@voyant-travel/workflows 0.107.10

package/dist/handler/index.js

@@ -0,0 +1,267 @@
+// @voyant-travel/workflows/handler
+//
+// The tenant side of the runtime protocol (see docs/runtime-protocol.md §2).
+// The orchestrator invokes `POST /__voyant/workflow-step`; the tenant
+// Worker responds by running the workflow body once (one invocation of
+// the executor) and returning the executor response as JSON.
+//
+//   export default { fetch: createStepHandler() }
+//
+// is enough to make a tenant Worker protocol-conformant. Auth is
+// optional at the SDK level: in production, wire the HMAC verifier
+// bundled by `voyant build`; for local dev, leave it unset.
+//
+// The executor's native response shape is returned verbatim — the wire
+// document calls for compensated/compensation_failed to be folded into
+// "failed" for the first draft, but since the draft is not yet locked
+// and the executor-shape already round-trips losslessly, we keep the
+// full discriminated union here. The orchestrator adapter can collapse.
+import { executeWorkflowStep, } from "../runtime/executor.js";
+export { executeWorkflowStep };
+import { PROTOCOL_VERSION, } from "../protocol/index.js";
+import { getWorkflow } from "../workflow.js";
+export { buildResumeStepRequest, } from "./resume.js";
+/** Build an HTTP fetch-style handler. */
+export function createStepHandler(deps = {}) {
+    return async (req) => {
+        if (req.method !== "POST") {
+            return jsonResponse(405, errorBody("method_not_allowed", "POST required"));
+        }
+        try {
+            if (deps.verifyRequest)
+                await deps.verifyRequest(req);
+        }
+        catch (err) {
+            deps.logger?.("warn", "step handler: auth rejected", {
+                error: err instanceof Error ? err.message : String(err),
+            });
+            return jsonResponse(401, errorBody("unauthorized", errMessage(err)));
+        }
+        let raw;
+        try {
+            raw = await req.json();
+        }
+        catch (err) {
+            return jsonResponse(400, errorBody("invalid_json", errMessage(err)));
+        }
+        // The incoming Request carries its own AbortSignal; threading it
+        // through lets `ctx.signal` observe client-side aborts (orchestrator
+        // cancellations, closed fetches, etc.) during step execution.
+        const out = await runStepInner(raw, deps, { signal: req.signal });
+        return jsonResponse(out.status, out.body);
+    };
+}
+/**
+ * Transport-free entry point. Callers that already parsed the body
+ * (e.g. local orchestrator in-memory, tests) invoke this directly.
+ * Returns either the step response or an error envelope with the HTTP
+ * status the caller should use.
+ */
+export async function handleStepRequest(raw, deps = {}, opts = {}) {
+    return runStepInner(raw, deps, opts);
+}
+async function runStepInner(raw, deps, opts = {}) {
+    const parsed = parseRequest(raw);
+    if (!parsed.ok)
+        return { status: 400, body: errorBody("invalid_request", parsed.message) };
+    const reqBody = parsed.value;
+    if (reqBody.protocolVersion !== PROTOCOL_VERSION) {
+        return {
+            status: 426,
+            body: errorBody("protocol_version_mismatch", `tenant supports protocol ${PROTOCOL_VERSION}, got ${String(reqBody.protocolVersion)}`),
+        };
+    }
+    const def = getWorkflow(reqBody.workflowId);
+    if (!def) {
+        return {
+            status: 404,
+            body: errorBody("workflow_not_found", `workflow "${reqBody.workflowId}" is not registered in this bundle`),
+        };
+    }
+    const now = deps.now ?? (() => Date.now());
+    const stepRunner = createInProcessStepRunner(now);
+    const runtimeEnv = {
+        run: {
+            id: reqBody.runId,
+            number: reqBody.runMeta.number,
+            attempt: reqBody.runMeta.attempt,
+            triggeredBy: reqBody.runMeta.triggeredBy,
+            tags: reqBody.runMeta.tags,
+            startedAt: reqBody.runMeta.startedAt,
+        },
+        workflow: { id: reqBody.workflowId, version: reqBody.workflowVersion },
+        environment: { name: reqBody.environment },
+        project: {
+            id: reqBody.tenantMeta.projectId,
+            slug: reqBody.tenantMeta.projectSlug ?? reqBody.tenantMeta.projectId,
+        },
+        organization: {
+            id: reqBody.tenantMeta.organizationId,
+            slug: reqBody.tenantMeta.organizationSlug ?? reqBody.tenantMeta.organizationId,
+        },
+    };
+    try {
+        const response = await executeWorkflowStep(def, {
+            runId: reqBody.runId,
+            workflowId: reqBody.workflowId,
+            workflowVersion: reqBody.workflowVersion,
+            input: reqBody.input,
+            journal: reqBody.journal,
+            invocationCount: reqBody.invocationCount,
+            environment: runtimeEnv,
+            triggeredBy: reqBody.runMeta.triggeredBy,
+            runStartedAt: reqBody.runMeta.startedAt,
+            tags: reqBody.runMeta.tags,
+            stepRunner,
+            nodeStepRunner: deps.nodeStepRunner,
+            rateLimiter: deps.rateLimiter,
