npm - @siglume/api-sdk - Versions diffs - 0.10.8 → 1.1.0 - Mend

@siglume/api-sdk 0.10.8 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/dist/bin/siglume.cjs CHANGED Viewed

@@ -176,6 +176,61 @@ var init_utils = __esm({
   }
 });
+// src/types.ts
+var PermissionClass, ApprovalMode, Environment, PriceModel, AppCategory, MINIMUM_JPY_OPERATION_PRICE_MINOR, ToolManualPermissionClass, SettlementMode;
+var init_types = __esm({
+  "src/types.ts"() {
+    "use strict";
+    PermissionClass = {
+      READ_ONLY: "read-only",
+      ACTION: "action",
+      PAYMENT: "payment",
+      /** @deprecated Use READ_ONLY. Behaves identically. */
+      RECOMMENDATION: "recommendation"
+    };
+    ApprovalMode = {
+      AUTO: "auto",
+      BUDGET_BOUNDED: "budget-bounded",
+      ALWAYS_ASK: "always-ask",
+      DENY: "deny"
+    };
+    Environment = {
+      SANDBOX: "sandbox",
+      LIVE: "live"
+    };
+    PriceModel = {
+      FREE: "free",
+      SUBSCRIPTION: "subscription",
+      ONE_TIME: "one_time",
+      BUNDLE: "bundle",
+      USAGE_BASED: "usage_based",
+      PER_ACTION: "per_action"
+    };
+    AppCategory = {
+      COMMERCE: "commerce",
+      BOOKING: "booking",
+      CRM: "crm",
+      FINANCE: "finance",
+      DOCUMENT: "document",
+      COMMUNICATION: "communication",
+      MONITORING: "monitoring",
+      OTHER: "other"
+    };
+    MINIMUM_JPY_OPERATION_PRICE_MINOR = 15;
+    ToolManualPermissionClass = {
+      READ_ONLY: "read_only",
+      ACTION: "action",
+      PAYMENT: "payment"
+    };
+    SettlementMode = {
+      STRIPE_CHECKOUT: "stripe_checkout",
+      STRIPE_PAYMENT_INTENT: "stripe_payment_intent",
+      POLYGON_MANDATE: "polygon_mandate",
+      EMBEDDED_WALLET_CHARGE: "embedded_wallet_charge"
+    };
+  }
+});
 // src/webhooks.ts
 function isRecord2(value) {
   return typeof value === "object" && value !== null && !Array.isArray(value);
@@ -1297,6 +1352,58 @@ function validateSaveDataSchema(schema, fieldName) {
     }
   }
 }
+function validatePricingPlanFloor(plan, defaultCurrency) {
+  if (plan === void 0 || plan === null) {
+    return;
+  }
+  if (!isRecord(plan)) {
+    throw new SiglumeClientError("AppManifest.pricing_plan must be an object when provided.");
+  }
+  const items = plan.items;
+  if (items === void 0 || items === null) {
+    return;
+  }
+  if (!Array.isArray(items)) {
+    throw new SiglumeClientError("AppManifest.pricing_plan.items must be an array when provided.");
+  }
+  const planCurrency = String(plan.currency ?? defaultCurrency ?? "").trim().toUpperCase();
+  const seenKeys = /* @__PURE__ */ new Set();
+  items.forEach((item, index) => {
+    if (!isRecord(item)) {
+      throw new SiglumeClientError(`AppManifest.pricing_plan.items[${index}] must be an object.`);
+    }
+    const itemKey = String(
+      item.key ?? item.operation ?? item.operation_key ?? item.request_type ?? item.receipt_code ?? item.action ?? ""
+    ).trim();
+    if (!itemKey) {
+      throw new SiglumeClientError(`AppManifest.pricing_plan.items[${index}].key is required.`);
+    }
+    if (seenKeys.has(itemKey)) {
+      throw new SiglumeClientError(`AppManifest.pricing_plan.items[${index}].key duplicates ${itemKey}.`);
+    }
+    seenKeys.add(itemKey);
+    const amountRaw = item.price_minor ?? item.amount_minor ?? item.cost_minor ?? item.value_minor;
+    if (amountRaw === void 0 || amountRaw === null) {
+      throw new SiglumeClientError(`AppManifest.pricing_plan.items[${index}].price_minor is required.`);
+    }
+    const amountMinor = typeof amountRaw === "number" ? amountRaw : typeof amountRaw === "string" && amountRaw.trim() ? Number(amountRaw) : NaN;
+    if (!Number.isInteger(amountMinor)) {
+      throw new SiglumeClientError(`AppManifest.pricing_plan.items[${index}].price_minor must be an integer.`);
+    }
+    if (amountMinor < 0) {
+      throw new SiglumeClientError(`AppManifest.pricing_plan.items[${index}].price_minor must be zero or positive.`);
+    }
+    const currency = String(item.currency ?? planCurrency ?? defaultCurrency ?? "").trim().toUpperCase();
+    if (MINIMUM_JPY_OPERATION_PRICE_CURRENCIES.has(currency) && amountMinor > 0 && amountMinor < MINIMUM_JPY_OPERATION_PRICE_MINOR) {
+      throw new SiglumeClientError(
+        `AppManifest.pricing_plan.items[${index}].price_minor must be 0 or at least ${MINIMUM_JPY_OPERATION_PRICE_MINOR} for JPY/JPYC operation billing.`
+      );
+    }
+  });
+}
+function pricingPlanHasItems(plan) {
+  return isRecord(plan) && Array.isArray(plan.items) && plan.items.length > 0;
+}
 function buildToolManualQualityReport(payload) {
   const qualityBlock = isRecord(payload.quality) ? payload.quality : payload;
   const issues = [];
@@ -1372,6 +1479,7 @@ function buildUrl(baseUrl, path, params) {
 }
 function parseListing(data) {
   const metadata = isRecord(data.metadata) ? data.metadata : {};
