Commit graph

14 commits

Author SHA1 Message Date
jottakka
fe8ddfd500
[TOO-326] Windows papercuts (#768)
<!-- CURSOR_SUMMARY -->
> [!NOTE]
> **Medium Risk**
> Touches authentication/login flow, credentials-file permissions, and
subprocess lifecycle behavior across platforms; while mostly defensive,
regressions could impact login or process management on Windows/macOS
runners.
> 
> **Overview**
> Improves Windows/cross-platform reliability across the CLI and MCP
server: OAuth login now binds the callback server to `127.0.0.1`, avoids
slow loopback reverse-DNS, adds a configurable callback timeout
(`--timeout` + env default), and opens URLs via a Windows-friendly
`_open_browser` to avoid flashing console windows.
> 
> Centralizes CLI output via a shared `console` that forces UTF-8 on
Windows, standardizes UTF-8 file reads/writes throughout, tightens
credentials-file permissions on Windows using `icacls`, and adds shared
Windows subprocess helpers for **no-window** process creation and
graceful termination (used by `deploy`, MCP reload, and usage-tracking
worker).
> 
> Updates client configuration UX/robustness (Windows AppData resolution
via `platformdirs`, Cursor config path fallbacks + compatibility writes,
overwrite warnings, absolute `uv` path for GUI clients, safer path
display) and improves `deploy` child-process handling to avoid
pipe-buffer deadlocks while giving better debug-aware error messages.
> 
> Expands CI to run tests on Linux/Windows/macOS, adds a no-auth CLI
integration workflow, disables usage tracking in toolkits CI, and adds
extensive regression tests for Windows signals, subprocess cleanup,
UTF-8, and config-path edge cases; bumps `arcade-core` to `4.4.2` and
`arcade-mcp-server` to `1.17.2` (with updated dependency pin).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
0fabd8ca1cd647039ba6ddbdf3f7809c330bab9e. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
2026-02-25 13:18:16 -03:00
Evan Tahler
57d5d314e0
Run all tests with dependabot (#727)
<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Removes the dependabot exclusion so secret-backed toolkit tests run on
any non-fork PR.
> 
> - **CI (GitHub Actions)**
> - Update `if` condition in `/.github/workflows/test-toolkits.yml` for
"Test stand-alone toolkits (with secrets)":
> - Remove `github.actor != 'dependabot[bot]'`, leaving only
`!github.event.pull_request.head.repo.fork` to allow tests with secrets
on non-fork PRs (including dependabot).
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
fab42ac63abe305cc5f5344ab6bcb8386c541fb6. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
2025-12-12 17:35:15 -08:00
dependabot[bot]
324a148b5b
Bump authlib from 1.3.0 to 1.6.5 (#724)
Bumps [authlib](https://github.com/authlib/authlib) from 1.3.0 to 1.6.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/authlib/authlib/releases">authlib's
releases</a>.</em></p>
<blockquote>
<h2>v1.6.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Add a <code>request</code> param to RFC7591
<code>generate_client_info</code> and
<code>generate_client_secret</code> methods by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/825">authlib/authlib#825</a></li>
<li>feat: support list params in prepare_grant_uri by <a
href="https://github.com/lisongmin"><code>@​lisongmin</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/827">authlib/authlib#827</a></li>
<li>chore(deps): bump SonarSource/sonarqube-scan-action from 5 to 6 in
/.github/workflows by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/authlib/authlib/pull/828">authlib/authlib#828</a></li>
<li>fix(jose): add max size for JWE zip=DEF decompression by <a
href="https://github.com/lepture"><code>@​lepture</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/830">authlib/authlib#830</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lisongmin"><code>@​lisongmin</code></a>
made their first contribution in <a
href="https://redirect.github.com/authlib/authlib/pull/827">authlib/authlib#827</a></li>
<li><a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
made their first contribution in <a
href="https://redirect.github.com/authlib/authlib/pull/828">authlib/authlib#828</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/authlib/authlib/compare/v1.6.4...v1.6.5">https://github.com/authlib/authlib/compare/v1.6.4...v1.6.5</a></p>
<h2>v1.6.4</h2>
<h2>What's Changed</h2>
<ul>
<li>fix(jose): prevent public/unprotected header overwriting protected
header by <a
href="https://github.com/lepture"><code>@​lepture</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/809">authlib/authlib#809</a></li>
<li>Fix <code>InsecureTransportError</code> raising by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/810">authlib/authlib#810</a></li>
<li>Add conventional-commits pre-commit hook by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/811">authlib/authlib#811</a></li>
<li>Fix response_mode=form_post with Starlette client by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/812">authlib/authlib#812</a></li>
<li>Specify README.md as project long description by <a
href="https://github.com/EpicWink"><code>@​EpicWink</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/817">authlib/authlib#817</a></li>
<li>Migrate tests to pytest paradigm by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/813">authlib/authlib#813</a></li>
<li>jose/jws: Reject unprotected ‘crit’ and enforce type; add tests by
<a href="https://github.com/AL-Cybision"><code>@​AL-Cybision</code></a>
in <a
href="https://redirect.github.com/authlib/authlib/pull/823">authlib/authlib#823</a></li>
<li>Use explicit *.test urls in unit tests by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/824">authlib/authlib#824</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/EpicWink"><code>@​EpicWink</code></a>
made their first contribution in <a
href="https://redirect.github.com/authlib/authlib/pull/817">authlib/authlib#817</a></li>
<li><a
href="https://github.com/AL-Cybision"><code>@​AL-Cybision</code></a>
made their first contribution in <a
