@chainlesschain/personal-data-hub 0.4.5 → 0.4.6

package/__tests__/shopping-pinduoduo-snapshot.test.js

@@ -10,7 +10,10 @@ const {
   PinduoduoAdapter,
   SNAPSHOT_SCHEMA_VERSION,
   VALID_SNAPSHOT_KINDS,
+  orderToRecord,
+  extractOrders,
 } = require("../lib/adapters/shopping-pinduoduo");
+const { assertAdapter } = require("../lib/adapter-spec");
 const { validateBatch } = require("../lib/batch");
 
 // §2.4c v0.2 — Pinduoduo snapshot-only adapter. Pinduoduo's web API requires
@@ -274,6 +277,13 @@ describe("PinduoduoAdapter snapshot mode", () => {
     expect(raws[0].capturedAt).toBe(ts);
   });
 
+  it("advertises both snapshot and cookie-api capabilities", () => {
+    const a = new PinduoduoAdapter();
+    expect(a.capabilities).toContain("sync:snapshot");
+    expect(a.capabilities).toContain("sync:cookie-api");
+    expect(assertAdapter(a).ok).toBe(true);
+  });
+
   it("snapshotEventToRecord handles snake_case goods_name/goods_price fallback", async () => {
     // Pinduoduo's internal field names use snake_case (goods_name, goods_price,
     // goods_count); the normalizer falls back to those if camelCase is absent.
@@ -300,3 +310,175 @@ describe("PinduoduoAdapter snapshot mode", () => {
     expect(JSON.stringify(batch)).toContain("纸巾");
   });
 });
+
+// §2.4c v0.3 — Pinduoduo cookie-api mode. The actual HTTP + anti_token signing
+// is injected (fetchFn / signProvider) so the adapter stays pure-Node.
+describe("PinduoduoAdapter cookie-api mode", () => {
+  it("authenticate(cookie) ok when uid + cookies present", async () => {
+    const a = new PinduoduoAdapter({ account: { uid: "u-1", cookies: "PDDAccessToken=ok" } });
+    const res = await a.authenticate();
+    expect(res.ok).toBe(true);
+    expect(res.mode).toBe("cookie");
+    expect(res.account).toBe("u-1");
+  });
+
+  it("authenticate(cookie) requires account.uid", async () => {
+    const a = new PinduoduoAdapter({ account: { cookies: "PDDAccessToken=ok" } });
+    const res = await a.authenticate();
+    expect(res.ok).toBe(false);
+    expect(res.reason).toBe("NO_ACCOUNT_UID");
+  });
+
+  it("sync yields normalized records from fetchFn fixture (cents → 元)", async () => {
+    const fetchFn = async () => ({
+      orders: [
+        {
+          order_sn: "PDD-COOKIE-1",
+          mall_name: "拼多多旗舰店",
+          order_status_prompt: "已发货",
+          order_amount: 6200, // 分 → 62.00 元
+          order_time: 1700000000, // sec
+          pay_time: 1700000010,
+          receive_name: "李四",
+          address: "广州市天河区...",
+          goods_list: [
+            { goods_name: "纸巾100抽", goods_number: 5, goods_price: 990, sku_id: "sk1" },
+          ],
+        },
+      ],
+    });
+    const a = new PinduoduoAdapter({
+      account: { uid: "u-1", cookies: "PDDAccessToken=ok" },
+      fetchFn,
+    });
+    const raws = [];
+    for await (const r of a.sync({ sinceWatermark: 0 })) raws.push(r);
+    expect(raws.length).toBe(1);
+    expect(raws[0].originalId).toBe("PDD-COOKIE-1");
+    expect(raws[0].payload.record.totalAmount.value).toBe(62);
+    expect(raws[0].payload.record.items[0].unitPrice).toBe(9.9);
+    expect(raws[0].payload.record.status).toBe("shipped");
+
+    const batch = a.normalize(raws[0]);
+    expect(validateBatch(batch).valid).toBe(true);
+    expect(JSON.stringify(batch)).toContain("纸巾100抽");
+    expect(JSON.stringify(batch)).toContain("李四");
+  });
+
+  it("invokes signProvider and passes antiToken to fetchFn", async () => {
+    let seenAntiToken = null;
+    const signProvider = async () => "ANTI-TOKEN-XYZ";
+    const fetchFn = async (opts) => {
+      seenAntiToken = opts.antiToken;
+      return { orders: [] };
+    };
+    const a = new PinduoduoAdapter({
+      account: { uid: "u-1", cookies: "PDDAccessToken=ok" },
+      fetchFn,
+      signProvider,
+    });