+  const pricing_plan = isRecord(data.pricing_plan) ? data.pricing_plan : isRecord(metadata.pricing_plan) ? metadata.pricing_plan : null;
   const persistence = isRecord(data.persistence) ? data.persistence : isRecord(metadata.persistence) ? metadata.persistence : {};
   return {
     listing_id: String(data.listing_id ?? data.id ?? ""),
@@ -1385,6 +1493,7 @@ function parseListing(data) {
     dry_run_supported: Boolean(data.dry_run_supported ?? false),
     price_model: stringOrNull(data.price_model),
     price_value_minor: Number(data.price_value_minor ?? 0),
+    pricing_plan,
     currency: String(data.currency ?? "USD"),
     allow_free_trial: Boolean(data.allow_free_trial ?? false),
     free_trial_duration_days: Number(data.free_trial_duration_days ?? 30),
@@ -1459,18 +1568,6 @@ function parseBundleMember(data) {
     link_id: stringOrNull(data.link_id)
   };
 }
-function parseConnectedAccountLifecycle(data) {
-  return {
-    connected_account_id: String(data.connected_account_id ?? ""),
-    provider_key: String(data.provider_key ?? ""),
-    expires_at: stringOrNull(data.expires_at),
-    scopes: Array.isArray(data.scopes) ? data.scopes.filter((s) => typeof s === "string") : [],
-    refreshed_at: stringOrNull(data.refreshed_at),
-    connection_status: stringOrNull(data.connection_status),
-    provider_revoked: typeof data.provider_revoked === "boolean" ? data.provider_revoked : null,
-    revoked_at: stringOrNull(data.revoked_at)
-  };
-}
 function parseBundle(data) {
   const membersRaw = Array.isArray(data.members) ? data.members : [];
   return {
@@ -1549,21 +1646,6 @@ function parseBinding(data) {
     raw: { ...data }
   };
 }
-function parseConnectedAccount(data) {
-  return {
-    connected_account_id: String(data.connected_account_id ?? data.id ?? ""),
-    provider_key: String(data.provider_key ?? ""),
-    account_role: String(data.account_role ?? ""),
-    display_name: stringOrNull(data.display_name),
-    environment: stringOrNull(data.environment),
-    connection_status: stringOrNull(data.connection_status),
-    scopes: Array.isArray(data.scopes) ? data.scopes.filter((item) => typeof item === "string") : [],
-    metadata: toRecord(data.metadata),
-    created_at: stringOrNull(data.created_at),
-    updated_at: stringOrNull(data.updated_at),
-    raw: { ...data }
-  };
-}
 function parseSupportCase(data) {
   return {
     support_case_id: String(data.support_case_id ?? data.id ?? ""),
@@ -2509,10 +2591,11 @@ function cloneJsonLike(value) {
   }
   return value;
 }
-var DEFAULT_SIGLUME_API_BASE, RETRYABLE_STATUS_CODES, CursorPageResult, SiglumeClient;
+var DEFAULT_SIGLUME_API_BASE, RETRYABLE_STATUS_CODES, MINIMUM_JPY_OPERATION_PRICE_CURRENCIES, CursorPageResult, SiglumeClient;
 var init_client = __esm({
   "src/client.ts"() {
     "use strict";
+    init_types();
     init_errors();
     init_webhooks();
     init_web3();
@@ -2520,6 +2603,7 @@ var init_client = __esm({
     init_utils();
     DEFAULT_SIGLUME_API_BASE = "https://siglume.com/v1";
     RETRYABLE_STATUS_CODES = /* @__PURE__ */ new Set([429, 500, 502, 503, 504]);
+    MINIMUM_JPY_OPERATION_PRICE_CURRENCIES = /* @__PURE__ */ new Set(["JPY", "JPYC"]);
     CursorPageResult = class {
       items;
       next_cursor;
@@ -2602,13 +2686,6 @@ var init_client = __esm({
         if (options.runtime_validation) {
           payload.runtime_validation = coerceMapping(options.runtime_validation, "runtime_validation");
         }
-        if (options.oauth_credentials) {
-          payload.oauth_credentials = Array.isArray(options.oauth_credentials) ? {
-            items: options.oauth_credentials.map(
-              (item, index) => coerceMapping(item, `oauth_credentials[${index}]`)
-            )
-          } : coerceMapping(options.oauth_credentials, "oauth_credentials");
-        }
         if (options.source_context) {
           payload.source_context = coerceMapping(options.source_context, "source_context");
         }
@@ -2634,6 +2711,7 @@ var init_client = __esm({
           "jurisdiction",
           "price_model",
           "price_value_minor",
+          "pricing_plan",
           "currency",
           "allow_free_trial",
           "free_trial_duration_days",
@@ -2650,6 +2728,9 @@ var init_client = __esm({
             payload[fieldName] = value;
           }
         }
+        if (payload.pricing_plan !== void 0 && (typeof payload.pricing_plan !== "object" || Array.isArray(payload.pricing_plan))) {
+          throw new SiglumeClientError("AppManifest.pricing_plan must be an object when provided.");
+        }
         if (payload.store_vertical === void 0 || payload.store_vertical === null) {
           throw new SiglumeClientError(
             "AppManifest.store_vertical is required. Choose 'api' for normal API Store listings or 'game' for API games."
