@ezcoder.dev/sdk 1.3.2 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (34) hide show
  1. package/dist/{DatabaseProvider-DaBP5XUs.d.ts → DatabaseProvider-BtYMJRqh.d.ts} +34 -20
  2. package/dist/analytics/index.js +4 -4
  3. package/dist/auth/index.d.ts +28 -1
  4. package/dist/auth/index.js +21 -4
  5. package/dist/auth/index.js.map +1 -1
  6. package/dist/{chunk-CQKYANAW.js → chunk-4WGGFJPE.js} +2 -2
  7. package/dist/{chunk-UAY64NNA.js → chunk-5QYGP7G7.js} +157 -277
  8. package/dist/chunk-5QYGP7G7.js.map +1 -0
  9. package/dist/{chunk-HJ2EIZ4S.js → chunk-DU6N3HVQ.js} +2 -2
  10. package/dist/{chunk-I2YGB7Z6.js → chunk-KKTY5NCR.js} +2 -2
  11. package/dist/{chunk-QHB7LGCA.js → chunk-NTA3RMYR.js} +231 -5
  12. package/dist/chunk-NTA3RMYR.js.map +1 -0
  13. package/dist/{chunk-LIUE7M7K.js → chunk-X4JP7DCK.js} +11 -2
  14. package/dist/chunk-X4JP7DCK.js.map +1 -0
  15. package/dist/cms/index.js +2 -2
  16. package/dist/config-D5ajnLCe.d.ts +29 -0
  17. package/dist/cron/index.js +2 -2
  18. package/dist/database/index.d.ts +1 -1
  19. package/dist/database/index.js +4 -4
  20. package/dist/email/index.js +2 -2
  21. package/dist/index.d.ts +45 -27
  22. package/dist/index.js +13 -5
  23. package/dist/index.js.map +1 -1
  24. package/dist/notifications/index.js +5 -5
  25. package/dist/payments/index.js +4 -4
  26. package/dist/roles/index.js +4 -4
  27. package/dist/storage/index.js +4 -4
  28. package/package.json +9 -6
  29. package/dist/chunk-LIUE7M7K.js.map +0 -1
  30. package/dist/chunk-QHB7LGCA.js.map +0 -1
  31. package/dist/chunk-UAY64NNA.js.map +0 -1
  32. /package/dist/{chunk-CQKYANAW.js.map → chunk-4WGGFJPE.js.map} +0 -0
  33. /package/dist/{chunk-HJ2EIZ4S.js.map → chunk-DU6N3HVQ.js.map} +0 -0
  34. /package/dist/{chunk-I2YGB7Z6.js.map → chunk-KKTY5NCR.js.map} +0 -0
package/dist/database/index.js CHANGED
@@ -11,10 +11,10 @@ import {
11
11
  useDatabaseOptional,
12
12
  useIsDatabaseConfigured,
13
13
  useRealtime
14
- } from "../chunk-UAY64NNA.js";
15
- import "../chunk-HJ2EIZ4S.js";
16
- import "../chunk-I2YGB7Z6.js";
17
- import "../chunk-LIUE7M7K.js";
14
+ } from "../chunk-5QYGP7G7.js";
15
+ import "../chunk-DU6N3HVQ.js";
16
+ import "../chunk-KKTY5NCR.js";
17
+ import "../chunk-X4JP7DCK.js";
18
18
  export {
19
19
  ConnectionError,
20
20
  DatabaseClient,
package/dist/email/index.js CHANGED
@@ -1,9 +1,9 @@
1
1
  import {
2
2
  resolveServerToken
3
- } from "../chunk-CQKYANAW.js";
3
+ } from "../chunk-4WGGFJPE.js";
4
4
  import {
5
5
  env
6
- } from "../chunk-LIUE7M7K.js";
6
+ } from "../chunk-X4JP7DCK.js";
7
7
 
8
8
  // src/email/sendEmail.ts
9
9
  async function sendEmail(to, subject, html, options = {}) {
package/dist/index.d.ts CHANGED
@@ -1,35 +1,53 @@
1
+ export { e as env, f as features, i as isFeatureConfigured, a as isNeonAuthConfigured } from './config-D5ajnLCe.js';
1
2
  import { SupabaseClient } from '@supabase/supabase-js';
2
3
  import { E as EzcoderClient, A as AuthIntegration } from './types-1uP3V_pe.js';
3
4
  export { a as AnalyticsResult, b as AuthUser, C as CheckoutOptions, S as StorageFile, c as StorageResult, d as SubscriptionStatus, e as SubscriptionTier, U as UserProfile } from './types-1uP3V_pe.js';
4
- export { D as DatabaseClient, a as DatabaseProvider, u as useDatabase } from './DatabaseProvider-DaBP5XUs.js';
5
+ export { D as DatabaseClient, a as DatabaseProvider, u as useDatabase } from './DatabaseProvider-BtYMJRqh.js';
5
6
  import 'react/jsx-runtime';
6
7
  import 'react';
7
8
 
8
- declare const env: {
9
- SUPABASE_URL: string;
10
- SUPABASE_ANON_KEY: string;
11
- EZCODER_AUTH_URL: string;
12
- EZCODER_AUTH_ANON_KEY: string;
13
- STRIPE_PUBLISHABLE_KEY: string;
14
- EZC_PROJECT_ID: string;
15
- EZCODER_API_URL: string;
16
- EZC_SECRET_KEY: string;
17
- EZC_PROJECT_TOKEN_PUBLIC: string;
18
- EZC_PROJECT_TOKEN_SERVER: string;
19
- EZC_PROJECT_TOKEN_LEGACY: string;
20
- S3_BUCKET: string;
21
- CLOUDINARY_URL: string;
22
- STORAGE_BUCKET_PUBLIC: string;
23
- STORAGE_BUCKET_PRIVATE: string;
24
- };
25
- declare const features: {
26
- auth: boolean;
27
- payments: boolean;
28
- analytics: boolean;
29
- storage: boolean;
30
- database: boolean;
31
- };
32
- declare function isFeatureConfigured(feature: keyof typeof features): boolean;
9
+ /**
10
+ * Runtime config bootstrap (Parity Doctrine W2).
11
+ *
12
+ * The SDK fetches /api/sdk/bootstrap ONCE at startup and overlays the result on
13
+ * the build-time-baked `env`. This means a bundle that baked NO env (the
14
+ * herdmark "loads but crashes on boot" class) still works — it learns its
15
+ * config live — and preview and deployed take the identical path.
16
+ *
17
+ * Resolution order for any config value: runtime bootstrap → baked env. The
18
+ * baked env is the OFFLINE FALLBACK, never the primary source. Secrets never
19
+ * appear here — the endpoint returns public config only.
20
+ */
21
+ interface RuntimeConfig {
22
+ projectId: string;
23
+ apiUrl: string;
24
+ authUrl: string | null;
25
+ authAnonKey: string | null;
26
+ supabaseUrl: string | null;
27
+ supabaseAnonKey: string | null;
28
+ stripePublishableKey: string | null;
29
+ storageBucketPublic: string | null;
30
+ storageBucketPrivate: string | null;
31
+ publicToken: string | null;
32
+ manifest: unknown | null;
33
+ }
34
+ /**
35
+ * Fetch the runtime config once (coalesced). Safe to call from multiple
36
+ * providers — only one network request is made. Never throws: on failure it
37
+ * returns null and the SDK falls back to baked env.
38
+ *
39
+ * @param opts.force re-fetch even if cached
40
+ */
41
+ declare function loadBootstrap(opts?: {
42
+ force?: boolean;
43
+ }): Promise<RuntimeConfig | null>;
44
+ /** The loaded runtime config, or null if not yet loaded / unavailable. */
45
+ declare function getRuntimeConfig(): RuntimeConfig | null;
46
+ /**
47
+ * Resolve a config value preferring runtime bootstrap over baked env. Use this
48
+ * for any SDK-critical value so an env-less build still resolves it at runtime.
49
+ */
50
+ declare function configValue<K extends keyof RuntimeConfig>(key: K, bakedFallback: string): string;
33
51
 
34
52
  declare const supabase: SupabaseClient;
35
53
  declare const isSupabaseConfigured: boolean;
@@ -200,4 +218,4 @@ interface UseEzCoderManifestResult {
200
218
  */
201
219
  declare function useEzCoderManifest(): UseEzCoderManifestResult;
202
220
 
203
- export { AuthIntegration, type EnvRefs, EzCoderManifest, EzcoderClient, type RequiredModules, type SanitizedManifest, type UseEzCoderManifestResult, env, ezcoder, ezcoderAuthIntegration, features, isFeatureConfigured, isSupabaseConfigured, supabase, useEzCoderManifest };
221
+ export { AuthIntegration, type EnvRefs, EzCoderManifest, EzcoderClient, type RequiredModules, type RuntimeConfig, type SanitizedManifest, type UseEzCoderManifestResult, configValue, ezcoder, ezcoderAuthIntegration, getRuntimeConfig, isSupabaseConfigured, loadBootstrap, supabase, useEzCoderManifest };
package/dist/index.js CHANGED
@@ -1,21 +1,25 @@
1
1
  import {
2
2
  DatabaseClient,
3
3
  DatabaseProvider,
4
+ configValue,
5
+ getRuntimeConfig,
6
+ loadBootstrap,
4
7
  useDatabase
5
- } from "./chunk-UAY64NNA.js";
8
+ } from "./chunk-5QYGP7G7.js";
6
9
  import {
7
10
  ezcoder,
8
11
  ezcoderAuthIntegration
9
- } from "./chunk-HJ2EIZ4S.js";
12
+ } from "./chunk-DU6N3HVQ.js";
10
13
  import {
11
14
  isSupabaseConfigured,
12
15
  supabase
13
- } from "./chunk-I2YGB7Z6.js";
16
+ } from "./chunk-KKTY5NCR.js";
14
17
  import {
15
18
  env,
16
19
  features,
17
- isFeatureConfigured
18
- } from "./chunk-LIUE7M7K.js";
20
+ isFeatureConfigured,
21
+ isNeonAuthConfigured
22
+ } from "./chunk-X4JP7DCK.js";
19
23
 
20
24
  // src/manifest-consumer.ts
21
25
  var manifestCache = /* @__PURE__ */ new Map();
@@ -272,12 +276,16 @@ export {
272
276
  DatabaseClient,
273
277
  DatabaseProvider,
274
278
  EzCoderManifest,
279
+ configValue,
275
280
  env,
276
281
  ezcoder,
277
282
  ezcoderAuthIntegration,
278
283
  features,
284
+ getRuntimeConfig,
279
285
  isFeatureConfigured,
286
+ isNeonAuthConfigured,
280
287
  isSupabaseConfigured,
288
+ loadBootstrap,
281
289
  supabase,
282
290
  useDatabase,
283
291
  useEzCoderManifest
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/manifest-consumer.ts","../src/useEzCoderManifest.ts","../src/index.ts"],"sourcesContent":["/**\r\n * @module manifest-consumer\r\n * @description Runtime + build-time consumer of the EzCoder Capability Manifest.\r\n *\r\n * Track B (B7) — the user-app SDK reads the project's Capability Manifest so\r\n * it knows which feature modules are actually required (auth, storage,\r\n * payments, email, cron, notifications, database) and which env refs to\r\n * expect. The SDK historically auto-registered everything regardless of\r\n * project needs; this consumer adds *opt-in* awareness without breaking\r\n * existing consumers.\r\n *\r\n * Failure mode is deliberately permissive: any fetch/parse error falls\r\n * through to \"all modules considered required\" so a flaky network blip on\r\n * the user's deployed site never silently disables a feature.\r\n */\r\n\r\nimport { env } from './core/config';\r\n\r\n// ─── Public surface ───────────────────────────────────────────────────────\r\n\r\n/**\r\n * The seven modules the SDK can register. Mirrors the keys of\r\n * `service_requirements` in lib/manifest/schema.ts plus `database` derived\r\n * from the `database` requirement block.\r\n */\r\nexport interface RequiredModules {\r\n auth: boolean;\r\n storage: boolean;\r\n payments: boolean;\r\n email: boolean;\r\n cron: boolean;\r\n database: boolean;\r\n notifications: boolean;\r\n}\r\n\r\n/**\r\n * Public + (publicly-visible names of) secret env refs. The server-side\r\n * endpoint deliberately strips `secret` before returning, but we keep the\r\n * field on the consumer type as an empty array for forward-compat — once a\r\n * privileged consumer path exists it can populate it.\r\n */\r\nexport interface EnvRefs {\r\n public: ReadonlyArray<string>;\r\n secret: ReadonlyArray<string>;\r\n}\r\n\r\n/**\r\n * The shape the SDK actually consumes. A trimmed projection of the full\r\n * Capability Manifest; the server endpoint enforces the projection so the\r\n * SDK can never see secret-ref names even if it asks for them.\r\n */\r\nexport interface SanitizedManifest {\r\n manifest_version: number;\r\n project_id: string;\r\n service_requirements: {\r\n database?: { provider: string; rls_required: boolean; tables: ReadonlyArray<string> };\r\n auth?: { provider: string; flows: ReadonlyArray<string> };\r\n storage?: { buckets: ReadonlyArray<string> };\r\n payments?: { mode: string };\r\n email?: { provider: string };\r\n cron?: { jobs: ReadonlyArray<{ name: string; schedule: string }> };\r\n };\r\n env_refs: { public: ReadonlyArray<string> };\r\n validation_gates: ReadonlyArray<string>;\r\n}\r\n\r\n// ─── Module-level cache (keyed by projectId) ──────────────────────────────\r\n\r\nconst manifestCache: Map<string, EzCoderManifest> = new Map();\r\nconst inflightLoads: Map<string, Promise<EzCoderManifest>> = new Map();\r\n\r\n/**\r\n * Default-on RequiredModules — used as the safe fallback when no manifest\r\n * is available. Preserves the SDK's historical behaviour (everything wired)\r\n * so a missing/failed manifest never silently disables a feature in\r\n * already-deployed user apps.\r\n */\r\nconst PERMISSIVE_DEFAULT_MODULES: Readonly<RequiredModules> = Object.freeze({\r\n auth: true,\r\n storage: true,\r\n payments: true,\r\n email: true,\r\n cron: true,\r\n database: true,\r\n notifications: true,\r\n});\r\n\r\n// ─── EzCoderManifest class ────────────────────────────────────────────────\r\n\r\n/**\r\n * Wraps a sanitized manifest payload and exposes module/env-ref queries.\r\n * Instances are immutable — `manifest` is captured at construction time and\r\n * never mutated. Use the static `load()` / `loadFromBuildOutput()` factories\r\n * rather than calling `new` directly so the page-lifetime cache is honoured.\r\n */\r\nexport class EzCoderManifest {\r\n private readonly manifest: SanitizedManifest | null;\r\n private readonly source: 'runtime' | 'build' | 'fallback';\r\n\r\n constructor(manifest: SanitizedManifest | null, source: 'runtime' | 'build' | 'fallback') {\r\n this.manifest = manifest;\r\n this.source = source;\r\n }\r\n\r\n /**\r\n * Fetch the manifest at runtime from the platform API. Returns a\r\n * cached instance for the lifetime of the page; concurrent callers share\r\n * a single in-flight fetch. Falls back to a permissive (all-modules-on)\r\n * instance on any error.\r\n */\r\n static async load(): Promise<EzCoderManifest> {\r\n const projectId = env.EZC_PROJECT_ID;\r\n const apiUrl = env.EZCODER_API_URL;\r\n const publicToken = readPublicToken();\r\n\r\n if (!projectId || !apiUrl) {\r\n return new EzCoderManifest(null, 'fallback');\r\n }\r\n\r\n const cacheKey = `${projectId}::${apiUrl}`;\r\n const cached = manifestCache.get(cacheKey);\r\n if (cached) return cached;\r\n\r\n const inflight = inflightLoads.get(cacheKey);\r\n if (inflight) return inflight;\r\n\r\n const loadPromise = fetchManifest(apiUrl, publicToken)\r\n .then((m) => {\r\n const instance = new EzCoderManifest(m, 'runtime');\r\n manifestCache.set(cacheKey, instance);\r\n return instance;\r\n })\r\n .catch((err: unknown) => {\r\n const message = err instanceof Error ? err.message : 'unknown';\r\n if (typeof console !== 'undefined') {\r\n console.warn(`[EzCoder SDK] manifest fetch failed (${message}); falling back to permissive mode.`);\r\n }\r\n const fallback = new EzCoderManifest(null, 'fallback');\r\n manifestCache.set(cacheKey, fallback);\r\n return fallback;\r\n })\r\n .finally(() => {\r\n inflightLoads.delete(cacheKey);\r\n });\r\n\r\n inflightLoads.set(cacheKey, loadPromise);\r\n return loadPromise;\r\n }\r\n\r\n /**\r\n * Read a manifest written by the build-time codegen step (see\r\n * scripts/fetch-build-manifest.js). Used by SSG callers that want to\r\n * avoid a runtime network round-trip. Returns null when no build-time\r\n * manifest is present — callers should fall back to `load()`.\r\n *\r\n * Implementation note: we deliberately avoid a static `import` because\r\n * (a) the file may not exist, which would be a hard module-resolution\r\n * error, and (b) browser bundles must not pull in the JSON. We probe\r\n * `process` to detect Node, then read the file from disk via the eval'd\r\n * dynamic require — the eval indirection keeps bundlers from following\r\n * the path at build time.\r\n */\r\n static loadFromBuildOutput(): EzCoderManifest | null {\r\n try {\r\n if (typeof process === 'undefined' || !process.versions?.node) {\r\n return null;\r\n }\r\n // Avoid a static `import('fs')` because (a) the file may not exist,\r\n // (b) bundlers would attempt to resolve it for browser targets, and\r\n // (c) we want a Node-only branch the bundler can drop. Construct the\r\n // require lookup via the Function constructor so the literal \"require\"\r\n // identifier never appears in any statically-analyzable position.\r\n const getRequire = new Function(\r\n 'return typeof require === \"function\" ? require : null;',\r\n ) as () => ((id: string) => unknown) | null;\r\n const dynamicRequire = getRequire();\r\n if (!dynamicRequire) return null;\r\n const fs = dynamicRequire('fs') as { readFileSync: (p: string, enc: string) => string };\r\n const path = dynamicRequire('path') as { resolve: (...segments: string[]) => string };\r\n const cwd = process.cwd();\r\n const full = path.resolve(cwd, 'node_modules', '.ezcoder', 'manifest.json');\r\n const raw = fs.readFileSync(full, 'utf8');\r\n const payload: unknown = JSON.parse(raw);\r\n const parsed = parseManifestPayload(payload);\r\n if (!parsed) return null;\r\n return new EzCoderManifest(parsed, 'build');\r\n } catch {\r\n return null;\r\n }\r\n }\r\n\r\n /**\r\n * Returns the boolean enablement map for each SDK module. When no\r\n * manifest is loaded, returns the permissive default (everything on) so\r\n * legacy behaviour is preserved.\r\n */\r\n getRequiredModules(): RequiredModules {\r\n if (!this.manifest) {\r\n return { ...PERMISSIVE_DEFAULT_MODULES };\r\n }\r\n const sr = this.manifest.service_requirements;\r\n return {\r\n auth: Boolean(sr.auth),\r\n storage: Boolean(sr.storage),\r\n payments: Boolean(sr.payments),\r\n email: Boolean(sr.email),\r\n cron: Boolean(sr.cron),\r\n database: Boolean(sr.database),\r\n // notifications is not in service_requirements v0; derive from email\r\n // OR auth so the existing notifications module behaves sensibly.\r\n notifications: Boolean(sr.email || sr.auth),\r\n };\r\n }\r\n\r\n /**\r\n * Returns the env refs declared by the manifest. The `secret` array is\r\n * always empty when the manifest came from the public SDK endpoint —\r\n * server-only refs are stripped before transit (see pages/api/sdk/manifest.js).\r\n */\r\n getEnvRefs(): EnvRefs {\r\n if (!this.manifest) {\r\n return { public: [], secret: [] };\r\n }\r\n return {\r\n public: this.manifest.env_refs.public,\r\n secret: [],\r\n };\r\n }\r\n\r\n /**\r\n * Convenience: is a given module required by this app?