@synapsor/runner 0.1.0-alpha.10 → 0.1.0-alpha.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +203 -21
- package/dist/cli.d.ts.map +1 -1
- package/dist/runner.mjs +1103 -115
- package/docs/README.md +38 -0
- package/docs/app-owned-executors.md +26 -0
- package/docs/capability-authoring.md +265 -0
- package/docs/cloud-mode.md +24 -0
- package/docs/current-scope.md +24 -0
- package/docs/dependency-license-inventory.md +35 -0
- package/docs/doctor.md +98 -0
- package/docs/handler-helper.md +200 -0
- package/docs/http-mcp.md +35 -1
- package/docs/licensing.md +36 -0
- package/docs/local-mode.md +13 -2
- package/docs/mcp-client-setup.md +39 -0
- package/docs/openai-agents-sdk.md +57 -0
- package/docs/release-notes.md +76 -2
- package/docs/release-policy.md +86 -0
- package/docs/result-envelope-v2.md +148 -0
- package/docs/rfcs/001-result-envelope-v2.md +143 -0
- package/docs/rfcs/002-app-owned-handler-helper.md +161 -0
- package/docs/rfcs/003-integrator-feedback-teardown.md +97 -0
- package/docs/store-lifecycle.md +83 -0
- package/docs/use-your-own-database.md +18 -0
- package/docs/writeback-executors.md +29 -0
- package/examples/app-owned-writeback/README.md +1 -0
- package/examples/mcp-postgres-billing-app-handler/README.md +86 -0
- package/examples/mcp-postgres-billing-app-handler/app-handler.mjs +125 -0
- package/examples/mcp-postgres-billing-app-handler/docker-compose.yml +13 -0
- package/examples/mcp-postgres-billing-app-handler/schema.sql +59 -0
- package/examples/mcp-postgres-billing-app-handler/scripts/run-demo.sh +100 -0
- package/examples/mcp-postgres-billing-app-handler/seed.sql +39 -0
- package/examples/mcp-postgres-billing-app-handler/synapsor-handler.mjs +437 -0
- package/examples/mcp-postgres-billing-app-handler/synapsor.runner.json +158 -0
- package/examples/openai-agents-http/README.md +10 -2
- package/examples/openai-agents-stdio/README.md +8 -4
- package/examples/openai-agents-stdio/agent.py +2 -0
- package/fixtures/benchmark/mcp-efficiency.json +53 -0
- package/fixtures/benchmark/mcp-efficiency.txt +25 -0
- package/fixtures/protocol/MANIFEST.json +54 -0
- package/fixtures/protocol/change-set.late-fee-waiver.v1.json +72 -0
- package/fixtures/protocol/execution-receipt.applied.v1.json +14 -0
- package/fixtures/protocol/execution-receipt.conflict.v1.json +15 -0
- package/fixtures/protocol/runner-registration.v1.json +22 -0
- package/fixtures/protocol/writeback-job.late-fee-waiver.v1.json +44 -0
- package/package.json +4 -1
- package/schemas/change-set.v1.schema.json +140 -0
- package/schemas/execution-receipt.v1.schema.json +34 -0
- package/schemas/onboarding-selection.v1.schema.json +125 -0
- package/schemas/runner-registration.v1.schema.json +48 -0
- package/schemas/synapsor.app-handler-receipt.v1.json +39 -0
- package/schemas/synapsor.app-handler-request.v1.json +119 -0
- package/schemas/synapsor.runner.schema.json +412 -0
- package/schemas/writeback-job.v1.schema.json +121 -0
|
@@ -0,0 +1,200 @@
|
|
|
1
|
+
# App-Owned Handler Helper
|
|
2
|
+
|
|
3
|
+
Use the TypeScript handler helper when an approved Synapsor proposal should be
|
|
4
|
+
executed by your application service, not by Runner's direct SQL writer.
|
|
5
|
+
|
|
6
|
+
The helper is the safe-by-default path for rich writes such as:
|
|
7
|
+
|
|
8
|
+
- inserting account-credit, refund-review, ticket, or ledger rows;
|
|
9
|
+
- updating multiple related rows inside your app transaction;
|
|
10
|
+
- applying business rules that belong in your application service.
|
|
11
|
+
|
|
12
|
+
The model-facing MCP tool still creates a proposal only. A human/operator
|
|
13
|
+
approves outside MCP. After approval, Runner sends the structured writeback
|
|
14
|
+
request to your handler.
