antpath 0.7.0 → 0.9.0

package/dist/_shared/index.d.ts

@@ -6,6 +6,7 @@ export * from "./proxy-protocol.js";
 export * from "./secrets.js";
 export * from "./status.js";
 export * from "./submission.js";
+export * from "./run-unit.js";
 export * from "./stable.js";
 export * from "./sdk-secrets.js";
 export * from "./sdk-errors.js";

package/dist/_shared/index.js

@@ -6,6 +6,7 @@ export * from "./proxy-protocol.js";
 export * from "./secrets.js";
 export * from "./status.js";
 export * from "./submission.js";
+export * from "./run-unit.js";
 // SDK + CLI shared surface — moved here so the published `antpath` SDK
 // and the in-container `antpath` CLI consume the SAME implementation.
 export * from "./stable.js";

package/dist/_shared/operations.d.ts

@@ -1,4 +1,5 @@
 import type { HttpClient } from "./http.js";
+import type { RunUnit } from "./run-unit.js";
 import type { Output, Run, RunEvent, SignedOutputLink, Skill, WhoAmI } from "./runtime-types.js";
 import type { PlatformFlatRunSubmissionInput, PlatformRunSubmissionInput } from "./submission.js";
 /**
@@ -16,12 +17,38 @@ import type { PlatformFlatRunSubmissionInput, PlatformRunSubmissionInput } from
  */
 export declare function submitRun(http: HttpClient, request: PlatformRunSubmissionInput): Promise<Run>;
 export declare function getRun(http: HttpClient, runId: string): Promise<Run>;
+/**
+ * Strongly-typed accessor for the full self-contained run unit:
+ * parsed submission inputs, attempts, indexed events (with
+ * pagination cursor for large runs), raw-event Storage manifest,
+ * outputs, capture failures, proxy-call audit, pinned skills,
+ * provider skills, transient skills.
+ *
+ * Backed by the same `GET /api/runs/:runId` endpoint that
+ * `getRun` calls; this variant just narrows the return type to
+ * the documented wire shape. Prefer this for new code; `getRun`
+ * stays for callers that only need the loose record.
+ */
+export declare function getRunUnit(http: HttpClient, runId: string): Promise<RunUnit>;
 export declare function listRunEvents(http: HttpClient, runId: string): Promise<readonly RunEvent[]>;
 export declare function listOutputs(http: HttpClient, runId: string): Promise<readonly Output[]>;
 export declare function createOutputLink(http: HttpClient, runId: string, outputId: string): Promise<SignedOutputLink>;
 export declare function cancelRun(http: HttpClient, runId: string): Promise<void>;
 export declare function deleteRun(http: HttpClient, runId: string): Promise<void>;
 export declare function whoami(http: HttpClient): Promise<WhoAmI>;
+/**
+ * Stream the per-run archive zip from the BFF. Returns the raw
+ * `Response` so callers can pipe the body to disk without buffering
+ * the whole archive in memory.
+ *
+ * The archive lifecycle contract lives in
+ * `apps/dashboard/src/server/run-archive.ts` and
+ * `packages/sdk/docs/outputs.md`. Pre-session runs reject with HTTP
+ * 409 `run_not_started`; mid-session and terminal both produce the
+ * same archive layout and differ only in `manifest.json`'s `source`
+ * + `partial` fields.
+ */
+export declare function downloadRunArchive(http: HttpClient, runId: string): Promise<Response>;
 export declare function submitRunFlat(http: HttpClient, request: PlatformFlatRunSubmissionInput): Promise<Run>;
 /**
  * Multipart variant of `submitRunFlat` for runs that carry transient
@@ -59,3 +86,23 @@ export declare function createSkillBundle(http: HttpClient, args: {
 export declare function listSkills(http: HttpClient): Promise<readonly Skill[]>;
 export declare function getSkill(http: HttpClient, skillId: string): Promise<Skill>;
 export declare function deleteSkill(http: HttpClient, skillId: string): Promise<void>;
+/**
+ * Lookup a live workspace skill by `(name, contentHash)`. Returns the
+ * matching `Skill` record or null when no live row carries that hash.
+ *
+ * `contentHash` is the wire format `sha256:<hex>` as returned by
+ * `hashSkillBundle`. This powers `Skill.uploadIfChanged` — the SDK
+ * computes the hash locally and calls this function to skip the upload
+ * when the bytes already exist.
+ */
+export declare function findSkillByHash(http: HttpClient, args: {
+    readonly name: string;
+    readonly contentHash: string;
+}): Promise<Skill | null>;
+/**
+ * Lookup a live workspace skill by `name`. Returns the matching `Skill`
+ * record or null when no live row carries that name. Implemented as a
+ * list-and-filter on the existing `/api/skills` endpoint — the
+ * indexed by-hash route is reserved for `uploadIfChanged`.
+ */
+export declare function findSkillByName(http: HttpClient, name: string): Promise<Skill | null>;

