@paybond/kit 0.11.5 → 0.11.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/agent/interceptor.js +12 -3
- package/dist/cli/commands/agent.js +19 -11
- package/dist/cli/http-error-message.d.ts +13 -0
- package/dist/cli/http-error-message.js +93 -0
- package/dist/cli/offline-session.d.ts +9 -0
- package/dist/cli/offline-session.js +33 -0
- package/dist/cli/router.js +32 -1
- package/dist/gateway-retry.d.ts +16 -0
- package/dist/gateway-retry.js +83 -0
- package/dist/index.js +33 -106
- package/dist/mcp-server.js +1 -1
- package/package.json +2 -1
- package/templates/manifest.json +9 -9
- package/templates/openai-shopping-agent/package-lock.json +4 -4
- package/templates/openai-shopping-agent/package.json +1 -1
- package/templates/paybond-aws-operator/package-lock.json +4 -4
- package/templates/paybond-aws-operator/package.json +1 -1
- package/templates/paybond-claude-agents-demo/package-lock.json +4 -4
- package/templates/paybond-claude-agents-demo/package.json +1 -1
- package/templates/paybond-invoice-agent/requirements.txt +1 -1
- package/templates/paybond-mcp-coding-agent/package-lock.json +4 -4
- package/templates/paybond-mcp-coding-agent/package.json +1 -1
- package/templates/paybond-openai-agents-demo/package-lock.json +4 -4
- package/templates/paybond-openai-agents-demo/package.json +1 -1
- package/templates/paybond-procurement-agent/package-lock.json +4 -4
- package/templates/paybond-procurement-agent/package.json +1 -1
- package/templates/paybond-travel-agent/package-lock.json +4 -4
- package/templates/paybond-travel-agent/package.json +1 -1
- package/templates/paybond-vercel-shopping-agent/package-lock.json +4 -4
- package/templates/paybond-vercel-shopping-agent/package.json +1 -1
package/README.md
CHANGED
|
@@ -70,7 +70,7 @@ npx -p @paybond/kit paybond agent sandbox smoke \
|
|
|
70
70
|
--format json
|
|
71
71
|
```
|
|
72
72
|
|
|
73
|
-
With `--policy-file`, Kit sends `completion_preset` from the tool's `evidence_preset` and omits `evidence_schema` and `template_id` (Gateway rejects conflicting bootstrap fields). Requires `@paybond/kit` 0.11.
|
|
73
|
+
With `--policy-file`, Kit sends `completion_preset` from the tool's `evidence_preset` and omits `evidence_schema` and `template_id` (Gateway rejects conflicting bootstrap fields). Requires `@paybond/kit` 0.11.6+.
|
|
74
74
|
|
|
75
75
|
`agent sandbox smoke` only requires `@paybond/kit`. Framework demo commands (`agent demo vercel-ai smoke`, etc.) load their optional peers on demand.
|
|
76
76
|
|
|
@@ -332,9 +332,18 @@ export class PaybondToolInterceptor {
|
|
|
332
332
|
const toolCallId = input.toolCallId.trim();
|
|
333
333
|
const operation = (input.operation ?? defaultOperation).trim();
|
|
334
334
|
assertOperationAllowed(operation, this.binding.allowedTools);
|
|
335
|
-
|
|
336
|
-
|
|
337
|
-
|
|
335
|
+
let requestedSpendCents = input.requestedSpendCents;
|
|
336
|
+
if (requestedSpendCents === undefined) {
|
|
337
|
+
requestedSpendCents = this.binding.registry.resolveSpendCents(toolName, input.arguments);
|
|
338
|
+
}
|
|
339
|
+
if (this.binding.sandbox !== undefined) {
|
|
340
|
+
const sandboxSpend = this.binding.sandbox.requestedSpendCents;
|
|
341
|
+
requestedSpendCents =
|
|
342
|
+
requestedSpendCents === undefined
|
|
343
|
+
? sandboxSpend
|
|
344
|
+
: Math.min(requestedSpendCents, sandboxSpend);
|
|
345
|
+
}
|
|
346
|
+
requestedSpendCents ??= 0;
|
|
338
347
|
return {
|
|
339
348
|
toolName,
|
|
340
349
|
toolCallId,
|
|
@@ -748,18 +748,26 @@ export async function handleAgentSandboxSmoke(ctx, argv) {
|
|
|
748
748
|
const bindResult = await handleAgentRunBind(ctx, bindArgv);
|
|
749
749
|
smokeOperation = String(bindResult.data.operation ?? smokeOperation);
|
|
750
750
|
const runId = String(bindResult.data.run_id ?? "");
|
|
751
|
+
const storedForExecute = await loadAgentRunContext(ctx.cwd, runId);
|
|
752
|
+
const executeArgv = [
|
|
753
|
+
...(productionFlag.present ? ["--production"] : []),
|
|
754
|
+
"--run-id",
|
|
755
|
+
runId,
|
|
756
|
+
"--operation",
|
|
757
|
+
smokeOperation,
|
|
758
|
+
"--tool-call-id",
|
|
759
|
+
"smoke-1",
|
|
760
|
+
"--result-body",
|
|
761
|
+
JSON.stringify(resultBody),
|
|
762
|
+
];
|
|
763
|
+
if (storedForExecute.requested_spend_cents != null) {
|
|
764
|
+
executeArgv.push("--requested-spend-cents", String(storedForExecute.requested_spend_cents));
|
|
765
|
+
}
|
|
766
|
+
else if (resolvedSpend) {
|
|
767
|
+
executeArgv.push("--requested-spend-cents", resolvedSpend);
|
|
768
|
+
}
|
|
751
769
|
try {
|
|
752
|
-
const executeResult = await handleAgentToolExecute(ctx,
|
|
753
|
-
...(productionFlag.present ? ["--production"] : []),
|
|
754
|
-
"--run-id",
|
|
755
|
-
runId,
|
|
756
|
-
"--operation",
|
|
757
|
-
smokeOperation,
|
|
758
|
-
"--tool-call-id",
|
|
759
|
-
"smoke-1",
|
|
760
|
-
"--result-body",
|
|
761
|
-
JSON.stringify(resultBody),
|
|
762
|
-
]);
|
|
770
|
+
const executeResult = await handleAgentToolExecute(ctx, executeArgv);
|
|
763
771
|
const stored = await loadAgentRunContext(ctx.cwd, runId);
|
|
764
772
|
const bindForChecklist = {
|
|
765
773
|
...bindResult.data,
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { CliErrorDetails } from "./types.js";
|
|
2
|
+
/**
|
|
3
|
+
* Summarize an HTTP error body for operator-facing CLI output.
|
|
4
|
+
* Never includes raw edge payloads (Cloudflare ray IDs, zones, HTML, etc.).
|
|
5
|
+
*/
|
|
6
|
+
export declare function summarizeGatewayHttpError(statusCode: number, bodyText: string): {
|
|
7
|
+
message: string;
|
|
8
|
+
details: CliErrorDetails;
|
|
9
|
+
};
|
|
10
|
+
/**
|
|
11
|
+
* Build a CLI-safe message for SDK HTTP failures that embed raw bodies in `.message`.
|
|
12
|
+
*/
|
|
13
|
+
export declare function formatSdkHttpErrorMessage(rawMessage: string, statusCode: number, bodyText: string): string;
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
function asRecord(value) {
|
|
2
|
+
return value && typeof value === "object" && !Array.isArray(value)
|
|
3
|
+
? value
|
|
4
|
+
: undefined;
|
|
5
|
+
}
|
|
6
|
+
/**
|
|
7
|
+
* Summarize an HTTP error body for operator-facing CLI output.
