@naisys/common 3.0.0-beta.4 → 3.0.0-beta.5

package/dist/globalConfigLoader.js

@@ -1,12 +1,12 @@
 import { sanitizeSpendLimit } from "./configUtils.js";
 /** Keys that should never be distributed to clients */
 const EXCLUDED_KEYS = [
-    "HUB_ACCESS_KEY",
-    "HUB_PORT",
-    "NAISYS_FOLDER",
-    "NAISYS_HOSTNAME",
-    "NODE_ENV",
-    "SUPERVISOR_PORT",
+  "HUB_ACCESS_KEY",
+  "HUB_PORT",
+  "NAISYS_FOLDER",
+  "NAISYS_HOSTNAME",
+  "NODE_ENV",
+  "SUPERVISOR_PORT",
 ];
 /**
  * Builds hub-distributable config from the provided env vars.
@@ -15,44 +15,44 @@ const EXCLUDED_KEYS = [
  *   When undefined (e.g. .env fallback), all variables are exported for backwards compat.
  */
 export function buildClientConfig(variables, shellExportKeys) {
-    const shellCommand = {
-        outputTokenMax: 7500,
-        timeoutSeconds: 10,
-        maxTimeoutSeconds: 60 * 5,
-    };
-    const retrySecondsMax = 30 * 60;
-    const webTokenMax = 5000;
-    const compactSessionEnabled = true;
-    const preemptiveCompactEnabled = true;
-    // Build variableMap, filtering out excluded keys and undefined values
-    const variableMap = {};
-    const shellVariableMap = {};
-    for (const [key, value] of Object.entries(variables)) {
-        if (value !== undefined && !EXCLUDED_KEYS.includes(key)) {
-            variableMap[key] = value;
-            // When shellExportKeys is undefined (standalone .env mode), export all
-            if (!shellExportKeys || shellExportKeys.has(key)) {
-                shellVariableMap[key] = value;
-            }
-        }
+  const shellCommand = {
+    outputTokenMax: 7500,
+    timeoutSeconds: 10,
+    maxTimeoutSeconds: 60 * 5,
+  };
+  const retrySecondsMax = 30 * 60;
+  const webTokenMax = 5000;
+  const compactSessionEnabled = true;
+  const preemptiveCompactEnabled = true;
+  // Build variableMap, filtering out excluded keys and undefined values
+  const variableMap = {};
+  const shellVariableMap = {};
+  for (const [key, value] of Object.entries(variables)) {
+    if (value !== undefined && !EXCLUDED_KEYS.includes(key)) {
+      variableMap[key] = value;
+      // When shellExportKeys is undefined (standalone .env mode), export all
+      if (!shellExportKeys || shellExportKeys.has(key)) {
+        shellVariableMap[key] = value;
+      }
     }
-    const googleSearchEngineId = variableMap.GOOGLE_SEARCH_ENGINE_ID;
-    const spendLimitDollars = sanitizeSpendLimit(variableMap.SPEND_LIMIT_DOLLARS);
-    const spendLimitHours = sanitizeSpendLimit(variableMap.SPEND_LIMIT_HOURS);
-    const useToolsForLlmConsoleResponses = true;
-    const autoStartAgentsOnMessage = true;
-    return {
-        shellCommand,
-        retrySecondsMax,
-        webTokenMax,
-        compactSessionEnabled,
-        preemptiveCompactEnabled,
-        variableMap,
-        shellVariableMap,
-        googleSearchEngineId,
-        spendLimitDollars,
-        spendLimitHours,
-        useToolsForLlmConsoleResponses,
-        autoStartAgentsOnMessage,
-    };
+  }
+  const googleSearchEngineId = variableMap.GOOGLE_SEARCH_ENGINE_ID;
+  const spendLimitDollars = sanitizeSpendLimit(variableMap.SPEND_LIMIT_DOLLARS);
+  const spendLimitHours = sanitizeSpendLimit(variableMap.SPEND_LIMIT_HOURS);
+  const useToolsForLlmConsoleResponses = true;
+  const autoStartAgentsOnMessage = true;
+  return {
+    shellCommand,
+    retrySecondsMax,
+    webTokenMax,
+    compactSessionEnabled,
+    preemptiveCompactEnabled,
+    variableMap,
+    shellVariableMap,
+    googleSearchEngineId,
+    spendLimitDollars,
+    spendLimitHours,
+    useToolsForLlmConsoleResponses,
+    autoStartAgentsOnMessage,
+  };
 }