+    for await (const _r of a.sync({ sinceWatermark: 0 })) { /* drain */ }
+    expect(seenAntiToken).toBe("ANTI-TOKEN-XYZ");
+  });
+
+  it("passes antiToken: null when no signProvider configured", async () => {
+    let seen = "unset";
+    const fetchFn = async (opts) => {
+      seen = opts.antiToken;
+      return { orders: [] };
+    };
+    const a = new PinduoduoAdapter({
+      account: { uid: "u-1", cookies: "PDDAccessToken=ok" },
+      fetchFn,
+    });
+    for await (const _r of a.sync({ sinceWatermark: 0 })) { /* drain */ }
+    expect(seen).toBe(null);
+  });
+
+  it("paginates and stops at sinceWatermark", async () => {
+    const pages = {
+      1: [
+        { order_sn: "p1-a", mall_name: "m", order_time: 1700000000, order_amount: 100,
+          goods_list: [] },
+        { order_sn: "p1-b", mall_name: "m", order_time: 1699000000, order_amount: 100,
+          goods_list: [] },
+      ],
+      2: [
+        { order_sn: "p2-a", mall_name: "m", order_time: 1698000000, order_amount: 100,
+          goods_list: [] },
+      ],
+    };
+    const seenPages = [];
+    const fetchFn = async (opts) => {
+      seenPages.push(opts.query.pageNumber);
+      return { orders: pages[opts.query.pageNumber] || [] };
+    };
+    const a = new PinduoduoAdapter({
+      account: { uid: "u-1", cookies: "PDDAccessToken=ok" },
+      fetchFn,
+    });
+    const raws = [];
+    // watermark between 1699000000s and 1700000000s → stops on the older order
+    for await (const r of a.sync({ sinceWatermark: 1699500000 * 1000, pageSize: 2 })) {
+      raws.push(r);
+    }
+    expect(raws.map((r) => r.originalId)).toEqual(["p1-a"]);
+    // stopped inside page 1 — never fetched page 2
+    expect(seenPages).toEqual([1]);
+  });
+
+  it("respects per-kind include opt-out in cookie mode", async () => {
+    let called = false;
+    const fetchFn = async () => {
+      called = true;
+      return { orders: [] };
+    };
+    const a = new PinduoduoAdapter({
+      account: { uid: "u-1", cookies: "PDDAccessToken=ok" },
+      fetchFn,
+    });
+    const raws = [];
+    for await (const r of a.sync({ include: { order: false } })) raws.push(r);
+    expect(raws.length).toBe(0);
+    expect(called).toBe(false);
+  });
+
+  it("orderToRecord maps snake_case PDD fields with cents conversion", () => {
+    const rec = orderToRecord({
+      order_sn: "PDD-9",
+      mall_name: "店铺B",
+      order_status: 4, // numeric → 已完成 → delivered
+      order_amount: 1650,
+      order_time: 1700000000,
+      goods_list: [{ goods_name: "牙刷", goods_number: 2, goods_price: 825 }],
+    });
+    expect(rec.orderId).toBe("PDD-9");
+    expect(rec.merchantName).toBe("店铺B");
+    expect(rec.status).toBe("delivered");
+    expect(rec.totalAmount.value).toBe(16.5);
+    expect(rec.items[0].unitPrice).toBe(8.25);
+    expect(rec.extras.capturedBy).toBe("cookie-api");
+  });
+
+  it("extractOrders tolerates nested response shapes", () => {
+    expect(extractOrders({ orders: [1] })).toEqual([1]);
+    expect(extractOrders({ order_list: [2] })).toEqual([2]);
+    expect(extractOrders({ list: [3] })).toEqual([3]);
+    expect(extractOrders({ result: { order_list: [4] } })).toEqual([4]);
+    expect(extractOrders({ result: { list: [5] } })).toEqual([5]);
+    expect(extractOrders({})).toEqual([]);
+    expect(extractOrders(null)).toEqual([]);
+  });
+
+  it("default fetchFn throws a legible error when cookie mode used without injection", async () => {
+    const a = new PinduoduoAdapter({ account: { uid: "u-1", cookies: "PDDAccessToken=ok" } });
+    let threw = null;
+    try {
+      for await (const _r of a.sync({ sinceWatermark: 0 })) { /* drain */ }
+    } catch (err) {
+      threw = err;
+    }
+    expect(threw).toBeTruthy();
+    expect(String(threw.message)).toMatch(/no fetchFn configured/);
+  });
+});

