@zuplo/cli 6.71.20 → 6.71.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (80) hide show
  1. package/node_modules/@posthog/core/dist/error-tracking/exception-steps.d.ts.map +1 -1
  2. package/node_modules/@posthog/core/dist/error-tracking/exception-steps.js +6 -24
  3. package/node_modules/@posthog/core/dist/error-tracking/exception-steps.mjs +7 -25
  4. package/node_modules/@posthog/core/dist/featureFlagUtils.d.ts +2 -1
  5. package/node_modules/@posthog/core/dist/featureFlagUtils.d.ts.map +1 -1
  6. package/node_modules/@posthog/core/dist/featureFlagUtils.js +13 -0
  7. package/node_modules/@posthog/core/dist/featureFlagUtils.mjs +11 -1
  8. package/node_modules/@posthog/core/dist/index.d.ts +1 -1
  9. package/node_modules/@posthog/core/dist/index.d.ts.map +1 -1
  10. package/node_modules/@posthog/core/dist/index.js +15 -6
  11. package/node_modules/@posthog/core/dist/index.mjs +2 -2
  12. package/node_modules/@posthog/core/dist/posthog-core-stateless.d.ts +2 -0
  13. package/node_modules/@posthog/core/dist/posthog-core-stateless.d.ts.map +1 -1
  14. package/node_modules/@posthog/core/dist/posthog-core-stateless.js +34 -8
  15. package/node_modules/@posthog/core/dist/posthog-core-stateless.mjs +35 -9
  16. package/node_modules/@posthog/core/dist/posthog-core.d.ts +5 -0
  17. package/node_modules/@posthog/core/dist/posthog-core.d.ts.map +1 -1
  18. package/node_modules/@posthog/core/dist/posthog-core.js +3 -0
  19. package/node_modules/@posthog/core/dist/posthog-core.mjs +4 -1
  20. package/node_modules/@posthog/core/dist/types.d.ts +7 -0
  21. package/node_modules/@posthog/core/dist/types.d.ts.map +1 -1
  22. package/node_modules/@posthog/core/dist/utils/string-utils.d.ts +1 -0
  23. package/node_modules/@posthog/core/dist/utils/string-utils.d.ts.map +1 -1
  24. package/node_modules/@posthog/core/dist/utils/string-utils.js +21 -0
  25. package/node_modules/@posthog/core/dist/utils/string-utils.mjs +19 -1
  26. package/node_modules/@posthog/core/package.json +2 -2
  27. package/node_modules/@posthog/core/src/error-tracking/exception-steps.ts +5 -42
  28. package/node_modules/@posthog/core/src/featureFlagUtils.ts +14 -0
  29. package/node_modules/@posthog/core/src/index.ts +7 -1
  30. package/node_modules/@posthog/core/src/posthog-core-stateless.ts +57 -11
  31. package/node_modules/@posthog/core/src/posthog-core.ts +9 -0
  32. package/node_modules/@posthog/core/src/types.ts +7 -0
  33. package/node_modules/@posthog/core/src/utils/string-utils.spec.ts +38 -1
  34. package/node_modules/@posthog/core/src/utils/string-utils.ts +42 -0
  35. package/node_modules/@posthog/types/dist/posthog-config.d.ts +16 -0
  36. package/node_modules/@posthog/types/dist/posthog-config.d.ts.map +1 -1
  37. package/node_modules/@posthog/types/package.json +1 -1
  38. package/node_modules/@posthog/types/src/posthog-config.ts +17 -0
  39. package/node_modules/@zuplo/core/customer.cli.minified.js +2 -2
  40. package/node_modules/@zuplo/core/index.minified.js +2 -2
  41. package/node_modules/@zuplo/core/package.json +1 -1
  42. package/node_modules/@zuplo/graphql/out/esm/index.js +34 -34
  43. package/node_modules/@zuplo/graphql/out/esm/index.js.map +1 -1
  44. package/node_modules/@zuplo/graphql/out/types/index.d.ts +109 -0
  45. package/node_modules/@zuplo/graphql/package.json +1 -1
  46. package/node_modules/@zuplo/openapi-tools/package.json +1 -1
  47. package/node_modules/@zuplo/otel/package.json +1 -1
  48. package/node_modules/@zuplo/runtime/out/esm/{chunk-S4J2WCVZ.js → chunk-36XLJ4X6.js} +143 -111
  49. package/node_modules/@zuplo/runtime/out/esm/chunk-36XLJ4X6.js.map +1 -0
  50. package/node_modules/@zuplo/runtime/out/esm/{chunk-DQ4ANJLR.js → chunk-4MNJC7E2.js} +2 -2
  51. package/node_modules/@zuplo/runtime/out/esm/chunk-4MNJC7E2.js.map +1 -0
  52. package/node_modules/@zuplo/runtime/out/esm/{chunk-2Y72LML3.js → chunk-54PA7VDV.js} +2 -2
  53. package/node_modules/@zuplo/runtime/out/esm/{chunk-2Y72LML3.js.map → chunk-54PA7VDV.js.map} +1 -1
  54. package/node_modules/@zuplo/runtime/out/esm/{chunk-L3MZGNQA.js → chunk-DSZS6PZJ.js} +10 -10
  55. package/node_modules/@zuplo/runtime/out/esm/chunk-DSZS6PZJ.js.map +1 -0
  56. package/node_modules/@zuplo/runtime/out/esm/index.js +1 -1
  57. package/node_modules/@zuplo/runtime/out/esm/index.js.map +1 -1
  58. package/node_modules/@zuplo/runtime/out/esm/internal/index.js +1 -1
  59. package/node_modules/@zuplo/runtime/out/esm/mcp-gateway/index.js +1 -1
  60. package/node_modules/@zuplo/runtime/out/esm/mcp-gateway/index.js.map +1 -1
  61. package/node_modules/@zuplo/runtime/out/esm/mocks/index.js +1 -1
  62. package/node_modules/@zuplo/runtime/out/types/index.d.ts +1007 -4
  63. package/node_modules/@zuplo/runtime/package.json +1 -1
  64. package/node_modules/brace-expansion/dist/commonjs/index.js +24 -14
  65. package/node_modules/brace-expansion/dist/commonjs/index.js.map +1 -1
  66. package/node_modules/brace-expansion/dist/esm/index.js +24 -14
  67. package/node_modules/brace-expansion/dist/esm/index.js.map +1 -1
  68. package/node_modules/brace-expansion/package.json +2 -2
  69. package/node_modules/fast-uri/index.js +1 -1
  70. package/node_modules/fast-uri/package.json +1 -1
  71. package/node_modules/fast-uri/test/security.test.js +28 -0
  72. package/node_modules/range-parser/README.md +13 -12
  73. package/node_modules/range-parser/index.js +27 -8
  74. package/node_modules/range-parser/package.json +12 -8
  75. package/package.json +6 -6
  76. package/node_modules/@zuplo/runtime/out/esm/chunk-DQ4ANJLR.js.map +0 -1
  77. package/node_modules/@zuplo/runtime/out/esm/chunk-L3MZGNQA.js.map +0 -1
  78. package/node_modules/@zuplo/runtime/out/esm/chunk-S4J2WCVZ.js.map +0 -1
  79. /package/node_modules/@zuplo/runtime/out/esm/{chunk-S4J2WCVZ.js.LEGAL.txt → chunk-36XLJ4X6.js.LEGAL.txt} +0 -0
  80. /package/node_modules/@zuplo/runtime/out/esm/{chunk-L3MZGNQA.js.LEGAL.txt → chunk-DSZS6PZJ.js.LEGAL.txt} +0 -0
@@ -6,6 +6,22 @@ import { RequestGeneric as RequestGeneric_2 } from "../../request.js";
6
6
  import type { ValidateFunction } from "ajv";
7
7
  import { z } from "zod/v4";
8
8
 