package/dist/hateoas-types.js

@@ -1,42 +1,42 @@
 import { z } from "zod/v4";
 export const HateoasLinkSchema = z.object({
-    rel: z.string(),
-    href: z.string(),
-    method: z.string().optional(),
-    title: z.string().optional(),
-    schema: z.string().optional(),
+  rel: z.string(),
+  href: z.string(),
+  method: z.string().optional(),
+  title: z.string().optional(),
+  schema: z.string().optional(),
 });
 export const AlternateEncodingSchema = z.object({
-    contentType: z.string(),
-    description: z.string().optional(),
-    fileFields: z.array(z.string()),
+  contentType: z.string(),
+  description: z.string().optional(),
+  fileFields: z.array(z.string()),
 });
 export const HateoasActionSchema = z.object({
-    rel: z.string(),
-    href: z.string(),
-    method: z.string(),
-    title: z.string().optional(),
-    schema: z.string().optional(),
-    body: z.record(z.string(), z.unknown()).optional(),
-    alternateEncoding: AlternateEncodingSchema.optional(),
-    disabled: z.boolean().optional(),
-    disabledReason: z.union([z.string(), z.array(z.string())]).optional(),
+  rel: z.string(),
+  href: z.string(),
+  method: z.string(),
+  title: z.string().optional(),
+  schema: z.string().optional(),
+  body: z.record(z.string(), z.unknown()).optional(),
+  alternateEncoding: AlternateEncodingSchema.optional(),
+  disabled: z.boolean().optional(),
+  disabledReason: z.union([z.string(), z.array(z.string())]).optional(),
 });
 export const HateoasActionTemplateSchema = z.object({
-    rel: z.string(),
-    hrefTemplate: z.string(),
-    method: z.string(),
-    title: z.string().optional(),
-    schema: z.string().optional(),
-    body: z.record(z.string(), z.unknown()).optional(),
-    alternateEncoding: AlternateEncodingSchema.optional(),
+  rel: z.string(),
+  hrefTemplate: z.string(),
+  method: z.string(),
+  title: z.string().optional(),
+  schema: z.string().optional(),
+  body: z.record(z.string(), z.unknown()).optional(),
+  alternateEncoding: AlternateEncodingSchema.optional(),
 });
 export const HateoasLinkTemplateSchema = z.object({
-    rel: z.string(),
-    hrefTemplate: z.string(),
-    title: z.string().optional(),
+  rel: z.string(),
+  hrefTemplate: z.string(),
+  title: z.string().optional(),
 });
 export const HateoasLinksSchema = z.object({
-    _links: z.array(HateoasLinkSchema),
-    _actions: z.array(HateoasActionSchema).optional(),
+  _links: z.array(HateoasLinkSchema),
+  _actions: z.array(HateoasActionSchema).optional(),
 });

