@mux/ai 0.6.0 → 0.7.2

package/dist/primitives/index.d.ts

@@ -1,3 +1,3 @@
-export { D as DEFAULT_STORYBOARD_WIDTH, T as ThumbnailOptions, f as TranscriptFetchOptions, h as TranscriptResult, V as VTTCue, n as buildTranscriptUrl, c as chunkByTokens, b as chunkText, a as chunkVTTCues, e as estimateTokenCount, l as extractTextFromVTT, m as extractTimestampedTranscript, o as fetchTranscriptForAsset, k as findCaptionTrack, j as getReadyTextTracks, g as getStoryboardUrl, d as getThumbnailUrls, p as parseVTTCues, s as secondsToTimestamp, v as vttTimestampToSeconds } from '../index-DAlX4SNJ.js';
-import '../types-CqjLMB84.js';
+export { D as DEFAULT_STORYBOARD_WIDTH, H as HeatmapOptions, a as HeatmapResponse, b as Hotspot, c as HotspotOptions, d as HotspotResponse, T as ThumbnailOptions, e as TranscriptFetchOptions, f as TranscriptResult, V as VTTCue, g as buildTranscriptUrl, h as chunkByTokens, j as chunkText, k as chunkVTTCues, l as estimateTokenCount, m as extractTextFromVTT, n as extractTimestampedTranscript, o as fetchTranscriptForAsset, p as findCaptionTrack, q as getHeatmapForAsset, r as getHeatmapForPlaybackId, s as getHeatmapForVideo, t as getHotspotsForAsset, u as getHotspotsForPlaybackId, v as getHotspotsForVideo, w as getReadyTextTracks, x as getStoryboardUrl, y as getThumbnailUrls, z as parseVTTCues, A as secondsToTimestamp, B as vttTimestampToSeconds } from '../index-DZlygsvb.js';
+import '../types-BQVi_wnh.js';
 import '@mux/mux-node';

package/dist/primitives/index.js

@@ -1,5 +1,7 @@
-// src/lib/url-signing.ts
-import Mux from "@mux/mux-node";
+// src/lib/providers.ts
+import { createAnthropic } from "@ai-sdk/anthropic";
+import { createGoogleGenerativeAI } from "@ai-sdk/google";
+import { createOpenAI } from "@ai-sdk/openai";
 
