npm - @mondaydotcomorg/atp-server - Versions diffs - 0.17.14 - Mend

@mondaydotcomorg/atp-server 0.17.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (307) hide show

package/README.md +489 -0
package/dist/aggregator/index.d.ts +59 -0
package/dist/aggregator/index.d.ts.map +1 -0
package/dist/aggregator/index.js +171 -0
package/dist/aggregator/index.js.map +1 -0
package/dist/callback/index.d.ts +98 -0
package/dist/callback/index.d.ts.map +1 -0
package/dist/callback/index.js +136 -0
package/dist/callback/index.js.map +1 -0
package/dist/client-sessions.d.ts +82 -0
package/dist/client-sessions.d.ts.map +1 -0
package/dist/client-sessions.js +174 -0
package/dist/client-sessions.js.map +1 -0
package/dist/controllers/definitions.controller.d.ts +4 -0
package/dist/controllers/definitions.controller.d.ts.map +1 -0
package/dist/controllers/definitions.controller.js +11 -0
package/dist/controllers/definitions.controller.js.map +1 -0
package/dist/controllers/execute.controller.d.ts +18 -0
package/dist/controllers/execute.controller.d.ts.map +1 -0
package/dist/controllers/execute.controller.js +122 -0
package/dist/controllers/execute.controller.js.map +1 -0
package/dist/controllers/info.controller.d.ts +3 -0
package/dist/controllers/info.controller.d.ts.map +1 -0
package/dist/controllers/info.controller.js +13 -0
package/dist/controllers/info.controller.js.map +1 -0
package/dist/controllers/resume.controller.d.ts +11 -0
package/dist/controllers/resume.controller.d.ts.map +1 -0
package/dist/controllers/resume.controller.js +61 -0
package/dist/controllers/resume.controller.js.map +1 -0
package/dist/controllers/search.controller.d.ts +4 -0
package/dist/controllers/search.controller.d.ts.map +1 -0
package/dist/controllers/search.controller.js +7 -0
package/dist/controllers/search.controller.js.map +1 -0
package/dist/controllers/stream.controller.d.ts +19 -0
package/dist/controllers/stream.controller.d.ts.map +1 -0
package/dist/controllers/stream.controller.js +141 -0
package/dist/controllers/stream.controller.js.map +1 -0
package/dist/core/config.d.ts +161 -0
package/dist/core/config.d.ts.map +1 -0
package/dist/core/config.js +7 -0
package/dist/core/config.js.map +1 -0
package/dist/core/http.d.ts +4 -0
package/dist/core/http.d.ts.map +1 -0
package/dist/core/http.js +17 -0
package/dist/core/http.js.map +1 -0
package/dist/create-server.d.ts +120 -0
package/dist/create-server.d.ts.map +1 -0
package/dist/create-server.js +423 -0
package/dist/create-server.js.map +1 -0
package/dist/execution-state/index.d.ts +95 -0
package/dist/execution-state/index.d.ts.map +1 -0
package/dist/execution-state/index.js +128 -0
package/dist/execution-state/index.js.map +1 -0
package/dist/executor/ast-provenance-bridge.d.ts +12 -0
package/dist/executor/ast-provenance-bridge.d.ts.map +1 -0
package/dist/executor/ast-provenance-bridge.js +66 -0
package/dist/executor/ast-provenance-bridge.js.map +1 -0
package/dist/executor/ast-tracking-runtime.d.ts +7 -0
package/dist/executor/ast-tracking-runtime.d.ts.map +1 -0
package/dist/executor/ast-tracking-runtime.js +559 -0
package/dist/executor/ast-tracking-runtime.js.map +1 -0
package/dist/executor/bootstrap-generated.d.ts +32 -0
package/dist/executor/bootstrap-generated.d.ts.map +1 -0
package/dist/executor/bootstrap-generated.js +90 -0
package/dist/executor/bootstrap-generated.js.map +1 -0
package/dist/executor/compiler-config.d.ts +32 -0
package/dist/executor/compiler-config.d.ts.map +1 -0
package/dist/executor/compiler-config.js +99 -0
package/dist/executor/compiler-config.js.map +1 -0
package/dist/executor/constants.d.ts +4 -0
package/dist/executor/constants.d.ts.map +1 -0
package/dist/executor/constants.js +4 -0
package/dist/executor/constants.js.map +1 -0
package/dist/executor/error-handler.d.ts +9 -0
package/dist/executor/error-handler.d.ts.map +1 -0
package/dist/executor/error-handler.js +95 -0
package/dist/executor/error-handler.js.map +1 -0
package/dist/executor/execution-error-handler.d.ts +7 -0
package/dist/executor/execution-error-handler.d.ts.map +1 -0
package/dist/executor/execution-error-handler.js +136 -0
package/dist/executor/execution-error-handler.js.map +1 -0
package/dist/executor/executor.d.ts +20 -0
package/dist/executor/executor.d.ts.map +1 -0
package/dist/executor/executor.js +452 -0
package/dist/executor/executor.js.map +1 -0
package/dist/executor/index.d.ts +4 -0
package/dist/executor/index.d.ts.map +1 -0
package/dist/executor/index.js +3 -0
package/dist/executor/index.js.map +1 -0
package/dist/executor/resume-handler.d.ts +9 -0
package/dist/executor/resume-handler.d.ts.map +1 -0
package/dist/executor/resume-handler.js +22 -0
package/dist/executor/resume-handler.js.map +1 -0
