@inkeep/agents-core 0.70.3 → 0.70.5

package/dist/auth/auth.js

@@ -6,13 +6,14 @@ import { setPasswordResetLink } from "./password-reset-link-store.js";
 import { createUserProfileIfNotExists } from "../data-access/runtime/userProfiles.js";
 import { querySsoProviderIds } from "../data-access/runtime/auth.js";
 import { extractCookieDomain, getInitialOrganization, getTrustedOrigins, hasCredentialAccount, shouldAutoProvision } from "./auth-config-utils.js";
+import { passwordPolicyHook } from "./password-policy.js";
 import { ac, adminRole, memberRole, ownerRole } from "./permissions.js";
 import { betterAuth } from "better-auth";
 import { dash } from "@better-auth/infra";
 import { oauthProvider } from "@better-auth/oauth-provider";
 import { sso } from "@better-auth/sso";
 import { drizzleAdapter } from "better-auth/adapters/drizzle";
-import { bearer, deviceAuthorization, jwt, lastLoginMethod, oAuthProxy, organization } from "better-auth/plugins";
+import { bearer, deviceAuthorization, haveIBeenPwned, jwt, lastLoginMethod, oAuthProxy, organization } from "better-auth/plugins";
 
 //#region src/auth/auth.ts
 function createAuth(config) {
@@ -23,11 +24,23 @@ function createAuth(config) {
 		baseURL: config.baseURL,
 		secret: config.secret,
 		disabledPaths: ["/token"],
-		database: drizzleAdapter(config.dbClient, { provider: "pg" }),
+		database: ((options) => {
+			const adapter = drizzleAdapter(config.dbClient, { provider: "pg" })(options);
+			return {
+				...adapter,
+				create: (params) => {
+					if (params.model === "organization" && params.data.id && !params.forceAllowId) return adapter.create({
+						...params,
+						forceAllowId: true
+					});
+					return adapter.create(params);
+				}
+			};
+		}),
 		emailAndPassword: {
 			enabled: true,
-			minPasswordLength: 8,
-			maxPasswordLength: 128,
+			minPasswordLength: 15,
+			maxPasswordLength: 256,
 			requireEmailVerification: false,
 			autoSignIn: true,
 			resetPasswordTokenExpiresIn: 1800,
@@ -110,6 +123,7 @@ function createAuth(config) {
 			...config.advanced
 		},
 		trustedOrigins: (request) => getTrustedOrigins(config.dbClient, request),
+		hooks: { before: passwordPolicyHook },
 		plugins: [
 			bearer(),
 			dash(),
@@ -224,6 +238,12 @@ function createAuth(config) {
 					} }
 				},
 				organizationHooks: {
+					beforeCreateOrganization: async ({ organization: org }) => {
+						return { data: {
+							...org,
+							id: org.slug
+						} };
+					},
 					beforeCreateInvitation: async ({ invitation, organization: org }) => {
 						const { enforcePerRoleSeatLimit } = await import("./entitlements.js");
 						await enforcePerRoleSeatLimit(config.dbClient, org.id, invitation.role);
@@ -334,7 +354,8 @@ function createAuth(config) {
 				expiresIn: "60m",
 				interval: "5s",
 				userCodeLength: 8
-			})
+			}),
+			haveIBeenPwned({ customPasswordCompromisedMessage: "Please choose a more secure password." })
 		]
 	});
 	return instance;

package/dist/auth/init.js

@@ -6,6 +6,7 @@ import { createAgentsRunDatabaseClient } from "../db/runtime/runtime-client.js";
 import { createApp, getAppById } from "../data-access/runtime/apps.js";
 import { addUserToOrganization, upsertOrganization } from "../data-access/runtime/organizations.js";
 import { getUserByEmail } from "../data-access/runtime/users.js";
+import { validatePasswordPolicy } from "./password-policy.js";
 import { createAuth } from "./auth.js";
 import { writeSpiceDbSchema } from "./spicedb-schema.js";
 
