@primitivedotdev/sdk 1.2.1 → 1.4.0

package/dist/{api-JvyzQsXn.js → api-DoB7DrgV.js}

@@ -615,6 +615,8 @@ const client$1 = createClient(createConfig({ baseUrl: "https://api.primitive.dev
 var sdk_gen_exports = /* @__PURE__ */ __exportAll({
 	addDomain: () => addDomain,
 	cliLogout: () => cliLogout,
+	createAgentAccount: () => createAgentAccount,
+	createAgentClaimLink: () => createAgentClaimLink,
 	createEndpoint: () => createEndpoint,
 	createFilter: () => createFilter,
 	createFunction: () => createFunction,
@@ -663,6 +665,7 @@ var sdk_gen_exports = /* @__PURE__ */ __exportAll({
 	sendEmail: () => sendEmail,
 	setFunctionRoute: () => setFunctionRoute,
 	setFunctionSecret: () => setFunctionSecret,
+	startAgentClaim: () => startAgentClaim,
 	startAgentSignup: () => startAgentSignup,
 	startCliLogin: () => startCliLogin,
 	startCliSignup: () => startCliSignup,
@@ -674,6 +677,7 @@ var sdk_gen_exports = /* @__PURE__ */ __exportAll({
 	updateEndpoint: () => updateEndpoint,
 	updateFilter: () => updateFilter,
 	updateFunction: () => updateFunction,
+	verifyAgentClaim: () => verifyAgentClaim,
 	verifyAgentSignup: () => verifyAgentSignup,
 	verifyCliSignup: () => verifyCliSignup,
 	verifyDomain: () => verifyDomain
@@ -818,6 +822,92 @@ const verifyAgentSignup = (options) => (options.client ?? client$1).post({
 	}
 });
 /**
+* Create an emailless agent account
+*
+* Creates an emailless agent account without authentication and returns a
+* one-time API key (prefixed `prim_`) plus a provisioned managed inbox.
+* The account is on the `agent` plan: reply-only (it can send only to
+* addresses that have already sent it authenticated mail) with tight send
+* limits. Use the returned `api_key` as a Bearer token on later calls. The
+* account can be upgraded to a full developer account by confirming an
+* email through the claim flow. This endpoint does not require an API key.
+*
+*/
+const createAgentAccount = (options) => (options.client ?? client$1).post({
+	url: "/agent/accounts",
+	...options,
+	headers: {
+		...options.body !== void 0 && { "Content-Type": "application/json" },
+		...options.headers
+	}
+});
+/**
+* Start an agent account email claim
+*
+* Begins upgrading an emailless `agent` account into a full `developer`
+* account by confirming an email address. Authenticated by the agent's own
+* API key (the org is taken from the credential). Sends a verification
+* code to the supplied email and returns the claim session id plus resend
+* timing. Submit the code to `/agent/claim/verify` to complete the
+* upgrade. Confirming an email that already belongs to a Primitive account
+* is rejected.
+*
+*/
+const startAgentClaim = (options) => (options.client ?? client$1).post({
+	security: [{
+		scheme: "bearer",
+		type: "http"
+	}],
+	url: "/agent/claim/start",
+	...options,
+	headers: {
+		...options.body !== void 0 && { "Content-Type": "application/json" },
+		...options.headers
+	}
+});
+/**
+* Verify an agent account email claim
+*
+* Confirms the verification code emailed by `/agent/claim/start` and
+* upgrades the account to the `developer` plan. The org id, API key, and
+* managed inbox all carry over; the send cap lifts. Authenticated by the
+* agent's own API key.
+*
+*/
+const verifyAgentClaim = (options) => (options.client ?? client$1).post({
+	security: [{
+		scheme: "bearer",
+		type: "http"
+	}],
+	url: "/agent/claim/verify",
+	...options,
+	headers: {
+		...options.body !== void 0 && { "Content-Type": "application/json" },
+		...options.headers
+	}
+});
+/**
+* Create a browser claim link
+*
+* Mints an opaque, single-use link an agent can hand to a human to
+* complete the email-confirmation upgrade in a browser. Authenticated by
+* the agent's own API key. `claim_url` is null when the API host cannot
+* resolve a web origin to build the link.