|
|
8
|
+
* Never includes raw edge payloads (Cloudflare ray IDs, zones, HTML, etc.).
|
|
9
|
+
*/
|
|
10
|
+
export function summarizeGatewayHttpError(statusCode, bodyText) {
|
|
11
|
+
const trimmed = bodyText.trim();
|
|
12
|
+
if (!trimmed) {
|
|
13
|
+
return {
|
|
14
|
+
message: `Gateway HTTP ${statusCode}`,
|
|
15
|
+
details: { gateway_status: statusCode },
|
|
16
|
+
};
|
|
17
|
+
}
|
|
18
|
+
try {
|
|
19
|
+
const body = JSON.parse(trimmed);
|
|
20
|
+
if (body.cloudflare_error === true) {
|
|
21
|
+
const retryAfter = typeof body.retry_after === "number" ? body.retry_after : undefined;
|
|
22
|
+
const title = typeof body.title === "string"
|
|
23
|
+
? body.title.replace(/^Error \d+:\s*/i, "")
|
|
24
|
+
: "service temporarily unavailable";
|
|
25
|
+
let message = `Gateway unavailable (HTTP ${statusCode}): ${title}`;
|
|
26
|
+
if (retryAfter !== undefined) {
|
|
27
|
+
message += `. Retry after ${retryAfter} seconds.`;
|
|
28
|
+
}
|
|
29
|
+
return {
|
|
30
|
+
message,
|
|
31
|
+
details: {
|
|
32
|
+
gateway_status: statusCode,
|
|
33
|
+
...(retryAfter !== undefined ? { retry_after: retryAfter } : {}),
|
|
34
|
+
},
|
|
35
|
+
};
|
|
36
|
+
}
|
|
37
|
+
const nested = asRecord(body.error);
|
|
38
|
+
if (nested) {
|
|
39
|
+
const gatewayCode = typeof nested.code === "string" ? nested.code : String(nested.code ?? "");
|
|
40
|
+
const gatewayMessage = typeof nested.message === "string" ? nested.message : "";
|
|
41
|
+
if (gatewayMessage) {
|
|
42
|
+
return {
|
|
43
|
+
message: gatewayMessage,
|
|
44
|
+
details: {
|
|
45
|
+
gateway_status: statusCode,
|
|
46
|
+
...(gatewayCode ? { gateway_code: gatewayCode } : {}),
|
|
47
|
+
},
|
|
48
|
+
};
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
const flatMessage = typeof body.message === "string" ? body.message : "";
|
|
52
|
+
if (flatMessage) {
|
|
53
|
+
const gatewayCode = typeof body.code === "string" ? body.code : "";
|
|
54
|
+
return {
|
|
55
|
+
message: flatMessage,
|
|
56
|
+
details: {
|
|
57
|
+
gateway_status: statusCode,
|
|
58
|
+
...(gatewayCode ? { gateway_code: gatewayCode } : {}),
|
|
59
|
+
},
|
|
60
|
+
};
|
|
61
|
+
}
|
|
62
|
+
if (typeof body.title === "string") {
|
|
63
|
+
const detail = typeof body.detail === "string" ? body.detail : "";
|
|
64
|
+
const combined = detail ? `${body.title}: ${detail}` : body.title;
|
|
65
|
+
const message = combined.length > 240 ? `${combined.slice(0, 237)}...` : combined;
|
|
66
|
+
return {
|
|
67
|
+
message,
|
|
68
|
+
details: { gateway_status: statusCode },
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
catch {
|
|
73
|
+
// Non-JSON bodies must not be echoed (HTML, stack traces, etc.).
|
|
74
|
+
}
|
|
75
|
+
return {
|
|
76
|
+
message: `Gateway HTTP ${statusCode}`,
|
|
77
|
+
details: { gateway_status: statusCode },
|
|
78
|
+
};
|
|
79
|
+
}
|
|
80
|
+
/**
|
|
81
|
+
* Build a CLI-safe message for SDK HTTP failures that embed raw bodies in `.message`.
|
|
82
|
+
*/
|
|
83
|
+
export function formatSdkHttpErrorMessage(rawMessage, statusCode, bodyText) {
|
|
84
|
+
const operation = rawMessage.replace(/ HTTP \d+:[\s\S]*$/u, "").trim() || "Gateway request";
|
|
85
|
+
const summary = summarizeGatewayHttpError(statusCode, bodyText);
|
|
86
|
+
if (summary.message === `Gateway HTTP ${statusCode}`) {
|
|
87
|
+
return `${operation} HTTP ${statusCode}`;
|
|
88
|
+
}
|
|
89
|
+
if (summary.message.startsWith("Gateway unavailable")) {
|
|
90
|
+
return `${operation}: ${summary.message}`;
|
|
91
|
+
}
|
|
92
|
+
return `${operation} HTTP ${statusCode}: ${summary.message}`;
|
|
93
|
+
}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import type { CliContext } from "./context.js";
|
|
2
|
+
export type OfflineDevSession = {
|
|
3
|
+
ctx: CliContext;
|
|
4
|
+
restore: () => void;
|
|
5
|
+
};
|
|
6
|
+
/** Reject offline mode when production credentials are present in env or env file. */
|
|
7
|
+
export declare function assertOfflineDevCredentialsSafe(ctx: CliContext): Promise<void>;
|
|
8
|
+
/** Patch ctx.fetch with the in-process offline Gateway mock. */
|
|
9
|
+
export declare function beginOfflineDevSession(ctx: CliContext): OfflineDevSession;
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import { activateOfflineDevMode, createOfflineDevGatewayFetch, isProductionApiKey, } from "../dev/offline-gateway.js";
|
|
2
|
+
import { loadEnvFile } from "./credentials.js";
|
|
3
|
+
import { CliError } from "./types.js";
|
|
4
|
+
function rejectOfflineWithProductionKey(apiKey) {
|
|
5
|
+
const trimmed = apiKey?.trim();
|
|
6
|
+
if (trimmed && isProductionApiKey(trimmed)) {
|
|
7
|
+
throw new CliError("offline dev mode cannot be used with production API keys (paybond_sk_live_...); unset PAYBOND_API_KEY or use a sandbox key", {
|
|
8
|
+
category: "validation",
|
|
9
|
+
code: "cli.dev.offline_production_key",
|
|
10
|
+
exitCode: 1,
|
|
11
|
+
});
|
|
12
|
+
}
|
|
13
|
+
}
|
|
14
|
+
/** Reject offline mode when production credentials are present in env or env file. */
|
|
15
|
+
export async function assertOfflineDevCredentialsSafe(ctx) {
|
|
16
|
+
rejectOfflineWithProductionKey(process.env.PAYBOND_API_KEY);
