agents 0.16.2 → 0.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (122) hide show
  1. package/README.md +11 -8
  2. package/dist/{agent-tool-types-CTw3UJUP.d.ts → agent-tool-types-Cd1TZPfB.d.ts} +587 -137
  3. package/dist/agent-tool-types.d.ts +34 -18
  4. package/dist/agent-tool-types.js +20 -1
  5. package/dist/agent-tool-types.js.map +1 -0
  6. package/dist/agent-tools-BXlsuX0d.js +304 -0
  7. package/dist/agent-tools-BXlsuX0d.js.map +1 -0
  8. package/dist/agent-tools-_E8wxUIK.d.ts +119 -0
  9. package/dist/agent-tools.d.ts +24 -18
  10. package/dist/agent-tools.js.map +1 -1
  11. package/dist/ai-chat-agent.d.ts +1 -1
  12. package/dist/ai-chat-agent.js +1 -2
  13. package/dist/ai-chat-agent.js.map +1 -1
  14. package/dist/ai-chat-v5-migration.d.ts +1 -1
  15. package/dist/ai-chat-v5-migration.js +1 -2
  16. package/dist/ai-chat-v5-migration.js.map +1 -1
  17. package/dist/ai-react.d.ts +1 -1
  18. package/dist/ai-react.js +1 -2
  19. package/dist/ai-react.js.map +1 -1
  20. package/dist/ai-types.d.ts +1 -7
  21. package/dist/ai-types.js +2 -8
  22. package/dist/ai-types.js.map +1 -1
  23. package/dist/browser/ai.js +1 -1
  24. package/dist/browser/index.js +1 -1
  25. package/dist/chat/index.d.ts +1918 -72
  26. package/dist/chat/index.js +1730 -245
  27. package/dist/chat/index.js.map +1 -1
  28. package/dist/chat/react.d.ts +602 -0
  29. package/dist/chat/react.js +1506 -0
  30. package/dist/chat/react.js.map +1 -0
  31. package/dist/chat-sdk/index.d.ts +4 -4
  32. package/dist/{classPrivateFieldGet2-CZ7QjTXN.js → classPrivateFieldGet2-DZBYAB34.js} +5 -5
  33. package/dist/{classPrivateMethodInitSpec-D-0__zd9.js → classPrivateMethodInitSpec-qMjJ6sHQ.js} +2 -2
  34. package/dist/{client-BXJ9n2f7.js → client-BZ-B3NhC.js} +2 -2
  35. package/dist/client-BZ-B3NhC.js.map +1 -0
  36. package/dist/client-tools-aIBO0Fk7.d.ts +53 -0
  37. package/dist/client.d.ts +76 -57
  38. package/dist/client.js +33 -5
  39. package/dist/client.js.map +1 -1
  40. package/dist/{connector-CrKhowfD.js → connector-CdldGF3h.js} +5 -5
  41. package/dist/{connector-CrKhowfD.js.map → connector-CdldGF3h.js.map} +1 -1
  42. package/dist/email.js +1 -1
  43. package/dist/email.js.map +1 -1
  44. package/dist/{index-B7IbEeze.d.ts → index-CcbnKkNh.d.ts} +188 -14
  45. package/dist/index.d.ts +91 -71
  46. package/dist/index.js +562 -24
  47. package/dist/index.js.map +1 -1
  48. package/dist/mcp/client.d.ts +18 -14
  49. package/dist/mcp/client.js +1 -1
  50. package/dist/mcp/index.d.ts +30 -30
  51. package/dist/mcp/index.js +7 -7
  52. package/dist/mcp/index.js.map +1 -1
  53. package/dist/{agent-tools-3zLG7MgA.js → message-builder-BymO4N_D.js} +45 -126
  54. package/dist/message-builder-BymO4N_D.js.map +1 -0
  55. package/dist/observability/index.d.ts +1 -1
  56. package/dist/observability/index.js +4 -2
  57. package/dist/observability/index.js.map +1 -1
  58. package/dist/react.d.ts +123 -110
  59. package/dist/react.js +44 -11
  60. package/dist/react.js.map +1 -1
  61. package/dist/serializable.d.ts +1 -1
  62. package/dist/skills/compile.js +1 -1
  63. package/dist/skills/compile.js.map +1 -1
  64. package/dist/skills/index.js +5 -5
  65. package/dist/skills/index.js.map +1 -1
  66. package/dist/sub-routing.d.ts +6 -6
  67. package/dist/utils.js +1 -1
  68. package/dist/utils.js.map +1 -1
  69. package/dist/vite.js +5 -5
  70. package/dist/vite.js.map +1 -1
  71. package/dist/wire-types-nflOzNuU.js +240 -0
  72. package/dist/wire-types-nflOzNuU.js.map +1 -0
  73. package/dist/{workflow-types-SrZK_o9p.d.ts → workflow-types-Baz_PO5v.d.ts} +42 -22
  74. package/dist/workflow-types.d.ts +25 -21
  75. package/dist/workflow-types.js.map +1 -1
  76. package/dist/workflows.d.ts +22 -21
  77. package/dist/workflows.js +31 -7
  78. package/dist/workflows.js.map +1 -1
  79. package/docs/adding-to-existing-project.md +450 -0
  80. package/docs/agent-class.md +503 -0
  81. package/docs/agent-tools.md +552 -0
  82. package/docs/browse-the-web.md +430 -0
  83. package/docs/callable-methods.md +627 -0
  84. package/docs/chat-agents.md +1687 -0
  85. package/docs/chat-sdk.md +181 -0
  86. package/docs/client-sdk.md +520 -0
  87. package/docs/client-tools-continuation.md +177 -0
  88. package/docs/codemode.md +440 -0
  89. package/docs/configuration.md +775 -0
  90. package/docs/cross-domain-authentication.md +171 -0
  91. package/docs/durable-execution.md +537 -0
  92. package/docs/email.md +663 -0
  93. package/docs/get-current-agent.md +204 -0
  94. package/docs/getting-started.md +305 -0
  95. package/docs/http-websockets.md +668 -0
  96. package/docs/human-in-the-loop.md +661 -0
  97. package/docs/index.md +151 -0
  98. package/docs/long-running-agents.md +730 -0
  99. package/docs/mcp-client.md +620 -0
  100. package/docs/mcp-servers.md +526 -0
  101. package/docs/mcp-transports.md +308 -0
  102. package/docs/migration-to-ai-sdk-v5.md +96 -0
  103. package/docs/migration-to-ai-sdk-v6.md +163 -0
  104. package/docs/observability.md +261 -0
  105. package/docs/push-notifications.md +367 -0
  106. package/docs/queue.md +329 -0
  107. package/docs/readonly-connections.md +278 -0
  108. package/docs/resumable-streaming.md +127 -0
  109. package/docs/retries.md +444 -0
  110. package/docs/routing.md +749 -0
  111. package/docs/scheduling.md +898 -0
  112. package/docs/securing-mcp-servers.md +359 -0
  113. package/docs/server-driven-messages.md +477 -0
  114. package/docs/sessions.md +1024 -0
  115. package/docs/state.md +512 -0
  116. package/docs/sub-agents.md +389 -0
  117. package/docs/webhooks.md +604 -0
  118. package/docs/workflows.md +877 -0
  119. package/package.json +41 -14
  120. package/dist/agent-tools-3zLG7MgA.js.map +0 -1
  121. package/dist/agent-tools-DZhI5F6Q.d.ts +0 -14
  122. package/dist/client-BXJ9n2f7.js.map +0 -1
