@tangle-network/agent-integrations 0.26.0 → 0.27.0

package/dist/connectors/adapters/index.d.ts

@@ -1 +1,593 @@
-export { p as DocuSealOptions, G as GmailOptions, q as GoogleCalendarOptions, r as GoogleDriveOptions, s as GoogleSheetsOptions, H as HubSpotOptions, M as MicrosoftCalendarOptions, N as NotionDatabaseOptions, v as RestConnectorSpec, w as RestCredentialPlacement, x as RestOperationSpec, y as RestRequestSpec, S as SlackOptions, z as airtableConnector, B as asanaConnector, J as declarativeRestConnector, K as docuseal, L as githubConnector, O as gitlabConnector, P as gmail, Q as googleCalendar, T as googleDrive, U as googleSheets, V as hubspot, W as microsoftCalendar, X as notionDatabase, Y as salesforceConnector, Z as slack, _ as slackEventsConnector, $ as stripePackConnector, a0 as stripeWebhookReceiverConnector, a1 as twilioSmsConnector, a3 as webhookConnector } from '../../index-D4D4CEKX.js';
+import { C as ConnectorAdapter } from '../../tangle-id-CTU4kGId.js';
+export { D as DEFAULT_TANGLE_PLATFORM_URL, v as TANGLE_API_KEY_PREFIX, w as TANGLE_SERVICE_TOKEN_PREFIX, b as TangleIdentityClient, T as TangleIdentityOptions, x as TangleIdentityUnreachableError, c as TangleTokenVerifyFailure, y as TangleTokenVerifyResult, a as TangleUserSummary, z as TangleWorkspaceSummary, F as createTangleIdentityClient, G as tangleIdentity } from '../../tangle-id-CTU4kGId.js';
+
+/**
+ * Google Calendar connector — CAS reference implementation.
+ *
+ * Scopes: `https://www.googleapis.com/auth/calendar` covers list/insert/
+ * patch on the user's calendars. We could split read/write but for v1 the
+ * single scope keeps the consent screen simple; an operator who wants
+ * read-only-Calendar can pick a different `kind` later (`google-calendar-readonly`).
+ *
+ * The two capabilities the agent actually needs:
+ *
+ *   list_availability(calendarId, timeMin, timeMax)
+ *     → {busy: [{start, end}], events: [{id, etag, start, end, summary}]}
+ *     Read; no CAS. Cheap (events.list).
+ *
+ *   book_slot(calendarId, start, end, summary, attendees?)
+ *     → {eventId, etag}
+ *     Mutation. CAS by Calendar's own conflict-detection: we re-list
+ *     events for the requested window inside the same call, and if any
+ *     OVERLAP exists we return `conflict` with the next-3 free slots
+ *     mined from the user's freebusy, instead of inserting.
+ *
+ * Why pre-flight read-then-insert rather than relying on If-Match:
+ * `events.insert` doesn't take If-Match (you can't precondition an
+ * insert against a non-existent resource). Calendar's own
+ * `freebusy.query` is the canonical conflict signal. The whole flow is:
+ *
+ *   1. freebusy.query for [start, end] on this calendarId
+ *   2. if busy → emit ResourceContention with next-3 free slots
+ *      (computed by walking forward in 30-min steps until 3 free
+ *      windows of (end-start) duration found)
+ *   3. else events.insert with idempotency-key as `requestId` (a Calendar
+ *      API feature that gives us per-key dedup at upstream)
+ *
+ * Step 3's `requestId` parameter means a retry of the same idempotency
+ * key on the same calendar will return the original event rather than
+ * creating a duplicate, which composes correctly with our MutationGuard's
+ * idempotency record (which short-circuits before ever hitting upstream
+ * on the second call). Defense-in-depth.
+ */
+
+/** OAuth client config the factory closes over. Caller resolves these
+ *  at construction time (env, DB, secret manager — package doesn't care). */
+interface GoogleCalendarOptions {
+    clientId: string;
+    clientSecret: string;
+}
+declare function googleCalendar(opts: GoogleCalendarOptions): ConnectorAdapter;
+
+/**
+ * @stable Google Drive connector — doc-flow-in for legal/tax/creative agents.
+ *
+ * Three capabilities, picked to cover "agent pulls a document the user
+ * dropped in a folder" without trying to expose all of Drive's surface:
+ *
+ *   list_files(folderId?, query?, pageSize?)
+ *     → {files: [{id, name, mimeType, modifiedTime, size?, md5Checksum?}], nextPageToken?}
+ *     Read. files.list with a `'<folder>' in parents` clause when folderId
+ *     is provided, otherwise the user's whole Drive scoped by Drive query.