@@ -23,7 +24,7 @@ import { writeSpiceDbSchema } from "./spicedb-schema.js";
 * - INKEEP_AGENTS_RUN_DATABASE_URL: PostgreSQL connection string
 * - TENANT_ID: Organization/tenant ID (defaults to 'default') - this becomes the org ID
 * - INKEEP_AGENTS_MANAGE_UI_USERNAME: Admin email address
-* - INKEEP_AGENTS_MANAGE_UI_PASSWORD: Admin password (min 8 chars)
+* - INKEEP_AGENTS_MANAGE_UI_PASSWORD: Admin password (min 15 chars, see password policy)
 * - BETTER_AUTH_SECRET: Secret for Better Auth
 *
 * Optional environment variables:
@@ -56,6 +57,12 @@ async function init() {
 		console.error("   This secret is used to sign authentication tokens.");
 		process.exit(1);
 	}
+	const passwordViolations = validatePasswordPolicy(password, { userEmail: username });
+	if (passwordViolations.length > 0) {
+		console.error("❌ INKEEP_AGENTS_MANAGE_UI_PASSWORD does not meet the password policy:");
+		for (const v of passwordViolations) console.error(`   - ${v.message}`);
+		process.exit(1);
+	}
 	const auth = createAuth({
 		baseURL: process.env.INKEEP_AGENTS_API_URL || "http://localhost:3002",
 		secret: authSecret,
@@ -73,18 +80,8 @@ async function init() {
 	else console.log(`   ℹ️  Organization already exists: ${TENANT_ID}`);
 	console.log(`\n👤 Creating admin user: ${username}`);
 	let user = await getUserByEmail(dbClient)(username);
-	if (user) {
-		console.log(`   ℹ️  User already exists: ${username}`);
-		try {
-			const ctx = await auth.$context;
-			const hashedPassword = await ctx.password.hash(password);
-			await ctx.internalAdapter.updatePassword(user.id, hashedPassword);
-			console.log("   ✅ Password synced from .env");
-		} catch (error) {
-			console.error("   ❌ Failed to sync password from .env:", error);
-			process.exit(1);
-		}
-	} else {
+	if (user) console.log(`   ℹ️  User already exists: ${username} — skipping creation and password update`);
+	else {
 		console.log("   Creating user with Better Auth...");
 		if (!(await auth.api.signUpEmail({ body: {
 			email: username,

package/dist/auth/password-policy-rules.d.ts

@@ -0,0 +1,18 @@
+//#region src/auth/password-policy-rules.d.ts
+declare const MIN_PASSWORD_LENGTH = 15;
+interface PasswordRequirement {
+  rule: string;
+  label: string;
+  test: (password: string) => boolean;
+}
+declare const PASSWORD_REQUIREMENTS: PasswordRequirement[];
+interface PasswordPolicyContext {
+  userName?: string;
+  userEmail?: string;
+}
+interface PolicyViolation {
+  rule: string;
+  message: string;
+}
+//#endregion
+export { MIN_PASSWORD_LENGTH, PASSWORD_REQUIREMENTS, type PasswordPolicyContext, type PasswordRequirement, type PolicyViolation };

package/dist/auth/password-policy-rules.js

@@ -0,0 +1,32 @@
+//#region src/auth/password-policy-rules.ts
+const MIN_PASSWORD_LENGTH = 15;
+const PASSWORD_REQUIREMENTS = [
+	{
+		rule: "minLength",
+		label: `At least ${MIN_PASSWORD_LENGTH} characters`,
+		test: (p) => p.length >= MIN_PASSWORD_LENGTH
+	},
+	{
+		rule: "lowercase",
+		label: "One lowercase letter",
+		test: (p) => /[a-z]/.test(p)
+	},
+	{
+		rule: "uppercase",
+		label: "One uppercase letter",
+		test: (p) => /[A-Z]/.test(p)
+	},
+	{
+		rule: "digit",
+		label: "One number",
+		test: (p) => /\d/.test(p)
+	},
+	{
+		rule: "special",
+		label: "One special character",
+		test: (p) => /[!@#$%^&*()_+\-=[\]{};':"\\|,.<>/?`~]/.test(p)
+	}
+];
+
+//#endregion
+export { MIN_PASSWORD_LENGTH, PASSWORD_REQUIREMENTS };

