@01.software/sdk 0.38.0 → 0.40.0

package/README.md

@@ -19,7 +19,7 @@ pnpm add @01.software/sdk
 - Customer auth hooks (useCustomerMe, useCustomerLogin, etc.) with cache management
 - Automatic retry with exponential backoff (non-retryable: 400, 401, 403, 404, 409, 422)
 - Webhook handling with HMAC-SHA256 signature verification
-- Sub-path imports (`./server`, `./webhook`, `./realtime`, `./ui/*`) for tree-shaking
+- Sub-path imports (`./server`, `./webhook`, `./realtime`, `./storefront-cache`, `./ui/*`) for tree-shaking
 - Type-safe read-only `collections.from()` for Client (compile-time write prevention)
 
 ### Sub-path Imports
@@ -57,6 +57,9 @@ import {
 // Realtime only
 import { createRealtimeClient } from '@01.software/sdk/realtime'
 
+// Storefront cache resource names for SSG/ISR adapters
+import { storefrontCacheResources } from '@01.software/sdk/storefront-cache'
+
 // Components - sub-path imports per domain
 import { Analytics } from '@01.software/sdk/analytics/react'
 import { RichTextContent } from '@01.software/sdk/ui/rich-text'
@@ -79,6 +82,7 @@ entry.
 | `@01.software/sdk/server`           | `createServerClient`, server-only collection, commerce, and preview APIs | none; keep `secretKey` code on the server                                                                  |
 | `@01.software/sdk/query`            | React Query hooks, cache helpers, `getQueryClient`                       | `@tanstack/react-query`, `react`, `react-dom`                                                              |
 | `@01.software/sdk/realtime`         | `RealtimeConnection`, `useRealtimeQuery`                                 | `@tanstack/react-query`, `react`, `react-dom`                                                              |
+| `@01.software/sdk/storefront-cache` | product storefront cache resource name helpers                           | none                                                                                                       |
 | `@01.software/sdk/analytics/react`  | `<Analytics />`                                                          | `react`, `react-dom`                                                                                       |
 | `@01.software/sdk/ui/rich-text`     | `RichTextContent`, `StyledRichTextContent`                               | `react`, `react-dom`, `@payloadcms/richtext-lexical`                                                       |
 | `@01.software/sdk/ui/form`          | `FormRenderer`                                                           | `react`, `react-dom`                                                                                       |
@@ -99,6 +103,8 @@ Migration quick reference:
 - `createServerClient` must be imported from `@01.software/sdk/server`.
 - React Query hooks and cache helpers must be imported from
   `@01.software/sdk/query`.
+- Product storefront cache resource helpers must be imported from
+  `@01.software/sdk/storefront-cache`.
 - UI components must be imported from the specific `@01.software/sdk/ui/*`
   sub-path and require only that row's peers.
 - Console-shared pure ecommerce helpers live in private
@@ -120,7 +126,7 @@ const client = createClient({
 // Query data (returns Payload native response)
 const { docs } = await client.collections.from('products').find({
   limit: 10,
-  where: { status: { equals: 'published' } },
+  select: { title: true, slug: true },
 })
 ```
 
@@ -184,6 +190,61 @@ previewToken })` returns the raw product detail payload for the saved
 draft/unpublished record addressed by the preview token. `detail()` wraps the
 published storefront payload in a `{ found, product | reason }` result.
 
+## Getting storefront content
+
+Use shaped content helpers when a browser storefront needs relationship-backed
+media for common public content. These helpers use the publishable key only;
+the server resolves the tenant, enforces the owning feature, excludes drafts,
+and returns allowlisted DTOs instead of raw Payload documents.
+
+```typescript
+import { createClient } from '@01.software/sdk'
+
+const client = createClient({ publishableKey: '<publishable-key>' })
+
+const links = await client.content.links.list({
+  limit: 10,
+  categorySlug: 'social',
+  tagSlug: 'footer',
+  featured: true,
+  sort: 'title',
+})
+
+const gallery = await client.content.galleryItems.list({
+  gallerySlug: 'spring-lookbook',
+  limit: 24,
+})
+```
+
+`content.links.list()` calls `GET /api/links/storefront`; link DTOs include
+display fields, categories/tags, thumbnail, and icon media. Operator-only
+fields such as tenant, metadata, click counters, and private storage details
+are omitted. Use `categorySlug` and `tagSlug` for stable storefront URLs when
+available; `categoryId` and `tagId` are also supported. Expired links are
+excluded by default, though visible link DTOs may include `expiresAt` so
+storefronts can render time-sensitive copy.
+
+`content.galleryItems.list()` calls `GET /api/gallery-items/storefront`;
+gallery item DTOs include title, description, content, gallery reference, and
+image media. Tenant, metadata, draft status, and storage/provider internals are
+omitted. Gallery item reads require either `gallerySlug` or `galleryId`; prefer
+`gallerySlug` for storefront routes. The default gallery item sort is `manual`,
+matching curator order from the Admin Panel.
+
+Both helpers return Payload-style pagination (`docs`, `totalDocs`, `page`,
+`limit`, etc.). `limit` is bounded server-side to `1..100`; invalid query,
+publishable-key, feature, rate-limit, and server errors surface through the
+SDK's typed error classes and preserve request IDs on `client.lastRequestId`.
+SDK sort inputs are typed public allowlists: links support created/updated/
+published dates, title, and featured ordering; gallery items support manual
+curator order, created/updated dates, and title.
+
+Use `client.collections.from(...).find()` only as the advanced raw collection
+escape hatch. Browser publishable-key raw reads stay shallow (`depth: 0`,
+`joins: false`) and are not for relationship-expanded media. Use shaped helpers
+for storefront content media, or `createServerClient()` when a server route
+needs full raw collection access with server credentials.
+
 ## Getting product detail
 
 The recommended way to fetch a single product is the shaped helper:
@@ -203,7 +264,8 @@ if (!result.found) {
 }
 
 const { product } = result
-// product: { product, variants, options, brand, categories, tags, images, videos, listing }
+// product: { product, variants, options, brand, categories, tags, images, videos,
+//   featuredImage, priceRange, compareAtPriceRange, availableForSale, selectedOrFirstAvailableVariant }
 ```
 
 `detail()` returns `ProductDetailResult`, a discriminated union:
@@ -215,6 +277,15 @@ mismatches, still throw
 typed `SDKError` subclasses and preserve request IDs through the existing
 `lastRequestId` / `onRequestId` path.
 
+Public product visibility has two axes. Lifecycle `status` must still be
+`published` and `publishedAt` must be current or empty. Then
+`storefrontVisibility` decides storefront exposure: `listed` products appear in
+listing helpers and direct detail, `unlisted` products are omitted from listing
+helpers but can be fetched by direct detail slug/id, and `hidden` products return
+`{ found: false, reason: 'not_published' }` from detail and are omitted from
+listings. Legacy products without `storefrontVisibility` are treated as
+`listed`.
+
 The successful product payload exposes inventory rollups without sentinel
 values: `product.totalInventory` is the tracked stock sum across non-unlimited
 variants, `null` when no variants are tracked, and
@@ -245,46 +316,84 @@ const { product, stockMergeStatus } = mergeProductDetailWithStock(
 // stockMergeStatus: 'complete' | 'partial' — partial when a variant id is missing from snapshot
 ```
 
-Listing groups use the same pattern: `listingGroupsCatalog()` for the cacheable
-shell, then `stockSnapshot()` (or `stock-check` at cart/checkout) for live
+Listing UIs use the same pattern: `listingPage()` for PLP/search grids, or
+`listingGroupsCatalog({ productIds })` when curated product IDs are already
+known, then `stockSnapshot()` (or `stock-check` at cart/checkout) for live
 availability. `detail()` and POST detail/listing endpoints are unchanged during
 the migration window; see ADR 0012 addendum in `docs/decisions/0012-sdk-public-commerce-contract.md`.
 
 ### Product Listing Pages (PLP) — join-safe queries
 
-**Recommended path:** Use `commerce.product.listingGroupsCatalog()` (or the
-`useProductListingGroupsCatalogQuery` hook) together with
-`buildProductListingCard()`. The endpoint applies unlimited join fetches
-server-side and returns pre-grouped `ProductListingGroupsItem[]` data, so color
-swatches are never truncated regardless of how many option values the product
-has.
+**Recommended path:** Use `commerce.product.listingPage()` (or
+`createQueryHooks(client).useProductListingPage()`) for greenfield storefront
+PLPs. It wraps the cacheable listing-groups query endpoint, keeps the raw
+Payload pagination response, and adds `cards` built with
+`buildProductListingCard()`. The endpoint returns pre-grouped listing data and
+avoids the top-level `products.options` / `products.variants` join truncation
+that raw REST product queries hit by default.
 
 ```typescript
-import {
-  buildProductListingCard,
-  type ProductListingCard,
-} from '@01.software/sdk'
-
-const response = await client.commerce.product.listingGroupsCatalog({
-  where: { status: { equals: 'published' } },
+const response = await client.commerce.product.listingPage({
+  search: 'shirt',
   limit: 24,
+  filters: {
+    categoryIds: ['category-1'],
+    price: { min: 10000, max: 50000 },
+    availableForSale: true,
+  },
+  basePath: '/shop',
 })
 
-const cards: ProductListingCard[] = response.docs.map((item) =>
-  buildProductListingCard(item, { basePath: '/shop' }),
-)
+const cards = response.cards
+```
+
+Use `commerce.product.listingGroupsCatalog({ productIds })` when product IDs
+are already known, for example curated rails, recommendations, or editorial
+sections:
+
+```typescript
+const response = await client.commerce.product.listingGroupsCatalog({
+  productIds: ['product-1', 'product-2'],
+})
 ```
 
-**Escape hatch:** When you need to query the `products` collection directly
-(bulk operations, custom filters, fields the helper does not expose), spread
+**Server-auth escape hatch:** When server code deliberately needs raw
+`products` collection reads (bulk operations, custom filters, fields the helper
+does not expose), use `createServerClient()` and spread
 `PRODUCT_PLP_FIND_OPTIONS` to raise the default Payload join limit of 10:
 
 ```typescript
 import { PRODUCT_PLP_FIND_OPTIONS } from '@01.software/sdk'
+import { createServerClient } from '@01.software/sdk/server'
 
-const { docs } = await client.collections.from('products').find({
+const server = createServerClient({
+  publishableKey: process.env.SOFTWARE_PUBLISHABLE_KEY!,
+  apiUrl: process.env.SOFTWARE_API_URL!,
+  secretKey: process.env.SOFTWARE_SECRET_KEY!,
+})
+
+const now = new Date().toISOString()
+const { docs } = await server.collections.from('products').find({
   ...PRODUCT_PLP_FIND_OPTIONS,
-  where: { status: { equals: 'published' } },
+  where: {
+    and: [
+      { status: { equals: 'published' } },
+      {
+        or: [
+          { publishedAt: { less_than_equal: now } },
+          { publishedAt: { exists: false } },
+          { publishedAt: { equals: null } },
+        ],
+      },
+      {
+        or: [
+          { storefrontVisibility: { equals: 'listed' } },
+          { storefrontVisibility: { exists: false } },
+          { storefrontVisibility: { equals: null } },
+        ],
+      },
+    ],
+  },
   limit: 24,
 })
 ```
@@ -293,7 +402,10 @@ const { docs } = await client.collections.from('products').find({
 limits with `sort: '_order'`. It cures top-level `products.options` and
 `products.variants` join truncation but **cannot** cure the nested
 `options[].values.docs` join — the Payload REST `joins` param is flat and
-nested join limits require the listing-groups endpoint.
+nested join limits require the listing-groups endpoint. This preset is not
+accepted by publishable `createClient().collections.from('products').find()`
+because browser-public raw reads are constrained to `depth: 0` and
+`joins: false`, and cannot use `populate`.
 
 ### Product selection helpers
 
@@ -330,9 +442,9 @@ aligned without rebuilding media priority in storefront code.
 
 For new storefront work, prefer pool-pointer and gallery-aware resolution from
 `commerce.product.detail()` + `resolveProductSelection()` (and
-`getProductSelectionImages()` when a list is needed). Direct legacy fields like
+`getProductSelectionImages()` when a list is needed). Direct pre-ADR-0025 fields like
 `variant.thumbnail` and option-value direct `images` are still accepted as
-compatibility input, but are deprecated as primary storefront media sources.
+transitional input, but are no longer primary storefront media sources.
 
 `availableValuesByOptionSlug` / `availableValuesByOptionId` include
 `availableStock`, `isUnlimited`, and `availableForSale` per value so option UIs
@@ -382,11 +494,11 @@ const selectionQuery = codec.stringify(normalizedSelection)
 #### Empty vs partial selection
 
 When selection input is omitted, `resolveProductSelection()` applies
-`listing.selectionHintVariant` so PDP defaults match listing cards. That is
+`selectedOrFirstAvailableVariant` so PDP defaults match listing cards. That is
 separate from `fillDefaults` and is not gated by a flag.
 
