veryfront 0.1.62 → 0.1.64

package/src/deno.js

@@ -1,6 +1,6 @@
 export default {
   "name": "veryfront",
-  "version": "0.1.62",
+  "version": "0.1.64",
   "license": "Apache-2.0",
   "nodeModulesDir": "auto",
   "exclude": [
@@ -225,6 +225,8 @@ export default {
     "rehype-highlight": "npm:rehype-highlight@7.0.2",
     "rehype-starry-night": "npm:rehype-starry-night@2.2.0",
     "rehype-slug": "npm:rehype-slug@6.0.0",
+    "rehype-raw": "npm:rehype-raw@7.0.0",
+    "rehype-sanitize": "npm:rehype-sanitize@6.0.0",
     "rehype-stringify": "npm:rehype-stringify@10.0.1",
     "esbuild": "npm:esbuild@0.20.2",
     "esbuild/mod.js": "npm:esbuild@0.20.2",
@@ -263,7 +265,8 @@ export default {
     "class-variance-authority": "npm:class-variance-authority@0.7.1",
     "clsx": "npm:clsx@2.1.1",
     "tailwind-merge": "npm:tailwind-merge@2.6.0",
-    "@kreuzberg/wasm": "npm:@kreuzberg/wasm@4.4.2"
+    "@kreuzberg/wasm": "npm:@kreuzberg/wasm@4.4.2",
+    "#kreuzberg-wasm-glue": "npm:@kreuzberg/wasm@4.4.2/dist/pkg/kreuzberg_wasm.js"
   },
   "compilerOptions": {
     "jsx": "react-jsx",
@@ -291,7 +294,7 @@ export default {
     "dev": "deno task generate && deno run --allow-all cli/main.ts dev",
     "production": "deno task generate && deno run --allow-all cli/main.ts serve --mode=production",
     "build:prepare": "deno run -A scripts/build/generate-integrations-module.ts && deno task generate && deno run -A scripts/build/prepare-framework-sources.ts",
-    "build": "deno task build:prepare && deno compile --allow-all --include src/platform/polyfills --include src/proxy/main.ts --include dist/framework-src --output ./bin/veryfront cli/main.ts",
+    "build": "deno task build:prepare && deno run -A scripts/build/compile-binary.ts --output ./bin/veryfront",
     "build:npm": "deno run -A scripts/build/generate-integrations-module.ts && deno task generate && deno run -A scripts/build/build-npm-dnt.ts",
     "release": "deno run -A scripts/release.ts",
     "test": "deno task generate && VF_DISABLE_LRU_INTERVAL=1 SSR_TRANSFORM_PER_PROJECT_LIMIT=0 REVALIDATION_PER_PROJECT_LIMIT=0 NODE_ENV=production LOG_FORMAT=text deno test --no-check --parallel --allow-all '--ignore=tests/e2e,tests/integration/compiled-binary-e2e.test.ts' --unstable-worker-options --unstable-net",

package/src/src/agent/composition/composition.ts

@@ -149,9 +149,21 @@ export function getAllAgentIds(): string[] {
 // Register on globalThis so compiled-binary runtime shim can delegate to the
 // real registry. External temp-file modules can't import from the embedded
 // binary FS, so they use globalThis bridges instead.
-(dntShim.dntGlobalThis as Record<string, unknown>).__vfGetAgent = getAgent;
-(dntShim.dntGlobalThis as Record<string, unknown>).__vfRegisterAgent = registerAgent;
-(dntShim.dntGlobalThis as Record<string, unknown>).__vfGetAllAgentIds = getAllAgentIds;
+// Use Object.defineProperty to prevent accidental overwriting or enumeration.
+for (
+  const [key, value] of Object.entries({
+    __vfGetAgent: getAgent,
+    __vfRegisterAgent: registerAgent,
+    __vfGetAllAgentIds: getAllAgentIds,
+  })
+) {
+  Object.defineProperty(dntShim.dntGlobalThis, key, {
+    value,
+    writable: false,
+    enumerable: false,
+    configurable: false,
+  });
+}
 
 export function getAgentsAsTools(descriptions?: Record<string, string>): Record<string, Tool> {
   const tools: Record<string, Tool> = {};

package/src/src/agent/factory.ts

@@ -160,7 +160,7 @@ export function agent(config: AgentConfig): Agent {
     generate(input): Promise<AgentResponse> {
       return withSpan(
         "agent.factory.generate",
-        () => runtime.generate(input.input, input.context, input.model),
+        () => runtime.generate(input.input, input.context, input.model, input.maxOutputTokens),
         { "agent.id": id },
       );
     },
@@ -179,10 +179,16 @@ export function agent(config: AgentConfig): Agent {
             ]
             : (input.messages ?? []);
 