@@ -2665,6 +2746,13 @@ var init_client = __esm({
           throw new SiglumeClientError(`AppManifest.currency must be 'USD' or 'JPY'. Got ${String(payload.currency)}.`);
         }
         payload.currency = currency;
+        if (payload.pricing_plan !== void 0) {
+          validatePricingPlanFloor(payload.pricing_plan, currency);
+        }
+        const priceModel = String(payload.price_model ?? "free").trim().toLowerCase();
+        if ((priceModel === "usage_based" || priceModel === "per_action") && !pricingPlanHasItems(payload.pricing_plan)) {
+          throw new SiglumeClientError("AppManifest.pricing_plan.items is required for usage_based/per_action pricing.");
+        }
         if (payload.allow_free_trial === void 0 || payload.allow_free_trial === null) {
           throw new SiglumeClientError(
             "AppManifest.allow_free_trial is required. Pass true to offer a Plus/Pro buyer free trial or false to disable trials."
@@ -2738,7 +2826,6 @@ var init_client = __esm({
           auto_manifest: toRecord(data.auto_manifest),
           confidence: toRecord(data.confidence),
           validation_report: toRecord(data.validation_report),
-          oauth_status: toRecord(data.oauth_status),
           review_url: stringOrNull(data.review_url),
           trace_id: meta.trace_id,
           request_id: meta.request_id
@@ -2914,66 +3001,9 @@ var init_client = __esm({
         return parseBundle(data);
       }
       // ----- end bundles -------------------------------------------------------
-      // ----- Connected accounts (v0.7 track 3) ---------------------------------
-      // `resolve()` is intentionally NOT wrapped: runtime-only, never over the wire.
-      async start_connected_account_oauth(input) {
-        const body = {
-          listing_id: input.listing_id,
-          redirect_uri: input.redirect_uri
-        };
-        if (input.scopes !== void 0) body.scopes = input.scopes;
-        if (input.account_role !== void 0) body.account_role = input.account_role;
-        const [data] = await this.request("POST", "/me/connected-accounts/oauth/authorize", {
-          json_body: body
-        });
-        return {
-          authorize_url: String(data.authorize_url ?? ""),
-          state: String(data.state ?? ""),
-          provider_key: String(data.provider_key ?? ""),
-          scopes: Array.isArray(data.scopes) ? data.scopes.filter((s) => typeof s === "string") : [],
-          pkce_method: stringOrNull(data.pkce_method)
-        };
-      }
-      async complete_connected_account_oauth(input) {
-        const [data] = await this.request("POST", "/me/connected-accounts/oauth/callback", {
-          json_body: { state: input.state, code: input.code }
-        });
-        return { ...data };
-      }
-      async refresh_connected_account(account_id) {
-        const [data] = await this.request("POST", `/me/connected-accounts/${account_id}/refresh`);
-        return parseConnectedAccountLifecycle(data);
-      }
-      async revoke_connected_account(account_id) {
-        const [data] = await this.request("POST", `/me/connected-accounts/${account_id}/revoke`);
-        return parseConnectedAccountLifecycle(data);
-      }
-      async set_listing_oauth_credentials(listing_id, input) {
-        const body = {
-          provider_key: input.provider_key,
-          client_id: input.client_id,
-          client_secret: input.client_secret,
-          authorize_url: input.authorize_url,
-          token_url: input.token_url
-        };
-        if (input.revoke_url !== void 0) body.revoke_url = input.revoke_url;
-        if (input.display_name !== void 0) body.display_name = input.display_name;
-        if (input.scope_separator !== void 0) body.scope_separator = input.scope_separator;
-        if (input.token_endpoint_auth !== void 0) body.token_endpoint_auth = input.token_endpoint_auth;
-        if (input.pkce_required !== void 0) body.pkce_required = input.pkce_required;
-        if (input.refresh_supported !== void 0) body.refresh_supported = input.refresh_supported;
-        if (input.available_scopes !== void 0) body.available_scopes = input.available_scopes;
-        if (input.required_scopes !== void 0) body.required_scopes = input.required_scopes;
-        const [data] = await this.request("PUT", `/market/capabilities/${listing_id}/oauth-credentials`, {
-          json_body: body
-        });
-        return { ...data };
-      }
-      async get_listing_oauth_credentials_status(listing_id) {
-        const [data] = await this.request("GET", `/market/capabilities/${listing_id}/oauth-credentials`);
-        return { ...data };
-      }
-      // ----- end connected accounts --------------------------------------------
+      // ----- Connected accounts ------------------------------------------------
+      // Architecture B: publisher APIs own external OAuth and token storage.