package/dist/_shared/operations.js

@@ -21,6 +21,21 @@ export async function getRun(http, runId) {
     const result = await http.request(`/api/runs/${encodeURIComponent(runId)}`);
     return hasRun(result) ? result.run : result;
 }
+/**
+ * Strongly-typed accessor for the full self-contained run unit:
+ * parsed submission inputs, attempts, indexed events (with
+ * pagination cursor for large runs), raw-event Storage manifest,
+ * outputs, capture failures, proxy-call audit, pinned skills,
+ * provider skills, transient skills.
+ *
+ * Backed by the same `GET /api/runs/:runId` endpoint that
+ * `getRun` calls; this variant just narrows the return type to
+ * the documented wire shape. Prefer this for new code; `getRun`
+ * stays for callers that only need the loose record.
+ */
+export async function getRunUnit(http, runId) {
+    return http.request(`/api/runs/${encodeURIComponent(runId)}`);
+}
 export async function listRunEvents(http, runId) {
     const result = await http.request(`/api/runs/${encodeURIComponent(runId)}/events`);
     return result.events;
@@ -41,6 +56,22 @@ export async function deleteRun(http, runId) {
 export async function whoami(http) {
     return http.request("/api/whoami");
 }
+/**
+ * Stream the per-run archive zip from the BFF. Returns the raw
+ * `Response` so callers can pipe the body to disk without buffering
+ * the whole archive in memory.
+ *
+ * The archive lifecycle contract lives in
+ * `apps/dashboard/src/server/run-archive.ts` and
+ * `packages/sdk/docs/outputs.md`. Pre-session runs reject with HTTP
+ * 409 `run_not_started`; mid-session and terminal both produce the
+ * same archive layout and differ only in `manifest.json`'s `source`
+ * + `partial` fields.
+ */
+export async function downloadRunArchive(http, runId) {
+    const { response } = await http.download(`/api/runs/${encodeURIComponent(runId)}/download`);
+    return response;
+}
 // ===========================================================================
 // Flat (Skill / McpServer / Blueprint) operations
 // ===========================================================================
@@ -125,6 +156,33 @@ export async function deleteSkill(http, skillId) {
         method: "DELETE"
     });
 }
+/**
+ * Lookup a live workspace skill by `(name, contentHash)`. Returns the
+ * matching `Skill` record or null when no live row carries that hash.
+ *
+ * `contentHash` is the wire format `sha256:<hex>` as returned by
+ * `hashSkillBundle`. This powers `Skill.uploadIfChanged` — the SDK
+ * computes the hash locally and calls this function to skip the upload
+ * when the bytes already exist.
+ */
+export async function findSkillByHash(http, args) {
+    const params = new URLSearchParams({
+        name: args.name,
+        content_hash: args.contentHash
+    });
+    const result = await http.request(`/api/skills/by-hash?${params.toString()}`);
+    return result.skill ?? null;
+}
+/**
+ * Lookup a live workspace skill by `name`. Returns the matching `Skill`
+ * record or null when no live row carries that name. Implemented as a
+ * list-and-filter on the existing `/api/skills` endpoint — the
+ * indexed by-hash route is reserved for `uploadIfChanged`.
+ */
+export async function findSkillByName(http, name) {
+    const skills = await listSkills(http);
+    return skills.find((skill) => skill.name === name) ?? null;
+}
 function unwrapSkill(result) {
     if (result && typeof result === "object" && "skill" in result) {
         return result.skill;

