@the-ai-company/cbio-node-runtime 1.59.1 → 1.60.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -2
- package/dist/clients/agent/client.d.ts +6 -0
- package/dist/clients/agent/client.js.map +1 -1
- package/dist/clients/owner/client.d.ts +9 -7
- package/dist/clients/owner/client.js +40 -11
- package/dist/clients/owner/client.js.map +1 -1
- package/dist/clients/owner/contracts.d.ts +21 -11
- package/dist/clients/owner/index.d.ts +1 -1
- package/dist/runtime/index.d.ts +1 -1
- package/dist/vault-core/contracts.d.ts +85 -3
- package/dist/vault-core/contracts.js +2 -0
- package/dist/vault-core/contracts.js.map +1 -1
- package/dist/vault-core/core.d.ts +14 -1
- package/dist/vault-core/core.js +180 -22
- package/dist/vault-core/core.js.map +1 -1
- package/dist/vault-core/defaults.d.ts +1 -0
- package/dist/vault-core/defaults.js +8 -4
- package/dist/vault-core/defaults.js.map +1 -1
- package/dist/vault-core/index.d.ts +1 -1
- package/dist/vault-core/index.js.map +1 -1
- package/dist/vault-core/persistence.d.ts +1 -0
- package/dist/vault-core/persistence.js +6 -3
- package/dist/vault-core/persistence.js.map +1 -1
- package/dist/vault-core/tool-metadata.js +4 -4
- package/dist/vault-core/tool-metadata.js.map +1 -1
- package/dist/vault-ingress/index.d.ts +15 -0
- package/dist/vault-ingress/index.js +20 -1
- package/dist/vault-ingress/index.js.map +1 -1
- package/docs/REFERENCE.md +8 -4
- package/docs/api/README.md +5 -5
- package/docs/api/classes/IdentityError.md +1 -1
- package/docs/api/classes/OwnerClientError.md +1 -1
- package/docs/api/classes/VaultCore.md +97 -1
- package/docs/api/classes/VaultCoreError.md +1 -1
- package/docs/api/enumerations/IdentityErrorCode.md +1 -1
- package/docs/api/enumerations/OwnerClientErrorCode.md +1 -1
- package/docs/api/functions/createAgentClient.md +1 -1
- package/docs/api/functions/createIdentity.md +1 -1
- package/docs/api/functions/createOwnerHttpFlowBoundary.md +1 -1
- package/docs/api/functions/createOwnerSession.md +1 -1
- package/docs/api/functions/createPersistentVaultCoreDependencies.md +1 -1
- package/docs/api/functions/createStandardAcquireBoundary.md +1 -1
- package/docs/api/functions/createStandardDispatchBoundary.md +1 -1
- package/docs/api/functions/createVault.md +1 -1
- package/docs/api/functions/createVaultClient.md +1 -1
- package/docs/api/functions/createVaultCore.md +1 -1
- package/docs/api/functions/createVaultCoreDependencies.md +1 -1
- package/docs/api/functions/createVaultService.md +1 -1
- package/docs/api/functions/createWorkspaceStorage.md +1 -1
- package/docs/api/functions/deriveIdentityId.md +1 -1
- package/docs/api/functions/deriveVaultWorkingKeyFromPassword.md +1 -1
- package/docs/api/functions/getDefaultWorkspaceDir.md +1 -1
- package/docs/api/functions/handleVaultAgentControlHttp.md +1 -1
- package/docs/api/functions/handleVaultHttpDispatch.md +1 -1
- package/docs/api/functions/initializeVaultCustody.md +1 -1
- package/docs/api/functions/listVaults.md +1 -1
- package/docs/api/functions/readVaultProfile.md +1 -1
- package/docs/api/functions/recoverVault.md +1 -1
- package/docs/api/functions/recoverVaultWorkingKey.md +1 -1
- package/docs/api/functions/restoreIdentity.md +1 -1
- package/docs/api/functions/updateVaultMetadata.md +1 -1
- package/docs/api/functions/wrapVaultCoreAsVaultService.md +1 -1
- package/docs/api/functions/writeVaultProfile.md +1 -1
- package/docs/api/interfaces/AgentClient.md +7 -1
- package/docs/api/interfaces/AgentDispatchIntent.md +1 -1
- package/docs/api/interfaces/AgentDispatchTransport.md +1 -1
- package/docs/api/interfaces/AgentIdentity.md +1 -1
- package/docs/api/interfaces/AgentSigner.md +1 -1
