chore(deps): bump @adcp/sdk 7.7 → 7.10.2 + adopt 7.8/7.10 surfaces

[bokelley]

Summary

Catches the spec repo up on the @adcp/sdk 7.x line and adopts two new surfaces it unblocks. Three logical changes, each as its own commit:

1. Bump @adcp/sdk 7.7 → 7.10.2 — picks up the 7.8 storyboard-runner lifts (audience inverse, creative_approvals[] walk), the 7.8 ctx.input surface on v6 platform methods, the 7.9 ctx-metadata resource round-trip, and 7.10's fetchAgentAuthorizationsFromDirectory + typed AGENT_SUSPENDED/AGENT_BLOCKED codes. 7.10.0 and 7.10.1 shipped the v2/projection cluster (Creative Formats v2, RFC RFC: Creative Formats v2 — canonical formats live on products, composition primitives, validate_input #3305) with packaging gaps that crashed /sales storyboards; both fixed in the 7.10.x line via adcp-client#1909 (catalog) and adcp-client#1917 (registry).
2. Adopt ctx.input in v6 platform shims — syncCreatives in v6-sales-platform.ts, v6-creative-platform.ts, v6-creative-builder-platform.ts now threads dry_run and inline assignments[] through to handleSyncCreatives. syncAccountsUpsert in v6-account-helpers.ts threads dry_run to handleSyncAccounts. Fixes the silent-drop bug from adcp-client#1842 — the v6 typed signatures previously dropped these fields between the framework and our v5 handlers.
3. Wire the AAO directory inverse-lookup into the e2e script — scripts/e2e-resolve-training-agent.ts now optionally calls fetchAgentAuthorizationsFromDirectory after the forward chain, pairing the SDK consumer wrapper with PR feat(server): implement /v1/agents/{agent_url}/publishers directory endpoint #4836's server endpoint for an end-to-end demo.

Matrix on 7.10.2

	floor	actual	Δ
/signals	74 / 111	81 / 111	+7 / 0
/sales	74 / 380	78 / 402	+4 / +22
/governance	73 / 151	80 / 155	+7 / +4
/creative	73 / 169	79 / 177	+6 / +8
/creative-builder	70 / 146	76 / 152	+6 / +6
/brand	73 / 96	80 / 96	+7 / 0

Held identical after the ctx.input adoption (no storyboard currently exercises dry_run or inline assignments[] on these paths — the threading is dormant infrastructure until an adopter or future storyboard reaches for it). Floors unchanged; ratcheting them is a separate follow-up once CI confirms the new numbers across a couple of runs.

Audit not requiring change

• AGENT_SUSPENDED / AGENT_BLOCKED — 7.10 ships typed codes for buyer-agent suspension. The training-agent's BuyerAgentRegistry always returns status: 'active' (buyer-agent-registry.ts:85); it doesn't model buyer-agent suspension, so neither the legacy PERMISSION_DENIED + {scope:'agent',status:'suspended'} shape nor the new typed codes have a firing site. The 7.10 codes are future-proofing for whenever a force-suspend scenario gets added.

Newly unblocked

• training-agent: re-add identity.brand_json_url emit after 3.1 SDK pin bump #3842 (identity.brand_json_url emit) — gated on the SDK bundling 3.1 schemas with the new field. 7.10.2's dist/lib/schemas-data/3.1.0-beta.2/ ships them. Revert of commit 89c38e74c in framework-server.ts + task-handlers.ts handleGetAdcpCapabilities is now safe. Not done in this PR (separate fix); confirmed unblocked by running --inproc against the current branch — failure mode is request_signature_brand_json_url_missing exactly as the issue describes.

Test plan

• npm run typecheck
• 7 SDK-touching unit test files, 64 tests passing locally
• pickFromInput covered by 5 new tests in v6-input-helpers.test.ts
• bash scripts/run-storyboards-matrix.sh — all six tenants over floor on both 7.10.2-only and 7.10.2 + ctx.input commits
• CI confirms the same numbers

🤖 Generated with Claude Code

[aao-release-bot]

LGTM. Pure SDK bump 7.7.0 → 7.10.2, two files, no wire-touching surface, storyboard matrix posted above floor on all six tenants.

Things I checked

• Diff is package.json + package-lock.json only. No static/schemas/source/**, no docs/reference/**, no mintlify-docs/reference/**, no spec-build scripts → changeset correctly omitted.
• Lockfile picks up a new optional redis peerDependency (^4.6.0 || ^5.0.0) on @adcp/sdk. Optional, so adcp does not need to install it — confirmed via peerDependenciesMeta.redis.optional: true at package-lock.json:167.
• SDK consumers exist across server/src/** and scripts/** (mcp-tools, http, storyboards, v6 training-agent shims, smoke-conformance). Test plan claims npm run typecheck clean and 64 SDK-touching unit tests pass. CI will confirm.
• Storyboard matrix in the description: every tenant ratchets up (/sales +4 floor, +22 actual; /governance +7/+4; /creative +6/+8). No regressions. Floors held without modification — the right call to ratchet in a separate PR after CI stabilizes.

