antpath 0.2.1 → 0.4.0

package/docs/events.md

@@ -4,105 +4,41 @@ title: Events
 
 # Events
 
-Claude Managed Agents sessions run autonomously on Anthropic's infrastructure.
-They are **non-blocking**: the SDK opens a long-lived SSE stream while the
-agent thinks, calls tools, and emits messages on its own schedule. The SDK
-cannot intercept a tool call to return a value — `permission_policy` is
-`always_allow`. This guide covers the observe-only event surface.
+Claude Managed Agents sessions run autonomously on Anthropic's infrastructure. They are **non-blocking**: the worker polls the provider session while the agent thinks, calls tools, and emits messages on its own schedule, and persists every captured event to the dashboard. The SDK and CLI observe the durable event timeline from the dashboard — there is no in-process tool-approval hook (`permission_policy` is `always_allow`).
 
 ## Two ways to consume events
 
 ```ts
-// Push: register a callback in RunOptions.
-const handle = await client.run(template, {
-  onEvent: async (event) => {
-    if (event.type === "provider.event") {
-      // event.event is a ProviderEvent (typed via a type guard below).
-    }
-  }
-});
-await handle.wait();
+// Pull a snapshot of every event captured so far.
+const events = await ref.events();
 ```
 
 ```ts
-// Pull: iterate the stream concurrently with handle.wait().
-const handle = await client.run(template);
-const collect = (async () => {
-  for await (const event of handle.streamEvents()) {
+// Stream live: yields each event exactly once, stops when the run reaches
+// a terminal status. Backed by polling the dashboard events endpoint.
+for await (const event of ref.stream({ intervalMs: 1000 })) {
+  if (event.type === "agent.message") {
     // ...
   }
-})();
-const result = await handle.wait();
-await collect;
-```
-
-Both surfaces observe the same events. They can be used together; every
-subscriber sees every event. A subscriber attached after `client.run()`
-returns replays the events it missed (including the initial
-`sdk.status` emitted while provider resources were being created), then
-continues live.
-
-## Event shape
-
-```ts
-type RunEvent =
-  | { type: "sdk.status"; status: RunStatus; at: string }
-  | { type: "sdk.message_sent"; index: number; at: string }
-  | { type: "sdk.cleanup"; ... }       // see "Cleanup events" below
-  | { type: "provider.event"; event: ProviderEvent; at: string };
-
-interface ProviderEvent {
-  type: string;       // documented Claude event type, e.g. "agent.tool_use"
-  payload: unknown;   // raw provider payload, redacted
-  receivedAt: string;
 }
 ```
 
-All events pass through the SDK's secret redaction before reaching any
-subscriber, so payloads do not contain the Anthropic key or MCP credentials
-that were supplied to `client.run()`.
+The CLI mirrors the same surface:
 
-## Drain-before-`wait()` guarantee
-
-By the time `await handle.wait()` resolves, every `onEvent` invocation
-triggered by events emitted before the terminal `sdk.status` has itself
-resolved or rejected. Async handlers are invoked serially in event order on
-a single per-listener promise chain, so callers can persist events in order
-without their own queue.
-
-The same drain applies to handlers that throw — both modes (warn-only and
-abort-on-error, see below) wait for the offending invocation to settle
-before resolving.
-
-## Error semantics
-
-Default: a handler that throws (or returns a rejecting promise) is logged
-via the SDK's configured `logger` at `warn`. The run continues, and the
-final result is unaffected.
-
-Opt-in: `onEventAbortOnError: true` upgrades the **first** pre-terminal
-handler error into a `RunStateError` that fails the run. Once terminal
-status has been reached, listener errors are always logged only — they
-never mutate the result, and they cannot trigger recursion when the
-terminal `sdk.status: failed` event itself causes another error.
+```bash
+antpath events <run-id> --api-token … --workspace … --dashboard-url …            # snapshot
+antpath events <run-id> --follow --api-token … --workspace … --dashboard-url …   # stream until terminal
+```
 
-`RunStateError.message` and its `cause` field pass through the same
-redaction layer used for events.
+Both surfaces observe the same events. A subscriber attached after `submitRun()` returns replays the events it missed, then continues live.
 