package/dist/executor/sandbox-builder.d.ts +29 -0
package/dist/executor/sandbox-builder.d.ts.map +1 -0
package/dist/executor/sandbox-builder.js +538 -0
package/dist/executor/sandbox-builder.js.map +1 -0
package/dist/executor/sandbox-injector.d.ts +7 -0
package/dist/executor/sandbox-injector.d.ts.map +1 -0
package/dist/executor/sandbox-injector.js +293 -0
package/dist/executor/sandbox-injector.js.map +1 -0
package/dist/executor/types.d.ts +21 -0
package/dist/executor/types.d.ts.map +1 -0
package/dist/executor/types.js +2 -0
package/dist/executor/types.js.map +1 -0
package/dist/explorer/index.d.ts +69 -0
package/dist/explorer/index.d.ts.map +1 -0
package/dist/explorer/index.js +228 -0
package/dist/explorer/index.js.map +1 -0
package/dist/handlers/definitions.handler.d.ts +3 -0
package/dist/handlers/definitions.handler.d.ts.map +1 -0
package/dist/handlers/definitions.handler.js +11 -0
package/dist/handlers/definitions.handler.js.map +1 -0
package/dist/handlers/execute.handler.d.ts +7 -0
package/dist/handlers/execute.handler.d.ts.map +1 -0
package/dist/handlers/execute.handler.js +225 -0
package/dist/handlers/execute.handler.js.map +1 -0
package/dist/handlers/explorer.handler.d.ts +4 -0
package/dist/handlers/explorer.handler.d.ts.map +1 -0
package/dist/handlers/explorer.handler.js +10 -0
package/dist/handlers/explorer.handler.js.map +1 -0
package/dist/handlers/init.handler.d.ts +5 -0
package/dist/handlers/init.handler.d.ts.map +1 -0
package/dist/handlers/init.handler.js +41 -0
package/dist/handlers/init.handler.js.map +1 -0
package/dist/handlers/resume.handler.d.ts +6 -0
package/dist/handlers/resume.handler.d.ts.map +1 -0
package/dist/handlers/resume.handler.js +256 -0
package/dist/handlers/resume.handler.js.map +1 -0
package/dist/handlers/search.handler.d.ts +5 -0
package/dist/handlers/search.handler.d.ts.map +1 -0
package/dist/handlers/search.handler.js +11 -0
package/dist/handlers/search.handler.js.map +1 -0
package/dist/http/request-handler.d.ts +15 -0
package/dist/http/request-handler.d.ts.map +1 -0
package/dist/http/request-handler.js +94 -0
package/dist/http/request-handler.js.map +1 -0
package/dist/http/router.d.ts +4 -0
package/dist/http/router.d.ts.map +1 -0
package/dist/http/router.js +32 -0
package/dist/http/router.js.map +1 -0
package/dist/index.d.ts +10 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +8 -0
package/dist/index.js.map +1 -0
package/dist/instrumentation/index.d.ts +5 -0
package/dist/instrumentation/index.d.ts.map +1 -0
package/dist/instrumentation/index.js +5 -0
package/dist/instrumentation/index.js.map +1 -0
package/dist/instrumentation/serializer.d.ts +61 -0
package/dist/instrumentation/serializer.d.ts.map +1 -0
package/dist/instrumentation/serializer.js +334 -0
package/dist/instrumentation/serializer.js.map +1 -0
package/dist/instrumentation/state-manager.d.ts +61 -0
package/dist/instrumentation/state-manager.d.ts.map +1 -0
package/dist/instrumentation/state-manager.js +205 -0
package/dist/instrumentation/state-manager.js.map +1 -0
package/dist/instrumentation/transformer.d.ts +9 -0
package/dist/instrumentation/transformer.d.ts.map +1 -0
package/dist/instrumentation/transformer.js +70 -0
package/dist/instrumentation/transformer.js.map +1 -0
package/dist/instrumentation/types.d.ts +59 -0
package/dist/instrumentation/types.d.ts.map +1 -0
package/dist/instrumentation/types.js +5 -0
package/dist/instrumentation/types.js.map +1 -0
package/dist/middleware/audit.d.ts +18 -0
package/dist/middleware/audit.d.ts.map +1 -0
package/dist/middleware/audit.js +76 -0
package/dist/middleware/audit.js.map +1 -0
package/dist/openapi/index.d.ts +133 -0
package/dist/openapi/index.d.ts.map +1 -0
package/dist/openapi/index.js +235 -0
package/dist/openapi/index.js.map +1 -0
package/dist/openapi-loader.d.ts +87 -0
package/dist/openapi-loader.d.ts.map +1 -0
package/dist/openapi-loader.js +491 -0
package/dist/openapi-loader.js.map +1 -0
package/dist/routes/index.d.ts +21 -0
package/dist/routes/index.d.ts.map +1 -0
package/dist/routes/index.js +47 -0
package/dist/routes/index.js.map +1 -0
package/dist/search/index.d.ts +48 -0
package/dist/search/index.d.ts.map +1 -0
package/dist/search/index.js +156 -0
package/dist/search/index.js.map +1 -0
package/dist/security/index.d.ts +2 -0
package/dist/security/index.d.ts.map +1 -0
package/dist/security/index.js +2 -0
package/dist/security/index.js.map +1 -0
package/dist/shutdown.d.ts +19 -0
package/dist/shutdown.d.ts.map +1 -0
package/dist/shutdown.js +87 -0
package/dist/shutdown.js.map +1 -0
package/dist/utils/banner.d.ts +12 -0
package/dist/utils/banner.d.ts.map +1 -0
package/dist/utils/banner.js +18 -0
package/dist/utils/banner.js.map +1 -0
