agents 0.16.2 → 0.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (126) hide show
  1. package/README.md +11 -8
  2. package/dist/{agent-tool-types-CTw3UJUP.d.ts → agent-tool-types-CNyE1iz_.d.ts} +671 -138
  3. package/dist/agent-tool-types.d.ts +34 -18
  4. package/dist/agent-tool-types.js +20 -1
  5. package/dist/agent-tool-types.js.map +1 -0
  6. package/dist/agent-tools-BXlsuX0d.js +304 -0
  7. package/dist/agent-tools-BXlsuX0d.js.map +1 -0
  8. package/dist/agent-tools-CSnyGvJ2.d.ts +119 -0
  9. package/dist/agent-tools.d.ts +24 -18
  10. package/dist/agent-tools.js.map +1 -1
  11. package/dist/ai-chat-agent.d.ts +1 -1
  12. package/dist/ai-chat-agent.js +1 -2
  13. package/dist/ai-chat-agent.js.map +1 -1
  14. package/dist/ai-chat-v5-migration.d.ts +1 -1
  15. package/dist/ai-chat-v5-migration.js +1 -2
  16. package/dist/ai-chat-v5-migration.js.map +1 -1
  17. package/dist/ai-react.d.ts +1 -1
  18. package/dist/ai-react.js +1 -2
  19. package/dist/ai-react.js.map +1 -1
  20. package/dist/ai-types.d.ts +1 -7
  21. package/dist/ai-types.js +2 -8
  22. package/dist/ai-types.js.map +1 -1
  23. package/dist/browser/ai.js +1 -1
  24. package/dist/browser/index.js +1 -1
  25. package/dist/chat/index.d.ts +2033 -77
  26. package/dist/chat/index.js +1828 -245
  27. package/dist/chat/index.js.map +1 -1
  28. package/dist/chat/react.d.ts +602 -0
  29. package/dist/chat/react.js +1506 -0
  30. package/dist/chat/react.js.map +1 -0
  31. package/dist/chat-sdk/index.d.ts +4 -4
  32. package/dist/{classPrivateFieldGet2-CZ7QjTXN.js → classPrivateFieldGet2-DZBYAB34.js} +5 -5
  33. package/dist/{classPrivateMethodInitSpec-D-0__zd9.js → classPrivateMethodInitSpec-qMjJ6sHQ.js} +2 -2
  34. package/dist/{client-BXJ9n2f7.js → client-BZ-B3NhC.js} +2 -2
  35. package/dist/client-BZ-B3NhC.js.map +1 -0
  36. package/dist/client-tools-aIBO0Fk7.d.ts +53 -0
  37. package/dist/client.d.ts +76 -57
  38. package/dist/client.js +33 -5
  39. package/dist/client.js.map +1 -1
  40. package/dist/{connector-CrKhowfD.js → connector-CdldGF3h.js} +5 -5
  41. package/dist/{connector-CrKhowfD.js.map → connector-CdldGF3h.js.map} +1 -1
  42. package/dist/email.js +1 -1
  43. package/dist/email.js.map +1 -1
  44. package/dist/{index-B7IbEeze.d.ts → index-BRnybD6X.d.ts} +197 -14
  45. package/dist/index.d.ts +95 -73
  46. package/dist/index.js +694 -25
  47. package/dist/index.js.map +1 -1
  48. package/dist/mcp/client.d.ts +18 -14
  49. package/dist/mcp/client.js +1 -1
  50. package/dist/mcp/index.d.ts +30 -30
  51. package/dist/mcp/index.js +7 -7
  52. package/dist/mcp/index.js.map +1 -1
  53. package/dist/{agent-tools-3zLG7MgA.js → message-builder-BymO4N_D.js} +45 -126
  54. package/dist/message-builder-BymO4N_D.js.map +1 -0
  55. package/dist/observability/index.d.ts +1 -1
  56. package/dist/observability/index.js +4 -2
  57. package/dist/observability/index.js.map +1 -1
  58. package/dist/react.d.ts +123 -110
  59. package/dist/react.js +44 -11
  60. package/dist/react.js.map +1 -1
  61. package/dist/{retries-CwlpAGet.d.ts → retries-CvHJwSuh.d.ts} +15 -6
  62. package/dist/retries.d.ts +8 -6
  63. package/dist/retries.js +44 -1
  64. package/dist/retries.js.map +1 -1
  65. package/dist/serializable.d.ts +1 -1
  66. package/dist/skills/compile.js +1 -1
  67. package/dist/skills/compile.js.map +1 -1
  68. package/dist/skills/index.js +5 -5
  69. package/dist/skills/index.js.map +1 -1
  70. package/dist/sub-routing.d.ts +6 -6
  71. package/dist/utils.js +1 -1
  72. package/dist/utils.js.map +1 -1
  73. package/dist/vite.js +5 -5
  74. package/dist/vite.js.map +1 -1
  75. package/dist/wire-types-nflOzNuU.js +240 -0
  76. package/dist/wire-types-nflOzNuU.js.map +1 -0
  77. package/dist/{workflow-types-SrZK_o9p.d.ts → workflow-types-Baz_PO5v.d.ts} +42 -22
  78. package/dist/workflow-types.d.ts +25 -21
  79. package/dist/workflow-types.js.map +1 -1
  80. package/dist/workflows.d.ts +22 -21
  81. package/dist/workflows.js +31 -7
  82. package/dist/workflows.js.map +1 -1
  83. package/docs/adding-to-existing-project.md +450 -0
  84. package/docs/agent-class.md +503 -0
  85. package/docs/agent-tools.md +552 -0
  86. package/docs/browse-the-web.md +430 -0
  87. package/docs/callable-methods.md +627 -0
  88. package/docs/chat-agents.md +1696 -0
  89. package/docs/chat-sdk.md +181 -0
  90. package/docs/client-sdk.md +520 -0
  91. package/docs/client-tools-continuation.md +177 -0
  92. package/docs/codemode.md +440 -0
  93. package/docs/configuration.md +775 -0
  94. package/docs/cross-domain-authentication.md +171 -0
  95. package/docs/durable-execution.md +537 -0
  96. package/docs/email.md +663 -0
  97. package/docs/get-current-agent.md +204 -0
  98. package/docs/getting-started.md +305 -0
  99. package/docs/http-websockets.md +668 -0
  100. package/docs/human-in-the-loop.md +661 -0
  101. package/docs/index.md +151 -0
  102. package/docs/long-running-agents.md +730 -0
  103. package/docs/mcp-client.md +620 -0
  104. package/docs/mcp-servers.md +526 -0
  105. package/docs/mcp-transports.md +308 -0
  106. package/docs/migration-to-ai-sdk-v5.md +96 -0
  107. package/docs/migration-to-ai-sdk-v6.md +163 -0
  108. package/docs/observability.md +261 -0
  109. package/docs/push-notifications.md +367 -0
  110. package/docs/queue.md +329 -0
  111. package/docs/readonly-connections.md +278 -0
  112. package/docs/resumable-streaming.md +127 -0
  113. package/docs/retries.md +444 -0
  114. package/docs/routing.md +749 -0
  115. package/docs/scheduling.md +898 -0
  116. package/docs/securing-mcp-servers.md +359 -0
  117. package/docs/server-driven-messages.md +477 -0
  118. package/docs/sessions.md +1024 -0
  119. package/docs/state.md +512 -0
  120. package/docs/sub-agents.md +389 -0
  121. package/docs/webhooks.md +604 -0
  122. package/docs/workflows.md +877 -0
  123. package/package.json +41 -14
  124. package/dist/agent-tools-3zLG7MgA.js.map +0 -1
  125. package/dist/agent-tools-DZhI5F6Q.d.ts +0 -14
  126. package/dist/client-BXJ9n2f7.js.map +0 -1
