lemma-sdk 0.2.20 → 0.2.22

package/README.md

@@ -108,7 +108,12 @@ const assistantPayload: CreateAssistantInput = {
 ## Auth Helpers
 
 ```ts
-import { LemmaClient, buildAuthUrl, resolveSafeRedirectUri } from "lemma-sdk";
+import {
+  LemmaClient,
+  buildAuthUrl,
+  buildFederatedLogoutUrl,
+  resolveSafeRedirectUri,
+} from "lemma-sdk";
 
 const client = new LemmaClient({
   apiUrl: "https://api-next.asur.work",
@@ -131,6 +136,14 @@ await client.auth.signOut();
 const token = await client.auth.getAccessToken();
 const refreshed = await client.auth.refreshAccessToken();
 client.auth.redirectToAuth({ mode: "signup", redirectUri: safeRedirect });
+
+// Build upstream logout URL (server/client)
+const federatedLogoutUrl = buildFederatedLogoutUrl(client.authUrl, {
+  redirectUri: safeRedirect,
+});
+
+// Browser: sign out locally, then clear upstream SSO and return to app
+await client.auth.redirectToFederatedLogout({ redirectUri: safeRedirect });
 ```
 
 ### Browser Testing With Injected Token

package/dist/auth.d.ts

@@ -28,6 +28,7 @@ export interface AuthState {
 }
 export type AuthListener = (state: AuthState) => void;
 export type AuthRedirectMode = "login" | "signup";
+type AuthQueryParams = Record<string, string | number | boolean | Array<string | number | boolean> | null | undefined>;
 export interface BuildAuthUrlOptions {
     /** Optional auth path segment relative to authUrl pathname, e.g. "callback" -> /auth/callback. */
     path?: string;
@@ -36,7 +37,35 @@ export interface BuildAuthUrlOptions {
     /** Redirect URI passed to auth service. */
     redirectUri?: string;
     /** Additional query parameters appended to auth URL. */
-    params?: Record<string, string | number | boolean | Array<string | number | boolean> | null | undefined>;
+    params?: AuthQueryParams;
+}
+export interface BuildFederatedLogoutUrlOptions {
+    /**
+     * Optional auth path segment for logout, relative to authUrl pathname.
+     * Defaults to "logout" (for example: https://auth.example.com/auth/logout).
+     */
+    path?: string;
+    /**
+     * Post-logout redirect URI passed to the auth service.
+     */
+    redirectUri?: string;
+    /**
+     * Query parameter name used for redirect URI. Defaults to "redirect_uri".
+     */
+    redirectParam?: string;
+    /** Additional query parameters appended to logout URL. */
+    params?: AuthQueryParams;
+}
+export interface RedirectToFederatedLogoutOptions extends Omit<BuildFederatedLogoutUrlOptions, "redirectUri"> {
+    /**
+     * Post-logout redirect URI. Defaults to current location.
+     */
+    redirectUri?: string;
+    /**
+     * Whether to clear the local session before redirecting upstream.
+     * Defaults to true.
+     */
+    localSignOut?: boolean;
 }
 export interface ResolveSafeRedirectUriOptions {
     /** Origin for resolving relative paths. */
@@ -50,6 +79,7 @@ export declare function setTestingToken(token: string): void;
 export declare function getTestingToken(): string | null;
 export declare function clearTestingToken(): void;
 export declare function buildAuthUrl(authUrl: string, options?: BuildAuthUrlOptions): string;
+export declare function buildFederatedLogoutUrl(authUrl: string, options?: BuildFederatedLogoutUrlOptions): string;
 export declare function resolveSafeRedirectUri(rawValue: string | null | undefined, options: ResolveSafeRedirectUriOptions): string;
 export declare class AuthManager {
     private readonly apiUrl;
@@ -72,6 +102,13 @@ export declare class AuthManager {
     private setState;
     private assertBrowserContext;
     private getCookie;
+    private getCookieDomainCandidates;
+    private expireCookie;
+    /**
+     * Defensive cleanup for stale SuperTokens frontend marker cookies/storage.
+     * This helps recover when signout/session-expiry paths leave local markers behind.
+     */
+    private clearFrontendSessionMarkers;
     private clearInjectedToken;
     private rawSignOutViaBackend;
     /**
@@ -112,6 +149,10 @@ export declare class AuthManager {
      * Build auth URL for login/signup/custom auth sub-path.
      */
     getAuthUrl(options?: BuildAuthUrlOptions): string;
+    /**
+     * Build upstream/federated logout URL.
+     */
+    getFederatedLogoutUrl(options?: BuildFederatedLogoutUrlOptions): string;
     /**
      * Redirect to the auth service, passing the current URL as redirect_uri.
      * After the user authenticates, the auth service should redirect back to
@@ -120,4 +161,11 @@ export declare class AuthManager {
     redirectToAuth(options?: Omit<BuildAuthUrlOptions, "redirectUri"> & {
         redirectUri?: string;
     }): void;
+    /**
+     * Optional full logout flow:
+     * 1. clear local SDK/session cookies
+     * 2. redirect to auth service logout endpoint to terminate upstream SSO
+     */
+    redirectToFederatedLogout(options?: RedirectToFederatedLogoutOptions): Promise<void>;
 }
+export {};

