asap-protocol 2.4.0__tar.gz → 2.4.1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (194) hide show
  1. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/CHANGELOG.md +19 -6
  2. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/PKG-INFO +12 -12
  3. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/README.md +8 -8
  4. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/pyproject.toml +13 -9
  5. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/__init__.py +1 -1
  6. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/discovery/wellknown.py +1 -1
  7. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/pydanticai.py +28 -11
  8. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/smolagents.py +21 -18
  9. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/client.py +53 -20
  10. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/.gitignore +0 -0
  11. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/LICENSE +0 -0
  12. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/entities/agent.schema.json +0 -0
  13. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/entities/artifact.schema.json +0 -0
  14. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/entities/conversation.schema.json +0 -0
  15. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/entities/manifest.schema.json +0 -0
  16. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/entities/message.schema.json +0 -0
  17. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/entities/state_snapshot.schema.json +0 -0
  18. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/entities/task.schema.json +0 -0
  19. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/envelope.schema.json +0 -0
  20. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/examples/shellclaw-jetson-capabilities.json +0 -0
  21. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/parts/data_part.schema.json +0 -0
  22. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/parts/file_part.schema.json +0 -0
  23. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/parts/resource_part.schema.json +0 -0
  24. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/parts/template_part.schema.json +0 -0
  25. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/parts/text_part.schema.json +0 -0
  26. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/artifact_notify.schema.json +0 -0
  27. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/mcp_resource_data.schema.json +0 -0
  28. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/mcp_resource_fetch.schema.json +0 -0
  29. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/mcp_tool_call.schema.json +0 -0
  30. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/mcp_tool_result.schema.json +0 -0
  31. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/message_send.schema.json +0 -0
  32. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/state_query.schema.json +0 -0
  33. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/state_restore.schema.json +0 -0
  34. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/task_cancel.schema.json +0 -0
  35. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/task_request.schema.json +0 -0
  36. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/task_response.schema.json +0 -0
  37. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/schemas/payloads/task_update.schema.json +0 -0
  38. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/adapters/__init__.py +0 -0
  39. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/adapters/openapi/__init__.py +0 -0
  40. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/adapters/openapi/approval.py +0 -0
  41. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/adapters/openapi/capability_mapper.py +0 -0
  42. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/adapters/openapi/factory.py +0 -0
  43. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/adapters/openapi/handler.py +0 -0
  44. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/adapters/openapi/spec_loader.py +0 -0
  45. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/__init__.py +0 -0
  46. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/agent_jwt.py +0 -0
  47. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/approval.py +0 -0
  48. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/capabilities.py +0 -0
  49. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/claims.py +0 -0
  50. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/identity.py +0 -0
  51. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/introspection.py +0 -0
  52. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/jwks.py +0 -0
  53. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/lifecycle.py +0 -0
  54. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/middleware.py +0 -0
  55. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/oauth2.py +0 -0
  56. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/oidc.py +0 -0
  57. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/scopes.py +0 -0
  58. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/self_auth.py +0 -0
  59. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/utils.py +0 -0
  60. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/auth/webauthn.py +0 -0
  61. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/cli/__init__.py +0 -0
  62. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/cli/audit_export.py +0 -0
  63. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/cli/compliance_check.py +0 -0
  64. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/client/__init__.py +0 -0
  65. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/client/cache.py +0 -0
  66. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/client/http_client.py +0 -0
  67. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/client/market.py +0 -0
  68. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/client/revocation.py +0 -0
  69. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/client/trust.py +0 -0
  70. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/crypto/__init__.py +0 -0
  71. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/crypto/keys.py +0 -0
  72. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/crypto/models.py +0 -0
  73. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/crypto/signing.py +0 -0
  74. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/crypto/trust.py +0 -0
  75. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/crypto/trust_levels.py +0 -0
  76. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/discovery/__init__.py +0 -0
  77. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/discovery/dnssd.py +0 -0
  78. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/discovery/health.py +0 -0
  79. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/discovery/registry.py +0 -0
  80. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/discovery/validation.py +0 -0
  81. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/__init__.py +0 -0
  82. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/audit.py +0 -0
  83. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/delegation.py +0 -0
  84. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/delegation_storage.py +0 -0
  85. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/hooks.py +0 -0
  86. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/metering.py +0 -0
  87. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/sla.py +0 -0
  88. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/sla_storage.py +0 -0
  89. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/economics/storage.py +0 -0
  90. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/errors.py +0 -0
  91. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/README.md +0 -0
  92. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/__init__.py +0 -0
  93. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/a2h_approval.py +0 -0
  94. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/agent_failover.py +0 -0
  95. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/auth_patterns.py +0 -0
  96. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/coordinator.py +0 -0
  97. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/echo_agent.py +0 -0
  98. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/error_recovery.py +0 -0
  99. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/long_running.py +0 -0
  100. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/mcp_client_demo.py +0 -0
  101. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/mcp_integration.py +0 -0
  102. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/multi_step_workflow.py +0 -0
  103. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/orchestration.py +0 -0
  104. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/rate_limiting.py +0 -0
  105. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/run_demo.py +0 -0
  106. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/secure_agent.py +0 -0
  107. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/secure_handler.py +0 -0
  108. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/state_migration.py +0 -0
  109. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/storage_backends.py +0 -0
  110. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/streaming_agent.py +0 -0
  111. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/streaming_response.py +0 -0
  112. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/v1_3_0_showcase.py +0 -0
  113. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/v1_4_0_showcase.py +0 -0
  114. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/examples/websocket_concept.py +0 -0
  115. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/handlers/__init__.py +0 -0
  116. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/handlers/hitl.py +0 -0
  117. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/__init__.py +0 -0
  118. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/a2h.py +0 -0
  119. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/crewai.py +0 -0
  120. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/langchain.py +0 -0
  121. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/llamaindex.py +0 -0
  122. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/openclaw.py +0 -0
  123. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/integrations/vercel_ai.py +0 -0
  124. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/mcp/__init__.py +0 -0
  125. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/mcp/client.py +0 -0
  126. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/mcp/protocol.py +0 -0
  127. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/mcp/serve.py +0 -0
  128. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/mcp/server.py +0 -0
  129. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/mcp/server_runner.py +0 -0
  130. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/__init__.py +0 -0
  131. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/base.py +0 -0
  132. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/constants.py +0 -0
  133. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/entities.py +0 -0
  134. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/enums.py +0 -0
  135. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/envelope.py +0 -0
  136. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/ids.py +0 -0
  137. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/parts.py +0 -0
  138. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/payloads.py +0 -0
  139. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/types.py +0 -0
  140. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/models/validators.py +0 -0
  141. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/__init__.py +0 -0
  142. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/dashboards/README.md +0 -0
  143. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/dashboards/asap-detailed.json +0 -0
  144. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/dashboards/asap-red.json +0 -0
  145. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/logging.py +0 -0
  146. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/metrics.py +0 -0
  147. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/trace_parser.py +0 -0
  148. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/trace_ui.py +0 -0
  149. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/observability/tracing.py +0 -0
  150. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/registry/__init__.py +0 -0
  151. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/registry/anti_spam.py +0 -0
  152. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/registry/auto_registration.py +0 -0
  153. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/registry/bot_pr.py +0 -0
  154. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/registry/receipt_cache.py +0 -0
  155. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/schemas.py +0 -0
  156. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/state/__init__.py +0 -0
  157. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/state/machine.py +0 -0
  158. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/state/metering.py +0 -0
  159. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/state/snapshot.py +0 -0
  160. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/state/stores/__init__.py +0 -0
  161. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/state/stores/memory.py +0 -0
  162. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/state/stores/sqlite.py +0 -0
  163. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/testing/__init__.py +0 -0
  164. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/testing/asgi_factory.py +0 -0
  165. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/testing/assertions.py +0 -0
  166. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/testing/compliance.py +0 -0
  167. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/testing/fixtures.py +0 -0
  168. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/testing/mocks.py +0 -0
  169. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/__init__.py +0 -0
  170. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/_auth_helpers.py +0 -0
  171. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/agent_routes.py +0 -0
  172. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/cache.py +0 -0
  173. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/capability_routes.py +0 -0
  174. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/challenge.py +0 -0
  175. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/circuit_breaker.py +0 -0
  176. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/codecs/__init__.py +0 -0
  177. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/codecs/lambda_codec.py +0 -0
  178. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/compression.py +0 -0
  179. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/delegation_api.py +0 -0
  180. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/escalation_routes.py +0 -0
  181. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/executors.py +0 -0
  182. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/handlers.py +0 -0
  183. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/jsonrpc.py +0 -0
  184. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/middleware.py +0 -0
  185. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/mtls.py +0 -0
  186. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/rate_limit.py +0 -0
  187. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/server.py +0 -0
  188. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/sla_api.py +0 -0
  189. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/usage_api.py +0 -0
  190. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/validators.py +0 -0
  191. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/webhook.py +0 -0
  192. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/transport/websocket.py +0 -0
  193. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/utils/__init__.py +0 -0
  194. {asap_protocol-2.4.0 → asap_protocol-2.4.1}/src/asap/utils/sanitization.py +0 -0
@@ -7,23 +7,36 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ## [Unreleased]
9
9
 