+      // The SDK no longer exposes platform OAuth or listing credential APIs.
       async get_developer_portal() {
         const [data, meta] = await this.request("GET", "/market/developer/portal");
         return {
@@ -3006,7 +3036,6 @@ var init_client = __esm({
           dry_run_supported: Boolean(data.dry_run_supported ?? false),
           approval_mode: stringOrNull(data.approval_mode),
           required_connected_accounts: Array.isArray(data.required_connected_accounts) ? data.required_connected_accounts : [],
-          connected_accounts: Array.isArray(data.connected_accounts) ? data.connected_accounts.filter((item) => isRecord(item)).map((item) => ({ ...item })) : [],
           stub_providers_enabled: Boolean(data.stub_providers_enabled ?? false),
           simulated_receipts: Boolean(data.simulated_receipts ?? false),
           approval_simulator: Boolean(data.approval_simulator ?? false),
@@ -4304,25 +4333,6 @@ var init_client = __esm({
           raw: { ...data }
         };
       }
-      async list_connected_accounts(options = {}) {
-        const params = {
-          provider_key: options.provider_key,
-          environment: options.environment,
-          limit: Math.max(1, Math.min(Math.trunc(options.limit ?? 50), 100)),
-          cursor: options.cursor
-        };
-        const [data, meta] = await this.request("GET", "/market/connected-accounts", { params });
-        const items = Array.isArray(data.items) ? data.items.filter((item) => isRecord(item)).map(parseConnectedAccount) : [];
-        const next_cursor = stringOrNull(data.next_cursor);
-        return new CursorPageResult({
-          items,
-          next_cursor,
-          limit: typeof data.limit === "number" ? data.limit : params.limit,
-          offset: typeof data.offset === "number" ? data.offset : null,
-          meta,
-          fetchNext: next_cursor ? (cursor) => this.list_connected_accounts({ ...options, cursor }) : void 0
-        });
-      }
       async create_support_case(subject, body, options = {}) {
         const summary = subject.trim();
         const details = body.trim();
@@ -5417,53 +5427,8 @@ function stableValue(value) {
   return value;
 }
-// src/types.ts
-var PermissionClass = {
-  READ_ONLY: "read-only",
-  ACTION: "action",
-  PAYMENT: "payment",
-  /** @deprecated Use READ_ONLY. Behaves identically. */
-  RECOMMENDATION: "recommendation"
-};
-var ApprovalMode = {
-  AUTO: "auto",
-  BUDGET_BOUNDED: "budget-bounded",
-  ALWAYS_ASK: "always-ask",
-  DENY: "deny"
-};
-var Environment = {
-  SANDBOX: "sandbox",
-  LIVE: "live"
-};
-var PriceModel = {
-  FREE: "free",
-  SUBSCRIPTION: "subscription",
-  ONE_TIME: "one_time",
-  BUNDLE: "bundle",
-  USAGE_BASED: "usage_based",
-  PER_ACTION: "per_action"
-};
-var AppCategory = {
-  COMMERCE: "commerce",
-  BOOKING: "booking",
-  CRM: "crm",
-  FINANCE: "finance",
-  DOCUMENT: "document",
-  COMMUNICATION: "communication",
-  MONITORING: "monitoring",
-  OTHER: "other"
-};
-var ToolManualPermissionClass = {
-  READ_ONLY: "read_only",
-  ACTION: "action",
-  PAYMENT: "payment"
-};
-var SettlementMode = {
-  STRIPE_CHECKOUT: "stripe_checkout",
-  STRIPE_PAYMENT_INTENT: "stripe_payment_intent",
-  POLYGON_MANDATE: "polygon_mandate",
-  EMBEDDED_WALLET_CHARGE: "embedded_wallet_charge"
-};
+// src/runtime.ts
+init_types();
 // src/testing/recorder.ts
 var CASSETTE_VERSION = 1;
@@ -5855,6 +5820,7 @@ Actual:   ${requestSignature(requestRecord, ignoreBodyFields)}`
 };
 // src/tool-manual-validator.ts
+init_types();
 init_utils();
 var JURISDICTION_PATTERN = /^[A-Z]{2}(-[A-Z0-9]{1,3})?$/;
 var TOOL_NAME_RE = /^[A-Za-z0-9_]{3,64}$/;
@@ -6126,6 +6092,64 @@ function validate_tool_manual(manualInput) {
 // src/runtime.ts
 init_web3();
 var CAPABILITY_KEY_RE = /^[a-z0-9][a-z0-9-]*[a-z0-9]$/;
+var MINIMUM_JPY_OPERATION_PRICE_CURRENCIES2 = /* @__PURE__ */ new Set(["JPY", "JPYC"]);
+function pricingPlanFloorIssues(plan, defaultCurrency) {
+  const issues = [];
+  if (plan === void 0 || plan === null) {
+    return issues;
+  }
+  if (typeof plan !== "object" || Array.isArray(plan)) {
+    return ["pricing_plan must be an object when provided"];
+  }
+  const record = plan;
+  const items = record.items;
+  if (items === void 0 || items === null) {
+    return issues;
+  }
+  if (!Array.isArray(items)) {
+    return ["pricing_plan.items must be an array when provided"];
+  }
+  const planCurrency = String(record.currency ?? defaultCurrency ?? "").trim().toUpperCase();
+  const seenKeys = /* @__PURE__ */ new Set();
+  items.forEach((item, index) => {
+    if (typeof item !== "object" || item === null || Array.isArray(item)) {
+      issues.push(`pricing_plan.items[${index}] must be an object`);
+      return;
+    }
+    const itemRecord = item;
+    const itemKey = String(
+      itemRecord.key ?? itemRecord.operation ?? itemRecord.operation_key ?? itemRecord.request_type ?? itemRecord.receipt_code ?? itemRecord.action ?? ""
+    ).trim();
+    if (!itemKey) {
+      issues.push(`pricing_plan.items[${index}].key is required`);
+    } else if (seenKeys.has(itemKey)) {
+      issues.push(`pricing_plan.items[${index}].key duplicates ${itemKey}`);
+    } else {
+      seenKeys.add(itemKey);