package/dist/auth.js

@@ -18,6 +18,14 @@
 import Session from "supertokens-web-js/recipe/session";
 import { ensureCookieSessionSupport } from "./supertokens.js";
 const DEFAULT_BLOCKED_REDIRECT_PATHS = ["/login", "/signup", "/auth"];
+const SUPERTOKENS_FRONTEND_MARKER_KEYS = [
+    "sFrontToken",
+    "st-last-access-token-update",
+    "sIRTFrontend",
+    "sAntiCsrf",
+    "st-access-token",
+    "st-refresh-token",
+];
 const LOCALSTORAGE_TOKEN_KEY = "lemma_token";
 function readStorageToken() {
     if (typeof window === "undefined")
@@ -121,6 +129,26 @@ export function buildAuthUrl(authUrl, options = {}) {
     }
     return url.toString();
 }
+export function buildFederatedLogoutUrl(authUrl, options = {}) {
+    const url = new URL(authUrl);
+    url.pathname = resolveAuthPath(url.pathname, options.path ?? "logout");
+    for (const [key, value] of Object.entries(options.params ?? {})) {
+        if (value === null || value === undefined)
+            continue;
+        if (Array.isArray(value)) {
+            url.searchParams.delete(key);
+            for (const item of value) {
+                url.searchParams.append(key, String(item));
+            }
+            continue;
+        }
+        url.searchParams.set(key, String(value));
+    }
+    if (options.redirectUri && options.redirectUri.trim()) {
+        url.searchParams.set(options.redirectParam ?? "redirect_uri", options.redirectUri);
+    }
+    return url.toString();
+}
 export function resolveSafeRedirectUri(rawValue, options) {
     const siteOrigin = normalizeOrigin(options.siteOrigin);
     const blockedPaths = options.blockedPaths ?? DEFAULT_BLOCKED_REDIRECT_PATHS;
@@ -194,6 +222,62 @@ export class AuthManager {
         const match = document.cookie.match(new RegExp(`(?:^|; )${escaped}=([^;]*)`));
         return match ? decodeURIComponent(match[1]) : undefined;
     }
+    getCookieDomainCandidates() {
+        if (typeof window === "undefined") {
+            return [undefined];
+        }
+        const host = window.location.hostname;
+        const isIpv4 = /^\d{1,3}(?:\.\d{1,3}){3}$/.test(host);
+        const isIpv6 = host.includes(":");
+        if (!host || host === "localhost" || isIpv4 || isIpv6) {
+            return [undefined];
+        }
+        const domains = new Set();
+        const parts = host.split(".").filter(Boolean);
+        for (let i = 0; i < parts.length - 1; i += 1) {
+            const candidate = parts.slice(i).join(".");
+            if (!candidate)
+                continue;
+            domains.add(candidate);
+            domains.add(`.${candidate}`);
+        }
+        return [undefined, ...domains];
+    }
+    expireCookie(name, domain) {
+        if (typeof document === "undefined")
+            return;
+        const domainPart = domain ? `;domain=${domain}` : "";
+        document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;max-age=0;path=/${domainPart};samesite=lax`;
+        document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;max-age=0;path=/${domainPart}`;
+    }
+    /**
+     * Defensive cleanup for stale SuperTokens frontend marker cookies/storage.
+     * This helps recover when signout/session-expiry paths leave local markers behind.
+     */
+    clearFrontendSessionMarkers() {
+        if (typeof window === "undefined")
+            return;
+        for (const key of SUPERTOKENS_FRONTEND_MARKER_KEYS) {
+            try {
+                window.localStorage.removeItem(key);
+            }
+            catch {
+                // ignore storage errors
+            }
+            try {
+                window.sessionStorage.removeItem(key);
+            }
+            catch {
+                // ignore storage errors
+            }
+        }
+        const domains = this.getCookieDomainCandidates();
+        for (const key of SUPERTOKENS_FRONTEND_MARKER_KEYS) {
+            for (const domain of domains) {
+                this.expireCookie(key, domain);
+            }
+        }
+    }
     clearInjectedToken() {
         this.injectedToken = null;
         clearTestingToken();
@@ -302,6 +386,7 @@ export class AuthManager {
             const response = await fetch(`${this.apiUrl}/users/me`, this.getRequestInit({ method: "GET" }));
             // Only 401 means not authenticated — 403 means authenticated but forbidden
             if (response.status === 401) {
+                this.clearFrontendSessionMarkers();
                 const next = { status: "unauthenticated", user: null };
                 this.setState(next);
                 return next;
@@ -328,6 +413,7 @@ export class AuthManager {
      * Does NOT redirect — call redirectToAuth() explicitly if desired.
      */
     markUnauthenticated() {
+        this.clearFrontendSessionMarkers();
         this.setState({ status: "unauthenticated", user: null });
     }
     /**
@@ -368,6 +454,12 @@ export class AuthManager {
     getAuthUrl(options = {}) {
         return buildAuthUrl(this.authUrl, options);
     }
+    /**
+     * Build upstream/federated logout URL.
+     */
+    getFederatedLogoutUrl(options = {}) {
+        return buildFederatedLogoutUrl(this.authUrl, options);
+    }
     /**
      * Redirect to the auth service, passing the current URL as redirect_uri.
      * After the user authenticates, the auth service should redirect back to
@@ -380,4 +472,21 @@ export class AuthManager {
         const redirectUri = options.redirectUri ?? window.location.href;
         window.location.href = this.getAuthUrl({ ...options, redirectUri });
     }
+    /**
+     * Optional full logout flow:
+     * 1. clear local SDK/session cookies
+     * 2. redirect to auth service logout endpoint to terminate upstream SSO
+     */
+    async redirectToFederatedLogout(options = {}) {
+        this.assertBrowserContext();
+        const redirectUri = options.redirectUri ?? window.location.href;
+        const localSignOut = options.localSignOut ?? true;
+        if (localSignOut) {
+            await this.signOut();
+        }
+        window.location.href = this.getFederatedLogoutUrl({
+            ...options,
+            redirectUri,
+        });
+    }
 }