+*
+*/
+const createAgentClaimLink = (options) => (options?.client ?? client$1).post({
+	security: [{
+		scheme: "bearer",
+		type: "http"
+	}],
+	url: "/agent/claim/link",
+	...options,
+	headers: {
+		"Content-Type": "application/json",
+		...options?.headers
+	}
+});
+/**
 * Revoke the current CLI OAuth session
 *
 * Revokes the OAuth grant used to authenticate the request. API-key
@@ -1693,10 +1783,12 @@ const listFunctions = (options) => (options?.client ?? client$1).get({
 * each delivery and forwards the `Primitive-Signature` header to
 * the handler. Verify the raw request body with
 * `PRIMITIVE_WEBHOOK_SECRET` before parsing JSON; after verification
-* the request body parses to an `email.received` event (see
-* `EmailReceivedEvent` and the Webhook payload section for the full
-* schema). Code is bundled before being uploaded; ship a single
-* self-contained file rather than relying on external imports.
+* the request body parses to a webhook event whose `event` field is
+* `email.received` for normal inbound mail, or a machine-mail type
+* (`email.bounced`, `email.tls_report`, `email.dmarc_report`,
+* `email.dmarc_failure`) for bounces and reports. Code is bundled
+* before being uploaded; ship a single self-contained file rather
+* than relying on external imports.
 *
 * **Code limits.** `code` is capped at 1 MiB UTF-8. `sourceMap`
 * (optional) is capped at 5 MiB UTF-8, stored with each deployment
@@ -2126,7 +2218,7 @@ const DEFAULT_TOLERANCE_SECONDS = 300;
 const FUTURE_TOLERANCE_SECONDS = 60;
 const HEX_PATTERN = /^[0-9a-f]+$/i;
 const HEX_LENGTH = 64;
-const UNIX_SECONDS_PATTERN = /^\d{1,10}$/;
+const UNIX_SECONDS_PATTERN = /^\d+$/;
 function parseSignatureHeader(signatureHeader) {
 	if (!signatureHeader || typeof signatureHeader !== "string") return null;
 	const parts = signatureHeader.split(",");
@@ -2343,7 +2435,251 @@ function resolveRequestOptions(options) {
 	if (Object.keys(headers).length > 0) resolved.headers = headers;
 	return resolved;
 }
+/**
+* Generic `{ success, data }` envelope unwrap for the simple
+* data-returning agent operations. Mirrors the error-mapping path of
+* `unwrapSendResult` so every agent call surfaces a `PrimitiveApiError`
+* with code / status / request id / retry-after, and re-throws abort and
+* timeout errors untouched. `label` names the resource in the
+* empty-body error message.
+*/
+function unwrapData(result, label) {
+	const response = result.response;
+	if (result.error) {
+		if (isAbortLikeError(result.error)) throw result.error;
+		const parsed = parseApiErrorPayload(result.error);
+		throw new PrimitiveApiError(parsed.message, {
+			payload: result.error,
+			status: response?.status,
+			code: parsed.code,
+			gates: parsed.gates,
+			requestId: parsed.requestId,
+			retryAfter: parseRetryAfterHeader(response),
+			details: parsed.details,
+			cause: result.error instanceof Error ? result.error : void 0
+		});
+	}
+	if (result.data?.data === void 0) throw new PrimitiveApiError(`Primitive API returned no ${label}`, {
+		payload: result,
+		status: response?.status
+	});
+	return result.data.data;
+}
+/**
+* Agent-account operations, grouped under `client.agent`.
+*
+* These cover the emailless agent lifecycle: create a zero-touch account
+* (no auth required), then later upgrade it to a full developer account by
+* confirming an email (the claim flow, authenticated by the agent's own
+* API key). Field shapes are the generated request/response types, matching
+* the documented API surface.
+*/
+var AgentResource = class {
+	constructor(client) {
+		this.client = client;
+	}
+	/**
+	* Create an emailless agent account. Unauthenticated: call this on a
+	* client constructed without an API key. Returns a one-time `api_key`
+	* (prefixed `prim_`, shown once) plus a provisioned managed inbox. The
+	* account is on the reply-only `agent` plan and can be upgraded later via
+	* the claim flow.
