diff --git a/.changeset/bright-dogs-login.md b/.changeset/bright-dogs-login.md deleted file mode 100644 index e3afc52ab..000000000 --- a/.changeset/bright-dogs-login.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Start remote authentication when a credentialed Vercel deployment returns an `UNAUTHORIZED` protection response. diff --git a/.changeset/bundler-resolution.md b/.changeset/bundler-resolution.md deleted file mode 100644 index 47112bde1..000000000 --- a/.changeset/bundler-resolution.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"eve": patch ---- - -feat(eve): scaffold projects with bundler module resolution - -`eve init` now writes a `tsconfig.json` using `"moduleResolution": "bundler"` (and `"module": "esnext"`), which matches how eve compiles authored agents and extensions. Relative imports in your agent and extension source no longer need `.js` extensions (e.g. `import extension from "../extension"`). diff --git a/.changeset/discord-environment-credentials.md b/.changeset/discord-environment-credentials.md deleted file mode 100644 index e194efadf..000000000 --- a/.changeset/discord-environment-credentials.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Restore the `DISCORD_BOT_TOKEN` environment fallback for proactive Discord messages, typing indicators, and bot-authenticated requests when `discordChannel()` is configured without explicit credentials. diff --git a/.changeset/flexible-eval-counts.md b/.changeset/flexible-eval-counts.md deleted file mode 100644 index 080c5eb80..000000000 --- a/.changeset/flexible-eval-counts.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Eval assertion `count` options now accept predicates, allowing ranges such as “at least two” while preserving exact numeric counts. diff --git a/.changeset/mounted-extensions.md b/.changeset/mounted-extensions.md deleted file mode 100644 index 75b44ef4e..000000000 --- a/.changeset/mounted-extensions.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -"eve": patch ---- - -feat(eve): mounted extensions - -Package eve capabilities — tools, connections, skills, instructions, hooks — as a reusable package and mount it under `agent/extensions/`, as a file (`crm.ts`) or a directory with co-located override slots that shadow the extension's own contributions. Contributions compose into the agent under a `__` prefix. Author with `defineExtension` from `eve/extension`, taking an optional Standard-Schema `config` read via `extension.config`; `defineState` is auto-scoped to the package. `eve build` compiles the package to runnable JavaScript with type declarations and fills its `exports`, so a published extension installs and mounts with no second compiler. `eve` is a peer dependency whose declared range eve enforces at mount; an extension cannot declare a sandbox, agent config, schedules, or limits, or mount other extensions. diff --git a/.changeset/openapi-spec-safe-frontmatter.md b/.changeset/openapi-spec-safe-frontmatter.md deleted file mode 100644 index 8657a5790..000000000 --- a/.changeset/openapi-spec-safe-frontmatter.md +++ /dev/null @@ -1,9 +0,0 @@ ---- -"eve": patch ---- - -Hardened frontmatter parsing and OpenAPI connection loading. - -All frontmatter parsing now runs through a single safe-by-default helper with gray-matter's code-capable engines disabled, so a `---js` / `---javascript` fence throws instead of being `eval()`d. Previously only authored markdown (skills, schedules, instructions) was hardened; the eval YAML loader and the OpenAPI spec loader used gray-matter's defaults and would execute such a fence. This closes that path for OpenAPI specs, which are fetched over the network. Parsing untrusted frontmatter as code is now opt-in only, and a direct import of the bundled gray-matter outside the wrapper fails CI. - -OpenAPI spec URLs and the resolved base URL are now required to use `https` (plain `http` is still allowed for loopback hosts during local development), so neither the spec fetch nor the credentialed operation calls run over cleartext; the spec transport is also re-checked after redirects. diff --git a/.changeset/quiet-worktrees-snapshot.md b/.changeset/quiet-worktrees-snapshot.md deleted file mode 100644 index b4e5955c7..000000000 --- a/.changeset/quiet-worktrees-snapshot.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Stop `eve dev` source snapshots from copying nested Git repositories and worktrees, preventing duplicate checkouts from inflating each development snapshot. diff --git a/.changeset/safe-microsandbox-secrets.md b/.changeset/safe-microsandbox-secrets.md deleted file mode 100644 index 746450890..000000000 --- a/.changeset/safe-microsandbox-secrets.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Prevent brokered credential values from being exposed to commands running in Microsandbox. Guest Git configuration continues to use broker-managed placeholders for authenticated requests. diff --git a/.changeset/tidy-cats-login.md b/.changeset/tidy-cats-login.md deleted file mode 100644 index eea19b0a7..000000000 --- a/.changeset/tidy-cats-login.