 ```typescript
-// PDP default (uses listing.selectionHintVariant when selection is omitted)
+// PDP default (uses selectedOrFirstAvailableVariant when selection is omitted)
 resolveProductSelection(product)
 
 // Catalog: keep price range / no concrete variant
@@ -406,7 +518,7 @@ const resolution = resolveProductSelection(
   },
 )
 // resolution.selectedVariant is concrete; unselected options are filled
-// using the same available-by-order rules as listing selectionHintVariant.
+// using the same available-by-order rule that derives selectedOrFirstAvailableVariant.
 ```
 
 For option-click handlers, use `selectNext()` to apply a slug transition,
@@ -455,8 +567,8 @@ Selection query params are share/deep-link state, not index targets.
 ### Product listing card helper
 
 `buildProductListingCard(item, options?)` turns a single
-`commerce.product.listingGroups()` response item into a render-ready
-`ProductListingCard`. Each item includes `listingGroupingState` (`grouped`,
+`commerce.product.listingPage()` or `listingGroupsCatalog()` response item into
+a render-ready `ProductListingCard`. Each item includes `listingGroupingState` (`grouped`,
 `no_primary_option`, or `empty`) and, when empty, `listingGroupingEmptyReason`
 (`primary_option_not_linked`, `primary_option_has_no_values`, or
 `no_variants_for_primary_option`). Each group includes public-safe
@@ -465,16 +577,19 @@ inspect grouped variant fields without a follow-up fetch. The by-ids response
 also returns `missing: string[]` for requested product IDs that were not found,
 not published, or not accessible; `docs` preserve the input `productIds` order
 for returned products. The helper populates optional `representativeVariant`, a
-PDP-seeded `href`, representative media (`product.thumbnail` -> first
-`product.images` -> representative variant media -> `null`), an aggregated price
-range across all option-value groups, and a `swatches[]` array derived from
-groups when there is more than one. Single-group products emit `swatches: []`;
-storefronts that disagree can read `item.groups` directly.
+PDP-seeded `href`, representative media from Shopify-shaped
+`product.featuredImage` with product gallery fallback, Product-level
+`priceRange` / `compareAtPriceRange`, Product-level `availableForSale`, and a
+`swatches[]` array derived from groups when there is more than one. Single-group
+products emit `swatches: []`; storefronts that disagree can read `item.groups`
+directly.
 
 `buildProductListingCard()` derives card swatches from listing-group
 `optionValueSwatch`. Image swatches use `swatch.mediaItemId`; color swatches use
 `swatch.color`. Option-value thumbnail/gallery fields are no longer part of the
-public listing-group or product-detail contract.
+public listing-group or product-detail contract. New PLP filters and sorts
+should use Product-shaped names such as `priceRange.minVariantPrice.amount`,
+`priceRange.maxVariantPrice.amount`, and `availableForSale`.
 
 ```ts
 import {
@@ -497,7 +612,7 @@ the card should deep-link a complete hint variant.
 
 ## Storefront performance defaults
 
-- **PLP:** prefer `useProductListingGroupsCatalogQuery()` (GET `/api/products/listing-groups/query/catalog`, CDN-cacheable) or `commerce.product.listingGroupsCatalog()` + `buildProductListingCard()`. Use `useProductListingGroupsQuery()` when you need the full POST `/query` response shape. Avoid fetching a product list and then calling `detail()` per card.
+- **PLP:** prefer `commerce.product.listingPage()` or `useProductListingPage()` (GET `/api/products/listing-groups/query/catalog`, CDN-cacheable, card-ready). Use `listingGroupsCatalog({ productIds })` only when IDs are already known. Treat the full listing-groups response shape as a server-auth escape hatch because it can include operational stock fields. Avoid fetching a product list and then calling `detail()` per card.
 - **PDP:** prefer `useProductDetailBySlug()` / `commerce.product.detail()`. Override `staleTime` / `retry` on the hook when you need fresher catalog data or faster failure on errors.
 - **CDN-friendly reads:** server/edge code can use `detailCatalog()` and `listingGroupsCatalog()` (GET, cacheable) plus batched `stockSnapshot()` for live inventory.
 - **React Query in the browser:** default `getQueryClient()` keeps SSR data fresh forever (`staleTime: Infinity`). For client-only storefronts, use `getStorefrontQueryClient()` (~1 minute staleTime) when creating query hooks:
@@ -519,7 +634,7 @@ Most consumers should use the helper APIs above (`commerce.product.detail`, etc.
 
 ### `depth` — how deep to populate relationship fields
 
-`depth` is the primary control for populating relationships like `category`, `images`, `brand`. Browser publishable-key raw collection reads are constrained to `depth: 0` with `joins: false`; relationship-rich storefront reads should use shaped helpers such as `commerce.product.detail()` / `listingGroupsCatalog()`, or a `createServerClient()` raw query when server credentials are appropriate. Browser SDK raw reads add those safe defaults automatically.
+`depth` is the primary control for populating relationships like `category`, `images`, `brand`. Browser publishable-key raw collection reads are constrained to `depth: 0` with `joins: false` and no `populate`; relationship-rich storefront reads should use shaped helpers such as `commerce.product.detail()` / `listingPage()`, or a `createServerClient()` raw query when server credentials are appropriate. Browser SDK raw reads add those safe defaults automatically and reject relationship-expanded raw read options before making a request.
 
 ```typescript
 const product = await client.collections.from('products').findById(id, {
@@ -564,9 +679,9 @@ await client.collections.from('products').find({
 })
 ```
 
-Each join field defaults to **limit 10** when `joins` is omitted. `depth` does not raise that cap — storefront PLPs that call `products.find()` with only `depth` and then `buildProductListingGroupsByOption()` can silently drop color swatches. Prefer `listingGroupsCatalog()` for PLP cards, or spread `PRODUCT_PLP_FIND_OPTIONS` for raw product queries (see [PLP join-safe queries](#product-listing-pages-plp--join-safe-queries) above).
+Each join field defaults to **limit 10** when `joins` is omitted. `depth` does not raise that cap — storefront PLPs that call `products.find()` with only `depth` and then `buildProductListingGroupsByOption()` can silently drop color swatches. Prefer `listingPage()` for PLP cards, or use `PRODUCT_PLP_FIND_OPTIONS` only in server-auth raw product queries (see [PLP join-safe queries](#product-listing-pages-plp--join-safe-queries) above).
 
-Publishable-key browser raw reads must keep `joins: false`; join-expanded public storefront reads belong behind shaped helpers. Use `createServerClient()` for raw `joins` queries that need server credentials.
+Publishable-key browser raw reads must keep `depth: 0`, `joins: false`, and omit `populate`; relationship-expanded public storefront reads belong behind shaped helpers. Use `createServerClient()` for raw `joins` queries that need server credentials.
 
 `joins` does NOT populate normal relationship fields. Keys that do not match a `type: 'join'` field on the queried collection are silently ignored — e.g. `joins: { category: {} }` on Products is a no-op because `category` is not a join field there. For normal relationships use `depth` (and optionally `populate`).
 
@@ -586,7 +701,7 @@ Dotted-path filters (`where: { 'product.slug': { equals } }`) are Payload-native
 
 Checklist when `find()` returns `docs: []` unexpectedly, in order of likelihood:
 
-1. **Access control filtered the document.** Many collections enforce status/published filters on public read (e.g. `composedReadStatusPublished` on `products` restricts unauthenticated reads to `status: 'published'`). A draft or unpublished document silently disappears from results even when its slug matches. Correlate with backend logs via `client.lastRequestId` (or catch `SDKError.requestId`).
+1. **Access control filtered the document.** Many collections enforce public read filters. Products require `status: 'published'`, a current or unset `publishedAt`, and listable storefront visibility (`listed`, legacy missing, or `null`) for publishable-key raw listing reads. Draft, future, `unlisted`, `hidden`, or malformed products silently disappear from raw listing results even when their slug or ID matches. Use the shaped product detail helper for direct-link `unlisted` products. Correlate with backend logs via `client.lastRequestId` (or catch `SDKError.requestId`).
 2. **Build-time publishable key / API URL differs from runtime.** SSG `generateStaticParams` / `generateMetadata` / the page render must all see the same tenant context. A wrong or missing key at build time produces a baked-in empty response.
 3. **Next.js SSG fetch cache served a stale empty response.** Use `cache: 'no-store'` or `export const revalidate = 0` on server components that should reflect live data.
 4. **`where: { slug: 'x' }` string shorthand.** Always use `{ slug: { equals: 'x' } }` — bare strings silently match nothing.
@@ -666,7 +781,6 @@ const { docs, totalDocs, hasNextPage } = await client.collections
     limit: 20,
     page: 1,
     sort: '-createdAt',
-    where: { status: { equals: 'published' } },
     depth: 0,
     select: { title: true, slug: true },
   })
@@ -898,7 +1012,7 @@ client.customer.auth.logout()
 const orders = await client.commerce.orders.listMine({
   page: 1,
   limit: 10,
-  status: 'paid',
+  displayFinancialStatus: 'paid',
 })
 
 // Password
@@ -909,7 +1023,7 @@ await client.customer.auth.changePassword(currentPassword, newPassword)
 
 ### Commerce Orders (ServerClient-only writes)
 
-Available on ServerClient via `server.commerce.orders.*`. `checkout` and `listMine` are also on Client and return sanitized customer-facing order DTOs. Use `server.collections.from('orders')` for raw operational order documents.
+Available on ServerClient via `server.commerce.orders.*`. `checkout` and `listMine` are also on Client and return sanitized customer-facing order DTOs. Customer order DTOs expose the independent status axes (`displayFinancialStatus`, `displayFulfillmentStatus`, `returnStatus`, `primaryDisplayStatus`, `returnDisplayStatus`); `status` and `displayStatus` are read-only compatibility aliases for older clients. Use `server.collections.from('orders')` for raw operational order documents.
 
 ```typescript
 // Orders
@@ -992,7 +1106,7 @@ not provide.
 documents, Payload saves product fields first; upsert receives `productId`,
 `graphRevision` (required when updating an existing product via `productId` -
 load from `GET /api/products/:id/composer-draft`), options, and variants. Do
-not send removed legacy media inputs (`optionValue.thumbnail`,
+not send removed pre-ADR-0025 media inputs (`optionValue.thumbnail`,
 `optionValue.images`, `variant.thumbnail`); use `swatch.mediaItemId` and
 variant `images[]`. Unknown keys are not part of the published upsert contract.
 
@@ -1000,7 +1114,7 @@ variant `images[]`. Unknown keys are not part of the published upsert contract.
 | ------------- | -------------------------------------- | ------------------------------------------------------------------------ |
 | Create        | `product: { title, ... }` + graph      | `productId` on create; missing `product.title`                           |
 | Edit graph    | `productId` + `graphRevision?` + graph | `product.title` / SEO on upsert; conflicting `productId` vs `product.id` |
-| Edit (legacy) | `product: { id }` + graph only         | `product: { id, title }` on edit                                         |
+| Edit existing | `product: { id }` + graph only         | `product: { id, title }` on edit                                         |
 
 ```typescript
 const result = await server.commerce.product.upsert({
@@ -1224,7 +1338,7 @@ join-order surface and does not emit a semantic order-change webhook.
 
 ## Supported Collections
 
-Source of truth: `packages/sdk/src/core/collection/const.ts` (`COLLECTIONS`: 53).
+Source of truth: `packages/sdk/src/core/collection/const.ts` (`COLLECTIONS`: 51).
 
 | Category           | Browser-public generic collections                                                                                                                                 |
 | ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
@@ -1235,7 +1349,7 @@ Source of truth: `packages/sdk/src/core/collection/const.ts` (`COLLECTIONS`: 53)
 | Content            | `documents`, `document-categories`, `document-types`, `articles`, `article-authors`, `article-categories`, `article-tags`, `links`, `link-categories`, `link-tags` |
 | Playlists / Tracks | `playlists`, `playlist-categories`, `playlist-tags`, `tracks`, `track-categories`, `track-tags`                                                                    |
 | Galleries          | `galleries`, `gallery-categories`, `gallery-tags`, `gallery-items`                                                                                                 |
-| Canvas             | `canvases`, `canvas-node-types`, `canvas-edge-types`, `canvas-categories`, `canvas-tags`, `canvas-nodes`, `canvas-edges`                                           |
+| Canvas             | `canvases`, `canvas-node-types`, `canvas-edge-types`, `canvas-categories`, `canvas-tags`                                                                           |
 | Videos             | `video-categories`, `video-tags`                                                                                                                                   |
 | Forms              | `forms`                                                                                                                                                            |
 | Community          | `reaction-types`, `post-categories`, `post-tags`, `customer-profile-lists`                                                                                         |
@@ -1244,7 +1358,8 @@ Source of truth: `packages/sdk/src/core/collection/const.ts` (`COLLECTIONS`: 53)
 Server-only collections include raw media/logo records, customer and order
 operational records, raw cart/cart-item records, form submissions, raw community documents
 (`posts`, `comments`, `reactions`, `bookmarks`), live stream provider records,
-segmentation records, and moderation records. They remain available from
+Canvas graph shell rows (`canvas-nodes`, `canvas-edges`), segmentation records,
+and moderation records. They remain available from
 `createServerClient().collections` with secret/PAT credentials. Shaped
 browser/customer helpers such as `commerce.cart.*`,
 `commerce.orders.listMine()`, and `commerce.orders.checkout()` remain available
@@ -1394,8 +1509,8 @@ Migration steps:
 
 1. Replace color-only values with `swatch: { type: 'color', color: '#111111' }`.
 2. Replace thumbnail/gallery values with `swatch: { type: 'media', mediaItemId: '<product-pool-image-id>' }`.
-3. Ensure media swatches reference an image already attached to the parent product (`products.images` / `products.thumbnail`).
-4. Remove reads of legacy response fields; consume `optionValueSwatch` / `optionValue.swatch` instead.
+3. Ensure media swatches reference an image already attached to the parent product (`products.images`).
+4. Remove reads of pre-ADR-0025 response fields; consume `optionValueSwatch` / `optionValue.swatch` instead.
 
