phenoml 6.2.0 → 6.3.0

package/dist/cjs/Client.js

@@ -52,7 +52,7 @@ class phenomlClient {
         this._options = Object.assign(Object.assign({}, _options), { logging: core.logging.createLogger(_options === null || _options === void 0 ? void 0 : _options.logging), headers: (0, headers_js_1.mergeHeaders)({
                 "X-Fern-Language": "JavaScript",
                 "X-Fern-SDK-Name": "phenoml",
-                "X-Fern-SDK-Version": "6.2.0",
+                "X-Fern-SDK-Version": "6.3.0",
                 "User-Agent": "phenoml/auto",
                 "X-Fern-Runtime": core.RUNTIME.type,
                 "X-Fern-Runtime-Version": core.RUNTIME.version,

package/dist/cjs/core/fetcher/Fetcher.js

@@ -24,14 +24,21 @@ const RawResponse_js_1 = require("./RawResponse.js");
 const requestWithRetries_js_1 = require("./requestWithRetries.js");
 const SENSITIVE_HEADERS = new Set([
     "authorization",
+    "www-authenticate",
     "x-api-key",
     "api-key",
+    "apikey",
+    "x-api-token",
     "x-auth-token",
+    "auth-token",
     "cookie",
     "set-cookie",
     "proxy-authorization",
+    "proxy-authenticate",
     "x-csrf-token",
     "x-xsrf-token",
+    "x-session-token",
+    "x-access-token",
 ]);
 function redactHeaders(headers) {
     const filtered = {};
@@ -85,20 +92,26 @@ function redactUrl(url) {
     if (protocolIndex === -1)
         return url;
     const afterProtocol = protocolIndex + 3;
-    const atIndex = url.indexOf("@", afterProtocol);
-    if (atIndex !== -1) {
-        const pathStart = url.indexOf("/", afterProtocol);
-        const queryStart = url.indexOf("?", afterProtocol);
-        const fragmentStart = url.indexOf("#", afterProtocol);
-        const firstDelimiter = Math.min(pathStart === -1 ? url.length : pathStart, queryStart === -1 ? url.length : queryStart, fragmentStart === -1 ? url.length : fragmentStart);
-        if (atIndex < firstDelimiter) {
-            url = `${url.slice(0, afterProtocol)}[REDACTED]@${url.slice(atIndex + 1)}`;
+    // Find the first delimiter that marks the end of the authority section
+    const pathStart = url.indexOf("/", afterProtocol);
+    let queryStart = url.indexOf("?", afterProtocol);
+    let fragmentStart = url.indexOf("#", afterProtocol);
+    const firstDelimiter = Math.min(pathStart === -1 ? url.length : pathStart, queryStart === -1 ? url.length : queryStart, fragmentStart === -1 ? url.length : fragmentStart);
+    // Find the LAST @ before the delimiter (handles multiple @ in credentials)
+    let atIndex = -1;
+    for (let i = afterProtocol; i < firstDelimiter; i++) {
+        if (url[i] === "@") {
+            atIndex = i;
         }
     }
-    const queryStart = url.indexOf("?");
+    if (atIndex !== -1) {
+        url = `${url.slice(0, afterProtocol)}[REDACTED]@${url.slice(atIndex + 1)}`;
+    }
+    // Recalculate queryStart since url might have changed
+    queryStart = url.indexOf("?");
     if (queryStart === -1)
         return url;
-    const fragmentStart = url.indexOf("#", queryStart);
+    fragmentStart = url.indexOf("#", queryStart);
     const queryEnd = fragmentStart !== -1 ? fragmentStart : url.length;
     const queryString = url.slice(queryStart + 1, queryEnd);
     if (queryString.length === 0)
@@ -106,15 +119,15 @@ function redactUrl(url) {
     // FAST PATH: Quick check if any sensitive keywords present
     // Using indexOf is faster than regex for simple substring matching
     const lower = queryString.toLowerCase();
-    const hasSensitive = lower.includes("token") || // catches token, access_token, auth_token, etc.
-        lower.includes("key") || // catches key, api_key, apikey, api-key, etc.
-        lower.includes("password") || // catches password
-        lower.includes("passwd") || // catches passwd
-        lower.includes("secret") || // catches secret, api_secret, etc.
-        lower.includes("session") || // catches session, session_id, session-id
-        lower.includes("auth"); // catches auth_token, auth-token, etc.
+    const hasSensitive = lower.includes("token") ||
+        lower.includes("key") ||
+        lower.includes("password") ||
+        lower.includes("passwd") ||
+        lower.includes("secret") ||
+        lower.includes("session") ||
+        lower.includes("auth");
     if (!hasSensitive) {
-        return url; // Early exit - no sensitive params
+        return url;
     }
     // SLOW PATH: Parse and redact
     const redactedParams = [];
@@ -193,6 +206,7 @@ function fetcherImpl(args) {
                         method: args.method,
                         url: redactUrl(url),
                         statusCode: response.status,
+                        responseHeaders: redactHeaders(Object.fromEntries(response.headers.entries())),
                     };
                     logger.debug("HTTP request succeeded", metadata);
                 }
@@ -209,6 +223,7 @@ function fetcherImpl(args) {
                         method: args.method,
                         url: redactUrl(url),
                         statusCode: response.status,
+                        responseHeaders: redactHeaders(Object.fromEntries(response.headers.entries())),
                     };
                     logger.error("HTTP request failed with error status", metadata);
                 }

