polpo-ai 0.10.4 → 0.10.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -0
- package/package.json +6 -6
package/README.md
CHANGED
|
@@ -215,6 +215,13 @@ Use `type: "tool"` for deterministic sandbox/tool actions without an LLM turn, a
|
|
|
215
215
|
|
|
216
216
|
Loop guards use Polpo's safe expression evaluator instead of JavaScript `eval` or `new Function`. Step outputs are available in the shared context bag by step id or `saveAs` path, e.g. `classify.route`, `review.approved`, or `timing.start`. `saveAs` writes context data; it does not create shell variables inside later `bash` commands. The OSS surface validates and round-trips the contract through core types, API schemas, SDK types, `polpo deploy`, and `polpo pull`.
|
|
217
217
|
|
|
218
|
+
Loops also have first-class governance fields:
|
|
219
|
+
|
|
220
|
+
- `permissions`: readable allow/deny/approval rules for resources such as `tool`, `step`, `model`, `human`, and `loop`. Use this for least-privilege runtime constraints beyond an agent's broad tool assignment.
|
|
221
|
+
- `policies`: expression-based gates for advanced compliance rules.
|
|
222
|
+
- `hooks`: deterministic tool actions at lifecycle points such as `loop:start`, `tool:before`, `tool:after`, and `loop:end`.
|
|
223
|
+
- `loop_trace`: durable runtime events including `permission.result`, `policy.result`, `approval.required`, tool calls, transitions, and step outcomes.
|
|
224
|
+
|
|
218
225
|
You can also keep loops as code and compile them to the same canonical contract:
|
|
219
226
|
|
|
220
227
|
```ts
|
|
@@ -226,6 +233,15 @@ export default defineProjectLoop({
|
|
|
226
233
|
kind: "graph",
|
|
227
234
|
name: "router-flow",
|
|
228
235
|
context: "shared",
|
|
236
|
+
permissions: [
|
|
237
|
+
{
|
|
238
|
+
id: "router-tool-allowlist",
|
|
239
|
+
resource: "tool",
|
|
240
|
+
action: "call",
|
|
241
|
+
effect: "allow",
|
|
242
|
+
match: { tool: ["read", "write"] }
|
|
243
|
+
}
|
|
244
|
+
],
|
|
229
245
|
start: "classify",
|
|
230
246
|
steps: {
|
|
231
247
|
classify: {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "polpo-ai",
|
|
3
|
-
"version": "0.10.
|
|
3
|
+
"version": "0.10.5",
|
|
4
4
|
"description": "The open backend for AI agents",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -66,10 +66,10 @@
|
|
|
66
66
|
"nanoid": "^5.1.2",
|
|
67
67
|
"yaml": "^2.7.0",
|
|
68
68
|
"zod": "^4.3.6",
|
|
69
|
-
"@polpo-ai/core": "0.10.
|
|
70
|
-
"@polpo-ai/server": "0.10.
|
|
71
|
-
"@polpo-ai/
|
|
72
|
-
"@polpo-ai/
|
|
69
|
+
"@polpo-ai/core": "0.10.5",
|
|
70
|
+
"@polpo-ai/server": "0.10.5",
|
|
71
|
+
"@polpo-ai/vault-crypto": "0.10.5",
|
|
72
|
+
"@polpo-ai/llm": "0.10.5"
|
|
73
73
|
},
|
|
74
74
|
"optionalDependencies": {
|
|
75
75
|
"better-sqlite3": "^12.6.2",
|
|
@@ -77,7 +77,7 @@
|
|
|
77
77
|
"nodemailer": "^8.0.1",
|
|
78
78
|
"playwright-core": "^1.52.0",
|
|
79
79
|
"postgres": "^3.4.0",
|
|
80
|
-
"@polpo-ai/drizzle": "0.10.
|
|
80
|
+
"@polpo-ai/drizzle": "0.10.5"
|
|
81
81
|
},
|
|
82
82
|
"devDependencies": {
|
|
83
83
|
"@types/better-sqlite3": "^7.6.13",
|