package/lib/adapters/shopping-pinduoduo/index.js

@@ -1,29 +1,32 @@
 /**
- * §2.4c 购物三联 v0.2 — Pinduoduo (拼多多) adapter, snapshot-only.
+ * §2.4c 购物三联 — Pinduoduo (拼多多) adapter, dual-mode (snapshot + cookie-api).
  *
- * Mirror of shopping-jd / shopping-meituan snapshot-mode pattern, **but
- * without a cookie-mode fallback** because:
+ * v0.3 brings 拼多多 to parity with shopping-taobao / shopping-jd /
+ * shopping-meituan by adding a cookie-api fetch path alongside the existing
+ * snapshot ingest. As with the other shopping adapters the actual HTTP call is
+ * delegated to an injected `fetchFn` (the Android in-APK cc uses OkHttp; the
+ * desktop hub uses an Electron WebView net request) so this module stays a
+ * pure-Node parser + orchestrator.
  *
- *   1. mobile.yangkeduo.com web endpoint `/proxy/api/galerie/transaction/
- *      transaction_list` requires `anti_token` signing computed by client-side
- *      JS (similar to 抖音 X-Bogus). No pure-Node implementation survives
- *      pinduoduo's monthly anti_token rotation.
- *   2. Pinduoduo Android app has no built-in "export orders" feature, so
- *      there's no SAF source-format to parse directly either.
+ *   1. snapshot mode (opts.inputPath): ingest a snapshot JSON produced by a
+ *      browser extension / hand-roll (stateless — account OPTIONAL).
  *
- * v0.2 deliverable = **scaffold + snapshot-mode JSON ingest**. User-facing
- * paths for producing the snapshot JSON:
+ *   2. cookie-api mode (opts.account.cookies): fetch
+ *      `mobile.yangkeduo.com/proxy/api/galerie/transaction/transaction_list`
+ *      via the injected `fetchFn`, paginating with the `pageNumber` cursor and
+ *      stopping at the `sinceWatermark`. account.uid REQUIRED in this mode.
  *
- *   a) Browser extension (planned v0.3) that scrapes yangkeduo.com order
- *      pages while logged in and exports JSON matching this schema.
- *   b) Manual hand-roll (rare; for testing).
+ * ── anti_token signing seam ──────────────────────────────────────────────
+ *   Pinduoduo's transaction_list requires an `anti_token` (a.k.a.
+ *   `anti-content`) computed by client-side JS — analogous to 抖音 X-Bogus.
+ *   No pure-Node implementation survives pinduoduo's anti_token rotation, so
+ *   the signing itself is injected via `opts.signProvider` (or constructor
+ *   `signProvider`). On Android the in-APK WebView JS VM produces the token;
+ *   in tests a stub returns a fixed value. When no signProvider is configured
+ *   the request is still issued with `antiToken: null` — best-effort, the
+ *   endpoint may 403, which surfaces as zero events rather than a crash.
  *
- * UI surface: pinduoduo card appears alongside alipay/taobao/jd/meituan in
- * 推文 §"支付与购物" 大类, with an explicit "v0.2 待用户导出 — 需 web
- * extension 或手抄" banner so user knows the limitation.
- *
- * Snapshot schema (mirrors PinduoduoLocalCollector.SNAPSHOT_SCHEMA_VERSION
- * once the Kotlin collector lands in v0.3+):
+ * Snapshot schema (mirrors PinduoduoLocalCollector.SNAPSHOT_SCHEMA_VERSION):
  *
  *   {
  *     "schemaVersion": 1,
@@ -45,33 +48,46 @@
  *     ]
  *   }
  *
- * Future v0.3: HTML parsing (`Save As Webpage` from `mobile.yangkeduo.com/
+ * Future v0.4: HTML parsing (`Save As Webpage` from `mobile.yangkeduo.com/
  * users/orders.html` — pinduoduo's order list endpoint).
  */
 
