@vertesia/common 1.4.0-dev.20260615.051508Z → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/access-control.d.ts +2 -6
- package/lib/access-control.d.ts.map +1 -1
- package/lib/access-control.js +3 -0
- package/lib/access-control.js.map +1 -1
- package/lib/apikey.d.ts +4 -5
- package/lib/apikey.d.ts.map +1 -1
- package/lib/apikey.js.map +1 -1
- package/lib/apps.d.ts +15 -275
- package/lib/apps.d.ts.map +1 -1
- package/lib/apps.js.map +1 -1
- package/lib/ask-user.d.ts +29 -1
- package/lib/ask-user.d.ts.map +1 -1
- package/lib/data-platform.d.ts +33 -121
- package/lib/data-platform.d.ts.map +1 -1
- package/lib/data-platform.js.map +1 -1
- package/lib/environment.d.ts +11 -1
- package/lib/environment.d.ts.map +1 -1
- package/lib/environment.js.map +1 -1
- package/lib/index.d.ts +1 -1
- package/lib/index.d.ts.map +1 -1
- package/lib/index.js +1 -1
- package/lib/index.js.map +1 -1
- package/lib/interaction.d.ts +11 -7
- package/lib/interaction.d.ts.map +1 -1
- package/lib/interaction.js.map +1 -1
- package/lib/json-schema.d.ts +1 -1
- package/lib/json-schema.d.ts.map +1 -1
- package/lib/oauth-scopes.d.ts +5 -0
- package/lib/oauth-scopes.d.ts.map +1 -1
- package/lib/oauth-scopes.js +10 -1
- package/lib/oauth-scopes.js.map +1 -1
- package/lib/oauth-server.d.ts +17 -0
- package/lib/oauth-server.d.ts.map +1 -1
- package/lib/project.d.ts +1 -1
- package/lib/project.d.ts.map +1 -1
- package/lib/project.js +26 -26
- package/lib/project.js.map +1 -1
- package/lib/roles/types.d.ts +54 -0
- package/lib/roles/types.d.ts.map +1 -0
- package/lib/roles/types.js +17 -0
- package/lib/roles/types.js.map +1 -0
- package/lib/store/agent-approval.d.ts +18 -0
- package/lib/store/agent-approval.d.ts.map +1 -0
- package/lib/store/agent-approval.js +11 -0
- package/lib/store/agent-approval.js.map +1 -0
- package/lib/store/agent-run.d.ts +18 -4
- package/lib/store/agent-run.d.ts.map +1 -1
- package/lib/store/conversation-state.d.ts +54 -30
- package/lib/store/conversation-state.d.ts.map +1 -1
- package/lib/store/conversation-state.js +0 -3
- package/lib/store/conversation-state.js.map +1 -1
- package/lib/store/index.d.ts +1 -0
- package/lib/store/index.d.ts.map +1 -1
- package/lib/store/index.js +1 -0
- package/lib/store/index.js.map +1 -1
- package/lib/store/signals.d.ts +15 -0
- package/lib/store/signals.d.ts.map +1 -1
- package/lib/store/workflow.d.ts +41 -2
- package/lib/store/workflow.d.ts.map +1 -1
- package/lib/store/workflow.js +8 -5
- package/lib/store/workflow.js.map +1 -1
- package/lib/sts-token-types.d.ts +2 -2
- package/lib/sts-token-types.d.ts.map +1 -1
- package/lib/transient-tokens.d.ts +2 -2
- package/lib/transient-tokens.d.ts.map +1 -1
- package/lib/user.d.ts +2 -2
- package/lib/user.d.ts.map +1 -1
- package/lib/vertesia-common.js +1 -1
- package/lib/vertesia-common.js.map +1 -1
- package/package.json +7 -6
- package/src/access-control.ts +5 -6
- package/src/apikey.ts +4 -5
- package/src/apps.ts +15 -298
- package/src/ask-user.ts +31 -1
- package/src/data-platform.ts +35 -129
- package/src/environment.ts +12 -1
- package/src/index.ts +1 -1
- package/src/interaction.ts +13 -7
- package/src/json-schema.ts +1 -0
- package/src/oauth-scopes.ts +13 -1
- package/src/oauth-server.ts +17 -0
- package/src/project.ts +8 -8
- package/src/roles/types.ts +58 -0
- package/src/store/agent-approval.test.ts +18 -0
- package/src/store/agent-approval.ts +33 -0
- package/src/store/agent-run.ts +20 -3
- package/src/store/conversation-state.ts +62 -36
- package/src/store/index.ts +1 -0
- package/src/store/signals.ts +16 -0
- package/src/store/workflow.test.ts +60 -0
- package/src/store/workflow.ts +51 -7
- package/src/sts-token-types.ts +2 -2
- package/src/transient-tokens.ts +2 -2
- package/src/user.ts +2 -2
- package/lib/roles.d.ts +0 -19
- package/lib/roles.d.ts.map +0 -1
- package/lib/roles.js +0 -228
- package/lib/roles.js.map +0 -1
- package/src/roles.test.ts +0 -30
- package/src/roles.ts +0 -251
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@vertesia/common",
|
|
3
|
-
"version": "1.4.0
|
|
3
|
+
"version": "1.4.0",
|
|
4
4
|
"license": "Apache-2.0",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./lib/index.js",
|
|
@@ -20,14 +20,14 @@
|
|
|
20
20
|
"@rollup/plugin-commonjs": "^29.0.3",
|
|
21
21
|
"@rollup/plugin-node-resolve": "^16.0.3",
|
|
22
22
|
"@rollup/plugin-terser": "^1.0.0",
|
|
23
|
-
"rollup": "^4.61.