\r\n */\r\n has(module: keyof RequiredModules): boolean {\r\n return this.getRequiredModules()[module];\r\n }\r\n\r\n /**\r\n * Where the manifest was loaded from. Useful for debugging and for\r\n * surface-level telemetry (`fallback` means we never got the real one).\r\n */\r\n getSource(): 'runtime' | 'build' | 'fallback' {\r\n return this.source;\r\n }\r\n\r\n /**\r\n * Test-only helper: wipe the page-lifetime cache. Never call this in\r\n * production code.\r\n */\r\n static __resetCacheForTests(): void {\r\n manifestCache.clear();\r\n inflightLoads.clear();\r\n }\r\n}\r\n\r\n// ─── Internals ────────────────────────────────────────────────────────────\r\n\r\nfunction readPublicToken(): string {\r\n // The PUBLIC token is intentionally distinct from the server-only secret\r\n // key. We accept both Vite and Next env shapes; both must be safe to\r\n // expose to the browser (i.e. namespaced as PUBLIC).\r\n const fromVite = safeEnv('VITE_EZC_PROJECT_TOKEN_PUBLIC');\r\n if (fromVite) return fromVite;\r\n const fromNext = safeEnv('NEXT_PUBLIC_EZC_PROJECT_TOKEN_PUBLIC');\r\n if (fromNext) return fromNext;\r\n return safeEnv('EZC_PROJECT_TOKEN_PUBLIC');\r\n}\r\n\r\nfunction safeEnv(key: string): string {\r\n try {\r\n if (typeof import.meta !== 'undefined' && import.meta.env) {\r\n const v = (import.meta.env as Record<string, unknown>)[key];\r\n if (typeof v === 'string') return v;\r\n }\r\n } catch {\r\n // import.meta unavailable in this runtime — fall through.\r\n }\r\n try {\r\n if (typeof process !== 'undefined' && process.env) {\r\n return process.env[key] || '';\r\n }\r\n } catch {\r\n // process unavailable — fall through.\r\n }\r\n return '';\r\n}\r\n\r\nasync function fetchManifest(apiUrl: string, publicToken: string): Promise<SanitizedManifest> {\r\n const headers: Record<string, string> = {\r\n 'Accept': 'application/json',\r\n };\r\n if (publicToken) {\r\n headers['X-EzCoder-Public-Token'] = publicToken;\r\n }\r\n const res = await fetch(`${apiUrl}/api/sdk/manifest`, {\r\n method: 'GET',\r\n headers,\r\n // Browsers will fold the 5-minute cache header automatically; this hint\r\n // is here for non-browser runtimes that respect it.\r\n cache: 'default',\r\n });\r\n if (!res.ok) {\r\n throw new Error(`HTTP ${res.status}`);\r\n }\r\n const body: unknown = await res.json();\r\n const parsed = parseManifestPayload(body);\r\n if (!parsed) {\r\n throw new Error('manifest payload failed shape validation');\r\n }\r\n return parsed;\r\n}\r\n\r\n/**\r\n * Permissive boundary parser. We deliberately do NOT pull Zod into the SDK\r\n * bundle — instead we run a lightweight shape check and let unknown fields\r\n * pass through. The server has already validated the manifest with Zod\r\n * before sending; this is just defense-in-depth against a malformed\r\n * response (e.g. an HTML error page).\r\n */\r\nfunction parseManifestPayload(input: unknown): SanitizedManifest | null {\r\n if (!isRecord(input)) return null;\r\n const projectId = input.project_id;\r\n const serviceReqs = input.service_requirements;\r\n const envRefs = input.env_refs;\r\n const gates = input.validation_gates;\r\n if (typeof projectId !== 'string' || projectId.length === 0) return null;\r\n if (!isRecord(serviceReqs)) return null;\r\n if (!isRecord(envRefs) || !Array.isArray(envRefs.public)) return null;\r\n if (!Array.isArray(gates)) return null;\r\n const manifestVersion =\r\n typeof input.manifest_version === 'number' ? input.manifest_version : 0;\r\n return {\r\n manifest_version: manifestVersion,\r\n project_id: projectId,\r\n service_requirements: serviceReqs as SanitizedManifest['service_requirements'],\r\n env_refs: { public: envRefs.public.filter((v): v is string => typeof v === 'string') },\r\n validation_gates: gates.filter((v): v is string => typeof v === 'string'),\r\n };\r\n}\r\n\r\nfunction isRecord(value: unknown): value is Record<string, unknown> {\r\n return typeof value === 'object' && value !== null && !Array.isArray(value);\r\n}\r\n","/**\r\n * @module useEzCoderManifest\r\n * @description React hook that exposes the loaded Capability Manifest to\r\n * components so they can branch on whether a feature module is required by\r\n * the current project.\r\n *\r\n * Importing this file pulls `react` as a peer dep — kept in a dedicated\r\n * file so SSR / non-React entries can consume `manifest-consumer.ts`\r\n * without touching React.\r\n */\r\n\r\nimport { useEffect, useState } from 'react';\r\nimport { EzCoderManifest, type RequiredModules } from './manifest-consumer';\r\n\r\nexport interface UseEzCoderManifestResult {\r\n manifest: EzCoderManifest | null;\r\n modules: RequiredModules | null;\r\n loading: boolean;\r\n source: 'runtime' | 'build' | 'fallback' | null;\r\n}\r\n\r\n/**\r\n * Synchronously prefers a build-time manifest (avoids a render-blocking\r\n * fetch on SSG/SSR); otherwise kicks off the async runtime load. Until the\r\n * load resolves, `modules` is null and callers should treat features as\r\n * unknown (recommended: render the historical default, then re-render once\r\n * `modules` settles).\r\n */\r\nexport function useEzCoderManifest(): UseEzCoderManifestResult {\r\n // Lazy initializer — `loadFromBuildOutput` touches the filesystem on Node\r\n // and must NOT run on every render. Memoized once across the mount.\r\n const [manifest, setManifest] = useState<EzCoderManifest | null>(\r\n () => EzCoderManifest.loadFromBuildOutput(),\r\n );\r\n const [loading, setLoading] = useState<boolean>(manifest === null);\r\n\r\n useEffect(() => {\r\n // If we already have a build-time manifest, no need to fetch.\r\n if (manifest) return;\r\n\r\n let cancelled = false;\r\n EzCoderManifest.load()\r\n .then((m) => {\r\n if (cancelled) return;\r\n setManifest(m);\r\n setLoading(false);\r\n })\r\n .catch(() => {\r\n if (cancelled) return;\r\n // load() already handles errors and returns a fallback, but be\r\n // defensive: ensure we never leave the UI stuck in loading state.\r\n setLoading(false);\r\n });\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n // We only want this effect to run on mount; once `manifest` settles,\r\n // re-running would re-fetch unnecessarily.\r\n // eslint-disable-next-line react-hooks/exhaustive-deps\r\n }, []);\r\n\r\n return {\r\n manifest,\r\n modules: manifest ? manifest.getRequiredModules() : null,\r\n loading,\r\n source: manifest ? manifest.getSource() : null,\r\n };\r\n}\r\n","export { env, features, isFeatureConfigured } from './core/config';\r\nexport { supabase, isSupabaseConfigured } from './core/supabase';\r\nexport { ezcoder, ezcoderAuthIntegration } from './core/platform';\r\nexport { DatabaseProvider, useDatabase, DatabaseClient } from './database';\r\nexport type {\r\n AuthUser,\r\n UserProfile,\r\n SubscriptionTier,\r\n SubscriptionStatus,\r\n StorageResult,\r\n StorageFile,\r\n CheckoutOptions,\r\n EzcoderClient,\r\n AnalyticsResult,\r\n AuthIntegration,\r\n} from './core/types';\r\n\r\n// ─── Capability Manifest (B7) ────────────────────────────────────────────\r\n//\r\n// Manifest awareness is OPT-IN. The legacy module auto-registration is\r\n// preserved, so existing consumers see no behavioural change. New code can\r\n// import these to gate features:\r\n//\r\n// import { EzCoderManifest, useEzCoderManifest } from '@ezcoder.dev/sdk';\r\n// const { modules, loading } = useEzCoderManifest();\r\n// if (!loading && modules?.payments) renderCheckout();\r\n//\r\nexport { EzCoderManifest } from './manifest-consumer';\r\nexport type { RequiredModules, EnvRefs, SanitizedManifest } from './manifest-consumer';\r\nexport { useEzCoderManifest } from './useEzCoderManifest';\r\nexport type { UseEzCoderManifestResult } from './useEzCoderManifest';\r\n\r\n// Kick off an opportunistic load on import so the cache is warm by the\r\n// time components call useEzCoderManifest(). Errors are swallowed inside\r\n// load() and produce a fallback instance — never throws.\r\nimport { EzCoderManifest as _EzCoderManifestForBoot } from './manifest-consumer';\r\nif (typeof window !== 'undefined') {\r\n // Browser only. SSR/SSG paths that want the manifest should call\r\n // loadFromBuildOutput() or load() explicitly to control timing.\r\n void _EzCoderManifestForBoot.load();\r\n}\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAoEA,IAAM,gBAA8C,oBAAI,IAAI;AAC5D,IAAM,gBAAuD,oBAAI,IAAI;AAQrE,IAAM,6BAAwD,OAAO,OAAO;AAAA,EAC1E,MAAM;AAAA,EACN,SAAS;AAAA,EACT,UAAU;AAAA,EACV,OAAO;AAAA,EACP,MAAM;AAAA,EACN,UAAU;AAAA,EACV,eAAe;AACjB,CAAC;AAUM,IAAM,kBAAN,MAAM,iBAAgB;AAAA,EAI3B,YAAY,UAAoC,QAA0C;AACxF,SAAK,WAAW;AAChB,SAAK,SAAS;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,aAAa,OAAiC;AAC5C,UAAM,YAAY,IAAI;AACtB,UAAM,SAAS,IAAI;AACnB,UAAM,cAAc,gBAAgB;AAEpC,QAAI,CAAC,aAAa,CAAC,QAAQ;AACzB,aAAO,IAAI,iBAAgB,MAAM,UAAU;AAAA,IAC7C;AAEA,UAAM,WAAW,GAAG,SAAS,KAAK,MAAM;AACxC,UAAM,SAAS,cAAc,IAAI,QAAQ;AACzC,QAAI,OAAQ,QAAO;AAEnB,UAAM,WAAW,cAAc,IAAI,QAAQ;AAC3C,QAAI,SAAU,QAAO;AAErB,UAAM,cAAc,cAAc,QAAQ,WAAW,EAClD,KAAK,CAAC,MAAM;AACX,YAAM,WAAW,IAAI,iBAAgB,GAAG,SAAS;AACjD,oBAAc,IAAI,UAAU,QAAQ;AACpC,aAAO;AAAA,IACT,CAAC,EACA,MAAM,CAAC,QAAiB;AACvB,YAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,UAAI,OAAO,YAAY,aAAa;AAClC,gBAAQ,KAAK,wCAAwC,OAAO,qCAAqC;AAAA,MACnG;AACA,YAAM,WAAW,IAAI,iBAAgB,MAAM,UAAU;AACrD,oBAAc,IAAI,UAAU,QAAQ;AACpC,aAAO;AAAA,IACT,CAAC,EACA,QAAQ,MAAM;AACb,oBAAc,OAAO,QAAQ;AAAA,IAC/B,CAAC;AAEH,kBAAc,IAAI,UAAU,WAAW;AACvC,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,OAAO,sBAA8C;AACnD,QAAI;AACF,UAAI,OAAO,YAAY,eAAe,CAAC,QAAQ,UAAU,MAAM;AAC7D,eAAO;AAAA,MACT;AAMA,YAAM,aAAa,IAAI;AAAA,QACrB;AAAA,MACF;AACA,YAAM,iBAAiB,WAAW;AAClC,UAAI,CAAC,eAAgB,QAAO;AAC5B,YAAM,KAAK,eAAe,IAAI;AAC9B,YAAM,OAAO,eAAe,MAAM;AAClC,YAAM,MAAM,QAAQ,IAAI;AACxB,YAAM,OAAO,KAAK,QAAQ,KAAK,gBAAgB,YAAY,eAAe;AAC1E,YAAM,MAAM,GAAG,aAAa,MAAM,MAAM;AACxC,YAAM,UAAmB,KAAK,MAAM,GAAG;AACvC,YAAM,SAAS,qBAAqB,OAAO;AAC3C,UAAI,CAAC,OAAQ,QAAO;AACpB,aAAO,IAAI,iBAAgB,QAAQ,OAAO;AAAA,IAC5C,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,qBAAsC;AACpC,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,EAAE,GAAG,2BAA2B;AAAA,IACzC;AACA,UAAM,KAAK,KAAK,SAAS;AACzB,WAAO;AAAA,MACL,MAAM,QAAQ,GAAG,IAAI;AAAA,MACrB,SAAS,QAAQ,GAAG,OAAO;AAAA,MAC3B,UAAU,QAAQ,GAAG,QAAQ;AAAA,MAC7B,OAAO,QAAQ,GAAG,KAAK;AAAA,MACvB,MAAM,QAAQ,GAAG,IAAI;AAAA,MACrB,UAAU,QAAQ,GAAG,QAAQ;AAAA;AAAA;AAAA,MAG7B,eAAe,QAAQ,GAAG,SAAS,GAAG,IAAI;AAAA,IAC5C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAsB;AACpB,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAC,EAAE;AAAA,IAClC;AACA,WAAO;AAAA,MACL,QAAQ,KAAK,SAAS,SAAS;AAAA,MAC/B,QAAQ,CAAC;AAAA,IACX;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,QAAwC;AAC1C,WAAO,KAAK,mBAAmB,EAAE,MAAM;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,YAA8C;AAC5C,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAO,uBAA6B;AAClC,kBAAc,MAAM;AACpB,kBAAc,MAAM;AAAA,EACtB;AACF;AAIA,SAAS,kBAA0B;AAIjC,QAAM,WAAW,QAAQ,+BAA+B;AACxD,MAAI,SAAU,QAAO;AACrB,QAAM,WAAW,QAAQ,sCAAsC;AAC/D,MAAI,SAAU,QAAO;AACrB,SAAO,QAAQ,0BAA0B;AAC3C;AAEA,SAAS,QAAQ,KAAqB;AACpC,MAAI;AACF,QAAI,OAAO,gBAAgB,eAAe,YAAY,KAAK;AACzD,YAAM,IAAK,YAAY,IAAgC,GAAG;AAC1D,UAAI,OAAO,MAAM,SAAU,QAAO;AAAA,IACpC;AAAA,EACF,QAAQ;AAAA,EAER;AACA,MAAI;AACF,QAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,aAAO,QAAQ,IAAI,GAAG,KAAK;AAAA,IAC7B;AAAA,EACF,QAAQ;AAAA,EAER;AACA,SAAO;AACT;AAEA,eAAe,cAAc,QAAgB,aAAiD;AAC5F,QAAM,UAAkC;AAAA,IACtC,UAAU;AAAA,EACZ;AACA,MAAI,aAAa;AACf,YAAQ,wBAAwB,IAAI;AAAA,EACtC;AACA,QAAM,MAAM,MAAM,MAAM,GAAG,MAAM,qBAAqB;AAAA,IACpD,QAAQ;AAAA,IACR;AAAA;AAAA;AAAA,IAGA,OAAO;AAAA,EACT,CAAC;AACD,MAAI,CAAC,IAAI,IAAI;AACX,UAAM,IAAI,MAAM,QAAQ,IAAI,MAAM,EAAE;AAAA,EACtC;AACA,QAAM,OAAgB,MAAM,IAAI,KAAK;AACrC,QAAM,SAAS,qBAAqB,IAAI;AACxC,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI,MAAM,0CAA0C;AAAA,EAC5D;AACA,SAAO;AACT;AASA,SAAS,qBAAqB,OAA0C;AACtE,MAAI,CAAC,SAAS,KAAK,EAAG,QAAO;AAC7B,QAAM,YAAY,MAAM;AACxB,QAAM,cAAc,MAAM;AAC1B,QAAM,UAAU,MAAM;AACtB,QAAM,QAAQ,MAAM;AACpB,MAAI,OAAO,cAAc,YAAY,UAAU,WAAW,EAAG,QAAO;AACpE,MAAI,CAAC,SAAS,WAAW,EAAG,QAAO;AACnC,MAAI,CAAC,SAAS,OAAO,KAAK,CAAC,MAAM,QAAQ,QAAQ,MAAM,EAAG,QAAO;AACjE,MAAI,CAAC,MAAM,QAAQ,KAAK,EAAG,QAAO;AAClC,QAAM,kBACJ,OAAO,MAAM,qBAAqB,WAAW,MAAM,mBAAmB;AACxE,SAAO;AAAA,IACL,kBAAkB;AAAA,IAClB,YAAY;AAAA,IACZ,sBAAsB;AAAA,IACtB,UAAU,EAAE,QAAQ,QAAQ,OAAO,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ,EAAE;AAAA,IACrF,kBAAkB,MAAM,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ;AAAA,EAC1E;AACF;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;;;AC1UA,SAAS,WAAW,gBAAgB;AAiB7B,SAAS,qBAA+C;AAG7D,QAAM,CAAC,UAAU,WAAW,IAAI;AAAA,IAC9B,MAAM,gBAAgB,oBAAoB;AAAA,EAC5C;AACA,QAAM,CAAC,SAAS,UAAU,IAAI,SAAkB,aAAa,IAAI;AAEjE,YAAU,MAAM;AAEd,QAAI,SAAU;AAEd,QAAI,YAAY;AAChB,oBAAgB,KAAK,EAClB,KAAK,CAAC,MAAM;AACX,UAAI,UAAW;AACf,kBAAY,CAAC;AACb,iBAAW,KAAK;AAAA,IAClB,CAAC,EACA,MAAM,MAAM;AACX,UAAI,UAAW;AAGf,iBAAW,KAAK;AAAA,IAClB,CAAC;AAEH,WAAO,MAAM;AACX,kBAAY;AAAA,IACd;AAAA,EAIF,GAAG,CAAC,CAAC;AAEL,SAAO;AAAA,IACL;AAAA,IACA,SAAS,WAAW,SAAS,mBAAmB,IAAI;AAAA,IACpD;AAAA,IACA,QAAQ,WAAW,SAAS,UAAU,IAAI;AAAA,EAC5C;AACF;;;AChCA,IAAI,OAAO,WAAW,aAAa;AAGjC,OAAK,gBAAwB,KAAK;AACpC;","names":[]}
1
+ {"version":3,"sources":["../src/manifest-consumer.ts","../src/useEzCoderManifest.ts","../src/index.ts"],"sourcesContent":["/**\r\n * @module manifest-consumer\r\n * @description Runtime + build-time consumer of the EzCoder Capability Manifest.\r\n *\r\n * Track B (B7) — the user-app SDK reads the project's Capability Manifest so\r\n * it knows which feature modules are actually required (auth, storage,\r\n * payments, email, cron, notifications, database) and which env refs to\r\n * expect. The SDK historically auto-registered everything regardless of\r\n * project needs; this consumer adds *opt-in* awareness without breaking\r\n * existing consumers.\r\n *\r\n * Failure mode is deliberately permissive: any fetch/parse error falls\r\n * through to \"all modules considered required\" so a flaky network blip on\r\n * the user's deployed site never silently disables a feature.\r\n */\r\n\r\nimport { env } from './core/config';\r\n\r\n// ─── Public surface ───────────────────────────────────────────────────────\r\n\r\n/**\r\n * The seven modules the SDK can register. Mirrors the keys of\r\n * `service_requirements` in lib/manifest/schema.ts plus `database` derived\r\n * from the `database` requirement block.\r\n */\r\nexport interface RequiredModules {\r\n auth: boolean;\r\n storage: boolean;\r\n payments: boolean;\r\n email: boolean;\r\n cron: boolean;\r\n database: boolean;\r\n notifications: boolean;\r\n}\r\n\r\n/**\r\n * Public + (publicly-visible names of) secret env refs. The server-side\r\n * endpoint deliberately strips `secret` before returning, but we keep the\r\n * field on the consumer type as an empty array for forward-compat — once a\r\n * privileged consumer path exists it can populate it.\r\n */\r\nexport interface EnvRefs {\r\n public: ReadonlyArray<string>;\r\n secret: ReadonlyArray<string>;\r\n}\r\n\r\n/**\r\n * The shape the SDK actually consumes. A trimmed projection of the full\r\n * Capability Manifest; the server endpoint enforces the projection so the\r\n * SDK can never see secret-ref names even if it asks for them.\r\n */\r\nexport interface SanitizedManifest {\r\n manifest_version: number;\r\n project_id: string;\r\n service_requirements: {\r\n database?: { provider: string; rls_required: boolean; tables: ReadonlyArray<string> };\r\n auth?: { provider: string; flows: ReadonlyArray<string> };\r\n storage?: { buckets: ReadonlyArray<string> };\r\n payments?: { mode: string };\r\n email?: { provider: string };\r\n cron?: { jobs: ReadonlyArray<{ name: string; schedule: string }> };\r\n };\r\n env_refs: { public: ReadonlyArray<string> };\r\n validation_gates: ReadonlyArray<string>;\r\n}\r\n\r\n// ─── Module-level cache (keyed by projectId) ──────────────────────────────\r\n\r\nconst manifestCache: Map<string, EzCoderManifest> = new Map();\r\nconst inflightLoads: Map<string, Promise<EzCoderManifest>> = new Map();\r\n\r\n/**\r\n * Default-on RequiredModules — used as the safe fallback when no manifest\r\n * is available. Preserves the SDK's historical behaviour (everything wired)\r\n * so a missing/failed manifest never silently disables a feature in\r\n * already-deployed user apps.\r\n */\r\nconst PERMISSIVE_DEFAULT_MODULES: Readonly<RequiredModules> = Object.freeze({\r\n auth: true,\r\n storage: true,\r\n payments: true,\r\n email: true,\r\n cron: true,\r\n database: true,\r\n notifications: true,\r\n});\r\n\r\n// ─── EzCoderManifest class ────────────────────────────────────────────────\r\n\r\n/**\r\n * Wraps a sanitized manifest payload and exposes module/env-ref queries.\r\n * Instances are immutable — `manifest` is captured at construction time and\r\n * never mutated. Use the static `load()` / `loadFromBuildOutput()` factories\r\n * rather than calling `new` directly so the page-lifetime cache is honoured.