+ *
+ *   read_file(fileId, format?)
+ *     → {name, mimeType, content: string | base64, encoding: 'utf-8' | 'base64'}
+ *     Read. For Google-native types (Docs/Sheets/Slides) we use
+ *     `files.export` with the requested export mime; for binary types
+ *     (PDF, images, .docx) we use `files.get?alt=media` and base64 the
+ *     bytes. Caller decides what to do with each.
+ *
+ *   watch_folder(folderId, channelId, address, ttlMs?)
+ *     → {channelId, resourceId, expiration}
+ *     Mutation (creates a push notification channel). CAS: native-idempotency
+ *     by way of the caller-supplied `channelId` — re-issuing the same
+ *     channelId returns 409, which we surface as `idempotentReplay: true`
+ *     after pulling the existing channel's `resourceId` from
+ *     `DataSource.metadata.watchedChannels[channelId]`.
+ *
+ * Auth: OAuth2 with `drive.readonly` (list/read) + `drive` (watch). We
+ * scope to readonly by default and require the operator to opt into the
+ * full-write scope only if they intend to use watch_folder. The
+ * `requiredScopes` field on each capability gates this in the agent's
+ * tool registry — the agent never sees `watch_folder` unless the grant
+ * carries `drive`.
+ *
+ * Why no upload capability in v1: upload is a multi-part / resumable
+ * dance that's properly its own connector pack (write-doc workflows
+ * need an authoritative consistency model, a separate review path,
+ * etc.). Doc-flow-in is the load-bearing case for the five product
+ * agents — doc-flow-out lives in the appropriate kind-specific pack
+ * (e.g., docuseal-out, gmail send_reply, sheets update_row).
+ */
+
+/** OAuth client config the factory closes over. */
+interface GoogleDriveOptions {
+    clientId: string;
+    clientSecret: string;
+    /** When true, request the broader `drive` scope at connect-time so
+     *  the operator can use watch_folder. Default false — request only
+     *  `drive.readonly` and gate watch_folder via `requiredScopes`. */
+    includeWatchScope?: boolean;
+    /** Default request timeout in ms. Applied per-fetch via AbortSignal. */
+    timeoutMs?: number;
+}
+declare function googleDrive(opts: GoogleDriveOptions): ConnectorAdapter;
+
+/**
+ * Google Sheets connector — live KB source + writable rows.
+ *
+ * The flagship for the "agent reads from a live spreadsheet" UX. The
+ * customer points the connection at a Sheet (spreadsheetId + sheetName +
+ * headerRow). We expose:
+ *
+ *   list_rows(filter?, limit?)
+ *     → {rows: [{...header→cell}], nextCursor?}
+ *     Cheap; just spreadsheets.values.get with the configured range.
+ *
+ *   query_rows(predicate)
+ *     → same shape as list_rows but with a structured filter (k=v pairs
+ *     ANDed together). Simple and explainable; no SQL.
+ *
+ *   update_row(rowKey, patch)
+ *     → {row: {...header→cell}, updatedRange}
+ *     Mutation. CAS via Sheets' spreadsheets.values.update + a
+ *     pre-flight read of the row's revisionId-equivalent hash. Sheets
+ *     doesn't expose a per-row etag, so we synthesize one — see
+ *     `rowFingerprint`. If the fingerprint doesn't match what the agent
+ *     last read, we surface ResourceContention with the current row in
+ *     `currentState`.
+ *
+ * KB binding: when a Sheet is `consistencyModel: 'cache'` (the default
+ * for spreadsheets — they're slow-moving), the system also indexes the
+ * rows as KB chunks. The KB build pipeline calls `list_rows` and emits
+ * one markdown page per row; on a connector-level "refresh" event the
+ * agent's KB rebuilds.
+ */
+
+/** OAuth client config the factory closes over. Caller resolves these
+ *  at construction time (env, DB, secret manager — package doesn't care). */
+interface GoogleSheetsOptions {
+    clientId: string;
+    clientSecret: string;
+}
+declare function googleSheets(opts: GoogleSheetsOptions): ConnectorAdapter;
+
+/**
+ * @stable Gmail connector — email-triggered agent workflows.
+ *
+ * Four capabilities, picked to cover "agent reads inbox, replies, and
+ * watches a label" without exposing all of Gmail's surface:
+ *
+ *   list_messages(labelIds?, query?, maxResults?)
