npm - @cavuno/board - Versions diffs - 1.2.0 → 1.3.0 - Mend

@cavuno/board 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/bin.mjs +74 -0
package/dist/index.d.mts +207 -7
package/dist/index.d.ts +207 -7
package/dist/index.js +164 -7
package/dist/index.mjs +164 -7
package/dist/skills.d.mts +38 -0
package/dist/skills.d.ts +38 -0
package/dist/skills.js +62 -0
package/dist/skills.mjs +29 -0
package/package.json +22 -5
package/skills/cavuno-board-auth/SKILL.md +113 -0
package/skills/cavuno-board-client/SKILL.md +93 -0
package/skills/cavuno-board-errors/SKILL.md +86 -0
package/skills/cavuno-board-jobs/SKILL.md +93 -0
package/skills/cavuno-board-setup/SKILL.md +96 -0
package/skills/flavors/tanstack-start/SKILL.md +102 -0
package/skills/manifest.json +47 -0

package/dist/index.d.ts CHANGED Viewed

@@ -252,6 +252,8 @@ interface CustomStorage {
 type StorageMode = 'memory' | 'nostore' | CustomStorage;
 declare const ACCESS_TOKEN_KEY = "cavuno_board_access_token";
 declare const REFRESH_TOKEN_KEY = "cavuno_board_refresh_token";
+/** Board-password access grant — sent as `X-Board-Access` to pass the wall. */
+declare const BOARD_ACCESS_GRANT_KEY = "cavuno_board_access_grant";
 /**
  * The request handed to `onRequest` and `fetch`. `onRequest` may
@@ -340,6 +342,8 @@ interface PublicBoard {
     language: string;
     logoUrl: string | null;
     primaryDomain: string | null;
+    /** Whitelabel toggle (default `true`) — render the "Powered by Cavuno" badge unless `false`. */
+    showCavunoBranding: boolean;
     features: PublicBoardFeatures;
     analytics: PublicBoardAnalytics;
     theme: PublicBoardTheme | null;
@@ -352,9 +356,9 @@ interface PublicBoard {
  */
 interface BoardSeo {
     object: 'board_seo';
-    /** Verbatim `ads.txt` content, or `null` when not configured (the handler 404s). */
+    /** Verbatim `ads.txt` content, or `null` when not configured. */
     adsTxt: string | null;
-    /** IndexNow key-file content, or `null` when not configured (the handler 404s). */
+    /** IndexNow key-file content, or `null` when not configured. */
     indexNowKey: string | null;
     /** Google site-verification token for the `<meta>` tag, or `null`. */
     googleSiteVerification: string | null;
@@ -402,6 +406,12 @@ declare class BoardApiError extends Error {
 declare function isBoardApiError(e: unknown): e is BoardApiError;
 declare function isNotFound(e: unknown): e is BoardApiError;
 declare function isUnauthorized(e: unknown): e is BoardApiError;
+/**
+ * The board is password-protected and the read carried no valid `X-Board-Access`
+ * grant. Distinct from an expired board-USER token (also 401): this code means
+ * "call `password.verify()` again to mint a fresh grant", not "re-login".
+ */
+declare function isBoardPasswordRequired(e: unknown): e is BoardApiError;
 declare function isForbidden(e: unknown): e is BoardApiError;
 declare function isValidationError(e: unknown): e is BoardApiError;
 declare function isRateLimited(e: unknown): e is BoardApiError;
@@ -413,7 +423,7 @@ declare function isConflict(e: unknown): e is BoardApiError;
  * constant because the package is platform-neutral and cannot read
  * package.json at runtime.
  */
-declare const SDK_VERSION = "1.2.0";
+declare const SDK_VERSION = "1.3.0";
 interface BoardUser {
     id: string;
@@ -464,6 +474,41 @@ interface ResetPasswordBody {
     password: string;
 }
+/**
+ * Query for `board.embed.jobs()` — the embeddable, UNGATED jobs widget. Mirrors
+ * the browse list's facets + geo, plus a free-text `q` keyword (the widget is
+ * searchable). Deliberately has NO `category`/`skill` programmatic seeding and
+ * NO `fields` sparse fieldset — the embed widget exposes none of those.
