@thinkai/tai-api-contract 2.2.8 → 2.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -158,7 +158,7 @@ export interface paths {
158
158
  get?: never;
159
159
  /**
160
160
  * Replace workspace data sources
161
- * @description Replace the workspace's `sources` array. Cursor entries are validated strictly (`token` 1-256 chars, no whitespace, no `env:` prefix; optional `https:` `baseUrl`); other types pass through with only a non-empty `type` requirement so existing github / jira / sonarqube / bitbucket callers are not regressed.
161
+ * @description Replace the workspace's `sources` array. Cursor entries are validated strictly (`token` 1-256 chars, no whitespace, no `env:` prefix; optional deprecated `baseUrl` is accepted for backwards compatibility and ignored at runtime; verification and future refresh use the fixed Cursor Admin API host. Other types pass through with only a non-empty `type` requirement so existing github / jira / sonarqube / bitbucket callers are not regressed.
162
162
  * Every secret-keyed top-level string field (`token`, `password`, `api_key`, `secret`, `private_key`, `client_secret`) is encrypted at rest with AES-256-GCM under `SOURCES_TOKEN_ENC_KEY` before persistence; `env:`-prefixed values pass through unchanged. `GET /workspaces/{workspaceId}/config` continues to redact every secret-keyed field to `***` regardless of whether the stored value is encrypted, plaintext, or `env:` ref.
163
163
  * Requires editor or admin workspace role.
164
164
  * **Typical outcomes:** Valid typed sources → `200` with `{ ok: true, workspaceId }`. Missing required fields for a given `type` (e.g. GitHub without `repo` or `token`) → `400` with `error` text. Unknown `type` strings (non-cursor) currently pass through to storage (lenient compatibility); only `cursor` entries get strict field validation. Cursor sources enforce strict token shape (no whitespace, no `env:` prefix).
@@ -183,7 +183,7 @@ export interface paths {
183
183
  /**
184
184
  * Test one source connection (does not persist)
185
185
  * @description Verify a source's credentials without persisting them. Always returns 200 — upstream auth, rate-limit, and network failures surface as `{ success: false, error }` so the SPA can render an inline error.
186
- * Currently only `type: cursor` is verified end-to-end (calls `GET ${baseUrl}/v0/me`); other types report `{ success: false, error: "unsupported_type" }`. Documented `error` codes for cursor: `invalid_token`, `rate_limited`, `network_error`.
186
+ * Currently only `type: cursor` is verified end-to-end (Cursor Admin API, HTTP Basic against `https://api.cursor.com`; optional `baseUrl` in the body is deprecated and ignored). Other types report `{ success: false, error: "unsupported_type" }`. Documented `error` codes for cursor: `invalid_token`, `rate_limited`, `network_error`.
187
187
  * **Typical outcomes:** Malformed body, missing `type`, invalid `type`, or missing required fields for the declared type → `400` with `{ error: "..." }`. Well-formed body with bad credentials or unreachable service → `200` with `{ success: false, error: "..." }` (Cursor verifier and non-cursor paths as documented above).
188
188
  */
189
189
  post: operations["postTenantSourceTest"];
@@ -292,6 +292,94 @@ export interface paths {
292
292
  patch?: never;
293
293
  trace?: never;
294
294
  };
295
+ "/workspaces/{workspaceId}/integrations/ai-tool/{provider}/refresh": {
296
+ parameters: {
297
+ query?: never;
298
+ header?: never;
299
+ path?: never;
300
+ cookie?: never;
301
+ };
302
+ get?: never;
303
+ put?: never;
304
+ /**
305
+ * Refresh AI tool integration snapshots
306
+ * @description Provider-agnostic refresh. Returns 409 when an advisory-lock refresh is already in progress. On upstream auth/rate/network failures, returns `200` with `{ ok:false, error }` so the SPA can render inline error.