10
+ ### Follow-up (not in this release)
11
+
12
+ - `extra="forbid"` on ingress payload models (`TaskRequestConfig`, `CommonMetadata`)
13
+ - Opt-in protection for operator APIs (`/usage`, `/sla`, `/audit`)
14
+ - Redis-backed `JtiReplayCache` and distributed Next.js rate limits
15
+ - Bump optional `pydantic-ai` extra (CVE-2026-46678)
16
+
17
+ ---
18
+
19
+ ## [2.4.1] - 2026-06-14
20
+
21
+ **Security hardening patch** — OAuth2 `iss`/`aud` validation, fail-closed identity
22
+ binding, web app SSRF/redirect fixes, and dependency bumps. Wire protocol and
23
+ manifest schemas are unchanged from v2.4.0.
24
+
10
25
  ### Security
11
26
 
12
27
  - **OAuth2 middleware**: Validate JWT `iss` and `aud` when `ASAP_AUTH_ISSUER` / `ASAP_AUTH_AUDIENCE` (or `OAuth2Config.expected_issuer` / `expected_audience`) are set; refactored validation through `validate_jwt()` in `asap.auth.jwks`.
13
28
  - **Identity binding**: Fail-closed when `manifest_id` is configured but neither custom claim nor `ASAP_AUTH_SUBJECT_MAP` allowlist matches (403 instead of warn-and-pass).
14
- - **Web app (`apps/web`)**: Block open redirects on E2E fixture login routes via `resolveRedirectUrl`; harden SSRF on `/api/health-check` (127.0.0.0/8, DNS resolve4/6); Zod validation on API query params; rate-limit unit tests.
29
+ - **Web app (`apps/web`)**: Block open redirects on E2E fixture login routes via `resolveRedirectUrl`; harden SSRF on `/api/health-check` (127.0.0.0/8, DNS resolve4/6); Zod strict validation on public API query params (unknown keys return 400); rate-limit unit tests.
15
30
 
