@cross-deck/node 0.1.0 → 1.0.0

package/dist/index.d.ts

@@ -1,187 +1,348 @@
-type Environment = "production" | "sandbox";
-type AuditRail = "apple" | "stripe" | "google" | "manual";
-interface PublicEntitlement {
-    object: "entitlement";
-    key: string;
-    isActive: boolean;
-    validUntil?: number | null;
-    source: {
-        rail: AuditRail;
-        productId: string;
-        subscriptionId: string;
-    };
-    updatedAt: number;
-}
-interface EntitlementsListResponse {
-    object: "list";
-    data: PublicEntitlement[];
-    crossdeckCustomerId: string;
-    env: Environment;
-}
-interface AliasResult {
-    object: "alias_result";
-    crossdeckCustomerId: string;
-    linked: Array<{
-        type: "developer";
-        id: string;
-    } | {
-        type: "anonymous";
-        id: string;
-    }>;
-    mergePending: boolean;
-    env: Environment;
-}
-interface IngestResponse {
-    object: "list";
-    received: number;
-    env: Environment;
-    throttled?: {
-        dropped: number;
-        sampleRate: number;
-        retryAfterMs: number;
-    };
-}
-interface PurchaseResult {
-    object: "purchase_result";
-    crossdeckCustomerId: string;
-    env: Environment;
-    entitlements: PublicEntitlement[];
-}
-interface ForgetResult {
-    object: "forgot";
-    crossdeckCustomerId: string | null;
-    queuedAt: number;
-    env: Environment;
+export { A as AliasIdentityInput, a as AliasResult, b as AuditDecision, c as AuditEntry, B as Breadcrumb, d as BreadcrumbCategory, e as BreadcrumbLevel, C as CROSSDECK_API_VERSION, f as CapturedError, g as CrossdeckAuthenticationError, h as CrossdeckConfigurationError, i as CrossdeckError, j as CrossdeckErrorPayload, k as CrossdeckErrorType, l as CrossdeckInternalError, m as CrossdeckNetworkError, n as CrossdeckPermissionError, o as CrossdeckRateLimitError, p as CrossdeckServer, q as CrossdeckServerOptions, r as CrossdeckValidationError, D as DEFAULT_BASE_URL, s as DEFAULT_TIMEOUT_MS, t as Diagnostics, E as EntitlementCacheOptions, u as EntitlementMutationResult, v as EntitlementsListResponse, w as EntitlementsListener, x as Environment, y as ErrorCaptureConfig, z as ErrorLevel, F as EventProperties, G as ForgetResult, H as GrantDuration, I as GrantEntitlementInput, J as GroupMembership, K as HeartbeatResponse, L as HttpRequestInfo, M as HttpResponseInfo, N as HttpRetriesConfig, O as IdentifyOptions, P as IdentityHints, Q as IngestOptions, R as IngestResponse, S as PublicEntitlement, T as PurchaseResult, U as RequestOptions, V as RevokeEntitlementInput, W as RuntimeHost, X as RuntimeInfo, Y as SDK_NAME, Z as SDK_VERSION, _ as ServerEvent, $ as StackFrame, a0 as SyncPurchaseInput, a1 as makeCrossdeckError } from './crossdeck-server-LvQwPKu5.js';
+import 'node:events';
+
+/**
+ * Machine-readable index of every error code `@cross-deck/node` can
+ * throw, with a short description and a hint on what action to take.
+ * Mirrors `@cross-deck/web/src/error-codes.ts`.
+ *
+ * Stripe publishes the same surface at stripe.com/docs/error-codes;
+ * developers love it because every code has a canonical "what does
+ * this mean / what should I do" answer.
+ *
+ * Differences from web:
+ *   - Drops browser-only config codes (`invalid_public_key`,
+ *     `missing_app_id`, `invalid_environment`, `environment_mismatch`,
+ *     `not_initialized`).
+ *   - Adds `invalid_secret_key` (Node SDK takes a secret key, not a
+ *     publishable key + env declaration).
+ *   - Adds Node-lifecycle codes (`flush_on_exit_failed`,
+ *     `webhook_invalid_signature`, `webhook_replay_window_exceeded`,
+ *     `webhook_missing_secret`).
+ *
+ * Adding a new error code:
+ *   1. Throw it as `CrossdeckError.code` in the call site.
+ *   2. Add an entry here so the dashboard + AI assistants can render
+ *      the canonical fix.