package/dist/auth/password-policy.d.ts

@@ -0,0 +1,10 @@
+import { MIN_PASSWORD_LENGTH, PASSWORD_REQUIREMENTS, PasswordPolicyContext, PasswordRequirement, PolicyViolation } from "./password-policy-rules.js";
+import * as better_auth0 from "better-auth";
+
+//#region src/auth/password-policy.d.ts
+declare function validatePasswordPolicy(password: string, context?: PasswordPolicyContext): PolicyViolation[];
+declare function enforcePasswordPolicy(password: string, context?: PasswordPolicyContext): void;
+declare const passwordPolicyHook: (inputContext: better_auth0.MiddlewareInputContext<better_auth0.MiddlewareOptions>) => Promise<void>;
+declare function generateCompliantPassword(length?: number): string;
+//#endregion
+export { MIN_PASSWORD_LENGTH, PASSWORD_REQUIREMENTS, type PasswordPolicyContext, type PasswordRequirement, type PolicyViolation, enforcePasswordPolicy, generateCompliantPassword, passwordPolicyHook, validatePasswordPolicy };

package/dist/auth/password-policy.js

@@ -0,0 +1,88 @@
+import { MIN_PASSWORD_LENGTH, PASSWORD_REQUIREMENTS } from "./password-policy-rules.js";
+import { APIError, createAuthMiddleware } from "better-auth/api";
+import { randomInt } from "node:crypto";
+
+//#region src/auth/password-policy.ts
+function validatePasswordPolicy(password, context) {
+	const violations = [];
+	for (const req of PASSWORD_REQUIREMENTS) if (!req.test(password)) violations.push({
+		rule: req.rule,
+		message: req.label
+	});
+	const lower = password.toLowerCase();
+	if (context?.userEmail) {
+		const localPart = context.userEmail.split("@")[0]?.toLowerCase();
+		if (localPart && localPart.length >= 3 && lower.includes(localPart)) violations.push({
+			rule: "email",
+			message: "Password must not contain your email address"
+		});
+	}
+	if (context?.userName) {
+		const name = context.userName.toLowerCase();
+		if (name.length >= 3 && lower.includes(name)) violations.push({
+			rule: "name",
+			message: "Password must not contain your name"
+		});
+	}
+	if (lower.includes("inkeep")) violations.push({
+		rule: "company",
+		message: "Password must not contain the company name"
+	});
+	return violations;
+}
+function enforcePasswordPolicy(password, context) {
+	const violations = validatePasswordPolicy(password, context);
+	if (violations.length > 0) throw new APIError("BAD_REQUEST", { message: violations.map((v) => v.message).join("; ") });
+}
+const PASSWORD_POLICY_PATHS = new Set([
+	"/sign-up/email",
+	"/reset-password",
+	"/change-password"
+]);
+function isPlainObject(value) {
+	return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function readString(body, key) {
+	const value = body[key];
+	return typeof value === "string" ? value : void 0;
+}
+const passwordPolicyHook = createAuthMiddleware(async (ctx) => {
+	if (!PASSWORD_POLICY_PATHS.has(ctx.path)) return;
+	if (!isPlainObject(ctx.body)) return;
+	const pw = readString(ctx.body, "newPassword") ?? readString(ctx.body, "password");
+	if (!pw) return;
+	enforcePasswordPolicy(pw, {
+		userEmail: readString(ctx.body, "email"),
+		userName: readString(ctx.body, "name")
+	});
+});
+const LOWERCASE = "abcdefghijklmnopqrstuvwxyz";
+const UPPERCASE = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+const DIGITS = "0123456789";
+const SPECIALS = "!@#%^&*()_+-[];:,.<>/?~";
+const ALL_CHARS = LOWERCASE + UPPERCASE + DIGITS + SPECIALS;
+function pick(alphabet) {
+	return alphabet[randomInt(alphabet.length)];
+}
+function generateCompliantPassword(length = MIN_PASSWORD_LENGTH + 4) {
+	if (length < MIN_PASSWORD_LENGTH) throw new Error(`Password length must be at least ${MIN_PASSWORD_LENGTH}`);
+	for (let attempt = 0; attempt < 10; attempt++) {
+		const chars = [
+			pick(LOWERCASE),
+			pick(UPPERCASE),
+			pick(DIGITS),
+			pick(SPECIALS)
+		];
+		while (chars.length < length) chars.push(pick(ALL_CHARS));
+		for (let i = chars.length - 1; i > 0; i--) {
+			const j = randomInt(i + 1);
+			[chars[i], chars[j]] = [chars[j], chars[i]];
+		}
+		const password = chars.join("");
+		if (validatePasswordPolicy(password).length === 0) return password;
+	}
+	throw new Error("Failed to generate a policy-compliant password");
+}
+
+//#endregion
+export { MIN_PASSWORD_LENGTH, PASSWORD_REQUIREMENTS, enforcePasswordPolicy, generateCompliantPassword, passwordPolicyHook, validatePasswordPolicy };

