npm - @tanstack/ai-isolate-cloudflare - Versions diffs - 0.1.0 - Mend

@tanstack/ai-isolate-cloudflare 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

package/README.md +118 -0
package/dist/esm/index.d.ts +19 -0
package/dist/esm/index.js +5 -0
package/dist/esm/index.js.map +1 -0
package/dist/esm/isolate-driver.d.ts +72 -0
package/dist/esm/isolate-driver.js +174 -0
package/dist/esm/isolate-driver.js.map +1 -0
package/dist/esm/types.d.ts +72 -0
package/dist/esm/worker/index.d.ts +35 -0
package/dist/esm/worker/index.js +132 -0
package/dist/esm/worker/index.js.map +1 -0
package/dist/esm/worker/wrap-code.d.ts +13 -0
package/dist/esm/worker/wrap-code.js +102 -0
package/dist/esm/worker/wrap-code.js.map +1 -0
package/package.json +69 -0
package/src/index.ts +30 -0
package/src/isolate-driver.ts +310 -0
package/src/types.ts +80 -0
package/src/worker/index.ts +207 -0
package/src/worker/wrap-code.ts +125 -0
package/wrangler.toml +31 -0

package/README.md ADDED Viewed

@@ -0,0 +1,118 @@
+# @tanstack/ai-isolate-cloudflare
+Cloudflare Workers driver for TanStack AI Code Mode.
+This package runs generated JavaScript in a Worker and keeps `external_*` tool execution on your host process through a request/response loop.
+## Installation
+```bash
+pnpm add @tanstack/ai-isolate-cloudflare
+```
+## Environment Guidance (Conservative)
+- **Local development:** supported with the package's Miniflare dev server (`pnpm dev:worker`)
+- **Remote dev:** supported with `wrangler dev --remote`
+- **Production:** evaluate carefully before rollout; dynamic code execution with `unsafe_eval` has platform/security constraints and is often treated as an advanced or enterprise setup
+If you need a fully local setup without Cloudflare constraints, prefer `@tanstack/ai-isolate-node` or `@tanstack/ai-isolate-quickjs`.
+## Quick Start
+```typescript
+import { chat, toolDefinition } from '@tanstack/ai'
+import { createCodeMode } from '@tanstack/ai-code-mode'
+import { createCloudflareIsolateDriver } from '@tanstack/ai-isolate-cloudflare'
+import { z } from 'zod'
+const fetchWeather = toolDefinition({
+  name: 'fetchWeather',
+  description: 'Get weather for a city',
+  inputSchema: z.object({ location: z.string() }),
+  outputSchema: z.object({
+    temperature: z.number(),
+    condition: z.string(),
+  }),
+}).server(async ({ location }) => {
+  return { temperature: 72, condition: `sunny in ${location}` }
+})
+const driver = createCloudflareIsolateDriver({
+  workerUrl: 'http://localhost:8787', // local dev server URL
+  authorization: 'Bearer your-secret-token', // optional
+})
+const { tool, systemPrompt } = createCodeMode({
+  driver,
+  tools: [fetchWeather],
+  timeout: 30_000,
+})
+const result = await chat({
+  adapter: yourTextAdapter,
+  model: 'gpt-4o-mini',
+  systemPrompts: ['You are a helpful assistant.', systemPrompt],
+  tools: [tool],
+  messages: [{ role: 'user', content: 'Compare weather in Tokyo and Paris' }],
+})
+```
+## Worker Setup
+### Option 1: Local Miniflare server
+From this package directory:
+```bash
+pnpm dev:worker
+```
+This starts a local Worker endpoint (default `http://localhost:8787`) with `UNSAFE_EVAL` configured for local testing.
+### Option 2: Wrangler remote dev
+```bash
+wrangler dev --remote
+```
+This runs through Cloudflare's network and can be useful when validating behavior against the hosted runtime.
+## API
+### `createCloudflareIsolateDriver(config)`
+Creates a driver that delegates code execution to a Worker endpoint.
+- `workerUrl` (required): URL of the Worker endpoint
+- `authorization` (optional): value sent as `Authorization` header
+- `timeout` (optional): request timeout in ms (default: `30000`)
+- `maxToolRounds` (optional): max Worker <-> host tool callback rounds (default: `10`)
+## Worker Entry Export
+The package also exports a Worker entrypoint:
+```typescript
+import worker from '@tanstack/ai-isolate-cloudflare/worker'
+```
+Use this when you want to bundle or compose the provided worker logic in your own Worker project.
+## Security Notes
+- Protect the worker endpoint if it is reachable outside trusted infrastructure.
+- Validate auth headers server-side if you set `authorization` in the driver.
+- Add rate limiting and request monitoring for untrusted traffic.
+- Treat generated code execution as a high-risk surface; keep strict input and network boundaries.
+## Architecture
+```
+Host Driver                   Cloudflare Worker
+-----------                   ------------------
+1) send code + tool schemas -> execute until tool call or completion
+2) receive tool requests    <- need_tools payload
+3) execute tools locally    -> send toolResults
+4) receive final result     <- success/error payload
+```

package/dist/esm/index.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+/**
+ * @tanstack/ai-isolate-cloudflare
+ *
+ * Cloudflare Workers driver for TanStack AI Code Mode.
+ * Execute LLM-generated code on Cloudflare's global edge network.
+ *
+ * @example
+ * ```typescript
+ * import { createCloudflareIsolateDriver } from '@tanstack/ai-isolate-cloudflare'
+ *
+ * const driver = createCloudflareIsolateDriver({
+ *   workerUrl: 'https://your-worker.workers.dev',
+ * })
+ * ```
+ *
+ * @packageDocumentation
+ */
+export { createCloudflareIsolateDriver, type CloudflareIsolateDriverConfig, } from './isolate-driver.js';
+export type { ExecuteRequest, ExecuteResponse, ToolSchema, ToolCallRequest, ToolResultPayload, } from './types.js';