+ */
+type EmbedJobsQuery = {
+    /** Free-text search query, up to 200 characters. */
+    q?: string;
+    cursor?: string;
+    /** Default 8; values above the embed ceiling of 50 are clamped to 50. */
+    limit?: number;
+    /** Storefront page offset; takes precedence over `cursor`. `offset + limit` ≤ 10,000. */
+    offset?: number;
+    /** Single or repeated (up to 10) — repeated params are OR-matched. */
+    companyId?: string | string[];
+    remoteOption?: RemoteOption | RemoteOption[];
+    employmentType?: EmploymentType | EmploymentType[];
+    seniority?: Seniority | Seniority[];
+    /** Place slug for a geo radius search; unresolvable slugs are ignored. */
+    location?: string;
+    /** Radius in km around `location` (10–250; default 50). */
+    radius?: number;
+};
+/**
+ * The board-access grant returned by `password.verify()`. Send `token` as the
+ * `X-Board-Access` header on content reads to pass a board's password wall
+ * (the SDK does this automatically once the grant is stored).
+ */
+interface BoardAccessGrant {
+    object: 'board_access_grant';
+    token: string;
+}
 /**
  * The result of resolving a path against the board's configured redirects
  * (`board.redirects.resolve()`). A headless frontend 308s to `target`, or 404s
@@ -509,9 +554,13 @@ interface PublicBlogPostSummary {
     slug: string;
     featured: boolean;
     coverUrl: string | null;
+    /** Alt text for `coverUrl` (the cover/feature image). */
+    featureImageAlt: string | null;
     customExcerpt: string | null;
     readingTimeMin: number | null;
     publishedAt: string | null;
+    /** A custom canonical URL override for this post, if set. */
+    canonicalUrl: string | null;
     createdAt: string;
     authors: BlogAuthorEmbed[];
     tags: BlogTagEmbed[];
@@ -520,11 +569,22 @@ interface PublicBlogPostSummary {
 interface PublicBlogPost extends PublicBlogPostSummary {
     html: string | null;
     ogImageUrl: string | null;
-    featureImageAlt: string | null;
     featureImageCaption: string | null;
     seoTitle: string | null;
     seoDescription: string | null;
-    canonicalUrl: string | null;
+    /**
+     * Slug-history resolution. When the requested slug is a renamed post's OLD
+     * slug, `redirected` is `true` and `newSlug` is the post's current slug —
+     * issue a 308 to it. Otherwise `redirected` is `false` and `newSlug` is null.
+     */
+    redirected: boolean;
+    newSlug: string | null;
+}
+/** Previous (older) + next (newer) posts for the detail prev/next nav. */
+interface PublicBlogAdjacentPosts {
+    object: 'blog_adjacent_posts';
+    previous: PublicBlogPostSummary | null;
+    next: PublicBlogPostSummary | null;
 }
 type BlogPostsListQuery = {
     cursor?: string;
@@ -535,6 +595,10 @@ type BlogPostsListQuery = {
     /** Opt-in only: pass `'true'` to restrict to featured posts. */
     featured?: 'true';
 };
+type BlogSimilarQuery = {
+    /** 1–20; default 6. */
+    limit?: number;
+};
 interface BlogSearchBody {
     /** Free-text query, 1–200 characters. Required. */
     query: string;
@@ -596,6 +660,109 @@ interface SaveJobBody {
     jobId: string;
 }
+type JobAlertFrequency = 'daily' | 'weekly';
+type JobAlertRemoteOption = 'on_site' | 'hybrid' | 'remote';
+/**
+ * Alert filters a consumer can capture. Only `jobFunctions` (→ job categories),
+ * `placeSlugs` (→ place IDs) and `remoteOptions` scope the digest server-side;
+ * `seniorityLevels`/`salary*` are stored but do not filter delivery.