\r\n */\r\nexport class EzCoderManifest {\r\n private readonly manifest: SanitizedManifest | null;\r\n private readonly source: 'runtime' | 'build' | 'fallback';\r\n\r\n constructor(manifest: SanitizedManifest | null, source: 'runtime' | 'build' | 'fallback') {\r\n this.manifest = manifest;\r\n this.source = source;\r\n }\r\n\r\n /**\r\n * Fetch the manifest at runtime from the platform API. Returns a\r\n * cached instance for the lifetime of the page; concurrent callers share\r\n * a single in-flight fetch. Falls back to a permissive (all-modules-on)\r\n * instance on any error.\r\n */\r\n static async load(): Promise<EzCoderManifest> {\r\n const projectId = env.EZC_PROJECT_ID;\r\n const apiUrl = env.EZCODER_API_URL;\r\n const publicToken = readPublicToken();\r\n\r\n if (!projectId || !apiUrl) {\r\n return new EzCoderManifest(null, 'fallback');\r\n }\r\n\r\n const cacheKey = `${projectId}::${apiUrl}`;\r\n const cached = manifestCache.get(cacheKey);\r\n if (cached) return cached;\r\n\r\n const inflight = inflightLoads.get(cacheKey);\r\n if (inflight) return inflight;\r\n\r\n const loadPromise = fetchManifest(apiUrl, publicToken)\r\n .then((m) => {\r\n const instance = new EzCoderManifest(m, 'runtime');\r\n manifestCache.set(cacheKey, instance);\r\n return instance;\r\n })\r\n .catch((err: unknown) => {\r\n const message = err instanceof Error ? err.message : 'unknown';\r\n if (typeof console !== 'undefined') {\r\n console.warn(`[EzCoder SDK] manifest fetch failed (${message}); falling back to permissive mode.`);\r\n }\r\n const fallback = new EzCoderManifest(null, 'fallback');\r\n manifestCache.set(cacheKey, fallback);\r\n return fallback;\r\n })\r\n .finally(() => {\r\n inflightLoads.delete(cacheKey);\r\n });\r\n\r\n inflightLoads.set(cacheKey, loadPromise);\r\n return loadPromise;\r\n }\r\n\r\n /**\r\n * Read a manifest written by the build-time codegen step (see\r\n * scripts/fetch-build-manifest.js). Used by SSG callers that want to\r\n * avoid a runtime network round-trip. Returns null when no build-time\r\n * manifest is present — callers should fall back to `load()`.\r\n *\r\n * Implementation note: we deliberately avoid a static `import` because\r\n * (a) the file may not exist, which would be a hard module-resolution\r\n * error, and (b) browser bundles must not pull in the JSON. We probe\r\n * `process` to detect Node, then read the file from disk via the eval'd\r\n * dynamic require — the eval indirection keeps bundlers from following\r\n * the path at build time.\r\n */\r\n static loadFromBuildOutput(): EzCoderManifest | null {\r\n try {\r\n if (typeof process === 'undefined' || !process.versions?.node) {\r\n return null;\r\n }\r\n // Avoid a static `import('fs')` because (a) the file may not exist,\r\n // (b) bundlers would attempt to resolve it for browser targets, and\r\n // (c) we want a Node-only branch the bundler can drop. Construct the\r\n // require lookup via the Function constructor so the literal \"require\"\r\n // identifier never appears in any statically-analyzable position.\r\n const getRequire = new Function(\r\n 'return typeof require === \"function\" ? require : null;',\r\n ) as () => ((id: string) => unknown) | null;\r\n const dynamicRequire = getRequire();\r\n if (!dynamicRequire) return null;\r\n const fs = dynamicRequire('fs') as { readFileSync: (p: string, enc: string) => string };\r\n const path = dynamicRequire('path') as { resolve: (...segments: string[]) => string };\r\n const cwd = process.cwd();\r\n const full = path.resolve(cwd, 'node_modules', '.ezcoder', 'manifest.json');\r\n const raw = fs.readFileSync(full, 'utf8');\r\n const payload: unknown = JSON.parse(raw);\r\n const parsed = parseManifestPayload(payload);\r\n if (!parsed) return null;\r\n return new EzCoderManifest(parsed, 'build');\r\n } catch {\r\n return null;\r\n }\r\n }\r\n\r\n /**\r\n * Returns the boolean enablement map for each SDK module. When no\r\n * manifest is loaded, returns the permissive default (everything on) so\r\n * legacy behaviour is preserved.\r\n */\r\n getRequiredModules(): RequiredModules {\r\n if (!this.manifest) {\r\n return { ...PERMISSIVE_DEFAULT_MODULES };\r\n }\r\n const sr = this.manifest.service_requirements;\r\n return {\r\n auth: Boolean(sr.auth),\r\n storage: Boolean(sr.storage),\r\n payments: Boolean(sr.payments),\r\n email: Boolean(sr.email),\r\n cron: Boolean(sr.cron),\r\n database: Boolean(sr.database),\r\n // notifications is not in service_requirements v0; derive from email\r\n // OR auth so the existing notifications module behaves sensibly.\r\n notifications: Boolean(sr.email || sr.auth),\r\n };\r\n }\r\n\r\n /**\r\n * Returns the env refs declared by the manifest. The `secret` array is\r\n * always empty when the manifest came from the public SDK endpoint —\r\n * server-only refs are stripped before transit (see pages/api/sdk/manifest.js).\r\n */\r\n getEnvRefs(): EnvRefs {\r\n if (!this.manifest) {\r\n return { public: [], secret: [] };\r\n }\r\n return {\r\n public: this.manifest.env_refs.public,\r\n secret: [],\r\n };\r\n }\r\n\r\n /**\r\n * Convenience: is a given module required by this app?\r\n */\r\n has(module: keyof RequiredModules): boolean {\r\n return this.getRequiredModules()[module];\r\n }\r\n\r\n /**\r\n * Where the manifest was loaded from. Useful for debugging and for\r\n * surface-level telemetry (`fallback` means we never got the real one).\r\n */\r\n getSource(): 'runtime' | 'build' | 'fallback' {\r\n return this.source;\r\n }\r\n\r\n /**\r\n * Test-only helper: wipe the page-lifetime cache. Never call this in\r\n * production code.\r\n */\r\n static __resetCacheForTests(): void {\r\n manifestCache.clear();\r\n inflightLoads.clear();\r\n }\r\n}\r\n\r\n// ─── Internals ────────────────────────────────────────────────────────────\r\n\r\nfunction readPublicToken(): string {\r\n // The PUBLIC token is intentionally distinct from the server-only secret\r\n // key. We accept both Vite and Next env shapes; both must be safe to\r\n // expose to the browser (i.e. namespaced as PUBLIC).\r\n const fromVite = safeEnv('VITE_EZC_PROJECT_TOKEN_PUBLIC');\r\n if (fromVite) return fromVite;\r\n const fromNext = safeEnv('NEXT_PUBLIC_EZC_PROJECT_TOKEN_PUBLIC');\r\n if (fromNext) return fromNext;\r\n return safeEnv('EZC_PROJECT_TOKEN_PUBLIC');\r\n}\r\n\r\nfunction safeEnv(key: string): string {\r\n try {\r\n if (typeof import.meta !== 'undefined' && import.meta.env) {\r\n const v = (import.meta.env as Record<string, unknown>)[key];\r\n if (typeof v === 'string') return v;\r\n }\r\n } catch {\r\n // import.meta unavailable in this runtime — fall through.\r\n }\r\n try {\r\n if (typeof process !== 'undefined' && process.env) {\r\n return process.env[key] || '';\r\n }\r\n } catch {\r\n // process unavailable — fall through.\r\n }\r\n return '';\r\n}\r\n\r\nasync function fetchManifest(apiUrl: string, publicToken: string): Promise<SanitizedManifest> {\r\n const headers: Record<string, string> = {\r\n 'Accept': 'application/json',\r\n };\r\n if (publicToken) {\r\n headers['X-EzCoder-Public-Token'] = publicToken;\r\n }\r\n const res = await fetch(`${apiUrl}/api/sdk/manifest`, {\r\n method: 'GET',\r\n headers,\r\n // Browsers will fold the 5-minute cache header automatically; this hint\r\n // is here for non-browser runtimes that respect it.\r\n cache: 'default',\r\n });\r\n if (!res.ok) {\r\n throw new Error(`HTTP ${res.status}`);\r\n }\r\n const body: unknown = await res.json();\r\n const parsed = parseManifestPayload(body);\r\n if (!parsed) {\r\n throw new Error('manifest payload failed shape validation');\r\n }\r\n return parsed;\r\n}\r\n\r\n/**\r\n * Permissive boundary parser. We deliberately do NOT pull Zod into the SDK\r\n * bundle — instead we run a lightweight shape check and let unknown fields\r\n * pass through. The server has already validated the manifest with Zod\r\n * before sending; this is just defense-in-depth against a malformed\r\n * response (e.g. an HTML error page).\r\n */\r\nfunction parseManifestPayload(input: unknown): SanitizedManifest | null {\r\n if (!isRecord(input)) return null;\r\n const projectId = input.project_id;\r\n const serviceReqs = input.service_requirements;\r\n const envRefs = input.env_refs;\r\n const gates = input.validation_gates;\r\n if (typeof projectId !== 'string' || projectId.length === 0) return null;\r\n if (!isRecord(serviceReqs)) return null;\r\n if (!isRecord(envRefs) || !Array.isArray(envRefs.public)) return null;\r\n if (!Array.isArray(gates)) return null;\r\n const manifestVersion =\r\n typeof input.manifest_version === 'number' ? input.manifest_version : 0;\r\n return {\r\n manifest_version: manifestVersion,\r\n project_id: projectId,\r\n service_requirements: serviceReqs as SanitizedManifest['service_requirements'],\r\n env_refs: { public: envRefs.public.filter((v): v is string => typeof v === 'string') },\r\n validation_gates: gates.filter((v): v is string => typeof v === 'string'),\r\n };\r\n}\r\n\r\nfunction isRecord(value: unknown): value is Record<string, unknown> {\r\n return typeof value === 'object' && value !== null && !Array.isArray(value);\r\n}\r\n","/**\r\n * @module useEzCoderManifest\r\n * @description React hook that exposes the loaded Capability Manifest to\r\n * components so they can branch on whether a feature module is required by\r\n * the current project.\r\n *\r\n * Importing this file pulls `react` as a peer dep — kept in a dedicated\r\n * file so SSR / non-React entries can consume `manifest-consumer.ts`\r\n * without touching React.\r\n */\r\n\r\nimport { useEffect, useState } from 'react';\r\nimport { EzCoderManifest, type RequiredModules } from './manifest-consumer';\r\n\r\nexport interface UseEzCoderManifestResult {\r\n manifest: EzCoderManifest | null;\r\n modules: RequiredModules | null;\r\n loading: boolean;\r\n source: 'runtime' | 'build' | 'fallback' | null;\r\n}\r\n\r\n/**\r\n * Synchronously prefers a build-time manifest (avoids a render-blocking\r\n * fetch on SSG/SSR); otherwise kicks off the async runtime load. Until the\r\n * load resolves, `modules` is null and callers should treat features as\r\n * unknown (recommended: render the historical default, then re-render once\r\n * `modules` settles).\r\n */\r\nexport function useEzCoderManifest(): UseEzCoderManifestResult {\r\n // Lazy initializer — `loadFromBuildOutput` touches the filesystem on Node\r\n // and must NOT run on every render. Memoized once across the mount.\r\n const [manifest, setManifest] = useState<EzCoderManifest | null>(\r\n () => EzCoderManifest.loadFromBuildOutput(),\r\n );\r\n const [loading, setLoading] = useState<boolean>(manifest === null);\r\n\r\n useEffect(() => {\r\n // If we already have a build-time manifest, no need to fetch.\r\n if (manifest) return;\r\n\r\n let cancelled = false;\r\n EzCoderManifest.load()\r\n .then((m) => {\r\n if (cancelled) return;\r\n setManifest(m);\r\n setLoading(false);\r\n })\r\n .catch(() => {\r\n if (cancelled) return;\r\n // load() already handles errors and returns a fallback, but be\r\n // defensive: ensure we never leave the UI stuck in loading state.\r\n setLoading(false);\r\n });\r\n\r\n return () => {\r\n cancelled = true;\r\n };\r\n // We only want this effect to run on mount; once `manifest` settles,\r\n // re-running would re-fetch unnecessarily.\r\n // eslint-disable-next-line react-hooks/exhaustive-deps\r\n }, []);\r\n\r\n return {\r\n manifest,\r\n modules: manifest ? manifest.getRequiredModules() : null,\r\n loading,\r\n source: manifest ? manifest.getSource() : null,\r\n };\r\n}\r\n","export { env, features, isFeatureConfigured, isNeonAuthConfigured } from './core/config';\r\nexport { loadBootstrap, getRuntimeConfig, configValue } from './core/bootstrap';\r\nexport type { RuntimeConfig } from './core/bootstrap';\r\nexport { supabase, isSupabaseConfigured } from './core/supabase';\r\nexport { ezcoder, ezcoderAuthIntegration } from './core/platform';\r\nexport { DatabaseProvider, useDatabase, DatabaseClient } from './database';\r\nexport type {\r\n AuthUser,\r\n UserProfile,\r\n SubscriptionTier,\r\n SubscriptionStatus,\r\n StorageResult,\r\n StorageFile,\r\n CheckoutOptions,\r\n EzcoderClient,\r\n AnalyticsResult,\r\n AuthIntegration,\r\n} from './core/types';\r\n\r\n// ─── Capability Manifest (B7) ────────────────────────────────────────────\r\n//\r\n// Manifest awareness is OPT-IN. The legacy module auto-registration is\r\n// preserved, so existing consumers see no behavioural change. New code can\r\n// import these to gate features:\r\n//\r\n// import { EzCoderManifest, useEzCoderManifest } from '@ezcoder.dev/sdk';\r\n// const { modules, loading } = useEzCoderManifest();\r\n// if (!loading && modules?.payments) renderCheckout();\r\n//\r\nexport { EzCoderManifest } from './manifest-consumer';\r\nexport type { RequiredModules, EnvRefs, SanitizedManifest } from './manifest-consumer';\r\nexport { useEzCoderManifest } from './useEzCoderManifest';\r\nexport type { UseEzCoderManifestResult } from './useEzCoderManifest';\r\n\r\n// Kick off an opportunistic load on import so the cache is warm by the\r\n// time components call useEzCoderManifest(). Errors are swallowed inside\r\n// load() and produce a fallback instance — never throws.\r\nimport { EzCoderManifest as _EzCoderManifestForBoot } from './manifest-consumer';\r\nif (typeof window !== 'undefined') {\r\n // Browser only. SSR/SSG paths that want the manifest should call\r\n // loadFromBuildOutput() or load() explicitly to control timing.\r\n void _EzCoderManifestForBoot.load();\r\n}\r\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;AAoEA,IAAM,gBAA8C,oBAAI,IAAI;AAC5D,IAAM,gBAAuD,oBAAI,IAAI;AAQrE,IAAM,6BAAwD,OAAO,OAAO;AAAA,EAC1E,MAAM;AAAA,EACN,SAAS;AAAA,EACT,UAAU;AAAA,EACV,OAAO;AAAA,EACP,MAAM;AAAA,EACN,UAAU;AAAA,EACV,eAAe;AACjB,CAAC;AAUM,IAAM,kBAAN,MAAM,iBAAgB;AAAA,EAI3B,YAAY,UAAoC,QAA0C;AACxF,SAAK,WAAW;AAChB,SAAK,SAAS;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,aAAa,OAAiC;AAC5C,UAAM,YAAY,IAAI;AACtB,UAAM,SAAS,IAAI;AACnB,UAAM,cAAc,gBAAgB;AAEpC,QAAI,CAAC,aAAa,CAAC,QAAQ;AACzB,aAAO,IAAI,iBAAgB,MAAM,UAAU;AAAA,IAC7C;AAEA,UAAM,WAAW,GAAG,SAAS,KAAK,MAAM;AACxC,UAAM,SAAS,cAAc,IAAI,QAAQ;AACzC,QAAI,OAAQ,QAAO;AAEnB,UAAM,WAAW,cAAc,IAAI,QAAQ;AAC3C,QAAI,SAAU,QAAO;AAErB,UAAM,cAAc,cAAc,QAAQ,WAAW,EAClD,KAAK,CAAC,MAAM;AACX,YAAM,WAAW,IAAI,iBAAgB,GAAG,SAAS;AACjD,oBAAc,IAAI,UAAU,QAAQ;AACpC,aAAO;AAAA,IACT,CAAC,EACA,MAAM,CAAC,QAAiB;AACvB,YAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,UAAI,OAAO,YAAY,aAAa;AAClC,gBAAQ,KAAK,wCAAwC,OAAO,qCAAqC;AAAA,MACnG;AACA,YAAM,WAAW,IAAI,iBAAgB,MAAM,UAAU;AACrD,oBAAc,IAAI,UAAU,QAAQ;AACpC,aAAO;AAAA,IACT,CAAC,EACA,QAAQ,MAAM;AACb,oBAAc,OAAO,QAAQ;AAAA,IAC/B,CAAC;AAEH,kBAAc,IAAI,UAAU,WAAW;AACvC,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,OAAO,sBAA8C;AACnD,QAAI;AACF,UAAI,OAAO,YAAY,eAAe,CAAC,QAAQ,UAAU,MAAM;AAC7D,eAAO;AAAA,MACT;AAMA,YAAM,aAAa,IAAI;AAAA,QACrB;AAAA,MACF;AACA,YAAM,iBAAiB,WAAW;AAClC,UAAI,CAAC,eAAgB,QAAO;AAC5B,YAAM,KAAK,eAAe,IAAI;AAC9B,YAAM,OAAO,eAAe,MAAM;AAClC,YAAM,MAAM,QAAQ,IAAI;AACxB,YAAM,OAAO,KAAK,QAAQ,KAAK,gBAAgB,YAAY,eAAe;AAC1E,YAAM,MAAM,GAAG,aAAa,MAAM,MAAM;AACxC,YAAM,UAAmB,KAAK,MAAM,GAAG;AACvC,YAAM,SAAS,qBAAqB,OAAO;AAC3C,UAAI,CAAC,OAAQ,QAAO;AACpB,aAAO,IAAI,iBAAgB,QAAQ,OAAO;AAAA,IAC5C,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,qBAAsC;AACpC,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,EAAE,GAAG,2BAA2B;AAAA,IACzC;AACA,UAAM,KAAK,KAAK,SAAS;AACzB,WAAO;AAAA,MACL,MAAM,QAAQ,GAAG,IAAI;AAAA,MACrB,SAAS,QAAQ,GAAG,OAAO;AAAA,MAC3B,UAAU,QAAQ,GAAG,QAAQ;AAAA,MAC7B,OAAO,QAAQ,GAAG,KAAK;AAAA,MACvB,MAAM,QAAQ,GAAG,IAAI;AAAA,MACrB,UAAU,QAAQ,GAAG,QAAQ;AAAA;AAAA;AAAA,MAG7B,eAAe,QAAQ,GAAG,SAAS,GAAG,IAAI;AAAA,IAC5C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAsB;AACpB,QAAI,CAAC,KAAK,UAAU;AAClB,aAAO,EAAE,QAAQ,CAAC,GAAG,QAAQ,CAAC,EAAE;AAAA,IAClC;AACA,WAAO;AAAA,MACL,QAAQ,KAAK,SAAS,SAAS;AAAA,MAC/B,QAAQ,CAAC;AAAA,IACX;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,QAAwC;AAC1C,WAAO,KAAK,mBAAmB,EAAE,MAAM;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,YAA8C;AAC5C,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,OAAO,uBAA6B;AAClC,kBAAc,MAAM;AACpB,kBAAc,MAAM;AAAA,EACtB;AACF;AAIA,SAAS,kBAA0B;AAIjC,QAAM,WAAW,QAAQ,+BAA+B;AACxD,MAAI,SAAU,QAAO;AACrB,QAAM,WAAW,QAAQ,sCAAsC;AAC/D,MAAI,SAAU,QAAO;AACrB,SAAO,QAAQ,0BAA0B;AAC3C;AAEA,SAAS,QAAQ,KAAqB;AACpC,MAAI;AACF,QAAI,OAAO,gBAAgB,eAAe,YAAY,KAAK;AACzD,YAAM,IAAK,YAAY,IAAgC,GAAG;AAC1D,UAAI,OAAO,MAAM,SAAU,QAAO;AAAA,IACpC;AAAA,EACF,QAAQ;AAAA,EAER;AACA,MAAI;AACF,QAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,aAAO,QAAQ,IAAI,GAAG,KAAK;AAAA,IAC7B;AAAA,EACF,QAAQ;AAAA,EAER;AACA,SAAO;AACT;AAEA,eAAe,cAAc,QAAgB,aAAiD;AAC5F,QAAM,UAAkC;AAAA,IACtC,UAAU;AAAA,EACZ;AACA,MAAI,aAAa;AACf,YAAQ,wBAAwB,IAAI;AAAA,EACtC;AACA,QAAM,MAAM,MAAM,MAAM,GAAG,MAAM,qBAAqB;AAAA,IACpD,QAAQ;AAAA,IACR;AAAA;AAAA;AAAA,IAGA,OAAO;AAAA,EACT,CAAC;AACD,MAAI,CAAC,IAAI,IAAI;AACX,UAAM,IAAI,MAAM,QAAQ,IAAI,MAAM,EAAE;AAAA,EACtC;AACA,QAAM,OAAgB,MAAM,IAAI,KAAK;AACrC,QAAM,SAAS,qBAAqB,IAAI;AACxC,MAAI,CAAC,QAAQ;AACX,UAAM,IAAI,MAAM,0CAA0C;AAAA,EAC5D;AACA,SAAO;AACT;AASA,SAAS,qBAAqB,OAA0C;AACtE,MAAI,CAAC,SAAS,KAAK,EAAG,QAAO;AAC7B,QAAM,YAAY,MAAM;AACxB,QAAM,cAAc,MAAM;AAC1B,QAAM,UAAU,MAAM;AACtB,QAAM,QAAQ,MAAM;AACpB,MAAI,OAAO,cAAc,YAAY,UAAU,WAAW,EAAG,QAAO;AACpE,MAAI,CAAC,SAAS,WAAW,EAAG,QAAO;AACnC,MAAI,CAAC,SAAS,OAAO,KAAK,CAAC,MAAM,QAAQ,QAAQ,MAAM,EAAG,QAAO;AACjE,MAAI,CAAC,MAAM,QAAQ,KAAK,EAAG,QAAO;AAClC,QAAM,kBACJ,OAAO,MAAM,qBAAqB,WAAW,MAAM,mBAAmB;AACxE,SAAO;AAAA,IACL,kBAAkB;AAAA,IAClB,YAAY;AAAA,IACZ,sBAAsB;AAAA,IACtB,UAAU,EAAE,QAAQ,QAAQ,OAAO,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ,EAAE;AAAA,IACrF,kBAAkB,MAAM,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ;AAAA,EAC1E;AACF;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;;;AC1UA,SAAS,WAAW,gBAAgB;AAiB7B,SAAS,qBAA+C;AAG7D,QAAM,CAAC,UAAU,WAAW,IAAI;AAAA,IAC9B,MAAM,gBAAgB,oBAAoB;AAAA,EAC5C;AACA,QAAM,CAAC,SAAS,UAAU,IAAI,SAAkB,aAAa,IAAI;AAEjE,YAAU,MAAM;AAEd,QAAI,SAAU;AAEd,QAAI,YAAY;AAChB,oBAAgB,KAAK,EAClB,KAAK,CAAC,MAAM;AACX,UAAI,UAAW;AACf,kBAAY,CAAC;AACb,iBAAW,KAAK;AAAA,IAClB,CAAC,EACA,MAAM,MAAM;AACX,UAAI,UAAW;AAGf,iBAAW,KAAK;AAAA,IAClB,CAAC;AAEH,WAAO,MAAM;AACX,kBAAY;AAAA,IACd;AAAA,EAIF,GAAG,CAAC,CAAC;AAEL,SAAO;AAAA,IACL;AAAA,IACA,SAAS,WAAW,SAAS,mBAAmB,IAAI;AAAA,IACpD;AAAA,IACA,QAAQ,WAAW,SAAS,UAAU,IAAI;AAAA,EAC5C;AACF;;;AC9BA,IAAI,OAAO,WAAW,aAAa;AAGjC,OAAK,gBAAwB,KAAK;AACpC;","names":[]}