+ *
+ * Keep entries terse — consumers surface this in tooltips and
+ * automated tickets, not in long-form docs.
+ */
+interface ErrorCodeEntry {
+    /** The string thrown as `CrossdeckError.code`. */
+    code: string;
+    /** Broad category — `CrossdeckError.type`. */
+    type: "authentication_error" | "permission_error" | "invalid_request_error" | "rate_limit_error" | "internal_error" | "network_error" | "configuration_error";
+    /** One-sentence description. Surfaced verbatim in dashboards. */
+    description: string;
+    /** What the developer should do. Imperative phrasing. */
+    resolution: string;
+    /** True for codes the SDK can auto-recover from (no developer action). */
+    retryable: boolean;
 }
-interface CrossdeckServerOptions {
-    secretKey: string;
-    baseUrl?: string;
-    timeoutMs?: number;
-    sdkVersion?: string;
+/**
+ * Internal source-of-truth with literal types preserved via `as const`.
+ * The exported `CROSSDECK_ERROR_CODES` widens to `readonly
+ * ErrorCodeEntry[]` for the public surface (callers iterating it
+ * shouldn't depend on literal positions), while `CrossdeckErrorCode`
+ * below derives the literal union from this constant for type-safe
+ * code narrowing.
+ */
+declare const _CROSSDECK_ERROR_CODES: readonly [{
+    readonly code: "invalid_secret_key";
+    readonly type: "configuration_error";
+    readonly description: "The secret key passed to new CrossdeckServer({ secretKey }) doesn't start with cd_sk_.";
+    readonly resolution: "Copy the key from your Crossdeck dashboard → API keys page. Server SDKs use cd_sk_test_… (sandbox) or cd_sk_live_… (production). Never ship this key to a browser.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_user_id";
+    readonly type: "invalid_request_error";
+    readonly description: "identify() / aliasIdentity() called with an empty userId.";
+    readonly resolution: "Pass a stable, non-empty user identifier from your auth layer — never a hardcoded placeholder.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_anonymous_id";
+    readonly type: "invalid_request_error";
+    readonly description: "aliasIdentity() called with an empty anonymousId.";
+    readonly resolution: "Pass the anonymousId originally minted by the web SDK on this user's device.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_customer_id";
+    readonly type: "invalid_request_error";
+    readonly description: "An operation that requires a Crossdeck customer ID was called with an empty value.";
+    readonly resolution: "Pass the customerId returned from a prior identify() / getEntitlements() call.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_identity";
+    readonly type: "invalid_request_error";
+    readonly description: "An ingest / forget / entitlements call received no identity hints.";
+    readonly resolution: "Pass at least one of customerId, userId, or anonymousId on the call (or per-event for ingest).";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_event_name";
+    readonly type: "invalid_request_error";
+    readonly description: "track() / ingest() received an event without a name.";
+    readonly resolution: "Pass a non-empty string as the event name. The wire shape is { name, properties? }.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_events";
+    readonly type: "invalid_request_error";
+    readonly description: "ingest() received an empty array.";
+    readonly resolution: "Pass at least one event. Use server.track(event) to send a single event.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_event_id";
+    readonly type: "invalid_request_error";
+    readonly description: "getAuditEntry() called with an empty eventId.";
+    readonly resolution: "Pass the eventId from the audit row you want to inspect.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_signed_transaction_info";
+    readonly type: "invalid_request_error";
+    readonly description: "syncPurchases() called without StoreKit 2 signed transaction info.";
+    readonly resolution: "Pass the JWS string from Transaction.currentEntitlements / Transaction.updates.";
+    readonly retryable: false;
+}, {
+    readonly code: "missing_group_type";
+    readonly type: "invalid_request_error";
+    readonly description: "group(type, id) called with an empty type.";
+    readonly resolution: "Pass a non-empty group type (e.g. \"org\", \"team\", \"plan\") as the first argument.";
+    readonly retryable: false;
+}, {
+    readonly code: "serialization_failed";
+    readonly type: "invalid_request_error";
+    readonly description: "An event payload or trait bag could not be JSON-serialised even after sanitisation.";