package/dist/cjs/core/fetcher/makeRequest.js

@@ -13,14 +13,12 @@ exports.makeRequest = void 0;
 const signals_js_1 = require("./signals.js");
 const makeRequest = (fetchFn, url, method, headers, requestBody, timeoutMs, abortSignal, withCredentials, duplex) => __awaiter(void 0, void 0, void 0, function* () {
     const signals = [];
-    // Add timeout signal
     let timeoutAbortId;
     if (timeoutMs != null) {
         const { signal, abortId } = (0, signals_js_1.getTimeoutSignal)(timeoutMs);
         timeoutAbortId = abortId;
         signals.push(signal);
     }
-    // Add arbitrary signal
     if (abortSignal != null) {
         signals.push(abortSignal);
     }

package/dist/cjs/core/fetcher/requestWithRetries.js

@@ -15,25 +15,20 @@ const MAX_RETRY_DELAY = 60000; // in milliseconds
 const DEFAULT_MAX_RETRIES = 2;
 const JITTER_FACTOR = 0.2; // 20% random jitter
 function addPositiveJitter(delay) {
-    // Generate a random value between 0 and +JITTER_FACTOR
     const jitterMultiplier = 1 + Math.random() * JITTER_FACTOR;
     return delay * jitterMultiplier;
 }
 function addSymmetricJitter(delay) {
-    // Generate a random value in a JITTER_FACTOR-sized percentage range around delay
     const jitterMultiplier = 1 + (Math.random() - 0.5) * JITTER_FACTOR;
     return delay * jitterMultiplier;
 }
 function getRetryDelayFromHeaders(response, retryAttempt) {
-    // Check for Retry-After header first (RFC 7231), with no jitter
     const retryAfter = response.headers.get("Retry-After");
     if (retryAfter) {
-        // Parse as number of seconds...
         const retryAfterSeconds = parseInt(retryAfter, 10);
         if (!Number.isNaN(retryAfterSeconds) && retryAfterSeconds > 0) {
             return Math.min(retryAfterSeconds * 1000, MAX_RETRY_DELAY);
         }
-        // ...or as an HTTP date; both are valid
         const retryAfterDate = new Date(retryAfter);
         if (!Number.isNaN(retryAfterDate.getTime())) {
             const delay = retryAfterDate.getTime() - Date.now();
@@ -42,19 +37,16 @@ function getRetryDelayFromHeaders(response, retryAttempt) {
             }
         }
     }
-    // Then check for industry-standard X-RateLimit-Reset header, with positive jitter
     const rateLimitReset = response.headers.get("X-RateLimit-Reset");
     if (rateLimitReset) {
         const resetTime = parseInt(rateLimitReset, 10);
         if (!Number.isNaN(resetTime)) {
-            // Assume Unix timestamp in epoch seconds
             const delay = resetTime * 1000 - Date.now();
             if (delay > 0) {
                 return addPositiveJitter(Math.min(delay, MAX_RETRY_DELAY));
             }
         }
     }
-    // Fall back to exponential backoff, with symmetric jitter
     return addSymmetricJitter(Math.min(INITIAL_RETRY_DELAY * Math.pow(2, retryAttempt), MAX_RETRY_DELAY));
 }
 function requestWithRetries(requestFn_1) {
@@ -62,7 +54,6 @@ function requestWithRetries(requestFn_1) {
         let response = yield requestFn();
         for (let i = 0; i < maxRetries; ++i) {
             if ([408, 429].includes(response.status) || response.status >= 500) {
-                // Get delay with appropriate jitter applied
                 const delay = getRetryDelayFromHeaders(response, i);
                 yield new Promise((resolve) => setTimeout(resolve, delay));
                 response = yield requestFn();