package/dist/_shared/proxy-protocol.d.ts

@@ -67,8 +67,16 @@ export interface ProxyIndexEntry {
  * The actual auth value lives in the run's Vault bundle under
  * `secrets.proxyEndpointAuth[i].value` and is never reflected back
  * into the container or index file.
+ *
+ * The `none` variant declares an upstream that takes no auth (public
+ * APIs like Wikimedia Commons or NASA Images). It still routes through
+ * the proxy for unified egress, audit, and budget enforcement, but
+ * carries no `proxyEndpointAuth[]` entry and the BFF injects no
+ * header or query value.
  */
 export type ProxyAuthShape = {
+    readonly type: "none";
+} | {
     readonly type: "bearer";
 } | {
     readonly type: "basic";
@@ -82,7 +90,7 @@ export type ProxyAuthShape = {
 export type ProxyAuthType = ProxyAuthShape["type"];
 /**
  * Header name (lowercase) that an upstream auth shape uses as its
- * carrier. Returns `undefined` for query-based auth.
+ * carrier. Returns `undefined` for query-based and keyless auth.
  *
  * Used by the submission parser to forbid `allowHeaders` from listing
  * the auth header (avoids leaks via caller-supplied headers), and by
@@ -92,7 +100,7 @@ export type ProxyAuthType = ProxyAuthShape["type"];
 export declare function authShapeHeaderName(shape: ProxyAuthShape): string | undefined;
 /**
  * Query-string key that an upstream query-based auth shape uses as its
- * carrier. Returns `undefined` for non-query shapes.
+ * carrier. Returns `undefined` for non-query shapes (including "none").
  */
 export declare function authShapeQueryName(shape: ProxyAuthShape): string | undefined;
 /**

package/dist/_shared/proxy-protocol.js

@@ -66,7 +66,7 @@ export const PROXY_ERROR_CODES = [
 ];
 /**
  * Header name (lowercase) that an upstream auth shape uses as its
- * carrier. Returns `undefined` for query-based auth.
+ * carrier. Returns `undefined` for query-based and keyless auth.
  *
  * Used by the submission parser to forbid `allowHeaders` from listing
  * the auth header (avoids leaks via caller-supplied headers), and by
@@ -81,12 +81,13 @@ export function authShapeHeaderName(shape) {
         case "header":
             return shape.name.toLowerCase();
         case "query":
+        case "none":
             return undefined;
     }
 }
 /**
  * Query-string key that an upstream query-based auth shape uses as its
- * carrier. Returns `undefined` for non-query shapes.
+ * carrier. Returns `undefined` for non-query shapes (including "none").
  */
 export function authShapeQueryName(shape) {
     return shape.type === "query" ? shape.name : undefined;

