@tangle-network/agent-integrations 0.27.0 → 0.29.0

package/dist/chunk-YOKNZY2N.js

@@ -0,0 +1,284 @@
+import {
+  DEFAULT_TANGLE_PLATFORM_URL
+} from "./chunk-ATYHZXLL.js";
+
+// src/consumer.ts
+var PLATFORM_USER_ID_PATTERN = /^[A-Za-z0-9_-]{1,128}$/;
+var DEFAULT_TIMEOUT_MS = 1e4;
+var DEFAULT_MAX_ATTEMPTS = 2;
+var RETRYABLE_STATUSES = /* @__PURE__ */ new Set([502, 503, 504]);
+var IntegrationHubRequestError = class extends Error {
+  name = "IntegrationHubRequestError";
+  /** HTTP status, or 0 for a network-level failure. */
+  status;
+  /** Platform error code (`VALIDATION_ERROR`, `scope_missing`, …) or
+   *  `network_error` / `http_error` when no structured code was returned. */
+  code;
+  /** `METHOD /path` the request targeted. */
+  endpoint;
+  /** True when the failure class is transient and a retry could succeed. */
+  retryable;
+  constructor(input) {
+    super(input.message);
+    this.status = input.status;
+    this.code = input.code;
+    this.endpoint = input.endpoint;
+    this.retryable = input.retryable;
+  }
+};
+var IntegrationHubClient = class {
+  endpoint;
+  product;
+  auth;
+  fetchImpl;
+  timeoutMs;
+  maxAttempts;
+  constructor(options) {
+    if (!options.product) {
+      throw new Error("IntegrationHubClient: product is required");
+    }
+    if (options.auth.mode === "service" && !options.auth.serviceToken) {
+      throw new Error("IntegrationHubClient: service auth requires a serviceToken");
+    }
+    if (options.auth.mode === "service" && !options.auth.serviceName) {
+      throw new Error("IntegrationHubClient: service auth requires a serviceName");
+    }
+    if (options.auth.mode === "user-key" && !options.auth.apiKey) {
+      throw new Error("IntegrationHubClient: user-key auth requires an apiKey");
+    }
+    this.endpoint = (options.endpoint ?? DEFAULT_TANGLE_PLATFORM_URL).replace(/\/+$/, "");
+    this.product = options.product;
+    this.auth = options.auth;
+    this.fetchImpl = options.fetchImpl ?? fetch;
+    this.timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+    this.maxAttempts = Math.max(1, options.maxAttempts ?? DEFAULT_MAX_ATTEMPTS);
+  }
+  /**
+   * Resolve a manifest against a user's connections. The returned
+   * `ready` / `missing` split is the canonical way to ask "does this user
+   * have the connections this work needs" — the raw connection list is not
+   * reachable by a service token by design.
+   */
+  async resolveManifest(input) {
+    return this.request("POST", "/resolve-manifest", input.userId, {
+      product: input.product ?? this.product,
+      manifest: input.manifest,
+      ownerUserId: input.userId
+    });
+  }
+  /**
+   * Convenience over {@link resolveManifest} — probe a single connector and
+   * get back a boolean plus the satisfying connection. The Surface-A quest
+   * primitive ("is the user's GitHub linked?").
+   */
+  async checkConnector(input) {
+    const requirementId = input.connectorId;
+    const resolution = await this.resolveManifest({
+      userId: input.userId,
+      manifest: {
+        id: `connectivity-check:${input.connectorId}`,
+        requirements: [
+          {
+            id: requirementId,
+            connectorId: input.connectorId,
+            reason: `Connectivity check for ${input.connectorId}`,
+            mode: input.mode ?? "read",
+            ...input.requiredScopes ? { requiredScopes: input.requiredScopes } : {},
+            ...input.requiredActions ? { requiredActions: input.requiredActions } : {}
+          }
+        ]
+      }
+    });
+    const requirement = resolution.ready.find((r) => r.requirement.id === requirementId) ?? resolution.missing.find((r) => r.requirement.id === requirementId) ?? resolution.optionalMissing.find((r) => r.requirement.id === requirementId);
+    if (!requirement) {
+      throw new IntegrationHubRequestError({
+        status: 0,
+        code: "malformed_response",
+        message: `resolve-manifest returned no resolution for requirement ${requirementId}`,
+        endpoint: "POST /resolve-manifest",
+        retryable: false
+      });
+    }
+    return {
+      connected: requirement.status === "ready",
+      ...requirement.connection ? { connection: requirement.connection } : {},
+      resolution: requirement
+    };
+  }
+  /** Create grants for every satisfiable requirement of a manifest. The
+   *  platform rejects the call if any non-optional requirement is missing a
+   *  connection. */
+  async createGrants(input) {
+    const data = await this.request(
+      "POST",
+      "/grants",
+      input.userId,
+      {
+        grantee: input.grantee,
+        manifest: input.manifest,
+        ownerUserId: input.userId,
+        ...input.metadata ? { metadata: input.metadata } : {}
+      }
+    );
+    return data.grants;
+  }
+  /** List the acting user's grants, optionally filtered to one grantee. */
+  async listGrants(input) {
+    const query = input.grantee !== void 0 ? `?granteeType=${encodeURIComponent(input.grantee.type)}&granteeId=${encodeURIComponent(input.grantee.id)}` : "";
+    const data = await this.request(
+      "GET",
+      `/grants${query}`,
+      input.userId
+    );
+    return data.grants;
+  }
+  /** Mint a short-lived capability bundle for a sandbox / agent process.
+   *  Provider credentials never leave the platform — the bundle carries only
+   *  scoped, expiring capability tokens. */
+  async mintCapabilityBundle(input) {
+    if (!input.manifestId && !(input.grantIds && input.grantIds.length > 0)) {
+      throw new Error(
+        "IntegrationHubClient.mintCapabilityBundle: manifestId or a non-empty grantIds is required"
+      );
+    }
+    return this.request("POST", "/capabilities/bundle", input.userId, {
+      subject: input.subject,
+      ...input.manifestId ? { manifestId: input.manifestId } : {},
+      ...input.grantIds ? { grantIds: input.grantIds } : {},
+      ...input.grantee ? { grantee: input.grantee } : {},
+      ...input.ttlMs !== void 0 ? { ttlMs: input.ttlMs } : {}
+    });
+  }
+  /** Run live healthchecks across all of the acting user's connections. */
+  async runHealthchecks(input) {
+    const data = await this.request(
+      "POST",
+      "/healthchecks/run",
+      input.userId,
+      { ownerUserId: input.userId }
+    );
+    return data.healthchecks;
+  }
+  buildHeaders(userId, hasBody) {
+    const headers = new Headers({ accept: "application/json" });
+    if (hasBody) headers.set("content-type", "application/json");
+    if (this.auth.mode === "service") {
+      headers.set("authorization", `Bearer ${this.auth.serviceToken}`);
+      headers.set("x-service-name", this.auth.serviceName);
+      headers.set("x-platform-user-id", userId);
+    } else {
+      headers.set("authorization", `Bearer ${this.auth.apiKey}`);
+    }
+    return headers;
+  }
+  async request(method, path, userId, body) {
+    if (!PLATFORM_USER_ID_PATTERN.test(userId)) {
+      throw new IntegrationHubRequestError({
+        status: 0,
+        code: "invalid_user_id",
+        message: `userId ${JSON.stringify(userId)} is not a valid platform user id`,
+        endpoint: `${method} ${path}`,
+        retryable: false
+      });
+    }
+    const url = `${this.endpoint}/v1/integrations${path}`;
+    const endpointLabel = `${method} /v1/integrations${path}`;
+    const headers = this.buildHeaders(userId, body !== void 0);
+    const init = {
+      method,
+      headers,
+      ...body !== void 0 ? { body: JSON.stringify(body) } : {}
+    };
+    let lastError;
+    for (let attempt = 1; attempt <= this.maxAttempts; attempt++) {
+      let response;
+      try {
+        response = await this.fetchImpl(url, {
+          ...init,
+          signal: AbortSignal.timeout(this.timeoutMs)
+        });
+      } catch (error) {
+        lastError = new IntegrationHubRequestError({
+          status: 0,
+          code: "network_error",
+          message: `${endpointLabel} failed: ${error instanceof Error ? error.message : String(error)}`,
+          endpoint: endpointLabel,
+          retryable: true
+        });
+        if (attempt < this.maxAttempts) {
+          await delay(attempt);
+          continue;
+        }
+        throw lastError;
+      }
+      const payload = await readJson(response);
+      if (response.ok && isSuccessEnvelope(payload)) {
+        return payload.data;