package/dist/browser/lemma-client.js

@@ -3,7 +3,7 @@
 "./browser.js": function (module, exports, require) {
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ApiError = exports.setTestingToken = exports.resolveSafeRedirectUri = exports.getTestingToken = exports.clearTestingToken = exports.buildAuthUrl = exports.AuthManager = exports.LemmaClient = void 0;
+exports.ApiError = exports.setTestingToken = exports.resolveSafeRedirectUri = exports.getTestingToken = exports.clearTestingToken = exports.buildFederatedLogoutUrl = exports.buildAuthUrl = exports.AuthManager = exports.LemmaClient = void 0;
 /**
  * Browser bundle entry point.
  * Exposes LemmaClient as globalThis.LemmaClient.LemmaClient
@@ -19,6 +19,7 @@ Object.defineProperty(exports, "LemmaClient", { enumerable: true, get: function
 var auth_js_1 = require("./auth.js");
 Object.defineProperty(exports, "AuthManager", { enumerable: true, get: function () { return auth_js_1.AuthManager; } });
 Object.defineProperty(exports, "buildAuthUrl", { enumerable: true, get: function () { return auth_js_1.buildAuthUrl; } });
+Object.defineProperty(exports, "buildFederatedLogoutUrl", { enumerable: true, get: function () { return auth_js_1.buildFederatedLogoutUrl; } });
 Object.defineProperty(exports, "clearTestingToken", { enumerable: true, get: function () { return auth_js_1.clearTestingToken; } });
 Object.defineProperty(exports, "getTestingToken", { enumerable: true, get: function () { return auth_js_1.getTestingToken; } });
 Object.defineProperty(exports, "resolveSafeRedirectUri", { enumerable: true, get: function () { return auth_js_1.resolveSafeRedirectUri; } });
@@ -198,10 +199,19 @@ exports.setTestingToken = setTestingToken;
 exports.getTestingToken = getTestingToken;
 exports.clearTestingToken = clearTestingToken;
 exports.buildAuthUrl = buildAuthUrl;
+exports.buildFederatedLogoutUrl = buildFederatedLogoutUrl;
 exports.resolveSafeRedirectUri = resolveSafeRedirectUri;
 const session_1 = require("supertokens-web-js/recipe/session");
 const supertokens_js_1 = require("./supertokens.js");
 const DEFAULT_BLOCKED_REDIRECT_PATHS = ["/login", "/signup", "/auth"];
+const SUPERTOKENS_FRONTEND_MARKER_KEYS = [
+    "sFrontToken",
+    "st-last-access-token-update",
+    "sIRTFrontend",
+    "sAntiCsrf",
+    "st-access-token",
+    "st-refresh-token",
+];
 const LOCALSTORAGE_TOKEN_KEY = "lemma_token";
 function readStorageToken() {
     if (typeof window === "undefined")
@@ -305,6 +315,26 @@ function buildAuthUrl(authUrl, options = {}) {
     }
     return url.toString();
 }
+function buildFederatedLogoutUrl(authUrl, options = {}) {
+    const url = new URL(authUrl);
+    url.pathname = resolveAuthPath(url.pathname, options.path ?? "logout");
+    for (const [key, value] of Object.entries(options.params ?? {})) {
+        if (value === null || value === undefined)
+            continue;
+        if (Array.isArray(value)) {
+            url.searchParams.delete(key);
+            for (const item of value) {
+                url.searchParams.append(key, String(item));
+            }
+            continue;
+        }
+        url.searchParams.set(key, String(value));
+    }
+    if (options.redirectUri && options.redirectUri.trim()) {
+        url.searchParams.set(options.redirectParam ?? "redirect_uri", options.redirectUri);
+    }
+    return url.toString();
+}
 function resolveSafeRedirectUri(rawValue, options) {
     const siteOrigin = normalizeOrigin(options.siteOrigin);
     const blockedPaths = options.blockedPaths ?? DEFAULT_BLOCKED_REDIRECT_PATHS;
@@ -375,6 +405,62 @@ class AuthManager {
         const match = document.cookie.match(new RegExp(`(?:^|; )${escaped}=([^;]*)`));
         return match ? decodeURIComponent(match[1]) : undefined;
     }
+    getCookieDomainCandidates() {
+        if (typeof window === "undefined") {
+            return [undefined];
+        }
+        const host = window.location.hostname;
+        const isIpv4 = /^\d{1,3}(?:\.\d{1,3}){3}$/.test(host);
+        const isIpv6 = host.includes(":");
+        if (!host || host === "localhost" || isIpv4 || isIpv6) {
+            return [undefined];
+        }
+        const domains = new Set();
+        const parts = host.split(".").filter(Boolean);
+        for (let i = 0; i < parts.length - 1; i += 1) {
+            const candidate = parts.slice(i).join(".");
+            if (!candidate)
+                continue;
+            domains.add(candidate);
+            domains.add(`.${candidate}`);
+        }
+        return [undefined, ...domains];
+    }
+    expireCookie(name, domain) {
+        if (typeof document === "undefined")
+            return;
+        const domainPart = domain ? `;domain=${domain}` : "";
+        document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;max-age=0;path=/${domainPart};samesite=lax`;
+        document.cookie = `${name}=;expires=Thu, 01 Jan 1970 00:00:00 GMT;max-age=0;path=/${domainPart}`;
+    }
+    /**
+     * Defensive cleanup for stale SuperTokens frontend marker cookies/storage.
+     * This helps recover when signout/session-expiry paths leave local markers behind.
+     */
+    clearFrontendSessionMarkers() {
+        if (typeof window === "undefined")
+            return;
+        for (const key of SUPERTOKENS_FRONTEND_MARKER_KEYS) {
+            try {
+                window.localStorage.removeItem(key);
+            }
+            catch {
+                // ignore storage errors
+            }
+            try {
+                window.sessionStorage.removeItem(key);
+            }
+            catch {
+                // ignore storage errors
+            }
+        }
+        const domains = this.getCookieDomainCandidates();
+        for (const key of SUPERTOKENS_FRONTEND_MARKER_KEYS) {
+            for (const domain of domains) {
+                this.expireCookie(key, domain);
+            }
+        }
+    }
     clearInjectedToken() {
         this.injectedToken = null;
         clearTestingToken();
@@ -483,6 +569,7 @@ class AuthManager {
             const response = await fetch(`${this.apiUrl}/users/me`, this.getRequestInit({ method: "GET" }));
             // Only 401 means not authenticated — 403 means authenticated but forbidden
             if (response.status === 401) {
+                this.clearFrontendSessionMarkers();
                 const next = { status: "unauthenticated", user: null };
                 this.setState(next);
                 return next;
@@ -509,6 +596,7 @@ class AuthManager {
      * Does NOT redirect — call redirectToAuth() explicitly if desired.
      */
     markUnauthenticated() {
+        this.clearFrontendSessionMarkers();
         this.setState({ status: "unauthenticated", user: null });
     }
     /**
@@ -549,6 +637,12 @@ class AuthManager {
     getAuthUrl(options = {}) {
         return buildAuthUrl(this.authUrl, options);
     }
+    /**
+     * Build upstream/federated logout URL.
+     */
+    getFederatedLogoutUrl(options = {}) {
+        return buildFederatedLogoutUrl(this.authUrl, options);
+    }
     /**
      * Redirect to the auth service, passing the current URL as redirect_uri.
      * After the user authenticates, the auth service should redirect back to
@@ -561,6 +655,23 @@ class AuthManager {
         const redirectUri = options.redirectUri ?? window.location.href;
         window.location.href = this.getAuthUrl({ ...options, redirectUri });
     }
+    /**
+     * Optional full logout flow:
+     * 1. clear local SDK/session cookies
+     * 2. redirect to auth service logout endpoint to terminate upstream SSO
+     */
+    async redirectToFederatedLogout(options = {}) {
+        this.assertBrowserContext();
+        const redirectUri = options.redirectUri ?? window.location.href;
+        const localSignOut = options.localSignOut ?? true;
+        if (localSignOut) {
+            await this.signOut();
+        }
+        window.location.href = this.getFederatedLogoutUrl({
+            ...options,
+            redirectUri,
+        });
+    }
 }
 exports.AuthManager = AuthManager;
 