package/dist/hateoas.js

@@ -4,63 +4,59 @@
  * (e.g. when rendering a disabled button with a tooltip).
  */
 export function hasAction(actions, rel, opts) {
-    const a = actions?.find((a) => a.rel === rel);
-    if (!a)
-        return undefined;
-    if (a.disabled && !opts?.includeDisabled)
-        return undefined;
-    return a;
+  const a = actions?.find((a) => a.rel === rel);
+  if (!a) return undefined;
+  if (a.disabled && !opts?.includeDisabled) return undefined;
+  return a;
 }
 export function hasActionTemplate(templates, rel) {
-    return templates?.find((t) => t.rel === rel);
+  return templates?.find((t) => t.rel === rel);
 }
 export function hasLinkTemplate(templates, rel) {
-    return templates?.find((t) => t.rel === rel);
+  return templates?.find((t) => t.rel === rel);
 }
 export function resolveActions(defs, baseHref, ctx, checkPermission) {
-    const actions = [];
-    for (const def of defs) {
-        if (def.statuses) {
-            const status = ctx.status;
-            if (!status || !def.statuses.includes(status))
-                continue;
-        }
-        if (def.visibleWhen && !def.visibleWhen(ctx))
-            continue;
-        const hasPerm = !def.permission || checkPermission(def.permission);
-        if (def.hideWithoutPermission && !hasPerm)
-            continue;
-        const gate = !hasPerm && def.permission
-            ? {
-                disabled: true,
-                disabledReason: `Requires ${def.permission} permission`,
-            }
-            : {};
-        const disabledReason = hasPerm && def.disabledWhen ? def.disabledWhen(ctx) : null;
-        actions.push({
-            rel: def.rel,
-            href: def.href ?? baseHref + (def.path ?? ""),
-            method: def.method,
-            title: def.title,
-            ...(def.schema ? { schema: def.schema } : {}),
-            ...(def.body ? { body: def.body } : {}),
-            ...gate,
-            ...(disabledReason ? { disabled: true, disabledReason } : {}),
-        });
+  const actions = [];
+  for (const def of defs) {
+    if (def.statuses) {
+      const status = ctx.status;
+      if (!status || !def.statuses.includes(status)) continue;
     }
-    return actions;
+    if (def.visibleWhen && !def.visibleWhen(ctx)) continue;
+    const hasPerm = !def.permission || checkPermission(def.permission);
+    if (def.hideWithoutPermission && !hasPerm) continue;
+    const gate =
+      !hasPerm && def.permission
+        ? {
+            disabled: true,
+            disabledReason: `Requires ${def.permission} permission`,
+          }
+        : {};
+    const disabledReason =
+      hasPerm && def.disabledWhen ? def.disabledWhen(ctx) : null;
+    actions.push({
+      rel: def.rel,
+      href: def.href ?? baseHref + (def.path ?? ""),
+      method: def.method,
+      title: def.title,
+      ...(def.schema ? { schema: def.schema } : {}),
+      ...(def.body ? { body: def.body } : {}),
+      ...gate,
+      ...(disabledReason ? { disabled: true, disabledReason } : {}),
+    });
+  }
+  return actions;
 }
 export function permGate(hasPerm, permission) {
-    return hasPerm
-        ? {}
-        : {
-            disabled: true,
-            disabledReason: `Requires ${permission} permission`,
-        };
+  return hasPerm
+    ? {}
+    : {
+        disabled: true,
+        disabledReason: `Requires ${permission} permission`,
+      };
 }
 /** Normalize a `disabledReason` (string | string[] | undefined) to a single display string. */
 export function formatDisabledReason(reason) {
-    if (!reason)
-        return undefined;
-    return Array.isArray(reason) ? reason.join("\n") : reason;
+  if (!reason) return undefined;
+  return Array.isArray(reason) ? reason.join("\n") : reason;
 }

package/dist/lenientJsonParser.js

@@ -7,13 +7,16 @@
  * Interface is duck-typed so @naisys/common doesn't need a Fastify dependency.
  */
 export function registerLenientJsonParser(fastify) {
-    fastify.addContentTypeParser("application/json", { parseAs: "string" }, (_req, body, done) => {
-        try {
-            done(null, body.length > 0 ? JSON.parse(body) : {});
-        }
-        catch (err) {
-            err.statusCode = 400;
-            done(err, undefined);
-        }
-    });
+  fastify.addContentTypeParser(
+    "application/json",
+    { parseAs: "string" },
+    (_req, body, done) => {
+      try {
+        done(null, body.length > 0 ? JSON.parse(body) : {});
+      } catch (err) {
+        err.statusCode = 400;
+        done(err, undefined);
+      }
+    },
+  );
 }

