@paybond/kit 0.11.9 → 0.11.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/README.md +1 -1
  2. package/dist/cli/commands/dev.js +3 -0
  3. package/dist/cli/http-error-message.js +49 -10
  4. package/dist/dev/trace-buffer.d.ts +4 -1
  5. package/dist/dev/trace-buffer.js +16 -3
  6. package/dist/dev/trace-server.d.ts +2 -0
  7. package/dist/dev/trace-server.js +3 -1
  8. package/dist/gateway-retry.d.ts +3 -0
  9. package/dist/gateway-retry.js +30 -0
  10. package/dist/mcp-server.js +1 -1
  11. package/package.json +1 -1
  12. package/templates/manifest.json +9 -9
  13. package/templates/openai-shopping-agent/package-lock.json +4 -4
  14. package/templates/openai-shopping-agent/package.json +1 -1
  15. package/templates/paybond-aws-operator/package-lock.json +4 -4
  16. package/templates/paybond-aws-operator/package.json +1 -1
  17. package/templates/paybond-claude-agents-demo/package-lock.json +4 -4
  18. package/templates/paybond-claude-agents-demo/package.json +1 -1
  19. package/templates/paybond-invoice-agent/requirements.txt +1 -1
  20. package/templates/paybond-mcp-coding-agent/package-lock.json +4 -4
  21. package/templates/paybond-mcp-coding-agent/package.json +1 -1
  22. package/templates/paybond-openai-agents-demo/package-lock.json +4 -4
  23. package/templates/paybond-openai-agents-demo/package.json +1 -1
  24. package/templates/paybond-procurement-agent/package-lock.json +4 -4
  25. package/templates/paybond-procurement-agent/package.json +1 -1
  26. package/templates/paybond-travel-agent/package-lock.json +4 -4
  27. package/templates/paybond-travel-agent/package.json +1 -1
  28. package/templates/paybond-vercel-shopping-agent/package-lock.json +4 -4
  29. package/templates/paybond-vercel-shopping-agent/package.json +1 -1
package/README.md CHANGED
@@ -70,7 +70,7 @@ npx -p @paybond/kit paybond agent sandbox smoke \
70
70
  --format json
71
71
  ```
72
72
 
73
- With `--policy-file`, Kit sends `completion_preset` from the tool's `evidence_preset` and omits `evidence_schema` and `template_id` (Gateway rejects conflicting bootstrap fields). Requires `@paybond/kit` 0.11.9+.
73
+ With `--policy-file`, Kit sends `completion_preset` from the tool's `evidence_preset` and omits `evidence_schema` and `template_id` (Gateway rejects conflicting bootstrap fields). Requires `@paybond/kit` 0.11.10+.
74
74
 
75
75
  `agent sandbox smoke` only requires `@paybond/kit`. Framework demo commands (`agent demo vercel-ai smoke`, etc.) load their optional peers on demand.
