@mastra/mcp-docs-server 1.1.33-alpha.3 → 1.1.33-alpha.6

package/.docs/docs/agents/guardrails.md

@@ -184,6 +184,28 @@ export const privateAgent = new Agent({
 
 > **Note:** Visit [`PIIDetector()`](https://mastra.ai/reference/processors/pii-detector) reference for a full list of configuration options.
 
+### Enforce cost limits
+
+The `CostGuardProcessor()` monitors cumulative estimated cost across the agentic loop, blocking or warning when a monetary limit is exceeded. It queries cost data from observability storage before each LLM call. Cost checks are approximate — metrics are persisted asynchronously, so fast-running agents may briefly exceed the configured limit before the guard triggers.
+
+```typescript
+import { CostGuardProcessor } from '@mastra/core/processors'
+
+export const budgetedAgent = new Agent({
+  id: 'budgeted-agent',
+  name: 'Budgeted Agent',
+  inputProcessors: [
+    new CostGuardProcessor({
+      maxCost: 5.0,
+      scope: 'thread',
+      window: '24h',
+    }),
+  ],
+})
+```
+
+> **Note:** Visit [`CostGuardProcessor()`](https://mastra.ai/reference/processors/cost-guard-processor) reference for scoping modes, time windows, metric persistence delays, and the `onViolation` callback. Requires observability storage with `getMetricAggregate` support.
+
 ## Processor strategies
 
 Many built-in processors support a `strategy` parameter that controls how they handle flagged content. Supported values include: `block`, `warn`, `detect`, `redact`, `rewrite`, and `translate`.
@@ -201,6 +223,44 @@ inputProcessors: [
 ]
 ```
 
+## Violation callbacks
+
+All processors support an `onViolation` callback that fires when a policy violation is detected, regardless of strategy. Use it for side effects like alerting, logging to external systems, or sending notifications.
+
+The callback receives a `ProcessorViolation` object with `processorId`, `message`, and `detail` (processor-specific metadata).
+
+```typescript
+import { CostGuardProcessor, ModerationProcessor, PIIDetector } from '@mastra/core/processors'
+
+// Alert when cost limits are exceeded
+const costGuard = new CostGuardProcessor({
+  maxCost: 10.0,
+  scope: 'resource',
+  window: '30d',
+})
+
+costGuard.onViolation = ({ processorId, message, detail }) => {
+  alertSystem.notify(`[${processorId}] ${message}`)
+  // detail contains: { usage, limit, totalUsage, scope, scopeKey }
+}
+
+// Log moderation violations
+const moderation = new ModerationProcessor({
+  model: 'openai/gpt-5-nano',
+  strategy: 'block',
+})
+
+moderation.onViolation = ({ processorId, message, detail }) => {
+  auditLog.write({ processor: processorId, violation: message, categories: detail })
+}
+```
+
+The `onViolation` property is part of the base [`Processor` interface](https://mastra.ai/reference/processors/processor-interface), so any processor — including custom ones — can use it. The runner automatically invokes `onViolation` when any processor calls `abort()`. For processors using a `warn` strategy (like `CostGuardProcessor`), the callback also fires on warnings without blocking the request.
+
+Errors thrown by the callback are silently caught to prevent interfering with the processor's main logic.
+
+For more on how violation callbacks integrate with the processor pipeline, see [Violation callbacks](https://mastra.ai/docs/agents/processors) in the Processors documentation.
+
 ## Handle blocked requests
 
 When a processor calls `abort()`, the agent stops processing. How you detect this depends on whether you use `generate()` or `stream()`.

package/.docs/docs/agents/processors.md

@@ -657,6 +657,42 @@ The retry mechanism:
 - Tracks retry count via the `retryCount` parameter
 - Respects `maxProcessorRetries` limit on the agent
 
+### Violation callbacks
+
+All processors expose an `onViolation` property that fires whenever a policy violation is detected — both when `abort()` is called (block strategy) and when a processor issues a warning (warn strategy). Use it for alerting, logging, or side effects without affecting the processor's main logic:
+
+```typescript
+import { ModerationProcessor, CostGuardProcessor } from '@mastra/core/processors'
+
+const moderation = new ModerationProcessor({
+  model: 'openai/gpt-5-nano',
+  strategy: 'block',
+})
+
+moderation.onViolation = ({ processorId, message, detail }) => {
+  // Log to external monitoring, send alerts, update dashboards
+  monitor.track('processor_violation', { processorId, message, detail })
+}
+
+const costGuard = new CostGuardProcessor({
+  maxCost: 10.0,
+  scope: 'resource',
+  window: '30d',
+})
+
+costGuard.onViolation = ({ processorId, message, detail }) => {
+  alertSystem.notify(`[${processorId}] ${message}`)
+}
+```
+
+The callback receives a `ProcessorViolation` object with:
+
+- `processorId`: The ID of the processor that detected the violation
+- `message`: A human-readable description of what was violated
+- `detail`: Processor-specific metadata (e.g. cost usage, detected PII types, moderation categories)
+
+`onViolation` is part of the base [`Processor` interface](https://mastra.ai/reference/processors/processor-interface), so any custom processor can use it too. The runner automatically invokes it when any processor calls `abort()`. Errors thrown inside the callback are silently caught to prevent interfering with the processor pipeline.
+
 ### Abort and tripwire chunks
 
 Calling `abort(reason, options)` throws a `TripWire` error that ends processing. On streams, Mastra emits a `tripwire` chunk clients can detect:

package/.docs/docs/deployment/workflow-runners.md

@@ -6,4 +6,10 @@ Mastra [workflows](https://mastra.ai/docs/workflows/overview) can be executed us
 
 Inngest is a developer platform for running background workflows without managing infrastructure. Mastra workflows can be deployed to Inngest, which provides step memoization, automatic retries, real-time monitoring, and suspend/resume capabilities.
 
-Visit the [Inngest deployment guide](https://mastra.ai/guides/deployment/inngest) for setup instructions and the [Inngest workflow example](https://github.com/mastra-ai/mastra/tree/main/examples/inngest) for a complete implementation.
+Visit the [Inngest deployment guide](https://mastra.ai/guides/deployment/inngest) for setup instructions and the [Inngest workflow example](https://github.com/mastra-ai/mastra/tree/main/examples/inngest) for a complete implementation.
+
+## Temporal
+
+Temporal is a durable execution platform for orchestrating long-running workflows. Mastra workflows can run on Temporal workers, with each `createStep` mapped to a Temporal activity for automatic retries and durable state.
+
+The `@mastra/temporal` package is experimental and not ready for production use. Visit the [Temporal deployment guide](https://mastra.ai/guides/deployment/temporal) for setup instructions.

package/.docs/docs/mcp/overview.md

@@ -332,6 +332,31 @@ const mcp = new MCPClient({
 })
 ```
 