+      }
+      const retryable = RETRYABLE_STATUSES.has(response.status);
+      lastError = new IntegrationHubRequestError({
+        status: response.status,
+        code: errorCode(payload, response.status),
+        message: errorMessage(payload, endpointLabel, response.status),
+        endpoint: endpointLabel,
+        retryable
+      });
+      if (retryable && attempt < this.maxAttempts) {
+        await delay(attempt);
+        continue;
+      }
+      throw lastError;
+    }
+    throw lastError ?? new IntegrationHubRequestError({
+      status: 0,
+      code: "unknown",
+      message: `${endpointLabel} exhausted retries without a result`,
+      endpoint: endpointLabel,
+      retryable: false
+    });
+  }
+};
+function createIntegrationHubClient(options) {
+  return new IntegrationHubClient(options);
+}
+function isSuccessEnvelope(payload) {
+  return typeof payload === "object" && payload !== null && payload.success === true && "data" in payload;
+}
+async function readJson(response) {
+  const text = await response.text().catch(() => "");
+  if (!text) return void 0;
+  try {
+    return JSON.parse(text);
+  } catch {
+    return { __text: text };
+  }
+}
+function errorCode(payload, status) {
+  if (typeof payload === "object" && payload !== null) {
+    const error = payload.error;
+    if (error && typeof error.code === "string") return error.code;
+  }
+  return status === 0 ? "network_error" : "http_error";
+}
+function errorMessage(payload, endpointLabel, status) {
+  if (typeof payload === "object" && payload !== null) {
+    const record = payload;
+    if (record.error && typeof record.error.message === "string") {
+      return `${endpointLabel} \u2192 ${status}: ${record.error.message}`;
+    }
+    if (typeof record.__text === "string" && record.__text.length > 0) {
+      return `${endpointLabel} \u2192 ${status}: ${record.__text.slice(0, 300)}`;
+    }
+  }
+  return `${endpointLabel} \u2192 ${status}`;
+}
+function delay(attempt) {
+  return new Promise((resolve) => setTimeout(resolve, attempt * 200));
+}
+
+export {
+  IntegrationHubRequestError,
+  IntegrationHubClient,
+  createIntegrationHubClient
+};
+//# sourceMappingURL=chunk-YOKNZY2N.js.map

package/dist/chunk-YOKNZY2N.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/consumer.ts"],"sourcesContent":["/**\n * @stable Integration Hub consumer client.\n *\n * The third client-shaped surface a product needs, alongside the two that\n * already ship:\n *\n *   - `createTangleIntegrationsClient` (`client.ts`) — the *invoke* client.\n *     Capability-token auth, runs INSIDE a sandbox / generated app, single\n *     endpoint `/v1/integrations/invoke`.\n *   - `startConnectFlow` / `finishConnectFlow` (`connect/index.ts`) — the\n *     *user-consent* flow, mirrors `/cross-site/*`.\n *   - **this** — the S2S *management* client. A product BACKEND (blueprint-\n *     agent, sandbox, gtm-agent, tax-agent, legal-agent, evals, …) drives the\n *     `/v1/integrations/{resolve-manifest,grants,capabilities/bundle,\n *     healthchecks/run}` management surface on `id.tangle.tools` on behalf of\n *     an identified user.\n *\n * Every consumer needs the identical client — the wire protocol, the\n * `{ success, data }` envelope, the auth header shape are all platform-owned.\n * Re-implementing a bespoke fetch loop per product forks the protocol and the\n * copies drift. This module is that shared implementation. It mirrors the\n * `connect/index.ts` design rule one-for-one: DO NOT invent the wire protocol\n * — speak exactly what `products/platform/api/src/routes/integrations.ts`\n * serves.\n *\n * Two auth modes — the route layer (`authMiddleware`) accepts either:\n *\n *   - `service`  — a `svc_*` service token + `X-Service-Name`. The acting\n *     user travels in `X-Platform-User-Id`. The platform honors that header\n *     only for service tokens whose `SERVICE_SCOPES` set contains\n *     `impersonate:user`; a token without it is rejected (403). Reaches the\n *     four management paths the platform allowlists for service tokens.\n *   - `user-key` — a per-user `sk-tan-*` API key (minted via the connect\n *     flow). The key identifies the user; no impersonation header. Reaches\n *     every route the user themselves can.\n *\n * The capability-token `invoke` endpoint is intentionally NOT exposed here —\n * that is `createTangleIntegrationsClient`'s job and uses a different auth.\n */\n\nimport type { IntegrationActor, IntegrationConnection } from './index.js'\nimport type {\n  IntegrationGrant,\n  IntegrationManifest,\n  IntegrationManifestResolution,\n  IntegrationRequirementMode,\n  IntegrationRequirementResolution,\n  IntegrationSandboxBundle,\n} from './runtime.js'\nimport type { IntegrationHealthcheckResult } from './healthcheck.js'\nimport { DEFAULT_TANGLE_PLATFORM_URL } from './connectors/adapters/tangle-id.js'\n\n/** Matches the platform's `PLATFORM_USER_ID_PATTERN` (`auth.ts`). A user id\n *  that fails this is rejected client-side before the request leaves. */\nconst PLATFORM_USER_ID_PATTERN = /^[A-Za-z0-9_-]{1,128}$/\n\nconst DEFAULT_TIMEOUT_MS = 10_000\nconst DEFAULT_MAX_ATTEMPTS = 2\n/** HTTP statuses worth a retry — transient platform/edge failures only.\n *  4xx is deterministic and never retried. */\nconst RETRYABLE_STATUSES = new Set([502, 503, 504])\n\nexport type IntegrationHubAuth =\n  | {\n      mode: 'service'\n      /** The `svc_*` token issued to this product. */\n      serviceToken: string\n      /** Registered service name — sent as `X-Service-Name`. Required\n       *  because one token may be shared across services, in which case the\n       *  platform demands the header to disambiguate. */\n      serviceName: string\n    }\n  | {\n      mode: 'user-key'\n      /** A per-user `sk-tan-*` key bound to the acting user. */\n      apiKey: string\n    }\n\nexport interface IntegrationHubClientOptions {\n  /** The product / consumer identifier (e.g. `blueprint-agent`). Sent as the\n   *  `product` field of resolve-manifest calls; recorded platform-side. */\n  product: string\n  /** Service-token or per-user-key auth. */\n  auth: IntegrationHubAuth\n  /** Platform base URL. Defaults to `https://id.tangle.tools`. */\n  endpoint?: string\n  /** Injected for tests. Defaults to the global `fetch`. */\n  fetchImpl?: typeof fetch\n  /** Per-request timeout in ms. Default 10_000. */\n  timeoutMs?: number\n  /** Max attempts on transient (network / 502 / 503 / 504) failures.\n   *  Default 2 — i.e. one retry. */\n  maxAttempts?: number\n}\n\n/** Thrown for every non-2xx response and every transport failure. Carries the\n *  HTTP status and the platform error code so callers can branch precisely\n *  (`403` + `impersonate` → the service token lacks the scope; `409` /\n *  `missing_connection` → prompt the user to connect). */\nexport class IntegrationHubRequestError extends Error {\n  readonly name = 'IntegrationHubRequestError'\n  /** HTTP status, or 0 for a network-level failure. */\n  readonly status: number\n  /** Platform error code (`VALIDATION_ERROR`, `scope_missing`, …) or\n   *  `network_error` / `http_error` when no structured code was returned. */\n  readonly code: string\n  /** `METHOD /path` the request targeted. */\n  readonly endpoint: string\n  /** True when the failure class is transient and a retry could succeed. */\n  readonly retryable: boolean\n\n  constructor(input: {\n    status: number\n    code: string\n    message: string\n    endpoint: string\n    retryable: boolean\n  }) {\n    super(input.message)\n    this.status = input.status\n    this.code = input.code\n    this.endpoint = input.endpoint\n    this.retryable = input.retryable\n  }\n}\n\nexport interface ResolveManifestInput {\n  /** The acting user — the connection owner. */\n  userId: string\n  manifest: IntegrationManifest\n  /** Overrides the client-level `product` for this call. */\n  product?: string\n}\n\nexport interface CreateGrantsInput {\n  /** The acting user — the connection owner. */\n  userId: string\n  /** Who the grant is FOR (the sandbox / agent / app that will invoke). */\n  grantee: IntegrationActor\n  manifest: IntegrationManifest\n  metadata?: Record<string, unknown>\n}\n\nexport interface ListGrantsInput {\n  /** The acting user — the connection owner. */\n  userId: string\n  /** Optional grantee