@juspay/neurolink 9.57.1 → 9.59.0

package/dist/providers/litellm.js

@@ -5,7 +5,7 @@ import { BaseProvider } from "../core/baseProvider.js";
 import { DEFAULT_MAX_STEPS } from "../core/constants.js";
 import { streamAnalyticsCollector } from "../core/streamAnalytics.js";
 import { createProxyFetch } from "../proxy/proxyFetch.js";
-import { AuthenticationError, InvalidModelError, NetworkError, ProviderError, RateLimitError, } from "../types/index.js";
+import { AuthenticationError, InvalidModelError, ModelAccessDeniedError, NetworkError, ProviderError, RateLimitError, isModelAccessDeniedMessage, parseAllowedModels, } from "../types/index.js";
 import { isAbortError } from "../utils/errorHandling.js";
 import { emitToolEndFromStepFinish } from "../utils/toolEndEmitter.js";
 import { logger } from "../utils/logger.js";
@@ -100,6 +100,17 @@ export class LiteLLMProvider extends BaseProvider {
                 return new NetworkError("LiteLLM proxy server not available. Please start the LiteLLM proxy server at " +
                     `${process.env.LITELLM_BASE_URL || "http://localhost:4000"}`, this.providerName);
             }
+            // Curator P1-1: detect "team not allowed to access model" responses
+            // and surface as ModelAccessDeniedError with the allowed_models array
+            // parsed from the body. Must run before the generic "API key" check
+            // because LiteLLM phrases this as a 403 distinct from auth.
+            if (isModelAccessDeniedMessage(errorRecord.message)) {
+                return new ModelAccessDeniedError(errorRecord.message, {
+                    provider: this.providerName,
+                    requestedModel: this.modelName,
+                    allowedModels: parseAllowedModels(errorRecord.message),
+                });
+            }
             if (errorRecord.message.includes("API_KEY_INVALID") ||
                 errorRecord.message.includes("Invalid API key")) {
                 return new AuthenticationError("Invalid LiteLLM configuration. Please check your LITELLM_API_KEY environment variable.", this.providerName);

package/dist/providers/openAI.js

@@ -235,10 +235,27 @@ export class OpenAIProvider extends BaseProvider {
         const errorType = errorObj?.type && typeof errorObj.type === "string"
             ? errorObj.type
             : undefined;
+        const statusCode = typeof errorObj?.status === "number"
+            ? errorObj.status
+            : typeof errorObj?.statusCode === "number"
+                ? errorObj.statusCode
+                : undefined;
+        // Curator P1-1 / Reviewer Finding #4: only the explicit auth markers
+        // map to AuthenticationError. Earlier we treated every
+        // `invalid_request_error` as an auth failure — that's OpenAI's catch-all
+        // for any bad request (unsupported parameter, malformed JSON, etc.) and
+        // mislabelled them as "invalid API key". Use credential-specific
+        // signals only.
         if (message.includes("API_KEY_INVALID") ||
             message.includes("Invalid API key") ||
-            errorType === "invalid_api_key") {
-            return new AuthenticationError("Invalid OpenAI API key. Please check your OPENAI_API_KEY environment variable.", this.providerName);
+            message.includes("Incorrect API key") ||
+            message.includes("invalid_api_key") ||
+            errorType === "invalid_api_key" ||
+            statusCode === 401) {
+            return new AuthenticationError(message.includes("Incorrect API key") ||
+                message.includes("Invalid API key")
+                ? message
+                : "Invalid OpenAI API key. Please check your OPENAI_API_KEY environment variable.", this.providerName);
         }
         if (message.includes("rate limit") || errorType === "rate_limit_error") {
             return new RateLimitError("OpenAI rate limit exceeded. Please try again later.", this.providerName);

