@naisys/common 3.0.0-beta.5 → 3.0.0-beta.7

package/dist/globalConfigLoader.js

@@ -1,12 +1,12 @@
 import { sanitizeSpendLimit } from "./configUtils.js";
 /** Keys that should never be distributed to clients */
 const EXCLUDED_KEYS = [
-  "HUB_ACCESS_KEY",
-  "HUB_PORT",
-  "NAISYS_FOLDER",
-  "NAISYS_HOSTNAME",
-  "NODE_ENV",
-  "SUPERVISOR_PORT",
+    "HUB_ACCESS_KEY",
+    "HUB_PORT",
+    "NAISYS_FOLDER",
+    "NAISYS_HOSTNAME",
+    "NODE_ENV",
+    "SUPERVISOR_PORT",
 ];
 /**
  * Builds hub-distributable config from the provided env vars.
@@ -15,44 +15,44 @@ const EXCLUDED_KEYS = [
  *   When undefined (e.g. .env fallback), all variables are exported for backwards compat.
  */
 export function buildClientConfig(variables, shellExportKeys) {
-  const shellCommand = {
-    outputTokenMax: 7500,
-    timeoutSeconds: 10,
-    maxTimeoutSeconds: 60 * 5,
-  };
-  const retrySecondsMax = 30 * 60;
-  const webTokenMax = 5000;
-  const compactSessionEnabled = true;
-  const preemptiveCompactEnabled = true;
-  // Build variableMap, filtering out excluded keys and undefined values
-  const variableMap = {};
-  const shellVariableMap = {};
-  for (const [key, value] of Object.entries(variables)) {
-    if (value !== undefined && !EXCLUDED_KEYS.includes(key)) {
-      variableMap[key] = value;
-      // When shellExportKeys is undefined (standalone .env mode), export all
-      if (!shellExportKeys || shellExportKeys.has(key)) {
-        shellVariableMap[key] = value;
-      }
+    const shellCommand = {
+        outputTokenMax: 7500,
+        timeoutSeconds: 10,
+        maxTimeoutSeconds: 60 * 5,
+    };
+    const retrySecondsMax = 30 * 60;
+    const webTokenMax = 5000;
+    const compactSessionEnabled = true;
+    const preemptiveCompactEnabled = true;
+    // Build variableMap, filtering out excluded keys and undefined values
+    const variableMap = {};
+    const shellVariableMap = {};
+    for (const [key, value] of Object.entries(variables)) {
+        if (value !== undefined && !EXCLUDED_KEYS.includes(key)) {
+            variableMap[key] = value;
+            // When shellExportKeys is undefined (standalone .env mode), export all
+            if (!shellExportKeys || shellExportKeys.has(key)) {
+                shellVariableMap[key] = value;
+            }
+        }
     }
-  }
-  const googleSearchEngineId = variableMap.GOOGLE_SEARCH_ENGINE_ID;
-  const spendLimitDollars = sanitizeSpendLimit(variableMap.SPEND_LIMIT_DOLLARS);
-  const spendLimitHours = sanitizeSpendLimit(variableMap.SPEND_LIMIT_HOURS);
-  const useToolsForLlmConsoleResponses = true;
-  const autoStartAgentsOnMessage = true;
-  return {
-    shellCommand,
-    retrySecondsMax,
-    webTokenMax,
-    compactSessionEnabled,
-    preemptiveCompactEnabled,
-    variableMap,
-    shellVariableMap,
-    googleSearchEngineId,
-    spendLimitDollars,
-    spendLimitHours,
-    useToolsForLlmConsoleResponses,
-    autoStartAgentsOnMessage,
-  };
+    const googleSearchEngineId = variableMap.GOOGLE_SEARCH_ENGINE_ID;
+    const spendLimitDollars = sanitizeSpendLimit(variableMap.SPEND_LIMIT_DOLLARS);
+    const spendLimitHours = sanitizeSpendLimit(variableMap.SPEND_LIMIT_HOURS);
+    const useToolsForLlmConsoleResponses = true;
+    const autoStartAgentsOnMessage = true;
+    return {
+        shellCommand,
+        retrySecondsMax,
+        webTokenMax,
+        compactSessionEnabled,
+        preemptiveCompactEnabled,
+        variableMap,
+        shellVariableMap,
+        googleSearchEngineId,
+        spendLimitDollars,
+        spendLimitHours,
+        useToolsForLlmConsoleResponses,
+        autoStartAgentsOnMessage,
+    };
 }

