@brainerce/mcp-server 3.7.0 → 3.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/bin/stdio.js CHANGED
@@ -1153,6 +1153,8 @@ const material = getProductMetafieldValue(product, 'material');
1153
1153
 
1154
1154
  **Metafield fields:** \`definitionName\` (display label), \`definitionKey\` (lookup key), \`value\`, \`type\` (IMAGE, GALLERY, URL, COLOR, BOOLEAN, DATE, DATETIME, TEXT, TEXTAREA, NUMBER, DIMENSION, WEIGHT, JSON)
1155
1155
 
1156
+ **Translations:** When the store has i18n enabled and \`client.setLocale()\` is active, both the \`definitionName\` (the merchant-authored label like "Warranty Info" / "\u05DE\u05D9\u05D3\u05E2 \u05D0\u05D7\u05E8\u05D9\u05D5\u05EA") **and** free-text \`value\` come back already translated. No per-call locale param needed.
1157
+
1156
1158
  ### Product Customization Fields (Customer Input)
1157
1159
 
1158
1160
  Some products allow customers to provide input at purchase time (e.g., text on a cake, upload a logo). Check \`product.customizationFields\` and render input fields accordingly.
@@ -1286,6 +1288,8 @@ await client.removeCoupon(cartId);
1286
1288
  const totals = getCartTotals(cart); // { subtotal, discount, shipping, total }
1287
1289
  \`\`\`
1288
1290
 
1291
+ > **Region-restricted coupons:** a coupon may carry \`regionIds\`. If the buyer's checkout region isn't in that list, \`applyCoupon\` / \`applyCheckoutCoupon\` reject the code even when everything else matches. Empty/omitted \`regionIds\` = valid in all regions.
1292
+
1289
1293
  **On the checkout page** (after checkout session exists \u2014 ALWAYS use this when checkoutId is available):
1290
1294
  \`\`\`typescript
1291
1295
  // Applies to cart AND updates checkout totals in one call
@@ -1613,6 +1617,8 @@ const groups: ModifierGroup[] = product.modifierGroups ?? [];
1613
1617
 
1614
1618
  **Money fields are strings.** \`priceDelta\` is \`"5.00"\` (or \`"-2.00"\` for downsell modifiers \u2014 see below). Use \`parseFloat()\` for display arithmetic; never compute the line total client-side \u2014 the server runs the free-allocation policy and returns the final \`unitPrice\` snapshot on the cart line.
1615
1619
 
1620
+ **Translations are automatic.** Both \`group.name\`/\`group.description\` and each \`modifier.name\`/\`modifier.description\` are overlay-resolved by the server on every read. Call \`client.setLocale('he')\` once and the modifier picker renders in Hebrew with no extra code (\`"\u05EA\u05D5\u05E1\u05E4\u05D5\u05EA"\` / \`"\u05D6\u05D9\u05EA\u05D9\u05DD"\`). See the \`i18n\` topic for the full multi-language flow.
1621
+
1616
1622
  ### Render: SINGLE \u2192 radio, MULTIPLE \u2192 checkbox
1617
1623
 
1618
1624
  Walk \`groups\` and pick the input type by \`selectionType\`. Sort modifiers by \`position\`.
@@ -2014,19 +2020,24 @@ window.location.href = authorizationUrl;
2014
2020
  \`\`\`typescript
2015
2021
  const params = new URLSearchParams(window.location.search);
2016
2022
  if (params.get('oauth_success') === 'true') {
2017
- const token = params.get('token');
2018
- if (token) {
2019
- client.setCustomerToken(token);
2020
- localStorage.setItem('customerToken', token);
2021
- // Optional: read customer_id, customer_email, is_new from params
2023
+ // Single-use auth_code is exchanged for the JWT via POST \u2014 keeps the JWT
2024
+ // out of the URL (browser history, CDN logs, Referer header).
2025
+ const code = params.get('auth_code');
2026
+ if (code) {
2027
+ const result = await client.exchangeOAuthCode(code);
2028
+ client.setCustomerToken(result.token);
2029
+ localStorage.setItem('customerToken', result.token);
2030
+ // Optional: result.customer, result.isNewCustomer, result.redirectUrl
2022
2031
  // Link guest cart: await client.linkCart(cartId);
2023
- window.location.href = '/account';
2032
+ window.location.href = result.redirectUrl || '/account';
2024
2033
  }
2025
2034
  } else if (params.get('oauth_error')) {
2026
2035
  // Show error: params.get('oauth_error')
2027
2036
  }
2028
2037
  \`\`\`
2029
2038
 
2039
+ > The legacy redirect format placed the JWT directly in the URL as \`?token=\`. That format is still emitted for backward compatibility, but it will be removed in the next major release \u2014 migrate to \`auth_code\` + \`exchangeOAuthCode()\` now.
2040
+
2030
2041
  ### Account Page (/account) \u2014 uses getMyProfile() and getMyOrders()
2031
2042
 
2032
2043
  \`\`\`typescript
@@ -2200,9 +2211,12 @@ export async function generateMetadata({ params }: Props): Promise<Metadata> {
2200
2211
  const client = getServerClient();
2201
2212
  client.setLocale(locale);
2202
2213
  const product = await client.getProductBySlug(slug);
2214
+ // NEVER feed raw HTML into <meta name="description"> \u2014 product.description
2215
+ // is often rich-text HTML. Strip tags first, then truncate on a word
2216
+ // boundary. See buildMetaDescription() in lib/seo.ts.
2203
2217
  return {
2204
2218
  title: product.seoTitle || product.name,
2205
- description: product.seoDescription || product.description?.slice(0, 160),
2219
+ description: product.seoDescription || buildMetaDescription(product.description) || product.name,
2206
2220
  };
2207
2221
  }
2208
2222
  \`\`\`
@@ -2252,7 +2266,17 @@ overlay needed:
2252
2266
  - \`variants[].name\`
2253
2267
  - \`variant.attributes\` keys and values \u2014 \`getVariantOptions(variant)\` returns translated attribute names and option values automatically
2254
2268
  - \`productAttributeOptions[].attribute.name\`, \`attributeOption.name\`
2255
- - \`metafields[].value\`
2269
+ - \`metafields[].value\` (the free-text values customers submit)
2270
+ - \`metafields[].definition.name\`, \`metafields[].definition.description\` (the merchant-authored custom-field labels \u2014 "Warranty Info" / "\u05DE\u05D9\u05D3\u05E2 \u05D0\u05D7\u05E8\u05D9\u05D5\u05EA")
2271
+ - \`modifierGroups[].name\`, \`modifierGroups[].description\` (the group label shown on the PDP \u2014 e.g. "Toppings" / "\u05EA\u05D5\u05E1\u05E4\u05D5\u05EA")
2272
+ - \`modifierGroups[].modifiers[].name\`, \`modifierGroups[].modifiers[].description\` (each individual modifier \u2014 e.g. "Olives" / "\u05D6\u05D9\u05EA\u05D9\u05DD")
2273
+
2274
+ **Promotional surfaces:**
2275
+ - \`cart.bundles[].name\`, \`cart.bundles[].description\` (the bundle's own merchant-typed label, e.g. "Lunch Combo" / "\u05D0\u05E8\u05D5\u05D7\u05EA \u05E6\u05D4\u05E8\u05D9\u05D9\u05DD")
2276
+ - \`cart.bundles[].offeredProducts[].name\`, \`.slug\` (each product inside the bundle \u2014 fetched fresh from \`Product.translations\`)
2277
+ - \`checkout.bumps[].title\`, \`checkout.bumps[].description\` (the bump headline shown at checkout \u2014 falls back to the translated product name when merchant didn't override)
2278
+ - \`checkout.bumps[].bumpProduct.name\`, \`.slug\` (the underlying product)
2279
+ - Discount-rule names/descriptions (when surfaced as banner text via \`displayConfig\`)
2256
2280
 
