@sentry/junior 0.68.0 → 0.69.0

package/dist/build/virtual-config.d.ts

@@ -9,12 +9,12 @@ export interface RuntimePluginModule {
 export declare function renderVirtualConfig(options: {
     plugins?: PluginCatalogConfig;
     pluginModule?: RuntimePluginModule;
-    trustedPluginRegistrations?: string[];
+    pluginHookRegistrations?: string[];
 }): string;
 /** Inject a virtual module so createApp() can read the plugin list at runtime. */
 export declare function injectVirtualConfig(nitro: Nitro, options?: {
     loadPluginSet?: () => Promise<JuniorPluginSet | undefined>;
     pluginModule?: RuntimePluginModule;
     plugins?: PluginCatalogConfig;
-    trustedPluginRegistrations?: string[];
+    pluginHookRegistrations?: string[];
 }): void;

package/dist/chat/agent-dispatch/heartbeat.d.ts

@@ -10,8 +10,8 @@ export declare function recoverStaleDispatches(args: {
     limit?: number;
     nowMs: number;
 }): Promise<number>;
-/** Run trusted plugin heartbeat hooks with bounded per-invocation work. */
-export declare function runTrustedPluginHeartbeats(args: {
+/** Run plugin heartbeat hooks with bounded per-invocation work. */
+export declare function runPluginHeartbeats(args: {
     limit?: number;
     nowMs: number;
 }): Promise<void>;

package/dist/chat/agent-dispatch/store.d.ts

@@ -1,9 +1,12 @@
 import type { StateAdapter } from "chat";
+import { type Destination } from "@sentry/junior-plugin-api";
 import type { BoundDispatchOptions, DispatchCreateResult, DispatchProjection, DispatchRecord, DispatchStatus } from "./types";
 /** Keep dispatch persistence keys consistent across callback and recovery paths. */
 export declare function getDispatchStorageKey(id: string): string;
+/** Parse persisted dispatch records before recovery, callbacks, or projections use them. */
+export declare function parseDispatchRecord(value: unknown): DispatchRecord | undefined;
 /** Map a dispatch destination to the lock key that serializes Slack delivery. */
-export declare function getDispatchDestinationLockId(destination: DispatchRecord["destination"]): string;
+export declare function getDispatchDestinationLockId(destination: Destination): string;
 /** Return the isolated persisted conversation key for one dispatch run. */
 export declare function getDispatchConversationId(dispatch: Pick<DispatchRecord, "id">): string;
 /** Give dispatch slices stable turn ids for resumability and trace correlation. */

package/dist/chat/agent-dispatch/types.d.ts

@@ -1,8 +1,6 @@
-import type { DispatchOptions as AgentPluginDispatchOptions } from "@sentry/junior-plugin-api";
+import type { Destination, DispatchOptions } from "@sentry/junior-plugin-api";
 import type { CredentialSubject, CredentialSystemActor } from "@/chat/credentials/context";
 export type DispatchStatus = "pending" | "running" | "awaiting_resume" | "completed" | "failed" | "blocked";
-export type DispatchOptions = AgentPluginDispatchOptions;
-export type DispatchDestination = DispatchOptions["destination"];
 export interface BoundDispatchOptions extends Omit<DispatchOptions, "credentialSubject"> {
     credentialSubject?: CredentialSubject;
 }
@@ -11,7 +9,7 @@ export interface DispatchRecord {
     attempt: number;
     createdAtMs: number;
     credentialSubject?: CredentialSubject;
-    destination: DispatchDestination;
+    destination: Destination;
     errorMessage?: string;
     id: string;
     idempotencyKey: string;

package/dist/chat/agent-dispatch/validation.d.ts

@@ -1,5 +1,6 @@
-import type { BoundDispatchOptions, DispatchOptions } from "./types";
+import { type DispatchOptions } from "@sentry/junior-plugin-api";
+import type { BoundDispatchOptions } from "./types";
 /** Validate plugin-provided dispatch options before core persists them. */
-export declare function validateDispatchOptions(options: DispatchOptions): void;
+export declare function validateDispatchOptions(options: unknown): asserts options is DispatchOptions;
 /** Verify runtime-owned access requirements for delegated dispatch credentials. */
 export declare function verifyDispatchCredentialSubjectAccess(options: BoundDispatchOptions): Promise<void>;