package/dist/utils/context.d.ts +16 -0
package/dist/utils/context.d.ts.map +1 -0
package/dist/utils/context.js +44 -0
package/dist/utils/context.js.map +1 -0
package/dist/utils/error.d.ts +8 -0
package/dist/utils/error.d.ts.map +1 -0
package/dist/utils/error.js +17 -0
package/dist/utils/error.js.map +1 -0
package/dist/utils/hint-based-instrumentation.d.ts +14 -0
package/dist/utils/hint-based-instrumentation.d.ts.map +1 -0
package/dist/utils/hint-based-instrumentation.js +84 -0
package/dist/utils/hint-based-instrumentation.js.map +1 -0
package/dist/utils/index.d.ts +8 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +8 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/info.d.ts +20 -0
package/dist/utils/info.d.ts.map +1 -0
package/dist/utils/info.js +15 -0
package/dist/utils/info.js.map +1 -0
package/dist/utils/provenance-reattachment.d.ts +32 -0
package/dist/utils/provenance-reattachment.d.ts.map +1 -0
package/dist/utils/provenance-reattachment.js +115 -0
package/dist/utils/provenance-reattachment.js.map +1 -0
package/dist/utils/request.d.ts +21 -0
package/dist/utils/request.d.ts.map +1 -0
package/dist/utils/request.js +44 -0
package/dist/utils/request.js.map +1 -0
package/dist/utils/response.d.ts +30 -0
package/dist/utils/response.d.ts.map +1 -0
package/dist/utils/response.js +53 -0
package/dist/utils/response.js.map +1 -0
package/dist/utils/runtime-types.d.ts +6 -0
package/dist/utils/runtime-types.d.ts.map +1 -0
package/dist/utils/runtime-types.js +14 -0
package/dist/utils/runtime-types.js.map +1 -0
package/dist/utils/schema.d.ts +9 -0
package/dist/utils/schema.d.ts.map +1 -0
package/dist/utils/schema.js +13 -0
package/dist/utils/schema.js.map +1 -0
package/dist/utils/token-emitter.d.ts +21 -0
package/dist/utils/token-emitter.d.ts.map +1 -0
package/dist/utils/token-emitter.js +129 -0
package/dist/utils/token-emitter.js.map +1 -0
package/dist/validator/index.d.ts +36 -0
package/dist/validator/index.d.ts.map +1 -0
package/dist/validator/index.js +224 -0
package/dist/validator/index.js.map +1 -0
package/package.json +68 -0
package/src/aggregator/index.ts +207 -0
package/src/callback/index.ts +191 -0
package/src/client-sessions.ts +234 -0
package/src/controllers/definitions.controller.ts +19 -0
package/src/controllers/execute.controller.ts +166 -0
package/src/controllers/info.controller.ts +14 -0
package/src/controllers/resume.controller.ts +92 -0
package/src/controllers/search.controller.ts +16 -0
package/src/controllers/stream.controller.ts +190 -0
package/src/core/config.ts +180 -0
package/src/core/http.ts +21 -0
package/src/create-server.ts +536 -0
package/src/execution-state/index.ts +204 -0
package/src/executor/ast-provenance-bridge.ts +80 -0
package/src/executor/ast-tracking-runtime.ts +558 -0
package/src/executor/bootstrap-generated.ts +90 -0
package/src/executor/compiler-config.ts +146 -0
package/src/executor/constants.ts +5 -0
package/src/executor/error-handler.ts +118 -0
package/src/executor/execution-error-handler.ts +178 -0
package/src/executor/executor.ts +631 -0
package/src/executor/index.ts +3 -0
package/src/executor/resume-handler.ts +39 -0
package/src/executor/sandbox-builder.ts +684 -0
package/src/executor/sandbox-injector.ts +345 -0
package/src/executor/types.ts +22 -0
package/src/explorer/index.ts +297 -0
package/src/handlers/definitions.handler.ts +13 -0
package/src/handlers/execute.handler.ts +286 -0
package/src/handlers/explorer.handler.ts +18 -0
package/src/handlers/init.handler.ts +53 -0
package/src/handlers/resume.handler.ts +316 -0
package/src/handlers/search.handler.ts +32 -0
package/src/http/request-handler.ts +117 -0
package/src/http/router.ts +29 -0
package/src/index.ts +60 -0
package/src/instrumentation/index.ts +4 -0
package/src/instrumentation/serializer.ts +421 -0
package/src/instrumentation/state-manager.ts +237 -0
package/src/instrumentation/transformer.ts +84 -0
package/src/instrumentation/types.ts +76 -0
package/src/middleware/audit.ts +101 -0
package/src/openapi/index.ts +378 -0
package/src/openapi-loader.ts +744 -0
package/src/routes/index.ts +93 -0
package/src/search/index.ts +216 -0
package/src/security/index.ts +1 -0
package/src/shutdown.ts +108 -0
package/src/utils/banner.ts +25 -0
package/src/utils/context.ts +58 -0
package/src/utils/error.ts +25 -0
package/src/utils/hint-based-instrumentation.ts +99 -0
package/src/utils/index.ts +15 -0
package/src/utils/info.ts +31 -0
package/src/utils/provenance-reattachment.ts +144 -0
package/src/utils/request.ts +53 -0
package/src/utils/response.ts +69 -0
package/src/utils/runtime-types.ts +14 -0
package/src/utils/schema.ts +18 -0
package/src/utils/token-emitter.ts +182 -0
package/src/validator/index.ts +253 -0