-          const stream = await runtime.stream(inputMessages, input.context, {
-            onToolCall: input.onToolCall,
-            onChunk: input.onChunk,
-          }, input.model);
+          const stream = await runtime.stream(
+            inputMessages,
+            input.context,
+            {
+              onToolCall: input.onToolCall,
+              onChunk: input.onChunk,
+            },
+            input.model,
+            input.maxOutputTokens,
+          );
 
           return createAgentStreamResult(stream);
         },
@@ -198,6 +204,7 @@ export function agent(config: AgentConfig): Agent {
             messages?: Message[];
             context?: Record<string, unknown>;
             model?: string;
+            maxOutputTokens?: number;
           } = await request.json();
 
           // Validate model override against allowlist when configured
@@ -216,7 +223,13 @@ export function agent(config: AgentConfig): Agent {
           }
 
           const messages = body.messages ?? [];
-          const stream = await runtime.stream(messages, body.context, undefined, modelOverride);
+          const stream = await runtime.stream(
+            messages,
+            body.context,
+            undefined,
+            modelOverride,
+            body.maxOutputTokens,
+          );
 
           return new dntShim.Response(stream, { headers: STREAMING_HEADERS });
         },

package/src/src/agent/middleware/security/validator.ts

@@ -0,0 +1,288 @@
+import type { AgentContext, AgentResponse } from "../../types.js";
+import { createError, toError } from "../../../errors/veryfront-error.js";
+
+export interface SecurityConfig {
+  /** Input validation rules */
+  input?: {
+    /** Maximum input length */
+    maxLength?: number;
+
+    /** Blocked patterns (regex) */
+    blockedPatterns?: RegExp[];
+
+    /** Sanitize input */
+    sanitize?: boolean;
+
+    /** Custom validator */
+    validate?: (input: string) => boolean | Promise<boolean>;
+  };
+
+  /** Output filtering rules */
+  output?: {
+    /** Blocked patterns in output */
+    blockedPatterns?: RegExp[];
+
+    /** Filter PII (Personal Identifiable Information) */
+    filterPII?: boolean;
+
+    /** Custom filter */
+    filter?: (output: string) => string | Promise<string>;
+  };
+
+  /** Action when violation detected */
+  onViolation?: (violation: SecurityViolation) => void;
+}
+
+export interface SecurityViolation {
+  /** Violation type */
+  type: "input" | "output";
+
+  /** Violation reason */
+  reason: string;
+
+  /** Original content */
+  content: string;
+
+  /** Matched pattern (if any) */
+  pattern?: RegExp;
+}
+
+/**
+ * Common blocked patterns
+ */
+export const COMMON_BLOCKED_PATTERNS = {
+  /** Prompt injection attempts */
+  promptInjection: [
+    /ignore\s+previous\s+instructions/i,
+    /ignore\s+all\s+previous\s+prompts/i,
+    /you\s+are\s+now\s+a/i,
+    /pretend\s+you\s+are/i,
+    /system:\s*/i,
+    /<\|im_start\|>/i,
+    /<\|im_end\|>/i,
+  ],
+
+  /** Potential data exfiltration */
+  dataExfiltration: [
+    /password/i,
+    /api[_\s-]?key/i,
+    /secret/i,
+    /token/i,
+    /credit\s+card/i,
+  ],
+
+  /** SQL injection patterns */
+  sqlInjection: [
+    /(\bUNION\b|\bSELECT\b).*\bFROM\b/i,
+    /;\s*(DROP|DELETE|UPDATE|INSERT)/i,
+  ],
+
+  /** XSS patterns */
+  xss: [
+    /<script[^>]*>.*?<\/script>/gi,
+    /javascript:/i,
+    /on\w+\s*=/i, // Event handlers
+  ],
+};
+
+/**
+ * PII patterns with replacement labels
+ */
+const PII_REPLACEMENTS: Array<{ pattern: RegExp; label: string }> = [
+  { pattern: /\b[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}\b/gi, label: "[EMAIL]" },
+  {
+    pattern: /\b(\+\d{1,3}[-.\s]?)?\(?\d{3}\)?[-.\s]?\d{3}[-.\s]?\d{4}\b/g,
+    label: "[PHONE]",
+  },
+  { pattern: /\b\d{3}-\d{2}-\d{4}\b/g, label: "[SSN]" },
+  { pattern: /\b\d{4}[-\s]?\d{4}[-\s]?\d{4}[-\s]?\d{4}\b/g, label: "[CREDIT_CARD]" },
+];
+
+/**
+ * Input Validator
+ */
+export class InputValidator {
+  private config: NonNullable<SecurityConfig["input"]>;
+
+  constructor(config?: SecurityConfig["input"]) {
+    this.config = config ?? {};
+  }
+
+  /**
+   * Validate input
+   */
+  async validate(input: string): Promise<{
+    valid: boolean;
+    sanitized?: string;
+    violations: SecurityViolation[];
+  }> {
+    const violations: SecurityViolation[] = [];
+
+    const maxLength = this.config.maxLength;
