spaps-sdk 1.6.8 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +9 -1
- package/README.md +153 -3
- package/dist/index.d.mts +348 -3
- package/dist/index.d.ts +348 -3
- package/dist/index.js +358 -11
- package/dist/index.mjs +350 -8
- package/package.json +4 -2
package/CHANGELOG.md
CHANGED
|
@@ -6,7 +6,15 @@ The format follows [Keep a Changelog](https://keepachangelog.com/en/1.1.0/) and
|
|
|
6
6
|
|
|
7
7
|
## [Unreleased]
|
|
8
8
|
|
|
9
|
-
|
|
9
|
+
## [1.7.0] - 2026-05-09
|
|
10
|
+
|
|
11
|
+
- Added `dayrate.getCheckoutStatus(sessionId)` and checkout-status response types for Bookme/dayrate confirmation polling.
|
|
12
|
+
- Added browser-safe runtime helpers: guarded environment reads, `TokenManager.decodePayload()`, and SPAPS envelope unwrapping/type guards.
|
|
13
|
+
- Added `headerProvider` SDK config for per-request custom context headers without overriding SDK-managed auth headers.
|
|
14
|
+
|
|
15
|
+
## [1.6.8] - 2026-04-25
|
|
16
|
+
|
|
17
|
+
- Maintenance: align the published SDK package version after release automation.
|
|
10
18
|
|
|
11
19
|
## [1.6.7] - 2026-04-25
|
|
12
20
|
|
package/README.md
CHANGED
|
@@ -23,7 +23,7 @@ This package targets `Node.js >=14`.
|
|
|
23
23
|
|
|
24
24
|
| Need | Package gives you |
|
|
25
25
|
| --- | --- |
|
|
26
|
-
| One client for many SPAPS surfaces | `auth`, `payments`, `sessions`, `secureMessages`, `issueReporting`, `email`, `entitlements`, `dayrate`, `admin`, and `cfo` namespaces |
|
|
26
|
+
| One client for many SPAPS surfaces | `auth`, `payments`, `sessions`, `secureMessages`, `issueReporting`, `appLinks`, `email`, `entitlements`, `skillEvals`, `dayrate`, `admin`, and `cfo` namespaces |
|
|
27
27
|
| Local development without extra config | Localhost URLs automatically enable local mode |
|
|
28
28
|
| Browser and server usage | `publishableKey`, `secretKey`, or legacy `apiKey` support |
|
|
29
29
|
| Shared contracts | Re-exports a large slice of `spaps-types` |
|
|
@@ -67,6 +67,7 @@ Constructor values take precedence over environment variables.
|
|
|
67
67
|
| `secretKey` | Server-side key for privileged access |
|
|
68
68
|
| `apiKey` | Legacy key field kept for compatibility |
|
|
69
69
|
| `timeout` | Request timeout override |
|
|
70
|
+
| `headerProvider` | Optional function returning custom headers to add to every SDK request without overriding `Authorization` or `X-API-Key` |
|
|
70
71
|
|
|
71
72
|
Relevant environment variables:
|
|
72
73
|
|
|
@@ -84,9 +85,11 @@ Relevant environment variables:
|
|
|
84
85
|
| `sessions` | Session lookup, validation, and lifecycle helpers |
|
|
85
86
|
| `secureMessages` | Secure-message create/list helpers |
|
|
86
87
|
| `issueReporting` | Status, history, create, update, reply, and voice-token flows |
|
|
88
|
+
| `appLinks` | Authenticated create and public resolve helpers for application-scoped short links |
|
|
87
89
|
| `email` | Template lookup, preview, and send helpers |
|
|
88
90
|
| `entitlements` | User and resource entitlement queries |
|
|
89
|
-
| `
|
|
91
|
+
| `skillEvals` | Paid blind skill-eval cases, review rooms, reviewer marks, insight inboxes, and controlled reveal |
|
|
92
|
+
| `dayrate` | Availability, Stripe booking, x402 booking-hold, and checkout-status helpers |
|
|
90
93
|
| `admin` | Product and pricing admin helpers |
|
|
91
94
|
| `cfo` | CFO-facing reporting endpoints |
|
|
92
95
|
|
|
@@ -120,6 +123,132 @@ const voiceToken = await spaps.issueReporting.createVoiceToken();
|
|
|
120
123
|
console.log(voiceToken.provider, voiceToken.model_id);
|
|
121
124
|
```
|
|
122
125
|
|
|
126
|
+
### Application Short Links
|
|
127
|
+
|
|
128
|
+
Use `appLinks` when a browser app needs a stable public URL for large local state, such as compressed diagram state.
|
|
129
|
+
|
|
130
|
+
```ts
|
|
131
|
+
const spaps = new SPAPSClient({
|
|
132
|
+
apiUrl: "https://api.example.test",
|
|
133
|
+
publishableKey: "spaps_pub_example",
|
|
134
|
+
});
|
|
135
|
+
spaps.setAccessToken(accessToken);
|
|
136
|
+
|
|
137
|
+
const link = await spaps.appLinks.create({
|
|
138
|
+
app_slug: "mmdx",
|
|
139
|
+
resource_kind: "mermaid-diagram",
|
|
140
|
+
target_path: "/diagrams",
|
|
141
|
+
metadata: { diagram_state: "pako:..." },
|
|
142
|
+
});
|
|
143
|
+
|
|
144
|
+
console.log(`/${link.app_slug}/${link.username}/${link.slug}`);
|
|
145
|
+
```
|
|
146
|
+
|
|
147
|
+
### Skill Evals
|
|
148
|
+
|
|
149
|
+
Use `skillEvals` for SPAPS-owned blind review of agent-skill logs. Paid creation uses the same `PAYMENT-SIGNATURE` header shape as the x402 namespace. Reviewers submit `valuable` and `not_valuable` marks, and submitters read those marks through an insight inbox before applying skill changes.