package/dist/auth/permissions.d.ts

@@ -1,29 +1,29 @@
-import * as better_auth_plugins7 from "better-auth/plugins";
+import * as better_auth_plugins0 from "better-auth/plugins";
 import { AccessControl } from "better-auth/plugins/access";
 import { organizationClient } from "better-auth/client/plugins";
 
 //#region src/auth/permissions.d.ts
 declare const ac: AccessControl;
 declare const memberRole: {
-  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>[key] | {
-    actions: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>[key];
+  authorize<K_1 extends "project" | "organization" | "invitation" | "member" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>[key] | {
+    actions: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>[key];
     connector: "OR" | "AND";
-  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins7.AuthorizeResponse;
-  statements: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>;
+  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
+  statements: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>;
 };
 declare const adminRole: {
-  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>[key] | {
-    actions: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>[key];
+  authorize<K_1 extends "project" | "organization" | "invitation" | "member" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>[key] | {
+    actions: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>[key];
     connector: "OR" | "AND";
-  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins7.AuthorizeResponse;
-  statements: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>;
+  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
+  statements: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>;
 };
 declare const ownerRole: {
-  authorize<K_1 extends "organization" | "member" | "invitation" | "project" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>[key] | {
-    actions: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>[key];
+  authorize<K_1 extends "project" | "organization" | "invitation" | "member" | "team" | "ac">(request: K_1 extends infer T extends K ? { [key in T]?: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>[key] | {
+    actions: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>[key];
     connector: "OR" | "AND";
-  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins7.AuthorizeResponse;
-  statements: better_auth_plugins7.Subset<"organization" | "member" | "invitation" | "project" | "team" | "ac", better_auth_plugins7.Statements>;
+  } | undefined } : never, connector?: "OR" | "AND"): better_auth_plugins0.AuthorizeResponse;
+  statements: better_auth_plugins0.Subset<"project" | "organization" | "invitation" | "member" | "team" | "ac", better_auth_plugins0.Statements>;
 };
 //#endregion
 export { ac, adminRole, memberRole, organizationClient, ownerRole };

package/dist/constants/otel-attributes.d.ts

@@ -101,6 +101,7 @@ declare const SPAN_KEYS: {
   readonly HTTP_RESPONSE_BODY_SIZE: "http.response.body_size";
   readonly NAME: "name";
   readonly PARENT_SPAN_ID: "parentSpanID";
+  readonly PARENT_SPAN_ID_V5: "parent_span_id";
   readonly CONVERSATION_ID: "conversation.id";
   readonly INVOCATION_TYPE: "invocation.type";
   readonly INVOCATION_ENTRY_POINT: "invocation.entryPoint";

package/dist/constants/otel-attributes.js

@@ -101,6 +101,7 @@ const SPAN_KEYS = {
 	HTTP_RESPONSE_BODY_SIZE: "http.response.body_size",
 	NAME: "name",
 	PARENT_SPAN_ID: "parentSpanID",
+	PARENT_SPAN_ID_V5: "parent_span_id",
 	CONVERSATION_ID: "conversation.id",
 	INVOCATION_TYPE: "invocation.type",
 	INVOCATION_ENTRY_POINT: "invocation.entryPoint",

