@pikku/inspector 0.12.0 → 0.12.1

package/dist/utils/contract-hashes.d.ts

@@ -1,18 +1,35 @@
-import { FunctionsMeta, JSONValue } from '@pikku/core';
-import { TypesMap } from '../types-map.js';
+import type { FunctionsMeta, JSONValue } from '@pikku/core';
+import type { TypesMap } from '../types-map.js';
 import { ErrorCode } from '../error-codes.js';
 export type ContractEntry = {
     functionKey: string;
     version: number;
     contractHash: string;
+    inputHash: string;
+    outputHash: string;
 };
 export type VersionValidateError = {
     code: ErrorCode;
     message: string;
+    functionKey?: string;
+    version?: number;
+    previousHash?: string;
+    currentHash?: string;
+    previousInputHash?: string;
+    currentInputHash?: string;
+    previousOutputHash?: string;
+    currentOutputHash?: string;
+    nextVersion?: number;
+    latestVersion?: number;
+    expectedNextVersion?: number;
+};
+export type VersionHashEntry = {
+    inputHash: string;
+    outputHash: string;
 };
 export type VersionManifestEntry = {
     latest: number;
-    versions: Record<string, string>;
+    versions: Record<string, string | VersionHashEntry>;
 };
 export type VersionManifest = {
     manifestVersion: 1;