|
|
23
|
+
"rollup": "^4.61.1",
|
|
24
24
|
"typescript": "^6.0.3",
|
|
25
|
-
"vitest": "^4.1.
|
|
25
|
+
"vitest": "^4.1.9",
|
|
26
26
|
"@vertesia/tsconfig": "0.1.0"
|
|
27
27
|
},
|
|
28
28
|
"dependencies": {
|
|
29
29
|
"ajv": "^8.20.0",
|
|
30
|
-
"@llumiverse/common": "1.
|
|
30
|
+
"@llumiverse/common": "1.4.0"
|
|
31
31
|
},
|
|
32
32
|
"repository": {
|
|
33
33
|
"type": "git",
|
|
@@ -46,7 +46,8 @@
|
|
|
46
46
|
"lint": "biome lint src",
|
|
47
47
|
"test": "vitest run",
|
|
48
48
|
"typecheck:test": "tsc -p tsconfig.test.json --noEmit",
|
|
49
|
-
"
|
|
50
|
-
"
|
|
49
|
+
"clean:lib": "rimraf ./lib ./tsconfig.tsbuildinfo",
|
|
50
|
+
"build": "pnpm run clean:lib && tsc -p tsconfig.json && pnpm exec rollup -c",
|
|
51
|
+
"clean": "rimraf ./node_modules ./lib ./tsconfig.tsbuildinfo"
|
|
51
52
|
}
|
|
52
53
|
}
|
package/src/access-control.ts
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Access control interfaces
|
|
5
5
|
*/
|
|
6
6
|
|
|
7
|
-
import type {
|
|
7
|
+
import type { SystemRoles } from './project.js';
|
|
8
8
|
|
|
9
9
|
export enum Permission {
|
|
10
10
|
int_read = 'interaction:read',
|
|
@@ -112,7 +112,7 @@ export interface AceConditions {
|
|
|
112
112
|
}
|
|
113
113
|
|
|
114
114
|
export interface AccessControlEntry {
|
|
115
|
-
role:
|
|
115
|
+
role: SystemRoles;
|
|
116
116
|
resource_type: AccessControlResourceType;
|
|
117
117
|
resource: string; //objectId
|
|
118
118
|
principal_type: AccessControlPrincipalType;
|
|
@@ -134,10 +134,9 @@ export interface ACECreatePayload extends Omit<AccessControlEntry, 'created_at'
|
|
|
134
134
|
|
|
135
135
|
export interface ACEUpdatePayload extends Partial<ACECreatePayload> {}
|
|
136
136
|
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
}
|
|
137
|
+
// RoleDefinition + SystemRoleDefinition now live in `./roles/types.js` to
|
|
138
|
+
// avoid a circular import with `RoleDomain`. They remain re-exported via
|
|
139
|
+
// the package's index.ts so consumers see no path change.