package/dist/email.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"email.js","names":[],"sources":["../src/email.ts"],"sourcesContent":["/**\n * Email routing types, resolvers, and signing utilities for Agents\n */\n\n// Re-export AgentEmail type\nexport type { AgentEmail } from \"./internal_context\";\n\n// ============================================================================\n// Email header utilities\n// ============================================================================\n\n/**\n * Header object as returned by postal-mime and similar email parsing libraries.\n * Each header has a lowercase key and a string value.\n */\nexport type EmailHeader = {\n /** Lowercase header name (e.g., \"content-type\", \"x-custom-header\") */\n key: string;\n /** Header value */\n value: string;\n};\n\n/**\n * Check if an email appears to be an auto-reply based on standard headers.\n * Checks for Auto-Submitted (RFC 3834), X-Auto-Response-Suppress, and Precedence headers.\n *\n * @param headers - Headers array from postal-mime Email.headers or similar format\n * @returns true if email appears to be an auto-reply\n *\n * @example\n * ```typescript\n * if (isAutoReplyEmail(parsed.headers)) {\n * // Skip processing auto-replies\n * return;\n * }\n * ```\n */\nexport function isAutoReplyEmail(headers: EmailHeader[]): boolean {\n return headers.some((h) => {\n const key = h.key.toLowerCase();\n const value = h.value.toLowerCase();\n\n // RFC 3834: Auto-Submitted header\n // \"no\" means normal (human-sent) email, anything else indicates auto-reply\n if (key === \"auto-submitted\") {\n return value !== \"no\";\n }\n\n // X-Auto-Response-Suppress: any value indicates sender doesn't want auto-replies\n if (key === \"x-auto-response-suppress\") {\n return true;\n }\n\n // Precedence: only bulk/junk/list indicate automated/mass mail\n if (key === \"precedence\") {\n return value === \"bulk\" || value === \"junk\" || value === \"list\";\n }\n\n return false;\n });\n}\n\n// ============================================================================\n// Signing utilities\n// ============================================================================\n\n/** Default signature expiration: 30 days in seconds */\nexport const DEFAULT_MAX_AGE_SECONDS = 30 * 24 * 60 * 60;\n\n/** Maximum allowed clock skew for future timestamps: 5 minutes */\nconst MAX_CLOCK_SKEW_SECONDS = 5 * 60;\n\n/**\n * Compute HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param timestamp - Unix timestamp in seconds\n * @returns Base64-encoded HMAC signature\n */\nasync function computeAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n timestamp: string\n): Promise<string> {\n const encoder = new TextEncoder();\n const key = await crypto.subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n const data = encoder.encode(`${agentName}:${agentId}:${timestamp}`);\n const signature = await crypto.subtle.sign(\"HMAC\", key, data);\n return btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n\n/**\n * Result of signature verification\n */\ntype SignatureVerificationResult =\n | { valid: true }\n | { valid: false; reason: \"expired\" | \"invalid\" | \"malformed_timestamp\" };\n\n/**\n * Verify HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param signature - Base64-encoded signature to verify\n * @param timestamp - Unix timestamp in seconds when signature was created\n * @param maxAgeSeconds - Maximum age of signature in seconds (default: 30 days)\n * @returns Verification result with reason if invalid\n */\nasync function verifyAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n signature: string,\n timestamp: string,\n maxAgeSeconds: number = DEFAULT_MAX_AGE_SECONDS\n): Promise<SignatureVerificationResult> {\n try {\n // Validate timestamp format\n const timestampNum = Number.parseInt(timestamp, 10);\n if (Number.isNaN(timestampNum)) {\n return { valid: false, reason: \"malformed_timestamp\" };\n }\n\n // Check timestamp validity\n const now = Math.floor(Date.now() / 1000);\n\n // Reject timestamps too far in the future (prevents extending signature validity)\n if (timestampNum > now + MAX_CLOCK_SKEW_SECONDS) {\n return { valid: false, reason: \"invalid\" };\n }\n\n // Check if signature has expired\n if (now - timestampNum > maxAgeSeconds) {\n return { valid: false, reason: \"expired\" };\n }\n\n const expected = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n // Constant-time comparison to prevent timing attacks\n if (expected.length !== signature.length) {\n return { valid: false, reason: \"invalid\" };\n }\n let result = 0;\n for (let i = 0; i < expected.length; i++) {\n result |= expected.charCodeAt(i) ^ signature.charCodeAt(i);\n }\n if (result !== 0) {\n return { valid: false, reason: \"invalid\" };\n }\n return { valid: true };\n } catch (error) {\n console.warn(\"[agents] Signature verification error:\", error);\n return { valid: false, reason: \"invalid\" };\n }\n}\n\n/**\n * Sign agent routing headers for secure reply flows.\n * Use this when sending outbound emails to ensure replies can be securely routed back.\n *\n * @param secret - Secret key for HMAC signing (store in environment variables)\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @returns Headers object with X-Agent-Name, X-Agent-ID, X-Agent-Sig, and X-Agent-Sig-Ts\n *\n * @example\n * ```typescript\n * const headers = await signAgentHeaders(env.EMAIL_SECRET, \"MyAgent\", this.name);\n * // Use these headers when sending outbound emails\n * ```\n */\nexport async function signAgentHeaders(\n secret: string,\n agentName: string,\n agentId: string\n): Promise<Record<string, string>> {\n if (!secret) {\n throw new Error(\"secret is required for signing agent headers\");\n }\n if (!agentName) {\n throw new Error(\"agentName is required for signing agent headers\");\n }\n if (!agentId) {\n throw new Error(\"agentId is required for signing agent headers\");\n }\n // Reject colons to prevent signature confusion attacks\n // (signature payload uses colon as delimiter: \"agentName:agentId:timestamp\")\n if (agentName.includes(\":\")) {\n throw new Error(\"agentName cannot contain colons\");\n }\n if (agentId.includes(\":\")) {\n throw new Error(\"agentId