experimental-ash 0.24.2 → 0.25.0

package/dist/src/runtime/resolve-agent-graph.d.ts

@@ -5,26 +5,13 @@ import { type ResolvedAgentGraphBundle } from "#runtime/graph.js";
  * Input for resolving the compiled authored manifest and flattened module graph
  * into a runtime-owned recursive agent graph.
  */
-export interface ResolveRuntimeAgentGraphInput {
+interface ResolveRuntimeAgentGraphInput {
     manifest: CompiledAgentManifest;
     moduleMap: CompiledModuleMap;
 }
-/**
- * Error raised when the flattened compiled authored graph cannot be hydrated
- * into a runtime-owned agent graph.
- */
-export declare class ResolveRuntimeAgentGraphError extends Error {
-    readonly logicalPath?: string;
-    readonly nodeId?: string;
-    readonly sourceId?: string;
-    constructor(message: string, input?: {
-        logicalPath?: string;
-        nodeId?: string;
-        sourceId?: string;
-    });
-}
 /**
  * Resolves the compiled authored manifest and flattened module graph into one
  * runtime-owned bundle of agent nodes.
  */
 export declare function resolveRuntimeAgentGraph(input: ResolveRuntimeAgentGraphInput): Promise<ResolvedAgentGraphBundle>;
+export {};

package/dist/src/runtime/resolve-agent-graph.js

@@ -16,7 +16,7 @@ import { createRuntimeToolRegistry } from "#runtime/tools/registry.js";
  * Error raised when the flattened compiled authored graph cannot be hydrated
  * into a runtime-owned agent graph.
  */
-export class ResolveRuntimeAgentGraphError extends Error {
+class ResolveRuntimeAgentGraphError extends Error {
     logicalPath;
     nodeId;
     sourceId;

package/dist/src/runtime/sandbox/keys.d.ts

@@ -2,7 +2,7 @@ import { type RuntimeCompiledArtifactsSource } from "#runtime/compiled-artifacts
 /**
  * Input for deriving the stable runtime keys used for one sandbox definition.
  */
-export interface CreateRuntimeSandboxKeysInput {
+interface CreateRuntimeSandboxKeysInput {
     readonly backendName: string;
     readonly compiledArtifactsSource: RuntimeCompiledArtifactsSource;
     readonly nodeId: string;
@@ -31,3 +31,4 @@ export declare function createRuntimeSandboxTemplateKey(input: {
     readonly nodeId: string;
     readonly sourceId: string;
 }): Promise<string>;
+export {};

package/dist/src/runtime/sandbox/registry.d.ts

@@ -32,11 +32,11 @@ export interface RuntimeRegisteredSandbox {
  * Every agent owns exactly one sandbox, so the registry is just a
  * single record. When the author provides a `sandbox.<ext>` (or
  * `sandbox/sandbox.<ext>`) override, that authored definition replaces
- * the framework default. `sandbox` is `null` only in tests that supply
- * a stub registry; production always populates it.
+ * the framework default. Production always populates it; tests that
+ * need a `null` sandbox cast through `as RuntimeSandboxRegistry`.
  */
 export interface RuntimeSandboxRegistry {
-    readonly sandbox: RuntimeRegisteredSandbox | null;
+    readonly sandbox: RuntimeRegisteredSandbox;
 }
 /**
  * Builds the runtime-owned registry for one resolved authored agent's

package/dist/src/runtime/schedules/resolve-schedule.d.ts

@@ -4,26 +4,16 @@ import type { ResolvedSchedule } from "#runtime/types.js";
 /**
  * Input for resolving authored schedules from the compiled manifest.
  */
-export interface ResolveSchedulesInput {
+interface ResolveSchedulesInput {
     manifest: CompiledAgentManifest;
 }
 /**
  * Explicit compiled-artifact source used to resolve schedules from runtime
  * artifacts.
  */
-export interface LoadResolvedCompiledSchedulesInput {
+interface LoadResolvedCompiledSchedulesInput {
     readonly compiledArtifactsSource: RuntimeCompiledArtifactsSource;
 }
-/**
- * Error raised when compiled authored schedules cannot be hydrated into one
- * runtime-owned schedule model.
- */
-export declare class ResolveScheduleError extends Error {
-    readonly taskName?: string;
-    constructor(message: string, input?: {
-        taskName?: string;
-    });
-}
 /**
  * Resolves runtime-owned schedules from the compiled manifest.
  */
@@ -38,3 +28,4 @@ export declare function loadResolvedCompiledSchedules(input: LoadResolvedCompile
  * task name.
  */
 export declare function loadResolvedCompiledScheduleByTaskName(taskName: string, input: LoadResolvedCompiledSchedulesInput): Promise<ResolvedSchedule>;
+export {};