package/dist/esm/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+import { createCloudflareIsolateDriver } from "./isolate-driver.js";
+export {
+  createCloudflareIsolateDriver
+};
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";"}

package/dist/esm/isolate-driver.d.ts ADDED Viewed

@@ -0,0 +1,72 @@
+import { IsolateDriver } from '@tanstack/ai-code-mode';
+/**
+ * Configuration for the Cloudflare Workers isolate driver
+ */
+export interface CloudflareIsolateDriverConfig {
+    /**
+     * URL of the deployed Cloudflare Worker
+     * For local development, use: http://localhost:8787
+     */
+    workerUrl: string;
+    /**
+     * Optional authorization header value
+     * Useful for protecting your Worker endpoint
+     */
+    authorization?: string;
+    /**
+     * Default execution timeout in ms (default: 30000)
+     */
+    timeout?: number;
+    /**
+     * Maximum number of tool callback rounds (default: 10)
+     * Prevents infinite loops
+     */
+    maxToolRounds?: number;
+}
+/**
+ * Create a Cloudflare Workers isolate driver
+ *
+ * This driver executes code on Cloudflare's global edge network,
+ * providing true distributed execution capabilities.
+ *
+ * Tool calls are handled via a request/response loop:
+ * 1. Code is sent to the Worker
+ * 2. Worker executes until it needs a tool
+ * 3. Tool call is returned to the driver
+ * 4. Driver executes the tool locally
+ * 5. Result is sent back to the Worker
+ * 6. Worker continues execution
+ *
+ * @example
+ * ```typescript
+ * import { createCloudflareIsolateDriver } from '@tanstack/ai-isolate-cloudflare'
+ *
+ * // For local development with wrangler
+ * const driver = createCloudflareIsolateDriver({
+ *   workerUrl: 'http://localhost:8787',
+ * })
+ *
+ * // For production
+ * const driver = createCloudflareIsolateDriver({
+ *   workerUrl: 'https://code-mode-worker.your-account.workers.dev',
+ *   authorization: 'Bearer your-secret-token',
+ * })
+ *
+ * const context = await driver.createContext({
+ *   bindings: {
+ *     readFile: {
+ *       name: 'readFile',
+ *       description: 'Read a file',
+ *       inputSchema: { type: 'object', properties: { path: { type: 'string' } } },
+ *       execute: async ({ path }) => fs.readFile(path, 'utf-8'),
+ *     },
+ *   },
+ * })
+ *
+ * const result = await context.execute(`
+ *   const content = await readFile({ path: './data.json' })
+ *   return JSON.parse(content)
+ * `)
+ * ```
+ */
+export declare function createCloudflareIsolateDriver(config: CloudflareIsolateDriverConfig): IsolateDriver;

package/dist/esm/isolate-driver.js ADDED Viewed

@@ -0,0 +1,174 @@
+function bindingsToSchemas(bindings) {
+  return Object.entries(bindings).map(([name, binding]) => ({
+    name,
+    description: binding.description,
+    inputSchema: binding.inputSchema
+  }));
+}
+function normalizeError(error) {
+  if (error instanceof Error) {
+    return { name: error.name, message: error.message };
+  }
+  if (typeof error === "object" && error !== null) {
+    const e = error;
+    return {
+      name: String(e.name || "Error"),
+      message: String(e.message || JSON.stringify(error))
+    };
+  }
+  return { name: "Error", message: String(error) };
+}
+class CloudflareIsolateContext {
+  workerUrl;
+  authorization;
+  timeout;
+  maxToolRounds;
+  bindings;
+  disposed = false;
+  constructor(workerUrl, bindings, timeout, maxToolRounds, authorization) {
+    this.workerUrl = workerUrl;
+    this.bindings = bindings;
+    this.timeout = timeout;
+    this.maxToolRounds = maxToolRounds;
+    this.authorization = authorization;
+  }
+  async execute(code) {
+    if (this.disposed) {
+      return {
+        success: false,
+        error: {
+          name: "DisposedError",
+          message: "Context has been disposed"
+        },
+        logs: []
+      };
+    }
+    const tools = bindingsToSchemas(this.bindings);
+    let toolResults;
+    let allLogs = [];
+    let rounds = 0;
+    while (rounds < this.maxToolRounds) {
+      rounds++;
+      const request = {
+        code,
+        tools,
+        toolResults,
+        timeout: this.timeout
+      };
+      try {
+        const headers = {
+          "Content-Type": "application/json"
+        };
+        if (this.authorization) {
+          headers["Authorization"] = this.authorization;
+        }
+        const response = await fetch(this.workerUrl, {
+          method: "POST",
+          headers,
+          body: JSON.stringify(request)
+        });
+        if (!response.ok) {
+          const errorText = await response.text();
+          return {
+            success: false,
+            error: {
+              name: "WorkerError",
+              message: `Worker returned ${response.status}: ${errorText}`
+            },
+            logs: allLogs
+          };
+        }
+        const result = await response.json();
+        if (result.status === "error") {
+          return {
+            success: false,
+            error: result.error,
+            logs: allLogs
+          };
+        }
+        if (result.status === "done") {
+          allLogs = [...allLogs, ...result.logs];
+          return {
+            success: result.success,
+            value: result.value,
+            error: result.error,
+            logs: allLogs
+          };
+        }
+        allLogs = [...allLogs, ...result.logs];
+        toolResults = {};
+        for (const toolCall of result.toolCalls) {
+          const binding = this.bindings[toolCall.name];
+          if (!binding) {
+            toolResults[toolCall.id] = {
+              success: false,
+              error: `Unknown tool: ${toolCall.name}`
+            };
+            continue;
+          }
+          try {
+            const toolResult = await binding.execute(toolCall.args);
+            toolResults[toolCall.id] = {
+              success: true,
+              value: toolResult
+            };
+          } catch (toolError) {
+            const err = normalizeError(toolError);
+            toolResults[toolCall.id] = {
+              success: false,
+              error: err.message
+            };
+          }
+        }
+      } catch (fetchError) {
+        const err = normalizeError(fetchError);
+        return {
+          success: false,
+          error: {
+            name: "NetworkError",
+            message: `Failed to communicate with Worker: ${err.message}`
+          },
+          logs: allLogs
+        };
+      }
+    }
+    return {
+      success: false,
+      error: {
+        name: "MaxRoundsExceeded",
+        message: `Exceeded maximum tool callback rounds (${this.maxToolRounds})`
+      },
+      logs: allLogs
+    };
+  }
+  dispose() {
+    this.disposed = true;
+    return Promise.resolve();
+  }
+}
+function createCloudflareIsolateDriver(config) {
+  const {
+    workerUrl,
+    authorization,
+    timeout: defaultTimeout = 3e4,
+    maxToolRounds = 10
+  } = config;
+  return {
+    createContext(isolateConfig) {
+      const timeout = isolateConfig.timeout ?? defaultTimeout;
+      return Promise.resolve(
+        new CloudflareIsolateContext(
+          workerUrl,
+          isolateConfig.bindings,
+          timeout,
+          maxToolRounds,
+          authorization
+        )
+      );
+    }
+  };
+}
+export {
+  createCloudflareIsolateDriver
+};
+//# sourceMappingURL=isolate-driver.js.map