package/dist/_shared/run-unit.d.ts

@@ -0,0 +1,206 @@
+/**
+ * RunUnit — the self-contained read shape of a run.
+ *
+ * One canonical struct that captures every non-secret artifact persisted
+ * for a single run: parsed submission inputs, status/lifecycle, attempts,
+ * indexed events, raw-event Storage manifest, outputs (+ capture
+ * failures), proxy-call audit log, pinned workspace skills, provider
+ * built-in skills, and transient (Anthropic Files) skill records.
+ *
+ * Wire contract for `GET /api/runs/:runId`, the per-run archive's
+ * `run.json`/`submission.json`/`caps.json`, and the SDK/CLI
+ * `client.runs.get(runId)` return type.
+ *
+ * Immutability: every field here is read-only. Edit endpoints do not
+ * exist by design — see `references/architecture-decisions.md` (Runs).
+ *
+ * Raw event payloads are not embedded in this struct. They live in
+ * private Supabase Storage as gzipped JSONL pages and are listed via
+ * `rawEventPages` (manifest only; bytes downloaded out-of-band so the
+ * detail response stays bounded). The archive zip carries the bytes.
+ */
+import type { JsonValue, PlatformCleanupPolicy, PlatformFlatSubmission, PlatformProxyEndpoint, PlatformTemplateSubmission } from "./submission.js";
+/**
+ * Parsed view of `runs.template_snapshot` jsonb. Two historical shapes
+ * coexist in storage:
+ *
+ *   - `kind: "flat"` (current): {kind:"flat", submission, cleanup?}
+ *     written by `insertRunWithSkillSnapshots` for all new runs.
+ *   - legacy template-shaped: {template, executionPayloadSecretId,
+ *     variables?, cleanup?} written by `insertRun` before the flat
+ *     pivot.
+ *
+ * The parser tolerates both and returns a discriminated union so
+ * consumers branch mechanically. New work targets `kind: "flat"`.
+ *
+ * Note on legacy redaction: historic template-shaped snapshots have
+ * `system` and `messages` replaced with `"[redacted]"` by
+ * `redactTemplateForMetadata`. That redaction predates the raw-event /
+ * raw-input policy update and we do not retroactively un-redact data we
+ * never stored. Flat-shape snapshots are verbatim.
+ */
+export type RunUnitSubmission = RunUnitFlatSubmission | RunUnitTemplateSubmission;
+export interface RunUnitFlatSubmission {
+    readonly kind: "flat";
+    readonly submission: PlatformFlatSubmission;
+    readonly cleanup?: PlatformCleanupPolicy;
+}
+export interface RunUnitTemplateSubmission {
+    readonly kind: "template";
+    readonly template: PlatformTemplateSubmission;
+    readonly variables?: Record<string, JsonValue>;
+    readonly cleanup?: PlatformCleanupPolicy;
+}
+export interface RunUnitAttempt {
+    readonly id: string;
+    readonly attemptNumber: number;
+    readonly status: string;
+    readonly providerSessionId?: string;
+    readonly errorClass?: string;
+    readonly errorCode?: string;
+    readonly errorMessage?: string;
+    readonly startedAt?: string;
+    readonly terminalAt?: string;
+    readonly createdAt: string;
+}
+/**
+ * Indexed event metadata (dedupe-key + summary). Raw payload bytes for
+ * each event are NOT here — they ride in `rawEventPages`. This struct
+ * stays small so the detail response is bounded.
+ */
+export interface RunUnitEvent {
+    readonly id: string;
+    readonly attemptId?: string;
+    readonly providerEventId?: string;
+    readonly type: string;
+    readonly summary?: string;
+    readonly occurredAt?: string;
+    readonly processedAt: string;
+    readonly usageDelta?: Record<string, JsonValue>;
+}
+/**
+ * Inline slice of events plus an optional cursor for the tail. Most
+ * runs fit entirely inline; long-running ones overflow and the
+ * consumer paginates via `GET /api/runs/:runId/events?cursor=...`.
+ */
+export interface RunUnitEventPage {
+    readonly entries: readonly RunUnitEvent[];
+    readonly totalCount: number;
+    readonly truncated: boolean;
+    readonly nextCursor?: string;
+}
+/**
+ * One gzipped JSONL page of raw provider events captured to Storage.
+ * Bytes are downloaded via signed URL or surfaced inside the per-run