 "use strict";
 
 const fs = require("node:fs");
-const { normalizeOrderRecord } = require("../shopping-base");
+const { normalizeOrderRecord, CookieAuth } = require("../shopping-base");
 
 const NAME = "shopping-pinduoduo";
-const VERSION = "0.1.0";
+const VERSION = "0.2.0";
 const SNAPSHOT_SCHEMA_VERSION = 1;
 
 const KIND_ORDER = "order";
 const VALID_SNAPSHOT_KINDS = Object.freeze([KIND_ORDER]);
 
+const PINDUODUO_ORDERS_URL =
+  "https://mobile.yangkeduo.com/proxy/api/galerie/transaction/transaction_list";
+
 class PinduoduoAdapter {
   constructor(opts = {}) {
-    // §2.4c v0.2: account is OPTIONAL — snapshot mode is stateless. There's
-    // no cookie mode at all (anti_token signing path deferred to v0.3+).
+    // §2.4c: account is OPTIONAL — snapshot mode is stateless. Cookie-api mode
+    // activates only when account.cookies is supplied; account.uid is then
+    // required (checked at sync time).
     this.account = opts.account || null;
+    this._cookieAuth =
+      opts.account && opts.account.cookies
+        ? new CookieAuth({ platform: "pinduoduo", cookies: opts.account.cookies })
+        : null;
+    this._fetchFn = typeof opts.fetchFn === "function" ? opts.fetchFn : defaultFetch;
+    // anti_token signing seam — see file header. Async fn({ url, query,
+    // cookies }) → string|null. When absent, requests carry antiToken: null.
+    this._signProvider =
+      typeof opts.signProvider === "function" ? opts.signProvider : null;
 
     this.name = NAME;
     this.version = VERSION;
-    this.capabilities = ["sync:snapshot", "parse:pinduoduo-orders"];
-    this.extractMode = "user-export";
-    this.rateLimits = {};
+    this.capabilities = ["sync:snapshot", "sync:cookie-api", "parse:pinduoduo-orders"];
+    this.extractMode = "web-api";
+    this.rateLimits = { perMinute: 8, perDay: 200 };
     this.dataDisclosure = {
       fields: [
         "pinduoduo:order_sn / mall_name / goods_list / order_amount / address",
@@ -99,15 +115,33 @@ class PinduoduoAdapter {
       }
       return { ok: true, mode: "snapshot-file" };
     }
+    if (this._cookieAuth) {
+      const ok = await this._cookieAuth.validate();
+      if (!ok) return { ok: false, reason: "INVALID_COOKIE", error: "cookies missing" };
+      if (!this.account || !this.account.uid) {
+        return {
+          ok: false,
+          reason: "NO_ACCOUNT_UID",
+          message: "cookie-api mode requires account.uid",
+        };
+      }
+      return { ok: true, account: this.account.uid, mode: "cookie" };
+    }
     return {
       ok: false,
       reason: "NO_INPUT",
       message:
-        "PinduoduoAdapter.authenticate: needs opts.inputPath (snapshot mode — no cookie mode in v0.2)",
+        "PinduoduoAdapter.authenticate: needs opts.inputPath (snapshot mode) OR opts.account.cookies (cookie-api mode — anti_token signing via signProvider)",
     };
   }
 
   async healthCheck() {
+    if (this._cookieAuth) {
+      const r = await this.authenticate();
+      return r.ok
+        ? { ok: true, lastChecked: Date.now() }
+        : { ok: false, reason: r.reason, error: r.error };
+    }
     return { ok: true, lastChecked: Date.now() };
   }
 
@@ -116,21 +150,25 @@ class PinduoduoAdapter {
       yield* this._syncViaSnapshot(opts);
       return;
     }
+    if (this._cookieAuth) {
+      yield* this._syncViaCookie(opts);
+      return;
+    }
     throw new Error(
-      "PinduoduoAdapter.sync: needs opts.inputPath (snapshot mode; no cookie/api mode in v0.2 because pinduoduo's web API requires anti_token JS-VM signing)",
+      "PinduoduoAdapter.sync: needs opts.inputPath (snapshot mode) OR opts.account.cookies (cookie-api mode; pinduoduo's web API requires anti_token signing supplied via opts.signProvider)",
     );
   }
 
