npm - @kweaver-ai/kweaver-sdk - Versions diffs - 0.5.2 → 0.6.0 - Mend

@kweaver-ai/kweaver-sdk 0.5.2 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (56) hide show

package/README.md +19 -1
package/README.zh.md +19 -1
package/dist/api/agent-chat.d.ts +7 -1
package/dist/api/agent-chat.js +146 -40
package/dist/api/agent-list.js +13 -13
package/dist/api/business-domains.js +9 -5
package/dist/api/context-loader.js +4 -1
package/dist/api/conversations.js +4 -9
package/dist/api/dataflow2.d.ts +95 -0
package/dist/api/dataflow2.js +80 -0
package/dist/api/headers.d.ts +2 -0
package/dist/api/headers.js +7 -2
package/dist/api/skills.js +2 -10
package/dist/api/vega.d.ts +0 -16
package/dist/api/vega.js +0 -33
package/dist/auth/oauth.d.ts +1 -1
package/dist/auth/oauth.js +64 -7
package/dist/cli.js +21 -1
package/dist/client.d.ts +9 -0
package/dist/client.js +48 -8
package/dist/commands/auth.js +80 -32
package/dist/commands/bkn-schema.js +22 -0
package/dist/commands/call.js +8 -5
package/dist/commands/dataflow.d.ts +1 -0
package/dist/commands/dataflow.js +251 -0
package/dist/commands/explore-bkn.d.ts +79 -0
package/dist/commands/explore-bkn.js +273 -0
package/dist/commands/explore-chat.d.ts +3 -0
package/dist/commands/explore-chat.js +193 -0
package/dist/commands/explore-vega.d.ts +3 -0
package/dist/commands/explore-vega.js +71 -0
package/dist/commands/explore.d.ts +9 -0
package/dist/commands/explore.js +258 -0
package/dist/commands/vega.js +2 -104
package/dist/config/no-auth.d.ts +3 -0
package/dist/config/no-auth.js +5 -0
package/dist/config/store.d.ts +8 -0
package/dist/config/store.js +22 -0
package/dist/index.d.ts +1 -1
package/dist/index.js +1 -1
package/dist/kweaver.d.ts +5 -0
package/dist/kweaver.js +32 -2
package/dist/resources/bkn.js +2 -3
package/dist/resources/knowledge-networks.js +3 -8
package/dist/resources/vega.d.ts +0 -6
package/dist/resources/vega.js +1 -10
package/dist/templates/explorer/app.js +136 -0
package/dist/templates/explorer/bkn.js +747 -0
package/dist/templates/explorer/chat.js +980 -0
package/dist/templates/explorer/dashboard.js +82 -0
package/dist/templates/explorer/index.html +35 -0
package/dist/templates/explorer/style.css +2440 -0
package/dist/templates/explorer/vega.js +291 -0
package/dist/utils/http.d.ts +3 -0
package/dist/utils/http.js +37 -1
package/package.json +9 -5

