@archie/devtools 0.0.9 → 0.0.11

package/dist/client/inject-inspector/auto.mjs

@@ -1,7 +0,0 @@
-import {
-  injectInspector
-} from "../../chunk-6HHNPJXA.mjs";
-import "../../chunk-D5EA6RR5.mjs";
-
-// src/client/inject-inspector/auto.ts
-injectInspector();

package/dist/client/inject-inspector/injectInspector.d.mts

@@ -1,38 +0,0 @@
-/** Only configured domains (Archie host origins) and optionally localhost in dev. "*" is never used. */
-type InjectOptions = {
-    id?: string;
-    /**
-     * Origin(s) allowed to send postMessage commands to the inspector.
-     * If not set, uses Archie host origins + localhost when dev is true.
-     * "*" is not allowed; pass an array of concrete origins.
-     */
-    allowedOrigins?: string | string[];
-    /**
-     * Origin to which the inspector sends postMessage replies (the parent window).
-     * If not set and in an iframe, uses document.referrer origin — except when the page
-     * is a preview iframe (*.previews.staging.archie-platform.com), in which case you
-     * must pass the parent app origin (e.g. https://app.dev.archie-platform.com).
-     * "*" is not allowed.
-     */
-    targetOrigin?: string;
-    /**
-     * When true, allowedOrigins default includes localhost for local testing.
-     * When undefined, inferred from document.referrer (localhost or missing = dev).
-     */
-    dev?: boolean;
-};
-/**
- * Loads and runs the Archie inspector script (dynamic import).
- * Safe to call multiple times: avoids duplicate execution by id.
- * No-op when run outside the browser (e.g. SSR).
- *
- * Security: Origin restrictions are always set (never "*"). We do not inject
- * script via eval/Function or write HTML (innerHTML/insertAdjacentHTML).
- * The inspector only accepts postMessage from allowlisted origins and
- * sanitizes style values before applying to the DOM.
- *
- * @returns Promise that resolves to the marker script element, or null if not in browser / already present
- */
-declare function injectInspector(opts?: InjectOptions): Promise<HTMLScriptElement | null> | null;
-
-export { type InjectOptions, injectInspector };

package/dist/client/inject-inspector/injectInspector.d.ts

@@ -1,38 +0,0 @@
-/** Only configured domains (Archie host origins) and optionally localhost in dev. "*" is never used. */
-type InjectOptions = {
-    id?: string;
-    /**
-     * Origin(s) allowed to send postMessage commands to the inspector.
-     * If not set, uses Archie host origins + localhost when dev is true.
-     * "*" is not allowed; pass an array of concrete origins.
-     */
-    allowedOrigins?: string | string[];
-    /**
-     * Origin to which the inspector sends postMessage replies (the parent window).
-     * If not set and in an iframe, uses document.referrer origin — except when the page
-     * is a preview iframe (*.previews.staging.archie-platform.com), in which case you
-     * must pass the parent app origin (e.g. https://app.dev.archie-platform.com).
-     * "*" is not allowed.
-     */
-    targetOrigin?: string;
-    /**
-     * When true, allowedOrigins default includes localhost for local testing.
-     * When undefined, inferred from document.referrer (localhost or missing = dev).
-     */
-    dev?: boolean;
-};
-/**
- * Loads and runs the Archie inspector script (dynamic import).
- * Safe to call multiple times: avoids duplicate execution by id.
- * No-op when run outside the browser (e.g. SSR).
- *
- * Security: Origin restrictions are always set (never "*"). We do not inject
- * script via eval/Function or write HTML (innerHTML/insertAdjacentHTML).
- * The inspector only accepts postMessage from allowlisted origins and
- * sanitizes style values before applying to the DOM.
- *
- * @returns Promise that resolves to the marker script element, or null if not in browser / already present
- */
-declare function injectInspector(opts?: InjectOptions): Promise<HTMLScriptElement | null> | null;
-
-export { type InjectOptions, injectInspector };