npm - @distinctagency/cms-client - Versions diffs - 1.20.1 → 1.21.0 - Mend

@distinctagency/cms-client 1.20.1 → 1.21.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/README.md CHANGED Viewed

@@ -275,6 +275,46 @@ These constraints affect what an editor can upload in the CMS admin. On the cons
 ---
+## 7.3 Date fields
+A `date` field can collect a **full date** (the default) or a **partial date** — year-only, month + year, month-only, or day + month (e.g. a birthday). The precision is set per-field in the CMS admin (Collections → field → **Date precision**) and exposed on the schema as `date_granularity`.
+Values are stored as strings in **partial-ISO** form, so the shape tells you the precision:
+| `date_granularity` | Stored value example | Meaning |
+|---|---|---|
+| `full` *(default / unset)* | `"2026-06-15"` | Day, month, year |
+| `month_year` | `"2026-06"` | Month and year |
+| `year` | `"2026"` | Year only |
+| `month` | `"--06"` | Month only (no year) |
+| `day_month` | `"--06-15"` | Day and month (no year), e.g. a birthday |
+> Existing date fields are unaffected — an unset `date_granularity` behaves exactly like `full`, and the value is still `"YYYY-MM-DD"`.
+### Formatting for display
+The SDK ships two helpers so you don't hand-parse the partial-ISO shapes. `formatPartialDate()` is locale-aware and orders the parts correctly for the locale (e.g. `"15 June"` vs `"June 15"`):
+```ts
+import { formatPartialDate, parsePartialDate } from "@distinctagency/cms-client"
+formatPartialDate("2026-06-15")                         // "15 June 2026" (locale-dependent)
+formatPartialDate("2026-06", { locale: "en-NZ" })       // "June 2026"
+formatPartialDate("2026")                                // "2026"
+formatPartialDate("--06")                                // "June"
+formatPartialDate("--06-15", { month: "short" })        // "15 Jun"
+// Or parse into structured parts to format yourself:
+parsePartialDate("--06-15")
+// → { granularity: "day_month", month: 6, day: 15 }
+```
+`formatPartialDate(value, options?)` accepts `{ locale?: string | string[]; month?: "long" | "short" | "narrow" | "numeric" | "2-digit" }` and returns the raw string unchanged if it isn't a recognised partial date. `parsePartialDate(value)` returns `{ granularity, year?, month?, day? }` or `null`.
+> To know a field's precision ahead of time (e.g. to pick a format), read the schema via `cms.getContentType("<collection>")` and inspect `field.date_granularity`. You rarely need to — the stored value's shape is self-describing and the helpers branch on it for you.
+---
 ## 8. Slug Redirects (301s)
 When content slugs are changed in the CMS, a redirect is created automatically. Wire these into your `next.config.ts` to serve 301 redirects and preserve SEO:

package/dist/index.d.mts CHANGED Viewed

@@ -7,10 +7,20 @@ import { SupabaseClient } from '@supabase/supabase-js';
  * report installed-version telemetry and to send `x-cms-client-version` on
  * outgoing requests.
  */
-declare const CMS_CLIENT_VERSION = "1.20.1";
+declare const CMS_CLIENT_VERSION = "1.21.0";
 /** Field types supported by the CMS schema */
 type FieldType = "text" | "textarea" | "richtext" | "date" | "datetime" | "select" | "number" | "boolean" | "image" | "gallery" | "url" | "file" | "reference" | "multi-reference" | "computed" | "color" | "tags" | "json" | "embed" | "flipbook";
+/**
+ * Date field precision. Controls which parts of a date the admin editor collects
+ * and the partial-ISO shape the value is stored in:
+ * - `full`       → "YYYY-MM-DD"  (default; also when `date_granularity` is unset)
+ * - `month_year` → "YYYY-MM"
+ * - `year`       → "YYYY"
+ * - `month`      → "--MM"        (xsd:gMonth)
+ * - `day_month`  → "--MM-DD"     (xsd:gMonthDay, e.g. a birthday)
+ */
+type DateGranularity = "full" | "year" | "month_year" | "month" | "day_month";
 interface ImageConfig {
     max_width?: number;
     max_height?: number;
@@ -46,6 +56,8 @@ interface FieldDefinition {
     image_config?: ImageConfig;
     /** For number fields: fixed decimal places (e.g. 2 for prices). Values are rounded on save and displayed with trailing zeros. */
     decimal_places?: number;
+    /** For date fields: which parts of the date the editor collects. Defaults to `full`. Stored in partial-ISO form — see {@link DateGranularity}. */
+    date_granularity?: DateGranularity;
 }
 interface Tenant {
     id: string;
@@ -695,6 +707,33 @@ declare const IMAGE_PRESETS: {
     };
 };
+interface ParsedPartialDate {
+    granularity: DateGranularity;
+    /** 4-digit year — absent for `month` and `day_month`. */
+    year?: number;
+    /** 1-12 — absent for `year`. */
+    month?: number;
+    /** 1-31 — present only for `full` and `day_month`. */
+    day?: number;
+}
+/**
+ * Parses a partial-ISO date string (as produced by a `date` field) into its parts.
+ * Returns `null` if the string doesn't match a known granularity shape.
+ */
+declare function parsePartialDate(value: string): ParsedPartialDate | null;
+interface FormatPartialDateOptions {
+    /** BCP 47 locale(s) passed to Intl.DateTimeFormat. Defaults to the runtime locale. */
+    locale?: string | string[];
+    /** Month rendering style. Defaults to `long` (e.g. "May"). */
+    month?: "long" | "short" | "narrow" | "numeric" | "2-digit";
+}
+/**
+ * Formats a partial-ISO date string for display, honouring the value's granularity
+ * and locale-correct part ordering (e.g. "12 May" vs "May 12"). Returns the raw
+ * string unchanged if it isn't a recognised partial date.
+ */
+declare function formatPartialDate(value: string, options?: FormatPartialDateOptions): string;
 /**
  * Helpers for verifying outbound webhooks fired by the CMS.
  *
@@ -789,4 +828,4 @@ declare function revalidateAllTags(payload: Pick<WebhookEventPayload, "cache_tag
     expire?: number;
 }) => unknown): string[];
-export { type BookingStatus, CMS_CLIENT_VERSION, type CmsClientOptions, type CmsEvent, type CmsTicketTier, type ContentItem, type ContentQueryOptions, type ContentType, type ContentTypeSeoConfig, type CreateBookingParams, type CreateBookingResult, type CreateOrderParams, type CreateOrderResult, type DiscountType, type EmbedValue, type EventQueryOptions, type EventStatus, type EventWithTiers, type FieldDefinition, type FieldType, type FlipbookPagePublic, type FlipbookPublic, type FlipbookTocEntryPublic, type GoogleReview, IMAGE_PRESETS, type ImageConfig, type ImageTransformOptions, type MediaFolder, type MediaItem, type Member, type MembershipTier, type OrderAddress, type OrderLineItem, type OrderStatus, type PaymentStatus, type Product, type ProductCategory, type ProductOption, type ProductQueryOptions, type ProductStatus, type ProductVariant, type Profile, type ReviewQueryOptions, TRACKING_CONFIG_TAG, type Tenant, type TenantMembership, type TrackingConfig, type TrackingConfigOptions, WEBHOOK_EVENTS, type WebhookEvent, type WebhookEventPayload, createCmsClient, createEventsClient, createShopClient, getEmbedHtml, getSrcSet, getTransformUrl, revalidateAllTags, verifyWebhookSignature };
+export { type BookingStatus, CMS_CLIENT_VERSION, type CmsClientOptions, type CmsEvent, type CmsTicketTier, type ContentItem, type ContentQueryOptions, type ContentType, type ContentTypeSeoConfig, type CreateBookingParams, type CreateBookingResult, type CreateOrderParams, type CreateOrderResult, type DateGranularity, type DiscountType, type EmbedValue, type EventQueryOptions, type EventStatus, type EventWithTiers, type FieldDefinition, type FieldType, type FlipbookPagePublic, type FlipbookPublic, type FlipbookTocEntryPublic, type FormatPartialDateOptions, type GoogleReview, IMAGE_PRESETS, type ImageConfig, type ImageTransformOptions, type MediaFolder, type MediaItem, type Member, type MembershipTier, type OrderAddress, type OrderLineItem, type OrderStatus, type ParsedPartialDate, type PaymentStatus, type Product, type ProductCategory, type ProductOption, type ProductQueryOptions, type ProductStatus, type ProductVariant, type Profile, type ReviewQueryOptions, TRACKING_CONFIG_TAG, type Tenant, type TenantMembership, type TrackingConfig, type TrackingConfigOptions, WEBHOOK_EVENTS, type WebhookEvent, type WebhookEventPayload, createCmsClient, createEventsClient, createShopClient, formatPartialDate, getEmbedHtml, getSrcSet, getTransformUrl, parsePartialDate, revalidateAllTags, verifyWebhookSignature };

package/dist/index.d.ts CHANGED Viewed

@@ -7,10 +7,20 @@ import { SupabaseClient } from '@supabase/supabase-js';
  * report installed-version telemetry and to send `x-cms-client-version` on
  * outgoing requests.
  */
-declare const CMS_CLIENT_VERSION = "1.20.1";
+declare const CMS_CLIENT_VERSION = "1.21.0";
 /** Field types supported by the CMS schema */
 type FieldType = "text" | "textarea" | "richtext" | "date" | "datetime" | "select" | "number" | "boolean" | "image" | "gallery" | "url" | "file" | "reference" | "multi-reference" | "computed" | "color" | "tags" | "json" | "embed" | "flipbook";
+/**
+ * Date field precision. Controls which parts of a date the admin editor collects
+ * and the partial-ISO shape the value is stored in:
+ * - `full`       → "YYYY-MM-DD"  (default; also when `date_granularity` is unset)
+ * - `month_year` → "YYYY-MM"
+ * - `year`       → "YYYY"
+ * - `month`      → "--MM"        (xsd:gMonth)
+ * - `day_month`  → "--MM-DD"     (xsd:gMonthDay, e.g. a birthday)
+ */
+type DateGranularity = "full" | "year" | "month_year" | "month" | "day_month";
 interface ImageConfig {
     max_width?: number;
     max_height?: number;
@@ -46,6 +56,8 @@ interface FieldDefinition {
     image_config?: ImageConfig;
     /** For number fields: fixed decimal places (e.g. 2 for prices). Values are rounded on save and displayed with trailing zeros. */
     decimal_places?: number;
+    /** For date fields: which parts of the date the editor collects. Defaults to `full`. Stored in partial-ISO form — see {@link DateGranularity}. */
+    date_granularity?: DateGranularity;
 }
 interface Tenant {
     id: string;
@@ -695,6 +707,33 @@ declare const IMAGE_PRESETS: {
     };
 };
+interface ParsedPartialDate {
+    granularity: DateGranularity;
+    /** 4-digit year — absent for `month` and `day_month`. */
+    year?: number;
+    /** 1-12 — absent for `year`. */
+    month?: number;
+    /** 1-31 — present only for `full` and `day_month`. */
+    day?: number;
+}
+/**
+ * Parses a partial-ISO date string (as produced by a `date` field) into its parts.
+ * Returns `null` if the string doesn't match a known granularity shape.
+ */
+declare function parsePartialDate(value: string): ParsedPartialDate | null;
+interface FormatPartialDateOptions {
+    /** BCP 47 locale(s) passed to Intl.DateTimeFormat. Defaults to the runtime locale. */
+    locale?: string | string[];
+    /** Month rendering style. Defaults to `long` (e.g. "May"). */
+    month?: "long" | "short" | "narrow" | "numeric" | "2-digit";
+}
+/**
+ * Formats a partial-ISO date string for display, honouring the value's granularity
+ * and locale-correct part ordering (e.g. "12 May" vs "May 12"). Returns the raw
+ * string unchanged if it isn't a recognised partial date.
+ */
+declare function formatPartialDate(value: string, options?: FormatPartialDateOptions): string;
 /**
  * Helpers for verifying outbound webhooks fired by the CMS.
  *
@@ -789,4 +828,4 @@ declare function revalidateAllTags(payload: Pick<WebhookEventPayload, "cache_tag
     expire?: number;
 }) => unknown): string[];
-export { type BookingStatus, CMS_CLIENT_VERSION, type CmsClientOptions, type CmsEvent, type CmsTicketTier, type ContentItem, type ContentQueryOptions, type ContentType, type ContentTypeSeoConfig, type CreateBookingParams, type CreateBookingResult, type CreateOrderParams, type CreateOrderResult, type DiscountType, type EmbedValue, type EventQueryOptions, type EventStatus, type EventWithTiers, type FieldDefinition, type FieldType, type FlipbookPagePublic, type FlipbookPublic, type FlipbookTocEntryPublic, type GoogleReview, IMAGE_PRESETS, type ImageConfig, type ImageTransformOptions, type MediaFolder, type MediaItem, type Member, type MembershipTier, type OrderAddress, type OrderLineItem, type OrderStatus, type PaymentStatus, type Product, type ProductCategory, type ProductOption, type ProductQueryOptions, type ProductStatus, type ProductVariant, type Profile, type ReviewQueryOptions, TRACKING_CONFIG_TAG, type Tenant, type TenantMembership, type TrackingConfig, type TrackingConfigOptions, WEBHOOK_EVENTS, type WebhookEvent, type WebhookEventPayload, createCmsClient, createEventsClient, createShopClient, getEmbedHtml, getSrcSet, getTransformUrl, revalidateAllTags, verifyWebhookSignature };
+export { type BookingStatus, CMS_CLIENT_VERSION, type CmsClientOptions, type CmsEvent, type CmsTicketTier, type ContentItem, type ContentQueryOptions, type ContentType, type ContentTypeSeoConfig, type CreateBookingParams, type CreateBookingResult, type CreateOrderParams, type CreateOrderResult, type DateGranularity, type DiscountType, type EmbedValue, type EventQueryOptions, type EventStatus, type EventWithTiers, type FieldDefinition, type FieldType, type FlipbookPagePublic, type FlipbookPublic, type FlipbookTocEntryPublic, type FormatPartialDateOptions, type GoogleReview, IMAGE_PRESETS, type ImageConfig, type ImageTransformOptions, type MediaFolder, type MediaItem, type Member, type MembershipTier, type OrderAddress, type OrderLineItem, type OrderStatus, type ParsedPartialDate, type PaymentStatus, type Product, type ProductCategory, type ProductOption, type ProductQueryOptions, type ProductStatus, type ProductVariant, type Profile, type ReviewQueryOptions, TRACKING_CONFIG_TAG, type Tenant, type TenantMembership, type TrackingConfig, type TrackingConfigOptions, WEBHOOK_EVENTS, type WebhookEvent, type WebhookEventPayload, createCmsClient, createEventsClient, createShopClient, formatPartialDate, getEmbedHtml, getSrcSet, getTransformUrl, parsePartialDate, revalidateAllTags, verifyWebhookSignature };

package/dist/index.js CHANGED Viewed

@@ -27,16 +27,18 @@ __export(src_exports, {
   createCmsClient: () => createCmsClient,
   createEventsClient: () => createEventsClient,
   createShopClient: () => createShopClient,
+  formatPartialDate: () => formatPartialDate,
   getEmbedHtml: () => getEmbedHtml,
   getSrcSet: () => getSrcSet,
   getTransformUrl: () => getTransformUrl,
+  parsePartialDate: () => parsePartialDate,
   revalidateAllTags: () => revalidateAllTags,
   verifyWebhookSignature: () => verifyWebhookSignature
 });
 module.exports = __toCommonJS(src_exports);
 // src/version.ts
-var CMS_CLIENT_VERSION = "1.20.1";
+var CMS_CLIENT_VERSION = "1.21.0";
 // src/queries.ts
 var import_supabase_js = require("@supabase/supabase-js");
@@ -577,6 +579,45 @@ var IMAGE_PRESETS = {
   full: { width: 1920, resize: "contain", quality: 85 }
 };
+// src/date.ts
+function parsePartialDate(value) {
+  if (!value) return null;
+  let m;
+  if (m = /^(\d{4})-(\d{2})-(\d{2})$/.exec(value))
+    return { granularity: "full", year: +m[1], month: +m[2], day: +m[3] };
+  if (m = /^(\d{4})-(\d{2})$/.exec(value))
+    return { granularity: "month_year", year: +m[1], month: +m[2] };
+  if (m = /^(\d{4})$/.exec(value)) return { granularity: "year", year: +m[1] };
+  if (m = /^--(\d{2})-(\d{2})$/.exec(value))
+    return { granularity: "day_month", month: +m[1], day: +m[2] };
+  if (m = /^--(\d{2})$/.exec(value)) return { granularity: "month", month: +m[1] };
+  return null;
+}
+function formatPartialDate(value, options = {}) {
+  const parsed = parsePartialDate(value);
+  if (!parsed) return value;
+  const { locale, month = "long" } = options;
+  const monthIndex = parsed.month ? parsed.month - 1 : 0;
+  switch (parsed.granularity) {
+    case "year":
+      return String(parsed.year);
+    case "month":
+      return new Intl.DateTimeFormat(locale, { month }).format(new Date(2e3, monthIndex, 1));
+    case "month_year":
+      return new Intl.DateTimeFormat(locale, { month, year: "numeric" }).format(
+        new Date(parsed.year, monthIndex, 1)
+      );
+    case "day_month":
+      return new Intl.DateTimeFormat(locale, { month, day: "numeric" }).format(
+        new Date(2e3, monthIndex, parsed.day)
+      );
+    case "full":
+      return new Intl.DateTimeFormat(locale, { year: "numeric", month, day: "numeric" }).format(
+        new Date(parsed.year, monthIndex, parsed.day)
+      );
+  }
+}
 // src/webhooks.ts
 async function verifyWebhookSignature(secret, rawBody, signature) {
   if (!signature || !secret) return false;
@@ -663,9 +704,11 @@ function timingSafeEqualHex(a, b) {
   createCmsClient,
   createEventsClient,
   createShopClient,
+  formatPartialDate,
   getEmbedHtml,
   getSrcSet,
   getTransformUrl,
+  parsePartialDate,
   revalidateAllTags,
   verifyWebhookSignature
 });

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/index.ts","../src/version.ts","../src/queries.ts","../src/telemetry.ts","../src/embed.ts","../src/shop.ts","../src/events.ts","../src/cdn.ts","../src/webhooks.ts"],"sourcesContent":["// Server-safe exports — no React, no \"use client\"\nexport { CMS_CLIENT_VERSION } from \"./version\"\nexport { createCmsClient, TRACKING_CONFIG_TAG } from \"./queries\"\nexport type { TrackingConfig, TrackingConfigOptions } from \"./queries\"\nexport { getEmbedHtml } from \"./embed\"\nexport { createShopClient } from \"./shop\"\nexport { createEventsClient } from \"./events\"\nexport type {\n CmsEvent,\n CmsTicketTier,\n EventWithTiers,\n EventQueryOptions,\n CreateBookingParams,\n CreateBookingResult,\n EventStatus,\n BookingStatus,\n} from \"./events\"\nexport { getTransformUrl, getSrcSet, IMAGE_PRESETS } from \"./cdn\"\nexport type { ImageTransformOptions } from \"./cdn\"\nexport { verifyWebhookSignature, revalidateAllTags, WEBHOOK_EVENTS } from \"./webhooks\"\nexport type { WebhookEvent, WebhookEventPayload } from \"./webhooks\"\nexport type {\n FieldType,\n FieldDefinition,\n Tenant,\n Profile,\n ContentType,\n ContentItem,\n MediaItem,\n MediaFolder,\n ContentQueryOptions,\n CmsClientOptions,\n TenantMembership,\n ImageConfig,\n ContentTypeSeoConfig,\n Product,\n ProductStatus,\n ProductCategory,\n ProductVariant,\n ProductOption,\n OrderAddress,\n OrderStatus,\n PaymentStatus,\n OrderLineItem,\n DiscountType,\n CreateOrderParams,\n CreateOrderResult,\n ProductQueryOptions,\n MembershipTier,\n Member,\n GoogleReview,\n ReviewQueryOptions,\n EmbedValue,\n FlipbookPagePublic,\n FlipbookTocEntryPublic,\n FlipbookPublic,\n} from \"./types\"\n","/*\n The version of @distinctagency/cms-client embedded in this build.\n \n Bump this in lock-step with package.json — the value is read by the SDK to\n * report installed-version telemetry and to send `x-cms-client-version` on\n * outgoing requests.\n /\nexport const CMS_CLIENT_VERSION = \"1.20.1\"\n","import { createClient as createSupabaseClient } from \"@supabase/supabase-js\"\nimport type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n CmsClientOptions,\n ContentItem,\n ContentQueryOptions,\n ContentType,\n GoogleReview,\n ReviewQueryOptions,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\n/\n Creates a CMS query client authenticated with a tenant API key.\n \n Usage:\n * ```ts\n * const cms = createCmsClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const events = await cms.getContentItems('events', { status: 'published' })\n * ```\n \n The API key is sent as an `x-cms-api-key` header on every request.\n * Supabase RLS policies validate it against the tenant's stored key.\n /\nexport function createCmsClient(\n supabase: SupabaseClient,\n options: CmsClientOptions\n) {\n const { apiKey } = options\n\n // Create a new Supabase client with the API key header injected globally\n const client = withApiKey(supabase, apiKey) as SupabaseClient\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, options.appUrl)\n\n /* Resolve the tenant ID from the API key (cached per request) /\n let tenantIdCache: string \| null = null\n\n async function getTenantId(): Promise<string> {\n if (tenantIdCache) return tenantIdCache\n\n const { data, error } = await client\n .from(\"tenants\")\n .select(\"id\")\n .single()\n\n if (error \|\| !data) {\n throw new Error(\n \"Invalid CMS API key — no tenant found. Check your apiKey.\"\n )\n }\n\n tenantIdCache = data.id\n return data.id\n }\n\n /* Resolve a content type from its slug (cached) /\n const contentTypeCache = new Map<string, ContentType>()\n\n async function getContentTypeBySlug(contentTypeSlug: string): Promise<ContentType> {\n if (contentTypeCache.has(contentTypeSlug)) return contentTypeCache.get(contentTypeSlug)!\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n const ct = data as ContentType\n contentTypeCache.set(contentTypeSlug, ct)\n return ct\n }\n\n async function getContentTypeId(contentTypeSlug: string): Promise<string> {\n const ct = await getContentTypeBySlug(contentTypeSlug)\n return ct.id\n }\n\n /** Check if a member token has access to a gated content type /\n async function checkMemberAccess(\n contentType: ContentType,\n memberToken?: string\n ): Promise<{ allowed: boolean; memberTierId: string \| null }> {\n const requiredTierId = contentType.required_membership_tier_id\n if (!requiredTierId) return { allowed: true, memberTierId: null } // Public\n\n if (!memberToken) return { allowed: false, memberTierId: null } // Gated but no token\n\n // Verify the member's token and check their tier\n const { data: session } = await client\n .from(\"member_sessions\")\n .select(\"member_id\")\n .eq(\"token_hash\", memberToken) // Note: caller should hash the token\n .single()\n\n if (!session) return { allowed: false, memberTierId: null }\n\n const { data: member } = await client\n .from(\"members\")\n .select(\"membership_tier_id, status\")\n .eq(\"id\", session.member_id)\n .single()\n\n if (!member \|\| member.status !== \"active\") return { allowed: false, memberTierId: null }\n\n // Check if the member's tier matches (or exceeds) the required tier\n // For now: exact match or the member has the required tier\n return {\n allowed: member.membership_tier_id === requiredTierId,\n memberTierId: member.membership_tier_id as string \| null,\n }\n }\n\n async function getFlipbook(id: string): Promise<import(\"./types\").FlipbookPublic \| null> {\n const { data, error } = await client\n .from(\"flipbooks\")\n .select(\"id, title, page_count, status, manifest, download_enabled, tenant_id\")\n .eq(\"id\", id)\n .single()\n if (error \|\| !data) return null\n\n const manifest = data.manifest as\n \| { pages: Array<{ image: string; thumb: string; w: number; h: number }>; toc: Array<{ title: string; page: number }> }\n \| null\n if (!manifest) {\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? 0,\n status: data.status as \"pending_upload\" \| \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: [],\n toc: [],\n download_url: null,\n }\n }\n\n // Browser-safe env lookup via globalThis. The client package builds without\n // @types/node so referring to `process` directly fails the dts build; reading\n // through globalThis sidesteps that and works in every JS environment that\n // matters (Node, browsers, edge runtimes).\n const proc = (globalThis as { process?: { env?: Record<string, string \| undefined> } }).process\n const cdnBase = proc?.env?.NEXT_PUBLIC_R2_PUBLIC_URL ?? \"https://cdn.distinctstudio.co.nz\"\n const prefix = `flipbooks/${data.tenant_id as string}/${data.id as string}/`\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? manifest.pages.length,\n status: data.status as \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: manifest.pages.map((p) => ({\n url: `${cdnBase}/${prefix}${p.image}`,\n thumb_url: `${cdnBase}/${prefix}${p.thumb}`,\n w: p.w,\n h: p.h,\n })),\n toc: manifest.toc,\n download_url: data.download_enabled\n ? `${options.appUrl ?? \"\"}/api/flipbooks/${data.id as string}/download`\n : null,\n }\n }\n\n return {\n /\n List content items for a content type.\n * Defaults to published items ordered by most recent.\n /\n async getContentItems(\n contentTypeSlug: string,\n options: ContentQueryOptions = {}\n ): Promise<(ContentItem & { locked?: boolean })[]> {\n const contentType = await getContentTypeBySlug(contentTypeSlug)\n\n const {\n status = \"published\",\n orderBy = \"published_at\",\n orderDirection = \"desc\",\n limit = 100,\n offset = 0,\n memberToken,\n } = options\n\n // Check membership access\n const access = await checkMemberAccess(contentType, memberToken)\n\n // If gated and no access, check gating mode\n if (!access.allowed && contentType.required_membership_tier_id) {\n // Get tenant settings for gating mode\n const tenantId = await getTenantId()\n const { data: settings } = await client\n .from(\"tenant_settings\")\n .select(\"membership_gating_mode\")\n .eq(\"tenant_id\", tenantId)\n .single()\n\n const mode = (settings?.membership_gating_mode as string) ?? \"teaser\"\n\n if (mode === \"hide\") {\n return [] // Hide: return nothing\n }\n\n // Teaser mode: return items with locked flag, no body/data\n let query = client\n .from(\"content_items\")\n .select(\"id, title, slug, status, excerpt, seo_title, seo_description, featured_image, published_at, created_at, updated_at\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) query = query.eq(\"status\", status)\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n if (error) throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n\n return (data ?? []).map((item) => ({\n ...item,\n data: {},\n locked: true,\n })) as (ContentItem & { locked: boolean })[]\n }\n\n // Full access\n let query = client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n }\n\n return (data ?? []) as ContentItem[]\n },\n\n /*\n Get a single content item by its slug.\n * Returns null if not found.\n /\n async getContentItemBySlug(\n contentTypeSlug: string,\n itemSlug: string\n ): Promise<ContentItem \| null> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"slug\", itemSlug)\n .single()\n\n if (error) {\n if (error.code === \"PGRST116\") return null // not found\n throw new Error(\n `Failed to fetch ${contentTypeSlug}/${itemSlug}: ${error.message}`\n )\n }\n\n return data as ContentItem\n },\n\n /*\n Get a content type definition (including its field schema).\n /\n async getContentType(contentTypeSlug: string): Promise<ContentType> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n return data as ContentType\n },\n\n /*\n Get all slugs for a content type (for generateStaticParams).\n /\n async getAllSlugs(\n contentTypeSlug: string\n ): Promise<{ slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"slug\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"status\", \"published\")\n\n if (error) {\n throw new Error(\n `Failed to fetch slugs for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { slug: string }[]\n },\n\n /\n List all content types for this tenant.\n /\n async getContentTypes(): Promise<ContentType[]> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .order(\"name\")\n\n if (error) {\n throw new Error(`Failed to fetch content types: ${error.message}`)\n }\n\n return (data ?? []) as ContentType[]\n },\n\n /*\n Get all slug redirects for a content type.\n * Use in next.config.js redirects() or middleware for 301s.\n * Returns: [{ old_slug, new_slug }, ...]\n /\n async getRedirects(\n contentTypeSlug: string\n ): Promise<{ old_slug: string; new_slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"slug_redirects\")\n .select(\"old_slug, new_slug\")\n .eq(\"content_type_id\", contentTypeId)\n\n if (error) {\n throw new Error(\n `Failed to fetch redirects for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { old_slug: string; new_slug: string }[]\n },\n\n /\n Get all custom path redirects for this tenant.\n * Use alongside getRedirects() in next.config.ts for full redirect coverage.\n /\n async getCustomRedirects(): Promise<\n { source_path: string; destination_path: string; permanent: boolean }[]\n > {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"custom_redirects\")\n .select(\"source_path, destination_path, permanent\")\n .eq(\"tenant_id\", tenantId)\n\n if (error) {\n throw new Error(`Failed to fetch custom redirects: ${error.message}`)\n }\n\n return (data ?? []) as {\n source_path: string\n destination_path: string\n permanent: boolean\n }[]\n },\n\n /\n Get form submissions for a specific form.\n * Useful for displaying testimonials, reviews, etc.\n /\n async getFormSubmissions(\n formSlug: string,\n options: { status?: string; limit?: number; offset?: number } = {}\n ): Promise<Record<string, unknown>[]> {\n const tenantId = await getTenantId()\n\n const { data: form } = await client\n .from(\"forms\")\n .select(\"id\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n if (!form) return []\n\n const { limit = 50, offset = 0, status } = options\n\n let query = client\n .from(\"form_submissions\")\n .select(\"\")\n .eq(\"form_id\", form.id)\n .eq(\"is_spam\", false)\n .order(\"created_at\", { ascending: false })\n .range(offset, offset + limit - 1)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n const { data } = await query\n return (data ?? []) as Record<string, unknown>[]\n },\n\n /*\n Get a form configuration by slug.