package/dist/utils/contract-hashes.js

@@ -1,6 +1,9 @@
 import { parseVersionedId } from '@pikku/core';
 import { ErrorCode } from '../error-codes.js';
 import { canonicalJSON, hashString } from './hash.js';
+function isHashEntry(v) {
+    return typeof v === 'object';
+}
 export function createEmptyManifest() {
     return {
         manifestVersion: 1,
@@ -32,6 +35,12 @@ export function serializeManifest(manifest) {
 export function computeContractHash(data) {
     return hashString(canonicalJSON(data), 16);
 }
+function computeInputHash(functionKey, inputSchema) {
+    return hashString(canonicalJSON({ functionKey, inputSchema }), 8);
+}
+function computeOutputHash(functionKey, outputSchema) {
+    return hashString(canonicalJSON({ functionKey, outputSchema }), 8);
+}
 function resolveSchema(typeNames, allSchemas, typesMap) {
     if (!typeNames) {
         return null;
@@ -75,7 +84,15 @@ export function buildCurrentContracts(functionsMeta, allSchemas, typesMap) {
             inputSchema,
             outputSchema,
         });
-        result.set(funcId, { functionKey, version, contractHash });
+        const inputHash = computeInputHash(functionKey, inputSchema);
+        const outputHash = computeOutputHash(functionKey, outputSchema);
+        result.set(funcId, {
+            functionKey,
+            version,
+            contractHash,
+            inputHash,
+            outputHash,
+        });
     }
     return result;
 }
@@ -85,6 +102,8 @@ export function computeContractHashes(allSchemas, typesMap, functionsMeta) {
         const meta = functionsMeta[funcId];
         if (meta) {
             meta.contractHash = entry.contractHash;
+            meta.inputHash = entry.inputHash;
+            meta.outputHash = entry.outputHash;
         }
     }
     return contracts;
@@ -98,6 +117,13 @@ function groupByFunctionKey(contracts) {
     }
     return grouped;
 }
+function entryChanged(existing, current) {
+    if (isHashEntry(existing)) {
+        return (existing.inputHash !== current.inputHash ||
+            existing.outputHash !== current.outputHash);
+    }
+    return existing !== current.contractHash;
+}
 export function validateContracts(manifest, currentContracts) {
     const errors = [];
     const grouped = groupByFunctionKey(currentContracts);
@@ -107,14 +133,31 @@ export function validateContracts(manifest, currentContracts) {
         if (!manifestEntry) {
             continue;
         }
-        for (const { version, contractHash } of entries) {
-            const existingHash = manifestEntry.versions[String(version)];
-            if (existingHash !== undefined) {
-                if (existingHash !== contractHash) {
+        for (const current of entries) {
+            const { version, contractHash, inputHash, outputHash } = current;
+            const existingEntry = manifestEntry.versions[String(version)];
+            if (existingEntry !== undefined) {
+                if (entryChanged(existingEntry, current)) {
                     reportedKeys.add(`${functionKey}@${version}`);
+                    const prevInputHash = isHashEntry(existingEntry)
+                        ? existingEntry.inputHash
+                        : existingEntry;
+                    const prevOutputHash = isHashEntry(existingEntry)
+                        ? existingEntry.outputHash
+                        : existingEntry;
                     errors.push({
                         code: ErrorCode.FUNCTION_VERSION_MODIFIED,
-                        message: `Contract for ${functionKey}@v${version} has changed (recorded: ${existingHash}, current: ${contractHash}). Existing versions are immutable.`,
+                        message: `Contract for ${functionKey}@v${version} has changed (recorded: ${isHashEntry(existingEntry) ? `${existingEntry.inputHash}/${existingEntry.outputHash}` : existingEntry}, current: ${contractHash}). Existing versions are immutable.`,
+                        functionKey,
+                        version,
+                        previousHash: isHashEntry(existingEntry)
+                            ? existingEntry.inputHash
+                            : existingEntry,
+                        currentHash: contractHash,
+                        previousInputHash: prevInputHash,
+                        currentInputHash: inputHash,
+                        previousOutputHash: prevOutputHash,
+                        currentOutputHash: outputHash,
                     });
                 }
             }
@@ -123,30 +166,49 @@ export function validateContracts(manifest, currentContracts) {
                     errors.push({
                         code: ErrorCode.VERSION_REGRESSION_OR_CONFLICT,
                         message: `Version ${version} for ${functionKey} is <= latest (${manifestEntry.latest}) but not recorded. Possible merge conflict.`,
+                        functionKey,
+                        version,
+                        latestVersion: manifestEntry.latest,
                     });
                 }
                 else if (version > manifestEntry.latest + 1) {
                     errors.push({
                         code: ErrorCode.VERSION_GAP_NOT_ALLOWED,
                         message: `Version ${version} for ${functionKey} skips versions. Latest is ${manifestEntry.latest}, next must be ${manifestEntry.latest + 1}.`,
+                        functionKey,
+                        version,
+                        latestVersion: manifestEntry.latest,
+                        expectedNextVersion: manifestEntry.latest + 1,
                     });
                 }
             }
         }
     }
     for (const [functionKey, manifestEntry] of Object.entries(manifest.contracts)) {
-        const latestHash = manifestEntry.versions[String(manifestEntry.latest)];
+        const latestEntry = manifestEntry.versions[String(manifestEntry.latest)];
         const currentEntries = grouped.get(functionKey);
         if (!currentEntries) {
             continue;
         }
         const currentLatest = currentEntries.find((e) => e.version === manifestEntry.latest);
         if (currentLatest &&
-            currentLatest.contractHash !== latestHash &&
+            entryChanged(latestEntry, currentLatest) &&
             !reportedKeys.has(`${functionKey}@${manifestEntry.latest}`)) {
+            const prevInputHash = isHashEntry(latestEntry)
+                ? latestEntry.inputHash
+                : undefined;
+            const prevOutputHash = isHashEntry(latestEntry)
+                ? latestEntry.outputHash
+                : undefined;
             errors.push({
                 code: ErrorCode.CONTRACT_CHANGED_REQUIRES_BUMP,
                 message: `Contract for ${functionKey} changed. Set \`version: ${manifestEntry.latest + 1}\` on the function or run 'pikku versions update'.`,
+                functionKey,
+                previousInputHash: prevInputHash,
+                currentInputHash: currentLatest.inputHash,
+                previousOutputHash: prevOutputHash,
+                currentOutputHash: currentLatest.outputHash,
+                nextVersion: manifestEntry.latest + 1,
             });
         }
     }
@@ -160,6 +222,9 @@ export function validateContracts(manifest, currentContracts) {
             errors.push({
                 code: ErrorCode.MANIFEST_INTEGRITY_ERROR,
                 message: `Manifest integrity error for ${functionKey}: latest field (${manifestEntry.latest}) inconsistent with version keys (max: ${maxVersion}).`,
+                functionKey,
+                latestVersion: manifestEntry.latest,
+                expectedNextVersion: maxVersion,
             });
         }
     }
@@ -176,8 +241,8 @@ export function updateManifest(existing, currentContracts) {
             manifest.contracts[functionKey] = { latest: 0, versions: {} };
         }
         const entry = manifest.contracts[functionKey];
-        for (const { version, contractHash } of entries) {
-            entry.versions[String(version)] = contractHash;
+        for (const { version, inputHash, outputHash } of entries) {
+            entry.versions[String(version)] = { inputHash, outputHash };
             entry.latest = Math.max(entry.latest, version);
         }
     }
@@ -196,6 +261,8 @@ export function extractContractsFromMeta(functionsMeta) {
             functionKey,
             version,
             contractHash: meta.contractHash,
+            inputHash: meta.inputHash ?? '',
+            outputHash: meta.outputHash ?? '',
         });
     }
     return result;

