@node-llm/core 1.6.2 → 1.8.0

package/dist/providers/openai/Chat.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Chat.d.ts","sourceRoot":"","sources":["../../../src/providers/openai/Chat.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAS3D,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD,qBAAa,UAAU;IAInB,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,MAAM;IAJzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAGd,aAAa,EAAE,cAAc,GAAG,MAAM,EACtC,MAAM,EAAE,MAAM;IAK3B,OAAO,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC;CA6F3D"}
+{"version":3,"file":"Chat.d.ts","sourceRoot":"","sources":["../../../src/providers/openai/Chat.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAS3D,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD,qBAAa,UAAU;IAInB,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,MAAM;IAJzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAGd,aAAa,EAAE,cAAc,GAAG,MAAM,EACtC,MAAM,EAAE,MAAM;IAK3B,OAAO,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC;CA+G3D"}

package/dist/providers/openai/Chat.js

@@ -21,7 +21,7 @@ export class OpenAIChat {
             (typeof this.providerOrUrl === "string"
                 ? Capabilities.supportsDeveloperRole(request.model)
                 : this.providerOrUrl.capabilities?.supportsDeveloperRole(request.model));
-        const { model, messages, tools, temperature: _, max_tokens, response_format, headers: _headers, requestTimeout: _requestTimeout, signal, ...rest } = request;
+        const { model, messages, tools, temperature: _, max_tokens, response_format, thinking, headers: _headers, requestTimeout: _requestTimeout, signal, ...rest } = request;
         const mappedMessages = mapSystemMessages(messages, !!supportsDeveloperRole);
         const body = {
             model,
@@ -42,6 +42,9 @@ export class OpenAIChat {
             body.tools = tools;
         if (response_format)
             body.response_format = response_format;
+        if (thinking?.effort && thinking.effort !== "none") {
+            body.reasoning_effort = thinking.effort;
+        }
         const url = buildUrl(this.baseUrl, "/chat/completions");
         logger.logRequest("OpenAI", "POST", url, body);
         const response = await fetchWithTimeout(url, {
@@ -62,7 +65,7 @@ export class OpenAIChat {
         const message = json.choices[0]?.message;
         const content = message?.content ?? null;
         const tool_calls = message?.tool_calls;
-        const reasoning = message?.reasoning_content || null;
+        const reasoningText = message?.reasoning_content || null;
         const usage = json.usage
             ? {
                 input_tokens: json.usage.prompt_tokens,
@@ -72,10 +75,22 @@ export class OpenAIChat {
                 reasoning_tokens: json.usage.completion_tokens_details?.reasoning_tokens
             }
             : undefined;
+        const thinkingResult = reasoningText || usage?.reasoning_tokens
+            ? {
+                text: reasoningText || undefined,
+                tokens: usage?.reasoning_tokens
+            }
+            : undefined;
         if (!content && !tool_calls) {
             throw new Error("OpenAI returned empty response");
         }
         const calculatedUsage = usage ? ModelRegistry.calculateCost(usage, model, "openai") : undefined;
-        return { content, tool_calls, usage: calculatedUsage, reasoning };
+        return {
+            content,
+            tool_calls,
+            usage: calculatedUsage,
+            thinking: thinkingResult,
+            reasoning: reasoningText
+        };
     }
 }

package/dist/providers/openai/Streaming.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"Streaming.d.ts","sourceRoot":"","sources":["../../../src/providers/openai/Streaming.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAQxD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD,qBAAa,eAAe;IAIxB,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,MAAM;IAJzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAGd,aAAa,EAAE,cAAc,GAAG,MAAM,EACtC,MAAM,EAAE,MAAM;IAK1B,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,CAAC,EAAE,eAAe,GAAG,cAAc,CAAC,SAAS,CAAC;CA0L9F"}
+{"version":3,"file":"Streaming.d.ts","sourceRoot":"","sources":["../../../src/providers/openai/Streaming.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAQxD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD,qBAAa,eAAe;IAIxB,OAAO,CAAC,QAAQ,CAAC,aAAa;IAC9B,OAAO,CAAC,QAAQ,CAAC,MAAM;IAJzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;gBAGd,aAAa,EAAE,cAAc,GAAG,MAAM,EACtC,MAAM,EAAE,MAAM;IAK1B,OAAO,CAAC,OAAO,EAAE,WAAW,EAAE,UAAU,CAAC,EAAE,eAAe,GAAG,cAAc,CAAC,SAAS,CAAC;CAoM9F"}