|
|
15
|
+
|
|
16
|
+
## Scope
|
|
17
|
+
|
|
18
|
+
Current alpha scope:
|
|
19
|
+
|
|
20
|
+
- TypeScript helper in `packages/handler`;
|
|
21
|
+
- bearer token verification;
|
|
22
|
+
- optional HMAC verification over the raw request body;
|
|
23
|
+
- typed request parsing;
|
|
24
|
+
- action dispatch;
|
|
25
|
+
- idempotency receipt lookup;
|
|
26
|
+
- transaction wrapper;
|
|
27
|
+
- `SELECT ... FOR UPDATE` target-row lock;
|
|
28
|
+
- tenant guard;
|
|
29
|
+
- expected-version stale-row guard;
|
|
30
|
+
- safe applied/conflict/failed receipts;
|
|
31
|
+
- no raw driver errors in HTTP responses.
|
|
32
|
+
|
|
33
|
+
Python helper is planned. For now, Python handlers should follow the documented
|
|
34
|
+
request/receipt schema and the FastAPI template in `examples/app-owned-writeback`.
|
|
35
|
+
|
|
36
|
+
## Schemas
|
|
37
|
+
|
|
38
|
+
Published schemas:
|
|
39
|
+
|
|
40
|
+
- `schemas/synapsor.app-handler-request.v1.json`
|
|
41
|
+
- `schemas/synapsor.app-handler-receipt.v1.json`
|
|
42
|
+
|
|
43
|
+
The helper accepts both the new `protocol_version: "1.0"` shape and the current
|
|
44
|
+
Runner `schema_version: "synapsor.handler-writeback.v1"` request shape during
|
|
45
|
+
the alpha migration.
|
|
46
|
+
|
|
47
|
+
## TypeScript Usage
|
|
48
|
+
|
|
49
|
+
```ts
|
|
50
|
+
import { createWritebackHandler } from "@synapsor/handler";
|
|
51
|
+
|
|
52
|
+
export const handler = createWritebackHandler({
|
|
53
|
+
tokenEnv: "SYNAPSOR_APP_HANDLER_TOKEN",
|
|
54
|
+
signingSecretEnv: "SYNAPSOR_APP_HANDLER_SIGNING_SECRET",
|
|
55
|
+
source: {
|
|
56
|
+
engine: "postgres",
|
|
57
|
+
writeUrlEnv: "SYNAPSOR_APP_WRITE_URL",
|
|
58
|
+
receiptTable: { schema: "synapsor", table: "handler_receipts" }
|
|
59
|
+
},
|
|
60
|
+
capabilities: {
|
|
61
|
+
"support.propose_plan_credit": async (job, tx) => {
|
|
62
|
+
const creditId = `CR-${job.proposalId.slice(-12)}`;
|
|
63
|
+
|
|
64
|
+
await tx.insert("credits", {
|
|
65
|
+
id: creditId,
|
|
66
|
+
tenant_id: job.tenantId,
|
|
67
|
+
invoice_id: job.objectId,
|
|
68
|
+
amount_cents: Number(job.patch.credit_requested_cents),
|
|
69
|
+
reason: String(job.patch.credit_reason),
|
|
70
|
+
created_by: job.principal
|
|
71
|
+
});
|
|
72
|
+
|
|
73
|
+
await tx.update("invoices", {
|
|
74
|
+
id: job.objectId,
|
|
75
|
+
tenant_id: job.tenantId
|
|
76
|
+
}, {
|
|
77
|
+
credited_cents:
|
|
78
|
+
Number(job.row.credited_cents ?? 0) +
|
|
79
|
+
Number(job.patch.credit_requested_cents)
|
|
80
|
+
});
|
|
81
|
+
|
|
82
|
+
return {
|
|
83
|
+
rowsAffected: 2,
|
|
84
|
+
effects: [{ type: "db.insert", table: "credits", id: creditId }]
|
|
85
|
+
};
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
});
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
Mount the returned handler at your app route, for example
|
|
92
|
+
`POST /synapsor/writeback`.
|
|
93
|
+
|
|
94
|
+
The handler author writes only the business effect. The helper owns the safety
|
|
95
|
+
loop around that effect.
|
|
96
|
+
|
|
97
|
+
## What The Helper Enforces
|
|
98
|
+
|
|
99
|
+
The helper checks these before your business function can mutate state:
|
|
100
|
+
|
|
101
|
+
- the bearer token matches the configured environment variable;
|
|
102
|
+
- the optional HMAC signature is valid and fresh;
|
|
103
|
+
- the request protocol is supported;
|
|
104
|
+
- the action maps to a configured capability function;
|
|
105
|
+
- the target row exists inside the trusted tenant;
|
|
106
|
+
- the row version still matches the proposal's expected version;
|
|
107
|
+
- the idempotency key was not already applied.
