@doswiftly/storefront-sdk 18.1.0 → 19.1.0

package/CHANGELOG.md

@@ -1,5 +1,134 @@
 # Changelog
 
+## 19.1.0
+
+### Minor Changes
+
+- 868894e: Add remote debug shipping for both GraphQL **and** cookie-lifecycle events, so you can trace a real shopper session end-to-end instead of reproducing it with DevTools open.
+
+  **Why**: the most useful checkout signal is often "when was the `cart-id` / currency / language cookie set or cleared?" (e.g. `cart-id` cleared by `complete()`), but debug output previously covered only GraphQL request/response. Now both flow through one channel keyed by a single `sessionId`, so one filter in your logs gives the full interleaved timeline.
+
+  **Additive (backward-compatible)** — everything is opt-in and off by default:
+  1. `DebugOptions.remote?: boolean | RemoteDebugOptions | RemoteDebugSink` — ship debug events to a backend ingest endpoint. Pass a pre-built transport (a `RemoteDebugSink`) to share **one** channel/`sessionId` across the client and the cookie stores.
+  2. New `createRemoteDebugTransport(...)` factory (+ `RemoteDebugTransport` / `RemoteDebugSink` / `RemoteDebugOptions` types).
+  3. Cookie stores emit a new `DebugEvent` with `phase: 'cookie'` (`{ name, action: 'set' | 'clear', value?, maxAge? }`) when wired with a sink:
+     - `createBrowserCartCookieStore({ onDebug })` — `cart-id` (when you own the cookie store).
+     - `useCartManager({ cookieDebug })` / `<CartManagerProvider cookieDebug={...}>` — `cart-id` when the cart manager owns the cookie store.
+     - `createCurrencyStore({ onDebug })` / `createLanguageStore(initial, { onDebug })` — currency / language.
+     - `<StorefrontProvider cookieDebug={...}>` forwards the sink to the currency + language stores.
+  4. `DebugOptions`, `DebugEvent`, `RemoteDebugOptions`, `RemoteDebugSink` are exported for typing.
+
+  **Usage example** (one shared channel across GraphQL + cookies):
+
+  ```ts
+  import {
+    createStorefrontClient,
+    createRemoteDebugTransport,
+    createBrowserCartCookieStore,
+  } from "@doswiftly/storefront-sdk";
+
+  const debugOn = process.env.NEXT_PUBLIC_SDK_DEBUG_REMOTE === "true";
+  const transport = debugOn
+    ? createRemoteDebugTransport({
+        endpoint: `${apiUrl}/storefront/debug-logs`,
+        shopSlug,
+        fetch: globalThis.fetch,
+      })
+    : null;
+
+  const client = createStorefrontClient({
+    apiUrl,
+    shopSlug,
+    debug: transport
+      ? { userErrors: true, response: true, timing: true, remote: transport }
+      : false,
+  });
+
+  // cart-id set/clear on the same channel:
+  const cartCookieStore = createBrowserCartCookieStore(
+    transport ? { onDebug: (e) => transport.capture(e) } : undefined,
+  );
+
+  // currency + language via the provider:
+  // <StorefrontProvider cookieDebug={transport ? (e) => transport.capture(e) : undefined} … />
+  ```
+
+  Behaviour:
+  - **Batched** (default 10 events / 5s); `keepalive` is used on page-hide/unload flushes so trailing events survive a navigation or payment-gateway redirect.
+  - **Fire-and-forget**: a failed send is swallowed — telemetry can never break the request that produced it.
+  - Cookies are **not** sent (`credentials: 'omit'`); the shop is identified by the `X-Shop-Slug` header.
+  - **Redaction**: the SDK masks `Authorization` / `customerAccessToken` in _headers_. It does **not** redact request `variables` or response bodies — the backend ingest endpoint masks emails + credential-named fields. Enable `response` / `headers` only for operations whose payload you're comfortable sending to your backend.
+  - Default endpoint is `${apiUrl}/storefront/debug-logs`; override via `RemoteDebugOptions.endpoint`.
+
+  **Migration checklist for existing storefronts**:
+  - [ ] No action required — all of the above is opt-in and defaults to off.
+  - [ ] To adopt: build one transport (gated behind an env flag), pass it to `createStorefrontClient`, the cart cookie store, and `<StorefrontProvider cookieDebug>`, then confirm requests to `/storefront/debug-logs`.
+
+## 19.0.0
+
+### Major Changes
+
+- 7ee241f: Move the server-side cookie readers to the server entry and rename them for intent.
+
+  The two async cookie readers now live in `@doswiftly/storefront-sdk/react/server` (next to
+  `getInitialAuth`) and are renamed to describe what they read instead of how:
+
+  | Removed (from `@doswiftly/storefront-sdk/react`) | New (in `@doswiftly/storefront-sdk/react/server`) |
+  | ------------------------------------------------ | ------------------------------------------------- |
+  | `getCurrencyFromCookieAsync()`                   | `readCurrencyCookie()`                            |
+  | `getCartIdFromCookieAsync()`                     | `readCartIdCookie()`                              |
+
+  Both keep the same return type, `Promise<string | null>`, and read the same cookies
+  (`preferred-currency`, `cart-id`). They are still server-first with a `document.cookie` fallback,
+  so they remain safe to call from either side — these cookies are readable (not httpOnly).
+
+  `getCookie`, `setCookie`, `deleteCookie`, and `createBrowserCartCookieStore` are unchanged and
+  still exported from `@doswiftly/storefront-sdk/react`.
+
+  **Why**: the readers depend on `next/headers`, a server-only API, but were exported from the
+  client React entry — so the entry's own description ("client-side; for server use `next/headers`")
+  contradicted two of its functions. Moving them next to `getInitialAuth` keeps `next/headers` out of
+  the client entry and gives both cold-start cookie reads (auth, and now cart-id / currency) one home.
+
+  **Migration** — update the import path and the names:
+
+  ```ts
+  // Before — client React entry
+  import {
+    getCurrencyFromCookieAsync,
+    getCartIdFromCookieAsync,
+  } from "@doswiftly/storefront-sdk/react";
+  const currency = await getCurrencyFromCookieAsync();
+  const cartId = await getCartIdFromCookieAsync();
+
+  // After — server entry (use in a Server Component)
+  import {
+    readCurrencyCookie,
+    readCartIdCookie,
+  } from "@doswiftly/storefront-sdk/react/server";
+  const currency = await readCurrencyCookie();
+  const cartId = await readCartIdCookie();
+  ```
+
+  Reading the cart-id server-side is the supported way to resolve a returning buyer's cart on the
+  first render — including when a separate checkout deployment shares the storefront domain:
+
+  ```ts
+  // app/checkout/page.tsx (Server Component)
+  import { readCartIdCookie } from "@doswiftly/storefront-sdk/react/server";
+
+  const cartId = await readCartIdCookie();
+  const cart = cartId ? await fetchCart(cartId) : null;
+  ```
+
+  **Migration checklist**:
+  - [ ] Replace `getCurrencyFromCookieAsync` / `getCartIdFromCookieAsync` imports from
+        `@doswiftly/storefront-sdk/react` with `readCurrencyCookie` / `readCartIdCookie` from
+        `@doswiftly/storefront-sdk/react/server`.
+  - [ ] For purely client-side reads, use `getCookie('preferred-currency')` /
+        `getCookie('cart-id')` (or `createBrowserCartCookieStore()` for the cart id) from
+        `@doswiftly/storefront-sdk/react` instead.
+
 ## 18.1.0
 