package/dist/chat/credentials/context.d.ts

@@ -1,28 +1,53 @@
-import type { AgentPluginCredentialSubject } from "@sentry/junior-plugin-api";
-export interface CredentialSubjectBinding {
-    type: "slack-direct-conversation";
-    teamId: string;
-    channelId: string;
-    signature: string;
-}
-export type CredentialSystemActor = {
-    type: "system";
-    id: string;
-};
-export type CredentialSubject = AgentPluginCredentialSubject & {
-    binding: CredentialSubjectBinding;
-};
-export type CredentialContext = {
-    actor: {
-        type: "user";
-        userId: string;
-    };
-    subject?: never;
-} | {
-    actor: CredentialSystemActor;
-    subject?: CredentialSubject;
-};
+import { z } from "zod";
+declare const credentialSubjectBindingSchema: z.ZodObject<{
+    type: z.ZodLiteral<"slack-direct-conversation">;
+    teamId: z.ZodString;
+    channelId: z.ZodString;
+    signature: z.ZodString;
+}, z.core.$strict>;
+declare const credentialSystemActorSchema: z.ZodObject<{
+    type: z.ZodLiteral<"system">;
+    id: z.ZodString;
+}, z.core.$strict>;
+export declare const credentialSubjectSchema: z.ZodObject<{
+    type: z.ZodLiteral<"user">;
+    userId: z.ZodString;
+    allowedWhen: z.ZodLiteral<"private-direct-conversation">;
+    binding: z.ZodObject<{
+        type: z.ZodLiteral<"slack-direct-conversation">;
+        teamId: z.ZodString;
+        channelId: z.ZodString;
+        signature: z.ZodString;
+    }, z.core.$strict>;
+}, z.core.$strict>;
+export declare const credentialContextSchema: z.ZodUnion<readonly [z.ZodObject<{
+    actor: z.ZodObject<{
+        type: z.ZodLiteral<"user">;
+        userId: z.ZodString;
+    }, z.core.$strict>;
+}, z.core.$strict>, z.ZodObject<{
+    actor: z.ZodObject<{
+        type: z.ZodLiteral<"system">;
+        id: z.ZodString;
+    }, z.core.$strict>;
+    subject: z.ZodOptional<z.ZodObject<{
+        type: z.ZodLiteral<"user">;
+        userId: z.ZodString;
+        allowedWhen: z.ZodLiteral<"private-direct-conversation">;
+        binding: z.ZodObject<{
+            type: z.ZodLiteral<"slack-direct-conversation">;
+            teamId: z.ZodString;
+            channelId: z.ZodString;
+            signature: z.ZodString;
+        }, z.core.$strict>;
+    }, z.core.$strict>>;
+}, z.core.$strict>]>;
+export type CredentialSubjectBinding = z.output<typeof credentialSubjectBindingSchema>;
+export type CredentialSystemActor = z.output<typeof credentialSystemActorSchema>;
+export type CredentialSubject = z.output<typeof credentialSubjectSchema>;
+export type CredentialContext = z.output<typeof credentialContextSchema>;
 /** Return the user whose OAuth token may satisfy this credential request. */
 export declare function credentialUserSubjectId(context: CredentialContext): string | undefined;
 /** Parse an untrusted credential context payload from sandbox egress state. */
 export declare function parseCredentialContext(value: unknown): CredentialContext | undefined;
+export {};

package/dist/chat/credentials/user-token-store.d.ts

@@ -1,4 +1,10 @@
+export interface StoredProviderAccount {
+    id: string;
+    label?: string;
+    url?: string;
+}
 export interface StoredTokens {
+    account?: StoredProviderAccount;
     accessToken: string;
     refreshToken: string;
     expiresAt?: number;

package/dist/chat/destination.d.ts

@@ -0,0 +1,12 @@
+import { type Destination } from "@sentry/junior-plugin-api";
+/** Build Junior's canonical destination from Slack workspace and channel ids. */
+export declare function createSlackDestination(input: {
+    channelId: string | undefined;
+    teamId: string | undefined;
+}): Destination | undefined;
+/** Parse and validate a serialized destination that crossed a runtime boundary. */
+export declare function parseDestination(value: unknown): Destination | undefined;
+/** Compare two destinations without relying on object identity. */
+export declare function sameDestination(left: Destination, right: Destination): boolean;
+/** Return the lock/index-safe storage key for a destination. */
+export declare function destinationKey(destination: Destination): string;

