npm - @avallon-labs/sdk - Versions diffs - 0.0.0-main.1 - Mend

@avallon-labs/sdk 0.0.0-main.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (125) hide show

package/dist/generated/models/listAgents200DataAgentsItemLanguage.js ADDED Viewed

@@ -0,0 +1,10 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export const ListAgents200DataAgentsItemLanguage = {
+    "en-US": "en-US",
+    "de-DE": "de-DE",
+};

package/dist/generated/models/listAgents200DataAgentsItemLlmModel.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type ListAgents200DataAgentsItemLlmModel = (typeof ListAgents200DataAgentsItemLlmModel)[keyof typeof ListAgents200DataAgentsItemLlmModel];
+export declare const ListAgents200DataAgentsItemLlmModel: {
+    readonly GPT41: "GPT4.1";
+    readonly "AZURE-GPT4o": "AZURE-GPT4o";
+    readonly "AZURE-GPT41": "AZURE-GPT4.1";
+    readonly "GPT-5": "GPT-5";
+    readonly "GPT-5-low": "GPT-5-low";
+    readonly "GPT-5-high": "GPT-5-high";
+    readonly "GPT-51-chat-latest": "GPT-5.1-chat-latest";
+    readonly "GPT-51-no-reasoning": "GPT-5.1-no-reasoning";
+    readonly "GEMINI-15-flash": "GEMINI-1.5-flash";
+    readonly "GEMINI-25-flash": "GEMINI-2.5-flash";
+    readonly "GEMINI-25-flash-lite": "GEMINI-2.5-flash-lite";
+    readonly "GEMINI-3-flash": "GEMINI-3-flash";
+};

package/dist/generated/models/listAgents200DataAgentsItemLlmModel.js ADDED Viewed

@@ -0,0 +1,20 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export const ListAgents200DataAgentsItemLlmModel = {
+    GPT41: "GPT4.1",
+    "AZURE-GPT4o": "AZURE-GPT4o",
+    "AZURE-GPT41": "AZURE-GPT4.1",
+    "GPT-5": "GPT-5",
+    "GPT-5-low": "GPT-5-low",
+    "GPT-5-high": "GPT-5-high",
+    "GPT-51-chat-latest": "GPT-5.1-chat-latest",
+    "GPT-51-no-reasoning": "GPT-5.1-no-reasoning",
+    "GEMINI-15-flash": "GEMINI-1.5-flash",
+    "GEMINI-25-flash": "GEMINI-2.5-flash",
+    "GEMINI-25-flash-lite": "GEMINI-2.5-flash-lite",
+    "GEMINI-3-flash": "GEMINI-3-flash",
+};

package/dist/generated/models/listAgents200DataAgentsItemSttModel.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type ListAgents200DataAgentsItemSttModel = (typeof ListAgents200DataAgentsItemSttModel)[keyof typeof ListAgents200DataAgentsItemSttModel];
+export declare const ListAgents200DataAgentsItemSttModel: {
+    readonly "DEEPGRAM-NOVA-2-GENERAL": "DEEPGRAM-NOVA-2-GENERAL";
+    readonly "DEEPGRAM-NOVA-3-GENERAL": "DEEPGRAM-NOVA-3-GENERAL";
+    readonly "AWS-TRANSCRIBE": "AWS-TRANSCRIBE";
+};

package/dist/generated/models/listAgents200DataAgentsItemSttModel.js ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export const ListAgents200DataAgentsItemSttModel = {
+    "DEEPGRAM-NOVA-2-GENERAL": "DEEPGRAM-NOVA-2-GENERAL",
+    "DEEPGRAM-NOVA-3-GENERAL": "DEEPGRAM-NOVA-3-GENERAL",
+    "AWS-TRANSCRIBE": "AWS-TRANSCRIBE",
+};

package/dist/generated/models/listAgents200DataAgentsItemTtsModel.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type ListAgents200DataAgentsItemTtsModel = (typeof ListAgents200DataAgentsItemTtsModel)[keyof typeof ListAgents200DataAgentsItemTtsModel];
+export declare const ListAgents200DataAgentsItemTtsModel: {
+    readonly eleven_flash_v2_5: "eleven_flash_v2_5";
+    readonly eleven_turbo_v2_5: "eleven_turbo_v2_5";
+    readonly "sonic-multilingual": "sonic-multilingual";
+    readonly "sonic-3": "sonic-3";
+    readonly chirp_3: "chirp_3";
+};

package/dist/generated/models/listAgents200DataAgentsItemTtsModel.js ADDED Viewed