cannot contain colons\");\n }\n\n const timestamp = Math.floor(Date.now() / 1000).toString();\n const signature = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n return {\n \"X-Agent-Name\": agentName,\n \"X-Agent-ID\": agentId,\n \"X-Agent-Sig\": signature,\n \"X-Agent-Sig-Ts\": timestamp\n };\n}\n\n// ============================================================================\n// Email routing types and resolvers\n// ============================================================================\n\nexport type EmailResolverResult = {\n agentName: string;\n agentId: string;\n /** @internal Indicates this resolver requires secure reply signing */\n _secureRouted?: boolean;\n} | null;\n\nexport type EmailResolver<Env> = (\n email: ForwardableEmailMessage,\n env: Env\n) => Promise<EmailResolverResult>;\n\n/**\n * Reason for signature verification failure\n */\nexport type SignatureFailureReason =\n | \"missing_headers\"\n | \"expired\"\n | \"invalid\"\n | \"malformed_timestamp\";\n\n/**\n * Options for createSecureReplyEmailResolver\n */\nexport type SecureReplyResolverOptions = {\n /**\n * Maximum age of signature in seconds.\n * Signatures older than this will be rejected.\n * Default: 30 days (2592000 seconds)\n */\n maxAge?: number;\n /**\n * Callback invoked when signature verification fails.\n * Useful for logging and debugging.\n */\n onInvalidSignature?: (\n email: ForwardableEmailMessage,\n reason: SignatureFailureReason\n ) => void;\n};\n\n/**\n * @deprecated REMOVED due to security vulnerability (IDOR via spoofed headers).\n * @throws Always throws an error with migration guidance.\n */\nexport function createHeaderBasedEmailResolver<Env>(): EmailResolver<Env> {\n throw new Error(\n \"createHeaderBasedEmailResolver has been removed due to a security vulnerability. \" +\n \"It trusted attacker-controlled email headers for routing, enabling IDOR attacks.\\n\\n\" +\n \"Migration options:\\n\" +\n \" - For inbound mail: use createAddressBasedEmailResolver(agentName)\\n\" +\n \" - For reply flows: use createSecureReplyEmailResolver(secret) with signed headers\\n\\n\" +\n \"See https://github.com/cloudflare/agents/blob/main/docs/email.md for details.\"\n );\n}\n\n/**\n * Create a resolver for routing email replies with signature verification.\n * This resolver verifies that replies contain a valid HMAC signature, preventing\n * attackers from routing emails to arbitrary agent instances.\n *\n * @param secret - Secret key for HMAC verification (must match the key used with signAgentHeaders)\n * @param options - Optional configuration for signature verification\n * @returns A function that resolves the agent to route the email to, or null if signature is invalid\n *\n * @example\n * ```typescript\n * // In your email handler\n * const secureResolver = createSecureReplyEmailResolver(env.EMAIL_SECRET, {\n * maxAge: 7 * 24 * 60 * 60, // 7 days\n * onInvalidSignature: (email, reason) => {\n * console.warn(`Invalid signature from ${email.from}: ${reason}`);\n * }\n * });\n * const addressResolver = createAddressBasedEmailResolver(\"MyAgent\");\n *\n * await routeAgentEmail(email, env, {\n * resolver: async (email, env) => {\n * // Try secure reply routing first\n * const replyRouting = await secureResolver(email, env);\n * if (replyRouting) return replyRouting;\n * // Fall back to address-based routing\n * return addressResolver(email, env);\n * }\n * });\n * ```\n */\nexport function createSecureReplyEmailResolver<Env>(\n secret: string,\n options?: SecureReplyResolverOptions\n): EmailResolver<Env> {\n if (!secret) {\n throw new Error(\"secret is required for createSecureReplyEmailResolver\");\n }\n\n const maxAge = options?.maxAge ?? DEFAULT_MAX_AGE_SECONDS;\n const onInvalidSignature = options?.onInvalidSignature;\n\n return async (email: ForwardableEmailMessage, _env: Env) => {\n const agentName = email.headers.get(\"x-agent-name\");\n const agentId = email.headers.get(\"x-agent-id\");\n const signature = email.headers.get(\"x-agent-sig\");\n const timestamp = email.headers.get(\"x-agent-sig-ts\");\n\n if (!agentName || !agentId || !signature || !timestamp) {\n onInvalidSignature?.(email, \"missing_headers\");\n return null;\n }\n\n const result = await verifyAgentSignature(\n secret,\n agentName,\n agentId,\n signature,\n timestamp,\n maxAge\n );\n\n if (!result.valid) {\n onInvalidSignature?.(email, result.reason);\n return null;\n }\n\n return { agentName, agentId, _secureRouted: true };\n };\n}\n\n/**\n * Create a resolver that uses the email address to determine the agent to route the email to\n * @param defaultAgentName The default agent name to use if the email address does not contain a sub-address\n * @returns A function that resolves the agent to route the email to\n */\nexport function createAddressBasedEmailResolver<Env>(\n defaultAgentName: string\n): EmailResolver<Env> {\n return async (email: ForwardableEmailMessage, _env: Env) => {\n // Length limits per RFC 5321: local part max 64 chars, domain max 253 chars\n const emailMatch = email.to.match(\n /^([^+@]{1,64})(?:\\+([^@]{1,64}))?@(.{1,253})$/\n );\n if (!emailMatch) {\n return null;\n }\n\n const [, localPart, subAddress] = emailMatch;\n\n if (subAddress) {\n return {\n agentName: localPart,\n agentId: subAddress\n };\n }\n\n // Option 2: Use defaultAgentName namespace, localPart as agentId\n // Common for catch-all email routing to a single EmailAgent namespace\n return {\n agentName: defaultAgentName,\n agentId: localPart\n };\n };\n}\n\n/**\n * Create a resolver that uses the agentName and agentId to determine the agent to route the email to\n * @param agentName The name of the agent to route the email to\n * @param agentId The id of the agent to route the email to\n * @returns A function that resolves the agent to route the email to\n */\nexport function createCatchAllEmailResolver<Env>(\n agentName: string,\n agentId: string\n): EmailResolver<Env> {\n return async () => ({ agentName, agentId });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAqCA,SAAgB,iBAAiB,SAAiC;CAChE,OAAO,QAAQ,MAAM,MAAM;EACzB,MAAM,MAAM,EAAE,IAAI,YAAY;EAC9B,MAAM,QAAQ,EAAE,MAAM,YAAY;EAIlC,IAAI,QAAQ,kBACV,OAAO,UAAU;EAInB,IAAI,QAAQ,4BACV,OAAO;EAIT,IAAI,QAAQ,cACV,OAAO,UAAU,UAAU,UAAU,UAAU,UAAU;EAG3D,OAAO;CACT,CAAC;AACH;;AAOA,MAAa,0BAA0B,MAAU,KAAK;;AAGtD,MAAM,yBAAyB;;;;;;;;;AAU/B,eAAe,sBACb,QACA,WACA,SACA,WACiB;CACjB,MAAM,UAAU,IAAI,YAAY;CAChC,MAAM,MAAM,MAAM,OAAO,OAAO,UAC9B,OACA,QAAQ,OAAO,MAAM,GACrB;EAAE,MAAM;EAAQ,MAAM;CAAU,GAChC,OACA,CAAC,MAAM,CACT;CACA,MAAM,OAAO,QAAQ,OAAO,GAAG,UAAU,GAAG,QAAQ,GAAG,WAAW;CAClE,MAAM,YAAY,MAAM,OAAO,OAAO,KAAK,QAAQ,KAAK,IAAI;CAC5D,OAAO,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,SAAS,CAAC,CAAC;AAC/D;;;;;;;;;;;AAmBA,eAAe,qBACb,QACA,WACA,SACA,WACA,WACA,gBAAwB,yBACc;CACtC,IAAI;EAEF,MAAM,eAAe,OAAO,SAAS,WAAW,EAAE;EAClD,IAAI,OAAO,MAAM,YAAY,GAC3B,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAsB;EAIvD,MAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;EAGxC,IAAI,eAAe,MAAM,wBACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAI3C,IAAI,MAAM,eAAe,eACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAG3C,MAAM,WAAW,MAAM,sBACrB,QACA,WACA,SACA,SACF;EAEA,IAAI,SAAS,WAAW,UAAU,QAChC,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,IAAI,SAAS;EACb,KAAK,IAAI,IAAI,GAAG,IAAI,SAAS,QAAQ,KACnC,UAAU,SAAS,WAAW,CAAC,IAAI,UAAU,WAAW,CAAC;EAE3D,IAAI,WAAW,GACb,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,OAAO,EAAE,OAAO,KAAK;CACvB,SAAS,OAAO;EACd,QAAQ,KAAK,0CAA0C,KAAK;EAC5D,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;CAC3C;AACF;;;;;;;;;;;;;;;;AAiBA,eAAsB,iBACpB,QACA,WACA,SACiC;CACjC,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,8CAA8C;CAEhE,IAAI,CAAC,WACH,MAAM,IAAI,MAAM,iDAAiD;CAEnE,IAAI,CAAC,SACH,MAAM,IAAI,MAAM,+CAA+C;CAIjE,IAAI,UAAU,SAAS,GAAG,GACxB,MAAM,IAAI,MAAM,iCAAiC;CAEnD,IAAI,QAAQ,SAAS,GAAG,GACtB,MAAM,IAAI,MAAM,+BAA+B;CAGjD,MAAM,YAAY,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,CAAC,CAAC,SAAS;CAOzD,OAAO;EACL,gBAAgB;EAChB,cAAc;EACd,eAAe,MATO,sBACtB,QACA,WACA,SACA,SACF;EAKE,kBAAkB;CACpB;AACF;;;;;AAmDA,SAAgB,iCAA0D;CACxE,MAAM,IAAI,MACR,qaAMF;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCA,SAAgB,+BACd,QACA,SACoB;CACpB,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,uDAAuD;CAGzE,MAAM,SAAS,SAAS,UAAA;CACxB,MAAM,qBAAqB,SAAS;CAEpC,OAAO,OAAO,OAAgC,SAAc;EAC1D,MAAM,YAAY,MAAM,QAAQ,IAAI,cAAc;EAClD,MAAM,UAAU,MAAM,QAAQ,IAAI,YAAY;EAC9C,MAAM,YAAY,MAAM,QAAQ,IAAI,aAAa;EACjD,MAAM,YAAY,MAAM,QAAQ,IAAI,gBAAgB;EAEpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,aAAa,CAAC,WAAW;GACtD,qBAAqB,OAAO,iBAAiB;GAC7C,OAAO;EACT;EAEA,MAAM,SAAS,MAAM,qBACnB,QACA,WACA,SACA,WACA,WACA,MACF;EAEA,IAAI,CAAC,OAAO,OAAO;GACjB,qBAAqB,OAAO,OAAO,MAAM;GACzC,OAAO;EACT;EAEA,OAAO;GAAE;GAAW;GAAS,eAAe;EAAK;CACnD;AACF;;;;;;AAOA,SAAgB,gCACd,kBACoB;CACpB,OAAO,OAAO,OAAgC,SAAc;EAE1D,MAAM,aAAa,MAAM,GAAG,MAC1B,+CACF;EACA,IAAI,CAAC,YACH,OAAO;EAGT,MAAM,GAAG,WAAW,cAAc;EAElC,IAAI,YACF,OAAO;GACL,WAAW;GACX,SAAS;EACX;EAKF,OAAO;GACL,WAAW;GACX,SAAS;EACX;CACF;AACF;;;;;;;AAQA,SAAgB,4BACd,WACA,SACoB;CACpB,OAAO,aAAa;EAAE;EAAW;CAAQ;AAC3C"}
1
+ {"version":3,"file":"email.js","names":[],"sources":["../src/email.ts"],"sourcesContent":["/**\n * Email routing types, resolvers, and signing utilities for Agents\n */\n\n// Re-export AgentEmail type\nexport type { AgentEmail } from \"./internal_context\";\n\n// ============================================================================\n// Email header utilities\n// ============================================================================\n\n/**\n * Header object as returned by postal-mime and similar email parsing libraries.\n * Each header has a lowercase key and a string value.\n */\nexport type EmailHeader = {\n /** Lowercase header name (e.g., \"content-type\", \"x-custom-header\") */\n key: string;\n /** Header value */\n value: string;\n};\n\n/**\n * Check if an email appears to be an auto-reply based on standard headers.\n * Checks for Auto-Submitted (RFC 3834), X-Auto-Response-Suppress, and Precedence headers.\n *\n * @param headers - Headers array from postal-mime Email.headers or similar format\n * @returns true if email appears to be an auto-reply\n *\n * @example\n * ```typescript\n * if (isAutoReplyEmail(parsed.headers)) {\n * // Skip processing auto-replies\n * return;\n * }\n * ```\n */\nexport function isAutoReplyEmail(headers: EmailHeader[]): boolean {\n return headers.some((h) => {\n const key = h.key.toLowerCase();\n const value = h.value.toLowerCase();\n\n // RFC 3834: Auto-Submitted header\n // \"no\" means normal (human-sent) email, anything else indicates auto-reply\n if (key === \"auto-submitted\") {\n return value !== \"no\";\n }\n\n // X-Auto-Response-Suppress: any value indicates sender doesn't want auto-replies\n if (key === \"x-auto-response-suppress\") {\n return true;\n }\n\n // Precedence: only bulk/junk/list indicate automated/mass mail\n if (key === \"precedence\") {\n return value === \"bulk\" || value === \"junk\" || value === \"list\";\n }\n\n return false;\n });\n}\n\n// ============================================================================\n// Signing utilities\n// ============================================================================\n\n/** Default signature expiration: 30 days in seconds */\nexport const DEFAULT_MAX_AGE_SECONDS = 30 * 24 * 60 * 60;\n\n/** Maximum allowed clock skew for future timestamps: 5 minutes */\nconst MAX_CLOCK_SKEW_SECONDS = 5 * 60;\n\n/**\n * Compute HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param timestamp - Unix timestamp in seconds\n * @returns Base64-encoded HMAC signature\n */\nasync function computeAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n timestamp: string\n): Promise<string> {\n const encoder = new TextEncoder();\n const key = await crypto.subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n );\n const data = encoder.encode(`${agentName}:${agentId}:${timestamp}`);\n const signature = await crypto.subtle.sign(\"HMAC\", key, data);\n return btoa(String.fromCharCode(...new Uint8Array(signature)));\n}\n\n/**\n * Result of signature verification\n */\ntype SignatureVerificationResult =\n | { valid: true }\n | { valid: false; reason: \"expired\" | \"invalid\" | \"malformed_timestamp\" };\n\n/**\n * Verify HMAC-SHA256 signature for agent routing headers\n * @param secret - Secret key for HMAC\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @param signature - Base64-encoded signature to verify\n * @param timestamp - Unix timestamp in seconds when signature was created\n * @param maxAgeSeconds - Maximum age of signature in seconds (default: 30 days)\n * @returns Verification result with reason if invalid\n */\nasync function verifyAgentSignature(\n secret: string,\n agentName: string,\n agentId: string,\n signature: string,\n timestamp: string,\n maxAgeSeconds: number = DEFAULT_MAX_AGE_SECONDS\n): Promise<SignatureVerificationResult> {\n try {\n // Validate timestamp format\n const timestampNum = Number.parseInt(timestamp, 10);\n if (Number.isNaN(timestampNum)) {\n return { valid: false, reason: \"malformed_timestamp\" };\n }\n\n // Check timestamp validity\n const now = Math.floor(Date.now() / 1000);\n\n // Reject timestamps too far in the future (prevents extending signature validity)\n if (timestampNum > now + MAX_CLOCK_SKEW_SECONDS) {\n return { valid: false, reason: \"invalid\" };\n }\n\n // Check if signature has expired\n if (now - timestampNum > maxAgeSeconds) {\n return { valid: false, reason: \"expired\" };\n }\n\n const expected = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n // Constant-time comparison to prevent timing attacks\n if (expected.length !== signature.length) {\n return { valid: false, reason: \"invalid\" };\n }\n let result = 0;\n for (let i = 0; i < expected.length; i++) {\n result |= expected.charCodeAt(i) ^ signature.charCodeAt(i);\n }\n if (result !== 0) {\n return { valid: false, reason: \"invalid\" };\n }\n return { valid: true };\n } catch (error) {\n console.warn(\"[agents] Signature verification error:\", error);\n return { valid: false, reason: \"invalid\" };\n }\n}\n\n/**\n * Sign agent routing headers for secure reply flows.\n * Use this when sending outbound emails to ensure replies can be securely routed back.\n *\n * @param secret - Secret key for HMAC signing (store in environment variables)\n * @param agentName - Name of the agent\n * @param agentId - ID of the agent instance\n * @returns Headers object with X-Agent-Name, X-Agent-ID, X-Agent-Sig, and X-Agent-Sig-Ts\n *\n * @example\n * ```typescript\n * const headers = await signAgentHeaders(env.EMAIL_SECRET, \"MyAgent\", this.name);\n * // Use these headers when sending outbound emails\n * ```\n */\nexport async function signAgentHeaders(\n secret: string,\n agentName: string,\n agentId: string\n): Promise<Record<string, string>> {\n if (!secret) {\n throw new Error(\"secret is required for signing agent headers\");\n }\n if (!agentName) {\n throw new Error(\"agentName is required for signing agent headers\");\n }\n if (!agentId) {\n throw new Error(\"agentId is required for signing agent headers\");\n }\n // Reject colons to prevent signature confusion attacks\n // (signature payload uses colon as delimiter: \"agentName:agentId:timestamp\")\n if (agentName.includes(\":\")) {\n throw new Error(\"agentName cannot contain colons\");\n }\n if (agentId.includes(\":\")) {\n throw new Error(\"agentId cannot contain colons\");\n }\n\n const timestamp = Math.floor(Date.now() / 1000).toString();\n const signature = await computeAgentSignature(\n secret,\n agentName,\n agentId,\n timestamp\n );\n return {\n \"X-Agent-Name\": agentName,\n \"X-Agent-ID\": agentId,\n \"X-Agent-Sig\": signature,\n \"X-Agent-Sig-Ts\": timestamp\n };\n}\n\n// ============================================================================\n// Email routing types and resolvers\n// ============================================================================\n\nexport type EmailResolverResult = {\n agentName: string;\n agentId: string;\n /** @internal Indicates this resolver requires secure reply signing */\n _secureRouted?: boolean;\n} | null;\n\nexport type EmailResolver<Env> = (\n email: ForwardableEmailMessage,\n env: Env\n) => Promise<EmailResolverResult>;\n\n/**\n * Reason for signature verification failure\n */\nexport type SignatureFailureReason =\n | \"missing_headers\"\n | \"expired\"\n | \"invalid\"\n | \"malformed_timestamp\";\n\n/**\n * Options for createSecureReplyEmailResolver\n */\nexport type SecureReplyResolverOptions = {\n /**\n * Maximum age of signature in seconds.\n * Signatures older than this will be rejected.\n * Default: 30 days (2592000 seconds)\n */\n maxAge?: number;\n /**\n * Callback invoked when signature verification fails.\n * Useful for logging and debugging.\n */\n onInvalidSignature?: (\n email: ForwardableEmailMessage,\n reason: SignatureFailureReason\n ) => void;\n};\n\n/**\n * @deprecated REMOVED due to security vulnerability (IDOR via spoofed headers).\n * @throws Always throws an error with migration guidance.\n */\nexport function createHeaderBasedEmailResolver<Env>(): EmailResolver<Env> {\n throw new Error(\n \"createHeaderBasedEmailResolver has been removed due to a security vulnerability. \" +\n \"It trusted attacker-controlled email headers for routing, enabling IDOR attacks.\\n\\n\" +\n \"Migration options:\\n\" +\n \" - For inbound mail: use createAddressBasedEmailResolver(agentName)\\n\" +\n \" - For reply flows: use createSecureReplyEmailResolver(secret) with signed headers\\n\\n\" +\n \"See https://github.com/cloudflare/agents/blob/main/docs/agents/email.md for details.\"\n );\n}\n\n/**\n * Create a resolver for routing email replies with signature verification.\n * This resolver verifies that replies contain a valid HMAC signature, preventing\n * attackers from routing emails to arbitrary agent instances.