+    if (maxLength != null && input.length > maxLength) {
+      violations.push({
+        type: "input",
+        reason: `Input exceeds maximum length of ${maxLength}`,
+        content: `${input.substring(0, 100)}...`,
+      });
+    }
+
+    for (const pattern of this.config.blockedPatterns ?? []) {
+      if (!pattern.test(input)) continue;
+
+      violations.push({
+        type: "input",
+        reason: "Input matches blocked pattern",
+        content: input,
+        pattern,
+      });
+    }
+
+    const customValidate = this.config.validate;
+    if (customValidate) {
+      const customValid = await customValidate(input);
+      if (!customValid) {
+        violations.push({
+          type: "input",
+          reason: "Custom validation failed",
+          content: input,
+        });
+      }
+    }
+
+    const sanitized = this.config.sanitize ? this.sanitizeInput(input) : undefined;
+
+    return {
+      valid: violations.length === 0,
+      sanitized,
+      violations,
+    };
+  }
+
+  /** Sanitization patterns to remove harmful content */
+  private static readonly SANITIZE_PATTERNS: RegExp[] = [
+    /<script[^>]*>.*?<\/script>/gi, // Script tags
+    /on\w+\s*=\s*["'][^"']*["']/gi, // Event handlers
+    /javascript:/gi, // JavaScript protocol
+  ];
+
+  /**
+   * Sanitize input (remove potentially harmful content)
+   */
+  private sanitizeInput(input: string): string {
+    return InputValidator.SANITIZE_PATTERNS.reduce(
+      (text, pattern) => text.replace(pattern, ""),
+      input,
+    );
+  }
+}
+
+/**
+ * Output Filter
+ */
+export class OutputFilter {
+  private config: NonNullable<SecurityConfig["output"]>;
+
+  constructor(config?: SecurityConfig["output"]) {
+    this.config = config ?? {};
+  }
+
+  /**
+   * Filter output
+   */
+  async filter(output: string): Promise<{
+    filtered: string;
+    violations: SecurityViolation[];
+  }> {
+    const violations: SecurityViolation[] = [];
+    let filtered = output;
+
+    for (const pattern of this.config.blockedPatterns ?? []) {
+      if (!pattern.test(filtered)) continue;
+
+      violations.push({
+        type: "output",
+        reason: "Output contains blocked pattern",
+        content: filtered,
+        pattern,
+      });
+
+      filtered = filtered.replace(pattern, "[REDACTED]");
+    }
+
+    if (this.config.filterPII) {
+      filtered = this.filterPII(filtered);
+    }
+
+    const customFilter = this.config.filter;
+    if (customFilter) {
+      filtered = await customFilter(filtered);
+    }
+
+    return { filtered, violations };
+  }
+
+  /**
+   * Filter PII from output
+   */
+  private filterPII(output: string): string {
+    return PII_REPLACEMENTS.reduce(
+      (text, { pattern, label }) => text.replace(pattern, label),
+      output,
+    );
+  }
+}
+
+/**
+ * Report violations to the configured handler
+ */
+function reportViolations(
+  violations: SecurityViolation[],
+  onViolation?: (violation: SecurityViolation) => void,
+): void {
+  if (!onViolation) return;
+  for (const violation of violations) onViolation(violation);
+}
+
+/**
+ * Create security middleware for agents
+ */
+export function securityMiddleware(
+  config: SecurityConfig,
+): (context: AgentContext, next: () => Promise<AgentResponse>) => Promise<AgentResponse> {
+  const inputValidator = new InputValidator(config.input);
+  const outputFilter = new OutputFilter(config.output);
+
+  return async (
+    context: AgentContext,
+    next: () => Promise<AgentResponse>,
+  ): Promise<AgentResponse> => {
+    const inputString = typeof context.input === "string"
+      ? context.input
+      : JSON.stringify(context.input);
+    const inputValidation = await inputValidator.validate(inputString);
+
+    if (!inputValidation.valid) {
+      reportViolations(inputValidation.violations, config.onViolation);
+
+      const firstViolation = inputValidation.violations[0];
+      throw toError(
+        createError({
+          type: "agent",
+          message: `Input validation failed: ${firstViolation?.reason ?? "Unknown reason"}`,
+        }),
+      );
+    }
+
+    if (inputValidation.sanitized != null) {
+      context.input = inputValidation.sanitized;
+    }
+
+    const result = await next();
+
+    const outputFiltering = await outputFilter.filter(result.text);
+    reportViolations(outputFiltering.violations, config.onViolation);
+
+    return { ...result, text: outputFiltering.filtered };
+  };
+}