2257
2281
  **Taxonomy (\`getCategories\`, \`getBrands\`, \`getTags\`):**
2258
2282
  - \`name\` on each item
@@ -2318,11 +2342,25 @@ Because the backend already overlays everything, UI code is just:
2318
2342
 
2319
2343
  ### RTL handling
2320
2344
 
2321
- For RTL locales (\`he\`, \`ar\`), set \`<html dir="rtl">\` in the root layout and
2322
- let flexbox reverse automatically. Do NOT add \`flex-row-reverse\` on top of
2323
- \`dir="rtl"\` \u2014 that's a double-swap. DO swap directional icons (chevrons,
2324
- arrows) manually. Use logical CSS properties (\`ms-*\`/\`me-*\`) instead of
2325
- \`ml-*\`/\`mr-*\`.
2345
+ Resolve direction with \`client.getStoreDirection(locale)\` \u2014 it returns
2346
+ \`'ltr' | 'rtl'\` for any BCP-47 tag (Arabic, Hebrew, Persian, Urdu, Yiddish
2347
+ today; future RTL locales added by the platform are picked up automatically).
2348
+ Do NOT maintain your own RTL locale set.
2349
+
2350
+ \`\`\`tsx
2351
+ // app/[locale]/layout.tsx
2352
+ const dir = client.getStoreDirection(locale);
2353
+ return <html lang={locale} dir={dir}>...</html>;
2354
+ \`\`\`
2355
+
2356
+ For static rendering, \`storeInfo.i18n.defaultDirection\` carries the store's
2357
+ default direction, and each entry in \`storeInfo.i18n.supportedLocaleObjects\`
2358
+ includes its own \`direction\`.
2359
+
2360
+ Let flexbox reverse automatically once \`<html dir="rtl">\` is set. Do NOT add
2361
+ \`flex-row-reverse\` on top \u2014 that's a double-swap. DO swap directional icons
2362
+ (chevrons, arrows) manually. Use logical CSS properties (\`ms-*\`/\`me-*\`)
2363
+ instead of \`ml-*\`/\`mr-*\`.
2326
2364
 
2327
2365
  ### Language switcher
2328
2366
 
@@ -2340,7 +2378,9 @@ const admin = new BrainerceClient({ apiKey: 'brainerce_...' });
2340
2378
 
2341
2379
  // Taxonomy: listCategories(), listBrands(), listTags(), listAttributes()
2342
2380
  // Shipping: listShippingZones(), createZoneShippingRate()
2343
- // Tax: getTaxRates(), createTaxRate()
2381
+ // Tax: getTaxRates(), createTaxRate() \u2014 a rate may target a tax class via taxClassId
2382
+ // Tax classes: getTaxClasses(), createTaxClass(), assignTaxClass(), mergeTaxClasses() (scope tax-classes:*)
2383
+ // Regions: getRegions(), createRegion(), setDefaultRegion(), updateRegionPaymentProviders() (scope regions:*)
2344
2384
  // Metafields: getMetafieldDefinitions(), setProductMetafield()
2345
2385
  // Team: getTeamMembers(), inviteTeamMember()
2346
2386
  // Email: getEmailTemplates(), createEmailTemplate()
@@ -2348,6 +2388,13 @@ const admin = new BrainerceClient({ apiKey: 'brainerce_...' });
2348
2388
  // OAuth: getOAuthProviders(), configureOAuthProvider()
2349
2389
  \`\`\`
2350
2390
 
2391
+ Store-level team management (\`inviteStoreMember\`, \`updateStoreMember\`) is the
2392
+ canonical replacement for the deprecated account-level helpers above. The
2393
+ invite accepts an optional \`salesChannelIds\` (vibe-coded \`connectionId\`s,
2394
+ \`vc_*\`) to restrict a member to specific channels \u2014 omit or pass \`[]\` for all
2395
+ channels. Use \`updateStoreMemberSalesChannels(storeId, memberId, { salesChannelIds })\`
2396
+ to change that scope later.
2397
+
2351
2398
  ### Per-Channel Publishing
2352
2399
 
2353
2400
  Categories, tags, brands, and metafield definitions are gated to specific
@@ -2379,7 +2426,70 @@ calls fail with \`404 Not Found\`.
2379
2426
 