|
|
17
|
+
if (process.env.PAYBOND_API_KEY?.trim()) {
|
|
18
|
+
return;
|
|
19
|
+
}
|
|
20
|
+
const fromFile = await loadEnvFile(ctx.globals.envFile, ctx.cwd);
|
|
21
|
+
rejectOfflineWithProductionKey(fromFile);
|
|
22
|
+
}
|
|
23
|
+
/** Patch ctx.fetch with the in-process offline Gateway mock. */
|
|
24
|
+
export function beginOfflineDevSession(ctx) {
|
|
25
|
+
const { restore } = activateOfflineDevMode();
|
|
26
|
+
return {
|
|
27
|
+
ctx: {
|
|
28
|
+
...ctx,
|
|
29
|
+
fetch: createOfflineDevGatewayFetch(),
|
|
30
|
+
},
|
|
31
|
+
restore,
|
|
32
|
+
};
|
|
33
|
+
}
|
package/dist/cli/router.js
CHANGED
|
@@ -1,4 +1,6 @@
|
|
|
1
|
+
import { HarborHttpError, SignalHttpError } from "../index.js";
|
|
1
2
|
import { commandPath, createContext } from "./context.js";
|
|
3
|
+
import { formatSdkHttpErrorMessage, summarizeGatewayHttpError } from "./http-error-message.js";
|
|
2
4
|
import { handleA2a, handleAuditExports, handleMandates, handleReceipts, handleSignal, } from "./commands/discovery.js";
|
|
3
5
|
import { handleConfig, handleDoctor, handleDiagnose, handleInitCompletion, handleInitAgentMiddleware, handleInitGuardrail, handleInitWizard, handleLogin, handleMcpInstall, handleMcpServe, handleMcpTools, handleMcpVerifyConfig, handleVersion, handleWhoami, } from "./commands/setup.js";
|
|
4
6
|
import { handlePolicyExtend, handlePolicyImportMcpReceipt, handlePolicyImportX402Receipt, handlePolicyInit, handlePolicyInitOrg, handlePolicyPresetsList, handlePolicyPresetsShow, handlePolicyPreview, handlePolicyTemplates, handlePolicyValidateEvidence, handlePolicyValidateTools, } from "./commands/policy.js";
|
|
@@ -13,7 +15,7 @@ import { generateRequestId } from "./request-id.js";
|
|
|
13
15
|
import { colorize, shouldUseColor } from "./color.js";
|
|
14
16
|
import { formatUnknownCommandMessage } from "./suggest.js";
|
|
15
17
|
import { handleCompletionCommand, handleExamplesCommand, handleHelpCommand, handleOnboarding, } from "./ux.js";
|
|
16
|
-
import { CliError, EXIT_SUCCESS, } from "./types.js";
|
|
18
|
+
import { CliError, EXIT_SUCCESS, exitCodeForHttpStatus, } from "./types.js";
|
|
17
19
|
function isHelp(argv) {
|
|
18
20
|
return argv.length === 0 || argv.includes("--help") || argv.includes("-h");
|
|
19
21
|
}
|
|
@@ -36,6 +38,32 @@ function renderTable(command, result, globals) {
|
|
|
36
38
|
}
|
|
37
39
|
return lines;
|
|
38
40
|
}
|
|
41
|
+
function isSdkHttpError(err) {
|
|
42
|
+
if (err instanceof HarborHttpError || err instanceof SignalHttpError) {
|
|
43
|
+
return true;
|
|
44
|
+
}
|
|
45
|
+
if (!(err instanceof Error)) {
|
|
46
|
+
return false;
|
|
47
|
+
}
|
|
48
|
+
const candidate = err;
|
|
49
|
+
return typeof candidate.statusCode === "number" && typeof candidate.bodyText === "string";
|
|
50
|
+
}
|
|
51
|
+
function sdkHttpErrorShape(err) {
|
|
52
|
+
const mapped = exitCodeForHttpStatus(err.statusCode);
|
|
53
|
+
const summary = summarizeGatewayHttpError(err.statusCode, err.bodyText);
|
|
54
|
+
const gatewayCode = typeof summary.details.gateway_code === "string"
|
|
55
|
+
? summary.details.gateway_code
|
|
56
|
+
: undefined;
|
|
57
|
+
return {
|
|
58
|
+
shape: {
|
|
59
|
+
category: mapped.category,
|
|
60
|
+
code: gatewayCode || `cli.gateway.http_${err.statusCode}`,
|
|
61
|
+
message: formatSdkHttpErrorMessage(err.message, err.statusCode, err.bodyText),
|
|
62
|
+
details: summary.details,
|
|
63
|
+
},
|
|
64
|
+
exitCode: mapped.exitCode,
|
|
65
|
+
};
|
|
66
|
+
}
|
|
39
67
|
function toErrorShape(err) {
|
|
40
68
|
if (err instanceof CliError) {
|
|
41
69
|
if (err.message === "help") {
|
|
@@ -54,6 +82,9 @@ function toErrorShape(err) {
|
|
|
54
82
|
exitCode: err.exitCode,
|
|
55
83
|
};
|
|
56
84
|
}
|
|
85
|
+
if (isSdkHttpError(err)) {
|
|
86
|
+
return sdkHttpErrorShape(err);
|
|
87
|
+
}
|
|
57
88
|
return {
|
|
58
89
|
shape: {
|
|
59
90
|
category: "internal",
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/** True when the body is a Cloudflare-generated edge error (not Paybond gateway JSON). */
|
|
2
|
+
export declare function isCloudflareEdgeErrorBody(bodyText: string): boolean;
|
|
3
|
+
/** Whether an HTTP status/body pair should be retried by SDK gateway clients. */
|
|
4
|
+
export declare function shouldRetryGatewayHttpStatus(status: number, bodyText: string): boolean;
|
|
5
|
+
/** Inspect a response body (via clone) to decide whether to retry transient gateway errors. */
|
|
6
|
+
export declare function shouldRetryGatewayResponse(res: Response): Promise<boolean>;
|
|
7
|
+
export declare function backoffMs(attempt: number): number;
|
|
8
|
+
export declare function parseRetryAfterSeconds(value: string | null): number | null;
|
|
9
|
+
/** Prefer `Retry-After` when present; otherwise exponential backoff with jitter. */
|
|
10
|
+
export declare function gatewayRetryDelayMs(attempt: number, retryAfterHeader: string | null): number;
|
|
11
|
+
/**
|
|
12
|
+
* Shared 429/5xx retry loop for Paybond gateway HTTP clients.
|
|
13
|
+
* Skips retries on Cloudflare edge error bodies. Returns the response on success;
|
|
14
|
+
* otherwise throws the last network error.