+            services: deps.services,
+            now,
+            abortSignal: opts.signal,
+            onStreamChunk: opts.onStreamChunk,
+        });
+        return { status: 200, body: response };
+    }
+    catch (err) {
+        deps.logger?.("error", "step handler: executor threw", {
+            error: err instanceof Error ? err.message : String(err),
+        });
+        return {
+            status: 500,
+            body: errorBody("executor_error", errMessage(err)),
+        };
+    }
+}
+/**
+ * Build a step runner that executes the step body in the same
+ * process. Suitable for `runtime: "edge"`. Container-runtime steps
+ * will swap this for a dispatching runner that POSTs to a pod.
+ */
+function createInProcessStepRunner(now) {
+    return async ({ stepId: _stepId, attempt, fn, stepCtx }) => {
+        const startedAt = now();
+        try {
+            const output = await fn(stepCtx);
+            return {
+                attempt,
+                status: "ok",
+                output,
+                startedAt,
+                finishedAt: now(),
+            };
+        }
+        catch (err) {
+            const e = err;
+            const code = typeof err.code === "string"
+                ? err.code
+                : "UNKNOWN";
+            const retryAfter = err.retryAfter;
+            return {
+                attempt,
+                status: "err",
+                error: {
+                    category: "USER_ERROR",
+                    code,
+                    message: e?.message ?? String(err),
+                    name: e?.name,
+                    stack: e?.stack,
+                    data: retryAfter !== undefined ? { retryAfter } : undefined,
+                },
+                startedAt,
+                finishedAt: now(),
+            };
+        }
+    };
+}
+// ---- Parsing ----
+function parseRequest(raw) {
+    if (raw === null || typeof raw !== "object") {
+        return { ok: false, message: "body must be a JSON object" };
+    }
+    const r = raw;
+    const required = [
+        "protocolVersion",
+        "runId",
+        "workflowId",
+        "workflowVersion",
+        "invocationCount",
+        "journal",
+        "environment",
+        "deadline",
+        "tenantMeta",
+        "runMeta",
+    ];
+    for (const k of required) {
+        if (!(k in r))
+            return { ok: false, message: `missing required field "${k}"` };
+    }
+    if (typeof r.protocolVersion !== "number") {
+        return { ok: false, message: "`protocolVersion` must be a number" };
+    }
+    if (typeof r.runId !== "string" || r.runId.length === 0) {
+        return { ok: false, message: "`runId` must be a non-empty string" };
+    }
+    if (typeof r.workflowId !== "string" || r.workflowId.length === 0) {
+        return { ok: false, message: "`workflowId` must be a non-empty string" };
+    }
+    if (typeof r.workflowVersion !== "string" || r.workflowVersion.length === 0) {
+        return { ok: false, message: "`workflowVersion` must be a non-empty string" };
+    }
+    if (typeof r.invocationCount !== "number" || r.invocationCount < 1) {
+        return { ok: false, message: "`invocationCount` must be >= 1" };
+    }
+    if (typeof r.deadline !== "number") {
+        return { ok: false, message: "`deadline` must be a number" };
+    }
+    if (!r.journal || typeof r.journal !== "object") {
+        return { ok: false, message: "`journal` must be an object" };
+    }
+    const env = r.environment;
+    if (env !== "production" && env !== "preview" && env !== "development") {
+        return { ok: false, message: "`environment` must be production | preview | development" };
+    }
+    if (!r.tenantMeta || typeof r.tenantMeta !== "object") {
+        return { ok: false, message: "`tenantMeta` must be an object" };
+    }
+    if (!r.runMeta || typeof r.runMeta !== "object") {
+        return { ok: false, message: "`runMeta` must be an object" };
+    }
+    return {
+        ok: true,
+        value: {
+            protocolVersion: r.protocolVersion,
+            runId: r.runId,
+            workflowId: r.workflowId,
+            workflowVersion: r.workflowVersion,
+            invocationCount: r.invocationCount,
+            input: r.input,
+            journal: r.journal,
+            environment: env,
+            deadline: r.deadline,
+            tenantMeta: r.tenantMeta,
+            runMeta: r.runMeta,
+            activation: isObjectRecord(r.activation)
+                ? r.activation
+                : undefined,
+        },
+    };
+}
+// ---- Helpers ----
+function jsonResponse(status, body) {
+    return new Response(JSON.stringify(body), {
+        status,
+        headers: { "content-type": "application/json; charset=utf-8" },
+    });
+}
+function errorBody(error, message, details) {
+    const out = { error, message };
+    if (details !== undefined)
+        out.details = details;
+    return out;
+}
+function errMessage(err) {
+    return err instanceof Error ? err.message : String(err);
+}
+function isObjectRecord(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}

