nemoris 0.1.0 → 0.1.2

package/src/providers/base.js

@@ -1,247 +1,247 @@
-import { annotateError } from "../runtime/network.js";
-import { fetchWithOutboundPolicy } from "../runtime/ssrf.js";
-import { OUTBOUND_ADDRESS_POLICY } from "../security/ssrf-check.js";
-import { getAuthProfile, resolveProfileSecret } from "../auth/auth-profiles.js";
-
-export class ProviderAdapter {
-  constructor(config = {}, dependencies = {}) {
-    this.config = config;
-    this.fetchImpl = dependencies.fetchImpl || globalThis.fetch;
-    this.lookupImpl = dependencies.lookupImpl;
-  }
-
-  requireFetch() {
-    if (!this.fetchImpl) {
-      throw new Error("No fetch implementation available");
-    }
-  }
-
-  get authRef() {
-    return this.config.authRef || "";
-  }
-
-  get authProfileId() {
-    if (!this.authRef.startsWith("profile:")) return null;
-    return this.authRef.slice("profile:".length);
-  }
-
-  resolveAuthProfile() {
-    const profileId = this.authProfileId;
-    if (!profileId) return null;
-    return getAuthProfile(profileId);
-  }
-
-  resolveAuthToken() {
-    if (this.authRef.startsWith("env:")) {
-      const envName = this.authRef.slice(4);
-      return process.env[envName] || null;
-    }
-    if (this.authRef.startsWith("profile:")) {
-      return resolveProfileSecret(this.resolveAuthProfile());
-    }
-    return null;
-  }
-
-  ensureAuthToken() {
-    const token = this.resolveAuthToken();
-    if (!token) {
-      throw new Error(`Missing auth token for ${this.config.id || "provider"} (${this.authRef})`);
-    }
-    return token;
-  }
-
-  buildUrl(endpoint) {
-    const baseUrl = String(this.config.baseUrl || "").replace(/\/$/, "");
-    const pathPart = String(endpoint || "").replace(/^\//, "");
-    return `${baseUrl}/${pathPart}`;
-  }
-
-  buildRequestOptions(options = {}, runtimeOptions = {}) {
-    const timeoutMs = Number((runtimeOptions.timeoutMs ?? this.config.defaultTimeoutMs) || 0);
-    if (!timeoutMs || typeof AbortSignal?.timeout !== "function") {
-      return options;
-    }
-
-    return {
-      ...options,
-      signal: options.signal || AbortSignal.timeout(timeoutMs)
-    };
-  }
-
-  resolveRequestUrl(target) {
-    if (typeof target === "string" && /^[a-z]+:\/\//i.test(target)) {
-      return target;
-    }
-    return this.buildUrl(target);
-  }
-
-  async fetchResponse(target, options = {}, runtimeOptions = {}) {
-    this.requireFetch();
-    const timeoutMs = Number((runtimeOptions.timeoutMs ?? this.config.defaultTimeoutMs) || 0);
-    const isOllama = this.config.id === "ollama" || this.config.adapter === "ollama";
-    try {
-      // Provider URLs come from runtime configuration. Only Ollama is meant to
-      // stay local, and even then it must resolve to loopback.