package/dist/types/config.d.ts

@@ -21,6 +21,16 @@ export type NeuroLinkConfig = {
     configVersion?: string;
     [key: string]: unknown;
 };
+/**
+ * Curator P2-3: callback signature for centralized fallback policy. Invoked
+ * when a generate/stream call fails with what looks like a model-access-denied
+ * error. Return `{ provider, model }` (either / both optional) to drive a
+ * retry; return `null` to bubble the original error untouched.
+ */
+export type ProviderFallbackCallback = (error: unknown) => Promise<{
+    provider?: string;
+    model?: string;
+} | null>;
 /**
  * Configuration object for NeuroLink constructor.
  */
@@ -43,6 +53,19 @@ export type NeurolinkConstructorConfig = {
      * from this NeuroLink instance. Per-call credentials override these.
      */
     credentials?: NeurolinkCredentials;
+    /**
+     * Curator P2-3: callback invoked on model-access-denied. Lets a host (e.g.
+     * Curator) centrally drive fallback policy. The callback receives the
+     * original error and returns the next `{ provider, model }` to try, or
+     * `null` to bubble the error.
+     */
+    providerFallback?: ProviderFallbackCallback;
+    /**
+     * Curator P2-3: ordered list of model names to try in sequence on
+     * model-access-denied. Sugar over `providerFallback`. The current
+     * provider is preserved across the chain; only the model name changes.
+     */
+    modelChain?: string[];
 };
 /**
  * Configuration for MCP enhancement modules wired into generate()/stream() paths.

package/dist/types/errors.d.ts

@@ -104,3 +104,45 @@ export declare class ModelAccessError extends BaseError {
     readonly requiredTier: string;
     constructor(model: string, tier: string, requiredTier: string);
 }
+/**
+ * Curator P1-1: thrown when a provider rejects a request because the
+ * caller's team / API key is not whitelisted for the requested model.
+ *
+ * LiteLLM's `team not allowed to access model. This team can only access
+ * models=['glm-latest', 'kimi-latest', ...]` is the canonical example —
+ * the list is parsed off the error body so callers / fallback orchestrators
+ * can choose a whitelisted alternative without scraping strings.
+ */
+export declare class ModelAccessDeniedError extends ProviderError {
+    readonly requestedModel: string | undefined;
+    readonly allowedModels: string[] | undefined;
+    readonly code: "MODEL_ACCESS_DENIED";
+    constructor(message: string, options?: {
+        provider?: string;
+        requestedModel?: string;
+        allowedModels?: string[];
+    });
+}
+/**
+ * Parse the `allowed_models` array out of a provider error message body.
+ * Currently targets the LiteLLM team-whitelist response shape:
+ *
+ *   "team not allowed to access model. This team can only access
+ *    models=['glm-latest', 'kimi-latest', 'open-large']"
+ *
+ * Implementation note: deliberately uses `indexOf`/`slice` instead of a
+ * single `/models\s*=\s*\[([^\]]*)\]/` regex. CodeQL flagged the latter
+ * as `js/polynomial-redos` because the `[^\]]*` greedy quantifier on
+ * library-supplied input can be exploited by a crafted long string. The
+ * indexOf/slice path is O(n) with no backtracking and we additionally
+ * cap the input length.
+ *
+ * Returns undefined when no list is found.
+ */
+export declare function parseAllowedModels(message: string): string[] | undefined;
+/**
+ * Returns true when `message` looks like a model-access-denied response
+ * (LiteLLM "team not allowed", generic "not allowed to access model",
+ * or "team can only access models=[...]").
+ */
+export declare function isModelAccessDeniedMessage(message: string): boolean;