package/dist/providers/openai/Streaming.js

@@ -15,8 +15,9 @@ export class OpenAIStreaming {
         this.baseUrl = typeof providerOrUrl === "string" ? providerOrUrl : providerOrUrl.apiBase();
     }
     async *execute(request, controller) {
-        const abortController = controller ||
-            (request.signal ? { signal: request.signal } : new AbortController());
+        const internalController = new AbortController();
+        const abortController = controller || internalController;
+        const signal = request.signal ? request.signal : abortController.signal;
         const temperature = Capabilities.normalizeTemperature(request.temperature, request.model);
         const isMainOpenAI = this.baseUrl.includes("api.openai.com");
         const supportsDeveloperRole = isMainOpenAI &&
@@ -46,6 +47,9 @@ export class OpenAIStreaming {
         if (request.tools && request.tools.length > 0) {
             body.tools = request.tools;
         }
+        if (request.thinking?.effort && request.thinking.effort !== "none") {
+            body.reasoning_effort = request.thinking.effort;
+        }
         let done = false;
         // Track tool calls being built across chunks
         const toolCallsMap = new Map();
@@ -60,7 +64,7 @@ export class OpenAIStreaming {
                     ...request.headers
                 },
                 body: JSON.stringify(body),
-                signal: abortController.signal
+                signal
             }, request.requestTimeout);
             if (!response.ok) {
                 await handleOpenAIError(response, request.model);
@@ -119,6 +123,10 @@ export class OpenAIStreaming {
                         if (delta?.content) {
                             yield { content: delta.content };
                         }
+                        // Handle reasoning content delta
+                        if (delta?.reasoning_content) {
+                            yield { content: "", thinking: { text: delta.reasoning_content } };
+                        }
                         // Handle tool calls delta
                         if (delta?.tool_calls) {
                             for (const toolCallDelta of delta.tool_calls) {

package/dist/providers/registry.d.ts

@@ -5,6 +5,7 @@ import { registerGeminiProvider } from "./gemini/index.js";
 import { registerDeepSeekProvider } from "./deepseek/index.js";
 import { registerOllamaProvider } from "./ollama/index.js";
 import { registerOpenRouterProvider } from "./openrouter/index.js";
+import { registerBedrockProvider } from "./bedrock/index.js";
 import { NodeLLMConfig } from "../config.js";
 type ProviderFactory = (config?: NodeLLMConfig) => Provider;
 declare class ProviderRegistry {
@@ -42,5 +43,5 @@ declare class ProviderRegistry {
  * ```
  */
 export declare const providerRegistry: ProviderRegistry;
-export { registerOpenAIProvider as ensureOpenAIRegistered, registerOpenAIProvider, registerAnthropicProvider, registerGeminiProvider, registerDeepSeekProvider, registerOllamaProvider, registerOpenRouterProvider };
+export { registerOpenAIProvider as ensureOpenAIRegistered, registerOpenAIProvider, registerAnthropicProvider, registerGeminiProvider, registerDeepSeekProvider, registerOllamaProvider, registerOpenRouterProvider, registerBedrockProvider };
 //# sourceMappingURL=registry.d.ts.map

package/dist/providers/registry.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/providers/registry.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,OAAO,EAAE,yBAAyB,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,OAAO,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,OAAO,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAC;AAEnE,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,KAAK,eAAe,GAAG,CAAC,MAAM,CAAC,EAAE,aAAa,KAAK,QAAQ,CAAC;AAE5D,cAAM,gBAAgB;IACpB,OAAO,CAAC,SAAS,CAAsC;IAEvD;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,GAAG,IAAI;IAQtD;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,aAAa,GAAG,QAAQ;IAUvD;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAI1B;;OAEG;IACH,IAAI,IAAI,MAAM,EAAE;CAGjB;AAED;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,gBAAgB,kBAAyB,CAAC;AAGvD,OAAO,EACL,sBAAsB,IAAI,sBAAsB,EAChD,sBAAsB,EACtB,yBAAyB,EACzB,sBAAsB,EACtB,wBAAwB,EACxB,sBAAsB,EACtB,0BAA0B,EAC3B,CAAC"}