|
|
108
|
+
|
|
109
|
+
If the row is missing or belongs to another tenant, the helper returns:
|
|
110
|
+
|
|
111
|
+
```json
|
|
112
|
+
{
|
|
113
|
+
"status": "conflict",
|
|
114
|
+
"rows_affected": 0,
|
|
115
|
+
"source_database_mutated": false,
|
|
116
|
+
"safe_error_code": "ROW_NOT_FOUND_OR_WRONG_TENANT"
|
|
117
|
+
}
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
If the row changed after proposal creation, the helper returns:
|
|
121
|
+
|
|
122
|
+
```json
|
|
123
|
+
{
|
|
124
|
+
"status": "conflict",
|
|
125
|
+
"rows_affected": 0,
|
|
126
|
+
"source_database_mutated": false,
|
|
127
|
+
"safe_error_code": "ROW_CHANGED_AFTER_PROPOSAL"
|
|
128
|
+
}
|
|
129
|
+
```
|
|
130
|
+
|
|
131
|
+
If your business function throws, the helper rolls back the transaction and
|
|
132
|
+
returns a safe failed receipt. Raw driver and exception text are not exposed to
|
|
133
|
+
the caller.
|
|
134
|
+
|
|
135
|
+
## Runner-Side Signing Config
|
|
136
|
+
|
|
137
|
+
Configure the matching `http_handler` executor with the same signing-secret env
|
|
138
|
+
name:
|
|
139
|
+
|
|
140
|
+
```json
|
|
141
|
+
{
|
|
142
|
+
"executors": {
|
|
143
|
+
"billing_handler": {
|
|
144
|
+
"type": "http_handler",
|
|
145
|
+
"url_env": "BILLING_WRITEBACK_URL",
|
|
146
|
+
"method": "POST",
|
|
147
|
+
"auth": {
|
|
148
|
+
"type": "bearer_env",
|
|
149
|
+
"token_env": "BILLING_WRITEBACK_TOKEN"
|
|
150
|
+
},
|
|
151
|
+
"signing_secret_env": "SYNAPSOR_APP_HANDLER_SIGNING_SECRET",
|
|
152
|
+
"timeout_ms": 5000
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
```
|
|
157
|
+
|
|
158
|
+
When this field is set, Runner signs the exact request body and sends
|
|
159
|
+
`X-Synapsor-Signature`, `X-Synapsor-Issued-At`,
|
|
160
|
+
`X-Synapsor-Proposal-Id`, and `Idempotency-Key`. The helper verifies those
|
|
161
|
+
headers before parsing or applying the writeback request.
|
|
162
|
+
|
|
163
|
+
## Signing
|
|
164
|
+
|
|
165
|
+
For loopback-only development, bearer auth may be enough. For any handler that
|
|
166
|
+
is reachable outside the local process, enable HMAC:
|
|
167
|
+
|
|
168
|
+
```ts
|
|
169
|
+
createWritebackHandler({
|
|
170
|
+
tokenEnv: "SYNAPSOR_APP_HANDLER_TOKEN",
|
|
171
|
+
signingSecretEnv: "SYNAPSOR_APP_HANDLER_SIGNING_SECRET",
|
|
172
|
+
// ...
|
|
173
|
+
});
|
|
174
|
+
```
|
|
175
|
+
|
|
176
|
+
Runner sends:
|
|
177
|
+
|
|
178
|
+
```text
|
|
179
|
+
Authorization: Bearer <token>
|
|
180
|
+
X-Synapsor-Signature: sha256=<hmac>
|
|
181
|
+
X-Synapsor-Issued-At: <iso timestamp>
|
|
182
|
+
X-Synapsor-Proposal-Id: wrp_...
|
|
183
|
+
Idempotency-Key: wrp_...
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
The HMAC is computed over the raw body. The helper enforces a short issued-at
|
|
187
|
+
skew window.
|
|
188
|
+
|
|
189
|
+
## Receipt Storage
|
|
190
|
+
|
|
191
|
+
The helper's Postgres adapter stores idempotency receipts in a receipt table.
|
|
192
|
+
Prefer a dedicated schema, for example:
|
|
193
|
+
|
|
194
|
+
```sql
|
|
195
|
+
CREATE SCHEMA IF NOT EXISTS synapsor;
|
|
196
|
+
GRANT USAGE, CREATE ON SCHEMA synapsor TO app_writeback_user;
|
|
197
|
+
```
|
|
198
|
+
|
|
199
|
+
If your application already has a receipt/idempotency table, implement the
|
|
200
|
+
`WritebackHandlerDatabase` interface and pass it as `database`.