|
|
150
|
+
|
|
151
|
+
```ts
|
|
152
|
+
const signedPayment = "base64-x402-payment";
|
|
153
|
+
|
|
154
|
+
const created = await spaps.skillEvals.createCase(
|
|
155
|
+
{
|
|
156
|
+
title: "Docs skill comparison",
|
|
157
|
+
task_claim: "Compare both implementations.",
|
|
158
|
+
success_criteria: ["Finds repo boundaries"],
|
|
159
|
+
candidates: [
|
|
160
|
+
{
|
|
161
|
+
candidate_id: "A",
|
|
162
|
+
output_ref: "spaps-artifact://case/a",
|
|
163
|
+
evidence_summary: "Validation passed",
|
|
164
|
+
artifact_hash: "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
|
165
|
+
artifact_mime: "text/markdown",
|
|
166
|
+
jsonl_log_ref: "spaps-artifact://logs/a.jsonl",
|
|
167
|
+
jsonl_log_hash: "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
|
168
|
+
skill_ref: "skill://docs-review",
|
|
169
|
+
skill_version_ref: "skill://docs-review/v2.0",
|
|
170
|
+
skill_version_digest: "sha256:1111111111111111111111111111111111111111111111111111111111111111",
|
|
171
|
+
model_id: "openai/gpt-5.4",
|
|
172
|
+
effort_level: "medium",
|
|
173
|
+
provenance_ref: "skill://private/a",
|
|
174
|
+
},
|
|
175
|
+
{
|
|
176
|
+
candidate_id: "B",
|
|
177
|
+
output_ref: "spaps-artifact://case/b",
|
|
178
|
+
evidence_summary: "Validation passed",
|
|
179
|
+
artifact_hash: "sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
|
|
180
|
+
artifact_mime: "text/markdown",
|
|
181
|
+
jsonl_log_ref: "spaps-artifact://logs/b.jsonl",
|
|
182
|
+
jsonl_log_hash: "sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
|
|
183
|
+
skill_ref: "skill://docs-review",
|
|
184
|
+
skill_version_ref: "skill://docs-review/v2.1",
|
|
185
|
+
skill_version_digest: "sha256:2222222222222222222222222222222222222222222222222222222222222222",
|
|
186
|
+
model_id: "openai/gpt-5.4",
|
|
187
|
+
effort_level: "medium",
|
|
188
|
+
provenance_ref: "skill://private/b",
|
|
189
|
+
},
|
|
190
|
+
],
|
|
191
|
+
case_policy: {
|
|
192
|
+
access_mode: "team_private",
|
|
193
|
+
allowed_model_efforts: [{ model_id: "openai/gpt-5.4", effort_level: "medium" }],
|
|
194
|
+
participant_allowlist: ["reviewer-actor-id"],
|
|
195
|
+
},
|
|
196
|
+
idempotency_key: "eval-create-001",
|
|
197
|
+
},
|
|
198
|
+
{ paymentSignature: signedPayment }
|
|
199
|
+
);
|
|
200
|
+
|
|
201
|
+
const room = await spaps.skillEvals.getReviewRoom(created.case_id);
|
|
202
|
+
console.log(room.reviewer_state);
|
|
203
|
+
|
|
204
|
+
const review = await spaps.skillEvals.submitReview(created.case_id, {
|
|
205
|
+
review_marks: [
|
|
206
|
+
{
|
|
207
|
+
candidate_id: "B",
|
|
208
|
+
kind: "valuable",
|
|
209
|
+
note: "B checks the configured docs path before recommending an edit.",
|
|
210
|
+
reason_code: "prevents_wrong_repo_patch",
|
|
211
|
+
confidence: "high",
|
|
212
|
+
criterion: "Finds repo boundaries",
|
|
213
|
+
},
|
|
214
|
+
],
|
|
215
|
+
});
|
|
216
|
+
|
|
217
|
+
const inbox = await spaps.skillEvals.getInsights(created.case_id);
|
|
218
|
+
console.log(inbox.valuable[0]?.jsonl_log_ref, review.review_mark_counts);
|
|
219
|
+
|
|
220
|
+
await spaps.skillEvals.respondToReview(created.case_id, inbox.valuable[0].source_review_id, {
|
|
221
|
+
response: "applied",
|
|
222
|
+
reason: "Updated the skill from the concrete log-backed insight.",
|
|
223
|
+
applied_insight_ref: inbox.valuable[0].insight_ref,
|
|
224
|
+
skill_change_ref: "skill://docs-review/v2.1",
|
|
225
|
+
skill_version_before: "skill://docs-review/v2.0",
|
|
226
|
+
skill_version_after: "skill://docs-review/v2.1",
|
|
227
|
+
jsonl_log_ref: "spaps-artifact://logs/apply.jsonl",
|
|
228
|
+
jsonl_log_hash: "sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
|
|
229
|
+
model_id: "openai/gpt-5.4",
|
|
230
|
+
effort_level: "medium",
|
|
231
|
+
});
|
|
232
|
+
```
|
|
233
|
+
|
|
234
|
+
### Custom Context Headers
|
|
235
|
+
|
|
236
|
+
Use `headerProvider` when an app needs to attach tenant, app, or principal context to SDK requests:
|
|
237
|
+
|
|
238
|
+
```ts
|
|
239
|
+
const spaps = new SPAPSClient({
|
|
240
|
+
apiUrl: "https://api.example.test",
|
|
241
|
+
publishableKey: "spaps_pub_example",
|
|
242
|
+
headerProvider: () => ({
|
|
243
|
+
"X-Tenant-Role": resolveTenantRole(),
|
|
244
|
+
"X-App-Slug": "unclawg",
|
|
245
|
+
"X-Principal-Id": resolvePrincipalId(),
|
|
246
|
+
}),
|
|
247
|
+
});
|
|
248
|
+
```
|
|
249
|
+
|
|
250
|
+
The provider runs on each request. Headers named `Authorization` or `X-API-Key` are ignored because the SDK manages those from `setAccessToken()`, `publishableKey`, `secretKey`, or `apiKey`.
