veryfront 0.1.63 → 0.1.65

package/esm/deno.js

@@ -1,6 +1,6 @@
 export default {
     "name": "veryfront",
-    "version": "0.1.63",
+    "version": "0.1.65",
     "license": "Apache-2.0",
     "nodeModulesDir": "auto",
     "exclude": [

package/esm/src/agent/runtime/index.d.ts

@@ -54,6 +54,7 @@ export declare class AgentRuntime {
     stream(messages: Message[], context?: Record<string, unknown>, callbacks?: {
         onToolCall?: (toolCall: ToolCall) => void;
         onChunk?: (chunk: string) => void;
+        onFinish?: (response: AgentResponse) => void;
     }, modelOverride?: string, maxOutputTokensOverride?: number): Promise<ReadableStream<Uint8Array>>;
     /**
      * Execute agent loop (with tool calling)

package/esm/src/agent/runtime/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/src/agent/runtime/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EACL,KAAK,WAAW,EAEhB,KAAK,aAAa,EAGlB,KAAK,OAAO,EAEZ,KAAK,QAAQ,EACd,MAAM,aAAa,CAAC;AAKrB,OAAO,EAAgB,KAAK,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAe/D,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACpF,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAChF,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAC1E,YAAY,EAAE,iBAAiB,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAClG,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,gBAAgB,CAAC;AAqBxB;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,EAAE,GAAG,SAAS,CA6BxE;AAED,gEAAgE;AAChE,KAAK,iBAAiB,GAClB;IAAE,OAAO,EAAE,IAAI,CAAA;CAAE,GACjB;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAEtC;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,MAAM,EAChB,iBAAiB,EAAE,MAAM,EAAE,GAAG,SAAS,EACvC,kBAAkB,EAAE,OAAO,GAC1B,iBAAiB,CAiBnB;AAkCD,qBAAa,YAAY;IACvB,OAAO,CAAC,EAAE,CAAS;IACnB,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,MAAM,CAAuB;gBAEzB,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW;IAS3C;;OAEG;IACG,QAAQ,CACZ,KAAK,EAAE,MAAM,GAAG,OAAO,EAAE,EACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,aAAa,CAAC,EAAE,MAAM,EACtB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,aAAa,CAAC;IAsCzB;;;OAGG;IACG,MAAM,CACV,QAAQ,EAAE,OAAO,EAAE,EACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,SAAS,CAAC,EAAE;QACV,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,CAAC;QAC1C,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;KACnC,EACD,aAAa,CAAC,EAAE,MAAM,EACtB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IAiFtC;;OAEG;YACW,gBAAgB;IA0N9B;;;;OAIG;YACW,yBAAyB;IA0NvC;;OAEG;YACW,eAAe;IAqC7B;;OAEG;YACW,mBAAmB;IAOjC;;OAEG;IACH,OAAO,CAAC,eAAe;IAKvB,OAAO,CAAC,sBAAsB;IAY9B;;OAEG;IACH,SAAS,IAAI,MAAM,CAAC,OAAO,CAAC;IAI5B;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC;QAC9B,aAAa,EAAE,MAAM,CAAC;QACtB,eAAe,EAAE,MAAM,CAAC;QACxB,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAIF;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CAGnC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/src/agent/runtime/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EACL,KAAK,WAAW,EAEhB,KAAK,aAAa,EAGlB,KAAK,OAAO,EAEZ,KAAK,QAAQ,EACd,MAAM,aAAa,CAAC;AAKrB,OAAO,EAAgB,KAAK,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAe/D,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AACpF,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACzE,OAAO,EAAE,eAAe,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAChF,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAC1E,YAAY,EAAE,iBAAiB,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAClG,OAAO,EACL,iBAAiB,EACjB,kBAAkB,EAClB,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,gBAAgB,CAAC;AAqBxB;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,EAAE,GAAG,SAAS,CA6BxE;AAED,gEAAgE;AAChE,KAAK,iBAAiB,GAClB;IAAE,OAAO,EAAE,IAAI,CAAA;CAAE,GACjB;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC;AAEtC;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,MAAM,EAChB,iBAAiB,EAAE,MAAM,EAAE,GAAG,SAAS,EACvC,kBAAkB,EAAE,OAAO,GAC1B,iBAAiB,CAiBnB;AAkCD,qBAAa,YAAY;IACvB,OAAO,CAAC,EAAE,CAAS;IACnB,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,MAAM,CAAuB;gBAEzB,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW;IAS3C;;OAEG;IACG,QAAQ,CACZ,KAAK,EAAE,MAAM,GAAG,OAAO,EAAE,EACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,aAAa,CAAC,EAAE,MAAM,EACtB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,aAAa,CAAC;IAsCzB;;;OAGG;IACG,MAAM,CACV,QAAQ,EAAE,OAAO,EAAE,EACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,SAAS,CAAC,EAAE;QACV,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,QAAQ,KAAK,IAAI,CAAC;QAC1C,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;QAClC,QAAQ,CAAC,EAAE,CAAC,QAAQ,EAAE,aAAa,KAAK,IAAI,CAAC;KAC9C,EACD,aAAa,CAAC,EAAE,MAAM,EACtB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;IAkFtC;;OAEG;YACW,gBAAgB;IA6N9B;;;;OAIG;YACW,yBAAyB;IA+NvC;;OAEG;YACW,eAAe;IAqC7B;;OAEG;YACW,mBAAmB;IAOjC;;OAEG;IACH,OAAO,CAAC,eAAe;IAKvB,OAAO,CAAC,sBAAsB;IAY9B;;OAEG;IACH,SAAS,IAAI,MAAM,CAAC,OAAO,CAAC;IAI5B;;OAEG;IACG,cAAc,IAAI,OAAO,CAAC;QAC9B,aAAa,EAAE,MAAM,CAAC;QACtB,eAAe,EAAE,MAAM,CAAC;QACxB,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IAIF;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC;CAGnC"}

package/esm/src/agent/runtime/index.js

@@ -204,7 +204,8 @@ export class AgentRuntime {
                         },
                     });
                     sendSSE(controller, encoder, { type: "text-start", id: textPartId });
-                    await this.executeAgentLoopStreaming(systemPrompt, memoryMessages, controller, encoder, callbacks, textPartId, toolContext, resolvedModelString, languageModel, maxOutputTokensOverride);
+                    const response = await this.executeAgentLoopStreaming(systemPrompt, memoryMessages, controller, encoder, callbacks, textPartId, toolContext, resolvedModelString, languageModel, maxOutputTokensOverride);
+                    callbacks?.onFinish?.(response);
                     sendSSE(controller, encoder, { type: "text-end", id: textPartId });
                     sendSSE(controller, encoder, { type: "message-finish" });
                     controller.close();
@@ -344,7 +345,10 @@ export class AgentRuntime {
                         try {
                             toolCall.status = "executing";
                             const startTime = Date.now();
-                            const result = await executeTool(tc.toolName, toolCall.args, { agentId: this.id });
+                            const result = await executeTool(tc.toolName, toolCall.args, {
+                                agentId: this.id,
+                                toolCallId: tc.toolCallId,
+                            });
                             toolCall.status = "completed";
                             toolCall.result = result;
                             toolCall.executionTime = Date.now() - startTime;
@@ -429,6 +433,7 @@ export class AgentRuntime {
         }
         // Request-scoped skill policy (not class-level mutable state)
         let activeSkillPolicy;
+        let finalFinishReason;
         for (let step = 0; step < maxSteps; step++) {
             sendSSE(controller, encoder, { type: "step-start" });
             let tools = isLocalStreaming ? [] : getAvailableTools(this.config.tools, {
@@ -451,6 +456,7 @@ export class AgentRuntime {
                 onChunk: callbacks?.onChunk,
                 onUsage: (usage) => accumulateUsage(totalUsage, usage),
             });
+            finalFinishReason = state.finishReason ?? finalFinishReason;
             const streamParts = [];
             if (state.accumulatedText)
                 streamParts.push({ type: "text", text: state.accumulatedText });
@@ -515,6 +521,7 @@ export class AgentRuntime {
                     callbacks?.onToolCall?.(toolCall);
                     const result = await executeTool(tc.name, toolCall.args, {
                         agentId: this.id,
+                        toolCallId: tc.id,
                         ...toolContext,