16
31
  ### Fixed
17
32
 
18
33
  - **CI security (`pip-audit`)**: Bumped transitive pins (`langchain-core`, `langsmith`, `python-multipart`, `urllib3`, `pip`, `smolagents`) and adjusted documented `--ignore-vuln` flags (pygments + **smolagents** CVEs with no PyPI fix yet; pip ≥26.1 clears prior pip ignore). See [SECURITY.md](SECURITY.md).
19
34
  - **FastAPI / Starlette**: Raised `fastapi` floor to `>=0.136.1` so `starlette>=1.0.1` resolves **PYSEC-2026-161** (Host header path injection) without a `pip-audit` ignore.
20
35
 
21
- ### Follow-up (not in this release)
36
+ ### Migration
22
37
 
23
- - `extra="forbid"` on ingress payload models (`TaskRequestConfig`, `CommonMetadata`)
24
- - Opt-in protection for operator APIs (`/usage`, `/sla`, `/audit`)
25
- - Redis-backed `JtiReplayCache` and distributed Next.js rate limits
26
- - Bump optional `pydantic-ai` extra (CVE-2026-46678)
38
+ - **v2.4.0 v2.4.1**: Security patch bump dependencies; verify OAuth2 issuer/audience and identity binding if already configured. See
39
+ [migration guide](docs/migration.md#upgrading-from-v240-to-v241).
27
40
 
28
41
  ---
29
42
 
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: asap-protocol
3
- Version: 2.4.0
3
+ Version: 2.4.1
4
4
  Summary: Async Simple Agent Protocol - A streamlined protocol for agent-to-agent communication
5
5
  Project-URL: Homepage, https://github.com/adriannoes/asap-protocol
6
6
  Project-URL: Documentation, https://adriannoes.github.io/asap-protocol
@@ -21,7 +21,7 @@ Classifier: Topic :: System :: Distributed Computing
21
21
  Classifier: Typing :: Typed
22
22
  Requires-Python: >=3.13
23
23
  Requires-Dist: aiosqlite>=0.20
24
- Requires-Dist: authlib<2,>=1.6.11
24
+ Requires-Dist: authlib<2,>=1.6.12
25
25
  Requires-Dist: brotli>=1.2.0
26
26
  Requires-Dist: cryptography<47,>=46.0.7
27
27
  Requires-Dist: fastapi>=0.136.1
@@ -58,7 +58,7 @@ Requires-Dist: pytest>=9.0.3; extra == 'dev'
58
58
  Requires-Dist: ruff>=0.14.14; extra == 'dev'
59
59
  Requires-Dist: types-jsonschema>=4.0.0; extra == 'dev'
60
60
  Provides-Extra: dns-sd
61
- Requires-Dist: zeroconf>=0.80; extra == 'dns-sd'
61
+ Requires-Dist: zeroconf>=0.149.5; extra == 'dns-sd'
62
62
  Provides-Extra: docs
63
63
  Requires-Dist: ghp-import>=2.1.0; extra == 'docs'
64
64
  Requires-Dist: mkdocs-material>=9.5; extra == 'docs'
@@ -75,7 +75,7 @@ Requires-Dist: openapi-pydantic>=0.5; extra == 'openapi'
75
75
  Provides-Extra: openclaw
76
76
  Requires-Dist: openclaw-sdk>=2.0; extra == 'openclaw'
77
77
  Provides-Extra: pydanticai
78
- Requires-Dist: pydantic-ai>=0.2; extra == 'pydanticai'
78
+ Requires-Dist: pydantic-ai>=1.99.0; extra == 'pydanticai'
79
79
  Provides-Extra: redis
80
80
  Requires-Dist: redis>=5.0.0; extra == 'redis'
81
81
  Provides-Extra: smolagents
@@ -95,7 +95,7 @@ Description-Content-Type: text/markdown
95
95
 
96
96
  > A production-ready protocol for agent-to-agent communication and task coordination.
97
97
 
98
- **Quick Info**: `v2.4.0` (PyPI) · **npm TS [`2.4.0`](https://github.com/adriannoes/asap-protocol/releases/tag/v2.4.0)** | `Apache 2.0` | `Python 3.13+` | [Documentation](https://github.com/adriannoes/asap-protocol/blob/main/docs/index.md) | **[PyPI `asap-protocol`](https://pypi.org/project/asap-protocol/)** | **[npm `@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client)** | [Changelog](https://github.com/adriannoes/asap-protocol/blob/main/CHANGELOG.md)
98
+ **Quick Info**: `v2.4.1` (PyPI) · **npm TS [`2.4.1`](https://github.com/adriannoes/asap-protocol/releases/tag/v2.4.1)** | `Apache 2.0` | `Python 3.13+` | [Documentation](https://github.com/adriannoes/asap-protocol/blob/main/docs/index.md) | **[PyPI `asap-protocol`](https://pypi.org/project/asap-protocol/)** | **[npm `@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client)** | [Changelog](https://github.com/adriannoes/asap-protocol/blob/main/CHANGELOG.md)
99
99
 
100
100
  > 📦 Install the ASAP **Python SDK / protocol** from **`https://pypi.org/project/asap-protocol/`** — package name **`asap-protocol`** on [PyPI](https://pypi.org/project/asap-protocol/).
101
101
 