9
+ /**
10
+ * The request/response **schema dialect** a policy is dealing with — named after
11
+ * the schema, not the provider or the URL path. `openai-chat` is the OpenAI Chat
12
+ * Completions schema regardless of the downstream provider (Zuplo translates
13
+ * chat↔provider underneath); `openai-responses` and `anthropic-messages` are
14
+ * pass-through schemas whose native shape reaches the provider unchanged.
15
+ *
16
+ * Determined by the route, never sniffed from the body. New dialects
17
+ * (`openai-embeddings`, `openai-images`, …) extend this union.
18
+ * @public
19
+ */
20
+ export declare type AiFormat =
21
+ | "openai-chat"
22
+ | "openai-responses"
23
+ | "anthropic-messages";
24
+
9
25
  /**
10
26
  * Converts Anthropic Messages API format requests to OpenAI Chat Completions format.
11
27
  * This policy translates between the two formats to allow seamless routing to different providers.
@@ -333,6 +349,47 @@ export declare function AIGatewaySemanticCacheOutboundPolicy(
333
349
  */
334
350
  export declare interface AIGatewaySemanticCacheOutboundPolicyOptions {}
335
351
 
352
+ /**
353
+ * AI Gateway Semantic Cache policy (AI Gateway v2). A single inbound policy that
354
+ * looks up the semantic cache on entry and, on a miss, registers a
355
+ * response-sending hook to write the upstream response back into the cache —
356
+ * matching the firewall's single-policy shape (no separate outbound policy).
357
+ *
358
+ * Caching parameters (semanticTolerance, expirationSecondsTtl, namespace) come
359
+ * from the policy options — the policy reads nothing from
360
+ * `request.user.configuration` to decide whether to cache, and presence in the
361
+ * route's chain is what enables it. `namespace` defaults to the AI Gateway
362
+ * configuration id when omitted so caching stays scoped per tenant.
363
+ *
364
+ * @title AI Gateway Semantic Cache (v2)
365
+ * @product ai-gateway
366
+ * @hidden
367
+ * @requiresAI
368
+ * @param request - The ZuploRequest
369
+ * @param context - The ZuploContext
370
+ * @param options - The policy options set in policies.json
371
+ * @param policyName - The name of the policy as set in policies.json
372
+ * @returns A Request or a Response
373
+ */
374
+ export declare function AIGatewaySemanticCacheV2InboundPolicy(
375
+ request: ZuploRequest,
376
+ context: ZuploContext,
377
+ options: AIGatewaySemanticCacheV2InboundPolicyOptions,
378
+ policyName: string
379
+ ): Promise<Response | ZuploRequest<RequestGeneric_2>>;
380
+
381
+ /**
382
+ * Options for the AI Gateway Semantic Cache (v2) policy. Configured inline in policies.json; the policy reads nothing from the AI Gateway configuration to decide whether to cache.
383
+ * @public
384
+ */
385
+ export declare interface AIGatewaySemanticCacheV2InboundPolicyOptions {
386
+ semanticTolerance?: SemanticTolerance;
387
+ expirationSecondsTtl?: CacheTTLSeconds;
388
+ namespace?: CacheNamespace;
389
+ endpoints?: ApplicableEndpoints;
390
+ onUnknownShape?: OnUnknownShape;
391
+ }
392
+
336
393
  /**
337
394
  * The options for this policy.
338
395
  * @public
@@ -381,6 +438,96 @@ export declare function AIGatewayUsageTrackerPolicy(
381
438
  _policyName: string
382
439
  ): Promise<Response>;
383
440
 
441
+ /**
442
+ * Common options every AI Gateway policy understands for scoping itself across
443
+ * the multi-endpoint surface. A policy reads these from its own `options`.
444
+ * @public
445
+ */
446
+ export declare interface AiPolicyScopeOptions {
447
+ /**
448
+ * The endpoint shapes this policy applies to. When set, the policy is inert on
449
+ * any other shape. Omit to apply to all shapes.
450
+ */
451
+ endpoints?: AiFormat[];
452
+ /**
453
+ * What to do when the policy meets a shape it cannot read. `skip` (the default
454
+ * for observers) passes through; guardrails MUST use `deny` so uninspectable
455
+ * content is never served.
456
+ */
457
+ onUnknownShape?: "deny" | "skip";
458
+ }
459
+
460
+ /**
461
+ * The request body for an AI Gateway endpoint, discriminated by {@link AiFormat}.
462
+ * A policy reads `getFormat(request)` and then narrows to the matching member —
463
+ * no field is normalized away, so tool calls, content blocks, images, and
464
+ * thinking are all preserved.
465
+ * @public
466
+ */
467
+ export declare type AiRequestBody =
468
+ | {
469
+ format: "openai-chat";
470
+ body: ChatCompletionRequest;
471
+ }
472
+ | {
473
+ format: "openai-responses";
474
+ body: ResponsesRequest;
475
+ }
476
+ | {
477
+ format: "anthropic-messages";
478
+ body: AnthropicMessagesRequest;
479
+ };
480
+
481
+ /**
482
+ * The response body for an AI Gateway endpoint, discriminated by {@link AiFormat}.
483
+ * For the Anthropic Messages pass-through the native response is returned as an
484
+ * opaque record (the runtime has no dedicated Anthropic response interface).
485
+ * @public
486
+ */
487
+ export declare type AiResponseBody =
488
+ | {
489
+ format: "openai-chat";
490
+ body: ChatCompletionResponse;
491
+ }
492
+ | {
493
+ format: "openai-responses";
494
+ body: ResponsesResponse;
495
+ }
496
+ | {
497
+ format: "anthropic-messages";
498
+ body: Record<string, unknown>;
499
+ };
500
+
501
+ /**
502
+ * A decoded streaming event, normalized just enough for an observer or guardrail
503
+ * to act without re-implementing per-dialect SSE parsing. `textDelta` is the
504
+ * incremental text in this event (if any); `usage` appears on the terminal
505
+ * event(s); `done` marks the end of the stream.
506
+ * @public
507
+ */
508
+ export declare interface AiStreamEvent {
509
+ /** The raw SSE `data:` payload, parsed from JSON when possible. */
510
+ raw: unknown;
511
+ /** Incremental assistant text carried by this event, if any. */
512
+ textDelta?: string;
513
+ /** Usage totals, present on the terminal event(s) for the shape. */
514
+ usage?: AiUsage;
515
+ /** True for the stream-terminating event (`[DONE]` or shape equivalent). */
516
+ done?: boolean;
517
+ }
518
+
519
+ /**
520
+ * A normalized usage record. Consolidates the per-shape token field names
521
+ * (`prompt_tokens`/`completion_tokens` for chat, `input_tokens`/`output_tokens`
522
+ * for responses and Anthropic) into one set.
523
+ * @public
524
+ */
525
+ export declare interface AiUsage {
526
+ promptTokens: number;
527
+ completionTokens: number;
528
+ totalTokens: number;
529
+ }
530
+
384
531
  /**
385
532
  * Akamai AI Firewall Inbound Policy
386
533
  * @title Akamai AI Firewall
@@ -418,6 +565,48 @@ export declare interface AkamaiAIFirewallPolicyOptions {
418
565
  streamingAccumulation?: StreamingAccumulationSettings;
419
566
  }
420
567
 