package/dist/types/errors.js

@@ -165,3 +165,97 @@ export class ModelAccessError extends BaseError {
         this.requiredTier = requiredTier;
     }
 }
+/**
+ * Curator P1-1: thrown when a provider rejects a request because the
+ * caller's team / API key is not whitelisted for the requested model.
+ *
+ * LiteLLM's `team not allowed to access model. This team can only access
+ * models=['glm-latest', 'kimi-latest', ...]` is the canonical example —
+ * the list is parsed off the error body so callers / fallback orchestrators
+ * can choose a whitelisted alternative without scraping strings.
+ */
+export class ModelAccessDeniedError extends ProviderError {
+    requestedModel;
+    allowedModels;
+    code = "MODEL_ACCESS_DENIED";
+    constructor(message, options = {}) {
+        super(message, options.provider);
+        this.name = "ModelAccessDeniedError";
+        this.requestedModel = options.requestedModel;
+        this.allowedModels = options.allowedModels;
+    }
+}
+/** Maximum body length we'll attempt to parse. Real provider error
+ *  bodies are well under 10 KB; longer inputs are either truncated
+ *  log output or a deliberate ReDoS attempt. */
+const MAX_ALLOWED_MODELS_INPUT = 10_000;
+/**
+ * Parse the `allowed_models` array out of a provider error message body.
+ * Currently targets the LiteLLM team-whitelist response shape:
+ *
+ *   "team not allowed to access model. This team can only access
+ *    models=['glm-latest', 'kimi-latest', 'open-large']"
+ *
+ * Implementation note: deliberately uses `indexOf`/`slice` instead of a
+ * single `/models\s*=\s*\[([^\]]*)\]/` regex. CodeQL flagged the latter
+ * as `js/polynomial-redos` because the `[^\]]*` greedy quantifier on
+ * library-supplied input can be exploited by a crafted long string. The
+ * indexOf/slice path is O(n) with no backtracking and we additionally
+ * cap the input length.
+ *
+ * Returns undefined when no list is found.
+ */
+export function parseAllowedModels(message) {
+    if (typeof message !== "string" || message.length === 0) {
+        return undefined;
+    }
+    if (message.length > MAX_ALLOWED_MODELS_INPUT) {
+        return undefined;
+    }
+    // Locate `models` keyword case-insensitively, then walk forward to
+    // confirm `=` and `[` markers — no regex backtracking.
+    const lower = message.toLowerCase();
+    let idx = lower.indexOf("models", 0);
+    while (idx !== -1) {
+        let cursor = idx + "models".length;
+        // Skip whitespace
+        while (cursor < message.length && /\s/.test(message[cursor])) {
+            cursor++;
+        }
+        if (message[cursor] !== "=") {
+            idx = lower.indexOf("models", idx + 1);
+            continue;
+        }
+        cursor++;
+        while (cursor < message.length && /\s/.test(message[cursor])) {
+            cursor++;
+        }
+        if (message[cursor] !== "[") {
+            idx = lower.indexOf("models", idx + 1);
+            continue;
+        }
+        const open = cursor;
+        const close = message.indexOf("]", open + 1);
+        if (close === -1) {
+            return undefined;
+        }
+        const inside = message.slice(open + 1, close);
+        const items = inside
+            .split(",")
+            .map((s) => s.trim().replace(/^['"]|['"]$/g, ""))
+            .filter((s) => s.length > 0);
+        return items.length > 0 ? items : undefined;
+    }
+    return undefined;
+}
+/**
+ * Returns true when `message` looks like a model-access-denied response
+ * (LiteLLM "team not allowed", generic "not allowed to access model",
+ * or "team can only access models=[...]").
+ */
+export function isModelAccessDeniedMessage(message) {
+    const lower = message.toLowerCase();
+    return ((lower.includes("team") && lower.includes("not allowed")) ||
+        lower.includes("team can only access") ||
+        /not\s+allowed\s+to\s+access\s+(this\s+)?model/i.test(message));
+}

package/dist/types/generate.d.ts

@@ -447,6 +447,19 @@ export type GenerateOptions = {
      * Unset providers fall through to instance credentials, then environment variables.
      */
     credentials?: NeurolinkCredentials;
+    /**
+     * Curator P2-3: per-call fallback callback. Overrides any
+     * instance-level `providerFallback` set on `new NeuroLink({...})`.
+     */
+    providerFallback?: (error: unknown) => Promise<{
+        provider?: string;
+        model?: string;
+    } | null>;
+    /**
+     * Curator P2-3: per-call ordered model chain. Overrides any
+     * instance-level `modelChain`. Tried in order on model-access-denied.
+     */
+    modelChain?: string[];
     /**
      * Per-call memory control.
      *

package/dist/types/stream.d.ts

@@ -445,6 +445,19 @@ export type StreamOptions = {
      * Unset providers fall through to instance credentials, then environment variables.
      */
     credentials?: NeurolinkCredentials;
+    /**
+     * Curator P2-3: per-call fallback callback. Overrides any
+     * instance-level `providerFallback` set on `new NeuroLink({...})`.
+     */
+    providerFallback?: (error: unknown) => Promise<{
+        provider?: string;
+        model?: string;
+    } | null>;
+    /**
+     * Curator P2-3: per-call ordered model chain. Overrides any
+     * instance-level `modelChain`. Tried in order on model-access-denied.
+     */
+    modelChain?: string[];
     /**
      * Per-call memory control.
      *

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@juspay/neurolink",
-  "version": "9.57.1",
+  "version": "9.59.0",
   "packageManager": "pnpm@10.15.1",
   "description": "Universal AI Development Platform with working MCP integration, multi-provider support, and professional CLI. Built-in tools operational, 58+ external MCP servers discoverable. Connect to filesystem, GitHub, database operations, and more. Build, test, and deploy AI applications with 13 providers: OpenAI, Anthropic, Google AI, AWS Bedrock, Azure, Hugging Face, Ollama, and Mistral AI.",
   "author": {