package/src/routes/index.ts ADDED Viewed

@@ -0,0 +1,93 @@
+import type { IncomingMessage, ServerResponse } from 'node:http';
+import type { log } from '@mondaydotcomorg/atp-runtime';
+import { handleInfo } from '../controllers/info.controller.js';
+import { handleDefinitions } from '../controllers/definitions.controller.js';
+import { handleSearch } from '../controllers/search.controller.js';
+import { handleExecute } from '../controllers/execute.controller.js';
+import { handleExecuteStream } from '../controllers/stream.controller.js';
+import { handleResume } from '../controllers/resume.controller.js';
+import type { APIAggregator } from '../aggregator/index.js';
+import type { SearchEngine } from '../search/index.js';
+import type { CodeValidator } from '../validator/index.js';
+import type { SandboxExecutor } from '../executor/index.js';
+import type { ExecutionStateManager } from '../execution-state/index.js';
+import type { AuditConfig } from '../middleware/audit.js';
+import { readBody } from '../utils/index.js';
+export interface RouteContext {
+	aggregator: APIAggregator;
+	searchEngine: SearchEngine;
+	validator: CodeValidator;
+	executor: SandboxExecutor;
+	stateManager: ExecutionStateManager;
+	auditConfig?: AuditConfig;
+	defaultTimeout: number;
+	defaultMemoryLimit: number;
+	defaultLLMCallLimit: number;
+}
+export async function handleRoute(
+	req: IncomingMessage,
+	res: ServerResponse,
+	context: RouteContext,
+	logger: ReturnType<typeof log.child>
+): Promise<boolean> {
+	const clientId = req.headers['x-client-id'] as string | undefined;
+	const url = new URL(req.url ?? '/', `http://${req.headers.host}`);
+	if (url.pathname === '/api/info' && req.method === 'GET') {
+		logger.debug('Serving API info');
+		await handleInfo(req, res);
+		return true;
+	}
+	if (url.pathname === '/api/definitions' && req.method === 'GET') {
+		logger.debug('Serving API definitions');
+		await handleDefinitions(req, res, context.aggregator, url);
+		return true;
+	}
+	if (url.pathname === '/api/search' && req.method === 'POST') {
+		logger.debug('Searching API functions');
+		const body = await readBody(req);
+		await handleSearch(req, res, context.searchEngine, body);
+		return true;
+	}
+	if (url.pathname.match(/^\/api\/resume\/[^/]+$/) && req.method === 'POST') {
+		const executionId = url.pathname.split('/').pop()!;
+		const body = await readBody(req);
+		await handleResume(
+			req,
+			res,
+			{ executor: context.executor, stateManager: context.stateManager },
+			executionId,
+			body,
+			logger
+		);
+		return true;
+	}
+	if (url.pathname === '/api/execute' && req.method === 'POST') {
+		const body = await readBody(req);
+		await handleExecuteStream(
+			req,
+			res,
+			{
+				validator: context.validator,
+				executor: context.executor,
+				stateManager: context.stateManager,
+				auditConfig: context.auditConfig,
+				defaultTimeout: context.defaultTimeout,
+				defaultMemoryLimit: context.defaultMemoryLimit,
+				defaultLLMCallLimit: context.defaultLLMCallLimit,
+			},
+			body,
+			clientId,
+			logger
+		);
+		return true;
+	}
+	return false;
+}