package/dist/notifications/index.js CHANGED
@@ -1,17 +1,17 @@
1
1
  import {
2
2
  resolveServerToken
3
- } from "../chunk-CQKYANAW.js";
3
+ } from "../chunk-4WGGFJPE.js";
4
4
  import {
5
5
  AuthContext
6
- } from "../chunk-QHB7LGCA.js";
7
- import "../chunk-HJ2EIZ4S.js";
6
+ } from "../chunk-NTA3RMYR.js";
7
+ import "../chunk-DU6N3HVQ.js";
8
8
  import {
9
9
  supabase
10
- } from "../chunk-I2YGB7Z6.js";
10
+ } from "../chunk-KKTY5NCR.js";
11
11
  import {
12
12
  env,
13
13
  features
14
- } from "../chunk-LIUE7M7K.js";
14
+ } from "../chunk-X4JP7DCK.js";
15
15
 
16
16
  // src/notifications/useNotifications.ts
17
17
  import { useState, useEffect, useCallback, useContext } from "react";
package/dist/payments/index.js CHANGED
@@ -1,15 +1,15 @@
1
1
  import {
2
2
  AuthContext
3
- } from "../chunk-QHB7LGCA.js";
3
+ } from "../chunk-NTA3RMYR.js";
4
4
  import {
5
5
  ezcoder
6
- } from "../chunk-HJ2EIZ4S.js";
6
+ } from "../chunk-DU6N3HVQ.js";
7
7
  import {
8
8
  supabase
9
- } from "../chunk-I2YGB7Z6.js";
9
+ } from "../chunk-KKTY5NCR.js";
10
10
  import {
11
11
  features
12
- } from "../chunk-LIUE7M7K.js";
12
+ } from "../chunk-X4JP7DCK.js";
13
13
 
14
14
  // src/payments/useSubscription.ts
15
15
  import { useState, useEffect, useCallback, useContext } from "react";
package/dist/roles/index.js CHANGED
@@ -1,13 +1,13 @@
1
1
  import {
2
2
  AuthContext
3
- } from "../chunk-QHB7LGCA.js";
4
- import "../chunk-HJ2EIZ4S.js";
3
+ } from "../chunk-NTA3RMYR.js";
4
+ import "../chunk-DU6N3HVQ.js";
5
5
  import {
6
6
  supabase
7
- } from "../chunk-I2YGB7Z6.js";
7
+ } from "../chunk-KKTY5NCR.js";
8
8
  import {
9
9
  features
10
- } from "../chunk-LIUE7M7K.js";
10
+ } from "../chunk-X4JP7DCK.js";
11
11
 
12
12
  // src/roles/useRoles.ts
13
13
  import { useState, useEffect, useCallback, useContext } from "react";
package/dist/storage/index.js CHANGED
@@ -1,14 +1,14 @@
1
1
  import {
2
2
  AuthContext
3
- } from "../chunk-QHB7LGCA.js";
4
- import "../chunk-HJ2EIZ4S.js";
3
+ } from "../chunk-NTA3RMYR.js";
4
+ import "../chunk-DU6N3HVQ.js";
5
5
  import {
6
6
  supabase
7
- } from "../chunk-I2YGB7Z6.js";
7
+ } from "../chunk-KKTY5NCR.js";
8
8
  import {
9
9
  env,
10
10
  features
11
- } from "../chunk-LIUE7M7K.js";
11
+ } from "../chunk-X4JP7DCK.js";
12
12
 
13
13
  // src/storage/useStorage.ts
14
14
  import { useState, useCallback, useContext } from "react";
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@ezcoder.dev/sdk",
3
- "version": "1.3.2",
3
+ "version": "1.4.0",
4
4
  "description": "EzCoder Platform SDK — auth, payments, storage, analytics, and more with zero configuration",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
@@ -122,10 +122,13 @@
122
122
  "typecheck": "tsc --noEmit",
123
123
  "clean": "rm -rf dist"
124
124
  },
125
+ "dependencies": {
126
+ "better-auth": "^1.6.19"
127
+ },
125
128
  "peerDependencies": {
129
+ "@supabase/supabase-js": "^2.0.0",
126
130
  "react": "^18.0.0",
127
- "react-dom": "^18.0.0",
128
- "@supabase/supabase-js": "^2.0.0"
131
+ "react-dom": "^18.0.0"
129
132
  },
130
133
  "peerDependenciesMeta": {
131
134
  "framer-motion": {
@@ -139,10 +142,10 @@
139
142
  }
140
143
  },
141
144
  "devDependencies": {
142
- "tsup": "^8.0.0",
143
- "typescript": "^5.5.0",
144
145
  "@types/react": "^18.0.0",
145
- "@types/react-dom": "^18.0.0"
146
+ "@types/react-dom": "^18.0.0",
147
+ "tsup": "^8.0.0",
148
+ "typescript": "^5.5.0"
146
149
  },
147
150
  "license": "MIT"
148
151
  }
package/dist/chunk-LIUE7M7K.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/core/config.ts"],"sourcesContent":["const getEnv = (viteKey: string, nextKey?: string): string => {\r\n try {\r\n if (typeof import.meta !== 'undefined' && import.meta.env) {\r\n return (import.meta.env[viteKey] as string) || '';\r\n }\r\n } catch {\r\n // import.meta not available\r\n }\r\n try {\r\n if (typeof process !== 'undefined' && process.env) {\r\n return process.env[nextKey || viteKey] || '';\r\n }\r\n } catch {\r\n // process not available\r\n }\r\n return '';\r\n};\r\n\r\nexport const env = {\r\n SUPABASE_URL: getEnv('VITE_SUPABASE_URL', 'NEXT_PUBLIC_SUPABASE_URL'),\r\n SUPABASE_ANON_KEY: getEnv('VITE_SUPABASE_ANON_KEY', 'NEXT_PUBLIC_SUPABASE_ANON_KEY'),\r\n EZCODER_AUTH_URL: getEnv('VITE_EZCODER_AUTH_URL', 'NEXT_PUBLIC_EZCODER_AUTH_URL'),\r\n EZCODER_AUTH_ANON_KEY: getEnv('VITE_EZCODER_AUTH_ANON_KEY', 'NEXT_PUBLIC_EZCODER_AUTH_ANON_KEY'),\r\n STRIPE_PUBLISHABLE_KEY: getEnv('VITE_STRIPE_PUBLISHABLE_KEY', 'NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY'),\r\n EZC_PROJECT_ID: getEnv('VITE_EZC_PROJECT_ID', 'NEXT_PUBLIC_EZC_PROJECT_ID'),\r\n EZCODER_API_URL: getEnv('VITE_EZCODER_API_URL', 'NEXT_PUBLIC_EZCODER_API_URL'),\r\n // Server-only secret for Stripe + authenticated platform API calls. Deployment\r\n // injects this as `EZCODER_SECRET_KEY` (see lib/deployment/fetch-project-env-vars.js);\r\n // resolve that name first, then fall back to the legacy `EZC_SECRET_KEY` so older\r\n // deploys keep working. Both are non-VITE/non-NEXT_PUBLIC (never exposed to the browser).\r\n EZC_SECRET_KEY: getEnv('EZCODER_SECRET_KEY', 'EZCODER_SECRET_KEY') || getEnv('EZC_SECRET_KEY', 'EZC_SECRET_KEY'),\r\n // B1: two-class project token model.\r\n //\r\n // EZC_PROJECT_TOKEN_PUBLIC — browser-safe. Read-only endpoints (manifest,\r\n // list, etc). Available in both server and\r\n // browser bundles via NEXT_PUBLIC_/VITE_\r\n // prefixes.\r\n // EZC_PROJECT_TOKEN_SERVER — server-only. Authenticates write APIs\r\n // (email send, cron register, notifications\r\n // send). NEVER prefixed with NEXT_PUBLIC_ or\r\n // VITE_; accessing it from a browser bundle\r\n // returns '' and the calling SDK function\r\n // must error out with a clear message.\r\n EZC_PROJECT_TOKEN_PUBLIC: getEnv('VITE_EZC_PROJECT_TOKEN_PUBLIC', 'NEXT_PUBLIC_EZC_PROJECT_TOKEN_PUBLIC'),\r\n EZC_PROJECT_TOKEN_SERVER: getEnv('EZC_PROJECT_TOKEN_SERVER', 'EZC_PROJECT_TOKEN_SERVER'),\r\n // Legacy single-class token. Deprecated, kept for backwards compat during\r\n // Phase 1 of the rollout. New code MUST use the split pair above.\r\n EZC_PROJECT_TOKEN_LEGACY: getEnv('VITE_EZC_PROJECT_TOKEN', 'NEXT_PUBLIC_EZC_PROJECT_TOKEN'),\r\n S3_BUCKET: getEnv('VITE_S3_BUCKET', 'S3_BUCKET'),\r\n CLOUDINARY_URL: getEnv('VITE_CLOUDINARY_URL', 'CLOUDINARY_URL'),\r\n STORAGE_BUCKET_PUBLIC: getEnv('VITE_STORAGE_BUCKET_PUBLIC', 'NEXT_PUBLIC_STORAGE_BUCKET_PUBLIC'),\r\n STORAGE_BUCKET_PRIVATE: getEnv('VITE_STORAGE_BUCKET_PRIVATE', 'NEXT_PUBLIC_STORAGE_BUCKET_PRIVATE'),\r\n};\r\n\r\nexport const features = {\r\n auth: Boolean(\r\n (env.SUPABASE_URL && env.SUPABASE_ANON_KEY) ||\r\n (env.EZCODER_AUTH_URL && env.EZCODER_AUTH_ANON_KEY)\r\n ),\r\n payments: Boolean(env.STRIPE_PUBLISHABLE_KEY),\r\n analytics: Boolean(env.EZCODER_API_URL && env.EZC_PROJECT_ID),\r\n storage: Boolean(env.SUPABASE_URL || env.EZCODER_AUTH_URL || env.S3_BUCKET || env.CLOUDINARY_URL),\r\n database: Boolean(\r\n (env.EZCODER_AUTH_URL || env.SUPABASE_URL) && env.EZC_PROJECT_ID\r\n ),\r\n};\r\n\r\nexport function isFeatureConfigured(feature: keyof typeof features): boolean {\r\n return features[feature];\r\n}\r\n"],"mappings":";AAAA,IAAM,SAAS,CAAC,SAAiB,YAA6B;AAC5D,MAAI;AACF,QAAI,OAAO,gBAAgB,eAAe,YAAY,KAAK;AACzD,aAAQ,YAAY,IAAI,OAAO,KAAgB;AAAA,IACjD;AAAA,EACF,QAAQ;AAAA,EAER;AACA,MAAI;AACF,QAAI,OAAO,YAAY,eAAe,QAAQ,KAAK;AACjD,aAAO,QAAQ,IAAI,WAAW,OAAO,KAAK;AAAA,IAC5C;AAAA,EACF,QAAQ;AAAA,EAER;AACA,SAAO;AACT;AAEO,IAAM,MAAM;AAAA,EACjB,cAAc,OAAO,qBAAqB,0BAA0B;AAAA,EACpE,mBAAmB,OAAO,0BAA0B,+BAA+B;AAAA,EACnF,kBAAkB,OAAO,yBAAyB,8BAA8B;AAAA,EAChF,uBAAuB,OAAO,8BAA8B,mCAAmC;AAAA,EAC/F,wBAAwB,OAAO,+BAA+B,oCAAoC;AAAA,EAClG,gBAAgB,OAAO,uBAAuB,4BAA4B;AAAA,EAC1E,iBAAiB,OAAO,wBAAwB,6BAA6B;AAAA;AAAA;AAAA;AAAA;AAAA,EAK7E,gBAAgB,OAAO,sBAAsB,oBAAoB,KAAK,OAAO,kBAAkB,gBAAgB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAa/G,0BAA0B,OAAO,iCAAiC,sCAAsC;AAAA,EACxG,0BAA0B,OAAO,4BAA4B,0BAA0B;AAAA;AAAA;AAAA,EAGvF,0BAA0B,OAAO,0BAA0B,+BAA+B;AAAA,EAC1F,WAAW,OAAO,kBAAkB,WAAW;AAAA,EAC/C,gBAAgB,OAAO,uBAAuB,gBAAgB;AAAA,EAC9D,uBAAuB,OAAO,8BAA8B,mCAAmC;AAAA,EAC/F,wBAAwB,OAAO,+BAA+B,oCAAoC;AACpG;AAEO,IAAM,WAAW;AAAA,EACtB,MAAM;AAAA,IACH,IAAI,gBAAgB,IAAI,qBACxB,IAAI,oBAAoB,IAAI;AAAA,EAC/B;AAAA,EACA,UAAU,QAAQ,IAAI,sBAAsB;AAAA,EAC5C,WAAW,QAAQ,IAAI,mBAAmB,IAAI,cAAc;AAAA,EAC5D,SAAS,QAAQ,IAAI,gBAAgB,IAAI,oBAAoB,IAAI,aAAa,IAAI,cAAc;AAAA,EAChG,UAAU;AAAA,KACP,IAAI,oBAAoB,IAAI,iBAAiB,IAAI;AAAA,EACpD;AACF;AAEO,SAAS,oBAAoB,SAAyC;AAC3E,SAAO,SAAS,OAAO;AACzB;","names":[]}
package/dist/chunk-QHB7LGCA.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/auth/AuthProvider.tsx"],"sourcesContent":["import { createContext, useContext, useState, useEffect, useCallback, useRef } from 'react';\r\nimport type { User, Session } from '@supabase/supabase-js';\r\nimport { supabase, isSupabaseConfigured } from '../core/supabase';\r\nimport { env } from '../core/config';\r\nimport { ezcoder, ezcoderAuthIntegration } from '../core/platform';\r\nimport type { UserProfile } from '../core/types';\r\n\r\ninterface AuthResult<T = unknown> {\r\n data: T | null;\r\n error: Error | null;\r\n}\r\n\r\ninterface SignUpOptions {\r\n metadata?: Record<string, unknown>;\r\n}\r\n\r\ninterface SignInWithProviderOptions {\r\n redirectTo?: string;\r\n [key: string]: unknown;\r\n}\r\n\r\nexport interface AuthContextType {\r\n user: User | null;\r\n profile: UserProfile | null;\r\n session: Session | null;\r\n loading: boolean;\r\n isConfigured: boolean;\r\n signUp: (email: string, password: string, options?: SignUpOptions) => Promise<AuthResult>;\r\n signIn: (email: string, password: string) => Promise<AuthResult>;\r\n signInWithProvider: (provider: string, options?: SignInWithProviderOptions) => Promise<AuthResult>;\r\n signOut: () => Promise<{ error: Error | null }>;\r\n resetPassword: (email: string) => Promise<AuthResult>;\r\n updatePassword: (newPassword: string) => Promise<AuthResult>;\r\n updateProfile: (updates: Partial<UserProfile>) => Promise<AuthResult>;\r\n refetchProfile: (userId: string) => Promise<UserProfile | null>;\r\n}\r\n\r\nconst NOT_CONFIGURED_MSG = 'Authentication is not configured. Ensure EzCoder platform credentials are injected, or connect your own Supabase database in Settings → Databases.';\r\nfunction notConfiguredError() {\r\n return new Error(NOT_CONFIGURED_MSG);\r\n}\r\n\r\nexport const AuthContext = createContext<AuthContextType>({\r\n user: null,\r\n profile: null,\r\n session: null,\r\n loading: true,\r\n isConfigured: false,\r\n signUp: async () => ({ data: null, error: null }),\r\n signIn: async () => ({ data: null, error: null }),\r\n signInWithProvider: async () => ({ data: null, error: null }),\r\n signOut: async () => ({ error: null }),\r\n resetPassword: async () => ({ data: null, error: null }),\r\n updatePassword: async () => ({ data: null, error: null }),\r\n updateProfile: async () => ({ data: null, error: null }),\r\n refetchProfile: async () => null,\r\n});\r\n\r\nexport function AuthProvider({ children }: { children: React.ReactNode }) {\r\n const [user, setUser] = useState<User | null>(null);\r\n const [profile, setProfile] = useState<UserProfile | null>(null);\r\n const [session, setSession] = useState<Session | null>(null);\r\n const [loading, setLoading] = useState<boolean>(true);\r\n const previousUserIdRef = useRef<string | null>(null);\r\n\r\n const fetchProfile = useCallback(async (userId: string): Promise<UserProfile | null> => {\r\n if (!userId) return null;\r\n\r\n try {\r\n let query = supabase\r\n .from('user_profiles')\r\n .select('*')\r\n .eq('id', userId);\r\n\r\n if (env.EZC_PROJECT_ID) {\r\n query = query.eq('project_id', env.EZC_PROJECT_ID);\r\n }\r\n\r\n const result = await query.single();\r\n\r\n const { data, error } = result || { data: null, error: null };\r\n\r\n if (error) {\r\n return null;\r\n }\r\n\r\n setProfile(data as UserProfile);\r\n return data as UserProfile;\r\n } catch {\r\n return null;\r\n }\r\n }, []);\r\n\r\n // SEC-1: bind the end-user to THIS project server-side (authoritative; app_metadata\r\n // is service-role-only). OAuth users have no signup metadata so the migration-226\r\n // trigger can't bind them — this is what stops migration 227 from locking them out.\r\n // No-ops if already bound. Non-blocking.\r\n const bindProjectIfNeeded = useCallback(async (currentUser: User | null): Promise<void> => {\r\n if (!currentUser || !env.EZC_PROJECT_ID || !env.EZCODER_API_URL) return;\r\n const appMeta = currentUser.app_metadata as Record<string, unknown> | undefined;\r\n if (appMeta?.bound_project_id) return;\r\n try {\r\n const { data } = await supabase.auth.getSession();\r\n const token = data?.session?.access_token;\r\n if (!token) return;\r\n const res = await fetch(`${env.EZCODER_API_URL.replace(/\\/$/, '')}/api/managed-auth/bind`, {\r\n method: 'POST',\r\n headers: {\r\n 'Content-Type': 'application/json',\r\n ...(env.EZC_PROJECT_TOKEN_PUBLIC ? { Authorization: `Bearer ${env.EZC_PROJECT_TOKEN_PUBLIC}` } : {}),\r\n 'X-EZC-User-Token': token,\r\n },\r\n body: JSON.stringify({ projectId: env.EZC_PROJECT_ID }),\r\n });\r\n const j = await res.json().catch(() => ({}));\r\n if (j?.changed) {\r\n // The new bound_project_id claim only appears after a token refresh.\r\n await supabase.auth.refreshSession();\r\n }\r\n } catch {\r\n // non-blocking — login still works; binding reconciles on next load / via backfill\r\n }\r\n }, []);\r\n\r\n useEffect(() => {\r\n supabase.auth.getSession().then(async ({ data: { session: initialSession } }) => {\r\n setSession(initialSession);\r\n setUser(initialSession?.user ?? null);\r\n\r\n if (initialSession?.user) {\r\n await fetchProfile(initialSession.user.id);\r\n bindProjectIfNeeded(initialSession.user);\r\n }\r\n\r\n setLoading(false);\r\n });\r\n\r\n const {\r\n data: { subscription },\r\n } = supabase.auth.onAuthStateChange(async (event, currentSession) => {\r\n setSession(currentSession);\r\n setUser(currentSession?.user ?? null);\r\n\r\n if (event === 'SIGNED_IN' && currentSession?.user) {\r\n await fetchProfile(currentSession.user.id);\r\n bindProjectIfNeeded(currentSession.user);\r\n ezcoderAuthIntegration.onLogin(currentSession.user);\r\n previousUserIdRef.current = currentSession.user.id;\r\n } else if (event === 'SIGNED_OUT') {\r\n setProfile(null);\r\n if (previousUserIdRef.current) {\r\n ezcoderAuthIntegration.onLogout(previousUserIdRef.current);\r\n previousUserIdRef.current = null;\r\n }\r\n } else if (event === 'USER_UPDATED' && currentSession?.user) {\r\n ezcoder.analytics.identify(currentSession.user.id, {\r\n email: currentSession.user.email,\r\n name: currentSession.user.user_metadata?.full_name,\r\n });\r\n }\r\n });\r\n\r\n // In-editor popup sign-in: the /auth/callback popup postMessages on completion;\r\n // the storage event is a same-origin fallback for the popup's localStorage write.\r\n const refreshFromExternal = () => {\r\n supabase.auth.getSession().then(({ data }) => {\r\n const s = data?.session ?? null;\r\n setSession(s);\r\n setUser(s?.user ?? null);\r\n if (s?.user) { fetchProfile(s.user.id); bindProjectIfNeeded(s.user); }\r\n });\r\n };\r\n const onMsg = (e: MessageEvent) => { if (e?.data?.type === 'ezc-auth-complete') refreshFromExternal(); };\r\n const onStorage = (e: StorageEvent) => { if (e.key && /auth-token/.test(e.key)) refreshFromExternal(); };\r\n if (typeof window !== 'undefined') {\r\n window.addEventListener('message', onMsg);\r\n window.addEventListener('storage', onStorage);\r\n }\r\n\r\n return () => {\r\n subscription.unsubscribe();\r\n if (typeof window !