package/dist/constants/signoz-queries.d.ts

@@ -7,6 +7,7 @@ declare const REQUEST_TYPES: {
 };
 declare const QUERY_TYPES: {
   readonly BUILDER_QUERY: "builder_query";
+  readonly BUILDER_TRACE_OPERATOR: "builder_trace_operator";
 };
 declare const FIELD_CONTEXTS: {
   readonly RESOURCE: "resource";
@@ -75,6 +76,8 @@ declare const QUERY_EXPRESSIONS: {
   readonly STREAM_LIFETIME_EXCEEDED: "streamLifetimeExceeded";
   readonly DURABLE_TOOL_EXECUTIONS: "durableToolExecutions";
   readonly USAGE_EVENTS: "usageEvents";
+  readonly AGG_TOOL_CALLS_BY_TYPE: "aggToolCallsByType";
+  readonly AGG_AI_CALLS: "aggAICalls";
 };
 /** Query Order Directions */
 declare const ORDER_DIRECTIONS: {

package/dist/constants/signoz-queries.js

@@ -5,7 +5,10 @@ const REQUEST_TYPES = {
 	RAW: "raw",
 	TRACE: "trace"
 };
-const QUERY_TYPES = { BUILDER_QUERY: "builder_query" };
+const QUERY_TYPES = {
+	BUILDER_QUERY: "builder_query",
+	BUILDER_TRACE_OPERATOR: "builder_trace_operator"
+};
 const FIELD_CONTEXTS = {
 	RESOURCE: "resource",
 	ATTRIBUTE: "attribute",
@@ -97,7 +100,9 @@ const QUERY_EXPRESSIONS = {
 	MAX_STEPS_REACHED: "maxStepsReached",
 	STREAM_LIFETIME_EXCEEDED: "streamLifetimeExceeded",
 	DURABLE_TOOL_EXECUTIONS: "durableToolExecutions",
-	USAGE_EVENTS: "usageEvents"
+	USAGE_EVENTS: "usageEvents",
+	AGG_TOOL_CALLS_BY_TYPE: "aggToolCallsByType",
+	AGG_AI_CALLS: "aggAICalls"
 };
 /** Query Order Directions */
 const ORDER_DIRECTIONS = {