package/dist/src/runtime/schedules/resolve-schedule.js

@@ -4,7 +4,7 @@ import { createScheduleRegistrations } from "#runtime/schedules/register.js";
  * Error raised when compiled authored schedules cannot be hydrated into one
  * runtime-owned schedule model.
  */
-export class ResolveScheduleError extends Error {
+class ResolveScheduleError extends Error {
     taskName;
     constructor(message, input = {}) {
         super(message);

package/dist/src/runtime/sessions/auth.d.ts

@@ -15,17 +15,10 @@ export type RuntimeSessionAuthAttributes = Readonly<Record<string, string | read
  * Serializable auth context projected onto one runtime session turn.
  */
 export type RuntimeSessionAuthContext = z.infer<typeof runtimeSessionAuthContextSchema>;
-/**
- * Typed durable auth state preserved across one runtime session.
- */
-export interface RuntimeSessionAuthState {
-    readonly current: RuntimeSessionAuthContext | null;
-    readonly initiator: RuntimeSessionAuthContext | null;
-}
 /**
  * Zod schema for one serializable runtime session auth context.
  */
-export declare const runtimeSessionAuthContextSchema: z.ZodObject<{
+declare const runtimeSessionAuthContextSchema: z.ZodObject<{
     attributes: z.ZodReadonly<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodString, z.ZodReadonly<z.ZodArray<z.ZodString>>]>>>;
     authenticator: z.ZodEnum<{
         "http-basic": "http-basic";
@@ -43,8 +36,4 @@ export declare const runtimeSessionAuthContextSchema: z.ZodObject<{
     }>;
     subject: z.ZodOptional<z.ZodString>;
 }, z.core.$strict>;
-/**
- * Creates the empty route-auth snapshot for one public or unauthenticated
- * runtime session.
- */
-export declare function createEmptyRuntimeSessionAuthState(): RuntimeSessionAuthState;
+export {};

package/dist/src/runtime/sessions/auth.js

@@ -6,7 +6,7 @@ const runtimeSessionAuthAttributeValueSchema = z.union([
 /**
  * Zod schema for one serializable runtime session auth context.
  */
-export const runtimeSessionAuthContextSchema = z
+const runtimeSessionAuthContextSchema = z
     .object({
     attributes: z.record(z.string(), runtimeSessionAuthAttributeValueSchema).readonly(),
     authenticator: z.enum(["http-basic", "jwt-hmac", "jwt-ecdsa", "oidc"]),
@@ -16,13 +16,3 @@ export const runtimeSessionAuthContextSchema = z
     subject: z.string().optional(),
 })
     .strict();
-/**
- * Creates the empty route-auth snapshot for one public or unauthenticated
- * runtime session.
- */
-export function createEmptyRuntimeSessionAuthState() {
-    return {
-        current: null,
-        initiator: null,
-    };
-}

package/dist/src/runtime/sessions/compiled-agent-cache.js

@@ -31,7 +31,7 @@ async function loadFullBundle(compiledArtifactsSource) {
 }
 async function loadRuntimeCompiledModuleMap(compiledArtifactsSource) {
     if (compiledArtifactsSource.kind === "disk" &&
-        compiledArtifactsSource.moduleMapLoadMode === "authored-source") {
+        compiledArtifactsSource.moduleMapLoaderPath !== undefined) {
         return await loadAuthoredSourceCompiledModuleMap(compiledArtifactsSource);
     }
     return await loadCompiledModuleMap({ compiledArtifactsSource });

package/dist/src/runtime/sessions/runtime-session.d.ts

@@ -50,9 +50,3 @@ export declare function getActiveRuntimeSession(): RuntimeSession;
  * process-default session is untouched.
  */
 export declare function withRuntimeSession<T>(session: RuntimeSession, fn: () => Promise<T> | T): Promise<T>;
-/**
- * Clears the process-default session. Used by runtime tear-down paths to
- * discard installed artifacts and the bundle cache without touching any
- * scoped session set via {@link withRuntimeSession}.
- */
-export declare function clearProcessDefaultRuntimeSession(): void;