package/dist/cjs/core/fetcher/signals.d.ts

@@ -2,10 +2,4 @@ export declare function getTimeoutSignal(timeoutMs: number): {
     signal: AbortSignal;
     abortId: NodeJS.Timeout;
 };
-/**
- * Returns an abort signal that is getting aborted when
- * at least one of the specified abort signals is aborted.
- *
- * Requires at least node.js 18.
- */
 export declare function anySignal(...args: AbortSignal[] | [AbortSignal[]]): AbortSignal;

package/dist/cjs/core/fetcher/signals.js

@@ -8,26 +8,14 @@ function getTimeoutSignal(timeoutMs) {
     const abortId = setTimeout(() => controller.abort(TIMEOUT), timeoutMs);
     return { signal: controller.signal, abortId };
 }
-/**
- * Returns an abort signal that is getting aborted when
- * at least one of the specified abort signals is aborted.
- *
- * Requires at least node.js 18.
- */
 function anySignal(...args) {
-    // Allowing signals to be passed either as array
-    // of signals or as multiple arguments.
     const signals = (args.length === 1 && Array.isArray(args[0]) ? args[0] : args);
     const controller = new AbortController();
     for (const signal of signals) {
         if (signal.aborted) {
-            // Exiting early if one of the signals
-            // is already aborted.
             controller.abort(signal === null || signal === void 0 ? void 0 : signal.reason);
             break;
         }
-        // Listening for signals and removing the listeners
-        // when at least one symbol is aborted.
         signal.addEventListener("abort", () => controller.abort(signal === null || signal === void 0 ? void 0 : signal.reason), {
             signal: controller.signal,
         });

package/dist/cjs/core/logging/logger.js

@@ -51,7 +51,7 @@ class Logger {
      * @returns True if the level should be logged
      */
     shouldLog(level) {
-        return !this.silent && this.level >= logLevelMap[level];
+        return !this.silent && this.level <= logLevelMap[level];
     }
     /**
      * Checks if debug logging is enabled.

package/dist/cjs/core/url/join.js

@@ -14,7 +14,6 @@ function join(base, ...segments) {
             url = new URL(base);
         }
         catch (_a) {
-            // Fallback to path joining if URL is malformed
             return joinPath(base, ...segments);
         }
         const lastSegment = segments[segments.length - 1];

package/dist/cjs/version.d.ts

@@ -1 +1 @@
-export declare const SDK_VERSION = "6.2.0";
+export declare const SDK_VERSION = "6.3.0";

package/dist/cjs/version.js

@@ -1,4 +1,4 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SDK_VERSION = void 0;
-exports.SDK_VERSION = "6.2.0";
+exports.SDK_VERSION = "6.3.0";

