@c15t/backend 2.0.0-rc.5 → 2.0.0-rc.8

package/dist-types/handlers/legal-document/snapshot.d.ts

@@ -0,0 +1,39 @@
+import { type JWTPayload } from 'jose';
+import type { LegalDocumentPolicyType, LegalDocumentSnapshotOptions } from '../../types';
+export type LegalDocumentSnapshotVerificationFailureReason = 'missing' | 'malformed' | 'expired' | 'invalid';
+export type LegalDocumentSnapshotVerificationResult = {
+    valid: true;
+    payload: LegalDocumentSnapshotPayload;
+} | {
+    valid: false;
+    reason: LegalDocumentSnapshotVerificationFailureReason;
+};
+export interface LegalDocumentSnapshotPayload extends JWTPayload {
+    iss: string;
+    aud: string;
+    sub: string;
+    tenantId?: string;
+    type: LegalDocumentPolicyType;
+    version: string;
+    hash: string;
+    effectiveDate: string;
+    iat: number;
+    exp: number;
+}
+export declare function createLegalDocumentSnapshotToken(params: {
+    options?: LegalDocumentSnapshotOptions;
+    tenantId?: string;
+    type: LegalDocumentPolicyType;
+    version: string;
+    hash: string;
+    effectiveDate: string;
+    ttlSeconds?: number;
+}): Promise<{
+    token: string;
+    payload: LegalDocumentSnapshotPayload;
+} | undefined>;
+export declare function verifyLegalDocumentSnapshotToken(params: {
+    token?: string;
+    options?: LegalDocumentSnapshotOptions;
+    tenantId?: string;
+}): Promise<LegalDocumentSnapshotVerificationResult>;

package/dist-types/handlers/policy/snapshot.d.ts

@@ -11,7 +11,7 @@ export type PolicySnapshotVerificationResult = {
 };
 export interface PolicySnapshotUiSurface {
     allowedActions?: PolicyUiSurfaceConfig['allowedActions'];
-    primaryAction?: PolicyUiSurfaceConfig['primaryAction'];
+    primaryActions?: PolicyUiSurfaceConfig['primaryActions'];
     layout?: PolicyUiSurfaceConfig['layout'];
     direction?: PolicyUiSurfaceConfig['direction'];
     uiProfile?: PolicyUiSurfaceConfig['uiProfile'];

package/dist-types/handlers/subject/get.handler.d.ts

@@ -20,6 +20,9 @@ export declare const getSubjectHandler: (c: Context) => Promise<Response & impor
         id: string;
         type: string;
         policyId: string | undefined;
+        policyVersion: string | undefined;
+        policyHash: string | undefined;
+        policyEffectiveDate: string | undefined;
         isLatestPolicy: boolean;
         preferences: {
             [x: string]: boolean;

package/dist-types/handlers/subject/list.handler.d.ts

@@ -19,6 +19,9 @@ export declare const listSubjectsHandler: (c: Context) => Promise<Response & imp
             id: string;
             type: string;
             policyId: string | undefined;
+            policyVersion: string | undefined;
+            policyHash: string | undefined;
+            policyEffectiveDate: string | undefined;
             isLatestPolicy: boolean;
             preferences: {
                 [x: string]: boolean;

package/dist-types/handlers/utils/consent-enrichment.d.ts

@@ -12,6 +12,9 @@ export interface EnrichedConsentItem {
     id: string;
     type: string;
     policyId: string | undefined;
+    policyVersion: string | undefined;
+    policyHash: string | undefined;
+    policyEffectiveDate: Date | undefined;
     isLatestPolicy: boolean;
     preferences: Record<string, boolean> | undefined;
     givenAt: Date;

package/dist-types/middleware/cors/is-origin-trusted.d.ts

@@ -3,7 +3,7 @@
  *
  * @packageDocumentation
  */
-import type { Logger } from '../../../../logger/dist-types/index.d.ts';
+import type { Logger } from '@c15t/logger';
 /**
  * Regular expression to strip protocol, trailing slashes, and port numbers from URLs
  * Matches:

