npm - @mondaydotcomorg/atp-server - Versions diffs - 0.17.14 - Mend

@mondaydotcomorg/atp-server 0.17.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (307) hide show

package/README.md +489 -0
package/dist/aggregator/index.d.ts +59 -0
package/dist/aggregator/index.d.ts.map +1 -0
package/dist/aggregator/index.js +171 -0
package/dist/aggregator/index.js.map +1 -0
package/dist/callback/index.d.ts +98 -0
package/dist/callback/index.d.ts.map +1 -0
package/dist/callback/index.js +136 -0
package/dist/callback/index.js.map +1 -0
package/dist/client-sessions.d.ts +82 -0
package/dist/client-sessions.d.ts.map +1 -0
package/dist/client-sessions.js +174 -0
package/dist/client-sessions.js.map +1 -0
package/dist/controllers/definitions.controller.d.ts +4 -0
package/dist/controllers/definitions.controller.d.ts.map +1 -0
package/dist/controllers/definitions.controller.js +11 -0
package/dist/controllers/definitions.controller.js.map +1 -0
package/dist/controllers/execute.controller.d.ts +18 -0
package/dist/controllers/execute.controller.d.ts.map +1 -0
package/dist/controllers/execute.controller.js +122 -0
package/dist/controllers/execute.controller.js.map +1 -0
package/dist/controllers/info.controller.d.ts +3 -0
package/dist/controllers/info.controller.d.ts.map +1 -0
package/dist/controllers/info.controller.js +13 -0
package/dist/controllers/info.controller.js.map +1 -0
package/dist/controllers/resume.controller.d.ts +11 -0
package/dist/controllers/resume.controller.d.ts.map +1 -0
package/dist/controllers/resume.controller.js +61 -0
package/dist/controllers/resume.controller.js.map +1 -0
package/dist/controllers/search.controller.d.ts +4 -0
package/dist/controllers/search.controller.d.ts.map +1 -0
package/dist/controllers/search.controller.js +7 -0
package/dist/controllers/search.controller.js.map +1 -0
package/dist/controllers/stream.controller.d.ts +19 -0
package/dist/controllers/stream.controller.d.ts.map +1 -0
package/dist/controllers/stream.controller.js +141 -0
package/dist/controllers/stream.controller.js.map +1 -0
package/dist/core/config.d.ts +161 -0
package/dist/core/config.d.ts.map +1 -0
package/dist/core/config.js +7 -0
package/dist/core/config.js.map +1 -0
package/dist/core/http.d.ts +4 -0
package/dist/core/http.d.ts.map +1 -0
package/dist/core/http.js +17 -0
package/dist/core/http.js.map +1 -0
package/dist/create-server.d.ts +120 -0
package/dist/create-server.d.ts.map +1 -0
package/dist/create-server.js +423 -0
package/dist/create-server.js.map +1 -0
package/dist/execution-state/index.d.ts +95 -0
package/dist/execution-state/index.d.ts.map +1 -0
package/dist/execution-state/index.js +128 -0
package/dist/execution-state/index.js.map +1 -0
package/dist/executor/ast-provenance-bridge.d.ts +12 -0
package/dist/executor/ast-provenance-bridge.d.ts.map +1 -0
package/dist/executor/ast-provenance-bridge.js +66 -0
package/dist/executor/ast-provenance-bridge.js.map +1 -0
package/dist/executor/ast-tracking-runtime.d.ts +7 -0
package/dist/executor/ast-tracking-runtime.d.ts.map +1 -0
package/dist/executor/ast-tracking-runtime.js +559 -0
package/dist/executor/ast-tracking-runtime.js.map +1 -0
package/dist/executor/bootstrap-generated.d.ts +32 -0
package/dist/executor/bootstrap-generated.d.ts.map +1 -0
package/dist/executor/bootstrap-generated.js +90 -0
package/dist/executor/bootstrap-generated.js.map +1 -0
package/dist/executor/compiler-config.d.ts +32 -0
package/dist/executor/compiler-config.d.ts.map +1 -0
package/dist/executor/compiler-config.js +99 -0
package/dist/executor/compiler-config.js.map +1 -0
package/dist/executor/constants.d.ts +4 -0
package/dist/executor/constants.d.ts.map +1 -0
