@flowget/engine
v0.2.1
Published
Workflow execution substrate for Flowget — a Temporal-backed graph walker with a node registry, decorators, lifecycle events, human-in-the-loop signal primitives, and graph validators, consumed by the Flowget worker and CLI.
Maintainers
Readme
@flowget/engine
The workflow execution substrate for Flowget — a Temporal-backed graph walker with a node registry, decorators, lifecycle events, human-in-the-loop signal primitives, and graph validators. It is consumed by the Flowget worker and CLI, and re-exports the node-authoring helpers so node authors need only a single import.
Install
npm i @flowget/engineUsage
Author a node and build a registry the walker can resolve against:
import { z } from "zod";
import { buildRegistry, defineNode } from "@flowget/engine";
const httpFetch = defineNode({
id: "http_fetch",
category: "data",
input: { url: z.string().url() },
output: { status: z.number(), body: z.unknown() },
async run({ input }) {
const res = await fetch(input.url);
return { status: res.status, body: await res.json() };
},
});
const registry = buildRegistry([httpFetch]);input.url is typed string inside run automatically — the engine never
imports a specific validator library, so any object with a .parse() method
works (Zod, Valibot, custom).
Production HTTP nodes must validate inputs (URL allow-list, https-only, block private/loopback IPs, cap response size, set a timeout) to prevent SSRF and DoS. The engine ships
assertSafeUrlandredactUrlForLoggingto help.
⚠️ 0.x is unstable
The surface is unstable until v1 — breaking changes ship as minor bumps. Pin
exact versions in consumers ("@flowget/engine": "0.1.0", not "^0.1.0").
Links
- Full documentation: https://docs.flowget.io
- Security policy: SECURITY.md
- License: FSL-1.1-ALv2 (see LICENSE)