package/dist/esm/Client.mjs

@@ -16,7 +16,7 @@ export class phenomlClient {
         this._options = Object.assign(Object.assign({}, _options), { logging: core.logging.createLogger(_options === null || _options === void 0 ? void 0 : _options.logging), headers: mergeHeaders({
                 "X-Fern-Language": "JavaScript",
                 "X-Fern-SDK-Name": "phenoml",
-                "X-Fern-SDK-Version": "6.2.0",
+                "X-Fern-SDK-Version": "6.3.0",
                 "User-Agent": "phenoml/auto",
                 "X-Fern-Runtime": core.RUNTIME.type,
                 "X-Fern-Runtime-Version": core.RUNTIME.version,

package/dist/esm/core/fetcher/Fetcher.mjs

@@ -20,14 +20,21 @@ import { abortRawResponse, toRawResponse, unknownRawResponse } from "./RawRespon
 import { requestWithRetries } from "./requestWithRetries.mjs";
 const SENSITIVE_HEADERS = new Set([
     "authorization",
+    "www-authenticate",
     "x-api-key",
     "api-key",
+    "apikey",
+    "x-api-token",
     "x-auth-token",
+    "auth-token",
     "cookie",
     "set-cookie",
     "proxy-authorization",
+    "proxy-authenticate",
     "x-csrf-token",
     "x-xsrf-token",
+    "x-session-token",
+    "x-access-token",
 ]);
 function redactHeaders(headers) {
     const filtered = {};
@@ -81,20 +88,26 @@ function redactUrl(url) {
     if (protocolIndex === -1)
         return url;
     const afterProtocol = protocolIndex + 3;
-    const atIndex = url.indexOf("@", afterProtocol);
-    if (atIndex !== -1) {
-        const pathStart = url.indexOf("/", afterProtocol);
-        const queryStart = url.indexOf("?", afterProtocol);
-        const fragmentStart = url.indexOf("#", afterProtocol);
-        const firstDelimiter = Math.min(pathStart === -1 ? url.length : pathStart, queryStart === -1 ? url.length : queryStart, fragmentStart === -1 ? url.length : fragmentStart);
-        if (atIndex < firstDelimiter) {
-            url = `${url.slice(0, afterProtocol)}[REDACTED]@${url.slice(atIndex + 1)}`;
+    // Find the first delimiter that marks the end of the authority section
+    const pathStart = url.indexOf("/", afterProtocol);
+    let queryStart = url.indexOf("?", afterProtocol);
+    let fragmentStart = url.indexOf("#", afterProtocol);
+    const firstDelimiter = Math.min(pathStart === -1 ? url.length : pathStart, queryStart === -1 ? url.length : queryStart, fragmentStart === -1 ? url.length : fragmentStart);
+    // Find the LAST @ before the delimiter (handles multiple @ in credentials)
+    let atIndex = -1;
+    for (let i = afterProtocol; i < firstDelimiter; i++) {
+        if (url[i] === "@") {
+            atIndex = i;
         }
     }
-    const queryStart = url.indexOf("?");
+    if (atIndex !== -1) {
+        url = `${url.slice(0, afterProtocol)}[REDACTED]@${url.slice(atIndex + 1)}`;
+    }
+    // Recalculate queryStart since url might have changed
+    queryStart = url.indexOf("?");
     if (queryStart === -1)
         return url;
-    const fragmentStart = url.indexOf("#", queryStart);
+    fragmentStart = url.indexOf("#", queryStart);
     const queryEnd = fragmentStart !== -1 ? fragmentStart : url.length;
     const queryString = url.slice(queryStart + 1, queryEnd);
     if (queryString.length === 0)
@@ -102,15 +115,15 @@ function redactUrl(url) {
     // FAST PATH: Quick check if any sensitive keywords present
     // Using indexOf is faster than regex for simple substring matching
     const lower = queryString.toLowerCase();
-    const hasSensitive = lower.includes("token") || // catches token, access_token, auth_token, etc.
-        lower.includes("key") || // catches key, api_key, apikey, api-key, etc.
-        lower.includes("password") || // catches password
-        lower.includes("passwd") || // catches passwd
-        lower.includes("secret") || // catches secret, api_secret, etc.
-        lower.includes("session") || // catches session, session_id, session-id
-        lower.includes("auth"); // catches auth_token, auth-token, etc.
+    const hasSensitive = lower.includes("token") ||
+        lower.includes("key") ||
+        lower.includes("password") ||
+        lower.includes("passwd") ||
+        lower.includes("secret") ||
+        lower.includes("session") ||
+        lower.includes("auth");
     if (!hasSensitive) {
-        return url; // Early exit - no sensitive params
+        return url;
     }
     // SLOW PATH: Parse and redact
     const redactedParams = [];
@@ -189,6 +202,7 @@ export function fetcherImpl(args) {
                         method: args.method,
                         url: redactUrl(url),
                         statusCode: response.status,
+                        responseHeaders: redactHeaders(Object.fromEntries(response.headers.entries())),
                     };
                     logger.debug("HTTP request succeeded", metadata);
                 }
@@ -205,6 +219,7 @@ export function fetcherImpl(args) {
                         method: args.method,
                         url: redactUrl(url),
                         statusCode: response.status,
+                        responseHeaders: redactHeaders(Object.fromEntries(response.headers.entries())),
                     };
                     logger.error("HTTP request failed with error status", metadata);
                 }