 ## Migration Guide
 

package/dist/analytics/react.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/analytics/react.tsx","../../src/core/client/types.ts","../../src/analytics.ts","../../src/analytics/env.ts"],"sourcesContent":["'use client'\n\nimport { useEffect } from 'react'\nimport { createAnalytics, type AnalyticsConfig } from '../analytics'\nimport { resolveAnalyticsPublishableKey } from './env'\n\nexport type AnalyticsProps = Omit<AnalyticsConfig, 'publishableKey'> & {\n  publishableKey?: string\n}\n\nexport function Analytics({\n  autoTrack,\n  endpoint,\n  mode,\n  publishableKey,\n  respectDnt,\n}: AnalyticsProps) {\n  useEffect(() => {\n    const resolvedPublishableKey =\n      resolveAnalyticsPublishableKey(publishableKey)\n    if (!resolvedPublishableKey) return\n\n    const analytics = createAnalytics({\n      autoTrack,\n      endpoint,\n      mode,\n      publishableKey: resolvedPublishableKey,\n      respectDnt,\n    })\n\n    return () => analytics.destroy()\n  }, [autoTrack, endpoint, mode, publishableKey, respectDnt])\n\n  return null\n}\n\nexport default Analytics\n","import type {\n  Collection,\n  PublicCollection,\n  ServerCollection,\n  ServerOnlyCollection,\n} from '../collection/const'\nimport type { CollectionType } from '../collection/types'\nimport type { CommunityClient } from '../community/community-client'\nimport type {\n  BanCustomerParams,\n  CommunityBan,\n  UnbanCustomerParams,\n} from '../community/moderation-api'\nimport type { CommerceClient } from '../commerce/commerce-client'\nimport type { ServerCommerceClient } from '../commerce/server-commerce-client'\nimport type { CustomerNamespace } from '../customer/customer-namespace'\nimport type { EventsClient } from '../events/events-client'\nimport type { TenantIntrospectionClient } from '../api/tenant-introspection-api'\n\nexport type {\n  Collection,\n  PublicCollection,\n  ServerCollection,\n  ServerOnlyCollection,\n}\n\n// ============================================================================\n// API URL Configuration\n// ============================================================================\n\ndeclare const __DEFAULT_API_URL__: string\n\nexport function resolveApiUrl(apiUrl?: string): string {\n  if (apiUrl) {\n    return apiUrl.replace(/\\/$/, '')\n  }\n\n  if (typeof process !== 'undefined' && process.env) {\n    const envUrl =\n      process.env.SOFTWARE_API_URL || process.env.NEXT_PUBLIC_SOFTWARE_API_URL\n    if (envUrl) {\n      return envUrl.replace(/\\/$/, '')\n    }\n  }\n  return __DEFAULT_API_URL__\n}\n\n// ============================================================================\n// Client Configuration\n// ============================================================================\n\nexport interface ClientConfig {\n  publishableKey: string\n  /** API base URL for staging, self-hosted, preview, or proxy deployments. */\n  apiUrl?: string\n  /**\n   * Customer authentication options.\n   * Used to initialize CustomerAuth on Client.\n   */\n  customer?: {\n    /**\n     * Persist token in localStorage. Defaults to `true`.\n     * - `true` (default): uses key `'customer-token'`\n     * - `string`: uses the given string as localStorage key\n     * - `false`: disables persistence (token/onTokenChange used instead)\n     *\n     * Handles SSR safely (no-op on server).\n     * When enabled, `token` and `onTokenChange` are ignored.\n     */\n    persist?: boolean | string\n    /** Initial token (e.g. from SSR cookie) */\n    token?: string\n    /** Called when token changes (login/logout) — use to persist in localStorage/cookie */\n    onTokenChange?: (token: string | null) => void\n  }\n}\n\n// Server client: requires both publishableKey (for CDN routing + rate limit +\n// monthly quota enforcement via the edge proxy) and secretKey (sk01_ opaque\n// bearer token, the authentication credential).\n// The proxy keys its tenant lookup off `X-Publishable-Key`, so omitting\n// publishableKey would silently bypass rate limiting and plan-based quota\n// enforcement.\nexport interface ClientServerConfig extends ClientConfig {\n  secretKey: string\n}\n\nexport interface ClientMetadata {\n  userAgent?: string\n  timestamp: number\n}\n\nexport interface ClientState {\n  metadata: ClientMetadata\n}\n\nexport interface PaginationMeta {\n  page: number\n  limit: number\n  totalDocs: number\n  totalPages: number\n  hasNextPage: boolean\n  hasPrevPage: boolean\n  pagingCounter: number\n  prevPage: number | null\n  nextPage: number | null\n}\n\n// ============================================================================\n// Payload CMS Native Response Types\n// ============================================================================\n\n/**\n * Payload CMS Find (List) Response\n * GET /api/{collection}\n */\nexport interface PayloadFindResponse<T = unknown> {\n  docs: T[]\n  totalDocs: number\n  limit: number\n  totalPages: number\n  page: number\n  pagingCounter: number\n  hasPrevPage: boolean\n  hasNextPage: boolean\n  prevPage: number | null\n  nextPage: number | null\n}\n\n/**\n * Payload CMS Create/Update Response\n * POST /api/{collection}\n * PATCH /api/{collection}/{id}\n */\nexport interface PayloadMutationResponse<T = unknown> {\n  message: string\n  doc: T\n  errors?: unknown[]\n}\n\n// ============================================================================\n// Query Options\n// ============================================================================\n\nexport type Sort = string | string[]\nexport type Where = Record<string, unknown>\n\n/**\n * Do NOT replace with `Pick<FindOptions>` from `payload` or import Payload\n * types here. Payload's generic query types depend on `PayloadTypes` module\n * augmentation; external SDK consumers who only use `createClient` should not\n * install Payload just to type REST query objects. Excluded vs native:\n * Local-API-only fields, `locale`/`fallbackLocale`.\n */\nexport interface ApiQueryOptions {\n  page?: number\n  limit?: number\n  sort?: Sort\n  /**\n   * Filter documents. Id-based relation filters (`where: { product: { equals: id } }`) are the\n   * most reliable pattern. Dotted-path relation filters (`where: { 'product.slug': { equals } }`)\n   * are Payload-native but may silently return empty when access control restricts the related\n   * document or when the relation is polymorphic. String shorthand (`where: { slug: 'x' }`)\n   * silently matches nothing — always use `{ slug: { equals: 'x' } }`.\n   */\n  where?: Where\n  /**\n   * Controls how deeply relationship fields are populated. This is the primary control for\n   * populating relationships like `category`, `images`, `brand`. The configured Payload default\n   * applies when unset.\n   */\n  depth?: number\n  select?: Record<string, boolean>\n  /**\n   * Controls which fields are returned for already-populated relationships, keyed by collection\n   * slug. Does NOT control which relationships to populate — that is `depth`.\n   *\n   * @example\n   * // depth: 2 populates category; populate trims which fields come back\n   * populate: { categories: { title: true, slug: true } }\n   */\n  populate?: Record<string, boolean | Record<string, boolean>>\n  /**\n   * Controls Payload `type: 'join'` virtual reverse-relation fields only (pagination, sort,\n   * filter, count per join field, or `false` to disable all join-field population).\n   *\n   * Does NOT populate normal relationship fields like `category`, `images`, or `brand`.\n   * For normal relationship population use `depth` (and optionally `populate` for field\n   * selection).\n   *\n   * Pass `joins: false` to disable all join-field population — useful for lightweight list\n   * queries where join fields are not needed.\n   *\n   * @example\n   * // `article-authors` has a `type: 'join'` field `articles` (reverse-relation)\n   * joins: { articles: { limit: 10, sort: '-publishedAt' } }\n   *\n   * // depth: 2 populates product.category — joins has no effect on this\n   * depth: 2\n   *\n   * // Disable all join-field population\n   * joins: false\n   */\n  joins?:\n    | Record<\n        string,\n        | {\n            limit?: number\n            page?: number\n            sort?: string\n            where?: Where\n            count?: boolean\n          }\n        | false\n      >\n    | false\n  /** Set to `false` to skip the count query — returns docs without totalDocs/totalPages */\n  pagination?: boolean\n  /** Include draft versions (access control still applies on the server) */\n  draft?: boolean\n  /** Include soft-deleted documents (requires `trash` enabled on the collection) */\n  trash?: boolean\n}\n\n// ============================================================================\n// Debug & Retry Configuration\n// ============================================================================\n\nexport interface DebugConfig {\n  logRequests?: boolean\n  logResponses?: boolean\n  logErrors?: boolean\n}\n\nexport interface RetryConfig {\n  maxRetries?: number\n  retryableStatuses?: number[]\n  retryDelay?: (attempt: number) => number\n}\n\n// ============================================================================\n// Lightweight root entry contracts\n// ============================================================================\n\ninterface RootQueryLookup<T extends string> {\n  find(\n    options?: ApiQueryOptions,\n  ): Promise<PayloadFindResponse<CollectionType<T>>>\n  findById(\n    id: string | number,\n    options?: ApiQueryOptions,\n  ): Promise<CollectionType<T>>\n  count(options?: ApiQueryOptions): Promise<{ totalDocs: number }>\n}\n\nexport type RootReadOnlyQueryBuilder<T extends PublicCollection> =\n  RootQueryLookup<T>\n\nexport interface RootServerQueryBuilder<\n  T extends ServerCollection,\n> extends RootQueryLookup<T> {\n  create(\n    data: Partial<CollectionType<T>>,\n    options?: { file?: File | Blob; filename?: string },\n  ): Promise<PayloadMutationResponse<CollectionType<T>>>\n  update(\n    id: string,\n    data: Partial<CollectionType<T>>,\n    options?: { file?: File | Blob; filename?: string },\n  ): Promise<PayloadMutationResponse<CollectionType<T>>>\n  updateMany(\n    where: ApiQueryOptions['where'],\n    data: Partial<CollectionType<T>>,\n  ): Promise<PayloadFindResponse<CollectionType<T>>>\n  remove(id: string): Promise<CollectionType<T>>\n  removeMany(\n    where: ApiQueryOptions['where'],\n  ): Promise<PayloadFindResponse<CollectionType<T>>>\n}\n\nexport interface RootCollectionClient {\n  from<T extends PublicCollection>(collection: T): RootReadOnlyQueryBuilder<T>\n}\n\nexport interface RootServerCollectionClient {\n  from<T