package/dist/utils/custom-types-generator.d.ts

@@ -1,4 +1,4 @@
-import { TypesMap } from '../types-map.js';
+import type { TypesMap } from '../types-map.js';
 /**
  * NOTE: Code generation normally belongs in @pikku/cli, not the inspector.
  * This is here because the schema generator needs the custom types content

package/dist/utils/detect-schema-vendor.d.ts

@@ -1,4 +1,4 @@
-import * as ts from 'typescript';
+import type * as ts from 'typescript';
 import type { SchemaVendor, InspectorLogger } from '../types.js';
 /**
  * Detect the schema vendor by tracing the type back to its library origin.

package/dist/utils/does-type-extend-core-type.d.ts

@@ -1,2 +1,2 @@
-import * as ts from 'typescript';
+import type * as ts from 'typescript';
 export declare const doesTypeExtendsCore: (type: ts.Type, checker: ts.TypeChecker, visitedTypes: Set<ts.Type>, coreType: string) => boolean;

package/dist/utils/ensure-function-metadata.d.ts

@@ -1,5 +1,5 @@
 import * as ts from 'typescript';
-import { InspectorState } from '../types.js';
+import type { InspectorState } from '../types.js';
 /**
  * Ensures that function metadata exists for a given pikkuFuncId.
  * Creates stub metadata if it doesn't exist (useful for inline functions).

package/dist/utils/extract-services.d.ts

@@ -1,5 +1,5 @@
 import * as ts from 'typescript';
-import { FunctionServicesMeta, FunctionWiresMeta } from '@pikku/core';
+import type { FunctionServicesMeta, FunctionWiresMeta } from '@pikku/core';
 /**
  * Extract services from a function's first parameter destructuring pattern
  */

package/dist/utils/filter-inspector-state.d.ts

@@ -1,4 +1,4 @@
-import { InspectorState, InspectorFilters, InspectorLogger } from '../types.js';
+import type { InspectorState, InspectorFilters, InspectorLogger } from '../types.js';
 /**
  * Filters inspector state based on provided filters
  * This is applied post-inspection to support the inspect-once, filter-many pattern

package/dist/utils/filter-utils.d.ts

@@ -1,5 +1,5 @@
-import { InspectorFilters, InspectorLogger } from '../types.js';
-import { PikkuWiringTypes } from '@pikku/core';
+import type { InspectorFilters, InspectorLogger } from '../types.js';
+import type { PikkuWiringTypes } from '@pikku/core';
 /**
  * Match a value against a pattern with wildcard support
  * Supports "*" at the beginning, end, or both (e.g., "send*", "*Payment", "*process*")

package/dist/utils/get-files-and-methods.d.ts

@@ -1,4 +1,4 @@
-import { PathToNameAndType, InspectorState, InspectorOptions } from '../types.js';
+import type { PathToNameAndType, InspectorState, InspectorOptions } from '../types.js';
 interface Meta {
     file: string;
     variable: string;

package/dist/utils/middleware.d.ts

@@ -1,6 +1,6 @@
 import * as ts from 'typescript';
-import { MiddlewareMetadata } from '@pikku/core';
-import { InspectorState } from '../types.js';
+import type { MiddlewareMetadata } from '@pikku/core';
+import type { InspectorState } from '../types.js';
 export interface MiddlewareRef {
     definitionId: string;
     isFactoryCall: boolean;