package/dist/src/runtime/sessions/runtime-session.js

@@ -48,16 +48,3 @@ export function getActiveRuntimeSession() {
 export async function withRuntimeSession(session, fn) {
     return await runtimeSessionStorage.run(session, async () => await fn());
 }
-/**
- * Clears the process-default session. Used by runtime tear-down paths to
- * discard installed artifacts and the bundle cache without touching any
- * scoped session set via {@link withRuntimeSession}.
- */
-export function clearProcessDefaultRuntimeSession() {
-    const previous = globalContainer[RUNTIME_SESSION_DEFAULT_GLOBAL_KEY];
-    if (previous !== undefined) {
-        previous.compiledArtifacts = null;
-        previous.bundleCache.clear();
-        previous.bundleCacheKeyBySourceKey.clear();
-    }
-}

package/dist/src/runtime/sessions/turn.d.ts

@@ -15,12 +15,12 @@ type PreparedRuntimeDelegationToolBase<TKind extends "remote" | "subagent"> = Re
  * Serializable local subagent descriptor prepared by the runtime for one
  * harness turn.
  */
-export type PreparedRuntimeSubagentTool = PreparedRuntimeDelegationToolBase<"subagent">;
+type PreparedRuntimeSubagentTool = PreparedRuntimeDelegationToolBase<"subagent">;
 /**
  * Serializable remote subagent descriptor prepared by the runtime for one
  * harness turn.
  */
-export type PreparedRuntimeRemoteAgentTool = PreparedRuntimeDelegationToolBase<"remote">;
+type PreparedRuntimeRemoteAgentTool = PreparedRuntimeDelegationToolBase<"remote">;
 /**
  * Serializable delegation descriptor prepared by the runtime for one harness
  * turn.

package/dist/src/runtime/subagents/registry.d.ts

@@ -3,7 +3,7 @@ import type { ResolvedRuntimeDelegationNode } from "#runtime/types.js";
 /**
  * One runtime-owned subagent tracked by the prepared registry.
  */
-export interface RuntimeRegisteredSubagent {
+interface RuntimeRegisteredSubagent {
     readonly definition: ResolvedRuntimeDelegationNode;
     readonly prepared: PreparedRuntimeDelegationTool;
 }
@@ -23,7 +23,4 @@ export declare function createRuntimeSubagentRegistry(input: {
     readonly reservedToolNames?: readonly string[];
     readonly subagents: readonly ResolvedRuntimeDelegationNode[];
 }): RuntimeSubagentRegistry;
-/**
- * Looks up one prepared runtime subagent by its model-visible name.
- */
-export declare function findRegisteredRuntimeSubagent(registry: RuntimeSubagentRegistry, subagentName: string): RuntimeRegisteredSubagent | null;
+export {};

package/dist/src/runtime/subagents/registry.js

@@ -49,12 +49,6 @@ export function createRuntimeSubagentRegistry(input) {
         subagentsByNodeId,
     };
 }
-/**
- * Looks up one prepared runtime subagent by its model-visible name.
- */
-export function findRegisteredRuntimeSubagent(registry, subagentName) {
-    return registry.subagentsByName.get(subagentName) ?? null;
-}
 function createPreparedRuntimeSubagentTool(definition) {
     return {
         description: definition.description,

package/dist/src/runtime/tools/registry.d.ts

@@ -3,7 +3,7 @@ import type { ResolvedToolDefinition } from "#runtime/types.js";
 /**
  * One executable authored tool tracked by the runtime-owned registry.
  */
-export interface RuntimeRegisteredTool {
+interface RuntimeRegisteredTool {
     readonly definition: ResolvedToolDefinition;
     readonly prepared: PreparedRuntimeAuthoredTool;
 }
@@ -27,3 +27,4 @@ export declare function createRuntimeToolRegistry(definitions: {
  * Looks up one authored tool by name from the runtime-owned registry.
  */
 export declare function findRegisteredRuntimeTool(registry: RuntimeToolRegistry, toolName: string): RuntimeRegisteredTool | null;
+export {};