package/src/search/index.ts ADDED Viewed

@@ -0,0 +1,216 @@
+import type {
+	SearchOptions,
+	SearchResult,
+	APIGroupConfig,
+	AuthProvider,
+	ScopeFilteringConfig,
+} from '@mondaydotcomorg/atp-protocol';
+interface IndexedFunction {
+	apiGroup: string;
+	functionName: string;
+	description: string;
+	signature: string;
+	keywords: string[];
+	metadata?: {
+		requiredScopes?: string[];
+		provider?: string;
+		source?: 'server' | 'user';
+	};
+}
+/**
+ * SearchEngine provides semantic and keyword-based search over available API functions.
+ */
+export class SearchEngine {
+	private index: IndexedFunction[] = [];
+	/**
+	 * Creates a new SearchEngine instance.
+	 * @param apiGroups - Array of API group configurations to index
+	 */
+	constructor(apiGroups?: APIGroupConfig[]) {
+		if (apiGroups) {
+			this.buildIndex(apiGroups);
+		}
+	}
+	/**
+	 * Builds the search index from API group configurations.
+	 * @param apiGroups - API groups to index
+	 */
+	private buildIndex(apiGroups: APIGroupConfig[]): void {
+		this.index = [];
+		for (const group of apiGroups) {
+			if (group.functions) {
+				for (const func of group.functions) {
+					const keywords = this.extractKeywords(func.description);
+					const signature = this.generateSignature(func);
+					this.index.push({
+						apiGroup: group.name,
+						functionName: func.name,
+						description: func.description,
+						signature,
+						keywords,
+						metadata: {
+							requiredScopes: func.requiredScopes,
+							provider: func.auth?.oauthProvider,
+							source: func.auth?.source,
+						},
+					});
+				}
+			}
+		}
+	}
+	/**
+	 * Searches for API functions matching the query.
+	 * @param options - Search options including query and filters
+	 * @param userId - Optional user ID for scope filtering
+	 * @param authProvider - Optional auth provider for checking user scopes
+	 * @param scopeFilteringConfig - Optional scope filtering configuration
+	 * @returns Array of search results sorted by relevance
+	 */
+	async search(
+		options: SearchOptions,
+		userId?: string,
+		authProvider?: AuthProvider,
+		scopeFilteringConfig?: ScopeFilteringConfig
+	): Promise<SearchResult[]> {
+		const queryWords = this.extractKeywords(options.query);
+		const results: Array<{ result: SearchResult; score: number }> = [];
+		for (const item of this.index) {
+			if (options.apiGroups && !options.apiGroups.includes(item.apiGroup)) {
+				continue;
+			}
+			if (scopeFilteringConfig?.enabled && item.metadata?.source === 'user') {
+				const shouldInclude = await this.checkScopes(
+					item,
+					userId,
+					authProvider,
+					scopeFilteringConfig
+				);
+				if (!shouldInclude) {
+					continue;
+				}
+			}
+			let score = 0;
+			if (item.description.toLowerCase().includes(options.query.toLowerCase())) {
+				score += 100;
+			}
+			if (item.functionName.toLowerCase().includes(options.query.toLowerCase())) {
+				score += 50;
+			}
+			for (const word of queryWords) {
+				if (item.keywords.includes(word)) {
+					score += 10;
+				}
+				if (item.functionName.toLowerCase().includes(word)) {
+					score += 5;
+				}
+				if (item.description.toLowerCase().includes(word)) {
+					score += 3;
+				}
+			}
+			if (score > 0) {
+				results.push({
+					result: {
+						apiGroup: item.apiGroup,
+						functionName: item.functionName,
+						description: item.description,
+						signature: item.signature,
+						relevanceScore: score,
+					},
+					score,
+				});
+			}
+		}
+		results.sort((a, b) => b.score - a.score);
+		const limit = options.maxResults ?? 10;
+		return results.slice(0, limit).map((r) => r.result);
+	}
+	/**
+	 * Checks if a user has the required scopes for a function.
+	 * @param item - Indexed function to check
+	 * @param userId - User ID
+	 * @param authProvider - Auth provider for looking up credentials
+	 * @param config - Scope filtering configuration
+	 * @returns True if function should be included in results
+	 */
+	private async checkScopes(
+		item: IndexedFunction,
+		userId: string | undefined,
+		authProvider: AuthProvider | undefined,
+		config: ScopeFilteringConfig
+	): Promise<boolean> {
+		const requiredScopes = item.metadata?.requiredScopes;
+		const provider = item.metadata?.provider;
+		if (!requiredScopes || requiredScopes.length === 0) {
+			return true;
+		}
+		if (!userId || !authProvider || !provider) {
+			return config.fallback === 'allow';
+		}
+		try {
+			const userCreds = await authProvider.getUserCredential?.(userId, provider);
+			if (!userCreds) {
+				return config.fallback === 'allow';
+			}
+			const userScopes = userCreds.scopes ?? [];
+			const hasAllScopes = requiredScopes.every((required) => userScopes.includes(required));
+			return hasAllScopes;
+		} catch (error) {
+			return config.fallback === 'allow';
+		}
+	}
+	/**
+	 * Extracts keywords from a text string.
+	 * @param text - Text to extract keywords from
+	 * @returns Array of lowercase keywords
+	 */
+	private extractKeywords(text: string): string[] {
+		return text
+			.toLowerCase()
+			.replace(/[^\w\s]/g, ' ')
+			.split(/\s+/)
+			.filter((word) => word.length > 2);
+	}
+	/**
+	 * Generates a function signature string.
+	 * @param func - Function definition
+	 * @returns Signature string
+	 */
+	private generateSignature(func: {
+		name: string;
+		inputSchema?: { properties?: Record<string, unknown> };
+	}): string {
+		const params: string[] = [];
+		if (func.inputSchema?.properties) {
+			for (const [key, value] of Object.entries(func.inputSchema.properties)) {
+				const prop = value as { type?: string };
+				params.push(`${key}: ${prop.type ?? 'any'}`);
+			}
+		}
+		return `${func.name}({ ${params.join(', ')} })`;
+	}
+}