package/dist/email.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"email.js","names":[],"sources":["../src/email.ts"],"sourcesContent":["/**\n * Email routing types, resolvers, and signing utilities for Agents\n */\n\n// Re-export AgentEmail type\nexport type { AgentEmail } from \"./internal_context\";\n\n// ============================================================================\n// Email header utilities\n// ============================================================================\n\n/**\n * Header object as returned by postal-mime and similar email parsing libraries.\n * Each header has a lowercase key and a string value.\n */\nexport type EmailHeader = {\n /** Lowercase header name (e.g., \"content-type\", \"x-custom-header\") */\n key: string;\n /** Header value */\n value: string;\n};\n\n/**\n * Check if an email appears to be an auto-reply based on standard headers.\n * Checks for Auto-Submitted (RFC 3834), X-Auto-Response-Suppress, and Precedence headers.\n *\n * @param headers - Headers array from postal-mime Email.headers or similar format\n * @returns true if email appears to be an auto-reply\n *\n * @example\n * ```typescript\n * if (isAutoReplyEmail(parsed.headers)) {\n * // Skip processing auto-replies\n * return;\n * }\n * ```\n */\nexport function isAutoReplyEmail(headers: EmailHeader[]): boolean {\n return headers.some((h) => {\n const key = h.key.toLowerCase();\n const value = h.value.toLowerCase();\n\n // RFC 3834: Auto-Submitted header\n // \"no\" means normal (human-sent) email, anything else indicates auto-reply\n if (key === \"auto-submitted\") {\n return value !== \"no\";\n }\n\n // X-Auto-Response-Suppress: any value indicates sender doesn't want auto-replies\n if (key === \"x-auto-response-suppress\") {\n return true;\n }\n\n // Precedence: only bulk/junk/list indicate automated/mass mail\n if (key === \"precedence\") {\n return value === \"bulk\" || value === \"junk\" || value === \"list\";\n }\n\n return false;\n });\n}\n\n// ============================================================================\n// Signing utilities\n// ============================================================================\n\n/** Default signature expiration: 30 days in seconds */\nexport const DEFAULT_MAX_AGE_SECONDS = 30 * 24 * 60 * 60;\n\n/** Maximum allowed clock skew for future timestamps: 5 minutes */\nconst MAX_CLOCK_SKEW_SECONDS = 5 * 60;\n\n/**\n * Compute HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param timestamp - Unix timestamp in seconds\n * @returns Base64-encoded HMAC signature\n */\nasync function computeAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n timestamp: string\n): Promise<string> {\n const encoder = new TextEncoder();\n const key = await crypto.subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n const data = encoder.encode(`${agentName}:${agentId}:${timestamp}`);\n const signature = await crypto.subtle.sign(\"HMAC\", key, data);\n return btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n\n/**\n * Result of signature verification\n */\ntype SignatureVerificationResult =\n | { valid: true }\n | { valid: false; reason: \"expired\" | \"invalid\" | \"malformed_timestamp\" };\n\n/**\n * Verify HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param signature - Base64-encoded signature to verify\n * @param timestamp - Unix timestamp in seconds when signature was created\n * @param maxAgeSeconds - Maximum age of signature in seconds (default: 30 days)\n * @returns Verification result with reason if invalid\n */\nasync function verifyAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n signature: string,\n timestamp: string,\n maxAgeSeconds: number = DEFAULT_MAX_AGE_SECONDS\n): Promise<SignatureVerificationResult> {\n try {\n // Validate timestamp format\n const timestampNum = Number.parseInt(timestamp, 10);\n if (Number.isNaN(timestampNum)) {\n return { valid: false, reason: \"malformed_timestamp\" };\n }\n\n // Check timestamp validity\n const now = Math.floor(Date.now() / 1000);\n\n // Reject timestamps too far in the future (prevents extending signature validity)\n if (timestampNum > now + MAX_CLOCK_SKEW_SECONDS) {\n return { valid: false, reason: \"invalid\" };\n }\n\n // Check if signature has expired\n if (now - timestampNum > maxAgeSeconds) {\n return { valid: false, reason: \"expired\" };\n }\n\n const expected = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n // Constant-time comparison to prevent timing attacks\n if (expected.length !== signature.length) {\n return { valid: false, reason: \"invalid\" };\n }\n let result = 0;\n for (let i = 0; i < expected.length; i++) {\n result |= expected.charCodeAt(i) ^ signature.charCodeAt(i);\n }\n if (result !== 0) {\n return { valid: false, reason: \"invalid\" };\n }\n return { valid: true };\n } catch (error) {\n console.warn(\"[agents] Signature verification error:\", error);\n return { valid: false, reason: \"invalid\" };\n }\n}\n\n/**\n * Sign agent routing headers for secure reply flows.\n * Use this when sending outbound emails to ensure replies can be securely routed back.\n *\n * @param secret - Secret key for HMAC signing (store in environment variables)\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @returns Headers object with X-Agent-Name, X-Agent-ID, X-Agent-Sig, and X-Agent-Sig-Ts\n *\n * @example\n * ```typescript\n * const headers = await signAgentHeaders(env.EMAIL_SECRET, \"MyAgent\", this.name);\n * // Use these headers when sending outbound emails\n * ```\n */\nexport async function signAgentHeaders(\n secret: string,\n agentName: string,\n agentId: string\n): Promise<Record<string, string>> {\n if (!secret) {\n throw new Error(\"secret is required for signing agent headers\");\n }\n if (!agentName) {\n throw new Error(\"agentName is required for signing agent headers\");\n }\n if (!agentId) {\n throw new Error(\"agentId is required for signing agent headers\");\n }\n // Reject colons to prevent signature confusion attacks\n // (signature payload uses colon as delimiter: \"agentName:agentId:timestamp\")\n if (agentName.includes(\":\")) {\n throw new Error(\"agentName cannot contain colons\");\n }\n if (agentId.includes(\":\")) {\n throw new Error(\"agentId cannot contain