@@ -0,0 +1,13 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export const ListAgents200DataAgentsItemTtsModel = {
+    eleven_flash_v2_5: "eleven_flash_v2_5",
+    eleven_turbo_v2_5: "eleven_turbo_v2_5",
+    "sonic-multilingual": "sonic-multilingual",
+    "sonic-3": "sonic-3",
+    chirp_3: "chirp_3",
+};

package/dist/generated/models/listAgents200DataAgentsItemTtsProvider.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type ListAgents200DataAgentsItemTtsProvider = (typeof ListAgents200DataAgentsItemTtsProvider)[keyof typeof ListAgents200DataAgentsItemTtsProvider];
+export declare const ListAgents200DataAgentsItemTtsProvider: {
+    readonly elevenlabs: "elevenlabs";
+    readonly cartesia: "cartesia";
+    readonly google: "google";
+};

package/dist/generated/models/listAgents200DataAgentsItemTtsProvider.js ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export const ListAgents200DataAgentsItemTtsProvider = {
+    elevenlabs: "elevenlabs",
+    cartesia: "cartesia",
+    google: "google",
+};

package/dist/generated/models/listAgentsParams.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type ListAgentsParams = {
+    /**
+     * Filter by exact agent name
+     */
+    agent_name?: string;
+};

package/dist/generated/models/listAgentsParams.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export {};

package/dist/generated/models/postV1AuthRefreshToken200.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+import type { PostV1AuthRefreshToken200Data } from "./postV1AuthRefreshToken200Data";
+export type PostV1AuthRefreshToken200 = {
+    data: PostV1AuthRefreshToken200Data;
+    message: string;
+};

package/dist/generated/models/postV1AuthRefreshToken200.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/generated/models/postV1AuthRefreshToken200Data.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type PostV1AuthRefreshToken200Data = {
+    access_token: string;
+    refresh_token: string;
+    expires_at: string;
+};

package/dist/generated/models/postV1AuthRefreshToken200Data.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export {};

package/dist/generated/models/postV1AuthRefreshTokenBody.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type PostV1AuthRefreshTokenBody = {
+    access_token: string;
+    refresh_token: string;
+};

package/dist/generated/models/postV1AuthRefreshTokenBody.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export {};

package/dist/generated/models/postV1AuthSignIn200.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+import type { PostV1AuthSignIn200Data } from "./postV1AuthSignIn200Data";
+export type PostV1AuthSignIn200 = {
+    data: PostV1AuthSignIn200Data;
+    message: string;
+};

package/dist/generated/models/postV1AuthSignIn200.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/generated/models/postV1AuthSignIn200Data.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type PostV1AuthSignIn200Data = {
+    access_token: string;
+    refresh_token: string;
+    expires_at: string;
+};

package/dist/generated/models/postV1AuthSignIn200Data.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export {};

package/dist/generated/models/postV1AuthSignInBody.d.ts ADDED Viewed

@@ -0,0 +1,21 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type PostV1AuthSignInBody = {
+    type: "password";
+    email: string;
+    password: string;
+} | {
+    type: "oauth";
+    code: string;
+    verifier: string;
+} | {
+    type: "email_otp";
+    /** @pattern ^(?!\.)(?!.*\.\.)([A-Za-z0-9_'+\-\.]*)[A-Za-z0-9_+-]@([A-Za-z0-9][A-Za-z0-9\-]*\.)+[A-Za-z]{2,}$ */
+    email: string;
+    /** @minLength 1 */
+    token: string;
+};

package/dist/generated/models/postV1AuthSignInBody.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export {};

