@synapsor/runner 0.1.0-alpha.9 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. package/CHANGELOG.md +162 -0
  2. package/README.md +388 -41
  3. package/dist/cli.d.ts +2 -0
  4. package/dist/cli.d.ts.map +1 -1
  5. package/dist/runner.mjs +2982 -238
  6. package/docs/README.md +40 -0
  7. package/docs/app-owned-executors.md +38 -0
  8. package/docs/capability-authoring.md +265 -0
  9. package/docs/cloud-mode.md +24 -0
  10. package/docs/current-scope.md +29 -0
  11. package/docs/dependency-license-inventory.md +35 -0
  12. package/docs/doctor.md +98 -0
  13. package/docs/getting-started-own-database.md +131 -46
  14. package/docs/handler-helper.md +228 -0
  15. package/docs/http-mcp.md +85 -17
  16. package/docs/licensing.md +36 -0
  17. package/docs/local-mode.md +44 -25
  18. package/docs/mcp-audit.md +8 -8
  19. package/docs/mcp-client-setup.md +59 -21
  20. package/docs/openai-agents-sdk.md +57 -0
  21. package/docs/recipes.md +6 -6
  22. package/docs/release-notes.md +327 -0
  23. package/docs/release-policy.md +125 -0
  24. package/docs/result-envelope-v2.md +151 -0
  25. package/docs/rfcs/001-result-envelope-v2.md +143 -0
  26. package/docs/rfcs/002-app-owned-handler-helper.md +161 -0
  27. package/docs/rfcs/003-integrator-feedback-teardown.md +97 -0
  28. package/docs/store-lifecycle.md +83 -0
  29. package/docs/troubleshooting-first-run.md +6 -6
  30. package/docs/use-your-own-database.md +18 -0
  31. package/docs/writeback-executors.md +92 -1
  32. package/examples/app-owned-writeback/README.md +128 -0
  33. package/examples/app-owned-writeback/business-actions.md +221 -0
  34. package/examples/app-owned-writeback/command-handler.mjs +55 -0
  35. package/examples/app-owned-writeback/node-fastify-handler.mjs +64 -0
  36. package/examples/app-owned-writeback/python-fastapi-handler.py +66 -0
  37. package/examples/mcp-postgres-billing-app-handler/README.md +94 -0
  38. package/examples/mcp-postgres-billing-app-handler/app-handler.mjs +123 -0
  39. package/examples/mcp-postgres-billing-app-handler/docker-compose.yml +13 -0
  40. package/examples/mcp-postgres-billing-app-handler/schema.sql +59 -0
  41. package/examples/mcp-postgres-billing-app-handler/scripts/run-demo.sh +100 -0
  42. package/examples/mcp-postgres-billing-app-handler/seed.sql +39 -0
  43. package/examples/mcp-postgres-billing-app-handler/synapsor-handler.mjs +437 -0
  44. package/examples/mcp-postgres-billing-app-handler/synapsor.runner.json +158 -0
  45. package/examples/openai-agents-http/README.md +19 -12
  46. package/examples/openai-agents-http/agent.py +29 -65
  47. package/examples/openai-agents-stdio/README.md +10 -6
  48. package/examples/openai-agents-stdio/agent.py +4 -2
  49. package/examples/reference-support-billing-app/README.md +16 -16
  50. package/examples/reference-support-billing-app/mcp-client.generic.json +1 -1
  51. package/fixtures/benchmark/mcp-efficiency.json +53 -0
  52. package/fixtures/benchmark/mcp-efficiency.txt +25 -0
  53. package/fixtures/protocol/MANIFEST.json +54 -0
  54. package/fixtures/protocol/change-set.late-fee-waiver.v1.json +72 -0
  55. package/fixtures/protocol/execution-receipt.applied.v1.json +14 -0
  56. package/fixtures/protocol/execution-receipt.conflict.v1.json +15 -0
  57. package/fixtures/protocol/runner-registration.v1.json +22 -0
  58. package/fixtures/protocol/writeback-job.late-fee-waiver.v1.json +44 -0
  59. package/package.json +6 -1
  60. package/schemas/change-set.v1.schema.json +140 -0
  61. package/schemas/execution-receipt.v1.schema.json +34 -0
  62. package/schemas/onboarding-selection.v1.schema.json +132 -0
  63. package/schemas/runner-registration.v1.schema.json +48 -0
  64. package/schemas/synapsor.app-handler-receipt.v1.json +39 -0
  65. package/schemas/synapsor.app-handler-request.v1.json +119 -0
  66. package/schemas/synapsor.runner.schema.json +415 -0
  67. package/schemas/writeback-job.v1.schema.json +121 -0
package/docs/http-mcp.md CHANGED
@@ -6,14 +6,73 @@ needs to connect to a long-running Synapsor Runner service.
6
6
  Use stdio MCP when a local MCP client such as Claude Desktop, Cursor, or a
7
7
  local agent tool can launch Synapsor Runner directly.
8
8
 