+    }
+    const amountRaw = itemRecord.price_minor ?? itemRecord.amount_minor ?? itemRecord.cost_minor ?? itemRecord.value_minor;
+    if (amountRaw === void 0 || amountRaw === null) {
+      issues.push(`pricing_plan.items[${index}].price_minor is required`);
+      return;
+    }
+    const amountMinor = typeof amountRaw === "number" ? amountRaw : typeof amountRaw === "string" && amountRaw.trim() ? Number(amountRaw) : NaN;
+    if (!Number.isInteger(amountMinor)) {
+      issues.push(`pricing_plan.items[${index}].price_minor must be an integer`);
+      return;
+    }
+    if (amountMinor < 0) {
+      issues.push(`pricing_plan.items[${index}].price_minor must be zero or positive`);
+      return;
+    }
+    const currency = String(itemRecord.currency ?? planCurrency ?? defaultCurrency ?? "").trim().toUpperCase();
+    if (MINIMUM_JPY_OPERATION_PRICE_CURRENCIES2.has(currency) && amountMinor > 0 && amountMinor < MINIMUM_JPY_OPERATION_PRICE_MINOR) {
+      issues.push(
+        `pricing_plan.items[${index}].price_minor must be 0 or at least ${MINIMUM_JPY_OPERATION_PRICE_MINOR} for JPY/JPYC operation billing`
+      );
+    }
+  });
+  return issues;
+}
 function normalizeExecutionResult(result, executionKind) {
   return {
     success: Boolean(result.success),
@@ -6166,24 +6190,12 @@ var AppTestHarness = class {
     this.stubs = stubs;
   }
   async executeWithKind(execution_kind, task_type = "default", options = {}) {
-    const connected_accounts = options.connected_accounts ?? Object.fromEntries(
-      Object.keys(this.stubs).map((key) => [
-        key,
-        {
-          provider_key: key,
-          session_token: `stub-token-${key}`,
-          environment: Environment.SANDBOX,
-          scopes: []
-        }
-      ])
-    );
     const ctx = {
       agent_id: "test-agent-001",
       owner_user_id: "test-owner-001",
       task_type,
       environment: Environment.SANDBOX,
       execution_kind,
-      connected_accounts,
       input_params: options.input_params ?? {},
       trace_id: options.trace_id,
       idempotency_key: options.idempotency_key,
@@ -6225,6 +6237,10 @@ var AppTestHarness = class {
     if (!manifest.example_prompts || manifest.example_prompts.length === 0) {
       issues.push("at least one example_prompt is recommended");
     }
+    issues.push(...pricingPlanFloorIssues(manifest.pricing_plan, String(manifest.currency ?? "USD")));
+    if ((manifest.price_model === PriceModel.USAGE_BASED || manifest.price_model === PriceModel.PER_ACTION) && (!manifest.pricing_plan || !Array.isArray(manifest.pricing_plan.items) || manifest.pricing_plan.items.length === 0)) {
+      issues.push("pricing_plan.items is required for usage_based/per_action pricing");
+    }
     if (manifest.permission_class === PermissionClass.ACTION || manifest.permission_class === PermissionClass.PAYMENT) {
       if (!manifest.dry_run_supported) {
         issues.push("action/payment apps should support dry_run");
@@ -6273,12 +6289,6 @@ var AppTestHarness = class {
     }
     return issues;
   }
-  async simulate_connected_account_missing(task_type = "default", options = {}) {
-    return this.executeWithKind("dry_run", task_type, {
-      ...options,
-      connected_accounts: {}
-    });
-  }
   async simulate_metering(record, options = {}) {
     const { normalizeUsageRecord: normalizeUsageRecord2 } = await Promise.resolve().then(() => (init_metering(), metering_exports));
     const manifest = await this.app.manifest();
@@ -6306,7 +6316,7 @@ var AppTestHarness = class {
       };
     }
     return {
-      experimental: manifest.price_model === PriceModel.USAGE_BASED || manifest.price_model === PriceModel.PER_ACTION,
+      experimental: false,
       usage_record,
       invoice_line_preview
     };
@@ -7241,15 +7251,6 @@ async function loadProject(path = ".") {
   const tool_manual = tool_manual_path ? JSON.parse(await (0, import_promises.readFile)(tool_manual_path, "utf8")) : buildToolManualTemplate(manifest);
   const runtime_validation_path = await findRuntimeValidationPath(root_dir);
   const runtime_validation = runtime_validation_path ? await loadJsonObject(runtime_validation_path, "runtime_validation") : void 0;
-  const oauth_credentials_path = await findOauthCredentialsPath(root_dir);
-  let oauth_credentials;
-  if (oauth_credentials_path) {
-    const parsed = JSON.parse(await (0, import_promises.readFile)(oauth_credentials_path, "utf8"));
-    if (!isRecord(parsed) && !Array.isArray(parsed)) {
-      throw new SiglumeProjectError("oauth_credentials must be a JSON object or array");
-    }
-    oauth_credentials = parsed;
-  }
   return {
     root_dir,
     adapter_path,
@@ -7258,9 +7259,7 @@ async function loadProject(path = ".") {
     tool_manual_path: tool_manual_path ?? void 0,
     tool_manual,
     runtime_validation_path: runtime_validation_path ?? void 0,
-    runtime_validation,
-    oauth_credentials_path: oauth_credentials_path ?? void 0,
-    oauth_credentials
+    runtime_validation
   };
 }
 function isPlatformManagedRequirement(value) {
@@ -7298,6 +7297,21 @@ function requiredOauthProviders(requirements) {
   }
   return providers;
 }
+function apiManagedRequirementsMissingConnectUrl(requirements) {