 ### Minor Changes

package/dist/core/client/create-client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"create-client.d.ts","sourceRoot":"","sources":["../../../src/core/client/create-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EACV,sBAAsB,EACtB,gBAAgB,EAKjB,MAAM,SAAS,CAAC;AAOjB,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,sBAAsB,GAAG,gBAAgB,CA0GvF"}
+{"version":3,"file":"create-client.d.ts","sourceRoot":"","sources":["../../../src/core/client/create-client.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EACV,sBAAsB,EACtB,gBAAgB,EAKjB,MAAM,SAAS,CAAC;AAQjB,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,sBAAsB,GAAG,gBAAgB,CAgHvF"}

package/dist/core/client/create-client.js

@@ -11,6 +11,7 @@
  * 0 runtime dependencies.
  */
 import { createExecute, resolveDebugOptions } from './execute';
+import { maybeAttachRemoteTransport } from './remote-debug-transport';
 import { compose } from './compose';
 import { dedupe } from './dedupe';
 import { hashQuery } from './hash';
@@ -24,7 +25,13 @@ export function createStorefrontClient(config) {
     // Normalise the public `boolean | 'verbose' | DebugOptions` union into the
     // canonical ResolvedDebugOptions shape (or null = no logging). Env var
     // fallback (`DOSWIFTLY_SDK_DEBUG`) applies only when `debug` is undefined.
-    const resolvedDebug = resolveDebugOptions(debug);
+    // When `debug.remote` is set, the resolved sink is wrapped so every event is
+    // also shipped to the backend ingest endpoint (default `${apiUrl}/storefront/debug-logs`).
+    const resolvedDebug = maybeAttachRemoteTransport(resolveDebugOptions(debug), debug, {
+        apiUrl,
+        shopSlug,
+        fetch: customFetch,
+    });
     // Create the innermost execute function (native fetch)
     const innerExecute = createExecute({ endpoint, fetch: customFetch, debug: resolvedDebug });
     /**

package/dist/core/client/remote-debug-transport.d.ts

@@ -0,0 +1,48 @@
+/**
+ * Remote debug transport — batches debug events and ships them to a backend ingest
+ * endpoint over `fetch`. 0 runtime dependencies (only `fetch`, `Date`, `globalThis.crypto`).
+ *
+ * Fire-and-forget by contract: a failed flush is swallowed so telemetry can never break the
+ * storefront request that produced the event. The buffer flushes when it reaches `batchSize`,
+ * after `flushIntervalMs`, or when the page is hidden / unloading (browser only) — the last one
+ * matters for redirect-heavy flows (e.g. payment gateway hand-off) where trailing events would
+ * otherwise be lost. `fetch(..., { keepalive: true })` lets that final send complete during unload.
+ *
+ * Credentials are never sent (`credentials: 'omit'`) — this is telemetry, not an authenticated
+ * call. The shop is identified by the `X-Shop-Slug` header; the backend validates it.
+ */
+import type { DebugEvent, DebugOptions } from './types';
+import type { ResolvedDebugOptions } from './execute';
+export interface RemoteDebugTransportConfig {
+    /** Fully-resolved ingest endpoint URL. */
+    endpoint: string;
+    /** Shop slug sent as `X-Shop-Slug` so the backend can resolve the tenant. */
+    shopSlug: string;
+    /** Fetch implementation (the same one the client transport uses). */
+    fetch: typeof globalThis.fetch;
+    batchSize?: number;
+    flushIntervalMs?: number;
+    sessionId?: string;
+    sdkVersion?: string;
+}
+export interface RemoteDebugTransport {
+    /** Buffer one debug event; flushes automatically per the batching policy. */
+    capture(event: DebugEvent): void;
+}
+export declare function createRemoteDebugTransport(config: RemoteDebugTransportConfig): RemoteDebugTransport;
+/**
+ * Build a `phase: 'cookie'` {@link DebugEvent} for a cookie set/clear. Single construction point so
+ * the cart / currency / language stores emit an identical shape (`{ name, action, value?, maxAge? }`).
+ */
+export declare function cookieDebugEvent(name: string, action: 'set' | 'clear', value?: string, maxAge?: number): DebugEvent;
+/**
+ * If `debug.remote` is enabled, wrap the resolved debug sink so every event is also handed to a
+ * remote transport. Returns the input untouched when remote is off (or debug is disabled), so the
+ * local `log` behaviour is preserved exactly.
+ */
+export declare function maybeAttachRemoteTransport(resolved: ResolvedDebugOptions | null, debugConfig: boolean | 'verbose' | DebugOptions | undefined, context: {
+    apiUrl: string;
+    shopSlug: string;
+    fetch: typeof globalThis.fetch;
+}): ResolvedDebugOptions | null;
+//# sourceMappingURL=remote-debug-transport.d.ts.map