package/dist/esm/isolate-driver.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"isolate-driver.js","sources":["../../src/isolate-driver.ts"],"sourcesContent":["import type {\n ExecutionResult,\n IsolateConfig,\n IsolateContext,\n IsolateDriver,\n ToolBinding,\n} from '@tanstack/ai-code-mode'\nimport type {\n ExecuteRequest,\n ExecuteResponse,\n ToolResultPayload,\n ToolSchema,\n} from './types'\n\n/**\n * Configuration for the Cloudflare Workers isolate driver\n */\nexport interface CloudflareIsolateDriverConfig {\n /**\n * URL of the deployed Cloudflare Worker\n * For local development, use: http://localhost:8787\n */\n workerUrl: string\n\n /**\n * Optional authorization header value\n * Useful for protecting your Worker endpoint\n */\n authorization?: string\n\n /**\n * Default execution timeout in ms (default: 30000)\n */\n timeout?: number\n\n /**\n * Maximum number of tool callback rounds (default: 10)\n * Prevents infinite loops\n */\n maxToolRounds?: number\n}\n\n/**\n * Convert tool bindings to schemas for the Worker\n */\nfunction bindingsToSchemas(\n bindings: Record<string, ToolBinding>,\n): Array<ToolSchema> {\n return Object.entries(bindings).map(([name, binding]) => ({\n name,\n description: binding.description,\n inputSchema: binding.inputSchema,\n }))\n}\n\n/**\n * Normalize errors from various sources\n */\nfunction normalizeError(error: unknown): { name: string; message: string } {\n if (error instanceof Error) {\n return { name: error.name, message: error.message }\n }\n if (typeof error === 'object' && error !== null) {\n const e = error as Record<string, unknown>\n return {\n name: String(e.name || 'Error'),\n message: String(e.message || JSON.stringify(error)),\n }\n }\n return { name: 'Error', message: String(error) }\n}\n\n/**\n * IsolateContext implementation using Cloudflare Workers\n */\nclass CloudflareIsolateContext implements IsolateContext {\n private workerUrl: string\n private authorization?: string\n private timeout: number\n private maxToolRounds: number\n private bindings: Record<string, ToolBinding>\n private disposed = false\n\n constructor(\n workerUrl: string,\n bindings: Record<string, ToolBinding>,\n timeout: number,\n maxToolRounds: number,\n authorization?: string,\n ) {\n this.workerUrl = workerUrl\n this.bindings = bindings\n this.timeout = timeout\n this.maxToolRounds = maxToolRounds\n this.authorization = authorization\n }\n\n async execute<T = unknown>(code: string): Promise<ExecutionResult<T>> {\n if (this.disposed) {\n return {\n success: false,\n error: {\n name: 'DisposedError',\n message: 'Context has been disposed',\n },\n logs: [],\n }\n }\n\n const tools = bindingsToSchemas(this.bindings)\n let toolResults: Record<string, ToolResultPayload> | undefined\n let allLogs: Array<string> = []\n let rounds = 0\n\n // Request/response loop for tool callbacks\n while (rounds < this.maxToolRounds) {\n rounds++\n\n const request: ExecuteRequest = {\n code,\n tools,\n toolResults,\n timeout: this.timeout,\n }\n\n try {\n const headers: Record<string, string> = {\n 'Content-Type': 'application/json',\n }\n\n if (this.authorization) {\n headers['Authorization'] = this.authorization\n }\n\n const response = await fetch(this.workerUrl, {\n method: 'POST',\n headers,\n body: JSON.stringify(request),\n })\n\n if (!response.ok) {\n const errorText = await response.text()\n return {\n