@zuplo/cli 6.71.21 → 6.71.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/node_modules/@posthog/core/dist/error-tracking/exception-steps.d.ts.map +1 -1
- package/node_modules/@posthog/core/dist/error-tracking/exception-steps.js +6 -24
- package/node_modules/@posthog/core/dist/error-tracking/exception-steps.mjs +7 -25
- package/node_modules/@posthog/core/dist/posthog-core-stateless.d.ts +6 -0
- package/node_modules/@posthog/core/dist/posthog-core-stateless.d.ts.map +1 -1
- package/node_modules/@posthog/core/dist/posthog-core-stateless.js +75 -17
- package/node_modules/@posthog/core/dist/posthog-core-stateless.mjs +73 -18
- package/node_modules/@posthog/core/dist/posthog-core.d.ts +2 -2
- package/node_modules/@posthog/core/dist/posthog-core.d.ts.map +1 -1
- package/node_modules/@posthog/core/dist/posthog-core.js +10 -6
- package/node_modules/@posthog/core/dist/posthog-core.mjs +11 -7
- package/node_modules/@posthog/core/dist/testing/PostHogCoreTestClient.d.ts +1 -0
- package/node_modules/@posthog/core/dist/testing/PostHogCoreTestClient.d.ts.map +1 -1
- package/node_modules/@posthog/core/dist/testing/PostHogCoreTestClient.js +3 -0
- package/node_modules/@posthog/core/dist/testing/PostHogCoreTestClient.mjs +3 -0
- package/node_modules/@posthog/core/dist/utils/promise-queue.d.ts +3 -0
- package/node_modules/@posthog/core/dist/utils/promise-queue.d.ts.map +1 -1
- package/node_modules/@posthog/core/dist/utils/promise-queue.js +15 -3
- package/node_modules/@posthog/core/dist/utils/promise-queue.mjs +15 -3
- package/node_modules/@posthog/core/dist/utils/string-utils.d.ts +1 -0
- package/node_modules/@posthog/core/dist/utils/string-utils.d.ts.map +1 -1
- package/node_modules/@posthog/core/dist/utils/string-utils.js +21 -0
- package/node_modules/@posthog/core/dist/utils/string-utils.mjs +19 -1
- package/node_modules/@posthog/core/package.json +1 -1
- package/node_modules/@posthog/core/src/error-tracking/exception-steps.ts +5 -42
- package/node_modules/@posthog/core/src/posthog-core-stateless.ts +118 -23
- package/node_modules/@posthog/core/src/posthog-core.ts +18 -7
- package/node_modules/@posthog/core/src/testing/PostHogCoreTestClient.ts +4 -0
- package/node_modules/@posthog/core/src/utils/promise-queue.ts +17 -4
- package/node_modules/@posthog/core/src/utils/string-utils.spec.ts +38 -1
- package/node_modules/@posthog/core/src/utils/string-utils.ts +42 -0
- package/node_modules/@posthog/types/dist/posthog.d.ts +12 -0
- package/node_modules/@posthog/types/dist/posthog.d.ts.map +1 -1
- package/node_modules/@posthog/types/package.json +1 -1
- package/node_modules/@posthog/types/src/posthog.ts +13 -0
- package/node_modules/@types/node/README.md +1 -1
- package/node_modules/@types/node/buffer.d.ts +64 -25
- package/node_modules/@types/node/crypto.d.ts +18 -5
- package/node_modules/@types/node/diagnostics_channel.d.ts +237 -3
- package/node_modules/@types/node/dns.d.ts +1 -1
- package/node_modules/@types/node/ffi.d.ts +486 -0
- package/node_modules/@types/node/fs/promises.d.ts +3 -0
- package/node_modules/@types/node/fs.d.ts +21 -6
- package/node_modules/@types/node/http.d.ts +25 -0
- package/node_modules/@types/node/index.d.ts +1 -0
- package/node_modules/@types/node/package.json +2 -2
- package/node_modules/@types/node/process.d.ts +14 -1
- package/node_modules/@types/node/quic.d.ts +92 -11
- package/node_modules/@types/node/sqlite.d.ts +55 -0
- package/node_modules/@types/node/stream/iter.d.ts +150 -0
- package/node_modules/@types/node/stream.d.ts +32 -0
- package/node_modules/@types/node/test.d.ts +112 -2
- package/node_modules/@types/node/ts5.6/index.d.ts +1 -0
- package/node_modules/@types/node/ts5.7/index.d.ts +1 -0
- package/node_modules/@types/node/util.d.ts +19 -2
- package/node_modules/@types/node/v8.d.ts +84 -2
- package/node_modules/@types/node/worker_threads.d.ts +8 -7
- package/node_modules/@zuplo/core/customer.cli.minified.js +2 -2
- package/node_modules/@zuplo/core/index.minified.js +2 -2
- package/node_modules/@zuplo/core/package.json +1 -1
- package/node_modules/@zuplo/graphql/out/esm/index.js +11 -11
- package/node_modules/@zuplo/graphql/out/esm/index.js.map +1 -1
- package/node_modules/@zuplo/graphql/package.json +1 -1
- package/node_modules/@zuplo/openapi-tools/package.json +1 -1
- package/node_modules/@zuplo/otel/package.json +1 -1
- package/node_modules/@zuplo/runtime/out/esm/{chunk-DQ4ANJLR.js → chunk-4MNJC7E2.js} +2 -2
- package/node_modules/@zuplo/runtime/out/esm/chunk-4MNJC7E2.js.map +1 -0
- package/node_modules/@zuplo/runtime/out/esm/{chunk-2Y72LML3.js → chunk-4QJJMELB.js} +2 -2
- package/node_modules/@zuplo/runtime/out/esm/{chunk-2Y72LML3.js.map → chunk-4QJJMELB.js.map} +1 -1
- package/node_modules/@zuplo/runtime/out/esm/chunk-5CYWMN74.js +402 -0
- package/node_modules/@zuplo/runtime/out/esm/chunk-5CYWMN74.js.map +1 -0
- package/node_modules/@zuplo/runtime/out/esm/{chunk-L3MZGNQA.js → chunk-DSZS6PZJ.js} +10 -10
- package/node_modules/@zuplo/runtime/out/esm/chunk-DSZS6PZJ.js.map +1 -0
- package/node_modules/@zuplo/runtime/out/esm/index.js +1 -1
- package/node_modules/@zuplo/runtime/out/esm/index.js.map +1 -1
- package/node_modules/@zuplo/runtime/out/esm/internal/index.js +1 -1
- package/node_modules/@zuplo/runtime/out/esm/mcp-gateway/index.js +7 -7
- package/node_modules/@zuplo/runtime/out/esm/mcp-gateway/index.js.map +1 -1
- package/node_modules/@zuplo/runtime/out/esm/mocks/index.js +1 -1
- package/node_modules/@zuplo/runtime/out/types/index.d.ts +1050 -18
- package/node_modules/@zuplo/runtime/out/types/mcp-gateway/index.d.ts +33 -7
- package/node_modules/@zuplo/runtime/package.json +1 -1
- package/node_modules/iconv-lite/encodings/sbcs-data.js +2 -0
- package/node_modules/iconv-lite/encodings/utf32.js +10 -3
- package/node_modules/iconv-lite/package.json +2 -2
- package/node_modules/iconv-lite/types/encodings.d.ts +2 -0
- package/node_modules/protobufjs/dist/light/protobuf.js +2 -2
- package/node_modules/protobufjs/dist/light/protobuf.min.js +2 -2
- package/node_modules/protobufjs/dist/minimal/protobuf.js +2 -2
- package/node_modules/protobufjs/dist/minimal/protobuf.min.js +2 -2
- package/node_modules/protobufjs/dist/protobuf.js +5 -2
- package/node_modules/protobufjs/dist/protobuf.js.map +1 -1
- package/node_modules/protobufjs/dist/protobuf.min.js +3 -3
- package/node_modules/protobufjs/dist/protobuf.min.js.map +1 -1
- package/node_modules/protobufjs/package.json +1 -1
- package/node_modules/protobufjs/src/parse.js +3 -0
- package/node_modules/toad-cache/README.md +10 -9
- package/node_modules/toad-cache/dist/toad-cache.cjs +139 -139
- package/node_modules/toad-cache/dist/toad-cache.mjs +136 -140
- package/node_modules/toad-cache/package.json +8 -8
- package/node_modules/toad-cache/toad-cache.d.cts +20 -14
- package/node_modules/toad-cache/toad-cache.d.ts +18 -14
- package/package.json +6 -6
- package/node_modules/@zuplo/runtime/out/esm/chunk-DQ4ANJLR.js.map +0 -1
- package/node_modules/@zuplo/runtime/out/esm/chunk-I5HLAHUY.js +0 -357
- package/node_modules/@zuplo/runtime/out/esm/chunk-I5HLAHUY.js.map +0 -1
- package/node_modules/@zuplo/runtime/out/esm/chunk-L3MZGNQA.js.map +0 -1
- /package/node_modules/@zuplo/runtime/out/esm/{chunk-I5HLAHUY.js.LEGAL.txt → chunk-5CYWMN74.js.LEGAL.txt} +0 -0
- /package/node_modules/@zuplo/runtime/out/esm/{chunk-L3MZGNQA.js.LEGAL.txt → chunk-DSZS6PZJ.js.LEGAL.txt} +0 -0
|
@@ -1,11 +1,28 @@
|
|
|
1
1
|
import { Attributes } from "@opentelemetry/api";
|
|
2
2
|
import { CallToolRequest } from "@zuplo/mcp/types";
|
|
3
3
|
import { CallToolResult } from "@zuplo/mcp/types";
|
|
4
|
+
import { InboundPolicyHandler as InboundPolicyHandler_2 } from "../../policies.js";
|
|
4
5
|
import { KeyLike } from "jose";
|
|
5
6
|
import { RequestGeneric as RequestGeneric_2 } from "../../request.js";
|
|
6
7
|
import type { ValidateFunction } from "ajv";
|
|
7
8
|
import { z } from "zod/v4";
|
|
8
9
|
|
|
10
|
+
/**
|
|
11
|
+
* The request/response **schema dialect** a policy is dealing with — named after
|
|
12
|
+
* the schema, not the provider or the URL path. `openai-chat` is the OpenAI Chat
|
|
13
|
+
* Completions schema regardless of the downstream provider (Zuplo translates
|
|
14
|
+
* chat↔provider underneath); `openai-responses` and `anthropic-messages` are
|
|
15
|
+
* pass-through schemas whose native shape reaches the provider unchanged.
|
|
16
|
+
*
|
|
17
|
+
* Determined by the route, never sniffed from the body. New dialects
|
|
18
|
+
* (`openai-embeddings`, `openai-images`, …) extend this union.
|
|
19
|
+
* @public
|
|
20
|
+
*/
|
|
21
|
+
export declare type AiFormat =
|
|
22
|
+
| "openai-chat"
|
|
23
|
+
| "openai-responses"
|
|
24
|
+
| "anthropic-messages";
|
|
25
|
+
|
|
9
26
|
/**
|
|
10
27
|
* Converts Anthropic Messages API format requests to OpenAI Chat Completions format.
|
|
11
28
|
* This policy translates between the two formats to allow seamless routing to different providers.
|
|
@@ -165,6 +182,7 @@ export declare function aiGatewayHandler(
|
|
|
165
182
|
* @returns A Request or a Response
|
|
166
183
|
*/
|
|
167
184
|
export declare class AIGatewayMeteringInboundPolicy extends InboundPolicy<AIGatewayMeteringInboundPolicyOptions> {
|
|
185
|
+
static readonly policyType = "ai-gateway-metering";
|
|
168
186
|
/**
|
|
169
187
|
* Set the meter increments for the current request.
|
|
170
188
|
*
|
|
@@ -192,10 +210,6 @@ export declare class AIGatewayMeteringInboundPolicy extends InboundPolicy<AIGate
|
|
|
192
210
|
static getQuotaFallback(
|
|
193
211
|
context: ZuploContext
|
|
194
212
|
): QuotaFallbackModels | undefined;
|
|
195
|
-
constructor(
|
|
196
|
-
options: AIGatewayMeteringInboundPolicyOptions,
|
|
197
|
-
policyName: string
|
|
198
|
-
);
|
|
199
213
|
handler(
|
|
200
214
|
request: ZuploRequest,
|
|
201
215
|
context: ZuploContext
|
|
@@ -333,6 +347,47 @@ export declare function AIGatewaySemanticCacheOutboundPolicy(
|
|
|
333
347
|
*/
|
|
334
348
|
export declare interface AIGatewaySemanticCacheOutboundPolicyOptions {}
|
|
335
349
|
|
|
350
|
+
/**
|
|
351
|
+
* AI Gateway Semantic Cache policy (AI Gateway v2). A single inbound policy that
|
|
352
|
+
* looks up the semantic cache on entry and, on a miss, registers a
|
|
353
|
+
* response-sending hook to write the upstream response back into the cache —
|
|
354
|
+
* matching the firewall's single-policy shape (no separate outbound policy).