package/dist/core/client/remote-debug-transport.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"remote-debug-transport.d.ts","sourceRoot":"","sources":["../../../src/core/client/remote-debug-transport.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAE,YAAY,EAAuC,MAAM,SAAS,CAAC;AAC7F,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAMtD,MAAM,WAAW,0BAA0B;IACzC,0CAA0C;IAC1C,QAAQ,EAAE,MAAM,CAAC;IACjB,6EAA6E;IAC7E,QAAQ,EAAE,MAAM,CAAC;IACjB,qEAAqE;IACrE,KAAK,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,oBAAoB;IACnC,6EAA6E;IAC7E,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;CAClC;AAuDD,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,0BAA0B,GAAG,oBAAoB,CAmFnG;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAC9B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,KAAK,GAAG,OAAO,EACvB,KAAK,CAAC,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,MAAM,GACd,UAAU,CAKZ;AAOD;;;;GAIG;AACH,wBAAgB,0BAA0B,CACxC,QAAQ,EAAE,oBAAoB,GAAG,IAAI,EACrC,WAAW,EAAE,OAAO,GAAG,SAAS,GAAG,YAAY,GAAG,SAAS,EAC3D,OAAO,EAAE;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,OAAO,UAAU,CAAC,KAAK,CAAA;CAAE,GAC5E,oBAAoB,GAAG,IAAI,CA0C7B"}

package/dist/core/client/remote-debug-transport.js

@@ -0,0 +1,198 @@
+/**
+ * Remote debug transport — batches debug events and ships them to a backend ingest
+ * endpoint over `fetch`. 0 runtime dependencies (only `fetch`, `Date`, `globalThis.crypto`).
+ *
+ * Fire-and-forget by contract: a failed flush is swallowed so telemetry can never break the
+ * storefront request that produced the event. The buffer flushes when it reaches `batchSize`,
+ * after `flushIntervalMs`, or when the page is hidden / unloading (browser only) — the last one
+ * matters for redirect-heavy flows (e.g. payment gateway hand-off) where trailing events would
+ * otherwise be lost. `fetch(..., { keepalive: true })` lets that final send complete during unload.
+ *
+ * Credentials are never sent (`credentials: 'omit'`) — this is telemetry, not an authenticated
+ * call. The shop is identified by the `X-Shop-Slug` header; the backend validates it.
+ */
+import { CART_COOKIE_NAME } from '../cart/cookie-config';
+const DEFAULT_BATCH_SIZE = 10;
+const DEFAULT_FLUSH_INTERVAL_MS = 5000;
+/**
+ * Pull identifying ids out of operation variables so the backend log is filterable by cart /
+ * order without parsing the whole payload. `cartId` comes from an explicit `cartId` variable, or
+ * from the `id` variable on cart operations (cart mutations pass the cart as `id: cartId`). The
+ * operation-name check is anchored (`^cart`) so only cart operations (`CartAddLines`, …) qualify —
+ * an unrelated op that merely contains "cart" (e.g. `ProductInCartBadge`) won't mislabel its `id`.
+ */
+function extractIdentifiers(event) {
+    // Cookie events carry the value directly — surface the cart-id so its set/clear correlates with
+    // the cart's GraphQL operations under one `cartId` filter.
+    if (event.phase === 'cookie') {
+        const cookie = event.data;
+        return cookie.name === CART_COOKIE_NAME && typeof cookie.value === 'string'
+            ? { cartId: cookie.value }
+            : {};
+    }
+    const variables = event.data.variables;
+    if (!variables || typeof variables !== 'object')
+        return {};
+    const v = variables;
+    const op = event.operationName ?? '';
+    const out = {};
+    const cartId = typeof v.cartId === 'string'
+        ? v.cartId
+        : /^cart/i.test(op) && typeof v.id === 'string'
+            ? v.id
+            : undefined;
+    if (cartId)
+        out.cartId = cartId;
+    if (typeof v.orderId === 'string')
+        out.orderId = v.orderId;
+    return out;
+}
+/**
+ * Generate a session correlation id. Prefers `crypto.randomUUID`; falls back to a
+ * timestamp + random suffix when unavailable (uniqueness within one client is all that is
+ * required here — there is no security property to preserve).
+ */
+function generateSessionId() {
+    const c = globalThis.crypto;
+    if (c && typeof c.randomUUID === 'function')
+        return c.randomUUID();
+    return `sdk-${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 10)}`;
+}
+export function createRemoteDebugTransport(config) {
+    const { endpoint, shopSlug, fetch: fetchFn, batchSize = DEFAULT_BATCH_SIZE, flushIntervalMs = DEFAULT_FLUSH_INTERVAL_MS, sdkVersion, } = config;
+    const sessionId = config.sessionId ?? generateSessionId();
+    let buffer = [];
+    let timer = null;
+    function clearFlushTimer() {
+        if (timer !== null) {
+            clearTimeout(timer);
+            timer = null;
+        }
+    }
+    function flush(useKeepalive = false) {
+        if (buffer.length === 0)
+            return;
+        const events = buffer;
+        buffer = [];
+        clearFlushTimer();
+        // Fire-and-forget — a transport failure must never surface to the caller.
+        void Promise.resolve()
+            .then(() => fetchFn(endpoint, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'X-Shop-Slug': shopSlug,