== 'undefined') {\r\n window.removeEventListener('message', onMsg);\r\n window.removeEventListener('storage', onStorage);\r\n }\r\n };\r\n }, [fetchProfile, bindProjectIfNeeded]);\r\n\r\n const signUp = useCallback(async (email: string, password: string, options: SignUpOptions = {}): Promise<AuthResult> => {\r\n if (!isSupabaseConfigured) {\r\n return { data: null, error: notConfiguredError() };\r\n }\r\n const { metadata = {} } = options;\r\n\r\n try {\r\n const signUpMetadata = { ...metadata };\r\n if (env.EZC_PROJECT_ID) {\r\n signUpMetadata.project_id = env.EZC_PROJECT_ID;\r\n signUpMetadata.bound_project_id = env.EZC_PROJECT_ID;\r\n }\r\n\r\n const result = await supabase.auth.signUp({\r\n email,\r\n password,\r\n options: { data: signUpMetadata },\r\n });\r\n\r\n const { data, error } = result || { data: null, error: new Error('Sign up failed') };\r\n\r\n if (error) {\r\n return { data: null, error };\r\n }\r\n\r\n if (data?.user) {\r\n const profileData: Record<string, unknown> = {\r\n id: data.user.id,\r\n email,\r\n };\r\n if (metadata.display_name) {\r\n profileData.display_name = metadata.display_name;\r\n }\r\n if (env.EZC_PROJECT_ID) {\r\n profileData.project_id = env.EZC_PROJECT_ID;\r\n }\r\n if (metadata.display_name || env.EZC_PROJECT_ID) {\r\n await supabase.from('user_profiles').upsert(profileData);\r\n }\r\n try {\r\n await supabase.rpc('assign_default_role', { user_uuid: data.user.id });\r\n } catch {\r\n // Non-blocking — role tables may not exist in all projects\r\n }\r\n ezcoderAuthIntegration.onSignup(data.user);\r\n }\r\n\r\n return { data, error: null };\r\n } catch (err: unknown) {\r\n return { data: null, error: err instanceof Error ? err : new Error('Sign up failed') };\r\n }\r\n }, []);\r\n\r\n const signIn = useCallback(async (email: string, password: string): Promise<AuthResult> => {\r\n if (!isSupabaseConfigured) {\r\n return { data: null, error: notConfiguredError() };\r\n }\r\n try {\r\n const result = await supabase.auth.signInWithPassword({ email, password });\r\n const { data, error } = result || { data: null, error: new Error('Sign in failed') };\r\n return { data, error };\r\n } catch (err: unknown) {\r\n return { data: null, error: err instanceof Error ? err : new Error('Sign in failed') };\r\n }\r\n }, []);\r\n\r\n const signInWithProvider = useCallback(async (provider: string, options: SignInWithProviderOptions = {}): Promise<AuthResult> => {\r\n if (!isSupabaseConfigured) {\r\n return { data: null, error: notConfiguredError() };\r\n }\r\n try {\r\n const provider2 = provider as 'google' | 'github' | 'facebook' | 'apple' | 'twitter';\r\n const origin = typeof window !== 'undefined' ? window.location.origin : '';\r\n const framed = typeof window !== 'undefined' && window.self !== window.top;\r\n\r\n if (framed && typeof window !== 'undefined') {\r\n // Provider login pages refuse to render inside an iframe (X-Frame-Options /\r\n // frame-ancestors), so we cannot do a full-page redirect in the editor preview.\r\n // Open the flow in a popup; the /auth/callback page completes PKCE and\r\n // postMessages back (storage event is the fallback). Land on the callback route.\r\n const redirectTo = options.redirectTo || (origin ? `${origin}/auth/callback` : '');\r\n const result = await supabase.auth.signInWithOAuth({\r\n provider: provider2,\r\n options: { redirectTo, skipBrowserRedirect: true, ...options },\r\n });\r\n if (result?.error) return { data: null, error: result.error };\r\n const url = (result?.data as { url?: string } | null)?.url;\r\n if (url) window.open(url, 'ezc-auth', 'popup,width=500,height=680');\r\n return { data: result?.data ?? null, error: null };\r\n }\r\n\r\n // Standalone (deployed app / own tab): full-page redirect. Default to the app\r\n // origin (root) so apps without a scaffolded callback route still complete via\r\n // detectSessionInUrl; new apps pass /auth/callback explicitly.\r\n const result = await supabase.auth.signInWithOAuth({\r\n provider: provider2,\r\n options: {\r\n redirectTo: options.redirectTo || origin,\r\n ...options,\r\n },\r\n });\r\n const { data, error } = result || { data: null, error: new Error('OAuth sign in failed') };\r\n return { data, error };\r\n } catch (err: unknown) {\r\n return { data: null, error: err instanceof Error ? err : new Error('OAuth sign in failed') };\r\n }\r\n }, []);\r\n\r\n const signOut = useCallback(async (): Promise<{ error: Error | null }> => {\r\n const userId = user?.id;\r\n try {\r\n const result = await supabase.auth.signOut();\r\n const { error } = result || { error: null };\r\n if (!error && userId) {\r\n ezcoder.users.trackLogout(userId);\r\n }\r\n return { error };\r\n } catch (err: unknown) {\r\n return { error: err instanceof Error ? err : new Error('Sign out failed') };\r\n }\r\n }, [user]);\r\n\r\n const resetPassword = useCallback(async (email: string): Promise<AuthResult> => {\r\n try {\r\n const result = await supabase.auth.resetPasswordForEmail(email, {\r\n redirectTo: `${typeof window !== 'undefined' ? window.location.origin : ''}/auth/reset-password`,\r\n });\r\n const { data, error } = result || { data: null, error: new Error('Password reset failed') };\r\n return { data, error };\r\n } catch (err: unknown) {\r\n return { data: null, error: err instanceof Error ? err : new Error('Password reset failed') };\r\n }\r\n }, []);\r\n\r\n // Set a new password. Used on the /auth/reset-password landing page, where the\r\n // recovery link has already established a (recovery) session via detectSessionInUrl.\r\n const updatePassword = useCallback(async (newPassword: string): Promise<AuthResult> => {\r\n if (!isSupabaseConfigured) {\r\n return { data: null, error: notConfiguredError() };\r\n }\r\n try {\r\n const result = await supabase.auth.updateUser({ password: newPassword });\r\n const { data, error } = result || { data: null, error: new Error('Password update failed') };\r\n return { data, error };\r\n } catch (err: unknown) {\r\n return { data: null, error: err instanceof Error ? err : new Error('Password update failed') };\r\n }\r\n }, []);\r\n\r\n const updateProfile = useCallback(\r\n async (updates: Partial<UserProfile>): Promise<AuthResult> => {\r\n if (!user) {\r\n return { data: null, error: new Error('Not authenticated') };\r\n }\r\n try {\r\n let query = supabase\r\n .from('user_profiles')\r\n .update(updates)\r\n .eq('id', user.id);\r\n\r\n if (env.EZC_PROJECT_ID) {\r\n query = query.eq('project_id', env.EZC_PROJECT_ID);\r\n }\r\n\r\n const result = await query.select().single();\r\n const { data, error } = result || { data: null, error: null };\r\n return { data, error };\r\n } catch (err: unknown) {\r\n return { data: null, error: err instanceof Error ? err : new Error('Update failed') };\r\n }\r\n },\r\n [user]\r\n );\r\n\r\n const value: AuthContextType = {\r\n user,\r\n profile,\r\n session,\r\n loading,\r\n isConfigured: isSupabaseConfigured,\r\n signUp,\r\n signIn,\r\n signInWithProvider,\r\n signOut,\r\n resetPassword,\r\n updatePassword,\r\n updateProfile,\r\n refetchProfile: fetchProfile,\r\n };\r\n\r\n return <AuthContext.Provider value={value}>{children}</AuthContext.Provider>;\r\n}\r\n\r\nexport function useAuth(): AuthContextType {\r\n const context = useContext(AuthContext);\r\n if (context === undefined) {\r\n throw new Error('useAuth must be used within an AuthProvider');\r\n }\r\n return context;\r\n}\r\n\r\nexport type { AuthResult, SignUpOptions, SignInWithProviderOptions };\r\n"],"mappings":";;;;;;;;;;;;;AAAA,SAAS,eAAe,YAAY,UAAU,WAAW,aAAa,cAAc;AA0X3E;AArVT,IAAM,qBAAqB;AAC3B,SAAS,qBAAqB;AAC5B,SAAO,IAAI,MAAM,kBAAkB;AACrC;AAEO,IAAM,cAAc,cAA+B;AAAA,EACxD,MAAM;AAAA,EACN,SAAS;AAAA,EACT,SAAS;AAAA,EACT,SAAS;AAAA,EACT,cAAc;AAAA,EACd,QAAQ,aAAa,EAAE,MAAM,MAAM,OAAO,KAAK;AAAA,EAC/C,QAAQ,aAAa,EAAE,MAAM,MAAM,OAAO,KAAK;AAAA,EAC/C,oBAAoB,aAAa,EAAE,MAAM,MAAM,OAAO,KAAK;AAAA,EAC3D,SAAS,aAAa,EAAE,OAAO,KAAK;AAAA,EACpC,eAAe,aAAa,EAAE,MAAM,MAAM,OAAO,KAAK;AAAA,EACtD,gBAAgB,aAAa,EAAE,MAAM,MAAM,OAAO,KAAK;AAAA,EACvD,eAAe,aAAa,EAAE,MAAM,MAAM,OAAO,KAAK;AAAA,EACtD,gBAAgB,YAAY;AAC9B,CAAC;AAEM,SAAS,aAAa,EAAE,SAAS,GAAkC;AACxE,QAAM,CAAC,MAAM,OAAO,IAAI,SAAsB,IAAI;AAClD,QAAM,CAAC,SAAS,UAAU,IAAI,SAA6B,IAAI;AAC/D,QAAM,CAAC,SAAS,UAAU,IAAI,SAAyB,IAAI;AAC3D,QAAM,CAAC,SAAS,UAAU,IAAI,SAAkB,IAAI;AACpD,QAAM,oBAAoB,OAAsB,IAAI;AAEpD,QAAM,eAAe,YAAY,OAAO,WAAgD;AACtF,QAAI,CAAC,OAAQ,QAAO;AAEpB,QAAI;AACF,UAAI,QAAQ,SACT,KAAK,eAAe,EACpB,OAAO,GAAG,EACV,GAAG,MAAM,MAAM;AAElB,UAAI,IAAI,gBAAgB;AACtB,gBAAQ,MAAM,GAAG,cAAc,IAAI,cAAc;AAAA,MACnD;AAEA,YAAM,SAAS,MAAM,MAAM,OAAO;AAElC,YAAM,EAAE,MAAM,MAAM,IAAI,UAAU,EAAE,MAAM,MAAM,OAAO,KAAK;AAE5D,UAAI,OAAO;AACT,eAAO;AAAA,MACT;AAEA,iBAAW,IAAmB;AAC9B,aAAO;AAAA,IACT,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF,GAAG,CAAC,CAAC;AAML,QAAM,sBAAsB,YAAY,OAAO,gBAA4C;AACzF,QAAI,CAAC,eAAe,CAAC,IAAI,kBAAkB,CAAC,IAAI,gBAAiB;AACjE,UAAM,UAAU,YAAY;AAC5B,QAAI,SAAS,iBAAkB;AAC/B,QAAI;AACF,YAAM,EAAE,KAAK,IAAI,MAAM,SAAS,KAAK,WAAW;AAChD,YAAM,QAAQ,MAAM,SAAS;AAC7B,UAAI,CAAC,MAAO;AACZ,YAAM,MAAM,MAAM,MAAM,GAAG,IAAI,gBAAgB,QAAQ,OAAO,EAAE,CAAC,0BAA0B;AAAA,QACzF,QAAQ;AAAA,QACR,SAAS;AAAA,UACP,gBAAgB;AAAA,UAChB,GAAI,IAAI,2BAA2B,EAAE,eAAe,UAAU,IAAI,wBAAwB,GAAG,IAAI,CAAC;AAAA,UAClG,oBAAoB;AAAA,QACtB;AAAA,QACA,MAAM,KAAK,UAAU,EAAE,WAAW,IAAI,eAAe,CAAC;AAAA,MACxD,CAAC;AACD,YAAM,IAAI,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AAC3C,UAAI,GAAG,SAAS;AAEd,cAAM,SAAS,KAAK,eAAe;AAAA,MACrC;AAAA,IACF,QAAQ;AAAA,IAER;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,YAAU,MAAM;AACd,aAAS,KAAK,WAAW,EAAE,KAAK,OAAO,EAAE,MAAM,EAAE,SAAS,eAAe,EAAE,MAAM;AAC/E,iBAAW,cAAc;AACzB,cAAQ,gBAAgB,QAAQ,IAAI;AAEpC,UAAI,gBAAgB,MAAM;AACxB,cAAM,aAAa,eAAe,KAAK,EAAE;AACzC,4BAAoB,eAAe,IAAI;AAAA,MACzC;AAEA,iBAAW,KAAK;AAAA,IAClB,CAAC;AAED,UAAM;AAAA,MACJ,MAAM,EAAE,aAAa;AAAA,IACvB,IAAI,SAAS,KAAK,kBAAkB,OAAO,OAAO,mBAAmB;AACnE,iBAAW,cAAc;AACzB,cAAQ,gBAAgB,QAAQ,IAAI;AAEpC,UAAI,UAAU,eAAe,gBAAgB,MAAM;AACjD,cAAM,aAAa,eAAe,KAAK,EAAE;AACzC,4BAAoB,eAAe,IAAI;AACvC,+BAAuB,QAAQ,eAAe,IAAI;AAClD,0BAAkB,UAAU,eAAe,KAAK;AAAA,MAClD,WAAW,UAAU,cAAc;AACjC,mBAAW,IAAI;AACf,YAAI,kBAAkB,SAAS;AAC7B,iCAAuB,SAAS,kBAAkB,OAAO;AACzD,4BAAkB,UAAU;AAAA,QAC9B;AAAA,MACF,WAAW,UAAU,kBAAkB,gBAAgB,MAAM;AAC3D,gBAAQ,UAAU,SAAS,eAAe,KAAK,IAAI;AAAA,UACjD,OAAO,eAAe,KAAK;AAAA,UAC3B,MAAM,eAAe,KAAK,eAAe;AAAA,QAC3C,CAAC;AAAA,MACH;AAAA,IACF,CAAC;AAID,UAAM,sBAAsB,MAAM;AAChC,eAAS,KAAK,WAAW,EAAE,KAAK,CAAC,EAAE,KAAK,MAAM;AAC5C,cAAM,IAAI,MAAM,WAAW;AAC3B,mBAAW,CAAC;AACZ,gBAAQ,GAAG,QAAQ,IAAI;AACvB,YAAI,GAAG,MAAM;AAAE,uBAAa,EAAE,KAAK,EAAE;AAAG,8BAAoB,EAAE,IAAI;AAAA,QAAG;AAAA,MACvE,CAAC;AAAA,IACH;AACA,UAAM,QAAQ,CAAC,MAAoB;AAAE,UAAI,GAAG,MAAM,SAAS,oBAAqB,qBAAoB;AAAA,IAAG;AACvG,UAAM,YAAY,CAAC,MAAoB;AAAE,UAAI,EAAE,OAAO,aAAa,KAAK,EAAE,GAAG,EAAG,qBAAoB;AAAA,IAAG;AACvG,QAAI,OAAO,WAAW,aAAa;AACjC,aAAO,iBAAiB,WAAW,KAAK;AACxC,aAAO,iBAAiB,WAAW,SAAS;AAAA,IAC9C;AAEA,WAAO,MAAM;AACX,mBAAa,YAAY;AACzB,UAAI,OAAO,WAAW,aAAa;AACjC,eAAO,oBAAoB,WAAW,KAAK;AAC3C,eAAO,oBAAoB,WAAW,SAAS;AAAA,MACjD;AAAA,IACF;AAAA,EACF,GAAG,CAAC,cAAc,mBAAmB,CAAC;AAEtC,QAAM,SAAS,YAAY,OAAO,OAAe,UAAkB,UAAyB,CAAC,MAA2B;AACtH,QAAI,CAAC,sBAAsB;AACzB,aAAO,EAAE,MAAM,MAAM,OAAO,mBAAmB,EAAE;AAAA,IACnD;AACA,UAAM,EAAE,WAAW,CAAC,EAAE,IAAI;AAE1B,QAAI;AACF,YAAM,iBAAiB,EAAE,GAAG,SAAS;AACrC,UAAI,IAAI,gBAAgB;AACtB,uBAAe,aAAa,IAAI;AAChC,uBAAe,mBAAmB,IAAI;AAAA,MACxC;AAEA,YAAM,SAAS,MAAM,SAAS,KAAK,OAAO;AAAA,QACxC;AAAA,QACA;AAAA,QACA,SAAS,EAAE,MAAM,eAAe;AAAA,MAClC,CAAC;AAED,YAAM,EAAE,MAAM,MAAM,IAAI,UAAU,EAAE,MAAM,MAAM,OAAO,IAAI,MAAM,gBAAgB,EAAE;AAEnF,UAAI,OAAO;AACT,eAAO,EAAE,MAAM,MAAM,MAAM;AAAA,MAC7B;AAEA,UAAI,MAAM,MAAM;AACd,cAAM,cAAuC;AAAA,UAC3C,IAAI,KAAK,KAAK;AAAA,UACd;AAAA,QACF;AACA,YAAI,SAAS,cAAc;AACzB,sBAAY,eAAe,SAAS;AAAA,QACtC;AACA,YAAI,IAAI,gBAAgB;AACtB,sBAAY,aAAa,IAAI;AAAA,QAC/B;AACA,YAAI,SAAS,gBAAgB,IAAI,gBAAgB;AAC/C,gBAAM,SAAS,KAAK,eAAe,EAAE,OAAO,WAAW;AAAA,QACzD;AACA,YAAI;AACF,gBAAM,SAAS,IAAI,uBAAuB,EAAE,WAAW,KAAK,KAAK,GAAG,CAAC;AAAA,QACvE,QAAQ;AAAA,QAER;AACA,+BAAuB,SAAS,KAAK,IAAI;AAAA,MAC3C;AAEA,aAAO,EAAE,MAAM,OAAO,KAAK;AAAA,IAC7B,SAAS,KAAc;AACrB,aAAO,EAAE,MAAM,MAAM,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,gBAAgB,EAAE;AAAA,IACvF;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,SAAS,YAAY,OAAO,OAAe,aAA0C;AACzF,QAAI,CAAC,sBAAsB;AACzB,aAAO,EAAE,MAAM,MAAM,OAAO,mBAAmB,EAAE;AAAA,IACnD;AACA,QAAI;AACF,YAAM,SAAS,MAAM,SAAS,KAAK,mBAAmB,EAAE,OAAO,SAAS,CAAC;AACzE,YAAM,EAAE,MAAM,MAAM,IAAI,UAAU,EAAE,MAAM,MAAM,OAAO,IAAI,MAAM,gBAAgB,EAAE;AACnF,aAAO,EAAE,MAAM,MAAM;AAAA,IACvB,SAAS,KAAc;AACrB,aAAO,EAAE,MAAM,MAAM,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,gBAAgB,EAAE;AAAA,IACvF;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,qBAAqB,YAAY,OAAO,UAAkB,UAAqC,CAAC,MAA2B;AAC/H,QAAI,CAAC,sBAAsB;AACzB,aAAO,EAAE,MAAM,MAAM,OAAO,mBAAmB,EAAE;AAAA,IACnD;AACA,QAAI;AACF,YAAM,YAAY;AAClB,YAAM,SAAS,OAAO,WAAW,cAAc,OAAO,SAAS,SAAS;AACxE,YAAM,SAAS,OAAO,WAAW,eAAe,OAAO,SAAS,OAAO;AAEvE,UAAI,UAAU,OAAO,WAAW,aAAa;AAK3C,cAAM,aAAa,QAAQ,eAAe,SAAS,GAAG,MAAM,mBAAmB;AAC/E,cAAMA,UAAS,MAAM,SAAS,KAAK,gBAAgB;AAAA,UACjD,UAAU;AAAA,UACV,SAAS,EAAE,YAAY,qBAAqB,MAAM,GAAG,QAAQ;AAAA,QAC/D,CAAC;AACD,YAAIA,SAAQ,MAAO,QAAO,EAAE,MAAM,MAAM,OAAOA,QAAO,MAAM;AAC5D,cAAM,MAAOA,SAAQ,MAAkC;AACvD,YAAI,IAAK,QAAO,KAAK,KAAK,YAAY,4BAA4B;AAClE,eAAO,EAAE,MAAMA,SAAQ,QAAQ,MAAM,OAAO,KAAK;AAAA,MACnD;AAKA,YAAM,SAAS,MAAM,SAAS,KAAK,gBAAgB;AAAA,QACjD,UAAU;AAAA,QACV,SAAS;AAAA,UACP,YAAY,QAAQ,cAAc;AAAA,UAClC,GAAG;AAAA,QACL;AAAA,MACF,CAAC;AACD,YAAM,EAAE,MAAM,MAAM,IAAI,UAAU,EAAE,MAAM,MAAM,OAAO,IAAI,MAAM,sBAAsB,EAAE;AACzF,aAAO,EAAE,MAAM,MAAM;AAAA,IACvB,SAAS,KAAc;AACrB,aAAO,EAAE,MAAM,MAAM,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,sBAAsB,EAAE;AAAA,IAC7F;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,UAAU,YAAY,YAA8C;AACxE,UAAM,SAAS,MAAM;AACrB,QAAI;AACF,YAAM,SAAS,MAAM,SAAS,KAAK,QAAQ;AAC3C,YAAM,EAAE,MAAM,IAAI,UAAU,EAAE,OAAO,KAAK;AAC1C,UAAI,CAAC,SAAS,QAAQ;AACpB,gBAAQ,MAAM,YAAY,MAAM;AAAA,MAClC;AACA,aAAO,EAAE,MAAM;AAAA,IACjB,SAAS,KAAc;AACrB,aAAO,EAAE,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,iBAAiB,EAAE;AAAA,IAC5E;AAAA,EACF,GAAG,CAAC,IAAI,CAAC;AAET,QAAM,gBAAgB,YAAY,OAAO,UAAuC;AAC9E,QAAI;AACF,YAAM,SAAS,MAAM,SAAS,KAAK,sBAAsB,OAAO;AAAA,QAC9D,YAAY,GAAG,OAAO,WAAW,cAAc,OAAO,SAAS,SAAS,EAAE;AAAA,MAC5E,CAAC;AACD,YAAM,EAAE,MAAM,MAAM,IAAI,UAAU,EAAE,MAAM,MAAM,OAAO,IAAI,MAAM,uBAAuB,EAAE;AAC1F,aAAO,EAAE,MAAM,MAAM;AAAA,IACvB,SAAS,KAAc;AACrB,aAAO,EAAE,MAAM,MAAM,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,uBAAuB,EAAE;AAAA,IAC9F;AAAA,EACF,GAAG,CAAC,CAAC;AAIL,QAAM,iBAAiB,YAAY,OAAO,gBAA6C;AACrF,QAAI,CAAC,sBAAsB;AACzB,aAAO,EAAE,MAAM,MAAM,OAAO,mBAAmB,EAAE;AAAA,IACnD;AACA,QAAI;AACF,YAAM,SAAS,MAAM,SAAS,KAAK,WAAW,EAAE,UAAU,YAAY,CAAC;AACvE,YAAM,EAAE,MAAM,MAAM,IAAI,UAAU,EAAE,MAAM,MAAM,OAAO,IAAI,MAAM,wBAAwB,EAAE;AAC3F,aAAO,EAAE,MAAM,MAAM;AAAA,IACvB,SAAS,KAAc;AACrB,aAAO,EAAE,MAAM,MAAM,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,wBAAwB,EAAE;AAAA,IAC/F;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,gBAAgB;AAAA,IACpB,OAAO,YAAuD;AAC5D,UAAI,CAAC,MAAM;AACT,eAAO,EAAE,MAAM,MAAM,OAAO,IAAI,MAAM,mBAAmB,EAAE;AAAA,MAC7D;AACA,UAAI;AACF,YAAI,QAAQ,SACT,KAAK,eAAe,EACpB,OAAO,OAAO,EACd,GAAG,MAAM,KAAK,EAAE;AAEnB,YAAI,IAAI,gBAAgB;AACtB,kBAAQ,MAAM,GAAG,cAAc,IAAI,cAAc;AAAA,QACnD;AAEA,cAAM,SAAS,MAAM,MAAM,OAAO,EAAE,OAAO;AAC3C,cAAM,EAAE,MAAM,MAAM,IAAI,UAAU,EAAE,MAAM,MAAM,OAAO,KAAK;AAC5D,eAAO,EAAE,MAAM,MAAM;AAAA,MACvB,SAAS,KAAc;AACrB,eAAO,EAAE,MAAM,MAAM,OAAO,eAAe,QAAQ,MAAM,IAAI,MAAM,eAAe,EAAE;AAAA,MACtF;AAAA,IACF;AAAA,IACA,CAAC,IAAI;AAAA,EACP;AAEA,QAAM,QAAyB;AAAA,IAC7B;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,cAAc;AAAA,IACd;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,gBAAgB;AAAA,EAClB;AAEA,SAAO,oBAAC,YAAY,UAAZ,EAAqB,OAAe,UAAS;AACvD;AAEO,SAAS,UAA2B;AACzC,QAAM,UAAU,WAAW,WAAW;AACtC,MAAI,YAAY,QAAW;AACzB,UAAM,IAAI,MAAM,6CAA6C;AAAA,EAC/D;AACA,SAAO;AACT;","names":["result"]}
