@tangle-network/agent-integrations 0.34.0 → 0.36.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/README.md +3 -0
  2. package/dist/catalog.d.ts +1 -1
  3. package/dist/{consumer-yV4NtH2h.d.ts → consumer-Dzt2uOo_.d.ts} +1 -1
  4. package/dist/consumer.d.ts +2 -2
  5. package/dist/{core-types-CjWifQOf.d.ts → core-types-D4MGC44S.d.ts} +2 -2
  6. package/dist/coverage-catalog.d.ts +1 -1
  7. package/dist/delegated-tools/index.d.ts +195 -0
  8. package/dist/delegated-tools/index.js +207 -0
  9. package/dist/delegated-tools/index.js.map +1 -0
  10. package/dist/importers-DANyqwIT.d.ts +57 -0
  11. package/dist/index.d.ts +6 -59
  12. package/dist/mcp.d.ts +95 -0
  13. package/dist/mcp.js +166 -0
  14. package/dist/mcp.js.map +1 -0
  15. package/dist/registry.d.ts +1 -1
  16. package/dist/runtime.d.ts +1 -1
  17. package/dist/specs.d.ts +1 -1
  18. package/package.json +11 -1
package/README.md CHANGED
@@ -165,6 +165,9 @@ OAuth credentials.
165
165
  | `runIntegrationHealthchecks` | Checks connection status, registry executability, scope shape, and optional live provider tests. |
166
166
  | `receiveIntegrationWebhook` | Verifies inbound webhooks, dedupes provider events, and dispatches normalized trigger events. |
167
167
  | `buildIntegrationBridgeEnvironment` | Encodes scoped sandbox capabilities for sandbox processes or executor-style CLIs. |
168
+ | `mintDelegatedToolToken` / `verifyDelegatedToolToken` | Signed-claims bearer (workspace + tool allow-list + TTL) for an external agent that calls back into the product's tools mid-session. |
169
+ | `issueDelegatedToolLease` | Standardized lease (token + allow-list + expiry + callback URL) the product hands to its external agent. |
170
+ | `handleDelegatedToolCall` / `handleDelegatedToolRequest` | Transport-agnostic JSON-RPC 2.0 callback handler with fail-closed gates (token fresh, tool allow-listed, integration connected) via product-supplied seams. |
168
171
  | `createTangleIntegrationsClient` | Tiny generated-app/sandbox client for platform `/v1/integrations/invoke`. |
169
172
  | `inferIntegrationManifestFromTools` / `validateIntegrationManifest` | Deterministic manifest helpers for Builder and platform APIs. |
170
173
  | `renderConsentSummary` / `renderApprovalCopy` | User-facing consent and approval copy from manifests/actions. |
package/dist/catalog.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import { IntegrationSupportTier, IntegrationRegistry, IntegrationRegistrySummary } from './registry.js';
2
- import { d as IntegrationConnectorCategory, e as IntegrationConnectorAction, f as IntegrationActionRisk, g as IntegrationDataClass, b as IntegrationConnector } from './core-types-CjWifQOf.js';
2
+ import { d as IntegrationConnectorCategory, e as IntegrationConnectorAction, f as IntegrationActionRisk, g as IntegrationDataClass, b as IntegrationConnector } from './core-types-D4MGC44S.js';
3
3
  import './types-Bxg-wJkW.js';
4
4
 
5
5
  interface IntegrationToolDefinition {
package/dist/{consumer-yV4NtH2h.d.ts → consumer-Dzt2uOo_.d.ts} RENAMED
@@ -1,4 +1,4 @@
1
- import { I as IntegrationActor, e as IntegrationConnectorAction, g as IntegrationDataClass, j as IntegrationActionGuard, c as IntegrationConnection, k as IntegrationActionRequest, b as IntegrationConnector, l as IntegrationActionResult } from './core-types-CjWifQOf.js';
1
+ import { I as IntegrationActor, e as IntegrationConnectorAction, g as IntegrationDataClass, k as IntegrationActionGuard, c as IntegrationConnection, l as IntegrationActionRequest, b as IntegrationConnector, m as IntegrationActionResult } from './core-types-D4MGC44S.js';
2
2
  import { IntegrationSandboxBundle, IntegrationRequirementMode, IntegrationRequirementResolution, IntegrationManifest, IntegrationManifestResolution, IntegrationGrant } from './runtime.js';
3
3
  import { IntegrationRegistry } from './registry.js';
4
4
 
package/dist/consumer.d.ts CHANGED
@@ -1,6 +1,6 @@
1
- import './core-types-CjWifQOf.js';
1
+ import './core-types-D4MGC44S.js';
2
2
  import './runtime.js';
3
- export { C as CapabilityBundleResult, a as CheckConnectorInput, b as CheckConnectorResult, c as CreateGrantsInput, n as IntegrationHubAuth, o as IntegrationHubClient, p as IntegrationHubClientOptions, q as IntegrationHubRequestError, L as ListGrantsInput, M as MintCapabilityBundleInput, R as ResolveManifestInput, t as createIntegrationHubClient } from './consumer-yV4NtH2h.js';
3
+ export { C as CapabilityBundleResult, a as CheckConnectorInput, b as CheckConnectorResult, c as CreateGrantsInput, n as IntegrationHubAuth, o as IntegrationHubClient, p as IntegrationHubClientOptions, q as IntegrationHubRequestError, L as ListGrantsInput, M as MintCapabilityBundleInput, R as ResolveManifestInput, t as createIntegrationHubClient } from './consumer-Dzt2uOo_.js';
4
4
  import './types-Bxg-wJkW.js';
5
5
  import './catalog.js';
6
6
  import './registry.js';
package/dist/{core-types-CjWifQOf.d.ts → core-types-D4MGC44S.d.ts} RENAMED
@@ -13,7 +13,7 @@ import { a as ConnectorCredentials } from './types-Bxg-wJkW.js';
13
13
  * their own focused modules (`./core-error.ts`).
14
14
  */
15
15
 
16
- type IntegrationProviderKind = 'first_party' | 'nango' | 'pipedream' | 'zapier' | 'activepieces' | 'tangle_catalog' | 'executor' | 'custom';
16
+ type IntegrationProviderKind = 'first_party' | 'nango' | 'pipedream' | 'zapier' | 'activepieces' | 'tangle_catalog' | 'executor' | 'custom' | 'mcp';
17
17
  type IntegrationConnectorCategory = 'email' | 'calendar' | 'chat' | 'crm' | 'storage' | 'docs' | 'database' | 'webhook' | 'workflow' | 'internal' | 'other';
18
18
  type IntegrationActionRisk = 'read' | 'write' | 'destructive';
19
19
  type IntegrationDataClass = 'public' | 'internal' | 'private' | 'sensitive' | 'secret';
@@ -352,4 +352,4 @@ interface IntegrationOAuthStateStore {
352
352
  sweep?(now: number): Promise<void> | void;
353
353
  }
354
354
 
355
- export type { StartAuthResult as A, InvokeWithCapabilityRequest as B, CompleteAuthRequest as C, IntegrationCapability as D, IntegrationHubOptions as E, IssueCapabilityRequest as F, IntegrationConnectorTrigger as G, HttpIntegrationProviderOptions as H, IntegrationActor as I, SecretRef as S, IssuedIntegrationCapability as a, IntegrationConnector as b, IntegrationConnection as c, IntegrationConnectorCategory as d, IntegrationConnectorAction as e, IntegrationActionRisk as f, IntegrationDataClass as g, IntegrationCatalogSource as h, IntegrationProviderKind as i, IntegrationActionGuard as j, IntegrationActionRequest as k, IntegrationActionResult as l, IntegrationPolicyEngine as m, IntegrationApprovalRequest as n, IntegrationGuardContext as o, IntegrationPolicyDecision as p, IntegrationProvider as q, IntegrationSecretStore as r, IntegrationConnectionStore as s, IntegrationCredentialsRotatedEvent as t, IntegrationOAuthStateStore as u, IntegrationOAuthState as v, IntegrationOAuthStateOutcome as w, IntegrationTriggerSubscription as x, IntegrationTriggerEvent as y, StartAuthRequest as z };
355
+ export type { StartAuthResult as A, InvokeWithCapabilityRequest as B, CompleteAuthRequest as C, IntegrationCapability as D, IntegrationHubOptions as E, IssueCapabilityRequest as F, IntegrationConnectorTrigger as G, HttpIntegrationProviderOptions as H, IntegrationActor as I, SecretRef as S, IssuedIntegrationCapability as a, IntegrationConnector as b, IntegrationConnection as c, IntegrationConnectorCategory as d, IntegrationConnectorAction as e, IntegrationActionRisk as f, IntegrationDataClass as g, IntegrationCatalogSource as h, IntegrationProviderKind as i, IntegrationProvider as j, IntegrationActionGuard as k, IntegrationActionRequest as l, IntegrationActionResult as m, IntegrationPolicyEngine as n, IntegrationApprovalRequest as o, IntegrationGuardContext as p, IntegrationPolicyDecision as q, IntegrationSecretStore as r, IntegrationConnectionStore as s, IntegrationCredentialsRotatedEvent as t, IntegrationOAuthStateStore as u, IntegrationOAuthState as v, IntegrationOAuthStateOutcome as w, IntegrationTriggerSubscription as x, IntegrationTriggerEvent as y, StartAuthRequest as z };
package/dist/coverage-catalog.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { d as IntegrationConnectorCategory, b as IntegrationConnector, i as IntegrationProviderKind } from './core-types-CjWifQOf.js';
1
+ import { d as IntegrationConnectorCategory, b as IntegrationConnector, i as IntegrationProviderKind } from './core-types-D4MGC44S.js';
2
2
  import './types-Bxg-wJkW.js';
3
3
 
4
4
  type IntegrationCoveragePriority = 'tier_0' | 'tier_1' | 'tier_2' | 'long_tail';
package/dist/delegated-tools/index.d.ts ADDED
@@ -0,0 +1,195 @@
1
+ /**
2
+ * Short-lived, workspace-scoped bearer for the delegated-tool bridge.
3
+ *
4
+ * An external stateful agent — a voice caller, a long-running autonomous worker
5
+ * — is handed one of these tokens and calls BACK into the product's tools
6
+ * mid-session. The token names exactly which workspace and which tool names the
7
+ * external agent may reach, and it EXPIRES, so a leaked lease stops working once
8
+ * the session window closes. The product's connector credentials never leave the
9
+ * product; the external agent only ever holds this opaque token and reaches the
10
+ * product's callback endpoint (see {@link handleDelegatedToolCall}).
11
+ *
12
+ * This is a SIGNED-CLAIMS envelope, distinct from an identity capability token
13
+ * (`HMAC(secret, "user:<id>")`, verified against a known id). Here the verifier
14
+ * RECOVERS the claims (workspaceId, allowedTools, expiresAt) from the token
15
+ * itself, so the bridge endpoint needs no prior knowledge of the lease.
16
+ *
17
+ * Crypto: WebCrypto HMAC-SHA256, base64url, constant-time compare. Runs on
18
+ * Cloudflare Workers, Node, and the browser with no Node `crypto` dependency —
19
+ * matching the sibling capability-token primitive. Fail-closed: with no secret,
20
+ * mint returns `undefined` and verify returns `null`, so the bridge is simply
21
+ * absent rather than silently unauthenticated.
22
+ */
23
+ interface DelegatedToolClaims {
24
+ workspaceId: string;
25
+ allowedTools: string[];
26
+ /** Epoch milliseconds at which the token stops verifying. */
27
+ expiresAt: number;
28
+ }
29
+ interface MintDelegatedToolTokenInput {
30
+ workspaceId: string;
31
+ allowedTools: string[];
32
+ ttlSeconds: number;
33
+ /** Shared HMAC secret. When absent, mint returns `undefined` (fail-closed). */
34
+ secret?: string;
35
+ /** Token prefix (namespaces the credential; lets verify reject foreign tokens
36
+ * cheaply). Default `dtt_`. */
37
+ prefix?: string;
38
+ /** Override the clock (epoch ms) — for tests. Defaults to `Date.now()`. */
39
+ now?: number;
40
+ }
41
+ interface VerifyDelegatedToolTokenOptions {
42
+ secret?: string;
43
+ prefix?: string;
44
+ now?: number;
45
+ }
46
+ /**
47
+ * Mint a delegated-tool token carrying signed claims, or `undefined` when no
48
+ * secret is configured (fail-closed — the caller refuses to issue a lease rather
49
+ * than hand out an unauthenticated one).
50
+ */
51
+ declare function mintDelegatedToolToken(input: MintDelegatedToolTokenInput): Promise<string | undefined>;
52
+ /**
53
+ * Verify a delegated-tool token and recover its claims. Returns `null` (never
54
+ * throws) for an unconfigured secret, a wrong prefix, a malformed or forged
55
+ * token, or an expired one.
56
+ */
57
+ declare function verifyDelegatedToolToken(token: string, opts: VerifyDelegatedToolTokenOptions): Promise<DelegatedToolClaims | null>;
58
+
59
+ /**
60
+ * Transport-agnostic JSON-RPC 2.0 callback handler for the delegated-tool
61
+ * bridge — the endpoint an EXTERNAL stateful agent calls back into mid-session,
62
+ * authorized by the bearer minted via {@link mintDelegatedToolToken}.
63
+ *
64
+ * The product supplies three seams; the handler bakes in no domain assumptions
65
+ * (no voice/phony/calendar specifics):
66
+ *
67
+ * - `verifyToken(bearer)` → claims | null — recover & validate the lease
68
+ * (fresh, signed). Usually {@link verifyDelegatedToolToken} bound to a secret.
69
+ * - `resolveTool(workspaceId, name)` → invocable | null — the product's tool
70
+ * registry. `null` means "this workspace cannot reach that tool right now".
71
+ * - `isIntegrationConnected(workspaceId, tool)` → boolean — the live
72
+ * connectivity gate; a stale token naming a since-disconnected integration
73
+ * resolves but fails this check.
74
+ *
75
+ * FAIL-CLOSED, in order, for `tools/call`: (1) bearer verifies, (2) tool is in
76
+ * the lease allow-list, (3) tool resolves for the workspace, (4) the backing
77
+ * integration is connected. Any miss returns a JSON-RPC error and the invocable
78
+ * is never touched.
79
+ *
80
+ * `tools/list` is advisory: it returns the intersection of the allow-list with
81
+ * what currently resolves + is connected, omitting (never erroring) the rest.
82
+ */
83
+
84
+ interface DelegatedToolDescriptor {
85
+ /** Wire name the external agent calls by. */
86
+ name: string;
87
+ description?: string;
88
+ /** JSON Schema for the tool arguments. Defaults to `{ type: 'object' }`. */
89
+ inputSchema?: unknown;
90
+ }
91
+ interface ResolvedDelegatedTool extends DelegatedToolDescriptor {
92
+ /**
93
+ * Invoke the tool with the JSON-RPC `arguments`. Returns the JSON-RPC `result`
94
+ * payload on success. Throw {@link DelegatedToolInvocationError} to surface a
95
+ * structured JSON-RPC error (code + data); any other throw becomes -32000.
96
+ */
97
+ invoke(args: Record<string, unknown>): Promise<unknown>;
98
+ }
99
+ /** Throw from `resolveTool().invoke` to control the JSON-RPC error envelope. */
100
+ declare class DelegatedToolInvocationError extends Error {
101
+ readonly code: number;
102
+ readonly data?: unknown;
103
+ constructor(message: string, options?: {
104
+ code?: number;
105
+ data?: unknown;
106
+ });
107
+ }
108
+ interface DelegatedToolCallSeams {
109
+ /** Recover lease claims from a raw bearer string, or `null` to reject. */
110
+ verifyToken(bearer: string): Promise<DelegatedToolClaims | null> | DelegatedToolClaims | null;
111
+ /** The product's tool registry. `null` ⇒ not reachable for this workspace. */
112
+ resolveTool(workspaceId: string, name: string): Promise<ResolvedDelegatedTool | null> | ResolvedDelegatedTool | null;
113
+ /** Live connectivity gate for the integration backing `tool`. */
114
+ isIntegrationConnected(workspaceId: string, tool: ResolvedDelegatedTool): Promise<boolean> | boolean;
115
+ /**
116
+ * Optional advertised name/version for the JSON-RPC `initialize` handshake.
117
+ * Defaults to `{ name: 'delegated-tools', version: '1' }`.