filter; both fields travel together as query params. */\n  grantee?: IntegrationActor\n}\n\nexport interface MintCapabilityBundleInput {\n  /** The acting user — must own every connection behind the grants. */\n  userId: string\n  /** Who the capability bundle is issued TO (the sandbox / agent process). */\n  subject: IntegrationActor\n  /** Mint from every grant of a manifest … */\n  manifestId?: string\n  /** … or from an explicit grant id list. Exactly one of the two is required. */\n  grantIds?: string[]\n  grantee?: IntegrationActor\n  /** Bundle TTL in ms. Platform clamps to [1s, 60m]; default 15m. */\n  ttlMs?: number\n}\n\nexport interface CapabilityBundleResult {\n  bundle: IntegrationSandboxBundle\n  /** Bridge environment variables to inject into the sandbox process —\n   *  `buildIntegrationBridgeEnvironment(bundle)`, computed platform-side. */\n  env: Record<string, string>\n}\n\nexport interface CheckConnectorInput {\n  /** The acting user. */\n  userId: string\n  /** Connector to probe — `github`, `google-calendar`, `tangle-id`, … */\n  connectorId: string\n  /** Defaults to `read`. */\n  mode?: IntegrationRequirementMode\n  requiredScopes?: string[]\n  requiredActions?: string[]\n}\n\nexport interface CheckConnectorResult {\n  /** True when the user has an active connection satisfying the requirement. */\n  connected: boolean\n  /** The satisfying connection, present iff `connected`. */\n  connection?: IntegrationConnection\n  /** The full requirement resolution — status, missing scopes/actions, message. */\n  resolution: IntegrationRequirementResolution\n}\n\n/**\n * S2S management client for the `id.tangle.tools` integration hub. One per\n * product; methods are stateless and safe to call concurrently.\n */\nexport class IntegrationHubClient {\n  private readonly endpoint: string\n  private readonly product: string\n  private readonly auth: IntegrationHubAuth\n  private readonly fetchImpl: typeof fetch\n  private readonly timeoutMs: number\n  private readonly maxAttempts: number\n\n  constructor(options: IntegrationHubClientOptions) {\n    if (!options.product) {\n      throw new Error('IntegrationHubClient: product is required')\n    }\n    if (options.auth.mode === 'service' && !options.auth.serviceToken) {\n      throw new Error('IntegrationHubClient: service auth requires a serviceToken')\n    }\n    if (options.auth.mode === 'service' && !options.auth.serviceName) {\n      throw new Error('IntegrationHubClient: service auth requires a serviceName')\n    }\n    if (options.auth.mode === 'user-key' && !options.auth.apiKey) {\n      throw new Error('IntegrationHubClient: user-key auth requires an apiKey')\n    }\n    this.endpoint = (options.endpoint ?? DEFAULT_TANGLE_PLATFORM_URL).replace(/\\/+$/, '')\n    this.product = options.product\n    this.auth = options.auth\n    this.fetchImpl = options.fetchImpl ?? fetch\n    this.timeoutMs = options.timeoutMs ?? DEFAULT_TIMEOUT_MS\n    this.maxAttempts = Math.max(1, options.maxAttempts ?? DEFAULT_MAX_ATTEMPTS)\n  }\n\n  /**\n   * Resolve a manifest against a user's connections. The returned\n   * `ready` / `missing` split is the canonical way to ask \"does this user\n   * have the connections this work needs\" — the raw connection list is not\n   * reachable by a service token by design.\n   */\n  async resolveManifest(input: ResolveManifestInput): Promise<IntegrationManifestResolution> {\n    return this.request<IntegrationManifestResolution>('POST', '/resolve-manifest', input.userId, {\n      product: input.product ?? this.product,\n      manifest: input.manifest,\n      ownerUserId: input.userId,\n    })\n  }\n\n  /**\n   * Convenience over {@link resolveManifest} — probe a single connector and\n   * get back a boolean plus the satisfying connection. The Surface-A quest\n   * primitive (\"is the user's GitHub linked?\").\n   */\n  async checkConnector(input: CheckConnectorInput): Promise<CheckConnectorResult> {\n    const requirementId = input.connectorId\n    const resolution = await this.resolveManifest({\n      userId: input.userId,\n      manifest: {\n        id: `connectivity-check:${input.connectorId}`,\n        requirements: [\n          {\n            id: requirementId,\n            connectorId: input.connectorId,\n            reason: `Connectivity check for ${input.connectorId}`,\n            mode: input.mode ?? 'read',\n            ...(input.requiredScopes ? { requiredScopes: input.requiredScopes } : {}),\n            ...(input.requiredActions ? { requiredActions: input.requiredActions } : {}),\n          },\n        ],\n      },\n    })\n    const requirement =\n      resolution.ready.find((r) => r.requirement.id === requirementId) ??\n      resolution.missing.find((r) => r.requirement.id === requirementId) ??\n      resolution.optionalMissing.find((r) => r.requirement.id === requirementId)\n    if (!requirement) {\n      throw new IntegrationHubRequestError({\n        status: 0,\n        code: 'malformed_response',\n        message: `resolve-manifest returned no resolution for requirement ${requirementId}`,\n        endpoint: 'POST /resolve-manifest',\n        retryable: false,\n      })\n    }\n    return {\n      connected: requirement.status === 'ready',\n      ...(requirement.connection ? { connection: requirement.connection } : {}),\n      resolution: requirement,\n    }\n  }\n\n  /** Create grants for every satisfiable requirement of a manifest. The\n   *  platform rejects the call if any non-optional requirement is missing a\n   *  connection. */\n  async createGrants(input: CreateGrantsInput): Promise<IntegrationGrant[]> {\n    const data = await this.request<{ grants: IntegrationGrant[] }>(\n      'POST',\n      '/grants',\n      input.userId,\n      {\n        grantee: input.grantee,\n        manifest: input.manifest,\n        ownerUserId: input.userId,\n        ...(input.metadata ? { metadata: input.metadata } : {}),\n      },\n    )\n    return data.grants\n  }\n\n  /** List the acting user's grants, optionally filtered to one grantee. */\n  async listGrants(input: ListGrantsInput): Promise<IntegrationGrant[]> {\n    const query =\n      input.grantee !== undefined\n        ? `?granteeType=${encodeURIComponent(input.grantee.type)}&granteeId=${encodeURIComponent(input.grantee.id)}`\n        : ''\n    const data = await this.request<{ grants: IntegrationGrant[] }>(\n      'GET',\n      `/grants${query}`,\n      input.userId,\n    )\n    return data.grants\n  }\n\n  /** Mint a short-lived capability bundle for a sandbox / agent process.\n   *  Provider credentials never leave the platform — the bundle carries only\n   *  scoped, expiring capability tokens. */\n  async mintCapabilityBundle(input: MintCapabilityBundleInput): Promise<CapabilityBundleResult> {\n    if (!input.manifestId && !(input.grantIds && input.grantIds.length > 0)) {\n      throw new Error(\n        'IntegrationHubClient.mintCapabilityBundle: manifestId or a non-empty grantIds is required',\n      )\n    }\n    return this.request<CapabilityBundleResult>('POST', '/capabilities/bundle', input.userId, {\n      subject: input.subject,\n      ...(input.manifestId ? { manifestId: input.manifestId } : {}),\n      ...(input.grantIds ? { grantIds: input.grantIds } : {}),\n      ...(input.grantee ? { grantee: input.grantee } : {}),\n      ...(input.ttlMs !== undefined ? { ttlMs: input.ttlMs } : {}),\n    })\n  }\n\n  /** Run live healthchecks across all of the acting user's connections. */\n  async runHealthchecks(input: { userId: string }): Promise<IntegrationHealthcheckResult[]> {\n    const data = await this.request<{ healthchecks: IntegrationHealthcheckResult[] }>(\n      'POST',\n      '/healthchecks/run',\n      input.userId,\n      { ownerUserId: input.userId },\n    )\n    return data.healthchecks\n  }\n\n  private buildHeaders(userId: string, hasBody: boolean): Headers {\n    const headers = new Headers({ accept: 'application/json' })\n    if (hasBody) headers.set('content-type', 'application/json')\n    if (this.auth.mode === 'service') {\n      headers.set('authorization', `Bearer ${this.auth.serviceToken}`)\n      headers.set('x-service-name', this.auth.serviceName)\n      headers.set('x-platform-user-id', userId)\n    } else {\n      headers.set('authorization', `Bearer ${this.auth.apiKey}`)\n    }\n    return headers\n  }\n\n  private async request<T>(\n    method: 'GET' | 'POST',\n    path: string,\n    userId: string,\n    body?: Record<string, unknown>,\n  ): Promise<T> {\n    if (!PLATFORM_USER_ID_PATTERN.test(userId)) {\n      throw new IntegrationHubRequestError({\n        status: 0,\n        code: 'invalid_user_id',\n        message: `userId ${JSON.stringify(userId)} is not a valid platform user id`,\n        endpoint: `${method} ${path}`,\n        retryable: false,\n      })\n    }\n    const url = `${this.endpoint}/v1/integrations${path}`\n    const endpointLabel = `${method} /v1/integrations${path}`\n    const headers = this.buildHeaders(userId, body !