9
- Current alpha scope: `serve-http` exposes a small authenticated JSON-RPC
10
- endpoint at `POST /mcp` for `tools/list`, `tools/call`, and `resources/read`.
11
- It is not the full MCP Streamable HTTP transport and does not implement an
12
- `initialize`/SSE session handshake. If your SDK expects full HTTP MCP
13
- initialization, use stdio mode or wrap this endpoint with a thin tool/function
14
- adapter like the OpenAI HTTP example.
9
+ Synapsor Runner has two HTTP modes:
15
10
 
16
- ## Start The HTTP Server
11
+ - `mcp serve-streamable-http`: spec-compatible MCP Streamable HTTP. Use this
12
+ when an MCP SDK/client expects `initialize`, session IDs, POST/GET/DELETE, and
13
+ standard HTTP MCP behavior.
14
+ - `mcp serve-http`: a lightweight authenticated JSON-RPC bridge for
15
+ `tools/list`, `tools/call`, and `resources/read`. Use this when your app wants
16
+ simple POST calls or an explicit wrapper around Runner tools.
17
+
18
+ ## Start Standard Streamable HTTP MCP
19
+
20
+ ```bash
21
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
22
+
23
+ synapsor-runner mcp serve-streamable-http \
24
+ --host 127.0.0.1 \
25
+ --port 8766 \
26
+ --config ./synapsor.runner.json \
27
+ --store ./.synapsor/local.db \
28
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
29
+ ```
30
+
31
+ For OpenAI Agents SDK, expose OpenAI-safe aliases because OpenAI function names
32
+ cannot contain dots:
33
+
34
+ ```bash
35
+ synapsor-runner mcp serve-streamable-http \
36
+ --host 127.0.0.1 \
37
+ --port 8766 \
38
+ --config ./synapsor.runner.json \
39
+ --store ./.synapsor/local.db \
40
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
41
+ --alias-mode openai
42
+ ```
43
+
44
+ Equivalent unified command:
45
+
46
+ ```bash
47
+ synapsor-runner mcp serve \
48
+ --transport streamable-http \
49
+ --host 127.0.0.1 \
50
+ --port 8766 \
51
+ --config ./synapsor.runner.json \
52
+ --store ./.synapsor/local.db \
53
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
54
+ --alias-mode openai
55
+ ```
56
+
57
+ The model sees aliases such as `billing__inspect_invoice`. MCP tool metadata
58
+ still includes `synapsor.canonical_tool_name`, and Runner maps calls back to
59
+ the canonical Synapsor capability such as `billing.inspect_invoice`. Use
60
+ `--alias-mode both` only during migrations where some clients still need
61
+ canonical dotted names.
62
+
63
+ Defaults:
64
+
65
+ ```text
66
+ host: 127.0.0.1
67
+ port: 8766
68
+ auth: bearer token required
69
+ cors: disabled
70
+ sessions: in-memory
71
+ ```
72
+
73
+ Use `/mcp` as the MCP endpoint. Health is available at `/healthz`.
74
+
75
+ ## Start The JSON-RPC Bridge
17
76
 
18
77
  ```bash
19
78
  export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
@@ -35,12 +94,17 @@ auth: bearer token required
35
94
  cors: disabled
36
95
  ```
37
96
 
97
+ Bridge scope: `serve-http` does not implement MCP Streamable HTTP
98
+ `initialize`/session behavior. Standard SDK HTTP MCP clients should use
99
+ `serve-streamable-http` instead.
100
+
38
101
  Startup output prints the URL, config path, store path, and token environment
39
102
  variable name. It does not print token values or database URLs.
40
103
 
41
104
  ## Health Check
42
105
 
43
106
  ```bash
107
+ curl -i http://127.0.0.1:8766/healthz
44
108
  curl -i http://127.0.0.1:8765/healthz
45
109
  ```
46
110
 
@@ -49,13 +113,13 @@ The health endpoint is secret-free:
49
113
  ```json
50
114
  {
51
115
  "ok": true,
52
- "transport": "http",
116
+ "transport": "streamable-http",
53
117
  "tools": 1,
54
118
  "mode": "read_only"
55
119
  }
56
120
  ```
57
121
 