307
+ */
308
+ post: operations["refreshWorkspaceAiTool"];
309
+ delete?: never;
310
+ options?: never;
311
+ head?: never;
312
+ patch?: never;
313
+ trace?: never;
314
+ };
315
+ "/workspaces/{workspaceId}/integrations/ai-tool/{provider}/seats": {
316
+ parameters: {
317
+ query?: never;
318
+ header?: never;
319
+ path?: never;
320
+ cookie?: never;
321
+ };
322
+ /** List latest AI-tool seats */
323
+ get: operations["getWorkspaceAiToolSeats"];
324
+ put?: never;
325
+ post?: never;
326
+ delete?: never;
327
+ options?: never;
328
+ head?: never;
329
+ patch?: never;
330
+ trace?: never;
331
+ };
332
+ "/workspaces/{workspaceId}/integrations/ai-tool/{provider}/daily-usage": {
333
+ parameters: {
334
+ query?: never;
335
+ header?: never;
336
+ path?: never;
337
+ cookie?: never;
338
+ };
339
+ /** List AI-tool daily usage */
340
+ get: operations["getWorkspaceAiToolDailyUsage"];
341
+ put?: never;
342
+ post?: never;
343
+ delete?: never;
344
+ options?: never;
345
+ head?: never;
346
+ patch?: never;
347
+ trace?: never;
348
+ };
349
+ "/workspaces/{workspaceId}/integrations/ai-tool/{provider}/spend": {
350
+ parameters: {
351
+ query?: never;
352
+ header?: never;
353
+ path?: never;
354
+ cookie?: never;
355
+ };
356
+ /** List AI-tool spend */
357
+ get: operations["getWorkspaceAiToolSpend"];
358
+ put?: never;
359
+ post?: never;
360
+ delete?: never;
361
+ options?: never;
362
+ head?: never;
363
+ patch?: never;
364
+ trace?: never;
365
+ };
366
+ "/workspaces/{workspaceId}/integrations/ai-tool/{provider}/status": {
367
+ parameters: {
368
+ query?: never;
369
+ header?: never;
370
+ path?: never;
371
+ cookie?: never;
372
+ };
373
+ /** Get last refresh status */
374
+ get: operations["getWorkspaceAiToolRefreshStatus"];
375
+ put?: never;
376
+ post?: never;
377
+ delete?: never;
378
+ options?: never;
379
+ head?: never;
380
+ patch?: never;
381
+ trace?: never;
382
+ };
295
383
  "/integrations/github/callback": {
296
384
  parameters: {
297
385
  query?: never;
@@ -749,15 +837,15 @@ export interface components {
749
837
  } & {
750
838
  [key: string]: unknown;
751
839
  };
752
- /** @description Cursor (AI Tools) source entry for `PUT /workspaces/{workspaceId}/sources` and `POST /workspaces/{workspaceId}/sources/test`. The `token` field carries a literal Cursor API key on writes; reads from `GET /workspaces/{workspaceId}/config` redact it to `***`. */
840
+ /** @description Cursor (AI Tools) source entry for `PUT /workspaces/{workspaceId}/sources` and `POST /workspaces/{workspaceId}/sources/test`. The `token` field carries a literal Cursor API key on writes; reads from `GET /workspaces/{workspaceId}/config` redact it to `***`. Runtime calls use the Cursor Admin API at `https://api.cursor.com` (HTTP Basic); do not rely on `baseUrl`. */
753
841
  CursorSourceDto: {
754
842
  /** @enum {string} */
755
843
  type: "cursor";
756
844
  /** @description Cursor API key (literal). Whitespace and `env:` prefix are rejected. */
757
845
  token: string;
758
846
  /**
759
- * Format: uri
760
- * @description Override Cursor API base URL. Must use `https:`.
847
+ * @deprecated
848
+ * @description Deprecated. Historically suggested an API base URL; the server ignores this field and always uses the Cursor Admin API host. Kept so older clients can submit payloads unchanged.