+ *     → {messages: [{id, threadId, snippet, internalDate, from, to, subject, labelIds}], nextPageToken?}
+ *     Read. `users.messages.list` + a parallel `users.messages.get` for
+ *     each id with `format=metadata` so the agent gets actionable header
+ *     fields, not just ids.
+ *
+ *   read_message(id, format?)
+ *     → {id, threadId, from, to, subject, internalDate, body: {text?, html?}, attachments: [{filename, mimeType, attachmentId}]}
+ *     Read. `users.messages.get?format=full` then a small MIME walker that
+ *     extracts `text/plain` + `text/html` + a flat attachment manifest.
+ *     Attachment bodies are NOT inlined (could be huge) — the caller can
+ *     follow up with `get_attachment` if needed.
+ *
+ *   send_reply(threadId, body, replyAll?, cc?)
+ *     → {id, threadId, labelIds}
+ *     Mutation. `users.messages.send` with In-Reply-To/References headers
+ *     pulled from the most recent message in the thread. CAS: native-
+ *     idempotency. Gmail does not honor an explicit idempotency-key
+ *     header, so we encode the agent's idempotency key into a
+ *     `X-Tangle-Idempotency-Key` header AND we annotate the thread with
+ *     a custom label `tangle-sent-<key>` on success — a retry can list
+ *     the label and short-circuit without re-sending. The MutationGuard
+ *     above the connector still short-circuits the common retry case
+ *     before any upstream call.
+ *
+ *   watch_label(labelIds, topicName, ttlMs?)
+ *     → {historyId, expiration}
+ *     Mutation. `users.watch` registers a Cloud Pub/Sub topic that
+ *     receives a notification on label changes. Caller owns the Pub/Sub
+ *     topic and routes pushes into the webhook router. Note: Gmail
+ *     forces re-registration every 7 days; we surface the upstream
+ *     `expiration` so the caller can schedule a refresh.
+ *
+ * Auth: OAuth2 with `gmail.readonly` (list/read), `gmail.send` (send),
+ * `gmail.modify` (watch). Caller toggles which to include via the
+ * `scopes` option.
+ */
+
+interface GmailOptions {
+    clientId: string;
+    clientSecret: string;
+    /** Scopes requested at connect-time. Default: read + send + modify. */
+    scopes?: string[];
+    /** Default request timeout in ms. */
+    timeoutMs?: number;
+}
+declare function gmail(opts: GmailOptions): ConnectorAdapter;
+
+/**
+ * Microsoft Graph Calendar connector — the Outlook half of the
+ * voice-agent's "book me a slot" surface.
+ *
+ * Mirrors the Google Calendar pattern almost line-for-line, with two
+ * upstream-specific quirks worth calling out:
+ *
+ *   1. Graph exposes `@odata.etag` on every event resource AND honors
+ *      `If-Match` on `events.patch` / `events.delete`. So unlike Calendar
+ *      (insert can't be preconditioned against a non-existent resource),
+ *      we DO get real etag CAS for updates after the booking. We still
+ *      use the freebusy pre-flight for the create path, because the
+ *      "two callers grab the same slot" race happens before any event
+ *      exists.
+ *
+ *   2. `getSchedule` is the Graph equivalent of `freeBusy.query`. Same
+ *      shape: send `[start, end]` plus the calendar's email/UPN, get
+ *      back a `scheduleItems` list of busy windows.
+ *
+ * Why the same flow ports cleanly: the conflict mode is identical
+ * ("did someone else grab this slot between read and write?"). The
+ * mechanism — pre-flight read + idempotent insert — composes regardless
+ * of whether upstream gives us a request-id dedup feature. Graph does
+ * not have a `requestId` analogue on `events.create`, so we rely
+ * exclusively on MutationGuard's idempotency-key short-circuit ABOVE
+ * the connector. That layer prevents duplicate inserts on retry.
+ */
+
+/** OAuth client config the factory closes over. Caller resolves these
+ *  at construction time (env, DB, secret manager — package doesn't care). */
+interface MicrosoftCalendarOptions {
+    clientId: string;
+    clientSecret: string;
+}
+declare function microsoftCalendar(opts: MicrosoftCalendarOptions): ConnectorAdapter;
+
+/**
+ * HubSpot CRM connector — three load-bearing capabilities, picked to
+ * cover the voice-agent's CRM hot path without trying to swallow all of
+ * HubSpot's surface in v1.
+ *
+ *   find_contact(email)
+ *     → {contact: {id, properties}} | {found: false}
+ *     POST /crm/v3/objects/contacts/search with an email-equality filter.