-## Cleanup events
+## Event shape
 
-`sdk.cleanup` events are part of the `RunEvent` union, but they are
-emitted by `handle.cleanup()` after `handle.wait()` has already resolved.
-By that time the event bus has been closed; subscribers attached during
-the run do **not** see them. Inspect cleanup outcomes via the
-`CleanupResult.operations` array returned by `cleanup()` instead.
+Events are typed as the discriminated `RunEvent` union — agent messages, tool uses, tool results, session status transitions, sdk lifecycle events, span events. The dashboard records the raw provider payload **after** secret redaction and structural sanitization, so the bytes you see in `event.payload` never contain the Anthropic key, MCP credentials, or proxy bearer that were supplied to `submitRun`.
 
 ## Typed helpers
 
-`packages/sdk/src/providers/known-events.ts` exports conservative type
-guards that narrow `ProviderEvent.type` to documented Claude event strings.
-They do **not** assert payload field shapes — the raw provider payload
-stays `unknown` until callers parse it themselves.
+The package exports conservative type guards that narrow events to documented Claude event types:
 
 ```ts
 import {
@@ -125,5 +61,6 @@ import {
 } from "antpath";
 ```
 
-The official list of event types is maintained at
-[`platform.claude.com/docs/en/managed-agents/events-and-streaming`](https://platform.claude.com/docs/en/managed-agents/events-and-streaming).
+They narrow only the discriminant — payload field shapes stay `unknown` until callers parse them.
+
+The official list of event types is maintained at [`platform.claude.com/docs/en/managed-agents/events-and-streaming`](https://platform.claude.com/docs/en/managed-agents/events-and-streaming).

package/docs/outputs.md

@@ -4,13 +4,24 @@ title: Outputs
 
 # Outputs
 
-`downloadOutputs()` downloads all session-scoped provider files by default.
+Every run captures provider session-scoped files into private Supabase Storage. List and download them through whichever surface is convenient.
 
-`/antpath/outputs` is a recommended convention, not a provider default. Templates may instruct agents to write important artifacts there, but MVP output download still uses session-scoped files.
+```ts
+const outputs = await ref.outputs();             // OutputSummary[]
+const { url } = await client.createOutputLink(ref.runId, outputs[0].id);
+```
+
+```bash
+antpath outputs list <run-id>       --api-token … --workspace … --dashboard-url …
+antpath outputs download <run-id> <output-id> --out ./dir \
+                                    --api-token … --workspace … --dashboard-url …
+```
+
+`/antpath/outputs` is a recommended convention, not a provider default. Templates may instruct agents to write important artifacts there, but every session-scoped provider file is captured unconditionally (bounded only by the workspace storage cap; skipped files are recorded as `output_capture_failures`).
 
 Safety rules:
 
 - filenames are sanitized;
 - downloads stay within the requested local directory;
-- max file count and max total bytes are enforced;
-- manifests contain provider file IDs, local paths, names, and sizes only.
+- signed download links are short-lived;
+- manifests contain provider file IDs, local paths, names, and sizes only — never file bytes.

package/docs/quickstart.md

@@ -4,10 +4,44 @@ title: antpath quickstart
 
 # Quickstart
 
-1. Put `ANTHROPIC_API_KEY` in `.env.local`.
-2. Define a secret-free Template in TypeScript.
-3. Create `AntpathClient`.
-4. Run the Template.
-5. Wait, download files, then call `cleanup()`.
+1. Get an antpath SDK API token (`ant_…`).
+2. Define a secret-free Template in TypeScript (or JSON / a `.mjs` default export).
+3. Create `AntpathClient` — the workspace is derived server-side from the token.
+4. Submit the run with an inline `secrets` bundle. Wait for terminal status. Fetch outputs.
 
-See `README.md` for a minimal example.
+```ts
+import { AntpathClient, defineTemplate, string } from "antpath";
+
+const client = new AntpathClient({
+  apiToken: process.env.ANTPATH_API_TOKEN!
+  // baseUrl defaults to https://antpath.ai — set it for self-hosted deployments.
+});
+
+const template = defineTemplate({
+  name: "hello",
+  model: "claude-haiku-4-5",
+  messages: ["Write a short answer about {{topic}}."],
+  variables: { topic: string() }
+});
+
+const ref = await client.submitRun(template, {
+  variables: { topic: "agent-first SDK design" },
+  secrets: { anthropic: { apiKey: process.env.ANTHROPIC_API_KEY! } }
+});
+
+const run = await ref.wait();
+console.log(run.status);
+console.log(await ref.outputs());
+```
+
+Or from the shell:
+
+```bash
+antpath run ./template.json \
+  --api-token "$ANTPATH_API_TOKEN" \
+  --anthropic-api-key "$ANTHROPIC_API_KEY" \
+  --var topic="agent-first SDK design" \
+  --follow
+```
+
+Both surfaces hit the same dashboard BFF and operate on the same durable run records — pick whichever is most convenient.