568
+ /**
569
+ * Akamai AI Firewall Inbound Policy (AI Gateway v2)
570
+ * @title Akamai AI Firewall (v2)
571
+ * @product ai-gateway
572
+ * @hidden
573
+ * @requiresAI
574
+ *
575
+ * Detects and blocks malicious AI inputs and outputs via Akamai's AI Firewall
576
+ * service. Settings come from the policy options (configurationId, api-key,
577
+ * applicationId, streamingAccumulation) — the policy reads nothing from
578
+ * `request.user.configuration`, and presence in the route's `inbound[]` chain is
579
+ * what enables it.
580
+ *
581
+ * For streaming responses it uses a transform stream that can block content
582
+ * mid-stream if harmful content is detected.
583
+ *
584
+ * @param request - The ZuploRequest
585
+ * @param context - The ZuploContext
586
+ * @param options - The policy options set in policies.json
587
+ * @param policyName - The name of the policy as set in policies.json
588
+ * @returns A Request or a Response
589
+ */
590
+ export declare function AkamaiAIFirewallV2InboundPolicy(
591
+ request: ZuploRequest,
592
+ context: ZuploContext,
593
+ options: AkamaiAIFirewallV2PolicyOptions,
594
+ _policyName: string
595
+ ): Promise<ZuploRequest | Response>;
596
+
597
+ /**
598
+ * The options for the Akamai AI Firewall policy.
599
+ * @public
600
+ */
601
+ export declare interface AkamaiAIFirewallV2PolicyOptions {
602
+ configurationId: ConfigurationID_2;
603
+ "api-key": APIKey_2;
604
+ applicationId?: ApplicationID_2;
605
+ streamingAccumulation?: StreamingAccumulationSettings_2;
606
+ endpoints?: ApplicableEndpoints_2;
607
+ onUnknownShape?: OnUnknownShape_2;
608
+ }
609
+
421
610
  /**
422
611
  * Entry format for Akamai API Security logger
423
612
  * @public
@@ -697,6 +886,30 @@ declare interface AmberfloMeteringProperties extends Omit<
697
886
  customerId: string;
698
887
  }
699
888
 
889
+ declare interface AnthropicMessage {
890
+ role: "user" | "assistant";
891
+ content:
892
+ | string
893
+ | Array<{
894
+ type: "text" | "image";
895
+ text?: string;
896
+ source?: unknown;
897
+ }>;
898
+ }
899
+
900
+ declare interface AnthropicMessagesRequest {
901
+ model: string;
902
+ messages: AnthropicMessage[];
903
+ max_tokens: number;
904
+ system?: string;
905
+ temperature?: number;
906
+ top_p?: number;
907
+ stop_sequences?: string[];
908
+ stream?: boolean;
909
+ metadata?: Record<string, unknown>;
910
+ tools?: unknown[];
911
+ }
912
+
700
913
  /**
701
914
  * Authenticates requests based on API Keys using Zuplo API Management.
702
915
  *
@@ -733,6 +946,12 @@ export declare interface ApiAuthKeyInboundPolicyOptions {
733
946
  */
734
947
  declare type APIKey = string;
735
948
 
949
+ /**
950
+ * The API key for the AI Firewall.
951
+ * @public
952
+ */
953
+ declare type APIKey_2 = string;
954
+
736
955
  /**
737
956
  * Represents a consumer in the API Key service.
738
957
  * @public
@@ -976,12 +1195,58 @@ declare interface APITokenCredentialConfig {
976
1195
  headerValuePrefix?: string;
977
1196
  }
978
1197
 
1198
+ /**
1199
+ * The endpoint shapes to cache. Defaults to ['openai-chat'] — the cache keys off chat `messages` and skips other shapes.
1200
+ * @public
1201
+ */
1202
+ declare type ApplicableEndpoints = (
1203
+ | "openai-chat"
1204
+ | "openai-responses"
1205
+ | "anthropic-messages"
1206
+ )[];
1207
+
1208
+ /**
1209
+ * The endpoint shapes this policy applies to. Omit to apply to all (openai-chat, openai-responses, anthropic-messages).
1210
+ * @public
1211
+ */
1212
+ declare type ApplicableEndpoints_2 = (
1213
+ | "openai-chat"
1214
+ | "openai-responses"
1215
+ | "anthropic-messages"
1216
+ )[];
1217
+
1218
+ /**
1219
+ * The endpoint shapes this policy applies to. Omit to apply to all (openai-chat, openai-responses, anthropic-messages).
1220
+ * @public
1221
+ */
1222
+ declare type ApplicableEndpoints_3 = (
1223
+ | "openai-chat"
1224
+ | "openai-responses"
1225
+ | "anthropic-messages"
1226
+ )[];
1227
+
1228
+ /**
1229
+ * The endpoint shapes this policy applies to. Omit to apply to all (openai-chat, openai-responses, anthropic-messages).
1230
+ * @public
1231
+ */
1232
+ declare type ApplicableEndpoints_4 = (
1233
+ | "openai-chat"
1234
+ | "openai-responses"
1235
+ | "anthropic-messages"
1236
+ )[];
1237
+
979
1238
  /**
980
1239
  * The application ID to identify this usage of the AI Firewall (optional).
981
1240
  * @public
982
1241
  */
983
1242
  declare type ApplicationID = string;
984
1243
 
1244
+ /**
1245
+ * The application ID to identify this usage of the AI Firewall (optional).
1246
+ * @public
1247
+ */
1248
+ declare type ApplicationID_2 = string;
1249
+
985
1250
  /**
986
1251
  * A list of attributes that will be included in the authorization request.
987
1252
  * @public
@@ -1948,6 +2213,12 @@ declare interface BuildRouteConfiguration {
1948
2213
  /* Excluded from this release type: raw */
1949
2214
  }
1950
2215
 
2216
+ /**
2217
+ * Partitions the cache. Omit to default to the AI Gateway configuration id, which keeps caching scoped per tenant.
2218
+ * @public
2219
+ */
2220
+ declare type CacheNamespace = string;
2221
+
1951
2222
  /**
1952
2223
  * Internal
1953
2224
  */
@@ -1955,6 +2226,12 @@ declare interface CacheOptions {
1955
2226
  logger?: Logger;
1956
2227
  }
1957
2228
 
2229
+ /**
2230
+ * How long a cached response lives, in seconds. Defaults to 3600 (1 hour).
2231
+ * @public
2232
+ */
2233
+ declare type CacheTTLSeconds = number;
2234
+
1958
2235
  /**
1959
2236
  * Respond to matched incoming requests with cached content
1960
2237
  *
@@ -2099,12 +2376,112 @@ export declare interface ChangeMethodInboundPolicyOptions {
2099
2376
  method: string;
2100
2377
  }
2101
2378
 