package/dist/executor/constants.js +4 -0
package/dist/executor/constants.js.map +1 -0
package/dist/executor/error-handler.d.ts +9 -0
package/dist/executor/error-handler.d.ts.map +1 -0
package/dist/executor/error-handler.js +95 -0
package/dist/executor/error-handler.js.map +1 -0
package/dist/executor/execution-error-handler.d.ts +7 -0
package/dist/executor/execution-error-handler.d.ts.map +1 -0
package/dist/executor/execution-error-handler.js +136 -0
package/dist/executor/execution-error-handler.js.map +1 -0
package/dist/executor/executor.d.ts +20 -0
package/dist/executor/executor.d.ts.map +1 -0
package/dist/executor/executor.js +452 -0
package/dist/executor/executor.js.map +1 -0
package/dist/executor/index.d.ts +4 -0
package/dist/executor/index.d.ts.map +1 -0
package/dist/executor/index.js +3 -0
package/dist/executor/index.js.map +1 -0
package/dist/executor/resume-handler.d.ts +9 -0
package/dist/executor/resume-handler.d.ts.map +1 -0
package/dist/executor/resume-handler.js +22 -0
package/dist/executor/resume-handler.js.map +1 -0
package/dist/executor/sandbox-builder.d.ts +29 -0
package/dist/executor/sandbox-builder.d.ts.map +1 -0
package/dist/executor/sandbox-builder.js +538 -0
package/dist/executor/sandbox-builder.js.map +1 -0
package/dist/executor/sandbox-injector.d.ts +7 -0
package/dist/executor/sandbox-injector.d.ts.map +1 -0
package/dist/executor/sandbox-injector.js +293 -0
package/dist/executor/sandbox-injector.js.map +1 -0
package/dist/executor/types.d.ts +21 -0
package/dist/executor/types.d.ts.map +1 -0
package/dist/executor/types.js +2 -0
package/dist/executor/types.js.map +1 -0
package/dist/explorer/index.d.ts +69 -0
package/dist/explorer/index.d.ts.map +1 -0
package/dist/explorer/index.js +228 -0
package/dist/explorer/index.js.map +1 -0
package/dist/handlers/definitions.handler.d.ts +3 -0
package/dist/handlers/definitions.handler.d.ts.map +1 -0
package/dist/handlers/definitions.handler.js +11 -0
package/dist/handlers/definitions.handler.js.map +1 -0
package/dist/handlers/execute.handler.d.ts +7 -0
package/dist/handlers/execute.handler.d.ts.map +1 -0
package/dist/handlers/execute.handler.js +225 -0
package/dist/handlers/execute.handler.js.map +1 -0
package/dist/handlers/explorer.handler.d.ts +4 -0
package/dist/handlers/explorer.handler.d.ts.map +1 -0
package/dist/handlers/explorer.handler.js +10 -0
package/dist/handlers/explorer.handler.js.map +1 -0
package/dist/handlers/init.handler.d.ts +5 -0
package/dist/handlers/init.handler.d.ts.map +1 -0
package/dist/handlers/init.handler.js +41 -0
package/dist/handlers/init.handler.js.map +1 -0
package/dist/handlers/resume.handler.d.ts +6 -0
package/dist/handlers/resume.handler.d.ts.map +1 -0
package/dist/handlers/resume.handler.js +256 -0
package/dist/handlers/resume.handler.js.map +1 -0
package/dist/handlers/search.handler.d.ts +5 -0
package/dist/handlers/search.handler.d.ts.map +1 -0
package/dist/handlers/search.handler.js +11 -0
package/dist/handlers/search.handler.js.map +1 -0
package/dist/http/request-handler.d.ts +15 -0
package/dist/http/request-handler.d.ts.map +1 -0
package/dist/http/request-handler.js +94 -0
package/dist/http/request-handler.js.map +1 -0
package/dist/http/router.d.ts +4 -0
package/dist/http/router.d.ts.map +1 -0
package/dist/http/router.js +32 -0
package/dist/http/router.js.map +1 -0
package/dist/index.d.ts +10 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +8 -0
package/dist/index.js.map +1 -0
package/dist/instrumentation/index.d.ts +5 -0
package/dist/instrumentation/index.d.ts.map +1 -0
package/dist/instrumentation/index.js +5 -0
package/dist/instrumentation/index.js.map +1 -0