+ * archive zip. `storagePath` is bucket-relative; the BFF turns it
+ * into a signed URL for clients.
+ */
+export interface RunUnitRawEventPage {
+    readonly attempt: number;
+    readonly page: number;
+    readonly byteSize: number;
+    readonly eventCount: number;
+    readonly storagePath: string;
+    readonly contentEncoding: "gzip";
+    readonly createdAt: string;
+}
+export interface RunUnitOutput {
+    readonly id: string;
+    readonly fileName: string;
+    readonly byteSize: number;
+    readonly contentType?: string;
+}
+export interface RunUnitOutputCaptureFailure {
+    readonly id: string;
+    readonly providerFileId?: string;
+    readonly filename?: string;
+    readonly byteSize?: number;
+    readonly reason: string;
+    readonly errorMessage?: string;
+    readonly createdAt: string;
+}
+export interface RunUnitProxyCall {
+    readonly id: string;
+    readonly endpointName: string;
+    readonly method: string;
+    readonly requestPathRedacted: string | null;
+    readonly requestByteSize: number;
+    readonly responseStatus: number | null;
+    readonly responseByteSize: number;
+    readonly outcome: string;
+    readonly errorClass: string | null;
+    readonly startedAt: string;
+    readonly finishedAt: string | null;
+    readonly durationMs: number | null;
+}
+export interface RunUnitProxyCallPage {
+    readonly entries: readonly RunUnitProxyCall[];
+    readonly totalCount: number;
+    readonly truncated: boolean;
+    readonly nextCursor?: string;
+}
+/**
+ * Workspace skill bundle pinned at submission. `liveSkillId` is `null`
+ * when the corresponding `skill_bundles` row has been soft-deleted —
+ * the UI uses that to render a tombstoned link.
+ */
+export interface RunUnitSkillSnapshot {
+    readonly skillId: string;
+    readonly name: string;
+    readonly hash: string;
+    readonly sizeBytes: number;
+    readonly fileCount: number;
+    readonly liveSkillId: string | null;
+}
+export interface RunUnitProviderSkill {
+    readonly vendor: string;
+    readonly skillId: string;
+    readonly version?: string;
+}
+export interface RunUnitTransientSkill {
+    readonly id: string;
+    readonly slotId: string;
+    readonly skillName: string;
+    readonly contentHash: string;
+    readonly anthropicFileId: string | null;
+    readonly status: string;
+    readonly createdAt: string;
+    readonly updatedAt: string;
+}
+export interface RunUnit {
+    readonly id: string;
+    readonly workspaceId: string;
+    readonly status: string;
+    readonly lifecyclePhase?: string;
+    readonly cleanupStatus: string;
+    readonly createdAt: string;
+    readonly updatedAt: string;
+    readonly startedAt?: string;
+    readonly terminalAt?: string;
+    readonly deletedAt?: string;
+    readonly attemptCount: number;
+    readonly submission: RunUnitSubmission;
+    readonly capsSnapshot?: Record<string, JsonValue>;
+    readonly proxyEndpointsSnapshot?: readonly PlatformProxyEndpoint[];
+    readonly attempts: readonly RunUnitAttempt[];
+    readonly events: RunUnitEventPage;
+    readonly rawEventPages: readonly RunUnitRawEventPage[];
+    readonly outputs: readonly RunUnitOutput[];
+    readonly outputCaptureFailures: readonly RunUnitOutputCaptureFailure[];
+    readonly proxyCalls: RunUnitProxyCallPage;
+    readonly skillSnapshots: readonly RunUnitSkillSnapshot[];
+    readonly providerSkills: readonly RunUnitProviderSkill[];
+    readonly transientSkills: readonly RunUnitTransientSkill[];
+}
+/**
+ * Parse a `runs.template_snapshot` jsonb payload into the typed
+ * discriminated union. Tolerates both flat and legacy template shapes;
+ * never throws on minor unknown keys so we can forward-compat with
+ * worker-side enrichment.
+ *
+ * Returns a typed shape even for malformed snapshots — the worst case
+ * is `{kind: "flat", submission: {model: "", ...}}` with empty defaults
+ * — because the dashboard must still render *something* for a buggy
+ * historical row rather than 500ing the whole detail page.
+ */
+export declare function parseRunUnitSubmission(input: unknown): RunUnitSubmission;