76
76
 
@@ -148,6 +148,8 @@ export async function handleDevTrace(ctx, argv) {
148
148
  const server = await startDevTraceServer({
149
149
  port,
150
150
  cwd: ctx.cwd,
151
+ envFile: ctx.globals.envFile,
152
+ hasCredentials: credentials.source !== "missing",
151
153
  onListen(url) {
152
154
  traceUrl = url;
153
155
  ctx.stderr.write(`Paybond dev trace dashboard listening on ${url}\n`);
@@ -161,6 +163,7 @@ export async function handleDevTrace(ctx, argv) {
161
163
  process.once("SIGINT", shutdown);
162
164
  process.once("SIGTERM", shutdown);
163
165
  });
166
+ ctx.stderr.write("Trace dashboard stopped.\n");
164
167
  return {
165
168
  data: {
166
169
  trace_url: traceUrl,
@@ -1,8 +1,40 @@
1
+ const HARBOR_REJECT_PREFIX = "sandbox guardrail Harbor ";
2
+ const HARBOR_GATEWAY_CODES = new Set(["harbor_evidence_failed", "harbor_create_failed"]);
1
3
  function asRecord(value) {
2
4
  return value && typeof value === "object" && !Array.isArray(value)
3
5
  ? value
4
6
  : undefined;
5
7
  }
8
+ function sandboxGuardrailPhaseFromOperation(operation) {
9
+ const lowered = operation.toLowerCase();
10
+ if (lowered.includes("sandbox guardrail evidence")) {
11
+ return "evidence";
12
+ }
13
+ if (lowered.includes("sandbox guardrail bootstrap")) {
14
+ return "bootstrap";
15
+ }
16
+ return undefined;
17
+ }
18
+ function sandboxGuardrailHarborCloudflareFallback(operation) {
19
+ const phase = sandboxGuardrailPhaseFromOperation(operation) ?? "request";
20
+ const hint = phase === "evidence"
21
+ ? "check --result-body includes top-level status and cost_cents"
22
+ : "check sandbox guardrail bootstrap inputs";
23
+ return `sandbox guardrail Harbor ${phase} rejected (gateway unavailable; ${hint})`;
24
+ }
25
+ function cloudflareEdgeSummaryMessage(statusCode, retryAfter) {
26
+ let message = `gateway edge error (HTTP ${statusCode}); upstream response was masked by the edge proxy`;
27
+ if (retryAfter !== undefined) {
28
+ message += `. Retry after ${retryAfter} seconds`;
29
+ }
30
+ return message;
31
+ }
32
+ function formatCloudflareCliMessage(operation, statusCode, retryAfter) {
33
+ if (sandboxGuardrailPhaseFromOperation(operation) !== undefined) {
34
+ return sandboxGuardrailHarborCloudflareFallback(operation);
35
+ }
36
+ return `${operation}: ${cloudflareEdgeSummaryMessage(statusCode, retryAfter)}`;
37
+ }
6
38
  /**
7
39
  * Summarize an HTTP error body for operator-facing CLI output.
8
40
  * Never includes raw edge payloads (Cloudflare ray IDs, zones, HTML, etc.).
@@ -19,17 +51,12 @@ export function summarizeGatewayHttpError(statusCode, bodyText) {
19
51
  const body = JSON.parse(trimmed);
20
52
  if (body.cloudflare_error === true) {
21
53
  const retryAfter = typeof body.retry_after === "number" ? body.retry_after : undefined;
22
- const title = typeof body.title === "string"
23
- ? body.title.replace(/^Error \d+:\s*/i, "")
24
- : "service temporarily unavailable";
25
- let message = `Gateway unavailable (HTTP ${statusCode}): ${title}`;
26
- if (retryAfter !== undefined) {
27
- message += `. Retry after ${retryAfter} seconds.`;
28
- }
54
+ const message = cloudflareEdgeSummaryMessage(statusCode, retryAfter);
29
55
  return {
30
56
  message,
31
57
  details: {
32
58
  gateway_status: statusCode,
59
+ cloudflare_error: true,
33
60
  ...(retryAfter !== undefined ? { retry_after: retryAfter } : {}),
34
61
  },
35
62
  };
@@ -38,12 +65,18 @@ export function summarizeGatewayHttpError(statusCode, bodyText) {
38
65
  if (nested) {
39
66
  const gatewayCode = typeof nested.code === "string" ? nested.code : String(nested.code ?? "");
40
67
  const gatewayMessage = typeof nested.message === "string" ? nested.message : "";
