veryfront 0.1.635 → 0.1.637
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/esm/cli/commands/serve/command.d.ts.map +1 -1
- package/esm/cli/commands/serve/command.js +2 -1
- package/esm/deno.js +1 -1
- package/esm/src/cache/distributed-cache-init.d.ts +11 -2
- package/esm/src/cache/distributed-cache-init.d.ts.map +1 -1
- package/esm/src/cache/distributed-cache-init.js +2 -14
- package/esm/src/channels/control-plane.d.ts +5 -5
- package/esm/src/embedding/chunk.js +4 -2
- package/esm/src/errors/error-registry/agent.d.ts +16 -0
- package/esm/src/errors/error-registry/agent.d.ts.map +1 -0
- package/esm/src/errors/error-registry/agent.js +52 -0
- package/esm/src/errors/error-registry/boundary.d.ts +16 -0
- package/esm/src/errors/error-registry/boundary.d.ts.map +1 -0
- package/esm/src/errors/error-registry/boundary.js +52 -0
- package/esm/src/errors/error-registry/build.d.ts +20 -0
- package/esm/src/errors/error-registry/build.d.ts.map +1 -0
- package/esm/src/errors/error-registry/build.js +68 -0
- package/esm/src/errors/error-registry/config.d.ts +22 -0
- package/esm/src/errors/error-registry/config.d.ts.map +1 -0
- package/esm/src/errors/error-registry/config.js +70 -0
- package/esm/src/errors/error-registry/deploy.d.ts +12 -0
- package/esm/src/errors/error-registry/deploy.d.ts.map +1 -0
- package/esm/src/errors/error-registry/deploy.js +36 -0
- package/esm/src/errors/error-registry/dev.d.ts +14 -0
- package/esm/src/errors/error-registry/dev.d.ts.map +1 -0
- package/esm/src/errors/error-registry/dev.js +44 -0
- package/esm/src/errors/error-registry/general.d.ts +29 -0
- package/esm/src/errors/error-registry/general.d.ts.map +1 -0
- package/esm/src/errors/error-registry/general.js +92 -0
- package/esm/src/errors/error-registry/module.d.ts +16 -0
- package/esm/src/errors/error-registry/module.d.ts.map +1 -0
- package/esm/src/errors/error-registry/module.js +52 -0
- package/esm/src/errors/error-registry/route.d.ts +16 -0
- package/esm/src/errors/error-registry/route.d.ts.map +1 -0
- package/esm/src/errors/error-registry/route.js +52 -0
- package/esm/src/errors/error-registry/runtime.d.ts +18 -0
- package/esm/src/errors/error-registry/runtime.d.ts.map +1 -0
- package/esm/src/errors/error-registry/runtime.js +60 -0
- package/esm/src/errors/error-registry/server.d.ts +39 -0
- package/esm/src/errors/error-registry/server.d.ts.map +1 -0
- package/esm/src/errors/error-registry/server.js +129 -0
- package/esm/src/errors/error-registry.d.ts +79 -157
- package/esm/src/errors/error-registry.d.ts.map +1 -1
- package/esm/src/errors/error-registry.js +37 -706
- package/esm/src/errors/logging.d.ts.map +1 -1
- package/esm/src/errors/logging.js +7 -3
- package/esm/src/integrations/schema.d.ts +4 -4
- package/esm/src/internal-agents/control-plane-auth.d.ts +1 -1
- package/esm/src/internal-agents/run-stream.d.ts.map +1 -1
- package/esm/src/internal-agents/run-stream.js +15 -1
- package/esm/src/oauth/index.d.ts +1 -0
- package/esm/src/oauth/index.d.ts.map +1 -1
- package/esm/src/oauth/token-store/index.d.ts +1 -0
- package/esm/src/oauth/token-store/index.d.ts.map +1 -1
- package/esm/src/oauth/token-store/memory.d.ts +26 -4
- package/esm/src/oauth/token-store/memory.d.ts.map +1 -1
- package/esm/src/oauth/token-store/memory.js +42 -5
- package/esm/src/observability/log-buffer.d.ts.map +1 -1
- package/esm/src/observability/log-buffer.js +7 -1
- package/esm/src/platform/adapters/redis/modules.d.ts.map +1 -1
- package/esm/src/platform/adapters/redis/modules.js +3 -10