2379
+ declare interface ChatCompletionChoice {
2380
+ index: number;
2381
+ message: ChatCompletionMessage;
2382
+ logprobs?: {
2383
+ content: Array<{
2384
+ token: string;
2385
+ logprob: number;
2386
+ bytes?: number[];
2387
+ top_logprobs?: Array<{
2388
+ token: string;
2389
+ logprob: number;
2390
+ bytes?: number[];
2391
+ }>;
2392
+ }> | null;
2393
+ } | null;
2394
+ finish_reason:
2395
+ | "stop"
2396
+ | "length"
2397
+ | "function_call"
2398
+ | "tool_calls"
2399
+ | "content_filter";
2400
+ }
2401
+
2402
+ declare interface ChatCompletionMessage {
2403
+ role: "system" | "user" | "assistant" | "function" | "tool";
2404
+ content: string;
2405
+ name?: string;
2406
+ function_call?: {
2407
+ name: string;
2408
+ arguments: string;
2409
+ };
2410
+ tool_calls?: Array<{
2411
+ id: string;
2412
+ type: "function";
2413
+ function: {
2414
+ name: string;
2415
+ arguments: string;
2416
+ };
2417
+ }>;
2418
+ tool_call_id?: string;
2419
+ }
2420
+
2421
+ declare interface ChatCompletionRequest {
2422
+ model: string;
2423
+ messages: ChatCompletionMessage[];
2424
+ temperature?: number;
2425
+ top_p?: number;
2426
+ n?: number;
2427
+ stream?: boolean;
2428
+ stop?: string | string[];
2429
+ max_tokens?: number;
2430
+ presence_penalty?: number;
2431
+ frequency_penalty?: number;
2432
+ user?: string;
2433
+ seed?: number;
2434
+ functions?: FunctionDefinition[];
2435
+ function_call?:
2436
+ | string
2437
+ | {
2438
+ name: string;
2439
+ };
2440
+ tools?: ToolDefinition[];
2441
+ tool_choice?: string | ToolChoice;
2442
+ parallel_tool_calls?: boolean;
2443
+ response_format?: {
2444
+ type: "text" | "json_object" | "json_schema";
2445
+ json_schema?: {
2446
+ name: string;
2447
+ strict?: boolean;
2448
+ schema: Record<string, unknown>;
2449
+ };
2450
+ };
2451
+ logit_bias?: Record<string, number>;
2452
+ logprobs?: boolean;
2453
+ top_logprobs?: number;
2454
+ max_completion_tokens?: number;
2455
+ service_tier?: "auto" | "default";
2456
+ stream_options?: {
2457
+ include_usage?: boolean;
2458
+ };
2459
+ }
2460
+
2461
+ declare interface ChatCompletionResponse {
2462
+ id: string;
2463
+ object: "chat.completion";
2464
+ created: number;
2465
+ model: string;
2466
+ system_fingerprint?: string;
2467
+ choices: ChatCompletionChoice[];
2468
+ usage: Usage;
2469
+ service_tier?: string;
2470
+ provider?: string;
2471
+ }
2472
+
2102
2473
  /**
2103
2474
  * Time interval in milliseconds for periodic checks (alternative to chunk count).
2104
2475
  * @public
2105
2476
  */
2106
2477
  declare type CheckIntervalMs = number;
2107
2478
 
2479
+ /**
2480
+ * Time interval in milliseconds for periodic checks (alternative to chunk count).
2481
+ * @public
2482
+ */
2483
+ declare type CheckIntervalMs_2 = number;
2484
+
2108
2485
  /**
2109
2486
  * Removes all headers from the incoming request except for those in the exclude list.
2110
2487
  *
@@ -2215,6 +2592,19 @@ declare interface ClientCredentialsConfig {
2215
2592
  apiAudience?: string;
2216
2593
  }
2217
2594
 
2595
+ /**
2596
+ * Code interpreter tool
2597
+ */
2598
+ declare interface CodeInterpreterTool {
2599
+ type: "code_interpreter";
2600
+ container:
2601
+ | string
2602
+ | {
2603
+ type: "auto";
2604
+ file_ids?: string[];
2605
+ };
2606
+ }
2607
+
2218
2608
  /**
2219
2609
  * Authenticate requests with JWT tokens issued by AWS Cognito.
2220
2610
  *
@@ -2301,6 +2691,61 @@ export declare interface CometOpikTracingPolicyOptions {
2301
2691
  baseUrl?: string;
2302
2692
  }
2303
2693
 
2694
+ /**
2695
+ * Comet Opik Tracing Inbound Policy (AI Gateway v2)
2696
+ * @title Comet Opik Tracing (v2)
2697
+ * @product ai-gateway
2698
+ * @hidden
2699
+ * @requiresAI
2700
+ *
2701
+ * Traces both streaming and non-streaming AI Gateway responses to Comet Opik,
2702
+ * creating traces when requests start and spans when responses complete.
2703
+ * Credentials (apiKey, projectName, workspace, baseUrl) come from the policy
2704
+ * options — the policy reads nothing from `request.user.configuration` to decide
2705
+ * whether to run, and presence in the route's chain is what enables it.
2706
+ *
2707
+ * For streaming responses, it clones the response stream and processes it in
2708
+ * the background using `waitUntil`, allowing the original stream to pass through
2709
+ * unmodified while still capturing the complete content for tracing.
2710
+ *
2711
+ * @param request - The ZuploRequest
2712
+ * @param context - The ZuploContext
2713
+ * @param options - The policy options set in policies.json
2714
+ * @param policyName - The name of the policy as set in policies.json
2715
+ * @returns A Request or a Response
2716
+ */
2717
+ export declare function CometOpikTracingV2InboundPolicy(
2718
+ request: ZuploRequest,
2719
+ context: ZuploContext,
2720
+ options: CometOpikTracingV2PolicyOptions,
2721
+ _policyName: string
2722
+ ): Promise<ZuploRequest | Response>;
2723
+
2724
+ /**
2725
+ * Track AI Gateway requests and responses using Comet Opik's LLM observability platform.
2726
+ * @public
2727
+ */
2728
+ export declare interface CometOpikTracingV2PolicyOptions {
2729
+ /**
2730
+ * The Comet Opik API key for authentication.
2731
+ */
2732
+ apiKey: string;
2733
+ /**
2734
+ * The Comet Opik project name for organizing traces.
2735
+ */
2736
+ projectName: string;
2737
+ /**
2738
+ * The Comet Opik workspace name.
2739
+ */
2740
+ workspace: string;
2741
+ /**
2742
+ * The base URL for the Comet Opik API (optional, defaults to https://www.comet.com/opik/api).
2743
+ */
2744
+ baseUrl?: string;
2745
+ endpoints?: ApplicableEndpoints_3;
2746
+ onUnknownShape?: OnUnknownShape_3;
2747
+ }
2748
+
2304
2749
  /**
2305
2750
  * The compatibility date on which to run the gateway
2306
2751
  */
@@ -2519,6 +2964,16 @@ export declare interface CompositeOutboundPolicyOptions {
2519
2964
  policies?: string[];
2520
2965
  }
2521
2966
 
2967
+ /**
2968
+ * Computer use tool (preview)
2969
+ */
2970
+ declare interface ComputerUseTool {
2971
+ type: "computer_use_preview";
2972
+ display_height: number;
2973
+ display_width: number;
2974
+ environment: "windows" | "mac" | "linux" | "ubuntu" | "browser";
2975
+ }
2976
+
2522
2977
  /**
2523
2978
  * Errors caused by invalid user configuration such as invalid parameters on policies,
2524
2979
  * handlers that are not functions, or missing required configuration values.
@@ -2556,6 +3011,12 @@ export declare class ConfigurationError extends RuntimeError {
2556
3011
  */
2557
3012
  declare type ConfigurationID = string;
2558
3013
 
3014
+ /**
3015
+ * The configuration ID of the AI Firewall.
3016
+ * @public
3017
+ */
3018
+ declare type ConfigurationID_2 = string;
3019
+
2559
3020
  /* Excluded from this release type: ContentTypes */
2560
3021
 
2561
3022
  /**
@@ -2848,6 +3309,16 @@ declare interface CustomRateLimitDetailsBase {
2848
3309
  export declare type CustomRateLimitFunction =
2849
3310
  RateLimitFunction<CustomRateLimitDetails>;
2850
3311
 