package/dist/hateoas-types.js

@@ -1,42 +1,42 @@
 import { z } from "zod/v4";
 export const HateoasLinkSchema = z.object({
-  rel: z.string(),
-  href: z.string(),
-  method: z.string().optional(),
-  title: z.string().optional(),
-  schema: z.string().optional(),
+    rel: z.string(),
+    href: z.string(),
+    method: z.string().optional(),
+    title: z.string().optional(),
+    schema: z.string().optional(),
 });
 export const AlternateEncodingSchema = z.object({
-  contentType: z.string(),
-  description: z.string().optional(),
-  fileFields: z.array(z.string()),
+    contentType: z.string(),
+    description: z.string().optional(),
+    fileFields: z.array(z.string()),
 });
 export const HateoasActionSchema = z.object({
-  rel: z.string(),
-  href: z.string(),
-  method: z.string(),
-  title: z.string().optional(),
-  schema: z.string().optional(),
-  body: z.record(z.string(), z.unknown()).optional(),
-  alternateEncoding: AlternateEncodingSchema.optional(),
-  disabled: z.boolean().optional(),
-  disabledReason: z.union([z.string(), z.array(z.string())]).optional(),
+    rel: z.string(),
+    href: z.string(),
+    method: z.string(),
+    title: z.string().optional(),
+    schema: z.string().optional(),
+    body: z.record(z.string(), z.unknown()).optional(),
+    alternateEncoding: AlternateEncodingSchema.optional(),
+    disabled: z.boolean().optional(),
+    disabledReason: z.union([z.string(), z.array(z.string())]).optional(),
 });
 export const HateoasActionTemplateSchema = z.object({
-  rel: z.string(),
-  hrefTemplate: z.string(),
-  method: z.string(),
-  title: z.string().optional(),
-  schema: z.string().optional(),
-  body: z.record(z.string(), z.unknown()).optional(),
-  alternateEncoding: AlternateEncodingSchema.optional(),
+    rel: z.string(),
+    hrefTemplate: z.string(),
+    method: z.string(),
+    title: z.string().optional(),
+    schema: z.string().optional(),
+    body: z.record(z.string(), z.unknown()).optional(),
+    alternateEncoding: AlternateEncodingSchema.optional(),
 });
 export const HateoasLinkTemplateSchema = z.object({
-  rel: z.string(),
-  hrefTemplate: z.string(),
-  title: z.string().optional(),
+    rel: z.string(),
+    hrefTemplate: z.string(),
+    title: z.string().optional(),
 });
 export const HateoasLinksSchema = z.object({
-  _links: z.array(HateoasLinkSchema),
-  _actions: z.array(HateoasActionSchema).optional(),
+    _links: z.array(HateoasLinkSchema),
+    _actions: z.array(HateoasActionSchema).optional(),
 });