\n /\n async getForm(\n formSlug: string\n ): Promise<Record<string, unknown> \| null> {\n const tenantId = await getTenantId()\n\n const { data } = await client\n .from(\"forms\")\n .select(\"id, name, slug, description, is_active\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n return data as Record<string, unknown> \| null\n },\n\n /\n Get a flipbook by ID, including CDN-resolved page image URLs.\n * Returns null if not found or manifest not yet ready.\n /\n getFlipbook,\n\n /\n Get Google Reviews for this tenant.\n * Defaults to approved reviews ordered by most recent.\n /\n async getReviews(\n options: ReviewQueryOptions = {}\n ): Promise<GoogleReview[]> {\n const tenantId = await getTenantId()\n\n const {\n status = \"approved\",\n minRating,\n limit = 50,\n offset = 0,\n orderBy = \"review_timestamp\",\n orderDirection = \"desc\",\n } = options\n\n let query = client\n .from(\"google_reviews\")\n .select(\"id, author_name, author_photo_url, rating, text, review_timestamp\")\n .eq(\"tenant_id\", tenantId)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n if (minRating) {\n query = query.gte(\"rating\", minRating)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch reviews: ${error.message}`)\n }\n\n return (data ?? []) as GoogleReview[]\n },\n\n /\n Get the tenant's third-party tracking IDs (Google Analytics, Google Tag Manager, Meta Pixel).\n * Each value is null when not configured. These IDs are public and safe to render in HTML.\n \n On Next.js, the result is cached and revalidated every hour by default\n * (`revalidate: 3600`) and tagged with `TRACKING_CONFIG_TAG`. Tenant sites\n * that want zero-lag updates can call `revalidateTag(TRACKING_CONFIG_TAG)`\n * from a webhook. Pass `revalidate: 0` to disable caching, `revalidate: false`\n * to cache indefinitely (tag-only invalidation), or any positive integer\n * (seconds) to override the interval. Outside Next.js the cache hints are\n * silently ignored — every call hits the network.\n /\n async getTrackingConfig(options: TrackingConfigOptions = {}): Promise<TrackingConfig> {\n const { revalidate = 3600, tags = [TRACKING_CONFIG_TAG] } = options\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n // Direct PostgREST fetch (instead of going through supabase-js) so that\n // Next.js sees the request and applies its `next` cache options. RLS\n // restricts the result to the tenant matching `x-cms-api-key`, so no\n // explicit tenant_id filter is needed.\n const url =\n `${supabaseUrl}/rest/v1/tenant_settings` +\n `?select=google_analytics_id,google_tag_manager_id,google_ads_id,meta_pixel_id&limit=1`\n\n const init: RequestInit & { next?: { revalidate?: number \| false; tags?: string[] } } = {\n headers: {\n apikey: supabaseKey,\n Authorization: `Bearer ${supabaseKey}`,\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n Accept: \"application/json\",\n },\n next: { revalidate, tags },\n }\n\n let row: {\n google_analytics_id: string \| null\n google_tag_manager_id: string \| null\n google_ads_id: string \| null\n meta_pixel_id: string \| null\n } \| undefined\n\n try {\n const res = await fetch(url, init as RequestInit)\n if (res.ok) {\n const rows = (await res.json()) as Array<typeof row>\n row = rows?.[0]\n }\n } catch {\n // Network errors fall through to the all-null result so a transient\n // outage on the CMS never breaks page renders on the tenant site.\n }\n\n return {\n googleAnalyticsId: nullify(row?.google_analytics_id),\n googleTagManagerId: nullify(row?.google_tag_manager_id),\n googleAdsId: nullify(row?.google_ads_id),\n metaPixelId: nullify(row?.meta_pixel_id),\n }\n },\n }\n}\n\n/\n Cache tag applied to `getTrackingConfig()` fetches on Next.js. Call\n * `revalidateTag(TRACKING_CONFIG_TAG)` from a webhook handler on the tenant\n * site to make tracking-ID changes take effect immediately rather than\n * waiting for the next revalidation interval.\n /\nexport const TRACKING_CONFIG_TAG = \"cms:tracking-config\"\n\nexport interface TrackingConfigOptions {\n /\n Cache lifetime for the underlying fetch on Next.js, in seconds.\n * Defaults to 3600 (one hour). Set to `0` to disable caching, or `false`\n * to cache indefinitely until the tag is revalidated. Ignored outside\n * Next.js runtimes.\n /\n revalidate?: number \| false\n /\n Cache tags for the underlying fetch on Next.js. Defaults to\n * `[TRACKING_CONFIG_TAG]`. Override to namespace by tenant if you share a\n * single Next.js process across multiple tenants (uncommon).\n /\n tags?: string[]\n}\n\nfunction nullify(v: string \| null \| undefined): string \| null {\n if (!v) return null\n const trimmed = v.trim()\n return trimmed.length > 0 ? trimmed : null\n}\n\nexport interface TrackingConfig {\n googleAnalyticsId: string \| null\n googleTagManagerId: string \| null\n googleAdsId: string \| null\n metaPixelId: string \| null\n}\n\n/\n Creates a new Supabase client that includes the `x-cms-api-key`\n * header in every request, using the same URL and key as the original.\n /\nfunction withApiKey(supabase: SupabaseClient, apiKey: string) {\n // Extract URL and key from the existing client\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n return createSupabaseClient(supabaseUrl, supabaseKey, {\n global: {\n headers: {\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n },\n })\n}\n","import { CMS_CLIENT_VERSION } from \"./version\"\n\n/\n Reports the running SDK version to the CMS so the Super Admin UI can show\n * which client version each tenant site is on.\n \n Day-granular and process-local: at most one POST per (api key + day) per\n * Node process. Calls from browser code are ignored — the API key would be\n * exposed and the data is redundant with server-side reports.\n \n Fire-and-forget. Failures are silent — telemetry must never break a render.\n /\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\ninterface ReportRecord {\n date: string // YYYY-MM-DD\n version: string\n}\n\nconst reported = new Map<string, ReportRecord>()\n\nfunction todayKey(): string {\n return new Date().toISOString().slice(0, 10)\n}\n\nexport function reportClientVersion(apiKey: string, appUrl?: string): void {\n // Skip in browser contexts — server-side calls already cover the tenant.\n if (typeof window !== \"undefined\") return\n if (!apiKey) return\n\n const today = todayKey()\n const last = reported.get(apiKey)\n if (last && last.date === today && last.version === CMS_CLIENT_VERSION) return\n\n // Optimistically mark as reported so concurrent calls don't all fire. If the\n // request fails we'll retry tomorrow — that's acceptable for telemetry.\n reported.set(apiKey, { date: today, version: CMS_CLIENT_VERSION })\n\n const envAppUrl =\n typeof process !== \"undefined\" ? process.env?.NEXT_PUBLIC_CMS_URL : undefined\n const base = (appUrl ?? envAppUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n const url = `${base}/api/client-telemetry`\n\n // Fire and forget. Use a hand-rolled then() chain rather than async/await so\n // we don't accidentally surface an unhandled rejection.\n void fetch(url, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n body: JSON.stringify({\n api_key: apiKey,\n version: CMS_CLIENT_VERSION,\n }),\n }).catch(() => {\n // Allow a retry on the next call by clearing the optimistic record.\n reported.delete(apiKey)\n })\n}\n","import type { EmbedValue } from \"./types\"\n\nfunction toCssAspectRatio(ratio: string): string {\n const parts = ratio.split(\":\")\n if (parts.length !== 2) return \"16/9\"\n const w = parseFloat(parts[0])\n const h = parseFloat(parts[1])\n if (!w \|\| !h \|\| w <= 0 \|\| h <= 0) return \"16/9\"\n return `${w}/${h}`\n}\n\n/\n Generate responsive iframe HTML for an embed field value.\n * Returns an empty string if the value is invalid or the URL is not HTTPS.\n /\nexport function getEmbedHtml(value: unknown): string {\n if (!value \|\| typeof value !== \"object\") return \"\"\n const embed = value as EmbedValue\n if (!embed.url \|\| !embed.url.startsWith(\"https://\")) return \"\"\n\n const width = embed.width \|\| \"100%\"\n const aspectRatio = toCssAspectRatio(embed.aspect_ratio \|\| \"16:9\")\n\n return `<div style=\"position:relative;width:${width};aspect-ratio:${aspectRatio}\"><iframe src=\"${embed.url}\" style=\"position:absolute;inset:0;width:100%;height:100%\" frameborder=\"0\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox\" allowfullscreen loading=\"lazy\"></iframe></div>`\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n Product,\n ProductCategory,\n ProductQueryOptions,\n CreateOrderParams,\n CreateOrderResult,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\nexport interface ShopClientOptions {\n /* Tenant API key (UUID). Sent as `x-cms-api-key` on every request. /\n apiKey: string\n /* CMS app base URL. Defaults to `https://cms.distinctstudio.co.nz`. /\n appUrl?: string\n}\n\n/\n Creates a typed client for the eCommerce REST API (products, categories, orders).\n \n Unlike `createCmsClient`, the shop client talks to the CMS REST endpoints\n * (`/api/products`, `/api/product-categories`, `/api/orders/create`) rather than\n * Supabase directly — it doesn't need the `supabase` argument, but accepts it\n * for API symmetry with the rest of the SDK.\n \n Usage:\n * ```ts\n * const shop = createShopClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const products = await shop.getProducts({ category: \"electronics\", limit: 20 })\n * ```\n /\nexport function createShopClient(\n _supabase: SupabaseClient,\n options: ShopClientOptions\n) {\n const { apiKey } = options\n const appUrl = (options.appUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n function authHeaders(): HeadersInit {\n return {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n }\n }\n\n async function getJson<T>(path: string): Promise<T> {\n const res = await fetch(`${appUrl}${path}`, {\n headers: authHeaders(),\n // Caller controls Next.js caching by wrapping the call site.\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(\n body.error ?? `Shop request failed (${res.status}): ${path}`\n )\n }\n return res.json() as Promise<T>\n }\n\n return {\n /\n List published products. Includes nested `variants` and `options`.\n \n `category` filters by category slug (matches the FK `category_id`,\n * with a fallback to the legacy `category` text column).\n /\n async getProducts(queryOptions: ProductQueryOptions = {}): Promise<Product[]> {\n const params = new URLSearchParams()\n if (queryOptions.category) params.set(\"category\", queryOptions.category)\n if (queryOptions.tags?.length) params.set(\"tags\", queryOptions.tags.join(\",\"))\n if (queryOptions.limit) params.set(\"limit\", String(queryOptions.limit))\n if (queryOptions.offset) params.set(\"offset\", String(queryOptions.offset))\n if (queryOptions.sort) params.set(\"sort\", queryOptions.sort)\n if (queryOptions.order) params.set(\"order\", queryOptions.order)\n\n const qs = params.toString()\n const { products } = await getJson<{ products: Product[] }>(\n `/api/products${qs ? `?${qs}` : \"\"}`\n )\n return products ?? []\n },\n\n /\n Get a single published product by slug. Returns null if not found.\n * Includes nested `variants` and `options`.\n /\n async getProductBySlug(slug: string): Promise<Product \| null> {\n const res = await fetch(`${appUrl}/api/products/${encodeURIComponent(slug)}`, {\n headers: authHeaders(),\n })\n if (res.status === 404) return null\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? `Failed to fetch product ${slug}`)\n }\n const { product } = (await res.json()) as { product: Product }\n return product ?? null\n },\n\n /\n List product categories for the tenant, ordered by sort_order then name.\n /\n async getCategories(): Promise<ProductCategory[]> {\n const { categories } = await getJson<{ categories: ProductCategory[] }>(\n `/api/product-categories`\n )\n return categories ?? []\n },\n\n /\n Get a single category by slug. Returns null if not found.\n /\n async getCategoryBySlug(slug: string): Promise<ProductCategory \| null> {\n const all = await this.getCategories()\n return all.find((c) => c.slug === slug) ?? null\n },\n\n /\n Create a pending order and return a Stripe PaymentIntent client_secret\n * to confirm payment client-side.\n \n Stripe must be configured for the tenant; eCommerce must be enabled on\n * their billing plan. Validates stock for tracked variants and applies\n * any discount code before creating the PaymentIntent.\n /\n async createOrder(params: CreateOrderParams): Promise<CreateOrderResult> {\n const res = await fetch(`${appUrl}/api/orders/create`, {\n method: \"POST\",\n headers: authHeaders(),\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? \"Order creation failed\")\n }\n return res.json() as Promise<CreateOrderResult>\n },\n }\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport { reportClientVersion } from \"./telemetry\"\n\nexport type EventStatus = \"draft\" \| \"published\" \| \"archived\"\nexport type BookingStatus = \"pending\" \| \"confirmed\" \| \"cancelled\" \| \"refunded\"\n\nexport interface CmsEvent {\n id: string\n tenant_id: string\n title: string\n slug: string\n description: string \| null\n short_description: string \| null\n status: EventStatus\n start_at: string\n end_at: string \| null\n venue_name: string \| null\n venue_address: string \| null\n hero_image: string \| null\n gallery: string[]\n tags: string[]\n seo_title: string \| null\n seo_description: string \| null\n metadata: Record<string, unknown>\n sort_order: number\n published_at: string \| null\n created_at: string\n updated_at: string\n}\n\nexport interface CmsTicketTier {\n id: string\n event_id: string\n tenant_id: string\n name: string\n description: string \| null\n price_cents: number\n capacity: number \| null\n sold_count: number\n sales_start_at: string \| null\n sales_end_at: string \| null\n is_active: boolean\n sort_order: number\n}\n\nexport interface EventWithTiers extends CmsEvent {\n tiers: CmsTicketTier[]\n}\n\nexport interface EventQueryOptions {\n /* Only include events with start_at >= now. Default false. /\n upcomingOnly?: boolean\n tag?: string\n limit?: number\n offset?: number\n sort?: \"start_at\" \| \"sort_order\" \| \"created_at\"\n order?: \"asc\" \| \"desc\"\n}\n\nexport interface CreateBookingParams {\n event_slug: string\n ticket_tier_id?: string\n customer_email: string\n customer_name?: string\n customer_phone?: string\n quantity?: number\n success_url?: string\n cancel_url?: string\n metadata?: Record<string, unknown>\n}\n\nexport interface CreateBookingResult {\n booking_id: string\n booking_number: string\n status: \"pending\" \| \"confirmed\"\n /* Redirect the browser here for paid bookings. /\n checkout_url?: string\n /* Present on free bookings — used for attendance QR display. /\n qr_token?: string\n}\n\nexport function createEventsClient(\n supabase: SupabaseClient,\n options: { apiKey: string; appUrl?: string }\n) {\n const { apiKey, appUrl } = options\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n async function getEvents(\n queryOptions?: EventQueryOptions\n ): Promise<EventWithTiers[]> {\n let query = supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"status\", \"published\")\n .order(queryOptions?.sort ?? \"start_at\", {\n ascending: (queryOptions?.order ?? \"asc\") === \"asc\",\n })\n\n if (queryOptions?.upcomingOnly) {\n query = query.gte(\"start_at\", new Date().toISOString())\n }\n if (queryOptions?.tag) {\n query = query.contains(\"tags\", [queryOptions.tag])\n }\n if (queryOptions?.limit) {\n query = query.limit(queryOptions.limit)\n }\n if (queryOptions?.offset) {\n query = query.range(\n queryOptions.offset,\n queryOptions.offset + (queryOptions.limit ?? 50) - 1\n )\n }\n\n const { data } = await query\n return (data ?? []) as EventWithTiers[]\n }\n\n async function getEventBySlug(slug: string): Promise<EventWithTiers \| null> {\n const { data } = await supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"slug\", slug)\n .eq(\"status\", \"published\")\n .single()\n return (data as EventWithTiers) ?? null\n }\n\n async function createBooking(\n params: CreateBookingParams\n ): Promise<CreateBookingResult> {\n const baseUrl = appUrl ?? \"\"\n const res = await fetch(`${baseUrl}/api/bookings/create`, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const err = await res\n .json()\n .catch(() => ({ error: \"Booking creation failed\" }))\n throw new Error(err.error ?? \"Booking creation failed\")\n }\n return res.json() as Promise<CreateBookingResult>\n }\n\n return { getEvents, getEventBySlug, createBooking }\n}\n","/\n Image helpers for CMS content.\n \n Images are already optimised (WebP, max 2400px) on upload.\n * No server-side transforms needed — serve originals directly.\n \n These functions are kept for backward compatibility but no longer\n * call Supabase image transformation endpoints.\n /\n\nexport interface ImageTransformOptions {\n width?: number\n height?: number\n quality?: number\n resize?: \"contain\" \| \"cover\" \| \"fill\"\n format?: \"origin\"\n}\n\n/\n Returns the image URL directly.\n \n Previously this converted URLs to use Supabase's /render/image/\n * transform endpoint, but images are now pre-optimised on upload\n * (WebP, max 2400px, quality 82) so transforms are unnecessary.\n \n The function is kept for backward compatibility — existing code\n * that calls getTransformUrl() will continue to work without changes.\n /\nexport function getTransformUrl(\n originalUrl: string,\n _options: ImageTransformOptions = {}\n): string {\n return originalUrl\n}\n\n/\n Returns a simple srcSet using the original image.\n \n Previously generated multiple transformed widths, but since images\n * are now pre-optimised WebP, a single source is sufficient.\n * Modern browsers handle responsive display efficiently with a\n * well-sized WebP source.\n /\nexport function getSrcSet(\n originalUrl: string,\n _widths: number[] = [],\n _quality = 80\n): string {\n return `${originalUrl} 2400w`\n}\n\n/\n Common image size presets — kept for backward compatibility.\n * Since images are pre-optimised, these are informational only.\n /\nexport const IMAGE_PRESETS = {\n thumbnail: { width: 150, height: 150, resize: \"cover\" as const, quality: 70 },\n card: { width: 400, height: 300, resize: \"cover\" as const, quality: 80 },\n hero: { width: 1200, height: 630, resize: \"cover\" as const, quality: 85 },\n og: { width: 1200, height: 630, resize: \"cover\" as const, quality: 90 },\n avatar: { width: 80, height: 80, resize: \"cover\" as const, quality: 75 },\n full: { width: 1920, resize: \"contain\" as const, quality: 85 },\n} as const\n","/\n Helpers for verifying outbound webhooks fired by the CMS.\n \n The CMS POSTs JSON to subscriber URLs and signs the raw body with\n * HMAC-SHA256 using the shared secret you set in the Webhooks tab. The hex\n * digest arrives in the `X-CMS-Signature` header.\n \n Use Web Crypto so this works in Node, Edge, Deno, and Bun runtimes.\n /\n\nexport interface WebhookEventPayload {\n event: string\n tenant_id: string\n content_type_slug?: string\n content_item_id?: string\n slug?: string\n title?: string\n status?: string\n /* Stable identifier of the resource that changed (e.g. product id, flipbook id, integration provider). /\n resource_id?: string\n /\n Cache tags the receiver should invalidate. Use {@link revalidateAllTags}\n * to wire this through Next.js's `revalidateTag()` in one line.\n * All tags are namespaced with the `cms:` prefix.\n /\n cache_tags?: string[]\n /* Free-form bag for event-specific extras (e.g. provider name, change counts). /\n data?: Record<string, unknown>\n timestamp: string\n /* Commerce + custom events may attach extra top-level fields. /\n [key: string]: unknown\n}\n\n/\n Verify the HMAC-SHA256 signature on a webhook delivery.\n \n Pass the raw request body (not a parsed JSON object) — re-stringifying\n * a parsed body can change whitespace and invalidate the signature.\n \n Returns `true` when the signature matches in constant time, `false`\n * otherwise. Never throws on a bad signature; only throws if the\n * `crypto.subtle` API is unavailable in the runtime.\n \n @example\n * const raw = await req.text()\n * const sig = req.headers.get(\"x-cms-signature\")\n * if (!await verifyWebhookSignature(process.env.CMS_WEBHOOK_SECRET!, raw, sig)) {\n * return new Response(\"bad signature\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n /\nexport async function verifyWebhookSignature(\n secret: string,\n rawBody: string,\n signature: string \| null \| undefined\n): Promise<boolean> {\n if (!signature \|\| !secret) return false\n\n const subtle = (globalThis.crypto && globalThis.crypto.subtle) \|\| null\n if (!subtle) {\n throw new Error(\n \"verifyWebhookSignature requires the Web Crypto API (globalThis.crypto.subtle). \" +\n \"Available in Node 18+, all Edge runtimes, Deno, and Bun.\"\n )\n }\n\n const encoder = new TextEncoder()\n const key = await subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n )\n const sigBuffer = await subtle.sign(\"HMAC\", key, encoder.encode(rawBody))\n const expected = bufferToHex(sigBuffer)\n\n return timingSafeEqualHex(expected, signature.trim())\n}\n\n/\n The webhook event names the CMS can fire. Use as a discriminator on the\n * `event` field of {@link WebhookEventPayload}.\n \n Most receivers don't need to switch on the event name — every payload\n * carries a `cache_tags` array. Pass it to {@link revalidateAllTags} to\n * invalidate the right Next.js caches in one line.\n /\nexport const WEBHOOK_EVENTS = [\n // Content\n \"content.published\",\n \"content.unpublished\",\n \"content.updated\",\n \"content.deleted\",\n \"content_type.updated\",\n \"content_type.deleted\",\n // Settings (diffed — only fires when a relevant field actually changed)\n \"settings.tracking_updated\",\n \"settings.brand_updated\",\n \"settings.integration_updated\",\n // Commerce\n \"products.updated\",\n \"product_categories.updated\",\n \"ticket_tiers.updated\",\n \"membership_tiers.updated\",\n \"order.created\",\n \"order.paid\",\n \"order.payment_failed\",\n \"order.refunded\",\n \"order.shipped\",\n \"booking.confirmed\",\n \"inventory.low_stock\",\n // Site\n \"redirects.updated\",\n \"reviews.synced\",\n \"flipbook.ready\",\n] as const\n\nexport type WebhookEvent = (typeof WEBHOOK_EVENTS)[number]\n\n/\n Invalidate every cache tag listed in a webhook payload. Call this from your\n * receiver and most events will Just Work without per-event branching.\n \n Pass Next.js's `revalidateTag` (or any function with the same shape) — the\n * SDK has no peer dep on `next/cache`, so the import stays in your code.\n \n Next 16 compatibility. In Next 16, `revalidateTag(tag)` was made into\n * `revalidateTag(tag, profile)`, and calling it with one argument emits a\n * deprecation warning. The cache profile controls expiry — `\"default\"` and\n * `\"max\"` both have non-zero `expire` values and will not invalidate the\n * cache. Immediate invalidation requires `{ expire: 0 }`, which isn't\n * documented in the function reference. This helper always passes\n * `{ expire: 0 }` as the second argument, so it does the right thing on Next 16\n * and is silently ignored by Next 14/15.\n \n @example\n * import { revalidateTag } from \"next/cache\"\n * import { revalidateAllTags } from \"@distinctagency/cms-client\"\n \n export async function POST(req: Request) {\n * const raw = await req.text()\n * if (!await verifyWebhookSignature(SECRET, raw, req.headers.get(\"x-cms-signature\"))) {\n * return new Response(\"bad sig\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n * revalidateAllTags(payload, revalidateTag)\n * return Response.json({ ok: true })\n * }\n /\nexport function revalidateAllTags(\n payload: Pick<WebhookEventPayload, \"cache_tags\">,\n revalidateTag: (tag: string, profile: { expire?: number }) => unknown\n): string[] {\n const tags = payload.cache_tags\n if (!Array.isArray(tags) \|\| tags.length === 0) return []\n const invalidated: string[] = []\n for (const tag of tags) {\n if (typeof tag !== \"string\" \|\| tag.length === 0) continue\n revalidateTag(tag, { expire: 0 })\n invalidated.push(tag)\n }\n return invalidated\n}\n\nfunction bufferToHex(buf: ArrayBuffer): string {\n const bytes = new Uint8Array(buf)\n let out = \"\"\n for (let i = 0; i < bytes.length; i++) {\n out += bytes[i].toString(16).padStart(2, \"0\")\n }\n return out\n}\n\n/\n Constant-time equality check on two hex strings. Returns false fast when\n * lengths differ — the length itself is not secret.\n */\nfunction timingSafeEqualHex(a: string, b: string): boolean {\n if (a.length !