== undefined)\n    const init: RequestInit = {\n      method,\n      headers,\n      ...(body !== undefined ? { body: JSON.stringify(body) } : {}),\n    }\n\n    let lastError: IntegrationHubRequestError | undefined\n    for (let attempt = 1; attempt <= this.maxAttempts; attempt++) {\n      let response: Response\n      try {\n        response = await this.fetchImpl(url, {\n          ...init,\n          signal: AbortSignal.timeout(this.timeoutMs),\n        })\n      } catch (error) {\n        lastError = new IntegrationHubRequestError({\n          status: 0,\n          code: 'network_error',\n          message: `${endpointLabel} failed: ${error instanceof Error ? error.message : String(error)}`,\n          endpoint: endpointLabel,\n          retryable: true,\n        })\n        if (attempt < this.maxAttempts) {\n          await delay(attempt)\n          continue\n        }\n        throw lastError\n      }\n\n      const payload = await readJson(response)\n      if (response.ok && isSuccessEnvelope(payload)) {\n        return payload.data as T\n      }\n\n      const retryable = RETRYABLE_STATUSES.has(response.status)\n      lastError = new IntegrationHubRequestError({\n        status: response.status,\n        code: errorCode(payload, response.status),\n        message: errorMessage(payload, endpointLabel, response.status),\n        endpoint: endpointLabel,\n        retryable,\n      })\n      if (retryable && attempt < this.maxAttempts) {\n        await delay(attempt)\n        continue\n      }\n      throw lastError\n    }\n    // Unreachable — the loop always returns or throws — but satisfies the\n    // type checker and fails loud if the invariant is ever broken.\n    throw (\n      lastError ??\n      new IntegrationHubRequestError({\n        status: 0,\n        code: 'unknown',\n        message: `${endpointLabel} exhausted retries without a result`,\n        endpoint: endpointLabel,\n        retryable: false,\n      })\n    )\n  }\n}\n\nexport function createIntegrationHubClient(\n  options: IntegrationHubClientOptions,\n): IntegrationHubClient {\n  return new IntegrationHubClient(options)\n}\n\ninterface SuccessEnvelope {\n  success: true\n  data: unknown\n}\n\nfunction isSuccessEnvelope(payload: unknown): payload is SuccessEnvelope {\n  return (\n    typeof payload === 'object' &&\n    payload !== null &&\n    (payload as { success?: unknown }).success === true &&\n    'data' in payload\n  )\n}\n\nasync function readJson(response: Response): Promise<unknown> {\n  const text = await response.text().catch(() => '')\n  if (!text) return undefined\n  try {\n    return JSON.parse(text)\n  } catch {\n    // Hono `HTTPException` (auth-middleware rejections) renders the message\n    // as a plain-text body, not the `{ success, error }` envelope. Preserve\n    // it so the error message stays actionable.\n    return { __text: text }\n  }\n}\n\nfunction errorCode(payload: unknown, status: number): string {\n  if (typeof payload === 'object' && payload !== null) {\n    const error = (payload as { error?: { code?: unknown } }).error\n    if (error && typeof error.code === 'string') return error.code\n  }\n  return status === 0 ? 'network_error' : 'http_error'\n}\n\nfunction errorMessage(payload: unknown, endpointLabel: string, status: number): string {\n  if (typeof payload === 'object' && payload !== null) {\n    const record = payload as { error?: { message?: unknown }; __text?: unknown }\n    if (record.error && typeof record.error.message === 'string') {\n      return `${endpointLabel} → ${status}: ${record.error.message}`\n    }\n    if (typeof record.__text === 'string' && record.__text.length > 0) {\n      return `${endpointLabel} → ${status}: ${record.__text.slice(0, 300)}`\n    }\n  }\n  return `${endpointLabel} → ${status}`\n}\n\n/** Linear backoff — 200ms, 400ms, … — capped implicitly by `maxAttempts`. */\nfunction delay(attempt: number): Promise<void> {\n  return new Promise((resolve) => setTimeout(resolve, attempt * 200))\n}\n"],"mappings":";;;;;AAsDA,IAAM,2BAA2B;AAEjC,IAAM,qBAAqB;AAC3B,IAAM,uBAAuB;AAG7B,IAAM,qBAAqB,oBAAI,IAAI,CAAC,KAAK,KAAK,GAAG,CAAC;AAuC3C,IAAM,6BAAN,cAAyC,MAAM;AAAA,EAC3C,OAAO;AAAA;AAAA,EAEP;AAAA;AAAA;AAAA,EAGA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA,EAET,YAAY,OAMT;AACD,UAAM,MAAM,OAAO;AACnB,SAAK,SAAS,MAAM;AACpB,SAAK,OAAO,MAAM;AAClB,SAAK,WAAW,MAAM;AACtB,SAAK,YAAY,MAAM;AAAA,EACzB;AACF;AAuEO,IAAM,uBAAN,MAA2B;AAAA,EACf;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAEjB,YAAY,SAAsC;AAChD,QAAI,CAAC,QAAQ,SAAS;AACpB,YAAM,IAAI,MAAM,2CAA2C;AAAA,IAC7D;AACA,QAAI,QAAQ,KAAK,SAAS,aAAa,CAAC,QAAQ,KAAK,cAAc;AACjE,YAAM,IAAI,MAAM,4DAA4D;AAAA,IAC9E;AACA,QAAI,QAAQ,KAAK,SAAS,aAAa,CAAC,QAAQ,KAAK,aAAa;AAChE,YAAM,IAAI,MAAM,2DAA2D;AAAA,IAC7E;AACA,QAAI,QAAQ,KAAK,SAAS,cAAc,CAAC,QAAQ,KAAK,QAAQ;AAC5D,YAAM,IAAI,MAAM,wDAAwD;AAAA,IAC1E;AACA,SAAK,YAAY,QAAQ,YAAY,6BAA6B,QAAQ,QAAQ,EAAE;AACpF,SAAK,UAAU,QAAQ;AACvB,SAAK,OAAO,QAAQ;AACpB,SAAK,YAAY,QAAQ,aAAa;AACtC,SAAK,YAAY,QAAQ,aAAa;AACtC,SAAK,cAAc,KAAK,IAAI,GAAG,QAAQ,eAAe,oBAAoB;AAAA,EAC5E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,gBAAgB,OAAqE;AACzF,WAAO,KAAK,QAAuC,QAAQ,qBAAqB,MAAM,QAAQ;AAAA,MAC5F,SAAS,MAAM,WAAW,KAAK;AAAA,MAC/B,UAAU,MAAM;AAAA,MAChB,aAAa,MAAM;AAAA,IACrB,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,eAAe,OAA2D;AAC9E,UAAM,gBAAgB,MAAM;AAC5B,UAAM,aAAa,MAAM,KAAK,gBAAgB;AAAA,MAC5C,QAAQ,MAAM;AAAA,MACd,UAAU;AAAA,QACR,IAAI,sBAAsB,MAAM,WAAW;AAAA,QAC3C,cAAc;AAAA,UACZ;AAAA,YACE,IAAI;AAAA,YACJ,aAAa,MAAM;AAAA,YACnB,QAAQ,0BAA0B,MAAM,WAAW;AAAA,YACnD,MAAM,MAAM,QAAQ;AAAA,YACpB,GAAI,MAAM,iBAAiB,EAAE,gBAAgB,MAAM,eAAe,IAAI,CAAC;AAAA,YACvE,GAAI,MAAM,kBAAkB,EAAE,iBAAiB,MAAM,gBAAgB,IAAI,CAAC;AAAA,UAC5E;AAAA,QACF;AAAA,MACF;AAAA,IACF,CAAC;AACD,UAAM,cACJ,WAAW,MAAM,KAAK,CAAC,MAAM,EAAE,YAAY,OAAO,aAAa,KAC/D,WAAW,QAAQ,KAAK,CAAC,MAAM,EAAE,YAAY,OAAO,aAAa,KACjE,WAAW,gBAAgB,KAAK,CAAC,MAAM,EAAE,YAAY,OAAO,aAAa;AAC3E,QAAI,CAAC,aAAa;AAChB,YAAM,IAAI,2BAA2B;AAAA,QACnC,QAAQ;AAAA,QACR,MAAM;AAAA,QACN,SAAS,2DAA2D,aAAa;AAAA,QACjF,UAAU;AAAA,QACV,WAAW;AAAA,MACb,CAAC;AAAA,IACH;AACA,WAAO;AAAA,MACL,WAAW,YAAY,WAAW;AAAA,MAClC,GAAI,YAAY,aAAa,EAAE,YAAY,YAAY,WAAW,IAAI,CAAC;AAAA,MACvE,YAAY;AAAA,IACd;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,OAAuD;AACxE,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB;AAAA,MACA;AAAA,MACA,MAAM;AAAA,MACN;AAAA,QACE,SAAS,MAAM;AAAA,QACf,UAAU,MAAM;AAAA,QAChB,aAAa,MAAM;AAAA,QACnB,GAAI,MAAM,WAAW,EAAE,UAAU,MAAM,SAAS,IAAI,CAAC;AAAA,MACvD;AAAA,IACF;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA,EAGA,MAAM,WAAW,OAAqD;AACpE,UAAM,QACJ,MAAM,YAAY,SACd,gBAAgB,mBAAmB,MAAM,QAAQ,IAAI,CAAC,cAAc,mBAAmB,MAAM,QAAQ,EAAE,CAAC,KACxG;AACN,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB;AAAA,MACA,UAAU,KAAK;AAAA,MACf,MAAM;AAAA,IACR;AACA,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,qBAAqB,OAAmE;AAC5F,QAAI,CAAC,MAAM,cAAc,EAAE,MAAM,YAAY,MAAM,SAAS,SAAS,IAAI;AACvE,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AACA,WAAO,KAAK,QAAgC,QAAQ,wBAAwB,MAAM,QAAQ;AAAA,MACxF,SAAS,MAAM;AAAA,MACf,GAAI,MAAM,aAAa,EAAE,YAAY,MAAM,WAAW,IAAI,CAAC;AAAA,MAC3D,GAAI,MAAM,WAAW,EAAE,UAAU,MAAM,SAAS,IAAI,CAAC;AAAA,MACrD,GAAI,MAAM,UAAU,EAAE,SAAS,MAAM,QAAQ,IAAI,CAAC;AAAA,MAClD,GAAI,MAAM,UAAU,SAAY,EAAE,OAAO,MAAM,MAAM,IAAI,CAAC;AAAA,IAC5D,CAAC;AAAA,EACH;AAAA;AAAA,EAGA,MAAM,gBAAgB,OAAoE;AACxF,UAAM,OAAO,MAAM,KAAK;AAAA,MACtB;AAAA,MACA;AAAA,MACA,MAAM;AAAA,MACN,EAAE,aAAa,MAAM,OAAO;AAAA,IAC9B;AACA,WAAO,KAAK;AAAA,EACd;AAAA,EAEQ,aAAa,QAAgB,SAA2B;AAC9D,UAAM,UAAU,IAAI,QAAQ,EAAE,QAAQ,mBAAmB,CAAC;AAC1D,QAAI,QAAS,SAAQ,IAAI,gBAAgB,kBAAkB;AAC3D,QAAI,KAAK,KAAK,SAAS,WAAW;AAChC,cAAQ,IAAI,iBAAiB,UAAU,KAAK,KAAK,YAAY,EAAE;AAC/D,cAAQ,IAAI,kBAAkB,KAAK,KAAK,WAAW;AACnD,cAAQ,IAAI,sBAAsB,MAAM;AAAA,IAC1C,OAAO;AACL,cAAQ,IAAI,iBAAiB,UAAU,KAAK,KAAK,MAAM,EAAE;AAAA,IAC3D;