- package/docs/api/interfaces/AgentSubmitCapabilityRequestInput.md +1 -1
- package/docs/api/interfaces/CbioRuntime.md +1 -1
- package/docs/api/interfaces/CreateAgentClientOptions.md +1 -1
- package/docs/api/interfaces/CreateIdentityOptions.md +1 -1
- package/docs/api/interfaces/CreateOwnerSessionOptions.md +1 -1
- package/docs/api/interfaces/CreatePersistentVaultCoreDependenciesOptions.md +1 -1
- package/docs/api/interfaces/CreateVaultClientOptions.md +1 -1
- package/docs/api/interfaces/CreateVaultOptions.md +1 -1
- package/docs/api/interfaces/CreatedVault.md +1 -1
- package/docs/api/interfaces/DefaultPolicyEngineOptions.md +1 -1
- package/docs/api/interfaces/IStorageProvider.md +1 -1
- package/docs/api/interfaces/InitializeVaultCustodyOptions.md +1 -1
- package/docs/api/interfaces/InitializedVaultCustody.md +1 -1
- package/docs/api/interfaces/OwnerAgentProvisionResult.md +1 -1
- package/docs/api/interfaces/{OwnerStoreSecretInput.md → OwnerCreateSecretInput.md} +2 -2
- package/docs/api/interfaces/{VaultDeleteSecretInput.md → OwnerRemoveSecretInput.md} +2 -2
- package/docs/api/interfaces/OwnerSensitiveActionConfirmation.md +1 -1
- package/docs/api/interfaces/OwnerSensitiveActionContext.md +1 -1
- package/docs/api/interfaces/OwnerSession.md +1 -1
- package/docs/api/interfaces/{OwnerWriteSecretInput.md → OwnerUpdateSecretInput.md} +2 -2
- package/docs/api/interfaces/RecoverVaultOptions.md +1 -1
- package/docs/api/interfaces/RecoveredVault.md +1 -1
- package/docs/api/interfaces/RestoreIdentityOptions.md +1 -1
- package/docs/api/interfaces/Signer.md +1 -1
- package/docs/api/interfaces/VaultApproveCapabilityRequestInput.md +1 -1
- package/docs/api/interfaces/VaultApproveDispatchInput.md +1 -1
- package/docs/api/interfaces/VaultAuditQueryInput.md +1 -1
- package/docs/api/interfaces/VaultClient.md +55 -23
- package/docs/api/interfaces/VaultCoreDependenciesOptions.md +1 -1
- package/docs/api/interfaces/VaultCreateAgentInput.md +1 -1
- package/docs/api/interfaces/VaultExportSecretInput.md +1 -1
- package/docs/api/interfaces/VaultGrantCapabilityInput.md +1 -1
- package/docs/api/interfaces/VaultGrantCapabilityRequest.md +1 -1
- package/docs/api/interfaces/VaultIdentity.md +1 -1
- package/docs/api/interfaces/VaultImportAgentInput.md +1 -1
- package/docs/api/interfaces/VaultIssueSessionTokenInput.md +1 -1
- package/docs/api/interfaces/VaultListAgentsInput.md +1 -1
- package/docs/api/interfaces/VaultListCapabilitiesInput.md +1 -1
- package/docs/api/interfaces/VaultListSecretsInput.md +1 -1
- package/docs/api/interfaces/VaultMetadata.md +1 -1
- package/docs/api/interfaces/VaultObject.md +1 -1
- package/docs/api/interfaces/VaultProfile.md +1 -1
- package/docs/api/interfaces/VaultReadAgentPrivateKeyInput.md +1 -1
- package/docs/api/interfaces/VaultReadSecretPlaintextInput.md +1 -1
- package/docs/api/interfaces/VaultRegisterFlowInput.md +1 -1
- package/docs/api/interfaces/VaultRevokeCapabilityInput.md +1 -1
- package/docs/api/interfaces/VaultRevokeSessionTokenInput.md +1 -1
- package/docs/api/interfaces/VaultSigner.md +1 -1
- package/docs/api/interfaces/VaultSubmitCapabilityRequestInput.md +1 -1
- package/docs/api/interfaces/VaultUpdateAgentInput.md +1 -1
- package/docs/api/type-aliases/AgentCapabilityEnvelope.md +1 -1
- package/docs/api/type-aliases/AgentVisibleSecretRecord.md +1 -1
- package/docs/api/type-aliases/CbioRuntimeModule.md +1 -1
- package/docs/api/type-aliases/OwnerGrantCapabilityInput.md +1 -1
- package/docs/api/variables/DEFAULT_VAULT_KEY_CUSTODY_BLOB_KEY.md +1 -1
- package/docs/zh/README.md +2 -0
- package/package.json +1 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
[**CBIO Node Runtime Agent API v1.