package/dist/utils/permissions.d.ts

@@ -1,6 +1,6 @@
 import * as ts from 'typescript';
-import { PermissionMetadata } from '@pikku/core';
-import { InspectorState } from '../types.js';
+import type { PermissionMetadata } from '@pikku/core';
+import type { InspectorState } from '../types.js';
 /**
  * Extract permission pikkuFuncIds from an expression (array or object literal)
  * Resolves each identifier to its pikkuFuncId using extractFunctionName

package/dist/utils/post-process.d.ts

@@ -1,5 +1,5 @@
-import { InspectorState, InspectorLogger, InspectorOptions, InspectorModelConfig, ExternalPackageConfig } from '../types.js';
-import { MiddlewareMetadata, PermissionMetadata } from '@pikku/core';
+import type { InspectorState, InspectorLogger, InspectorOptions, InspectorModelConfig } from '../types.js';
+import type { MiddlewareMetadata, PermissionMetadata } from '@pikku/core';
 /**
  * Helper to extract wire-level middleware/permission names from metadata.
  * Only extracts type:'wire' variants (individual middleware/permissions).
@@ -14,7 +14,8 @@ export declare function extractWireNames(list?: MiddlewareMetadata[] | Permissio
  * in the add-* methods during AST traversal for efficiency.
  */
 export declare function aggregateRequiredServices(state: InspectorState | Omit<InspectorState, 'typesLookup'>): void;
-export declare function validateSecretOverrides(logger: InspectorLogger, state: InspectorState | Omit<InspectorState, 'typesLookup'>, externalPackages?: Record<string, ExternalPackageConfig>): void;
+export declare function validateSecretOverrides(logger: InspectorLogger, state: InspectorState | Omit<InspectorState, 'typesLookup'>): void;
+export declare function validateVariableOverrides(logger: InspectorLogger, state: InspectorState | Omit<InspectorState, 'typesLookup'>): void;
 export declare function computeResolvedIOTypes(state: InspectorState): void;
 export declare function computeMiddlewareGroupsMeta(state: InspectorState): void;
 export declare function computePermissionsGroupsMeta(state: InspectorState): void;

package/dist/utils/post-process.js

@@ -161,17 +161,34 @@ export function aggregateRequiredServices(state) {
         });
     }
 }
-export function validateSecretOverrides(logger, state, externalPackages) {
-    if (!externalPackages)
+export function validateSecretOverrides(logger, state) {
+    const { wireAddonDeclarations } = state.rpc;
+    if (!wireAddonDeclarations || wireAddonDeclarations.size === 0)
         return;
     const secretNames = new Set(state.secrets.definitions.map((d) => d.name));
-    for (const [namespace, pkgConfig] of Object.entries(externalPackages)) {
-        if (!pkgConfig.secretOverrides)
+    for (const [namespace, addonDecl] of wireAddonDeclarations.entries()) {
+        if (!addonDecl.secretOverrides)
             continue;
-        for (const secretKey of Object.keys(pkgConfig.secretOverrides)) {
+        for (const secretKey of Object.keys(addonDecl.secretOverrides)) {
             if (!secretNames.has(secretKey)) {
                 const availableSecrets = Array.from(secretNames);
-                logger.critical(ErrorCode.INVALID_VALUE, `Secret override '${secretKey}' in external package '${namespace}' (${pkgConfig.package}) does not exist. Available secrets: ${availableSecrets.join(', ') || 'none'}`);
+                logger.critical(ErrorCode.INVALID_VALUE, `Secret override '${secretKey}' in addon '${namespace}' (${addonDecl.package}) does not exist. Available secrets: ${availableSecrets.join(', ') || 'none'}`);
+            }
+        }
+    }
+}
+export function validateVariableOverrides(logger, state) {
+    const { wireAddonDeclarations } = state.rpc;
+    if (!wireAddonDeclarations || wireAddonDeclarations.size === 0)
+        return;
+    const variableNames = new Set(state.variables.definitions.map((d) => d.name));
+    for (const [namespace, addonDecl] of wireAddonDeclarations.entries()) {
+        if (!addonDecl.variableOverrides)
+            continue;
+        for (const variableKey of Object.keys(addonDecl.variableOverrides)) {
+            if (!variableNames.has(variableKey)) {
+                const availableVariables = Array.from(variableNames);
+                logger.critical(ErrorCode.INVALID_VALUE, `Variable override '${variableKey}' in addon '${namespace}' (${addonDecl.package}) does not exist. Available variables: ${availableVariables.join(', ') || 'none'}`);
             }
         }
     }
@@ -277,7 +294,7 @@ export function computeRequiredSchemas(state, options) {
     const schemasFromTypes = options.schemaConfig?.schemasFromTypes;
     state.requiredSchemas = new Set([
         ...Object.values(functions.meta)
-            .map(({ inputs, outputs }) => {
+            .flatMap(({ inputs, outputs }) => {
             const types = [];
             if (inputs?.[0]) {
                 try {
@@ -297,7 +314,6 @@ export function computeRequiredSchemas(state, options) {
             }
             return types;
         })
-            .flat()
             .filter((s) => !!s && !PRIMITIVE_TYPES.has(s)),
         ...functions.typesMap.customTypes.keys(),
         ...(schemasFromTypes || []),