+**Apify**:
+
+[Apify](https://apify.com) is the largest marketplace of tools for AI, with thousands of ready-made [Actors](https://apify.com/store) to extract real-time data from any website, track competitors, generate leads, analyze sentiment, or orchestrate your apps. Connect your agent through the [Apify MCP Server](https://mcp.apify.com).
+
+```typescript
+import { MCPClient } from '@mastra/mcp'
+
+export const mcp = new MCPClient({
+  servers: {
+    apify: {
+      url: new URL('https://mcp.apify.com'),
+      requestInit: {
+        headers: {
+          Authorization: `Bearer ${process.env.APIFY_TOKEN}`,
+        },
+      },
+    },
+  },
+})
+```
+
+Get your API token from the [Apify Console](https://console.apify.com/settings/integrations) and store it as `APIFY_TOKEN` in your environment.
+
+To pick specific Actors and tools, use the [Apify MCP server configurator](https://mcp.apify.com) and copy the generated URL.
+
 **Ampersand**:
 
 [Ampersand](https://withampersand.com?utm_source=mastra-docs) offers an [MCP Server](https://docs.withampersand.com/mcp) that allows you to connect your agent to 150+ integrations with SaaS products like Salesforce, Hubspot, and Zendesk.

package/.docs/docs/server/auth/fga.md

@@ -0,0 +1,141 @@
+# Fine-Grained Authorization (FGA)
+
+Fine-Grained Authorization (FGA) adds resource-level permission checks to your Mastra application. While RBAC answers "can this role do this action?", FGA answers **"can this user do this action on this specific resource?"**
+
+## When to use FGA
+
+FGA is designed for multi-tenant B2B products where permissions are contextual:
+
+- A user might be an **admin** of Team A but only a **member** of Team B
+- Thread access should be limited to the user's own organization
+- Workflow execution should be scoped to a specific team or project
+- Tool access depends on the user's relationship to a resource
+
+## Configuration
+
+Configure FGA in your Mastra server config alongside authentication and RBAC:
+
+```typescript
+import { Mastra } from '@mastra/core/mastra';
+import { MastraFGAPermissions } from '@mastra/core/auth/ee';
+import { MastraAuthWorkos, MastraFGAWorkos } from '@mastra/auth-workos';
+
+const mastra = new Mastra({
+  server: {
+    auth: new MastraAuthWorkos({
+      /* ... */
+      fetchMemberships: true,
+    }),
+    fga: new MastraFGAWorkos({
+      resourceMapping: {
+        agent: { fgaResourceType: 'team', deriveId: (ctx) => ctx.user.teamId },
+        workflow: { fgaResourceType: 'team', deriveId: (ctx) => ctx.user.teamId },
+        thread: { fgaResourceType: 'workspace-thread', deriveId: ({ resourceId }) => resourceId },
+      },
+      permissionMapping: {
+        [MastraFGAPermissions.AGENTS_EXECUTE]: 'manage-workflows',
+        [MastraFGAPermissions.WORKFLOWS_EXECUTE]: 'manage-workflows',
+        [MastraFGAPermissions.MEMORY_READ]: 'read',
+        [MastraFGAPermissions.MEMORY_WRITE]: 'update',
+      },
+    }),
+  },
+});
+```
+
+When using `MastraFGAWorkos`, set `fetchMemberships: true` on `MastraAuthWorkos`. WorkOS FGA checks need the user's organization memberships to resolve the correct membership ID for authorization.
+
+Use `thread` as the resource-mapping key for memory authorization. `MastraFGAWorkos` still accepts the legacy alias `memory`, but new configs should prefer `thread`.
+
+### Resource mapping
+
+The `resourceMapping` tells Mastra how to resolve FGA resource types and IDs from request context. Keys are Mastra resource types, values define the FGA resource type and how to derive the ID:
+
+```typescript
+resourceMapping: {
+  // When checking "can user execute agent X?", resolve the FGA resource