package/dist/instrumentation/serializer.d.ts +61 -0
package/dist/instrumentation/serializer.d.ts.map +1 -0
package/dist/instrumentation/serializer.js +334 -0
package/dist/instrumentation/serializer.js.map +1 -0
package/dist/instrumentation/state-manager.d.ts +61 -0
package/dist/instrumentation/state-manager.d.ts.map +1 -0
package/dist/instrumentation/state-manager.js +205 -0
package/dist/instrumentation/state-manager.js.map +1 -0
package/dist/instrumentation/transformer.d.ts +9 -0
package/dist/instrumentation/transformer.d.ts.map +1 -0
package/dist/instrumentation/transformer.js +70 -0
package/dist/instrumentation/transformer.js.map +1 -0
package/dist/instrumentation/types.d.ts +59 -0
package/dist/instrumentation/types.d.ts.map +1 -0
package/dist/instrumentation/types.js +5 -0
package/dist/instrumentation/types.js.map +1 -0
package/dist/middleware/audit.d.ts +18 -0
package/dist/middleware/audit.d.ts.map +1 -0
package/dist/middleware/audit.js +76 -0
package/dist/middleware/audit.js.map +1 -0
package/dist/openapi/index.d.ts +133 -0
package/dist/openapi/index.d.ts.map +1 -0
package/dist/openapi/index.js +235 -0
package/dist/openapi/index.js.map +1 -0
package/dist/openapi-loader.d.ts +87 -0
package/dist/openapi-loader.d.ts.map +1 -0
package/dist/openapi-loader.js +491 -0
package/dist/openapi-loader.js.map +1 -0
package/dist/routes/index.d.ts +21 -0
package/dist/routes/index.d.ts.map +1 -0
package/dist/routes/index.js +47 -0
package/dist/routes/index.js.map +1 -0
package/dist/search/index.d.ts +48 -0
package/dist/search/index.d.ts.map +1 -0
package/dist/search/index.js +156 -0
package/dist/search/index.js.map +1 -0
package/dist/security/index.d.ts +2 -0
package/dist/security/index.d.ts.map +1 -0
package/dist/security/index.js +2 -0
package/dist/security/index.js.map +1 -0
package/dist/shutdown.d.ts +19 -0
package/dist/shutdown.d.ts.map +1 -0
package/dist/shutdown.js +87 -0
package/dist/shutdown.js.map +1 -0
package/dist/utils/banner.d.ts +12 -0
package/dist/utils/banner.d.ts.map +1 -0
package/dist/utils/banner.js +18 -0
package/dist/utils/banner.js.map +1 -0
package/dist/utils/context.d.ts +16 -0
package/dist/utils/context.d.ts.map +1 -0
package/dist/utils/context.js +44 -0
package/dist/utils/context.js.map +1 -0
package/dist/utils/error.d.ts +8 -0
package/dist/utils/error.d.ts.map +1 -0
package/dist/utils/error.js +17 -0
package/dist/utils/error.js.map +1 -0
package/dist/utils/hint-based-instrumentation.d.ts +14 -0
package/dist/utils/hint-based-instrumentation.d.ts.map +1 -0
package/dist/utils/hint-based-instrumentation.js +84 -0
package/dist/utils/hint-based-instrumentation.js.map +1 -0
package/dist/utils/index.d.ts +8 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +8 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/info.d.ts +20 -0
package/dist/utils/info.d.ts.map +1 -0
package/dist/utils/info.js +15 -0
package/dist/utils/info.js.map +1 -0
package/dist/utils/provenance-reattachment.d.ts +32 -0
package/dist/utils/provenance-reattachment.d.ts.map +1 -0
package/dist/utils/provenance-reattachment.js +115 -0
package/dist/utils/provenance-reattachment.js.map +1 -0
package/dist/utils/request.d.ts +21 -0
package/dist/utils/request.d.ts.map +1 -0
package/dist/utils/request.js +44 -0
package/dist/utils/request.js.map +1 -0
package/dist/utils/response.d.ts +30 -0
package/dist/utils/response.d.ts.map +1 -0
package/dist/utils/response.js +53 -0
package/dist/utils/response.js.map +1 -0
package/dist/utils/runtime-types.d.ts +6 -0
package/dist/utils/runtime-types.d.ts.map +1 -0
package/dist/utils/runtime-types.js +14 -0
package/dist/utils/runtime-types.js.map +1 -0