package/dist/chat/ingress/message-router.d.ts

@@ -1,4 +1,4 @@
-import type { ThreadMessageKind } from "@/chat/queue/thread-message-dispatcher";
+export type ThreadMessageKind = "new_mention" | "subscribed_message";
 /** Derive canonical Slack thread IDs from the raw event payload. */
 export declare function normalizeIncomingSlackThreadId(threadId: string, message: unknown): string;
 /** Classify an incoming message as a mention or subscribed message. */

package/dist/chat/mcp/auth-store.d.ts

@@ -1,11 +1,13 @@
 import type { OAuthClientInformationMixed, OAuthTokens } from "@modelcontextprotocol/sdk/shared/auth.js";
 import type { OAuthDiscoveryState } from "@modelcontextprotocol/sdk/client/auth.js";
+import type { Destination } from "@sentry/junior-plugin-api";
 import type { ThreadArtifactsState } from "@/chat/state/artifacts";
 export interface McpAuthSessionState {
     authSessionId: string;
     provider: string;
     userId: string;
     conversationId: string;
+    destination?: Destination;
     sessionId: string;
     userMessage: string;
     channelId?: string;

package/dist/chat/mcp/oauth.d.ts

@@ -1,3 +1,4 @@
+import type { Destination } from "@sentry/junior-plugin-api";
 import type { ThreadArtifactsState } from "@/chat/state/artifacts";
 import { type McpAuthSessionState } from "./auth-store";
 import { StateBackedMcpOAuthClientProvider } from "./oauth-provider";
@@ -5,6 +6,7 @@ export declare function getMcpOAuthCallbackPath(provider: string): string;
 export declare function createMcpOAuthClientProvider(input: {
     provider: string;
     conversationId: string;
+    destination?: Destination;
     sessionId: string;
     userId: string;
     userMessage: string;

package/dist/chat/oauth-flow.d.ts

@@ -1,25 +1,32 @@
+import type { Destination } from "@sentry/junior-plugin-api";
 import type { ChannelConfigurationService } from "@/chat/configuration/types";
 type PrivateDeliveryResult = "in_context" | "fallback_dm" | false;
 export type OAuthStatePayload = {
     userId: string;
     provider: string;
     channelId?: string;
+    destination?: Destination;
     threadTs?: string;
     pendingMessage?: string;
     configuration?: Record<string, unknown>;
     resumeConversationId?: string;
     resumeSessionId?: string;
+    scope?: string;
 };
 type OAuthFlowInput = {
     requesterId: string;
     channelId?: string;
+    destination?: Destination;
     threadTs?: string;
     userMessage?: string;
     channelConfiguration?: ChannelConfigurationService;
     activeSkillName?: string;
     resumeConversationId?: string;
     resumeSessionId?: string;
+    scope?: string;
 };
+/** Parse OAuth callback state that was persisted before a provider redirect. */
+export declare function parseOAuthStatePayload(value: unknown): OAuthStatePayload | undefined;
 /** Capitalize the first letter of a provider name for display. */
 export declare function formatProviderLabel(provider: string): string;
 /** Resolve the public base URL from environment variables (JUNIOR_BASE_URL or Vercel). */