|
|
355
|
+
*
|
|
356
|
+
* Caching parameters (semanticTolerance, expirationSecondsTtl, namespace) come
|
|
357
|
+
* from the policy options — the policy reads nothing from
|
|
358
|
+
* `request.user.configuration` to decide whether to cache, and presence in the
|
|
359
|
+
* route's chain is what enables it. `namespace` defaults to the AI Gateway
|
|
360
|
+
* configuration id when omitted so caching stays scoped per tenant.
|
|
361
|
+
*
|
|
362
|
+
* @title AI Gateway Semantic Cache (v2)
|
|
363
|
+
* @product ai-gateway
|
|
364
|
+
* @hidden
|
|
365
|
+
* @requiresAI
|
|
366
|
+
* @param request - The ZuploRequest
|
|
367
|
+
* @param context - The ZuploContext
|
|
368
|
+
* @param options - The policy options set in policies.json
|
|
369
|
+
* @param policyName - The name of the policy as set in policies.json
|
|
370
|
+
* @returns A Request or a Response
|
|
371
|
+
*/
|
|
372
|
+
export declare function AIGatewaySemanticCacheV2InboundPolicy(
|
|
373
|
+
request: ZuploRequest,
|
|
374
|
+
context: ZuploContext,
|
|
375
|
+
options: AIGatewaySemanticCacheV2InboundPolicyOptions,
|
|
376
|
+
policyName: string
|
|
377
|
+
): Promise<Response | ZuploRequest<RequestGeneric_2>>;
|
|
378
|
+
|
|
379
|
+
/**
|
|
380
|
+
* Options for the AI Gateway Semantic Cache (v2) policy. Configured inline in policies.json; the policy reads nothing from the AI Gateway configuration to decide whether to cache.
|
|
381
|
+
* @public
|
|
382
|
+
*/
|
|
383
|
+
export declare interface AIGatewaySemanticCacheV2InboundPolicyOptions {
|
|
384
|
+
semanticTolerance?: SemanticTolerance;
|
|
385
|
+
expirationSecondsTtl?: CacheTTLSeconds;
|
|
386
|
+
namespace?: CacheNamespace;
|
|
387
|
+
endpoints?: ApplicableEndpoints;
|
|
388
|
+
onUnknownShape?: OnUnknownShape;
|
|
389
|
+
}
|
|
390
|
+
|
|
336
391
|
/**
|
|
337
392
|
* The options for this policy.
|
|
338
393
|
* @public
|
|
@@ -381,6 +436,96 @@ export declare function AIGatewayUsageTrackerPolicy(
|
|
|
381
436
|
_policyName: string
|
|
382
437
|
): Promise<Response>;
|
|
383
438
|
|
|
439
|
+
/**
|
|
440
|
+
* Common options every AI Gateway policy understands for scoping itself across
|
|
441
|
+
* the multi-endpoint surface. A policy reads these from its own `options`.
|
|
442
|
+
* @public
|
|
443
|
+
*/
|
|
444
|
+
export declare interface AiPolicyScopeOptions {
|
|
445
|
+
/**
|
|
446
|
+
* The endpoint shapes this policy applies to. When set, the policy is inert on
|
|
447
|
+
* any other shape. Omit to apply to all shapes.
|
|
448
|
+
*/
|
|
449
|
+
endpoints?: AiFormat[];
|
|
450
|
+
/**
|
|
451
|
+
* What to do when the policy meets a shape it cannot read. `skip` (the default
|
|
452
|
+
* for observers) passes through; guardrails MUST use `deny` so uninspectable
|
|
453
|
+
* content is never served.
|
|
454
|
+
*/
|
|
455
|
+
onUnknownShape?: "deny" | "skip";
|
|
456
|
+
}
|
|
457
|
+
|
|
458
|
+
/**
|
|
459
|
+
* The request body for an AI Gateway endpoint, discriminated by {@link AiFormat}.
|
|
460
|
+
* A policy reads `getFormat(request)` and then narrows to the matching member —
|
|
461
|
+
* no field is normalized away, so tool calls, content blocks, images, and
|
|
462
|
+
* thinking are all preserved.
|
|
463
|
+
* @public
|
|
464
|
+
*/
|
|
465
|
+
export declare type AiRequestBody =
|
|
466
|
+
| {
|
|
467
|
+
format: "openai-chat";
|
|
468
|
+
body: ChatCompletionRequest;
|
|
469
|
+
}
|
|
470
|
+
| {
|
|
471
|
+
format: "openai-responses";
|
|
472
|
+
body: ResponsesRequest;
|
|
473
|
+
}
|
|
474
|
+
| {
|
|
475
|
+
format: "anthropic-messages";
|
|
476
|
+
body: AnthropicMessagesRequest;
|
|
477
|
+
};
|
|
478
|
+
|
|
479
|
+
/**
|
|
480
|
+
* The response body for an AI Gateway endpoint, discriminated by {@link AiFormat}.
|
|
481
|
+
* For the Anthropic Messages pass-through the native response is returned as an
|
|
482
|
+
* opaque record (the runtime has no dedicated Anthropic response interface).
|
|
483
|
+
* @public
|
|
484
|
+
*/
|
|
485
|
+
export declare type AiResponseBody =
|
|
486
|
+
| {
|
|
487
|
+
format: "openai-chat";
|
|
488
|
+
body: ChatCompletionResponse;
|
|
489
|
+
}
|
|
490
|
+
| {
|
|
491
|
+
format: "openai-responses";
|
|
492
|
+
body: ResponsesResponse;
|
|
493
|
+
}
|
|
494
|
+
| {
|
|
495
|
+
format: "anthropic-messages";
|
|
496
|
+
body: Record<string, unknown>;
|
|
497
|
+
};
|
|
498
|
+
|
|
499
|
+
/**
|
|
500
|
+
* A decoded streaming event, normalized just enough for an observer or guardrail
|
|
501
|
+
* to act without re-implementing per-dialect SSE parsing. `textDelta` is the
|
|
502
|
+
* incremental text in this event (if any); `usage` appears on the terminal
|
|
503
|
+
* event(s); `done` marks the end of the stream.
|
|
504
|
+
* @public
|
|
505
|
+
*/
|
|
506
|
+
export declare interface AiStreamEvent {
|
|
507
|
+
/** The raw SSE `data:` payload, parsed from JSON when possible. */
|
|
508
|
+
raw: unknown;
|
|
509
|
+
/** Incremental assistant text carried by this event, if any. */
|
|
510
|
+
textDelta?: string;
|
|
511
|
+
/** Usage totals, present on the terminal event(s) for the shape. */
|
|
512
|
+
usage?: AiUsage;
|
|
513
|
+
/** True for the stream-terminating event (`[DONE]` or shape equivalent). */
|
|
514
|
+
done?: boolean;
|
|
515
|
+
}
|
|
516
|
+
|
|
517
|
+
/**
|
|
518
|
+
* A normalized usage record. Consolidates the per-shape token field names
|
|
519
|
+
* (`prompt_tokens`/`completion_tokens` for chat, `input_tokens`/`output_tokens`
|
|
520
|
+
* for responses and Anthropic) into one set.
|
|
521
|
+
* @public
|
|
522
|
+
*/
|
|
523
|
+
export declare interface AiUsage {
|
|
524
|
+
promptTokens: number;
|
|
525
|
+
completionTokens: number;
|
|
526
|
+
totalTokens: number;
|
|
527
|
+
}
|
|
528
|
+
|
|
384
529
|
/**
|
|
385
530
|
* Akamai AI Firewall Inbound Policy
|
|
386
531
|
* @title Akamai AI Firewall
|
|
@@ -418,6 +563,48 @@ export declare interface AkamaiAIFirewallPolicyOptions {
|
|
|
418
563
|
streamingAccumulation?: StreamingAccumulationSettings;
|
|
419
564
|
}
|
|
420
565
|
|
|
566
|
+
/**
|
|
567
|
+
* Akamai AI Firewall Inbound Policy (AI Gateway v2)
|
|
568
|
+
* @title Akamai AI Firewall (v2)
|
|
569
|
+
* @product ai-gateway
|
|
570
|
+
* @hidden
|
|
571
|
+
* @requiresAI
|
|
572
|
+
*
|
|
573
|
+
* Detects and blocks malicious AI inputs and outputs via Akamai's AI Firewall
|
|
574
|
+
* service. Settings come from the policy options (configurationId, api-key,
|
|
575
|
+
* applicationId, streamingAccumulation) — the policy reads nothing from
|
|
576
|
+
* `request.user.configuration`, and presence in the route's `inbound[]` chain is
|
|
577
|
+
* what enables it.
|
|
578
|
+
*
|
|
579
|
+
* For streaming responses it uses a transform stream that can block content
|
|
580
|
+
* mid-stream if harmful content is detected.
|
|
581
|
+
*
|
|
582
|
+
* @param request - The ZuploRequest
|
|
583
|
+
* @param context - The ZuploContext
|
|
584
|
+
* @param options - The policy options set in policies.json
|
|
585
|
+
* @param policyName - The name of the policy as set in policies.json
|
|
586
|
+
* @returns A Request or a Response
|
|
587
|
+
*/
|
|
588
|
+
export declare function AkamaiAIFirewallV2InboundPolicy(
|
|
589
|
+
request: ZuploRequest,
|
|
590
|
+
context: ZuploContext,
|
|
591
|
+
options: AkamaiAIFirewallV2PolicyOptions,
|
|
592
|
+
_policyName: string
|
|
593
|
+
): Promise<ZuploRequest | Response>;
|
|
594
|
+
|
|
595
|
+
/**
|
|
596
|
+
* The options for the Akamai AI Firewall policy.
|
|
597
|
+
* @public
|
|
598
|
+
*/
|
|
599
|
+
export declare interface AkamaiAIFirewallV2PolicyOptions {
|
|
600
|
+
configurationId: ConfigurationID_2;
|
|
601
|
+
"api-key": APIKey_2;
|
|
602
|
+
applicationId?: ApplicationID_2;
|
|
603
|
+
streamingAccumulation?: StreamingAccumulationSettings_2;
|
|
604
|
+
endpoints?: ApplicableEndpoints_2;
|
|
605
|
+
onUnknownShape?: OnUnknownShape_2;
|
|
606
|
+
}
|
|
607
|
+
|
|
421
608
|
/**
|
|
422
609
|
* Entry format for Akamai API Security logger
|
|
423
610
|
* @public
|
|
@@ -697,6 +884,39 @@ declare interface AmberfloMeteringProperties extends Omit<
|
|
|
697
884
|
customerId: string;
|
|
698
885
|
}
|
|
699
886
|
|
|
887
|
+
declare interface AnthropicMessage {
|
|
888
|
+
role: "user" | "assistant";
|
|
889
|
+
content:
|
|
890
|
+
| string
|
|
891
|
+
| Array<{
|
|
892
|
+
type: "text" | "image";
|
|
893
|
+
text?: string;
|
|
894
|
+
source?: unknown;
|
|
895
|
+
}>;
|
|
896
|
+
}
|
|
897
|
+
|
|
898
|
+
/**
|
|
899
|
+
* A request to the Anthropic Messages API (`/v1/messages`).
|
|
900
|
+
*
|
|
901
|
+
* The gateway forwards this body to Anthropic verbatim on the native passthrough
|
|
902
|
+
* path, so the shape mirrors Anthropic's API rather than an internal contract.
|
|
903
|
+
* The index signature carries evolving Anthropic fields (`thinking`,
|
|
904
|
+
* `tool_choice`, `top_k`, structured `system` blocks, …) through unchanged.