package/dist/utils/resolve-addon-package.d.ts

@@ -0,0 +1,16 @@
+import * as ts from 'typescript';
+/**
+ * Resolve the addon package name from an imported identifier.
+ * Checks if the identifier's import module specifier matches any
+ * configured addon package.
+ *
+ * This is a general utility — any wire handler that processes a `func`
+ * property can use it to detect when the function comes from an
+ * addon package.
+ */
+export declare const resolveAddonName: (identifier: ts.Identifier, checker: ts.TypeChecker, wireAddonDeclarations?: Map<string, {
+    package: string;
+    rpcEndpoint?: string;
+    secretOverrides?: Record<string, string>;
+    variableOverrides?: Record<string, string>;
+}>) => string | null;

package/dist/utils/{resolve-external-package.js → resolve-addon-package.js}

@@ -1,15 +1,15 @@
 import * as ts from 'typescript';
 /**
- * Resolve the external package name from an imported identifier.
+ * Resolve the addon package name from an imported identifier.
  * Checks if the identifier's import module specifier matches any
- * configured external package.
+ * configured addon package.
  *
  * This is a general utility — any wire handler that processes a `func`
  * property can use it to detect when the function comes from an
- * external package.
+ * addon package.
  */
-export const resolveExternalPackageName = (identifier, checker, externalPackages) => {
-    if (!externalPackages || Object.keys(externalPackages).length === 0) {
+export const resolveAddonName = (identifier, checker, wireAddonDeclarations) => {
+    if (!wireAddonDeclarations || wireAddonDeclarations.size === 0) {
         return null;
     }
     const sym = checker.getSymbolAtLocation(identifier);
@@ -25,9 +25,9 @@ export const resolveExternalPackageName = (identifier, checker, externalPackages
     if (!ts.isStringLiteral(importDecl.moduleSpecifier))
         return null;
     const moduleSpecifier = importDecl.moduleSpecifier.text;
-    for (const config of Object.values(externalPackages)) {
-        if (config.package === moduleSpecifier) {
-            return config.package;
+    for (const addonDecl of wireAddonDeclarations.values()) {
+        if (addonDecl.package === moduleSpecifier) {
+            return addonDecl.package;
         }
     }
     return null;

package/dist/utils/schema-generator.d.ts

@@ -1,5 +1,5 @@
-import { JSONValue } from '@pikku/core';
-import { InspectorLogger, InspectorState } from '../types.js';
+import type { JSONValue } from '@pikku/core';
+import type { InspectorLogger, InspectorState } from '../types.js';
 export declare function generateAllSchemas(logger: InspectorLogger, config: {
     tsconfig: string;
     schemasFromTypes?: string[];