|
|
251
|
+
|
|
123
252
|
### Permission Helpers With Explicit Admin Config
|
|
124
253
|
|
|
125
254
|
```ts
|
|
@@ -142,6 +271,27 @@ const isAdmin = isAdminAccount("admin@example.com", customAdmins);
|
|
|
142
271
|
console.log(role, adminCheck.allowed, isAdmin);
|
|
143
272
|
```
|
|
144
273
|
|
|
274
|
+
### Runtime Helpers
|
|
275
|
+
|
|
276
|
+
```ts
|
|
277
|
+
import {
|
|
278
|
+
TokenManager,
|
|
279
|
+
isErrorEnvelope,
|
|
280
|
+
unwrapEnvelope,
|
|
281
|
+
unwrapNestedData,
|
|
282
|
+
} from "spaps-sdk";
|
|
283
|
+
|
|
284
|
+
const payload = TokenManager.decodePayload(accessToken);
|
|
285
|
+
const response = unwrapEnvelope(await spaps.health());
|
|
286
|
+
const items = unwrapNestedData(listResponse);
|
|
287
|
+
|
|
288
|
+
if (isErrorEnvelope(errorBody)) {
|
|
289
|
+
console.error(errorBody.error.code, errorBody.error.message);
|
|
290
|
+
}
|
|
291
|
+
```
|
|
292
|
+
|
|
293
|
+
`decodePayload()` returns `null` for invalid JWTs or non-object payloads. The envelope helpers accept unknown API payloads so apps can handle SPAPS success/error envelopes without copying ad hoc response guards.
|
|
294
|
+
|
|
145
295
|
### Convenience Helpers
|
|
146
296
|
|
|
147
297
|
```ts
|
|
@@ -215,7 +365,7 @@ npm run test:readme
|
|
|
215
365
|
## Metadata
|
|
216
366
|
|
|
217
367
|
- `package_name`: `spaps-sdk`
|
|
218
|
-
- `latest_version`: `1.
|
|
368
|
+
- `latest_version`: `1.7.0`
|
|
219
369
|
- `minimum_runtime`: `Node.js >=14.0.0`
|
|
220
370
|
- `api_base_url`: `https://api.sweetpotato.dev`
|
|
221
371
|
|
package/dist/index.d.mts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import * as spaps_types from 'spaps-types';
|
|
2
|
-
import { ResourceType, Entitlement, CreateProductRequest, Product, UpdateProductRequest, CreatePriceRequest, Price, ProductSyncResult, CryptoReconcileRequest, CreateSecureMessageRequest, SecureMessage, IssueReportScope, IssueReportStatusResult, IssueReportStatus, IssueReportListResult, IssueReport, CreateIssueReportRequest, IssueReportingVoiceTokenResult, UpdateIssueReportRequest, ReplyIssueReportRequest, AuthResponse, User as User$1, CreateCryptoInvoiceRequest, CryptoInvoiceStatusSnapshot, CheckoutSession, DayrateAvailabilityResponse, DayrateBookingRequest, DayrateBookingResponse, DayrateMultiBookingRequest, DayrateMultiBookingResponse, Subscription, UsageBalance, VerifyCryptoWebhookSignatureOptions } from 'spaps-types';
|
|
3
|
-
export { AdminPermission, AdminRole, AdminUser, ApiResponse, AuthResponse, CheckoutSession, CreateCryptoInvoiceRequest, CreateIssueReportRequest, CreatePriceRequest, CreateProductRequest, CreateSecureMessageInput, CreateSecureMessageRequest, CryptoInvoice, CryptoInvoiceResponse, CryptoInvoiceStatusSnapshot, CryptoReconcileRequest, DayrateAvailabilityResponse, DayrateAvailableSlot, DayrateBookingRequest, DayrateBookingResponse, DayrateDayOfWeek, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayratePriceBreakdown, DayrateSlotType, Entitlement, IssueReport, IssueReportListResult, IssueReportStatus, IssueReportStatusResult, IssueReportTarget, IssueReportingInputMode, IssueReportingVoiceProvider, IssueReportingVoiceTokenResult, LinkedIssueReportCase, Price, Product, ProductSyncResult, ReplyIssueReportRequest, ResourceType, SecureMessage, SecureMessageOutput, Subscription, TokenPair, UpdateIssueReportRequest, UpdateProductRequest, UsageBalance, User, UserProfile, UserRole, UserWallet, VerifyCryptoWebhookSignatureOptions, createSecureMessageRequestSchema, secureMessageMetadataSchema, secureMessageSchema } from 'spaps-types';
|
|
2
|
+
import { ResourceType, Entitlement, CreateProductRequest, Product, UpdateProductRequest, CreatePriceRequest, Price, ProductSyncResult, CryptoReconcileRequest, CreateSecureMessageRequest, SecureMessage, IssueReportScope, IssueReportStatusResult, IssueReportStatus, IssueReportListResult, IssueReport, CreateIssueReportRequest, IssueReportingVoiceTokenResult, UpdateIssueReportRequest, ReplyIssueReportRequest, CreateAppLinkRequest, AppLink, AuthResponse, User as User$1, CreateCryptoInvoiceRequest, CryptoInvoiceStatusSnapshot, CheckoutSession, X402ResourceStatusResponse, X402ActionResponse, X402ReceiptResponse, X402ReceiptListResponse, X402HandoffVerification, DayrateAvailabilityResponse, DayrateBookingRequest, DayrateBookingResponse, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayrateX402BookingRequest, DayrateX402BookingResponse, DayrateCheckoutStatusResponse, Subscription, UsageBalance, VerifyCryptoWebhookSignatureOptions } from 'spaps-types';
|
|
3
|
+