+ */
+type JobAlertFiltersInput = {
+    jobFunctions?: string[];
+    seniorityLevels?: string[];
+    remoteOptions?: JobAlertRemoteOption[];
+    placeSlugs?: string[];
+    salaryMin?: number;
+    salaryMax?: number;
+    salaryCurrency?: string;
+};
+/** Body for `jobAlerts.subscribe`. `consent` must be `true` (server-enforced). */
+type JobAlertSubscribeInput = {
+    email: string;
+    consent: true;
+    frequency?: JobAlertFrequency;
+    filters?: JobAlertFiltersInput;
+    /** Scopes the alert to the originating job/search (for the digest + analytics). */
+    context?: {
+        source?: string;
+        jobId?: string;
+        jobSlug?: string;
+    };
+};
+interface JobAlertSubscription {
+    object: 'job_alert_subscription';
+    status: 'created' | 'duplicate';
+    requiresConfirmation: boolean;
+    confirmed: boolean;
+}
+interface JobAlertConfirmation {
+    object: 'job_alert_confirmation';
+    status: 'confirmed' | 'already_confirmed' | 'expired' | 'not_found';
+}
+interface JobAlertResendResult {
+    object: 'job_alert_confirmation_resend';
+    status: 'sent' | 'not_found' | 'already_confirmed' | 'throttled' | 'send_failed';
+}
+interface JobAlertManageResult {
+    object: 'job_alert_manage_result';
+    success: boolean;
+}
+/**
+ * The stored filter criteria surfaced on the manage page (a serializable subset
+ * of the internal filter object — the fields a consumer renders). `jobFunctions`,
+ * `placeIds` and `remoteOptions` are the dimensions the digest actually matches on.
+ */
+interface JobAlertStoredFilters {
+    jobFunctions?: string[];
+    seniorityLevels?: string[];
+    remoteOptions?: string[];
+    placeIds?: string[];
+    salaryMin?: number | null;
+    salaryMax?: number | null;
+    salaryCurrency?: string | null;
+    frequency?: string;
+}
+interface JobAlertPreference {
+    id: string;
+    label: string | null;
+    frequency: string;
+    isActive: boolean;
+    filters: JobAlertStoredFilters;
+    /** Per-preference HMAC token for `updatePreference`/`deletePreference`. */
+    manageToken: string;
+}
+interface JobAlertManageState {
+    object: 'job_alert_manage_state';
+    email: string;
+    confirmed: boolean;
+    unsubscribed: boolean;
+    preferences: JobAlertPreference[];
+}
+/** Query for `jobAlerts.manage` — the HMAC manage token from the digest email. */
+type JobAlertManageQuery = {
+    subscription: string;
+    token: string;
+};
+/** Body for `jobAlerts.unsubscribe` / `resubscribe` (HMAC manage token). */
+type JobAlertManageTokenInput = {
+    subscriptionId: string;
+    token: string;
+    preferenceId?: string;
+};
+type JobAlertUpdatePreferenceInput = {
+    subscriptionId: string;
+    preferenceId: string;
+    token: string;
+    /** Required — the update is a full replace; restate it to avoid resetting cadence. */
+    frequency: JobAlertFrequency;
+    filters?: JobAlertFiltersInput;
+};
+type JobAlertDeletePreferenceInput = {
+    subscriptionId: string;
+    preferenceId: string;
+    token: string;
+};
 interface TaxonomyGeo {
     lat: number | null;
     lng: number | null;
@@ -622,6 +789,17 @@ interface TaxonomyResolution {
     redirectTo: string | null;
     geo: TaxonomyGeo | null;
 }
+/**
+ * Query for `taxonomy.places.list()`. Omit it (or `q`) for the full locations
+ * directory; pass `q` (≥2 chars) for location autocomplete — the top name
+ * matches ranked, what a location search field renders.
