veryfront 0.1.62 → 0.1.64

package/src/src/platform/compat/opaque-deps.ts

@@ -17,7 +17,7 @@
 import * as dntShim from "../../../_dnt.shims.js";
 
 
-import { isDeno } from "./runtime.js";
+import { isDeno, isDenoCompiled } from "./runtime.js";
 import { dynamicImport } from "./dynamic-import.js";
 
 function resolve(pkg: string, version: string): string {
@@ -27,6 +27,14 @@ function resolve(pkg: string, version: string): string {
 // deno-lint-ignore no-explicit-any -- callers assign to their own typed variable; any allows implicit narrowing at each call site
 type OpaqueModule = any;
 
+type KreuzbergModule = {
+  initWasm?: () => Promise<void>;
+  extractBytes: (
+    data: Uint8Array,
+    mimeType: string,
+  ) => Promise<{ content: string }>;
+};
+
 /** Lazily import `@huggingface/transformers` (+ onnxruntime, ~500MB). */
 export function importTransformers(): Promise<OpaqueModule> {
   return dynamicImport(resolve("@huggingface/transformers", "3.4.2"));
@@ -57,9 +65,16 @@ export async function importKreuzberg(): Promise<{
 }> {
   if (isDeno) {
     // Regular import — visible to deno compile, resolved via deno.json import map
-    const mod = await import("@kreuzberg/wasm") as unknown as
-      & { initWasm?: () => Promise<void> }
-      & { extractBytes: (data: Uint8Array, mimeType: string) => Promise<{ content: string }> };
+    const mod = await import("@kreuzberg/wasm") as unknown as KreuzbergModule;
+    if (isDenoCompiled) {
+      // Kreuzberg's initWasm() internally uses a computed dynamic import() to
+      // load the WASM glue module (kreuzberg_wasm.js). deno compile cannot
+      // trace computed import() paths, so the glue module is absent from the
+      // binary's embedded module graph. Pre-importing it here populates Deno's
+      // in-process module cache so the subsequent import() inside initWasm()
+      // resolves from cache instead of hitting the missing file.
+      await import("@kreuzberg/wasm/dist/pkg/kreuzberg_wasm.js");
+    }
     await mod.initWasm?.();
     return mod;
   }

package/src/src/prompt/factory.ts

@@ -1,5 +1,6 @@
 import type { Prompt, PromptConfig } from "./types.js";
 import { createError, toError } from "../errors/veryfront-error.js";
+import { COMMON_BLOCKED_PATTERNS } from "../agent/middleware/security/validator.js";
 
 export function prompt(config: PromptConfig): Prompt {
   const id = config.id ?? generatePromptId();
@@ -35,12 +36,20 @@ function generatePromptId(): string {
   return `prompt_${Date.now()}_${promptIdCounter++}`;
 }
 
+function sanitizeVariableValue(value: string): string {
+  let sanitized = value;
+  for (const pattern of COMMON_BLOCKED_PATTERNS.promptInjection) {
+    sanitized = sanitized.replace(pattern, "");
+  }
+  return sanitized;
+}
+
 function interpolateVariables(
   template: string,
   variables: Record<string, unknown>,
 ): string {
   return template.replace(/\{(\w+)\}/g, (match, key) => {
     const value = variables[key];
-    return value != null ? String(value) : match;
+    return value != null ? sanitizeVariableValue(String(value)) : match;
   });
 }

package/src/src/react/components/ai/markdown.tsx

@@ -21,10 +21,11 @@ export interface CodeBlockProps {
   inline?: boolean;
 }
 
-const ESM_REACT_MARKDOWN = "https://esm.sh/react-markdown@9?external=react&target=es2022";
-const ESM_REMARK_GFM = "https://esm.sh/remark-gfm@4?target=es2022";
-const ESM_REHYPE_HIGHLIGHT = "https://esm.sh/rehype-highlight@7?target=es2022";
-const ESM_MERMAID = "https://esm.sh/mermaid@11";
+const ESM_REACT_MARKDOWN =
+  "https://esm.sh/react-markdown@9.0.3?external=react&target=es2022&pin=v135";
+const ESM_REMARK_GFM = "https://esm.sh/remark-gfm@4.0.1?target=es2022&pin=v135";
+const ESM_REHYPE_HIGHLIGHT = "https://esm.sh/rehype-highlight@7.0.2?target=es2022&pin=v135";
+const ESM_MERMAID = "https://esm.sh/mermaid@11.4.1?pin=v135";
 