package/dist/chat/plugins/agent-hooks.d.ts

@@ -2,7 +2,7 @@ import type { AgentPluginRequester, AgentPluginRoute, PluginOperationalReport, S
 import type { ToolDefinition } from "@/chat/tools/definition";
 import type { ToolRuntimeContext } from "@/chat/tools/types";
 import type { SandboxInstance } from "@/chat/sandbox/workspace";
-/** Signal that a trusted plugin intentionally denied a tool execution. */
+/** Signal that a plugin intentionally denied a tool execution. */
 export declare class AgentPluginHookDeniedError extends Error {
     constructor(message: string);
 }
@@ -21,21 +21,21 @@ export interface AgentPluginHookRunner {
     beforeToolExecute(input: ToolHookInput): Promise<ToolHookResult>;
     prepareSandbox(sandbox: SandboxInstance): Promise<void>;
 }
-/** Validate trusted plugin identity before it can affect process-wide hooks. */
+/** Validate plugin identity before it can affect process-wide hooks. */
 export declare function validateAgentPlugins(plugins: JuniorPluginRegistration[]): void;
-/** Replace trusted agent plugins and return the previous list for rollback. */
+/** Replace runtime hook plugins and return the previous list for rollback. */
 export declare function setAgentPlugins(plugins: JuniorPluginRegistration[]): JuniorPluginRegistration[];
-/** Return the current trusted agent plugins without exposing mutable state. */
+/** Return the current runtime hook plugins without exposing mutable state. */
 export declare function getAgentPlugins(): JuniorPluginRegistration[];
-/** Collect turn-scoped tools exposed by trusted plugins. */
+/** Collect turn-scoped tools exposed by plugins. */
 export declare function getAgentPluginTools(context: ToolRuntimeContext): Record<string, ToolDefinition<any>>;
-/** Collect route handlers exposed by trusted plugins for app-level mounting. */
+/** Collect route handlers exposed by plugins for app-level mounting. */
 export declare function getAgentPluginRoutes(): AgentPluginRouteRegistration[];
-/** Resolve the first trusted plugin conversation URL for finalized Slack footers. */
+/** Resolve the first plugin conversation URL for finalized Slack footers. */
 export declare function getAgentPluginSlackConversationLink(conversationId: string): SlackConversationLink | undefined;
-/** Collect read-only operational summaries exposed by trusted plugins. */
+/** Collect read-only operational summaries exposed by plugins. */
 export declare function getAgentPluginOperationalReports(nowMs?: number): Promise<PluginOperationalReport[]>;
-/** Create one runner over trusted agent plugins registered by the app. */
+/** Create one runner over runtime hook plugins registered by the app. */
 export declare function createAgentPluginHookRunner(input?: {
     requester?: AgentPluginRequester;
 }): AgentPluginHookRunner;

package/dist/chat/plugins/auth/auth-token-placeholder.d.ts

@@ -1,3 +1,3 @@
-import type { GitHubAppCredentials, OAuthBearerCredentials } from "../types";
+import type { OAuthBearerCredentials } from "../types";
 /** Resolve the non-secret sandbox token placeholder for token-backed credentials. */
-export declare function resolveAuthTokenPlaceholder(credentials: OAuthBearerCredentials | GitHubAppCredentials): string;
+export declare function resolveAuthTokenPlaceholder(credentials: OAuthBearerCredentials): string;

package/dist/chat/plugins/auth/oauth-request.d.ts

@@ -9,7 +9,9 @@ export declare function buildOAuthTokenRequest(input: OAuthTokenRequestInput): {
     headers: Record<string, string>;
     body: BodyInit;
 };
-export declare function parseOAuthTokenResponse(data: Record<string, unknown>, fallbackScope?: string): {
+export declare function parseOAuthTokenResponse(data: Record<string, unknown>, requestedScope?: string, options?: {
+    treatEmptyScopeAsUnreported?: boolean;
+}): {
     accessToken: string;
     refreshToken: string;
     expiresAt?: number;

package/dist/chat/plugins/credential-hooks.d.ts

@@ -0,0 +1,34 @@
+import { type AgentPluginCredentialResult, type AgentPluginGrant, type AgentPluginProviderAccount } from "@sentry/junior-plugin-api";
+import type { StoredTokens, UserTokenStore } from "@/chat/credentials/user-token-store";
+export interface EgressGrantInput {
+    method: string;
+    provider: string;
+    upstreamUrl: URL;
+}
+/** Ask a plugin which grant an outbound request needs. */
+export declare function selectPluginGrant(input: EgressGrantInput): Promise<AgentPluginGrant | undefined>;
+/** Return whether a plugin owns credential issuance for egress. */
+export declare function hasEgressCredentialHooks(provider: string): boolean;
+export interface IssueCredentialInput {
+    actor: {
+        type: "system";
+        id: string;
+    } | {
+        type: "user";
+        userId: string;
+    };
+    credentialSubject?: {
+        type: "user";
+        userId: string;
+    };
+    grant: AgentPluginGrant;
+    provider: string;
+    userTokenStore: UserTokenStore;
+}
+/** Ask a plugin which provider account belongs to an OAuth token. */
+export declare function resolvePluginOAuthAccount(input: {
+    provider: string;
+    tokens: StoredTokens;
+}): Promise<AgentPluginProviderAccount | undefined>;
+/** Ask a plugin to issue headers or describe why the selected grant is unavailable. */
+export declare function issuePluginCredential(input: IssueCredentialInput): Promise<AgentPluginCredentialResult>;