+            },
+            body: JSON.stringify({ sessionId, sdkVersion, events }),
+            // `keepalive` only for unload flushes — on a live page a large batch can exceed the
+            // browser's keepalive body quota (~64KB) and be rejected (then silently swallowed),
+            // whereas an ordinary fetch has no such cap. Unload flushes need it to survive navigation.
+            keepalive: useKeepalive,
+            credentials: 'omit',
+        }))
+            .catch(() => undefined);
+    }
+    // Flush on page hide / unload so trailing events survive a navigation or gateway redirect.
+    // Browser-only — guarded so the core stays usable in Node / Edge / Deno. These listeners live for
+    // the transport's lifetime (no teardown): the storefront client is expected to be created once per
+    // app (the SDK's singleton/Context convention), so they are registered once. Do not build a new
+    // client with `debug.remote` on every render — that would accumulate listeners.
+    const g = globalThis;
+    if (typeof g.addEventListener === 'function') {
+        g.addEventListener('pagehide', () => flush(true));
+        g.addEventListener('visibilitychange', () => {
+            if (g.document?.visibilityState === 'hidden')
+                flush(true);
+        });
+    }
+    return {
+        capture(event) {
+            buffer.push({
+                timestamp: new Date().toISOString(),
+                phase: event.phase,
+                operationName: event.operationName ?? null,
+                ...extractIdentifiers(event),
+                data: event.data,
+            });
+            if (buffer.length >= batchSize) {
+                flush();
+            }
+            else if (timer === null) {
+                timer = setTimeout(() => flush(), flushIntervalMs);
+                // Don't keep a Node/Edge event loop alive for a pending flush (browser timers are numbers
+                // with no `unref`; Node/Edge timers are objects that have it).
+                if (timer && typeof timer === 'object' && 'unref' in timer) {
+                    timer.unref();
+                }
+            }
+        },
+    };
+}
+/**
+ * Build a `phase: 'cookie'` {@link DebugEvent} for a cookie set/clear. Single construction point so
+ * the cart / currency / language stores emit an identical shape (`{ name, action, value?, maxAge? }`).
+ */
+export function cookieDebugEvent(name, action, value, maxAge) {
+    const data = { name, action };
+    if (value !== undefined)
+        data.value = value;
+    if (maxAge !== undefined)
+        data.maxAge = maxAge;
+    return { phase: 'cookie', operationName: undefined, data };
+}
+/** True when `remote` is a pre-built sink (has a callable `capture`) rather than options/boolean. */
+function isRemoteSink(remote) {
+    return typeof remote === 'object' && typeof remote.capture === 'function';
+}
+/**
+ * If `debug.remote` is enabled, wrap the resolved debug sink so every event is also handed to a
+ * remote transport. Returns the input untouched when remote is off (or debug is disabled), so the
+ * local `log` behaviour is preserved exactly.
+ */
+export function maybeAttachRemoteTransport(resolved, debugConfig, context) {
+    if (!resolved)
+        return resolved;
+    // `remote` only exists on the object form of `debug` (`DebugOptions`).
+    if (typeof debugConfig !== 'object' || !debugConfig.remote) {
+        return resolved;
+    }
+    const remote = debugConfig.remote;
+    // A pre-built sink (e.g. a transport shared with the cookie stores) is used as-is, so the whole
+    // app reports through one channel + sessionId. Otherwise build a transport from the options.
+    let transport;
+    if (isRemoteSink(remote)) {
+        transport = remote;
+    }
+    else {
+        const remoteOpts = remote === true ? {} : remote;
+        transport = createRemoteDebugTransport({
+            endpoint: remoteOpts.endpoint ?? `${context.apiUrl.replace(/\/$/, '')}/storefront/debug-logs`,
+            shopSlug: context.shopSlug,
+            fetch: context.fetch,
+            batchSize: remoteOpts.batchSize,
+            flushIntervalMs: remoteOpts.flushIntervalMs,
+            sessionId: remoteOpts.sessionId,
+            sdkVersion: remoteOpts.sdkVersion,
+        });
+    }
+    const originalLog = resolved.log;
+    return {
+        ...resolved,
+        // Telemetry must never break the request: `execute` calls `debug.log` synchronously outside any
+        // try/catch, so a throwing local sink or remote `capture` is swallowed here.
+        log: (event) => {
+            try {
+                originalLog(event);
+            }
+            catch {
+                /* local sink threw — ignore */
+            }
+            try {
+                transport.capture(event);
+            }
+            catch {
+                /* remote sink threw — ignore */
+            }
+        },
+    };
+}