58
- ## List Tools
122
+ ## List Tools Through The JSON-RPC Bridge
59
123
 
60
124
  Unauthorized requests fail:
61
125
 
@@ -96,7 +160,7 @@ model-controlled tenant authority
96
160
  arbitrary table or column names
97
161
  ```
98
162
 
99
- ## Call A Tool
163
+ ## Call A Tool Through The JSON-RPC Bridge
100
164
 
101
165
  ```bash
102
166
  curl -i \
@@ -118,7 +182,7 @@ The response includes scoped data, trusted context, evidence handles, and
118
182
  `source_database_mutated: false`. The agent still does not receive SQL,
119
183
  database credentials, or approval/commit authority.
120
184
 
121
- ## Read Evidence Or Replay Resources
185
+ ## Read Evidence Or Replay Resources Through The JSON-RPC Bridge
122
186
 
123
187
  Use `resources/read` with a `synapsor://...` handle returned by a tool call:
124
188
 
@@ -200,9 +264,13 @@ examples/openai-agents-http/
200
264
  examples/openai-agents-stdio/
201
265
  ```
202
266
 
203
- The stdio example uses the MCP client integration from the OpenAI Agents SDK
204
- when available. The HTTP example uses a minimal JSON-RPC client wrapped as an
205
- OpenAI function tool because native HTTP MCP client support can vary by SDK
206
- version and Runner's HTTP alpha endpoint is intentionally limited to JSON-RPC
207
- tool/resource calls. The boundary is the same: the agent calls a semantic
208
- Synapsor tool, not raw SQL.
267
+ Both examples use the MCP client integration from the OpenAI Agents SDK when it
268
+ is available. The stdio example launches Runner as a child process. The HTTP
269
+ example connects to `synapsor-runner mcp serve-streamable-http` through
270
+ `MCPServerStreamableHttp`. Use the JSON-RPC bridge only when you intentionally
271
+ want a small app-owned wrapper instead of standard HTTP MCP.
272
+
273
+ The boundary is the same in both modes: the agent calls a semantic Synapsor
274
+ tool, not raw SQL. OpenAI-facing examples use `--alias-mode openai` so
275
+ the model sees OpenAI-valid aliases while Runner preserves canonical Synapsor
276
+ tool names in metadata.
@@ -0,0 +1,36 @@
1
+ # Licensing
2
+
3
+ Synapsor Runner is open source under the Apache License 2.0 (`Apache-2.0`).
4
+
5
+ This page is a plain-English summary, not legal advice. If this summary
6
+ conflicts with `../LICENSE`, the `LICENSE` file controls.
7
+
8
+ Apache-2.0 applies to the code in this runner repository. It grants copyright
9
+ and patent rights under the license terms.
10
+
11
+ Apache-2.0 does not grant trademark rights. The Synapsor name, Synapsor Runner
12
+ name, logos, hosted Cloud service, and proprietary Synapsor platform features
13
+ remain separate. See `../TRADEMARKS.md`.
14
+
15
+ This license applies only to `synapsor-runner`. It does not open source:
16
+
17
+ - Synapsor Cloud;
18
+ - the hosted control plane;
19
+ - hosted capability registry;
20
+ - advanced policy/capability compiler;
21
+ - team approvals, RBAC, or SSO;
22
+ - hosted audit/evidence ledger;
23
+ - managed runners;
24
+ - production writeback orchestration;
25
+ - workflow builder;
26
+ - native Synapsor engine;
27
+ - C++/DBMS internals;
28
+ - branching, time travel, or settlement;
29
+ - compliance exports or production support/SLA.
30
+
31
+ Synapsor Cloud is a separate hosted commercial service. Use Cloud when your team
32
+ needs shared approvals, RBAC, hosted evidence/replay search, runner fleet
33
+ status, leases, retention, audit visibility, enterprise controls, and support.
34
+
35
+ Before public release, license and trademark text should be reviewed by the
36
+ release owner or qualified counsel.
@@ -43,13 +43,13 @@ want to change your host Node version.
43
43
  Create a starter config without putting credentials in the file:
44
44
 
45
45
  ```bash
46
- npx -y -p @synapsor/runner@alpha synapsor-runner init --engine postgres --mode review
46
+ npx -y -p @synapsor/runner synapsor-runner init --engine postgres --mode review
47
47
  ```
48
48
 
49
49
  For MySQL:
50
50
 
51
51
  ```bash
52
- npx -y -p @synapsor/runner@alpha synapsor-runner init --engine mysql --mode review --output synapsor.mysql.runner.json
52
+ npx -y -p @synapsor/runner synapsor-runner init --engine mysql --mode review --output synapsor.mysql.runner.json
53
53
  ```
54
54
 
55
55
  The generated config uses environment-variable names for read/write URLs and trusted context. Edit the table, column, and capability names before serving tools.
@@ -62,8 +62,8 @@ persisted into proposals, evidence, query audit, runner state, or replay.
62
62
  For a reviewed own-database setup generated from explicit selections, use:
63
63
 
64
64
  ```bash
65
- npx -y -p @synapsor/runner@alpha synapsor-runner init --spec onboarding-selection.json --non-interactive
66
- npx -y -p @synapsor/runner@alpha synapsor-runner doctor --config synapsor.runner.json
65
+ npx -y -p @synapsor/runner synapsor-runner init --spec onboarding-selection.json --non-interactive
66
+ npx -y -p @synapsor/runner synapsor-runner doctor --config synapsor.runner.json
67
67
  ```
68
68
 
69
69
  `doctor --config` checks config validation, required environment variables,
@@ -75,25 +75,27 @@ and the semantic MCP tool boundary without printing credential values.
75
75
  Use stdio for local MCP clients that launch Synapsor Runner:
76
76
 
77
77
  ```bash
78
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve \
78
+ npx -y -p @synapsor/runner synapsor-runner mcp serve \
79
79
  --config ./synapsor.runner.json \
80
80
  --store ./.synapsor/local.db
81
81
  ```
82
82
 
83
- Use HTTP when your app/server agent connects to a long-running Runner process:
83
+ Use Streamable HTTP when your app/server agent connects through a standard HTTP
84
+ MCP client:
84
85
 
85
86
  ```bash
86
87
  export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
87
88
 