package/dist/src/runtime/tools/registry.js

@@ -31,13 +31,10 @@ export function findRegisteredRuntimeTool(registry, toolName) {
 async function createPreparedRuntimeTool(definition) {
     return {
         description: definition.description,
-        inputSchema: await resolvePreparedToolInputSchema(definition),
+        inputSchema: definition.inputSchema,
         kind: "authored-tool",
         logicalPath: definition.logicalPath,
         name: definition.name,
         sourceId: definition.sourceId,
     };
 }
-async function resolvePreparedToolInputSchema(definition) {
-    return definition.inputSchema;
-}

package/dist/src/runtime/types.d.ts

@@ -14,7 +14,7 @@ import type { WorkspaceRuntimeSpec } from "#runtime/workspace/types.js";
 import type { Optional } from "#shared/optional.js";
 import type { Node } from "#shared/node.js";
 import type { SourceRef, ModuleSourceRef, SkillPackageSourceRef, MarkdownSourceRef } from "#shared/source-ref.js";
-import type { InternalSkillDefinition } from "#shared/skill-definition.js";
+import type { NamedSkillDefinition } from "#shared/skill-definition.js";
 import type { InternalAgentDefinition } from "#shared/agent-definition.js";
 import type { InternalToolDefinitionWithExecuteFn } from "#shared/tool-definition.js";
 import type { SandboxBackend } from "#shared/sandbox-backend.js";
@@ -39,7 +39,7 @@ export type ResolvedInstructions = Readonly<SourceRef & {
  * Runtime-owned skill metadata resolved from markdown, TypeScript, or a skill
  * package manifest entry.
  */
-export type ResolvedSkillDefinition = Readonly<InternalSkillDefinition & (Omit<MarkdownSourceRef<undefined>, "definition"> | ModuleSourceRef | SkillPackageSourceRef) & {
+export type ResolvedSkillDefinition = Readonly<NamedSkillDefinition & (Omit<MarkdownSourceRef<undefined>, "definition"> | ModuleSourceRef | SkillPackageSourceRef) & {
     metadata?: Readonly<Record<string, string>>;
 }>;
 /**
@@ -250,7 +250,7 @@ export type ResolvedAgentDefinition = Readonly<Omit<InternalAgentDefinition, "bu
 /**
  * Stable runtime metadata preserved alongside the resolved authored agent.
  */
-export interface ResolvedAgentMetadata {
+interface ResolvedAgentMetadata {
     readonly agentRoot: string;
     readonly appRoot: string;
     readonly diagnosticsSummary: DiscoverDiagnosticsSummary;
@@ -300,3 +300,4 @@ export interface ResolvedAgent {
     readonly tools: readonly ResolvedToolDefinition[];
     readonly workspaceSpec: WorkspaceRuntimeSpec;
 }
+export {};

package/dist/src/runtime/workspace/seed-files.d.ts

@@ -2,7 +2,7 @@
  * One concrete file materialized from a workspace seed directory for
  * sandbox template preparation.
  */
-export interface MaterializedWorkspaceFile {
+interface MaterializedWorkspaceFile {
     readonly content: Buffer;
     readonly path: string;
 }
@@ -12,3 +12,4 @@ export interface MaterializedWorkspaceFile {
  * `/workspace` root for the resulting seed file paths.
  */
 export declare function materializeWorkspaceDirectory(sourceDirectoryPath: string): Promise<readonly MaterializedWorkspaceFile[]>;
+export {};