package/dist/api/dataflow2.d.ts ADDED Viewed

@@ -0,0 +1,95 @@
+export interface DataflowListItem {
+    id: string;
+    title?: string;
+    status?: string;
+    trigger?: string;
+    creator?: string;
+    updated_at?: number;
+    version_id?: string;
+}
+export interface DataflowListResponse {
+    dags: DataflowListItem[];
+    limit?: number;
+    page?: number;
+    total?: number;
+}
+export interface DataflowRunSource {
+    name?: string;
+    content_type?: string;
+    size?: number;
+    [key: string]: unknown;
+}
+export interface DataflowRunItem {
+    id: string;
+    status?: string;
+    started_at?: number;
+    ended_at?: number | null;
+    reason?: string | null;
+    source?: DataflowRunSource;
+}
+export interface DataflowRunsResponse {
+    results: DataflowRunItem[];
+    limit?: number;
+    page?: number;
+    total?: number;
+}
+export interface DataflowLogMetadata {
+    duration?: number;
+    [key: string]: unknown;
+}
+export interface DataflowLogItem {
+    id: string;
+    operator?: string;
+    status?: string;
+    started_at?: number;
+    updated_at?: number;
+    inputs?: unknown;
+    outputs?: unknown;
+    taskId?: string;
+    metadata?: DataflowLogMetadata;
+}
+export interface DataflowLogsResponse {
+    results: DataflowLogItem[];
+    limit?: number;
+    page?: number;
+    total?: number;
+}
+export interface DataflowRunResponse {
+    dag_instance_id: string;
+}
+interface BaseOptions {
+    baseUrl: string;
+    accessToken: string;
+    businessDomain?: string;
+}
+export interface RunDataflowWithFileOptions extends BaseOptions {
+    dagId: string;
+    fileName: string;
+    fileBytes: Uint8Array;
+}
+export interface RunDataflowWithRemoteUrlOptions extends BaseOptions {
+    dagId: string;
+    url: string;
+    name: string;
+}
+export interface ListDataflowRunsOptions extends BaseOptions {
+    dagId: string;
+    page?: number;
+    limit?: number;
+    sortBy?: string;
+    order?: string;
+    startTime?: number;
+    endTime?: number;
+}
+export interface GetDataflowLogsPageOptions extends BaseOptions {
+    dagId: string;
+    instanceId: string;
+    page: number;
+    limit?: number;
+}
+export declare function listDataflows(options: BaseOptions): Promise<DataflowListResponse>;
+export declare function runDataflowWithFile(options: RunDataflowWithFileOptions): Promise<DataflowRunResponse>;
+export declare function runDataflowWithRemoteUrl(options: RunDataflowWithRemoteUrlOptions): Promise<DataflowRunResponse>;
+export declare function listDataflowRuns(options: ListDataflowRunsOptions): Promise<DataflowRunsResponse>;
+export declare function getDataflowLogsPage(options: GetDataflowLogsPageOptions): Promise<DataflowLogsResponse>;
+export {};

package/dist/api/dataflow2.js ADDED Viewed

@@ -0,0 +1,80 @@
+import { HttpError } from "../utils/http.js";
+import { buildHeaders } from "./headers.js";
+async function parseJsonOrThrow(response) {
+    const body = await response.text();
+    if (!response.ok) {
+        throw new HttpError(response.status, response.statusText, body);
+    }
+    return JSON.parse(body);
+}
+export async function listDataflows(options) {
+    const { baseUrl, accessToken, businessDomain = "bd_public" } = options;
+    const base = baseUrl.replace(/\/+$/, "");
+    const url = `${base}/api/automation/v2/dags?type=data-flow&page=0&limit=-1`;
+    const response = await fetch(url, {
+        method: "GET",
+        headers: buildHeaders(accessToken, businessDomain),
+    });
+    return parseJsonOrThrow(response);
+}
+export async function runDataflowWithFile(options) {
+    const { baseUrl, accessToken, businessDomain = "bd_public", dagId, fileName, fileBytes } = options;
+    const base = baseUrl.replace(/\/+$/, "");
+    const url = `${base}/api/automation/v2/dataflow-doc/trigger/${encodeURIComponent(dagId)}`;
+    const form = new FormData();
+    form.set("file", new Blob([fileBytes]), fileName);
+    const response = await fetch(url, {
+        method: "POST",
+        headers: buildHeaders(accessToken, businessDomain),
+        body: form,
+    });
+    return parseJsonOrThrow(response);
+}
+export async function runDataflowWithRemoteUrl(options) {
+    const { baseUrl, accessToken, businessDomain = "bd_public", dagId, url, name } = options;
+    const base = baseUrl.replace(/\/+$/, "");
+    const endpoint = `${base}/api/automation/v2/dataflow-doc/trigger/${encodeURIComponent(dagId)}`;
+    const response = await fetch(endpoint, {
+        method: "POST",
+        headers: {
+            ...buildHeaders(accessToken, businessDomain),
+            "content-type": "application/json",
+        },
+        body: JSON.stringify({
+            source_from: "remote",
+            url,
+            name,
+        }),
+    });
+    return parseJsonOrThrow(response);
+}
+export async function listDataflowRuns(options) {
+    const { baseUrl, accessToken, businessDomain = "bd_public", dagId, page = 0, limit = 100, sortBy, order, startTime, endTime, } = options;
+    const base = baseUrl.replace(/\/+$/, "");
+    const url = new URL(`${base}/api/automation/v2/dag/${encodeURIComponent(dagId)}/results`);
+    url.searchParams.set("page", String(page));
+    url.searchParams.set("limit", String(limit));
+    if (sortBy)
+        url.searchParams.set("sortBy", sortBy);
+    if (order)
+        url.searchParams.set("order", order);
+    if (startTime != null)
+        url.searchParams.set("start_time", String(startTime));
+    if (endTime != null)
+        url.searchParams.set("end_time", String(endTime));
+    const response = await fetch(url.toString(), {
+        method: "GET",
+        headers: buildHeaders(accessToken, businessDomain),
+    });
+    return parseJsonOrThrow(response);
+}
+export async function getDataflowLogsPage(options) {
+    const { baseUrl, accessToken, businessDomain = "bd_public", dagId, instanceId, page, limit = 10 } = options;
+    const base = baseUrl.replace(/\/+$/, "");
+    const url = `${base}/api/automation/v2/dag/${encodeURIComponent(dagId)}/result/${encodeURIComponent(instanceId)}?page=${page}&limit=${limit}`;
+    const response = await fetch(url, {
+        method: "GET",
+        headers: buildHeaders(accessToken, businessDomain),
+    });
+    return parseJsonOrThrow(response);
+}