== b.length) return false\n let mismatch = 0\n for (let i = 0; i < a.length; i++) {\n mismatch \|= a.charCodeAt(i) ^ b.charCodeAt(i)\n }\n return mismatch === 0\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACOO,IAAM,qBAAqB;;;ACPlC,yBAAqD;;;ACarD,IAAM,kBAAkB;AAOxB,IAAM,WAAW,oBAAI,IAA0B;AAE/C,SAAS,WAAmB;AAC1B,UAAO,oBAAI,KAAK,GAAE,YAAY,EAAE,MAAM,GAAG,EAAE;AAC7C;AAEO,SAAS,oBAAoB,QAAgB,QAAuB;AAEzE,MAAI,OAAO,WAAW,YAAa;AACnC,MAAI,CAAC,OAAQ;AAEb,QAAM,QAAQ,SAAS;AACvB,QAAM,OAAO,SAAS,IAAI,MAAM;AAChC,MAAI,QAAQ,KAAK,SAAS,SAAS,KAAK,YAAY,mBAAoB;AAIxE,WAAS,IAAI,QAAQ,EAAE,MAAM,OAAO,SAAS,mBAAmB,CAAC;AAEjE,QAAM,YACJ,OAAO,YAAY,cAAc,QAAQ,KAAK,sBAAsB;AACtE,QAAM,QAAQ,UAAU,aAAa,iBAAiB,QAAQ,OAAO,EAAE;AACvE,QAAM,MAAM,GAAG,IAAI;AAInB,OAAK,MAAM,KAAK;AAAA,IACd,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,IACA,MAAM,KAAK,UAAU;AAAA,MACnB,SAAS;AAAA,MACT,SAAS;AAAA,IACX,CAAC;AAAA,EACH,CAAC,EAAE,MAAM,MAAM;AAEb,aAAS,OAAO,MAAM;AAAA,EACxB,CAAC;AACH;;;ADpCO,SAAS,gBACd,UACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AAGnB,QAAM,SAAS,WAAW,UAAU,MAAM;AAG1C,sBAAoB,QAAQ,QAAQ,MAAM;AAG1C,MAAI,gBAA+B;AAEnC,iBAAe,cAA+B;AAC5C,QAAI,cAAe,QAAO;AAE1B,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,SAAS,EACd,OAAO,IAAI,EACX,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,oBAAgB,KAAK;AACrB,WAAO,KAAK;AAAA,EACd;AAGA,QAAM,mBAAmB,oBAAI,IAAyB;AAEtD,iBAAe,qBAAqB,iBAA+C;AACjF,QAAI,iBAAiB,IAAI,eAAe,EAAG,QAAO,iBAAiB,IAAI,eAAe;AACtF,UAAM,WAAW,MAAM,YAAY;AAEnC,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,IAC9D;AAEA,UAAM,KAAK;AACX,qBAAiB,IAAI,iBAAiB,EAAE;AACxC,WAAO;AAAA,EACT;AAEA,iBAAe,iBAAiB,iBAA0C;AACxE,UAAM,KAAK,MAAM,qBAAqB,eAAe;AACrD,WAAO,GAAG;AAAA,EACZ;AAGA,iBAAe,kBACb,aACA,aAC4D;AAC5D,UAAM,iBAAiB,YAAY;AACnC,QAAI,CAAC,eAAgB,QAAO,EAAE,SAAS,MAAM,cAAc,KAAK;AAEhE,QAAI,CAAC,YAAa,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAG9D,UAAM,EAAE,MAAM,QAAQ,IAAI,MAAM,OAC7B,KAAK,iBAAiB,EACtB,OAAO,WAAW,EAClB,GAAG,cAAc,WAAW,EAC5B,OAAO;AAEV,QAAI,CAAC,QAAS,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAE1D,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,OAC5B,KAAK,SAAS,EACd,OAAO,4BAA4B,EACnC,GAAG,MAAM,QAAQ,SAAS,EAC1B,OAAO;AAEV,QAAI,CAAC,UAAU,OAAO,WAAW,SAAU,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAIvF,WAAO;AAAA,MACL,SAAS,OAAO,uBAAuB;AAAA,MACvC,cAAc,OAAO;AAAA,IACvB;AAAA,EACF;AAEA,iBAAe,YAAY,IAA8D;AACvF,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,WAAW,EAChB,OAAO,sEAAsE,EAC7E,GAAG,MAAM,EAAE,EACX,OAAO;AACV,QAAI,SAAS,CAAC,KAAM,QAAO;AAE3B,UAAM,WAAW,KAAK;AAGtB,QAAI,CAAC,UAAU;AACb,aAAO;AAAA,QACL,IAAI,KAAK;AAAA,QACT,OAAO,KAAK;AAAA,QACZ,YAAa,KAAK,cAAyB;AAAA,QAC3C,QAAQ,KAAK;AAAA,QACb,aAAa,CAAC;AAAA,QACd,KAAK,CAAC;AAAA,QACN,cAAc;AAAA,MAChB;AAAA,IACF;AAMA,UAAM,OAAQ,WAA0E;AACxF,UAAM,UAAU,MAAM,KAAK,6BAA6B;AACxD,UAAM,SAAS,aAAa,KAAK,SAAmB,IAAI,KAAK,EAAY;AACzE,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,YAAa,KAAK,cAAyB,SAAS,MAAM;AAAA,MAC1D,QAAQ,KAAK;AAAA,MACb,aAAa,SAAS,MAAM,IAAI,CAAC,OAAO;AAAA,QACtC,KAAK,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACnC,WAAW,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACzC,GAAG,EAAE;AAAA,QACL,GAAG,EAAE;AAAA,MACP,EAAE;AAAA,MACF,KAAK,SAAS;AAAA,MACd,cAAc,KAAK,mBACf,GAAG,QAAQ,UAAU,EAAE,kBAAkB,KAAK,EAAY,cAC1D;AAAA,IACN;AAAA,EACF;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA,IAKL,MAAM,gBACJ,iBACAA,WAA+B,CAAC,GACiB;AACjD,YAAM,cAAc,MAAM,qBAAqB,eAAe;AAE9D,YAAM;AAAA,QACJ,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,QACjB,QAAQ;AAAA,QACR,SAAS;AAAA,QACT;AAAA,MACF,IAAIA;AAGJ,YAAM,SAAS,MAAM,kBAAkB,aAAa,WAAW;AAG/D,UAAI,CAAC,OAAO,WAAW,YAAY,6BAA6B;AAE9D,cAAM,WAAW,MAAM,YAAY;AACnC,cAAM,EAAE,MAAM,SAAS,IAAI,MAAM,OAC9B,KAAK,iBAAiB,EACtB,OAAO,wBAAwB,EAC/B,GAAG,aAAa,QAAQ,EACxB,OAAO;AAEV,cAAM,OAAQ,UAAU,0BAAqC;AAE7D,YAAI,SAAS,QAAQ;AACnB,iBAAO,CAAC;AAAA,QACV;AAGA,YAAIC,SAAQ,OACT,KAAK,eAAe,EACpB,OAAO,oHAAoH,EAC3H,GAAG,mBAAmB,YAAY,EAAE;AAEvC,YAAI,OAAQ,CAAAA,SAAQA,OAAM,GAAG,UAAU,MAAM;AAC7C,QAAAA,SAAQA,OACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,cAAM,EAAE,MAAAC,OAAM,OAAAC,OAAM,IAAI,MAAMF;AAC9B,YAAIE,OAAO,OAAM,IAAI,MAAM,mBAAmB,eAAe,KAAKA,OAAM,OAAO,EAAE;AAEjF,gBAAQD,SAAQ,CAAC,GAAG,IAAI,CAAC,UAAU;AAAA,UACjC,GAAG;AAAA,UACH,MAAM,CAAC;AAAA,UACP,QAAQ;AAAA,QACV,EAAE;AAAA,MACJ;AAGA,UAAI,QAAQ,OACT,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,YAAY,EAAE;AAEvC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,mBAAmB,eAAe,KAAK,MAAM,OAAO,EAAE;AAAA,MACxE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBACJ,iBACA,UAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,aAAa,EACnC,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,OAAO;AACT,YAAI,MAAM,SAAS,WAAY,QAAO;AACtC,cAAM,IAAI;AAAA,UACR,mBAAmB,eAAe,IAAI,QAAQ,KAAK,MAAM,OAAO;AAAA,QAClE;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,eAAe,iBAA+C;AAClE,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,UAAI,SAAS,CAAC,MAAM;AAClB,cAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,MAC9D;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,YACJ,iBAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,MAAM,EACb,GAAG,mBAAmB,aAAa,EACnC,GAAG,UAAU,WAAW;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,6BAA6B,eAAe,KAAK,MAAM,OAAO;AAAA,QAChE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAA0C;AAC9C,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,MAAM,MAAM;AAEf,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,kCAAkC,MAAM,OAAO,EAAE;AAAA,MACnE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAM,aACJ,iBACmD;AACnD,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,gBAAgB,EACrB,OAAO,oBAAoB,EAC3B,GAAG,mBAAmB,aAAa;AAEtC,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,iCAAiC,eAAe,KAAK,MAAM,OAAO;AAAA,QACpE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBAEJ;AACA,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,kBAAkB,EACvB,OAAO,0CAA0C,EACjD,GAAG,aAAa,QAAQ;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,qCAAqC,MAAM,OAAO,EAAE;AAAA,MACtE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IAKnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,mBACJ,UACAF,WAAgE,CAAC,GAC7B;AACpC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,KAAK,IAAI,MAAM,OAC1B,KAAK,OAAO,EACZ,OAAO,IAAI,EACX,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,CAAC,KAAM,QAAO,CAAC;AAEnB,YAAM,EAAE,QAAQ,IAAI,SAAS,GAAG,OAAO,IAAIA;AAE3C,UAAI,QAAQ,OACT,KAAK,kBAAkB,EACvB,OAAO,GAAG,EACV,GAAG,WAAW,KAAK,EAAE,EACrB,GAAG,WAAW,KAAK,EACnB,MAAM,cAAc,EAAE,WAAW,MAAM,CAAC,EACxC,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,YAAM,EAAE,KAAK,IAAI,MAAM;AACvB,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,QACJ,UACyC;AACzC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,KAAK,IAAI,MAAM,OACpB,KAAK,OAAO,EACZ,OAAO,wCAAwC,EAC/C,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,WACJA,WAA8B,CAAC,GACN;AACzB,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM;AAAA,QACJ,SAAS;AAAA,QACT;AAAA,QACA,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,MACnB,IAAIA;AAEJ,UAAI,QAAQ,OACT,KAAK,gBAAgB,EACrB,OAAO,mEAAmE,EAC1E,GAAG,aAAa,QAAQ;AAE3B,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,UAAI,WAAW;AACb,gBAAQ,MAAM,IAAI,UAAU,SAAS;AAAA,MACvC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,4BAA4B,MAAM,OAAO,EAAE;AAAA,MAC7D;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,kBAAkBA,WAAiC,CAAC,GAA4B;AACpF,YAAM,EAAE,aAAa,MAAM,OAAO,CAAC,mBAAmB,EAAE,IAAIA;AAC5D,YAAM,cAAe,SAAgD;AACrE,YAAM,cAAe,SAAgD;AAMrE,YAAM,MACJ,GAAG,WAAW;AAGhB,YAAM,OAAkF;AAAA,QACtF,SAAS;AAAA,UACP,QAAQ;AAAA,UACR,eAAe,UAAU,WAAW;AAAA,UACpC,iBAAiB;AAAA,UACjB,wBAAwB;AAAA,UACxB,QAAQ;AAAA,QACV;AAAA,QACA,MAAM,EAAE,YAAY,KAAK;AAAA,MAC3B;AAEA,UAAI;AAOJ,UAAI;AACF,cAAM,MAAM,MAAM,MAAM,KAAK,IAAmB;AAChD,YAAI,IAAI,IAAI;AACV,gBAAM,OAAQ,MAAM,IAAI,KAAK;AAC7B,gBAAM,OAAO,CAAC;AAAA,QAChB;AAAA,MACF,QAAQ;AAAA,MAGR;AAEA,aAAO;AAAA,QACL,mBAAmB,QAAQ,KAAK,mBAAmB;AAAA,QACnD,oBAAoB,QAAQ,KAAK,qBAAqB;AAAA,QACtD,aAAa,QAAQ,KAAK,aAAa;AAAA,QACvC,aAAa,QAAQ,KAAK,aAAa;AAAA,MACzC;AAAA,IACF;AAAA,EACF;AACF;AAQO,IAAM,sBAAsB;AAkBnC,SAAS,QAAQ,GAA6C;AAC5D,MAAI,CAAC,EAAG,QAAO;AACf,QAAM,UAAU,EAAE,KAAK;AACvB,SAAO,QAAQ,SAAS,IAAI,UAAU;AACxC;AAaA,SAAS,WAAW,UAA0B,QAAgB;AAE5D,QAAM,cAAe,SAAgD;AACrE,QAAM,cAAe,SAAgD;AAErE,aAAO,mBAAAI,cAAqB,aAAa,aAAa;AAAA,IACpD,QAAQ;AAAA,MACN,SAAS;AAAA,QACP,iBAAiB;AAAA,QACjB,wBAAwB;AAAA,MAC1B;AAAA,IACF;AAAA,EACF,CAAC;AACH;;;AEnmBA,SAAS,iBAAiB,OAAuB;AAC/C,QAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,MAAI,MAAM,WAAW,EAAG,QAAO;AAC/B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,MAAI,CAAC,KAAK,CAAC,KAAK,KAAK,KAAK,KAAK,EAAG,QAAO;AACzC,SAAO,GAAG,CAAC,IAAI,CAAC;AAClB;AAMO,SAAS,aAAa,OAAwB;AACnD,MAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAChD,QAAM,QAAQ;AACd,MAAI,CAAC,MAAM,OAAO,CAAC,MAAM,IAAI,WAAW,UAAU,EAAG,QAAO;AAE5D,QAAM,QAAQ,MAAM,SAAS;AAC7B,QAAM,cAAc,iBAAiB,MAAM,gBAAgB,MAAM;AAEjE,SAAO,uCAAuC,KAAK,iBAAiB,WAAW,kBAAkB,MAAM,GAAG;AAC5G;;;ACbA,IAAMC,mBAAkB;AAuBjB,SAAS,iBACd,WACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,QAAM,UAAU,QAAQ,UAAUA,kBAAiB,QAAQ,OAAO,EAAE;AAGpE,sBAAoB,QAAQ,MAAM;AAElC,WAAS,cAA2B;AAClC,WAAO;AAAA,MACL,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,EACF;AAEA,iBAAe,QAAW,MAA0B;AAClD,UAAM,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,IAAI,IAAI;AAAA,MAC1C,SAAS,YAAY;AAAA;AAAA,IAEvB,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,YAAM,IAAI;AAAA,QACR,KAAK,SAAS,wBAAwB,IAAI,MAAM,MAAM,IAAI;AAAA,MAC5D;AAAA,IACF;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOL,MAAM,YAAY,eAAoC,CAAC,GAAuB;AAC5E,YAAM,SAAS,IAAI,gBAAgB;AACnC,UAAI,aAAa,SAAU,QAAO,IAAI,YAAY,aAAa,QAAQ;AACvE,UAAI,aAAa,MAAM,OAAQ,QAAO,IAAI,QAAQ,aAAa,KAAK,KAAK,GAAG,CAAC;AAC7E,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,OAAO,aAAa,KAAK,CAAC;AACtE,UAAI,aAAa,OAAQ,QAAO,IAAI,UAAU,OAAO,aAAa,MAAM,CAAC;AACzE,UAAI,aAAa,KAAM,QAAO,IAAI,QAAQ,aAAa,IAAI;AAC3D,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,aAAa,KAAK;AAE9D,YAAM,KAAK,OAAO,SAAS;AAC3B,YAAM,EAAE,SAAS,IAAI,MAAM;AAAA,QACzB,gBAAgB,KAAK,IAAI,EAAE,KAAK,EAAE;AAAA,MACpC;AACA,aAAO,YAAY,CAAC;AAAA,IACtB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,iBAAiB,MAAuC;AAC5D,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,iBAAiB,mBAAmB,IAAI,CAAC,IAAI;AAAA,QAC5E,SAAS,YAAY;AAAA,MACvB,CAAC;AACD,UAAI,IAAI,WAAW,IAAK,QAAO;AAC/B,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,2BAA2B,IAAI,EAAE;AAAA,MACjE;AACA,YAAM,EAAE,QAAQ,IAAK,MAAM,IAAI,KAAK;AACpC,aAAO,WAAW;AAAA,IACpB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,gBAA4C;AAChD,YAAM,EAAE,WAAW,IAAI,MAAM;AAAA,QAC3B;AAAA,MACF;AACA,aAAO,cAAc,CAAC;AAAA,IACxB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAAkB,MAA+C;AACrE,YAAM,MAAM,MAAM,KAAK,cAAc;AACrC,aAAO,IAAI,KAAK,CAAC,MAAM,EAAE,SAAS,IAAI,KAAK;AAAA,IAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,QAAuD;AACvE,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,sBAAsB;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS,YAAY;AAAA,QACrB,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,MACrD,CAAC;AACD,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,uBAAuB;AAAA,MACvD;AACA,aAAO,IAAI,KAAK;AAAA,IAClB;AAAA,EACF;AACF;;;AChEO,SAAS,mBACd,UACA,SACA;AACA,QAAM,EAAE,QAAQ,OAAO,IAAI;AAG3B,sBAAoB,QAAQ,MAAM;AAElC,iBAAe,UACb,cAC2B;AAC3B,QAAI,QAAQ,SACT,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,UAAU,WAAW,EACxB,MAAM,cAAc,QAAQ,YAAY;AAAA,MACvC,YAAY,cAAc,SAAS,WAAW;AAAA,IAChD,CAAC;AAEH,QAAI,cAAc,cAAc;AAC9B,cAAQ,MAAM,IAAI,aAAY,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,IACxD;AACA,QAAI,cAAc,KAAK;AACrB,cAAQ,MAAM,SAAS,QAAQ,CAAC,aAAa,GAAG,CAAC;AAAA,IACnD;AACA,QAAI,cAAc,OAAO;AACvB,cAAQ,MAAM,MAAM,aAAa,KAAK;AAAA,IACxC;AACA,QAAI,cAAc,QAAQ;AACxB,cAAQ,MAAM;AAAA,QACZ,aAAa;AAAA,QACb,aAAa,UAAU,aAAa,SAAS,MAAM;AAAA,MACrD;AAAA,IACF;AAEA,UAAM,EAAE,KAAK,IAAI,MAAM;AACvB,WAAQ,QAAQ,CAAC;AAAA,EACnB;AAEA,iBAAe,eAAe,MAA8C;AAC1E,UAAM,EAAE,KAAK,IAAI,MAAM,SACpB,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,QAAQ,IAAI,EACf,GAAG,UAAU,WAAW,EACxB,OAAO;AACV,WAAQ,QAA2B;AAAA,EACrC;AAEA,iBAAe,cACb,QAC8B;AAC9B,UAAM,UAAU,UAAU;AAC1B,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,wBAAwB;AAAA,MACxD,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,IACrD,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,MAAM,MAAM,IACf,KAAK,EACL,MAAM,OAAO,EAAE,OAAO,0BAA0B,EAAE;AACrD,YAAM,IAAI,MAAM,IAAI,SAAS,yBAAyB;AAAA,IACxD;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO,EAAE,WAAW,gBAAgB,cAAc;AACpD;;;AC1HO,SAAS,gBACd,aACA,WAAkC,CAAC,GAC3B;AACR,SAAO;AACT;AAUO,SAAS,UACd,aACA,UAAoB,CAAC,GACrB,WAAW,IACH;AACR,SAAO,GAAG,WAAW;AACvB;AAMO,IAAM,gBAAgB;AAAA,EAC3B,WAAW,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EAC5E,MAAM,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACxE,IAAI,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACtE,QAAQ,EAAE,OAAO,IAAI,QAAQ,IAAI,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,WAAoB,SAAS,GAAG;AAC/D;;;ACXA,eAAsB,uBACpB,QACA,SACA,WACkB;AAClB,MAAI,CAAC,aAAa,CAAC,OAAQ,QAAO;AAElC,QAAM,SAAU,WAAW,UAAU,WAAW,OAAO,UAAW;AAClE,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAEA,QAAM,UAAU,IAAI,YAAY;AAChC,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB;AAAA,IACA,QAAQ,OAAO,MAAM;AAAA,IACrB,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAChC;AAAA,IACA,CAAC,MAAM;AAAA,EACT;AACA,QAAM,YAAY,MAAM,OAAO,KAAK,QAAQ,KAAK,QAAQ,OAAO,OAAO,CAAC;AACxE,QAAM,WAAW,YAAY,SAAS;AAEtC,SAAO,mBAAmB,UAAU,UAAU,KAAK,CAAC;AACtD;AAUO,IAAM,iBAAiB;AAAA;AAAA,EAE5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AACF;AAkCO,SAAS,kBACd,SACA,eACU;AACV,QAAM,OAAO,QAAQ;AACrB,MAAI,CAAC,MAAM,QAAQ,IAAI,KAAK,KAAK,WAAW,EAAG,QAAO,CAAC;AACvD,QAAM,cAAwB,CAAC;AAC/B,aAAW,OAAO,MAAM;AACtB,QAAI,OAAO,QAAQ,YAAY,IAAI,WAAW,EAAG;AACjD,kBAAc,KAAK,EAAE,QAAQ,EAAE,CAAC;AAChC,gBAAY,KAAK,GAAG;AAAA,EACtB;AACA,SAAO;AACT;AAEA,SAAS,YAAY,KAA0B;AAC7C,QAAM,QAAQ,IAAI,WAAW,GAAG;AAChC,MAAI,MAAM;AACV,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,WAAO,MAAM,CAAC,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,EAC9C;AACA,SAAO;AACT;AAMA,SAAS,mBAAmB,GAAW,GAAoB;AACzD,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI,WAAW;AACf,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK;AACjC,gBAAY,EAAE,WAAW,CAAC,IAAI,EAAE,WAAW,CAAC;AAAA,EAC9C;AACA,SAAO,aAAa;AACtB;","names":["options","query","data","error","createSupabaseClient","DEFAULT_APP_URL"]}
1	+ {"version":3,"sources":["../src/index.ts","../src/version.ts","../src/queries.ts","../src/telemetry.ts","../src/embed.ts","../src/shop.ts","../src/events.ts","../src/cdn.ts","../src/date.ts","../src/webhooks.ts"],"sourcesContent":["// Server-safe exports — no React, no \"use client\"\nexport { CMS_CLIENT_VERSION } from \"./version\"\nexport { createCmsClient, TRACKING_CONFIG_TAG } from \"./queries\"\nexport type { TrackingConfig, TrackingConfigOptions } from \"./queries\"\nexport { getEmbedHtml } from \"./embed\"\nexport { createShopClient } from \"./shop\"\nexport { createEventsClient } from \"./events\"\nexport type {\n CmsEvent,\n CmsTicketTier,\n EventWithTiers,\n EventQueryOptions,\n CreateBookingParams,\n CreateBookingResult,\n EventStatus,\n BookingStatus,\n} from \"./events\"\nexport { getTransformUrl, getSrcSet, IMAGE_PRESETS } from \"./cdn\"\nexport type { ImageTransformOptions } from \"./cdn\"\nexport { parsePartialDate, formatPartialDate } from \"./date\"\nexport type { ParsedPartialDate, FormatPartialDateOptions } from \"./date\"\nexport { verifyWebhookSignature, revalidateAllTags, WEBHOOK_EVENTS } from \"./webhooks\"\nexport type { WebhookEvent, WebhookEventPayload } from \"./webhooks\"\nexport type {\n FieldType,\n FieldDefinition,\n DateGranularity,\n Tenant,\n Profile,\n ContentType,\n ContentItem,\n MediaItem,\n MediaFolder,\n ContentQueryOptions,\n CmsClientOptions,\n TenantMembership,\n ImageConfig,\n ContentTypeSeoConfig,\n Product,\n ProductStatus,\n ProductCategory,\n ProductVariant,\n ProductOption,\n OrderAddress,\n OrderStatus,\n PaymentStatus,\n OrderLineItem,\n DiscountType,\n CreateOrderParams,\n CreateOrderResult,\n ProductQueryOptions,\n MembershipTier,\n Member,\n GoogleReview,\n ReviewQueryOptions,\n EmbedValue,\n FlipbookPagePublic,\n FlipbookTocEntryPublic,\n FlipbookPublic,\n} from \"./types\"\n","/*\n The version of @distinctagency/cms-client embedded in this build.\n \n Bump this in lock-step with package.json — the value is read by the SDK to\n * report installed-version telemetry and to send `x-cms-client-version` on\n * outgoing requests.\n /\nexport const CMS_CLIENT_VERSION = \"1.21.0\"\n","import { createClient as createSupabaseClient } from \"@supabase/supabase-js\"\nimport type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n CmsClientOptions,\n ContentItem,\n ContentQueryOptions,\n ContentType,\n GoogleReview,\n ReviewQueryOptions,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\n/\n Creates a CMS query client authenticated with a tenant API key.\n \n Usage:\n * ```ts\n * const cms = createCmsClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const events = await cms.getContentItems('events', { status: 'published' })\n * ```\n \n The API key is sent as an `x-cms-api-key` header on every request.\n * Supabase RLS policies validate it against the tenant's stored key.\n /\nexport function createCmsClient(\n supabase: SupabaseClient,\n options: CmsClientOptions\n) {\n const { apiKey } = options\n\n // Create a new Supabase client with the API key header injected globally\n const client = withApiKey(supabase, apiKey) as SupabaseClient\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, options.appUrl)\n\n /* Resolve the tenant ID from the API key (cached per request) /\n let tenantIdCache: string \| null = null\n\n async function getTenantId(): Promise<string> {\n if (tenantIdCache) return tenantIdCache\n\n const { data, error } = await client\n .from(\"tenants\")\n .select(\"id\")\n .single()\n\n if (error \|\| !data) {\n throw new Error(\n \"Invalid CMS API key — no tenant found. Check your apiKey.\"\n )\n }\n\n tenantIdCache = data.id\n return data.id\n }\n\n /* Resolve a content type from its slug (cached) /\n const contentTypeCache = new Map<string, ContentType>()\n\n async function getContentTypeBySlug(contentTypeSlug: string): Promise<ContentType> {\n if (contentTypeCache.has(contentTypeSlug)) return contentTypeCache.get(contentTypeSlug)!\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n const ct = data as ContentType\n contentTypeCache.set(contentTypeSlug, ct)\n return ct\n }\n\n async function getContentTypeId(contentTypeSlug: string): Promise<string> {\n const ct = await getContentTypeBySlug(contentTypeSlug)\n return ct.id\n }\n\n /** Check if a member token has access to a gated content type /\n async function checkMemberAccess(\n contentType: ContentType,\n memberToken?: string\n ): Promise<{ allowed: boolean; memberTierId: string \| null }> {\n const requiredTierId = contentType.required_membership_tier_id\n if (!requiredTierId) return { allowed: true, memberTierId: null } // Public\n\n if (!memberToken) return { allowed: false, memberTierId: null } // Gated but no token\n\n // Verify the member's token and check their tier\n const { data: session } = await client\n .from(\"member_sessions\")\n .select(\"member_id\")\n .eq(\"token_hash\", memberToken) // Note: caller should hash the token\n .single()\n\n if (!session) return { allowed: false, memberTierId: null }\n\n const { data: member } = await client\n .from(\"members\")\n .select(\"membership_tier_id, status\")\n .eq(\"id\", session.member_id)\n .single()\n\n if (!member \|\| member.status !== \"active\") return { allowed: false, memberTierId: null }\n\n // Check if the member's tier matches (or exceeds) the required tier\n // For now: exact match or the member has the required tier\n return {\n allowed: member.membership_tier_id === requiredTierId,\n memberTierId: member.membership_tier_id as string \| null,\n }\n }\n\n async function getFlipbook(id: string): Promise<import(\"./types\").FlipbookPublic \| null> {\n const { data, error } = await client\n .from(\"flipbooks\")\n .select(\"id, title, page_count, status, manifest, download_enabled, tenant_id\")\n .eq(\"id\", id)\n .single()\n if (error \|\| !data) return null\n\n const manifest = data.manifest as\n \| { pages: Array<{ image: string; thumb: string; w: number; h: number }>; toc: Array<{ title: string; page: number }> }\n \| null\n if (!manifest) {\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? 0,\n status: data.status as \"pending_upload\" \| \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: [],\n toc: [],\n download_url: null,\n }\n }\n\n // Browser-safe env lookup via globalThis. The client package builds without\n // @types/node so referring to `process` directly fails the dts build; reading\n // through globalThis sidesteps that and works in every JS environment that\n // matters (Node, browsers, edge runtimes).\n const proc = (globalThis as { process?: { env?: Record<string, string \| undefined> } }).process\n const cdnBase = proc?.env?.NEXT_PUBLIC_R2_PUBLIC_URL ?? \"https://cdn.distinctstudio.co.nz\"\n const prefix = `flipbooks/${data.tenant_id as string}/${data.id as string}/`\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? manifest.pages.length,\n status: data.status as \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: manifest.pages.map((p) => ({\n url: `${cdnBase}/${prefix}${p.image}`,\n thumb_url: `${cdnBase}/${prefix}${p.thumb}`,\n w: p.w,\n h: p.h,\n })),\n toc: manifest.toc,\n download_url: data.download_enabled\n ? `${options.appUrl ?? \"\"}/api/flipbooks/${data.id as string}/download`\n : null,\n }\n }\n\n return {\n /\n List content items for a content type.\n * Defaults to published items ordered by most recent.\n /\n async getContentItems(\n contentTypeSlug: string,\n options: ContentQueryOptions = {}\n ): Promise<(ContentItem & { locked?: boolean })[]> {\n const contentType = await getContentTypeBySlug(contentTypeSlug)\n\n const {\n status = \"published\",\n orderBy = \"published_at\",\n orderDirection = \"desc\",\n limit = 100,\n offset = 0,\n memberToken,\n } = options\n\n // Check membership access\n const access = await checkMemberAccess(contentType, memberToken)\n\n // If gated and no access, check gating mode\n if (!access.allowed && contentType.required_membership_tier_id) {\n // Get tenant settings for gating mode\n const tenantId = await getTenantId()\n const { data: settings } = await client\n .from(\"tenant_settings\")\n .select(\"membership_gating_mode\")\n .eq(\"tenant_id\", tenantId)\n .single()\n\n const mode = (settings?.membership_gating_mode as string) ?? \"teaser\"\n\n if (mode === \"hide\") {\n return [] // Hide: return nothing\n }\n\n // Teaser mode: return items with locked flag, no body/data\n let query = client\n .from(\"content_items\")\n .select(\"id, title, slug, status, excerpt, seo_title, seo_description, featured_image, published_at, created_at, updated_at\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) query = query.eq(\"status\", status)\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n if (error) throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n\n return (data ?? []).map((item) => ({\n ...item,\n data: {},\n locked: true,\n })) as (ContentItem & { locked: boolean })[]\n }\n\n // Full access\n let query = client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n }\n\n return (data ?? []) as ContentItem[]\n },\n\n /*\n Get a single content item by its slug.\n * Returns null if not found.\n /\n async getContentItemBySlug(\n contentTypeSlug: string,\n itemSlug: string\n ): Promise<ContentItem \| null> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"slug\", itemSlug)\n .single()\n\n if (error) {\n if (error.code === \"PGRST116\") return null // not found\n throw new Error(\n `Failed to fetch ${contentTypeSlug}/${itemSlug}: ${error.message}`\n )\n }\n\n return data as ContentItem\n },\n\n /*\n Get a content type definition (including its field schema).\n /\n async getContentType(contentTypeSlug: string): Promise<ContentType> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n return data as ContentType\n },\n\n /*\n Get all slugs for a content type (for generateStaticParams).\n /\n async getAllSlugs(\n contentTypeSlug: string\n ): Promise<{ slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"slug\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"status\", \"published\")\n\n if (error) {\n throw new Error(\n `Failed to fetch slugs for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { slug: string }[]\n },\n\n /\n List all content types for this tenant.\n /\n async getContentTypes(): Promise<ContentType[]> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .order(\"name\")\n\n if (error) {\n throw new Error(`Failed to fetch content types: ${error.message}`)\n }\n\n return (data ?? []) as ContentType[]\n },\n\n /*\n Get all slug redirects for a content type.\n * Use in next.config.js redirects() or middleware for 301s.\n * Returns: [{ old_slug, new_slug }, ...]\n /\n async getRedirects(\n contentTypeSlug: string\n ): Promise<{ old_slug: string; new_slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"slug_redirects\")\n .select(\"old_slug, new_slug\")\n .eq(\"content_type_id\", contentTypeId)\n\n if (error) {\n throw new Error(\n `Failed to fetch redirects for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { old_slug: string; new_slug: string }[]\n },\n\n /\n Get all custom path redirects for this tenant.\n * Use alongside getRedirects() in next.config.ts for full redirect coverage.\n /\n async getCustomRedirects(): Promise<\n { source_path: string; destination_path: string; permanent: boolean }[]\n > {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"custom_redirects\")\n .select(\"source_path, destination_path, permanent\")\n .eq(\"tenant_id\", tenantId)\n\n if (error) {\n throw new Error(`Failed to fetch custom redirects: ${error.message}`)\n }\n\n return (data ?? []) as {\n source_path: string\n destination_path: string\n permanent: boolean\n }[]\n },\n\n /\n Get form submissions for a specific form.\n * Useful for displaying testimonials, reviews, etc.\n /\n async getFormSubmissions(\n formSlug: string,\n options: { status?: string; limit?: number; offset?: number } = {}\n ): Promise<Record<string, unknown>[]> {\n const tenantId = await getTenantId()\n\n const { data: form } = await client\n .from(\"forms\")\n .select(\"id\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n if (!form) return []\n\n const { limit = 50, offset = 0, status } = options\n\n let query = client\n .from(\"form_submissions\")\n .select(\"\")\n .eq(\"form_id\", form.id)\n .eq(\"is_spam\", false)\n .order(\"created_at\", { ascending: false })\n .range(offset, offset + limit - 1)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n const { data } = await query\n return (data ?? []) as Record<string, unknown>[]\n },\n\n /*\n Get a form configuration by slug.\n /\n async getForm(\n formSlug: string\n ): Promise<Record<string, unknown> \| null> {\n const tenantId = await getTenantId()\n\n const { data } = await client\n .from(\"forms\")\n .select(\"id, name, slug, description, is_active\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n return data as Record<string, unknown> \| null\n },\n\n /\n Get a flipbook by ID, including CDN-resolved page image URLs.\n * Returns null if not found or manifest not yet ready.\n /\n getFlipbook,\n\n /\n Get Google Reviews for this tenant.\n * Defaults to approved reviews ordered by most recent.\n /\n async getReviews(\n options: ReviewQueryOptions = {}\n ): Promise<GoogleReview[]> {\n const tenantId = await getTenantId()\n\n const {\n status = \"approved\",\n minRating,\n limit = 50,\n offset = 0,\n orderBy = \"review_timestamp\",\n orderDirection = \"desc\",\n } = options\n\n let query = client\n .from(\"google_reviews\")\n .select(\"id, author_name, author_photo_url, rating, text, review_timestamp\")\n .eq(\"tenant_id\", tenantId)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n if (minRating) {\n query = query.gte(\"rating\", minRating)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch reviews: ${error.message}`)\n }\n\n return (data ?? []) as GoogleReview[]\n },\n\n /\n Get the tenant's third-party tracking IDs (Google Analytics, Google Tag Manager, Meta Pixel).\n * Each value is null when not configured. These IDs are public and safe to render in HTML.\n \n On Next.js, the result is cached and revalidated every hour by default\n * (`revalidate: 3600`) and tagged with `TRACKING_CONFIG_TAG`. Tenant sites\n * that want zero-lag updates can call `revalidateTag(TRACKING_CONFIG_TAG)`\n * from a webhook. Pass `revalidate: 0` to disable caching, `revalidate: false`\n * to cache indefinitely (tag-only invalidation), or any positive integer\n * (seconds) to override the interval. Outside Next.js the cache hints are\n * silently ignored — every call hits the network.\n /\n async getTrackingConfig(options: TrackingConfigOptions = {}): Promise<TrackingConfig> {\n const { revalidate = 3600, tags = [TRACKING_CONFIG_TAG] } = options\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n // Direct PostgREST fetch (instead of going through supabase-js) so that\n // Next.js sees the request and applies its `next` cache options. RLS\n // restricts the result to the tenant matching `x-cms-api-key`, so no\n // explicit tenant_id filter is needed.\n const url =\n `${supabaseUrl}/rest/v1/tenant_settings` +\n `?select=google_analytics_id,google_tag_manager_id,google_ads_id,meta_pixel_id&limit=1`\n\n const init: RequestInit & { next?: { revalidate?: number \| false; tags?: string[] } } = {\n headers: {\n apikey: supabaseKey,\n Authorization: `Bearer ${supabaseKey}`,\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n Accept: \"application/json\",\n },\n next: { revalidate, tags },\n }\n\n let row: {\n google_analytics_id: string \| null\n google_tag_manager_id: string \| null\n google_ads_id: string \| null\n meta_pixel_id: string \| null\n } \| undefined\n\n try {\n const res = await fetch(url, init as RequestInit)\n if (res.ok) {\n const rows = (await res.json()) as Array<typeof row>\n row = rows?.[0]\n }\n } catch {\n // Network errors fall through to the all-null result so a transient\n // outage on the CMS never breaks page renders on the tenant site.\n }\n\n return {\n googleAnalyticsId: nullify(row?.google_analytics_id),\n googleTagManagerId: nullify(row?.google_tag_manager_id),\n googleAdsId: nullify(row?.google_ads_id),\n metaPixelId: nullify(row?.meta_pixel_id),\n }\n },\n }\n}\n\n/\n Cache tag applied to `getTrackingConfig()` fetches on Next.js. Call\n * `revalidateTag(TRACKING_CONFIG_TAG)` from a webhook handler on the tenant\n * site to make tracking-ID changes take effect immediately rather than\n * waiting for the next revalidation interval.\n /\nexport const TRACKING_CONFIG_TAG = \"cms:tracking-config\"\n\nexport interface TrackingConfigOptions {\n /\n Cache lifetime for the underlying fetch on Next.js, in seconds.\n * Defaults to 3600 (one hour). Set to `0` to disable caching, or `false`\n * to cache indefinitely until the tag is revalidated. Ignored outside\n * Next.js runtimes.\n /\n revalidate?: number \| false\n /\n Cache tags for the underlying fetch on Next.js. Defaults to\n * `[TRACKING_CONFIG_TAG]`. Override to namespace by tenant if you share a\n * single Next.js process across multiple tenants (uncommon).\n /\n tags?: string[]\n}\n\nfunction nullify(v: string \| null \| undefined): string \| null {\n if (!v) return null\n const trimmed = v.trim()\n return trimmed.length > 0 ? trimmed : null\n}\n\nexport interface TrackingConfig {\n googleAnalyticsId: string \| null\n googleTagManagerId: string \| null\n googleAdsId: string \| null\n metaPixelId: string \| null\n}\n\n/\n Creates a new Supabase client that includes the `x-cms-api-key`\n * header in every request, using the same URL and key as the original.\n /\nfunction withApiKey(supabase: SupabaseClient, apiKey: string) {\n // Extract URL and key from the existing client\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n return createSupabaseClient(supabaseUrl, supabaseKey, {\n global: {\n headers: {\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n },\n })\n}\n","import { CMS_CLIENT_VERSION } from \"./version\"\n\n/\n Reports the running SDK version to the CMS so the Super Admin UI can show\n * which client version each tenant site is on.\n \n Day-granular and process-local: at most one POST per (api key + day) per\n * Node process. Calls from browser code are ignored — the API key would be\n * exposed and the data is redundant with server-side reports.\n \n Fire-and-forget. Failures are silent — telemetry must never break a render.\n /\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\ninterface ReportRecord {\n date: string // YYYY-MM-DD\n version: string\n}\n\nconst reported = new Map<string, ReportRecord>()\n\nfunction todayKey(): string {\n return new Date().toISOString().slice(0, 10)\n}\n\nexport function reportClientVersion(apiKey: string, appUrl?: string): void {\n // Skip in browser contexts — server-side calls already cover the tenant.