68
+ const harborCode = typeof nested.harbor_code === "string" ? nested.harbor_code : "";
41
69
  if (gatewayMessage) {
70
+ const harborRejection = gatewayMessage.startsWith(HARBOR_REJECT_PREFIX) ||
71
+ harborCode.length > 0 ||
72
+ HARBOR_GATEWAY_CODES.has(gatewayCode);
42
73
  return {
43
74
  message: gatewayMessage,
44
75
  details: {
45
76
  gateway_status: statusCode,
46
77
  ...(gatewayCode ? { gateway_code: gatewayCode } : {}),
78
+ ...(harborCode ? { harbor_code: harborCode } : {}),
79
+ ...(harborRejection ? { harbor_rejection: true } : {}),
47
80
  },
48
81
  };
49
82
  }
@@ -83,12 +116,18 @@ export function summarizeGatewayHttpError(statusCode, bodyText) {
83
116
  export function formatSdkHttpErrorMessage(rawMessage, statusCode, bodyText) {
84
117
  const operation = rawMessage.replace(/ HTTP \d+:[\s\S]*$/u, "").trim() || "Gateway request";
85
118
  const summary = summarizeGatewayHttpError(statusCode, bodyText);
119
+ if (summary.details.harbor_rejection) {
120
+ return summary.message;
121
+ }
122
+ if (summary.details.cloudflare_error === true) {
123
+ const retryAfter = typeof summary.details.retry_after === "number"
124
+ ? summary.details.retry_after
125
+ : undefined;
126
+ return formatCloudflareCliMessage(operation, statusCode, retryAfter);
127
+ }
86
128
  if (summary.message === `Gateway HTTP ${statusCode}`) {
87
129
  return `${operation} HTTP ${statusCode}`;
88
130
  }
89
- if (summary.message.startsWith("Gateway unavailable")) {
90
- return `${operation}: ${summary.message}`;
91
- }
92
131
  return `${operation} HTTP ${statusCode}: ${summary.message}`;
93
132
  }
94
133
  function isSdkHttpErrorLike(err) {
@@ -38,7 +38,10 @@ export declare function appendDevTraceEvent(event: DevTraceEvent, cwd?: string):
38
38
  export declare function devTraceUrl(port?: number, runId?: string): string;
39
39
  /** User-facing startup banner lines for `paybond dev loop`. */
40
40
  export declare function buildDevStartupBannerLines(port?: number): string[];
41
- export declare function devTraceHasCredentials(): boolean;
41
+ export declare function devTraceHasCredentials(options?: {
42
+ cwd?: string;
43
+ envFile?: string;
44
+ }): boolean;
42
45
  export declare function appendDevAuditLog(cwd: string, entry: Record<string, unknown>): Promise<string>;
43
46
  export declare function devTraceStepsFromEvents(events: readonly PaybondTraceEvent[]): DevTraceStep[];
44
47
  /** Reset in-memory dev trace state (tests and local dashboard restarts). */
@@ -1,7 +1,9 @@
1
1
  import { appendFile, mkdir } from "node:fs/promises";
2
2
  import { existsSync } from "node:fs";
3
3
  import { appendFileSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
4
- import { join } from "node:path";
4
+ import { join, isAbsolute, resolve } from "node:path";
5
+ import { readEnvFileValue } from "../cli/credentials.js";
6
+ import { DEFAULT_ENV_FILE } from "../cli/globals.js";
5
7
  export const DEV_TRACE_DEFAULT_PORT = 9477;
6
8
  export const DEV_AUDIT_DIR = ".paybond";
7
9
  export const DEV_AUDIT_FILE = join(DEV_AUDIT_DIR, "dev-audit.jsonl");
@@ -89,8 +91,19 @@ export function buildDevStartupBannerLines(port = DEV_TRACE_DEFAULT_PORT) {
89
91
  `✓ Audit log → ${DEV_AUDIT_FILE}`,
90
92
  ];
91
93
  }
92
- export function devTraceHasCredentials() {
93
- return Boolean(process.env.PAYBOND_API_KEY?.trim());
94
+ export function devTraceHasCredentials(options = {}) {
95
+ if (process.env.PAYBOND_API_KEY?.trim()) {
96
+ return true;
97
+ }
98
+ const envFile = (options.envFile ?? process.env.PAYBOND_ENV_FILE ?? DEFAULT_ENV_FILE).trim();
99
+ const base = options.cwd ?? process.cwd();