package/dist/api/headers.d.ts CHANGED Viewed

@@ -5,5 +5,7 @@
  * environment variables KWEAVER_ACCOUNT_ID and KWEAVER_ACCOUNT_TYPE.
  * These are required by older platform versions (e.g. dip-poc.aishu.cn)
  * that do not infer account info from the token automatically.
+ *
+ * When accessToken is the no-auth sentinel, `authorization` and `token` are omitted.
  */
 export declare function buildHeaders(accessToken: string, businessDomain: string): Record<string, string>;

package/dist/api/headers.js CHANGED Viewed

@@ -1,3 +1,4 @@
+import { isNoAuth } from "../config/no-auth.js";
 /**
  * Shared HTTP header builder for all KWeaver API calls.
  *
@@ -5,16 +6,20 @@
  * environment variables KWEAVER_ACCOUNT_ID and KWEAVER_ACCOUNT_TYPE.
  * These are required by older platform versions (e.g. dip-poc.aishu.cn)
  * that do not infer account info from the token automatically.
+ *
+ * When accessToken is the no-auth sentinel, `authorization` and `token` are omitted.
  */
 export function buildHeaders(accessToken, businessDomain) {
     const headers = {
         accept: "application/json, text/plain, */*",
         "accept-language": "zh-cn",
-        authorization: `Bearer ${accessToken}`,
-        token: accessToken,
         "x-business-domain": businessDomain,
         "x-language": "zh-cn",
     };
+    if (!isNoAuth(accessToken)) {
+        headers.authorization = `Bearer ${accessToken}`;
+        headers.token = accessToken;
+    }
     const accountId = process.env.KWEAVER_ACCOUNT_ID;
     const accountType = process.env.KWEAVER_ACCOUNT_TYPE;
     if (accountId)

package/dist/api/skills.js CHANGED Viewed

@@ -2,19 +2,11 @@ import { spawnSync } from "node:child_process";
 import { Buffer } from "node:buffer";
 import { existsSync, mkdirSync, readdirSync, renameSync, rmSync, writeFileSync } from "node:fs";
 import { basename, resolve } from "node:path";
+import { buildHeaders as buildPlatformHeaders } from "./headers.js";
 import { HttpError, fetchTextOrThrow } from "../utils/http.js";
 const SKILL_API_PREFIX = "/api/agent-operator-integration/v1";
-function buildHeaders(accessToken, businessDomain) {
-    return {
-        accept: "application/json, text/plain, */*",
-        authorization: `Bearer ${accessToken}`,
-        token: accessToken,
-        "x-business-domain": businessDomain,
-        "x-language": "zh-cn",
-    };
-}
 function baseHeaders(opts) {
-    return buildHeaders(opts.accessToken, opts.businessDomain ?? "bd_public");
+    return buildPlatformHeaders(opts.accessToken, opts.businessDomain ?? "bd_public");
 }
 function buildUrl(baseUrl, path) {
     return `${baseUrl.replace(/\/+$/, "")}${path}`;