package/dist/_shared/run-unit.js

@@ -0,0 +1,213 @@
+/**
+ * RunUnit — the self-contained read shape of a run.
+ *
+ * One canonical struct that captures every non-secret artifact persisted
+ * for a single run: parsed submission inputs, status/lifecycle, attempts,
+ * indexed events, raw-event Storage manifest, outputs (+ capture
+ * failures), proxy-call audit log, pinned workspace skills, provider
+ * built-in skills, and transient (Anthropic Files) skill records.
+ *
+ * Wire contract for `GET /api/runs/:runId`, the per-run archive's
+ * `run.json`/`submission.json`/`caps.json`, and the SDK/CLI
+ * `client.runs.get(runId)` return type.
+ *
+ * Immutability: every field here is read-only. Edit endpoints do not
+ * exist by design — see `references/architecture-decisions.md` (Runs).
+ *
+ * Raw event payloads are not embedded in this struct. They live in
+ * private Supabase Storage as gzipped JSONL pages and are listed via
+ * `rawEventPages` (manifest only; bytes downloaded out-of-band so the
+ * detail response stays bounded). The archive zip carries the bytes.
+ */
+import { parseMcpServerRef, parseSkillRef } from "./blueprint.js";
+// ---------------------------------------------------------------------------
+// Submission parser
+// ---------------------------------------------------------------------------
+/**
+ * Parse a `runs.template_snapshot` jsonb payload into the typed
+ * discriminated union. Tolerates both flat and legacy template shapes;
+ * never throws on minor unknown keys so we can forward-compat with
+ * worker-side enrichment.
+ *
+ * Returns a typed shape even for malformed snapshots — the worst case
+ * is `{kind: "flat", submission: {model: "", ...}}` with empty defaults
+ * — because the dashboard must still render *something* for a buggy
+ * historical row rather than 500ing the whole detail page.
+ */
+export function parseRunUnitSubmission(input) {
+    if (!input || typeof input !== "object" || Array.isArray(input)) {
+        return fallbackFlat();
+    }
+    const value = input;
+    if (value.kind === "flat") {
+        return parseFlatProjection(value);
+    }
+    if (isRecord(value.template)) {
+        return parseTemplateProjection(value);
+    }
+    // Snapshot exists but matches neither shape — surface as an empty
+    // flat submission so consumers can still render lifecycle bits.
+    return fallbackFlat();
+}
+function parseFlatProjection(value) {
+    const submissionRaw = isRecord(value.submission) ? value.submission : {};
+    const cleanup = parseCleanup(value.cleanup);
+    const submission = {
+        model: typeof submissionRaw.model === "string" ? submissionRaw.model : "",
+        ...(typeof submissionRaw.system === "string" ? { system: submissionRaw.system } : {}),
+        prompt: toStringArray(submissionRaw.prompt),
+        skills: toSkillRefArray(submissionRaw.skills),
+        mcpServers: toMcpServerRefArray(submissionRaw.mcpServers),
+        ...(parseEnvironment(submissionRaw.environment)
+            ? { environment: parseEnvironment(submissionRaw.environment) }
+            : {}),
+        ...(isJsonRecord(submissionRaw.metadata) ? { metadata: submissionRaw.metadata } : {}),
+        ...(toOptionalStringArray(submissionRaw.outputDirs)
+            ? { outputDirs: toOptionalStringArray(submissionRaw.outputDirs) }
+            : {})
+    };
+    return {
+        kind: "flat",
+        submission,
+        ...(cleanup ? { cleanup } : {})
+    };
+}
+function parseTemplateProjection(value) {
+    const templateRaw = value.template;
+    const template = {
+        name: typeof templateRaw.name === "string" ? templateRaw.name : "",
+        model: typeof templateRaw.model === "string" ? templateRaw.model : "",
+        templateHash: typeof templateRaw.templateHash === "string" ? templateRaw.templateHash : "",
+        messages: toStringArray(templateRaw.messages),
+        ...(typeof templateRaw.system === "string" ? { system: templateRaw.system } : {}),
+        ...(isJsonRecord(templateRaw.metadata) ? { metadata: templateRaw.metadata } : {}),
+        ...(parseEnvironment(templateRaw.environment)
+            ? { environment: parseEnvironment(templateRaw.environment) }
+            : {})
+    };
+    const variables = isJsonRecord(value.variables) ? value.variables : undefined;
+    const cleanup = parseCleanup(value.cleanup);
+    return {
+        kind: "template",
+        template,
+        ...(variables ? { variables } : {}),
+        ...(cleanup ? { cleanup } : {})
+    };
+}
+function fallbackFlat() {
+    return {
+        kind: "flat",
+        submission: {
+            model: "",
+            prompt: [],
+            skills: [],