2380
2427
  The vibe-coded read endpoints (used by storefront SDK calls in \`connectionId\`
2381
2428
  mode) automatically filter by these junction tables, so storefronts never see
2382
- entities that weren't published to their site.`;
2429
+ entities that weren't published to their site.
2430
+
2431
+ ### Tax classes (differential tax rates)
2432
+
2433
+ Charge different rates for different product types. A \`TaxRate\` may target a
2434
+ class via \`taxClassId\`; a rate with \`taxClassId: null\` is the **Standard
2435
+ fallback**. Checkout resolves each line's class **variant \u2192 product \u2192 category
2436
+ \u2192 store default \u2192 null**, then picks the matching rate (Standard if none).
2437
+ \`rate\` is a whole percentage (\`7.25\` = 7.25%). Requires the
2438
+ \`tax-classes:read\` / \`tax-classes:write\` scopes.
2439
+
2440
+ \`\`\`typescript
2441
+ const food = await admin.createTaxClass({ name: 'Food', slug: 'food' });
2442
+ await admin.assignTaxClass(food.id, { productIds: ['prod_1'], categoryIds: ['cat_food'] });
2443
+
2444
+ // class-specific rate \u2014 only food lines use it; everything else uses Standard
2445
+ await admin.createTaxRate({ name: 'VAT (Food)', rate: 0, country: 'GB', taxClassId: food.id });
2446
+
2447
+ // delete is blocked (409) while dependents exist \u2014 merge moves FKs then deletes:
2448
+ await admin.mergeTaxClasses(food.id, standardClassId);
2449
+ \`\`\`
2450
+
2451
+ Storefront (public, no apiKey \u2014 \`storeId\` mode): \`getStoreTaxClasses()\` lists
2452
+ the store's classes (storefront-safe fields only) for a transparency badge.
2453
+
2454
+ ### Regions (multi-currency / per-region providers)
2455
+
2456
+ A region binds countries \u2192 currency + tax-display mode + enabled payment
2457
+ providers. Manage them via the SDK (scopes \`regions:read\` / \`regions:write\`).
2458
+ \`detectRegion\` is a pure client-side helper to map a buyer's country to a
2459
+ region; pass the resolved \`regionId\` to \`createCheckout\` to associate the
2460
+ checkout with a region (recorded for reporting + provider scoping; currency
2461
+ follows the cart until FX price conversion lands).
2462
+
2463
+ \`\`\`typescript
2464
+ const eu = await admin.createRegion({
2465
+ name: 'EU', currency: 'EUR', countries: ['DE', 'FR'],
2466
+ taxInclusive: true, paymentProviderIds: ['app_inst_stripe'],
2467
+ });
2468
+ await admin.setDefaultRegion(eu.id);
2469
+
2470
+ const { data: regions } = await admin.getRegions();
2471
+ const region = admin.detectRegion('DE', regions); // \u2192 eu, else default, else null
2472
+ \`\`\`
2473
+
2474
+ Storefront (public, no apiKey \u2014 \`storeId\` mode): \`getStoreRegions()\` lists
2475
+ active regions, \`getStoreRegion(id)\` returns one region + its payment providers.
2476
+ Pair with \`detectRegion\` to pick the buyer's region for currency display.
2477
+
2478
+ \`\`\`typescript
2479
+ const store = new BrainerceClient({ storeId: 'store_123' });
2480
+ const { data: regions } = await store.getStoreRegions();
2481
+ const region = await store.getStoreRegion(regions[0].id);
2482
+ \`\`\`
2483
+
2484
+ A shipping zone can be limited to regions via \`regionIds\` \u2014 the zone is then
2485
+ only offered to checkouts that resolved to one of those regions. Empty/omitted =
2486
+ available for any region (default); each id must belong to the same store.
2487
+
2488
+ \`\`\`typescript
2489
+ await admin.createShippingZone({
2490
+ name: 'EU Express', countries: ['DE', 'FR', 'IT'], regionIds: [eu.id],
2491
+ });
2492
+ \`\`\``;
2383
2493
  }
2384
2494
  function getContactInquiriesSection() {
2385
2495
  return `## Contact Inquiries & Forms (optional)
@@ -2699,6 +2809,141 @@ and a \`newsletter\` form embedded in the footer), render each form from its
2699
2809
  own \`contactForms.get(key, locale)\` call. The \`formKey\` you pass to
2700
2810
  \`createInquiry\` must match.`;
2701
2811
  }
2812
+ function getContentSection() {
2813
+ return `## Content \u2014 typed merchant content store
2814
+
2815
+ Brainerce ships a typed content store so merchants can edit site chrome, FAQ,
2816
+ static pages, and inline rich-text blocks in the dashboard \u2014 without
2817
+ re-prompting the AI that built their storefront. Every row has a \`type\` +
2818
+ \`key\` + typed \`data\` payload + free-form \`customFields\`.
2819
+
2820
+ **Six content types.** Each one has a fixed \`data\` shape; the SDK's TypeScript
2821
+ generics keep them in lockstep:
2822
+
2823
+ | Type | Use for | \`data\` shape (abbreviated) |
2824
+ | -------------- | -------------------------------------- | --------------------------- |
2825
+ | \`FAQ\` | Q/A accordions | \`{ items: { question, answer }[] }\` |
2826
+ | \`FOOTER\` | Site footer (chrome) | \`{ columns, copyright?, social? }\` |
2827
+ | \`HEADER\` | Top nav + logo + CTA (chrome) | \`{ logo?, navItems, cta? }\` |
2828
+ | \`ANNOUNCEMENT\`| Banners; time-bound by \`startsAt/endsAt\` | \`{ message, severity, dismissible, ... }\` |
2829
+ | \`RICH_TEXT\` | Free-form HTML blocks embedded inline | \`{ html }\` |
2830
+ | \`PAGE\` | Static pages with slug + SEO | \`{ slug, title, html, seo? }\` |
2831
+
2832
+ Run \`get-type-definitions\` with \`domain: 'content'\` for the full interfaces.
2833
+
2834
+ ### Default key
2835
+
2836
+ Every type has \`'main'\` as its universal default key. \`client.content.faq.get()\`
2837
+ with no arguments resolves to \`key='main'\`. Topical keys (\`'shipping'\`,
2838
+ \`'holiday-2026'\`, \`'about'\`) are merchant-named.
2839
+
2840
+ ### Reading content (any SDK mode)
2841
+
2842
+ Public reads work in vibe-coded mode, storefront mode, and admin mode. They
2843
+ return \`null\` on 404 \u2014 render hard-coded fallbacks so the page never crashes
2844
+ when the merchant hasn't seeded yet.
2845
+
2846
+ \`\`\`ts
2847
+ // Single entry, default key 'main', resolved to a locale
2848
+ const faq = await client.content.faq.get('main', locale);
2849
+ if (faq) {
2850
+ faq.data.items.forEach(({ question, answer }) => {
2851
+ // Render question + sanitize(answer)
2852
+ });
2853
+ }
2854
+
2855
+ // All entries of a type
2856
+ const allFaqs = await client.content.faq.list(locale);
2857
+
2858
+ // Page by URL slug \u2014 for app/[slug]/page.tsx
2859
+ const page = await client.content.page.getBySlug(slug, locale);
2860
+ if (!page) notFound();
2861
+ \`\`\`
2862
+
2863
+ ### Security \u2014 sanitize HTML before rendering
2864
+
2865
+ \`FAQ.items[i].answer\`, \`RICH_TEXT.html\`, and \`PAGE.html\` carry
2866
+ MERCHANT-AUTHORED HTML. The server does NOT pre-sanitize \u2014 some merchants
2867
+ embed iframes (e.g. YouTube) which strict sanitizers would strip. ALWAYS
2868
+ sanitize on the storefront before injecting:
2869
+
2870
+ \`\`\`ts
2871
+ // Recommended: isomorphic-dompurify
2872
+ import DOMPurify from 'isomorphic-dompurify';
2873
+ const safe = DOMPurify.sanitize(rawHtml);
2874
+ <div dangerouslySetInnerHTML={{ __html: safe }} />;
2875
+ \`\`\`
2876
+
2877
+ Skipping this is XSS.
2878
+
2879
+ ### Custom fields
2880
+
2881
+ Every Content row carries a free-form \`customFields: Record<string, string>\`.
2882
+ Merchants add arbitrary key-value extras (\`helpEmail\`, \`phoneNumber\`,
2883
+ \`foundedYear\`) that you can opt into reading:
2884
+
2885
+ \`\`\`ts
2886
+ const faq = await client.content.faq.get('shipping');
2887
+ <a href={\`mailto:\${faq.customFields.helpEmail}\`}>Need help?</a>
2888
+ \`\`\`
2889
+
2890
+ The shape is whatever the merchant entered. Read keys you expect; ignore the rest.
2891
+
2892
+ ### Locale resolution
2893
+
2894
+ All public reads accept a \`locale\` argument. The server resolves
2895
+ \`translations[locale]\` server-side and returns the resolved \`data\` payload \u2014
2896
+ the storefront does NOT need to do its own overlay. Empty / missing translations
2897
+ fall through to the default-locale value.
2898
+
2899
+ ### Cache
2900
+
2901
+ Public reads carry \`Cache-Control: public, max-age=300, stale-while-revalidate=60\`.
2902
+ Merchant edits propagate within ~5 minutes. Don't layer extra client-side
2903
+ caching beyond Next.js's default fetch cache.
2904
+
2905
+ ### Admin writes (apiKey mode)
2906
+
2907
+ \`\`\`ts
2908
+ const adminClient = new BrainerceClient({ apiKey: process.env.BRAINERCE_API_KEY });
2909
+
2910
+ // Create \u2014 always starts in DRAFT
2911
+ const faq = await adminClient.content.faq.create({
2912
+ key: 'shipping',
2913
+ name: 'Shipping FAQ',
2914
+ data: { items: [{ question: 'How long?', answer: 'Most orders ship in 2 days.' }] },
2915
+ });
2916
+
2917
+ // Update (data replaces wholesale; last-write-wins on the data field)
2918
+ await adminClient.content.update(faq.id, {
2919
+ data: { items: [{ question: 'How long?', answer: 'Updated answer.' }] },
2920
+ });
2921
+
2922
+ // Publish / unpublish
2923
+ await adminClient.content.publish(faq.id);
2924
+ await adminClient.content.unpublish(faq.id);
2925
+
2926
+ // Hard delete
2927
+ await adminClient.content.remove(faq.id);
2928
+ \`\`\`
2929
+
2930
+ Write operations throw if called from vibe-coded or storefront mode.
2931
+
2932
+ ### Reserved key convention
2933
+
2934
+ \`'main'\` is reserved as the universal default. Don't use it for topical
2935
+ entries \u2014 pick a descriptive slug (\`'shipping'\`, \`'returns'\`, \`'about'\`,
2936
+ \`'holiday-2026'\`). The validation rule is \`^[a-z][a-z0-9-]*$\`, max 64 chars.
2937
+
2938
+ ### See also
2939
+
2940
+ - \`get-business-flows\` with \`flow: 'content-bootstrap'\` for the full
2941
+ layout / FAQ / page recipe.
2942
+ - \`get-required-features\` lists each Content surface (\`site-header\`,
2943
+ \`site-footer\`, \`announcement-bar\`, \`faq-page\`, \`static-pages\`).
2944
+ - \`get-type-definitions\` with \`domain: 'content'\` for the TypeScript
2945
+ interfaces.`;
2946
+ }
2702
2947
  function getSectionByTopic(topic, connectionId, currency) {
2703
2948
  const cid = connectionId || "vc_YOUR_CONNECTION_ID";
2704
2949
  const cur = currency || "USD";
@@ -2745,6 +2990,8 @@ function getSectionByTopic(topic, connectionId, currency) {
2745
2990
  return getAdminApiSection();
2746
2991
  case "inquiries":
2747
2992
  return getContactInquiriesSection();
2993
+ case "content":
2994
+ return getContentSection();
2748
2995
  case "all":
2749
2996
  return [
2750
2997
  "# Brainerce SDK \u2014 full topic dump",
@@ -2833,10 +3080,14 @@ function getSectionByTopic(topic, connectionId, currency) {
2833
3080
  "",
2834
3081
  "---",
2835
3082
  "",
2836
- getContactInquiriesSection()
3083
+ getContactInquiriesSection(),
3084
+ "",
3085
+ "---",
3086
+ "",
3087
+ getContentSection()
2837
3088
  ].join("\n");
2838
3089
  default:
2839
- return `Unknown topic: "${topic}". Available topics: setup, products, cart, checkout, checkout-custom-fields, payment, auth, order-confirmation, inventory, discounts, recommendations, product-customization-fields, tax, i18n, critical-rules, type-reference, admin, inquiries, all`;
3090
+ return `Unknown topic: "${topic}". Available topics: setup, products, cart, checkout, checkout-custom-fields, payment, auth, order-confirmation, inventory, discounts, recommendations, product-customization-fields, tax, i18n, critical-rules, type-reference, admin, inquiries, content, all`;
2840
3091
  }
2841
3092
  }
2842
3093
 
