@sanity/ailf 2.7.1 → 2.9.0

package/dist/pipeline/upload-test-outputs.js

@@ -0,0 +1,34 @@
+/**
+ * upload-test-outputs.ts — shared helper for the testOutputs artifact upload.
+ *
+ * CalculateScoresStep calls this once its score-summary.json is complete.
+ * Each {taskId, modelId} pair becomes one GCS object under
+ * `runs/{runId}/test-outputs/{taskId}--{modelId}.json` carrying the full
+ * response output and truncation flag. The returned ArtifactRef's
+ * `entries[]` catalog lists every uploaded entry so Studio can render
+ * drill-down state without a second listing call.
+ *
+ * PublishReportStep later strips responseOutput from the inline
+ * testResults[] when this upload succeeds, so the Content Lake document
+ * stays slim — the full output lives in GCS and is fetched per-entry
+ * on click.
+ *
+ * @see docs/decisions/D0032-run-anchored-artifact-store.md
+ */
+/**
+ * Upload testOutputs as per-entry GCS objects under
+ * `runs/{runId}/test-outputs/`, one per `{taskId}::{modelId}` pair.
+ *
+ * Returns the `ArtifactRef` on success, or `null` when upload is skipped or
+ * fails (P5: non-blocking).
+ */
+export async function uploadTestOutputs(writer, runId, testResults) {
+    const entries = testResults.map((tr) => ({
+        key: `${tr.taskId}::${tr.modelId}`,
+        data: {
+            responseOutput: tr.responseOutput ?? "",
+            responseOutputTruncated: tr.responseOutputTruncated ?? false,
+        },
+    }));
+    return writer.writePerEntry("testOutputs", runId, entries);
+}

package/dist/report-store.js

@@ -211,8 +211,10 @@ export class ReportStore {
                 summary: {
                     ...report.summary,
                     // Artifact references live inside summary in Sanity so they're
-                    // projected automatically by the reportDetailQuery (D0030)
-                    ...(report.artifacts ? { artifacts: report.artifacts } : {}),
+                    // projected automatically by the reportDetailQuery (D0032)
+                    ...(report.artifactManifest
+                        ? { artifactManifest: report.artifactManifest }
+                        : {}),
                 },
                 tag: report.tag ?? null,
                 title: report.title ?? null,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sanity/ailf",
-  "version": "2.7.1",
+  "version": "2.9.0",
   "private": false,
   "publishConfig": {
     "access": "public"
@@ -52,8 +52,8 @@
     "@types/node": "^22.13.1",
     "tsx": "^4.19.2",
     "typescript": "^5.7.3",
-    "@sanity/ailf-shared": "0.1.0",
-    "@sanity/ailf-core": "0.1.0"
+    "@sanity/ailf-core": "0.1.0",
+    "@sanity/ailf-shared": "0.1.0"
   },
   "scripts": {
     "build": "tsc && tsx scripts/bundle-workspace-deps.ts",

package/dist/_vendor/ailf-core/ports/artifact-uploader.d.ts

@@ -1,35 +0,0 @@
-/**
- * Port: ArtifactUploader — uploads report artifacts to external object storage.
- *
- * Separate from ArtifactCollector (which captures forensic archives).
- * This port puts structured files at known paths so Studio can fetch
- * them on demand via signed URLs.
- *
- * @see docs/design-docs/external-artifact-store.md
- * @see docs/decisions/D0030-external-artifact-store.md
- */
-import type { ArtifactRef } from "../types/index.js";
-/**
- * Uploads report artifacts to external storage.
- *
- * Implementations:
- * - GcsReportArtifactUploader (packages/eval) — uploads to GCS
- * - NoOpArtifactUploader (below) — returns null (no-op when GCS is not configured)
- */
-export interface ArtifactUploader {
-    /**
-     * Upload a JSON artifact for a report.
-     *
-     * @param reportId - Report identifier (used as the GCS path prefix)
-     * @param fileName - File name within the report prefix (e.g., "test-outputs.json")
-     * @param data     - Serializable data (will be JSON.stringify'd)
-     * @returns ArtifactRef on success, null if upload is skipped or fails
-     */
-    upload(reportId: string, fileName: string, data: unknown): Promise<ArtifactRef | null>;
-}
-/**
- * No-op uploader — always returns null. Used when GCS is not configured.
- */
-export declare class NoOpArtifactUploader implements ArtifactUploader {
-    upload(): Promise<null>;
-}