+            mcpServers: []
+        }
+    };
+}
+// ---------------------------------------------------------------------------
+// Coercion helpers — deliberately lenient. We never throw on a single
+// malformed sub-field; we collapse it to a safe default and keep going
+// so a dashboard read of a malformed snapshot still surfaces the rest.
+// ---------------------------------------------------------------------------
+function isRecord(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function isJsonRecord(value) {
+    return isRecord(value);
+}
+function toStringArray(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    return value.filter((item) => typeof item === "string");
+}
+function toOptionalStringArray(value) {
+    if (!Array.isArray(value) || value.length === 0) {
+        return undefined;
+    }
+    const filtered = value.filter((item) => typeof item === "string");
+    return filtered.length === 0 ? undefined : filtered;
+}
+function toSkillRefArray(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    const out = [];
+    for (let i = 0; i < value.length; i++) {
+        try {
+            out.push(parseSkillRef(value[i], `submission.skills[${i}]`, { allowTransient: true }));
+        }
+        catch {
+            // Skip malformed entries rather than failing the whole detail
+            // read. Worker-side enrichment may add fields we don't recognise.
+        }
+    }
+    return out;
+}
+function toMcpServerRefArray(value) {
+    if (!Array.isArray(value)) {
+        return [];
+    }
+    const out = [];
+    for (let i = 0; i < value.length; i++) {
+        try {
+            out.push(parseMcpServerRef(value[i], `submission.mcpServers[${i}]`));
+        }
+        catch {
+            // ignore malformed
+        }
+    }
+    return out;
+}
+function parseEnvironment(value) {
+    if (!isRecord(value)) {
+        return undefined;
+    }
+    const env = {};
+    if (isRecord(value.networking)) {
+        const mode = value.networking.mode;
+        const allowedHosts = value.networking.allowedHosts;
+        if (mode === "limited" || mode === "open") {
+            env.networking = {
+                mode,
+                ...(Array.isArray(allowedHosts)
+                    ? { allowedHosts: toStringArray(allowedHosts) }
+                    : {})
+            };
+        }
+    }
+    if (Array.isArray(value.packages)) {
+        const pkgs = value.packages
+            .filter(isRecord)
+            .map((p) => {
+            const r = p;
+            return typeof r.name === "string"
+                ? { name: r.name, ...(typeof r.version === "string" ? { version: r.version } : {}) }
+                : null;
+        })
+            .filter((p) => p !== null);
+        if (pkgs.length > 0) {
+            env.packages = pkgs;
+        }
+    }
+    return env.networking || env.packages
+        ? env
+        : undefined;
+}
+function parseCleanup(value) {
+    if (!isRecord(value)) {
+        return undefined;
+    }
+    const session = value.session;
+    const claudeSession = value.claudeSession;
+    const out = {};
+    if (session === "retain" || session === "delete") {
+        out.session = session;
+    }
+    if (claudeSession === "retain" || claudeSession === "delete") {
+        out.claudeSession = claudeSession;
+    }
+    return out.session || out.claudeSession ? out : undefined;
+}
+//# sourceMappingURL=run-unit.js.map

package/dist/_shared/runtime-types.d.ts

@@ -71,6 +71,25 @@ export interface WhoAmI {
     readonly tokenId?: string;
     readonly tokenName?: string | null;
     readonly scopes?: readonly string[];
+    /**
+     * Workspace-level caps the BFF will enforce on subsequent calls.
+     * Surfaced so consumers (e.g. broll's app-side admission gate) can
+     * decide whether to keep their own gate or rely on platform headers.
+     * All fields optional — older BFFs may omit. Numbers are concrete
+     * snapshots at the time of the `whoami` call.
+     */
+    readonly caps?: {
+        /** Token-bucket cap on POST /api/runs per minute, per workspace. */
+        readonly runSubmitPerMinute?: number;
+        /** Hard cap on concurrent non-terminal runs the workspace may hold. */
+        readonly maxConcurrentRuns?: number;
+        /** Storage cap (bytes) on captured output objects, workspace-wide. */
+        readonly storageCapBytes?: number;
+        /** Current captured-output usage in bytes. */
+        readonly storageUsedBytes?: number;
+        /** Wall-clock ceiling on a single run before forced termination. */
+        readonly maxRunDurationMs?: number;
+    };
     readonly [key: string]: unknown;
 }
 /**