package/dist/esm/core/fetcher/makeRequest.mjs

@@ -10,14 +10,12 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 import { anySignal, getTimeoutSignal } from "./signals.mjs";
 export const makeRequest = (fetchFn, url, method, headers, requestBody, timeoutMs, abortSignal, withCredentials, duplex) => __awaiter(void 0, void 0, void 0, function* () {
     const signals = [];
-    // Add timeout signal
     let timeoutAbortId;
     if (timeoutMs != null) {
         const { signal, abortId } = getTimeoutSignal(timeoutMs);
         timeoutAbortId = abortId;
         signals.push(signal);
     }
-    // Add arbitrary signal
     if (abortSignal != null) {
         signals.push(abortSignal);
     }

package/dist/esm/core/fetcher/requestWithRetries.mjs

@@ -12,25 +12,20 @@ const MAX_RETRY_DELAY = 60000; // in milliseconds
 const DEFAULT_MAX_RETRIES = 2;
 const JITTER_FACTOR = 0.2; // 20% random jitter
 function addPositiveJitter(delay) {
-    // Generate a random value between 0 and +JITTER_FACTOR
     const jitterMultiplier = 1 + Math.random() * JITTER_FACTOR;
     return delay * jitterMultiplier;
 }
 function addSymmetricJitter(delay) {
-    // Generate a random value in a JITTER_FACTOR-sized percentage range around delay
     const jitterMultiplier = 1 + (Math.random() - 0.5) * JITTER_FACTOR;
     return delay * jitterMultiplier;
 }
 function getRetryDelayFromHeaders(response, retryAttempt) {
-    // Check for Retry-After header first (RFC 7231), with no jitter
     const retryAfter = response.headers.get("Retry-After");
     if (retryAfter) {
-        // Parse as number of seconds...
         const retryAfterSeconds = parseInt(retryAfter, 10);
         if (!Number.isNaN(retryAfterSeconds) && retryAfterSeconds > 0) {
             return Math.min(retryAfterSeconds * 1000, MAX_RETRY_DELAY);
         }
-        // ...or as an HTTP date; both are valid
         const retryAfterDate = new Date(retryAfter);
         if (!Number.isNaN(retryAfterDate.getTime())) {
             const delay = retryAfterDate.getTime() - Date.now();
@@ -39,19 +34,16 @@ function getRetryDelayFromHeaders(response, retryAttempt) {
             }
         }
     }
-    // Then check for industry-standard X-RateLimit-Reset header, with positive jitter
     const rateLimitReset = response.headers.get("X-RateLimit-Reset");
     if (rateLimitReset) {
         const resetTime = parseInt(rateLimitReset, 10);
         if (!Number.isNaN(resetTime)) {
-            // Assume Unix timestamp in epoch seconds
             const delay = resetTime * 1000 - Date.now();
             if (delay > 0) {
                 return addPositiveJitter(Math.min(delay, MAX_RETRY_DELAY));
             }
         }
     }
-    // Fall back to exponential backoff, with symmetric jitter
     return addSymmetricJitter(Math.min(INITIAL_RETRY_DELAY * Math.pow(2, retryAttempt), MAX_RETRY_DELAY));
 }
 export function requestWithRetries(requestFn_1) {
@@ -59,7 +51,6 @@ export function requestWithRetries(requestFn_1) {
         let response = yield requestFn();
         for (let i = 0; i < maxRetries; ++i) {
             if ([408, 429].includes(response.status) || response.status >= 500) {
-                // Get delay with appropriate jitter applied
                 const delay = getRetryDelayFromHeaders(response, i);
                 yield new Promise((resolve) => setTimeout(resolve, delay));
                 response = yield requestFn();