+ *     Cheap, idempotent, no CAS needed (read).
+ *
+ *   upsert_contact(email, properties)
+ *     → {contactId, created}
+ *     Mutation. CAS strategy = native-idempotency, BUT: HubSpot's
+ *     `idempotencyKey` query param is ONLY available on the v3 *batch*
+ *     endpoints (`/crm/v3/objects/contacts/batch/upsert`). The
+ *     single-record endpoints don't honor it. We use the batch endpoint
+ *     with a single-element array to get native idempotency on retry.
+ *
+ *   create_note(contactId, body)
+ *     → {noteId}
+ *     Mutation that logs a note engagement on a contact and associates
+ *     it. Notes are append-only — there's no conflict to detect — so we
+ *     use native-idempotency via the same batch trick on
+ *     `/crm/v3/objects/notes/batch/create`.
+ *
+ * Why three and not thirty: the agent's leverage on HubSpot is
+ * "remember who I just spoke to". `find_contact` lets the agent address
+ * a returning caller by name; `upsert_contact` captures a new one
+ * without duplicates; `create_note` writes the call's outcome as a CRM
+ * activity. Anything beyond these (deals, tickets, lists) lives in
+ * Tier-2 specific kinds — keeping the manifest tight keeps the agent's
+ * tool registry comprehensible.
+ */
+
+/** OAuth client config the factory closes over. Caller resolves these
+ *  at construction time (env, DB, secret manager — package doesn't care). */
+interface HubSpotOptions {
+    clientId: string;
+    clientSecret: string;
+}
+declare function hubspot(opts: HubSpotOptions): ConnectorAdapter;
+
+/**
+ * Slack connector — bot-token OAuth, three messaging-oriented capabilities.
+ *
+ *   post_message(channel, text|blocks)  → mutation; cas: 'none'
+ *   lookup_user(email)                  → read
+ *   list_channels(types?, limit?)       → read
+ *
+ * Why `cas: 'none'` is acceptable here (and only here in this batch):
+ * Slack messages are advisory — we set
+ * `defaultConsistencyModel: 'advisory'`. The registry validator allows
+ * `cas: 'none'` only on non-authoritative connectors precisely so that
+ * append-only messaging surfaces don't have to invent fake CAS theatre.
+ * The agent's planner already treats `advisory` data as informational
+ * and does not promise outcomes based on its post results without
+ * a separate authoritative confirm. MutationGuard's idempotency-key
+ * dedup remains in force above the connector — a retry of the same
+ * post_message call will short-circuit before reaching Slack.
+ *
+ * Auth: standard OAuth2. Slack's `/oauth.v2.access` returns a bot
+ * `access_token` (`xoxb-…`) but does NOT return a refresh_token unless
+ * the app has rotated tokens enabled. Bot tokens are long-lived by
+ * default; we surface refreshToken handling but treat its absence as
+ * normal rather than an error.
+ */
+
+/** OAuth client config the factory closes over. Caller resolves these
+ *  at construction time (env, DB, secret manager — package doesn't care). */
+interface SlackOptions {
+    clientId: string;
+    clientSecret: string;
+}
+declare function slack(opts: SlackOptions): ConnectorAdapter;
+
+/**
+ * Notion database connector — query + page-level CRUD against a single
+ * connected database.
+ *
+ *   query_database(filter?, pageSize?)  → read
+ *   create_page(properties)             → mutation; cas: 'native-idempotency'
+ *   update_page(pageId, properties)     → mutation; cas: 'etag-if-match'
+ *
+ * CAS quirks worth flagging:
+ *
+ *   1. Notion added support for the `Idempotency-Key` HTTP header on
+ *      mutating requests. We forward our SDK's idempotency key on
+ *      create_page, which gives at-most-once semantics under the same
+ *      key for ~24h. MutationGuard's record short-circuits above us;
+ *      Notion's dedup is the second line of defense.
+ *
+ *   2. Notion does NOT expose a per-page etag the way Graph does. The
+ *      canonical drift signal is `last_edited_time` (RFC3339). Our
+ *      `update_page` capability accepts an `expectedLastEditedTime` arg;
+ *      if supplied, we GET the page first and compare. Mismatch →
+ *      ResourceContention with the current page state. Conflict-free
+ *      callers can omit the field (last-write-wins, the Notion default).
+ *
+ * Auth: standard OAuth2. Notion's token endpoint follows RFC 6749 with
+ * one twist — the workspace_id and bot_id come back in the response and
+ * we stash them in `metadata` so the agent can address resources by
+ * workspace where useful.