@@ -123,7 +123,7 @@ For simple point-to-point communication, a basic HTTP API might suffice; ASAP sh
123
123
  - **Identity & capabilities (v2.2, WebAuthn real in v2.2.1)** — Per-runtime Host/Agent JWTs, capability grants with constraints (`max`, `min`, `in`, `not_in`), approval flows (device authorization / CIBA-style), real WebAuthn attestation/assertion for high-risk registration (opt-in via `asap-protocol[webauthn]`).
124
124
  - **Streaming & wire protocol (v2.2)** — `POST /asap/stream` (SSE / `TaskStream`), JSON-RPC 2.0 batch on `POST /asap`, `ASAP-Version` negotiation, tamper-evident audit logging, Compliance Harness v2.
125
125
  - **Adoption Multiplier (v2.3.0)** — OpenAPI → ASAP via `create_from_openapi` (`[openapi]` extra), official **`@asap-protocol/client`** on npm (Vercel AI / OpenAI / Anthropic adapters), optional **Auto-Registration** (`POST /registry/agents`), **capability escalation**, and **ASAP `WWW-Authenticate`** discovery challenges. All opt-in; wire protocol unchanged. See [docs/index.md](docs/index.md) and [docs/migration.md](docs/migration.md).
126
- - **Edge-AI discovery (v2.4.0)** — Optional `manifest.capabilities.hardware` + `inference`, Lite Registry mirror, marketplace browse filters, and `@asap-protocol/client@2.4.0` discovery types. Wire protocol unchanged. See [Migration (v2.3.x → v2.4.0)](docs/migration.md#upgrading-from-v23x-to-v240) and [ShellClaw registry guide](docs/guides/shellclaw-registry.md).
126
+ - **Edge-AI discovery (v2.4.0)** — Optional `manifest.capabilities.hardware` + `inference`, Lite Registry mirror, marketplace browse filters, and `@asap-protocol/client@2.4.1` discovery types. Wire protocol unchanged. See [Migration (v2.3.x → v2.4.0)](docs/migration.md#upgrading-from-v23x-to-v240) and [ShellClaw registry guide](docs/guides/shellclaw-registry.md).
127
127
  - **Framework adapters (v2.3.1+, npm)** — **`@asap-protocol/mastra`** and **`@asap-protocol/openai-agents`** expose ASAP capabilities as Mastra tools and OpenAI Agents SDK `tool()` definitions. See [Migration (v2.3.0 → v2.3.1)](docs/migration.md#upgrading-from-v230-to-v231).
128
128
  - **Economics** — Usage metering, delegation tokens, SLA framework with breach alerts.
129
129
 