   async *_syncViaSnapshot(opts) {
     const raw = this._deps.fs.readFileSync(opts.inputPath, "utf-8");
     // v0.2 explicit JSON-only. HTML parsing (SAF-exported webpage from
-    // yangkeduo.com order list) is future v0.3 work.
+    // yangkeduo.com order list) is future v0.4 work.
     let snapshot;
     try {
       snapshot = JSON.parse(raw);
     } catch (err) {
       throw new Error(
-        `shopping-pinduoduo.sync: snapshot must be JSON (v0.3 will add HTML parsing). Got parse error: ${err.message}`,
+        `shopping-pinduoduo.sync: snapshot must be JSON (v0.4 will add HTML parsing). Got parse error: ${err.message}`,
       );
     }
     if (
@@ -184,11 +222,77 @@ class PinduoduoAdapter {
     }
   }
 
+  async *_syncViaCookie(opts = {}) {
+    if (!this.account || !this.account.uid) {
+      throw new Error(
+        "PinduoduoAdapter._syncViaCookie: account.uid required (set via new PinduoduoAdapter({ account: { uid, cookies } }))",
+      );
+    }
+    if (!(await this._cookieAuth.validate())) return;
+    const sinceMs =
+      opts.sinceWatermark != null
+        ? parseInt(String(opts.sinceWatermark), 10) || 0
+        : Date.now() - 365 * 24 * 3600_000; // default last year
+    const pageSize = Number.isFinite(opts.pageSize) ? opts.pageSize : 10;
+    const include = opts.include || {};
+    if (include[KIND_ORDER] === false) return;
+
+    let pageNumber = 1;
+    while (true) {
+      const query = { pageNumber, pageSize, ts: Date.now() };
+      // anti_token signing seam — best-effort. null when no signProvider.
+      let antiToken = null;
+      if (this._signProvider) {
+        antiToken = await this._signProvider({
+          url: PINDUODUO_ORDERS_URL,
+          query,
+          cookies: this._cookieAuth.toHeader(),
+        });
+      }
+      const resp = await this._fetchFn({
+        url: PINDUODUO_ORDERS_URL,
+        cookies: this._cookieAuth.toHeader(),
+        antiToken,
+        query,
+      });
+      const orders = extractOrders(resp);
+      if (!orders.length) break;
+      let pageHasNew = false;
+      let reachedWatermark = false;
+      for (const raw of orders) {
+        const rec = orderToRecord(raw);
+        if (!rec) continue;
+        if (rec.placedAt && rec.placedAt < sinceMs) {
+          reachedWatermark = true; // everything from here on is older
+          break;
+        }
+        pageHasNew = true;
+        yield {
+          adapter: NAME,
+          originalId: rec.orderId,
+          capturedAt: rec.paidAt || rec.placedAt || Date.now(),
+          payload: { record: rec },
+        };
+      }
+      // Stop once we've crossed the watermark, drained the page, or the page
+      // came back short (last page).
+      if (reachedWatermark || !pageHasNew || orders.length < pageSize) break;
+      pageNumber += 1;
+    }
+  }
+
   normalize(raw) {
     if (!raw || !raw.payload) {
       throw new Error("PinduoduoAdapter.normalize: payload missing");
     }
-    // Snapshot-mode only — payload carries fields directly on the event.
+    // Cookie-api mode wraps a normalized record under payload.record; snapshot
+    // mode carries the raw event fields directly on the payload.
+    if (raw.payload.record) {
+      return normalizeOrderRecord(raw.payload.record, {
+        adapterName: NAME,
+        adapterVersion: VERSION,
+      });
+    }
     const rec = snapshotEventToRecord(raw.payload);
     return normalizeOrderRecord(rec, {
       adapterName: NAME,
@@ -208,6 +312,104 @@ function stableOriginalId(kind, id) {
   return `pinduoduo:${kind}:${safe}`;
 }
 