success: false,\n error: {\n name: 'WorkerError',\n message: `Worker returned ${response.status}: ${errorText}`,\n },\n logs: allLogs,\n }\n }\n\n const result: ExecuteResponse = await response.json()\n\n if (result.status === 'error') {\n return {\n success: false,\n error: result.error,\n logs: allLogs,\n }\n }\n\n if (result.status === 'done') {\n allLogs = [...allLogs, ...result.logs]\n return {\n success: result.success,\n value: result.value as T,\n error: result.error,\n logs: allLogs,\n }\n }\n\n // status === 'need_tools'\n // Collect logs from this round\n allLogs = [...allLogs, ...result.logs]\n\n // Execute tool calls locally\n toolResults = {}\n\n for (const toolCall of result.toolCalls) {\n const binding = this.bindings[toolCall.name] as\n | ToolBinding\n | undefined\n\n if (!binding) {\n toolResults[toolCall.id] = {\n success: false,\n error: `Unknown tool: ${toolCall.name}`,\n }\n continue\n }\n\n try {\n const toolResult = await binding.execute(toolCall.args)\n toolResults[toolCall.id] = {\n success: true,\n value: toolResult,\n }\n } catch (toolError) {\n const err = normalizeError(toolError)\n toolResults[toolCall.id] = {\n success: false,\n error: err.message,\n }\n }\n }\n\n // Continue loop to send results back to Worker\n } catch (fetchError) {\n const err = normalizeError(fetchError)\n return {\n success: false,\n error: {\n name: 'NetworkError',\n message: `Failed to communicate with Worker: ${err.message}`,\n },\n logs: allLogs,\n }\n }\n }\n\n // Max rounds exceeded\n return {\n success: false,\n error: {\n name: 'MaxRoundsExceeded',\n message: `Exceeded maximum tool callback rounds (${this.maxToolRounds})`,\n },\n logs: allLogs,\n }\n }\n\n dispose(): Promise<void> {\n this.disposed = true\n return Promise.resolve()\n }\n}\n\n/**\n * Create a Cloudflare Workers isolate driver\n *\n * This driver executes code on Cloudflare's global edge network,\n * providing true distributed execution capabilities.\n *\n * Tool calls are handled via a request/response loop:\n * 1. Code is sent to the Worker\n * 2. Worker executes until it needs a tool\n * 3. Tool call is returned to the driver\n * 4. Driver executes the tool locally\n * 5. Result is sent back to the Worker\n * 6. Worker continues execution\n *\n * @example\n * ```typescript\n * import { createCloudflareIsolateDriver } from '@tanstack/ai-isolate-cloudflare'\n *\n * // For local development with wrangler\n * const driver = createCloudflareIsolateDriver({\n * workerUrl: 'http://localhost:8787',\n * })\n *\n * // For production\n * const driver = createCloudflareIsolateDriver({\n * workerUrl: 'https://code-mode-worker.your-account.workers.dev',\n * authorization: 'Bearer your-secret-token',\n * })\n *\n * const context = await driver.createContext({\n * bindings: {\n * readFile: {\n * name: 'readFile',\n * description: 'Read a file',\n * inputSchema: { type: 'object', properties: { path: { type: 'string' } } },\n * execute: async ({ path }) => fs.readFile(path, 'utf-8'),\n * },\n * },\n * })\n *\n * const result = await context.execute(`\n * const content = await readFile({ path: './data.json' })\n * return JSON.parse(content)\n * `)\n * ```\n */\nexport function createCloudflareIsolateDriver(\n config: CloudflareIsolateDriverConfig,\n): IsolateDriver {\n const {\n workerUrl,\n authorization,\n timeout: defaultTimeout = 30000,\n maxToolRounds = 10,\n } = config\n\n return {\n createContext(isolateConfig: IsolateConfig): Promise<IsolateContext> {\n const timeout = isolateConfig.timeout ?? defaultTimeout\n\n return Promise.resolve(\n new CloudflareIsolateContext(\n workerUrl,\n isolateConfig.bindings,\n timeout,\n maxToolRounds,\n authorization,\n ),\n )\n },\n }\n}\n"],"names":[],"mappings":"AA6CA,SAAS,kBACP,UACmB;AACnB,SAAO,OAAO,QAAQ,QAAQ,EAAE,IAAI,CAAC,CAAC,MAAM,OAAO,OAAO;AAAA,IACxD;AAAA,IACA,aAAa,QAAQ;AAAA,IACrB,aAAa,QAAQ;AAAA,EAAA,EACrB;AACJ;AAKA,SAAS,eAAe,OAAmD;AACzE,MAAI,iBAAiB,OAAO;AAC1B,WAAO,EAAE,MAAM,MAAM,MAAM,SAAS,MAAM,QAAA;AAAA,EAC5C;AACA,MAAI,OAAO,UAAU,YAAY,UAAU,MAAM;AAC/C,UAAM,IAAI;AACV,WAAO;AAAA,MACL,MAAM,OAAO,EAAE,QAAQ,OAAO;AAAA,MAC9B,SAAS,OAAO,EAAE,WAAW,KAAK,UAAU,KAAK,CAAC;AAAA,IAAA;AAAA,EAEtD;AACA,SAAO,EAAE,MAAM,SAAS,SAAS,OAAO,KAAK,EAAA;AAC/C;AAKA,MAAM,yBAAmD;AAAA,EAC/C;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,WAAW;AAAA,EAEnB,YACE,WACA,UACA,SACA,eACA,eACA;AACA,SAAK,YAAY;AACjB,SAAK,WAAW;AAChB,SAAK,UAAU;AACf,SAAK,gBAAgB;AACrB,SAAK,gBAAgB;AAAA,EACvB;AAAA,EAEA,MAAM,QAAqB,MAA2C;AACpE,QAAI,KAAK,UAAU;AACjB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,OAAO;AAAA,UACL,MAAM;AAAA,UACN,SAAS;AAAA,QAAA;AAAA,QAEX,MAAM,CAAA;AAAA,MAAC;AAAA,IAEX;AAEA,UAAM,QAAQ,kBAAkB,KAAK,QAAQ;AAC7C,QAAI;AACJ,QAAI,UAAyB,CAAA;AAC7B,QAAI,SAAS;AAGb,WAAO,SAAS,KAAK,eAAe;AAClC;AAEA,YAAM,UAA0B;AAAA,QAC9B;AAAA,QACA;AAAA,QACA;AAAA,QACA,SAAS,KAAK;AAAA,MAAA;AAGhB,UAAI;AACF,cAAM,UAAkC;AAAA,UACtC,gBAAgB;AAAA,QAAA;AAGlB,YAAI,KAAK,eAAe;AACtB,kBAAQ,eAAe,IAAI,KAAK;AAAA,QAClC;AAEA,cAAM,WAAW,MAAM,MAAM,KAAK,WAAW;AAAA,UAC3C,QAAQ;AAAA,UACR;AAAA,UACA,MAAM,KAAK,UAAU,OAAO;AAAA,QAAA,CAC7B;AAED,YAAI,CAAC,SAAS,IAAI;AAChB,gBAAM,YAAY,MAAM,SAAS,KAAA;AACjC,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO;AAAA,cACL,MAAM;AAAA,cACN,SAAS,mBAAmB,SAAS,MAAM,KAAK,SAAS;AAAA,YAAA;AAAA,YAE3D,MAAM;AAAA,UAAA;AAAA,QAEV;AAEA,cAAM,SAA0B,MAAM,SAAS,KAAA;AAE/C,YAAI,OAAO,WAAW,SAAS;AAC7B,iBAAO;AAAA,YACL,SAAS;AAAA,YACT,OAAO,OAAO;AAAA,YACd,MAAM;AAAA,UAAA;AAAA,QAEV;AAEA,YAAI,OAAO,WAAW,QAAQ;AAC5B,oBAAU,CAAC,GAAG,SAAS,GAAG,OAAO,IAAI;AACrC,iBAAO;AAAA,YACL,SAAS,OAAO;AAAA,YAChB,OAAO,OAAO;AAAA,YACd,OAAO,OAAO;AAAA,YACd,MAAM;AAAA,UAAA;AAAA,QAEV;AAIA,kBAAU,CAAC,GAAG,SAAS,GAAG,OAAO,IAAI;AAGrC,sBAAc,CAAA;AAEd,mBAAW,YAAY,OAAO,WAAW;AACvC,gBAAM,UAAU,KAAK,SAAS,SAAS,IAAI;AAI3C,cAAI,CAAC,SAAS;AACZ,wBAAY,SAAS,EAAE,IAAI;AAAA,cACzB,SAAS;AAAA,cACT,OAAO,iBAAiB,SAAS,IAAI;AAAA,YAAA;AAEvC;AAAA,UACF;AAEA,cAAI;AACF,kBAAM,aAAa,MAAM,QAAQ,QAAQ,SAAS,IAAI;AACtD,wBAAY,SAAS,EAAE,IAAI;AAAA,cACzB,SAAS;AAAA,cACT,OAAO;AAAA,YAAA;AAAA,UAEX,SAAS,WAAW;AAClB,kBAAM,MAAM,eAAe,SAAS;AACpC,wBAAY,SAAS,EAAE,IAAI;AAAA,cACzB,SAAS;AAAA,cACT,OAAO,IAAI;AAAA,YAAA;AAAA,UAEf;AAAA,QACF;AAAA,MAGF,SAAS,YAAY;AACnB,cAAM,MAAM,eAAe,UAAU;AACrC,eAAO;AAAA,UACL,SAAS;AAAA,UACT,OAAO;AAAA,YACL,MAAM;AAAA,YACN,SAAS,sCAAsC,IAAI,OAAO;AAAA,UAAA;AAAA,UAE5D,MAAM;AAAA,QAAA;AAAA,MAEV;AAAA,IACF;AAGA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SAAS,0CAA0C,KAAK,aAAa;AAAA,MAAA;AAAA,MAEvE,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA,EAEA,UAAyB;AACvB,SAAK,WAAW;AAChB,WAAO,QAAQ,QAAA;AAAA,EACjB;AACF;AAgDO,SAAS,8BACd,QACe;AACf,QAAM;AAAA,IACJ;AAAA,IACA;AAAA,IACA,SAAS,iBAAiB;AAAA,IAC1B,gBAAgB;AAAA,EAAA,IACd;AAEJ,SAAO;AAAA,IACL,cAAc,eAAuD;AACnE,YAAM,UAAU,cAAc,WAAW;AAEzC,aAAO,QAAQ;AAAA,QACb,IAAI;AAAA,UACF;AAAA,UACA,cAAc;AAAA,UACd;AAAA,UACA;AAAA,UACA;AAAA,QAAA;AAAA,MACF;AAAA,IAEJ;AAAA,EAAA;AAEJ;"}