+{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/providers/registry.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,OAAO,EAAE,yBAAyB,EAAE,MAAM,sBAAsB,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,OAAO,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,OAAO,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAC;AACnE,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAC;AAE7D,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,KAAK,eAAe,GAAG,CAAC,MAAM,CAAC,EAAE,aAAa,KAAK,QAAQ,CAAC;AAE5D,cAAM,gBAAgB;IACpB,OAAO,CAAC,SAAS,CAAsC;IAEvD;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,GAAG,IAAI;IAQtD;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,aAAa,GAAG,QAAQ;IAUvD;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAI1B;;OAEG;IACH,IAAI,IAAI,MAAM,EAAE;CAGjB;AAED;;;;;;;;;;;;;;GAcG;AACH,eAAO,MAAM,gBAAgB,kBAAyB,CAAC;AAGvD,OAAO,EACL,sBAAsB,IAAI,sBAAsB,EAChD,sBAAsB,EACtB,yBAAyB,EACzB,sBAAsB,EACtB,wBAAwB,EACxB,sBAAsB,EACtB,0BAA0B,EAC1B,uBAAuB,EACxB,CAAC"}

package/dist/providers/registry.js

@@ -4,6 +4,7 @@ import { registerGeminiProvider } from "./gemini/index.js";
 import { registerDeepSeekProvider } from "./deepseek/index.js";
 import { registerOllamaProvider } from "./ollama/index.js";
 import { registerOpenRouterProvider } from "./openrouter/index.js";
+import { registerBedrockProvider } from "./bedrock/index.js";
 class ProviderRegistry {
     providers = new Map();
     /**
@@ -55,4 +56,4 @@ class ProviderRegistry {
  */
 export const providerRegistry = new ProviderRegistry();
 // Exported registration functions (delegates to provider-specific index files)
-export { registerOpenAIProvider as ensureOpenAIRegistered, registerOpenAIProvider, registerAnthropicProvider, registerGeminiProvider, registerDeepSeekProvider, registerOllamaProvider, registerOpenRouterProvider };
+export { registerOpenAIProvider as ensureOpenAIRegistered, registerOpenAIProvider, registerAnthropicProvider, registerGeminiProvider, registerDeepSeekProvider, registerOllamaProvider, registerOpenRouterProvider, registerBedrockProvider };

package/dist/utils/AwsSigV4.d.ts

@@ -0,0 +1,51 @@
+/**
+ * AWS Signature Version 4 (SigV4) Request Signing Utility
+ *
+ * This is a minimal, focused implementation for signing AWS API requests.
+ * It uses only Node.js native `crypto` module — no AWS SDK dependencies.
+ *
+ * Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html
+ */
+export interface AwsCredentials {
+    accessKeyId: string;
+    secretAccessKey: string;
+    sessionToken?: string;
+}
+export interface SignRequestOptions {
+    method: "POST" | "GET";
+    url: string;
+    body: string;
+    credentials: AwsCredentials;
+    region: string;
+    service: string;
+    timestamp?: Date;
+}
+export interface SignedHeaders {
+    host: string;
+    "x-amz-date": string;
+    "x-amz-content-sha256": string;
+    authorization: string;
+    "x-amz-security-token"?: string;
+}
+/**
+ * Sign an AWS API request using SigV4.
+ *
+ * @param options - The request details and credentials
+ * @returns Headers to include in the HTTP request
+ *
+ * @example
+ * ```ts
+ * const headers = signRequest({
+ *   method: "POST",
+ *   url: "https://bedrock-runtime.us-east-1.amazonaws.com/model/.../converse",
+ *   body: JSON.stringify({ messages: [...] }),
+ *   credentials: { accessKeyId: "...", secretAccessKey: "..." },
+ *   region: "us-east-1",
+ *   service: "bedrock"
+ * });
+ *
+ * fetch(url, { headers: { ...headers, "Content-Type": "application/json" }, body });
+ * ```
+ */
+export declare function signRequest(options: SignRequestOptions): SignedHeaders;
+//# sourceMappingURL=AwsSigV4.d.ts.map

package/dist/utils/AwsSigV4.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"AwsSigV4.d.ts","sourceRoot":"","sources":["../../src/utils/AwsSigV4.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAQH,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,MAAM,GAAG,KAAK,CAAC;IACvB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,cAAc,CAAC;IAC5B,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,IAAI,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,sBAAsB,EAAE,MAAM,CAAC;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AA8KD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,kBAAkB,GAAG,aAAa,CAwEtE"}

package/dist/utils/AwsSigV4.js

@@ -0,0 +1,209 @@
+/**
+ * AWS Signature Version 4 (SigV4) Request Signing Utility
+ *
+ * This is a minimal, focused implementation for signing AWS API requests.