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,QACZ,QACA,MACA,QACA,MACY;AACZ,QAAI,CAAC,yBAAyB,KAAK,MAAM,GAAG;AAC1C,YAAM,IAAI,2BAA2B;AAAA,QACnC,QAAQ;AAAA,QACR,MAAM;AAAA,QACN,SAAS,UAAU,KAAK,UAAU,MAAM,CAAC;AAAA,QACzC,UAAU,GAAG,MAAM,IAAI,IAAI;AAAA,QAC3B,WAAW;AAAA,MACb,CAAC;AAAA,IACH;AACA,UAAM,MAAM,GAAG,KAAK,QAAQ,mBAAmB,IAAI;AACnD,UAAM,gBAAgB,GAAG,MAAM,oBAAoB,IAAI;AACvD,UAAM,UAAU,KAAK,aAAa,QAAQ,SAAS,MAAS;AAC5D,UAAM,OAAoB;AAAA,MACxB;AAAA,MACA;AAAA,MACA,GAAI,SAAS,SAAY,EAAE,MAAM,KAAK,UAAU,IAAI,EAAE,IAAI,CAAC;AAAA,IAC7D;AAEA,QAAI;AACJ,aAAS,UAAU,GAAG,WAAW,KAAK,aAAa,WAAW;AAC5D,UAAI;AACJ,UAAI;AACF,mBAAW,MAAM,KAAK,UAAU,KAAK;AAAA,UACnC,GAAG;AAAA,UACH,QAAQ,YAAY,QAAQ,KAAK,SAAS;AAAA,QAC5C,CAAC;AAAA,MACH,SAAS,OAAO;AACd,oBAAY,IAAI,2BAA2B;AAAA,UACzC,QAAQ;AAAA,UACR,MAAM;AAAA,UACN,SAAS,GAAG,aAAa,YAAY,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,UAC3F,UAAU;AAAA,UACV,WAAW;AAAA,QACb,CAAC;AACD,YAAI,UAAU,KAAK,aAAa;AAC9B,gBAAM,MAAM,OAAO;AACnB;AAAA,QACF;AACA,cAAM;AAAA,MACR;AAEA,YAAM,UAAU,MAAM,SAAS,QAAQ;AACvC,UAAI,SAAS,MAAM,kBAAkB,OAAO,GAAG;AAC7C,eAAO,QAAQ;AAAA,MACjB;AAEA,YAAM,YAAY,mBAAmB,IAAI,SAAS,MAAM;AACxD,kBAAY,IAAI,2BAA2B;AAAA,QACzC,QAAQ,SAAS;AAAA,QACjB,MAAM,UAAU,SAAS,SAAS,MAAM;AAAA,QACxC,SAAS,aAAa,SAAS,eAAe,SAAS,MAAM;AAAA,QAC7D,UAAU;AAAA,QACV;AAAA,MACF,CAAC;AACD,UAAI,aAAa,UAAU,KAAK,aAAa;AAC3C,cAAM,MAAM,OAAO;AACnB;AAAA,MACF;AACA,YAAM;AAAA,IACR;AAGA,UACE,aACA,IAAI,2BAA2B;AAAA,MAC7B,QAAQ;AAAA,MACR,MAAM;AAAA,MACN,SAAS,GAAG,aAAa;AAAA,MACzB,UAAU;AAAA,MACV,WAAW;AAAA,IACb,CAAC;AAAA,EAEL;AACF;AAEO,SAAS,2BACd,SACsB;AACtB,SAAO,IAAI,qBAAqB,OAAO;AACzC;AAOA,SAAS,kBAAkB,SAA8C;AACvE,SACE,OAAO,YAAY,YACnB,YAAY,QACX,QAAkC,YAAY,QAC/C,UAAU;AAEd;AAEA,eAAe,SAAS,UAAsC;AAC5D,QAAM,OAAO,MAAM,SAAS,KAAK,EAAE,MAAM,MAAM,EAAE;AACjD,MAAI,CAAC,KAAM,QAAO;AAClB,MAAI;AACF,WAAO,KAAK,MAAM,IAAI;AAAA,EACxB,QAAQ;AAIN,WAAO,EAAE,QAAQ,KAAK;AAAA,EACxB;AACF;AAEA,SAAS,UAAU,SAAkB,QAAwB;AAC3D,MAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,UAAM,QAAS,QAA2C;AAC1D,QAAI,SAAS,OAAO,MAAM,SAAS,SAAU,QAAO,MAAM;AAAA,EAC5D;AACA,SAAO,WAAW,IAAI,kBAAkB;AAC1C;AAEA,SAAS,aAAa,SAAkB,eAAuB,QAAwB;AACrF,MAAI,OAAO,YAAY,YAAY,YAAY,MAAM;AACnD,UAAM,SAAS;AACf,QAAI,OAAO,SAAS,OAAO,OAAO,MAAM,YAAY,UAAU;AAC5D,aAAO,GAAG,aAAa,WAAM,MAAM,KAAK,OAAO,MAAM,OAAO;AAAA,IAC9D;AACA,QAAI,OAAO,OAAO,WAAW,YAAY,OAAO,OAAO,SAAS,GAAG;AACjE,aAAO,GAAG,aAAa,WAAM,MAAM,KAAK,OAAO,OAAO,MAAM,GAAG,GAAG,CAAC;AAAA,IACrE;AAAA,EACF;AACA,SAAO,GAAG,aAAa,WAAM,MAAM;AACrC;AAGA,SAAS,MAAM,SAAgC;AAC7C,SAAO,IAAI,QAAQ,CAAC,YAAY,WAAW,SAAS,UAAU,GAAG,CAAC;AACpE;","names":[]}

package/dist/consumer.d.ts

@@ -0,0 +1,8 @@
+export { C as CapabilityBundleResult, y as CheckConnectorInput, z as CheckConnectorResult, A as CreateGrantsInput, B as IntegrationHubAuth, D as IntegrationHubClient, E as IntegrationHubClientOptions, F as IntegrationHubRequestError, L as ListGrantsInput, G as MintCapabilityBundleInput, R as ResolveManifestInput, H as createIntegrationHubClient } from './registry.js';
+import './tangle-id-CTU4kGId.js';
+import './errors-Bg3_rxnQ.js';
+import './connect/index.js';
+import './middleware/index.js';
+import './connectors/index.js';
+import './connectors/adapters/index.js';
+import 'node:http';

package/dist/consumer.js

@@ -0,0 +1,12 @@
+import {
+  IntegrationHubClient,
+  IntegrationHubRequestError,
+  createIntegrationHubClient
+} from "./chunk-YOKNZY2N.js";
+import "./chunk-ATYHZXLL.js";
+export {
+  IntegrationHubClient,
+  IntegrationHubRequestError,
+  createIntegrationHubClient
+};
+//# sourceMappingURL=consumer.js.map

package/dist/consumer.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/errors-Bg3_rxnQ.d.ts

@@ -0,0 +1,32 @@
+type IntegrationErrorCode = 'missing_connection' | 'missing_grant' | 'approval_required' | 'approval_denied' | 'connection_revoked' | 'connection_expired' | 'scope_missing' | 'action_denied' | 'action_not_found' | 'trigger_not_found' | 'provider_rate_limited' | 'provider_auth_failed' | 'provider_unavailable' | 'provider_error' | 'capability_expired' | 'capability_invalid' | 'manifest_invalid' | 'passthrough_disabled' | 'input_invalid' | 'unknown';
+interface IntegrationUserAction {
+    type: 'connect' | 'reconnect' | 'approve' | 'retry' | 'contact_support' | 'change_request';
+    label: string;
+    connectorId?: string;
+    approvalId?: string;
+}
+declare class IntegrationRuntimeError extends Error {
+    readonly code: IntegrationErrorCode;
+    readonly status: number;
+    readonly userAction?: IntegrationUserAction;
+    readonly metadata?: Record<string, unknown>;
+    constructor(input: {
+        code: IntegrationErrorCode;
+        message: string;
+        status?: number;
+        userAction?: IntegrationUserAction;
+        metadata?: Record<string, unknown>;
+    });
+}
+interface NormalizedIntegrationError {
+    ok: false;
+    code: IntegrationErrorCode;
+    message: string;
+    status: number;
+    userAction?: IntegrationUserAction;
+    metadata?: Record<string, unknown>;
+}
+declare function normalizeIntegrationError(error: unknown): NormalizedIntegrationError;
+declare function statusForCode(code: IntegrationErrorCode): number;
+
+export { IntegrationRuntimeError as I, type NormalizedIntegrationError as N, type IntegrationUserAction as a, type IntegrationErrorCode as b, normalizeIntegrationError as n, statusForCode as s };

package/dist/index.d.ts

@@ -1,4 +1,5 @@
-export { aB as ACTIVEPIECES_OVERRIDES, aC as ACTIVEPIECES_PUBLIC_CATALOG_URL, aD as ACTIVEPIECES_RUNTIME_SIGNATURE_HEADER, aE as ActivepiecesCatalogAuthField, aF as ActivepiecesCatalogEntry, aG as ActivepiecesExecutorInvocation, aH as ActivepiecesExecutorProviderOptions, aI as ActivepiecesHttpExecutorOptions, aJ as ActivepiecesPieceOverride, aK as ActivepiecesRuntimeRequest, U as ApiKeyAuthSpec, aL as ApprovalBackedPolicyEngine, aM as ApprovalBackedPolicyOptions, aN as CANONICAL_INTEGRATION_ACTIONS, aO as CanonicalIntegrationActionId, aP as CanonicalLaunchConnectorOptions, aQ as CatalogExecutorInvocation, aR as CatalogExecutorProviderOptions, aS as CompleteAuthRequest, ComposeIntegrationRegistryOptions, aT as ConnectionCredentialResolverOptions, aU as ConnectorAdapterProviderOptions, aV as ConsentSummary, V as ConsoleStep, W as CredentialFieldSpec, X as CredentialValidationInput, Y as CredentialValidationResult, Z as CustomAuthSpec, aW as DEFAULT_INTEGRATION_BRIDGE_ENV, aX as DefaultIntegrationActionGuard, aY as DiscoverWorkspaceCapabilitiesInput, aZ as GatewayCatalogAction, a_ as GatewayCatalogEntry, a$ as GatewayCatalogProviderOptions, b0 as GatewayCatalogTrigger, b1 as GraphqlOperationSpec, _ as HealthcheckPlan, $ as HealthcheckSpec, a0 as HmacAuthSpec, b2 as HttpIntegrationProviderOptions, a1 as INTEGRATION_FAMILIES, b3 as ImportCatalogOptions, b4 as InMemoryConnectionStore, b5 as InMemoryIntegrationApprovalStore, b6 as InMemoryIntegrationAuditStore, b7 as InMemoryIntegrationEventStore, f as InMemoryIntegrationGrantStore, b8 as InMemoryIntegrationHealthcheckStore, b9 as InMemoryIntegrationIdempotencyStore, ba as InMemoryIntegrationSecretStore, bb as InMemoryIntegrationWorkflowStore, bc as InferIntegrationRequirementsOptions, bd as InstalledIntegrationWorkflow, be as IntegrationActionGuard, bf as IntegrationActionPack, bg as IntegrationActionRequest, bh as IntegrationActionResult, bi as IntegrationActionRisk, bj as IntegrationActor, bk as IntegrationApprovalFilter, bl as IntegrationApprovalRecord, bm as IntegrationApprovalRequest, bn as IntegrationApprovalResolution, bo as IntegrationApprovalStatus, bp as IntegrationApprovalStore, bq as IntegrationAuditEvent, br as IntegrationAuditEventType, bs as IntegrationAuditFilter, bt as IntegrationAuditSink, bu as IntegrationAuditStore, a2 as IntegrationAuthMode, a3 as IntegrationAuthSpec, bv as IntegrationBridgePayload, bw as IntegrationBridgeToolBinding, bx as IntegrationCapability, g as IntegrationCapabilityBinding, by as IntegrationCatalogFreshnessOptions, bz as IntegrationCatalogFreshnessResult, IntegrationCatalogSource, I as IntegrationCatalogView, bA as IntegrationConnection, bB as IntegrationConnectionStore, bC as IntegrationConnector, bD as IntegrationConnectorAction, bE as IntegrationConnectorCategory, bF as IntegrationConnectorTrigger, bG as IntegrationCoveragePriority, bH as IntegrationCoverageSpec, bI as IntegrationDataClass, bJ as IntegrationError, bK as IntegrationErrorCode, bL as IntegrationEventStore, a4 as IntegrationFamilyId, a5 as IntegrationFamilySpec, h as