+ */
+type PlacesListQuery = {
+    /** Location autocomplete query; ≥2 chars → top name matches, under 2 → empty. */
+    q?: string;
+    /** Max autocomplete results when `q` is given (1–50; default 10). */
+    limit?: number;
+};
 /**
  * A place in the board's locations directory (`taxonomy.places.list()` →
  * `GET /places`), the data the `/jobs/locations/` index renders. `jobCount` is
@@ -701,6 +879,9 @@ declare function createBoardClient(options: CreateBoardClientOptions): {
         search(body: JobsSearchBody, query?: Record<string, never>, options?: FetchOptions): Promise<JobCardSearchEnvelope>;
         similar(jobSlug: string, query?: JobsSimilarQuery, options?: FetchOptions): Promise<ListEnvelope<PublicJobCard>>;
     };
+    embed: {
+        jobs(query?: EmbedJobsQuery, options?: FetchOptions): Promise<ListEnvelope<PublicJobCard>>;
+    };
     companies: {
         list(query?: CompaniesListQuery, options?: FetchOptions): Promise<ListEnvelope<PublicCompany>>;
         retrieve(companySlug: string, query?: Record<string, never>, options?: FetchOptions): Promise<PublicCompany>;
@@ -711,6 +892,8 @@ declare function createBoardClient(options: CreateBoardClientOptions): {
         posts: {
             list(query?: BlogPostsListQuery, options?: FetchOptions): Promise<ListEnvelope<PublicBlogPostSummary>>;
             retrieve(postSlug: string, query?: Record<string, never>, options?: FetchOptions): Promise<PublicBlogPost>;
+            adjacent(postSlug: string, options?: FetchOptions): Promise<PublicBlogAdjacentPosts>;
+            similar(postSlug: string, query?: BlogSimilarQuery, options?: FetchOptions): Promise<ListEnvelope<PublicBlogPostSummary>>;
         };
         tags: {
             list(query?: Record<string, never>, options?: FetchOptions): Promise<ListEnvelope<PublicBlogTag>>;
@@ -739,6 +922,9 @@ declare function createBoardClient(options: CreateBoardClientOptions): {
             unsave(jobId: string, query?: Record<string, never>, options?: FetchOptions): Promise<void>;
         };
     };
+    password: {
+        verify(password: string, options?: FetchOptions): Promise<BoardAccessGrant>;
+    };
     taxonomy: {
         categories: {
             resolve(slug: string, options?: FetchOptions): Promise<TaxonomyResolution>;
@@ -747,14 +933,28 @@ declare function createBoardClient(options: CreateBoardClientOptions): {
             resolve(slug: string, options?: FetchOptions): Promise<TaxonomyResolution>;
         };
         places: {
-            list(options?: FetchOptions): Promise<ListEnvelope<PublicPlace>>;
+            list(query?: PlacesListQuery, options?: FetchOptions): Promise<ListEnvelope<PublicPlace>>;
             resolve(slug: string, options?: FetchOptions): Promise<TaxonomyResolution>;
         };
     };
     redirects: {
         resolve(path: string, options?: FetchOptions): Promise<RedirectResolution>;
     };
+    jobAlerts: {
+        subscribe(input: JobAlertSubscribeInput, options?: FetchOptions): Promise<JobAlertSubscription>;
+        confirm(input: {
+            token: string;
+        }, options?: FetchOptions): Promise<JobAlertConfirmation>;
+        resendConfirmation(input: {
+            email: string;
+        }, options?: FetchOptions): Promise<JobAlertResendResult>;
+        manage(query: JobAlertManageQuery, options?: FetchOptions): Promise<JobAlertManageState>;
+        unsubscribe(input: JobAlertManageTokenInput, options?: FetchOptions): Promise<JobAlertManageResult>;
+        resubscribe(input: JobAlertManageTokenInput, options?: FetchOptions): Promise<JobAlertManageResult>;
+        updatePreference(input: JobAlertUpdatePreferenceInput, options?: FetchOptions): Promise<JobAlertManageResult>;
+        deletePreference(input: JobAlertDeletePreferenceInput, options?: FetchOptions): Promise<JobAlertManageResult>;
+    };
 };
 type BoardSdk = ReturnType<typeof createBoardClient>;