+ */
+
+/** OAuth client config the factory closes over. Caller resolves these
+ *  at construction time (env, DB, secret manager — package doesn't care). */
+interface NotionDatabaseOptions {
+    clientId: string;
+    clientSecret: string;
+}
+declare function notionDatabase(opts: NotionDatabaseOptions): ConnectorAdapter;
+
+/**
+ * @stable DocuSeal connector — e-signature flows for legal/tax agents.
+ *
+ * Three capabilities + inbound webhook surface:
+ *
+ *   create_submission(templateId, submitters, sendEmail?)
+ *     → {submissionId, submitters: [{email, slug, url}], status: 'pending'}
+ *     Mutation. POST /api/submissions with an explicit
+ *     `external_id = idempotencyKey` so DocuSeal will dedupe the
+ *     submission across our retries (verified against DocuSeal's
+ *     external_id uniqueness behavior).
+ *
+ *   get_submission(submissionId)
+ *     → {submissionId, status, completedAt?, submitters: [{email, status, completedAt?, slug, url}]}
+ *     Read. GET /api/submissions/:id, normalized so the agent doesn't
+ *     have to map DocuSeal's per-submitter status (`awaiting`, `sent`,
+ *     `opened`, `completed`, `declined`) onto a smaller taxonomy.
+ *
+ *   void_submission(submissionId, reason?)
+ *     → {submissionId, status: 'voided', voidedAt}
+ *     Mutation. DELETE /api/submissions/:id with `reason` carried as a
+ *     header. CAS: etag-if-match — DocuSeal emits an updated_at value we
+ *     thread through as ETag so two concurrent voids don't race.
+ *
+ *   handleInboundEvent (webhook surface)
+ *     DocuSeal pushes events to a customer-configured URL. We verify a
+ *     HMAC-SHA256 signature over the raw body keyed by the per-account
+ *     webhook secret (`X-Docuseal-Signature` header, lowercase hex). The
+ *     adapter parses the event shape and emits a normalized
+ *     `InboundEvent` row (eventType = `docuseal.submission.completed`,
+ *     etc.). Replay protection: DocuSeal does not currently sign a
+ *     timestamp, so we recommend the receiver pin a per-event-id idempotency
+ *     row (the `event_id` field on every push payload).
+ *
+ * Auth: API key (DocuSeal personal API key — every endpoint requires it
+ * via the `X-Auth-Token` header). Webhook secret is a separate
+ * credential delivered via the same DataSource — we accept either
+ * `kind: 'api-key'` (action surface) or `kind: 'custom'` carrying
+ * `apiKey` + `webhookSecret` (action + webhook on one connection).
+ *
+ * Error taxonomy (mapped via integrations/errors.ts):
+ *   401 → provider_auth_failed (CredentialsExpired)
+ *   404 → action_not_found (Error) — submission id is unknown
+ *   409 → action_denied / ResourceContention when status guards
+ *   429 → provider_rate_limited (status: 'rate-limited' result)
+ *   5xx → provider_unavailable
+ */
+
+interface DocuSealOptions {
+    /** Override the DocuSeal API base URL (self-hosted deployments). */
+    baseUrl?: string;
+    /** Default request timeout in ms. */
+    timeoutMs?: number;
+}
+declare function docuseal(opts?: DocuSealOptions): ConnectorAdapter;
+
+type RestCredentialPlacement = {
+    kind: 'bearer';
+} | {
+    kind: 'header';
+    header: string;
+    prefix?: string;
+} | {
+    kind: 'query';
+    parameter: string;
+};
+interface RestConnectorSpec {
+    kind: string;
+    displayName: string;
+    description: string;
+    auth: ConnectorAdapter['manifest']['auth'];
+    category: ConnectorAdapter['manifest']['category'];
+    defaultConsistencyModel: ConnectorAdapter['manifest']['defaultConsistencyModel'];
+    baseUrl: string | {
+        metadataKey: string;
+        fallback?: string;
+    };
+    credentialPlacement?: RestCredentialPlacement;
+    defaultHeaders?: Record<string, string>;
+    capabilities: RestOperationSpec[];
+    test?: RestRequestSpec;
+}
+interface RestOperationSpec {
+    name: string;
+    class: 'read' | 'mutation';
+    description: string;
+    parameters: Record<string, unknown>;
+    requiredScopes?: string[];
+    request: RestRequestSpec;
+    cas?: 'etag-if-match' | 'native-idempotency' | 'optimistic-read-verify' | 'none';
+    externalEffect?: boolean;
+}
+interface RestRequestSpec {
+    method: 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE';
+    path: string;
+    query?: Record<string, string | number | boolean | undefined>;
+    headers?: Record<string, string>;
+    body?: 'args' | string | Record<string, unknown>;
+}
+declare function declarativeRestConnector(spec: RestConnectorSpec): ConnectorAdapter;
+
+/**
+ * Twilio SMS connector — outbound texts + recent-message lookup. The
+ * agent's "send the caller a confirmation link" surface.