package/docs/release.md

@@ -4,19 +4,64 @@ title: Release
 
 # Release
 
-CI runs on pull requests and pushes to `main`.
+Releasing is **atomic** and **driven by `packages/sdk/package.json#version`**: bump the SDK version on `main` and the publish pipeline carries that exact version through npm → git tag → GitHub Release in one job. Any push to `main` that does not bump the version is a publish no-op.
 
-Publishing runs when a GitHub release is published, or when the publish workflow is manually dispatched.
+## How to ship a release
 
-Repository setup required:
+1. On a branch, bump `packages/sdk/package.json#version` to the next semver. Land any companion code/doc changes in the same PR.
+2. Merge into `main` (or push directly if you have the right). The pre-push hook (see [Local guard rails](#local-guard-rails)) refuses the push if the local version still matches what's on npm or has already been git-tagged.
+3. CI (`.github/workflows/ci.yml`) runs the `version-gate` job on every PR and direct push to `main`. It diffs against the base ref using [`scripts/check-version-drift.mjs --strict`](../../scripts/check-version-drift.mjs) and fails fast if anything under `packages/{sdk,cli,shared}/src/` or the listed exact paths changed without a fresh version. **`--strict` treats unreachable npm as a hard failure** so we never publish on top of an existing version.
+4. After merge, the `Publish package` workflow (`.github/workflows/publish.yml`) is triggered automatically on push to `main` and decides whether to ship.
 
-1. Create or reserve the `antpath` package on npm.
-2. Add a Trusted Publisher for this GitHub repository.
-3. Set **Organization or user** to `weilueluo`.
-4. Set **Repository** to `antpath`.
-5. Set **Workflow filename** to `publish.yml`.
-6. Leave **Environment name** empty unless the workflow uses a matching GitHub Actions environment.
-7. Update `packages/sdk/package.json` version before publishing a release.
-8. Publish a GitHub release for that version.
+You don't tag locally and you don't open a GitHub Release manually — the workflow does both. If the workflow ends red after a successful `npm publish`, the npm version is the source of truth and a human can tag/release retroactively.
 
