agentid-sdk 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -39,7 +39,11 @@ import { AgentID } from "agentid-sdk";
39
39
  import OpenAI from "openai";
40
40
 
41
41
  const openai = new OpenAI();
42
- const agent = new AgentID({ apiKey: "ag_prod_..." });
42
+ const agent = new AgentID({
43
+ apiKey: "ag_prod_...",
44
+ strictMode: false, // default (fail-open on timeout/unreachable AgentID API)
45
+ // strictMode: true, // fail-closed for high-risk workloads
46
+ });
43
47
 
44
48
  const proxiedOpenAI = agent.wrapOpenAI(openai, { system_id: "sys_..." });
45
49
  ```
@@ -49,3 +53,4 @@ const proxiedOpenAI = agent.wrapOpenAI(openai, { system_id: "sys_..." });
49
53
  - PII Scrubbing: Automatická redakce e-mailů, rodných čísel a hesel před odesláním do cloudu.
50
54
  - Crypto-Shredding: Možnost nenávratně smazat citlivá data z logů na žádost uživatele (GDPR).
51
55
  - Fail-Safe architektura: Inteligentní přepínání mezi bezpečností a dostupností (Fail-Open/Closed).
56
+ - Strict mode: při timeoutu Guard API můžeš vynutit fail-closed (`strictMode: true`).
package/dist/index.d.mts CHANGED
@@ -1,4 +1,4 @@
1
- export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-ranVjrg4.mjs';
1
+ export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-Cn7doPo2.mjs';
2
2
 
3
3
  type PIIMapping = Record<string, string>;
4
4
  declare class PIIManager {
package/dist/index.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-ranVjrg4.js';
1
+ export { A as AgentID, a as AgentIDCallbackHandler, G as GuardParams, b as GuardResponse, L as LogParams, P as PreparedInput, R as RequestOptions } from './langchain-Cn7doPo2.js';
2
2
 
3
3
  type PIIMapping = Record<string, string>;
4
4
  declare class PIIManager {
package/dist/index.js CHANGED
@@ -389,9 +389,19 @@ var LocalSecurityEnforcer = class {
389
389
 
390
390
  // src/capability-config.ts
391
391
  var CONFIG_TTL_MS = 5 * 60 * 1e3;
392
- var CONFIG_TIMEOUT_MS = 2e3;
392
+ var CONFIG_TIMEOUT_MS = 8e3;
393
+ var CONFIG_RETRY_DELAY_MS = 1e3;
393
394
  var MAX_CAPABILITY_CACHE_ENTRIES = 500;
394
395
  var AGENTID_SDK_VERSION_HEADER = "js-1.0.4";
396
+ var CapabilityConfigFetchError = class extends Error {
397
+ constructor(message, params) {
398
+ super(message);
399
+ this.name = "CapabilityConfigFetchError";
400
+ this.status = params.status;
401
+ this.retryable = params.retryable;
402
+ this.timeout = params.timeout;
403
+ }
404
+ };
395
405
  function normalizeBaseUrl(baseUrl) {
396
406
  return baseUrl.replace(/\/+$/, "");
397
407
  }
@@ -447,10 +457,13 @@ function enforceCacheBound(cache) {
447
457
  }
448
458
  cache.clear();
449
459
  }
450
- async function fetchCapabilityConfigWithTimeout(params) {
451
- if (typeof fetch !== "function") {
452
- throw new Error("fetch is unavailable in this runtime");
453
- }
460
+ function sleep(ms) {
461
+ return new Promise((resolve) => setTimeout(resolve, ms));
462
+ }
463
+ function isAbortError(error) {
464
+ return !!error && typeof error === "object" && error.name === "AbortError";
465
+ }
466
+ async function fetchCapabilityConfigAttempt(params) {
454
467
  const controller = new AbortController();
455
468
  const timeoutId = setTimeout(() => controller.abort(), params.timeoutMs);