+  const missing = [];
+  for (const item of requirements ?? []) {
+    if (!isRecord(item)) continue;
+    const managedBy = String(item.managed_by ?? "").trim().toLowerCase().replaceAll("_", "-");
+    if (managedBy !== "api") continue;
+    const connectUrl = String(item.connect_url ?? "").trim();
+    if (connectUrl) continue;
+    const label = oauthProviderKeyFromRequirement(item) ?? "(missing provider_key)";
+    if (!missing.includes(label)) {
+      missing.push(label);
+    }
+  }
+  return missing;
+}
 function connectedAccountRequirementLabel(value) {
   if (isRecord(value)) {
     for (const key of ["provider_key", "provider", "account_type", "name"]) {
@@ -7308,102 +7322,6 @@ function connectedAccountRequirementLabel(value) {
   }
   return String(value ?? "").trim();
 }
-function oauthProviderRecordsMap(payload) {
-  if (!payload) {
-    return {};
-  }
-  const items = Array.isArray(payload) ? payload : Array.isArray(payload.items) ? payload.items : [payload];
-  const resolved = {};
-  for (const [index, item] of items.entries()) {
-    if (!isRecord(item)) {
-      throw new SiglumeProjectError(`oauth_credentials[${index}] must be a JSON object.`);
-    }
-    const providerKey = oauthProviderKeyFromRequirement(item.provider_key ?? item.provider);
-    if (!providerKey) {
-      throw new SiglumeProjectError(`oauth_credentials[${index}].provider_key is required.`);
-    }
-    const authorizeUrl = String(item.authorize_url ?? item.authorization_url ?? item.auth_url ?? "").trim();
-    const tokenUrl = String(item.token_url ?? "").trim();
-    if (!authorizeUrl || !tokenUrl) {
-      throw new SiglumeProjectError(
-        `oauth_credentials[${index}] must include authorize_url and token_url.`
-      );
-    }
-    for (const [urlKey, urlValue] of Object.entries({
-      authorize_url: authorizeUrl,
-      token_url: tokenUrl,
-      revoke_url: String(item.revoke_url ?? "").trim()
-    })) {
-      if (urlValue && !urlValue.startsWith("https://")) {
-        throw new SiglumeProjectError(`oauth_credentials[${index}].${urlKey} must be an https URL.`);
-      }
-    }
-    const clientId = String(item.client_id ?? "").trim();
-    const clientSecret = String(item.client_secret ?? "").trim();
-    if (!clientId || !clientSecret) {
-      throw new SiglumeProjectError(`oauth_credentials[${index}] must include client_id and client_secret.`);
-    }
-    const rawScopes = item.required_scopes ?? item.scopes;
-    let scopes = [];
-    if (rawScopes == null) {
-      scopes = [];
-    } else if (!Array.isArray(rawScopes)) {
-      throw new SiglumeProjectError(`oauth_credentials[${index}].required_scopes must be a JSON array.`);
-    } else {
-      scopes = rawScopes.map((scope) => String(scope ?? "").trim()).filter(Boolean);
-    }
-    const record = {
-      provider_key: providerKey,
-      client_id: clientId,
-      client_secret: clientSecret,
-      required_scopes: scopes
-    };
-    for (const [key, value] of Object.entries({
-      authorize_url: authorizeUrl,
-      token_url: tokenUrl,
-      revoke_url: String(item.revoke_url ?? "").trim(),
-      display_name: String(item.display_name ?? "").trim(),
-      scope_separator: String(item.scope_separator ?? "").trim(),
-      token_endpoint_auth: String(item.token_endpoint_auth ?? "").trim()
-    })) {
-      if (value) record[key] = value;
-    }
-    for (const key of ["pkce_required", "refresh_supported"]) {
-      if (typeof item[key] === "boolean") record[key] = item[key];
-    }
-    if (Array.isArray(item.available_scopes)) {
-      const availableScopes = item.available_scopes.map((scope) => String(scope ?? "").trim()).filter(Boolean);
-      if (availableScopes.length > 0) record.available_scopes = availableScopes;
-    }
-    resolved[providerKey] = record;
-  }
-  return resolved;
-}
-function canonicalOauthCredentialsPayload(payload) {
-  const records = oauthProviderRecordsMap(payload);
-  const providerKeys = Object.keys(records).sort();
-  if (providerKeys.length === 0) {
-    return void 0;
-  }
-  return {
-    items: providerKeys.map((providerKey) => records[providerKey])
-  };
-}
-function ensureRequiredOauthCredentials(project) {
-  const requiredProviders = requiredOauthProviders(project.manifest.required_connected_accounts ?? []);
-  if (requiredProviders.length === 0) {
-    return;
-  }
-  const provided = new Set(Object.keys(oauthProviderRecordsMap(project.oauth_credentials)));
-  const missing = requiredProviders.filter((provider) => !provided.has(provider));
-  if (missing.length === 0) {
-    return;
-  }
-  const path = project.oauth_credentials_path ?? (0, import_node_path.join)(project.root_dir, "oauth_credentials.json");
-  throw new SiglumeProjectError(
-    `${path} is required for platform-managed OAuth APIs. Missing provider seeds: ${missing.join(", ")}`
-  );
-}
 async function validateProject(path = ".", deps = {}) {
   const project = await loadProject(path);
   const manifest_issues = await projectValidationIssues(project);
@@ -7558,10 +7476,21 @@ function ensureExplicitToolManual(project) {
 async function registrationPreflight(project, client) {
   const manifestIssues = await projectValidationIssues(project);