+    readonly resolution: "Inspect the payload for non-JSON-friendly values (functions, symbols, deeply circular refs). The SDK's validator drops these by default, so this usually means a bug — file an issue with the payload shape.";
+    readonly retryable: false;
+}, {
+    readonly code: "fetch_failed";
+    readonly type: "network_error";
+    readonly description: "The underlying fetch() call failed (typically a network outage, DNS, or refused connection).";
+    readonly resolution: "Check the host's outbound network. The SDK retries automatically with exponential backoff + jitter for queued events.";
+    readonly retryable: true;
+}, {
+    readonly code: "request_timeout";
+    readonly type: "network_error";
+    readonly description: "A request was aborted after the configured timeoutMs (default 15s).";
+    readonly resolution: "Check the host's network. Increase timeoutMs in CrossdeckServer options if you're on a known-slow link.";
+    readonly retryable: true;
+}, {
+    readonly code: "invalid_json_response";
+    readonly type: "internal_error";
+    readonly description: "The server returned a 2xx with an unparseable body.";
+    readonly resolution: "Likely a transient backend bug. Retry; if it persists, contact support with the requestId.";
+    readonly retryable: true;
+}, {
+    readonly code: "flush_on_exit_failed";
+    readonly type: "internal_error";
+    readonly description: "The on-exit drain (beforeExit / SIGTERM / SIGINT) did not complete before flushOnExitTimeoutMs.";
+    readonly resolution: "Increase flushOnExitTimeoutMs in CrossdeckServer options. Default is 2000ms; serverless runtimes typically allow 5-10s before SIGKILL. If events are dropping silently in production, raise this.";
+    readonly retryable: false;
+}, {
+    readonly code: "webhook_invalid_signature";
+    readonly type: "authentication_error";
+    readonly description: "The webhook signature header did not verify against the supplied secret.";
+    readonly resolution: "Confirm the secret matches the one in your Crossdeck dashboard → Webhooks page. If the request is genuinely from Crossdeck, the secret is wrong, stale, or recently rotated.";
+    readonly retryable: false;
+}, {
+    readonly code: "webhook_replay_window_exceeded";
+    readonly type: "authentication_error";
+    readonly description: "The webhook timestamp is older than the replay-tolerance window (default 5 minutes).";
+    readonly resolution: "The webhook is either replayed or your receiving clock is wildly skewed. Verify NTP on the receiving host. Increase replayToleranceMs only if you accept the replay-attack risk.";
+    readonly retryable: false;
+}, {
+    readonly code: "webhook_missing_secret";
+    readonly type: "configuration_error";
+    readonly description: "verifyWebhookSignature() was called without a signing secret.";
+    readonly resolution: "Pass the secret from your Crossdeck dashboard → Webhooks page. Never hardcode in source — read from an env var.";
+    readonly retryable: false;
+}];
+/**
+ * Literal union of every code documented in `CROSSDECK_ERROR_CODES`.
+ * Exported so callers can do type-safe code comparisons:
+ *
+ *   if (err.code === "webhook_invalid_signature") { ... }    // typed
+ *   if (err.code === "webook_invalid_signature") { ... }     // TS error
+ *
+ * Mis-spelling a code at compile time fails to compile — the gap that
+ * silently broke v0.1.0 callers checking for non-existent codes.
+ */
+type CrossdeckErrorCode = (typeof _CROSSDECK_ERROR_CODES)[number]["code"];
+/** Type guard: narrows a string to the documented literal union. */
+declare function isCrossdeckErrorCode(code: string): code is CrossdeckErrorCode;
+/**
+ * Public catalogue, widened to `readonly ErrorCodeEntry[]` for iteration
+ * stability. Callers needing literal types should reach for the
+ * `CrossdeckErrorCode` union above instead of indexing into this array.
+ */
+declare const CROSSDECK_ERROR_CODES: readonly ErrorCodeEntry[];
+/** Lookup helper — returns the entry matching a CrossdeckError.code, or undefined. */
+declare function getErrorCode(code: string): ErrorCodeEntry | undefined;
+
+/**
+ * Webhook signature verification — Stripe pattern.
+ *
+ * Lets customers verify the events Crossdeck sends to THEM. Table-stakes
+ * for any backend SDK (Stripe ships `Stripe.webhooks.constructEvent()`
+ * from day one, Svix ships `Webhook.verify()` from day one).
+ *
+ * Wire format:
+ *   Header `Crossdeck-Signature: t=<unix-seconds>,v1=<hex>`
+ *   Where `v1` is HMAC-SHA256(secret, `${t}.${payload}`) — Stripe-compatible.