@@ -1538,6 +1649,9 @@ class ConversationsNamespace {
     listByAssistant(assistantId, options = {}) {
         return this.list({ ...options, assistant_id: assistantId });
     }
+    listModels() {
+        return this.http.request("GET", "/models");
+    }
     create(payload) {
         return this.http.request("POST", "/conversations", {
             body: {

package/dist/browser.d.ts

@@ -9,5 +9,5 @@
  *   </script>
  */
 export { LemmaClient } from "./client.js";
-export { AuthManager, buildAuthUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
+export { AuthManager, buildAuthUrl, buildFederatedLogoutUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
 export { ApiError } from "./http.js";

package/dist/browser.js

@@ -9,5 +9,5 @@
  *   </script>
  */
 export { LemmaClient } from "./client.js";
-export { AuthManager, buildAuthUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
+export { AuthManager, buildAuthUrl, buildFederatedLogoutUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
 export { ApiError } from "./http.js";

package/dist/index.d.ts

@@ -1,7 +1,7 @@
 export { LemmaClient } from "./client.js";
 export type { LemmaConfig } from "./client.js";
-export { AuthManager, buildAuthUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
-export type { AuthState, AuthListener, AuthStatus, UserInfo, AuthRedirectMode, BuildAuthUrlOptions, ResolveSafeRedirectUriOptions, } from "./auth.js";
+export { AuthManager, buildAuthUrl, buildFederatedLogoutUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
+export type { AuthState, AuthListener, AuthStatus, UserInfo, AuthRedirectMode, BuildAuthUrlOptions, BuildFederatedLogoutUrlOptions, RedirectToFederatedLogoutOptions, ResolveSafeRedirectUriOptions, } from "./auth.js";
 export { ApiError } from "./http.js";
 export * from "./types.js";
 export { readSSE, parseSSEJson } from "./streams.js";

package/dist/index.js

@@ -1,5 +1,5 @@
 export { LemmaClient } from "./client.js";
-export { AuthManager, buildAuthUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
+export { AuthManager, buildAuthUrl, buildFederatedLogoutUrl, clearTestingToken, getTestingToken, resolveSafeRedirectUri, setTestingToken, } from "./auth.js";
 export { ApiError } from "./http.js";
 export * from "./types.js";
 export { readSSE, parseSSEJson } from "./streams.js";