|
|
15
|
+
*/
|
|
16
|
+
export declare function fetchWithGatewayRetries(url: string, init: RequestInit, maxRetries: number): Promise<Response>;
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
/** True when the body is a Cloudflare-generated edge error (not Paybond gateway JSON). */
|
|
2
|
+
export function isCloudflareEdgeErrorBody(bodyText) {
|
|
3
|
+
const trimmed = bodyText.trim();
|
|
4
|
+
if (!trimmed) {
|
|
5
|
+
return false;
|
|
6
|
+
}
|
|
7
|
+
try {
|
|
8
|
+
const body = JSON.parse(trimmed);
|
|
9
|
+
return body.cloudflare_error === true;
|
|
10
|
+
}
|
|
11
|
+
catch {
|
|
12
|
+
return false;
|
|
13
|
+
}
|
|
14
|
+
}
|
|
15
|
+
/** Whether an HTTP status/body pair should be retried by SDK gateway clients. */
|
|
16
|
+
export function shouldRetryGatewayHttpStatus(status, bodyText) {
|
|
17
|
+
if (![429, 500, 502, 503, 504].includes(status)) {
|
|
18
|
+
return false;
|
|
19
|
+
}
|
|
20
|
+
if (isCloudflareEdgeErrorBody(bodyText)) {
|
|
21
|
+
return false;
|
|
22
|
+
}
|
|
23
|
+
return true;
|
|
24
|
+
}
|
|
25
|
+
/** Inspect a response body (via clone) to decide whether to retry transient gateway errors. */
|
|
26
|
+
export async function shouldRetryGatewayResponse(res) {
|
|
27
|
+
if (![429, 500, 502, 503, 504].includes(res.status)) {
|
|
28
|
+
return false;
|
|
29
|
+
}
|
|
30
|
+
const peek = await res.clone().text();
|
|
31
|
+
return shouldRetryGatewayHttpStatus(res.status, peek);
|
|
32
|
+
}
|
|
33
|
+
export function backoffMs(attempt) {
|
|
34
|
+
const base = 200 * 2 ** attempt;
|
|
35
|
+
const jitter = Math.random() * 100;
|
|
36
|
+
return Math.min(base + jitter, 5000);
|
|
37
|
+
}
|
|
38
|
+
export function parseRetryAfterSeconds(value) {
|
|
39
|
+
if (!value) {
|
|
40
|
+
return null;
|
|
41
|
+
}
|
|
42
|
+
const n = Number.parseFloat(value.trim());
|
|
43
|
+
if (!Number.isFinite(n)) {
|
|
44
|
+
return null;
|
|
45
|
+
}
|
|
46
|
+
return Math.min(n, 30);
|
|
47
|
+
}
|
|
48
|
+
/** Prefer `Retry-After` when present; otherwise exponential backoff with jitter. */
|
|
49
|
+
export function gatewayRetryDelayMs(attempt, retryAfterHeader) {
|
|
50
|
+
const raSec = parseRetryAfterSeconds(retryAfterHeader);
|
|
51
|
+
return raSec != null ? raSec * 1000 : backoffMs(attempt);
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Shared 429/5xx retry loop for Paybond gateway HTTP clients.
|
|
55
|
+
* Skips retries on Cloudflare edge error bodies. Returns the response on success;
|
|
56
|
+
* otherwise throws the last network error.
|
|
57
|
+
*/
|
|
58
|
+
export async function fetchWithGatewayRetries(url, init, maxRetries) {
|
|
59
|
+
let lastErr;
|
|
60
|
+
for (let attempt = 0; attempt < maxRetries; attempt++) {
|
|
61
|
+
let res;
|
|
62
|
+
try {
|
|
63
|
+
res = await fetch(url, init);
|
|
64
|
+
}
|
|
65
|
+
catch (e) {
|
|
66
|
+
lastErr = e;
|
|
67
|
+
if (attempt + 1 >= maxRetries) {
|
|
68
|
+
throw e;
|
|
69
|
+
}
|
|
70
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, null)));
|
|
71
|
+
continue;
|
|
72
|
+
}
|
|
73
|
+
if ([429, 500, 502, 503, 504].includes(res.status) && attempt + 1 < maxRetries) {
|
|
74
|
+
if (!(await shouldRetryGatewayResponse(res))) {
|
|
75
|
+
return res;
|
|
76
|
+
}
|
|
77
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, res.headers.get("retry-after"))));
|
|
78
|
+
continue;
|
|
79
|
+
}
|
|
80
|
+
return res;
|
|
81
|
+
}
|
|
82
|
+
throw lastErr instanceof Error ? lastErr : new Error(String(lastErr));
|
|
83
|
+
}
|
package/dist/index.js
CHANGED
|
@@ -6,6 +6,7 @@ import { buildSignedCreateIntentBody, buildSignedCreateIntentBodyWithPolicyBindi
|
|
|
6
6
|
import { signPayeeEvidenceBinding } from "./payee-evidence.js";
|
|
7
7
|
import { PaybondAgentRunFacade, PaybondInstrumentBuilder, createGuardedAgent, createGuardedAgentRunner, createPaybondAgent, createPaybondToolRegistry, instrumentPaybondAgent, instrumentPaybondClaudeAgents, instrumentPaybondLangGraph, instrumentPaybondMCP, instrumentPaybondOpenAI, instrumentPaybondVercel, resolveAgentPolicySource, wrapPaybondTools, } from "./agent/index.js";
|
|
8
8
|
import { GatewayAgentRunTraceReporter, } from "./agent/gateway-trace-reporter.js";
|
|
9
|
+
import { fetchWithGatewayRetries, gatewayRetryDelayMs, shouldRetryGatewayResponse, } from "./gateway-retry.js";
|
|
9
10
|
import { parsePolicyRemoteValidateResponse, policyValidateQueryString, } from "./policy/validate-remote.js";
|
|
10
11
|
import { parsePolicyEffectiveResolveResponse, } from "./policy/load-effective.js";
|
|
11
12
|
import { paybondPolicyPresets } from "./policy/policy-api.js";
|
|
@@ -187,19 +188,6 @@ function protocolHTTPErrorMessage(prefix, statusCode, bodyText) {
|
|
|
187
188
|
function normalizeBase(url) {
|
|
188
189
|
return requireSecureGatewayUrl(url);
|
|
189
190
|
}
|
|
190
|
-
function backoffMs(attempt) {
|
|
191
|
-
const base = 200 * 2 ** attempt;
|
|
192
|
-
const jitter = Math.random() * 100;
|
|
193
|
-
return Math.min(base + jitter, 5000);
|
|
194
|
-
}
|
|
195
|
-
function parseRetryAfterSeconds(v) {
|
|
196
|
-
if (!v)
|
|
197
|
-
return null;
|
|
198
|
-
const n = Number.parseFloat(v.trim());
|
|
199
|
-
if (!Number.isFinite(n))
|
|
200
|
-
return null;
|
|
201
|
-
return Math.min(n, 30);
|
|
202
|
-
}
|
|
203
191
|
function normalizeExpectedEnvironment(value) {
|
|
204
192
|
if (value === undefined)
|
|
205
193
|
return null;
|
|
@@ -462,16 +450,17 @@ export class HarborClient {
|
|
|
462
450
|
lastErr = e;
|
|
463
451
|
if (attempt + 1 >= this.maxRetries)
|
|
464
452
|
throw e;
|
|
465
|
-
await new Promise((r) => setTimeout(r,
|
|
453
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, null)));
|
|
466
454
|
continue;
|
|
467
455
|
}
|
|
468
456
|