3312
+ /**
3313
+ * Custom tool
3314
+ */
3315
+ declare interface CustomTool {
3316
+ name: string;
3317
+ type: "custom";
3318
+ description?: string;
3319
+ format?: Record<string, unknown>;
3320
+ }
3321
+
2851
3322
  declare interface DataDogLoggingOptions {
2852
3323
  url?: string;
2853
3324
  apiKey: string;
@@ -3295,6 +3766,12 @@ export declare class DynatraceMetricsPlugin extends MetricsPlugin {
3295
3766
  */
3296
3767
  declare type EnableStreamingAccumulation = boolean;
3297
3768
 
3769
+ /**
3770
+ * Enable accumulation and validation of streaming responses.
3771
+ * @public
3772
+ */
3773
+ declare type EnableStreamingAccumulation_2 = boolean;
3774
+
3298
3775
  /**
3299
3776
  * @beta
3300
3777
  * Object exposing environment variables
@@ -3318,6 +3795,12 @@ export declare interface ErrorHandler {
3318
3795
  */
3319
3796
  declare type EventsInterval = number;
3320
3797
 
3798
+ /**
3799
+ * Number of SSE events to accumulate before checking with Akamai (default: 5).
3800
+ * @public
3801
+ */
3802
+ declare type EventsInterval_2 = number;
3803
+
3321
3804
  declare const EventType: {
3322
3805
  readonly AI_GATEWAY_COST_SUM: "ai_gateway_cost_sum";
3323
3806
  readonly AI_GATEWAY_REQUEST_COUNT: "ai_gateway_request_count";
@@ -3357,12 +3840,49 @@ declare const EventType: {
3357
3840
 
3358
3841
  declare type EventType = (typeof EventType)[keyof typeof EventType];
3359
3842
 
3843
+ /**
3844
+ * Best-effort flatten of ALL human/assistant text in a request OR response body,
3845
+ * across every shape — the one sanctioned cross-shape helper. Intended for
3846
+ * guardrails that just need "all the text to scan/moderate"; it is deliberately
3847
+ * lossy (drops roles, structure, tool calls). Everything else should read the
3848
+ * typed body via {@link getRequestBody} / {@link getResponseBody}.
3849
+ * @public
3850
+ */
3851
+ export declare function extractAllText(body: unknown): string;
3852
+
3853
+ /**
3854
+ * Parse a response body and extract its GraphQL `errors[]`, including
3855
+ * across an Apollo-style batched (array) response.
3856
+ *
3857
+ * Returns `null` when the body isn't a GraphQL response shape at all
3858
+ * (unparseable JSON, or a JSON scalar), and `[]` for a well-formed
3859
+ * response with no errors — callers treat both as "nothing to report"
3860
+ * but the distinction keeps the function testable.
3861
+ */
3862
+ export declare function extractGraphqlErrors(
3863
+ bodyText: string
3864
+ ): GraphqlResponseError[] | null;
3865
+
3360
3866
  declare interface FetchOptions<T> {
3361
3867
  method?: HttpMethod_2;
3362
3868
  data?: T;
3363
3869
  headers?: Record<string, string>;
3364
3870
  }
3365
3871
 
3872
+ /**
3873
+ * File search tool
3874
+ */
3875
+ declare interface FileSearchTool {
3876
+ type: "file_search";
3877
+ vector_store_ids: string[];
3878
+ filters?: Record<string, unknown> | null;
3879
+ max_num_results?: number;
3880
+ ranking_options?: {
3881
+ ranker?: "auto" | "default-2024-11-15";
3882
+ score_threshold?: number;
3883
+ };
3884
+ }
3885
+
3366
3886
  /**
3367
3887
  * Authenticate users using Firebase issued JWT tokens.
3368
3888
  *
@@ -3396,6 +3916,17 @@ export declare interface FirebaseJwtInboundPolicyOptions {
3396
3916
  oAuthResourceMetadataEnabled?: boolean;
3397
3917
  }
3398
3918
 
3919
+ /**
3920
+ * Flatten a single message's `content` field to plain text. Content may be a
3921
+ * string (OpenAI chat / simple Anthropic) or an array of content blocks
3922
+ * (Anthropic Messages, OpenAI multi-modal vision, Responses input items). Use
3923
+ * this anywhere a policy needs the text of one message without assuming the
3924
+ * content is a string — a bare `${msg.content}` stringifies array content to
3925
+ * `[object Object]`.
3926
+ * @public
3927
+ */
3928
+ export declare function flattenMessageContent(content: unknown): string;
3929
+
3399
3930
  /**
3400
3931
  * Converts form data in the incoming request to JSON.
3401
3932
  *
@@ -3425,6 +3956,23 @@ export declare interface FormDataToJsonInboundPolicyOptions {
3425
3956
  optionalHoneypotName?: string;
3426
3957
  }
3427
3958
 
3959
+ declare interface FunctionDefinition {
3960
+ name: string;
3961
+ description?: string;
3962
+ parameters: Record<string, unknown>;
3963
+ }
3964
+
3965
+ /**
3966
+ * Function tool for Responses API
3967
+ */
3968
+ declare interface FunctionTool {
3969
+ name: string;
3970
+ type: "function";
3971
+ parameters: Record<string, unknown> | null;
3972
+ strict: boolean | null;
3973
+ description?: string | null;
3974
+ }
3975
+
3428
3976
  /**
3429
3977
  * Galileo Tracing Inbound Policy
3430
3978
  * @title Galileo Tracing
@@ -3474,6 +4022,62 @@ export declare interface GalileoTracingPolicyOptions {
3474
4022
  baseUrl?: string;
3475
4023
  }
3476
4024
 
4025
+ /**
4026
+ * Galileo Tracing Inbound Policy (AI Gateway v2)
4027
+ * @title Galileo Tracing (v2)
4028
+ * @product ai-gateway
4029
+ * @hidden
4030
+ * @requiresAI
4031
+ *
4032
+ * Traces both streaming and non-streaming AI Gateway responses to Galileo's LLM
4033
+ * observability platform, creating complete traces with workflow and LLM spans
4034
+ * when responses complete. Credentials (apiKey, projectId, logStreamId, baseUrl)
4035
+ * come from the policy options — the policy reads nothing from
4036
+ * `request.user.configuration` to decide whether to run, and presence in the
4037
+ * route's chain is what enables it.
4038
+ *
4039
+ * For streaming responses, it clones the response stream and processes it in
4040
+ * the background using `waitUntil`, allowing the original stream to pass through
4041
+ * unmodified while still capturing the complete content for tracing.
4042
+ *
4043
+ * @param request - The ZuploRequest
4044
+ * @param context - The ZuploContext
4045
+ * @param options - The policy options set in policies.json
4046
+ * @param policyName - The name of the policy as set in policies.json
4047
+ * @returns A Request or a Response
4048
+ */
4049
+ export declare function GalileoTracingV2InboundPolicy(
4050
+ request: ZuploRequest,
4051
+ context: ZuploContext,
4052
+ options: GalileoTracingV2PolicyOptions,
4053
+ _policyName: string
4054
+ ): Promise<ZuploRequest | Response>;
4055
+
4056
+ /**
4057
+ * Track AI Gateway requests and responses using Galileo's LLM observability platform.
4058
+ * @public
4059
+ */
4060
+ export declare interface GalileoTracingV2PolicyOptions {
4061
+ /**
4062
+ * The Galileo API key for authentication.
4063
+ */
4064
+ apiKey: string;
4065
+ /**
4066
+ * The Galileo project ID (UUID) for organizing traces.
4067
+ */
4068
+ projectId: string;
4069
+ /**
4070
+ * The Galileo log stream ID (UUID) for organizing traces.
4071
+ */
4072
+ logStreamId: string;
4073
+ /**
4074
+ * The base URL for the Galileo API (optional, defaults to https://api.galileo.ai).
4075
+ */
4076
+ baseUrl?: string;
4077
+ endpoints?: ApplicableEndpoints_4;
4078
+ onUnknownShape?: OnUnknownShape_4;
4079
+ }
4080
+
3477
4081
  /**
3478
4082
  * Function to generate request logger entries
3479
4083
  * @public
@@ -3529,6 +4133,18 @@ declare interface GeoSpec {
3529
4133
  asns?: string;
3530
4134
  }
3531
4135
 