package/dist/esm/types.d.ts ADDED Viewed

@@ -0,0 +1,72 @@
+/**
+ * Shared types between the Cloudflare Worker and the driver
+ */
+/**
+ * Tool schema passed to the worker
+ */
+export interface ToolSchema {
+    name: string;
+    description: string;
+    inputSchema: Record<string, unknown>;
+}
+/**
+ * Request to execute code in the worker
+ */
+export interface ExecuteRequest {
+    /** The code to execute */
+    code: string;
+    /** Tool schemas available for the code to call */
+    tools: Array<ToolSchema>;
+    /** Results from previous tool calls (for continuation) */
+    toolResults?: Record<string, ToolResultPayload>;
+    /** Execution timeout in ms */
+    timeout?: number;
+}
+/**
+ * Tool call requested by the worker
+ */
+export interface ToolCallRequest {
+    /** Unique ID for this tool call */
+    id: string;
+    /** Name of the tool to call */
+    name: string;
+    /** Arguments to pass to the tool */
+    args: unknown;
+}
+/**
+ * Result of a tool call
+ */
+export interface ToolResultPayload {
+    /** Whether the tool call succeeded */
+    success: boolean;
+    /** The result value if successful */
+    value?: unknown;
+    /** Error message if failed */
+    error?: string;
+}
+/**
+ * Response from the worker - either done or needs tool calls
+ */
+export type ExecuteResponse = {
+    status: 'done';
+    success: boolean;
+    value?: unknown;
+    error?: {
+        name: string;
+        message: string;
+        stack?: string;
+    };
+    logs: Array<string>;
+} | {
+    status: 'need_tools';
+    toolCalls: Array<ToolCallRequest>;
+    logs: Array<string>;
+    /** Continuation state to send back with tool results */
+    continuationId: string;
+} | {
+    status: 'error';
+    error: {
+        name: string;
+        message: string;
+    };
+};

package/dist/esm/worker/index.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+/**
+ * Cloudflare Worker for Code Mode execution
+ *
+ * This Worker executes JavaScript code in a V8 isolate on Cloudflare's edge network.
+ * Tool calls are handled via a request/response loop with the driver.
+ *
+ * Flow:
+ * 1. Receive code + tool schemas
+ * 2. Execute code, collecting any tool calls
+ * 3. If tool calls are needed, return them to the driver
+ * 4. Driver executes tools locally, sends results back
+ * 5. Re-execute with tool results injected
+ * 6. Return final result
+ */
+/**
+ * UnsafeEval binding type
+ * This is only available in local development with wrangler dev
+ */
+interface UnsafeEval {
+    eval: (code: string) => unknown;
+}
+interface Env {
+    /**
+     * UnsafeEval binding - provides eval() for local development
+     * Configured in wrangler.toml as an unsafe binding
+     */
+    UNSAFE_EVAL?: UnsafeEval;
+}
+/**
+ * Main Worker fetch handler
+ */
+declare const _default: {
+    fetch(request: Request, env: Env, _ctx: ExecutionContext): Promise<Response>;
+};
+export default _default;

package/dist/esm/worker/index.js ADDED Viewed

@@ -0,0 +1,132 @@
+import { wrapCode } from "./wrap-code.js";
+async function executeCode(request, env) {
+  const { code, tools, toolResults, timeout = 3e4 } = request;
+  if (!env.UNSAFE_EVAL) {
+    return {
+      status: "error",
+      error: {
+        name: "UnsafeEvalNotAvailable",
+        message: "UNSAFE_EVAL binding is not available. This Worker requires the unsafe_eval binding for local development. For production, consider using Workers for Platforms."
+      }
+    };
+  }
+  try {
+    const wrappedCode = wrapCode(code, tools, toolResults);
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), timeout);
+    try {
+      const result = await env.UNSAFE_EVAL.eval(wrappedCode);
+      clearTimeout(timeoutId);
+      if (result.status === "need_tools") {
+        return {
+          status: "need_tools",
+          toolCalls: result.toolCalls || [],
+          logs: result.logs,
+          continuationId: crypto.randomUUID()
+        };
+      }
+      return {
+        status: "done",
+        success: result.success ?? false,
+        value: result.value,
+        error: result.error,
+        logs: result.logs
+      };
+    } catch (evalError) {
+      clearTimeout(timeoutId);
+      if (controller.signal.aborted) {
+        return {
+          status: "error",
+          error: {
+            name: "TimeoutError",
+            message: `Execution timed out after ${timeout}ms`
+          }
+        };
+      }
+      const error = evalError;
+      return {
+        status: "done",
+        success: false,
+        error: {
+          name: error.name || "EvalError",
+          message: error.message || String(error),
+          stack: error.stack
+        },
+        logs: []
+      };
+    }
+  } catch (error) {
+    const err = error;
+    return {
+      status: "error",
+      error: {
+        name: err.name || "Error",
+        message: err.message || String(err)
+      }
+    };
+  }
+}
+const index = {
+  async fetch(request, env, _ctx) {
+    if (request.method === "OPTIONS") {
+      return new Response(null, {
+        headers: {
+          "Access-Control-Allow-Origin": "*",
+          "Access-Control-Allow-Methods": "POST, OPTIONS",
+          "Access-Control-Allow-Headers": "Content-Type, Authorization"
+        }
+      });
+    }
+    if (request.method !== "POST") {
+      return new Response(JSON.stringify({ error: "Method not allowed" }), {
+        status: 405,
+        headers: {
+          "Content-Type": "application/json",
+          "Access-Control-Allow-Origin": "*"
+        }
+      });
+    }
+    try {
+      const body = await request.json();
+      if (!body.code || typeof body.code !== "string") {
+        return new Response(JSON.stringify({ error: "Code is required" }), {
+          status: 400,
+          headers: {
+            "Content-Type": "application/json",
+            "Access-Control-Allow-Origin": "*"
+          }
+        });
+      }
+      const result = await executeCode(body, env);
+      return new Response(JSON.stringify(result), {
+        status: 200,
+        headers: {
+          "Content-Type": "application/json",
+          "Access-Control-Allow-Origin": "*"
+        }
+      });
+    } catch (error) {
+      const err = error;
+      return new Response(
+        JSON.stringify({
+          status: "error",
+          error: {
+            name: "RequestError",
+            message: err.message || "Failed to process request"
+          }
+        }),
+        {
+          status: 500,
+          headers: {
+            "Content-Type": "application/json",
+            "Access-Control-Allow-Origin": "*"
+          }
+        }
+      );
+    }
+  }
+};
+export {
+  index as default
+};
+//# sourceMappingURL=index.js.map

