@the-ai-company/cbio-node-runtime 1.58.0 → 1.60.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (137) hide show
  1. package/README.md +55 -24
  2. package/dist/clients/agent/client.d.ts +9 -1
  3. package/dist/clients/agent/client.js +41 -11
  4. package/dist/clients/agent/client.js.map +1 -1
  5. package/dist/clients/agent/contracts.d.ts +5 -2
  6. package/dist/clients/owner/client.d.ts +15 -11
  7. package/dist/clients/owner/client.js +83 -30
  8. package/dist/clients/owner/client.js.map +1 -1
  9. package/dist/clients/owner/contracts.d.ts +32 -22
  10. package/dist/clients/owner/index.d.ts +1 -1
  11. package/dist/runtime/index.d.ts +1 -1
  12. package/dist/vault-core/contracts.d.ts +204 -26
  13. package/dist/vault-core/contracts.js +6 -2
  14. package/dist/vault-core/contracts.js.map +1 -1
  15. package/dist/vault-core/core.d.ts +23 -4
  16. package/dist/vault-core/core.js +480 -121
  17. package/dist/vault-core/core.js.map +1 -1
  18. package/dist/vault-core/defaults.d.ts +9 -2
  19. package/dist/vault-core/defaults.js +41 -14
  20. package/dist/vault-core/defaults.js.map +1 -1
  21. package/dist/vault-core/index.d.ts +1 -1
  22. package/dist/vault-core/index.js.map +1 -1
  23. package/dist/vault-core/persistence.d.ts +12 -2
  24. package/dist/vault-core/persistence.js +43 -4
  25. package/dist/vault-core/persistence.js.map +1 -1
  26. package/dist/vault-core/ports.d.ts +7 -1
  27. package/dist/vault-core/tool-metadata.js +27 -10
  28. package/dist/vault-core/tool-metadata.js.map +1 -1
  29. package/dist/vault-ingress/defaults.d.ts +2 -0
  30. package/dist/vault-ingress/defaults.js +6 -0
  31. package/dist/vault-ingress/defaults.js.map +1 -1
  32. package/dist/vault-ingress/index.d.ts +54 -9
  33. package/dist/vault-ingress/index.js +160 -46
  34. package/dist/vault-ingress/index.js.map +1 -1
  35. package/dist/vault-ingress/remote-transport.d.ts +2 -0
  36. package/dist/vault-ingress/remote-transport.js +33 -4
  37. package/dist/vault-ingress/remote-transport.js.map +1 -1
  38. package/docs/ARCHITECTURE.md +1 -1
  39. package/docs/REFERENCE.md +43 -30
  40. package/docs/WORKS_WITH_CUSTOM_FETCH.md +2 -2
  41. package/docs/api/README.md +5 -5
  42. package/docs/api/classes/IdentityError.md +1 -1
  43. package/docs/api/classes/OwnerClientError.md +1 -1
  44. package/docs/api/classes/VaultCore.md +176 -16
  45. package/docs/api/classes/VaultCoreError.md +1 -1
  46. package/docs/api/enumerations/IdentityErrorCode.md +1 -1
  47. package/docs/api/enumerations/OwnerClientErrorCode.md +1 -1
  48. package/docs/api/functions/createAgentClient.md +1 -1
  49. package/docs/api/functions/createIdentity.md +1 -1
  50. package/docs/api/functions/createOwnerHttpFlowBoundary.md +1 -1
  51. package/docs/api/functions/createOwnerSession.md +1 -1
  52. package/docs/api/functions/createPersistentVaultCoreDependencies.md +1 -1
  53. package/docs/api/functions/createStandardAcquireBoundary.md +1 -1
  54. package/docs/api/functions/createStandardDispatchBoundary.md +1 -1
  55. package/docs/api/functions/createVault.md +1 -1
  56. package/docs/api/functions/createVaultClient.md +1 -1
  57. package/docs/api/functions/createVaultCore.md +1 -1
  58. package/docs/api/functions/createVaultCoreDependencies.md +1 -1
  59. package/docs/api/functions/createVaultService.md +1 -1
  60. package/docs/api/functions/createWorkspaceStorage.md +1 -1
  61. package/docs/api/functions/deriveIdentityId.md +1 -1
  62. package/docs/api/functions/deriveVaultWorkingKeyFromPassword.md +1 -1
  63. package/docs/api/functions/getDefaultWorkspaceDir.md +1 -1