colons\");\n }\n\n const timestamp = Math.floor(Date.now() / 1000).toString();\n const signature = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n return {\n \"X-Agent-Name\": agentName,\n \"X-Agent-ID\": agentId,\n \"X-Agent-Sig\": signature,\n \"X-Agent-Sig-Ts\": timestamp\n };\n}\n\n// ============================================================================\n// Email routing types and resolvers\n// ============================================================================\n\nexport type EmailResolverResult = {\n agentName: string;\n agentId: string;\n /** @internal Indicates this resolver requires secure reply signing */\n _secureRouted?: boolean;\n} | null;\n\nexport type EmailResolver<Env> = (\n email: ForwardableEmailMessage,\n env: Env\n) => Promise<EmailResolverResult>;\n\n/**\n * Reason for signature verification failure\n */\nexport type SignatureFailureReason =\n | \"missing_headers\"\n | \"expired\"\n | \"invalid\"\n | \"malformed_timestamp\";\n\n/**\n * Options for createSecureReplyEmailResolver\n */\nexport type SecureReplyResolverOptions = {\n /**\n * Maximum age of signature in seconds.\n * Signatures older than this will be rejected.\n * Default: 30 days (2592000 seconds)\n */\n maxAge?: number;\n /**\n * Callback invoked when signature verification fails.\n * Useful for logging and debugging.\n */\n onInvalidSignature?: (\n email: ForwardableEmailMessage,\n reason: SignatureFailureReason\n ) => void;\n};\n\n/**\n * @deprecated REMOVED due to security vulnerability (IDOR via spoofed headers).\n * @throws Always throws an error with migration guidance.\n */\nexport function createHeaderBasedEmailResolver<Env>(): EmailResolver<Env> {\n throw new Error(\n \"createHeaderBasedEmailResolver has been removed due to a security vulnerability. \" +\n \"It trusted attacker-controlled email headers for routing, enabling IDOR attacks.\\n\\n\" +\n \"Migration options:\\n\" +\n \" - For inbound mail: use createAddressBasedEmailResolver(agentName)\\n\" +\n \" - For reply flows: use createSecureReplyEmailResolver(secret) with signed headers\\n\\n\" +\n \"See https://github.com/cloudflare/agents/blob/main/docs/email.md for details.\"\n );\n}\n\n/**\n * Create a resolver for routing email replies with signature verification.\n * This resolver verifies that replies contain a valid HMAC signature, preventing\n * attackers from routing emails to arbitrary agent instances.\n *\n * @param secret - Secret key for HMAC verification (must match the key used with signAgentHeaders)\n * @param options - Optional configuration for signature verification\n * @returns A function that resolves the agent to route the email to, or null if signature is invalid\n *\n * @example\n * ```typescript\n * // In your email handler\n * const secureResolver = createSecureReplyEmailResolver(env.EMAIL_SECRET, {\n * maxAge: 7 * 24 * 60 * 60, // 7 days\n * onInvalidSignature: (email, reason) => {\n * console.warn(`Invalid signature from ${email.from}: ${reason}`);\n * }\n * });\n * const addressResolver = createAddressBasedEmailResolver(\"MyAgent\");\n *\n * await routeAgentEmail(email, env, {\n * resolver: async (email, env) => {\n * // Try secure reply routing first\n * const replyRouting = await secureResolver(email, env);\n * if (replyRouting) return replyRouting;\n * // Fall back to address-based routing\n * return addressResolver(email, env);\n * }\n * });\n * ```\n */\nexport function createSecureReplyEmailResolver<Env>(\n secret: string,\n options?: SecureReplyResolverOptions\n): EmailResolver<Env> {\n if (!secret) {\n throw new Error(\"secret is required for createSecureReplyEmailResolver\");\n }\n\n const maxAge = options?.maxAge ?? DEFAULT_MAX_AGE_SECONDS;\n const onInvalidSignature = options?.onInvalidSignature;\n\n return async (email: ForwardableEmailMessage, _env: Env) => {\n const agentName = email.headers.get(\"x-agent-name\");\n const agentId = email.headers.get(\"x-agent-id\");\n const signature = email.headers.get(\"x-agent-sig\");\n const timestamp = email.headers.get(\"x-agent-sig-ts\");\n\n if (!agentName || !agentId || !signature || !timestamp) {\n onInvalidSignature?.(email, \"missing_headers\");\n return null;\n }\n\n const result = await verifyAgentSignature(\n secret,\n agentName,\n agentId,\n signature,\n timestamp,\n maxAge\n );\n\n if (!result.valid) {\n onInvalidSignature?.(email, result.reason);\n return null;\n }\n\n return { agentName, agentId, _secureRouted: true };\n };\n}\n\n/**\n * Create a resolver that uses the email address to determine the agent to route the email to\n * @param defaultAgentName The default agent name to use if the email address does not contain a sub-address\n * @returns A function that resolves the agent to route the email to\n */\nexport function createAddressBasedEmailResolver<Env>(\n defaultAgentName: string\n): EmailResolver<Env> {\n return async (email: ForwardableEmailMessage, _env: Env) => {\n // Length limits per RFC 5321: local part max 64 chars, domain max 253 chars\n const emailMatch = email.to.match(\n /^([^+@]{1,64})(?:\\+([^@]{1,64}))?@(.{1,253})$/\n );\n if (!emailMatch) {\n return null;\n }\n\n const [, localPart, subAddress] = emailMatch;\n\n if (subAddress) {\n return {\n agentName: localPart,\n agentId: subAddress\n };\n }\n\n // Option 2: Use defaultAgentName namespace, localPart as agentId\n // Common for catch-all email routing to a single EmailAgent namespace\n return {\n agentName: defaultAgentName,\n agentId: localPart\n };\n };\n}\n\n/**\n * Create a resolver that uses the agentName and agentId to determine the agent to route the email to\n * @param agentName The name of the agent to route the email to\n * @param agentId The id of the agent to route the email to\n * @returns A function that resolves the agent to route the email to\n */\nexport function createCatchAllEmailResolver<Env>(\n agentName: string,\n agentId: string\n): EmailResolver<Env> {\n return async () => ({ agentName, agentId });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAqCA,SAAgB,iBAAiB,SAAiC;CAChE,OAAO,QAAQ,MAAM,MAAM;EACzB,MAAM,MAAM,EAAE,IAAI,YAAY;EAC9B,MAAM,QAAQ,EAAE,MAAM,YAAY;EAIlC,IAAI,QAAQ,kBACV,OAAO,UAAU;EAInB,IAAI,QAAQ,4BACV,OAAO;EAIT,IAAI,QAAQ,cACV,OAAO,UAAU,UAAU,UAAU,UAAU,UAAU;EAG3D,OAAO;CACT,CAAC;AACH;;AAOA,MAAa,0BAA0B,MAAU,KAAK;;AAGtD,MAAM,yBAAyB;;;;;;;;;AAU/B,eAAe,sBACb,QACA,WACA,SACA,WACiB;CACjB,MAAM,UAAU,IAAI,YAAY;CAChC,MAAM,MAAM,MAAM,OAAO,OAAO,UAC9B,OACA,QAAQ,OAAO,MAAM,GACrB;EAAE,MAAM;EAAQ,MAAM;CAAU,GAChC,OACA,CAAC,MAAM,CACT;CACA,MAAM,OAAO,QAAQ,OAAO,GAAG,UAAU,GAAG,QAAQ,GAAG,WAAW;CAClE,MAAM,YAAY,MAAM,OAAO,OAAO,KAAK,QAAQ,KAAK,IAAI;CAC5D,OAAO,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,SAAS,CAAC,CAAC;AAC/D;;;;;;;;;;;AAmBA,eAAe,qBACb,QACA,WACA,SACA,WACA,WACA,gBAAwB,yBACc;CACtC,IAAI;EAEF,MAAM,eAAe,OAAO,SAAS,WAAW,EAAE;EAClD,IAAI,OAAO,MAAM,YAAY,GAC3B,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAsB;EAIvD,MAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;EAGxC,IAAI,eAAe,MAAM,wBACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAI3C,IAAI,MAAM,eAAe,eACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAG3C,MAAM,WAAW,MAAM,sBACrB,QACA,WACA,SACA,SACF;EAEA,IAAI,SAAS,WAAW,UAAU,QAChC,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,IAAI,SAAS;EACb,KAAK,IAAI,IAAI,GAAG,IAAI,SAAS,QAAQ,KACnC,UAAU,SAAS,WAAW,CAAC,IAAI,UAAU,WAAW,CAAC;EAE3D,IAAI,WAAW,GACb,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,OAAO,EAAE,OAAO,KAAK;CACvB,SAAS,OAAO;EACd,QAAQ,KAAK,0CAA0C,KAAK;EAC5D,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;CAC3C;AACF;;;;;;;;;;;;;;;;AAiBA,eAAsB,iBACpB,QACA,WACA,SACiC;CACjC,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,8CAA8C;CAEhE,IAAI,CAAC,WACH,MAAM,IAAI,MAAM,iDAAiD;CAEnE,IAAI,CAAC,SACH,MAAM,IAAI,MAAM,+CAA+C;CAIjE,IAAI,UAAU,SAAS,GAAG,GACxB,MAAM,IAAI,MAAM,iCAAiC;CAEnD,IAAI,QAAQ,SAAS,GAAG,GACtB,MAAM,IAAI,MAAM,+BAA+B;CAGjD,MAAM,YAAY,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,CAAC,CAAC,SAAS;CAOzD,OAAO;EACL,gBAAgB;EAChB,cAAc;EACd,eAAe,MATO,sBACtB,QACA,WACA,SACA,SACF;EAKE,kBAAkB;CACpB;AACF;;;;;AAmDA,SAAgB,iCAA0D;CACxE,MAAM,IAAI,MACR,qaAMF;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCA,SAAgB,+BACd,QACA,SACoB;CACpB,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,uDAAuD;CAGzE,MAAM,SAAS,SAAS,UAAA;CACxB,MAAM,qBAAqB,SAAS;CAEpC,OAAO,OAAO,OAAgC,SAAc;EAC1D,MAAM,YAAY,MAAM,QAAQ,IAAI,cAAc;EAClD,MAAM,UAAU,MAAM,QAAQ,IAAI,YAAY;EAC9C,MAAM,YAAY,MAAM,QAAQ,IAAI,aAAa;EACjD,MAAM,YAAY,MAAM,QAAQ,IAAI,gBAAgB;EAEpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,aAAa,CAAC,WAAW;GACtD,qBAAqB,OAAO,iBAAiB;GAC7C,OAAO;EACT;EAEA,MAAM,SAAS,MAAM,qBACnB,QACA,WACA,SACA,WACA,WACA,MACF;EAEA,IAAI,CAAC,OAAO,OAAO;GACjB,qBAAqB,OAAO,OAAO,MAAM;GACzC,OAAO;EACT;EAEA,OAAO;GAAE;GAAW;GAAS,eAAe;EAAK;CACnD;AACF;;;;;;AAOA,SAAgB,gCACd,kBACoB;CACpB,OAAO,OAAO,OAAgC,SAAc;EAE1D,MAAM,aAAa,MAAM,GAAG,MAC1B,+CACF;EACA,IAAI,CAAC,YACH,OAAO;EAGT,MAAM,GAAG,WAAW,cAAc;EAElC,IAAI,YACF,OAAO;GACL,WAAW;GACX,SAAS;EACX;EAKF,OAAO;GACL,WAAW;GACX,SAAS;EACX;CACF;AACF;;;;;;;AAQA,SAAgB,4BACd,WACA,SACoB;CACpB,OAAO,aAAa;EAAE;EAAW;CAAQ;AAC3C"}
1
+ {"version":3,"file":"email.js","names":[],"sources":["../src/email.ts"],"sourcesContent":["/**\n * Email routing types, resolvers, and signing utilities for Agents\n */\n\n// Re-export AgentEmail type\nexport type { AgentEmail } from \"./internal_context\";\n\n// ============================================================================\n// Email header utilities\n// ============================================================================\n\n/**\n * Header object as returned by postal-mime and similar email parsing libraries.\n * Each header has a lowercase key and a string value.\n */\nexport type EmailHeader = {\n /** Lowercase header name (e.g., \"content-type\", \"x-custom-header\") */\n key: string;\n /** Header value */\n value: string;\n};\n\n/**\n * Check if an email appears to be an auto-reply based on standard headers.\n * Checks for Auto-Submitted (RFC 3834), X-Auto-Response-Suppress, and Precedence headers.\n *\n * @param headers - Headers array from postal-mime Email.headers or similar format\n * @returns true if email appears to be an auto-reply\n *\n * @example\n * ```typescript\n * if (isAutoReplyEmail(parsed.headers)) {\n * // Skip processing auto-replies\n * return;\n * }\n * ```\n */\nexport function isAutoReplyEmail(headers: EmailHeader[]): boolean {\n return headers.some((h) => {\n const key = h.key.toLowerCase();\n const value = h.value.toLowerCase();\n\n // RFC 3834: Auto-Submitted header\n // \"no\" means normal (human-sent) email, anything else indicates auto-reply\n if (key === \"auto-submitted\") {\n return value !== \"no\";\n }\n\n // X-Auto-Response-Suppress: any value indicates sender doesn't want auto-replies\n if (key === \"x-auto-response-suppress\") {\n return true;\n }\n\n // Precedence: only bulk/junk/list indicate automated/mass mail\n if (key === \"precedence\") {\n return value === \"bulk\" || value === \"junk\" || value === \"list\";\n }\n\n return false;\n });\n}\n\n// ============================================================================\n// Signing utilities\n// ============================================================================\n\n/** Default signature expiration: 30 days in seconds */\nexport const DEFAULT_MAX_AGE_SECONDS = 30 * 24 * 60 * 60;\n\n/** Maximum allowed clock skew for future timestamps: 5 minutes */\nconst MAX_CLOCK_SKEW_SECONDS = 5 * 60;\n\n/**\n * Compute HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param timestamp - Unix timestamp in seconds\n * @returns Base64-encoded HMAC signature\n */\nasync function computeAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n timestamp: string\n): Promise<string> {\n const encoder = new TextEncoder();\n const key = await crypto.subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n const data = encoder.encode(`${agentName}:${agentId}:${timestamp}`);\n const signature = await crypto.subtle.sign(\"HMAC\", key, data);\n return btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n\n/**\n * Result of signature