package/src/security/index.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export * from '@mondaydotcomorg/atp-provenance';

package/src/shutdown.ts ADDED Viewed

@@ -0,0 +1,108 @@
+import { log } from '@mondaydotcomorg/atp-runtime';
+import type { Server } from 'node:http';
+import { flushAuditQueue, shutdownAudit } from './middleware/audit.js';
+import type { ExecutionStateManager } from './execution-state/index.js';
+import type { ClientCallbackManager } from './callback/index.js';
+interface ShutdownHandlers {
+	server?: Server;
+	stateManager?: ExecutionStateManager;
+	callbackManager?: ClientCallbackManager;
+	customHandlers?: Array<() => Promise<void>>;
+}
+let isShuttingDown = false;
+let shutdownHandlers: ShutdownHandlers = {};
+/**
+ * Registers handlers for graceful shutdown
+ */
+export function registerShutdownHandlers(handlers: ShutdownHandlers): void {
+	shutdownHandlers = handlers;
+	process.on('SIGTERM', handleShutdown);
+	process.on('SIGINT', handleShutdown);
+	process.on('uncaughtException', (error) => {
+		log.error('Uncaught exception', { error: error.message, stack: error.stack });
+		handleShutdown();
+	});
+	process.on('unhandledRejection', (reason) => {
+		log.error('Unhandled promise rejection', { reason });
+		handleShutdown();
+	});
+}
+/**
+ * Performs graceful shutdown
+ */
+async function handleShutdown(): Promise<void> {
+	if (isShuttingDown) {
+		log.warn('Shutdown already in progress');
+		return;
+	}
+	isShuttingDown = true;
+	log.info('Starting graceful shutdown...');
+	const shutdownTimeout = setTimeout(() => {
+		log.error('Shutdown timeout exceeded, forcing exit');
+		process.exit(1);
+	}, 30000);
+	try {
+		if (shutdownHandlers.server) {
+			log.info('Closing HTTP server...');
+			await new Promise<void>((resolve, reject) => {
+				shutdownHandlers.server!.close((err) => {
+					if (err) reject(err);
+					else resolve();
+				});
+			});
+			log.info('HTTP server closed');
+		}
+		log.info('Flushing audit queue...');
+		await flushAuditQueue();
+		shutdownAudit();
+		log.info('Audit system stopped');
+		if (shutdownHandlers.stateManager) {
+			log.info('Closing state manager...');
+			await shutdownHandlers.stateManager.close();
+			log.info('State manager closed');
+		}
+		if (shutdownHandlers.callbackManager) {
+			log.info('Cleaning up callback manager...');
+			shutdownHandlers.callbackManager.destroy();
+			log.info('Callback manager cleaned up');
+		}
+		if (shutdownHandlers.customHandlers) {
+			log.info('Running custom shutdown handlers...');
+			for (const handler of shutdownHandlers.customHandlers) {
+				await handler();
+			}
+			log.info('Custom handlers completed');
+		}
+		clearTimeout(shutdownTimeout);
+		log.info('Graceful shutdown completed');
+		process.exit(0);
+	} catch (error) {
+		clearTimeout(shutdownTimeout);
+		log.error('Error during shutdown', {
+			error: error instanceof Error ? error.message : 'Unknown error',
+		});
+		process.exit(1);
+	}
+}
+/**
+ * Triggers graceful shutdown programmatically
+ */
+export function shutdown(): void {
+	handleShutdown();
+}