-export { ACCESS_TOKEN_KEY, type Awaitable, type BlogAuthorEmbed, type BlogPostsListQuery, type BlogSearchBody, type BlogTagEmbed, BoardApiError, type BoardAuthSession, BoardClient, type BoardRequest, type BoardSdk, type BoardSeo, type BoardUser, type CompaniesListQuery, type CompaniesSearchBody, type CompanyJobsListQuery, type CreateBoardClientOptions, type CustomStorage, type EducationRequirement, type EmploymentType, type FetchOptions, type ForgotPasswordBody, type JobCardListEnvelope, type JobCardSearchEnvelope, type JobCompany, type JobsListQuery, type JobsSearchBody, type ListEnvelope, type Logger, type LoginBody, type LogoutBody, type OfficeLocation, type PublicBlogAuthor, type PublicBlogPost, type PublicBlogPostSummary, type PublicBlogTag, type PublicBoard, type PublicBoardAnalytics, type PublicBoardFeatures, type PublicBoardTheme, type PublicCompany, type PublicJob, type PublicJobCard, type PublicPlace, REFRESH_TOKEN_KEY, type RedirectResolution, type RefreshBody, type RegisterBody, type RelatedSearch, type RemoteOption, type RemotePermit, type RemoteTimezone, type ResetPasswordBody, SDK_VERSION, type SaveJobBody, type SavedJob, type SavedJobsListQuery, type SearchEnvelope, type Seniority, type StorageMode, type StorefrontPagination, type TaxonomyGeo, type TaxonomyResolution, type VerifyEmailBody, createBoardClient, isBoardApiError, isConflict, isForbidden, isNotFound, isRateLimited, isUnauthorized, isValidationError };
+export { ACCESS_TOKEN_KEY, type Awaitable, BOARD_ACCESS_GRANT_KEY, type BlogAuthorEmbed, type BlogPostsListQuery, type BlogSearchBody, type BlogSimilarQuery, type BlogTagEmbed, type BoardAccessGrant, BoardApiError, type BoardAuthSession, BoardClient, type BoardRequest, type BoardSdk, type BoardSeo, type BoardUser, type CompaniesListQuery, type CompaniesSearchBody, type CompanyJobsListQuery, type CreateBoardClientOptions, type CustomStorage, type EducationRequirement, type EmbedJobsQuery, type EmploymentType, type FetchOptions, type ForgotPasswordBody, type JobAlertConfirmation, type JobAlertDeletePreferenceInput, type JobAlertFiltersInput, type JobAlertFrequency, type JobAlertManageQuery, type JobAlertManageResult, type JobAlertManageState, type JobAlertManageTokenInput, type JobAlertPreference, type JobAlertRemoteOption, type JobAlertResendResult, type JobAlertStoredFilters, type JobAlertSubscribeInput, type JobAlertSubscription, type JobAlertUpdatePreferenceInput, type JobCardListEnvelope, type JobCardSearchEnvelope, type JobCompany, type JobsListQuery, type JobsSearchBody, type ListEnvelope, type Logger, type LoginBody, type LogoutBody, type OfficeLocation, type PlacesListQuery, type PublicBlogAdjacentPosts, type PublicBlogAuthor, type PublicBlogPost, type PublicBlogPostSummary, type PublicBlogTag, type PublicBoard, type PublicBoardAnalytics, type PublicBoardFeatures, type PublicBoardTheme, type PublicCompany, type PublicJob, type PublicJobCard, type PublicPlace, REFRESH_TOKEN_KEY, type RedirectResolution, type RefreshBody, type RegisterBody, type RelatedSearch, type RemoteOption, type RemotePermit, type RemoteTimezone, type ResetPasswordBody, SDK_VERSION, type SaveJobBody, type SavedJob, type SavedJobsListQuery, type SearchEnvelope, type Seniority, type StorageMode, type StorefrontPagination, type TaxonomyGeo, type TaxonomyResolution, type VerifyEmailBody, createBoardClient, isBoardApiError, isBoardPasswordRequired, isConflict, isForbidden, isNotFound, isRateLimited, isUnauthorized, isValidationError };

package/dist/index.js CHANGED Viewed

@@ -21,12 +21,14 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 var index_exports = {};
 __export(index_exports, {
   ACCESS_TOKEN_KEY: () => ACCESS_TOKEN_KEY,
+  BOARD_ACCESS_GRANT_KEY: () => BOARD_ACCESS_GRANT_KEY,
   BoardApiError: () => BoardApiError,
   BoardClient: () => BoardClient,
   REFRESH_TOKEN_KEY: () => REFRESH_TOKEN_KEY,