+ *
+ * Auth: HTTP Basic (Account SID + Auth Token). Twilio's API key auth
+ * also supports SID/Secret pairs; we accept either by treating the
+ * stored apiKey envelope as `accountSid:authToken` (or
+ * `accountSid:keySid:secret`) — the connector parses it at call time.
+ *
+ *   send_sms(to, body)
+ *     Mutation. CAS = native-idempotency. Twilio added the
+ *     `Idempotency-Key` HTTP header to POST /Messages in 2024 — same
+ *     key + same args within 24h returns the original Message resource
+ *     instead of sending a second SMS. MutationGuard's record short-
+ *     circuits before us; Twilio's own dedup is defense-in-depth.
+ *
+ *   lookup_number(phoneNumber)
+ *     Read. Hits /v1/PhoneNumbers/{e164} on Lookup API. Confirms the
+ *     number is real, returns carrier info if the caller has Lookup
+ *     enabled on their account.
+ *
+ *   find_recent_messages(toOrFrom?, limit?)
+ *     Read. Returns the most recent Messages on the account, optionally
+ *     filtered by To/From. Useful for "did the confirmation actually
+ *     send?" introspection inside an agent run.
+ */
+
+declare const twilioSmsConnector: ConnectorAdapter;
+
+/**
+ * Stripe pack connector — single connector kind packing customer +
+ * invoice + checkout + subscription management capabilities, validating
+ * the "connector pack" concept (one auth handshake, multiple related
+ * capabilities) without exploding the registry into `stripe-customers`,
+ * `stripe-checkout`, `stripe-invoices`, `stripe-subscriptions` n-tuples.
+ *
+ *   find_customer(email)                       → read; CAS n/a
+ *   list_subscriptions(customerId, status?)    → read; CAS n/a
+ *   create_invoice(customerId, items)          → mutation; cas: 'native-idempotency'
+ *   create_checkout_session(...)               → mutation; cas: 'native-idempotency'
+ *   cancel_subscription(subscriptionId, atPeriodEnd?) → mutation; cas: 'native-idempotency'
+ *   create_billing_portal_session(customerId, returnUrl) → mutation; cas: 'native-idempotency'
+ *
+ * Auth: API key (Stripe restricted key). Operator pastes the key into
+ * the Connections UI. We never see their account password / OAuth flow;
+ * Stripe restricted keys are the customer's responsibility (they pick
+ * which permissions the key carries). The kind exposes a webhook URL
+ * post-connect for the operator to paste into the Stripe dashboard —
+ * we'll wire the receiver to P-3's inbound webhook surface in a later
+ * commit. That URL is returned in `metadata.webhookUrl` so the UI can
+ * render it.
+ *
+ * Why this is the textbook example of `cas: 'native-idempotency'`:
+ * Stripe's `Idempotency-Key` HTTP header is THE reference implementation
+ * of native idempotency. Same key + same args within 24h returns the
+ * stored response (Stripe's words, not ours). Same key + different args
+ * → 400 with `idempotency_error`. We forward the SDK's idempotency key
+ * directly. MutationGuard short-circuits before us on retry; Stripe's
+ * own dedup is the second line of defense.
+ */
+
+declare const stripePackConnector: ConnectorAdapter;
+
+/**
+ * Universal webhook connector — the long-tail escape hatch.
+ *
+ * The user declares a target URL + a JSON-schema for the request body
+ * the agent should send, plus an optional shared secret. We sign every
+ * outbound POST with HMAC-SHA256 over `timestamp.body` and forward the
+ * agent's idempotency key as a header. The receiving system enforces
+ * its own idempotency.
+ *
+ * One adapter, two capabilities. Both arity-1 — `body` is whatever JSON
+ * the agent's planner constructs from the operator-defined schema (which
+ * lives in DataSource.metadata.requestSchema). The agent's planner reads
+ * that schema at request time and constructs valid args.