                     });
                     toolCall.status = "completed";
@@ -564,6 +571,7 @@ export class AgentRuntime {
             toolCalls,
             status: "completed",
             usage: totalUsage,
+            metadata: finalFinishReason ? { finishReason: finalFinishReason } : undefined,
         };
     }
     /**

package/esm/src/channels/control-plane.d.ts

@@ -0,0 +1,259 @@
+import type { Agent } from "../agent/index.js";
+import type { HandlerContext } from "../types/index.js";
+import { z } from "zod";
+export declare const ControlPlaneSurfaceSchema: z.ZodEnum<["studio", "channels", "a2a", "mcp"]>;
+export declare const ControlPlaneAgentsListRequestSchema: z.ZodObject<{
+    requestId: z.ZodString;
+    projectId: z.ZodString;
+    surface: z.ZodEnum<["studio", "channels", "a2a", "mcp"]>;
+}, "strip", z.ZodTypeAny, {
+    requestId: string;
+    projectId: string;
+    surface: "mcp" | "studio" | "channels" | "a2a";
+}, {
+    requestId: string;
+    projectId: string;
+    surface: "mcp" | "studio" | "channels" | "a2a";
+}>;
+export declare const RuntimeAgentSkillSchema: z.ZodObject<{
+    id: z.ZodString;
+    name: z.ZodString;
+    description: z.ZodOptional<z.ZodString>;
+    tags: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    examples: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    id: string;
+    description?: string | undefined;
+    tags?: string[] | undefined;
+    examples?: string[] | undefined;
+}, {
+    name: string;
+    id: string;
+    description?: string | undefined;
+    tags?: string[] | undefined;
+    examples?: string[] | undefined;
+}>;
+export declare const RuntimeAgentSchema: z.ZodObject<{
+    id: z.ZodString;
+    name: z.ZodString;
+    description: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    model: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    version: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    skills: z.ZodOptional<z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodString;
+        description: z.ZodOptional<z.ZodString>;
+        tags: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        examples: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        name: string;
+        id: string;
+        description?: string | undefined;
+        tags?: string[] | undefined;
+        examples?: string[] | undefined;
+    }, {
+        name: string;
+        id: string;
+        description?: string | undefined;
+        tags?: string[] | undefined;
+        examples?: string[] | undefined;
+    }>, "many">>;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    id: string;
+    description?: string | null | undefined;
+    version?: string | null | undefined;
+    model?: string | null | undefined;
+    skills?: {
+        name: string;
+        id: string;
+        description?: string | undefined;
+        tags?: string[] | undefined;
+        examples?: string[] | undefined;
+    }[] | undefined;
+}, {
+    name: string;
+    id: string;
+    description?: string | null | undefined;
+    version?: string | null | undefined;
+    model?: string | null | undefined;
+    skills?: {
+        name: string;
+        id: string;
+        description?: string | undefined;
+        tags?: string[] | undefined;
+        examples?: string[] | undefined;
+    }[] | undefined;
+}>;
+export declare const RuntimeAgentListResponseSchema: z.ZodObject<{
+    agents: z.ZodArray<z.ZodObject<{
+        id: z.ZodString;
+        name: z.ZodString;
+        description: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        model: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        version: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        skills: z.ZodOptional<z.ZodArray<z.ZodObject<{
+            id: z.ZodString;
+            name: z.ZodString;
+            description: z.ZodOptional<z.ZodString>;
