@discordkit/core 3.2.0 → 4.0.1

package/dist/requests/DiscordSession.mjs

@@ -0,0 +1,262 @@
+import { sleep } from "../utils/sleep.mjs";
+//#region src/requests/DiscordSession.ts
+const endpoint = `https://discord.com/api/v10/`;
+/** @internal */
+var DiscordSession = class {
+	endpoint = endpoint;
+	maxRetries = 5;
+	#authToken = null;
+	/**
+	* The currently-active per-request token override. When set, requests
+	* enqueued via {@link queueRequest} capture this value (instead of the
+	* session token) for their `Authorization` header. Used to make user-scoped
+	* (OAuth2 bearer) calls without permanently changing the session.
+	*/
+	#activeToken = null;
+	#buckets = /* @__PURE__ */ new Map();
+	#globalReset = 0;
+	#requestQueue = [];
+	#processingQueue = false;
+	#globalLimit = 50;
+	#globalWindow = 1e3;
+	#globalRequestTimestamps = [];
+	#invalidRequests = {
+		count: 0,
+		windowStart: Date.now()
+	};
+	#invalidRequestLimit = 1e4;
+	#invalidRequestWindow = 600 * 1e3;
+	get ready() {
+		return Boolean(this.#authToken);
+	}
+	constructor(authToken) {
+		if (authToken) this.setToken(authToken);
+	}
+	/**
+	* Clears the current session details, then attempts to set
+	* new session values
+	*/
+	setToken = (token) => {
+		this.#authToken = null;
+		if (token.length === 0) throw new Error(`Must provide a non-empty string to set Auth Token`);
+		if (!token.startsWith(`Bot `) && !token.startsWith(`Bearer `)) throw new Error(`Token must begin with either "Bot " or "Bearer ", received: ${token}`);
+		this.#authToken = token;
+		return this;
+	};
+	clearSession = () => {
+		this.#authToken = null;
+		this.#activeToken = null;
+		this.#buckets.clear();
+		this.#globalReset = 0;
+		this.#requestQueue = [];
+		this.#globalRequestTimestamps = [];
+		this.#invalidRequests = {
+			count: 0,
+			windowStart: Date.now()
+		};
+		return this;
+	};
+	/** Clear the active per-request token; requests fall back to the session token. */
+	clearActiveToken = () => {
+		this.#activeToken = null;
+		return this;
+	};
+	/**
+	* Scope subsequent requests to a single user's OAuth2 access token.
+	*
+	* Pass the **bare** access token (no `Bearer ` prefix — it's added for you).
+	* Returns a disposable handle whose `request()` method runs a callback with
+	* the user's token active, so any discordkit fetcher called inside it
+	* authenticates as that user instead of the bot session:
+	*
+	* ```ts
+	* using user = discord.asUser(accessToken);
+	* const guilds = await user.request(() => getCurrentUserGuilds({}));
+	* // `using` disposes the handle at scope exit — even on throw — clearing
+	* // the active token so it can't leak into a later request (important on
+	* // reused serverless/warm instances).
+	* ```
+	*
+	* Without `using`, call {@link clearActiveToken} yourself when done, or rely
+	* on each `request()` restoring the previous token after it resolves.
+	*/
+	asUser = (accessToken) => {
+		const token = `Bearer ${accessToken}`;
+		return {
+			request: async (fn) => {
+				const previous = this.#activeToken;
+				this.#activeToken = token;
+				try {
+					return await fn();
+				} finally {
+					this.#activeToken = previous;
+				}
+			},
+			[Symbol.dispose]: () => {
+				this.#activeToken = null;
+			}
+		};
+	};
+	/**
+	* Whether a request can authenticate right now — either an active
+	* per-request token or a session token is set. Used by the request layer to
+	* decide if it must fail early for lack of auth.
+	*/
+	get hasAuth() {
+		return this.#activeToken !== null || this.#authToken !== null;
+	}
+	getSession = () => {
+		const token = this.#authToken;
+		if (!token) throw new Error(`Auth Token must be set before requests can be made.`);
+		return token;
+	};
+	/**
+	* Queue a request to be processed with rate limiting
+	*/
+	queueRequest = async (resource, method, body, options) => {
+		return new Promise((resolve, reject) => {
+			this.#requestQueue.push({
+				resource,
+				method,
+				body,
+				options,
+				...this.#activeToken === null ? {} : { token: this.#activeToken },
+				resolve,
+				reject
+			});
+			this.#processQueue();
+		});
+	};
+	/**
+	* Process the request queue with rate limiting
+	*/
+	#processQueue = async () => {
+		if (this.#processingQueue) return;
+		this.#processingQueue = true;
+		while (this.#requestQueue.length > 0) {
+			const now = Date.now();
+			if (this.#isTemporarilyBanned()) {
+				const waitTime = this.#invalidRequestWindow - (now - this.#invalidRequests.windowStart);
+				console.warn(`Temporarily banned from Discord API. Waiting ${Math.ceil(waitTime / 1e3)}s`);
+				await sleep(waitTime);
+				this.#resetInvalidRequestCounter();
+			}
+			await this.#enforceGlobalRateLimit();
+			if (this.#globalReset > now / 1e3) {
+				await sleep((this.#globalReset - now / 1e3) * 1e3);
+				continue;
+			}
+			const request = this.#requestQueue[0];
+			if (typeof request === `undefined`) break;
+			const bucket = this.#buckets.get(`${request.method}:${request.resource}`);
+			if (bucket?.remaining === 0) {
+				const resetTime = bucket.reset * 1e3;
+				if (resetTime > now) await sleep(resetTime - now);
+			}
+			this.#requestQueue.shift();
+			try {
+				const response = await this.#executeRequest(request);
+				request.resolve(response);
+			} catch (error) {
+				if (error instanceof Error) request.reject(error);
+			}
+		}
+		this.#processingQueue = false;
+		if (this.#requestQueue.length > 0) this.#processQueue();
+	};
+	/**
+	* Execute a single request and handle rate limit headers
+	*/
+	#executeRequest = async (request, retryCount = 0) => {
+		const now = Date.now();
+		this.#globalRequestTimestamps.push(now);
+		const headers = {};
+		if (!request.options?.anonymous) headers.Authorization = request.token ?? this.getSession();
+		if (request.options?.reason) headers[`X-Audit-Log-Reason`] = encodeURIComponent(request.options.reason);
+		if (request.body && !(request.body instanceof FormData)) headers[`Content-Type`] = `application/json`;
+		const response = await fetch(request.resource.toString(), {
+			method: request.method,
+			body: request.body,
+			headers
+		});
+		this.#updateRateLimits(response);
+		if (response.status === 429) {
+			if (retryCount >= this.maxRetries) {
+				console.error(`Max retries (${this.maxRetries}) exceeded for ${request.resource}`);
+				return response;
+			}
+			const retryAfter = response.headers.get(`Retry-After`) ?? `1`;
+			const isGlobal = response.headers.get(`X-RateLimit-Global`) === `true`;
+			const scope = response.headers.get(`X-RateLimit-Scope`);
+			if (isGlobal || scope === `global`) {
+				console.warn(`Hit global rate limit`);
+				this.#globalReset = now / 1e3 + parseFloat(retryAfter);
+			}
+			await sleep(parseFloat(retryAfter) * 1e3);
+			return this.#executeRequest(request, retryCount + 1);
+		}
+		if ([401, 403].includes(response.status) || response.status === 429 && response.headers.get(`X-RateLimit-Scope`) !== `shared`) this.#trackInvalidRequest();
+		return response;
+	};
+	/**
+	* Update rate limit buckets from response headers
+	*/
+	#updateRateLimits = (response) => {
+		const bucket = response.headers.get(`X-RateLimit-Bucket`);
+		const limit = response.headers.get(`X-RateLimit-Limit`);
+		const remaining = response.headers.get(`X-RateLimit-Remaining`);
+		const reset = response.headers.get(`X-RateLimit-Reset`);
+		const resetAfter = response.headers.get(`X-RateLimit-Reset-After`);
+		if (bucket && limit && remaining && reset && resetAfter) this.#buckets.set(bucket, {
+			limit: parseInt(limit, 10),
+			remaining: parseInt(remaining, 10),
+			reset: parseFloat(reset),
+			resetAfter: parseFloat(resetAfter)
+		});
+	};
+	/**
+	* Enforce global rate limit of 50 requests per second
+	*/
+	#enforceGlobalRateLimit = async () => {
+		const now = Date.now();
+		this.#globalRequestTimestamps = this.#globalRequestTimestamps.filter((timestamp) => now - timestamp < this.#globalWindow);
+		if (this.#globalRequestTimestamps.length >= this.#globalLimit) {
+			const oldestTimestamp = this.#globalRequestTimestamps[0];
+			const waitTime = this.#globalWindow - (now - oldestTimestamp);
+			if (waitTime > 0) await sleep(waitTime);
+		}
+	};
+	/**
+	* Track invalid requests for Cloudflare ban prevention
+	*/
+	#trackInvalidRequest = () => {
+		if (Date.now() - this.#invalidRequests.windowStart >= this.#invalidRequestWindow) this.#resetInvalidRequestCounter();
+		this.#invalidRequests.count++;
+		if (this.#invalidRequests.count >= this.#invalidRequestLimit) console.error(`Approaching invalid request limit! Bot may be temporarily banned.`);
+	};
+	/**
+	* Check if we're temporarily banned
+	*/
+	#isTemporarilyBanned = () => {
+		if (Date.now() - this.#invalidRequests.windowStart < this.#invalidRequestWindow) return this.#invalidRequests.count >= this.#invalidRequestLimit;
+		return false;
+	};
+	/**
+	* Reset invalid request counter
+	*/
+	#resetInvalidRequestCounter = () => {
+		this.#invalidRequests = {
+			count: 0,
+			windowStart: Date.now()
+		};
+	};
+	/**
+	* Get current queue size (useful for monitoring)
+	*/
+	getQueueSize = () => this.#requestQueue.length;
+};
+const discord = new DiscordSession();
+//#endregion
+export { DiscordSession, discord, endpoint };
+
+//# sourceMappingURL=DiscordSession.mjs.map