\n *\n * @param secret - Secret key for HMAC verification (must match the key used with signAgentHeaders)\n * @param options - Optional configuration for signature verification\n * @returns A function that resolves the agent to route the email to, or null if signature is invalid\n *\n * @example\n * ```typescript\n * // In your email handler\n * const secureResolver = createSecureReplyEmailResolver(env.EMAIL_SECRET, {\n * maxAge: 7 * 24 * 60 * 60, // 7 days\n * onInvalidSignature: (email, reason) => {\n * console.warn(`Invalid signature from ${email.from}: ${reason}`);\n * }\n * });\n * const addressResolver = createAddressBasedEmailResolver(\"MyAgent\");\n *\n * await routeAgentEmail(email, env, {\n * resolver: async (email, env) => {\n * // Try secure reply routing first\n * const replyRouting = await secureResolver(email, env);\n * if (replyRouting) return replyRouting;\n * // Fall back to address-based routing\n * return addressResolver(email, env);\n * }\n * });\n * ```\n */\nexport function createSecureReplyEmailResolver<Env>(\n secret: string,\n options?: SecureReplyResolverOptions\n): EmailResolver<Env> {\n if (!secret) {\n throw new Error(\"secret is required for createSecureReplyEmailResolver\");\n }\n\n const maxAge = options?.maxAge ?? DEFAULT_MAX_AGE_SECONDS;\n const onInvalidSignature = options?.onInvalidSignature;\n\n return async (email: ForwardableEmailMessage, _env: Env) => {\n const agentName = email.headers.get(\"x-agent-name\");\n const agentId = email.headers.get(\"x-agent-id\");\n const signature = email.headers.get(\"x-agent-sig\");\n const timestamp = email.headers.get(\"x-agent-sig-ts\");\n\n if (!agentName || !agentId || !signature || !timestamp) {\n onInvalidSignature?.(email, \"missing_headers\");\n return null;\n }\n\n const result = await verifyAgentSignature(\n secret,\n agentName,\n agentId,\n signature,\n timestamp,\n maxAge\n );\n\n if (!result.valid) {\n onInvalidSignature?.(email, result.reason);\n return null;\n }\n\n return { agentName, agentId, _secureRouted: true };\n };\n}\n\n/**\n * Create a resolver that uses the email address to determine the agent to route the email to\n * @param defaultAgentName The default agent name to use if the email address does not contain a sub-address\n * @returns A function that resolves the agent to route the email to\n */\nexport function createAddressBasedEmailResolver<Env>(\n defaultAgentName: string\n): EmailResolver<Env> {\n return async (email: ForwardableEmailMessage, _env: Env) => {\n // Length limits per RFC 5321: local part max 64 chars, domain max 253 chars\n const emailMatch = email.to.match(\n /^([^+@]{1,64})(?:\\+([^@]{1,64}))?@(.{1,253})$/\n );\n if (!emailMatch) {\n return null;\n }\n\n const [, localPart, subAddress] = emailMatch;\n\n if (subAddress) {\n return {\n agentName: localPart,\n agentId: subAddress\n };\n }\n\n // Option 2: Use defaultAgentName namespace, localPart as agentId\n // Common for catch-all email routing to a single EmailAgent namespace\n return {\n agentName: defaultAgentName,\n agentId: localPart\n };\n };\n}\n\n/**\n * Create a resolver that uses the agentName and agentId to determine the agent to route the email to\n * @param agentName The name of the agent to route the email to\n * @param agentId The id of the agent to route the email to\n * @returns A function that resolves the agent to route the email to\n */\nexport function createCatchAllEmailResolver<Env>(\n agentName: string,\n agentId: string\n): EmailResolver<Env> {\n return async () => ({ agentName, agentId });\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAqCA,SAAgB,iBAAiB,SAAiC;CAChE,OAAO,QAAQ,MAAM,MAAM;EACzB,MAAM,MAAM,EAAE,IAAI,YAAY;EAC9B,MAAM,QAAQ,EAAE,MAAM,YAAY;EAIlC,IAAI,QAAQ,kBACV,OAAO,UAAU;EAInB,IAAI,QAAQ,4BACV,OAAO;EAIT,IAAI,QAAQ,cACV,OAAO,UAAU,UAAU,UAAU,UAAU,UAAU;EAG3D,OAAO;CACT,CAAC;AACH;;AAOA,MAAa,0BAA0B,MAAU,KAAK;;AAGtD,MAAM,yBAAyB;;;;;;;;;AAU/B,eAAe,sBACb,QACA,WACA,SACA,WACiB;CACjB,MAAM,UAAU,IAAI,YAAY;CAChC,MAAM,MAAM,MAAM,OAAO,OAAO,UAC9B,OACA,QAAQ,OAAO,MAAM,GACrB;EAAE,MAAM;EAAQ,MAAM;CAAU,GAChC,OACA,CAAC,MAAM,CACT;CACA,MAAM,OAAO,QAAQ,OAAO,GAAG,UAAU,GAAG,QAAQ,GAAG,WAAW;CAClE,MAAM,YAAY,MAAM,OAAO,OAAO,KAAK,QAAQ,KAAK,IAAI;CAC5D,OAAO,KAAK,OAAO,aAAa,GAAG,IAAI,WAAW,SAAS,CAAC,CAAC;AAC/D;;;;;;;;;;;AAmBA,eAAe,qBACb,QACA,WACA,SACA,WACA,WACA,gBAAwB,yBACc;CACtC,IAAI;EAEF,MAAM,eAAe,OAAO,SAAS,WAAW,EAAE;EAClD,IAAI,OAAO,MAAM,YAAY,GAC3B,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAsB;EAIvD,MAAM,MAAM,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI;EAGxC,IAAI,eAAe,MAAM,wBACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAI3C,IAAI,MAAM,eAAe,eACvB,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAG3C,MAAM,WAAW,MAAM,sBACrB,QACA,WACA,SACA,SACF;EAEA,IAAI,SAAS,WAAW,UAAU,QAChC,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,IAAI,SAAS;EACb,KAAK,IAAI,IAAI,GAAG,IAAI,SAAS,QAAQ,KACnC,UAAU,SAAS,WAAW,CAAC,IAAI,UAAU,WAAW,CAAC;EAE3D,IAAI,WAAW,GACb,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;EAE3C,OAAO,EAAE,OAAO,KAAK;CACvB,SAAS,OAAO;EACd,QAAQ,KAAK,0CAA0C,KAAK;EAC5D,OAAO;GAAE,OAAO;GAAO,QAAQ;EAAU;CAC3C;AACF;;;;;;;;;;;;;;;;AAiBA,eAAsB,iBACpB,QACA,WACA,SACiC;CACjC,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,8CAA8C;CAEhE,IAAI,CAAC,WACH,MAAM,IAAI,MAAM,iDAAiD;CAEnE,IAAI,CAAC,SACH,MAAM,IAAI,MAAM,+CAA+C;CAIjE,IAAI,UAAU,SAAS,GAAG,GACxB,MAAM,IAAI,MAAM,iCAAiC;CAEnD,IAAI,QAAQ,SAAS,GAAG,GACtB,MAAM,IAAI,MAAM,+BAA+B;CAGjD,MAAM,YAAY,KAAK,MAAM,KAAK,IAAI,IAAI,GAAI,CAAC,CAAC,SAAS;CAOzD,OAAO;EACL,gBAAgB;EAChB,cAAc;EACd,eAAe,MATO,sBACtB,QACA,WACA,SACA,SACF;EAKE,kBAAkB;CACpB;AACF;;;;;AAmDA,SAAgB,iCAA0D;CACxE,MAAM,IAAI,MACR,4aAMF;AACF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCA,SAAgB,+BACd,QACA,SACoB;CACpB,IAAI,CAAC,QACH,MAAM,IAAI,MAAM,uDAAuD;CAGzE,MAAM,SAAS,SAAS,UAAA;CACxB,MAAM,qBAAqB,SAAS;CAEpC,OAAO,OAAO,OAAgC,SAAc;EAC1D,MAAM,YAAY,MAAM,QAAQ,IAAI,cAAc;EAClD,MAAM,UAAU,MAAM,QAAQ,IAAI,YAAY;EAC9C,MAAM,YAAY,MAAM,QAAQ,IAAI,aAAa;EACjD,MAAM,YAAY,MAAM,QAAQ,IAAI,gBAAgB;EAEpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,aAAa,CAAC,WAAW;GACtD,qBAAqB,OAAO,iBAAiB;GAC7C,OAAO;EACT;EAEA,MAAM,SAAS,MAAM,qBACnB,QACA,WACA,SACA,WACA,WACA,MACF;EAEA,IAAI,CAAC,OAAO,OAAO;GACjB,qBAAqB,OAAO,OAAO,MAAM;GACzC,OAAO;EACT;EAEA,OAAO;GAAE;GAAW;GAAS,eAAe;EAAK;CACnD;AACF;;;;;;AAOA,SAAgB,gCACd,kBACoB;CACpB,OAAO,OAAO,OAAgC,SAAc;EAE1D,MAAM,aAAa,MAAM,GAAG,MAC1B,+CACF;EACA,IAAI,CAAC,YACH,OAAO;EAGT,MAAM,GAAG,WAAW,cAAc;EAElC,IAAI,YACF,OAAO;GACL,WAAW;GACX,SAAS;EACX;EAKF,OAAO;GACL,WAAW;GACX,SAAS;EACX;CACF;AACF;;;;;;;AAQA,SAAgB,4BACd,WACA,SACoB;CACpB,OAAO,aAAa;EAAE;EAAW;CAAQ;AAC3C"}
@@ -176,6 +176,15 @@ type AgentObservabilityEvent =