@@ -144,16 +144,16 @@ Or with pip:
144
144
  pip install asap-protocol
145
145
  ```
146
146
 
147
- **npm** (TypeScript / JavaScript — [`@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client), **`2.4.0`**). The `latest` dist-tag matches **`npm view @asap-protocol/client version`**.
147
+ **npm** (TypeScript / JavaScript — [`@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client), **`2.4.1`**). The `latest` dist-tag matches **`npm view @asap-protocol/client version`**.
148
148
 
149
- **npm** Mastra [**`@asap-protocol/mastra@2.4.0`**](https://www.npmjs.com/package/@asap-protocol/mastra) bridges ASAP capabilities onto **`@mastra/core`** tools; docs: [`docs/integrations/mastra.md`](docs/integrations/mastra.md), demo: [`apps/example-mastra/README.md`](apps/example-mastra/README.md).
149
+ **npm** Mastra [**`@asap-protocol/mastra@2.4.1`**](https://www.npmjs.com/package/@asap-protocol/mastra) bridges ASAP capabilities onto **`@mastra/core`** tools; docs: [`docs/integrations/mastra.md`](docs/integrations/mastra.md), demo: [`apps/example-mastra/README.md`](apps/example-mastra/README.md).
150
150
 
151
- **npm** OpenAI Agents SDK [**`@asap-protocol/openai-agents@2.4.0`**](https://www.npmjs.com/package/@asap-protocol/openai-agents) exposes ASAP capabilities as **`@openai/agents`** `tool()` definitions — **not** the Chat Completions helper [`adapters/openai`](packages/typescript/client/src/adapters/openai.ts); docs: [`docs/integrations/openai-agents.md`](docs/integrations/openai-agents.md), demo: [`apps/example-openai-agents/README.md`](apps/example-openai-agents/README.md).
151
+ **npm** OpenAI Agents SDK [**`@asap-protocol/openai-agents@2.4.1`**](https://www.npmjs.com/package/@asap-protocol/openai-agents) exposes ASAP capabilities as **`@openai/agents`** `tool()` definitions — **not** the Chat Completions helper [`adapters/openai`](packages/typescript/client/src/adapters/openai.ts); docs: [`docs/integrations/openai-agents.md`](docs/integrations/openai-agents.md), demo: [`apps/example-openai-agents/README.md`](apps/example-openai-agents/README.md).
152
152
 
153
153
  ```bash
154
- npm install @asap-protocol/client@2.4.0
155
- npm install @asap-protocol/mastra@2.4.0 @asap-protocol/client @mastra/core zod
156
- npm install @asap-protocol/openai-agents@2.4.0 @asap-protocol/client @openai/agents zod
154
+ npm install @asap-protocol/client@2.4.1
155
+ npm install @asap-protocol/mastra@2.4.1 @asap-protocol/client @mastra/core zod
156
+ npm install @asap-protocol/openai-agents@2.4.1 @asap-protocol/client @openai/agents zod
157
157
  ```
158
158
 
159
159
  📦 **Canonical listing:** **[https://pypi.org/project/asap-protocol/](https://pypi.org/project/asap-protocol/)** — package **`asap-protocol`** (`pip install asap-protocol`). Prefer `uv` for reproducible environments when possible.
@@ -7,7 +7,7 @@
7
7
 
8
8
  > A production-ready protocol for agent-to-agent communication and task coordination.
9
9
 
10
- **Quick Info**: `v2.4.0` (PyPI) · **npm TS [`2.4.0`](https://github.com/adriannoes/asap-protocol/releases/tag/v2.4.0)** | `Apache 2.0` | `Python 3.13+` | [Documentation](https://github.com/adriannoes/asap-protocol/blob/main/docs/index.md) | **[PyPI `asap-protocol`](https://pypi.org/project/asap-protocol/)** | **[npm `@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client)** | [Changelog](https://github.com/adriannoes/asap-protocol/blob/main/CHANGELOG.md)
10
+ **Quick Info**: `v2.4.1` (PyPI) · **npm TS [`2.4.1`](https://github.com/adriannoes/asap-protocol/releases/tag/v2.4.1)** | `Apache 2.0` | `Python 3.13+` | [Documentation](https://github.com/adriannoes/asap-protocol/blob/main/docs/index.md) | **[PyPI `asap-protocol`](https://pypi.org/project/asap-protocol/)** | **[npm `@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client)** | [Changelog](https://github.com/adriannoes/asap-protocol/blob/main/CHANGELOG.md)
11
11
 
12
12
  > 📦 Install the ASAP **Python SDK / protocol** from **`https://pypi.org/project/asap-protocol/`** — package name **`asap-protocol`** on [PyPI](https://pypi.org/project/asap-protocol/).
13
13
 
@@ -35,7 +35,7 @@ For simple point-to-point communication, a basic HTTP API might suffice; ASAP sh
35
35
  - **Identity & capabilities (v2.2, WebAuthn real in v2.2.1)** — Per-runtime Host/Agent JWTs, capability grants with constraints (`max`, `min`, `in`, `not_in`), approval flows (device authorization / CIBA-style), real WebAuthn attestation/assertion for high-risk registration (opt-in via `asap-protocol[webauthn]`).
36
36
  - **Streaming & wire protocol (v2.2)** — `POST /asap/stream` (SSE / `TaskStream`), JSON-RPC 2.0 batch on `POST /asap`, `ASAP-Version` negotiation, tamper-evident audit logging, Compliance Harness v2.
37
37
  - **Adoption Multiplier (v2.3.0)** — OpenAPI → ASAP via `create_from_openapi` (`[openapi]` extra), official **`@asap-protocol/client`** on npm (Vercel AI / OpenAI / Anthropic adapters), optional **Auto-Registration** (`POST /registry/agents`), **capability escalation**, and **ASAP `WWW-Authenticate`** discovery challenges. All opt-in; wire protocol unchanged. See [docs/index.md](docs/index.md) and [docs/migration.md](docs/migration.md).
38
- - **Edge-AI discovery (v2.4.0)** — Optional `manifest.capabilities.hardware` + `inference`, Lite Registry mirror, marketplace browse filters, and `@asap-protocol/client@2.4.0` discovery types. Wire protocol unchanged. See [Migration (v2.3.x → v2.4.0)](docs/migration.md#upgrading-from-v23x-to-v240) and [ShellClaw registry guide](docs/guides/shellclaw-registry.md).
38
+ - **Edge-AI discovery (v2.4.0)** — Optional `manifest.capabilities.hardware` + `inference`, Lite Registry mirror, marketplace browse filters, and `@asap-protocol/client@2.4.1` discovery types. Wire protocol unchanged. See [Migration (v2.3.x → v2.4.0)](docs/migration.md#upgrading-from-v23x-to-v240) and [ShellClaw registry guide](docs/guides/shellclaw-registry.md).
39
39
  - **Framework adapters (v2.3.1+, npm)** — **`@asap-protocol/mastra`** and **`@asap-protocol/openai-agents`** expose ASAP capabilities as Mastra tools and OpenAI Agents SDK `tool()` definitions. See [Migration (v2.3.0 → v2.3.1)](docs/migration.md#upgrading-from-v230-to-v231).
40
40
  - **Economics** — Usage metering, delegation tokens, SLA framework with breach alerts.
41
41
 
@@ -56,16 +56,16 @@ Or with pip:
56
56
  pip install asap-protocol
57
57
  ```
58
58
 
59
- **npm** (TypeScript / JavaScript — [`@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client), **`2.4.0`**). The `latest` dist-tag matches **`npm view @asap-protocol/client version`**.
59
+ **npm** (TypeScript / JavaScript — [`@asap-protocol/client`](https://www.npmjs.com/package/@asap-protocol/client), **`2.4.1`**). The `latest` dist-tag matches **`npm view @asap-protocol/client version`**.
60
60
 
61
- **npm** Mastra [**`@asap-protocol/mastra@2.4.0`**](https://www.npmjs.com/package/@asap-protocol/mastra) bridges ASAP capabilities onto **`@mastra/core`** tools; docs: [`docs/integrations/mastra.md`](docs/integrations/mastra.md), demo: [`apps/example-mastra/README.md`](apps/example-mastra/README.md).
61
+ **npm** Mastra [**`@asap-protocol/mastra@2.4.1`**](https://www.npmjs.com/package/@asap-protocol/mastra) bridges ASAP capabilities onto **`@mastra/core`** tools; docs: [`docs/integrations/mastra.md`](docs/integrations/mastra.md), demo: [`apps/example-mastra/README.md`](apps/example-mastra/README.md).
62
62
 