href="https://redirect.github.com/authlib/authlib/pull/823">authlib/authlib#823</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/authlib/authlib/compare/v1.6.3...v1.6.4">https://github.com/authlib/authlib/compare/v1.6.3...v1.6.4</a></p>
<h2>Version 1.6.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Add diff-cover check in GHA by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/803">authlib/authlib#803</a></li>
<li>Run GHA unit tests with uv by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/805">authlib/authlib#805</a></li>
<li>Move from pre-commit to prek by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/804">authlib/authlib#804</a></li>
<li>Sign OIDC id_token according to
<code>id_token_signed_response_alg</code> client metadata by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/802">authlib/authlib#802</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/authlib/authlib/compare/v1.6.2...v1.6.3">https://github.com/authlib/authlib/compare/v1.6.2...v1.6.3</a></p>
<h2>Version 1.6.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Allow insecure transport for 127.0.0.1 for debugging by <a
href="https://github.com/geigerzaehler"><code>@​geigerzaehler</code></a>
in <a
href="https://redirect.github.com/authlib/authlib/pull/788">authlib/authlib#788</a></li>
<li>Raise a MissingCodeError when code parameter is missing by <a
href="https://github.com/lepture"><code>@​lepture</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/786">authlib/authlib#786</a></li>
<li>Temporarily restore OAuth2Request body parameter by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/791">authlib/authlib#791</a></li>
<li>Raise MissingCodeException when code parameter is missing by <a
href="https://github.com/lepture"><code>@​lepture</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/794">authlib/authlib#794</a></li>
<li>Fix id_token generation with EdDSA alg by <a
href="https://github.com/azmeuk"><code>@​azmeuk</code></a> in <a
href="https://redirect.github.com/authlib/authlib/pull/800">authlib/authlib#800</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/authlib/authlib/compare/v1.6.1...v1.6.2">https://github.com/authlib/authlib/compare/v1.6.1...v1.6.2</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/authlib/authlib/blob/main/docs/changelog.rst">authlib's
changelog</a>.</em></p>
<blockquote>
<h2>Version 1.6.5</h2>
<p><strong>Released on Oct 2, 2025</strong></p>
<ul>
<li>RFC7591 <code>generate_client_info</code> and
<code>generate_client_secret</code> take a <code>request</code>
parameter.</li>
<li>Add size limitation when decode JWS/JWE to prevent DoS.</li>
<li>Add size limitation for <code>DEF</code> JWE zip algorithm.</li>
</ul>
<h2>Version 1.6.4</h2>
<p><strong>Released on Sep 17, 2025</strong></p>
<ul>
<li>Fix <code>InsecureTransportError</code> error raising.
:issue:<code>795</code></li>
<li>Fix <code>response_mode=form_post</code> with Starlette client.
:issue:<code>793</code></li>
<li>Validate <code>crit</code> header value, reject unprotected header
in <code>crit</code> header.</li>
</ul>
<h2>Version 1.6.3</h2>
<p><strong>Released on Aug 26, 2025</strong></p>
<ul>
<li>OIDC <code>id_token</code> are signed according to
<code>id_token_signed_response_alg</code>
client metadata. :issue:<code>755</code></li>
</ul>
<h2>Version 1.6.2</h2>
<p><strong>Released on Aug 23, 2025</strong></p>
<ul>
<li>Temporarily restore <code>OAuth2Request</code> <code>body</code>
parameter. :issue:<code>781</code> :pr:<code>791</code></li>
<li>Allow <code>127.0.0.1</code> in insecure transport mode.
:pr:<code>788</code></li>
<li>Raise <code>MissingCodeException</code> when the <code>code</code>
parameter is missing. :issue:<code>793</code> :pr:<code>794</code></li>
<li>Fix <code>id_token</code> generation with <code>EdDSA</code> algs.
:issue:<code>799</code> :pr:<code>800</code></li>
</ul>
<h2>Version 1.6.1</h2>
<p><strong>Released on Jul 20, 2025</strong></p>
<ul>
<li>Filter key set with additional &quot;alg&quot; and &quot;use&quot;
parameters.</li>
<li>Restore and deprecate <code>OAuth2Request</code> <code>body</code>
parameter. :issue:<code>781</code></li>
</ul>
<h2>Version 1.6.0</h2>
<p><strong>Released on May 22, 2025</strong></p>
<ul>
<li>Fix issue when :rfc:<code>RFC9207 &lt;9207&gt;</code> is enabled and
the authorization endpoint response is not a redirection.
:pr:<code>733</code></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9ec42561cd"><code>9ec4256</code></a>
chore: release 1.6.5</li>
<li><a
href="b62b5b2757"><code>b62b5b2</code></a>
Merge branch 'fix-GHSA-pq5p-34cr-23v9'</li>
<li><a
href="e0863d5129"><code>e0863d5</code></a>
Merge pull request <a
href="https://redirect.github.com/authlib/authlib/issues/830">#830</a>
from authlib/fix-GHSA-g7f3-828f-7h7m</li>
<li><a
href="867e3f87b0"><code>867e3f8</code></a>
fix(jose): add size limitation to prevent DoS</li>
<li><a
href="75ad6d4d62"><code>75ad6d4</code></a>
Merge pull request <a
href="https://redirect.github.com/authlib/authlib/issues/828">#828</a>
from authlib/dependabot/github_actions/dot-github/wor...</li>
<li><a
href="68b982352d"><code>68b9823</code></a>
chore(deps): bump SonarSource/sonarqube-scan-action</li>
<li><a
href="5bdfc4bfff"><code>5bdfc4b</code></a>
Merge pull request <a
href="https://redirect.github.com/authlib/authlib/issues/827">#827</a>
from lisongmin/support-list-params-in-prepare-grant-uri</li>
<li><a
href="30ea3c5f85"><code>30ea3c5</code></a>
feat: support list params in prepare_grant_uri</li>
<li><a
href="4b5b570339"><code>4b5b570</code></a>
fix(jose): add max size for JWE zip=DEF decompression</li>
<li><a
href="6e35a02ecf"><code>6e35a02</code></a>
Merge pull request <a
href="https://redirect.github.com/authlib/authlib/issues/825">#825</a>
from azmeuk/request-params</li>
<li>Additional commits viewable in <a
href="https://github.com/authlib/authlib/compare/v1.3.0...v1.6.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=authlib&package-manager=pip&previous-version=1.3.0&new-version=1.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/ArcadeAI/arcade-mcp/network/alerts).