\n if (typeof window !== \"undefined\") return\n if (!apiKey) return\n\n const today = todayKey()\n const last = reported.get(apiKey)\n if (last && last.date === today && last.version === CMS_CLIENT_VERSION) return\n\n // Optimistically mark as reported so concurrent calls don't all fire. If the\n // request fails we'll retry tomorrow — that's acceptable for telemetry.\n reported.set(apiKey, { date: today, version: CMS_CLIENT_VERSION })\n\n const envAppUrl =\n typeof process !== \"undefined\" ? process.env?.NEXT_PUBLIC_CMS_URL : undefined\n const base = (appUrl ?? envAppUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n const url = `${base}/api/client-telemetry`\n\n // Fire and forget. Use a hand-rolled then() chain rather than async/await so\n // we don't accidentally surface an unhandled rejection.\n void fetch(url, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n body: JSON.stringify({\n api_key: apiKey,\n version: CMS_CLIENT_VERSION,\n }),\n }).catch(() => {\n // Allow a retry on the next call by clearing the optimistic record.\n reported.delete(apiKey)\n })\n}\n","import type { EmbedValue } from \"./types\"\n\nfunction toCssAspectRatio(ratio: string): string {\n const parts = ratio.split(\":\")\n if (parts.length !== 2) return \"16/9\"\n const w = parseFloat(parts[0])\n const h = parseFloat(parts[1])\n if (!w \|\| !h \|\| w <= 0 \|\| h <= 0) return \"16/9\"\n return `${w}/${h}`\n}\n\n/\n Generate responsive iframe HTML for an embed field value.\n * Returns an empty string if the value is invalid or the URL is not HTTPS.\n /\nexport function getEmbedHtml(value: unknown): string {\n if (!value \|\| typeof value !== \"object\") return \"\"\n const embed = value as EmbedValue\n if (!embed.url \|\| !embed.url.startsWith(\"https://\")) return \"\"\n\n const width = embed.width \|\| \"100%\"\n const aspectRatio = toCssAspectRatio(embed.aspect_ratio \|\| \"16:9\")\n\n return `<div style=\"position:relative;width:${width};aspect-ratio:${aspectRatio}\"><iframe src=\"${embed.url}\" style=\"position:absolute;inset:0;width:100%;height:100%\" frameborder=\"0\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox\" allowfullscreen loading=\"lazy\"></iframe></div>`\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n Product,\n ProductCategory,\n ProductQueryOptions,\n CreateOrderParams,\n CreateOrderResult,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\nexport interface ShopClientOptions {\n /* Tenant API key (UUID). Sent as `x-cms-api-key` on every request. /\n apiKey: string\n /* CMS app base URL. Defaults to `https://cms.distinctstudio.co.nz`. /\n appUrl?: string\n}\n\n/\n Creates a typed client for the eCommerce REST API (products, categories, orders).\n \n Unlike `createCmsClient`, the shop client talks to the CMS REST endpoints\n * (`/api/products`, `/api/product-categories`, `/api/orders/create`) rather than\n * Supabase directly — it doesn't need the `supabase` argument, but accepts it\n * for API symmetry with the rest of the SDK.\n \n Usage:\n * ```ts\n * const shop = createShopClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const products = await shop.getProducts({ category: \"electronics\", limit: 20 })\n * ```\n /\nexport function createShopClient(\n _supabase: SupabaseClient,\n options: ShopClientOptions\n) {\n const { apiKey } = options\n const appUrl = (options.appUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n function authHeaders(): HeadersInit {\n return {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n }\n }\n\n async function getJson<T>(path: string): Promise<T> {\n const res = await fetch(`${appUrl}${path}`, {\n headers: authHeaders(),\n // Caller controls Next.js caching by wrapping the call site.\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(\n body.error ?? `Shop request failed (${res.status}): ${path}`\n )\n }\n return res.json() as Promise<T>\n }\n\n return {\n /\n List published products. Includes nested `variants` and `options`.\n \n `category` filters by category slug (matches the FK `category_id`,\n * with a fallback to the legacy `category` text column).\n /\n async getProducts(queryOptions: ProductQueryOptions = {}): Promise<Product[]> {\n const params = new URLSearchParams()\n if (queryOptions.category) params.set(\"category\", queryOptions.category)\n if (queryOptions.tags?.length) params.set(\"tags\", queryOptions.tags.join(\",\"))\n if (queryOptions.limit) params.set(\"limit\", String(queryOptions.limit))\n if (queryOptions.offset) params.set(\"offset\", String(queryOptions.offset))\n if (queryOptions.sort) params.set(\"sort\", queryOptions.sort)\n if (queryOptions.order) params.set(\"order\", queryOptions.order)\n\n const qs = params.toString()\n const { products } = await getJson<{ products: Product[] }>(\n `/api/products${qs ? `?${qs}` : \"\"}`\n )\n return products ?? []\n },\n\n /\n Get a single published product by slug. Returns null if not found.\n * Includes nested `variants` and `options`.\n /\n async getProductBySlug(slug: string): Promise<Product \| null> {\n const res = await fetch(`${appUrl}/api/products/${encodeURIComponent(slug)}`, {\n headers: authHeaders(),\n })\n if (res.status === 404) return null\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? `Failed to fetch product ${slug}`)\n }\n const { product } = (await res.json()) as { product: Product }\n return product ?? null\n },\n\n /\n List product categories for the tenant, ordered by sort_order then name.\n /\n async getCategories(): Promise<ProductCategory[]> {\n const { categories } = await getJson<{ categories: ProductCategory[] }>(\n `/api/product-categories`\n )\n return categories ?? []\n },\n\n /\n Get a single category by slug. Returns null if not found.\n /\n async getCategoryBySlug(slug: string): Promise<ProductCategory \| null> {\n const all = await this.getCategories()\n return all.find((c) => c.slug === slug) ?? null\n },\n\n /\n Create a pending order and return a Stripe PaymentIntent client_secret\n * to confirm payment client-side.\n \n Stripe must be configured for the tenant; eCommerce must be enabled on\n * their billing plan. Validates stock for tracked variants and applies\n * any discount code before creating the PaymentIntent.\n /\n async createOrder(params: CreateOrderParams): Promise<CreateOrderResult> {\n const res = await fetch(`${appUrl}/api/orders/create`, {\n method: \"POST\",\n headers: authHeaders(),\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? \"Order creation failed\")\n }\n return res.json() as Promise<CreateOrderResult>\n },\n }\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport { reportClientVersion } from \"./telemetry\"\n\nexport type EventStatus = \"draft\" \| \"published\" \| \"archived\"\nexport type BookingStatus = \"pending\" \| \"confirmed\" \| \"cancelled\" \| \"refunded\"\n\nexport interface CmsEvent {\n id: string\n tenant_id: string\n title: string\n slug: string\n description: string \| null\n short_description: string \| null\n status: EventStatus\n start_at: string\n end_at: string \| null\n venue_name: string \| null\n venue_address: string \| null\n hero_image: string \| null\n gallery: string[]\n tags: string[]\n seo_title: string \| null\n seo_description: string \| null\n metadata: Record<string, unknown>\n sort_order: number\n published_at: string \| null\n created_at: string\n updated_at: string\n}\n\nexport interface CmsTicketTier {\n id: string\n event_id: string\n tenant_id: string\n name: string\n description: string \| null\n price_cents: number\n capacity: number \| null\n sold_count: number\n sales_start_at: string \| null\n sales_end_at: string \| null\n is_active: boolean\n sort_order: number\n}\n\nexport interface EventWithTiers extends CmsEvent {\n tiers: CmsTicketTier[]\n}\n\nexport interface EventQueryOptions {\n /* Only include events with start_at >= now. Default false. /\n upcomingOnly?: boolean\n tag?: string\n limit?: number\n offset?: number\n sort?: \"start_at\" \| \"sort_order\" \| \"created_at\"\n order?: \"asc\" \| \"desc\"\n}\n\nexport interface CreateBookingParams {\n event_slug: string\n ticket_tier_id?: string\n customer_email: string\n customer_name?: string\n customer_phone?: string\n quantity?: number\n success_url?: string\n cancel_url?: string\n metadata?: Record<string, unknown>\n}\n\nexport interface CreateBookingResult {\n booking_id: string\n booking_number: string\n status: \"pending\" \| \"confirmed\"\n /* Redirect the browser here for paid bookings. /\n checkout_url?: string\n /* Present on free bookings — used for attendance QR display. /\n qr_token?: string\n}\n\nexport function createEventsClient(\n supabase: SupabaseClient,\n options: { apiKey: string; appUrl?: string }\n) {\n const { apiKey, appUrl } = options\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n async function getEvents(\n queryOptions?: EventQueryOptions\n ): Promise<EventWithTiers[]> {\n let query = supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"status\", \"published\")\n .order(queryOptions?.sort ?? \"start_at\", {\n ascending: (queryOptions?.order ?? \"asc\") === \"asc\",\n })\n\n if (queryOptions?.upcomingOnly) {\n query = query.gte(\"start_at\", new Date().toISOString())\n }\n if (queryOptions?.tag) {\n query = query.contains(\"tags\", [queryOptions.tag])\n }\n if (queryOptions?.limit) {\n query = query.limit(queryOptions.limit)\n }\n if (queryOptions?.offset) {\n query = query.range(\n queryOptions.offset,\n queryOptions.offset + (queryOptions.limit ?? 50) - 1\n )\n }\n\n const { data } = await query\n return (data ?? []) as EventWithTiers[]\n }\n\n async function getEventBySlug(slug: string): Promise<EventWithTiers \| null> {\n const { data } = await supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"slug\", slug)\n .eq(\"status\", \"published\")\n .single()\n return (data as EventWithTiers) ?? null\n }\n\n async function createBooking(\n params: CreateBookingParams\n ): Promise<CreateBookingResult> {\n const baseUrl = appUrl ?? \"\"\n const res = await fetch(`${baseUrl}/api/bookings/create`, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const err = await res\n .json()\n .catch(() => ({ error: \"Booking creation failed\" }))\n throw new Error(err.error ?? \"Booking creation failed\")\n }\n return res.json() as Promise<CreateBookingResult>\n }\n\n return { getEvents, getEventBySlug, createBooking }\n}\n","/\n Image helpers for CMS content.\n \n Images are already optimised (WebP, max 2400px) on upload.\n * No server-side transforms needed — serve originals directly.\n \n These functions are kept for backward compatibility but no longer\n * call Supabase image transformation endpoints.\n /\n\nexport interface ImageTransformOptions {\n width?: number\n height?: number\n quality?: number\n resize?: \"contain\" \| \"cover\" \| \"fill\"\n format?: \"origin\"\n}\n\n/\n Returns the image URL directly.\n \n Previously this converted URLs to use Supabase's /render/image/\n * transform endpoint, but images are now pre-optimised on upload\n * (WebP, max 2400px, quality 82) so transforms are unnecessary.\n \n The function is kept for backward compatibility — existing code\n * that calls getTransformUrl() will continue to work without changes.\n /\nexport function getTransformUrl(\n originalUrl: string,\n _options: ImageTransformOptions = {}\n): string {\n return originalUrl\n}\n\n/\n Returns a simple srcSet using the original image.\n \n Previously generated multiple transformed widths, but since images\n * are now pre-optimised WebP, a single source is sufficient.\n * Modern browsers handle responsive display efficiently with a\n * well-sized WebP source.\n /\nexport function getSrcSet(\n originalUrl: string,\n _widths: number[] = [],\n _quality = 80\n): string {\n return `${originalUrl} 2400w`\n}\n\n/\n Common image size presets — kept for backward compatibility.\n * Since images are pre-optimised, these are informational only.\n /\nexport const IMAGE_PRESETS = {\n thumbnail: { width: 150, height: 150, resize: \"cover\" as const, quality: 70 },\n card: { width: 400, height: 300, resize: \"cover\" as const, quality: 80 },\n hero: { width: 1200, height: 630, resize: \"cover\" as const, quality: 85 },\n og: { width: 1200, height: 630, resize: \"cover\" as const, quality: 90 },\n avatar: { width: 80, height: 80, resize: \"cover\" as const, quality: 75 },\n full: { width: 1920, resize: \"contain\" as const, quality: 85 },\n} as const\n","import type { DateGranularity } from \"./types\"\n\nexport interface ParsedPartialDate {\n granularity: DateGranularity\n /* 4-digit year — absent for `month` and `day_month`. /\n year?: number\n /* 1-12 — absent for `year`. /\n month?: number\n /* 1-31 — present only for `full` and `day_month`. /\n day?: number\n}\n\n/\n Parses a partial-ISO date string (as produced by a `date` field) into its parts.\n * Returns `null` if the string doesn't match a known granularity shape.\n /\nexport function parsePartialDate(value: string): ParsedPartialDate \| null {\n if (!value) return null\n let m: RegExpExecArray \| null\n if ((m = /^(\\d{4})-(\\d{2})-(\\d{2})$/.exec(value)))\n return { granularity: \"full\", year: +m[1], month: +m[2], day: +m[3] }\n if ((m = /^(\\d{4})-(\\d{2})$/.exec(value)))\n return { granularity: \"month_year\", year: +m[1], month: +m[2] }\n if ((m = /^(\\d{4})$/.exec(value))) return { granularity: \"year\", year: +m[1] }\n if ((m = /^--(\\d{2})-(\\d{2})$/.exec(value)))\n return { granularity: \"day_month\", month: +m[1], day: +m[2] }\n if ((m = /^--(\\d{2})$/.exec(value))) return { granularity: \"month\", month: +m[1] }\n return null\n}\n\nexport interface FormatPartialDateOptions {\n /* BCP 47 locale(s) passed to Intl.DateTimeFormat. Defaults to the runtime locale. /\n locale?: string \| string[]\n /* Month rendering style. Defaults to `long` (e.g. \"May\"). /\n month?: \"long\" \| \"short\" \| \"narrow\" \| \"numeric\" \| \"2-digit\"\n}\n\n/\n Formats a partial-ISO date string for display, honouring the value's granularity\n * and locale-correct part ordering (e.g. \"12 May\" vs \"May 12\"). Returns the raw\n * string unchanged if it isn't a recognised partial date.\n /\nexport function formatPartialDate(value: string, options: FormatPartialDateOptions = {}): string {\n const parsed = parsePartialDate(value)\n if (!parsed) return value\n\n const { locale, month = \"long\" } = options\n const monthIndex = parsed.month ? parsed.month - 1 : 0\n\n switch (parsed.granularity) {\n case \"year\":\n return String(parsed.year)\n case \"month\":\n return new Intl.DateTimeFormat(locale, { month }).format(new Date(2000, monthIndex, 1))\n case \"month_year\":\n return new Intl.DateTimeFormat(locale, { month, year: \"numeric\" }).format(\n new Date(parsed.year!, monthIndex, 1)\n )\n case \"day_month\":\n return new Intl.DateTimeFormat(locale, { month, day: \"numeric\" }).format(\n new Date(2000, monthIndex, parsed.day!)\n )\n case \"full\":\n return new Intl.DateTimeFormat(locale, { year: \"numeric\", month, day: \"numeric\" }).format(\n new Date(parsed.year!, monthIndex, parsed.day!)\n )\n }\n}\n","/\n Helpers for verifying outbound webhooks fired by the CMS.\n \n The CMS POSTs JSON to subscriber URLs and signs the raw body with\n * HMAC-SHA256 using the shared secret you set in the Webhooks tab. The hex\n * digest arrives in the `X-CMS-Signature` header.\n \n Use Web Crypto so this works in Node, Edge, Deno, and Bun runtimes.\n /\n\nexport interface WebhookEventPayload {\n event: string\n tenant_id: string\n content_type_slug?: string\n content_item_id?: string\n slug?: string\n title?: string\n status?: string\n /* Stable identifier of the resource that changed (e.g. product id, flipbook id, integration provider). /\n resource_id?: string\n /\n Cache tags the receiver should invalidate. Use {@link revalidateAllTags}\n * to wire this through Next.js's `revalidateTag()` in one line.\n * All tags are namespaced with the `cms:` prefix.\n /\n cache_tags?: string[]\n /* Free-form bag for event-specific extras (e.g. provider name, change counts). /\n data?: Record<string, unknown>\n timestamp: string\n /* Commerce + custom events may attach extra top-level fields. /\n [key: string]: unknown\n}\n\n/\n Verify the HMAC-SHA256 signature on a webhook delivery.\n \n Pass the raw request body (not a parsed JSON object) — re-stringifying\n * a parsed body can change whitespace and invalidate the signature.\n \n Returns `true` when the signature matches in constant time, `false`\n * otherwise. Never throws on a bad signature; only throws if the\n * `crypto.subtle` API is unavailable in the runtime.\n \n @example\n * const raw = await req.text()\n * const sig = req.headers.get(\"x-cms-signature\")\n * if (!await verifyWebhookSignature(process.env.CMS_WEBHOOK_SECRET!, raw, sig)) {\n * return new Response(\"bad signature\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n /\nexport async function verifyWebhookSignature(\n secret: string,\n rawBody: string,\n signature: string \| null \| undefined\n): Promise<boolean> {\n if (!signature \|\| !secret) return false\n\n const subtle = (globalThis.crypto && globalThis.crypto.subtle) \|\| null\n if (!subtle) {\n throw new Error(\n \"verifyWebhookSignature requires the Web Crypto API (globalThis.crypto.subtle). \" +\n \"Available in Node 18+, all Edge runtimes, Deno, and Bun.\"\n )\n }\n\n const encoder = new TextEncoder()\n const key = await subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n )\n const sigBuffer = await subtle.sign(\"HMAC\", key, encoder.encode(rawBody))\n const expected = bufferToHex(sigBuffer)\n\n return timingSafeEqualHex(expected, signature.trim())\n}\n\n/\n The webhook event names the CMS can fire. Use as a discriminator on the\n * `event` field of {@link WebhookEventPayload}.\n \n Most receivers don't need to switch on the event name — every payload\n * carries a `cache_tags` array. Pass it to {@link revalidateAllTags} to\n * invalidate the right Next.js caches in one line.\n /\nexport const WEBHOOK_EVENTS = [\n // Content\n \"content.published\",\n \"content.unpublished\",\n \"content.updated\",\n \"content.deleted\",\n \"content_type.updated\",\n \"content_type.deleted\",\n // Settings (diffed — only fires when a relevant field actually changed)\n \"settings.tracking_updated\",\n \"settings.brand_updated\",\n \"settings.integration_updated\",\n // Commerce\n \"products.updated\",\n \"product_categories.updated\",\n \"ticket_tiers.updated\",\n \"membership_tiers.updated\",\n \"order.created\",\n \"order.paid\",\n \"order.payment_failed\",\n \"order.refunded\",\n \"order.shipped\",\n \"booking.confirmed\",\n \"inventory.low_stock\",\n // Site\n \"redirects.updated\",\n \"reviews.synced\",\n \"flipbook.ready\",\n] as const\n\nexport type WebhookEvent = (typeof WEBHOOK_EVENTS)[number]\n\n/\n Invalidate every cache tag listed in a webhook payload. Call this from your\n * receiver and most events will Just Work without per-event branching.\n \n Pass Next.js's `revalidateTag` (or any function with the same shape) — the\n * SDK has no peer dep on `next/cache`, so the import stays in your code.\n \n Next 16 compatibility. In Next 16, `revalidateTag(tag)` was made into\n * `revalidateTag(tag, profile)`, and calling it with one argument emits a\n * deprecation warning. The cache profile controls expiry — `\"default\"` and\n * `\"max\"` both have non-zero `expire` values and will not invalidate the\n * cache. Immediate invalidation requires `{ expire: 0 }`, which isn't\n * documented in the function reference. This helper always passes\n * `{ expire: 0 }` as the second argument, so it does the right thing on Next 16\n * and is silently ignored by Next 14/15.\n \n @example\n * import { revalidateTag } from \"next/cache\"\n * import { revalidateAllTags } from \"@distinctagency/cms-client\"\n \n export async function POST(req: Request) {\n * const raw = await req.text()\n * if (!await verifyWebhookSignature(SECRET, raw, req.headers.get(\"x-cms-signature\"))) {\n * return new Response(\"bad sig\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n * revalidateAllTags(payload, revalidateTag)\n * return Response.json({ ok: true })\n * }\n /\nexport function revalidateAllTags(\n payload: Pick<WebhookEventPayload, \"cache_tags\">,\n revalidateTag: (tag: string, profile: { expire?: number }) => unknown\n): string[] {\n const tags = payload.cache_tags\n if (!Array.isArray(tags) \|\| tags.length === 0) return []\n const invalidated: string[] = []\n for (const tag of tags) {\n if (typeof tag !== \"string\" \|\| tag.length === 0) continue\n revalidateTag(tag, { expire: 0 })\n invalidated.push(tag)\n }\n return invalidated\n}\n\nfunction bufferToHex(buf: ArrayBuffer): string {\n const bytes = new Uint8Array(buf)\n let out = \"\"\n for (let i = 0; i < bytes.length; i++) {\n out += bytes[i].toString(16).padStart(2, \"0\")\n }\n return out\n}\n\n/\n Constant-time equality check on two hex strings. Returns false fast when\n * lengths differ — the length itself is not secret.\n */\nfunction timingSafeEqualHex(a: string, b: string): boolean {\n if (a.length !== b.length) return false\n let mismatch = 0\n for (let i = 0; i < a.length; i++) {\n mismatch \|= a.charCodeAt(i) ^ b.charCodeAt(i)\n }\n return mismatch === 0\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACOO,IAAM,qBAAqB;;;ACPlC,yBAAqD;;;ACarD,IAAM,kBAAkB;AAOxB,IAAM,WAAW,oBAAI,IAA0B;AAE/C,SAAS,WAAmB;AAC1B,UAAO,oBAAI,KAAK,GAAE,YAAY,EAAE,MAAM,GAAG,EAAE;AAC7C;AAEO,SAAS,oBAAoB,QAAgB,QAAuB;AAEzE,MAAI,OAAO,WAAW,YAAa;AACnC,MAAI,CAAC,OAAQ;AAEb,QAAM,QAAQ,SAAS;AACvB,QAAM,OAAO,SAAS,IAAI,MAAM;AAChC,MAAI,QAAQ,KAAK,SAAS,SAAS,KAAK,YAAY,mBAAoB;AAIxE,WAAS,IAAI,QAAQ,EAAE,MAAM,OAAO,SAAS,mBAAmB,CAAC;AAEjE,QAAM,YACJ,OAAO,YAAY,cAAc,QAAQ,KAAK,sBAAsB;AACtE,QAAM,QAAQ,UAAU,aAAa,iBAAiB,QAAQ,OAAO,EAAE;AACvE,QAAM,MAAM,GAAG,IAAI;AAInB,OAAK,MAAM,KAAK;AAAA,IACd,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,IACA,MAAM,KAAK,UAAU;AAAA,MACnB,SAAS;AAAA,MACT,SAAS;AAAA,IACX,CAAC;AAAA,EACH,CAAC,EAAE,MAAM,MAAM;AAEb,aAAS,OAAO,MAAM;AAAA,EACxB,CAAC;AACH;;;ADpCO,SAAS,gBACd,UACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AAGnB,QAAM,SAAS,WAAW,UAAU,MAAM;AAG1C,sBAAoB,QAAQ,QAAQ,MAAM;AAG1C,MAAI,gBAA+B;AAEnC,iBAAe,cAA+B;AAC5C,QAAI,cAAe,QAAO;AAE1B,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,SAAS,EACd,OAAO,IAAI,EACX,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,oBAAgB,KAAK;AACrB,WAAO,KAAK;AAAA,EACd;AAGA,QAAM,mBAAmB,oBAAI,IAAyB;AAEtD,iBAAe,qBAAqB,iBAA+C;AACjF,QAAI,iBAAiB,IAAI,eAAe,EAAG,QAAO,iBAAiB,IAAI,eAAe;AACtF,UAAM,WAAW,MAAM,YAAY;AAEnC,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,IAC9D;AAEA,UAAM,KAAK;AACX,qBAAiB,IAAI,iBAAiB,EAAE;AACxC,WAAO;AAAA,EACT;AAEA,iBAAe,iBAAiB,iBAA0C;AACxE,UAAM,KAAK,MAAM,qBAAqB,eAAe;AACrD,WAAO,GAAG;AAAA,EACZ;AAGA,iBAAe,kBACb,aACA,aAC4D;AAC5D,UAAM,iBAAiB,YAAY;AACnC,QAAI,CAAC,eAAgB,QAAO,EAAE,SAAS,MAAM,cAAc,KAAK;AAEhE,QAAI,CAAC,YAAa,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAG9D,UAAM,EAAE,MAAM,QAAQ,IAAI,MAAM,OAC7B,KAAK,iBAAiB,EACtB,OAAO,WAAW,EAClB,GAAG,cAAc,WAAW,EAC5B,OAAO;AAEV,QAAI,CAAC,QAAS,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAE1D,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,OAC5B,KAAK,SAAS,EACd,OAAO,4BAA4B,EACnC,GAAG,MAAM,QAAQ,SAAS,EAC1B,OAAO;AAEV,QAAI,CAAC,UAAU,OAAO,WAAW,SAAU,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAIvF,WAAO;AAAA,MACL,SAAS,OAAO,uBAAuB;AAAA,MACvC,cAAc,OAAO;AAAA,IACvB;AAAA,EACF;AAEA,iBAAe,YAAY,IAA8D;AACvF,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,WAAW,EAChB,OAAO,sEAAsE,EAC7E,GAAG,MAAM,EAAE,EACX,OAAO;AACV,QAAI,SAAS,CAAC,KAAM,QAAO;AAE3B,UAAM,WAAW,KAAK;AAGtB,QAAI,CAAC,UAAU;AACb,aAAO;AAAA,QACL,IAAI,KAAK;AAAA,QACT,OAAO,KAAK;AAAA,QACZ,YAAa,KAAK,cAAyB;AAAA,QAC3C,QAAQ,KAAK;AAAA,QACb,aAAa,CAAC;AAAA,QACd,KAAK,CAAC;AAAA,QACN,cAAc;AAAA,MAChB;AAAA,IACF;AAMA,UAAM,OAAQ,WAA0E;AACxF,UAAM,UAAU,MAAM,KAAK,6BAA6B;AACxD,UAAM,SAAS,aAAa,KAAK,SAAmB,IAAI,KAAK,EAAY;AACzE,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,YAAa,KAAK,cAAyB,SAAS,MAAM;AAAA,MAC1D,QAAQ,KAAK;AAAA,MACb,aAAa,SAAS,MAAM,IAAI,CAAC,OAAO;AAAA,QACtC,KAAK,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACnC,WAAW,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACzC,GAAG,EAAE;AAAA,QACL,GAAG,EAAE;AAAA,MACP,EAAE;AAAA,MACF,KAAK,SAAS;AAAA,MACd,cAAc,KAAK,mBACf,GAAG,QAAQ,UAAU,EAAE,kBAAkB,KAAK,EAAY,cAC1D;AAAA,IACN;AAAA,EACF;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA,IAKL,MAAM,gBACJ,iBACAA,WAA+B,CAAC,GACiB;AACjD,YAAM,cAAc,MAAM,qBAAqB,eAAe;AAE9D,YAAM;AAAA,QACJ,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,QACjB,QAAQ;AAAA,QACR,SAAS;AAAA,QACT;AAAA,MACF,IAAIA;AAGJ,YAAM,SAAS,MAAM,kBAAkB,aAAa,WAAW;AAG/D,UAAI,CAAC,OAAO,WAAW,YAAY,6BAA6B;AAE9D,cAAM,WAAW,MAAM,YAAY;AACnC,cAAM,EAAE,MAAM,SAAS,IAAI,MAAM,OAC9B,KAAK,iBAAiB,EACtB,OAAO,wBAAwB,EAC/B,GAAG,aAAa,QAAQ,EACxB,OAAO;AAEV,cAAM,OAAQ,UAAU,0BAAqC;AAE7D,YAAI,SAAS,QAAQ;AACnB,iBAAO,CAAC;AAAA,QACV;AAGA,YAAIC,SAAQ,OACT,KAAK,eAAe,EACpB,OAAO,oHAAoH,EAC3H,GAAG,mBAAmB,YAAY,EAAE;AAEvC,YAAI,OAAQ,CAAAA,SAAQA,OAAM,GAAG,UAAU,MAAM;AAC7C,QAAAA,SAAQA,OACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,cAAM,EAAE,MAAAC,OAAM,OAAAC,OAAM,IAAI,MAAMF;AAC9B,YAAIE,OAAO,OAAM,IAAI,MAAM,mBAAmB,eAAe,KAAKA,OAAM,OAAO,EAAE;AAEjF,gBAAQD,SAAQ,CAAC,GAAG,IAAI,CAAC,UAAU;AAAA,UACjC,GAAG;AAAA,UACH,MAAM,CAAC;AAAA,UACP,QAAQ;AAAA,QACV,EAAE;AAAA,MACJ;AAGA,UAAI,QAAQ,OACT,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,YAAY,EAAE;AAEvC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,mBAAmB,eAAe,KAAK,MAAM,OAAO,EAAE;AAAA,MACxE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBACJ,iBACA,UAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,aAAa,EACnC,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,OAAO;AACT,YAAI,MAAM,SAAS,WAAY,QAAO;AACtC,cAAM,IAAI;AAAA,UACR,mBAAmB,eAAe,IAAI,QAAQ,KAAK,MAAM,OAAO;AAAA,QAClE;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,eAAe,iBAA+C;AAClE,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,UAAI,SAAS,CAAC,MAAM;AAClB,cAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,MAC9D;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,YACJ,iBAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,MAAM,EACb,GAAG,mBAAmB,aAAa,EACnC,GAAG,UAAU,WAAW;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,6BAA6B,eAAe,KAAK,MAAM,OAAO;AAAA,QAChE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAA0C;AAC9C,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,MAAM,MAAM;AAEf,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,kCAAkC,MAAM,OAAO,EAAE;AAAA,MACnE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAM,aACJ,iBACmD;AACnD,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,gBAAgB,EACrB,OAAO,oBAAoB,EAC3B,GAAG,mBAAmB,aAAa;AAEtC,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,iCAAiC,eAAe,KAAK,MAAM,OAAO;AAAA,QACpE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBAEJ;AACA,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,kBAAkB,EACvB,OAAO,0CAA0C,EACjD,GAAG,aAAa,QAAQ;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,qCAAqC,MAAM,OAAO,EAAE;AAAA,MACtE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IAKnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,mBACJ,UACAF,WAAgE,CAAC,GAC7B;AACpC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,KAAK,IAAI,MAAM,OAC1B,KAAK,OAAO,EACZ,OAAO,IAAI,EACX,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,CAAC,KAAM,QAAO,CAAC;AAEnB,YAAM,EAAE,QAAQ,IAAI,SAAS,GAAG,OAAO,IAAIA;AAE3C,UAAI,QAAQ,OACT,KAAK,kBAAkB,EACvB,OAAO,GAAG,EACV,GAAG,WAAW,KAAK,EAAE,EACrB,GAAG,WAAW,KAAK,EACnB,MAAM,cAAc,EAAE,WAAW,MAAM,CAAC,EACxC,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,YAAM,EAAE,KAAK,IAAI,MAAM;AACvB,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,QACJ,UACyC;AACzC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,KAAK,IAAI,MAAM,OACpB,KAAK,OAAO,EACZ,OAAO,wCAAwC,EAC/C,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,WACJA,WAA8B,CAAC,GACN;AACzB,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM;AAAA,QACJ,SAAS;AAAA,QACT;AAAA,QACA,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,MACnB,IAAIA;AAEJ,UAAI,QAAQ,OACT,KAAK,gBAAgB,EACrB,OAAO,mEAAmE,EAC1E,GAAG,aAAa,QAAQ;AAE3B,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,UAAI,WAAW;AACb,gBAAQ,MAAM,IAAI,UAAU,SAAS;AAAA,MACvC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,4BAA4B,MAAM,OAAO,EAAE;AAAA,MAC7D;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,kBAAkBA,WAAiC,CAAC,GAA4B;AACpF,YAAM,EAAE,aAAa,MAAM,OAAO,CAAC,mBAAmB,EAAE,IAAIA;AAC5D,YAAM,cAAe,SAAgD;AACrE,YAAM,cAAe,SAAgD;AAMrE,YAAM,MACJ,GAAG,WAAW;AAGhB,YAAM,OAAkF;AAAA,QACtF,SAAS;AAAA,UACP,QAAQ;AAAA,UACR,eAAe,UAAU,WAAW;AAAA,UACpC,iBAAiB;AAAA,UACjB,wBAAwB;AAAA,UACxB,QAAQ;AAAA,QACV;AAAA,QACA,MAAM,EAAE,YAAY,KAAK;AAAA,MAC3B;AAEA,UAAI;AAOJ,UAAI;AACF,cAAM,MAAM,MAAM,MAAM,KAAK,IAAmB;AAChD,YAAI,IAAI,IAAI;AACV,gBAAM,OAAQ,MAAM,IAAI,KAAK;AAC7B,gBAAM,OAAO,CAAC;AAAA,QAChB;AAAA,MACF,QAAQ;AAAA,MAGR;AAEA,aAAO;AAAA,QACL,mBAAmB,QAAQ,KAAK,mBAAmB;AAAA,QACnD,oBAAoB,QAAQ,KAAK,qBAAqB;AAAA,QACtD,aAAa,QAAQ,KAAK,aAAa;AAAA,QACvC,aAAa