package/dist/esm/core/fetcher/signals.d.mts

@@ -2,10 +2,4 @@ export declare function getTimeoutSignal(timeoutMs: number): {
     signal: AbortSignal;
     abortId: NodeJS.Timeout;
 };
-/**
- * Returns an abort signal that is getting aborted when
- * at least one of the specified abort signals is aborted.
- *
- * Requires at least node.js 18.
- */
 export declare function anySignal(...args: AbortSignal[] | [AbortSignal[]]): AbortSignal;

package/dist/esm/core/fetcher/signals.mjs

@@ -4,26 +4,14 @@ export function getTimeoutSignal(timeoutMs) {
     const abortId = setTimeout(() => controller.abort(TIMEOUT), timeoutMs);
     return { signal: controller.signal, abortId };
 }
-/**
- * Returns an abort signal that is getting aborted when
- * at least one of the specified abort signals is aborted.
- *
- * Requires at least node.js 18.
- */
 export function anySignal(...args) {
-    // Allowing signals to be passed either as array
-    // of signals or as multiple arguments.
     const signals = (args.length === 1 && Array.isArray(args[0]) ? args[0] : args);
     const controller = new AbortController();
     for (const signal of signals) {
         if (signal.aborted) {
-            // Exiting early if one of the signals
-            // is already aborted.
             controller.abort(signal === null || signal === void 0 ? void 0 : signal.reason);
             break;
         }
-        // Listening for signals and removing the listeners
-        // when at least one symbol is aborted.
         signal.addEventListener("abort", () => controller.abort(signal === null || signal === void 0 ? void 0 : signal.reason), {
             signal: controller.signal,
         });

package/dist/esm/core/logging/logger.mjs

@@ -46,7 +46,7 @@ export class Logger {
      * @returns True if the level should be logged
      */
     shouldLog(level) {
-        return !this.silent && this.level >= logLevelMap[level];
+        return !this.silent && this.level <= logLevelMap[level];
     }
     /**
      * Checks if debug logging is enabled.

package/dist/esm/core/url/join.mjs

@@ -11,7 +11,6 @@ export function join(base, ...segments) {
             url = new URL(base);
         }
         catch (_a) {
-            // Fallback to path joining if URL is malformed
             return joinPath(base, ...segments);
         }
         const lastSegment = segments[segments.length - 1];

package/dist/esm/version.d.mts

@@ -1 +1 @@
-export declare const SDK_VERSION = "6.2.0";
+export declare const SDK_VERSION = "6.3.0";

package/dist/esm/version.mjs

@@ -1 +1 @@
-export const SDK_VERSION = "6.2.0";
+export const SDK_VERSION = "6.3.0";

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "phenoml",
-    "version": "6.2.0",
+    "version": "6.3.0",
     "private": false,
     "repository": "github:PhenoML/phenoml-ts-sdk",
     "type": "commonjs",