package/dist/chat/plugins/logging.d.ts

@@ -1,3 +1,3 @@
 import type { AgentPluginLogger } from "@sentry/junior-plugin-api";
-/** Create the host logger exposed to trusted plugin hooks. */
+/** Create the host logger exposed to plugin hooks. */
 export declare function createAgentPluginLogger(plugin: string): AgentPluginLogger;

package/dist/chat/plugins/state.d.ts

@@ -2,5 +2,5 @@ import type { AgentPluginState } from "@sentry/junior-plugin-api";
 export interface PluginStateOptions {
     legacyStatePrefixes?: string[];
 }
-/** Create a durable state namespace scoped to one trusted plugin. */
+/** Create a durable state namespace scoped to one plugin. */
 export declare function createPluginState(plugin: string, options?: PluginStateOptions): AgentPluginState;

package/dist/chat/plugins/types.d.ts

@@ -5,6 +5,14 @@ export interface PluginOAuthConfig {
     authorizeEndpoint: string;
     tokenEndpoint: string;
     scope?: string;
+    /**
+     * Set true when the provider returns an empty scope string even for authorized
+     * grants (e.g. GitHub App user-to-server tokens always return `scope: ""`
+     * regardless of what was requested). When enabled, an empty response scope
+     * uses the configured `scope` value instead of being treated as
+     * "no scopes granted".
+     */
+    treatEmptyScopeAsUnreported?: boolean;
     authorizeParams?: Record<string, string>;
     tokenAuthMethod?: "body" | "basic";
     tokenExtraHeaders?: Record<string, string>;
@@ -19,18 +27,7 @@ export interface OAuthBearerCredentials {
     authTokenEnv: string;
     authTokenPlaceholder?: string;
 }
-export interface GitHubAppCredentials {
-    type: "github-app";
-    domains: string[];
-    apiHeaders?: Record<string, string>;
-    authTokenEnv: string;
-    authTokenPlaceholder?: string;
-    appIdEnv: string;
-    privateKeyEnv: string;
-    installationIdEnv: string;
-    systemReadPermissions?: string[];
-}
-export type PluginCredentials = OAuthBearerCredentials | GitHubAppCredentials;
+export type PluginCredentials = OAuthBearerCredentials;
 export interface PluginNpmRuntimeDependency {
     type: "npm";
     package: string;
@@ -98,6 +95,15 @@ interface PluginOAuthConfigPatch extends Omit<Partial<PluginOAuthConfig>, "autho
     authorizeParams?: Record<string, string | null> | null;
     tokenExtraHeaders?: Record<string, string | null> | null;
 }
+type PluginCredentialConfigBase = {
+    domains?: string[];
+    authTokenEnv?: string;
+    authTokenPlaceholder?: string | null;
+};
+type PluginCredentialConfig = PluginCredentialConfigBase & {
+    apiHeaders?: Record<string, string | null> | null;
+    type?: "oauth-bearer";
+};
 /** Install-level changes applied to one plugin manifest before validation. */
 export interface PluginManifestConfig {
     description?: string;
@@ -107,17 +113,7 @@ export interface PluginManifestConfig {
     apiHeaders?: Record<string, string | null> | null;
     commandEnv?: Record<string, string | null> | null;
     envVars?: Record<string, PluginEnvVarDeclaration | null> | null;
-    credentials?: {
-        type?: "oauth-bearer" | "github-app";
-        domains?: string[];
-        apiHeaders?: Record<string, string | null> | null;
-        authTokenEnv?: string;
-        authTokenPlaceholder?: string | null;
-        appIdEnv?: string;
-        privateKeyEnv?: string;
-        installationIdEnv?: string;
-        systemReadPermissions?: string[];
-    } | null;
+    credentials?: PluginCredentialConfig | null;
     runtimeDependencies?: PluginRuntimeDependencyConfig[] | null;
     runtimePostinstall?: PluginRuntimePostinstallCommand[] | null;
     mcp?: {