  64. package/docs/api/functions/handleVaultAgentControlHttp.md +1 -1
  65. package/docs/api/functions/handleVaultHttpDispatch.md +1 -1
  66. package/docs/api/functions/initializeVaultCustody.md +1 -1
  67. package/docs/api/functions/listVaults.md +1 -1
  68. package/docs/api/functions/readVaultProfile.md +1 -1
  69. package/docs/api/functions/recoverVault.md +1 -1
  70. package/docs/api/functions/recoverVaultWorkingKey.md +1 -1
  71. package/docs/api/functions/restoreIdentity.md +1 -1
  72. package/docs/api/functions/updateVaultMetadata.md +1 -1
  73. package/docs/api/functions/wrapVaultCoreAsVaultService.md +1 -1
  74. package/docs/api/functions/writeVaultProfile.md +1 -1
  75. package/docs/api/interfaces/AgentClient.md +33 -1
  76. package/docs/api/interfaces/AgentDispatchIntent.md +1 -1
  77. package/docs/api/interfaces/AgentDispatchTransport.md +33 -1
  78. package/docs/api/interfaces/AgentIdentity.md +1 -1
  79. package/docs/api/interfaces/AgentSigner.md +1 -1
  80. package/docs/api/interfaces/AgentSubmitCapabilityRequestInput.md +9 -9
  81. package/docs/api/interfaces/CbioRuntime.md +1 -1
  82. package/docs/api/interfaces/CreateAgentClientOptions.md +1 -1
  83. package/docs/api/interfaces/CreateIdentityOptions.md +1 -1
  84. package/docs/api/interfaces/CreateOwnerSessionOptions.md +1 -1
  85. package/docs/api/interfaces/CreatePersistentVaultCoreDependenciesOptions.md +1 -1
  86. package/docs/api/interfaces/CreateVaultClientOptions.md +1 -1
  87. package/docs/api/interfaces/CreateVaultOptions.md +1 -1
  88. package/docs/api/interfaces/CreatedVault.md +1 -1
  89. package/docs/api/interfaces/DefaultPolicyEngineOptions.md +1 -1
  90. package/docs/api/interfaces/IStorageProvider.md +1 -1
  91. package/docs/api/interfaces/InitializeVaultCustodyOptions.md +1 -1
  92. package/docs/api/interfaces/InitializedVaultCustody.md +1 -1
  93. package/docs/api/interfaces/OwnerAgentProvisionResult.md +1 -1
  94. package/docs/api/interfaces/{OwnerStoreSecretInput.md → OwnerCreateSecretInput.md} +2 -2
  95. package/docs/api/interfaces/{VaultDeleteSecretInput.md → OwnerRemoveSecretInput.md} +2 -2
  96. package/docs/api/interfaces/OwnerSensitiveActionConfirmation.md +1 -1
  97. package/docs/api/interfaces/OwnerSensitiveActionContext.md +1 -1
  98. package/docs/api/interfaces/OwnerSession.md +1 -1
  99. package/docs/api/interfaces/{OwnerWriteSecretInput.md → OwnerUpdateSecretInput.md} +2 -2
  100. package/docs/api/interfaces/RecoverVaultOptions.md +1 -1
  101. package/docs/api/interfaces/RecoveredVault.md +1 -1
  102. package/docs/api/interfaces/RestoreIdentityOptions.md +1 -1
  103. package/docs/api/interfaces/Signer.md +1 -1
  104. package/docs/api/interfaces/VaultApproveCapabilityRequestInput.md +1 -1
  105. package/docs/api/interfaces/VaultApproveDispatchInput.md +1 -1
  106. package/docs/api/interfaces/VaultAuditQueryInput.md +1 -1
  107. package/docs/api/interfaces/VaultClient.md +112 -48
  108. package/docs/api/interfaces/VaultCoreDependenciesOptions.md +1 -1
  109. package/docs/api/interfaces/VaultCreateAgentInput.md +1 -1
  110. package/docs/api/interfaces/VaultExportSecretInput.md +1 -1
  111. package/docs/api/interfaces/VaultGrantCapabilityInput.md +9 -21
  112. package/docs/api/interfaces/VaultGrantCapabilityRequest.md +1 -1
  113. package/docs/api/interfaces/VaultIdentity.md +1 -1
  114. package/docs/api/interfaces/VaultImportAgentInput.md +1 -1
  115. package/docs/api/interfaces/VaultIssueSessionTokenInput.md +1 -1
  116. package/docs/api/interfaces/VaultListAgentsInput.md +1 -1