package/dist/chunk-UAY64NNA.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"sources":["../src/database/DatabaseProvider.tsx","../src/database/errors.ts","../src/database/publicReadProxy.ts","../src/database/QueryBuilder.ts","../src/database/DatabaseClient.ts","../src/database/useRealtime.ts"],"sourcesContent":["import { createContext, useContext, useMemo, type ReactNode } from 'react';\r\nimport { supabase, isSupabaseConfigured } from '../core/supabase';\r\nimport { env } from '../core/config';\r\nimport { DatabaseClient } from './DatabaseClient';\r\n\r\ninterface DatabaseContextValue {\r\n db: DatabaseClient | null;\r\n isConfigured: boolean;\r\n}\r\n\r\nconst DatabaseContext = createContext<DatabaseContextValue>({\r\n db: null,\r\n isConfigured: false,\r\n});\r\n\r\ninterface DatabaseProviderProps {\r\n children: ReactNode;\r\n projectId?: string;\r\n}\r\n\r\nexport function DatabaseProvider({ children, projectId }: DatabaseProviderProps) {\r\n const resolvedProjectId = projectId || env.EZC_PROJECT_ID;\r\n const configured = isSupabaseConfigured && Boolean(resolvedProjectId);\r\n\r\n const db = useMemo(\r\n () => (configured ? new DatabaseClient(supabase, resolvedProjectId) : null),\r\n [configured, resolvedProjectId],\r\n );\r\n\r\n const value = useMemo(() => ({ db, isConfigured: configured }), [db, configured]);\r\n\r\n return <DatabaseContext.Provider value={value}>{children}</DatabaseContext.Provider>;\r\n}\r\n\r\nexport function useDatabase(): DatabaseClient {\r\n const { db } = useContext(DatabaseContext);\r\n if (!db) {\r\n throw new Error(\r\n 'useDatabase() must be used within <DatabaseProvider>. ' +\r\n 'Ensure EZC_PROJECT_ID and Supabase credentials are configured.',\r\n );\r\n }\r\n return db;\r\n}\r\n\r\nexport function useDatabaseOptional(): DatabaseClient | null {\r\n const { db } = useContext(DatabaseContext);\r\n return db;\r\n}\r\n\r\nexport function useIsDatabaseConfigured(): boolean {\r\n const { isConfigured } = useContext(DatabaseContext);\r\n return isConfigured;\r\n}\r\n","export class DatabaseError extends Error {\r\n readonly code: string;\r\n readonly statusCode: number;\r\n\r\n constructor(message: string, code = 'DATABASE_ERROR', statusCode = 500) {\r\n super(message);\r\n this.name = 'DatabaseError';\r\n this.code = code;\r\n this.statusCode = statusCode;\r\n }\r\n}\r\n\r\nexport class QueryError extends DatabaseError {\r\n readonly sql?: string;\r\n\r\n constructor(message: string, sql?: string) {\r\n super(message, 'QUERY_ERROR', 400);\r\n this.name = 'QueryError';\r\n this.sql = sql;\r\n }\r\n}\r\n\r\nexport class ValidationError extends DatabaseError {\r\n constructor(message: string) {\r\n super(message, 'VALIDATION_ERROR', 422);\r\n this.name = 'ValidationError';\r\n }\r\n}\r\n\r\nexport class ConnectionError extends DatabaseError {\r\n constructor(message: string) {\r\n super(message, 'CONNECTION_ERROR', 503);\r\n this.name = 'ConnectionError';\r\n }\r\n}\r\n\r\nexport class NotFoundError extends DatabaseError {\r\n constructor(message = 'Record not found') {\r\n super(message, 'NOT_FOUND', 404);\r\n this.name = 'NotFoundError';\r\n }\r\n}\r\n\r\nexport function mapRpcError(rpcResult: { success: boolean; error?: string; code?: string }): DatabaseError | null {\r\n if (rpcResult.success) return null;\r\n const msg = rpcResult.error || 'Unknown database error';\r\n if (msg.includes('No database schema exists')) return new NotFoundError(msg);\r\n if (msg.includes('Authentication required')) return new ConnectionError(msg);\r\n if (msg.includes('blocked') || msg.includes('forbidden')) return new ValidationError(msg);\r\n return new QueryError(msg);\r\n}\r\n","/**\n * Public read proxy — anonymous-visitor data reads for deployed sites.\n *\n * The direct browser path (supabase.rpc('sdk_query_project')) requires an\n * authenticated, project-bound session by design (tenant migrations 200/201/\n * 227: the RPC executes raw SELECTs, so anon was deliberately revoked). That\n * left every data-driven section of a deployed site empty for visitors.\n *\n * This module routes READ-ONLY queries through the platform's DB proxy\n * (`POST {EZCODER_API_URL}/api/platform/db/{projectId}/query`) authenticated\n * with the browser-safe PUBLIC-class project token (EZC_PROJECT_TOKEN_PUBLIC,\n * baked into the bundle at build time). Server-side that proxy runs the same\n * hardened tenant function (SELECT-only, project-schema-scoped, system/auth\n * schemas blocked, LIMIT-capped, rate-limited) plus a credential-table guard\n * for public-class tokens. Writes never use this path.\n */\n\nimport { env } from '../core/config';\n\nexport interface PublicProxyResult {\n success: boolean;\n data?: unknown[];\n rowCount?: number;\n error?: string;\n schema?: string;\n}\n\nconst PROXY_TIMEOUT_MS = 10000;\n\n/** Failures that mean \"the RPC path needs an authenticated session\" — the\n * signal to fall back to the public proxy rather than surface the error. */\nconst AUTH_FAILURE_PATTERN =\n /authentication required|permission denied|project binding|unauthorized|jwt|42501/i;\n\nexport function isAuthShapedFailure(message: string | null | undefined): boolean {\n return typeof message === 'string' && AUTH_FAILURE_PATTERN.test(message);\n}\n\n/**\n * The browser-safe token to authenticate public reads with. Prefer the\n * bounded-blast-radius PUBLIC-class token (ezc_pub_*); fall back to the legacy\n * single-class token (ezc_*), which is ALSO baked into every deployed bundle\n * and which the platform read proxy accepts. The fallback covers projects\n * whose B1 token-pair provisioning hasn't run or failed (the public-class env\n * var bakes empty) — without it those sites get no data (incident 2026-06-11,\n * herdmark: project_credentials empty → VITE_EZC_PROJECT_TOKEN_PUBLIC empty).\n */\nexport function publicReadToken(): string {\n return env.EZC_PROJECT_TOKEN_PUBLIC || env.EZC_PROJECT_TOKEN_LEGACY || '';\n}\n\n/**\n * The public proxy is usable whenever we know where to send the request. A\n * token is NOT required: the platform proxy can authorize a browser read by\n * the deployment's validated origin (origin→project binding) when no token is\n * baked — which is the resilient path for projects whose token provisioning\n * failed (incident 2026-06-11). If a token IS baked it's sent and preferred.\n */\nexport function publicReadAvailable(): boolean {\n return Boolean(env.EZCODER_API_URL);\n}\n\n// Once a query has fallen back because the visitor has no session, later\n// reads skip the doomed RPC round-trip. Never set unless the proxy SUCCEEDED,\n// so a transient RPC failure can't permanently divert an authenticated user.\nlet stickyPublicMode = false;\n\nexport function shouldSkipRpc(): boolean {\n return stickyPublicMode && publicReadAvailable();\n}\n\n/** Test seam. */\nexport function _resetStickyPublicMode(): void {\n stickyPublicMode = false;\n}\n\n/**\n * True when the supabase client holds an active auth session. The public\n * proxy is for ANONYMOUS visitors only — an authenticated user's reads must\n * always go through the RPC (their session is the authority; security review\n * finding 2026-06-11: an anonymous page load must not divert a subsequently\n * signed-in user to the session-less proxy). Fail-safe: on any error, report\n * a session as PRESENT so the caller refuses the fallback.\n */\nexport async function hasActiveSession(supabase: { auth?: { getSession?: () => Promise<{ data?: { session?: unknown } }> } } | null | undefined): Promise<boolean> {\n try {\n if (!supabase?.auth?.getSession) return false;\n const { data } = await supabase.auth.getSession();\n return Boolean(data?.session);\n } catch {\n return true;\n }\n}\n\nexport async function publicReadQuery(projectId: string, sql: string): Promise<PublicProxyResult> {\n if (!publicReadAvailable()) {\n return { success: false, error: 'Public read proxy not configured (missing public token or API URL)' };\n }\n try {\n const base = env.EZCODER_API_URL.replace(/\\/$/, '');\n const token = publicReadToken();\n /** @type {Record<string,string>} */\n const headers: Record<string, string> = { 'Content-Type': 'application/json' };\n // Send the token only if one is baked; otherwise the proxy authorizes by\n // the (browser-set, server-validated) Origin → project binding.\n if (token) headers['X-EzCoder-Public-Token'] = token;\n const res = await fetch(`${base}/api/platform/db/${encodeURIComponent(projectId)}/query`, {\n method: 'POST',\n headers,\n body: JSON.stringify({ sql }),\n signal: typeof AbortSignal !== 'undefined' && AbortSignal.timeout\n ? AbortSignal.timeout(PROXY_TIMEOUT_MS)\n : undefined,\n });\n const payload = (await res.json().catch(() => null)) as PublicProxyResult | null;\n if (!res.ok || !payload) {\n return { success: false, error: payload?.error || `Public read proxy HTTP ${res.status}` };\n }\n if (payload.success) stickyPublicMode = true;\n return payload;\n } catch (err) {\n const message = err instanceof Error ? err.message : 'Public read proxy request failed';\n return { success: false, error: message };\n }\n}\n","import type { SupabaseClient } from '@supabase/supabase-js';\r\nimport type { DatabaseResult, SingleResult, MutationResult, FilterValue, OrderOption } from './types';\r\nimport { QueryError, ValidationError, mapRpcError } from './errors';\r\nimport { isAuthShapedFailure, shouldSkipRpc, hasActiveSession } from './publicReadProxy';\r\n\r\nfunction escapeSqlValue(value: FilterValue): string {\r\n if (value === null) return 'NULL';\r\n if (typeof value === 'boolean') return value ? 'TRUE' : 'FALSE';\r\n if (typeof value === 'number') {\r\n if (!Number.isFinite(value)) throw new ValidationError('Non-finite numbers are not allowed');\r\n return String(value);\r\n }\r\n return `'${String(value).replace(/'/g, \"''\")}'`;\r\n}\r\n\r\nfunction escapeIdentifier(name: string): string {\r\n if (!/^[a-zA-Z_][a-zA-Z0-9_]*$/.test(name)) {\r\n throw new ValidationError(`Invalid identifier: ${name}`);\r\n }\r\n return `\"${name}\"`;\r\n}\r\n\r\ntype Operation = 'select' | 'insert' | 'update' | 'delete' | 'count' | 'upsert';\r\n\r\ninterface Filter {\r\n column: string;\r\n op: string;\r\n value: FilterValue | FilterValue[];\r\n}\r\n\r\nexport interface ServerProxy {\r\n serverQuery?: (sql: string) => Promise<{ success: boolean; data?: unknown[]; rowCount?: number; error?: string; schema?: string }>;\r\n serverExec?: (sql: string) => Promise<{ success: boolean; data?: unknown[]; rowCount?: number; error?: string; schema?: string }>;\r\n /** Browser-mode READ fallback: routes through the platform public proxy\r\n * (public-class token) when the direct RPC needs an authenticated session\r\n * the visitor doesn't have. Reads only — writes never fall back. */\r\n publicQuery?: (sql: string) => Promise<{ success: boolean; data?: unknown[]; rowCount?: number; error?: string; schema?: string }>;\r\n}\r\n\r\nexport class QueryBuilder<T = Record<string, unknown>> {\r\n private readonly supabase: SupabaseClient;\r\n private readonly projectId: string;\r\n private readonly table: string;\r\n private readonly serverProxy?: ServerProxy;\r\n\r\n private operation: Operation = 'select';\r\n private selectColumns = '*';\r\n private filters: Filter[] = [];\r\n private orderClauses: string[] = [];\r\n private limitValue: number | null = null;\r\n private offsetValue: number | null = null;\r\n private insertData: Record<string, FilterValue>[] | null = null;\r\n private updateData: Record<string, FilterValue> | null = null;\r\n private upsertConflict: string | null = null;\r\n private singleMode = false;\r\n private maybeSingleMode = false;\r\n\r\n constructor(supabase: SupabaseClient, projectId: string, table: string, serverProxy?: ServerProxy) {\r\n this.supabase = supabase;\r\n this.projectId = projectId;\r\n this.table = table;\r\n this.serverProxy = serverProxy;\r\n }\r\n\r\n select(columns = '*'): this {\r\n this.operation = 'select';\r\n this.selectColumns = columns;\r\n return this;\r\n }\r\n\r\n // --- Filters ---\r\n\r\n eq(column: string, value: FilterValue): this {\r\n this.filters.push({ column, op: '=', value });\r\n return this;\r\n }\r\n\r\n neq(column: string, value: FilterValue): this {\r\n this.filters.push({ column, op: '!=', value });\r\n return this;\r\n }\r\n\r\n gt(column: string, value: FilterValue): this {\r\n this.filters.push({ column, op: '>', value });\r\n return this;\r\n }\r\n\r\n lt(column: string, value: FilterValue): this {\r\n this.filters.push({ column, op: '<', value });\r\n return this;\r\n }\r\n\r\n gte(column: string, value: FilterValue): this {\r\n this.filters.push({ column, op: '>=', value });\r\n return this;\r\n }\r\n\r\n lte(column: string, value: FilterValue): this {\r\n this.filters.push({ column, op: '<=', value });\r\n return this;\r\n }\r\n\r\n like(column: string, pattern: string): this {\r\n this.filters.push({ column, op: 'LIKE', value: pattern });\r\n return this;\r\n }\r\n\r\n ilike(column: string, pattern: string): this {\r\n this.filters.push({ column, op: 'ILIKE', value: pattern });\r\n return this;\r\n }\r\n\r\n in(column: string, values: FilterValue[]): this {\r\n this.filters.push({ column, op: 'IN', value: values });\r\n return this;\r\n }\r\n\r\n is(column: string, value: null | boolean): this {\r\n this.filters.push({ column, op: 'IS', value });\r\n return this;\r\n }\r\n\r\n // --- Ordering & Pagination ---\r\n\r\n order(column: string, options: OrderOption = {}): this {\r\n const dir = options.ascending === false ? 'DESC' : 'ASC';\r\n const nulls = options.nullsFirst ? 'NULLS FIRST' : 'NULLS LAST';\r\n this.orderClauses.push(`${escapeIdentifier(column)} ${dir} ${nulls}`);\r\n return this;\r\n }\r\n\r\n limit(count: number): this {\r\n this.limitValue = count;\r\n return this;\r\n }\r\n\r\n offset(count: number): this {\r\n this.offsetValue = count;\r\n return this;\r\n }\r\n\r\n // --- Mutations ---\r\n\r\n insert(records: Record<string, FilterValue> | Record<string, FilterValue>[]): this {\r\n this.operation = 'insert';\r\n this.insertData = Array.isArray(records) ? records : [records];\r\n return this;\r\n }\r\n\r\n update(values: Record<string, FilterValue>): this {\r\n this.operation = 'update';\r\n this.updateData = values;\r\n return this;\r\n }\r\n\r\n delete(): this {\r\n this.operation = 'delete';\r\n return this;\r\n }\r\n\r\n upsert(records: Record<string, FilterValue> | Record<string, FilterValue>[], options?: { onConflict?: string }): this {\r\n this.operation = 'upsert';\r\n this.insertData = Array.isArray(records) ? records : [records];\r\n this.upsertConflict = options?.onConflict || null;\r\n return this;\r\n }\r\n\r\n // --- Result Helpers ---\r\n\r\n count(): QueryBuilder<{ count: number }> {\r\n this.operation = 'count';\r\n return this as unknown as QueryBuilder<{ count: number }>;\r\n }\r\n\r\n single(): QueryBuilder<T> {\r\n this.singleMode = true;\r\n this.limitValue = 1;\r\n return this;\r\n }\r\n\r\n maybeSingle(): QueryBuilder<T> {\r\n this.maybeSingleMode = true;\r\n this.limitValue = 1;\r\n return this;\r\n }\r\n\r\n // --- SQL Building ---\r\n\r\n private buildWhereClause(): string {\r\n if (this.filters.length === 0) return '';\r\n const conditions = this.filters.map((f) => {\r\n const col = escapeIdentifier(f.column);\r\n if (f.op === 'IS') {\r\n const val = f.value === null ? 'NULL' : f.value ? 'TRUE' : 'FALSE';\r\n return `${col} IS ${val}`;\r\n }\r\n if (f.op === 'IN') {\r\n const vals = (f.value as FilterValue[]).map(escapeSqlValue).join(', ');\r\n return `${col} IN (${vals})`;\r\n }\r\n return `${col} ${f.op} ${escapeSqlValue(f.value as FilterValue)}`;\r\n });\r\n return ` WHERE ${conditions.join(' AND ')}`;\r\n }\r\n\r\n private buildSelectSql(): string {\r\n let sql = `SELECT ${this.selectColumns} FROM \"${this.table}\"`;\r\n sql += this.buildWhereClause();\r\n if (this.orderClauses.length > 0) sql += ` ORDER BY ${this.orderClauses.join(', ')}`;\r\n if (this.limitValue !== null) sql += ` LIMIT ${this.limitValue}`;\r\n if (this.offsetValue !== null && this.offsetValue > 0) sql += ` OFFSET ${this.offsetValue}`;\r\n return sql;\r\n }\r\n\r\n private buildCountSql(): string {\r\n let sql = `SELECT COUNT(*) as count FROM \"${this.table}\"`;\r\n sql += this.buildWhereClause();\r\n return sql;\r\n }\r\n\r\n private buildInsertSql(): string {\r\n if (!this.insertData || this.insertData.length === 0) {\r\n throw new ValidationError('No data provided for insert');\r\n }\r\n const columns = Object.keys(this.insertData[0]);\r\n const colList = columns.map(escapeIdentifier).join(', ');\r\n const rows = this.insertData.map(\r\n (row) => `(${columns.map((c) => escapeSqlValue(row[c] ?? null)).join(', ')})`\r\n );\r\n return `INSERT INTO \"${this.table}\" (${colList}) VALUES ${rows.join(', ')}`;\r\n }\r\n\r\n private buildUpsertSql(): string {\r\n let sql = this.buildInsertSql();\r\n const conflict = this.upsertConflict || 'id';\r\n const columns = Object.keys(this.insertData![0]);\r\n const updateCols = columns\r\n .filter((c) => c !== conflict)\r\n .map((c) => `${escapeIdentifier(c)} = EXCLUDED.${escapeIdentifier(c)}`)\r\n .join(', ');\r\n sql += ` ON CONFLICT (${escapeIdentifier(conflict)}) DO UPDATE SET ${updateCols}`;\r\n return sql;\r\n }\r\n\r\n private buildUpdateSql(): string {\r\n if (!this.updateData || Object.keys(this.updateData).length === 0) {\r\n throw new ValidationError('No data provided for update');\r\n }\r\n if (this.filters.length === 0) {\r\n throw new ValidationError('UPDATE without filters is not allowed — add .eq() or other filters');\r\n }\r\n const setClauses = Object.entries(this.updateData)\r\n .map(([col, val]) => `${escapeIdentifier(col)} = ${escapeSqlValue(val)}`)\r\n .join(', ');\r\n return `UPDATE \"${this.table}\" SET ${setClauses}${this.buildWhereClause()}`;\r\n }\r\n\r\n private buildDeleteSql(): string {\r\n if (this.filters.length === 0) {\r\n throw new ValidationError('DELETE without filters is not allowed — add .eq() or other filters');\r\n }\r\n return `DELETE FROM \"${this.table}\"${this.buildWhereClause()}`;\r\n }\r\n\r\n // --- Execution ---\r\n\r\n private async executeQuery(): Promise<DatabaseResult<T>> {\r\n const isRead = this.operation === 'select' || this.operation === 'count';\r\n\r\n let sql: string;\r\n switch (this.operation) {\r\n case 'select': sql = this.buildSelectSql(); break;\r\n case 'count': sql = this.buildCountSql(); break;\r\n case 'insert': sql = this.buildInsertSql(); break;\r\n case 'upsert': sql = this.buildUpsertSql(); break;\r\n case 'update': sql = this.buildUpdateSql(); break;\r\n case 'delete': sql = this.buildDeleteSql(); break;\r\n default: throw new QueryError(`Unknown operation: ${this.operation}`);\r\n }\r\n\r\n // Server mode (secret-key proxy): full read/write via the platform.