- package/esm/src/security/sandbox/project-worker.d.ts.map +1 -1
- package/esm/src/security/sandbox/project-worker.js +0 -1
- package/esm/src/server/dev-server/server.d.ts.map +1 -1
- package/esm/src/server/dev-server/server.js +2 -1
- package/esm/src/server/distributed-cache-initializers.d.ts +13 -0
- package/esm/src/server/distributed-cache-initializers.d.ts.map +1 -0
- package/esm/src/server/distributed-cache-initializers.js +22 -0
- package/esm/src/server/handlers/request/agent-stream.handler.d.ts.map +1 -1
- package/esm/src/server/handlers/request/agent-stream.handler.js +56 -16
- package/esm/src/server/index.d.ts +1 -0
- package/esm/src/server/index.d.ts.map +1 -1
- package/esm/src/server/index.js +1 -0
- package/esm/src/server/production-server.d.ts.map +1 -1
- package/esm/src/server/production-server.js +2 -1
- package/esm/src/server/services/rsc/endpoints/rsc-bundles.generated.d.ts.map +1 -1
- package/esm/src/server/services/rsc/endpoints/rsc-bundles.generated.js +2 -2
- package/esm/src/utils/logger/logger.d.ts.map +1 -1
- package/esm/src/utils/logger/logger.js +15 -5
- package/esm/src/utils/logger/redact.d.ts +64 -0
- package/esm/src/utils/logger/redact.d.ts.map +1 -0
- package/esm/src/utils/logger/redact.js +235 -0
- package/esm/src/utils/redis-client.d.ts.map +1 -1
- package/esm/src/utils/redis-client.js +0 -3
- package/esm/src/utils/version-constant.d.ts +1 -1
- package/esm/src/utils/version-constant.js +1 -1
- package/esm/src/workflow/schemas/workflow.schema.d.ts +4 -4
- package/package.json +2 -1
|
@@ -0,0 +1,235 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secret / credential redaction for structured log context.
|
|
3
|
+
*
|
|
4
|
+
* Defense-in-depth (#1989): the logger, the error-logging path, and the
|
|
5
|
+
* observability log buffer all accept arbitrary `context`/`data` objects from
|
|
6
|
+
* callers and serialize them to log sinks. There is no guarantee a caller
|
|
7
|
+
* never hands us a tokens object, an `Authorization` header bag, or a request
|
|
8
|
+
* body with a password field. This pass masks values whose *key* looks like a
|
|
9
|
+
* credential before serialization, so an accidental
|
|
10
|
+
* `logger.info("...", { authorization: token })` cannot leak the secret.
|
|
11
|
+
*
|
|
12
|
+
* Scope is intentionally key-based: we do not attempt to find secrets embedded
|
|
13
|
+
* in free-form message strings (too lossy). The deny-list errs toward
|
|
14
|
+
* over-redaction — masking a benign `tokenCount` is acceptable; leaking a real
|
|
15
|
+
* token is not. The traversal fails *closed*: on a cycle, depth overflow, or a
|
|
16
|
+
* throwing getter it returns {@link REDACTED} rather than risk emitting an
|
|
17
|
+
* unredacted object.
|
|
18
|
+
*/
|
|
19
|
+
import { isRecord } from "./core.js";
|
|
20
|
+
/** Replacement value substituted for any sensitive field. */
|
|
21
|
+
export const REDACTED = "[REDACTED]";
|
|
22
|
+
/**
|
|
23
|
+
* Normalized substrings that mark a key as sensitive. Matching is done against
|
|
24
|
+
* a lowercased, non-alphanumeric-stripped form of the key, so `API-Key`,
|
|
25
|
+
* `api_key`, and `apiKey` all collapse to `apikey` and match.
|
|
26
|
+
*
|
|
27
|
+
* Deliberately omitted to avoid false positives that swamp real logs:
|
|
28
|
+
* - bare `"auth"` (would mask `author`); `authorization`/`authToken` are still
|
|
29
|
+
* covered via `authorization`/`token`.
|
|
30
|
+
* - short tokens like `"dsn"`/`"sas"` (would mask `feedsNamespace`, etc.).