|
|
905
|
+
*/
|
|
906
|
+
declare interface AnthropicMessagesRequest {
|
|
907
|
+
model: string;
|
|
908
|
+
messages: AnthropicMessage[];
|
|
909
|
+
max_tokens: number;
|
|
910
|
+
system?: string;
|
|
911
|
+
temperature?: number;
|
|
912
|
+
top_p?: number;
|
|
913
|
+
stop_sequences?: string[];
|
|
914
|
+
stream?: boolean;
|
|
915
|
+
metadata?: Record<string, unknown>;
|
|
916
|
+
tools?: unknown[];
|
|
917
|
+
[key: string]: unknown;
|
|
918
|
+
}
|
|
919
|
+
|
|
700
920
|
/**
|
|
701
921
|
* Authenticates requests based on API Keys using Zuplo API Management.
|
|
702
922
|
*
|
|
@@ -733,6 +953,12 @@ export declare interface ApiAuthKeyInboundPolicyOptions {
|
|
|
733
953
|
*/
|
|
734
954
|
declare type APIKey = string;
|
|
735
955
|
|
|
956
|
+
/**
|
|
957
|
+
* The API key for the AI Firewall.
|
|
958
|
+
* @public
|
|
959
|
+
*/
|
|
960
|
+
declare type APIKey_2 = string;
|
|
961
|
+
|
|
736
962
|
/**
|
|
737
963
|
* Represents a consumer in the API Key service.
|
|
738
964
|
* @public
|
|
@@ -976,12 +1202,58 @@ declare interface APITokenCredentialConfig {
|
|
|
976
1202
|
headerValuePrefix?: string;
|
|
977
1203
|
}
|
|
978
1204
|
|
|
1205
|
+
/**
|
|
1206
|
+
* The endpoint shapes to cache. Defaults to ['openai-chat'] — the cache keys off chat `messages` and skips other shapes.
|
|
1207
|
+
* @public
|
|
1208
|
+
*/
|
|
1209
|
+
declare type ApplicableEndpoints = (
|
|
1210
|
+
| "openai-chat"
|
|
1211
|
+
| "openai-responses"
|
|
1212
|
+
| "anthropic-messages"
|
|
1213
|
+
)[];
|
|
1214
|
+
|
|
1215
|
+
/**
|
|
1216
|
+
* The endpoint shapes this policy applies to. Omit to apply to all (openai-chat, openai-responses, anthropic-messages).
|
|
1217
|
+
* @public
|
|
1218
|
+
*/
|
|
1219
|
+
declare type ApplicableEndpoints_2 = (
|
|
1220
|
+
| "openai-chat"
|
|
1221
|
+
| "openai-responses"
|
|
1222
|
+
| "anthropic-messages"
|
|
1223
|
+
)[];
|
|
1224
|
+
|
|
1225
|
+
/**
|
|
1226
|
+
* The endpoint shapes this policy applies to. Omit to apply to all (openai-chat, openai-responses, anthropic-messages).
|
|
1227
|
+
* @public
|
|
1228
|
+
*/
|
|
1229
|
+
declare type ApplicableEndpoints_3 = (
|
|
1230
|
+
| "openai-chat"
|
|
1231
|
+
| "openai-responses"
|
|
1232
|
+
| "anthropic-messages"
|
|
1233
|
+
)[];
|
|
1234
|
+
|
|
1235
|
+
/**
|
|
1236
|
+
* The endpoint shapes this policy applies to. Omit to apply to all (openai-chat, openai-responses, anthropic-messages).
|
|
1237
|
+
* @public
|
|
1238
|
+
*/
|
|
1239
|
+
declare type ApplicableEndpoints_4 = (
|
|
1240
|
+
| "openai-chat"
|
|
1241
|
+
| "openai-responses"
|
|
1242
|
+
| "anthropic-messages"
|
|
1243
|
+
)[];
|
|
1244
|
+
|
|
979
1245
|
/**
|
|
980
1246
|
* The application ID to identify this usage of the AI Firewall (optional).
|
|
981
1247
|
* @public
|
|
982
1248
|
*/
|
|
983
1249
|
declare type ApplicationID = string;
|
|
984
1250
|
|
|
1251
|
+
/**
|
|
1252
|
+
* The application ID to identify this usage of the AI Firewall (optional).
|
|
1253
|
+
* @public
|
|
1254
|
+
*/
|
|
1255
|
+
declare type ApplicationID_2 = string;
|
|
1256
|
+
|
|
985
1257
|
/**
|
|
986
1258
|
* A list of attributes that will be included in the authorization request.
|
|
987
1259
|
* @public
|
|
@@ -1174,6 +1446,7 @@ export declare interface Auth0JwtInboundPolicyOptions {
|
|
|
1174
1446
|
*/
|
|
1175
1447
|
export declare class AuthZenInboundPolicy extends InboundPolicy<AuthZenInboundPolicyOptions> {
|
|
1176
1448
|
#private;
|
|
1449
|
+
static readonly policyType = "authzen";
|
|
1177
1450
|
constructor(options: AuthZenInboundPolicyOptions, policyName: string);
|
|
1178
1451
|
/**
|
|
1179
1452
|
* The handler that is called each time this policy is invoked
|
|
@@ -1494,6 +1767,7 @@ export declare class AWSLoggingPlugin extends LogPlugin {
|
|
|
1494
1767
|
*/
|
|
1495
1768
|
export declare class AxiomaticsAuthZInboundPolicy extends InboundPolicy<AxiomaticsAuthZInboundPolicyOptions> {
|
|
1496
1769
|
#private;
|
|
1770
|
+
static readonly policyType = "axiomatics-authz";
|
|
1497
1771
|
private pdpService;
|
|
1498
1772
|
static setAuthAttributes(
|
|
1499
1773
|
context: ZuploContext,
|
|
@@ -1861,6 +2135,7 @@ declare interface BatchDispatcherOptions {
|
|
|
1861
2135
|
* @returns A Request or a Response
|
|
1862
2136
|
*/
|
|
1863
2137
|
export declare class BrownoutInboundPolicy extends InboundPolicy<BrownoutInboundPolicyOptions> {
|
|
2138
|
+
static readonly policyType = "brownout";
|
|
1864
2139
|
crons: Cron[];
|
|
1865
2140
|
constructor(options: BrownoutInboundPolicyOptions, policyName: string);
|
|
1866
2141
|
handler(
|
|
@@ -1948,6 +2223,12 @@ declare interface BuildRouteConfiguration {
|
|
|
1948
2223
|
/* Excluded from this release type: raw */
|
|
1949
2224
|
}
|
|
1950
2225
|
|
|
2226
|
+
/**
|
|
2227
|
+
* Partitions the cache. Omit to default to the AI Gateway configuration id, which keeps caching scoped per tenant.
|
|
2228
|
+
* @public
|
|
2229
|
+
*/
|
|
2230
|
+
declare type CacheNamespace = string;
|
|
2231
|
+
|
|
1951
2232
|
/**
|
|
1952
2233
|
* Internal
|
|
1953
2234
|
*/
|
|
@@ -1955,6 +2236,12 @@ declare interface CacheOptions {
|
|
|
1955
2236
|
logger?: Logger;
|
|
1956
2237
|
}
|
|
1957
2238
|
|
|
2239
|
+
/**
|
|
2240
|
+
* How long a cached response lives, in seconds. Defaults to 3600 (1 hour).
|
|
2241
|
+
* @public
|
|
2242
|
+
*/
|
|
2243
|
+
declare type CacheTTLSeconds = number;
|
|
2244
|
+
|
|
1958
2245
|
/**
|
|
1959
2246
|
* Respond to matched incoming requests with cached content
|
|
1960
2247
|
*
|
|
@@ -2099,12 +2386,112 @@ export declare interface ChangeMethodInboundPolicyOptions {
|
|
|
2099
2386
|
method: string;
|
|
2100
2387
|
}
|
|
2101
2388
|
|
|
2389
|
+
declare interface ChatCompletionChoice {
|
|
2390
|
+
index: number;
|
|
2391
|
+
message: ChatCompletionMessage;
|
|
2392
|
+
logprobs?: {
|
|
2393
|
+
content: Array<{
|
|
2394
|
+
token: string;
|
|
2395
|
+
logprob: number;
|
|
2396
|
+
bytes?: number[];
|
|
2397
|
+
top_logprobs?: Array<{
|
|
2398
|
+
token: string;
|
|
2399
|
+
logprob: number;
|
|
2400
|
+
bytes?: number[];
|
|
2401
|
+
}>;
|
|
2402
|
+
}> | null;
|
|
2403
|
+
} | null;
|
|
2404
|
+
finish_reason:
|
|
2405
|
+
| "stop"
|
|
2406
|
+
| "length"
|
|
2407
|
+
| "function_call"
|
|
2408
|
+
| "tool_calls"
|
|
2409
|
+
| "content_filter";
|
|
2410
|
+
}
|
|
2411
|
+
|
|
2412
|
+
declare interface ChatCompletionMessage {
|
|
2413
|
+
role: "system" | "user" | "assistant" | "function" | "tool";
|
|
2414
|
+
content: string;
|
|
2415
|
+
name?: string;
|
|
2416
|
+
function_call?: {
|
|
2417
|
+
name: string;
|
|
2418
|
+
arguments: string;
|
|
2419
|
+
};
|
|
2420
|
+
tool_calls?: Array<{
|
|
2421
|
+
id: string;
|
|
2422
|
+
type: "function";
|
|
2423
|
+
function: {
|
|
2424
|
+
name: string;
|
|
2425
|
+
arguments: string;
|
|
2426
|
+
};
|
|
2427
|
+
}>;
|
|
2428
|
+
tool_call_id?: string;
|
|
2429
|
+
}
|
|
2430
|
+
|
|
2431
|
+
declare interface ChatCompletionRequest {
|
|
2432
|
+
model: string;
|
|
2433
|
+
messages: ChatCompletionMessage[];
|
|
2434
|
+
temperature?: number;
|
|
2435
|
+
top_p?: number;
|
|
2436
|
+
n?: number;
|
|
2437
|
+
stream?: boolean;
|
|
2438
|
+
stop?: string | string[];
|
|
2439
|
+
max_tokens?: number;
|
|
2440
|
+
presence_penalty?: number;
|
|
2441
|
+
frequency_penalty?: number;
|
|
2442
|
+
user?: string;
|
|
2443
|
+
seed?: number;
|
|
2444
|
+
functions?: FunctionDefinition[];
|
|
2445
|
+
function_call?:
|
|
2446
|
+
| string
|
|
2447
|
+
| {
|
|
2448
|
+
name: string;
|
|
2449
|
+
};
|
|
2450
|
+
tools?: ToolDefinition[];
|
|
2451
|
+
tool_choice?: string | ToolChoice;
|
|
2452
|
+
parallel_tool_calls?: boolean;
|
|
2453
|
+
response_format?: {
|
|
2454
|
+
type: "text" | "json_object" | "json_schema";
|
|
2455
|
+
json_schema?: {
|
|
2456
|
+
name: string;
|
|
2457
|
+
strict?: boolean;
|
|
2458
|
+
schema: Record<string, unknown>;
|
|
2459
|
+
};
|
|
2460
|
+
};
|
|
2461
|
+
logit_bias?: Record<string, number>;
|
|
2462
|
+
logprobs?: boolean;
|
|
2463
|
+
top_logprobs?: number;
|
|
2464
|
+
max_completion_tokens?: number;
|
|
2465
|
+
service_tier?: "auto" | "default";
|
|
2466
|
+
stream_options?: {
|
|
2467
|
+
include_usage?: boolean;
|
|
2468
|
+
};
|
|
2469
|
+
}
|
|
2470
|
+
|
|
2471
|
+
declare interface ChatCompletionResponse {
|
|
2472
|
+
id: string;
|
|
2473
|
+
object: "chat.completion";
|
|
2474
|
+
created: number;
|
|
2475
|
+
model: string;
|
|
2476
|
+
system_fingerprint?: string;
|
|
2477
|
+
choices: ChatCompletionChoice[];
|
|
2478
|
+
usage: Usage;
|
|
2479
|
+
service_tier?: string;
|
|
2480
|
+
provider?: string;
|
|
2481
|
+
}
|
|
2482
|
+
|
|
2102
2483
|
/**
|
|
2103
2484
|
* Time interval in milliseconds for periodic checks (alternative to chunk count).
|
|
2104
2485
|
* @public
|
|
2105
2486
|
*/
|
|
2106
2487
|
declare type CheckIntervalMs = number;
|
|
2107
2488
|
|
|
2489
|
+
/**
|
|
2490
|
+
* Time interval in milliseconds for periodic checks (alternative to chunk count).