176
176
  type: string;
177
177
  }
178
178
  >
179
+ | BaseEvent<
180
+ "alarm:memory_limit_reset",
181
+ {
182
+ strikes: number;
183
+ limit: number;
184
+ sealed: boolean;
185
+ error: string;
186
+ }
187
+ >
179
188
  | BaseEvent<
180
189
  "queue:create",
181
190
  {
@@ -225,6 +234,127 @@ type AgentObservabilityEvent =
225
234
  error: string;
226
235
  }
227
236
  >
237
+ | BaseEvent<
238
+ "action:ledger:replayed",
239
+ {
240
+ action: string;
241
+ key: string;
242
+ inputHash: string;
243
+ }
244
+ >
245
+ | BaseEvent<
246
+ "action:ledger:pending",
247
+ {
248
+ action: string;
249
+ key: string;
250
+ inputHash: string;
251
+ }
252
+ >
253
+ | BaseEvent<
254
+ "action:ledger:conflict",
255
+ {
256
+ action: string;
257
+ key: string;
258
+ inputHash: string;
259
+ }
260
+ >
261
+ | BaseEvent<
262
+ "action:ledger:serialize_failed",
263
+ {
264
+ action: string;
265
+ key: string;
266
+ }
267
+ >
268
+ | BaseEvent<
269
+ "action:ledger:settled",
270
+ {
271
+ action: string;
272
+ key: string;
273
+ inputHash: string;
274
+ }
275
+ >
276
+ | BaseEvent<
277
+ "action:ledger:reclaimed",
278
+ {
279
+ action: string;
280
+ key: string;
281
+ inputHash: string;
282
+ ageMs: number;
283
+ }
284
+ >
285
+ | BaseEvent<
286
+ "action:ledger:swept",
287
+ {
288
+ settled: number;
289
+ pending: number;
290
+ }
291
+ >
292
+ | BaseEvent<
293
+ "action:pause:created",
294
+ {
295
+ action: string;
296
+ executionId: string;
297
+ toolCallId: string;
298
+ }
299
+ >
300
+ | BaseEvent<
301
+ "action:pause:approved",
302
+ {
303
+ action: string;
304
+ executionId: string;
305
+ }
306
+ >
307
+ | BaseEvent<
308
+ "action:pause:rejected",
309
+ {
310
+ action: string;
311
+ executionId: string;
312
+ }
313
+ >
314
+ | BaseEvent<
315
+ "action:pause:swept",
316
+ {
317
+ swept: number;
318
+ }
319
+ >
320
+ | BaseEvent<
321
+ "action:reply-attached",
322
+ {
323
+ action?: string;
324
+ attachmentType: string;
325
+ }
326
+ >
327
+ | BaseEvent<
328
+ "channel:resolved",
329
+ {
330
+ channel: string;
331
+ kind: string;
332
+ requestId?: string;
333
+ }
334
+ >
335
+ | BaseEvent<
336
+ "channel:delivered",
337
+ {
338
+ channel: string;
339
+ kind: string;
340
+ turnEnded: boolean;
341
+ }
342
+ >
343
+ | BaseEvent<
344
+ "notice:delivered",
345
+ {
346
+ channel: string;
347
+ kind: string;
348
+ informModel: boolean;
349
+ }
350
+ >
351
+ | BaseEvent<
352
+ "notice:failed",
353
+ {
354
+ channel: string;
355
+ error: string;
356
+ }
357
+ >
228
358
  | BaseEvent<
229
359
  "fiber:run:started",
230
360
  {
@@ -326,6 +456,29 @@ type AgentObservabilityEvent =
326
456
  error: string;
327
457
  }
328
458
  >
459
+ | BaseEvent<
460
+ "chat:turn:start",
461
+ {
462
+ requestId: string;
463
+ trigger: string;
464
+ admission: string;
465
+ continuation?: boolean;
466
+ generation?: number;
467
+ }
468
+ >
469
+ | BaseEvent<
470
+ "chat:turn:finish",
471
+ {
472
+ requestId: string;
473
+ trigger: string;
474
+ admission: string;
475
+ continuation?: boolean;
476
+ generation?: number;
477
+ status: string;
478
+ durationMs: number;
479
+ error?: string;
480
+ }
481
+ >
329
482
  | BaseEvent<
330
483
  "chat:recovery:detected",
331
484
  {
@@ -508,6 +661,25 @@ type AgentObservabilityEvent =
508
661
  error: string;
509
662
  }
510
663
  >
664
+ | BaseEvent<
665
+ "agent_tool:detached:delivery_failed",
666
+ {
667
+ runId: string /** Which ledger slot was being delivered. */;
668
+ kind:
669
+ | "finish"
670
+ | "give_up" /** Terminal status that was being delivered. */;
671
+ status: string /** The per-run `onFinish` callback name, if one was wired. */;
672
+ callback?: string;
673
+ error: string;
674
+ }
675
+ >
676
+ | BaseEvent<
677
+ "agent_tool:detached:live_count_warning",
678
+ {
679
+ /** Detached runs currently holding a concurrency slot (non-terminal). */ liveCount: number /** The threshold that was crossed. */;
680
+ threshold: number;
681
+ }
682
+ >
511
683
  | BaseEvent<"destroy">
512
684
  | BaseEvent<
513
685
  "connect",
@@ -632,18 +804,19 @@ interface Observability {
632
804
  * Tail Workers via `event.diagnosticsChannelEvents` — no subscription needed.
633
805
  */
634
806
  declare const channels: {
635
- readonly state: Channel<unknown, unknown>;
636
- readonly rpc: Channel<unknown, unknown>;
637
- readonly message: Channel<unknown, unknown>;
638
- readonly chat: Channel<unknown, unknown>;
639
- readonly transcript: Channel<unknown, unknown>;
640
- readonly fiber: Channel<unknown, unknown>;
641
- readonly agentTool: Channel<unknown, unknown>;
642
- readonly schedule: Channel<unknown, unknown>;
643
- readonly lifecycle: Channel<unknown, unknown>;
644
- readonly workflow: Channel<unknown, unknown>;
645
- readonly mcp: Channel<unknown, unknown>;
646
- readonly email: Channel<unknown, unknown>;
807
+ readonly state: Channel<any, any>;
808
+ readonly rpc: Channel<any, any>;
809
+ readonly message: Channel<any, any>;
810
+ readonly chat: Channel<any, any>;
811
+ readonly transcript: Channel<any, any>;
812
+ readonly fiber: Channel<any, any>;
813
+ readonly agentTool: Channel<any, any>;
814
+ readonly schedule: Channel<any, any>;
815
+ readonly lifecycle: Channel<any, any>;
816
+ readonly workflow: Channel<any, any>;
817
+ readonly mcp: Channel<any, any>;
818
+ readonly email: Channel<any, any>;
819
+ readonly channel: Channel<any, any>;
647
820
  };
648
821
  /**
649
822
  * The default observability implementation.
@@ -671,7 +844,11 @@ type ChannelEventMap = {
671
844
  message: Extract<
672
845
  ObservabilityEvent,
673
846
  {
674
- type: `message:${string}` | `tool:${string}` | `submission:${string}`;
847
+ type:
848
+ | `message:${string}`
849
+ | `tool:${string}`
850
+ | `submission:${string}`
851
+ | `action:${string}`;
675
852
  }
676
853
  >;
677
854
  chat: Exclude<
@@ -733,6 +910,12 @@ type ChannelEventMap = {
733
910
  type: `email:${string}`;
734
911
  }
735
912
  >;
913
+ channel: Extract<
914
+ ObservabilityEvent,
915
+ {
916
+ type: `channel:${string}` | `notice:${string}`;
917
+ }
918
+ >;
736
919
  };
737
920
  /**
738
921
  * Subscribe to a typed observability channel.