|
|
141
140
|
|
|
142
141
|
// ============================================================================
|
|
143
142
|
// BLP Security Levels
|
package/src/apikey.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import type { PropertyConditions } from './access-control.js';
|
|
2
2
|
import type { UserGroupRef } from './group.js';
|
|
3
|
-
import type { ProjectRef,
|
|
3
|
+
import type { ProjectRef, SystemRoles } from './project.js';
|
|
4
4
|
import type { AccountRef } from './user.js';
|
|
5
5
|
|
|
6
6
|
/**
|
|
@@ -21,7 +21,7 @@ export interface ApiKey {
|
|
|
21
21
|
id: string;
|
|
22
22
|
name: string;
|
|
23
23
|
type: ApiKeyTypes;
|
|
24
|
-
role:
|
|
24
|
+
role: SystemRoles;
|
|
25
25
|
maskedValue?: string; //masked value
|
|
26
26
|
can_retrieve_value?: boolean;
|
|
27
27
|
account: string; // the account id
|
|
@@ -71,11 +71,11 @@ export interface AuthTokenPayload {
|
|
|
71
71
|
type: PrincipalType;
|
|
72
72
|
account: AccountRef;
|
|
73
73
|
|
|
74
|
-
account_roles:
|
|
74
|
+
account_roles: SystemRoles[];
|
|
75
75
|
accounts: AccountRef[];
|
|
76
76
|
|
|
77
77
|
project?: ProjectRef;
|
|
78
|
-
project_roles?:
|
|
78
|
+
project_roles?: SystemRoles[];
|
|
79
79
|
|
|
80
80
|
/**
|
|
81
81
|
* The app names enabled for this token. Defaults to an empty array if no apps are enabled.
|
|
@@ -121,7 +121,6 @@ export interface AuthTokenPayload {
|
|
|
121
121
|
studio: string;
|
|
122
122
|
store: string;
|
|
123
123
|
token?: string;
|
|
124
|
-
git?: string;
|
|
125
124
|
};
|
|
126
125
|
|
|
127
126
|
iss: string; //issuer
|
package/src/apps.ts
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
import type { JSONObject, JSONSchema, ToolDefinition } from '@llumiverse/common';
|
|
2
|
-
import type { AppDashboardDefinition } from './data-platform.js';
|
|
3
2
|
import type { CatalogInteractionRef } from './interaction.js';
|
|
4
3
|
import type { DSLActivityOptions, InCodeProcessDefinition, InCodeTypeDefinition } from './store/index.js';
|
|
5
4
|
|
|
@@ -303,6 +302,16 @@ export interface MCPToolAnnotations {
|
|
|
303
302
|
openWorldHint?: boolean;
|
|
304
303
|
}
|
|
305
304
|
|
|
305
|
+
/**
|
|
306
|
+
* Approval behavior class for a tool exposed to agents.
|
|
307
|
+
*
|
|
308
|
+
* - `read_only`: reads or inspects state without changing Vertesia, external systems, or user-visible artifacts.
|
|
309
|
+
* - `side_effecting`: can create, update, delete, send, execute, schedule, or otherwise change state.
|
|
310
|
+
* - `control`: affects agent control flow or tool availability, not user data or external systems.
|
|
311
|
+
* - `requires_confirmation`: high-impact action that must ask the user even in interactive full-control mode.
|
|
312
|
+
*/
|
|
313
|
+
export type AgentToolApprovalClass = 'read_only' | 'side_effecting' | 'control' | 'requires_confirmation';
|
|
314
|
+
|
|
306
315
|
/**
|
|
307
316
|
* Tool definition with optional activation control for agent exposure.
|
|
308
317
|
*/
|
|
@@ -334,15 +343,10 @@ export interface AgentToolDefinition extends ToolDefinition {
|
|
|
334
343
|
*/
|
|
335
344
|
annotations?: MCPToolAnnotations;
|
|
336
345
|
/**
|
|
337
|
-
*
|
|
338
|
-
*
|
|
339
|
-
* must not run and should return an error indicating the user declined.
|
|
340
|
-
*
|
|
341
|
-
* Stronger than `annotations.destructiveHint` (which is only a hint) —
|
|
342
|
-
* this is a hard contract the agent is expected to honor. Set on tools
|
|
343
|
-
* that perform irreversible or destructive actions (e.g. delete_*).
|
|
346
|
+
* Approval classification used by interactive agent approval modes.
|
|
347
|
+
* Use `requires_confirmation` for actions that must prompt even in full-control mode.