|
|
2491
|
+
* @public
|
|
2492
|
+
*/
|
|
2493
|
+
declare type CheckIntervalMs_2 = number;
|
|
2494
|
+
|
|
2108
2495
|
/**
|
|
2109
2496
|
* Removes all headers from the incoming request except for those in the exclude list.
|
|
2110
2497
|
*
|
|
@@ -2215,6 +2602,19 @@ declare interface ClientCredentialsConfig {
|
|
|
2215
2602
|
apiAudience?: string;
|
|
2216
2603
|
}
|
|
2217
2604
|
|
|
2605
|
+
/**
|
|
2606
|
+
* Code interpreter tool
|
|
2607
|
+
*/
|
|
2608
|
+
declare interface CodeInterpreterTool {
|
|
2609
|
+
type: "code_interpreter";
|
|
2610
|
+
container:
|
|
2611
|
+
| string
|
|
2612
|
+
| {
|
|
2613
|
+
type: "auto";
|
|
2614
|
+
file_ids?: string[];
|
|
2615
|
+
};
|
|
2616
|
+
}
|
|
2617
|
+
|
|
2218
2618
|
/**
|
|
2219
2619
|
* Authenticate requests with JWT tokens issued by AWS Cognito.
|
|
2220
2620
|
*
|
|
@@ -2301,6 +2701,61 @@ export declare interface CometOpikTracingPolicyOptions {
|
|
|
2301
2701
|
baseUrl?: string;
|
|
2302
2702
|
}
|
|
2303
2703
|
|
|
2704
|
+
/**
|
|
2705
|
+
* Comet Opik Tracing Inbound Policy (AI Gateway v2)
|
|
2706
|
+
* @title Comet Opik Tracing (v2)
|
|
2707
|
+
* @product ai-gateway
|
|
2708
|
+
* @hidden
|
|
2709
|
+
* @requiresAI
|
|
2710
|
+
*
|
|
2711
|
+
* Traces both streaming and non-streaming AI Gateway responses to Comet Opik,
|
|
2712
|
+
* creating traces when requests start and spans when responses complete.
|
|
2713
|
+
* Credentials (apiKey, projectName, workspace, baseUrl) come from the policy
|
|
2714
|
+
* options — the policy reads nothing from `request.user.configuration` to decide
|
|
2715
|
+
* whether to run, and presence in the route's chain is what enables it.
|
|
2716
|
+
*
|
|
2717
|
+
* For streaming responses, it clones the response stream and processes it in
|
|
2718
|
+
* the background using `waitUntil`, allowing the original stream to pass through
|
|
2719
|
+
* unmodified while still capturing the complete content for tracing.
|
|
2720
|
+
*
|
|
2721
|
+
* @param request - The ZuploRequest
|
|
2722
|
+
* @param context - The ZuploContext
|
|
2723
|
+
* @param options - The policy options set in policies.json
|
|
2724
|
+
* @param policyName - The name of the policy as set in policies.json
|
|
2725
|
+
* @returns A Request or a Response
|
|
2726
|
+
*/
|
|
2727
|
+
export declare function CometOpikTracingV2InboundPolicy(
|
|
2728
|
+
request: ZuploRequest,
|
|
2729
|
+
context: ZuploContext,
|
|
2730
|
+
options: CometOpikTracingV2PolicyOptions,
|
|
2731
|
+
_policyName: string
|
|
2732
|
+
): Promise<ZuploRequest | Response>;
|
|
2733
|
+
|
|
2734
|
+
/**
|
|
2735
|
+
* Track AI Gateway requests and responses using Comet Opik's LLM observability platform.
|
|
2736
|
+
* @public
|
|
2737
|
+
*/
|
|
2738
|
+
export declare interface CometOpikTracingV2PolicyOptions {
|
|
2739
|
+
/**
|
|
2740
|
+
* The Comet Opik API key for authentication.
|
|
2741
|
+
*/
|
|
2742
|
+
apiKey: string;
|
|
2743
|
+
/**
|
|
2744
|
+
* The Comet Opik project name for organizing traces.
|
|
2745
|
+
*/
|
|
2746
|
+
projectName: string;
|
|
2747
|
+
/**
|
|
2748
|
+
* The Comet Opik workspace name.
|
|
2749
|
+
*/
|
|
2750
|
+
workspace: string;
|
|
2751
|
+
/**
|
|
2752
|
+
* The base URL for the Comet Opik API (optional, defaults to https://www.comet.com/opik/api).
|
|
2753
|
+
*/
|
|
2754
|
+
baseUrl?: string;
|
|
2755
|
+
endpoints?: ApplicableEndpoints_3;
|
|
2756
|
+
onUnknownShape?: OnUnknownShape_3;
|
|
2757
|
+
}
|
|
2758
|
+
|
|
2304
2759
|
/**
|
|
2305
2760
|
* The compatibility date on which to run the gateway
|
|
2306
2761
|
*/
|
|
@@ -2411,6 +2866,7 @@ export declare type ComplexRateLimitFunction =
|
|
|
2411
2866
|
* @returns A Request or a Response
|
|
2412
2867
|
*/
|
|
2413
2868
|
export declare class ComplexRateLimitInboundPolicy extends InboundPolicy<ComplexRateLimitInboundPolicyOptions> {
|
|
2869
|
+
static readonly policyType = "complex-rate-limit";
|
|
2414
2870
|
/**
|
|
2415
2871
|
* Override the increments for a limit in the current request.
|
|
2416
2872
|
*
|
|
@@ -2519,6 +2975,16 @@ export declare interface CompositeOutboundPolicyOptions {
|
|
|
2519
2975
|
policies?: string[];
|
|
2520
2976
|
}
|
|
2521
2977
|
|
|
2978
|
+
/**
|
|
2979
|
+
* Computer use tool (preview)
|
|
2980
|
+
*/
|
|
2981
|
+
declare interface ComputerUseTool {
|
|
2982
|
+
type: "computer_use_preview";
|
|
2983
|
+
display_height: number;
|
|
2984
|
+
display_width: number;
|
|
2985
|
+
environment: "windows" | "mac" | "linux" | "ubuntu" | "browser";
|
|
2986
|
+
}
|
|
2987
|
+
|
|
2522
2988
|
/**
|
|
2523
2989
|
* Errors caused by invalid user configuration such as invalid parameters on policies,
|
|
2524
2990
|
* handlers that are not functions, or missing required configuration values.
|
|
@@ -2556,6 +3022,12 @@ export declare class ConfigurationError extends RuntimeError {
|
|
|
2556
3022
|
*/
|
|
2557
3023
|
declare type ConfigurationID = string;
|
|
2558
3024
|
|
|
3025
|
+
/**
|
|
3026
|
+
* The configuration ID of the AI Firewall.
|
|
3027
|
+
* @public
|
|
3028
|
+
*/
|
|
3029
|
+
declare type ConfigurationID_2 = string;
|
|
3030
|
+
|
|
2559
3031
|
/* Excluded from this release type: ContentTypes */
|
|
2560
3032
|
|
|
2561
3033
|
/**
|
|
@@ -2848,6 +3320,16 @@ declare interface CustomRateLimitDetailsBase {
|
|
|
2848
3320
|
export declare type CustomRateLimitFunction =
|
|
2849
3321
|
RateLimitFunction<CustomRateLimitDetails>;
|
|
2850
3322
|
|
|
3323
|
+
/**
|
|
3324
|
+
* Custom tool
|
|
3325
|
+
*/
|
|
3326
|
+
declare interface CustomTool {
|
|
3327
|
+
name: string;
|
|
3328
|
+
type: "custom";
|
|
3329
|
+
description?: string;
|
|
3330
|
+
format?: Record<string, unknown>;
|
|
3331
|
+
}
|
|
3332
|
+
|
|
2851
3333
|
declare interface DataDogLoggingOptions {
|
|
2852
3334
|
url?: string;
|
|
2853
3335
|
apiKey: string;
|
|
@@ -3295,6 +3777,12 @@ export declare class DynatraceMetricsPlugin extends MetricsPlugin {
|
|
|
3295
3777
|
*/
|
|
3296
3778
|
declare type EnableStreamingAccumulation = boolean;
|
|
3297
3779
|
|
|
3780
|
+
/**
|
|
3781
|
+
* Enable accumulation and validation of streaming responses.
|
|
3782
|
+
* @public
|
|
3783
|
+
*/
|
|
3784
|
+
declare type EnableStreamingAccumulation_2 = boolean;
|
|
3785
|
+
|
|
3298
3786
|
/**
|
|
3299
3787
|
* @beta
|
|
3300
3788
|
* Object exposing environment variables
|
|
@@ -3318,6 +3806,12 @@ export declare interface ErrorHandler {
|
|
|
3318
3806
|
*/
|
|
3319
3807
|
declare type EventsInterval = number;
|
|
3320
3808
|
|
|
3809
|
+
/**
|
|
3810
|
+
* Number of SSE events to accumulate before checking with Akamai (default: 5).
|
|
3811
|
+
* @public
|
|
3812
|
+
*/
|
|
3813
|
+
declare type EventsInterval_2 = number;
|
|
3814
|
+
|
|
3321
3815
|
declare const EventType: {
|
|
3322
3816
|
readonly AI_GATEWAY_COST_SUM: "ai_gateway_cost_sum";
|
|
3323
3817
|
readonly AI_GATEWAY_REQUEST_COUNT: "ai_gateway_request_count";
|
|
@@ -3357,6 +3851,16 @@ declare const EventType: {
|
|
|
3357
3851
|
|
|
3358
3852
|
declare type EventType = (typeof EventType)[keyof typeof EventType];
|
|
3359
3853
|
|
|
3854
|
+
/**
|
|
3855
|
+
* Best-effort flatten of ALL human/assistant text in a request OR response body,
|
|
3856
|
+
* across every shape — the one sanctioned cross-shape helper. Intended for
|
|
3857
|
+
* guardrails that just need "all the text to scan/moderate"; it is deliberately
|
|
3858
|
+
* lossy (drops roles, structure, tool calls). Everything else should read the
|
|
3859
|
+
* typed body via {@link getRequestBody} / {@link getResponseBody}.
|
|
3860
|
+
* @public
|
|
3861
|
+
*/
|
|
3862
|
+
export declare function extractAllText(body: unknown): string;
|
|
3863
|
+
|
|
3360
3864
|
/**
|
|
3361
3865
|
* Parse a response body and extract its GraphQL `errors[]`, including
|
|
3362
3866
|
* across an Apollo-style batched (array) response.
|
|
@@ -3370,12 +3874,40 @@ export declare function extractGraphqlErrors(
|
|
|
3370
3874
|
bodyText: string
|
|
3371
3875
|
): GraphqlResponseError[] | null;
|
|
3372
3876
|
|
|
3877
|
+
/**
|
|
3878
|
+
* Pull the incremental ASSISTANT TEXT from a parsed stream event per shape. The
|
|
3879
|
+
* single source of truth for "is this delta assistant text" — chat
|
|
3880
|
+
* `choices[].delta.content`, Responses `response.output_text.delta` only (NOT
|
|
3881
|
+
* tool-args / audio / refusal / code deltas), Anthropic `content_block_delta`.
|
|
3882
|
+
* Stream-scanning policies (e.g. the firewall accumulator) should call this
|
|
3883
|
+
* rather than re-deriving the per-shape extraction.
|
|
3884
|
+
* @public
|
|
3885
|
+
*/
|
|
3886
|
+
export declare function extractStreamTextDelta(
|
|
3887
|
+
parsed: unknown,
|
|
3888
|
+
format: AiFormat
|
|
3889
|
+
): string | undefined;
|
|
3890
|
+
|
|
3373
3891
|
declare interface FetchOptions<T> {
|
|
3374
3892
|
method?: HttpMethod_2;
|
|
3375
3893
|
data?: T;
|
|
3376
3894
|
headers?: Record<string, string>;
|
|
3377
3895
|
}
|
|
3378
3896
|
|
|
3897
|
+
/**
|
|
3898
|
+
* File search tool
|
|
3899
|
+
*/
|
|
3900
|
+
declare interface FileSearchTool {
|
|
3901
|
+
type: "file_search";
|
|
3902
|
+
vector_store_ids: string[];
|
|
3903
|
+
filters?: Record<string, unknown> | null;
|
|
3904
|
+
max_num_results?: number;
|
|
3905
|
+
ranking_options?: {
|
|
3906
|
+
ranker?: "auto" | "default-2024-11-15";
|
|
3907
|
+
score_threshold?: number;
|
|
3908
|
+
};
|
|
3909
|
+
}
|
|
3910
|
+
|
|
3379
3911
|
/**
|
|
3380
3912
|
* Authenticate users using Firebase issued JWT tokens.