+  // as the user's team (type: 'team', id: user.teamId)
+  agent: {
+    fgaResourceType: 'team',
+    deriveId: (ctx) => ctx.user.teamId,
+  },
+}
+```
+
+`deriveId()` receives:
+
+- `user` — the authenticated user
+- `resourceId` — the owning Mastra resource ID when available (for example, a thread's `resourceId`)
+- `requestContext` — the current request context for advanced tenant resolution
+
+Return `undefined` from `deriveId()` to fall back to the original Mastra resource ID.
+
+For thread and memory checks, Mastra still passes the raw `threadId` as the resource being checked, but it also forwards the thread's owning `resourceId` into `deriveId()`. This lets you map thread permissions to composite tenant IDs such as `userId-teamId-orgId`.
+
+### Permission mapping
+
+The `permissionMapping` translates Mastra's internal permission strings to your FGA provider's permission slugs:
+
+```typescript
+import { MastraFGAPermissions } from '@mastra/core/auth/ee';
+
+permissionMapping: {
+  [MastraFGAPermissions.AGENTS_EXECUTE]: 'manage-workflows', // Mastra permission -> WorkOS permission slug
+  [MastraFGAPermissions.MEMORY_READ]: 'read',
+}
+```
+
+If no mapping exists for a permission, the original string is passed through.
+
+## Enforcement points
+
+When an FGA provider is configured, Mastra automatically checks authorization at these lifecycle points:
+
+| Lifecycle point                        | Permission checked                             | Resource                               |
+| -------------------------------------- | ---------------------------------------------- | -------------------------------------- |
+| Agent execution (`generate`, `stream`) | `agents:execute`                               | `{ type: 'agent', id: agentId }`       |
+| Workflow execution                     | `workflows:execute`                            | `{ type: 'workflow', id: workflowId }` |
+| Tool execution                         | `tools:execute`                                | `{ type: 'tool', id: toolName }`       |
+| Thread/memory access                   | `memory:read`, `memory:write`, `memory:delete` | `{ type: 'thread', id: threadId }`     |
+| MCP tool execution                     | `tools:execute`                                | `{ type: 'tool', id: toolName }`       |
+| HTTP routes (opt-in)                   | Configured per route                           | Configured per route                   |
+
+All checks are **no-ops when FGA is not configured**, maintaining backward compatibility.
+
+## Custom FGA provider
+
+Implement `IFGAProvider` to use any FGA backend:
+
+```typescript
+import { FGADeniedError } from '@mastra/core/auth/ee'
+import type { FGACheckParams, IFGAProvider, MastraFGAPermissionInput } from '@mastra/core/auth/ee'
+
+class MyFGAProvider implements IFGAProvider {
+  async check(user: any, params: FGACheckParams): Promise<boolean> {
+    // Your authorization logic
+    return true
+  }
+
+  async require(user: any, params: FGACheckParams): Promise<void> {
+    const allowed = await this.check(user, params)
+    if (!allowed) {
+      throw new FGADeniedError(user, params.resource, params.permission)
+    }
+  }
+
+  async filterAccessible<T extends { id: string }>(
+    user: any,
+    resources: T[],
+    resourceType: string,
+    permission: MastraFGAPermissionInput,
+  ): Promise<T[]> {
+    // Filter resources the user can access
+    return resources
+  }
+}
+```
+
+## Related
+
+- [Authentication overview](https://mastra.ai/docs/server/auth)
+- [WorkOS authentication](https://mastra.ai/docs/server/auth/workos)