package/dist/requests/DiscordSession.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"DiscordSession.mjs","names":["#authToken","#activeToken","#buckets","#globalReset","#requestQueue","#globalRequestTimestamps","#invalidRequests","#processQueue","#processingQueue","#isTemporarilyBanned","#invalidRequestWindow","#resetInvalidRequestCounter","#enforceGlobalRateLimit","#executeRequest","#updateRateLimits","#trackInvalidRequest","#globalWindow","#globalLimit","#invalidRequestLimit"],"sources":["../../src/requests/DiscordSession.ts"],"sourcesContent":["import { sleep } from \"../utils/sleep.js\";\nimport type { RequestOptions } from \"./request.js\";\n\nexport const endpoint = `https://discord.com/api/v10/`;\n\ninterface QueuedRequest {\n  resource: URL;\n  method: string;\n  body?: string | FormData | null;\n  options?: RequestOptions;\n  /**\n   * The `Authorization` header value captured for this request at enqueue\n   * time — a snapshot of {@link DiscordSession.setActiveToken} (falling back\n   * to the session token). Travels with the request through retries so a\n   * later `setActiveToken` by a concurrent caller can't change the auth used\n   * for an already-sent request.\n   */\n  token?: `${`Bot` | `Bearer`} ${string}`;\n  resolve: (value: Response) => void;\n  reject: (error: Error) => void;\n  retryCount?: number; // Optional retry tracking\n}\n\ninterface RateLimitBucket {\n  limit: number;\n  remaining: number;\n  reset: number; // Epoch timestamp in seconds\n  resetAfter: number; // Seconds until reset\n}\n\ninterface InvalidRequestTracker {\n  count: number;\n  windowStart: number; // Timestamp in ms\n}\n\n/**\n * A disposable handle scoping requests to a single user's token, returned by\n * {@link DiscordSession.asUser}. Use with `using` for automatic cleanup:\n *\n * ```ts\n * using user = discord.asUser(accessToken);\n * const me = await user.request(() => getCurrentUser());\n * ```\n */\nexport interface UserSession extends Disposable {\n  /** Run `fn` with this user's token active; restores the previous token after. */\n  request: <T>(fn: () => Promise<T>) => Promise<T>;\n}\n\n/** @internal */\nexport class DiscordSession {\n  endpoint: string = endpoint;\n  maxRetries: number = 5;\n  #authToken: string | null = null;\n  /**\n   * The currently-active per-request token override. When set, requests\n   * enqueued via {@link queueRequest} capture this value (instead of the\n   * session token) for their `Authorization` header. Used to make user-scoped\n   * (OAuth2 bearer) calls without permanently changing the session.\n   */\n  #activeToken: `${`Bot` | `Bearer`} ${string}` | null = null;\n\n  // Rate limit tracking\n  #buckets = new Map<string, RateLimitBucket>();\n  #globalReset: number = 0; // Epoch timestamp when global limit resets\n  #requestQueue: QueuedRequest[] = [];\n  #processingQueue = false;\n\n  // Global rate limit: 50 requests per second\n  #globalLimit = 50;\n  #globalWindow = 1000; // 1 second in ms\n  #globalRequestTimestamps: number[] = [];\n\n  // Invalid request tracking: 10,000 per 10 minutes\n  #invalidRequests: InvalidRequestTracker = {\n    count: 0,\n    windowStart: Date.now()\n  };\n\n  #invalidRequestLimit = 10000;\n  #invalidRequestWindow = 10 * 60 * 1000; // 10 minutes in ms\n\n  get ready(): boolean {\n    return Boolean(this.#authToken);\n  }\n\n  constructor(authToken?: `${`Bot` | `Bearer`} ${string}` | null) {\n    if (authToken) {\n      this.setToken(authToken);\n    }\n  }\n\n  /**\n   * Clears the current session details, then attempts to set\n   * new session values\n   */\n  setToken = (token: `${`Bot` | `Bearer`} ${string}`): this => {\n    this.#authToken = null;\n    if (token.length === 0) {\n      throw new Error(`Must provide a non-empty string to set Auth Token`);\n    }\n    if (!token.startsWith(`Bot `) && !token.startsWith(`Bearer `)) {\n      throw new Error(\n        `Token must begin with either \"Bot \" or \"Bearer \", received: ${token}`\n      );\n    }\n    this.#authToken = token;\n    return this;\n  };\n\n  clearSession = (): this => {\n    this.#authToken = null;\n    this.#activeToken = null;\n    this.#buckets.clear();\n    this.#globalReset = 0;\n    this.#requestQueue = [];\n    this.#globalRequestTimestamps = [];\n    this.#invalidRequests = {\n      count: 0,\n      windowStart: Date.now()\n    };\n    return this;\n  };\n\n  /** Clear the active per-request token; requests fall back to the session token. */\n  clearActiveToken = (): this => {\n    this.#activeToken = null;\n    return this;\n  };\n\n  /**\n   * Scope subsequent requests to a single user's OAuth2 access token.\n   *\n   * Pass the **bare** access token (no `Bearer ` prefix — it's added for you).\n   * Returns a disposable handle whose `request()` method runs a callback with\n   * the user's token active, so any discordkit fetcher called inside it\n   * authenticates as that user instead of the bot session:\n   *\n   * ```ts\n   * using user = discord.asUser(accessToken);\n   * const guilds = await user.request(() => getCurrentUserGuilds({}));\n   * // `using` disposes the handle at scope exit — even on throw — clearing\n   * // the active token so it can't leak into a later request (important on\n   * // reused serverless/warm instances).\n   * ```\n   *\n   * Without `using`, call {@link clearActiveToken} yourself when done, or rely\n   * on each `request()` restoring the previous token after it resolves.\n   */\n  asUser = (accessToken: string): UserSession => {\n    const token = `Bearer ${accessToken}` as const;\n    return {\n      request: async <T>(fn: () => Promise<T>): Promise<T> => {\n        const previous = this.#activeToken;\n        this.#activeToken = token;\n        try {\n          // `fn` enqueues the request synchronously, capturing `token` onto the\n          // QueuedRequest before the first await — so restoring below can't\n          // affect the in-flight request's auth.\n          return await fn();\n        } finally {\n          this.#activeToken = previous;\n        }\n      },\n      [Symbol.dispose]: (): void => {\n        this.#activeToken = null;\n      }\n    };\n  };\n\n  /**\n   * Whether a request can authenticate right now — either an active\n   * per-request token or a session token is set. Used by the request layer to\n   * decide if it must fail early for lack of auth.\n   */\n  get hasAuth(): boolean {\n    return this.#activeToken !== null || this.#authToken !