package/dist/esm/worker/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sources":["../../../src/worker/index.ts"],"sourcesContent":["/**\n * Cloudflare Worker for Code Mode execution\n *\n * This Worker executes JavaScript code in a V8 isolate on Cloudflare's edge network.\n * Tool calls are handled via a request/response loop with the driver.\n *\n * Flow:\n * 1. Receive code + tool schemas\n * 2. Execute code, collecting any tool calls\n * 3. If tool calls are needed, return them to the driver\n * 4. Driver executes tools locally, sends results back\n * 5. Re-execute with tool results injected\n * 6. Return final result\n */\n\nimport { wrapCode } from './wrap-code'\nimport type { ExecuteRequest, ExecuteResponse, ToolCallRequest } from '../types'\n\n/**\n * UnsafeEval binding type\n * This is only available in local development with wrangler dev\n */\ninterface UnsafeEval {\n eval: (code: string) => unknown\n}\n\ninterface Env {\n /**\n * UnsafeEval binding - provides eval() for local development\n * Configured in wrangler.toml as an unsafe binding\n */\n UNSAFE_EVAL?: UnsafeEval\n}\n\n/**\n * Execute code in the Worker's V8 isolate\n */\nasync function executeCode(\n request: ExecuteRequest,\n env: Env,\n): Promise<ExecuteResponse> {\n const { code, tools, toolResults, timeout = 30000 } = request\n\n // Check if UNSAFE_EVAL binding is available\n if (!env.UNSAFE_EVAL) {\n return {\n status: 'error',\n error: {\n name: 'UnsafeEvalNotAvailable',\n message:\n 'UNSAFE_EVAL binding is not available. ' +\n 'This Worker requires the unsafe_eval binding for local development. ' +\n 'For production, consider using Workers for Platforms.',\n },\n }\n }\n\n try {\n const wrappedCode = wrapCode(code, tools, toolResults)\n\n // Execute with timeout\n const controller = new AbortController()\n const timeoutId = setTimeout(() => controller.abort(), timeout)\n\n try {\n // Use UNSAFE_EVAL binding to execute the code\n // This is only available in local development with wrangler dev\n const result = (await env.UNSAFE_EVAL.eval(wrappedCode)) as {\n status: string\n success?: boolean\n value?: unknown\n error?: { name: string; message: string; stack?: string }\n logs: Array<string>\n toolCalls?: Array<ToolCallRequest>\n }\n\n clearTimeout(timeoutId)\n\n if (result.status === 'need_tools') {\n return {\n status: 'need_tools',\n toolCalls: result.toolCalls || [],\n logs: result.logs,\n continuationId: crypto.randomUUID(),\n }\n }\n\n return {\n status: 'done',\n success: result.success ?? false,\n value: result.value,\n error: result.error,\n logs: result.logs,\n }\n } catch (evalError: unknown) {\n clearTimeout(timeoutId)\n\n if (controller.signal.aborted) {\n return {\n status: 'error',\n error: {\n name: 'TimeoutError',\n message: `Execution timed out after ${timeout}ms`,\n },\n }\n }\n\n const error = evalError as Error\n return {\n status: 'done',\n success: false,\n error: {\n name: error.name || 'EvalError',\n message: error.message || String(error),\n stack: error.stack,\n },\n logs: [],\n }\n }\n } catch (error: unknown) {\n const err = error as Error\n return {\n status: 'error',\n error: {\n name: err.name || 'Error',\n message: err.message || String(err),\n },\n }\n }\n}\n\n/**\n * Main Worker fetch handler\n */\nexport default {\n async fetch(\n request: Request,\n env: Env,\n _ctx: ExecutionContext,\n ): Promise<Response> {\n // Handle CORS preflight\n if (request.method === 'OPTIONS') {\n return new Response(null, {\n headers: {\n 'Access-Control-Allow-Origin': '*',\n 'Access-Control-Allow-Methods': 'POST, OPTIONS',\n 'Access-Control-Allow-Headers': 'Content-Type, Authorization',\n },\n })\n }\n\n // Only accept POST requests\n if (request.method !