 const dynamicImport = new Function("url", "return import(url)") as (url: string) => Promise<any>;
 

package/src/src/server/handlers/dev/framework-candidates.generated.ts

@@ -3059,10 +3059,10 @@ export const FRAMEWORK_CANDIDATES: readonly string[] = [
   "html:",
   "html>",
   "https://ai-sdk.dev/elements)",
-  "https://esm.sh/mermaid@11",
-  "https://esm.sh/react-markdown@9?external=react",
-  "https://esm.sh/rehype-highlight@7?target=es2022",
-  "https://esm.sh/remark-gfm@4?target=es2022",
+  "https://esm.sh/mermaid@11.4.1?pin=v135",
+  "https://esm.sh/react-markdown@9.0.3?external=react",
+  "https://esm.sh/rehype-highlight@7.0.2?target=es2022",
+  "https://esm.sh/remark-gfm@4.0.1?target=es2022",
   "hydration",
   "i)",
   "icon",
@@ -4007,6 +4007,7 @@ export const FRAMEWORK_CANDIDATES: readonly string[] = [
   "persistThreads],",
   "pickers,",
   "pill",
+  "pin=v135",
   "pl-2",
   "pl-2.5",
   "pl-3",

package/src/src/server/handlers/preview/markdown-html-generator.ts

@@ -118,7 +118,7 @@ export function generateMarkdownHtml(options: MarkdownHtmlOptions): string {
   ${studioScript}
 
   <script type="module">
-    import mermaid from 'https://esm.sh/mermaid@11';
+    import mermaid from 'https://esm.sh/mermaid@11.4.1?pin=v135';
 
     function getMermaidTheme() {
       return document.documentElement.dataset.theme === 'dark' ? 'dark' : 'default';

package/src/src/server/handlers/request/api/api-handler-wrapper.ts

@@ -9,9 +9,7 @@ import type {
 import { getApiHandler } from "./pages-api-handler.js";
 import { PRIORITY_MEDIUM_API } from "../../../../utils/constants/index.js";
 import { withSpan } from "../../../../observability/tracing/otlp-setup.js";
-import { serverLogger } from "../../../../utils/index.js";
-
-const logger = serverLogger.component("api-wrapper");
+import { ensureProjectDiscovery } from "./project-discovery.js";
 
 type FsWrapper = {
   isMultiProjectMode?: () => boolean;
@@ -24,88 +22,6 @@ type FsWrapper = {
   ) => Promise<T>;
 };
 