-The publish workflow uses GitHub OIDC through `id-token: write`; it does not require an npm token secret. It runs type-checks, tests, build, then publishes the `antpath` SDK workspace with provenance.
+## Publish pipeline
+
+The workflow has three jobs, in this order:
+
+1. **`decide`** — compares the local `packages/sdk/package.json#version` with `npm view antpath@latest version`.
+   - If they match → output `proceed=false` and the rest of the pipeline no-ops. Documentation-only commits, refactors that ride along with a previous version, and any other non-publishable change pass through cleanly.
+   - If they differ → `proceed=true`, with the local version flowing forward as the canonical `v<version>` for tagging and release notes.
+2. **`publish`** (gated on `proceed=true`) — single linear job:
+   - `pnpm install --frozen-lockfile`, `pnpm lint`, `pnpm test`, `pnpm build`.
+   - `pnpm --filter antpath pack` into `$RUNNER_TEMP`.
+   - **Pre-publish user-tests gate**: runs `apps/user-tests` `user-test:offline` against the packed tarball. A broken artifact (missing `bin`, broken shebang, leaked workspace dep, ESM-only contract violation, …) never reaches npm.
+   - **Final freshness check**: `npm view antpath@${VERSION} version` — guards the rare race where someone else publishes the same version between `decide` and here.
+   - `pnpm publish --provenance --no-git-checks` from `packages/sdk`. Auth is GitHub OIDC via `id-token: write` plus npm Trusted Publishers — there is no `NPM_TOKEN` secret.
+   - `git tag -a v${VERSION}` signed as the canonical commit identity, then `git push origin v${VERSION}`.
+   - `gh release create v${VERSION} --generate-notes`.
+3. **`user-tests-post-publish`** (matrix `ubuntu-latest, windows-latest`) — waits for registry visibility with `scripts/wait-for-npm.mjs antpath <version>` (catches the "metadata says yes but CDN tarball 404s" case), then runs `user-test:offline` against the published version on both runners.
+
+Atomicity boundary: **publish + tag + GitHub Release happen in the same job**. Until that job goes green, the release is not done — even if `npm publish` already succeeded. Post-publish user-tests are a follow-on signal, not part of the atomic act.
+
+## What ships in the tarball
+
+The published tarball is **self-contained**. It declares **zero `@antpath/*` runtime dependencies** and is installable from a clean `npm install antpath` with no workspace access:
+
+- `@antpath/shared` lives in `packages/sdk/package.json#devDependencies` only. At build time, [`packages/sdk/scripts/inline-shared.mjs`](../scripts/inline-shared.mjs) copies `packages/shared/dist/**` (minus the test-only `testing/` directory and sourcemaps) into `packages/sdk/dist/_shared/` and rewrites `from "@antpath/shared"` to `from "./_shared/index.js"` across the SDK dist tree. A sanity check at the end of that script refuses to finish if any bare `@antpath/shared` specifier survives.
+- `@antpath/cli` is bundled at build time by [`packages/sdk/scripts/bundle-cli.mjs`](../scripts/bundle-cli.mjs) into a single `dist/cli.mjs`, which is the `bin: antpath` entry in `packages/sdk/package.json`.
+- This invariant is mechanically enforced by `apps/user-tests/test/offline/install.test.ts` ("declares no @antpath/* runtime dependencies") — the pre-publish gate fails before npm if any workspace dep leaks back into `dependencies`/`peerDependencies`/`optionalDependencies`.
+
+## Local guard rails
+
+Every contributor who pushes is expected to install the tracked pre-push hook from the repo root once:
+
+```text
+pnpm hooks:install
+```
+
+The hook runs lint, tests, build, an SDK pack dry-run, and `check-version-drift.mjs` (advisory mode — unreachable npm is a warning so offline development still works). It catches "I bumped a runtime file but forgot to bump the version" or "the new version is already on npm" before the push leaves the laptop.
+
+## Repository setup (one-time)
+
+1. Reserve `antpath` on npm.
+2. Add a Trusted Publisher for this repository (`npmjs.com` → *Settings* → *Publishing access*):
+   - **Organization or user**: `weilueluo`
+   - **Repository**: `antpath`
+   - **Workflow filename**: `publish.yml`
+   - **Environment name**: leave empty.
+3. No `NPM_TOKEN` secret is required — OIDC handles auth.
+
+## Rollback
+
+There is no "unpublish" path: npm prevents reuse of a published version, and a bad release is fixed by publishing a higher version. If the atomic publish job dies between `npm publish` and `gh release create`, retag manually (`git tag -a v<version>`, push, `gh release create`); npm is already truthful.

package/docs/skills.md

@@ -15,4 +15,4 @@ Local directories are packaged as zip files and mounted under `/antpath/skills/`
 
 Inline skills are uploaded as markdown files and mounted under `/antpath/skills/` unless overridden.
 
-The platform also mounts the `antpath` CLI at `/antpath/antpath` and a per-run manifest at `/antpath/index.json` on **every** run. Skills can invoke the managed HTTP proxy via `node /antpath/antpath proxy …` — see `credentials.md` for the policy/auth model.
+The platform also mounts the `antpath` CLI at `/antpath/antpath` and a per-run manifest at `/antpath/index.json` on **every** run. Skills can invoke the managed HTTP proxy via `/antpath/antpath proxy …` — see `credentials.md` for the policy/auth model.

package/docs/templates.md

@@ -21,4 +21,4 @@ Allowed Template content:
 
 Variables use `{{name}}` and are resolved before provider calls. Use `\{{name}}` for a literal placeholder.
 
-Secrets must not appear in Templates. Pass credentials through `run({ credentials })`.
+Secrets must not appear in Templates. Pass credentials through `submitRun(template, { secrets, proxyEndpointAuth })` (SDK) or the equivalent host-mode flags (`--anthropic-api-key`, `--mcp-secret`, `--proxy-auth`).

package/docs/testing.md

@@ -6,21 +6,24 @@ title: Testing
 
 antpath uses test-first development.
 
