getstack 0.12.0__tar.gz → 0.13.1__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {getstack-0.12.0 → getstack-0.13.1}/PKG-INFO +1 -1
- {getstack-0.12.0 → getstack-0.13.1}/pyproject.toml +1 -1
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/agents.py +30 -3
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/types.py +8 -0
- {getstack-0.12.0 → getstack-0.13.1}/.gitignore +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/CLAUDE.md +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/LICENSE +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/README.md +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/__init__.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/__init__.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/agents.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/audit.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/credentials.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/dropoffs.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/identity.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/inbound_webhooks.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/intents.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/llm.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/missions.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/notifications.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/partner_tenants.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/passport_session.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/passports.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/proxy.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/reviews.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/scan.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/security_events.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/services.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/_async/skills.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/agent_auth.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/audit.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/auth.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/browser_bootstrap.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/client.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/credentials.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/dropoffs.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/errors.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/evidence_packs.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/identity.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/inbound_webhooks.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/intents.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/llm.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/missions.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/notifications.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/partner_tenants.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/passport_header_verify.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/passport_session.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/passports.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/proxy.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/py.typed +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/reviews.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/scan.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/security_events.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/services.py +0 -0
- {getstack-0.12.0 → getstack-0.13.1}/src/getstack/skills.py +0 -0
|
@@ -15,7 +15,10 @@ def _to_agent(data: dict[str, Any]) -> Agent:
|
|
|
15
15
|
name=data["name"],
|
|
16
16
|
description=data.get("description"),
|
|
17
17
|
status=data["status"],
|
|
18
|
-
|
|
18
|
+
# DB default for new agents is "enforced" (matches the API), not
|
|
19
|
+
# "standard" — the old fallback misreported the mode when the
|
|
20
|
+
# field was absent from a response.
|
|
21
|
+
accountability_mode=data.get("accountability_mode", "enforced"),
|
|
19
22
|
on_warning=data.get("on_warning", "notify"),
|
|
20
23
|
on_critical=data.get("on_critical", "notify"),
|
|
21
24
|
passport_blocked=data.get("passport_blocked", False),
|
|
@@ -23,6 +26,8 @@ def _to_agent(data: dict[str, Any]) -> Agent:
|
|
|
23
26
|
passport_blocked_at=data.get("passport_blocked_at"),
|
|
24
27
|
created_at=data["created_at"],
|
|
25
28
|
updated_at=data["updated_at"],
|
|
29
|
+
credential_access=data.get("credential_access", "direct"),
|
|
30
|
+
key_mode=data.get("key_mode", "stack_managed"),
|
|
26
31
|
)
|
|
27
32
|
|
|
28
33
|
|
|
@@ -34,13 +39,35 @@ class AgentService:
|
|
|
34
39
|
self,
|
|
35
40
|
name: str,
|
|
36
41
|
description: str | None = None,
|
|
37
|
-
|
|
42
|
+
profile: str | None = None,
|
|
43
|
+
accountability_mode: str | None = None,
|
|
44
|
+
credential_access: str | None = None,
|
|
38
45
|
on_warning: str = "notify",
|
|
39
46
|
on_critical: str = "notify",
|
|
40
47
|
) -> Agent:
|
|
41
|
-
|
|
48
|
+
"""Register an agent.
|
|
49
|
+
|
|
50
|
+
For a bot that just runs (calls an LLM through STACK, no provider
|
|
51
|
+
key on its box), pass ``profile="proxied-llm-bot"`` — it expands
|
|
52
|
+
server-side to ``credential_access="proxy_only"`` +
|
|
53
|
+
``accountability_mode="logged"`` + ``key_mode="stack_managed"`` so
|
|
54
|
+
the first call works with no approval-header dance. Any field you
|
|
55
|
+
also pass explicitly overrides the preset.
|
|
56
|
+
|
|
57
|
+
Omitting ``accountability_mode``/``credential_access`` leaves the
|
|
58
|
+
server default (``enforced`` + ``direct``) OR the profile value —
|
|
59
|
+
they are only sent when provided, so an unset value never clobbers
|
|
60
|
+
a preset.
|
|
61
|
+
"""
|
|
62
|
+
body: dict[str, Any] = {"name": name}
|
|
42
63
|
if description:
|
|
43
64
|
body["description"] = description
|
|
65
|
+
if profile is not None:
|
|
66
|
+
body["profile"] = profile
|
|
67
|
+
if accountability_mode is not None:
|
|
68
|
+
body["accountability_mode"] = accountability_mode
|
|
69
|
+
if credential_access is not None:
|
|
70
|
+
body["credential_access"] = credential_access
|
|
44
71
|
if on_warning != "notify":
|
|
45
72
|
body["on_warning"] = on_warning
|
|
46
73
|
if on_critical != "notify":
|
|
@@ -20,6 +20,14 @@ class Agent:
|
|
|
20
20
|
passport_blocked_at: str | None
|
|
21
21
|
created_at: str
|
|
22
22
|
updated_at: str
|
|
23
|
+
# Raw-secret access policy: "direct" | "proxy_preferred" | "proxy_only".
|
|
24
|
+
# Defaulted for backward compatibility with older API responses.
|
|
25
|
+
credential_access: str = "direct"
|
|
26
|
+
# Signing-key model: "stack_managed" | "customer_managed" | "co_signed".
|
|
27
|
+
# Immutable after registration. Surfaced (GET-243/244) so on-box use can
|
|
28
|
+
# see whether the box needs an agent keypair (customer_managed) or the
|
|
29
|
+
# operator credential (stack_managed). Defaulted for older responses.
|
|
30
|
+
key_mode: str = "stack_managed"
|
|
23
31
|
|
|
24
32
|
|
|
25
33
|
@dataclass
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|