</details>

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Skip GHA secret-backed toolkit tests for dependabot, add Dockerized
Postgres test setup and default to postgres user, and bump authlib to
1.6.5.
> 
> - **CI**:
> - Update `Test stand-alone toolkits (with secrets)` condition to also
exclude `github.actor == 'dependabot[bot]'`.
>   - Execute optional `tests/test_setup.sh` before pytest when present.
> - **Postgres toolkit tests**:
> - Default `POSTGRES_DATABASE_CONNECTION_STRING` user changed to
`postgres` in `toolkits/postgres/tests/test_postgres.py`.
> - Add `toolkits/postgres/tests/test_setup.sh` to spin up a Docker
`postgres` and wait until ready.
> - **Dependencies**:
>   - Upgrade `authlib` to `1.6.5` in `pyproject.toml`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
f3600e7536a409ecd8e645f473d747b9ba363765. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Cursor Agent <cursoragent@cursor.com>
Co-authored-by: evan <evan@arcade.dev>
2025-12-12 17:16:14 -08:00
Evan Tahler
766a262a25
MongoDB analytics toolkit (#548)
Design System: https://github.com/ArcadeAI/Design-System/pull/31
Docs: https://github.com/ArcadeAI/docs/pull/439

<img width="832" height="797" alt="Screenshot 2025-09-11 at 2 35 36 PM"
src="https://github.com/user-attachments/assets/198f194f-d41c-41a0-bedf-b77bccd70dfa"
/>
2025-09-12 18:41:23 -07:00
Mateo Torres
a97450b3af
Mateo/lchainversion (#551) 2025-09-08 18:29:32 -03:00
Evan Tahler
a85fa76997
Clickhouse Toolkit (#527)
Generated from the postgres toolkit
2025-08-05 14:05:09 -07:00
Eric Gustin
b50726d044
Remove Toolkits (#512)
As of today, Arcade's toolkits are moving to closed-source.  