Follow-ups (non-blocking — already noted in PR description)

• ctx.input adoption in v6 platform shims (v6-sales-platform.ts, v6-account-helpers.ts) — the shims still destructure to v5 handlers and silently drop assignments[], delete_missing, dry_run, validation_mode. Unblocked by 7.8 but not exercised here.
• AGENT_SUSPENDED / AGENT_BLOCKED emission audit — switch any lingering PERMISSION_DENIED + details.{scope:'agent',status:'suspended'} sites to the typed codes from 7.10.
• Directory inverse-lookup wiring in scripts/e2e-resolve-training-agent.ts to demo the chain end-to-end with PR #4836.
• Ratchet storyboard floors once CI confirms the new numbers across a couple of runs.

Ship it once CI validates the matrix.

[aao-release-bot]

LGTM. Clean dep bump — package.json + lockfile + changeset only, no source touched, spec wire shape unchanged.

Things I checked

• Diff is 3 files, 18/-5: package.json, package-lock.json, .changeset/sdk-7-10-2-bump.md. No source code changes — every behavior change is inside the dependency itself.
• package.json:99 and package-lock.json:11 both move @adcp/sdk floor from ^7.7.0 → ^7.10.2. Consistent.
• Changeset type is patch for adcontextprotocol (.changeset/sdk-7-10-2-bump.md:2). Right call — the consumer-side SDK floor moves, but no schemas under static/schemas/source/** change and no docs/reference/** shifts. The wire shape adopters see is unchanged.
• Lockfile picks up a new optional peer dep on redis: ^4.6.0 || ^5.0.0 (package-lock.json:158,167-169). Additive and marked optional in peerDependenciesMeta — non-breaking for adopters that don't pull redis.
• Storyboard matrix in the body shows all six tenants over floor (+4 to +22 on actuals). Floors held without modification — ratcheting is correctly deferred.
• 7.10.0/7.10.1 packaging gaps that crashed /sales storyboards are called out as fixed in 7.10.2 via adcp-client#1909 and #1917 — the bump skips landing on a known-broken minor.

Follow-ups (non-blocking — already enumerated in the PR body)

• ctx.input adoption in server/src/training-agent/v6-sales-platform.ts / v6-account-helpers.ts shims is unblocked by this bump; currently silently drops assignments[], delete_missing, dry_run, validation_mode on sync_creatives/sync_audiences/sync_accounts.
• AGENT_SUSPENDED / AGENT_BLOCKED emission audit (adcp-client#1406 / adcp#3906) to retire any legacy PERMISSION_DENIED + details.{scope:'agent',status:'suspended'} shapes.
• Directory inverse-lookup wiring in scripts/e2e-resolve-training-agent.ts, pairing with #4836 and fetchAgentAuthorizationsFromDirectory.

Minor nits (non-blocking)

1. Unchecked CI box. [ ] CI confirms the same numbers in the test plan is the only remaining gate; at review time code_review, TypeScript Build, Server integration tests, and 5 of 6 storyboard jobs are still IN_PROGRESS. Not a block — local matrix is over floor on all six tenants and unit tests pass — but the matrix numbers in the body are the actual verification surface for this bump. Self-merge after CI lands.

Ship it once CI validates the matrix.

[aao-release-bot]

LGTM. Follow-ups noted below. SDK bump is a no-spec-change patch and the v6→v5 shim fix is the right shape — a typed-signature-drop is exactly what ctx.input is for.

Things I checked

• pickFromInput (v6-input-helpers.ts) only lifts an explicit allowlist; spread order at all four call sites (v6-sales-platform.ts:262, v6-creative-platform.ts:160, v6-creative-builder-platform.ts:151, v6-account-helpers.ts:67) cannot let a hostile ctx.input.creatives/brand/accounts override the typed first-arg because the return type is locked to Partial<Record<'assignments' | 'dry_run', unknown>>.
• v5 handleSyncCreatives actually consumes both threaded fields — req.dry_run at task-handlers.ts:2679, req.assignments at task-handlers.ts:2777. The PR description and changeset claims hold.
• delete_missing correctly left out of the v6-account-helpers.ts lift — account-handlers.ts doesn't implement it; threading would be inert. Comment says so.
• Both changesets are patch. Correct — wire shape unchanged, internal-only ergonomics fix on the training agent.
• Storyboard matrix in PR body shows floors held across all six tenants. CI gate on those numbers is the right next step.
• Helper test covers presence, absence, falsy preservation, undefined input, and empty-overlap. Five cases is light for an untrusted-input frontier but exercises the documented contract.