118
+ */
119
+ serverInfo?: {
120
+ name: string;
121
+ version: string;
122
+ };
123
+ }
124
+ interface JsonRpcRequest {
125
+ jsonrpc?: unknown;
126
+ id?: unknown;
127
+ method?: unknown;
128
+ params?: unknown;
129
+ }
130
+ interface JsonRpcResponse {
131
+ jsonrpc: '2.0';
132
+ id: string | number | null;
133
+ result?: unknown;
134
+ error?: {
135
+ code: number;
136
+ message: string;
137
+ data?: unknown;
138
+ };
139
+ }
140
+ /**
141
+ * Handle one JSON-RPC call. Accepts a parsed body + the raw `authorization`
142
+ * header value. Returns the JSON-RPC response object (the transport wrapper —
143
+ * {@link handleDelegatedToolRequest} — turns it into an HTTP `Response`).
144
+ */
145
+ declare function handleDelegatedToolCall(body: JsonRpcRequest, authorization: string | null | undefined, seams: DelegatedToolCallSeams): Promise<JsonRpcResponse>;
146
+ /**
147
+ * HTTP transport wrapper around {@link handleDelegatedToolCall}: parses the
148
+ * request, enforces POST, maps the JSON-RPC response to a `Response`. Unauthorized
149
+ * is the only non-200 status (401) so an unauthenticated probe can't distinguish
150
+ * methods; every authenticated JSON-RPC error rides a 200 per the JSON-RPC contract.
151
+ */
152
+ declare function handleDelegatedToolRequest(request: Request, seams: DelegatedToolCallSeams): Promise<Response>;
153
+
154
+ /**
155
+ * Standardized lease payload the product hands to its external agent.
156
+ *
157
+ * The product resolves which tools a workspace may delegate right now, mints a
158
+ * scoped token over exactly those names ({@link mintDelegatedToolToken}), and
159
+ * packages the result as a lease. The external agent (or the broker that builds
160
+ * its session) reads `callbackUrl` + `token` to reach the product's
161
+ * {@link handleDelegatedToolRequest} endpoint mid-session.
162
+ *
163
+ * Standardizing the shape here means every caller's lease looks the same on the
164
+ * wire regardless of the external runtime (voice broker, autonomous worker).
165
+ */
166
+ interface IssueDelegatedToolLeaseInput {
167
+ workspaceId: string;
168
+ allowedTools: string[];
169
+ ttlSeconds: number;
170
+ /** Shared HMAC secret for the token. Absent ⇒ lease cannot be issued. */
171
+ secret?: string;
172
+ /** Token prefix; forwarded to {@link mintDelegatedToolToken}. */
173
+ prefix?: string;
174
+ /** Endpoint the external agent calls back into. Echoed onto the lease. */
175
+ callbackUrl?: string;
176
+ /** Override the clock (epoch ms) — for tests. */
177
+ now?: number;
178
+ }
179
+ interface DelegatedToolLease {
180
+ token: string;
181
+ allowedTools: string[];
182
+ /** Epoch milliseconds at which the lease (and its token) expires. */
183
+ expiresAt: number;
184
+ callbackUrl?: string;
185
+ }
186
+ /**
187
+ * Issue a delegated-tool lease, or `null` when no secret is configured
188
+ * (fail-closed — the product refuses to hand out an unauthenticated lease).
189
+ * Pass an already-filtered `allowedTools`: this helper signs whatever it is
190
+ * given, so the product MUST intersect against what the workspace can delegate
191
+ * before calling.
192
+ */
193
+ declare function issueDelegatedToolLease(input: IssueDelegatedToolLeaseInput): Promise<DelegatedToolLease | null>;
194
+
195
+ export { type DelegatedToolCallSeams, type DelegatedToolClaims, type DelegatedToolDescriptor, DelegatedToolInvocationError, type DelegatedToolLease, type IssueDelegatedToolLeaseInput, type JsonRpcRequest, type JsonRpcResponse, type MintDelegatedToolTokenInput, type ResolvedDelegatedTool, type VerifyDelegatedToolTokenOptions, handleDelegatedToolCall, handleDelegatedToolRequest, issueDelegatedToolLease, mintDelegatedToolToken, verifyDelegatedToolToken };
package/dist/delegated-tools/index.js ADDED
@@ -0,0 +1,207 @@
1
+ import "../chunk-PZ5AY32C.js";
2
+
3
+ // src/delegated-tools/token.ts
4
+ var DEFAULT_PREFIX = "dtt_";
5
+ function base64urlEncode(input) {
6
+ const bytes = typeof input === "string" ? new TextEncoder().encode(input) : input;
7
+ let binary = "";
8
+ for (let i = 0; i < bytes.length; i++) binary += String.fromCharCode(bytes[i]);
9
+ return btoa(binary).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
10
+ }
11
+ function base64urlDecodeToString(input) {
12
+ try {
13
+ const padded = input.replace(/-/g, "+").replace(/_/g, "/");
14
+ const binary = atob(padded);
15
+ const bytes = new Uint8Array(binary.length);
16
+ for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i);
17
+ return new TextDecoder().decode(bytes);
18
+ } catch {
19
+ return null;
20
+ }
21
+ }
22
+ async function sign(payload, secret) {
23
+ const enc = new TextEncoder();
24
+ const key = await crypto.subtle.importKey("raw", enc.encode(secret), { name: "HMAC", hash: "SHA-256" }, false, ["sign"]);
25
+ const sig = await crypto.subtle.sign("HMAC", key, enc.encode(payload));
26
+ return base64urlEncode(new Uint8Array(sig));
27
+ }
28
+ function timingSafeEqual(a, b) {
29
+ if (a.length !== b.length) return false;
30
+ let diff = 0;
31
+ for (let i = 0; i < a.length; i++) diff |= a.charCodeAt(i) ^ b.charCodeAt(i);
32
+ return diff === 0;
33
+ }
34
+ async function mintDelegatedToolToken(input) {
35
+ const secret = input.secret?.trim();
36
+ if (!secret) return void 0;
37
+ const prefix = input.prefix ?? DEFAULT_PREFIX;
38
+ const now = input.now ?? Date.now();
39
+ const claims = {
40
+ workspaceId: input.workspaceId,
41
+ allowedTools: input.allowedTools,
42
+ expiresAt: now + input.ttlSeconds * 1e3
43
+ };
44
+ const payload = base64urlEncode(JSON.stringify(claims));
45
+ const signature = await sign(payload, secret);
46
+ return `${prefix}${payload}.${signature}`;
47
+ }
48
+ async function verifyDelegatedToolToken(token, opts) {
49
+ const secret = opts.secret?.trim();
50
+ const prefix = opts.prefix ?? DEFAULT_PREFIX;
51
+ if (!secret || !token.startsWith(prefix)) return null;
52
+ const body = token.slice(prefix.length);
53
+ const dot = body.indexOf(".");
54
+ if (dot <= 0) return null;
55
+ const payload = body.slice(0, dot);
56
+ const signature = body.slice(dot + 1);
57
+ if (!payload || !signature) return null;
58
+ const expected = await sign(payload, secret);
59
+ if (!timingSafeEqual(signature, expected)) return null;
60
+ const json = base64urlDecodeToString(payload);
61
+ if (json === null) return null;
62
+ let claims;
63
+ try {
64
+ claims = JSON.parse(json);
65
+ } catch {
66
+ return null;
67
+ }
68
+ if (!claims || typeof claims !== "object") return null;
69
+ const record = claims;
70
+ if (typeof record.workspaceId !== "string" || !record.workspaceId) return null;
71
+ if (typeof record.expiresAt !== "number" || !Number.isFinite(record.expiresAt)) return null;
72
+ if (!Array.isArray(record.allowedTools) || !record.allowedTools.every((tool) => typeof tool === "string")) return null;
73
+ const now = opts.now ?? Date.now();
74
+ if (record.expiresAt <= now) return null;
75
+ return {
76
+ workspaceId: record.workspaceId,
77
+ allowedTools: record.allowedTools,
78
+ expiresAt: record.expiresAt
79
+ };
80
+ }
81
+
82
+ // src/delegated-tools/handler.ts
83
+ var DelegatedToolInvocationError = class extends Error {
84
+ code;
85
+ data;
86
+ constructor(message, options = {}) {
87
+ super(message);
88
+ this.name = "DelegatedToolInvocationError";
89
+ this.code = options.code ?? -32e3;
90
+ this.data = options.data;
91
+ }
92
+ };
93
+ var PROTOCOL_VERSION = "2024-11-05";
94
+ function normalizeId(id) {
95
+ return typeof id === "string" || typeof id === "number" ? id : null;
96
+ }
97
+ function rpcResult(id, result) {
98
+ return { jsonrpc: "2.0", id: normalizeId(id), result };
99
+ }
100
+ function rpcError(id, code, message, data) {
101
+ return {
102
+ jsonrpc: "2.0",
103
+ id: normalizeId(id),
104
+ error: data === void 0 ? { code, message } : { code, message, data }
105
+ };
106
+ }
107
+ function extractBearer(authorization) {
108
+ return authorization?.match(/^Bearer\s+(.+)$/i)?.[1];
109
+ }
110
+ async function handleDelegatedToolCall(body, authorization, seams) {
111
+ const id = body.id ?? null;
112
+ const method = typeof body.method === "string" ? body.method : "";
113
+ const bearer = extractBearer(authorization);
114
+ const claims = bearer ? await seams.verifyToken(bearer) : null;
115
+ if (!claims) return rpcError(id, -32001, "Unauthorized");
116
+ if (method === "initialize") {
117
+ const info = seams.serverInfo ?? { name: "delegated-tools", version: "1" };
118
+ return rpcResult(id, {
119
+ protocolVersion: PROTOCOL_VERSION,
120
+ capabilities: { tools: {} },
121
+ serverInfo: info
122
+ });
123
+ }
124
+ if (method === "tools/list") {
125
+ const tools = [];
126
+ for (const name of claims.allowedTools) {
127
+ const tool = await seams.resolveTool(claims.workspaceId, name);
128
+ if (!tool) continue;
129
+ if (!await seams.isIntegrationConnected(claims.workspaceId, tool)) continue;
130
+ tools.push({
131
+ name: tool.name,
132
+ description: tool.description,
133
+ inputSchema: tool.inputSchema ?? { type: "object" }
134
+ });
135
+ }
136
+ return rpcResult(id, { tools });
137
+ }
138
+ if (method === "tools/call") {
139
+ const params = body.params ?? {};
140
+ const name = typeof params.name === "string" ? params.name : "";
141
+ const args = params.arguments && typeof params.arguments === "object" && !Array.isArray(params.arguments) ? params.arguments : {};
142
+ if (!name) return rpcError(id, -32602, "Missing tool name");
143
+ if (!claims.allowedTools.includes(name)) {
144
+ return rpcError(id, -32602, `Tool not delegated to this session: ${name}`);
145
+ }
146
+ const tool = await seams.resolveTool(claims.workspaceId, name);
147
+ if (!tool) return rpcError(id, -32602, `Tool not available for workspace: ${name}`);
148
+ if (!await seams.isIntegrationConnected(claims.workspaceId, tool)) {
149
+ return rpcError(id, -32602, `Integration not connected for tool: ${name}`);
150
+ }
151
+ try {
152
+ const result = await tool.invoke(args);
153
+ return rpcResult(id, result);
154
+ } catch (err) {
155
+ if (err instanceof DelegatedToolInvocationError) {
156
+ return rpcError(id, err.code, err.message, err.data);
157
+ }
158
+ return rpcError(id, -32e3, err instanceof Error ? err.message : "Tool invocation failed");
159
+ }
160
+ }
161
+ return rpcError(id, -32601, `Method not found: ${method || "(none)"}`);
162
+ }
163
+ async function handleDelegatedToolRequest(request, seams) {
164
+ if (request.method !== "POST") {
165
+ return Response.json({ error: "Method not allowed" }, { status: 405 });
166
+ }
167
+ let body;
168
+ try {
169
+ body = await request.json();
170
+ } catch {
171
+ return Response.json(rpcError(null, -32700, "Parse error"));
172
+ }
173
+ const response = await handleDelegatedToolCall(body, request.headers.get("authorization"), seams);
174
+ if (response.error?.code === -32001) {
175
+ return Response.json(response, { status: 401 });
176
+ }
177
+ return Response.json(response);
178
+ }
179
+
180
+ // src/delegated-tools/lease.ts
181
+ async function issueDelegatedToolLease(input) {
182
+ const now = input.now ?? Date.now();
183
+ const token = await mintDelegatedToolToken({
184
+ workspaceId: input.workspaceId,
185
+ allowedTools: input.allowedTools,
186
+ ttlSeconds: input.ttlSeconds,
187
+ secret: input.secret,
188
+ prefix: input.prefix,
189
+ now
190
+ });
191
+ if (!token) return null;
192
+ return {
193
+ token,
194
+ allowedTools: input.allowedTools,
195
+ expiresAt: now + input.ttlSeconds * 1e3,
196
+ callbackUrl: input.callbackUrl
197
+ };
198
+ }
199
+ export {
200
+ DelegatedToolInvocationError,
201
+ handleDelegatedToolCall,
202
+ handleDelegatedToolRequest,
203
+ issueDelegatedToolLease,
204
+ mintDelegatedToolToken,
205
+ verifyDelegatedToolToken
206
+ };
207
+ //# sourceMappingURL=index.js.map
package/dist/delegated-tools/index.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/delegated-tools/token.ts","../../src/delegated-tools/handler.ts","../../src/delegated-tools/lease.ts"],"sourcesContent":["/**\n * Short-lived, workspace-scoped bearer for the delegated-tool bridge.\n *\n * An external stateful agent — a voice caller, a long-running autonomous worker\n * — is handed one of these tokens and calls BACK into the product's tools\n * mid-session. The token names exactly which workspace and which tool names the\n * external agent may reach, and it EXPIRES, so a leaked lease stops working once\n * the session window closes. The product's connector credentials never leave the\n * product; the external agent only ever holds this opaque token and reaches the\n * product's callback endpoint (see {@link handleDelegatedToolCall}).\n *\n * This is a SIGNED-CLAIMS envelope, distinct from an identity capability token\n * (`HMAC(secret, \"user:<id>\")`, verified against a known id). Here the verifier\n * RECOVERS the claims (workspaceId, allowedTools, expiresAt) from the token\n * itself, so the bridge endpoint needs no prior knowledge of the lease.\n *\n * Crypto: WebCrypto HMAC-SHA256, base64url, constant-time compare. Runs on\n * Cloudflare Workers, Node, and the browser with no Node `crypto` dependency —\n * matching the sibling capability-token primitive. Fail-closed: with no secret,\n * mint returns `undefined` and verify returns `null`, so the bridge is simply\n * absent rather than silently unauthenticated.\n */\n\nconst DEFAULT_PREFIX = 'dtt_'\n\nexport interface DelegatedToolClaims {\n workspaceId: string\n allowedTools: string[]\n /** Epoch milliseconds at which the token stops verifying. */\n expiresAt: number\n}\n\nexport interface MintDelegatedToolTokenInput {\n workspaceId: string\n allowedTools: string[]\n ttlSeconds: number\n /** Shared HMAC secret. When absent, mint returns `undefined` (fail-closed). */\n secret?: string\n /** Token prefix (namespaces the credential; lets verify reject foreign tokens\n * cheaply). Default `dtt_`. */\n prefix?: string\n /** Override the clock (epoch ms) — for tests. Defaults to `Date.now()`. */\n now?: number\n}\n\nexport interface VerifyDelegatedToolTokenOptions {\n secret?: string\n prefix?: string\n now?: number\n}\n\nfunction base64urlEncode(input: string | Uint8Array): string {\n const bytes = typeof input === 'string' ? new TextEncoder().encode(input) : input\n let binary = ''\n for (let i = 0; i < bytes.length; i++) binary += String.fromCharCode(bytes[i]!)