package/dist/src/services/dev-client/request-headers.d.ts

@@ -1,3 +1,18 @@
+/**
+ * Returns whether `serverUrl` targets one of the recognized local
+ * development hostnames. Invalid URLs return `false` so callers can
+ * always proceed as if the target is remote.
+ */
+export declare function isLocalDevelopmentServerUrl(serverUrl: string): boolean;
+/**
+ * Resolves a Vercel OIDC token for the development client.
+ *
+ * Tries the `@vercel/oidc` SDK first (refreshes a freshly-issued token
+ * when the CLI is linked to a Vercel project), then falls back to the
+ * `VERCEL_OIDC_TOKEN` environment variable. Returns an empty string
+ * when no token is available so callers can proceed without auth.
+ */
+export declare function resolveDevelopmentOidcToken(): Promise<string>;
 /**
  * Vercel header used to bypass preview protection for framework-owned routes
  * during local CLI development. Paired with a Protection Bypass for
@@ -25,14 +40,6 @@ export declare const VERCEL_OIDC_TOKEN_HEADER = "x-vercel-oidc-token";
  * Header values accepted by Ash's development client helpers.
  */
 export type DevelopmentRequestHeaders = Headers | ReadonlyArray<readonly [string, string]> | Record<string, string>;
-/**
- * Creates request headers for one service-issued development request,
- * including Vercel preview-bypass and OIDC promotion for Ash-owned routes.
- */
-export declare function createDevelopmentRequestHeaders(input: {
-    headers?: DevelopmentRequestHeaders;
-    resourceUrl: URL;
-}): Headers;
 /**
  * Creates request headers for one service-issued development request and
  * opportunistically refreshes a linked local Vercel OIDC token for Ash-owned
@@ -42,3 +49,25 @@ export declare function createDevelopmentRequestHeadersAsync(input: {
     headers?: DevelopmentRequestHeaders;
     resourceUrl: URL;
 }): Promise<Headers>;
+/**
+ * Resolves the per-request custom headers used by the development client
+ * when constructing requests against a configured server URL.
+ *
+ * - {@link VERCEL_PROTECTION_BYPASS_HEADER} is attached when
+ *   `VERCEL_AUTOMATION_BYPASS_SECRET` is set.
+ * - {@link VERCEL_TRUSTED_OIDC_IDP_TOKEN_HEADER} is attached when a Vercel
+ *   OIDC token is available locally (either via `vercel link` +
+ *   `@vercel/oidc` or via the `VERCEL_OIDC_TOKEN` environment variable).
+ *   This lets the CLI bypass Vercel Deployment Protection without the user
+ *   creating a project-scoped Bypass for Automation token first.
+ *
+ * Both headers are sent when both sources are available; the platform
+ * accepts whichever it can validate.
+ *
+ * Local dev servers skip the OIDC token entirely — the framework's
+ * default channel auth falls back to `none()` off Vercel infrastructure,
+ * so attaching the bypass token would be wasted work.
+ */
+export declare function resolveDevelopmentClientHeaders(input: {
+    readonly serverUrl: string;
+}): Promise<Record<string, string>>;