package/dist/mimeTypes.js

@@ -1,25 +1,25 @@
 const MIME_TYPES = {
-    // Images
-    ".jpg": "image/jpeg",
-    ".jpeg": "image/jpeg",
-    ".png": "image/png",
-    ".gif": "image/gif",
-    ".webp": "image/webp",
-    ".svg": "image/svg+xml",
-    ".bmp": "image/bmp",
-    // Audio
-    ".wav": "audio/wav",
-    ".mp3": "audio/mpeg",
-    ".m4a": "audio/mp4",
-    ".flac": "audio/flac",
-    ".ogg": "audio/ogg",
-    ".webm": "audio/webm",
-    // Documents
-    ".pdf": "application/pdf",
-    ".txt": "text/plain",
-    ".json": "application/json",
+  // Images
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".png": "image/png",
+  ".gif": "image/gif",
+  ".webp": "image/webp",
+  ".svg": "image/svg+xml",
+  ".bmp": "image/bmp",
+  // Audio
+  ".wav": "audio/wav",
+  ".mp3": "audio/mpeg",
+  ".m4a": "audio/mp4",
+  ".flac": "audio/flac",
+  ".ogg": "audio/ogg",
+  ".webm": "audio/webm",
+  // Documents
+  ".pdf": "application/pdf",
+  ".txt": "text/plain",
+  ".json": "application/json",
 };
 export function mimeFromFilename(filename) {
-    const ext = filename.slice(filename.lastIndexOf(".")).toLowerCase();
-    return MIME_TYPES[ext] ?? "application/octet-stream";
+  const ext = filename.slice(filename.lastIndexOf(".")).toLowerCase();
+  return MIME_TYPES[ext] ?? "application/octet-stream";
 }