Follow-ups (non-blocking — file as issues)

• sync_audiences not yet threaded. v6-sales-platform.ts:342 still hands audienceList + a synthesised idempotency_key only — dry_run/delete_missing/validation_mode from the envelope are dropped. PR body acknowledges this as a follow-up; worth tracking alongside delete_missing on sync_accounts so the v5 handlers grow the field and the lift wires up in one pass.
• Floor ratcheting. Numbers in the matrix (+22 on /sales, +8 on /creative, etc.) are real headroom. Ratchet after two clean CI runs so we don't burn the cushion on flake.

Minor nits (non-blocking)

1. key in input walks the prototype chain. v6-input-helpers.ts:24. The doc comment promises buyer-controlled, untrusted handling — Object.hasOwn(input, key) would lock the promise in. Lifted keys (dry_run, assignments) aren't on Object.prototype, so this is defense-in-depth, not a live exploit. One-line tighten.
2. Test gap on the untrusted-input frontier. v6-input-helpers.test.ts has no case for non-object input (string/array/null vs undefined) and no prototype-pollution sanity check (assert an inherited dry_run is NOT lifted). If you take the Object.hasOwn change, add the pollution case to lock the behavior.
3. Two patch changesets ship as a unit. Acceptable as-is; one merged entry would read cleaner in the CHANGELOG since the shim fix is what the SDK bump exists to enable. Notable but not worth a respin.

Approved.

[aao-release-bot]

Approved. SDK dependency bump plus the v6-shim ctx.input lift that fixes the documented silent-drop from adcp-client#1842 — three contained commits, three changesets, clean test coverage on the helper.

Things I checked

• pickFromInput field-name allowlist is the security barrier, not spread order. A buyer putting creatives or brand into ctx.input cannot reach fromInput because the call sites pass fixed lists ['assignments', 'dry_run'] (v6-sales-platform.ts:262-266, v6-creative-platform.ts:158-162, v6-creative-builder-platform.ts:149-150) and ['dry_run'] (v6-account-helpers.ts:69). The spreads { creatives, ...fromInput, ... } and { accounts: refs, ...fromInput } are safe regardless of order.
• Treatment of ctx.input matches the SDK's "untrusted, buyer-controlled" guidance — named-field lift, no wholesale log, v5 handler still validates shape.
• 7.10.2 packaging — adds optional redis peer dep (package-lock.json:158); additive, no install break for existing consumers.
• Three changesets, all patch. Wire surface unchanged, dependency bump and internal shim threading — patch is correct.
• e2e script: directory URL defaults to <base-url>/api matching the server/src/http.ts mount point, errors are caught and reported per the documented "forward chain is the primary contract" stance (scripts/e2e-resolve-training-agent.ts:516-519).
• Storyboard-floor claim ("Floors unchanged") consistent with the diff — no floor config touched.

Follow-ups (non-blocking — file as issues)

• server/src/training-agent/v6-input-helpers.ts:24 — key in input walks the prototype chain. With fixed-string allowlists this is inert today, but Object.prototype.hasOwnProperty.call(input, key) is stricter and reads better against the "untrusted" comment two lines above.
• server/tests/unit/v6-input-helpers.test.ts — missing the explicit allowlist-barrier assertion: pickFromInput({ creatives: 'evil', dry_run: true }, ['dry_run']) yielding only { dry_run: true }. That's the property the call sites rely on; worth pinning down.
• The unchecked [ ] CI confirms the same numbers is the right call to leave open until CI runs the matrix, but the floors do warrant a ratchet PR once two clean runs land.

Minor nits (non-blocking)

1. Comment the allowlist barrier at call sites. v6-sales-platform.ts:243-247 already documents the spread-order convention for updateMediaBuy; a reader hitting syncCreatives at L262 might assume the same applies. One line noting "allowlist in pickFromInput is the barrier, spread order is incidental" would close the loop.
2. scripts/e2e-resolve-training-agent.ts:441-445 — args.indexOf('--directory') + args[idx+1] silently falls through to the default when --directory is the last arg with no value. Brittle for an e2e script; not load-bearing.

The dormant-infrastructure framing is honest — threading dry_run/assignments through with no storyboard exercising them yet is the right shape; you'd rather have the silent-drop fixed before an adopter trips it than after.

LGTM. Follow-ups noted below.