 // src/env.ts
 import { z } from "zod";
@@ -54,6 +56,9 @@ var EnvSchema = z.object({
   S3_BUCKET: optionalString("Bucket used for caption and audio uploads.", "S3 bucket"),
   S3_ACCESS_KEY_ID: optionalString("Access key ID for S3-compatible uploads.", "S3 access key id"),
   S3_SECRET_ACCESS_KEY: optionalString("Secret access key for S3-compatible uploads.", "S3 secret access key"),
+  S3_ALLOWED_ENDPOINT_HOSTS: optionalString(
+    "Comma-separated S3 endpoint allowlist (supports exact hosts and *.suffix patterns)."
+  ),
   EVALITE_RESULTS_ENDPOINT: optionalString(
     "Full URL for posting Evalite results (e.g., https://example.com/api/evalite-results).",
     "Evalite results endpoint"
@@ -95,11 +100,15 @@ var WORKFLOW_ENCRYPTION_VERSION = 1;
 var WORKFLOW_ENCRYPTION_ALGORITHM = "aes-256-gcm";
 var IV_LENGTH_BYTES = 12;
 var AUTH_TAG_LENGTH_BYTES = 16;
+function normalizeBase64Input(value) {
+  const cleaned = value.replace(/\s+/g, "").replace(/-/g, "+").replace(/_/g, "/");
+  return cleaned?.length % 4 === 0 ? cleaned : cleaned + "=".repeat(4 - cleaned.length % 4);
+}
 function base64ToBytes(value, label) {
   if (!value) {
     throw new Error(`${label} is missing`);
   }
-  const normalized = value.length % 4 === 0 ? value : value + "=".repeat(4 - value.length % 4);
+  const normalized = normalizeBase64Input(value);
   const atobImpl = typeof globalThis.atob === "function" ? globalThis.atob.bind(globalThis) : void 0;
   if (atobImpl) {
     let binary;
@@ -117,19 +126,18 @@ function base64ToBytes(value, label) {
     }
     return bytes2;
   }
-  const cleaned = normalized.replace(/\s+/g, "");
-  if (cleaned.length % 4 !== 0) {
+  if (normalized.length % 4 !== 0) {
     throw new Error(`${label} is not valid base64`);
   }
-  const padding = cleaned.endsWith("==") ? 2 : cleaned.endsWith("=") ? 1 : 0;
-  const outputLength = cleaned.length / 4 * 3 - padding;
+  const padding = normalized.endsWith("==") ? 2 : normalized.endsWith("=") ? 1 : 0;
+  const outputLength = normalized.length / 4 * 3 - padding;
   const bytes = new Uint8Array(outputLength);
   let offset = 0;
-  for (let i = 0; i < cleaned.length; i += 4) {
-    const c0 = cleaned.charCodeAt(i);
-    const c1 = cleaned.charCodeAt(i + 1);
-    const c2 = cleaned.charCodeAt(i + 2);
-    const c3 = cleaned.charCodeAt(i + 3);
+  for (let i = 0; i < normalized.length; i += 4) {
+    const c0 = normalized.charCodeAt(i);
+    const c1 = normalized.charCodeAt(i + 1);
+    const c2 = normalized.charCodeAt(i + 2);
+    const c3 = normalized.charCodeAt(i + 3);
     if (c0 === 61 || c1 === 61) {
       throw new Error(`${label} is not valid base64`);
     }
@@ -250,7 +258,9 @@ async function shouldEnforceEncryptedCredentials() {
 function getWorkflowSecretKeyFromEnv() {
   const key = env_default.MUX_AI_WORKFLOW_SECRET_KEY;
   if (!key) {
-    throw new Error("Workflow secret key is required. Set MUX_AI_WORKFLOW_SECRET_KEY environment variable.");
+    throw new Error(
+      "Workflow secret key is required. Set MUX_AI_WORKFLOW_SECRET_KEY environment variable."
+    );
   }
   return key;
 }
@@ -281,30 +291,182 @@ async function resolveWorkflowCredentials(credentials) {
       );
       return { ...resolved, ...decrypted };
     } catch (error) {
-      const detail = error instanceof Error ? error.message : String(error);
+      const detail = error instanceof Error ? error.message : "Unknown error.";
       throw new Error(`Failed to decrypt workflow credentials. ${detail}`);
     }
   }
   if (await shouldEnforceEncryptedCredentials()) {
     throw new Error(
-      "Plaintext workflow credentials are not allowed when using Workflow Dev Kit.Pass encrypted credentials (encryptForWorkflow) or resolve secrets via environment variables."
+      "Plaintext workflow credentials are not allowed when using Workflow Dev Kit. Pass encrypted credentials (encryptForWorkflow) or resolve secrets via environment variables."
     );
   }
   return { ...resolved, ...credentials };
 }
+function readString(record, key) {
+  const value = record?.[key];
+  return typeof value === "string" && value.length > 0 ? value : void 0;
+}
+function resolveDirectMuxCredentials(record) {
+  const tokenId = readString(record, "muxTokenId");
+  const tokenSecret = readString(record, "muxTokenSecret");
+  const signingKey = readString(record, "muxSigningKey");
+  const privateKey = readString(record, "muxPrivateKey");
+  if (!tokenId && !tokenSecret && !signingKey && !privateKey) {
+    return void 0;
+  }
+  if (!tokenId || !tokenSecret) {
+    throw new Error(
+      "Both muxTokenId and muxTokenSecret are required when passing direct Mux workflow credentials."
+    );
+  }
+  return {
+    tokenId,
+    tokenSecret,
+    signingKey,
+    privateKey
+  };
+}
+function createWorkflowMuxClient(options) {
+  return {
+    async createClient() {
+      const { default: MuxClient } = await import("@mux/mux-node");
+      return new MuxClient({
+        tokenId: options.tokenId,
+        tokenSecret: options.tokenSecret
+      });
+    },
+    getSigningKey() {
+      return options.signingKey;
+    },
+    getPrivateKey() {
+      return options.privateKey;
+    }
+  };
+}
+async function resolveMuxClient(credentials) {
+  const resolved = await resolveWorkflowCredentials(credentials);
+  const resolvedRecord = resolved;
+  const resolvedMuxCredentials = resolveDirectMuxCredentials(resolvedRecord);
+  if (resolvedMuxCredentials) {
+    return createWorkflowMuxClient(resolvedMuxCredentials);
+  }
+  const muxTokenId = env_default.MUX_TOKEN_ID;
+  const muxTokenSecret = env_default.MUX_TOKEN_SECRET;
+  if (!muxTokenId || !muxTokenSecret) {
+    throw new Error(
+      "Mux credentials are required. Provide muxTokenId/muxTokenSecret via workflow credentials, or set MUX_TOKEN_ID and MUX_TOKEN_SECRET environment variables."
+    );
+  }
+  return createWorkflowMuxClient({
+    tokenId: muxTokenId,
+    tokenSecret: muxTokenSecret,
+    signingKey: env_default.MUX_SIGNING_KEY,
+    privateKey: env_default.MUX_PRIVATE_KEY
+  });
+}
 async function resolveMuxSigningContext(credentials) {
   const resolved = await resolveWorkflowCredentials(credentials);
-  const keyId = resolved.muxSigningKey ?? env_default.MUX_SIGNING_KEY;
-  const keySecret = resolved.muxPrivateKey ?? env_default.MUX_PRIVATE_KEY;
+  const resolvedRecord = resolved;
+  const keyId = readString(resolvedRecord, "muxSigningKey") ?? env_default.MUX_SIGNING_KEY;
+  const keySecret = readString(resolvedRecord, "muxPrivateKey") ?? env_default.MUX_PRIVATE_KEY;
   if (!keyId || !keySecret) {
     return void 0;
   }
   return { keyId, keySecret };
 }
 