|
|
1
|
+
[**CBIO Node Runtime Agent API v1.60.0**](../README.md)
|
|
2
2
|
|
|
3
3
|
***
|
|
4
4
|
|
|
@@ -277,6 +277,22 @@ This is the primary implementation of the Vault logic.
|
|
|
277
277
|
|
|
278
278
|
***
|
|
279
279
|
|
|
280
|
+
### ownerCreateSecret()
|
|
281
|
+
|
|
282
|
+
> **ownerCreateSecret**(`command`): `Promise`\<`SecretRecord`\>
|
|
283
|
+
|
|
284
|
+
#### Parameters
|
|
285
|
+
|
|
286
|
+
##### command
|
|
287
|
+
|
|
288
|
+
`OwnerCreateSecretCommand`
|
|
289
|
+
|
|
290
|
+
#### Returns
|
|
291
|
+
|
|
292
|
+
`Promise`\<`SecretRecord`\>
|
|
293
|
+
|
|
294
|
+
***
|
|
295
|
+
|
|
280
296
|
### ownerDeleteSecret()
|
|
281
297
|
|
|
282
298
|
> **ownerDeleteSecret**(`command`): `Promise`\<`void`\>
|
|
@@ -333,6 +349,30 @@ This is the primary implementation of the Vault logic.
|
|
|
333
349
|
|
|
334
350
|
***
|
|
335
351
|
|
|
352
|
+
### ownerGetRequest()
|
|
353
|
+
|
|
354
|
+
> **ownerGetRequest**(`actor`, `targetRequestId`, `request?`): `Promise`\<`OwnerRequestRecord`\>
|
|
355
|
+
|
|
356
|
+
#### Parameters
|
|
357
|
+
|
|
358
|
+
##### actor
|
|
359
|
+
|
|
360
|
+
`VaultPrincipal` & `object`
|
|
361
|
+
|
|
362
|
+
##### targetRequestId
|
|
363
|
+
|
|
364
|
+
`string`
|
|
365
|
+
|
|
366
|
+
##### request?
|
|
367
|
+
|
|
368
|
+
`Omit`\<`OwnerGetRequestRequest`, `"vaultId"` \| `"actor"` \| `"targetRequestId"`\>
|
|
369
|
+
|
|
370
|
+
#### Returns
|
|
371
|
+
|
|
372
|
+
`Promise`\<`OwnerRequestRecord`\>
|
|
373
|
+
|
|
374
|
+
***
|
|
375
|
+
|
|
336
376
|
### ownerIssueAllAgentSessionTokens()
|
|
337
377
|
|
|
338
378
|
> **ownerIssueAllAgentSessionTokens**(`actor`): `Promise`\<`OwnerSessionToken`[]\>
|
|
@@ -425,6 +465,30 @@ This is the primary implementation of the Vault logic.
|
|
|
425
465
|
|
|
426
466
|
***
|
|
427
467
|
|
|
468
|
+
### ownerListRequests()
|
|
469
|
+
|
|
470
|
+
> **ownerListRequests**(`actor`, `agentId?`, `request?`): `Promise`\<readonly `OwnerVisibleRequestRecord`[]\>