@@ -2864,6 +3115,7 @@ var GET_SDK_DOCS_SCHEMA = {
2864
3115
  "i18n",
2865
3116
  "admin",
2866
3117
  "inquiries",
3118
+ "content",
2867
3119
  "all"
2868
3120
  ]).describe("The SDK documentation topic to retrieve"),
2869
3121
  salesChannelId: import_zod.z.string().optional().describe("Sales channel ID (starts with vc_). Used to personalize setup code."),
@@ -2895,11 +3147,11 @@ interface Product {
2895
3147
  description?: string | null;
2896
3148
  descriptionFormat?: 'text' | 'html' | 'markdown' | null;
2897
3149
  sku: string;
2898
- basePrice: string; // Use parseFloat() for calculations
2899
- salePrice?: string | null;
3150
+ basePrice: string; // For VARIABLE products: MIN(variants.price). For SIMPLE: the parent price. parseFloat() for math.
3151
+ salePrice?: string | null; // For VARIABLE: MIN(variants.salePrice WHERE NOT NULL) \u2014 null iff no variant is on sale (WC is_on_sale() semantic). For SIMPLE: the parent sale price. Reliable "on sale?" check: product.salePrice !== null.
2900
3152
  costPrice?: string | null;
2901
- priceMin?: string | null; // Lowest variant price (VARIABLE products). Use for catalog/JSON-LD range display.
2902
- priceMax?: string | null; // Highest variant price (VARIABLE products).
3153
+ priceMin?: string | null; // Lowest variant price (VARIABLE products) \u2014 same as basePrice for VARIABLE, kept for back-compat and JSON-LD range display.
3154
+ priceMax?: string | null; // Highest variant price (VARIABLE products). Use with priceMin for "\u20AA49 \u2013 \u20AA199" range.
2903
3155
  priceVaries?: boolean; // true when variant prices differ \u2014 show "\u20AA49 \u2013 \u20AA199" range.
2904
3156
  status: string;
2905
3157
  type: 'SIMPLE' | 'VARIABLE';
@@ -3015,6 +3267,11 @@ interface ProductQueryParams {
3015
3267
  metafields?: Record<string, string | string[]>;
3016
3268
  sortBy?: 'name' | 'price' | 'createdAt';
3017
3269
  sortOrder?: 'asc' | 'desc';
3270
+ // PRD \xA722: resolve DISPLAY prices for this region. When set + valid, each
3271
+ // product/variant gains resolvedPrice/resolvedCurrency/priceSource (additive;
3272
+ // basePrice/salePrice untouched). Absent/invalid region \u2192 nothing attached.
3273
+ // Display-only. Ignored in vibe-coded (vc_*) mode (storefront/admin paths only).
3274
+ regionId?: string;
3018
3275
  }
3019
3276
 
3020
3277
  interface SearchSuggestions {
@@ -3140,6 +3397,7 @@ interface Checkout {
3140
3397
  status: CheckoutStatus;
3141
3398
  email?: string | null;
3142
3399
  customerId?: string | null;
3400
+ regionId?: string | null; // multi-region: recorded for reporting + provider scoping (currency follows the cart until FX lands)
3143
3401
  shippingAddress?: CheckoutAddress | null;
3144
3402
  billingAddress?: CheckoutAddress | null;
3145
3403
  shippingRateId?: string | null;
@@ -3216,6 +3474,7 @@ interface CreateCheckoutDto {
3216
3474
  cartId: string;
3217
3475
  customerId?: string;
3218
3476
  selectedItemIds?: string[]; // Partial checkout
3477
+ regionId?: string; // multi-region: associate the checkout with a region (must belong to the store; 400 if unknown)
3219
3478
  }
3220
3479
 
3221
3480
  // startGuestCheckout() return type \u2014 DISCRIMINATED UNION
@@ -3234,6 +3493,8 @@ interface TaxBreakdownItem {
3234
3493
  name: string;
3235
3494
  rate: number; // decimal: 0.17 = 17%
3236
3495
  amount: number;
3496
+ taxClassId?: string | null; // rate's tax class (null = Standard)
3497
+ taxClassSlug?: string | null; // class slug for attribution (null = Standard)
3237
3498
  }`;
3238
3499
  var ORDERS_TYPES = `// ---- Orders ----
3239
3500
 
@@ -3291,6 +3552,7 @@ interface OrderItem {
3291
3552
  // Snapshot of buyer-submitted customization values captured at checkout.
3292
3553
  // Keyed by metafield slug. \`value\` is string[] for MULTI_SELECT / GALLERY, string otherwise.
3293
3554
  customizations?: Record<string, { label: string; value: string | string[]; type: string }>;
3555
+ taxClassSlug?: string; // frozen slug of the line's resolved tax class (omitted = Standard fallback)
3294
3556
  }
3295
3557
 