IntegrationGrant, j as IntegrationGrantStore, bM as IntegrationGuardContext, bN as IntegrationHealthcheckCheck, bO as IntegrationHealthcheckResult, bP as IntegrationHealthcheckStatus, bQ as IntegrationHealthcheckStore, bR as IntegrationHub, bS as IntegrationHubOptions, bT as IntegrationIdempotencyRecord, bU as IntegrationIdempotencyStore, bV as IntegrationInvocationEnvelope, bW as IntegrationInvocationEnvelopeValidationOptions, a6 as IntegrationLifecycleSpec, k as IntegrationManifest, l as IntegrationManifestResolution, a7 as IntegrationPlannerHints, bX as IntegrationPolicyDecision, bY as IntegrationPolicyEffect, bZ as IntegrationPolicyEngine, b_ as IntegrationPolicyRule, b$ as IntegrationProvider, c0 as IntegrationProviderKind, c1 as IntegrationRateLimitDecision, c2 as IntegrationRateLimiter, IntegrationRegistry, IntegrationRegistryConflict, IntegrationRegistryEntry, IntegrationRegistrySourceRef, IntegrationRegistrySummary, m as IntegrationRequirement, n as IntegrationRequirementMode, o as IntegrationRequirementResolution, q as IntegrationRequirementStatus, r as IntegrationRuntime, c3 as IntegrationRuntimeError, u as IntegrationRuntimeHub, v as IntegrationRuntimeOptions, w as IntegrationSandboxBundle, c4 as IntegrationSandboxHost, c5 as IntegrationSandboxHostHub, c6 as IntegrationSandboxHostOptions, c7 as IntegrationSecretStore, a8 as IntegrationSetupSpec, a9 as IntegrationSpec, aa as IntegrationSpecStatus, ab as IntegrationSpecValidationIssue, ac as IntegrationSpecValidationResult, IntegrationSupportTier, a as IntegrationToolDefinition, b as IntegrationToolSearchFilters, c as IntegrationToolSearchResult, c8 as IntegrationTriggerEvent, c9 as IntegrationTriggerSubscription, ca as IntegrationUserAction, cb as IntegrationWebhookReceiverResult, cc as IntegrationWorkflowDefinition, cd as IntegrationWorkflowRuntime, ce as IntegrationWorkflowRuntimeHub, cf as IntegrationWorkflowRuntimeOptions, cg as IntegrationWorkflowStore, ch as InvokeWithCapabilityRequest, ci as IssueCapabilityRequest, cj as IssuedIntegrationCapability, ck as ManifestValidationIssue, cl as ManifestValidationResult, cm as McpCatalog, cn as McpCatalogTool, M as McpToolDefinition, co as MissingRequirementExplanation, ad as NoneAuthSpec, cp as NormalizedIntegrationError, cq as NormalizedIntegrationResult, ae as NormalizedPermission, af as OAuth2AuthSpec, cr as OpenApiDocument, cs as OpenApiOperation, ct as PROVIDER_PASSTHROUGH_ACTION, ag as PermissionDescriptor, cu as PlatformIntegrationPolicyPresetOptions, ah as PostSetupCheck, cv as ProviderHttpRequestInput, cw as ProviderPassthroughPolicy, ai as Quirk, cx as RenderConsentOptions, aj as RenderSpecOptions, ak as RenderedConsoleStep, al as ScopeDescriptor, cy as SecretRef, cz as StartAuthRequest, cA as StartAuthResult, cB as StartedTangleCatalogRuntimeNodeServer, cC as StaticIntegrationPolicyEngine, cD as StaticIntegrationPolicyOptions, cE as StoredIntegrationEvent, T as TANGLE_CATALOG_RUNTIME_SIGNATURE_HEADER, cF as TANGLE_INTEGRATIONS_CATALOG_PROVIDER_ID, cG as TANGLE_INTEGRATIONS_CATALOG_SOURCE, y as TangleCatalogAuthResolverOptions, cH as TangleCatalogExecutorInvocation, cI as TangleCatalogExecutorProviderOptions, z as TangleCatalogHttpAuthResolverOptions, A as TangleCatalogHttpAuthResolverRequest, cJ as TangleCatalogHttpExecutorInvocation, cK as TangleCatalogHttpExecutorOptions, B as TangleCatalogInstalledPackageExecutorOptions, cL as TangleCatalogRuntimeActionRequest, C as TangleCatalogRuntimeHandlerOptions, D as TangleCatalogRuntimeHttpRequest, E as TangleCatalogRuntimeHttpResponse, F as TangleCatalogRuntimeInvocation, G as TangleCatalogRuntimeModuleAction, cM as TangleCatalogRuntimeNodeServerOptions, H as TangleCatalogRuntimePackageCoverageOptions, J as TangleCatalogRuntimePackageCoverageRow, cN as TangleCatalogRuntimePackageManifest, cO as TangleCatalogRuntimePackageManifestOptions, cP as TangleCatalogRuntimePiece, cQ as TangleCatalogRuntimeRequest, cR as TangleCatalogTriggerInvocation, cS as TangleIntegrationCatalogEntry, cT as TangleIntegrationCatalogFreshnessOptions, cU as TangleIntegrationCatalogFreshnessResult, cV as TangleIntegrationContract, cW as TangleIntegrationContractStatus, cX as TangleIntegrationImplementationKind, cY as TangleIntegrationInvokeInput, cZ as TangleIntegrationInvokeResult, c_ as TangleIntegrationsClient, c$ as TangleIntegrationsClientOptions, d0 as WorkspaceCapability, d1 as WorkspaceCapabilityDiscovery, d2 as WorkspaceToolSchema, d3 as WorkspaceTrigger, d4 as adapterManifestsToConnectors, d5 as assertValidIntegrationManifest, am as assertValidIntegrationSpec, d6 as auditIntegrationCatalogFreshness, K as auditTangleCatalogRuntimePackages, d7 as auditTangleIntegrationCatalogFreshness, d8 as buildActivepiecesConnectors, d9 as buildActivepiecesRuntimeRequest, da as buildApprovalRequest, db as buildCanonicalLaunchConnectors, buildDefaultIntegrationRegistry, an as buildHealthcheckPlan, dc as buildIntegrationBridgeEnvironment, dd as buildIntegrationBridgePayload, d as buildIntegrationCatalogView, de as buildIntegrationCoverageConnectors, df as buildIntegrationInvocationEnvelope, e as buildIntegrationToolCatalog, dg as buildTangleCatalogRuntimePackageManifest, dh as buildTangleCatalogRuntimeRequest, di as buildTangleIntegrationCatalogConnectors, dj as calendarExercisePlannerManifest, dk as canonicalActionConnectorId, canonicalConnectorId, composeIntegrationRegistry, ao as consoleStepsToText, dl as createActivepiecesExecutorProvider, dm as createActivepiecesHttpExecutor, dn as createApprovalBackedPolicyEngine, dp as createAuditingActionGuard, dq as createCatalogExecutorProvider, dr as createConnectionCredentialResolver, ds as createConnectorAdapterCatalogSource, dt as createConnectorAdapterProvider, du as createCredentialBackedAdapterProvider, dv as createDefaultIntegrationActionGuard, dw as createDefaultIntegrationPolicyEngine, dx as createGatewayCatalogProvider, dy as createHttpIntegrationProvider, dz as createIntegrationAuditEvent, x as createIntegrationRuntime, dA as createIntegrationWorkflowRuntime, dB as createMockIntegrationProvider, dC as createPlatformIntegrationPolicyPreset, L as createTangleCatalogCredentialAuthResolver, dD as createTangleCatalogExecutorProvider, N as createTangleCatalogHttpAuthResolver, dE as createTangleCatalogHttpExecutor, O as createTangleCatalogInstalledPackageExecutor, P as createTangleCatalogRuntimeHandler, dF as createTangleCatalogRuntimeNodeRequestListener, dG as createTangleIntegrationsClient, dH as decodeIntegrationBridgePayload, dI as discoverWorkspaceCapabilities, dJ as dispatchIntegrationInvocation, dK as encodeIntegrationBridgePayload, dL as explainMissingRequirements, dM as extractActivepiecesPublicPieceCount, dN as extractExternalCatalogPublicCount, dO as filterDiscoveryByWorkspaceScopes, dP as getActivepiecesOverride, ap as getIntegrationFamily, aq as getIntegrationSpec, dQ as healthcheckRequest, dR as importGraphqlConnector, dS as importMcpConnector, dT as importOpenApiConnector, dU as inferIntegrationManifestFromTools, inferIntegrationSupportTier, dV as integrationCoverageChecklistMarkdown, ar as integrationSpecToConnector, i as integrationToolName, dW as invocationRequestFromEnvelope, dX as listActivepiecesCatalogEntries, as as listExecutableIntegrationSpecs, dY as listIntegrationCoverageSpecs, at as listIntegrationSpecs, dZ as listTangleIntegrationCatalogEntries, d_ as listTangleIntegrationCatalogRuntimePackages, d$ as listTangleIntegrationContracts, e0 as manifestToConnector, e1 as normalizeGatewayCatalog, e2 as normalizeIntegrationError, e3 as normalizeIntegrationResult, e4 as parseIntegrationBridgeEnvironment, p as parseIntegrationToolName, e5 as receiveIntegrationWebhook, e6 as redactApprovalRequest, e7 as redactCapability, e8 as redactIntegrationBridgePayload, e9 as redactInvocationEnvelope, au as renderAgentToolDescription, ea as renderApprovalCopy, eb as renderConsentSummary, av as renderConsoleSteps, aw as renderRunbookMarkdown, ec as renderTangleCatalogRuntimePnpmAddCommand, ed as resolveConnectionCredentials, ee as resolveIntegrationApproval, ef as revokeConnection, eg as runIntegrationHealthcheck, eh as runIntegrationHealthchecks, ei as sanitizeAuditConnection, ej as sanitizeConnection, s as searchIntegrationTools, ek as signActivepiecesRuntimeRequest, el as signCapability, Q as signTangleCatalogRuntimeRequest, ax as specAuthToConnectorAuth, em as startTangleCatalogRuntimeNodeServer, en as statusForCode, eo as storedEventToTriggerEvent, summarizeIntegrationRegistry, R as tangleCatalogAuthValue, t as toMcpTools, ay as validateCredentialFormat, az as validateCredentialSet, ep as validateIntegrationInvocationEnvelope, eq as validateIntegrationManifest, aA as validateIntegrationSpec, er as validateProviderPassthroughRequest, es as verifyActivepiecesRuntimeSignature, et as verifyCapabilityToken, S as verifyTangleCatalogRuntimeSignature } from './registry.js';