package/dist/namespaces/assistants.d.ts

@@ -1,4 +1,5 @@
 import type { HttpClient } from "../http.js";
+import type { AvailableModelsListResponse } from "../openapi_client/models/AvailableModelsListResponse.js";
 import type { AssistantListResponse } from "../openapi_client/models/AssistantListResponse.js";
 import type { AssistantResponse } from "../openapi_client/models/AssistantResponse.js";
 import type { ConversationListResponse } from "../openapi_client/models/ConversationListResponse.js";
@@ -41,6 +42,7 @@ export declare class ConversationsNamespace {
         limit?: number;
         page_token?: string;
     }): Promise<ConversationListResponse>;
+    listModels(): Promise<AvailableModelsListResponse>;
     create(payload: CreateConversationRequest): Promise<ConversationResponse>;
     createForAssistant(assistantId: string, payload?: Omit<CreateConversationRequest, "assistant_id">): Promise<ConversationResponse>;
     get(conversationId: string, options?: {

package/dist/namespaces/assistants.js

@@ -67,6 +67,9 @@ export class ConversationsNamespace {
     listByAssistant(assistantId, options = {}) {
         return this.list({ ...options, assistant_id: assistantId });
     }
+    listModels() {
+        return this.http.request("GET", "/models");
+    }
     create(payload) {
         return this.http.request("POST", "/conversations", {
             body: {

package/dist/openapi_client/index.d.ts

@@ -26,7 +26,9 @@ export type { AssistantListResponse } from './models/AssistantListResponse.js';
 export type { AssistantResponse } from './models/AssistantResponse.js';
 export type { AssistantSurfaceListResponse } from './models/AssistantSurfaceListResponse.js';
 export type { AssistantSurfaceResponse } from './models/AssistantSurfaceResponse.js';
+export type { AvailableModelInfo } from './models/AvailableModelInfo.js';
 export { AvailableModels } from './models/AvailableModels.js';
+export type { AvailableModelsListResponse } from './models/AvailableModelsListResponse.js';
 export { BillingInterval } from './models/BillingInterval.js';
 export type { Body_upload_file_files__resource_type___resource_id__upload_post } from './models/Body_upload_file_files__resource_type___resource_id__upload_post.js';
 export type { BulkCreateRecordsRequest } from './models/BulkCreateRecordsRequest.js';

package/dist/openapi_client/models/AvailableModelInfo.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Information about an available model.
+ */
+export type AvailableModelInfo = {
+    id: string;
+    name: string;
+    provider_model_name: string;
+};

package/dist/openapi_client/models/AvailableModelInfo.js

@@ -0,0 +1 @@
+export {};

package/dist/openapi_client/models/AvailableModels.d.ts

@@ -4,8 +4,7 @@ export declare enum AvailableModels {
     GEMINI_FLASH_LITE = "GEMINI_FLASH_LITE",
     KIMI_K2 = "KIMI_K2",
     GPT_OSS = "GPT_OSS",
-    DEEPSEEK_V31 = "DEEPSEEK_V31",
-    CLAUDE_SONNET_4 = "CLAUDE_SONNET_4",
-    QWEN3_235B = "QWEN3_235B",
-    GLM_5 = "GLM_5"
+    DEEPSEEK_V32 = "DEEPSEEK_V32",
+    GLM_5 = "GLM_5",
+    QWEN3_6 = "QWEN3_6"
 }

package/dist/openapi_client/models/AvailableModels.js

@@ -9,8 +9,7 @@ export var AvailableModels;
     AvailableModels["GEMINI_FLASH_LITE"] = "GEMINI_FLASH_LITE";
     AvailableModels["KIMI_K2"] = "KIMI_K2";
     AvailableModels["GPT_OSS"] = "GPT_OSS";
-    AvailableModels["DEEPSEEK_V31"] = "DEEPSEEK_V31";
-    AvailableModels["CLAUDE_SONNET_4"] = "CLAUDE_SONNET_4";
-    AvailableModels["QWEN3_235B"] = "QWEN3_235B";
+    AvailableModels["DEEPSEEK_V32"] = "DEEPSEEK_V32";
     AvailableModels["GLM_5"] = "GLM_5";
+    AvailableModels["QWEN3_6"] = "QWEN3_6";
 })(AvailableModels || (AvailableModels = {}));

package/dist/openapi_client/models/AvailableModelsListResponse.d.ts

@@ -0,0 +1,7 @@
+import type { AvailableModelInfo } from './AvailableModelInfo.js';
+/**
+ * Response containing list of available models.
+ */
+export type AvailableModelsListResponse = {
+    items: Array<AvailableModelInfo>;
+};

package/dist/openapi_client/models/AvailableModelsListResponse.js

@@ -0,0 +1 @@
+export {};

package/dist/openapi_client/models/FunctionRunResponse.d.ts

@@ -16,4 +16,6 @@ export type FunctionRunResponse = {
     status: FunctionRunStatus;
     user_email?: (string | null);
     user_id: string;
+    workspace_process_id?: (string | null);
+    workspace_session_id?: (string | null);
 };

package/dist/openapi_client/services/ConversationsService.d.ts

@@ -1,3 +1,4 @@
+import type { AvailableModelsListResponse } from '../models/AvailableModelsListResponse.js';
 import type { ConversationListResponse } from '../models/ConversationListResponse.js';
 import type { ConversationMessageListResponse } from '../models/ConversationMessageListResponse.js';
 import type { ConversationResponse } from '../models/ConversationResponse.js';
@@ -76,4 +77,11 @@ export declare class ConversationsService {
      * @throws ApiError
      */
     static conversationStreamResume(conversationId: string, podId?: (string | null)): CancelablePromise<any>;
+    /**
+     * List Available Models
+     * Get list of all available models in the system.
+     * @returns AvailableModelsListResponse Successful Response
+     * @throws ApiError
+     */
+    static conversationModelsList(): CancelablePromise<AvailableModelsListResponse>;
 }