package/dist/handler/resume.d.ts

@@ -0,0 +1,41 @@
+import { type ProtocolVersion, type WorkflowActivationFreshness, type WorkflowBundleReference, type WorkflowJournalReference, type WorkflowPayloadReference, type WorkflowWaitpointResumeTarget, type WorkflowWaitpointSnapshot } from "../protocol/index.js";
+import type { JournalSlice } from "../runtime/journal.js";
+import type { WorkflowStepRequest } from "./index.js";
+export interface BuildResumeStepRequestInput {
+    runId: string;
+    workflowId: string;
+    workflowVersion: string;
+    input: unknown;
+    journal: JournalSlice;
+    pendingWaitpoints: readonly WorkflowWaitpointResumeTarget[];
+    waitpointId?: string;
+    waitpointKey?: string;
+    parkedAt?: number;
+    resumePayload?: unknown;
+    resumePayloadRef?: WorkflowPayloadReference;
+    resolvedAt?: number;
+    matchedEventId?: string;
+    source?: "live" | "inbox" | "replay";
+    protocolVersion?: ProtocolVersion;
+    invocationCount: number;
+    environment: "production" | "preview" | "development";
+    deadline: number;
+    tenantMeta: WorkflowStepRequest["tenantMeta"];
+    runMeta: WorkflowStepRequest["runMeta"];
+    workflowReleaseId?: string;
+    releaseId?: string;
+    bundle?: WorkflowBundleReference;
+    journalRef?: WorkflowJournalReference;
+    freshness?: WorkflowActivationFreshness;
+}
+export type BuildResumeStepRequestResult = {
+    ok: true;
+    request: WorkflowStepRequest;
+    waitpoint: WorkflowWaitpointSnapshot;
+} | {
+    ok: false;
+    code: "missing_waitpoint_selector" | "waitpoint_not_found";
+    message: string;
+};
+export declare function buildResumeStepRequest(input: BuildResumeStepRequestInput): BuildResumeStepRequestResult;
+//# sourceMappingURL=resume.d.ts.map