package/dist/chat/respond.d.ts

@@ -1,3 +1,4 @@
+import type { Destination } from "@sentry/junior-plugin-api";
 import type { ChannelConfigurationService } from "@/chat/configuration/types";
 import type { ThreadArtifactsState } from "@/chat/state/artifacts";
 import type { ConversationPendingAuthState } from "@/chat/state/conversation";
@@ -21,6 +22,7 @@ export interface ReplyRequestContext {
         email?: string;
     };
     slackConversation?: SlackConversationContext;
+    destination?: Destination;
     surface?: AgentTurnSurface;
     correlation?: {
         conversationId?: string;

package/dist/chat/runtime/reply-executor.d.ts

@@ -8,6 +8,7 @@
  */
 import type { Message, Thread } from "chat";
 import type { SlackAdapter } from "@chat-adapter/slack";
+import type { Destination } from "@sentry/junior-plugin-api";
 import { generateAssistantReply as generateAssistantReplyImpl } from "@/chat/respond";
 import type { PreparedTurnState } from "@/chat/runtime/turn-preparation";
 import { type PrepareTurnStateInput, type QueuedTurnMessage, type TurnToolInvocation } from "@/chat/runtime/turn-input";
@@ -45,8 +46,9 @@ interface ReplyExecutorDeps {
     services: ReplyExecutorServices;
 }
 /** Build the Slack reply handler that prepares state, runs Pi, and delivers replies. */
-export declare function createReplyToThread(deps: ReplyExecutorDeps): (thread: Thread, message: Message, options?: {
+export declare function createReplyToThread(deps: ReplyExecutorDeps): (thread: Thread, message: Message, options: {
     beforeFirstResponsePost?: () => Promise<void>;
+    destination: Destination;
     explicitMention?: boolean;
     onInputCommitted?: () => Promise<void>;
     onToolInvocation?: (invocation: TurnToolInvocation) => void;

package/dist/chat/runtime/slack-runtime.d.ts

@@ -7,6 +7,7 @@
  * Pi/MCP internals and durable session storage behind injected services.
  */
 import type { Message, MessageContext, Thread } from "chat";
+import type { Destination } from "@sentry/junior-plugin-api";
 import type { SubscribedReplyDecision, SubscribedReplyPolicy } from "@/chat/services/subscribed-reply-policy";
 import { type PrepareTurnStateInput, type QueuedTurnMessage, type TurnMessageText, type TurnToolInvocation } from "@/chat/runtime/turn-input";
 export interface AssistantLifecycleEvent {
@@ -27,6 +28,9 @@ export interface ReplyHooks {
     onTurnStatePersisted?: () => Promise<void>;
     shouldYield?: () => boolean;
 }
+export interface SlackTurnOptions extends ReplyHooks {
+    destination: Destination;
+}
 export interface SlackTurnRuntimeDependencies<TPreparedState> {
     assistantUserName: string;
     getChannelId: (thread: Thread, message: Message) => string | undefined;
@@ -68,8 +72,9 @@ export interface SlackTurnRuntimeDependencies<TPreparedState> {
         thread: Thread;
     }) => Promise<void>;
     prepareTurnState: (args: PrepareTurnStateInput) => Promise<TPreparedState>;
-    replyToThread: (thread: Thread, message: Message, options?: {
+    replyToThread: (thread: Thread, message: Message, options: {
         beforeFirstResponsePost?: () => Promise<void>;
+        destination: Destination;
         explicitMention?: boolean;
         onInputCommitted?: () => Promise<void>;
         onToolInvocation?: (invocation: TurnToolInvocation) => void;
@@ -90,8 +95,8 @@ export interface SlackTurnRuntimeDependencies<TPreparedState> {
 export interface SlackTurnRuntime<_TPreparedState, TAssistantEvent extends AssistantLifecycleEvent = AssistantLifecycleEvent> {
     handleAssistantContextChanged: (event: TAssistantEvent) => Promise<void>;
     handleAssistantThreadStarted: (event: TAssistantEvent) => Promise<void>;
-    handleNewMention: (thread: Thread, message: Message, hooks?: ReplyHooks) => Promise<void>;
-    handleSubscribedMessage: (thread: Thread, message: Message, hooks?: ReplyHooks) => Promise<void>;
+    handleNewMention: (thread: Thread, message: Message, hooks: SlackTurnOptions) => Promise<void>;
+    handleSubscribedMessage: (thread: Thread, message: Message, hooks: SlackTurnOptions) => Promise<void>;
 }
 /** Build the Slack event runtime that routes mentions and subscribed messages. */
 export declare function createSlackTurnRuntime<TPreparedState, TAssistantEvent extends AssistantLifecycleEvent = AssistantLifecycleEvent>(deps: SlackTurnRuntimeDependencies<TPreparedState>): SlackTurnRuntime<TPreparedState, TAssistantEvent>;