package/dist/_vendor/ailf-core/ports/artifact-uploader.js

@@ -1,18 +0,0 @@
-/**
- * Port: ArtifactUploader — uploads report artifacts to external object storage.
- *
- * Separate from ArtifactCollector (which captures forensic archives).
- * This port puts structured files at known paths so Studio can fetch
- * them on demand via signed URLs.
- *
- * @see docs/design-docs/external-artifact-store.md
- * @see docs/decisions/D0030-external-artifact-store.md
- */
-/**
- * No-op uploader — always returns null. Used when GCS is not configured.
- */
-export class NoOpArtifactUploader {
-    async upload() {
-        return null;
-    }
-}

package/dist/artifact-capture/api-gateway-artifact-uploader.d.ts

@@ -1,41 +0,0 @@
-/**
- * ApiGatewayArtifactUploader — uploads report artifacts via the API Gateway.
- *
- * Counterpart to GcsReportArtifactUploader. Used when the CLI runs locally
- * without GCS credentials. Two-step flow:
- *
- *   1. GET {apiBaseUrl}/v1/artifacts/{reportId}/upload-url?type={artifactType}
- *      with Authorization: Bearer {apiKey} — returns a signed PUT URL.
- *   2. PUT the JSON to that URL with Content-Type: application/json and
- *      x-goog-if-generation-match: 0 (overwrite-protection contract from
- *      the gateway's signed URL).
- *
- * The gateway stays out of the data path — Vercel only signs the URL,
- * the artifact bytes go directly to GCS.
- *
- * Design principles:
- * - P5: Non-blocking — any failure returns null and warns, never throws.
- * - Stateless — no client to keep around between calls.
- *
- * @see docs/design-docs/external-artifact-store.md
- * @see docs/decisions/D0030-external-artifact-store.md
- */
-import type { ArtifactRef, ArtifactUploader } from "../_vendor/ailf-core/index.d.ts";
-export interface ApiGatewayUploaderOptions {
-    /** Base URL of the API gateway (e.g., "https://api.ailf.sanity.io"). */
-    apiBaseUrl: string;
-    /** AILF API key with the `artifact:write` scope. */
-    apiKey: string;
-    /** GCS bucket name — included in the returned ArtifactRef. */
-    bucket: string;
-}
-export declare class ApiGatewayArtifactUploader implements ArtifactUploader {
-    private readonly options;
-    constructor(options: ApiGatewayUploaderOptions);
-    upload(reportId: string, fileName: string, data: unknown): Promise<ArtifactRef | null>;
-    /**
-     * Fetch a signed upload URL from the gateway. Returns null on any non-2xx
-     * response or malformed body so the caller can stay non-blocking.
-     */
-    private fetchSignedUrl;
-}