+            tags: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+            examples: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+        }, "strip", z.ZodTypeAny, {
+            name: string;
+            id: string;
+            description?: string | undefined;
+            tags?: string[] | undefined;
+            examples?: string[] | undefined;
+        }, {
+            name: string;
+            id: string;
+            description?: string | undefined;
+            tags?: string[] | undefined;
+            examples?: string[] | undefined;
+        }>, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        name: string;
+        id: string;
+        description?: string | null | undefined;
+        version?: string | null | undefined;
+        model?: string | null | undefined;
+        skills?: {
+            name: string;
+            id: string;
+            description?: string | undefined;
+            tags?: string[] | undefined;
+            examples?: string[] | undefined;
+        }[] | undefined;
+    }, {
+        name: string;
+        id: string;
+        description?: string | null | undefined;
+        version?: string | null | undefined;
+        model?: string | null | undefined;
+        skills?: {
+            name: string;
+            id: string;
+            description?: string | undefined;
+            tags?: string[] | undefined;
+            examples?: string[] | undefined;
+        }[] | undefined;
+    }>, "many">;
+}, "strip", z.ZodTypeAny, {
+    agents: {
+        name: string;
+        id: string;
+        description?: string | null | undefined;
+        version?: string | null | undefined;
+        model?: string | null | undefined;
+        skills?: {
+            name: string;
+            id: string;
+            description?: string | undefined;
+            tags?: string[] | undefined;
+            examples?: string[] | undefined;
+        }[] | undefined;
+    }[];
+}, {
+    agents: {
+        name: string;
+        id: string;
+        description?: string | null | undefined;
+        version?: string | null | undefined;
+        model?: string | null | undefined;
+        skills?: {
+            name: string;
+            id: string;
+            description?: string | undefined;
+            tags?: string[] | undefined;
+            examples?: string[] | undefined;
+        }[] | undefined;
+    }[];
+}>;
+declare const dispatchClaimsSchema: z.ZodObject<{
+    iss: z.ZodString;
+    aud: z.ZodString;
+    sub: z.ZodString;
+    project_id: z.ZodString;
+    platform: z.ZodString;
+    body_sha256: z.ZodString;
+    iat: z.ZodNumber;
+    exp: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    project_id: string;
+    platform: string;
+    sub: string;
+    iss: string;
+    aud: string;
+    body_sha256: string;
+    iat: number;
+    exp: number;
+}, {
+    project_id: string;
+    platform: string;
+    sub: string;
+    iss: string;
+    aud: string;
+    body_sha256: string;
+    iat: number;
+    exp: number;
+}>;
+declare const controlPlaneClaimsSchema: z.ZodObject<{
+    iss: z.ZodString;
+    aud: z.ZodString;
+    sub: z.ZodString;
+    surface: z.ZodEnum<["studio", "channels", "a2a", "mcp"]>;
+    project_id: z.ZodString;
+    request_hash: z.ZodString;
+    iat: z.ZodNumber;
+    exp: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    project_id: string;
+    sub: string;
+    surface: "mcp" | "studio" | "channels" | "a2a";
+    iss: string;
+    aud: string;
+    iat: number;
+    exp: number;
+    request_hash: string;
+}, {
+    project_id: string;
+    sub: string;
+    surface: "mcp" | "studio" | "channels" | "a2a";
+    iss: string;
+    aud: string;
+    iat: number;
+    exp: number;
+    request_hash: string;
+}>;
+export type ControlPlaneSurface = z.infer<typeof ControlPlaneSurfaceSchema>;
+export type ControlPlaneAgentsListRequest = z.infer<typeof ControlPlaneAgentsListRequestSchema>;
+export type RuntimeAgentSkill = z.infer<typeof RuntimeAgentSkillSchema>;