,QAAQ,KAAK,aAAa;AAAA,MACzC;AAAA,IACF;AAAA,EACF;AACF;AAQO,IAAM,sBAAsB;AAkBnC,SAAS,QAAQ,GAA6C;AAC5D,MAAI,CAAC,EAAG,QAAO;AACf,QAAM,UAAU,EAAE,KAAK;AACvB,SAAO,QAAQ,SAAS,IAAI,UAAU;AACxC;AAaA,SAAS,WAAW,UAA0B,QAAgB;AAE5D,QAAM,cAAe,SAAgD;AACrE,QAAM,cAAe,SAAgD;AAErE,aAAO,mBAAAI,cAAqB,aAAa,aAAa;AAAA,IACpD,QAAQ;AAAA,MACN,SAAS;AAAA,QACP,iBAAiB;AAAA,QACjB,wBAAwB;AAAA,MAC1B;AAAA,IACF;AAAA,EACF,CAAC;AACH;;;AEnmBA,SAAS,iBAAiB,OAAuB;AAC/C,QAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,MAAI,MAAM,WAAW,EAAG,QAAO;AAC/B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,MAAI,CAAC,KAAK,CAAC,KAAK,KAAK,KAAK,KAAK,EAAG,QAAO;AACzC,SAAO,GAAG,CAAC,IAAI,CAAC;AAClB;AAMO,SAAS,aAAa,OAAwB;AACnD,MAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAChD,QAAM,QAAQ;AACd,MAAI,CAAC,MAAM,OAAO,CAAC,MAAM,IAAI,WAAW,UAAU,EAAG,QAAO;AAE5D,QAAM,QAAQ,MAAM,SAAS;AAC7B,QAAM,cAAc,iBAAiB,MAAM,gBAAgB,MAAM;AAEjE,SAAO,uCAAuC,KAAK,iBAAiB,WAAW,kBAAkB,MAAM,GAAG;AAC5G;;;ACbA,IAAMC,mBAAkB;AAuBjB,SAAS,iBACd,WACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,QAAM,UAAU,QAAQ,UAAUA,kBAAiB,QAAQ,OAAO,EAAE;AAGpE,sBAAoB,QAAQ,MAAM;AAElC,WAAS,cAA2B;AAClC,WAAO;AAAA,MACL,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,EACF;AAEA,iBAAe,QAAW,MAA0B;AAClD,UAAM,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,IAAI,IAAI;AAAA,MAC1C,SAAS,YAAY;AAAA;AAAA,IAEvB,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,YAAM,IAAI;AAAA,QACR,KAAK,SAAS,wBAAwB,IAAI,MAAM,MAAM,IAAI;AAAA,MAC5D;AAAA,IACF;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOL,MAAM,YAAY,eAAoC,CAAC,GAAuB;AAC5E,YAAM,SAAS,IAAI,gBAAgB;AACnC,UAAI,aAAa,SAAU,QAAO,IAAI,YAAY,aAAa,QAAQ;AACvE,UAAI,aAAa,MAAM,OAAQ,QAAO,IAAI,QAAQ,aAAa,KAAK,KAAK,GAAG,CAAC;AAC7E,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,OAAO,aAAa,KAAK,CAAC;AACtE,UAAI,aAAa,OAAQ,QAAO,IAAI,UAAU,OAAO,aAAa,MAAM,CAAC;AACzE,UAAI,aAAa,KAAM,QAAO,IAAI,QAAQ,aAAa,IAAI;AAC3D,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,aAAa,KAAK;AAE9D,YAAM,KAAK,OAAO,SAAS;AAC3B,YAAM,EAAE,SAAS,IAAI,MAAM;AAAA,QACzB,gBAAgB,KAAK,IAAI,EAAE,KAAK,EAAE;AAAA,MACpC;AACA,aAAO,YAAY,CAAC;AAAA,IACtB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,iBAAiB,MAAuC;AAC5D,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,iBAAiB,mBAAmB,IAAI,CAAC,IAAI;AAAA,QAC5E,SAAS,YAAY;AAAA,MACvB,CAAC;AACD,UAAI,IAAI,WAAW,IAAK,QAAO;AAC/B,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,2BAA2B,IAAI,EAAE;AAAA,MACjE;AACA,YAAM,EAAE,QAAQ,IAAK,MAAM,IAAI,KAAK;AACpC,aAAO,WAAW;AAAA,IACpB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,gBAA4C;AAChD,YAAM,EAAE,WAAW,IAAI,MAAM;AAAA,QAC3B;AAAA,MACF;AACA,aAAO,cAAc,CAAC;AAAA,IACxB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAAkB,MAA+C;AACrE,YAAM,MAAM,MAAM,KAAK,cAAc;AACrC,aAAO,IAAI,KAAK,CAAC,MAAM,EAAE,SAAS,IAAI,KAAK;AAAA,IAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,QAAuD;AACvE,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,sBAAsB;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS,YAAY;AAAA,QACrB,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,MACrD,CAAC;AACD,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,uBAAuB;AAAA,MACvD;AACA,aAAO,IAAI,KAAK;AAAA,IAClB;AAAA,EACF;AACF;;;AChEO,SAAS,mBACd,UACA,SACA;AACA,QAAM,EAAE,QAAQ,OAAO,IAAI;AAG3B,sBAAoB,QAAQ,MAAM;AAElC,iBAAe,UACb,cAC2B;AAC3B,QAAI,QAAQ,SACT,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,UAAU,WAAW,EACxB,MAAM,cAAc,QAAQ,YAAY;AAAA,MACvC,YAAY,cAAc,SAAS,WAAW;AAAA,IAChD,CAAC;AAEH,QAAI,cAAc,cAAc;AAC9B,cAAQ,MAAM,IAAI,aAAY,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,IACxD;AACA,QAAI,cAAc,KAAK;AACrB,cAAQ,MAAM,SAAS,QAAQ,CAAC,aAAa,GAAG,CAAC;AAAA,IACnD;AACA,QAAI,cAAc,OAAO;AACvB,cAAQ,MAAM,MAAM,aAAa,KAAK;AAAA,IACxC;AACA,QAAI,cAAc,QAAQ;AACxB,cAAQ,MAAM;AAAA,QACZ,aAAa;AAAA,QACb,aAAa,UAAU,aAAa,SAAS,MAAM;AAAA,MACrD;AAAA,IACF;AAEA,UAAM,EAAE,KAAK,IAAI,MAAM;AACvB,WAAQ,QAAQ,CAAC;AAAA,EACnB;AAEA,iBAAe,eAAe,MAA8C;AAC1E,UAAM,EAAE,KAAK,IAAI,MAAM,SACpB,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,QAAQ,IAAI,EACf,GAAG,UAAU,WAAW,EACxB,OAAO;AACV,WAAQ,QAA2B;AAAA,EACrC;AAEA,iBAAe,cACb,QAC8B;AAC9B,UAAM,UAAU,UAAU;AAC1B,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,wBAAwB;AAAA,MACxD,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,IACrD,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,MAAM,MAAM,IACf,KAAK,EACL,MAAM,OAAO,EAAE,OAAO,0BAA0B,EAAE;AACrD,YAAM,IAAI,MAAM,IAAI,SAAS,yBAAyB;AAAA,IACxD;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO,EAAE,WAAW,gBAAgB,cAAc;AACpD;;;AC1HO,SAAS,gBACd,aACA,WAAkC,CAAC,GAC3B;AACR,SAAO;AACT;AAUO,SAAS,UACd,aACA,UAAoB,CAAC,GACrB,WAAW,IACH;AACR,SAAO,GAAG,WAAW;AACvB;AAMO,IAAM,gBAAgB;AAAA,EAC3B,WAAW,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EAC5E,MAAM,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACxE,IAAI,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACtE,QAAQ,EAAE,OAAO,IAAI,QAAQ,IAAI,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,WAAoB,SAAS,GAAG;AAC/D;;;AC9CO,SAAS,iBAAiB,OAAyC;AACxE,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI;AACJ,MAAK,IAAI,4BAA4B,KAAK,KAAK;AAC7C,WAAO,EAAE,aAAa,QAAQ,MAAM,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,EAAE;AACtE,MAAK,IAAI,oBAAoB,KAAK,KAAK;AACrC,WAAO,EAAE,aAAa,cAAc,MAAM,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,EAAE;AAChE,MAAK,IAAI,YAAY,KAAK,KAAK,EAAI,QAAO,EAAE,aAAa,QAAQ,MAAM,CAAC,EAAE,CAAC,EAAE;AAC7E,MAAK,IAAI,sBAAsB,KAAK,KAAK;AACvC,WAAO,EAAE,aAAa,aAAa,OAAO,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,EAAE;AAC9D,MAAK,IAAI,cAAc,KAAK,KAAK,EAAI,QAAO,EAAE,aAAa,SAAS,OAAO,CAAC,EAAE,CAAC,EAAE;AACjF,SAAO;AACT;AAcO,SAAS,kBAAkB,OAAe,UAAoC,CAAC,GAAW;AAC/F,QAAM,SAAS,iBAAiB,KAAK;AACrC,MAAI,CAAC,OAAQ,QAAO;AAEpB,QAAM,EAAE,QAAQ,QAAQ,OAAO,IAAI;AACnC,QAAM,aAAa,OAAO,QAAQ,OAAO,QAAQ,IAAI;AAErD,UAAQ,OAAO,aAAa;AAAA,IAC1B,KAAK;AACH,aAAO,OAAO,OAAO,IAAI;AAAA,IAC3B,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,MAAM,CAAC,EAAE,OAAO,IAAI,KAAK,KAAM,YAAY,CAAC,CAAC;AAAA,IACxF,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,OAAO,MAAM,UAAU,CAAC,EAAE;AAAA,QACjE,IAAI,KAAK,OAAO,MAAO,YAAY,CAAC;AAAA,MACtC;AAAA,IACF,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,OAAO,KAAK,UAAU,CAAC,EAAE;AAAA,QAChE,IAAI,KAAK,KAAM,YAAY,OAAO,GAAI;AAAA,MACxC;AAAA,IACF,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,MAAM,WAAW,OAAO,KAAK,UAAU,CAAC,EAAE;AAAA,QACjF,IAAI,KAAK,OAAO,MAAO,YAAY,OAAO,GAAI;AAAA,MAChD;AAAA,EACJ;AACF;;;AChBA,eAAsB,uBACpB,QACA,SACA,WACkB;AAClB,MAAI,CAAC,aAAa,CAAC,OAAQ,QAAO;AAElC,QAAM,SAAU,WAAW,UAAU,WAAW,OAAO,UAAW;AAClE,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAEA,QAAM,UAAU,IAAI,YAAY;AAChC,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB;AAAA,IACA,QAAQ,OAAO,MAAM;AAAA,IACrB,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAChC;AAAA,IACA,CAAC,MAAM;AAAA,EACT;AACA,QAAM,YAAY,MAAM,OAAO,KAAK,QAAQ,KAAK,QAAQ,OAAO,OAAO,CAAC;AACxE,QAAM,WAAW,YAAY,SAAS;AAEtC,SAAO,mBAAmB,UAAU,UAAU,KAAK,CAAC;AACtD;AAUO,IAAM,iBAAiB;AAAA;AAAA,EAE5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AACF;AAkCO,SAAS,kBACd,SACA,eACU;AACV,QAAM,OAAO,QAAQ;AACrB,MAAI,CAAC,MAAM,QAAQ,IAAI,KAAK,KAAK,WAAW,EAAG,QAAO,CAAC;AACvD,QAAM,cAAwB,CAAC;AAC/B,aAAW,OAAO,MAAM;AACtB,QAAI,OAAO,QAAQ,YAAY,IAAI,WAAW,EAAG;AACjD,kBAAc,KAAK,EAAE,QAAQ,EAAE,CAAC;AAChC,gBAAY,KAAK,GAAG;AAAA,EACtB;AACA,SAAO;AACT;AAEA,SAAS,YAAY,KAA0B;AAC7C,QAAM,QAAQ,IAAI,WAAW,GAAG;AAChC,MAAI,MAAM;AACV,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,WAAO,MAAM,CAAC,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,EAC9C;AACA,SAAO;AACT;AAMA,SAAS,mBAAmB,GAAW,GAAoB;AACzD,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI,WAAW;AACf,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK;AACjC,gBAAY,EAAE,WAAW,CAAC,IAAI,EAAE,WAAW,CAAC;AAAA,EAC9C;AACA,SAAO,aAAa;AACtB;","names":["options","query","data","error","createSupabaseClient","DEFAULT_APP_URL"]}

package/dist/index.mjs CHANGED Viewed

@@ -1,5 +1,5 @@
 // src/version.ts
-var CMS_CLIENT_VERSION = "1.20.1";
+var CMS_CLIENT_VERSION = "1.21.0";
 // src/queries.ts
 import { createClient as createSupabaseClient } from "@supabase/supabase-js";
@@ -540,6 +540,45 @@ var IMAGE_PRESETS = {
   full: { width: 1920, resize: "contain", quality: 85 }
 };
+// src/date.ts
+function parsePartialDate(value) {
+  if (!value) return null;
+  let m;
+  if (m = /^(\d{4})-(\d{2})-(\d{2})$/.exec(value))
+    return { granularity: "full", year: +m[1], month: +m[2], day: +m[3] };
+  if (m = /^(\d{4})-(\d{2})$/.exec(value))
+    return { granularity: "month_year", year: +m[1], month: +m[2] };
+  if (m = /^(\d{4})$/.exec(value)) return { granularity: "year", year: +m[1] };
+  if (m = /^--(\d{2})-(\d{2})$/.exec(value))
+    return { granularity: "day_month", month: +m[1], day: +m[2] };
+  if (m = /^--(\d{2})$/.exec(value)) return { granularity: "month", month: +m[1] };
+  return null;
+}
+function formatPartialDate(value, options = {}) {
+  const parsed = parsePartialDate(value);
+  if (!parsed) return value;
+  const { locale, month = "long" } = options;
+  const monthIndex = parsed.month ? parsed.month - 1 : 0;
+  switch (parsed.granularity) {
+    case "year":
+      return String(parsed.year);
+    case "month":
+      return new Intl.DateTimeFormat(locale, { month }).format(new Date(2e3, monthIndex, 1));
+    case "month_year":
+      return new Intl.DateTimeFormat(locale, { month, year: "numeric" }).format(
+        new Date(parsed.year, monthIndex, 1)
+      );
+    case "day_month":
+      return new Intl.DateTimeFormat(locale, { month, day: "numeric" }).format(
+        new Date(2e3, monthIndex, parsed.day)
+      );
+    case "full":
+      return new Intl.DateTimeFormat(locale, { year: "numeric", month, day: "numeric" }).format(
+        new Date(parsed.year, monthIndex, parsed.day)
+      );
+  }
+}
 // src/webhooks.ts
 async function verifyWebhookSignature(secret, rawBody, signature) {
   if (!signature || !secret) return false;
@@ -625,9 +664,11 @@ export {
   createCmsClient,
   createEventsClient,
   createShopClient,
+  formatPartialDate,
   getEmbedHtml,
   getSrcSet,
   getTransformUrl,
+  parsePartialDate,
   revalidateAllTags,
   verifyWebhookSignature
 };

package/dist/index.mjs.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/version.ts","../src/queries.ts","../src/telemetry.ts","../src/embed.ts","../src/shop.ts","../src/events.ts","../src/cdn.ts","../src/webhooks.ts"],"sourcesContent":["/*\n The version of @distinctagency/cms-client embedded in this build.\n \n Bump this in lock-step with package.json — the value is read by the SDK to\n * report installed-version telemetry and to send `x-cms-client-version` on\n * outgoing requests.\n /\nexport const CMS_CLIENT_VERSION = \"1.20.1\"\n","import { createClient as createSupabaseClient } from \"@supabase/supabase-js\"\nimport type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n CmsClientOptions,\n ContentItem,\n ContentQueryOptions,\n ContentType,\n GoogleReview,\n ReviewQueryOptions,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\n/\n Creates a CMS query client authenticated with a tenant API key.\n \n Usage:\n * ```ts\n * const cms = createCmsClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const events = await cms.getContentItems('events', { status: 'published' })\n * ```\n \n The API key is sent as an `x-cms-api-key` header on every request.\n * Supabase RLS policies validate it against the tenant's stored key.\n /\nexport function createCmsClient(\n supabase: SupabaseClient,\n options: CmsClientOptions\n) {\n const { apiKey } = options\n\n // Create a new Supabase client with the API key header injected globally\n const client = withApiKey(supabase, apiKey) as SupabaseClient\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, options.appUrl)\n\n /* Resolve the tenant ID from the API key (cached per request) /\n let tenantIdCache: string \| null = null\n\n async function getTenantId(): Promise<string> {\n if (tenantIdCache) return tenantIdCache\n\n const { data, error } = await client\n .from(\"tenants\")\n .select(\"id\")\n .single()\n\n if (error \|\| !data) {\n throw new Error(\n \"Invalid CMS API key — no tenant found. Check your apiKey.\"\n )\n }\n\n tenantIdCache = data.id\n return data.id\n }\n\n /* Resolve a content type from its slug (cached) /\n const contentTypeCache = new Map<string, ContentType>()\n\n async function getContentTypeBySlug(contentTypeSlug: string): Promise<ContentType> {\n if (contentTypeCache.has(contentTypeSlug)) return contentTypeCache.get(contentTypeSlug)!\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n const ct = data as ContentType\n contentTypeCache.set(contentTypeSlug, ct)\n return ct\n }\n\n async function getContentTypeId(contentTypeSlug: string): Promise<string> {\n const ct = await getContentTypeBySlug(contentTypeSlug)\n return ct.id\n }\n\n /** Check if a member token has access to a gated content type /\n async function checkMemberAccess(\n contentType: ContentType,\n memberToken?: string\n ): Promise<{ allowed: boolean; memberTierId: string \| null }> {\n const requiredTierId = contentType.required_membership_tier_id\n if (!requiredTierId) return { allowed: true, memberTierId: null } // Public\n\n if (!memberToken) return { allowed: false, memberTierId: null } // Gated but no token\n\n // Verify the member's token and check their tier\n const { data: session } = await client\n .from(\"member_sessions\")\n .select(\"member_id\")\n .eq(\"token_hash\", memberToken) // Note: caller should hash the token\n .single()\n\n if (!session) return { allowed: false, memberTierId: null }\n\n const { data: member } = await client\n .from(\"members\")\n .select(\"membership_tier_id, status\")\n .eq(\"id\", session.member_id)\n .single()\n\n if (!member \|\| member.status !== \"active\") return { allowed: false, memberTierId: null }\n\n // Check if the member's tier matches (or exceeds) the required tier\n // For now: exact match or the member has the required tier\n return {\n allowed: member.membership_tier_id === requiredTierId,\n memberTierId: member.membership_tier_id as string \| null,\n }\n }\n\n async function getFlipbook(id: string): Promise<import(\"./types\").FlipbookPublic \| null> {\n const { data, error } = await client\n .from(\"flipbooks\")\n .select(\"id, title, page_count, status, manifest, download_enabled, tenant_id\")\n .eq(\"id\", id)\n .single()\n if (error \|\| !data) return null\n\n const manifest = data.manifest as\n \| { pages: Array<{ image: string; thumb: string; w: number; h: number }>; toc: Array<{ title: string; page: number }> }\n \| null\n if (!manifest) {\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? 0,\n status: data.status as \"pending_upload\" \| \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: [],\n toc: [],\n download_url: null,\n }\n }\n\n // Browser-safe env lookup via globalThis. The client package builds without\n // @types/node so referring to `process` directly fails the dts build; reading\n // through globalThis sidesteps that and works in every JS environment that\n // matters (Node, browsers, edge runtimes).\n const proc = (globalThis as { process?: { env?: Record<string, string \| undefined> } }).process\n const cdnBase = proc?.env?.NEXT_PUBLIC_R2_PUBLIC_URL ?? \"https://cdn.distinctstudio.co.nz\"\n const prefix = `flipbooks/${data.tenant_id as string}/${data.id as string}/`\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? manifest.pages.length,\n status: data.status as \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: manifest.pages.map((p) => ({\n url: `${cdnBase}/${prefix}${p.image}`,\n thumb_url: `${cdnBase}/${prefix}${p.thumb}`,\n w: p.w,\n h: p.h,\n })),\n toc: manifest.toc,\n download_url: data.download_enabled\n ? `${options.appUrl ?? \"\"}/api/flipbooks/${data.id as string}/download`\n : null,\n }\n }\n\n return {\n /\n List content items for a content type.\n * Defaults to published items ordered by most recent.\n /\n async getContentItems(\n contentTypeSlug: string,\n options: ContentQueryOptions = {}\n ): Promise<(ContentItem & { locked?: boolean })[]> {\n const contentType = await getContentTypeBySlug(contentTypeSlug)\n\n const {\n status = \"published\",\n orderBy = \"published_at\",\n orderDirection = \"desc\",\n limit = 100,\n offset = 0,\n memberToken,\n } = options\n\n // Check membership access\n const access = await checkMemberAccess(contentType, memberToken)\n\n // If gated and no access, check gating mode\n if (!access.allowed && contentType.required_membership_tier_id) {\n // Get tenant settings for gating mode\n const tenantId = await getTenantId()\n const { data: settings } = await client\n .from(\"tenant_settings\")\n .select(\"membership_gating_mode\")\n .eq(\"tenant_id\", tenantId)\n .single()\n\n const mode = (settings?.membership_gating_mode as string) ?? \"teaser\"\n\n if (mode === \"hide\") {\n return [] // Hide: return nothing\n }\n\n // Teaser mode: return items with locked flag, no body/data\n let query = client\n .from(\"content_items\")\n .select(\"id, title, slug, status, excerpt, seo_title, seo_description, featured_image, published_at, created_at, updated_at\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) query = query.eq(\"status\", status)\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n if (error) throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n\n return (data ?? []).map((item) => ({\n ...item,\n data: {},\n locked: true,\n })) as (ContentItem & { locked: boolean })[]\n }\n\n // Full access\n let query = client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n }\n\n return (data ?? []) as ContentItem[]\n },\n\n /*\n Get a single content item by its slug.\n * Returns null if not found.\n /\n async getContentItemBySlug(\n contentTypeSlug: string,\n itemSlug: string\n ): Promise<ContentItem \| null> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"slug\", itemSlug)\n .single()\n\n if (error) {\n if (error.code === \"PGRST116\") return null // not found\n throw new Error(\n `Failed to fetch ${contentTypeSlug}/${itemSlug}: ${error.message}`\n )\n }\n\n return data as ContentItem\n },\n\n /*\n Get a content type definition (including its field schema).\n /\n async getContentType(contentTypeSlug: string): Promise<ContentType> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n return data as ContentType\n },\n\n /*\n Get all slugs for a content type (for generateStaticParams).\n /\n async getAllSlugs(\n contentTypeSlug: string\n ): Promise<{ slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"slug\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"status\", \"published\")\n\n if (error) {\n throw new Error(\n `Failed to fetch slugs for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { slug: string }[]\n },\n\n /\n List all content types for this tenant.\n /\n async getContentTypes(): Promise<ContentType[]> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .order(\"name\")\n\n if (error) {\n throw new Error(`Failed to fetch content types: ${error.message}`)\n }\n\n return (data ?? []) as ContentType[]\n },\n\n /*\n Get all slug redirects for a content type.\n * Use in next.config.js redirects() or middleware for 301s.\n * Returns: [{ old_slug, new_slug }, ...]\n /\n async getRedirects(\n contentTypeSlug: string\n ): Promise<{ old_slug: string; new_slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"slug_redirects\")\n .select(\"old_slug, new_slug\")\n .eq(\"content_type_id\", contentTypeId)\n\n if (error) {\n throw new Error(\n `Failed to fetch redirects for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { old_slug: string; new_slug: string }[]\n },\n\n /\n Get all custom path redirects for this tenant.\n * Use alongside getRedirects() in next.config.ts for full redirect coverage.\n /\n async getCustomRedirects(): Promise<\n { source_path: string; destination_path: string; permanent: boolean }[]\n > {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"custom_redirects\")\n .select(\"source_path, destination_path, permanent\")\n .eq(\"tenant_id\", tenantId)\n\n if (error) {\n throw new Error(`Failed to fetch custom redirects: ${error.message}`)\n }\n\n return (data ?? []) as {\n source_path: string\n destination_path: string\n permanent: boolean\n }[]\n },\n\n /\n Get form submissions for a specific form.\n * Useful for displaying testimonials, reviews, etc.\n /\n async getFormSubmissions(\n formSlug: string,\n options: { status?: string; limit?: number; offset?: number } = {}\n ): Promise<Record<string, unknown>[]> {\n const tenantId = await getTenantId()\n\n const { data: form } = await client\n .from(\"forms\")\n .select(\"id\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n if (!form) return []\n\n const { limit = 50, offset = 0, status } = options\n\n let query = client\n .from(\"form_submissions\")\n .select(\"\")\n .eq(\"form_id\", form.id)\n .eq(\"is_spam\", false)\n .order(\"created_at\", { ascending: false })\n .range(offset, offset + limit - 1)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n const { data } = await query\n return (data ?? []) as Record<string, unknown>[]\n },\n\n /*\n Get a form configuration by slug.\n /\n async getForm(\n formSlug: string\n ): Promise<Record<string, unknown> \| null> {\n const tenantId = await getTenantId()\n\n const { data } = await client\n .from(\"forms\")\n .select(\"id, name, slug, description, is_active\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n return data as Record<string, unknown> \| null\n },\n\n /\n Get a flipbook by ID, including CDN-resolved page image URLs.\n * Returns null if not found or manifest not yet ready.\n /\n getFlipbook,\n\n /\n Get Google Reviews for this tenant.\n * Defaults to approved reviews ordered by most recent.\n /\n async getReviews(\n options: ReviewQueryOptions = {}\n ): Promise<GoogleReview[]> {\n const tenantId = await getTenantId()\n\n const {\n status = \"approved\",\n minRating,\n limit = 50,\n offset = 0,\n orderBy = \"review_timestamp\",\n orderDirection = \"desc\",\n } = options\n\n let query = client\n .from(\"google_reviews\")\n .select(\"id, author_name, author_photo_url, rating, text, review_timestamp\")\n .eq(\"tenant_id\", tenantId)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n if (minRating) {\n query = query.gte(\"rating\", minRating)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch reviews: ${error.message}`)\n }\n\n return (data ?? []) as GoogleReview[]\n },\n\n /\n Get the tenant's third-party tracking IDs (Google Analytics, Google Tag Manager, Meta Pixel).\n * Each value is null when not configured. These IDs are public and safe to render in HTML.\n \n On Next.js, the result is cached and revalidated every hour by default\n * (`revalidate: 3600`) and tagged with `TRACKING_CONFIG_TAG`. Tenant sites\n * that want zero-lag updates can call `revalidateTag(TRACKING_CONFIG_TAG)`\n * from a webhook. Pass `revalidate: 0` to disable caching, `revalidate: false`\n * to cache indefinitely (tag-only invalidation), or any positive integer\n * (seconds) to override the interval. Outside Next.js the cache hints are\n * silently ignored — every call hits the network.\n /\n async getTrackingConfig(options: TrackingConfigOptions = {}): Promise<TrackingConfig> {\n const { revalidate = 3600, tags = [TRACKING_CONFIG_TAG] } = options\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n // Direct PostgREST fetch (instead of going through supabase-js) so that\n // Next.js sees the request and applies its `next` cache options. RLS\n // restricts the result to the tenant matching `x-cms-api-key`, so no\n // explicit tenant_id filter is needed.\n const url =\n `${supabaseUrl}/rest/v1/tenant_settings` +\n `?select=google_analytics_id,google_tag_manager_id,google_ads_id,meta_pixel_id&limit=1`\n\n const init: RequestInit & { next?: { revalidate?: number \| false; tags?: string[] } } = {\n headers: {\n apikey: supabaseKey,\n Authorization: `Bearer ${supabaseKey}`,\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n Accept: \"application/json\",\n },\n next: { revalidate, tags },\n }\n\n let row: {\n google_analytics_id: string \| null\n google_tag_manager_id: string \| null\n google_ads_id: string \| null\n meta_pixel_id: string \| null\n } \| undefined\n\n try {\n const res = await fetch(url, init as RequestInit)\n if (res.ok) {\n const rows = (await res.json()) as Array<typeof row>\n row = rows?.[0]\n }\n } catch {\n // Network errors fall through to the all-null result so a transient\n // outage on the CMS never breaks page renders on the tenant site.\n }\n\n return {\n googleAnalyticsId: nullify(row?.google_analytics_id),\n googleTagManagerId: nullify(row?.google_tag_manager_id),\n googleAdsId: nullify(row?.google_ads_id),\n metaPixelId: nullify(row?.meta_pixel_id),\n }\n },\n }\n}\n\n/\n Cache tag applied to `getTrackingConfig()` fetches on Next.js. Call\n * `revalidateTag(TRACKING_CONFIG_TAG)` from a webhook handler on the tenant\n * site to make tracking-ID changes take effect immediately rather than\n * waiting for the next revalidation interval.\n /\nexport const TRACKING_CONFIG_TAG = \"cms:tracking-config\"\n\nexport interface TrackingConfigOptions {\n /\n Cache lifetime for the underlying fetch on Next.js, in seconds.\n * Defaults to 3600 (one hour). Set to `0` to disable caching, or `false`\n * to cache indefinitely until the tag is revalidated. Ignored outside\n * Next.js runtimes.\n /\n revalidate?: number \| false\n /\n Cache tags for the underlying fetch on Next.js. Defaults to\n * `[TRACKING_CONFIG_TAG]`. Override to namespace by tenant if you share a\n * single Next.js process across multiple tenants (uncommon).\n /\n tags?: string[]\n}\n\nfunction nullify(v: string \| null \| undefined): string \| null {\n if (!v) return null\n const trimmed = v.trim()\n return trimmed.length > 0 ? trimmed : null\n}\n\nexport interface TrackingConfig {\n googleAnalyticsId: string \| null\n googleTagManagerId: string \| null\n googleAdsId: string \| null\n metaPixelId: string \| null\n}\n\n/\n Creates a new Supabase client that includes the `x-cms-api-key`\n * header in every request, using the same URL and key as the original.\n /\nfunction withApiKey(supabase: SupabaseClient, apiKey: string) {\n // Extract URL and key from the existing client\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n return createSupabaseClient(supabaseUrl, supabaseKey, {\n global: {\n headers: {\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n },\n })\n}\n","import { CMS_CLIENT_VERSION } from \"./version\"\n\n/\n Reports the running SDK version to the CMS so the Super Admin UI can show\n * which client version each tenant site is on.\n \n Day-granular and process-local: at most one POST per (api key + day) per\n * Node process. Calls from browser code are ignored — the API key would be\n * exposed and the data is redundant with server-side reports.\n \n Fire-and-forget. Failures are silent — telemetry must never break a render.\n /\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\ninterface ReportRecord {\n date: string // YYYY-MM-DD\n version: string\n}\n\nconst reported = new Map<string, ReportRecord>()\n\nfunction todayKey(): string {\n return new Date().toISOString().slice(0, 10)\n}\n\nexport function reportClientVersion(apiKey: string, appUrl?: string): void {\n // Skip in browser contexts — server-side calls already cover the tenant.\n if (typeof window !== \"undefined\") return\n if (!apiKey) return\n\n const today = todayKey()\n const last = reported.get(apiKey)\n if (last && last.date === today && last.version === CMS_CLIENT_VERSION) return\n\n // Optimistically mark as reported so concurrent calls don't all fire. If the\n // request fails we'll retry tomorrow — that's acceptable for telemetry.\n reported.set(apiKey, { date: today, version: CMS_CLIENT_VERSION })\n\n const envAppUrl =\n typeof process !== \"undefined\" ? process.env?.NEXT_PUBLIC_CMS_URL : undefined\n const base = (appUrl ?? envAppUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n const url = `${base}/api/client-telemetry`\n\n // Fire and forget. Use a hand-rolled then() chain rather than async/await so\n // we don't accidentally surface an unhandled rejection.\n void fetch(url, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n body: JSON.stringify({\n api_key: apiKey,\n version: CMS_CLIENT_VERSION,\n }),\n }).catch(() => {\n // Allow a retry on the next call by clearing the optimistic record.\n reported.delete(apiKey)\n })\n}\n","import type { EmbedValue } from \"./types\"\n\nfunction toCssAspectRatio(ratio: string): string {\n const parts = ratio.split(\":\")\n if (parts.length !== 2) return \"16/9\"\n const w = parseFloat(parts[0])\n const h = parseFloat(parts[1])\n if (!w \|\| !h \|\| w <= 0 \|\| h <= 0) return \"16/9\"\n return `${w}/${h}`\n}\n\n/\n Generate responsive iframe HTML for an embed field value.\n * Returns an empty string if the value is invalid or the URL is not HTTPS.\n /\nexport function getEmbedHtml(value: unknown): string {\n if (!value \|\| typeof value !