== null;\n  }\n\n  getSession = (): string => {\n    const token = this.#authToken;\n\n    if (!token) {\n      throw new Error(`Auth Token must be set before requests can be made.`);\n    }\n\n    return token;\n  };\n\n  /**\n   * Queue a request to be processed with rate limiting\n   */\n  queueRequest = async (\n    resource: URL,\n    method: string,\n    body?: string | FormData | null,\n    options?: RequestOptions\n  ): Promise<Response> => {\n    return new Promise((resolve, reject) => {\n      this.#requestQueue.push({\n        resource,\n        method,\n        body,\n        options,\n        // Snapshot the active token NOW, at enqueue time. Reading it here\n        // (synchronously) rather than later in #executeRequest is what makes\n        // concurrent per-user calls safe: a subsequent setActiveToken can't\n        // retroactively change the auth for a request already in the queue.\n        ...(this.#activeToken === null ? {} : { token: this.#activeToken }),\n        resolve,\n        reject\n      });\n\n      // Start processing if not already running\n      void this.#processQueue(); // This will return early if already processing\n    });\n  };\n\n  /**\n   * Process the request queue with rate limiting\n   */\n  #processQueue = async (): Promise<void> => {\n    if (this.#processingQueue) return;\n    this.#processingQueue = true;\n\n    while (this.#requestQueue.length > 0) {\n      const now = Date.now();\n\n      // Check if we're temporarily banned (invalid request limit)\n      if (this.#isTemporarilyBanned()) {\n        const waitTime =\n          this.#invalidRequestWindow -\n          (now - this.#invalidRequests.windowStart);\n        console.warn(\n          `Temporarily banned from Discord API. Waiting ${Math.ceil(waitTime / 1000)}s`\n        );\n        await sleep(waitTime);\n        this.#resetInvalidRequestCounter();\n      }\n\n      // Check global rate limit (50 req/s)\n      await this.#enforceGlobalRateLimit();\n\n      // Check if we're under a global rate limit cooldown\n      if (this.#globalReset > now / 1000) {\n        const waitTime = (this.#globalReset - now / 1000) * 1000;\n        await sleep(waitTime);\n        continue;\n      }\n\n      const request = this.#requestQueue[0];\n      if (typeof request === `undefined`) break;\n      const bucket = this.#buckets.get(`${request.method}:${request.resource}`);\n\n      if (bucket?.remaining === 0) {\n        const resetTime = bucket.reset * 1000; // Convert to ms\n        if (resetTime > now) {\n          await sleep(resetTime - now);\n        }\n      }\n\n      // Execute the request\n      this.#requestQueue.shift();\n      try {\n        const response = await this.#executeRequest(request);\n        request.resolve(response);\n      } catch (error) {\n        if (error instanceof Error) {\n          request.reject(error);\n        }\n      }\n    }\n\n    this.#processingQueue = false;\n\n    // Check if any requests were added while we were processing the last one\n    if (this.#requestQueue.length > 0) {\n      void this.#processQueue(); // Restart the processor\n    }\n  };\n\n  /**\n   * Execute a single request and handle rate limit headers\n   */\n  #executeRequest = async (\n    request: QueuedRequest,\n    retryCount = 0\n  ): Promise<Response> => {\n    const now = Date.now();\n\n    // Track this request for global rate limiting\n    this.#globalRequestTimestamps.push(now);\n\n    const headers: HeadersInit = {};\n\n    // Anonymous endpoints (webhook/interaction tokens in the URL) must NOT\n    // send an Authorization header — Discord rejects requests that present\n    // both forms of auth. Otherwise we use the token captured for this\n    // request at enqueue time (see queueRequest), which isolates per-request\n    // (e.g. OAuth2 bearer) tokens from concurrent callers.\n    if (!request.options?.anonymous) {\n      headers.Authorization = request.token ?? this.getSession();\n    }\n\n    // Audit-log reason. URL-encode so non-ASCII characters survive the\n    // single-line HTTP header field.\n    if (request.options?.reason) {\n      headers[`X-Audit-Log-Reason`] = encodeURIComponent(\n        request.options.reason\n      );\n    }\n\n    // FormData bodies (file uploads) must NOT have a manual Content-Type\n    // header — fetch sets it to `multipart/form-data; boundary=...`\n    // automatically. JSON bodies get application/json.\n    if (request.body && !(request.body instanceof FormData)) {\n      headers[`Content-Type`] = `application/json`;\n    }\n\n    const response = await fetch(request.resource.toString(), {\n      method: request.method,\n      body: request.body,\n      headers\n    });\n\n    // Update rate limit tracking from headers\n    this.#updateRateLimits(response);\n\n    // Handle 429 Too Many Requests\n    if (response.status === 429) {\n      if (retryCount >= this.maxRetries) {\n        console.error(\n          `Max retries (${this.maxRetries}) exceeded for ${request.resource}`\n        );\n        return response; // Return the 429 response instead of retrying forever\n      }\n\n      const retryAfter = response.headers.get(`Retry-After`) ?? `1`;\n      const isGlobal = response.headers.get(`X-RateLimit-Global`) === `true`;\n      const scope = response.headers.get(`X-RateLimit-Scope`);\n\n      if (isGlobal || scope === `global`) {\n        console.warn(`Hit global rate limit`);\n        this.#globalReset = now / 1000 + parseFloat(retryAfter);\n      }\n\n      // Wait before retrying\n      await sleep(parseFloat(retryAfter) * 1000);\n\n      // Retry with incremented counter\n      return this.#executeRequest(request, retryCount + 1);\n    }\n\n    // Track invalid requests (401, 403, 429 excluding shared scope)\n    if (\n      [401, 403].includes(response.status) ||\n      (response.status === 429 &&\n        response.headers.get(`X-RateLimit-Scope`) !== `shared`)\n    ) {\n      this.#trackInvalidRequest();\n    }\n\n    return response;\n  };\n\n  /**\n   * Update rate limit buckets from response headers\n   */\n  #updateRateLimits = (response: Response): void => {\n    const bucket = response.headers.get(`X-RateLimit-Bucket`);\n    const limit = response.headers.get(`X-RateLimit-Limit`);\n    const remaining = response.headers.get(`X-RateLimit-Remaining`);\n    const reset = response.headers.get(`X-RateLimit-Reset`);\n    const resetAfter = response.headers.get(`X-RateLimit-Reset-After`);\n\n    if (bucket && limit && remaining && reset && resetAfter) {\n      this.