package/dist/generated/models/postV1AuthSignUp200.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+import type { PostV1AuthSignUp200Data } from "./postV1AuthSignUp200Data";
+export type PostV1AuthSignUp200 = {
+    data: PostV1AuthSignUp200Data;
+    message: string;
+};

package/dist/generated/models/postV1AuthSignUp200.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/generated/models/postV1AuthSignUp200Data.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type PostV1AuthSignUp200Data = {
+    [key: string]: unknown;
+};

package/dist/generated/models/postV1AuthSignUp200Data.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export {};

package/dist/generated/models/postV1AuthSignUpBody.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export type PostV1AuthSignUpBody = {
+    /** @pattern ^(?!\.)(?!.*\.\.)([A-Za-z0-9_'+\-\.]*)[A-Za-z0-9_+-]@([A-Za-z0-9][A-Za-z0-9\-]*\.)+[A-Za-z]{2,}$ */
+    email: string;
+    password: string;
+};

package/dist/generated/models/postV1AuthSignUpBody.js ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * Generated by orval v8.1.0 🍺
+ * Do not edit manually.
+ * Avallon API
+ * OpenAPI spec version: 1.0.0
+ */
+export {};

package/dist/src/auth.d.ts ADDED Viewed

@@ -0,0 +1,50 @@
+/**
+ * Auth Utilities
+ *
+ * PKCE helpers for OAuth flow. This is legitimately custom code -
+ * browser-side crypto can't be generated from OpenAPI.
+ */
+export type { GetV1AuthOauthUrlParams } from "../generated/models";
+/** OAuth providers - matches backend enum */
+export type OAuthProvider = "google" | "microsoft";
+export type AuthTokens = {
+    accessToken: string;
+    refreshToken: string;
+    expiresAt: string;
+};
+/** Generate a cryptographically random code verifier */
+export declare function generateCodeVerifier(length?: number): string;
+/** Generate code challenge from verifier (S256) */
+export declare function generateCodeChallenge(verifier: string): Promise<string>;
+export type OAuthFlowParams = {
+    provider: OAuthProvider;
+    redirectUri: string;
+};
+export type OAuthFlowResult = {
+    /** URL to redirect user to for OAuth */
+    url: string;
+    /** Stored verifier (needed to complete flow) */
+    verifier: string;
+};
+/**
+ * Start OAuth flow.
+ *
+ * 1. Generates PKCE verifier + challenge
+ * 2. Calls backend to get OAuth redirect URL
+ * 3. Stores verifier in sessionStorage (needed for token exchange)
+ * 4. Returns URL for redirect
+ *
+ * @example
+ * ```ts
+ * const { url } = await startOAuthFlow({
+ *   provider: "google",
+ *   redirectUri: "https://app.example.com/auth/callback"
+ * });
+ * window.location.href = url;
+ * ```
+ */
+export declare function startOAuthFlow(params: OAuthFlowParams): Promise<OAuthFlowResult>;
+/** Get stored verifier (after OAuth redirect) */
+export declare function getStoredVerifier(): string | null;
+/** Clear stored verifier */
+export declare function clearStoredVerifier(): void;