\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/, '')\n}\n\nfunction base64urlDecodeToString(input: string): string | null {\n try {\n const padded = input.replace(/-/g, '+').replace(/_/g, '/')\n const binary = atob(padded)\n const bytes = new Uint8Array(binary.length)\n for (let i = 0; i < binary.length; i++) bytes[i] = binary.charCodeAt(i)\n return new TextDecoder().decode(bytes)\n } catch {\n return null\n }\n}\n\nasync function sign(payload: string, secret: string): Promise<string> {\n const enc = new TextEncoder()\n const key = await crypto.subtle.importKey('raw', enc.encode(secret), { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])\n const sig = await crypto.subtle.sign('HMAC', key, enc.encode(payload))\n return base64urlEncode(new Uint8Array(sig))\n}\n\n/** Length-independent-leak-free compare for two same-charset strings. */\nfunction timingSafeEqual(a: string, b: string): boolean {\n if (a.length !== b.length) return false\n let diff = 0\n for (let i = 0; i < a.length; i++) diff |= a.charCodeAt(i) ^ b.charCodeAt(i)\n return diff === 0\n}\n\n/**\n * Mint a delegated-tool token carrying signed claims, or `undefined` when no\n * secret is configured (fail-closed — the caller refuses to issue a lease rather\n * than hand out an unauthenticated one).\n */\nexport async function mintDelegatedToolToken(input: MintDelegatedToolTokenInput): Promise<string | undefined> {\n const secret = input.secret?.trim()\n if (!secret) return undefined\n const prefix = input.prefix ?? DEFAULT_PREFIX\n const now = input.now ?? Date.now()\n const claims: DelegatedToolClaims = {\n workspaceId: input.workspaceId,\n allowedTools: input.allowedTools,\n expiresAt: now + input.ttlSeconds * 1000,\n }\n const payload = base64urlEncode(JSON.stringify(claims))\n const signature = await sign(payload, secret)\n return `${prefix}${payload}.${signature}`\n}\n\n/**\n * Verify a delegated-tool token and recover its claims. Returns `null` (never\n * throws) for an unconfigured secret, a wrong prefix, a malformed or forged\n * token, or an expired one.\n */\nexport async function verifyDelegatedToolToken(\n token: string,\n opts: VerifyDelegatedToolTokenOptions,\n): Promise<DelegatedToolClaims | null> {\n const secret = opts.secret?.trim()\n const prefix = opts.prefix ?? DEFAULT_PREFIX\n if (!secret || !token.startsWith(prefix)) return null\n const body = token.slice(prefix.length)\n const dot = body.indexOf('.')\n if (dot <= 0) return null\n const payload = body.slice(0, dot)\n const signature = body.slice(dot + 1)\n if (!payload || !signature) return null\n\n const expected = await sign(payload, secret)\n if (!timingSafeEqual(signature, expected)) return null\n\n const json = base64urlDecodeToString(payload)\n if (json === null) return null\n\n let claims: unknown\n try {\n claims = JSON.parse(json)\n } catch {\n return null\n }\n if (!claims || typeof claims !== 'object') return null\n const record = claims as Record<string, unknown>\n if (typeof record.workspaceId !== 'string' || !record.workspaceId) return null\n if (typeof record.expiresAt !== 'number' || !Number.isFinite(record.expiresAt)) return null\n if (!Array.isArray(record.allowedTools) || !record.allowedTools.every((tool) => typeof tool === 'string')) return null\n\n const now = opts.now ?? Date.now()\n if (record.expiresAt <= now) return null\n\n return {\n workspaceId: record.workspaceId,\n allowedTools: record.allowedTools as string[],\n expiresAt: record.expiresAt,\n }\n}\n","/**\n * Transport-agnostic JSON-RPC 2.0 callback handler for the delegated-tool\n * bridge — the endpoint an EXTERNAL stateful agent calls back into mid-session,\n * authorized by the bearer minted via {@link mintDelegatedToolToken}.\n *\n * The product supplies three seams; the handler bakes in no domain assumptions\n * (no voice/phony/calendar specifics):\n *\n * - `verifyToken(bearer)` → claims | null — recover & validate the lease\n * (fresh, signed). Usually {@link verifyDelegatedToolToken} bound to a secret.\n * - `resolveTool(workspaceId, name)` → invocable | null — the product's tool\n * registry. `null` means \"this workspace cannot reach that tool right now\".\n * - `isIntegrationConnected(workspaceId, tool)` → boolean — the live\n * connectivity gate; a stale token naming a since-disconnected integration\n * resolves but fails this check.\n *\n * FAIL-CLOSED, in order, for `tools/call`: (1) bearer verifies, (2) tool is in\n * the lease allow-list, (3) tool resolves for the workspace, (4) the backing\n * integration is connected. Any miss returns a JSON-RPC error and the invocable\n * is never touched.\n *\n * `tools/list` is advisory: it returns the intersection of the allow-list with\n * what currently resolves + is connected, omitting (never erroring) the rest.\n */\n\nimport type { DelegatedToolClaims } from './token.js'\n\nexport interface DelegatedToolDescriptor {\n /** Wire name the external agent calls by. */\n name: string\n description?: string\n /** JSON Schema for the tool arguments. Defaults to `{ type: 'object' }`. */\n inputSchema?: unknown\n}\n\nexport interface ResolvedDelegatedTool extends DelegatedToolDescriptor {\n /**\n * Invoke the tool with the JSON-RPC `arguments`. Returns the JSON-RPC `result`\n * payload on success. Throw {@link DelegatedToolInvocationError} to surface a\n * structured JSON-RPC error (code + data); any other throw becomes -32000.\n */\n invoke(args: Record<string, unknown>): Promise<unknown>\n}\n\n/** Throw from `resolveTool().invoke` to control the JSON-RPC error envelope. */\nexport class DelegatedToolInvocationError extends Error {\n readonly code: number\n readonly data?: unknown\n constructor(message: string, options: { code?: number; data?: unknown } = {}) {\n super(message)\n this.name = 'DelegatedToolInvocationError'\n this.code = options.code ?? -32000\n this.data = options.data\n }\n}\n\nexport interface DelegatedToolCallSeams {\n /** Recover lease claims from a raw bearer string, or `null` to reject. */\n verifyToken(bearer: string): Promise<DelegatedToolClaims | null> | DelegatedToolClaims | null\n /** The product's tool registry. `null` ⇒ not reachable for this workspace. */\n resolveTool(\n workspaceId: string,\n name: string,\n ): Promise<ResolvedDelegatedTool | null> | ResolvedDelegatedTool | null\n /** Live connectivity gate for the integration backing `tool`. */\n isIntegrationConnected(\n workspaceId: string,\n tool: ResolvedDelegatedTool,\n ): Promise<boolean> | boolean\n /**\n * Optional advertised name/version for the JSON-RPC `initialize` handshake.\n * Defaults to `{ name: 'delegated-tools', version: '1' }`.\n */\n serverInfo?: { name: string; version: string }\n}\n\nexport interface JsonRpcRequest {\n jsonrpc?: unknown\n id?: unknown\n method?: unknown\n params?: unknown\n}\n\nexport interface JsonRpcResponse {\n jsonrpc: '2.0'\n id: string | number | null\n result?: unknown\n error?: { code: number; message: string; data?: unknown }\n}\n\nconst PROTOCOL_VERSION = '2024-11-05'\n\nfunction normalizeId(id: unknown): string | number | null {\n return typeof id === 'string' || typeof id === 'number' ? id : null\n}\n\nfunction rpcResult(id: unknown, result: unknown): JsonRpcResponse {\n return { jsonrpc: '2.0', id: normalizeId(id), result }\n}\n\nfunction rpcError(id: unknown, code: number, message: string, data?: unknown): JsonRpcResponse {\n return {\n jsonrpc: '2.0',\n id: normalizeId(id),\n error: data === undefined ? { code, message } : { code, message, data },\n }\n}\n\nfunction extractBearer(authorization: string | null | undefined): string | undefined {\n return authorization?.match(/^Bearer\\s+(.+)$/i)?.[1]\n}\n\n/**\n * Handle one JSON-RPC call. Accepts a parsed body + the raw `authorization`\n * header value. Returns the JSON-RPC response object (the transport wrapper —\n * {@link handleDelegatedToolRequest} — turns it into an HTTP `Response`).\n */\nexport async function handleDelegatedToolCall(\n body: JsonRpcRequest,\n authorization: string | null | undefined,\n seams: DelegatedToolCallSeams,\n): Promise<JsonRpcResponse> {\n const id = body.id ?? null\n const method = typeof body.method === 'string' ? body.method : ''\n\n const bearer = extractBearer(authorization)\n const claims = bearer ? await seams.verifyToken(bearer) : null\n if (!claims) return rpcError(id, -32001, 'Unauthorized')\n\n if (method === 'initialize') {\n const info = seams.serverInfo ?? { name: 'delegated-tools', version: '1' }\n return rpcResult(id, {\n protocolVersion: PROTOCOL_VERSION,\n capabilities: { tools: {} },\n serverInfo: info,\n })\n }\n\n if (method === 'tools/list') {\n const tools: DelegatedToolDescriptor[] = []\n for (const name of claims.allowedTools) {\n const tool = await seams.resolveTool(claims.workspaceId, name)\n if (!tool) continue\n if (!(await seams.isIntegrationConnected(claims.workspaceId, tool))) continue\n tools.push({\n name: tool.name,\n description: tool.description,\n inputSchema: tool.inputSchema ?? { type: 'object' },\n })\n }\n return rpcResult(id, { tools })\n }\n\n if (method === 'tools/call') {\n const params = (body.params ?? {}) as { name?: unknown; arguments?: unknown }\n const name = typeof params.name === 'string' ? params.name : ''\n const args =\n params.arguments && typeof params.arguments === 'object' && !Array.isArray(params.arguments)\n ? (params.arguments as Record<string, unknown>)\n : {}\n\n if (!name) return rpcError(id, -32602, 'Missing tool name')\n if (!claims.allowedTools.includes(name)) {\n return rpcError(id, -32602, `Tool not delegated to this session: ${name}`)\n }\n const tool = await seams.resolveTool(claims.workspaceId, name)\n if (!tool) return rpcError(id, -32602, `Tool not available for workspace: ${name}`)\n if (!(await seams.isIntegrationConnected(claims.workspaceId, tool))) {\n return rpcError(id, -32602, `Integration not connected for tool: ${name}`)\n }\n\n try {\n const result = await tool.invoke(args)\n return rpcResult(id, result)\n } catch (err) {\n if (err instanceof DelegatedToolInvocationError) {\n return rpcError(id, err.code, err.message, err.data)\n }\n return rpcError(id, -32000, err instanceof Error ? err.message : 'Tool invocation failed')\n }\n }\n\n return rpcError(id, -32601, `Method not found: ${method || '(none)'}`)\n}\n\n/**\n * HTTP transport wrapper around {@link handleDelegatedToolCall}: parses the\n * request, enforces POST, maps the JSON-RPC response to a `Response`. Unauthorized\n * is the only non-200 status (401) so an unauthenticated probe can't distinguish\n * methods; every authenticated JSON-RPC error rides a 200 per the JSON-RPC contract.\n */\nexport async function handleDelegatedToolRequest(\n request: Request,\n seams: DelegatedToolCallSeams,\n): Promise<Response> {\n if (request.method !== 'POST') {\n return Response.json({ error: 'Method not allowed' }, { status: 405 })\n }\n\n let body: JsonRpcRequest\n try {\n body = (await request.json()) as JsonRpcRequest\n } catch {\n return Response.json(rpcError(null, -32700, 'Parse error'))\n }\n\n const response = await handleDelegatedToolCall(body, request.headers.get('authorization'), seams)\n if (response.error?.code === -32001) {\n return Response.json(response, { status: 401 })\n }\n return Response.json(response)\n}\n","/**\n * Standardized lease payload the product hands to its external agent.\n *\n * The product resolves which tools a workspace may delegate right now, mints a\n * scoped token over exactly those names ({@link mintDelegatedToolToken}), and\n * packages the result as a lease. The external agent (or the broker that builds\n * its session) reads `callbackUrl` + `token` to reach the product's\n * {@link handleDelegatedToolRequest} endpoint mid-session.\n *\n * Standardizing the shape here means every caller's lease looks the same on the\n * wire regardless of the external runtime (voice broker, autonomous worker).\n */\n\nimport { mintDelegatedToolToken } from './token.js'\n\nexport interface IssueDelegatedToolLeaseInput {\n workspaceId: string\n allowedTools: string[]\n ttlSeconds: number\n /** Shared HMAC secret for the token. Absent ⇒ lease cannot be issued. */\n secret?: string\n /** Token prefix; forwarded to {@link mintDelegatedToolToken}. */\n prefix?: string\n /** Endpoint the external agent calls back into. Echoed onto the lease. */\n callbackUrl?: string\n /** Override the clock (epoch ms) — for tests. */\n now?: number\n}\n\nexport interface DelegatedToolLease {\n token: string\n allowedTools: string[]\n /** Epoch milliseconds at which the lease (and its token) expires. */\n expiresAt: number\n callbackUrl?: string\n}\n\n/**\n * Issue a delegated-tool lease, or `null` when no secret is configured\n * (fail-closed — the product refuses to hand out an unauthenticated lease).\n * Pass an already-filtered `allowedTools`: this helper signs whatever it is\n * given, so the product MUST intersect against what the workspace can delegate\n * before calling.