+ * It uses only Node.js native `crypto` module — no AWS SDK dependencies.
+ *
+ * Reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html
+ */
+import { createHmac, createHash } from "node:crypto";
+// ─────────────────────────────────────────────────────────────────────────────
+// Constants
+// ─────────────────────────────────────────────────────────────────────────────
+const ALGORITHM = "AWS4-HMAC-SHA256";
+const AWS4_REQUEST = "aws4_request";
+// ─────────────────────────────────────────────────────────────────────────────
+// Helper Functions
+// ─────────────────────────────────────────────────────────────────────────────
+/**
+ * SHA256 hash of a string, returned as hex.
+ */
+function sha256Hex(data) {
+    return createHash("sha256").update(data, "utf8").digest("hex");
+}
+/**
+ * HMAC-SHA256, returns raw bytes (Buffer).
+ */
+function hmacSha256(key, data) {
+    return createHmac("sha256", key).update(data, "utf8").digest();
+}
+/**
+ * HMAC-SHA256, returns hex string.
+ */
+function hmacSha256Hex(key, data) {
+    return createHmac("sha256", key).update(data, "utf8").digest("hex");
+}
+/**
+ * Format a Date as AWS timestamp: YYYYMMDD'T'HHMMSS'Z'
+ */
+function formatAmzDate(date) {
+    return date.toISOString().replace(/[:-]|\.\d{3}/g, "");
+}
+/**
+ * Extract just the date portion: YYYYMMDD
+ */
+function formatDateOnly(amzDate) {
+    return amzDate.substring(0, 8);
+}
+/**
+ * Parse host from URL.
+ */
+function extractHost(url) {
+    const parsed = new URL(url);
+    return parsed.host;
+}
+/**
+ * Parse path from URL (without query string).
+ */
+function extractPath(url) {
+    const parsed = new URL(url);
+    const path = parsed.pathname || "/";
+    return path
+        .split("/")
+        .map((segment) => encodeURIComponent(segment))
+        .join("/")
+        .replace(/%20/g, "%20") // encodeURIComponent already does %20
+        .replace(/'/g, "%27") // AWS expects single quotes encoded
+        .replace(/\(/g, "%28")
+        .replace(/\)/g, "%29")
+        .replace(/\*/g, "%2A");
+}
+// ─────────────────────────────────────────────────────────────────────────────
+// Core Signing Logic
+// ─────────────────────────────────────────────────────────────────────────────
+/**
+ * Step 4: Derive the signing key.
+ *
+ * kSecret  = "AWS4" + secretAccessKey
+ * kDate    = HMAC-SHA256(kSecret, dateStamp)
+ * kRegion  = HMAC-SHA256(kDate, region)
+ * kService = HMAC-SHA256(kRegion, service)
+ * kSigning = HMAC-SHA256(kService, "aws4_request")
+ */
+function deriveSigningKey(secretAccessKey, dateStamp, region, service) {
+    const kSecret = "AWS4" + secretAccessKey;
+    const kDate = hmacSha256(kSecret, dateStamp);
+    const kRegion = hmacSha256(kDate, region);
+    const kService = hmacSha256(kRegion, service);
+    const kSigning = hmacSha256(kService, AWS4_REQUEST);
+    return kSigning;
+}
+/**
+ * Step 2: Build the canonical request string.