88
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
89
+ npx -y -p @synapsor/runner synapsor-runner mcp serve-streamable-http \
89
90
  --config ./synapsor.runner.json \
90
91
  --store ./.synapsor/local.db \
91
92
  --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
92
93
  ```
93
94
 
94
- HTTP defaults to `127.0.0.1:8765`, requires bearer auth by default, and should
95
- run behind private networking/TLS before production-like exposure. Details:
96
- [HTTP MCP](http-mcp.md).
95
+ Streamable HTTP defaults to `127.0.0.1:8766`, requires bearer auth by default,
96
+ and should run behind private networking/TLS before production-like exposure.
97
+ Use `synapsor-runner mcp serve-http` only when you explicitly want the smaller
98
+ JSON-RPC bridge. Details: [HTTP MCP](http-mcp.md).
97
99
 
98
100
  ## Local safety modes
99
101
 
@@ -125,19 +127,19 @@ If neither is set, the CLI uses:
125
127
  List proposals:
126
128
 
127
129
  ```bash
128
- npx -y -p @synapsor/runner@alpha synapsor-runner proposals list --store ./.synapsor/local.db
130
+ npx -y -p @synapsor/runner synapsor-runner proposals list --store ./.synapsor/local.db
129
131
  ```
130
132
 
131
133
  Show a proposal:
132
134
 
133
135
  ```bash
134
- npx -y -p @synapsor/runner@alpha synapsor-runner proposals show wrp_123 --store ./.synapsor/local.db
136
+ npx -y -p @synapsor/runner synapsor-runner proposals show wrp_123 --store ./.synapsor/local.db
135
137
  ```
136
138
 
137
139
  Approve:
138
140
 
139
141
  ```bash
140
- npx -y -p @synapsor/runner@alpha synapsor-runner proposals approve wrp_123 \
142
+ npx -y -p @synapsor/runner synapsor-runner proposals approve wrp_123 \
141
143
  --store ./.synapsor/local.db \
142
144
  --actor local_reviewer \
143
145
  --yes
@@ -148,7 +150,7 @@ Before approval, the CLI prints the reviewer-critical proposal details: trusted
148
150
  Create a guarded writeback job from an approved proposal:
149
151
 
150
152
  ```bash
151
- npx -y -p @synapsor/runner@alpha synapsor-runner proposals writeback-job wrp_123 \
153
+ npx -y -p @synapsor/runner synapsor-runner proposals writeback-job wrp_123 \
152
154
  --store ./.synapsor/local.db \
153
155
  --project local \
154
156
  --runner local_runner \
@@ -160,7 +162,7 @@ The generated job uses the public `synapsor.writeback-job.v1` protocol and can b
160
162
  ```bash
161
163
  export SYNAPSOR_DATABASE_WRITE_URL="postgresql://writer:<password>@localhost:5432/app"
162
164
  SYNAPSOR_ENGINE=postgres \
163
- npx -y -p @synapsor/runner@alpha synapsor-runner apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
165
+ npx -y -p @synapsor/runner synapsor-runner apply --job job.json --config synapsor.runner.json --store ./.synapsor/local.db
164
166
  ```
165
167
 
166
168
  When `--config` is passed, direct SQL writeback reads the writer connection from
@@ -172,7 +174,7 @@ Passing `--store` records the terminal `synapsor.execution-receipt.v1` locally.
172
174
  Reject:
173
175
 
174
176
  ```bash
175
- npx -y -p @synapsor/runner@alpha synapsor-runner proposals reject wrp_123 \
177
+ npx -y -p @synapsor/runner synapsor-runner proposals reject wrp_123 \
176
178
  --store ./.synapsor/local.db \
177
179
  --reason "policy evidence is incomplete" \
178
180
  --yes
@@ -189,7 +191,7 @@ Shadow-mode proposals are inspectable through `proposals show` and `replay show`
189
191
  Start a localhost-only review UI:
190
192
 