== \"object\") return \"\"\n const embed = value as EmbedValue\n if (!embed.url \|\| !embed.url.startsWith(\"https://\")) return \"\"\n\n const width = embed.width \|\| \"100%\"\n const aspectRatio = toCssAspectRatio(embed.aspect_ratio \|\| \"16:9\")\n\n return `<div style=\"position:relative;width:${width};aspect-ratio:${aspectRatio}\"><iframe src=\"${embed.url}\" style=\"position:absolute;inset:0;width:100%;height:100%\" frameborder=\"0\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox\" allowfullscreen loading=\"lazy\"></iframe></div>`\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n Product,\n ProductCategory,\n ProductQueryOptions,\n CreateOrderParams,\n CreateOrderResult,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\nexport interface ShopClientOptions {\n /* Tenant API key (UUID). Sent as `x-cms-api-key` on every request. /\n apiKey: string\n /* CMS app base URL. Defaults to `https://cms.distinctstudio.co.nz`. /\n appUrl?: string\n}\n\n/\n Creates a typed client for the eCommerce REST API (products, categories, orders).\n \n Unlike `createCmsClient`, the shop client talks to the CMS REST endpoints\n * (`/api/products`, `/api/product-categories`, `/api/orders/create`) rather than\n * Supabase directly — it doesn't need the `supabase` argument, but accepts it\n * for API symmetry with the rest of the SDK.\n \n Usage:\n * ```ts\n * const shop = createShopClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const products = await shop.getProducts({ category: \"electronics\", limit: 20 })\n * ```\n /\nexport function createShopClient(\n _supabase: SupabaseClient,\n options: ShopClientOptions\n) {\n const { apiKey } = options\n const appUrl = (options.appUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n function authHeaders(): HeadersInit {\n return {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n }\n }\n\n async function getJson<T>(path: string): Promise<T> {\n const res = await fetch(`${appUrl}${path}`, {\n headers: authHeaders(),\n // Caller controls Next.js caching by wrapping the call site.\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(\n body.error ?? `Shop request failed (${res.status}): ${path}`\n )\n }\n return res.json() as Promise<T>\n }\n\n return {\n /\n List published products. Includes nested `variants` and `options`.\n \n `category` filters by category slug (matches the FK `category_id`,\n * with a fallback to the legacy `category` text column).\n /\n async getProducts(queryOptions: ProductQueryOptions = {}): Promise<Product[]> {\n const params = new URLSearchParams()\n if (queryOptions.category) params.set(\"category\", queryOptions.category)\n if (queryOptions.tags?.length) params.set(\"tags\", queryOptions.tags.join(\",\"))\n if (queryOptions.limit) params.set(\"limit\", String(queryOptions.limit))\n if (queryOptions.offset) params.set(\"offset\", String(queryOptions.offset))\n if (queryOptions.sort) params.set(\"sort\", queryOptions.sort)\n if (queryOptions.order) params.set(\"order\", queryOptions.order)\n\n const qs = params.toString()\n const { products } = await getJson<{ products: Product[] }>(\n `/api/products${qs ? `?${qs}` : \"\"}`\n )\n return products ?? []\n },\n\n /\n Get a single published product by slug. Returns null if not found.\n * Includes nested `variants` and `options`.\n /\n async getProductBySlug(slug: string): Promise<Product \| null> {\n const res = await fetch(`${appUrl}/api/products/${encodeURIComponent(slug)}`, {\n headers: authHeaders(),\n })\n if (res.status === 404) return null\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? `Failed to fetch product ${slug}`)\n }\n const { product } = (await res.json()) as { product: Product }\n return product ?? null\n },\n\n /\n List product categories for the tenant, ordered by sort_order then name.\n /\n async getCategories(): Promise<ProductCategory[]> {\n const { categories } = await getJson<{ categories: ProductCategory[] }>(\n `/api/product-categories`\n )\n return categories ?? []\n },\n\n /\n Get a single category by slug. Returns null if not found.\n /\n async getCategoryBySlug(slug: string): Promise<ProductCategory \| null> {\n const all = await this.getCategories()\n return all.find((c) => c.slug === slug) ?? null\n },\n\n /\n Create a pending order and return a Stripe PaymentIntent client_secret\n * to confirm payment client-side.\n \n Stripe must be configured for the tenant; eCommerce must be enabled on\n * their billing plan. Validates stock for tracked variants and applies\n * any discount code before creating the PaymentIntent.\n /\n async createOrder(params: CreateOrderParams): Promise<CreateOrderResult> {\n const res = await fetch(`${appUrl}/api/orders/create`, {\n method: \"POST\",\n headers: authHeaders(),\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? \"Order creation failed\")\n }\n return res.json() as Promise<CreateOrderResult>\n },\n }\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport { reportClientVersion } from \"./telemetry\"\n\nexport type EventStatus = \"draft\" \| \"published\" \| \"archived\"\nexport type BookingStatus = \"pending\" \| \"confirmed\" \| \"cancelled\" \| \"refunded\"\n\nexport interface CmsEvent {\n id: string\n tenant_id: string\n title: string\n slug: string\n description: string \| null\n short_description: string \| null\n status: EventStatus\n start_at: string\n end_at: string \| null\n venue_name: string \| null\n venue_address: string \| null\n hero_image: string \| null\n gallery: string[]\n tags: string[]\n seo_title: string \| null\n seo_description: string \| null\n metadata: Record<string, unknown>\n sort_order: number\n published_at: string \| null\n created_at: string\n updated_at: string\n}\n\nexport interface CmsTicketTier {\n id: string\n event_id: string\n tenant_id: string\n name: string\n description: string \| null\n price_cents: number\n capacity: number \| null\n sold_count: number\n sales_start_at: string \| null\n sales_end_at: string \| null\n is_active: boolean\n sort_order: number\n}\n\nexport interface EventWithTiers extends CmsEvent {\n tiers: CmsTicketTier[]\n}\n\nexport interface EventQueryOptions {\n /* Only include events with start_at >= now. Default false. /\n upcomingOnly?: boolean\n tag?: string\n limit?: number\n offset?: number\n sort?: \"start_at\" \| \"sort_order\" \| \"created_at\"\n order?: \"asc\" \| \"desc\"\n}\n\nexport interface CreateBookingParams {\n event_slug: string\n ticket_tier_id?: string\n customer_email: string\n customer_name?: string\n customer_phone?: string\n quantity?: number\n success_url?: string\n cancel_url?: string\n metadata?: Record<string, unknown>\n}\n\nexport interface CreateBookingResult {\n booking_id: string\n booking_number: string\n status: \"pending\" \| \"confirmed\"\n /* Redirect the browser here for paid bookings. /\n checkout_url?: string\n /* Present on free bookings — used for attendance QR display. /\n qr_token?: string\n}\n\nexport function createEventsClient(\n supabase: SupabaseClient,\n options: { apiKey: string; appUrl?: string }\n) {\n const { apiKey, appUrl } = options\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n async function getEvents(\n queryOptions?: EventQueryOptions\n ): Promise<EventWithTiers[]> {\n let query = supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"status\", \"published\")\n .order(queryOptions?.sort ?? \"start_at\", {\n ascending: (queryOptions?.order ?? \"asc\") === \"asc\",\n })\n\n if (queryOptions?.upcomingOnly) {\n query = query.gte(\"start_at\", new Date().toISOString())\n }\n if (queryOptions?.tag) {\n query = query.contains(\"tags\", [queryOptions.tag])\n }\n if (queryOptions?.limit) {\n query = query.limit(queryOptions.limit)\n }\n if (queryOptions?.offset) {\n query = query.range(\n queryOptions.offset,\n queryOptions.offset + (queryOptions.limit ?? 50) - 1\n )\n }\n\n const { data } = await query\n return (data ?? []) as EventWithTiers[]\n }\n\n async function getEventBySlug(slug: string): Promise<EventWithTiers \| null> {\n const { data } = await supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"slug\", slug)\n .eq(\"status\", \"published\")\n .single()\n return (data as EventWithTiers) ?? null\n }\n\n async function createBooking(\n params: CreateBookingParams\n ): Promise<CreateBookingResult> {\n const baseUrl = appUrl ?? \"\"\n const res = await fetch(`${baseUrl}/api/bookings/create`, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const err = await res\n .json()\n .catch(() => ({ error: \"Booking creation failed\" }))\n throw new Error(err.error ?? \"Booking creation failed\")\n }\n return res.json() as Promise<CreateBookingResult>\n }\n\n return { getEvents, getEventBySlug, createBooking }\n}\n","/\n Image helpers for CMS content.\n \n Images are already optimised (WebP, max 2400px) on upload.\n * No server-side transforms needed — serve originals directly.\n \n These functions are kept for backward compatibility but no longer\n * call Supabase image transformation endpoints.\n /\n\nexport interface ImageTransformOptions {\n width?: number\n height?: number\n quality?: number\n resize?: \"contain\" \| \"cover\" \| \"fill\"\n format?: \"origin\"\n}\n\n/\n Returns the image URL directly.\n \n Previously this converted URLs to use Supabase's /render/image/\n * transform endpoint, but images are now pre-optimised on upload\n * (WebP, max 2400px, quality 82) so transforms are unnecessary.\n \n The function is kept for backward compatibility — existing code\n * that calls getTransformUrl() will continue to work without changes.\n /\nexport function getTransformUrl(\n originalUrl: string,\n _options: ImageTransformOptions = {}\n): string {\n return originalUrl\n}\n\n/\n Returns a simple srcSet using the original image.\n \n Previously generated multiple transformed widths, but since images\n * are now pre-optimised WebP, a single source is sufficient.\n * Modern browsers handle responsive display efficiently with a\n * well-sized WebP source.\n /\nexport function getSrcSet(\n originalUrl: string,\n _widths: number[] = [],\n _quality = 80\n): string {\n return `${originalUrl} 2400w`\n}\n\n/\n Common image size presets — kept for backward compatibility.\n * Since images are pre-optimised, these are informational only.\n /\nexport const IMAGE_PRESETS = {\n thumbnail: { width: 150, height: 150, resize: \"cover\" as const, quality: 70 },\n card: { width: 400, height: 300, resize: \"cover\" as const, quality: 80 },\n hero: { width: 1200, height: 630, resize: \"cover\" as const, quality: 85 },\n og: { width: 1200, height: 630, resize: \"cover\" as const, quality: 90 },\n avatar: { width: 80, height: 80, resize: \"cover\" as const, quality: 75 },\n full: { width: 1920, resize: \"contain\" as const, quality: 85 },\n} as const\n","/\n Helpers for verifying outbound webhooks fired by the CMS.\n \n The CMS POSTs JSON to subscriber URLs and signs the raw body with\n * HMAC-SHA256 using the shared secret you set in the Webhooks tab. The hex\n * digest arrives in the `X-CMS-Signature` header.\n \n Use Web Crypto so this works in Node, Edge, Deno, and Bun runtimes.\n /\n\nexport interface WebhookEventPayload {\n event: string\n tenant_id: string\n content_type_slug?: string\n content_item_id?: string\n slug?: string\n title?: string\n status?: string\n /* Stable identifier of the resource that changed (e.g. product id, flipbook id, integration provider). /\n resource_id?: string\n /\n Cache tags the receiver should invalidate. Use {@link revalidateAllTags}\n * to wire this through Next.js's `revalidateTag()` in one line.\n * All tags are namespaced with the `cms:` prefix.\n /\n cache_tags?: string[]\n /* Free-form bag for event-specific extras (e.g. provider name, change counts). /\n data?: Record<string, unknown>\n timestamp: string\n /* Commerce + custom events may attach extra top-level fields. /\n [key: string]: unknown\n}\n\n/\n Verify the HMAC-SHA256 signature on a webhook delivery.\n \n Pass the raw request body (not a parsed JSON object) — re-stringifying\n * a parsed body can change whitespace and invalidate the signature.\n \n Returns `true` when the signature matches in constant time, `false`\n * otherwise. Never throws on a bad signature; only throws if the\n * `crypto.subtle` API is unavailable in the runtime.\n \n @example\n * const raw = await req.text()\n * const sig = req.headers.get(\"x-cms-signature\")\n * if (!await verifyWebhookSignature(process.env.CMS_WEBHOOK_SECRET!, raw, sig)) {\n * return new Response(\"bad signature\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n /\nexport async function verifyWebhookSignature(\n secret: string,\n rawBody: string,\n signature: string \| null \| undefined\n): Promise<boolean> {\n if (!signature \|\| !secret) return false\n\n const subtle = (globalThis.crypto && globalThis.crypto.subtle) \|\| null\n if (!subtle) {\n throw new Error(\n \"verifyWebhookSignature requires the Web Crypto API (globalThis.crypto.subtle). \" +\n \"Available in Node 18+, all Edge runtimes, Deno, and Bun.\"\n )\n }\n\n const encoder = new TextEncoder()\n const key = await subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n )\n const sigBuffer = await subtle.sign(\"HMAC\", key, encoder.encode(rawBody))\n const expected = bufferToHex(sigBuffer)\n\n return timingSafeEqualHex(expected, signature.trim())\n}\n\n/\n The webhook event names the CMS can fire. Use as a discriminator on the\n * `event` field of {@link WebhookEventPayload}.\n \n Most receivers don't need to switch on the event name — every payload\n * carries a `cache_tags` array. Pass it to {@link revalidateAllTags} to\n * invalidate the right Next.js caches in one line.\n /\nexport const WEBHOOK_EVENTS = [\n // Content\n \"content.published\",\n \"content.unpublished\",\n \"content.updated\",\n \"content.deleted\",\n \"content_type.updated\",\n \"content_type.deleted\",\n // Settings (diffed — only fires when a relevant field actually changed)\n \"settings.tracking_updated\",\n \"settings.brand_updated\",\n \"settings.integration_updated\",\n // Commerce\n \"products.updated\",\n \"product_categories.updated\",\n \"ticket_tiers.updated\",\n \"membership_tiers.updated\",\n \"order.created\",\n \"order.paid\",\n \"order.payment_failed\",\n \"order.refunded\",\n \"order.shipped\",\n \"booking.confirmed\",\n \"inventory.low_stock\",\n // Site\n \"redirects.updated\",\n \"reviews.synced\",\n \"flipbook.ready\",\n] as const\n\nexport type WebhookEvent = (typeof WEBHOOK_EVENTS)[number]\n\n/\n Invalidate every cache tag listed in a webhook payload. Call this from your\n * receiver and most events will Just Work without per-event branching.\n \n Pass Next.js's `revalidateTag` (or any function with the same shape) — the\n * SDK has no peer dep on `next/cache`, so the import stays in your code.\n \n Next 16 compatibility. In Next 16, `revalidateTag(tag)` was made into\n * `revalidateTag(tag, profile)`, and calling it with one argument emits a\n * deprecation warning. The cache profile controls expiry — `\"default\"` and\n * `\"max\"` both have non-zero `expire` values and will not invalidate the\n * cache. Immediate invalidation requires `{ expire: 0 }`, which isn't\n * documented in the function reference. This helper always passes\n * `{ expire: 0 }` as the second argument, so it does the right thing on Next 16\n * and is silently ignored by Next 14/15.\n \n @example\n * import { revalidateTag } from \"next/cache\"\n * import { revalidateAllTags } from \"@distinctagency/cms-client\"\n \n export async function POST(req: Request) {\n * const raw = await req.text()\n * if (!await verifyWebhookSignature(SECRET, raw, req.headers.get(\"x-cms-signature\"))) {\n * return new Response(\"bad sig\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n * revalidateAllTags(payload, revalidateTag)\n * return Response.json({ ok: true })\n * }\n /\nexport function revalidateAllTags(\n payload: Pick<WebhookEventPayload, \"cache_tags\">,\n revalidateTag: (tag: string, profile: { expire?: number }) => unknown\n): string[] {\n const tags = payload.cache_tags\n if (!Array.isArray(tags) \|\| tags.length === 0) return []\n const invalidated: string[] = []\n for (const tag of tags) {\n if (typeof tag !== \"string\" \|\| tag.length === 0) continue\n revalidateTag(tag, { expire: 0 })\n invalidated.push(tag)\n }\n return invalidated\n}\n\nfunction bufferToHex(buf: ArrayBuffer): string {\n const bytes = new Uint8Array(buf)\n let out = \"\"\n for (let i = 0; i < bytes.length; i++) {\n out += bytes[i].toString(16).padStart(2, \"0\")\n }\n return out\n}\n\n/\n Constant-time equality check on two hex strings. Returns false fast when\n * lengths differ — the length itself is not secret.\n */\nfunction timingSafeEqualHex(a: string, b: string): boolean {\n if (a.length !== b.length) return false\n let mismatch = 0\n for (let i = 0; i < a.length; i++) {\n mismatch \|= a.charCodeAt(i) ^ b.charCodeAt(i)\n }\n return mismatch === 0\n}\n"],"mappings":";AAOO,IAAM,qBAAqB;;;ACPlC,SAAS,gBAAgB,4BAA4B;;;ACarD,IAAM,kBAAkB;AAOxB,IAAM,WAAW,oBAAI,IAA0B;AAE/C,SAAS,WAAmB;AAC1B,UAAO,oBAAI,KAAK,GAAE,YAAY,EAAE,MAAM,GAAG,EAAE;AAC7C;AAEO,SAAS,oBAAoB,QAAgB,QAAuB;AAEzE,MAAI,OAAO,WAAW,YAAa;AACnC,MAAI,CAAC,OAAQ;AAEb,QAAM,QAAQ,SAAS;AACvB,QAAM,OAAO,SAAS,IAAI,MAAM;AAChC,MAAI,QAAQ,KAAK,SAAS,SAAS,KAAK,YAAY,mBAAoB;AAIxE,WAAS,IAAI,QAAQ,EAAE,MAAM,OAAO,SAAS,mBAAmB,CAAC;AAEjE,QAAM,YACJ,OAAO,YAAY,cAAc,QAAQ,KAAK,sBAAsB;AACtE,QAAM,QAAQ,UAAU,aAAa,iBAAiB,QAAQ,OAAO,EAAE;AACvE,QAAM,MAAM,GAAG,IAAI;AAInB,OAAK,MAAM,KAAK;AAAA,IACd,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,IACA,MAAM,KAAK,UAAU;AAAA,MACnB,SAAS;AAAA,MACT,SAAS;AAAA,IACX,CAAC;AAAA,EACH,CAAC,EAAE,MAAM,MAAM;AAEb,aAAS,OAAO,MAAM;AAAA,EACxB,CAAC;AACH;;;ADpCO,SAAS,gBACd,UACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AAGnB,QAAM,SAAS,WAAW,UAAU,MAAM;AAG1C,sBAAoB,QAAQ,QAAQ,MAAM;AAG1C,MAAI,gBAA+B;AAEnC,iBAAe,cAA+B;AAC5C,QAAI,cAAe,QAAO;AAE1B,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,SAAS,EACd,OAAO,IAAI,EACX,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,oBAAgB,KAAK;AACrB,WAAO,KAAK;AAAA,EACd;AAGA,QAAM,mBAAmB,oBAAI,IAAyB;AAEtD,iBAAe,qBAAqB,iBAA+C;AACjF,QAAI,iBAAiB,IAAI,eAAe,EAAG,QAAO,iBAAiB,IAAI,eAAe;AACtF,UAAM,WAAW,MAAM,YAAY;AAEnC,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,IAC9D;AAEA,UAAM,KAAK;AACX,qBAAiB,IAAI,iBAAiB,EAAE;AACxC,WAAO;AAAA,EACT;AAEA,iBAAe,iBAAiB,iBAA0C;AACxE,UAAM,KAAK,MAAM,qBAAqB,eAAe;AACrD,WAAO,GAAG;AAAA,EACZ;AAGA,iBAAe,kBACb,aACA,aAC4D;AAC5D,UAAM,iBAAiB,YAAY;AACnC,QAAI,CAAC,eAAgB,QAAO,EAAE,SAAS,MAAM,cAAc,KAAK;AAEhE,QAAI,CAAC,YAAa,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAG9D,UAAM,EAAE,MAAM,QAAQ,IAAI,MAAM,OAC7B,KAAK,iBAAiB,EACtB,OAAO,WAAW,EAClB,GAAG,cAAc,WAAW,EAC5B,OAAO;AAEV,QAAI,CAAC,QAAS,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAE1D,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,OAC5B,KAAK,SAAS,EACd,OAAO,4BAA4B,EACnC,GAAG,MAAM,QAAQ,SAAS,EAC1B,OAAO;AAEV,QAAI,CAAC,UAAU,OAAO,WAAW,SAAU,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAIvF,WAAO;AAAA,MACL,SAAS,OAAO,uBAAuB;AAAA,MACvC,cAAc,OAAO;AAAA,IACvB;AAAA,EACF;AAEA,iBAAe,YAAY,IAA8D;AACvF,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,WAAW,EAChB,OAAO,sEAAsE,EAC7E,GAAG,MAAM,EAAE,EACX,OAAO;AACV,QAAI,SAAS,CAAC,KAAM,QAAO;AAE3B,UAAM,WAAW,KAAK;AAGtB,QAAI,CAAC,UAAU;AACb,aAAO;AAAA,QACL,IAAI,KAAK;AAAA,QACT,OAAO,KAAK;AAAA,QACZ,YAAa,KAAK,cAAyB;AAAA,QAC3C,QAAQ,KAAK;AAAA,QACb,aAAa,CAAC;AAAA,QACd,KAAK,CAAC;AAAA,QACN,cAAc;AAAA,MAChB;AAAA,IACF;AAMA,UAAM,OAAQ,WAA0E;AACxF,UAAM,UAAU,MAAM,KAAK,6BAA6B;AACxD,UAAM,SAAS,aAAa,KAAK,SAAmB,IAAI,KAAK,EAAY;AACzE,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,YAAa,KAAK,cAAyB,SAAS,MAAM;AAAA,MAC1D,QAAQ,KAAK;AAAA,MACb,aAAa,SAAS,MAAM,IAAI,CAAC,OAAO;AAAA,QACtC,KAAK,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACnC,WAAW,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACzC,GAAG,EAAE;AAAA,QACL,GAAG,EAAE;AAAA,MACP,EAAE;AAAA,MACF,KAAK,SAAS;AAAA,MACd,cAAc,KAAK,mBACf,GAAG,QAAQ,UAAU,EAAE,kBAAkB,KAAK,EAAY,cAC1D;AAAA,IACN;AAAA,EACF;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA,IAKL,MAAM,gBACJ,iBACAA,WAA+B,CAAC,GACiB;AACjD,YAAM,cAAc,MAAM,qBAAqB,eAAe;AAE9D,YAAM;AAAA,QACJ,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,QACjB,QAAQ;AAAA,QACR,SAAS;AAAA,QACT;AAAA,MACF,IAAIA;AAGJ,YAAM,SAAS,MAAM,kBAAkB,aAAa,WAAW;AAG/D,UAAI,CAAC,OAAO,WAAW,YAAY,6BAA6B;AAE9D,cAAM,WAAW,MAAM,YAAY;AACnC,cAAM,EAAE,MAAM,SAAS,IAAI,MAAM,OAC9B,KAAK,iBAAiB,EACtB,OAAO,wBAAwB,EAC/B,GAAG,aAAa,QAAQ,EACxB,OAAO;AAEV,cAAM,OAAQ,UAAU,0BAAqC;AAE7D,YAAI,SAAS,QAAQ;AACnB,iBAAO,CAAC;AAAA,QACV;AAGA,YAAIC,SAAQ,OACT,KAAK,eAAe,EACpB,OAAO,oHAAoH,EAC3H,GAAG,mBAAmB,YAAY,EAAE;AAEvC,YAAI,OAAQ,CAAAA,SAAQA,OAAM,GAAG,UAAU,MAAM;AAC7C,QAAAA,SAAQA,OACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,cAAM,EAAE,MAAAC,OAAM,OAAAC,OAAM,IAAI,MAAMF;AAC9B,YAAIE,OAAO,OAAM,IAAI,MAAM,mBAAmB,eAAe,KAAKA,OAAM,OAAO,EAAE;AAEjF,gBAAQD,SAAQ,CAAC,GAAG,IAAI,CAAC,UAAU;AAAA,UACjC,GAAG;AAAA,UACH,MAAM,CAAC;AAAA,UACP,QAAQ;AAAA,QACV,EAAE;AAAA,MACJ;AAGA,UAAI,QAAQ,OACT,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,YAAY,EAAE;AAEvC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,mBAAmB,eAAe,KAAK,MAAM,OAAO,EAAE;AAAA,MACxE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBACJ,iBACA,UAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,aAAa,EACnC,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,OAAO;AACT,YAAI,MAAM,SAAS,WAAY,QAAO;AACtC,cAAM,IAAI;AAAA,UACR,mBAAmB,eAAe,IAAI,QAAQ,KAAK,MAAM,OAAO;AAAA,QAClE;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,eAAe,iBAA+C;AAClE,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,UAAI,SAAS,CAAC,MAAM;AAClB,cAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,MAC9D;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,YACJ,iBAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,MAAM,EACb,GAAG,mBAAmB,aAAa,EACnC,GAAG,UAAU,WAAW;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,6BAA6B,eAAe,KAAK,MAAM,OAAO;AAAA,QAChE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAA0C;AAC9C,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,MAAM,MAAM;AAEf,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,kCAAkC,MAAM,OAAO,EAAE;AAAA,MACnE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAM,aACJ,iBACmD;AACnD,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,gBAAgB,EACrB,OAAO,oBAAoB,EAC3B,GAAG,mBAAmB,aAAa;AAEtC,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,iCAAiC,eAAe,KAAK,MAAM,OAAO;AAAA,QACpE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBAEJ;AACA,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,kBAAkB,EACvB,OAAO,0CAA0C,EACjD,GAAG,aAAa,QAAQ;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,qCAAqC,MAAM,OAAO,EAAE;AAAA,MACtE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IAKnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,mBACJ,UACAF,WAAgE,CAAC,GAC7B;AACpC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,KAAK,IAAI,MAAM,OAC1B,KAAK,OAAO,EACZ,OAAO,IAAI,EACX,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,CAAC,KAAM,QAAO,CAAC;AAEnB,YAAM,EAAE,QAAQ,IAAI,SAAS,GAAG,OAAO,IAAIA;AAE3C,UAAI,QAAQ,OACT,KAAK,kBAAkB,EACvB,OAAO,GAAG,EACV,GAAG,WAAW,KAAK,EAAE,EACrB,GAAG,WAAW,KAAK,EACnB,MAAM,cAAc,EAAE,WAAW,MAAM,CAAC,EACxC,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,YAAM,EAAE,KAAK,IAAI,MAAM;AACvB,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,QACJ,UACyC;AACzC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,KAAK,IAAI,MAAM,OACpB,KAAK,OAAO,EACZ,OAAO,wCAAwC,EAC/C,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,WACJA,WAA8B,CAAC,GACN;AACzB,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM;AAAA,QACJ,SAAS;AAAA,QACT;AAAA,QACA,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,MACnB,IAAIA;AAEJ,UAAI,QAAQ,OACT,KAAK,gBAAgB,EACrB,OAAO,mEAAmE,EAC1E,GAAG,aAAa,QAAQ;AAE3B,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,UAAI,WAAW;AACb,gBAAQ,MAAM,IAAI,UAAU,SAAS;AAAA,MACvC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,4BAA4B,MAAM,OAAO,EAAE;AAAA,MAC7D;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,kBAAkBA,WAAiC,CAAC,GAA4B;AACpF,YAAM,EAAE,aAAa,MAAM,OAAO,CAAC,mBAAmB,EAAE,IAAIA;AAC5D,YAAM,cAAe,SAAgD;AACrE,YAAM,cAAe,SAAgD;AAMrE,YAAM,MACJ,GAAG,WAAW;AAGhB,YAAM,OAAkF;AAAA,QACtF,SAAS;AAAA,UACP,QAAQ;AAAA,UACR,eAAe,UAAU,WAAW;AAAA,UACpC,iBAAiB;AAAA,UACjB,wBAAwB;AAAA,UACxB,QAAQ;AAAA,QACV;AAAA,QACA,MAAM,EAAE,YAAY,KAAK;AAAA,MAC3B;AAEA,UAAI;AAOJ,UAAI;AACF,cAAM,MAAM,MAAM,MAAM,KAAK,IAAmB;AAChD,YAAI,IAAI,IAAI;AACV,gBAAM,OAAQ,MAAM,IAAI,KAAK;AAC7B,gBAAM,OAAO,CAAC;AAAA,QAChB;AAAA,MACF,QAAQ;AAAA,MAGR;AAEA,aAAO;AAAA,QACL,mBAAmB,QAAQ,KAAK,mBAAmB;AAAA,QACnD,oBAAoB,QAAQ,KAAK,qBAAqB;AAAA,QACtD,aAAa,QAAQ,KAAK,aAAa;AAAA,QACvC,aAAa,QAAQ,KAAK,aAAa;AAAA,MACzC;AAAA,IACF;AAAA,EACF;AACF;AAQO,IAAM,sBAAsB;AAkBnC,SAAS,QAAQ,GAA6C;AAC5D,MAAI,CAAC,EAAG,QAAO;AACf,QAAM,UAAU,EAAE,KAAK;AACvB,SAAO,QAAQ,SAAS,IAAI,UAAU;AACxC;AAaA,SAAS,WAAW,UAA0B,QAAgB;AAE5D,QAAM,cAAe,SAAgD;AACrE,QAAM,cAAe,SAAgD;AAErE,SAAO,qBAAqB,aAAa,aAAa;AAAA,IACpD,QAAQ;AAAA,MACN,SAAS;AAAA,QACP,iBAAiB;AAAA,QACjB,wBAAwB;AAAA,MAC1B;AAAA,IACF;AAAA,EACF,CAAC;AACH;;;AEnmBA,SAAS,iBAAiB,OAAuB;AAC/C,QAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,MAAI,MAAM,WAAW,EAAG,QAAO;AAC/B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,MAAI,CAAC,KAAK,CAAC,KAAK,KAAK,KAAK,KAAK,EAAG,QAAO;AACzC,SAAO,GAAG,CAAC,IAAI,CAAC;AAClB;AAMO,SAAS,aAAa,OAAwB;AACnD,MAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAChD,QAAM,QAAQ;AACd,MAAI,CAAC,MAAM,OAAO,CAAC,MAAM,IAAI,WAAW,UAAU,EAAG,QAAO;AAE5D,QAAM,QAAQ,MAAM,SAAS;AAC7B,QAAM,cAAc,iBAAiB,MAAM,gBAAgB,MAAM;AAEjE,SAAO,uCAAuC,KAAK,iBAAiB,WAAW,kBAAkB,MAAM,GAAG;AAC5G;;;ACbA,IAAMI,mBAAkB;AAuBjB,SAAS,iBACd,WACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,QAAM,UAAU,QAAQ,UAAUA,kBAAiB,QAAQ,OAAO,EAAE;AAGpE,sBAAoB,QAAQ,MAAM;AAElC,WAAS,cAA2B;AAClC,WAAO;AAAA,MACL,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,EACF;AAEA,iBAAe,QAAW,MAA0B;AAClD,UAAM,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,IAAI,IAAI;AAAA,MAC1C,SAAS,YAAY;AAAA;AAAA,IAEvB,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,YAAM,IAAI;AAAA,QACR,KAAK,SAAS,wBAAwB,IAAI,MAAM,MAAM,IAAI;AAAA,MAC5D;AAAA,IACF;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOL,MAAM,YAAY,eAAoC,CAAC,GAAuB;AAC5E,YAAM,SAAS,IAAI,gBAAgB;AACnC,UAAI,aAAa,SAAU,QAAO,IAAI,YAAY,aAAa,QAAQ;AACvE,UAAI,aAAa,MAAM,OAAQ,QAAO,IAAI,QAAQ,aAAa,KAAK,KAAK,GAAG,CAAC;AAC7E,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,OAAO,aAAa,KAAK,CAAC;AACtE,UAAI,aAAa,OAAQ,QAAO,IAAI,UAAU,OAAO,aAAa,MAAM,CAAC;AACzE,UAAI,aAAa,KAAM,QAAO,IAAI,QAAQ,aAAa,IAAI;AAC3D,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,aAAa,KAAK;AAE9D,YAAM,KAAK,OAAO,SAAS;AAC3B,YAAM,EAAE,SAAS,IAAI,MAAM;AAAA,QACzB,gBAAgB,KAAK,IAAI,EAAE,KAAK,EAAE;AAAA,MACpC;AACA,aAAO,YAAY,CAAC;AAAA,IACtB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,iBAAiB,MAAuC;AAC5D,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,iBAAiB,mBAAmB,IAAI,CAAC,IAAI;AAAA,QAC5E,SAAS,YAAY;AAAA,MACvB,CAAC;AACD,UAAI,IAAI,WAAW,IAAK,QAAO;AAC/B,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,2BAA2B,IAAI,EAAE;AAAA,MACjE;AACA,YAAM,EAAE,QAAQ,IAAK,MAAM,IAAI,KAAK;AACpC,aAAO,WAAW;AAAA,IACpB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,gBAA4C;AAChD,YAAM,EAAE,WAAW,IAAI,MAAM;AAAA,QAC3B;AAAA,MACF;AACA,aAAO,cAAc,CAAC;AAAA,IACxB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAAkB,MAA+C;AACrE,YAAM,MAAM,MAAM,KAAK,cAAc;AACrC,aAAO,IAAI,KAAK,CAAC,MAAM,EAAE,SAAS,IAAI,KAAK;AAAA,IAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,QAAuD;AACvE,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,sBAAsB;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS,YAAY;AAAA,QACrB,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,MACrD,CAAC;AACD,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,uBAAuB;AAAA,MACvD;AACA,aAAO,IAAI,KAAK;AAAA,IAClB;AAAA,EACF;AACF;;;AChEO,SAAS,mBACd,UACA,SACA;AACA,QAAM,EAAE,QAAQ,OAAO,IAAI;AAG3B,sBAAoB,QAAQ,MAAM;AAElC,iBAAe,UACb,cAC2B;AAC3B,QAAI,QAAQ,SACT,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,UAAU,WAAW,EACxB,MAAM,cAAc,QAAQ,YAAY;AAAA,MACvC,YAAY,cAAc,SAAS,WAAW;AAAA,IAChD,CAAC;AAEH,QAAI,cAAc,cAAc;AAC9B,cAAQ,MAAM,IAAI,aAAY,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,IACxD;AACA,QAAI,cAAc,KAAK;AACrB,cAAQ,MAAM,SAAS,QAAQ,CAAC,aAAa,GAAG,CAAC;AAAA,IACnD;AACA,QAAI,cAAc,OAAO;AACvB,cAAQ,MAAM,MAAM,aAAa,KAAK;AAAA,IACxC;AACA,QAAI,cAAc,QAAQ;AACxB,cAAQ,MAAM;AAAA,QACZ,aAAa;AAAA,QACb,aAAa,UAAU,aAAa,SAAS,MAAM;AAAA,MACrD;AAAA,IACF;AAEA,UAAM,EAAE,KAAK,IAAI,MAAM;AACvB,WAAQ,QAAQ,CAAC;AAAA,EACnB;AAEA,iBAAe,eAAe,MAA8C;AAC1E,UAAM,EAAE,KAAK,IAAI,MAAM,SACpB,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,QAAQ,IAAI,EACf,GAAG,UAAU,WAAW,EACxB,OAAO;AACV,WAAQ,QAA2B;AAAA,EACrC;AAEA,iBAAe,cACb,QAC8B;AAC9B,UAAM,UAAU,UAAU;AAC1B,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,wBAAwB;AAAA,MACxD,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,IACrD,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,MAAM,MAAM,IACf,KAAK,EACL,MAAM,OAAO,EAAE,OAAO,0BAA0B,EAAE;AACrD,YAAM,IAAI,MAAM,IAAI,SAAS,yBAAyB;AAAA,IACxD;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO,EAAE,WAAW,gBAAgB,cAAc;AACpD;;;AC1HO,SAAS,gBACd,aACA,WAAkC,CAAC,GAC3B;AACR,SAAO;AACT;AAUO,SAAS,UACd,aACA,UAAoB,CAAC,GACrB,WAAW,IACH;AACR,SAAO,GAAG,WAAW;AACvB;AAMO,IAAM,gBAAgB;AAAA,EAC3B,WAAW,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EAC5E,MAAM,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACxE,IAAI,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACtE,QAAQ,EAAE,OAAO,IAAI,QAAQ,IAAI,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,WAAoB,SAAS,GAAG;AAC/D;;;ACXA,eAAsB,uBACpB,QACA,SACA,WACkB;AAClB,MAAI,CAAC,aAAa,CAAC,OAAQ,QAAO;AAElC,QAAM,SAAU,WAAW,UAAU,WAAW,OAAO,UAAW;AAClE,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAEA,QAAM,UAAU,IAAI,YAAY;AAChC,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB;AAAA,IACA,QAAQ,OAAO,MAAM;AAAA,IACrB,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAChC;AAAA,IACA,CAAC,MAAM;AAAA,EACT;AACA,QAAM,YAAY,MAAM,OAAO,KAAK,QAAQ,KAAK,QAAQ,OAAO,OAAO,CAAC;AACxE,QAAM,WAAW,YAAY,SAAS;AAEtC,SAAO,mBAAmB,UAAU,UAAU,KAAK,CAAC;AACtD;AAUO,IAAM,iBAAiB;AAAA;AAAA,EAE5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AACF;AAkCO,SAAS,kBACd,SACA,eACU;AACV,QAAM,OAAO,QAAQ;AACrB,MAAI,CAAC,MAAM,QAAQ,IAAI,KAAK,KAAK,WAAW,EAAG,QAAO,CAAC;AACvD,QAAM,cAAwB,CAAC;AAC/B,aAAW,OAAO,MAAM;AACtB,QAAI,OAAO,QAAQ,YAAY,IAAI,WAAW,EAAG;AACjD,kBAAc,KAAK,EAAE,QAAQ,EAAE,CAAC;AAChC,gBAAY,KAAK,GAAG;AAAA,EACtB;AACA,SAAO;AACT;AAEA,SAAS,YAAY,KAA0B;AAC7C,QAAM,QAAQ,IAAI,WAAW,GAAG;AAChC,MAAI,MAAM;AACV,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,WAAO,MAAM,CAAC,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,EAC9C;AACA,SAAO;AACT;AAMA,SAAS,mBAAmB,GAAW,GAAoB;AACzD,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI,WAAW;AACf,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK;AACjC,gBAAY,EAAE,WAAW,CAAC,IAAI,EAAE,WAAW,CAAC;AAAA,EAC9C;AACA,SAAO,aAAa;AACtB;","names":["options","query","data","error","DEFAULT_APP_URL"]}