4136
+ /**
4137
+ * Resolve the AI shape for a request from its endpoint. Mirrors the handler's
4138
+ * base-path resolution so routes mounted under a prefix
4139
+ * (`/{prefix}/v1/chat/completions`) classify the same as the bare path. Returns
4140
+ * `null` for an endpoint that carries no AI body shape (e.g. `/v1/embeddings`).
4141
+ *
4142
+ * The shape is NEVER sniffed from the body — sniffing `!!body.input` misclassifies
4143
+ * an Anthropic body as chat.
4144
+ * @public
4145
+ */
4146
+ export declare function getFormat(request: ZuploRequest): AiFormat | null;
4147
+
3532
4148
  /* Excluded from this release type: getIdForParameterSchema */
3533
4149
 
3534
4150
  /* Excluded from this release type: getIdForRefSchema */
@@ -3563,6 +4179,49 @@ declare interface GetQuotaResult {
3563
4179
 
3564
4180
  /* Excluded from this release type: getRawOperationDataIdentifierName */
3565
4181
 
4182
+ /**
4183
+ * Read the request body, typed and discriminated by endpoint shape. Returns
4184
+ * `null` for a non-AI endpoint. The body is the native shape — no field is
4185
+ * flattened away.
4186
+ * @public
4187
+ */
4188
+ export declare function getRequestBody(
4189
+ request: ZuploRequest
4190
+ ): Promise<AiRequestBody | null>;
4191
+
4192
+ /**
4193
+ * Read the response body, typed and discriminated by endpoint shape. Returns
4194
+ * `null` for a non-AI endpoint or an unparseable body.
4195
+ * @public
4196
+ */
4197
+ export declare function getResponseBody(
4198
+ request: ZuploRequest,
4199
+ response: Response
4200
+ ): Promise<AiResponseBody | null>;
4201
+
4202
+ /**
4203
+ * Decode a streamed AI response into normalized {@link AiStreamEvent}s, hiding
4204
+ * the per-shape SSE dialect. A `post_call`-style streaming hook reads
4205
+ * `textDelta` / `usage` / `done` without re-writing SSE parsing per endpoint.
4206
+ * Reads a `clone()` of the response, so the original stream is untouched (the
4207
+ * caller can still return/pipe `response` as-is) — the same observe-via-clone
4208
+ * pattern the tracing policies use.
4209
+ * @public
4210
+ */
4211
+ export declare function getStreamEvents(
4212
+ request: ZuploRequest,
4213
+ response: Response
4214
+ ): AsyncIterable<AiStreamEvent>;
4215
+
4216
+ /**
4217
+ * Normalize the usage record from a (non-streaming) response body, regardless of
4218
+ * shape. Chat reports `prompt_tokens`/`completion_tokens`; responses and
4219
+ * Anthropic report `input_tokens`/`output_tokens`. Returns `undefined` when no
4220
+ * usage is present.
4221
+ * @public
4222
+ */
4223
+ export declare function getUsage(body: unknown): AiUsage | undefined;
4224
+
3566
4225
  declare interface GoogleCloudLoggingOptions {
3567
4226
  serviceAccountJson: string;
3568
4227
  logName: string;
@@ -3596,8 +4255,11 @@ export declare class GoogleCloudLoggingPlugin extends LogPlugin {
3596
4255
  * `FORBIDDEN` → `auth`, timeout codes → `timeout`); custom codes can be
3597
4256
  * mapped with `errorCodeClassification`, and anything unrecognized falls
3598
4257
  * back to `defaultErrorClass` (`resolver`). Optionally set `logErrors` to
3599
- * also write a structured warning per errored response. Bodies larger
3600
- * than `maxResponseBytes` (default 5 MiB) are not inspected.
4258
+ * also write a structured warning per errored response. The policy reads
4259
+ * up to `maxScanBytes` of the body (128 KiB by default, 5 MiB maximum),
4260
+ * scanning it for the `errors` token; a response larger than that is
4261
+ * treated as error-free. When the token is found and the body fits, it is
4262
+ * parsed and its errors reported.
3601
4263
  *
3602
4264
  * The response always passes through unchanged — the body is read from a
3603
4265
  * clone, and any internal failure is swallowed so reporting can never
@@ -3638,9 +4300,23 @@ export declare interface GraphqlAnalyticsOutboundPolicyOptions {
3638
4300
  */
3639
4301
  logErrors?: boolean;
3640
4302
  /**
3641
- * Maximum response body size in bytes the policy will inspect. Larger bodies — by `Content-Length`, or measured while reading when the header is absent — pass through without being scanned, so their GraphQL errors (if any) go unreported. The default is 5 MiB.
4303
+ * How many bytes of the response body the policy reads to look for GraphQL errors. The body is read and scanned for the `errors` token up to this limit; a body larger than the limit — by `Content-Length`, or measured while reading when the header is absent — is treated as error-free, so any errors it carries go unreported. The default of 128 KiB suits the common case, where servers emit `errors` near the front of the body. Raise it (up to the 5 MiB maximum) to detect errors in larger responses, at the cost of reading more of every response. When the token is found and the body fits within the limit, the body is parsed and its errors are reported.
3642
4304
  */
3643
- maxResponseBytes?: number;
4305
+ maxScanBytes?: number;
4306
+ }
4307
+
4308
+ /**
4309
+ * One GraphQL error extracted from a response body, reduced to the
4310
+ * fields the GraphQL Analytics outbound policy consumes for
4311
+ * classification and (opt-in) logging.
4312
+ */
4313
+ export declare interface GraphqlResponseError {
4314
+ /** The error's `message`, or `""` when missing/non-string. */
4315
+ message: string;
4316
+ /** The error's `extensions.code`, or `null` when absent. */
4317
+ code: string | null;
4318
+ /** The error's `path` joined with `.` (e.g. `user.posts.0.title`), or `null`. */
4319
+ path: string | null;
3644
4320
  }
3645
4321
 
3646
4322
  /**
@@ -5288,6 +5964,26 @@ export declare interface HydrolixRequestLoggerPluginOptions<T> {
5288
5964
  batchPeriodSeconds?: number;
5289
5965
  }
5290
5966
 