63
- **npm** OpenAI Agents SDK [**`@asap-protocol/openai-agents@2.4.0`**](https://www.npmjs.com/package/@asap-protocol/openai-agents) exposes ASAP capabilities as **`@openai/agents`** `tool()` definitions — **not** the Chat Completions helper [`adapters/openai`](packages/typescript/client/src/adapters/openai.ts); docs: [`docs/integrations/openai-agents.md`](docs/integrations/openai-agents.md), demo: [`apps/example-openai-agents/README.md`](apps/example-openai-agents/README.md).
63
+ **npm** OpenAI Agents SDK [**`@asap-protocol/openai-agents@2.4.1`**](https://www.npmjs.com/package/@asap-protocol/openai-agents) exposes ASAP capabilities as **`@openai/agents`** `tool()` definitions — **not** the Chat Completions helper [`adapters/openai`](packages/typescript/client/src/adapters/openai.ts); docs: [`docs/integrations/openai-agents.md`](docs/integrations/openai-agents.md), demo: [`apps/example-openai-agents/README.md`](apps/example-openai-agents/README.md).
64
64
 
65
65
  ```bash
66
- npm install @asap-protocol/client@2.4.0
67
- npm install @asap-protocol/mastra@2.4.0 @asap-protocol/client @mastra/core zod
68
- npm install @asap-protocol/openai-agents@2.4.0 @asap-protocol/client @openai/agents zod
66
+ npm install @asap-protocol/client@2.4.1
67
+ npm install @asap-protocol/mastra@2.4.1 @asap-protocol/client @mastra/core zod
68
+ npm install @asap-protocol/openai-agents@2.4.1 @asap-protocol/client @openai/agents zod
69
69
  ```
70
70
 
71
71
  📦 **Canonical listing:** **[https://pypi.org/project/asap-protocol/](https://pypi.org/project/asap-protocol/)** — package **`asap-protocol`** (`pip install asap-protocol`). Prefer `uv` for reproducible environments when possible.
@@ -1,6 +1,6 @@
1
1
  [project]
2
2
  name = "asap-protocol"
3
- version = "2.4.0"
3
+ version = "2.4.1"
4
4
  description = "Async Simple Agent Protocol - A streamlined protocol for agent-to-agent communication"
5
5
  authors = [
6
6
  {name = "ASAP Protocol Contributors"}
@@ -29,7 +29,7 @@ dependencies = [
29
29
  "pydantic>=2.12.5,<3",
30
30
  "fastapi>=0.136.1",
31
31
  "httpx[http2]>=0.28.1",
32
- "authlib>=1.6.11,<2",
32
+ "authlib>=1.6.12,<2",
33
33
  "joserfc>=1.6.3,<2",
34
34
  "uvicorn>=0.34",
35
35
  "python-ulid>=3.0",
@@ -68,7 +68,7 @@ docs = [
68
68
  "pymdown-extensions>=10.21.3",
69
69
  ]
70
70
  dns-sd = [
71
- "zeroconf>=0.80",
71
+ "zeroconf>=0.149.5",
72
72
  ]
73
73
  # Redis: shared rate limit storage for multi-worker deployments (see rate_limit.py).
74
74
  redis = [
@@ -95,7 +95,7 @@ smolagents = [
95
95
  "smolagents>=1.24.0",
96
96
  ]
97
97
  pydanticai = [
98
- "pydantic-ai>=0.2",
98
+ "pydantic-ai>=1.99.0",
99
99
  ]
100
100
  openclaw = [
101
101
  "openclaw-sdk>=2.0",
@@ -116,7 +116,9 @@ Issues = "https://github.com/adriannoes/asap-protocol/issues"
116
116
  "PyPI" = "https://pypi.org/project/asap-protocol/"
117
117
 
118
118
  # Override transitive dependencies for security fixes:
119
- # - pyjwt>=2.12.0 for CVE-2026-32597 (crit header validation)
119
+ # - pyjwt>=2.13.0 for PYSEC-2026-175/177/178/179 (CVE-2026-32597 baseline at 2.12.0)
120
+ # - aiohttp>=3.14.0,<4 for CVE-2026-34993 / CVE-2026-47265 (transitive, e.g. openclaw/mcp stacks)
121
+ # - zeroconf>=0.149.5 for CVE-2026-47180/47183/47184 ([dns-sd] extra)
120
122
  # - pyasn1>=0.6.3 for CVE-2026-30922 (DoS via unbounded recursion)
121
123
  # - tinytag>=2.2.1 for CVE-2026-32889
122
124
  # - cryptography>=46.0.7 for CVE-2026-39892 / CVE-2026-34073 (name-constraint / peer identity)
@@ -128,14 +130,15 @@ Issues = "https://github.com/adriannoes/asap-protocol/issues"
128
130
  # - langsmith>=0.8.0 for CVE-2026-45134 (prior: GHSA-rr7j-v2q5-chgv)
129
131
  # - langchain-core>=1.3.3 for CVE-2026-44843
130
132
  # - urllib3>=2.7.0 for CVE-2026-44431 / CVE-2026-44432
131
- # - pip>=26.1 for CVE-2026-6357 (transitive via pip-api / venv)
133
+ # - pip>=26.1.2 for PYSEC-2026-196 (CVE-2026-6357 baseline at 26.1)
132
134
  # - python-dotenv>=1.2.2 for CVE-2026-28684 (transitive, e.g. pydantic-settings / uvicorn stacks)
133
135
  # - idna>=3.15 for CVE-2026-45409 (DoS in idna.encode; transitive via httpx/requests)
134
136
  # - markdown>=3.10.2 for PYSEC-2026-89 (DoS in html.parser during Markdown parse; mkdocs stack)
135
137
  # - pymdown-extensions>=10.21.3 for CVE-2026-46338 (snippets base_path prefix bypass; mkdocs stack)
136
138
  [tool.uv]
137
139
  override-dependencies = [
138
- "pyjwt>=2.12.0,<3",
140
+ "aiohttp>=3.14.0,<4",
141
+ "pyjwt>=2.13.0,<3",
139
142
  "pyasn1>=0.6.3",
140
143
  "tinytag>=2.2.1",
141
144
  "cryptography>=46.0.7,<47",
@@ -147,7 +150,8 @@ override-dependencies = [
147
150
  "langsmith>=0.8.0",
148
151
  "langchain-core>=1.3.3",
149
152
  "urllib3>=2.7.0",
150
- "pip>=26.1",
153
+ "pip>=26.1.2",
154
+ "zeroconf>=0.149.5",
151
155
  "python-dotenv>=1.2.2",
152
156
  "idna>=3.15",
153
157
  "markdown>=3.10.2",
@@ -340,5 +344,5 @@ dev = [
340
344
  "memory-profiler>=0.61",
341
345
  "pytest-asyncio>=0.24",
342
346
  "pytest-cov>=6.0",
343
- "pip>=26.0.1",
347
+ "pip>=26.1.2",
344
348
  ]
@@ -8,7 +8,7 @@ from __future__ import annotations
8
8
 