#buckets.set(bucket, {\n        limit: parseInt(limit, 10),\n        remaining: parseInt(remaining, 10),\n        reset: parseFloat(reset),\n        resetAfter: parseFloat(resetAfter)\n      });\n    }\n  };\n\n  /**\n   * Enforce global rate limit of 50 requests per second\n   */\n  #enforceGlobalRateLimit = async (): Promise<void> => {\n    const now = Date.now();\n\n    // Remove timestamps older than 1 second\n    this.#globalRequestTimestamps = this.#globalRequestTimestamps.filter(\n      (timestamp) => now - timestamp < this.#globalWindow\n    );\n\n    // If we're at the limit, wait\n    if (this.#globalRequestTimestamps.length >= this.#globalLimit) {\n      const oldestTimestamp = this.#globalRequestTimestamps[0];\n      const waitTime = this.#globalWindow - (now - oldestTimestamp);\n      if (waitTime > 0) {\n        await sleep(waitTime);\n      }\n    }\n  };\n\n  /**\n   * Track invalid requests for Cloudflare ban prevention\n   */\n  #trackInvalidRequest = (): void => {\n    const now = Date.now();\n\n    // Reset counter if window has passed\n    if (now - this.#invalidRequests.windowStart >= this.#invalidRequestWindow) {\n      this.#resetInvalidRequestCounter();\n    }\n\n    this.#invalidRequests.count++;\n\n    if (this.#invalidRequests.count >= this.#invalidRequestLimit) {\n      console.error(\n        `Approaching invalid request limit! Bot may be temporarily banned.`\n      );\n    }\n  };\n\n  /**\n   * Check if we're temporarily banned\n   */\n  #isTemporarilyBanned = (): boolean => {\n    const now = Date.now();\n    if (now - this.#invalidRequests.windowStart < this.#invalidRequestWindow) {\n      return this.#invalidRequests.count >= this.#invalidRequestLimit;\n    }\n    return false;\n  };\n\n  /**\n   * Reset invalid request counter\n   */\n  #resetInvalidRequestCounter = (): void => {\n    this.#invalidRequests = {\n      count: 0,\n      windowStart: Date.now()\n    };\n  };\n\n  /**\n   * Get current queue size (useful for monitoring)\n   */\n  getQueueSize = (): number => this.#requestQueue.length;\n}\n\nexport const discord = new DiscordSession();\n"],"mappings":";;AAGA,MAAa,WAAW;;AA+CxB,IAAa,iBAAb,MAA4B;CAC1B,WAAmB;CACnB,aAAqB;CACrB,aAA4B;;;;;;;CAO5B,eAAuD;CAGvD,2BAAW,IAAI,IAA6B;CAC5C,eAAuB;CACvB,gBAAiC,CAAC;CAClC,mBAAmB;CAGnB,eAAe;CACf,gBAAgB;CAChB,2BAAqC,CAAC;CAGtC,mBAA0C;EACxC,OAAO;EACP,aAAa,KAAK,IAAI;CACxB;CAEA,uBAAuB;CACvB,wBAAwB,MAAU;CAElC,IAAI,QAAiB;EACnB,OAAO,QAAQ,KAAKA,UAAU;CAChC;CAEA,YAAY,WAAoD;EAC9D,IAAI,WACF,KAAK,SAAS,SAAS;CAE3B;;;;;CAMA,YAAY,UAAiD;EAC3D,KAAKA,aAAa;EAClB,IAAI,MAAM,WAAW,GACnB,MAAM,IAAI,MAAM,mDAAmD;EAErE,IAAI,CAAC,MAAM,WAAW,MAAM,KAAK,CAAC,MAAM,WAAW,SAAS,GAC1D,MAAM,IAAI,MACR,+DAA+D,OACjE;EAEF,KAAKA,aAAa;EAClB,OAAO;CACT;CAEA,qBAA2B;EACzB,KAAKA,aAAa;EAClB,KAAKC,eAAe;EACpB,KAAKC,SAAS,MAAM;EACpB,KAAKC,eAAe;EACpB,KAAKC,gBAAgB,CAAC;EACtB,KAAKC,2BAA2B,CAAC;EACjC,KAAKC,mBAAmB;GACtB,OAAO;GACP,aAAa,KAAK,IAAI;EACxB;EACA,OAAO;CACT;;CAGA,yBAA+B;EAC7B,KAAKL,eAAe;EACpB,OAAO;CACT;;;;;;;;;;;;;;;;;;;;CAqBA,UAAU,gBAAqC;EAC7C,MAAM,QAAQ,UAAU;EACxB,OAAO;GACL,SAAS,OAAU,OAAqC;IACtD,MAAM,WAAW,KAAKA;IACtB,KAAKA,eAAe;IACpB,IAAI;KAIF,OAAO,MAAM,GAAG;IAClB,UAAU;KACR,KAAKA,eAAe;IACtB;GACF;IACC,OAAO,gBAAsB;IAC5B,KAAKA,eAAe;GACtB;EACF;CACF;;;;;;CAOA,IAAI,UAAmB;EACrB,OAAO,KAAKA,iBAAiB,QAAQ,KAAKD,eAAe;CAC3D;CAEA,mBAA2B;EACzB,MAAM,QAAQ,KAAKA;EAEnB,IAAI,CAAC,OACH,MAAM,IAAI,MAAM,qDAAqD;EAGvE,OAAO;CACT;;;;CAKA,eAAe,OACb,UACA,QACA,MACA,YACsB;EACtB,OAAO,IAAI,SAAS,SAAS,WAAW;GACtC,KAAKI,cAAc,KAAK;IACtB;IACA;IACA;IACA;IAKA,GAAI,KAAKH,iBAAiB,OAAO,CAAC,IAAI,EAAE,OAAO,KAAKA,aAAa;IACjE;IACA;GACF,CAAC;GAGD,KAAUM,cAAc;EAC1B,CAAC;CACH;;;;CAKA,gBAAgB,YAA2B;EACzC,IAAI,KAAKC,kBAAkB;EAC3B,KAAKA,mBAAmB;EAExB,OAAO,KAAKJ,cAAc,SAAS,GAAG;GACpC,MAAM,MAAM,KAAK,IAAI;GAGrB,IAAI,KAAKK,qBAAqB,GAAG;IAC/B,MAAM,WACJ,KAAKC,yBACJ,MAAM,KAAKJ,iBAAiB;IAC/B,QAAQ,KACN,gDAAgD,KAAK,KAAK,WAAW,GAAI,EAAE,EAC7E;IACA,MAAM,MAAM,QAAQ;IACpB,KAAKK,4BAA4B;GACnC;GAGA,MAAM,KAAKC,wBAAwB;GAGnC,IAAI,KAAKT,eAAe,MAAM,KAAM;IAElC,MAAM,OADY,KAAKA,eAAe,MAAM,OAAQ,GAChC;IACpB;GACF;GAEA,MAAM,UAAU,KAAKC,cAAc;GACnC,IAAI,OAAO,YAAY,aAAa;GACpC,MAAM,SAAS,KAAKF,SAAS,IAAI,GAAG,QAAQ,OAAO,GAAG,QAAQ,UAAU;GAExE,IAAI,QAAQ,cAAc,GAAG;IAC3B,MAAM,YAAY,OAAO,QAAQ;IACjC,IAAI,YAAY,KACd,MAAM,MAAM,YAAY,GAAG;GAE/B;GAGA,KAAKE,cAAc,MAAM;GACzB,IAAI;IACF,MAAM,WAAW,MAAM,KAAKS,gBAAgB,OAAO;IACnD,QAAQ,QAAQ,QAAQ;GAC1B,SAAS,OAAO;IACd,IAAI,iBAAiB,OACnB,QAAQ,OAAO,KAAK;GAExB;EACF;EAEA,KAAKL,mBAAmB;EAGxB,IAAI,KAAKJ,cAAc,SAAS,GAC9B,KAAUG,cAAc;CAE5B;;;;CAKA,kBAAkB,OAChB,SACA,aAAa,MACS;EACtB,MAAM,MAAM,KAAK,IAAI;EAGrB,KAAKF,yBAAyB,KAAK,GAAG;EAEtC,MAAM,UAAuB,CAAC;EAO9B,IAAI,CAAC,QAAQ,SAAS,WACpB,QAAQ,gBAAgB,QAAQ,SAAS,KAAK,WAAW;EAK3D,IAAI,QAAQ,SAAS,QACnB,QAAQ,wBAAwB,mBAC9B,QAAQ,QAAQ,MAClB;EAMF,IAAI,QAAQ,QAAQ,EAAE,QAAQ,gBAAgB,WAC5C,QAAQ,kBAAkB;EAG5B,MAAM,WAAW,MAAM,MAAM,QAAQ,SAAS,SAAS,GAAG;GACxD,QAAQ,QAAQ;GAChB,MAAM,QAAQ;GACd;EACF,CAAC;EAGD,KAAKS,kBAAkB,QAAQ;EAG/B,IAAI,SAAS,WAAW,KAAK;GAC3B,IAAI,cAAc,KAAK,YAAY;IACjC,QAAQ,MACN,gBAAgB,KAAK,WAAW,iBAAiB,QAAQ,UAC3D;IACA,OAAO;GACT;GAEA,MAAM,aAAa,SAAS,QAAQ,IAAI,aAAa,KAAK;GAC1D,MAAM,WAAW,SAAS,QAAQ,IAAI,oBAAoB,MAAM;GAChE,MAAM,QAAQ,SAAS,QAAQ,IAAI,mBAAmB;GAEtD,IAAI,YAAY,UAAU,UAAU;IAClC,QAAQ,KAAK,uBAAuB;IACpC,KAAKX,eAAe,MAAM,MAAO,WAAW,UAAU;GACxD;GAGA,MAAM,MAAM,WAAW,UAAU,IAAI,GAAI;GAGzC,OAAO,KAAKU,gBAAgB,SAAS,aAAa,CAAC;EACrD;EAGA,IACE,CAAC,KAAK,GAAG,EAAE,SAAS,SAAS,MAAM,KAClC,SAAS,WAAW,OACnB,SAAS,QAAQ,IAAI,mBAAmB,MAAM,UAEhD,KAAKE,qBAAqB;EAG5B,OAAO;CACT;;;;CAKA,qBAAqB,aAA6B;EAChD,MAAM,SAAS,SAAS,QAAQ,IAAI,oBAAoB;EACxD,MAAM,QAAQ,SAAS,QAAQ,IAAI,mBAAmB;EACtD,MAAM,YAAY,SAAS,QAAQ,IAAI,uBAAuB;EAC9D,MAAM,QAAQ,SAAS,QAAQ,IAAI,mBAAmB;EACtD,MAAM,aAAa,SAAS,QAAQ,IAAI,yBAAyB;EAEjE,IAAI,UAAU,SAAS,aAAa,SAAS,YAC3C,KAAKb,SAAS,IAAI,QAAQ;GACxB,OAAO,SAAS,OAAO,EAAE;GACzB,WAAW,SAAS,WAAW,EAAE;GACjC,OAAO,WAAW,KAAK;GACvB,YAAY,WAAW,UAAU;EACnC,CAAC;CAEL;;;;CAKA,0BAA0B,YAA2B;EACnD,MAAM,MAAM,KAAK,IAAI;EAGrB,KAAKG,2BAA2B,KAAKA,yBAAyB,QAC3D,cAAc,MAAM,YAAY,KAAKW,aACxC;EAGA,IAAI,KAAKX,yBAAyB,UAAU,KAAKY,cAAc;GAC7D,MAAM,kBAAkB,KAAKZ,yBAAyB;GACtD,MAAM,WAAW,KAAKW,iBAAiB,MAAM;GAC7C,IAAI,WAAW,GACb,MAAM,MAAM,QAAQ;EAExB;CACF;;;;CAKA,6BAAmC;EAIjC,IAHY,KAAK,IAGX,IAAI,KAAKV,iBAAiB,eAAe,KAAKI,uBAClD,KAAKC,4BAA4B;EAGnC,KAAKL,iBAAiB;EAEtB,IAAI,KAAKA,iBAAiB,SAAS,KAAKY,sBACtC,QAAQ,MACN,mEACF;CAEJ;;;;CAKA,6BAAsC;EAEpC,IADY,KAAK,IACX,IAAI,KAAKZ,iBAAiB,cAAc,KAAKI,uBACjD,OAAO,KAAKJ,iBAAiB,SAAS,KAAKY;EAE7C,OAAO;CACT;;;;CAKA,oCAA0C;EACxC,KAAKZ,mBAAmB;GACtB,OAAO;GACP,aAAa,KAAK,IAAI;EACxB;CACF;;;;CAKA,qBAA6B,KAAKF,cAAc;AAClD;AAEA,MAAa,UAAU,IAAI,eAAe"}