5967
+ /**
5968
+ * Image generation tool
5969
+ */
5970
+ declare interface ImageGenerationTool {
5971
+ type: "image_generation";
5972
+ model?: "gpt-image-1" | "gpt-image-1-mini";
5973
+ background?: "transparent" | "opaque" | "auto";
5974
+ input_fidelity?: "high" | "low" | null;
5975
+ input_image_mask?: {
5976
+ file_id?: string;
5977
+ image_url?: string;
5978
+ };
5979
+ moderation?: "auto" | "low";
5980
+ output_compression?: number;
5981
+ output_format?: "png" | "webp" | "jpeg";
5982
+ partial_images?: number;
5983
+ quality?: "low" | "medium" | "high" | "auto";
5984
+ size?: "1024x1024" | "1024x1536" | "1536x1024" | "auto";
5985
+ }
5986
+
5291
5987
  /**
5292
5988
  * A policy that can modify the incoming HTTP request before it is sent to
5293
5989
  * the handler. If a response is returned, the request is short-circuited and
@@ -5912,6 +6608,13 @@ export declare const legacyDevPortalHandler: (
5912
6608
  context: ZuploContext
5913
6609
  ) => Response | Promise<Response>;
5914
6610
 
6611
+ /**
6612
+ * Local shell tool
6613
+ */
6614
+ declare interface LocalShellTool {
6615
+ type: "local_shell";
6616
+ }
6617
+
5915
6618
  /**
5916
6619
  * @beta
5917
6620
  */
@@ -7226,6 +7929,29 @@ export declare function mcpServerHandler(
7226
7929
  context: ZuploContext
7227
7930
  ): Promise<Response>;
7228
7931
 
7932
+ /**
7933
+ * MCP (Model Context Protocol) tool
7934
+ */
7935
+ declare interface McpTool {
7936
+ server_label: string;
7937
+ type: "mcp";
7938
+ allowed_tools?: string[] | Record<string, unknown> | null;
7939
+ authorization?: string;
7940
+ connector_id?:
7941
+ | "connector_dropbox"
7942
+ | "connector_gmail"
7943
+ | "connector_googlecalendar"
7944
+ | "connector_googledrive"
7945
+ | "connector_microsoftteams"
7946
+ | "connector_outlookcalendar"
7947
+ | "connector_outlookemail"
7948
+ | "connector_sharepoint";
7949
+ headers?: Record<string, string> | null;
7950
+ require_approval?: Record<string, unknown> | "always" | "never" | null;
7951
+ server_description?: string;
7952
+ server_url?: string;
7953
+ }
7954
+
7229
7955
  /**
7230
7956
  * Authenticate MCP gateway requests using a gateway-issued OAuth access token,
7231
7957
  * with browser login delegated to WorkOS.
@@ -8025,6 +8751,30 @@ declare interface OnSendingAwsLambdaEventHook {
8025
8751
  ): Promise<AwsLambdaEventV1 | AwsLambdaEventV2>;
8026
8752
  }
8027
8753
 
8754
+ /**
8755
+ * Unused by the cache (a cache miss is never unsafe, so it always fails open). Present for interface consistency.
8756
+ * @public
8757
+ */
8758
+ declare type OnUnknownShape = "deny" | "skip";
8759
+
8760
+ /**
8761
+ * What to do when the request shape cannot be inspected. As a guardrail, this policy defaults to 'deny' (fail closed) so uninspectable content is never served.
8762
+ * @public
8763
+ */
8764
+ declare type OnUnknownShape_2 = "deny" | "skip";
8765
+
8766
+ /**
8767
+ * What to do on a shape the policy cannot read. As an observer this defaults to 'skip' (fail open — pass through untraced).
8768
+ * @public
8769
+ */
8770
+ declare type OnUnknownShape_3 = "deny" | "skip";
8771
+
8772
+ /**
8773
+ * What to do on a shape the policy cannot read. As an observer this defaults to 'skip' (fail open — pass through untraced).
8774
+ * @public
8775
+ */
8776
+ declare type OnUnknownShape_4 = "deny" | "skip";
8777
+
8028
8778
  /**
8029
8779
  * Handler that serves OpenAPI specification files.
8030
8780
  * Use this to expose your API documentation in a standard format that can be
@@ -10126,6 +10876,74 @@ declare type ResolveRequestQuery<
10126
10876
  declare type ResolveUserData<TUserData extends UserDataDefault | undefined> =
10127
10877
  TUserData extends UserDataDefault ? TUserData : UserDataDefault;
10128
10878
 
10879
+ /**
10880
+ * Reports whether a `Response` carries GraphQL errors — a `200 OK` with a
10881
+ * top-level `errors[]` array, as Apollo / graphql-yoga servers return on a
10882
+ * failed operation. Reads the body from a clone, so the original response
10883
+ * stream still flows to the client untouched.
10884
+ *
10885
+ * The result is cached against the `response` object: the body is read,
10886
+ * scanned, and parsed at most once per response, and every later call
10887
+ * (including concurrent ones) resolves to the same cached boolean without
10888
+ * touching the stream again.
10889
+ *
10890
+ * Detection reads at most `maxScanBytes` of the body, scanning it for the
10891
+ * `errors` token; a response larger than that — whether by declared
10892
+ * `Content-Length` or as measured while reading — is treated as error-free
10893
+ * and resolves to `false`. Non-JSON responses also resolve to `false`
10894
+ * without reading. Any internal failure is swallowed and reported as
10895
+ * `false` — detection is best-effort and never throws.
10896
+ *
10897
+ * @param response - The response to inspect; left unconsumed.
10898
+ * @param maxScanBytes - How many bytes of the body to read and scan.
10899
+ * Defaults to {@link DEFAULT_GRAPHQL_SCAN_BYTES} (128 KiB); a body larger
10900
+ * than this goes unreported. Only the first call for a given `response`
10901
+ * observes this value; later calls return the cached result.
10902
+ * @returns `true` when the body contains a top-level `errors[]` with at
10903
+ * least one entry, otherwise `false`.
10904
+ */
10905
+ export declare function responseHasGraphqlErrors(
10906
+ response: Response,
10907
+ maxScanBytes?: number
10908
+ ): Promise<boolean>;
10909
+
10910
+ declare interface ResponseInputItem {
10911
+ type?: "message";
10912
+ role: "user" | "assistant" | "system" | "developer";
10913
+ content:
10914
+ | string
10915
+ | Array<{
10916
+ type: "text" | "image_url" | "audio";
10917
+ text?: string;
10918
+ image_url?: {
10919
+ url: string;
10920
+ };
10921
+ audio?: {
10922
+ data: string;
10923
+ format: string;
10924
+ };
10925
+ }>;
10926
+ }
10927
+
10928
+ declare interface ResponsesChoice {
10929
+ index: number;
10930
+ id?: string;
10931
+ type?: "message";
10932
+ role?: "assistant";
10933
+ content?: Array<{
10934
+ type: "output_text";
10935
+ text: string;
10936
+ annotations?: Array<unknown>;
10937
+ }>;
10938
+ status?: string | null;
10939
+ finish_reason?:
10940
+ | "stop"
10941
+ | "length"
10942
+ | "function_call"
10943
+ | "tool_calls"
10944
+ | "content_filter";
10945
+ }
10946
+
10129
10947
  /**
10130
10948
  * Definition of responses for a route
10131
10949
  * @public
@@ -10162,6 +10980,115 @@ export declare class ResponseSentEvent extends Event {
10162
10980
  readonly response: Response;
10163
10981
  }
10164
10982
 