-/**
- * Tracks in-flight and completed AI discovery per project+release.
- *
- * Key: `{projectSlug}:{releaseId}` for production, `{projectSlug}:preview` for preview.
- * This ensures a new deployment triggers re-discovery of agents/tools.
- *
- * Using a Map<string, Promise> deduplicates concurrent requests and
- * allows retry on failure (the key is deleted if discovery rejects).
- */
-const discoveredProjects = new Map<string, Promise<void>>();
-
-/** Build a discovery cache key that incorporates the release/version. */
-function discoveryKey(ctx: HandlerContext): string {
-  const slug = ctx.projectSlug ?? ctx.projectDir;
-  const version = ctx.releaseId ?? "preview";
-  return `${slug}:${version}`;
-}
-
-/**
- * Run AI discovery (agents, tools) for a project if not already done.
- * Must be called within a runWithContext scope so the VFS can resolve
- * the correct remote project files and the agent registry uses the
- * correct project scope.
- */
-async function ensureProjectDiscovery(ctx: HandlerContext): Promise<void> {
-  const key = discoveryKey(ctx);
-
-  const existing = discoveredProjects.get(key);
-  if (existing) return existing;
-
-  const promise = (async () => {
-    const { discoverAll } = await import("../../../../discovery/index.js");
-    const { agentRegistry } = await import(
-      "../../../../agent/composition/composition.js"
-    );
-    const { toolRegistry } = await import("../../../../tool/registry.js");
-
-    // Clear stale entries for this project scope before re-discovery.
-    // This prevents agents/tools removed in a new release from lingering.
-    agentRegistry.clear();
-    toolRegistry.clear();
-
-    const result = await discoverAll({
-      baseDir: ctx.projectDir,
-      fsAdapter: ctx.adapter.fs,
-      verbose: false,
-    });
-
-    const logData = {
-      projectSlug: ctx.projectSlug,
-      releaseId: ctx.releaseId,
-      agents: result.agents.size,
-      tools: result.tools.size,
-      errors: result.errors.length,
-    };
-
-    if (result.agents.size === 0 && result.tools.size === 0) {
-      logger.warn("AI discovery found 0 agents and 0 tools", {
-        ...logData,
-        errorMessages: result.errors.map((e) => e.error.message).slice(0, 5),
-        baseDir: ctx.projectDir,
-      });
-    } else {
-      logger.info("AI discovery completed", logData);
-    }
-  })();
-
-  discoveredProjects.set(key, promise);
-
-  try {
-    await promise;
-  } catch (error) {
-    // Allow retry on next request
-    discoveredProjects.delete(key);
-    logger.warn("AI discovery failed (will retry)", {
-      projectSlug: ctx.projectSlug,
-      error: error instanceof Error ? error.message : String(error),
-      stack: error instanceof Error ? error.stack : undefined,
-    });
-  }
-}
-
 export class ApiHandlerWrapper extends BaseHandler {
   private projectDir: string;
   private adapter: import("../../../../platform/adapters/base.js").RuntimeAdapter;

package/src/src/server/handlers/request/api/project-discovery.ts

@@ -0,0 +1,86 @@
+import { serverLogger } from "../../../../utils/index.js";
+import type { HandlerContext } from "../../types.js";
+
+const logger = serverLogger.component("api-wrapper");
+
+/**
+ * Tracks in-flight and completed AI discovery per project+release.
+ *
+ * Key: `{projectSlug}:{releaseId}` for production, `{projectSlug}:preview` for preview.
+ * This ensures a new deployment triggers re-discovery of agents/tools.
+ *
+ * Using a Map<string, Promise> deduplicates concurrent requests and
+ * allows retry on failure (the key is deleted if discovery rejects).
+ */
+const discoveredProjects = new Map<string, Promise<void>>();
+
+/** Build a discovery cache key that incorporates the release/version. */
+function discoveryKey(ctx: HandlerContext): string {
+  const slug = ctx.projectSlug ?? ctx.projectDir;
+  const version = ctx.releaseId ?? "preview";
+  return `${slug}:${version}`;
+}
+
+/**
+ * Run AI discovery (agents, tools) for a project if not already done.
+ * Must be called within a runWithContext scope so the VFS can resolve
+ * the correct remote project files and the agent registry uses the
+ * correct project scope.
+ */
+export async function ensureProjectDiscovery(ctx: HandlerContext): Promise<void> {
+  const key = discoveryKey(ctx);
+
+  const existing = discoveredProjects.get(key);
+  if (existing) return existing;
+
+  const promise = (async () => {
+    const { discoverAll } = await import("../../../../discovery/index.js");
+    const { agentRegistry } = await import(
+      "../../../../agent/composition/composition.js"
+    );
+    const { toolRegistry } = await import("../../../../tool/registry.js");
+
+    // Clear stale entries for this project scope before re-discovery.
+    // This prevents agents/tools removed in a new release from lingering.
+    agentRegistry.clear();
+    toolRegistry.clear();
+
+    const result = await discoverAll({
+      baseDir: ctx.projectDir,
+      fsAdapter: ctx.adapter.fs,
+      verbose: false,
+    });
+
+    const logData = {
+      projectSlug: ctx.projectSlug,
+      releaseId: ctx.releaseId,
+      agents: result.agents.size,
+      tools: result.tools.size,
+      errors: result.errors.length,
+    };
+
+    if (result.agents.size === 0 && result.tools.size === 0) {
+      logger.warn("AI discovery found 0 agents and 0 tools", {
+        ...logData,
+        errorMessages: result.errors.map((e) => e.error.message).slice(0, 5),
+        baseDir: ctx.projectDir,
+      });
+    } else {
+      logger.info("AI discovery completed", logData);
+    }
+  })();
+
+  discoveredProjects.set(key, promise);
+
+  try {
+    await promise;
+  } catch (error) {
+    // Allow retry on next request
+    discoveredProjects.delete(key);
+    logger.warn("AI discovery failed (will retry)", {
+      projectSlug: ctx.projectSlug,
+      error: error instanceof Error ? error.message : String(error),
+      stack: error instanceof Error ? error.stack : undefined,
+    });
+  }
+}