   const [toolManualValid, toolManualIssues] = validate_tool_manual(project.tool_manual);
+  const retiredPlatformOauthProviders = requiredOauthProviders(project.manifest.required_connected_accounts ?? []);
+  if (retiredPlatformOauthProviders.length > 0) {
+    throw new SiglumeProjectError(
+      `Registration preflight failed. Fix these before calling auto-register:
+- platform-managed OAuth is retired. Use managed_by="api" with connect_url: ${retiredPlatformOauthProviders.join(", ")}`
+    );
+  }
+  const apiManagedMissingConnectUrl = apiManagedRequirementsMissingConnectUrl(project.manifest.required_connected_accounts ?? []);
+  if (apiManagedMissingConnectUrl.length > 0) {
+    throw new SiglumeProjectError(
+      `Registration preflight failed. Fix these before calling auto-register:
+- API-managed OAuth requirements must include connect_url: ${apiManagedMissingConnectUrl.join(", ")}`
+    );
+  }
   const remoteQuality = await client.preview_quality_score(project.tool_manual);
-  const requiredOauthProvidersList = requiredOauthProviders(project.manifest.required_connected_accounts ?? []);
-  const oauthProviderRecords = oauthProviderRecordsMap(project.oauth_credentials);
-  const missingOauthProviders = requiredOauthProvidersList.filter((provider) => !oauthProviderRecords[provider]);
   const blockingToolManualIssues = toolManualIssues.filter((issue2) => issue2.severity === "error");
   const errors = [
     ...manifestIssues.map((issue2) => String(issue2)),
@@ -7573,17 +7502,12 @@ async function registrationPreflight(project, client) {
   if (!remoteQualityOk(remoteQuality)) {
     errors.push(`remote Tool Manual quality is not publishable: ${remoteQuality.grade} (${remoteQuality.overall_score}/100)`);
   }
-  if (missingOauthProviders.length > 0) {
-    errors.push(`oauth_credentials.json is required for platform-managed OAuth APIs: ${missingOauthProviders.join(", ")}`);
-  }
   const preflight = {
     manifest_issues: manifestIssues,
     tool_manual_valid: toolManualValid,
     tool_manual_issues: toolManualIssues.map((issue2) => toJsonable(issue2)),
     remote_quality: toJsonable(remoteQuality),
-    required_oauth_providers: requiredOauthProvidersList,
-    oauth_credentials_path: project.oauth_credentials_path ?? null,
-    oauth_missing_providers: missingOauthProviders,
+    retired_platform_oauth_providers: retiredPlatformOauthProviders,
     ok: errors.length === 0
   };
   if (errors.length > 0) {
@@ -7622,8 +7546,6 @@ async function runRegistration(path = ".", options = {}, deps = {}) {
   ensureExplicitToolManual(project);
   ensureManifestPublisherIdentity(project);
   ensureRuntimeValidationReady(project);
-  ensureRequiredOauthCredentials(project);
-  const canonicalOauthCredentials = canonicalOauthCredentialsPayload(project.oauth_credentials);
   const client = await createClient(deps);
   if (requestedCompanySlug) {
     const slug = companyNameSlug(requestedCompanySlug);
@@ -7700,14 +7622,12 @@ async function runRegistration(path = ".", options = {}, deps = {}) {
     }
   }
   const receipt = await client.auto_register(project.manifest, project.tool_manual, {
-    runtime_validation: project.runtime_validation,
-    oauth_credentials: canonicalOauthCredentials
+    runtime_validation: project.runtime_validation
   });
   const result = {
     receipt: toJsonable(receipt),
     registration_preflight: preflight,
-    runtime_validation_path: project.runtime_validation_path ?? null,
-    oauth_credentials_path: project.oauth_credentials_path ?? null
+    runtime_validation_path: project.runtime_validation_path ?? null
   };
   if (developerPortalPreflight) {
     result.developer_portal_preflight = developerPortalPreflight;
@@ -7728,7 +7648,6 @@ async function runPreflight(path = ".", deps = {}) {
   ensureExplicitToolManual(project);
   ensureManifestPublisherIdentity(project);
   ensureRuntimeValidationReady(project);
-  ensureRequiredOauthCredentials(project);
   const client = await createClient(deps);
   const preflight = await registrationPreflight(project, client);
   let developerPortalPreflight = null;
@@ -7746,8 +7665,7 @@ async function runPreflight(path = ".", deps = {}) {
     ok: true,
     adapter_path: project.adapter_path,
     registration_preflight: preflight,
-    runtime_validation_path: project.runtime_validation_path ?? null,
-    oauth_credentials_path: project.oauth_credentials_path ?? null
+    runtime_validation_path: project.runtime_validation_path ?? null
   };
   if (developerPortalPreflight) {
     result.developer_portal_preflight = developerPortalPreflight;
@@ -8229,7 +8147,7 @@ function operationReadmeTemplate(operation, manifest, warning) {
     "- `tool_manual.json`: machine-generated ToolManual scaffold",
     "- `runtime_validation.json`: local public endpoint and review-key checks used by auto-register",
     "- `docs/api-usage.md`: publishable API usage guide template for `docs_url`",
-    "- `.gitignore`: keeps runtime review keys and OAuth client secrets out of Git",
+    "- `.gitignore`: keeps runtime review keys out of Git",
     "- `tests/test_adapter.ts`: smoke test for `AppTestHarness`",
     "",
     "Before registering, replace all generated placeholders:",