package/dist/openapi_client/services/ConversationsService.js

@@ -185,4 +185,16 @@ export class ConversationsService {
             },
         });
     }
+    /**
+     * List Available Models
+     * Get list of all available models in the system.
+     * @returns AvailableModelsListResponse Successful Response
+     * @throws ApiError
+     */
+    static conversationModelsList() {
+        return __request(OpenAPI, {
+            method: 'GET',
+            url: '/models',
+        });
+    }
 }

package/dist/react/components/AssistantExperience.js

@@ -773,7 +773,15 @@ export function AssistantExperienceView({ controller, title = "Lemma Assistant",
     const isPinnedToBottomRef = useRef(true);
     const loadingOlderFromScrollRef = useRef(false);
     const isConversationBusy = controller.isLoading || controller.isActiveConversationRunning;
-    const availableModels = useMemo(() => Object.values(AvailableModels), []);
+    const availableModels = useMemo(() => {
+        const dynamicModels = controller.availableModels
+            .map((model) => model.id)
+            .filter((model) => model.trim().length > 0);
+        return dynamicModels.length > 0
+            ? dynamicModels
+            : Object.values(AvailableModels);
+    }, [controller.availableModels]);
+    const availableModelLabels = useMemo(() => new Map(controller.availableModels.map((model) => [model.id, model.name])), [controller.availableModels]);
     const resizeComposer = useCallback(() => {
         const textarea = inputRef.current;
         if (!textarea)
@@ -1027,7 +1035,7 @@ export function AssistantExperienceView({ controller, title = "Lemma Assistant",
     return (_jsxs("div", { className: "lemma-assistant-experience", "data-chrome-style": chromeStyle, "data-status-placement": statusPlacement, "data-radius": radius, "data-show-model-picker": showModelPicker ? "true" : "false", "data-busy": isConversationBusy ? "true" : "false", "data-has-plan": planSummary ? "true" : "false", "data-has-pending-files": controller.pendingFiles.length > 0 ? "true" : "false", "data-show-conversation-list": showConversationList ? "true" : "false", children: [showConversationList ? (_jsxs("aside", { className: "lemma-assistant-experience-sidebar", children: [_jsx("div", { className: "lemma-assistant-experience-sidebar-header", children: _jsxs("div", { className: "lemma-assistant-experience-sidebar-header-row", children: [_jsxs("div", { className: "lemma-assistant-experience-sidebar-copy", children: [_jsx("div", { className: "lemma-assistant-experience-sidebar-title", children: "Conversations" }), _jsxs("div", { className: "lemma-assistant-experience-sidebar-meta", children: [controller.conversations.length, " total"] })] }), showNewConversationButton ? (_jsx("button", { type: "button", onClick: controller.clearMessages, className: "lemma-assistant-experience-sidebar-new", children: "New" })) : null] }) }), _jsx("div", { className: "lemma-assistant-experience-sidebar-items", children: controller.conversations.map((conversation) => {
                             const isActive = conversation.id === controller.activeConversationId;
                             return (_jsxs("button", { type: "button", onClick: () => controller.selectConversation(conversation.id), className: cx("lemma-assistant-experience-sidebar-item", isActive && "lemma-assistant-experience-sidebar-item-active"), children: [_jsx("div", { className: "lemma-assistant-experience-sidebar-item-title", children: renderConversationLabel({ conversation, isActive }) }), _jsx("div", { className: "lemma-assistant-experience-sidebar-item-status", children: (conversation.status || "waiting").toLowerCase() })] }, conversation.id));
-                        }) })] })) : null, _jsxs("div", { className: "lemma-assistant-experience-main", children: [_jsxs("div", { className: "lemma-assistant-experience-card", children: [_jsx(AssistantHeader, { className: "lemma-assistant-experience-header", tone: headerTone, title: title, subtitle: subtitle, badge: _jsx("span", { className: "lemma-assistant-experience-header-badge-icon", children: "\u2728" }), controls: showModelPicker || showNewConversationButton ? (_jsxs(_Fragment, { children: [showModelPicker ? (_jsx(AssistantModelPicker, { value: controller.conversationModel, options: availableModels, onChange: (nextModel) => { void handleModelChange(nextModel); }, disabled: isConversationBusy || isUpdatingModel, autoLabel: "Auto", className: "lemma-assistant-experience-model-picker" })) : null, showNewConversationButton ? (_jsx("button", { type: "button", onClick: controller.clearMessages, title: "New conversation", className: "lemma-assistant-experience-new", children: "\u21BA" })) : null] })) : undefined }), _jsxs(AssistantMessageViewport, { className: "lemma-assistant-experience-viewport", ref: messagesContainerRef, onScroll: updatePinnedState, children: [controller.messages.length === 0 && !isConversationBusy ? (emptyState || (_jsx(EmptyState, { onSendMessage: (message) => { void controller.sendMessage(message); }, suggestions: emptyStateSuggestions }))) : null, (controller.isLoadingMessages && controller.messages.length === 0) ? (_jsx("div", { className: "lemma-assistant-experience-loading", children: _jsx("span", { className: "lemma-assistant-experience-loading-text", children: "Loading\u2026" }) })) : null, (controller.isLoadingOlderMessages && controller.messages.length > 0) ? (_jsx("div", { className: "lemma-assistant-experience-loading-older", children: _jsx("span", { className: "lemma-assistant-experience-loading-older-text", children: "Loading older\u2026" }) })) : null, displayMessageRows.map((row, index) => {
+                        }) })] })) : null, _jsxs("div", { className: "lemma-assistant-experience-main", children: [_jsxs("div", { className: "lemma-assistant-experience-card", children: [_jsx(AssistantHeader, { className: "lemma-assistant-experience-header", tone: headerTone, title: title, subtitle: subtitle, badge: _jsx("span", { className: "lemma-assistant-experience-header-badge-icon", children: "\u2728" }), controls: showModelPicker || showNewConversationButton ? (_jsxs(_Fragment, { children: [showModelPicker ? (_jsx(AssistantModelPicker, { value: controller.conversationModel, options: availableModels, getOptionLabel: (model) => availableModelLabels.get(model) ?? model, onChange: (nextModel) => { void handleModelChange(nextModel); }, disabled: isConversationBusy || isUpdatingModel, autoLabel: "Auto", className: "lemma-assistant-experience-model-picker" })) : null, showNewConversationButton ? (_jsx("button", { type: "button", onClick: controller.clearMessages, title: "New conversation", className: "lemma-assistant-experience-new", children: "\u21BA" })) : null] })) : undefined }), _jsxs(AssistantMessageViewport, { className: "lemma-assistant-experience-viewport", ref: messagesContainerRef, onScroll: updatePinnedState, children: [controller.messages.length === 0 && !isConversationBusy ? (emptyState || (_jsx(EmptyState, { onSendMessage: (message) => { void controller.sendMessage(message); }, suggestions: emptyStateSuggestions }))) : null, (controller.isLoadingMessages && controller.messages.length === 0) ? (_jsx("div", { className: "lemma-assistant-experience-loading", children: _jsx("span", { className: "lemma-assistant-experience-loading-text", children: "Loading\u2026" }) })) : null, (controller.isLoadingOlderMessages && controller.messages.length > 0) ? (_jsx("div", { className: "lemma-assistant-experience-loading-older", children: _jsx("span", { className: "lemma-assistant-experience-loading-older-text", children: "Loading older\u2026" }) })) : null, displayMessageRows.map((row, index) => {
                                         const previousRow = index > 0 ? displayMessageRows[index - 1] : null;
                                         const showAssistantHeader = row.message.role !== "assistant"
                                             ? false