package/dist/artifact-capture/api-gateway-artifact-uploader.js

@@ -1,123 +0,0 @@
-/**
- * ApiGatewayArtifactUploader — uploads report artifacts via the API Gateway.
- *
- * Counterpart to GcsReportArtifactUploader. Used when the CLI runs locally
- * without GCS credentials. Two-step flow:
- *
- *   1. GET {apiBaseUrl}/v1/artifacts/{reportId}/upload-url?type={artifactType}
- *      with Authorization: Bearer {apiKey} — returns a signed PUT URL.
- *   2. PUT the JSON to that URL with Content-Type: application/json and
- *      x-goog-if-generation-match: 0 (overwrite-protection contract from
- *      the gateway's signed URL).
- *
- * The gateway stays out of the data path — Vercel only signs the URL,
- * the artifact bytes go directly to GCS.
- *
- * Design principles:
- * - P5: Non-blocking — any failure returns null and warns, never throws.
- * - Stateless — no client to keep around between calls.
- *
- * @see docs/design-docs/external-artifact-store.md
- * @see docs/decisions/D0030-external-artifact-store.md
- */
-// ---------------------------------------------------------------------------
-// File-name → artifact-type mapping (mirrors packages/api ARTIFACT_FILES)
-// ---------------------------------------------------------------------------
-/**
- * Reverse map of the API gateway's ARTIFACT_FILES. The uploader port speaks
- * file names; the gateway endpoint speaks artifact types. Keep these in sync
- * with packages/api/src/routes/artifacts.ts.
- */
-const FILE_TO_TYPE = {
-    "eval-results.json": "evalResults",
-    "grader-prompts.json": "graderPrompts",
-    "rendered-prompts.json": "renderedPrompts",
-    "task-definitions.json": "taskDefinitions",
-    "test-outputs.json": "testOutputs",
-};
-export class ApiGatewayArtifactUploader {
-    options;
-    constructor(options) {
-        this.options = options;
-    }
-    async upload(reportId, fileName, data) {
-        const artifactType = FILE_TO_TYPE[fileName];
-        if (!artifactType) {
-            console.warn(`  ⚠️  Artifact upload skipped (unknown fileName): ${fileName}`);
-            return null;
-        }
-        const objectPath = `reports/${reportId}/${fileName}`;
-        const json = JSON.stringify(data);
-        const bytes = Buffer.byteLength(json, "utf-8");
-        try {
-            const signed = await this.fetchSignedUrl(reportId, artifactType);
-            if (!signed)
-                return null;
-            const putRes = await fetch(signed.url, {
-                body: json,
-                headers: signed.requiredHeaders,
-                method: "PUT",
-            });
-            if (!putRes.ok) {
-                console.warn(`  ⚠️  Artifact upload failed (non-blocking): ${objectPath} — GCS PUT ${putRes.status} ${putRes.statusText}`);
-                return null;
-            }
-            return {
-                bucket: signed.bucket,
-                bytes,
-                entryCount: extractEntryCount(data),
-                path: signed.path,
-                store: "gcs",
-            };
-        }
-        catch (err) {
-            const message = err instanceof Error ? err.message : String(err);
-            console.warn(`  ⚠️  Artifact upload failed (non-blocking): ${objectPath} — ${message}`);
-            return null;
-        }
-    }
-    /**
-     * Fetch a signed upload URL from the gateway. Returns null on any non-2xx
-     * response or malformed body so the caller can stay non-blocking.
-     */
-    async fetchSignedUrl(reportId, artifactType) {
-        const url = `${this.options.apiBaseUrl.replace(/\/$/, "")}/v1/artifacts/${encodeURIComponent(reportId)}/upload-url?type=${encodeURIComponent(artifactType)}`;
-        const res = await fetch(url, {
-            headers: {
-                Authorization: `Bearer ${this.options.apiKey}`,
-            },
-            method: "GET",
-        });
-        if (!res.ok) {
-            console.warn(`  ⚠️  Signed-URL request failed: ${res.status} ${res.statusText}`);
-            return null;
-        }
-        const body = (await res.json());
-        if (body.object !== "signed_upload_url" ||
-            typeof body.url !== "string" ||
-            typeof body.path !== "string" ||
-            typeof body.bucket !== "string" ||
-            !body.requiredHeaders) {
-            console.warn(`  ⚠️  Signed-URL response was malformed`);
-            return null;
-        }
-        return {
-            bucket: body.bucket,
-            method: "PUT",
-            object: "signed_upload_url",
-            path: body.path,
-            requiredHeaders: body.requiredHeaders,
-            url: body.url,
-        };
-    }
-}
-function extractEntryCount(data) {
-    if (typeof data === "object" &&
-        data !== null &&
-        "entries" in data &&
-        typeof data.entries === "object") {
-        return Object.keys(data.entries)
-            .length;
-    }
-    return undefined;
-}