|
package/docs/http-mcp.md
CHANGED
|
@@ -28,6 +28,38 @@ synapsor-runner mcp serve-streamable-http \
|
|
|
28
28
|
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
29
29
|
```
|
|
30
30
|
|
|
31
|
+
For OpenAI Agents SDK, expose OpenAI-safe aliases because OpenAI function names
|
|
32
|
+
cannot contain dots:
|
|
33
|
+
|
|
34
|
+
```bash
|
|
35
|
+
synapsor-runner mcp serve-streamable-http \
|
|
36
|
+
--host 127.0.0.1 \
|
|
37
|
+
--port 8766 \
|
|
38
|
+
--config ./synapsor.runner.json \
|
|
39
|
+
--store ./.synapsor/local.db \
|
|
40
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
|
|
41
|
+
--alias-mode openai
|
|
42
|
+
```
|
|
43
|
+
|
|
44
|
+
Equivalent unified command:
|
|
45
|
+
|
|
46
|
+
```bash
|
|
47
|
+
synapsor-runner mcp serve \
|
|
48
|
+
--transport streamable-http \
|
|
49
|
+
--host 127.0.0.1 \
|
|
50
|
+
--port 8766 \
|
|
51
|
+
--config ./synapsor.runner.json \
|
|
52
|
+
--store ./.synapsor/local.db \
|
|
53
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
|
|
54
|
+
--alias-mode openai
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
The model sees aliases such as `billing__inspect_invoice`. MCP tool metadata
|
|
58
|
+
still includes `synapsor.canonical_tool_name`, and Runner maps calls back to
|
|
59
|
+
the canonical Synapsor capability such as `billing.inspect_invoice`. Use
|
|
60
|
+
`--alias-mode both` only during migrations where some clients still need
|
|
61
|
+
canonical dotted names.
|
|
62
|
+
|
|
31
63
|
Defaults:
|
|
32
64
|
|
|
33
65
|
```text
|
|
@@ -239,4 +271,6 @@ example connects to `synapsor-runner mcp serve-streamable-http` through
|
|
|
239
271
|
want a small app-owned wrapper instead of standard HTTP MCP.
|
|
240
272
|
|
|
241
273
|
The boundary is the same in both modes: the agent calls a semantic Synapsor
|
|
242
|
-
tool, not raw SQL.
|
|
274
|
+
tool, not raw SQL. OpenAI-facing examples use `--alias-mode openai` so
|
|
275
|
+
the model sees OpenAI-valid aliases while Runner preserves canonical Synapsor
|
|
276
|
+
tool names in metadata.
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
# Licensing
|
|
2
|
+
|
|
3
|
+
Synapsor Runner is open source under the Apache License 2.0 (`Apache-2.0`).
|
|
4
|
+
|
|
5
|
+
This page is a plain-English summary, not legal advice. If this summary
|
|
6
|
+
conflicts with `../LICENSE`, the `LICENSE` file controls.
|
|
7
|
+
|
|
8
|
+
Apache-2.0 applies to the code in this runner repository. It grants copyright
|
|
9
|
+
and patent rights under the license terms.
|
|
10
|
+
|
|
11
|
+
Apache-2.0 does not grant trademark rights. The Synapsor name, Synapsor Runner
|
|
12
|
+
name, logos, hosted Cloud service, and proprietary Synapsor platform features
|
|
13
|
+
remain separate. See `../TRADEMARKS.md`.
|
|
14
|
+
|
|
15
|
+
This license applies only to `synapsor-runner`. It does not open source:
|
|
16
|
+
|
|
17
|
+
- Synapsor Cloud;
|
|
18
|
+
- the hosted control plane;
|
|
19
|
+
- hosted capability registry;
|
|
20
|
+
- advanced policy/capability compiler;
|
|
21
|
+
- team approvals, RBAC, or SSO;
|
|
22
|
+
- hosted audit/evidence ledger;
|
|
23
|
+
- managed runners;
|
|
24
|
+
- production writeback orchestration;
|
|
25
|
+
- workflow builder;
|
|
26
|
+
- native Synapsor engine;
|
|
27
|
+
- C++/DBMS internals;
|
|
28
|
+
- branching, time travel, or settlement;
|
|
29
|
+
- compliance exports or production support/SLA.
|
|
30
|
+
|
|
31
|
+
Synapsor Cloud is a separate hosted commercial service. Use Cloud when your team
|
|
32
|
+
needs shared approvals, RBAC, hosted evidence/replay search, runner fleet
|
|
33
|
+
status, leases, retention, audit visibility, enterprise controls, and support.
|
|
34
|
+
|
|
35
|
+
Before public release, license and trademark text should be reviewed by the
|
|
36
|
+
release owner or qualified counsel.