|
|
344
348
|
*/
|
|
345
|
-
|
|
349
|
+
approval_class?: AgentToolApprovalClass;
|
|
346
350
|
}
|
|
347
351
|
|
|
348
352
|
/**
|
|
@@ -372,183 +376,9 @@ export interface RemoteActivityDefinition {
|
|
|
372
376
|
options?: DSLActivityOptions;
|
|
373
377
|
}
|
|
374
378
|
|
|
375
|
-
export type AppCapabilities = 'ui' | 'tools' | 'interactions' | 'types' | 'processes' | 'templates'
|
|
379
|
+
export type AppCapabilities = 'ui' | 'tools' | 'interactions' | 'types' | 'processes' | 'templates';
|
|
376
380
|
export type AppAvailableIn = 'app_portal' | 'composite_app';
|
|
377
381
|
|
|
378
|
-
export type AppVersionKind = 'design' | 'preview' | 'published';
|
|
379
|
-
export type AppVersionState = 'ready' | 'failed' | 'expired';
|
|
380
|
-
export type AppVersionTarget = 'static' | 'service';
|
|
381
|
-
export type AppVersionGitRefType = 'branch' | 'tag' | 'commit' | 'detached';
|
|
382
|
-
export type AppBuildIntent = 'preview' | 'publish';
|
|
383
|
-
export type AppBuildTrigger = 'ui' | 'git_push' | 'agent' | 'api';
|
|
384
|
-
|
|
385
|
-
export interface AppVersionStorage {
|
|
386
|
-
tenant_id?: string;
|
|
387
|
-
app_prefix?: string;
|
|
388
|
-
artifacts_prefix?: string;
|
|
389
|
-
source_archive?: string;
|
|
390
|
-
source_git?: AppVersionGitSource;
|
|
391
|
-
build_prefix?: string;
|
|
392
|
-
manifest_path?: string;
|
|
393
|
-
service_archive?: string;
|
|
394
|
-
live_metadata_path?: string;
|
|
395
|
-
}
|
|
396
|
-
|
|
397
|
-
export interface AppVersionGitSource {
|
|
398
|
-
url?: string;
|
|
399
|
-
remote?: string;
|
|
400
|
-
/**
|
|
401
|
-
* The source ref that should be used to reproduce this version. For immutable
|
|
402
|
-
* app versions this is normally the tag created during preview/publish.
|
|
403
|
-
*/
|
|
404
|
-
ref?: string;
|
|
405
|
-
ref_type?: AppVersionGitRefType;
|
|
406
|
-
branch?: string;
|
|
407
|
-
tag?: string;
|
|
408
|
-
commit?: string;
|
|
409
|
-
dirty?: boolean;
|
|
410
|
-
pushed?: boolean;
|
|
411
|
-
push_warning?: string;
|
|
412
|
-
}
|
|
413
|
-
|
|
414
|
-
export interface AppVersionUrls {
|
|
415
|
-
live_url?: string;
|
|
416
|
-
app_url?: string;
|
|
417
|
-
plugin_url?: string;
|
|
418
|
-
package_url?: string;
|
|
419
|
-
internal_preview_url?: string;
|
|
420
|
-
}
|
|
421
|
-
|
|
422
|
-
export interface AppVersionRecord {
|
|
423
|
-
id: string;
|
|
424
|
-
account: string;
|
|
425
|
-
project: string;
|
|
426
|
-
app?: string;
|
|
427
|
-
app_id: string;
|
|
428
|
-
app_name: string;
|
|
429
|
-
version_id: string;
|
|
430
|
-
kind: AppVersionKind;
|
|
431
|
-
state: AppVersionState;
|
|
432
|
-
active?: boolean;
|
|
433
|
-
target?: AppVersionTarget;
|
|
434
|
-
agent_run_id?: string;
|
|
435
|
-
sandbox_id?: string;
|
|
436
|
-
title?: string;
|
|
437
|
-
description?: string;
|
|
438
|
-
storage?: AppVersionStorage;
|
|
439
|
-
urls?: AppVersionUrls;
|
|
440
|
-
manifest?: Record<string, unknown>;
|
|
441
|
-
files?: string[];
|
|
442
|
-
file_count?: number;
|
|
443
|
-
source_file_count?: number;
|
|
444
|
-
screenshot_artifact?: string;
|
|
445
|
-
checks?: string[];
|
|
446
|
-
created_by?: string;
|
|
447
|
-
created_at: string;
|
|
448
|
-
updated_at: string;
|
|
449
|
-
published_at?: string;
|
|
450
|
-
checked_at?: string;
|
|
451
|
-
expires_at?: string;
|
|
452
|
-
}
|
|
453
|
-
|
|
454
|
-
export interface UpsertAppVersionRequest {
|
|
455
|
-
app?: string;
|
|
456
|
-
app_id: string;
|
|
457