+export { aN as ACTIVEPIECES_OVERRIDES, aO as ACTIVEPIECES_PUBLIC_CATALOG_URL, aP as ACTIVEPIECES_RUNTIME_SIGNATURE_HEADER, aQ as ActivepiecesCatalogAuthField, aR as ActivepiecesCatalogEntry, aS as ActivepiecesExecutorInvocation, aT as ActivepiecesExecutorProviderOptions, aU as ActivepiecesHttpExecutorOptions, aV as ActivepiecesPieceOverride, aW as ActivepiecesRuntimeRequest, a4 as ApiKeyAuthSpec, aX as ApprovalBackedPolicyEngine, aY as ApprovalBackedPolicyOptions, aZ as CANONICAL_INTEGRATION_ACTIONS, a_ as CanonicalIntegrationActionId, a$ as CanonicalLaunchConnectorOptions, C as CapabilityBundleResult, b0 as CatalogExecutorInvocation, b1 as CatalogExecutorProviderOptions, y as CheckConnectorInput, z as CheckConnectorResult, b2 as CompleteAuthRequest, ComposeIntegrationRegistryOptions, b3 as ConnectionCredentialResolverOptions, b4 as ConnectorAdapterProviderOptions, b5 as ConsentSummary, a5 as ConsoleStep, A as CreateGrantsInput, a6 as CredentialFieldSpec, a7 as CredentialValidationInput, a8 as CredentialValidationResult, a9 as CustomAuthSpec, b6 as DEFAULT_INTEGRATION_BRIDGE_ENV, b7 as DefaultIntegrationActionGuard, b8 as DiscoverWorkspaceCapabilitiesInput, b9 as GatewayCatalogAction, ba as GatewayCatalogEntry, bb as GatewayCatalogProviderOptions, bc as GatewayCatalogTrigger, bd as GraphqlOperationSpec, aa as HealthcheckPlan, ab as HealthcheckSpec, ac as HmacAuthSpec, be as HttpIntegrationProviderOptions, ad as INTEGRATION_FAMILIES, bf as ImportCatalogOptions, bg as InMemoryConnectionStore, bh as InMemoryIntegrationApprovalStore, bi as InMemoryIntegrationAuditStore, bj as InMemoryIntegrationEventStore, f as InMemoryIntegrationGrantStore, bk as InMemoryIntegrationHealthcheckStore, bl as InMemoryIntegrationIdempotencyStore, bm as InMemoryIntegrationSecretStore, bn as InMemoryIntegrationWorkflowStore, bo as InferIntegrationRequirementsOptions, bp as InstalledIntegrationWorkflow, bq as IntegrationActionGuard, br as IntegrationActionPack, bs as IntegrationActionRequest, bt as IntegrationActionResult, bu as IntegrationActionRisk, bv as IntegrationActor, bw as IntegrationApprovalFilter, bx as IntegrationApprovalRecord, by as IntegrationApprovalRequest, bz as IntegrationApprovalResolution, bA as IntegrationApprovalStatus, bB as IntegrationApprovalStore, bC as IntegrationAuditEvent, bD as IntegrationAuditEventType, bE as IntegrationAuditFilter, bF as IntegrationAuditSink, bG as IntegrationAuditStore, ae as IntegrationAuthMode, af as IntegrationAuthSpec, bH as IntegrationBridgePayload, bI as IntegrationBridgeToolBinding, bJ as IntegrationCapability, g as IntegrationCapabilityBinding, bK as IntegrationCatalogFreshnessOptions, bL as IntegrationCatalogFreshnessResult, IntegrationCatalogSource, I as IntegrationCatalogView, bM as IntegrationConnection, bN as IntegrationConnectionStore, bO as IntegrationConnector, bP as IntegrationConnectorAction, bQ as IntegrationConnectorCategory, bR as IntegrationConnectorTrigger, bS as IntegrationCoveragePriority, bT as IntegrationCoverageSpec, bU as IntegrationDataClass, bV as IntegrationError, bW as IntegrationEventStore, ag as IntegrationFamilyId, ah as IntegrationFamilySpec, h as IntegrationGrant, j as IntegrationGrantStore, bX as IntegrationGuardContext, bY as IntegrationHealthcheckCheck, bZ as IntegrationHealthcheckResult, b_ as IntegrationHealthcheckStatus, b$ as IntegrationHealthcheckStore, c0 as IntegrationHub, B as IntegrationHubAuth, D as IntegrationHubClient, E as IntegrationHubClientOptions, c1 as IntegrationHubOptions, F as IntegrationHubRequestError, c2 as IntegrationIdempotencyRecord, c3 as IntegrationIdempotencyStore, c4 as IntegrationInvocationEnvelope, c5 as IntegrationInvocationEnvelopeValidationOptions, ai as IntegrationLifecycleSpec, k as IntegrationManifest, l as IntegrationManifestResolution, aj as IntegrationPlannerHints, c6 as IntegrationPolicyDecision, c7 as IntegrationPolicyEffect, c8 as IntegrationPolicyEngine, c9 as IntegrationPolicyRule, ca as IntegrationProvider, cb as IntegrationProviderKind, cc as IntegrationRateLimitDecision, cd as IntegrationRateLimiter, IntegrationRegistry, IntegrationRegistryConflict, IntegrationRegistryEntry, IntegrationRegistrySourceRef, IntegrationRegistrySummary, m as IntegrationRequirement, n as IntegrationRequirementMode, o as IntegrationRequirementResolution, q as IntegrationRequirementStatus, r as IntegrationRuntime, u as IntegrationRuntimeHub, v as IntegrationRuntimeOptions, w as IntegrationSandboxBundle, ce as IntegrationSandboxHost, cf as IntegrationSandboxHostHub, cg as IntegrationSandboxHostOptions, ch as IntegrationSecretStore, ak as IntegrationSetupSpec, al as IntegrationSpec, am as IntegrationSpecStatus, an as IntegrationSpecValidationIssue, ao as IntegrationSpecValidationResult, IntegrationSupportTier, a as IntegrationToolDefinition, b as IntegrationToolSearchFilters, c as IntegrationToolSearchResult, ci as IntegrationTriggerEvent, cj as IntegrationTriggerSubscription, ck as IntegrationWebhookReceiverResult, cl as IntegrationWorkflowDefinition, cm as IntegrationWorkflowRuntime, cn as IntegrationWorkflowRuntimeHub, co as IntegrationWorkflowRuntimeOptions, cp as IntegrationWorkflowStore, cq as InvokeWithCapabilityRequest, cr as IssueCapabilityRequest, cs as IssuedIntegrationCapability, L as ListGrantsInput, ct as ManifestValidationIssue, cu as ManifestValidationResult, cv as McpCatalog, cw as McpCatalogTool, M as McpToolDefinition, G as MintCapabilityBundleInput, cx as MissingRequirementExplanation, ap as NoneAuthSpec, cy as NormalizedIntegrationResult, aq as NormalizedPermission, ar as OAuth2AuthSpec, cz as OpenApiDocument, cA as OpenApiOperation, cB as PROVIDER_PASSTHROUGH_ACTION, as as PermissionDescriptor, cC as PlatformIntegrationPolicyPresetOptions, at as PostSetupCheck, cD as ProviderHttpRequestInput, cE as ProviderPassthroughPolicy, au as Quirk, cF as RenderConsentOptions, av as RenderSpecOptions, aw as RenderedConsoleStep, R as ResolveManifestInput, ax as ScopeDescriptor, cG as SecretRef, cH as StartAuthRequest, cI as StartAuthResult, cJ as StartedTangleCatalogRuntimeNodeServer, cK as StaticIntegrationPolicyEngine, cL as StaticIntegrationPolicyOptions, cM as StoredIntegrationEvent, T as TANGLE_CATALOG_RUNTIME_SIGNATURE_HEADER, cN as TANGLE_INTEGRATIONS_CATALOG_PROVIDER_ID, cO as TANGLE_INTEGRATIONS_CATALOG_SOURCE, J as TangleCatalogAuthResolverOptions, cP as TangleCatalogExecutorInvocation, cQ as TangleCatalogExecutorProviderOptions, K as TangleCatalogHttpAuthResolverOptions, N as TangleCatalogHttpAuthResolverRequest, cR as TangleCatalogHttpExecutorInvocation, cS as TangleCatalogHttpExecutorOptions, O as TangleCatalogInstalledPackageExecutorOptions, cT as TangleCatalogRuntimeActionRequest, P as TangleCatalogRuntimeHandlerOptions, Q as TangleCatalogRuntimeHttpRequest, S as TangleCatalogRuntimeHttpResponse, U as TangleCatalogRuntimeInvocation, V as TangleCatalogRuntimeModuleAction, cU as TangleCatalogRuntimeNodeServerOptions, W as TangleCatalogRuntimePackageCoverageOptions, X as TangleCatalogRuntimePackageCoverageRow, cV as TangleCatalogRuntimePackageManifest, cW as TangleCatalogRuntimePackageManifestOptions, cX as TangleCatalogRuntimePiece, cY as TangleCatalogRuntimeRequest, cZ as TangleCatalogTriggerInvocation, c_ as TangleIntegrationCatalogEntry, c$ as TangleIntegrationCatalogFreshnessOptions, d0 as TangleIntegrationCatalogFreshnessResult, d1 as TangleIntegrationContract, d2 as TangleIntegrationContractStatus, d3 as TangleIntegrationImplementationKind, d4 as TangleIntegrationInvokeInput, d5 as TangleIntegrationInvokeResult, d6 as TangleIntegrationsClient, d7 as TangleIntegrationsClientOptions, d8 as WorkspaceCapability, d9 as WorkspaceCapabilityDiscovery, da as WorkspaceToolSchema, db as WorkspaceTrigger, dc as adapterManifestsToConnectors, dd as assertValidIntegrationManifest, ay