package/dist/utils/schema.d.ts +9 -0
package/dist/utils/schema.d.ts.map +1 -0
package/dist/utils/schema.js +13 -0
package/dist/utils/schema.js.map +1 -0
package/dist/utils/token-emitter.d.ts +21 -0
package/dist/utils/token-emitter.d.ts.map +1 -0
package/dist/utils/token-emitter.js +129 -0
package/dist/utils/token-emitter.js.map +1 -0
package/dist/validator/index.d.ts +36 -0
package/dist/validator/index.d.ts.map +1 -0
package/dist/validator/index.js +224 -0
package/dist/validator/index.js.map +1 -0
package/package.json +68 -0
package/src/aggregator/index.ts +207 -0
package/src/callback/index.ts +191 -0
package/src/client-sessions.ts +234 -0
package/src/controllers/definitions.controller.ts +19 -0
package/src/controllers/execute.controller.ts +166 -0
package/src/controllers/info.controller.ts +14 -0
package/src/controllers/resume.controller.ts +92 -0
package/src/controllers/search.controller.ts +16 -0
package/src/controllers/stream.controller.ts +190 -0
package/src/core/config.ts +180 -0
package/src/core/http.ts +21 -0
package/src/create-server.ts +536 -0
package/src/execution-state/index.ts +204 -0
package/src/executor/ast-provenance-bridge.ts +80 -0
package/src/executor/ast-tracking-runtime.ts +558 -0
package/src/executor/bootstrap-generated.ts +90 -0
package/src/executor/compiler-config.ts +146 -0
package/src/executor/constants.ts +5 -0
package/src/executor/error-handler.ts +118 -0
package/src/executor/execution-error-handler.ts +178 -0
package/src/executor/executor.ts +631 -0
package/src/executor/index.ts +3 -0
package/src/executor/resume-handler.ts +39 -0
package/src/executor/sandbox-builder.ts +684 -0
package/src/executor/sandbox-injector.ts +345 -0
package/src/executor/types.ts +22 -0
package/src/explorer/index.ts +297 -0
package/src/handlers/definitions.handler.ts +13 -0
package/src/handlers/execute.handler.ts +286 -0
package/src/handlers/explorer.handler.ts +18 -0
package/src/handlers/init.handler.ts +53 -0
package/src/handlers/resume.handler.ts +316 -0
package/src/handlers/search.handler.ts +32 -0
package/src/http/request-handler.ts +117 -0
package/src/http/router.ts +29 -0
package/src/index.ts +60 -0
package/src/instrumentation/index.ts +4 -0
package/src/instrumentation/serializer.ts +421 -0
package/src/instrumentation/state-manager.ts +237 -0
package/src/instrumentation/transformer.ts +84 -0
package/src/instrumentation/types.ts +76 -0
package/src/middleware/audit.ts +101 -0
package/src/openapi/index.ts +378 -0
package/src/openapi-loader.ts +744 -0
package/src/routes/index.ts +93 -0
package/src/search/index.ts +216 -0
package/src/security/index.ts +1 -0
package/src/shutdown.ts +108 -0
package/src/utils/banner.ts +25 -0
package/src/utils/context.ts +58 -0
package/src/utils/error.ts +25 -0
package/src/utils/hint-based-instrumentation.ts +99 -0
package/src/utils/index.ts +15 -0
package/src/utils/info.ts +31 -0
package/src/utils/provenance-reattachment.ts +144 -0
package/src/utils/request.ts +53 -0
package/src/utils/response.ts +69 -0
package/src/utils/runtime-types.ts +14 -0
package/src/utils/schema.ts +18 -0
package/src/utils/token-emitter.ts +182 -0
package/src/validator/index.ts +253 -0

package/src/create-server.ts ADDED Viewed

@@ -0,0 +1,536 @@
+import { createServer as createHTTPServer, IncomingMessage, ServerResponse } from 'node:http';
+import type {
+	CacheProvider,
+	AuthProvider,
+	AuditSink,
+	APIGroupConfig,
+	AuditEvent,
+	ToolMetadata,
+} from '@mondaydotcomorg/atp-protocol';
+import { ProvenanceMode } from '@mondaydotcomorg/atp-protocol';
+import { log, initializeLogger } from '@mondaydotcomorg/atp-runtime';
+import { shutdownLogger } from '@mondaydotcomorg/atp-runtime';