+/**
+ * Pull the order array out of a transaction_list response. Pinduoduo nests it
+ * under different keys across endpoint versions; the injected fetchFn may also
+ * pre-flatten to `{ orders }`. Tolerant of all common shapes.
+ */
+function extractOrders(resp) {
+  if (!resp || typeof resp !== "object") return [];
+  if (Array.isArray(resp.orders)) return resp.orders;
+  if (Array.isArray(resp.order_list)) return resp.order_list;
+  if (Array.isArray(resp.list)) return resp.list;
+  if (resp.result && Array.isArray(resp.result.order_list)) return resp.result.order_list;
+  if (resp.result && Array.isArray(resp.result.list)) return resp.result.list;
+  return [];
+}
+
+/**
+ * Map one pinduoduo transaction_list order object → vendor-neutral OrderRecord.
+ * Pinduoduo amounts are in 分 (cents); converted to 元 here. Field names are
+ * best-effort across endpoint versions (camelCase + snake_case fallbacks).
+ */
+function orderToRecord(o) {
+  if (!o || typeof o !== "object") return null;
+  const orderId = o.order_sn || o.orderSn || o.orderId || o.id;
+  if (!orderId) return null;
+  const merchant = o.mall_name || o.mallName || o.merchantName || o.shop_name || "拼多多";
+
+  const items = [];
+  const rawItems = o.goods_list || o.order_goods || o.goodsList || o.items || [];
+  for (const it of Array.isArray(rawItems) ? rawItems : []) {
+    if (!it) continue;
+    items.push({
+      name: it.goods_name || it.goodsName || it.name || it.skuName,
+      quantity: parseInt(it.goods_number || it.goods_count || it.quantity || 1, 10),
+      unitPrice: centsToYuan(it.goods_price || it.goodsPrice || it.unitPrice || 0),
+      sku: it.sku_id || it.skuId || it.goods_id || it.sku || null,
+    });
+  }
+
+  return {
+    vendorId: "pinduoduo",
+    orderId: String(orderId),
+    placedAt: parseTime(o.order_time || o.create_at || o.createAt || o.order_create_at),
+    paidAt: parseTime(o.pay_time || o.payTime || o.group_order_pay_time),
+    status: mapStatus(pickStatusText(o)),
+    merchantName: merchant,
+    totalAmount: {
+      value: centsToYuan(o.order_amount || o.orderAmount || o.pay_amount || o.total_amount || 0),
+      currency: "CNY",
+    },
+    items,
+    recipient: o.receive_name || o.receiver || o.recipient || null,
+    shippingAddress: o.address || o.receive_address || o.shippingAddress || null,
+    trackingNumber: o.tracking_number || o.waybill_no || o.trackingNumber || null,
+    extras: { capturedBy: "cookie-api", platform: "pinduoduo" },
+  };
+}
+
+/**
+ * Pinduoduo carries a human-readable status under several keys; prefer text
+ * over the numeric `order_status` code so mapStatus's keyword match works.
+ */
+function pickStatusText(o) {
+  const text =
+    o.order_status_prompt ||
+    o.orderStatusPrompt ||
+    o.status_prompt ||
+    o.statusPrompt ||
+    o.status_desc ||
+    null;
+  if (text) return text;
+  // Fall back to the numeric order_status code (best-effort PDD mapping).
+  const code = o.order_status != null ? o.order_status : o.orderStatus;
+  switch (Number(code)) {
+    case 1:
+      return "待付款";
+    case 2:
+      return "待发货";
+    case 3:
+      return "已发货";
+    case 4:
+      return "已完成";
+    case 5:
+    case 6:
+      return "已关闭";
+    default:
+      return o.status != null ? String(o.status) : "";
+  }
+}
+
+function centsToYuan(v) {
+  const n = Number(v);
+  if (!Number.isFinite(n)) return 0;
+  // Snapshot/test inputs may already be 元 with a decimal point; treat any
+  // non-integer as 元, integers as 分.
+  if (!Number.isInteger(n)) return n;
+  return Math.round(n) / 100;
+}
+
 function snapshotEventToRecord(ev) {
   const items = [];
   const rawItems = Array.isArray(ev.items) ? ev.items : [];
@@ -266,8 +468,14 @@ function mapStatus(s) {
   return "placed";
 }
 
+async function defaultFetch(_opts) {
+  throw new Error("PinduoduoAdapter: no fetchFn configured");
+}
+
 module.exports = {
   PinduoduoAdapter,
+  orderToRecord,
+  extractOrders,
   NAME,
   VERSION,
   SNAPSHOT_SCHEMA_VERSION,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@chainlesschain/personal-data-hub",
-  "version": "0.4.5",
+  "version": "0.4.6",
   "description": "Personal Data Hub — UnifiedSchema + validators + KG ingest helpers for the data-back-to-the-individual middleware",
   "type": "commonjs",
   "main": "lib/index.js",