package/dist/src/auth.js ADDED Viewed

@@ -0,0 +1,122 @@
+/**
+ * Auth Utilities
+ *
+ * PKCE helpers for OAuth flow. This is legitimately custom code -
+ * browser-side crypto can't be generated from OpenAPI.
+ */
+import { getV1AuthOauthUrl } from "../generated/endpoints";
+// --------------------------------------------------------------------------
+// PKCE Utilities
+// --------------------------------------------------------------------------
+/** Generate a cryptographically random code verifier */
+export function generateCodeVerifier(length = 64) {
+    const charset = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~";
+    const randomValues = crypto.getRandomValues(new Uint8Array(length));
+    return Array.from(randomValues)
+        .map((v) => charset[v % charset.length])
+        .join("");
+}
+/** Generate code challenge from verifier (S256) */
+export async function generateCodeChallenge(verifier) {
+    const encoder = new TextEncoder();
+    const data = encoder.encode(verifier);
+    const digest = await crypto.subtle.digest("SHA-256", data);
+    return base64UrlEncode(digest);
+}
+function base64UrlEncode(buffer) {
+    const bytes = new Uint8Array(buffer);
+    let binary = "";
+    for (const byte of bytes) {
+        binary += String.fromCharCode(byte);
+    }
+    return btoa(binary)
+        .replace(/\+/g, "-")
+        .replace(/\//g, "_")
+        .replace(/=+$/, "");
+}
+// --------------------------------------------------------------------------
+// Storage helpers (safe for private browsing / quota issues)
+// --------------------------------------------------------------------------
+const OAUTH_VERIFIER_KEY = "avallon_oauth_verifier";
+function safeSessionStorageSet(key, value) {
+    try {
+        if (typeof sessionStorage !== "undefined") {
+            sessionStorage.setItem(key, value);
+            return true;
+        }
+    }
+    catch {
+        // Quota exceeded or private browsing - fall through
+    }
+    return false;
+}
+function safeSessionStorageGet(key) {
+    try {
+        if (typeof sessionStorage !== "undefined") {
+            return sessionStorage.getItem(key);
+        }
+    }
+    catch {
+        // Private browsing or other issue
+    }
+    return null;
+}
+function safeSessionStorageRemove(key) {
+    try {
+        if (typeof sessionStorage !== "undefined") {
+            sessionStorage.removeItem(key);
+        }
+    }
+    catch {
+        // Ignore
+    }
+}
+/**
+ * Start OAuth flow.
+ *
+ * 1. Generates PKCE verifier + challenge
+ * 2. Calls backend to get OAuth redirect URL
+ * 3. Stores verifier in sessionStorage (needed for token exchange)
+ * 4. Returns URL for redirect
+ *
+ * @example
+ * ```ts
+ * const { url } = await startOAuthFlow({
+ *   provider: "google",
+ *   redirectUri: "https://app.example.com/auth/callback"
+ * });
+ * window.location.href = url;
+ * ```
+ */
+export async function startOAuthFlow(params) {
+    const verifier = generateCodeVerifier();
+    const challenge = await generateCodeChallenge(verifier);
+    // Get OAuth URL from backend FIRST (before storing anything)
+    const response = await getV1AuthOauthUrl({
+        provider: params.provider,
+        redirect_uri: params.redirectUri,
+        code_challenge: challenge,
+        code_challenge_method: "s256",
+    });
+    // Type narrowing - fetcher throws on errors, so this is always success
+    if (response.status !== 200) {
+        throw new Error("Failed to get OAuth URL");
+    }
+    // Only store verifier AFTER successful API call
+    const stored = safeSessionStorageSet(OAUTH_VERIFIER_KEY, verifier);
+    if (!stored) {
+        console.warn("Could not store OAuth verifier - token exchange may fail after redirect");
+    }
+    return {
+        url: response.data.data.url,
+        verifier,
+    };
+}
+/** Get stored verifier (after OAuth redirect) */
+export function getStoredVerifier() {
+    return safeSessionStorageGet(OAUTH_VERIFIER_KEY);
+}
+/** Clear stored verifier */
+export function clearStoredVerifier() {
+    safeSessionStorageRemove(OAUTH_VERIFIER_KEY);
+}

package/dist/src/fetcher.d.ts ADDED Viewed

@@ -0,0 +1,38 @@
+/**
+ * Custom fetch wrapper for Orval-generated client.
+ * Handles auth (API key or Bearer token) and base URL configuration.
+ * Throws AvallonError on non-2xx responses for clean SWR error handling.
+ */
+export type AvallonConfig = {
+    baseUrl?: string;
+    apiKey?: string;
+    getAccessToken?: () => string | null;
+};
+/** Configure the SDK at runtime */
+export declare function configure(newConfig: Partial<AvallonConfig>): void;
+/** Get current config */
+export declare function getConfig(): AvallonConfig;
+/** Authenticated fetch - adds API key or Bearer token */
+export declare function customFetch<T>(url: string, options: RequestInit): Promise<T>;
+/** Unauthenticated fetch - for auth flow endpoints (sign-in, sign-up, etc.) */
+export declare function customFetchNoAuth<T>(url: string, options: RequestInit): Promise<T>;
+/** Typed error class for API errors */
+export declare class AvallonError extends Error {
+    readonly status: number;
+    readonly body: {
+        data?: unknown;
+        message?: string;
+    };
+    constructor(status: number, body: {
+        data?: unknown;
+        message?: string;
+    });
+    /** Validation errors (400) have field-level details */
+    get errors(): Array<{
+        field: string;
+        message: string;
+    }> | undefined;
+    isValidationError(): boolean;
+    isUnauthorized(): boolean;
+    isNotFound(): boolean;
+}