package/dist/api/vega.d.ts CHANGED Viewed

@@ -165,15 +165,6 @@ export interface SetVegaConnectorTypeEnabledOptions {
     businessDomain?: string;
 }
 export declare function setVegaConnectorTypeEnabled(options: SetVegaConnectorTypeEnabledOptions): Promise<string>;
-export interface ListVegaDiscoverTasksOptions {
-    baseUrl: string;
-    accessToken: string;
-    status?: string;
-    limit?: number;
-    offset?: number;
-    businessDomain?: string;
-}
-export declare function listVegaDiscoverTasks(options: ListVegaDiscoverTasksOptions): Promise<string>;
 export interface CreateVegaDatasetDocsOptions {
     baseUrl: string;
     accessToken: string;
@@ -237,10 +228,3 @@ export interface ListAllVegaResourcesOptions {
     businessDomain?: string;
 }
 export declare function listAllVegaResources(options: ListAllVegaResourcesOptions): Promise<string>;
-export interface GetVegaDiscoverTaskOptions {
-    baseUrl: string;
-    accessToken: string;
-    id: string;
-    businessDomain?: string;
-}
-export declare function getVegaDiscoverTask(options: GetVegaDiscoverTaskOptions): Promise<string>;

package/dist/api/vega.js CHANGED Viewed

@@ -346,26 +346,6 @@ export async function setVegaConnectorTypeEnabled(options) {
         throw new HttpError(response.status, response.statusText, body);
     return body;
 }
-export async function listVegaDiscoverTasks(options) {
-    const { baseUrl, accessToken, status, limit, offset, businessDomain = "bd_public", } = options;
-    const base = baseUrl.replace(/\/+$/, "");
-    const url = new URL(`${base}${VEGA_BASE}/discover-tasks`);
-    if (status)
-        url.searchParams.set("status", status);
-    if (limit !== undefined)
-        url.searchParams.set("limit", String(limit));
-    if (offset !== undefined)
-        url.searchParams.set("offset", String(offset));
-    const response = await fetch(url.toString(), {
-        method: "GET",
-        headers: buildHeaders(accessToken, businessDomain),
-    });
-    const body = await response.text();
-    if (!response.ok) {
-        throw new HttpError(response.status, response.statusText, body);
-    }
-    return body;
-}
 export async function createVegaDatasetDocs(options) {
     const { baseUrl, accessToken, id, body: requestBody, businessDomain = "bd_public" } = options;
     const base = baseUrl.replace(/\/+$/, "");
@@ -495,16 +475,3 @@ export async function listAllVegaResources(options) {
         throw new HttpError(response.status, response.statusText, body);
     return body;
 }
-export async function getVegaDiscoverTask(options) {
-    const { baseUrl, accessToken, id, businessDomain = "bd_public" } = options;
-    const base = baseUrl.replace(/\/+$/, "");
-    const url = `${base}${VEGA_BASE}/discover-tasks/${encodeURIComponent(id)}`;
-    const response = await fetch(url, {
-        method: "GET",
-        headers: buildHeaders(accessToken, businessDomain),
-    });
-    const body = await response.text();
-    if (!response.ok)
-        throw new HttpError(response.status, response.statusText, body);
-    return body;
-}

package/dist/auth/oauth.d.ts CHANGED Viewed

@@ -21,7 +21,7 @@ export declare function normalizeBaseUrl(value: string): string;
  */
 export declare function oauth2Login(baseUrl: string, options?: {
     port?: number;
-    /** Full redirect URI override (e.g. "http://127.0.0.1:8080/callback" or a remote URL). */
+    /** Full redirect URI override (e.g. "http://127.0.0.1:9010/callback" or a remote URL). */
     redirectUri?: string;
     scope?: string;
     clientId?: string;