+import type {
+	ServerConfig,
+	Middleware,
+	RequestContext,
+	ResolvedServerConfig,
+} from './core/config.js';
+import { MB, HOUR, MINUTE } from './core/config.js';
+import { ClientSessionManager } from './client-sessions.js';
+import { SandboxExecutor } from './executor/index.js';
+import { CodeValidator } from './validator/index.js';
+import { SearchEngine } from './search/index.js';
+import { ExecutionStateManager } from './execution-state/index.js';
+import { ExplorerService } from './explorer/index.js';
+import { toJSONSchema, printBanner, getServerInfo } from './utils/index.js';
+import { handleHTTPRequest } from './http/request-handler.js';
+import { handleRoute } from './http/router.js';
+import { handleInit } from './handlers/init.handler.js';
+import { handleSearch, handleSearchQuery } from './handlers/search.handler.js';
+import { handleExplore } from './handlers/explorer.handler.js';
+import { handleExecute } from './handlers/execute.handler.js';
+import { handleResume } from './handlers/resume.handler.js';
+import { getDefinitions } from './handlers/definitions.handler.js';
+import { shutdownAudit } from './middleware/audit.js';
+import {
+	EnvAuthProvider,
+	MemoryCache,
+	OpenTelemetryAuditSink,
+} from '@mondaydotcomorg/atp-providers';
+export class AgentToolProtocolServer {
+	private config: ResolvedServerConfig;
+	private middleware: Middleware[] = [];
+	private apiGroups: APIGroupConfig[] = [];
+	private httpServer: ReturnType<typeof createHTTPServer> | null = null;
+	private responseHeaders: Map<IncomingMessage, Map<string, string>> = new Map();
+	private isRunning: boolean = false;
+	sessionManager?: ClientSessionManager;
+	executor?: SandboxExecutor;
+	validator?: CodeValidator;
+	searchEngine?: SearchEngine;
+	explorerService?: ExplorerService;
+	stateManager?: ExecutionStateManager;
+	approvalHandler?: (request: {
+		message: string;
+		context?: any;
+	}) => Promise<{ approved: boolean; data?: any }>;
+	cacheProvider?: CacheProvider;
+	authProvider?: AuthProvider;
+	auditSink?: AuditSink;
+	private customLogger?: any;
+	constructor(config: ServerConfig = {}) {
+		this.config = {
+			execution: {
+				timeout: config.execution?.timeout ?? 30000,
+				memory: config.execution?.memory ?? 128 * MB,
+				llmCalls: config.execution?.llmCalls ?? 10,
+				provenanceMode: config.execution?.provenanceMode ?? ProvenanceMode.NONE,
+				securityPolicies: config.execution?.securityPolicies ?? [],
+			},
+			clientInit: {
+				tokenTTL: config.clientInit?.tokenTTL ?? HOUR,
+				tokenRotation: config.clientInit?.tokenRotation ?? 30 * MINUTE,
+			},
+			executionState: {
+				ttl: config.executionState?.ttl ?? 3600,
+				maxPauseDuration: config.executionState?.maxPauseDuration ?? 3600,
+			},
+			discovery: {
+				embeddings: config.discovery?.embeddings ?? false,
+			},
+			audit: {
+				enabled: config.audit?.enabled ?? false,
+				sinks: config.audit?.sinks,
+			},
+			otel: {
+				enabled: config.otel?.enabled ?? false,
+				serviceName:
+					config.otel?.serviceName ?? process.env.OTEL_SERVICE_NAME ?? 'agent-tool-protocol',
+				serviceVersion: config.otel?.serviceVersion ?? process.env.OTEL_SERVICE_VERSION ?? '1.0.0',
+				traceEndpoint:
+					config.otel?.traceEndpoint ??
+					process.env.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT ??
+					(process.env.OTEL_EXPORTER_OTLP_ENDPOINT
+						? `${process.env.OTEL_EXPORTER_OTLP_ENDPOINT}/v1/traces`
+						: 'http://localhost:4318/v1/traces'),
+				metricsEndpoint:
+					config.otel?.metricsEndpoint ??
+					process.env.OTEL_EXPORTER_OTLP_METRICS_ENDPOINT ??