456
469
  try {
@@ -465,13 +478,52 @@ async function fetchCapabilityConfigWithTimeout(params) {
465
478
  });
466
479
  const payload = await safeReadJson(res);
467
480
  if (!res.ok) {
468
- throw new Error(`Config API Error ${res.status}`);
481
+ const retryable = res.status >= 500 || res.status === 429 || res.status === 408;
482
+ throw new CapabilityConfigFetchError(`Config API Error ${res.status}`, {
483
+ status: res.status,
484
+ retryable,
485
+ timeout: false
486
+ });
469
487
  }
470
488
  return normalizeCapabilityConfig(payload);
489
+ } catch (error) {
490
+ if (error instanceof CapabilityConfigFetchError) {
491
+ throw error;
492
+ }
493
+ if (isAbortError(error)) {
494
+ throw new CapabilityConfigFetchError(
495
+ "AgentID SDK failed to initialize: Connection timeout during configuration fetch. Please check your network or AgentID API status.",
496
+ {
497
+ retryable: true,
498
+ timeout: true
499
+ }
500
+ );
501
+ }
502
+ throw new CapabilityConfigFetchError(
503
+ error instanceof Error ? error.message : "Configuration fetch failed.",
504
+ {
505
+ retryable: true,
506
+ timeout: false
507
+ }
508
+ );
471
509
  } finally {
472
510
  clearTimeout(timeoutId);
473
511
  }
474
512
  }
513
+ async function fetchCapabilityConfigWithTimeout(params) {
514
+ if (typeof fetch !== "function") {
515
+ throw new Error("fetch is unavailable in this runtime");
516
+ }
517
+ try {
518
+ return await fetchCapabilityConfigAttempt(params);
519
+ } catch (firstError) {
520
+ if (firstError instanceof CapabilityConfigFetchError && firstError.retryable) {
521
+ await sleep(CONFIG_RETRY_DELAY_MS);
522
+ return await fetchCapabilityConfigAttempt(params);
523
+ }
524
+ throw firstError;
525
+ }
526
+ }
475
527
  function getCachedCapabilityConfig(params) {
476
528
  const key = getCacheKey(params.apiKey, params.baseUrl);
477
529
  const entry = getGlobalCache().get(key);
@@ -503,7 +555,8 @@ async function ensureCapabilityConfig(params) {
503
555
  enforceCacheBound(cache);
504
556
  return resolved;
505
557
  }).catch((error) => {
506
- console.warn("AgentID Config unreachable. Defaulting to STRICT MODE.", error);
558
+ const message = error instanceof Error ? error.message : String(error);
559
+ console.warn("AgentID Config unreachable. Defaulting to STRICT MODE.", message);
507
560
  cache.set(key, {
508
561
  config: DEFAULT_STRICT_CONFIG,
509
562
  expiresAt: Date.now() + ttlMs,
@@ -947,6 +1000,7 @@ var AgentID = class {
947
1000
  this.checkInjection = config.checkInjection !== false;
948
1001
  this.aiScanEnabled = config.aiScanEnabled !== false;
949
1002
  this.storePii = config.storePii === true;
1003
+ this.strictMode = config.strictMode === true;
950
1004
  this.pii = new PIIManager();
951
1005
  this.localEnforcer = new LocalSecurityEnforcer(this.pii);
952
1006
  void this.getCapabilityConfig();
@@ -1093,7 +1147,8 @@ var AgentID = class {
1093
1147
  }
1094
1148
  /**
1095
1149
  * GUARD: Checks limits, PII, and security before execution.
1096
- * FAIL-CLOSED: Returns allowed=false if the API fails.
1150
+ * strictMode=false (default): FAIL-OPEN on connectivity/timeouts.
1151
+ * strictMode=true: FAIL-CLOSED and throws on connectivity/timeouts.