  117. package/docs/api/interfaces/VaultListCapabilitiesInput.md +1 -1
  118. package/docs/api/interfaces/VaultListSecretsInput.md +1 -1
  119. package/docs/api/interfaces/VaultMetadata.md +1 -1
  120. package/docs/api/interfaces/VaultObject.md +1 -1
  121. package/docs/api/interfaces/VaultProfile.md +1 -1
  122. package/docs/api/interfaces/VaultReadAgentPrivateKeyInput.md +1 -1
  123. package/docs/api/interfaces/VaultReadSecretPlaintextInput.md +1 -1
  124. package/docs/api/interfaces/VaultRegisterFlowInput.md +1 -1
  125. package/docs/api/interfaces/VaultRevokeCapabilityInput.md +1 -1
  126. package/docs/api/interfaces/VaultRevokeSessionTokenInput.md +1 -1
  127. package/docs/api/interfaces/VaultSigner.md +1 -1
  128. package/docs/api/interfaces/VaultSubmitCapabilityRequestInput.md +11 -17
  129. package/docs/api/interfaces/VaultUpdateAgentInput.md +1 -1
  130. package/docs/api/type-aliases/AgentCapabilityEnvelope.md +1 -1
  131. package/docs/api/type-aliases/AgentVisibleSecretRecord.md +1 -1
  132. package/docs/api/type-aliases/CbioRuntimeModule.md +1 -1
  133. package/docs/api/type-aliases/OwnerGrantCapabilityInput.md +1 -1
  134. package/docs/api/variables/DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY.md +1 -1
  135. package/docs/zh/README.md +27 -9
  136. package/examples/process-isolation.ts +6 -4
  137. package/package.json +1 -1
package/dist/vault-core/core.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { AgentListCapabilitiesRequest, AgentListSecretsRequest, AgentGetRuntimeManifestRequest, AgentRuntimeManifest, AgentSubmitCapabilityRequestCommand, AgentVisibleSecretRecord, AuditEntry, AuditQuery, CustomHttpFlowDefinition, DispatchAuthorization, DispatchRequest, DispatchResult, OwnerExecuteCapabilityStateCommand, OwnerIssueSessionTokenRequest, OwnerRejectCapabilityStateCommand, OwnerDeleteSecretCommand, OwnerExportSecretRequest, OwnerRegisterAgentIdentityCommand, OwnerUpdateAgentIdentityCommand, OwnerRegisterCapabilityCommand, OwnerRegisterCustomHttpFlowCommand, OwnerRevokeCapabilityCommand, OwnerListAgentsRequest, OwnerListCapabilitiesRequest, OwnerListCapabilityStatesRequest, OwnerSecretExport, OwnerSessionToken, SecretRecord, SubmitCapabilityRequestCommand, VaultId, VaultPrincipal, VaultWriteSecretCommand, AgentIdentityRecord, AgentCapability, CapabilityStateRecord } from "./contracts.js";
1
+ import type { AgentListCapabilitiesRequest, AgentListSecretsRequest, AgentListRequestsRequest, AgentGetRequestRequest, AgentRequestResult, AgentGetRuntimeManifestRequest, AgentRuntimeManifest, AgentSubmitCapabilityRequestCommand, AgentVisibleRequestRecord, OwnerVisibleRequestRecord, OwnerRequestRecord, AgentVisibleSecretRecord, AuditEntry, AuditQuery, CustomHttpFlowDefinition, DispatchAuthorization, DispatchRequest, DispatchResult, OwnerAllowAlwaysCommand, OwnerAllowOnceCommand, OwnerIssueSessionTokenRequest, OwnerDenyCommand, OwnerCreateSecretCommand, OwnerDeleteSecretCommand, OwnerExportSecretRequest, OwnerRegisterAgentIdentityCommand, OwnerUpdateAgentIdentityCommand, OwnerRegisterCapabilityCommand, OwnerRegisterCustomHttpFlowCommand, OwnerRevokeCapabilityCommand, OwnerListAgentsRequest, OwnerListCapabilitiesRequest, OwnerListRequestsRequest, OwnerGetRequestRequest, OwnerListCapabilityStatesRequest, OwnerSecretExport, OwnerSessionToken, SecretRecord, SubmitCapabilityRequestCommand, VaultId, VaultPrincipal, VaultWriteSecretCommand, AgentIdentityRecord, AgentCapability, CapabilityStateRecord } from "./contracts.js";
2
2
  import type { VaultCoreDependencies } from "./ports.js";
3
3
  /**
4
4
  * The Sovereign Vault Core.