+	*/
+	async createAccount(input, options) {
+		return unwrapData(await createAgentAccount({
+			body: input,
+			...resolveRequestOptions(options),
+			client: this.client,
+			responseStyle: "fields"
+		}), "agent account");
+	}
+	/**
+	* Start the email-claim upgrade for the authenticated agent account.
+	* Sends a verification code to `email` and returns the claim session id
+	* plus resend timing. Authenticated by the agent's own API key.
+	*/
+	async claimStart(input, options) {
+		return unwrapData(await startAgentClaim({
+			body: input,
+			...resolveRequestOptions(options),
+			client: this.client,
+			responseStyle: "fields"
+		}), "claim start result");
+	}
+	/**
+	* Confirm the claim verification code and upgrade the account to the
+	* `developer` plan. The org id, API key, and managed inbox carry over;
+	* the send cap lifts.
+	*/
+	async claimVerify(input, options) {
+		return unwrapData(await verifyAgentClaim({
+			body: input,
+			...resolveRequestOptions(options),
+			client: this.client,
+			responseStyle: "fields"
+		}), "claim result");
+	}
+	/**
+	* Mint a browser claim link to hand to a human for the email-confirmation
+	* upgrade. `claim_url` is null when the API host has no web origin to
+	* build the link.
+	*/
+	async claimLink(input = {}, options) {
+		return unwrapData(await createAgentClaimLink({
+			body: input,
+			...resolveRequestOptions(options),
+			client: this.client,
+			responseStyle: "fields"
+		}), "claim link result");
+	}
+};
+const INBOX_EPOCH_CURSOR = "1970-01-01T00:00:00.000000Z|00000000-0000-0000-0000-000000000000";
+const DEFAULT_WAIT_SECONDS = 30;
+function buildReplyBody(input) {
+	const resolved = typeof input === "string" ? { text: input } : input;
+	if ("subject" in resolved) throw new TypeError("reply does not support a subject override; the server prepends 'Re:' to the parent's subject for thread continuity");
+	if (!resolved.text && !resolved.html) throw new TypeError("reply requires text or html");
+	return {
+		...resolved.text !== void 0 ? { body_text: resolved.text } : {},
+		...resolved.html !== void 0 ? { body_html: resolved.html } : {},
+		...resolved.from !== void 0 ? { from: resolved.from } : {},
+		...resolved.attachments !== void 0 ? { attachments: resolved.attachments } : {},
+		...resolved.wait !== void 0 ? { wait: resolved.wait } : {}
+	};
+}
+async function replyById(client, id, input, options) {
+	return unwrapSendResult(await replyToEmail({
+		body: buildReplyBody(input),
+		path: { id },
+		...resolveRequestOptions(options),
+		client,
+		responseStyle: "fields"
+	}));
+}
+function toInboundEmail(row, cursor, client) {
+	return {
+		id: row.id,
+		messageId: row.message_id ?? null,
+		from: row.sender,
+		to: row.recipient,
+		subject: row.subject ?? null,
+		status: row.status,
+		domain: row.domain,
+		spamScore: row.spam_score ?? null,
+		threadId: row.thread_id ?? null,
+		createdAt: row.created_at,
+		receivedAt: row.received_at,
+		cursor,
+		reply: (input, options) => replyById(client, row.id, input, options)
+	};
+}
+/** Unwrap a `listEmails` page into rows + the next forward-tail cursor. */
+function unwrapInboxPage(result) {
+	const response = result.response;
+	if (result.error) {
+		if (isAbortLikeError(result.error)) throw result.error;
+		const parsed = parseApiErrorPayload(result.error);
+		throw new PrimitiveApiError(parsed.message, {
+			payload: result.error,
+			status: response?.status,
+			code: parsed.code,
+			gates: parsed.gates,
+			requestId: parsed.requestId,
+			retryAfter: parseRetryAfterHeader(response),
+			details: parsed.details,
+			cause: result.error instanceof Error ? result.error : void 0
+		});
+	}
+	return {
+		emails: result.data?.data ?? [],
+		cursor: result.data?.meta?.cursor ?? null
+	};
+}
+/**
+* Inbound mail, grouped under `client.inbox`. Wraps the GET /v1/emails forward
+* tail (`?since` + `?wait` long-poll) so an agent's receive loop is a single
+* `for await`, with the cursor advanced for you.
