@blamejs/blamejs-shop 0.2.23 → 0.2.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/lib/admin.js +42 -9
  3. package/lib/asset-manifest.json +1 -1
  4. package/lib/cart.js +24 -9
  5. package/lib/storefront.js +190 -38
  6. package/lib/vendor/MANIFEST.json +3 -3
  7. package/lib/vendor/blamejs/CHANGELOG.md +4 -0
  8. package/lib/vendor/blamejs/GOVERNANCE.md +2 -3
  9. package/lib/vendor/blamejs/LTS-CALENDAR.md +6 -2
  10. package/lib/vendor/blamejs/SECURITY.md +1 -1
  11. package/lib/vendor/blamejs/api-snapshot.json +2 -2
  12. package/lib/vendor/blamejs/lib/a2a.js +11 -11
  13. package/lib/vendor/blamejs/lib/agent-snapshot.js +1 -1
  14. package/lib/vendor/blamejs/lib/ai-capability.js +20 -20
  15. package/lib/vendor/blamejs/lib/ai-content-detect.js +4 -3
  16. package/lib/vendor/blamejs/lib/ai-dp.js +17 -17
  17. package/lib/vendor/blamejs/lib/ai-input.js +3 -3
  18. package/lib/vendor/blamejs/lib/ai-pref.js +9 -9
  19. package/lib/vendor/blamejs/lib/ai-quota.js +17 -17
  20. package/lib/vendor/blamejs/lib/archive-read.js +10 -7
  21. package/lib/vendor/blamejs/lib/arg-parser.js +38 -38
  22. package/lib/vendor/blamejs/lib/audit-sign.js +4 -4
  23. package/lib/vendor/blamejs/lib/auth/acr-vocabulary.js +4 -4
  24. package/lib/vendor/blamejs/lib/auth/auth-time-tracker.js +1 -1
  25. package/lib/vendor/blamejs/lib/auth/elevation-grant.js +10 -10
  26. package/lib/vendor/blamejs/lib/auth/step-up-policy.js +12 -12
  27. package/lib/vendor/blamejs/lib/auth/step-up.js +15 -15
  28. package/lib/vendor/blamejs/lib/boot-gates.js +6 -6
  29. package/lib/vendor/blamejs/lib/break-glass.js +1 -1
  30. package/lib/vendor/blamejs/lib/budr.js +6 -6
  31. package/lib/vendor/blamejs/lib/cms-codec.js +10 -9
  32. package/lib/vendor/blamejs/lib/content-credentials.js +13 -13
  33. package/lib/vendor/blamejs/lib/dark-patterns.js +15 -15
  34. package/lib/vendor/blamejs/lib/ddl-change-control.js +37 -37
  35. package/lib/vendor/blamejs/lib/dr-runbook.js +7 -7
  36. package/lib/vendor/blamejs/lib/fapi2.js +9 -9
  37. package/lib/vendor/blamejs/lib/fdx.js +7 -7
  38. package/lib/vendor/blamejs/lib/graphql-federation.js +2 -2
  39. package/lib/vendor/blamejs/lib/iab-mspa.js +5 -5
  40. package/lib/vendor/blamejs/lib/iab-tcf.js +18 -18
  41. package/lib/vendor/blamejs/lib/mail-crypto-smime.js +10 -6
  42. package/lib/vendor/blamejs/lib/mcp.js +13 -13
  43. package/lib/vendor/blamejs/lib/middleware/require-step-up.js +3 -3
  44. package/lib/vendor/blamejs/lib/mtls-ca.js +2 -2
  45. package/lib/vendor/blamejs/lib/safe-archive.js +8 -7
  46. package/lib/vendor/blamejs/lib/sec-cyber.js +3 -3
  47. package/lib/vendor/blamejs/lib/sse.js +14 -14
  48. package/lib/vendor/blamejs/lib/tcpa-10dlc.js +5 -5
  49. package/lib/vendor/blamejs/lib/tenant-quota.js +18 -18
  50. package/lib/vendor/blamejs/package.json +1 -1
  51. package/lib/vendor/blamejs/release-notes/v0.13.43.json +39 -0
  52. package/lib/vendor/blamejs/release-notes/v0.13.44.json +31 -0
  53. package/lib/vendor/blamejs/test/layer-0-primitives/a2a.test.js +1 -1
  54. package/lib/vendor/blamejs/test/layer-0-primitives/ai-capability.test.js +15 -15
  55. package/lib/vendor/blamejs/test/layer-0-primitives/ai-dp.test.js +16 -16
  56. package/lib/vendor/blamejs/test/layer-0-primitives/ai-input.test.js +2 -2
  57. package/lib/vendor/blamejs/test/layer-0-primitives/ai-pref.test.js +2 -2
  58. package/lib/vendor/blamejs/test/layer-0-primitives/ai-quota.test.js +19 -19
  59. package/lib/vendor/blamejs/test/layer-0-primitives/audit-sign-ml-dsa-65.test.js +1 -1
  60. package/lib/vendor/blamejs/test/layer-0-primitives/boot-gates.test.js +1 -1
  61. package/lib/vendor/blamejs/test/layer-0-primitives/budr.test.js +3 -3
  62. package/lib/vendor/blamejs/test/layer-0-primitives/codebase-patterns.test.js +52 -0
  63. package/lib/vendor/blamejs/test/layer-0-primitives/content-credentials.test.js +3 -3
  64. package/lib/vendor/blamejs/test/layer-0-primitives/dark-patterns.test.js +2 -2
  65. package/lib/vendor/blamejs/test/layer-0-primitives/dr-runbook.test.js +1 -1
  66. package/lib/vendor/blamejs/test/layer-0-primitives/fapi2.test.js +6 -6
  67. package/lib/vendor/blamejs/test/layer-0-primitives/fdx.test.js +2 -2
  68. package/lib/vendor/blamejs/test/layer-0-primitives/graphql-federation.test.js +1 -1
  69. package/lib/vendor/blamejs/test/layer-0-primitives/iab-mspa.test.js +3 -3
  70. package/lib/vendor/blamejs/test/layer-0-primitives/iab-tcf.test.js +7 -7
  71. package/lib/vendor/blamejs/test/layer-0-primitives/mcp.test.js +5 -5
  72. package/lib/vendor/blamejs/test/layer-0-primitives/sse.test.js +1 -1
  73. package/lib/vendor/blamejs/test/layer-0-primitives/tcpa-10dlc.test.js +3 -3
  74. package/lib/vendor/blamejs/test/layer-0-primitives/tenant-quota.test.js +3 -3
  75. package/lib/vendor/blamejs/test/layer-0-primitives/ws-client.test.js +4 -1
  76. package/package.json +1 -1
@@ -35,7 +35,7 @@ async function run() {
35
35
  try { budget.observe("tenant-acme", { rowsRead: 200 }); }
36
36
  catch (e) { threwBudget = e; }
37
37
  check("observe throws when rowsRead exceeds cap",
38
- threwBudget && threwBudget.code === "tenantQuota/budget-exceeded");
38
+ threwBudget && threwBudget.code === "tenant-quota/budget-exceeded");
39
39
 