export { AdminPermission, AdminRole, AdminUser, ApiResponse, AppLink, AuthResponse, CheckoutSession, CreateAppLinkRequest, CreateCryptoInvoiceRequest, CreateIssueReportRequest, CreatePriceRequest, CreateProductRequest, CreateSecureMessageInput, CreateSecureMessageRequest, CryptoInvoice, CryptoInvoiceResponse, CryptoInvoiceStatusSnapshot, CryptoReconcileRequest, DayrateAvailabilityResponse, DayrateAvailableSlot, DayrateBookingRequest, DayrateBookingResponse, DayrateCheckoutStatus, DayrateCheckoutStatusBooking, DayrateCheckoutStatusResponse, DayrateDayOfWeek, DayrateMultiBookingRequest, DayrateMultiBookingResponse, DayratePriceBreakdown, DayrateSlotType, DayrateX402BookingRequest, DayrateX402BookingResponse, Entitlement, IssueReport, IssueReportListResult, IssueReportStatus, IssueReportStatusResult, IssueReportTarget, IssueReportingInputMode, IssueReportingVoiceProvider, IssueReportingVoiceTokenResult, LinkedIssueReportCase, Price, Product, ProductSyncResult, ReplyIssueReportRequest, ResourceType, SecureMessage, SecureMessageOutput, Subscription, TokenPair, UpdateIssueReportRequest, UpdateProductRequest, UsageBalance, User, UserProfile, UserRole, UserWallet, VerifyCryptoWebhookSignatureOptions, X402ActionFreeResponse, X402ActionOutcome, X402ActionPendingResponse, X402ActionReplayedResponse, X402ActionResponse, X402ActionSettledResponse, X402ExecuteActionRequest, X402HandoffAuthorization, X402HandoffVerification, X402HandoffVerifyRequest, X402PaymentAccept, X402PaymentRequirement, X402ProjectionStatus, X402Receipt, X402ReceiptListResponse, X402ReceiptResponse, X402ReceiptStatus, X402Resource, X402ResourceStatus, X402ResourceStatusResponse, createSecureMessageRequestSchema, isX402PaymentRequired, isX402ResourceStatus, secureMessageMetadataSchema, secureMessageSchema } from 'spaps-types';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Permission checking utilities for SPAPS SDK
|
|
@@ -244,6 +244,8 @@ declare class WebSocketAuthHelper {
|
|
|
244
244
|
}
|
|
245
245
|
|
|
246
246
|
type ApiKeyType = 'publishable' | 'secret';
|
|
247
|
+
/** Returns custom headers to merge into every SDK request. Called per request. */
|
|
248
|
+
type HeaderProvider = () => Record<string, string>;
|
|
247
249
|
interface SPAPSConfig {
|
|
248
250
|
apiUrl?: string;
|
|
249
251
|
/** @deprecated Use publishableKey or secretKey instead */
|
|
@@ -254,6 +256,10 @@ interface SPAPSConfig {
|
|
|
254
256
|
secretKey?: string;
|
|
255
257
|
autoDetect?: boolean;
|
|
256
258
|
timeout?: number;
|
|
259
|
+
/** Additive custom header provider. Called on each request.
|
|
260
|
+
* Returned headers are merged but cannot override SDK-managed
|
|
261
|
+
* `Authorization` or `X-API-Key` headers. */
|
|
262
|
+
headerProvider?: HeaderProvider;
|
|
257
263
|
}
|
|
258
264
|
interface CheckoutLineItemPriceData {
|
|
259
265
|
currency: string;
|
|
@@ -354,6 +360,264 @@ interface IssueReportListParams {
|
|
|
354
360
|
interface IssueReportStatusParams {
|
|
355
361
|
scope?: SupportedIssueReportScope;
|
|
356
362
|
}
|
|
363
|
+
declare class X402PaymentRequiredSDKError extends Error {
|
|
364
|
+
readonly paymentRequiredHeader: string;
|
|
365
|
+
readonly response: unknown;
|
|
366
|
+
constructor(paymentRequiredHeader: string, response: unknown);
|
|
367
|
+
}
|
|
368
|
+
interface X402ExecuteActionOptions {
|
|
369
|
+
paymentSignature?: string;
|
|
370
|
+
target: string;
|
|
371
|
+
bridgeToken?: string;
|
|
372
|
+
bridge_token?: string;
|
|
373
|
+
}
|
|
374
|
+
interface X402ReceiptListParams {
|
|
375
|
+
resourceKey?: string;
|
|
376
|
+
limit?: number;
|
|
377
|
+
offset?: number;
|
|
378
|
+
}
|
|
379
|
+
interface X402VerifyHandoffOptions {
|
|
380
|
+
resourceKey: string;
|
|
381
|
+
actionKey: string;
|
|
382
|
+
}
|
|
383
|
+
type SkillEvalDisclosurePolicy = 'blind_then_controlled_reveal';
|
|
384
|
+
type SkillEvalEligibilitySource = 'admin_assigned' | 'entitlement' | 'policy_import' | 'manual_override';
|
|
385
|
+
type SkillEvalConfidence = 'low' | 'medium' | 'high';
|
|
386
|
+
type SkillEvalReviewMarkKind = 'valuable' | 'not_valuable';
|
|
387
|
+
type SkillEvalPosterResponse = 'accepted' | 'rejected' | 'needs_clarification' | 'applied';
|
|
388
|
+
type SkillEvalRevealField = 'skill_version_digest' | 'provenance_ref';
|
|
389
|
+
type SkillEvalAccessMode = 'public' | 'team_private';
|
|
390
|
+
type SkillEvalGovernancePurpose = 'adopt_skill' | 'retire_skill' | 'merge_skill' | 'split_skill' | 'reviewer_policy' | 'fund_bounty';
|
|
391
|
+
interface SkillEvalCandidateInput {
|
|
392
|
+
candidate_id: string;
|
|
393
|
+
output_ref: string;
|
|
394
|
+
evidence_summary: string;
|
|
395
|
+
artifact_hash: string;
|
|
396
|
+
artifact_mime: string;
|
|
397
|
+
jsonl_log_ref: string;
|
|
398
|
+
jsonl_log_hash: string;
|
|
399
|
+
skill_ref: string;
|
|
400
|
+
skill_version_ref: string;
|
|
401
|
+
skill_version_digest: string;
|
|
402
|
+
model_id: string;
|
|
403
|
+
effort_level: string;
|
|
404
|
+
provenance_ref: string;