+*/
+var InboxResource = class {
+	constructor(client) {
+		this.client = client;
+	}
+	/**
+	* Stream inbound emails as they arrive. Long-polls the forward tail, yielding
+	* one email at a time and advancing the cursor. Resumes from `since` (omit to
+	* start oldest-first); stops when `signal` aborts.
+	*
+	*   for await (const email of client.inbox.stream()) {
+	*     await email.reply("got it");
+	*   }
+	*/
+	async *stream(options = {}) {
+		let since = options.since ?? INBOX_EPOCH_CURSOR;
+		const wait = options.waitSeconds ?? DEFAULT_WAIT_SECONDS;
+		while (!options.signal?.aborted) {
+			const result = await listEmails({
+				query: {
+					since,
+					wait,
+					limit: 1
+				},
+				...resolveRequestOptions({ signal: options.signal }),
+				client: this.client,
+				responseStyle: "fields"
+			});
+			const { emails, cursor } = unwrapInboxPage(result);
+			if (emails.length > 0 && cursor === null) throw new PrimitiveApiError("Forward tail returned emails without a continuation cursor; refusing to advance to avoid re-yielding the same mail.", { payload: result });
+			for (const row of emails) yield toInboundEmail(row, cursor ?? since, this.client);
+			if (cursor) since = cursor;
+		}
+	}
+	/**
+	* Resolve with the next inbound email after `since`, or null if none arrives
+	* within the wait window. One-shot form of `stream`; pass your current cursor
+	* as `since` to wait for genuinely new mail.
+	*/
+	async waitForNext(options = {}) {
+		const result = await listEmails({
+			query: {
+				since: options.since ?? INBOX_EPOCH_CURSOR,
+				wait: options.waitSeconds ?? DEFAULT_WAIT_SECONDS,
+				limit: 1
+			},
+			...resolveRequestOptions({ signal: options.signal }),
+			client: this.client,
+			responseStyle: "fields"
+		});
+		const { emails, cursor } = unwrapInboxPage(result);
+		if (emails.length === 0) return null;
+		if (cursor === null) throw new PrimitiveApiError("Forward tail returned an email without a continuation cursor.", { payload: result });
+		return toInboundEmail(emails[0], cursor, this.client);
+	}
+};
+/** Account introspection, grouped under `client.account`. */
+var AccountResource = class {
+	constructor(client) {
+		this.client = client;
+	}
+	/**
+	* The authenticated account: plan, limits, granted `entitlements` (e.g. an
+	* emailless agent sees only reply-only keys), and `managed_inbox_address`
+	* (the From address to reply as).
+	*/
+	async get(options) {
+		return unwrapData(await getAccount({
+			...resolveRequestOptions(options),
+			client: this.client,
+			responseStyle: "fields"
+		}), "account");
+	}
+};
 var PrimitiveClient = class extends PrimitiveApiClient {
+	/** Agent-account lifecycle operations (create, claim/upgrade). */
+	agent = new AgentResource(this.client);
+	/** Inbound mail: long-poll stream + waitForNext over the forward tail. */
+	inbox = new InboxResource(this.client);
+	/** Account introspection (plan, limits, entitlements, managed inbox). */
+	account = new AccountResource(this.client);
 	async send(input, options) {
 		validateSendInput(input);
 		return unwrapSendResult(await sendEmail({
@@ -2397,22 +2733,7 @@ var PrimitiveClient = class extends PrimitiveApiClient {
 	* thread for half the recipient population.