|
-
app_name?: string;
|
|
458
|
-
version_id: string;
|
|
459
|
-
kind: AppVersionKind;
|
|
460
|
-
state?: AppVersionState;
|
|
461
|
-
active?: boolean;
|
|
462
|
-
target?: AppVersionTarget;
|
|
463
|
-
agent_run_id?: string;
|
|
464
|
-
sandbox_id?: string;
|
|
465
|
-
title?: string;
|
|
466
|
-
description?: string;
|
|
467
|
-
storage?: AppVersionStorage;
|
|
468
|
-
urls?: AppVersionUrls;
|
|
469
|
-
manifest?: Record<string, unknown>;
|
|
470
|
-
files?: string[];
|
|
471
|
-
file_count?: number;
|
|
472
|
-
source_file_count?: number;
|
|
473
|
-
screenshot_artifact?: string;
|
|
474
|
-
checks?: string[];
|
|
475
|
-
published_at?: string;
|
|
476
|
-
checked_at?: string;
|
|
477
|
-
expires_at?: string;
|
|
478
|
-
}
|
|
479
|
-
|
|
480
|
-
export interface AppVersionListQuery {
|
|
481
|
-
app_id?: string;
|
|
482
|
-
kind?: AppVersionKind;
|
|
483
|
-
include_expired?: boolean;
|
|
484
|
-
limit?: number;
|
|
485
|
-
}
|
|
486
|
-
|
|
487
|
-
export interface ActivateAppVersionResponse {
|
|
488
|
-
version: AppVersionRecord;
|
|
489
|
-
app?: AppManifest;
|
|
490
|
-
}
|
|
491
|
-
|
|
492
|
-
export interface StartAppBuildRequest {
|
|
493
|
-
/**
|
|
494
|
-
* Source branch, tag, or commit to build. When omitted, the app source
|
|
495
|
-
* configuration chooses the dev branch for previews and production branch
|
|
496
|
-
* for publishes.
|
|
497
|
-
*/
|
|
498
|
-
source_ref?: string;
|
|
499
|
-
source_ref_type?: Extract<AppVersionGitRefType, 'branch' | 'tag' | 'commit'>;
|
|
500
|
-
intent?: AppBuildIntent;
|
|
501
|
-
trigger?: AppBuildTrigger;
|
|
502
|
-
target?: AppVersionTarget;
|
|
503
|
-
activate?: boolean;
|
|
504
|
-
title?: string;
|
|
505
|
-
description?: string;
|
|
506
|
-
}
|
|
507
|
-
|
|
508
|
-
export interface StartAppBuildResponse {
|
|
509
|
-
workflow_id: string;
|
|
510
|
-
run_id: string;
|
|
511
|
-
app_id: string;
|
|
512
|
-
intent: AppBuildIntent;
|
|
513
|
-
source_ref?: string;
|
|
514
|
-
source_ref_type?: Extract<AppVersionGitRefType, 'branch' | 'tag' | 'commit'>;
|
|
515
|
-
}
|
|
516
|
-
|
|
517
|
-
export interface AppBuildWorkflowInput extends StartAppBuildRequest {
|
|
518
|
-
app_id: string;
|
|
519
|
-
app_record_id?: string;
|
|
520
|
-
app_title?: string;
|
|
521
|
-
app_description?: string;
|
|
522
|
-
source_git_url?: string;
|
|
523
|
-
}
|
|
524
|
-
|
|
525
|
-
export interface AppBuildWorkflowResult {
|
|
526
|
-
app_id: string;
|
|
527
|
-
version_id: string;
|
|
528
|
-
kind: Extract<AppVersionKind, 'preview' | 'published'>;
|
|
529
|
-
state: AppVersionState;
|
|
530
|
-
source_git?: AppVersionGitSource;
|
|
531
|
-
urls?: AppVersionUrls;
|
|
532
|
-
file_count?: number;
|
|
533
|
-
}
|
|
534
|
-
|
|
535
|
-
export type AppBuildProgressStatus = 'queued' | 'resolving' | 'building' | 'completed' | 'failed';
|
|
536
|
-
|
|
537
|
-
export interface AppBuildProgress {
|
|
538
|
-
status: AppBuildProgressStatus;
|
|
539
|
-
step: string;
|
|
540
|
-
app_id?: string;
|
|
541
|
-
version_id?: string;
|
|
542
|
-
intent?: AppBuildIntent;
|
|
543
|
-
source_ref?: string;
|
|
544
|
-
source_ref_type?: Extract<AppVersionGitRefType, 'branch' | 'tag' | 'commit'>;
|
|
545
|
-
source_commit?: string;
|
|
546
|
-
file_count?: number;
|
|
547
|
-
app_url?: string;
|
|
548
|
-
error?: string;
|
|
549
|
-
updated_at: string;
|
|
550
|
-
}
|
|
551
|
-
|
|
552
382
|
/**
|
|
553
383
|
* Access control policy for an app installation.