+ *
+ * Customers receive a signing secret from the Crossdeck dashboard
+ * (one-time reveal at mint time; rotated as needed). Each webhook
+ * carries the signature header above. The customer's handler:
+ *
+ *   import { verifyWebhookSignature } from "@cross-deck/node";
+ *
+ *   app.post("/crossdeck-webhook", express.raw({ type: "application/json" }), (req, res) => {
+ *     try {
+ *       const event = verifyWebhookSignature(
+ *         req.body.toString("utf8"),
+ *         req.headers["crossdeck-signature"],
+ *         process.env.CROSSDECK_WEBHOOK_SECRET,
+ *       );
+ *       // event is the parsed JSON payload
+ *       handleCrossdeckEvent(event);
+ *       res.sendStatus(200);
+ *     } catch (err) {
+ *       res.sendStatus(401);
+ *     }
+ *   });
+ *
+ * The signing scheme is constant-time via `crypto.timingSafeEqual` so
+ * a malicious caller can't extract the signature by measuring response
+ * timing. Replay defence: timestamps older than `replayToleranceMs`
+ * (default 5 min) are rejected — required because HMAC-SHA256 is
+ * stateless and would otherwise allow an attacker to replay an old
+ * webhook indefinitely.
+ *
+ * Supports multiple secrets for rotation: pass an array; the helper
+ * tries each, accepts on the first match. Lets customers rotate the
+ * dashboard secret without dropping in-flight webhooks.
+ */
+interface VerifyWebhookOptions {
     /**
-     * Optional informational appId stamped onto event batches. The server
-     * ultimately trusts the API key's resolved app routing, so this is
-     * best-effort metadata only.
+     * Maximum age of the webhook timestamp in milliseconds. Default
+     * 5 minutes (5 * 60 * 1000). Anything older than this is rejected
+     * as a replay. Pass 0 to disable the replay window (NOT recommended
+     * — accept the trade-off only if you have a separate replay defence).
      */
-    appId?: string;
-}
-interface IdentityHints {
-    customerId?: string;
-    userId?: string;
-    anonymousId?: string;
-}
-interface IdentifyOptions {
-    email?: string;
-    traits?: Record<string, unknown>;
-}
-interface AliasIdentityInput extends IdentifyOptions {
-    userId: string;
-    anonymousId: string;
-}
-type ErrorLevel = "error" | "warning" | "info";
-interface ServerEvent {
-    eventId?: string;
-    name: string;
-    timestamp?: number;
-    properties?: Record<string, unknown>;
-    developerUserId?: string;
-    anonymousId?: string;
-    crossdeckCustomerId?: string;
-    level?: ErrorLevel;
-    tags?: Record<string, string>;
-    categoryTags?: string[];
-}
-interface IngestOptions {
-    idempotencyKey?: string;
-}
-interface SyncPurchaseInput {
-    rail?: "apple";
-    signedTransactionInfo: string;
-    signedRenewalInfo?: string;
-    appAccountToken?: string;
-}
-type GrantDuration = "P30D" | "P90D" | "P1Y" | "lifetime";
-interface GrantEntitlementInput {
-    customerId: string;
-    entitlementKey: string;
-    duration: GrantDuration;
-    reason: string;
-}
-interface RevokeEntitlementInput {
-    customerId: string;
-    entitlementKey: string;
-    reason: string;
-}
-interface EntitlementMutationResult {
-    object: "entitlement_mutation";
-    action: "grant" | "revoke";
-    crossdeckCustomerId: string;
-    entitlement: PublicEntitlement;
-    env: Environment;
-}
-type AuditDecision = "applied" | "no_op" | "rejected";
-interface AuditEntry {
-    eventId: string;
-    rail: AuditRail;
-    env: Environment;
-    eventType: string;
-    projectId: string;
-    subscriptionId?: string;
-    customerId?: string;
-    fromState?: string;
-    toState?: string;
-    decision: AuditDecision;
-    reason?: string;
-    derivedSignal?: string;
-    signatureVerified: boolean;
-    reconciledWithProvider: boolean;
-    rawEventReceivedAt: number;
-    processedAt: number;
+    replayToleranceMs?: number;
+    /**
+     * Override the current time. Tests use this to verify timestamp
+     * handling deterministically. Defaults to `Date.now()`.