|
|
3381
3913
|
*
|
|
@@ -3409,6 +3941,17 @@ export declare interface FirebaseJwtInboundPolicyOptions {
|
|
|
3409
3941
|
oAuthResourceMetadataEnabled?: boolean;
|
|
3410
3942
|
}
|
|
3411
3943
|
|
|
3944
|
+
/**
|
|
3945
|
+
* Flatten a single message's `content` field to plain text. Content may be a
|
|
3946
|
+
* string (OpenAI chat / simple Anthropic) or an array of content blocks
|
|
3947
|
+
* (Anthropic Messages, OpenAI multi-modal vision, Responses input items). Use
|
|
3948
|
+
* this anywhere a policy needs the text of one message without assuming the
|
|
3949
|
+
* content is a string — a bare `${msg.content}` stringifies array content to
|
|
3950
|
+
* `[object Object]`.
|
|
3951
|
+
* @public
|
|
3952
|
+
*/
|
|
3953
|
+
export declare function flattenMessageContent(content: unknown): string;
|
|
3954
|
+
|
|
3412
3955
|
/**
|
|
3413
3956
|
* Converts form data in the incoming request to JSON.
|
|
3414
3957
|
*
|
|
@@ -3438,6 +3981,23 @@ export declare interface FormDataToJsonInboundPolicyOptions {
|
|
|
3438
3981
|
optionalHoneypotName?: string;
|
|
3439
3982
|
}
|
|
3440
3983
|
|
|
3984
|
+
declare interface FunctionDefinition {
|
|
3985
|
+
name: string;
|
|
3986
|
+
description?: string;
|
|
3987
|
+
parameters: Record<string, unknown>;
|
|
3988
|
+
}
|
|
3989
|
+
|
|
3990
|
+
/**
|
|
3991
|
+
* Function tool for Responses API
|
|
3992
|
+
*/
|
|
3993
|
+
declare interface FunctionTool {
|
|
3994
|
+
name: string;
|
|
3995
|
+
type: "function";
|
|
3996
|
+
parameters: Record<string, unknown> | null;
|
|
3997
|
+
strict: boolean | null;
|
|
3998
|
+
description?: string | null;
|
|
3999
|
+
}
|
|
4000
|
+
|
|
3441
4001
|
/**
|
|
3442
4002
|
* Galileo Tracing Inbound Policy
|
|
3443
4003
|
* @title Galileo Tracing
|
|
@@ -3487,6 +4047,62 @@ export declare interface GalileoTracingPolicyOptions {
|
|
|
3487
4047
|
baseUrl?: string;
|
|
3488
4048
|
}
|
|
3489
4049
|
|
|
4050
|
+
/**
|
|
4051
|
+
* Galileo Tracing Inbound Policy (AI Gateway v2)
|
|
4052
|
+
* @title Galileo Tracing (v2)
|
|
4053
|
+
* @product ai-gateway
|
|
4054
|
+
* @hidden
|
|
4055
|
+
* @requiresAI
|
|
4056
|
+
*
|
|
4057
|
+
* Traces both streaming and non-streaming AI Gateway responses to Galileo's LLM
|
|
4058
|
+
* observability platform, creating complete traces with workflow and LLM spans
|
|
4059
|
+
* when responses complete. Credentials (apiKey, projectId, logStreamId, baseUrl)
|
|
4060
|
+
* come from the policy options — the policy reads nothing from
|
|
4061
|
+
* `request.user.configuration` to decide whether to run, and presence in the
|
|
4062
|
+
* route's chain is what enables it.
|
|
4063
|
+
*
|
|
4064
|
+
* For streaming responses, it clones the response stream and processes it in
|
|
4065
|
+
* the background using `waitUntil`, allowing the original stream to pass through
|
|
4066
|
+
* unmodified while still capturing the complete content for tracing.
|
|
4067
|
+
*
|
|
4068
|
+
* @param request - The ZuploRequest
|
|
4069
|
+
* @param context - The ZuploContext
|
|
4070
|
+
* @param options - The policy options set in policies.json
|
|
4071
|
+
* @param policyName - The name of the policy as set in policies.json
|
|
4072
|
+
* @returns A Request or a Response
|
|
4073
|
+
*/
|
|
4074
|
+
export declare function GalileoTracingV2InboundPolicy(
|
|
4075
|
+
request: ZuploRequest,
|
|
4076
|
+
context: ZuploContext,
|
|
4077
|
+
options: GalileoTracingV2PolicyOptions,
|
|
4078
|
+
_policyName: string
|
|
4079
|
+
): Promise<ZuploRequest | Response>;
|
|
4080
|
+
|
|
4081
|
+
/**
|
|
4082
|
+
* Track AI Gateway requests and responses using Galileo's LLM observability platform.
|
|
4083
|
+
* @public
|
|
4084
|
+
*/
|
|
4085
|
+
export declare interface GalileoTracingV2PolicyOptions {
|
|
4086
|
+
/**
|
|
4087
|
+
* The Galileo API key for authentication.
|
|
4088
|
+
*/
|
|
4089
|
+
apiKey: string;
|
|
4090
|
+
/**
|
|
4091
|
+
* The Galileo project ID (UUID) for organizing traces.
|
|
4092
|
+
*/
|
|
4093
|
+
projectId: string;
|
|
4094
|
+
/**
|
|
4095
|
+
* The Galileo log stream ID (UUID) for organizing traces.
|
|
4096
|
+
*/
|
|
4097
|
+
logStreamId: string;
|
|
4098
|
+
/**
|
|
4099
|
+
* The base URL for the Galileo API (optional, defaults to https://api.galileo.ai).
|
|
4100
|
+
*/
|
|
4101
|
+
baseUrl?: string;
|
|
4102
|
+
endpoints?: ApplicableEndpoints_4;
|
|
4103
|
+
onUnknownShape?: OnUnknownShape_4;
|
|
4104
|
+
}
|
|
4105
|
+
|
|
3490
4106
|
/**
|
|
3491
4107
|
* Function to generate request logger entries
|
|
3492
4108
|
* @public
|
|
@@ -3542,6 +4158,18 @@ declare interface GeoSpec {
|
|
|
3542
4158
|
asns?: string;
|
|
3543
4159
|
}
|
|
3544
4160
|
|
|
4161
|
+
/**
|
|
4162
|
+
* Resolve the AI shape for a request from its endpoint. Mirrors the handler's
|
|
4163
|
+
* base-path resolution so routes mounted under a prefix
|
|
4164
|
+
* (`/{prefix}/v1/chat/completions`) classify the same as the bare path. Returns
|
|
4165
|
+
* `null` for an endpoint that carries no AI body shape (e.g. `/v1/embeddings`).
|
|
4166
|
+
*
|
|
4167
|
+
* The shape is NEVER sniffed from the body — sniffing `!!body.input` misclassifies
|
|
4168
|
+
* an Anthropic body as chat.
|
|
4169
|
+
* @public
|
|
4170
|
+
*/
|
|
4171
|
+
export declare function getFormat(request: ZuploRequest): AiFormat | null;
|
|
4172
|
+
|
|
3545
4173
|
/* Excluded from this release type: getIdForParameterSchema */
|
|
3546
4174
|
|
|
3547
4175
|
/* Excluded from this release type: getIdForRefSchema */
|
|
@@ -3576,6 +4204,49 @@ declare interface GetQuotaResult {
|
|
|
3576
4204
|
|
|
3577
4205
|
/* Excluded from this release type: getRawOperationDataIdentifierName */
|
|
3578
4206
|
|
|
4207
|
+
/**
|
|
4208
|
+
* Read the request body, typed and discriminated by endpoint shape. Returns
|
|
4209
|
+
* `null` for a non-AI endpoint. The body is the native shape — no field is
|
|
4210
|
+
* flattened away.
|
|
4211
|
+
* @public
|
|
4212
|
+
*/
|
|
4213
|
+
export declare function getRequestBody(
|
|
4214
|
+
request: ZuploRequest
|
|
4215
|
+
): Promise<AiRequestBody | null>;
|
|
4216
|
+
|
|
4217
|
+
/**
|
|
4218
|
+
* Read the response body, typed and discriminated by endpoint shape. Returns
|
|
4219
|
+
* `null` for a non-AI endpoint or an unparseable body.
|
|
4220
|
+
* @public
|
|
4221
|
+
*/
|
|
4222
|
+
export declare function getResponseBody(
|
|
4223
|
+
request: ZuploRequest,
|
|
4224
|
+
response: Response
|
|
4225
|
+
): Promise<AiResponseBody | null>;
|
|
4226
|
+
|
|
4227
|
+
/**
|
|
4228
|
+
* Decode a streamed AI response into normalized {@link AiStreamEvent}s, hiding
|
|
4229
|
+
* the per-shape SSE dialect. A `post_call`-style streaming hook reads
|
|
4230
|
+
* `textDelta` / `usage` / `done` without re-writing SSE parsing per endpoint.
|
|
4231
|
+
* Reads a `clone()` of the response, so the original stream is untouched (the
|
|
4232
|
+
* caller can still return/pipe `response` as-is) — the same observe-via-clone
|
|
4233
|
+
* pattern the tracing policies use.
|
|
4234
|
+
* @public
|
|
4235
|
+
*/
|
|
4236
|
+
export declare function getStreamEvents(
|
|
4237
|
+
request: ZuploRequest,
|
|
4238
|
+
response: Response
|
|
4239
|
+
): AsyncIterable<AiStreamEvent>;
|
|
4240
|
+
|
|
4241
|
+
/**
|
|
4242
|
+
* Normalize the usage record from a (non-streaming) response body, regardless of
|
|
4243
|
+
* shape. Chat reports `prompt_tokens`/`completion_tokens`; responses and
|
|
4244
|
+
* Anthropic report `input_tokens`/`output_tokens`. Returns `undefined` when no
|
|
4245
|
+
* usage is present.
|
|
4246
|
+
* @public
|
|
4247
|
+
*/
|
|
4248
|
+
export declare function getUsage(body: unknown): AiUsage | undefined;
|
|
4249
|
+
|
|
3579
4250
|
declare interface GoogleCloudLoggingOptions {
|
|
3580
4251
|
serviceAccountJson: string;
|
|
3581
4252
|
logName: string;
|
|
@@ -3659,6 +4330,21 @@ export declare interface GraphqlAnalyticsOutboundPolicyOptions {
|
|
|
3659
4330
|
maxScanBytes?: number;
|
|
3660
4331
|
}
|
|
3661
4332
|
|
|
4333
|
+
/**
|
|
4334
|
+
* GraphQL response-cache outcome, as decided by the Zuplo-provided GraphQL
|
|
4335
|
+
* Cache policy (`graphql-cache-inbound`) and reported on its `x-cache`
|
|
4336
|
+
* response header:
|
|
4337
|
+
* - `"hit"` — the response was served from cache.
|
|
4338
|
+
* - `"miss"` — a cache-eligible query that was not in cache (forwarded to
|
|
4339
|
+
* the origin).
|
|
4340
|
+
*
|
|
4341
|
+
* Operations that are not cache-eligible (mutations, subscriptions,
|
|
4342
|
+
* uncacheable/credentialed requests) — or that ran on a route without the
|
|
4343
|
+
* GraphQL Cache policy — carry no cache state (`null`), and are excluded
|
|
4344
|
+
* from the cache-hit-rate denominator.