package/dist/handler/resume.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resume.d.ts","sourceRoot":"","sources":["../../src/handler/resume.ts"],"names":[],"mappings":"AAAA,OAAO,EAGL,KAAK,eAAe,EACpB,KAAK,2BAA2B,EAChC,KAAK,uBAAuB,EAC5B,KAAK,wBAAwB,EAC7B,KAAK,wBAAwB,EAC7B,KAAK,6BAA6B,EAClC,KAAK,yBAAyB,EAC/B,MAAM,sBAAsB,CAAA;AAC7B,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAA;AACzD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAA;AAErD,MAAM,WAAW,2BAA2B;IAC1C,KAAK,EAAE,MAAM,CAAA;IACb,UAAU,EAAE,MAAM,CAAA;IAClB,eAAe,EAAE,MAAM,CAAA;IACvB,KAAK,EAAE,OAAO,CAAA;IACd,OAAO,EAAE,YAAY,CAAA;IACrB,iBAAiB,EAAE,SAAS,6BAA6B,EAAE,CAAA;IAC3D,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,aAAa,CAAC,EAAE,OAAO,CAAA;IACvB,gBAAgB,CAAC,EAAE,wBAAwB,CAAA;IAC3C,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,CAAA;IACpC,eAAe,CAAC,EAAE,eAAe,CAAA;IACjC,eAAe,EAAE,MAAM,CAAA;IACvB,WAAW,EAAE,YAAY,GAAG,SAAS,GAAG,aAAa,CAAA;IACrD,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,mBAAmB,CAAC,YAAY,CAAC,CAAA;IAC7C,OAAO,EAAE,mBAAmB,CAAC,SAAS,CAAC,CAAA;IACvC,iBAAiB,CAAC,EAAE,MAAM,CAAA;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,MAAM,CAAC,EAAE,uBAAuB,CAAA;IAChC,UAAU,CAAC,EAAE,wBAAwB,CAAA;IACrC,SAAS,CAAC,EAAE,2BAA2B,CAAA;CACxC;AAED,MAAM,MAAM,4BAA4B,GACpC;IACE,EAAE,EAAE,IAAI,CAAA;IACR,OAAO,EAAE,mBAAmB,CAAA;IAC5B,SAAS,EAAE,yBAAyB,CAAA;CACrC,GACD;IACE,EAAE,EAAE,KAAK,CAAA;IACT,IAAI,EAAE,4BAA4B,GAAG,qBAAqB,CAAA;IAC1D,OAAO,EAAE,MAAM,CAAA;CAChB,CAAA;AAEL,wBAAgB,sBAAsB,CACpC,KAAK,EAAE,2BAA2B,GACjC,4BAA4B,CA2C9B"}

package/dist/handler/resume.js

@@ -0,0 +1,44 @@
+import { applyWorkflowResumeToJournal, PROTOCOL_VERSION, } from "../protocol/index.js";
+export function buildResumeStepRequest(input) {
+    const applied = applyWorkflowResumeToJournal({
+        journal: input.journal,
+        waitpoints: input.pendingWaitpoints,
+        waitpointId: input.waitpointId,
+        waitpointKey: input.waitpointKey,
+        parkedAt: input.parkedAt,
+        payload: input.resumePayload,
+        payloadRef: input.resumePayloadRef,
+        resolvedAt: input.resolvedAt,
+        matchedEventId: input.matchedEventId,
+        source: input.source,
+    });
+    if (!applied.ok)
+        return applied;
+    return {
+        ok: true,
+        waitpoint: applied.waitpoint,
+        request: {
+            protocolVersion: input.protocolVersion ?? PROTOCOL_VERSION,
+            runId: input.runId,
+            workflowId: input.workflowId,
+            workflowVersion: input.workflowVersion,
+            invocationCount: input.invocationCount,
+            input: input.input,
+            journal: applied.journal,
+            environment: input.environment,
+            deadline: input.deadline,
+            tenantMeta: input.tenantMeta,
+            runMeta: input.runMeta,
+            activation: {
+                kind: "resume",
+                workflowReleaseId: input.workflowReleaseId,
+                releaseId: input.releaseId,
+                bundle: input.bundle,
+                journalRef: input.journalRef,
+                waitpoint: applied.waitpoint,
+                resumePayloadRef: input.resumePayloadRef,
+                freshness: input.freshness,
+            },
+        },
+    };
+}