 	*/
 	async reply(email, input, options) {
-		const resolved = typeof input === "string" ? { text: input } : input;
-		if ("subject" in resolved) throw new TypeError("reply does not support a subject override; the server prepends 'Re:' to the parent's subject for thread continuity");
-		if (!resolved.text && !resolved.html) throw new TypeError("reply requires text or html");
-		return unwrapSendResult(await replyToEmail({
-			body: {
-				...resolved.text !== void 0 ? { body_text: resolved.text } : {},
-				...resolved.html !== void 0 ? { body_html: resolved.html } : {},
-				...resolved.from !== void 0 ? { from: resolved.from } : {},
-				...resolved.attachments !== void 0 ? { attachments: resolved.attachments } : {},
-				...resolved.wait !== void 0 ? { wait: resolved.wait } : {}
-			},
-			path: { id: email.id },
-			...resolveRequestOptions(options),
-			client: this.client,
-			responseStyle: "fields"
-		}));
+		return replyById(this.client, email.id, input, options);
 	}
 	async forward(email, input, options) {
 		validateForwardInput(input);
@@ -2469,6 +2790,7 @@ function mapSendResult(result) {
 	return {
 		id: result.id,
 		status: result.status,
+		from: result.from,
 		queueId: result.queue_id,
 		accepted: result.accepted,
 		rejected: result.rejected,
@@ -2512,5 +2834,25 @@ function createPrimitiveClient(options = {}) {
 function client(options = {}) {
 	return new PrimitiveClient(options);
 }
+/**
+* Zero-to-receiving in one call: create an emailless agent account (no auth)
+* and return a PrimitiveClient already wired with its one-time API key, plus
+* the provisioned managed inbox. From here `result.client.inbox.stream()` and
+* `result.client.send(...)` work immediately.
+*
+*   const { client, address } = await createAgent({ terms_accepted: true });
+*/
+async function createAgent(options) {
+	const { client: clientOptions, ...input } = options;
+	const account = await new PrimitiveClient(clientOptions).agent.createAccount(input);
+	return {
+		client: new PrimitiveClient({
+			...clientOptions,
+			apiKey: account.api_key
+		}),
+		address: account.address,
+		account
+	};
+}
 //#endregion
-export { resendCliSignupVerification as $, getFunctionRouting as A, listDomains as B, downloadAttachments as C, getConversation as D, getAccount as E, getSentEmail as F, listFunctionSecrets as G, listEndpoints as H, getStorageStats as I, pollCliLogin as J, listFunctions as K, getThread as L, getInboxStatus as M, getOrgRoutingTopology as N, getEmail as O, getSendPermissions as P, resendAgentSignupVerification as Q, getWebhookSecret as R, discardEmailContent as S, createConfig as St, downloadRawEmail as T, listFilters as U, listEmails as V, listFunctionLogs as W, replayEmailWebhooks as X, replayDelivery as Y, replyToEmail as Z, deleteEmail as _, updateFunction as _t, verifyWebhookSignature as a, setFunctionRoute as at, deleteFunction as b, verifyDomain as bt, PrimitiveApiError as c, startCliLogin as ct, cliLogout as d, testFunction as dt, rotateWebhookSecret as et, createEndpoint as f, unsetFunctionRoute as ft, deleteDomain as g, updateFilter as gt, createFunctionSecret as h, updateEndpoint as ht, PRIMITIVE_SIGNATURE_HEADER as i, sendEmail as it, getFunctionTestRunTrace as j, getFunction as k, createPrimitiveApiClient as l, startCliSignup as lt, createFunction as m, updateDomain as mt, client as n, searchEmails as nt, DEFAULT_API_BASE_URL as o, setFunctionSecret as ot, createFilter as p, updateAccount as pt, listSentEmails as q, createPrimitiveClient as r, semanticSearch as rt, PrimitiveApiClient as s, startAgentSignup as st, PrimitiveClient as t, sdk_gen_exports as tt, addDomain as u, testEndpoint as ut, deleteEndpoint as v, verifyAgentSignup as vt, downloadDomainZoneFile as w, deleteFunctionSecret as x, createClient as xt, deleteFilter as y, verifyCliSignup as yt, listDeliveries as z };