extends ServerCollection>(collection: T): RootServerQueryBuilder<T>\n}\n\nexport interface RootClient {\n  commerce: CommerceClient\n  community: CommunityClient\n  /** Set on {@link createClient} return values; optional for structural mocks. */\n  events?: EventsClient\n  customer: CustomerNamespace\n  collections: RootCollectionClient\n  lastRequestId: string | null\n  getState(): ClientState\n  getConfig(): ClientConfig\n}\n\nexport interface RootServerClient {\n  commerce: ServerCommerceClient\n  tenant: TenantIntrospectionClient\n  /** Set on {@link createServerClient} return values; optional for structural mocks. */\n  events?: EventsClient\n  community: CommunityClient & {\n    moderation: {\n      banCustomer: (p: BanCustomerParams) => Promise<CommunityBan>\n      unbanCustomer: (p: UnbanCustomerParams) => Promise<{ success: true }>\n    }\n  }\n  collections: RootServerCollectionClient\n  lastRequestId: string | null\n  getState(): ClientState\n  getConfig(): Omit<ClientServerConfig, 'secretKey'>\n}\n\nexport type RootClientWithEvents = RootClient & { events: EventsClient }\n\nexport type RootServerClientWithEvents = RootServerClient & { events: EventsClient }\n\n// ============================================================================\n// Type Utilities\n// ============================================================================\n\nexport type DeepPartial<T> = {\n  [P in keyof T]?: T[P] extends object ? DeepPartial<T[P]> : T[P]\n}\n\nexport type ExtractArrayType<T> = T extends (infer U)[] ? U : never\n","/**\n * @01.software/sdk — Analytics Helper\n */\n\n/* ANALYTICS INVARIANTS START\n * @01.software/sdk — Analytics Helper\n *\n * ANALYTICS INVARIANTS\n * ====================\n * These invariants are the single source of truth for observable behavior.\n * They are mirrored verbatim in apps/console/src/app/api/analytics/script.js/route.ts.\n * Any change here MUST be reflected there, and vice versa.\n *\n * 1. DNT/GPC respect: when config.respectDnt !== false (default true) AND\n *    (navigator.doNotTrack === '1' OR navigator.globalPrivacyControl === true),\n *    all methods become no-ops. Zero network requests are made.\n *\n * 2. Prerender skip: when document.prerendering === true OR\n *    document.visibilityState === 'prerender', pageview() sends zero requests.\n *\n * 3. 500ms same-path dedup: a pageview for the same pathname within 500ms of\n *    the previous send is silently dropped. After 500ms the next call sends.\n *\n * 4. Transport: sendBeacon → fetch keepalive fallback.\n *    Primary: navigator.sendBeacon(endpoint, new Blob([json], { type: 'text/plain' })).\n *    Fallback (sendBeacon unavailable OR returns false):\n *      fetch(endpoint, { method: 'POST', keepalive: true,\n *        headers: { 'Content-Type': 'application/json' }, body: json }).catch(() => {})\n *\n * 5. Body-only publishableKey: publishableKey is always in the request body,\n *    never in any HTTP header.\n *\n * 6. SSR no-op: when typeof window === 'undefined', createAnalytics() returns\n *    a stub where all methods are no-ops. No side effects occur.\n *\n * 7. Error swallowing: all transport errors are caught and swallowed.\n *    createAnalytics() and all returned methods never throw into the caller.\n *\n * 8. Client timestamp: every send carries eventTs (milliseconds since epoch)\n *    captured with Date.now() immediately before transport. The collect\n *    endpoint uses eventTs (a) to bucket the event into the client's\n *    tenant-local day and (b) to enforce the late-arrival cutoff; events\n *    submitted after the local-day-end grace window are dropped with\n *    reason \"late\".\n *\n * 9. Dev / local-host send skip: in 'auto' mode (the default) all send paths\n *    become no-ops when the page runs on a local host — location.hostname is\n *    'localhost', '127.0.0.1', or ends with '.local'. Validation and dev\n *    warnings still run; only the network send is suppressed, and a one-time\n *    console notice is emitted. SSR (6), DNT/GPC (1), and prerender (2) skips\n *    are evaluated first. Overrides: the SDK accepts mode 'production' (always\n *    send, even locally) and 'development' (never send, on any host); the\n *    mirrored hosted snippet accepts captureOnLocalhost === true (via\n *    window.__01_analytics__.captureOnLocalhost or the script's\n *    data-capture-localhost attribute) to force sending on a local host.\n * ANALYTICS INVARIANTS END */\n\nimport { resolveApiUrl } from './core/client/types'\n\n// ============================================================================\n// Public Types\n// ============================================================================\n\nexport interface AnalyticsConfig {\n  publishableKey: string\n  /** Override the collect endpoint URL. Defaults to {SDK_BASE_URL}/api/analytics/collect */\n  endpoint?: string\n  /** Auto-patch history.pushState/replaceState and listen to popstate. Default: true */\n  autoTrack?: boolean\n  /** Respect navigator.doNotTrack and navigator.globalPrivacyControl. Default: true */\n  respectDnt?: boolean\n  /**\n   * Send mode. 'auto' (default) skips all sends on local hosts\n   * (localhost / 127.0.0.1 / *.local). 'production' always sends, even\n   * locally. 'development' never sends, on any host. See INVARIANT 9.\n   */\n  mode?: 'auto' | 'production' | 'development'\n}\n\nexport interface Analytics {\n  pageview(path?: string): void\n  track(name: string, props?: Record<string, string | number | boolean>): void\n  destroy(): void\n}\n\n// ============================================================================\n// Implementation\n// ============================================================================\n\nexport function createAnalytics(config: AnalyticsConfig): Analytics {\n  // INVARIANT 6: SSR no-op\n  if (typeof window === 'undefined') {\n    return { pageview() {}, track() {}, destroy() {} }\n  }\n\n  const endpoint =\n    config.endpoint ?? `${resolveApiUrl()}/api/analytics/collect`\n\n  // INVARIANT 1: DNT/GPC check (evaluated once at init; stays as closure)\n  const respectDnt = config.respectDnt !== false\n  function isDntActive(): boolean {\n    if (!respectDnt) return false\n    const nav = navigator as Navigator & { globalPrivacyControl?: boolean }\n    return nav.doNotTrack === '1' || nav.globalPrivacyControl === true\n  }\n\n  // INVARIANT 9: local-host detection drives both dev warnings and the\n  // auto send-skip. Hostname is the one signal shared with the hosted snippet.\n  const isLocalHost: boolean = (() => {\n    try {\n      const h = location.hostname\n      return h === 'localhost' || h === '127.0.0.1' || h.endsWith('.local')\n    } catch {\n      return false\n    }\n  })()\n\n  const mode = config.mode ?? 'auto'\n  const sendSuppressed =\n    mode === 'development' || (mode === 'auto' && isLocalHost)\n\n  let suppressNoticeShown = false\n  function devSuppressNotice(): void {\n    if (suppressNoticeShown) return\n    suppressNoticeShown = true\n    try {\n      console.info(\n        `[01 analytics] events disabled on local host (mode: '${mode}'). ` +\n          `Pass mode: 'production' to send while developing.`,\n      )\n    } catch {\n      // INVARIANT 7: swallow\n    }\n  }\n\n  // INVARIANT 3: 500ms same-path dedup state\n  let lastPath: string | null = null\n  let lastAt = 0\n\n  // autoTrack state — save originals for destroy()\n  const autoTrack = config.autoTrack !== false\n  const originalPushState = history.pushState\n  const originalReplaceState = history.replaceState\n  let destroyed = false\n\n  // -------------------------------------------------------------------------\n  // Core send logic\n  // -------------------------------------------------------------------------\n\n  // Generate a unique event ID (crypto.randomUUID when available, Date+Math.random fallback)\n  function newEventId(): string {\n    return typeof crypto !== 'undefined' && typeof crypto.randomUUID === 'function'\n      ? crypto.randomUUID()\n      : String(Date.now()) + String(Math.random())\n  }\n\n  // INVARIANT 4: sendBeacon → fetch keepalive fallback\n  // INVARIANT 5: publishableKey in body only\n  function sendBeaconOrFetch(body: string): void {\n    try {\n      if (typeof navigator.sendBeacon === 'function') {\n        const blob = new Blob([body], { type: 'text/plain' })\n        const sent = navigator.sendBeacon(endpoint, blob)\n        if (sent) return\n        // sent === false → fall through to fetch\n      }\n      // Fetch fallback\n      fetch(endpoint, {\n        method: 'POST',\n        keepalive: true,\n        headers: { 'Content-Type': 'application/json' },\n        body,\n      }).catch(() => {})\n    } catch {\n      // INVARIANT 7: swallow all errors\n    }\n  }\n\n  function sendPageview(pathname: string): void {\n    // INVARIANT 1: DNT/GPC\n    if (isDntActive()) return\n\n    // INVARIANT 2: prerender skip\n    const doc = document as Document & { prerendering?: boolean }\n    // visibilityState cast to string to accommodate non-standard 'prerender' value\n    if (doc.prerendering === true || (document.visibilityState as string) === 'prerender') return\n\n    // INVARIANT 9: skip sends on local hosts in auto mode\n    if (sendSuppressed) {\n      devSuppressNotice()\n      return\n    }\n\n    // INVARIANT 3: 500ms same-path dedup\n    const now = Date.now()\n    if (pathname === lastPath && now - lastAt < 500) return\n    lastPath = pathname\n    lastAt = now\n\n    const body = JSON.stringify({\n      publishableKey: config.publishableKey,\n      pathname,\n      referrer: document.referrer || '',\n      eventId: newEventId(),\n      eventTs: Date.now(),\n    })\n\n    sendBeaconOrFetch(body)\n  }\n\n  // -------------------------------------------------------------------------\n  // autoTrack: patch history methods + listen to popstate\n  // -------------------------------------------------------------------------\n  function trackCurrentPath(): void {\n    if (destroyed) return\n    sendPageview(location.pathname)\n  }\n\n  function patchedPushState(\n    this: History,\n    data: unknown,\n    unused: string,\n    url?: string | URL | null,\n  ): void {\n    originalPushState.apply(this, [data, unused, url] as Parameters<typeof history.pushState>)\n    if (!destroyed) setTimeout(trackCurrentPath, 0)\n  }\n\n  function patchedReplaceState(\n    this: History,\n    data: unknown,\n    unused: string,\n    url?: string | URL | null,\n  ): void {\n    originalReplaceState.apply(this, [data, unused, url] as Parameters<typeof history.replaceState>)\n    if (!destroyed) setTimeout(trackCurrentPath, 0)\n  }\n\n  if (autoTrack) {\n    history.pushState = patchedPushState\n    history.replaceState = patchedReplaceState\n    window.addEventListener('popstate', trackCurrentPath)\n\n    // Initial pageview\n    if (document.readyState === 'complete') {\n      trackCurrentPath()\n    } else {\n      window.addEventListener('load', trackCurrentPath, { once: true })\n    }\n  }\n\n  // -------------------------------------------------------------------------\n  // track() — client-side validation + send\n  // -------------------------------------------------------------------------\n\n  // Dev-mode detection for warnings: warn in dev, silent in production.