+					(process.env.OTEL_EXPORTER_OTLP_ENDPOINT
+						? `${process.env.OTEL_EXPORTER_OTLP_ENDPOINT}/v1/metrics`
+						: 'http://localhost:4318/v1/metrics'),
+				headers:
+					config.otel?.headers ?? this.parseOtelHeaders(process.env.OTEL_EXPORTER_OTLP_HEADERS),
+				metricsInterval: config.otel?.metricsInterval ?? 60000,
+				resourceAttributes: config.otel?.resourceAttributes ?? {},
+			},
+			logger: config.logger ?? 'info',
+		};
+		if (config.providers) {
+			if (config.providers.cache) {
+				this.cacheProvider = config.providers.cache;
+				log.info('Cache provider configured', { provider: config.providers.cache.name });
+			}
+			if (config.providers.auth) {
+				this.authProvider = config.providers.auth;
+				log.info('Token store configured', { provider: config.providers.auth.name });
+			}
+		}
+		if (!this.cacheProvider) {
+			this.cacheProvider = new MemoryCache({ maxKeys: 1000, defaultTTL: 3600 });
+			log.info('Cache provider configured (default)', { provider: 'memory' });
+		}
+		if (!this.authProvider) {
+			this.authProvider = new EnvAuthProvider();
+			log.info('Token store configured (default)', { provider: 'env' });
+		}
+		if (this.config.otel.enabled && !this.config.audit.sinks) {
+			this.config.audit.enabled = true;
+			this.config.audit.sinks = [new OpenTelemetryAuditSink()];
+			log.info('Auto-configured OpenTelemetry audit sink from otel config');
+		}
+		if (this.config.audit.enabled && this.config.audit.sinks) {
+			const auditSinks = Array.isArray(this.config.audit.sinks)
+				? this.config.audit.sinks
+				: [this.config.audit.sinks];
+			if (auditSinks.length > 1) {
+				this.auditSink = {
+					name: 'multi',
+					async write(event: AuditEvent) {
+						await Promise.all(auditSinks.map((s: AuditSink) => s.write(event)));
+					},
+					async writeBatch(events: AuditEvent[]) {
+						await Promise.all(auditSinks.map((s: AuditSink) => s.writeBatch(events)));
+					},
+				};
+				log.info('Audit sinks configured', { count: auditSinks.length });
+			} else {
+				this.auditSink = auditSinks[0];
+				log.info('Audit sink configured', { sink: auditSinks[0]?.name });
+			}
+		}
+		if (typeof this.config.logger === 'string') {
+			initializeLogger({
+				level: this.config.logger,
+				pretty: process.env.NODE_ENV !== 'production' && process.env.NODE_ENV !== 'test',
+			});
+		} else {
+			this.customLogger = this.config.logger;
+		}
+	}
+	/**
+	 * Register middleware or API groups.
+	 * SECURITY: Cannot be called after server starts to prevent runtime injection attacks.
+	 * @throws {Error} If called after listen() or handler()
+	 */
+	use(...items: (Middleware | APIGroupConfig | APIGroupConfig[])[]): this {
+		if (this.isRunning) {
+			throw new Error('Cannot add middleware or API groups after server has started. ');
+		}
+		for (const item of items) {
+			if (Array.isArray(item)) {
+				this.apiGroups.push(...item);
+			} else if (typeof item === 'function') {
+				this.middleware.push(item);
+			} else if ('name' in item && 'type' in item) {
+				this.apiGroups.push(item);
+			}
+		}
+		return this;
+	}
+	/**
+	 * Register a tool/function with optional hierarchical grouping.
+	 * Supports hierarchical paths like 'github/readOnly' for better organization.
+	 * All functions registered here will be exposed as api.{group}.{name}()
+	 *
+	 * @param name - Function name
+	 * @param definition - Function definition including description, input schema, handler
+	 * @param definition.group - Optional hierarchical group path (e.g., 'github/readOnly'). Defaults to 'custom'
+	 *
+	 * @example
+	 * // Simple function in default 'custom' group -> api.custom.hello()
+	 * server.tool('hello', {
+	 *   description: 'Say hello',
+	 *   input: { name: 'string' },
+	 *   handler: async (input) => ({ message: `Hello ${input.name}` })
+	 * });
+	 *
+	 * // Hierarchical grouping -> api.github.readOnly.getUser()
+	 * server.tool('getUser', {
+	 *   group: 'github/readOnly',
+	 *   description: 'Get GitHub user',
+	 *   input: { username: 'string' },
+	 *   handler: async (input) => ({ username: input.username })
+	 * });
+	 */
+	tool(
+		name: string,
+		definition: {
+			group?: string;
+			description: string;
+			input: Record<string, string>;
+			output?: Record<string, string>;
+			handler: (input: unknown) => Promise<unknown>;