package/dist/auth/oauth.js CHANGED Viewed

@@ -1,5 +1,6 @@
-import { deleteClientConfig, getCurrentPlatform, loadClientConfig, loadTokenConfig, loadUserTokenConfig, resolveUserId, saveClientConfig, saveTokenConfig, setCurrentPlatform, } from "../config/store.js";
-import { HttpError, NetworkRequestError } from "../utils/http.js";
+import { isNoAuth } from "../config/no-auth.js";
+import { deleteClientConfig, getCurrentPlatform, loadClientConfig, loadTokenConfig, loadUserTokenConfig, resolveUserId, saveClientConfig, saveNoAuthPlatform, saveTokenConfig, setCurrentPlatform, } from "../config/store.js";
+import { HttpError, NetworkRequestError, fetchWithRetry } from "../utils/http.js";
 const TOKEN_TTL_SECONDS = 3600;
 /** Seconds before access token expiry to trigger refresh (matches Python ConfigAuth). */
 const REFRESH_THRESHOLD_SEC = 60;
@@ -282,7 +283,17 @@ export async function oauth2Login(baseUrl, options) {
         const listenPort = parsedRedirect?.port ?? port;
         const callbackPathname = parsedRedirect?.pathname ?? "/callback";
         // Step 1: Determine client — use provided client ID or fall back to dynamic registration
-        let client = await resolveOrRegisterClient(base, redirectUri, scope, options);
+        let client;
+        try {
+            client = await resolveOrRegisterClient(base, redirectUri, scope, options);
+        }
+        catch (e) {
+            if (e instanceof HttpError && e.status === 404) {
+                process.stderr.write("OAuth2 endpoint not found (404). Saving platform in no-auth mode.\n");
+                return saveNoAuthPlatform(base, { tlsInsecure: options?.tlsInsecure });
+            }
+            throw e;
+        }
         // Use PKCE when no client secret is available (public client / platform client).
         const usePkce = !client.clientSecret;
         const pkce = usePkce ? await generatePkce() : null;
@@ -515,7 +526,17 @@ export async function playwrightLogin(baseUrl, options) {
         const callbackPathname = parsedRedirect?.pathname ?? "/callback";
         const hasCredentials = !!(options?.username && options?.password);
         // Step 1: Ensure registered OAuth2 client (with stale-client auto-recovery)
-        let client = await resolveOrRegisterClient(base, redirectUri, scope);
+        let client;
+        try {
+            client = await resolveOrRegisterClient(base, redirectUri, scope);
+        }
+        catch (e) {
+            if (e instanceof HttpError && e.status === 404) {
+                process.stderr.write("OAuth2 endpoint not found (404). Saving platform in no-auth mode.\n");
+                return saveNoAuthPlatform(base, { tlsInsecure: options?.tlsInsecure });
+            }
+            throw e;
+        }
         // Step 2: Generate CSRF state
         const state = randomBytes(12).toString("hex");
         // Step 3: Build authorization URL
@@ -676,6 +697,9 @@ export async function refreshTokenLogin(baseUrl, options) {
     return token;
 }
 function tokenNeedsRefresh(token) {
+    if (isNoAuth(token.accessToken)) {
+        return false;
+    }
     if (!token.expiresAt) {
         return false;
     }
@@ -692,6 +716,9 @@ function tokenNeedsRefresh(token) {
  */
 export async function refreshAccessToken(token) {
     const baseUrl = normalizeBaseUrl(token.baseUrl);
+    if (isNoAuth(token.accessToken)) {
+        throw new Error(`Cannot refresh no-auth session for ${baseUrl}.`);
+    }
     const refreshToken = token.refreshToken?.trim();
     if (!refreshToken) {
         throw new Error(`Token expired and no refresh_token available for ${baseUrl}. Run \`kweaver auth login ${baseUrl}\` again.`);
@@ -710,7 +737,7 @@ export async function refreshAccessToken(token) {
     });