   SDK_VERSION: () => SDK_VERSION,
   createBoardClient: () => createBoardClient,
   isBoardApiError: () => isBoardApiError,
+  isBoardPasswordRequired: () => isBoardPasswordRequired,
   isConflict: () => isConflict,
   isForbidden: () => isForbidden,
   isNotFound: () => isNotFound,
@@ -65,6 +67,9 @@ function isNotFound(e) {
 function isUnauthorized(e) {
   return isBoardApiError(e) && e.status === 401;
 }
+function isBoardPasswordRequired(e) {
+  return isBoardApiError(e) && e.status === 401 && e.code === "board_password_required";
+}
 function isForbidden(e) {
   return isBoardApiError(e) && e.status === 403;
 }
@@ -99,6 +104,7 @@ function toSearchParams(query) {
 // src/storage.ts
 var ACCESS_TOKEN_KEY = "cavuno_board_access_token";
 var REFRESH_TOKEN_KEY = "cavuno_board_refresh_token";
+var BOARD_ACCESS_GRANT_KEY = "cavuno_board_access_grant";
 function isBrowser() {
   return typeof globalThis.document !== "undefined";
 }
@@ -143,7 +149,7 @@ async function clearSession(storage) {
 }
 // src/version.ts
-var SDK_VERSION = "1.2.0";
+var SDK_VERSION = "1.3.0";
 // src/client.ts
 function isRawBody(body) {
@@ -185,12 +191,14 @@ var BoardClient = class {
     }
     const token = await this.storage.getItem(ACCESS_TOKEN_KEY);
     if (token !== null) headers.set("authorization", `Bearer ${token}`);
+    const grant = await this.storage.getItem(BOARD_ACCESS_GRANT_KEY);
+    if (grant !== null) headers.set("x-board-access", grant);
     if (callHeaders) {
       new Headers(callHeaders).forEach((value, key) => {
         headers.set(key, value);
       });
     }
-    if ((method !== "GET" || headers.has("authorization")) && !headers.has("x-cavuno-sdk")) {
+    if ((method !== "GET" || headers.has("authorization") || headers.has("x-board-access")) && !headers.has("x-cavuno-sdk")) {
       headers.set("x-cavuno-sdk", `board@${SDK_VERSION}`);
     }
     let req = {
@@ -201,7 +209,8 @@ var BoardClient = class {
     this.options.logger?.debug(`${method} ${req.url}`);
     const res = await globalThis.fetch(req.url, req.init);
     this.options.logger?.debug(`${res.status} ${method} ${req.url}`);
-    if (this.options.onResponse) await this.options.onResponse(res.clone(), req);
+    if (this.options.onResponse)
+      await this.options.onResponse(res.clone(), req);
     if (res.status === 204) return void 0;
     if (res.ok) return await res.json();
     let parsed;
@@ -396,6 +405,30 @@ function blogNamespace(client) {
           `/blog/posts/${encodeURIComponent(postSlug)}`,
           { ...options, query }
         );
+      },
+      /**
+       * The previous (older) and next (newer) posts for prev/next navigation.
+       *
+       * @example
+       * const { previous, next } = await board.blog.posts.adjacent('hello-world');
+       */
+      adjacent(postSlug, options) {
+        return client.fetch(
+          `/blog/posts/${encodeURIComponent(postSlug)}/adjacent`,
+          options
+        );
+      },
+      /**
+       * Posts most similar to one post (the related-posts rail).
+       *
+       * @example
+       * const { data } = await board.blog.posts.similar('hello-world', { limit: 6 });
+       */
+      similar(postSlug, query, options) {
+        return client.fetch(
+          `/blog/posts/${encodeURIComponent(postSlug)}/similar`,
+          { ...options, query }
+        );
       }
     },
     tags: {
@@ -501,6 +534,96 @@ function companiesNamespace(client) {
   };
 }
+// src/namespaces/embed.ts
+function embedNamespace(client) {
+  return {
+    /**
+     * List published jobs for an embeddable widget — the same featured-ranked
+     * cards as `board.jobs.list`, but UNGATED: the candidate paywall never
+     * applies, so the full page is always returned and there is no
+     * `gatedCount`. Powers the public "Powered by Cavuno" embed. `limit`
+     * defaults to 8 and is clamped to a maximum of 50.