package/dist/core/client/types.d.ts

@@ -110,14 +110,64 @@ export interface DebugOptions {
     userErrors?: boolean;
     /** Custom logger sink. Default `console.log('[StorefrontSDK]', event.phase, event.operationName, event.data)`. Use for routing into `pino` / `winston`. */
     log?: (event: DebugEvent) => void;
+    /**
+     * Ship debug events to a remote ingest endpoint, in addition to the local `log` sink.
+     *
+     * Pass `true` to use defaults, or a `RemoteDebugOptions` object to customise the endpoint and
+     * batching. Events are buffered and sent with `fetch` (with `keepalive` on page-unload flushes so
+     * trailing events survive a navigation); a failed send is swallowed so telemetry can never break
+     * the request that produced it. Cookies are not sent (`credentials: 'omit'`). Default `false`.
+     *
+     * Redaction note: the SDK masks `Authorization` / `customerAccessToken` in *headers*. It does NOT
+     * redact the request `variables` or response body it ships — the backend ingest endpoint is the
+     * safety net there (it masks emails and credential-named fields). Enable `response` / `headers`
+     * only for operations whose payload you are comfortable sending to your backend.
+     *
+     * Which events are shipped is governed by the other flags above — `remote: true` alone ships the
+     * minimal set (request variables + response status + `userErrors`); enable `response` / `headers`
+     * / `timing` to ship more.
+     *
+     * Pass a pre-built transport (a `RemoteDebugSink`, e.g. from `createRemoteDebugTransport`) to
+     * share ONE channel + sessionId across the GraphQL client and the cookie stores, so a single
+     * `sessionId` in your logs gives the full interleaved timeline (GraphQL + cookie set/clear).
+     */
+    remote?: boolean | RemoteDebugOptions | RemoteDebugSink;
+}
+/**
+ * Configuration for the remote debug transport (`DebugOptions.remote`). All fields optional.
+ */
+export interface RemoteDebugOptions {
+    /** Ingest endpoint URL. Default `${apiUrl}/storefront/debug-logs`. */
+    endpoint?: string;
+    /** Flush the buffer once this many events accumulate. Default `10`. */
+    batchSize?: number;
+    /** Flush the buffer after this many milliseconds even if `batchSize` is not reached. Default `5000`. */
+    flushIntervalMs?: number;
+    /** Correlation id grouping every event from one client instance. Default a generated id. */
+    sessionId?: string;
+    /** Optional client/build version label attached to every batch. */
+    sdkVersion?: string;
+}
+/**
+ * Minimal surface of a debug transport — accepts already-built `DebugEvent`s. A `RemoteDebugSink`
+ * created once (via `createRemoteDebugTransport`) and shared between the GraphQL client and the
+ * cookie stores forms a single debug channel with one `sessionId`.
+ */
+export interface RemoteDebugSink {
+    capture(event: DebugEvent): void;
 }
 /**
  * Structured event handed to a custom `DebugOptions.log` sink. Stable contract:
  * `phase` and `operationName` are always present; `data` carries the merged
  * payload selected by `DebugOptions` flags.
+ *
+ * `phase: 'cookie'` events come from the SDK cookie layer (cart / currency / language) rather than
+ * the GraphQL transport — `operationName` is `undefined` and `data` is
+ * `{ name, action: 'set' | 'clear', value?, maxAge? }`. They let you see exactly when a cookie was
+ * written or removed (e.g. `cart-id` cleared by `complete()`) alongside the GraphQL timeline.
  */
 export interface DebugEvent {
-    phase: 'request' | 'response';
+    phase: 'request' | 'response' | 'cookie';
     operationName: string | undefined;
     data: Record<string, unknown>;
 }