== 'POST') {\n return new Response(JSON.stringify({ error: 'Method not allowed' }), {\n status: 405,\n headers: {\n 'Content-Type': 'application/json',\n 'Access-Control-Allow-Origin': '*',\n },\n })\n }\n\n try {\n const body: ExecuteRequest = await request.json()\n\n // Validate request\n if (!body.code || typeof body.code !== 'string') {\n return new Response(JSON.stringify({ error: 'Code is required' }), {\n status: 400,\n headers: {\n 'Content-Type': 'application/json',\n 'Access-Control-Allow-Origin': '*',\n },\n })\n }\n\n // Execute the code\n const result = await executeCode(body, env)\n\n return new Response(JSON.stringify(result), {\n status: 200,\n headers: {\n 'Content-Type': 'application/json',\n 'Access-Control-Allow-Origin': '*',\n },\n })\n } catch (error: unknown) {\n const err = error as Error\n return new Response(\n JSON.stringify({\n status: 'error',\n error: {\n name: 'RequestError',\n message: err.message || 'Failed to process request',\n },\n }),\n {\n status: 500,\n headers: {\n 'Content-Type': 'application/json',\n 'Access-Control-Allow-Origin': '*',\n },\n },\n )\n }\n },\n}\n"],"names":[],"mappings":";AAqCA,eAAe,YACb,SACA,KAC0B;AAC1B,QAAM,EAAE,MAAM,OAAO,aAAa,UAAU,QAAU;AAGtD,MAAI,CAAC,IAAI,aAAa;AACpB,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,OAAO;AAAA,QACL,MAAM;AAAA,QACN,SACE;AAAA,MAAA;AAAA,IAGJ;AAAA,EAEJ;AAEA,MAAI;AACF,UAAM,cAAc,SAAS,MAAM,OAAO,WAAW;AAGrD,UAAM,aAAa,IAAI,gBAAA;AACvB,UAAM,YAAY,WAAW,MAAM,WAAW,MAAA,GAAS,OAAO;AAE9D,QAAI;AAGF,YAAM,SAAU,MAAM,IAAI,YAAY,KAAK,WAAW;AAStD,mBAAa,SAAS;AAEtB,UAAI,OAAO,WAAW,cAAc;AAClC,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,WAAW,OAAO,aAAa,CAAA;AAAA,UAC/B,MAAM,OAAO;AAAA,UACb,gBAAgB,OAAO,WAAA;AAAA,QAAW;AAAA,MAEtC;AAEA,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS,OAAO,WAAW;AAAA,QAC3B,OAAO,OAAO;AAAA,QACd,OAAO,OAAO;AAAA,QACd,MAAM,OAAO;AAAA,MAAA;AAAA,IAEjB,SAAS,WAAoB;AAC3B,mBAAa,SAAS;AAEtB,UAAI,WAAW,OAAO,SAAS;AAC7B,eAAO;AAAA,UACL,QAAQ;AAAA,UACR,OAAO;AAAA,YACL,MAAM;AAAA,YACN,SAAS,6BAA6B,OAAO;AAAA,UAAA;AAAA,QAC/C;AAAA,MAEJ;AAEA,YAAM,QAAQ;AACd,aAAO;AAAA,QACL,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,OAAO;AAAA,UACL,MAAM,MAAM,QAAQ;AAAA,UACpB,SAAS,MAAM,WAAW,OAAO,KAAK;AAAA,UACtC,OAAO,MAAM;AAAA,QAAA;AAAA,QAEf,MAAM,CAAA;AAAA,MAAC;AAAA,IAEX;AAAA,EACF,SAAS,OAAgB;AACvB,UAAM,MAAM;AACZ,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,OAAO;AAAA,QACL,MAAM,IAAI,QAAQ;AAAA,QAClB,SAAS,IAAI,WAAW,OAAO,GAAG;AAAA,MAAA;AAAA,IACpC;AAAA,EAEJ;AACF;AAKA,MAAA,QAAe;AAAA,EACb,MAAM,MACJ,SACA,KACA,MACmB;AAEnB,QAAI,QAAQ,WAAW,WAAW;AAChC,aAAO,IAAI,SAAS,MAAM;AAAA,QACxB,SAAS;AAAA,UACP,+BAA+B;AAAA,UAC/B,gCAAgC;AAAA,UAChC,gCAAgC;AAAA,QAAA;AAAA,MAClC,CACD;AAAA,IACH;AAGA,QAAI,QAAQ,WAAW,QAAQ;AAC7B,aAAO,IAAI,SAAS,KAAK,UAAU,EAAE,OAAO,qBAAA,CAAsB,GAAG;AAAA,QACnE,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,+BAA+B;AAAA,QAAA;AAAA,MACjC,CACD;AAAA,IACH;AAEA,QAAI;AACF,YAAM,OAAuB,MAAM,QAAQ,KAAA;AAG3C,UAAI,CAAC,KAAK,QAAQ,OAAO,KAAK,SAAS,UAAU;AAC/C,eAAO,IAAI,SAAS,KAAK,UAAU,EAAE,OAAO,mBAAA,CAAoB,GAAG;AAAA,UACjE,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,gBAAgB;AAAA,YAChB,+BAA+B;AAAA,UAAA;AAAA,QACjC,CACD;AAAA,MACH;AAGA,YAAM,SAAS,MAAM,YAAY,MAAM,GAAG;AAE1C,aAAO,IAAI,SAAS,KAAK,UAAU,MAAM,GAAG;AAAA,QAC1C,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,+BAA+B;AAAA,QAAA;AAAA,MACjC,CACD;AAAA,IACH,SAAS,OAAgB;AACvB,YAAM,MAAM;AACZ,aAAO,IAAI;AAAA,QACT,KAAK,UAAU;AAAA,UACb,QAAQ;AAAA,UACR,OAAO;AAAA,YACL,MAAM;AAAA,YACN,SAAS,IAAI,WAAW;AAAA,UAAA;AAAA,QAC1B,CACD;AAAA,QACD;AAAA,UACE,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,gBAAgB;AAAA,YAChB,+BAA+B;AAAA,UAAA;AAAA,QACjC;AAAA,MACF;AAAA,IAEJ;AAAA,EACF;AACF;"}