|
package/docs/local-mode.md
CHANGED
|
@@ -273,13 +273,24 @@ or prune it without touching your source Postgres/MySQL database:
|
|
|
273
273
|
|
|
274
274
|
```bash
|
|
275
275
|
synapsor-runner store stats --store ./.synapsor/local.db
|
|
276
|
+
synapsor-runner events tail --store ./.synapsor/local.db
|
|
276
277
|
synapsor-runner store vacuum --store ./.synapsor/local.db
|
|
277
278
|
synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --dry-run
|
|
278
279
|
synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --yes
|
|
280
|
+
synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --yes --force
|
|
281
|
+
synapsor-runner store reset --store ./.synapsor/local.db --yes
|
|
279
282
|
```
|
|
280
283
|
|
|
281
|
-
`
|
|
282
|
-
|
|
284
|
+
`events tail` shows local lifecycle events already recorded in the SQLite
|
|
285
|
+
ledger, including proposal creation, approval/rejection, writeback jobs, and
|
|
286
|
+
writeback applied/conflict/failed receipts. Add `--follow` to keep polling a
|
|
287
|
+
running local store.
|
|
288
|
+
|
|
289
|
+
`store prune` defaults to dry-run. `store reset` requires `--yes` and removes
|
|
290
|
+
only the local SQLite ledger files. MCP server modes write a small active-store
|
|
291
|
+
lease next to the SQLite file; destructive store operations refuse while that
|
|
292
|
+
lease points at a live PID unless you pass `--force` after verifying the server
|
|
293
|
+
is stopped or stale.
|
|
283
294
|
|
|
284
295
|
## Boundary
|
|
285
296
|
|
package/docs/mcp-client-setup.md
CHANGED
|
@@ -51,6 +51,34 @@ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-streamable-http \
|
|
|
51
51
|
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
|
|
52
52
|
```
|
|
53
53
|
|
|
54
|
+
OpenAI Agents SDK rejects dotted function/tool names such as
|
|
55
|
+
`billing.inspect_invoice`. For OpenAI-facing transports, ask Runner to expose
|
|
56
|
+
OpenAI-safe aliases while keeping canonical Synapsor capability names in MCP
|
|
57
|
+
metadata:
|
|
58
|
+
|
|
59
|
+
```bash
|
|
60
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-streamable-http \
|
|
61
|
+
--config ./synapsor.runner.json \
|
|
62
|
+
--store ./.synapsor/local.db \
|
|
63
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
|
|
64
|
+
--alias-mode openai
|
|
65
|
+
```
|
|
66
|
+
|
|
67
|
+
The model sees names such as `billing__inspect_invoice`; `_meta` includes
|
|
68
|
+
`synapsor.canonical_tool_name = billing.inspect_invoice`, and Runner routes the
|
|
69
|
+
alias back to the canonical capability. Use `--alias-mode both` only when a
|
|
70
|
+
migration needs canonical dotted names and OpenAI-safe aliases exposed at the
|
|
71
|
+
same time.
|
|
72
|
+
|
|
73
|
+
Preview the exact alias mapping before wiring a client:
|
|
74
|
+
|
|
75
|
+
```bash
|
|
76
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner tools preview \
|
|
77
|
+
--config ./synapsor.runner.json \
|
|
78
|
+
--store ./.synapsor/local.db \
|
|
79
|
+
--alias-mode openai
|
|
80
|
+
```
|
|
81
|
+
|
|
54
82
|
Use private networking/TLS before exposing HTTP MCP beyond localhost. Details:
|
|
55
83
|
[HTTP MCP](http-mcp.md).
|
|
56
84
|
|
|
@@ -72,6 +100,17 @@ generic
|
|
|
72
100
|
claude-desktop
|
|
73
101
|
cursor
|
|
74
102
|
vscode
|
|
103
|
+
openai-agents
|
|
104
|
+
```
|
|
105
|
+
|
|
106
|
+
For OpenAI Agents SDK, generate the Streamable HTTP start command and Python
|
|
107
|
+
snippet:
|
|
108
|
+
|
|
109
|
+
```bash
|
|
110
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp client-config \
|
|
111
|
+
--client openai-agents \
|
|
112
|
+
--config ./synapsor.runner.json \
|
|
113
|
+
--store ./.synapsor/local.db
|
|
75
114
|
```
|
|
76
115
|
|
|
77
116
|
The older form is still supported:
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
# OpenAI Agents SDK
|
|
2
|
+
|
|
3
|
+
Use Synapsor Runner with the OpenAI Agents SDK through standard MCP Streamable
|
|
4
|
+
HTTP. Runner exposes semantic database tools to the model and keeps approval,
|
|
5
|
+
writeback, database URLs, and write credentials outside the model-facing tool
|
|
6
|
+
surface.