package/src/utils/banner.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import type { CacheProvider, AuthProvider, AuditSink } from '@mondaydotcomorg/atp-protocol';
+export interface BannerOptions {
+	port: number;
+	cacheProvider?: CacheProvider;
+	authProvider?: AuthProvider;
+	auditSink?: AuditSink;
+}
+/**
+ * Prints a startup banner with server information
+ */
+export function printBanner(options: BannerOptions): void {
+	const { port, cacheProvider, authProvider, auditSink } = options;
+	console.log('\n✨ ATP Server ready!');
+	console.log(`📍 http://localhost:${port}/`);
+	console.log(`📚 Type definitions: http://localhost:${port}/openapi.json`);
+	console.log(`🔍 API search: http://localhost:${port}/explorer`);
+	if (cacheProvider) console.log(`💾 Cache: ${cacheProvider.name}`);
+	if (authProvider) console.log(`🔒 Auth: ${authProvider.name}`);
+	if (auditSink) console.log(`📝 Audit: ${auditSink.name}`);
+	console.log();
+}

package/src/utils/context.ts ADDED Viewed

@@ -0,0 +1,58 @@
+import { IncomingMessage } from 'node:http';
+import type { CacheProvider, AuthProvider, AuditSink } from '@mondaydotcomorg/atp-protocol';
+import { log } from '@mondaydotcomorg/atp-runtime';
+import type { RequestContext } from '../core/config.js';
+import { parseQuery } from '../core/http.js';
+export interface CreateContextOptions {
+	req: IncomingMessage;
+	cacheProvider?: CacheProvider;
+	authProvider?: AuthProvider;
+	auditSink?: AuditSink;
+	customLogger?: any;
+	responseHeaders: Map<IncomingMessage, Map<string, string>>;
+}
+/**
+ * Creates a request context object with all necessary helpers and providers
+ */
+export function createContext(options: CreateContextOptions): RequestContext {
+	const { req, cacheProvider, authProvider, auditSink, customLogger, responseHeaders } = options;
+	const clientId = (req.headers['x-client-id'] as string) || undefined;
+	const userId = (req.headers['x-user-id'] as string) || undefined;
+	return {
+		method: req.method || 'GET',
+		path: req.url || '/',
+		query: parseQuery(req.url || '/'),
+		headers: req.headers as Record<string, string>,
+		body: null,
+		status: 200,
+		responseBody: null,
+		clientId,
+		userId,
+		cache: cacheProvider,
+		auth: authProvider,
+		audit: auditSink,
+		logger: customLogger || log,
+		throw: (status, message) => {
+			const error = new Error(message) as any;
+			error.status = status;
+			throw error;
+		},
+		assert: (condition, message) => {
+			if (!condition) {
+				const error = new Error(message) as any;
+				error.status = 400;
+				throw error;
+			}
+		},
+		set: (header, value) => {
+			if (!responseHeaders.has(req)) {
+				responseHeaders.set(req, new Map());
+			}
+			responseHeaders.get(req)!.set(header, value);
+		},
+	};
+}

package/src/utils/error.ts ADDED Viewed

@@ -0,0 +1,25 @@
+import { ServerResponse } from 'node:http';
+import { log } from '@mondaydotcomorg/atp-runtime';
+/**
+ * Handles HTTP request errors and sends appropriate responses
+ */
+export function handleError(
+	res: ServerResponse,
+	error: Error & { status?: number },
+	requestId: string,
+	additionalHeaders?: Map<string, string>
+): void {
+	const status = error.status || 500;
+	log.error('Request failed', { requestId, error: error.message, stack: error.stack });
+	const headers: Record<string, string> = { 'Content-Type': 'application/json' };
+	if (additionalHeaders) {
+		for (const [key, value] of additionalHeaders.entries()) {
+			headers[key] = value;
+		}
+	}
+	res.writeHead(status, headers);
+	res.end(JSON.stringify({ error: error.message, requestId }));
+}