package/dist/utils/serialize-inspector-state.d.ts

@@ -1,5 +1,5 @@
-import { JSONValue } from '@pikku/core';
-import { InspectorDiagnostic, InspectorState } from '../types.js';
+import type { JSONValue } from '@pikku/core';
+import type { InspectorDiagnostic, InspectorState } from '../types.js';
 /**
  * Serializable version of InspectorState that can be saved to JSON
  * Omits typesLookup (contains non-serializable ts.Type objects) and converts Maps/Sets to arrays
@@ -163,7 +163,17 @@ export interface SerializableInspectorState {
             exportedName: string;
         }]>;
         invokedFunctions: string[];
-        usedExternalPackages: string[];
+        usedAddons: string[];
+        wireAddonDeclarations: Array<[
+            string,
+            {
+                package: string;
+                rpcEndpoint?: string;
+                secretOverrides?: Record<string, string>;
+                variableOverrides?: Record<string, string>;
+            }
+        ]>;
+        wireAddonFiles: string[];
     };
     mcpEndpoints: {
         resourcesMeta: InspectorState['mcpEndpoints']['resourcesMeta'];

package/dist/utils/serialize-inspector-state.js

@@ -70,7 +70,9 @@ export function serializeInspectorState(state) {
             exposedMeta: state.rpc.exposedMeta,
             exposedFiles: Array.from(state.rpc.exposedFiles.entries()),
             invokedFunctions: Array.from(state.rpc.invokedFunctions),
-            usedExternalPackages: Array.from(state.rpc.usedExternalPackages),
+            usedAddons: Array.from(state.rpc.usedAddons),
+            wireAddonDeclarations: Array.from(state.rpc.wireAddonDeclarations.entries()),
+            wireAddonFiles: Array.from(state.rpc.wireAddonFiles),
         },
         mcpEndpoints: {
             resourcesMeta: state.mcpEndpoints.resourcesMeta,
@@ -205,7 +207,9 @@ export function deserializeInspectorState(data) {
             exposedMeta: data.rpc.exposedMeta,
             exposedFiles: new Map(data.rpc.exposedFiles),
             invokedFunctions: new Set(data.rpc.invokedFunctions),
-            usedExternalPackages: new Set(data.rpc.usedExternalPackages || []),
+            usedAddons: new Set(data.rpc.usedAddons || []),
+            wireAddonDeclarations: new Map(data.rpc.wireAddonDeclarations || []),
+            wireAddonFiles: new Set(data.rpc.wireAddonFiles || []),
         },
         mcpEndpoints: {
             resourcesMeta: data.mcpEndpoints.resourcesMeta,

package/dist/utils/validate-auth-sessionless.d.ts

@@ -0,0 +1,3 @@
+import * as ts from 'typescript';
+import type { InspectorLogger, InspectorState } from '../types.js';
+export declare function validateAuthSessionless(logger: InspectorLogger, obj: ts.ObjectLiteralExpression, state: InspectorState, funcName: string, wireDescription: string, inheritedAuth?: boolean): boolean;

package/dist/utils/validate-auth-sessionless.js

@@ -0,0 +1,14 @@
+import { getPropertyValue } from './get-property-value.js';
+import { ErrorCode } from '../error-codes.js';
+export function validateAuthSessionless(logger, obj, state, funcName, wireDescription, inheritedAuth) {
+    const fnMeta = state.functions.meta[funcName];
+    if (!fnMeta)
+        return true;
+    const routeAuth = getPropertyValue(obj, 'auth');
+    const resolvedAuth = routeAuth === true || routeAuth === false ? routeAuth : inheritedAuth;
+    if (resolvedAuth === false && fnMeta.sessionless === false) {
+        logger.critical(ErrorCode.AUTH_DISABLED_REQUIRES_SESSIONLESS, `${wireDescription} has auth disabled but function '${funcName}' uses pikkuFunc (requires session). Use pikkuSessionlessFunc instead.`);
+        return false;
+    }
+    return true;
+}

package/dist/utils/workflow/dsl/extract-dsl-workflow.d.ts

@@ -1,5 +1,5 @@
 import * as ts from 'typescript';
-import { WorkflowStepMeta, WorkflowContext } from '@pikku/core/workflow';
+import type { WorkflowStepMeta, WorkflowContext } from '@pikku/core/workflow';
 /**
  * Result of simple workflow extraction
  */