\n  // Reuses the same local-host signal as the send-skip (INVARIANT 9).\n  const isProduction = !isLocalHost\n\n  // One-shot warn dedup per reason per page load (keyed by reason only)\n  const warnedReasons = new Set<string>()\n\n  function devWarn(name: string, reason: string): void {\n    if (isProduction) return\n    if (warnedReasons.has(reason)) return\n    warnedReasons.add(reason)\n    console.warn(`[01 analytics] dropped event ${name}: ${reason}`)\n  }\n\n  const EVENT_NAME_RE = /^[a-zA-Z][a-zA-Z0-9_:-]{0,49}$/\n  const RESERVED_PREFIXES = ['__', '_pv_']\n\n  function validateEventName(name: string): string | null {\n    if (!name || typeof name !== 'string') return 'name-empty'\n    for (const prefix of RESERVED_PREFIXES) {\n      if (name.startsWith(prefix)) return 'name-reserved'\n    }\n    if (!EVENT_NAME_RE.test(name)) return 'name-regex'\n    return null\n  }\n\n  const PROP_KEY_RE = /^[a-zA-Z_][a-zA-Z0-9_]{0,31}$/\n\n  function validateEventProps(\n    props: Record<string, string | number | boolean> | undefined,\n  ): string | null {\n    if (props === undefined || props === null) return null\n    if (typeof props !== 'object' || Array.isArray(props)) return 'props-value-type'\n    const keys = Object.keys(props)\n    if (keys.length > 10) return 'props-too-many-keys'\n    for (const k of keys) {\n      const v = props[k]\n      if (!PROP_KEY_RE.test(k)) return 'props-key-regex'\n      if (typeof v === 'string') {\n        if (v.length > 80) return 'props-value-too-long'\n      } else if (typeof v === 'number') {\n        if (!isFinite(v)) return 'props-value-not-finite'\n      } else if (typeof v === 'boolean') {\n        // ok\n      } else {\n        return 'props-value-type'\n      }\n    }\n    return null\n  }\n\n  // -------------------------------------------------------------------------\n  // Public API\n  // -------------------------------------------------------------------------\n  return {\n    pageview(path?: string): void {\n      if (destroyed) return\n      sendPageview(path ?? location.pathname)\n    },\n\n    track(name: string, props?: Record<string, string | number | boolean>): void {\n      if (destroyed) return\n\n      // INVARIANT 1: DNT/GPC (same as pageview)\n      if (isDntActive()) return\n\n      // INVARIANT 2: prerender skip\n      const doc = document as Document & { prerendering?: boolean }\n      if (doc.prerendering === true || (document.visibilityState as string) === 'prerender') return\n\n      // Client-side validation\n      const nameErr = validateEventName(name)\n      if (nameErr) {\n        devWarn(name, nameErr)\n        return\n      }\n\n      if (props !== undefined) {\n        const propsErr = validateEventProps(props)\n        if (propsErr) {\n          devWarn(name, propsErr)\n          return\n        }\n      }\n\n      // INVARIANT 9: skip sends on local hosts in auto mode (validation above\n      // still runs so dev warnings fire)\n      if (sendSuppressed) {\n        devSuppressNotice()\n        return\n      }\n\n      // Build body — no dedup for track() events\n      const body = JSON.stringify({\n        publishableKey: config.publishableKey,\n        pathname: location.pathname,\n        referrer: document.referrer || '',\n        eventId: newEventId(),\n        eventName: name,\n        eventProps: props,\n        eventTs: Date.now(),\n      })\n\n      sendBeaconOrFetch(body)\n    },\n\n    destroy(): void {\n      if (destroyed) return\n      destroyed = true\n\n      if (autoTrack) {\n        // Restore original history methods\n        history.pushState = originalPushState\n        history.replaceState = originalReplaceState\n        window.removeEventListener('popstate', trackCurrentPath)\n      }\n\n      // Null out dedup state\n      lastPath = null\n      lastAt = 0\n    },\n  }\n}\n","export type AnalyticsRuntimeEnv = {\n  nextPublicKey?: string\n  vitePublicKey?: string\n}\n\nexport function readAnalyticsRuntimeEnv(): AnalyticsRuntimeEnv {\n  const nextPublicKey =\n    typeof process !== 'undefined'\n      ? process.env?.NEXT_PUBLIC_SOFTWARE_PUBLISHABLE_KEY\n      : undefined\n\n  const viteEnv = (\n    import.meta as ImportMeta & {\n      env?: Record<string, string | undefined>\n    }\n  ).env\n\n  return {\n    nextPublicKey,\n    vitePublicKey: viteEnv?.VITE_SOFTWARE_PUBLISHABLE_KEY,\n  }\n}\n\nexport function resolveAnalyticsPublishableKey(\n  explicit?: string,\n  env: AnalyticsRuntimeEnv = readAnalyticsRuntimeEnv(),\n): string | undefined {\n  if (explicit !== undefined) return explicit || undefined\n\n  return env.nextPublicKey || env.vitePublicKey\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,mBAA0B;;;AC8BnB,SAAS,cAAc,QAAyB;AACrD,MAAI,QAAQ;AACV,WAAO,OAAO,QAAQ,OAAO,EAAE;AAAA,EACjC;AAEA,MAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,UAAM,SACJ,QAAQ,IAAI,oBAAoB,QAAQ,IAAI;AAC9C,QAAI,QAAQ;AACV,aAAO,OAAO,QAAQ,OAAO,EAAE;AAAA,IACjC;AAAA,EACF;AACA,SAAO;AACT;;;AC4CO,SAAS,gBAAgB,QAAoC;AAElE,MAAI,OAAO,WAAW,aAAa;AACjC,WAAO,EAAE,WAAW;AAAA,IAAC,GAAG,QAAQ;AAAA,IAAC,GAAG,UAAU;AAAA,IAAC,EAAE;AAAA,EACnD;AAEA,QAAM,WACJ,OAAO,YAAY,GAAG,cAAc,CAAC;AAGvC,QAAM,aAAa,OAAO,eAAe;AACzC,WAAS,cAAuB;AAC9B,QAAI,CAAC,WAAY,QAAO;AACxB,UAAM,MAAM;AACZ,WAAO,IAAI,eAAe,OAAO,IAAI,yBAAyB;AAAA,EAChE;AAIA,QAAM,eAAwB,MAAM;AAClC,QAAI;AACF,YAAM,IAAI,SAAS;AACnB,aAAO,MAAM,eAAe,MAAM,eAAe,EAAE,SAAS,QAAQ;AAAA,IACtE,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF,GAAG;AAEH,QAAM,OAAO,OAAO,QAAQ;AAC5B,QAAM,iBACJ,SAAS,iBAAkB,SAAS,UAAU;AAEhD,MAAI,sBAAsB;AAC1B,WAAS,oBAA0B;AACjC,QAAI,oBAAqB;AACzB,0BAAsB;AACtB,QAAI;AACF,cAAQ;AAAA,QACN,wDAAwD,IAAI;AAAA,MAE9D;AAAA,IACF,QAAQ;AAAA,IAER;AAAA,EACF;AAGA,MAAI,WAA0B;AAC9B,MAAI,SAAS;AAGb,QAAM,YAAY,OAAO,cAAc;AACvC,QAAM,oBAAoB,QAAQ;AAClC,QAAM,uBAAuB,QAAQ;AACrC,MAAI,YAAY;AAOhB,WAAS,aAAqB;AAC5B,WAAO,OAAO,WAAW,eAAe,OAAO,OAAO,eAAe,aACjE,OAAO,WAAW,IAClB,OAAO,KAAK,IAAI,CAAC,IAAI,OAAO,KAAK,OAAO,CAAC;AAAA,EAC/C;AAIA,WAAS,kBAAkB,MAAoB;AAC7C,QAAI;AACF,UAAI,OAAO,UAAU,eAAe,YAAY;AAC9C,cAAM,OAAO,IAAI,KAAK,CAAC,IAAI,GAAG,EAAE,MAAM,aAAa,CAAC;AACpD,cAAM,OAAO,UAAU,WAAW,UAAU,IAAI;AAChD,YAAI,KAAM;AAAA,MAEZ;AAEA,YAAM,UAAU;AAAA,QACd,QAAQ;AAAA,QACR,WAAW;AAAA,QACX,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,QAC9C;AAAA,MACF,CAAC,EAAE,MAAM,MAAM;AAAA,MAAC,CAAC;AAAA,IACnB,QAAQ;AAAA,IAER;AAAA,EACF;AAEA,WAAS,aAAa,UAAwB;AAE5C,QAAI,YAAY,EAAG;AAGnB,UAAM,MAAM;AAEZ,QAAI,IAAI,iBAAiB,QAAS,SAAS,oBAA+B,YAAa;AAGvF,QAAI,gBAAgB;AAClB,wBAAkB;AAClB;AAAA,IACF;AAGA,UAAM,MAAM,KAAK,IAAI;AACrB,QAAI,aAAa,YAAY,MAAM,SAAS,IAAK;AACjD,eAAW;AACX,aAAS;AAET,UAAM,OAAO,KAAK,UAAU;AAAA,MAC1B,gBAAgB,OAAO;AAAA,MACvB;AAAA,MACA,UAAU,SAAS,YAAY;AAAA,MAC/B,SAAS,WAAW;AAAA,MACpB,SAAS,KAAK,IAAI;AAAA,IACpB,CAAC;AAED,sBAAkB,IAAI;AAAA,EACxB;AAKA,WAAS,mBAAyB;AAChC,QAAI,UAAW;AACf,iBAAa,SAAS,QAAQ;AAAA,EAChC;AAEA,WAAS,iBAEP,MACA,QACA,KACM;AACN,sBAAkB,MAAM,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAyC;AACzF,QAAI,CAAC,UAAW,YAAW,kBAAkB,CAAC;AAAA,EAChD;AAEA,WAAS,oBAEP,MACA,QACA,KACM;AACN,yBAAqB,MAAM,MAAM,CAAC,MAAM,QAAQ,GAAG,CAA4C;AAC/F,QAAI,CAAC,UAAW,YAAW,kBAAkB,CAAC;AAAA,EAChD;AAEA,MAAI,WAAW;AACb,YAAQ,YAAY;AACpB,YAAQ,eAAe;AACvB,WAAO,iBAAiB,YAAY,gBAAgB;AAGpD,QAAI,SAAS,eAAe,YAAY;AACtC,uBAAiB;AAAA,IACnB,OAAO;AACL,aAAO,iBAAiB,QAAQ,kBAAkB,EAAE,MAAM,KAAK,CAAC;AAAA,IAClE;AAAA,EACF;AAQA,QAAM,eAAe,CAAC;AAGtB,QAAM,gBAAgB,oBAAI,IAAY;AAEtC,WAAS,QAAQ,MAAc,QAAsB;AACnD,QAAI,aAAc;AAClB,QAAI,cAAc,IAAI,MAAM,EAAG;AAC/B,kBAAc,IAAI,MAAM;AACxB,YAAQ,KAAK,gCAAgC,IAAI,KAAK,MAAM,EAAE;AAAA,EAChE;AAEA,QAAM,gBAAgB;AACtB,QAAM,oBAAoB,CAAC,MAAM,MAAM;AAEvC,WAAS,kBAAkB,MAA6B;AACtD,QAAI,CAAC,QAAQ,OAAO,SAAS,SAAU,QAAO;AAC9C,eAAW,UAAU,mBAAmB;AACtC,UAAI,KAAK,WAAW,MAAM,EAAG,QAAO;AAAA,IACtC;AACA,QAAI,CAAC,cAAc,KAAK,IAAI,EAAG,QAAO;AACtC,WAAO;AAAA,EACT;AAEA,QAAM,cAAc;AAEpB,WAAS,mBACP,OACe;AACf,QAAI,UAAU,UAAa,UAAU,KAAM,QAAO;AAClD,QAAI,OAAO,UAAU,YAAY,MAAM,QAAQ,KAAK,EAAG,QAAO;AAC9D,UAAM,OAAO,OAAO,KAAK,KAAK;AAC9B,QAAI,KAAK,SAAS,GAAI,QAAO;AAC7B,eAAW,KAAK,MAAM;AACpB,YAAM,IAAI,MAAM,CAAC;AACjB,UAAI,CAAC,YAAY,KAAK,CAAC,EAAG,QAAO;AACjC,UAAI,OAAO,MAAM,UAAU;AACzB,YAAI,EAAE,SAAS,GAAI,QAAO;AAAA,MAC5B,WAAW,OAAO,MAAM,UAAU;AAChC,YAAI,CAAC,SAAS,CAAC,EAAG,QAAO;AAAA,MAC3B,WAAW,OAAO,MAAM,WAAW;AAAA,MAEnC,OAAO;AACL,eAAO;AAAA,MACT;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAKA,SAAO;AAAA,IACL,SAAS,MAAqB;AAC5B,UAAI,UAAW;AACf,mBAAa,QAAQ,SAAS,QAAQ;AAAA,IACxC;AAAA,IAEA,MAAM,MAAc,OAAyD;AAC3E,UAAI,UAAW;AAGf,UAAI,YAAY,EAAG;AAGnB,YAAM,MAAM;AACZ,UAAI,IAAI,iBAAiB,QAAS,SAAS,oBAA+B,YAAa;AAGvF,YAAM,UAAU,kBAAkB,IAAI;AACtC,UAAI,SAAS;AACX,gBAAQ,MAAM,OAAO;AACrB;AAAA,MACF;AAEA,UAAI,UAAU,QAAW;AACvB,cAAM,WAAW,mBAAmB,KAAK;AACzC,YAAI,UAAU;AACZ,kBAAQ,MAAM,QAAQ;AACtB;AAAA,QACF;AAAA,MACF;AAIA,UAAI,gBAAgB;AAClB,0BAAkB;AAClB;AAAA,MACF;AAGA,YAAM,OAAO,KAAK,UAAU;AAAA,QAC1B,gBAAgB,OAAO;AAAA,QACvB,UAAU,SAAS;AAAA,QACnB,UAAU,SAAS,YAAY;AAAA,QAC/B,SAAS,WAAW;AAAA,QACpB,WAAW;AAAA,QACX,YAAY;AAAA,QACZ,SAAS,KAAK,IAAI;AAAA,MACpB,CAAC;AAED,wBAAkB,IAAI;AAAA,IACxB;AAAA,IAEA,UAAgB;AACd,UAAI,UAAW;AACf,kBAAY;AAEZ,UAAI,WAAW;AAEb,gBAAQ,YAAY;AACpB,gBAAQ,eAAe;AACvB,eAAO,oBAAoB,YAAY,gBAAgB;AAAA,MACzD;AAGA,iBAAW;AACX,eAAS;AAAA,IACX;AAAA,EACF;AACF;;;ACzXA;AAKO,SAAS,0BAA+C;AAC7D,QAAM,gBACJ,OAAO,YAAY,cACf,QAAQ,KAAK,uCACb;AAEN,QAAM,UACJ,YAGA;AAEF,SAAO;AAAA,IACL;AAAA,IACA,eAAe,SAAS;AAAA,EAC1B;AACF;AAEO,SAAS,+BACd,UACA,MAA2B,wBAAwB,GAC/B;AACpB,MAAI,aAAa,OAAW,QAAO,YAAY;AAE/C,SAAO,IAAI,iBAAiB,IAAI;AAClC;;;AHpBO,SAAS,UAAU;AAAA,EACxB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAAmB;AACjB,8BAAU,MAAM;AACd,UAAM,yBACJ,+BAA+B,cAAc;AAC/C,QAAI,CAAC,uBAAwB;AAE7B,UAAM,YAAY,gBAAgB;AAAA,MAChC;AAAA,MACA;AAAA,MACA;AAAA,MACA,gBAAgB;AAAA,MAChB;AAAA,IACF,CAAC;AAED,WAAO,MAAM,UAAU,QAAQ;AAAA,EACjC,GAAG,CAAC,WAAW,UAAU,MAAM,gBAAgB,UAAU,CAAC;AAE1D,SAAO;AACT;AAEA,IAAO,gBAAQ;","names":[]}