package/src/utils/hint-based-instrumentation.ts ADDED Viewed

@@ -0,0 +1,99 @@
+/**
+ * Pre-process code to mark string literals that match provenance hints as tainted
+ * This enables cross-execution provenance tracking
+ */
+import * as acorn from 'acorn';
+import * as walk from 'acorn-walk';
+import * as escodegen from 'escodegen';
+import type { ProvenanceMetadata } from '@mondaydotcomorg/atp-provenance';
+import { computeDigest } from '@mondaydotcomorg/atp-provenance';
+/**
+ * Instrument string literals in code that match hint digests
+ * Wraps them in __mark_tainted(value, hintId) calls
+ */
+export function instrumentLiteralsFromHints(
+	code: string,
+	hintMetadata: Map<string, ProvenanceMetadata>
+): { code: string; taintedCount: number } {
+	if (!hintMetadata || hintMetadata.size === 0) {
+		return { code, taintedCount: 0 };
+	}
+	let taintedCount = 0;
+	const valueMap = (hintMetadata as any).__valueMap as Map<string, ProvenanceMetadata> | undefined;
+	try {
+		const isAlreadyWrapped = code.trim().startsWith('(async function');
+		const wrappedCode = isAlreadyWrapped ? code : `(async function() {\n${code}\n})`;
+		const ast = acorn.parse(wrappedCode, {
+			ecmaVersion: 2022,
+			sourceType: 'script',
+		}) as any;
+		walk.simple(ast, {
+			Literal(node: any) {
+				if (typeof node.value === 'string') {
+					let shouldTaint = false;
+					const digest = computeDigest(node.value);
+					if (digest && hintMetadata.has(digest)) {
+						shouldTaint = true;
+					}
+					if (!shouldTaint && valueMap && valueMap.size > 0) {
+						for (const hintValue of valueMap.keys()) {
+							if (node.value.includes(hintValue)) {
+								shouldTaint = true;
+								break;
+							}
+						}
+					}
+					if (shouldTaint) {
+						const originalValue = node.value;
+						const originalRaw = (node as any).raw || JSON.stringify(originalValue);
+						(node as any).type = 'CallExpression';
+						(node as any).callee = {
+							type: 'Identifier',
+							name: '__mark_tainted',
+						};
+						(node as any).arguments = [
+							{
+								type: 'Literal',
+								value: originalValue,
+								raw: originalRaw,
+							},
+						];
+						delete (node as any).value;
+						delete (node as any).raw;
+						taintedCount++;
+					}
+				}
+			},
+		});
+		let instrumentedCode = escodegen.generate(ast);
+		if (!isAlreadyWrapped) {
+			const unwrapPrefix = '(async function () {\n';
+			const unwrapSuffix = '\n})';
+			if (instrumentedCode.startsWith(unwrapPrefix) && instrumentedCode.endsWith(unwrapSuffix)) {
+				instrumentedCode = instrumentedCode.slice(unwrapPrefix.length, -unwrapSuffix.length);
+			}
+		} else {
+			if (instrumentedCode.endsWith(');')) {
+				instrumentedCode = instrumentedCode.slice(0, -1);
+			}
+		}
+		return { code: instrumentedCode, taintedCount };
+	} catch (error) {
+		console.error('Failed to instrument literals from hints:', error);
+		return { code, taintedCount: 0 };
+	}
+}

package/src/utils/index.ts ADDED Viewed

@@ -0,0 +1,15 @@
+export { toJSONSchema } from './schema.js';
+export { printBanner, type BannerOptions } from './banner.js';
+export { handleError } from './error.js';
+export { createContext, type CreateContextOptions } from './context.js';
+export { getServerInfo, type ServerInfo, type ServerLimits } from './info.js';
+export { readBody, readJsonBody, DEFAULT_MAX_BODY_SIZE } from './request.js';
+export {
+	sendJson,
+	sendError,
+	send404,
+	sendBadRequest,
+	sendServiceUnavailable,
+	setCorsHeaders,
+	handleOptions,
+} from './response.js';

package/src/utils/info.ts ADDED Viewed

@@ -0,0 +1,31 @@
+export interface ServerLimits {
+	maxTimeout: number;
+	maxMemory: number;
+	maxLLMCalls: number;
+}
+export interface ServerInfo {
+	version: string;
+	capabilities: {
+		execution: boolean;
+		search: boolean;
+		streaming: boolean;
+		llmCalls: boolean;
+	};
+	limits: ServerLimits;
+}
+/**
+ * Generates server information object
+ */
+export function getServerInfo(limits: ServerLimits): ServerInfo {
+	return {
+		version: '1.0.0',
+		capabilities: { execution: true, search: true, streaming: false, llmCalls: true },
+		limits: {
+			maxTimeout: limits.maxTimeout,
+			maxMemory: limits.maxMemory,
+			maxLLMCalls: limits.maxLLMCalls,
+		},
+	};
+}