package/dist/data-access/manage/agents.d.ts

@@ -12,14 +12,7 @@ declare const getAgentById: (db: AgentsManageDatabaseClient) => (params: {
 }) => Promise<{
   id: string;
   name: string;
-  createdAt: string;
-  updatedAt: string;
   description: string | null;
-  prompt: string | null;
-  tenantId: string;
-  projectId: string;
-  defaultSubAgentId: string | null;
-  contextConfigId: string | null;
   models: {
     base?: {
       model?: string | undefined;
@@ -40,6 +33,16 @@ declare const getAgentById: (db: AgentsManageDatabaseClient) => (params: {
       allowedProviders?: string[] | undefined;
     } | undefined;
   } | null;
+  stopWhen: {
+    transferCountIs?: number | undefined;
+  } | null;
+  createdAt: string;
+  updatedAt: string;
+  tenantId: string;
+  projectId: string;
+  defaultSubAgentId: string | null;
+  contextConfigId: string | null;
+  prompt: string | null;
   statusUpdates: {
     enabled?: boolean | undefined;
     numEvents?: number | undefined;
@@ -55,9 +58,6 @@ declare const getAgentById: (db: AgentsManageDatabaseClient) => (params: {
       } | undefined;
     }[] | undefined;
   } | null;
-  stopWhen: {
-    transferCountIs?: number | undefined;
-  } | null;
   executionMode: "classic" | "durable";
 } | null>;
 declare const getAgentWithDefaultSubAgent: (db: AgentsManageDatabaseClient) => (params: {
@@ -65,14 +65,7 @@ declare const getAgentWithDefaultSubAgent: (db: AgentsManageDatabaseClient) => (
 }) => Promise<{
   id: string;
   name: string;
-  createdAt: string;
-  updatedAt: string;
   description: string | null;
-  prompt: string | null;
-  tenantId: string;
-  projectId: string;
-  defaultSubAgentId: string | null;
-  contextConfigId: string | null;
   models: {
     base?: {
       model?: string | undefined;
@@ -93,6 +86,16 @@ declare const getAgentWithDefaultSubAgent: (db: AgentsManageDatabaseClient) => (
       allowedProviders?: string[] | undefined;
     } | undefined;
   } | null;
+  stopWhen: {
+    transferCountIs?: number | undefined;
+  } | null;
+  createdAt: string;
+  updatedAt: string;
+  tenantId: string;
+  projectId: string;
+  defaultSubAgentId: string | null;
+  contextConfigId: string | null;
+  prompt: string | null;
   statusUpdates: {
     enabled?: boolean | undefined;
     numEvents?: number | undefined;
@@ -108,20 +111,11 @@ declare const getAgentWithDefaultSubAgent: (db: AgentsManageDatabaseClient) => (
       } | undefined;
     }[] | undefined;
   } | null;
-  stopWhen: {
-    transferCountIs?: number | undefined;
-  } | null;
   executionMode: "classic" | "durable";
   defaultSubAgent: {
     id: string;
     name: string;
-    createdAt: string;
-    updatedAt: string;
     description: string | null;
-    prompt: string | null;
-    tenantId: string;
-    projectId: string;
-    agentId: string;
     models: {
       base?: {
         model?: string | undefined;
@@ -145,6 +139,12 @@ declare const getAgentWithDefaultSubAgent: (db: AgentsManageDatabaseClient) => (
     stopWhen: {
       stepCountIs?: number | undefined;
     } | null;
+    createdAt: string;
+    updatedAt: string;
+    tenantId: string;
+    projectId: string;
+    prompt: string | null;
+    agentId: string;
     conversationHistoryConfig: ConversationHistoryConfig | null;
   } | null;
 } | null>;
@@ -153,14 +153,7 @@ declare const listAgents: (db: AgentsManageDatabaseClient) => (params: {
 }) => Promise<{
   id: string;
   name: string;
-  createdAt: string;
-  updatedAt: string;
   description: string | null;
-  prompt: string | null;
-  tenantId: string;
-  projectId: string;
-  defaultSubAgentId: string | null;
-  contextConfigId: string | null;
   models: {
     base?: {
       model?: string | undefined;
@@ -181,6 +174,16 @@ declare const listAgents: (db: AgentsManageDatabaseClient) => (params: {
       allowedProviders?: string[] | undefined;
     } | undefined;
   } | null;
+  stopWhen: {
+    transferCountIs?: number | undefined;
+  } | null;
+  createdAt: string;
+  updatedAt: string;
+  tenantId: string;
+  projectId: string;
+  defaultSubAgentId: string | null;
+  contextConfigId: string | null;
+  prompt: string | null;
   statusUpdates: {
     enabled?: boolean | undefined;
     numEvents?: number | undefined;
@@ -196,9 +199,6 @@ declare const listAgents: (db: AgentsManageDatabaseClient) => (params: {
       } | undefined;
     }[] | undefined;
   } | null;
-  stopWhen: {
-    transferCountIs?: number | undefined;
-  } | null;
   executionMode: "classic" | "durable";
 }[]>;
 declare const listAgentsPaginated: (db: AgentsManageDatabaseClient) => (params: {
@@ -283,14 +283,7 @@ declare function listAgentsAcrossProjectMainBranches(db: AgentsManageDatabaseCli
 declare const createAgent: (db: AgentsManageDatabaseClient) => (data: AgentInsert) => Promise<{
   id: string;
   name: string;
-  createdAt: string;
-  updatedAt: string;
   description: string | null;
-  prompt: string | null;
-  tenantId: string;
-  projectId: string;
-  defaultSubAgentId: string | null;
-  contextConfigId: string | null;
   models: {
     base?: {
       model?: string | undefined;
@@ -311,6 +304,16 @@ declare const createAgent: (db: AgentsManageDatabaseClient) => (data: AgentInser
       allowedProviders?: string[] | undefined;
     } | undefined;
   } | null;
+  stopWhen: {
+    transferCountIs?: number | undefined;
+  } | null;
+  createdAt: string;
+  updatedAt: string;
+  tenantId: string;
+  projectId: string;
+  defaultSubAgentId: string | null;
+  contextConfigId: string | null;
+  prompt: string | null;
   statusUpdates: {
     enabled?: boolean | undefined;
     numEvents?: number | undefined;
@@ -326,9 +329,6 @@ declare const createAgent: (db: AgentsManageDatabaseClient) => (data: AgentInser
       } | undefined;
     }[] | undefined;
   } | null;
-  stopWhen: {
-    transferCountIs?: number | undefined;
-  } | null;
   executionMode: "classic" | "durable";
 }>;
 declare const updateAgent: (db: AgentsManageDatabaseClient) => (params: {