package/dist/src/fetcher.js ADDED Viewed

@@ -0,0 +1,106 @@
+/**
+ * Custom fetch wrapper for Orval-generated client.
+ * Handles auth (API key or Bearer token) and base URL configuration.
+ * Throws AvallonError on non-2xx responses for clean SWR error handling.
+ */
+// --------------------------------------------------------------------------
+// Configuration
+// --------------------------------------------------------------------------
+let config = {
+    baseUrl: "https://api.avallon.ai",
+};
+/** Configure the SDK at runtime */
+export function configure(newConfig) {
+    config = { ...config, ...newConfig };
+}
+/** Get current config */
+export function getConfig() {
+    return { ...config };
+}
+// --------------------------------------------------------------------------
+// Fetch wrapper
+// --------------------------------------------------------------------------
+/** Shared fetch logic */
+async function doFetch(url, options, withAuth) {
+    const fullUrl = url.startsWith("http") ? url : `${config.baseUrl}${url}`;
+    const headers = new Headers(options.headers);
+    // Only set Content-Type for requests with JSON body
+    // (allows file uploads to set their own Content-Type)
+    if (options.body && typeof options.body === "string") {
+        headers.set("Content-Type", "application/json");
+    }
+    if (withAuth) {
+        const accessToken = config.getAccessToken?.();
+        if (accessToken) {
+            headers.set("Authorization", `Bearer ${accessToken}`);
+        }
+        else if (config.apiKey) {
+            headers.set("x-api-key", config.apiKey);
+        }
+    }
+    const response = await fetch(fullUrl, {
+        ...options,
+        headers,
+    });
+    // Parse response based on content type
+    const contentType = response.headers.get("Content-Type") ?? "";
+    let body;
+    if (response.status === 204) {
+        // No content
+        body = {};
+    }
+    else if (contentType.includes("application/json")) {
+        body = await response.json().catch(() => ({}));
+    }
+    else {
+        // Non-JSON response (shouldn't happen with our API, but handle gracefully)
+        const text = await response.text().catch(() => "");
+        body = { message: text };
+    }
+    // Throw on non-2xx - SWR will catch this as `error`
+    if (!response.ok) {
+        throw new AvallonError(response.status, body);
+    }
+    // Return success response in expected shape
+    return {
+        data: body,
+        status: response.status,
+        headers: response.headers,
+    };
+}
+/** Authenticated fetch - adds API key or Bearer token */
+export async function customFetch(url, options) {
+    return doFetch(url, options, true);
+}
+/** Unauthenticated fetch - for auth flow endpoints (sign-in, sign-up, etc.) */
+export async function customFetchNoAuth(url, options) {
+    return doFetch(url, options, false);
+}
+// --------------------------------------------------------------------------
+// Error class
+// --------------------------------------------------------------------------
+/** Typed error class for API errors */
+export class AvallonError extends Error {
+    status;
+    body;
+    constructor(status, body) {
+        super(body?.message ?? `API error ${status}`);
+        this.status = status;
+        this.body = body;
+        this.name = "AvallonError";
+    }
+    /** Validation errors (400) have field-level details */
+    get errors() {
+        const data = this.body?.data;
+        return data?.errors;
+    }
+    isValidationError() {
+        return this.status === 400;
+    }
+    isUnauthorized() {
+        return this.status === 401;
+    }
+    isNotFound() {
+        return this.status === 404;
+    }
+}