package/dist-types/policies/defaults.d.ts

@@ -1,2 +1,2 @@
-export { policyPackPresets } from '../../../schema/dist-types/index.d.ts';
-export type { EuropePolicyMode, PolicyPackPresets } from '../../../schema/dist-types/types.d';
+export { policyPackPresets } from '@c15t/schema';
+export type { EuropePolicyMode, PolicyPackPresets } from '@c15t/schema/types';

package/dist-types/policies/matchers.d.ts

@@ -1,3 +1,3 @@
-import type { PolicyMatch } from '../../../schema/dist-types/types.d';
-export { EEA_COUNTRY_CODES, EU_COUNTRY_CODES, POLICY_MATCH_DATASET_VERSION, policyMatchers, UK_COUNTRY_CODES, } from '../../../schema/dist-types/types.d';
+import type { PolicyMatch } from '@c15t/schema/types';
+export { EEA_COUNTRY_CODES, EU_COUNTRY_CODES, POLICY_MATCH_DATASET_VERSION, policyMatchers, UK_COUNTRY_CODES, } from '@c15t/schema/types';
 export type { PolicyMatch };

package/dist-types/routes/index.d.ts

@@ -5,5 +5,6 @@
  */
 export { createConsentRoutes } from './consent';
 export { createInitRoute } from './init';
+export { createLegalDocumentRoutes } from './legal-document';
 export { createStatusRoute } from './status';
 export { createSubjectRoutes } from './subject';

package/dist-types/routes/legal-document.d.ts

@@ -0,0 +1,7 @@
+import { Hono } from 'hono';
+import type { C15TContext } from '../types';
+export declare const createLegalDocumentRoutes: () => Hono<{
+    Variables: {
+        c15tContext: C15TContext;
+    };
+}, import("hono/types").BlankSchema, "/">;

package/dist-types/types/index.d.ts

@@ -1,13 +1,13 @@
-import type { createLogger, LoggerOptions } from '../../../logger/dist-types/index.d.ts';
-import { type Branding, type GlobalVendorList, type NonIABVendor, type PolicyConfig } from '../../../schema/dist-types/types.d';
-import type { Translations } from '../../../translations/dist-types/index.d.ts';
+import type { createLogger, LoggerOptions } from '@c15t/logger';
+import { type Branding, type GlobalVendorList, type NonIABVendor, type PolicyConfig } from '@c15t/schema/types';
+import type { Translations } from '@c15t/translations';
 import type { Meter, Tracer } from '@opentelemetry/api';
 import type { FumaDB, InferFumaDB } from 'fumadb';
 import type { CacheAdapter } from '../cache/types';
 import type { createRegistry } from '../db/registry';
 import type { DB, LatestDB } from '../db/schema';
 export * from './api';
-export declare const branding: readonly ["c15t", "consent", "none"];
+export declare const branding: readonly ["c15t", "inth", "consent", "none"];
 export type { Branding };
 export interface DatabaseOptions {
     /**
@@ -244,7 +244,7 @@ export interface I18nOptions {
      */
     defaultProfile?: string;
 }
-export type { PolicyConfig, PolicyModel, PolicyPack, PolicyScopeMode, PolicyUiAction, PolicyUiActionDirection, PolicyUiActionGroup, PolicyUiMode, PolicyUiProfile, PolicyUiSurfaceConfig, } from '../../../schema/dist-types/types.d';
+export type { LegalDocumentPolicyType, PolicyConfig, PolicyModel, PolicyPack, PolicyScopeMode, PolicyUiAction, PolicyUiActionDirection, PolicyUiActionGroup, PolicyUiMode, PolicyUiProfile, PolicyUiSurfaceConfig, } from '@c15t/schema/types';
 export interface PolicySnapshotOptions {
     /**
      * Secret used for signing and verifying policy snapshot tokens.
@@ -271,6 +271,22 @@ export interface PolicySnapshotOptions {
      */
     ttlSeconds?: number;
 }
+export interface LegalDocumentSnapshotOptions {
+    /**
+     * Secret used for signing and verifying legal-document snapshot tokens.
+     */
+    signingKey: string;
+    /**
+     * JWT issuer claim for legal-document snapshot tokens.
+     * @default "c15t"
+     */
+    issuer?: string;
+    /**
+     * JWT audience claim for legal-document snapshot tokens.
+     * When omitted, c15t derives a default audience and scopes it per tenant.
+     */
+    audience?: string;
+}
 export interface BackgroundOptions {
     /**
      * Executes non-critical tasks after the response path has completed.
@@ -362,6 +378,7 @@ export interface C15TOptions {
     policyPacks?: PolicyConfig[];
     /**
      * Select which branding to show in the consent banner.
+     * Use "inth" for the INTH brand. "consent" is a deprecated alias for "inth".
      * Use "none" to hide branding.
      * @default "c15t"
      */
@@ -415,6 +432,10 @@ export interface C15TOptions {
      * Optional signed policy snapshots used to keep /init and /subjects consistent.
      */
     policySnapshot?: PolicySnapshotOptions;
+    /**
+     * Optional signed legal-document snapshots issued by external document renderers.
+     */
+    legalDocumentSnapshot?: LegalDocumentSnapshotOptions;
     /**
      * Optional background task runner for non-critical side effects.
      */