+			metadata?: ToolMetadata;
+		}
+	): this {
+		const groupName = definition.group || 'custom';
+		let targetGroup = this.apiGroups.find((g) => g.name === groupName);
+		if (!targetGroup) {
+			targetGroup = {
+				name: groupName,
+				type: 'custom',
+				functions: [],
+			};
+			this.apiGroups.push(targetGroup);
+		}
+		targetGroup.functions!.push({
+			name,
+			description: definition.description,
+			inputSchema: toJSONSchema(definition.input),
+			outputSchema: definition.output ? toJSONSchema(definition.output) : undefined,
+			handler: definition.handler,
+			metadata: definition.metadata,
+		});
+		return this;
+	}
+	/**
+	 * Configure approval handler for human-in-the-loop operations
+	 * The handler will be called when code requests approval via atp.approval.request()
+	 */
+	onApproval(
+		handler: (request: {
+			message: string;
+			context?: any;
+		}) => Promise<{ approved: boolean; data?: any }>
+	): this {
+		this.approvalHandler = handler;
+		log.info('Approval handler configured');
+		return this;
+	}
+	async listen(port: number): Promise<void> {
+		if (this.httpServer) {
+			throw new Error('Server is already running');
+		}
+		this.isRunning = true;
+		this.sessionManager = new ClientSessionManager({
+			cache: this.cacheProvider,
+			tokenTTL: this.config.clientInit.tokenTTL,
+			tokenRotation: this.config.clientInit.tokenRotation,
+		});
+		this.validator = new CodeValidator();
+		this.executor = new SandboxExecutor(
+			{
+				defaultTimeout: this.config.execution.timeout,
+				maxTimeout: this.config.execution.timeout * 2,
+				defaultMemoryLimit: this.config.execution.memory,
+				maxMemoryLimit: this.config.execution.memory * 2,
+				defaultLLMCallLimit: this.config.execution.llmCalls,
+				maxLLMCallLimit: this.config.execution.llmCalls * 2,
+				cacheProvider: this.cacheProvider,
+			},
+			this.apiGroups,
+			this.approvalHandler,
+			this.sessionManager
+		);
+		for (const group of this.apiGroups) {
+			log.info(`  - ${group.name}: ${group.functions?.length || 0} functions`);
+		}
+		this.searchEngine = new SearchEngine(this.apiGroups);
+		this.explorerService = new ExplorerService(this.apiGroups);
+		this.stateManager = new ExecutionStateManager(this.cacheProvider!, {
+			ttl: this.config.executionState.ttl,
+			maxPauseDuration: this.config.executionState.maxPauseDuration,
+			keyPrefix: this.config.executionState.keyPrefix,
+		});
+		this.httpServer = createHTTPServer((req, res) => {
+			handleHTTPRequest(
+				req,
+				res,
+				{
+					cacheProvider: this.cacheProvider,
+					authProvider: this.authProvider,
+					auditSink: this.auditSink,
+					customLogger: this.customLogger,
+					middleware: this.middleware,
+					routeHandler: (ctx) => handleRoute(ctx, this),
+					sessionManager: this.sessionManager,
+				},
+				this.responseHeaders
+			).catch((error) => {
+				log.error('Unhandled error in HTTP request handler:', error);
+				try {
+					if (!res.headersSent) {
+						res.writeHead(500, { 'Content-Type': 'application/json' });
+						res.end(JSON.stringify({ error: 'Internal server error' }));
+					}
+				} catch (e) {}
+			});
+		});
+		if (process.env.NODE_ENV === 'test') {
+			this.httpServer.keepAliveTimeout = 5000;
+			this.httpServer.headersTimeout = 6000;
+		}
+		return new Promise((resolve, reject) => {
+			this.httpServer!.listen(port, () => {
+				printBanner({
+					port,
+					cacheProvider: this.cacheProvider,
+					authProvider: this.authProvider,
+					auditSink: this.auditSink,
+				});
+				resolve();
+			});
+			this.httpServer!.on('error', reject);
+		});
+	}
+	async stop(): Promise<void> {
+		if (!this.httpServer) return;
+		this.httpServer.closeAllConnections?.();
+		await new Promise<void>((resolve, reject) => {
+			this.httpServer!.close((err) => (err ? reject(err) : resolve()));
+		});
+		shutdownAudit();
+		shutdownLogger();
+		await Promise.all([
+			this.cacheProvider?.disconnect?.(),
+			this.authProvider?.disconnect?.(),
+			this.auditSink?.disconnect?.(),
+			this.stateManager?.close(),
+			this.sessionManager?.cleanupAll(),
+		]);
+		this.isRunning = false;
+	}
+	getInfo(): unknown {
+		return getServerInfo({
+			maxTimeout: this.config.execution.timeout,
+			maxMemory: this.config.execution.memory,
+			maxLLMCalls: this.config.execution.llmCalls,