@@ -18,6 +18,10 @@ export declare class VaultCore {
18
18
  private _appendDecisionAudit;
19
19
  private _verifyAgentControlProof;
20
20
  private _listVisibleSecretsForAgent;
21
+ private _recordRequestExecution;
22
+ private toVisibleRequestRecord;
23
+ private toOwnerVisibleRequestRecord;
24
+ private toOwnerRequestRecord;
21
25
  ownerOnCapabilityState(callback: (record: CapabilityStateRecord) => void): () => void;
22
26
  ownerRegisterAgentIdentity(command: OwnerRegisterAgentIdentityCommand): Promise<void>;
23
27
  ownerUpdateAgentIdentity(command: OwnerUpdateAgentIdentityCommand): Promise<AgentIdentityRecord>;
@@ -26,7 +30,12 @@ export declare class VaultCore {
26
30
  _getCapability(vaultId: import("./contracts.js").VaultId, agentId: string, capabilityId: string): Promise<AgentCapability | null>;
27
31
  ownerRegisterCustomFlow(command: OwnerRegisterCustomHttpFlowCommand): Promise<void>;
28
32
  _storeCustomFlowSecret(flow: CustomHttpFlowDefinition, alias: string, plaintext: string): Promise<SecretRecord>;
33
+ private _getActiveSecretByAlias;
34
+ private _persistNewSecretRecord;
35
+ ownerCreateSecret(command: OwnerCreateSecretCommand): Promise<SecretRecord>;
36
+ ownerUpdateSecret(command: import("./contracts.js").OwnerUpdateSecretCommand): Promise<SecretRecord>;
29
37
  ownerWriteSecret(command: VaultWriteSecretCommand): Promise<SecretRecord>;
38
+ ownerRemoveSecret(command: OwnerDeleteSecretCommand): Promise<void>;
30
39
  ownerDeleteSecret(command: OwnerDeleteSecretCommand): Promise<void>;
31
40
  agentAuthorizeDispatch(request: DispatchRequest): Promise<DispatchAuthorization>;
32
41
  agentDispatchSecret(request: DispatchRequest): Promise<DispatchResult>;
@@ -43,6 +52,12 @@ export declare class VaultCore {
43
52
  ownerListCapabilities(actor: VaultPrincipal & {
44
53
  kind: "owner";
45
54
  }, agentId?: string, request?: Omit<OwnerListCapabilitiesRequest, "actor" | "agentId" | "vaultId">): Promise<readonly AgentCapability[]>;
55
+ ownerListRequests(actor: VaultPrincipal & {
56
+ kind: "owner";
57
+ }, agentId?: string, request?: Omit<OwnerListRequestsRequest, "actor" | "agentId" | "vaultId">): Promise<readonly OwnerVisibleRequestRecord[]>;
58
+ ownerGetRequest(actor: VaultPrincipal & {
59
+ kind: "owner";
60
+ }, targetRequestId: string, request?: Omit<OwnerGetRequestRequest, "actor" | "targetRequestId" | "vaultId">): Promise<OwnerRequestRecord>;
46
61
  ownerListSecrets(actor: VaultPrincipal & {
47
62
  kind: "owner";
48
63
  }, request?: {
@@ -50,6 +65,8 @@ export declare class VaultCore {
50
65
  }): Promise<readonly AgentVisibleSecretRecord[]>;
51
66
  agentListCapabilities(request: AgentListCapabilitiesRequest): Promise<readonly import("./contracts.js").AgentCapabilityState[]>;
52
67
  agentListSecrets(request: AgentListSecretsRequest): Promise<readonly AgentVisibleSecretRecord[]>;
68
+ agentListRequests(request: AgentListRequestsRequest): Promise<readonly AgentVisibleRequestRecord[]>;
69
+ agentGetRequest(request: AgentGetRequestRequest): Promise<AgentRequestResult>;
53
70
  agentGetRuntimeManifest(command: AgentGetRuntimeManifestRequest): Promise<AgentRuntimeManifest>;
54
71
  agentSubmitCapabilityRequest(command: AgentSubmitCapabilityRequestCommand): Promise<CapabilityStateRecord>;
55
72
  ownerRevokeCapability(command: OwnerRevokeCapabilityCommand): Promise<void>;
@@ -65,8 +82,10 @@ export declare class VaultCore {
65
82
  token: string;
66
83
  }): Promise<void>;
67
84
  ownerListCapabilityStates(command: OwnerListCapabilityStatesRequest): Promise<readonly CapabilityStateRecord[]>;
68
- ownerExecuteCapabilityStateOnce(command: OwnerExecuteCapabilityStateCommand): Promise<DispatchResult>;
69
- ownerExecuteCapabilityStateAndGrant(command: OwnerExecuteCapabilityStateCommand): Promise<DispatchResult>;
70
- ownerRejectCapabilityState(command: OwnerRejectCapabilityStateCommand): Promise<CapabilityStateRecord>;
85
+ ownerApproveCapabilityWrite(command: import("./contracts.js").OwnerApproveCapabilityWriteCommand): Promise<CapabilityStateRecord>;
86
+ ownerApproveCapabilityRead(command: import("./contracts.js").OwnerApproveCapabilityReadCommand): Promise<CapabilityStateRecord>;
87
+ ownerAllowOnce(command: OwnerAllowOnceCommand): Promise<DispatchResult>;
88
+ ownerAllowAlways(command: OwnerAllowAlwaysCommand): Promise<DispatchResult>;
89
+ ownerDeny(command: OwnerDenyCommand): Promise<CapabilityStateRecord>;
71
90
  }
72
91
  export declare function createVaultCore(deps: VaultCoreDependencies): VaultCore;