191
193
  ```bash
192
- npx -y -p @synapsor/runner@alpha synapsor-runner ui --config synapsor.runner.json --store ./.synapsor/local.db
194
+ npx -y -p @synapsor/runner synapsor-runner ui --config synapsor.runner.json --store ./.synapsor/local.db
193
195
  ```
194
196
 
195
197
  The UI shows setup summary, semantic tools, proposal states, exact diffs,
@@ -205,20 +207,20 @@ tools, MCP commit tools, or controls that widen configured tables/columns.
205
207
  Show replay:
206
208
 
207
209
  ```bash
208
- npx -y -p @synapsor/runner@alpha synapsor-runner replay show wrp_123 --store ./.synapsor/local.db
209
- npx -y -p @synapsor/runner@alpha synapsor-runner replay show --proposal wrp_123 --store ./.synapsor/local.db
210
- npx -y -p @synapsor/runner@alpha synapsor-runner replay show --replay replay_wrp_123 --store ./.synapsor/local.db
211
- npx -y -p @synapsor/runner@alpha synapsor-runner replay show --evidence ev_123 --store ./.synapsor/local.db
210
+ npx -y -p @synapsor/runner synapsor-runner replay show wrp_123 --store ./.synapsor/local.db
211
+ npx -y -p @synapsor/runner synapsor-runner replay show --proposal wrp_123 --store ./.synapsor/local.db
212
+ npx -y -p @synapsor/runner synapsor-runner replay show --replay replay_wrp_123 --store ./.synapsor/local.db
213
+ npx -y -p @synapsor/runner synapsor-runner replay show --evidence ev_123 --store ./.synapsor/local.db
212
214
  ```
213
215
 