\r\n if (this.serverProxy?.serverQuery && this.serverProxy?.serverExec) {\r\n const fn = isRead ? this.serverProxy.serverQuery : this.serverProxy.serverExec;\r\n const data = await fn(sql);\r\n if (!data.success) {\r\n const dbError = mapRpcError(data);\r\n if (dbError) throw dbError;\r\n throw new QueryError(data.error || 'Query failed', sql);\r\n }\r\n return {\r\n success: true,\r\n data: (isRead ? data.data || [] : []) as T[],\r\n rowCount: data.rowCount ?? (isRead ? (data.data?.length || 0) : 0),\r\n schema: data.schema,\r\n };\r\n }\r\n\r\n // Browser mode, anonymous visitors ONLY: skip the doomed RPC once a read\r\n // has already fallen back to the public proxy. A signed-in user always\r\n // goes through the RPC — their session is the authority.\r\n const publicQuery = this.serverProxy?.publicQuery;\r\n if (isRead && publicQuery && shouldSkipRpc() && !(await hasActiveSession(this.supabase))) {\r\n return this.runPublicQuery(publicQuery, sql);\r\n }\r\n\r\n const rpcName = isRead ? 'sdk_query_project' : 'sdk_exec_project';\r\n const { data, error } = await this.supabase.rpc(rpcName, {\r\n p_project_id: this.projectId,\r\n p_sql: sql,\r\n });\r\n\r\n if (error) {\r\n if (isRead && publicQuery && isAuthShapedFailure(error.message) && !(await hasActiveSession(this.supabase))) {\r\n return this.runPublicQuery(publicQuery, sql, error.message);\r\n }\r\n throw new QueryError(error.message, sql);\r\n }\r\n\r\n if (!data.success) {\r\n if (isRead && publicQuery && isAuthShapedFailure(data.error) && !(await hasActiveSession(this.supabase))) {\r\n return this.runPublicQuery(publicQuery, sql, data.error);\r\n }\r\n const dbError = mapRpcError(data);\r\n if (dbError) throw dbError;\r\n throw new QueryError(data.error || 'Query failed', sql);\r\n }\r\n\r\n if (isRead) {\r\n return {\r\n success: true,\r\n data: data.data || [],\r\n rowCount: data.rowCount ?? (data.data?.length || 0),\r\n schema: data.schema,\r\n };\r\n }\r\n\r\n return {\r\n success: true,\r\n data: [],\r\n rowCount: data.rowCount ?? 0,\r\n schema: data.schema,\r\n };\r\n }\r\n\r\n /** Execute a read through the platform public proxy (anonymous-visitor path). */\r\n private async runPublicQuery(\r\n publicQuery: NonNullable<ServerProxy['publicQuery']>,\r\n sql: string,\r\n rpcError?: string,\r\n ): Promise<DatabaseResult<T>> {\r\n const data = await publicQuery(sql);\r\n if (!data.success) {\r\n const dbError = mapRpcError(data);\r\n if (dbError) throw dbError;\r\n throw new QueryError(data.error || rpcError || 'Query failed', sql);\r\n }\r\n return {\r\n success: true,\r\n data: (data.data || []) as T[],\r\n rowCount: data.rowCount ?? (data.data?.length || 0),\r\n schema: data.schema,\r\n };\r\n }\r\n\r\n then<TResult1 = DatabaseResult<T> | SingleResult<T>, TResult2 = never>(\r\n onfulfilled?: ((value: DatabaseResult<T> | SingleResult<T>) => TResult1 | PromiseLike<TResult1>) | null,\r\n onrejected?: ((reason: unknown) => TResult2 | PromiseLike<TResult2>) | null,\r\n ): Promise<TResult1 | TResult2> {\r\n const promise = this.executeQuery().then((result) => {\r\n if (this.singleMode) {\r\n if (result.data.length === 0) {\r\n throw new QueryError('Expected exactly one row, got 0');\r\n }\r\n return { success: true, data: result.data[0], error: undefined } as SingleResult<T>;\r\n }\r\n if (this.maybeSingleMode) {\r\n return {\r\n success: true,\r\n data: result.data.length > 0 ? result.data[0] : null,\r\n error: undefined,\r\n } as SingleResult<T>;\r\n }\r\n return result;\r\n });\r\n return promise.then(onfulfilled, onrejected);\r\n }\r\n}\r\n","import type { SupabaseClient } from '@supabase/supabase-js';\nimport type { DatabaseResult, MutationResult, SchemaInfo } from './types';\nimport { QueryBuilder, type ServerProxy } from './QueryBuilder';\nimport { QueryError, ConnectionError } from './errors';\nimport { ezcoder } from '../core/platform';\nimport { features } from '../core/config';\nimport { publicReadQuery, publicReadAvailable, isAuthShapedFailure, shouldSkipRpc, hasActiveSession } from './publicReadProxy';\n\nfunction trackDbEvent(event: string, props: Record<string, unknown>) {\n if (!features.analytics) return;\n try { ezcoder.analytics.track(event, props); } catch { /* non-critical */ }\n}\n\ninterface ServerProxyResult {\n success: boolean;\n data?: unknown[];\n rowCount?: number;\n error?: string;\n schema?: string;\n exists?: boolean;\n tables?: unknown[];\n tablesCount?: number;\n createdAt?: string;\n lastAccessedAt?: string;\n executed_sql?: string;\n}\n\nconst MAX_RETRIES = 3;\nconst SERVER_TIMEOUT_MS = 5000;\n\nexport class DatabaseClient {\n private readonly supabase: SupabaseClient | null;\n private readonly projectId: string;\n private apiKey?: string;\n private platformUrl?: string;\n private serverMode: boolean = false;\n\n constructor(supabase: SupabaseClient | null, projectId: string) {\n this.supabase = supabase;\n this.projectId = projectId;\n }\n\n static createServerClient(\n projectId: string,\n apiKey: string,\n platformUrl?: string\n ): DatabaseClient {\n const client = new DatabaseClient(null, projectId);\n client.apiKey = apiKey;\n client.platformUrl = platformUrl\n || (typeof process !== 'undefined' && process.env?.EZCODER_API_URL)\n || 'https://ezcoder.app';\n client.serverMode = true;\n return client;\n }\n\n from<T = Record<string, unknown>>(table: string): QueryBuilder<T> {\n if (this.serverMode) {\n return new QueryBuilder<T>(null as unknown as SupabaseClient, this.projectId, table, {\n serverQuery: (sql: string) => this._serverRequest('/query', sql),\n serverExec: (sql: string) => this._serverRequest('/execute', sql),\n });\n }\n // Browser mode: reads get the public-proxy fallback so anonymous visitors\n // on deployed sites see data (the direct RPC requires a signed-in,\n // project-bound session). Writes intentionally have no fallback.\n return new QueryBuilder<T>(this.supabase!, this.projectId, table, {\n publicQuery: (sql: string) => publicReadQuery(this.projectId, sql),\n });\n }\n\n async sql<T = Record<string, unknown>>(query: string): Promise<DatabaseResult<T>> {\n const trimmed = query.trim().toLowerCase();\n if (!trimmed.startsWith('select')) {\n throw new QueryError('sql() is for read-only queries. Use execute() for mutations.');\n }\n\n if (this.serverMode) {\n return this._serverQuery<T>(query);\n }\n\n const start = Date.now();\n\n // Anonymous visitors ONLY: once a read has fallen back to the public\n // proxy, skip the doomed RPC round-trip on subsequent reads. A signed-in\n // user always goes through the RPC — their session is the authority.\n if (shouldSkipRpc() && !(await hasActiveSession(this.supabase))) {\n return this._publicFallback<T>(query, start, null);\n }\n\n const { data, error } = await this.supabase!.rpc('sdk_query_project', {\n p_project_id: this.projectId,\n p_sql: query,\n });\n const latencyMs = Date.now() - start;\n\n if (error) {\n if (publicReadAvailable() && isAuthShapedFailure(error.message) && !(await hasActiveSession(this.supabase))) {\n return this._publicFallback<T>(query, start, error.message);\n }\n trackDbEvent('db_query', { projectId: this.projectId, latencyMs, success: false, error: error.message });\n throw new QueryError(error.message, query);\n }\n if (!data.success) {\n if (publicReadAvailable() && isAuthShapedFailure(data.error) && !(await hasActiveSession(this.supabase))) {\n return this._publicFallback<T>(query, start, data.error);\n }\n trackDbEvent('db_query', { projectId: this.projectId, latencyMs, success: false, error: data.error });\n throw new QueryError(data.error || 'Query failed', query);\n }\n\n trackDbEvent('db_query', { projectId: this.projectId, latencyMs, success: true, rowCount: data.rowCount ?? 0 });\n\n return {\n success: true,\n data: data.data || [],\n rowCount: data.rowCount ?? (data.data?.length || 0),\n schema: data.schema,\n };\n }\n\n /** Read via the platform public proxy (anonymous-visitor path). */\n private async _publicFallback<T>(query: string, start: number, rpcError: string | null): Promise<DatabaseResult<T>> {\n const data = await publicReadQuery(this.projectId, query);\n const latencyMs = Date.now() - start;\n if (!data.success) {\n trackDbEvent('db_query', { projectId: this.projectId, latencyMs, success: false, error: data.error, publicProxy: true });\n // Surface the proxy's error (it is the actionable one); note the RPC error for diagnosis.\n throw new QueryError(data.error || rpcError || 'Query failed', query);\n }\n trackDbEvent('db_query', { projectId: this.projectId, latencyMs, success: true, rowCount: data.rowCount ?? 0, publicProxy: true });\n return {\n success: true,\n data: (data.data || []) as T[],\n rowCount: data.rowCount ?? (data.data?.length || 0),\n schema: data.schema,\n };\n }\n\n async execute(sql: string): Promise<MutationResult> {\n if (this.serverMode) {\n return this._serverExecute(sql);\n }\n\n const start = Date.now();\n const { data, error } = await this.supabase!.rpc('sdk_exec_project', {\n p_project_id: this.projectId,\n p_sql: sql,\n });\n const latencyMs = Date.now() - start;\n\n if (error) {\n trackDbEvent('db_mutation', { projectId: this.projectId, latencyMs, success: false, error: error.message });\n throw new QueryError(error.message, sql);\n }\n if (!data.success) {\n trackDbEvent('db_mutation', { projectId: this.projectId, latencyMs, success: false, error: data.error });\n throw new QueryError(data.error || 'Execution failed', sql);\n }\n\n trackDbEvent('db_mutation', { projectId: this.projectId, latencyMs, success: true, rowCount: data.rowCount ?? 0 });\n\n return {\n success: true,\n rowCount: data.rowCount ?? 0,\n schema: data.schema,\n executed_sql: data.executed_sql,\n };\n }\n\n async getSchema(): Promise<SchemaInfo> {\n if (this.serverMode) {\n return this._serverGetSchema();\n }\n\n const { data, error } = await this.supabase!.rpc('sdk_get_schema_info', {\n p_project_id: this.projectId,\n });\n\n if (error) throw new ConnectionError(error.message);\n\n return {\n exists: data.exists ?? false,\n schema: data.schema,\n tables: data.tables || [],\n tablesCount: data.tablesCount ?? 0,\n createdAt: data.createdAt,\n lastAccessedAt: data.lastAccessedAt,\n };\n }\n\n private async _serverRequest(endpoint: string, sql: string): Promise<ServerProxyResult> {\n const url = `${this.platformUrl}/api/platform/db/${this.projectId}${endpoint}`;\n let lastError: Error | undefined;\n\n for (let attempt = 0; attempt < MAX_RETRIES; attempt++) {\n try {\n const res = await fetch(url, {\n method: 'POST',\n headers: {\n 'Authorization': `Bearer ${this.apiKey}`,\n 'Content-Type': 'application/json',\n },\n body: JSON.stringify({ sql }),\n signal: AbortSignal.timeout(SERVER_TIMEOUT_MS),\n });\n\n if (res.status === 429) {\n const retryAfter = parseInt(res.headers.get('retry-after') || '60', 10);\n await new Promise(r => setTimeout(r, retryAfter * 1000));\n continue;\n }\n if (res.status === 503) {\n await new Promise(r => setTimeout(r, (attempt + 1) * 2000));\n continue;\n }\n\n return await res.json() as ServerProxyResult;\n } catch (e) {\n lastError = e instanceof Error ? e : new Error(String(e));\n }\n }\n\n return { success: false, error: lastError?.message || 'Request failed after retries' };\n }\n\n private async _serverQuery<T>(query: string): Promise<DatabaseResult<T>> {\n const start = Date.now();\n const result = await this._serverRequest('/query', query);\n const latencyMs = Date.now() - start;\n\n if (!result.success) {\n trackDbEvent('db_query', { projectId: this.projectId, latencyMs, success: false, error: result.error, serverMode: true });\n throw new QueryError(result.error || 'Query failed', query);\n }\n\n trackDbEvent('db_query', { projectId: this.projectId, latencyMs, success: true, rowCount: result.rowCount ?? 0, serverMode: true });\n\n return {\n success: true,\n data: (result.data || []) as T[],\n rowCount: result.rowCount ?? ((result.data as unknown[])?.length || 0),\n schema: result.schema,\n };\n }\n\n private async _serverExecute(sql: string): Promise<MutationResult> {\n const start = Date.now();\n const result = await this._serverRequest('/execute', sql);\n const latencyMs = Date.now() - start;\n\n if (!result.success) {\n trackDbEvent('db_mutation', { projectId: this.projectId, latencyMs, success: false, error: result.error, serverMode: true });\n throw new QueryError(result.error || 'Execution failed', sql);\n }\n\n trackDbEvent('db_mutation', { projectId: this.projectId, latencyMs, success: true, rowCount: result.rowCount ?? 0, serverMode: true });\n\n return {\n success: true,\n rowCount: result.rowCount ?? 0,\n schema: result.schema,\n executed_sql: result.executed_sql,\n };\n }\n\n private async _serverGetSchema(): Promise<SchemaInfo> {\n const url = `${this.platformUrl}/api/platform/db/${this.projectId}/schema`;\n let lastError: Error | undefined;\n\n for (let attempt = 0; attempt < MAX_RETRIES; attempt++) {\n try {\n const res = await fetch(url, {\n method: 'GET',\n headers: { 'Authorization': `Bearer ${this.apiKey}` },\n signal: AbortSignal.timeout(SERVER_TIMEOUT_MS),\n });\n\n if (res.status === 503) {\n await new Promise(r => setTimeout(r, (attempt + 1) * 2000));\n continue;\n }\n\n const data = await res.json() as ServerProxyResult;\n if (!data.success) throw new ConnectionError(data.error || 'Schema fetch failed');\n\n return {\n exists: data.exists ?? false,\n schema: data.schema,\n tables: (data.tables || []) as SchemaInfo['tables'],\n tablesCount: data.tablesCount ?? 0,\n createdAt: data.createdAt,\n lastAccessedAt: data.lastAccessedAt,\n };\n } catch (e) {\n lastError = e instanceof Error ? e : new Error(String(e));\n }\n }\n\n throw new ConnectionError(lastError?.message || 'Schema request failed after retries');\n }\n}\n","import { useEffect, useState, useRef } from 'react';\r\nimport { supabase, isSupabaseConfigured } from '../core/supabase';\r\nimport { env } from '../core/config';\r\n\r\ntype RealtimeEvent = 'INSERT' | 'UPDATE' | 'DELETE' | '*';\r\n\r\ninterface RealtimeOptions {\r\n event?: RealtimeEvent;\r\n filter?: string;\r\n}\r\n\r\ninterface UseRealtimeReturn<T> {\r\n data: T[];\r\n status: 'connecting' | 'connected' | 'error' | 'disabled';\r\n setData: React.Dispatch<React.SetStateAction<T[]>>;\r\n}\r\n\r\nexport function useRealtime<T extends Record<string, unknown> = Record<string, unknown>>(\r\n table: string,\r\n options: RealtimeOptions = {},\r\n): UseRealtimeReturn<T> {\r\n const [data, setData] = useState<T[]>([]);\r\n const [status, setStatus] = useState<UseRealtimeReturn<T>['status']>('connecting');\r\n const optionsRef = useRef(options);\r\n optionsRef.current = options;\r\n\r\n const projectId = env.EZC_PROJECT_ID;\r\n\r\n useEffect(() => {\r\n if (!isSupabaseConfigured || !projectId) {\r\n setStatus('disabled');\r\n return;\r\n }\r\n\r\n const schemaName = `proj_${projectId.replace(/-/g, '_')}`;\r\n const channelName = `${schemaName}_${table}_${optionsRef.current.event || 'all'}`;\r\n\r\n const channel = supabase\r\n .channel(channelName)\r\n .on(\r\n 'postgres_changes' as never,\r\n {\r\n event: optionsRef.current.event || '*',\r\n schema: schemaName,\r\n table,\r\n filter: optionsRef.current.filter,\r\n } as never,\r\n (payload: { eventType: string; new: Record<string, unknown>; old: Record<string, unknown> }) => {\r\n if (payload.eventType === 'INSERT') {\r\n setData((prev) => [...prev, payload.new as T]);\r\n } else if (payload.eventType === 'UPDATE') {\r\n setData((prev) =>\r\n prev.map((item) =>\r\n (item as Record<string, unknown>).id === (payload.new as Record<string, unknown>).id\r\n ? (payload.new as T)\r\n : item,\r\n ),\r\n );\r\n } else if (payload.eventType === 'DELETE') {\r\n setData((prev) =>\r\n prev.filter(\r\n (item) =>\r\n (item as Record<string, unknown>).id !== (payload.old as Record<string, unknown>).id,\r\n ),\r\n );\r\n }\r\n },\r\n )\r\n .subscribe((subStatus: string) => {\r\n setStatus(subStatus === 'SUBSCRIBED' ? 