\n */\nexport async function issueDelegatedToolLease(\n input: IssueDelegatedToolLeaseInput,\n): Promise<DelegatedToolLease | null> {\n const now = input.now ?? Date.now()\n const token = await mintDelegatedToolToken({\n workspaceId: input.workspaceId,\n allowedTools: input.allowedTools,\n ttlSeconds: input.ttlSeconds,\n secret: input.secret,\n prefix: input.prefix,\n now,\n })\n if (!token) return null\n return {\n token,\n allowedTools: input.allowedTools,\n expiresAt: now + input.ttlSeconds * 1000,\n callbackUrl: input.callbackUrl,\n }\n}\n"],"mappings":";;;AAuBA,IAAM,iBAAiB;AA4BvB,SAAS,gBAAgB,OAAoC;AAC3D,QAAM,QAAQ,OAAO,UAAU,WAAW,IAAI,YAAY,EAAE,OAAO,KAAK,IAAI;AAC5E,MAAI,SAAS;AACb,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,IAAK,WAAU,OAAO,aAAa,MAAM,CAAC,CAAE;AAC9E,SAAO,KAAK,MAAM,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,GAAG,EAAE,QAAQ,OAAO,EAAE;AAC/E;AAEA,SAAS,wBAAwB,OAA8B;AAC7D,MAAI;AACF,UAAM,SAAS,MAAM,QAAQ,MAAM,GAAG,EAAE,QAAQ,MAAM,GAAG;AACzD,UAAM,SAAS,KAAK,MAAM;AAC1B,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,IAAK,OAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AACtE,WAAO,IAAI,YAAY,EAAE,OAAO,KAAK;AAAA,EACvC,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAe,KAAK,SAAiB,QAAiC;AACpE,QAAM,MAAM,IAAI,YAAY;AAC5B,QAAM,MAAM,MAAM,OAAO,OAAO,UAAU,OAAO,IAAI,OAAO,MAAM,GAAG,EAAE,MAAM,QAAQ,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;AACvH,QAAM,MAAM,MAAM,OAAO,OAAO,KAAK,QAAQ,KAAK,IAAI,OAAO,OAAO,CAAC;AACrE,SAAO,gBAAgB,IAAI,WAAW,GAAG,CAAC;AAC5C;AAGA,SAAS,gBAAgB,GAAW,GAAoB;AACtD,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI,OAAO;AACX,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,IAAK,SAAQ,EAAE,WAAW,CAAC,IAAI,EAAE,WAAW,CAAC;AAC3E,SAAO,SAAS;AAClB;AAOA,eAAsB,uBAAuB,OAAiE;AAC5G,QAAM,SAAS,MAAM,QAAQ,KAAK;AAClC,MAAI,CAAC,OAAQ,QAAO;AACpB,QAAM,SAAS,MAAM,UAAU;AAC/B,QAAM,MAAM,MAAM,OAAO,KAAK,IAAI;AAClC,QAAM,SAA8B;AAAA,IAClC,aAAa,MAAM;AAAA,IACnB,cAAc,MAAM;AAAA,IACpB,WAAW,MAAM,MAAM,aAAa;AAAA,EACtC;AACA,QAAM,UAAU,gBAAgB,KAAK,UAAU,MAAM,CAAC;AACtD,QAAM,YAAY,MAAM,KAAK,SAAS,MAAM;AAC5C,SAAO,GAAG,MAAM,GAAG,OAAO,IAAI,SAAS;AACzC;AAOA,eAAsB,yBACpB,OACA,MACqC;AACrC,QAAM,SAAS,KAAK,QAAQ,KAAK;AACjC,QAAM,SAAS,KAAK,UAAU;AAC9B,MAAI,CAAC,UAAU,CAAC,MAAM,WAAW,MAAM,EAAG,QAAO;AACjD,QAAM,OAAO,MAAM,MAAM,OAAO,MAAM;AACtC,QAAM,MAAM,KAAK,QAAQ,GAAG;AAC5B,MAAI,OAAO,EAAG,QAAO;AACrB,QAAM,UAAU,KAAK,MAAM,GAAG,GAAG;AACjC,QAAM,YAAY,KAAK,MAAM,MAAM,CAAC;AACpC,MAAI,CAAC,WAAW,CAAC,UAAW,QAAO;AAEnC,QAAM,WAAW,MAAM,KAAK,SAAS,MAAM;AAC3C,MAAI,CAAC,gBAAgB,WAAW,QAAQ,EAAG,QAAO;AAElD,QAAM,OAAO,wBAAwB,OAAO;AAC5C,MAAI,SAAS,KAAM,QAAO;AAE1B,MAAI;AACJ,MAAI;AACF,aAAS,KAAK,MAAM,IAAI;AAAA,EAC1B,QAAQ;AACN,WAAO;AAAA,EACT;AACA,MAAI,CAAC,UAAU,OAAO,WAAW,SAAU,QAAO;AAClD,QAAM,SAAS;AACf,MAAI,OAAO,OAAO,gBAAgB,YAAY,CAAC,OAAO,YAAa,QAAO;AAC1E,MAAI,OAAO,OAAO,cAAc,YAAY,CAAC,OAAO,SAAS,OAAO,SAAS,EAAG,QAAO;AACvF,MAAI,CAAC,MAAM,QAAQ,OAAO,YAAY,KAAK,CAAC,OAAO,aAAa,MAAM,CAAC,SAAS,OAAO,SAAS,QAAQ,EAAG,QAAO;AAElH,QAAM,MAAM,KAAK,OAAO,KAAK,IAAI;AACjC,MAAI,OAAO,aAAa,IAAK,QAAO;AAEpC,SAAO;AAAA,IACL,aAAa,OAAO;AAAA,IACpB,cAAc,OAAO;AAAA,IACrB,WAAW,OAAO;AAAA,EACpB;AACF;;;ACzGO,IAAM,+BAAN,cAA2C,MAAM;AAAA,EAC7C;AAAA,EACA;AAAA,EACT,YAAY,SAAiB,UAA6C,CAAC,GAAG;AAC5E,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,OAAO,QAAQ,QAAQ;AAC5B,SAAK,OAAO,QAAQ;AAAA,EACtB;AACF;AAoCA,IAAM,mBAAmB;AAEzB,SAAS,YAAY,IAAqC;AACxD,SAAO,OAAO,OAAO,YAAY,OAAO,OAAO,WAAW,KAAK;AACjE;AAEA,SAAS,UAAU,IAAa,QAAkC;AAChE,SAAO,EAAE,SAAS,OAAO,IAAI,YAAY,EAAE,GAAG,OAAO;AACvD;AAEA,SAAS,SAAS,IAAa,MAAc,SAAiB,MAAiC;AAC7F,SAAO;AAAA,IACL,SAAS;AAAA,IACT,IAAI,YAAY,EAAE;AAAA,IAClB,OAAO,SAAS,SAAY,EAAE,MAAM,QAAQ,IAAI,EAAE,MAAM,SAAS,KAAK;AAAA,EACxE;AACF;AAEA,SAAS,cAAc,eAA8D;AACnF,SAAO,eAAe,MAAM,kBAAkB,IAAI,CAAC;AACrD;AAOA,eAAsB,wBACpB,MACA,eACA,OAC0B;AAC1B,QAAM,KAAK,KAAK,MAAM;AACtB,QAAM,SAAS,OAAO,KAAK,WAAW,WAAW,KAAK,SAAS;AAE/D,QAAM,SAAS,cAAc,aAAa;AAC1C,QAAM,SAAS,SAAS,MAAM,MAAM,YAAY,MAAM,IAAI;AAC1D,MAAI,CAAC,OAAQ,QAAO,SAAS,IAAI,QAAQ,cAAc;AAEvD,MAAI,WAAW,cAAc;AAC3B,UAAM,OAAO,MAAM,cAAc,EAAE,MAAM,mBAAmB,SAAS,IAAI;AACzE,WAAO,UAAU,IAAI;AAAA,MACnB,iBAAiB;AAAA,MACjB,cAAc,EAAE,OAAO,CAAC,EAAE;AAAA,MAC1B,YAAY;AAAA,IACd,CAAC;AAAA,EACH;AAEA,MAAI,WAAW,cAAc;AAC3B,UAAM,QAAmC,CAAC;AAC1C,eAAW,QAAQ,OAAO,cAAc;AACtC,YAAM,OAAO,MAAM,MAAM,YAAY,OAAO,aAAa,IAAI;AAC7D,UAAI,CAAC,KAAM;AACX,UAAI,CAAE,MAAM,MAAM,uBAAuB,OAAO,aAAa,IAAI,EAAI;AACrE,YAAM,KAAK;AAAA,QACT,MAAM,KAAK;AAAA,QACX,aAAa,KAAK;AAAA,QAClB,aAAa,KAAK,eAAe,EAAE,MAAM,SAAS;AAAA,MACpD,CAAC;AAAA,IACH;AACA,WAAO,UAAU,IAAI,EAAE,MAAM,CAAC;AAAA,EAChC;AAEA,MAAI,WAAW,cAAc;AAC3B,UAAM,SAAU,KAAK,UAAU,CAAC;AAChC,UAAM,OAAO,OAAO,OAAO,SAAS,WAAW,OAAO,OAAO;AAC7D,UAAM,OACJ,OAAO,aAAa,OAAO,OAAO,cAAc,YAAY,CAAC,MAAM,QAAQ,OAAO,SAAS,IACtF,OAAO,YACR,CAAC;AAEP,QAAI,CAAC,KAAM,QAAO,SAAS,IAAI,QAAQ,mBAAmB;AAC1D,QAAI,CAAC,OAAO,aAAa,SAAS,IAAI,GAAG;AACvC,aAAO,SAAS,IAAI,QAAQ,uCAAuC,IAAI,EAAE;AAAA,IAC3E;AACA,UAAM,OAAO,MAAM,MAAM,YAAY,OAAO,aAAa,IAAI;AAC7D,QAAI,CAAC,KAAM,QAAO,SAAS,IAAI,QAAQ,qCAAqC,IAAI,EAAE;AAClF,QAAI,CAAE,MAAM,MAAM,uBAAuB,OAAO,aAAa,IAAI,GAAI;AACnE,aAAO,SAAS,IAAI,QAAQ,uCAAuC,IAAI,EAAE;AAAA,IAC3E;AAEA,QAAI;AACF,YAAM,SAAS,MAAM,KAAK,OAAO,IAAI;AACrC,aAAO,UAAU,IAAI,MAAM;AAAA,IAC7B,SAAS,KAAK;AACZ,UAAI,eAAe,8BAA8B;AAC/C,eAAO,SAAS,IAAI,IAAI,MAAM,IAAI,SAAS,IAAI,IAAI;AAAA,MACrD;AACA,aAAO,SAAS,IAAI,OAAQ,eAAe,QAAQ,IAAI,UAAU,wBAAwB;AAAA,IAC3F;AAAA,EACF;AAEA,SAAO,SAAS,IAAI,QAAQ,qBAAqB,UAAU,QAAQ,EAAE;AACvE;AAQA,eAAsB,2BACpB,SACA,OACmB;AACnB,MAAI,QAAQ,WAAW,QAAQ;AAC7B,WAAO,SAAS,KAAK,EAAE,OAAO,qBAAqB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvE;AAEA,MAAI;AACJ,MAAI;AACF,WAAQ,MAAM,QAAQ,KAAK;AAAA,EAC7B,QAAQ;AACN,WAAO,SAAS,KAAK,SAAS,MAAM,QAAQ,aAAa,CAAC;AAAA,EAC5D;AAEA,QAAM,WAAW,MAAM,wBAAwB,MAAM,QAAQ,QAAQ,IAAI,eAAe,GAAG,KAAK;AAChG,MAAI,SAAS,OAAO,SAAS,QAAQ;AACnC,WAAO,SAAS,KAAK,UAAU,EAAE,QAAQ,IAAI,CAAC;AAAA,EAChD;AACA,SAAO,SAAS,KAAK,QAAQ;AAC/B;;;ACvKA,eAAsB,wBACpB,OACoC;AACpC,QAAM,MAAM,MAAM,OAAO,KAAK,IAAI;AAClC,QAAM,QAAQ,MAAM,uBAAuB;AAAA,IACzC,aAAa,MAAM;AAAA,IACnB,cAAc,MAAM;AAAA,IACpB,YAAY,MAAM;AAAA,IAClB,QAAQ,MAAM;AAAA,IACd,QAAQ,MAAM;AAAA,IACd;AAAA,EACF,CAAC;AACD,MAAI,CAAC,MAAO,QAAO;AACnB,SAAO;AAAA,IACL;AAAA,IACA,cAAc,MAAM;AAAA,IACpB,WAAW,MAAM,MAAM,aAAa;AAAA,IACpC,aAAa,MAAM;AAAA,EACrB;AACF;","names":[]}
package/dist/importers-DANyqwIT.d.ts ADDED
@@ -0,0 +1,57 @@
1
+ import { d as IntegrationConnectorCategory, b as IntegrationConnector, g as IntegrationDataClass, f as IntegrationActionRisk } from './core-types-D4MGC44S.js';
2
+
3
+ interface ImportCatalogOptions {
4
+ providerId: string;
5
+ connectorId: string;
6
+ connectorTitle: string;
7
+ category?: IntegrationConnectorCategory;
8
+ auth?: IntegrationConnector['auth'];
9
+ scopes?: string[];
10
+ dataClass?: IntegrationDataClass;
11
+ defaultRisk?: IntegrationActionRisk;
12
+ }
13
+ interface OpenApiDocument {
14
+ openapi?: string;
15
+ swagger?: string;
16
+ info?: {
17
+ title?: string;
18
+ };
19
+ paths?: Record<string, Record<string, OpenApiOperation | unknown>>;
20
+ }
21
+ interface OpenApiOperation {
22
+ operationId?: string;
23
+ summary?: string;
24
+ description?: string;
25
+ parameters?: unknown[];
26
+ requestBody?: unknown;
27
+ responses?: unknown;
28
+ security?: Array<Record<string, string[]>>;
29
+ tags?: string[];
30
+ }
31
+ interface GraphqlOperationSpec {
32
+ name: string;
33
+ kind: 'query' | 'mutation';
34
+ description?: string;
35
+ inputSchema?: unknown;
36
+ outputSchema?: unknown;
37
+ requiredScopes?: string[];
38
+ }
39
+ interface McpCatalogTool {
40
+ name: string;
41
+ description?: string;
42
+ inputSchema?: unknown;
43
+ annotations?: {
44
+ readOnlyHint?: boolean;
45
+ destructiveHint?: boolean;
46
+ openWorldHint?: boolean;
47
+ title?: string;
48
+ };
49
+ }
50
+ interface McpCatalog {
51
+ tools: McpCatalogTool[];
52
+ }
53
+ declare function importOpenApiConnector(document: OpenApiDocument, options: ImportCatalogOptions): IntegrationConnector;
54
+ declare function importGraphqlConnector(operations: GraphqlOperationSpec[], options: ImportCatalogOptions): IntegrationConnector;
55
+ declare function importMcpConnector(catalog: McpCatalog, options: ImportCatalogOptions): IntegrationConnector;
56
+
57
+ export { type GraphqlOperationSpec as G, type ImportCatalogOptions as I, type McpCatalogTool as M, type OpenApiDocument as O, type McpCatalog as a, type OpenApiOperation as b, importMcpConnector as c, importOpenApiConnector as d, importGraphqlConnector as i };
package/dist/index.d.ts CHANGED
@@ -1,9 +1,9 @@
1
1
  import { IntegrationRegistrySummary, IntegrationRegistryConflict, ComposeIntegrationRegistryOptions, IntegrationRegistry } from './registry.js';
2
2
  export { IntegrationCatalogExecutability, IntegrationRegistryEntry, IntegrationRegistrySourceRef, IntegrationSupportTier, buildDefaultIntegrationRegistry, canonicalConnectorId, classifyIntegrationCatalogExecutability, composeIntegrationRegistry, inferIntegrationSupportTier, summarizeIntegrationRegistry } from './registry.js';
3
- import { m as IntegrationPolicyEngine, n as IntegrationApprovalRequest, I as IntegrationActor, o as IntegrationGuardContext, p as IntegrationPolicyDecision, b as IntegrationConnector, e as IntegrationConnectorAction, i as IntegrationProviderKind, c as IntegrationConnection, h as IntegrationCatalogSource, q as IntegrationProvider, r as IntegrationSecretStore, s as IntegrationConnectionStore, t as IntegrationCredentialsRotatedEvent, u as IntegrationOAuthStateStore, v as IntegrationOAuthState, w as IntegrationOAuthStateOutcome, S as SecretRef, d as IntegrationConnectorCategory, f as IntegrationActionRisk, g as IntegrationDataClass, x as IntegrationTriggerSubscription, y as IntegrationTriggerEvent, j as IntegrationActionGuard, l as IntegrationActionResult, k as IntegrationActionRequest, z as StartAuthRequest, A as StartAuthResult, C as CompleteAuthRequest, B as InvokeWithCapabilityRequest, D as IntegrationCapability, E as IntegrationHubOptions, F as IssueCapabilityRequest, a as IssuedIntegrationCapability, H as HttpIntegrationProviderOptions } from './core-types-CjWifQOf.js';
4
- export { G as IntegrationConnectorTrigger } from './core-types-CjWifQOf.js';
5
- import { I as IntegrationAuditSink } from './consumer-yV4NtH2h.js';
6
- export { C as CapabilityBundleResult, a as CheckConnectorInput, b as CheckConnectorResult, c as CreateGrantsInput, d as InMemoryIntegrationAuditStore, e as InMemoryIntegrationHealthcheckStore, f as IntegrationAuditEvent, g as IntegrationAuditEventType, h as IntegrationAuditFilter, i as IntegrationAuditStore, j as IntegrationHealthcheckCheck, k as IntegrationHealthcheckResult, l as IntegrationHealthcheckStatus, m as IntegrationHealthcheckStore, n as IntegrationHubAuth, o as IntegrationHubClient, p as IntegrationHubClientOptions, q as IntegrationHubRequestError, L as ListGrantsInput, M as MintCapabilityBundleInput, R as ResolveManifestInput, r as createAuditingActionGuard, s as createIntegrationAuditEvent, t as createIntegrationHubClient, u as healthcheckRequest, v as runIntegrationHealthcheck, w as runIntegrationHealthchecks, x as sanitizeAuditConnection } from './consumer-yV4NtH2h.js';
3
+ import { n as IntegrationPolicyEngine, o as IntegrationApprovalRequest, I as IntegrationActor, p as IntegrationGuardContext, q as IntegrationPolicyDecision, b as IntegrationConnector, e as IntegrationConnectorAction, i as IntegrationProviderKind, c as IntegrationConnection, h as IntegrationCatalogSource, j as IntegrationProvider, r as IntegrationSecretStore, s as IntegrationConnectionStore, t as IntegrationCredentialsRotatedEvent, u as IntegrationOAuthStateStore, v as IntegrationOAuthState, w as IntegrationOAuthStateOutcome, S as SecretRef, d as IntegrationConnectorCategory, f as IntegrationActionRisk, g as IntegrationDataClass, x as IntegrationTriggerSubscription, y as IntegrationTriggerEvent, k as IntegrationActionGuard, m as IntegrationActionResult, l as IntegrationActionRequest, z as StartAuthRequest, A as StartAuthResult, C as CompleteAuthRequest, B as InvokeWithCapabilityRequest, D as IntegrationCapability, E as IntegrationHubOptions, F as IssueCapabilityRequest, a as IssuedIntegrationCapability, H as HttpIntegrationProviderOptions } from './core-types-D4MGC44S.js';
4
+ export { G as IntegrationConnectorTrigger } from './core-types-D4MGC44S.js';
5
+ import { I as IntegrationAuditSink } from './consumer-Dzt2uOo_.js';
6
+ export { C as CapabilityBundleResult, a as CheckConnectorInput, b as CheckConnectorResult, c as CreateGrantsInput, d as InMemoryIntegrationAuditStore, e as InMemoryIntegrationHealthcheckStore, f as IntegrationAuditEvent, g as IntegrationAuditEventType, h as IntegrationAuditFilter, i as IntegrationAuditStore, j as IntegrationHealthcheckCheck, k as IntegrationHealthcheckResult, l as IntegrationHealthcheckStatus, m as IntegrationHealthcheckStore, n as IntegrationHubAuth, o as IntegrationHubClient, p as IntegrationHubClientOptions, q as IntegrationHubRequestError, L as ListGrantsInput, M as MintCapabilityBundleInput, R as ResolveManifestInput, r as createAuditingActionGuard, s as createIntegrationAuditEvent, t as createIntegrationHubClient, u as healthcheckRequest, v as runIntegrationHealthcheck, w as runIntegrationHealthchecks, x as sanitizeAuditConnection } from './consumer-Dzt2uOo_.js';
7
7
  import { IntegrationSandboxBundle, IntegrationManifest, IntegrationManifestResolution, IntegrationRuntime, IntegrationGrantStore, IntegrationRequirementMode } from './runtime.js';
8
8
  export { InMemoryIntegrationGrantStore, IntegrationCapabilityBinding, IntegrationGrant, IntegrationRequirement, IntegrationRequirementResolution, IntegrationRequirementStatus, IntegrationRuntimeHub, IntegrationRuntimeOptions, createIntegrationRuntime } from './runtime.js';
9
9
  import { C as ConnectorAdapter, R as ResolvedDataSource, a as ConnectorCredentials } from './types-Bxg-wJkW.js';
@@ -15,6 +15,7 @@ export { DEFAULT_SIGNATURE_TOLERANCE_SECONDS, ExchangeCodeInput, GenericHmacVeri
15
15
