@standardagents/builder 0.11.0-next.5d2e71b → 0.11.0-next.730b472

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/built-in-routes.js +14 -5
  2. package/dist/built-in-routes.js.map +1 -1
  3. package/dist/index.d.ts +1 -15
  4. package/dist/index.js +36 -8
  5. package/dist/index.js.map +1 -1
  6. package/dist/plugin.js +28 -6
  7. package/dist/plugin.js.map +1 -1
  8. package/package.json +4 -4
package/dist/index.d.ts CHANGED
@@ -1,7 +1,7 @@
1
1
  export { AgentPluginOptions, agentbuilder } from './plugin.js';
2
2
  import { DurableObjectStorage } from '@cloudflare/workers-types';
3
3
  import { ZodObject, ZodRawShape } from 'zod';
4
- import { ToolResult as ToolResult$1, HookSignatures, ControllerContext, Controller, ModelDefinition as ModelDefinition$1, ToolArgs, PromptTextPart, SubpromptConfig as SubpromptConfig$2, ReasoningConfig, SideConfig as SideConfig$1 } from '@standardagents/spec';
4
+ import { ToolResult as ToolResult$1, HookSignatures, AgentDefinition as AgentDefinition$1, ControllerContext, Controller, ModelDefinition as ModelDefinition$1, ToolArgs, PromptTextPart, SubpromptConfig as SubpromptConfig$2, ReasoningConfig, SideConfig as SideConfig$1 } from '@standardagents/spec';
5
5
  export { AgentType, HookSignatures, ImageContent, ModelCapabilities, ModelProvider, PromptInput, PromptTextPart, ReasoningConfig, StructuredPrompt, TextContent, Tool, ToolArgs, ToolArgsNode, ToolArgsRawShape, ToolContent, defineAgent, defineHook, defineModel, definePrompt, defineThreadEndpoint, defineTool } from '@standardagents/spec';
6
6
  import { DurableObject } from 'cloudflare:workers';
7
7
  import 'vite';
@@ -785,20 +785,6 @@ interface LogEntry {
785
785
  created_at: number;
786
786
  request_body: string | null;
787
787
  }
788
- /**
789
- * Agent definition returned from loadAgent()
790
- */
791
- interface AgentDefinition$1 {
792
- name: string;
793
- title?: string;
794
- type?: string;
795
- description?: string;
796
- icon?: string;
797
- defaultPrompt?: string;
798
- defaultModel?: string;
799
- tools?: string[];
800
- [key: string]: unknown;
801
- }
802
788
  /**
803
789
  * Response from getThreadMeta()
804
790
  */
package/dist/index.js CHANGED
@@ -8327,6 +8327,32 @@ function corsHeaders(contentType) {
8327
8327
  };
8328
8328
  }
8329
8329
 
8330
+ // Helper to add CORS headers to any Response without touching the body
8331
+ function addCorsHeaders(response) {
8332
+ // Skip WebSocket upgrade responses - they can't be wrapped
8333
+ if (response.status === 101) {
8334
+ return response;
8335
+ }
8336
+
8337
+ // Skip if already has CORS headers
8338
+ if (response.headers.has("Access-Control-Allow-Origin")) {
8339
+ return response;
8340
+ }
8341
+
8342
+ // Create new headers with CORS added
8343
+ const newHeaders = new Headers(response.headers);
8344
+ for (const [key, value] of Object.entries(CORS_HEADERS)) {
8345
+ newHeaders.set(key, value);
8346
+ }
8347
+
8348
+ // Return new Response with same body stream (not cloned, just transferred)
8349
+ return new Response(response.body, {
8350
+ status: response.status,
8351
+ statusText: response.statusText,
8352
+ headers: newHeaders,
8353
+ });
8354
+ }
8355
+
8330
8356
  export async function router(request, env) {
8331
8357
  const url = new URL(request.url);
8332
8358
  const pathname = url.pathname;
@@ -8378,7 +8404,7 @@ ${threadRouteCode}
8378
8404
 
8379
8405
  // If requireAuth returns a Response, it's an error (401)
8380
8406
  if (authResult instanceof Response) {
8381
- return authResult;
8407
+ return addCorsHeaders(authResult);
8382
8408
  }
8383
8409
 
8384
8410
  authContext = authResult;
@@ -8397,11 +8423,7 @@ ${threadRouteCode}
8397
8423
  const result = await controller(context);
8398
8424
 
8399
8425
  if (result instanceof Response) {
8400
- // Return Response objects as-is - CORS headers can't be safely added
8401
- // to Response objects in the workerd environment without issues.
8402
- // Controllers that return streaming/binary responses should add
8403
- // CORS headers themselves if needed.
8404
- return result;
8426
+ return addCorsHeaders(result);
8405
8427
  }
8406
8428
  if (typeof result === "string") {
8407
8429
  return new Response(result, {
@@ -9610,6 +9632,12 @@ function base64ToBuffer(base64) {
9610
9632
  }
9611
9633
 
9612
9634
  // src/middleware/auth.ts
9635
+ var CORS_HEADERS = {
9636
+ "Access-Control-Allow-Origin": "*",
9637
+ "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, PATCH, OPTIONS",
9638
+ "Access-Control-Allow-Headers": "Content-Type, Authorization, X-Requested-With",
9639
+ "Access-Control-Max-Age": "86400"
9640
+ };
9613
9641
  function extractBearerToken(request) {
9614
9642
  const authHeader = request.headers.get("Authorization");
9615
9643
  if (authHeader && authHeader.startsWith("Bearer ")) {
@@ -9698,7 +9726,7 @@ async function requireAuth(request, env) {
9698
9726
  if (!authContext) {
9699
9727
  return new Response(JSON.stringify({ error: "Unauthorized" }), {
9700
9728
  status: 401,
9701
- headers: { "Content-Type": "application/json" }
9729
+ headers: { "Content-Type": "application/json", ...CORS_HEADERS }
9702
9730
  });
9703
9731
  }
9704
9732
  return authContext;
@@ -9713,7 +9741,7 @@ async function requireAdmin(request, env) {
9713
9741
  JSON.stringify({ error: "Forbidden: Admin access required" }),
9714
9742
  {
9715
9743
  status: 403,
9716
- headers: { "Content-Type": "application/json" }
9744
+ headers: { "Content-Type": "application/json", ...CORS_HEADERS }
9717
9745
  }
9718
9746
  );
9719
9747
  }