-Commands:
+Workspace-wide commands:
 
 ```text
-npm run test:unit
-npm run test:unit:recorded
-npm run test:e2e:live
+pnpm test                  # unit, all packages, deterministic
+pnpm test:unit:recorded    # unit + replayed provider fixtures
+pnpm test:integration      # live external systems (Supabase + dashboard) — no skip flags
+pnpm test:e2e:live         # full top-to-bottom flows against live services
+pnpm test:user             # offline assertions on the published antpath package
+pnpm test:user:live        # live assertions on the published antpath package
 ```
 
-Unit tests are deterministic and may use fakes or sanitized recorded snapshots. Live tests run when `npm run test:e2e:live` is invoked with `.env.local` containing `ANTHROPIC_API_KEY`.
+Unit tests are deterministic and may use fakes or sanitized recorded snapshots. Integration tests run live external systems without any skip flag; if credentials are missing they fail loudly. Live e2e and user-live tests require `.env.local` (or runner-provided env) to include `ANTHROPIC_API_KEY` and any other live target vars; see `references/environment-variables.md`.
 
-Recorded API fixtures are created with:
+Recorded provider fixtures are produced with:
 
 ```text
-npm run fixtures:record:anthropic
-npm run fixtures:sanitize
+pnpm --filter antpath run fixtures:record:anthropic
+pnpm --filter antpath run fixtures:sanitize
 ```
 
 Raw fixtures and secret-shaped fixture files are ignored.

package/examples/mcp-static-bearer.ts

@@ -1,7 +1,7 @@
 import { AntpathClient, defineTemplate, requiredStaticBearer } from "antpath";
 
 const client = new AntpathClient({
-  anthropicApiKey: process.env.ANTHROPIC_API_KEY
+  apiToken: process.env.ANTPATH_API_TOKEN!
 });
 
 const template = defineTemplate({
@@ -17,14 +17,17 @@ const template = defineTemplate({
   }
 });
 
-const handle = await client.run(template, {
-  credentials: {
-    example: {
-      type: "static_bearer",
-      token: process.env.EXAMPLE_MCP_TOKEN ?? ""
-    }
+const ref = await client.submitRun(template, {
+  secrets: {
+    anthropic: { apiKey: process.env.ANTHROPIC_API_KEY! },
+    mcpServers: [
+      {
+        name: "example",
+        url: "https://mcp.example.com/mcp",
+        headers: { Authorization: `Bearer ${process.env.EXAMPLE_MCP_TOKEN ?? ""}` }
+      }
+    ]
   }
 });
 
-await handle.wait();
-await handle.cleanup();
+await ref.wait();

package/examples/quickstart.ts

@@ -1,7 +1,7 @@
 import { AntpathClient, defineTemplate, string } from "antpath";
 
 const client = new AntpathClient({
-  anthropicApiKey: process.env.ANTHROPIC_API_KEY
+  apiToken: process.env.ANTPATH_API_TOKEN!
 });
 
 const template = defineTemplate({
@@ -14,10 +14,10 @@ const template = defineTemplate({
   }
 });
 
-const handle = await client.run(template, {
-  variables: { topic: "test-first SDK design" }
+const ref = await client.submitRun(template, {
+  variables: { topic: "agent-first SDK design" },
+  secrets: { anthropic: { apiKey: process.env.ANTHROPIC_API_KEY! } }
 });
 
-const result = await handle.wait();
-console.log(result.status);
-await handle.cleanup();
+const run = await ref.wait();
+console.log(run.status);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "antpath",
-  "version": "0.2.1",
+  "version": "0.4.0",
   "description": "TypeScript SDK for running autonomous Claude Managed Agents sessions.",
   "repository": {
     "type": "git",
@@ -22,18 +22,16 @@
     "dist",
     "README.md",
     "docs",
-    "examples",
-    "references"
+    "examples"
   ],
-  "dependencies": {
-    "eventsource-parser": "3.0.6",
-    "fflate": "0.8.2"
+  "devDependencies": {
+    "@antpath/shared": "0.1.0"
   },
   "engines": {
     "node": ">=20"
   },
   "scripts": {
-    "build": "pnpm --filter @antpath/cli run build && tsc -p tsconfig.build.json && node ./scripts/bundle-cli.mjs",
+    "build": "pnpm --filter @antpath/cli run build && pnpm --filter @antpath/shared run build && tsc -p tsconfig.build.json && node ./scripts/bundle-cli.mjs && node ./scripts/inline-shared.mjs",
     "lint": "tsc --noEmit",
     "test": "vitest run test/unit",
     "test:unit": "vitest run test/unit",