-      return await fetchWithOutboundPolicy(
-        this.resolveRequestUrl(target),
-        this.buildRequestOptions(options, runtimeOptions),
-        {
-          fetchImpl: this.fetchImpl,
-          lookupImpl: this.lookupImpl,
-          surface: "provider",
-          privateAddressMessage: `Provider request blocked — target resolves to a private/reserved IP address for ${this.config.id || "provider"}.`,
-          loopbackOnlyMessage: `Ollama base URL must resolve to loopback only; refusing ${this.resolveRequestUrl(target)}.`,
-          addressPolicy: isOllama ? OUTBOUND_ADDRESS_POLICY.REQUIRE_LOOPBACK : OUTBOUND_ADDRESS_POLICY.BLOCK_PRIVATE,
-        }
-      );
-    } catch (error) {
-      if (error?.name === "TimeoutError" || error?.name === "AbortError") {
-        throw annotateError(
-          new Error(`Provider request timed out after ${timeoutMs || "configured"} ms for ${this.config.id || "provider"}`),
-          {
-            surface: "provider"
-          }
-        );
-      }
-      throw annotateError(error, { surface: "provider" });
-    }
-  }
-
-  getCapabilities() {
-    return {
-      supportsToolDefinitions: false,
-      supportsToolCalls: false,
-      structuredOutputMode: "none",
-      supportsReasoningSchema: false,
-      tokenCountingMode: "heuristic",
-      toolReliabilityTier: "unsupported",
-      supportsVision: false
-    };
-  }
-
-  supportsNativeStructuredOutput() {
-    return new Set(["response_format", "forced_tool", "constrained_decoding"]).has(
-      this.getCapabilities().structuredOutputMode
-    );
-  }
-
-  buildStructuredOutputFormat(_input) {
-    return null;
-  }
-
-  async countTokens(_input) {
-    return null;
-  }
-
-  async listModels() {
-    return null;
-  }
-
-  normalizeResponse(raw) {
-    if (!raw) {
-      return {
-        summary: "Provider returned no data.",
-        output: "",
-        nextActions: [],
-        reasoning: null,
-        raw
-      };
-    }
-
-    const text = this.extractText(raw);
-    const parsedJson = text ? this.parseStructuredJson(text) : null;
-    if (parsedJson) {
-      return {
-        summary: parsedJson.summary || "Provider returned structured JSON output.",
-        output: parsedJson.output || text,
-        nextActions: Array.isArray(parsedJson.nextActions) ? parsedJson.nextActions : [],
-        reasoning: parsedJson.analysis || null,
-        raw
-      };
-    }
-
-    if (text) {
-      return {
-        summary: text.slice(0, 200) || "Provider responded.",
-        output: text,
-        nextActions: [],
-        reasoning: null,
-        raw
-      };
-    }
-
-    return {
-      summary: "Provider responded with structured data.",
-      output: JSON.stringify(raw, null, 2),
-      nextActions: [],
-      reasoning: null,
-      raw
-    };
-  }
-
-  extractText(raw) {
-    return raw?.content && Array.isArray(raw.content)
-      ? raw.content
-          .map((item) => item.text || item.content || "")
-          .filter(Boolean)
-          .join("\n")
-      : raw?.choices?.[0]?.message?.content || raw?.message?.content
-        ? String(raw?.choices?.[0]?.message?.content || raw?.message?.content)
-        : null;
-  }
-
-  parseStructuredJson(text) {
-    const trimmed = String(text).trim();
-    const fencedMatch = trimmed.match(/^```(?:json)?\s*([\s\S]*?)\s*```$/i);
-    const candidate = fencedMatch ? fencedMatch[1].trim() : trimmed;
-    if (!(candidate.startsWith("{") && candidate.endsWith("}"))) {
-      return null;
-    }
-
-    try {
-      return JSON.parse(candidate);
-    } catch {
-      return null;