  export { DocuSealOptions, EtsyOptions, GmailOptions, GoogleCalendarOptions, GoogleDocsOptions, GoogleDriveOptions, GoogleFormsOptions, GoogleSheetsOptions, HelloSignOptions, HubSpotOptions, MicrosoftCalendarOptions, MicrosoftGraphOptions, MicrosoftTeamsOptions, NotionDatabaseOptions, OneDriveOptions, OutlookMailOptions, PandaDocOptions, RestConnectorSpec, RestCredentialPlacement, RestOperationSpec, RestRequestSpec, SharePointOptions, SlackOptions, TELEGRAM_FILE_DOWNLOAD_ROOT, TwitterOptions, WhatsappBusinessOptions, activecampaignConnector, acumbamailConnector, adobeCreativeCloudConnector, afforaiConnector, agentxConnector, aidbaseConnector, aipriseConnector, airOpsConnector, aircallConnector, airtableConnector, airtopConnector, alaiConnector, altTextAiConnector, alttextifyConnector, amazonBedrockConnector, amazonSecretsManagerConnector, amazonSesConnector, amazonSnsConnector, amazonSqsConnector, amazonTextractConnector, aminosConnector, ampecoConnector, anthropicConnector, apitableConnector, apitemplateIoConnector, apolloConnector, appfollowConnector, asanaConnector, ashbyConnector, asknewsConnector, assemblyaiConnector, attioConnector, auth0Connector, autocallsConnector, avianConnector, avomaConnector, azureAdConnector, azureCommunicationServicesConnector, azureOpenaiConnector, backblazeConnector, bamboohrConnector, barcodeLookupConnector, baremetricsConnector, basecampConnector, beamerConnector, bettermodeConnector, bexioConnector, bigcommerceConnector, biginByZohoConnector, billplzConnector, bitlyConnector, blandAiConnector, blueskyConnector, bolnaConnector, bonjoroConnector, bookedinConnector, boxConnector, braveSearchConnector, brazeConnector, brilliantDirectoriesConnector, browseAiConnector, calComConnector, calendlyConnector, campaignMonitorConnector, cannyConnector, canvaConnector, capsuleCrmConnector, captainDataConnector, cashfreePaymentsConnector, certopusConnector, chainalysisApiConnector, chargebeeConnector, chargekeepConnector, chartlyConnector, chatDataConnector, chatbaseConnector, chatlingConnector, chatnodeConnector, chatwootConnector, checkoutConnector, circleConnector, clearoutConnector, clicdataConnector, clickupConnector, clioConnector, clockifyConnector, clockodoConnector, closeConnector, cloudconvertConnector, cloudinaryConnector, cloutlyConnector, codaConnector, cognitoFormsConnector, cohereConnector, cometapiConnector, comfyicuConnector, confluenceConnector, constantContactConnector, contentfulConnector, convertkitConnector, copperConnector, copyAiConnector, crispConnector, cryptolensConnector, customerIoConnector, customgptConnector, dashworksConnector, datadogConnector, datafuelConnector, datocmsConnector, declarativeRestConnector, deepseekConnector, denserAiConnector, descriptConnector, devinConnector, discordConnector, dittofeedConnector, doctlyConnector, documentproConnector, documergeConnector, docuseal, docusignConnector, dropboxConnector, dubConnector, dumplingAiConnector, dustConnector, easyPeasyAiConnector, ebayConnector, edenAiConnector, elasticEmailConnector, emailitConnector, emailoctopusConnector, enrichlayerConnector, esignaturesConnector, etsyConnector, exaConnector, facebookLeadsConnector, facebookPagesConnector, fathomAnalyticsConnector, fathomConnector, figjamConnector, figmaConnector, filloutFormsConnector, firebaseConnector, fireberryConnector, firecrawlConnector, firefliesAiConnector, flipandoConnector, flowiseConnector, flowluConnector, folkConnector, foreplayCoConnector, formbricksConnector, formstackConnector, fountainConnector, fragmentConnector, frameConnector, freeAgentConnector, freshsalesConnector, freshserviceConnector, frontConnector, gameballConnector, geminiConnector, ghostcmsConnector, gistlyConnector, giteaConnector, githubConnector, gitlabConnector, glideConnector, gmail, googleBigqueryConnector, googleCalendar, googleCloudStorageConnector, googleContactsConnector, googleDocs, googleDrive, googleForms, googleGeminiConnector, googleMyBusinessConnector, googleSearchConnector, googleSearchConsoleConnector, googleSheets, googleSlidesConnector, googleTasksConnector, googleVertexaiConnector, googlechatConnector, gorgiasConnector, gotifyConnector, gptzeroDetectAiConnector, granolaConnector, greenhouseConnector, greenptConnector, greipConnector, griptapeConnector, gristConnector, guideliteConnector, gustoConnector, harvestConnector, hashiCorpVaultConnector, hastewireConnector, heartbeatConnector, hedyConnector, hellosign, helpscoutConnector, heygenConnector, heymarketSmsConnector, housecallProConnector, hubspot, huggingFaceConnector, huggingfaceConnector, humeAiConnector, hunterConnector, hystructConnector, ibmCognoseConnector, imageRouterConnector, imapConnector, influencersClubConnector, insightlyConnector, insightoAiConnector, instaChartsConnector, instantlyAiConnector, instasentConnector, intercomConnector, invoiceninjaConnector, jinaAiConnector, jiraCloudConnector, jiraDataCenterConnector, joggAiConnector, jotformConnector, justInvoiceConnector, kallabotAiConnector, kapsoConnector, kimaiConnector, kissflowConnector, kizeoFormsConnector, klaviyoConnector, klentyConnector, knackConnector, knockConnector, koFiConnector, kommoConnector, kudosityConnector, kustomerConnector, leadConnectorConnector, leapAiConnector, leexiConnector, lemlistConnector, lemonSqueezyConnector, letsCalendarConnector, lettaConnector, leverConnector, lightfunnelsConnector, linearConnector, linkaConnector, linkupConnector, llmrailsConnector, lobstermailConnector, localaiConnector, loftyConnector, logrocketConnector, logsnagConnector, lokaliseConnector, loopsConnector, lucidyaConnector, lushaConnector, luxuryPresenceConnector, magicalApiConnector, mailchainConnector, mailchimpConnector, mailerLiteConnector, mailercheckConnector, mailerooConnector, mailgunConnector, makeConnector, manychatConnector, marketoConnector, mastodonConnector, matomoConnector, matrixConnector, mattermostConnector, mauticConnector, medullarConnector, meetgeekAiConnector, memConnector, messagebirdConnector, metabaseConnector, microsoft365PeopleConnector, microsoft365PlannerConnector, microsoftCalendar, microsoftDynamics365BusinessCentralConnector, microsoftDynamicsCrmConnector, microsoftExcel365Connector, microsoftGraph, microsoftOnedriveConnector, microsoftOnenoteConnector, microsoftOutlookCalendarConnector, microsoftOutlookConnector, microsoftPowerBiConnector, microsoftSharepointConnector, microsoftTeams, microsoftTodoConnector, millionverifierConnector, mindStudioConnector, mindeeConnector, miroConnector, missiveConnector, mixmaxConnector, mixpanelConnector, mollieConnector, mondayConnector, mongodbConnector, n8nConnector, netlifyConnector, niftyConnector, ninjapipeConnector, nocodbConnector, notionConnector, notionDatabase, ntfyConnector, odooConnector, omniCoConnector, omnihrConnector, oneDrive, openPhoneConnector, openRouterConnector, openaiConnector, openmicAiConnector, opnformConnector, opportifyConnector, opsgenieConnector, oracleDatabaseConnector, orimonConnector, outlookMail, paddleConnector, pagerdutyConnector, pandadoc, paperformConnector, parseurConnector, pastefyConnector, paywhirlConnector, pdfmonkeyConnector, peekshotConnector, perplexityAiConnector, personalAiConnector, phonyConnector, pinchPaymentsConnector, pineconeConnector, pipedreamConnector, pipedriveConnector, placidConnector, plausibleConnector, pocketbaseConnector, pollybotAiConnector, postgresConnector, posthogConnector, postizConnector, postmarkConnector, predictLeadsConnector, productboardConnector, proxycurlConnector, pushbulletConnector, pushoverConnector, qawafelConnector, qdrantConnector, quadernoConnector, quickbooksConnector, quickzuConnector, raiaAiConnector, rapidtextAiConnector, reachinboxConnector, recallAiConnector, redditConnector, reoonVerifierConnector, replyIoConnector, retableConnector, retellAiConnector, ripplingConnector, robollyConnector, runwareConnector, saasticConnector, saleorConnector, salesforceConnector, sanityConnector, sardisConnector, savvycalConnector, scrapegraphaiConnector, scrapelessConnector, seekTableConnector, sendgridConnector, sendinblueConnector, sendpulseConnector, senjaConnector, sentryConnector, serpstatConnector, serviceNowConnector, sharepoint, shippoConnector, shopifyConnector, shortIoConnector, signNowConnector, signrequestConnector, simplirouteConnector, simplybookmeConnector, skyprepConnector, slack, slackEventsConnector, smartleadConnector, smartsheetConnector, smartsuiteConnector, smooveConnector, smsmodeConnector, snowflakeConnector, socialkitConnector, squareConnector, stripeConnector, stripePackConnector, stripeWebhookReceiverConnector, supabaseConnector, supadataConnector, swarmnodeConnector, systemeIoConnector, tableauConnector, talkableConnector, tallyConnector, teableConnector, telegramConnector, telnyxConnector, tenzoConnector, textcortexAiConnector, ticktickConnector, timeOpsConnector, timelinesAiConnector, tlDvConnector, todoistConnector, togglTrackConnector, totalcmsConnector, trelloConnector, twentyConnector, twilioConnector, twilioSmsConnector, twinLabsConnector, twitter, twitterConnector, typeformConnector, typefullyConnector, umamiConnector, upgradechatConnector, uscreenConnector, validatedmailsConnector, vapiConnector, vboutConnector, vercelConnector, videoaskConnector, vidlab7Connector, vlmRunConnector, voucheryIoConnector, vtexConnector, vtigerConnector, wafeqConnector, weaviateConnector, webflowConnector, webhookConnector, webscrapingAiConnector, whatConvertsConnector, whatsappBusiness, whatsappConnector, whatsscaleConnector, wonderchatConnector, woocommerceConnector, woodpeckerConnector, wootricConnector, wordpressConnector, workableConnector, workdayConnector, wrikeConnector, writesonicBulkConnector, wufooConnector, xeroConnector, youcanbookmeConnector, zagomailConnector, zapierConnector, zendeskConnector, zendeskSellConnector, zeplinConnector, zerobounceConnector, zohoBookingsConnector, zohoCrmConnector, zohoDeskConnector, zuoraConnector } from './connectors/adapters/index.js';
16
16
  export { D as DEFAULT_TANGLE_PLATFORM_URL, d as TANGLE_API_KEY_PREFIX, e as TANGLE_SERVICE_TOKEN_PREFIX, b as TangleIdentityClient, T as TangleIdentityOptions, f as TangleIdentityUnreachableError, c as TangleTokenVerifyFailure, g as TangleTokenVerifyResult, a as TangleUserSummary, h as TangleWorkspaceSummary, i as createTangleIdentityClient, t as tangleIdentity } from './tangle-id-hDDWP-2f.js';
17
17
  export { IntegrationCatalogView, IntegrationToolDefinition, IntegrationToolSearchFilters, IntegrationToolSearchResult, McpToolDefinition, buildIntegrationCatalogView, buildIntegrationToolCatalog, describeIntegrationTool, flattenIntegrationToolDefinition, integrationToolName, parseIntegrationToolName, searchIntegrationTools, toMcpTools } from './catalog.js';
18
+ export { G as GraphqlOperationSpec, I as ImportCatalogOptions, a as McpCatalog, M as McpCatalogTool, O as OpenApiDocument, b as OpenApiOperation, i as importGraphqlConnector, c as importMcpConnector, d as importOpenApiConnector } from './importers-DANyqwIT.js';
18
19
  export { IntegrationActionPack, IntegrationCoveragePriority, IntegrationCoverageSpec, buildIntegrationCoverageConnectors, integrationCoverageChecklistMarkdown, listIntegrationCoverageSpecs } from './coverage-catalog.js';
19
20
  export { ApiKeyAuthSpec, ConnectorAuthSpec, ConsoleStep, CredentialFieldSpec, CredentialValidationInput, CredentialValidationResult, CustomAuthSpec, HealthcheckPlan, HealthcheckSpec, HmacAuthSpec, INTEGRATION_FAMILIES, IntegrationAuthMode, IntegrationAuthSpec, IntegrationFamilyId, IntegrationFamilySpec, IntegrationLifecycleSpec, IntegrationPlannerHints, IntegrationSetupSpec, IntegrationSpec, IntegrationSpecStatus, IntegrationSpecValidationIssue, IntegrationSpecValidationResult, NoneAuthSpec, NormalizedPermission, OAuth2AuthSpec, PermissionDescriptor, PostSetupCheck, Quirk, RenderSpecOptions, RenderedConsoleStep, ScopeDescriptor, assertValidIntegrationSpec, buildHealthcheckPlan, consoleStepsToText, getIntegrationFamily, getIntegrationSpec, integrationSpecToConnector, listExecutableIntegrationSpecs, listIntegrationSpecs, renderAgentToolDescription, renderConsoleSteps, renderRunbookMarkdown, resolveConnectorAuthSpec, specAuthToConnectorAuth, validateCredentialFormat, validateCredentialSet, validateIntegrationSpec } from './specs.js';
20
21
 
@@ -879,60 +880,6 @@ declare class IntegrationSandboxHost {
879
880
  dispatch(envelope: IntegrationInvocationEnvelope): Promise<NormalizedIntegrationResult>;
880
881
  }
881
882
 
882
- interface ImportCatalogOptions {
883
- providerId: string;
884
- connectorId: string;
885
- connectorTitle: string;
886
- category?: IntegrationConnectorCategory;
887
- auth?: IntegrationConnector['auth'];
888
- scopes?: string[];
889
- dataClass?: IntegrationDataClass;
890
- defaultRisk?: IntegrationActionRisk;
891
- }
892
- interface OpenApiDocument {
893
- openapi?: string;
894
- swagger?: string;
895
- info?: {
896
- title?: string;
897
- };
898
- paths?: Record<string, Record<string, OpenApiOperation | unknown>>;
899
- }
900
- interface OpenApiOperation {
901
- operationId?: string;
902
- summary?: string;
903
- description?: string;
904
- parameters?: unknown[];
905
- requestBody?: unknown;
906
- responses?: unknown;
907
- security?: Array<Record<string, string[]>>;
908
- tags?: string[];
909
- }
910
- interface GraphqlOperationSpec {
911
- name: string;
912
- kind: 'query' | 'mutation';
913
- description?: string;
914
- inputSchema?: unknown;
915
- outputSchema?: unknown;
916
- requiredScopes?: string[];
917
- }
918
- interface McpCatalogTool {
919
- name: string;
920
- description?: string;
921
- inputSchema?: unknown;
922
- annotations?: {
923
- readOnlyHint?: boolean;
924
- destructiveHint?: boolean;
925
- openWorldHint?: boolean;
926
- title?: string;
927
- };
928
- }
929
- interface McpCatalog {
930
- tools: McpCatalogTool[];
931
- }
932
- declare function importOpenApiConnector(document: OpenApiDocument, options: ImportCatalogOptions): IntegrationConnector;
933
- declare function importGraphqlConnector(operations: GraphqlOperationSpec[], options: ImportCatalogOptions): IntegrationConnector;
934
- declare function importMcpConnector(catalog: McpCatalog, options: ImportCatalogOptions): IntegrationConnector;
935
-
936
883
  interface GatewayCatalogProviderOptions {
937
884
  id: string;
938
885
  kind: Extract<IntegrationProviderKind, 'nango' | 'pipedream' | 'activepieces' | 'tangle_catalog' | 'zapier' | 'executor' | 'custom'>;
@@ -1299,4 +1246,4 @@ declare function createHttpIntegrationProvider(options: HttpIntegrationProviderO
1299
1246
  declare function signCapability(capability: IntegrationCapability, secret: string): string;
1300
1247
  declare function verifyCapabilityToken(token: string, secret: string): IntegrationCapability;
1301
1248
 
1302