+export type RuntimeAgent = z.infer<typeof RuntimeAgentSchema>;
+export type RuntimeAgentListResponse = z.infer<typeof RuntimeAgentListResponseSchema>;
+export type DispatchClaims = z.infer<typeof dispatchClaimsSchema>;
+export type ControlPlaneClaims = z.infer<typeof controlPlaneClaimsSchema>;
+export interface RuntimeAgentDiscoveryDeps {
+    ensureProjectDiscovery: (ctx: HandlerContext) => Promise<void>;
+    getAgent: (id: string) => Agent | undefined;
+    getAllAgentIds: () => string[];
+}
+export declare function listRuntimeAgents(ctx: HandlerContext, deps: RuntimeAgentDiscoveryDeps): Promise<RuntimeAgentListResponse>;
+export declare function verifyDispatchJws(jws: string, body: string, options: {
+    audience: string;
+    expectedPlatform?: string;
+    expectedProjectId?: string;
+    expectedSubject?: string;
+    maxAgeSeconds: number;
+    publicKeyPem: string;
+}): Promise<DispatchClaims>;
+export declare function verifyControlPlaneJws(jws: string, body: string, options: {
+    audience: string;
+    expectedProjectId?: string;
+    expectedSubject?: string;
+    expectedSurface?: ControlPlaneSurface;
+    maxAgeSeconds: number;
+    publicKeyPem: string;
+}): Promise<ControlPlaneClaims>;
+export {};
+//# sourceMappingURL=control-plane.d.ts.map

package/esm/src/channels/control-plane.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"control-plane.d.ts","sourceRoot":"","sources":["../../../src/src/channels/control-plane.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAGxD,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAUxB,eAAO,MAAM,yBAAyB,iDAA+C,CAAC;AAEtF,eAAO,MAAM,mCAAmC;;;;;;;;;;;;EAI9C,CAAC;AAEH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;EAMlC,CAAC;AAEH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAO7B,CAAC;AAEH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAEzC,CAAC;AAEH,QAAA,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;EASxB,CAAC;AAEH,QAAA,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;EAS5B,CAAC;AAEH,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,yBAAyB,CAAC,CAAC;AAC5E,MAAM,MAAM,6BAA6B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mCAAmC,CAAC,CAAC;AAChG,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAC;AACxE,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAC9D,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AACtF,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC;AAClE,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAE1E,MAAM,WAAW,yBAAyB;IACxC,sBAAsB,EAAE,CAAC,GAAG,EAAE,cAAc,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/D,QAAQ,EAAE,CAAC,EAAE,EAAE,MAAM,KAAK,KAAK,GAAG,SAAS,CAAC;IAC5C,cAAc,EAAE,MAAM,MAAM,EAAE,CAAC;CAChC;AAgLD,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,cAAc,EACnB,IAAI,EAAE,yBAAyB,GAC9B,OAAO,CAAC,wBAAwB,CAAC,CAUnC;AAED,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE;IACP,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB,GACA,OAAO,CAAC,cAAc,CAAC,CAmBzB;AAED,wBAAsB,qBAAqB,CACzC,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE;IACP,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,eAAe,CAAC,EAAE,mBAAmB,CAAC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB,GACA,OAAO,CAAC,kBAAkB,CAAC,CAmB7B"}

package/esm/src/channels/control-plane.js

@@ -0,0 +1,212 @@
+import * as dntShim from "../../_dnt.shims.js";
+import { skillRegistry } from "../skill/registry.js";
+import { base64urlEncodeBytes } from "../utils/base64url.js";
+import { z } from "zod";
+const SIGNATURE_SKEW_SECONDS = 5;
+const compactJwsHeaderSchema = z.object({
+    alg: z.literal("EdDSA"),
+    typ: z.string().optional(),
+    kid: z.string().optional(),
+});
+export const ControlPlaneSurfaceSchema = z.enum(["studio", "channels", "a2a", "mcp"]);
+export const ControlPlaneAgentsListRequestSchema = z.object({
+    requestId: z.string().min(1),
+    projectId: z.string().min(1),
+    surface: ControlPlaneSurfaceSchema,
+});
+export const RuntimeAgentSkillSchema = z.object({