+     *
+     * @example
+     * const { data, nextCursor } = await board.embed.jobs({ q: 'chef', limit: 8 });
+     */
+    jobs(query, options) {
+      return client.fetch("/embed/jobs", {
+        ...options,
+        query
+      });
+    }
+  };
+}
+// src/namespaces/job-alerts.ts
+function jobAlertsNamespace(client) {
+  return {
+    /** Subscribe an email to job alerts. Sends a double-opt-in confirmation email. */
+    subscribe(input, options) {
+      return client.fetch("/job-alerts", {
+        ...options,
+        method: "POST",
+        body: input
+      });
+    },
+    /** Complete double opt-in with the token from the confirmation email. */
+    confirm(input, options) {
+      return client.fetch("/job-alerts/confirm", {
+        ...options,
+        method: "POST",
+        body: input
+      });
+    },
+    /** Re-send the confirmation email for an unconfirmed subscription. */
+    resendConfirmation(input, options) {
+      return client.fetch(
+        "/job-alerts/resend-confirmation",
+        { ...options, method: "POST", body: input }
+      );
+    },
+    /** Read a subscription + its preferences for the manage page (HMAC token). */
+    manage(query, options) {
+      return client.fetch("/job-alerts/manage", {
+        ...options,
+        query
+      });
+    },
+    /** Deactivate a subscription via the HMAC manage token. */
+    unsubscribe(input, options) {
+      return client.fetch("/job-alerts/unsubscribe", {
+        ...options,
+        method: "POST",
+        body: input
+      });
+    },
+    /** Re-activate a previously unsubscribed subscription via the manage token. */
+    resubscribe(input, options) {
+      return client.fetch("/job-alerts/resubscribe", {
+        ...options,
+        method: "POST",
+        body: input
+      });
+    },
+    /** Edit a preference's filters/frequency via the manage token. */
+    updatePreference(input, options) {
+      return client.fetch("/job-alerts/preferences", {
+        ...options,
+        method: "POST",
+        body: input
+      });
+    },
+    /** Delete a preference via the manage token. */
+    deletePreference(input, options) {
+      return client.fetch("/job-alerts/preferences", {
+        ...options,
+        method: "DELETE",
+        body: input
+      });
+    }
+  };
+}
 // src/namespaces/jobs.ts
 function jobsNamespace(client) {
   return {
@@ -625,6 +748,30 @@ function meNamespace(client) {
   };
 }
+// src/namespaces/password.ts
+function passwordNamespace(client) {
+  return {
+    /**
+     * Exchange a board password for an access grant and store it. After this
+     * resolves, every subsequent read auto-carries the grant as the
+     * `X-Board-Access` header — until the password rotates, after which reads
+     * fail with 401 `board_password_required` and you must `verify()` again
+     * (the SDK never auto-retries — verify is rate-limited — and never
+     * auto-clears; the host re-challenges). On the server (`nostore` storage)
+     * the grant is returned but not persisted; pass it per-call instead.
+     */
+    async verify(password, options) {
+      const grant = await client.fetch("/password/verify", {
+        ...options,
+        method: "POST",
+        body: { password }
+      });
+      await client.storage.setItem(BOARD_ACCESS_GRANT_KEY, grant.token);
+      return grant;
+    }
+  };
+}
 // src/namespaces/redirects.ts
 function redirectsNamespace(client) {
   return {
@@ -666,9 +813,16 @@ function taxonomyNamespace(client) {
     skills: taxonomyResolver(client, "skills"),
     places: {
       ...taxonomyResolver(client, "places"),
-      /** List every place used by a published job, with its live job count. */
-      list(options) {
-        return client.fetch("/places", options);
+      /**
+       * Without `query`: list every place used by a published job, with its
+       * live job count (the locations directory). With `query.q` (≥2 chars):
+       * location autocomplete — the top name matches ranked.
+       */
+      list(query, options) {
+        return client.fetch("/places", {
+          ...options,
+          query
+        });
       }
     }
   };
@@ -713,11 +867,14 @@ function createBoardClient(options) {
       return client.fetch("/seo", options2);
     },
     jobs: jobsNamespace(client),
+    embed: embedNamespace(client),
     companies: companiesNamespace(client),
     blog: blogNamespace(client),
     auth: authNamespace(client),
     me: meNamespace(client),
+    password: passwordNamespace(client),
     taxonomy: taxonomyNamespace(client),
-    redirects: redirectsNamespace(client)
+    redirects: redirectsNamespace(client),
+    jobAlerts: jobAlertsNamespace(client)
   };
 }