|
|
31
|
+
*/
|
|
32
|
+
const SENSITIVE_KEY_PATTERNS = [
|
|
33
|
+
"password",
|
|
34
|
+
"passwd",
|
|
35
|
+
"pwd",
|
|
36
|
+
"passphrase",
|
|
37
|
+
"secret",
|
|
38
|
+
"clientsecret",
|
|
39
|
+
"token",
|
|
40
|
+
"apikey",
|
|
41
|
+
"accesskey",
|
|
42
|
+
"privatekey",
|
|
43
|
+
"credential",
|
|
44
|
+
"authorization",
|
|
45
|
+
"cookie",
|
|
46
|
+
"bearer",
|
|
47
|
+
"jwt",
|
|
48
|
+
"connectionstring",
|
|
49
|
+
"signature",
|
|
50
|
+
"sessionid",
|
|
51
|
+
"sid",
|
|
52
|
+
"otp",
|
|
53
|
+
"mfa",
|
|
54
|
+
"pin",
|
|
55
|
+
"salt",
|
|
56
|
+
"xsrf",
|
|
57
|
+
"csrf",
|
|
58
|
+
];
|
|
59
|
+
/** Stop traversing past this depth to keep the pass cheap and stack-safe. */
|
|
60
|
+
const MAX_DEPTH = 16;
|
|
61
|
+
/**
|
|
62
|
+
* Whether a context key names a credential and should have its value masked.
|
|
63
|
+
*
|
|
64
|
+
* Uses substring matching on a normalized key, so `clientSecret`,
|
|
65
|
+
* `x-api-key`, and `refresh_token` all match while benign words that merely
|
|
66
|
+
* *contain* a pattern as a separate token (e.g. `author`) do not — `author`
|
|
67
|
+
* normalizes to `author`, which contains none of the patterns.
|
|
68
|
+
*/
|
|
69
|
+
export function isSensitiveKey(key) {
|
|
70
|
+
const normalized = key.toLowerCase().replace(/[^a-z0-9]/g, "");
|
|
71
|
+
return SENSITIVE_KEY_PATTERNS.some((pattern) => normalized.includes(pattern));
|
|
72
|
+
}
|
|
73
|
+
/**
|
|
74
|
+
* A non-null, non-array object. {@link isRecord} covers class instances too,
|
|
75
|
+
* whose enumerable fields `JSON.stringify` *would* serialize, so we must
|
|
76
|
+
* traverse them to catch secrets.
|
|
77
|
+
*/
|
|
78
|
+
function isTraversableRecord(value) {
|
|
79
|
+
return isRecord(value);
|
|
80
|
+
}
|
|
81
|
+
function hasToJson(value) {
|
|
82
|
+
return typeof value.toJSON === "function";
|
|
83
|
+
}
|
|
84
|
+
function redactValue(value, depth, seen) {
|
|
85
|
+
if (Array.isArray(value)) {
|
|
86
|
+
if (depth >= MAX_DEPTH || seen.has(value))
|
|
87
|
+
return REDACTED;
|
|
88
|
+
seen.add(value);
|
|
89
|
+
try {
|
|
90
|
+
return value.map((item) => redactValue(item, depth + 1, seen));
|
|
91
|
+
}
|
|
92
|
+
finally {
|
|
93
|
+
seen.delete(value);
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
// Objects defining `toJSON` (Date, URL, custom serializers) are serialized
|
|
97
|
+
// by `JSON.stringify` via the *return value* of `toJSON`, not their own
|
|
98
|
+
// enumerable keys. A key-based pass over the object's own properties would
|
|
99
|
+
// therefore miss credentials smuggled through `toJSON`, e.g.
|
|
100
|
+
// `{ toJSON: () => ({ apiKey: "sk-..." }) }` (CODEX P2). When `toJSON`
|
|
101
|
+
// returns a non-scalar (an object/array that could carry credential keys),
|
|
102
|
+
// redact *that* — the thing actually emitted. When it returns a scalar
|
|
103
|
+
// (Date/URL → ISO string), the original object is left intact, preserving
|
|
104
|
+
// prior behavior and identity.
|
|
105
|
+
if (isRecord(value) && hasToJson(value)) {
|
|
106
|
+
if (depth >= MAX_DEPTH || seen.has(value))
|
|
107
|
+
return REDACTED;
|
|
108
|
+
seen.add(value);
|
|
109
|
+
try {
|
|
110
|
+
const serialized = value.toJSON();
|
|
111
|
+
if (isRecord(serialized) || Array.isArray(serialized)) {
|
|
112
|
+
return redactValue(serialized, depth + 1, seen);
|
|
113
|
+
}
|
|
114
|
+
// Scalar result (string/number/…): the object serializes safely as-is.
|
|
115
|
+
return value;
|
|
116
|
+
}
|
|
117
|
+
catch {
|
|
118
|
+
// A throwing toJSON must never let the raw object (whose own keys we
|
|
119
|
+
// skipped) through: fail closed.