|
|
405
|
+
}
|
|
406
|
+
interface SkillEvalModelEffort {
|
|
407
|
+
model_id: string;
|
|
408
|
+
effort_level: string;
|
|
409
|
+
}
|
|
410
|
+
interface SkillEvalCasePolicy {
|
|
411
|
+
access_mode?: SkillEvalAccessMode;
|
|
412
|
+
allowed_model_efforts: SkillEvalModelEffort[];
|
|
413
|
+
min_contribution_score?: number | null;
|
|
414
|
+
contribution_score_source_ref?: string | null;
|
|
415
|
+
viewer_allowlist?: string[];
|
|
416
|
+
skill_user_allowlist?: string[];
|
|
417
|
+
participant_allowlist?: string[];
|
|
418
|
+
}
|
|
419
|
+
interface SkillEvalReviewerEligibilityInput {
|
|
420
|
+
reviewer_actor_id: string;
|
|
421
|
+
eligibility_source?: SkillEvalEligibilitySource;
|
|
422
|
+
contribution_score?: number | null;
|
|
423
|
+
contribution_score_source_ref?: string | null;
|
|
424
|
+
}
|
|
425
|
+
interface CreateSkillEvalCaseRequest {
|
|
426
|
+
title: string;
|
|
427
|
+
task_claim: string;
|
|
428
|
+
success_criteria: string[];
|
|
429
|
+
candidates: SkillEvalCandidateInput[];
|
|
430
|
+
disclosure_policy?: SkillEvalDisclosurePolicy;
|
|
431
|
+
case_policy: SkillEvalCasePolicy;
|
|
432
|
+
idempotency_key: string;
|
|
433
|
+
reviewer_eligibility?: SkillEvalReviewerEligibilityInput[];
|
|
434
|
+
}
|
|
435
|
+
interface SkillEvalCreateOptions {
|
|
436
|
+
paymentSignature?: string;
|
|
437
|
+
}
|
|
438
|
+
interface SkillEvalMutationOptions {
|
|
439
|
+
ifMatch?: string | number;
|
|
440
|
+
caseVersion?: number;
|
|
441
|
+
}
|
|
442
|
+
interface SkillEvalCaseResponse {
|
|
443
|
+
case_id: string;
|
|
444
|
+
status: string;
|
|
445
|
+
review_room_url?: string;
|
|
446
|
+
x402_action_key?: string;
|
|
447
|
+
x402_receipt_id?: string | null;
|
|
448
|
+
payload_fingerprint?: string;
|
|
449
|
+
case_version: number;
|
|
450
|
+
access_mode?: SkillEvalAccessMode;
|
|
451
|
+
case_policy?: SkillEvalCasePolicy;
|
|
452
|
+
actor_access?: SkillEvalActorAccess;
|
|
453
|
+
created_at?: string | null;
|
|
454
|
+
updated_at?: string | null;
|
|
455
|
+
idempotent_replay?: boolean;
|
|
456
|
+
title?: string;
|
|
457
|
+
task_claim?: string;
|
|
458
|
+
success_criteria?: string[];
|
|
459
|
+
candidates?: SkillEvalCandidateResponse[];
|
|
460
|
+
}
|
|
461
|
+
interface SkillEvalActorAccess {
|
|
462
|
+
can_view: boolean;
|
|
463
|
+
can_use_skill: boolean;
|
|
464
|
+
can_participate: boolean;
|
|
465
|
+
}
|
|
466
|
+
interface SkillEvalCandidateResponse {
|
|
467
|
+
candidate_id: string;
|
|
468
|
+
output_ref: string;
|
|
469
|
+
evidence_summary: string;
|
|
470
|
+
artifact_hash: string;
|
|
471
|
+
artifact_mime: string;
|
|
472
|
+
skill_version_digest?: string;
|
|
473
|
+
provenance_ref?: string;
|
|
474
|
+
jsonl_log_ref?: string;
|
|
475
|
+
jsonl_log_hash?: string;
|
|
476
|
+
model_id?: string;
|
|
477
|
+
effort_level?: string;
|
|
478
|
+
}
|
|
479
|
+
interface SkillEvalReviewRoom {
|
|
480
|
+
case_id: string;
|
|
481
|
+
status: string;
|
|
482
|
+
task_claim: string;
|
|
483
|
+
success_criteria: string[];
|
|
484
|
+
candidates: SkillEvalCandidateResponse[];
|
|
485
|
+
reviewer_state: string;
|
|
486
|
+
actor_access?: SkillEvalActorAccess;
|
|
487
|
+
case_version: number;
|
|
488
|
+
}
|
|
489
|
+
interface SkillEvalReviewMarkInput {
|
|
490
|
+
candidate_id: string;
|
|
491
|
+
kind: SkillEvalReviewMarkKind;
|
|
492
|
+
note: string;
|
|
493
|
+
reason_code: string;
|
|
494
|
+
confidence: SkillEvalConfidence;
|
|
495
|
+
criterion?: string | null;
|
|
496
|
+
}
|
|
497
|
+
interface SubmitSkillEvalReviewRequest {
|
|
498
|
+
winner_candidate_id?: string | null;
|
|
499
|
+
rationale?: string | null;
|
|
500
|
+
missing_from_winner?: string | null;
|
|
501
|
+
criteria_challenge?: string | null;
|
|
502
|
+
confidence?: SkillEvalConfidence | null;
|
|
503
|
+
review_marks?: SkillEvalReviewMarkInput[];
|
|
504
|
+
}
|
|
505
|
+
interface SkillEvalRewardEvent {
|
|
506
|
+
reward_event_id?: string;
|
|
507
|
+
event_kind: 'participation' | 'accepted_insight' | 'applied_insight' | 'delayed_bonus_candidate';
|
|
508
|
+
}
|
|
509
|
+
interface SkillEvalReviewResponse {
|
|
510
|
+
review_id: string;
|
|
511
|
+
status: string;
|
|
512
|
+
review_mark_counts?: {
|
|
513
|
+
valuable: number;
|
|
514
|
+
not_valuable: number;
|
|
515
|
+
};
|
|
516
|
+
reward_event?: SkillEvalRewardEvent | null;
|
|
517
|
+
}
|
|
518
|
+
interface SkillEvalInsight {
|
|
519
|
+
insight_ref: string;
|
|
520
|
+
mark_id?: string | null;
|
|
521
|
+
source_review_id: string;
|
|
522
|
+
reviewer_actor_id?: string | null;
|
|
523
|
+
source_review_created_at?: string | null;
|
|
524
|
+
candidate_id: string;
|
|
525
|
+
kind: SkillEvalReviewMarkKind;
|
|
526
|
+
note: string;
|
|
527
|
+
reason_code: string;
|
|
528
|
+
confidence: SkillEvalConfidence;