package/dist/requests/addParams.d.mts

@@ -0,0 +1,16 @@
+//#region src/requests/addParams.d.ts
+type RequestParams = Partial<Record<string, number[] | string[] | boolean | number | string | null | undefined>>;
+/**
+ * Append a params object to a URL.
+ *
+ * Array values are emitted as repeated query keys (`?id=1&id=2`), which is
+ * how Discord's HTTP API documents array query strings. Scalars are
+ * stringified once. Keys are converted from camelCase to snake_case to
+ * match Discord's convention.
+ *
+ * @__NO_SIDE_EFFECTS__
+ */
+declare const addParams: (url: URL, params: RequestParams) => URL;
+//#endregion
+export { RequestParams, addParams };
+//# sourceMappingURL=addParams.d.mts.map

package/dist/requests/addParams.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"addParams.d.mts","names":[],"sources":["../../src/requests/addParams.ts"],"mappings":";KAGY,aAAA,GAAgB,OAAO,CACjC,MAAA;AADF;;;;AACQ;AAgBR;;;;;AAjBA,cAiBa,SAAA,GAAa,GAAA,EAAK,GAAA,EAAK,MAAA,EAAQ,aAAA,KAAgB,GAAA"}

package/dist/requests/addParams.mjs

@@ -0,0 +1,26 @@
+import { isNonNullable } from "../utils/isNonNullable.mjs";
+import { toSnakeCase } from "../utils/toSnakeCase.mjs";
+//#region src/requests/addParams.ts
+/**
+* Append a params object to a URL.
+*
+* Array values are emitted as repeated query keys (`?id=1&id=2`), which is
+* how Discord's HTTP API documents array query strings. Scalars are
+* stringified once. Keys are converted from camelCase to snake_case to
+* match Discord's convention.
+*
+* @__NO_SIDE_EFFECTS__
+*/
+const addParams = (url, params) => {
+	for (const [key, value] of Object.entries(params)) {
+		if (!isNonNullable(value)) continue;
+		const snake = toSnakeCase(key);
+		if (Array.isArray(value)) for (const item of value) url.searchParams.append(snake, String(item));
+		else url.searchParams.set(snake, String(value));
+	}
+	return url;
+};
+//#endregion
+export { addParams };
+
+//# sourceMappingURL=addParams.mjs.map

package/dist/requests/addParams.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"addParams.mjs","names":[],"sources":["../../src/requests/addParams.ts"],"sourcesContent":["import { isNonNullable } from \"../utils/isNonNullable.js\";\nimport { toSnakeCase } from \"../utils/toSnakeCase.js\";\n\nexport type RequestParams = Partial<\n  Record<\n    string,\n    number[] | string[] | boolean | number | string | null | undefined\n  >\n>;\n\n/**\n * Append a params object to a URL.\n *\n * Array values are emitted as repeated query keys (`?id=1&id=2`), which is\n * how Discord's HTTP API documents array query strings. Scalars are\n * stringified once. Keys are converted from camelCase to snake_case to\n * match Discord's convention.\n *\n * @__NO_SIDE_EFFECTS__\n */\nexport const addParams = (url: URL, params: RequestParams): URL => {\n  for (const [key, value] of Object.entries(params)) {\n    if (!isNonNullable(value)) continue;\n    const snake = toSnakeCase(key);\n    if (Array.isArray(value)) {\n      for (const item of value) url.searchParams.append(snake, String(item));\n    } else {\n      url.searchParams.set(snake, String(value));\n    }\n  }\n\n  return url;\n};\n"],"mappings":";;;;;;;;;;;;;AAoBA,MAAa,aAAa,KAAU,WAA+B;CACjE,KAAK,MAAM,CAAC,KAAK,UAAU,OAAO,QAAQ,MAAM,GAAG;EACjD,IAAI,CAAC,cAAc,KAAK,GAAG;EAC3B,MAAM,QAAQ,YAAY,GAAG;EAC7B,IAAI,MAAM,QAAQ,KAAK,GACrB,KAAK,MAAM,QAAQ,OAAO,IAAI,aAAa,OAAO,OAAO,OAAO,IAAI,CAAC;OAErE,IAAI,aAAa,IAAI,OAAO,OAAO,KAAK,CAAC;CAE7C;CAEA,OAAO;AACT"}

package/dist/requests/buildURL.d.mts

@@ -0,0 +1,8 @@
+import { RequestParams } from "./addParams.mjs";
+
+//#region src/requests/buildURL.d.ts
+/** @__NO_SIDE_EFFECTS__ */
+declare const buildURL: (resource: string, params?: RequestParams, base?: string) => URL;
+//#endregion
+export { buildURL };
+//# sourceMappingURL=buildURL.d.mts.map

package/dist/requests/buildURL.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"buildURL.d.mts","names":[],"sources":["../../src/requests/buildURL.ts"],"mappings":";;;;cAIa,QAAA,GACX,QAAA,UACA,MAAA,GAAS,aAAA,EACT,IAAA,cACC,GAIA"}