|
|
120
|
+
return REDACTED;
|
|
121
|
+
}
|
|
122
|
+
finally {
|
|
123
|
+
seen.delete(value);
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
if (isTraversableRecord(value)) {
|
|
127
|
+
if (depth >= MAX_DEPTH || seen.has(value))
|
|
128
|
+
return REDACTED;
|
|
129
|
+
seen.add(value);
|
|
130
|
+
try {
|
|
131
|
+
const out = {};
|
|
132
|
+
for (const [key, child] of Object.entries(value)) {
|
|
133
|
+
out[key] = isSensitiveKey(key) ? REDACTED : redactValue(child, depth + 1, seen);
|
|
134
|
+
}
|
|
135
|
+
return out;
|
|
136
|
+
}
|
|
137
|
+
catch {
|
|
138
|
+
// A throwing getter (or other access error) must never let an
|
|
139
|
+
// unredacted object through: fail closed.
|
|
140
|
+
return REDACTED;
|
|
141
|
+
}
|
|
142
|
+
finally {
|
|
143
|
+
seen.delete(value);
|
|
144
|
+
}
|
|
145
|
+
}
|
|
146
|
+
// Primitives and scalar-serializing objects (Date, URL, …) are returned
|
|
147
|
+
// untouched: they are not key/value bags we can safely rewrite.
|
|
148
|
+
return value;
|
|
149
|
+
}
|
|
150
|
+
/**
|
|
151
|
+
* Returns a redacted deep copy of `context`. Any property whose key is
|
|
152
|
+
* {@link isSensitiveKey} has its value replaced with {@link REDACTED}; nested
|
|
153
|
+
* plain objects, class instances, and arrays are traversed. The input is never
|
|
154
|
+
* mutated, and the pass fails closed (returns {@link REDACTED}) on cycles,
|
|
155
|
+
* depth overflow, or a throwing getter.
|
|
156
|
+
*/
|
|
157
|
+
export function redactSensitive(context) {
|
|
158
|
+
return redactValue(context, 0, new Set());
|
|
159
|
+
}
|
|
160
|
+
/**
|
|
161
|
+
* Query-string parameter names that commonly carry credentials in URLs.
|
|
162
|
+
* Matched case-insensitively against the parameter name.
|
|
163
|
+
*/
|
|
164
|
+
const SENSITIVE_URL_PARAMS = [
|
|
165
|
+
"access_token",
|
|
166
|
+
"accesstoken",
|
|
167
|
+
"refresh_token",
|
|
168
|
+
"api_key",
|
|
169
|
+
"apikey",
|
|
170
|
+
"code",
|
|
171
|
+
"token",
|
|
172
|
+
"secret",
|
|
173
|
+
"client_secret",
|
|
174
|
+
"password",
|
|
175
|
+
"passwd",
|
|
176
|
+
"pwd",
|
|
177
|
+
"state",
|
|
178
|
+
"sig",
|
|
179
|
+
"signature",
|
|
180
|
+
"auth",
|
|
181
|
+
];
|
|
182
|
+
const URL_USERINFO_RE = /(\b[a-z][a-z0-9+.-]*:\/\/)([^/?#@\s]+)@/gi;
|
|
183
|
+
/**
|
|
184
|
+
* Strip credentials from URL-shaped strings so they can be safely emitted in
|
|
185
|
+
* free-form text (error messages, stacks, lifted `request_url` fields). Unlike
|
|
186
|
+
* {@link redactSensitive}, which is key-based, this scrubs secrets embedded in
|
|
187
|
+
* the *value* itself:
|
|
188
|
+
*
|
|
189
|
+
* - URL userinfo: `http://user:pass@host` → `http://user:[REDACTED]@host`
|
|
190
|
+
* - sensitive query params: `?access_token=abc` → `?access_token=[REDACTED]`
|
|
191
|
+
*
|
|
192
|
+
* It is intentionally tolerant: it operates on any string (a DSN, a Mongo URI,
|
|
193
|
+
* an axios error message containing a URL) via regex rather than requiring a
|
|
194
|
+
* parseable URL, so malformed or partial URLs in error text are still scrubbed.
|
|
195
|
+
* Non-URL strings pass through unchanged.
|
|
196
|
+
*/
|
|
197
|
+
export function sanitizeUrlCredentials(input) {
|
|
198
|
+
if (typeof input !== "string" || input.length === 0)
|
|
199
|
+
return input;
|
|
200
|
+
// 1) userinfo: scheme://user:pass@ → mask the password (and any bare creds).