if ([429, 500, 502, 503, 504].includes(res.status)) {
|
|
469
457
|
if (attempt + 1 >= this.maxRetries) {
|
|
470
458
|
return res;
|
|
471
459
|
}
|
|
472
|
-
|
|
473
|
-
|
|
474
|
-
|
|
460
|
+
if (!(await shouldRetryGatewayResponse(res))) {
|
|
461
|
+
return res;
|
|
462
|
+
}
|
|
463
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, res.headers.get("retry-after"))));
|
|
475
464
|
continue;
|
|
476
465
|
}
|
|
477
466
|
return res;
|
|
@@ -494,16 +483,17 @@ export class HarborClient {
|
|
|
494
483
|
lastErr = e;
|
|
495
484
|
if (attempt + 1 >= this.maxRetries)
|
|
496
485
|
throw e;
|
|
497
|
-
await new Promise((r) => setTimeout(r,
|
|
486
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, null)));
|
|
498
487
|
continue;
|
|
499
488
|
}
|
|
500
489
|
if ([429, 500, 502, 503, 504].includes(res.status)) {
|
|
501
490
|
if (attempt + 1 >= this.maxRetries) {
|
|
502
491
|
return res;
|
|
503
492
|
}
|
|
504
|
-
|
|
505
|
-
|
|
506
|
-
|
|
493
|
+
if (!(await shouldRetryGatewayResponse(res))) {
|
|
494
|
+
return res;
|
|
495
|
+
}
|
|
496
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, res.headers.get("retry-after"))));
|
|
507
497
|
if (retryBodyText !== undefined) {
|
|
508
498
|
init = {
|
|
509
499
|
...init,
|
|
@@ -804,28 +794,7 @@ export class GatewayHarborClient {
|
|
|
804
794
|
return headers;
|
|
805
795
|
}
|
|
806
796
|
async fetchWithRetries(url, init) {
|
|
807
|
-
|
|
808
|
-
for (let attempt = 0; attempt < this.maxRetries; attempt++) {
|
|
809
|
-
let res;
|
|
810
|
-
try {
|
|
811
|
-
res = await fetch(url, init);
|
|
812
|
-
}
|
|
813
|
-
catch (e) {
|
|
814
|
-
lastErr = e;
|
|
815
|
-
if (attempt + 1 >= this.maxRetries)
|
|
816
|
-
throw e;
|
|
817
|
-
await new Promise((r) => setTimeout(r, backoffMs(attempt)));
|
|
818
|
-
continue;
|
|
819
|
-
}
|
|
820
|
-
if ([429, 500, 502, 503, 504].includes(res.status) && attempt + 1 < this.maxRetries) {
|
|
821
|
-
const raSec = parseRetryAfterSeconds(res.headers.get("retry-after"));
|
|
822
|
-
const delayMs = raSec != null ? raSec * 1000 : backoffMs(attempt);
|
|
823
|
-
await new Promise((r) => setTimeout(r, delayMs));
|
|
824
|
-
continue;
|
|
825
|
-
}
|
|
826
|
-
return res;
|
|
827
|
-
}
|
|
828
|
-
throw lastErr instanceof Error ? lastErr : new Error(String(lastErr));
|
|
797
|
+
return fetchWithGatewayRetries(url, init, this.maxRetries);
|
|
829
798
|
}
|
|
830
799
|
async postJSON(path, payload, extraHeaders) {
|
|
831
800
|
return this.requestJSON("POST", path, payload, extraHeaders);
|
|
@@ -1052,28 +1021,7 @@ export class PaybondGuardrails {
|
|
|
1052
1021
|
return headers;
|
|
1053
1022
|
}
|
|
1054
1023
|
async fetchWithRetries(url, init) {
|
|
1055
|
-
|
|
1056
|
-
for (let attempt = 0; attempt < this.maxRetries; attempt++) {
|
|
1057
|
-
let res;
|
|
1058
|
-
try {
|
|
1059
|
-
res = await fetch(url, init);
|
|
1060
|
-
}
|
|
1061
|
-
catch (e) {
|
|
1062
|
-
lastErr = e;
|
|
1063
|
-
if (attempt + 1 >= this.maxRetries)
|
|
1064
|
-
throw e;
|
|
1065
|
-
await new Promise((r) => setTimeout(r, backoffMs(attempt)));
|
|
1066
|
-
continue;
|
|
1067
|
-
}
|
|
1068
|
-
if ([429, 500, 502, 503, 504].includes(res.status) && attempt + 1 < this.maxRetries) {
|
|
1069
|
-
const raSec = parseRetryAfterSeconds(res.headers.get("retry-after"));
|
|
1070
|
-
const delayMs = raSec != null ? raSec * 1000 : backoffMs(attempt);
|
|
1071
|
-
await new Promise((r) => setTimeout(r, delayMs));
|
|
1072
|
-
continue;
|
|
1073
|
-
}
|
|
1074
|
-
return res;
|
|
1075
|
-
}
|
|
1076
|
-
throw lastErr instanceof Error ? lastErr : new Error(String(lastErr));
|
|
1024
|
+
return fetchWithGatewayRetries(url, init, this.maxRetries);
|
|
1077
1025
|
}
|
|
1078
1026
|
async postJSON(path, payload, options) {
|
|
1079
1027
|
const url = `${this.base}${path.replace(/^\/+/, "")}`;
|
|
@@ -1118,7 +1066,7 @@ export class PaybondGuardrails {
|
|
|
1118
1066
|
}
|
|
1119
1067
|
const { res, text, url } = await this.postJSON("/v1/sandbox/guardrails/bootstrap", payload, { idempotencyKey: input.idempotencyKey });
|
|
1120
1068
|
if (!res.ok) {
|
|
1121
|
-
throw new HarborHttpError(`Gateway sandbox guardrail bootstrap HTTP ${res.status}
|
|
1069
|
+
throw new HarborHttpError(`Gateway sandbox guardrail bootstrap HTTP ${res.status}`, {
|
|
1122
1070
|
statusCode: res.status,
|
|
1123
1071
|
url,
|
|
1124
1072
|
bodyText: text,
|
|
@@ -1153,7 +1101,7 @@ export class PaybondGuardrails {
|
|
|
1153
1101
|
}
|
|
1154
1102
|
const { res, text, url } = await this.postJSON(`/v1/sandbox/guardrails/${encodeURIComponent(input.intentId)}/evidence`, payload, { idempotencyKey: input.idempotencyKey });
|
|
1155
1103
|
if (!res.ok) {
|
|
1156
|
-
throw new HarborHttpError(`Gateway sandbox guardrail evidence HTTP ${res.status}
|
|
1104
|
+
throw new HarborHttpError(`Gateway sandbox guardrail evidence HTTP ${res.status}`, {
|
|
1157
1105
|
statusCode: res.status,
|
|
1158
1106
|
url,
|
|
1159
1107
|
bodyText: text,
|
|
@@ -1433,16 +1381,17 @@ export class GatewaySignalClient {
|
|
|
1433
1381
|
lastErr = e;
|
|
1434
1382
|
if (attempt + 1 >= this.maxRetries)
|
|
1435
1383
|
throw e;
|
|
1436
|
-
await new Promise((r) => setTimeout(r,
|
|
1384
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, null)));
|
|
1437
1385
|
continue;
|
|
1438
1386
|
}
|
|
1439
1387
|
if ([429, 500, 502, 503, 504].includes(res.status)) {
|
|
1440
1388
|
if (attempt + 1 >= this.maxRetries) {
|
|
1441
1389
|
return res;
|
|
1442
1390
|
}
|
|
1443
|
-
|
|
1444
|
-
|
|
1445
|
-
|
|
1391
|
+
if (!(await shouldRetryGatewayResponse(res))) {
|
|
1392
|
+
return res;
|
|
1393
|
+
}
|
|
1394
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, res.headers.get("retry-after"))));
|
|
1446
1395
|
continue;
|
|