214
216
  Export replay:
215
217
 
216
218
  ```bash
217
- npx -y -p @synapsor/runner@alpha synapsor-runner replay export wrp_123 \
219
+ npx -y -p @synapsor/runner synapsor-runner replay export wrp_123 \
218
220
  --store ./.synapsor/local.db \
219
221
  --output replay.json
220
222
 
221
- npx -y -p @synapsor/runner@alpha synapsor-runner replay export --proposal wrp_123 \
223
+ npx -y -p @synapsor/runner synapsor-runner replay export --proposal wrp_123 \
222
224
  --format markdown \
223
225
  --store ./.synapsor/local.db \
224
226
  --output replay.md
@@ -271,13 +273,30 @@ or prune it without touching your source Postgres/MySQL database:
271
273
 
272
274
  ```bash
273
275
  synapsor-runner store stats --store ./.synapsor/local.db
276
+ synapsor-runner events tail --store ./.synapsor/local.db
277
+ synapsor-runner events webhook --url http://127.0.0.1:8788/synapsor/events --kind proposal_created --store ./.synapsor/local.db
274
278
  synapsor-runner store vacuum --store ./.synapsor/local.db
275
279
  synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --dry-run
276
280
  synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --yes
281
+ synapsor-runner store prune --store ./.synapsor/local.db --older-than 30d --yes --force
282
+ synapsor-runner store reset --store ./.synapsor/local.db --yes
277
283
  ```
278
284
 
279
- `store prune` defaults to dry-run. Use `--yes` only after reviewing the row
280
- counts it will remove.
285
+ `events tail` shows local lifecycle events already recorded in the SQLite
286
+ ledger, including proposal creation, approval/rejection, writeback jobs, and
287
+ writeback applied/conflict/failed receipts. Add `--follow` to keep polling a
288
+ running local store.
289
+
290
+ `events webhook` pushes the same local lifecycle events to a local/dev/staging
291
+ HTTP endpoint, one event envelope per POST. Use it for a review UI, Slack bridge,
292
+ or app-local notification path when polling is awkward. It is not a hosted
293
+ central ledger and does not expose database credentials.
294
+
295
+ `store prune` defaults to dry-run. `store reset` requires `--yes` and removes
296
+ only the local SQLite ledger files. MCP server modes write a small active-store
297
+ lease next to the SQLite file; destructive store operations refuse while that
298
+ lease points at a live PID unless you pass `--force` after verifying the server
299
+ is stopped or stale.
281
300
 
282
301
  ## Boundary
283
302
 
package/docs/mcp-audit.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # MCP database risk review
2
2
 
3
- `npx -y -p @synapsor/runner@alpha synapsor-runner audit <target>` performs a
3
+ `npx -y -p @synapsor/runner synapsor-runner audit <target>` performs a
4
4
  static MCP database risk review over an exported tool manifest, a remote MCP
5
5
  `tools/list` endpoint, or a stdio MCP server. The `mcp audit` subcommand is also
6
6
  available for users who look for the command under the MCP namespace.
@@ -23,7 +23,7 @@ MCP annotations are treated as hints, not enforcement.
23
23
  Built-in database MCP risk example:
24
24
 
25
25
  ```bash
26
- npx -y -p @synapsor/runner@alpha synapsor-runner audit --example dangerous-db-mcp
26
+ npx -y -p @synapsor/runner synapsor-runner audit --example dangerous-db-mcp
27
27
  ```
28
28
 
29
29
  This bundled example does not require a source checkout or local examples file.
@@ -34,38 +34,38 @@ table/column inputs, and model-controlled tenant/principal fields.
34
34
  Human-readable output:
35
35
 
36
36
  ```bash
37
- npx -y -p @synapsor/runner@alpha synapsor-runner audit ./tools-list.json
37
+ npx -y -p @synapsor/runner synapsor-runner audit ./tools-list.json
38
38
  ```
39
39
 
40
40
  Remote `tools/list` endpoint with a bearer token kept in the environment:
41
41
 
42
42
  ```bash
43
43
  SYNAPSOR_MCP_AUDIT_BEARER="..." \
44
- npx -y -p @synapsor/runner@alpha synapsor-runner audit https://mcp.example.com --format json
44
+ npx -y -p @synapsor/runner synapsor-runner audit https://mcp.example.com --format json
45
45
  ```
46
46
 
47
47
  Remote endpoint with a custom bearer-token environment variable:
48
48
 
49
49
  ```bash
50
- npx -y -p @synapsor/runner@alpha synapsor-runner audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --format json
50
+ npx -y -p @synapsor/runner synapsor-runner audit https://mcp.example.com --bearer-env MCP_AUDIT_TOKEN --format json
51
51
  ```
52
52
 
53
53
  Stdio MCP server:
54
54
 
55
55
  ```bash
56
- npx -y -p @synapsor/runner@alpha synapsor-runner audit 'stdio:node ./server.mjs' --timeout-ms 5000
56
+ npx -y -p @synapsor/runner synapsor-runner audit 'stdio:node ./server.mjs' --timeout-ms 5000
57
57
  ```
58
58
 
59
59
  JSON output:
60
60
 
61
61
  ```bash
62
- npx -y -p @synapsor/runner@alpha synapsor-runner audit ./tools-list.json --format json
62
+ npx -y -p @synapsor/runner synapsor-runner audit ./tools-list.json --format json
63
63
  ```
64
64
 
65
65
  Markdown output for issues, PRs, or security review notes:
66
66
 
67
67
  ```bash
68
- npx -y -p @synapsor/runner@alpha synapsor-runner audit --example dangerous-db-mcp --format markdown
68
+ npx -y -p @synapsor/runner synapsor-runner audit --example dangerous-db-mcp --format markdown
69
69
  ```
70
70
 
71
71
  During local development, the repo-local wrapper can run the same command:
@@ -6,10 +6,10 @@ The primary local proof path is still the one-command Docker demo:
6
6
  ./scripts/demo-docker.sh
7
7
  ```
8
8
 
9
- Use this page after that demo passes and you want to attach a local MCP client.
10
- The tested local-client contract here is stdio. HTTP MCP is available for
11
- app/server deployments where your agent connects to a long-running Runner
12
- service.
9
+ Use this page after that demo passes and you want to attach a local MCP client
10
+ or SDK. The simplest local-client contract is stdio. Standard HTTP MCP is
11
+ available through Streamable HTTP when your agent connects to a long-running
12
+ Runner service.
13
13
 