package/dist/hateoas.js

@@ -4,59 +4,63 @@
  * (e.g. when rendering a disabled button with a tooltip).
  */
 export function hasAction(actions, rel, opts) {
-  const a = actions?.find((a) => a.rel === rel);
-  if (!a) return undefined;
-  if (a.disabled && !opts?.includeDisabled) return undefined;
-  return a;
+    const a = actions?.find((a) => a.rel === rel);
+    if (!a)
+        return undefined;
+    if (a.disabled && !opts?.includeDisabled)
+        return undefined;
+    return a;
 }
 export function hasActionTemplate(templates, rel) {
-  return templates?.find((t) => t.rel === rel);
+    return templates?.find((t) => t.rel === rel);
 }
 export function hasLinkTemplate(templates, rel) {
-  return templates?.find((t) => t.rel === rel);
+    return templates?.find((t) => t.rel === rel);
 }
 export function resolveActions(defs, baseHref, ctx, checkPermission) {
-  const actions = [];
-  for (const def of defs) {
-    if (def.statuses) {
-      const status = ctx.status;
-      if (!status || !def.statuses.includes(status)) continue;
+    const actions = [];
+    for (const def of defs) {
+        if (def.statuses) {
+            const status = ctx.status;
+            if (!status || !def.statuses.includes(status))
+                continue;
+        }
+        if (def.visibleWhen && !def.visibleWhen(ctx))
+            continue;
+        const hasPerm = !def.permission || checkPermission(def.permission);
+        if (def.hideWithoutPermission && !hasPerm)
+            continue;
+        const gate = !hasPerm && def.permission
+            ? {
+                disabled: true,
+                disabledReason: `Requires ${def.permission} permission`,
+            }
+            : {};
+        const disabledReason = hasPerm && def.disabledWhen ? def.disabledWhen(ctx) : null;
+        actions.push({
+            rel: def.rel,
+            href: def.href ?? baseHref + (def.path ?? ""),
+            method: def.method,
+            title: def.title,
+            ...(def.schema ? { schema: def.schema } : {}),
+            ...(def.body ? { body: def.body } : {}),
+            ...gate,
+            ...(disabledReason ? { disabled: true, disabledReason } : {}),
+        });
     }
-    if (def.visibleWhen && !def.visibleWhen(ctx)) continue;
-    const hasPerm = !def.permission || checkPermission(def.permission);
-    if (def.hideWithoutPermission && !hasPerm) continue;
-    const gate =
-      !hasPerm && def.permission
-        ? {
-            disabled: true,
-            disabledReason: `Requires ${def.permission} permission`,
-          }
-        : {};
-    const disabledReason =
-      hasPerm && def.disabledWhen ? def.disabledWhen(ctx) : null;
-    actions.push({
-      rel: def.rel,
-      href: def.href ?? baseHref + (def.path ?? ""),
-      method: def.method,
-      title: def.title,
-      ...(def.schema ? { schema: def.schema } : {}),
-      ...(def.body ? { body: def.body } : {}),
-      ...gate,
-      ...(disabledReason ? { disabled: true, disabledReason } : {}),
-    });
-  }
-  return actions;
+    return actions;
 }
 export function permGate(hasPerm, permission) {
-  return hasPerm
-    ? {}
-    : {
-        disabled: true,
-        disabledReason: `Requires ${permission} permission`,
-      };
+    return hasPerm
+        ? {}
+        : {
+            disabled: true,
+            disabledReason: `Requires ${permission} permission`,
+        };
 }
 /** Normalize a `disabledReason` (string | string[] | undefined) to a single display string. */
 export function formatDisabledReason(reason) {
-  if (!reason) return undefined;
-  return Array.isArray(reason) ? reason.join("\n") : reason;
+    if (!reason)
+        return undefined;
+    return Array.isArray(reason) ? reason.join("\n") : reason;
 }

package/dist/lenientJsonParser.js

@@ -7,16 +7,13 @@
  * Interface is duck-typed so @naisys/common doesn't need a Fastify dependency.
  */
 export function registerLenientJsonParser(fastify) {
-  fastify.addContentTypeParser(
-    "application/json",
-    { parseAs: "string" },
-    (_req, body, done) => {
-      try {
-        done(null, body.length > 0 ? JSON.parse(body) : {});
-      } catch (err) {
-        err.statusCode = 400;
-        done(err, undefined);
-      }
-    },
-  );
+    fastify.addContentTypeParser("application/json", { parseAs: "string" }, (_req, body, done) => {
+        try {
+            done(null, body.length > 0 ? JSON.parse(body) : {});
+        }
+        catch (err) {
+            err.statusCode = 400;
+            done(err, undefined);
+        }
+    });
 }