package/dist/artifact-capture/gcs-report-artifact-uploader.d.ts

@@ -1,31 +0,0 @@
-/**
- * GcsReportArtifactUploader — uploads report artifacts to known GCS paths.
- *
- * Separate from GcsArtifactCollector (which handles forensic capture archives).
- * This uploader puts structured JSON files at predictable paths so the
- * API Gateway can sign URLs and Studio can fetch them on demand.
- *
- * GCS path convention:  reports/{reportId}/{fileName}
- * Example:              reports/01926abc.../test-outputs.json
- *
- * Design principles:
- * - P5: Non-blocking — GCS upload failure returns null, never throws
- * - Lazy client — Storage created on first upload, not at construction
- * - Same credentials path as GcsArtifactCollector (ADC or key file)
- *
- * @see docs/design-docs/external-artifact-store.md
- * @see docs/decisions/D0030-external-artifact-store.md
- */
-import type { ArtifactRef, ArtifactUploader } from "../_vendor/ailf-core/index.d.ts";
-export interface GcsUploaderOptions {
-    /** GCS bucket name (e.g., "ailf-artifacts") */
-    bucket: string;
-}
-export declare class GcsReportArtifactUploader implements ArtifactUploader {
-    private client;
-    private readonly options;
-    constructor(options: GcsUploaderOptions);
-    upload(reportId: string, fileName: string, data: unknown): Promise<ArtifactRef | null>;
-    /** Lazily create the GCS Storage client (ADC). */
-    private getClient;
-}

package/dist/artifact-capture/gcs-report-artifact-uploader.js

@@ -1,66 +0,0 @@
-/**
- * GcsReportArtifactUploader — uploads report artifacts to known GCS paths.
- *
- * Separate from GcsArtifactCollector (which handles forensic capture archives).
- * This uploader puts structured JSON files at predictable paths so the
- * API Gateway can sign URLs and Studio can fetch them on demand.
- *
- * GCS path convention:  reports/{reportId}/{fileName}
- * Example:              reports/01926abc.../test-outputs.json
- *
- * Design principles:
- * - P5: Non-blocking — GCS upload failure returns null, never throws
- * - Lazy client — Storage created on first upload, not at construction
- * - Same credentials path as GcsArtifactCollector (ADC or key file)
- *
- * @see docs/design-docs/external-artifact-store.md
- * @see docs/decisions/D0030-external-artifact-store.md
- */
-import { Storage } from "@google-cloud/storage";
-export class GcsReportArtifactUploader {
-    client = null;
-    options;
-    constructor(options) {
-        this.options = options;
-    }
-    async upload(reportId, fileName, data) {
-        const objectPath = `reports/${reportId}/${fileName}`;
-        const json = JSON.stringify(data);
-        const bytes = Buffer.byteLength(json, "utf-8");
-        try {
-            const storage = this.getClient();
-            const file = storage.bucket(this.options.bucket).file(objectPath);
-            await file.save(json, {
-                contentType: "application/json",
-                metadata: {
-                    reportId,
-                },
-            });
-            return {
-                store: "gcs",
-                bucket: this.options.bucket,
-                path: objectPath,
-                bytes,
-                entryCount: typeof data === "object" &&
-                    data !== null &&
-                    "entries" in data &&
-                    typeof data.entries === "object"
-                    ? Object.keys(data.entries)
-                        .length
-                    : undefined,
-            };
-        }
-        catch (err) {
-            const message = err instanceof Error ? err.message : String(err);
-            console.warn(`  ⚠️  Artifact upload failed (non-blocking): ${objectPath} — ${message}`);
-            return null;
-        }
-    }
-    /** Lazily create the GCS Storage client (ADC). */
-    getClient() {
-        if (this.client)
-            return this.client;
-        this.client = new Storage();
-        return this.client;
-    }
-}