     let response;
     try {
-        response = await runWithTlsInsecure(token.tlsInsecure, () => fetch(url, {
+        response = await runWithTlsInsecure(token.tlsInsecure, () => fetchWithRetry(url, {
             method: "POST",
             headers: {
                 Authorization: `Basic ${credentials}`,
@@ -777,11 +804,24 @@ export async function ensureValidToken(opts) {
         return {
             baseUrl: normalizeBaseUrl(envBaseUrl),
             accessToken: rawToken,
-            tokenType: "bearer",
+            tokenType: isNoAuth(rawToken) ? "none" : "bearer",
             scope: "",
             obtainedAt: new Date().toISOString(),
         };
     }
+    if (!opts?.forceRefresh && envToken && !envBaseUrl) {
+        const currentPlatformForEnv = getCurrentPlatform();
+        if (currentPlatformForEnv) {
+            const rawToken = envToken.replace(/^Bearer\s+/i, "");
+            return {
+                baseUrl: normalizeBaseUrl(currentPlatformForEnv),
+                accessToken: rawToken,
+                tokenType: isNoAuth(rawToken) ? "none" : "bearer",
+                scope: "",
+                obtainedAt: new Date().toISOString(),
+            };
+        }
+    }
     const currentPlatform = getCurrentPlatform();
     if (!currentPlatform) {
         throw new Error("No active platform selected. Run `kweaver auth login <platform-url>` first.");
@@ -803,6 +843,9 @@ export async function ensureValidToken(opts) {
     if (!token) {
         throw new Error(`No saved token for ${currentPlatform}. Run \`kweaver auth login ${currentPlatform}\` first.`);
     }
+    if (isNoAuth(token.accessToken)) {
+        return token;
+    }
     if (opts?.forceRefresh) {
         return refreshAccessToken(token);
     }
@@ -845,6 +888,9 @@ export async function with401RefreshRetry(fn) {
             if (!latest) {
                 throw error;
             }
+            if (isNoAuth(latest.accessToken)) {
+                throw error;
+            }
             try {
                 await refreshAccessToken(latest);
             }
@@ -869,6 +915,9 @@ export async function withTokenRetry(fn) {
     }
     catch (error) {
         if (error instanceof HttpError && error.status === 401) {
+            if (isNoAuth(token.accessToken)) {
+                throw error;
+            }
             const platformUrl = normalizeBaseUrl(token.baseUrl);
             const envUser = process.env.KWEAVER_USER;
             let latest;
@@ -918,6 +967,11 @@ function formatOAuthErrorBody(body) {
     }
     return lines.join("\n");
 }
+function isTlsVerificationDisabledForProcess() {
+    return (process.env.NODE_TLS_REJECT_UNAUTHORIZED === "0" ||
+        process.env.KWEAVER_TLS_INSECURE === "1" ||
+        process.env.KWEAVER_TLS_INSECURE === "true");
+}
 export function formatHttpError(error) {
     if (error instanceof HttpError) {
         const oauthMessage = formatOAuthErrorBody(error.body);
@@ -938,7 +992,10 @@ export function formatHttpError(error) {
     if (error instanceof Error) {
         const cause = "cause" in error && error.cause instanceof Error ? error.cause.message : "";
         if (cause && error.message === "fetch failed") {
-            return `${error.message}: ${cause}\nHint: use --insecure (-k) to skip TLS verification for self-signed certificates.`;
+            const hint = isTlsVerificationDisabledForProcess()
+                ? "Hint: TLS verification is already disabled for this process. Check network reachability, TLS termination, or proxy stability."
+                : "Hint: use --insecure (-k) to skip TLS verification for self-signed certificates.";
+            return `${error.message}: ${cause}\n${hint}`;
         }
         return error.message;
     }