|
|
529
|
+
criterion?: string | null;
|
|
530
|
+
jsonl_log_ref: string;
|
|
531
|
+
jsonl_log_hash: string;
|
|
532
|
+
source_candidate?: {
|
|
533
|
+
output_ref?: string | null;
|
|
534
|
+
evidence_summary?: string | null;
|
|
535
|
+
artifact_hash?: string | null;
|
|
536
|
+
artifact_mime?: string | null;
|
|
537
|
+
model_id?: string | null;
|
|
538
|
+
effort_level?: string | null;
|
|
539
|
+
};
|
|
540
|
+
}
|
|
541
|
+
interface SkillEvalInsightsResponse {
|
|
542
|
+
case_id: string;
|
|
543
|
+
status?: string;
|
|
544
|
+
task_claim?: string;
|
|
545
|
+
success_criteria?: string[];
|
|
546
|
+
case_version?: number;
|
|
547
|
+
valuable: SkillEvalInsight[];
|
|
548
|
+
not_valuable: SkillEvalInsight[];
|
|
549
|
+
counts?: {
|
|
550
|
+
valuable: number;
|
|
551
|
+
not_valuable: number;
|
|
552
|
+
};
|
|
553
|
+
visibility_policy?: {
|
|
554
|
+
access_mode?: SkillEvalAccessMode;
|
|
555
|
+
actor_access?: SkillEvalActorAccess;
|
|
556
|
+
reviewer_identity_visible?: boolean;
|
|
557
|
+
case_policy?: SkillEvalCasePolicy;
|
|
558
|
+
};
|
|
559
|
+
}
|
|
560
|
+
interface RespondToSkillEvalReviewRequest {
|
|
561
|
+
response: SkillEvalPosterResponse;
|
|
562
|
+
reason: string;
|
|
563
|
+
applied_insight_ref?: string | null;
|
|
564
|
+
skill_change_ref?: string | null;
|
|
565
|
+
skill_version_before?: string | null;
|
|
566
|
+
skill_version_after?: string | null;
|
|
567
|
+
jsonl_log_ref?: string | null;
|
|
568
|
+
jsonl_log_hash?: string | null;
|
|
569
|
+
model_id?: string | null;
|
|
570
|
+
effort_level?: string | null;
|
|
571
|
+
}
|
|
572
|
+
interface SkillEvalPosterResponseResult {
|
|
573
|
+
response_id: string;
|
|
574
|
+
response: SkillEvalPosterResponse;
|
|
575
|
+
applied_insight_ref?: string | null;
|
|
576
|
+
skill_change_ref?: string | null;
|
|
577
|
+
skill_version_before?: string | null;
|
|
578
|
+
skill_version_after?: string | null;
|
|
579
|
+
jsonl_log_ref?: string | null;
|
|
580
|
+
jsonl_log_hash?: string | null;
|
|
581
|
+
model_id?: string | null;
|
|
582
|
+
effort_level?: string | null;
|
|
583
|
+
reward_event?: SkillEvalRewardEvent | null;
|
|
584
|
+
}
|
|
585
|
+
interface RevealSkillEvalEvidenceRequest {
|
|
586
|
+
fields: SkillEvalRevealField[];
|
|
587
|
+
reason: string;
|
|
588
|
+
}
|
|
589
|
+
interface SkillEvalRevealResult {
|
|
590
|
+
reveal_id: string;
|
|
591
|
+
case_id: string;
|
|
592
|
+
status: string;
|
|
593
|
+
revealed_fields: SkillEvalRevealField[];
|
|
594
|
+
}
|
|
595
|
+
interface CreateSkillEvalGovernanceSnapshotRequest {
|
|
596
|
+
proposal_purpose: SkillEvalGovernancePurpose;
|
|
597
|
+
summary?: Record<string, unknown>;
|
|
598
|
+
realms_proposal_ref?: string | null;
|
|
599
|
+
}
|
|
600
|
+
interface SkillEvalGovernanceSnapshotResult {
|
|
601
|
+
snapshot_id: string;
|
|
602
|
+
case_id: string;
|
|
603
|
+
summary: Record<string, unknown>;
|
|
604
|
+
content_hash: string;
|
|
605
|
+
proposal_purpose: SkillEvalGovernancePurpose;
|
|
606
|
+
realms_proposal_ref?: string | null;
|
|
607
|
+
status: string;
|
|
608
|
+
}
|
|
609
|
+
interface ImportSkillEvalGovernanceOutcomeRequest {
|
|
610
|
+
outcome_status: string;
|
|
611
|
+
realms_proposal_ref?: string | null;
|
|
612
|
+
outcome_ref?: string | null;
|
|
613
|
+
notes?: Record<string, unknown>;
|
|
614
|
+
}
|
|
615
|
+
interface SkillEvalGovernanceOutcomeResult {
|
|
616
|
+
snapshot_id: string;
|
|
617
|
+
case_id: string;
|
|
618
|
+
status: string;
|
|
619
|
+
realms_proposal_ref?: string | null;
|
|
620
|
+
}
|
|
357
621
|
|
|
358
622
|
declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Record<string, any>> {
|
|
359
623
|
private client;
|
|
@@ -361,10 +625,17 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
361
625
|
private accessToken?;
|
|
362
626
|
private refreshToken?;
|
|
363
627
|
private _isLocalMode;
|
|
628
|
+
private headerProvider?;
|
|
364
629
|
private unwrapApiResponse;
|
|
630
|
+
private skillEvalMutationConfig;
|
|
365
631
|
private isAxiosResponse;
|
|
366
632
|
private isResponseLikeWithData;
|
|
367
633
|
private isApiResponse;
|
|
634
|
+
private static isSdkManagedHeader;
|
|
635
|
+
private static hasHeader;
|
|
636
|
+
private static setHeader;
|
|
637
|
+
private static assertSafeHeaderValue;
|
|
638
|
+
private applyCustomHeaders;
|
|
368
639
|
admin: {
|
|
369
640
|
createProduct: (productData: CreateProductRequest) => Promise<{
|
|
370
641
|
data: Product;
|
|
@@ -472,6 +743,22 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
472
743
|
*/
|
|
473
744
|
reply: (issueReportId: string, payload: ReplyIssueReportRequest) => Promise<IssueReport>;
|
|
474
745
|
};
|
|
746
|
+
/**
|
|
747
|
+
* Application-scoped short links for browser apps that need stable public URLs.