verification\n */\ntype SignatureVerificationResult =\n | { valid: true }\n | { valid: false; reason: \"expired\" | \"invalid\" | \"malformed_timestamp\" };\n\n/**\n * Verify HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param signature - Base64-encoded signature to verify\n * @param timestamp - Unix timestamp in seconds when signature was created\n * @param maxAgeSeconds - Maximum age of signature in seconds (default: 30 days)\n * @returns Verification result with reason if invalid\n */\nasync function verifyAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n signature: string,\n timestamp: string,\n maxAgeSeconds: number = DEFAULT_MAX_AGE_SECONDS\n): Promise<SignatureVerificationResult> {\n try {\n // Validate timestamp format\n const timestampNum = Number.parseInt(timestamp, 10);\n if (Number.isNaN(timestampNum)) {\n return { valid: false, reason: \"malformed_timestamp\" };\n }\n\n // Check timestamp validity\n const now = Math.floor(Date.now() / 1000);\n\n // Reject timestamps too far in the future (prevents extending signature validity)\n if (timestampNum > now + MAX_CLOCK_SKEW_SECONDS) {\n return { valid: false, reason: \"invalid\" };\n }\n\n // Check if signature has expired\n if (now - timestampNum > maxAgeSeconds) {\n return { valid: false, reason: \"expired\" };\n }\n\n const expected = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n // Constant-time comparison to prevent timing attacks\n if (expected.length !== signature.length) {\n return { valid: false, reason: \"invalid\" };\n }\n let result = 0;\n for (let i = 0; i < expected.length; i++) {\n result |= expected.charCodeAt(i) ^ signature.charCodeAt(i);\n }\n if (result !== 0) {\n return { valid: false, reason: \"invalid\" };\n }\n return { valid: true };\n } catch (error) {\n console.warn(\"[agents] Signature verification error:\", error);\n return { valid: false, reason: \"invalid\" };\n }\n}\n\n/**\n * Sign agent routing headers for secure reply flows.\n * Use this when sending outbound emails to ensure replies can be securely routed back.\n *\n * @param secret - Secret key for HMAC signing (store in environment variables)\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @returns Headers object with X-Agent-Name, X-Agent-ID, X-Agent-Sig, and X-Agent-Sig-Ts\n *\n * @example\n * ```typescript\n * const headers = await signAgentHeaders(env.EMAIL_SECRET, \"MyAgent\", this.name);\n * // Use these headers when sending outbound emails\n * ```\n */\nexport async function signAgentHeaders(\n secret: string,\n agentName: string,\n agentId: string\n): Promise<Record<string, string>> {\n if (!secret) {\n throw new Error(\"secret is required for signing agent headers\");\n }\n if (!agentName) {\n throw new Error(\"agentName is required for signing agent headers\");\n }\n if (!agentId) {\n throw new Error(\"agentId is required for signing agent headers\");\n }\n // Reject colons to prevent signature confusion attacks\n // (signature payload uses colon as delimiter: \"agentName:agentId:timestamp\")\n if (agentName.includes(\":\")) {\n throw new Error(\"agentName cannot contain colons\");\n }\n if (agentId.includes(\":\")) {\n throw new Error(\"agentId cannot contain colons\");\n }\n\n const timestamp = Math.floor(Date.now() / 1000).toString();\n const signature = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n return {\n \"X-Agent-Name\": agentName,\n \"X-Agent-ID\": agentId,\n \"X-Agent-Sig\": signature,\n \"X-Agent-Sig-Ts\": timestamp\n };\n}\n\n// ============================================================================\n// Email routing types and resolvers\n// ============================================================================\n\nexport type EmailResolverResult = {\n agentName: string;\n agentId: string;\n /** @internal Indicates this resolver requires secure reply signing */\n _secureRouted?: boolean;\n} | null;\n\nexport type EmailResolver<Env> = (\n email: ForwardableEmailMessage,\n env: Env\n) => Promise<EmailResolverResult>;\n\n/**\n * Reason for signature verification failure\n */\nexport type SignatureFailureReason =\n | \"missing_headers\"\n | \"expired\"\n | \"invalid\"\n | \"malformed_timestamp\";\n\n/**\n * Options for createSecureReplyEmailResolver\n */\nexport type SecureReplyResolverOptions = {\n /**\n * Maximum age of signature in seconds.\n * Signatures older than this will be rejected.\n * Default: 30 days (2592000 seconds)\n */\n maxAge?: number;\n /**\n * Callback invoked when signature verification fails.\n * Useful for logging and debugging.\n */\n onInvalidSignature?: (\n email: ForwardableEmailMessage,\n reason: SignatureFailureReason\n ) => void;\n};\n\n/**\n * @deprecated REMOVED due to security vulnerability (IDOR via spoofed headers).\n * @throws Always throws an error with migration guidance.\n */\nexport function createHeaderBasedEmailResolver<Env>(): EmailResolver<Env> {\n throw new Error(\n \"createHeaderBasedEmailResolver has been removed due to a security vulnerability. \" +\n \"It trusted attacker-controlled email headers for routing, enabling IDOR attacks.\\n\\n\" +\n \"Migration options:\\n\" +\n \" - For inbound mail: use createAddressBasedEmailResolver(agentName)\\n\" +\n \" - For reply flows: use createSecureReplyEmailResolver(secret) with signed headers\\n\\n\" +\n \"See https://github.com/cloudflare/agents/blob/main/docs/agents/email.md for details.\"\n );\n}\n\n/**\n * Create a resolver for routing email replies with signature verification.\n * This resolver verifies that replies contain a valid HMAC signature, preventing\n * attackers from routing emails to arbitrary agent instances.