|
|
7
|
+
|
|
8
|
+
## Start Runner
|
|
9
|
+
|
|
10
|
+
```bash
|
|
11
|
+
export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
|
|
12
|
+
|
|
13
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-streamable-http \
|
|
14
|
+
--config ./synapsor.runner.json \
|
|
15
|
+
--store ./.synapsor/local.db \
|
|
16
|
+
--auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
|
|
17
|
+
--alias-mode openai
|
|
18
|
+
```
|
|
19
|
+
|
|
20
|
+
`--alias-mode openai` is important because OpenAI function/tool names cannot
|
|
21
|
+
contain dots. Runner exposes names such as `billing__inspect_invoice` to the
|
|
22
|
+
model and maps calls back to canonical Synapsor capability names such as
|
|
23
|
+
`billing.inspect_invoice`.
|
|
24
|
+
|
|
25
|
+
## Generate The Snippet
|
|
26
|
+
|
|
27
|
+
```bash
|
|
28
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner mcp client-config \
|
|
29
|
+
--client openai-agents \
|
|
30
|
+
--config ./synapsor.runner.json \
|
|
31
|
+
--store ./.synapsor/local.db
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
The generated output includes:
|
|
35
|
+
|
|
36
|
+
- the Streamable HTTP server command;
|
|
37
|
+
- the `/mcp` URL;
|
|
38
|
+
- a Python `MCPServerStreamableHttp` snippet;
|
|
39
|
+
- the OpenAI alias note.
|
|
40
|
+
|
|
41
|
+
It does not include database URLs, passwords, write credentials, API keys, or
|
|
42
|
+
bearer token values.
|
|
43
|
+
|
|
44
|
+
## Sanity Check
|
|
45
|
+
|
|
46
|
+
Before giving the agent a real task, ask it to inspect one known object and
|
|
47
|
+
return the tool name it called plus the evidence handle. A healthy setup calls a
|
|
48
|
+
semantic tool such as `billing__inspect_invoice`. It should not expose
|
|
49
|
+
`execute_sql`, approval tools, commit/apply tools, database URLs, or write
|
|
50
|
+
credentials.
|
|
51
|
+
|
|
52
|
+
## Examples
|
|
53
|
+
|
|
54
|
+
```text
|
|
55
|
+
examples/openai-agents-http/
|
|
56
|
+
examples/openai-agents-stdio/
|
|
57
|
+
```
|
package/docs/release-notes.md
CHANGED
|
@@ -11,6 +11,74 @@ npx -y -p @synapsor/runner@alpha synapsor-runner demo --quick
|
|
|
11
11
|
The OSS runner command is `synapsor-runner`. The `synapsor` command is reserved
|
|
12
12
|
for the Synapsor Cloud CLI.
|
|
13
13
|
|
|
14
|
+
## 0.1.0-alpha.13
|
|
15
|
+
|
|
16
|
+
### README First-Five-Minutes Polish
|
|
17
|
+
|
|
18
|
+
- The README now opens with the plain mental model: the agent talks to Runner,
|
|
19
|
+
can inspect scoped data, can create proposals, cannot commit, and writeback
|
|
20
|
+
plus replay happen outside the model-facing tool.
|
|
21
|
+
- Capability, proposal, writeback, and executor are defined before the first
|
|
22
|
+
command so a new reader can understand the rest of the docs.
|
|
23
|
+
- The README now states the direct-writeback rule early: guarded one-row updates
|
|
24
|
+
can use Runner direct writeback; inserts, multi-table work, events, and other
|
|
25
|
+
rich writes belong in an app-owned executor.
|
|
26
|
+
- The own-database section now includes a tiny readable config with one read
|
|
27
|
+
capability and one proposal capability so users can picture what the wizard
|
|
28
|
+
generates before they run it.
|
|
29
|
+
|
|
30
|
+
## 0.1.0-alpha.12
|
|
31
|
+
|
|
32
|
+
### Doctor And Writeback Checks
|
|
33
|
+
|
|
34
|
+
- `synapsor-runner doctor --config synapsor.runner.json --check-writeback`
|
|
35
|
+
verifies direct SQL writer connectivity, receipt-table readiness, and
|
|
36
|
+
rollback-only target-table access for reviewed proposal capabilities.
|
|
37
|
+
- Plain `doctor` warns when direct SQL writeback exists but has not been probed.
|
|
38
|
+
- The writeback probe uses fixed identifiers from reviewed config only. It does
|
|
39
|
+
not accept model SQL, user SQL, arbitrary table names, or arbitrary columns.
|
|
40
|
+
- Probe failures are redacted to safe categories such as `connection failed`,
|
|
41
|
+
`permission denied`, and `configured object not found`.
|
|
42
|
+
- `docs/doctor.md` explains handler checks, direct SQL writeback checks, and
|
|
43
|
+
receipt-table DDL/grant guidance.