1	+ {"version":3,"sources":["../src/version.ts","../src/queries.ts","../src/telemetry.ts","../src/embed.ts","../src/shop.ts","../src/events.ts","../src/cdn.ts","../src/date.ts","../src/webhooks.ts"],"sourcesContent":["/*\n The version of @distinctagency/cms-client embedded in this build.\n \n Bump this in lock-step with package.json — the value is read by the SDK to\n * report installed-version telemetry and to send `x-cms-client-version` on\n * outgoing requests.\n /\nexport const CMS_CLIENT_VERSION = \"1.21.0\"\n","import { createClient as createSupabaseClient } from \"@supabase/supabase-js\"\nimport type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n CmsClientOptions,\n ContentItem,\n ContentQueryOptions,\n ContentType,\n GoogleReview,\n ReviewQueryOptions,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\n/\n Creates a CMS query client authenticated with a tenant API key.\n \n Usage:\n * ```ts\n * const cms = createCmsClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const events = await cms.getContentItems('events', { status: 'published' })\n * ```\n \n The API key is sent as an `x-cms-api-key` header on every request.\n * Supabase RLS policies validate it against the tenant's stored key.\n /\nexport function createCmsClient(\n supabase: SupabaseClient,\n options: CmsClientOptions\n) {\n const { apiKey } = options\n\n // Create a new Supabase client with the API key header injected globally\n const client = withApiKey(supabase, apiKey) as SupabaseClient\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, options.appUrl)\n\n /* Resolve the tenant ID from the API key (cached per request) /\n let tenantIdCache: string \| null = null\n\n async function getTenantId(): Promise<string> {\n if (tenantIdCache) return tenantIdCache\n\n const { data, error } = await client\n .from(\"tenants\")\n .select(\"id\")\n .single()\n\n if (error \|\| !data) {\n throw new Error(\n \"Invalid CMS API key — no tenant found. Check your apiKey.\"\n )\n }\n\n tenantIdCache = data.id\n return data.id\n }\n\n /* Resolve a content type from its slug (cached) /\n const contentTypeCache = new Map<string, ContentType>()\n\n async function getContentTypeBySlug(contentTypeSlug: string): Promise<ContentType> {\n if (contentTypeCache.has(contentTypeSlug)) return contentTypeCache.get(contentTypeSlug)!\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n const ct = data as ContentType\n contentTypeCache.set(contentTypeSlug, ct)\n return ct\n }\n\n async function getContentTypeId(contentTypeSlug: string): Promise<string> {\n const ct = await getContentTypeBySlug(contentTypeSlug)\n return ct.id\n }\n\n /** Check if a member token has access to a gated content type /\n async function checkMemberAccess(\n contentType: ContentType,\n memberToken?: string\n ): Promise<{ allowed: boolean; memberTierId: string \| null }> {\n const requiredTierId = contentType.required_membership_tier_id\n if (!requiredTierId) return { allowed: true, memberTierId: null } // Public\n\n if (!memberToken) return { allowed: false, memberTierId: null } // Gated but no token\n\n // Verify the member's token and check their tier\n const { data: session } = await client\n .from(\"member_sessions\")\n .select(\"member_id\")\n .eq(\"token_hash\", memberToken) // Note: caller should hash the token\n .single()\n\n if (!session) return { allowed: false, memberTierId: null }\n\n const { data: member } = await client\n .from(\"members\")\n .select(\"membership_tier_id, status\")\n .eq(\"id\", session.member_id)\n .single()\n\n if (!member \|\| member.status !== \"active\") return { allowed: false, memberTierId: null }\n\n // Check if the member's tier matches (or exceeds) the required tier\n // For now: exact match or the member has the required tier\n return {\n allowed: member.membership_tier_id === requiredTierId,\n memberTierId: member.membership_tier_id as string \| null,\n }\n }\n\n async function getFlipbook(id: string): Promise<import(\"./types\").FlipbookPublic \| null> {\n const { data, error } = await client\n .from(\"flipbooks\")\n .select(\"id, title, page_count, status, manifest, download_enabled, tenant_id\")\n .eq(\"id\", id)\n .single()\n if (error \|\| !data) return null\n\n const manifest = data.manifest as\n \| { pages: Array<{ image: string; thumb: string; w: number; h: number }>; toc: Array<{ title: string; page: number }> }\n \| null\n if (!manifest) {\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? 0,\n status: data.status as \"pending_upload\" \| \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: [],\n toc: [],\n download_url: null,\n }\n }\n\n // Browser-safe env lookup via globalThis. The client package builds without\n // @types/node so referring to `process` directly fails the dts build; reading\n // through globalThis sidesteps that and works in every JS environment that\n // matters (Node, browsers, edge runtimes).\n const proc = (globalThis as { process?: { env?: Record<string, string \| undefined> } }).process\n const cdnBase = proc?.env?.NEXT_PUBLIC_R2_PUBLIC_URL ?? \"https://cdn.distinctstudio.co.nz\"\n const prefix = `flipbooks/${data.tenant_id as string}/${data.id as string}/`\n return {\n id: data.id as string,\n title: data.title as string,\n page_count: (data.page_count as number) ?? manifest.pages.length,\n status: data.status as \"pending\" \| \"processing\" \| \"ready\" \| \"failed\",\n page_images: manifest.pages.map((p) => ({\n url: `${cdnBase}/${prefix}${p.image}`,\n thumb_url: `${cdnBase}/${prefix}${p.thumb}`,\n w: p.w,\n h: p.h,\n })),\n toc: manifest.toc,\n download_url: data.download_enabled\n ? `${options.appUrl ?? \"\"}/api/flipbooks/${data.id as string}/download`\n : null,\n }\n }\n\n return {\n /\n List content items for a content type.\n * Defaults to published items ordered by most recent.\n /\n async getContentItems(\n contentTypeSlug: string,\n options: ContentQueryOptions = {}\n ): Promise<(ContentItem & { locked?: boolean })[]> {\n const contentType = await getContentTypeBySlug(contentTypeSlug)\n\n const {\n status = \"published\",\n orderBy = \"published_at\",\n orderDirection = \"desc\",\n limit = 100,\n offset = 0,\n memberToken,\n } = options\n\n // Check membership access\n const access = await checkMemberAccess(contentType, memberToken)\n\n // If gated and no access, check gating mode\n if (!access.allowed && contentType.required_membership_tier_id) {\n // Get tenant settings for gating mode\n const tenantId = await getTenantId()\n const { data: settings } = await client\n .from(\"tenant_settings\")\n .select(\"membership_gating_mode\")\n .eq(\"tenant_id\", tenantId)\n .single()\n\n const mode = (settings?.membership_gating_mode as string) ?? \"teaser\"\n\n if (mode === \"hide\") {\n return [] // Hide: return nothing\n }\n\n // Teaser mode: return items with locked flag, no body/data\n let query = client\n .from(\"content_items\")\n .select(\"id, title, slug, status, excerpt, seo_title, seo_description, featured_image, published_at, created_at, updated_at\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) query = query.eq(\"status\", status)\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n if (error) throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n\n return (data ?? []).map((item) => ({\n ...item,\n data: {},\n locked: true,\n })) as (ContentItem & { locked: boolean })[]\n }\n\n // Full access\n let query = client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentType.id)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch ${contentTypeSlug}: ${error.message}`)\n }\n\n return (data ?? []) as ContentItem[]\n },\n\n /*\n Get a single content item by its slug.\n * Returns null if not found.\n /\n async getContentItemBySlug(\n contentTypeSlug: string,\n itemSlug: string\n ): Promise<ContentItem \| null> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"slug\", itemSlug)\n .single()\n\n if (error) {\n if (error.code === \"PGRST116\") return null // not found\n throw new Error(\n `Failed to fetch ${contentTypeSlug}/${itemSlug}: ${error.message}`\n )\n }\n\n return data as ContentItem\n },\n\n /*\n Get a content type definition (including its field schema).\n /\n async getContentType(contentTypeSlug: string): Promise<ContentType> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", contentTypeSlug)\n .single()\n\n if (error \|\| !data) {\n throw new Error(`Content type not found: ${contentTypeSlug}`)\n }\n\n return data as ContentType\n },\n\n /*\n Get all slugs for a content type (for generateStaticParams).\n /\n async getAllSlugs(\n contentTypeSlug: string\n ): Promise<{ slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"content_items\")\n .select(\"slug\")\n .eq(\"content_type_id\", contentTypeId)\n .eq(\"status\", \"published\")\n\n if (error) {\n throw new Error(\n `Failed to fetch slugs for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { slug: string }[]\n },\n\n /\n List all content types for this tenant.\n /\n async getContentTypes(): Promise<ContentType[]> {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"content_types\")\n .select(\"\")\n .eq(\"tenant_id\", tenantId)\n .order(\"name\")\n\n if (error) {\n throw new Error(`Failed to fetch content types: ${error.message}`)\n }\n\n return (data ?? []) as ContentType[]\n },\n\n /*\n Get all slug redirects for a content type.\n * Use in next.config.js redirects() or middleware for 301s.\n * Returns: [{ old_slug, new_slug }, ...]\n /\n async getRedirects(\n contentTypeSlug: string\n ): Promise<{ old_slug: string; new_slug: string }[]> {\n const contentTypeId = await getContentTypeId(contentTypeSlug)\n\n const { data, error } = await client\n .from(\"slug_redirects\")\n .select(\"old_slug, new_slug\")\n .eq(\"content_type_id\", contentTypeId)\n\n if (error) {\n throw new Error(\n `Failed to fetch redirects for ${contentTypeSlug}: ${error.message}`\n )\n }\n\n return (data ?? []) as { old_slug: string; new_slug: string }[]\n },\n\n /\n Get all custom path redirects for this tenant.\n * Use alongside getRedirects() in next.config.ts for full redirect coverage.\n /\n async getCustomRedirects(): Promise<\n { source_path: string; destination_path: string; permanent: boolean }[]\n > {\n const tenantId = await getTenantId()\n\n const { data, error } = await client\n .from(\"custom_redirects\")\n .select(\"source_path, destination_path, permanent\")\n .eq(\"tenant_id\", tenantId)\n\n if (error) {\n throw new Error(`Failed to fetch custom redirects: ${error.message}`)\n }\n\n return (data ?? []) as {\n source_path: string\n destination_path: string\n permanent: boolean\n }[]\n },\n\n /\n Get form submissions for a specific form.\n * Useful for displaying testimonials, reviews, etc.\n /\n async getFormSubmissions(\n formSlug: string,\n options: { status?: string; limit?: number; offset?: number } = {}\n ): Promise<Record<string, unknown>[]> {\n const tenantId = await getTenantId()\n\n const { data: form } = await client\n .from(\"forms\")\n .select(\"id\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n if (!form) return []\n\n const { limit = 50, offset = 0, status } = options\n\n let query = client\n .from(\"form_submissions\")\n .select(\"\")\n .eq(\"form_id\", form.id)\n .eq(\"is_spam\", false)\n .order(\"created_at\", { ascending: false })\n .range(offset, offset + limit - 1)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n const { data } = await query\n return (data ?? []) as Record<string, unknown>[]\n },\n\n /*\n Get a form configuration by slug.\n /\n async getForm(\n formSlug: string\n ): Promise<Record<string, unknown> \| null> {\n const tenantId = await getTenantId()\n\n const { data } = await client\n .from(\"forms\")\n .select(\"id, name, slug, description, is_active\")\n .eq(\"tenant_id\", tenantId)\n .eq(\"slug\", formSlug)\n .single()\n\n return data as Record<string, unknown> \| null\n },\n\n /\n Get a flipbook by ID, including CDN-resolved page image URLs.\n * Returns null if not found or manifest not yet ready.\n /\n getFlipbook,\n\n /\n Get Google Reviews for this tenant.\n * Defaults to approved reviews ordered by most recent.\n /\n async getReviews(\n options: ReviewQueryOptions = {}\n ): Promise<GoogleReview[]> {\n const tenantId = await getTenantId()\n\n const {\n status = \"approved\",\n minRating,\n limit = 50,\n offset = 0,\n orderBy = \"review_timestamp\",\n orderDirection = \"desc\",\n } = options\n\n let query = client\n .from(\"google_reviews\")\n .select(\"id, author_name, author_photo_url, rating, text, review_timestamp\")\n .eq(\"tenant_id\", tenantId)\n\n if (status) {\n query = query.eq(\"status\", status)\n }\n\n if (minRating) {\n query = query.gte(\"rating\", minRating)\n }\n\n query = query\n .order(orderBy, { ascending: orderDirection === \"asc\" })\n .range(offset, offset + limit - 1)\n\n const { data, error } = await query\n\n if (error) {\n throw new Error(`Failed to fetch reviews: ${error.message}`)\n }\n\n return (data ?? []) as GoogleReview[]\n },\n\n /\n Get the tenant's third-party tracking IDs (Google Analytics, Google Tag Manager, Meta Pixel).\n * Each value is null when not configured. These IDs are public and safe to render in HTML.\n \n On Next.js, the result is cached and revalidated every hour by default\n * (`revalidate: 3600`) and tagged with `TRACKING_CONFIG_TAG`. Tenant sites\n * that want zero-lag updates can call `revalidateTag(TRACKING_CONFIG_TAG)`\n * from a webhook. Pass `revalidate: 0` to disable caching, `revalidate: false`\n * to cache indefinitely (tag-only invalidation), or any positive integer\n * (seconds) to override the interval. Outside Next.js the cache hints are\n * silently ignored — every call hits the network.\n /\n async getTrackingConfig(options: TrackingConfigOptions = {}): Promise<TrackingConfig> {\n const { revalidate = 3600, tags = [TRACKING_CONFIG_TAG] } = options\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n // Direct PostgREST fetch (instead of going through supabase-js) so that\n // Next.js sees the request and applies its `next` cache options. RLS\n // restricts the result to the tenant matching `x-cms-api-key`, so no\n // explicit tenant_id filter is needed.\n const url =\n `${supabaseUrl}/rest/v1/tenant_settings` +\n `?select=google_analytics_id,google_tag_manager_id,google_ads_id,meta_pixel_id&limit=1`\n\n const init: RequestInit & { next?: { revalidate?: number \| false; tags?: string[] } } = {\n headers: {\n apikey: supabaseKey,\n Authorization: `Bearer ${supabaseKey}`,\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n Accept: \"application/json\",\n },\n next: { revalidate, tags },\n }\n\n let row: {\n google_analytics_id: string \| null\n google_tag_manager_id: string \| null\n google_ads_id: string \| null\n meta_pixel_id: string \| null\n } \| undefined\n\n try {\n const res = await fetch(url, init as RequestInit)\n if (res.ok) {\n const rows = (await res.json()) as Array<typeof row>\n row = rows?.[0]\n }\n } catch {\n // Network errors fall through to the all-null result so a transient\n // outage on the CMS never breaks page renders on the tenant site.\n }\n\n return {\n googleAnalyticsId: nullify(row?.google_analytics_id),\n googleTagManagerId: nullify(row?.google_tag_manager_id),\n googleAdsId: nullify(row?.google_ads_id),\n metaPixelId: nullify(row?.meta_pixel_id),\n }\n },\n }\n}\n\n/\n Cache tag applied to `getTrackingConfig()` fetches on Next.js. Call\n * `revalidateTag(TRACKING_CONFIG_TAG)` from a webhook handler on the tenant\n * site to make tracking-ID changes take effect immediately rather than\n * waiting for the next revalidation interval.\n /\nexport const TRACKING_CONFIG_TAG = \"cms:tracking-config\"\n\nexport interface TrackingConfigOptions {\n /\n Cache lifetime for the underlying fetch on Next.js, in seconds.\n * Defaults to 3600 (one hour). Set to `0` to disable caching, or `false`\n * to cache indefinitely until the tag is revalidated. Ignored outside\n * Next.js runtimes.\n /\n revalidate?: number \| false\n /\n Cache tags for the underlying fetch on Next.js. Defaults to\n * `[TRACKING_CONFIG_TAG]`. Override to namespace by tenant if you share a\n * single Next.js process across multiple tenants (uncommon).\n /\n tags?: string[]\n}\n\nfunction nullify(v: string \| null \| undefined): string \| null {\n if (!v) return null\n const trimmed = v.trim()\n return trimmed.length > 0 ? trimmed : null\n}\n\nexport interface TrackingConfig {\n googleAnalyticsId: string \| null\n googleTagManagerId: string \| null\n googleAdsId: string \| null\n metaPixelId: string \| null\n}\n\n/\n Creates a new Supabase client that includes the `x-cms-api-key`\n * header in every request, using the same URL and key as the original.\n /\nfunction withApiKey(supabase: SupabaseClient, apiKey: string) {\n // Extract URL and key from the existing client\n const supabaseUrl = (supabase as unknown as { supabaseUrl: string }).supabaseUrl\n const supabaseKey = (supabase as unknown as { supabaseKey: string }).supabaseKey\n\n return createSupabaseClient(supabaseUrl, supabaseKey, {\n global: {\n headers: {\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n },\n })\n}\n","import { CMS_CLIENT_VERSION } from \"./version\"\n\n/\n Reports the running SDK version to the CMS so the Super Admin UI can show\n * which client version each tenant site is on.\n \n Day-granular and process-local: at most one POST per (api key + day) per\n * Node process. Calls from browser code are ignored — the API key would be\n * exposed and the data is redundant with server-side reports.\n \n Fire-and-forget. Failures are silent — telemetry must never break a render.\n /\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\ninterface ReportRecord {\n date: string // YYYY-MM-DD\n version: string\n}\n\nconst reported = new Map<string, ReportRecord>()\n\nfunction todayKey(): string {\n return new Date().toISOString().slice(0, 10)\n}\n\nexport function reportClientVersion(apiKey: string, appUrl?: string): void {\n // Skip in browser contexts — server-side calls already cover the tenant.\n if (typeof window !== \"undefined\") return\n if (!apiKey) return\n\n const today = todayKey()\n const last = reported.get(apiKey)\n if (last && last.date === today && last.version === CMS_CLIENT_VERSION) return\n\n // Optimistically mark as reported so concurrent calls don't all fire. If the\n // request fails we'll retry tomorrow — that's acceptable for telemetry.\n reported.set(apiKey, { date: today, version: CMS_CLIENT_VERSION })\n\n const envAppUrl =\n typeof process !== \"undefined\" ? process.env?.NEXT_PUBLIC_CMS_URL : undefined\n const base = (appUrl ?? envAppUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n const url = `${base}/api/client-telemetry`\n\n // Fire and forget. Use a hand-rolled then() chain rather than async/await so\n // we don't accidentally surface an unhandled rejection.\n void fetch(url, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n },\n body: JSON.stringify({\n api_key: apiKey,\n version: CMS_CLIENT_VERSION,\n }),\n }).catch(() => {\n // Allow a retry on the next call by clearing the optimistic record.\n reported.delete(apiKey)\n })\n}\n","import type { EmbedValue } from \"./types\"\n\nfunction toCssAspectRatio(ratio: string): string {\n const parts = ratio.split(\":\")\n if (parts.length !== 2) return \"16/9\"\n const w = parseFloat(parts[0])\n const h = parseFloat(parts[1])\n if (!w \|\| !h \|\| w <= 0 \|\| h <= 0) return \"16/9\"\n return `${w}/${h}`\n}\n\n/\n Generate responsive iframe HTML for an embed field value.\n * Returns an empty string if the value is invalid or the URL is not HTTPS.\n /\nexport function getEmbedHtml(value: unknown): string {\n if (!value \|\| typeof value !== \"object\") return \"\"\n const embed = value as EmbedValue\n if (!embed.url \|\| !embed.url.startsWith(\"https://\")) return \"\"\n\n const width = embed.width \|\| \"100%\"\n const aspectRatio = toCssAspectRatio(embed.aspect_ratio \|\| \"16:9\")\n\n return `<div style=\"position:relative;width:${width};aspect-ratio:${aspectRatio}\"><iframe src=\"${embed.url}\" style=\"position:absolute;inset:0;width:100%;height:100%\" frameborder=\"0\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox\" allowfullscreen loading=\"lazy\"></iframe></div>`\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport type {\n Product,\n ProductCategory,\n ProductQueryOptions,\n CreateOrderParams,\n CreateOrderResult,\n} from \"./types\"\nimport { CMS_CLIENT_VERSION } from \"./version\"\nimport { reportClientVersion } from \"./telemetry\"\n\nconst DEFAULT_APP_URL = \"https://cms.distinctstudio.co.nz\"\n\nexport interface ShopClientOptions {\n /* Tenant API key (UUID). Sent as `x-cms-api-key` on every request. /\n apiKey: string\n /* CMS app base URL. Defaults to `https://cms.distinctstudio.co.nz`. /\n appUrl?: string\n}\n\n/\n Creates a typed client for the eCommerce REST API (products, categories, orders).\n \n Unlike `createCmsClient`, the shop client talks to the CMS REST endpoints\n * (`/api/products`, `/api/product-categories`, `/api/orders/create`) rather than\n * Supabase directly — it doesn't need the `supabase` argument, but accepts it\n * for API symmetry with the rest of the SDK.\n \n Usage:\n * ```ts\n * const shop = createShopClient(supabase, { apiKey: process.env.CMS_API_KEY! })\n * const products = await shop.getProducts({ category: \"electronics\", limit: 20 })\n * ```\n /\nexport function createShopClient(\n _supabase: SupabaseClient,\n options: ShopClientOptions\n) {\n const { apiKey } = options\n const appUrl = (options.appUrl ?? DEFAULT_APP_URL).replace(/\\/$/, \"\")\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n function authHeaders(): HeadersInit {\n return {\n \"Content-Type\": \"application/json\",\n \"x-cms-api-key\": apiKey,\n \"x-cms-client-version\": CMS_CLIENT_VERSION,\n }\n }\n\n async function getJson<T>(path: string): Promise<T> {\n const res = await fetch(`${appUrl}${path}`, {\n headers: authHeaders(),\n // Caller controls Next.js caching by wrapping the call site.\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(\n body.error ?? `Shop request failed (${res.status}): ${path}`\n )\n }\n return res.json() as Promise<T>\n }\n\n return {\n /\n List published products. Includes nested `variants` and `options`.\n \n `category` filters by category slug (matches the FK `category_id`,\n * with a fallback to the legacy `category` text column).\n /\n async getProducts(queryOptions: ProductQueryOptions = {}): Promise<Product[]> {\n const params = new URLSearchParams()\n if (queryOptions.category) params.set(\"category\", queryOptions.category)\n if (queryOptions.tags?.length) params.set(\"tags\", queryOptions.tags.join(\",\"))\n if (queryOptions.limit) params.set(\"limit\", String(queryOptions.limit))\n if (queryOptions.offset) params.set(\"offset\", String(queryOptions.offset))\n if (queryOptions.sort) params.set(\"sort\", queryOptions.sort)\n if (queryOptions.order) params.set(\"order\", queryOptions.order)\n\n const qs = params.toString()\n const { products } = await getJson<{ products: Product[] }>(\n `/api/products${qs ? `?${qs}` : \"\"}`\n )\n return products ?? []\n },\n\n /\n Get a single published product by slug. Returns null if not found.\n * Includes nested `variants` and `options`.\n /\n async getProductBySlug(slug: string): Promise<Product \| null> {\n const res = await fetch(`${appUrl}/api/products/${encodeURIComponent(slug)}`, {\n headers: authHeaders(),\n })\n if (res.status === 404) return null\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? `Failed to fetch product ${slug}`)\n }\n const { product } = (await res.json()) as { product: Product }\n return product ?? null\n },\n\n /\n List product categories for the tenant, ordered by sort_order then name.\n /\n async getCategories(): Promise<ProductCategory[]> {\n const { categories } = await getJson<{ categories: ProductCategory[] }>(\n `/api/product-categories`\n )\n return categories ?? []\n },\n\n /\n Get a single category by slug. Returns null if not found.\n /\n async getCategoryBySlug(slug: string): Promise<ProductCategory \| null> {\n const all = await this.getCategories()\n return all.find((c) => c.slug === slug) ?? null\n },\n\n /\n Create a pending order and return a Stripe PaymentIntent client_secret\n * to confirm payment client-side.\n \n Stripe must be configured for the tenant; eCommerce must be enabled on\n * their billing plan. Validates stock for tracked variants and applies\n * any discount code before creating the PaymentIntent.\n /\n async createOrder(params: CreateOrderParams): Promise<CreateOrderResult> {\n const res = await fetch(`${appUrl}/api/orders/create`, {\n method: \"POST\",\n headers: authHeaders(),\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const body = await res.json().catch(() => ({}) as { error?: string })\n throw new Error(body.error ?? \"Order creation failed\")\n }\n return res.json() as Promise<CreateOrderResult>\n },\n }\n}\n","import type { SupabaseClient } from \"@supabase/supabase-js\"\nimport { reportClientVersion } from \"./telemetry\"\n\nexport type EventStatus = \"draft\" \| \"published\" \| \"archived\"\nexport type BookingStatus = \"pending\" \| \"confirmed\" \| \"cancelled\" \| \"refunded\"\n\nexport interface CmsEvent {\n id: string\n tenant_id: string\n title: string\n slug: string\n description: string \| null\n short_description: string \| null\n status: EventStatus\n start_at: string\n end_at: string \| null\n venue_name: string \| null\n venue_address: string \| null\n hero_image: string \| null\n gallery: string[]\n tags: string[]\n seo_title: string \| null\n seo_description: string \| null\n metadata: Record<string, unknown>\n sort_order: number\n published_at: string \| null\n created_at: string\n updated_at: string\n}\n\nexport interface CmsTicketTier {\n id: string\n event_id: string\n tenant_id: string\n name: string\n description: string \| null\n price_cents: number\n capacity: number \| null\n sold_count: number\n sales_start_at: string \| null\n sales_end_at: string \| null\n is_active: boolean\n sort_order: number\n}\n\nexport interface EventWithTiers extends CmsEvent {\n tiers: CmsTicketTier[]\n}\n\nexport interface EventQueryOptions {\n /* Only include events with start_at >= now. Default false. /\n upcomingOnly?: boolean\n tag?: string\n limit?: number\n offset?: number\n sort?: \"start_at\" \| \"sort_order\" \| \"created_at\"\n order?: \"asc\" \| \"desc\"\n}\n\nexport interface CreateBookingParams {\n event_slug: string\n ticket_tier_id?: string\n customer_email: string\n customer_name?: string\n customer_phone?: string\n quantity?: number\n success_url?: string\n cancel_url?: string\n metadata?: Record<string, unknown>\n}\n\nexport interface CreateBookingResult {\n booking_id: string\n booking_number: string\n status: \"pending\" \| \"confirmed\"\n /* Redirect the browser here for paid bookings. /\n checkout_url?: string\n /* Present on free bookings — used for attendance QR display. /\n qr_token?: string\n}\n\nexport function createEventsClient(\n supabase: SupabaseClient,\n options: { apiKey: string; appUrl?: string }\n) {\n const { apiKey, appUrl } = options\n\n // Day-granular, fire-and-forget version ping (server-side only).