9
9
  from typing import Any
10
10
 
11
- __version__ = "2.4.0"
11
+ __version__ = "2.4.1"
12
12
 
13
13
  __all__ = ["__version__", "create_from_openapi"]
14
14
 
@@ -40,7 +40,7 @@ def get_manifest_json(manifest: Manifest) -> dict[str, object]:
40
40
  Returns:
41
41
  Dictionary suitable for JSON response (model_dump).
42
42
  """
43
- return manifest.model_dump()
43
+ return manifest.model_dump(mode="json", by_alias=True)
44
44
 
45
45
 
46
46
  def compute_manifest_etag(manifest: Manifest) -> str:
@@ -64,20 +64,37 @@ def asap_tool_for_urn(
64
64
 
65
65
  client_instance = client or MarketClient()
66
66
  resolved: ResolvedAgent | None = None
67
- try:
68
- resolved = asyncio.run(client_instance.resolve(urn))
69
- except Exception as e:
70
- raise ValueError(f"Failed to resolve agent {urn}: {e}") from e
71
-
72
67
  skill_id = ""
73
- if resolved.manifest.capabilities.skills:
74
- skill_id = resolved.manifest.capabilities.skills[0].id
75
- tool_name = name or resolved.manifest.name or urn
76
- tool_description = description or resolved.manifest.description or f"Invoke ASAP agent {urn}."
77
- parameters_schema = _parameters_schema_from_manifest(resolved.manifest)
78
- agent = resolved
68
+ tool_name = name or urn
69
+ tool_description = description or f"Invoke ASAP agent {urn}."
70
+ parameters_schema = DEFAULT_PARAMETERS_JSON_SCHEMA
71
+
72
+ try:
73
+ asyncio.get_running_loop()
74
+ except RuntimeError:
75
+ try:
76
+ resolved = asyncio.run(client_instance.resolve(urn))
77
+ if resolved.manifest.capabilities.skills:
78
+ skill_id = resolved.manifest.capabilities.skills[0].id
79
+ tool_name = name or resolved.manifest.name or urn
80
+ tool_description = (
81
+ description or resolved.manifest.description or f"Invoke ASAP agent {urn}."
82
+ )
83
+ parameters_schema = _parameters_schema_from_manifest(resolved.manifest)
84
+ except Exception as e:
85
+ raise ValueError(f"Failed to resolve agent {urn}: {e}") from e
79
86
 
80
87
  async def _invoke(**kwargs: Any) -> str:
88
+ nonlocal resolved, skill_id
89
+ agent = resolved
90
+ if agent is None:
91
+ try:
92
+ agent = await client_instance.resolve(urn)
93
+ resolved = agent
94
+ if agent.manifest.capabilities.skills:
95
+ skill_id = agent.manifest.capabilities.skills[0].id
96
+ except Exception as e:
97
+ return _to_str_result(f"Error: Failed to resolve agent {urn}: {e!s}")
81
98
  input_payload = kwargs.get("input", kwargs)
82
99
  if not isinstance(input_payload, dict):
83
100
  input_payload = {"value": input_payload}
@@ -101,24 +101,27 @@ class SmolAgentsAsapTool(Tool if Tool is not None else object): # type: ignore[
101
101
  self._skill_id = ""
102
102
 
103
103
  try:
104
- resolved = asyncio.run(self._client.resolve(urn))
105
- self._resolved = resolved
106
- self._skill_id = (
107
- resolved.manifest.capabilities.skills[0].id
108
- if resolved.manifest.capabilities.skills
109
- else ""
110
- )
111
- raw_name = name or resolved.manifest.name or urn
112
- self.name = _sanitize_tool_name(raw_name)
113
- self.description = (
114
- description or resolved.manifest.description or f"Invoke ASAP agent {urn}."
115
- )
116
- self.inputs = _build_inputs_from_manifest(resolved.manifest)
117
- except (OSError, ValueError, AgentRevokedException, SignatureVerificationError):
118
- raw_name = name or urn or "asap_agent"
119
- self.name = _sanitize_tool_name(raw_name)
120
- self.description = description or f"Invoke ASAP agent {urn}."
121
- self.inputs = _DEFAULT_INPUTS.copy()
104
+ asyncio.get_running_loop()
105
+ except RuntimeError:
106
+ try:
107
+ resolved = asyncio.run(self._client.resolve(urn))
108
+ self._resolved = resolved
109
+ self._skill_id = (
110
+ resolved.manifest.capabilities.skills[0].id
111
+ if resolved.manifest.capabilities.skills
112
+ else ""
113
+ )
114
+ raw_name = name or resolved.manifest.name or urn
115
+ self.name = _sanitize_tool_name(raw_name)
116
+ self.description = (
117
+ description or resolved.manifest.description or f"Invoke ASAP agent {urn}."
118
+ )
119
+ self.inputs = _build_inputs_from_manifest(resolved.manifest)
120
+ except (OSError, ValueError, AgentRevokedException, SignatureVerificationError):
121
+ raw_name = name or urn or "asap_agent"
122
+ self.name = _sanitize_tool_name(raw_name)
123
+ self.description = description or f"Invoke ASAP agent {urn}."
124
+ self.inputs = _DEFAULT_INPUTS.copy()
122
125
 