package/dist/http-ingest.d.ts

@@ -0,0 +1,54 @@
+import type { WorkflowDriver } from "./driver.js";
+/**
+ * Minimum interface a Hono-shaped app exposes that we use. `app.post(...)`
+ * and `app.get(...)` register handlers; the handler signature mirrors
+ * Hono's `Context`-style callback for portability — we only read the
+ * request body and request params via the framework's response helpers.
+ */
+export interface HttpAppLike {
+    post(path: string, handler: HttpHandler): unknown;
+    get(path: string, handler: HttpHandler): unknown;
+}
+/**
+ * Minimum context shape we read off Hono. Restricted to body parsing,
+ * route params, and JSON response helpers.
+ */
+export interface HttpContextLike {
+    req: {
+        json(): Promise<unknown>;
+        param(name: string): string | undefined;
+        header(name: string): string | undefined;
+        raw: Request;
+    };
+    json(body: unknown, status?: number): Response;
+    text(body: string, status?: number): Response;
+    status(code: number): unknown;
+}
+export type HttpHandler = (ctx: HttpContextLike) => Promise<Response> | Response;
+export interface MountHttpIngestAdapterOptions {
+    /**
+     * Driver the adapter forwards into. Typically the same instance
+     * `createApp({ workflows: { driver } })` constructed.
+     */
+    driver: WorkflowDriver;
+    /** Mount path. Defaults to `"/api/workflows"`. */
+    basePath?: string;
+    /**
+     * Optional auth check. Receives the original `Request` and returns
+     * `void` on success / throws on failure. Reuse
+     * `createBearerVerifier(...)` from `@voyant-travel/workflows/auth` for the
+     * canonical bearer-token shape.
+     */
+    verifyRequest?: (req: Request) => void | Promise<void>;
+}
+/**
+ * Mount the adapter onto a Hono-shaped app. Registers:
+ *
+ *   POST {basePath}/events                         → driver.ingestEvent
+ *   POST {basePath}/manifests                      → driver.registerManifest
+ *   GET  {basePath}/manifests/:env                 → driver.getManifest
+ *
+ * Returns the mounted base path so callers can log it.
+ */
+export declare function mountHttpIngestAdapter(app: HttpAppLike, opts: MountHttpIngestAdapterOptions): string;
+//# sourceMappingURL=http-ingest.d.ts.map

package/dist/http-ingest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http-ingest.d.ts","sourceRoot":"","sources":["../src/http-ingest.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAmB,cAAc,EAAE,MAAM,aAAa,CAAA;AAOlE;;;;;GAKG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAA;IACjD,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAA;CACjD;AAED;;;GAGG;AACH,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE;QACH,IAAI,IAAI,OAAO,CAAC,OAAO,CAAC,CAAA;QACxB,KAAK,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAA;QACvC,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAA;QACxC,GAAG,EAAE,OAAO,CAAA;KACb,CAAA;IACD,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAA;IAC9C,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,QAAQ,CAAA;IAC7C,MAAM,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAA;CAC9B;AAED,MAAM,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,eAAe,KAAK,OAAO,CAAC,QAAQ,CAAC,GAAG,QAAQ,CAAA;AAEhF,MAAM,WAAW,6BAA6B;IAC5C;;;OAGG;IACH,MAAM,EAAE,cAAc,CAAA;IACtB,kDAAkD;IAClD,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB;;;;;OAKG;IACH,aAAa,CAAC,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAA;CACvD;AAID;;;;;;;;GAQG;AACH,wBAAgB,sBAAsB,CACpC,GAAG,EAAE,WAAW,EAChB,IAAI,EAAE,6BAA6B,GAClC,MAAM,CAyFR"}