|
|
4345
|
+
*/
|
|
4346
|
+
export declare type GraphqlCacheState = "hit" | "miss";
|
|
4347
|
+
|
|
3662
4348
|
/**
|
|
3663
4349
|
* One GraphQL error extracted from a response body, reduced to the
|
|
3664
4350
|
* fields the GraphQL Analytics outbound policy consumes for
|
|
@@ -5318,6 +6004,26 @@ export declare interface HydrolixRequestLoggerPluginOptions<T> {
|
|
|
5318
6004
|
batchPeriodSeconds?: number;
|
|
5319
6005
|
}
|
|
5320
6006
|
|
|
6007
|
+
/**
|
|
6008
|
+
* Image generation tool
|
|
6009
|
+
*/
|
|
6010
|
+
declare interface ImageGenerationTool {
|
|
6011
|
+
type: "image_generation";
|
|
6012
|
+
model?: "gpt-image-1" | "gpt-image-1-mini";
|
|
6013
|
+
background?: "transparent" | "opaque" | "auto";
|
|
6014
|
+
input_fidelity?: "high" | "low" | null;
|
|
6015
|
+
input_image_mask?: {
|
|
6016
|
+
file_id?: string;
|
|
6017
|
+
image_url?: string;
|
|
6018
|
+
};
|
|
6019
|
+
moderation?: "auto" | "low";
|
|
6020
|
+
output_compression?: number;
|
|
6021
|
+
output_format?: "png" | "webp" | "jpeg";
|
|
6022
|
+
partial_images?: number;
|
|
6023
|
+
quality?: "low" | "medium" | "high" | "auto";
|
|
6024
|
+
size?: "1024x1024" | "1024x1536" | "1536x1024" | "auto";
|
|
6025
|
+
}
|
|
6026
|
+
|
|
5321
6027
|
/**
|
|
5322
6028
|
* A policy that can modify the incoming HTTP request before it is sent to
|
|
5323
6029
|
* the handler. If a response is returned, the request is short-circuited and
|
|
@@ -5365,6 +6071,7 @@ export declare interface HydrolixRequestLoggerPluginOptions<T> {
|
|
|
5365
6071
|
export declare abstract class InboundPolicy<
|
|
5366
6072
|
TOptions = any,
|
|
5367
6073
|
> extends PolicyBase<TOptions> {
|
|
6074
|
+
readonly direction: PolicyDirection;
|
|
5368
6075
|
/**
|
|
5369
6076
|
* The handler that is called each time this policy is invoked
|
|
5370
6077
|
*
|
|
@@ -5942,6 +6649,13 @@ export declare const legacyDevPortalHandler: (
|
|
|
5942
6649
|
context: ZuploContext
|
|
5943
6650
|
) => Response | Promise<Response>;
|
|
5944
6651
|
|
|
6652
|
+
/**
|
|
6653
|
+
* Local shell tool
|
|
6654
|
+
*/
|
|
6655
|
+
declare interface LocalShellTool {
|
|
6656
|
+
type: "local_shell";
|
|
6657
|
+
}
|
|
6658
|
+
|
|
5945
6659
|
/**
|
|
5946
6660
|
* @beta
|
|
5947
6661
|
*/
|
|
@@ -6116,6 +6830,7 @@ declare type LokiTransportVersion = 1 | 2;
|
|
|
6116
6830
|
*/
|
|
6117
6831
|
export declare class McpAuth0OAuthInboundPolicy extends InboundPolicy<ValidatedAuth0OAuthOptions> {
|
|
6118
6832
|
#private;
|
|
6833
|
+
static readonly policyType = "mcp-auth0-oauth";
|
|
6119
6834
|
constructor(rawOptions: unknown, policyName: string);
|
|
6120
6835
|
handler(
|
|
6121
6836
|
request: ZuploRequest,
|
|
@@ -6294,6 +7009,7 @@ declare const mcpAuth0OAuthOptionsSchema: z.ZodObject<
|
|
|
6294
7009
|
*/
|
|
6295
7010
|
export declare class McpClerkOAuthInboundPolicy extends InboundPolicy<McpClerkOAuthInboundPolicyOptions> {
|
|
6296
7011
|
#private;
|
|
7012
|
+
static readonly policyType = "mcp-clerk-oauth";
|
|
6297
7013
|
constructor(rawOptions: unknown, policyName: string);
|
|
6298
7014
|
handler(
|
|
6299
7015
|
request: ZuploRequest,
|
|
@@ -6364,6 +7080,7 @@ export declare interface McpClerkOAuthInboundPolicyOptions {
|
|
|
6364
7080
|
*/
|
|
6365
7081
|
export declare class McpCognitoOAuthInboundPolicy extends InboundPolicy<McpCognitoOAuthInboundPolicyOptions> {
|
|
6366
7082
|
#private;
|
|
7083
|
+
static readonly policyType = "mcp-cognito-oauth";
|
|
6367
7084
|
constructor(rawOptions: unknown, policyName: string);
|
|
6368
7085
|
handler(
|
|
6369
7086
|
request: ZuploRequest,
|
|
@@ -6445,6 +7162,7 @@ export declare interface McpCognitoOAuthInboundPolicyOptions {
|
|
|
6445
7162
|
*/
|
|
6446
7163
|
export declare class McpEntraOAuthInboundPolicy extends InboundPolicy<McpEntraOAuthInboundPolicyOptions> {
|
|
6447
7164
|
#private;
|
|
7165
|
+
static readonly policyType = "mcp-entra-oauth";
|
|
6448
7166
|
constructor(rawOptions: unknown, policyName: string);
|
|
6449
7167
|
handler(
|
|
6450
7168
|
request: ZuploRequest,
|
|
@@ -6521,6 +7239,7 @@ export declare interface McpEntraOAuthInboundPolicyOptions {
|
|
|
6521
7239
|
*/
|
|
6522
7240
|
export declare class McpGoogleOAuthInboundPolicy extends InboundPolicy<McpGoogleOAuthInboundPolicyOptions> {
|
|
6523
7241
|
#private;
|
|
7242
|
+
static readonly policyType = "mcp-google-oauth";
|
|
6524
7243
|
constructor(rawOptions: unknown, policyName: string);
|
|
6525
7244
|
handler(
|
|
6526
7245
|
request: ZuploRequest,
|
|
@@ -6591,6 +7310,7 @@ export declare interface McpGoogleOAuthInboundPolicyOptions {
|
|
|
6591
7310
|
*/
|
|
6592
7311
|
export declare class McpKeycloakOAuthInboundPolicy extends InboundPolicy<McpKeycloakOAuthInboundPolicyOptions> {
|
|
6593
7312
|
#private;
|
|
7313
|
+
static readonly policyType = "mcp-keycloak-oauth";
|
|
6594
7314
|
constructor(rawOptions: unknown, policyName: string);
|
|
6595
7315
|
handler(
|
|
6596
7316
|
request: ZuploRequest,
|
|
@@ -6668,6 +7388,7 @@ export declare interface McpKeycloakOAuthInboundPolicyOptions {
|
|
|
6668
7388
|
*/
|
|
6669
7389
|
export declare class McpLogtoOAuthInboundPolicy extends InboundPolicy<McpLogtoOAuthInboundPolicyOptions> {
|
|
6670
7390
|
#private;
|
|
7391
|
+
static readonly policyType = "mcp-logto-oauth";
|
|
6671
7392
|
constructor(rawOptions: unknown, policyName: string);
|
|
6672
7393
|
handler(
|
|
6673
7394
|
request: ZuploRequest,
|
|
@@ -6746,6 +7467,7 @@ export declare interface McpLogtoOAuthInboundPolicyOptions {
|
|
|
6746
7467
|
* @product mcp-gateway
|
|
6747
7468
|
*/
|
|
6748
7469
|
export declare class McpOAuthInboundPolicy extends InboundPolicy<McpOAuthRuntimeConfig> {
|
|
7470
|
+
static readonly policyType = "mcp-oauth";
|
|
6749
7471
|
constructor(rawOptions: unknown, policyName: string);
|
|
6750
7472
|
handler(
|
|
6751
7473
|
request: ZuploRequest,
|
|
@@ -7022,6 +7744,7 @@ declare const mcpOAuthRuntimeConfigSchema: z.ZodObject<
|
|
|
7022
7744
|
*/
|
|
7023
7745
|
export declare class McpOktaOAuthInboundPolicy extends InboundPolicy<McpOktaOAuthInboundPolicyOptions> {
|
|
7024
7746
|
#private;
|
|
7747
|
+
static readonly policyType = "mcp-okta-oauth";
|
|
7025
7748
|
constructor(rawOptions: unknown, policyName: string);
|
|
7026
7749
|
handler(
|
|
7027
7750
|
request: ZuploRequest,
|
|
@@ -7099,6 +7822,7 @@ export declare interface McpOktaOAuthInboundPolicyOptions {
|
|
|
7099
7822
|
*/
|
|
7100
7823
|
export declare class McpOneLoginOAuthInboundPolicy extends InboundPolicy<McpOneLoginOAuthInboundPolicyOptions> {
|
|
7101
7824
|
#private;
|
|
7825
|
+
static readonly policyType = "mcp-onelogin-oauth";
|
|
7102
7826
|
constructor(rawOptions: unknown, policyName: string);
|
|
7103
7827
|
handler(
|
|
7104
7828
|
request: ZuploRequest,
|
|
@@ -7169,6 +7893,7 @@ export declare interface McpOneLoginOAuthInboundPolicyOptions {
|
|
|
7169
7893
|
*/
|
|
7170
7894
|
export declare class McpPingOAuthInboundPolicy extends InboundPolicy<McpPingOAuthInboundPolicyOptions> {
|
|
7171
7895
|
#private;
|
|
7896
|
+
static readonly policyType = "mcp-ping-oauth";
|
|
7172
7897
|
constructor(rawOptions: unknown, policyName: string);
|
|
7173
7898
|
handler(
|
|
7174
7899
|
request: ZuploRequest,
|
|
@@ -7256,6 +7981,29 @@ export declare function mcpServerHandler(
|
|
|
7256
7981
|
context: ZuploContext
|
|
7257
7982
|
): Promise<Response>;
|
|
7258
7983
|
|
|
7984
|
+
/**
|
|
7985
|
+
* MCP (Model Context Protocol) tool
|
|
7986
|
+
*/
|
|
7987
|
+
declare interface McpTool {
|
|
7988
|
+
server_label: string;
|
|
7989
|
+
type: "mcp";
|
|
7990
|
+
allowed_tools?: string[] | Record<string, unknown> | null;
|
|
7991
|
+
authorization?: string;
|
|
7992
|
+
connector_id?:
|
|
7993
|
+
| "connector_dropbox"
|
|
7994
|
+
| "connector_gmail"
|
|
7995
|
+
| "connector_googlecalendar"
|
|
7996
|
+
| "connector_googledrive"
|
|
7997
|
+
| "connector_microsoftteams"
|
|
7998
|
+
| "connector_outlookcalendar"
|
|
7999
|
+
| "connector_outlookemail"
|
|
8000
|
+
| "connector_sharepoint";
|
|
8001
|
+
headers?: Record<string, string> | null;
|
|
8002
|
+
require_approval?: Record<string, unknown> | "always" | "never" | null;
|
|
8003
|
+
server_description?: string;
|
|
8004
|
+
server_url?: string;
|
|
8005
|
+
}
|
|
8006
|
+
|
|
7259
8007
|
/**
|
|
7260
8008
|
* Authenticate MCP gateway requests using a gateway-issued OAuth access token,
|
|
7261
8009
|
* with browser login delegated to WorkOS.
|
|
@@ -7271,6 +8019,7 @@ export declare function mcpServerHandler(
|
|
|
7271
8019
|
*/
|
|
7272
8020
|
export declare class McpWorkosOAuthInboundPolicy extends InboundPolicy<McpWorkosOAuthInboundPolicyOptions> {
|
|
7273
8021
|
#private;
|
|
8022
|
+
static readonly policyType = "mcp-workos-oauth";
|
|
7274
8023
|
constructor(rawOptions: unknown, policyName: string);
|
|
7275
8024
|
handler(
|
|
7276
8025
|
request: ZuploRequest,
|
|
@@ -7614,6 +8363,7 @@ export declare interface MoesifInboundPolicyOptions {
|
|
|
7614
8363
|
*/
|
|
7615
8364
|
export declare class MonetizationInboundPolicy extends InboundPolicy<MonetizationInboundPolicyOptions> {
|
|
7616
8365
|
#private;
|
|
8366
|
+
static readonly policyType = "monetization";
|
|
7617
8367
|
/**
|
|
7618
8368
|
* Set the monetization subscription data for the current request.
|
|
7619
8369
|
*
|
|
@@ -7936,6 +8686,7 @@ export declare interface OAuthProtectedResourcePluginOptions {
|
|
|
7936
8686
|
* @returns A Request or a Response
|
|
7937
8687
|
*/
|
|
7938
8688
|
export declare class OktaFGAAuthZInboundPolicy extends BaseOpenFGAAuthZInboundPolicy {
|
|
8689
|
+
static readonly policyType = "oktafga-authz";
|
|
7939
8690
|
constructor(options: OktaFGAAuthZInboundPolicyOptions, policyName: string);
|
|
7940
8691
|
}
|
|
7941
8692
|
|
|
@@ -8055,6 +8806,30 @@ declare interface OnSendingAwsLambdaEventHook {
|
|
|
8055
8806
|
): Promise<AwsLambdaEventV1 | AwsLambdaEventV2>;
|
|
8056
8807
|
}
|
|
8057
8808
|
|
|
8809
|
+
/**
|
|
8810
|
+
* Unused by the cache (a cache miss is never unsafe, so it always fails open). Present for interface consistency.