package/src/src/agent/runtime/index.ts

@@ -194,6 +194,7 @@ export class AgentRuntime {
     input: string | Message[],
     context?: Record<string, unknown>,
     modelOverride?: string,
+    maxOutputTokensOverride?: number,
   ): Promise<AgentResponse> {
     const requestedModel = resolveConfiguredAgentModel(modelOverride || this.config.model);
     const resolvedModelString = maybeUpgradeLocalModel(requestedModel);
@@ -221,7 +222,13 @@ export class AgentRuntime {
       const chain = new MiddlewareChain(this.config.middleware);
       return chain.execute(
         agentContext,
-        () => this.executeAgentLoop(systemPrompt, messages, resolvedModelString),
+        () =>
+          this.executeAgentLoop(
+            systemPrompt,
+            messages,
+            resolvedModelString,
+            maxOutputTokensOverride,
+          ),
       );
     });
   }
@@ -238,6 +245,7 @@ export class AgentRuntime {
       onChunk?: (chunk: string) => void;
     },
     modelOverride?: string,
+    maxOutputTokensOverride?: number,
   ): Promise<ReadableStream<Uint8Array>> {
     const requestedModel = resolveConfiguredAgentModel(modelOverride || this.config.model);
     // Auto-upgrade local/* to a cloud provider when API keys are available.
@@ -300,6 +308,7 @@ export class AgentRuntime {
             toolContext,
             resolvedModelString,
             languageModel,
+            maxOutputTokensOverride,
           );
 
           sendSSE(controller, encoder, { type: "text-end", id: textPartId });
@@ -325,6 +334,7 @@ export class AgentRuntime {
     systemPrompt: string,
     messages: Message[],
     modelString?: string,
+    maxOutputTokensOverride?: number,
   ): Promise<AgentResponse> {
     return withSpan("agent.execution_loop", async (loopSpan) => {
       const { maxAgentSteps } = getPlatformCapabilities();
@@ -373,7 +383,7 @@ export class AgentRuntime {
             system: systemPrompt,
             messages: convertToModelMessages(currentMessages),
             tools: convertToolsToAISDK(tools),
-            maxOutputTokens: this.config.memory?.maxTokens ?? DEFAULT_MAX_TOKENS,
+            maxOutputTokens: this.resolveMaxOutputTokens(maxOutputTokensOverride),
             temperature: DEFAULT_TEMPERATURE,
           });
         });
@@ -556,6 +566,7 @@ export class AgentRuntime {
     toolContext?: Record<string, unknown>,
     modelString?: string,
     resolvedModel?: LanguageModel,
+    maxOutputTokensOverride?: number,
   ): Promise<AgentResponse> {
     const { maxAgentSteps } = getPlatformCapabilities();
     const maxSteps = this.computeMaxSteps(maxAgentSteps);
@@ -597,7 +608,7 @@ export class AgentRuntime {
         system: systemPrompt,
         messages: convertToModelMessages(currentMessages),
         tools: convertToolsToAISDK(tools),
-        maxOutputTokens: this.config.memory?.maxTokens ?? DEFAULT_MAX_TOKENS,
+        maxOutputTokens: this.resolveMaxOutputTokens(maxOutputTokensOverride),
         temperature: DEFAULT_TEMPERATURE,
       });
 
@@ -818,6 +829,18 @@ export class AgentRuntime {
     return getMaxSteps(this.config.maxSteps, edgeMaxSteps, platformLimit);
   }
 
+  private resolveMaxOutputTokens(maxOutputTokensOverride?: number): number {
+    if (
+      typeof maxOutputTokensOverride === "number" &&
+      Number.isFinite(maxOutputTokensOverride) &&
+      maxOutputTokensOverride > 0
+    ) {
+      return Math.floor(maxOutputTokensOverride);
+    }
+
+    return this.config.memory?.maxTokens ?? DEFAULT_MAX_TOKENS;
+  }
+
   /**
    * Get memory instance (for advanced use cases)
    */

package/src/src/agent/types.ts

@@ -134,6 +134,8 @@ export interface Agent {
     context?: Record<string, unknown>;
     /** Override the agent's default model for this request. Must be in `allowedModels` if configured. */
     model?: ModelString;
+    /** Override the maximum model output tokens for this request. */
+    maxOutputTokens?: number;
   }): Promise<AgentResponse>;
 
   stream(input: {
@@ -142,6 +144,8 @@ export interface Agent {
     context?: Record<string, unknown>;
     /** Override the agent's default model for this request. Must be in `allowedModels` if configured. */
     model?: ModelString;
+    /** Override the maximum model output tokens for this request. */
+    maxOutputTokens?: number;
     onToolCall?: (toolCall: ToolCall) => void;
     onChunk?: (chunk: string) => void;
   }): Promise<AgentStreamResult>;