1097
1152
  */
1098
1153
  async guard(params, options) {
1099
1154
  const effectiveApiKey = this.resolveApiKey(options?.apiKey);
@@ -1123,8 +1178,23 @@ var AgentID = class {
1123
1178
  }
1124
1179
  throw new Error("Invalid guard response");
1125
1180
  } catch (error) {
1126
- console.warn("[AgentID] Guard check failed (Fail-Closed active):", error);
1127
- return { allowed: false, reason: "guard_unreachable" };
1181
+ const isAbortError2 = error && typeof error === "object" && error.name === "AbortError";
1182
+ if (isAbortError2) {
1183
+ const timeoutMessage = "AgentID API Warning: Connection timeout exceeded.";
1184
+ if (this.strictMode) {
1185
+ throw new Error(timeoutMessage);
1186
+ }
1187
+ console.warn(timeoutMessage);
1188
+ return { allowed: true, reason: "timeout_fallback" };
1189
+ }
1190
+ if (this.strictMode) {
1191
+ if (error instanceof Error) {
1192
+ throw error;
1193
+ }
1194
+ throw new Error("AgentID API Error: Guard request failed.");
1195
+ }
1196
+ console.warn("[AgentID] Guard check failed (Fail-Open active):", error);
1197
+ return { allowed: true, reason: "guard_unreachable" };
1128
1198
  } finally {
1129
1199
  clearTimeout(timeoutId);
1130
1200
  }
package/dist/index.mjs CHANGED
@@ -351,9 +351,19 @@ var LocalSecurityEnforcer = class {
351
351
 
352
352
  // src/capability-config.ts
353
353
  var CONFIG_TTL_MS = 5 * 60 * 1e3;
354
- var CONFIG_TIMEOUT_MS = 2e3;
354
+ var CONFIG_TIMEOUT_MS = 8e3;
355
+ var CONFIG_RETRY_DELAY_MS = 1e3;
355
356
  var MAX_CAPABILITY_CACHE_ENTRIES = 500;
356
357
  var AGENTID_SDK_VERSION_HEADER = "js-1.0.4";
358
+ var CapabilityConfigFetchError = class extends Error {
359
+ constructor(message, params) {
360
+ super(message);
361
+ this.name = "CapabilityConfigFetchError";
362
+ this.status = params.status;
363
+ this.retryable = params.retryable;
364
+ this.timeout = params.timeout;
365
+ }
366
+ };
357
367
  function normalizeBaseUrl(baseUrl) {
358
368
  return baseUrl.replace(/\/+$/, "");
359
369
  }
@@ -409,10 +419,13 @@ function enforceCacheBound(cache) {
409
419
  }
410
420
  cache.clear();
411
421
  }
412
- async function fetchCapabilityConfigWithTimeout(params) {
413
- if (typeof fetch !== "function") {
414
- throw new Error("fetch is unavailable in this runtime");
415
- }
422
+ function sleep(ms) {
423
+ return new Promise((resolve) => setTimeout(resolve, ms));
424
+ }
425
+ function isAbortError(error) {
426
+ return !!error && typeof error === "object" && error.name === "AbortError";
427
+ }
428
+ async function fetchCapabilityConfigAttempt(params) {
416
429
  const controller = new AbortController();
417
430
  const timeoutId = setTimeout(() => controller.abort(), params.timeoutMs);
418
431
  try {
@@ -427,13 +440,52 @@ async function fetchCapabilityConfigWithTimeout(params) {
427
440
  });
428
441
  const payload = await safeReadJson(res);
429
442
  if (!res.ok) {
430
- throw new Error(`Config API Error ${res.status}`);
443