+     */
+    now?: () => number;
 }
+/**
+ * Verify a Crossdeck-signed webhook. Returns the parsed JSON payload
+ * on success. Throws `CrossdeckError` on:
+ *   - missing / malformed signature header (`webhook_invalid_signature`)
+ *   - missing secret (`webhook_missing_secret`)
+ *   - timestamp outside replay window (`webhook_replay_window_exceeded`)
+ *   - HMAC mismatch (`webhook_invalid_signature`)
+ *   - non-JSON payload (`webhook_invalid_signature` — same code because
+ *     a tampered payload that breaks JSON parses as invalid)
+ *
+ * `secret` accepts a single string or an array of strings (for
+ * rotation). Any one match is sufficient.
+ */
+declare function verifyWebhookSignature(payload: string, signatureHeader: string | string[] | undefined, secret: string | string[] | undefined, options?: VerifyWebhookOptions): unknown;
+/**
+ * Pure-function signing — mirror of what the Crossdeck backend does
+ * when sending a webhook. Exported so customers building their own
+ * test fixtures (a service that sends Crossdeck-signed webhooks to
+ * their own test harness) can re-use the canonical signing scheme
+ * instead of re-implementing it.
+ *
+ *   const ts = Math.floor(Date.now() / 1000);
+ *   const sig = signWebhookPayload(payload, secret, ts);
+ *   const header = `t=${ts},v1=${sig}`;
+ *
+ * NOT marked as a security primitive for general HMAC — use
+ * `node:crypto` directly for that. This is only the
+ * Crossdeck-signature shape.
+ */
+declare function signWebhookPayload(payload: string, secret: string, timestampSec: number): string;
 
-declare class CrossdeckServer {
-    private readonly http;
-    private readonly sdkVersion;
-    private readonly appId?;
-    constructor(options: CrossdeckServerOptions);
-    identify(userId: string, anonymousId: string, options?: IdentifyOptions): Promise<AliasResult>;
-    aliasIdentity(input: AliasIdentityInput): Promise<AliasResult>;
-    forget(hints: IdentityHints): Promise<ForgetResult>;
-    getEntitlements(hints: IdentityHints): Promise<EntitlementsListResponse>;
-    getCustomerEntitlements(customerId: string): Promise<EntitlementsListResponse>;
-    track(event: ServerEvent, options?: IngestOptions): Promise<IngestResponse>;
-    ingest(events: ServerEvent[], options?: IngestOptions): Promise<IngestResponse>;
-    syncPurchases(input: SyncPurchaseInput): Promise<PurchaseResult>;
-    grantEntitlement(input: GrantEntitlementInput): Promise<EntitlementMutationResult>;
-    revokeEntitlement(input: RevokeEntitlementInput): Promise<EntitlementMutationResult>;
-    getAuditEntry(eventId: string): Promise<AuditEntry>;
-    private identityPayload;
-    private normalizeEvent;
-    private mintEventId;
-    private mintBatchId;
-}
+/**
+ * PII scrub utilities — Node port of `@cross-deck/web/src/consent.ts`'s
+ * regex-based defence layer.
+ *
+ * **What's NOT here (intentionally)**: the `ConsentManager` class. That's
+ * a browser/end-user UX surface (DNT detection, per-dimension consent
+ * gating). On the server side, the customer's user already accepted
+ * or declined consent in their client; the API caller decides what
+ * to forward. Shipping `ConsentManager` here would imply server-side
+ * gating that doesn't match the trust model.
+ *
+ * **What IS here**: opt-in utilities customers can use to scrub
+ * email-shaped and card-number-shaped substrings out of event
+ * properties before forwarding to Crossdeck. Stripe-grade defence in
+ * depth, applied at the caller's discretion:
+ *
+ *   import { scrubPiiFromProperties } from "@cross-deck/node";
+ *
+ *   server.track({
+ *     name: "checkout.started",
+ *     developerUserId: userId,
+ *     properties: scrubPiiFromProperties({
+ *       url: req.url, // might contain "/users/wes@…/" — gets [email]
+ *       lastError: e.message, // might contain card numbers
+ *     }),
+ *   });
+ */
+/**
+ * Scrub a single string value: replace email-shaped substrings with
+ * `[email]` and card-number-shaped substrings with `[card]`. Returns
+ * the original string (===) when nothing matched, so callers can do
+ * an identity-check to skip allocating a new event copy.