package/dist/http-ingest.js

@@ -0,0 +1,214 @@
+// Optional HTTP ingest adapter — mounts `/api/manifests` and `/api/events`
+// on a Hono-shaped app, forwarding into a `WorkflowDriver`.
+//
+// Self-host Mode 2 deployments mount this when external emitters need to
+// fire events into the runtime (storefront BFF, third-party webhooks,
+// sibling-process pairs across machines). voyant-cloud always mounts it
+// at its HTTP boundary.
+//
+// Transport-agnostic: takes a minimal `HttpAppLike` interface so the SDK
+// stays a leaf package (no `hono` dep). `@voyant-travel/voyant-hono`'s `Hono`
+// instance satisfies the shape via TypeScript structural compat.
+//
+// Architecture: docs/architecture/workflows-runtime-architecture.md §15.4.
+const ALLOWED_ENVS = new Set(["production", "preview", "development"]);
+// ---- Mount ----
+/**
+ * Mount the adapter onto a Hono-shaped app. Registers:
+ *
+ *   POST {basePath}/events                         → driver.ingestEvent
+ *   POST {basePath}/manifests                      → driver.registerManifest
+ *   GET  {basePath}/manifests/:env                 → driver.getManifest
+ *
+ * Returns the mounted base path so callers can log it.
+ */
+export function mountHttpIngestAdapter(app, opts) {
+    const base = (opts.basePath ?? "/api/workflows").replace(/\/$/, "");
+    app.post(`${base}/events`, async (ctx) => {
+        if (opts.verifyRequest) {
+            try {
+                await opts.verifyRequest(ctx.req.raw);
+            }
+            catch (err) {
+                return ctx.json({ error: "unauthorized", message: errMessage(err) }, 401);
+            }
+        }
+        let raw;
+        try {
+            raw = await ctx.req.json();
+        }
+        catch (err) {
+            return ctx.json({ error: "invalid_json", message: errMessage(err) }, 400);
+        }
+        const validation = validateIngestBody(raw);
+        if (!validation.ok)
+            return ctx.json(validation.error, 400);
+        const args = {
+            environment: validation.body.environment,
+            envelope: validation.body.envelope,
+            idempotencyKey: validation.body.idempotencyKey,
+        };
+        const result = await opts.driver.ingestEvent(args);
+        if (!result.ok && result.reason === "manifest_not_registered") {
+            return ctx.json(result, 200);
+        }
+        if (!result.ok) {
+            return ctx.json(result, 502);
+        }
+        return ctx.json(result, 200);
+    });
+    app.post(`${base}/manifests`, async (ctx) => {
+        if (opts.verifyRequest) {
+            try {
+                await opts.verifyRequest(ctx.req.raw);
+            }
+            catch (err) {
+                return ctx.json({ error: "unauthorized", message: errMessage(err) }, 401);
+            }
+        }
+        let raw;
+        try {
+            raw = await ctx.req.json();
+        }
+        catch (err) {
+            return ctx.json({ error: "invalid_json", message: errMessage(err) }, 400);
+        }
+        const validation = validateRegisterBody(raw);
+        if (!validation.ok)
+            return ctx.json(validation.error, 400);
+        try {
+            const result = await opts.driver.registerManifest({
+                environment: validation.body.environment,
+                manifest: validation.body.manifest, // structurally compatible
+            });
+            return ctx.json({ ok: true, versionId: result.versionId }, 200);
+        }
+        catch (err) {
+            return ctx.json({ error: "register_failed", message: errMessage(err) }, 500);
+        }
+    });
+    app.get(`${base}/manifests/:env`, async (ctx) => {
+        if (opts.verifyRequest) {
+            try {
+                await opts.verifyRequest(ctx.req.raw);
+            }
+            catch (err) {
+                return ctx.json({ error: "unauthorized", message: errMessage(err) }, 401);
+            }
+        }
+        const env = ctx.req.param("env");
+        if (!env || !ALLOWED_ENVS.has(env)) {
+            return ctx.json({
+                error: "invalid_environment",
+                message: `environment must be one of ${[...ALLOWED_ENVS].join(", ")}`,
+            }, 400);
+        }
+        const manifest = await opts.driver.getManifest({ environment: env });
+        if (!manifest) {
+            return ctx.json({ error: "not_found", environment: env }, 404);
+        }
+        return ctx.json({ environment: env, versionId: manifest.versionId, manifest }, 200);