package/.docs/docs/server/auth/workos.md

@@ -81,16 +81,34 @@ export const mastra = new Mastra({
 
 ## Configuration
 
-### User Authorization
+### Default authorization
 
-By default, `MastraAuthWorkos` checks whether the authenticated user has an 'admin' role in any of their organization memberships. The authorization process:
+By default, `MastraAuthWorkos` grants access to any authenticated WorkOS user. The authorization check succeeds when the resolved user object contains both a Mastra user ID and a WorkOS user ID.
 
-1. Retrieves the user's organization memberships using their user ID
-2. Extracts all roles from their memberships
-3. Checks if any role has the slug 'admin'
-4. Grants access only if the user has admin role in at least one organization
+### FGA membership loading
 
-To customize user authorization, provide a custom `authorizeUser` function:
+Set `fetchMemberships: true` when you use [`MastraFGAWorkos`](https://mastra.ai/docs/server/auth/fga). This tells the auth provider to load the user's WorkOS organization memberships during authentication so FGA checks can resolve the correct organization membership ID.
+
+```typescript
+import { MastraAuthWorkos, MastraFGAWorkos } from '@mastra/auth-workos'
+
+const workosAuth = new MastraAuthWorkos({
+  apiKey: process.env.WORKOS_API_KEY,
+  clientId: process.env.WORKOS_CLIENT_ID,
+  fetchMemberships: true,
+})
+
+const workosFga = new MastraFGAWorkos({
+  apiKey: process.env.WORKOS_API_KEY,
+  clientId: process.env.WORKOS_CLIENT_ID,
+})
+```
+
+When `fetchMemberships` is `false`, Mastra skips the extra WorkOS `listOrganizationMemberships()` call on each authenticated request.
+
+### Service tokens and custom JWT templates
+
+For machine-to-machine or service-account access, you can configure `MastraAuthWorkos` to trust verified bearer-token claims from a WorkOS custom JWT template.
 
 ```typescript
 import { MastraAuthWorkos } from '@mastra/auth-workos'
@@ -98,12 +116,37 @@ import { MastraAuthWorkos } from '@mastra/auth-workos'
 const workosAuth = new MastraAuthWorkos({
   apiKey: process.env.WORKOS_API_KEY,
   clientId: process.env.WORKOS_CLIENT_ID,
-  authorizeUser: async user => {
-    return !!user
+  redirectUri: process.env.WORKOS_REDIRECT_URI,
+  trustJwtClaims: true,
+  jwtClaims: {
+    organizationId: 'org_id',
+    organizationMembershipId: 'urn:mastra:organization_membership_id',
   },
 })
 ```
 