Toolkit source code remains available upon request for our paying
customers. The history of this repository contains the toolkits as of
their most recent publication under their previous license terms.
2025-07-24 16:45:24 -07:00
Evan Tahler
e1cf58fe1b
skip tests with GHA secrets on forks (#496) 2025-07-17 10:27:24 -07:00
Evan Tahler
b81bb86dfb
Skip tests that require secrets in forks (#495)
We know that forks won't have our secrets, so we separate those toolkits
out to new a new test group and skip them if you aren't in this main
repo. We know if a test suite has a secret via a magic comment

---------

Co-authored-by: Eric Gustin <34000337+EricGustin@users.noreply.github.com>
2025-07-16 16:53:26 -07:00
Evan Tahler
40cdf2018d
Postgres Database Toolkit (#459)
Adds an example of a good "general case" SQL tool:
* enforces read-only mode
* hints to the LLM to discover the tables and schemas for the tables it
needs before any query
* uses RetryableToolErrors to hint to the LLM about what to do next

Docs: https://github.com/ArcadeAI/docs/pull/345

For testing, `TEST_POSTGRES_DATABASE_CONNECTION_STRING` has been set in
the repo (from Neon). details in 1 password.

<img width="1178" height="1091"
alt="464977013-49aff5e5-e301-4ca0-83b5-3ea742db2283"
src="https://github.com/user-attachments/assets/9344c27b-015d-4b91-907e-84f2e4193e16"
/>
2025-07-11 17:30:40 -07:00
Eric Gustin
07c52100f3
Split and rename multiple toolkits (#438)
# PR Description
## Split toolkits

This PR splits the `Microsoft`, `Google`, and `Search` toolkits into
multiple toolkits each.
 * `Microsoft` --> `OutlookCalendar`, `OutlookMail`.
* `Google` -----> `GoogleCalendar`, `GoogleContacts`, `GoogleDocs`,
`GoogleDrive`, `Gmail`, `GoogleSheets`
* `Search` -----> `GoogleFinance`, `GoogleFlights`, `GoogleHotels`,
`GoogleJobs`, `GoogleMaps`, `GoogleNews`, `GoogleSearch`,
`GoogleShopping`, `Walmart`, `Youtube`

> The original monolithic toolkits (`Microsoft`, `Google`, `Search`) are
not removed in this PR. The plan is to keep those toolkits around while
we
> 1. Stop documenting the toolkits, 
> 2. Stop displaying the toolkits in the dashboard, and 
> 3. Help customers migrate over to the new split toolkits.

## Rename toolkits
This PR renames the following toolkits 
* `Web` ------------> `Firecrawl`
* `CodeSandbox` ---> `E2B`

> The `Web` and `CodeSandbox` toolkits are not removed in this PR. The
plan is to keep them around while we
> 1. Stop documenting the toolkits, 
> 2. Stop displaying the toolkits in the dashboard, and 
> 3. Help customers migrate over to the new renamed toolkits.

## Rename tools
Since toolkit names were changed, this called for some tools to be
renamed as well.
* `GoogleSearch.SearchGoogle` ----------------> `GoogleSearch.Search`
* `GoogleShopping.SearchShoppingProducts` --->
`GoogleShopping.SearchProducts`
* `Walmart.SearchWalmartProducts` ------------> `Walmart.SearchProducts`
* `Walmart.GetWalmartProductDetails` --------->
`Walmart.GetProductDetails`
* `Youtube.SearchYoutubeVideos` -------------->
`Youtube.SearchForVideos`

## Google File Picker
Improvements to the Google File Picker experience were also added in
this PR.

The following tools will ALWAYS provide llm_instructions in their
response to "let the end-user know that they have the option to select
more files via the file picker url if they want to":
* `GoogleDocs.SearchDocuments`
* `GoogleDocs.SearchAndRetrieveDocuments`
* `GoogleDrive.GetFileTreeStructure`

The following tools will only provide the file picker URL if a 404 or
403 from the Google API:
* `GoogleDocs.InsertTextAtEndOfDocument`
* `GoogleDocs.GetDocumentById`
* `GoogleSheets.GetSpreadsheet`
* `GoogleSheets.WriteToCell`

Also, a standalone `GoogleDrive.GenerateGoogleFilePickerUrl` tool
exists.

## Other
* The `SearchDocuments` and `SearchAndRetrieveDocuments` tools used to
be organized within the Drive portion of the Google toolkit, but I moved
these into the new GoogleDocs toolkit because they are specific to Docs.