package/dist/core/client/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/core/client/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH;;;;;GAKG;AACH,qBAAa,mBAAmB,CAAC,OAAO,GAAG,OAAO,EAAE,UAAU,GAAG,OAAO,CAAE,SAAQ,MAAM;IAIpD,QAAQ,CAAC,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE;IAH7D,+CAA+C;IAC/C,SAAS,CAAC,EAAE,CAAC,SAAS,EAAE,UAAU,KAAK,OAAO,CAAC;gBAEnC,KAAK,EAAE,MAAM,EAAS,QAAQ,CAAC,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,YAAA;IAIpD,QAAQ,IAAI,MAAM;CAG5B;AAMD,MAAM,WAAW,cAAc;IAC7B,uCAAuC;IACvC,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,iDAAiD;IACjD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,+DAA+D;IAC/D,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,mCAAmC;IACnC,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,wDAAwD;IACxD,UAAU,EAAE,OAAO,CAAC;IACpB,8BAA8B;IAC9B,KAAK,CAAC,EAAE,aAAa,CAAC;CACvB;AAED,MAAM,WAAW,eAAe,CAAC,CAAC,GAAG,OAAO;IAC1C,2BAA2B;IAC3B,IAAI,EAAE,CAAC,CAAC;IACR,8BAA8B;IAC9B,MAAM,CAAC,EAAE,gBAAgB,EAAE,CAAC;IAC5B,uBAAuB;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,2BAA2B;IAC3B,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACpD,IAAI,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;IAC9B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC;AAMD,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAMD;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,eAAe,CAAC,CAAC;AAE9E;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,eAAe,CAAC,CAAC;AAMhG,MAAM,WAAW,YAAY;IAC3B,yBAAyB;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,wCAAwC;IACxC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB;IACjB,IAAI,EAAE,QAAQ,GAAG,SAAS,GAAG,UAAU,CAAC;IACxC,6CAA6C;IAC7C,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,MAAM,MAAM,aAAa,GAAG,YAAY,CAAC;AAMzC;;;;;;;GAOG;AACH,MAAM,WAAW,YAAY;IAC3B,2GAA2G;IAC3G,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,wGAAwG;IACxG,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,gKAAgK;IAChK,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,8EAA8E;IAC9E,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,sIAAsI;IACtI,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,2JAA2J;IAC3J,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,CAAC;CACnC;AAED;;;;GAIG;AACH,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,SAAS,GAAG,UAAU,CAAC;IAC9B,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;IAClC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC/B;AAED,MAAM,WAAW,sBAAsB;IACrC,wDAAwD;IACxD,MAAM,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,uCAAuC;IACvC,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,0BAA0B;IAC1B,UAAU,CAAC,EAAE,UAAU,EAAE,CAAC;IAC1B,+DAA+D;IAC/D,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;IAChC;;;;;;;;;;;;;;;;OAgBG;IACH,KAAK,CAAC,EAAE,OAAO,GAAG,SAAS,GAAG,YAAY,CAAC;CAC5C;AAMD,MAAM,WAAW,gBAAgB;IAC/B;;;;OAIG;IACH,KAAK,CAAC,CAAC,GAAG,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC5C,QAAQ,EAAE,mBAAmB,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,EAC5C,SAAS,CAAC,EAAE,CAAC,EACb,KAAK,CAAC,EAAE,aAAa,GACpB,OAAO,CAAC,CAAC,CAAC,CAAC;IAEd;;;;OAIG;IACH,MAAM,CAAC,CAAC,GAAG,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7C,QAAQ,EAAE,mBAAmB,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,EAC5C,SAAS,CAAC,EAAE,CAAC,GACZ,OAAO,CAAC,CAAC,CAAC,CAAC;IAEd;;;;OAIG;IACH,GAAG,CAAC,UAAU,EAAE,UAAU,GAAG,IAAI,CAAC;CACnC"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/core/client/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH;;;;;GAKG;AACH,qBAAa,mBAAmB,CAAC,OAAO,GAAG,OAAO,EAAE,UAAU,GAAG,OAAO,CAAE,SAAQ,MAAM;IAIpD,QAAQ,CAAC,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE;IAH7D,+CAA+C;IAC/C,SAAS,CAAC,EAAE,CAAC,SAAS,EAAE,UAAU,KAAK,OAAO,CAAC;gBAEnC,KAAK,EAAE,MAAM,EAAS,QAAQ,CAAC,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,YAAA;IAIpD,QAAQ,IAAI,MAAM;CAG5B;AAMD,MAAM,WAAW,cAAc;IAC7B,uCAAuC;IACvC,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACpC,iDAAiD;IACjD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,+DAA+D;IAC/D,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,mCAAmC;IACnC,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,wDAAwD;IACxD,UAAU,EAAE,OAAO,CAAC;IACpB,8BAA8B;IAC9B,KAAK,CAAC,EAAE,aAAa,CAAC;CACvB;AAED,MAAM,WAAW,eAAe,CAAC,CAAC,GAAG,OAAO;IAC1C,2BAA2B;IAC3B,IAAI,EAAE,CAAC,CAAC;IACR,8BAA8B;IAC9B,MAAM,CAAC,EAAE,gBAAgB,EAAE,CAAC;IAC5B,uBAAuB;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,2BAA2B;IAC3B,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACpD,IAAI,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;IAC9B,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC;AAMD,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAMD;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,CAAC,OAAO,EAAE,cAAc,KAAK,OAAO,CAAC,eAAe,CAAC,CAAC;AAE9E;;;;;;;;;;;;GAYG;AACH,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,SAAS,KAAK,OAAO,CAAC,eAAe,CAAC,CAAC;AAMhG,MAAM,WAAW,YAAY;IAC3B,yBAAyB;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,wCAAwC;IACxC,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB;IACjB,IAAI,EAAE,QAAQ,GAAG,SAAS,GAAG,UAAU,CAAC;IACxC,6CAA6C;IAC7C,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED,MAAM,MAAM,aAAa,GAAG,YAAY,CAAC;AAMzC;;;;;;;GAOG;AACH,MAAM,WAAW,YAAY;IAC3B,2GAA2G;IAC3G,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,wGAAwG;IACxG,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,gKAAgK;IAChK,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,8EAA8E;IAC9E,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,sIAAsI;IACtI,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,2JAA2J;IAC3J,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,CAAC;IAClC;;;;;;;;;;;;;;;;;;;;OAoBG;IACH,MAAM,CAAC,EAAE,OAAO,GAAG,kBAAkB,GAAG,eAAe,CAAC;CACzD;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,sEAAsE;IACtE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,uEAAuE;IACvE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,wGAAwG;IACxG,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,4FAA4F;IAC5F,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,mEAAmE;IACnE,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,CAAC,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;CAClC;AAED;;;;;;;;;GASG;AACH,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,SAAS,GAAG,UAAU,GAAG,QAAQ,CAAC;IACzC,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;IAClC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC/B;AAED,MAAM,WAAW,sBAAsB;IACrC,wDAAwD;IACxD,MAAM,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,uCAAuC;IACvC,cAAc,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,0BAA0B;IAC1B,UAAU,CAAC,EAAE,UAAU,EAAE,CAAC;IAC1B,+DAA+D;IAC/D,KAAK,CAAC,EAAE,OAAO,UAAU,CAAC,KAAK,CAAC;IAChC;;;;;;;;;;;;;;;;OAgBG;IACH,KAAK,CAAC,EAAE,OAAO,GAAG,SAAS,GAAG,YAAY,CAAC;CAC5C;AAMD,MAAM,WAAW,gBAAgB;IAC/B;;;;OAIG;IACH,KAAK,CAAC,CAAC,GAAG,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC5C,QAAQ,EAAE,mBAAmB,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,EAC5C,SAAS,CAAC,EAAE,CAAC,EACb,KAAK,CAAC,EAAE,aAAa,GACpB,OAAO,CAAC,CAAC,CAAC,CAAC;IAEd;;;;OAIG;IACH,MAAM,CAAC,CAAC,GAAG,OAAO,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7C,QAAQ,EAAE,mBAAmB,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,EAC5C,SAAS,CAAC,EAAE,CAAC,GACZ,OAAO,CAAC,CAAC,CAAC,CAAC;IAEd;;;;OAIG;IACH,GAAG,CAAC,UAAU,EAAE,UAAU,GAAG,IAAI,CAAC;CACnC"}