package/src/src/server/handlers/request/channel-assistants.handler.ts

@@ -0,0 +1,94 @@
+import * as dntShim from "../../../../_dnt.shims.js";
+import { BaseHandler } from "../response/base.js";
+import type { HandlerContext, HandlerMetadata, HandlerPriority, HandlerResult } from "../types.js";
+import {
+  ChannelAssistantsRequestSchema,
+  type ChannelInvokeDeps,
+  defaultChannelInvokeDeps,
+  listChannelAssistants,
+  verifyDispatchJws,
+} from "../../../channels/invoke.js";
+import {
+  HTTP_INTERNAL_SERVER_ERROR,
+  PRIORITY_MEDIUM_API,
+} from "../../../utils/constants/index.js";
+
+const DISPATCH_JWS_HEADER = "x-veryfront-dispatch-jws";
+const MAX_DISPATCH_SIGNATURE_AGE_SECONDS = 60;
+
+export class ChannelAssistantsHandler extends BaseHandler {
+  metadata: HandlerMetadata = {
+    name: "ChannelAssistantsHandler",
+    priority: PRIORITY_MEDIUM_API as HandlerPriority,
+    patterns: [{ pattern: "/channels/assistants", exact: true, method: "POST" }],
+  };
+
+  constructor(private readonly deps: ChannelInvokeDeps = defaultChannelInvokeDeps) {
+    super();
+  }
+
+  async handle(req: dntShim.Request, ctx: HandlerContext): Promise<HandlerResult> {
+    if (!this.shouldHandle(req, ctx)) {
+      return this.continue();
+    }
+
+    return this.withProxyContext(ctx, async () => {
+      const builder = this.createResponseBuilder(ctx)
+        .withCORS(req, ctx.securityConfig?.cors)
+        .withSecurity(ctx.securityConfig ?? undefined, req);
+
+      const publicKeyPem = ctx.adapter.env.get("CHANNEL_DISPATCH_SIGNING_PUBLIC_KEY");
+      if (!publicKeyPem) {
+        this.logWarn("Missing CHANNEL_DISPATCH_SIGNING_PUBLIC_KEY for channel assistants endpoint");
+        return this.respond(
+          builder.json(
+            { error: "Channel dispatch verification is not configured" },
+            HTTP_INTERNAL_SERVER_ERROR,
+          ),
+        );
+      }
+
+      const projectSlug = ctx.projectSlug;
+      if (!projectSlug) {
+        this.logWarn("Channel assistants request arrived without resolved project slug");
+        return this.respond(builder.json({ error: "Project context is unavailable" }, 400));
+      }
+
+      const dispatchJws = req.headers.get(DISPATCH_JWS_HEADER);
+      if (!dispatchJws) {
+        return this.respond(builder.json({ error: "Missing dispatch signature" }, 401));
+      }
+
+      const rawBody = await req.text();
+      try {
+        await verifyDispatchJws(dispatchJws, rawBody, {
+          audience: projectSlug,
+          expectedProjectId: ctx.projectId,
+          publicKeyPem,
+          maxAgeSeconds: MAX_DISPATCH_SIGNATURE_AGE_SECONDS,
+        });
+      } catch (error) {
+        this.logWarn("Channel assistants signature verification failed", {
+          error: error instanceof Error ? error.message : String(error),
+          projectSlug,
+          projectId: ctx.projectId,
+        });
+        return this.respond(builder.json({ error: "Invalid dispatch signature" }, 401));
+      }
+
+      try {
+        ChannelAssistantsRequestSchema.parse(JSON.parse(rawBody));
+      } catch (error) {
+        this.logWarn("Channel assistants request validation failed", {
+          error: error instanceof Error ? error.message : String(error),
+          projectSlug,
+          projectId: ctx.projectId,
+        });
+        return this.respond(builder.json({ error: "Invalid channel assistants request" }, 400));
+      }
+
+      const response = await listChannelAssistants(ctx, this.deps);
+      return this.respond(builder.json(response, 200));
+    });
+  }
+}