100
+ const envPath = isAbsolute(envFile) ? resolve(envFile) : resolve(base, envFile);
101
+ try {
102
+ return Boolean(readEnvFileValue(readFileSync(envPath, "utf8"), "PAYBOND_API_KEY"));
103
+ }
104
+ catch {
105
+ return false;
106
+ }
94
107
  }
95
108
  export async function appendDevAuditLog(cwd, entry) {
96
109
  const dir = join(cwd, DEV_AUDIT_DIR);
@@ -3,6 +3,8 @@ export type DevTraceServerOptions = {
3
3
  port?: number;
4
4
  host?: string;
5
5
  cwd?: string;
6
+ envFile?: string;
7
+ hasCredentials?: boolean;
6
8
  onListen?: (url: string) => void;
7
9
  };
8
10
  export declare function startDevTraceServer(options?: DevTraceServerOptions): Promise<Server>;
@@ -6,6 +6,8 @@ export async function startDevTraceServer(options = {}) {
6
6
  const port = options.port ?? DEV_TRACE_DEFAULT_PORT;
7
7
  const host = options.host ?? "127.0.0.1";
8
8
  const cwd = options.cwd ?? process.cwd();
9
+ const hasCredentials = options.hasCredentials ??
10
+ devTraceHasCredentials({ cwd, envFile: options.envFile });
9
11
  const dashboardHtml = loadDevTraceDashboardHtml();
10
12
  const server = createServer((req, res) => {
11
13
  const url = new URL(req.url ?? "/", `http://${host}:${port}`);
@@ -14,7 +16,7 @@ export async function startDevTraceServer(options = {}) {
14
16
  res.writeHead(200, devTraceResponseHeaders("application/json; charset=utf-8"));
15
17
  res.end(JSON.stringify({
16
18
  events,
17
- has_credentials: devTraceHasCredentials(),
19
+ has_credentials: hasCredentials,
18
20
  }, null, 2));
19
21
  return;
20
22
  }
@@ -1,3 +1,6 @@
1
+ /** Cap Cloudflare edge retry hints so CLI flows do not block for a full minute. */
2
+ export declare const CLOUDFLARE_EDGE_MAX_RETRY_DELAY_MS = 8000;
3
+ export declare function parseCloudflareRetryAfterMs(bodyText: string): number | null;
1
4
  /** True when the body is a Cloudflare-generated edge error (not Paybond gateway JSON). */
2
5
  export declare function isCloudflareEdgeErrorBody(bodyText: string): boolean;
3
6
  /** Whether an HTTP status/body pair should be retried by SDK gateway clients. */
@@ -1,3 +1,21 @@
1
+ /** Cap Cloudflare edge retry hints so CLI flows do not block for a full minute. */
2
+ export const CLOUDFLARE_EDGE_MAX_RETRY_DELAY_MS = 8_000;
3
+ export function parseCloudflareRetryAfterMs(bodyText) {
4
+ if (!isCloudflareEdgeErrorBody(bodyText)) {
5
+ return null;
6
+ }
7
+ try {
8
+ const body = JSON.parse(bodyText.trim());
9
+ const raw = body.retry_after;
10
+ if (typeof raw !== "number" || !Number.isFinite(raw)) {
11
+ return null;
12
+ }
13
+ return Math.min(raw * 1000, CLOUDFLARE_EDGE_MAX_RETRY_DELAY_MS);
14
+ }
15
+ catch {
16
+ return null;
17
+ }
18
+ }
1
19
  /** True when the body is a Cloudflare-generated edge error (not Paybond gateway JSON). */
2
20
  export function isCloudflareEdgeErrorBody(bodyText) {
3
21
  const trimmed = bodyText.trim();
@@ -57,6 +75,7 @@ export function gatewayRetryDelayMs(attempt, retryAfterHeader) {
57
75
  */
58
76
  export async function fetchWithGatewayRetries(url, init, maxRetries) {
59
77
  let lastErr;
78
+ let cloudflareRetries = 0;
60
79
  for (let attempt = 0; attempt < maxRetries; attempt++) {
61
80
  let res;
62
81
  try {
@@ -71,6 +90,17 @@ export async function fetchWithGatewayRetries(url, init, maxRetries) {
71
90
  continue;
72
91
  }
73
92
  if ([429, 500, 502, 503, 504].includes(res.status) && attempt + 1 < maxRetries) {
93
+ const bodyText = await res.clone().text();
94
+ if (isCloudflareEdgeErrorBody(bodyText)) {
95
+ if (cloudflareRetries >= 1) {
96
+ return res;
97
+ }
98
+ cloudflareRetries += 1;
99
+ const delayMs = parseCloudflareRetryAfterMs(bodyText) ??