+ const retryable = res.status >= 500 || res.status === 429 || res.status === 408;
444
+ throw new CapabilityConfigFetchError(`Config API Error ${res.status}`, {
445
+ status: res.status,
446
+ retryable,
447
+ timeout: false
448
+ });
431
449
  }
432
450
  return normalizeCapabilityConfig(payload);
451
+ } catch (error) {
452
+ if (error instanceof CapabilityConfigFetchError) {
453
+ throw error;
454
+ }
455
+ if (isAbortError(error)) {
456
+ throw new CapabilityConfigFetchError(
457
+ "AgentID SDK failed to initialize: Connection timeout during configuration fetch. Please check your network or AgentID API status.",
458
+ {
459
+ retryable: true,
460
+ timeout: true
461
+ }
462
+ );
463
+ }
464
+ throw new CapabilityConfigFetchError(
465
+ error instanceof Error ? error.message : "Configuration fetch failed.",
466
+ {
467
+ retryable: true,
468
+ timeout: false
469
+ }
470
+ );
433
471
  } finally {
434
472
  clearTimeout(timeoutId);
435
473
  }
436
474
  }
475
+ async function fetchCapabilityConfigWithTimeout(params) {
476
+ if (typeof fetch !== "function") {
477
+ throw new Error("fetch is unavailable in this runtime");
478
+ }
479
+ try {
480
+ return await fetchCapabilityConfigAttempt(params);
481
+ } catch (firstError) {
482
+ if (firstError instanceof CapabilityConfigFetchError && firstError.retryable) {
483
+ await sleep(CONFIG_RETRY_DELAY_MS);
484
+ return await fetchCapabilityConfigAttempt(params);
485
+ }
486
+ throw firstError;
487
+ }
488
+ }
437
489
  function getCachedCapabilityConfig(params) {
438
490
  const key = getCacheKey(params.apiKey, params.baseUrl);
439
491
  const entry = getGlobalCache().get(key);
@@ -465,7 +517,8 @@ async function ensureCapabilityConfig(params) {
465
517
  enforceCacheBound(cache);
466
518
  return resolved;
467
519
  }).catch((error) => {
468
- console.warn("AgentID Config unreachable. Defaulting to STRICT MODE.", error);
520
+ const message = error instanceof Error ? error.message : String(error);
521
+ console.warn("AgentID Config unreachable. Defaulting to STRICT MODE.", message);
469
522
  cache.set(key, {
470
523
  config: DEFAULT_STRICT_CONFIG,
471
524
  expiresAt: Date.now() + ttlMs,
@@ -909,6 +962,7 @@ var AgentID = class {
909
962
  this.checkInjection = config.checkInjection !== false;
910
963
  this.aiScanEnabled = config.aiScanEnabled !== false;
911
964
  this.storePii = config.storePii === true;
965
+ this.strictMode = config.strictMode === true;
912
966
  this.pii = new PIIManager();
913
967
  this.localEnforcer = new LocalSecurityEnforcer(this.pii);
914
968
  void this.getCapabilityConfig();
@@ -1055,7 +1109,8 @@ var AgentID = class {
1055
1109
  }
1056
1110
  /**
1057
1111
  * GUARD: Checks limits, PII, and security before execution.
1058
- * FAIL-CLOSED: Returns allowed=false if the API fails.
1112
+ * strictMode=false (default): FAIL-OPEN on connectivity/timeouts.
1113
+ * strictMode=true: FAIL-CLOSED and throws on connectivity/timeouts.