+This is useful when your JWT template already includes the exact FGA context Mastra needs, such as `organizationMembershipId`, tenant IDs, or service-principal identifiers. When `trustJwtClaims` is enabled, Mastra can fall back to those verified claims if a bearer token is not meant to round-trip through `workos.userManagement.getUser()`.
+
+### Custom authorization
+
+If you need stricter authorization, subclass `MastraAuthWorkos` and override `authorizeUser()`:
+
+```typescript
+import { MastraAuthWorkos } from '@mastra/auth-workos'
+import type { HonoRequest } from 'hono'
+
+class AdminOnlyWorkosAuth extends MastraAuthWorkos {
+  async authorizeUser(user: any, _request: HonoRequest): Promise<boolean> {
+    return user?.metadata?.role === 'admin'
+  }
+}
+
+const workosAuth = new AdminOnlyWorkosAuth({
+  apiKey: process.env.WORKOS_API_KEY,
+  clientId: process.env.WORKOS_CLIENT_ID,
+})
+```
+
 > **Info:** Visit [MastraAuthWorkos](https://mastra.ai/reference/auth/workos) for all available configuration options.
 
 ## Client-side setup

package/.docs/guides/deployment/temporal.md

@@ -0,0 +1,232 @@
+# Temporal workflow
+
+[Temporal](https://temporal.io/) is a durable execution platform for orchestrating long-running, fault-tolerant workflows. The `@mastra/temporal` package lets you author workflows with the standard Mastra API and run them on a Temporal cluster.
+
+> **Warning:** `@mastra/temporal` is experimental and not ready for production use. The API may change between releases. See the [package README](https://github.com/mastra-ai/mastra/tree/main/workflows/temporal) for the current state.
+
+## How Temporal works with Mastra
+
+Mastra workflows authored with `createWorkflow()` and `createStep()` map onto Temporal's workflow and activity model. The `MastraPlugin` for the Temporal worker compiles your Mastra entry file at bundle time:
+
+- Each `createStep()` handler is extracted into a Temporal activity.
+- Each `createWorkflow()` is rewritten into a Temporal workflow that invokes those activities.
+- The plugin registers the generated activities and workflows with the worker automatically.
+
+When a run starts through `mastra.getWorkflow(...).createRun().start(...)`, the Mastra client hands control to Temporal. Temporal then drives durable execution, retries, and state persistence on the worker.
+
+## Setup
+
+Install the required packages:
+
+**npm**:
+
+```bash
+npm install @mastra/temporal@latest @temporalio/client @temporalio/worker @temporalio/envconfig
+```
+
+**pnpm**:
+
+```bash
+pnpm add @mastra/temporal@latest @temporalio/client @temporalio/worker @temporalio/envconfig
+```
+
+**Yarn**:
+
+```bash
+yarn add @mastra/temporal@latest @temporalio/client @temporalio/worker @temporalio/envconfig
+```
+
+**Bun**:
+
+```bash
+bun add @mastra/temporal@latest @temporalio/client @temporalio/worker @temporalio/envconfig
+```
+
+You also need access to a Temporal cluster. For local development, you can run one with Docker (see [Running locally](#running-locally)).
+
+## Building a Temporal-backed workflow
+
+This guide walks through creating a workflow with Temporal and Mastra, demonstrating a counter application that increments a value.
+
+### Temporal initialization
+
+Initialize the Temporal integration to obtain Mastra-compatible workflow helpers. The `createWorkflow()` and `createStep()` functions are bound to a Temporal client and a task queue.
+
+```ts
+import { init } from '@mastra/temporal'
+import { Client, Connection } from '@temporalio/client'
+import { loadClientConnectConfig } from '@temporalio/envconfig'
+
+const config = loadClientConnectConfig()
+const connection = await Connection.connect(config.connectionOptions)
+const client = new Client({ connection })
+
+export const { createWorkflow, createStep } = init({
+  client,
+  taskQueue: 'mastra',
+})
+```
+
+`loadClientConnectConfig()` reads standard Temporal environment variables such as `TEMPORAL_ADDRESS`, `TEMPORAL_NAMESPACE`, and mTLS settings. See the [Temporal envconfig docs](https://docs.temporal.io/develop/typescript/temporal-clients) for the full list.
+
+### Creating steps
+
+Define the individual steps that will compose your workflow. Each step becomes a Temporal activity.
+
+```ts
+import { z } from 'zod'
+import { createWorkflow, createStep } from '../temporal'
+
+const incrementStep = createStep({
+  id: 'increment',
+  inputSchema: z.object({
+    value: z.number(),
+  }),
+  outputSchema: z.object({
+    value: z.number(),
+  }),
+  execute: async ({ inputData }) => {
+    return { value: inputData.value + 1 }
+  },
+})