100
+ gatewayRetryDelayMs(attempt, res.headers.get("retry-after"));
101
+ await new Promise((r) => setTimeout(r, delayMs));
102
+ continue;
103
+ }
74
104
  if (!(await shouldRetryGatewayResponse(res))) {
75
105
  return res;
76
106
  }
@@ -13,7 +13,7 @@ import { McpCapabilityTokenCache, mcpToolStoresCapabilityToken, parseMcpCapabili
13
13
  import { createMcpPolicyGatewayAdapter, McpPolicyReloadGate, parseMcpPolicyReloadConfig, } from "./mcp-policy-reload.js";
14
14
  import { DEFAULT_PAYBOND_GATEWAY_BASE_URL, GatewayFraudClient, GatewaySignalClient, } from "./index.js";
15
15
  const SERVER_NAME = "Paybond MCP";
16
- const SERVER_VERSION = "0.11.9";
16
+ const SERVER_VERSION = "0.11.10";
17
17
  const MCP_PROTOCOL_VERSION = "2025-11-25";
18
18
  const DEFAULT_PRINCIPAL_PATH = "/v1/auth/principal";
19
19
  const DEFAULT_RECOGNITION_VERIFIER_ID = "paybond-gateway";
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@paybond/kit",
3
- "version": "0.11.9",
3
+ "version": "0.11.10",
4
4
  "mcpName": "io.github.nonameuserd/paybond",
5
5
  "description": "Paybond Kit for TypeScript: agent spend governance for paid tool calls with spend authorization, evidence receipts, refunds, disputes, hosted Gateway sessions, and settlement.",
6
6
  "license": "Apache-2.0",
@@ -13,7 +13,7 @@
13
13
  "evidence_preset": "cost_and_completion",
14
14
  "smoke_result_body": { "status": "completed", "cost_cents": 18700 },
15
15
  "dependencies": {
16
- "@paybond/kit": "^0.11.9",
16
+ "@paybond/kit": "^0.11.10",
17
17
  "@langchain/core": "^1.2.1",
18
18
  "@langchain/langgraph": "^1.4.7",
19
19
  "zod": "^4.2.0"
@@ -33,7 +33,7 @@
33
33
  "evidence_preset": "cost_and_completion",
34
34
  "smoke_result_body": { "status": "completed", "cost_cents": 4500 },
35
35
  "dependencies": {
36
- "@paybond/kit": "^0.11.9",
36
+ "@paybond/kit": "^0.11.10",
37
37
  "ai": "^5.0.0",
38
38
  "zod": "^4.2.0"
39
39
  },
@@ -52,7 +52,7 @@
52
52
  "evidence_preset": "cost_and_completion",
53
53
  "smoke_result_body": { "status": "completed", "cost_cents": 2900 },
54
54
  "dependencies": {
55
- "@paybond/kit": "^0.11.9",
55
+ "@paybond/kit": "^0.11.10",
56
56
  "@openai/agents": "^0.4.0",
57
57
  "zod": "^4.2.0"
58
58
  },
@@ -71,7 +71,7 @@
71
71
  "evidence_preset": "cost_and_completion",
72
72
  "smoke_result_body": { "status": "completed", "cost_cents": 4500 },
73
73
  "dependencies": {
74
- "@paybond/kit": "^0.11.9",
74
+ "@paybond/kit": "^0.11.10",
75
75
  "@openai/agents": "^0.4.0",
76
76
  "zod": "^4.2.0"
77
77
  },
@@ -90,7 +90,7 @@
90
90
  "evidence_preset": "cost_and_completion",
91
91
  "smoke_result_body": { "status": "completed", "cost_cents": 18700 },
92
92
  "dependencies": {
93
- "@paybond/kit": "^0.11.9",
93
+ "@paybond/kit": "^0.11.10",
94
94
  "@anthropic-ai/claude-agent-sdk": "^0.2.100",
95
95
  "zod": "^4.2.0"
96
96
  },
@@ -110,7 +110,7 @@
110
110
  "evidence_preset": "cost_and_completion",
111
111
  "smoke_result_body": { "status": "completed", "cost_cents": 500 },
112
112
  "dependencies": {
113
- "@paybond/kit": "^0.11.9"
113
+ "@paybond/kit": "^0.11.10"
114
114
  },
115
115
  "mcp_tool_policy": "spend-write"