|
|
8811
|
+
* @public
|
|
8812
|
+
*/
|
|
8813
|
+
declare type OnUnknownShape = "deny" | "skip";
|
|
8814
|
+
|
|
8815
|
+
/**
|
|
8816
|
+
* What to do when the request shape cannot be inspected. As a guardrail, this policy defaults to 'deny' (fail closed) so uninspectable content is never served.
|
|
8817
|
+
* @public
|
|
8818
|
+
*/
|
|
8819
|
+
declare type OnUnknownShape_2 = "deny" | "skip";
|
|
8820
|
+
|
|
8821
|
+
/**
|
|
8822
|
+
* What to do on a shape the policy cannot read. As an observer this defaults to 'skip' (fail open — pass through untraced).
|
|
8823
|
+
* @public
|
|
8824
|
+
*/
|
|
8825
|
+
declare type OnUnknownShape_3 = "deny" | "skip";
|
|
8826
|
+
|
|
8827
|
+
/**
|
|
8828
|
+
* What to do on a shape the policy cannot read. As an observer this defaults to 'skip' (fail open — pass through untraced).
|
|
8829
|
+
* @public
|
|
8830
|
+
*/
|
|
8831
|
+
declare type OnUnknownShape_4 = "deny" | "skip";
|
|
8832
|
+
|
|
8058
8833
|
/**
|
|
8059
8834
|
* Handler that serves OpenAPI specification files.
|
|
8060
8835
|
* Use this to expose your API documentation in a standard format that can be
|
|
@@ -8651,7 +9426,7 @@ declare namespace OpenAPIV3_1 {
|
|
|
8651
9426
|
* @returns A Request or a Response
|
|
8652
9427
|
*/
|
|
8653
9428
|
export declare class OpenFGAAuthZInboundPolicy extends BaseOpenFGAAuthZInboundPolicy {
|
|
8654
|
-
|
|
9429
|
+
static readonly policyType = "openfga-authz";
|
|
8655
9430
|
}
|
|
8656
9431
|
|
|
8657
9432
|
/**
|
|
@@ -8787,6 +9562,7 @@ export declare interface OpenIdJwtInboundPolicyOptions {
|
|
|
8787
9562
|
*/
|
|
8788
9563
|
export declare class OpenMeterInboundPolicy extends InboundPolicy<OpenMeterInboundPolicyOptions> {
|
|
8789
9564
|
#private;
|
|
9565
|
+
static readonly policyType = "openmeter-metering";
|
|
8790
9566
|
constructor(options: OpenMeterInboundPolicyOptions, policyName: string);
|
|
8791
9567
|
handler(
|
|
8792
9568
|
request: ZuploRequest<RequestGeneric>,
|
|
@@ -8972,6 +9748,7 @@ export declare class OTelMetricsPlugin extends MetricsPlugin {
|
|
|
8972
9748
|
export declare abstract class OutboundPolicy<
|
|
8973
9749
|
TOptions = any,
|
|
8974
9750
|
> extends PolicyBase<TOptions> {
|
|
9751
|
+
readonly direction: PolicyDirection;
|
|
8975
9752
|
/**
|
|
8976
9753
|
* The handler that is called each time this policy is invoked
|
|
8977
9754
|
*
|
|
@@ -9098,16 +9875,11 @@ declare interface ParsedRouteData extends Omit<RouteData, "corsPolicies"> {
|
|
|
9098
9875
|
/* Excluded from this release type: getInboundPolicyInstance */
|
|
9099
9876
|
}
|
|
9100
9877
|
|
|
9101
|
-
/**
|
|
9102
|
-
* The base class for inbound and outbound policies.
|
|
9103
|
-
* Provides common functionality for all policy types.
|
|
9104
|
-
*
|
|
9105
|
-
* @public
|
|
9106
|
-
*/
|
|
9107
9878
|
declare abstract class PolicyBase<TOptions = any> {
|
|
9108
9879
|
options: TOptions;
|
|
9109
9880
|
policyName: string;
|
|
9110
|
-
|
|
9881
|
+
/* Excluded from this release type: policyType */
|
|
9882
|
+
/* Excluded from this release type: direction */
|
|
9111
9883
|
/* Excluded from this release type: __constructor */
|
|
9112
9884
|
}
|
|
9113
9885
|
|
|
@@ -9121,6 +9893,22 @@ export declare interface PolicyConfiguration {
|
|
|
9121
9893
|
options?: unknown;
|
|
9122
9894
|
}
|
|
9123
9895
|
|
|
9896
|
+
/**
|
|
9897
|
+
* The base class for inbound and outbound policies.
|
|
9898
|
+
* Provides common functionality for all policy types.
|
|
9899
|
+
*
|
|
9900
|
+
* @public
|
|
9901
|
+
*/
|
|
9902
|
+
/**
|
|
9903
|
+
* The pipeline phase a policy runs in. Inbound policies run on the request
|
|
9904
|
+
* before the handler; outbound policies run on the response after it. This is
|
|
9905
|
+
* determined structurally by whether a policy extends {@link InboundPolicy} or
|
|
9906
|
+
* {@link OutboundPolicy}, so it can never drift from the policy's real phase.
|
|
9907
|
+
*
|
|
9908
|
+
* @public
|
|
9909
|
+
*/
|
|
9910
|
+
declare type PolicyDirection = "inbound" | "outbound";
|
|
9911
|
+
|
|
9124
9912
|
/**
|
|
9125
9913
|
* @public
|
|
9126
9914
|
*/
|
|
@@ -9398,7 +10186,7 @@ declare interface QuotaFallbackModels {
|
|
|
9398
10186
|
*/
|
|
9399
10187
|
export declare class QuotaInboundPolicy extends InboundPolicy<QuotaInboundPolicyOptions> {
|
|
9400
10188
|
#private;
|
|
9401
|
-
|
|
10189
|
+
static readonly policyType = "quota";
|
|
9402
10190
|
handler(
|
|
9403
10191
|
request: ZuploRequest<RequestGeneric>,
|
|
9404
10192
|
context: ZuploContext
|
|
@@ -9696,6 +10484,28 @@ export declare function ReadmeMetricsInboundPolicy(
|
|
|
9696
10484
|
policyName: string
|
|
9697
10485
|
): Promise<ZuploRequest<RequestGeneric_2>>;
|
|
9698
10486
|
|
|
10487
|
+
/**
|
|
10488
|
+
* Record the GraphQL response-cache outcome for the in-flight operation so
|
|
10489
|
+
* the analytics middleware can emit it as the `cacheState` dimension on the
|
|
10490
|
+
* `graphql_operation` event.
|
|
10491
|
+
*
|
|
10492
|
+
* Called by the Zuplo-provided GraphQL Cache policy (`graphql-cache-inbound`,
|
|
10493
|
+
* in the `@zuplo/graphql` package) the moment it resolves a cache hit or
|
|
10494
|
+
* miss — synchronously during inbound processing, before the analytics
|
|
10495
|
+
* middleware finalizes the event. Mirrors how the GraphQL Analytics outbound
|
|
10496
|
+
* policy feeds errors through {@link getOperationContext}.
|
|
10497
|
+
*
|
|
10498
|
+
* No-op when the request isn't running the GraphQL analytics middleware (the
|
|
10499
|
+
* route lacks the `x-graphql: true` marker, so there's no operation context to
|
|
10500
|
+
* write to), so it's always safe to call.
|
|
10501
|
+
*
|
|
10502
|
+
* @public
|
|
10503
|
+
*/
|
|
10504
|
+
export declare function recordGraphqlCacheState(
|
|
10505
|
+
context: ZuploContext,
|
|
10506
|
+
cacheState: GraphqlCacheState
|
|
10507
|
+
): void;
|
|
10508
|
+
|
|
9699
10509
|
/**
|
|
9700
10510
|
* Handler that returns HTTP redirects.
|
|
9701
10511
|
* Useful for URL shortening, legacy URL handling, or routing to external services.
|
|
@@ -10187,6 +10997,43 @@ export declare function responseHasGraphqlErrors(
|
|
|
10187
10997
|
maxScanBytes?: number
|
|
10188
10998
|
): Promise<boolean>;
|
|
10189
10999
|
|
|
11000
|
+
declare interface ResponseInputItem {
|
|
11001
|
+
type?: "message";
|
|
11002
|
+
role: "user" | "assistant" | "system" | "developer";
|
|
11003
|
+
content:
|
|
11004
|
+
| string
|
|
11005
|
+
| Array<{
|
|
11006
|
+
type: "text" | "image_url" | "audio";
|
|
11007
|
+
text?: string;
|
|
11008
|
+
image_url?: {
|
|
11009
|
+
url: string;
|
|
11010
|
+
};
|
|
11011
|
+
audio?: {
|
|
11012
|
+
data: string;
|
|
11013
|
+
format: string;
|
|
11014
|
+
};
|
|
11015
|
+
}>;
|
|
11016
|
+
}
|
|
11017
|
+
|
|
11018
|
+
declare interface ResponsesChoice {
|
|
11019
|
+
index: number;
|
|
11020
|
+
id?: string;
|
|
11021
|
+
type?: "message";
|
|
11022
|
+
role?: "assistant";
|
|
11023
|
+
content?: Array<{
|
|
11024
|
+
type: "output_text";
|
|
11025
|
+
text: string;
|
|
11026
|
+
annotations?: Array<unknown>;
|
|
11027
|
+
}>;
|
|
11028
|
+
status?: string | null;
|
|
11029
|
+
finish_reason?:
|
|
11030
|
+
| "stop"
|
|
11031
|
+
| "length"
|
|
11032
|
+
| "function_call"
|
|
11033
|
+
| "tool_calls"
|
|
11034
|
+
| "content_filter";
|
|
11035
|
+
}
|
|
11036
|
+
|
|
10190
11037
|
/**
|
|
10191
11038
|
* Definition of responses for a route
|
|
10192
11039
|
* @public
|
|
@@ -10223,6 +11070,115 @@ export declare class ResponseSentEvent extends Event {
|
|
|
10223
11070
|
readonly response: Response;
|
|
10224
11071
|
}
|
|
10225
11072
|
|
|
11073
|
+
declare interface ResponsesRequest {
|
|
11074
|
+
input?: string | ResponseInputItem[];
|
|
11075
|
+
model?: string;
|
|
11076
|
+
instructions?: string;
|
|
11077
|
+
previous_response_id?: string;
|
|
11078
|
+
temperature?: number;
|
|
11079
|
+
top_p?: number;
|
|
11080
|
+
stream?: boolean;
|
|
11081
|
+
max_output_tokens?: number;
|
|
11082
|
+
tools?: ResponsesToolDefinition[];
|
|
11083
|
+
tool_choice?: ResponsesToolChoice;
|
|
11084
|
+
parallel_tool_calls?: boolean;
|
|
11085
|
+
reasoning?: {
|
|
11086
|
+
effort: "low" | "medium" | "high";
|
|
11087
|
+
};
|
|
11088
|
+
service_tier?: "auto" | "default" | "flex" | "scale" | "priority";
|
|
11089
|
+
stream_options?: {
|
|
11090
|
+
include_usage?: boolean;
|
|
11091
|
+
};
|
|
11092
|
+
background?: boolean;
|
|
11093
|
+
conversation?: string;
|
|
11094
|
+
include?: string[];
|
|
11095
|
+
metadata?: Record<string, unknown>;
|
|
11096
|
+
store?: boolean;
|
|
11097
|
+
truncation?: "auto" | "disabled";
|
|
11098
|
+
prompt_cache_key?: string;
|
|
11099
|
+
safety_identifier?: string;
|
|
11100
|
+
}
|
|
11101
|
+
|
|
11102
|
+
declare interface ResponsesResponse {
|
|
11103
|
+
id: string;
|
|
11104
|
+
object: "response";
|
|
11105
|
+
created: number;
|
|
11106
|
+
model: string;
|
|
11107
|
+
status:
|
|
11108
|
+
| "queued"
|
|
11109
|
+
| "in_progress"
|
|
11110
|
+
| "completed"
|
|
11111
|
+
| "failed"
|
|
11112
|
+
| "cancelled"
|
|
11113
|
+
| "incomplete";
|
|
11114
|
+
system_fingerprint?: string;
|
|
11115
|
+
output?: ResponsesChoice[];
|
|
11116
|
+
usage?: ResponsesUsage;
|
|
11117
|
+
error?: {
|
|
11118
|
+
type: string;
|
|
11119
|
+
message: string;
|
|
11120
|
+
};
|
|
11121
|
+
service_tier?: string;
|
|
11122
|
+
provider?: string;
|
|
11123
|
+
}
|
|
11124
|
+
|
|
11125
|
+
declare type ResponsesToolChoice =
|
|
11126
|
+
| "none"
|
|
11127
|
+
| "auto"
|
|
11128
|
+
| "required"
|
|
11129
|
+
| {
|
|
11130
|
+
mode: "auto" | "required";
|
|
11131
|
+
tools: Array<Record<string, unknown>>;
|
|
11132
|
+
type: "allowed_tools";
|
|
11133
|
+
}
|
|
11134
|
+
| {
|
|
11135
|
+
name: string;
|
|
11136
|
+
type: "custom";
|
|
11137
|
+
}
|
|
11138
|
+
| {
|
|
11139
|
+
name: string;
|
|
11140
|
+
type: "function";
|
|
11141
|
+
}
|
|
11142
|
+
| {
|
|
11143
|
+
server_label: string;
|
|
11144
|
+
type: "mcp";
|
|
11145
|
+
name?: string | null;
|
|
11146
|
+
}
|
|
11147
|
+
| {
|
|
11148
|
+
type:
|
|
11149
|
+
| "file_search"
|
|
11150
|
+
| "web_search_preview"
|
|
11151
|
+
| "computer_use_preview"
|
|
11152
|
+
| "web_search_preview_2025_03_11"
|
|
11153
|
+
| "image_generation"
|
|
11154
|
+
| "code_interpreter"
|
|
11155
|
+
| "mcp";
|
|
11156
|
+
};
|
|
11157
|
+
|
|
11158
|
+
declare type ResponsesToolDefinition =
|
|
11159
|
+
| FunctionTool
|
|
11160
|
+
| WebSearchTool
|
|
11161
|
+
| WebSearchPreviewTool
|
|
11162
|
+
| CodeInterpreterTool
|
|
11163
|
+
| FileSearchTool
|
|
11164
|
+
| ComputerUseTool
|
|
11165
|
+
| ImageGenerationTool
|
|
11166
|
+
| LocalShellTool
|
|
11167
|
+
| CustomTool
|
|
11168
|
+
| McpTool;
|
|
11169
|
+
|
|
11170
|
+
declare interface ResponsesUsage {
|
|
11171
|
+
input_tokens: number;
|
|
11172
|
+
output_tokens: number;
|
|
11173
|
+
total_tokens: number;
|
|
11174
|
+
input_tokens_details?: {
|
|
11175
|
+
cached_tokens?: number;
|
|
11176
|
+
};
|
|
11177
|
+
output_tokens_details?: {
|
|
11178
|
+
reasoning_tokens?: number;
|
|
11179
|
+
};
|
|
11180
|
+
}
|
|
11181
|
+
|
|
10226
11182
|
/**
|
|
10227
11183
|
* @public
|
|
10228
11184
|
*/
|
|
@@ -10500,6 +11456,12 @@ export declare type SemanticCacheInboundPolicyOptions = {
|
|
|
10500
11456
|
cacheStatusHeaderName?: string;
|
|
10501
11457
|
};
|
|
10502
11458
|
|
|
11459
|
+
/**
|
|
11460
|
+
* The semantic similarity threshold for semantic cache matches. Values closer to 0 require closer similarity, while larger values allow more flexible matching. Default is 0.2.