package/dist/core/index.d.ts

@@ -34,7 +34,9 @@
  * ```
  */
 export { createStorefrontClient } from './client/create-client';
-export type { StorefrontClient, StorefrontClientConfig, Middleware, ExecuteFn, GraphQLRequest, GraphQLResponse, GraphQLErrorInfo, UserError, CacheStrategy, CacheOptions, TypedDocumentString, } from './client/types';
+export type { StorefrontClient, StorefrontClientConfig, Middleware, ExecuteFn, GraphQLRequest, GraphQLResponse, GraphQLErrorInfo, UserError, CacheStrategy, CacheOptions, TypedDocumentString, DebugOptions, DebugEvent, RemoteDebugOptions, RemoteDebugSink, } from './client/types';
+export { createRemoteDebugTransport } from './client/remote-debug-transport';
+export type { RemoteDebugTransport, RemoteDebugTransportConfig } from './client/remote-debug-transport';
 export { authMiddleware } from './middleware/auth';
 export { currencyMiddleware } from './middleware/currency';
 export { languageMiddleware } from './middleware/language';

package/dist/core/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAGH,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAGhE,YAAY,EACV,gBAAgB,EAChB,sBAAsB,EACtB,UAAU,EACV,SAAS,EACT,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,YAAY,EACZ,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,KAAK,0BAA0B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,2BAA2B,EAChC,KAAK,8BAA8B,EACnC,KAAK,YAAY,GAClB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,eAAe,EAAE,KAAK,YAAY,EAAE,MAAM,oBAAoB,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,KAAK,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC9E,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,sBAAsB,EAAE,KAAK,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAG9F,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAGjF,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,KAAK,sBAAsB,EAAE,MAAM,UAAU,CAAC;AAGpF,OAAO,EACL,SAAS,EACT,UAAU,EACV,SAAS,EACT,YAAY,EACZ,WAAW,EACX,0BAA0B,EAC1B,KAAK,cAAc,GACpB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,YAAY,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAGnF,OAAO,EACL,4BAA4B,EAC5B,sBAAsB,EACtB,uBAAuB,EACvB,wBAAwB,EACxB,4BAA4B,EAC5B,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EACV,wBAAwB,EACxB,eAAe,EACf,qBAAqB,EACrB,yBAAyB,EACzB,gBAAgB,EAChB,kBAAkB,EAClB,+BAA+B,EAC/B,8BAA8B,GAC/B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAEV,IAAI,EACJ,QAAQ,EACR,kBAAkB,EAClB,cAAc,EACd,oBAAoB,EACpB,cAAc,EACd,QAAQ,EACR,kBAAkB,EAClB,YAAY,EACZ,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,EAChB,sBAAsB,EACtB,cAAc,EACd,KAAK,EACL,WAAW,EACX,kBAAkB,EAClB,mBAAmB,EACnB,yBAAyB,EACzB,KAAK,EACL,cAAc,EAGd,aAAa,EACb,uBAAuB,EACvB,uBAAuB,EACvB,+BAA+B,EAC/B,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,WAAW,EAEX,aAAa,EACb,mBAAmB,EACnB,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,2BAA2B,EAC3B,gBAAgB,EAChB,2BAA2B,EAC3B,0BAA0B,EAC1B,6BAA6B,EAC7B,4BAA4B,EAC5B,sBAAsB,EACtB,uBAAuB,EACvB,gCAAgC,EAChC,iBAAiB,EACjB,kBAAkB,EAClB,oBAAoB,EACpB,gBAAgB,EAGhB,gBAAgB,EAEhB,wBAAwB,EACxB,YAAY,EACZ,uBAAuB,GACxB,MAAM,cAAc,CAAC;AAQtB,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,qBAAqB,EACrB,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,eAAe,EACf,UAAU,EACV,eAAe,EACf,aAAa,EACb,oBAAoB,EACpB,oBAAoB,EACpB,4BAA4B,EAC5B,qBAAqB,EACrB,kBAAkB,EAClB,sBAAsB,EACtB,iBAAiB,EACjB,uBAAuB,EACvB,eAAe,EACf,qBAAqB,EACrB,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,UAAU,EAAE,KAAK,iBAAiB,EAAE,KAAK,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AACnG,YAAY,EACV,QAAQ,EACR,mBAAmB,EACnB,cAAc,EACd,UAAU,EACV,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,2BAA2B,EAC3B,KAAK,qBAAqB,EAC1B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,GAC1B,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,mBAAmB,EACnB,KAAK,UAAU,EACf,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,GAC1B,MAAM,gCAAgC,CAAC;AAGxC,OAAO,EACL,WAAW,EACX,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,cAAc,EACd,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EACjB,KAAK,UAAU,GAChB,MAAM,UAAU,CAAC;AAGlB,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,KAAK,gBAAgB,EACrB,mBAAmB,EACnB,uBAAuB,EACvB,KAAK,mBAAmB,EACxB,0BAA0B,EAC1B,8BAA8B,EAC9B,KAAK,yBAAyB,GAC/B,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAG/G,OAAO,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAG/G,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAG7E,OAAO,EAAE,YAAY,EAAE,KAAK,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAGzE,OAAO,EACL,qBAAqB,EACrB,uBAAuB,EACvB,mBAAmB,EACnB,wBAAwB,EACxB,6BAA6B,GAC9B,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EAAE,eAAe,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAG/E,OAAO,EAAE,qBAAqB,EAAE,KAAK,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAGlF,OAAO,EAAE,KAAK,SAAS,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAG7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AAGH,OAAO,EAAE,sBAAsB,EAAE,MAAM,wBAAwB,CAAC;AAGhE,YAAY,EACV,gBAAgB,EAChB,sBAAsB,EACtB,UAAU,EACV,SAAS,EACT,cAAc,EACd,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,YAAY,EACZ,mBAAmB,EACnB,YAAY,EACZ,UAAU,EACV,kBAAkB,EAClB,eAAe,GAChB,MAAM,gBAAgB,CAAC;AAIxB,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,YAAY,EAAE,oBAAoB,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAGxG,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,KAAK,0BAA0B,EAC/B,KAAK,mBAAmB,EACxB,KAAK,2BAA2B,EAChC,KAAK,8BAA8B,EACnC,KAAK,YAAY,GAClB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAE,eAAe,EAAE,KAAK,YAAY,EAAE,MAAM,oBAAoB,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,KAAK,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAC9E,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,sBAAsB,EAAE,KAAK,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAG9F,OAAO,EAAE,0BAA0B,EAAE,MAAM,iCAAiC,CAAC;AAC7E,OAAO,EAAE,4BAA4B,EAAE,MAAM,mCAAmC,CAAC;AAGjF,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,KAAK,sBAAsB,EAAE,MAAM,UAAU,CAAC;AAGpF,OAAO,EACL,SAAS,EACT,UAAU,EACV,SAAS,EACT,YAAY,EACZ,WAAW,EACX,0BAA0B,EAC1B,KAAK,cAAc,GACpB,MAAM,SAAS,CAAC;AAGjB,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,YAAY,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAGnF,OAAO,EACL,4BAA4B,EAC5B,sBAAsB,EACtB,uBAAuB,EACvB,wBAAwB,EACxB,4BAA4B,EAC5B,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EACV,wBAAwB,EACxB,eAAe,EACf,qBAAqB,EACrB,yBAAyB,EACzB,gBAAgB,EAChB,kBAAkB,EAClB,+BAA+B,EAC/B,8BAA8B,GAC/B,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EAEV,IAAI,EACJ,QAAQ,EACR,kBAAkB,EAClB,cAAc,EACd,oBAAoB,EACpB,cAAc,EACd,QAAQ,EACR,kBAAkB,EAClB,YAAY,EACZ,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,EAChB,sBAAsB,EACtB,cAAc,EACd,KAAK,EACL,WAAW,EACX,kBAAkB,EAClB,mBAAmB,EACnB,yBAAyB,EACzB,KAAK,EACL,