+ *
+ * Why one connector covers 50 systems badly and 1 system well: the agent
+ * gets a generic "send_event" tool that doesn't *know* what the upstream
+ * does with the payload. That's fine for fire-and-forget event posting
+ * (Zapier-style); it's wrong for booking against a calendar where you
+ * need conflict-resolution. So webhook's `post_event` capability is
+ * marked `cas: 'native-idempotency'` (we forward the key — the receiver
+ * MUST honor it) and `defaultConsistencyModel: 'advisory'`. Anyone
+ * needing real CAS uses a kind-specific connector (Calendar, Sheets, ...).
+ */
+
+declare const webhookConnector: ConnectorAdapter;
+
+/**
+ * Stripe inbound-webhook receiver — push-only side of a Stripe connector.
+ *
+ * The full Stripe connector (charges/customers/invoices read+mutation) is
+ * tracked in INTEGRATIONS.md as separate `stripe-customers` / `stripe-invoices`
+ * rows. This adapter only ships the inbound surface today: receive a push,
+ * verify the signature, persist one `InboundEvent` per Stripe event so the
+ * agent's runtime can react (e.g. payment_failed → outbound dunning call).
+ *
+ * This connector is for the connected account owner: they paste their
+ * `whsec_*` and the consuming product listens on a per-data-source URL such
+ * as /api/webhooks/inbound/stripe/:dataSourceId.
+ *
+ * Signature scheme: Stripe's `t=<unix>,v1=<hmac>` header. HMAC is
+ * sha256(`${t}.${rawBody}`) keyed by the customer's webhook secret. We use
+ * `timingSafeEqual` to defeat timing oracles and bound timestamp skew at
+ * 5 minutes (Stripe's recommendation) to thwart replay against captured
+ * signatures.
+ */
+
+declare const stripeWebhookReceiverConnector: ConnectorAdapter;
+
+/**
+ * Slack Events API inbound receiver.
+ *
+ * Slack sends two distinct request shapes to the same webhook URL:
+ *
+ *   1. `url_verification` — a one-off handshake during app-config. The body
+ *      contains a `challenge` string we MUST echo back as the response body
+ *      (Slack's app-config UI fails the URL otherwise). No InboundEvent is
+ *      persisted for this — it's an infrastructure ping, not a user event.
+ *
+ *   2. `event_callback` — every actual workspace event (message posted,
+ *      reaction added, channel created, …). We persist one InboundEvent
+ *      keyed by `event_id` so a Slack retry (Slack retries 3 times on any
+ *      non-2xx) is deduped at the unique constraint, not after we've
+ *      double-processed.
+ *
+ * Signature scheme: `v0=<hmac(sha256, "v0:<timestamp>:<rawBody>")>` keyed by
+ * the app's signing secret. Header `X-Slack-Request-Timestamp` carries the
+ * timestamp; we reject anything older than 5 minutes (Slack's recommendation)
+ * to bound replay risk.
+ */
+
+declare const slackEventsConnector: ConnectorAdapter;
+
+declare const githubConnector: ConnectorAdapter;
+
+declare const gitlabConnector: ConnectorAdapter;
+
+declare const airtableConnector: ConnectorAdapter;
+
+declare const asanaConnector: ConnectorAdapter;
+
+declare const salesforceConnector: ConnectorAdapter;
+
+export { type DocuSealOptions, type GmailOptions, type GoogleCalendarOptions, type GoogleDriveOptions, type GoogleSheetsOptions, type HubSpotOptions, type MicrosoftCalendarOptions, type NotionDatabaseOptions, type RestConnectorSpec, type RestCredentialPlacement, type RestOperationSpec, type RestRequestSpec, type SlackOptions, airtableConnector, asanaConnector, declarativeRestConnector, docuseal, githubConnector, gitlabConnector, gmail, googleCalendar, googleDrive, googleSheets, hubspot, microsoftCalendar, notionDatabase, salesforceConnector, slack, slackEventsConnector, stripePackConnector, stripeWebhookReceiverConnector, twilioSmsConnector, webhookConnector };

package/dist/connectors/adapters/index.js

@@ -19,11 +19,24 @@ import {
   stripeWebhookReceiverConnector,
   twilioSmsConnector,
   webhookConnector
-} from "../../chunk-GA4VTE3U.js";
+} from "../../chunk-JU25UDN2.js";