package/dist/react/components/assistant-types.d.ts

@@ -1,4 +1,5 @@
 import type { ReactNode } from "react";
+import type { AvailableModelInfo } from "../../types.js";
 import type { AssistantRenderableMessage, AssistantToolInvocation } from "../useAssistantController.js";
 export interface AssistantConversationListItem {
     id: string;
@@ -11,6 +12,7 @@ export interface AssistantControllerView {
     messages: AssistantRenderableMessage[];
     conversations: AssistantConversationListItem[];
     activeConversationId: string | null;
+    availableModels: AvailableModelInfo[];
     conversationModel: string | null;
     setConversationModel(model: string | null): Promise<void>;
     isActiveConversationRunning: boolean;

package/dist/react/useAssistantController.d.ts

@@ -1,5 +1,5 @@
 import type { LemmaClient } from "../client.js";
-import type { Conversation, ConversationModel } from "../types.js";
+import type { AvailableModelInfo, Conversation, ConversationModel } from "../types.js";
 export interface AssistantConversationScope {
     podId?: string | null;
     assistantId?: string | null;
@@ -54,6 +54,7 @@ export interface UseAssistantControllerResult {
     messages: AssistantRenderableMessage[];
     conversations: Conversation[];
     activeConversationId: string | null;
+    availableModels: AvailableModelInfo[];
     conversationModel: ConversationModel | null;
     isActiveConversationRunning: boolean;
     isLoading: boolean;

package/dist/react/useAssistantController.js

@@ -543,6 +543,7 @@ export function useAssistantController({ client, podId, assistantId, organizatio
     const [messages, setMessages] = useState([]);
     const [conversations, setConversations] = useState([]);
     const [activeConversationId, setActiveConversationId] = useState(null);
+    const [availableModels, setAvailableModels] = useState([]);
     const [conversationModel, setConversationModelState] = useState(null);
     const [isStreaming, setIsStreaming] = useState(false);
     const [isLoadingConversations, setIsLoadingConversations] = useState(false);
@@ -649,6 +650,15 @@ export function useAssistantController({ client, podId, assistantId, organizatio
             setIsLoadingConversations(false);
         }
     }, [scope, sessionListConversations]);
+    const loadAvailableModels = useCallback(async () => {
+        try {
+            const response = await client.conversations.listModels();
+            return response.items ?? [];
+        }
+        catch {
+            return [];
+        }
+    }, [client]);
     const loadConversationMessages = useCallback(async (conversationId) => {
         setIsLoadingMessages(true);
         try {
@@ -706,6 +716,23 @@ export function useAssistantController({ client, podId, assistantId, organizatio
     useEffect(() => {
         conversationsRef.current = conversations;
     }, [conversations]);
+    useEffect(() => {
+        if (!enabled) {
+            setAvailableModels([]);
+            return;
+        }
+        let cancelled = false;
+        void loadAvailableModels()
+            .then((models) => {
+            if (cancelled)
+                return;
+            setAvailableModels(models);
+        })
+            .catch(() => undefined);
+        return () => {
+            cancelled = true;
+        };
+    }, [enabled, loadAvailableModels]);
     useEffect(() => {
         const conversationId = activeConversationIdRef.current;
         if (!conversationId) {
@@ -759,6 +786,7 @@ export function useAssistantController({ client, podId, assistantId, organizatio
             loadingConversationIdRef.current = null;
             skipInitialLoadConversationIdsRef.current.clear();
             setActiveConversationId(null);
+            setAvailableModels([]);
             setConversationModelState(null);
             setConversations([]);
             setMessages([]);
@@ -842,8 +870,12 @@ export function useAssistantController({ client, podId, assistantId, organizatio
         const conversationIsRunning = isConversationRunning(activeConversation?.status);
         if (!hadActiveStream && !conversationIsRunning)
             return;
+        const previousStatus = activeConversation?.status;
         touchConversation(conversationId, { status: "waiting" });
-        void sessionStop(conversationId).catch(() => undefined);
+        void sessionStop(conversationId).catch((error) => {
+            touchConversation(conversationId, { status: previousStatus });
+            setLocalError((prev) => prev || (error instanceof Error ? error.message : "Failed to stop conversation"));
+        });
     }, [isStreaming, sessionCancel, sessionIsStreaming, sessionStop, touchConversation]);
     const selectConversation = useCallback((conversationId) => {
         if (sessionIsStreaming || isStreaming) {
@@ -1066,6 +1098,7 @@ export function useAssistantController({ client, podId, assistantId, organizatio
         messages,
         conversations,
         activeConversationId,
+        availableModels,
         conversationModel,
         isActiveConversationRunning,
         isLoading,