1447
1396
|
}
|
|
1448
1397
|
return res;
|
|
@@ -1594,16 +1543,17 @@ export class GatewayFraudClient {
|
|
|
1594
1543
|
lastErr = e;
|
|
1595
1544
|
if (attempt + 1 >= this.maxRetries)
|
|
1596
1545
|
throw e;
|
|
1597
|
-
await new Promise((r) => setTimeout(r,
|
|
1546
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, null)));
|
|
1598
1547
|
continue;
|
|
1599
1548
|
}
|
|
1600
1549
|
if ([429, 500, 502, 503, 504].includes(res.status)) {
|
|
1601
1550
|
if (attempt + 1 >= this.maxRetries) {
|
|
1602
1551
|
return res;
|
|
1603
1552
|
}
|
|
1604
|
-
|
|
1605
|
-
|
|
1606
|
-
|
|
1553
|
+
if (!(await shouldRetryGatewayResponse(res))) {
|
|
1554
|
+
return res;
|
|
1555
|
+
}
|
|
1556
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, res.headers.get("retry-after"))));
|
|
1607
1557
|
continue;
|
|
1608
1558
|
}
|
|
1609
1559
|
return res;
|
|
@@ -1875,16 +1825,17 @@ export class GatewayA2AClient {
|
|
|
1875
1825
|
lastErr = e;
|
|
1876
1826
|
if (attempt + 1 >= this.maxRetries)
|
|
1877
1827
|
throw e;
|
|
1878
|
-
await new Promise((r) => setTimeout(r,
|
|
1828
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, null)));
|
|
1879
1829
|
continue;
|
|
1880
1830
|
}
|
|
1881
1831
|
if ([429, 500, 502, 503, 504].includes(res.status)) {
|
|
1882
1832
|
if (attempt + 1 >= this.maxRetries) {
|
|
1883
1833
|
return res;
|
|
1884
1834
|
}
|
|
1885
|
-
|
|
1886
|
-
|
|
1887
|
-
|
|
1835
|
+
if (!(await shouldRetryGatewayResponse(res))) {
|
|
1836
|
+
return res;
|
|
1837
|
+
}
|
|
1838
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, res.headers.get("retry-after"))));
|
|
1888
1839
|
continue;
|
|
1889
1840
|
}
|
|
1890
1841
|
return res;
|
|
@@ -1944,29 +1895,7 @@ export class GatewayProtocolClient {
|
|
|
1944
1895
|
this.maxRetries = Math.max(1, init?.maxRetries ?? 3);
|
|
1945
1896
|
}
|
|
1946
1897
|
async fetchWithRetries(url, init) {
|
|
1947
|
-
|
|
1948
|
-
for (let attempt = 0; attempt < this.maxRetries; attempt++) {
|
|
1949
|
-
let res;
|
|
1950
|
-
try {
|
|
1951
|
-
res = await fetch(url, init);
|
|
1952
|
-
}
|
|
1953
|
-
catch (e) {
|
|
1954
|
-
lastErr = e;
|
|
1955
|
-
if (attempt + 1 >= this.maxRetries) {
|
|
1956
|
-
throw e;
|
|
1957
|
-
}
|
|
1958
|
-
await new Promise((r) => setTimeout(r, backoffMs(attempt)));
|
|
1959
|
-
continue;
|
|
1960
|
-
}
|
|
1961
|
-
if ([429, 500, 502, 503, 504].includes(res.status) && attempt + 1 < this.maxRetries) {
|
|
1962
|
-
const raSec = parseRetryAfterSeconds(res.headers.get("retry-after"));
|
|
1963
|
-
const delayMs = raSec != null ? raSec * 1000 : backoffMs(attempt);
|
|
1964
|
-
await new Promise((r) => setTimeout(r, delayMs));
|
|
1965
|
-
continue;
|
|
1966
|
-
}
|
|
1967
|
-
return res;
|
|
1968
|
-
}
|
|
1969
|
-
throw lastErr instanceof Error ? lastErr : new Error(String(lastErr));
|
|
1898
|
+
return fetchWithGatewayRetries(url, init, this.maxRetries);
|
|
1970
1899
|
}
|
|
1971
1900
|
headers(extra) {
|
|
1972
1901
|
const headers = new Headers(extra);
|
|
@@ -2132,15 +2061,13 @@ async function resolveGatewayTenantId(gatewayBaseUrl, apiKey, principalPath, max
|
|
|
2132
2061
|
if (attempt + 1 >= maxRetries) {
|
|
2133
2062
|
throw e;
|
|
2134
2063
|
}
|
|
2135
|
-
await new Promise((r) => setTimeout(r,
|
|
2064
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, null)));
|
|
2136
2065
|
continue;
|
|
2137
2066
|
}
|
|
2138
2067
|
const text = await res.text();
|
|
2139
2068
|
if (!res.ok) {
|
|
2140
2069
|
if ([429, 500, 502, 503, 504].includes(res.status) && attempt + 1 < maxRetries) {
|
|
2141
|
-
|
|
2142
|
-
const delayMs = raSec != null ? raSec * 1000 : backoffMs(attempt);
|
|
2143
|
-
await new Promise((r) => setTimeout(r, delayMs));
|
|
2070
|
+
await new Promise((r) => setTimeout(r, gatewayRetryDelayMs(attempt, res.headers.get("retry-after"))));
|
|
2144
2071
|
continue;
|
|
2145
2072
|
}
|
|
2146
2073
|
throw new GatewayAuthError(`gateway principal HTTP ${res.status}`, {
|
package/dist/mcp-server.js
CHANGED
|
@@ -13,7 +13,7 @@ import { McpCapabilityTokenCache, mcpToolStoresCapabilityToken, parseMcpCapabili
|
|
|
13
13
|
import { createMcpPolicyGatewayAdapter, McpPolicyReloadGate, parseMcpPolicyReloadConfig, } from "./mcp-policy-reload.js";
|
|
14
14
|
import { DEFAULT_PAYBOND_GATEWAY_BASE_URL, GatewayFraudClient, GatewaySignalClient, } from "./index.js";
|
|
15
15
|
const SERVER_NAME = "Paybond MCP";
|
|
16
|
-
const SERVER_VERSION = "0.11.
|
|
16
|
+
const SERVER_VERSION = "0.11.6";
|
|
17
17
|
const MCP_PROTOCOL_VERSION = "2025-11-25";
|
|
18
18
|
const DEFAULT_PRINCIPAL_PATH = "/v1/auth/principal";
|
|
19
19
|
const DEFAULT_RECOGNITION_VERIFIER_ID = "paybond-gateway";
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@paybond/kit",
|
|
3
|
-
"version": "0.11.
|
|
3
|
+
"version": "0.11.6",
|
|
4
4
|
"mcpName": "io.github.nonameuserd/paybond",
|
|
5
5
|
"description": "Paybond Kit for TypeScript: agent spend governance for paid tool calls with spend authorization, evidence receipts, refunds, disputes, hosted Gateway sessions, and settlement.",
|
|
6
6
|
"license": "Apache-2.0",
|
|
@@ -117,6 +117,7 @@
|
|
|
117
117
|
"test": "vitest run",
|
|
118
118
|
"pack:dry-run": "npm pack --dry-run",
|
|
119
119
|
"verify:release": "node ./scripts/verify-release.mjs",
|
|
120
|
+
"verify:template-locks": "node ./scripts/verify-template-lock-integrity.mjs",
|
|
120
121
|
"prepack": "npm run build"
|
|
121
122
|
},
|
|
122
123
|
"peerDependencies": {
|
package/templates/manifest.json
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
"evidence_preset": "cost_and_completion",
|
|
14
14
|
"smoke_result_body": { "status": "completed", "cost_cents": 18700 },
|
|
15
15
|
"dependencies": {
|
|
16
|
-
"@paybond/kit": "^0.11.