+    id: z.string().min(1),
+    name: z.string().min(1),
+    description: z.string().optional(),
+    tags: z.array(z.string()).optional(),
+    examples: z.array(z.string()).optional(),
+});
+export const RuntimeAgentSchema = z.object({
+    id: z.string().min(1),
+    name: z.string().min(1),
+    description: z.string().nullable().optional(),
+    model: z.string().nullable().optional(),
+    version: z.string().nullable().optional(),
+    skills: z.array(RuntimeAgentSkillSchema).optional(),
+});
+export const RuntimeAgentListResponseSchema = z.object({
+    agents: z.array(RuntimeAgentSchema),
+});
+const dispatchClaimsSchema = z.object({
+    iss: z.string(),
+    aud: z.string(),
+    sub: z.string(),
+    project_id: z.string(),
+    platform: z.string(),
+    body_sha256: z.string(),
+    iat: z.number().int(),
+    exp: z.number().int(),
+});
+const controlPlaneClaimsSchema = z.object({
+    iss: z.string(),
+    aud: z.string(),
+    sub: z.string(),
+    surface: ControlPlaneSurfaceSchema,
+    project_id: z.string(),
+    request_hash: z.string(),
+    iat: z.number().int(),
+    exp: z.number().int(),
+});
+function base64urlDecodeToBytes(input) {
+    const normalized = input
+        .replaceAll("-", "+")
+        .replaceAll("_", "/")
+        .padEnd(Math.ceil(input.length / 4) * 4, "=");
+    return toArrayBuffer(Uint8Array.from(atob(normalized), (char) => char.charCodeAt(0)));
+}
+function toArrayBuffer(bytes) {
+    const buffer = new ArrayBuffer(bytes.byteLength);
+    new Uint8Array(buffer).set(bytes);
+    return buffer;
+}
+function pemToDer(pem, label) {
+    const body = pem
+        .replace(`-----BEGIN ${label}-----`, "")
+        .replace(`-----END ${label}-----`, "")
+        .replace(/\s/g, "");
+    return toArrayBuffer(Uint8Array.from(atob(body), (char) => char.charCodeAt(0)));
+}
+async function importEd25519PublicKey(pem) {
+    return dntShim.crypto.subtle.importKey("spki", pemToDer(pem, "PUBLIC KEY"), "Ed25519", false, ["verify"]);
+}
+async function sha256Base64url(body) {
+    const hash = await dntShim.crypto.subtle.digest("SHA-256", new TextEncoder().encode(body));
+    return base64urlEncodeBytes(new Uint8Array(hash));
+}
+async function verifySignedRequestJws(jws, body, options) {
+    const parts = jws.split(".");
+    if (parts.length !== 3) {
+        throw new Error("Control-plane signature must be a compact JWS");
+    }
+    const encodedHeader = parts[0];
+    const encodedPayload = parts[1];
+    const encodedSignature = parts[2];
+    if (!encodedHeader || !encodedPayload || !encodedSignature) {
+        throw new Error("Control-plane signature must include header, payload, and signature");
+    }
+    const header = compactJwsHeaderSchema.parse(JSON.parse(new TextDecoder().decode(base64urlDecodeToBytes(encodedHeader))));
+    const claims = options.claimsSchema.parse(JSON.parse(new TextDecoder().decode(base64urlDecodeToBytes(encodedPayload))));
+    if (header.alg !== "EdDSA") {
+        throw new Error("Unsupported control-plane JWS algorithm");
+    }
+    const signingInput = new TextEncoder().encode(`${encodedHeader}.${encodedPayload}`);
+    const signature = base64urlDecodeToBytes(encodedSignature);
+    const publicKey = await importEd25519PublicKey(options.publicKeyPem);
+    const verified = await dntShim.crypto.subtle.verify("Ed25519", publicKey, signature, signingInput);
+    if (!verified) {
+        throw new Error("Control-plane signature verification failed");
+    }
+    if (claims.iss !== "veryfront-api") {
+        throw new Error("Control-plane issuer mismatch");
+    }
+    if (claims.aud !== options.audience) {
+        throw new Error("Control-plane audience mismatch");
+    }
+    if (options.expectedProjectId && claims.project_id !== options.expectedProjectId) {
+        throw new Error("Control-plane project mismatch");
+    }
+    if (options.expectedSubject && claims.sub !== options.expectedSubject) {