package/src/src/server/handlers/request/channel-invoke.handler.ts

@@ -0,0 +1,95 @@
+import * as dntShim from "../../../../_dnt.shims.js";
+import { BaseHandler } from "../response/base.js";
+import type { HandlerContext, HandlerMetadata, HandlerPriority, HandlerResult } from "../types.js";
+import {
+  type ChannelInvokeDeps,
+  ChannelInvokeRequestSchema,
+  defaultChannelInvokeDeps,
+  executeChannelInvoke,
+  verifyDispatchJws,
+} from "../../../channels/invoke.js";
+import {
+  HTTP_INTERNAL_SERVER_ERROR,
+  PRIORITY_MEDIUM_API,
+} from "../../../utils/constants/index.js";
+
+const DISPATCH_JWS_HEADER = "x-veryfront-dispatch-jws";
+const MAX_DISPATCH_SIGNATURE_AGE_SECONDS = 60;
+
+export class ChannelInvokeHandler extends BaseHandler {
+  metadata: HandlerMetadata = {
+    name: "ChannelInvokeHandler",
+    priority: PRIORITY_MEDIUM_API as HandlerPriority,
+    patterns: [{ pattern: "/channels/invoke", exact: true, method: "POST" }],
+  };
+
+  constructor(private readonly deps: ChannelInvokeDeps = defaultChannelInvokeDeps) {
+    super();
+  }
+
+  async handle(req: dntShim.Request, ctx: HandlerContext): Promise<HandlerResult> {
+    if (!this.shouldHandle(req, ctx)) {
+      return this.continue();
+    }
+
+    return this.withProxyContext(ctx, async () => {
+      const builder = this.createResponseBuilder(ctx)
+        .withCORS(req, ctx.securityConfig?.cors)
+        .withSecurity(ctx.securityConfig ?? undefined, req);
+
+      const publicKeyPem = ctx.adapter.env.get("CHANNEL_DISPATCH_SIGNING_PUBLIC_KEY");
+      if (!publicKeyPem) {
+        this.logWarn("Missing CHANNEL_DISPATCH_SIGNING_PUBLIC_KEY for channel invoke endpoint");
+        return this.respond(
+          builder.json(
+            { error: "Channel dispatch verification is not configured" },
+            HTTP_INTERNAL_SERVER_ERROR,
+          ),
+        );
+      }
+
+      const projectSlug = ctx.projectSlug;
+      if (!projectSlug) {
+        this.logWarn("Channel invoke request arrived without resolved project slug");
+        return this.respond(builder.json({ error: "Project context is unavailable" }, 400));
+      }
+
+      const dispatchJws = req.headers.get(DISPATCH_JWS_HEADER);
+      if (!dispatchJws) {
+        return this.respond(builder.json({ error: "Missing dispatch signature" }, 401));
+      }
+
+      const rawBody = await req.text();
+      try {
+        await verifyDispatchJws(dispatchJws, rawBody, {
+          audience: projectSlug,
+          expectedProjectId: ctx.projectId,
+          publicKeyPem,
+          maxAgeSeconds: MAX_DISPATCH_SIGNATURE_AGE_SECONDS,
+        });
+      } catch (error) {
+        this.logWarn("Channel invoke signature verification failed", {
+          error: error instanceof Error ? error.message : String(error),
+          projectSlug,
+          projectId: ctx.projectId,
+        });
+        return this.respond(builder.json({ error: "Invalid dispatch signature" }, 401));
+      }
+
+      let payload;
+      try {
+        payload = ChannelInvokeRequestSchema.parse(JSON.parse(rawBody));
+      } catch (error) {
+        this.logWarn("Channel invoke request validation failed", {
+          error: error instanceof Error ? error.message : String(error),
+          projectSlug,
+          projectId: ctx.projectId,
+        });
+        return this.respond(builder.json({ error: "Invalid channel invoke request" }, 400));
+      }
+
+      const response = await executeChannelInvoke(payload, ctx, this.deps);
+      return this.respond(builder.json(response, 200));
+    });
+  }
+}