1059
1114
  */
1060
1115
  async guard(params, options) {
1061
1116
  const effectiveApiKey = this.resolveApiKey(options?.apiKey);
@@ -1085,8 +1140,23 @@ var AgentID = class {
1085
1140
  }
1086
1141
  throw new Error("Invalid guard response");
1087
1142
  } catch (error) {
1088
- console.warn("[AgentID] Guard check failed (Fail-Closed active):", error);
1089
- return { allowed: false, reason: "guard_unreachable" };
1143
+ const isAbortError2 = error && typeof error === "object" && error.name === "AbortError";
1144
+ if (isAbortError2) {
1145
+ const timeoutMessage = "AgentID API Warning: Connection timeout exceeded.";
1146
+ if (this.strictMode) {
1147
+ throw new Error(timeoutMessage);
1148
+ }
1149
+ console.warn(timeoutMessage);
1150
+ return { allowed: true, reason: "timeout_fallback" };
1151
+ }
1152
+ if (this.strictMode) {
1153
+ if (error instanceof Error) {
1154
+ throw error;
1155
+ }
1156
+ throw new Error("AgentID API Error: Guard request failed.");
1157
+ }
1158
+ console.warn("[AgentID] Guard check failed (Fail-Open active):", error);
1159
+ return { allowed: true, reason: "guard_unreachable" };
1090
1160
  } finally {
1091
1161
  clearTimeout(timeoutId);
1092
1162
  }
@@ -54,6 +54,7 @@ type AgentIDConfig = {
54
54
  checkInjection?: boolean;
55
55
  aiScanEnabled?: boolean;
56
56
  storePii?: boolean;
57
+ strictMode?: boolean;
57
58
  };
58
59
 
59
60
  type PreparedInput = {
@@ -67,6 +68,7 @@ declare class AgentID {
67
68
  private checkInjection;
68
69
  private aiScanEnabled;
69
70
  private storePii;
71
+ private strictMode;
70
72
  private pii;
71
73
  private localEnforcer;
72
74
  private injectionScanner;
@@ -86,7 +88,8 @@ declare class AgentID {
86
88
  private logSecurityPolicyViolation;
87
89
  /**
88
90
  * GUARD: Checks limits, PII, and security before execution.
89
- * FAIL-CLOSED: Returns allowed=false if the API fails.
91
+ * strictMode=false (default): FAIL-OPEN on connectivity/timeouts.
92
+ * strictMode=true: FAIL-CLOSED and throws on connectivity/timeouts.
90
93
  */
91
94
  guard(params: GuardParams, options?: RequestOptions): Promise<GuardResponse>;
92
95
  /**
@@ -54,6 +54,7 @@ type AgentIDConfig = {
54
54
  checkInjection?: boolean;
55
55
  aiScanEnabled?: boolean;
56
56
  storePii?: boolean;
57
+ strictMode?: boolean;
57
58
  };
58
59
 
59
60
  type PreparedInput = {
@@ -67,6 +68,7 @@ declare class AgentID {
67
68
  private checkInjection;
68
69
  private aiScanEnabled;
69
70
  private storePii;
71
+ private strictMode;
70
72
  private pii;
71
73
  private localEnforcer;
72
74
  private injectionScanner;
@@ -86,7 +88,8 @@ declare class AgentID {
86
88
  private logSecurityPolicyViolation;
87
89
  /**
88
90
  * GUARD: Checks limits, PII, and security before execution.
89
- * FAIL-CLOSED: Returns allowed=false if the API fails.
91
+ * strictMode=false (default): FAIL-OPEN on connectivity/timeouts.
92
+ * strictMode=true: FAIL-CLOSED and throws on connectivity/timeouts.
90
93
  */
91
94
  guard(params: GuardParams, options?: RequestOptions): Promise<GuardResponse>;
92
95
  /**
@@ -1 +1 @@
1
- export { a as AgentIDCallbackHandler } from './langchain-ranVjrg4.mjs';
1
+ export { a as AgentIDCallbackHandler } from './langchain-Cn7doPo2.mjs';
@@ -1 +1 @@
1
- export { a as AgentIDCallbackHandler } from './langchain-ranVjrg4.js';
1
+ export { a as AgentIDCallbackHandler } from './langchain-Cn7doPo2.js';
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "agentid-sdk",
3
- "version": "0.1.3",
3
+ "version": "0.1.4",
4
4
  "description": "AgentID JavaScript/TypeScript SDK for guard, ingest, tracing, and analytics.",
5
5
  "license": "MIT",
6
6
  "homepage": "https://agentid.ai",