|
|
44
|
+
|
|
45
|
+
### Store Lifecycle
|
|
46
|
+
|
|
47
|
+
- `synapsor-runner store reset --store ./.synapsor/local.db --yes` removes only
|
|
48
|
+
local SQLite ledger files and reports `source_database_changed: false`.
|
|
49
|
+
- Destructive store reset refuses active server leases by default and requires
|
|
50
|
+
`--force` for advanced/stale-lease recovery.
|
|
51
|
+
- Packed and public verifier scripts now cover `store reset`.
|
|
52
|
+
|
|
53
|
+
## 0.1.0-alpha.11
|
|
54
|
+
|
|
55
|
+
### OpenAI MCP Aliases
|
|
56
|
+
|
|
57
|
+
- `synapsor-runner mcp serve` and `synapsor-runner mcp serve-streamable-http`
|
|
58
|
+
now accept `--alias-mode openai` and `--openai-tool-aliases`.
|
|
59
|
+
- `synapsor-runner mcp serve --transport streamable-http` is available as a
|
|
60
|
+
unified command form for the standard HTTP MCP server.
|
|
61
|
+
- `synapsor-runner mcp client-config --client openai-agents` prints a
|
|
62
|
+
Streamable HTTP start command and OpenAI Agents SDK snippet.
|
|
63
|
+
- `synapsor-runner tools preview --alias-mode openai` shows model-visible alias
|
|
64
|
+
names and the canonical Synapsor capability each alias maps to.
|
|
65
|
+
- `examples/mcp-postgres-billing-app-handler/` adds a disposable Postgres proof
|
|
66
|
+
for the app-owned executor path: proposal first, approval outside MCP,
|
|
67
|
+
account-credit row inserted by the app handler, idempotent retry, and replay.
|
|
68
|
+
- `--alias-mode both` exposes canonical dotted names and OpenAI-safe aliases
|
|
69
|
+
together for migration/debugging.
|
|
70
|
+
- OpenAI alias mode exposes MCP tool names such as
|
|
71
|
+
`billing__inspect_invoice` instead of canonical dotted names such as
|
|
72
|
+
`billing.inspect_invoice`.
|
|
73
|
+
- Tool metadata includes `synapsor.canonical_tool_name`,
|
|
74
|
+
`synapsor.exposed_tool_name`, and `synapsor.tool_name_style`, so reviewers
|
|
75
|
+
can still see the canonical Synapsor capability.
|
|
76
|
+
- Runner routes alias calls back to the canonical capability. This removes the
|
|
77
|
+
need for user-written OpenAI wrapper code whose only job is replacing dots in
|
|
78
|
+
tool names.
|
|
79
|
+
- The OpenAI Agents SDK stdio and Streamable HTTP examples now document the
|
|
80
|
+
built-in alias mode.
|
|
81
|
+
|
|
14
82
|
## 0.1.0-alpha.10
|
|
15
83
|
|
|
16
84
|
### First-Run Flow
|
|
@@ -38,7 +106,8 @@ for the Synapsor Cloud CLI.
|
|
|
38
106
|
initialize/session behavior on the `/mcp` endpoint.
|
|
39
107
|
- `synapsor-runner mcp serve-http` is an authenticated JSON-RPC bridge for
|
|
40
108
|
simple `tools/list`, `tools/call`, and `resources/read` wrappers. It is not
|
|
41
|
-
the standard Streamable HTTP MCP transport
|
|
109
|
+
the standard Streamable HTTP MCP transport and prints a runtime warning when
|
|
110
|
+
started.
|
|
42
111
|
- The OpenAI Agents SDK HTTP example uses the Streamable HTTP MCP path. Use the
|
|
43
112
|
JSON-RPC bridge only when you intentionally want a thin app-owned wrapper.
|
|
44
113
|
|
|
@@ -71,6 +140,11 @@ for the Synapsor Cloud CLI.
|
|
|
71
140
|
binding, evidence handles, query audit, and local inspection records.
|
|
72
141
|
- Proposal workflows add full local replay across evidence, approval,
|
|
73
142
|
writeback jobs, execution receipts, and events.
|
|
143
|
+
- `synapsor-runner events tail` prints local lifecycle events from the SQLite
|
|
144
|
+
ledger and can follow new proposal/writeback events while a local flow runs.
|
|
145
|
+
- MCP server modes write an active-store lease next to the local SQLite file.
|
|
146
|
+
Destructive `store prune --yes` refuses while that lease points at a live
|
|
147
|
+
process unless `--force` is provided.
|
|
74
148
|
- External Postgres/MySQL databases are not physically branched by Runner.