+ *
+ * Format:
+ *   HTTPMethod
+ *   CanonicalURI
+ *   CanonicalQueryString (empty for us)
+ *   CanonicalHeaders
+ *   (blank line)
+ *   SignedHeaders
+ *   HashedPayload
+ */
+function buildCanonicalRequest(method, path, headers, signedHeadersList, payloadHash) {
+    // Sort headers alphabetically
+    const sortedHeaders = signedHeadersList.sort();
+    // Build canonical headers: each line is "lowercase-key:trimmed-value\n"
+    const canonicalHeaders = sortedHeaders
+        .map((key) => `${key}:${(headers[key] ?? "").trim()}`)
+        .join("\n");
+    // Signed headers: semicolon-separated list
+    const signedHeaders = sortedHeaders.join(";");
+    return [
+        method,
+        path,
+        "", // Query string (empty)
+        canonicalHeaders + "\n", // Must end with newline
+        signedHeaders,
+        payloadHash
+    ].join("\n");
+}
+/**
+ * Step 3: Build the string to sign.
+ *
+ * Format:
+ *   Algorithm
+ *   RequestDateTime
+ *   CredentialScope
+ *   HashedCanonicalRequest
+ */
+function buildStringToSign(amzDate, credentialScope, canonicalRequest) {
+    const hashedCanonicalRequest = sha256Hex(canonicalRequest);
+    return [ALGORITHM, amzDate, credentialScope, hashedCanonicalRequest].join("\n");
+}
+/**
+ * Step 6: Build the Authorization header value.
+ */
+function buildAuthorizationHeader(accessKeyId, credentialScope, signedHeaders, signature) {
+    return `${ALGORITHM} Credential=${accessKeyId}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;
+}
+// ─────────────────────────────────────────────────────────────────────────────
+// Public API
+// ─────────────────────────────────────────────────────────────────────────────
+/**
+ * Sign an AWS API request using SigV4.
+ *
+ * @param options - The request details and credentials
+ * @returns Headers to include in the HTTP request
+ *
+ * @example
+ * ```ts
+ * const headers = signRequest({
+ *   method: "POST",
+ *   url: "https://bedrock-runtime.us-east-1.amazonaws.com/model/.../converse",
+ *   body: JSON.stringify({ messages: [...] }),
+ *   credentials: { accessKeyId: "...", secretAccessKey: "..." },
+ *   region: "us-east-1",
+ *   service: "bedrock"
+ * });
+ *
+ * fetch(url, { headers: { ...headers, "Content-Type": "application/json" }, body });
+ * ```
+ */
+export function signRequest(options) {
+    const { method, url, body, credentials, region, service, timestamp } = options;
+    // Timestamps (use provided timestamp for testing, or current time)
+    const now = timestamp ?? new Date();
+    const amzDate = formatAmzDate(now);
+    const dateStamp = formatDateOnly(amzDate);
+    // Step 1: Hash the payload
+    const payloadHash = sha256Hex(body);
+    // Extract URL components
+    const host = extractHost(url);
+    const path = extractPath(url);
+    // Build headers to sign (sorted alphabetically)
+    const headersToSign = {
+        host: host,
+        "x-amz-content-sha256": payloadHash,
+        "x-amz-date": amzDate
+    };
+    // Add session token if present
+    if (credentials.sessionToken) {
+        headersToSign["x-amz-security-token"] = credentials.sessionToken;
+    }
+    const signedHeadersList = Object.keys(headersToSign);
+    // Step 2: Canonical Request
+    const canonicalRequest = buildCanonicalRequest(method, path, headersToSign, signedHeadersList, payloadHash);
+    // Credential scope: date/region/service/aws4_request
+    const credentialScope = `${dateStamp}/${region}/${service}/${AWS4_REQUEST}`;
+    // Step 3: String to Sign
+    const stringToSign = buildStringToSign(amzDate, credentialScope, canonicalRequest);
+    // Step 4: Signing Key
+    const signingKey = deriveSigningKey(credentials.secretAccessKey, dateStamp, region, service);
+    // Step 5: Signature
+    const signature = hmacSha256Hex(signingKey, stringToSign);
+    // Step 6: Authorization Header
+    const signedHeaders = signedHeadersList.sort().join(";");
+    const authorization = buildAuthorizationHeader(credentials.accessKeyId, credentialScope, signedHeaders, signature);
+    // Build final headers
+    const result = {
+        host: host,
+        "x-amz-date": amzDate,
+        "x-amz-content-sha256": payloadHash,
+        authorization: authorization
+    };
+    if (credentials.sessionToken) {
+        result["x-amz-security-token"] = credentials.sessionToken;
+    }
+    return result;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@node-llm/core",
-  "version": "1.6.2",
+  "version": "1.8.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",