package/src/src/server/runtime-handler/index.ts

@@ -53,6 +53,8 @@ import { HMRHandler } from "../handlers/preview/hmr.handler.js";
 import { MarkdownPreviewHandler } from "../handlers/preview/markdown-preview.handler.js";
 import { OpenAPIHandler } from "../handlers/request/openapi.handler.js";
 import { OpenAPIDocsHandler } from "../handlers/request/openapi-docs.handler.js";
+import { ChannelAssistantsHandler } from "../handlers/request/channel-assistants.handler.js";
+import { ChannelInvokeHandler } from "../handlers/request/channel-invoke.handler.js";
 import { DevDashboardHandler } from "../handlers/dev/dashboard/index.js";
 import { ProjectsHandler } from "../handlers/dev/projects/index.js";
 
@@ -204,6 +206,8 @@ export function createVeryfrontHandler(
     new DebugContextHandler(),
     new OpenAPIHandler(),
     new OpenAPIDocsHandler(),
+    new ChannelAssistantsHandler(),
+    new ChannelInvokeHandler(),
     new DevDashboardHandler(),
     new ProjectsHandler(),
     new StudioBridgeModulesHandler(),

package/src/src/transforms/md/compiler/md-compiler.ts

@@ -5,6 +5,8 @@ import remarkFrontmatter from "remark-frontmatter";
 import remarkRehype from "remark-rehype";
 import rehypeStarryNight from "rehype-starry-night";
 import rehypeSlug from "rehype-slug";
+import rehypeRaw from "rehype-raw";
+import rehypeSanitize, { defaultSchema } from "rehype-sanitize";
 import rehypeStringify from "rehype-stringify";
 import { visit } from "unist-util-visit";
 import { toString } from "mdast-util-to-string";
@@ -98,12 +100,36 @@ export function compileMarkdownRuntime(
           .use(rehypeStarryNight)
           .use(rehypeSlug);
 
+        // Parse raw HTML nodes into proper elements before sanitizing.
+        pipeline.use(rehypeRaw);
+
+        // Add node positions after rehype-raw so attributes survive re-parsing.
         if (studioEmbed && filePath) {
           pipeline.use(rehypeNodePositions, { filePath });
         }
 
+        // Extend the sanitize schema in studio embed mode to preserve
+        // data-node-* attributes used for element-to-source mapping.
+        const sanitizeSchema = studioEmbed
+          ? {
+            ...defaultSchema,
+            attributes: {
+              ...defaultSchema.attributes,
+              "*": [
+                ...(defaultSchema.attributes?.["*"] ?? []),
+                "data-node-file",
+                "data-node-name",
+                "data-node-line",
+                "data-node-column",
+                "data-node-source",
+              ],
+            },
+          }
+          : defaultSchema;
+
         const result = await pipeline
-          .use(rehypeStringify, { allowDangerousHtml: true })
+          .use(rehypeSanitize, sanitizeSchema)
+          .use(rehypeStringify)
           .process(body);
         const html = String(result);