'connected' : 'connecting');\r\n });\r\n\r\n return () => {\r\n supabase.removeChannel(channel);\r\n };\r\n }, [projectId, table]);\r\n\r\n return { data, status, setData };\r\n}\r\n"],"mappings":";;;;;;;;;;;;;AAAA,SAAS,eAAe,YAAY,eAA+B;;;ACA5D,IAAM,gBAAN,cAA4B,MAAM;AAAA,EAIvC,YAAY,SAAiB,OAAO,kBAAkB,aAAa,KAAK;AACtE,UAAM,OAAO;AACb,SAAK,OAAO;AACZ,SAAK,OAAO;AACZ,SAAK,aAAa;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,cAAc;AAAA,EAG5C,YAAY,SAAiB,KAAc;AACzC,UAAM,SAAS,eAAe,GAAG;AACjC,SAAK,OAAO;AACZ,SAAK,MAAM;AAAA,EACb;AACF;AAEO,IAAM,kBAAN,cAA8B,cAAc;AAAA,EACjD,YAAY,SAAiB;AAC3B,UAAM,SAAS,oBAAoB,GAAG;AACtC,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,kBAAN,cAA8B,cAAc;AAAA,EACjD,YAAY,SAAiB;AAC3B,UAAM,SAAS,oBAAoB,GAAG;AACtC,SAAK,OAAO;AAAA,EACd;AACF;AAEO,IAAM,gBAAN,cAA4B,cAAc;AAAA,EAC/C,YAAY,UAAU,oBAAoB;AACxC,UAAM,SAAS,aAAa,GAAG;AAC/B,SAAK,OAAO;AAAA,EACd;AACF;AAEO,SAAS,YAAY,WAAsF;AAChH,MAAI,UAAU,QAAS,QAAO;AAC9B,QAAM,MAAM,UAAU,SAAS;AAC/B,MAAI,IAAI,SAAS,2BAA2B,EAAG,QAAO,IAAI,cAAc,GAAG;AAC3E,MAAI,IAAI,SAAS,yBAAyB,EAAG,QAAO,IAAI,gBAAgB,GAAG;AAC3E,MAAI,IAAI,SAAS,SAAS,KAAK,IAAI,SAAS,WAAW,EAAG,QAAO,IAAI,gBAAgB,GAAG;AACxF,SAAO,IAAI,WAAW,GAAG;AAC3B;;;ACvBA,IAAM,mBAAmB;AAIzB,IAAM,uBACJ;AAEK,SAAS,oBAAoB,SAA6C;AAC/E,SAAO,OAAO,YAAY,YAAY,qBAAqB,KAAK,OAAO;AACzE;AAWO,SAAS,kBAA0B;AACxC,SAAO,IAAI,4BAA4B,IAAI,4BAA4B;AACzE;AASO,SAAS,sBAA+B;AAC7C,SAAO,QAAQ,IAAI,eAAe;AACpC;AAKA,IAAI,mBAAmB;AAEhB,SAAS,gBAAyB;AACvC,SAAO,oBAAoB,oBAAoB;AACjD;AAeA,eAAsB,iBAAiBA,WAA4H;AACjK,MAAI;AACF,QAAI,CAACA,WAAU,MAAM,WAAY,QAAO;AACxC,UAAM,EAAE,KAAK,IAAI,MAAMA,UAAS,KAAK,WAAW;AAChD,WAAO,QAAQ,MAAM,OAAO;AAAA,EAC9B,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,gBAAgB,WAAmB,KAAyC;AAChG,MAAI,CAAC,oBAAoB,GAAG;AAC1B,WAAO,EAAE,SAAS,OAAO,OAAO,qEAAqE;AAAA,EACvG;AACA,MAAI;AACF,UAAM,OAAO,IAAI,gBAAgB,QAAQ,OAAO,EAAE;AAClD,UAAM,QAAQ,gBAAgB;AAE9B,UAAM,UAAkC,EAAE,gBAAgB,mBAAmB;AAG7E,QAAI,MAAO,SAAQ,wBAAwB,IAAI;AAC/C,UAAM,MAAM,MAAM,MAAM,GAAG,IAAI,oBAAoB,mBAAmB,SAAS,CAAC,UAAU;AAAA,MACxF,QAAQ;AAAA,MACR;AAAA,MACA,MAAM,KAAK,UAAU,EAAE,IAAI,CAAC;AAAA,MAC5B,QAAQ,OAAO,gBAAgB,eAAe,YAAY,UACtD,YAAY,QAAQ,gBAAgB,IACpC;AAAA,IACN,CAAC;AACD,UAAM,UAAW,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI;AAClD,QAAI,CAAC,IAAI,MAAM,CAAC,SAAS;AACvB,aAAO,EAAE,SAAS,OAAO,OAAO,SAAS,SAAS,0BAA0B,IAAI,MAAM,GAAG;AAAA,IAC3F;AACA,QAAI,QAAQ,QAAS,oBAAmB;AACxC,WAAO;AAAA,EACT,SAAS,KAAK;AACZ,UAAM,UAAU,eAAe,QAAQ,IAAI,UAAU;AACrD,WAAO,EAAE,SAAS,OAAO,OAAO,QAAQ;AAAA,EAC1C;AACF;;;ACvHA,SAAS,eAAe,OAA4B;AAClD,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,OAAO,UAAU,UAAW,QAAO,QAAQ,SAAS;AACxD,MAAI,OAAO,UAAU,UAAU;AAC7B,QAAI,CAAC,OAAO,SAAS,KAAK,EAAG,OAAM,IAAI,gBAAgB,oCAAoC;AAC3F,WAAO,OAAO,KAAK;AAAA,EACrB;AACA,SAAO,IAAI,OAAO,KAAK,EAAE,QAAQ,MAAM,IAAI,CAAC;AAC9C;AAEA,SAAS,iBAAiB,MAAsB;AAC9C,MAAI,CAAC,2BAA2B,KAAK,IAAI,GAAG;AAC1C,UAAM,IAAI,gBAAgB,uBAAuB,IAAI,EAAE;AAAA,EACzD;AACA,SAAO,IAAI,IAAI;AACjB;AAmBO,IAAM,eAAN,MAAgD;AAAA,EAkBrD,YAAYC,WAA0B,WAAmB,OAAe,aAA2B;AAZnG,SAAQ,YAAuB;AAC/B,SAAQ,gBAAgB;AACxB,SAAQ,UAAoB,CAAC;AAC7B,SAAQ,eAAyB,CAAC;AAClC,SAAQ,aAA4B;AACpC,SAAQ,cAA6B;AACrC,SAAQ,aAAmD;AAC3D,SAAQ,aAAiD;AACzD,SAAQ,iBAAgC;AACxC,SAAQ,aAAa;AACrB,SAAQ,kBAAkB;AAGxB,SAAK,WAAWA;AAChB,SAAK,YAAY;AACjB,SAAK,QAAQ;AACb,SAAK,cAAc;AAAA,EACrB;AAAA,EAEA,OAAO,UAAU,KAAW;AAC1B,SAAK,YAAY;AACjB,SAAK,gBAAgB;AACrB,WAAO;AAAA,EACT;AAAA;AAAA,EAIA,GAAG,QAAgB,OAA0B;AAC3C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,KAAK,MAAM,CAAC;AAC5C,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,QAAgB,OAA0B;AAC5C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,MAAM,MAAM,CAAC;AAC7C,WAAO;AAAA,EACT;AAAA,EAEA,GAAG,QAAgB,OAA0B;AAC3C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,KAAK,MAAM,CAAC;AAC5C,WAAO;AAAA,EACT;AAAA,EAEA,GAAG,QAAgB,OAA0B;AAC3C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,KAAK,MAAM,CAAC;AAC5C,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,QAAgB,OAA0B;AAC5C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,MAAM,MAAM,CAAC;AAC7C,WAAO;AAAA,EACT;AAAA,EAEA,IAAI,QAAgB,OAA0B;AAC5C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,MAAM,MAAM,CAAC;AAC7C,WAAO;AAAA,EACT;AAAA,EAEA,KAAK,QAAgB,SAAuB;AAC1C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,QAAQ,OAAO,QAAQ,CAAC;AACxD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,QAAgB,SAAuB;AAC3C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,SAAS,OAAO,QAAQ,CAAC;AACzD,WAAO;AAAA,EACT;AAAA,EAEA,GAAG,QAAgB,QAA6B;AAC9C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,MAAM,OAAO,OAAO,CAAC;AACrD,WAAO;AAAA,EACT;AAAA,EAEA,GAAG,QAAgB,OAA6B;AAC9C,SAAK,QAAQ,KAAK,EAAE,QAAQ,IAAI,MAAM,MAAM,CAAC;AAC7C,WAAO;AAAA,EACT;AAAA;AAAA,EAIA,MAAM,QAAgB,UAAuB,CAAC,GAAS;AACrD,UAAM,MAAM,QAAQ,cAAc,QAAQ,SAAS;AACnD,UAAM,QAAQ,QAAQ,aAAa,gBAAgB;AACnD,SAAK,aAAa,KAAK,GAAG,iBAAiB,MAAM,CAAC,IAAI,GAAG,IAAI,KAAK,EAAE;AACpE,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,OAAqB;AACzB,SAAK,aAAa;AAClB,WAAO;AAAA,EACT;AAAA,EAEA,OAAO,OAAqB;AAC1B,SAAK,cAAc;AACnB,WAAO;AAAA,EACT;AAAA;AAAA,EAIA,OAAO,SAA4E;AACjF,SAAK,YAAY;AACjB,SAAK,aAAa,MAAM,QAAQ,OAAO,IAAI,UAAU,CAAC,OAAO;AAC7D,WAAO;AAAA,EACT;AAAA,EAEA,OAAO,QAA2C;AAChD,SAAK,YAAY;AACjB,SAAK,aAAa;AAClB,WAAO;AAAA,EACT;AAAA,EAEA,SAAe;AACb,SAAK,YAAY;AACjB,WAAO;AAAA,EACT;AAAA,EAEA,OAAO,SAAsE,SAAyC;AACpH,SAAK,YAAY;AACjB,SAAK,aAAa,MAAM,QAAQ,OAAO,IAAI,UAAU,CAAC,OAAO;AAC7D,SAAK,iBAAiB,SAAS,cAAc;AAC7C,WAAO;AAAA,EACT;AAAA;AAAA,EAIA,QAAyC;AACvC,SAAK,YAAY;AACjB,WAAO;AAAA,EACT;AAAA,EAEA,SAA0B;AACxB,SAAK,aAAa;AAClB,SAAK,aAAa;AAClB,WAAO;AAAA,EACT;AAAA,EAEA,cAA+B;AAC7B,SAAK,kBAAkB;AACvB,SAAK,aAAa;AAClB,WAAO;AAAA,EACT;AAAA;AAAA,EAIQ,mBAA2B;AACjC,QAAI,KAAK,QAAQ,WAAW,EAAG,QAAO;AACtC,UAAM,aAAa,KAAK,QAAQ,IAAI,CAAC,MAAM;AACzC,YAAM,MAAM,iBAAiB,EAAE,MAAM;AACrC,UAAI,EAAE,OAAO,MAAM;AACjB,cAAM,MAAM,EAAE,UAAU,OAAO,SAAS,EAAE,QAAQ,SAAS;AAC3D,eAAO,GAAG,GAAG,OAAO,GAAG;AAAA,MACzB;AACA,UAAI,EAAE,OAAO,MAAM;AACjB,cAAM,OAAQ,EAAE,MAAwB,IAAI,cAAc,EAAE,KAAK,IAAI;AACrE,eAAO,GAAG,GAAG,QAAQ,IAAI;AAAA,MAC3B;AACA,aAAO,GAAG,GAAG,IAAI,EAAE,EAAE,IAAI,eAAe,EAAE,KAAoB,CAAC;AAAA,IACjE,CAAC;AACD,WAAO,UAAU,WAAW,KAAK,OAAO,CAAC;AAAA,EAC3C;AAAA,EAEQ,iBAAyB;AAC/B,QAAI,MAAM,UAAU,KAAK,aAAa,UAAU,KAAK,KAAK;AAC1D,WAAO,KAAK,iBAAiB;AAC7B,QAAI,KAAK,aAAa,SAAS,EAAG,QAAO,aAAa,KAAK,aAAa,KAAK,IAAI,CAAC;AAClF,QAAI,KAAK,eAAe,KAAM,QAAO,UAAU,KAAK,UAAU;AAC9D,QAAI,KAAK,gBAAgB,QAAQ,KAAK,cAAc,EAAG,QAAO,WAAW,KAAK,WAAW;AACzF,WAAO;AAAA,EACT;AAAA,EAEQ,gBAAwB;AAC9B,QAAI,MAAM,kCAAkC,KAAK,KAAK;AACtD,WAAO,KAAK,iBAAiB;AAC7B,WAAO;AAAA,EACT;AAAA,EAEQ,iBAAyB;AAC/B,QAAI,CAAC,KAAK,cAAc,KAAK,WAAW,WAAW,GAAG;AACpD,YAAM,IAAI,gBAAgB,6BAA6B;AAAA,IACzD;AACA,UAAM,UAAU,OAAO,KAAK,KAAK,WAAW,CAAC,CAAC;AAC9C,UAAM,UAAU,QAAQ,IAAI,gBAAgB,EAAE,KAAK,IAAI;AACvD,UAAM,OAAO,KAAK,WAAW;AAAA,MAC3B,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,MAAM,eAAe,IAAI,CAAC,KAAK,IAAI,CAAC,EAAE,KAAK,IAAI,CAAC;AAAA,IAC5E;AACA,WAAO,gBAAgB,KAAK,KAAK,MAAM,OAAO,YAAY,KAAK,KAAK,IAAI,CAAC;AAAA,EAC3E;AAAA,EAEQ,iBAAyB;AAC/B,QAAI,MAAM,KAAK,eAAe;AAC9B,UAAM,WAAW,KAAK,kBAAkB;AACxC,UAAM,UAAU,OAAO,KAAK,KAAK,WAAY,CAAC,CAAC;AAC/C,UAAM,aAAa,QAChB,OAAO,CAAC,MAAM,MAAM,QAAQ,EAC5B,IAAI,CAAC,MAAM,GAAG,iBAAiB,CAAC,CAAC,eAAe,iBAAiB,CAAC,CAAC,EAAE,EACrE,KAAK,IAAI;AACZ,WAAO,iBAAiB,iBAAiB,QAAQ,CAAC,mBAAmB,UAAU;AAC/E,WAAO;AAAA,EACT;AAAA,EAEQ,iBAAyB;AAC/B,QAAI,CAAC,KAAK,cAAc,OAAO,KAAK,KAAK,UAAU,EAAE,WAAW,GAAG;AACjE,YAAM,IAAI,gBAAgB,6BAA6B;AAAA,IACzD;AACA,QAAI,KAAK,QAAQ,WAAW,GAAG;AAC7B,YAAM,IAAI,gBAAgB,yEAAoE;AAAA,IAChG;AACA,UAAM,aAAa,OAAO,QAAQ,KAAK,UAAU,EAC9C,IAAI,CAAC,CAAC,KAAK,GAAG,MAAM,GAAG,iBAAiB,GAAG,CAAC,MAAM,eAAe,GAAG,CAAC,EAAE,EACvE,KAAK,IAAI;AACZ,WAAO,WAAW,KAAK,KAAK,SAAS,UAAU,GAAG,KAAK,iBAAiB,CAAC;AAAA,EAC3E;AAAA,EAEQ,iBAAyB;AAC/B,QAAI,KAAK,QAAQ,WAAW,GAAG;AAC7B,YAAM,IAAI,gBAAgB,yEAAoE;AAAA,IAChG;AACA,WAAO,gBAAgB,KAAK,KAAK,IAAI,KAAK,iBAAiB,CAAC;AAAA,EAC9D;AAAA;AAAA,EAIA,MAAc,eAA2C;AACvD,UAAM,SAAS,KAAK,cAAc,YAAY,KAAK,cAAc;AAEjE,QAAI;AACJ,YAAQ,KAAK,WAAW;AAAA,MACtB,KAAK;AAAU,cAAM,KAAK,eAAe;AAAG;AAAA,MAC5C,KAAK;AAAS,cAAM,KAAK,cAAc;AAAG;AAAA,MAC1C,KAAK;AAAU,cAAM,KAAK,eAAe;AAAG;AAAA,MAC5C,KAAK;AAAU,cAAM,KAAK,eAAe;AAAG;AAAA,MAC5C,KAAK;AAAU,cAAM,KAAK,eAAe;AAAG;AAAA,MAC5C,KAAK;AAAU,cAAM,KAAK,eAAe;AAAG;AAAA,MAC5C;AAAS,cAAM,IAAI,WAAW,sBAAsB,KAAK,SAAS,EAAE;AAAA,IACtE;AAGA,QAAI,KAAK,aAAa,eAAe,KAAK,aAAa,YAAY;AACjE,YAAM,KAAK,SAAS,KAAK,YAAY,cAAc,KAAK,YAAY;AACpE,YAAMC,QAAO,MAAM,GAAG,GAAG;AACzB,UAAI,CAACA,MAAK,SAAS;AACjB,cAAM,UAAU,YAAYA,KAAI;AAChC,YAAI,QAAS,OAAM;AACnB,cAAM,IAAI,WAAWA,MAAK,SAAS,gBAAgB,GAAG;AAAA,MACxD;AACA,aAAO;AAAA,QACL,SAAS;AAAA,QACT,MAAO,SAASA,MAAK,QAAQ,CAAC,IAAI,CAAC;AAAA,QACnC,UAAUA,MAAK,aAAa,SAAUA,MAAK,MAAM,UAAU,IAAK;AAAA,QAChE,QAAQA,MAAK;AAAA,MACf;AAAA,IACF;AAKA,UAAM,cAAc,KAAK,aAAa;AACtC,QAAI,UAAU,eAAe,cAAc,KAAK,CAAE,MAAM,iBAAiB,KAAK,QAAQ,GAAI;AACxF,aAAO,KAAK,eAAe,aAAa,GAAG;AAAA,IAC7C;AAEA,UAAM,UAAU,SAAS,sBAAsB;AAC/C,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,KAAK,SAAS,IAAI,SAAS;AAAA,MACvD,cAAc,KAAK;AAAA,MACnB,OAAO;AAAA,IACT,CAAC;AAED,QAAI,OAAO;AACT,UAAI,UAAU,eAAe,oBAAoB,MAAM,OAAO,KAAK,CAAE,MAAM,iBAAiB,KAAK,QAAQ,GAAI;AAC3G,eAAO,KAAK,eAAe,aAAa,KAAK,MAAM,OAAO;AAAA,MAC5D;AACA,YAAM,IAAI,WAAW,MAAM,SAAS,GAAG;AAAA,IACzC;AAEA,QAAI,CAAC,KAAK,SAAS;AACjB,UAAI,UAAU,eAAe,oBAAoB,KAAK,KAAK,KAAK,CAAE,MAAM,iBAAiB,KAAK,QAAQ,GAAI;AACxG,eAAO,KAAK,eAAe,aAAa,KAAK,KAAK,KAAK;AAAA,MACzD;AACA,YAAM,UAAU,YAAY,IAAI;AAChC,UAAI,QAAS,OAAM;AACnB,YAAM,IAAI,WAAW,KAAK,SAAS,gBAAgB,GAAG;AAAA,IACxD;AAEA,QAAI,QAAQ;AACV,aAAO;AAAA,QACL,SAAS;AAAA,QACT,MAAM,KAAK,QAAQ,CAAC;AAAA,QACpB,UAAU,KAAK,aAAa,KAAK,MAAM,UAAU;AAAA,QACjD,QAAQ,KAAK;AAAA,MACf;AAAA,IACF;AAEA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,MAAM,CAAC;AAAA,MACP,UAAU,KAAK,YAAY;AAAA,MAC3B,QAAQ,KAAK;AAAA,IACf;AAAA,EACF;AAAA;AAAA,EAGA,MAAc,eACZ,aACA,KACA,UAC4B;AAC5B,UAAM,OAAO,MAAM,YAAY,GAAG;AAClC,QAAI,CAAC,KAAK,SAAS;AACjB,YAAM,UAAU,YAAY,IAAI;AAChC,UAAI,QAAS,OAAM;AACnB,YAAM,IAAI,WAAW,KAAK,SAAS,YAAY,gBAAgB,GAAG;AAAA,IACpE;AACA,WAAO;AAAA,MACL,SAAS;AAAA,MACT,MAAO,KAAK,QAAQ,CAAC;AAAA,MACrB,UAAU,KAAK,aAAa,KAAK,MAAM,UAAU;AAAA,MACjD,QAAQ,KAAK;AAAA,IACf;AAAA,EACF;AAAA,EAEA,KACE,aACA,YAC8B;AAC9B,UAAM,UAAU,KAAK,aAAa,EAAE,KAAK,CAAC,WAAW;AACnD,UAAI,KAAK,YAAY;AACnB,YAAI,OAAO,KAAK,WAAW,GAAG;AAC5B,gBAAM,IAAI,WAAW,iCAAiC;AAAA,QACxD;AACA,eAAO,EAAE,SAAS,MAAM,MAAM,OAAO,KAAK,CAAC,GAAG,OAAO,OAAU;AAAA,MACjE;AACA,UAAI,KAAK,iBAAiB;AACxB,eAAO;AAAA,UACL,SAAS;AAAA,UACT,MAAM,OAAO,KAAK,SAAS,IAAI,OAAO,KAAK,CAAC,IAAI;AAAA,UAChD,OAAO;AAAA,QACT;AAAA,MACF;AACA,aAAO;AAAA,IACT,CAAC;AACD,WAAO,QAAQ,KAAK,aAAa,UAAU;AAAA,EAC7C;AACF;;;AC1XA,SAAS,aAAa,OAAe,OAAgC;AACnE,MAAI,CAAC,SAAS,UAAW;AACzB,MAAI;AAAE,YAAQ,UAAU,MAAM,OAAO,KAAK;AAAA,EAAG,QAAQ;AAAA,EAAqB;AAC5E;AAgBA,IAAM,cAAc;AACpB,IAAM,oBAAoB;AAEnB,IAAM,iBAAN,MAAM,gBAAe;AAAA,EAO1B,YAAYC,WAAiC,WAAmB;AAFhE,SAAQ,aAAsB;AAG5B,SAAK,WAAWA;AAChB,SAAK,YAAY;AAAA,EACnB;AAAA,EAEA,OAAO,mBACL,WACA,QACA,aACgB;AAChB,UAAM,SAAS,IAAI,gBAAe,MAAM,SAAS;AACjD,WAAO,SAAS;AAChB,WAAO,cAAc,eACf,OAAO,YAAY,eAAe,QAAQ,KAAK,mBAChD;AACL,WAAO,aAAa;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,KAAkC,OAAgC;AAChE,QAAI,KAAK,YAAY;AACnB,aAAO,IAAI,aAAgB,MAAmC,KAAK,WAAW,OAAO;AAAA,QACnF,aAAa,CAAC,QAAgB,KAAK,eAAe,UAAU,GAAG;AAAA,QAC/D,YAAY,CAAC,QAAgB,KAAK,eAAe,YAAY,GAAG;AAAA,MAClE,CAAC;AAAA,IACH;AAIA,WAAO,IAAI,aAAgB,KAAK,UAAW,KAAK,WAAW,OAAO;AAAA,MAChE,aAAa,CAAC,QAAgB,gBAAgB,KAAK,WAAW,GAAG;AAAA,IACnE,CAAC;AAAA,EACH;AAAA,EAEA,MAAM,IAAiC,OAA2C;AAChF,UAAM,UAAU,MAAM,KAAK,EAAE,YAAY;AACzC,QAAI,CAAC,QAAQ,WAAW,QAAQ,GAAG;AACjC,YAAM,IAAI,WAAW,8DAA8D;AAAA,IACrF;AAEA,QAAI,KAAK,YAAY;AACnB,aAAO,KAAK,aAAgB,KAAK;AAAA,IACnC;AAEA,UAAM,QAAQ,KAAK,IAAI;AAKvB,QAAI,cAAc,KAAK,CAAE,MAAM,iBAAiB,KAAK,QAAQ,GAAI;AAC/D,aAAO,KAAK,gBAAmB,OAAO,OAAO,IAAI;AAAA,IACnD;AAEA,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,KAAK,SAAU,IAAI,qBAAqB;AAAA,MACpE,cAAc,KAAK;AAAA,MACnB,OAAO;AAAA,IACT,CAAC;AACD,UAAM,YAAY,KAAK,IAAI,IAAI;AAE/B,QAAI,OAAO;AACT,UAAI,oBAAoB,KAAK,oBAAoB,MAAM,OAAO,KAAK,CAAE,MAAM,iBAAiB,KAAK,QAAQ,GAAI;AAC3G,eAAO,KAAK,gBAAmB,OAAO,OAAO,MAAM,OAAO;AAAA,MAC5D;AACA,mBAAa,YAAY,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,OAAO,OAAO,MAAM,QAAQ,CAAC;AACvG,YAAM,IAAI,WAAW,MAAM,SAAS,KAAK;AAAA,IAC3C;AACA,QAAI,CAAC,KAAK,SAAS;AACjB,UAAI,oBAAoB,KAAK,oBAAoB,KAAK,KAAK,KAAK,CAAE,MAAM,iBAAiB,KAAK,QAAQ,GAAI;AACxG,eAAO,KAAK,gBAAmB,OAAO,OAAO,KAAK,KAAK;AAAA,MACzD;AACA,mBAAa,YAAY,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,OAAO,OAAO,KAAK,MAAM,CAAC;AACpG,YAAM,IAAI,WAAW,KAAK,SAAS,gBAAgB,KAAK;AAAA,IAC1D;AAEA,iBAAa,YAAY,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,MAAM,UAAU,KAAK,YAAY,EAAE,CAAC;AAE9G,WAAO;AAAA,MACL,SAAS;AAAA,MACT,MAAM,KAAK,QAAQ,CAAC;AAAA,MACpB,UAAU,KAAK,aAAa,KAAK,MAAM,UAAU;AAAA,MACjD,QAAQ,KAAK;AAAA,IACf;AAAA,EACF;AAAA;AAAA,EAGA,MAAc,gBAAmB,OAAe,OAAe,UAAqD;AAClH,UAAM,OAAO,MAAM,gBAAgB,KAAK,WAAW,KAAK;AACxD,UAAM,YAAY,KAAK,IAAI,IAAI;AAC/B,QAAI,CAAC,KAAK,SAAS;AACjB,mBAAa,YAAY,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,OAAO,OAAO,KAAK,OAAO,aAAa,KAAK,CAAC;AAEvH,YAAM,IAAI,WAAW,KAAK,SAAS,YAAY,gBAAgB,KAAK;AAAA,IACtE;AACA,iBAAa,YAAY,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,MAAM,UAAU,KAAK,YAAY,GAAG,aAAa,KAAK,CAAC;AACjI,WAAO;AAAA,MACL,SAAS;AAAA,MACT,MAAO,KAAK,QAAQ,CAAC;AAAA,MACrB,UAAU,KAAK,aAAa,KAAK,MAAM,UAAU;AAAA,MACjD,QAAQ,KAAK;AAAA,IACf;AAAA,EACF;AAAA,EAEA,MAAM,QAAQ,KAAsC;AAClD,QAAI,KAAK,YAAY;AACnB,aAAO,KAAK,eAAe,GAAG;AAAA,IAChC;AAEA,UAAM,QAAQ,KAAK,IAAI;AACvB,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,KAAK,SAAU,IAAI,oBAAoB;AAAA,MACnE,cAAc,KAAK;AAAA,MACnB,OAAO;AAAA,IACT,CAAC;AACD,UAAM,YAAY,KAAK,IAAI,IAAI;AAE/B,QAAI,OAAO;AACT,mBAAa,eAAe,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,OAAO,OAAO,MAAM,QAAQ,CAAC;AAC1G,YAAM,IAAI,WAAW,MAAM,SAAS,GAAG;AAAA,IACzC;AACA,QAAI,CAAC,KAAK,SAAS;AACjB,mBAAa,eAAe,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,OAAO,OAAO,KAAK,MAAM,CAAC;AACvG,YAAM,IAAI,WAAW,KAAK,SAAS,oBAAoB,GAAG;AAAA,IAC5D;AAEA,iBAAa,eAAe,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,MAAM,UAAU,KAAK,YAAY,EAAE,CAAC;AAEjH,WAAO;AAAA,MACL,SAAS;AAAA,MACT,UAAU,KAAK,YAAY;AAAA,MAC3B,QAAQ,KAAK;AAAA,MACb,cAAc,KAAK;AAAA,IACrB;AAAA,EACF;AAAA,EAEA,MAAM,YAAiC;AACrC,QAAI,KAAK,YAAY;AACnB,aAAO,KAAK,iBAAiB;AAAA,IAC/B;AAEA,UAAM,EAAE,MAAM,MAAM,IAAI,MAAM,KAAK,SAAU,IAAI,uBAAuB;AAAA,MACtE,cAAc,KAAK;AAAA,IACrB,CAAC;AAED,QAAI,MAAO,OAAM,IAAI,gBAAgB,MAAM,OAAO;AAElD,WAAO;AAAA,MACL,QAAQ,KAAK,UAAU;AAAA,MACvB,QAAQ,KAAK;AAAA,MACb,QAAQ,KAAK,UAAU,CAAC;AAAA,MACxB,aAAa,KAAK,eAAe;AAAA,MACjC,WAAW,KAAK;AAAA,MAChB,gBAAgB,KAAK;AAAA,IACvB;AAAA,EACF;AAAA,EAEA,MAAc,eAAe,UAAkB,KAAyC;AACtF,UAAM,MAAM,GAAG,KAAK,WAAW,oBAAoB,KAAK,SAAS,GAAG,QAAQ;AAC5E,QAAI;AAEJ,aAAS,UAAU,GAAG,UAAU,aAAa,WAAW;AACtD,UAAI;AACF,cAAM,MAAM,MAAM,MAAM,KAAK;AAAA,UAC3B,QAAQ;AAAA,UACR,SAAS;AAAA,YACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,YACtC,gBAAgB;AAAA,UAClB;AAAA,UACA,MAAM,KAAK,UAAU,EAAE,IAAI,CAAC;AAAA,UAC5B,QAAQ,YAAY,QAAQ,iBAAiB;AAAA,QAC/C,CAAC;AAED,YAAI,IAAI,WAAW,KAAK;AACtB,gBAAM,aAAa,SAAS,IAAI,QAAQ,IAAI,aAAa,KAAK,MAAM,EAAE;AACtE,gBAAM,IAAI,QAAQ,OAAK,WAAW,GAAG,aAAa,GAAI,CAAC;AACvD;AAAA,QACF;AACA,YAAI,IAAI,WAAW,KAAK;AACtB,gBAAM,IAAI,QAAQ,OAAK,WAAW,IAAI,UAAU,KAAK,GAAI,CAAC;AAC1D;AAAA,QACF;AAEA,eAAO,MAAM,IAAI,KAAK;AAAA,MACxB,SAAS,GAAG;AACV,oBAAY,aAAa,QAAQ,IAAI,IAAI,MAAM,OAAO,CAAC,CAAC;AAAA,MAC1D;AAAA,IACF;AAEA,WAAO,EAAE,SAAS,OAAO,OAAO,WAAW,WAAW,+BAA+B;AAAA,EACvF;AAAA,EAEA,MAAc,aAAgB,OAA2C;AACvE,UAAM,QAAQ,KAAK,IAAI;AACvB,UAAM,SAAS,MAAM,KAAK,eAAe,UAAU,KAAK;AACxD,UAAM,YAAY,KAAK,IAAI,IAAI;AAE/B,QAAI,CAAC,OAAO,SAAS;AACnB,mBAAa,YAAY,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,OAAO,OAAO,OAAO,OAAO,YAAY,KAAK,CAAC;AACxH,YAAM,IAAI,WAAW,OAAO,SAAS,gBAAgB,KAAK;AAAA,IAC5D;AAEA,iBAAa,YAAY,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,MAAM,UAAU,OAAO,YAAY,GAAG,YAAY,KAAK,CAAC;AAElI,WAAO;AAAA,MACL,SAAS;AAAA,MACT,MAAO,OAAO,QAAQ,CAAC;AAAA,MACvB,UAAU,OAAO,aAAc,OAAO,MAAoB,UAAU;AAAA,MACpE,QAAQ,OAAO;AAAA,IACjB;AAAA,EACF;AAAA,EAEA,MAAc,eAAe,KAAsC;AACjE,UAAM,QAAQ,KAAK,IAAI;AACvB,UAAM,SAAS,MAAM,KAAK,eAAe,YAAY,GAAG;AACxD,UAAM,YAAY,KAAK,IAAI,IAAI;AAE/B,QAAI,CAAC,OAAO,SAAS;AACnB,mBAAa,eAAe,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,OAAO,OAAO,OAAO,OAAO,YAAY,KAAK,CAAC;AAC3H,YAAM,IAAI,WAAW,OAAO,SAAS,oBAAoB,GAAG;AAAA,IAC9D;AAEA,iBAAa,eAAe,EAAE,WAAW,KAAK,WAAW,WAAW,SAAS,MAAM,UAAU,OAAO,YAAY,GAAG,YAAY,KAAK,CAAC;AAErI,WAAO;AAAA,MACL,SAAS;AAAA,MACT,UAAU,OAAO,YAAY;AAAA,MAC7B,QAAQ,OAAO;AAAA,MACf,cAAc,OAAO;AAAA,IACvB;AAAA,EACF;AAAA,EAEA,MAAc,mBAAwC;AACpD,UAAM,MAAM,GAAG,KAAK,WAAW,oBAAoB,KAAK,SAAS;AACjE,QAAI;AAEJ,aAAS,UAAU,GAAG,UAAU,aAAa,WAAW;AACtD,UAAI;AACF,cAAM,MAAM,MAAM,MAAM,KAAK;AAAA,UAC3B,QAAQ;AAAA,UACR,SAAS,EAAE,iBAAiB,UAAU,KAAK,MAAM,GAAG;AAAA,UACpD,QAAQ,YAAY,QAAQ,iBAAiB;AAAA,QAC/C,CAAC;AAED,YAAI,IAAI,WAAW,KAAK;AACtB,gBAAM,IAAI,QAAQ,OAAK,WAAW,IAAI,UAAU,KAAK,GAAI,CAAC;AAC1D;AAAA,QACF;AAEA,cAAM,OAAO,MAAM,IAAI,KAAK;AAC5B,YAAI,CAAC,KAAK,QAAS,OAAM,IAAI,gBAAgB,KAAK,SAAS,qBAAqB;AAEhF,eAAO;AAAA,UACL,QAAQ,KAAK,UAAU;AAAA,UACvB,QAAQ,KAAK;AAAA,UACb,QAAS,KAAK,UAAU,CAAC;AAAA,UACzB,aAAa,KAAK,eAAe;AAAA,UACjC,WAAW,KAAK;AAAA,UAChB,gBAAgB,KAAK;AAAA,QACvB;AAAA,MACF,SAAS,GAAG;AACV,oBAAY,aAAa,QAAQ,IAAI,IAAI,MAAM,OAAO,CAAC,CAAC;AAAA,MAC1D;AAAA,IACF;AAEA,UAAM,IAAI,gBAAgB,WAAW,WAAW,qCAAqC;AAAA,EACvF;AACF;;;AJ9QS;AArBT,IAAM,kBAAkB,cAAoC;AAAA,EAC1D,IAAI;AAAA,EACJ,cAAc;AAChB,CAAC;AAOM,SAAS,iBAAiB,EAAE,UAAU,UAAU,GAA0B;AAC/E,QAAM,oBAAoB,aAAa,IAAI;AAC3C,QAAM,aAAa,wBAAwB,QAAQ,iBAAiB;AAEpE,QAAM,KAAK;AAAA,IACT,MAAO,aAAa,IAAI,eAAe,UAAU,iBAAiB,IAAI;AAAA,IACtE,CAAC,YAAY,iBAAiB;AAAA,EAChC;AAEA,QAAM,QAAQ,QAAQ,OAAO,EAAE,IAAI,cAAc,WAAW,IAAI,CAAC,IAAI,UAAU,CAAC;AAEhF,SAAO,oBAAC,gBAAgB,UAAhB,EAAyB,OAAe,UAAS;AAC3D;AAEO,SAAS,cAA8B;AAC5C,QAAM,EAAE,GAAG,IAAI,WAAW,eAAe;AACzC,MAAI,CAAC,IAAI;AACP,UAAM,IAAI;AAAA,MACR;AAAA,IAEF;AAAA,EACF;AACA,SAAO;AACT;AAEO,SAAS,sBAA6C;AAC3D,QAAM,EAAE,GAAG,IAAI,WAAW,eAAe;AACzC,SAAO;AACT;AAEO,SAAS,0BAAmC;AACjD,QAAM,EAAE,aAAa,IAAI,WAAW,eAAe;AACnD,SAAO;AACT;;;AKrDA,SAAS,WAAW,UAAU,cAAc;AAiBrC,SAAS,YACd,OACA,UAA2B,CAAC,GACN;AACtB,QAAM,CAAC,MAAM,OAAO,IAAI,SAAc,CAAC,CAAC;AACxC,QAAM,CAAC,QAAQ,SAAS,IAAI,SAAyC,YAAY;AACjF,QAAM,aAAa,OAAO,OAAO;AACjC,aAAW,UAAU;AAErB,QAAM,YAAY,IAAI;AAEtB,YAAU,MAAM;AACd,QAAI,CAAC,wBAAwB,CAAC,WAAW;AACvC,gBAAU,UAAU;AACpB;AAAA,IACF;AAEA,UAAM,aAAa,QAAQ,UAAU,QAAQ,MAAM,GAAG,CAAC;AACvD,UAAM,cAAc,GAAG,UAAU,IAAI,KAAK,IAAI,WAAW,QAAQ,SAAS,KAAK;AAE/E,UAAM,UAAU,SACb,QAAQ,WAAW,EACnB;AAAA,MACC;AAAA,MACA;AAAA,QACE,OAAO,WAAW,QAAQ,SAAS;AAAA,QACnC,QAAQ;AAAA,QACR;AAAA,QACA,QAAQ,WAAW,QAAQ;AAAA,MAC7B;AAAA,MACA,CAAC,YAA+F;AAC9F,YAAI,QAAQ,cAAc,UAAU;AAClC,kBAAQ,CAAC,SAAS,CAAC,GAAG,MAAM,QAAQ,GAAQ,CAAC;AAAA,QAC/C,WAAW,QAAQ,cAAc,UAAU;AACzC;AAAA,YAAQ,CAAC,SACP,KAAK;AAAA,cAAI,CAAC,SACP,KAAiC,OAAQ,QAAQ,IAAgC,KAC7E,QAAQ,MACT;AAAA,YACN;AAAA,UACF;AAAA,QACF,WAAW,QAAQ,cAAc,UAAU;AACzC;AAAA,YAAQ,CAAC,SACP,KAAK;AAAA,cACH,CAAC,SACE,KAAiC,OAAQ,QAAQ,IAAgC;AAAA,YACtF;AAAA,UACF;AAAA,QACF;AAAA,MACF;AAAA,IACF,EACC,UAAU,CAAC,cAAsB;AAChC,gBAAU,cAAc,eAAe,cAAc,YAAY;AAAA,IACnE,CAAC;AAEH,WAAO,MAAM;AACX,eAAS,cAAc,OAAO;AAAA,IAChC;AAAA,EACF,GAAG,CAAC,WAAW,KAAK,CAAC;AAErB,SAAO,EAAE,MAAM,QAAQ,QAAQ;AACjC;","names":["supabase","supabase","data","supabase"]}