- export { ACTIVEPIECES_OVERRIDES, ACTIVEPIECES_PUBLIC_CATALOG_URL, type ActivepiecesCatalogAuthField, type ActivepiecesCatalogEntry, type ActivepiecesExecutorInvocation, type ActivepiecesExecutorProviderOptions, type ActivepiecesPieceOverride, type AppSummary, ApprovalBackedPolicyEngine, type ApprovalBackedPolicyOptions, type BrokerToken, CANONICAL_INTEGRATION_ACTIONS, type CanonicalIntegrationActionId, type CanonicalLaunchConnectorOptions, type CatalogExecutorInvocation, type CatalogExecutorProviderOptions, CompleteAuthRequest, ComposeIntegrationRegistryOptions, type ConnectionCredentialResolverOptions, ConnectorAdapter, type ConnectorAdapterProviderOptions, ConnectorCredentials, type ConsentSummary, type CredentialBackedAdapterProviderOptions, DEFAULT_INTEGRATION_BRIDGE_ENV, DefaultIntegrationActionGuard, type DiscoverWorkspaceCapabilitiesInput, type GatewayCatalogAction, type GatewayCatalogEntry, type GatewayCatalogProviderOptions, type GatewayCatalogTrigger, type GraphqlOperationSpec, HttpIntegrationProviderOptions, type ImportCatalogOptions, InMemoryConnectionStore, InMemoryIntegrationApprovalStore, InMemoryIntegrationEventStore, InMemoryIntegrationIdempotencyStore, InMemoryIntegrationOAuthStateStore, InMemoryIntegrationSecretStore, InMemoryIntegrationWorkflowStore, type InferIntegrationRequirementsOptions, type InstalledIntegrationWorkflow, IntegrationActionGuard, IntegrationActionRequest, IntegrationActionResult, IntegrationActionRisk, IntegrationActor, type IntegrationApprovalFilter, type IntegrationApprovalRecord, IntegrationApprovalRequest, type IntegrationApprovalResolution, type IntegrationApprovalStatus, type IntegrationApprovalStore, IntegrationAuditSink, type IntegrationBridgePayload, type IntegrationBridgeToolBinding, IntegrationCapability, type IntegrationCatalogFreshnessOptions, type IntegrationCatalogFreshnessResult, IntegrationCatalogSource, IntegrationConnection, IntegrationConnectionStore, IntegrationConnector, IntegrationConnectorAction, IntegrationConnectorCategory, IntegrationCredentialsRotatedEvent, IntegrationDataClass, IntegrationError, type IntegrationErrorRuntimeCode, type IntegrationEventStore, IntegrationGrantStore, IntegrationGuardContext, IntegrationHub, IntegrationHubOptions, type IntegrationIdempotencyRecord, type IntegrationIdempotencyStore, type IntegrationInvocationEnvelope, type IntegrationInvocationEnvelopeValidationOptions, IntegrationManifest, IntegrationManifestResolution, IntegrationOAuthState, IntegrationOAuthStateOutcome, IntegrationOAuthStateStore, IntegrationPolicyDecision, type IntegrationPolicyEffect, IntegrationPolicyEngine, type IntegrationPolicyRule, IntegrationProvider, IntegrationProviderKind, type IntegrationRateLimitDecision, type IntegrationRateLimiter, IntegrationRegistry, IntegrationRegistryConflict, IntegrationRegistrySummary, IntegrationRequirementMode, IntegrationRuntime, IntegrationSandboxBundle, IntegrationSandboxHost, type IntegrationSandboxHostHub, type IntegrationSandboxHostOptions, IntegrationSecretStore, IntegrationTriggerEvent, IntegrationTriggerSubscription, type IntegrationWebhookReceiverResult, type IntegrationWorkflowDefinition, IntegrationWorkflowRuntime, type IntegrationWorkflowRuntimeHub, type IntegrationWorkflowRuntimeOptions, type IntegrationWorkflowStore, InvokeWithCapabilityRequest, IssueCapabilityRequest, IssuedIntegrationCapability, type ManifestValidationIssue, type ManifestValidationResult, type McpCatalog, type McpCatalogTool, type MissingRequirementExplanation, type NormalizedIntegrationResult, type OAuthClientCredentials, type OpenApiDocument, type OpenApiOperation, PROVIDER_PASSTHROUGH_ACTION, type PlatformIntegrationPolicyPresetOptions, type ProviderHttpRequestInput, type ProviderPassthroughPolicy, type RegisterAppInput, type RegisteredApp, type RenderConsentOptions, ResolvedDataSource, SecretRef, StartAuthRequest, StartAuthResult, StaticIntegrationPolicyEngine, type StaticIntegrationPolicyOptions, type StoredIntegrationEvent, TANGLE_INTEGRATIONS_CATALOG_PROVIDER_ID, TANGLE_INTEGRATIONS_CATALOG_SOURCE, TangleAppsClient, type TangleAppsClientOptions, type TangleCatalogExecutorInvocation, type TangleCatalogExecutorProviderOptions, type TangleCatalogRuntimePackageManifest, type TangleCatalogRuntimePackageManifestOptions, type TangleCatalogTriggerInvocation, type TangleIntegrationCatalogEntry, type TangleIntegrationCatalogFreshnessOptions, type TangleIntegrationCatalogFreshnessResult, type TangleIntegrationContract, type TangleIntegrationContractStatus, type TangleIntegrationImplementationKind, type TangleIntegrationInvokeInput, type TangleIntegrationInvokeResult, TangleIntegrationsClient, type TangleIntegrationsClientOptions, type WorkspaceCapability, type WorkspaceCapabilityDiscovery, type WorkspaceToolSchema, type WorkspaceTrigger, adapterManifestsToConnectors, assertValidIntegrationManifest, auditIntegrationCatalogFreshness, auditTangleIntegrationCatalogFreshness, buildActivepiecesConnectors, buildApprovalRequest, buildCanonicalLaunchConnectors, buildIntegrationBridgeEnvironment, buildIntegrationBridgePayload, buildIntegrationInvocationEnvelope, buildTangleCatalogRuntimePackageManifest, buildTangleIntegrationCatalogConnectors, calendarExercisePlannerManifest, canonicalActionConnectorId, createActivepiecesExecutorProvider, createApprovalBackedPolicyEngine, createCatalogExecutorProvider, createConnectionCredentialResolver, createConnectorAdapterCatalogSource, createConnectorAdapterProvider, createCredentialBackedAdapterProvider, createDefaultIntegrationActionGuard, createDefaultIntegrationPolicyEngine, createGatewayCatalogProvider, createHttpIntegrationProvider, createIntegrationWorkflowRuntime, createMockIntegrationProvider, createPlatformIntegrationPolicyPreset, createTangleAppsClient, createTangleCatalogExecutorProvider, createTangleIntegrationsClient, decodeIntegrationBridgePayload, discoverWorkspaceCapabilities, dispatchIntegrationInvocation, encodeIntegrationBridgePayload, explainMissingRequirements, extractActivepiecesPublicPieceCount, extractExternalCatalogPublicCount, filterDiscoveryByWorkspaceScopes, getActivepiecesOverride, importGraphqlConnector, importMcpConnector, importOpenApiConnector, inferIntegrationManifestFromTools, invocationRequestFromEnvelope, listActivepiecesCatalogEntries, listTangleIntegrationCatalogEntries, listTangleIntegrationCatalogRuntimePackages, listTangleIntegrationContracts, listTangleNativeAdapterIds, manifestToConnector, normalizeGatewayCatalog, normalizeIntegrationResult, parseIntegrationBridgeEnvironment, receiveIntegrationWebhook, redactApprovalRequest, redactCapability, redactIntegrationBridgePayload, redactInvocationEnvelope, renderApprovalCopy, renderConsentSummary, renderTangleCatalogRuntimePnpmAddCommand, resolveConnectionCredentials, resolveIntegrationApproval, revokeConnection, sanitizeConnection, signCapability, storedEventToTriggerEvent, validateIntegrationInvocationEnvelope, validateIntegrationManifest, validateProviderPassthroughRequest, verifyCapabilityToken };
1249
+ export { ACTIVEPIECES_OVERRIDES, ACTIVEPIECES_PUBLIC_CATALOG_URL, type ActivepiecesCatalogAuthField, type ActivepiecesCatalogEntry, type ActivepiecesExecutorInvocation, type ActivepiecesExecutorProviderOptions, type ActivepiecesPieceOverride, type AppSummary, ApprovalBackedPolicyEngine, type ApprovalBackedPolicyOptions, type BrokerToken, CANONICAL_INTEGRATION_ACTIONS, type CanonicalIntegrationActionId, type CanonicalLaunchConnectorOptions, type CatalogExecutorInvocation, type CatalogExecutorProviderOptions, CompleteAuthRequest, ComposeIntegrationRegistryOptions, type ConnectionCredentialResolverOptions, ConnectorAdapter, type ConnectorAdapterProviderOptions, ConnectorCredentials, type ConsentSummary, type CredentialBackedAdapterProviderOptions, DEFAULT_INTEGRATION_BRIDGE_ENV, DefaultIntegrationActionGuard, type DiscoverWorkspaceCapabilitiesInput, type GatewayCatalogAction, type GatewayCatalogEntry, type GatewayCatalogProviderOptions, type GatewayCatalogTrigger, HttpIntegrationProviderOptions, InMemoryConnectionStore, InMemoryIntegrationApprovalStore, InMemoryIntegrationEventStore, InMemoryIntegrationIdempotencyStore, InMemoryIntegrationOAuthStateStore, InMemoryIntegrationSecretStore, InMemoryIntegrationWorkflowStore, type InferIntegrationRequirementsOptions, type InstalledIntegrationWorkflow, IntegrationActionGuard, IntegrationActionRequest, IntegrationActionResult, IntegrationActionRisk, IntegrationActor, type IntegrationApprovalFilter, type IntegrationApprovalRecord, IntegrationApprovalRequest, type IntegrationApprovalResolution, type IntegrationApprovalStatus, type IntegrationApprovalStore, IntegrationAuditSink, type IntegrationBridgePayload, type IntegrationBridgeToolBinding, IntegrationCapability, type IntegrationCatalogFreshnessOptions, type IntegrationCatalogFreshnessResult, IntegrationCatalogSource, IntegrationConnection, IntegrationConnectionStore, IntegrationConnector, IntegrationConnectorAction, IntegrationConnectorCategory, IntegrationCredentialsRotatedEvent, IntegrationDataClass, IntegrationError, type IntegrationErrorRuntimeCode, type IntegrationEventStore, IntegrationGrantStore, IntegrationGuardContext, IntegrationHub, IntegrationHubOptions, type IntegrationIdempotencyRecord, type IntegrationIdempotencyStore, type IntegrationInvocationEnvelope, type IntegrationInvocationEnvelopeValidationOptions, IntegrationManifest, IntegrationManifestResolution, IntegrationOAuthState, IntegrationOAuthStateOutcome, IntegrationOAuthStateStore, IntegrationPolicyDecision, type IntegrationPolicyEffect, IntegrationPolicyEngine, type IntegrationPolicyRule, IntegrationProvider, IntegrationProviderKind, type IntegrationRateLimitDecision, type IntegrationRateLimiter, IntegrationRegistry, IntegrationRegistryConflict, IntegrationRegistrySummary, IntegrationRequirementMode, IntegrationRuntime, IntegrationSandboxBundle, IntegrationSandboxHost, type IntegrationSandboxHostHub, type IntegrationSandboxHostOptions, IntegrationSecretStore, IntegrationTriggerEvent, IntegrationTriggerSubscription, type IntegrationWebhookReceiverResult, type IntegrationWorkflowDefinition, IntegrationWorkflowRuntime, type IntegrationWorkflowRuntimeHub, type IntegrationWorkflowRuntimeOptions, type IntegrationWorkflowStore, InvokeWithCapabilityRequest, IssueCapabilityRequest, IssuedIntegrationCapability, type ManifestValidationIssue, type ManifestValidationResult, type MissingRequirementExplanation, type NormalizedIntegrationResult, type OAuthClientCredentials, PROVIDER_PASSTHROUGH_ACTION, type PlatformIntegrationPolicyPresetOptions, type ProviderHttpRequestInput, type ProviderPassthroughPolicy, type RegisterAppInput, type RegisteredApp, type RenderConsentOptions, ResolvedDataSource, SecretRef, StartAuthRequest, StartAuthResult, StaticIntegrationPolicyEngine, type StaticIntegrationPolicyOptions, type StoredIntegrationEvent, TANGLE_INTEGRATIONS_CATALOG_PROVIDER_ID, TANGLE_INTEGRATIONS_CATALOG_SOURCE, TangleAppsClient, type TangleAppsClientOptions, type TangleCatalogExecutorInvocation, type TangleCatalogExecutorProviderOptions, type TangleCatalogRuntimePackageManifest, type TangleCatalogRuntimePackageManifestOptions, type TangleCatalogTriggerInvocation, type TangleIntegrationCatalogEntry, type TangleIntegrationCatalogFreshnessOptions, type TangleIntegrationCatalogFreshnessResult, type TangleIntegrationContract, type TangleIntegrationContractStatus, type TangleIntegrationImplementationKind, type TangleIntegrationInvokeInput, type TangleIntegrationInvokeResult, TangleIntegrationsClient, type TangleIntegrationsClientOptions, type WorkspaceCapability, type WorkspaceCapabilityDiscovery, type WorkspaceToolSchema, type WorkspaceTrigger, adapterManifestsToConnectors, assertValidIntegrationManifest, auditIntegrationCatalogFreshness, auditTangleIntegrationCatalogFreshness, buildActivepiecesConnectors, buildApprovalRequest, buildCanonicalLaunchConnectors, buildIntegrationBridgeEnvironment, buildIntegrationBridgePayload, buildIntegrationInvocationEnvelope, buildTangleCatalogRuntimePackageManifest, buildTangleIntegrationCatalogConnectors, calendarExercisePlannerManifest, canonicalActionConnectorId, createActivepiecesExecutorProvider, createApprovalBackedPolicyEngine, createCatalogExecutorProvider, createConnectionCredentialResolver, createConnectorAdapterCatalogSource, createConnectorAdapterProvider, createCredentialBackedAdapterProvider, createDefaultIntegrationActionGuard, createDefaultIntegrationPolicyEngine, createGatewayCatalogProvider, createHttpIntegrationProvider, createIntegrationWorkflowRuntime, createMockIntegrationProvider, createPlatformIntegrationPolicyPreset, createTangleAppsClient, createTangleCatalogExecutorProvider, createTangleIntegrationsClient, decodeIntegrationBridgePayload, discoverWorkspaceCapabilities, dispatchIntegrationInvocation, encodeIntegrationBridgePayload, explainMissingRequirements, extractActivepiecesPublicPieceCount, extractExternalCatalogPublicCount, filterDiscoveryByWorkspaceScopes, getActivepiecesOverride, inferIntegrationManifestFromTools, invocationRequestFromEnvelope, listActivepiecesCatalogEntries, listTangleIntegrationCatalogEntries, listTangleIntegrationCatalogRuntimePackages, listTangleIntegrationContracts, listTangleNativeAdapterIds, manifestToConnector, normalizeGatewayCatalog, normalizeIntegrationResult, parseIntegrationBridgeEnvironment, receiveIntegrationWebhook, redactApprovalRequest, redactCapability, redactIntegrationBridgePayload, redactInvocationEnvelope, renderApprovalCopy, renderConsentSummary, renderTangleCatalogRuntimePnpmAddCommand, resolveConnectionCredentials, resolveIntegrationApproval, revokeConnection, sanitizeConnection, signCapability, storedEventToTriggerEvent, validateIntegrationInvocationEnvelope, validateIntegrationManifest, validateProviderPassthroughRequest, verifyCapabilityToken };
package/dist/mcp.d.ts ADDED
@@ -0,0 +1,95 @@
1
+ import { d as IntegrationConnectorCategory, g as IntegrationDataClass, f as IntegrationActionRisk, j as IntegrationProvider, b as IntegrationConnector } from './core-types-D4MGC44S.js';
2
+ import { M as McpCatalogTool } from './importers-DANyqwIT.js';
3
+ import './types-Bxg-wJkW.js';
4
+
5
+ /**
6
+ * Live MCP connector — attach a remote MCP (Model Context Protocol) server
7
+ * as an {@link IntegrationProvider}, so its tools flow through the same
8
+ * catalog / grants / approvals machinery as every other connector instead of
9
+ * forming a parallel, ungoverned tool path.