-    }
-  }
-
-  async postJson(endpoint, body, headers = {}, runtimeOptions = {}) {
-    let response;
-    try {
-      response = await this.fetchResponse(
-        endpoint,
-        {
-          method: "POST",
-          headers: {
-            "content-type": "application/json",
-            ...headers
-          },
-          body: JSON.stringify(body)
-        },
-        runtimeOptions
-      );
-    } catch (error) {
-      throw error;
-    }
-    const text = await response.text();
-    let data = null;
-    if (text) {
-      try {
-        data = JSON.parse(text);
-      } catch {
-        data = text;
-      }
-    }
-
-    if (!response.ok) {
-      throw annotateError(
-        new Error(`Provider error ${response.status}: ${typeof data === "string" ? data : JSON.stringify(data)}`),
-        {
-          surface: "provider"
-        }
-      );
-    }
-
-    return data;
-  }
-}
+import { annotateError } from "../runtime/network.js";
+import { fetchWithOutboundPolicy } from "../runtime/ssrf.js";
+import { OUTBOUND_ADDRESS_POLICY } from "../security/ssrf-check.js";
+import { getAuthProfile, resolveProfileSecret } from "../auth/auth-profiles.js";
+
+export class ProviderAdapter {
+  constructor(config = {}, dependencies = {}) {
+    this.config = config;
+    this.fetchImpl = dependencies.fetchImpl || globalThis.fetch;
+    this.lookupImpl = dependencies.lookupImpl;
+  }
+
+  requireFetch() {
+    if (!this.fetchImpl) {
+      throw new Error("No fetch implementation available");
+    }
+  }
+
+  get authRef() {
+    return this.config.authRef || "";
+  }
+
+  get authProfileId() {
+    if (!this.authRef.startsWith("profile:")) return null;
+    return this.authRef.slice("profile:".length);
+  }
+
+  resolveAuthProfile() {
+    const profileId = this.authProfileId;
+    if (!profileId) return null;
+    return getAuthProfile(profileId);
+  }
+
+  resolveAuthToken() {
+    if (this.authRef.startsWith("env:")) {
+      const envName = this.authRef.slice(4);
+      return process.env[envName] || null;
+    }
+    if (this.authRef.startsWith("profile:")) {
+      return resolveProfileSecret(this.resolveAuthProfile());
+    }
+    return null;
+  }
+
+  ensureAuthToken() {
+    const token = this.resolveAuthToken();
+    if (!token) {
+      throw new Error(`Missing auth token for ${this.config.id || "provider"} (${this.authRef})`);
+    }
+    return token;
+  }
+
+  buildUrl(endpoint) {
+    const baseUrl = String(this.config.baseUrl || "").replace(/\/$/, "");
+    const pathPart = String(endpoint || "").replace(/^\//, "");
+    return `${baseUrl}/${pathPart}`;
+  }
+
+  buildRequestOptions(options = {}, runtimeOptions = {}) {
+    const timeoutMs = Number((runtimeOptions.timeoutMs ?? this.config.defaultTimeoutMs) || 0);
+    if (!timeoutMs || typeof AbortSignal?.timeout !== "function") {
+      return options;
+    }
+
+    return {
+      ...options,
+      signal: options.signal || AbortSignal.timeout(timeoutMs)
+    };
+  }
+
+  resolveRequestUrl(target) {
+    if (typeof target === "string" && /^[a-z]+:\/\//i.test(target)) {
+      return target;
+    }
+    return this.buildUrl(target);
+  }
+
+  async fetchResponse(target, options = {}, runtimeOptions = {}) {
+    this.requireFetch();
+    const timeoutMs = Number((runtimeOptions.timeoutMs ?? this.config.defaultTimeoutMs) || 0);
+    const isOllama = this.config.id === "ollama" || this.config.adapter === "ollama";
+    try {
+      // Provider URLs come from runtime configuration. Only Ollama is meant to
+      // stay local, and even then it must resolve to loopback.