116
116
  },
@@ -127,7 +127,7 @@
127
127
  "evidence_preset": "cost_and_completion",
128
128
  "smoke_result_body": { "status": "completed", "cost_cents": 12000 },
129
129
  "dependencies": {
130
- "@paybond/kit": "^0.11.9"
130
+ "@paybond/kit": "^0.11.10"
131
131
  },
132
132
  "demo_mode": "generic"
133
133
  },
@@ -143,7 +143,7 @@
143
143
  "evidence_preset": "cost_and_completion",
144
144
  "smoke_result_body": { "status": "completed", "cost_cents": 12500 },
145
145
  "dependencies": {
146
- "@paybond/kit": "^0.11.9"
146
+ "@paybond/kit": "^0.11.10"
147
147
  },
148
148
  "demo_mode": "generic"
149
149
  },
@@ -159,7 +159,7 @@
159
159
  "evidence_preset": "cost_and_completion",
160
160
  "smoke_result_body": { "status": "completed", "cost_cents": 2900 },
161
161
  "python_dependencies": {
162
- "paybond-kit": ">=0.11.9",
162
+ "paybond-kit": ">=0.11.10",
163
163
  "langgraph": ">=1.2.0"
164
164
  },
165
165
  "demo_import": "paybond_kit.langgraph_sandbox_demo",
@@ -7,7 +7,7 @@
7
7
  "name": "openai-shopping-agent",
8
8
  "dependencies": {
9
9
  "@openai/agents": "^0.4.0",
10
- "@paybond/kit": "^0.11.9",
10
+ "@paybond/kit": "^0.11.10",
11
11
  "zod": "^4.2.0"
12
12
  },
13
13
  "devDependencies": {
@@ -169,9 +169,9 @@
169
169
  }
170
170
  },
171
171
  "node_modules/@paybond/kit": {
172
- "version": "0.11.9",
173
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
174
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
172
+ "version": "0.11.10",
173
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
174
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
175
175
  "license": "Apache-2.0",
176
176
  "dependencies": {
177
177
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation commerce.checkout --requested-spend-cents 4500 --result-body '{\"status\":\"completed\",\"cost_cents\":4500}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9",
11
+ "@paybond/kit": "^0.11.10",
12
12
  "@openai/agents": "^0.4.0",
13
13
  "zod": "^4.2.0"
14
14
  },
@@ -6,7 +6,7 @@
6
6
  "": {
7
7
  "name": "paybond-aws-operator",
8
8
  "dependencies": {
9
- "@paybond/kit": "^0.11.9"
9
+ "@paybond/kit": "^0.11.10"
10
10
  },
11
11
  "devDependencies": {
12
12
  "@types/node": "^22.10.1",
@@ -47,9 +47,9 @@
47
47
  }
48
48
  },
49
49
  "node_modules/@paybond/kit": {
50
- "version": "0.11.9",
51
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
52
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
50
+ "version": "0.11.10",
51
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
52
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
53
53
  "license": "Apache-2.0",
54
54
  "dependencies": {
55
55
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation aws.ec2.start_instance --requested-spend-cents 12500 --result-body '{\"status\":\"completed\",\"cost_cents\":12500}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9"
11
+ "@paybond/kit": "^0.11.10"
12
12
  },
13
13
  "devDependencies": {
14
14
  "@types/node": "^22.10.1",
@@ -7,7 +7,7 @@
7
7
  "name": "paybond-claude-agents-demo",
8
8
  "dependencies": {
9
9
  "@anthropic-ai/claude-agent-sdk": "^0.2.100",
10