package/dist/mimeTypes.js

@@ -1,25 +1,25 @@
 const MIME_TYPES = {
-  // Images
-  ".jpg": "image/jpeg",
-  ".jpeg": "image/jpeg",
-  ".png": "image/png",
-  ".gif": "image/gif",
-  ".webp": "image/webp",
-  ".svg": "image/svg+xml",
-  ".bmp": "image/bmp",
-  // Audio
-  ".wav": "audio/wav",
-  ".mp3": "audio/mpeg",
-  ".m4a": "audio/mp4",
-  ".flac": "audio/flac",
-  ".ogg": "audio/ogg",
-  ".webm": "audio/webm",
-  // Documents
-  ".pdf": "application/pdf",
-  ".txt": "text/plain",
-  ".json": "application/json",
+    // Images
+    ".jpg": "image/jpeg",
+    ".jpeg": "image/jpeg",
+    ".png": "image/png",
+    ".gif": "image/gif",
+    ".webp": "image/webp",
+    ".svg": "image/svg+xml",
+    ".bmp": "image/bmp",
+    // Audio
+    ".wav": "audio/wav",
+    ".mp3": "audio/mpeg",
+    ".m4a": "audio/mp4",
+    ".flac": "audio/flac",
+    ".ogg": "audio/ogg",
+    ".webm": "audio/webm",
+    // Documents
+    ".pdf": "application/pdf",
+    ".txt": "text/plain",
+    ".json": "application/json",
 };
 export function mimeFromFilename(filename) {
-  const ext = filename.slice(filename.lastIndexOf(".")).toLowerCase();
-  return MIME_TYPES[ext] ?? "application/octet-stream";
+    const ext = filename.slice(filename.lastIndexOf(".")).toLowerCase();
+    return MIME_TYPES[ext] ?? "application/octet-stream";
 }