package/dist/visit.d.ts

@@ -1,4 +1,4 @@
 import * as ts from 'typescript';
-import { InspectorState, InspectorLogger, InspectorOptions } from './types.js';
+import type { InspectorState, InspectorLogger, InspectorOptions } from './types.js';
 export declare const visitSetup: (logger: InspectorLogger, checker: ts.TypeChecker, node: ts.Node, state: InspectorState, options: InspectorOptions) => void;
 export declare const visitRoutes: (logger: InspectorLogger, checker: ts.TypeChecker, node: ts.Node, state: InspectorState, options: InspectorOptions) => void;

package/dist/visit.js

@@ -12,6 +12,7 @@ import { addMCPPrompt } from './add/add-mcp-prompt.js';
 import { addFunctions } from './add/add-functions.js';
 import { addChannel } from './add/add-channel.js';
 import { addRPCInvocations } from './add/add-rpc-invocations.js';
+import { addWireAddon } from './add/add-wire-addon.js';
 import { addMiddleware } from './add/add-middleware.js';
 import { addPermission } from './add/add-permission.js';
 import { addCLI, addCLIRenderers } from './add/add-cli.js';
@@ -28,6 +29,7 @@ export const visitSetup = (logger, checker, node, state, options) => {
     addFileWithFactory(node, checker, state.wireServicesFactories, 'CreateWireServices', state);
     addFileWithFactory(node, checker, state.configFactories, 'CreateConfig');
     addRPCInvocations(node, state, logger);
+    addWireAddon(node, state, logger);
     addMiddleware(logger, node, checker, state, options);
     addPermission(logger, node, checker, state, options);
     addWorkflow(logger, node, checker, state, options);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pikku/inspector",
-  "version": "0.12.0",
+  "version": "0.12.1",
   "author": "yasser.fadl@gmail.com",
   "license": "BUSL-1.1",
   "type": "module",
@@ -34,7 +34,7 @@
   },
   "dependencies": {
     "@openapi-contrib/json-schema-to-openapi-schema": "^4.3.1",
-    "@pikku/core": "^0.12.0",
+    "@pikku/core": "^0.12.1",
     "path-to-regexp": "^8.3.0",
     "ts-json-schema-generator": "^2.5.0",
     "tsx": "^4.21.0",

package/src/add/add-ai-agent.ts

@@ -4,7 +4,7 @@ import {
   getCommonWireMetaData,
 } from '../utils/get-property-value.js'
 import { extractWireNames } from '../utils/post-process.js'
-import { AddWiring, InspectorLogger, SchemaRef } from '../types.js'
+import type { AddWiring, InspectorLogger, SchemaRef } from '../types.js'
 import {
   extractFunctionName,
   funcIdToTypeName,
@@ -63,7 +63,7 @@ function resolveToolReferences(
         }
       }
 
-      if (calleeName === 'external') {
+      if (calleeName === 'addon') {
         const [firstArg] = element.arguments
         if (firstArg && ts.isStringLiteral(firstArg)) {
           resolved.push(firstArg.text)

package/src/add/add-channel.ts

@@ -18,6 +18,7 @@ import {
 } from '../utils/middleware.js'
 import { extractWireNames } from '../utils/post-process.js'
 import { resolveIdentifier } from '../utils/resolve-identifier.js'
+import { validateAuthSessionless } from '../utils/validate-auth-sessionless.js'
 
 /**
  * Safely get the "initializer" expression of a property-like AST node:
@@ -611,6 +612,26 @@ export const addChannel: AddWiring = (
     state.serviceAggregation.usedMiddleware.add(name)
   )
 
+  // --- validate auth/sessionless ---
+  const handlersToValidate = [
+    connectFuncId,
+    disconnectFuncId,
+    message?.pikkuFuncId,
+  ].filter(Boolean) as string[]
+  for (const funcId of handlersToValidate) {
+    if (
+      !validateAuthSessionless(
+        logger,
+        obj,
+        state,
+        funcId,
+        `Channel '${name}'`
+      )
+    ) {
+      return
+    }
+  }
+
   state.channels.files.add(node.getSourceFile().fileName)
   state.channels.meta[name] = {
     name,