package/dist/src/services/dev-client/request-headers.js

@@ -18,6 +18,39 @@ const LOCAL_HOSTNAMES = new Set([
 function isLocalAshServerUrl(url) {
     return LOCAL_HOSTNAMES.has(url.hostname);
 }
+/**
+ * Returns whether `serverUrl` targets one of the recognized local
+ * development hostnames. Invalid URLs return `false` so callers can
+ * always proceed as if the target is remote.
+ */
+export function isLocalDevelopmentServerUrl(serverUrl) {
+    try {
+        return isLocalAshServerUrl(new URL(serverUrl));
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Resolves a Vercel OIDC token for the development client.
+ *
+ * Tries the `@vercel/oidc` SDK first (refreshes a freshly-issued token
+ * when the CLI is linked to a Vercel project), then falls back to the
+ * `VERCEL_OIDC_TOKEN` environment variable. Returns an empty string
+ * when no token is available so callers can proceed without auth.
+ */
+export async function resolveDevelopmentOidcToken() {
+    try {
+        const token = (await getVercelOidcToken()).trim();
+        if (token.length > 0) {
+            return token;
+        }
+    }
+    catch {
+        // Fall through to env var.
+    }
+    return process.env.VERCEL_OIDC_TOKEN?.trim() ?? "";
+}
 /**
  * Vercel header used to bypass preview protection for framework-owned routes
  * during local CLI development. Paired with a Protection Bypass for
@@ -45,18 +78,6 @@ function isAshRouteUrl(url) {
     return (url.pathname.endsWith(ASH_ROUTE_PREFIX) ||
         url.pathname.includes(ASH_ROUTE_PREFIX_WITH_SEPARATOR));
 }
-/**
- * Creates request headers for one service-issued development request,
- * including Vercel preview-bypass and OIDC promotion for Ash-owned routes.
- */
-export function createDevelopmentRequestHeaders(input) {
-    const headers = createBaseDevelopmentRequestHeaders(input);
-    const oidcToken = resolveAshRouteOidcTokenSync(headers, input.resourceUrl);
-    if (oidcToken !== null) {
-        attachAshRouteOidcHeaders(headers, oidcToken);
-    }
-    return headers;
-}
 /**
  * Creates request headers for one service-issued development request and
  * opportunistically refreshes a linked local Vercel OIDC token for Ash-owned
@@ -92,30 +113,10 @@ function attachAshRouteOidcHeaders(headers, oidcToken) {
     headers.set(VERCEL_TRUSTED_OIDC_IDP_TOKEN_HEADER, oidcToken);
 }
 /**
- * Returns the OIDC token to attach for an Ash-owned request, using only
- * synchronously-available sources (forwarded runtime header or
- * `VERCEL_OIDC_TOKEN`). Returns `null` when the request targets a non-Ash
- * route, a local dev server, or no token is available.
- */
-function resolveAshRouteOidcTokenSync(headers, resourceUrl) {
-    if (!shouldResolveAshRouteOidcToken(resourceUrl)) {
-        return null;
-    }
-    const requestToken = headers.get(VERCEL_OIDC_TOKEN_HEADER)?.trim();
-    if (requestToken) {
-        return requestToken;
-    }
-    const environmentToken = process.env.VERCEL_OIDC_TOKEN?.trim();
-    if (environmentToken) {
-        return environmentToken;
-    }
-    return null;
-}
-/**
- * Async variant of {@link resolveAshRouteOidcTokenSync} that also asks
+ * Resolves an OIDC token for an Ash-owned request, asking
  * `@vercel/oidc` for a freshly-issued token when the CLI is linked to a
- * Vercel project. Falls back to {@link resolveAshRouteOidcTokenSync}
- * sources when the helper is unavailable.
+ * Vercel project. Falls back to the forwarded runtime header or the
+ * `VERCEL_OIDC_TOKEN` environment variable.
  */
 async function resolveAshRouteOidcToken(headers, resourceUrl) {
     if (!shouldResolveAshRouteOidcToken(resourceUrl)) {
@@ -146,17 +147,8 @@ function shouldResolveAshRouteOidcToken(resourceUrl) {
     return true;
 }
 async function resolveLocalDevelopmentOidcToken() {
-    const environmentToken = process.env.VERCEL_OIDC_TOKEN?.trim();
-    try {
-        const token = (await getVercelOidcToken()).trim();
-        if (token.length > 0) {
-            return token;
-        }
-    }
-    catch {
-        return environmentToken ?? null;
-    }
-    return environmentToken ?? null;
+    const token = await resolveDevelopmentOidcToken();
+    return token.length > 0 ? token : null;
 }
 function resolveDevelopmentHeadersInit(headers) {
     if (headers === undefined) {
@@ -170,3 +162,36 @@ function resolveDevelopmentHeadersInit(headers) {
     }
     return headers;
 }
+/**
+ * Resolves the per-request custom headers used by the development client
+ * when constructing requests against a configured server URL.
+ *
+ * - {@link VERCEL_PROTECTION_BYPASS_HEADER} is attached when
+ *   `VERCEL_AUTOMATION_BYPASS_SECRET` is set.
+ * - {@link VERCEL_TRUSTED_OIDC_IDP_TOKEN_HEADER} is attached when a Vercel
+ *   OIDC token is available locally (either via `vercel link` +
+ *   `@vercel/oidc` or via the `VERCEL_OIDC_TOKEN` environment variable).
+ *   This lets the CLI bypass Vercel Deployment Protection without the user
+ *   creating a project-scoped Bypass for Automation token first.
+ *
+ * Both headers are sent when both sources are available; the platform
+ * accepts whichever it can validate.
+ *
+ * Local dev servers skip the OIDC token entirely — the framework's
+ * default channel auth falls back to `none()` off Vercel infrastructure,
+ * so attaching the bypass token would be wasted work.
+ */
+export async function resolveDevelopmentClientHeaders(input) {
+    const headers = {};
+    const bypassSecret = process.env.VERCEL_AUTOMATION_BYPASS_SECRET?.trim();
+    if (bypassSecret) {
+        headers[VERCEL_PROTECTION_BYPASS_HEADER] = bypassSecret;
+    }
+    if (!isLocalDevelopmentServerUrl(input.serverUrl)) {
+        const oidcToken = await resolveDevelopmentOidcToken();
+        if (oidcToken.length > 0) {
+            headers[VERCEL_TRUSTED_OIDC_IDP_TOKEN_HEADER] = oidcToken;
+        }
+    }
+    return headers;
+}