+    });
+    return base;
+}
+function validateIngestBody(raw) {
+    if (typeof raw !== "object" || raw === null) {
+        return { ok: false, error: { error: "invalid_body", message: "expected JSON object" } };
+    }
+    const r = raw;
+    if (typeof r.environment !== "string" || !ALLOWED_ENVS.has(r.environment)) {
+        return {
+            ok: false,
+            error: {
+                error: "invalid_body",
+                message: `"environment" must be one of ${[...ALLOWED_ENVS].join(", ")}`,
+            },
+        };
+    }
+    if (typeof r.envelope !== "object" || r.envelope === null) {
+        return { ok: false, error: { error: "invalid_body", message: '"envelope" must be an object' } };
+    }
+    const envelope = r.envelope;
+    if (typeof envelope.name !== "string" || envelope.name.length === 0) {
+        return {
+            ok: false,
+            error: { error: "invalid_body", message: '"envelope.name" must be a non-empty string' },
+        };
+    }
+    if (typeof envelope.emittedAt !== "string" || envelope.emittedAt.length === 0) {
+        return {
+            ok: false,
+            error: {
+                error: "invalid_body",
+                message: '"envelope.emittedAt" must be an ISO timestamp string',
+            },
+        };
+    }
+    if (envelope.metadata !== undefined &&
+        (typeof envelope.metadata !== "object" || envelope.metadata === null)) {
+        return {
+            ok: false,
+            error: {
+                error: "invalid_body",
+                message: '"envelope.metadata" must be an object when supplied',
+            },
+        };
+    }
+    if (r.idempotencyKey !== undefined && typeof r.idempotencyKey !== "string") {
+        return {
+            ok: false,
+            error: { error: "invalid_body", message: '"idempotencyKey" must be a string when supplied' },
+        };
+    }
+    return {
+        ok: true,
+        body: {
+            environment: r.environment,
+            envelope: {
+                name: envelope.name,
+                data: envelope.data,
+                metadata: envelope.metadata,
+                emittedAt: envelope.emittedAt,
+            },
+            idempotencyKey: r.idempotencyKey,
+        },
+    };
+}
+function validateRegisterBody(raw) {
+    if (typeof raw !== "object" || raw === null) {
+        return { ok: false, error: { error: "invalid_body", message: "expected JSON object" } };
+    }
+    const r = raw;
+    if (typeof r.environment !== "string" || !ALLOWED_ENVS.has(r.environment)) {
+        return {
+            ok: false,
+            error: {
+                error: "invalid_body",
+                message: `"environment" must be one of ${[...ALLOWED_ENVS].join(", ")}`,
+            },
+        };
+    }
+    if (typeof r.manifest !== "object" || r.manifest === null) {
+        return { ok: false, error: { error: "invalid_body", message: '"manifest" must be an object' } };
+    }
+    const manifest = r.manifest;
+    if (typeof manifest.versionId !== "string" || manifest.versionId.length === 0) {
+        return {
+            ok: false,
+            error: {
+                error: "invalid_body",
+                message: '"manifest.versionId" must be a non-empty string',
+            },
+        };
+    }
+    return {
+        ok: true,
+        body: {
+            environment: r.environment,
+            manifest: manifest,
+        },
+    };
+}
+function errMessage(err) {
+    return err instanceof Error ? err.message : String(err);
+}

package/dist/index.d.ts

@@ -0,0 +1,6 @@
+export * from "./conditions.js";
+export { FatalError, HookConflictError, QuotaExceededError, RetryableError, TimeoutError, ValidationError, } from "./errors.js";
+export * from "./trigger.js";
+export * from "./types.js";
+export * from "./workflow.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAMA,cAAc,iBAAiB,CAAA;AAC/B,OAAO,EACL,UAAU,EACV,iBAAiB,EACjB,kBAAkB,EAClB,cAAc,EACd,YAAY,EACZ,eAAe,GAChB,MAAM,aAAa,CAAA;AACpB,cAAc,cAAc,CAAA;AAC5B,cAAc,YAAY,CAAA;AAC1B,cAAc,eAAe,CAAA"}

package/dist/index.js

@@ -0,0 +1,10 @@
+// @voyant-travel/workflows
+//
+// Authoring SDK for Voyant Workflows. Full contract in:
+//   docs/sdk-surface.md §2–§8
+//   docs/design.md §3–§4
+export * from "./conditions.js";
+export { FatalError, HookConflictError, QuotaExceededError, RetryableError, TimeoutError, ValidationError, } from "./errors.js";
+export * from "./trigger.js";
+export * from "./types.js";
+export * from "./workflow.js";