+// src/lib/client-factory.ts
+async function getMuxClientFromEnv(credentials) {
+  return resolveMuxClient(credentials);
+}
+
+// src/primitives/heatmap.ts
+async function getHeatmapForAsset(assetId, options = {}) {
+  "use step";
+  return fetchHeatmap("assets", assetId, options);
+}
+async function getHeatmapForVideo(videoId, options = {}) {
+  "use step";
+  return fetchHeatmap("videos", videoId, options);
+}
+async function getHeatmapForPlaybackId(playbackId, options = {}) {
+  "use step";
+  return fetchHeatmap("playback-ids", playbackId, options);
+}
+function transformHeatmapResponse(response) {
+  return {
+    assetId: response.asset_id,
+    videoId: response.video_id,
+    playbackId: response.playback_id,
+    heatmap: response.heatmap,
+    timeframe: response.timeframe
+  };
+}
+async function fetchHeatmap(identifierType, id, options) {
+  "use step";
+  const { timeframe = "[24:hours]", credentials } = options;
+  const muxClient = await getMuxClientFromEnv(credentials);
+  const mux = await muxClient.createClient();
+  const queryParams = new URLSearchParams();
+  queryParams.append("timeframe[]", timeframe);
+  const path = `/data/v1/engagement/${identifierType}/${id}/heatmap?${queryParams.toString()}`;
+  const response = await mux.get(path);
+  return transformHeatmapResponse(response);
+}
+
+// src/primitives/hotspots.ts
+async function getHotspotsForAsset(assetId, options = {}) {
+  "use step";
+  const response = await fetchHotspots("assets", assetId, options);
+  return response.hotspots;
+}
+async function getHotspotsForVideo(videoId, options = {}) {
+  "use step";
+  const response = await fetchHotspots("videos", videoId, options);
+  return response.hotspots;
+}
+async function getHotspotsForPlaybackId(playbackId, options = {}) {
+  "use step";
+  const response = await fetchHotspots("playback-ids", playbackId, options);
+  return response.hotspots;
+}
+function transformHotspotResponse(response) {
+  return {
+    assetId: response.data.asset_id,
+    videoId: response.data.video_id,
+    playbackId: response.data.playback_id,
+    hotspots: response.data.hotspots.map((h) => ({
+      startMs: h.start_ms,
+      endMs: h.end_ms,
+      score: h.score
+    }))
+  };
+}
+async function fetchHotspots(identifierType, id, options) {
+  "use step";
+  const {
+    limit = 5,
+    orderDirection = "desc",
+    orderBy = "score",
+    timeframe = "[24:hours]",
+    credentials
+  } = options;
+  const muxClient = await getMuxClientFromEnv(credentials);
+  const mux = await muxClient.createClient();
+  const queryParams = new URLSearchParams();
+  queryParams.append("limit", String(limit));
+  queryParams.append("order_direction", orderDirection);
+  queryParams.append("order_by", orderBy);
+  queryParams.append("timeframe[]", timeframe);
+  const path = `/data/v1/engagement/${identifierType}/${id}/hotspots?${queryParams.toString()}`;
+  const response = await mux.get(path);
+  return transformHotspotResponse(response);
+}
+
 // src/lib/url-signing.ts
-function createSigningClient(context) {
-  return new Mux({
+async function createSigningClient(context) {
+  const { default: MuxClient } = await import("@mux/mux-node");
+  return new MuxClient({
     // These are not needed for signing, but the SDK requires them
     // Using empty strings as we only need the jwt functionality
     tokenId: env_default.MUX_TOKEN_ID || "",
@@ -315,7 +477,7 @@ function createSigningClient(context) {
 }
 async function signPlaybackId(playbackId, context, type = "video", params) {
   "use step";
-  const client = createSigningClient(context);
+  const client = await createSigningClient(context);
   const stringParams = params ? Object.fromEntries(
     Object.entries(params).map(([key, value]) => [key, String(value)])
   ) : void 0;
@@ -330,7 +492,7 @@ async function signUrl(url, playbackId, context, type = "video", params, credent
   const resolvedContext = context ?? await resolveMuxSigningContext(credentials);
   if (!resolvedContext) {
     throw new Error(
-      "Signed playback ID requires signing credentials. Provide muxSigningKey and muxPrivateKey in credentials or set MUX_SIGNING_KEY and MUX_PRIVATE_KEY environment variables."
+      "Signed playback ID requires signing credentials. Provide muxSigningKey and muxPrivateKey via workflow credentials or set MUX_SIGNING_KEY and MUX_PRIVATE_KEY environment variables."
     );
   }
   const token = await signPlaybackId(playbackId, resolvedContext, type, params);
@@ -658,6 +820,12 @@ export {
   extractTimestampedTranscript,
   fetchTranscriptForAsset,
   findCaptionTrack,
+  getHeatmapForAsset,
+  getHeatmapForPlaybackId,
+  getHeatmapForVideo,
+  getHotspotsForAsset,
+  getHotspotsForPlaybackId,
+  getHotspotsForVideo,
   getReadyTextTracks,
   getStoryboardUrl,
   getThumbnailUrls,