package/dist/cli.js CHANGED Viewed

@@ -1,3 +1,4 @@
+import { NO_AUTH_TOKEN } from "./config/no-auth.js";
 import { applyTlsEnvFromSavedTokens } from "./config/tls-env.js";
 import { runAgentCommand } from "./commands/agent.js";
 import { runAuthCommand } from "./commands/auth.js";
@@ -5,7 +6,9 @@ import { runKnCommand } from "./commands/bkn.js";
 import { runCallCommand } from "./commands/call.js";
 import { runConfigCommand } from "./commands/config.js";
 import { runContextLoaderCommand } from "./commands/context-loader.js";
+import { runDataflowCommand } from "./commands/dataflow.js";
 import { runDsCommand } from "./commands/ds.js";
+import { runExploreCommand } from "./commands/explore.js";
 import { runDataviewCommand } from "./commands/dataview.js";
 import { runSkillCommand } from "./commands/skill.js";
 import { runTokenCommand } from "./commands/token.js";
@@ -18,7 +21,7 @@ Usage:
   kweaver --version | -V
   kweaver --help | -h
-  kweaver auth <platform-url> [--alias name] [-u user] [-p pass] [--playwright] [--insecure|-k]
+  kweaver auth <platform-url> [--alias name] [--no-auth] [-u user] [-p pass] [--playwright] [--insecure|-k]
   kweaver auth login <platform-url>          (alias for auth <url>)
   kweaver auth login <url> --client-id ID --client-secret S --refresh-token T   (run on host without browser)
   kweaver auth whoami [platform-url|alias] [--json]
@@ -55,6 +58,11 @@ Usage:
   kweaver ds tables <id> [--keyword X] [--pretty]
   kweaver ds connect <db_type> <host> <port> <database> --account X --password Y [--schema S] [--name N]
+  kweaver dataflow list [-bd value]
+  kweaver dataflow run <dagId> (--file <path> | --url <remote-url> --name <filename>) [-bd value]
+  kweaver dataflow runs <dagId> [--since <date-like>] [-bd value]
+  kweaver dataflow logs <dagId> <instanceId> [--detail] [-bd value]
   kweaver dataview list [--datasource-id id] [--type atomic|custom] [--limit n] [-bd value] [--pretty]
   kweaver dataview find --name <name> [--exact] [--datasource-id id] [--wait] [--timeout ms] [-bd value] [--pretty]
   kweaver dataview get <id> [-bd value] [--pretty]
@@ -114,6 +122,7 @@ Commands:
   call (curl)    Call an API with curl-style flags and auto-injected token headers
   agent          Agent CRUD, chat, sessions, history, publish/unpublish
   ds             Manage datasources (list, get, delete, tables, connect)
+  dataflow       Dataflow document workflows (list, run, runs, logs)
   dataview|dv    List, find, get, query (SQL), delete data views (atomic / custom)
   bkn            Knowledge network (CRUD, build, validate, export, stats, push/pull,
                  object-type, relation-type, subgraph, action-type, action-execution, action-log)
@@ -125,6 +134,11 @@ Commands:
 }
 export async function run(argv) {
     applyTlsEnvFromSavedTokens();
+    const noAuthEnv = process.env.KWEAVER_NO_AUTH;
+    if ((noAuthEnv === "1" || noAuthEnv === "true" || noAuthEnv === "yes") &&
+        !process.env.KWEAVER_TOKEN) {
+        process.env.KWEAVER_TOKEN = NO_AUTH_TOKEN;
+    }
     // Global --user flag: override active user for this invocation
     const userIdx = argv.indexOf("--user");
     let filteredArgv = argv;
@@ -153,6 +167,9 @@ export async function run(argv) {
     if (command === "ds") {
         return runDsCommand(rest);
     }
+    if (command === "dataflow") {
+        return runDataflowCommand(rest);
+    }
     if (command === "dataview" || command === "dv") {
         return runDataviewCommand(rest);
     }
@@ -162,6 +179,9 @@ export async function run(argv) {
     if (command === "agent") {
         return runAgentCommand(rest);
     }
+    if (command === "explore") {
+        return runExploreCommand(rest);
+    }
     if (command === "bkn") {
         return runKnCommand(rest);
     }

package/dist/client.d.ts CHANGED Viewed

@@ -40,8 +40,17 @@ export interface KWeaverClientOptions {
      * When true, read credentials exclusively from ~/.kweaver/ (saved by
      * `kweaver auth login`), ignoring KWEAVER_BASE_URL / KWEAVER_TOKEN env vars.
      * Useful when env vars hold stale tokens or are intended for other tooling.
+     * Incompatible with `auth: false` — the constructor throws if both are set.
      */
     config?: boolean;
+    /**
+     * When false, use no-auth mode: API requests omit Authorization / token headers.
+     * Requires a resolvable base URL: `baseUrl`, `KWEAVER_BASE_URL`, or the active
+     * platform from `kweaver auth login`. Incompatible with `config: true` — use
+     * saved `~/.kweaver/` credentials (including `__NO_AUTH__`) via `config: true`
+     * alone instead of passing `auth: false`.
+     */
+    auth?: boolean;
 }
 /**
  * Main entry point for the KWeaver TypeScript SDK.