+{"version":3,"sources":["../../src/analytics/react.tsx","../../src/core/client/types.ts","../../src/analytics.ts","../../src/analytics/env.ts"],"sourcesContent":["'use client'\n\nimport { useEffect } from 'react'\nimport { createAnalytics, type AnalyticsConfig } from '../analytics'\nimport { resolveAnalyticsPublishableKey } from './env'\n\nexport type AnalyticsProps = Omit<AnalyticsConfig, 'publishableKey'> & {\n  publishableKey?: string\n}\n\nexport function Analytics({\n  autoTrack,\n  endpoint,\n  mode,\n  publishableKey,\n  respectDnt,\n}: AnalyticsProps) {\n  useEffect(() => {\n    const resolvedPublishableKey =\n      resolveAnalyticsPublishableKey(publishableKey)\n    if (!resolvedPublishableKey) return\n\n    const analytics = createAnalytics({\n      autoTrack,\n      endpoint,\n      mode,\n      publishableKey: resolvedPublishableKey,\n      respectDnt,\n    })\n\n    return () => analytics.destroy()\n  }, [autoTrack, endpoint, mode, publishableKey, respectDnt])\n\n  return null\n}\n\nexport default Analytics\n","import type {\n  Collection,\n  PublicCollection,\n  ServerCollection,\n  ServerOnlyCollection,\n} from '../collection/const'\nimport type { CollectionType } from '../collection/types'\nimport type { CommunityClient } from '../community/community-client'\nimport type {\n  BanCustomerParams,\n  CommunityBan,\n  UnbanCustomerParams,\n} from '../community/moderation-api'\nimport type { CommerceClient } from '../commerce/commerce-client'\nimport type { ContentClient } from '../content/content-client'\nimport type { ServerCommerceClient } from '../commerce/server-commerce-client'\nimport type { CustomerNamespace } from '../customer/customer-namespace'\nimport type { EventsClient } from '../events/events-client'\nimport type { TenantIntrospectionClient } from '../api/tenant-introspection-api'\n\nexport type {\n  Collection,\n  PublicCollection,\n  ServerCollection,\n  ServerOnlyCollection,\n}\n\n// ============================================================================\n// API URL Configuration\n// ============================================================================\n\ndeclare const __DEFAULT_API_URL__: string\n\nexport function resolveApiUrl(apiUrl?: string): string {\n  if (apiUrl) {\n    return apiUrl.replace(/\\/$/, '')\n  }\n\n  if (typeof process !== 'undefined' && process.env) {\n    const envUrl =\n      process.env.SOFTWARE_API_URL || process.env.NEXT_PUBLIC_SOFTWARE_API_URL\n    if (envUrl) {\n      return envUrl.replace(/\\/$/, '')\n    }\n  }\n  return __DEFAULT_API_URL__\n}\n\n// ============================================================================\n// Client Configuration\n// ============================================================================\n\nexport interface ClientConfig {\n  publishableKey: string\n  /** API base URL for staging, self-hosted, preview, or proxy deployments. */\n  apiUrl?: string\n  /**\n   * Customer authentication options.\n   * Used to initialize CustomerAuth on Client.\n   */\n  customer?: {\n    /**\n     * Persist token in localStorage. Defaults to `true`.\n     * - `true` (default): uses key `'customer-token'`\n     * - `string`: uses the given string as localStorage key\n     * - `false`: disables persistence (token/onTokenChange used instead)\n     *\n     * Handles SSR safely (no-op on server).\n     * When enabled, `token` and `onTokenChange` are ignored.\n     */\n    persist?: boolean | string\n    /** Initial token (e.g. from SSR cookie) */\n    token?: string\n    /** Called when token changes (login/logout) — use to persist in localStorage/cookie */\n    onTokenChange?: (token: string | null) => void\n  }\n}\n\n// Server client: requires both publishableKey (for CDN routing + rate limit +\n// monthly quota enforcement via the edge proxy) and secretKey (sk01_ opaque\n// bearer token, the authentication credential).\n// The proxy keys its tenant lookup off `X-Publishable-Key`, so omitting\n// publishableKey would silently bypass rate limiting and plan-based quota\n// enforcement.\nexport interface ClientServerConfig extends ClientConfig {\n  secretKey: string\n}\n\nexport interface ClientMetadata {\n  userAgent?: string\n  timestamp: number\n}\n\nexport interface ClientState {\n  metadata: ClientMetadata\n}\n\nexport interface PaginationMeta {\n  page: number\n  limit: number\n  totalDocs: number\n  totalPages: number\n  hasNextPage: boolean\n  hasPrevPage: boolean\n  pagingCounter: number\n  prevPage: number | null\n  nextPage: number | null\n}\n\n// ============================================================================\n// Payload CMS Native Response Types\n// ============================================================================\n\n/**\n * Payload CMS Find (List) Response\n * GET /api/{collection}\n */\nexport interface PayloadFindResponse<T = unknown> {\n  docs: T[]\n  totalDocs: number\n  limit: number\n  totalPages: number\n  page: number\n  pagingCounter: number\n  hasPrevPage: boolean\n  hasNextPage: boolean\n  prevPage: number | null\n  nextPage: number | null\n}\n\n/**\n * Payload CMS Create/Update Response\n * POST /api/{collection}\n * PATCH /api/{collection}/{id}\n */\nexport interface PayloadMutationResponse<T = unknown> {\n  message: string\n  doc: T\n  errors?: unknown[]\n}\n\n// ============================================================================\n// Query Options\n// ============================================================================\n\nexport type Sort = string | string[]\nexport type Where = Record<string, unknown>\n\n/**\n * Do NOT replace with `Pick<FindOptions>` from `payload` or import Payload\n * types here. Payload's generic query types depend on `PayloadTypes` module\n * augmentation; external SDK consumers who only use `createClient` should not\n * install Payload just to type REST query objects. Excluded vs native:\n * Local-API-only fields, `locale`/`fallbackLocale`.\n */\nexport interface ApiQueryOptions {\n  page?: number\n  limit?: number\n  sort?: Sort\n  /**\n   * Filter documents. Id-based relation filters (`where: { product: { equals: id } }`) are the\n   * most reliable pattern. Dotted-path relation filters (`where: { 'product.slug': { equals } }`)\n   * are Payload-native but may silently return empty when access control restricts the related\n   * document or when the relation is polymorphic. String shorthand (`where: { slug: 'x' }`)\n   * silently matches nothing — always use `{ slug: { equals: 'x' } }`.\n   */\n  where?: Where\n  /**\n   * Controls how deeply relationship fields are populated. This is the primary control for\n   * populating relationships like `category`, `images`, `brand`. The configured Payload default\n   * applies when unset.\n   */\n  depth?: number\n  select?: Record<string, boolean>\n  /**\n   * Controls which fields are returned for already-populated relationships, keyed by collection\n   * slug. Does NOT control which relationships to populate — that is `depth`.\n   *\n   * @example\n   * // depth: 2 populates category; populate trims which fields come back\n   * populate: { categories: { title: true, slug: true } }\n   */\n  populate?: Record<string, boolean | Record<string, boolean>>\n  /**\n   * Controls Payload `type: 'join'` virtual reverse-relation fields only (pagination, sort,\n   * filter, count per join field, or `false` to disable all join-field population).\n   *\n   * Does NOT populate normal relationship fields like `category`, `images`, or `brand`.\n   * For normal relationship population use `depth` (and optionally `populate` for field\n   * selection).\n   *\n   * Pass `joins: false` to disable all join-field population — useful for lightweight list\n   * queries where join fields are not needed.\n   *\n   * @example\n   * // `article-authors` has a `type: 'join'` field `articles` (reverse-relation)\n   * joins: { articles: { limit: 10, sort: '-publishedAt' } }\n   *\n   * // depth: 2 populates product.category — joins has no effect on this\n   * depth: 2\n   *\n   * // Disable all join-field population\n   * joins: false\n   */\n  joins?:\n    | Record<\n        string,\n        | {\n            limit?: number\n            page?: number\n            sort?: string\n            where?: Where\n            count?: boolean\n          }\n        | false\n      >\n    | false\n  /** Set to `false` to skip the count query — returns docs without totalDocs/totalPages */\n  pagination?: boolean\n  /** Include draft versions (access control still applies on the server) */\n  draft?: boolean\n  /** Include soft-deleted documents (requires `trash` enabled on the collection) */\n  trash?: boolean\n}\n\nexport type PublicReadQueryOptions = Omit<\n  ApiQueryOptions,\n  'depth' | 'joins' | 'populate'\n> & {\n  /**\n   * Publishable collection reads stay unpopulated. Use shaped commerce/community\n   * endpoints or a server client when populated relations are required.\n   */\n  depth?: 0\n  /**\n   * Publishable collection reads disable Payload join fields to avoid accidental\n   * exposure and expensive generic list responses.\n   */\n  joins?: false\n  /** Publishable collection reads do not support relationship populate maps. */\n  populate?: never\n}\n\n// ============================================================================\n// Debug & Retry Configuration\n// ============================================================================\n\nexport interface DebugConfig {\n  logRequests?: boolean\n  logResponses?: boolean\n  logErrors?: boolean\n}\n\nexport interface RetryConfig {\n  maxRetries?: number\n  retryableStatuses?: number[]\n  retryDelay?: (attempt: number) => number\n}\n\n// ============================================================================\n// Lightweight root entry contracts\n// ============================================================================\n\ninterface RootQueryLookup<\n  T extends string,\n  Options extends ApiQueryOptions = ApiQueryOptions,\n> {\n  find(\n    options?: Options,\n  ): Promise<PayloadFindResponse<CollectionType<T>>>\n  findById(\n    id: string | number,\n    options?: Options,\n  ): Promise<CollectionType<T>>\n  count(options?: Options): Promise<{ totalDocs: number }>\n}\n\nexport type RootReadOnlyQueryBuilder<T extends PublicCollection> =\n  RootQueryLookup<T, PublicReadQueryOptions>\n\nexport interface RootServerQueryBuilder<\n  T extends ServerCollection,\n> extends RootQueryLookup<T> {\n  create(\n    data: Partial<CollectionType<T>>,\n    options?: { file?: File | Blob; filename?: string },\n  ): Promise<PayloadMutationResponse<CollectionType<T>>>\n  update(\n    id: string,\n    data: Partial<CollectionType<T>>,\n    options?: { file?: File | Blob; filename?: string },\n  ): Promise<PayloadMutationResponse<CollectionType<T>>>\n  updateMany(\n    where: ApiQueryOptions['where'],\n    data: Partial<CollectionType<T>>,\n  ): Promise<PayloadFindResponse<CollectionType<T>>>\n  remove(id: string): Promise<CollectionType<T>>\n  