+        throw new Error("Control-plane subject mismatch");
+    }
+    if (options.scopedClaim && claims[options.scopedClaim.key] !== options.scopedClaim.value) {
+        throw new Error(`Control-plane ${options.scopedClaim.label} mismatch`);
+    }
+    const now = Math.floor(Date.now() / 1000);
+    if (claims.exp <= now) {
+        throw new Error("Control-plane signature expired");
+    }
+    if (claims.iat > now + SIGNATURE_SKEW_SECONDS) {
+        throw new Error("Control-plane signature issued in the future");
+    }
+    if (now - claims.iat > options.maxAgeSeconds) {
+        throw new Error("Control-plane signature is too old");
+    }
+    const requestHash = claims[options.hashClaimKey];
+    if (typeof requestHash !== "string") {
+        throw new Error("Control-plane request hash is missing");
+    }
+    const bodyHash = await sha256Base64url(body);
+    if (requestHash !== bodyHash) {
+        throw new Error("Control-plane body hash mismatch");
+    }
+    return claims;
+}
+function resolveAgentSkills(agent) {
+    if (!agent.config.skills) {
+        return [];
+    }
+    return Array.from(skillRegistry.resolveForAgent(agent.config.skills).values())
+        .map((skill) => RuntimeAgentSkillSchema.parse({
+        id: skill.id,
+        name: skill.metadata.name || skill.id,
+        ...(skill.metadata.description ? { description: skill.metadata.description } : {}),
+    }))
+        .sort((left, right) => left.name.localeCompare(right.name));
+}
+function getRuntimeAgentMetadata(agent) {
+    const rawConfig = agent.config;
+    return RuntimeAgentSchema.parse({
+        id: agent.id,
+        name: typeof rawConfig.name === "string" && rawConfig.name.trim().length > 0
+            ? rawConfig.name
+            : agent.id,
+        description: typeof rawConfig.description === "string" ? rawConfig.description : null,
+        model: agent.config.model ?? null,
+        version: typeof rawConfig.version === "string" ? rawConfig.version : null,
+        skills: resolveAgentSkills(agent),
+    });
+}
+export async function listRuntimeAgents(ctx, deps) {
+    await deps.ensureProjectDiscovery(ctx);
+    const agents = deps.getAllAgentIds()
+        .map((id) => deps.getAgent(id))
+        .filter((agent) => Boolean(agent))
+        .map(getRuntimeAgentMetadata)
+        .sort((left, right) => left.name.localeCompare(right.name));
+    return RuntimeAgentListResponseSchema.parse({ agents });
+}
+export async function verifyDispatchJws(jws, body, options) {
+    return verifySignedRequestJws(jws, body, {
+        audience: options.audience,
+        claimsSchema: dispatchClaimsSchema,
+        expectedProjectId: options.expectedProjectId,
+        ...(options.expectedSubject ? { expectedSubject: options.expectedSubject } : {}),
+        hashClaimKey: "body_sha256",
+        maxAgeSeconds: options.maxAgeSeconds,
+        publicKeyPem: options.publicKeyPem,
+        ...(options.expectedPlatform
+            ? {
+                scopedClaim: {
+                    key: "platform",
+                    label: "platform",
+                    value: options.expectedPlatform,
+                },
+            }
+            : {}),
+    });
+}
+export async function verifyControlPlaneJws(jws, body, options) {
+    return verifySignedRequestJws(jws, body, {
+        audience: options.audience,
+        claimsSchema: controlPlaneClaimsSchema,
+        expectedProjectId: options.expectedProjectId,
+        ...(options.expectedSubject ? { expectedSubject: options.expectedSubject } : {}),
+        hashClaimKey: "request_hash",
+        maxAgeSeconds: options.maxAgeSeconds,
+        publicKeyPem: options.publicKeyPem,
+        ...(options.expectedSurface
+            ? {
+                scopedClaim: {
+                    key: "surface",
+                    label: "surface",
+                    value: options.expectedSurface,
+                },
+            }
+            : {}),
+    });
+}