14
14
  Command examples use the published alpha package through `npx`. From a source
15
15
  checkout, use `./bin/synapsor-runner ...` only when you intentionally want the local
@@ -32,28 +32,53 @@ corepack pnpm test:mcp-client-configs
32
32
  | Mode | Use when | Command |
33
33
  | --- | --- | --- |
34
34
  | stdio | Claude Desktop, Cursor, VS Code, or another local MCP client can launch Synapsor Runner | `synapsor-runner mcp serve` |
35
- | HTTP | Your app/server, Python agent, Node service, or container connects to a long-running Runner service | `synapsor-runner mcp serve-http` |
35
+ | Streamable HTTP MCP | Your app/server, Python agent, Node service, or container uses a standard HTTP MCP client | `synapsor-runner mcp serve-streamable-http` |
36
+ | JSON-RPC bridge | Your app wants a small explicit wrapper around `tools/list`, `tools/call`, and `resources/read` | `synapsor-runner mcp serve-http` |
36
37
 
37
38
  Stdio keeps the MCP protocol on process stdin/stdout and is the simplest local
38
- developer path. HTTP uses JSON-RPC over an authenticated `/mcp` endpoint and is
39
- better for app/server deployments.
40
-
41
- Important alpha limitation: HTTP mode is not full MCP Streamable HTTP. It does
42
- not implement `initialize` or an SSE session handshake. Standard SDK HTTP MCP
43
- clients that require initialization may fail. Use stdio for those clients, or
44
- call Runner's HTTP JSON-RPC endpoint through a thin app/server wrapper.
39
+ developer path. Streamable HTTP implements MCP initialize/session behavior over
40
+ an authenticated `/mcp` endpoint. The JSON-RPC bridge is intentionally smaller
41
+ and does not implement MCP initialize/session behavior.
45
42
 
46
43
  HTTP requires bearer auth by default:
47
44
 
48
45
  ```bash
49
46
  export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
50
47
 
51
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
48
+ npx -y -p @synapsor/runner synapsor-runner mcp serve-streamable-http \
52
49
  --config ./synapsor.runner.json \
53
50
  --store ./.synapsor/local.db \
54
51
  --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
55
52
  ```
56
53
 
54
+ OpenAI Agents SDK rejects dotted function/tool names such as
55
+ `billing.inspect_invoice`. For OpenAI-facing transports, ask Runner to expose
56
+ OpenAI-safe aliases while keeping canonical Synapsor capability names in MCP
57
+ metadata:
58
+
59
+ ```bash
60
+ npx -y -p @synapsor/runner synapsor-runner mcp serve-streamable-http \
61
+ --config ./synapsor.runner.json \
62
+ --store ./.synapsor/local.db \
63
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
64
+ --alias-mode openai
65
+ ```
66
+
67
+ The model sees names such as `billing__inspect_invoice`; `_meta` includes
68
+ `synapsor.canonical_tool_name = billing.inspect_invoice`, and Runner routes the
69
+ alias back to the canonical capability. Use `--alias-mode both` only when a
70
+ migration needs canonical dotted names and OpenAI-safe aliases exposed at the
71
+ same time.
72
+
73
+ Preview the exact alias mapping before wiring a client:
74
+
75
+ ```bash
76
+ npx -y -p @synapsor/runner synapsor-runner tools preview \
77
+ --config ./synapsor.runner.json \
78
+ --store ./.synapsor/local.db \
79
+ --alias-mode openai
80
+ ```
81
+
57
82
  Use private networking/TLS before exposing HTTP MCP beyond localhost. Details:
58
83
  [HTTP MCP](http-mcp.md).
59
84
 
@@ -62,7 +87,7 @@ Use private networking/TLS before exposing HTTP MCP beyond localhost. Details:
62
87
  Print a snippet without modifying any client files:
63
88
 
64
89
  ```bash
65
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp config claude-desktop \
90
+ npx -y -p @synapsor/runner synapsor-runner mcp config claude-desktop \
66
91
  --config ./synapsor.runner.json \
67
92
  --store ./.synapsor/local.db
68
93
  ```
@@ -75,18 +100,29 @@ generic
75
100
  claude-desktop
76
101
  cursor
77
102
  vscode
103
+ openai-agents
104
+ ```
105
+
106
+ For OpenAI Agents SDK, generate the Streamable HTTP start command and Python
107
+ snippet:
108
+
109
+ ```bash
110
+ npx -y -p @synapsor/runner synapsor-runner mcp client-config \
111
+ --client openai-agents \
112
+ --config ./synapsor.runner.json \
113
+ --store ./.synapsor/local.db
78
114
  ```
79
115
 
80
116
  The older form is still supported:
81
117
 
82
118
  ```bash
83
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure --client claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
119
+ npx -y -p @synapsor/runner synapsor-runner mcp configure --client claude-desktop --config ./synapsor.runner.json --store ./.synapsor/local.db
84
120
  ```
85
121
 
86
122
  Write is opt-in and requires an explicit destination:
87
123
 
88
124
  ```bash
89
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp configure \
125
+ npx -y -p @synapsor/runner synapsor-runner mcp configure \
90
126
  --client cursor \
91
127
  --config ./synapsor.runner.json \
92
128
  --store ./.synapsor/local.db \
@@ -105,22 +141,24 @@ database URLs or passwords into the client config.
105
141
  From the runner repository:
106
142
 