10983
+ declare interface ResponsesRequest {
10984
+ input?: string | ResponseInputItem[];
10985
+ model?: string;
10986
+ instructions?: string;
10987
+ previous_response_id?: string;
10988
+ temperature?: number;
10989
+ top_p?: number;
10990
+ stream?: boolean;
10991
+ max_output_tokens?: number;
10992
+ tools?: ResponsesToolDefinition[];
10993
+ tool_choice?: ResponsesToolChoice;
10994
+ parallel_tool_calls?: boolean;
10995
+ reasoning?: {
10996
+ effort: "low" | "medium" | "high";
10997
+ };
10998
+ service_tier?: "auto" | "default" | "flex" | "scale" | "priority";
10999
+ stream_options?: {
11000
+ include_usage?: boolean;
11001
+ };
11002
+ background?: boolean;
11003
+ conversation?: string;
11004
+ include?: string[];
11005
+ metadata?: Record<string, unknown>;
11006
+ store?: boolean;
11007
+ truncation?: "auto" | "disabled";
11008
+ prompt_cache_key?: string;
11009
+ safety_identifier?: string;
11010
+ }
11011
+
11012
+ declare interface ResponsesResponse {
11013
+ id: string;
11014
+ object: "response";
11015
+ created: number;
11016
+ model: string;
11017
+ status:
11018
+ | "queued"
11019
+ | "in_progress"
11020
+ | "completed"
11021
+ | "failed"
11022
+ | "cancelled"
11023
+ | "incomplete";
11024
+ system_fingerprint?: string;
11025
+ output?: ResponsesChoice[];
11026
+ usage?: ResponsesUsage;
11027
+ error?: {
11028
+ type: string;
11029
+ message: string;
11030
+ };
11031
+ service_tier?: string;
11032
+ provider?: string;
11033
+ }
11034
+
11035
+ declare type ResponsesToolChoice =
11036
+ | "none"
11037
+ | "auto"
11038
+ | "required"
11039
+ | {
11040
+ mode: "auto" | "required";
11041
+ tools: Array<Record<string, unknown>>;
11042
+ type: "allowed_tools";
11043
+ }
11044
+ | {
11045
+ name: string;
11046
+ type: "custom";
11047
+ }
11048
+ | {
11049
+ name: string;
11050
+ type: "function";
11051
+ }
11052
+ | {
11053
+ server_label: string;
11054
+ type: "mcp";
11055
+ name?: string | null;
11056
+ }
11057
+ | {
11058
+ type:
11059
+ | "file_search"
11060
+ | "web_search_preview"
11061
+ | "computer_use_preview"
11062
+ | "web_search_preview_2025_03_11"
11063
+ | "image_generation"
11064
+ | "code_interpreter"
11065
+ | "mcp";
11066
+ };
11067
+
11068
+ declare type ResponsesToolDefinition =
11069
+ | FunctionTool
11070
+ | WebSearchTool
11071
+ | WebSearchPreviewTool
11072
+ | CodeInterpreterTool
11073
+ | FileSearchTool
11074
+ | ComputerUseTool
11075
+ | ImageGenerationTool
11076
+ | LocalShellTool
11077
+ | CustomTool
11078
+ | McpTool;
11079
+
11080
+ declare interface ResponsesUsage {
11081
+ input_tokens: number;
11082
+ output_tokens: number;
11083
+ total_tokens: number;
11084
+ input_tokens_details?: {
11085
+ cached_tokens?: number;
11086
+ };
11087
+ output_tokens_details?: {
11088
+ reasoning_tokens?: number;
11089
+ };
11090
+ }
11091
+
10165
11092
  /**
10166
11093
  * @public
10167
11094
  */
@@ -10439,6 +11366,12 @@ export declare type SemanticCacheInboundPolicyOptions = {
10439
11366
  cacheStatusHeaderName?: string;
10440
11367
  };
10441
11368
 
11369
+ /**
11370
+ * Similarity threshold (0-1) for a cache hit. Higher values require closer semantic matches. Defaults to 0.8.
11371
+ * @public
11372
+ */
11373
+ declare type SemanticTolerance = number;
11374
+
10442
11375
  /* Excluded from this release type: serialize */
10443
11376
 
10444
11377
  /**
@@ -10762,6 +11695,16 @@ declare interface StreamingAccumulationSettings {
10762
11695
  checkIntervalMs?: CheckIntervalMs;
10763
11696
  }
10764
11697
 
11698
+ /**
11699
+ * Configuration for accumulating and validating streaming responses.
11700
+ * @public
11701
+ */
11702
+ declare interface StreamingAccumulationSettings_2 {
11703
+ enabled?: EnableStreamingAccumulation_2;
11704
+ eventsInterval?: EventsInterval_2;
11705
+ checkIntervalMs?: CheckIntervalMs_2;
11706
+ }
11707
+
10765
11708
  /**
10766
11709
  * A specialized zone cache for storing and retrieving ReadableStreams.
10767
11710
  * Unlike regular ZoneCache which serializes to JSON, this cache stores raw stream data,
@@ -10987,6 +11930,18 @@ export declare abstract class TelemetryPlugin extends RuntimePlugin {
10987
11930
  /* Excluded from this release type: instrument */
10988
11931
  }
10989
11932
 
11933
+ declare interface ToolChoice {
11934
+ type: "function";
11935
+ function: {
11936
+ name: string;
11937
+ };
11938
+ }
11939
+
11940
+ declare interface ToolDefinition {
11941
+ type: "function";
11942
+ function: FunctionDefinition;
11943
+ }
11944
+
10990
11945
  /* Excluded from this release type: trackFeature */
10991
11946
 
10992
11947
  /**
@@ -11561,6 +12516,22 @@ export declare function urlRewriteHandler(
11561
12516
  context: ZuploContext
11562
12517
  ): Promise<Response>;
11563
12518
 
12519
+ declare interface Usage {
12520
+ prompt_tokens: number;
12521
+ completion_tokens: number;
12522
+ total_tokens: number;
12523
+ prompt_tokens_details?: {
12524
+ cached_tokens?: number;
12525
+ audio_tokens?: number;
12526
+ };
12527
+ completion_tokens_details?: {
12528
+ reasoning_tokens?: number;
12529
+ audio_tokens?: number;
12530
+ accepted_prediction_tokens?: number;
12531
+ rejected_prediction_tokens?: number;
12532
+ };
12533
+ }
12534
+
11564
12535
  declare type UserDataDefault = any;
11565
12536
 
11566
12537
  declare type ValidatedAuth0OAuthOptions = z.infer<
@@ -11727,6 +12698,38 @@ export declare interface WebBotAuthInboundPolicyOptions {
11727
12698
  directoryUrl?: string;
11728
12699
  }
11729
12700
 
12701
+ /**
12702
+ * Web search tool (preview version)
12703
+ */
12704
+ declare interface WebSearchPreviewTool {
12705
+ type: "web_search_preview" | "web_search_preview_2025_03_11";
12706
+ search_context_size?: "low" | "medium" | "high";
12707
+ user_location?: {
12708
+ type: "approximate";
12709
+ city?: string | null;
12710
+ country?: string | null;
12711
+ region?: string | null;
12712
+ timezone?: string | null;
12713
+ } | null;
12714
+ }
12715
+
12716
+ /**
12717
+ * Web search tool (stable version)
12718
+ */
12719
+ declare interface WebSearchTool {
12720
+ type: "web_search" | "web_search_2025_08_26";
12721
+ filters?: {
12722
+ allowed_domains?: string[] | null;
12723
+ } | null;
12724
+ search_context_size?: "low" | "medium" | "high";
12725
+ user_location?: {
12726
+ city?: string | null;
12727
+ country?: string | null;
12728
+ region?: string | null;
12729
+ timezone?: string | null;
12730
+ } | null;
12731
+ }
12732
+
11730
12733
  /**
11731
12734
  * Handler that proxies WebSocket connections to a different URL.
11732
12735
  * Enables WebSocket support in your API gateway for real-time communication.