removeMany(\n    where: ApiQueryOptions['where'],\n  ): Promise<PayloadFindResponse<CollectionType<T>>>\n}\n\nexport interface RootCollectionClient {\n  from<T extends PublicCollection>(collection: T): RootReadOnlyQueryBuilder<T>\n}\n\nexport interface RootServerCollectionClient {\n  from<T extends ServerCollection>(collection: T): RootServerQueryBuilder<T>\n}\n\nexport interface RootClient {\n  commerce: CommerceClient\n  community: CommunityClient\n  content: ContentClient\n  /** Set on {@link createClient} return values; optional for structural mocks. */\n  events?: EventsClient\n  customer: CustomerNamespace\n  collections: RootCollectionClient\n  lastRequestId: string | null\n  getState(): ClientState\n  getConfig(): ClientConfig\n}\n\nexport interface RootServerClient {\n  commerce: ServerCommerceClient\n  tenant: TenantIntrospectionClient\n  /** Set on {@link createServerClient} return values; optional for structural mocks. */\n  events?: EventsClient\n  community: CommunityClient & {\n    moderation: {\n      banCustomer: (p: BanCustomerParams) => Promise<CommunityBan>\n      unbanCustomer: (p: UnbanCustomerParams) => Promise<{ success: true }>\n    }\n  }\n  collections: RootServerCollectionClient\n  lastRequestId: string | null\n  getState(): ClientState\n  getConfig(): Omit<ClientServerConfig, 'secretKey'>\n}\n\nexport type RootClientWithEvents = RootClient & { events: EventsClient }\n\nexport type RootServerClientWithEvents = RootServerClient & { events: EventsClient }\n\n// ============================================================================\n// Type Utilities\n// ============================================================================\n\nexport type DeepPartial<T> = {\n  [P in keyof T]?: T[P] extends object ? DeepPartial<T[P]> : T[P]\n}\n\nexport type ExtractArrayType<T> = T extends (infer U)[] ? U : never\n","/**\n * @01.software/sdk — Analytics Helper\n */\n\n/* ANALYTICS INVARIANTS START\n * @01.software/sdk — Analytics Helper\n *\n * ANALYTICS INVARIANTS\n * ====================\n * These invariants are the single source of truth for observable behavior.\n * They are mirrored verbatim in apps/console/src/app/api/analytics/script.js/route.ts.\n * Any change here MUST be reflected there, and vice versa.\n *\n * 1. DNT/GPC respect: when config.respectDnt !== false (default true) AND\n *    (navigator.doNotTrack === '1' OR navigator.globalPrivacyControl === true),\n *    all methods become no-ops. Zero network requests are made.\n *\n * 2. Prerender skip: when document.prerendering === true OR\n *    document.visibilityState === 'prerender', pageview() sends zero requests.\n *\n * 3. 500ms same-path dedup: a pageview for the same pathname within 500ms of\n *    the previous send is silently dropped. After 500ms the next call sends.\n *\n * 4. Transport: sendBeacon → fetch keepalive fallback.\n *    Primary: navigator.sendBeacon(endpoint, new Blob([json], { type: 'text/plain' })).\n *    Fallback (sendBeacon unavailable OR returns false):\n *      fetch(endpoint, { method: 'POST', keepalive: true,\n *        headers: { 'Content-Type': 'application/json' }, body: json }).catch(() => {})\n *\n * 5. Body-only publishableKey: publishableKey is always in the request body,\n *    never in any HTTP header.\n *\n * 6. SSR no-op: when typeof window === 'undefined', createAnalytics() returns\n *    a stub where all methods are no-ops. No side effects occur.\n *\n * 7. Error swallowing: all transport errors are caught and swallowed.\n *    createAnalytics() and all returned methods never throw into the caller.\n *\n * 8. Client timestamp: every send carries eventTs (milliseconds since epoch)\n *    captured with Date.now() immediately before transport. The collect\n *    endpoint uses eventTs (a) to bucket the event into the client's\n *    tenant-local day and (b) to enforce the late-arrival cutoff; events\n *    submitted after the local-day-end grace window are dropped with\n *    reason \"late\".\n *\n * 9. Dev / local-host send skip: in 'auto' mode (the default) all send paths\n *    become no-ops when the page runs on a local host — location.hostname is\n *    'localhost', '127.0.0.1', or ends with '.local'. Validation and dev\n *    warnings still run; only the network send is suppressed, and a one-time\n *    console notice is emitted. SSR (6), DNT/GPC (1), and prerender (2) skips\n *    are evaluated first. Overrides: the SDK accepts mode 'production' (always\n *    send, even locally) and 'development' (never send, on any host); the\n *    mirrored hosted snippet accepts captureOnLocalhost === true (via\n *    window.__01_analytics__.captureOnLocalhost or the script's\n *    data-capture-localhost attribute) to force sending on a local host.\n * ANALYTICS INVARIANTS END */\n\nimport { resolveApiUrl } from './core/client/types'\n\n// ============================================================================\n// Public Types\n// ============================================================================\n\nexport interface AnalyticsConfig {\n  publishableKey: string\n  /** Override the collect endpoint URL. Defaults to {SDK_BASE_URL}/api/analytics/collect */\n  endpoint?: string\n  /** Auto-patch history.pushState/replaceState and listen to popstate. Default: true */\n  autoTrack?: boolean\n  /** Respect navigator.doNotTrack and navigator.globalPrivacyControl. Default: true */\n  respectDnt?: boolean\n  /**\n   * Send mode. 'auto' (default) skips all sends on local hosts\n   * (localhost / 127.0.0.1 / *.local). 'production' always sends, even\n   * locally. 'development' never sends, on any host. See INVARIANT 9.\n   */\n  mode?: 'auto' | 'production' | 'development'\n}\n\nexport interface Analytics {\n  pageview(path?: string): void\n  track(name: string, props?: Record<string, string | number | boolean>): void\n  destroy(): void\n}\n\n// ============================================================================\n// Implementation\n// ============================================================================\n\nexport function createAnalytics(config: AnalyticsConfig): Analytics {\n  // INVARIANT 6: SSR no-op\n  if (typeof window === 'undefined') {\n    return { pageview() {}, track() {}, destroy() {} }\n  }\n\n  const endpoint =\n    config.endpoint ?? `${resolveApiUrl()}/api/analytics/collect`\n\n  // INVARIANT 1: DNT/GPC check (evaluated once at init; stays as closure)\n  const respectDnt = config.respectDnt !== false\n  function isDntActive(): boolean {\n    if (!respectDnt) return false\n    const nav = navigator as Navigator & { globalPrivacyControl?: boolean }\n    return nav.doNotTrack === '1' || nav.globalPrivacyControl === true\n  }\n\n  // INVARIANT 9: local-host detection drives both dev warnings and the\n  // auto send-skip. Hostname is the one signal shared with the hosted snippet.\n  const isLocalHost: boolean = (() => {\n    try {\n      const h = location.hostname\n      return h === 'localhost' || h === '127.0.0.1' || h.endsWith('.local')\n    } catch {\n      return false\n    }\n  })()\n\n  const mode = config.mode ?? 'auto'\n  const sendSuppressed =\n    mode === 'development' || (mode === 'auto' && isLocalHost)\n\n  let suppressNoticeShown = false\n  function devSuppressNotice(): void {\n    if (suppressNoticeShown) return\n    suppressNoticeShown = true\n    try {\n      console.info(\n        `[01 analytics] events disabled on local host (mode: '${mode}'). ` +\n          `Pass mode: 'production' to send while developing.`,\n      )\n    } catch {\n      // INVARIANT 7: swallow\n    }\n  }\n\n  // INVARIANT 3: 500ms same-path dedup state\n  let lastPath: string | null = null\n  let lastAt = 0\n\n  // autoTrack state — save originals for destroy()\n  const autoTrack = config.autoTrack !== false\n  const originalPushState = history.pushState\n  const originalReplaceState = history.replaceState\n  let destroyed = false\n\n  // -------------------------------------------------------------------------\n  // Core send logic\n  // -------------------------------------------------------------------------\n\n  // Generate a unique event ID (crypto.randomUUID when available, Date+Math.random fallback)\n  function newEventId(): string {\n    return typeof crypto !== 'undefined' && typeof crypto.randomUUID === 'function'\n      ? crypto.randomUUID()\n      : String(Date.now()) + String(Math.random())\n  }\n\n  // INVARIANT 4: sendBeacon → fetch keepalive fallback\n  // INVARIANT 5: publishableKey in body only\n  function sendBeaconOrFetch(body: string): void {\n    try {\n      if (typeof navigator.sendBeacon === 'function') {\n        const blob = new Blob([body], { type: 'text/plain' })\n        const sent = navigator.sendBeacon(endpoint, blob)\n        if (sent) return\n        // sent === false → fall through to fetch\n      }\n      // Fetch fallback\n      fetch(endpoint, {\n        method: 'POST',\n        keepalive: true,\n        headers: { 'Content-Type': 'application/json' },\n        body,\n      }).catch(() => {})\n    } catch {\n      // INVARIANT 7: swallow all errors\n    }\n  }\n\n  function sendPageview(pathname: string): void {\n    // INVARIANT 1: DNT/GPC\n    if (isDntActive()) return\n\n    // INVARIANT 2: prerender skip\n    const doc = document as Document & { prerendering?: boolean }\n    // visibilityState cast to string to accommodate non-standard 'prerender' value\n    if (doc.prerendering === true || (document.visibilityState as string) === 'prerender') return\n\n    // INVARIANT 9: skip sends on local hosts in auto mode\n    if (sendSuppressed) {\n      devSuppressNotice()\n      return\n    }\n\n    // INVARIANT 3: 500ms same-path dedup\n    const now = Date.now()\n    if (pathname === lastPath && now - lastAt < 500) return\n    lastPath = pathname\n    lastAt = now\n\n    const body = JSON.stringify({\n      publishableKey: config.publishableKey,\n      pathname,\n      referrer: document.referrer || '',\n      eventId: newEventId(),\n      eventTs: Date.now(),\n    })\n\n    sendBeaconOrFetch(body)\n  }\n\n  // -------------------------------------------------------------------------\n  // autoTrack: patch history methods + listen to popstate\n  // -------------------------------------------------------------------------\n  function trackCurrentPath(): void {\n    if (destroyed) return\n    sendPageview(location.pathname)\n  }\n\n  function patchedPushState(\n    this: History,\n    data: unknown,\n    unused: string,\n    url?: string | URL | null,\n  ): void {\n    originalPushState.apply(this, [data, unused, url] as Parameters<typeof history.pushState>)\n    if (!destroyed) setTimeout(trackCurrentPath, 0)\n  }\n\n  function patchedReplaceState(\n    this: History,\n    data: unknown,\n    unused: string,\n    url?: string | URL | null,\n  ): void {\n    originalReplaceState.apply(this, [data, unused, url] as Parameters<typeof history.replaceState>)\n    if (!destroyed) setTimeout(trackCurrentPath, 0)\n  }\n\n  if (autoTrack) {\n    history.pushState = patchedPushState\n    history.replaceState = patchedReplaceState\n    window.addEventListener('popstate', trackCurrentPath)\n\n    // Initial pageview\n    if (document.readyState === 'complete') {\n      trackCurrentPath()\n    } else {\n      window.addEventListener('load', trackCurrentPath, { once: true })\n    }\n  }\n\n  // -------------------------------------------------------------------------\n  // track() — client-side validation + send\n  // -------------------------------------------------------------------------\n\n  // Dev-mode detection for warnings: warn in dev, silent in production.