|
|
748
|
+
*/
|
|
749
|
+
appLinks: {
|
|
750
|
+
/**
|
|
751
|
+
* Create a short link owned by the authenticated user.
|
|
752
|
+
*/
|
|
753
|
+
create: (payload: CreateAppLinkRequest) => Promise<AppLink>;
|
|
754
|
+
/**
|
|
755
|
+
* Resolve a public short link for the active application.
|
|
756
|
+
*/
|
|
757
|
+
get: (username: string, slug: string, options?: {
|
|
758
|
+
track?: boolean;
|
|
759
|
+
}) => Promise<AppLink>;
|
|
760
|
+
};
|
|
761
|
+
private static envVar;
|
|
475
762
|
constructor(config?: SPAPSConfig);
|
|
476
763
|
/** Raw API request helper that returns an ApiResponse-like shape */
|
|
477
764
|
request<T = any>(method: 'GET' | 'POST' | 'PUT' | 'DELETE' | 'PATCH', url: string, data?: any, requiresAuth?: boolean): Promise<{
|
|
@@ -749,6 +1036,32 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
749
1036
|
message: string;
|
|
750
1037
|
}>;
|
|
751
1038
|
};
|
|
1039
|
+
/**
|
|
1040
|
+
* x402 paid-resource namespace.
|
|
1041
|
+
* Handles resource status checks, payment-gated actions, receipts, and handoff authorization.
|
|
1042
|
+
*/
|
|
1043
|
+
x402: {
|
|
1044
|
+
getResourceStatus: (resourceKey: string) => Promise<X402ResourceStatusResponse>;
|
|
1045
|
+
executeAction: (resourceKey: string, actionKey: string, options: X402ExecuteActionOptions) => Promise<X402ActionResponse>;
|
|
1046
|
+
getReceipt: (receiptId: string) => Promise<X402ReceiptResponse>;
|
|
1047
|
+
listReceipts: (params?: X402ReceiptListParams) => Promise<X402ReceiptListResponse>;
|
|
1048
|
+
verifyHandoff: (token: string, target: string, bridgeToken: string, options: X402VerifyHandoffOptions) => Promise<X402HandoffVerification>;
|
|
1049
|
+
};
|
|
1050
|
+
/**
|
|
1051
|
+
* Blind comparative skill-eval namespace.
|
|
1052
|
+
*/
|
|
1053
|
+
skillEvals: {
|
|
1054
|
+
createCase: (payload: CreateSkillEvalCaseRequest, options?: SkillEvalCreateOptions) => Promise<SkillEvalCaseResponse>;
|
|
1055
|
+
getCase: (caseId: string) => Promise<SkillEvalCaseResponse>;
|
|
1056
|
+
getReviewRoom: (caseId: string) => Promise<SkillEvalReviewRoom>;
|
|
1057
|
+
getInsights: (caseId: string) => Promise<SkillEvalInsightsResponse>;
|
|
1058
|
+
submitReview: (caseId: string, payload: SubmitSkillEvalReviewRequest, options?: SkillEvalMutationOptions) => Promise<SkillEvalReviewResponse>;
|
|
1059
|
+
respondToReview: (caseId: string, reviewId: string, payload: RespondToSkillEvalReviewRequest, options?: SkillEvalMutationOptions) => Promise<SkillEvalPosterResponseResult>;
|
|
1060
|
+
lockReviews: (caseId: string, options?: SkillEvalMutationOptions) => Promise<SkillEvalCaseResponse>;
|
|
1061
|
+
revealEvidence: (caseId: string, payload: RevealSkillEvalEvidenceRequest, options?: SkillEvalMutationOptions) => Promise<SkillEvalRevealResult>;
|
|
1062
|
+
createGovernanceSnapshot: (caseId: string, payload: CreateSkillEvalGovernanceSnapshotRequest, options?: SkillEvalMutationOptions) => Promise<SkillEvalGovernanceSnapshotResult>;
|
|
1063
|
+
importGovernanceOutcome: (snapshotId: string, payload: ImportSkillEvalGovernanceOutcomeRequest) => Promise<SkillEvalGovernanceOutcomeResult>;
|
|
1064
|
+
};
|
|
752
1065
|
/**
|
|
753
1066
|
* DayRate (Dynamic Scheduling) namespace
|
|
754
1067
|
* For booking half-day sessions with dynamic pricing
|
|
@@ -769,6 +1082,14 @@ declare class SPAPSClient<SecureMessageMetadata extends Record<string, any> = Re
|
|
|
769
1082
|
* Reserves multiple slots with a single checkout session
|
|
770
1083
|
*/
|
|
771
1084
|
createMultiBooking: (payload: DayrateMultiBookingRequest) => Promise<DayrateMultiBookingResponse>;
|
|
1085
|
+
/**
|
|
1086
|
+
* Create a single-slot booking hold backed by an x402 paid-resource action.
|
|
1087
|
+
*/
|
|
1088
|
+
createX402Booking: (payload: DayrateX402BookingRequest) => Promise<DayrateX402BookingResponse>;
|
|
1089
|
+
/**
|
|
1090
|
+
* Get guest-safe checkout confirmation state for a Stripe session.