|
|
11461
|
+
* @public
|
|
11462
|
+
*/
|
|
11463
|
+
declare type SemanticTolerance = number;
|
|
11464
|
+
|
|
10503
11465
|
/* Excluded from this release type: serialize */
|
|
10504
11466
|
|
|
10505
11467
|
/**
|
|
@@ -10550,7 +11512,7 @@ export declare interface SetBodyInboundPolicyOptions {
|
|
|
10550
11512
|
* @param policyName - The name of the policy as set in policies.json
|
|
10551
11513
|
* @returns A Request or a Response
|
|
10552
11514
|
*/
|
|
10553
|
-
export declare const SetHeadersInboundPolicy:
|
|
11515
|
+
export declare const SetHeadersInboundPolicy: InboundPolicyHandler_2<SetHeadersInboundPolicyOptions>;
|
|
10554
11516
|
|
|
10555
11517
|
/**
|
|
10556
11518
|
* The options for this policy.
|
|
@@ -10823,6 +11785,16 @@ declare interface StreamingAccumulationSettings {
|
|
|
10823
11785
|
checkIntervalMs?: CheckIntervalMs;
|
|
10824
11786
|
}
|
|
10825
11787
|
|
|
11788
|
+
/**
|
|
11789
|
+
* Configuration for accumulating and validating streaming responses.
|
|
11790
|
+
* @public
|
|
11791
|
+
*/
|
|
11792
|
+
declare interface StreamingAccumulationSettings_2 {
|
|
11793
|
+
enabled?: EnableStreamingAccumulation_2;
|
|
11794
|
+
eventsInterval?: EventsInterval_2;
|
|
11795
|
+
checkIntervalMs?: CheckIntervalMs_2;
|
|
11796
|
+
}
|
|
11797
|
+
|
|
10826
11798
|
/**
|
|
10827
11799
|
* A specialized zone cache for storing and retrieving ReadableStreams.
|
|
10828
11800
|
* Unlike regular ZoneCache which serializes to JSON, this cache stores raw stream data,
|
|
@@ -10928,10 +11900,7 @@ export declare class StreamingZoneCache {
|
|
|
10928
11900
|
* @returns A Request or a Response
|
|
10929
11901
|
*/
|
|
10930
11902
|
export declare class StripeWebhookVerificationInboundPolicy extends InboundPolicy<StripeWebhookVerificationInboundPolicyOptions> {
|
|
10931
|
-
|
|
10932
|
-
options: StripeWebhookVerificationInboundPolicyOptions,
|
|
10933
|
-
policyName: string
|
|
10934
|
-
);
|
|
11903
|
+
static readonly policyType = "stripe-webhook-verification";
|
|
10935
11904
|
handler(
|
|
10936
11905
|
request: ZuploRequest,
|
|
10937
11906
|
context: ZuploContext
|
|
@@ -11048,6 +12017,18 @@ export declare abstract class TelemetryPlugin extends RuntimePlugin {
|
|
|
11048
12017
|
/* Excluded from this release type: instrument */
|
|
11049
12018
|
}
|
|
11050
12019
|
|
|
12020
|
+
declare interface ToolChoice {
|
|
12021
|
+
type: "function";
|
|
12022
|
+
function: {
|
|
12023
|
+
name: string;
|
|
12024
|
+
};
|
|
12025
|
+
}
|
|
12026
|
+
|
|
12027
|
+
declare interface ToolDefinition {
|
|
12028
|
+
type: "function";
|
|
12029
|
+
function: FunctionDefinition;
|
|
12030
|
+
}
|
|
12031
|
+
|
|
11051
12032
|
/* Excluded from this release type: trackFeature */
|
|
11052
12033
|
|
|
11053
12034
|
/**
|
|
@@ -11283,6 +12264,7 @@ export declare interface UpstreamFirebaseUserAuthInboundPolicyOptions {
|
|
|
11283
12264
|
* @returns A Request or a Response
|
|
11284
12265
|
*/
|
|
11285
12266
|
export declare class UpstreamGcpFederatedAuthInboundPolicy extends InboundPolicy<UpstreamGcpFederatedAuthInboundPolicyOptions> {
|
|
12267
|
+
static readonly policyType = "upstream-gcp-federated-auth";
|
|
11286
12268
|
private cacheName;
|
|
11287
12269
|
private normalizedWorkloadIdentityProvider;
|
|
11288
12270
|
constructor(
|
|
@@ -11438,6 +12420,7 @@ export declare interface UpstreamGcpServiceAuthInboundPolicyOptions {
|
|
|
11438
12420
|
* @returns A ZuploRequest
|
|
11439
12421
|
*/
|
|
11440
12422
|
export declare class UpstreamZuploJwtAuthInboundPolicy extends InboundPolicy<UpstreamZuploJwtAuthInboundPolicyOptions> {
|
|
12423
|
+
static readonly policyType = "upstream-zuplo-jwt";
|
|
11441
12424
|
constructor(
|
|
11442
12425
|
options: UpstreamZuploJwtAuthInboundPolicyOptions,
|
|
11443
12426
|
policyName: string
|
|
@@ -11622,6 +12605,22 @@ export declare function urlRewriteHandler(
|
|
|
11622
12605
|
context: ZuploContext
|
|
11623
12606
|
): Promise<Response>;
|
|
11624
12607
|
|
|
12608
|
+
declare interface Usage {
|
|
12609
|
+
prompt_tokens: number;
|
|
12610
|
+
completion_tokens: number;
|
|
12611
|
+
total_tokens: number;
|
|
12612
|
+
prompt_tokens_details?: {
|
|
12613
|
+
cached_tokens?: number;
|
|
12614
|
+
audio_tokens?: number;
|
|
12615
|
+
};
|
|
12616
|
+
completion_tokens_details?: {
|
|
12617
|
+
reasoning_tokens?: number;
|
|
12618
|
+
audio_tokens?: number;
|
|
12619
|
+
accepted_prediction_tokens?: number;
|
|
12620
|
+
rejected_prediction_tokens?: number;
|
|
12621
|
+
};
|
|
12622
|
+
}
|
|
12623
|
+
|
|
11625
12624
|
declare type UserDataDefault = any;
|
|
11626
12625
|
|
|
11627
12626
|
declare type ValidatedAuth0OAuthOptions = z.infer<
|
|
@@ -11788,6 +12787,38 @@ export declare interface WebBotAuthInboundPolicyOptions {
|
|
|
11788
12787
|
directoryUrl?: string;
|
|
11789
12788
|
}
|
|
11790
12789
|
|
|
12790
|
+
/**
|
|
12791
|
+
* Web search tool (preview version)
|
|
12792
|
+
*/
|
|
12793
|
+
declare interface WebSearchPreviewTool {
|
|
12794
|
+
type: "web_search_preview" | "web_search_preview_2025_03_11";
|
|
12795
|
+
search_context_size?: "low" | "medium" | "high";
|
|
12796
|
+
user_location?: {
|
|
12797
|
+
type: "approximate";
|
|
12798
|
+
city?: string | null;
|
|
12799
|
+
country?: string | null;
|
|
12800
|
+
region?: string | null;
|
|
12801
|
+
timezone?: string | null;
|
|
12802
|
+
} | null;
|
|
12803
|
+
}
|
|
12804
|
+
|
|
12805
|
+
/**
|
|
12806
|
+
* Web search tool (stable version)
|
|
12807
|
+
*/
|
|
12808
|
+
declare interface WebSearchTool {
|
|
12809
|
+
type: "web_search" | "web_search_2025_08_26";
|
|
12810
|
+
filters?: {
|
|
12811
|
+
allowed_domains?: string[] | null;
|
|
12812
|
+
} | null;
|
|
12813
|
+
search_context_size?: "low" | "medium" | "high";
|
|
12814
|
+
user_location?: {
|
|
12815
|
+
city?: string | null;
|
|
12816
|
+
country?: string | null;
|
|
12817
|
+
region?: string | null;
|
|
12818
|
+
timezone?: string | null;
|
|
12819
|
+
} | null;
|
|
12820
|
+
}
|
|
12821
|
+
|
|
11791
12822
|
/**
|
|
11792
12823
|
* Handler that proxies WebSocket connections to a different URL.
|
|
11793
12824
|
* Enables WebSocket support in your API gateway for real-time communication.
|
|
@@ -11891,6 +12922,7 @@ declare interface XacmlRequest {
|
|
|
11891
12922
|
* @returns A Request or a Response
|
|
11892
12923
|
*/
|
|
11893
12924
|
export declare class XmlToJsonOutboundPolicy extends OutboundPolicy<XmlToJsonPolicyOptions> {
|
|
12925
|
+
static readonly policyType = "xml-to-json";
|
|
11894
12926
|
private parser;
|
|
11895
12927
|
private parseOnStatusCodes;
|
|
11896
12928
|
constructor(options: XmlToJsonPolicyOptions, policyName: string);
|