 import "../../chunk-2TW2QKGZ.js";
+import {
+  DEFAULT_TANGLE_PLATFORM_URL,
+  TANGLE_API_KEY_PREFIX,
+  TANGLE_SERVICE_TOKEN_PREFIX,
+  TangleIdentityUnreachableError,
+  createTangleIdentityClient,
+  tangleIdentity
+} from "../../chunk-ATYHZXLL.js";
 export {
+  DEFAULT_TANGLE_PLATFORM_URL,
+  TANGLE_API_KEY_PREFIX,
+  TANGLE_SERVICE_TOKEN_PREFIX,
+  TangleIdentityUnreachableError,
   airtableConnector,
   asanaConnector,
+  createTangleIdentityClient,
   declarativeRestConnector,
   docuseal,
   githubConnector,
@@ -40,6 +53,7 @@ export {
   slackEventsConnector,
   stripePackConnector,
   stripeWebhookReceiverConnector,
+  tangleIdentity,
   twilioSmsConnector,
   webhookConnector
 };

package/dist/connectors/index.d.ts

@@ -1,4 +1,5 @@
-export { A as AuthSpec, b as CASStrategy, c as Capability, d as CapabilityClass, e as CapabilityMutation, f as CapabilityMutationResult, g as CapabilityParameterSchema, h as CapabilityRead, i as CapabilityReadResult, C as ConnectorAdapter, a as ConnectorCredentials, j as ConnectorInvocation, k as ConnectorManifest, l as ConnectorManifestValidationIssue, m as ConnectorManifestValidationResult, n as ConsistencyModel, o as CredentialsExpired, D as DataSourceMetadata, p as DocuSealOptions, E as EventHandlerResult, G as GmailOptions, q as GoogleCalendarOptions, r as GoogleDriveOptions, s as GoogleSheetsOptions, H as HubSpotOptions, I as InboundEvent, M as MicrosoftCalendarOptions, N as NotionDatabaseOptions, t as RateLimitSpec, R as ResolvedDataSource, u as ResourceContention, v as RestConnectorSpec, w as RestCredentialPlacement, x as RestOperationSpec, y as RestRequestSpec, S as SlackOptions, z as airtableConnector, B as asanaConnector, F as assertValidConnectorManifest, J as declarativeRestConnector, K as docuseal, L as githubConnector, O as gitlabConnector, P as gmail, Q as googleCalendar, T as googleDrive, U as googleSheets, V as hubspot, W as microsoftCalendar, X as notionDatabase, Y as salesforceConnector, Z as slack, _ as slackEventsConnector, $ as stripePackConnector, a0 as stripeWebhookReceiverConnector, a1 as twilioSmsConnector, a2 as validateConnectorManifest, a3 as webhookConnector } from '../index-D4D4CEKX.js';
+export { A as AuthSpec, e as CASStrategy, f as Capability, g as CapabilityClass, h as CapabilityMutation, i as CapabilityMutationResult, j as CapabilityParameterSchema, k as CapabilityRead, l as CapabilityReadResult, C as ConnectorAdapter, d as ConnectorCredentials, m as ConnectorInvocation, n as ConnectorManifest, o as ConnectorManifestValidationIssue, p as ConnectorManifestValidationResult, q as ConsistencyModel, r as CredentialsExpired, D as DEFAULT_TANGLE_PLATFORM_URL, s as DataSourceMetadata, E as EventHandlerResult, I as InboundEvent, t as RateLimitSpec, R as ResolvedDataSource, u as ResourceContention, v as TANGLE_API_KEY_PREFIX, w as TANGLE_SERVICE_TOKEN_PREFIX, b as TangleIdentityClient, T as TangleIdentityOptions, x as TangleIdentityUnreachableError, c as TangleTokenVerifyFailure, y as TangleTokenVerifyResult, a as TangleUserSummary, z as TangleWorkspaceSummary, B as assertValidConnectorManifest, F as createTangleIdentityClient, G as tangleIdentity, H as validateConnectorManifest } from '../tangle-id-CTU4kGId.js';
+export { DocuSealOptions, GmailOptions, GoogleCalendarOptions, GoogleDriveOptions, GoogleSheetsOptions, HubSpotOptions, MicrosoftCalendarOptions, NotionDatabaseOptions, RestConnectorSpec, RestCredentialPlacement, RestOperationSpec, RestRequestSpec, SlackOptions, airtableConnector, asanaConnector, declarativeRestConnector, docuseal, githubConnector, gitlabConnector, gmail, googleCalendar, googleDrive, googleSheets, hubspot, microsoftCalendar, notionDatabase, salesforceConnector, slack, slackEventsConnector, stripePackConnector, stripeWebhookReceiverConnector, twilioSmsConnector, webhookConnector } from './adapters/index.js';
 
 /**
  * Generic OAuth2 helper used by every oauth-shaped connector (Google