3296
3558
  interface OrderCustomer {
@@ -3473,7 +3735,7 @@ function formatPrice(priceString: string | number | undefined | null, options?:
3473
3735
  function getProductPrice(product: Pick<Product, 'basePrice' | 'salePrice'>): number;
3474
3736
  function getProductPriceInfo(product: Pick<Product, 'basePrice' | 'salePrice' | 'discount' | 'priceMin' | 'priceVaries'>): {
3475
3737
  price: number; originalPrice: number; isOnSale: boolean; discountAmount: number; discountPercent: number;
3476
- }; // Falls back to priceMin when basePrice=0 (VARIABLE products)
3738
+ }; // For VARIABLE products, basePrice/salePrice are pre-aggregated (MIN of variants) \u2014 the helper just reads them. Use this whenever you need an "on sale?" badge or a "X% off" label.
3477
3739
  function getVariantPrice(variant: Pick<ProductVariant, 'price' | 'salePrice'>, productBasePrice: string): number;
3478
3740
 
3479
3741
  // Cart helpers
@@ -3856,6 +4118,245 @@ export interface ModifierValidationError {
3856
4118
  // The cart line then carries:
3857
4119
  // cart.items[i].modifiers \u2014 CartItemModifierLine[]
3858
4120
  // cart.items[i].modifiersTotal \u2014 decimal string of the paid (non-free) deltas`;
4121
+ var CONTENT_TYPES = `// ---- Content (typed merchant content store) ----
4122
+ // Brainerce ships a typed content store so merchants can edit FAQ, footer,
4123
+ // header, announcements, rich text, and static pages in the dashboard
4124
+ // without re-prompting the AI that built the storefront. Every row has a
4125
+ // 'type' + 'key' + typed 'data' payload + free-form 'customFields'.
4126
+ //
4127
+ // SECURITY (read carefully):
4128
+ // RICH_TEXT.html, PAGE.html, and FAQ answers are MERCHANT-AUTHORED HTML.
4129
+ // ALWAYS sanitize with isomorphic-dompurify (or equivalent) before
4130
+ // injecting via dangerouslySetInnerHTML. The server does NOT pre-sanitize
4131
+ // because some merchants embed iframes (e.g. YouTube) which strict
4132
+ // sanitizers would strip; the storefront chooses the policy.
4133
+ //
4134
+ // 404 contract: client.content.<type>.get(key) returns null when no
4135
+ // PUBLISHED row exists. Always render a hard-coded fallback on null so
4136
+ // the page never crashes when the merchant hasn't seeded yet.
4137
+ //
4138
+ // Default key: every type has 'main' as its universal default. Pass no
4139
+ // argument to fetch the main entry; pass a custom key ('shipping',
4140
+ // 'holiday-2026', 'about') for topical entries.
4141
+
4142
+ export type ContentType = 'FAQ' | 'FOOTER' | 'HEADER' | 'ANNOUNCEMENT' | 'RICH_TEXT' | 'PAGE';
4143
+ export type ContentStatus = 'DRAFT' | 'PUBLISHED';
4144
+
4145
+ export interface FaqItem {
4146
+ question: string;
4147
+ /** Sanitized HTML \u2014 sanitize before rendering. */
4148
+ answer: string;
4149
+ }
4150
+ export interface FaqContent { items: FaqItem[] }
4151
+
4152
+ export interface FooterLink { label: string; url: string }
4153
+ export interface FooterColumn { title: string; links: FooterLink[] }
4154
+ export interface FooterSocialLink { platform: string; url: string } // 'instagram' | 'facebook' | 'x' | ...
4155
+ export interface FooterContent {
4156
+ columns: FooterColumn[];
4157
+ copyright?: string;
4158
+ social?: FooterSocialLink[];
4159
+ }
4160
+
4161
+ export interface HeaderLogo { src: string; alt: string }
4162
+ export interface HeaderNavItem { label: string; url: string }
4163
+ export interface HeaderCta { label: string; url: string }
4164
+ export interface HeaderContent {
4165
+ logo?: HeaderLogo;
4166
+ navItems: HeaderNavItem[];
4167
+ cta?: HeaderCta;
4168
+ }
4169
+
4170
+ export type AnnouncementSeverity = 'info' | 'warning' | 'success';
4171
+ export interface AnnouncementContent {
4172
+ message: string;
4173
+ severity: AnnouncementSeverity;
4174
+ dismissible: boolean;
4175
+ /** ISO 8601 \u2014 filter client-side. */
4176
+ startsAt?: string;
4177
+ endsAt?: string;
4178
+ ctaLabel?: string;
4179
+ ctaHref?: string;
4180
+ }
4181
+
4182
+ export interface RichTextContent {
4183
+ /** Raw HTML \u2014 sanitize before rendering. */
4184
+ html: string;
4185
+ }
4186
+
4187
+ export interface PageSeo {
4188
+ title?: string;
4189
+ description?: string;
4190
+ ogImage?: string;
4191
+ }
4192
+ export interface PageContent {
4193
+ /** URL slug, lower-kebab. */
4194
+ slug: string;
4195
+ title: string;
4196
+ /** Raw HTML \u2014 sanitize before rendering. */
4197
+ html: string;
4198
+ seo?: PageSeo;
4199
+ }
4200
+
4201
+ export interface ContentSummary {
4202
+ id: string;
4203
+ type: ContentType;
4204
+ key: string;
4205
+ name: string;
4206
+ status: ContentStatus;
4207
+ position: number;
4208
+ updatedAt: string;
4209
+ }
4210
+
4211
+ export interface Content<T extends ContentType = ContentType> extends ContentSummary {
4212
+ type: T;
4213
+ data: T extends 'FAQ' ? FaqContent
4214
+ : T extends 'FOOTER' ? FooterContent
4215
+ : T extends 'HEADER' ? HeaderContent
4216
+ : T extends 'ANNOUNCEMENT' ? AnnouncementContent
4217
+ : T extends 'RICH_TEXT' ? RichTextContent
4218
+ : T extends 'PAGE' ? PageContent
4219
+ : never;
4220
+ /** Free-form merchant-defined extras. Read keys the merchant told you to expect. */
4221
+ customFields: Record<string, string>;
4222
+ salesChannelIds: string[];
4223
+ }
4224
+
4225
+ // ---- SDK usage examples ----
4226
+ //
4227
+ // FAQ \u2014 render an accordion from the main FAQ (or a topical one):
4228
+ // const faq = await client.content.faq.get('main', locale); // 'shipping', 'returns', ...
4229
+ // if (faq) {
4230
+ // faq.data.items.forEach(({ question, answer }) => {
4231
+ // // Render question + sanitize(answer) \u2014 never inject raw HTML.
4232
+ // });
4233
+ // }
4234
+ //
4235
+ // Footer \u2014 server component in root layout:
4236
+ // const footer = await client.content.footer.get('main', locale);
4237
+ // if (!footer) return <Fallback />;
4238
+ // // Render footer.data.columns, footer.data.social, footer.data.copyright
4239
+ //
4240
+ // Header \u2014 same pattern as footer:
4241
+ // const header = await client.content.header.get('main', locale);
4242
+ //
4243
+ // Announcement \u2014 multiple may be active; filter by date client-side:
4244
+ // const announcements = await client.content.announcement.list(locale);
4245
+ // const now = Date.now();
4246
+ // const active = announcements.filter((a) => {
4247
+ // const startOk = !a.data.startsAt || new Date(a.data.startsAt).getTime() <= now;
4248
+ // const endOk = !a.data.endsAt || new Date(a.data.endsAt).getTime() >= now;
4249
+ // return startOk && endOk;
4250
+ // });
4251
+ //
4252
+ // Rich text \u2014 inline block anywhere on a page:
4253
+ // const block = await client.content.richText.get('about-intro', locale);