package/dist/requests/buildURL.mjs

@@ -0,0 +1,9 @@
+import { endpoint } from "./DiscordSession.mjs";
+import { addParams } from "./addParams.mjs";
+//#region src/requests/buildURL.ts
+/** @__NO_SIDE_EFFECTS__ */
+const buildURL = (resource, params, base) => addParams(new URL(resource.replace(/^\//, ``), base ?? endpoint), params ?? {});
+//#endregion
+export { buildURL };
+
+//# sourceMappingURL=buildURL.mjs.map

package/dist/requests/buildURL.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"buildURL.mjs","names":[],"sources":["../../src/requests/buildURL.ts"],"sourcesContent":["import { endpoint } from \"./DiscordSession.js\";\nimport { addParams, type RequestParams } from \"./addParams.js\";\n\n/** @__NO_SIDE_EFFECTS__ */\nexport const buildURL = (\n  resource: string,\n  params?: RequestParams,\n  base?: string\n): URL =>\n  addParams(\n    new URL(resource.replace(/^\\//, ``), base ?? endpoint),\n    params ?? {}\n  );\n"],"mappings":";;;;AAIA,MAAa,YACX,UACA,QACA,SAEA,UACE,IAAI,IAAI,SAAS,QAAQ,OAAO,EAAE,GAAG,QAAQ,QAAQ,GACrD,UAAU,CAAC,CACb"}

package/dist/requests/getAsset.d.mts

@@ -0,0 +1,8 @@
+import { buildURL } from "./buildURL.mjs";
+
+//#region src/requests/getAsset.d.ts
+/** @__NO_SIDE_EFFECTS__ */
+declare const getAsset: (resource: string, params?: Parameters<typeof buildURL>[1]) => string;
+//#endregion
+export { getAsset };
+//# sourceMappingURL=getAsset.d.mts.map

package/dist/requests/getAsset.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"getAsset.d.mts","names":[],"sources":["../../src/requests/getAsset.ts"],"mappings":";;;;cAGa,QAAA,GACX,QAAA,UACA,MAAA,GAAS,UAAU,QAAQ,QAAA"}

package/dist/requests/getAsset.mjs

@@ -0,0 +1,8 @@
+import { buildURL } from "./buildURL.mjs";
+//#region src/requests/getAsset.ts
+/** @__NO_SIDE_EFFECTS__ */
+const getAsset = (resource, params) => buildURL(resource, params, `https://cdn.discordapp.com/`).href;
+//#endregion
+export { getAsset };
+
+//# sourceMappingURL=getAsset.mjs.map

package/dist/requests/getAsset.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"getAsset.mjs","names":[],"sources":["../../src/requests/getAsset.ts"],"sourcesContent":["import { buildURL } from \"./buildURL.js\";\n\n/** @__NO_SIDE_EFFECTS__ */\nexport const getAsset = (\n  resource: string,\n  params?: Parameters<typeof buildURL>[1]\n): string => buildURL(resource, params, `https://cdn.discordapp.com/`).href;\n"],"mappings":";;;AAGA,MAAa,YACX,UACA,WACW,SAAS,UAAU,QAAQ,6BAA6B,EAAE"}

package/dist/requests/index.d.mts

@@ -0,0 +1,9 @@
+import { discord, endpoint } from "./DiscordSession.mjs";
+import { buildURL } from "./buildURL.mjs";
+import { getAsset } from "./getAsset.mjs";
+import { Fetcher, FetcherCapabilities, RequestOptionsFor, get, patch, post, put, remove } from "./methods.mjs";
+import { toProcedure } from "./toProcedure.mjs";
+import { QueryFunction, toQuery } from "./toQuery.mjs";
+import { toValidated } from "./toValidated.mjs";
+import { verifyKey } from "./verifyKey.mjs";
+export { Fetcher, FetcherCapabilities, QueryFunction, RequestOptionsFor, buildURL, discord, endpoint, get, getAsset, patch, post, put, remove, toProcedure, toQuery, toValidated, verifyKey };

package/dist/requests/index.mjs

@@ -0,0 +1,9 @@
+import { discord, endpoint } from "./DiscordSession.mjs";
+import { buildURL } from "./buildURL.mjs";
+import { getAsset } from "./getAsset.mjs";
+import { get, patch, post, put, remove } from "./methods.mjs";
+import { toProcedure } from "./toProcedure.mjs";
+import { toQuery } from "./toQuery.mjs";
+import { toValidated } from "./toValidated.mjs";
+import { verifyKey } from "./verifyKey.mjs";
+export { buildURL, discord, endpoint, get, getAsset, patch, post, put, remove, toProcedure, toQuery, toValidated, verifyKey };

package/dist/requests/methods.d.mts

@@ -0,0 +1,64 @@
+import { RequestBody, RequestOptions } from "./request.mjs";
+import { RequestParams } from "./addParams.mjs";
+import { GenericSchema, GenericSchemaAsync, InferOutput } from "valibot";
+
+//#region src/requests/methods.d.ts
+/**
+ * Capability flags advertised by a {@link Fetcher}. Each flag describes a
+ * property of the underlying Discord endpoint — not a per-call preference.
+ *
+ * The flags drive both the `options` argument the fetcher accepts and the
+ * headers/auth the request layer emits at runtime.
+ */
+interface FetcherCapabilities {
+  /**
+   * `true` if the Discord endpoint MUST be called without an `Authorization`
+   * header. Forces callers to acknowledge the unauthenticated path via
+   * `{ anonymous: true }` and tells the request layer to skip the session token.
+   */
+  readonly anonymous?: boolean;
+  /**
+   * `true` if the Discord endpoint accepts the `X-Audit-Log-Reason` header.
+   * Allows callers to pass `{ reason: "…" }`; the header is URL-encoded and
+   * attached by the request layer.
+   */
+  readonly auditLogReason?: boolean;
+}
+/**
+ * The shape of the per-call `options` argument a {@link Fetcher} accepts,
+ * derived from the endpoint's {@link FetcherCapabilities}.
+ *
+ * - When `anonymous: true` is declared on the capability, the option is
+ *   *required* on every call. When omitted, `anonymous` is forbidden.
+ * - When `auditLogReason: true` is declared, `reason` is permitted; otherwise
+ *   it is forbidden.
+ */
+type RequestOptionsFor<C extends FetcherCapabilities> = (C extends {
+  anonymous: true;
+} ? {
+  anonymous: true;
+} : {
+  anonymous?: never;
+}) & (C extends {
+  auditLogReason: true;
+} ? {
+  reason?: string;
+} : {
+  reason?: never;
+});
+/**
+ * Decide whether the per-call `options` argument is required or optional
+ * based on whether any capability forces a value to be passed.
+ */
+type RequiresOptions<C extends FetcherCapabilities> = C extends {
+  anonymous: true;
+} ? true : false;
+type Fetcher< /** A schema to validate the input arguments of a fetch call */S extends GenericSchema | GenericSchemaAsync | null = null, /** The return value expected from the fetch call */R = void, /** Endpoint capabilities; shapes the `options` argument */C extends FetcherCapabilities = {}> = S extends null ? RequiresOptions<C> extends true ? (options: RequestOptionsFor<C>) => Promise<R> : (options?: RequestOptionsFor<C>) => Promise<R> : RequiresOptions<C> extends true ? (config: InferOutput<NonNullable<S>>, options: RequestOptionsFor<C>) => Promise<R> : (config: InferOutput<NonNullable<S>>, options?: RequestOptionsFor<C>) => Promise<R>;
+declare const get: <T>(url: string, params?: RequestParams, options?: RequestOptions) => Promise<T>;
+declare const post: <T>(url: string, body?: RequestBody, options?: RequestOptions) => Promise<T>;
+declare const put: <T>(url: string, body?: RequestBody, options?: RequestOptions) => Promise<T>;
+declare const patch: <T>(url: string, body?: RequestBody, options?: RequestOptions) => Promise<T>;
+declare const remove: <T = void>(url: string, options?: RequestOptions) => Promise<T>;
+//#endregion
+export { Fetcher, FetcherCapabilities, RequestOptionsFor, get, patch, post, put, remove };
+//# sourceMappingURL=methods.d.mts.map