@@ -8237,8 +8155,8 @@ function operationReadmeTemplate(operation, manifest, warning) {
     "- Replace `support_contact` with a real support email address or public support URL.",
     "- Optional `seller_homepage_url` is the seller's official site and can stay blank.",
     "- In the local `runtime_validation.json`, replace the public URL and review-key placeholders.",
-    "- If the API uses seller-side OAuth, create a local `oauth_credentials.json` next to the adapter.",
-    "- Do not commit real review keys or OAuth client secrets; the generated `.gitignore` excludes those files.",
+    "- If the API uses external OAuth, implement that flow in your API runtime and keep user tokens outside Siglume.",
+    "- Do not commit real review keys or external-provider secrets; the generated `.gitignore` excludes local secret files.",
     "- Because `runtime_validation.json` is ignored, GitHub samples do not commit review-key values.",
     "",
     "## Commands",
@@ -8314,8 +8232,6 @@ function generatedGitignore() {
     "!.env.example",
     "runtime_validation.json",
     "runtime-validation.json",
-    "oauth_credentials.json",
-    "oauth-credentials.json",
     "",
     "# Python / test artifacts.",
     "__pycache__/",
@@ -8461,13 +8377,6 @@ async function runHarnessForProject(project) {
     checks.push(executionCheck("quote", await harness.execute_quote(task_type, { input_params: sample_input }), harness));
     checks.push(executionCheck("payment", await harness.execute_payment(task_type, { input_params: sample_input }), harness));
   }
-  checks.push(
-    executionCheck(
-      "missing_account_simulation",
-      await harness.simulate_connected_account_missing(task_type, { input_params: sample_input }),
-      harness
-    )
-  );
   return {
     adapter_path: project.adapter_path,
     task_type,
@@ -8570,15 +8479,6 @@ async function findRuntimeValidationPath(root_dir) {
   }
   return null;
 }
-async function findOauthCredentialsPath(root_dir) {
-  for (const name of ["oauth_credentials.json", "oauth-credentials.json"]) {
-    const candidate = (0, import_node_path.join)(root_dir, name);
-    if ((0, import_node_fs.existsSync)(candidate)) {
-      return candidate;
-    }
-  }
-  return null;
-}
 async function loadJsonObject(path, label) {
   let payload;
   try {
@@ -8810,15 +8710,15 @@ function readmeTemplate(template) {
     "- `tool_manual.json`: editable ToolManual draft for validation and registration",
     "- `runtime_validation.json`: local live API smoke-test contract used during registration",
     "- `docs/api-usage.md`: publish this page and use its public URL as `docs_url`",
-    "- `.gitignore`: keeps runtime review keys and OAuth client secrets out of Git",
+    "- `.gitignore`: keeps runtime review keys out of Git",
     "",
     "Before registering, replace all generated placeholders:",
     "- In `adapter.ts` and `manifest.json`, replace `docs_url` with a dedicated public API usage guide, not a homepage.",
     "- Replace `support_contact` with a real support email address or public support URL.",
     "- Optional `seller_homepage_url` is the seller's official site and can stay blank.",
     "- In the local `runtime_validation.json`, replace the public URL and review-key placeholders.",
-    "- If the API uses seller-side OAuth, create a local `oauth_credentials.json` next to the adapter.",
-    "- Do not commit real review keys or OAuth client secrets; the generated `.gitignore` excludes those files.",
+    "- If the API uses external OAuth, implement that flow in your API runtime and keep user tokens outside Siglume.",
+    "- Do not commit real review keys or external-provider secrets; the generated `.gitignore` excludes local secret files.",
     "- Because `runtime_validation.json` is ignored, GitHub samples do not commit review-key values.",
     "",
     "Suggested workflow:",
@@ -9036,7 +8936,6 @@ async function runCli(argv, deps = {}) {
       emit(stdout, `preflight_quality: ${preflight.remote_quality.grade} (${preflight.remote_quality.overall_score}/100)`);
     }
     if (report.runtime_validation_path) emit(stdout, `runtime_validation_path: ${String(report.runtime_validation_path)}`);
-    if (report.oauth_credentials_path) emit(stdout, `oauth_credentials_path: ${String(report.oauth_credentials_path)}`);
   });
   program.command("companies").description("List Siglume companies available for company-name publishing.").option("--json", "emit machine-readable JSON", false).action(async (options) => {
     const report = await listCompanyPublishersReport(deps);
@@ -9087,7 +8986,6 @@ async function runCli(argv, deps = {}) {
       emit(stdout, `listing_id: ${receipt.listing_id}`);
       emit(stdout, `receipt_status: ${receipt.status}`);
       if (receipt.listing_status) emit(stdout, `listing_status: ${receipt.listing_status}`);
-      if (receipt.oauth_status) emit(stdout, `oauth_configured: ${Boolean(receipt.oauth_status.configured)}`);
       if (receipt.review_url) emit(stdout, `review_url: ${receipt.review_url}`);
       if (receipt.trace_id) emit(stdout, `trace_id: ${receipt.trace_id}`);
       if (receipt.request_id) emit(stdout, `request_id: ${receipt.request_id}`);