package/dist/credentials.d.ts

@@ -1,3 +0,0 @@
-import type { CredentialInput } from "./types.js";
-import type { ResolvedTemplate } from "./template/compiler.js";
-export declare function validateCredentials(template: ResolvedTemplate, credentials?: Record<string, CredentialInput>): void;

package/dist/credentials.js

@@ -1,56 +0,0 @@
-import { CredentialValidationError } from "./errors.js";
-export function validateCredentials(template, credentials = {}) {
-    for (const [key, requirement] of Object.entries(template.credentialRequirements)) {
-        const credential = credentials[key];
-        if (credential === undefined) {
-            throw new CredentialValidationError(`Missing credential for MCP server '${key}'`);
-        }
-        if (!isRecord(credential)) {
-            throw new CredentialValidationError(`Credential for MCP server '${key}' must be an object`);
-        }
-        if (credential.type !== requirement.type) {
-            throw new CredentialValidationError(`Credential for MCP server '${key}' must be '${requirement.type}'`);
-        }
-        validateCredentialValue(key, credential);
-    }
-    for (const key of Object.keys(credentials)) {
-        if (!template.credentialRequirements[key]) {
-            throw new CredentialValidationError(`Credential provided for unknown MCP server '${key}'`);
-        }
-    }
-}
-function validateCredentialValue(key, credential) {
-    if (!isRecord(credential)) {
-        throw new CredentialValidationError(`Credential for MCP server '${key}' must be an object`);
-    }
-    if (credential.type === "static_bearer") {
-        assertAllowedFields(key, credential, ["type", "token"]);
-        if (typeof credential.token !== "string" || credential.token.length === 0) {
-            throw new CredentialValidationError(`Static bearer credential for '${key}' requires token`);
-        }
-        return;
-    }
-    if (credential.type === "oauth_access_token") {
-        assertAllowedFields(key, credential, ["type", "accessToken", "expiresAt"]);
-        if (typeof credential.accessToken !== "string" || credential.accessToken.length === 0) {
-            throw new CredentialValidationError(`OAuth credential for '${key}' requires accessToken`);
-        }
-        if (credential.expiresAt !== undefined && (typeof credential.expiresAt !== "string" || credential.expiresAt.length === 0)) {
-            throw new CredentialValidationError(`OAuth credential for '${key}' has invalid expiresAt`);
-        }
-        return;
-    }
-    throw new CredentialValidationError(`Credential for MCP server '${key}' has unsupported type`);
-}
-function assertAllowedFields(key, credential, allowed) {
-    const allowedSet = new Set(allowed);
-    for (const field of Object.keys(credential)) {
-        if (!allowedSet.has(field)) {
-            throw new CredentialValidationError(`Credential for MCP server '${key}' contains unsupported field '${field}'`);
-        }
-    }
-}
-function isRecord(input) {
-    return typeof input === "object" && input !== null && !Array.isArray(input);
-}
-//# sourceMappingURL=credentials.js.map