package/dist-types/utils/instrumentation.d.ts

@@ -3,8 +3,8 @@ import type { C15TOptions } from '../types';
  * Span attributes for database operations
  */
 export interface DatabaseSpanAttributes {
-    /** The database operation type (find, create, update, delete) */
-    operation: 'find' | 'create' | 'update' | 'delete' | 'findOrCreate';
+    /** The database operation type */
+    operation: 'find' | 'create' | 'update' | 'delete' | 'findOrCreate' | 'findLatest' | 'findByHash' | 'syncCurrent' | 'findOrCreateLegalDocument';
     /** The entity type being operated on */
     entity: string;
     /** Optional additional attributes */

package/dist-types/utils/logger.d.ts

@@ -1,4 +1,4 @@
-import { createLogger, type LoggerOptions } from '../../../logger/dist-types/index.d.ts';
+import { createLogger, type LoggerOptions } from '@c15t/logger';
 /**
  * Gets or creates a global logger instance
  *

package/dist-types/version.d.ts

@@ -1 +1 @@
-export declare const version = "2.0.0-rc.5";
+export declare const version = "2.0.0-rc.8";

package/docs/api/configuration.md

@@ -21,7 +21,7 @@ All options are passed to `c15tInstance()`. Only `adapter` and `trustedOrigins`
 |customTranslations|Record\<string, Partial\<Translations>> \|undefined|Override base translations.|-|Optional|
 |i18n|I18nOptions \|undefined|Internationalization message profiles used by runtime policies.|-|Optional|
 |policyPacks|[PolicyConfig \|undefined](https://v2.c15t.com/docs/self-host/guides/policy-packs)|Runtime regional policy pack resolved per request.|-|Optional|
-|branding|"c15t" \|"consent" \|"none" \|undefined|Select which branding to show in the consent banner. Use "none" to hide branding.|"c15t"|Optional|
+|branding|"c15t" \|"consent" \|"none" \|"inth" \|undefined|Select which branding to show in the consent banner. Use "inth" for the INTH brand. "consent" is a deprecated alias for "inth". Use "none" to hide branding.|"c15t"|Optional|
 |openapi|[OpenAPIOptions \|undefined](https://v2.c15t.com/docs/self-host/api/endpoints)|OpenAPI spec generation and documentation UI options.|-|Optional|
 |telemetry|[TelemetryOptions \|undefined](https://v2.c15t.com/docs/self-host/guides/observability)|OpenTelemetry configuration for tracing and metrics. Telemetry is opt-in and disabled by default. Users must provide their own SDK setup (Node, Bun, edge, etc.).|-|Optional|
 |ipAddress|[IPAddressOptions \|undefined](https://v2.c15t.com/docs/self-host/api/configuration)|IP address tracking and masking options.|-|Optional|
@@ -29,6 +29,7 @@ All options are passed to `c15tInstance()`. Only `adapter` and `trustedOrigins`
 |apiKeys|string\[] \|undefined|API keys for authenticated endpoints. Used for server-side endpoints like GET /subjects.|-|Optional|
 |iab|[IABOptions \|undefined](https://v2.c15t.com/docs/self-host/guides/iab-tcf)|IAB TCF configuration including GVL, CMP registration, and custom vendors. Disabled by default - most users don't need IAB TCF. Set enabled: true to activate IAB support.|-|Optional|
 |policySnapshot|PolicySnapshotOptions \|undefined|Optional signed policy snapshots used to keep /init and /subjects consistent.|-|Optional|
+|legalDocumentSnapshot|LegalDocumentSnapshotOptions \|undefined|Optional signed legal-document snapshots issued by external document renderers.|-|Optional|
 |background|BackgroundOptions \|undefined|Optional background task runner for non-critical side effects.|-|Optional|
 