\n *\n * @param secret - Secret key for HMAC verification (must match the key used with signAgentHeaders)\n * @param options - Optional configuration for signature verification\n * @returns A function that resolves the agent to route the email to, or null if signature is invalid\n *\n * @example\n * ```typescript\n * // In your email handler\n * const secureResolver = createSecureReplyEmailResolver(env.EMAIL_SECRET, {\n * maxAge: 7 * 24 * 60 * 60, // 7 days\n * onInvalidSignature: (email, reason) => {\n * console.warn(`Invalid signature from ${email.from}: ${reason}`);\n * }\n * });\n * const addressResolver = createAddressBasedEmailResolver(\"MyAgent\");\n *\n * await routeAgentEmail(email, env, {\n * resolver: async (email, env) => {\n * // Try secure reply routing first\n * const replyRouting = await secureResolver(email, env);\n * if (replyRouting) return replyRouting;\n * // Fall back to address-based routing\n * return addressResolver(email, env);\n * }\n * });\n * ```\n */\nexport function createSecureReplyEmailResolver<Env>(\n secret: string,\n options?: SecureReplyResolverOptions\n): EmailResolver<Env> {\n if (!secret) {\n throw new Error(\"secret is required for createSecureReplyEmailResolver\");\n }\n\n const maxAge = options?.maxAge ?? DEFAULT_MAX_AGE_SECONDS;\n const onInvalidSignature = options?.onInvalidSignature;\n\n return async (email: ForwardableEmailMessage, _env: Env) => {\n const agentName = email.headers.get(\"x-agent-name\");\n const agentId = email.headers.get(\"x-agent-id\");\n const signature = email.headers.get(\"x-agent-sig\");\n const timestamp = email.headers.get(\"x-agent-sig-ts\");\n\n if (!agentName || !agentId || !signature || !timestamp) {\n onInvalidSignature?.(email, \"missing_headers\");\n return null;\n }\n\n const result = await verifyAgentSignature(\n secret,\n agentName,\n agentId,\n signature,\n timestamp,\n maxAge\n );\n\n if (!result.valid) {\n onInvalidSignature?.(email, result.reason);\n return null;\n }\n\n return { agentName, agentId, _secureRouted: true };\n };\n}\n\n/**\n * Create a resolver that uses the email address to determine the agent to route the email to\n * @param defaultAgentName The default agent name to use if the email address does not contain a sub-address\n * @returns A function that resolves the agent to route the email to\n */\nexport function createAddressBasedEmailResolver<Env>(\n defaultAgentName: string\n): EmailResolver<Env> {\n return async (email: ForwardableEmailMessage, _env: Env) => {\n // Length limits per RFC 5321: local part max 64 chars, domain max 253 chars\n const emailMatch = email.to.match(\n /^([^+@]{1,64})(?:\\+([^@]{1,64}))?@(.{1,253})$/\n );\n if (!emailMatch) {\n return null;\n }\n\n const [, localPart, subAddress] = emailMatch;\n\n if (subAddress) {\n return {\n agentName: localPart,\n agentId: subAddress\n };\n }\n\n // Option 2: Use defaultAgentName namespace, localPart as agentId\n // Common for catch-all email routing to a single EmailAgent namespace\n return {\n agentName: defaultAgentName,\n agentId: localPart\n };\n };\n}\n\n/**\n * Create a resolver that uses the agentName and agentId to determine the agent to route the email to\n * @param agentName The name of the agent to route the email to\n * @param agentId The id of the agent to route the email to\n * @returns A function that resolves the agent to route the email to\n */\nexport function createCatchAllEmailResolver<Env>(\n agentName: string,\n agentId: string\n): EmailResolver<Env> {\n return async () => ({ agentName, agentId });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAqCA,SAAgB,iBAAiB,SAAiC;CAChE,OAAO,QAAQ,MAAM,MAAM;EACzB,MAAM,MAAM,EAAE,IAAI,YAAY;EAC9B,MAAM,QAAQ,EAAE,MAAM,YAAY;EAIlC,IAAI,QAAQ,kBACV,OAAO,UAAU;EAInB,IAAI,QAAQ,4BACV,OAAO;EAIT,IAAI,QAAQ,cACV,OAAO,UAAU,UAAU,UAAU,UAAU,UAAU;EAG3D,OAAO;CACT,CAAC;AACH;;AAOA,MAAa,0BAA0B,MAAU,KAAK;;AAGtD,MAAM,yBAAyB;;;;;;;;;AAU/B,eAAe,sBACb,QACA,WACA,SACA,WACiB;CACjB,MAAM,UAAU,IAAI,YAAY;CAChC,MAAM,MAAM,MAAM,OAAO,OAAO,UAC9B,OACA,QAAQ,OAAO,MAAM,GACrB;EAAE,MAAM;EAAQ,MAAM;CAAU,GAChC,OACA,CAAC,MAAM,CACT;CACA,MAAM,OAAO,QAAQ,OAAO,GAAG,UAAU,GAAG,QAAQ,GAAG,WAAW;CAClE,MAAM,YAAY,MAAM,OAAO,OAAO,KAAK,QAAQ,KAAK,IAAI;CAC5D,OAAO,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,SAAS,CAAC,CAAC;AAC/D;;;;;;;;;;;AAmBA,eAAe,qBACb,QACA,WACA,SACA,WACA,WACA,gBAAwB,yBACc;CACtC,IAAI;EAEF,MAAM,eAAe,OAAO,SAAS,WAAW,EAAE;EAClD,IAAI,OAAO,MAAM,YAAY,GAC3B,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAsB;EAIvD,MAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;EAGxC,IAAI,eAAe,MAAM,wBACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAI3C,IAAI,MAAM,eAAe,eACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAG3C,MAAM,WAAW,MAAM,sBACrB,QACA,WACA,SACA,SACF;EAEA,IAAI,SAAS,WAAW,UAAU,QAChC,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,IAAI,SAAS;EACb,KAAK,IAAI,IAAI,GAAG,IAAI,SAAS,QAAQ,KACnC,UAAU,SAAS,WAAW,CAAC,IAAI,UAAU,WAAW,CAAC;EAE3D,IAAI,WAAW,GACb,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,OAAO,EAAE,OAAO,KAAK;CACvB,SAAS,OAAO;EACd,QAAQ,KAAK,0CAA0C,KAAK;EAC5D,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;CAC3C;AACF;;;;;;;;;;;;;;;;AAiBA,eAAsB,iBACpB,QACA,WACA,SACiC;CACjC,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,8CAA8C;CAEhE,IAAI,CAAC,WACH,MAAM,IAAI,MAAM,iDAAiD;CAEnE,IAAI,CAAC,SACH,MAAM,IAAI,MAAM,+CAA+C;CAIjE,IAAI,UAAU,SAAS,GAAG,GACxB,MAAM,IAAI,MAAM,iCAAiC;CAEnD,IAAI,QAAQ,SAAS,GAAG,GACtB,MAAM,IAAI,MAAM,+BAA+B;CAGjD,MAAM,YAAY,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,CAAC,CAAC,SAAS;CAOzD,OAAO;EACL,gBAAgB;EAChB,cAAc;EACd,eAAe,MATO,sBACtB,QACA,WACA,SACA,SACF;EAKE,kBAAkB;CACpB;AACF;;;;;AAmDA,SAAgB,iCAA0D;CACxE,MAAM,IAAI,MACR,4aAMF;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCA,SAAgB,+BACd,QACA,SACoB;CACpB,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,uDAAuD;CAGzE,MAAM,SAAS,SAAS,UAAA;CACxB,MAAM,qBAAqB,SAAS;CAEpC,OAAO,OAAO,OAAgC,SAAc;EAC1D,MAAM,YAAY,MAAM,QAAQ,IAAI,cAAc;EAClD,MAAM,UAAU,MAAM,QAAQ,IAAI,YAAY;EAC9C,MAAM,YAAY,MAAM,QAAQ,IAAI,aAAa;EACjD,MAAM,YAAY,MAAM,QAAQ,IAAI,gBAAgB;EAEpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,aAAa,CAAC,WAAW;GACtD,qBAAqB,OAAO,iBAAiB;GAC7C,OAAO;EACT;EAEA,MAAM,SAAS,MAAM,qBACnB,QACA,WACA,SACA,WACA,WACA,MACF;EAEA,IAAI,CAAC,OAAO,OAAO;GACjB,qBAAqB,OAAO,OAAO,MAAM;GACzC,OAAO;EACT;EAEA,OAAO;GAAE;GAAW;GAAS,eAAe;EAAK;CACnD;AACF;;;;;;AAOA,SAAgB,gCACd,kBACoB;CACpB,OAAO,OAAO,OAAgC,SAAc;EAE1D,MAAM,aAAa,MAAM,GAAG,MAC1B,+CACF;EACA,IAAI,CAAC,YACH,OAAO;EAGT,MAAM,GAAG,WAAW,cAAc;EAElC,IAAI,YACF,OAAO;GACL,WAAW;GACX,SAAS;EACX;EAKF,OAAO;GACL,WAAW;GACX,SAAS;EACX;CACF;AACF;;;;;;;AAQA,SAAgB,4BACd,WACA,SACoB;CACpB,OAAO,aAAa;EAAE;EAAW;CAAQ;AAC3C"}