package/dist/modelTypes.js

@@ -3,15 +3,15 @@ import { builtInImageModels, builtInLlmModels } from "./builtInModels.js";
 // --- Enums ---
 export var LlmApiType;
 (function (LlmApiType) {
-    LlmApiType["OpenAI"] = "openai";
-    LlmApiType["Google"] = "google";
-    LlmApiType["Anthropic"] = "anthropic";
-    LlmApiType["Mock"] = "mock";
-    LlmApiType["None"] = "none";
+  LlmApiType["OpenAI"] = "openai";
+  LlmApiType["Google"] = "google";
+  LlmApiType["Anthropic"] = "anthropic";
+  LlmApiType["Mock"] = "mock";
+  LlmApiType["None"] = "none";
 })(LlmApiType || (LlmApiType = {}));
 // --- Model schemas ---
 export const LlmModelSchema = z
-    .object({
+  .object({
     key: z.string().min(1),
     label: z.string().min(1),
     versionName: z.string().min(1),
@@ -27,116 +27,119 @@ export const LlmModelSchema = z
     supportsVision: z.boolean().optional(),
     supportsHearing: z.boolean().optional(),
     supportsComputerUse: z.boolean().optional(),
-})
-    .superRefine((data, ctx) => {
-    if (data.baseUrl &&
-        ![LlmApiType.OpenAI, LlmApiType.Anthropic, LlmApiType.Google].includes(data.apiType)) {
-        ctx.addIssue({
-            code: z.ZodIssueCode.custom,
-            message: `baseUrl is only supported for OpenAI, Anthropic, and Google API types (got "${data.apiType}")`,
-            path: ["baseUrl"],
-        });
+  })
+  .superRefine((data, ctx) => {
+    if (
+      data.baseUrl &&
+      ![LlmApiType.OpenAI, LlmApiType.Anthropic, LlmApiType.Google].includes(
+        data.apiType,
+      )
+    ) {
+      ctx.addIssue({
+        code: z.ZodIssueCode.custom,
+        message: `baseUrl is only supported for OpenAI, Anthropic, and Google API types (got "${data.apiType}")`,
+        path: ["baseUrl"],
+      });
     }
-});
+  });
 export const ImageModelSchema = z.object({
-    key: z.string().min(1),
-    label: z.string().min(1),
-    versionName: z.string().min(1),
-    size: z.string().min(1),
-    baseUrl: z.string().optional(),
-    apiKeyVar: z.string(),
-    cost: z.number(),
-    quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
+  key: z.string().min(1),
+  label: z.string().min(1),
+  versionName: z.string().min(1),
+  size: z.string().min(1),
+  baseUrl: z.string().optional(),
+  apiKeyVar: z.string(),
+  cost: z.number(),
+  quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
 });
 // --- Custom models file schema ---
 export const CustomModelsFileSchema = z.object({
-    llmModels: z.array(LlmModelSchema).optional(),
-    imageModels: z.array(ImageModelSchema).optional(),
+  llmModels: z.array(LlmModelSchema).optional(),
+  imageModels: z.array(ImageModelSchema).optional(),
 });
 // --- DB meta schemas (for JSON stored in models.meta column) ---
 const LlmMetaSchema = z.object({
-    apiType: z.enum(LlmApiType),
-    maxTokens: z.number().int().positive(),
-    baseUrl: z.string().optional(),
-    apiKeyVar: z.string(),
-    inputCost: z.number().default(0),
-    outputCost: z.number().default(0),
-    cacheWriteCost: z.number().optional(),
-    cacheReadCost: z.number().optional(),
-    cacheTtlSeconds: z.number().int().positive().optional(),
-    supportsVision: z.boolean().optional(),
-    supportsHearing: z.boolean().optional(),
-    supportsComputerUse: z.boolean().optional(),
+  apiType: z.enum(LlmApiType),
+  maxTokens: z.number().int().positive(),
+  baseUrl: z.string().optional(),
+  apiKeyVar: z.string(),
+  inputCost: z.number().default(0),
+  outputCost: z.number().default(0),
+  cacheWriteCost: z.number().optional(),
+  cacheReadCost: z.number().optional(),
+  cacheTtlSeconds: z.number().int().positive().optional(),
+  supportsVision: z.boolean().optional(),
+  supportsHearing: z.boolean().optional(),
+  supportsComputerUse: z.boolean().optional(),
 });
 const ImageMetaSchema = z.object({
-    size: z.string().min(1),
-    baseUrl: z.string().optional(),
-    apiKeyVar: z.string(),
-    cost: z.number(),
-    quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
+  size: z.string().min(1),
+  baseUrl: z.string().optional(),
+  apiKeyVar: z.string(),
+  cost: z.number(),
+  quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
 });
 export function llmModelToDbFields(model, isBuiltin, isCustom) {
-    const { key, label, versionName, ...metaFields } = model;
-    return {
-        key,
-        type: "llm",
-        label,
-        version_name: versionName,
-        is_builtin: isBuiltin,
-        is_custom: isCustom,
-        meta: JSON.stringify(metaFields),
-    };
+  const { key, label, versionName, ...metaFields } = model;
+  return {
+    key,
+    type: "llm",
+    label,
+    version_name: versionName,
+    is_builtin: isBuiltin,
+    is_custom: isCustom,
+    meta: JSON.stringify(metaFields),
+  };
 }
 export function imageModelToDbFields(model, isBuiltin, isCustom) {
-    const { key, label, versionName, ...metaFields } = model;
-    return {
-        key,
-        type: "image",
-        label,
-        version_name: versionName,
-        is_builtin: isBuiltin,
-        is_custom: isCustom,
-        meta: JSON.stringify(metaFields),
-    };
+  const { key, label, versionName, ...metaFields } = model;
+  return {
+    key,
+    type: "image",
+    label,
+    version_name: versionName,
+    is_builtin: isBuiltin,
+    is_custom: isCustom,
+    meta: JSON.stringify(metaFields),
+  };
 }
 export function dbFieldsToLlmModel(row) {
-    const meta = LlmMetaSchema.parse(JSON.parse(row.meta));
-    return {
-        key: row.key,
-        label: row.label,
-        versionName: row.version_name,
-        ...meta,
-    };
+  const meta = LlmMetaSchema.parse(JSON.parse(row.meta));
+  return {
+    key: row.key,
+    label: row.label,
+    versionName: row.version_name,
+    ...meta,
+  };
 }
 export function dbFieldsToImageModel(row) {
-    const meta = ImageMetaSchema.parse(JSON.parse(row.meta));
-    return {
-        key: row.key,
-        label: row.label,
-        versionName: row.version_name,
-        ...meta,
-    };
+  const meta = ImageMetaSchema.parse(JSON.parse(row.meta));
+  return {
+    key: row.key,
+    label: row.label,
+    versionName: row.version_name,
+    ...meta,
+  };
 }
 // --- Merge helpers ---
 function mergeModels(builtIn, custom) {
-    if (!custom || custom.length === 0) {
-        return [...builtIn];
-    }
-    const result = [...builtIn];
-    for (const c of custom) {
-        const idx = result.findIndex((m) => m.key === c.key);
-        if (idx >= 0) {
-            result[idx] = c;
-        }
-        else {
-            result.push(c);
-        }
+  if (!custom || custom.length === 0) {
+    return [...builtIn];
+  }
+  const result = [...builtIn];
+  for (const c of custom) {
+    const idx = result.findIndex((m) => m.key === c.key);
+    if (idx >= 0) {
+      result[idx] = c;
+    } else {
+      result.push(c);
     }
-    return result;
+  }
+  return result;
 }
 export function getAllLlmModels(customLlmModels) {
-    return mergeModels(builtInLlmModels, customLlmModels);
+  return mergeModels(builtInLlmModels, customLlmModels);
 }
 export function getAllImageModels(customImageModels) {
-    return mergeModels(builtInImageModels, customImageModels);
+  return mergeModels(builtInImageModels, customImageModels);
 }