\n reportClientVersion(apiKey, appUrl)\n\n async function getEvents(\n queryOptions?: EventQueryOptions\n ): Promise<EventWithTiers[]> {\n let query = supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"status\", \"published\")\n .order(queryOptions?.sort ?? \"start_at\", {\n ascending: (queryOptions?.order ?? \"asc\") === \"asc\",\n })\n\n if (queryOptions?.upcomingOnly) {\n query = query.gte(\"start_at\", new Date().toISOString())\n }\n if (queryOptions?.tag) {\n query = query.contains(\"tags\", [queryOptions.tag])\n }\n if (queryOptions?.limit) {\n query = query.limit(queryOptions.limit)\n }\n if (queryOptions?.offset) {\n query = query.range(\n queryOptions.offset,\n queryOptions.offset + (queryOptions.limit ?? 50) - 1\n )\n }\n\n const { data } = await query\n return (data ?? []) as EventWithTiers[]\n }\n\n async function getEventBySlug(slug: string): Promise<EventWithTiers \| null> {\n const { data } = await supabase\n .from(\"events\")\n .select(\", tiers:ticket_tiers()\")\n .eq(\"slug\", slug)\n .eq(\"status\", \"published\")\n .single()\n return (data as EventWithTiers) ?? null\n }\n\n async function createBooking(\n params: CreateBookingParams\n ): Promise<CreateBookingResult> {\n const baseUrl = appUrl ?? \"\"\n const res = await fetch(`${baseUrl}/api/bookings/create`, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/json\" },\n body: JSON.stringify({ api_key: apiKey, ...params }),\n })\n if (!res.ok) {\n const err = await res\n .json()\n .catch(() => ({ error: \"Booking creation failed\" }))\n throw new Error(err.error ?? \"Booking creation failed\")\n }\n return res.json() as Promise<CreateBookingResult>\n }\n\n return { getEvents, getEventBySlug, createBooking }\n}\n","/\n Image helpers for CMS content.\n \n Images are already optimised (WebP, max 2400px) on upload.\n * No server-side transforms needed — serve originals directly.\n \n These functions are kept for backward compatibility but no longer\n * call Supabase image transformation endpoints.\n /\n\nexport interface ImageTransformOptions {\n width?: number\n height?: number\n quality?: number\n resize?: \"contain\" \| \"cover\" \| \"fill\"\n format?: \"origin\"\n}\n\n/\n Returns the image URL directly.\n \n Previously this converted URLs to use Supabase's /render/image/\n * transform endpoint, but images are now pre-optimised on upload\n * (WebP, max 2400px, quality 82) so transforms are unnecessary.\n \n The function is kept for backward compatibility — existing code\n * that calls getTransformUrl() will continue to work without changes.\n /\nexport function getTransformUrl(\n originalUrl: string,\n _options: ImageTransformOptions = {}\n): string {\n return originalUrl\n}\n\n/\n Returns a simple srcSet using the original image.\n \n Previously generated multiple transformed widths, but since images\n * are now pre-optimised WebP, a single source is sufficient.\n * Modern browsers handle responsive display efficiently with a\n * well-sized WebP source.\n /\nexport function getSrcSet(\n originalUrl: string,\n _widths: number[] = [],\n _quality = 80\n): string {\n return `${originalUrl} 2400w`\n}\n\n/\n Common image size presets — kept for backward compatibility.\n * Since images are pre-optimised, these are informational only.\n /\nexport const IMAGE_PRESETS = {\n thumbnail: { width: 150, height: 150, resize: \"cover\" as const, quality: 70 },\n card: { width: 400, height: 300, resize: \"cover\" as const, quality: 80 },\n hero: { width: 1200, height: 630, resize: \"cover\" as const, quality: 85 },\n og: { width: 1200, height: 630, resize: \"cover\" as const, quality: 90 },\n avatar: { width: 80, height: 80, resize: \"cover\" as const, quality: 75 },\n full: { width: 1920, resize: \"contain\" as const, quality: 85 },\n} as const\n","import type { DateGranularity } from \"./types\"\n\nexport interface ParsedPartialDate {\n granularity: DateGranularity\n /* 4-digit year — absent for `month` and `day_month`. /\n year?: number\n /* 1-12 — absent for `year`. /\n month?: number\n /* 1-31 — present only for `full` and `day_month`. /\n day?: number\n}\n\n/\n Parses a partial-ISO date string (as produced by a `date` field) into its parts.\n * Returns `null` if the string doesn't match a known granularity shape.\n /\nexport function parsePartialDate(value: string): ParsedPartialDate \| null {\n if (!value) return null\n let m: RegExpExecArray \| null\n if ((m = /^(\\d{4})-(\\d{2})-(\\d{2})$/.exec(value)))\n return { granularity: \"full\", year: +m[1], month: +m[2], day: +m[3] }\n if ((m = /^(\\d{4})-(\\d{2})$/.exec(value)))\n return { granularity: \"month_year\", year: +m[1], month: +m[2] }\n if ((m = /^(\\d{4})$/.exec(value))) return { granularity: \"year\", year: +m[1] }\n if ((m = /^--(\\d{2})-(\\d{2})$/.exec(value)))\n return { granularity: \"day_month\", month: +m[1], day: +m[2] }\n if ((m = /^--(\\d{2})$/.exec(value))) return { granularity: \"month\", month: +m[1] }\n return null\n}\n\nexport interface FormatPartialDateOptions {\n /* BCP 47 locale(s) passed to Intl.DateTimeFormat. Defaults to the runtime locale. /\n locale?: string \| string[]\n /* Month rendering style. Defaults to `long` (e.g. \"May\"). /\n month?: \"long\" \| \"short\" \| \"narrow\" \| \"numeric\" \| \"2-digit\"\n}\n\n/\n Formats a partial-ISO date string for display, honouring the value's granularity\n * and locale-correct part ordering (e.g. \"12 May\" vs \"May 12\"). Returns the raw\n * string unchanged if it isn't a recognised partial date.\n /\nexport function formatPartialDate(value: string, options: FormatPartialDateOptions = {}): string {\n const parsed = parsePartialDate(value)\n if (!parsed) return value\n\n const { locale, month = \"long\" } = options\n const monthIndex = parsed.month ? parsed.month - 1 : 0\n\n switch (parsed.granularity) {\n case \"year\":\n return String(parsed.year)\n case \"month\":\n return new Intl.DateTimeFormat(locale, { month }).format(new Date(2000, monthIndex, 1))\n case \"month_year\":\n return new Intl.DateTimeFormat(locale, { month, year: \"numeric\" }).format(\n new Date(parsed.year!, monthIndex, 1)\n )\n case \"day_month\":\n return new Intl.DateTimeFormat(locale, { month, day: \"numeric\" }).format(\n new Date(2000, monthIndex, parsed.day!)\n )\n case \"full\":\n return new Intl.DateTimeFormat(locale, { year: \"numeric\", month, day: \"numeric\" }).format(\n new Date(parsed.year!, monthIndex, parsed.day!)\n )\n }\n}\n","/\n Helpers for verifying outbound webhooks fired by the CMS.\n \n The CMS POSTs JSON to subscriber URLs and signs the raw body with\n * HMAC-SHA256 using the shared secret you set in the Webhooks tab. The hex\n * digest arrives in the `X-CMS-Signature` header.\n \n Use Web Crypto so this works in Node, Edge, Deno, and Bun runtimes.\n /\n\nexport interface WebhookEventPayload {\n event: string\n tenant_id: string\n content_type_slug?: string\n content_item_id?: string\n slug?: string\n title?: string\n status?: string\n /* Stable identifier of the resource that changed (e.g. product id, flipbook id, integration provider). /\n resource_id?: string\n /\n Cache tags the receiver should invalidate. Use {@link revalidateAllTags}\n * to wire this through Next.js's `revalidateTag()` in one line.\n * All tags are namespaced with the `cms:` prefix.\n /\n cache_tags?: string[]\n /* Free-form bag for event-specific extras (e.g. provider name, change counts). /\n data?: Record<string, unknown>\n timestamp: string\n /* Commerce + custom events may attach extra top-level fields. /\n [key: string]: unknown\n}\n\n/\n Verify the HMAC-SHA256 signature on a webhook delivery.\n \n Pass the raw request body (not a parsed JSON object) — re-stringifying\n * a parsed body can change whitespace and invalidate the signature.\n \n Returns `true` when the signature matches in constant time, `false`\n * otherwise. Never throws on a bad signature; only throws if the\n * `crypto.subtle` API is unavailable in the runtime.\n \n @example\n * const raw = await req.text()\n * const sig = req.headers.get(\"x-cms-signature\")\n * if (!await verifyWebhookSignature(process.env.CMS_WEBHOOK_SECRET!, raw, sig)) {\n * return new Response(\"bad signature\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n /\nexport async function verifyWebhookSignature(\n secret: string,\n rawBody: string,\n signature: string \| null \| undefined\n): Promise<boolean> {\n if (!signature \|\| !secret) return false\n\n const subtle = (globalThis.crypto && globalThis.crypto.subtle) \|\| null\n if (!subtle) {\n throw new Error(\n \"verifyWebhookSignature requires the Web Crypto API (globalThis.crypto.subtle). \" +\n \"Available in Node 18+, all Edge runtimes, Deno, and Bun.\"\n )\n }\n\n const encoder = new TextEncoder()\n const key = await subtle.importKey(\n \"raw\",\n encoder.encode(secret),\n { name: \"HMAC\", hash: \"SHA-256\" },\n false,\n [\"sign\"]\n )\n const sigBuffer = await subtle.sign(\"HMAC\", key, encoder.encode(rawBody))\n const expected = bufferToHex(sigBuffer)\n\n return timingSafeEqualHex(expected, signature.trim())\n}\n\n/\n The webhook event names the CMS can fire. Use as a discriminator on the\n * `event` field of {@link WebhookEventPayload}.\n \n Most receivers don't need to switch on the event name — every payload\n * carries a `cache_tags` array. Pass it to {@link revalidateAllTags} to\n * invalidate the right Next.js caches in one line.\n /\nexport const WEBHOOK_EVENTS = [\n // Content\n \"content.published\",\n \"content.unpublished\",\n \"content.updated\",\n \"content.deleted\",\n \"content_type.updated\",\n \"content_type.deleted\",\n // Settings (diffed — only fires when a relevant field actually changed)\n \"settings.tracking_updated\",\n \"settings.brand_updated\",\n \"settings.integration_updated\",\n // Commerce\n \"products.updated\",\n \"product_categories.updated\",\n \"ticket_tiers.updated\",\n \"membership_tiers.updated\",\n \"order.created\",\n \"order.paid\",\n \"order.payment_failed\",\n \"order.refunded\",\n \"order.shipped\",\n \"booking.confirmed\",\n \"inventory.low_stock\",\n // Site\n \"redirects.updated\",\n \"reviews.synced\",\n \"flipbook.ready\",\n] as const\n\nexport type WebhookEvent = (typeof WEBHOOK_EVENTS)[number]\n\n/\n Invalidate every cache tag listed in a webhook payload. Call this from your\n * receiver and most events will Just Work without per-event branching.\n \n Pass Next.js's `revalidateTag` (or any function with the same shape) — the\n * SDK has no peer dep on `next/cache`, so the import stays in your code.\n \n Next 16 compatibility. In Next 16, `revalidateTag(tag)` was made into\n * `revalidateTag(tag, profile)`, and calling it with one argument emits a\n * deprecation warning. The cache profile controls expiry — `\"default\"` and\n * `\"max\"` both have non-zero `expire` values and will not invalidate the\n * cache. Immediate invalidation requires `{ expire: 0 }`, which isn't\n * documented in the function reference. This helper always passes\n * `{ expire: 0 }` as the second argument, so it does the right thing on Next 16\n * and is silently ignored by Next 14/15.\n \n @example\n * import { revalidateTag } from \"next/cache\"\n * import { revalidateAllTags } from \"@distinctagency/cms-client\"\n \n export async function POST(req: Request) {\n * const raw = await req.text()\n * if (!await verifyWebhookSignature(SECRET, raw, req.headers.get(\"x-cms-signature\"))) {\n * return new Response(\"bad sig\", { status: 401 })\n * }\n * const payload = JSON.parse(raw) as WebhookEventPayload\n * revalidateAllTags(payload, revalidateTag)\n * return Response.json({ ok: true })\n * }\n /\nexport function revalidateAllTags(\n payload: Pick<WebhookEventPayload, \"cache_tags\">,\n revalidateTag: (tag: string, profile: { expire?: number }) => unknown\n): string[] {\n const tags = payload.cache_tags\n if (!Array.isArray(tags) \|\| tags.length === 0) return []\n const invalidated: string[] = []\n for (const tag of tags) {\n if (typeof tag !== \"string\" \|\| tag.length === 0) continue\n revalidateTag(tag, { expire: 0 })\n invalidated.push(tag)\n }\n return invalidated\n}\n\nfunction bufferToHex(buf: ArrayBuffer): string {\n const bytes = new Uint8Array(buf)\n let out = \"\"\n for (let i = 0; i < bytes.length; i++) {\n out += bytes[i].toString(16).padStart(2, \"0\")\n }\n return out\n}\n\n/\n Constant-time equality check on two hex strings. Returns false fast when\n * lengths differ — the length itself is not secret.\n */\nfunction timingSafeEqualHex(a: string, b: string): boolean {\n if (a.length !== b.length) return false\n let mismatch = 0\n for (let i = 0; i < a.length; i++) {\n mismatch \|= a.charCodeAt(i) ^ b.charCodeAt(i)\n }\n return mismatch === 0\n}\n"],"mappings":";AAOO,IAAM,qBAAqB;;;ACPlC,SAAS,gBAAgB,4BAA4B;;;ACarD,IAAM,kBAAkB;AAOxB,IAAM,WAAW,oBAAI,IAA0B;AAE/C,SAAS,WAAmB;AAC1B,UAAO,oBAAI,KAAK,GAAE,YAAY,EAAE,MAAM,GAAG,EAAE;AAC7C;AAEO,SAAS,oBAAoB,QAAgB,QAAuB;AAEzE,MAAI,OAAO,WAAW,YAAa;AACnC,MAAI,CAAC,OAAQ;AAEb,QAAM,QAAQ,SAAS;AACvB,QAAM,OAAO,SAAS,IAAI,MAAM;AAChC,MAAI,QAAQ,KAAK,SAAS,SAAS,KAAK,YAAY,mBAAoB;AAIxE,WAAS,IAAI,QAAQ,EAAE,MAAM,OAAO,SAAS,mBAAmB,CAAC;AAEjE,QAAM,YACJ,OAAO,YAAY,cAAc,QAAQ,KAAK,sBAAsB;AACtE,QAAM,QAAQ,UAAU,aAAa,iBAAiB,QAAQ,OAAO,EAAE;AACvE,QAAM,MAAM,GAAG,IAAI;AAInB,OAAK,MAAM,KAAK;AAAA,IACd,QAAQ;AAAA,IACR,SAAS;AAAA,MACP,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,IACA,MAAM,KAAK,UAAU;AAAA,MACnB,SAAS;AAAA,MACT,SAAS;AAAA,IACX,CAAC;AAAA,EACH,CAAC,EAAE,MAAM,MAAM;AAEb,aAAS,OAAO,MAAM;AAAA,EACxB,CAAC;AACH;;;ADpCO,SAAS,gBACd,UACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AAGnB,QAAM,SAAS,WAAW,UAAU,MAAM;AAG1C,sBAAoB,QAAQ,QAAQ,MAAM;AAG1C,MAAI,gBAA+B;AAEnC,iBAAe,cAA+B;AAC5C,QAAI,cAAe,QAAO;AAE1B,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,SAAS,EACd,OAAO,IAAI,EACX,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAEA,oBAAgB,KAAK;AACrB,WAAO,KAAK;AAAA,EACd;AAGA,QAAM,mBAAmB,oBAAI,IAAyB;AAEtD,iBAAe,qBAAqB,iBAA+C;AACjF,QAAI,iBAAiB,IAAI,eAAe,EAAG,QAAO,iBAAiB,IAAI,eAAe;AACtF,UAAM,WAAW,MAAM,YAAY;AAEnC,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,QAAI,SAAS,CAAC,MAAM;AAClB,YAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,IAC9D;AAEA,UAAM,KAAK;AACX,qBAAiB,IAAI,iBAAiB,EAAE;AACxC,WAAO;AAAA,EACT;AAEA,iBAAe,iBAAiB,iBAA0C;AACxE,UAAM,KAAK,MAAM,qBAAqB,eAAe;AACrD,WAAO,GAAG;AAAA,EACZ;AAGA,iBAAe,kBACb,aACA,aAC4D;AAC5D,UAAM,iBAAiB,YAAY;AACnC,QAAI,CAAC,eAAgB,QAAO,EAAE,SAAS,MAAM,cAAc,KAAK;AAEhE,QAAI,CAAC,YAAa,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAG9D,UAAM,EAAE,MAAM,QAAQ,IAAI,MAAM,OAC7B,KAAK,iBAAiB,EACtB,OAAO,WAAW,EAClB,GAAG,cAAc,WAAW,EAC5B,OAAO;AAEV,QAAI,CAAC,QAAS,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAE1D,UAAM,EAAE,MAAM,OAAO,IAAI,MAAM,OAC5B,KAAK,SAAS,EACd,OAAO,4BAA4B,EACnC,GAAG,MAAM,QAAQ,SAAS,EAC1B,OAAO;AAEV,QAAI,CAAC,UAAU,OAAO,WAAW,SAAU,QAAO,EAAE,SAAS,OAAO,cAAc,KAAK;AAIvF,WAAO;AAAA,MACL,SAAS,OAAO,uBAAuB;AAAA,MACvC,cAAc,OAAO;AAAA,IACvB;AAAA,EACF;AAEA,iBAAe,YAAY,IAA8D;AACvF,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,WAAW,EAChB,OAAO,sEAAsE,EAC7E,GAAG,MAAM,EAAE,EACX,OAAO;AACV,QAAI,SAAS,CAAC,KAAM,QAAO;AAE3B,UAAM,WAAW,KAAK;AAGtB,QAAI,CAAC,UAAU;AACb,aAAO;AAAA,QACL,IAAI,KAAK;AAAA,QACT,OAAO,KAAK;AAAA,QACZ,YAAa,KAAK,cAAyB;AAAA,QAC3C,QAAQ,KAAK;AAAA,QACb,aAAa,CAAC;AAAA,QACd,KAAK,CAAC;AAAA,QACN,cAAc;AAAA,MAChB;AAAA,IACF;AAMA,UAAM,OAAQ,WAA0E;AACxF,UAAM,UAAU,MAAM,KAAK,6BAA6B;AACxD,UAAM,SAAS,aAAa,KAAK,SAAmB,IAAI,KAAK,EAAY;AACzE,WAAO;AAAA,MACL,IAAI,KAAK;AAAA,MACT,OAAO,KAAK;AAAA,MACZ,YAAa,KAAK,cAAyB,SAAS,MAAM;AAAA,MAC1D,QAAQ,KAAK;AAAA,MACb,aAAa,SAAS,MAAM,IAAI,CAAC,OAAO;AAAA,QACtC,KAAK,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACnC,WAAW,GAAG,OAAO,IAAI,MAAM,GAAG,EAAE,KAAK;AAAA,QACzC,GAAG,EAAE;AAAA,QACL,GAAG,EAAE;AAAA,MACP,EAAE;AAAA,MACF,KAAK,SAAS;AAAA,MACd,cAAc,KAAK,mBACf,GAAG,QAAQ,UAAU,EAAE,kBAAkB,KAAK,EAAY,cAC1D;AAAA,IACN;AAAA,EACF;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA,IAKL,MAAM,gBACJ,iBACAA,WAA+B,CAAC,GACiB;AACjD,YAAM,cAAc,MAAM,qBAAqB,eAAe;AAE9D,YAAM;AAAA,QACJ,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,QACjB,QAAQ;AAAA,QACR,SAAS;AAAA,QACT;AAAA,MACF,IAAIA;AAGJ,YAAM,SAAS,MAAM,kBAAkB,aAAa,WAAW;AAG/D,UAAI,CAAC,OAAO,WAAW,YAAY,6BAA6B;AAE9D,cAAM,WAAW,MAAM,YAAY;AACnC,cAAM,EAAE,MAAM,SAAS,IAAI,MAAM,OAC9B,KAAK,iBAAiB,EACtB,OAAO,wBAAwB,EAC/B,GAAG,aAAa,QAAQ,EACxB,OAAO;AAEV,cAAM,OAAQ,UAAU,0BAAqC;AAE7D,YAAI,SAAS,QAAQ;AACnB,iBAAO,CAAC;AAAA,QACV;AAGA,YAAIC,SAAQ,OACT,KAAK,eAAe,EACpB,OAAO,oHAAoH,EAC3H,GAAG,mBAAmB,YAAY,EAAE;AAEvC,YAAI,OAAQ,CAAAA,SAAQA,OAAM,GAAG,UAAU,MAAM;AAC7C,QAAAA,SAAQA,OACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,cAAM,EAAE,MAAAC,OAAM,OAAAC,OAAM,IAAI,MAAMF;AAC9B,YAAIE,OAAO,OAAM,IAAI,MAAM,mBAAmB,eAAe,KAAKA,OAAM,OAAO,EAAE;AAEjF,gBAAQD,SAAQ,CAAC,GAAG,IAAI,CAAC,UAAU;AAAA,UACjC,GAAG;AAAA,UACH,MAAM,CAAC;AAAA,UACP,QAAQ;AAAA,QACV,EAAE;AAAA,MACJ;AAGA,UAAI,QAAQ,OACT,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,YAAY,EAAE;AAEvC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,mBAAmB,eAAe,KAAK,MAAM,OAAO,EAAE;AAAA,MACxE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBACJ,iBACA,UAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,mBAAmB,aAAa,EACnC,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,OAAO;AACT,YAAI,MAAM,SAAS,WAAY,QAAO;AACtC,cAAM,IAAI;AAAA,UACR,mBAAmB,eAAe,IAAI,QAAQ,KAAK,MAAM,OAAO;AAAA,QAClE;AAAA,MACF;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,eAAe,iBAA+C;AAClE,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,eAAe,EAC1B,OAAO;AAEV,UAAI,SAAS,CAAC,MAAM;AAClB,cAAM,IAAI,MAAM,2BAA2B,eAAe,EAAE;AAAA,MAC9D;AAEA,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,YACJ,iBAC6B;AAC7B,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,MAAM,EACb,GAAG,mBAAmB,aAAa,EACnC,GAAG,UAAU,WAAW;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,6BAA6B,eAAe,KAAK,MAAM,OAAO;AAAA,QAChE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAA0C;AAC9C,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,aAAa,QAAQ,EACxB,MAAM,MAAM;AAEf,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,kCAAkC,MAAM,OAAO,EAAE;AAAA,MACnE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,MAAM,aACJ,iBACmD;AACnD,YAAM,gBAAgB,MAAM,iBAAiB,eAAe;AAE5D,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,gBAAgB,EACrB,OAAO,oBAAoB,EAC3B,GAAG,mBAAmB,aAAa;AAEtC,UAAI,OAAO;AACT,cAAM,IAAI;AAAA,UACR,iCAAiC,eAAe,KAAK,MAAM,OAAO;AAAA,QACpE;AAAA,MACF;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,qBAEJ;AACA,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM,OAC3B,KAAK,kBAAkB,EACvB,OAAO,0CAA0C,EACjD,GAAG,aAAa,QAAQ;AAE3B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,qCAAqC,MAAM,OAAO,EAAE;AAAA,MACtE;AAEA,aAAQ,QAAQ,CAAC;AAAA,IAKnB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,mBACJ,UACAF,WAAgE,CAAC,GAC7B;AACpC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,MAAM,KAAK,IAAI,MAAM,OAC1B,KAAK,OAAO,EACZ,OAAO,IAAI,EACX,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,UAAI,CAAC,KAAM,QAAO,CAAC;AAEnB,YAAM,EAAE,QAAQ,IAAI,SAAS,GAAG,OAAO,IAAIA;AAE3C,UAAI,QAAQ,OACT,KAAK,kBAAkB,EACvB,OAAO,GAAG,EACV,GAAG,WAAW,KAAK,EAAE,EACrB,GAAG,WAAW,KAAK,EACnB,MAAM,cAAc,EAAE,WAAW,MAAM,CAAC,EACxC,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,YAAM,EAAE,KAAK,IAAI,MAAM;AACvB,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,QACJ,UACyC;AACzC,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM,EAAE,KAAK,IAAI,MAAM,OACpB,KAAK,OAAO,EACZ,OAAO,wCAAwC,EAC/C,GAAG,aAAa,QAAQ,EACxB,GAAG,QAAQ,QAAQ,EACnB,OAAO;AAEV,aAAO;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,WACJA,WAA8B,CAAC,GACN;AACzB,YAAM,WAAW,MAAM,YAAY;AAEnC,YAAM;AAAA,QACJ,SAAS;AAAA,QACT;AAAA,QACA,QAAQ;AAAA,QACR,SAAS;AAAA,QACT,UAAU;AAAA,QACV,iBAAiB;AAAA,MACnB,IAAIA;AAEJ,UAAI,QAAQ,OACT,KAAK,gBAAgB,EACrB,OAAO,mEAAmE,EAC1E,GAAG,aAAa,QAAQ;AAE3B,UAAI,QAAQ;AACV,gBAAQ,MAAM,GAAG,UAAU,MAAM;AAAA,MACnC;AAEA,UAAI,WAAW;AACb,gBAAQ,MAAM,IAAI,UAAU,SAAS;AAAA,MACvC;AAEA,cAAQ,MACL,MAAM,SAAS,EAAE,WAAW,mBAAmB,MAAM,CAAC,EACtD,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAEnC,YAAM,EAAE,MAAM,MAAM,IAAI,MAAM;AAE9B,UAAI,OAAO;AACT,cAAM,IAAI,MAAM,4BAA4B,MAAM,OAAO,EAAE;AAAA,MAC7D;AAEA,aAAQ,QAAQ,CAAC;AAAA,IACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAcA,MAAM,kBAAkBA,WAAiC,CAAC,GAA4B;AACpF,YAAM,EAAE,aAAa,MAAM,OAAO,CAAC,mBAAmB,EAAE,IAAIA;AAC5D,YAAM,cAAe,SAAgD;AACrE,YAAM,cAAe,SAAgD;AAMrE,YAAM,MACJ,GAAG,WAAW;AAGhB,YAAM,OAAkF;AAAA,QACtF,SAAS;AAAA,UACP,QAAQ;AAAA,UACR,eAAe,UAAU,WAAW;AAAA,UACpC,iBAAiB;AAAA,UACjB,wBAAwB;AAAA,UACxB,QAAQ;AAAA,QACV;AAAA,QACA,MAAM,EAAE,YAAY,KAAK;AAAA,MAC3B;AAEA,UAAI;AAOJ,UAAI;AACF,cAAM,MAAM,MAAM,MAAM,KAAK,IAAmB;AAChD,YAAI,IAAI,IAAI;AACV,gBAAM,OAAQ,MAAM,IAAI,KAAK;AAC7B,gBAAM,OAAO,CAAC;AAAA,QAChB;AAAA,MACF,QAAQ;AAAA,MAGR;AAEA,aAAO;AAAA,QACL,mBAAmB,QAAQ,KAAK,mBAAmB;AAAA,QACnD,oBAAoB,QAAQ,KAAK,qBAAqB;AAAA,QACtD,aAAa,QAAQ,KAAK,aAAa;AAAA,QACvC,aAAa,QAAQ,KAAK,aAAa;AAAA,MACzC;AAAA,IACF;AAAA,EACF;AACF;AAQO,IAAM,sBAAsB;AAkBnC,SAAS,QAAQ,GAA6C;AAC5D,MAAI,CAAC,EAAG,QAAO;AACf,QAAM,UAAU,EAAE,KAAK;AACvB,SAAO,QAAQ,SAAS,IAAI,UAAU;AACxC;AAaA,SAAS,WAAW,UAA0B,QAAgB;AAE5D,QAAM,cAAe,SAAgD;AACrE,QAAM,cAAe,SAAgD;AAErE,SAAO,qBAAqB,aAAa,aAAa;AAAA,IACpD,QAAQ;AAAA,MACN,SAAS;AAAA,QACP,iBAAiB;AAAA,QACjB,wBAAwB;AAAA,MAC1B;AAAA,IACF;AAAA,EACF,CAAC;AACH;;;AEnmBA,SAAS,iBAAiB,OAAuB;AAC/C,QAAM,QAAQ,MAAM,MAAM,GAAG;AAC7B,MAAI,MAAM,WAAW,EAAG,QAAO;AAC/B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,QAAM,IAAI,WAAW,MAAM,CAAC,CAAC;AAC7B,MAAI,CAAC,KAAK,CAAC,KAAK,KAAK,KAAK,KAAK,EAAG,QAAO;AACzC,SAAO,GAAG,CAAC,IAAI,CAAC;AAClB;AAMO,SAAS,aAAa,OAAwB;AACnD,MAAI,CAAC,SAAS,OAAO,UAAU,SAAU,QAAO;AAChD,QAAM,QAAQ;AACd,MAAI,CAAC,MAAM,OAAO,CAAC,MAAM,IAAI,WAAW,UAAU,EAAG,QAAO;AAE5D,QAAM,QAAQ,MAAM,SAAS;AAC7B,QAAM,cAAc,iBAAiB,MAAM,gBAAgB,MAAM;AAEjE,SAAO,uCAAuC,KAAK,iBAAiB,WAAW,kBAAkB,MAAM,GAAG;AAC5G;;;ACbA,IAAMI,mBAAkB;AAuBjB,SAAS,iBACd,WACA,SACA;AACA,QAAM,EAAE,OAAO,IAAI;AACnB,QAAM,UAAU,QAAQ,UAAUA,kBAAiB,QAAQ,OAAO,EAAE;AAGpE,sBAAoB,QAAQ,MAAM;AAElC,WAAS,cAA2B;AAClC,WAAO;AAAA,MACL,gBAAgB;AAAA,MAChB,iBAAiB;AAAA,MACjB,wBAAwB;AAAA,IAC1B;AAAA,EACF;AAEA,iBAAe,QAAW,MAA0B;AAClD,UAAM,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,IAAI,IAAI;AAAA,MAC1C,SAAS,YAAY;AAAA;AAAA,IAEvB,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,YAAM,IAAI;AAAA,QACR,KAAK,SAAS,wBAAwB,IAAI,MAAM,MAAM,IAAI;AAAA,MAC5D;AAAA,IACF;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOL,MAAM,YAAY,eAAoC,CAAC,GAAuB;AAC5E,YAAM,SAAS,IAAI,gBAAgB;AACnC,UAAI,aAAa,SAAU,QAAO,IAAI,YAAY,aAAa,QAAQ;AACvE,UAAI,aAAa,MAAM,OAAQ,QAAO,IAAI,QAAQ,aAAa,KAAK,KAAK,GAAG,CAAC;AAC7E,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,OAAO,aAAa,KAAK,CAAC;AACtE,UAAI,aAAa,OAAQ,QAAO,IAAI,UAAU,OAAO,aAAa,MAAM,CAAC;AACzE,UAAI,aAAa,KAAM,QAAO,IAAI,QAAQ,aAAa,IAAI;AAC3D,UAAI,aAAa,MAAO,QAAO,IAAI,SAAS,aAAa,KAAK;AAE9D,YAAM,KAAK,OAAO,SAAS;AAC3B,YAAM,EAAE,SAAS,IAAI,MAAM;AAAA,QACzB,gBAAgB,KAAK,IAAI,EAAE,KAAK,EAAE;AAAA,MACpC;AACA,aAAO,YAAY,CAAC;AAAA,IACtB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,iBAAiB,MAAuC;AAC5D,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,iBAAiB,mBAAmB,IAAI,CAAC,IAAI;AAAA,QAC5E,SAAS,YAAY;AAAA,MACvB,CAAC;AACD,UAAI,IAAI,WAAW,IAAK,QAAO;AAC/B,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,2BAA2B,IAAI,EAAE;AAAA,MACjE;AACA,YAAM,EAAE,QAAQ,IAAK,MAAM,IAAI,KAAK;AACpC,aAAO,WAAW;AAAA,IACpB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,gBAA4C;AAChD,YAAM,EAAE,WAAW,IAAI,MAAM;AAAA,QAC3B;AAAA,MACF;AACA,aAAO,cAAc,CAAC;AAAA,IACxB;AAAA;AAAA;AAAA;AAAA,IAKA,MAAM,kBAAkB,MAA+C;AACrE,YAAM,MAAM,MAAM,KAAK,cAAc;AACrC,aAAO,IAAI,KAAK,CAAC,MAAM,EAAE,SAAS,IAAI,KAAK;AAAA,IAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA,MAAM,YAAY,QAAuD;AACvE,YAAM,MAAM,MAAM,MAAM,GAAG,MAAM,sBAAsB;AAAA,QACrD,QAAQ;AAAA,QACR,SAAS,YAAY;AAAA,QACrB,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,MACrD,CAAC;AACD,UAAI,CAAC,IAAI,IAAI;AACX,cAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAwB;AACpE,cAAM,IAAI,MAAM,KAAK,SAAS,uBAAuB;AAAA,MACvD;AACA,aAAO,IAAI,KAAK;AAAA,IAClB;AAAA,EACF;AACF;;;AChEO,SAAS,mBACd,UACA,SACA;AACA,QAAM,EAAE,QAAQ,OAAO,IAAI;AAG3B,sBAAoB,QAAQ,MAAM;AAElC,iBAAe,UACb,cAC2B;AAC3B,QAAI,QAAQ,SACT,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,UAAU,WAAW,EACxB,MAAM,cAAc,QAAQ,YAAY;AAAA,MACvC,YAAY,cAAc,SAAS,WAAW;AAAA,IAChD,CAAC;AAEH,QAAI,cAAc,cAAc;AAC9B,cAAQ,MAAM,IAAI,aAAY,oBAAI,KAAK,GAAE,YAAY,CAAC;AAAA,IACxD;AACA,QAAI,cAAc,KAAK;AACrB,cAAQ,MAAM,SAAS,QAAQ,CAAC,aAAa,GAAG,CAAC;AAAA,IACnD;AACA,QAAI,cAAc,OAAO;AACvB,cAAQ,MAAM,MAAM,aAAa,KAAK;AAAA,IACxC;AACA,QAAI,cAAc,QAAQ;AACxB,cAAQ,MAAM;AAAA,QACZ,aAAa;AAAA,QACb,aAAa,UAAU,aAAa,SAAS,MAAM;AAAA,MACrD;AAAA,IACF;AAEA,UAAM,EAAE,KAAK,IAAI,MAAM;AACvB,WAAQ,QAAQ,CAAC;AAAA,EACnB;AAEA,iBAAe,eAAe,MAA8C;AAC1E,UAAM,EAAE,KAAK,IAAI,MAAM,SACpB,KAAK,QAAQ,EACb,OAAO,0BAA0B,EACjC,GAAG,QAAQ,IAAI,EACf,GAAG,UAAU,WAAW,EACxB,OAAO;AACV,WAAQ,QAA2B;AAAA,EACrC;AAEA,iBAAe,cACb,QAC8B;AAC9B,UAAM,UAAU,UAAU;AAC1B,UAAM,MAAM,MAAM,MAAM,GAAG,OAAO,wBAAwB;AAAA,MACxD,QAAQ;AAAA,MACR,SAAS,EAAE,gBAAgB,mBAAmB;AAAA,MAC9C,MAAM,KAAK,UAAU,EAAE,SAAS,QAAQ,GAAG,OAAO,CAAC;AAAA,IACrD,CAAC;AACD,QAAI,CAAC,IAAI,IAAI;AACX,YAAM,MAAM,MAAM,IACf,KAAK,EACL,MAAM,OAAO,EAAE,OAAO,0BAA0B,EAAE;AACrD,YAAM,IAAI,MAAM,IAAI,SAAS,yBAAyB;AAAA,IACxD;AACA,WAAO,IAAI,KAAK;AAAA,EAClB;AAEA,SAAO,EAAE,WAAW,gBAAgB,cAAc;AACpD;;;AC1HO,SAAS,gBACd,aACA,WAAkC,CAAC,GAC3B;AACR,SAAO;AACT;AAUO,SAAS,UACd,aACA,UAAoB,CAAC,GACrB,WAAW,IACH;AACR,SAAO,GAAG,WAAW;AACvB;AAMO,IAAM,gBAAgB;AAAA,EAC3B,WAAW,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EAC5E,MAAM,EAAE,OAAO,KAAK,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACxE,IAAI,EAAE,OAAO,MAAM,QAAQ,KAAK,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACtE,QAAQ,EAAE,OAAO,IAAI,QAAQ,IAAI,QAAQ,SAAkB,SAAS,GAAG;AAAA,EACvE,MAAM,EAAE,OAAO,MAAM,QAAQ,WAAoB,SAAS,GAAG;AAC/D;;;AC9CO,SAAS,iBAAiB,OAAyC;AACxE,MAAI,CAAC,MAAO,QAAO;AACnB,MAAI;AACJ,MAAK,IAAI,4BAA4B,KAAK,KAAK;AAC7C,WAAO,EAAE,aAAa,QAAQ,MAAM,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,EAAE;AACtE,MAAK,IAAI,oBAAoB,KAAK,KAAK;AACrC,WAAO,EAAE,aAAa,cAAc,MAAM,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,EAAE,CAAC,EAAE;AAChE,MAAK,IAAI,YAAY,KAAK,KAAK,EAAI,QAAO,EAAE,aAAa,QAAQ,MAAM,CAAC,EAAE,CAAC,EAAE;AAC7E,MAAK,IAAI,sBAAsB,KAAK,KAAK;AACvC,WAAO,EAAE,aAAa,aAAa,OAAO,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,EAAE,CAAC,EAAE;AAC9D,MAAK,IAAI,cAAc,KAAK,KAAK,EAAI,QAAO,EAAE,aAAa,SAAS,OAAO,CAAC,EAAE,CAAC,EAAE;AACjF,SAAO;AACT;AAcO,SAAS,kBAAkB,OAAe,UAAoC,CAAC,GAAW;AAC/F,QAAM,SAAS,iBAAiB,KAAK;AACrC,MAAI,CAAC,OAAQ,QAAO;AAEpB,QAAM,EAAE,QAAQ,QAAQ,OAAO,IAAI;AACnC,QAAM,aAAa,OAAO,QAAQ,OAAO,QAAQ,IAAI;AAErD,UAAQ,OAAO,aAAa;AAAA,IAC1B,KAAK;AACH,aAAO,OAAO,OAAO,IAAI;AAAA,IAC3B,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,MAAM,CAAC,EAAE,OAAO,IAAI,KAAK,KAAM,YAAY,CAAC,CAAC;AAAA,IACxF,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,OAAO,MAAM,UAAU,CAAC,EAAE;AAAA,QACjE,IAAI,KAAK,OAAO,MAAO,YAAY,CAAC;AAAA,MACtC;AAAA,IACF,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,OAAO,KAAK,UAAU,CAAC,EAAE;AAAA,QAChE,IAAI,KAAK,KAAM,YAAY,OAAO,GAAI;AAAA,MACxC;AAAA,IACF,KAAK;AACH,aAAO,IAAI,KAAK,eAAe,QAAQ,EAAE,MAAM,WAAW,OAAO,KAAK,UAAU,CAAC,EAAE;AAAA,QACjF,IAAI,KAAK,OAAO,MAAO,YAAY,OAAO,GAAI;AAAA,MAChD;AAAA,EACJ;AACF;;;AChBA,eAAsB,uBACpB,QACA,SACA,WACkB;AAClB,MAAI,CAAC,aAAa,CAAC,OAAQ,QAAO;AAElC,QAAM,SAAU,WAAW,UAAU,WAAW,OAAO,UAAW;AAClE,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AAEA,QAAM,UAAU,IAAI,YAAY;AAChC,QAAM,MAAM,MAAM,OAAO;AAAA,IACvB;AAAA,IACA,QAAQ,OAAO,MAAM;AAAA,IACrB,EAAE,MAAM,QAAQ,MAAM,UAAU;AAAA,IAChC;AAAA,IACA,CAAC,MAAM;AAAA,EACT;AACA,QAAM,YAAY,MAAM,OAAO,KAAK,QAAQ,KAAK,QAAQ,OAAO,OAAO,CAAC;AACxE,QAAM,WAAW,YAAY,SAAS;AAEtC,SAAO,mBAAmB,UAAU,UAAU,KAAK,CAAC;AACtD;AAUO,IAAM,iBAAiB;AAAA;AAAA,EAE5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AACF;AAkCO,SAAS,kBACd,SACA,eACU;AACV,QAAM,OAAO,QAAQ;AACrB,MAAI,CAAC,MAAM,QAAQ,IAAI,KAAK,KAAK,WAAW,EAAG,QAAO,CAAC;AACvD,QAAM,cAAwB,CAAC;AAC/B,aAAW,OAAO,MAAM;AACtB,QAAI,OAAO,QAAQ,YAAY,IAAI,WAAW,EAAG;AACjD,kBAAc,KAAK,EAAE,QAAQ,EAAE,CAAC;AAChC,gBAAY,KAAK,GAAG;AAAA,EACtB;AACA,SAAO;AACT;AAEA,SAAS,YAAY,KAA0B;AAC7C,QAAM,QAAQ,IAAI,WAAW,GAAG;AAChC,MAAI,MAAM;AACV,WAAS,IAAI,GAAG,IAAI,MAAM,QAAQ,KAAK;AACrC,WAAO,MAAM,CAAC,EAAE,SAAS,EAAE,EAAE,SAAS,GAAG,GAAG;AAAA,EAC9C;AACA,SAAO;AACT;AAMA,SAAS,mBAAmB,GAAW,GAAoB;AACzD,MAAI,EAAE,WAAW,EAAE,OAAQ,QAAO;AAClC,MAAI,WAAW;AACf,WAAS,IAAI,GAAG,IAAI,EAAE,QAAQ,KAAK;AACjC,gBAAY,EAAE,WAAW,CAAC,IAAI,EAAE,WAAW,CAAC;AAAA,EAC9C;AACA,SAAO,aAAa;AACtB;","names":["options","query","data","error","DEFAULT_APP_URL"]}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@distinctagency/cms-client",
-  "version": "1.20.1",
+  "version": "1.21.0",
   "description": "Client library for Distinct CMS — query content, products, and manage orders",
   "main": "dist/index.js",
   "module": "dist/index.mjs",
@@ -26,6 +26,10 @@
       "require": "./dist/tracking-scripts.js"
     }
   },
+  "scripts": {
+    "build": "tsup",
+    "prepublishOnly": "pnpm build"
+  },
   "peerDependencies": {
     "@supabase/supabase-js": ">=2.0.0",
     "next": ">=14.0.0",
@@ -51,8 +55,5 @@
   ],
   "publishConfig": {
     "access": "public"
-  },
-  "scripts": {
-    "build": "tsup"
   }
-}
+}