package/dist/chat/sandbox/egress-credentials.d.ts

@@ -0,0 +1,33 @@
+import type { AgentPluginAuthorization, AgentPluginGrant } from "@sentry/junior-plugin-api";
+import { type SandboxEgressCredentialContext, type SandboxEgressCredentialLease } from "@/chat/sandbox/egress-session";
+export type SandboxEgressGrantSelection = {
+    grant: AgentPluginGrant;
+    source: "plugin";
+} | {
+    grant: AgentPluginGrant;
+    source: "broker";
+};
+/** Signals that a plugin selected a grant but needs user authorization before issuing headers. */
+export declare class SandboxEgressCredentialNeededError extends Error {
+    readonly authorization?: AgentPluginAuthorization;
+    readonly grant: AgentPluginGrant;
+    readonly provider: string;
+    constructor(input: {
+        authorization?: AgentPluginAuthorization;
+        grant: AgentPluginGrant;
+        message: string;
+        provider: string;
+    });
+}
+/** Select the plugin-defined or default grant needed for one outbound request. */
+export declare function selectSandboxEgressGrant(input: {
+    method: string;
+    provider: string;
+    upstreamUrl: URL;
+}): Promise<SandboxEgressGrantSelection>;
+/** Resolve the authorization flow attached to a broker-selected egress grant. */
+export declare function authorizationForSandboxEgressGrant(provider: string, selection: SandboxEgressGrantSelection): AgentPluginAuthorization | undefined;
+/** Return a cached or newly issued credential lease for a selected grant. */
+export declare function sandboxEgressCredentialLease(provider: string, selection: SandboxEgressGrantSelection, context: SandboxEgressCredentialContext): Promise<SandboxEgressCredentialLease>;
+/** Return whether a credential lease can modify requests to the target host. */
+export declare function hasSandboxEgressLeaseTransformForHost(lease: SandboxEgressCredentialLease, host: string): boolean;