107
143
  ```bash
108
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
144
+ npx -y -p @synapsor/runner synapsor-runner mcp serve --config ./examples/mcp-postgres-billing/synapsor.runner.json --store ./.synapsor/local.db
109
145
  ```
110
146
 
111
147
  For the alpha package, keep the package tag explicit in client configuration.
112
148
 
113
- For app/server HTTP mode:
149
+ For standard app/server HTTP MCP mode:
114
150
 
115
151
  ```bash
116
152
  export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
117
153
 
118
- npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
154
+ npx -y -p @synapsor/runner synapsor-runner mcp serve-streamable-http \
119
155
  --config ./examples/mcp-postgres-billing/synapsor.runner.json \
120
156
  --store ./.synapsor/local.db \
121
157
  --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN
122
158
  ```
123
159
 
160
+ For the smaller JSON-RPC bridge, use `synapsor-runner mcp serve-http` instead.
161
+
124
162
  ## Generic stdio Client
125
163
 
126
164
  ```json
@@ -131,7 +169,7 @@ npx -y -p @synapsor/runner@alpha synapsor-runner mcp serve-http \
131
169
  "args": [
132
170
  "-y",
133
171
  "-p",
134
- "@synapsor/runner@alpha",
172
+ "@synapsor/runner",
135
173
  "synapsor-runner",
136
174
  "mcp",
137
175
  "serve",
@@ -174,7 +212,7 @@ small tool-call test.
174
212
  First confirm what Runner exposes:
175
213
 
176
214
  ```bash
177
- npx -y -p @synapsor/runner@alpha synapsor-runner tools preview \
215
+ npx -y -p @synapsor/runner synapsor-runner tools preview \
178
216
  --config ./synapsor.runner.json \
179
217
  --store ./.synapsor/local.db
180
218
  ```
@@ -0,0 +1,57 @@
1
+ # OpenAI Agents SDK
2
+
3
+ Use Synapsor Runner with the OpenAI Agents SDK through standard MCP Streamable
4
+ HTTP. Runner exposes semantic database tools to the model and keeps approval,
5
+ writeback, database URLs, and write credentials outside the model-facing tool
6
+ surface.
7
+
8
+ ## Start Runner
9
+
10
+ ```bash
11
+ export SYNAPSOR_RUNNER_HTTP_TOKEN="dev-local-token"
12
+
13
+ npx -y -p @synapsor/runner synapsor-runner mcp serve-streamable-http \
14
+ --config ./synapsor.runner.json \
15
+ --store ./.synapsor/local.db \
16
+ --auth-token-env SYNAPSOR_RUNNER_HTTP_TOKEN \
17
+ --alias-mode openai
18
+ ```
19
+
20
+ `--alias-mode openai` is important because OpenAI function/tool names cannot
21
+ contain dots. Runner exposes names such as `billing__inspect_invoice` to the
22
+ model and maps calls back to canonical Synapsor capability names such as
23
+ `billing.inspect_invoice`.
24
+
25
+ ## Generate The Snippet
26
+
27
+ ```bash
28
+ npx -y -p @synapsor/runner synapsor-runner mcp client-config \
29
+ --client openai-agents \
30
+ --config ./synapsor.runner.json \
31
+ --store ./.synapsor/local.db
32
+ ```
33
+
34
+ The generated output includes:
35
+
36
+ - the Streamable HTTP server command;
37
+ - the `/mcp` URL;
38
+ - a Python `MCPServerStreamableHttp` snippet;
39
+ - the OpenAI alias note.
40
+
41
+ It does not include database URLs, passwords, write credentials, API keys, or
42
+ bearer token values.
43
+
44
+ ## Sanity Check
45
+
46
+ Before giving the agent a real task, ask it to inspect one known object and
47
+ return the tool name it called plus the evidence handle. A healthy setup calls a
48
+ semantic tool such as `billing__inspect_invoice`. It should not expose
49
+ `execute_sql`, approval tools, commit/apply tools, database URLs, or write
50
+ credentials.
51
+
52
+ ## Examples
53
+
54
+ ```text
55
+ examples/openai-agents-http/
56
+ examples/openai-agents-stdio/
57
+ ```