package/dist/requests/methods.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"methods.d.mts","names":[],"sources":["../../src/requests/methods.ts"],"mappings":";;;;;;;AAaA;;;;AAYyB;UAZR,mBAAA;EAwBY;;;;;EAAA,SAlBlB,SAAA;EAwBL;;;;;EAAA,SAlBK,cAAc;AAAA;;;;;;AAoBT;AAAY;;;KARhB,iBAAA,WAA4B,mBAAA,KAErC,CAAA;EAAY,SAAA;AAAA;EACP,SAAA;AAAA;EACA,SAAA;AAAA,MAEH,CAAA;EAAY,cAAA;AAAA;EACP,MAAA;AAAA;EACA,MAAA;AAAA;;;;;KAML,eAAA,WAA0B,mBAAA,IAAuB,CAAC;EACrD,SAAA;AAAA;AAAA,KAKU,OAAA,2EAEA,aAAA,GAAgB,kBAAA,mJAKhB,mBAAA,SACR,CAAA,gBACA,eAAA,CAAgB,CAAA,kBACb,OAAA,EAAS,iBAAA,CAAkB,CAAA,MAAO,OAAA,CAAQ,CAAA,KAC1C,OAAA,GAAU,iBAAA,CAAkB,CAAA,MAAO,OAAA,CAAQ,CAAA,IAC9C,eAAA,CAAgB,CAAA,kBAEZ,MAAA,EAAQ,WAAA,CAAY,WAAA,CAAY,CAAA,IAChC,OAAA,EAAS,iBAAA,CAAkB,CAAA,MACxB,OAAA,CAAQ,CAAA,KAEX,MAAA,EAAQ,WAAA,CAAY,WAAA,CAAY,CAAA,IAChC,OAAA,GAAU,iBAAA,CAAkB,CAAA,MACzB,OAAA,CAAQ,CAAA;AAAA,cAEN,GAAA,MACX,GAAA,UACA,MAAA,GAAS,aAAA,EACT,OAAA,GAAU,cAAA,KACT,OAAA,CAAQ,CAAA;AAAA,cAEE,IAAA,MACX,GAAA,UACA,IAAA,GAAO,WAAA,EACP,OAAA,GAAU,cAAA,KACT,OAAA,CAAQ,CAAA;AAAA,cAEE,GAAA,MACX,GAAA,UACA,IAAA,GAAO,WAAA,EACP,OAAA,GAAU,cAAA,KACT,OAAA,CAAQ,CAAA;AAAA,cAEE,KAAA,MACX,GAAA,UACA,IAAA,GAAO,WAAA,EACP,OAAA,GAAU,cAAA,KACT,OAAA,CAAQ,CAAA;AAAA,cAEE,MAAA,aACX,GAAA,UACA,OAAA,GAAU,cAAA,KACT,OAAA,CAAQ,CAAA"}

package/dist/requests/methods.mjs

@@ -0,0 +1,12 @@
+import { buildURL } from "./buildURL.mjs";
+import { request } from "./request.mjs";
+//#region src/requests/methods.ts
+const get = async (url, params, options) => request(buildURL(url, params), `GET`, void 0, options);
+const post = async (url, body, options) => request(buildURL(url), `POST`, body, options);
+const put = async (url, body, options) => request(buildURL(url), `PUT`, body, options);
+const patch = async (url, body, options) => request(buildURL(url), `PATCH`, body, options);
+const remove = async (url, options) => request(buildURL(url), `DELETE`, void 0, options);
+//#endregion
+export { get, patch, post, put, remove };
+
+//# sourceMappingURL=methods.mjs.map

package/dist/requests/methods.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"methods.mjs","names":[],"sources":["../../src/requests/methods.ts"],"sourcesContent":["import type { GenericSchema, GenericSchemaAsync, InferOutput } from \"valibot\";\nimport type { RequestParams } from \"./addParams.js\";\nimport { buildURL } from \"./buildURL.js\";\nimport type { RequestBody, RequestOptions } from \"./request.js\";\nimport { request } from \"./request.js\";\n\n/**\n * Capability flags advertised by a {@link Fetcher}. Each flag describes a\n * property of the underlying Discord endpoint — not a per-call preference.\n *\n * The flags drive both the `options` argument the fetcher accepts and the\n * headers/auth the request layer emits at runtime.\n */\nexport interface FetcherCapabilities {\n  /**\n   * `true` if the Discord endpoint MUST be called without an `Authorization`\n   * header. Forces callers to acknowledge the unauthenticated path via\n   * `{ anonymous: true }` and tells the request layer to skip the session token.\n   */\n  readonly anonymous?: boolean;\n  /**\n   * `true` if the Discord endpoint accepts the `X-Audit-Log-Reason` header.\n   * Allows callers to pass `{ reason: \"…\" }`; the header is URL-encoded and\n   * attached by the request layer.\n   */\n  readonly auditLogReason?: boolean;\n}\n\n/**\n * The shape of the per-call `options` argument a {@link Fetcher} accepts,\n * derived from the endpoint's {@link FetcherCapabilities}.\n *\n * - When `anonymous: true` is declared on the capability, the option is\n *   *required* on every call. When omitted, `anonymous` is forbidden.\n * - When `auditLogReason: true` is declared, `reason` is permitted; otherwise\n *   it is forbidden.\n */\nexport type RequestOptionsFor<C extends FetcherCapabilities> =\n  // `anonymous` slot\n  (C extends { anonymous: true }\n    ? { anonymous: true }\n    : { anonymous?: never }) &\n    // `reason` slot\n    (C extends { auditLogReason: true }\n      ? { reason?: string }\n      : { reason?: never });\n\n/**\n * Decide whether the per-call `options` argument is required or optional\n * based on whether any capability forces a value to be passed.\n */\ntype RequiresOptions<C extends FetcherCapabilities> = C extends {\n  anonymous: true;\n}\n  ? true\n  : false;\n\nexport type Fetcher<\n  /** A schema to validate the input arguments of a fetch call */\n  S extends GenericSchema | GenericSchemaAsync | null = null,\n  /** The return value expected from the fetch call */\n  R = void,\n  /** Endpoint capabilities; shapes the `options` argument */\n  // oxlint-disable-next-line typescript/no-empty-object-type\n  C extends FetcherCapabilities = {}\n> = S extends null\n  ? RequiresOptions<C> extends true\n    ? (options: RequestOptionsFor<C>) => Promise<R>\n    : (options?: RequestOptionsFor<C>) => Promise<R>\n  : RequiresOptions<C> extends true\n    ? (\n        config: InferOutput<NonNullable<S>>,\n        options: RequestOptionsFor<C>\n      ) => Promise<R>\n    : (\n        config: InferOutput<NonNullable<S>>,\n        options?: RequestOptionsFor<C>\n      ) => Promise<R>;\n\nexport const get = async <T>(\n  url: string,\n  params?: RequestParams,\n  options?: RequestOptions\n): Promise<T> => request(buildURL(url, params), `GET`, undefined, options);\n\nexport const post = async <T>(\n  url: string,\n  body?: RequestBody,\n  options?: RequestOptions\n): Promise<T> => request(buildURL(url), `POST`, body, options);\n\nexport const put = async <T>(\n  url: string,\n  body?: RequestBody,\n  options?: RequestOptions\n): Promise<T> => request(buildURL(url), `PUT`, body, options);\n\nexport const patch = async <T>(\n  url: string,\n  body?: RequestBody,\n  options?: RequestOptions\n): Promise<T> => request(buildURL(url), `PATCH`, body, options);\n\nexport const remove = async <T = void>(\n  url: string,\n  options?: RequestOptions\n): Promise<T> => request(buildURL(url), `DELETE`, undefined, options);\n"],"mappings":";;;AA+EA,MAAa,MAAM,OACjB,KACA,QACA,YACe,QAAQ,SAAS,KAAK,MAAM,GAAG,OAAO,KAAA,GAAW,OAAO;AAEzE,MAAa,OAAO,OAClB,KACA,MACA,YACe,QAAQ,SAAS,GAAG,GAAG,QAAQ,MAAM,OAAO;AAE7D,MAAa,MAAM,OACjB,KACA,MACA,YACe,QAAQ,SAAS,GAAG,GAAG,OAAO,MAAM,OAAO;AAE5D,MAAa,QAAQ,OACnB,KACA,MACA,YACe,QAAQ,SAAS,GAAG,GAAG,SAAS,MAAM,OAAO;AAE9D,MAAa,SAAS,OACpB,KACA,YACe,QAAQ,SAAS,GAAG,GAAG,UAAU,KAAA,GAAW,OAAO"}