\n  // Reuses the same local-host signal as the send-skip (INVARIANT 9).\n  const isProduction = !isLocalHost\n\n  // One-shot warn dedup per reason per page load (keyed by reason only)\n  const warnedReasons = new Set<string>()\n\n  function devWarn(name: string, reason: string): void {\n    if (isProduction) return\n    if (warnedReasons.has(reason)) return\n    warnedReasons.add(reason)\n    console.warn(`[01 analytics] dropped event ${name}: ${reason}`)\n  }\n\n  const EVENT_NAME_RE = /^[a-zA-Z][a-zA-Z0-9_:-]{0,49}$/\n  const RESERVED_PREFIXES = ['__', '_pv_']\n\n  function validateEventName(name: string): string | null {\n    if (!name || typeof name !== 'string') return 'name-empty'\n    for (const prefix of RESERVED_PREFIXES) {\n      if (name.startsWith(prefix)) return 'name-reserved'\n    }\n    if (!EVENT_NAME_RE.test(name)) return 'name-regex'\n    return null\n  }\n\n  const PROP_KEY_RE = /^[a-zA-Z_][a-zA-Z0-9_]{0,31}$/\n\n  function validateEventProps(\n    props: Record<string, string | number | boolean> | undefined,\n  ): string | null {\n    if (props === undefined || props === null) return null\n    if (typeof props !== 'object' || Array.isArray(props)) return 'props-value-type'\n    const keys = Object.keys(props)\n    if (keys.length > 10) return 'props-too-many-keys'\n    for (const k of keys) {\n      const v = props[k]\n      if (!PROP_KEY_RE.test(k)) return 'props-key-regex'\n      if (typeof v === 'string') {\n        if (v.length > 80) return 'props-value-too-long'\n      } else if (typeof v === 'number') {\n        if (!isFinite(v)) return 'props-value-not-finite'\n      } else if (typeof v === 'boolean') {\n        // ok\n      } else {\n        return 'props-value-type'\n      }\n    }\n    return null\n  }\n\n  // -------------------------------------------------------------------------\n  // Public API\n  // -------------------------------------------------------------------------\n  return {\n    pageview(path?: string): void {\n      if (destroyed) return\n      sendPageview(path ?? location.pathname)\n    },\n\n    track(name: string, props?: Record<string, string | number | boolean>): void {\n      if (destroyed) return\n\n      // INVARIANT 1: DNT/GPC (same as pageview)\n      if (isDntActive()) return\n\n      // INVARIANT 2: prerender skip\n      const doc = document as Document & { prerendering?: boolean }\n      if (doc.prerendering === true || (document.visibilityState as string) === 'prerender') return\n\n      // Client-side validation\n      const nameErr = validateEventName(name)\n      if (nameErr) {\n        devWarn(name, nameErr)\n        return\n      }\n\n      if (props !== undefined) {\n        const propsErr = validateEventProps(props)\n        if (propsErr) {\n          devWarn(name, propsErr)\n          return\n        }\n      }\n\n      // INVARIANT 9: skip sends on local hosts in auto mode (validation above\n      // still runs so dev warnings fire)\n      if (sendSuppressed) {\n        devSuppressNotice()\n        return\n      }\n\n      // Build body — no dedup for track() events\n      const body = JSON.stringify({\n        publishableKey: config.publishableKey,\n        pathname: location.pathname,\n        referrer: document.referrer || '',\n        eventId: newEventId(),\n        eventName: name,\n        eventProps: props,\n        eventTs: Date.now(),\n      })\n\n      sendBeaconOrFetch(body)\n    },\n\n    destroy(): void {\n      if (destroyed) return\n      destroyed = true\n\n      if (autoTrack) {\n        // Restore original history methods\n        history.pushState = originalPushState\n        history.replaceState = originalReplaceState\n        window.removeEventListener('popstate', trackCurrentPath)\n      }\n\n      // Null out dedup state\n      lastPath = null\n      lastAt = 0\n    },\n  }\n}\n","export type AnalyticsRuntimeEnv = {\n  nextPublicKey?: string\n  vitePublicKey?: string\n}\n\nexport function readAnalyticsRuntimeEnv(): AnalyticsRuntimeEnv {\n  const nextPublicKey =\n    typeof process !== 'undefined'\n      ? process.env?.NEXT_PUBLIC_SOFTWARE_PUBLISHABLE_KEY\n      : undefined\n\n  const viteEnv = (\n    import.meta as ImportMeta & {\n      env?: Record<string, string | undefined>\n    }\n  ).env\n\n  return {\n    nextPublicKey,\n    vitePublicKey: viteEnv?.VITE_SOFTWARE_PUBLISHABLE_KEY,\n  }\n}\n\nexport function resolveAnalyticsPublishableKey(\n  explicit?: string,\n  env: AnalyticsRuntimeEnv = readAnalyticsRuntimeEnv(),\n): string | undefined {\n  if (explicit !== undefined) return explicit || undefined\n\n  return env.nextPublicKey || env.vitePublicKey\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAEA,mBAA0B;;;AC+BnB,SAAS,cAAc,QAAyB;AACrD,MAAI,QAAQ;AACV,WAAO,OAAO,QAAQ,OAAO,EAAE;AAAA,EACjC;AAEA,MAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,UAAM,SACJ,QAAQ,IAAI,oBAAoB,QAAQ,IAAI;AAC9C,QAAI,QAAQ;AACV,aAAO,OAAO,QAAQ,OAAO,EAAE;AAAA,IACjC;AAAA,EACF;AACA,SAAO;AACT;;;AC2CO,SAAS,gBAAgB,QAAoC;AAElE,MAAI,OAAO,WAAW,aAAa;AACjC,WAAO,EAAE,WAAW;AAAA,IAAC,GAAG,QAAQ;AAAA,IAAC,GAAG,UAAU;AAAA,IAAC,EAAE;AAAA,EACnD;AAEA,QAAM,WACJ,OAAO,YAAY,GAAG,cAAc,CAAC;AAGvC,QAAM,aAAa,OAAO,eAAe;AACzC,WAAS,cAAuB;AAC9B,QAAI,CAAC,WAAY,QAAO;AACxB,UAAM,MAAM;AACZ,WAAO,IAAI,eAAe,OAAO,IAAI,yBAAyB;AAAA,EAChE;AAIA,QAAM,eAAwB,MAAM;AAClC,QAAI;AACF,YAAM,IAAI,SAAS;AACnB,aAAO,MAAM,eAAe,MAAM,eAAe,EAAE,SAAS,QAAQ;AAAA,IACtE,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF,GAAG;AAEH,QAAM,OAAO,OAAO,QAAQ;AAC5B,QAAM,iBACJ,SAAS,iBAAkB,SAAS,UAAU;AAEhD,MAAI,sBAAsB;AAC1B,WAAS,oBAA0B;AACjC,QAAI,oBAAqB;AACzB,0BAAsB;AACtB,QAAI;AACF,cAAQ;AAAA,QACN,wDAAwD,IAAI;AAAA,MAE9D;AAAA,IACF,QAAQ;AAAA,IAER;AAAA,EACF;AAGA,MAAI,WAA0B;AAC9B,MAAI,SAAS;AAGb,QAAM,YAAY,OAAO,cAAc;AACvC,QAAM,oBAAoB,QAAQ;AAClC,QAAM,uBAAuB,QAAQ;AACrC,MAAI,YAAY;AAOhB,WAAS,aAAqB;AAC5B,WAAO,OAAO,WAAW,eAAe,OAAO,OAAO,eAAe,aACjE,OAAO,WAAW,IAClB,OAAO,KAAK,IAAI,CAAC,IAAI,OAAO,KAAK,OAAO,CAAC;AAAA,EAC/C;AAIA,WAAS,kBAAkB,MAAoB;AAC7C,QAAI;AACF,UAAI,OAAO,UAAU,eAAe,YAAY;AAC9C,cAAM,OAAO,IAAI,KAAK,CAAC,IAAI,GAAG,EAAE,MAAM,aAAa,CAAC;AACpD,cAAM,OAAO,UAAU,WAAW,UAAU,IAAI;AAChD,YAAI,KAAM;AAAA,MAEZ;AAEA,YAAM,UAAU;AAAA,QACd,QAAQ;AAAA,QACR,WAAW;AAAA,QACX,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,QAC9C;AAAA,MACF,CAAC,EAAE,MAAM,MAAM;AAAA,MAAC,CAAC;AAAA,IACnB,QAAQ;AAAA,IAER;AAAA,EACF;AAEA,WAAS,aAAa,UAAwB;AAE5C,QAAI,YAAY,EAAG;AAGnB,UAAM,MAAM;AAEZ,QAAI,IAAI,iBAAiB,QAAS,SAAS,oBAA+B,YAAa;AAGvF,QAAI,gBAAgB;AAClB,wBAAkB;AAClB;AAAA,IACF;AAGA,UAAM,MAAM,KAAK,IAAI;AACrB,QAAI,aAAa,YAAY,MAAM,SAAS,IAAK;AACjD,eAAW;AACX,aAAS;AAET,UAAM,OAAO,KAAK,UAAU;AAAA,MAC1B,gBAAgB,OAAO;AAAA,MACvB;AAAA,MACA,UAAU,SAAS,YAAY;AAAA,MAC/B,SAAS,WAAW;AAAA,MACpB,SAAS,KAAK,IAAI;AAAA,IACpB,CAAC;AAED,sBAAkB,IAAI;AAAA,EACxB;AAKA,WAAS,mBAAyB;AAChC,QAAI,UAAW;AACf,iBAAa,SAAS,QAAQ;AAAA,EAChC;AAEA,WAAS,iBAEP,MACA,QACA,KACM;AACN,sBAAkB,MAAM,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAyC;AACzF,QAAI,CAAC,UAAW,YAAW,kBAAkB,CAAC;AAAA,EAChD;AAEA,WAAS,oBAEP,MACA,QACA,KACM;AACN,yBAAqB,MAAM,MAAM,CAAC,MAAM,QAAQ,GAAG,CAA4C;AAC/F,QAAI,CAAC,UAAW,YAAW,kBAAkB,CAAC;AAAA,EAChD;AAEA,MAAI,WAAW;AACb,YAAQ,YAAY;AACpB,YAAQ,eAAe;AACvB,WAAO,iBAAiB,YAAY,gBAAgB;AAGpD,QAAI,SAAS,eAAe,YAAY;AACtC,uBAAiB;AAAA,IACnB,OAAO;AACL,aAAO,iBAAiB,QAAQ,kBAAkB,EAAE,MAAM,KAAK,CAAC;AAAA,IAClE;AAAA,EACF;AAQA,QAAM,eAAe,CAAC;AAGtB,QAAM,gBAAgB,oBAAI,IAAY;AAEtC,WAAS,QAAQ,MAAc,QAAsB;AACnD,QAAI,aAAc;AAClB,QAAI,cAAc,IAAI,MAAM,EAAG;AAC/B,kBAAc,IAAI,MAAM;AACxB,YAAQ,KAAK,gCAAgC,IAAI,KAAK,MAAM,EAAE;AAAA,EAChE;AAEA,QAAM,gBAAgB;AACtB,QAAM,oBAAoB,CAAC,MAAM,MAAM;AAEvC,WAAS,kBAAkB,MAA6B;AACtD,QAAI,CAAC,QAAQ,OAAO,SAAS,SAAU,QAAO;AAC9C,eAAW,UAAU,mBAAmB;AACtC,UAAI,KAAK,WAAW,MAAM,EAAG,QAAO;AAAA,IACtC;AACA,QAAI,CAAC,cAAc,KAAK,IAAI,EAAG,QAAO;AACtC,WAAO;AAAA,EACT;AAEA,QAAM,cAAc;AAEpB,WAAS,mBACP,OACe;AACf,QAAI,UAAU,UAAa,UAAU,KAAM,QAAO;AAClD,QAAI,OAAO,UAAU,YAAY,MAAM,QAAQ,KAAK,EAAG,QAAO;AAC9D,UAAM,OAAO,OAAO,KAAK,KAAK;AAC9B,QAAI,KAAK,SAAS,GAAI,QAAO;AAC7B,eAAW,KAAK,MAAM;AACpB,YAAM,IAAI,MAAM,CAAC;AACjB,UAAI,CAAC,YAAY,KAAK,CAAC,EAAG,QAAO;AACjC,UAAI,OAAO,MAAM,UAAU;AACzB,YAAI,EAAE,SAAS,GAAI,QAAO;AAAA,MAC5B,WAAW,OAAO,MAAM,UAAU;AAChC,YAAI,CAAC,SAAS,CAAC,EAAG,QAAO;AAAA,MAC3B,WAAW,OAAO,MAAM,WAAW;AAAA,MAEnC,OAAO;AACL,eAAO;AAAA,MACT;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAKA,SAAO;AAAA,IACL,SAAS,MAAqB;AAC5B,UAAI,UAAW;AACf,mBAAa,QAAQ,SAAS,QAAQ;AAAA,IACxC;AAAA,IAEA,MAAM,MAAc,OAAyD;AAC3E,UAAI,UAAW;AAGf,UAAI,YAAY,EAAG;AAGnB,YAAM,MAAM;AACZ,UAAI,IAAI,iBAAiB,QAAS,SAAS,oBAA+B,YAAa;AAGvF,YAAM,UAAU,kBAAkB,IAAI;AACtC,UAAI,SAAS;AACX,gBAAQ,MAAM,OAAO;AACrB;AAAA,MACF;AAEA,UAAI,UAAU,QAAW;AACvB,cAAM,WAAW,mBAAmB,KAAK;AACzC,YAAI,UAAU;AACZ,kBAAQ,MAAM,QAAQ;AACtB;AAAA,QACF;AAAA,MACF;AAIA,UAAI,gBAAgB;AAClB,0BAAkB;AAClB;AAAA,MACF;AAGA,YAAM,OAAO,KAAK,UAAU;AAAA,QAC1B,gBAAgB,OAAO;AAAA,QACvB,UAAU,SAAS;AAAA,QACnB,UAAU,SAAS,YAAY;AAAA,QAC/B,SAAS,WAAW;AAAA,QACpB,WAAW;AAAA,QACX,YAAY;AAAA,QACZ,SAAS,KAAK,IAAI;AAAA,MACpB,CAAC;AAED,wBAAkB,IAAI;AAAA,IACxB;AAAA,IAEA,UAAgB;AACd,UAAI,UAAW;AACf,kBAAY;AAEZ,UAAI,WAAW;AAEb,gBAAQ,YAAY;AACpB,gBAAQ,eAAe;AACvB,eAAO,oBAAoB,YAAY,gBAAgB;AAAA,MACzD;AAGA,iBAAW;AACX,eAAS;AAAA,IACX;AAAA,EACF;AACF;;;ACzXA;AAKO,SAAS,0BAA+C;AAC7D,QAAM,gBACJ,OAAO,YAAY,cACf,QAAQ,KAAK,uCACb;AAEN,QAAM,UACJ,YAGA;AAEF,SAAO;AAAA,IACL;AAAA,IACA,eAAe,SAAS;AAAA,EAC1B;AACF;AAEO,SAAS,+BACd,UACA,MAA2B,wBAAwB,GAC/B;AACpB,MAAI,aAAa,OAAW,QAAO,YAAY;AAE/C,SAAO,IAAI,iBAAiB,IAAI;AAClC;;;AHpBO,SAAS,UAAU;AAAA,EACxB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAAmB;AACjB,8BAAU,MAAM;AACd,UAAM,yBACJ,+BAA+B,cAAc;AAC/C,QAAI,CAAC,uBAAwB;AAE7B,UAAM,YAAY,gBAAgB;AAAA,MAChC;AAAA,MACA;AAAA,MACA;AAAA,MACA,gBAAgB;AAAA,MAChB;AAAA,IACF,CAAC;AAED,WAAO,MAAM,UAAU,QAAQ;AAAA,EACjC,GAAG,CAAC,WAAW,UAAU,MAAM,gBAAgB,UAAU,CAAC;AAE1D,SAAO;AACT;AAEA,IAAO,gBAAQ;","names":[]}