 #### `adapter` FumaDBAdapter
@@ -87,6 +88,16 @@ Optional signed policy snapshots used to keep /init and /subjects consistent.
 |audience|string \|undefined|JWT audience claim for snapshot tokens. When omitted, c15t derives a default snapshot audience and scopes it per tenant.|-|Optional|
 |ttlSeconds|number \|undefined|Snapshot token lifetime in seconds.|-|Optional|
 
+#### `legalDocumentSnapshot` LegalDocumentSnapshotOptions
+
+Optional signed legal-document snapshots issued by external document renderers.
+
+|Property|Type|Description|Default|Required|
+|:--|:--|:--|:--|:--:|
+|signingKey|string|Secret used for signing and verifying legal-document snapshot tokens.|-|✅ Required|
+|issuer|string \|undefined|JWT issuer claim for legal-document snapshot tokens.|-|Optional|
+|audience|string \|undefined|JWT audience claim for legal-document snapshot tokens. When omitted, c15t derives a default audience and scopes it per tenant.|-|Optional|
+
 #### `background` BackgroundOptions
 
 Optional background task runner for non-critical side effects.
@@ -174,7 +185,7 @@ interface C15TInstance {
 
 ## Edge Init Options
 
-`c15tEdgeInit()` from `@c15t/backend/edge` accepts a subset of `C15TOptions` — only the fields needed for consent policy resolution without a database. See the [Edge Deployment guide](/docs/self-host/guides/edge-deployment) for usage.
+`unstable_c15tEdgeInit()` from `@c15t/backend/edge` accepts a subset of `C15TOptions` — only the fields needed for consent policy resolution without a database. This edge runtime API is unstable in `2.0`. See the [Edge Deployment guide](/docs/self-host/guides/edge-deployment) for usage.
 
 ### C15TEdgeOptions
 

package/docs/guides/edge-deployment.md

@@ -5,10 +5,13 @@ description: Run consent policy resolution at the edge for faster initial banner
 The `/init` endpoint determines consent policy from geo headers, resolves translations, and optionally fetches the GVL. None of this requires a database. The `@c15t/backend/edge` export lets you run this logic in edge runtimes (Vercel Middleware, Cloudflare Workers, Deno Deploy) so the consent banner resolves from the nearest PoP instead of round-tripping to your origin.
 
 ```
-Standard:  Browser → Origin (single region)  → c15tInstance(/init) → Response
-Edge:      Browser → Edge   (nearest PoP)    → c15tEdgeInit        → Response
+Standard:  Browser → Origin (single region)  → c15tInstance(/init)         → Response
+Edge:      Browser → Edge   (nearest PoP)    → unstable_c15tEdgeInit       → Response
 ```
 
+> ℹ️ **Info:**
+> The edge runtime exports in @c15t/backend/edge are unstable in 2.0. Use the unstable\_-prefixed callables and expect API changes or removal in a future release.
+
 ## When to use this
 
 * Your origin server is in a single region and users are globally distributed
@@ -56,10 +59,10 @@ export const consentConfig = {
 **Vercel Middleware**
 
 ```ts title="middleware.ts"
-import { c15tEdgeInit } from '@c15t/backend/edge';
+import { unstable_c15tEdgeInit } from '@c15t/backend/edge';
 import { consentConfig } from './lib/consent-config';
 
-const initHandler = c15tEdgeInit(consentConfig);
+const initHandler = unstable_c15tEdgeInit(consentConfig);
 
 export async function middleware(request: Request) {
   const url = new URL(request.url);
@@ -76,10 +79,10 @@ export const config = {
 **Cloudflare Workers**
 