|
|
1091
|
+
*/
|
|
1092
|
+
getCheckoutStatus: (sessionId: string) => Promise<DayrateCheckoutStatusResponse>;
|
|
772
1093
|
};
|
|
773
1094
|
createCheckoutSession(priceId: string, successUrl: string, cancelUrl?: string): Promise<{
|
|
774
1095
|
data: CheckoutSession;
|
|
@@ -878,6 +1199,7 @@ declare class TokenManager {
|
|
|
878
1199
|
static getRefreshToken(): string | null;
|
|
879
1200
|
static getStoredUser(): User$1 | null;
|
|
880
1201
|
static clearTokens(): void;
|
|
1202
|
+
static decodePayload(token: string): Record<string, unknown> | null;
|
|
881
1203
|
static isTokenExpired(token: string): boolean;
|
|
882
1204
|
static autoRefreshToken(sdk: SPAPSClient): Promise<boolean>;
|
|
883
1205
|
/**
|
|
@@ -903,6 +1225,29 @@ declare class WalletUtils {
|
|
|
903
1225
|
static detectChainType(address: string): 'solana' | 'ethereum' | 'bitcoin' | null;
|
|
904
1226
|
static isValidAddress(address: string, chainType?: 'solana' | 'ethereum' | 'bitcoin' | 'base'): boolean;
|
|
905
1227
|
}
|
|
1228
|
+
interface SPAPSEnvelope<T = unknown> {
|
|
1229
|
+
success: boolean;
|
|
1230
|
+
data?: T;
|
|
1231
|
+
error?: {
|
|
1232
|
+
code: string;
|
|
1233
|
+
message: string;
|
|
1234
|
+
details?: unknown;
|
|
1235
|
+
};
|
|
1236
|
+
}
|
|
1237
|
+
declare function isEnvelope(value: unknown): value is SPAPSEnvelope;
|
|
1238
|
+
declare function isSuccessEnvelope<T = unknown>(value: unknown): value is SPAPSEnvelope<T> & {
|
|
1239
|
+
success: true;
|
|
1240
|
+
};
|
|
1241
|
+
declare function isErrorEnvelope(value: unknown): value is SPAPSEnvelope & {
|
|
1242
|
+
success: false;
|
|
1243
|
+
error: {
|
|
1244
|
+
code: string;
|
|
1245
|
+
message: string;
|
|
1246
|
+
details?: unknown;
|
|
1247
|
+
};
|
|
1248
|
+
};
|
|
1249
|
+
declare function unwrapEnvelope<T = unknown>(value: unknown, fallbackMessage?: string): T;
|
|
1250
|
+
declare function unwrapNestedData<T = unknown>(value: unknown): T;
|
|
906
1251
|
/**
|
|
907
1252
|
* Create a SPAPS client for browser/client-side usage
|
|
908
1253
|
* Uses publishable key which is safe to expose in client bundles
|
|
@@ -938,4 +1283,4 @@ declare function createServerClient(secretKey: string, options?: Omit<SPAPSConfi
|
|
|
938
1283
|
*/
|
|
939
1284
|
declare function detectKeyType(key: string): ApiKeyType | null;
|
|
940
1285
|
|
|
941
|
-
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, DEFAULT_ADMIN_ACCOUNTS, type EmailSendOptions, type EmailSendResult, type EmailTemplate, type EmailTemplatePreview, type EntitlementCheckResult, type EntitlementListParams, type FeatureContext, type FeatureDefinition, FeatureEvaluator, type IssueReportListParams, type IssueReportStatusParams, type PermissionCheckResult, PermissionChecker, RoleHierarchy, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, type TemplateVariable, TokenManager, WalletUtils, WebSocketAuthHelper, type WebSocketAuthHelperConfig, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, verifyCryptoWebhookSignature };
|
|
1286
|
+
export { type AdminConfig, type ApiKeyType, type CheckoutLineItem, type CheckoutLineItemPriceData, type CreateCheckoutSessionPayload, type CreateSkillEvalCaseRequest, type CreateSkillEvalGovernanceSnapshotRequest, DEFAULT_ADMIN_ACCOUNTS, type EmailSendOptions, type EmailSendResult, type EmailTemplate, type EmailTemplatePreview, type EntitlementCheckResult, type EntitlementListParams, type FeatureContext, type FeatureDefinition, FeatureEvaluator, type HeaderProvider, type ImportSkillEvalGovernanceOutcomeRequest, type IssueReportListParams, type IssueReportStatusParams, type PermissionCheckResult, PermissionChecker, type RespondToSkillEvalReviewRequest, type RevealSkillEvalEvidenceRequest, RoleHierarchy, SPAPSClient as SPAPS, SPAPSClient, type SPAPSConfig, type SPAPSEnvelope, type SkillEvalAccessMode, type SkillEvalActorAccess, type SkillEvalCandidateInput, type SkillEvalCandidateResponse, type SkillEvalCasePolicy, type SkillEvalCaseResponse, type SkillEvalConfidence, type SkillEvalCreateOptions, type SkillEvalDisclosurePolicy, type SkillEvalEligibilitySource, type SkillEvalGovernanceOutcomeResult, type SkillEvalGovernancePurpose, type SkillEvalGovernanceSnapshotResult, type SkillEvalInsight, type SkillEvalInsightsResponse, type SkillEvalModelEffort, type SkillEvalMutationOptions, type SkillEvalPosterResponse, type SkillEvalPosterResponseResult, type SkillEvalRevealField, type SkillEvalRevealResult, type SkillEvalReviewMarkInput, type SkillEvalReviewMarkKind, type SkillEvalReviewResponse, type SkillEvalReviewRoom, type SkillEvalReviewerEligibilityInput, type SkillEvalRewardEvent, type SubmitSkillEvalReviewRequest, type TemplateVariable, TokenManager, WalletUtils, WebSocketAuthHelper, type WebSocketAuthHelperConfig, type X402ExecuteActionOptions, X402PaymentRequiredSDKError, type X402ReceiptListParams, type X402VerifyHandoffOptions, canAccessAdmin, createBrowserClient, createPermissionChecker, createServerClient, SPAPSClient as default, defaultPermissionChecker, detectKeyType, getRoleAwareErrorMessage, getUserDisplay, getUserRole, hasPermission, isAdminAccount, isEnvelope, isErrorEnvelope, isSuccessEnvelope, unwrapEnvelope, unwrapNestedData, verifyCryptoWebhookSignature };
|