cAAc,EAGd,aAAa,EACb,uBAAuB,EACvB,uBAAuB,EACvB,+BAA+B,EAC/B,gBAAgB,EAChB,eAAe,EACf,oBAAoB,EACpB,WAAW,EAEX,aAAa,EACb,mBAAmB,EACnB,eAAe,EACf,sBAAsB,EACtB,kBAAkB,EAClB,2BAA2B,EAC3B,gBAAgB,EAChB,2BAA2B,EAC3B,0BAA0B,EAC1B,6BAA6B,EAC7B,4BAA4B,EAC5B,sBAAsB,EACtB,uBAAuB,EACvB,gCAAgC,EAChC,iBAAiB,EACjB,kBAAkB,EAClB,oBAAoB,EACpB,gBAAgB,EAGhB,gBAAgB,EAEhB,wBAAwB,EACxB,YAAY,EACZ,uBAAuB,GACxB,MAAM,cAAc,CAAC;AAQtB,OAAO,EACL,YAAY,EACZ,iBAAiB,EACjB,qBAAqB,EACrB,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,eAAe,EACf,UAAU,EACV,eAAe,EACf,aAAa,EACb,oBAAoB,EACpB,oBAAoB,EACpB,4BAA4B,EAC5B,qBAAqB,EACrB,kBAAkB,EAClB,sBAAsB,EACtB,iBAAiB,EACjB,uBAAuB,EACvB,eAAe,EACf,qBAAqB,EACrB,4BAA4B,EAC5B,8BAA8B,GAC/B,MAAM,cAAc,CAAC;AAGtB,OAAO,EAAE,UAAU,EAAE,KAAK,iBAAiB,EAAE,KAAK,oBAAoB,EAAE,MAAM,oBAAoB,CAAC;AACnG,YAAY,EACV,QAAQ,EACR,mBAAmB,EACnB,cAAc,EACd,UAAU,EACV,mBAAmB,EACnB,mBAAmB,EACnB,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,2BAA2B,EAC3B,KAAK,qBAAqB,EAC1B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,GAC1B,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EACL,mBAAmB,EACnB,KAAK,UAAU,EACf,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACvB,KAAK,oBAAoB,GAC1B,MAAM,gCAAgC,CAAC;AAGxC,OAAO,EACL,WAAW,EACX,gBAAgB,EAChB,YAAY,EACZ,UAAU,EACV,cAAc,EACd,YAAY,EACZ,gBAAgB,EAChB,iBAAiB,EACjB,KAAK,UAAU,GAChB,MAAM,UAAU,CAAC;AAGlB,OAAO,EACL,gBAAgB,EAChB,oBAAoB,EACpB,KAAK,gBAAgB,EACrB,mBAAmB,EACnB,uBAAuB,EACvB,KAAK,mBAAmB,EACxB,0BAA0B,EAC1B,8BAA8B,EAC9B,KAAK,yBAAyB,GAC/B,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAG/G,OAAO,EAAE,oBAAoB,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAG/G,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAG7E,OAAO,EAAE,YAAY,EAAE,KAAK,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAGzE,OAAO,EACL,qBAAqB,EACrB,uBAAuB,EACvB,mBAAmB,EACnB,wBAAwB,EACxB,6BAA6B,GAC9B,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EAAE,eAAe,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAG/E,OAAO,EAAE,qBAAqB,EAAE,KAAK,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAGlF,OAAO,EAAE,KAAK,SAAS,EAAE,kBAAkB,EAAE,MAAM,SAAS,CAAC;AAG7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC"}

package/dist/core/index.js

@@ -35,6 +35,9 @@
  */
 // Client factory
 export { createStorefrontClient } from './client/create-client';
+// Remote debug transport — build one and share it across the client + cookie stores
+// (`debug: { remote: transport }`) for a single debug channel / sessionId.
+export { createRemoteDebugTransport } from './client/remote-debug-transport';
 // Middleware
 export { authMiddleware } from './middleware/auth';
 export { currencyMiddleware } from './middleware/currency';

package/dist/react/cookies.d.ts

@@ -1,8 +1,10 @@
 /**
- * Cookie utilities for SDK consumers.
+ * Client-side cookie utilities for SDK consumers.
  *
- * Simple, framework-agnostic cookie read/write for client-side.
- * For Next.js server-side cookies, use `cookies()` from next/headers.
+ * Synchronous read/write over `document.cookie`, SSR-safe via a `typeof document`
+ * guard (return null / no-op when there is no document). To read these cookies in
+ * a Next.js Server Component use the `@doswiftly/storefront-sdk/react/server`
+ * entry (`readCartIdCookie`, `readCurrencyCookie`).
  */
 /**
  * Get cookie value by name (client-side only).
@@ -24,6 +26,16 @@ export declare function setCookie(name: string, value: string, options?: {
  */
 export declare function deleteCookie(name: string, path?: string): void;
 import type { CartCookieStore } from '../core/cart/cart-recovery';
+import type { DebugEvent } from '../core/client/types';
+export interface BrowserCartCookieStoreOptions {
+    /**
+     * Optional debug sink. When provided, every `set` / `clear` of the `cart-id` cookie emits a
+     * `phase: 'cookie'` {@link DebugEvent}. Wire it to the same transport the GraphQL client uses
+     * (one shared sessionId) to see exactly when the cart cookie is written or removed — e.g. the
+     * `clear()` that `complete()` performs after checkout.
+     */
+    onDebug?: (event: DebugEvent) => void;
+}
 /**
  * Build a browser-side `CartCookieStore` backed by `document.cookie`.
  *
@@ -43,24 +55,5 @@ import type { CartCookieStore } from '../core/cart/cart-recovery';
  * });
  * ```
  */
-export declare function createBrowserCartCookieStore(): CartCookieStore;
-/**
- * Get preferred currency from cookie (async — works with Next.js cookies()).
- * Falls back to document.cookie on client.
- */
-export declare function getCurrencyFromCookieAsync(): Promise<string | null>;
-/**
- * Get cart ID from cookie (async — works with Next.js cookies()).
- * Falls back to document.cookie on client.
- *
- * Use in Server Components for SSR cart badge:
- * ```typescript
- * const cartId = await getCartIdFromCookieAsync();
- * if (cartId) {
- *   const cart = await fetchCart(cartId);
- *   // Render cart badge with real totalQuantity — no skeleton needed
- * }
- * ```
- */
-export declare function getCartIdFromCookieAsync(): Promise<string | null>;
+export declare function createBrowserCartCookieStore(options?: BrowserCartCookieStoreOptions): CartCookieStore;
 //# sourceMappingURL=cookies.d.ts.map

package/dist/react/cookies.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../src/react/cookies.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAIrD;AAED;;;;GAIG;AACH,wBAAgB,SAAS,CACvB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,OAAO,GAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,OAAO,CAAA;CAAO,GACpF,IAAI,CAON;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,SAAM,GAAG,IAAI,CAG3D;AAID,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAElE;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,4BAA4B,IAAI,eAAe,CAQ9D;AAED;;;GAGG;AACH,wBAAsB,0BAA0B,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAYzE;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAYvE"}
+{"version":3,"file":"cookies.d.ts","sourceRoot":"","sources":["../../src/react/cookies.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH;;GAEG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAIrD;AAED;;;;GAIG;AACH,wBAAgB,SAAS,CACvB,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EACb,OAAO,GAAE;IAAE,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,OAAO,CAAA;CAAO,GACpF,IAAI,CAON;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,SAAM,GAAG,IAAI,CAG3D;AAGD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAClE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAGvD,MAAM,WAAW,6BAA6B;IAC5C;;;;;OAKG;IACH,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,UAAU,KAAK,IAAI,CAAC;CACvC;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,4BAA4B,CAC1C,OAAO,CAAC,EAAE,6BAA6B,GACtC,eAAe,CAcjB"}