|
|
16
|
+
"@paybond/kit": "^0.11.6",
|
|
17
17
|
"@langchain/core": "^1.2.1",
|
|
18
18
|
"@langchain/langgraph": "^1.4.7",
|
|
19
19
|
"zod": "^4.2.0"
|
|
@@ -33,7 +33,7 @@
|
|
|
33
33
|
"evidence_preset": "cost_and_completion",
|
|
34
34
|
"smoke_result_body": { "status": "completed", "cost_cents": 4500 },
|
|
35
35
|
"dependencies": {
|
|
36
|
-
"@paybond/kit": "^0.11.
|
|
36
|
+
"@paybond/kit": "^0.11.6",
|
|
37
37
|
"ai": "^5.0.0",
|
|
38
38
|
"zod": "^4.2.0"
|
|
39
39
|
},
|
|
@@ -52,7 +52,7 @@
|
|
|
52
52
|
"evidence_preset": "cost_and_completion",
|
|
53
53
|
"smoke_result_body": { "status": "completed", "cost_cents": 2900 },
|
|
54
54
|
"dependencies": {
|
|
55
|
-
"@paybond/kit": "^0.11.
|
|
55
|
+
"@paybond/kit": "^0.11.6",
|
|
56
56
|
"@openai/agents": "^0.4.0",
|
|
57
57
|
"zod": "^4.2.0"
|
|
58
58
|
},
|
|
@@ -71,7 +71,7 @@
|
|
|
71
71
|
"evidence_preset": "cost_and_completion",
|
|
72
72
|
"smoke_result_body": { "status": "completed", "cost_cents": 4500 },
|
|
73
73
|
"dependencies": {
|
|
74
|
-
"@paybond/kit": "^0.11.
|
|
74
|
+
"@paybond/kit": "^0.11.6",
|
|
75
75
|
"@openai/agents": "^0.4.0",
|
|
76
76
|
"zod": "^4.2.0"
|
|
77
77
|
},
|
|
@@ -90,7 +90,7 @@
|
|
|
90
90
|
"evidence_preset": "cost_and_completion",
|
|
91
91
|
"smoke_result_body": { "status": "completed", "cost_cents": 18700 },
|
|
92
92
|
"dependencies": {
|
|
93
|
-
"@paybond/kit": "^0.11.
|
|
93
|
+
"@paybond/kit": "^0.11.6",
|
|
94
94
|
"@anthropic-ai/claude-agent-sdk": "^0.2.100",
|
|
95
95
|
"zod": "^4.2.0"
|
|
96
96
|
},
|
|
@@ -110,7 +110,7 @@
|
|
|
110
110
|
"evidence_preset": "cost_and_completion",
|
|
111
111
|
"smoke_result_body": { "status": "completed", "cost_cents": 500 },
|
|
112
112
|
"dependencies": {
|
|
113
|
-
"@paybond/kit": "^0.11.
|
|
113
|
+
"@paybond/kit": "^0.11.6"
|
|
114
114
|
},
|
|
115
115
|
"mcp_tool_policy": "spend-write"
|
|
116
116
|
},
|
|
@@ -127,7 +127,7 @@
|
|
|
127
127
|
"evidence_preset": "cost_and_completion",
|
|
128
128
|
"smoke_result_body": { "status": "completed", "cost_cents": 12000 },
|
|
129
129
|
"dependencies": {
|
|
130
|
-
"@paybond/kit": "^0.11.
|
|
130
|
+
"@paybond/kit": "^0.11.6"
|
|
131
131
|
},
|
|
132
132
|
"demo_mode": "generic"
|
|
133
133
|
},
|
|
@@ -143,7 +143,7 @@
|
|
|
143
143
|
"evidence_preset": "cost_and_completion",
|
|
144
144
|
"smoke_result_body": { "status": "completed", "cost_cents": 12500 },
|
|
145
145
|
"dependencies": {
|
|
146
|
-
"@paybond/kit": "^0.11.
|
|
146
|
+
"@paybond/kit": "^0.11.6"
|
|
147
147
|
},
|
|
148
148
|
"demo_mode": "generic"
|
|
149
149
|
},
|
|
@@ -159,7 +159,7 @@
|
|
|
159
159
|
"evidence_preset": "cost_and_completion",
|
|
160
160
|
"smoke_result_body": { "status": "completed", "cost_cents": 2900 },
|
|
161
161
|
"python_dependencies": {
|
|
162
|
-
"paybond-kit": ">=0.11.
|
|
162
|
+
"paybond-kit": ">=0.11.6",
|
|
163
163
|
"langgraph": ">=1.2.0"
|
|
164
164
|
},
|
|
165
165
|
"demo_import": "paybond_kit.langgraph_sandbox_demo",
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
"name": "openai-shopping-agent",
|
|
8
8
|
"dependencies": {
|
|
9
9
|
"@openai/agents": "^0.4.0",
|
|
10
|
-
"@paybond/kit": "^0.11.
|
|
10
|
+
"@paybond/kit": "^0.11.6",
|
|
11
11
|
"zod": "^4.2.0"
|
|
12
12
|
},
|
|
13
13
|
"devDependencies": {
|
|
@@ -169,9 +169,9 @@
|
|
|
169
169
|
}
|
|
170
170
|
},
|
|
171
171
|
"node_modules/@paybond/kit": {
|
|
172
|
-
"version": "0.11.
|
|
173
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
174
|
-
"integrity": "sha512-
|
|
172
|
+
"version": "0.11.6",
|
|
173
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
174
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
175
175
|
"license": "Apache-2.0",
|
|
176
176
|
"dependencies": {
|
|
177
177
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation commerce.checkout --requested-spend-cents 4500 --result-body '{\"status\":\"completed\",\"cost_cents\":4500}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6",
|
|
12
12
|
"@openai/agents": "^0.4.0",
|
|
13
13
|
"zod": "^4.2.0"
|
|
14
14
|
},
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
"": {
|
|
7
7
|
"name": "paybond-aws-operator",
|
|
8
8
|
"dependencies": {
|
|
9
|
-
"@paybond/kit": "^0.11.
|
|
9
|
+
"@paybond/kit": "^0.11.6"
|
|
10
10
|
},
|
|
11
11
|
"devDependencies": {
|
|
12
12
|
"@types/node": "^22.10.1",
|
|
@@ -47,9 +47,9 @@
|
|
|
47
47
|
}
|
|
48
48
|
},
|
|
49
49
|
"node_modules/@paybond/kit": {
|
|
50
|
-
"version": "0.11.
|
|
51
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
52
|
-
"integrity": "sha512-
|
|
50
|
+
"version": "0.11.6",
|
|
51
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
52
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
53
53
|
"license": "Apache-2.0",
|
|
54
54
|
"dependencies": {
|
|
55
55
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation aws.ec2.start_instance --requested-spend-cents 12500 --result-body '{\"status\":\"completed\",\"cost_cents\":12500}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6"
|
|
12
12
|
},
|
|
13
13
|
"devDependencies": {
|
|
14
14
|
"@types/node": "^22.10.1",
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
"name": "paybond-claude-agents-demo",
|
|
8
8
|
"dependencies": {
|
|
9
9
|
"@anthropic-ai/claude-agent-sdk": "^0.2.100",
|
|
10
|
-
"@paybond/kit": "^0.11.