+      return await fetchWithOutboundPolicy(
+        this.resolveRequestUrl(target),
+        this.buildRequestOptions(options, runtimeOptions),
+        {
+          fetchImpl: this.fetchImpl,
+          lookupImpl: this.lookupImpl,
+          surface: "provider",
+          privateAddressMessage: `Provider request blocked — target resolves to a private/reserved IP address for ${this.config.id || "provider"}.`,
+          loopbackOnlyMessage: `Ollama base URL must resolve to loopback only; refusing ${this.resolveRequestUrl(target)}.`,
+          addressPolicy: isOllama ? OUTBOUND_ADDRESS_POLICY.REQUIRE_LOOPBACK : OUTBOUND_ADDRESS_POLICY.BLOCK_PRIVATE,
+        }
+      );
+    } catch (error) {
+      if (error?.name === "TimeoutError" || error?.name === "AbortError") {
+        throw annotateError(
+          new Error(`Provider request timed out after ${timeoutMs || "configured"} ms for ${this.config.id || "provider"}`),
+          {
+            surface: "provider"
+          }
+        );
+      }
+      throw annotateError(error, { surface: "provider" });
+    }
+  }
+
+  getCapabilities() {
+    return {
+      supportsToolDefinitions: false,
+      supportsToolCalls: false,
+      structuredOutputMode: "none",
+      supportsReasoningSchema: false,
+      tokenCountingMode: "heuristic",
+      toolReliabilityTier: "unsupported",
+      supportsVision: false
+    };
+  }
+
+  supportsNativeStructuredOutput() {
+    return new Set(["response_format", "forced_tool", "constrained_decoding"]).has(
+      this.getCapabilities().structuredOutputMode
+    );
+  }
+
+  buildStructuredOutputFormat(_input) {
+    return null;
+  }
+
+  async countTokens(_input) {
+    return null;
+  }
+
+  async listModels() {
+    return null;
+  }
+
+  normalizeResponse(raw) {
+    if (!raw) {
+      return {
+        summary: "Provider returned no data.",
+        output: "",
+        nextActions: [],
+        reasoning: null,
+        raw
+      };
+    }
+
+    const text = this.extractText(raw);
+    const parsedJson = text ? this.parseStructuredJson(text) : null;
+    if (parsedJson) {
+      return {
+        summary: parsedJson.summary || "Provider returned structured JSON output.",
+        output: parsedJson.output || text,
+        nextActions: Array.isArray(parsedJson.nextActions) ? parsedJson.nextActions : [],
+        reasoning: parsedJson.analysis || null,
+        raw
+      };
+    }
+
+    if (text) {
+      return {
+        summary: text.slice(0, 200) || "Provider responded.",
+        output: text,
+        nextActions: [],
+        reasoning: null,
+        raw
+      };
+    }
+
+    return {
+      summary: "Provider responded with structured data.",
+      output: JSON.stringify(raw, null, 2),
+      nextActions: [],
+      reasoning: null,
+      raw
+    };
+  }
+
+  extractText(raw) {
+    return raw?.content && Array.isArray(raw.content)
+      ? raw.content
+          .map((item) => item.text || item.content || "")
+          .filter(Boolean)
+          .join("\n")
+      : raw?.choices?.[0]?.message?.content || raw?.message?.content
+        ? String(raw?.choices?.[0]?.message?.content || raw?.message?.content)
+        : null;
+  }
+
+  parseStructuredJson(text) {
+    const trimmed = String(text).trim();
+    const fencedMatch = trimmed.match(/^```(?:json)?\s*([\s\S]*?)\s*```$/i);
+    const candidate = fencedMatch ? fencedMatch[1].trim() : trimmed;
+    if (!(candidate.startsWith("{") && candidate.endsWith("}"))) {
+      return null;
+    }
+
+    try {
+      return JSON.parse(candidate);
+    } catch {
+      return null;
+    }
+  }
+
+  async postJson(endpoint, body, headers = {}, runtimeOptions = {}) {
+    let response;
+    try {
+      response = await this.fetchResponse(
+        endpoint,
+        {
+          method: "POST",
+          headers: {
+            "content-type": "application/json",
+            ...headers
+          },
+          body: JSON.stringify(body)
+        },
+        runtimeOptions
+      );
+    } catch (error) {
+      throw error;
+    }
+    const text = await response.text();
+    let data = null;
+    if (text) {
+      try {
+        data = JSON.parse(text);
+      } catch {
+        data = text;
+      }
+    }
+
+    if (!response.ok) {
+      throw annotateError(
+        new Error(`Provider error ${response.status}: ${typeof data === "string" ? data : JSON.stringify(data)}`),
+        {
+          surface: "provider"
+        }
+      );
+    }
+
+    return data;
+  }
+}