|
|
471
|
+
|
|
472
|
+
#### Parameters
|
|
473
|
+
|
|
474
|
+
##### actor
|
|
475
|
+
|
|
476
|
+
`VaultPrincipal` & `object`
|
|
477
|
+
|
|
478
|
+
##### agentId?
|
|
479
|
+
|
|
480
|
+
`string`
|
|
481
|
+
|
|
482
|
+
##### request?
|
|
483
|
+
|
|
484
|
+
`Omit`\<`OwnerListRequestsRequest`, `"agentId"` \| `"vaultId"` \| `"actor"`\>
|
|
485
|
+
|
|
486
|
+
#### Returns
|
|
487
|
+
|
|
488
|
+
`Promise`\<readonly `OwnerVisibleRequestRecord`[]\>
|
|
489
|
+
|
|
490
|
+
***
|
|
491
|
+
|
|
428
492
|
### ownerListSecrets()
|
|
429
493
|
|
|
430
494
|
> **ownerListSecrets**(`actor`, `request?`): `Promise`\<readonly `AgentVisibleSecretRecord`[]\>
|
|
@@ -535,6 +599,22 @@ This is the primary implementation of the Vault logic.
|
|
|
535
599
|
|
|
536
600
|
***
|
|
537
601
|
|
|
602
|
+
### ownerRemoveSecret()
|
|
603
|
+
|
|
604
|
+
> **ownerRemoveSecret**(`command`): `Promise`\<`void`\>
|
|
605
|
+
|
|
606
|
+
#### Parameters
|
|
607
|
+
|
|
608
|
+
##### command
|
|
609
|
+
|
|
610
|
+
`OwnerDeleteSecretCommand`
|
|
611
|
+
|
|
612
|
+
#### Returns
|
|
613
|
+
|
|
614
|
+
`Promise`\<`void`\>
|
|
615
|
+
|
|
616
|
+
***
|
|
617
|
+
|
|
538
618
|
### ownerRevokeCapability()
|
|
539
619
|
|
|
540
620
|
> **ownerRevokeCapability**(`command`): `Promise`\<`void`\>
|
|
@@ -609,6 +689,22 @@ This is the primary implementation of the Vault logic.
|
|
|
609
689
|
|
|
610
690
|
***
|
|
611
691
|
|
|
692
|
+
### ownerUpdateSecret()
|
|
693
|
+
|
|
694
|
+
> **ownerUpdateSecret**(`command`): `Promise`\<`SecretRecord`\>
|
|
695
|
+
|
|
696
|
+
#### Parameters
|
|
697
|
+
|
|
698
|
+
##### command
|
|
699
|
+
|
|
700
|
+
`OwnerUpdateSecretCommand`
|
|
701
|
+
|
|
702
|
+
#### Returns
|
|
703
|
+
|
|
704
|
+
`Promise`\<`SecretRecord`\>
|
|
705
|
+
|
|
706
|
+
***
|
|
707
|
+
|
|
612
708
|
### ownerWriteSecret()
|
|
613
709
|
|
|
614
710
|
> **ownerWriteSecret**(`command`): `Promise`\<`SecretRecord`\>
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
[**CBIO Node Runtime Agent API v1.
|
|
1
|
+
[**CBIO Node Runtime Agent API v1.60.0**](../README.md)
|
|
2
2
|
|
|
3
3
|
***
|
|
4
4
|
|
|
@@ -6,6 +6,9 @@
|
|
|
6
6
|
|
|
7
7
|
A client for agents to perform authorized operations (e.g., dispatch HTTP requests with secrets).
|
|
8
8
|
This client uses a delegated capability granted by the owner.
|
|
9
|
+
Agents can use secrets and request broader access, but they do not directly manage
|
|
10
|
+
the secret lifecycle inside the vault. Newly obtained credentials are persisted only
|
|
11
|
+
through owner actions or owner-configured vault flows that explicitly capture them.
|
|
9
12
|
|
|
10
13
|
## Methods
|
|
11
14
|
|
|
@@ -64,6 +67,9 @@ const result = await agent.agentDispatch({
|
|
|
64
67
|
|
|
65
68
|
Introspects the current runtime environment, providing identity, capabilities, and a toolbox manifest.
|
|
66
69
|
Equivalent to '--help' or 'llms.txt' for the agent.
|
|
70
|
+
This is the primary place where an agent should learn its operational boundary:
|
|
71
|
+
it can use existing secrets and request more permission, but it cannot directly
|
|
72
|
+
create, update, or remove secrets in the vault.
|
|
67
73
|
|
|
68
74
|
#### Returns
|
|
69
75
|
|