package/dist/chat/sandbox/egress-schemas.d.ts

@@ -0,0 +1,105 @@
+import { z } from "zod";
+export declare const sandboxEgressGrantSchema: z.ZodObject<{
+    access: z.ZodUnion<readonly [z.ZodLiteral<"read">, z.ZodLiteral<"write">]>;
+    name: z.ZodString;
+    reason: z.ZodOptional<z.ZodString>;
+    requirements: z.ZodOptional<z.ZodArray<z.ZodString>>;
+}, z.core.$strict>;
+export declare const sandboxEgressCredentialContextSchema: z.ZodObject<{
+    credentials: z.ZodUnion<readonly [z.ZodObject<{
+        actor: z.ZodObject<{
+            type: z.ZodLiteral<"user">;
+            userId: z.ZodString;
+        }, z.core.$strict>;
+    }, z.core.$strict>, z.ZodObject<{
+        actor: z.ZodObject<{
+            type: z.ZodLiteral<"system">;
+            id: z.ZodString;
+        }, z.core.$strict>;
+        subject: z.ZodOptional<z.ZodObject<{
+            type: z.ZodLiteral<"user">;
+            userId: z.ZodString;
+            allowedWhen: z.ZodLiteral<"private-direct-conversation">;
+            binding: z.ZodObject<{
+                type: z.ZodLiteral<"slack-direct-conversation">;
+                teamId: z.ZodString;
+                channelId: z.ZodString;
+                signature: z.ZodString;
+            }, z.core.$strict>;
+        }, z.core.$strict>>;
+    }, z.core.$strict>]>;
+    egressId: z.ZodString;
+    expiresAtMs: z.ZodNumber;
+    contextId: z.ZodString;
+}, z.core.$strict>;
+export declare const sandboxEgressCredentialLeaseSchema: z.ZodObject<{
+    account: z.ZodOptional<z.ZodObject<{
+        id: z.ZodString;
+        label: z.ZodOptional<z.ZodString>;
+        url: z.ZodOptional<z.ZodString>;
+    }, z.core.$strict>>;
+    authorization: z.ZodOptional<z.ZodObject<{
+        provider: z.ZodString;
+        scope: z.ZodOptional<z.ZodString>;
+        type: z.ZodLiteral<"oauth">;
+    }, z.core.$strict>>;
+    grant: z.ZodObject<{
+        access: z.ZodUnion<readonly [z.ZodLiteral<"read">, z.ZodLiteral<"write">]>;
+        name: z.ZodString;
+        reason: z.ZodOptional<z.ZodString>;
+        requirements: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strict>;
+    provider: z.ZodString;
+    expiresAt: z.ZodString;
+    headerTransforms: z.ZodArray<z.ZodObject<{
+        domain: z.ZodString;
+        headers: z.ZodRecord<z.ZodString, z.ZodString>;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+export declare const sandboxEgressAuthRequiredSignalSchema: z.ZodObject<{
+    authorization: z.ZodOptional<z.ZodObject<{
+        provider: z.ZodString;
+        scope: z.ZodOptional<z.ZodString>;
+        type: z.ZodLiteral<"oauth">;
+    }, z.core.$strict>>;
+    grant: z.ZodObject<{
+        access: z.ZodUnion<readonly [z.ZodLiteral<"read">, z.ZodLiteral<"write">]>;
+        name: z.ZodString;
+        reason: z.ZodOptional<z.ZodString>;
+        requirements: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strict>;
+    provider: z.ZodString;
+    message: z.ZodOptional<z.ZodString>;
+    createdAtMs: z.ZodNumber;
+}, z.core.$strict>;
+export declare const sandboxEgressPermissionDeniedSignalSchema: z.ZodObject<{
+    account: z.ZodOptional<z.ZodObject<{
+        id: z.ZodString;
+        label: z.ZodOptional<z.ZodString>;
+        url: z.ZodOptional<z.ZodString>;
+    }, z.core.$strict>>;
+    acceptedPermissions: z.ZodOptional<z.ZodString>;
+    grant: z.ZodObject<{
+        access: z.ZodUnion<readonly [z.ZodLiteral<"read">, z.ZodLiteral<"write">]>;
+        name: z.ZodString;
+        reason: z.ZodOptional<z.ZodString>;
+        requirements: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strict>;
+    message: z.ZodString;
+    provider: z.ZodString;
+    source: z.ZodLiteral<"upstream">;
+    sso: z.ZodOptional<z.ZodString>;
+    status: z.ZodLiteral<403>;
+    upstreamHost: z.ZodString;
+    upstreamPath: z.ZodString;
+    createdAtMs: z.ZodNumber;
+}, z.core.$strict>;
+export type SandboxEgressCredentialContext = z.output<typeof sandboxEgressCredentialContextSchema>;
+export type SandboxEgressGrant = z.output<typeof sandboxEgressGrantSchema>;
+export type SandboxEgressCredentialLease = z.output<typeof sandboxEgressCredentialLeaseSchema>;
+export type SandboxEgressAuthRequiredSignal = z.output<typeof sandboxEgressAuthRequiredSignalSchema>;
+export type SandboxEgressPermissionDeniedSignal = z.output<typeof sandboxEgressPermissionDeniedSignalSchema>;
+/** Parse a host-owned sandbox egress auth signal from state or tool results. */
+export declare function parseSandboxEgressAuthRequiredSignal(value: unknown): SandboxEgressAuthRequiredSignal | undefined;
+/** Parse a host-owned sandbox egress permission-denied signal from state or tool results. */
+export declare function parseSandboxEgressPermissionDeniedSignal(value: unknown): SandboxEgressPermissionDeniedSignal | undefined;