- "@paybond/kit": "^0.11.9",
10
+ "@paybond/kit": "^0.11.10",
11
11
  "zod": "^4.2.0"
12
12
  },
13
13
  "devDependencies": {
@@ -260,9 +260,9 @@
260
260
  }
261
261
  },
262
262
  "node_modules/@paybond/kit": {
263
- "version": "0.11.9",
264
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
265
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
263
+ "version": "0.11.10",
264
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
265
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
266
266
  "license": "Apache-2.0",
267
267
  "dependencies": {
268
268
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation travel.book_hotel --requested-spend-cents 18700 --result-body '{\"status\":\"completed\",\"cost_cents\":18700}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9",
11
+ "@paybond/kit": "^0.11.10",
12
12
  "@anthropic-ai/claude-agent-sdk": "^0.2.100",
13
13
  "zod": "^4.2.0"
14
14
  },
@@ -1,2 +1,2 @@
1
- paybond-kit>=0.11.9
1
+ paybond-kit>=0.11.10
2
2
  langgraph>=1.2.0
@@ -6,7 +6,7 @@
6
6
  "": {
7
7
  "name": "paybond-mcp-coding-agent",
8
8
  "dependencies": {
9
- "@paybond/kit": "^0.11.9"
9
+ "@paybond/kit": "^0.11.10"
10
10
  },
11
11
  "devDependencies": {
12
12
  "@types/node": "^22.10.1",
@@ -47,9 +47,9 @@
47
47
  }
48
48
  },
49
49
  "node_modules/@paybond/kit": {
50
- "version": "0.11.9",
51
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
52
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
50
+ "version": "0.11.10",
51
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
52
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
53
53
  "license": "Apache-2.0",
54
54
  "dependencies": {
55
55
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation deploy.preview --requested-spend-cents 500 --result-body '{\"status\":\"completed\",\"cost_cents\":500}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9"
11
+ "@paybond/kit": "^0.11.10"
12
12
  },
13
13
  "devDependencies": {
14
14
  "@types/node": "^22.10.1",
@@ -7,7 +7,7 @@
7
7
  "name": "paybond-openai-agents-demo",
8
8
  "dependencies": {
9
9
  "@openai/agents": "^0.4.0",
10
- "@paybond/kit": "^0.11.9",
10
+ "@paybond/kit": "^0.11.10",
11
11
  "zod": "^4.2.0"
12
12
  },
13
13
  "devDependencies": {
@@ -169,9 +169,9 @@
169
169
  }
170
170
  },
171
171
  "node_modules/@paybond/kit": {
172
- "version": "0.11.9",
173
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
174
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
172
+ "version": "0.11.10",
173
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
174
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
175
175
  "license": "Apache-2.0",
176
176
  "dependencies": {
177
177
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation saas.provision_seat --requested-spend-cents 2900 --result-body '{\"status\":\"completed\",\"cost_cents\":2900}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9",
11
+ "@paybond/kit": "^0.11.10",
12
12
  "@openai/agents": "^0.4.0",
13
13
  "zod": "^4.2.0"
14
14
  },
@@ -6,7 +6,7 @@
6
6
  "": {
7
7
  "name": "paybond-procurement-agent",
8
8
  "dependencies": {
9
- "@paybond/kit": "^0.11.9"
9