|
|
201
|
+
let out = input.replace(URL_USERINFO_RE, (_match, scheme, userinfo) => {
|
|
202
|
+
const colon = userinfo.indexOf(":");
|
|
203
|
+
if (colon === -1) {
|
|
204
|
+
// `scheme://token@host` — the whole userinfo is credential-like.
|
|
205
|
+
return `${scheme}${REDACTED}@`;
|
|
206
|
+
}
|
|
207
|
+
const user = userinfo.slice(0, colon);
|
|
208
|
+
return `${scheme}${user}:${REDACTED}@`;
|
|
209
|
+
});
|
|
210
|
+
// 2) sensitive query/fragment params: `key=value` → `key=[REDACTED]`.
|
|
211
|
+
// Match `?key=`, `&key=`, `;key=` separators and stop at the next delimiter.
|
|
212
|
+
out = out.replace(/([?&;])([a-z0-9_.\-]+)=([^&#;\s]*)/gi, (match, sep, key, _val) => {
|
|
213
|
+
const normalized = key.toLowerCase().replace(/[^a-z0-9]/g, "");
|
|
214
|
+
const sensitive = SENSITIVE_URL_PARAMS.some((p) => normalized === p.replace(/[^a-z0-9]/g, ""));
|
|
215
|
+
return sensitive ? `${sep}${key}=${REDACTED}` : match;
|
|
216
|
+
});
|
|
217
|
+
return out;
|
|
218
|
+
}
|
|
219
|
+
/**
|
|
220
|
+
* Apply {@link sanitizeUrlCredentials} to the `message` and `stack` of a
|
|
221
|
+
* serialized-error-shaped object, returning a new object. Used by the logger's
|
|
222
|
+
* JSON and text paths so errors carrying DSNs, Mongo URIs, or
|
|
223
|
+
* `?access_token=`-bearing URLs do not leak credentials (the serialized error
|
|
224
|
+
* bypasses the key-based redactor). Returns the input unchanged when falsy.
|
|
225
|
+
*/
|
|
226
|
+
export function sanitizeSerializedError(error) {
|
|
227
|
+
if (!error)
|
|
228
|
+
return error;
|
|
229
|
+
const out = { ...error };
|
|
230
|
+
if (typeof out.message === "string")
|
|
231
|
+
out.message = sanitizeUrlCredentials(out.message);
|
|
232
|
+
if (typeof out.stack === "string")
|
|
233
|
+
out.stack = sanitizeUrlCredentials(out.stack);
|
|
234
|
+
return out;
|
|
235
|
+
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"redis-client.d.ts","sourceRoot":"","sources":["../../../src/src/utils/redis-client.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,WAAW;IAC1B,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACnF,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CACF,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAC3C,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;IAC/C,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACtD,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,IAAI,GAAG,IAAI,CAAC;IACjE,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;
|
|
1
|
+
{"version":3,"file":"redis-client.d.ts","sourceRoot":"","sources":["../../../src/src/utils/redis-client.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,WAAW;IAC1B,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACzB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC5B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACzC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE;QAAE,EAAE,CAAC,EAAE,MAAM,CAAA;KAAE,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACnF,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CACF,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE;QAAE,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAA;KAAE,GAC3C,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;IAC/C,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACtD,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,KAAK,IAAI,GAAG,IAAI,CAAC;IACjE,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,kBAAkB;IACjC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAsBD,wBAAsB,cAAc,CAAC,OAAO,GAAE,kBAAuB,GAAG,OAAO,CAAC,WAAW,CAAC,CA4B3F;AA6DD,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C"}
|
|
@@ -38,12 +38,10 @@ export async function getRedisClient(options = {}) {
|
|
|
38
38
|
}
|
|
39
39
|
}
|
|
40
40
|
async function createClient(options) {
|
|
41
|
-
// deno-lint-ignore no-explicit-any
|
|
42
41
|
let createClientFn;
|
|
43
42
|
try {
|
|
44
43
|
const redisClientModule = "npm:@redis/client@1.5.8";
|
|
45
44
|
const mod = await import(redisClientModule);
|
|
46
|
-
// deno-lint-ignore no-explicit-any
|
|
47
45
|