package/dist/modelTypes.js

@@ -3,15 +3,15 @@ import { builtInImageModels, builtInLlmModels } from "./builtInModels.js";
 // --- Enums ---
 export var LlmApiType;
 (function (LlmApiType) {
-  LlmApiType["OpenAI"] = "openai";
-  LlmApiType["Google"] = "google";
-  LlmApiType["Anthropic"] = "anthropic";
-  LlmApiType["Mock"] = "mock";
-  LlmApiType["None"] = "none";
+    LlmApiType["OpenAI"] = "openai";
+    LlmApiType["Google"] = "google";
+    LlmApiType["Anthropic"] = "anthropic";
+    LlmApiType["Mock"] = "mock";
+    LlmApiType["None"] = "none";
 })(LlmApiType || (LlmApiType = {}));
 // --- Model schemas ---
 export const LlmModelSchema = z
-  .object({
+    .object({
     key: z.string().min(1),
     label: z.string().min(1),
     versionName: z.string().min(1),
@@ -27,119 +27,116 @@ export const LlmModelSchema = z
     supportsVision: z.boolean().optional(),
     supportsHearing: z.boolean().optional(),
     supportsComputerUse: z.boolean().optional(),
-  })
-  .superRefine((data, ctx) => {
-    if (
-      data.baseUrl &&
-      ![LlmApiType.OpenAI, LlmApiType.Anthropic, LlmApiType.Google].includes(
-        data.apiType,
-      )
-    ) {
-      ctx.addIssue({
-        code: z.ZodIssueCode.custom,
-        message: `baseUrl is only supported for OpenAI, Anthropic, and Google API types (got "${data.apiType}")`,
-        path: ["baseUrl"],
-      });
+})
+    .superRefine((data, ctx) => {
+    if (data.baseUrl &&
+        ![LlmApiType.OpenAI, LlmApiType.Anthropic, LlmApiType.Google].includes(data.apiType)) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            message: `baseUrl is only supported for OpenAI, Anthropic, and Google API types (got "${data.apiType}")`,
+            path: ["baseUrl"],
+        });
     }
-  });
+});
 export const ImageModelSchema = z.object({
-  key: z.string().min(1),
-  label: z.string().min(1),
-  versionName: z.string().min(1),
-  size: z.string().min(1),
-  baseUrl: z.string().optional(),
-  apiKeyVar: z.string(),
-  cost: z.number(),
-  quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
+    key: z.string().min(1),
+    label: z.string().min(1),
+    versionName: z.string().min(1),
+    size: z.string().min(1),
+    baseUrl: z.string().optional(),
+    apiKeyVar: z.string(),
+    cost: z.number(),
+    quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
 });
 // --- Custom models file schema ---
 export const CustomModelsFileSchema = z.object({
-  llmModels: z.array(LlmModelSchema).optional(),
-  imageModels: z.array(ImageModelSchema).optional(),
+    llmModels: z.array(LlmModelSchema).optional(),
+    imageModels: z.array(ImageModelSchema).optional(),
 });
 // --- DB meta schemas (for JSON stored in models.meta column) ---
 const LlmMetaSchema = z.object({
-  apiType: z.enum(LlmApiType),
-  maxTokens: z.number().int().positive(),
-  baseUrl: z.string().optional(),
-  apiKeyVar: z.string(),
-  inputCost: z.number().default(0),
-  outputCost: z.number().default(0),
-  cacheWriteCost: z.number().optional(),
-  cacheReadCost: z.number().optional(),
-  cacheTtlSeconds: z.number().int().positive().optional(),
-  supportsVision: z.boolean().optional(),
-  supportsHearing: z.boolean().optional(),
-  supportsComputerUse: z.boolean().optional(),
+    apiType: z.enum(LlmApiType),
+    maxTokens: z.number().int().positive(),
+    baseUrl: z.string().optional(),
+    apiKeyVar: z.string(),
+    inputCost: z.number().default(0),
+    outputCost: z.number().default(0),
+    cacheWriteCost: z.number().optional(),
+    cacheReadCost: z.number().optional(),
+    cacheTtlSeconds: z.number().int().positive().optional(),
+    supportsVision: z.boolean().optional(),
+    supportsHearing: z.boolean().optional(),
+    supportsComputerUse: z.boolean().optional(),
 });
 const ImageMetaSchema = z.object({
-  size: z.string().min(1),
-  baseUrl: z.string().optional(),
-  apiKeyVar: z.string(),
-  cost: z.number(),
-  quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
+    size: z.string().min(1),
+    baseUrl: z.string().optional(),
+    apiKeyVar: z.string(),
+    cost: z.number(),
+    quality: z.enum(["standard", "hd", "high", "medium", "low"]).optional(),
 });
 export function llmModelToDbFields(model, isBuiltin, isCustom) {
-  const { key, label, versionName, ...metaFields } = model;
-  return {
-    key,
-    type: "llm",
-    label,
-    version_name: versionName,
-    is_builtin: isBuiltin,
-    is_custom: isCustom,
-    meta: JSON.stringify(metaFields),
-  };
+    const { key, label, versionName, ...metaFields } = model;
+    return {
+        key,
+        type: "llm",
+        label,
+        version_name: versionName,
+        is_builtin: isBuiltin,
+        is_custom: isCustom,
+        meta: JSON.stringify(metaFields),
+    };
 }
 export function imageModelToDbFields(model, isBuiltin, isCustom) {
-  const { key, label, versionName, ...metaFields } = model;
-  return {
-    key,
-    type: "image",
-    label,
-    version_name: versionName,
-    is_builtin: isBuiltin,
-    is_custom: isCustom,
-    meta: JSON.stringify(metaFields),
-  };
+    const { key, label, versionName, ...metaFields } = model;
+    return {
+        key,
+        type: "image",
+        label,
+        version_name: versionName,
+        is_builtin: isBuiltin,
+        is_custom: isCustom,
+        meta: JSON.stringify(metaFields),
+    };
 }
 export function dbFieldsToLlmModel(row) {
-  const meta = LlmMetaSchema.parse(JSON.parse(row.meta));
-  return {
-    key: row.key,
-    label: row.label,
-    versionName: row.version_name,
-    ...meta,
-  };
+    const meta = LlmMetaSchema.parse(JSON.parse(row.meta));
+    return {
+        key: row.key,
+        label: row.label,
+        versionName: row.version_name,
+        ...meta,
+    };
 }
 export function dbFieldsToImageModel(row) {
-  const meta = ImageMetaSchema.parse(JSON.parse(row.meta));
-  return {
-    key: row.key,
-    label: row.label,
-    versionName: row.version_name,
-    ...meta,
-  };
+    const meta = ImageMetaSchema.parse(JSON.parse(row.meta));
+    return {
+        key: row.key,
+        label: row.label,
+        versionName: row.version_name,
+        ...meta,
+    };
 }
 // --- Merge helpers ---
 function mergeModels(builtIn, custom) {
-  if (!custom || custom.length === 0) {
-    return [...builtIn];
-  }
-  const result = [...builtIn];
-  for (const c of custom) {
-    const idx = result.findIndex((m) => m.key === c.key);
-    if (idx >= 0) {
-      result[idx] = c;
-    } else {
-      result.push(c);
+    if (!custom || custom.length === 0) {
+        return [...builtIn];
+    }
+    const result = [...builtIn];
+    for (const c of custom) {
+        const idx = result.findIndex((m) => m.key === c.key);
+        if (idx >= 0) {
+            result[idx] = c;
+        }
+        else {
+            result.push(c);
+        }
     }
-  }
-  return result;
+    return result;
 }
 export function getAllLlmModels(customLlmModels) {
-  return mergeModels(builtInLlmModels, customLlmModels);
+    return mergeModels(builtInLlmModels, customLlmModels);
 }
 export function getAllImageModels(customImageModels) {
-  return mergeModels(builtInImageModels, customImageModels);
+    return mergeModels(builtInImageModels, customImageModels);
 }