package/dist/src/services/dev-client/stream.d.ts

@@ -1,23 +1,4 @@
 import type { HandleMessageStreamEvent } from "#protocol/message.js";
-/**
- * Reads newline-delimited message workflow events from the current response
- * body.
- */
-export declare function readMessageStreamEvents(input: {
-    onEvent?(event: HandleMessageStreamEvent): void;
-    response: Response;
-    startAfterBoundaryCount?: number;
-    stopWhen?(event: HandleMessageStreamEvent): boolean;
-}): Promise<HandleMessageStreamEvent[]>;
-/**
- * Extracts the final completed assistant message text from a streamed message
- * workflow result.
- */
-export declare function extractCompletedMessage(events: HandleMessageStreamEvent[]): string | undefined;
-/**
- * Counts boundary events in one stream slice.
- */
-export declare function countCurrentTurnBoundaryEvents(events: readonly HandleMessageStreamEvent[]): number;
 /**
  * Returns the last boundary event observed for the current streamed turn slice.
  */

package/dist/src/services/dev-client/stream.js

@@ -1,41 +1,4 @@
 import { isCurrentTurnBoundaryEvent } from "#protocol/message.js";
-import { openDevelopmentMessageStream } from "#services/dev-client/live-stream.js";
-function isMessageCompletedEvent(event) {
-    return event.type === "message.completed";
-}
-function isFinalMessageCompletedEvent(event) {
-    return isMessageCompletedEvent(event) && event.data.finishReason !== "tool-calls";
-}
-/**
- * Reads newline-delimited message workflow events from the current response
- * body.
- */
-export async function readMessageStreamEvents(input) {
-    const stream = openDevelopmentMessageStream({
-        resourceUrl: "",
-        response: input.response,
-    });
-    try {
-        return await stream.readEvents(input);
-    }
-    finally {
-        await stream.close();
-    }
-}
-/**
- * Extracts the final completed assistant message text from a streamed message
- * workflow result.
- */
-export function extractCompletedMessage(events) {
-    const completedEvent = [...events].reverse().find(isFinalMessageCompletedEvent);
-    return completedEvent?.data.message ?? undefined;
-}
-/**
- * Counts boundary events in one stream slice.
- */
-export function countCurrentTurnBoundaryEvents(events) {
-    return events.filter(isCurrentTurnBoundaryEvent).length;
-}
 /**
  * Returns the last boundary event observed for the current streamed turn slice.
  */

package/dist/src/services/dev-client/url.d.ts

@@ -1,13 +1,9 @@
-/**
- * Resolves one Ash route against the configured development server URL.
- */
-export declare function resolveDevelopmentServerRouteUrl(input: {
-    routePath: string;
-    serverUrl: string;
-}): URL;
 /**
  * Resolves one server-provided resource reference against the configured
  * development server URL.
+ *
+ * Absolute resource URLs are returned untouched; relative routes are
+ * resolved against the development server base.
  */
 export declare function resolveDevelopmentServerResourceUrl(input: {
     resource: string;

package/dist/src/services/dev-client/url.js

@@ -7,15 +7,12 @@ function createDevelopmentServerBaseUrl(serverUrl) {
     }
     return url;
 }
-/**
- * Resolves one Ash route against the configured development server URL.
- */
-export function resolveDevelopmentServerRouteUrl(input) {
-    return new URL(input.routePath.replace(/^\/+/, ""), createDevelopmentServerBaseUrl(input.serverUrl));
-}
 /**
  * Resolves one server-provided resource reference against the configured
  * development server URL.
+ *
+ * Absolute resource URLs are returned untouched; relative routes are
+ * resolved against the development server base.
  */
 export function resolveDevelopmentServerResourceUrl(input) {
     const resource = input.resource.trim();
@@ -23,9 +20,6 @@ export function resolveDevelopmentServerResourceUrl(input) {
         return new URL(resource);
     }
     catch {
-        return resolveDevelopmentServerRouteUrl({
-            routePath: resource,
-            serverUrl: input.serverUrl,
-        });
+        return new URL(resource.replace(/^\/+/, ""), createDevelopmentServerBaseUrl(input.serverUrl));
     }
 }