package/dist/react/useAssistantRuntime.js

@@ -21,6 +21,7 @@ function messageTime(message) {
 function isOptimisticId(messageId) {
     return messageId.startsWith("optimistic-user-");
 }
+const OPTIMISTIC_MATCH_WINDOW_MS = 2 * 60 * 1000;
 function upsertRuntimeMessage(previous, incoming) {
     const next = [...previous];
     const directIndex = next.findIndex((message) => message.id === incoming.id);
@@ -31,9 +32,22 @@ function upsertRuntimeMessage(previous, incoming) {
     if (incoming.role === "user") {
         const incomingText = messageText(incoming.content);
         if (incomingText) {
-            const optimisticIndex = next.findIndex((message) => (message.role === "user"
-                && isOptimisticId(message.id)
-                && messageText(message.content) === incomingText));
+            const incomingTimestamp = messageTime(incoming);
+            let optimisticIndex = -1;
+            let bestDistance = Number.POSITIVE_INFINITY;
+            next.forEach((message, index) => {
+                if (message.role !== "user"
+                    || !isOptimisticId(message.id)
+                    || messageText(message.content) !== incomingText) {
+                    return;
+                }
+                const distance = Math.abs(messageTime(message) - incomingTimestamp);
+                if (distance > OPTIMISTIC_MATCH_WINDOW_MS || distance >= bestDistance) {
+                    return;
+                }
+                optimisticIndex = index;
+                bestDistance = distance;
+            });
             if (optimisticIndex >= 0) {
                 next[optimisticIndex] = incoming;
                 return next;
@@ -71,7 +85,14 @@ export function useAssistantRuntime({ conversationId = null, sessionMessages = [
         const normalized = messages
             .map((message) => toRuntimeMessage(message, conversationId))
             .filter((message) => !conversationId || message.conversation_id === conversationId);
-        setRuntimeMessages([...normalized].sort((a, b) => messageTime(a) - messageTime(b)));
+        setRuntimeMessages((previous) => {
+            const scopedPrevious = previous.filter((message) => !conversationId || message.conversation_id === conversationId);
+            // Loads can complete after optimistic appends or stream events. Merge the
+            // loaded snapshot into the current runtime state so newer local messages
+            // are not temporarily dropped while the server catches up.
+            const merged = normalized.reduce((accumulator, message) => upsertRuntimeMessage(accumulator, message), scopedPrevious);
+            return [...merged].sort((a, b) => messageTime(a) - messageTime(b));
+        });
     }, [conversationId]);
     const appendOptimisticUserMessage = useCallback((content, options) => {
         const trimmed = content.trim();

package/dist/react/useAssistantSession.js

@@ -393,12 +393,21 @@ export function useAssistantSession(options) {
                 return false;
             }
         }
+        const previousResumeKey = autoResumedKeyRef.current;
         autoResumedKeyRef.current = resumeKey;
-        await resume({
-            conversationId: id,
-            onlyIfRunning: true,
-        });
-        return true;
+        try {
+            await resume({
+                conversationId: id,
+                onlyIfRunning: true,
+            });
+            return true;
+        }
+        catch (error) {
+            if (autoResumedKeyRef.current === resumeKey) {
+                autoResumedKeyRef.current = previousResumeKey;
+            }
+            throw error;
+        }
     }, [conversationId, isStreaming, refreshConversation, resume]);
     const stop = useCallback(async (explicitConversationId) => {
         const id = requireConversationId(explicitConversationId ?? conversationId);

package/dist/types.d.ts

@@ -40,7 +40,7 @@ export type CreateAssistantInput = CreateAssistantRequest;
 export type UpdateAssistantInput = UpdateAssistantRequest;
 export type Conversation = ConversationResponse;
 export type ConversationMessage = ConversationMessageResponse;
-export type ConversationModel = `${AvailableModels}`;
+export type ConversationModel = `${AvailableModels}` | (string & {});
 export type Task = TaskResponse;
 export type TaskMessage = TaskMessageResponse;
 export type FunctionRun = FunctionRunResponse;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "lemma-sdk",
-  "version": "0.2.20",
+  "version": "0.2.22",
   "description": "Official TypeScript SDK for Lemma pod-scoped APIs",
   "type": "module",
   "main": "dist/index.js",