package/dist/securityHeaders.js

@@ -4,19 +4,13 @@
  * Interfaces are duck-typed so @naisys/common doesn't need a Fastify dependency.
  */
 export function registerSecurityHeaders(fastify, options) {
-  fastify.addHook("onSend", (_request, reply, _payload, done) => {
-    reply.header("X-Content-Type-Options", "nosniff");
-    reply.header("X-Frame-Options", "DENY");
-    reply.header(
-      "Content-Security-Policy",
-      "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; connect-src 'self' ws: wss:; font-src 'self' data:; frame-ancestors 'none'",
-    );
-    if (options.enforceHsts) {
-      reply.header(
-        "Strict-Transport-Security",
-        "max-age=31536000; includeSubDomains",
-      );
-    }
-    done();
-  });
+    fastify.addHook("onSend", (_request, reply, _payload, done) => {
+        reply.header("X-Content-Type-Options", "nosniff");
+        reply.header("X-Frame-Options", "DENY");
+        reply.header("Content-Security-Policy", "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; connect-src 'self' ws: wss:; font-src 'self' data:; frame-ancestors 'none'");
+        if (options.enforceHsts) {
+            reply.header("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
+        }
+        done();
+    });
 }

package/dist/sleep.js

@@ -1,4 +1,4 @@
 /** Async sleep utility. Usage: `await sleep(1000)` */
 export function sleep(ms) {
-  return new Promise((resolve) => setTimeout(resolve, ms));
+    return new Promise((resolve) => setTimeout(resolve, ms));
 }

package/dist/urlSafeKey.js

@@ -1,20 +1,17 @@
 /** Characters allowed in URL path segments used as database keys (usernames, hostnames). */
 export const URL_SAFE_KEY_REGEX = /^[a-zA-Z0-9_-]+$/;
-export const URL_SAFE_KEY_MESSAGE =
-  "Must contain only letters, numbers, hyphens, and underscores";
+export const URL_SAFE_KEY_MESSAGE = "Must contain only letters, numbers, hyphens, and underscores";
 /** Sanitize a string into a URL-safe key (replace spaces/special chars with hyphens). */
 export function toUrlSafeKey(input) {
-  return input
-    .trim()
-    .replace(/[^a-zA-Z0-9_-]/g, "-")
-    .replace(/-{2,}/g, "-")
-    .replace(/^-+|-+$/g, "");
+    return input
+        .trim()
+        .replace(/[^a-zA-Z0-9_-]/g, "-")
+        .replace(/-{2,}/g, "-")
+        .replace(/^-+|-+$/g, "");
 }
 /** Throws if the value is not a valid URL-safe key. */
 export function assertUrlSafeKey(value, label) {
-  if (!URL_SAFE_KEY_REGEX.test(value)) {
-    throw new Error(
-      `${label} "${value}" is not URL-safe. ${URL_SAFE_KEY_MESSAGE}`,
-    );
-  }
+    if (!URL_SAFE_KEY_REGEX.test(value)) {
+        throw new Error(`${label} "${value}" is not URL-safe. ${URL_SAFE_KEY_MESSAGE}`);
+    }
 }