4254
+ // <div dangerouslySetInnerHTML={{ __html: sanitize(block.data.html) }} />
4255
+ //
4256
+ // Page \u2014 catch-all route by slug (e.g. /about, /terms, /privacy):
4257
+ // // app/[slug]/page.tsx
4258
+ // const page = await client.content.page.getBySlug(params.slug, locale);
4259
+ // if (!page) notFound();
4260
+ // // page.data.title, page.data.html, page.data.seo
4261
+ // return <article dangerouslySetInnerHTML={{ __html: sanitize(page.data.html) }} />;
4262
+ //
4263
+ // Custom fields \u2014 every Content row carries a free-form Record<string, string>:
4264
+ // const faq = await client.content.faq.get('shipping');
4265
+ // <a href={\`mailto:\${faq.customFields.helpEmail}\`}>Need help?</a>
4266
+ //
4267
+ // Cache \u2014 public reads carry Cache-Control: public, max-age=300,
4268
+ // stale-while-revalidate=60. Storefront changes propagate within ~5 min
4269
+ // of the merchant publishing. Do not add extra client-side caching
4270
+ // beyond Next.js's default fetch cache.`;
4271
+ var REGIONS_TYPES = `// ---- Regions & Tax Classes (Admin mode, apiKey) ----
4272
+ // storeId is derived from the API key \u2014 never pass it on admin calls.
4273
+
4274
+ // ---- Regions ---- (scopes: regions:read / regions:write)
4275
+ // A region binds countries \u2192 currency + tax-display mode + payment providers.
4276
+ interface Region {
4277
+ id: string;
4278
+ accountId: string;
4279
+ storeId: string;
4280
+ name: string;
4281
+ slug: string;
4282
+ currency: string; // ISO 4217, e.g. "EUR"
4283
+ countries: string[]; // ISO 3166-1 alpha-2, e.g. ["DE","FR"]
4284
+ taxInclusive: boolean; // show prices tax-inclusive in this region?
4285
+ automaticTaxes: boolean;
4286
+ isDefault: boolean; // fallback when buyer's country maps to no region
4287
+ isActive: boolean;
4288
+ paymentProviders?: RegionPaymentProvider[];
4289
+ createdAt: string;
4290
+ updatedAt: string;
4291
+ }
4292
+
4293
+ interface RegionPaymentProvider {
4294
+ id: string;
4295
+ regionId: string;
4296
+ appInstallationId: string;
4297
+ isEnabled: boolean;
4298
+ createdAt: string;
4299
+ }
4300
+
4301
+ interface CreateRegionDto {
4302
+ name: string;
4303
+ currency: string; // ISO 4217
4304
+ countries: string[]; // ISO 3166-1 alpha-2
4305
+ taxInclusive?: boolean;
4306
+ automaticTaxes?: boolean;
4307
+ isDefault?: boolean;
4308
+ paymentProviderIds?: string[]; // AppInstallation IDs to enable here
4309
+ }
4310
+ interface UpdateRegionDto extends Partial<CreateRegionDto> { isActive?: boolean }
4311
+
4312
+ // client.detectRegion(country, regions): Region | null \u2014 pure, no network.
4313
+ // \u2192 region whose countries includes the code, else the default region, else null.
4314
+ // Pass the resolved regionId to createCheckout to associate the checkout with a
4315
+ // region (recorded for reporting + provider scoping; currency follows the cart
4316
+ // until FX price conversion lands).
4317
+ //
4318
+ // Storefront (public, no apiKey \u2014 storeId mode):
4319
+ interface PublicRegion {
4320
+ id: string; name: string; slug: string; currency: string;
4321
+ countries: string[]; taxInclusive: boolean; isDefault: boolean;
4322
+ }
4323
+ interface PublicRegionDetail extends PublicRegion {
4324
+ paymentProviders: Array<{ id: string; appId: string; name: string | null }>;
4325
+ }
4326
+ // getStoreRegions(): { data: PublicRegion[] } \u2014 active regions, default first.
4327
+ // getStoreRegion(regionId): PublicRegionDetail \u2014 one region + its providers.
4328
+
4329
+ // ---- Tax Classes ---- (scopes: tax-classes:read / tax-classes:write)
4330
+ // Charge differential rates by product type. A TaxRate may target a class via
4331
+ // taxClassId; a rate with taxClassId=null is the Standard fallback. Per-line
4332
+ // resolution: variant \u2192 product \u2192 category \u2192 store default \u2192 null.
4333
+ interface TaxClass {
4334
+ id: string;
4335
+ accountId: string;
4336
+ storeId: string;
4337
+ name: string;
4338
+ slug: string; // kebab-case, unique per store
4339
+ description?: string | null;
4340
+ isDefault: boolean; // auto-applied to products without an explicit class
4341
+ createdAt: string;
4342
+ updatedAt: string;
4343
+ }
4344
+ interface CreateTaxClassDto { name: string; slug: string; description?: string; isDefault?: boolean }
4345
+ type UpdateTaxClassDto = Partial<CreateTaxClassDto>;
4346
+ // Bulk-assign a class to entities:
4347
+ interface AssignTaxClassDto { productIds?: string[]; variantIds?: string[]; categoryIds?: string[] }
4348
+
4349
+ // TaxRate / CreateTaxRateDto carry an optional taxClassId (null = Standard).
4350
+ // rate is a WHOLE PERCENTAGE (7.25 = 7.25%).
4351
+ //
4352
+ // SDK methods (admin):
4353
+ // Regions: getRegions(), getRegion(id), createRegion(dto), updateRegion(id, dto),
4354
+ // deleteRegion(id), setDefaultRegion(id), updateRegionPaymentProviders(id, ids),
4355
+ // addRegionCountries(id, codes), removeRegionCountry(id, code),
4356
+ // getRegionCompatibleProviders(id), detectRegion(country, regions)
4357
+ // Tax classes: getTaxClasses(), getTaxClass(id), createTaxClass(dto), updateTaxClass(id, dto),
4358
+ // deleteTaxClass(id), setDefaultTaxClass(id), assignTaxClass(id, dto),
4359
+ // mergeTaxClasses(id, targetId)`;
3859
4360
  var TYPES_BY_DOMAIN = {
3860
4361
  products: PRODUCTS_TYPES,
3861
4362
  cart: CART_TYPES,
@@ -3866,7 +4367,9 @@ var TYPES_BY_DOMAIN = {
3866
4367
  helpers: HELPERS_TYPES,
3867
4368
  inquiries: INQUIRIES_TYPES,
3868
4369
  reviews: REVIEWS_TYPES,
3869
- "modifier-groups": MODIFIER_GROUPS_TYPES
4370
+ "modifier-groups": MODIFIER_GROUPS_TYPES,
4371
+ content: CONTENT_TYPES,
4372
+ regions: REGIONS_TYPES
3870
4373
  };
3871
4374
  function getTypesByDomain(domain) {
3872
4375
  if (domain === "all") {
@@ -3897,9 +4400,12 @@ var GET_TYPE_DEFINITIONS_SCHEMA = {
3897
4400
  "helpers",
3898
4401
  "inquiries",
3899
4402
  "reviews",
4403
+ "modifier-groups",
4404
+ "content",
4405
+ "regions",
3900
4406
  "all"
3901
4407
  ]).describe(
3902
- 'The domain of types to retrieve. Use "helpers" for helper function signatures and common types like StoreInfo, PaginatedResponse.'
4408
+ 'The domain of types to retrieve. Use "helpers" for helper function signatures and common types like StoreInfo, PaginatedResponse. Use "content" for FAQ / Footer / Header / Announcement / RichText / Page. Use "regions" for Region / TaxClass admin types.'
3903
4409
  )
3904
4410
  };
3905
4411
  async function handleGetTypeDefinitions(args) {
@@ -4446,8 +4952,10 @@ client.setLocale(locale);
4446
4952
  // order bumps, search suggestions, discount banners, nudges,
4447
4953
  // badges, order history.
4448
4954
 