40
40
  budget.reset("tenant-acme");
41
41
  var snapReset = budget.snapshot("tenant-acme");
@@ -76,14 +76,14 @@ async function run() {
76
76
  });
77
77
  } catch (e) { threwBadDb = e; }
78
78
  check("create rejects non-b.db handle",
79
- threwBadDb && threwBadDb.code === "tenantQuota/bad-db");
79
+ threwBadDb && threwBadDb.code === "tenant-quota/bad-db");
80
80
 
81
81
  var threwBadField = null;
82
82
  try {
83
83
  b.tenantQuota.create({ db: b.db, tenantField: "", audit: false });
84
84
  } catch (e) { threwBadField = e; }
85
85
  check("create rejects empty tenantField",
86
- threwBadField && threwBadField.code === "tenantQuota/bad-field");
86
+ threwBadField && threwBadField.code === "tenant-quota/bad-field");
87
87
  }
88
88
 
89
89
  module.exports = { run: run };
@@ -254,7 +254,10 @@ async function run() {
254
254
  var c8 = b.wsClient.connect("ws://127.0.0.1:" + port8 + "/foo", {
255
255
  reconnect: false, audit: false, allowInternal: true,
256
256
  });
257
- await _sleep(150);
257
+ // Poll for handshake completion rather than a fixed-budget sleep — the
258
+ // 150ms budget flakes under SMOKE_PARALLEL=64 contention (rule §11b).
259
+ await helpers.waitUntil(function () { return c8.readyState === "open"; },
260
+ { timeoutMs: 5000, label: "ws-client: c8 handshake completes (readyState open)" });
258
261
  check("getter: url", c8.url.indexOf("/foo") !== -1);
259
262
  check("getter: readyState open after handshake", c8.readyState === "open");
260
263
  c8.close();
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@blamejs/blamejs-shop",
3
- "version": "0.2.23",
3
+ "version": "0.2.25",
4
4
  "description": "Open-source framework built on blamejs. Vendored stack, zero npm runtime deps, PQC-first crypto, security-on by default.",
5
5
  "main": "lib/index.js",
6
6
  "scripts": {