+ "@paybond/kit": "^0.11.10"
10
10
  },
11
11
  "devDependencies": {
12
12
  "@types/node": "^22.10.1",
@@ -47,9 +47,9 @@
47
47
  }
48
48
  },
49
49
  "node_modules/@paybond/kit": {
50
- "version": "0.11.9",
51
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
52
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
50
+ "version": "0.11.10",
51
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
52
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
53
53
  "license": "Apache-2.0",
54
54
  "dependencies": {
55
55
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation procurement.submit_po --requested-spend-cents 12000 --result-body '{\"status\":\"completed\",\"cost_cents\":12000}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9"
11
+ "@paybond/kit": "^0.11.10"
12
12
  },
13
13
  "devDependencies": {
14
14
  "@types/node": "^22.10.1",
@@ -8,7 +8,7 @@
8
8
  "dependencies": {
9
9
  "@langchain/core": "^1.2.1",
10
10
  "@langchain/langgraph": "^1.4.7",
11
- "@paybond/kit": "^0.11.9",
11
+ "@paybond/kit": "^0.11.10",
12
12
  "zod": "^4.2.0"
13
13
  },
14
14
  "devDependencies": {
@@ -178,9 +178,9 @@
178
178
  }
179
179
  },
180
180
  "node_modules/@paybond/kit": {
181
- "version": "0.11.9",
182
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
183
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
181
+ "version": "0.11.10",
182
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
183
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
184
184
  "license": "Apache-2.0",
185
185
  "dependencies": {
186
186
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation travel.book_hotel --requested-spend-cents 18700 --result-body '{\"status\":\"completed\",\"cost_cents\":18700}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9",
11
+ "@paybond/kit": "^0.11.10",
12
12
  "@langchain/core": "^1.2.1",
13
13
  "@langchain/langgraph": "^1.4.7",
14
14
  "zod": "^4.2.0"
@@ -6,7 +6,7 @@
6
6
  "": {
7
7
  "name": "paybond-vercel-shopping-agent",
8
8
  "dependencies": {
9
- "@paybond/kit": "^0.11.9",
9
+ "@paybond/kit": "^0.11.10",
10
10
  "ai": "^5.0.0",
11
11
  "zod": "^4.2.0"
12
12
  },
@@ -104,9 +104,9 @@
104
104
  }
105
105
  },
106
106
  "node_modules/@paybond/kit": {
107
- "version": "0.11.9",
108
- "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.9.tgz",
109
- "integrity": "sha512-3SwblhlnrlcI8BJB8MY4TQ4phGkImx+xzQN3h9rWregkLtqCm/z3fsaJopAf1UiiGVSi8FMGlLerDBQhpfSeow==",
107
+ "version": "0.11.10",
108
+ "resolved": "https://registry.npmjs.org/@paybond/kit/-/kit-0.11.10.tgz",
109
+ "integrity": "sha512-RURqB5veDSVtWgeIsmgWI1+CgSyAudhZjhbRt6M9EOVbFF/47yYQLGIXbnqrxpthfV98jPE35p+4k0qtKLw/mw==",
110
110
  "license": "Apache-2.0",
111
111
  "dependencies": {
112
112
  "@noble/ed25519": "^2.2.1",
@@ -8,7 +8,7 @@
8
8
  "smoke": "paybond agent sandbox smoke --policy-file paybond.policy.yaml --operation commerce.checkout --requested-spend-cents 4500 --result-body '{\"status\":\"completed\",\"cost_cents\":4500}' --format json"
9
9
  },
10
10
  "dependencies": {
11
- "@paybond/kit": "^0.11.9",
11
+ "@paybond/kit": "^0.11.10",
12
12
  "ai": "^5.0.0",
13
13
  "zod": "^4.2.0"
14
14
  },