@@ -761,4 +944,4 @@ export {
761
944
  MCPObservabilityEvent as s,
762
945
  ChannelEventMap as t
763
946
  };
764
- //# sourceMappingURL=index-B7IbEeze.d.ts.map
947
+ //# sourceMappingURL=index-BRnybD6X.d.ts.map
package/dist/index.d.ts CHANGED
@@ -1,83 +1,94 @@
1
1
  /// <reference path="../skills-module.d.ts" />
2
2
  import { r as __DO_NOT_USE_WILL_BREAK__agentContext } from "./internal_context-Dg4Cgjcu.js";
3
3
  import {
4
- $ as StreamingResponse,
5
- A as DeleteFibersOptions,
6
- B as MCPServerMessage,
7
- C as AgentNamespace,
8
- D as Connection,
9
- E as CallableMetadata,
10
- F as FiberRecoveryContext,
11
- G as RoutingRetryOptions,
12
- Gt as SUB_PREFIX,
13
- H as QueueItem,
14
- I as FiberRecoveryResult,
15
- J as SendEmailOptions,
16
- Jt as parseSubAgentPath,
17
- K as Schedule,
18
- Kt as SubAgentPathMatch,
19
- L as FiberStatus,
20
- M as EmailSendBinding,
21
- N as FiberContext,
22
- O as ConnectionContext,
23
- P as FiberInspection,
24
- Q as StateUpdateMessage,
25
- R as ListFibersOptions,
26
- S as AgentGetOptions,
27
- T as AgentStaticOptions,
28
- U as RPCRequest,
29
- V as MCPServersState,
30
- W as RPCResponse,
31
- Wt as TransportType,
32
- X as StartFiberOptions,
33
- Y as SqlError,
34
- Yt as routeSubAgentRequest,
35
- Z as StartFiberResult,
36
- _ as RunAgentToolResult,
37
- a as AgentToolEventState,
38
- at as getCurrentAgent,
39
- b as Agent,
40
- c as AgentToolLifecycleResult,
41
- ct as unstable_callable,
42
- d as AgentToolRunState,
43
- et as SubAgentClass,
44
- f as AgentToolRunStatus,
45
- g as RunAgentToolOptions,
46
- h as ChatCapableAgentClass,
47
- i as AgentToolEventMessage,
48
- it as getAgentByName,
49
- j as EmailRoutingOptions,
50
- k as DEFAULT_AGENT_STATIC_OPTIONS,
51
- l as AgentToolRunInfo,
52
- m as AgentToolTerminalStatus,
53
- n as AgentToolDisplayMetadata,
54
- nt as WSMessage,
55
- o as AgentToolFailure,
56
- ot as routeAgentEmail,
57
- p as AgentToolStoredChunk,
58
- q as ScheduleCriteria,
59
- qt as getSubAgentByName,
60
- r as AgentToolEvent,
61
- rt as callable,
62
- s as AgentToolInterruptedReason,
63
- st as routeAgentRequest,
64
- t as AgentToolChildAdapter,
65
- tt as SubAgentStub,
66
- u as AgentToolRunInspection,
67
- v as AddMcpServerOptions,
68
- vt as MCP_SERVER_ID_MAX_LENGTH,
69
- w as AgentOptions,
70
- x as AgentContext,
71
- xt as normalizeServerId,
72
- y as AddRpcMcpServerOptions,
73
- z as MCPServer
74
- } from "./agent-tool-types-CTw3UJUP.js";
4
+ $ as RoutingRetryOptions,
5
+ A as AgentGetOptions,
6
+ B as EmailSendBinding,
7
+ C as DetachedRunAgentToolResult,
8
+ D as AddRpcMcpServerOptions,
9
+ E as AddMcpServerOptions,
10
+ F as Connection,
11
+ G as FiberStatus,
12
+ H as FiberInspection,
13
+ I as ConnectionContext,
14
+ J as MCPServerMessage,
15
+ K as ListFibersOptions,
16
+ L as DEFAULT_AGENT_STATIC_OPTIONS,
17
+ M as AgentOptions,
18
+ N as AgentStaticOptions,
19
+ O as Agent,
20
+ Ot as MCP_SERVER_ID_MAX_LENGTH,
21
+ P as CallableMetadata,
22
+ Q as RPCResponse,
23
+ R as DeleteFibersOptions,
24
+ S as DetachedAgentToolConfig,
25
+ T as RunAgentToolResult,
26
+ U as FiberRecoveryContext,
27
+ V as FiberContext,
28
+ W as FiberRecoveryResult,
29
+ X as QueueItem,
30
+ Y as MCPServersState,
31
+ Z as RPCRequest,
32
+ _ as AgentToolRunState,
33
+ _t as MCPAITool,
34
+ a as AgentToolEvent,
35
+ an as routeSubAgentRequest,
36
+ at as StartFiberResult,
37
+ b as AgentToolTerminalStatus,
38
+ c as AgentToolFailure,
39
+ ct as SubAgentClass,
40
+ d as AgentToolMilestone,
41
+ dt as callable,
42
+ en as TransportType,
43
+ et as Schedule,
44
+ f as AgentToolProgress,
45
+ ft as getAgentByName,
46
+ g as AgentToolRunPart,
47
+ gt as unstable_callable,
48
+ h as AgentToolRunInspection,
49
+ ht as routeAgentRequest,
50
+ i as AgentToolDisplayMetadata,
51
+ in as parseSubAgentPath,
52
+ it as StartFiberOptions,
53
+ j as AgentNamespace,
54
+ jt as normalizeServerId,
55
+ k as AgentContext,
56
+ l as AgentToolInterruptedReason,
57
+ lt as SubAgentStub,
58
+ m as AgentToolRunInfo,
59
+ mt as routeAgentEmail,
60
+ n as AGENT_TOOL_PROGRESS_PART,
61
+ nn as SubAgentPathMatch,
62
+ nt as SendEmailOptions,
63
+ o as AgentToolEventMessage,
64
+ ot as StateUpdateMessage,
65
+ p as AgentToolProgressSnapshot,
66
+ pt as getCurrentAgent,
67
+ q as MCPServer,
68
+ r as AgentToolChildAdapter,
69
+ rn as getSubAgentByName,
70
+ rt as SqlError,
71
+ s as AgentToolEventState,
72
+ st as StreamingResponse,
73
+ t as AGENT_TOOL_MILESTONE_PART,
74
+ tn as SUB_PREFIX,
75
+ tt as ScheduleCriteria,
76
+ u as AgentToolLifecycleResult,
77
+ ut as WSMessage,
78
+ v as AgentToolRunStatus,
79
+ vt as MCPAIToolSet,
80
+ w as RunAgentToolOptions,
81
+ x as ChatCapableAgentClass,
82
+ y as AgentToolStoredChunk,
83
+ z as EmailRoutingOptions
84
+ } from "./agent-tool-types-CNyE1iz_.js";
75
85
  import { n as camelCaseToKebabCase } from "./utils-CGtGDSgA.js";
76
86
  import {
77
- i as isPlatformTransientError,
87
+ a as isPlatformTransientError,
78
88
  n as isDurableObjectCodeUpdateReset,
89
+ r as isDurableObjectMemoryLimitReset,
79
90
  t as RetryOptions
80
- } from "./retries-CwlpAGet.js";
91
+ } from "./retries-CvHJwSuh.js";
81
92
  import {
82
93
  n as AgentsOAuthProvider,
83
94
  r as DurableObjectOAuthClientProvider,
@@ -86,6 +97,8 @@ import {
86
97
  import { t as MessageType } from "./types-6Zo2zfoO.js";
87
98
  import { l as createHeaderBasedEmailResolver } from "./email-CL27preh.js";
88
99
  export {
100
+ AGENT_TOOL_MILESTONE_PART,
101
+ AGENT_TOOL_PROGRESS_PART,
89
102
  AddMcpServerOptions,
90
103
  AddRpcMcpServerOptions,
91
104
  Agent,
@@ -103,8 +116,12 @@ export {
103
116
  type AgentToolFailure,
104
117
  type AgentToolInterruptedReason,
105
118
  type AgentToolLifecycleResult,
119
+ type AgentToolMilestone,
120
+ type AgentToolProgress,
121
+ type AgentToolProgressSnapshot,
106
122
  type AgentToolRunInfo,
107
123
  type AgentToolRunInspection,
124
+ type AgentToolRunPart,
108
125
  type AgentToolRunState,
109
126
  type AgentToolRunStatus,
110
127
  type AgentToolStoredChunk,
@@ -116,6 +133,8 @@ export {
116
133
  type ConnectionContext,
117
134
  DEFAULT_AGENT_STATIC_OPTIONS,
118
135
  DeleteFibersOptions,
136
+ type DetachedAgentToolConfig,
137
+ type DetachedRunAgentToolResult,
119
138
  DurableObjectOAuthClientProvider,
120
139
  EmailRoutingOptions,
121
140
  EmailSendBinding,
@@ -125,6 +144,8 @@ export {
125
144
  FiberRecoveryResult,
126
145
  FiberStatus,
127
146
  ListFibersOptions,
147
+ type MCPAITool,
148
+ type MCPAIToolSet,
128
149
  MCPServer,
129
150
  MCPServerMessage,
130
151
  MCPServersState,
@@ -159,6 +180,7 @@ export {
159
180
  getCurrentAgent,
160
181
  getSubAgentByName,
161
182
  isDurableObjectCodeUpdateReset,
183
+ isDurableObjectMemoryLimitReset,
162
184
  isPlatformTransientError,
163
185
  normalizeServerId,
164
186
  parseSubAgentPath,