createClientFn = mod.createClient;
|
|
48
46
|
}
|
|
49
47
|
catch (error) {
|
|
@@ -57,7 +55,6 @@ async function createClient(options) {
|
|
|
57
55
|
if (!useTls && getEnv("NODE_ENV") === "production") {
|
|
58
56
|
logger.warn("Redis connection without TLS in production. Set REDIS_URL to rediss:// or pass tls: true.");
|
|
59
57
|
}
|
|
60
|
-
// deno-lint-ignore no-explicit-any
|
|
61
58
|
const clientOpts = { url };
|
|
62
59
|
if (useTls) {
|
|
63
60
|
clientOpts.socket = { tls: true };
|
|
@@ -82,7 +82,7 @@ export declare const getCheckpointSchema: () => import("../../internal-agents/sc
|
|
|
82
82
|
/**
|
|
83
83
|
* Approval status schema
|
|
84
84
|
*/
|
|
85
|
-
export declare const getApprovalStatusSchema: () => import("../../internal-agents/schema.js").Schema<"
|
|
85
|
+
export declare const getApprovalStatusSchema: () => import("../../internal-agents/schema.js").Schema<"rejected" | "expired" | "pending" | "approved">;
|
|
86
86
|
/**
|
|
87
87
|
* Pending approval schema
|
|
88
88
|
*/
|
|
@@ -94,7 +94,7 @@ export declare const getPendingApprovalSchema: () => import("../../internal-agen
|
|
|
94
94
|
approvers: import("../../internal-agents/schema.js").Schema<string[] | undefined>;
|
|
95
95
|
requestedAt: import("../../internal-agents/schema.js").Schema<Date>;
|
|
96
96
|
expiresAt: import("../../internal-agents/schema.js").Schema<Date | undefined>;
|
|
97
|
-
status: import("../../internal-agents/schema.js").Schema<"
|
|
97
|
+
status: import("../../internal-agents/schema.js").Schema<"rejected" | "expired" | "pending" | "approved">;
|
|
98
98
|
decidedBy: import("../../internal-agents/schema.js").Schema<string | undefined>;
|
|
99
99
|
decidedAt: import("../../internal-agents/schema.js").Schema<Date | undefined>;
|
|
100
100
|
comment: import("../../internal-agents/schema.js").Schema<string | undefined>;
|
|
@@ -192,7 +192,7 @@ export declare const CheckpointSchema: import("../../internal-agents/schema.js")
|
|
|
192
192
|
completedAt: import("../../internal-agents/schema.js").Schema<Date | undefined>;
|
|
193
193
|
}>>>;
|
|
194
194
|
}>>;
|
|
195
|
-
export declare const ApprovalStatusSchema: import("../../internal-agents/schema.js").Schema<"
|
|
195
|
+
export declare const ApprovalStatusSchema: import("../../internal-agents/schema.js").Schema<"rejected" | "expired" | "pending" | "approved">;
|
|
196
196
|
export declare const PendingApprovalSchema: import("../../internal-agents/schema.js").Schema<import("../../extensions/schema/schema-validator.js").InferShape<{
|
|
197
197
|
id: import("../../internal-agents/schema.js").Schema<string>;
|
|
198
198
|
nodeId: import("../../internal-agents/schema.js").Schema<string>;
|
|
@@ -201,7 +201,7 @@ export declare const PendingApprovalSchema: import("../../internal-agents/schema
|
|
|
201
201
|
approvers: import("../../internal-agents/schema.js").Schema<string[] | undefined>;
|
|
202
202
|
requestedAt: import("../../internal-agents/schema.js").Schema<Date>;
|
|
203
203
|
expiresAt: import("../../internal-agents/schema.js").Schema<Date | undefined>;
|
|
204
|
-
status: import("../../internal-agents/schema.js").Schema<"
|
|
204
|
+
status: import("../../internal-agents/schema.js").Schema<"rejected" | "expired" | "pending" | "approved">;
|
|
205
205
|
decidedBy: import("../../internal-agents/schema.js").Schema<string | undefined>;
|
|
206
206
|
decidedAt: import("../../internal-agents/schema.js").Schema<Date | undefined>;
|
|
207
207
|
comment: import("../../internal-agents/schema.js").Schema<string | undefined>;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "veryfront",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.637",
|
|
4
4
|
"description": "The simplest way to build AI-powered apps",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"react",
|
|
@@ -358,6 +358,7 @@
|
|
|
358
358
|
"mdast-util-to-string": "4.0.0",
|
|
359
359
|
"react": "19.2.4",
|
|
360
360
|
"react-dom": "19.2.4",
|
|
361
|
+
"redis": "5.11.0",
|
|
361
362
|
"rehype-highlight": "7.0.2",
|
|
362
363
|
"rehype-raw": "7.0.0",
|
|
363
364
|
"rehype-sanitize": "6.0.0",
|