|
|
75
149
|
Replay covers records captured by Runner; it is not external database
|
|
76
150
|
time travel.
|
|
@@ -125,5 +199,5 @@ After publishing an alpha, verify the public package from a clean temporary
|
|
|
125
199
|
directory:
|
|
126
200
|
|
|
127
201
|
```bash
|
|
128
|
-
./scripts/verify-published-alpha.sh 0.1.0-alpha.
|
|
202
|
+
./scripts/verify-published-alpha.sh 0.1.0-alpha.13
|
|
129
203
|
```
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
# Release Policy
|
|
2
|
+
|
|
3
|
+
Synapsor Runner is currently an alpha local runner. Use the explicit alpha tag
|
|
4
|
+
or an exact version:
|
|
5
|
+
|
|
6
|
+
```bash
|
|
7
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner demo --quick
|
|
8
|
+
npm install -g @synapsor/runner@0.1.0-alpha.13
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
Do not rely on the untagged `latest` dist-tag until a stable release is
|
|
12
|
+
published.
|
|
13
|
+
|
|
14
|
+
## Alpha Expectations
|
|
15
|
+
|
|
16
|
+
Alpha versions may change:
|
|
17
|
+
|
|
18
|
+
- command names and help text;
|
|
19
|
+
- MCP transport defaults;
|
|
20
|
+
- config fields and JSON Schema;
|
|
21
|
+
- local store layout;
|
|
22
|
+
- result envelope format;
|
|
23
|
+
- writeback/handler contracts;
|
|
24
|
+
- example layout and docs.
|
|
25
|
+
|
|
26
|
+
Alpha releases must keep the safety boundary intact:
|
|
27
|
+
|
|
28
|
+
- no model-facing `execute_sql`;
|
|
29
|
+
- no model-facing write credentials;
|
|
30
|
+
- no model-facing approval/commit/apply tools;
|
|
31
|
+
- no generic model-generated INSERT/DELETE/UPSERT/DDL/multi-row SQL;
|
|
32
|
+
- proposal-first write path stays explicit.
|
|
33
|
+
|
|
34
|
+
## Stable Expectations
|
|
35
|
+
|
|
36
|
+
A stable `0.1.0` release should only be tagged after:
|
|
37
|
+
|
|
38
|
+
- npm README commands match the published package;
|
|
39
|
+
- `synapsor-runner demo --quick` works from a clean directory;
|
|
40
|
+
- own-database onboarding works from a clean directory;
|
|
41
|
+
- stdio MCP and Streamable HTTP MCP are both verified;
|
|
42
|
+
- OpenAI alias mode is verified;
|
|
43
|
+
- direct SQL writeback requirements are documented and tested;
|
|
44
|
+
- app-owned executor requirements are documented and tested;
|
|
45
|
+
- local evidence/proposal/receipt/replay inspection works;
|
|
46
|
+
- current limitations are accurate.
|
|
47
|
+
|
|
48
|
+
## Result Envelope Migration
|
|
49
|
+
|
|
50
|
+
`result_format: 2` is opt-in during alpha migration:
|
|
51
|
+
|
|
52
|
+
```json
|
|
53
|
+
{
|
|
54
|
+
"result_format": 2
|
|
55
|
+
}
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
or:
|
|
59
|
+
|
|
60
|
+
```bash
|
|
61
|
+
synapsor-runner mcp serve --result-format v2
|
|
62
|
+
synapsor-runner mcp serve-streamable-http --result-format v2
|
|
63
|
+
```
|
|
64
|
+
|
|
65
|
+
v1 remains the default until the migration is explicitly called out in a future
|
|
66
|
+
release note. v2 makes `ok` the only required branch point for MCP client code.
|
|
67
|
+
|
|
68
|
+
## Publish Checklist
|
|
69
|
+
|
|
70
|
+
Before publishing a new alpha:
|
|
71
|
+
|
|
72
|
+
```bash
|
|
73
|
+
corepack pnpm typecheck
|
|
74
|
+
corepack pnpm exec vitest run packages/mcp-server/src/index.test.ts apps/runner/src/cli.test.ts
|
|
75
|
+
./scripts/verify-packed-runner.sh
|
|
76
|
+
npm pack --dry-run
|
|
77
|
+
git diff --check
|
|
78
|
+
```
|
|
79
|
+
|
|
80
|
+
After publishing:
|
|
81
|
+
|
|
82
|
+
```bash
|
|
83
|
+
npm view @synapsor/runner@alpha version bin license
|
|
84
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner demo --quick --no-interactive
|
|
85
|
+
npx -y -p @synapsor/runner@alpha synapsor-runner audit --example dangerous-db-mcp --format markdown
|
|
86
|
+
```
|