-	return false;
+	return { authenticated: false };
 }
 //#endregion

package/dist/validation/drizzle-schema-helpers.d.ts CHANGED Viewed

@@ -1,10 +1,10 @@
 import { z } from "@hono/zod-openapi";
-import * as drizzle_zod371 from "drizzle-zod";
+import * as drizzle_zod15 from "drizzle-zod";
 import { AnySQLiteTable } from "drizzle-orm/sqlite-core";
 //#region src/validation/drizzle-schema-helpers.d.ts
-declare function createSelectSchemaWithModifiers<T extends AnySQLiteTable>(table: T, overrides?: Partial<Record<keyof T['_']['columns'], (schema: z.ZodTypeAny) => z.ZodTypeAny>>): drizzle_zod371.BuildSchema<"select", T["_"]["columns"], drizzle_zod371.BuildRefine<T["_"]["columns"], undefined>, undefined>;
-declare function createInsertSchemaWithModifiers<T extends AnySQLiteTable>(table: T, overrides?: Partial<Record<keyof T['_']['columns'], (schema: z.ZodTypeAny) => z.ZodTypeAny>>): drizzle_zod371.BuildSchema<"insert", T["_"]["columns"], drizzle_zod371.BuildRefine<Pick<T["_"]["columns"], keyof T["$inferInsert"]>, undefined>, undefined>;
+declare function createSelectSchemaWithModifiers<T extends AnySQLiteTable>(table: T, overrides?: Partial<Record<keyof T['_']['columns'], (schema: z.ZodTypeAny) => z.ZodTypeAny>>): drizzle_zod15.BuildSchema<"select", T["_"]["columns"], drizzle_zod15.BuildRefine<T["_"]["columns"], undefined>, undefined>;
+declare function createInsertSchemaWithModifiers<T extends AnySQLiteTable>(table: T, overrides?: Partial<Record<keyof T['_']['columns'], (schema: z.ZodTypeAny) => z.ZodTypeAny>>): drizzle_zod15.BuildSchema<"insert", T["_"]["columns"], drizzle_zod15.BuildRefine<Pick<T["_"]["columns"], keyof T["$inferInsert"]>, undefined>, undefined>;
 declare const createSelectSchema: typeof createSelectSchemaWithModifiers;
 declare const createInsertSchema: typeof createInsertSchemaWithModifiers;
 /**