package/dist/credentials.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../src/credentials.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,yBAAyB,EAAE,MAAM,aAAa,CAAC;AAIxD,MAAM,UAAU,mBAAmB,CAAC,QAA0B,EAAE,cAA+C,EAAE;IAC/G,KAAK,MAAM,CAAC,GAAG,EAAE,WAAW,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAAE,CAAC;QACjF,MAAM,UAAU,GAAG,WAAW,CAAC,GAAG,CAAY,CAAC;QAC/C,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,MAAM,IAAI,yBAAyB,CAAC,sCAAsC,GAAG,GAAG,CAAC,CAAC;QACpF,CAAC;QACD,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,yBAAyB,CAAC,8BAA8B,GAAG,qBAAqB,CAAC,CAAC;QAC9F,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACzC,MAAM,IAAI,yBAAyB,CAAC,8BAA8B,GAAG,cAAc,WAAW,CAAC,IAAI,GAAG,CAAC,CAAC;QAC1G,CAAC;QACD,uBAAuB,CAAC,GAAG,EAAE,UAA6B,CAAC,CAAC;IAC9D,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC3C,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1C,MAAM,IAAI,yBAAyB,CAAC,+CAA+C,GAAG,GAAG,CAAC,CAAC;QAC7F,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,uBAAuB,CAAC,GAAW,EAAE,UAA2B;IACvE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,yBAAyB,CAAC,8BAA8B,GAAG,qBAAqB,CAAC,CAAC;IAC9F,CAAC;IACD,IAAI,UAAU,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;QACxC,mBAAmB,CAAC,GAAG,EAAE,UAAU,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;QACxD,IAAI,OAAO,UAAU,CAAC,KAAK,KAAK,QAAQ,IAAI,UAAU,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1E,MAAM,IAAI,yBAAyB,CAAC,iCAAiC,GAAG,kBAAkB,CAAC,CAAC;QAC9F,CAAC;QACD,OAAO;IACT,CAAC;IACD,IAAI,UAAU,CAAC,IAAI,KAAK,oBAAoB,EAAE,CAAC;QAC7C,mBAAmB,CAAC,GAAG,EAAE,UAAU,EAAE,CAAC,MAAM,EAAE,aAAa,EAAE,WAAW,CAAC,CAAC,CAAC;QAC3E,IAAI,OAAO,UAAU,CAAC,WAAW,KAAK,QAAQ,IAAI,UAAU,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtF,MAAM,IAAI,yBAAyB,CAAC,yBAAyB,GAAG,wBAAwB,CAAC,CAAC;QAC5F,CAAC;QACD,IAAI,UAAU,CAAC,SAAS,KAAK,SAAS,IAAI,CAAC,OAAO,UAAU,CAAC,SAAS,KAAK,QAAQ,IAAI,UAAU,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;YAC1H,MAAM,IAAI,yBAAyB,CAAC,yBAAyB,GAAG,yBAAyB,CAAC,CAAC;QAC7F,CAAC;QACD,OAAO;IACT,CAAC;IACD,MAAM,IAAI,yBAAyB,CAAC,8BAA8B,GAAG,wBAAwB,CAAC,CAAC;AACjG,CAAC;AAED,SAAS,mBAAmB,CAAC,GAAW,EAAE,UAAmC,EAAE,OAA0B;IACvG,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;IACpC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5C,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,yBAAyB,CAAC,8BAA8B,GAAG,iCAAiC,KAAK,GAAG,CAAC,CAAC;QAClH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;AAC9E,CAAC"}

package/dist/errors.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"errors.js","sourceRoot":"","sources":["../src/errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AASnD,MAAM,OAAO,YAAa,SAAQ,KAAK;IAC5B,IAAI,CAAmB;IACvB,OAAO,CAAW;IAE3B,YAAY,IAAsB,EAAE,OAAe,EAAE,OAAiB;QACpE,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC;QAClC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;IAC5E,CAAC;CACF;AAED,MAAM,OAAO,uBAAwB,SAAQ,YAAY;IACvD,YAAY,OAAe,EAAE,OAAiB;QAC5C,KAAK,CAAC,kBAAkB,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC9C,CAAC;CACF;AAED,MAAM,OAAO,yBAA0B,SAAQ,YAAY;IACzD,YAAY,OAAe,EAAE,OAAiB;QAC5C,KAAK,CAAC,oBAAoB,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAChD,CAAC;CACF;AAED,MAAM,OAAO,aAAc,SAAQ,YAAY;IACpC,MAAM,CAAqB;IAEpC,YAAY,OAAe,EAAE,UAAkD,EAAE;QAC/E,KAAK,CAAC,gBAAgB,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC/B,CAAC;CACF;AAED,MAAM,OAAO,aAAc,SAAQ,YAAY;IAC7C,YAAY,OAAe,EAAE,OAAiB;QAC5C,KAAK,CAAC,iBAAiB,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;CACF;AAED,MAAM,OAAO,YAAa,SAAQ,YAAY;IAC5C,YAAY,OAAe,EAAE,OAAiB;QAC5C,KAAK,CAAC,eAAe,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;IAC3C,CAAC;CACF"}

package/dist/files/downloader.d.ts

@@ -1,3 +0,0 @@
-import type { DownloadOutputsOptions, DownloadOutputsResult } from "../types.js";
-import type { ManagedAgentProvider } from "../providers/types.js";
-export declare function downloadOutputs(provider: ManagedAgentProvider, sessionId: string, options: DownloadOutputsOptions): Promise<DownloadOutputsResult>;