+		});
+	}
+	async getDefinitions(ctx?: RequestContext): Promise<unknown> {
+		const definitions = await getDefinitions(this.apiGroups);
+		if (ctx && ctx.clientId && this.sessionManager) {
+			const session = await this.sessionManager.getSession(ctx.clientId);
+			if (session?.guidance) {
+				return {
+					...(definitions as object),
+					guidance: session.guidance,
+				};
+			}
+		}
+		return definitions;
+	}
+	async handleInit(ctx: RequestContext): Promise<unknown> {
+		if (!this.sessionManager) ctx.throw(503, 'Session manager not initialized');
+		return await handleInit(ctx, this.sessionManager, this.auditSink);
+	}
+	async handleSearch(ctx: RequestContext): Promise<unknown> {
+		if (!this.searchEngine) ctx.throw(503, 'Search not initialized');
+		return await handleSearch(ctx, this.searchEngine, this.config);
+	}
+	async handleSearchQuery(ctx: RequestContext): Promise<unknown> {
+		if (!this.searchEngine) ctx.throw(503, 'Search not initialized');
+		return await handleSearchQuery(ctx, this.searchEngine, this.config);
+	}
+	async handleExplore(ctx: RequestContext): Promise<unknown> {
+		if (!this.explorerService) ctx.throw(503, 'Explorer not initialized');
+		return await handleExplore(ctx, this.explorerService);
+	}
+	async handleExecute(ctx: RequestContext): Promise<unknown> {
+		if (!this.executor || !this.validator || !this.stateManager) {
+			ctx.throw(503, 'Execution not initialized');
+		}
+		return await handleExecute(
+			ctx,
+			this.executor,
+			this.stateManager,
+			this.config,
+			this.auditSink,
+			this.sessionManager
+		);
+	}
+	async handleResume(ctx: RequestContext, executionId: string): Promise<unknown> {
+		if (!this.executor || !this.stateManager) {
+			ctx.throw(503, 'Execution not initialized');
+		}
+		return await handleResume(
+			ctx,
+			executionId,
+			this.executor,
+			this.stateManager,
+			this.config,
+			this.sessionManager
+		);
+	}
+	/**
+	 * Get raw Node.js request handler for framework integration
+	 * Use this to integrate ATP with Express, Fastify, or any Node.js framework
+	 */
+	handler(): (req: IncomingMessage, res: ServerResponse) => Promise<void> {
+		if (
+			!this.executor ||
+			!this.validator ||
+			!this.stateManager ||
+			!this.sessionManager ||
+			!this.searchEngine ||
+			!this.explorerService
+		) {
+			throw new Error(
+				'Server not initialized. Call listen() first or initialize components manually.'
+			);
+		}
+		this.isRunning = true;
+		return (req, res) =>
+			handleHTTPRequest(
+				req,
+				res,
+				{
+					cacheProvider: this.cacheProvider,
+					authProvider: this.authProvider,
+					auditSink: this.auditSink,
+					customLogger: this.customLogger,
+					middleware: this.middleware,
+					routeHandler: (ctx) => handleRoute(ctx, this),
+					sessionManager: this.sessionManager,
+				},
+				this.responseHeaders
+			);
+	}
+	/**
+	 * Get Express middleware
+	 * @example
+	 * const app = express();
+	 * app.use('/atp', server.toExpress());
+	 */
+	toExpress(): (req: unknown, res: unknown, next: (err?: unknown) => void) => void {
+		const requestHandler = this.handler();
+		return (req: unknown, res: unknown, next: (err?: unknown) => void) => {
+			requestHandler(req as IncomingMessage, res as ServerResponse).catch(next);
+		};
+	}
+	/**
+	 * Get Fastify handler
+	 * @example
+	 * fastify.all('/atp/*', server.toFastify());
+	 */
+	toFastify(): (request: unknown, reply: unknown) => Promise<void> {
+		const requestHandler = this.handler();
+		return async (request: unknown, reply: unknown) => {
+			const req = (request as { raw: IncomingMessage }).raw;
+			const res = (reply as { raw: ServerResponse }).raw;
+			await requestHandler(req, res);
+		};
+	}
+	/**
+	 * Parse OpenTelemetry headers from environment variable format
+	 * Format: "key1=value1,key2=value2"
+	 */
+	private parseOtelHeaders(headersStr?: string): Record<string, string> {
+		if (!headersStr) return {};
+		const headers: Record<string, string> = {};
+		const pairs = headersStr.split(',');
+		for (const pair of pairs) {
+			const [key, value] = pair.split('=');
+			if (key && value) {
+				headers[key.trim()] = value.trim();
+			}
+		}
+		return headers;
+	}
+}
+export function createServer(config?: ServerConfig): AgentToolProtocolServer {
+	return new AgentToolProtocolServer(config);
+}