as assertValidIntegrationSpec, de as auditIntegrationCatalogFreshness, Y as auditTangleCatalogRuntimePackages, df as auditTangleIntegrationCatalogFreshness, dg as buildActivepiecesConnectors, dh as buildActivepiecesRuntimeRequest, di as buildApprovalRequest, dj as buildCanonicalLaunchConnectors, buildDefaultIntegrationRegistry, az as buildHealthcheckPlan, dk as buildIntegrationBridgeEnvironment, dl as buildIntegrationBridgePayload, d as buildIntegrationCatalogView, dm as buildIntegrationCoverageConnectors, dn as buildIntegrationInvocationEnvelope, e as buildIntegrationToolCatalog, dp as buildTangleCatalogRuntimePackageManifest, dq as buildTangleCatalogRuntimeRequest, dr as buildTangleIntegrationCatalogConnectors, ds as calendarExercisePlannerManifest, dt as canonicalActionConnectorId, canonicalConnectorId, composeIntegrationRegistry, aA as consoleStepsToText, du as createActivepiecesExecutorProvider, dv as createActivepiecesHttpExecutor, dw as createApprovalBackedPolicyEngine, dx as createAuditingActionGuard, dy as createCatalogExecutorProvider, dz as createConnectionCredentialResolver, dA as createConnectorAdapterCatalogSource, dB as createConnectorAdapterProvider, dC as createCredentialBackedAdapterProvider, dD as createDefaultIntegrationActionGuard, dE as createDefaultIntegrationPolicyEngine, dF as createGatewayCatalogProvider, dG as createHttpIntegrationProvider, dH as createIntegrationAuditEvent, H as createIntegrationHubClient, x as createIntegrationRuntime, dI as createIntegrationWorkflowRuntime, dJ as createMockIntegrationProvider, dK as createPlatformIntegrationPolicyPreset, Z as createTangleCatalogCredentialAuthResolver, dL as createTangleCatalogExecutorProvider, _ as createTangleCatalogHttpAuthResolver, dM as createTangleCatalogHttpExecutor, $ as createTangleCatalogInstalledPackageExecutor, a0 as createTangleCatalogRuntimeHandler, dN as createTangleCatalogRuntimeNodeRequestListener, dO as createTangleIntegrationsClient, dP as decodeIntegrationBridgePayload, dQ as discoverWorkspaceCapabilities, dR as dispatchIntegrationInvocation, dS as encodeIntegrationBridgePayload, dT as explainMissingRequirements, dU as extractActivepiecesPublicPieceCount, dV as extractExternalCatalogPublicCount, dW as filterDiscoveryByWorkspaceScopes, dX as getActivepiecesOverride, aB as getIntegrationFamily, aC as getIntegrationSpec, dY as healthcheckRequest, dZ as importGraphqlConnector, d_ as importMcpConnector, d$ as importOpenApiConnector, e0 as inferIntegrationManifestFromTools, inferIntegrationSupportTier, e1 as integrationCoverageChecklistMarkdown, aD as integrationSpecToConnector, i as integrationToolName, e2 as invocationRequestFromEnvelope, e3 as listActivepiecesCatalogEntries, aE as listExecutableIntegrationSpecs, e4 as listIntegrationCoverageSpecs, aF as listIntegrationSpecs, e5 as listTangleIntegrationCatalogEntries, e6 as listTangleIntegrationCatalogRuntimePackages, e7 as listTangleIntegrationContracts, e8 as manifestToConnector, e9 as normalizeGatewayCatalog, ea as normalizeIntegrationResult, eb as parseIntegrationBridgeEnvironment, p as parseIntegrationToolName, ec as receiveIntegrationWebhook, ed as redactApprovalRequest, ee as redactCapability, ef as redactIntegrationBridgePayload, eg as redactInvocationEnvelope, aG as renderAgentToolDescription, eh as renderApprovalCopy, ei as renderConsentSummary, aH as renderConsoleSteps, aI as renderRunbookMarkdown, ej as renderTangleCatalogRuntimePnpmAddCommand, ek as resolveConnectionCredentials, el as resolveIntegrationApproval, em as revokeConnection, en as runIntegrationHealthcheck, eo as runIntegrationHealthchecks, ep as sanitizeAuditConnection, eq as sanitizeConnection, s as searchIntegrationTools, er as signActivepiecesRuntimeRequest, es as signCapability, a1 as signTangleCatalogRuntimeRequest, aJ as specAuthToConnectorAuth, et as startTangleCatalogRuntimeNodeServer, eu as storedEventToTriggerEvent, summarizeIntegrationRegistry, a2 as tangleCatalogAuthValue, t as toMcpTools, aK as validateCredentialFormat, aL as validateCredentialSet, ev as validateIntegrationInvocationEnvelope, ew as validateIntegrationManifest, aM as validateIntegrationSpec, ex as validateProviderPassthroughRequest, ey as verifyActivepiecesRuntimeSignature, ez as verifyCapabilityToken, a3 as verifyTangleCatalogRuntimeSignature } from './registry.js';
+export { b as IntegrationErrorCode, I as IntegrationRuntimeError, a as IntegrationUserAction, N as NormalizedIntegrationError, n as normalizeIntegrationError, s as statusForCode } from './errors-Bg3_rxnQ.js';
 export { ConnectFlowOptions, FinishConnectInput, FinishConnectOutput, InMemoryConnectStateStore, StartConnectInput, StartConnectOutput, finishConnectFlow, revokeConnectFlow, startConnectFlow } from './connect/index.js';
 export { ExpressLikeRequest, ExpressLikeResponse, HonoLikeContext, RequireTangleAuthOptions, TangleAuthContext, TangleAuthOutcome, TangleAuthReason, expressTangleAuthMiddleware, extractToken, honoTangleAuthMiddleware, requireTangleAuth } from './middleware/index.js';
 export { A as AuthSpec, e as CASStrategy, f as Capability, g as CapabilityClass, h as CapabilityMutation, i as CapabilityMutationResult, j as CapabilityParameterSchema, k as CapabilityRead, l as CapabilityReadResult, C as ConnectorAdapter, d as ConnectorCredentials, m as ConnectorInvocation, n as ConnectorManifest, o as ConnectorManifestValidationIssue, p as ConnectorManifestValidationResult, q as ConsistencyModel, r as CredentialsExpired, D as DEFAULT_TANGLE_PLATFORM_URL, s as DataSourceMetadata, E as EventHandlerResult, I as InboundEvent, t as RateLimitSpec, R as ResolvedDataSource, u as ResourceContention, v as TANGLE_API_KEY_PREFIX, w as TANGLE_SERVICE_TOKEN_PREFIX, b as TangleIdentityClient, T as TangleIdentityOptions, x as TangleIdentityUnreachableError, c as TangleTokenVerifyFailure, y as TangleTokenVerifyResult, a as TangleUserSummary, z as TangleWorkspaceSummary, B as assertValidConnectorManifest, F as createTangleIdentityClient, G as tangleIdentity, H as validateConnectorManifest } from './tangle-id-CTU4kGId.js';

package/dist/index.js

@@ -18,7 +18,6 @@ import {
   IntegrationError,
   IntegrationHub,
   IntegrationRuntime,
-  IntegrationRuntimeError,
   IntegrationSandboxHost,
   IntegrationWorkflowRuntime,
   PROVIDER_PASSTHROUGH_ACTION,
@@ -98,7 +97,6 @@ import {
   listTangleIntegrationContracts,
   manifestToConnector,
   normalizeGatewayCatalog,
-  normalizeIntegrationError,
   normalizeIntegrationResult,
   parseIntegrationBridgeEnvironment,
   parseIntegrationToolName,
@@ -122,7 +120,6 @@ import {
   signCapability,
   signTangleCatalogRuntimeRequest,
   startTangleCatalogRuntimeNodeServer,
-  statusForCode,
   storedEventToTriggerEvent,
   summarizeIntegrationRegistry,
   tangleCatalogAuthValue,
@@ -133,13 +130,29 @@ import {
   verifyActivepiecesRuntimeSignature,
   verifyCapabilityToken,
   verifyTangleCatalogRuntimeSignature
-} from "./chunk-ICSBYCE2.js";
+} from "./chunk-TUX6MJJ4.js";
+import {
+  InMemoryConnectStateStore,
+  finishConnectFlow,
+  revokeConnectFlow,
+  startConnectFlow
+} from "./chunk-P24T3MLM.js";
 import {
   expressTangleAuthMiddleware,
   extractToken,
   honoTangleAuthMiddleware,
   requireTangleAuth
 } from "./chunk-SVQ4PHDZ.js";
+import {
+  IntegrationRuntimeError,
+  normalizeIntegrationError,
+  statusForCode
+} from "./chunk-H4XYLS7T.js";
+import {
+  IntegrationHubClient,
+  IntegrationHubRequestError,
+  createIntegrationHubClient
+} from "./chunk-YOKNZY2N.js";
 import {
   INTEGRATION_FAMILIES,
   assertValidIntegrationSpec,
@@ -199,12 +212,6 @@ import {
   verifyStripeSignature,
   verifyTwilioSignature
 } from "./chunk-2TW2QKGZ.js";
-import {
-  InMemoryConnectStateStore,
-  finishConnectFlow,
-  revokeConnectFlow,
-  startConnectFlow
-} from "./chunk-P24T3MLM.js";
 import {
   CredentialsExpired,
   DEFAULT_TANGLE_PLATFORM_URL,
@@ -242,6 +249,8 @@ export {
   InMemoryOAuthFlowStore,
   IntegrationError,
   IntegrationHub,
+  IntegrationHubClient,
+  IntegrationHubRequestError,
   IntegrationRuntime,
   IntegrationRuntimeError,
   IntegrationSandboxHost,
@@ -301,6 +310,7 @@ export {
   createGatewayCatalogProvider,
   createHttpIntegrationProvider,
   createIntegrationAuditEvent,
+  createIntegrationHubClient,
   createIntegrationRuntime,
   createIntegrationWorkflowRuntime,
   createMockIntegrationProvider,