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Recover `eve dev ` authentication when Vercel Deployment Protection returns an SSO redirect or a structured protected-deployment response. diff --git a/.changeset/tidy-slack-tokens.md b/.changeset/tidy-slack-tokens.md deleted file mode 100644 index c365ea4d3..000000000 --- a/.changeset/tidy-slack-tokens.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Slack outbound messages now preserve literal bare `@` tokens, including scoped package names, while explicit `<@USER_ID>` mention syntax continues to pass through unchanged. diff --git a/.changeset/tidy-snails-listen.md b/.changeset/tidy-snails-listen.md deleted file mode 100644 index 316da6620..000000000 --- a/.changeset/tidy-snails-listen.md +++ /dev/null @@ -1,5 +0,0 @@ ---- -"eve": patch ---- - -Preserve query parameters passed to `eve dev` and send them on every agent request, including session POSTs and streams. diff --git a/packages/eve/CHANGELOG.md b/packages/eve/CHANGELOG.md index fb946e25f..f70f84ce8 100644 --- a/packages/eve/CHANGELOG.md +++ b/packages/eve/CHANGELOG.md @@ -1,5 +1,32 @@ # eve +## 0.22.3 + +### Patch Changes + +- 8223498: Start remote authentication when a credentialed Vercel deployment returns an `UNAUTHORIZED` protection response. +- 79df338: feat(eve): scaffold projects with bundler module resolution + + `eve init` now writes a `tsconfig.json` using `"moduleResolution": "bundler"` (and `"module": "esnext"`), which matches how eve compiles authored agents and extensions. Relative imports in your agent and extension source no longer need `.js` extensions (e.g. `import extension from "../extension"`). + +- 173fa5d: Restore the `DISCORD_BOT_TOKEN` environment fallback for proactive Discord messages, typing indicators, and bot-authenticated requests when `discordChannel()` is configured without explicit credentials. +- 89cd2d6: Eval assertion `count` options now accept predicates, allowing ranges such as “at least two” while preserving exact numeric counts. +- fdf56ef: feat(eve): mounted extensions + + Package eve capabilities — tools, connections, skills, instructions, hooks — as a reusable package and mount it under `agent/extensions/`, as a file (`crm.ts`) or a directory with co-located override slots that shadow the extension's own contributions. Contributions compose into the agent under a `__` prefix. Author with `defineExtension` from `eve/extension`, taking an optional Standard-Schema `config` read via `extension.config`; `defineState` is auto-scoped to the package. `eve build` compiles the package to runnable JavaScript with type declarations and fills its `exports`, so a published extension installs and mounts with no second compiler. `eve` is a peer dependency whose declared range eve enforces at mount; an extension cannot declare a sandbox, agent config, schedules, or limits, or mount other extensions. + +- 89f13e0: Hardened frontmatter parsing and OpenAPI connection loading. + + All frontmatter parsing now runs through a single safe-by-default helper with gray-matter's code-capable engines disabled, so a `---js` / `---javascript` fence throws instead of being `eval()`d. Previously only authored markdown (skills, schedules, instructions) was hardened; the eval YAML loader and the OpenAPI spec loader used gray-matter's defaults and would execute such a fence. This closes that path for OpenAPI specs, which are fetched over the network. Parsing untrusted frontmatter as code is now opt-in only, and a direct import of the bundled gray-matter outside the wrapper fails CI. + + OpenAPI spec URLs and the resolved base URL are now required to use `https` (plain `http` is still allowed for loopback hosts during local development), so neither the spec fetch nor the credentialed operation calls run over cleartext; the spec transport is also re-checked after redirects. + +- aff35e2: Stop `eve dev` source snapshots from copying nested Git repositories and worktrees, preventing duplicate checkouts from inflating each development snapshot. +- 9087496: Prevent brokered credential values from being exposed to commands running in Microsandbox. Guest Git configuration continues to use broker-managed placeholders for authenticated requests. +- 72c58ae: Recover `eve dev ` authentication when Vercel Deployment Protection returns an SSO redirect or a structured protected-deployment response. +- 87688f9: Slack outbound messages now preserve literal bare `@` tokens, including scoped package names, while explicit `<@USER_ID>` mention syntax continues to pass through unchanged. +- c1c4ee5: Preserve query parameters passed to `eve dev` and send them on every agent request, including session POSTs and streams. + ## 0.22.2 ### Patch Changes diff --git a/packages/eve/package.json b/packages/eve/package.json index 3af91b2ba..96933ab20 100644 --- a/packages/eve/package.json +++ b/packages/eve/package.json @@ -1,6 +1,6 @@ { "name": "eve", - "version": "0.22.2", + "version": "0.22.3", "private": false, "description": "Filesystem-first framework for durable backend AI agents that run anywhere.", "keywords": [