package/dist/securityHeaders.js

@@ -4,13 +4,19 @@
  * Interfaces are duck-typed so @naisys/common doesn't need a Fastify dependency.
  */
 export function registerSecurityHeaders(fastify, options) {
-    fastify.addHook("onSend", (_request, reply, _payload, done) => {
-        reply.header("X-Content-Type-Options", "nosniff");
-        reply.header("X-Frame-Options", "DENY");
-        reply.header("Content-Security-Policy", "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; connect-src 'self' ws: wss:; font-src 'self' data:; frame-ancestors 'none'");
-        if (options.enforceHsts) {
-            reply.header("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
-        }
-        done();
-    });
+  fastify.addHook("onSend", (_request, reply, _payload, done) => {
+    reply.header("X-Content-Type-Options", "nosniff");
+    reply.header("X-Frame-Options", "DENY");
+    reply.header(
+      "Content-Security-Policy",
+      "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; connect-src 'self' ws: wss:; font-src 'self' data:; frame-ancestors 'none'",
+    );
+    if (options.enforceHsts) {
+      reply.header(
+        "Strict-Transport-Security",
+        "max-age=31536000; includeSubDomains",
+      );
+    }
+    done();
+  });
 }

package/dist/sleep.js

@@ -1,4 +1,4 @@
 /** Async sleep utility. Usage: `await sleep(1000)` */
 export function sleep(ms) {
-    return new Promise((resolve) => setTimeout(resolve, ms));
+  return new Promise((resolve) => setTimeout(resolve, ms));
 }

package/dist/urlSafeKey.js

@@ -1,17 +1,20 @@
 /** Characters allowed in URL path segments used as database keys (usernames, hostnames). */
 export const URL_SAFE_KEY_REGEX = /^[a-zA-Z0-9_-]+$/;
-export const URL_SAFE_KEY_MESSAGE = "Must contain only letters, numbers, hyphens, and underscores";
+export const URL_SAFE_KEY_MESSAGE =
+  "Must contain only letters, numbers, hyphens, and underscores";
 /** Sanitize a string into a URL-safe key (replace spaces/special chars with hyphens). */
 export function toUrlSafeKey(input) {
-    return input
-        .trim()
-        .replace(/[^a-zA-Z0-9_-]/g, "-")
-        .replace(/-{2,}/g, "-")
-        .replace(/^-+|-+$/g, "");
+  return input
+    .trim()
+    .replace(/[^a-zA-Z0-9_-]/g, "-")
+    .replace(/-{2,}/g, "-")
+    .replace(/^-+|-+$/g, "");
 }
 /** Throws if the value is not a valid URL-safe key. */
 export function assertUrlSafeKey(value, label) {
-    if (!URL_SAFE_KEY_REGEX.test(value)) {
-        throw new Error(`${label} "${value}" is not URL-safe. ${URL_SAFE_KEY_MESSAGE}`);
-    }
+  if (!URL_SAFE_KEY_REGEX.test(value)) {
+    throw new Error(
+      `${label} "${value}" is not URL-safe. ${URL_SAFE_KEY_MESSAGE}`,
+    );
+  }
 }