+```
+
+### Creating the workflow
+
+Compose the steps into a workflow. The workflow `id` must be a static string literal so the build-time transformer can derive its Temporal export name.
+
+```ts
+const workflow = createWorkflow({
+  id: 'increment-workflow',
+  steps: [incrementStep],
+  inputSchema: z.object({
+    value: z.number(),
+  }),
+  outputSchema: z.object({
+    value: z.number(),
+  }),
+}).then(incrementStep)
+
+workflow.commit()
+
+export { workflow as incrementWorkflow }
+```
+
+### Configuring the Mastra instance
+
+Register the workflow with Mastra. The execution is driven by the Temporal worker.
+
+```ts
+import { Mastra } from '@mastra/core'
+import { PinoLogger } from '@mastra/loggers'
+import { incrementWorkflow } from './workflows'
+
+export const mastra = new Mastra({
+  workflows: { incrementWorkflow },
+  logger: new PinoLogger({ name: 'Mastra', level: 'info' }),
+})
+```
+
+## Running the worker
+
+The worker is a long-lived Node.js process that polls a Temporal task queue. Install `MastraPlugin` and point its `src` option at the Mastra entry file that registers your workflows.
+
+```ts
+import { MastraPlugin } from '@mastra/temporal/worker'
+import { NativeConnection, Worker } from '@temporalio/worker'
+
+const connection = await NativeConnection.connect({
+  address: 'localhost:7233',
+})
+
+const mastraPlugin = new MastraPlugin()
+
+await mastraPlugin.prebuild({
+  entryFile: import.meta.resolve('./index.ts'),
+})
+
+const worker = await Worker.create({
+  connection,
+  namespace: 'default',
+  taskQueue: 'mastra',
+  plugins: [mastraPlugin],
+})
+
+await worker.run()
+```
+
+`MastraPlugin` rewrites the entry file into a workflow-only bundle and wires step handlers in as Temporal activities. You do not need to pass `activities` or `workflowsPath` to `Worker.create()` manually.
+
+## Running workflows
+
+### Running locally
+
+1. Start a local Temporal server. The simplest option is the `temporalio/auto-setup` Docker image:
+
+   ```bash
+   docker run --rm -p 7233:7233 -p 8080:8080 temporalio/auto-setup:latest
+   ```
+
+2. Open the Temporal UI at <http://localhost:8080> to inspect namespaces, workflows, and activities.
+
+3. Start the worker. In a new terminal, run:
+
+   ```bash
+   npx tsx src/mastra/worker.ts
+   ```
+
+4. Trigger a workflow run from a script or any process that imports your Mastra instance:
+
+   ```ts
+   import { mastra } from '../src/mastra'
+
+   const run = await mastra.getWorkflow('incrementWorkflow').createRun()
+   const result = await run.start({ inputData: { value: 5 } })
+
+   console.log(result)
+   ```
+
+5. Monitor execution in the Temporal UI under **Workflows** to see step-by-step activity progress and retry history.
+
+### Running in production
+
+For production, use [Temporal Cloud](https://temporal.io/cloud) or a self-hosted Temporal cluster. Configure the client and worker connections through environment variables read by `@temporalio/envconfig`:
+
+```bash
+TEMPORAL_ADDRESS=your-namespace.tmprl.cloud:7233
+TEMPORAL_NAMESPACE=your-namespace
+TEMPORAL_API_KEY=your-api-key
+```
+
+See the [Temporal Cloud connection docs](https://docs.temporal.io/cloud/get-started) for mTLS and API key options.
+
+> **Warning:** The Temporal worker must run as a long-lived process. Do not deploy it to serverless platforms with short execution limits, such as AWS Lambda or Vercel functions. Use a container, VM, or worker-friendly platform such as Fly.io, Railway, or Kubernetes.
+
+## Configuration options
+
+### `taskQueue`
+
+Required. Identifies the Temporal task queue your worker polls. The same value must be passed to `init()` (used by the client to start runs) and to `Worker.create()` (used by the worker to receive them).
+
+### `startToCloseTimeout`
+
+Optional. Sets the maximum time a single activity (step) is allowed to run before Temporal cancels it and applies the retry policy. Defaults to `1 minute`.
+
+```ts
+export const { createWorkflow, createStep } = init({
+  client,
+  taskQueue: 'mastra',
+  startToCloseTimeout: '5 minutes',
+})
+```
+
+## Constraints and notes
+
+- Workflow ids must be static string literals. The build-time transformer reads the literal value to derive Temporal workflow export names.
+- Activities are generated automatically from `createStep()` handlers. Do not pass them in `Worker.create({ activities })`.
+
+## Related
+
+- [Workflow runners](https://mastra.ai/docs/deployment/workflow-runners)
+- [Workflows overview](https://mastra.ai/docs/workflows/overview)
+- [Temporal documentation](https://docs.temporal.io/)