package/dist/requests/request.d.mts

@@ -0,0 +1,28 @@
+//#region src/requests/request.d.ts
+type RequestBody = object | null | undefined;
+/**
+ * Per-call request options forwarded by the typed method helpers
+ * (`get`/`post`/`put`/`patch`/`remove`) into the request layer.
+ *
+ * Endpoints surface these via the `Fetcher` type so the call site is
+ * type-checked against the endpoint's declared capabilities.
+ */
+interface RequestOptions {
+  /**
+   * Skip the `Authorization` header for this request. Used by webhook
+   * and interaction endpoints whose path tokens act as authorization.
+   * When set, `discord.getSession()` is NOT consulted, so the session
+   * is allowed to be unset.
+   */
+  anonymous?: boolean;
+  /**
+   * Audit-log reason. Forwarded to Discord as the `X-Audit-Log-Reason`
+   * header. The value is URL-encoded by the request layer so non-ASCII
+   * characters survive transit.
+   */
+  reason?: string;
+}
+declare const request: <T>(resource: URL, method?: string, body?: RequestBody, options?: RequestOptions) => Promise<T>;
+//#endregion
+export { RequestBody, RequestOptions, request };
+//# sourceMappingURL=request.d.mts.map

package/dist/requests/request.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request.d.mts","names":[],"sources":["../../src/requests/request.ts"],"mappings":";KAQY,WAAA;AAAZ;;;;AAAuB;AASvB;;AATA,UASiB,cAAA;EAOf;AAMM;AAGR;;;;EATE,SAAA;EAaU;;;;;EAPV,MAAM;AAAA;AAAA,cAGK,OAAA,MACX,QAAA,EAAU,GAAA,EACV,MAAA,WACA,IAAA,GAAO,WAAA,EACP,OAAA,GAAU,cAAA,KACT,OAAA,CAAQ,CAAA"}

package/dist/requests/request.mjs

@@ -0,0 +1,31 @@
+import { discord } from "./DiscordSession.mjs";
+import { toCamelKeys } from "../utils/toCamelKeys.mjs";
+import { toSnakeKeys } from "../utils/toSnakeKeys.mjs";
+import { shouldSerializeAsMultipart, toMultipartBody } from "../validations/fileUpload.mjs";
+//#region src/requests/request.ts
+const request = async (resource, method = `GET`, body, options) => {
+	if (!options?.anonymous && !discord.hasAuth) discord.getSession();
+	/**
+	* Serialize the body. The `multipart()` schema wrapper stamps a
+	* sentinel on the parsed body when {@link FileUpload}s are present,
+	* which switches serialization from JSON to `multipart/form-data`.
+	*/
+	const serializeBody = () => {
+		if (!body) return body;
+		try {
+			if (shouldSerializeAsMultipart(body)) return toMultipartBody(body, toSnakeKeys);
+			return JSON.stringify(toSnakeKeys(body));
+		} catch (cause) {
+			console.error(`Received malformed request body:\n\n`, { body });
+			throw new Error(`Failed to serialize request body!`, { cause });
+		}
+	};
+	const res = await discord.queueRequest(resource, method, serializeBody(), options);
+	if (!res.ok) throw new Error(`Request to resource '${resource.toString()}' failed:\n\n${res.statusText}`);
+	if (res.status === 204) return;
+	return toCamelKeys(await res.json());
+};
+//#endregion
+export { request };
+
+//# sourceMappingURL=request.mjs.map

package/dist/requests/request.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"request.mjs","names":[],"sources":["../../src/requests/request.ts"],"sourcesContent":["import { discord } from \"./DiscordSession.js\";\nimport { toCamelKeys } from \"../utils/toCamelKeys.js\";\nimport { toSnakeKeys } from \"../utils/toSnakeKeys.js\";\nimport {\n  shouldSerializeAsMultipart,\n  toMultipartBody\n} from \"../validations/fileUpload.js\";\n\nexport type RequestBody = object | null | undefined;\n\n/**\n * Per-call request options forwarded by the typed method helpers\n * (`get`/`post`/`put`/`patch`/`remove`) into the request layer.\n *\n * Endpoints surface these via the `Fetcher` type so the call site is\n * type-checked against the endpoint's declared capabilities.\n */\nexport interface RequestOptions {\n  /**\n   * Skip the `Authorization` header for this request. Used by webhook\n   * and interaction endpoints whose path tokens act as authorization.\n   * When set, `discord.getSession()` is NOT consulted, so the session\n   * is allowed to be unset.\n   */\n  anonymous?: boolean;\n  /**\n   * Audit-log reason. Forwarded to Discord as the `X-Audit-Log-Reason`\n   * header. The value is URL-encoded by the request layer so non-ASCII\n   * characters survive transit.\n   */\n  reason?: string;\n}\n\nexport const request = async <T>(\n  resource: URL,\n  method = `GET`,\n  body?: RequestBody,\n  options?: RequestOptions\n): Promise<T> => {\n  // Non-anonymous requests need *some* auth: either an active per-request\n  // token or a session token. Anonymous endpoints (webhook/interaction tokens\n  // in the URL) need neither. Fail early with a clear message if none is set.\n  if (!options?.anonymous && !discord.hasAuth) {\n    discord.getSession(); // throws the canonical \"Auth Token must be set\" error\n  }\n\n  /**\n   * Serialize the body. The `multipart()` schema wrapper stamps a\n   * sentinel on the parsed body when {@link FileUpload}s are present,\n   * which switches serialization from JSON to `multipart/form-data`.\n   */\n  const serializeBody = (): string | FormData | null | undefined => {\n    if (!body) return body;\n    try {\n      if (shouldSerializeAsMultipart(body)) {\n        return toMultipartBody(body, toSnakeKeys);\n      }\n      return JSON.stringify(toSnakeKeys(body));\n    } catch (cause) {\n      console.error(`Received malformed request body:\\n\\n`, { body });\n      throw new Error(`Failed to serialize request body!`, { cause });\n    }\n  };\n\n  // Queue the request through the rate limiter\n  const res = await discord.queueRequest(\n    resource,\n    method,\n    serializeBody(),\n    options\n  );\n\n  if (!res.ok) {\n    throw new Error(\n      `Request to resource '${resource.toString()}' failed:\\n\\n${res.statusText}`\n    );\n  }\n\n  // Return `void` on `204 No Content` responses\n  if (res.status === 204) {\n    // @ts-expect-error\n    return;\n  }\n\n  return toCamelKeys(await res.json());\n};\n"],"mappings":";;;;;AAiCA,MAAa,UAAU,OACrB,UACA,SAAS,OACT,MACA,YACe;CAIf,IAAI,CAAC,SAAS,aAAa,CAAC,QAAQ,SAClC,QAAQ,WAAW;;;;;;CAQrB,MAAM,sBAA4D;EAChE,IAAI,CAAC,MAAM,OAAO;EAClB,IAAI;GACF,IAAI,2BAA2B,IAAI,GACjC,OAAO,gBAAgB,MAAM,WAAW;GAE1C,OAAO,KAAK,UAAU,YAAY,IAAI,CAAC;EACzC,SAAS,OAAO;GACd,QAAQ,MAAM,wCAAwC,EAAE,KAAK,CAAC;GAC9D,MAAM,IAAI,MAAM,qCAAqC,EAAE,MAAM,CAAC;EAChE;CACF;CAGA,MAAM,MAAM,MAAM,QAAQ,aACxB,UACA,QACA,cAAc,GACd,OACF;CAEA,IAAI,CAAC,IAAI,IACP,MAAM,IAAI,MACR,wBAAwB,SAAS,SAAS,EAAE,eAAe,IAAI,YACjE;CAIF,IAAI,IAAI,WAAW,KAEjB;CAGF,OAAO,YAAY,MAAM,IAAI,KAAK,CAAC;AACrC"}