123
126
  super().__init__()
124
127
 
@@ -1287,6 +1287,39 @@ class ASAPClient:
1287
1287
  data = json.loads(json_str)
1288
1288
  yield Envelope.model_validate(data)
1289
1289
 
1290
+ async def _coerce_manifest_payload(
1291
+ self,
1292
+ manifest_data: dict[str, Any],
1293
+ url: str,
1294
+ *,
1295
+ use_schema_validator: bool,
1296
+ ) -> tuple[Manifest, str | None]:
1297
+ """Parse plain or signed manifest JSON from an HTTP response body."""
1298
+ try:
1299
+ if "manifest" in manifest_data and "signature" in manifest_data:
1300
+ signed = SignedManifest.model_validate(manifest_data)
1301
+ if self._verify_signatures:
1302
+ trusted_b64 = self._trusted_manifest_keys.get(url)
1303
+ if not trusted_b64:
1304
+ raise SignatureVerificationError(
1305
+ f"Cannot verify signed manifest from {sanitize_url(url)}: "
1306
+ "no trusted public key provided. Pass trusted_manifest_keys "
1307
+ "to ASAPClient (or disable verify_signatures).",
1308
+ details={"url": sanitize_url(url)},
1309
+ )
1310
+ trusted_key = load_public_key_from_base64(trusted_b64)
1311
+ await asyncio.to_thread(verify_manifest, signed, trusted_key)
1312
+ return signed.manifest, signed.signature.trust_level.value
1313
+ if use_schema_validator:
1314
+ return validate_manifest_schema(manifest_data), None
1315
+ return Manifest.model_validate(manifest_data), None
1316
+ except SignatureVerificationError:
1317
+ raise
1318
+ except ManifestValidationError:
1319
+ raise
1320
+ except Exception as e:
1321
+ raise ValueError(f"Invalid manifest format: {e}") from e
1322
+
1290
1323
  async def get_manifest(self, url: str | None = None) -> Manifest:
1291
1324
  """Get agent manifest from cache or HTTP endpoint.
1292
1325
 
@@ -1361,24 +1394,11 @@ class ASAPClient:
1361
1394
  raise ValueError(f"Invalid JSON in manifest response: {e}") from e
1362
1395
 
1363
1396
  try:
1364
- if "manifest" in manifest_data and "signature" in manifest_data:
1365
- signed = SignedManifest.model_validate(manifest_data)
1366
- if self._verify_signatures:
1367
- trusted_b64 = self._trusted_manifest_keys.get(url)
1368
- if not trusted_b64:
1369
- raise SignatureVerificationError(
1370
- f"Cannot verify signed manifest from {sanitize_url(url)}: "
1371
- "no trusted public key provided. Pass trusted_manifest_keys "
1372
- "to ASAPClient (or disable verify_signatures).",
1373
- details={"url": sanitize_url(url)},
1374
- )
1375
- trusted_key = load_public_key_from_base64(trusted_b64)
1376
- await asyncio.to_thread(verify_manifest, signed, trusted_key)
1377
- manifest = signed.manifest
1378
- trust_level = signed.signature.trust_level.value
1379
- else:
1380
- manifest = Manifest.model_validate(manifest_data)
1381
- trust_level = None
1397
+ manifest, trust_level = await self._coerce_manifest_payload(
1398
+ manifest_data,
1399
+ url,
1400
+ use_schema_validator=False,
1401
+ )
1382
1402
  except SignatureVerificationError:
1383
1403
  self._manifest_cache.invalidate(url)
1384
1404
  raise
@@ -1605,7 +1625,14 @@ class ASAPClient:
1605
1625
  raise ValueError(f"Invalid JSON in manifest response: {e}") from e
1606
1626
 
1607
1627
  try:
1608
- manifest = validate_manifest_schema(manifest_data)
1628
+ manifest, _trust_level = await self._coerce_manifest_payload(
1629
+ manifest_data,
1630
+ manifest_url,
1631
+ use_schema_validator=True,
1632
+ )
1633
+ except SignatureVerificationError:
1634
+ self._manifest_cache.invalidate(manifest_url)
1635
+ raise
1609
1636
  except ManifestValidationError:
1610
1637
  self._manifest_cache.invalidate(manifest_url)
1611
1638
  raise
@@ -1633,7 +1660,13 @@ class ASAPClient:
1633
1660
  cause=e,
1634
1661
  url=sanitize_url(manifest_url),
1635
1662
  ) from e
1636
- except (ASAPConnectionError, ASAPTimeoutError, ValueError, ManifestValidationError):
1663
+ except (
1664
+ ASAPConnectionError,
1665
+ ASAPTimeoutError,
1666
+ ValueError,
1667
+ ManifestValidationError,
1668
+ SignatureVerificationError,
1669
+ ):
1637
1670
  raise
1638
1671
  except Exception as e:
1639
1672
  self._manifest_cache.invalidate(manifest_url)
File without changes
File without changes