+ */
+declare function scrubPii(value: string): string;
+/**
+ * Walk a property bag and replace PII-shaped strings in place. Returns
+ * a new object with strings scrubbed; non-string values pass through
+ * unchanged.
+ *
+ * Defensive copy — the input is never altered. Caller can pass the
+ * result straight to `server.track()`.
+ *
+ * Recursive: nested objects + arrays are walked. Functions, symbols,
+ * Dates, etc. pass through untouched (those are the
+ * `validateEventProperties` sanitiser's job — this is just the
+ * PII regex pass).
+ */
+declare function scrubPiiFromProperties(properties: Record<string, unknown>): Record<string, unknown>;
 
-type CrossdeckErrorType = "authentication_error" | "permission_error" | "invalid_request_error" | "rate_limit_error" | "internal_error" | "network_error" | "configuration_error";
-interface CrossdeckErrorPayload {
-    type: CrossdeckErrorType;
-    code: string;
-    message: string;
-    requestId?: string;
-    status?: number;
-    retryAfterMs?: number;
+/**
+ * Debug signal vocabulary — NorthStar §16, Node port of
+ * `@cross-deck/web/src/debug.ts`.
+ *
+ * The SDK speaks a small fixed vocabulary of signals so the dashboard's
+ * onboarding checklist and the developer's console output both speak
+ * the same words. When `debug: true` is set in `CrossdeckServerOptions`,
+ * the signals are also logged to `console.info` so a developer doing
+ * copy-paste integration sees actionable feedback live.
+ *
+ * Signal names are STABLE — adding new ones is fine, renaming is a
+ * breaking change because the dashboard onboarding step keys off them.
+ *
+ * Node-specific additions beyond web's vocabulary:
+ *   - `sdk.flush_on_exit_started` / `sdk.flush_on_exit_completed`
+ *   - `sdk.webhook_verified`
+ *   - `sdk.runtime_detected`
+ *   - `sdk.entitlement_cache_warm`
+ *   - `sdk.super_property_registered`
+ */
+type DebugSignal = "sdk.configured" | "sdk.first_event_sent" | "sdk.invalid_key" | "sdk.no_identity" | "sdk.entitlement_cache_used" | "sdk.entitlement_cache_warm" | "sdk.purchase_evidence_sent" | "sdk.environment_mismatch" | "sdk.sensitive_property_warning" | "sdk.property_coerced" | "sdk.flush_retry_scheduled" | "sdk.flush_on_exit_started" | "sdk.flush_on_exit_completed" | "sdk.webhook_verified" | "sdk.runtime_detected" | "sdk.super_property_registered";
+interface DebugContext {
+    [key: string]: unknown;
 }
-declare class CrossdeckError extends Error {
-    readonly type: CrossdeckErrorType;
-    readonly code: string;
-    readonly requestId?: string;
-    readonly status?: number;
-    readonly retryAfterMs?: number;
-    constructor(payload: CrossdeckErrorPayload);
+interface DebugLogger {
+    enabled: boolean;
+    emit(signal: DebugSignal, message: string, context?: DebugContext): void;
 }
 
-declare const SDK_NAME = "@cross-deck/node";
-declare const SDK_VERSION = "0.1.0";
-declare const DEFAULT_BASE_URL = "https://api.cross-deck.com/v1";
-declare const DEFAULT_TIMEOUT_MS = 15000;
-
-export { type AliasIdentityInput, type AliasResult, type AuditDecision, type AuditEntry, CrossdeckError, type CrossdeckErrorPayload, type CrossdeckErrorType, CrossdeckServer, type CrossdeckServerOptions, DEFAULT_BASE_URL, DEFAULT_TIMEOUT_MS, type EntitlementMutationResult, type EntitlementsListResponse, type Environment, type ErrorLevel, type ForgetResult, type GrantDuration, type GrantEntitlementInput, type IdentifyOptions, type IdentityHints, type IngestOptions, type IngestResponse, type PublicEntitlement, type RevokeEntitlementInput, SDK_NAME, SDK_VERSION, type ServerEvent, type SyncPurchaseInput };
+export { CROSSDECK_ERROR_CODES, type CrossdeckErrorCode, type DebugContext, type DebugLogger, type DebugSignal, type ErrorCodeEntry, type VerifyWebhookOptions, getErrorCode, isCrossdeckErrorCode, scrubPii, scrubPiiFromProperties, signWebhookPayload, verifyWebhookSignature };