@@ -225,6 +225,127 @@ type AgentObservabilityEvent =
225
225
  error: string;
226
226
  }
227
227
  >
228
+ | BaseEvent<
229
+ "action:ledger:replayed",
230
+ {
231
+ action: string;
232
+ key: string;
233
+ inputHash: string;
234
+ }
235
+ >
236
+ | BaseEvent<
237
+ "action:ledger:pending",
238
+ {
239
+ action: string;
240
+ key: string;
241
+ inputHash: string;
242
+ }
243
+ >
244
+ | BaseEvent<
245
+ "action:ledger:conflict",
246
+ {
247
+ action: string;
248
+ key: string;
249
+ inputHash: string;
250
+ }
251
+ >
252
+ | BaseEvent<
253
+ "action:ledger:serialize_failed",
254
+ {
255
+ action: string;
256
+ key: string;
257
+ }
258
+ >
259
+ | BaseEvent<
260
+ "action:ledger:settled",
261
+ {
262
+ action: string;
263
+ key: string;
264
+ inputHash: string;
265
+ }
266
+ >
267
+ | BaseEvent<
268
+ "action:ledger:reclaimed",
269
+ {
270
+ action: string;
271
+ key: string;
272
+ inputHash: string;
273
+ ageMs: number;
274
+ }
275
+ >
276
+ | BaseEvent<
277
+ "action:ledger:swept",
278
+ {
279
+ settled: number;
280
+ pending: number;
281
+ }
282
+ >
283
+ | BaseEvent<
284
+ "action:pause:created",
285
+ {
286
+ action: string;
287
+ executionId: string;
288
+ toolCallId: string;
289
+ }
290
+ >
291
+ | BaseEvent<
292
+ "action:pause:approved",
293
+ {
294
+ action: string;
295
+ executionId: string;
296
+ }
297
+ >
298
+ | BaseEvent<
299
+ "action:pause:rejected",
300
+ {
301
+ action: string;
302
+ executionId: string;
303
+ }
304
+ >
305
+ | BaseEvent<
306
+ "action:pause:swept",
307
+ {
308
+ swept: number;
309
+ }
310
+ >
311
+ | BaseEvent<
312
+ "action:reply-attached",
313
+ {
314
+ action?: string;
315
+ attachmentType: string;
316
+ }
317
+ >
318
+ | BaseEvent<
319
+ "channel:resolved",
320
+ {
321
+ channel: string;
322
+ kind: string;
323
+ requestId?: string;
324
+ }
325
+ >
326
+ | BaseEvent<
327
+ "channel:delivered",
328
+ {
329
+ channel: string;
330
+ kind: string;
331
+ turnEnded: boolean;
332
+ }
333
+ >
334
+ | BaseEvent<
335
+ "notice:delivered",
336
+ {
337
+ channel: string;
338
+ kind: string;
339
+ informModel: boolean;
340
+ }
341
+ >
342
+ | BaseEvent<
343
+ "notice:failed",
344
+ {
345
+ channel: string;
346
+ error: string;
347
+ }
348
+ >
228
349
  | BaseEvent<
229
350
  "fiber:run:started",
230
351
  {
@@ -326,6 +447,29 @@ type AgentObservabilityEvent =
326
447
  error: string;
327
448
  }
328
449
  >
450
+ | BaseEvent<
451
+ "chat:turn:start",
452
+ {
453
+ requestId: string;
454
+ trigger: string;
455
+ admission: string;
456
+ continuation?: boolean;
457
+ generation?: number;
458
+ }
459
+ >
460
+ | BaseEvent<
461
+ "chat:turn:finish",
462
+ {
463
+ requestId: string;
464
+ trigger: string;
465
+ admission: string;
466
+ continuation?: boolean;
467
+ generation?: number;
468
+ status: string;
469
+ durationMs: number;
470
+ error?: string;
471
+ }
472
+ >
329
473
  | BaseEvent<
330
474
  "chat:recovery:detected",
331
475
  {
@@ -508,6 +652,25 @@ type AgentObservabilityEvent =
508
652
  error: string;
509
653
  }
510
654
  >
655
+ | BaseEvent<
656
+ "agent_tool:detached:delivery_failed",
657
+ {
658
+ runId: string /** Which ledger slot was being delivered. */;
659
+ kind:
660
+ | "finish"
661
+ | "give_up" /** Terminal status that was being delivered. */;
662
+ status: string /** The per-run `onFinish` callback name, if one was wired. */;
663
+ callback?: string;
664
+ error: string;
665
+ }
666
+ >
667
+ | BaseEvent<
668
+ "agent_tool:detached:live_count_warning",
669
+ {
670
+ /** Detached runs currently holding a concurrency slot (non-terminal). */ liveCount: number /** The threshold that was crossed. */;
671
+ threshold: number;
672
+ }
673
+ >
511
674
  | BaseEvent<"destroy">
512
675
  | BaseEvent<
513
676
  "connect",
@@ -632,18 +795,19 @@ interface Observability {
632
795
  * Tail Workers via `event.diagnosticsChannelEvents` — no subscription needed.
633
796
  */
634
797
  declare const channels: {
635
- readonly state: Channel<unknown, unknown>;
636
- readonly rpc: Channel<unknown, unknown>;
637
- readonly message: Channel<unknown, unknown>;
638
- readonly chat: Channel<unknown, unknown>;
639
- readonly transcript: Channel<unknown, unknown>;
640
- readonly fiber: Channel<unknown, unknown>;
641
- readonly agentTool: Channel<unknown, unknown>;
642
- readonly schedule: Channel<unknown, unknown>;
643
- readonly lifecycle: Channel<unknown, unknown>;
644
- readonly workflow: Channel<unknown, unknown>;
645
- readonly mcp: Channel<unknown, unknown>;
646
- readonly email: Channel<unknown, unknown>;
798
+ readonly state: Channel<any, any>;
799
+ readonly rpc: Channel<any, any>;
800
+ readonly message: Channel<any, any>;
801
+ readonly chat: Channel<any, any>;
802
+ readonly transcript: Channel<any, any>;
803
+ readonly fiber: Channel<any, any>;
804
+ readonly agentTool: Channel<any, any>;
805
+ readonly schedule: Channel<any, any>;
806
+ readonly lifecycle: Channel<any, any>;
807
+ readonly workflow: Channel<any, any>;
808
+ readonly mcp: Channel<any, any>;
809
+ readonly email: Channel<any, any>;
810
+ readonly channel: Channel<any, any>;
647
811
  };
648
812
  /**
649
813
  * The default observability implementation.
@@ -671,7 +835,11 @@ type ChannelEventMap = {
671
835
  message: Extract<
672
836
  ObservabilityEvent,
673
837
  {
674
- type: `message:${string}` | `tool:${string}` | `submission:${string}`;
838
+ type:
839
+ | `message:${string}`
840
+ | `tool:${string}`
841
+ | `submission:${string}`
842
+ | `action:${string}`;
675
843
  }
676
844
  >;
677
845
  chat: Exclude<
@@ -733,6 +901,12 @@ type ChannelEventMap = {
733
901
  type: `email:${string}`;
734
902
  }
735
903
  >;
904
+ channel: Extract<
905
+ ObservabilityEvent,
906
+ {
907
+ type: `channel:${string}` | `notice:${string}`;
908
+ }
909
+ >;
736
910
  };
737
911
  /**
738
912
  * Subscribe to a typed observability channel.