 ```ts title="worker.ts"
-import { c15tEdgeInit } from '@c15t/backend/edge';
+import { unstable_c15tEdgeInit } from '@c15t/backend/edge';
 import { consentConfig } from './lib/consent-config';
 
-const initHandler = c15tEdgeInit(consentConfig);
+const initHandler = unstable_c15tEdgeInit(consentConfig);
 
 export default {
   async fetch(request: Request) {
@@ -96,10 +99,10 @@ export default {
 **Deno Deploy**
 
 ```ts title="main.ts"
-import { c15tEdgeInit } from '@c15t/backend/edge';
+import { unstable_c15tEdgeInit } from '@c15t/backend/edge';
 import { consentConfig } from './lib/consent-config.ts';
 
-const initHandler = c15tEdgeInit(consentConfig);
+const initHandler = unstable_c15tEdgeInit(consentConfig);
 
 Deno.serve(async (request) => {
   const url = new URL(request.url);
@@ -128,7 +131,7 @@ export const { GET, POST } = c15t;
 
 ## Configuration
 
-`c15tEdgeInit` accepts `C15TEdgeOptions` — the same fields as `c15tInstance` minus the database-related options (`adapter`, `tablePrefix`, `basePath`, `openapi`, `ipAddress`, `apiKeys`, `background`).
+`unstable_c15tEdgeInit` accepts `C15TEdgeOptions` — the same fields as `c15tInstance` minus the database-related options (`adapter`, `tablePrefix`, `basePath`, `openapi`, `ipAddress`, `apiKeys`, `background`).
 
 |Option|Required|Description|
 |--|--|--|
@@ -168,15 +171,15 @@ Edge isolates have short-lived memory. The in-memory GVL cache resets on each co
 * **Bundle GVL translations** using `iab.bundled` to avoid fetch latency entirely
 * **Use an external cache** (Upstash Redis, Cloudflare KV) via the `cache.adapter` option to share cached data across isolates — see the [Caching guide](/docs/self-host/guides/caching) for setup
 
-## Custom consent cookie — resolveConsent
+## Custom consent cookie — unstable\_resolveConsent
 
 > ℹ️ **Info:**
 > Experimental — this API may change in future versions.
 
-If you manage your own consent cookie and just need to know **which categories to load** for a given visitor, use `resolveConsent` instead of `c15tEdgeInit`. It's a lightweight, fully synchronous function that returns the matched policy and default consent state — no translations, GVL, branding, or snapshot tokens.
+If you manage your own consent cookie and just need to know **which categories to load** for a given visitor, use `unstable_resolveConsent` instead of `unstable_c15tEdgeInit`. It's a lightweight, fully synchronous function that returns the matched policy and default consent state — no translations, GVL, branding, or snapshot tokens.
 
 ```ts title="middleware.ts"
-import { resolveConsent } from '@c15t/backend/edge';
+import { unstable_resolveConsent } from '@c15t/backend/edge';
 
 const policyPacks = [
   {
@@ -201,7 +204,7 @@ const policyPacks = [
 ];
 
 export function middleware(request: Request) {
-  const consent = resolveConsent(request, { policyPacks });
+  const consent = unstable_resolveConsent(request, { policyPacks });
 
   // consent.model       → "opt-in" | "opt-out" | "none" | "iab"
   // consent.showBanner  → true
@@ -226,9 +229,9 @@ export function middleware(request: Request) {
 |`opt-out`|granted, required|**granted**|GPC signal can override `marketing`/`measurement` to not granted|
 |`none`|granted, required|**granted**|No banner shown|
 
-### `resolveConsent` vs `c15tEdgeInit`
+### `unstable_resolveConsent` vs `unstable_c15tEdgeInit`
 
