From cfcfaaac0f3a1c584068bb4088a92dd17e5c3ca0 Mon Sep 17 00:00:00 2001 From: MaheshtheDev <38828053+MaheshtheDev@users.noreply.github.com> Date: Thu, 16 Apr 2026 23:27:38 +0000 Subject: [PATCH 1/5] fix: another resource url issue (#859) --- apps/mcp/src/index.ts | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/apps/mcp/src/index.ts b/apps/mcp/src/index.ts index 6c9f241ec..30119f553 100644 --- a/apps/mcp/src/index.ts +++ b/apps/mcp/src/index.ts @@ -59,9 +59,16 @@ app.get("/", (c) => { // MCP clients use this to discover the authorization server app.get("/.well-known/oauth-protected-resource", (c) => { const apiUrl = c.env.API_URL || DEFAULT_API_URL - const host = c.req.header("x-forwarded-host") || c.req.header("host") - const proto = c.req.header("x-forwarded-proto") || "https" - const resourceUrl = host ? `${proto}://${host}` : "https://mcp.supermemory.ai" + + // TODO: commented out because this might be issue with auth as well + //const host = c.req.header("x-forwarded-host") || c.req.header("host") + //const proto = c.req.header("x-forwarded-proto") || "https" + //const resourceUrl = host ? `${proto}://${host}` : "https://mcp.supermemory.ai" + + const resourceUrl = + c.env.API_URL === "http://localhost:8787" + ? "http://localhost:8788" + : "https://mcp.supermemory.ai" return c.json({ resource: resourceUrl, From 7b65e9a1db5dbb8c412935b74c31b81a7bf38a7d Mon Sep 17 00:00:00 2001 From: MaheshtheDev <38828053+MaheshtheDev@users.noreply.github.com> Date: Thu, 16 Apr 2026 23:35:19 +0000 Subject: [PATCH 2/5] fix: reverted for auth issue (#860) --- apps/mcp/src/index.ts | 30 +++++++++--------------------- 1 file changed, 9 insertions(+), 21 deletions(-) diff --git a/apps/mcp/src/index.ts b/apps/mcp/src/index.ts index 30119f553..94a0bc746 100644 --- a/apps/mcp/src/index.ts +++ b/apps/mcp/src/index.ts @@ -60,15 +60,9 @@ app.get("/", (c) => { app.get("/.well-known/oauth-protected-resource", (c) => { const apiUrl = c.env.API_URL || DEFAULT_API_URL - // TODO: commented out because this might be issue with auth as well - //const host = c.req.header("x-forwarded-host") || c.req.header("host") - //const proto = c.req.header("x-forwarded-proto") || "https" - //const resourceUrl = host ? `${proto}://${host}` : "https://mcp.supermemory.ai" - - const resourceUrl = - c.env.API_URL === "http://localhost:8787" - ? "http://localhost:8788" - : "https://mcp.supermemory.ai" + const host = c.req.header("x-forwarded-host") || c.req.header("host") + const proto = c.req.header("x-forwarded-proto") || "https" + const resourceUrl = host ? `${proto}://${host}` : "https://mcp.supermemory.ai" return c.json({ resource: resourceUrl, @@ -121,18 +115,12 @@ const handleMcpRequest = async (c: Context<{ Bindings: Bindings }>) => { const token = authHeader?.replace(/^Bearer\s+/i, "") const containerTag = c.req.header("x-sm-project") const apiUrl = c.env.API_URL || DEFAULT_API_URL - const mcpURL = - c.env.API_URL === "http://localhost:8787" - ? "http://localhost:8788" - : "https://mcp.supermemory.ai" - - // TODO: commented out because this might be issue with auth - //const reqHost = c.req.header("x-forwarded-host") || c.req.header("host") || "" - //const reqProto = c.req.header("x-forwarded-proto") || "https" - //const resourceMetadataUrl = reqHost - // ? `${reqProto}://${reqHost}/.well-known/oauth-protected-resource` - // : "/.well-known/oauth-protected-resource" - const resourceMetadataUrl = `${mcpURL}/.well-known/oauth-protected-resource` + + const reqHost = c.req.header("x-forwarded-host") || c.req.header("host") || "" + const reqProto = c.req.header("x-forwarded-proto") || "https" + const resourceMetadataUrl = reqHost + ? `${reqProto}://${reqHost}/.well-known/oauth-protected-resource` + : "/.well-known/oauth-protected-resource" if (!token) { return new Response("Unauthorized", { From 7d2fd5f61996b7cb82d8da751852739a939bb429 Mon Sep 17 00:00:00 2001 From: "vorflux[bot]" <249966464+vorflux[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 18:39:00 -0700 Subject: [PATCH 3/5] Add auto-publish workflows for all packages (#861) Co-authored-by: Vorflux AI --- .../publish-agent-framework-python.yml | 37 ++++++++++++++++ .../workflows/publish-cartesia-sdk-python.yml | 37 ++++++++++++++++ .github/workflows/publish-memory-graph.yml | 44 +++++++++++++++++++ .../workflows/publish-openai-sdk-python.yml | 37 ++++++++++++++++ .../workflows/publish-pipecat-sdk-python.yml | 37 ++++++++++++++++ .github/workflows/publish-tools.yml | 44 +++++++++++++++++++ 6 files changed, 236 insertions(+) create mode 100644 .github/workflows/publish-agent-framework-python.yml create mode 100644 .github/workflows/publish-cartesia-sdk-python.yml create mode 100644 .github/workflows/publish-memory-graph.yml create mode 100644 .github/workflows/publish-openai-sdk-python.yml create mode 100644 .github/workflows/publish-pipecat-sdk-python.yml create mode 100644 .github/workflows/publish-tools.yml diff --git a/.github/workflows/publish-agent-framework-python.yml b/.github/workflows/publish-agent-framework-python.yml new file mode 100644 index 000000000..bb46d3d3c --- /dev/null +++ b/.github/workflows/publish-agent-framework-python.yml @@ -0,0 +1,37 @@ +name: Publish Agent Framework Python + +on: + push: + branches: + - main + paths: + - "packages/agent-framework-python/pyproject.toml" + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + defaults: + run: + working-directory: ./packages/agent-framework-python + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "3.12" + + - name: Install build dependencies + run: pip install hatchling build + + - name: Build package + run: python -m build + + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + packages-dir: packages/agent-framework-python/dist/ diff --git a/.github/workflows/publish-cartesia-sdk-python.yml b/.github/workflows/publish-cartesia-sdk-python.yml new file mode 100644 index 000000000..14155ac1e --- /dev/null +++ b/.github/workflows/publish-cartesia-sdk-python.yml @@ -0,0 +1,37 @@ +name: Publish Cartesia SDK Python + +on: + push: + branches: + - main + paths: + - "packages/cartesia-sdk-python/pyproject.toml" + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + defaults: + run: + working-directory: ./packages/cartesia-sdk-python + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "3.12" + + - name: Install build dependencies + run: pip install hatchling build + + - name: Build package + run: python -m build + + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + packages-dir: packages/cartesia-sdk-python/dist/ diff --git a/.github/workflows/publish-memory-graph.yml b/.github/workflows/publish-memory-graph.yml new file mode 100644 index 000000000..65b24e8d2 --- /dev/null +++ b/.github/workflows/publish-memory-graph.yml @@ -0,0 +1,44 @@ +name: Publish Memory Graph + +on: + push: + branches: + - main + paths: + - "packages/memory-graph/package.json" + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + defaults: + run: + working-directory: ./packages/memory-graph + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Node + uses: actions/setup-node@v4 + with: + registry-url: 'https://registry.npmjs.org' + + - name: Setup Bun + uses: oven-sh/setup-bun@v2 + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + + - name: Install dependencies + run: bun install + + - name: Build + run: bun run build + + - name: Publish + run: pnpm publish --access public --verbose + env: + NPM_CONFIG_PROVENANCE: true + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/.github/workflows/publish-openai-sdk-python.yml b/.github/workflows/publish-openai-sdk-python.yml new file mode 100644 index 000000000..141477a84 --- /dev/null +++ b/.github/workflows/publish-openai-sdk-python.yml @@ -0,0 +1,37 @@ +name: Publish OpenAI SDK Python + +on: + push: + branches: + - main + paths: + - "packages/openai-sdk-python/pyproject.toml" + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + defaults: + run: + working-directory: ./packages/openai-sdk-python + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "3.12" + + - name: Install build dependencies + run: pip install hatchling build + + - name: Build package + run: python -m build + + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + packages-dir: packages/openai-sdk-python/dist/ diff --git a/.github/workflows/publish-pipecat-sdk-python.yml b/.github/workflows/publish-pipecat-sdk-python.yml new file mode 100644 index 000000000..a0152ce3d --- /dev/null +++ b/.github/workflows/publish-pipecat-sdk-python.yml @@ -0,0 +1,37 @@ +name: Publish Pipecat SDK Python + +on: + push: + branches: + - main + paths: + - "packages/pipecat-sdk-python/pyproject.toml" + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + defaults: + run: + working-directory: ./packages/pipecat-sdk-python + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Python + uses: actions/setup-python@v5 + with: + python-version: "3.12" + + - name: Install build dependencies + run: pip install hatchling build + + - name: Build package + run: python -m build + + - name: Publish to PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + packages-dir: packages/pipecat-sdk-python/dist/ diff --git a/.github/workflows/publish-tools.yml b/.github/workflows/publish-tools.yml new file mode 100644 index 000000000..b8d271de5 --- /dev/null +++ b/.github/workflows/publish-tools.yml @@ -0,0 +1,44 @@ +name: Publish Tools + +on: + push: + branches: + - main + paths: + - "packages/tools/package.json" + +jobs: + publish: + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write + defaults: + run: + working-directory: ./packages/tools + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Node + uses: actions/setup-node@v4 + with: + registry-url: 'https://registry.npmjs.org' + + - name: Setup Bun + uses: oven-sh/setup-bun@v2 + + - name: Setup pnpm + uses: pnpm/action-setup@v4 + + - name: Install dependencies + run: bun install + + - name: Build + run: bun run build + + - name: Publish + run: pnpm publish --access public --verbose + env: + NPM_CONFIG_PROVENANCE: true + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} From 9b32d5c95198583a9b806b1d0cca0f3fff837a60 Mon Sep 17 00:00:00 2001 From: Dhravya Shah Date: Thu, 16 Apr 2026 18:57:14 -0700 Subject: [PATCH 4/5] Update version to 0.1.1 (#862) --- packages/cartesia-sdk-python/pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/cartesia-sdk-python/pyproject.toml b/packages/cartesia-sdk-python/pyproject.toml index 18b3b2994..81dac7fd1 100644 --- a/packages/cartesia-sdk-python/pyproject.toml +++ b/packages/cartesia-sdk-python/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "hatchling.build" [project] name = "supermemory-cartesia" -version = "0.1.0" +version = "0.1.1" description = "Supermemory integration for Cartesia Line - memory-enhanced voice agents" readme = "README.md" license = "MIT" From 5493455f69ec79e41e86b903866978da819f82aa Mon Sep 17 00:00:00 2001 From: "vorflux[bot]" <249966464+vorflux[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 19:41:58 -0700 Subject: [PATCH 5/5] ci: switch npm packages to trusted publishing (OIDC) (#863) Co-authored-by: Dhravya Shah --- .github/workflows/publish-ai-sdk.yml | 25 ++++++++++++++++++---- .github/workflows/publish-memory-graph.yml | 25 ++++++++++++++++++---- .github/workflows/publish-tools.yml | 25 ++++++++++++++++++---- packages/tools/package.json | 2 +- 4 files changed, 64 insertions(+), 13 deletions(-) diff --git a/.github/workflows/publish-ai-sdk.yml b/.github/workflows/publish-ai-sdk.yml index 3f69b4212..848c7a71a 100644 --- a/.github/workflows/publish-ai-sdk.yml +++ b/.github/workflows/publish-ai-sdk.yml @@ -23,8 +23,12 @@ jobs: - name: Setup Node uses: actions/setup-node@v4 with: + node-version: '24' registry-url: 'https://registry.npmjs.org' + - name: Upgrade npm for trusted publishing support + run: npm install -g npm@latest + - name: Setup Bun uses: oven-sh/setup-bun@v2 @@ -34,11 +38,24 @@ jobs: - name: Install dependencies run: bun install + - name: Check if version changed + id: version-check + run: | + PACKAGE_NAME=$(jq -r '.name' package.json) + LOCAL_VERSION=$(jq -r '.version' package.json) + NPM_VERSION=$(npm view "$PACKAGE_NAME" version 2>/dev/null || echo "0.0.0") + if [ "$LOCAL_VERSION" = "$NPM_VERSION" ]; then + echo "Version $LOCAL_VERSION already published, skipping." + echo "changed=false" >> "$GITHUB_OUTPUT" + else + echo "Publishing $LOCAL_VERSION (npm has $NPM_VERSION)" + echo "changed=true" >> "$GITHUB_OUTPUT" + fi + - name: Build + if: steps.version-check.outputs.changed == 'true' run: bun run build - name: Publish - run: pnpm publish --access public --verbose - env: - NPM_CONFIG_PROVENANCE: true - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} \ No newline at end of file + if: steps.version-check.outputs.changed == 'true' + run: npm publish --access public --provenance diff --git a/.github/workflows/publish-memory-graph.yml b/.github/workflows/publish-memory-graph.yml index 65b24e8d2..295a45f68 100644 --- a/.github/workflows/publish-memory-graph.yml +++ b/.github/workflows/publish-memory-graph.yml @@ -23,8 +23,12 @@ jobs: - name: Setup Node uses: actions/setup-node@v4 with: + node-version: '24' registry-url: 'https://registry.npmjs.org' + - name: Upgrade npm for trusted publishing support + run: npm install -g npm@latest + - name: Setup Bun uses: oven-sh/setup-bun@v2 @@ -34,11 +38,24 @@ jobs: - name: Install dependencies run: bun install + - name: Check if version changed + id: version-check + run: | + PACKAGE_NAME=$(jq -r '.name' package.json) + LOCAL_VERSION=$(jq -r '.version' package.json) + NPM_VERSION=$(npm view "$PACKAGE_NAME" version 2>/dev/null || echo "0.0.0") + if [ "$LOCAL_VERSION" = "$NPM_VERSION" ]; then + echo "Version $LOCAL_VERSION already published, skipping." + echo "changed=false" >> "$GITHUB_OUTPUT" + else + echo "Publishing $LOCAL_VERSION (npm has $NPM_VERSION)" + echo "changed=true" >> "$GITHUB_OUTPUT" + fi + - name: Build + if: steps.version-check.outputs.changed == 'true' run: bun run build - name: Publish - run: pnpm publish --access public --verbose - env: - NPM_CONFIG_PROVENANCE: true - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + if: steps.version-check.outputs.changed == 'true' + run: npm publish --access public --provenance diff --git a/.github/workflows/publish-tools.yml b/.github/workflows/publish-tools.yml index b8d271de5..9d745203c 100644 --- a/.github/workflows/publish-tools.yml +++ b/.github/workflows/publish-tools.yml @@ -23,8 +23,12 @@ jobs: - name: Setup Node uses: actions/setup-node@v4 with: + node-version: '24' registry-url: 'https://registry.npmjs.org' + - name: Upgrade npm for trusted publishing support + run: npm install -g npm@latest + - name: Setup Bun uses: oven-sh/setup-bun@v2 @@ -34,11 +38,24 @@ jobs: - name: Install dependencies run: bun install + - name: Check if version changed + id: version-check + run: | + PACKAGE_NAME=$(jq -r '.name' package.json) + LOCAL_VERSION=$(jq -r '.version' package.json) + NPM_VERSION=$(npm view "$PACKAGE_NAME" version 2>/dev/null || echo "0.0.0") + if [ "$LOCAL_VERSION" = "$NPM_VERSION" ]; then + echo "Version $LOCAL_VERSION already published, skipping." + echo "changed=false" >> "$GITHUB_OUTPUT" + else + echo "Publishing $LOCAL_VERSION (npm has $NPM_VERSION)" + echo "changed=true" >> "$GITHUB_OUTPUT" + fi + - name: Build + if: steps.version-check.outputs.changed == 'true' run: bun run build - name: Publish - run: pnpm publish --access public --verbose - env: - NPM_CONFIG_PROVENANCE: true - NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + if: steps.version-check.outputs.changed == 'true' + run: npm publish --access public --provenance diff --git a/packages/tools/package.json b/packages/tools/package.json index f58a48f79..c4a39da4e 100644 --- a/packages/tools/package.json +++ b/packages/tools/package.json @@ -1,7 +1,7 @@ { "name": "@supermemory/tools", "type": "module", - "version": "1.4.02", + "version": "1.4.4", "description": "Memory tools for AI SDK and OpenAI function calling with supermemory", "scripts": { "build": "tsdown",