4449
- // For RTL locales (he, ar), set the document direction.
4450
- // Framework-neutral: document.documentElement.setAttribute('dir', 'rtl');`,
4955
+ // For RTL direction, do not hardcode the locale list. Ask the SDK:
4956
+ // const dir = client.getStoreDirection(currentLocale); // 'ltr' | 'rtl'
4957
+ // document.documentElement.setAttribute('dir', dir);
4958
+ // (Or in React: <html dir={dir}>...</html>.)`,
4451
4959
  "order-history-full": `// Full "My Orders" account page. Render every piece of data the server
4452
4960
  // already returns \u2014 not just order number / total / status.
4453
4961
  //
@@ -5539,7 +6047,7 @@ var RULES = {
5539
6047
  body: `- NEVER hardcode currency, locale, or language strings. Read them from \`get-store-info\` / \`get-store-capabilities\` and use the configured values.
5540
6048
  - NEVER format prices with \`toFixed(2)\` or custom logic. Use \`formatPrice()\` from the SDK \u2014 it honors the store's currency and locale.
5541
6049
  - When the store has i18n enabled (\`capabilities.store.i18n.enabled === true\`), you MUST call \`client.setLocale(locale)\` at app init and include a language switcher. All SDK reads will then return localized content automatically.
5542
- - For RTL locales (\`he\`, \`ar\`), set the document direction to RTL. Do not manually reverse flex layouts \u2014 the platform's CSS reversal handles it.`
6050
+ - For RTL direction, do NOT maintain a local list of RTL locales. Call \`client.getStoreDirection(locale)\` \u2014 it returns \`'ltr' | 'rtl'\` for any BCP-47 tag (covers Arabic, Hebrew, Persian, Urdu, Yiddish, and any future RTL locales the platform adds). Set \`<html dir={...}>\` from this value. The platform's CSS reversal handles flex layouts \u2014 do not manually swap them.`
5543
6051
  },
5544
6052
  types: {
5545
6053
  title: "Type safety",
@@ -5587,6 +6095,7 @@ var GET_BUSINESS_FLOWS_SCHEMA = {
5587
6095
  "cart-persistence",
5588
6096
  "inventory-reservation",
5589
6097
  "product-customization",
6098
+ "content-bootstrap",
5590
6099
  "all"
5591
6100
  ]).describe('Which flow to retrieve. Use "all" to get every flow.')
5592
6101
  };
@@ -5686,11 +6195,16 @@ Build both steps EVEN IF the store has no email provider configured today \u2014
5686
6195
  });
5687
6196
  window.location.href = authorizationUrl; // full-page redirect, NOT a popup
5688
6197
  \`\`\`
5689
- 3. **On the callback page** the URL contains \`token\` + \`oauth_success\` (or \`oauth_error\`) query params. Extract and apply the token:
6198
+ 3. **On the callback page** the URL contains \`auth_code\` + \`oauth_success\` (or \`oauth_error\`) query params. Exchange the single-use code for the JWT \u2014 never read the token from the URL:
5690
6199
  \`\`\`ts
5691
- const token = new URLSearchParams(location.search).get('token');
5692
- if (token) client.setCustomerToken(token); // then redirect to account
6200
+ const params = new URLSearchParams(location.search);
6201
+ const code = params.get('auth_code');
6202
+ if (code) {
6203
+ const result = await client.exchangeOAuthCode(code);
6204
+ client.setCustomerToken(result.token); // then redirect to account
6205
+ }
5693
6206
  \`\`\`
6207
+ The legacy \`?token=\` URL param is still emitted for backward compatibility but will be removed in the next major release \u2014 migrate to \`auth_code\` now.
5694
6208
  4. **On \`oauth_error\`:** redirect to login with an error message.
5695
6209
 
5696
6210
  Build the OAuth button region AND the callback handler even when no providers are configured. They auto-hide.`
@@ -5777,6 +6291,76 @@ Server-side guardrails that WILL reject bad requests (so validate client-side to
5777
6291
  - More than 10 uploads per IP per minute \u2192 429.
5778
6292
 