package/.docs/models/gateways/openrouter.md

@@ -1,6 +1,6 @@
 # ![OpenRouter logo](https://models.dev/logos/openrouter.svg)OpenRouter
 
-OpenRouter aggregates models from multiple providers with enhanced features like rate limiting and failover. Access 182 models through Mastra's model router.
+OpenRouter aggregates models from multiple providers with enhanced features like rate limiting and failover. Access 184 models through Mastra's model router.
 
 Learn more in the [OpenRouter documentation](https://openrouter.ai/models).
 
@@ -168,6 +168,8 @@ ANTHROPIC_API_KEY=ant-...
 | `openrouter/free`                                               |
 | `openrouter/owl-alpha`                                          |
 | `openrouter/pareto-code`                                        |
+| `poolside/laguna-m.1:free`                                      |
+| `poolside/laguna-xs.2:free`                                     |
 | `prime-intellect/intellect-3`                                   |
 | `qwen/qwen-2.5-coder-32b-instruct`                              |
 | `qwen/qwen2.5-vl-72b-instruct`                                  |

package/.docs/models/index.md

@@ -1,6 +1,6 @@
 # Model Providers
 
-Mastra provides a unified interface for working with LLMs across multiple providers, giving you access to 3832 models from 106 providers through a single API.
+Mastra provides a unified interface for working with LLMs across multiple providers, giving you access to 3869 models from 107 providers through a single API.
 
 ## Features
 

package/.docs/models/providers/alibaba.md

@@ -1,6 +1,6 @@
 # ![Alibaba logo](https://models.dev/logos/alibaba.svg)Alibaba
 
-Access 47 Alibaba models through Mastra's model router. Authentication is handled automatically using the `DASHSCOPE_API_KEY` environment variable.
+Access 48 Alibaba models through Mastra's model router. Authentication is handled automatically using the `DASHSCOPE_API_KEY` environment variable.
 
 Learn more in the [Alibaba documentation](https://www.alibabacloud.com/help/en/model-studio/models).
 
@@ -79,6 +79,7 @@ for await (const chunk of stream) {
 | `alibaba/qwen3.5-plus`                       | 1.0M    |       |           |       |       |       | $0.40      | $2          |
 | `alibaba/qwen3.6-27b`                        | 262K    |       |           |       |       |       | $0.60      | $4          |
 | `alibaba/qwen3.6-35b-a3b`                    | 262K    |       |           |       |       |       | $0.25      | $1          |
+| `alibaba/qwen3.6-max-preview`                | 262K    |       |           |       |       |       | $1         | $8          |
 | `alibaba/qwen3.6-plus`                       | 1.0M    |       |           |       |       |       | $0.28      | $2          |
 | `alibaba/qwq-plus`                           | 131K    |       |           |       |       |       | $0.80      | $2          |