# Progress

- [x] `OutlookCalendar`
- [x] `OutlookMail`
- [x] `GoogleFinance`
- [x] `GoogleFlights`
- [x] `GoogleHotels`
- [x] `GoogleJobs`
- [x] `GoogleMaps`
- [x] `GoogleNews`
- [x] `GoogleSearch`
- [x] `GoogleShopping`
- [x] `Walmart`
- [x] `Youtube`
- [x] `GoogleCalendar`
- [x] `GoogleContacts`
- [x] `GoogleDocs`
- [x] `GoogleDrive`
- [x] `Gmail`
- [x] `GoogleSheets`
- [x] `Firecrawl`
- [x] `E2B`
- [x] File picker

# Discussion
* Repeated code is a consequence of splitting toolkits that use the same
provider. I am open to any ideas that would allow multiple toolkits to
reference common code. Comment your ideas in this PR.
2025-07-09 16:00:09 -07:00
Sam Partee
b6b4cd0a4c
🏗️ Restructure: Multi-Package Architecture + uv Migration (#412)
### Overview
Major restructuring from monolithic `arcade-ai` package to modular
library architecture with standardized uv-based dependency management.

![arcade-ai Monorepo
(2)](https://github.com/user-attachments/assets/25f102b0-bb87-4a04-9701-d227d05664b1)

### New Package Structure
- **`arcade-tdk`** - Lightweight toolkit development kit (core
decorators, auth)
- **`arcade-core`** - Core execution engine and catalog functionality  
- **`arcade-serve`** - FastAPI/MCP server components
- **`arcade-ai`** - Meta package that includes CLI functionality.
Optionally include evals via the `evals` extra. Optionally include all
packages via the `all` extra.

### Key Benefits
- **Lighter Dependencies**: Toolkits now depend only on `arcade-tdk` (~2
deps) vs full `arcade-ai` (~30+ deps)
- **Faster Builds**: uv provides 10-100x faster dependency resolution
and installation
- **Better Modularity**: Clear separation of concerns, consumers import
only what they need
- **Standard Tooling**: Eliminates custom poetry scripts, uses standard
Python packaging

### Migration Impact
- All 20 toolkits converted from poetry → uv with `arcade-tdk`
dependencies plus `arcade-ai[evals]` and `arcade-serve` dev
dependencies. When developing locally, devs should install toolkits via
`make install-local`.
- Modern Python 3.10+ type hints throughout
- Standardized build system with hatchling backend
- Enhanced Makefile with robust toolkit management commands
- Removed `arcade dev` CLI command
- Reduce the number of files created by `arcade new` and add an option
to not generate a tests and evals folder.

This foundation enables faster development cycles and cleaner dependency
chains for the growing toolkit ecosystem.

### Todo After this PR is merged
- [ ] Post-merge workflow(s) (release & publish containers, etc)
- [ ] Release order plan. @EricGustin suggests releasing in the
following order:
    1. `arcade-core` version 0.1.0
    2. `arcade-serve` version 0.1.0 and `arcade-tdk` version 0.1.0
    3. `arcade-ai` version 2.0.0
4. Patch release for all toolkits (all changes in toolkits are internal
refactors)
- [ ] [Update docs](https://github.com/ArcadeAI/docs/pull/318)

---------

Co-authored-by: Eric Gustin <eric@arcade.dev>
Co-authored-by: Eric Gustin <34000337+EricGustin@users.noreply.github.com>
2025-06-11 16:48:17 -07:00
Eric Gustin
feb83c95ca
Pin poetry to 1.8.5 (#193)
# PR Description
Poetry released v2 with many breaking changes a couple days ago. The
`install-poetry` action that our workflows use default to that v2
version, so many of our workflows are failing. This PR forces that
action to use poetry version 1.8.5 and also uses 1.8.5 for toolkits

A ticket to migrate to 2.0.0 has been filed for future work
2025-01-07 13:21:55 -08:00
Eric Gustin
ab889f9f1d
Lint all toolkits (#183)
# PR Description
* Adds/updates the following files to all toolkits:
    - `.pre-commit-config.yaml`
    - `.ruff.toml`
    - `LICENSE`
    - `Makefile`
    - `pyproject.toml`
* Lint all toolkits such that they pass `make check` and `make test` (a
total doozy). This includes adding some unit tests and evals.
* Github workflow for testing toolkits before merge into main (courtesy
of @sdreyer)
* Added a QOL improvement for tool developers for when they need to get
the context's auth token.
* Minor updates to `arcade new` template.
2024-12-20 09:49:45 -08:00