+export { listSentEmails as $, downloadDomainZoneFile as A, createConfig as At, getSendPermissions as B, deleteEmail as C, updateFilter as Ct, deleteFunctionSecret as D, verifyCliSignup as Dt, deleteFunction as E, verifyAgentSignup as Et, getFunction as F, listDeliveries as G, getStorageStats as H, getFunctionRouting as I, listEndpoints as J, listDomains as K, getFunctionTestRunTrace as L, getAccount as M, getConversation as N, discardEmailContent as O, verifyDomain as Ot, getEmail as P, listFunctions as Q, getInboxStatus as R, deleteDomain as S, updateEndpoint as St, deleteFilter as T, verifyAgentClaim as Tt, getThread as U, getSentEmail as V, getWebhookSecret as W, listFunctionLogs as X, listFilters as Y, listFunctionSecrets as Z, createAgentClaimLink as _, testEndpoint as _t, client as a, resendCliSignupVerification as at, createFunction as b, updateAccount as bt, PRIMITIVE_SIGNATURE_HEADER as c, searchEmails as ct, PrimitiveApiClient as d, setFunctionRoute as dt, pollCliLogin as et, PrimitiveApiError as f, setFunctionSecret as ft, createAgentAccount as g, startCliSignup as gt, cliLogout as h, startCliLogin as ht, PrimitiveClient as i, resendAgentSignupVerification as it, downloadRawEmail as j, downloadAttachments as k, createClient as kt, verifyWebhookSignature as l, semanticSearch as lt, addDomain as m, startAgentSignup as mt, AgentResource as n, replayEmailWebhooks as nt, createAgent as o, rotateWebhookSecret as ot, createPrimitiveApiClient as p, startAgentClaim as pt, listEmails as q, InboxResource as r, replyToEmail as rt, createPrimitiveClient as s, sdk_gen_exports as st, AccountResource as t, replayDelivery as tt, DEFAULT_API_BASE_URL as u, sendEmail as ut, createEndpoint as v, testFunction as vt, deleteEndpoint as w, updateFunction as wt, createFunctionSecret as x, updateDomain as xt, createFilter as y, unsetFunctionRoute as yt, getOrgRoutingTopology as z };

package/dist/contract/index.d.ts

@@ -1,5 +1,5 @@
-import { C as ParsedDataFailed, D as RawContentDownloadOnly, M as WebhookAttachment, O as RawContentInline, S as ParsedDataComplete, c as EmailAnalysis, l as EmailAuth, s as EmailAddress, u as EmailReceivedEvent, w as ParsedError } from "../types-yNU-Oiea.js";
-import { C as signStandardWebhooksPayload, h as WEBHOOK_VERSION, j as signWebhookPayload, k as SignResult, x as StandardWebhooksSignResult } from "../index-DR978rq5.js";
+import { A as RawContentInline, E as ParsedError, F as WebhookAttachment, T as ParsedDataFailed, d as EmailAuth, f as EmailReceivedEvent, k as RawContentDownloadOnly, l as EmailAddress, u as EmailAnalysis, w as ParsedDataComplete } from "../types-QT2ss9ho.js";
+import { C as signStandardWebhooksPayload, h as WEBHOOK_VERSION, j as signWebhookPayload, k as SignResult, x as StandardWebhooksSignResult } from "../index-iZWfb98V.js";
 
 //#region src/contract/contract.d.ts
 /** Maximum raw email size for inline inclusion (256 KB). */

package/dist/contract/index.js

@@ -1,4 +1,4 @@
-import { E as signStandardWebhooksPayload, L as validateEmailReceivedEvent, M as signWebhookPayload, d as WEBHOOK_VERSION } from "../webhook-BAwK8EOG.js";
+import { E as signStandardWebhooksPayload, L as validateEmailReceivedEvent, M as signWebhookPayload, d as WEBHOOK_VERSION } from "../webhook-CwjCyFv-.js";
 import { createHash } from "node:crypto";
 //#region src/contract/contract.ts
 /**

package/dist/{errors-7E9sW9eX.d.ts → errors-DyuAXctD.d.ts}

@@ -1,4 +1,4 @@
-import { M as WebhookAttachment, c as EmailAnalysis, l as EmailAuth, u as EmailReceivedEvent } from "./types-yNU-Oiea.js";
+import { F as WebhookAttachment, d as EmailAuth, f as EmailReceivedEvent, u as EmailAnalysis } from "./types-QT2ss9ho.js";
 import { ErrorObject } from "ajv";
 
 //#region src/webhook/received-email.d.ts