10
+ *
11
+ * Transport is Streamable HTTP only (single POST endpoint, JSON or SSE
12
+ * response framing) — this package runs in edge workers, so stdio servers are
13
+ * out of scope; front them with any HTTP-bridging MCP host.
14
+ *
15
+ * Discovery reuses {@link importMcpConnector}: `tools/list` output becomes an
16
+ * `IntegrationConnector` whose per-action risk comes from MCP tool
17
+ * annotations (readOnlyHint / destructiveHint) with a text-heuristic
18
+ * fallback, so non-read MCP tools default to `approvalRequired` — fail-closed
19
+ * against servers that don't annotate.
20
+ *
21
+ * Credentials: the server's auth header is supplied at construction by the
22
+ * product (which owns secret storage) and held in memory only. Connection
23
+ * rows carry no MCP secrets.
24
+ */
25
+
26
+ /** Protocol revision sent on `initialize` and the `MCP-Protocol-Version`
27
+ * header. Servers negotiate down from this. */
28
+ declare const MCP_PROTOCOL_VERSION = "2025-06-18";
29
+ interface McpServerConfig {
30
+ /** The server's single Streamable-HTTP endpoint. */
31
+ url: string;
32
+ /** Static request headers — typically `{ Authorization: 'Bearer …' }`.
33
+ * Held in memory only; never persisted by this module. */
34
+ headers?: Record<string, string>;
35
+ protocolVersion?: string;
36
+ clientInfo?: {
37
+ name: string;
38
+ version: string;
39
+ };
40
+ /** Injectable for tests / custom egress policies (SSRF pinning). */
41
+ fetchImpl?: typeof fetch;
42
+ }
43
+ interface McpToolCallResult {
44
+ /** MCP content blocks (text, image, resource, …) verbatim. */
45
+ content: unknown[];
46
+ isError: boolean;
47
+ /** `structuredContent` from servers that return it. */
48
+ structured?: unknown;
49
+ }
50
+ /**
51
+ * Minimal Streamable-HTTP MCP client: `initialize` handshake (capturing the
52
+ * server's `Mcp-Session-Id`), paginated `tools/list`, and `tools/call`.
53
+ * Lazily initializes on first use; safe to share across calls within an
54
+ * isolate.
55
+ */
56
+ declare class McpHttpClient {
57
+ private readonly config;
58
+ private nextId;
59
+ private sessionId;
60
+ private negotiatedVersion;
61
+ private initializing;
62
+ constructor(config: McpServerConfig);
63
+ private get fetchImpl();
64
+ private post;
65
+ private request;
66
+ /** Idempotent handshake; concurrent callers share one in-flight init. */
67
+ initialize(): Promise<void>;
68
+ /** Full tool catalog, following `nextCursor` pagination. */
69
+ listTools(): Promise<McpCatalogTool[]>;
70
+ callTool(name: string, args: unknown): Promise<McpToolCallResult>;
71
+ }
72
+ interface CreateMcpProviderOptions {
73
+ /** Provider id, unique within the hub (e.g. `mcp:linear`). */
74
+ id: string;
75
+ server: McpServerConfig;
76
+ connectorId: string;
77
+ connectorTitle: string;
78
+ category?: IntegrationConnectorCategory;
79
+ scopes?: string[];
80
+ dataClass?: IntegrationDataClass;
81
+ /** Risk for tools whose annotations/name don't classify them. Defaults to
82
+ * 'write' (⇒ approvalRequired) — fail-closed. */
83
+ defaultRisk?: IntegrationActionRisk;
84
+ }
85
+ /** Discover a live MCP server's tools as an {@link IntegrationConnector}. */
86
+ declare function discoverMcpConnector(client: McpHttpClient, options: CreateMcpProviderOptions): Promise<IntegrationConnector>;
87
+ /**
88
+ * Build an {@link IntegrationProvider} over one remote MCP server: live
89
+ * `tools/list` discovery at construction, `tools/call` on invoke. A tool
90
+ * result with `isError` maps to `{ ok: false }` (the model sees the failure
91
+ * content); transport and JSON-RPC failures throw {@link IntegrationError}.
92
+ */
93
+ declare function createMcpProvider(options: CreateMcpProviderOptions): Promise<IntegrationProvider>;
94
+
95
+ export { type CreateMcpProviderOptions, MCP_PROTOCOL_VERSION, McpHttpClient, type McpServerConfig, type McpToolCallResult, createMcpProvider, discoverMcpConnector };
package/dist/mcp.js ADDED
@@ -0,0 +1,166 @@
1
+ import {
2
+ IntegrationError,
3
+ createCatalogExecutorProvider,
4
+ importMcpConnector
5
+ } from "./chunk-ZVGYRP2O.js";
6
+ import "./chunk-D57YS6XC.js";
7
+ import "./chunk-CR35IEKW.js";
8
+ import "./chunk-H4XYLS7T.js";
9
+ import "./chunk-O553GSCX.js";
10
+ import "./chunk-53NQJZAT.js";
11
+ import "./chunk-7P2LN4VT.js";
12
+ import "./chunk-376UBTNB.js";
13
+ import "./chunk-6W72E2KN.js";
14
+ import "./chunk-2TW2QKGZ.js";
15
+ import "./chunk-ZDK7Y4QG.js";
16
+ import "./chunk-PZ5AY32C.js";
17
+
18
+ // src/mcp.ts
19
+ var MCP_PROTOCOL_VERSION = "2025-06-18";
20
+ var McpHttpClient = class {
21
+ constructor(config) {
22
+ this.config = config;
23
+ }
24
+ config;
25
+ nextId = 1;
26
+ sessionId;
27
+ negotiatedVersion;
28
+ initializing;
29
+ get fetchImpl() {
30
+ return this.config.fetchImpl ?? fetch;
31
+ }
32
+ async post(body) {
33
+ const headers = {
34
+ "Content-Type": "application/json",
35
+ Accept: "application/json, text/event-stream",
36
+ ...this.config.headers ?? {}
37
+ };
38
+ const version = this.negotiatedVersion ?? this.config.protocolVersion ?? MCP_PROTOCOL_VERSION;
39
+ headers["MCP-Protocol-Version"] = version;
40
+ if (this.sessionId) headers["Mcp-Session-Id"] = this.sessionId;
41
+ let response;
42
+ try {
43
+ response = await this.fetchImpl(this.config.url, {
44
+ method: "POST",
45
+ headers,
46
+ body: JSON.stringify(body)
47
+ });
48
+ } catch (error) {
49
+ throw new IntegrationError(
50
+ `MCP server unreachable: ${error instanceof Error ? error.message : String(error)}`,
51
+ "provider_failure"
52
+ );
53
+ }
54
+ const session = response.headers.get("mcp-session-id");
55
+ if (session) this.sessionId = session;
56
+ if (!response.ok) {
57
+ throw new IntegrationError(`MCP server returned HTTP ${response.status}`, "provider_failure");
58
+ }
59
+ if (body.id === void 0) return void 0;
60
+ const contentType = response.headers.get("content-type") ?? "";
61
+ const text = await response.text();
62
+ const message = contentType.includes("text/event-stream") ? findSseResponse(text, body.id) : JSON.parse(text);
63
+ if (!message) {
64
+ throw new IntegrationError("MCP server response missing a result for the request", "provider_failure");
65
+ }
66
+ if (message.error) {
67
+ throw new IntegrationError(`MCP error ${message.error.code}: ${message.error.message}`, "provider_failure");
68
+ }
69
+ return message;
70
+ }
71
+ async request(method, params) {
72
+ const response = await this.post({ jsonrpc: "2.0", id: this.nextId++, method, ...params ? { params } : {} });
73
+ return response?.result;
74
+ }
75
+ /** Idempotent handshake; concurrent callers share one in-flight init. */
76
+ async initialize() {
77
+ if (this.negotiatedVersion) return;
78
+ this.initializing ??= (async () => {
79
+ const result = await this.request("initialize", {
80
+ protocolVersion: this.config.protocolVersion ?? MCP_PROTOCOL_VERSION,
81
+ capabilities: {},
82
+ clientInfo: this.config.clientInfo ?? { name: "tangle-agent-integrations", version: "1" }
83
+ });
84
+ this.negotiatedVersion = result?.protocolVersion ?? this.config.protocolVersion ?? MCP_PROTOCOL_VERSION;
85
+ await this.post({ jsonrpc: "2.0", method: "notifications/initialized" });
86
+ })().catch((error) => {
87
+ this.initializing = void 0;
88
+ throw error;
89
+ });
90
+ await this.initializing;
91
+ }
92
+ /** Full tool catalog, following `nextCursor` pagination. */
93
+ async listTools() {
94
+ await this.initialize();
95
+ const tools = [];
96
+ let cursor;
97
+ do {
98
+ const result = await this.request("tools/list", cursor ? { cursor } : {});
99
+ tools.push(...result?.tools ?? []);
100
+ cursor = result?.nextCursor;
101
+ } while (cursor);
102
+ return tools;
103
+ }
104
+ async callTool(name, args) {
105
+ await this.initialize();
106
+ const result = await this.request("tools/call", { name, arguments: args ?? {} });
107
+ return {
108
+ content: result?.content ?? [],
109
+ isError: result?.isError === true,
110
+ structured: result?.structuredContent
111
+ };
112
+ }
113
+ };
114
+ async function discoverMcpConnector(client, options) {
115
+ const tools = await client.listTools();
116
+ return importMcpConnector(
117
+ { tools },
118
+ {
119
+ providerId: options.id,
120
+ connectorId: options.connectorId,
121
+ connectorTitle: options.connectorTitle,
122
+ category: options.category,
123
+ auth: "custom",
124
+ scopes: options.scopes,
125
+ dataClass: options.dataClass,
126
+ defaultRisk: options.defaultRisk ?? "write"
127
+ }
128
+ );
129
+ }
130
+ async function createMcpProvider(options) {
131
+ const client = new McpHttpClient(options.server);
132
+ const connector = await discoverMcpConnector(client, options);
133
+ return createCatalogExecutorProvider({
134
+ id: options.id,
135
+ kind: "mcp",
136
+ connectors: [connector],
137
+ async executeAction({ request, action }) {
138
+ const result = await client.callTool(action.id, request.input);
139
+ return {
140
+ ok: !result.isError,
141
+ action: action.id,
142
+ output: result.structured ?? result.content,
143
+ metadata: { mcp: true, ...result.isError ? { isError: true } : {} }
144
+ };
145
+ }
146
+ });
147
+ }
148
+ function findSseResponse(body, id) {
149
+ for (const event of body.split(/\n\n/)) {
150
+ const data = event.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice(5).trim()).join("");
151
+ if (!data) continue;
152
+ try {
153
+ const parsed = JSON.parse(data);
154
+ if (parsed.id === id) return parsed;
155
+ } catch {
156
+ }
157
+ }
158
+ return void 0;
159
+ }
160
+ export {
161
+ MCP_PROTOCOL_VERSION,
162
+ McpHttpClient,
163
+ createMcpProvider,
164
+ discoverMcpConnector
165
+ };
166
+ //# sourceMappingURL=mcp.js.map
package/dist/mcp.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/mcp.ts"],"sourcesContent":["/**\n * Live MCP connector — attach a remote MCP (Model Context Protocol) server\n * as an {@link IntegrationProvider}, so its tools flow through the same\n * catalog / grants / approvals machinery as every other connector instead of\n * forming a parallel, ungoverned tool path.\n *\n * Transport is Streamable HTTP only (single POST endpoint, JSON or SSE\n * response framing) — this package runs in edge workers, so stdio servers are\n * out of scope; front them with any HTTP-bridging MCP host.\n *\n * Discovery reuses {@link importMcpConnector}: `tools/list` output becomes an\n * `IntegrationConnector` whose per-action risk comes from MCP tool\n * annotations (readOnlyHint / destructiveHint) with a text-heuristic\n * fallback, so non-read MCP tools default to `approvalRequired` — fail-closed\n * against servers that don't annotate.\n *\n * Credentials: the server's auth header is supplied at construction by the\n * product (which owns secret storage) and held in memory only. Connection\n * rows carry no MCP secrets.\n */\n\nimport { IntegrationError } from './core-error.js'\nimport type {\n IntegrationActionResult,\n IntegrationActionRisk,\n IntegrationConnector,\n IntegrationConnectorCategory,\n IntegrationDataClass,\n IntegrationProvider,\n} from './core-types.js'\nimport { createCatalogExecutorProvider } from './catalog-executor.js'\nimport { importMcpConnector, type McpCatalogTool } from './importers.js'\n\n/** Protocol revision sent on `initialize` and the `MCP-Protocol-Version`\n * header. Servers negotiate down from this. */\nexport const MCP_PROTOCOL_VERSION = '2025-06-18'\n\nexport interface McpServerConfig {\n /** The server's single Streamable-HTTP endpoint. */\n url: string\n /** Static request headers — typically `{ Authorization: 'Bearer …' }`.\n * Held in memory only; never persisted by this module. */\n headers?: Record<string, string>\n protocolVersion?: string\n clientInfo?: { name: string; version: string }\n /** Injectable for tests / custom egress policies (SSRF pinning). */\n fetchImpl?: typeof fetch\n}\n\nexport interface McpToolCallResult {\n /** MCP content blocks (text, image, resource, …) verbatim. */\n content: unknown[]\n isError: boolean\n /** `structuredContent` from servers that return it. */\n structured?: unknown\n}\n\ninterface JsonRpcResponse {\n jsonrpc: '2.0'\n id?: number | string | null\n result?: unknown\n error?: { code: number; message: string; data?: unknown }\n}\n\n/**\n * Minimal Streamable-HTTP MCP client: `initialize` handshake (capturing the\n * server's `Mcp-Session-Id`), paginated `tools/list`, and `tools/call`.\n * Lazily initializes on first use; safe to share across calls within an\n * isolate.