|
|
554
384
|
* Declares which access surfaces are gated by per-user ACEs.
|
|
@@ -609,18 +439,6 @@ export interface AppManifestData {
|
|
|
609
439
|
*/
|
|
610
440
|
color?: string;
|
|
611
441
|
|
|
612
|
-
/**
|
|
613
|
-
* Optional preview screenshot for the app-management UI, captured by the builder during a
|
|
614
|
-
* build/QA run. Resolved client-side from the owning agent run's artifact storage, so it
|
|
615
|
-
* carries both the run id and the artifact path.
|
|
616
|
-
*/
|
|
617
|
-
preview_screenshot?: {
|
|
618
|
-
/** Agent run id whose artifact storage holds the screenshot. */
|
|
619
|
-
agent_run_id: string;
|
|
620
|
-
/** Artifact path within that storage, e.g. "preview-checks/app-preview-<ts>.png". */
|
|
621
|
-
artifact: string;
|
|
622
|
-
};
|
|
623
|
-
|
|
624
442
|
status: 'beta' | 'stable' | 'deprecated';
|
|
625
443
|
|
|
626
444
|
/**
|
|
@@ -677,8 +495,6 @@ export interface AppManifestData {
|
|
|
677
495
|
* - interactions
|
|
678
496
|
* - types
|
|
679
497
|
* - processes
|
|
680
|
-
* - templates
|
|
681
|
-
* - dashboards
|
|
682
498
|
* - settings
|
|
683
499
|
* - all (the default if no scope is provided)
|
|
684
500
|
* You can also use comma-separated values to combine scopes (e.g. "ui,tools").
|
|
@@ -701,13 +517,6 @@ export interface AppManifestData {
|
|
|
701
517
|
*/
|
|
702
518
|
version?: string;
|
|
703
519
|
|
|
704
|
-
/**
|
|
705
|
-
* Source repository configuration for apps generated and maintained through
|
|
706
|
-
* AppGen. Branches are mutable deployment lanes; immutable app versions
|
|
707
|
-
* record their exact source tag/commit in AppVersionRecord.storage.source_git.
|
|
708
|
-
*/
|
|
709
|
-
source?: AppSourceConfig;
|
|
710
|
-
|
|
711
520
|
/**
|
|
712
521
|
* Free-form tags used for classification and filtering. Platform apps
|
|
713
522
|
* carry `"system"` so UIs can skip install/uninstall/manage-permission
|
|
@@ -723,18 +532,6 @@ export interface AppManifestData {
|
|
|
723
532
|
access_control?: AppAccessControl;
|
|
724
533
|
}
|
|
725
534
|
|
|
726
|
-
export interface AppGitSourceConfig {
|
|
727
|
-
url?: string;
|
|
728
|
-
default_branch?: string;
|
|
729
|
-
production_branch?: string;
|
|
730
|
-
development_branch?: string;
|
|
731
|
-
}
|
|
732
|
-
|
|
733
|
-
export interface AppSourceConfig {
|
|
734
|
-
kind: 'git';
|
|
735
|
-
git?: AppGitSourceConfig;
|
|
736
|
-
}
|
|
737
|
-
|
|
738
535
|
/**
|
|
739
536
|
* Reserved deployment environment names that may never be used as endpoint
|
|
740
537
|
* override keys. Reserving them prevents a manifest from hijacking auto-resolution
|
|
@@ -766,8 +563,6 @@ export interface Endpoints {
|
|
|
766
563
|
token?: string;
|
|
767
564
|
/** The browser-facing Studio UI (composable-ui) base URL */
|
|
768
565
|
ui?: string;
|
|
769
|
-
/** The Smart HTTP app source git server base URL */
|
|
770
|
-
git?: string;
|
|
771
566
|
}
|
|
772
567
|
|
|
773
568
|
/**
|
|
@@ -868,7 +663,6 @@ export type AppPackageScope =
|
|
|
868
663
|
| 'types'
|
|
869
664
|
| 'processes'
|
|
870
665
|
| 'templates'
|
|
871
|
-
| 'dashboards'
|
|
872
666
|
| 'settings'
|
|
873
667
|
| 'widgets'
|
|
874
668
|
| 'activities'
|
|
@@ -912,11 +706,6 @@ export interface AppPackage {
|
|
|
912
706
|
*/
|
|
913
707
|
templates?: RenderingTemplateDefinitionRef[];
|
|
914
708
|
|
|
915
|
-
/**
|
|
916
|
-
* Dashboards provided by the app.