761
849
  * @default https://api.cursor.com
762
850
  */
763
851
  baseUrl: string;
@@ -772,6 +860,55 @@ export interface components {
772
860
  success: boolean;
773
861
  error?: string;
774
862
  };
863
+ AiToolSeatDto: {
864
+ externalId: string;
865
+ email: string;
866
+ displayName?: string | null;
867
+ role?: string | null;
868
+ isRemoved: boolean;
869
+ payload?: {
870
+ [key: string]: unknown;
871
+ };
872
+ };
873
+ AiToolDailyUsageRowDto: {
874
+ /** Format: date */
875
+ day: string;
876
+ externalId: string;
877
+ email?: string | null;
878
+ isActive: boolean;
879
+ mostUsedModel?: string | null;
880
+ payload?: {
881
+ [key: string]: unknown;
882
+ };
883
+ };
884
+ AiToolSpendRowDto: {
885
+ /** Format: int64 */
886
+ billingCycleStartMs: number;
887
+ externalId: string;
888
+ email?: string | null;
889
+ /** Format: int64 */
890
+ spendCents: number;
891
+ payload?: {
892
+ [key: string]: unknown;
893
+ };
894
+ };
895
+ AiToolRefreshStatusDto: {
896
+ /** Format: date-time */
897
+ lastAttemptAt: string;
898
+ /** Format: date-time */
899
+ lastSuccessAt?: string | null;
900
+ lastErrorKind?: string | null;
901
+ lastErrorMessage?: string | null;
902
+ /** Format: int64 */
903
+ durationMs?: number | null;
904
+ counts: {
905
+ [key: string]: unknown;
906
+ };
907
+ };
908
+ AiToolRefreshResponseDto: {
909
+ ok: boolean;
910
+ error?: string | null;
911
+ };
775
912
  /** @description Nested metric groups; see TypeScript `DashboardProductivityMetricsDto` in @thinkai/tai-api-contract. */
776
913
  DashboardProductivityMetricsDto: {
777
914
  [key: string]: unknown;
@@ -1244,6 +1381,11 @@ export type TenantSourceEntryDto = components['schemas']['TenantSourceEntryDto']
1244
1381
  export type CursorSourceDto = components['schemas']['CursorSourceDto'];
1245
1382
  export type WorkspaceConfigDto = components['schemas']['WorkspaceConfigDto'];
1246
1383
  export type TestConnectionResponseDto = components['schemas']['TestConnectionResponseDto'];
1384
+ export type AiToolSeatDto = components['schemas']['AiToolSeatDto'];
1385
+ export type AiToolDailyUsageRowDto = components['schemas']['AiToolDailyUsageRowDto'];
1386
+ export type AiToolSpendRowDto = components['schemas']['AiToolSpendRowDto'];
1387
+ export type AiToolRefreshStatusDto = components['schemas']['AiToolRefreshStatusDto'];
1388
+ export type AiToolRefreshResponseDto = components['schemas']['AiToolRefreshResponseDto'];
1247
1389
  export type DashboardProductivityMetricsDto = components['schemas']['DashboardProductivityMetricsDto'];
1248
1390
  export type DashboardProductivityDto = components['schemas']['DashboardProductivityDto'];
1249
1391
  export type DashboardProductivityHistoryDto = components['schemas']['DashboardProductivityHistoryDto'];
@@ -2026,6 +2168,190 @@ export interface operations {
2026
2168
  };
2027
2169
  };
2028
2170
  };
2171
+ refreshWorkspaceAiTool: {
2172
+ parameters: {
2173
+ query?: never;
2174
+ header?: never;
2175
+ path: {
2176
+ workspaceId: components["parameters"]["WorkspaceId"];
2177
+ provider: "cursor";
2178
+ };
2179
+ cookie?: never;
2180
+ };
2181
+ requestBody?: never;
2182
+ responses: {
2183
+ /** @description Refresh result */
2184
+ 200: {
2185
+ headers: {
2186
+ [name: string]: unknown;
2187
+ };
2188
+ content: {
2189
+ "application/json": components["schemas"]["AiToolRefreshResponseDto"];
2190
+ };
2191
+ };
2192
+ 401: components["responses"]["Unauthorized"];
2193
+ 403: components["responses"]["Forbidden"];
2194
+ /** @description Provider source missing for this workspace */
2195
+ 404: {
2196
+ headers: {
2197
+ [name: string]: unknown;
2198
+ };
2199
+ content: {
2200
+ /**
2201
+ * @example {
2202
+ * "ok": false,
2203
+ * "error": "no_source"