@@ -761,4 +935,4 @@ export {
761
935
  MCPObservabilityEvent as s,
762
936
  ChannelEventMap as t
763
937
  };
764
- //# sourceMappingURL=index-B7IbEeze.d.ts.map
938
+ //# sourceMappingURL=index-CcbnKkNh.d.ts.map
package/dist/index.d.ts CHANGED
@@ -1,77 +1,87 @@
1
1
  /// <reference path="../skills-module.d.ts" />
2
2
  import { r as __DO_NOT_USE_WILL_BREAK__agentContext } from "./internal_context-Dg4Cgjcu.js";
3
3
  import {
4
- $ as StreamingResponse,
5
- A as DeleteFibersOptions,
6
- B as MCPServerMessage,
7
- C as AgentNamespace,
8
- D as Connection,
9
- E as CallableMetadata,
10
- F as FiberRecoveryContext,
11
- G as RoutingRetryOptions,
12
- Gt as SUB_PREFIX,
13
- H as QueueItem,
14
- I as FiberRecoveryResult,
15
- J as SendEmailOptions,
16
- Jt as parseSubAgentPath,
17
- K as Schedule,
18
- Kt as SubAgentPathMatch,
19
- L as FiberStatus,
20
- M as EmailSendBinding,
21
- N as FiberContext,
22
- O as ConnectionContext,
23
- P as FiberInspection,
24
- Q as StateUpdateMessage,
25
- R as ListFibersOptions,
26
- S as AgentGetOptions,
27
- T as AgentStaticOptions,
28
- U as RPCRequest,
29
- V as MCPServersState,
30
- W as RPCResponse,
31
- Wt as TransportType,
32
- X as StartFiberOptions,
33
- Y as SqlError,
34
- Yt as routeSubAgentRequest,
35
- Z as StartFiberResult,
36
- _ as RunAgentToolResult,
37
- a as AgentToolEventState,
38
- at as getCurrentAgent,
39
- b as Agent,
40
- c as AgentToolLifecycleResult,
41
- ct as unstable_callable,
42
- d as AgentToolRunState,
43
- et as SubAgentClass,
44
- f as AgentToolRunStatus,
45
- g as RunAgentToolOptions,
46
- h as ChatCapableAgentClass,
47
- i as AgentToolEventMessage,
48
- it as getAgentByName,
49
- j as EmailRoutingOptions,
50
- k as DEFAULT_AGENT_STATIC_OPTIONS,
51
- l as AgentToolRunInfo,
52
- m as AgentToolTerminalStatus,
53
- n as AgentToolDisplayMetadata,
54
- nt as WSMessage,
55
- o as AgentToolFailure,
56
- ot as routeAgentEmail,
57
- p as AgentToolStoredChunk,
58
- q as ScheduleCriteria,
59
- qt as getSubAgentByName,
60
- r as AgentToolEvent,
61
- rt as callable,
62
- s as AgentToolInterruptedReason,
63
- st as routeAgentRequest,
64
- t as AgentToolChildAdapter,
65
- tt as SubAgentStub,
66
- u as AgentToolRunInspection,
67
- v as AddMcpServerOptions,
68
- vt as MCP_SERVER_ID_MAX_LENGTH,
69
- w as AgentOptions,
70
- x as AgentContext,
71
- xt as normalizeServerId,
72
- y as AddRpcMcpServerOptions,
73
- z as MCPServer
74
- } from "./agent-tool-types-CTw3UJUP.js";
4
+ $ as RoutingRetryOptions,
5
+ A as AgentGetOptions,
6
+ B as EmailSendBinding,
7
+ C as DetachedRunAgentToolResult,
8
+ D as AddRpcMcpServerOptions,
9
+ E as AddMcpServerOptions,
10
+ F as Connection,
11
+ G as FiberStatus,
12
+ H as FiberInspection,
13
+ I as ConnectionContext,
14
+ J as MCPServerMessage,
15
+ K as ListFibersOptions,
16
+ L as DEFAULT_AGENT_STATIC_OPTIONS,
17
+ M as AgentOptions,
18
+ N as AgentStaticOptions,
19
+ O as Agent,
20
+ Ot as MCP_SERVER_ID_MAX_LENGTH,
21
+ P as CallableMetadata,
22
+ Q as RPCResponse,
23
+ R as DeleteFibersOptions,
24
+ S as DetachedAgentToolConfig,
25
+ T as RunAgentToolResult,
26
+ U as FiberRecoveryContext,
27
+ V as FiberContext,
28
+ W as FiberRecoveryResult,
29
+ X as QueueItem,
30
+ Y as MCPServersState,
31
+ Z as RPCRequest,
32
+ _ as AgentToolRunState,
33
+ _t as MCPAITool,
34
+ a as AgentToolEvent,
35
+ an as routeSubAgentRequest,
36
+ at as StartFiberResult,
37
+ b as AgentToolTerminalStatus,
38
+ c as AgentToolFailure,
39
+ ct as SubAgentClass,
40
+ d as AgentToolMilestone,
41
+ dt as callable,
42
+ en as TransportType,
43
+ et as Schedule,
44
+ f as AgentToolProgress,
45
+ ft as getAgentByName,
46
+ g as AgentToolRunPart,
47
+ gt as unstable_callable,
48
+ h as AgentToolRunInspection,
49
+ ht as routeAgentRequest,
50
+ i as AgentToolDisplayMetadata,
51
+ in as parseSubAgentPath,
52
+ it as StartFiberOptions,
53
+ j as AgentNamespace,
54
+ jt as normalizeServerId,
55
+ k as AgentContext,
56
+ l as AgentToolInterruptedReason,
57
+ lt as SubAgentStub,
58
+ m as AgentToolRunInfo,
59
+ mt as routeAgentEmail,
60
+ n as AGENT_TOOL_PROGRESS_PART,
61
+ nn as SubAgentPathMatch,
62
+ nt as SendEmailOptions,
63
+ o as AgentToolEventMessage,
64
+ ot as StateUpdateMessage,
65
+ p as AgentToolProgressSnapshot,
66
+ pt as getCurrentAgent,
67
+ q as MCPServer,
68
+ r as AgentToolChildAdapter,
69
+ rn as getSubAgentByName,
70
+ rt as SqlError,
71
+ s as AgentToolEventState,
72
+ st as StreamingResponse,
73
+ t as AGENT_TOOL_MILESTONE_PART,
74
+ tn as SUB_PREFIX,
75
+ tt as ScheduleCriteria,
76
+ u as AgentToolLifecycleResult,
77
+ ut as WSMessage,
78
+ v as AgentToolRunStatus,
79
+ vt as MCPAIToolSet,
80
+ w as RunAgentToolOptions,
81
+ x as ChatCapableAgentClass,
82
+ y as AgentToolStoredChunk,
83
+ z as EmailRoutingOptions
84
+ } from "./agent-tool-types-Cd1TZPfB.js";
75
85
  import { n as camelCaseToKebabCase } from "./utils-CGtGDSgA.js";
76
86
  import {
77
87
  i as isPlatformTransientError,
@@ -86,6 +96,8 @@ import {
86
96
  import { t as MessageType } from "./types-6Zo2zfoO.js";
87
97
  import { l as createHeaderBasedEmailResolver } from "./email-CL27preh.js";
88
98
  export {
99
+ AGENT_TOOL_MILESTONE_PART,
100
+ AGENT_TOOL_PROGRESS_PART,
89
101
  AddMcpServerOptions,
90
102
  AddRpcMcpServerOptions,
91
103
  Agent,
@@ -103,8 +115,12 @@ export {
103
115
  type AgentToolFailure,
104
116
  type AgentToolInterruptedReason,
105
117
  type AgentToolLifecycleResult,
118
+ type AgentToolMilestone,
119
+ type AgentToolProgress,
120
+ type AgentToolProgressSnapshot,
106
121
  type AgentToolRunInfo,
107
122
  type AgentToolRunInspection,
123
+ type AgentToolRunPart,
108
124
  type AgentToolRunState,
109
125
  type AgentToolRunStatus,
110
126
  type AgentToolStoredChunk,
@@ -116,6 +132,8 @@ export {
116
132
  type ConnectionContext,
117
133
  DEFAULT_AGENT_STATIC_OPTIONS,
118
134
  DeleteFibersOptions,
135
+ type DetachedAgentToolConfig,
136
+ type DetachedRunAgentToolResult,
119
137
  DurableObjectOAuthClientProvider,
120
138
  EmailRoutingOptions,
121
139
  EmailSendBinding,
@@ -125,6 +143,8 @@ export {
125
143
  FiberRecoveryResult,
126
144
  FiberStatus,
127
145
  ListFibersOptions,
146
+ type MCPAITool,
147
+ type MCPAIToolSet,
128
148
  MCPServer,
129
149
  MCPServerMessage,
130
150
  MCPServersState,