|
|
917
|
-
*/
|
|
918
|
-
dashboards?: AppDashboardDefinition[];
|
|
919
|
-
|
|
920
709
|
/**
|
|
921
710
|
* Widgets provided by the app.
|
|
922
711
|
*/
|
|
@@ -935,61 +724,6 @@ export interface AppPackage {
|
|
|
935
724
|
settings_schema?: JSONSchema;
|
|
936
725
|
}
|
|
937
726
|
|
|
938
|
-
/**
|
|
939
|
-
* A single diagnostic produced while inspecting an app's registration state.
|
|
940
|
-
*/
|
|
941
|
-
export interface AppInspectionIssue {
|
|
942
|
-
severity: 'error' | 'warning';
|
|
943
|
-
/** The capability this issue relates to, when applicable (e.g. 'types'). */
|
|
944
|
-
capability?: AppPackageScope;
|
|
945
|
-
/** Stable machine code, e.g. 'capability_declared_but_empty', 'endpoint_unreachable', 'not_installed'. */
|
|
946
|
-
code: string;
|
|
947
|
-
/** Human-readable explanation, safe to surface to the model and the UI. */
|
|
948
|
-
message: string;
|
|
949
|
-
}
|
|
950
|
-
|
|
951
|
-
/**
|
|
952
|
-
* Per-capability report of what an app's published package actually exposes,
|
|
953
|
-
* compared against what its manifest declares.
|
|
954
|
-
*/
|
|
955
|
-
export interface AppInspectionCapabilityReport {
|
|
956
|
-
capability: AppPackageScope;
|
|
957
|
-
/** True when the manifest's `capabilities` array declares this capability. */
|
|
958
|
-
declared: boolean;
|
|
959
|
-
/** The local ids the published package actually serves for this capability. */
|
|
960
|
-
exposed_ids: string[];
|
|
961
|
-
/** Convenience count of `exposed_ids`. */
|
|
962
|
-
exposed_count: number;
|
|
963
|
-
}
|
|
964
|
-
|
|
965
|
-
/**
|
|
966
|
-
* Result of inspecting an app's registration: the resolved manifest state, what
|
|
967
|
-
* the published package actually exposes per capability, and diagnostics. This
|
|
968
|
-
* is the ground truth used by the `app_inspect_registration` agent tool and the
|
|
969
|
-
* Build › App inspection UI to verify what is registered vs declared, instead of
|
|
970
|
-
* inferring it from failed object/import calls.
|
|
971
|
-
*/
|
|
972
|
-
export interface AppInspectionResult {
|
|
973
|
-
app_id: string;
|
|
974
|
-
name: string;
|
|
975
|
-
version?: string;
|
|
976
|
-
/** The resolved package endpoint for the current environment, if any. */
|
|
977
|
-
endpoint?: string;
|
|
978
|
-
/** True when the package endpoint responded to the capability probe. */
|
|
979
|
-
endpoint_reachable: boolean;
|
|
980
|
-
/** True when the app is installed in the current project. */
|
|
981
|
-
installed: boolean;
|
|
982
|
-
access_control?: string;
|
|
983
|
-
/** The capabilities declared on the manifest. */
|
|
984
|
-
capabilities: AppPackageScope[];
|
|
985
|
-
/** What the published package exposes, per capability. */
|
|
986
|
-
package: AppInspectionCapabilityReport[];
|
|
987
|
-
/** Diagnostics — errors and warnings about the registration state. */
|
|
988
|
-
issues: AppInspectionIssue[];
|
|
989
|
-
/** Populated when the package probe itself failed (endpoint error/unreachable). */
|
|
990
|
-
probe_error?: string;
|
|
991
|
-
}
|
|
992
|
-
|
|
993
727
|
export interface AppWidgetInfo {
|
|
994
728
|
collection: string;
|
|
995
729
|
skill: string;
|
|
@@ -1397,7 +1131,7 @@ export interface CompositeAppNavItemPermissions {
|
|
|
1397
1131
|
groupsAllowed?: string[];
|
|
1398
1132
|
/** User IDs who can see this item. */
|
|
1399
1133
|
usersAllowed?: string[];
|
|
1400
|
-
/**
|
|
1134
|
+
/** SystemRoles values (e.g. "developer", "manager") whose holders can see this item. */
|
|
1401
1135
|
rolesAllowed?: string[];
|
|
1402
1136
|
}
|
|
1403
1137
|
|
|
@@ -1505,20 +1239,3 @@ export interface ValidateUrlRequest {
|
|
|
1505
1239
|
export interface ValidateUrlResponse {
|
|
1506
1240
|
valid: true;
|
|
1507
1241
|
}
|
|
1508
|
-
|
|
1509
|
-
/**
|
|
1510
|
-
* Result of DELETE /api/v1/apps/:id. With `?confirm=true` the cascade runs and
|
|
1511
|
-
* `deleted: true` is set; without it the endpoint returns a dry-run summary so
|
|
1512
|
-
* the UI can show what would be removed.