2204
+ * }
2205
+ */
2206
+ "application/json": components["schemas"]["AiToolRefreshResponseDto"];
2207
+ };
2208
+ };
2209
+ /** @description Refresh already in progress */
2210
+ 409: {
2211
+ headers: {
2212
+ [name: string]: unknown;
2213
+ };
2214
+ content: {
2215
+ /**
2216
+ * @example {
2217
+ * "ok": false,
2218
+ * "error": "already_in_progress"
2219
+ * }
2220
+ */
2221
+ "application/json": components["schemas"]["AiToolRefreshResponseDto"];
2222
+ };
2223
+ };
2224
+ };
2225
+ };
2226
+ getWorkspaceAiToolSeats: {
2227
+ parameters: {
2228
+ query?: never;
2229
+ header?: never;
2230
+ path: {
2231
+ workspaceId: components["parameters"]["WorkspaceId"];
2232
+ provider: "cursor";
2233
+ };
2234
+ cookie?: never;
2235
+ };
2236
+ requestBody?: never;
2237
+ responses: {
2238
+ /** @description Seats */
2239
+ 200: {
2240
+ headers: {
2241
+ [name: string]: unknown;
2242
+ };
2243
+ content: {
2244
+ "application/json": {
2245
+ seats: components["schemas"]["AiToolSeatDto"][];
2246
+ };
2247
+ };
2248
+ };
2249
+ 401: components["responses"]["Unauthorized"];
2250
+ 403: components["responses"]["Forbidden"];
2251
+ };
2252
+ };
2253
+ getWorkspaceAiToolDailyUsage: {
2254
+ parameters: {
2255
+ query?: {
2256
+ from?: string;
2257
+ to?: string;
2258
+ externalId?: string;
2259
+ };
2260
+ header?: never;
2261
+ path: {
2262
+ workspaceId: components["parameters"]["WorkspaceId"];
2263
+ provider: "cursor";
2264
+ };
2265
+ cookie?: never;
2266
+ };
2267
+ requestBody?: never;
2268
+ responses: {
2269
+ /** @description Usage rows */
2270
+ 200: {
2271
+ headers: {
2272
+ [name: string]: unknown;
2273
+ };
2274
+ content: {
2275
+ "application/json": {
2276
+ rows: components["schemas"]["AiToolDailyUsageRowDto"][];
2277
+ };
2278
+ };
2279
+ };
2280
+ 401: components["responses"]["Unauthorized"];
2281
+ 403: components["responses"]["Forbidden"];
2282
+ };
2283
+ };
2284
+ getWorkspaceAiToolSpend: {
2285
+ parameters: {
2286
+ query?: {
2287
+ cycleStartMs?: number;
2288
+ };
2289
+ header?: never;
2290
+ path: {
2291
+ workspaceId: components["parameters"]["WorkspaceId"];
2292
+ provider: "cursor";
2293
+ };
2294
+ cookie?: never;
2295
+ };
2296
+ requestBody?: never;
2297
+ responses: {
2298
+ /** @description Spend rows */
2299
+ 200: {
2300
+ headers: {
2301
+ [name: string]: unknown;
2302
+ };
2303
+ content: {
2304
+ "application/json": {
2305
+ rows: components["schemas"]["AiToolSpendRowDto"][];
2306
+ };
2307
+ };
2308
+ };
2309
+ 401: components["responses"]["Unauthorized"];
2310
+ 403: components["responses"]["Forbidden"];
2311
+ };
2312
+ };
2313
+ getWorkspaceAiToolRefreshStatus: {
2314
+ parameters: {
2315
+ query?: never;
2316
+ header?: never;
2317
+ path: {
2318
+ workspaceId: components["parameters"]["WorkspaceId"];
2319
+ provider: "cursor";
2320
+ };
2321
+ cookie?: never;
2322
+ };
2323
+ requestBody?: never;
2324
+ responses: {
2325
+ /** @description Refresh status */
2326
+ 200: {
2327
+ headers: {
2328
+ [name: string]: unknown;
2329
+ };
2330
+ content: {
2331
+ "application/json": {
2332
+ status: components["schemas"]["AiToolRefreshStatusDto"];
2333
+ };
2334
+ };
2335
+ };
2336
+ 401: components["responses"]["Unauthorized"];
2337
+ 403: components["responses"]["Forbidden"];
2338
+ /** @description No refresh status yet (or provider source missing) */
2339
+ 404: {
2340
+ headers: {
2341
+ [name: string]: unknown;
2342
+ };
2343
+ content: {
2344
+ /**
2345
+ * @example {
2346
+ * "ok": false,
2347
+ * "error": "no_source"
2348
+ * }
2349
+ */
2350
+ "application/json": components["schemas"]["AiToolRefreshResponseDto"];
2351
+ };
2352
+ };
2353
+ };
2354
+ };
2029
2355
  getGithubInstallCallback: {
2030
2356
  parameters: {
2031
2357
  query: {