-||`resolveConsent`|`c15tEdgeInit`|
+||`unstable_resolveConsent`|`unstable_c15tEdgeInit`|
 |--|--|--|
 |**Use case**|Custom consent cookie|Drop-in `/init` replacement|
 |**Sync**|Yes|No (async — signs JWT, fetches GVL)|

package/docs/guides/policy-packs.md

@@ -58,7 +58,7 @@ export const c15t = c15tInstance({
         uiMode: 'banner',
         banner: {
           allowedActions: ['accept', 'reject', 'customize'],
-          primaryAction: 'customize',
+          primaryActions: ['accept', 'customize'],
           uiProfile: 'compact',
         },
         dialog: {

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@c15t/backend",
-	"version": "2.0.0-rc.5",
+	"version": "2.0.0-rc.8",
 	"description": "Consent policy engine and API for c15t. Powers the cookie banner, consent manager, and preferences centre. Webhooks, audit logs, storage adapters. Self host or use consent.io",
 	"keywords": [
 		"consent",
@@ -110,10 +110,10 @@
 	],
 	"scripts": {
 		"prebuild": "genversion --esm --semi src/version.ts",
-		"build": "bun prebuild && rslib build && bun ../../scripts/agent-docs/generate-package-docs.ts @c15t/backend",
+		"build": "bun prebuild && rslib build && bun ../../scripts/normalize-dist-types.mjs && bun ../../scripts/agent-docs/generate-package-docs.ts @c15t/backend",
 		"build:agent-docs": "bun ../../scripts/agent-docs/generate-package-docs.ts @c15t/backend",
 		"check-types": "bun prebuild && tsc --noEmit",
-		"dev": "bun prebuild && rslib build",
+		"dev": "bun prebuild && rslib build && bun ../../scripts/normalize-dist-types.mjs",
 		"fmt": "bun biome format --write . && bun biome check --formatter-enabled=false --linter-enabled=false --write",
 		"knip": "knip",
 		"lint": "bun biome lint ./src",
@@ -123,31 +123,31 @@
 		"test:watch": "bun prebuild && vitest"
 	},
 	"dependencies": {
-		"@c15t/logger": "1.0.2-rc.0",
-		"@c15t/schema": "2.0.0-rc.3",
-		"@c15t/translations": "2.0.0-rc.5",
+		"@c15t/logger": "1.0.2-rc.1",
+		"@c15t/schema": "2.0.0-rc.5",
+		"@c15t/translations": "2.0.0-rc.8",
 		"@hono/standard-validator": "^0.2.2",
 		"@hono/valibot-validator": "0.6.1",
-		"@opentelemetry/api": "1.9.0",
-		"@orpc/server": "^1.13.4",
-		"@scalar/hono-api-reference": "0.5.175",
-		"@valibot/to-json-schema": "1.0.0",
+		"@opentelemetry/api": "1.9.1",
+		"@orpc/server": "^1.13.13",
+		"@scalar/hono-api-reference": "0.10.5",
+		"@valibot/to-json-schema": "1.6.0",
 		"base-x": "5.0.1",
 		"defu": "6.1.4",
-		"fumadb": "0.2.1",
-		"hono": "4.11.7",
-		"hono-openapi": "1.2.0",
-		"jose": "6.2.1",
-		"valibot": "1.2.0"
+		"fumadb": "0.2.2",
+		"hono": "4.12.9",
+		"hono-openapi": "1.3.0",
+		"jose": "6.2.2",
+		"valibot": "1.3.1"
 	},
 	"devDependencies": {
 		"@c15t/typescript-config": "0.0.1-beta.1",
 		"@c15t/vitest-config": "1.0.0",
-		"@opentelemetry/sdk-trace-base": "^1.30.0",
-		"@types/node": "24.10.1",
-		"@upstash/redis": "^1.0.0",
+		"@opentelemetry/sdk-trace-base": "^2.6.1",
+		"@types/node": "25.5.0",
+		"@upstash/redis": "^1.37.0",
 		"genversion": "3.2.0",
-		"typescript": "5.9.3"
+		"typescript": "6.0.2"
 	},
 	"peerDependencies": {
 		"@upstash/redis": ">=1.0.0"