package/dist/data-access/manage/artifactComponents.d.ts

@@ -11,9 +11,9 @@ declare const getArtifactComponentById: (db: AgentsManageDatabaseClient) => (par
 }) => Promise<{
   id: string;
   name: string;
+  description: string | null;
   createdAt: string;
   updatedAt: string;
-  description: string | null;
   tenantId: string;
   projectId: string;
   props: {
@@ -67,9 +67,9 @@ declare const listArtifactComponentsPaginated: (db: AgentsManageDatabaseClient)
 declare const createArtifactComponent: (db: AgentsManageDatabaseClient) => (params: ArtifactComponentInsert) => Promise<{
   id: string;
   name: string;
+  description: string | null;
   createdAt: string;
   updatedAt: string;
-  description: string | null;
   tenantId: string;
   projectId: string;
   props: {

package/dist/data-access/manage/functionTools.d.ts

@@ -55,9 +55,9 @@ declare const createFunctionTool: (db: AgentsManageDatabaseClient) => (params: {
 }) => Promise<{
   id: string;
   name: string;
+  description: string | null;
   createdAt: string;
   updatedAt: string;
-  description: string | null;
   tenantId: string;
   projectId: string;
   agentId: string;
@@ -97,9 +97,9 @@ declare const upsertFunctionTool: (db: AgentsManageDatabaseClient) => (params: {
 }) => Promise<{
   id: string;
   name: string;
+  description: string | null;
   createdAt: string;
   updatedAt: string;
-  description: string | null;
   tenantId: string;
   projectId: string;
   agentId: string;
@@ -163,11 +163,11 @@ declare const addFunctionToolToSubAgent: (db: AgentsManageDatabaseClient) => (pa
   tenantId: string;
   projectId: string;
   agentId: string;
-  subAgentId: string;
-  functionToolId: string;
   toolPolicies: Record<string, {
     needsApproval?: boolean;
   }> | null;
+  subAgentId: string;
+  functionToolId: string;
 }>;
 /**
  * Update an agent-function tool relation
@@ -228,11 +228,11 @@ declare const associateFunctionToolWithSubAgent: (db: AgentsManageDatabaseClient
   tenantId: string;
   projectId: string;
   agentId: string;
-  subAgentId: string;
-  functionToolId: string;
   toolPolicies: Record<string, {
     needsApproval?: boolean;
   }> | null;
+  subAgentId: string;
+  functionToolId: string;
 }>;
 //#endregion
 export { addFunctionToolToSubAgent, associateFunctionToolWithSubAgent, createFunctionTool, deleteFunctionTool, getFunctionToolById, getFunctionToolsForSubAgent, getSubAgentsUsingFunctionTool, isFunctionToolAssociatedWithSubAgent, listFunctionTools, removeFunctionToolFromSubAgent, updateFunctionTool, updateSubAgentFunctionToolRelation, upsertFunctionTool, upsertSubAgentFunctionToolRelation };

package/dist/data-access/manage/skills.d.ts

@@ -17,12 +17,12 @@ declare const getSkillById: (db: AgentsManageDatabaseClient) => (params: {
 }) => Promise<{
   id: string;
   name: string;
+  description: string;
   createdAt: string;
   updatedAt: string;
-  metadata: Record<string, string> | null;
-  description: string;
   tenantId: string;
   projectId: string;
+  metadata: Record<string, string> | null;
   content: string;
 } | null>;
 declare const getSkillByIdWithFiles: (db: AgentsManageDatabaseClient) => (params: {
@@ -112,12 +112,12 @@ declare const createSkill: (db: AgentsManageDatabaseClient) => (data: SkillApiIn
 declare const upsertSkill: (db: AgentsManageDatabaseClient) => (data: SkillApiInsert & WithTenantIdProjectId) => Promise<{
   id: string;
   name: string;
+  description: string;
   createdAt: string;
   updatedAt: string;
-  metadata: Record<string, string> | null;
-  description: string;
   tenantId: string;
   projectId: string;
+  metadata: Record<string, string> | null;
   content: string;
 }>;
 declare const updateSkill: (db: AgentsManageDatabaseClient) => (params: {