5779
6293
  Never render customization fields without also wiring the upload + metadata flow \u2014 a form that submits nothing is worse than no form at all.`
6294
+ },
6295
+ "content-bootstrap": {
6296
+ title: "Content Bootstrap \u2014 site chrome & static content",
6297
+ body: `Every Brainerce storefront should render merchant-defined site chrome (header, footer, announcements, FAQ, static pages) from the Content API. The merchant edits these in the Brainerce dashboard; storefronts pick up changes within ~5 minutes (public reads carry \`Cache-Control: public, max-age=300, stale-while-revalidate=60\`).
6298
+
6299
+ 1. **Fetch chrome at the root layout** (server component if Next.js). All three return \`null\` on 404 \u2014 render hard-coded fallbacks so the page never crashes when the merchant hasn't seeded yet.
6300
+ \`\`\`ts
6301
+ const [header, footer, announcements] = await Promise.all([
6302
+ client.content.header.get('main', locale),
6303
+ client.content.footer.get('main', locale),
6304
+ client.content.announcement.list(locale),
6305
+ ]);
6306
+ \`\`\`
6307
+
6308
+ 2. **FAQ \u2014 fetch lazily on the FAQ page.** Default key is \`'main'\`; pass a topical key (\`'shipping'\`, \`'returns'\`) for sub-FAQs.
6309
+ \`\`\`ts
6310
+ const faq = await client.content.faq.get('main', locale);
6311
+ if (faq) {
6312
+ faq.data.items.forEach(({ question, answer }) => {
6313
+ // sanitize(answer) \u2014 see step 4
6314
+ });
6315
+ }
6316
+ \`\`\`
6317
+
6318
+ 3. **Static pages \u2014 catch-all route by slug:**
6319
+ \`\`\`tsx
6320
+ // app/[slug]/page.tsx
6321
+ export default async function Page({ params }) {
6322
+ const page = await client.content.page.getBySlug(params.slug, locale);
6323
+ if (!page) notFound();
6324
+ return (
6325
+ <article dangerouslySetInnerHTML={{ __html: sanitize(page.data.html) }} />
6326
+ );
6327
+ }
6328
+ \`\`\`
6329
+
6330
+ 4. **SECURITY \u2014 sanitize HTML before rendering.** \`FAQ.items[i].answer\`, \`PAGE.html\`, and \`RICH_TEXT.html\` are merchant-authored HTML. The server does NOT pre-sanitize because some merchants embed iframes (e.g. YouTube). Always sanitize at the edge of your render:
6331
+ \`\`\`ts
6332
+ import DOMPurify from 'isomorphic-dompurify';
6333
+ const safe = DOMPurify.sanitize(rawHtml);
6334
+ <div dangerouslySetInnerHTML={{ __html: safe }} />;
6335
+ \`\`\`
6336
+ Skipping this is XSS.
6337
+
6338
+ 5. **Announcements \u2014 multiple may be active; filter by date client-side:**
6339
+ \`\`\`ts
6340
+ const now = Date.now();
6341
+ const visible = announcements.filter((a) => {
6342
+ const startOk = !a.data.startsAt || new Date(a.data.startsAt).getTime() <= now;
6343
+ const endOk = !a.data.endsAt || new Date(a.data.endsAt).getTime() >= now;
6344
+ return startOk && endOk;
6345
+ });
6346
+ \`\`\`
6347
+
6348
+ 6. **RTL direction \u2014 call \`client.getStoreDirection(locale)\`:**
6349
+ \`\`\`tsx
6350
+ const dir = client.getStoreDirection(locale);
6351
+ <html lang={locale} dir={dir}>...</html>
6352
+ \`\`\`
6353
+ Do NOT maintain a local RTL locale set \u2014 the SDK helper covers Arabic / Hebrew / Persian / Urdu / Yiddish today and picks up any future RTL locale automatically.
6354
+
6355
+ 7. **Custom fields \u2014 every Content row has free-form \`customFields: Record<string, string>\`.** Read keys the merchant told you to expect:
6356
+ \`\`\`ts
6357
+ const faq = await client.content.faq.get('shipping');
6358
+ <a href={\`mailto:\${faq.customFields.helpEmail}\`}>Need help?</a>
6359
+ \`\`\`
6360
+
6361
+ 8. **Cache:** public reads carry \`Cache-Control: public, max-age=300, stale-while-revalidate=60\`. Don't add extra client-side caching beyond Next.js's default fetch cache \u2014 merchants expect their edits to appear within ~5 minutes.
6362
+
6363
+ **Translations.** All public reads accept a \`locale\` argument; the server resolves \`translations[locale]\` server-side. Empty / missing overlays fall through to the default-locale value. The storefront does NOT need to do its own per-field overlay \u2014 call with the active locale and render what comes back.`
5780
6364
  }
5781
6365
  };
5782
6366
  var FLOW_ORDER = [
@@ -5788,7 +6372,8 @@ var FLOW_ORDER = [
5788
6372
  "order-confirmation",
5789
6373
  "cart-persistence",
5790
6374
  "inventory-reservation",
5791
- "product-customization"
6375
+ "product-customization",
6376
+ "content-bootstrap"
5792
6377
  ];
5793
6378
  async function handleGetBusinessFlows(args) {
5794
6379
  const header = "# Brainerce Business Flows\n\nThese sequences are framework-neutral and non-negotiable. Your framework and file layout are your choice \u2014 the order of SDK calls and the error handling is not.";
@@ -6000,11 +6585,57 @@ var FEATURES = [
6000
6585
  {
6001
6586
  id: "i18n",
6002
6587
  title: "Serve multiple languages with a language switcher",
6003
- description: "When i18n is enabled, the experience routes by locale, sets the SDK locale (client.setLocale), includes a language switcher in the header, and renders RTL locales (he, ar) with the correct document direction.",
6004
- sdk: "client.setLocale(locale). Read supported locales from get-store-capabilities.store.i18n.",
6588
+ description: "When i18n is enabled, the experience routes by locale, sets the SDK locale (client.setLocale), includes a language switcher in the header, and renders the correct document direction by reading client.getStoreDirection(locale) \u2014 do not hardcode an RTL locale set.",
6589
+ sdk: "client.setLocale(locale). client.getStoreDirection(locale) for <html dir>. Read supported locales from get-store-capabilities.store.i18n.",
6005
6590
  mandatory: "conditional",
6006
6591
  capabilityFlag: "i18n",
6007
6592
  whenDisabledNote: "This store is single-language. Do not build the language switcher."
6593
+ },
6594
+ {
6595
+ id: "site-header",
6596
+ title: "Site header from merchant content (logo + nav + CTA)",
6597
+ description: 'Fetch client.content.header.get("main", locale) in the root layout. Returns null when the merchant has not seeded yet \u2014 render a hard-coded fallback so the page never crashes. Renders header.data.logo, header.data.navItems[], header.data.cta if present.',
6598
+ sdk: 'client.content.header.get("main", locale)',
6599
+ flowRef: "content-bootstrap",
6600
+ mandatory: "mandatory"
6601
+ },
6602
+ {
6603
+ id: "site-footer",
6604
+ title: "Site footer from merchant content (columns + social + copyright)",
6605
+ description: 'Fetch client.content.footer.get("main", locale) in the root layout. Returns null when unseeded \u2014 render a hard-coded fallback. Render footer.data.columns[].links, footer.data.social[], footer.data.copyright.',
6606
+ sdk: 'client.content.footer.get("main", locale)',
6607
+ flowRef: "content-bootstrap",
6608
+ mandatory: "mandatory"
6609
+ },
6610
+ {
6611
+ id: "announcement-bar",
6612
+ title: "Announcement bar at the top of every page",
6613
+ description: "Fetch client.content.announcement.list(locale) in the root layout. Filter by data.startsAt / data.endsAt client-side. Render a dismissible bar when data.dismissible=true. Build the UI anyway \u2014 it auto-hides when no announcements exist.",
6614
+ sdk: "client.content.announcement.list(locale)",
6615
+ flowRef: "content-bootstrap",
6616
+ mandatory: "conditional",
6617
+ capabilityFlag: "hasContent",
6618
+ whenDisabledNote: "Store has no published Content rows yet. Build the announcement bar anyway \u2014 it auto-hides on empty."
6619
+ },
6620
+ {
6621
+ id: "faq-page",
6622
+ title: "FAQ page rendered from merchant content",
6623
+ description: 'Build /faq as an accordion fed by client.content.faq.get("main", locale). For topical FAQs, use a key parameter (shipping, returns, ...). Always sanitize answer HTML before injecting via dangerouslySetInnerHTML. Build the page anyway \u2014 it auto-hides or 404s when no FAQ rows exist.',
6624
+ sdk: 'client.content.faq.get("main", locale), client.content.faq.list(locale)',
6625
+ flowRef: "content-bootstrap",
6626
+ mandatory: "conditional",
6627
+ capabilityFlag: "hasContent",
6628
+ whenDisabledNote: "No FAQ content yet. Build /faq anyway \u2014 it auto-hides on empty."
6629
+ },
6630
+ {
6631
+ id: "static-pages",
6632
+ title: "Static pages from merchant content (About, Terms, Privacy, \u2026)",
6633
+ description: "Mount a catch-all app/[slug]/page.tsx route. Inside, call client.content.page.getBySlug(params.slug, locale). On null \u2192 notFound(). On hit, sanitize page.data.html before injecting via dangerouslySetInnerHTML. Generate <Metadata> from page.data.seo. Build the route anyway \u2014 it 404s on unknown slugs.",
6634
+ sdk: "client.content.page.getBySlug(slug, locale), client.content.page.list(locale)",
6635
+ flowRef: "content-bootstrap",
6636
+ mandatory: "conditional",
6637
+ capabilityFlag: "hasContent",
6638
+ whenDisabledNote: "No static pages yet. Build the catch-all route anyway \u2014 it 404s on unknown slugs."
6008
6639
  }
6009
6640
  ];
6010
6641
  function isFeatureActive(feature, caps) {
@@ -6055,6 +6686,9 @@ function renderCapabilitiesSummary(caps) {
6055
6686
  );
6056
6687
  lines.push(`- Downloadable products: ${caps.features.hasDownloadableProducts ? "yes" : "no"}`);
6057
6688
  lines.push(`- Checkout custom fields: ${caps.features.hasCheckoutCustomFields ? "yes" : "no"}`);
6689
+ lines.push(
6690
+ `- Content (FAQ/footer/header/announcements/pages): ${caps.features.hasContent ? "seeded" : "none \u2014 build chrome UI with fallbacks"}`
6691
+ );
6058
6692
  lines.push(
6059
6693
  `- Email verification: ${caps.connection.requireEmailVerification ? "required" : "not required (still build the verify-email flow)"}`
6060
6694
  );