package/dist/client.js CHANGED Viewed

@@ -1,5 +1,7 @@
 import { applyTlsEnvFromSavedTokens } from "./config/tls-env.js";
+import { NO_AUTH_TOKEN, isNoAuth } from "./config/no-auth.js";
 import { getCurrentPlatform, loadTokenConfig, } from "./config/store.js";
+import { buildHeaders } from "./api/headers.js";
 import { ensureValidToken } from "./auth/oauth.js";
 import { AgentsResource } from "./resources/agents.js";
 import { ConversationsResource } from "./resources/conversations.js";
@@ -64,8 +66,39 @@ export class KWeaverClient {
     skills;
     constructor(opts = {}) {
         const envDomain = process.env.KWEAVER_BUSINESS_DOMAIN;
+        if (opts.auth === false && opts.config) {
+            throw new Error("KWeaverClient: auth: false is incompatible with config: true.");
+        }
         let baseUrl;
         let accessToken;
+        if (opts.auth === false) {
+            {
+                const envUrl = process.env.KWEAVER_BASE_URL;
+                baseUrl = opts.baseUrl ?? envUrl;
+                if (!baseUrl) {
+                    const platform = getCurrentPlatform();
+                    if (platform)
+                        baseUrl = platform;
+                }
+            }
+            if (!baseUrl) {
+                throw new Error("KWeaverClient: baseUrl is required when auth is false. " +
+                    "Pass it explicitly, set KWEAVER_BASE_URL, or run `kweaver auth login`.");
+            }
+            this._baseUrl = baseUrl.replace(/\/+$/, "");
+            this._accessToken = NO_AUTH_TOKEN;
+            this._businessDomain = opts.businessDomain ?? envDomain ?? "bd_public";
+            this.knowledgeNetworks = new KnowledgeNetworksResource(this);
+            this.agents = new AgentsResource(this);
+            this.bkn = new BknResource(this);
+            this.conversations = new ConversationsResource(this);
+            this.dataflows = new DataflowsResource(this);
+            this.datasources = new DataSourcesResource(this);
+            this.dataviews = new DataViewsResource(this);
+            this.vega = new VegaResource(this);
+            this.skills = new SkillsResource(this);
+            return;
+        }
         if (opts.config) {
             // config: true — read exclusively from ~/.kweaver/, ignore env vars
             const platform = getCurrentPlatform();
@@ -140,15 +173,22 @@ export class KWeaverClient {
             accessToken: token.accessToken,
             ...opts,
         });
-        // Quick probe — if the token was revoked server-side, force refresh
-        try {
-            const probe = await fetch(`${token.baseUrl.replace(/\/+$/, "")}/api/ontology-manager/v1/knowledge-networks?limit=1`, { headers: { authorization: `Bearer ${token.accessToken}`, token: token.accessToken } });
-            if (probe.status === 401) {
-                throw new Error("Access token revoked. Run `kweaver auth login` to re-authenticate.");
+        if (!isNoAuth(token.accessToken)) {
+            // Quick probe — if the token was revoked server-side, force refresh
+            try {
+                const bd = client.base().businessDomain;
+                const probe = await fetch(`${token.baseUrl.replace(/\/+$/, "")}/api/ontology-manager/v1/knowledge-networks?limit=1`, { headers: buildHeaders(token.accessToken, bd) });
+                if (probe.status === 401) {
+                    throw new Error("Access token revoked. Run `kweaver auth login` to re-authenticate.");
+                }
+            }
+            catch (e) {
+                if (e instanceof Error &&
+                    e.message.startsWith("Access token revoked")) {
+                    throw e;
+                }
+                // Network error — return client as-is, let the caller deal with it
             }
-        }
-        catch {
-            // Network error — return client as-is, let the caller deal with it
         }
         return client;
     }