|
|
1513
|
-
*/
|
|
1514
|
-
export interface AppDeleteSummary {
|
|
1515
|
-
confirmed: boolean;
|
|
1516
|
-
app_id: string;
|
|
1517
|
-
app_name: string;
|
|
1518
|
-
versions: number;
|
|
1519
|
-
installations: number;
|
|
1520
|
-
storage_prefix: string;
|
|
1521
|
-
git_repo_url?: string;
|
|
1522
|
-
deleted: boolean;
|
|
1523
|
-
warnings: string[];
|
|
1524
|
-
}
|
package/src/ask-user.ts
CHANGED
|
@@ -14,7 +14,27 @@ export interface AskUserOption {
|
|
|
14
14
|
description?: string;
|
|
15
15
|
}
|
|
16
16
|
|
|
17
|
-
/**
|
|
17
|
+
/** Identifies an MCP server the user is asked to connect to (request_mcp_connection). */
|
|
18
|
+
export interface McpConnectUxConfig {
|
|
19
|
+
/** The app installation id owning the collection (used for the OAuth flow). */
|
|
20
|
+
app_install_id: string;
|
|
21
|
+
/** The MCP tool-collection id. */
|
|
22
|
+
collection_id: string;
|
|
23
|
+
/** Human-readable server name shown in the prompt. */
|
|
24
|
+
name: string;
|
|
25
|
+
}
|
|
26
|
+
|
|
27
|
+
/** Optional free-form response rendered alongside predefined options. */
|
|
28
|
+
export interface AskUserFreeResponseConfig {
|
|
29
|
+
/** Placeholder text for the input. */
|
|
30
|
+
placeholder?: string;
|
|
31
|
+
/** Label for the submit button. */
|
|
32
|
+
submit_label?: string;
|
|
33
|
+
/** Extra metadata sent with the user input signal when submitted. */
|
|
34
|
+
metadata?: Record<string, unknown>;
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
/** UX configuration for ask_user / request_mcp_connection messages */
|
|
18
38
|
export interface AskUserUxConfig {
|
|
19
39
|
/** Predefined options for the user to select from */
|
|
20
40
|
options?: AskUserOption[];
|
|
@@ -22,6 +42,16 @@ export interface AskUserUxConfig {
|
|
|
22
42
|
variant?: 'default' | 'warning' | 'info' | 'success';
|
|
23
43
|
/** Allow selecting multiple options (renders checkboxes instead of buttons) */
|
|
24
44
|
multiSelect?: boolean;
|
|
45
|
+
/**
|
|
46
|
+
* Render a free-form response input. When options are also present, this is
|
|
47
|
+
* treated as an alternate response path.
|
|
48
|
+
*/
|
|
49
|
+
free_response?: AskUserFreeResponseConfig;
|
|
50
|
+
/**
|
|
51
|
+
* Renders an MCP "Connect" button instead of plain options. Set by the
|
|
52
|
+
* request_mcp_connection tool when the agent needs the user to connect a server.
|
|
53
|
+
*/
|
|
54
|
+
mcp_connect?: McpConnectUxConfig;
|
|
25
55
|
}
|
|
26
56
|
|
|
27
57
|
/** Message details structure for REQUEST_INPUT messages with UX config */
|