\n */\nexport class McpHttpClient {\n private nextId = 1\n private sessionId: string | undefined\n private negotiatedVersion: string | undefined\n private initializing: Promise<void> | undefined\n\n constructor(private readonly config: McpServerConfig) {}\n\n private get fetchImpl(): typeof fetch {\n return this.config.fetchImpl ?? fetch\n }\n\n private async post(body: Record<string, unknown>): Promise<JsonRpcResponse | undefined> {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n Accept: 'application/json, text/event-stream',\n ...(this.config.headers ?? {}),\n }\n const version = this.negotiatedVersion ?? this.config.protocolVersion ?? MCP_PROTOCOL_VERSION\n headers['MCP-Protocol-Version'] = version\n if (this.sessionId) headers['Mcp-Session-Id'] = this.sessionId\n\n let response: Response\n try {\n response = await this.fetchImpl(this.config.url, {\n method: 'POST',\n headers,\n body: JSON.stringify(body),\n })\n } catch (error) {\n throw new IntegrationError(\n `MCP server unreachable: ${error instanceof Error ? error.message : String(error)}`,\n 'provider_failure',\n )\n }\n const session = response.headers.get('mcp-session-id')\n if (session) this.sessionId = session\n\n if (!response.ok) {\n throw new IntegrationError(`MCP server returned HTTP ${response.status}`, 'provider_failure')\n }\n // Notifications get 202/204 with no body.\n if (body.id === undefined) return undefined\n const contentType = response.headers.get('content-type') ?? ''\n const text = await response.text()\n const message = contentType.includes('text/event-stream')\n ? findSseResponse(text, body.id as number)\n : (JSON.parse(text) as JsonRpcResponse)\n if (!message) {\n throw new IntegrationError('MCP server response missing a result for the request', 'provider_failure')\n }\n if (message.error) {\n throw new IntegrationError(`MCP error ${message.error.code}: ${message.error.message}`, 'provider_failure')\n }\n return message\n }\n\n private async request(method: string, params?: Record<string, unknown>): Promise<unknown> {\n const response = await this.post({ jsonrpc: '2.0', id: this.nextId++, method, ...(params ? { params } : {}) })\n return response?.result\n }\n\n /** Idempotent handshake; concurrent callers share one in-flight init. */\n async initialize(): Promise<void> {\n if (this.negotiatedVersion) return\n this.initializing ??= (async () => {\n const result = (await this.request('initialize', {\n protocolVersion: this.config.protocolVersion ?? MCP_PROTOCOL_VERSION,\n capabilities: {},\n clientInfo: this.config.clientInfo ?? { name: 'tangle-agent-integrations', version: '1' },\n })) as { protocolVersion?: string } | undefined\n this.negotiatedVersion = result?.protocolVersion ?? this.config.protocolVersion ?? MCP_PROTOCOL_VERSION\n await this.post({ jsonrpc: '2.0', method: 'notifications/initialized' })\n })().catch((error) => {\n this.initializing = undefined\n throw error\n })\n await this.initializing\n }\n\n /** Full tool catalog, following `nextCursor` pagination. */\n async listTools(): Promise<McpCatalogTool[]> {\n await this.initialize()\n const tools: McpCatalogTool[] = []\n let cursor: string | undefined\n do {\n const result = (await this.request('tools/list', cursor ? { cursor } : {})) as\n | { tools?: McpCatalogTool[]; nextCursor?: string }\n | undefined\n tools.push(...(result?.tools ?? []))\n cursor = result?.nextCursor\n } while (cursor)\n return tools\n }\n\n async callTool(name: string, args: unknown): Promise<McpToolCallResult> {\n await this.initialize()\n const result = (await this.request('tools/call', { name, arguments: args ?? {} })) as\n | { content?: unknown[]; isError?: boolean; structuredContent?: unknown }\n | undefined\n return {\n content: result?.content ?? [],\n isError: result?.isError === true,\n structured: result?.structuredContent,\n }\n }\n}\n\nexport interface CreateMcpProviderOptions {\n /** Provider id, unique within the hub (e.g. `mcp:linear`). */\n id: string\n server: McpServerConfig\n connectorId: string\n connectorTitle: string\n category?: IntegrationConnectorCategory\n scopes?: string[]\n dataClass?: IntegrationDataClass\n /** Risk for tools whose annotations/name don't classify them. Defaults to\n * 'write' (⇒ approvalRequired) — fail-closed. */\n defaultRisk?: IntegrationActionRisk\n}\n\n/** Discover a live MCP server's tools as an {@link IntegrationConnector}. */\nexport async function discoverMcpConnector(\n client: McpHttpClient,\n options: CreateMcpProviderOptions,\n): Promise<IntegrationConnector> {\n const tools = await client.listTools()\n return importMcpConnector(\n { tools },\n {\n providerId: options.id,\n connectorId: options.connectorId,\n connectorTitle: options.connectorTitle,\n category: options.category,\n auth: 'custom',\n scopes: options.scopes,\n dataClass: options.dataClass,\n defaultRisk: options.defaultRisk ?? 'write',\n },\n )\n}\n\n/**\n * Build an {@link IntegrationProvider} over one remote MCP server: live\n * `tools/list` discovery at construction, `tools/call` on invoke. A tool\n * result with `isError` maps to `{ ok: false }` (the model sees the failure\n * content); transport and JSON-RPC failures throw {@link IntegrationError}.\n */\nexport async function createMcpProvider(options: CreateMcpProviderOptions): Promise<IntegrationProvider> {\n const client = new McpHttpClient(options.server)\n const connector = await discoverMcpConnector(client, options)\n return createCatalogExecutorProvider({\n id: options.id,\n kind: 'mcp',\n connectors: [connector],\n async executeAction({ request, action }): Promise<IntegrationActionResult> {\n const result = await client.callTool(action.id, request.input)\n return {\n ok: !result.isError,\n action: action.id,\n output: result.structured ?? result.content,\n metadata: { mcp: true, ...(result.isError ? { isError: true } : {}) },\n }\n },\n })\n}\n\nfunction findSseResponse(body: string, id: number): JsonRpcResponse | undefined {\n for (const event of body.split(/\\n\\n/)) {\n const data = event\n .split('\\n')\n .filter((line) => line.startsWith('data:'))\n .map((line) => line.slice(5).trim())\n .join('')\n if (!data) continue\n try {\n const parsed = JSON.parse(data) as JsonRpcResponse\n if (parsed.id === id) return parsed\n } catch {\n // non-JSON SSE frame (keepalive/comment) — skip\n }\n }\n return undefined\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAmCO,IAAM,uBAAuB;AAmC7B,IAAM,gBAAN,MAAoB;AAAA,EAMzB,YAA6B,QAAyB;AAAzB;AAAA,EAA0B;AAAA,EAA1B;AAAA,EALrB,SAAS;AAAA,EACT;AAAA,EACA;AAAA,EACA;AAAA,EAIR,IAAY,YAA0B;AACpC,WAAO,KAAK,OAAO,aAAa;AAAA,EAClC;AAAA,EAEA,MAAc,KAAK,MAAqE;AACtF,UAAM,UAAkC;AAAA,MACtC,gBAAgB;AAAA,MAChB,QAAQ;AAAA,MACR,GAAI,KAAK,OAAO,WAAW,CAAC;AAAA,IAC9B;AACA,UAAM,UAAU,KAAK,qBAAqB,KAAK,OAAO,mBAAmB;AACzE,YAAQ,sBAAsB,IAAI;AAClC,QAAI,KAAK,UAAW,SAAQ,gBAAgB,IAAI,KAAK;AAErD,QAAI;AACJ,QAAI;AACF,iBAAW,MAAM,KAAK,UAAU,KAAK,OAAO,KAAK;AAAA,QAC/C,QAAQ;AAAA,QACR;AAAA,QACA,MAAM,KAAK,UAAU,IAAI;AAAA,MAC3B,CAAC;AAAA,IACH,SAAS,OAAO;AACd,YAAM,IAAI;AAAA,QACR,2BAA2B,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK,CAAC;AAAA,QACjF;AAAA,MACF;AAAA,IACF;AACA,UAAM,UAAU,SAAS,QAAQ,IAAI,gBAAgB;AACrD,QAAI,QAAS,MAAK,YAAY;AAE9B,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,iBAAiB,4BAA4B,SAAS,MAAM,IAAI,kBAAkB;AAAA,IAC9F;AAEA,QAAI,KAAK,OAAO,OAAW,QAAO;AAClC,UAAM,cAAc,SAAS,QAAQ,IAAI,cAAc,KAAK;AAC5D,UAAM,OAAO,MAAM,SAAS,KAAK;AACjC,UAAM,UAAU,YAAY,SAAS,mBAAmB,IACpD,gBAAgB,MAAM,KAAK,EAAY,IACtC,KAAK,MAAM,IAAI;AACpB,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI,iBAAiB,wDAAwD,kBAAkB;AAAA,IACvG;AACA,QAAI,QAAQ,OAAO;AACjB,YAAM,IAAI,iBAAiB,aAAa,QAAQ,MAAM,IAAI,KAAK,QAAQ,MAAM,OAAO,IAAI,kBAAkB;AAAA,IAC5G;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAc,QAAQ,QAAgB,QAAoD;AACxF,UAAM,WAAW,MAAM,KAAK,KAAK,EAAE,SAAS,OAAO,IAAI,KAAK,UAAU,QAAQ,GAAI,SAAS,EAAE,OAAO,IAAI,CAAC,EAAG,CAAC;AAC7G,WAAO,UAAU;AAAA,EACnB;AAAA;AAAA,EAGA,MAAM,aAA4B;AAChC,QAAI,KAAK,kBAAmB;AAC5B,SAAK,kBAAkB,YAAY;AACjC,YAAM,SAAU,MAAM,KAAK,QAAQ,cAAc;AAAA,QAC/C,iBAAiB,KAAK,OAAO,mBAAmB;AAAA,QAChD,cAAc,CAAC;AAAA,QACf,YAAY,KAAK,OAAO,cAAc,EAAE,MAAM,6BAA6B,SAAS,IAAI;AAAA,MAC1F,CAAC;AACD,WAAK,oBAAoB,QAAQ,mBAAmB,KAAK,OAAO,mBAAmB;AACnF,YAAM,KAAK,KAAK,EAAE,SAAS,OAAO,QAAQ,4BAA4B,CAAC;AAAA,IACzE,GAAG,EAAE,MAAM,CAAC,UAAU;AACpB,WAAK,eAAe;AACpB,YAAM;AAAA,IACR,CAAC;AACD,UAAM,KAAK;AAAA,EACb;AAAA;AAAA,EAGA,MAAM,YAAuC;AAC3C,UAAM,KAAK,WAAW;AACtB,UAAM,QAA0B,CAAC;AACjC,QAAI;AACJ,OAAG;AACD,YAAM,SAAU,MAAM,KAAK,QAAQ,cAAc,SAAS,EAAE,OAAO,IAAI,CAAC,CAAC;AAGzE,YAAM,KAAK,GAAI,QAAQ,SAAS,CAAC,CAAE;AACnC,eAAS,QAAQ;AAAA,IACnB,SAAS;AACT,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,MAAc,MAA2C;AACtE,UAAM,KAAK,WAAW;AACtB,UAAM,SAAU,MAAM,KAAK,QAAQ,cAAc,EAAE,MAAM,WAAW,QAAQ,CAAC,EAAE,CAAC;AAGhF,WAAO;AAAA,MACL,SAAS,QAAQ,WAAW,CAAC;AAAA,MAC7B,SAAS,QAAQ,YAAY;AAAA,MAC7B,YAAY,QAAQ;AAAA,IACtB;AAAA,EACF;AACF;AAiBA,eAAsB,qBACpB,QACA,SAC+B;AAC/B,QAAM,QAAQ,MAAM,OAAO,UAAU;AACrC,SAAO;AAAA,IACL,EAAE,MAAM;AAAA,IACR;AAAA,MACE,YAAY,QAAQ;AAAA,MACpB,aAAa,QAAQ;AAAA,MACrB,gBAAgB,QAAQ;AAAA,MACxB,UAAU,QAAQ;AAAA,MAClB,MAAM;AAAA,MACN,QAAQ,QAAQ;AAAA,MAChB,WAAW,QAAQ;AAAA,MACnB,aAAa,QAAQ,eAAe;AAAA,IACtC;AAAA,EACF;AACF;AAQA,eAAsB,kBAAkB,SAAiE;AACvG,QAAM,SAAS,IAAI,cAAc,QAAQ,MAAM;AAC/C,QAAM,YAAY,MAAM,qBAAqB,QAAQ,OAAO;AAC5D,SAAO,8BAA8B;AAAA,IACnC,IAAI,QAAQ;AAAA,IACZ,MAAM;AAAA,IACN,YAAY,CAAC,SAAS;AAAA,IACtB,MAAM,cAAc,EAAE,SAAS,OAAO,GAAqC;AACzE,YAAM,SAAS,MAAM,OAAO,SAAS,OAAO,IAAI,QAAQ,KAAK;AAC7D,aAAO;AAAA,QACL,IAAI,CAAC,OAAO;AAAA,QACZ,QAAQ,OAAO;AAAA,QACf,QAAQ,OAAO,cAAc,OAAO;AAAA,QACpC,UAAU,EAAE,KAAK,MAAM,GAAI,OAAO,UAAU,EAAE,SAAS,KAAK,IAAI,CAAC,EAAG;AAAA,MACtE;AAAA,IACF;AAAA,EACF,CAAC;AACH;AAEA,SAAS,gBAAgB,MAAc,IAAyC;AAC9E,aAAW,SAAS,KAAK,MAAM,MAAM,GAAG;AACtC,UAAM,OAAO,MACV,MAAM,IAAI,EACV,OAAO,CAAC,SAAS,KAAK,WAAW,OAAO,CAAC,EACzC,IAAI,CAAC,SAAS,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC,EAClC,KAAK,EAAE;AACV,QAAI,CAAC,KAAM;AACX,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,IAAI;AAC9B,UAAI,OAAO,OAAO,GAAI,QAAO;AAAA,IAC/B,QAAQ;AAAA,IAER;AAAA,EACF;AACA,SAAO;AACT;","names":[]}
package/dist/registry.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { b as IntegrationConnector, h as IntegrationCatalogSource } from './core-types-CjWifQOf.js';
1
+ import { b as IntegrationConnector, h as IntegrationCatalogSource } from './core-types-D4MGC44S.js';
2
2
  import './types-Bxg-wJkW.js';
3
3
 
4
4
  type IntegrationSupportTier = 'catalogOnly' | 'setupReady' | 'gatewayExecutable' | 'firstPartyExecutable' | 'sandboxExecutable';
package/dist/runtime.d.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { IntegrationToolDefinition } from './catalog.js';
2
2
  import { IntegrationRegistryEntry, IntegrationRegistry } from './registry.js';
3
- import { I as IntegrationActor, a as IssuedIntegrationCapability, b as IntegrationConnector, c as IntegrationConnection } from './core-types-CjWifQOf.js';
3
+ import { I as IntegrationActor, a as IssuedIntegrationCapability, b as IntegrationConnector, c as IntegrationConnection } from './core-types-D4MGC44S.js';
4
4
  import './types-Bxg-wJkW.js';
5
5
 
6
6
  type IntegrationRequirementMode = 'read' | 'write' | 'trigger';
package/dist/specs.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { f as IntegrationActionRisk, g as IntegrationDataClass, d as IntegrationConnectorCategory, e as IntegrationConnectorAction, G as IntegrationConnectorTrigger, b as IntegrationConnector } from './core-types-CjWifQOf.js';
1
+ import { f as IntegrationActionRisk, g as IntegrationDataClass, d as IntegrationConnectorCategory, e as IntegrationConnectorAction, G as IntegrationConnectorTrigger, b as IntegrationConnector } from './core-types-D4MGC44S.js';
2
2
  import './types-Bxg-wJkW.js';
3
3
 
4
4
  type IntegrationAuthMode = 'oauth2' | 'api_key' | 'hmac' | 'none' | 'custom';
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@tangle-network/agent-integrations",
3
- "version": "0.34.0",
3
+ "version": "0.36.0",
4
4
  "description": "Vendor-neutral integration contracts and runtime helpers for sandbox and agent apps.",
5
5
  "homepage": "https://github.com/tangle-network/agent-integrations#readme",
6
6
  "repository": {
@@ -54,6 +54,11 @@
54
54
  "import": "./dist/webhooks/index.js",
55
55
  "default": "./dist/webhooks/index.js"
56
56
  },
57
+ "./delegated-tools": {
58
+ "types": "./dist/delegated-tools/index.d.ts",
59
+ "import": "./dist/delegated-tools/index.js",
60
+ "default": "./dist/delegated-tools/index.js"
61
+ },
57
62
  "./registry": {
58
63
  "types": "./dist/registry.d.ts",
59
64
  "import": "./dist/registry.js",
@@ -78,6 +83,11 @@
78
83
  "types": "./dist/coverage-catalog.d.ts",
79
84
  "import": "./dist/coverage-catalog.js",
80
85
  "default": "./dist/coverage-catalog.js"
86
+ },
87
+ "./mcp": {
88
+ "types": "./dist/mcp.d.ts",
89
+ "import": "./dist/mcp.js",
90
+ "default": "./dist/mcp.js"
81
91
  }
82
92
  },
83
93
  "files": [