package/dist/files/downloader.js

@@ -1,43 +0,0 @@
-import { writeFileSafe } from "../utils/paths.js";
-const DEFAULT_MAX_FILES = 100;
-const DEFAULT_MAX_BYTES = 250 * 1024 * 1024;
-export async function downloadOutputs(provider, sessionId, options) {
-    const files = filterFiles(await provider.listFiles(sessionId), options);
-    if (files.length > (options.maxFiles ?? DEFAULT_MAX_FILES)) {
-        throw new Error(`Refusing to download ${files.length} files; maxFiles exceeded`);
-    }
-    const totalBytes = files.reduce((sum, file) => sum + (file.sizeBytes ?? 0), 0);
-    if (totalBytes > (options.maxTotalBytes ?? DEFAULT_MAX_BYTES)) {
-        throw new Error(`Refusing to download ${totalBytes} bytes; maxTotalBytes exceeded`);
-    }
-    const manifest = { directory: options.directory, files: [] };
-    let downloadedBytes = 0;
-    for (const file of files) {
-        const content = await provider.downloadFile(file.id);
-        if (file.sizeBytes !== undefined && content.byteLength !== file.sizeBytes) {
-            throw new Error(`Downloaded byte size for ${file.id} did not match provider metadata`);
-        }
-        downloadedBytes += content.byteLength;
-        if (downloadedBytes > (options.maxTotalBytes ?? DEFAULT_MAX_BYTES)) {
-            throw new Error(`Downloaded outputs exceeded maxTotalBytes`);
-        }
-        const localPath = await writeFileSafe(options.directory, file.filename, content);
-        const entry = {
-            providerFileId: file.id,
-            filename: file.filename,
-            localPath
-        };
-        manifest.files.push(file.sizeBytes === undefined ? entry : { ...entry, sizeBytes: file.sizeBytes });
-    }
-    return { manifest };
-}
-function filterFiles(files, options) {
-    if (!options.include) {
-        return files;
-    }
-    if (options.include instanceof RegExp) {
-        return files.filter((file) => options.include instanceof RegExp && options.include.test(file.filename));
-    }
-    return files.filter(options.include);
-}
-//# sourceMappingURL=downloader.js.map

package/dist/files/downloader.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"downloader.js","sourceRoot":"","sources":["../../src/files/downloader.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD,MAAM,iBAAiB,GAAG,GAAG,CAAC;AAC9B,MAAM,iBAAiB,GAAG,GAAG,GAAG,IAAI,GAAG,IAAI,CAAC;AAE5C,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,QAA8B,EAC9B,SAAiB,EACjB,OAA+B;IAE/B,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,QAAQ,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,CAAC;IACxE,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,iBAAiB,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,wBAAwB,KAAK,CAAC,MAAM,2BAA2B,CAAC,CAAC;IACnF,CAAC;IACD,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC/E,IAAI,UAAU,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,iBAAiB,CAAC,EAAE,CAAC;QAC9D,MAAM,IAAI,KAAK,CAAC,wBAAwB,UAAU,gCAAgC,CAAC,CAAC;IACtF,CAAC;IACD,MAAM,QAAQ,GAAG,EAAE,SAAS,EAAE,OAAO,CAAC,SAAS,EAAE,KAAK,EAAE,EAAgD,EAAE,CAAC;IAC3G,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACrD,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;YAC1E,MAAM,IAAI,KAAK,CAAC,4BAA4B,IAAI,CAAC,EAAE,kCAAkC,CAAC,CAAC;QACzF,CAAC;QACD,eAAe,IAAI,OAAO,CAAC,UAAU,CAAC;QACtC,IAAI,eAAe,GAAG,CAAC,OAAO,CAAC,aAAa,IAAI,iBAAiB,CAAC,EAAE,CAAC;YACnE,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC/D,CAAC;QACD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjF,MAAM,KAAK,GAAG;YACZ,cAAc,EAAE,IAAI,CAAC,EAAE;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS;SACV,CAAC;QACF,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,KAAK,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;IACtG,CAAC;IACD,OAAO,EAAE,QAAQ,EAAE,CAAC;AACtB,CAAC;AAED,SAAS,WAAW,CAAC,KAAqB,EAAE,OAA+B;IACzE,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,OAAO,CAAC,OAAO,YAAY,MAAM,EAAE,CAAC;QACtC,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,YAAY,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IAC1G,CAAC;IACD,OAAO,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;AACvC,CAAC"}