|
|
10
|
+
"@paybond/kit": "^0.11.6",
|
|
11
11
|
"zod": "^4.2.0"
|
|
12
12
|
},
|
|
13
13
|
"devDependencies": {
|
|
@@ -260,9 +260,9 @@
|
|
|
260
260
|
}
|
|
261
261
|
},
|
|
262
262
|
"node_modules/@paybond/kit": {
|
|
263
|
-
"version": "0.11.
|
|
264
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
265
|
-
"integrity": "sha512-
|
|
263
|
+
"version": "0.11.6",
|
|
264
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
265
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
266
266
|
"license": "Apache-2.0",
|
|
267
267
|
"dependencies": {
|
|
268
268
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation travel.book_hotel --requested-spend-cents 18700 --result-body '{\"status\":\"completed\",\"cost_cents\":18700}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6",
|
|
12
12
|
"@anthropic-ai/claude-agent-sdk": "^0.2.100",
|
|
13
13
|
"zod": "^4.2.0"
|
|
14
14
|
},
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
paybond-kit>=0.11.
|
|
1
|
+
paybond-kit>=0.11.6
|
|
2
2
|
langgraph>=1.2.0
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
"": {
|
|
7
7
|
"name": "paybond-mcp-coding-agent",
|
|
8
8
|
"dependencies": {
|
|
9
|
-
"@paybond/kit": "^0.11.
|
|
9
|
+
"@paybond/kit": "^0.11.6"
|
|
10
10
|
},
|
|
11
11
|
"devDependencies": {
|
|
12
12
|
"@types/node": "^22.10.1",
|
|
@@ -47,9 +47,9 @@
|
|
|
47
47
|
}
|
|
48
48
|
},
|
|
49
49
|
"node_modules/@paybond/kit": {
|
|
50
|
-
"version": "0.11.
|
|
51
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
52
|
-
"integrity": "sha512-
|
|
50
|
+
"version": "0.11.6",
|
|
51
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
52
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
53
53
|
"license": "Apache-2.0",
|
|
54
54
|
"dependencies": {
|
|
55
55
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation deploy.preview --requested-spend-cents 500 --result-body '{\"status\":\"completed\",\"cost_cents\":500}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6"
|
|
12
12
|
},
|
|
13
13
|
"devDependencies": {
|
|
14
14
|
"@types/node": "^22.10.1",
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
"name": "paybond-openai-agents-demo",
|
|
8
8
|
"dependencies": {
|
|
9
9
|
"@openai/agents": "^0.4.0",
|
|
10
|
-
"@paybond/kit": "^0.11.
|
|
10
|
+
"@paybond/kit": "^0.11.6",
|
|
11
11
|
"zod": "^4.2.0"
|
|
12
12
|
},
|
|
13
13
|
"devDependencies": {
|
|
@@ -169,9 +169,9 @@
|
|
|
169
169
|
}
|
|
170
170
|
},
|
|
171
171
|
"node_modules/@paybond/kit": {
|
|
172
|
-
"version": "0.11.
|
|
173
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
174
|
-
"integrity": "sha512-
|
|
172
|
+
"version": "0.11.6",
|
|
173
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
174
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
175
175
|
"license": "Apache-2.0",
|
|
176
176
|
"dependencies": {
|
|
177
177
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation saas.provision_seat --requested-spend-cents 2900 --result-body '{\"status\":\"completed\",\"cost_cents\":2900}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6",
|
|
12
12
|
"@openai/agents": "^0.4.0",
|
|
13
13
|
"zod": "^4.2.0"
|
|
14
14
|
},
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
"": {
|
|
7
7
|
"name": "paybond-procurement-agent",
|
|
8
8
|
"dependencies": {
|
|
9
|
-
"@paybond/kit": "^0.11.
|
|
9
|
+
"@paybond/kit": "^0.11.6"
|
|
10
10
|
},
|
|
11
11
|
"devDependencies": {
|
|
12
12
|
"@types/node": "^22.10.1",
|
|
@@ -47,9 +47,9 @@
|
|
|
47
47
|
}
|
|
48
48
|
},
|
|
49
49
|
"node_modules/@paybond/kit": {
|
|
50
|
-
"version": "0.11.
|
|
51
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
52
|
-
"integrity": "sha512-
|
|
50
|
+
"version": "0.11.6",
|
|
51
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
52
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
53
53
|
"license": "Apache-2.0",
|
|
54
54
|
"dependencies": {
|
|
55
55
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation procurement.submit_po --requested-spend-cents 12000 --result-body '{\"status\":\"completed\",\"cost_cents\":12000}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6"
|
|
12
12
|
},
|
|
13
13
|
"devDependencies": {
|
|
14
14
|
"@types/node": "^22.10.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"dependencies": {
|
|
9
9
|
"@langchain/core": "^1.2.1",
|
|
10
10
|
"@langchain/langgraph": "^1.4.7",
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6",
|
|
12
12
|
"zod": "^4.2.0"
|
|
13
13
|
},
|
|
14
14
|
"devDependencies": {
|
|
@@ -178,9 +178,9 @@
|
|
|
178
178
|
}
|
|
179
179
|
},
|
|
180
180
|
"node_modules/@paybond/kit": {
|
|
181
|
-
"version": "0.11.
|
|
182
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
183
|
-
"integrity": "sha512-
|
|
181
|
+
"version": "0.11.6",
|
|
182
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
183
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
184
184
|
"license": "Apache-2.0",
|
|
185
185
|
"dependencies": {
|
|
186
186
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation travel.book_hotel --requested-spend-cents 18700 --result-body '{\"status\":\"completed\",\"cost_cents\":18700}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6",
|
|
12
12
|
"@langchain/core": "^1.2.1",
|
|
13
13
|
"@langchain/langgraph": "^1.4.7",
|
|
14
14
|
"zod": "^4.2.0"
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
"": {
|
|
7
7
|
"name": "paybond-vercel-shopping-agent",
|
|
8
8
|
"dependencies": {
|
|
9
|
-
"@paybond/kit": "^0.11.
|
|
9
|
+
"@paybond/kit": "^0.11.6",
|
|
10
10
|
"ai": "^5.0.0",
|
|
11
11
|
"zod": "^4.2.0"
|
|
12
12
|
},
|
|
@@ -104,9 +104,9 @@
|
|
|
104
104
|
}
|
|
105
105
|
},
|
|
106
106
|
"node_modules/@paybond/kit": {
|
|
107
|
-
"version": "0.11.
|
|
108
|
-
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.
|
|
109
|
-
"integrity": "sha512-
|
|
107
|
+
"version": "0.11.6",
|
|
108
|
+
"resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.6.tgz",
|
|
109
|
+
"integrity": "sha512-j4MYl0iqP2XG7Y2vshOxN+tC9ZdJCjlM9burdol2z6b2r45/IpgpA2qiy0L21uLo0qaB+Q9wakoPMIlmnS1Tsg==",
|
|
110
110
|
"license": "Apache-2.0",
|
|
111
111
|
"dependencies": {
|
|
112
112
|
"@noble/ed25519": "^2.2.1",
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation commerce.checkout --requested-spend-cents 4500 --result-body '{\"status\":\"completed\",\"cost_cents\":4500}' --format json"
|
|
9
9
|
},
|
|
10
10
|
"dependencies": {
|
|
11
|
-
"@paybond/kit": "^0.11.
|
|
11
|
+
"@paybond/kit": "^0.11.6",
|
|
12
12
|
"ai": "^5.0.0",
|
|
13
13
|
"zod": "^4.2.0"
|
|
14
14
|
},
|